diff options
Diffstat (limited to 'vnfmarket/src/main/webapp/vnfmarket/node_modules/sshpk/lib/private-key.js')
-rw-r--r-- | vnfmarket/src/main/webapp/vnfmarket/node_modules/sshpk/lib/private-key.js | 231 |
1 files changed, 231 insertions, 0 deletions
diff --git a/vnfmarket/src/main/webapp/vnfmarket/node_modules/sshpk/lib/private-key.js b/vnfmarket/src/main/webapp/vnfmarket/node_modules/sshpk/lib/private-key.js new file mode 100644 index 00000000..f80d9396 --- /dev/null +++ b/vnfmarket/src/main/webapp/vnfmarket/node_modules/sshpk/lib/private-key.js @@ -0,0 +1,231 @@ +// Copyright 2015 Joyent, Inc. + +module.exports = PrivateKey; + +var assert = require('assert-plus'); +var algs = require('./algs'); +var crypto = require('crypto'); +var Fingerprint = require('./fingerprint'); +var Signature = require('./signature'); +var errs = require('./errors'); +var util = require('util'); +var utils = require('./utils'); +var edCompat; +var ed; + +try { + edCompat = require('./ed-compat'); +} catch (e) { + /* Just continue through, and bail out if we try to use it. */ +} + +var Key = require('./key'); + +var InvalidAlgorithmError = errs.InvalidAlgorithmError; +var KeyParseError = errs.KeyParseError; +var KeyEncryptedError = errs.KeyEncryptedError; + +var formats = {}; +formats['auto'] = require('./formats/auto'); +formats['pem'] = require('./formats/pem'); +formats['pkcs1'] = require('./formats/pkcs1'); +formats['pkcs8'] = require('./formats/pkcs8'); +formats['rfc4253'] = require('./formats/rfc4253'); +formats['ssh-private'] = require('./formats/ssh-private'); +formats['openssh'] = formats['ssh-private']; +formats['ssh'] = formats['ssh-private']; + +function PrivateKey(opts) { + assert.object(opts, 'options'); + Key.call(this, opts); + + this._pubCache = undefined; +} +util.inherits(PrivateKey, Key); + +PrivateKey.formats = formats; + +PrivateKey.prototype.toBuffer = function (format, options) { + if (format === undefined) + format = 'pkcs1'; + assert.string(format, 'format'); + assert.object(formats[format], 'formats[format]'); + assert.optionalObject(options, 'options'); + + return (formats[format].write(this, options)); +}; + +PrivateKey.prototype.hash = function (algo) { + return (this.toPublic().hash(algo)); +}; + +PrivateKey.prototype.toPublic = function () { + if (this._pubCache) + return (this._pubCache); + + var algInfo = algs.info[this.type]; + var pubParts = []; + for (var i = 0; i < algInfo.parts.length; ++i) { + var p = algInfo.parts[i]; + pubParts.push(this.part[p]); + } + + this._pubCache = new Key({ + type: this.type, + source: this, + parts: pubParts + }); + if (this.comment) + this._pubCache.comment = this.comment; + return (this._pubCache); +}; + +PrivateKey.prototype.derive = function (newType, newSize) { + assert.string(newType, 'type'); + assert.optionalNumber(newSize, 'size'); + var priv, pub; + + if (this.type === 'ed25519' && newType === 'curve25519') { + if (ed === undefined) + ed = require('jodid25519'); + + priv = this.part.r.data; + if (priv[0] === 0x00) + priv = priv.slice(1); + priv = priv.slice(0, 32); + + pub = ed.dh.publicKey(priv); + priv = utils.mpNormalize(Buffer.concat([priv, pub])); + + return (new PrivateKey({ + type: 'curve25519', + parts: [ + { name: 'R', data: utils.mpNormalize(pub) }, + { name: 'r', data: priv } + ] + })); + } else if (this.type === 'curve25519' && newType === 'ed25519') { + if (ed === undefined) + ed = require('jodid25519'); + + priv = this.part.r.data; + if (priv[0] === 0x00) + priv = priv.slice(1); + priv = priv.slice(0, 32); + + pub = ed.eddsa.publicKey(priv.toString('binary')); + pub = new Buffer(pub, 'binary'); + + priv = utils.mpNormalize(Buffer.concat([priv, pub])); + + return (new PrivateKey({ + type: 'ed25519', + parts: [ + { name: 'R', data: utils.mpNormalize(pub) }, + { name: 'r', data: priv } + ] + })); + } + throw (new Error('Key derivation not supported from ' + this.type + + ' to ' + newType)); +}; + +PrivateKey.prototype.createVerify = function (hashAlgo) { + return (this.toPublic().createVerify(hashAlgo)); +}; + +PrivateKey.prototype.createSign = function (hashAlgo) { + if (hashAlgo === undefined) + hashAlgo = this.defaultHashAlgorithm(); + assert.string(hashAlgo, 'hash algorithm'); + + /* ED25519 is not supported by OpenSSL, use a javascript impl. */ + if (this.type === 'ed25519' && edCompat !== undefined) + return (new edCompat.Signer(this, hashAlgo)); + if (this.type === 'curve25519') + throw (new Error('Curve25519 keys are not suitable for ' + + 'signing or verification')); + + var v, nm, err; + try { + nm = hashAlgo.toUpperCase(); + v = crypto.createSign(nm); + } catch (e) { + err = e; + } + if (v === undefined || (err instanceof Error && + err.message.match(/Unknown message digest/))) { + nm = 'RSA-'; + nm += hashAlgo.toUpperCase(); + v = crypto.createSign(nm); + } + assert.ok(v, 'failed to create verifier'); + var oldSign = v.sign.bind(v); + var key = this.toBuffer('pkcs1'); + var type = this.type; + v.sign = function () { + var sig = oldSign(key); + if (typeof (sig) === 'string') + sig = new Buffer(sig, 'binary'); + sig = Signature.parse(sig, type, 'asn1'); + sig.hashAlgorithm = hashAlgo; + return (sig); + }; + return (v); +}; + +PrivateKey.parse = function (data, format, options) { + if (typeof (data) !== 'string') + assert.buffer(data, 'data'); + if (format === undefined) + format = 'auto'; + assert.string(format, 'format'); + if (typeof (options) === 'string') + options = { filename: options }; + assert.optionalObject(options, 'options'); + if (options === undefined) + options = {}; + assert.optionalString(options.filename, 'options.filename'); + if (options.filename === undefined) + options.filename = '(unnamed)'; + + assert.object(formats[format], 'formats[format]'); + + try { + var k = formats[format].read(data, options); + assert.ok(k instanceof PrivateKey, 'key is not a private key'); + if (!k.comment) + k.comment = options.filename; + return (k); + } catch (e) { + if (e.name === 'KeyEncryptedError') + throw (e); + throw (new KeyParseError(options.filename, format, e)); + } +}; + +PrivateKey.isPrivateKey = function (obj, ver) { + return (utils.isCompatible(obj, PrivateKey, ver)); +}; + +/* + * API versions for PrivateKey: + * [1,0] -- initial ver + * [1,1] -- added auto, pkcs[18], openssh/ssh-private formats + * [1,2] -- added defaultHashAlgorithm + * [1,3] -- added derive, ed, createDH + * [1,4] -- first tagged version + */ +PrivateKey.prototype._sshpkApiVersion = [1, 4]; + +PrivateKey._oldVersionDetect = function (obj) { + assert.func(obj.toPublic); + assert.func(obj.createSign); + if (obj.derive) + return ([1, 3]); + if (obj.defaultHashAlgorithm) + return ([1, 2]); + if (obj.formats['auto']) + return ([1, 1]); + return ([1, 0]); +}; |