Created
June 2, 2021 14:57
-
-
Save kosecki123/5197494fc023a2130f70d1963706ceb8 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import { Body, Controller, Get, Post } from '@nestjs/common'; | |
import base64url from 'base64url'; | |
import { | |
arrayify, | |
hashMessage, | |
keccak256, | |
recoverAddress, | |
verifyMessage, | |
} from 'ethers/lib/utils'; | |
import { connect, JSONCodec } from 'nats'; | |
import * as crypto from 'crypto'; | |
export class PublishMessageDto { | |
fqcn: string; | |
payload: string; | |
signature: string; | |
} | |
var publicKey = | |
'-----BEGIN PUBLIC KEY-----\n' + | |
'MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCtTEic76GBqUetJ1XXrrWZcxd\n' + | |
'8vJr2raWRqBjbGpSzLqa3YLvVxVeK49iSlI+5uLX/2WFJdhKAWoqO+03oH4TDSup\n' + | |
'olzZrwMFSylxGwR5jPmoNHDMS3nnzUkBtdr3NCfq1C34fQV0iUGdlPtJaiiTBQPM\n' + | |
't4KUcQ1TaazB8TzhqwIDAQAB\n' + | |
'-----END PUBLIC KEY-----'; | |
@Controller() | |
export class AppController { | |
connection = connect({ servers: 'nats://localhost:4222', debug: true }); | |
@Post() | |
async postMessage(@Body() body: PublishMessageDto): Promise<void> { | |
const c = await this.connection; | |
const codec = JSONCodec(); | |
const res = this.verifyCrypto(body.signature, body, '0x0'); | |
console.log(res); | |
c.publish(body.fqcn, codec.encode(body.payload)); | |
} | |
private verifyCrypto( | |
messageSignature: string, | |
{ fqcn, payload }: PublishMessageDto, | |
user: string, | |
) { | |
const verifier = crypto.createVerify('sha256'); | |
verifier.update(JSON.stringify({ fqcn, payload })); | |
return verifier.verify(publicKey, messageSignature, 'hex'); | |
} | |
private verifySignature( | |
messageSignature: string, | |
{ fqcn, payload }: PublishMessageDto, | |
user: string, | |
): boolean { | |
const messageHash = hashMessage(JSON.stringify({ fqcn, payload })); | |
const address = verifyMessage(messageHash, messageSignature); | |
return address === user; | |
// const [ | |
// encodedHeader, | |
// encodedPayload, | |
// encodedSignature, | |
// ] = messageSignature.split('.'); | |
// const msg = `0x${Buffer.from(`${encodedHeader}.${encodedPayload}`).toString( | |
// 'hex', | |
// )}`; | |
// const hash = keccak256(msg); | |
// const signature = base64url.decode(encodedSignature); | |
// const addressFromHash = recoverAddress(arrayify(hash), signature); | |
// if (user === addressFromHash) { | |
// return true; | |
// } | |
// const digest = hashMessage(arrayify(hash)); | |
// const addressFromDigest = recoverAddress(arrayify(digest), signature); | |
// if (user === addressFromDigest) { | |
// return true; | |
// } | |
// return false; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment