123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146 |
- // Copyright 2015 Joyent, Inc.
- module.exports = {
- read: read.bind(undefined, false, undefined),
- readType: read.bind(undefined, false),
- write: write,
- /* semi-private api, used by sshpk-agent */
- readPartial: read.bind(undefined, true),
- /* shared with ssh format */
- readInternal: read,
- keyTypeToAlg: keyTypeToAlg,
- algToKeyType: algToKeyType
- };
- var assert = require('assert-plus');
- var algs = require('../algs');
- var utils = require('../utils');
- var Key = require('../key');
- var PrivateKey = require('../private-key');
- var SSHBuffer = require('../ssh-buffer');
- function algToKeyType(alg) {
- assert.string(alg);
- if (alg === 'ssh-dss')
- return ('dsa');
- else if (alg === 'ssh-rsa')
- return ('rsa');
- else if (alg === 'ssh-ed25519')
- return ('ed25519');
- else if (alg === 'ssh-curve25519')
- return ('curve25519');
- else if (alg.match(/^ecdsa-sha2-/))
- return ('ecdsa');
- else
- throw (new Error('Unknown algorithm ' + alg));
- }
- function keyTypeToAlg(key) {
- assert.object(key);
- if (key.type === 'dsa')
- return ('ssh-dss');
- else if (key.type === 'rsa')
- return ('ssh-rsa');
- else if (key.type === 'ed25519')
- return ('ssh-ed25519');
- else if (key.type === 'curve25519')
- return ('ssh-curve25519');
- else if (key.type === 'ecdsa')
- return ('ecdsa-sha2-' + key.part.curve.data.toString());
- else
- throw (new Error('Unknown key type ' + key.type));
- }
- function read(partial, type, buf, options) {
- if (typeof (buf) === 'string')
- buf = new Buffer(buf);
- assert.buffer(buf, 'buf');
- var key = {};
- var parts = key.parts = [];
- var sshbuf = new SSHBuffer({buffer: buf});
- var alg = sshbuf.readString();
- assert.ok(!sshbuf.atEnd(), 'key must have at least one part');
- key.type = algToKeyType(alg);
- var partCount = algs.info[key.type].parts.length;
- if (type && type === 'private')
- partCount = algs.privInfo[key.type].parts.length;
- while (!sshbuf.atEnd() && parts.length < partCount)
- parts.push(sshbuf.readPart());
- while (!partial && !sshbuf.atEnd())
- parts.push(sshbuf.readPart());
- assert.ok(parts.length >= 1,
- 'key must have at least one part');
- assert.ok(partial || sshbuf.atEnd(),
- 'leftover bytes at end of key');
- var Constructor = Key;
- var algInfo = algs.info[key.type];
- if (type === 'private' || algInfo.parts.length !== parts.length) {
- algInfo = algs.privInfo[key.type];
- Constructor = PrivateKey;
- }
- assert.strictEqual(algInfo.parts.length, parts.length);
- if (key.type === 'ecdsa') {
- var res = /^ecdsa-sha2-(.+)$/.exec(alg);
- assert.ok(res !== null);
- assert.strictEqual(res[1], parts[0].data.toString());
- }
- var normalized = true;
- for (var i = 0; i < algInfo.parts.length; ++i) {
- parts[i].name = algInfo.parts[i];
- if (parts[i].name !== 'curve' &&
- algInfo.normalize !== false) {
- var p = parts[i];
- var nd = utils.mpNormalize(p.data);
- if (nd !== p.data) {
- p.data = nd;
- normalized = false;
- }
- }
- }
- if (normalized)
- key._rfc4253Cache = sshbuf.toBuffer();
- if (partial && typeof (partial) === 'object') {
- partial.remainder = sshbuf.remainder();
- partial.consumed = sshbuf._offset;
- }
- return (new Constructor(key));
- }
- function write(key, options) {
- assert.object(key);
- var alg = keyTypeToAlg(key);
- var i;
- var algInfo = algs.info[key.type];
- if (PrivateKey.isPrivateKey(key))
- algInfo = algs.privInfo[key.type];
- var parts = algInfo.parts;
- var buf = new SSHBuffer({});
- buf.writeString(alg);
- for (i = 0; i < parts.length; ++i) {
- var data = key.part[parts[i]].data;
- if (algInfo.normalize !== false)
- data = utils.mpNormalize(data);
- buf.writeBuffer(data);
- }
- return (buf.toBuffer());
- }
|