node_modules/sshpk/lib/dhe.js - nifi-fds - Git at Google

 // Copyright 2017 Joyent, Inc.

 module.exports = {
 	DiffieHellman: DiffieHellman,
 	generateECDSA: generateECDSA,
 	generateED25519: generateED25519
 };

 var assert = require('assert-plus');
 var crypto = require('crypto');
 var Buffer = require('safer-buffer').Buffer;
 var algs = require('./algs');
 var utils = require('./utils');
 var nacl = require('tweetnacl');

 var Key = require('./key');
 var PrivateKey = require('./private-key');

 var CRYPTO_HAVE_ECDH = (crypto.createECDH !== undefined);

 var ecdh = require('ecc-jsbn');
 var ec = require('ecc-jsbn/lib/ec');
 var jsbn = require('jsbn').BigInteger;

 function DiffieHellman(key) {
 	utils.assertCompatible(key, Key, [1, 4], 'key');
 	this._isPriv = PrivateKey.isPrivateKey(key, [1, 3]);
 	this._algo = key.type;
 	this._curve = key.curve;
 	this._key = key;
 	if (key.type === 'dsa') {
 		if (!CRYPTO_HAVE_ECDH) {
 			throw (new Error('Due to bugs in the node 0.10 ' +
 			    'crypto API, node 0.12.x or later is required ' +
 			    'to use DH'));
 		}
 		this._dh = crypto.createDiffieHellman(
 		    key.part.p.data, undefined,
 		    key.part.g.data, undefined);
 		this._p = key.part.p;
 		this._g = key.part.g;
 		if (this._isPriv)
 			this._dh.setPrivateKey(key.part.x.data);
 		this._dh.setPublicKey(key.part.y.data);

 	} else if (key.type === 'ecdsa') {
 		if (!CRYPTO_HAVE_ECDH) {
 			this._ecParams = new X9ECParameters(this._curve);

 			if (this._isPriv) {
 				this._priv = new ECPrivate(
 				    this._ecParams, key.part.d.data);
 			}
 			return;
 		}

 		var curve = {
 			'nistp256': 'prime256v1',
 			'nistp384': 'secp384r1',
 			'nistp521': 'secp521r1'
 		}[key.curve];
 		this._dh = crypto.createECDH(curve);
 		if (typeof (this._dh) !== 'object' ||
 		    typeof (this._dh.setPrivateKey) !== 'function') {
 			CRYPTO_HAVE_ECDH = false;
 			DiffieHellman.call(this, key);
 			return;
 		}
 		if (this._isPriv)
 			this._dh.setPrivateKey(key.part.d.data);
 		this._dh.setPublicKey(key.part.Q.data);

 	} else if (key.type === 'curve25519') {
 		if (this._isPriv) {
 			utils.assertCompatible(key, PrivateKey, [1, 5], 'key');
 			this._priv = key.part.k.data;
 		}

 	} else {
 		throw (new Error('DH not supported for ' + key.type + ' keys'));
 	}
 }

 DiffieHellman.prototype.getPublicKey = function () {
 	if (this._isPriv)
 		return (this._key.toPublic());
 	return (this._key);
 };

 DiffieHellman.prototype.getPrivateKey = function () {
 	if (this._isPriv)
 		return (this._key);
 	else
 		return (undefined);
 };
 DiffieHellman.prototype.getKey = DiffieHellman.prototype.getPrivateKey;

 DiffieHellman.prototype._keyCheck = function (pk, isPub) {
 	assert.object(pk, 'key');
 	if (!isPub)
 		utils.assertCompatible(pk, PrivateKey, [1, 3], 'key');
 	utils.assertCompatible(pk, Key, [1, 4], 'key');

 	if (pk.type !== this._algo) {
 		throw (new Error('A ' + pk.type + ' key cannot be used in ' +
 		    this._algo + ' Diffie-Hellman'));
 	}

 	if (pk.curve !== this._curve) {
 		throw (new Error('A key from the ' + pk.curve + ' curve ' +
 		    'cannot be used with a ' + this._curve +
 		    ' Diffie-Hellman'));
 	}

 	if (pk.type === 'dsa') {
 		assert.deepEqual(pk.part.p, this._p,
 		    'DSA key prime does not match');
 		assert.deepEqual(pk.part.g, this._g,
 		    'DSA key generator does not match');
 	}
 };

 DiffieHellman.prototype.setKey = function (pk) {
 	this._keyCheck(pk);

 	if (pk.type === 'dsa') {
 		this._dh.setPrivateKey(pk.part.x.data);
 		this._dh.setPublicKey(pk.part.y.data);

 	} else if (pk.type === 'ecdsa') {
 		if (CRYPTO_HAVE_ECDH) {
 			this._dh.setPrivateKey(pk.part.d.data);
 			this._dh.setPublicKey(pk.part.Q.data);
 		} else {
 			this._priv = new ECPrivate(
 			    this._ecParams, pk.part.d.data);
 		}

 	} else if (pk.type === 'curve25519') {
 		var k = pk.part.k;
 		if (!pk.part.k)
 			k = pk.part.r;
 		this._priv = k.data;
 		if (this._priv[0] === 0x00)
 			this._priv = this._priv.slice(1);
 		this._priv = this._priv.slice(0, 32);
 	}
 	this._key = pk;
 	this._isPriv = true;
 };
 DiffieHellman.prototype.setPrivateKey = DiffieHellman.prototype.setKey;

 DiffieHellman.prototype.computeSecret = function (otherpk) {
 	this._keyCheck(otherpk, true);
 	if (!this._isPriv)
 		throw (new Error('DH exchange has not been initialized with ' +
 		    'a private key yet'));

 	var pub;
 	if (this._algo === 'dsa') {
 		return (this._dh.computeSecret(
 		    otherpk.part.y.data));

 	} else if (this._algo === 'ecdsa') {
 		if (CRYPTO_HAVE_ECDH) {
 			return (this._dh.computeSecret(
 			    otherpk.part.Q.data));
 		} else {
 			pub = new ECPublic(
 			    this._ecParams, otherpk.part.Q.data);
 			return (this._priv.deriveSharedSecret(pub));
 		}

 	} else if (this._algo === 'curve25519') {
 		pub = otherpk.part.A.data;
 		while (pub[0] === 0x00 && pub.length > 32)
 			pub = pub.slice(1);
 		var priv = this._priv;
 		assert.strictEqual(pub.length, 32);
 		assert.strictEqual(priv.length, 32);

 		var secret = nacl.box.before(new Uint8Array(pub),
 		    new Uint8Array(priv));

 		return (Buffer.from(secret));
 	}

 	throw (new Error('Invalid algorithm: ' + this._algo));
 };

 DiffieHellman.prototype.generateKey = function () {
 	var parts = [];
 	var priv, pub;
 	if (this._algo === 'dsa') {
 		this._dh.generateKeys();

 		parts.push({name: 'p', data: this._p.data});
 		parts.push({name: 'q', data: this._key.part.q.data});
 		parts.push({name: 'g', data: this._g.data});
 		parts.push({name: 'y', data: this._dh.getPublicKey()});
 		parts.push({name: 'x', data: this._dh.getPrivateKey()});
 		this._key = new PrivateKey({
 			type: 'dsa',
 			parts: parts
 		});
 		this._isPriv = true;
 		return (this._key);

 	} else if (this._algo === 'ecdsa') {
 		if (CRYPTO_HAVE_ECDH) {
 			this._dh.generateKeys();

 			parts.push({name: 'curve',
 			    data: Buffer.from(this._curve)});
 			parts.push({name: 'Q', data: this._dh.getPublicKey()});
 			parts.push({name: 'd', data: this._dh.getPrivateKey()});
 			this._key = new PrivateKey({
 				type: 'ecdsa',
 				curve: this._curve,
 				parts: parts
 			});
 			this._isPriv = true;
 			return (this._key);

 		} else {
 			var n = this._ecParams.getN();
 			var r = new jsbn(crypto.randomBytes(n.bitLength()));
 			var n1 = n.subtract(jsbn.ONE);
 			priv = r.mod(n1).add(jsbn.ONE);
 			pub = this._ecParams.getG().multiply(priv);

 			priv = Buffer.from(priv.toByteArray());
 			pub = Buffer.from(this._ecParams.getCurve().
 			    encodePointHex(pub), 'hex');

 			this._priv = new ECPrivate(this._ecParams, priv);

 			parts.push({name: 'curve',
 			    data: Buffer.from(this._curve)});
 			parts.push({name: 'Q', data: pub});
 			parts.push({name: 'd', data: priv});

 			this._key = new PrivateKey({
 				type: 'ecdsa',
 				curve: this._curve,
 				parts: parts
 			});
 			this._isPriv = true;
 			return (this._key);
 		}

 	} else if (this._algo === 'curve25519') {
 		var pair = nacl.box.keyPair();
 		priv = Buffer.from(pair.secretKey);
 		pub = Buffer.from(pair.publicKey);
 		priv = Buffer.concat([priv, pub]);
 		assert.strictEqual(priv.length, 64);
 		assert.strictEqual(pub.length, 32);

 		parts.push({name: 'A', data: pub});
 		parts.push({name: 'k', data: priv});
 		this._key = new PrivateKey({
 			type: 'curve25519',
 			parts: parts
 		});
 		this._isPriv = true;
 		return (this._key);
 	}

 	throw (new Error('Invalid algorithm: ' + this._algo));
 };
 DiffieHellman.prototype.generateKeys = DiffieHellman.prototype.generateKey;

 /* These are helpers for using ecc-jsbn (for node 0.10 compatibility). */

 function X9ECParameters(name) {
 	var params = algs.curves[name];
 	assert.object(params);

 	var p = new jsbn(params.p);
 	var a = new jsbn(params.a);
 	var b = new jsbn(params.b);
 	var n = new jsbn(params.n);
 	var h = jsbn.ONE;
 	var curve = new ec.ECCurveFp(p, a, b);
 	var G = curve.decodePointHex(params.G.toString('hex'));

 	this.curve = curve;
 	this.g = G;
 	this.n = n;
 	this.h = h;
 }
 X9ECParameters.prototype.getCurve = function () { return (this.curve); };
 X9ECParameters.prototype.getG = function () { return (this.g); };
 X9ECParameters.prototype.getN = function () { return (this.n); };
 X9ECParameters.prototype.getH = function () { return (this.h); };

 function ECPublic(params, buffer) {
 	this._params = params;
 	if (buffer[0] === 0x00)
 		buffer = buffer.slice(1);
 	this._pub = params.getCurve().decodePointHex(buffer.toString('hex'));
 }

 function ECPrivate(params, buffer) {
 	this._params = params;
 	this._priv = new jsbn(utils.mpNormalize(buffer));
 }
 ECPrivate.prototype.deriveSharedSecret = function (pubKey) {
 	assert.ok(pubKey instanceof ECPublic);
 	var S = pubKey._pub.multiply(this._priv);
 	return (Buffer.from(S.getX().toBigInteger().toByteArray()));
 };

 function generateED25519() {
 	var pair = nacl.sign.keyPair();
 	var priv = Buffer.from(pair.secretKey);
 	var pub = Buffer.from(pair.publicKey);
 	assert.strictEqual(priv.length, 64);
 	assert.strictEqual(pub.length, 32);

 	var parts = [];
 	parts.push({name: 'A', data: pub});
 	parts.push({name: 'k', data: priv.slice(0, 32)});
 	var key = new PrivateKey({
 		type: 'ed25519',
 		parts: parts
 	});
 	return (key);
 }

 /* Generates a new ECDSA private key on a given curve. */
 function generateECDSA(curve) {
 	var parts = [];
 	var key;

 	if (CRYPTO_HAVE_ECDH) {
 		/*
 		 * Node crypto doesn't expose key generation directly, but the
 		 * ECDH instances can generate keys. It turns out this just
 		 * calls into the OpenSSL generic key generator, and we can
 		 * read its output happily without doing an actual DH. So we
 		 * use that here.
 		 */
 		var osCurve = {
 			'nistp256': 'prime256v1',
 			'nistp384': 'secp384r1',
 			'nistp521': 'secp521r1'
 		}[curve];

 		var dh = crypto.createECDH(osCurve);
 		dh.generateKeys();

 		parts.push({name: 'curve',
 		    data: Buffer.from(curve)});
 		parts.push({name: 'Q', data: dh.getPublicKey()});
 		parts.push({name: 'd', data: dh.getPrivateKey()});

 		key = new PrivateKey({
 			type: 'ecdsa',
 			curve: curve,
 			parts: parts
 		});
 		return (key);
 	} else {

 		var ecParams = new X9ECParameters(curve);

 		/* This algorithm taken from FIPS PUB 186-4 (section B.4.1) */
 		var n = ecParams.getN();
 		/*
 		 * The crypto.randomBytes() function can only give us whole
 		 * bytes, so taking a nod from X9.62, we round up.
 		 */
 		var cByteLen = Math.ceil((n.bitLength() + 64) / 8);
 		var c = new jsbn(crypto.randomBytes(cByteLen));

 		var n1 = n.subtract(jsbn.ONE);
 		var priv = c.mod(n1).add(jsbn.ONE);
 		var pub = ecParams.getG().multiply(priv);

 		priv = Buffer.from(priv.toByteArray());
 		pub = Buffer.from(ecParams.getCurve().
 		    encodePointHex(pub), 'hex');

 		parts.push({name: 'curve', data: Buffer.from(curve)});
 		parts.push({name: 'Q', data: pub});
 		parts.push({name: 'd', data: priv});

 		key = new PrivateKey({
 			type: 'ecdsa',
 			curve: curve,
 			parts: parts
 		});
 		return (key);
 	}
 }
	// Copyright 2017 Joyent, Inc.

	module.exports = {
	DiffieHellman: DiffieHellman,
	generateECDSA: generateECDSA,
	generateED25519: generateED25519
	};

	var assert = require('assert-plus');
	var crypto = require('crypto');
	var Buffer = require('safer-buffer').Buffer;
	var algs = require('./algs');
	var utils = require('./utils');
	var nacl = require('tweetnacl');

	var Key = require('./key');
	var PrivateKey = require('./private-key');

	var CRYPTO_HAVE_ECDH = (crypto.createECDH !== undefined);

	var ecdh = require('ecc-jsbn');
	var ec = require('ecc-jsbn/lib/ec');
	var jsbn = require('jsbn').BigInteger;

	function DiffieHellman(key) {
	utils.assertCompatible(key, Key, [1, 4], 'key');
	this._isPriv = PrivateKey.isPrivateKey(key, [1, 3]);
	this._algo = key.type;
	this._curve = key.curve;
	this._key = key;
	if (key.type === 'dsa') {
	if (!CRYPTO_HAVE_ECDH) {
	throw (new Error('Due to bugs in the node 0.10 ' +
	'crypto API, node 0.12.x or later is required ' +
	'to use DH'));
	}
	this._dh = crypto.createDiffieHellman(
	key.part.p.data, undefined,
	key.part.g.data, undefined);
	this._p = key.part.p;
	this._g = key.part.g;
	if (this._isPriv)
	this._dh.setPrivateKey(key.part.x.data);
	this._dh.setPublicKey(key.part.y.data);

	} else if (key.type === 'ecdsa') {
	if (!CRYPTO_HAVE_ECDH) {
	this._ecParams = new X9ECParameters(this._curve);

	if (this._isPriv) {
	this._priv = new ECPrivate(
	this._ecParams, key.part.d.data);
	}
	return;
	}

	var curve = {
	'nistp256': 'prime256v1',
	'nistp384': 'secp384r1',
	'nistp521': 'secp521r1'
	}[key.curve];
	this._dh = crypto.createECDH(curve);
	if (typeof (this._dh) !== 'object' \|\|
	typeof (this._dh.setPrivateKey) !== 'function') {
	CRYPTO_HAVE_ECDH = false;
	DiffieHellman.call(this, key);
	return;
	}
	if (this._isPriv)
	this._dh.setPrivateKey(key.part.d.data);
	this._dh.setPublicKey(key.part.Q.data);

	} else if (key.type === 'curve25519') {
	if (this._isPriv) {
	utils.assertCompatible(key, PrivateKey, [1, 5], 'key');
	this._priv = key.part.k.data;
	}

	} else {
	throw (new Error('DH not supported for ' + key.type + ' keys'));
	}
	}

	DiffieHellman.prototype.getPublicKey = function () {
	if (this._isPriv)
	return (this._key.toPublic());
	return (this._key);
	};

	DiffieHellman.prototype.getPrivateKey = function () {
	if (this._isPriv)
	return (this._key);
	else
	return (undefined);
	};
	DiffieHellman.prototype.getKey = DiffieHellman.prototype.getPrivateKey;

	DiffieHellman.prototype._keyCheck = function (pk, isPub) {
	assert.object(pk, 'key');
	if (!isPub)
	utils.assertCompatible(pk, PrivateKey, [1, 3], 'key');
	utils.assertCompatible(pk, Key, [1, 4], 'key');

	if (pk.type !== this._algo) {
	throw (new Error('A ' + pk.type + ' key cannot be used in ' +
	this._algo + ' Diffie-Hellman'));
	}

	if (pk.curve !== this._curve) {
	throw (new Error('A key from the ' + pk.curve + ' curve ' +
	'cannot be used with a ' + this._curve +
	' Diffie-Hellman'));
	}

	if (pk.type === 'dsa') {
	assert.deepEqual(pk.part.p, this._p,
	'DSA key prime does not match');
	assert.deepEqual(pk.part.g, this._g,
	'DSA key generator does not match');
	}
	};

	DiffieHellman.prototype.setKey = function (pk) {
	this._keyCheck(pk);

	if (pk.type === 'dsa') {
	this._dh.setPrivateKey(pk.part.x.data);
	this._dh.setPublicKey(pk.part.y.data);

	} else if (pk.type === 'ecdsa') {
	if (CRYPTO_HAVE_ECDH) {
	this._dh.setPrivateKey(pk.part.d.data);
	this._dh.setPublicKey(pk.part.Q.data);
	} else {
	this._priv = new ECPrivate(
	this._ecParams, pk.part.d.data);
	}

	} else if (pk.type === 'curve25519') {
	var k = pk.part.k;
	if (!pk.part.k)
	k = pk.part.r;
	this._priv = k.data;
	if (this._priv[0] === 0x00)
	this._priv = this._priv.slice(1);
	this._priv = this._priv.slice(0, 32);
	}
	this._key = pk;
	this._isPriv = true;
	};
	DiffieHellman.prototype.setPrivateKey = DiffieHellman.prototype.setKey;

	DiffieHellman.prototype.computeSecret = function (otherpk) {
	this._keyCheck(otherpk, true);
	if (!this._isPriv)
	throw (new Error('DH exchange has not been initialized with ' +
	'a private key yet'));

	var pub;
	if (this._algo === 'dsa') {
	return (this._dh.computeSecret(
	otherpk.part.y.data));

	} else if (this._algo === 'ecdsa') {
	if (CRYPTO_HAVE_ECDH) {
	return (this._dh.computeSecret(
	otherpk.part.Q.data));
	} else {
	pub = new ECPublic(
	this._ecParams, otherpk.part.Q.data);
	return (this._priv.deriveSharedSecret(pub));
	}

	} else if (this._algo === 'curve25519') {
	pub = otherpk.part.A.data;
	while (pub[0] === 0x00 && pub.length > 32)
	pub = pub.slice(1);
	var priv = this._priv;
	assert.strictEqual(pub.length, 32);
	assert.strictEqual(priv.length, 32);

	var secret = nacl.box.before(new Uint8Array(pub),
	new Uint8Array(priv));

	return (Buffer.from(secret));
	}

	throw (new Error('Invalid algorithm: ' + this._algo));
	};

	DiffieHellman.prototype.generateKey = function () {
	var parts = [];
	var priv, pub;
	if (this._algo === 'dsa') {
	this._dh.generateKeys();

	parts.push({name: 'p', data: this._p.data});
	parts.push({name: 'q', data: this._key.part.q.data});
	parts.push({name: 'g', data: this._g.data});
	parts.push({name: 'y', data: this._dh.getPublicKey()});
	parts.push({name: 'x', data: this._dh.getPrivateKey()});
	this._key = new PrivateKey({
	type: 'dsa',
	parts: parts
	});
	this._isPriv = true;
	return (this._key);

	} else if (this._algo === 'ecdsa') {
	if (CRYPTO_HAVE_ECDH) {
	this._dh.generateKeys();

	parts.push({name: 'curve',
	data: Buffer.from(this._curve)});
	parts.push({name: 'Q', data: this._dh.getPublicKey()});
	parts.push({name: 'd', data: this._dh.getPrivateKey()});
	this._key = new PrivateKey({
	type: 'ecdsa',
	curve: this._curve,
	parts: parts
	});
	this._isPriv = true;
	return (this._key);

	} else {
	var n = this._ecParams.getN();
	var r = new jsbn(crypto.randomBytes(n.bitLength()));
	var n1 = n.subtract(jsbn.ONE);
	priv = r.mod(n1).add(jsbn.ONE);
	pub = this._ecParams.getG().multiply(priv);

	priv = Buffer.from(priv.toByteArray());
	pub = Buffer.from(this._ecParams.getCurve().
	encodePointHex(pub), 'hex');

	this._priv = new ECPrivate(this._ecParams, priv);

	parts.push({name: 'curve',
	data: Buffer.from(this._curve)});
	parts.push({name: 'Q', data: pub});
	parts.push({name: 'd', data: priv});

	this._key = new PrivateKey({
	type: 'ecdsa',
	curve: this._curve,
	parts: parts
	});
	this._isPriv = true;
	return (this._key);
	}

	} else if (this._algo === 'curve25519') {
	var pair = nacl.box.keyPair();
	priv = Buffer.from(pair.secretKey);
	pub = Buffer.from(pair.publicKey);
	priv = Buffer.concat([priv, pub]);
	assert.strictEqual(priv.length, 64);
	assert.strictEqual(pub.length, 32);

	parts.push({name: 'A', data: pub});
	parts.push({name: 'k', data: priv});
	this._key = new PrivateKey({
	type: 'curve25519',
	parts: parts
	});
	this._isPriv = true;
	return (this._key);
	}

	throw (new Error('Invalid algorithm: ' + this._algo));
	};
	DiffieHellman.prototype.generateKeys = DiffieHellman.prototype.generateKey;

	/* These are helpers for using ecc-jsbn (for node 0.10 compatibility). */

	function X9ECParameters(name) {
	var params = algs.curves[name];
	assert.object(params);

	var p = new jsbn(params.p);
	var a = new jsbn(params.a);
	var b = new jsbn(params.b);
	var n = new jsbn(params.n);
	var h = jsbn.ONE;
	var curve = new ec.ECCurveFp(p, a, b);
	var G = curve.decodePointHex(params.G.toString('hex'));

	this.curve = curve;
	this.g = G;
	this.n = n;
	this.h = h;
	}
	X9ECParameters.prototype.getCurve = function () { return (this.curve); };
	X9ECParameters.prototype.getG = function () { return (this.g); };
	X9ECParameters.prototype.getN = function () { return (this.n); };
	X9ECParameters.prototype.getH = function () { return (this.h); };

	function ECPublic(params, buffer) {
	this._params = params;
	if (buffer[0] === 0x00)
	buffer = buffer.slice(1);
	this._pub = params.getCurve().decodePointHex(buffer.toString('hex'));
	}

	function ECPrivate(params, buffer) {
	this._params = params;
	this._priv = new jsbn(utils.mpNormalize(buffer));
	}
	ECPrivate.prototype.deriveSharedSecret = function (pubKey) {
	assert.ok(pubKey instanceof ECPublic);
	var S = pubKey._pub.multiply(this._priv);
	return (Buffer.from(S.getX().toBigInteger().toByteArray()));
	};

	function generateED25519() {
	var pair = nacl.sign.keyPair();
	var priv = Buffer.from(pair.secretKey);
	var pub = Buffer.from(pair.publicKey);
	assert.strictEqual(priv.length, 64);
	assert.strictEqual(pub.length, 32);

	var parts = [];
	parts.push({name: 'A', data: pub});
	parts.push({name: 'k', data: priv.slice(0, 32)});
	var key = new PrivateKey({
	type: 'ed25519',
	parts: parts
	});
	return (key);
	}

	/* Generates a new ECDSA private key on a given curve. */
	function generateECDSA(curve) {
	var parts = [];
	var key;

	if (CRYPTO_HAVE_ECDH) {
	/*
	* Node crypto doesn't expose key generation directly, but the
	* ECDH instances can generate keys. It turns out this just
	* calls into the OpenSSL generic key generator, and we can
	* read its output happily without doing an actual DH. So we
	* use that here.
	*/
	var osCurve = {
	'nistp256': 'prime256v1',
	'nistp384': 'secp384r1',
	'nistp521': 'secp521r1'
	}[curve];

	var dh = crypto.createECDH(osCurve);
	dh.generateKeys();

	parts.push({name: 'curve',
	data: Buffer.from(curve)});
	parts.push({name: 'Q', data: dh.getPublicKey()});
	parts.push({name: 'd', data: dh.getPrivateKey()});

	key = new PrivateKey({
	type: 'ecdsa',
	curve: curve,
	parts: parts
	});
	return (key);
	} else {

	var ecParams = new X9ECParameters(curve);

	/* This algorithm taken from FIPS PUB 186-4 (section B.4.1) */
	var n = ecParams.getN();
	/*
	* The crypto.randomBytes() function can only give us whole
	* bytes, so taking a nod from X9.62, we round up.
	*/
	var cByteLen = Math.ceil((n.bitLength() + 64) / 8);
	var c = new jsbn(crypto.randomBytes(cByteLen));

	var n1 = n.subtract(jsbn.ONE);
	var priv = c.mod(n1).add(jsbn.ONE);
	var pub = ecParams.getG().multiply(priv);

	priv = Buffer.from(priv.toByteArray());
	pub = Buffer.from(ecParams.getCurve().
	encodePointHex(pub), 'hex');

	parts.push({name: 'curve', data: Buffer.from(curve)});
	parts.push({name: 'Q', data: pub});
	parts.push({name: 'd', data: priv});

	key = new PrivateKey({
	type: 'ecdsa',
	curve: curve,
	parts: parts
	});
	return (key);
	}
	}