123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113 |
- // Copyright 2012 Joyent, Inc. All rights reserved.
- var assert = require('assert-plus');
- var sshpk = require('sshpk');
- var util = require('util');
- var HASH_ALGOS = {
- 'sha1': true,
- 'sha256': true,
- 'sha512': true
- };
- var PK_ALGOS = {
- 'rsa': true,
- 'dsa': true,
- 'ecdsa': true
- };
- function HttpSignatureError(message, caller) {
- if (Error.captureStackTrace)
- Error.captureStackTrace(this, caller || HttpSignatureError);
- this.message = message;
- this.name = caller.name;
- }
- util.inherits(HttpSignatureError, Error);
- function InvalidAlgorithmError(message) {
- HttpSignatureError.call(this, message, InvalidAlgorithmError);
- }
- util.inherits(InvalidAlgorithmError, HttpSignatureError);
- function validateAlgorithm(algorithm) {
- var alg = algorithm.toLowerCase().split('-');
- if (alg.length !== 2) {
- throw (new InvalidAlgorithmError(alg[0].toUpperCase() + ' is not a ' +
- 'valid algorithm'));
- }
- if (alg[0] !== 'hmac' && !PK_ALGOS[alg[0]]) {
- throw (new InvalidAlgorithmError(alg[0].toUpperCase() + ' type keys ' +
- 'are not supported'));
- }
- if (!HASH_ALGOS[alg[1]]) {
- throw (new InvalidAlgorithmError(alg[1].toUpperCase() + ' is not a ' +
- 'supported hash algorithm'));
- }
- return (alg);
- }
- ///--- API
- module.exports = {
- HASH_ALGOS: HASH_ALGOS,
- PK_ALGOS: PK_ALGOS,
- HttpSignatureError: HttpSignatureError,
- InvalidAlgorithmError: InvalidAlgorithmError,
- validateAlgorithm: validateAlgorithm,
- /**
- * Converts an OpenSSH public key (rsa only) to a PKCS#8 PEM file.
- *
- * The intent of this module is to interoperate with OpenSSL only,
- * specifically the node crypto module's `verify` method.
- *
- * @param {String} key an OpenSSH public key.
- * @return {String} PEM encoded form of the RSA public key.
- * @throws {TypeError} on bad input.
- * @throws {Error} on invalid ssh key formatted data.
- */
- sshKeyToPEM: function sshKeyToPEM(key) {
- assert.string(key, 'ssh_key');
- var k = sshpk.parseKey(key, 'ssh');
- return (k.toString('pem'));
- },
- /**
- * Generates an OpenSSH fingerprint from an ssh public key.
- *
- * @param {String} key an OpenSSH public key.
- * @return {String} key fingerprint.
- * @throws {TypeError} on bad input.
- * @throws {Error} if what you passed doesn't look like an ssh public key.
- */
- fingerprint: function fingerprint(key) {
- assert.string(key, 'ssh_key');
- var k = sshpk.parseKey(key, 'ssh');
- return (k.fingerprint('md5').toString('hex'));
- },
- /**
- * Converts a PKGCS#8 PEM file to an OpenSSH public key (rsa)
- *
- * The reverse of the above function.
- */
- pemToRsaSSHKey: function pemToRsaSSHKey(pem, comment) {
- assert.equal('string', typeof (pem), 'typeof pem');
- var k = sshpk.parseKey(pem, 'pem');
- k.comment = comment;
- return (k.toString('ssh'));
- }
- };
|