100 lines
3 KiB
JavaScript
Executable file
100 lines
3 KiB
JavaScript
Executable file
/* jslint node: true */
|
|
'use strict';
|
|
|
|
var assert = require('assert');
|
|
var binding = require('../build/Release/sodium');
|
|
var OneTimeKey = require('./keys/onetime-key');
|
|
var toBuffer = require('./toBuffer');
|
|
|
|
/**
|
|
* One Time Message Authentication
|
|
*
|
|
*
|
|
* The secretKey *MUST* remain secret or an attacker could forge valid
|
|
* authenticator tokens
|
|
*
|
|
* If key is not given a new random key is generated
|
|
*
|
|
* @param {String|Buffer|Array} [secretKey] A valid auth secret key
|
|
* @constructor
|
|
*/
|
|
module.exports = function OneTimeAuth(secretKey, encoding) {
|
|
var self = this;
|
|
|
|
/** default encoding to use in all string operations */
|
|
self.defaultEncoding = undefined;
|
|
|
|
// Init key
|
|
self.secretKey = new OneTimeKey(secretKey, encoding);
|
|
|
|
/** Size of the authentication token */
|
|
self.bytes = function() {
|
|
return binding.crypto_onetimeauth_BYTES;
|
|
};
|
|
|
|
/** String name of the default crypto primitive used in onetimeauth operations */
|
|
self.primitive = function() {
|
|
return binding.crypto_onetimeauth_PRIMITIVE;
|
|
};
|
|
|
|
/**
|
|
* Get the auth-key secret key object
|
|
* @returns {AuthKey|*}
|
|
*/
|
|
self.key = function() {
|
|
return self.secretKey;
|
|
};
|
|
|
|
/**
|
|
* Set the default encoding to use in all string conversions
|
|
* @param {String} encoding encoding to use
|
|
*/
|
|
self.setEncoding = function(encoding) {
|
|
assert(!!encoding.match(/^(?:utf8|ascii|binary|hex|utf16le|ucs2|base64)$/), 'Encoding ' + encoding + ' is currently unsupported.');
|
|
self.defaultEncoding = encoding;
|
|
};
|
|
|
|
/**
|
|
* Get the current default encoding
|
|
* @returns {undefined|String}
|
|
*/
|
|
self.getEncoding = function() {
|
|
return self.defaultEncoding;
|
|
};
|
|
|
|
/**
|
|
* Generate authentication token for message, based on the secret key
|
|
*
|
|
* @param {string|Buffer|Array} message message to authenticate
|
|
* @param {String} [encoding ] If v is a string you can specify the encoding
|
|
*/
|
|
self.generate = function(message, encoding) {
|
|
if( !encoding && !self.defaultEncoding ) {
|
|
throw new Error('Auth: please set enconding');
|
|
}
|
|
encoding = encoding || self.defaultEncoding;
|
|
var messageBuf = toBuffer(message, encoding);
|
|
return binding.crypto_onetimeauth(messageBuf, self.secretKey.get());
|
|
};
|
|
|
|
/**
|
|
* Checks if the token authenticates the message
|
|
*
|
|
* @param {String|Buffer|Array} token message token
|
|
* @param {String|Buffer|Array} message message to authenticate
|
|
* @param {String} [encoding] If v is a string you can specify the encoding
|
|
*/
|
|
self.validate = function(token, message, encoding) {
|
|
if(!self.secretKey) {
|
|
throw new Error('Auth: no secret key found');
|
|
}
|
|
|
|
encoding = encoding || self.defaultEncoding;
|
|
|
|
var tokenBuf = toBuffer(token, encoding);
|
|
var messageBuf = toBuffer(message, encoding);
|
|
|
|
return binding.crypto_onetimeauth_verify(tokenBuf, messageBuf, self.secretKey.get()) ? false : true;
|
|
};
|
|
};
|