(data: string, signature: string, publicKeyPath: string)
| 77 | } |
| 78 | |
| 79 | export function verifySignature(data: string, signature: string, publicKeyPath: string): boolean { |
| 80 | try { |
| 81 | let publicKey = publicKeyCache.get(publicKeyPath); |
| 82 | |
| 83 | if (!publicKey) { |
| 84 | if (!fs.existsSync(publicKeyPath)) { |
| 85 | throw new Error(`Public key file not found at: ${publicKeyPath}`); |
| 86 | } |
| 87 | |
| 88 | publicKey = fs.readFileSync(publicKeyPath, 'utf8'); |
| 89 | publicKeyCache.set(publicKeyPath, publicKey); |
| 90 | } |
| 91 | |
| 92 | // Convert base64url signature to base64 if needed |
| 93 | const base64Signature = signature.replace(/-/g, '+').replace(/_/g, '/'); |
| 94 | const paddedSignature = base64Signature + '='.repeat((4 - base64Signature.length % 4) % 4); |
| 95 | const signatureBuffer = Buffer.from(paddedSignature, 'base64'); |
| 96 | |
| 97 | return crypto.verify(null, Buffer.from(data, 'utf8'), publicKey, signatureBuffer); |
| 98 | } catch (error) { |
| 99 | console.error('Error verifying signature:', error); |
| 100 | return false; |
| 101 | } |
| 102 | } |
| 103 | |
| 104 | export const getTokenFromConfig = async (token: Token): Promise<string> => { |
| 105 | if ('env' in token) { |
no outgoing calls
no test coverage detected