Skip to content

Instantly share code, notes, and snippets.

@wvanbergen
Created September 15, 2011 20:37
  • Star 4 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save wvanbergen/1220401 to your computer and use it in GitHub Desktop.
MessageVerifier implementation for node.js
crypto = require 'crypto'
MessageVerifier =
serializer: JSON.stringify
deserializer: JSON.parse
generate: (data, secret, algorithm) ->
algorithm ?= 'sha1'
base64 = (new Buffer(MessageVerifier.serializer(data))).toString('base64')
hmac = crypto.createHmac(algorithm, secret)
hmac.update(base64)
"#{base64}--#{hmac.digest('hex')}"
verify: (message, secret, algorithm) ->
algorithm ?= 'sha1'
[data, signature] = message.split('--', 2)
hmac = crypto.createHmac(algorithm, secret)
hmac.update(data)
digest = hmac.digest('hex')
if digest == signature
return MessageVerifier.deserializer((new Buffer(data, 'base64')).toString('utf8'))
else
throw new Error("Invalid signature!")
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment