fix dependency

Author: 0x5e

README.md

@@ -167,7 +167,11 @@ try {
 If you want to do client side signature instead of server side (not recommend), you can use this.
 
 - `object` {Object} Object to be signed. The `object.sign_type` can specify `RSA` (default) or `RSA2`.
-- `privateKey` {String} Private key in `PKCS#8` format.
+- `privateKey` {String} Private key in `PKCS#1` or `PKCS#8` format.
+
+Note: 
+`PKCS#1` private key should have wrapped with `-----BEGIN RSA PRIVATE KEY-----` and `-----END RSA PRIVATE KEY-----`
+`PKCS#8` private key should have wrapped with `-----BEGIN PRIVATE KEY-----` and `-----END PRIVATE KEY-----`
 
 Returns The query string with signature. See [Process of signature](https://docs.open.alipay.com/291/106118) for detail.
 
@@ -184,7 +188,7 @@ let params = {
   timestamp: '2017-10-13 00:00:00',
   version: '1.0',
 };
-let privateKey = '...';
+let privateKey = '-----BEGIN RSA PRIVATE KEY-----\n' + ... + '\n-----END RSA PRIVATE KEY-----';
 let signedQuery = Alipay.sign(params, privateKey);
 console.info(signedQuery); // app_id=2183&biz_content=%7B%22scopes%22%3A%5B%22auth_base%22%5D%2C%22state%22%3A%22init%22%7D&method=alipay.user.info.auth&sign_type=RSA&timestamp=2017-10-13%2000%3A00%3A00&version=1.0&sign=xxxx
 ```

__tests__/sign.js

@@ -4,7 +4,7 @@ import QueryString from 'query-string';
 // 与RSA签名工具的计算结果进行比对
 // https://docs.open.alipay.com/291/106097
 
-test('signature verification (RSA)', () => {
+test('signature verification (RSA, PKCS#8)', () => {
 
   let params = {
     app_id: 2183,
@@ -16,15 +16,15 @@ test('signature verification (RSA)', () => {
     timestamp: '2017-10-13 00:00:00',
     version: '1.0',
   };
-  let privateKey = 'MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAKi/2yd6a4nJFUbPe9+Akf7Ve3WSVpMx7msObiFoAASReZ3kMGhNXLsYCz8mhh3XzhkM8cXE++ZnQ2wYKISPTbs3NVhrFc3jOkncxD+ADGV5k394+VrH+sih/Nnw6ATuD923wnMgAhtDUkz5n1NrlHhHOJthox6a0OXrHuXK+Q3rAgMBAAECgYBGzSB9Qt7l06mKqTk3ADHBMv72yGxsm9GFt2s7tu/y+rqFJZ2t1W+nzCHD4Dz7PnVpi0XRjaGG/SKLsuMlIx8gVEqubndAXoRbazzUn2b4ZDHmvhj73OFdszL4RV21VJ/AH0erGAID6cNN1LcvMZD15I0p+r8rndUxx69HpmHZCQJBANPtQCss/VX1X8PLiexAJ1AGuNQWNOak3vC3goDn1gZnWKqTthM3Siy5kPunmfOOz3qW+Sm5xv6DTEjkfo1SVDcCQQDL1+RTaGIeFMXBMYobNTKUOO4B2ewJrJWlFkZLYl7UizuFHghcyJ7METObrkTCeT11Vtv4Rohzi5TEATCHSiHtAkBUXFT22undldeRMSyuBrufd42Ln2tfhLHaULJ6bc8crXb2L+aCr7evJg84nfcCpQ6iVgbJPVKhbdKoEYzu5J7xAkEAyukEQra0fMcmtxIuLLk+uOcWnMclu9eNOsE6hg3M4fwa6n6jymB2GiLBYaYOkhuHvwcQfksPxxzZoGaivPlhXQJBAJQV9dsUfqkYk6/jVKLe1I9NDgR+A7pHVBIQ2TXKIFGnidXGcuvyvUjYhLI4quwemSTq77T/m3zcToiu5JRcLb8=';
+  let privateKey = '-----BEGIN PRIVATE KEY-----\nMIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAKi/2yd6a4nJFUbPe9+Akf7Ve3WSVpMx7msObiFoAASReZ3kMGhNXLsYCz8mhh3XzhkM8cXE++ZnQ2wYKISPTbs3NVhrFc3jOkncxD+ADGV5k394+VrH+sih/Nnw6ATuD923wnMgAhtDUkz5n1NrlHhHOJthox6a0OXrHuXK+Q3rAgMBAAECgYBGzSB9Qt7l06mKqTk3ADHBMv72yGxsm9GFt2s7tu/y+rqFJZ2t1W+nzCHD4Dz7PnVpi0XRjaGG/SKLsuMlIx8gVEqubndAXoRbazzUn2b4ZDHmvhj73OFdszL4RV21VJ/AH0erGAID6cNN1LcvMZD15I0p+r8rndUxx69HpmHZCQJBANPtQCss/VX1X8PLiexAJ1AGuNQWNOak3vC3goDn1gZnWKqTthM3Siy5kPunmfOOz3qW+Sm5xv6DTEjkfo1SVDcCQQDL1+RTaGIeFMXBMYobNTKUOO4B2ewJrJWlFkZLYl7UizuFHghcyJ7METObrkTCeT11Vtv4Rohzi5TEATCHSiHtAkBUXFT22undldeRMSyuBrufd42Ln2tfhLHaULJ6bc8crXb2L+aCr7evJg84nfcCpQ6iVgbJPVKhbdKoEYzu5J7xAkEAyukEQra0fMcmtxIuLLk+uOcWnMclu9eNOsE6hg3M4fwa6n6jymB2GiLBYaYOkhuHvwcQfksPxxzZoGaivPlhXQJBAJQV9dsUfqkYk6/jVKLe1I9NDgR+A7pHVBIQ2TXKIFGnidXGcuvyvUjYhLI4quwemSTq77T/m3zcToiu5JRcLb8=\n-----END PRIVATE KEY-----';
   let sign = 'Wc1HtMjDwLbWaGEhAzl6qaoHw01m5OpKAIAQxxJyCEjMyJ1bIwMlalB9ZJ09N8Fh3Df3T3qab2D3fI70Xaypo6xCECX0p9QvTMiPmSfzQQ5q21g/kpCseiQQcTe35BO96ufREGkFkDI8xQH+LsG6PLk6akxV8Ujdl47igYljdWk=';
 
   let signedQuery = Alipay.sign(params, privateKey);
   expect(QueryString.parse(signedQuery).sign).toBe(sign);
 
 });
 
-test('signature verification (RSA2)', () => {
+test('signature verification (RSA2, PKCS#1)', () => {
 
   let params = {
     app_id: 2183,
@@ -36,8 +36,8 @@ test('signature verification (RSA2)', () => {
     timestamp: '2017-10-13 00:00:00',
     version: '1.0',
   };
-  let privateKey = 'MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAKi/2yd6a4nJFUbPe9+Akf7Ve3WSVpMx7msObiFoAASReZ3kMGhNXLsYCz8mhh3XzhkM8cXE++ZnQ2wYKISPTbs3NVhrFc3jOkncxD+ADGV5k394+VrH+sih/Nnw6ATuD923wnMgAhtDUkz5n1NrlHhHOJthox6a0OXrHuXK+Q3rAgMBAAECgYBGzSB9Qt7l06mKqTk3ADHBMv72yGxsm9GFt2s7tu/y+rqFJZ2t1W+nzCHD4Dz7PnVpi0XRjaGG/SKLsuMlIx8gVEqubndAXoRbazzUn2b4ZDHmvhj73OFdszL4RV21VJ/AH0erGAID6cNN1LcvMZD15I0p+r8rndUxx69HpmHZCQJBANPtQCss/VX1X8PLiexAJ1AGuNQWNOak3vC3goDn1gZnWKqTthM3Siy5kPunmfOOz3qW+Sm5xv6DTEjkfo1SVDcCQQDL1+RTaGIeFMXBMYobNTKUOO4B2ewJrJWlFkZLYl7UizuFHghcyJ7METObrkTCeT11Vtv4Rohzi5TEATCHSiHtAkBUXFT22undldeRMSyuBrufd42Ln2tfhLHaULJ6bc8crXb2L+aCr7evJg84nfcCpQ6iVgbJPVKhbdKoEYzu5J7xAkEAyukEQra0fMcmtxIuLLk+uOcWnMclu9eNOsE6hg3M4fwa6n6jymB2GiLBYaYOkhuHvwcQfksPxxzZoGaivPlhXQJBAJQV9dsUfqkYk6/jVKLe1I9NDgR+A7pHVBIQ2TXKIFGnidXGcuvyvUjYhLI4quwemSTq77T/m3zcToiu5JRcLb8=';
-  let sign = 'nbmR+6zC1AgxTfStIM7Jv+mr5m1NNI92ojHAccPEHuZEQBF1d0xCZL42C+YkksYApAuk5C8Bk5qXW3Ovh4/zVO5uS0SydARn6ZGC4iSqe5r9qf3frG6M9Z/fEw9GGy2p5UodQ8Z4t084XTxRXF8qzqcOQk9w8a+JpUxLlZ3eykg=';
+  let privateKey = '-----BEGIN RSA PRIVATE KEY-----\nMIICXQIBAAKBgQDFe4S+eaRM61dNmTdCz7+Z6ZjZDI4DqSJV0slLoWTnRiKF7oMRHV4VdazkYAsjfmIU40TCY+vzGC5s+yVAjD/geDP65YzhPvO6vS4Lc4Dff8Yo2A8Opzz7hN8VSzJFuYhXDRfWVc01tAnLitAlOGBJJ+cDHg43JdYGGOok62/z2wIDAQABAoGAcU8c7DlZVzUVQ5Xsyi3vTr1kkO0OMvWBmOK30uhIwBZSyqv+kfxatk9tox+kZHoohrmcAzlX8YRnZup3BmEyaHKCiH/XovZEWT4FAHe0JNUVvSLv/3mqRoj44KXtJiWiJReHW+9P3FVX9i5fbrqgoJM5Shj6NgT/UhkuZxDaBDkCQQD7yt+cO11l8RMdBoBYsPtqRrMHJrSvjlDJwzg6NLHZIUWybNluZiD95mu56p+B48eDqA/hdwLxrZKaDdJTcYOdAkEAyMhQ4gpmfE+bzDNKZaJgRDzNSXnOwq8YLk96MhJjnAxy5OaPr5lhbdelS7xAcPz6ansxEJhvqcGrraQ+ZIun1wJBAKaL4W6Aod2tIPxg8YI4xoPcccy4IGnC09MxCr8NXdoGNQi5EPUCHq5yvCzEcW9EEBMYljCHPO5I5iB6JfXFrs0CQHTbWW/lu7Y4IyYa5/71HXA5rwVHlpXqkHlLmoQP/ddxy2D7676412K1sqe8ngjkw947atgM0FiNtpyuTf345isCQQCj/KflLqM7Po5q41nR7P3YpeumElgK5mPJAKn5azqUaWOK8IDDv8lxjq9wQp+lEYRpSdDMF+Y6ld9yOX8vDw36\n-----END RSA PRIVATE KEY-----';
+  let sign = 'MHuhxBxM+3ZSW4Mm4jmG2fqYCJgSlvBNqaDIYyfW4L+qldKtwDzcsGigtDdG0FI2QVqJYxXCI/yczaEzRXPdfCpqBBmNJ9DAl4kHPyIQq613Iu86AAM6IhwORzX73KBPgpZMO1uObY/Msu9m7sXre5yOzOzZYdGP08oLBmN4pqM=';
 
   let signedQuery = Alipay.sign(params, privateKey);
   expect(QueryString.parse(signedQuery).sign).toBe(sign);

index.js

@@ -1,5 +1,6 @@
 import { NativeModules } from 'react-native';
-import Crypto from 'browserify-sign';
+import { Buffer } from 'buffer';
+import RSASign from 'jsrsasign';
 
 const { Alipay } = NativeModules;
 
@@ -29,16 +30,12 @@ Alipay.sign = (object, privateKey) => {
     sortedQuery += `${(i === 0) ? '' : '&'}${encodeURIComponent(key)}=${encodeURIComponent(value)}`;
   }
 
-  // Add header & footer to private key
-  if (privateKey.indexOf('PRIVATE KEY') === -1) {
-    privateKey = `-----BEGIN PRIVATE KEY-----\n${privateKey}\n-----END PRIVATE KEY-----`;
-  }
-
   // Create signature
-  let algorithm = {RSA: 'RSA-SHA1', RSA2: 'RSA-SHA256'}[object.sign_type];
-  let sign = Crypto.createSign(algorithm)
-    .update(sortedQuery)
-    .sign(privateKey, 'base64');
+  let alg = {RSA: 'SHA1withRSA', RSA2: 'SHA256withRSA'}[object.sign_type];
+  let sig = new RSASign.KJUR.crypto.Signature({alg});
+  sig.init(RSASign.KEYUTIL.getKey(privateKey));
+  sig.updateString(sortedQuery);
+  let sign = Buffer.from(sig.sign(), 'hex').toString('base64');
 
   sortedQuery += `&sign=${encodeURIComponent(sign)}`;
   return sortedQuery;

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@0x5e/react-native-alipay",
-  "version": "0.2.0",
+  "version": "0.2.2",
   "description": "Alipay SDK for React Native. Support RN >= 0.47.",
   "main": "index.js",
   "scripts": {
@@ -21,13 +21,14 @@
   },
   "homepage": "https://github.com/0x5e/react-native-alipay",
   "devDependencies": {
-    "babel-core": "^6.0.0",
+    "babel-core": "^6.26.0",
     "babel-jest": "^21.2.0",
     "jest": "^21.2.1",
     "query-string": "^5.0.0",
-    "react-native": "0.20.0"
+    "react-native": "^0.20.0"
   },
   "dependencies": {
-    "browserify-sign": "^4.0.4"
+    "buffer": "^5.0.8",
+    "jsrsasign": "^8.0.4"
   }
 }