本文整理汇总了TypeScript中crypto.timingSafeEqual函数的典型用法代码示例。如果您正苦于以下问题:TypeScript timingSafeEqual函数的具体用法?TypeScript timingSafeEqual怎么用?TypeScript timingSafeEqual使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了timingSafeEqual函数的5个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的TypeScript代码示例。
示例1: verifyToken
public verifyToken(recivedToken: string, token2: string, decode = true) {
let tokenDecoded = true;
let expired = false;
if (decode) {
const enrollmentTokenSecret = this.framework.getSetting('encryptionKey');
try {
verifyToken(recivedToken, enrollmentTokenSecret);
tokenDecoded = true;
} catch (err) {
if (err.name === 'TokenExpiredError') {
expired = true;
}
tokenDecoded = false;
}
}
if (
typeof recivedToken !== 'string' ||
typeof token2 !== 'string' ||
recivedToken.length !== token2.length
) {
// This prevents a more subtle timing attack where we know already the tokens aren't going to
// match but still we don't return fast. Instead we compare two pre-generated random tokens using
// the same comparison algorithm that we would use to compare two equal-length tokens.
return {
expired,
verified:
timingSafeEqual(
Buffer.from(RANDOM_TOKEN_1, 'utf8'),
Buffer.from(RANDOM_TOKEN_2, 'utf8')
) && tokenDecoded,
};
}
return {
expired,
verified:
timingSafeEqual(Buffer.from(recivedToken, 'utf8'), Buffer.from(token2, 'utf8')) &&
tokenDecoded,
};
}
示例2: safeCompare
function safeCompare(a: Buffer, b: Buffer): boolean {
if (a.length !== b.length) {
return false;
}
if (timingSafeEqual) {
return timingSafeEqual(a, b);
} else {
let result = 0;
for (let i = 0; i < a.length; i++) {
result |= a[i] ^ b[i];
}
return result === 0;
}
}
示例3: decrypt
export function decrypt(encrypted: string, opts: Options): Either<string, string> {
const components = encrypted.split('.');
if (components.length !== 3) return left('Invalid payload');
setupKeys(opts);
const iv: Buffer = B.toBuffer(components[0]);
const ciphertext = B.toBuffer(components[1]);
const hmac = B.toBuffer(components[2]);
function cleanup() {
if (iv) zeroBuffer(iv);
if (ciphertext) zeroBuffer(ciphertext);
if (hmac) zeroBuffer(hmac);
if (expectedHmac) zeroBuffer(expectedHmac);
}
// make sure IV is right length
if (iv.length !== 16) {
cleanup();
return left('invalid iv length');
}
const expectedHmac = computeHmac(iv, ciphertext, opts);
if (!timingSafeEqual(hmac, expectedHmac)) {
cleanup();
return left('invalid signature');
}
const decipher = createDecipheriv(
opts.encryptionAlgorithm as string,
opts.encryptionKey,
iv
);
let plaintext = decipher.update(ciphertext, 'binary', 'utf8');
plaintext += decipher.final('utf8');
cleanup();
return right(plaintext);
}
示例4: Buffer
const decipher = crypto.createDecipheriv('aes-192-gcm', key, nonce);
decipher.setAuthTag(tag);
decipher.setAAD(aad, {
plaintextLength: ciphertext.length
});
const receivedPlaintext: string = decipher.update(ciphertext, null, 'utf8');
decipher.final();
}
{
// crypto_timingsafeequal_buffer_test
const buffer1: Buffer = new Buffer([1, 2, 3, 4, 5]);
const buffer2: Buffer = new Buffer([1, 2, 3, 4, 5]);
const buffer3: Buffer = new Buffer([5, 4, 3, 2, 1]);
assert(crypto.timingSafeEqual(buffer1, buffer2));
assert(!crypto.timingSafeEqual(buffer1, buffer3));
}
{
// crypto_timingsafeequal_uint32array_test
const arr1: Uint32Array = Uint32Array.of(1, 2, 3, 4, 5);
const arr2: Uint32Array = Uint32Array.of(1, 2, 3, 4, 5);
const arr3: Uint32Array = Uint32Array.of(5, 4, 3, 2, 1);
assert(crypto.timingSafeEqual(arr1, arr2));
assert(!crypto.timingSafeEqual(arr1, arr3));
}
{
// crypto_timingsafeequal_safe_typedarray_variant_test
示例5: Buffer
let decipher: crypto.Decipher = crypto.createDecipher("aes-128-ecb", key);
let decipherBuffers: Buffer[] = [];
decipherBuffers.push(decipher.update(cipherText));
decipherBuffers.push(decipher.final());
let clearText2: Buffer = Buffer.concat(decipherBuffers);
assert.deepEqual(clearText2, clearText);
}
{
let buffer1: Buffer = new Buffer([1, 2, 3, 4, 5]);
let buffer2: Buffer = new Buffer([1, 2, 3, 4, 5]);
let buffer3: Buffer = new Buffer([5, 4, 3, 2, 1]);
assert(crypto.timingSafeEqual(buffer1, buffer2))
assert(!crypto.timingSafeEqual(buffer1, buffer3))
}
}
//////////////////////////////////////////////////
/// TLS tests : http://nodejs.org/api/tls.html ///
//////////////////////////////////////////////////
namespace tls_tests {
var ctx: tls.SecureContext = tls.createSecureContext({
key: "NOT REALLY A KEY",
cert: "SOME CERTIFICATE",
});
var blah = ctx.context;