Mirroristas/gun
2
0
Fork 0
mirror of https://github.com/amark/gun.git synced 2026-03-18 14:19:24 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
e9f2a88e19c6f80339f14dfd39656dccd7f3050c
gun/sea/verify.js
Mark Nadal b1b408971d Master into Deploys (#1391) 
* Thank you Murage Martin @murageyun for donating!!!

* Fix opt.s3.fakes3 parsing issue (#1318)

* Fix opt.s3.fakes3 parsing issue

* Fix second typo within if block

* Support variable number of auth retry attempts through opt.retries (#1325)

Maintain default to 9 to ensure backwards compatibility

* Thanks Jason Stallings @octalmage !!!

* Remove unused imports (#1337)

* Update README.md

* yay format change

* encode objects

* WS ws.path fix  (#1343)

* Update wire.js

* Update wire.js

* Update wire.js

* add one click deploy to readme (#1342)

* update src/index (#1254)

* update src/index

* update

* src/index fix

* added src/core

* is ??? this a MVP of book & rad ???? thanks to @rogowski

* book & rad APIs stabilizing

* RAD & Book promoted! + buggy example: test/rad/book.html

* bump path

* cleaned up Book results & sorting & caching

* sea blobs! (#1353)

* sea blobs!

* and null origins

* null fix

* null check is last

* add a way to select stats file from url (#1351)

* react-native detection, and load needed shims (#1349)

* react-native detection

* added lib mobile

* changed back to gun. for another solution

* have unbuild function wrap to prevent scope leaks & allow RETURN hehehe so I can reject @bmatusiak 's lS change O:) O:) I love you you're a hero!

later with @bmatusiak check sea.then for '../gun.js' vs '../' vs ...
note: src/index -> core.js
TODO: something about WebRTC candidates hitting ack decrement limits?

* quick-fix (#1355)

* Fix SEA certificate verification, allow multiple pubs (#1358)

* Create SECURITY.md (#1364)

* ... works (#1357)

* Loading fix (#1356)

* does this load better

* check window.Gun too in rfs

* update SECURITY.md file and change the versions to 0.2020.x (#1365)

* webrtc accept getUserMedia streams as peer

* Check atom exists in graph when deciding to read from disk (#1371)

* fix: ERROR: Radisk needs `store.put` interface (#1374)

* Update STUN servers (#1381)

Commented out sipgate.net STUN server.
Added Cloudflare STUN server.

* universal notification system

---------

Co-authored-by: ritchia1 <andrew.ritchie@estimateone.com>
Co-authored-by: Anton <dev@atjn.dk>
Co-authored-by: Bradley Matusiak <bmatusiak@gmail.com>
Co-authored-by: Jay Byoun <jay8061@pm.me>
Co-authored-by: mimiza <dev@mimiza.com>
Co-authored-by: Simardeep Singh <1003simar@gmail.com>
Co-authored-by: Malcolm Blaney <mblaney@gmail.com>
Co-authored-by: Andreas Heissenberger <andreas@heissenberger.at>
Co-authored-by: carlin978 <120719190+carlin978@users.noreply.github.com>
2024-11-23 17:52:28 -08:00

82 lines
3.4 KiB
JavaScript
Raw Blame History

;(function(){
var SEA = require('./root');
var shim = require('./shim');
var S = require('./settings');
var sha = require('./sha256');
var u;
SEA.verify = SEA.verify || (async (data, pair, cb, opt) => { try {
var json = await S.parse(data);
if(false === pair){ // don't verify!
var raw = await S.parse(json.m);
if(cb){ try{ cb(raw) }catch(e){console.log(e)} }
return raw;
}
opt = opt || {};
// SEA.I // verify is free! Requires no user permission.
var pub = pair.pub || pair;
var key = SEA.opt.slow_leak? await SEA.opt.slow_leak(pub) : await (shim.ossl || shim.subtle).importKey('jwk', S.jwk(pub), {name: 'ECDSA', namedCurve: 'P-256'}, false, ['verify']);
var hash = await sha(json.m);
var buf, sig, check, tmp; try{
buf = shim.Buffer.from(json.s, opt.encode || 'base64'); // NEW DEFAULT!
sig = new Uint8Array(buf);
check = await (shim.ossl || shim.subtle).verify({name: 'ECDSA', hash: {name: 'SHA-256'}}, key, sig, new Uint8Array(hash));
if(!check){ throw "Signature did not match." }
}catch(e){
if(SEA.opt.fallback){
return await SEA.opt.fall_verify(data, pair, cb, opt);
}
}
var r = check? await S.parse(json.m) : u;
if(cb){ try{ cb(r) }catch(e){console.log(e)} }
return r;
} catch(e) {
console.log(e); // mismatched owner FOR MARTTI
SEA.err = e;
if(SEA.throw){ throw e }
if(cb){ cb() }
return;
}});
module.exports = SEA.verify;
// legacy & ossl memory leak mitigation:
var knownKeys = {};
var keyForPair = SEA.opt.slow_leak = pair => {
if (knownKeys[pair]) return knownKeys[pair];
var jwk = S.jwk(pair);
knownKeys[pair] = (shim.ossl || shim.subtle).importKey("jwk", jwk, {name: 'ECDSA', namedCurve: 'P-256'}, false, ["verify"]);
return knownKeys[pair];
};
var O = SEA.opt;
SEA.opt.fall_verify = async function(data, pair, cb, opt, f){
if(f === SEA.opt.fallback){ throw "Signature did not match" } f = f || 1;
var tmp = data||'';
data = SEA.opt.unpack(data) || data;
var json = await S.parse(data), pub = pair.pub || pair, key = await SEA.opt.slow_leak(pub);
var hash = (f <= SEA.opt.fallback)? shim.Buffer.from(await shim.subtle.digest({name: 'SHA-256'}, new shim.TextEncoder().encode(await S.parse(json.m)))) : await sha(json.m); // this line is old bad buggy code but necessary for old compatibility.
var buf; var sig; var check; try{
buf = shim.Buffer.from(json.s, opt.encode || 'base64') // NEW DEFAULT!
sig = new Uint8Array(buf)
check = await (shim.ossl || shim.subtle).verify({name: 'ECDSA', hash: {name: 'SHA-256'}}, key, sig, new Uint8Array(hash))
if(!check){ throw "Signature did not match." }
}catch(e){ try{
buf = shim.Buffer.from(json.s, 'utf8') // AUTO BACKWARD OLD UTF8 DATA!
sig = new Uint8Array(buf)
check = await (shim.ossl || shim.subtle).verify({name: 'ECDSA', hash: {name: 'SHA-256'}}, key, sig, new Uint8Array(hash))
}catch(e){
if(!check){ throw "Signature did not match." }
}
}
var r = check? await S.parse(json.m) : u;
O.fall_soul = tmp['#']; O.fall_key = tmp['.']; O.fall_val = data; O.fall_state = tmp['>'];
if(cb){ try{ cb(r) }catch(e){console.log(e)} }
return r;
}
SEA.opt.fallback = 2;
}());
Reference in New Issue View Git Blame Copy Permalink