rfc4253.js 3.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146
  1. // Copyright 2015 Joyent, Inc.
  2. module.exports = {
  3. read: read.bind(undefined, false, undefined),
  4. readType: read.bind(undefined, false),
  5. write: write,
  6. /* semi-private api, used by sshpk-agent */
  7. readPartial: read.bind(undefined, true),
  8. /* shared with ssh format */
  9. readInternal: read,
  10. keyTypeToAlg: keyTypeToAlg,
  11. algToKeyType: algToKeyType
  12. };
  13. var assert = require('assert-plus');
  14. var algs = require('../algs');
  15. var utils = require('../utils');
  16. var Key = require('../key');
  17. var PrivateKey = require('../private-key');
  18. var SSHBuffer = require('../ssh-buffer');
  19. function algToKeyType(alg) {
  20. assert.string(alg);
  21. if (alg === 'ssh-dss')
  22. return ('dsa');
  23. else if (alg === 'ssh-rsa')
  24. return ('rsa');
  25. else if (alg === 'ssh-ed25519')
  26. return ('ed25519');
  27. else if (alg === 'ssh-curve25519')
  28. return ('curve25519');
  29. else if (alg.match(/^ecdsa-sha2-/))
  30. return ('ecdsa');
  31. else
  32. throw (new Error('Unknown algorithm ' + alg));
  33. }
  34. function keyTypeToAlg(key) {
  35. assert.object(key);
  36. if (key.type === 'dsa')
  37. return ('ssh-dss');
  38. else if (key.type === 'rsa')
  39. return ('ssh-rsa');
  40. else if (key.type === 'ed25519')
  41. return ('ssh-ed25519');
  42. else if (key.type === 'curve25519')
  43. return ('ssh-curve25519');
  44. else if (key.type === 'ecdsa')
  45. return ('ecdsa-sha2-' + key.part.curve.data.toString());
  46. else
  47. throw (new Error('Unknown key type ' + key.type));
  48. }
  49. function read(partial, type, buf, options) {
  50. if (typeof (buf) === 'string')
  51. buf = new Buffer(buf);
  52. assert.buffer(buf, 'buf');
  53. var key = {};
  54. var parts = key.parts = [];
  55. var sshbuf = new SSHBuffer({buffer: buf});
  56. var alg = sshbuf.readString();
  57. assert.ok(!sshbuf.atEnd(), 'key must have at least one part');
  58. key.type = algToKeyType(alg);
  59. var partCount = algs.info[key.type].parts.length;
  60. if (type && type === 'private')
  61. partCount = algs.privInfo[key.type].parts.length;
  62. while (!sshbuf.atEnd() && parts.length < partCount)
  63. parts.push(sshbuf.readPart());
  64. while (!partial && !sshbuf.atEnd())
  65. parts.push(sshbuf.readPart());
  66. assert.ok(parts.length >= 1,
  67. 'key must have at least one part');
  68. assert.ok(partial || sshbuf.atEnd(),
  69. 'leftover bytes at end of key');
  70. var Constructor = Key;
  71. var algInfo = algs.info[key.type];
  72. if (type === 'private' || algInfo.parts.length !== parts.length) {
  73. algInfo = algs.privInfo[key.type];
  74. Constructor = PrivateKey;
  75. }
  76. assert.strictEqual(algInfo.parts.length, parts.length);
  77. if (key.type === 'ecdsa') {
  78. var res = /^ecdsa-sha2-(.+)$/.exec(alg);
  79. assert.ok(res !== null);
  80. assert.strictEqual(res[1], parts[0].data.toString());
  81. }
  82. var normalized = true;
  83. for (var i = 0; i < algInfo.parts.length; ++i) {
  84. parts[i].name = algInfo.parts[i];
  85. if (parts[i].name !== 'curve' &&
  86. algInfo.normalize !== false) {
  87. var p = parts[i];
  88. var nd = utils.mpNormalize(p.data);
  89. if (nd !== p.data) {
  90. p.data = nd;
  91. normalized = false;
  92. }
  93. }
  94. }
  95. if (normalized)
  96. key._rfc4253Cache = sshbuf.toBuffer();
  97. if (partial && typeof (partial) === 'object') {
  98. partial.remainder = sshbuf.remainder();
  99. partial.consumed = sshbuf._offset;
  100. }
  101. return (new Constructor(key));
  102. }
  103. function write(key, options) {
  104. assert.object(key);
  105. var alg = keyTypeToAlg(key);
  106. var i;
  107. var algInfo = algs.info[key.type];
  108. if (PrivateKey.isPrivateKey(key))
  109. algInfo = algs.privInfo[key.type];
  110. var parts = algInfo.parts;
  111. var buf = new SSHBuffer({});
  112. buf.writeString(alg);
  113. for (i = 0; i < parts.length; ++i) {
  114. var data = key.part[parts[i]].data;
  115. if (algInfo.normalize !== false)
  116. data = utils.mpNormalize(data);
  117. buf.writeBuffer(data);
  118. }
  119. return (buf.toBuffer());
  120. }