Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit6b6de48

Browse files
author
Brian J Brennan
committed
Merge branch 'utf8-error'
2 parents68b7708 +8cfee12 commit6b6de48

File tree

4 files changed

+33
-15
lines changed

4 files changed

+33
-15
lines changed

‎lib/sign-stream.js‎

Lines changed: 8 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -6,18 +6,20 @@ const Stream = require('stream');
66
consttoString=require('./tostring');
77
constutil=require('util');
88

9-
functionjwsSecuredInput(header,payload){
9+
functionjwsSecuredInput(header,payload,encoding){
10+
encoding=encoding||'utf8';
1011
constencodedHeader=base64url(toString(header),'binary');
11-
constencodedPayload=base64url(toString(payload),'binary');
12+
constencodedPayload=base64url(toString(payload),encoding);
1213
returnutil.format('%s.%s',encodedHeader,encodedPayload);
1314
}
1415

1516
functionjwsSign(opts){
1617
constheader=opts.header;
1718
constpayload=opts.payload;
1819
constsecretOrKey=opts.secret||opts.privateKey;
20+
constencoding=opts.encoding;
1921
constalgo=jwa(header.alg);
20-
constsecuredInput=jwsSecuredInput(header,payload);
22+
constsecuredInput=jwsSecuredInput(header,payload,encoding);
2123
constsignature=algo.sign(securedInput,secretOrKey);
2224
returnutil.format('%s.%s',securedInput,signature);
2325
}
@@ -27,6 +29,7 @@ function SignStream(opts) {
2729
constsecretStream=newDataStream(secret);
2830
this.readable=true;
2931
this.header=opts.header;
32+
this.encoding=opts.encoding;
3033
this.secret=this.privateKey=this.key=secretStream;
3134
this.payload=newDataStream(opts.payload);
3235
this.secret.once('close',function(){
@@ -45,7 +48,8 @@ SignStream.prototype.sign = function sign() {
4548
constsignature=jwsSign({
4649
header:this.header,
4750
payload:this.payload.buffer,
48-
secret:this.secret.buffer
51+
secret:this.secret.buffer,
52+
encoding:this.encoding
4953
});
5054
this.emit('done',signature);
5155
this.emit('data',signature);

‎lib/verify-stream.js‎

Lines changed: 11 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -50,9 +50,10 @@ function signatureFromJWS(jwsSig) {
5050
returnjwsSig.split('.')[2];
5151
}
5252

53-
functionpayloadFromJWS(jwsSig){
53+
functionpayloadFromJWS(jwsSig,encoding){
54+
encoding=encoding||'utf8';
5455
constpayload=jwsSig.split('.')[1];
55-
returnbase64url.decode(payload,'binary');
56+
returnbase64url.decode(payload,encoding);
5657
}
5758

5859
functionisValidJws(string){
@@ -70,14 +71,19 @@ function jwsVerify(jwsSig, secretOrKey) {
7071
functionjwsDecode(jwsSig,opts){
7172
opts=opts||{};
7273
jwsSig=toString(jwsSig);
74+
7375
if(!isValidJws(jwsSig))
7476
returnnull;
77+
7578
constheader=headerFromJWS(jwsSig);
79+
7680
if(!header)
7781
returnnull;
82+
7883
varpayload=payloadFromJWS(jwsSig);
7984
if(header.typ==='JWT'||opts.json)
80-
payload=JSON.parse(payload);
85+
payload=JSON.parse(payload,opts.encoding);
86+
8187
return{
8288
header:header,
8389
payload:payload,
@@ -90,6 +96,7 @@ function VerifyStream(opts) {
9096
constsecretOrKey=opts.secret||opts.publicKey||opts.key;
9197
constsecretStream=newDataStream(secretOrKey);
9298
this.readable=true;
99+
this.encoding=opts.encoding;
93100
this.secret=this.publicKey=this.key=secretStream;
94101
this.signature=newDataStream(opts.signature);
95102
this.secret.once('close',function(){
@@ -105,7 +112,7 @@ function VerifyStream(opts) {
105112
util.inherits(VerifyStream,Stream);
106113
VerifyStream.prototype.verify=functionverify(){
107114
constvalid=jwsVerify(this.signature.buffer,this.key.buffer);
108-
constobj=jwsDecode(this.signature.buffer);
115+
constobj=jwsDecode(this.signature.buffer,this.encoding);
109116
this.emit('done',valid,obj);
110117
this.emit('data',valid);
111118
this.emit('end');

‎readme.md‎

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -43,6 +43,7 @@ Options:
4343
*`header`
4444
*`payload`
4545
*`secret` or`privateKey`
46+
*`encoding` (Optional, defaults to 'utf8')
4647

4748
`header` must be an object with an`alg` property.`header.alg` must be
4849
one a value found in`jws.ALGORITHMS`. See above for a table of
@@ -92,6 +93,7 @@ Options:
9293
*`header` (required)
9394
*`payload`
9495
*`key` ||`privateKey` ||`secret`
96+
*`encoding` (Optional, defaults to 'utf8')
9597

9698
Other than`header`, all options expect a string or a buffer when the
9799
value is known ahead of time, or a stream for convenience.
@@ -126,6 +128,7 @@ Options:
126128

127129
*`signature`
128130
*`key` ||`publicKey` ||`secret`
131+
*`encoding` (Optional, defaults to 'utf8')
129132

130133
All options expect a string or a buffer when the value is known ahead of
131134
time, or a stream for convenience.
@@ -214,7 +217,7 @@ passed a `key` or `secret` option to the constructor.
214217
MIT
215218

216219
```
217-
Copyright (c) 2013 Brian J. Brennan
220+
Copyright (c) 2013-2015 Brian J. Brennan
218221
219222
Permission is hereby granted, free of charge, to any person obtaining a
220223
copy of this software and associated documentation files (the

‎test/jws.test.js‎

Lines changed: 10 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -38,15 +38,21 @@ const CURVES = {
3838
'512':'521',
3939
};
4040

41+
constpayloadString='oh ćhey José!: ¬˚∆ƒå¬ß…©…åˆø˙ˆø´∆¬˚µ…˚¬˜øå…ˆßøˆƒ˜¬';
42+
constpayload={
43+
name:payloadString,
44+
value:['one',2,3]
45+
};
46+
4147
BITS.forEach(function(bits){
4248
test('HMAC using SHA-'+bits+' hash algorithm',function(t){
4349
constheader={alg:'HS'+bits,typ:'JWT'};
44-
constpayload={name:'oh hey José!',value:['one',2,3]};
4550
constsecret='sup';
4651
constjwsObj=jws.sign({
4752
header:header,
4853
payload:payload,
49-
secret:secret
54+
secret:secret,
55+
encoding:'utf8',
5056
});
5157
constparts=jws.decode(jwsObj);
5258
t.ok(jws.verify(jwsObj,secret),'should verify');
@@ -60,7 +66,6 @@ BITS.forEach(function (bits) {
6066
BITS.forEach(function(bits){
6167
test('RSASSA using SHA-'+bits+' hash algorithm',function(t){
6268
constheader={alg:'RS'+bits};
63-
constpayload={name:'oh hey José!',value:['one',2,3]};
6469
constprivateKey=rsaPrivateKey;
6570
constpublicKey=rsaPublicKey;
6671
constwrongPublicKey=rsaWrongPublicKey;
@@ -82,19 +87,18 @@ BITS.forEach(function (bits) {
8287
constcurve=CURVES[bits];
8388
test('ECDSA using P-'+curve+' curve and SHA-'+bits+' hash algorithm',function(t){
8489
constheader={alg:'ES'+bits};
85-
constpayload='oh hey José!';
8690
constprivateKey=ecdsaPrivateKey['256'];
8791
constpublicKey=ecdsaPublicKey['256'];
8892
constwrongPublicKey=ecdsaWrongPublicKey['256'];
8993
constjwsObj=jws.sign({
9094
header:header,
91-
payload:payload,
95+
payload:payloadString,
9296
privateKey:privateKey
9397
});
9498
constparts=jws.decode(jwsObj);
9599
t.ok(jws.verify(jwsObj,publicKey),'should verify');
96100
t.notOk(jws.verify(jwsObj,wrongPublicKey),'should not verify');
97-
t.same(parts.payload,payload,'should match payload');
101+
t.same(parts.payload,payloadString,'should match payload');
98102
t.same(parts.header,header,'should match header');
99103
t.end();
100104
});

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp