123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288 |
- // Copyright 2017 Joyent, Inc.
- module.exports = {
- read: read,
- write: write
- };
- var assert = require('assert-plus');
- var Buffer = require('safer-buffer').Buffer;
- var Key = require('../key');
- var PrivateKey = require('../private-key');
- var utils = require('../utils');
- var SSHBuffer = require('../ssh-buffer');
- var Dhe = require('../dhe');
- var supportedAlgos = {
- 'rsa-sha1' : 5,
- 'rsa-sha256' : 8,
- 'rsa-sha512' : 10,
- 'ecdsa-p256-sha256' : 13,
- 'ecdsa-p384-sha384' : 14
- /*
- * ed25519 is hypothetically supported with id 15
- * but the common tools available don't appear to be
- * capable of generating/using ed25519 keys
- */
- };
- var supportedAlgosById = {};
- Object.keys(supportedAlgos).forEach(function (k) {
- supportedAlgosById[supportedAlgos[k]] = k.toUpperCase();
- });
- function read(buf, options) {
- if (typeof (buf) !== 'string') {
- assert.buffer(buf, 'buf');
- buf = buf.toString('ascii');
- }
- var lines = buf.split('\n');
- if (lines[0].match(/^Private-key-format\: v1/)) {
- var algElems = lines[1].split(' ');
- var algoNum = parseInt(algElems[1], 10);
- var algoName = algElems[2];
- if (!supportedAlgosById[algoNum])
- throw (new Error('Unsupported algorithm: ' + algoName));
- return (readDNSSECPrivateKey(algoNum, lines.slice(2)));
- }
- // skip any comment-lines
- var line = 0;
- /* JSSTYLED */
- while (lines[line].match(/^\;/))
- line++;
- // we should now have *one single* line left with our KEY on it.
- if ((lines[line].match(/\. IN KEY /) ||
- lines[line].match(/\. IN DNSKEY /)) && lines[line+1].length === 0) {
- return (readRFC3110(lines[line]));
- }
- throw (new Error('Cannot parse dnssec key'));
- }
- function readRFC3110(keyString) {
- var elems = keyString.split(' ');
- //unused var flags = parseInt(elems[3], 10);
- //unused var protocol = parseInt(elems[4], 10);
- var algorithm = parseInt(elems[5], 10);
- if (!supportedAlgosById[algorithm])
- throw (new Error('Unsupported algorithm: ' + algorithm));
- var base64key = elems.slice(6, elems.length).join();
- var keyBuffer = Buffer.from(base64key, 'base64');
- if (supportedAlgosById[algorithm].match(/^RSA-/)) {
- // join the rest of the body into a single base64-blob
- var publicExponentLen = keyBuffer.readUInt8(0);
- if (publicExponentLen != 3 && publicExponentLen != 1)
- throw (new Error('Cannot parse dnssec key: ' +
- 'unsupported exponent length'));
- var publicExponent = keyBuffer.slice(1, publicExponentLen+1);
- publicExponent = utils.mpNormalize(publicExponent);
- var modulus = keyBuffer.slice(1+publicExponentLen);
- modulus = utils.mpNormalize(modulus);
- // now, make the key
- var rsaKey = {
- type: 'rsa',
- parts: []
- };
- rsaKey.parts.push({ name: 'e', data: publicExponent});
- rsaKey.parts.push({ name: 'n', data: modulus});
- return (new Key(rsaKey));
- }
- if (supportedAlgosById[algorithm] === 'ECDSA-P384-SHA384' ||
- supportedAlgosById[algorithm] === 'ECDSA-P256-SHA256') {
- var curve = 'nistp384';
- var size = 384;
- if (supportedAlgosById[algorithm].match(/^ECDSA-P256-SHA256/)) {
- curve = 'nistp256';
- size = 256;
- }
- var ecdsaKey = {
- type: 'ecdsa',
- curve: curve,
- size: size,
- parts: [
- {name: 'curve', data: Buffer.from(curve) },
- {name: 'Q', data: utils.ecNormalize(keyBuffer) }
- ]
- };
- return (new Key(ecdsaKey));
- }
- throw (new Error('Unsupported algorithm: ' +
- supportedAlgosById[algorithm]));
- }
- function elementToBuf(e) {
- return (Buffer.from(e.split(' ')[1], 'base64'));
- }
- function readDNSSECRSAPrivateKey(elements) {
- var rsaParams = {};
- elements.forEach(function (element) {
- if (element.split(' ')[0] === 'Modulus:')
- rsaParams['n'] = elementToBuf(element);
- else if (element.split(' ')[0] === 'PublicExponent:')
- rsaParams['e'] = elementToBuf(element);
- else if (element.split(' ')[0] === 'PrivateExponent:')
- rsaParams['d'] = elementToBuf(element);
- else if (element.split(' ')[0] === 'Prime1:')
- rsaParams['p'] = elementToBuf(element);
- else if (element.split(' ')[0] === 'Prime2:')
- rsaParams['q'] = elementToBuf(element);
- else if (element.split(' ')[0] === 'Exponent1:')
- rsaParams['dmodp'] = elementToBuf(element);
- else if (element.split(' ')[0] === 'Exponent2:')
- rsaParams['dmodq'] = elementToBuf(element);
- else if (element.split(' ')[0] === 'Coefficient:')
- rsaParams['iqmp'] = elementToBuf(element);
- });
- // now, make the key
- var key = {
- type: 'rsa',
- parts: [
- { name: 'e', data: utils.mpNormalize(rsaParams['e'])},
- { name: 'n', data: utils.mpNormalize(rsaParams['n'])},
- { name: 'd', data: utils.mpNormalize(rsaParams['d'])},
- { name: 'p', data: utils.mpNormalize(rsaParams['p'])},
- { name: 'q', data: utils.mpNormalize(rsaParams['q'])},
- { name: 'dmodp',
- data: utils.mpNormalize(rsaParams['dmodp'])},
- { name: 'dmodq',
- data: utils.mpNormalize(rsaParams['dmodq'])},
- { name: 'iqmp',
- data: utils.mpNormalize(rsaParams['iqmp'])}
- ]
- };
- return (new PrivateKey(key));
- }
- function readDNSSECPrivateKey(alg, elements) {
- if (supportedAlgosById[alg].match(/^RSA-/)) {
- return (readDNSSECRSAPrivateKey(elements));
- }
- if (supportedAlgosById[alg] === 'ECDSA-P384-SHA384' ||
- supportedAlgosById[alg] === 'ECDSA-P256-SHA256') {
- var d = Buffer.from(elements[0].split(' ')[1], 'base64');
- var curve = 'nistp384';
- var size = 384;
- if (supportedAlgosById[alg] === 'ECDSA-P256-SHA256') {
- curve = 'nistp256';
- size = 256;
- }
- // DNSSEC generates the public-key on the fly (go calculate it)
- var publicKey = utils.publicFromPrivateECDSA(curve, d);
- var Q = publicKey.part['Q'].data;
- var ecdsaKey = {
- type: 'ecdsa',
- curve: curve,
- size: size,
- parts: [
- {name: 'curve', data: Buffer.from(curve) },
- {name: 'd', data: d },
- {name: 'Q', data: Q }
- ]
- };
- return (new PrivateKey(ecdsaKey));
- }
- throw (new Error('Unsupported algorithm: ' + supportedAlgosById[alg]));
- }
- function dnssecTimestamp(date) {
- var year = date.getFullYear() + ''; //stringify
- var month = (date.getMonth() + 1);
- var timestampStr = year + month + date.getUTCDate();
- timestampStr += '' + date.getUTCHours() + date.getUTCMinutes();
- timestampStr += date.getUTCSeconds();
- return (timestampStr);
- }
- function rsaAlgFromOptions(opts) {
- if (!opts || !opts.hashAlgo || opts.hashAlgo === 'sha1')
- return ('5 (RSASHA1)');
- else if (opts.hashAlgo === 'sha256')
- return ('8 (RSASHA256)');
- else if (opts.hashAlgo === 'sha512')
- return ('10 (RSASHA512)');
- else
- throw (new Error('Unknown or unsupported hash: ' +
- opts.hashAlgo));
- }
- function writeRSA(key, options) {
- // if we're missing parts, add them.
- if (!key.part.dmodp || !key.part.dmodq) {
- utils.addRSAMissing(key);
- }
- var out = '';
- out += 'Private-key-format: v1.3\n';
- out += 'Algorithm: ' + rsaAlgFromOptions(options) + '\n';
- var n = utils.mpDenormalize(key.part['n'].data);
- out += 'Modulus: ' + n.toString('base64') + '\n';
- var e = utils.mpDenormalize(key.part['e'].data);
- out += 'PublicExponent: ' + e.toString('base64') + '\n';
- var d = utils.mpDenormalize(key.part['d'].data);
- out += 'PrivateExponent: ' + d.toString('base64') + '\n';
- var p = utils.mpDenormalize(key.part['p'].data);
- out += 'Prime1: ' + p.toString('base64') + '\n';
- var q = utils.mpDenormalize(key.part['q'].data);
- out += 'Prime2: ' + q.toString('base64') + '\n';
- var dmodp = utils.mpDenormalize(key.part['dmodp'].data);
- out += 'Exponent1: ' + dmodp.toString('base64') + '\n';
- var dmodq = utils.mpDenormalize(key.part['dmodq'].data);
- out += 'Exponent2: ' + dmodq.toString('base64') + '\n';
- var iqmp = utils.mpDenormalize(key.part['iqmp'].data);
- out += 'Coefficient: ' + iqmp.toString('base64') + '\n';
- // Assume that we're valid as-of now
- var timestamp = new Date();
- out += 'Created: ' + dnssecTimestamp(timestamp) + '\n';
- out += 'Publish: ' + dnssecTimestamp(timestamp) + '\n';
- out += 'Activate: ' + dnssecTimestamp(timestamp) + '\n';
- return (Buffer.from(out, 'ascii'));
- }
- function writeECDSA(key, options) {
- var out = '';
- out += 'Private-key-format: v1.3\n';
- if (key.curve === 'nistp256') {
- out += 'Algorithm: 13 (ECDSAP256SHA256)\n';
- } else if (key.curve === 'nistp384') {
- out += 'Algorithm: 14 (ECDSAP384SHA384)\n';
- } else {
- throw (new Error('Unsupported curve'));
- }
- var base64Key = key.part['d'].data.toString('base64');
- out += 'PrivateKey: ' + base64Key + '\n';
- // Assume that we're valid as-of now
- var timestamp = new Date();
- out += 'Created: ' + dnssecTimestamp(timestamp) + '\n';
- out += 'Publish: ' + dnssecTimestamp(timestamp) + '\n';
- out += 'Activate: ' + dnssecTimestamp(timestamp) + '\n';
- return (Buffer.from(out, 'ascii'));
- }
- function write(key, options) {
- if (PrivateKey.isPrivateKey(key)) {
- if (key.type === 'rsa') {
- return (writeRSA(key, options));
- } else if (key.type === 'ecdsa') {
- return (writeECDSA(key, options));
- } else {
- throw (new Error('Unsupported algorithm: ' + key.type));
- }
- } else if (Key.isKey(key)) {
- /*
- * RFC3110 requires a keyname, and a keytype, which we
- * don't really have a mechanism for specifying such
- * additional metadata.
- */
- throw (new Error('Format "dnssec" only supports ' +
- 'writing private keys'));
- } else {
- throw (new Error('key is not a Key or PrivateKey'));
- }
- }
|