Template Upload
This commit is contained in:
73
node_modules/sshpk/lib/formats/auto.js
generated
vendored
Normal file
73
node_modules/sshpk/lib/formats/auto.js
generated
vendored
Normal file
@ -0,0 +1,73 @@
|
||||
// Copyright 2015 Joyent, Inc.
|
||||
|
||||
module.exports = {
|
||||
read: read,
|
||||
write: write
|
||||
};
|
||||
|
||||
var assert = require('assert-plus');
|
||||
var utils = require('../utils');
|
||||
var Key = require('../key');
|
||||
var PrivateKey = require('../private-key');
|
||||
|
||||
var pem = require('./pem');
|
||||
var ssh = require('./ssh');
|
||||
var rfc4253 = require('./rfc4253');
|
||||
|
||||
function read(buf, options) {
|
||||
if (typeof (buf) === 'string') {
|
||||
if (buf.trim().match(/^[-]+[ ]*BEGIN/))
|
||||
return (pem.read(buf, options));
|
||||
if (buf.match(/^\s*ssh-[a-z]/))
|
||||
return (ssh.read(buf, options));
|
||||
if (buf.match(/^\s*ecdsa-/))
|
||||
return (ssh.read(buf, options));
|
||||
buf = new Buffer(buf, 'binary');
|
||||
} else {
|
||||
assert.buffer(buf);
|
||||
if (findPEMHeader(buf))
|
||||
return (pem.read(buf, options));
|
||||
if (findSSHHeader(buf))
|
||||
return (ssh.read(buf, options));
|
||||
}
|
||||
if (buf.readUInt32BE(0) < buf.length)
|
||||
return (rfc4253.read(buf, options));
|
||||
throw (new Error('Failed to auto-detect format of key'));
|
||||
}
|
||||
|
||||
function findSSHHeader(buf) {
|
||||
var offset = 0;
|
||||
while (offset < buf.length &&
|
||||
(buf[offset] === 32 || buf[offset] === 10 || buf[offset] === 9))
|
||||
++offset;
|
||||
if (offset + 4 <= buf.length &&
|
||||
buf.slice(offset, offset + 4).toString('ascii') === 'ssh-')
|
||||
return (true);
|
||||
if (offset + 6 <= buf.length &&
|
||||
buf.slice(offset, offset + 6).toString('ascii') === 'ecdsa-')
|
||||
return (true);
|
||||
return (false);
|
||||
}
|
||||
|
||||
function findPEMHeader(buf) {
|
||||
var offset = 0;
|
||||
while (offset < buf.length &&
|
||||
(buf[offset] === 32 || buf[offset] === 10))
|
||||
++offset;
|
||||
if (buf[offset] !== 45)
|
||||
return (false);
|
||||
while (offset < buf.length &&
|
||||
(buf[offset] === 45))
|
||||
++offset;
|
||||
while (offset < buf.length &&
|
||||
(buf[offset] === 32))
|
||||
++offset;
|
||||
if (offset + 5 > buf.length ||
|
||||
buf.slice(offset, offset + 5).toString('ascii') !== 'BEGIN')
|
||||
return (false);
|
||||
return (true);
|
||||
}
|
||||
|
||||
function write(key, options) {
|
||||
throw (new Error('"auto" format cannot be used for writing'));
|
||||
}
|
322
node_modules/sshpk/lib/formats/openssh-cert.js
generated
vendored
Normal file
322
node_modules/sshpk/lib/formats/openssh-cert.js
generated
vendored
Normal file
@ -0,0 +1,322 @@
|
||||
// Copyright 2017 Joyent, Inc.
|
||||
|
||||
module.exports = {
|
||||
read: read,
|
||||
verify: verify,
|
||||
sign: sign,
|
||||
signAsync: signAsync,
|
||||
write: write,
|
||||
|
||||
/* Internal private API */
|
||||
fromBuffer: fromBuffer,
|
||||
toBuffer: toBuffer
|
||||
};
|
||||
|
||||
var assert = require('assert-plus');
|
||||
var SSHBuffer = require('../ssh-buffer');
|
||||
var crypto = require('crypto');
|
||||
var algs = require('../algs');
|
||||
var Key = require('../key');
|
||||
var PrivateKey = require('../private-key');
|
||||
var Identity = require('../identity');
|
||||
var rfc4253 = require('./rfc4253');
|
||||
var Signature = require('../signature');
|
||||
var utils = require('../utils');
|
||||
var Certificate = require('../certificate');
|
||||
|
||||
function verify(cert, key) {
|
||||
/*
|
||||
* We always give an issuerKey, so if our verify() is being called then
|
||||
* there was no signature. Return false.
|
||||
*/
|
||||
return (false);
|
||||
}
|
||||
|
||||
var TYPES = {
|
||||
'user': 1,
|
||||
'host': 2
|
||||
};
|
||||
Object.keys(TYPES).forEach(function (k) { TYPES[TYPES[k]] = k; });
|
||||
|
||||
var ECDSA_ALGO = /^ecdsa-sha2-([^@-]+)-cert-v01@openssh.com$/;
|
||||
|
||||
function read(buf, options) {
|
||||
if (Buffer.isBuffer(buf))
|
||||
buf = buf.toString('ascii');
|
||||
var parts = buf.trim().split(/[ \t\n]+/g);
|
||||
if (parts.length < 2 || parts.length > 3)
|
||||
throw (new Error('Not a valid SSH certificate line'));
|
||||
|
||||
var algo = parts[0];
|
||||
var data = parts[1];
|
||||
|
||||
data = new Buffer(data, 'base64');
|
||||
return (fromBuffer(data, algo));
|
||||
}
|
||||
|
||||
function fromBuffer(data, algo, partial) {
|
||||
var sshbuf = new SSHBuffer({ buffer: data });
|
||||
var innerAlgo = sshbuf.readString();
|
||||
if (algo !== undefined && innerAlgo !== algo)
|
||||
throw (new Error('SSH certificate algorithm mismatch'));
|
||||
if (algo === undefined)
|
||||
algo = innerAlgo;
|
||||
|
||||
var cert = {};
|
||||
cert.signatures = {};
|
||||
cert.signatures.openssh = {};
|
||||
|
||||
cert.signatures.openssh.nonce = sshbuf.readBuffer();
|
||||
|
||||
var key = {};
|
||||
var parts = (key.parts = []);
|
||||
key.type = getAlg(algo);
|
||||
|
||||
var partCount = algs.info[key.type].parts.length;
|
||||
while (parts.length < partCount)
|
||||
parts.push(sshbuf.readPart());
|
||||
assert.ok(parts.length >= 1, 'key must have at least one part');
|
||||
|
||||
var algInfo = algs.info[key.type];
|
||||
if (key.type === 'ecdsa') {
|
||||
var res = ECDSA_ALGO.exec(algo);
|
||||
assert.ok(res !== null);
|
||||
assert.strictEqual(res[1], parts[0].data.toString());
|
||||
}
|
||||
|
||||
for (var i = 0; i < algInfo.parts.length; ++i) {
|
||||
parts[i].name = algInfo.parts[i];
|
||||
if (parts[i].name !== 'curve' &&
|
||||
algInfo.normalize !== false) {
|
||||
var p = parts[i];
|
||||
p.data = utils.mpNormalize(p.data);
|
||||
}
|
||||
}
|
||||
|
||||
cert.subjectKey = new Key(key);
|
||||
|
||||
cert.serial = sshbuf.readInt64();
|
||||
|
||||
var type = TYPES[sshbuf.readInt()];
|
||||
assert.string(type, 'valid cert type');
|
||||
|
||||
cert.signatures.openssh.keyId = sshbuf.readString();
|
||||
|
||||
var principals = [];
|
||||
var pbuf = sshbuf.readBuffer();
|
||||
var psshbuf = new SSHBuffer({ buffer: pbuf });
|
||||
while (!psshbuf.atEnd())
|
||||
principals.push(psshbuf.readString());
|
||||
if (principals.length === 0)
|
||||
principals = ['*'];
|
||||
|
||||
cert.subjects = principals.map(function (pr) {
|
||||
if (type === 'user')
|
||||
return (Identity.forUser(pr));
|
||||
else if (type === 'host')
|
||||
return (Identity.forHost(pr));
|
||||
throw (new Error('Unknown identity type ' + type));
|
||||
});
|
||||
|
||||
cert.validFrom = int64ToDate(sshbuf.readInt64());
|
||||
cert.validUntil = int64ToDate(sshbuf.readInt64());
|
||||
|
||||
cert.signatures.openssh.critical = sshbuf.readBuffer();
|
||||
cert.signatures.openssh.exts = sshbuf.readBuffer();
|
||||
|
||||
/* reserved */
|
||||
sshbuf.readBuffer();
|
||||
|
||||
var signingKeyBuf = sshbuf.readBuffer();
|
||||
cert.issuerKey = rfc4253.read(signingKeyBuf);
|
||||
|
||||
/*
|
||||
* OpenSSH certs don't give the identity of the issuer, just their
|
||||
* public key. So, we use an Identity that matches anything. The
|
||||
* isSignedBy() function will later tell you if the key matches.
|
||||
*/
|
||||
cert.issuer = Identity.forHost('**');
|
||||
|
||||
var sigBuf = sshbuf.readBuffer();
|
||||
cert.signatures.openssh.signature =
|
||||
Signature.parse(sigBuf, cert.issuerKey.type, 'ssh');
|
||||
|
||||
if (partial !== undefined) {
|
||||
partial.remainder = sshbuf.remainder();
|
||||
partial.consumed = sshbuf._offset;
|
||||
}
|
||||
|
||||
return (new Certificate(cert));
|
||||
}
|
||||
|
||||
function int64ToDate(buf) {
|
||||
var i = buf.readUInt32BE(0) * 4294967296;
|
||||
i += buf.readUInt32BE(4);
|
||||
var d = new Date();
|
||||
d.setTime(i * 1000);
|
||||
d.sourceInt64 = buf;
|
||||
return (d);
|
||||
}
|
||||
|
||||
function dateToInt64(date) {
|
||||
if (date.sourceInt64 !== undefined)
|
||||
return (date.sourceInt64);
|
||||
var i = Math.round(date.getTime() / 1000);
|
||||
var upper = Math.floor(i / 4294967296);
|
||||
var lower = Math.floor(i % 4294967296);
|
||||
var buf = new Buffer(8);
|
||||
buf.writeUInt32BE(upper, 0);
|
||||
buf.writeUInt32BE(lower, 4);
|
||||
return (buf);
|
||||
}
|
||||
|
||||
function sign(cert, key) {
|
||||
if (cert.signatures.openssh === undefined)
|
||||
cert.signatures.openssh = {};
|
||||
try {
|
||||
var blob = toBuffer(cert, true);
|
||||
} catch (e) {
|
||||
delete (cert.signatures.openssh);
|
||||
return (false);
|
||||
}
|
||||
var sig = cert.signatures.openssh;
|
||||
var hashAlgo = undefined;
|
||||
if (key.type === 'rsa' || key.type === 'dsa')
|
||||
hashAlgo = 'sha1';
|
||||
var signer = key.createSign(hashAlgo);
|
||||
signer.write(blob);
|
||||
sig.signature = signer.sign();
|
||||
return (true);
|
||||
}
|
||||
|
||||
function signAsync(cert, signer, done) {
|
||||
if (cert.signatures.openssh === undefined)
|
||||
cert.signatures.openssh = {};
|
||||
try {
|
||||
var blob = toBuffer(cert, true);
|
||||
} catch (e) {
|
||||
delete (cert.signatures.openssh);
|
||||
done(e);
|
||||
return;
|
||||
}
|
||||
var sig = cert.signatures.openssh;
|
||||
|
||||
signer(blob, function (err, signature) {
|
||||
if (err) {
|
||||
done(err);
|
||||
return;
|
||||
}
|
||||
try {
|
||||
/*
|
||||
* This will throw if the signature isn't of a
|
||||
* type/algo that can be used for SSH.
|
||||
*/
|
||||
signature.toBuffer('ssh');
|
||||
} catch (e) {
|
||||
done(e);
|
||||
return;
|
||||
}
|
||||
sig.signature = signature;
|
||||
done();
|
||||
});
|
||||
}
|
||||
|
||||
function write(cert, options) {
|
||||
if (options === undefined)
|
||||
options = {};
|
||||
|
||||
var blob = toBuffer(cert);
|
||||
var out = getCertType(cert.subjectKey) + ' ' + blob.toString('base64');
|
||||
if (options.comment)
|
||||
out = out + ' ' + options.comment;
|
||||
return (out);
|
||||
}
|
||||
|
||||
|
||||
function toBuffer(cert, noSig) {
|
||||
assert.object(cert.signatures.openssh, 'signature for openssh format');
|
||||
var sig = cert.signatures.openssh;
|
||||
|
||||
if (sig.nonce === undefined)
|
||||
sig.nonce = crypto.randomBytes(16);
|
||||
var buf = new SSHBuffer({});
|
||||
buf.writeString(getCertType(cert.subjectKey));
|
||||
buf.writeBuffer(sig.nonce);
|
||||
|
||||
var key = cert.subjectKey;
|
||||
var algInfo = algs.info[key.type];
|
||||
algInfo.parts.forEach(function (part) {
|
||||
buf.writePart(key.part[part]);
|
||||
});
|
||||
|
||||
buf.writeInt64(cert.serial);
|
||||
|
||||
var type = cert.subjects[0].type;
|
||||
assert.notStrictEqual(type, 'unknown');
|
||||
cert.subjects.forEach(function (id) {
|
||||
assert.strictEqual(id.type, type);
|
||||
});
|
||||
type = TYPES[type];
|
||||
buf.writeInt(type);
|
||||
|
||||
if (sig.keyId === undefined) {
|
||||
sig.keyId = cert.subjects[0].type + '_' +
|
||||
(cert.subjects[0].uid || cert.subjects[0].hostname);
|
||||
}
|
||||
buf.writeString(sig.keyId);
|
||||
|
||||
var sub = new SSHBuffer({});
|
||||
cert.subjects.forEach(function (id) {
|
||||
if (type === TYPES.host)
|
||||
sub.writeString(id.hostname);
|
||||
else if (type === TYPES.user)
|
||||
sub.writeString(id.uid);
|
||||
});
|
||||
buf.writeBuffer(sub.toBuffer());
|
||||
|
||||
buf.writeInt64(dateToInt64(cert.validFrom));
|
||||
buf.writeInt64(dateToInt64(cert.validUntil));
|
||||
|
||||
if (sig.critical === undefined)
|
||||
sig.critical = new Buffer(0);
|
||||
buf.writeBuffer(sig.critical);
|
||||
|
||||
if (sig.exts === undefined)
|
||||
sig.exts = new Buffer(0);
|
||||
buf.writeBuffer(sig.exts);
|
||||
|
||||
/* reserved */
|
||||
buf.writeBuffer(new Buffer(0));
|
||||
|
||||
sub = rfc4253.write(cert.issuerKey);
|
||||
buf.writeBuffer(sub);
|
||||
|
||||
if (!noSig)
|
||||
buf.writeBuffer(sig.signature.toBuffer('ssh'));
|
||||
|
||||
return (buf.toBuffer());
|
||||
}
|
||||
|
||||
function getAlg(certType) {
|
||||
if (certType === 'ssh-rsa-cert-v01@openssh.com')
|
||||
return ('rsa');
|
||||
if (certType === 'ssh-dss-cert-v01@openssh.com')
|
||||
return ('dsa');
|
||||
if (certType.match(ECDSA_ALGO))
|
||||
return ('ecdsa');
|
||||
if (certType === 'ssh-ed25519-cert-v01@openssh.com')
|
||||
return ('ed25519');
|
||||
throw (new Error('Unsupported cert type ' + certType));
|
||||
}
|
||||
|
||||
function getCertType(key) {
|
||||
if (key.type === 'rsa')
|
||||
return ('ssh-rsa-cert-v01@openssh.com');
|
||||
if (key.type === 'dsa')
|
||||
return ('ssh-dss-cert-v01@openssh.com');
|
||||
if (key.type === 'ecdsa')
|
||||
return ('ecdsa-sha2-' + key.curve + '-cert-v01@openssh.com');
|
||||
if (key.type === 'ed25519')
|
||||
return ('ssh-ed25519-cert-v01@openssh.com');
|
||||
throw (new Error('Unsupported key type ' + key.type));
|
||||
}
|
186
node_modules/sshpk/lib/formats/pem.js
generated
vendored
Normal file
186
node_modules/sshpk/lib/formats/pem.js
generated
vendored
Normal file
@ -0,0 +1,186 @@
|
||||
// Copyright 2015 Joyent, Inc.
|
||||
|
||||
module.exports = {
|
||||
read: read,
|
||||
write: write
|
||||
};
|
||||
|
||||
var assert = require('assert-plus');
|
||||
var asn1 = require('asn1');
|
||||
var crypto = require('crypto');
|
||||
var algs = require('../algs');
|
||||
var utils = require('../utils');
|
||||
var Key = require('../key');
|
||||
var PrivateKey = require('../private-key');
|
||||
|
||||
var pkcs1 = require('./pkcs1');
|
||||
var pkcs8 = require('./pkcs8');
|
||||
var sshpriv = require('./ssh-private');
|
||||
var rfc4253 = require('./rfc4253');
|
||||
|
||||
var errors = require('../errors');
|
||||
|
||||
/*
|
||||
* For reading we support both PKCS#1 and PKCS#8. If we find a private key,
|
||||
* we just take the public component of it and use that.
|
||||
*/
|
||||
function read(buf, options, forceType) {
|
||||
var input = buf;
|
||||
if (typeof (buf) !== 'string') {
|
||||
assert.buffer(buf, 'buf');
|
||||
buf = buf.toString('ascii');
|
||||
}
|
||||
|
||||
var lines = buf.trim().split('\n');
|
||||
|
||||
var m = lines[0].match(/*JSSTYLED*/
|
||||
/[-]+[ ]*BEGIN ([A-Z0-9]+ )?(PUBLIC|PRIVATE) KEY[ ]*[-]+/);
|
||||
assert.ok(m, 'invalid PEM header');
|
||||
|
||||
var m2 = lines[lines.length - 1].match(/*JSSTYLED*/
|
||||
/[-]+[ ]*END ([A-Z0-9]+ )?(PUBLIC|PRIVATE) KEY[ ]*[-]+/);
|
||||
assert.ok(m2, 'invalid PEM footer');
|
||||
|
||||
/* Begin and end banners must match key type */
|
||||
assert.equal(m[2], m2[2]);
|
||||
var type = m[2].toLowerCase();
|
||||
|
||||
var alg;
|
||||
if (m[1]) {
|
||||
/* They also must match algorithms, if given */
|
||||
assert.equal(m[1], m2[1], 'PEM header and footer mismatch');
|
||||
alg = m[1].trim();
|
||||
}
|
||||
|
||||
var headers = {};
|
||||
while (true) {
|
||||
lines = lines.slice(1);
|
||||
m = lines[0].match(/*JSSTYLED*/
|
||||
/^([A-Za-z0-9-]+): (.+)$/);
|
||||
if (!m)
|
||||
break;
|
||||
headers[m[1].toLowerCase()] = m[2];
|
||||
}
|
||||
|
||||
var cipher, key, iv;
|
||||
if (headers['proc-type']) {
|
||||
var parts = headers['proc-type'].split(',');
|
||||
if (parts[0] === '4' && parts[1] === 'ENCRYPTED') {
|
||||
if (typeof (options.passphrase) === 'string') {
|
||||
options.passphrase = new Buffer(
|
||||
options.passphrase, 'utf-8');
|
||||
}
|
||||
if (!Buffer.isBuffer(options.passphrase)) {
|
||||
throw (new errors.KeyEncryptedError(
|
||||
options.filename, 'PEM'));
|
||||
} else {
|
||||
parts = headers['dek-info'].split(',');
|
||||
assert.ok(parts.length === 2);
|
||||
cipher = parts[0].toLowerCase();
|
||||
iv = new Buffer(parts[1], 'hex');
|
||||
key = utils.opensslKeyDeriv(cipher, iv,
|
||||
options.passphrase, 1).key;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/* Chop off the first and last lines */
|
||||
lines = lines.slice(0, -1).join('');
|
||||
buf = new Buffer(lines, 'base64');
|
||||
|
||||
if (cipher && key && iv) {
|
||||
var cipherStream = crypto.createDecipheriv(cipher, key, iv);
|
||||
var chunk, chunks = [];
|
||||
cipherStream.once('error', function (e) {
|
||||
if (e.toString().indexOf('bad decrypt') !== -1) {
|
||||
throw (new Error('Incorrect passphrase ' +
|
||||
'supplied, could not decrypt key'));
|
||||
}
|
||||
throw (e);
|
||||
});
|
||||
cipherStream.write(buf);
|
||||
cipherStream.end();
|
||||
while ((chunk = cipherStream.read()) !== null)
|
||||
chunks.push(chunk);
|
||||
buf = Buffer.concat(chunks);
|
||||
}
|
||||
|
||||
/* The new OpenSSH internal format abuses PEM headers */
|
||||
if (alg && alg.toLowerCase() === 'openssh')
|
||||
return (sshpriv.readSSHPrivate(type, buf, options));
|
||||
if (alg && alg.toLowerCase() === 'ssh2')
|
||||
return (rfc4253.readType(type, buf, options));
|
||||
|
||||
var der = new asn1.BerReader(buf);
|
||||
der.originalInput = input;
|
||||
|
||||
/*
|
||||
* All of the PEM file types start with a sequence tag, so chop it
|
||||
* off here
|
||||
*/
|
||||
der.readSequence();
|
||||
|
||||
/* PKCS#1 type keys name an algorithm in the banner explicitly */
|
||||
if (alg) {
|
||||
if (forceType)
|
||||
assert.strictEqual(forceType, 'pkcs1');
|
||||
return (pkcs1.readPkcs1(alg, type, der));
|
||||
} else {
|
||||
if (forceType)
|
||||
assert.strictEqual(forceType, 'pkcs8');
|
||||
return (pkcs8.readPkcs8(alg, type, der));
|
||||
}
|
||||
}
|
||||
|
||||
function write(key, options, type) {
|
||||
assert.object(key);
|
||||
|
||||
var alg = {'ecdsa': 'EC', 'rsa': 'RSA', 'dsa': 'DSA'}[key.type];
|
||||
var header;
|
||||
|
||||
var der = new asn1.BerWriter();
|
||||
|
||||
if (PrivateKey.isPrivateKey(key)) {
|
||||
if (type && type === 'pkcs8') {
|
||||
header = 'PRIVATE KEY';
|
||||
pkcs8.writePkcs8(der, key);
|
||||
} else {
|
||||
if (type)
|
||||
assert.strictEqual(type, 'pkcs1');
|
||||
header = alg + ' PRIVATE KEY';
|
||||
pkcs1.writePkcs1(der, key);
|
||||
}
|
||||
|
||||
} else if (Key.isKey(key)) {
|
||||
if (type && type === 'pkcs1') {
|
||||
header = alg + ' PUBLIC KEY';
|
||||
pkcs1.writePkcs1(der, key);
|
||||
} else {
|
||||
if (type)
|
||||
assert.strictEqual(type, 'pkcs8');
|
||||
header = 'PUBLIC KEY';
|
||||
pkcs8.writePkcs8(der, key);
|
||||
}
|
||||
|
||||
} else {
|
||||
throw (new Error('key is not a Key or PrivateKey'));
|
||||
}
|
||||
|
||||
var tmp = der.buffer.toString('base64');
|
||||
var len = tmp.length + (tmp.length / 64) +
|
||||
18 + 16 + header.length*2 + 10;
|
||||
var buf = new Buffer(len);
|
||||
var o = 0;
|
||||
o += buf.write('-----BEGIN ' + header + '-----\n', o);
|
||||
for (var i = 0; i < tmp.length; ) {
|
||||
var limit = i + 64;
|
||||
if (limit > tmp.length)
|
||||
limit = tmp.length;
|
||||
o += buf.write(tmp.slice(i, limit), o);
|
||||
buf[o++] = 10;
|
||||
i = limit;
|
||||
}
|
||||
o += buf.write('-----END ' + header + '-----\n', o);
|
||||
|
||||
return (buf.slice(0, o));
|
||||
}
|
320
node_modules/sshpk/lib/formats/pkcs1.js
generated
vendored
Normal file
320
node_modules/sshpk/lib/formats/pkcs1.js
generated
vendored
Normal file
@ -0,0 +1,320 @@
|
||||
// Copyright 2015 Joyent, Inc.
|
||||
|
||||
module.exports = {
|
||||
read: read,
|
||||
readPkcs1: readPkcs1,
|
||||
write: write,
|
||||
writePkcs1: writePkcs1
|
||||
};
|
||||
|
||||
var assert = require('assert-plus');
|
||||
var asn1 = require('asn1');
|
||||
var algs = require('../algs');
|
||||
var utils = require('../utils');
|
||||
|
||||
var Key = require('../key');
|
||||
var PrivateKey = require('../private-key');
|
||||
var pem = require('./pem');
|
||||
|
||||
var pkcs8 = require('./pkcs8');
|
||||
var readECDSACurve = pkcs8.readECDSACurve;
|
||||
|
||||
function read(buf, options) {
|
||||
return (pem.read(buf, options, 'pkcs1'));
|
||||
}
|
||||
|
||||
function write(key, options) {
|
||||
return (pem.write(key, options, 'pkcs1'));
|
||||
}
|
||||
|
||||
/* Helper to read in a single mpint */
|
||||
function readMPInt(der, nm) {
|
||||
assert.strictEqual(der.peek(), asn1.Ber.Integer,
|
||||
nm + ' is not an Integer');
|
||||
return (utils.mpNormalize(der.readString(asn1.Ber.Integer, true)));
|
||||
}
|
||||
|
||||
function readPkcs1(alg, type, der) {
|
||||
switch (alg) {
|
||||
case 'RSA':
|
||||
if (type === 'public')
|
||||
return (readPkcs1RSAPublic(der));
|
||||
else if (type === 'private')
|
||||
return (readPkcs1RSAPrivate(der));
|
||||
throw (new Error('Unknown key type: ' + type));
|
||||
case 'DSA':
|
||||
if (type === 'public')
|
||||
return (readPkcs1DSAPublic(der));
|
||||
else if (type === 'private')
|
||||
return (readPkcs1DSAPrivate(der));
|
||||
throw (new Error('Unknown key type: ' + type));
|
||||
case 'EC':
|
||||
case 'ECDSA':
|
||||
if (type === 'private')
|
||||
return (readPkcs1ECDSAPrivate(der));
|
||||
else if (type === 'public')
|
||||
return (readPkcs1ECDSAPublic(der));
|
||||
throw (new Error('Unknown key type: ' + type));
|
||||
default:
|
||||
throw (new Error('Unknown key algo: ' + alg));
|
||||
}
|
||||
}
|
||||
|
||||
function readPkcs1RSAPublic(der) {
|
||||
// modulus and exponent
|
||||
var n = readMPInt(der, 'modulus');
|
||||
var e = readMPInt(der, 'exponent');
|
||||
|
||||
// now, make the key
|
||||
var key = {
|
||||
type: 'rsa',
|
||||
parts: [
|
||||
{ name: 'e', data: e },
|
||||
{ name: 'n', data: n }
|
||||
]
|
||||
};
|
||||
|
||||
return (new Key(key));
|
||||
}
|
||||
|
||||
function readPkcs1RSAPrivate(der) {
|
||||
var version = readMPInt(der, 'version');
|
||||
assert.strictEqual(version[0], 0);
|
||||
|
||||
// modulus then public exponent
|
||||
var n = readMPInt(der, 'modulus');
|
||||
var e = readMPInt(der, 'public exponent');
|
||||
var d = readMPInt(der, 'private exponent');
|
||||
var p = readMPInt(der, 'prime1');
|
||||
var q = readMPInt(der, 'prime2');
|
||||
var dmodp = readMPInt(der, 'exponent1');
|
||||
var dmodq = readMPInt(der, 'exponent2');
|
||||
var iqmp = readMPInt(der, 'iqmp');
|
||||
|
||||
// now, make the key
|
||||
var key = {
|
||||
type: 'rsa',
|
||||
parts: [
|
||||
{ name: 'n', data: n },
|
||||
{ name: 'e', data: e },
|
||||
{ name: 'd', data: d },
|
||||
{ name: 'iqmp', data: iqmp },
|
||||
{ name: 'p', data: p },
|
||||
{ name: 'q', data: q },
|
||||
{ name: 'dmodp', data: dmodp },
|
||||
{ name: 'dmodq', data: dmodq }
|
||||
]
|
||||
};
|
||||
|
||||
return (new PrivateKey(key));
|
||||
}
|
||||
|
||||
function readPkcs1DSAPrivate(der) {
|
||||
var version = readMPInt(der, 'version');
|
||||
assert.strictEqual(version.readUInt8(0), 0);
|
||||
|
||||
var p = readMPInt(der, 'p');
|
||||
var q = readMPInt(der, 'q');
|
||||
var g = readMPInt(der, 'g');
|
||||
var y = readMPInt(der, 'y');
|
||||
var x = readMPInt(der, 'x');
|
||||
|
||||
// now, make the key
|
||||
var key = {
|
||||
type: 'dsa',
|
||||
parts: [
|
||||
{ name: 'p', data: p },
|
||||
{ name: 'q', data: q },
|
||||
{ name: 'g', data: g },
|
||||
{ name: 'y', data: y },
|
||||
{ name: 'x', data: x }
|
||||
]
|
||||
};
|
||||
|
||||
return (new PrivateKey(key));
|
||||
}
|
||||
|
||||
function readPkcs1DSAPublic(der) {
|
||||
var y = readMPInt(der, 'y');
|
||||
var p = readMPInt(der, 'p');
|
||||
var q = readMPInt(der, 'q');
|
||||
var g = readMPInt(der, 'g');
|
||||
|
||||
var key = {
|
||||
type: 'dsa',
|
||||
parts: [
|
||||
{ name: 'y', data: y },
|
||||
{ name: 'p', data: p },
|
||||
{ name: 'q', data: q },
|
||||
{ name: 'g', data: g }
|
||||
]
|
||||
};
|
||||
|
||||
return (new Key(key));
|
||||
}
|
||||
|
||||
function readPkcs1ECDSAPublic(der) {
|
||||
der.readSequence();
|
||||
|
||||
var oid = der.readOID();
|
||||
assert.strictEqual(oid, '1.2.840.10045.2.1', 'must be ecPublicKey');
|
||||
|
||||
var curveOid = der.readOID();
|
||||
|
||||
var curve;
|
||||
var curves = Object.keys(algs.curves);
|
||||
for (var j = 0; j < curves.length; ++j) {
|
||||
var c = curves[j];
|
||||
var cd = algs.curves[c];
|
||||
if (cd.pkcs8oid === curveOid) {
|
||||
curve = c;
|
||||
break;
|
||||
}
|
||||
}
|
||||
assert.string(curve, 'a known ECDSA named curve');
|
||||
|
||||
var Q = der.readString(asn1.Ber.BitString, true);
|
||||
Q = utils.ecNormalize(Q);
|
||||
|
||||
var key = {
|
||||
type: 'ecdsa',
|
||||
parts: [
|
||||
{ name: 'curve', data: new Buffer(curve) },
|
||||
{ name: 'Q', data: Q }
|
||||
]
|
||||
};
|
||||
|
||||
return (new Key(key));
|
||||
}
|
||||
|
||||
function readPkcs1ECDSAPrivate(der) {
|
||||
var version = readMPInt(der, 'version');
|
||||
assert.strictEqual(version.readUInt8(0), 1);
|
||||
|
||||
// private key
|
||||
var d = der.readString(asn1.Ber.OctetString, true);
|
||||
|
||||
der.readSequence(0xa0);
|
||||
var curve = readECDSACurve(der);
|
||||
assert.string(curve, 'a known elliptic curve');
|
||||
|
||||
der.readSequence(0xa1);
|
||||
var Q = der.readString(asn1.Ber.BitString, true);
|
||||
Q = utils.ecNormalize(Q);
|
||||
|
||||
var key = {
|
||||
type: 'ecdsa',
|
||||
parts: [
|
||||
{ name: 'curve', data: new Buffer(curve) },
|
||||
{ name: 'Q', data: Q },
|
||||
{ name: 'd', data: d }
|
||||
]
|
||||
};
|
||||
|
||||
return (new PrivateKey(key));
|
||||
}
|
||||
|
||||
function writePkcs1(der, key) {
|
||||
der.startSequence();
|
||||
|
||||
switch (key.type) {
|
||||
case 'rsa':
|
||||
if (PrivateKey.isPrivateKey(key))
|
||||
writePkcs1RSAPrivate(der, key);
|
||||
else
|
||||
writePkcs1RSAPublic(der, key);
|
||||
break;
|
||||
case 'dsa':
|
||||
if (PrivateKey.isPrivateKey(key))
|
||||
writePkcs1DSAPrivate(der, key);
|
||||
else
|
||||
writePkcs1DSAPublic(der, key);
|
||||
break;
|
||||
case 'ecdsa':
|
||||
if (PrivateKey.isPrivateKey(key))
|
||||
writePkcs1ECDSAPrivate(der, key);
|
||||
else
|
||||
writePkcs1ECDSAPublic(der, key);
|
||||
break;
|
||||
default:
|
||||
throw (new Error('Unknown key algo: ' + key.type));
|
||||
}
|
||||
|
||||
der.endSequence();
|
||||
}
|
||||
|
||||
function writePkcs1RSAPublic(der, key) {
|
||||
der.writeBuffer(key.part.n.data, asn1.Ber.Integer);
|
||||
der.writeBuffer(key.part.e.data, asn1.Ber.Integer);
|
||||
}
|
||||
|
||||
function writePkcs1RSAPrivate(der, key) {
|
||||
var ver = new Buffer(1);
|
||||
ver[0] = 0;
|
||||
der.writeBuffer(ver, asn1.Ber.Integer);
|
||||
|
||||
der.writeBuffer(key.part.n.data, asn1.Ber.Integer);
|
||||
der.writeBuffer(key.part.e.data, asn1.Ber.Integer);
|
||||
der.writeBuffer(key.part.d.data, asn1.Ber.Integer);
|
||||
der.writeBuffer(key.part.p.data, asn1.Ber.Integer);
|
||||
der.writeBuffer(key.part.q.data, asn1.Ber.Integer);
|
||||
if (!key.part.dmodp || !key.part.dmodq)
|
||||
utils.addRSAMissing(key);
|
||||
der.writeBuffer(key.part.dmodp.data, asn1.Ber.Integer);
|
||||
der.writeBuffer(key.part.dmodq.data, asn1.Ber.Integer);
|
||||
der.writeBuffer(key.part.iqmp.data, asn1.Ber.Integer);
|
||||
}
|
||||
|
||||
function writePkcs1DSAPrivate(der, key) {
|
||||
var ver = new Buffer(1);
|
||||
ver[0] = 0;
|
||||
der.writeBuffer(ver, asn1.Ber.Integer);
|
||||
|
||||
der.writeBuffer(key.part.p.data, asn1.Ber.Integer);
|
||||
der.writeBuffer(key.part.q.data, asn1.Ber.Integer);
|
||||
der.writeBuffer(key.part.g.data, asn1.Ber.Integer);
|
||||
der.writeBuffer(key.part.y.data, asn1.Ber.Integer);
|
||||
der.writeBuffer(key.part.x.data, asn1.Ber.Integer);
|
||||
}
|
||||
|
||||
function writePkcs1DSAPublic(der, key) {
|
||||
der.writeBuffer(key.part.y.data, asn1.Ber.Integer);
|
||||
der.writeBuffer(key.part.p.data, asn1.Ber.Integer);
|
||||
der.writeBuffer(key.part.q.data, asn1.Ber.Integer);
|
||||
der.writeBuffer(key.part.g.data, asn1.Ber.Integer);
|
||||
}
|
||||
|
||||
function writePkcs1ECDSAPublic(der, key) {
|
||||
der.startSequence();
|
||||
|
||||
der.writeOID('1.2.840.10045.2.1'); /* ecPublicKey */
|
||||
var curve = key.part.curve.data.toString();
|
||||
var curveOid = algs.curves[curve].pkcs8oid;
|
||||
assert.string(curveOid, 'a known ECDSA named curve');
|
||||
der.writeOID(curveOid);
|
||||
|
||||
der.endSequence();
|
||||
|
||||
var Q = utils.ecNormalize(key.part.Q.data, true);
|
||||
der.writeBuffer(Q, asn1.Ber.BitString);
|
||||
}
|
||||
|
||||
function writePkcs1ECDSAPrivate(der, key) {
|
||||
var ver = new Buffer(1);
|
||||
ver[0] = 1;
|
||||
der.writeBuffer(ver, asn1.Ber.Integer);
|
||||
|
||||
der.writeBuffer(key.part.d.data, asn1.Ber.OctetString);
|
||||
|
||||
der.startSequence(0xa0);
|
||||
var curve = key.part.curve.data.toString();
|
||||
var curveOid = algs.curves[curve].pkcs8oid;
|
||||
assert.string(curveOid, 'a known ECDSA named curve');
|
||||
der.writeOID(curveOid);
|
||||
der.endSequence();
|
||||
|
||||
der.startSequence(0xa1);
|
||||
var Q = utils.ecNormalize(key.part.Q.data, true);
|
||||
der.writeBuffer(Q, asn1.Ber.BitString);
|
||||
der.endSequence();
|
||||
}
|
505
node_modules/sshpk/lib/formats/pkcs8.js
generated
vendored
Normal file
505
node_modules/sshpk/lib/formats/pkcs8.js
generated
vendored
Normal file
@ -0,0 +1,505 @@
|
||||
// Copyright 2015 Joyent, Inc.
|
||||
|
||||
module.exports = {
|
||||
read: read,
|
||||
readPkcs8: readPkcs8,
|
||||
write: write,
|
||||
writePkcs8: writePkcs8,
|
||||
|
||||
readECDSACurve: readECDSACurve,
|
||||
writeECDSACurve: writeECDSACurve
|
||||
};
|
||||
|
||||
var assert = require('assert-plus');
|
||||
var asn1 = require('asn1');
|
||||
var algs = require('../algs');
|
||||
var utils = require('../utils');
|
||||
var Key = require('../key');
|
||||
var PrivateKey = require('../private-key');
|
||||
var pem = require('./pem');
|
||||
|
||||
function read(buf, options) {
|
||||
return (pem.read(buf, options, 'pkcs8'));
|
||||
}
|
||||
|
||||
function write(key, options) {
|
||||
return (pem.write(key, options, 'pkcs8'));
|
||||
}
|
||||
|
||||
/* Helper to read in a single mpint */
|
||||
function readMPInt(der, nm) {
|
||||
assert.strictEqual(der.peek(), asn1.Ber.Integer,
|
||||
nm + ' is not an Integer');
|
||||
return (utils.mpNormalize(der.readString(asn1.Ber.Integer, true)));
|
||||
}
|
||||
|
||||
function readPkcs8(alg, type, der) {
|
||||
/* Private keys in pkcs#8 format have a weird extra int */
|
||||
if (der.peek() === asn1.Ber.Integer) {
|
||||
assert.strictEqual(type, 'private',
|
||||
'unexpected Integer at start of public key');
|
||||
der.readString(asn1.Ber.Integer, true);
|
||||
}
|
||||
|
||||
der.readSequence();
|
||||
var next = der.offset + der.length;
|
||||
|
||||
var oid = der.readOID();
|
||||
switch (oid) {
|
||||
case '1.2.840.113549.1.1.1':
|
||||
der._offset = next;
|
||||
if (type === 'public')
|
||||
return (readPkcs8RSAPublic(der));
|
||||
else
|
||||
return (readPkcs8RSAPrivate(der));
|
||||
case '1.2.840.10040.4.1':
|
||||
if (type === 'public')
|
||||
return (readPkcs8DSAPublic(der));
|
||||
else
|
||||
return (readPkcs8DSAPrivate(der));
|
||||
case '1.2.840.10045.2.1':
|
||||
if (type === 'public')
|
||||
return (readPkcs8ECDSAPublic(der));
|
||||
else
|
||||
return (readPkcs8ECDSAPrivate(der));
|
||||
default:
|
||||
throw (new Error('Unknown key type OID ' + oid));
|
||||
}
|
||||
}
|
||||
|
||||
function readPkcs8RSAPublic(der) {
|
||||
// bit string sequence
|
||||
der.readSequence(asn1.Ber.BitString);
|
||||
der.readByte();
|
||||
der.readSequence();
|
||||
|
||||
// modulus
|
||||
var n = readMPInt(der, 'modulus');
|
||||
var e = readMPInt(der, 'exponent');
|
||||
|
||||
// now, make the key
|
||||
var key = {
|
||||
type: 'rsa',
|
||||
source: der.originalInput,
|
||||
parts: [
|
||||
{ name: 'e', data: e },
|
||||
{ name: 'n', data: n }
|
||||
]
|
||||
};
|
||||
|
||||
return (new Key(key));
|
||||
}
|
||||
|
||||
function readPkcs8RSAPrivate(der) {
|
||||
der.readSequence(asn1.Ber.OctetString);
|
||||
der.readSequence();
|
||||
|
||||
var ver = readMPInt(der, 'version');
|
||||
assert.equal(ver[0], 0x0, 'unknown RSA private key version');
|
||||
|
||||
// modulus then public exponent
|
||||
var n = readMPInt(der, 'modulus');
|
||||
var e = readMPInt(der, 'public exponent');
|
||||
var d = readMPInt(der, 'private exponent');
|
||||
var p = readMPInt(der, 'prime1');
|
||||
var q = readMPInt(der, 'prime2');
|
||||
var dmodp = readMPInt(der, 'exponent1');
|
||||
var dmodq = readMPInt(der, 'exponent2');
|
||||
var iqmp = readMPInt(der, 'iqmp');
|
||||
|
||||
// now, make the key
|
||||
var key = {
|
||||
type: 'rsa',
|
||||
parts: [
|
||||
{ name: 'n', data: n },
|
||||
{ name: 'e', data: e },
|
||||
{ name: 'd', data: d },
|
||||
{ name: 'iqmp', data: iqmp },
|
||||
{ name: 'p', data: p },
|
||||
{ name: 'q', data: q },
|
||||
{ name: 'dmodp', data: dmodp },
|
||||
{ name: 'dmodq', data: dmodq }
|
||||
]
|
||||
};
|
||||
|
||||
return (new PrivateKey(key));
|
||||
}
|
||||
|
||||
function readPkcs8DSAPublic(der) {
|
||||
der.readSequence();
|
||||
|
||||
var p = readMPInt(der, 'p');
|
||||
var q = readMPInt(der, 'q');
|
||||
var g = readMPInt(der, 'g');
|
||||
|
||||
// bit string sequence
|
||||
der.readSequence(asn1.Ber.BitString);
|
||||
der.readByte();
|
||||
|
||||
var y = readMPInt(der, 'y');
|
||||
|
||||
// now, make the key
|
||||
var key = {
|
||||
type: 'dsa',
|
||||
parts: [
|
||||
{ name: 'p', data: p },
|
||||
{ name: 'q', data: q },
|
||||
{ name: 'g', data: g },
|
||||
{ name: 'y', data: y }
|
||||
]
|
||||
};
|
||||
|
||||
return (new Key(key));
|
||||
}
|
||||
|
||||
function readPkcs8DSAPrivate(der) {
|
||||
der.readSequence();
|
||||
|
||||
var p = readMPInt(der, 'p');
|
||||
var q = readMPInt(der, 'q');
|
||||
var g = readMPInt(der, 'g');
|
||||
|
||||
der.readSequence(asn1.Ber.OctetString);
|
||||
var x = readMPInt(der, 'x');
|
||||
|
||||
/* The pkcs#8 format does not include the public key */
|
||||
var y = utils.calculateDSAPublic(g, p, x);
|
||||
|
||||
var key = {
|
||||
type: 'dsa',
|
||||
parts: [
|
||||
{ name: 'p', data: p },
|
||||
{ name: 'q', data: q },
|
||||
{ name: 'g', data: g },
|
||||
{ name: 'y', data: y },
|
||||
{ name: 'x', data: x }
|
||||
]
|
||||
};
|
||||
|
||||
return (new PrivateKey(key));
|
||||
}
|
||||
|
||||
function readECDSACurve(der) {
|
||||
var curveName, curveNames;
|
||||
var j, c, cd;
|
||||
|
||||
if (der.peek() === asn1.Ber.OID) {
|
||||
var oid = der.readOID();
|
||||
|
||||
curveNames = Object.keys(algs.curves);
|
||||
for (j = 0; j < curveNames.length; ++j) {
|
||||
c = curveNames[j];
|
||||
cd = algs.curves[c];
|
||||
if (cd.pkcs8oid === oid) {
|
||||
curveName = c;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
} else {
|
||||
// ECParameters sequence
|
||||
der.readSequence();
|
||||
var version = der.readString(asn1.Ber.Integer, true);
|
||||
assert.strictEqual(version[0], 1, 'ECDSA key not version 1');
|
||||
|
||||
var curve = {};
|
||||
|
||||
// FieldID sequence
|
||||
der.readSequence();
|
||||
var fieldTypeOid = der.readOID();
|
||||
assert.strictEqual(fieldTypeOid, '1.2.840.10045.1.1',
|
||||
'ECDSA key is not from a prime-field');
|
||||
var p = curve.p = utils.mpNormalize(
|
||||
der.readString(asn1.Ber.Integer, true));
|
||||
/*
|
||||
* p always starts with a 1 bit, so count the zeros to get its
|
||||
* real size.
|
||||
*/
|
||||
curve.size = p.length * 8 - utils.countZeros(p);
|
||||
|
||||
// Curve sequence
|
||||
der.readSequence();
|
||||
curve.a = utils.mpNormalize(
|
||||
der.readString(asn1.Ber.OctetString, true));
|
||||
curve.b = utils.mpNormalize(
|
||||
der.readString(asn1.Ber.OctetString, true));
|
||||
if (der.peek() === asn1.Ber.BitString)
|
||||
curve.s = der.readString(asn1.Ber.BitString, true);
|
||||
|
||||
// Combined Gx and Gy
|
||||
curve.G = der.readString(asn1.Ber.OctetString, true);
|
||||
assert.strictEqual(curve.G[0], 0x4,
|
||||
'uncompressed G is required');
|
||||
|
||||
curve.n = utils.mpNormalize(
|
||||
der.readString(asn1.Ber.Integer, true));
|
||||
curve.h = utils.mpNormalize(
|
||||
der.readString(asn1.Ber.Integer, true));
|
||||
assert.strictEqual(curve.h[0], 0x1, 'a cofactor=1 curve is ' +
|
||||
'required');
|
||||
|
||||
curveNames = Object.keys(algs.curves);
|
||||
var ks = Object.keys(curve);
|
||||
for (j = 0; j < curveNames.length; ++j) {
|
||||
c = curveNames[j];
|
||||
cd = algs.curves[c];
|
||||
var equal = true;
|
||||
for (var i = 0; i < ks.length; ++i) {
|
||||
var k = ks[i];
|
||||
if (cd[k] === undefined)
|
||||
continue;
|
||||
if (typeof (cd[k]) === 'object' &&
|
||||
cd[k].equals !== undefined) {
|
||||
if (!cd[k].equals(curve[k])) {
|
||||
equal = false;
|
||||
break;
|
||||
}
|
||||
} else if (Buffer.isBuffer(cd[k])) {
|
||||
if (cd[k].toString('binary')
|
||||
!== curve[k].toString('binary')) {
|
||||
equal = false;
|
||||
break;
|
||||
}
|
||||
} else {
|
||||
if (cd[k] !== curve[k]) {
|
||||
equal = false;
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
if (equal) {
|
||||
curveName = c;
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
return (curveName);
|
||||
}
|
||||
|
||||
function readPkcs8ECDSAPrivate(der) {
|
||||
var curveName = readECDSACurve(der);
|
||||
assert.string(curveName, 'a known elliptic curve');
|
||||
|
||||
der.readSequence(asn1.Ber.OctetString);
|
||||
der.readSequence();
|
||||
|
||||
var version = readMPInt(der, 'version');
|
||||
assert.equal(version[0], 1, 'unknown version of ECDSA key');
|
||||
|
||||
var d = der.readString(asn1.Ber.OctetString, true);
|
||||
der.readSequence(0xa1);
|
||||
|
||||
var Q = der.readString(asn1.Ber.BitString, true);
|
||||
Q = utils.ecNormalize(Q);
|
||||
|
||||
var key = {
|
||||
type: 'ecdsa',
|
||||
parts: [
|
||||
{ name: 'curve', data: new Buffer(curveName) },
|
||||
{ name: 'Q', data: Q },
|
||||
{ name: 'd', data: d }
|
||||
]
|
||||
};
|
||||
|
||||
return (new PrivateKey(key));
|
||||
}
|
||||
|
||||
function readPkcs8ECDSAPublic(der) {
|
||||
var curveName = readECDSACurve(der);
|
||||
assert.string(curveName, 'a known elliptic curve');
|
||||
|
||||
var Q = der.readString(asn1.Ber.BitString, true);
|
||||
Q = utils.ecNormalize(Q);
|
||||
|
||||
var key = {
|
||||
type: 'ecdsa',
|
||||
parts: [
|
||||
{ name: 'curve', data: new Buffer(curveName) },
|
||||
{ name: 'Q', data: Q }
|
||||
]
|
||||
};
|
||||
|
||||
return (new Key(key));
|
||||
}
|
||||
|
||||
function writePkcs8(der, key) {
|
||||
der.startSequence();
|
||||
|
||||
if (PrivateKey.isPrivateKey(key)) {
|
||||
var sillyInt = new Buffer(1);
|
||||
sillyInt[0] = 0x0;
|
||||
der.writeBuffer(sillyInt, asn1.Ber.Integer);
|
||||
}
|
||||
|
||||
der.startSequence();
|
||||
switch (key.type) {
|
||||
case 'rsa':
|
||||
der.writeOID('1.2.840.113549.1.1.1');
|
||||
if (PrivateKey.isPrivateKey(key))
|
||||
writePkcs8RSAPrivate(key, der);
|
||||
else
|
||||
writePkcs8RSAPublic(key, der);
|
||||
break;
|
||||
case 'dsa':
|
||||
der.writeOID('1.2.840.10040.4.1');
|
||||
if (PrivateKey.isPrivateKey(key))
|
||||
writePkcs8DSAPrivate(key, der);
|
||||
else
|
||||
writePkcs8DSAPublic(key, der);
|
||||
break;
|
||||
case 'ecdsa':
|
||||
der.writeOID('1.2.840.10045.2.1');
|
||||
if (PrivateKey.isPrivateKey(key))
|
||||
writePkcs8ECDSAPrivate(key, der);
|
||||
else
|
||||
writePkcs8ECDSAPublic(key, der);
|
||||
break;
|
||||
default:
|
||||
throw (new Error('Unsupported key type: ' + key.type));
|
||||
}
|
||||
|
||||
der.endSequence();
|
||||
}
|
||||
|
||||
function writePkcs8RSAPrivate(key, der) {
|
||||
der.writeNull();
|
||||
der.endSequence();
|
||||
|
||||
der.startSequence(asn1.Ber.OctetString);
|
||||
der.startSequence();
|
||||
|
||||
var version = new Buffer(1);
|
||||
version[0] = 0;
|
||||
der.writeBuffer(version, asn1.Ber.Integer);
|
||||
|
||||
der.writeBuffer(key.part.n.data, asn1.Ber.Integer);
|
||||
der.writeBuffer(key.part.e.data, asn1.Ber.Integer);
|
||||
der.writeBuffer(key.part.d.data, asn1.Ber.Integer);
|
||||
der.writeBuffer(key.part.p.data, asn1.Ber.Integer);
|
||||
der.writeBuffer(key.part.q.data, asn1.Ber.Integer);
|
||||
if (!key.part.dmodp || !key.part.dmodq)
|
||||
utils.addRSAMissing(key);
|
||||
der.writeBuffer(key.part.dmodp.data, asn1.Ber.Integer);
|
||||
der.writeBuffer(key.part.dmodq.data, asn1.Ber.Integer);
|
||||
der.writeBuffer(key.part.iqmp.data, asn1.Ber.Integer);
|
||||
|
||||
der.endSequence();
|
||||
der.endSequence();
|
||||
}
|
||||
|
||||
function writePkcs8RSAPublic(key, der) {
|
||||
der.writeNull();
|
||||
der.endSequence();
|
||||
|
||||
der.startSequence(asn1.Ber.BitString);
|
||||
der.writeByte(0x00);
|
||||
|
||||
der.startSequence();
|
||||
der.writeBuffer(key.part.n.data, asn1.Ber.Integer);
|
||||
der.writeBuffer(key.part.e.data, asn1.Ber.Integer);
|
||||
der.endSequence();
|
||||
|
||||
der.endSequence();
|
||||
}
|
||||
|
||||
function writePkcs8DSAPrivate(key, der) {
|
||||
der.startSequence();
|
||||
der.writeBuffer(key.part.p.data, asn1.Ber.Integer);
|
||||
der.writeBuffer(key.part.q.data, asn1.Ber.Integer);
|
||||
der.writeBuffer(key.part.g.data, asn1.Ber.Integer);
|
||||
der.endSequence();
|
||||
|
||||
der.endSequence();
|
||||
|
||||
der.startSequence(asn1.Ber.OctetString);
|
||||
der.writeBuffer(key.part.x.data, asn1.Ber.Integer);
|
||||
der.endSequence();
|
||||
}
|
||||
|
||||
function writePkcs8DSAPublic(key, der) {
|
||||
der.startSequence();
|
||||
der.writeBuffer(key.part.p.data, asn1.Ber.Integer);
|
||||
der.writeBuffer(key.part.q.data, asn1.Ber.Integer);
|
||||
der.writeBuffer(key.part.g.data, asn1.Ber.Integer);
|
||||
der.endSequence();
|
||||
der.endSequence();
|
||||
|
||||
der.startSequence(asn1.Ber.BitString);
|
||||
der.writeByte(0x00);
|
||||
der.writeBuffer(key.part.y.data, asn1.Ber.Integer);
|
||||
der.endSequence();
|
||||
}
|
||||
|
||||
function writeECDSACurve(key, der) {
|
||||
var curve = algs.curves[key.curve];
|
||||
if (curve.pkcs8oid) {
|
||||
/* This one has a name in pkcs#8, so just write the oid */
|
||||
der.writeOID(curve.pkcs8oid);
|
||||
|
||||
} else {
|
||||
// ECParameters sequence
|
||||
der.startSequence();
|
||||
|
||||
var version = new Buffer(1);
|
||||
version.writeUInt8(1, 0);
|
||||
der.writeBuffer(version, asn1.Ber.Integer);
|
||||
|
||||
// FieldID sequence
|
||||
der.startSequence();
|
||||
der.writeOID('1.2.840.10045.1.1'); // prime-field
|
||||
der.writeBuffer(curve.p, asn1.Ber.Integer);
|
||||
der.endSequence();
|
||||
|
||||
// Curve sequence
|
||||
der.startSequence();
|
||||
var a = curve.p;
|
||||
if (a[0] === 0x0)
|
||||
a = a.slice(1);
|
||||
der.writeBuffer(a, asn1.Ber.OctetString);
|
||||
der.writeBuffer(curve.b, asn1.Ber.OctetString);
|
||||
der.writeBuffer(curve.s, asn1.Ber.BitString);
|
||||
der.endSequence();
|
||||
|
||||
der.writeBuffer(curve.G, asn1.Ber.OctetString);
|
||||
der.writeBuffer(curve.n, asn1.Ber.Integer);
|
||||
var h = curve.h;
|
||||
if (!h) {
|
||||
h = new Buffer(1);
|
||||
h[0] = 1;
|
||||
}
|
||||
der.writeBuffer(h, asn1.Ber.Integer);
|
||||
|
||||
// ECParameters
|
||||
der.endSequence();
|
||||
}
|
||||
}
|
||||
|
||||
function writePkcs8ECDSAPublic(key, der) {
|
||||
writeECDSACurve(key, der);
|
||||
der.endSequence();
|
||||
|
||||
var Q = utils.ecNormalize(key.part.Q.data, true);
|
||||
der.writeBuffer(Q, asn1.Ber.BitString);
|
||||
}
|
||||
|
||||
function writePkcs8ECDSAPrivate(key, der) {
|
||||
writeECDSACurve(key, der);
|
||||
der.endSequence();
|
||||
|
||||
der.startSequence(asn1.Ber.OctetString);
|
||||
der.startSequence();
|
||||
|
||||
var version = new Buffer(1);
|
||||
version[0] = 1;
|
||||
der.writeBuffer(version, asn1.Ber.Integer);
|
||||
|
||||
der.writeBuffer(key.part.d.data, asn1.Ber.OctetString);
|
||||
|
||||
der.startSequence(0xa1);
|
||||
var Q = utils.ecNormalize(key.part.Q.data, true);
|
||||
der.writeBuffer(Q, asn1.Ber.BitString);
|
||||
der.endSequence();
|
||||
|
||||
der.endSequence();
|
||||
der.endSequence();
|
||||
}
|
146
node_modules/sshpk/lib/formats/rfc4253.js
generated
vendored
Normal file
146
node_modules/sshpk/lib/formats/rfc4253.js
generated
vendored
Normal file
@ -0,0 +1,146 @@
|
||||
// Copyright 2015 Joyent, Inc.
|
||||
|
||||
module.exports = {
|
||||
read: read.bind(undefined, false, undefined),
|
||||
readType: read.bind(undefined, false),
|
||||
write: write,
|
||||
/* semi-private api, used by sshpk-agent */
|
||||
readPartial: read.bind(undefined, true),
|
||||
|
||||
/* shared with ssh format */
|
||||
readInternal: read,
|
||||
keyTypeToAlg: keyTypeToAlg,
|
||||
algToKeyType: algToKeyType
|
||||
};
|
||||
|
||||
var assert = require('assert-plus');
|
||||
var algs = require('../algs');
|
||||
var utils = require('../utils');
|
||||
var Key = require('../key');
|
||||
var PrivateKey = require('../private-key');
|
||||
var SSHBuffer = require('../ssh-buffer');
|
||||
|
||||
function algToKeyType(alg) {
|
||||
assert.string(alg);
|
||||
if (alg === 'ssh-dss')
|
||||
return ('dsa');
|
||||
else if (alg === 'ssh-rsa')
|
||||
return ('rsa');
|
||||
else if (alg === 'ssh-ed25519')
|
||||
return ('ed25519');
|
||||
else if (alg === 'ssh-curve25519')
|
||||
return ('curve25519');
|
||||
else if (alg.match(/^ecdsa-sha2-/))
|
||||
return ('ecdsa');
|
||||
else
|
||||
throw (new Error('Unknown algorithm ' + alg));
|
||||
}
|
||||
|
||||
function keyTypeToAlg(key) {
|
||||
assert.object(key);
|
||||
if (key.type === 'dsa')
|
||||
return ('ssh-dss');
|
||||
else if (key.type === 'rsa')
|
||||
return ('ssh-rsa');
|
||||
else if (key.type === 'ed25519')
|
||||
return ('ssh-ed25519');
|
||||
else if (key.type === 'curve25519')
|
||||
return ('ssh-curve25519');
|
||||
else if (key.type === 'ecdsa')
|
||||
return ('ecdsa-sha2-' + key.part.curve.data.toString());
|
||||
else
|
||||
throw (new Error('Unknown key type ' + key.type));
|
||||
}
|
||||
|
||||
function read(partial, type, buf, options) {
|
||||
if (typeof (buf) === 'string')
|
||||
buf = new Buffer(buf);
|
||||
assert.buffer(buf, 'buf');
|
||||
|
||||
var key = {};
|
||||
|
||||
var parts = key.parts = [];
|
||||
var sshbuf = new SSHBuffer({buffer: buf});
|
||||
|
||||
var alg = sshbuf.readString();
|
||||
assert.ok(!sshbuf.atEnd(), 'key must have at least one part');
|
||||
|
||||
key.type = algToKeyType(alg);
|
||||
|
||||
var partCount = algs.info[key.type].parts.length;
|
||||
if (type && type === 'private')
|
||||
partCount = algs.privInfo[key.type].parts.length;
|
||||
|
||||
while (!sshbuf.atEnd() && parts.length < partCount)
|
||||
parts.push(sshbuf.readPart());
|
||||
while (!partial && !sshbuf.atEnd())
|
||||
parts.push(sshbuf.readPart());
|
||||
|
||||
assert.ok(parts.length >= 1,
|
||||
'key must have at least one part');
|
||||
assert.ok(partial || sshbuf.atEnd(),
|
||||
'leftover bytes at end of key');
|
||||
|
||||
var Constructor = Key;
|
||||
var algInfo = algs.info[key.type];
|
||||
if (type === 'private' || algInfo.parts.length !== parts.length) {
|
||||
algInfo = algs.privInfo[key.type];
|
||||
Constructor = PrivateKey;
|
||||
}
|
||||
assert.strictEqual(algInfo.parts.length, parts.length);
|
||||
|
||||
if (key.type === 'ecdsa') {
|
||||
var res = /^ecdsa-sha2-(.+)$/.exec(alg);
|
||||
assert.ok(res !== null);
|
||||
assert.strictEqual(res[1], parts[0].data.toString());
|
||||
}
|
||||
|
||||
var normalized = true;
|
||||
for (var i = 0; i < algInfo.parts.length; ++i) {
|
||||
parts[i].name = algInfo.parts[i];
|
||||
if (parts[i].name !== 'curve' &&
|
||||
algInfo.normalize !== false) {
|
||||
var p = parts[i];
|
||||
var nd = utils.mpNormalize(p.data);
|
||||
if (nd !== p.data) {
|
||||
p.data = nd;
|
||||
normalized = false;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (normalized)
|
||||
key._rfc4253Cache = sshbuf.toBuffer();
|
||||
|
||||
if (partial && typeof (partial) === 'object') {
|
||||
partial.remainder = sshbuf.remainder();
|
||||
partial.consumed = sshbuf._offset;
|
||||
}
|
||||
|
||||
return (new Constructor(key));
|
||||
}
|
||||
|
||||
function write(key, options) {
|
||||
assert.object(key);
|
||||
|
||||
var alg = keyTypeToAlg(key);
|
||||
var i;
|
||||
|
||||
var algInfo = algs.info[key.type];
|
||||
if (PrivateKey.isPrivateKey(key))
|
||||
algInfo = algs.privInfo[key.type];
|
||||
var parts = algInfo.parts;
|
||||
|
||||
var buf = new SSHBuffer({});
|
||||
|
||||
buf.writeString(alg);
|
||||
|
||||
for (i = 0; i < parts.length; ++i) {
|
||||
var data = key.part[parts[i]].data;
|
||||
if (algInfo.normalize !== false)
|
||||
data = utils.mpNormalize(data);
|
||||
buf.writeBuffer(data);
|
||||
}
|
||||
|
||||
return (buf.toBuffer());
|
||||
}
|
261
node_modules/sshpk/lib/formats/ssh-private.js
generated
vendored
Normal file
261
node_modules/sshpk/lib/formats/ssh-private.js
generated
vendored
Normal file
@ -0,0 +1,261 @@
|
||||
// Copyright 2015 Joyent, Inc.
|
||||
|
||||
module.exports = {
|
||||
read: read,
|
||||
readSSHPrivate: readSSHPrivate,
|
||||
write: write
|
||||
};
|
||||
|
||||
var assert = require('assert-plus');
|
||||
var asn1 = require('asn1');
|
||||
var algs = require('../algs');
|
||||
var utils = require('../utils');
|
||||
var crypto = require('crypto');
|
||||
|
||||
var Key = require('../key');
|
||||
var PrivateKey = require('../private-key');
|
||||
var pem = require('./pem');
|
||||
var rfc4253 = require('./rfc4253');
|
||||
var SSHBuffer = require('../ssh-buffer');
|
||||
var errors = require('../errors');
|
||||
|
||||
var bcrypt;
|
||||
|
||||
function read(buf, options) {
|
||||
return (pem.read(buf, options));
|
||||
}
|
||||
|
||||
var MAGIC = 'openssh-key-v1';
|
||||
|
||||
function readSSHPrivate(type, buf, options) {
|
||||
buf = new SSHBuffer({buffer: buf});
|
||||
|
||||
var magic = buf.readCString();
|
||||
assert.strictEqual(magic, MAGIC, 'bad magic string');
|
||||
|
||||
var cipher = buf.readString();
|
||||
var kdf = buf.readString();
|
||||
var kdfOpts = buf.readBuffer();
|
||||
|
||||
var nkeys = buf.readInt();
|
||||
if (nkeys !== 1) {
|
||||
throw (new Error('OpenSSH-format key file contains ' +
|
||||
'multiple keys: this is unsupported.'));
|
||||
}
|
||||
|
||||
var pubKey = buf.readBuffer();
|
||||
|
||||
if (type === 'public') {
|
||||
assert.ok(buf.atEnd(), 'excess bytes left after key');
|
||||
return (rfc4253.read(pubKey));
|
||||
}
|
||||
|
||||
var privKeyBlob = buf.readBuffer();
|
||||
assert.ok(buf.atEnd(), 'excess bytes left after key');
|
||||
|
||||
var kdfOptsBuf = new SSHBuffer({ buffer: kdfOpts });
|
||||
switch (kdf) {
|
||||
case 'none':
|
||||
if (cipher !== 'none') {
|
||||
throw (new Error('OpenSSH-format key uses KDF "none" ' +
|
||||
'but specifies a cipher other than "none"'));
|
||||
}
|
||||
break;
|
||||
case 'bcrypt':
|
||||
var salt = kdfOptsBuf.readBuffer();
|
||||
var rounds = kdfOptsBuf.readInt();
|
||||
var cinf = utils.opensshCipherInfo(cipher);
|
||||
if (bcrypt === undefined) {
|
||||
bcrypt = require('bcrypt-pbkdf');
|
||||
}
|
||||
|
||||
if (typeof (options.passphrase) === 'string') {
|
||||
options.passphrase = new Buffer(options.passphrase,
|
||||
'utf-8');
|
||||
}
|
||||
if (!Buffer.isBuffer(options.passphrase)) {
|
||||
throw (new errors.KeyEncryptedError(
|
||||
options.filename, 'OpenSSH'));
|
||||
}
|
||||
|
||||
var pass = new Uint8Array(options.passphrase);
|
||||
var salti = new Uint8Array(salt);
|
||||
/* Use the pbkdf to derive both the key and the IV. */
|
||||
var out = new Uint8Array(cinf.keySize + cinf.blockSize);
|
||||
var res = bcrypt.pbkdf(pass, pass.length, salti, salti.length,
|
||||
out, out.length, rounds);
|
||||
if (res !== 0) {
|
||||
throw (new Error('bcrypt_pbkdf function returned ' +
|
||||
'failure, parameters invalid'));
|
||||
}
|
||||
out = new Buffer(out);
|
||||
var ckey = out.slice(0, cinf.keySize);
|
||||
var iv = out.slice(cinf.keySize, cinf.keySize + cinf.blockSize);
|
||||
var cipherStream = crypto.createDecipheriv(cinf.opensslName,
|
||||
ckey, iv);
|
||||
cipherStream.setAutoPadding(false);
|
||||
var chunk, chunks = [];
|
||||
cipherStream.once('error', function (e) {
|
||||
if (e.toString().indexOf('bad decrypt') !== -1) {
|
||||
throw (new Error('Incorrect passphrase ' +
|
||||
'supplied, could not decrypt key'));
|
||||
}
|
||||
throw (e);
|
||||
});
|
||||
cipherStream.write(privKeyBlob);
|
||||
cipherStream.end();
|
||||
while ((chunk = cipherStream.read()) !== null)
|
||||
chunks.push(chunk);
|
||||
privKeyBlob = Buffer.concat(chunks);
|
||||
break;
|
||||
default:
|
||||
throw (new Error(
|
||||
'OpenSSH-format key uses unknown KDF "' + kdf + '"'));
|
||||
}
|
||||
|
||||
buf = new SSHBuffer({buffer: privKeyBlob});
|
||||
|
||||
var checkInt1 = buf.readInt();
|
||||
var checkInt2 = buf.readInt();
|
||||
if (checkInt1 !== checkInt2) {
|
||||
throw (new Error('Incorrect passphrase supplied, could not ' +
|
||||
'decrypt key'));
|
||||
}
|
||||
|
||||
var ret = {};
|
||||
var key = rfc4253.readInternal(ret, 'private', buf.remainder());
|
||||
|
||||
buf.skip(ret.consumed);
|
||||
|
||||
var comment = buf.readString();
|
||||
key.comment = comment;
|
||||
|
||||
return (key);
|
||||
}
|
||||
|
||||
function write(key, options) {
|
||||
var pubKey;
|
||||
if (PrivateKey.isPrivateKey(key))
|
||||
pubKey = key.toPublic();
|
||||
else
|
||||
pubKey = key;
|
||||
|
||||
var cipher = 'none';
|
||||
var kdf = 'none';
|
||||
var kdfopts = new Buffer(0);
|
||||
var cinf = { blockSize: 8 };
|
||||
var passphrase;
|
||||
if (options !== undefined) {
|
||||
passphrase = options.passphrase;
|
||||
if (typeof (passphrase) === 'string')
|
||||
passphrase = new Buffer(passphrase, 'utf-8');
|
||||
if (passphrase !== undefined) {
|
||||
assert.buffer(passphrase, 'options.passphrase');
|
||||
assert.optionalString(options.cipher, 'options.cipher');
|
||||
cipher = options.cipher;
|
||||
if (cipher === undefined)
|
||||
cipher = 'aes128-ctr';
|
||||
cinf = utils.opensshCipherInfo(cipher);
|
||||
kdf = 'bcrypt';
|
||||
}
|
||||
}
|
||||
|
||||
var privBuf;
|
||||
if (PrivateKey.isPrivateKey(key)) {
|
||||
privBuf = new SSHBuffer({});
|
||||
var checkInt = crypto.randomBytes(4).readUInt32BE(0);
|
||||
privBuf.writeInt(checkInt);
|
||||
privBuf.writeInt(checkInt);
|
||||
privBuf.write(key.toBuffer('rfc4253'));
|
||||
privBuf.writeString(key.comment || '');
|
||||
|
||||
var n = 1;
|
||||
while (privBuf._offset % cinf.blockSize !== 0)
|
||||
privBuf.writeChar(n++);
|
||||
privBuf = privBuf.toBuffer();
|
||||
}
|
||||
|
||||
switch (kdf) {
|
||||
case 'none':
|
||||
break;
|
||||
case 'bcrypt':
|
||||
var salt = crypto.randomBytes(16);
|
||||
var rounds = 16;
|
||||
var kdfssh = new SSHBuffer({});
|
||||
kdfssh.writeBuffer(salt);
|
||||
kdfssh.writeInt(rounds);
|
||||
kdfopts = kdfssh.toBuffer();
|
||||
|
||||
if (bcrypt === undefined) {
|
||||
bcrypt = require('bcrypt-pbkdf');
|
||||
}
|
||||
var pass = new Uint8Array(passphrase);
|
||||
var salti = new Uint8Array(salt);
|
||||
/* Use the pbkdf to derive both the key and the IV. */
|
||||
var out = new Uint8Array(cinf.keySize + cinf.blockSize);
|
||||
var res = bcrypt.pbkdf(pass, pass.length, salti, salti.length,
|
||||
out, out.length, rounds);
|
||||
if (res !== 0) {
|
||||
throw (new Error('bcrypt_pbkdf function returned ' +
|
||||
'failure, parameters invalid'));
|
||||
}
|
||||
out = new Buffer(out);
|
||||
var ckey = out.slice(0, cinf.keySize);
|
||||
var iv = out.slice(cinf.keySize, cinf.keySize + cinf.blockSize);
|
||||
|
||||
var cipherStream = crypto.createCipheriv(cinf.opensslName,
|
||||
ckey, iv);
|
||||
cipherStream.setAutoPadding(false);
|
||||
var chunk, chunks = [];
|
||||
cipherStream.once('error', function (e) {
|
||||
throw (e);
|
||||
});
|
||||
cipherStream.write(privBuf);
|
||||
cipherStream.end();
|
||||
while ((chunk = cipherStream.read()) !== null)
|
||||
chunks.push(chunk);
|
||||
privBuf = Buffer.concat(chunks);
|
||||
break;
|
||||
default:
|
||||
throw (new Error('Unsupported kdf ' + kdf));
|
||||
}
|
||||
|
||||
var buf = new SSHBuffer({});
|
||||
|
||||
buf.writeCString(MAGIC);
|
||||
buf.writeString(cipher); /* cipher */
|
||||
buf.writeString(kdf); /* kdf */
|
||||
buf.writeBuffer(kdfopts); /* kdfoptions */
|
||||
|
||||
buf.writeInt(1); /* nkeys */
|
||||
buf.writeBuffer(pubKey.toBuffer('rfc4253'));
|
||||
|
||||
if (privBuf)
|
||||
buf.writeBuffer(privBuf);
|
||||
|
||||
buf = buf.toBuffer();
|
||||
|
||||
var header;
|
||||
if (PrivateKey.isPrivateKey(key))
|
||||
header = 'OPENSSH PRIVATE KEY';
|
||||
else
|
||||
header = 'OPENSSH PUBLIC KEY';
|
||||
|
||||
var tmp = buf.toString('base64');
|
||||
var len = tmp.length + (tmp.length / 70) +
|
||||
18 + 16 + header.length*2 + 10;
|
||||
buf = new Buffer(len);
|
||||
var o = 0;
|
||||
o += buf.write('-----BEGIN ' + header + '-----\n', o);
|
||||
for (var i = 0; i < tmp.length; ) {
|
||||
var limit = i + 70;
|
||||
if (limit > tmp.length)
|
||||
limit = tmp.length;
|
||||
o += buf.write(tmp.slice(i, limit), o);
|
||||
buf[o++] = 10;
|
||||
i = limit;
|
||||
}
|
||||
o += buf.write('-----END ' + header + '-----\n', o);
|
||||
|
||||
return (buf.slice(0, o));
|
||||
}
|
114
node_modules/sshpk/lib/formats/ssh.js
generated
vendored
Normal file
114
node_modules/sshpk/lib/formats/ssh.js
generated
vendored
Normal file
@ -0,0 +1,114 @@
|
||||
// Copyright 2015 Joyent, Inc.
|
||||
|
||||
module.exports = {
|
||||
read: read,
|
||||
write: write
|
||||
};
|
||||
|
||||
var assert = require('assert-plus');
|
||||
var rfc4253 = require('./rfc4253');
|
||||
var utils = require('../utils');
|
||||
var Key = require('../key');
|
||||
var PrivateKey = require('../private-key');
|
||||
|
||||
var sshpriv = require('./ssh-private');
|
||||
|
||||
/*JSSTYLED*/
|
||||
var SSHKEY_RE = /^([a-z0-9-]+)[ \t]+([a-zA-Z0-9+\/]+[=]*)([\n \t]+([^\n]+))?$/;
|
||||
/*JSSTYLED*/
|
||||
var SSHKEY_RE2 = /^([a-z0-9-]+)[ \t]+([a-zA-Z0-9+\/ \t\n]+[=]*)(.*)$/;
|
||||
|
||||
function read(buf, options) {
|
||||
if (typeof (buf) !== 'string') {
|
||||
assert.buffer(buf, 'buf');
|
||||
buf = buf.toString('ascii');
|
||||
}
|
||||
|
||||
var trimmed = buf.trim().replace(/[\\\r]/g, '');
|
||||
var m = trimmed.match(SSHKEY_RE);
|
||||
if (!m)
|
||||
m = trimmed.match(SSHKEY_RE2);
|
||||
assert.ok(m, 'key must match regex');
|
||||
|
||||
var type = rfc4253.algToKeyType(m[1]);
|
||||
var kbuf = new Buffer(m[2], 'base64');
|
||||
|
||||
/*
|
||||
* This is a bit tricky. If we managed to parse the key and locate the
|
||||
* key comment with the regex, then do a non-partial read and assert
|
||||
* that we have consumed all bytes. If we couldn't locate the key
|
||||
* comment, though, there may be whitespace shenanigans going on that
|
||||
* have conjoined the comment to the rest of the key. We do a partial
|
||||
* read in this case to try to make the best out of a sorry situation.
|
||||
*/
|
||||
var key;
|
||||
var ret = {};
|
||||
if (m[4]) {
|
||||
try {
|
||||
key = rfc4253.read(kbuf);
|
||||
|
||||
} catch (e) {
|
||||
m = trimmed.match(SSHKEY_RE2);
|
||||
assert.ok(m, 'key must match regex');
|
||||
kbuf = new Buffer(m[2], 'base64');
|
||||
key = rfc4253.readInternal(ret, 'public', kbuf);
|
||||
}
|
||||
} else {
|
||||
key = rfc4253.readInternal(ret, 'public', kbuf);
|
||||
}
|
||||
|
||||
assert.strictEqual(type, key.type);
|
||||
|
||||
if (m[4] && m[4].length > 0) {
|
||||
key.comment = m[4];
|
||||
|
||||
} else if (ret.consumed) {
|
||||
/*
|
||||
* Now the magic: trying to recover the key comment when it's
|
||||
* gotten conjoined to the key or otherwise shenanigan'd.
|
||||
*
|
||||
* Work out how much base64 we used, then drop all non-base64
|
||||
* chars from the beginning up to this point in the the string.
|
||||
* Then offset in this and try to make up for missing = chars.
|
||||
*/
|
||||
var data = m[2] + m[3];
|
||||
var realOffset = Math.ceil(ret.consumed / 3) * 4;
|
||||
data = data.slice(0, realOffset - 2). /*JSSTYLED*/
|
||||
replace(/[^a-zA-Z0-9+\/=]/g, '') +
|
||||
data.slice(realOffset - 2);
|
||||
|
||||
var padding = ret.consumed % 3;
|
||||
if (padding > 0 &&
|
||||
data.slice(realOffset - 1, realOffset) !== '=')
|
||||
realOffset--;
|
||||
while (data.slice(realOffset, realOffset + 1) === '=')
|
||||
realOffset++;
|
||||
|
||||
/* Finally, grab what we think is the comment & clean it up. */
|
||||
var trailer = data.slice(realOffset);
|
||||
trailer = trailer.replace(/[\r\n]/g, ' ').
|
||||
replace(/^\s+/, '');
|
||||
if (trailer.match(/^[a-zA-Z0-9]/))
|
||||
key.comment = trailer;
|
||||
}
|
||||
|
||||
return (key);
|
||||
}
|
||||
|
||||
function write(key, options) {
|
||||
assert.object(key);
|
||||
if (!Key.isKey(key))
|
||||
throw (new Error('Must be a public key'));
|
||||
|
||||
var parts = [];
|
||||
var alg = rfc4253.keyTypeToAlg(key);
|
||||
parts.push(alg);
|
||||
|
||||
var buf = rfc4253.write(key);
|
||||
parts.push(buf.toString('base64'));
|
||||
|
||||
if (key.comment)
|
||||
parts.push(key.comment);
|
||||
|
||||
return (new Buffer(parts.join(' ')));
|
||||
}
|
77
node_modules/sshpk/lib/formats/x509-pem.js
generated
vendored
Normal file
77
node_modules/sshpk/lib/formats/x509-pem.js
generated
vendored
Normal file
@ -0,0 +1,77 @@
|
||||
// Copyright 2016 Joyent, Inc.
|
||||
|
||||
var x509 = require('./x509');
|
||||
|
||||
module.exports = {
|
||||
read: read,
|
||||
verify: x509.verify,
|
||||
sign: x509.sign,
|
||||
write: write
|
||||
};
|
||||
|
||||
var assert = require('assert-plus');
|
||||
var asn1 = require('asn1');
|
||||
var algs = require('../algs');
|
||||
var utils = require('../utils');
|
||||
var Key = require('../key');
|
||||
var PrivateKey = require('../private-key');
|
||||
var pem = require('./pem');
|
||||
var Identity = require('../identity');
|
||||
var Signature = require('../signature');
|
||||
var Certificate = require('../certificate');
|
||||
|
||||
function read(buf, options) {
|
||||
if (typeof (buf) !== 'string') {
|
||||
assert.buffer(buf, 'buf');
|
||||
buf = buf.toString('ascii');
|
||||
}
|
||||
|
||||
var lines = buf.trim().split(/[\r\n]+/g);
|
||||
|
||||
var m = lines[0].match(/*JSSTYLED*/
|
||||
/[-]+[ ]*BEGIN CERTIFICATE[ ]*[-]+/);
|
||||
assert.ok(m, 'invalid PEM header');
|
||||
|
||||
var m2 = lines[lines.length - 1].match(/*JSSTYLED*/
|
||||
/[-]+[ ]*END CERTIFICATE[ ]*[-]+/);
|
||||
assert.ok(m2, 'invalid PEM footer');
|
||||
|
||||
var headers = {};
|
||||
while (true) {
|
||||
lines = lines.slice(1);
|
||||
m = lines[0].match(/*JSSTYLED*/
|
||||
/^([A-Za-z0-9-]+): (.+)$/);
|
||||
if (!m)
|
||||
break;
|
||||
headers[m[1].toLowerCase()] = m[2];
|
||||
}
|
||||
|
||||
/* Chop off the first and last lines */
|
||||
lines = lines.slice(0, -1).join('');
|
||||
buf = new Buffer(lines, 'base64');
|
||||
|
||||
return (x509.read(buf, options));
|
||||
}
|
||||
|
||||
function write(cert, options) {
|
||||
var dbuf = x509.write(cert, options);
|
||||
|
||||
var header = 'CERTIFICATE';
|
||||
var tmp = dbuf.toString('base64');
|
||||
var len = tmp.length + (tmp.length / 64) +
|
||||
18 + 16 + header.length*2 + 10;
|
||||
var buf = new Buffer(len);
|
||||
var o = 0;
|
||||
o += buf.write('-----BEGIN ' + header + '-----\n', o);
|
||||
for (var i = 0; i < tmp.length; ) {
|
||||
var limit = i + 64;
|
||||
if (limit > tmp.length)
|
||||
limit = tmp.length;
|
||||
o += buf.write(tmp.slice(i, limit), o);
|
||||
buf[o++] = 10;
|
||||
i = limit;
|
||||
}
|
||||
o += buf.write('-----END ' + header + '-----\n', o);
|
||||
|
||||
return (buf.slice(0, o));
|
||||
}
|
726
node_modules/sshpk/lib/formats/x509.js
generated
vendored
Normal file
726
node_modules/sshpk/lib/formats/x509.js
generated
vendored
Normal file
@ -0,0 +1,726 @@
|
||||
// Copyright 2017 Joyent, Inc.
|
||||
|
||||
module.exports = {
|
||||
read: read,
|
||||
verify: verify,
|
||||
sign: sign,
|
||||
signAsync: signAsync,
|
||||
write: write
|
||||
};
|
||||
|
||||
var assert = require('assert-plus');
|
||||
var asn1 = require('asn1');
|
||||
var algs = require('../algs');
|
||||
var utils = require('../utils');
|
||||
var Key = require('../key');
|
||||
var PrivateKey = require('../private-key');
|
||||
var pem = require('./pem');
|
||||
var Identity = require('../identity');
|
||||
var Signature = require('../signature');
|
||||
var Certificate = require('../certificate');
|
||||
var pkcs8 = require('./pkcs8');
|
||||
|
||||
/*
|
||||
* This file is based on RFC5280 (X.509).
|
||||
*/
|
||||
|
||||
/* Helper to read in a single mpint */
|
||||
function readMPInt(der, nm) {
|
||||
assert.strictEqual(der.peek(), asn1.Ber.Integer,
|
||||
nm + ' is not an Integer');
|
||||
return (utils.mpNormalize(der.readString(asn1.Ber.Integer, true)));
|
||||
}
|
||||
|
||||
function verify(cert, key) {
|
||||
var sig = cert.signatures.x509;
|
||||
assert.object(sig, 'x509 signature');
|
||||
|
||||
var algParts = sig.algo.split('-');
|
||||
if (algParts[0] !== key.type)
|
||||
return (false);
|
||||
|
||||
var blob = sig.cache;
|
||||
if (blob === undefined) {
|
||||
var der = new asn1.BerWriter();
|
||||
writeTBSCert(cert, der);
|
||||
blob = der.buffer;
|
||||
}
|
||||
|
||||
var verifier = key.createVerify(algParts[1]);
|
||||
verifier.write(blob);
|
||||
return (verifier.verify(sig.signature));
|
||||
}
|
||||
|
||||
function Local(i) {
|
||||
return (asn1.Ber.Context | asn1.Ber.Constructor | i);
|
||||
}
|
||||
|
||||
function Context(i) {
|
||||
return (asn1.Ber.Context | i);
|
||||
}
|
||||
|
||||
var SIGN_ALGS = {
|
||||
'rsa-md5': '1.2.840.113549.1.1.4',
|
||||
'rsa-sha1': '1.2.840.113549.1.1.5',
|
||||
'rsa-sha256': '1.2.840.113549.1.1.11',
|
||||
'rsa-sha384': '1.2.840.113549.1.1.12',
|
||||
'rsa-sha512': '1.2.840.113549.1.1.13',
|
||||
'dsa-sha1': '1.2.840.10040.4.3',
|
||||
'dsa-sha256': '2.16.840.1.101.3.4.3.2',
|
||||
'ecdsa-sha1': '1.2.840.10045.4.1',
|
||||
'ecdsa-sha256': '1.2.840.10045.4.3.2',
|
||||
'ecdsa-sha384': '1.2.840.10045.4.3.3',
|
||||
'ecdsa-sha512': '1.2.840.10045.4.3.4'
|
||||
};
|
||||
Object.keys(SIGN_ALGS).forEach(function (k) {
|
||||
SIGN_ALGS[SIGN_ALGS[k]] = k;
|
||||
});
|
||||
SIGN_ALGS['1.3.14.3.2.3'] = 'rsa-md5';
|
||||
SIGN_ALGS['1.3.14.3.2.29'] = 'rsa-sha1';
|
||||
|
||||
var EXTS = {
|
||||
'issuerKeyId': '2.5.29.35',
|
||||
'altName': '2.5.29.17',
|
||||
'basicConstraints': '2.5.29.19',
|
||||
'keyUsage': '2.5.29.15',
|
||||
'extKeyUsage': '2.5.29.37'
|
||||
};
|
||||
|
||||
function read(buf, options) {
|
||||
if (typeof (buf) === 'string') {
|
||||
buf = new Buffer(buf, 'binary');
|
||||
}
|
||||
assert.buffer(buf, 'buf');
|
||||
|
||||
var der = new asn1.BerReader(buf);
|
||||
|
||||
der.readSequence();
|
||||
if (Math.abs(der.length - der.remain) > 1) {
|
||||
throw (new Error('DER sequence does not contain whole byte ' +
|
||||
'stream'));
|
||||
}
|
||||
|
||||
var tbsStart = der.offset;
|
||||
der.readSequence();
|
||||
var sigOffset = der.offset + der.length;
|
||||
var tbsEnd = sigOffset;
|
||||
|
||||
if (der.peek() === Local(0)) {
|
||||
der.readSequence(Local(0));
|
||||
var version = der.readInt();
|
||||
assert.ok(version <= 3,
|
||||
'only x.509 versions up to v3 supported');
|
||||
}
|
||||
|
||||
var cert = {};
|
||||
cert.signatures = {};
|
||||
var sig = (cert.signatures.x509 = {});
|
||||
sig.extras = {};
|
||||
|
||||
cert.serial = readMPInt(der, 'serial');
|
||||
|
||||
der.readSequence();
|
||||
var after = der.offset + der.length;
|
||||
var certAlgOid = der.readOID();
|
||||
var certAlg = SIGN_ALGS[certAlgOid];
|
||||
if (certAlg === undefined)
|
||||
throw (new Error('unknown signature algorithm ' + certAlgOid));
|
||||
|
||||
der._offset = after;
|
||||
cert.issuer = Identity.parseAsn1(der);
|
||||
|
||||
der.readSequence();
|
||||
cert.validFrom = readDate(der);
|
||||
cert.validUntil = readDate(der);
|
||||
|
||||
cert.subjects = [Identity.parseAsn1(der)];
|
||||
|
||||
der.readSequence();
|
||||
after = der.offset + der.length;
|
||||
cert.subjectKey = pkcs8.readPkcs8(undefined, 'public', der);
|
||||
der._offset = after;
|
||||
|
||||
/* issuerUniqueID */
|
||||
if (der.peek() === Local(1)) {
|
||||
der.readSequence(Local(1));
|
||||
sig.extras.issuerUniqueID =
|
||||
buf.slice(der.offset, der.offset + der.length);
|
||||
der._offset += der.length;
|
||||
}
|
||||
|
||||
/* subjectUniqueID */
|
||||
if (der.peek() === Local(2)) {
|
||||
der.readSequence(Local(2));
|
||||
sig.extras.subjectUniqueID =
|
||||
buf.slice(der.offset, der.offset + der.length);
|
||||
der._offset += der.length;
|
||||
}
|
||||
|
||||
/* extensions */
|
||||
if (der.peek() === Local(3)) {
|
||||
der.readSequence(Local(3));
|
||||
var extEnd = der.offset + der.length;
|
||||
der.readSequence();
|
||||
|
||||
while (der.offset < extEnd)
|
||||
readExtension(cert, buf, der);
|
||||
|
||||
assert.strictEqual(der.offset, extEnd);
|
||||
}
|
||||
|
||||
assert.strictEqual(der.offset, sigOffset);
|
||||
|
||||
der.readSequence();
|
||||
after = der.offset + der.length;
|
||||
var sigAlgOid = der.readOID();
|
||||
var sigAlg = SIGN_ALGS[sigAlgOid];
|
||||
if (sigAlg === undefined)
|
||||
throw (new Error('unknown signature algorithm ' + sigAlgOid));
|
||||
der._offset = after;
|
||||
|
||||
var sigData = der.readString(asn1.Ber.BitString, true);
|
||||
if (sigData[0] === 0)
|
||||
sigData = sigData.slice(1);
|
||||
var algParts = sigAlg.split('-');
|
||||
|
||||
sig.signature = Signature.parse(sigData, algParts[0], 'asn1');
|
||||
sig.signature.hashAlgorithm = algParts[1];
|
||||
sig.algo = sigAlg;
|
||||
sig.cache = buf.slice(tbsStart, tbsEnd);
|
||||
|
||||
return (new Certificate(cert));
|
||||
}
|
||||
|
||||
function readDate(der) {
|
||||
if (der.peek() === asn1.Ber.UTCTime) {
|
||||
return (utcTimeToDate(der.readString(asn1.Ber.UTCTime)));
|
||||
} else if (der.peek() === asn1.Ber.GeneralizedTime) {
|
||||
return (gTimeToDate(der.readString(asn1.Ber.GeneralizedTime)));
|
||||
} else {
|
||||
throw (new Error('Unsupported date format'));
|
||||
}
|
||||
}
|
||||
|
||||
/* RFC5280, section 4.2.1.6 (GeneralName type) */
|
||||
var ALTNAME = {
|
||||
OtherName: Local(0),
|
||||
RFC822Name: Context(1),
|
||||
DNSName: Context(2),
|
||||
X400Address: Local(3),
|
||||
DirectoryName: Local(4),
|
||||
EDIPartyName: Local(5),
|
||||
URI: Context(6),
|
||||
IPAddress: Context(7),
|
||||
OID: Context(8)
|
||||
};
|
||||
|
||||
/* RFC5280, section 4.2.1.12 (KeyPurposeId) */
|
||||
var EXTPURPOSE = {
|
||||
'serverAuth': '1.3.6.1.5.5.7.3.1',
|
||||
'clientAuth': '1.3.6.1.5.5.7.3.2',
|
||||
'codeSigning': '1.3.6.1.5.5.7.3.3',
|
||||
|
||||
/* See https://github.com/joyent/oid-docs/blob/master/root.md */
|
||||
'joyentDocker': '1.3.6.1.4.1.38678.1.4.1',
|
||||
'joyentCmon': '1.3.6.1.4.1.38678.1.4.2'
|
||||
};
|
||||
var EXTPURPOSE_REV = {};
|
||||
Object.keys(EXTPURPOSE).forEach(function (k) {
|
||||
EXTPURPOSE_REV[EXTPURPOSE[k]] = k;
|
||||
});
|
||||
|
||||
var KEYUSEBITS = [
|
||||
'signature', 'identity', 'keyEncryption',
|
||||
'encryption', 'keyAgreement', 'ca', 'crl'
|
||||
];
|
||||
|
||||
function readExtension(cert, buf, der) {
|
||||
der.readSequence();
|
||||
var after = der.offset + der.length;
|
||||
var extId = der.readOID();
|
||||
var id;
|
||||
var sig = cert.signatures.x509;
|
||||
sig.extras.exts = [];
|
||||
|
||||
var critical;
|
||||
if (der.peek() === asn1.Ber.Boolean)
|
||||
critical = der.readBoolean();
|
||||
|
||||
switch (extId) {
|
||||
case (EXTS.basicConstraints):
|
||||
der.readSequence(asn1.Ber.OctetString);
|
||||
der.readSequence();
|
||||
var bcEnd = der.offset + der.length;
|
||||
var ca = false;
|
||||
if (der.peek() === asn1.Ber.Boolean)
|
||||
ca = der.readBoolean();
|
||||
if (cert.purposes === undefined)
|
||||
cert.purposes = [];
|
||||
if (ca === true)
|
||||
cert.purposes.push('ca');
|
||||
var bc = { oid: extId, critical: critical };
|
||||
if (der.offset < bcEnd && der.peek() === asn1.Ber.Integer)
|
||||
bc.pathLen = der.readInt();
|
||||
sig.extras.exts.push(bc);
|
||||
break;
|
||||
case (EXTS.extKeyUsage):
|
||||
der.readSequence(asn1.Ber.OctetString);
|
||||
der.readSequence();
|
||||
if (cert.purposes === undefined)
|
||||
cert.purposes = [];
|
||||
var ekEnd = der.offset + der.length;
|
||||
while (der.offset < ekEnd) {
|
||||
var oid = der.readOID();
|
||||
cert.purposes.push(EXTPURPOSE_REV[oid] || oid);
|
||||
}
|
||||
/*
|
||||
* This is a bit of a hack: in the case where we have a cert
|
||||
* that's only allowed to do serverAuth or clientAuth (and not
|
||||
* the other), we want to make sure all our Subjects are of
|
||||
* the right type. But we already parsed our Subjects and
|
||||
* decided if they were hosts or users earlier (since it appears
|
||||
* first in the cert).
|
||||
*
|
||||
* So we go through and mutate them into the right kind here if
|
||||
* it doesn't match. This might not be hugely beneficial, as it
|
||||
* seems that single-purpose certs are not often seen in the
|
||||
* wild.
|
||||
*/
|
||||
if (cert.purposes.indexOf('serverAuth') !== -1 &&
|
||||
cert.purposes.indexOf('clientAuth') === -1) {
|
||||
cert.subjects.forEach(function (ide) {
|
||||
if (ide.type !== 'host') {
|
||||
ide.type = 'host';
|
||||
ide.hostname = ide.uid ||
|
||||
ide.email ||
|
||||
ide.components[0].value;
|
||||
}
|
||||
});
|
||||
} else if (cert.purposes.indexOf('clientAuth') !== -1 &&
|
||||
cert.purposes.indexOf('serverAuth') === -1) {
|
||||
cert.subjects.forEach(function (ide) {
|
||||
if (ide.type !== 'user') {
|
||||
ide.type = 'user';
|
||||
ide.uid = ide.hostname ||
|
||||
ide.email ||
|
||||
ide.components[0].value;
|
||||
}
|
||||
});
|
||||
}
|
||||
sig.extras.exts.push({ oid: extId, critical: critical });
|
||||
break;
|
||||
case (EXTS.keyUsage):
|
||||
der.readSequence(asn1.Ber.OctetString);
|
||||
var bits = der.readString(asn1.Ber.BitString, true);
|
||||
var setBits = readBitField(bits, KEYUSEBITS);
|
||||
setBits.forEach(function (bit) {
|
||||
if (cert.purposes === undefined)
|
||||
cert.purposes = [];
|
||||
if (cert.purposes.indexOf(bit) === -1)
|
||||
cert.purposes.push(bit);
|
||||
});
|
||||
sig.extras.exts.push({ oid: extId, critical: critical,
|
||||
bits: bits });
|
||||
break;
|
||||
case (EXTS.altName):
|
||||
der.readSequence(asn1.Ber.OctetString);
|
||||
der.readSequence();
|
||||
var aeEnd = der.offset + der.length;
|
||||
while (der.offset < aeEnd) {
|
||||
switch (der.peek()) {
|
||||
case ALTNAME.OtherName:
|
||||
case ALTNAME.EDIPartyName:
|
||||
der.readSequence();
|
||||
der._offset += der.length;
|
||||
break;
|
||||
case ALTNAME.OID:
|
||||
der.readOID(ALTNAME.OID);
|
||||
break;
|
||||
case ALTNAME.RFC822Name:
|
||||
/* RFC822 specifies email addresses */
|
||||
var email = der.readString(ALTNAME.RFC822Name);
|
||||
id = Identity.forEmail(email);
|
||||
if (!cert.subjects[0].equals(id))
|
||||
cert.subjects.push(id);
|
||||
break;
|
||||
case ALTNAME.DirectoryName:
|
||||
der.readSequence(ALTNAME.DirectoryName);
|
||||
id = Identity.parseAsn1(der);
|
||||
if (!cert.subjects[0].equals(id))
|
||||
cert.subjects.push(id);
|
||||
break;
|
||||
case ALTNAME.DNSName:
|
||||
var host = der.readString(
|
||||
ALTNAME.DNSName);
|
||||
id = Identity.forHost(host);
|
||||
if (!cert.subjects[0].equals(id))
|
||||
cert.subjects.push(id);
|
||||
break;
|
||||
default:
|
||||
der.readString(der.peek());
|
||||
break;
|
||||
}
|
||||
}
|
||||
sig.extras.exts.push({ oid: extId, critical: critical });
|
||||
break;
|
||||
default:
|
||||
sig.extras.exts.push({
|
||||
oid: extId,
|
||||
critical: critical,
|
||||
data: der.readString(asn1.Ber.OctetString, true)
|
||||
});
|
||||
break;
|
||||
}
|
||||
|
||||
der._offset = after;
|
||||
}
|
||||
|
||||
var UTCTIME_RE =
|
||||
/^([0-9]{2})([0-9]{2})([0-9]{2})([0-9]{2})([0-9]{2})([0-9]{2})?Z$/;
|
||||
function utcTimeToDate(t) {
|
||||
var m = t.match(UTCTIME_RE);
|
||||
assert.ok(m, 'timestamps must be in UTC');
|
||||
var d = new Date();
|
||||
|
||||
var thisYear = d.getUTCFullYear();
|
||||
var century = Math.floor(thisYear / 100) * 100;
|
||||
|
||||
var year = parseInt(m[1], 10);
|
||||
if (thisYear % 100 < 50 && year >= 60)
|
||||
year += (century - 1);
|
||||
else
|
||||
year += century;
|
||||
d.setUTCFullYear(year, parseInt(m[2], 10) - 1, parseInt(m[3], 10));
|
||||
d.setUTCHours(parseInt(m[4], 10), parseInt(m[5], 10));
|
||||
if (m[6] && m[6].length > 0)
|
||||
d.setUTCSeconds(parseInt(m[6], 10));
|
||||
return (d);
|
||||
}
|
||||
|
||||
var GTIME_RE =
|
||||
/^([0-9]{4})([0-9]{2})([0-9]{2})([0-9]{2})([0-9]{2})([0-9]{2})?Z$/;
|
||||
function gTimeToDate(t) {
|
||||
var m = t.match(GTIME_RE);
|
||||
assert.ok(m);
|
||||
var d = new Date();
|
||||
|
||||
d.setUTCFullYear(parseInt(m[1], 10), parseInt(m[2], 10) - 1,
|
||||
parseInt(m[3], 10));
|
||||
d.setUTCHours(parseInt(m[4], 10), parseInt(m[5], 10));
|
||||
if (m[6] && m[6].length > 0)
|
||||
d.setUTCSeconds(parseInt(m[6], 10));
|
||||
return (d);
|
||||
}
|
||||
|
||||
function zeroPad(n) {
|
||||
var s = '' + n;
|
||||
while (s.length < 2)
|
||||
s = '0' + s;
|
||||
return (s);
|
||||
}
|
||||
|
||||
function dateToUTCTime(d) {
|
||||
var s = '';
|
||||
s += zeroPad(d.getUTCFullYear() % 100);
|
||||
s += zeroPad(d.getUTCMonth() + 1);
|
||||
s += zeroPad(d.getUTCDate());
|
||||
s += zeroPad(d.getUTCHours());
|
||||
s += zeroPad(d.getUTCMinutes());
|
||||
s += zeroPad(d.getUTCSeconds());
|
||||
s += 'Z';
|
||||
return (s);
|
||||
}
|
||||
|
||||
function sign(cert, key) {
|
||||
if (cert.signatures.x509 === undefined)
|
||||
cert.signatures.x509 = {};
|
||||
var sig = cert.signatures.x509;
|
||||
|
||||
sig.algo = key.type + '-' + key.defaultHashAlgorithm();
|
||||
if (SIGN_ALGS[sig.algo] === undefined)
|
||||
return (false);
|
||||
|
||||
var der = new asn1.BerWriter();
|
||||
writeTBSCert(cert, der);
|
||||
var blob = der.buffer;
|
||||
sig.cache = blob;
|
||||
|
||||
var signer = key.createSign();
|
||||
signer.write(blob);
|
||||
cert.signatures.x509.signature = signer.sign();
|
||||
|
||||
return (true);
|
||||
}
|
||||
|
||||
function signAsync(cert, signer, done) {
|
||||
if (cert.signatures.x509 === undefined)
|
||||
cert.signatures.x509 = {};
|
||||
var sig = cert.signatures.x509;
|
||||
|
||||
var der = new asn1.BerWriter();
|
||||
writeTBSCert(cert, der);
|
||||
var blob = der.buffer;
|
||||
sig.cache = blob;
|
||||
|
||||
signer(blob, function (err, signature) {
|
||||
if (err) {
|
||||
done(err);
|
||||
return;
|
||||
}
|
||||
sig.algo = signature.type + '-' + signature.hashAlgorithm;
|
||||
if (SIGN_ALGS[sig.algo] === undefined) {
|
||||
done(new Error('Invalid signing algorithm "' +
|
||||
sig.algo + '"'));
|
||||
return;
|
||||
}
|
||||
sig.signature = signature;
|
||||
done();
|
||||
});
|
||||
}
|
||||
|
||||
function write(cert, options) {
|
||||
var sig = cert.signatures.x509;
|
||||
assert.object(sig, 'x509 signature');
|
||||
|
||||
var der = new asn1.BerWriter();
|
||||
der.startSequence();
|
||||
if (sig.cache) {
|
||||
der._ensure(sig.cache.length);
|
||||
sig.cache.copy(der._buf, der._offset);
|
||||
der._offset += sig.cache.length;
|
||||
} else {
|
||||
writeTBSCert(cert, der);
|
||||
}
|
||||
|
||||
der.startSequence();
|
||||
der.writeOID(SIGN_ALGS[sig.algo]);
|
||||
if (sig.algo.match(/^rsa-/))
|
||||
der.writeNull();
|
||||
der.endSequence();
|
||||
|
||||
var sigData = sig.signature.toBuffer('asn1');
|
||||
var data = new Buffer(sigData.length + 1);
|
||||
data[0] = 0;
|
||||
sigData.copy(data, 1);
|
||||
der.writeBuffer(data, asn1.Ber.BitString);
|
||||
der.endSequence();
|
||||
|
||||
return (der.buffer);
|
||||
}
|
||||
|
||||
function writeTBSCert(cert, der) {
|
||||
var sig = cert.signatures.x509;
|
||||
assert.object(sig, 'x509 signature');
|
||||
|
||||
der.startSequence();
|
||||
|
||||
der.startSequence(Local(0));
|
||||
der.writeInt(2);
|
||||
der.endSequence();
|
||||
|
||||
der.writeBuffer(utils.mpNormalize(cert.serial), asn1.Ber.Integer);
|
||||
|
||||
der.startSequence();
|
||||
der.writeOID(SIGN_ALGS[sig.algo]);
|
||||
der.endSequence();
|
||||
|
||||
cert.issuer.toAsn1(der);
|
||||
|
||||
der.startSequence();
|
||||
der.writeString(dateToUTCTime(cert.validFrom), asn1.Ber.UTCTime);
|
||||
der.writeString(dateToUTCTime(cert.validUntil), asn1.Ber.UTCTime);
|
||||
der.endSequence();
|
||||
|
||||
var subject = cert.subjects[0];
|
||||
var altNames = cert.subjects.slice(1);
|
||||
subject.toAsn1(der);
|
||||
|
||||
pkcs8.writePkcs8(der, cert.subjectKey);
|
||||
|
||||
if (sig.extras && sig.extras.issuerUniqueID) {
|
||||
der.writeBuffer(sig.extras.issuerUniqueID, Local(1));
|
||||
}
|
||||
|
||||
if (sig.extras && sig.extras.subjectUniqueID) {
|
||||
der.writeBuffer(sig.extras.subjectUniqueID, Local(2));
|
||||
}
|
||||
|
||||
if (altNames.length > 0 || subject.type === 'host' ||
|
||||
(cert.purposes !== undefined && cert.purposes.length > 0) ||
|
||||
(sig.extras && sig.extras.exts)) {
|
||||
der.startSequence(Local(3));
|
||||
der.startSequence();
|
||||
|
||||
var exts = [];
|
||||
if (cert.purposes !== undefined && cert.purposes.length > 0) {
|
||||
exts.push({
|
||||
oid: EXTS.basicConstraints,
|
||||
critical: true
|
||||
});
|
||||
exts.push({
|
||||
oid: EXTS.keyUsage,
|
||||
critical: true
|
||||
});
|
||||
exts.push({
|
||||
oid: EXTS.extKeyUsage,
|
||||
critical: true
|
||||
});
|
||||
}
|
||||
exts.push({ oid: EXTS.altName });
|
||||
if (sig.extras && sig.extras.exts)
|
||||
exts = sig.extras.exts;
|
||||
|
||||
for (var i = 0; i < exts.length; ++i) {
|
||||
der.startSequence();
|
||||
der.writeOID(exts[i].oid);
|
||||
|
||||
if (exts[i].critical !== undefined)
|
||||
der.writeBoolean(exts[i].critical);
|
||||
|
||||
if (exts[i].oid === EXTS.altName) {
|
||||
der.startSequence(asn1.Ber.OctetString);
|
||||
der.startSequence();
|
||||
if (subject.type === 'host') {
|
||||
der.writeString(subject.hostname,
|
||||
Context(2));
|
||||
}
|
||||
for (var j = 0; j < altNames.length; ++j) {
|
||||
if (altNames[j].type === 'host') {
|
||||
der.writeString(
|
||||
altNames[j].hostname,
|
||||
ALTNAME.DNSName);
|
||||
} else if (altNames[j].type ===
|
||||
'email') {
|
||||
der.writeString(
|
||||
altNames[j].email,
|
||||
ALTNAME.RFC822Name);
|
||||
} else {
|
||||
/*
|
||||
* Encode anything else as a
|
||||
* DN style name for now.
|
||||
*/
|
||||
der.startSequence(
|
||||
ALTNAME.DirectoryName);
|
||||
altNames[j].toAsn1(der);
|
||||
der.endSequence();
|
||||
}
|
||||
}
|
||||
der.endSequence();
|
||||
der.endSequence();
|
||||
} else if (exts[i].oid === EXTS.basicConstraints) {
|
||||
der.startSequence(asn1.Ber.OctetString);
|
||||
der.startSequence();
|
||||
var ca = (cert.purposes.indexOf('ca') !== -1);
|
||||
var pathLen = exts[i].pathLen;
|
||||
der.writeBoolean(ca);
|
||||
if (pathLen !== undefined)
|
||||
der.writeInt(pathLen);
|
||||
der.endSequence();
|
||||
der.endSequence();
|
||||
} else if (exts[i].oid === EXTS.extKeyUsage) {
|
||||
der.startSequence(asn1.Ber.OctetString);
|
||||
der.startSequence();
|
||||
cert.purposes.forEach(function (purpose) {
|
||||
if (purpose === 'ca')
|
||||
return;
|
||||
if (KEYUSEBITS.indexOf(purpose) !== -1)
|
||||
return;
|
||||
var oid = purpose;
|
||||
if (EXTPURPOSE[purpose] !== undefined)
|
||||
oid = EXTPURPOSE[purpose];
|
||||
der.writeOID(oid);
|
||||
});
|
||||
der.endSequence();
|
||||
der.endSequence();
|
||||
} else if (exts[i].oid === EXTS.keyUsage) {
|
||||
der.startSequence(asn1.Ber.OctetString);
|
||||
/*
|
||||
* If we parsed this certificate from a byte
|
||||
* stream (i.e. we didn't generate it in sshpk)
|
||||
* then we'll have a ".bits" property on the
|
||||
* ext with the original raw byte contents.
|
||||
*
|
||||
* If we have this, use it here instead of
|
||||
* regenerating it. This guarantees we output
|
||||
* the same data we parsed, so signatures still
|
||||
* validate.
|
||||
*/
|
||||
if (exts[i].bits !== undefined) {
|
||||
der.writeBuffer(exts[i].bits,
|
||||
asn1.Ber.BitString);
|
||||
} else {
|
||||
var bits = writeBitField(cert.purposes,
|
||||
KEYUSEBITS);
|
||||
der.writeBuffer(bits,
|
||||
asn1.Ber.BitString);
|
||||
}
|
||||
der.endSequence();
|
||||
} else {
|
||||
der.writeBuffer(exts[i].data,
|
||||
asn1.Ber.OctetString);
|
||||
}
|
||||
|
||||
der.endSequence();
|
||||
}
|
||||
|
||||
der.endSequence();
|
||||
der.endSequence();
|
||||
}
|
||||
|
||||
der.endSequence();
|
||||
}
|
||||
|
||||
/*
|
||||
* Reads an ASN.1 BER bitfield out of the Buffer produced by doing
|
||||
* `BerReader#readString(asn1.Ber.BitString)`. That function gives us the raw
|
||||
* contents of the BitString tag, which is a count of unused bits followed by
|
||||
* the bits as a right-padded byte string.
|
||||
*
|
||||
* `bits` is the Buffer, `bitIndex` should contain an array of string names
|
||||
* for the bits in the string, ordered starting with bit #0 in the ASN.1 spec.
|
||||
*
|
||||
* Returns an array of Strings, the names of the bits that were set to 1.
|
||||
*/
|
||||
function readBitField(bits, bitIndex) {
|
||||
var bitLen = 8 * (bits.length - 1) - bits[0];
|
||||
var setBits = {};
|
||||
for (var i = 0; i < bitLen; ++i) {
|
||||
var byteN = 1 + Math.floor(i / 8);
|
||||
var bit = 7 - (i % 8);
|
||||
var mask = 1 << bit;
|
||||
var bitVal = ((bits[byteN] & mask) !== 0);
|
||||
var name = bitIndex[i];
|
||||
if (bitVal && typeof (name) === 'string') {
|
||||
setBits[name] = true;
|
||||
}
|
||||
}
|
||||
return (Object.keys(setBits));
|
||||
}
|
||||
|
||||
/*
|
||||
* `setBits` is an array of strings, containing the names for each bit that
|
||||
* sould be set to 1. `bitIndex` is same as in `readBitField()`.
|
||||
*
|
||||
* Returns a Buffer, ready to be written out with `BerWriter#writeString()`.
|
||||
*/
|
||||
function writeBitField(setBits, bitIndex) {
|
||||
var bitLen = bitIndex.length;
|
||||
var blen = Math.ceil(bitLen / 8);
|
||||
var unused = blen * 8 - bitLen;
|
||||
var bits = new Buffer(1 + blen);
|
||||
bits.fill(0);
|
||||
bits[0] = unused;
|
||||
for (var i = 0; i < bitLen; ++i) {
|
||||
var byteN = 1 + Math.floor(i / 8);
|
||||
var bit = 7 - (i % 8);
|
||||
var mask = 1 << bit;
|
||||
var name = bitIndex[i];
|
||||
if (name === undefined)
|
||||
continue;
|
||||
var bitVal = (setBits.indexOf(name) !== -1);
|
||||
if (bitVal) {
|
||||
bits[byteN] |= mask;
|
||||
}
|
||||
}
|
||||
return (bits);
|
||||
}
|
Reference in New Issue
Block a user