diff --git a/.eslintrc.json b/.eslintrc.json index a4143516..3142bc1a 100644 --- a/.eslintrc.json +++ b/.eslintrc.json @@ -16,7 +16,7 @@ "one-var": ["error", "never"], "no-duplicate-imports": "error", "no-use-before-define": "error", - "curly": "warn", + "curly": "error", "eqeqeq": ["warn", "smart"], "no-var": "warn", "prefer-const": "warn" diff --git a/example/example.js b/example/example.js index 76718cd3..50be46ca 100644 --- a/example/example.js +++ b/example/example.js @@ -24,7 +24,9 @@ function validateXml(xml, key) { sig.keyInfoProvider = new FileKeyInfo(key); sig.loadSignature(signature.toString()); var res = sig.checkSignature(xml); - if (!res) console.log(sig.validationErrors); + if (!res) { + console.log(sig.validationErrors); + } return res; } @@ -39,5 +41,8 @@ var signedXml = fs.readFileSync("result.xml").toString(); console.log("validating signature..."); //validate an xml document -if (validateXml(signedXml, "client_public.pem")) console.log("signature is valid"); -else console.log("signature not valid"); +if (validateXml(signedXml, "client_public.pem")) { + console.log("signature is valid"); +} else { + console.log("signature not valid"); +} diff --git a/lib/c14n-canonicalization.js b/lib/c14n-canonicalization.js index 9f3f592c..1e930e60 100644 --- a/lib/c14n-canonicalization.js +++ b/lib/c14n-canonicalization.js @@ -16,9 +16,13 @@ C14nCanonicalization.prototype.attrCompare = function (a, b) { var left = a.namespaceURI + a.localName; var right = b.namespaceURI + b.localName; - if (left === right) return 0; - else if (left < right) return -1; - else return 1; + if (left === right) { + return 0; + } else if (left < right) { + return -1; + } else { + return 1; + } }; C14nCanonicalization.prototype.nsCompare = function (a, b) { @@ -138,7 +142,9 @@ C14nCanonicalization.prototype.renderNs = function ( if (Array.isArray(ancestorNamespaces) && ancestorNamespaces.length > 0) { // Remove namespaces which are already present in nsListToRender for (var p1 in ancestorNamespaces) { - if (!ancestorNamespaces.hasOwnProperty(p1)) continue; + if (!ancestorNamespaces.hasOwnProperty(p1)) { + continue; + } var alreadyListed = false; for (var p2 in nsListToRender) { if ( diff --git a/lib/enveloped-signature.js b/lib/enveloped-signature.js index 47a1acde..718d896c 100644 --- a/lib/enveloped-signature.js +++ b/lib/enveloped-signature.js @@ -10,7 +10,9 @@ EnvelopedSignature.prototype.process = function (node, options) { "./*[local-name(.)='Signature' and namespace-uri(.)='http://www.w3.org/2000/09/xmldsig#']", node )[0]; - if (signature) signature.parentNode.removeChild(signature); + if (signature) { + signature.parentNode.removeChild(signature); + } return node; } var signatureNode = options.signatureNode; @@ -23,7 +25,9 @@ EnvelopedSignature.prototype.process = function (node, options) { node ); for (var h in signatures) { - if (!signatures.hasOwnProperty(h)) continue; + if (!signatures.hasOwnProperty(h)) { + continue; + } var nodeSignature = signatures[h]; var signatureValue = utils.findFirst( nodeSignature, diff --git a/lib/exclusive-canonicalization.js b/lib/exclusive-canonicalization.js index 4d97c1bb..20d36e9d 100644 --- a/lib/exclusive-canonicalization.js +++ b/lib/exclusive-canonicalization.js @@ -16,9 +16,13 @@ ExclusiveCanonicalization.prototype.attrCompare = function (a, b) { var left = a.namespaceURI + a.localName; var right = b.namespaceURI + b.localName; - if (left === right) return 0; - else if (left < right) return -1; - else return 1; + if (left === right) { + return 0; + } else if (left < right) { + return -1; + } else { + return 1; + } }; ExclusiveCanonicalization.prototype.nsCompare = function (a, b) { diff --git a/lib/signed-xml.js b/lib/signed-xml.js index 69c84ce7..ea6fbb8a 100644 --- a/lib/signed-xml.js +++ b/lib/signed-xml.js @@ -64,7 +64,9 @@ function RSASHA1() { var signer = crypto.createSign("RSA-SHA1"); signer.update(signedInfo); var res = signer.sign(signingKey, "base64"); - if (callback) callback(null, res); + if (callback) { + callback(null, res); + } return res; }; @@ -76,7 +78,9 @@ function RSASHA1() { var verifier = crypto.createVerify("RSA-SHA1"); verifier.update(str); var res = verifier.verify(key, signatureValue, "base64"); - if (callback) callback(null, res); + if (callback) { + callback(null, res); + } return res; }; @@ -98,7 +102,9 @@ function RSASHA256() { var signer = crypto.createSign("RSA-SHA256"); signer.update(signedInfo); var res = signer.sign(signingKey, "base64"); - if (callback) callback(null, res); + if (callback) { + callback(null, res); + } return res; }; @@ -110,7 +116,9 @@ function RSASHA256() { var verifier = crypto.createVerify("RSA-SHA256"); verifier.update(str); var res = verifier.verify(key, signatureValue, "base64"); - if (callback) callback(null, res); + if (callback) { + callback(null, res); + } return res; }; @@ -132,7 +140,9 @@ function RSASHA512() { var signer = crypto.createSign("RSA-SHA512"); signer.update(signedInfo); var res = signer.sign(signingKey, "base64"); - if (callback) callback(null, res); + if (callback) { + callback(null, res); + } return res; }; @@ -144,7 +154,9 @@ function RSASHA512() { var verifier = crypto.createVerify("RSA-SHA512"); verifier.update(str); var res = verifier.verify(key, signatureValue, "base64"); - if (callback) callback(null, res); + if (callback) { + callback(null, res); + } return res; }; @@ -239,7 +251,9 @@ function findAncestorNs(doc, docSubsetXpath, namespaceResolver) { var isUnique = true; for (var k = 0; k < subsetAttributes.length; k++) { var nodeName = subsetAttributes[k].nodeName; - if (nodeName.search(/^xmlns:/) === -1) continue; + if (nodeName.search(/^xmlns:/) === -1) { + continue; + } var prefix = nodeName.replace(/^xmlns:/, ""); if (ancestorNsWithoutDuplicate[j].prefix === prefix) { isUnique = false; @@ -315,7 +329,9 @@ function SignedXml(idMode, options) { this.validationErrors = []; this.keyInfo = null; this.idAttributes = ["Id", "ID", "id"]; - if (this.options.idAttribute) this.idAttributes.splice(0, 0, this.options.idAttribute); + if (this.options.idAttribute) { + this.idAttributes.splice(0, 0, this.options.idAttribute); + } this.implicitTransforms = this.options.implicitTransforms || []; } @@ -423,7 +439,9 @@ SignedXml.prototype.checkSignature = function (xml, callback) { SignedXml.prototype.getCanonSignedInfoXml = function (doc) { var signedInfo = utils.findChilds(this.signatureNode, "SignedInfo"); - if (signedInfo.length == 0) throw new Error("could not find SignedInfo element in the message"); + if (signedInfo.length == 0) { + throw new Error("could not find SignedInfo element in the message"); + } if ( this.canonicalizationAlgorithm === "http://www.w3.org/TR/2001/REC-xml-c14n-20010315" || @@ -469,10 +487,11 @@ SignedXml.prototype.validateSignatureValue = function (doc, callback) { var signedInfoCanon = this.getCanonSignedInfoXml(doc); var signer = this.findSignatureAlgorithm(this.signatureAlgorithm); var res = signer.verifySignature(signedInfoCanon, this.signingKey, this.signatureValue, callback); - if (!res && !callback) + if (!res && !callback) { this.validationErrors.push( "invalid signature: the signature value " + this.signatureValue + " is incorrect" ); + } return res; }; @@ -484,25 +503,36 @@ SignedXml.prototype.calculateSignatureValue = function (doc, callback) { SignedXml.prototype.findSignatureAlgorithm = function (name) { var algo = SignedXml.SignatureAlgorithms[name]; - if (algo) return new algo(); - else throw new Error("signature algorithm '" + name + "' is not supported"); + if (algo) { + return new algo(); + } else { + throw new Error("signature algorithm '" + name + "' is not supported"); + } }; SignedXml.prototype.findCanonicalizationAlgorithm = function (name) { var algo = SignedXml.CanonicalizationAlgorithms[name]; - if (algo) return new algo(); - else throw new Error("canonicalization algorithm '" + name + "' is not supported"); + if (algo) { + return new algo(); + } else { + throw new Error("canonicalization algorithm '" + name + "' is not supported"); + } }; SignedXml.prototype.findHashAlgorithm = function (name) { var algo = SignedXml.HashAlgorithms[name]; - if (algo) return new algo(); - else throw new Error("hash algorithm '" + name + "' is not supported"); + if (algo) { + return new algo(); + } else { + throw new Error("hash algorithm '" + name + "' is not supported"); + } }; SignedXml.prototype.validateReferences = function (doc) { for (var r in this.references) { - if (!this.references.hasOwnProperty(r)) continue; + if (!this.references.hasOwnProperty(r)) { + continue; + } var ref = this.references[r]; @@ -518,7 +548,9 @@ SignedXml.prototype.validateReferences = function (doc) { var elemXpath; var num_elements_for_id = 0; for (var index in this.idAttributes) { - if (!this.idAttributes.hasOwnProperty(index)) continue; + if (!this.idAttributes.hasOwnProperty(index)) { + continue; + } var tmp_elemXpath = "//*[@*[local-name(.)='" + this.idAttributes[index] + "']='" + uri + "']"; var tmp_elem = xpath.select(tmp_elemXpath, doc); @@ -582,8 +614,9 @@ SignedXml.prototype.loadSignature = function (signatureNode) { ".//*[local-name(.)='CanonicalizationMethod']/@Algorithm", signatureNode ); - if (nodes.length == 0) + if (nodes.length == 0) { throw new Error("could not find CanonicalizationMethod/@Algorithm element"); + } this.canonicalizationAlgorithm = nodes[0].value; this.signatureAlgorithm = utils.findFirst( @@ -596,10 +629,14 @@ SignedXml.prototype.loadSignature = function (signatureNode) { ".//*[local-name(.)='SignedInfo']/*[local-name(.)='Reference']", signatureNode ); - if (references.length == 0) throw new Error("could not find any Reference elements"); + if (references.length == 0) { + throw new Error("could not find any Reference elements"); + } for (var i in references) { - if (!references.hasOwnProperty(i)) continue; + if (!references.hasOwnProperty(i)) { + continue; + } this.loadReference(references[i]); } @@ -617,18 +654,21 @@ SignedXml.prototype.loadSignature = function (signatureNode) { */ SignedXml.prototype.loadReference = function (ref) { var nodes = utils.findChilds(ref, "DigestMethod"); - if (nodes.length == 0) + if (nodes.length == 0) { throw new Error("could not find DigestMethod in reference " + ref.toString()); + } var digestAlgoNode = nodes[0]; var attr = utils.findAttr(digestAlgoNode, "Algorithm"); - if (!attr) + if (!attr) { throw new Error("could not find Algorithm attribute in node " + digestAlgoNode.toString()); + } var digestAlgo = attr.value; nodes = utils.findChilds(ref, "DigestValue"); - if (nodes.length == 0) + if (nodes.length == 0) { throw new Error("could not find DigestValue node in reference " + ref.toString()); + } if (nodes[0].childNodes.length == 0 || !nodes[0].firstChild.data) { throw new Error("could not find the value of DigestValue in " + nodes[0].toString()); } @@ -641,7 +681,9 @@ SignedXml.prototype.loadReference = function (ref) { var transformsNode = nodes[0]; var transformsAll = utils.findChilds(transformsNode, "Transform"); for (var t in transformsAll) { - if (!transformsAll.hasOwnProperty(t)) continue; + if (!transformsAll.hasOwnProperty(t)) { + continue; + } var trans = transformsAll[t]; transforms.push(utils.findAttr(trans, "Algorithm").value); @@ -912,7 +954,9 @@ SignedXml.prototype.createReferences = function (doc, prefix) { prefix = prefix ? prefix + ":" : prefix; for (var n in this.references) { - if (!this.references.hasOwnProperty(n)) continue; + if (!this.references.hasOwnProperty(n)) { + continue; + } var ref = this.references[n]; var nodes = xpath.selectWithResolver(ref.xpath, doc, this.namespaceResolver); @@ -924,7 +968,9 @@ SignedXml.prototype.createReferences = function (doc, prefix) { } for (var h in nodes) { - if (!nodes.hasOwnProperty(h)) continue; + if (!nodes.hasOwnProperty(h)) { + continue; + } var node = nodes[h]; if (ref.isEmptyUri) { @@ -936,7 +982,9 @@ SignedXml.prototype.createReferences = function (doc, prefix) { } res += "<" + prefix + "Transforms>"; for (var t in ref.transforms) { - if (!ref.transforms.hasOwnProperty(t)) continue; + if (!ref.transforms.hasOwnProperty(t)) { + continue; + } var trans = ref.transforms[t]; var transform = this.findCanonicalizationAlgorithm(trans); @@ -991,7 +1039,9 @@ SignedXml.prototype.getCanonXml = function (transforms, node, options) { var canonXml = node.cloneNode(true); // Deep clone for (var t in transforms) { - if (!transforms.hasOwnProperty(t)) continue; + if (!transforms.hasOwnProperty(t)) { + continue; + } var transform = this.findCanonicalizationAlgorithm(transforms[t]); canonXml = transform.process(canonXml, options); @@ -1021,14 +1071,20 @@ SignedXml.prototype.ensureHasId = function (node) { ); } else { for (var index in this.idAttributes) { - if (!this.idAttributes.hasOwnProperty(index)) continue; + if (!this.idAttributes.hasOwnProperty(index)) { + continue; + } attr = utils.findAttr(node, this.idAttributes[index], null); - if (attr) break; + if (attr) { + break; + } } } - if (attr) return attr.value; + if (attr) { + return attr.value; + } //add the attribute var id = "_" + this.id++; diff --git a/lib/utils.js b/lib/utils.js index 1925e9b5..8f6858b3 100644 --- a/lib/utils.js +++ b/lib/utils.js @@ -27,7 +27,9 @@ function findAttr(node, localName, namespace) { function findFirst(doc, xpath) { var nodes = select(xpath, doc); - if (nodes.length == 0) throw "could not find xpath " + xpath; + if (nodes.length == 0) { + throw "could not find xpath " + xpath; + } return nodes[0]; } diff --git a/test/signature-unit-tests.js b/test/signature-unit-tests.js index b8edefff..f56e02aa 100644 --- a/test/signature-unit-tests.js +++ b/test/signature-unit-tests.js @@ -100,7 +100,9 @@ describe("Signature unit tests", function () { } function nodeExists(doc, xpath) { - if (!doc && !xpath) return; + if (!doc && !xpath) { + return; + } var node = select(xpath, doc); expect(node.length, "xpath " + xpath + " not found").to.equal(1); }