Mirroristas/gun
2
0
Fork 0
mirror of https://github.com/amark/gun.git synced 2025-06-07 22:56:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

OSSL Memory leak mitigation

Browse Source 
Mitigates this leak: https://github.com/PeculiarVentures/node-webcrypto-ossl/issues/136
This commit is contained in:
go1dfish 2019-01-04 06:03:22 -08:00 committed by GitHub
parent 41f45a97a4
commit cd0b12d1d2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
sea/verify.js
View File

@ -6,6 +6,15 @@
var parse = require('./parse'); var parse = require('./parse');
var u; var u;
var knownKeys = {};
var keyForPair = pair => {
if (knownKeys[pair]) return knownKeys[pair];
const jwk = S.jwk(pair);
knownKeys[pair] = (shim.ossl || shim.subtle).importKey("jwk", jwk, S.ecdsa.pair, false, ["verify"]);
return knownKeys[pair];
};
SEA.verify = SEA.verify || (async (data, pair, cb, opt) => { try { SEA.verify = SEA.verify || (async (data, pair, cb, opt) => { try {
const json = parse(data) const json = parse(data)
if(false === pair){ // don't verify! if(false === pair){ // don't verify!
@ -18,9 +27,8 @@
opt = opt || {}; opt = opt || {};
// SEA.I // verify is free! Requires no user permission. // SEA.I // verify is free! Requires no user permission.
if(json === data){ throw "No signature on data." } if(json === data){ throw "No signature on data." }
const pub = pair.pub || pair const pub = pair.pub || pair;
const jwk = S.jwk(pub) const key = await keyForPair(pub);
const key = await (shim.ossl || shim.subtle).importKey('jwk', jwk, S.ecdsa.pair, false, ['verify'])
const hash = await sha256hash(json.m) const hash = await sha256hash(json.m)
var buf; var sig; var check; try{ var buf; var sig; var check; try{
buf = shim.Buffer.from(json.s, opt.encode || 'base64') // NEW DEFAULT! buf = shim.Buffer.from(json.s, opt.encode || 'base64') // NEW DEFAULT!