1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
|
import { COSECRV, COSEKEYS, COSEPublicKeyOKP, isCOSEAlg } from '../../cose.ts';
import { isoBase64URL } from '../../index.ts';
import { SubtleCryptoCrv } from './structs.ts';
import { importKey } from './importKey.ts';
import { getWebCrypto } from './getWebCrypto.ts';
export async function verifyOKP(opts: {
cosePublicKey: COSEPublicKeyOKP;
signature: Uint8Array;
data: Uint8Array;
}): Promise<boolean> {
const { cosePublicKey, signature, data } = opts;
const WebCrypto = await getWebCrypto();
const alg = cosePublicKey.get(COSEKEYS.alg);
const crv = cosePublicKey.get(COSEKEYS.crv);
const x = cosePublicKey.get(COSEKEYS.x);
if (!alg) {
throw new Error('Public key was missing alg (OKP)');
}
if (!isCOSEAlg(alg)) {
throw new Error(`Public key had invalid alg ${alg} (OKP)`);
}
if (!crv) {
throw new Error('Public key was missing crv (OKP)');
}
if (!x) {
throw new Error('Public key was missing x (OKP)');
}
// Pulled key import steps from here:
// https://wicg.github.io/webcrypto-secure-curves/#ed25519-operations
let _crv: SubtleCryptoCrv;
if (crv === COSECRV.ED25519) {
_crv = 'Ed25519';
} else {
throw new Error(`Unexpected COSE crv value of ${crv} (OKP)`);
}
const keyData: JsonWebKey = {
kty: 'OKP',
crv: _crv,
alg: 'EdDSA',
x: isoBase64URL.fromBuffer(x),
ext: false,
};
const keyAlgorithm: EcKeyImportParams = {
name: _crv,
namedCurve: _crv,
};
const key = await importKey({
keyData,
algorithm: keyAlgorithm,
});
const verifyAlgorithm: AlgorithmIdentifier = {
name: _crv,
};
return WebCrypto.subtle.verify(verifyAlgorithm, key, signature, data);
}
|
