Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code

Side by Side Diff: lib/rsa.js

Issue 29375915: Issue 4878 - Start using ESLint for adblockpluscore (Closed)
Patch Set: Fix Cu.imports in synchronizer.js that I missed previously Created March 14, 2017, 9:03 a.m.
Left:
Right:
Use n/p to move between diff chunks; N/P to move between comments.
Jump to:
View unified diff | Download patch
OLDNEW
1 /* 1 /*
2 * This file is part of Adblock Plus <https://adblockplus.org/>, 2 * This file is part of Adblock Plus <https://adblockplus.org/>,
3 * Copyright (C) 2006-2016 Eyeo GmbH 3 * Copyright (C) 2006-2016 Eyeo GmbH
4 * 4 *
5 * Adblock Plus is free software: you can redistribute it and/or modify 5 * Adblock Plus is free software: you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 3 as 6 * it under the terms of the GNU General Public License version 3 as
7 * published by the Free Software Foundation. 7 * published by the Free Software Foundation.
8 * 8 *
9 * Adblock Plus is distributed in the hope that it will be useful, 9 * Adblock Plus is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details. 12 * GNU General Public License for more details.
13 * 13 *
14 * You should have received a copy of the GNU General Public License 14 * You should have received a copy of the GNU General Public License
15 * along with Adblock Plus. If not, see <http://www.gnu.org/licenses/>. 15 * along with Adblock Plus. If not, see <http://www.gnu.org/licenses/>.
16 */ 16 */
17 17
18 /* global console */
19
20 "use strict";
21
18 /** 22 /**
19 * This is a specialized RSA library meant only to verify SHA1-based signatures. 23 * This is a specialized RSA library meant only to verify SHA1-based signatures.
20 */ 24 */
21 25
22 let {BigInteger} = require("jsbn"); 26 const {BigInteger} = require("jsbn");
23 let Rusha = require("rusha"); 27 const Rusha = require("rusha");
24 28
25 let rusha = new Rusha(); 29 let rusha = new Rusha();
26 30
27 // Define ASN.1 templates for the data structures used 31 // Define ASN.1 templates for the data structures used
28 function seq() 32 function seq(...args)
29 { 33 {
30 return {type: 0x30, children: Array.prototype.slice.call(arguments)}; 34 return {type: 0x30, children: args};
31 } 35 }
32 function obj(id) 36 function obj(id)
33 { 37 {
34 return {type: 0x06, content: id}; 38 return {type: 0x06, content: id};
35 } 39 }
36 function bitStr(contents) 40 function bitStr(contents)
37 { 41 {
38 return {type: 0x03, encapsulates: contents}; 42 return {type: 0x03, encapsulates: contents};
39 } 43 }
40 function intResult(id) 44 function intResult(id)
41 { 45 {
42 return {type: 0x02, out: id}; 46 return {type: 0x02, out: id};
43 } 47 }
44 function octetResult(id) 48 function octetResult(id)
45 { 49 {
46 return {type: 0x04, out: id}; 50 return {type: 0x04, out: id};
47 } 51 }
48 52
49 // See http://www.cryptopp.com/wiki/Keys_and_Formats#RSA_PublicKey 53 // See http://www.cryptopp.com/wiki/Keys_and_Formats#RSA_PublicKey
50 // 2A 86 48 86 F7 0D 01 01 01 means 1.2.840.113549.1.1.1 54 // 2A 86 48 86 F7 0D 01 01 01 means 1.2.840.113549.1.1.1
51 var publicKeyTemplate = seq(seq(obj("\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01"), {}) , bitStr(seq(intResult("n"), intResult("e")))); 55 let publicKeyTemplate = seq(
56 seq(obj("\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01"), {}),
57 bitStr(seq(intResult("n"), intResult("e")))
58 );
52 59
53 // See http://tools.ietf.org/html/rfc3447#section-9.2 step 2 60 // See http://tools.ietf.org/html/rfc3447#section-9.2 step 2
54 // 2B 0E 03 02 1A means 1.3.14.3.2.26 61 // 2B 0E 03 02 1A means 1.3.14.3.2.26
55 var signatureTemplate = seq(seq(obj("\x2B\x0E\x03\x02\x1A"), {}), octetResult("s ha1")); 62 let signatureTemplate = seq(
63 seq(obj("\x2B\x0E\x03\x02\x1A"), {}),
64 octetResult("sha1")
65 );
56 66
57 /** 67 /**
58 * Reads ASN.1 data matching the template passed in. This will throw an 68 * Reads ASN.1 data matching the template passed in. This will throw an
59 * exception if the data format doesn't match the template. On success an 69 * exception if the data format doesn't match the template. On success an
60 * object containing result properties is returned. 70 * object containing result properties is returned.
61 * 71 * @see http://luca.ntop.org/Teaching/Appunti/asn1.html for info on the format.
62 * See http://luca.ntop.org/Teaching/Appunti/asn1.html for info on the format. 72 * @param {string} data
73 * @param {Object} templ
74 * @returns {Object}
63 */ 75 */
64 function readASN1(data, templ) 76 function readASN1(data, templ)
65 { 77 {
66 var pos = 0; 78 let pos = 0;
67 function next() 79 function next()
68 { 80 {
69 return data.charCodeAt(pos++); 81 return data.charCodeAt(pos++);
70 } 82 }
71 83
72 function readLength() 84 function readLength()
73 { 85 {
74 var len = next(); 86 let len = next();
75 if (len & 0x80) 87 if (len & 0x80)
76 { 88 {
77 var cnt = len & 0x7F; 89 let cnt = len & 0x7F;
78 if (cnt > 2 || cnt == 0) 90 if (cnt > 2 || cnt == 0)
79 throw "Unsupported length"; 91 throw "Unsupported length";
80 92
81 len = 0; 93 len = 0;
82 for (var i = 0; i < cnt; i++) 94 for (let i = 0; i < cnt; i++)
83 len += next() << (cnt - 1 - i) * 8; 95 len += next() << (cnt - 1 - i) * 8;
84 return len; 96 return len;
85 } 97 }
86 else 98 return len;
87 return len;
88 } 99 }
89 100
90 function readNode(curTempl) 101 function readNode(curTempl)
91 { 102 {
92 var type = next(); 103 let type = next();
93 var len = readLength(); 104 let len = readLength();
94 if ("type" in curTempl && curTempl.type != type) 105 if ("type" in curTempl && curTempl.type != type)
95 throw "Unexpected type"; 106 throw "Unexpected type";
96 if ("content" in curTempl && curTempl.content != data.substr(pos, len)) 107 if ("content" in curTempl && curTempl.content != data.substr(pos, len))
97 throw "Unexpected content"; 108 throw "Unexpected content";
98 if ("out" in curTempl) 109 if ("out" in curTempl)
99 out[curTempl.out] = new BigInteger(data.substr(pos, len), 256); 110 out[curTempl.out] = new BigInteger(data.substr(pos, len), 256);
100 if ("children" in curTempl) 111 if ("children" in curTempl)
101 { 112 {
102 var i, end; 113 let i;
114 let end;
103 for (i = 0, end = pos + len; pos < end; i++) 115 for (i = 0, end = pos + len; pos < end; i++)
104 { 116 {
105 if (i >= curTempl.children.length) 117 if (i >= curTempl.children.length)
106 throw "Too many children"; 118 throw "Too many children";
107 readNode(curTempl.children[i]); 119 readNode(curTempl.children[i]);
108 } 120 }
109 if (i < curTempl.children.length) 121 if (i < curTempl.children.length)
110 throw "Too few children"; 122 throw "Too few children";
111 if (pos > end) 123 if (pos > end)
112 throw "Children too large"; 124 throw "Children too large";
113 } 125 }
114 else if ("encapsulates" in curTempl) 126 else if ("encapsulates" in curTempl)
115 { 127 {
116 if (next() != 0) 128 if (next() != 0)
117 throw "Encapsulation expected"; 129 throw "Encapsulation expected";
118 readNode(curTempl.encapsulates); 130 readNode(curTempl.encapsulates);
119 } 131 }
120 else 132 else
121 pos += len; 133 pos += len;
122 } 134 }
123 135
124 var out = {}; 136 let out = {};
125 readNode(templ); 137 readNode(templ);
126 if (pos != data.length) 138 if (pos != data.length)
127 throw "Too much data"; 139 throw "Too much data";
128 return out; 140 return out;
129 } 141 }
130 142
131 /** 143 /**
132 * Reads a BER-encoded RSA public key. On success returns an object with the 144 * Reads a BER-encoded RSA public key. On success returns an object with the
133 * properties n and e (the components of the key), otherwise null. 145 * properties n and e (the components of the key), otherwise null.
146 * @param {string} key
147 * @return {?Object}
134 */ 148 */
135 function readPublicKey(key) 149 function readPublicKey(key)
136 { 150 {
137 try 151 try
138 { 152 {
139 return readASN1(atob(key), publicKeyTemplate); 153 return readASN1(atob(key), publicKeyTemplate);
140 } 154 }
141 catch (e) 155 catch (e)
142 { 156 {
143 console.log("Invalid RSA public key: " + e); 157 console.warn("Invalid RSA public key: " + e);
144 return null; 158 return null;
145 } 159 }
146 } 160 }
147 161
148 /** 162 /**
149 * Checks whether the signature is valid for the given public key and data. 163 * Checks whether the signature is valid for the given public key and data.
164 * @param {string} key
165 * @param {string} signature
166 * @param {string} data
167 * @return {boolean}
150 */ 168 */
151 function verifySignature(key, signature, data) 169 function verifySignature(key, signature, data)
152 { 170 {
153 var keyData = readPublicKey(key); 171 let keyData = readPublicKey(key);
154 if (!keyData) 172 if (!keyData)
155 return false; 173 return false;
156 174
157 // We need the exponent as regular number 175 // We need the exponent as regular number
158 keyData.e = parseInt(keyData.e.toString(16), 16); 176 keyData.e = parseInt(keyData.e.toString(16), 16);
159 177
160 // Decrypt signature data using RSA algorithm 178 // Decrypt signature data using RSA algorithm
161 var sigInt = new BigInteger(atob(signature), 256); 179 let sigInt = new BigInteger(atob(signature), 256);
162 var digest = sigInt.modPowInt(keyData.e, keyData.n).toString(256); 180 let digest = sigInt.modPowInt(keyData.e, keyData.n).toString(256);
163 181
164 try 182 try
165 { 183 {
166 var pos = 0; 184 let pos = 0;
167 function next() 185 let next = () => digest.charCodeAt(pos++);
168 {
169 return digest.charCodeAt(pos++);
170 }
171 186
172 // Skip padding, see http://tools.ietf.org/html/rfc3447#section-9.2 step 5 187 // Skip padding, see http://tools.ietf.org/html/rfc3447#section-9.2 step 5
173 if (next() != 1) 188 if (next() != 1)
174 throw "Wrong padding in signature digest"; 189 throw "Wrong padding in signature digest";
175 while (next() == 255) {} 190 while (next() == 255) {}
176 if (digest.charCodeAt(pos - 1) != 0) 191 if (digest.charCodeAt(pos - 1) != 0)
177 throw "Wrong padding in signature digest"; 192 throw "Wrong padding in signature digest";
178 193
179 // Rest is an ASN.1 structure, get the SHA1 hash from it and compare to 194 // Rest is an ASN.1 structure, get the SHA1 hash from it and compare to
180 // the real one 195 // the real one
181 var sha1 = readASN1(digest.substr(pos), signatureTemplate).sha1; 196 let {sha1} = readASN1(digest.substr(pos), signatureTemplate);
182 var expected = new BigInteger(rusha.digest(data), 16); 197 let expected = new BigInteger(rusha.digest(data), 16);
183 return (sha1.compareTo(expected) == 0); 198 return (sha1.compareTo(expected) == 0);
184 } 199 }
185 catch (e) 200 catch (e)
186 { 201 {
187 console.log("Invalid encrypted signature: " + e); 202 console.warn("Invalid encrypted signature: " + e);
188 return false; 203 return false;
189 } 204 }
190 } 205 }
191 exports.verifySignature = verifySignature; 206 exports.verifySignature = verifySignature;
OLDNEW
« no previous file with comments | « lib/notification.js ('k') | lib/subscriptionClasses.js » ('j') | lib/synchronizer.js » ('J')

Powered by Google App Engine
This is Rietveld