Last active
February 21, 2019 06:14
-
-
Save Cretezy/8927cfce6166887331de40d293a765a5 to your computer and use it in GitHub Desktop.
Node signing helper
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import crypto from "crypto"; | |
| const separator = ":"; | |
| export function sign(content, secret) { | |
| const signature = generateSignature(content, secret); | |
| return { | |
| signature, | |
| content, | |
| signedContent: join(content, signature) | |
| }; | |
| } | |
| export function verify(signedContent, secret) { | |
| const { signature, content } = separate(signedContent); | |
| const signatureCheck = generateSignature(content, secret); | |
| const signatureCheckBuffer = Buffer.from(signatureCheck); | |
| const signatureBuffer = Buffer.from(signature); | |
| return { | |
| result: | |
| signatureCheckBuffer.length === signatureBuffer.length && | |
| crypto.timingSafeEqual(signatureCheckBuffer, signatureBuffer), | |
| content, | |
| signature, | |
| signedContent | |
| }; | |
| } | |
| export function generateSignature(content, secret) { | |
| const hmac = crypto.createHmac("sha256", secret); | |
| hmac.update(content); | |
| return hmac.digest("hex"); | |
| } | |
| export function separate(signed) { | |
| const parts = signed.split(separator); | |
| const signature = parts.pop(); | |
| const content = parts.join(separator); | |
| return { | |
| content, | |
| signature | |
| }; | |
| } | |
| export const join = (content, hash) => content + separator + hash; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import crypto from "crypto"; | |
| const sessionSecret = "my-super-secret"; | |
| const separator = ":"; | |
| type Signature = { | |
| signature: string; | |
| content: string; | |
| signedContent: string; | |
| result?: boolean; | |
| }; | |
| export function sign(content: string): Signature { | |
| const signature = generateSignature(content); | |
| return { | |
| signature, | |
| content, | |
| signedContent: join(content, signature) | |
| }; | |
| } | |
| export function verify(signedContent: string): Signature { | |
| const { signature, content } = separate(signedContent); | |
| const signatureCheck = generateSignature(content); | |
| const signatureCheckBuffer = Buffer.from(signatureCheck); | |
| const signatureBuffer = Buffer.from(signature); | |
| return { | |
| result: | |
| signatureCheckBuffer.length === signatureBuffer.length && | |
| crypto.timingSafeEqual(signatureCheckBuffer, signatureBuffer), | |
| content, | |
| signature, | |
| signedContent | |
| }; | |
| } | |
| export function generateSignature(content) { | |
| const hmac = crypto.createHmac("sha256", sessionSecret); | |
| hmac.update(content); | |
| return hmac.digest("hex"); | |
| } | |
| export function separate(signed) { | |
| const parts = signed.split(separator); | |
| const signature = parts.pop(); | |
| const content = parts.join(separator); | |
| return { | |
| content, | |
| signature | |
| }; | |
| } | |
| export const join = (content, hash) => `${content}${separator}${hash}`; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment