| // Copyright 2017 Joyent, Inc. |
| |
| module.exports = { |
| read: read, |
| write: write |
| }; |
| |
| var assert = require('assert-plus'); |
| var Buffer = require('safer-buffer').Buffer; |
| var Key = require('../key'); |
| var PrivateKey = require('../private-key'); |
| var utils = require('../utils'); |
| var SSHBuffer = require('../ssh-buffer'); |
| var Dhe = require('../dhe'); |
| |
| var supportedAlgos = { |
| 'rsa-sha1' : 5, |
| 'rsa-sha256' : 8, |
| 'rsa-sha512' : 10, |
| 'ecdsa-p256-sha256' : 13, |
| 'ecdsa-p384-sha384' : 14 |
| /* |
| * ed25519 is hypothetically supported with id 15 |
| * but the common tools available don't appear to be |
| * capable of generating/using ed25519 keys |
| */ |
| }; |
| |
| var supportedAlgosById = {}; |
| Object.keys(supportedAlgos).forEach(function (k) { |
| supportedAlgosById[supportedAlgos[k]] = k.toUpperCase(); |
| }); |
| |
| function read(buf, options) { |
| if (typeof (buf) !== 'string') { |
| assert.buffer(buf, 'buf'); |
| buf = buf.toString('ascii'); |
| } |
| var lines = buf.split('\n'); |
| if (lines[0].match(/^Private-key-format\: v1/)) { |
| var algElems = lines[1].split(' '); |
| var algoNum = parseInt(algElems[1], 10); |
| var algoName = algElems[2]; |
| if (!supportedAlgosById[algoNum]) |
| throw (new Error('Unsupported algorithm: ' + algoName)); |
| return (readDNSSECPrivateKey(algoNum, lines.slice(2))); |
| } |
| |
| // skip any comment-lines |
| var line = 0; |
| /* JSSTYLED */ |
| while (lines[line].match(/^\;/)) |
| line++; |
| // we should now have *one single* line left with our KEY on it. |
| if ((lines[line].match(/\. IN KEY /) || |
| lines[line].match(/\. IN DNSKEY /)) && lines[line+1].length === 0) { |
| return (readRFC3110(lines[line])); |
| } |
| throw (new Error('Cannot parse dnssec key')); |
| } |
| |
| function readRFC3110(keyString) { |
| var elems = keyString.split(' '); |
| //unused var flags = parseInt(elems[3], 10); |
| //unused var protocol = parseInt(elems[4], 10); |
| var algorithm = parseInt(elems[5], 10); |
| if (!supportedAlgosById[algorithm]) |
| throw (new Error('Unsupported algorithm: ' + algorithm)); |
| var base64key = elems.slice(6, elems.length).join(); |
| var keyBuffer = Buffer.from(base64key, 'base64'); |
| if (supportedAlgosById[algorithm].match(/^RSA-/)) { |
| // join the rest of the body into a single base64-blob |
| var publicExponentLen = keyBuffer.readUInt8(0); |
| if (publicExponentLen != 3 && publicExponentLen != 1) |
| throw (new Error('Cannot parse dnssec key: ' + |
| 'unsupported exponent length')); |
| |
| var publicExponent = keyBuffer.slice(1, publicExponentLen+1); |
| publicExponent = utils.mpNormalize(publicExponent); |
| var modulus = keyBuffer.slice(1+publicExponentLen); |
| modulus = utils.mpNormalize(modulus); |
| // now, make the key |
| var rsaKey = { |
| type: 'rsa', |
| parts: [] |
| }; |
| rsaKey.parts.push({ name: 'e', data: publicExponent}); |
| rsaKey.parts.push({ name: 'n', data: modulus}); |
| return (new Key(rsaKey)); |
| } |
| if (supportedAlgosById[algorithm] === 'ECDSA-P384-SHA384' || |
| supportedAlgosById[algorithm] === 'ECDSA-P256-SHA256') { |
| var curve = 'nistp384'; |
| var size = 384; |
| if (supportedAlgosById[algorithm].match(/^ECDSA-P256-SHA256/)) { |
| curve = 'nistp256'; |
| size = 256; |
| } |
| |
| var ecdsaKey = { |
| type: 'ecdsa', |
| curve: curve, |
| size: size, |
| parts: [ |
| {name: 'curve', data: Buffer.from(curve) }, |
| {name: 'Q', data: utils.ecNormalize(keyBuffer) } |
| ] |
| }; |
| return (new Key(ecdsaKey)); |
| } |
| throw (new Error('Unsupported algorithm: ' + |
| supportedAlgosById[algorithm])); |
| } |
| |
| function elementToBuf(e) { |
| return (Buffer.from(e.split(' ')[1], 'base64')); |
| } |
| |
| function readDNSSECRSAPrivateKey(elements) { |
| var rsaParams = {}; |
| elements.forEach(function (element) { |
| if (element.split(' ')[0] === 'Modulus:') |
| rsaParams['n'] = elementToBuf(element); |
| else if (element.split(' ')[0] === 'PublicExponent:') |
| rsaParams['e'] = elementToBuf(element); |
| else if (element.split(' ')[0] === 'PrivateExponent:') |
| rsaParams['d'] = elementToBuf(element); |
| else if (element.split(' ')[0] === 'Prime1:') |
| rsaParams['p'] = elementToBuf(element); |
| else if (element.split(' ')[0] === 'Prime2:') |
| rsaParams['q'] = elementToBuf(element); |
| else if (element.split(' ')[0] === 'Exponent1:') |
| rsaParams['dmodp'] = elementToBuf(element); |
| else if (element.split(' ')[0] === 'Exponent2:') |
| rsaParams['dmodq'] = elementToBuf(element); |
| else if (element.split(' ')[0] === 'Coefficient:') |
| rsaParams['iqmp'] = elementToBuf(element); |
| }); |
| // now, make the key |
| var key = { |
| type: 'rsa', |
| parts: [ |
| { name: 'e', data: utils.mpNormalize(rsaParams['e'])}, |
| { name: 'n', data: utils.mpNormalize(rsaParams['n'])}, |
| { name: 'd', data: utils.mpNormalize(rsaParams['d'])}, |
| { name: 'p', data: utils.mpNormalize(rsaParams['p'])}, |
| { name: 'q', data: utils.mpNormalize(rsaParams['q'])}, |
| { name: 'dmodp', |
| data: utils.mpNormalize(rsaParams['dmodp'])}, |
| { name: 'dmodq', |
| data: utils.mpNormalize(rsaParams['dmodq'])}, |
| { name: 'iqmp', |
| data: utils.mpNormalize(rsaParams['iqmp'])} |
| ] |
| }; |
| return (new PrivateKey(key)); |
| } |
| |
| function readDNSSECPrivateKey(alg, elements) { |
| if (supportedAlgosById[alg].match(/^RSA-/)) { |
| return (readDNSSECRSAPrivateKey(elements)); |
| } |
| if (supportedAlgosById[alg] === 'ECDSA-P384-SHA384' || |
| supportedAlgosById[alg] === 'ECDSA-P256-SHA256') { |
| var d = Buffer.from(elements[0].split(' ')[1], 'base64'); |
| var curve = 'nistp384'; |
| var size = 384; |
| if (supportedAlgosById[alg] === 'ECDSA-P256-SHA256') { |
| curve = 'nistp256'; |
| size = 256; |
| } |
| // DNSSEC generates the public-key on the fly (go calculate it) |
| var publicKey = utils.publicFromPrivateECDSA(curve, d); |
| var Q = publicKey.part['Q'].data; |
| var ecdsaKey = { |
| type: 'ecdsa', |
| curve: curve, |
| size: size, |
| parts: [ |
| {name: 'curve', data: Buffer.from(curve) }, |
| {name: 'd', data: d }, |
| {name: 'Q', data: Q } |
| ] |
| }; |
| return (new PrivateKey(ecdsaKey)); |
| } |
| throw (new Error('Unsupported algorithm: ' + supportedAlgosById[alg])); |
| } |
| |
| function dnssecTimestamp(date) { |
| var year = date.getFullYear() + ''; //stringify |
| var month = (date.getMonth() + 1); |
| var timestampStr = year + month + date.getUTCDate(); |
| timestampStr += '' + date.getUTCHours() + date.getUTCMinutes(); |
| timestampStr += date.getUTCSeconds(); |
| return (timestampStr); |
| } |
| |
| function rsaAlgFromOptions(opts) { |
| if (!opts || !opts.hashAlgo || opts.hashAlgo === 'sha1') |
| return ('5 (RSASHA1)'); |
| else if (opts.hashAlgo === 'sha256') |
| return ('8 (RSASHA256)'); |
| else if (opts.hashAlgo === 'sha512') |
| return ('10 (RSASHA512)'); |
| else |
| throw (new Error('Unknown or unsupported hash: ' + |
| opts.hashAlgo)); |
| } |
| |
| function writeRSA(key, options) { |
| // if we're missing parts, add them. |
| if (!key.part.dmodp || !key.part.dmodq) { |
| utils.addRSAMissing(key); |
| } |
| |
| var out = ''; |
| out += 'Private-key-format: v1.3\n'; |
| out += 'Algorithm: ' + rsaAlgFromOptions(options) + '\n'; |
| var n = utils.mpDenormalize(key.part['n'].data); |
| out += 'Modulus: ' + n.toString('base64') + '\n'; |
| var e = utils.mpDenormalize(key.part['e'].data); |
| out += 'PublicExponent: ' + e.toString('base64') + '\n'; |
| var d = utils.mpDenormalize(key.part['d'].data); |
| out += 'PrivateExponent: ' + d.toString('base64') + '\n'; |
| var p = utils.mpDenormalize(key.part['p'].data); |
| out += 'Prime1: ' + p.toString('base64') + '\n'; |
| var q = utils.mpDenormalize(key.part['q'].data); |
| out += 'Prime2: ' + q.toString('base64') + '\n'; |
| var dmodp = utils.mpDenormalize(key.part['dmodp'].data); |
| out += 'Exponent1: ' + dmodp.toString('base64') + '\n'; |
| var dmodq = utils.mpDenormalize(key.part['dmodq'].data); |
| out += 'Exponent2: ' + dmodq.toString('base64') + '\n'; |
| var iqmp = utils.mpDenormalize(key.part['iqmp'].data); |
| out += 'Coefficient: ' + iqmp.toString('base64') + '\n'; |
| // Assume that we're valid as-of now |
| var timestamp = new Date(); |
| out += 'Created: ' + dnssecTimestamp(timestamp) + '\n'; |
| out += 'Publish: ' + dnssecTimestamp(timestamp) + '\n'; |
| out += 'Activate: ' + dnssecTimestamp(timestamp) + '\n'; |
| return (Buffer.from(out, 'ascii')); |
| } |
| |
| function writeECDSA(key, options) { |
| var out = ''; |
| out += 'Private-key-format: v1.3\n'; |
| |
| if (key.curve === 'nistp256') { |
| out += 'Algorithm: 13 (ECDSAP256SHA256)\n'; |
| } else if (key.curve === 'nistp384') { |
| out += 'Algorithm: 14 (ECDSAP384SHA384)\n'; |
| } else { |
| throw (new Error('Unsupported curve')); |
| } |
| var base64Key = key.part['d'].data.toString('base64'); |
| out += 'PrivateKey: ' + base64Key + '\n'; |
| |
| // Assume that we're valid as-of now |
| var timestamp = new Date(); |
| out += 'Created: ' + dnssecTimestamp(timestamp) + '\n'; |
| out += 'Publish: ' + dnssecTimestamp(timestamp) + '\n'; |
| out += 'Activate: ' + dnssecTimestamp(timestamp) + '\n'; |
| |
| return (Buffer.from(out, 'ascii')); |
| } |
| |
| function write(key, options) { |
| if (PrivateKey.isPrivateKey(key)) { |
| if (key.type === 'rsa') { |
| return (writeRSA(key, options)); |
| } else if (key.type === 'ecdsa') { |
| return (writeECDSA(key, options)); |
| } else { |
| throw (new Error('Unsupported algorithm: ' + key.type)); |
| } |
| } else if (Key.isKey(key)) { |
| /* |
| * RFC3110 requires a keyname, and a keytype, which we |
| * don't really have a mechanism for specifying such |
| * additional metadata. |
| */ |
| throw (new Error('Format "dnssec" only supports ' + |
| 'writing private keys')); |
| } else { |
| throw (new Error('key is not a Key or PrivateKey')); |
| } |
| } |