Support for HMAC signatures on UMF messages (#159)

Author: cjus

lib/umfmessage.js

@@ -1,7 +1,8 @@
 'use strict';
 
 const uuid = require('uuid');
-const UMF_VERSION = 'UMF/1.4.5';
+const crypto = require('crypto');
+const UMF_VERSION = 'UMF/1.4.6';
 
 /**
 * @name UMFMessage
@@ -45,6 +46,20 @@ class UMFMessage {
     return (Math.floor(Math.random() * Number.MAX_SAFE_INTEGER)).toString(36);
   }
 
+  /**
+  * @name signMessage
+  * @summary sign message with cryptographic signature
+  * @param {string} algo - such as 'sha256'
+  * @param {string} sharedSecret - shared secret
+  * @return {undefined}
+  */
+  signMessage(algo, sharedSecret) {
+    (this.message.signature) && delete this.message.signature;
+    this.message.signature = crypto
+      .createHmac(algo, sharedSecret)
+      .update(JSON.stringify(this.message))
+      .digest('hex');
+  }
 
   /**
   * @name toJSON
@@ -76,6 +91,9 @@ class UMFMessage {
     if (this.message['rmid']) {
       message['rmid'] = this.message['rmid'];
     }
+    if (this.message['signature']) {
+      message['sig'] = this.message['signature'];
+    }
     if (this.message['timeout']) {
       message['tmo'] = this.message['timeout'];
     }
@@ -147,6 +165,9 @@ function createMessageInstance(message) {
   if (message.rmid) {
     proxy.rmid = message.rmid;
   }
+  if (message.signature || message.sig) {
+    proxy.signature = message.signature || message.sig;
+  }
   if (message.timeout || message.tmo) {
     proxy.timeout = message.timeout || message.tmo;
   }

package.json

@@ -1,6 +1,6 @@
 {
   "name": "hydra",
-  "version": "1.4.27",
+  "version": "1.4.28",
   "license": "MIT",
   "author": "Carlos Justiniano",
   "contributors": "https://github.com/flywheelsports/hydra/graphs/contributors",