settings.js 1.4 KB

1234567891011121314151617181920212223242526272829303132333435363738394041
  1. const SEA = require('./root');
  2. const Buffer = require('./buffer')
  3. const settings = {}
  4. // Encryption parameters
  5. const pbkdf2 = { hash: 'SHA-256', iter: 100000, ks: 64 }
  6. const ecdsaSignProps = { name: 'ECDSA', hash: { name: 'SHA-256' } }
  7. const ecdsaKeyProps = { name: 'ECDSA', namedCurve: 'P-256' }
  8. const ecdhKeyProps = { name: 'ECDH', namedCurve: 'P-256' }
  9. const _initial_authsettings = {
  10. validity: 12 * 60 * 60, // internally in seconds : 12 hours
  11. hook: (props) => props // { iat, exp, alias, remember }
  12. // or return new Promise((resolve, reject) => resolve(props)
  13. }
  14. // These are used to persist user's authentication "session"
  15. const authsettings = Object.assign({}, _initial_authsettings)
  16. // This creates Web Cryptography API compliant JWK for sign/verify purposes
  17. const keysToEcdsaJwk = (pub, d) => { // d === priv
  18. //const [ x, y ] = Buffer.from(pub, 'base64').toString('utf8').split(':') // old
  19. const [ x, y ] = pub.split('.') // new
  20. var jwk = { kty: "EC", crv: "P-256", x: x, y: y, ext: true }
  21. jwk.key_ops = d ? ['sign'] : ['verify'];
  22. if(d){ jwk.d = d }
  23. return jwk;
  24. }
  25. Object.assign(settings, {
  26. pbkdf2: pbkdf2,
  27. ecdsa: {
  28. pair: ecdsaKeyProps,
  29. sign: ecdsaSignProps
  30. },
  31. ecdh: ecdhKeyProps,
  32. jwk: keysToEcdsaJwk,
  33. recall: authsettings
  34. })
  35. SEA.opt = settings;
  36. module.exports = settings