From 2a0692e9be85809d78e475e449559f87fb2dd338 Mon Sep 17 00:00:00 2001
From: Luk Lu <luk.lu@faronear.org>
Date: Thu, 20 Feb 2020 17:05:25 +0800
Subject: [PATCH] =?UTF-8?q?sign=E5=92=8Cverify=E5=BA=94=E5=BD=93=E5=AF=B9?=
 =?UTF-8?q?=E6=95=B0=E6=8D=AE=E7=9A=84=E5=93=88=E5=B8=8C=E8=BF=9B=E8=A1=8C?=
 =?UTF-8?q?=EF=BC=8C=E8=80=8C=E4=B8=8D=E6=98=AF=E5=AF=B9=E6=95=B0=E6=8D=AE?=
 =?UTF-8?q?=E6=9C=AC=E8=BA=AB=E3=80=82?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 dump.rdb | Bin 444 -> 444 bytes
 index.js |   9 +++------
 2 files changed, 3 insertions(+), 6 deletions(-)

diff --git a/dump.rdb b/dump.rdb
index 074c2d9aba151fac03ede324bc9d3426ecba5cca..54b72000f402406ef0d256ad6f7b31a3ed8b51e0 100644
GIT binary patch
delta 286
zcmdnPyoY&$fzU*6zqnr<rNyZ!y1A*jhXT|ECOR3^8yV}wC}kuTXT&I3#V92kSQsUx
zC7P#Mnp#>ISf(YJni?1x8(EsASR^N<B&Q@<8X6^A7@MY;Cs`O<BwHF;q?j9~T3VVU
zCZ<{@r6k5E)hh8Sg(Mn=Rymag7G`^dxMvp|dF2%(m8G~;6sK2KnMZh}X9i12F)%O)
z1F;_y0|R?fVoqXSaw_KqhKFBS{{!_`7?y-)CnuKY7nlV3T3Un|R%M1}`Q~~RL?tCw
zn3rb<!S$nP_j)vm(L^!5v^de(+}X=ABGSmx-8azGFFfBkA}`x4H8jQ2FrqYjawwxb
P=YMvuZAG7Ue#!&@B3@Yt

delta 314
zcmdnPyoY&$fzZ?gK5@S|N{drdbaPX44+(_vPjoV<H#F9XQOZax&WKU6icvDPOf@qw
zF)_ACGqy~zOf)vMG)cBJFiA;FOEoky0CA1eOiYrDO-(Hg%o7a_lFbs0)67iLOj3Xv
zjM7qKlxmfDl|pijoz3!HeKNd?-ArAhoB~`73kp)w{Ib$hjDjkBLvypFq!<_&gn^i!
ziGhJVDKRH8FFBR-0>i_}_KYU=6^^c%xq(TAVL_q!0eQ*pK1D?Zxd9eNl^G@ZKDiZM
zu5xlv?Z~<xF#OsQ$q1DA4|G9ZsYOayP+G2~w_~JJQl3+BWVWwkUWjvfu9I^~c9ClY
Z+y%%+03Gm^^*`r-*<Jl_=L)~I2LJ{}UKaoW

diff --git a/index.js b/index.js
index 9a48c4f..c065226 100644
--- a/index.js
+++ b/index.js
@@ -142,11 +142,10 @@ module.exports = {
     if (this.isHashable(data) && this.isSeckey(seckey) && seckey.length===64) { // 纯 crypto
       let seckeyPEM = await new keyman.Key('oct', this.hex2buf(seckey), {namedCurve:'P-256K'}).export('pem')
       let hasher=my.HASHER_LIST.indexOf(option.hasher)>=0?option.hasher:my.HASHER
-      let inputEncoding=my.INPUT_LIST.indexOf(option.input)>=0?option.input:my.INPUT // 'utf8', 'ascii' or 'latin1' for string data, default to utf8 if not specified; ignored for Buffer, TypedArray, or DataView.
       let outputEncoding=(option.output==='buf')?undefined:(my.OUTPUT_LIST.indexOf(option.output)>=0?option.output:my.OUTPUT)
       let signer=crypto.createSign(hasher)
-      signer.update(data, inputEncoding).end()
-      let signature = signer.sign(seckeyPEM, outputEncoding)
+      signer.update(this.hash(data, option)).end()
+      let signature = signer.sign(seckeyPEM, 'hex')
       return signature // 发现同样的输入，每次调用会生成不同的 signature, 且长度不定(140~144 hex) 但都可以通过 verify。有一次我竟然徒手修改出一个新签名也通过验证。
     }
     if (this.isHashable(data) && this.isSeckey(seckey) && seckey.length===128) { // 使用nacl的签名算法。注意，nacl.sign需要的seckey是64字节=128字符。
@@ -162,10 +161,8 @@ module.exports = {
     if (this.isHashable(data) && this.isSignature(signature) && this.isPubkey(pubkey) && signature.length>=140){ // 纯 crypto
       let pubkeyPEM = await new keyman.Key('oct', this.hex2buf(pubkey), {namedCurve:'P-256K'}).export('pem')
       let hasher=my.HASHER_LIST.indexOf(option.hasher)>=0?option.hasher:my.HASHER
-      let inputEncoding=my.INPUT_LIST.indexOf(option.input)>=0?option.input:my.INPUT // 'utf8', 'ascii' or 'latin1' for string data, default to utf8 if not specified; ignored for Buffer, TypedArray, or DataView.
-      let outputEncoding=(option.output==='buf')?undefined:(my.OUTPUT_LIST.indexOf(option.output)>=0?option.output:my.OUTPUT)
       let verifier = crypto.createVerify(hasher)
-      verifier.update(data, inputEncoding).end() // end() 在 nodejs 12 里返回verifier自身，但在浏览器里返回 undefined，因此不能串联运行。
+      verifier.update(this.hash(data, option)).end() // end() 在 nodejs 12 里返回verifier自身，但在浏览器里返回 undefined，因此不能串联运行。
       let verified = verifier.verify(pubkeyPEM, signature, 'hex')
       return verified
     }