// Copyright 2015 Joyent, Inc.
module.exports = {
Verifier: Verifier, Signer: Signer
};
var nacl = require('tweetnacl'); var stream = require('stream'); var util = require('util'); var assert = require('assert-plus'); var Buffer = require('safer-buffer').Buffer; var Signature = require('./signature');
function Verifier(key, hashAlgo) {
if (hashAlgo.toLowerCase() !== 'sha512') throw (new Error('ED25519 only supports the use of ' + 'SHA-512 hashes')); this.key = key; this.chunks = []; stream.Writable.call(this, {});
} util.inherits(Verifier, stream.Writable);
Verifier.prototype._write = function (chunk, enc, cb) {
this.chunks.push(chunk); cb();
};
Verifier.prototype.update = function (chunk) {
if (typeof (chunk) === 'string') chunk = Buffer.from(chunk, 'binary'); this.chunks.push(chunk);
};
Verifier.prototype.verify = function (signature, fmt) {
var sig; if (Signature.isSignature(signature, [2, 0])) { if (signature.type !== 'ed25519') return (false); sig = signature.toBuffer('raw'); } else if (typeof (signature) === 'string') { sig = Buffer.from(signature, 'base64'); } else if (Signature.isSignature(signature, [1, 0])) { throw (new Error('signature was created by too old ' + 'a version of sshpk and cannot be verified')); } assert.buffer(sig); return (nacl.sign.detached.verify( new Uint8Array(Buffer.concat(this.chunks)), new Uint8Array(sig), new Uint8Array(this.key.part.A.data)));
};
function Signer(key, hashAlgo) {
if (hashAlgo.toLowerCase() !== 'sha512') throw (new Error('ED25519 only supports the use of ' + 'SHA-512 hashes')); this.key = key; this.chunks = []; stream.Writable.call(this, {});
} util.inherits(Signer, stream.Writable);
Signer.prototype._write = function (chunk, enc, cb) {
this.chunks.push(chunk); cb();
};
Signer.prototype.update = function (chunk) {
if (typeof (chunk) === 'string') chunk = Buffer.from(chunk, 'binary'); this.chunks.push(chunk);
};
Signer.prototype.sign = function () {
var sig = nacl.sign.detached( new Uint8Array(Buffer.concat(this.chunks)), new Uint8Array(Buffer.concat([ this.key.part.k.data, this.key.part.A.data]))); var sigBuf = Buffer.from(sig); var sigObj = Signature.parse(sigBuf, 'ed25519', 'raw'); sigObj.hashAlgorithm = 'sha512'; return (sigObj);
};