javascript/subtle/ecdsa_verify.ts - third_party/tink - Git at Google

 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //      http://www.apache.org/licenses/LICENSE-2.0
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
 ////////////////////////////////////////////////////////////////////////////////
 import {SecurityException} from '../exception/security_exception';
 import {PublicKeyVerify} from '../signature/internal/public_key_verify';

 import * as EllipticCurves from './elliptic_curves';
 import * as Validators from './validators';

 /**
  * Implementation of ECDSA verifying.
  *
  * @final
  */
 export class EcdsaVerify implements PublicKeyVerify {
   private readonly ieeeSignatureLength_: number;

   /**
    * @param encoding The
    *     encoding of the signature.
    */
   constructor(
       private readonly key: CryptoKey, private readonly hash: string,
       private readonly encoding: EllipticCurves.EcdsaSignatureEncodingType) {
     const {namedCurve}: Partial<EcKeyAlgorithm> = key.algorithm;
     if (!namedCurve) {
       throw new SecurityException('Curve has to be defined.');
     }
     this.ieeeSignatureLength_ = 2 *
         EllipticCurves.fieldSizeInBytes(
             EllipticCurves.curveFromString(namedCurve));
   }

   /**
    * @override
    */
   async verify(signature: Uint8Array, message: Uint8Array): Promise<boolean> {
     Validators.requireUint8Array(signature);
     Validators.requireUint8Array(message);
     if (this.encoding === EllipticCurves.EcdsaSignatureEncodingType.DER) {
       signature =
           EllipticCurves.ecdsaDer2Ieee(signature, this.ieeeSignatureLength_);
     }
     return window.crypto.subtle.verify(
         {name: 'ECDSA', hash: {name: this.hash}}, this.key, signature, message);
   }
 }

 /**
  * @param opt_encoding The
  *     optional encoding of the signature. If absent, default is IEEE P1363.
  */
 export async function fromJsonWebKey(
     jwk: JsonWebKey, hash: string,
     encoding: EllipticCurves.EcdsaSignatureEncodingType =
         EllipticCurves.EcdsaSignatureEncodingType.IEEE_P1363):
     Promise<PublicKeyVerify> {
   if (!jwk) {
     throw new SecurityException('public key has to be non-null');
   }
   const {crv} = jwk;
   if (!crv) {
     throw new SecurityException('curve has to be defined');
   }
   Validators.validateEcdsaParams(crv, hash);
   const cryptoKey = await EllipticCurves.importPublicKey('ECDSA', jwk);
   return new EcdsaVerify(cryptoKey, hash, encoding);
 }
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	// http://www.apache.org/licenses/LICENSE-2.0
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.
	////////////////////////////////////////////////////////////////////////////////
	import {SecurityException} from '../exception/security_exception';
	import {PublicKeyVerify} from '../signature/internal/public_key_verify';

	import * as EllipticCurves from './elliptic_curves';
	import * as Validators from './validators';

	/**
	* Implementation of ECDSA verifying.
	*
	* @final
	*/
	export class EcdsaVerify implements PublicKeyVerify {
	private readonly ieeeSignatureLength_: number;

	/**
	* @param encoding The
	* encoding of the signature.
	*/
	constructor(
	private readonly key: CryptoKey, private readonly hash: string,
	private readonly encoding: EllipticCurves.EcdsaSignatureEncodingType) {
	const {namedCurve}: Partial<EcKeyAlgorithm> = key.algorithm;
	if (!namedCurve) {
	throw new SecurityException('Curve has to be defined.');
	}
	this.ieeeSignatureLength_ = 2 *
	EllipticCurves.fieldSizeInBytes(
	EllipticCurves.curveFromString(namedCurve));
	}

	/**
	* @override
	*/
	async verify(signature: Uint8Array, message: Uint8Array): Promise<boolean> {
	Validators.requireUint8Array(signature);
	Validators.requireUint8Array(message);
	if (this.encoding === EllipticCurves.EcdsaSignatureEncodingType.DER) {
	signature =
	EllipticCurves.ecdsaDer2Ieee(signature, this.ieeeSignatureLength_);
	}
	return window.crypto.subtle.verify(
	{name: 'ECDSA', hash: {name: this.hash}}, this.key, signature, message);
	}
	}

	/**
	* @param opt_encoding The
	* optional encoding of the signature. If absent, default is IEEE P1363.
	*/
	export async function fromJsonWebKey(
	jwk: JsonWebKey, hash: string,
	encoding: EllipticCurves.EcdsaSignatureEncodingType =
	EllipticCurves.EcdsaSignatureEncodingType.IEEE_P1363):
	Promise<PublicKeyVerify> {
	if (!jwk) {
	throw new SecurityException('public key has to be non-null');
	}
	const {crv} = jwk;
	if (!crv) {
	throw new SecurityException('curve has to be defined');
	}
	Validators.validateEcdsaParams(crv, hash);
	const cryptoKey = await EllipticCurves.importPublicKey('ECDSA', jwk);
	return new EcdsaVerify(cryptoKey, hash, encoding);
	}