better

browserify · Jan 12, 2015 · 5077b98 · 5077b98
1 parent 2e1bf48
commit 5077b98
Show file tree

Hide file tree

Showing 7 changed files with 272 additions and 26 deletions.
diff --git a/algos.js b/algos.js
@@ -33,6 +33,31 @@ exports.DSA = exports['DSA-SHA1'] = exports['DSA-SHA'] = {
   hash: 'sha1',
   id: new Buffer('', 'hex')
 };
+exports['DSA-SHA224'] = {
+  sign: 'dsa',
+  hash: 'sha224',
+  id: new Buffer('', 'hex')
+};
+exports['DSA-SHA256'] = {
+  sign: 'dsa',
+  hash: 'sha256',
+  id: new Buffer('', 'hex')
+};
+exports['DSA-SHA384'] = {
+  sign: 'dsa',
+  hash: 'sha384',
+  id: new Buffer('', 'hex')
+};
+exports['DSA-SHA512'] = {
+  sign: 'dsa',
+  hash: 'sha512',
+  id: new Buffer('', 'hex')
+};
+exports['DSA-RIPEMD160'] = {
+  sign: 'dsa',
+  hash: 'rmd160',
+  id: new Buffer('', 'hex')
+};
 exports['RSA-RIPEMD160'] = exports.ripemd160WithRSA = {
   sign: 'rsa',
   hash: 'rmd160',

diff --git a/algos.json b/algos.json
@@ -0,0 +1,15 @@
+{
+  "sha1":"da39a3ee 5e6b4b0d 3255bfef 95601890 afd80709",
+
+  "sha224":"d14a028c 2a3a2bc9 476102bb 288234c4 15a2b01f 828ea62a c5b3e42f",
+
+  "sha256": "e3b0c442 98fc1c14 9afbf4c8 996fb924 27ae41e4 649b934c a495991b 7852b855",
+
+  "sha384": "38b060a7 51ac9638 4cd9327e b1b1e36a 21fdb711 14be0743 4c0cc7bf 63f6e1da 274edebf e76f65fb d51ad2f1 4898b95b",
+
+  "sha512": "cf83e135 7eefb8bd f1542850 d66d8007 d620e405 0b5715dc 83f4a921 d36ce9ce 47d0d13c 5d85f2b0 ff8318d2 877eec2f 63b931bd 47417a81 a538327a f927da3e",
+
+  "sha512/224": "6ed0dd02 806fa89e 25de060c 19d3ac86 cabb87d6 a0ddd05c 333b84f4",
+
+  "sha512/256": "c672b8d1 ef56ed28 ab87c362 2c511406 9bdd3ad7 b8f97374 98d0c01e cef0967a"
+}
diff --git a/inject.js b/inject.js
@@ -2,7 +2,11 @@ var sign = require('./sign');
 var verify = require('./verify');
 var stream = require('stream');
 var inherits = require('inherits');
-var algos = require('./algos');
+var _algos = require('./algos');
+var algos = {};
+Object.keys(_algos).forEach(function (key) {
+	algos[key] = algos[key.toLowerCase()] = _algos[key];
+});
 'use strict';
 module.exports = function (exports, crypto) {
 	exports.createSign = exports.Sign = createSign;
@@ -22,6 +26,7 @@ function Sign(algorithm, crypto) {
 	if (!data) {
 		throw new Error('Unknown message digest');
 	}
+	this._hashType = data.hash;
 	this._hash = crypto.createHash(data.hash);
 	this._tag = data.id;
 	this._crypto = crypto;
@@ -38,7 +43,7 @@ Sign.prototype.update = function update(data) {
 Sign.prototype.sign = function signMethod(key, enc) {
 	this.end();
 	var hash = this._hash.digest();
-	var sig = sign(Buffer.concat([this._tag, hash]), key, this._crypto);
+	var sig = sign(Buffer.concat([this._tag, hash]), key, this._hashType, this._crypto);
 	if (enc) {
 		sig = sig.toString(enc);
 	}

diff --git a/sign.js b/sign.js
@@ -4,12 +4,12 @@ var bn = require('bn.js');
 var elliptic = require('elliptic');
 var crt = require("browserify-rsa");
 module.exports = sign;
-function sign(hash, key, crypto) {
+function sign(hash, key, hashType, crypto) {
   var priv = parseKeys(key, crypto);
   if (priv.curve) {
     return ecSign(hash, priv, crypto);
   } else if (priv.type === 'dsa') {
-    return dsaSign(hash, priv, crypto);
+    return dsaSign(hash, priv, hashType, crypto);
   }
   var len = priv.modulus.byteLength();
   var pad = [ 0, 1 ];
@@ -36,23 +36,21 @@ function ecSign(hash, priv, crypto) {
   var out = key.sign(hash);
   return new Buffer(out.toDER());
 }
-function dsaSign(hash, priv, crypto) {
+function dsaSign(hash, priv, algo, crypto) {
   var x = priv.params.priv_key;
   var p = priv.params.p;
   var q = priv.params.q;
   var montq = bn.mont(q);
   var g = priv.params.g;
   var r = new bn(0);
   var k;
-  var H = new bn(hash);
+  var H = bits2int(hash, q).mod(q);
   var s = false;
-  var kv = getKay(x, hash, crypto);
+  var kv = getKay(x, q, hash, algo, crypto);
   while (s === false) {
-    while (!r.cmpn(0)) {
-      k = makeKey(q, kv, crypto);
-      r = makeR(g, k, p, q);
-    }
-    s = k.invm(q).imul(H.add(x.imul(r).mod(q)).mod(q)).mod(q);
+    k = makeKey(q, kv, algo, crypto);
+    r = makeR(g, k, p, q);
+    s = k.invm(q).imul(H.add(x.mul(r))).mod(q);
     if (!s.cmpn(0)) {
       s = false;
       r = new bn(0);
@@ -69,26 +67,32 @@ function toDER(r, s) {
     r = [ 0 ].concat(r);
   // Pad values
   if (s[0] & 0x80)
-    s = [ 0 ].concat(s);
+    s = [0].concat(s);
 
   var total = r.length + s.length + 4;
   var res = [ 0x30, total, 0x02, r.length ];
   res = res.concat(r, [ 0x02, s.length ], s);
   return new Buffer(res);
 }
-function getKay(x, hash, crypto) {
+module.exports.getKay = getKay;
+function getKay(x, q, hash, algo, crypto) {
   x = new Buffer(x.toArray());
-  var algo = 'sha1';//I know!
+  if (x.length < q.byteLength()) {
+    var zeros = new Buffer(q.byteLength() - x.length);
+    zeros.fill(0);
+    x = Buffer.concat([zeros, x]);
+  }
   var hlen = hash.length;
+  var hbits = bits2octets(hash, q);
   var v = new Buffer(hlen);
   v.fill(1);
   var k = new Buffer(hlen);
   k.fill(0);
-  k = crypto.createHmac('sha1', k)
+  k = crypto.createHmac(algo, k)
     .update(v)
     .update(new Buffer([0]))
     .update(x)
-    .update(hash)
+    .update(hbits)
     .digest();
   v = crypto.createHmac(algo, k)
     .update(v)
@@ -97,38 +101,47 @@ function getKay(x, hash, crypto) {
     .update(v)
     .update(new Buffer([1]))
     .update(x)
-    .update(hash)
+    .update(hbits)
+    .digest();
+  v = crypto.createHmac(algo, k)
+    .update(v)
     .digest();
   return {
     k:k,
     v:v
   };
 }
-function bits2int(bits, q) {
-  bits = new bn(bits);
-  var shift = bits.bitLength() - q.bitLength();
+function bits2int(obits, q) {
+  bits = new bn(obits);
+  var shift = obits.length * 8 - q.bitLength();
   if (shift > 0) {
     bits.ishrn(shift);
   }
   return bits;
 }
-function makeKey(q, kv, crypto) {
+function bits2octets (bits, q) {
+  bits = bits2int(bits, q);
+  bits = bits.mod(q);
+  return new Buffer(bits.toArray());
+}
+module.exports.makeKey = makeKey;
+function makeKey(q, kv, algo, crypto) {
   var t;
   var k;
   while (true) {
     t = new Buffer('');
     while (t.length * 8 < q.bitLength()) {
-      kv.v = crypto.createHmac('sha1', kv.k)
+      kv.v = crypto.createHmac(algo, kv.k)
         .update(kv.v)
         .digest();
       t = Buffer.concat([t, kv.v]);
     }
     k = bits2int(t, q);
-    kv.k =  crypto.createHmac('sha1', kv.k)
+    kv.k =  crypto.createHmac(algo, kv.k)
         .update(kv.v)
         .update(new Buffer([0]))
         .digest();
-    kv.v = crypto.createHmac('sha1', kv.k)
+    kv.v = crypto.createHmac(algo, kv.k)
         .update(kv.v)
         .digest();
     if (k.cmp(q) === -1) {