settings.js 1.4 KB

123456789101112131415161718192021222324252627282930313233343536373839
  1. const Buffer = require('./buffer')
  2. const settings = {}
  3. // Encryption parameters
  4. const pbkdf2 = { hash: 'SHA-256', iter: 100000, ks: 64 }
  5. const ecdsaSignProps = { name: 'ECDSA', hash: { name: 'SHA-256' } }
  6. const ecdsaKeyProps = { name: 'ECDSA', namedCurve: 'P-256' }
  7. const ecdhKeyProps = { name: 'ECDH', namedCurve: 'P-256' }
  8. const _initial_authsettings = {
  9. validity: 12 * 60 * 60, // internally in seconds : 12 hours
  10. hook: (props) => props // { iat, exp, alias, remember }
  11. // or return new Promise((resolve, reject) => resolve(props)
  12. }
  13. // These are used to persist user's authentication "session"
  14. const authsettings = Object.assign({}, _initial_authsettings)
  15. // This creates Web Cryptography API compliant JWK for sign/verify purposes
  16. const keysToEcdsaJwk = (pub, d) => { // d === priv
  17. //const [ x, y ] = Buffer.from(pub, 'base64').toString('utf8').split(':') // old
  18. const [ x, y ] = pub.split('.') // new
  19. var jwk = { kty: "EC", crv: "P-256", x: x, y: y, ext: true }
  20. jwk.key_ops = d ? ['sign'] : ['verify'];
  21. if(d){ jwk.d = d }
  22. return jwk;
  23. }
  24. Object.assign(settings, {
  25. pbkdf2: pbkdf2,
  26. ecdsa: {
  27. pair: ecdsaKeyProps,
  28. sign: ecdsaSignProps
  29. },
  30. ecdh: ecdhKeyProps,
  31. jwk: keysToEcdsaJwk,
  32. recall: authsettings
  33. })
  34. module.exports = settings