Merge pull request kjur#16 from davedoesdev/master

Fix PSS signing
sramos30 · Jul 23, 2013 · c1dc3bf · c1dc3bf
2 parents e784e83 + b591c21
commit c1dc3bf
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 10 deletions.
diff --git a/base64x-1.1.js b/base64x-1.1.js
@@ -288,7 +288,7 @@ function hextorstr(sHex) {
 function rstrtohex(s) {
     var result = "";
     for (var i = 0; i < s.length; i++) {
-	result += ("0" + String.charCodeAt(s.substr(i, 1)).toString(16)).slice(-2);
+	result += ("0" + s.charCodeAt(i).toString(16)).slice(-2);
     }
     return result;
 }

diff --git a/crypto-1.1.js b/crypto-1.1.js
@@ -133,6 +133,11 @@ KJUR.crypto.Util = new function() {
         return md.digestString(s);
     };
 
+    this.sha256Hex = function(s) {
+        var md = new KJUR.crypto.MessageDigest({'alg':'sha256', 'prov':'cryptojs'});
+        return md.digestHex(s);
+    };
+
     /**
      * get hexadecimal SHA512 hash of string
      * @name sha512
@@ -147,6 +152,11 @@ KJUR.crypto.Util = new function() {
         return md.digestString(s);
     };
 
+    this.sha512Hex = function(s) {
+        var md = new KJUR.crypto.MessageDigest({'alg':'sha512', 'prov':'cryptojs'});
+        return md.digestHex(s);
+    };
+
     /**
      * get hexadecimal MD5 hash of string
      * @name md5

diff --git a/rsasign-1.2.js b/rsasign-1.2.js
@@ -63,6 +63,8 @@ _RSASIGN_HASHHEXFUNC['sha256'] =    function(s){return KJUR.crypto.Util.sha256(s
 _RSASIGN_HASHHEXFUNC['sha512'] =    function(s){return KJUR.crypto.Util.sha512(s);}
 _RSASIGN_HASHHEXFUNC['md5'] =       function(s){return KJUR.crypto.Util.md5(s);};
 _RSASIGN_HASHHEXFUNC['ripemd160'] = function(s){return KJUR.crypto.Util.ripemd160(s);};
+_RSASIGN_HASHHEXFUNC['sha256Hex'] =    function(s){return KJUR.crypto.Util.sha256Hex(s);}
+_RSASIGN_HASHHEXFUNC['sha512Hex'] =    function(s){return KJUR.crypto.Util.sha512Hex(s);}
 
 //_RSASIGN_HASHHEXFUNC['sha1'] =   function(s){return sha1.hex(s);}   // http://user1.matsumoto.ne.jp/~goma/js/hash.html
 //_RSASIGN_HASHHEXFUNC['sha256'] = function(s){return sha256.hex;}    // http://user1.matsumoto.ne.jp/~goma/js/hash.html
@@ -130,11 +132,11 @@ function pss_mgf1_str(seed, len, hash) {
     var mask = '', i = 0;
 
     while (mask.length < len) {
-        mask += hash(seed + String.fromCharCode.apply(String, [
+        mask += hextorstr(hash(rstrtohex(seed + String.fromCharCode.apply(String, [
                 (i & 0xff000000) >> 24,
                 (i & 0x00ff0000) >> 16,
                 (i & 0x0000ff00) >> 8,
-                i & 0x000000ff]));
+                i & 0x000000ff]))));
         i += 1;
     }
 
@@ -151,8 +153,8 @@ function pss_mgf1_str(seed, len, hash) {
  * @return returns hexadecimal string of signature value.
  */
 function _rsasign_signStringPSS(s, hashAlg, sLen) {
-    var hashFunc = _RSASIGN_HASHHEXFUNC[hashAlg];
-    var hHash = hashFunc(s);
+    var hashFunc = _RSASIGN_HASHHEXFUNC[hashAlg + 'Hex'];
+    var hHash = hashFunc(rstrtohex(s));
     var mHash = hextorstr(hHash);
     var hLen = mHash.length;
     var emBits = this.n.bitLength() - 1;
@@ -179,7 +181,7 @@ function _rsasign_signStringPSS(s, hashAlg, sLen) {
         salt = String.fromCharCode.apply(String, salt);
     }
 
-    var H = hextorstr(hashFunc('\x00\x00\x00\x00\x00\x00\x00\x00' + mHash + salt));
+    var H = hextorstr(hashFunc(rstrtohex('\x00\x00\x00\x00\x00\x00\x00\x00' + mHash + salt)));
     var PS = [];
 
     for (i = 0; i < emLen - sLen - hLen - 2; i += 1) {
@@ -297,8 +299,8 @@ function _rsasign_verifyStringPSS(sMsg, biSig, hashAlg, sLen) {
         return false;
     }
 
-    var hashFunc = _RSASIGN_HASHHEXFUNC[hashAlg];
-    var hHash = hashFunc(sMsg);
+    var hashFunc = _RSASIGN_HASHHEXFUNC[hashAlg + 'Hex'];
+    var hHash = hashFunc(rstrtohex(sMsg));
     var mHash = hextorstr(hHash);
     var hLen = mHash.length;
     var emBits = this.n.bitLength() - 1;
@@ -363,8 +365,8 @@ function _rsasign_verifyStringPSS(sMsg, biSig, hashAlg, sLen) {
         throw "0x01 marker not found";
     }
 
-    return rstrtohex(H) === hashFunc('\x00\x00\x00\x00\x00\x00\x00\x00' + mHash +
-				     String.fromCharCode.apply(String, DB.slice(-sLen)));
+    return H === hextorstr(hashFunc(rstrtohex('\x00\x00\x00\x00\x00\x00\x00\x00' + mHash +
+				     String.fromCharCode.apply(String, DB.slice(-sLen)))));
 }
 
 RSAKey.prototype.signString = _rsasign_signString;