diff --git a/oauth3.issuer.mock.js b/oauth3.issuer.mock.js index ea72fa7..d64122f 100644 --- a/oauth3.issuer.mock.js +++ b/oauth3.issuer.mock.js @@ -3,12 +3,12 @@ var OAUTH3 = exports.OAUTH3 = exports.OAUTH3 || require('./oauth3.core.js').OAUTH3; - OAUTH3.utils.bufferToBinaryString = function (buf) { + OAUTH3.utils.bufferToBinStr = function (buf) { return Array.prototype.map.call(new Uint8Array(buf), function(ch) { return String.fromCharCode(ch); }).join(''); }; - OAUTH3.utils.binaryStringToBuffer = function (str) { + OAUTH3.utils.binStrToBuffer = function (str) { var buf; if ('undefined' !== typeof Uint8Array) { @@ -23,6 +23,13 @@ return buf; }; + OAUTH3._base64.urlSafeToBuffer = function (str) { + return OAUTH3.utils.binStrToBuffer(OAUTH3._base64.decodeUrlSafe(str)); + }; + OAUTH3._base64.bufferToUrlSafe = function (buf) { + return OAUTH3._base64.encodeUrlSafe(OAUTH3.utils.bufferToBinStr(buf)); + }; + OAUTH3.crypto = {}; OAUTH3.crypto.fingerprintJWK = function (jwk) { var keys; @@ -44,15 +51,15 @@ } var jwkStr = '{' + keys.map(function (name) { return name+':'+jwk[name]; }).join(',') + '}'; - return window.crypto.subtle.digest({name: 'SHA-256'}, OAUTH3.utils.binaryStringToBuffer(jwkStr)) - .then(OAUTH3.utils.bufferToBinaryString).then(OAUTH3._base64.btoa); + return window.crypto.subtle.digest({name: 'SHA-256'}, OAUTH3.utils.binStrToBuffer(jwkStr)) + .then(OAUTH3._base64.bufferToUrlSafe); }; OAUTH3.crypto._createKey = function (ppid) { var kekPromise, ecdsaPromise, secretPromise; var salt = window.crypto.getRandomValues(new Uint8Array(16)); - kekPromise = window.crypto.subtle.importKey('raw', OAUTH3.utils.binaryStringToBuffer(ppid), {name: 'PBKDF2'}, false, ['deriveKey']) + kekPromise = window.crypto.subtle.importKey('raw', OAUTH3.utils.binStrToBuffer(ppid), {name: 'PBKDF2'}, false, ['deriveKey']) .then(function (key) { var opts = {name: 'PBKDF2', salt: salt, iterations: 8192, hash: {name: 'SHA-256'}}; return window.crypto.subtle.deriveKey(opts, key, {name: 'AES-GCM', length: 128}, false, ['encrypt']); @@ -85,8 +92,8 @@ }); return OAUTH3.PromiseA.all([kekPromise, ecdsaPromise, secretPromise]).then(function (keys) { - var ecdsaJwk = OAUTH3.utils.binaryStringToBuffer(JSON.stringify(keys[1].privateKey)); - var secretJwk = OAUTH3.utils.binaryStringToBuffer(JSON.stringify(keys[2])); + var ecdsaJwk = OAUTH3.utils.binStrToBuffer(JSON.stringify(keys[1].privateKey)); + var secretJwk = OAUTH3.utils.binStrToBuffer(JSON.stringify(keys[2])); var ecdsaIv = window.crypto.getRandomValues(new Uint8Array(12)); var secretIv = window.crypto.getRandomValues(new Uint8Array(12)); @@ -97,22 +104,22 @@ .then(function (encrypted) { return { publicKey: keys[1].publicKey - , privateKey: OAUTH3._base64.btoa(OAUTH3.utils.bufferToBinaryString(encrypted[0])) - , userSecret: OAUTH3._base64.btoa(OAUTH3.utils.bufferToBinaryString(encrypted[1])) - , salt: OAUTH3._base64.btoa(OAUTH3.utils.bufferToBinaryString(salt)) - , ecdsaIv: OAUTH3._base64.btoa(OAUTH3.utils.bufferToBinaryString(ecdsaIv)) - , secretIv: OAUTH3._base64.btoa(OAUTH3.utils.bufferToBinaryString(secretIv)) + , privateKey: OAUTH3._base64.bufferToUrlSafe(encrypted[0]) + , userSecret: OAUTH3._base64.bufferToUrlSafe(encrypted[1]) + , salt: OAUTH3._base64.bufferToUrlSafe(salt) + , ecdsaIv: OAUTH3._base64.bufferToUrlSafe(ecdsaIv) + , secretIv: OAUTH3._base64.bufferToUrlSafe(secretIv) }; }); }); }; OAUTH3.crypto._decryptKey = function (ppid, storedObj) { - var salt = OAUTH3.utils.binaryStringToBuffer(OAUTH3._base64.atob(storedObj.salt)); - var encJwk = OAUTH3.utils.binaryStringToBuffer(OAUTH3._base64.atob(storedObj.privateKey)); - var iv = OAUTH3.utils.binaryStringToBuffer(OAUTH3._base64.atob(storedObj.ecdsaIv)); + var salt = OAUTH3._base64.urlSafeToBuffer(storedObj.salt); + var encJwk = OAUTH3._base64.urlSafeToBuffer(storedObj.privateKey); + var iv = OAUTH3._base64.urlSafeToBuffer(storedObj.ecdsaIv); - return window.crypto.subtle.importKey('raw', OAUTH3.utils.binaryStringToBuffer(ppid), {name: 'PBKDF2'}, false, ['deriveKey']) + return window.crypto.subtle.importKey('raw', OAUTH3.utils.binStrToBuffer(ppid), {name: 'PBKDF2'}, false, ['deriveKey']) .then(function (key) { var opts = {name: 'PBKDF2', salt: salt, iterations: 8192, hash: {name: 'SHA-256'}}; return window.crypto.subtle.deriveKey(opts, key, {name: 'AES-GCM', length: 128}, false, ['decrypt']); @@ -120,7 +127,7 @@ .then(function (key) { return window.crypto.subtle.decrypt({name: 'AES-GCM', iv: iv}, key, encJwk); }) - .then(OAUTH3.utils.bufferToBinaryString) + .then(OAUTH3.utils.bufferToBinStr) .then(JSON.parse) .then(function (jwk) { return window.crypto.subtle.importKey('jwk', jwk, {name: 'ECDSA', namedCurve: jwk.crv}, false, ['sign']) @@ -133,9 +140,9 @@ }; OAUTH3.crypto._getKey = function (ppid) { - return window.crypto.subtle.digest({name: 'SHA-256'}, OAUTH3.utils.binaryStringToBuffer(ppid)) + return window.crypto.subtle.digest({name: 'SHA-256'}, OAUTH3.utils.binStrToBuffer(ppid)) .then(function (hash) { - var name = 'kek-' + OAUTH3._base64.btoa(OAUTH3.utils.bufferToBinaryString(hash)); + var name = 'kek-' + OAUTH3._base64.bufferToUrlSafe(hash); var promise; if (window.localStorage.getItem(name) === null) { @@ -161,9 +168,9 @@ , OAUTH3._base64.encodeUrlSafe(JSON.stringify(payload, null)) ].join('.'); - return window.crypto.subtle.sign({name: 'ECDSA', hash: {name: 'SHA-256'}}, key, OAUTH3.utils.binaryStringToBuffer(input)) + return window.crypto.subtle.sign({name: 'ECDSA', hash: {name: 'SHA-256'}}, key, OAUTH3.utils.binStrToBuffer(input)) .then(function (signature) { - return input + '.' + OAUTH3._base64.encodeUrlSafe(OAUTH3.utils.bufferToBinaryString(signature)); + return input + '.' + OAUTH3._base64.bufferToUrlSafe(signature); }); }); };