AJ ONeal
5 years ago
14 changed files with 3616 additions and 2712 deletions
@ -0,0 +1,8 @@ |
|||
{ |
|||
"bracketSpacing": true, |
|||
"printWidth": 80, |
|||
"singleQuote": true, |
|||
"tabWidth": 4, |
|||
"trailingComma": "none", |
|||
"useTabs": true |
|||
} |
@ -0,0 +1,60 @@ |
|||
#!/usr/bin/env node
|
|||
(async function() { |
|||
'use strict'; |
|||
|
|||
var UglifyJS = require('uglify-js'); |
|||
var path = require('path'); |
|||
var fs = require('fs'); |
|||
var promisify = require('util').promisify; |
|||
var readFile = promisify(fs.readFile); |
|||
var writeFile = promisify(fs.writeFile); |
|||
var gzip = promisify(require('zlib').gzip); |
|||
|
|||
// The order is specific, and it matters
|
|||
var files = await Promise.all( |
|||
[ |
|||
'../lib/encoding.js', |
|||
'../lib/asn1-packer.js', |
|||
'../lib/x509.js', |
|||
'../lib/ecdsa.js', |
|||
'../lib/rsa.js', |
|||
'../lib/keypairs.js', |
|||
'../lib/asn1-parser.js', |
|||
'../lib/csr.js', |
|||
'../lib/acme.js' |
|||
].map(async function(file) { |
|||
return (await readFile(path.join(__dirname, file), 'utf8')).trim(); |
|||
}) |
|||
); |
|||
|
|||
var header = |
|||
[ |
|||
'// Copyright 2015-2019 AJ ONeal. All rights reserved', |
|||
'/* This Source Code Form is subject to the terms of the Mozilla Public', |
|||
' * License, v. 2.0. If a copy of the MPL was not distributed with this', |
|||
' * file, You can obtain one at http://mozilla.org/MPL/2.0/. */' |
|||
].join('\n') + '\n'; |
|||
|
|||
var file = header + files.join('\n') + '\n'; |
|||
await writeFile(path.join(__dirname, '../dist', 'acme.js'), file); |
|||
await writeFile( |
|||
path.join(__dirname, '../dist', 'acme.js.gz'), |
|||
await gzip(file) |
|||
); |
|||
|
|||
// TODO source maps?
|
|||
var result = UglifyJS.minify(file, { |
|||
compress: true, |
|||
// mangling doesn't save significant
|
|||
mangle: false |
|||
}); |
|||
if (result.error) { |
|||
throw result.error; |
|||
} |
|||
file = header + result.code; |
|||
await writeFile(path.join(__dirname, '../dist', 'acme.min.js'), file); |
|||
await writeFile( |
|||
path.join(__dirname, '../dist', 'acme.min.js.gz'), |
|||
await gzip(file) |
|||
); |
|||
})(); |
File diff suppressed because it is too large
@ -1,127 +1,147 @@ |
|||
;(function (exports) { |
|||
'use strict'; |
|||
|
|||
if (!exports.ASN1) { exports.ASN1 = {}; } |
|||
if (!exports.Enc) { exports.Enc = {}; } |
|||
if (!exports.PEM) { exports.PEM = {}; } |
|||
|
|||
var ASN1 = exports.ASN1; |
|||
var Enc = exports.Enc; |
|||
var PEM = exports.PEM; |
|||
|
|||
//
|
|||
// Packer
|
|||
//
|
|||
|
|||
// Almost every ASN.1 type that's important for CSR
|
|||
// can be represented generically with only a few rules.
|
|||
exports.ASN1 = function ASN1(/*type, hexstrings...*/) { |
|||
var args = Array.prototype.slice.call(arguments); |
|||
var typ = args.shift(); |
|||
var str = args.join('').replace(/\s+/g, '').toLowerCase(); |
|||
var len = (str.length/2); |
|||
var lenlen = 0; |
|||
var hex = typ; |
|||
|
|||
// We can't have an odd number of hex chars
|
|||
if (len !== Math.round(len)) { |
|||
throw new Error("invalid hex"); |
|||
} |
|||
|
|||
// The first byte of any ASN.1 sequence is the type (Sequence, Integer, etc)
|
|||
// The second byte is either the size of the value, or the size of its size
|
|||
|
|||
// 1. If the second byte is < 0x80 (128) it is considered the size
|
|||
// 2. If it is > 0x80 then it describes the number of bytes of the size
|
|||
// ex: 0x82 means the next 2 bytes describe the size of the value
|
|||
// 3. The special case of exactly 0x80 is "indefinite" length (to end-of-file)
|
|||
|
|||
if (len > 127) { |
|||
lenlen += 1; |
|||
while (len > 255) { |
|||
lenlen += 1; |
|||
len = len >> 8; |
|||
} |
|||
} |
|||
|
|||
if (lenlen) { hex += Enc.numToHex(0x80 + lenlen); } |
|||
return hex + Enc.numToHex(str.length/2) + str; |
|||
}; |
|||
|
|||
// The Integer type has some special rules
|
|||
ASN1.UInt = function UINT() { |
|||
var str = Array.prototype.slice.call(arguments).join(''); |
|||
var first = parseInt(str.slice(0, 2), 16); |
|||
|
|||
// If the first byte is 0x80 or greater, the number is considered negative
|
|||
// Therefore we add a '00' prefix if the 0x80 bit is set
|
|||
if (0x80 & first) { str = '00' + str; } |
|||
|
|||
return ASN1('02', str); |
|||
}; |
|||
|
|||
// The Bit String type also has a special rule
|
|||
ASN1.BitStr = function BITSTR() { |
|||
var str = Array.prototype.slice.call(arguments).join(''); |
|||
// '00' is a mask of how many bits of the next byte to ignore
|
|||
return ASN1('03', '00' + str); |
|||
}; |
|||
|
|||
ASN1.pack = function (arr) { |
|||
var typ = Enc.numToHex(arr[0]); |
|||
var str = ''; |
|||
if (Array.isArray(arr[1])) { |
|||
arr[1].forEach(function (a) { |
|||
str += ASN1.pack(a); |
|||
}); |
|||
} else if ('string' === typeof arr[1]) { |
|||
str = arr[1]; |
|||
} else { |
|||
throw new Error("unexpected array"); |
|||
} |
|||
if ('03' === typ) { |
|||
return ASN1.BitStr(str); |
|||
} else if ('02' === typ) { |
|||
return ASN1.UInt(str); |
|||
} else { |
|||
return ASN1(typ, str); |
|||
} |
|||
}; |
|||
Object.keys(ASN1).forEach(function (k) { |
|||
exports.ASN1[k] = ASN1[k]; |
|||
}); |
|||
ASN1 = exports.ASN1; |
|||
|
|||
PEM.packBlock = function (opts) { |
|||
// TODO allow for headers?
|
|||
return '-----BEGIN ' + opts.type + '-----\n' |
|||
+ Enc.bufToBase64(opts.bytes).match(/.{1,64}/g).join('\n') + '\n' |
|||
+ '-----END ' + opts.type + '-----' |
|||
; |
|||
}; |
|||
|
|||
Enc.bufToBase64 = function (u8) { |
|||
var bin = ''; |
|||
u8.forEach(function (i) { |
|||
bin += String.fromCharCode(i); |
|||
}); |
|||
return btoa(bin); |
|||
}; |
|||
|
|||
Enc.hexToBuf = function (hex) { |
|||
var arr = []; |
|||
hex.match(/.{2}/g).forEach(function (h) { |
|||
arr.push(parseInt(h, 16)); |
|||
}); |
|||
return 'undefined' !== typeof Uint8Array ? new Uint8Array(arr) : arr; |
|||
}; |
|||
|
|||
Enc.numToHex = function (d) { |
|||
d = d.toString(16); |
|||
if (d.length % 2) { |
|||
return '0' + d; |
|||
} |
|||
return d; |
|||
}; |
|||
|
|||
}('undefined' !== typeof window ? window : module.exports)); |
|||
(function(exports) { |
|||
'use strict'; |
|||
|
|||
if (!exports.ASN1) { |
|||
exports.ASN1 = {}; |
|||
} |
|||
if (!exports.Enc) { |
|||
exports.Enc = {}; |
|||
} |
|||
if (!exports.PEM) { |
|||
exports.PEM = {}; |
|||
} |
|||
|
|||
var ASN1 = exports.ASN1; |
|||
var Enc = exports.Enc; |
|||
var PEM = exports.PEM; |
|||
|
|||
//
|
|||
// Packer
|
|||
//
|
|||
|
|||
// Almost every ASN.1 type that's important for CSR
|
|||
// can be represented generically with only a few rules.
|
|||
exports.ASN1 = function ASN1(/*type, hexstrings...*/) { |
|||
var args = Array.prototype.slice.call(arguments); |
|||
var typ = args.shift(); |
|||
var str = args |
|||
.join('') |
|||
.replace(/\s+/g, '') |
|||
.toLowerCase(); |
|||
var len = str.length / 2; |
|||
var lenlen = 0; |
|||
var hex = typ; |
|||
|
|||
// We can't have an odd number of hex chars
|
|||
if (len !== Math.round(len)) { |
|||
throw new Error('invalid hex'); |
|||
} |
|||
|
|||
// The first byte of any ASN.1 sequence is the type (Sequence, Integer, etc)
|
|||
// The second byte is either the size of the value, or the size of its size
|
|||
|
|||
// 1. If the second byte is < 0x80 (128) it is considered the size
|
|||
// 2. If it is > 0x80 then it describes the number of bytes of the size
|
|||
// ex: 0x82 means the next 2 bytes describe the size of the value
|
|||
// 3. The special case of exactly 0x80 is "indefinite" length (to end-of-file)
|
|||
|
|||
if (len > 127) { |
|||
lenlen += 1; |
|||
while (len > 255) { |
|||
lenlen += 1; |
|||
len = len >> 8; |
|||
} |
|||
} |
|||
|
|||
if (lenlen) { |
|||
hex += Enc.numToHex(0x80 + lenlen); |
|||
} |
|||
return hex + Enc.numToHex(str.length / 2) + str; |
|||
}; |
|||
|
|||
// The Integer type has some special rules
|
|||
ASN1.UInt = function UINT() { |
|||
var str = Array.prototype.slice.call(arguments).join(''); |
|||
var first = parseInt(str.slice(0, 2), 16); |
|||
|
|||
// If the first byte is 0x80 or greater, the number is considered negative
|
|||
// Therefore we add a '00' prefix if the 0x80 bit is set
|
|||
if (0x80 & first) { |
|||
str = '00' + str; |
|||
} |
|||
|
|||
return ASN1('02', str); |
|||
}; |
|||
|
|||
// The Bit String type also has a special rule
|
|||
ASN1.BitStr = function BITSTR() { |
|||
var str = Array.prototype.slice.call(arguments).join(''); |
|||
// '00' is a mask of how many bits of the next byte to ignore
|
|||
return ASN1('03', '00' + str); |
|||
}; |
|||
|
|||
ASN1.pack = function(arr) { |
|||
var typ = Enc.numToHex(arr[0]); |
|||
var str = ''; |
|||
if (Array.isArray(arr[1])) { |
|||
arr[1].forEach(function(a) { |
|||
str += ASN1.pack(a); |
|||
}); |
|||
} else if ('string' === typeof arr[1]) { |
|||
str = arr[1]; |
|||
} else { |
|||
throw new Error('unexpected array'); |
|||
} |
|||
if ('03' === typ) { |
|||
return ASN1.BitStr(str); |
|||
} else if ('02' === typ) { |
|||
return ASN1.UInt(str); |
|||
} else { |
|||
return ASN1(typ, str); |
|||
} |
|||
}; |
|||
Object.keys(ASN1).forEach(function(k) { |
|||
exports.ASN1[k] = ASN1[k]; |
|||
}); |
|||
ASN1 = exports.ASN1; |
|||
|
|||
PEM.packBlock = function(opts) { |
|||
// TODO allow for headers?
|
|||
return ( |
|||
'-----BEGIN ' + |
|||
opts.type + |
|||
'-----\n' + |
|||
Enc.bufToBase64(opts.bytes) |
|||
.match(/.{1,64}/g) |
|||
.join('\n') + |
|||
'\n' + |
|||
'-----END ' + |
|||
opts.type + |
|||
'-----' |
|||
); |
|||
}; |
|||
|
|||
Enc.bufToBase64 = function(u8) { |
|||
var bin = ''; |
|||
u8.forEach(function(i) { |
|||
bin += String.fromCharCode(i); |
|||
}); |
|||
return btoa(bin); |
|||
}; |
|||
|
|||
Enc.hexToBuf = function(hex) { |
|||
var arr = []; |
|||
hex.match(/.{2}/g).forEach(function(h) { |
|||
arr.push(parseInt(h, 16)); |
|||
}); |
|||
return 'undefined' !== typeof Uint8Array ? new Uint8Array(arr) : arr; |
|||
}; |
|||
|
|||
Enc.numToHex = function(d) { |
|||
d = d.toString(16); |
|||
if (d.length % 2) { |
|||
return '0' + d; |
|||
} |
|||
return d; |
|||
}; |
|||
})('undefined' !== typeof window ? window : module.exports); |
|||
|
@ -1,172 +1,227 @@ |
|||
/*global Promise*/ |
|||
(function (exports) { |
|||
'use strict'; |
|||
(function(exports) { |
|||
'use strict'; |
|||
|
|||
var EC = exports.Eckles = {}; |
|||
var x509 = exports.x509; |
|||
if ('undefined' !== typeof module) { module.exports = EC; } |
|||
var PEM = exports.PEM; |
|||
var SSH = exports.SSH; |
|||
var Enc = {}; |
|||
var textEncoder = new TextEncoder(); |
|||
var EC = (exports.Eckles = {}); |
|||
var x509 = exports.x509; |
|||
if ('undefined' !== typeof module) { |
|||
module.exports = EC; |
|||
} |
|||
var PEM = exports.PEM; |
|||
var SSH = exports.SSH; |
|||
var Enc = {}; |
|||
var textEncoder = new TextEncoder(); |
|||
|
|||
EC._stance = "We take the stance that if you're knowledgeable enough to" |
|||
+ " properly and securely use non-standard crypto then you shouldn't need Bluecrypt anyway."; |
|||
EC._universal = "Bluecrypt only supports crypto with standard cross-browser and cross-platform support."; |
|||
EC.generate = function (opts) { |
|||
var wcOpts = {}; |
|||
if (!opts) { opts = {}; } |
|||
if (!opts.kty) { opts.kty = 'EC'; } |
|||
EC._stance = |
|||
"We take the stance that if you're knowledgeable enough to" + |
|||
" properly and securely use non-standard crypto then you shouldn't need Bluecrypt anyway."; |
|||
EC._universal = |
|||
'Bluecrypt only supports crypto with standard cross-browser and cross-platform support.'; |
|||
EC.generate = function(opts) { |
|||
var wcOpts = {}; |
|||
if (!opts) { |
|||
opts = {}; |
|||
} |
|||
if (!opts.kty) { |
|||
opts.kty = 'EC'; |
|||
} |
|||
|
|||
// ECDSA has only the P curves and an associated bitlength
|
|||
wcOpts.name = 'ECDSA'; |
|||
if (!opts.namedCurve) { |
|||
opts.namedCurve = 'P-256'; |
|||
} |
|||
wcOpts.namedCurve = opts.namedCurve; // true for supported curves
|
|||
if (/256/.test(wcOpts.namedCurve)) { |
|||
wcOpts.namedCurve = 'P-256'; |
|||
wcOpts.hash = { name: "SHA-256" }; |
|||
} else if (/384/.test(wcOpts.namedCurve)) { |
|||
wcOpts.namedCurve = 'P-384'; |
|||
wcOpts.hash = { name: "SHA-384" }; |
|||
} else { |
|||
return Promise.Reject(new Error("'" + wcOpts.namedCurve + "' is not an NIST approved ECDSA namedCurve. " |
|||
+ " Please choose either 'P-256' or 'P-384'. " |
|||
+ EC._stance)); |
|||
} |
|||
// ECDSA has only the P curves and an associated bitlength
|
|||
wcOpts.name = 'ECDSA'; |
|||
if (!opts.namedCurve) { |
|||
opts.namedCurve = 'P-256'; |
|||
} |
|||
wcOpts.namedCurve = opts.namedCurve; // true for supported curves
|
|||
if (/256/.test(wcOpts.namedCurve)) { |
|||
wcOpts.namedCurve = 'P-256'; |
|||
wcOpts.hash = { name: 'SHA-256' }; |
|||
} else if (/384/.test(wcOpts.namedCurve)) { |
|||
wcOpts.namedCurve = 'P-384'; |
|||
wcOpts.hash = { name: 'SHA-384' }; |
|||
} else { |
|||
return Promise.Reject( |
|||
new Error( |
|||
"'" + |
|||
wcOpts.namedCurve + |
|||
"' is not an NIST approved ECDSA namedCurve. " + |
|||
" Please choose either 'P-256' or 'P-384'. " + |
|||
EC._stance |
|||
) |
|||
); |
|||
} |
|||
|
|||
var extractable = true; |
|||
return window.crypto.subtle.generateKey( |
|||
wcOpts |
|||
, extractable |
|||
, [ 'sign', 'verify' ] |
|||
).then(function (result) { |
|||
return window.crypto.subtle.exportKey( |
|||
"jwk" |
|||
, result.privateKey |
|||
).then(function (privJwk) { |
|||
privJwk.key_ops = undefined; |
|||
privJwk.ext = undefined; |
|||
return { |
|||
private: privJwk |
|||
, public: EC.neuter({ jwk: privJwk }) |
|||
}; |
|||
}); |
|||
}); |
|||
}; |
|||
var extractable = true; |
|||
return window.crypto.subtle |
|||
.generateKey(wcOpts, extractable, ['sign', 'verify']) |
|||
.then(function(result) { |
|||
return window.crypto.subtle |
|||
.exportKey('jwk', result.privateKey) |
|||
.then(function(privJwk) { |
|||
privJwk.key_ops = undefined; |
|||
privJwk.ext = undefined; |
|||
return { |
|||
private: privJwk, |
|||
public: EC.neuter({ jwk: privJwk }) |
|||
}; |
|||
}); |
|||
}); |
|||
}; |
|||
|
|||
EC.export = function (opts) { |
|||
return Promise.resolve().then(function () { |
|||
if (!opts || !opts.jwk || 'object' !== typeof opts.jwk) { |
|||
throw new Error("must pass { jwk: jwk } as a JSON object"); |
|||
} |
|||
var jwk = JSON.parse(JSON.stringify(opts.jwk)); |
|||
var format = opts.format; |
|||
if (opts.public || -1 !== [ 'spki', 'pkix', 'ssh', 'rfc4716' ].indexOf(format)) { |
|||
jwk.d = null; |
|||
} |
|||
if ('EC' !== jwk.kty) { |
|||
throw new Error("options.jwk.kty must be 'EC' for EC keys"); |
|||
} |
|||
if (!jwk.d) { |
|||
if (!format || -1 !== [ 'spki', 'pkix' ].indexOf(format)) { |
|||
format = 'spki'; |
|||
} else if (-1 !== [ 'ssh', 'rfc4716' ].indexOf(format)) { |
|||
format = 'ssh'; |
|||
} else { |
|||
throw new Error("options.format must be 'spki' or 'ssh' for public EC keys, not (" |
|||
+ typeof format + ") " + format); |
|||
} |
|||
} else { |
|||
if (!format || 'sec1' === format) { |
|||
format = 'sec1'; |
|||
} else if ('pkcs8' !== format) { |
|||
throw new Error("options.format must be 'sec1' or 'pkcs8' for private EC keys, not '" + format + "'"); |
|||
} |
|||
} |
|||
if (-1 === [ 'P-256', 'P-384' ].indexOf(jwk.crv)) { |
|||
throw new Error("options.jwk.crv must be either P-256 or P-384 for EC keys, not '" + jwk.crv + "'"); |
|||
} |
|||
if (!jwk.y) { |
|||
throw new Error("options.jwk.y must be a urlsafe base64-encoded either P-256 or P-384"); |
|||
} |
|||
EC.export = function(opts) { |
|||
return Promise.resolve().then(function() { |
|||
if (!opts || !opts.jwk || 'object' !== typeof opts.jwk) { |
|||
throw new Error('must pass { jwk: jwk } as a JSON object'); |
|||
} |
|||
var jwk = JSON.parse(JSON.stringify(opts.jwk)); |
|||
var format = opts.format; |
|||
if ( |
|||
opts.public || |
|||
-1 !== ['spki', 'pkix', 'ssh', 'rfc4716'].indexOf(format) |
|||
) { |
|||
jwk.d = null; |
|||
} |
|||
if ('EC' !== jwk.kty) { |
|||
throw new Error("options.jwk.kty must be 'EC' for EC keys"); |
|||
} |
|||
if (!jwk.d) { |
|||
if (!format || -1 !== ['spki', 'pkix'].indexOf(format)) { |
|||
format = 'spki'; |
|||
} else if (-1 !== ['ssh', 'rfc4716'].indexOf(format)) { |
|||
format = 'ssh'; |
|||
} else { |
|||
throw new Error( |
|||
"options.format must be 'spki' or 'ssh' for public EC keys, not (" + |
|||
typeof format + |
|||
') ' + |
|||
format |
|||
); |
|||
} |
|||
} else { |
|||
if (!format || 'sec1' === format) { |
|||
format = 'sec1'; |
|||
} else if ('pkcs8' !== format) { |
|||
throw new Error( |
|||
"options.format must be 'sec1' or 'pkcs8' for private EC keys, not '" + |
|||
format + |
|||
"'" |
|||
); |
|||
} |
|||
} |
|||
if (-1 === ['P-256', 'P-384'].indexOf(jwk.crv)) { |
|||
throw new Error( |
|||
"options.jwk.crv must be either P-256 or P-384 for EC keys, not '" + |
|||
jwk.crv + |
|||
"'" |
|||
); |
|||
} |
|||
if (!jwk.y) { |
|||
throw new Error( |
|||
'options.jwk.y must be a urlsafe base64-encoded either P-256 or P-384' |
|||
); |
|||
} |
|||
|
|||
if ('sec1' === format) { |
|||
return PEM.packBlock({ type: "EC PRIVATE KEY", bytes: x509.packSec1(jwk) }); |
|||
} else if ('pkcs8' === format) { |
|||
return PEM.packBlock({ type: "PRIVATE KEY", bytes: x509.packPkcs8(jwk) }); |
|||
} else if (-1 !== [ 'spki', 'pkix' ].indexOf(format)) { |
|||
return PEM.packBlock({ type: "PUBLIC KEY", bytes: x509.packSpki(jwk) }); |
|||
} else if (-1 !== [ 'ssh', 'rfc4716' ].indexOf(format)) { |
|||
return SSH.packSsh(jwk); |
|||
} else { |
|||
throw new Error("Sanity Error: reached unreachable code block with format: " + format); |
|||
} |
|||
}); |
|||
}; |
|||
EC.pack = function (opts) { |
|||
return Promise.resolve().then(function () { |
|||
return EC.exportSync(opts); |
|||
}); |
|||
}; |
|||
if ('sec1' === format) { |
|||
return PEM.packBlock({ |
|||
type: 'EC PRIVATE KEY', |
|||
bytes: x509.packSec1(jwk) |
|||
}); |
|||
} else if ('pkcs8' === format) { |
|||
return PEM.packBlock({ |
|||
type: 'PRIVATE KEY', |
|||
bytes: x509.packPkcs8(jwk) |
|||
}); |
|||
} else if (-1 !== ['spki', 'pkix'].indexOf(format)) { |
|||
return PEM.packBlock({ |
|||
type: 'PUBLIC KEY', |
|||
bytes: x509.packSpki(jwk) |
|||
}); |
|||
} else if (-1 !== ['ssh', 'rfc4716'].indexOf(format)) { |
|||
return SSH.packSsh(jwk); |
|||
} else { |
|||
throw new Error( |
|||
'Sanity Error: reached unreachable code block with format: ' + |
|||
format |
|||
); |
|||
} |
|||
}); |
|||
}; |
|||
EC.pack = function(opts) { |
|||
return Promise.resolve().then(function() { |
|||
return EC.exportSync(opts); |
|||
}); |
|||
}; |
|||
|
|||
// Chopping off the private parts is now part of the public API.
|
|||
// I thought it sounded a little too crude at first, but it really is the best name in every possible way.
|
|||
EC.neuter = function (opts) { |
|||
// trying to find the best balance of an immutable copy with custom attributes
|
|||
var jwk = {}; |
|||
Object.keys(opts.jwk).forEach(function (k) { |
|||
if ('undefined' === typeof opts.jwk[k]) { return; } |
|||
// ignore EC private parts
|
|||
if ('d' === k) { return; } |
|||
jwk[k] = JSON.parse(JSON.stringify(opts.jwk[k])); |
|||
}); |
|||
return jwk; |
|||
}; |
|||
// Chopping off the private parts is now part of the public API.
|
|||
// I thought it sounded a little too crude at first, but it really is the best name in every possible way.
|
|||
EC.neuter = function(opts) { |
|||
// trying to find the best balance of an immutable copy with custom attributes
|
|||
var jwk = {}; |
|||
Object.keys(opts.jwk).forEach(function(k) { |
|||
if ('undefined' === typeof opts.jwk[k]) { |
|||
return; |
|||
} |
|||
// ignore EC private parts
|
|||
if ('d' === k) { |
|||
return; |
|||
} |
|||
jwk[k] = JSON.parse(JSON.stringify(opts.jwk[k])); |
|||
}); |
|||
return jwk; |
|||
}; |
|||
|
|||
// https://stackoverflow.com/questions/42588786/how-to-fingerprint-a-jwk
|
|||
EC.__thumbprint = function (jwk) { |
|||
// Use the same entropy for SHA as for key
|
|||
var alg = 'SHA-256'; |
|||
if (/384/.test(jwk.crv)) { |
|||
alg = 'SHA-384'; |
|||
} |
|||
return window.crypto.subtle.digest( |
|||
{ name: alg } |
|||
, textEncoder.encode('{"crv":"' + jwk.crv + '","kty":"EC","x":"' + jwk.x + '","y":"' + jwk.y + '"}') |
|||
).then(function (hash) { |
|||
return Enc.bufToUrlBase64(new Uint8Array(hash)); |
|||
}); |
|||
}; |
|||
// https://stackoverflow.com/questions/42588786/how-to-fingerprint-a-jwk
|
|||
EC.__thumbprint = function(jwk) { |
|||
// Use the same entropy for SHA as for key
|
|||
var alg = 'SHA-256'; |
|||
if (/384/.test(jwk.crv)) { |
|||
alg = 'SHA-384'; |
|||
} |
|||
return window.crypto.subtle |
|||
.digest( |
|||
{ name: alg }, |
|||
textEncoder.encode( |
|||
'{"crv":"' + |
|||
jwk.crv + |
|||
'","kty":"EC","x":"' + |
|||
jwk.x + |
|||
'","y":"' + |
|||
jwk.y + |
|||
'"}' |
|||
) |
|||
) |
|||
.then(function(hash) { |
|||
return Enc.bufToUrlBase64(new Uint8Array(hash)); |
|||
}); |
|||
}; |
|||
|
|||
EC.thumbprint = function (opts) { |
|||
return Promise.resolve().then(function () { |
|||
var jwk; |
|||
if ('EC' === opts.kty) { |
|||
jwk = opts; |
|||
} else if (opts.jwk) { |
|||
jwk = opts.jwk; |
|||
} else { |
|||
return EC.import(opts).then(function (jwk) { |
|||
return EC.__thumbprint(jwk); |
|||
}); |
|||
} |
|||
return EC.__thumbprint(jwk); |
|||
}); |
|||
}; |
|||
EC.thumbprint = function(opts) { |
|||
return Promise.resolve().then(function() { |
|||
var jwk; |
|||
if ('EC' === opts.kty) { |
|||
jwk = opts; |
|||
} else if (opts.jwk) { |
|||
jwk = opts.jwk; |
|||
} else { |
|||
return EC.import(opts).then(function(jwk) { |
|||
return EC.__thumbprint(jwk); |
|||
}); |
|||
} |
|||
return EC.__thumbprint(jwk); |
|||
}); |
|||
}; |
|||
|
|||
Enc.bufToUrlBase64 = function (u8) { |
|||
return Enc.bufToBase64(u8) |
|||
.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, ''); |
|||
}; |
|||
Enc.bufToUrlBase64 = function(u8) { |
|||
return Enc.bufToBase64(u8) |
|||
.replace(/\+/g, '-') |
|||
.replace(/\//g, '_') |
|||
.replace(/=/g, ''); |
|||
}; |
|||
|
|||
Enc.bufToBase64 = function (u8) { |
|||
var bin = ''; |
|||
u8.forEach(function (i) { |
|||
bin += String.fromCharCode(i); |
|||
}); |
|||
return btoa(bin); |
|||
}; |
|||
|
|||
}('undefined' !== typeof module ? module.exports : window)); |
|||
Enc.bufToBase64 = function(u8) { |
|||
var bin = ''; |
|||
u8.forEach(function(i) { |
|||
bin += String.fromCharCode(i); |
|||
}); |
|||
return btoa(bin); |
|||
}; |
|||
})('undefined' !== typeof module ? module.exports : window); |
|||
|
@ -1,140 +1,151 @@ |
|||
(function (exports) { |
|||
|
|||
var Enc = exports.Enc = {}; |
|||
|
|||
Enc.bufToBin = function (buf) { |
|||
var bin = ''; |
|||
// cannot use .map() because Uint8Array would return only 0s
|
|||
buf.forEach(function (ch) { |
|||
bin += String.fromCharCode(ch); |
|||
}); |
|||
return bin; |
|||
}; |
|||
|
|||
Enc.bufToHex = function toHex(u8) { |
|||
var hex = []; |
|||
var i, h; |
|||
var len = (u8.byteLength || u8.length); |
|||
|
|||
for (i = 0; i < len; i += 1) { |
|||
h = u8[i].toString(16); |
|||
if (h.length % 2) { h = '0' + h; } |
|||
hex.push(h); |
|||
} |
|||
|
|||
return hex.join('').toLowerCase(); |
|||
}; |
|||
|
|||
Enc.urlBase64ToBase64 = function urlsafeBase64ToBase64(str) { |
|||
var r = str % 4; |
|||
if (2 === r) { |
|||
str += '=='; |
|||
} else if (3 === r) { |
|||
str += '='; |
|||
} |
|||
return str.replace(/-/g, '+').replace(/_/g, '/'); |
|||
}; |
|||
|
|||
Enc.base64ToBuf = function (b64) { |
|||
return Enc.binToBuf(atob(b64)); |
|||
}; |
|||
Enc.binToBuf = function (bin) { |
|||
var arr = bin.split('').map(function (ch) { |
|||
return ch.charCodeAt(0); |
|||
}); |
|||
return 'undefined' !== typeof Uint8Array ? new Uint8Array(arr) : arr; |
|||
}; |
|||
Enc.bufToHex = function (u8) { |
|||
var hex = []; |
|||
var i, h; |
|||
var len = (u8.byteLength || u8.length); |
|||
|
|||
for (i = 0; i < len; i += 1) { |
|||
h = u8[i].toString(16); |
|||
if (h.length % 2) { h = '0' + h; } |
|||
hex.push(h); |
|||
} |
|||
|
|||
return hex.join('').toLowerCase(); |
|||
}; |
|||
Enc.numToHex = function (d) { |
|||
d = d.toString(16); |
|||
if (d.length % 2) { |
|||
return '0' + d; |
|||
} |
|||
return d; |
|||
}; |
|||
|
|||
Enc.bufToUrlBase64 = function (u8) { |
|||
return Enc.base64ToUrlBase64(Enc.bufToBase64(u8)); |
|||
}; |
|||
|
|||
Enc.base64ToUrlBase64 = function (str) { |
|||
return str.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, ''); |
|||
}; |
|||
|
|||
Enc.bufToBase64 = function (u8) { |
|||
var bin = ''; |
|||
u8.forEach(function (i) { |
|||
bin += String.fromCharCode(i); |
|||
}); |
|||
return btoa(bin); |
|||
}; |
|||
|
|||
Enc.hexToBuf = function (hex) { |
|||
var arr = []; |
|||
hex.match(/.{2}/g).forEach(function (h) { |
|||
arr.push(parseInt(h, 16)); |
|||
}); |
|||
return 'undefined' !== typeof Uint8Array ? new Uint8Array(arr) : arr; |
|||
}; |
|||
|
|||
Enc.numToHex = function (d) { |
|||
d = d.toString(16); |
|||
if (d.length % 2) { |
|||
return '0' + d; |
|||
} |
|||
return d; |
|||
}; |
|||
|
|||
|
|||
//
|
|||
// JWK to SSH (tested working)
|
|||
//
|
|||
Enc.base64ToHex = function (b64) { |
|||
var bin = atob(Enc.urlBase64ToBase64(b64)); |
|||
return Enc.binToHex(bin); |
|||
}; |
|||
|
|||
Enc.binToHex = function (bin) { |
|||
return bin.split('').map(function (ch) { |
|||
var h = ch.charCodeAt(0).toString(16); |
|||
if (h.length % 2) { h = '0' + h; } |
|||
return h; |
|||
}).join(''); |
|||
}; |
|||
// TODO are there any nuance differences here?
|
|||
Enc.utf8ToHex = Enc.binToHex; |
|||
|
|||
Enc.hexToBase64 = function (hex) { |
|||
return btoa(Enc.hexToBin(hex)); |
|||
}; |
|||
|
|||
Enc.hexToBin = function (hex) { |
|||
return hex.match(/.{2}/g).map(function (h) { |
|||
return String.fromCharCode(parseInt(h, 16)); |
|||
}).join(''); |
|||
}; |
|||
|
|||
Enc.urlBase64ToBase64 = function urlsafeBase64ToBase64(str) { |
|||
var r = str % 4; |
|||
if (2 === r) { |
|||
str += '=='; |
|||
} else if (3 === r) { |
|||
str += '='; |
|||
} |
|||
return str.replace(/-/g, '+').replace(/_/g, '/'); |
|||
}; |
|||
|
|||
|
|||
}('undefined' !== typeof exports ? module.exports : window )); |
|||
(function(exports) { |
|||
var Enc = (exports.Enc = {}); |
|||
|
|||
Enc.bufToBin = function(buf) { |
|||
var bin = ''; |
|||
// cannot use .map() because Uint8Array would return only 0s
|
|||
buf.forEach(function(ch) { |
|||
bin += String.fromCharCode(ch); |
|||
}); |
|||
return bin; |
|||
}; |
|||
|
|||
Enc.bufToHex = function toHex(u8) { |
|||
var hex = []; |
|||
var i, h; |
|||
var len = u8.byteLength || u8.length; |
|||
|
|||
for (i = 0; i < len; i += 1) { |
|||
h = u8[i].toString(16); |
|||
if (h.length % 2) { |
|||
h = '0' + h; |
|||
} |
|||
hex.push(h); |
|||
} |
|||
|
|||
return hex.join('').toLowerCase(); |
|||
}; |
|||
|
|||
Enc.urlBase64ToBase64 = function urlsafeBase64ToBase64(str) { |
|||
var r = str % 4; |
|||
if (2 === r) { |
|||
str += '=='; |
|||
} else if (3 === r) { |
|||
str += '='; |
|||
} |
|||
return str.replace(/-/g, '+').replace(/_/g, '/'); |
|||
}; |
|||
|
|||
Enc.base64ToBuf = function(b64) { |
|||
return Enc.binToBuf(atob(b64)); |
|||
}; |
|||
Enc.binToBuf = function(bin) { |
|||
var arr = bin.split('').map(function(ch) { |
|||
return ch.charCodeAt(0); |
|||
}); |
|||
return 'undefined' !== typeof Uint8Array ? new Uint8Array(arr) : arr; |
|||
}; |
|||
Enc.bufToHex = function(u8) { |
|||
var hex = []; |
|||
var i, h; |
|||
var len = u8.byteLength || u8.length; |
|||
|
|||
for (i = 0; i < len; i += 1) { |
|||
h = u8[i].toString(16); |
|||
if (h.length % 2) { |
|||
h = '0' + h; |
|||
} |
|||
hex.push(h); |
|||
} |
|||
|
|||
return hex.join('').toLowerCase(); |
|||
}; |
|||
Enc.numToHex = function(d) { |
|||
d = d.toString(16); |
|||
if (d.length % 2) { |
|||
return '0' + d; |
|||
} |
|||
return d; |
|||
}; |
|||
|
|||
Enc.bufToUrlBase64 = function(u8) { |
|||
return Enc.base64ToUrlBase64(Enc.bufToBase64(u8)); |
|||
}; |
|||
|
|||
Enc.base64ToUrlBase64 = function(str) { |
|||
return str |
|||
.replace(/\+/g, '-') |
|||
.replace(/\//g, '_') |
|||
.replace(/=/g, ''); |
|||
}; |
|||
|
|||
Enc.bufToBase64 = function(u8) { |
|||
var bin = ''; |
|||
u8.forEach(function(i) { |
|||
bin += String.fromCharCode(i); |
|||
}); |
|||
return btoa(bin); |
|||
}; |
|||
|
|||
Enc.hexToBuf = function(hex) { |
|||
var arr = []; |
|||
hex.match(/.{2}/g).forEach(function(h) { |
|||
arr.push(parseInt(h, 16)); |
|||
}); |
|||
return 'undefined' !== typeof Uint8Array ? new Uint8Array(arr) : arr; |
|||
}; |
|||
|
|||
Enc.numToHex = function(d) { |
|||
d = d.toString(16); |
|||
if (d.length % 2) { |
|||
return '0' + d; |
|||
} |
|||
return d; |
|||
}; |
|||
|
|||
//
|
|||
// JWK to SSH (tested working)
|
|||
//
|
|||
Enc.base64ToHex = function(b64) { |
|||
var bin = atob(Enc.urlBase64ToBase64(b64)); |
|||
return Enc.binToHex(bin); |
|||
}; |
|||
|
|||
Enc.binToHex = function(bin) { |
|||
return bin |
|||
.split('') |
|||
.map(function(ch) { |
|||
var h = ch.charCodeAt(0).toString(16); |
|||
if (h.length % 2) { |
|||
h = '0' + h; |
|||
} |
|||
return h; |
|||
}) |
|||
.join(''); |
|||
}; |
|||
// TODO are there any nuance differences here?
|
|||
Enc.utf8ToHex = Enc.binToHex; |
|||
|
|||
Enc.hexToBase64 = function(hex) { |
|||
return btoa(Enc.hexToBin(hex)); |
|||
}; |
|||
|
|||
Enc.hexToBin = function(hex) { |
|||
return hex |
|||
.match(/.{2}/g) |
|||
.map(function(h) { |
|||
return String.fromCharCode(parseInt(h, 16)); |
|||
}) |
|||
.join(''); |
|||
}; |
|||
|
|||
Enc.urlBase64ToBase64 = function urlsafeBase64ToBase64(str) { |
|||
var r = str % 4; |
|||
if (2 === r) { |
|||
str += '=='; |
|||
} else if (3 === r) { |
|||
str += '='; |
|||
} |
|||
return str.replace(/-/g, '+').replace(/_/g, '/'); |
|||
}; |
|||
})('undefined' !== typeof exports ? module.exports : window); |
|||
|
@ -1,348 +1,432 @@ |
|||
/*global Promise*/ |
|||
(function (exports) { |
|||
'use strict'; |
|||
|
|||
var Keypairs = exports.Keypairs = {}; |
|||
var Rasha = exports.Rasha; |
|||
var Eckles = exports.Eckles; |
|||
var Enc = exports.Enc || {}; |
|||
|
|||
Keypairs._stance = "We take the stance that if you're knowledgeable enough to" |
|||
+ " properly and securely use non-standard crypto then you shouldn't need Bluecrypt anyway."; |
|||
Keypairs._universal = "Bluecrypt only supports crypto with standard cross-browser and cross-platform support."; |
|||
Keypairs.generate = function (opts) { |
|||
opts = opts || {}; |
|||
var p; |
|||
if (!opts.kty) { opts.kty = opts.type; } |
|||
if (!opts.kty) { opts.kty = 'EC'; } |
|||
if (/^EC/i.test(opts.kty)) { |
|||
p = Eckles.generate(opts); |
|||
} else if (/^RSA$/i.test(opts.kty)) { |
|||
p = Rasha.generate(opts); |
|||
} else { |
|||
return Promise.Reject(new Error("'" + opts.kty + "' is not a well-supported key type." |
|||
+ Keypairs._universal |
|||
+ " Please choose 'EC', or 'RSA' if you have good reason to.")); |
|||
} |
|||
return p.then(function (pair) { |
|||
return Keypairs.thumbprint({ jwk: pair.public }).then(function (thumb) { |
|||
pair.private.kid = thumb; // maybe not the same id on the private key?
|
|||
pair.public.kid = thumb; |
|||
return pair; |
|||
}); |
|||
}); |
|||
}; |
|||
|
|||
Keypairs.export = function (opts) { |
|||
return Eckles.export(opts).catch(function (err) { |
|||
return Rasha.export(opts).catch(function () { |
|||
return Promise.reject(err); |
|||
}); |
|||
}); |
|||
}; |
|||
|
|||
|
|||
/** |
|||
* Chopping off the private parts is now part of the public API. |
|||
* I thought it sounded a little too crude at first, but it really is the best name in every possible way. |
|||
*/ |
|||
Keypairs.neuter = function (opts) { |
|||
/** trying to find the best balance of an immutable copy with custom attributes */ |
|||
var jwk = {}; |
|||
Object.keys(opts.jwk).forEach(function (k) { |
|||
if ('undefined' === typeof opts.jwk[k]) { return; } |
|||
// ignore RSA and EC private parts
|
|||
if (-1 !== ['d', 'p', 'q', 'dp', 'dq', 'qi'].indexOf(k)) { return; } |
|||
jwk[k] = JSON.parse(JSON.stringify(opts.jwk[k])); |
|||
}); |
|||
return jwk; |
|||
}; |
|||
|
|||
Keypairs.thumbprint = function (opts) { |
|||
return Promise.resolve().then(function () { |
|||
if (/EC/i.test(opts.jwk.kty)) { |
|||
return Eckles.thumbprint(opts); |
|||
} else { |
|||
return Rasha.thumbprint(opts); |
|||
} |
|||
}); |
|||
}; |
|||
|
|||
Keypairs.publish = function (opts) { |
|||
if ('object' !== typeof opts.jwk || !opts.jwk.kty) { throw new Error("invalid jwk: " + JSON.stringify(opts.jwk)); } |
|||
|
|||
/** returns a copy */ |
|||
var jwk = Keypairs.neuter(opts); |
|||
|
|||
if (jwk.exp) { |
|||
jwk.exp = setTime(jwk.exp); |
|||
} else { |
|||
if (opts.exp) { jwk.exp = setTime(opts.exp); } |
|||
else if (opts.expiresIn) { jwk.exp = Math.round(Date.now()/1000) + opts.expiresIn; } |
|||
else if (opts.expiresAt) { jwk.exp = opts.expiresAt; } |
|||
} |
|||
if (!jwk.use && false !== jwk.use) { jwk.use = "sig"; } |
|||
|
|||
if (jwk.kid) { return Promise.resolve(jwk); } |
|||
return Keypairs.thumbprint({ jwk: jwk }).then(function (thumb) { jwk.kid = thumb; return jwk; }); |
|||
}; |
|||
|
|||
// JWT a.k.a. JWS with Claims using Compact Serialization
|
|||
Keypairs.signJwt = function (opts) { |
|||
return Keypairs.thumbprint({ jwk: opts.jwk }).then(function (thumb) { |
|||
var header = opts.header || {}; |
|||
var claims = JSON.parse(JSON.stringify(opts.claims || {})); |
|||
header.typ = 'JWT'; |
|||
|
|||
if (!header.kid) { header.kid = thumb; } |
|||
if (!header.alg && opts.alg) { header.alg = opts.alg; } |
|||
if (!claims.iat && (false === claims.iat || false === opts.iat)) { |
|||
claims.iat = undefined; |
|||
} else if (!claims.iat) { |
|||
claims.iat = Math.round(Date.now()/1000); |
|||
} |
|||
|
|||
if (opts.exp) { |
|||
claims.exp = setTime(opts.exp); |
|||
} else if (!claims.exp && (false === claims.exp || false === opts.exp)) { |
|||
claims.exp = undefined; |
|||
} else if (!claims.exp) { |
|||
throw new Error("opts.claims.exp should be the expiration date as seconds, human form (i.e. '1h' or '15m') or false"); |
|||
} |
|||
|
|||
if (opts.iss) { claims.iss = opts.iss; } |
|||
if (!claims.iss && (false === claims.iss || false === opts.iss)) { |
|||
claims.iss = undefined; |
|||
} else if (!claims.iss) { |
|||
throw new Error("opts.claims.iss should be in the form of https://example.com/, a secure OIDC base url"); |
|||
} |
|||
|
|||
return Keypairs.signJws({ |
|||
jwk: opts.jwk |
|||
, pem: opts.pem |
|||
, protected: header |
|||
, header: undefined |
|||
, payload: claims |
|||
}).then(function (jws) { |
|||
return [ jws.protected, jws.payload, jws.signature ].join('.'); |
|||
}); |
|||
}); |
|||
}; |
|||
|
|||
Keypairs.signJws = function (opts) { |
|||
return Keypairs.thumbprint(opts).then(function (thumb) { |
|||
|
|||
function alg() { |
|||
if (!opts.jwk) { |
|||
throw new Error("opts.jwk must exist and must declare 'typ'"); |
|||
} |
|||
if (opts.jwk.alg) { return opts.jwk.alg; } |
|||
var typ = ('RSA' === opts.jwk.kty) ? "RS" : "ES"; |
|||
return typ + Keypairs._getBits(opts); |
|||
} |
|||
|
|||
function sign() { |
|||
var protect = opts.protected; |
|||
var payload = opts.payload; |
|||
|
|||
// Compute JWS signature
|
|||
var protectedHeader = ""; |
|||
// Because unprotected headers are allowed, regrettably...
|
|||
// https://stackoverflow.com/a/46288694
|
|||
if (false !== protect) { |
|||
if (!protect) { protect = {}; } |
|||
if (!protect.alg) { protect.alg = alg(); } |
|||
// There's a particular request where ACME / Let's Encrypt explicitly doesn't use a kid
|
|||
if (false === protect.kid) { protect.kid = undefined; } |
|||
else if (!protect.kid) { protect.kid = thumb; } |
|||
protectedHeader = JSON.stringify(protect); |
|||
} |
|||
|
|||
// Not sure how to handle the empty case since ACME POST-as-GET must be empty
|
|||
//if (!payload) {
|
|||
// throw new Error("opts.payload should be JSON, string, or ArrayBuffer (it may be empty, but that must be explicit)");
|
|||
//}
|
|||
// Trying to detect if it's a plain object (not Buffer, ArrayBuffer, Array, Uint8Array, etc)
|
|||
if (payload && ('string' !== typeof payload) |
|||
&& ('undefined' === typeof payload.byteLength) |
|||
&& ('undefined' === typeof payload.buffer) |
|||
) { |
|||
payload = JSON.stringify(payload); |
|||
} |
|||
// Converting to a buffer, even if it was just converted to a string
|
|||
if ('string' === typeof payload) { |
|||
payload = Enc.binToBuf(payload); |
|||
} |
|||
|
|||
// node specifies RSA-SHAxxx even when it's actually ecdsa (it's all encoded x509 shasums anyway)
|
|||
var protected64 = Enc.strToUrlBase64(protectedHeader); |
|||
var payload64 = Enc.bufToUrlBase64(payload); |
|||
var msg = protected64 + '.' + payload64; |
|||
|
|||
return Keypairs._sign(opts, msg).then(function (buf) { |
|||
var signedMsg = { |
|||
protected: protected64 |
|||
, payload: payload64 |
|||
, signature: Enc.bufToUrlBase64(buf) |
|||
}; |
|||
|
|||
return signedMsg; |
|||
}); |
|||
} |
|||
|
|||
if (opts.jwk) { |
|||
return sign(); |
|||
} else { |
|||
return Keypairs.import({ pem: opts.pem }).then(function (pair) { |
|||
opts.jwk = pair.private; |
|||
return sign(); |
|||
}); |
|||
} |
|||
}); |
|||
}; |
|||
|
|||
Keypairs._sign = function (opts, payload) { |
|||
return Keypairs._import(opts).then(function (privkey) { |
|||
if ('string' === typeof payload) { |
|||
payload = (new TextEncoder()).encode(payload); |
|||
} |
|||
return window.crypto.subtle.sign( |
|||
{ name: Keypairs._getName(opts) |
|||
, hash: { name: 'SHA-' + Keypairs._getBits(opts) } |
|||
} |
|||
, privkey |
|||
, payload |
|||
).then(function (signature) { |
|||
signature = new Uint8Array(signature); // ArrayBuffer -> u8
|
|||
// This will come back into play for CSRs, but not for JOSE
|
|||
if ('EC' === opts.jwk.kty && /x509|asn1/i.test(opts.format)) { |
|||
return Keypairs._ecdsaJoseSigToAsn1Sig(signature); |
|||
} else { |
|||
// jose/jws/jwt
|
|||
return signature; |
|||
} |
|||
}); |
|||
}); |
|||
}; |
|||
Keypairs._getBits = function (opts) { |
|||
if (opts.alg) { return opts.alg.replace(/[a-z\-]/ig, ''); } |
|||
// base64 len to byte len
|
|||
var len = Math.floor((opts.jwk.n||'').length * 0.75); |
|||
|
|||
// TODO this may be a bug
|
|||
// need to confirm that the padding is no more or less than 1 byte
|
|||
if (/521/.test(opts.jwk.crv) || len >= 511) { |
|||
return '512'; |
|||
} else if (/384/.test(opts.jwk.crv) || len >= 383) { |
|||
return '384'; |
|||
} |
|||
|
|||
return '256'; |
|||
}; |
|||
Keypairs._getName = function (opts) { |
|||
if (/EC/i.test(opts.jwk.kty)) { |
|||
return 'ECDSA'; |
|||
} else { |
|||
return 'RSASSA-PKCS1-v1_5'; |
|||
} |
|||
}; |
|||
Keypairs._import = function (opts) { |
|||
return Promise.resolve().then(function () { |
|||
var ops; |
|||
// all private keys just happen to have a 'd'
|
|||
if (opts.jwk.d) { |
|||
ops = [ 'sign' ]; |
|||
} else { |
|||
ops = [ 'verify' ]; |
|||
} |
|||
// gotta mark it as extractable, as if it matters
|
|||
opts.jwk.ext = true; |
|||
opts.jwk.key_ops = ops; |
|||
|
|||
return window.crypto.subtle.importKey( |
|||
"jwk" |
|||
, opts.jwk |
|||
, { name: Keypairs._getName(opts) |
|||
, namedCurve: opts.jwk.crv |
|||
, hash: { name: 'SHA-' + Keypairs._getBits(opts) } } |
|||
, true |
|||
, ops |
|||
).then(function (privkey) { |
|||
delete opts.jwk.ext; |
|||
return privkey; |
|||
}); |
|||
}); |
|||
}; |
|||
// ECDSA JOSE / JWS / JWT signatures differ from "normal" ASN1/X509 ECDSA signatures
|
|||
// https://tools.ietf.org/html/rfc7518#section-3.4
|
|||
Keypairs._ecdsaJoseSigToAsn1Sig = function (bufsig) { |
|||
// it's easier to do the manipulation in the browser with an array
|
|||
bufsig = Array.from(bufsig); |
|||
var hlen = bufsig.length / 2; // should be even
|
|||
var r = bufsig.slice(0, hlen); |
|||
var s = bufsig.slice(hlen); |
|||
// unpad positive ints less than 32 bytes wide
|
|||
while (!r[0]) { r = r.slice(1); } |
|||
while (!s[0]) { s = s.slice(1); } |
|||
// pad (or re-pad) ambiguously non-negative BigInts, up to 33 bytes wide
|
|||
if (0x80 & r[0]) { r.unshift(0); } |
|||
if (0x80 & s[0]) { s.unshift(0); } |
|||
|
|||
var len = 2 + r.length + 2 + s.length; |
|||
var head = [0x30]; |
|||
// hard code 0x80 + 1 because it won't be longer than
|
|||
// two SHA512 plus two pad bytes (130 bytes <= 256)
|
|||
if (len >= 0x80) { head.push(0x81); } |
|||
head.push(len); |
|||
|
|||
return Uint8Array.from(head.concat([0x02, r.length], r, [0x02, s.length], s)); |
|||
}; |
|||
|
|||
function setTime(time) { |
|||
if ('number' === typeof time) { return time; } |
|||
|
|||
var t = time.match(/^(\-?\d+)([dhms])$/i); |
|||
if (!t || !t[0]) { |
|||
throw new Error("'" + time + "' should be datetime in seconds or human-readable format (i.e. 3d, 1h, 15m, 30s"); |
|||
} |
|||
|
|||
var now = Math.round(Date.now()/1000); |
|||
var num = parseInt(t[1], 10); |
|||
var unit = t[2]; |
|||
var mult = 1; |
|||
switch(unit) { |
|||
// fancy fallthrough, what fun!
|
|||
case 'd': |
|||
mult *= 24; |
|||
/*falls through*/ |
|||
case 'h': |
|||
mult *= 60; |
|||
/*falls through*/ |
|||
case 'm': |
|||
mult *= 60; |
|||
/*falls through*/ |
|||
case 's': |
|||
mult *= 1; |
|||
} |
|||
|
|||
return now + (mult * num); |
|||
} |
|||
|
|||
Enc.hexToBuf = function (hex) { |
|||
var arr = []; |
|||
hex.match(/.{2}/g).forEach(function (h) { |
|||
arr.push(parseInt(h, 16)); |
|||
}); |
|||
return 'undefined' !== typeof Uint8Array ? new Uint8Array(arr) : arr; |
|||
}; |
|||
Enc.strToUrlBase64 = function (str) { |
|||
return Enc.bufToUrlBase64(Enc.binToBuf(str)); |
|||
}; |
|||
Enc.binToBuf = function (bin) { |
|||
var arr = bin.split('').map(function (ch) { |
|||
return ch.charCodeAt(0); |
|||
}); |
|||
return 'undefined' !== typeof Uint8Array ? new Uint8Array(arr) : arr; |
|||
}; |
|||
|
|||
}('undefined' !== typeof module ? module.exports : window)); |
|||
(function(exports) { |
|||
'use strict'; |
|||
|
|||
var Keypairs = (exports.Keypairs = {}); |
|||
var Rasha = exports.Rasha; |
|||
var Eckles = exports.Eckles; |
|||
var Enc = exports.Enc || {}; |
|||
|
|||
Keypairs._stance = |
|||
"We take the stance that if you're knowledgeable enough to" + |
|||
" properly and securely use non-standard crypto then you shouldn't need Bluecrypt anyway."; |
|||
Keypairs._universal = |
|||
'Bluecrypt only supports crypto with standard cross-browser and cross-platform support.'; |
|||
Keypairs.generate = function(opts) { |
|||
opts = opts || {}; |
|||
var p; |
|||
if (!opts.kty) { |
|||
opts.kty = opts.type; |
|||
} |
|||
if (!opts.kty) { |
|||
opts.kty = 'EC'; |
|||
} |
|||
if (/^EC/i.test(opts.kty)) { |
|||
p = Eckles.generate(opts); |
|||
} else if (/^RSA$/i.test(opts.kty)) { |
|||
p = Rasha.generate(opts); |
|||
} else { |
|||
return Promise.Reject( |
|||
new Error( |
|||
"'" + |
|||
opts.kty + |
|||
"' is not a well-supported key type." + |
|||
Keypairs._universal + |
|||
" Please choose 'EC', or 'RSA' if you have good reason to." |
|||
) |
|||
); |
|||
} |
|||
return p.then(function(pair) { |
|||
return Keypairs.thumbprint({ jwk: pair.public }).then(function( |
|||
thumb |
|||
) { |
|||
pair.private.kid = thumb; // maybe not the same id on the private key?
|
|||
pair.public.kid = thumb; |
|||
return pair; |
|||
}); |
|||
}); |
|||
}; |
|||
|
|||
Keypairs.export = function(opts) { |
|||
return Eckles.export(opts).catch(function(err) { |
|||
return Rasha.export(opts).catch(function() { |
|||
return Promise.reject(err); |
|||
}); |
|||
}); |
|||
}; |
|||
|
|||
/** |
|||
* Chopping off the private parts is now part of the public API. |
|||
* I thought it sounded a little too crude at first, but it really is the best name in every possible way. |
|||
*/ |
|||
Keypairs.neuter = function(opts) { |
|||
/** trying to find the best balance of an immutable copy with custom attributes */ |
|||
var jwk = {}; |
|||
Object.keys(opts.jwk).forEach(function(k) { |
|||
if ('undefined' === typeof opts.jwk[k]) { |
|||
return; |
|||
} |
|||
// ignore RSA and EC private parts
|
|||
if (-1 !== ['d', 'p', 'q', 'dp', 'dq', 'qi'].indexOf(k)) { |
|||
return; |
|||
} |
|||
jwk[k] = JSON.parse(JSON.stringify(opts.jwk[k])); |
|||
}); |
|||
return jwk; |
|||
}; |
|||
|
|||
Keypairs.thumbprint = function(opts) { |
|||
return Promise.resolve().then(function() { |
|||
if (/EC/i.test(opts.jwk.kty)) { |
|||
return Eckles.thumbprint(opts); |
|||
} else { |
|||
return Rasha.thumbprint(opts); |
|||
} |
|||
}); |
|||
}; |
|||
|
|||
Keypairs.publish = function(opts) { |
|||
if ('object' !== typeof opts.jwk || !opts.jwk.kty) { |
|||
throw new Error('invalid jwk: ' + JSON.stringify(opts.jwk)); |
|||
} |
|||
|
|||
/** returns a copy */ |
|||
var jwk = Keypairs.neuter(opts); |
|||
|
|||
if (jwk.exp) { |
|||
jwk.exp = setTime(jwk.exp); |
|||
} else { |
|||
if (opts.exp) { |
|||
jwk.exp = setTime(opts.exp); |
|||
} else if (opts.expiresIn) { |
|||
jwk.exp = Math.round(Date.now() / 1000) + opts.expiresIn; |
|||
} else if (opts.expiresAt) { |
|||
jwk.exp = opts.expiresAt; |
|||
} |
|||
} |
|||
if (!jwk.use && false !== jwk.use) { |
|||
jwk.use = 'sig'; |
|||
} |
|||
|
|||
if (jwk.kid) { |
|||
return Promise.resolve(jwk); |
|||
} |
|||
return Keypairs.thumbprint({ jwk: jwk }).then(function(thumb) { |
|||
jwk.kid = thumb; |
|||
return jwk; |
|||
}); |
|||
}; |
|||
|
|||
// JWT a.k.a. JWS with Claims using Compact Serialization
|
|||
Keypairs.signJwt = function(opts) { |
|||
return Keypairs.thumbprint({ jwk: opts.jwk }).then(function(thumb) { |
|||
var header = opts.header || {}; |
|||
var claims = JSON.parse(JSON.stringify(opts.claims || {})); |
|||
header.typ = 'JWT'; |
|||
|
|||
if (!header.kid) { |
|||
header.kid = thumb; |
|||
} |
|||
if (!header.alg && opts.alg) { |
|||
header.alg = opts.alg; |
|||
} |
|||
if (!claims.iat && (false === claims.iat || false === opts.iat)) { |
|||
claims.iat = undefined; |
|||
} else if (!claims.iat) { |
|||
claims.iat = Math.round(Date.now() / 1000); |
|||
} |
|||
|
|||
if (opts.exp) { |
|||
claims.exp = setTime(opts.exp); |
|||
} else if ( |
|||
!claims.exp && |
|||
(false === claims.exp || false === opts.exp) |
|||
) { |
|||
claims.exp = undefined; |
|||
} else if (!claims.exp) { |
|||
throw new Error( |
|||
"opts.claims.exp should be the expiration date as seconds, human form (i.e. '1h' or '15m') or false" |
|||
); |
|||
} |
|||
|
|||
if (opts.iss) { |
|||
claims.iss = opts.iss; |
|||
} |
|||
if (!claims.iss && (false === claims.iss || false === opts.iss)) { |
|||
claims.iss = undefined; |
|||
} else if (!claims.iss) { |
|||
throw new Error( |
|||
'opts.claims.iss should be in the form of https://example.com/, a secure OIDC base url' |
|||
); |
|||
} |
|||
|
|||
return Keypairs.signJws({ |
|||
jwk: opts.jwk, |
|||
pem: opts.pem, |
|||
protected: header, |
|||
header: undefined, |
|||
payload: claims |
|||
}).then(function(jws) { |
|||
return [jws.protected, jws.payload, jws.signature].join('.'); |
|||
}); |
|||
}); |
|||
}; |
|||
|
|||
Keypairs.signJws = function(opts) { |
|||
return Keypairs.thumbprint(opts).then(function(thumb) { |
|||
function alg() { |
|||
if (!opts.jwk) { |
|||
throw new Error( |
|||
"opts.jwk must exist and must declare 'typ'" |
|||
); |
|||
} |
|||
if (opts.jwk.alg) { |
|||
return opts.jwk.alg; |
|||
} |
|||
var typ = 'RSA' === opts.jwk.kty ? 'RS' : 'ES'; |
|||
return typ + Keypairs._getBits(opts); |
|||
} |
|||
|
|||
function sign() { |
|||
var protect = opts.protected; |
|||
var payload = opts.payload; |
|||
|
|||
// Compute JWS signature
|
|||
var protectedHeader = ''; |
|||
// Because unprotected headers are allowed, regrettably...
|
|||
// https://stackoverflow.com/a/46288694
|
|||
if (false !== protect) { |
|||
if (!protect) { |
|||
protect = {}; |
|||
} |
|||
if (!protect.alg) { |
|||
protect.alg = alg(); |
|||
} |
|||
// There's a particular request where ACME / Let's Encrypt explicitly doesn't use a kid
|
|||
if (false === protect.kid) { |
|||
protect.kid = undefined; |
|||
} else if (!protect.kid) { |
|||
protect.kid = thumb; |
|||
} |
|||
protectedHeader = JSON.stringify(protect); |
|||
} |
|||
|
|||
// Not sure how to handle the empty case since ACME POST-as-GET must be empty
|
|||
//if (!payload) {
|
|||
// throw new Error("opts.payload should be JSON, string, or ArrayBuffer (it may be empty, but that must be explicit)");
|
|||
//}
|
|||
// Trying to detect if it's a plain object (not Buffer, ArrayBuffer, Array, Uint8Array, etc)
|
|||
if ( |
|||
payload && |
|||
'string' !== typeof payload && |
|||
'undefined' === typeof payload.byteLength && |
|||
'undefined' === typeof payload.buffer |
|||
) { |
|||
payload = JSON.stringify(payload); |
|||
} |
|||
// Converting to a buffer, even if it was just converted to a string
|
|||
if ('string' === typeof payload) { |
|||
payload = Enc.binToBuf(payload); |
|||
} |
|||
|
|||
// node specifies RSA-SHAxxx even when it's actually ecdsa (it's all encoded x509 shasums anyway)
|
|||
var protected64 = Enc.strToUrlBase64(protectedHeader); |
|||
var payload64 = Enc.bufToUrlBase64(payload); |
|||
var msg = protected64 + '.' + payload64; |
|||
|
|||
return Keypairs._sign(opts, msg).then(function(buf) { |
|||
var signedMsg = { |
|||
protected: protected64, |
|||
payload: payload64, |
|||
signature: Enc.bufToUrlBase64(buf) |
|||
}; |
|||
|
|||
return signedMsg; |
|||
}); |
|||
} |
|||
|
|||
if (opts.jwk) { |
|||
return sign(); |
|||
} else { |
|||
return Keypairs.import({ pem: opts.pem }).then(function(pair) { |
|||
opts.jwk = pair.private; |
|||
return sign(); |
|||
}); |
|||
} |
|||
}); |
|||
}; |
|||
|
|||
Keypairs._sign = function(opts, payload) { |
|||
return Keypairs._import(opts).then(function(privkey) { |
|||
if ('string' === typeof payload) { |
|||
payload = new TextEncoder().encode(payload); |
|||
} |
|||
return window.crypto.subtle |
|||
.sign( |
|||
{ |
|||
name: Keypairs._getName(opts), |
|||
hash: { name: 'SHA-' + Keypairs._getBits(opts) } |
|||
}, |
|||
privkey, |
|||
payload |
|||
) |
|||
.then(function(signature) { |
|||
signature = new Uint8Array(signature); // ArrayBuffer -> u8
|
|||
// This will come back into play for CSRs, but not for JOSE
|
|||
if ( |
|||
'EC' === opts.jwk.kty && |
|||
/x509|asn1/i.test(opts.format) |
|||
) { |
|||
return Keypairs._ecdsaJoseSigToAsn1Sig(signature); |
|||
} else { |
|||
// jose/jws/jwt
|
|||
return signature; |
|||
} |
|||
}); |
|||
}); |
|||
}; |
|||
Keypairs._getBits = function(opts) { |
|||
if (opts.alg) { |
|||
return opts.alg.replace(/[a-z\-]/gi, ''); |
|||
} |
|||
// base64 len to byte len
|
|||
var len = Math.floor((opts.jwk.n || '').length * 0.75); |
|||
|
|||
// TODO this may be a bug
|
|||
// need to confirm that the padding is no more or less than 1 byte
|
|||
if (/521/.test(opts.jwk.crv) || len >= 511) { |
|||
return '512'; |
|||
} else if (/384/.test(opts.jwk.crv) || len >= 383) { |
|||
return '384'; |
|||
} |
|||
|
|||
return '256'; |
|||
}; |
|||
Keypairs._getName = function(opts) { |
|||
if (/EC/i.test(opts.jwk.kty)) { |
|||
return 'ECDSA'; |
|||
} else { |
|||
return 'RSASSA-PKCS1-v1_5'; |
|||
} |
|||
}; |
|||
Keypairs._import = function(opts) { |
|||
return Promise.resolve().then(function() { |
|||
var ops; |
|||
// all private keys just happen to have a 'd'
|
|||
if (opts.jwk.d) { |
|||
ops = ['sign']; |
|||
} else { |
|||
ops = ['verify']; |
|||
} |
|||
// gotta mark it as extractable, as if it matters
|
|||
opts.jwk.ext = true; |
|||
opts.jwk.key_ops = ops; |
|||
|
|||
return window.crypto.subtle |
|||
.importKey( |
|||
'jwk', |
|||
opts.jwk, |
|||
{ |
|||
name: Keypairs._getName(opts), |
|||
namedCurve: opts.jwk.crv, |
|||
hash: { name: 'SHA-' + Keypairs._getBits(opts) } |
|||
}, |
|||
true, |
|||
ops |
|||
) |
|||
.then(function(privkey) { |
|||
delete opts.jwk.ext; |
|||
return privkey; |
|||
}); |
|||
}); |
|||
}; |
|||
// ECDSA JOSE / JWS / JWT signatures differ from "normal" ASN1/X509 ECDSA signatures
|
|||
// https://tools.ietf.org/html/rfc7518#section-3.4
|
|||
Keypairs._ecdsaJoseSigToAsn1Sig = function(bufsig) { |
|||
// it's easier to do the manipulation in the browser with an array
|
|||
bufsig = Array.from(bufsig); |
|||
var hlen = bufsig.length / 2; // should be even
|
|||
var r = bufsig.slice(0, hlen); |
|||
var s = bufsig.slice(hlen); |
|||
// unpad positive ints less than 32 bytes wide
|
|||
while (!r[0]) { |
|||
r = r.slice(1); |
|||
} |
|||
while (!s[0]) { |
|||
s = s.slice(1); |
|||
} |
|||
// pad (or re-pad) ambiguously non-negative BigInts, up to 33 bytes wide
|
|||
if (0x80 & r[0]) { |
|||
r.unshift(0); |
|||
} |
|||
if (0x80 & s[0]) { |
|||
s.unshift(0); |
|||
} |
|||
|
|||
var len = 2 + r.length + 2 + s.length; |
|||
var head = [0x30]; |
|||
// hard code 0x80 + 1 because it won't be longer than
|
|||
// two SHA512 plus two pad bytes (130 bytes <= 256)
|
|||
if (len >= 0x80) { |
|||
head.push(0x81); |
|||
} |
|||
head.push(len); |
|||
|
|||
return Uint8Array.from( |
|||
head.concat([0x02, r.length], r, [0x02, s.length], s) |
|||
); |
|||
}; |
|||
|
|||
function setTime(time) { |
|||
if ('number' === typeof time) { |
|||
return time; |
|||
} |
|||
|
|||
var t = time.match(/^(\-?\d+)([dhms])$/i); |
|||
if (!t || !t[0]) { |
|||
throw new Error( |
|||
"'" + |
|||
time + |
|||
"' should be datetime in seconds or human-readable format (i.e. 3d, 1h, 15m, 30s" |
|||
); |
|||
} |
|||
|
|||
var now = Math.round(Date.now() / 1000); |
|||
var num = parseInt(t[1], 10); |
|||
var unit = t[2]; |
|||
var mult = 1; |
|||
switch (unit) { |
|||
// fancy fallthrough, what fun!
|
|||
case 'd': |
|||
mult *= 24; |
|||
/*falls through*/ |
|||
case 'h': |
|||
mult *= 60; |
|||
/*falls through*/ |
|||
case 'm': |
|||
mult *= 60; |
|||
/*falls through*/ |
|||
case 's': |
|||
mult *= 1; |
|||
} |
|||
|
|||
return now + mult * num; |
|||
} |
|||
|
|||
Enc.hexToBuf = function(hex) { |
|||
var arr = []; |
|||
hex.match(/.{2}/g).forEach(function(h) { |
|||
arr.push(parseInt(h, 16)); |
|||
}); |
|||
return 'undefined' !== typeof Uint8Array ? new Uint8Array(arr) : arr; |
|||
}; |
|||
Enc.strToUrlBase64 = function(str) { |
|||
return Enc.bufToUrlBase64(Enc.binToBuf(str)); |
|||
}; |
|||
Enc.binToBuf = function(bin) { |
|||
var arr = bin.split('').map(function(ch) { |
|||
return ch.charCodeAt(0); |
|||
}); |
|||
return 'undefined' !== typeof Uint8Array ? new Uint8Array(arr) : arr; |
|||
}; |
|||
})('undefined' !== typeof module ? module.exports : window); |
|||
|
@ -1,187 +1,235 @@ |
|||
/*global Promise*/ |
|||
(function (exports) { |
|||
'use strict'; |
|||
(function(exports) { |
|||
'use strict'; |
|||
|
|||
var RSA = exports.Rasha = {}; |
|||
var x509 = exports.x509; |
|||
if ('undefined' !== typeof module) { module.exports = RSA; } |
|||
var PEM = exports.PEM; |
|||
var SSH = exports.SSH; |
|||
var Enc = {}; |
|||
var textEncoder = new TextEncoder(); |
|||
var RSA = (exports.Rasha = {}); |
|||
var x509 = exports.x509; |
|||
if ('undefined' !== typeof module) { |
|||
module.exports = RSA; |
|||
} |
|||
var PEM = exports.PEM; |
|||
var SSH = exports.SSH; |
|||
var Enc = {}; |
|||
var textEncoder = new TextEncoder(); |
|||
|
|||
RSA._stance = "We take the stance that if you're knowledgeable enough to" |
|||
+ " properly and securely use non-standard crypto then you shouldn't need Bluecrypt anyway."; |
|||
RSA._universal = "Bluecrypt only supports crypto with standard cross-browser and cross-platform support."; |
|||
RSA.generate = function (opts) { |
|||
var wcOpts = {}; |
|||
if (!opts) { opts = {}; } |
|||
if (!opts.kty) { opts.kty = 'RSA'; } |
|||
RSA._stance = |
|||
"We take the stance that if you're knowledgeable enough to" + |
|||
" properly and securely use non-standard crypto then you shouldn't need Bluecrypt anyway."; |
|||
RSA._universal = |
|||
'Bluecrypt only supports crypto with standard cross-browser and cross-platform support.'; |
|||
RSA.generate = function(opts) { |
|||
var wcOpts = {}; |
|||
if (!opts) { |
|||
opts = {}; |
|||
} |
|||
if (!opts.kty) { |
|||
opts.kty = 'RSA'; |
|||
} |
|||
|
|||
// Support PSS? I don't think it's used for Let's Encrypt
|
|||
wcOpts.name = 'RSASSA-PKCS1-v1_5'; |
|||
if (!opts.modulusLength) { |
|||
opts.modulusLength = 2048; |
|||
} |
|||
wcOpts.modulusLength = opts.modulusLength; |
|||
if (wcOpts.modulusLength >= 2048 && wcOpts.modulusLength < 3072) { |
|||
// erring on the small side... for no good reason
|
|||
wcOpts.hash = { name: "SHA-256" }; |
|||
} else if (wcOpts.modulusLength >= 3072 && wcOpts.modulusLength < 4096) { |
|||
wcOpts.hash = { name: "SHA-384" }; |
|||
} else if (wcOpts.modulusLength < 4097) { |
|||
wcOpts.hash = { name: "SHA-512" }; |
|||
} else { |
|||
// Public key thumbprints should be paired with a hash of similar length,
|
|||
// so anything above SHA-512's keyspace would be left under-represented anyway.
|
|||
return Promise.Reject(new Error("'" + wcOpts.modulusLength + "' is not within the safe and universally" |
|||
+ " acceptable range of 2048-4096. Typically you should pick 2048, 3072, or 4096, though other values" |
|||
+ " divisible by 8 are allowed. " + RSA._stance)); |
|||
} |
|||
// TODO maybe allow this to be set to any of the standard values?
|
|||
wcOpts.publicExponent = new Uint8Array([0x01, 0x00, 0x01]); |
|||
// Support PSS? I don't think it's used for Let's Encrypt
|
|||
wcOpts.name = 'RSASSA-PKCS1-v1_5'; |
|||
if (!opts.modulusLength) { |
|||
opts.modulusLength = 2048; |
|||
} |
|||
wcOpts.modulusLength = opts.modulusLength; |
|||
if (wcOpts.modulusLength >= 2048 && wcOpts.modulusLength < 3072) { |
|||
// erring on the small side... for no good reason
|
|||
wcOpts.hash = { name: 'SHA-256' }; |
|||
} else if ( |
|||
wcOpts.modulusLength >= 3072 && |
|||
wcOpts.modulusLength < 4096 |
|||
) { |
|||
wcOpts.hash = { name: 'SHA-384' }; |
|||
} else if (wcOpts.modulusLength < 4097) { |
|||
wcOpts.hash = { name: 'SHA-512' }; |
|||
} else { |
|||
// Public key thumbprints should be paired with a hash of similar length,
|
|||
// so anything above SHA-512's keyspace would be left under-represented anyway.
|
|||
return Promise.Reject( |
|||
new Error( |
|||
"'" + |
|||
wcOpts.modulusLength + |
|||
"' is not within the safe and universally" + |
|||
' acceptable range of 2048-4096. Typically you should pick 2048, 3072, or 4096, though other values' + |
|||
' divisible by 8 are allowed. ' + |
|||
RSA._stance |
|||
) |
|||
); |
|||
} |
|||
// TODO maybe allow this to be set to any of the standard values?
|
|||
wcOpts.publicExponent = new Uint8Array([0x01, 0x00, 0x01]); |
|||
|
|||
var extractable = true; |
|||
return window.crypto.subtle.generateKey( |
|||
wcOpts |
|||
, extractable |
|||
, [ 'sign', 'verify' ] |
|||
).then(function (result) { |
|||
return window.crypto.subtle.exportKey( |
|||
"jwk" |
|||
, result.privateKey |
|||
).then(function (privJwk) { |
|||
return { |
|||
private: privJwk |
|||
, public: RSA.neuter({ jwk: privJwk }) |
|||
}; |
|||
}); |
|||
}); |
|||
}; |
|||
var extractable = true; |
|||
return window.crypto.subtle |
|||
.generateKey(wcOpts, extractable, ['sign', 'verify']) |
|||
.then(function(result) { |
|||
return window.crypto.subtle |
|||
.exportKey('jwk', result.privateKey) |
|||
.then(function(privJwk) { |
|||
return { |
|||
private: privJwk, |
|||
public: RSA.neuter({ jwk: privJwk }) |
|||
}; |
|||
}); |
|||
}); |
|||
}; |
|||
|
|||
// Chopping off the private parts is now part of the public API.
|
|||
// I thought it sounded a little too crude at first, but it really is the best name in every possible way.
|
|||
RSA.neuter = function (opts) { |
|||
// trying to find the best balance of an immutable copy with custom attributes
|
|||
var jwk = {}; |
|||
Object.keys(opts.jwk).forEach(function (k) { |
|||
if ('undefined' === typeof opts.jwk[k]) { return; } |
|||
// ignore RSA private parts
|
|||
if (-1 !== ['d', 'p', 'q', 'dp', 'dq', 'qi'].indexOf(k)) { return; } |
|||
jwk[k] = JSON.parse(JSON.stringify(opts.jwk[k])); |
|||
}); |
|||
return jwk; |
|||
}; |
|||
// Chopping off the private parts is now part of the public API.
|
|||
// I thought it sounded a little too crude at first, but it really is the best name in every possible way.
|
|||
RSA.neuter = function(opts) { |
|||
// trying to find the best balance of an immutable copy with custom attributes
|
|||
var jwk = {}; |
|||
Object.keys(opts.jwk).forEach(function(k) { |
|||
if ('undefined' === typeof opts.jwk[k]) { |
|||
return; |
|||
} |
|||
// ignore RSA private parts
|
|||
if (-1 !== ['d', 'p', 'q', 'dp', 'dq', 'qi'].indexOf(k)) { |
|||
return; |
|||
} |
|||
jwk[k] = JSON.parse(JSON.stringify(opts.jwk[k])); |
|||
}); |
|||
return jwk; |
|||
}; |
|||
|
|||
// https://stackoverflow.com/questions/42588786/how-to-fingerprint-a-jwk
|
|||
RSA.__thumbprint = function (jwk) { |
|||
// Use the same entropy for SHA as for key
|
|||
var len = Math.floor(jwk.n.length * 0.75); |
|||
var alg = 'SHA-256'; |
|||
// TODO this may be a bug
|
|||
// need to confirm that the padding is no more or less than 1 byte
|
|||
if (len >= 511) { |
|||
alg = 'SHA-512'; |
|||
} else if (len >= 383) { |
|||
alg = 'SHA-384'; |
|||
} |
|||
return window.crypto.subtle.digest( |
|||
{ name: alg } |
|||
, textEncoder.encode('{"e":"' + jwk.e + '","kty":"RSA","n":"' + jwk.n + '"}') |
|||
).then(function (hash) { |
|||
return Enc.bufToUrlBase64(new Uint8Array(hash)); |
|||
}); |
|||
}; |
|||
// https://stackoverflow.com/questions/42588786/how-to-fingerprint-a-jwk
|
|||
RSA.__thumbprint = function(jwk) { |
|||
// Use the same entropy for SHA as for key
|
|||
var len = Math.floor(jwk.n.length * 0.75); |
|||
var alg = 'SHA-256'; |
|||
// TODO this may be a bug
|
|||
// need to confirm that the padding is no more or less than 1 byte
|
|||
if (len >= 511) { |
|||
alg = 'SHA-512'; |
|||
} else if (len >= 383) { |
|||
alg = 'SHA-384'; |
|||
} |
|||
return window.crypto.subtle |
|||
.digest( |
|||
{ name: alg }, |
|||
textEncoder.encode( |
|||
'{"e":"' + jwk.e + '","kty":"RSA","n":"' + jwk.n + '"}' |
|||
) |
|||
) |
|||
.then(function(hash) { |
|||
return Enc.bufToUrlBase64(new Uint8Array(hash)); |
|||
}); |
|||
}; |
|||
|
|||
RSA.thumbprint = function (opts) { |
|||
return Promise.resolve().then(function () { |
|||
var jwk; |
|||
if ('EC' === opts.kty) { |
|||
jwk = opts; |
|||
} else if (opts.jwk) { |
|||
jwk = opts.jwk; |
|||
} else { |
|||
return RSA.import(opts).then(function (jwk) { |
|||
return RSA.__thumbprint(jwk); |
|||
}); |
|||
} |
|||
return RSA.__thumbprint(jwk); |
|||
}); |
|||
}; |
|||
RSA.thumbprint = function(opts) { |
|||
return Promise.resolve().then(function() { |
|||
var jwk; |
|||
if ('EC' === opts.kty) { |
|||
jwk = opts; |
|||
} else if (opts.jwk) { |
|||
jwk = opts.jwk; |
|||
} else { |
|||
return RSA.import(opts).then(function(jwk) { |
|||
return RSA.__thumbprint(jwk); |
|||
}); |
|||
} |
|||
return RSA.__thumbprint(jwk); |
|||
}); |
|||
}; |
|||
|
|||
RSA.export = function (opts) { |
|||
return Promise.resolve().then(function () { |
|||
if (!opts || !opts.jwk || 'object' !== typeof opts.jwk) { |
|||
throw new Error("must pass { jwk: jwk }"); |
|||
} |
|||
var jwk = JSON.parse(JSON.stringify(opts.jwk)); |
|||
var format = opts.format; |
|||
var pub = opts.public; |
|||
if (pub || -1 !== [ 'spki', 'pkix', 'ssh', 'rfc4716' ].indexOf(format)) { |
|||
jwk = RSA.neuter({ jwk: jwk }); |
|||
} |
|||
if ('RSA' !== jwk.kty) { |
|||
throw new Error("options.jwk.kty must be 'RSA' for RSA keys"); |
|||
} |
|||
if (!jwk.p) { |
|||
// TODO test for n and e
|
|||
pub = true; |
|||
if (!format || 'pkcs1' === format) { |
|||
format = 'pkcs1'; |
|||
} else if (-1 !== [ 'spki', 'pkix' ].indexOf(format)) { |
|||
format = 'spki'; |
|||
} else if (-1 !== [ 'ssh', 'rfc4716' ].indexOf(format)) { |
|||
format = 'ssh'; |
|||
} else { |
|||
throw new Error("options.format must be 'spki', 'pkcs1', or 'ssh' for public RSA keys, not (" |
|||
+ typeof format + ") " + format); |
|||
} |
|||
} else { |
|||
// TODO test for all necessary keys (d, p, q ...)
|
|||
if (!format || 'pkcs1' === format) { |
|||
format = 'pkcs1'; |
|||
} else if ('pkcs8' !== format) { |
|||
throw new Error("options.format must be 'pkcs1' or 'pkcs8' for private RSA keys"); |
|||
} |
|||
} |
|||
RSA.export = function(opts) { |
|||
return Promise.resolve().then(function() { |
|||
if (!opts || !opts.jwk || 'object' !== typeof opts.jwk) { |
|||
throw new Error('must pass { jwk: jwk }'); |
|||
} |
|||
var jwk = JSON.parse(JSON.stringify(opts.jwk)); |
|||
var format = opts.format; |
|||
var pub = opts.public; |
|||
if ( |
|||
pub || |
|||
-1 !== ['spki', 'pkix', 'ssh', 'rfc4716'].indexOf(format) |
|||
) { |
|||
jwk = RSA.neuter({ jwk: jwk }); |
|||
} |
|||
if ('RSA' !== jwk.kty) { |
|||
throw new Error("options.jwk.kty must be 'RSA' for RSA keys"); |
|||
} |
|||
if (!jwk.p) { |
|||
// TODO test for n and e
|
|||
pub = true; |
|||
if (!format || 'pkcs1' === format) { |
|||
format = 'pkcs1'; |
|||
} else if (-1 !== ['spki', 'pkix'].indexOf(format)) { |
|||
format = 'spki'; |
|||
} else if (-1 !== ['ssh', 'rfc4716'].indexOf(format)) { |
|||
format = 'ssh'; |
|||
} else { |
|||
throw new Error( |
|||
"options.format must be 'spki', 'pkcs1', or 'ssh' for public RSA keys, not (" + |
|||
typeof format + |
|||
') ' + |
|||
format |
|||
); |
|||
} |
|||
} else { |
|||
// TODO test for all necessary keys (d, p, q ...)
|
|||
if (!format || 'pkcs1' === format) { |
|||
format = 'pkcs1'; |
|||
} else if ('pkcs8' !== format) { |
|||
throw new Error( |
|||
"options.format must be 'pkcs1' or 'pkcs8' for private RSA keys" |
|||
); |
|||
} |
|||
} |
|||
|
|||
if ('pkcs1' === format) { |
|||
if (jwk.d) { |
|||
return PEM.packBlock({ type: "RSA PRIVATE KEY", bytes: x509.packPkcs1(jwk) }); |
|||
} else { |
|||
return PEM.packBlock({ type: "RSA PUBLIC KEY", bytes: x509.packPkcs1(jwk) }); |
|||
} |
|||
} else if ('pkcs8' === format) { |
|||
return PEM.packBlock({ type: "PRIVATE KEY", bytes: x509.packPkcs8(jwk) }); |
|||
} else if (-1 !== [ 'spki', 'pkix' ].indexOf(format)) { |
|||
return PEM.packBlock({ type: "PUBLIC KEY", bytes: x509.packSpki(jwk) }); |
|||
} else if (-1 !== [ 'ssh', 'rfc4716' ].indexOf(format)) { |
|||
return SSH.pack({ jwk: jwk, comment: opts.comment }); |
|||
} else { |
|||
throw new Error("Sanity Error: reached unreachable code block with format: " + format); |
|||
} |
|||
}); |
|||
}; |
|||
RSA.pack = function (opts) { |
|||
// wrapped in a promise for API compatibility
|
|||
// with the forthcoming browser version
|
|||
// (and potential future native node capability)
|
|||
return Promise.resolve().then(function () { |
|||
return RSA.export(opts); |
|||
}); |
|||
}; |
|||
if ('pkcs1' === format) { |
|||
if (jwk.d) { |
|||
return PEM.packBlock({ |
|||
type: 'RSA PRIVATE KEY', |
|||
bytes: x509.packPkcs1(jwk) |
|||
}); |
|||
} else { |
|||
return PEM.packBlock({ |
|||
type: 'RSA PUBLIC KEY', |
|||
bytes: x509.packPkcs1(jwk) |
|||
}); |
|||
} |
|||
} else if ('pkcs8' === format) { |
|||
return PEM.packBlock({ |
|||
type: 'PRIVATE KEY', |
|||
bytes: x509.packPkcs8(jwk) |
|||
}); |
|||
} else if (-1 !== ['spki', 'pkix'].indexOf(format)) { |
|||
return PEM.packBlock({ |
|||
type: 'PUBLIC KEY', |
|||
bytes: x509.packSpki(jwk) |
|||
}); |
|||
} else if (-1 !== ['ssh', 'rfc4716'].indexOf(format)) { |
|||
return SSH.pack({ jwk: jwk, comment: opts.comment }); |
|||
} else { |
|||
throw new Error( |
|||
'Sanity Error: reached unreachable code block with format: ' + |
|||
format |
|||
); |
|||
} |
|||
}); |
|||
}; |
|||
RSA.pack = function(opts) { |
|||
// wrapped in a promise for API compatibility
|
|||
// with the forthcoming browser version
|
|||
// (and potential future native node capability)
|
|||
return Promise.resolve().then(function() { |
|||
return RSA.export(opts); |
|||
}); |
|||
}; |
|||
|
|||
Enc.bufToUrlBase64 = function (u8) { |
|||
return Enc.bufToBase64(u8) |
|||
.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, ''); |
|||
}; |
|||
Enc.bufToUrlBase64 = function(u8) { |
|||
return Enc.bufToBase64(u8) |
|||
.replace(/\+/g, '-') |
|||
.replace(/\//g, '_') |
|||
.replace(/=/g, ''); |
|||
}; |
|||
|
|||
Enc.bufToBase64 = function (u8) { |
|||
var bin = ''; |
|||
u8.forEach(function (i) { |
|||
bin += String.fromCharCode(i); |
|||
}); |
|||
return btoa(bin); |
|||
}; |
|||
|
|||
}('undefined' !== typeof module ? module.exports : window)); |
|||
Enc.bufToBase64 = function(u8) { |
|||
var bin = ''; |
|||
u8.forEach(function(i) { |
|||
bin += String.fromCharCode(i); |
|||
}); |
|||
return btoa(bin); |
|||
}; |
|||
})('undefined' !== typeof module ? module.exports : window); |
|||
|
@ -1,279 +1,301 @@ |
|||
(function (exports) { |
|||
'use strict'; |
|||
(function(exports) { |
|||
'use strict'; |
|||
|
|||
var x509 = exports.x509 = {}; |
|||
var ASN1 = exports.ASN1; |
|||
var Enc = exports.Enc; |
|||
var x509 = (exports.x509 = {}); |
|||
var ASN1 = exports.ASN1; |
|||
var Enc = exports.Enc; |
|||
|
|||
// 1.2.840.10045.3.1.7
|
|||
// prime256v1 (ANSI X9.62 named elliptic curve)
|
|||
var OBJ_ID_EC = '06 08 2A8648CE3D030107'.replace(/\s+/g, '').toLowerCase(); |
|||
// 1.3.132.0.34
|
|||
// secp384r1 (SECG (Certicom) named elliptic curve)
|
|||
var OBJ_ID_EC_384 = '06 05 2B81040022'.replace(/\s+/g, '').toLowerCase(); |
|||
// 1.2.840.10045.2.1
|
|||
// ecPublicKey (ANSI X9.62 public key type)
|
|||
var OBJ_ID_EC_PUB = '06 07 2A8648CE3D0201'.replace(/\s+/g, '').toLowerCase(); |
|||
// 1.2.840.10045.3.1.7
|
|||
// prime256v1 (ANSI X9.62 named elliptic curve)
|
|||
var OBJ_ID_EC = '06 08 2A8648CE3D030107'.replace(/\s+/g, '').toLowerCase(); |
|||
// 1.3.132.0.34
|
|||
// secp384r1 (SECG (Certicom) named elliptic curve)
|
|||
var OBJ_ID_EC_384 = '06 05 2B81040022'.replace(/\s+/g, '').toLowerCase(); |
|||
// 1.2.840.10045.2.1
|
|||
// ecPublicKey (ANSI X9.62 public key type)
|
|||
var OBJ_ID_EC_PUB = '06 07 2A8648CE3D0201' |
|||
.replace(/\s+/g, '') |
|||
.toLowerCase(); |
|||
|
|||
x509.parseSec1 = function parseEcOnlyPrivkey(u8, jwk) { |
|||
var index = 7; |
|||
var len = 32; |
|||
var olen = OBJ_ID_EC.length / 2; |
|||
x509.parseSec1 = function parseEcOnlyPrivkey(u8, jwk) { |
|||
var index = 7; |
|||
var len = 32; |
|||
var olen = OBJ_ID_EC.length / 2; |
|||
|
|||
if ("P-384" === jwk.crv) { |
|||
olen = OBJ_ID_EC_384.length / 2; |
|||
index = 8; |
|||
len = 48; |
|||
} |
|||
if (len !== u8[index - 1]) { |
|||
throw new Error("Unexpected bitlength " + len); |
|||
} |
|||
if ('P-384' === jwk.crv) { |
|||
olen = OBJ_ID_EC_384.length / 2; |
|||
index = 8; |
|||
len = 48; |
|||
} |
|||
if (len !== u8[index - 1]) { |
|||
throw new Error('Unexpected bitlength ' + len); |
|||
} |
|||
|
|||
// private part is d
|
|||
var d = u8.slice(index, index + len); |
|||
// compression bit index
|
|||
var ci = index + len + 2 + olen + 2 + 3; |
|||
var c = u8[ci]; |
|||
var x, y; |
|||
// private part is d
|
|||
var d = u8.slice(index, index + len); |
|||
// compression bit index
|
|||
var ci = index + len + 2 + olen + 2 + 3; |
|||
var c = u8[ci]; |
|||
var x, y; |
|||
|
|||
if (0x04 === c) { |
|||
y = u8.slice(ci + 1 + len, ci + 1 + len + len); |
|||
} else if (0x02 !== c) { |
|||
throw new Error("not a supported EC private key"); |
|||
} |
|||
x = u8.slice(ci + 1, ci + 1 + len); |
|||
if (0x04 === c) { |
|||
y = u8.slice(ci + 1 + len, ci + 1 + len + len); |
|||
} else if (0x02 !== c) { |
|||
throw new Error('not a supported EC private key'); |
|||
} |
|||
x = u8.slice(ci + 1, ci + 1 + len); |
|||
|
|||
return { |
|||
kty: jwk.kty |
|||
, crv: jwk.crv |
|||
, d: Enc.bufToUrlBase64(d) |
|||
//, dh: Enc.bufToHex(d)
|
|||
, x: Enc.bufToUrlBase64(x) |
|||
//, xh: Enc.bufToHex(x)
|
|||
, y: Enc.bufToUrlBase64(y) |
|||
//, yh: Enc.bufToHex(y)
|
|||
}; |
|||
}; |
|||
return { |
|||
kty: jwk.kty, |
|||
crv: jwk.crv, |
|||
d: Enc.bufToUrlBase64(d), |
|||
//, dh: Enc.bufToHex(d)
|
|||
x: Enc.bufToUrlBase64(x), |
|||
//, xh: Enc.bufToHex(x)
|
|||
y: Enc.bufToUrlBase64(y) |
|||
//, yh: Enc.bufToHex(y)
|
|||
}; |
|||
}; |
|||
|
|||
x509.packPkcs1 = function (jwk) { |
|||
var n = ASN1.UInt(Enc.base64ToHex(jwk.n)); |
|||
var e = ASN1.UInt(Enc.base64ToHex(jwk.e)); |
|||
x509.packPkcs1 = function(jwk) { |
|||
var n = ASN1.UInt(Enc.base64ToHex(jwk.n)); |
|||
var e = ASN1.UInt(Enc.base64ToHex(jwk.e)); |
|||
|
|||
if (!jwk.d) { |
|||
return Enc.hexToBuf(ASN1('30', n, e)); |
|||
} |
|||
if (!jwk.d) { |
|||
return Enc.hexToBuf(ASN1('30', n, e)); |
|||
} |
|||
|
|||
return Enc.hexToBuf(ASN1('30' |
|||
, ASN1.UInt('00') |
|||
, n |
|||
, e |
|||
, ASN1.UInt(Enc.base64ToHex(jwk.d)) |
|||
, ASN1.UInt(Enc.base64ToHex(jwk.p)) |
|||
, ASN1.UInt(Enc.base64ToHex(jwk.q)) |
|||
, ASN1.UInt(Enc.base64ToHex(jwk.dp)) |
|||
, ASN1.UInt(Enc.base64ToHex(jwk.dq)) |
|||
, ASN1.UInt(Enc.base64ToHex(jwk.qi)) |
|||
)); |
|||
}; |
|||
return Enc.hexToBuf( |
|||
ASN1( |
|||
'30', |
|||
ASN1.UInt('00'), |
|||
n, |
|||
e, |
|||
ASN1.UInt(Enc.base64ToHex(jwk.d)), |
|||
ASN1.UInt(Enc.base64ToHex(jwk.p)), |
|||
ASN1.UInt(Enc.base64ToHex(jwk.q)), |
|||
ASN1.UInt(Enc.base64ToHex(jwk.dp)), |
|||
ASN1.UInt(Enc.base64ToHex(jwk.dq)), |
|||
ASN1.UInt(Enc.base64ToHex(jwk.qi)) |
|||
) |
|||
); |
|||
}; |
|||
|
|||
x509.parsePkcs8 = function parseEcPkcs8(u8, jwk) { |
|||
var index = 24 + (OBJ_ID_EC.length / 2); |
|||
var len = 32; |
|||
if ("P-384" === jwk.crv) { |
|||
index = 24 + (OBJ_ID_EC_384.length / 2) + 2; |
|||
len = 48; |
|||
} |
|||
x509.parsePkcs8 = function parseEcPkcs8(u8, jwk) { |
|||
var index = 24 + OBJ_ID_EC.length / 2; |
|||
var len = 32; |
|||
if ('P-384' === jwk.crv) { |
|||
index = 24 + OBJ_ID_EC_384.length / 2 + 2; |
|||
len = 48; |
|||
} |
|||
|
|||
//console.log(index, u8.slice(index));
|
|||
if (0x04 !== u8[index]) { |
|||
//console.log(jwk);
|
|||
throw new Error("privkey not found"); |
|||
} |
|||
var d = u8.slice(index + 2, index + 2 + len); |
|||
var ci = index + 2 + len + 5; |
|||
var xi = ci + 1; |
|||
var x = u8.slice(xi, xi + len); |
|||
var yi = xi + len; |
|||
var y; |
|||
if (0x04 === u8[ci]) { |
|||
y = u8.slice(yi, yi + len); |
|||
} else if (0x02 !== u8[ci]) { |
|||
throw new Error("invalid compression bit (expected 0x04 or 0x02)"); |
|||
} |
|||
//console.log(index, u8.slice(index));
|
|||
if (0x04 !== u8[index]) { |
|||
//console.log(jwk);
|
|||
throw new Error('privkey not found'); |
|||
} |
|||
var d = u8.slice(index + 2, index + 2 + len); |
|||
var ci = index + 2 + len + 5; |
|||
var xi = ci + 1; |
|||
var x = u8.slice(xi, xi + len); |
|||
var yi = xi + len; |
|||
var y; |
|||
if (0x04 === u8[ci]) { |
|||
y = u8.slice(yi, yi + len); |
|||
} else if (0x02 !== u8[ci]) { |
|||
throw new Error('invalid compression bit (expected 0x04 or 0x02)'); |
|||
} |
|||
|
|||
return { |
|||
kty: jwk.kty |
|||
, crv: jwk.crv |
|||
, d: Enc.bufToUrlBase64(d) |
|||
//, dh: Enc.bufToHex(d)
|
|||
, x: Enc.bufToUrlBase64(x) |
|||
//, xh: Enc.bufToHex(x)
|
|||
, y: Enc.bufToUrlBase64(y) |
|||
//, yh: Enc.bufToHex(y)
|
|||
}; |
|||
}; |
|||
return { |
|||
kty: jwk.kty, |
|||
crv: jwk.crv, |
|||
d: Enc.bufToUrlBase64(d), |
|||
//, dh: Enc.bufToHex(d)
|
|||
x: Enc.bufToUrlBase64(x), |
|||
//, xh: Enc.bufToHex(x)
|
|||
y: Enc.bufToUrlBase64(y) |
|||
//, yh: Enc.bufToHex(y)
|
|||
}; |
|||
}; |
|||
|
|||
x509.parseSpki = function parsePem(u8, jwk) { |
|||
var ci = 16 + OBJ_ID_EC.length / 2; |
|||
var len = 32; |
|||
x509.parseSpki = function parsePem(u8, jwk) { |
|||
var ci = 16 + OBJ_ID_EC.length / 2; |
|||
var len = 32; |
|||
|
|||
if ("P-384" === jwk.crv) { |
|||
ci = 16 + OBJ_ID_EC_384.length / 2; |
|||
len = 48; |
|||
} |
|||
if ('P-384' === jwk.crv) { |
|||
ci = 16 + OBJ_ID_EC_384.length / 2; |
|||
len = 48; |
|||
} |
|||
|
|||
var c = u8[ci]; |
|||
var xi = ci + 1; |
|||
var x = u8.slice(xi, xi + len); |
|||
var yi = xi + len; |
|||
var y; |
|||
if (0x04 === c) { |
|||
y = u8.slice(yi, yi + len); |
|||
} else if (0x02 !== c) { |
|||
throw new Error("not a supported EC private key"); |
|||
} |
|||
var c = u8[ci]; |
|||
var xi = ci + 1; |
|||
var x = u8.slice(xi, xi + len); |
|||
var yi = xi + len; |
|||
var y; |
|||
if (0x04 === c) { |
|||
y = u8.slice(yi, yi + len); |
|||
} else if (0x02 !== c) { |
|||
throw new Error('not a supported EC private key'); |
|||
} |
|||
|
|||
return { |
|||
kty: jwk.kty |
|||
, crv: jwk.crv |
|||
, x: Enc.bufToUrlBase64(x) |
|||
//, xh: Enc.bufToHex(x)
|
|||
, y: Enc.bufToUrlBase64(y) |
|||
//, yh: Enc.bufToHex(y)
|
|||
}; |
|||
}; |
|||
x509.parsePkix = x509.parseSpki; |
|||
return { |
|||
kty: jwk.kty, |
|||
crv: jwk.crv, |
|||
x: Enc.bufToUrlBase64(x), |
|||
//, xh: Enc.bufToHex(x)
|
|||
y: Enc.bufToUrlBase64(y) |
|||
//, yh: Enc.bufToHex(y)
|
|||
}; |
|||
}; |
|||
x509.parsePkix = x509.parseSpki; |
|||
|
|||
x509.packSec1 = function (jwk) { |
|||
var d = Enc.base64ToHex(jwk.d); |
|||
var x = Enc.base64ToHex(jwk.x); |
|||
var y = Enc.base64ToHex(jwk.y); |
|||
var objId = ('P-256' === jwk.crv) ? OBJ_ID_EC : OBJ_ID_EC_384; |
|||
return Enc.hexToBuf( |
|||
ASN1('30' |
|||
, ASN1.UInt('01') |
|||
, ASN1('04', d) |
|||
, ASN1('A0', objId) |
|||
, ASN1('A1', ASN1.BitStr('04' + x + y))) |
|||
); |
|||
}; |
|||
/** |
|||
* take a private jwk and creates a der from it |
|||
* @param {*} jwk |
|||
*/ |
|||
x509.packPkcs8 = function (jwk) { |
|||
if ('RSA' === jwk.kty) { |
|||
if (!jwk.d) { |
|||
// Public RSA
|
|||
return Enc.hexToBuf(ASN1('30' |
|||
, ASN1('30' |
|||
, ASN1('06', '2a864886f70d010101') |
|||
, ASN1('05') |
|||
) |
|||
, ASN1.BitStr(ASN1('30' |
|||
, ASN1.UInt(Enc.base64ToHex(jwk.n)) |
|||
, ASN1.UInt(Enc.base64ToHex(jwk.e)) |
|||
)) |
|||
)); |
|||
} |
|||
x509.packSec1 = function(jwk) { |
|||
var d = Enc.base64ToHex(jwk.d); |
|||
var x = Enc.base64ToHex(jwk.x); |
|||
var y = Enc.base64ToHex(jwk.y); |
|||
var objId = 'P-256' === jwk.crv ? OBJ_ID_EC : OBJ_ID_EC_384; |
|||
return Enc.hexToBuf( |
|||
ASN1( |
|||
'30', |
|||
ASN1.UInt('01'), |
|||
ASN1('04', d), |
|||
ASN1('A0', objId), |
|||
ASN1('A1', ASN1.BitStr('04' + x + y)) |
|||
) |
|||
); |
|||
}; |
|||
/** |
|||
* take a private jwk and creates a der from it |
|||
* @param {*} jwk |
|||
*/ |
|||
x509.packPkcs8 = function(jwk) { |
|||
if ('RSA' === jwk.kty) { |
|||
if (!jwk.d) { |
|||
// Public RSA
|
|||
return Enc.hexToBuf( |
|||
ASN1( |
|||
'30', |
|||
ASN1( |
|||
'30', |
|||
ASN1('06', '2a864886f70d010101'), |
|||
ASN1('05') |
|||
), |
|||
ASN1.BitStr( |
|||
ASN1( |
|||
'30', |
|||
ASN1.UInt(Enc.base64ToHex(jwk.n)), |
|||
ASN1.UInt(Enc.base64ToHex(jwk.e)) |
|||
) |
|||
) |
|||
) |
|||
); |
|||
} |
|||
|
|||
// Private RSA
|
|||
return Enc.hexToBuf(ASN1('30' |
|||
, ASN1.UInt('00') |
|||
, ASN1('30' |
|||
, ASN1('06', '2a864886f70d010101') |
|||
, ASN1('05') |
|||
) |
|||
, ASN1('04' |
|||
, ASN1('30' |
|||
, ASN1.UInt('00') |
|||
, ASN1.UInt(Enc.base64ToHex(jwk.n)) |
|||
, ASN1.UInt(Enc.base64ToHex(jwk.e)) |
|||
, ASN1.UInt(Enc.base64ToHex(jwk.d)) |
|||
, ASN1.UInt(Enc.base64ToHex(jwk.p)) |
|||
, ASN1.UInt(Enc.base64ToHex(jwk.q)) |
|||
, ASN1.UInt(Enc.base64ToHex(jwk.dp)) |
|||
, ASN1.UInt(Enc.base64ToHex(jwk.dq)) |
|||
, ASN1.UInt(Enc.base64ToHex(jwk.qi)) |
|||
) |
|||
) |
|||
)); |
|||
} |
|||
// Private RSA
|
|||
return Enc.hexToBuf( |
|||
ASN1( |
|||
'30', |
|||
ASN1.UInt('00'), |
|||
ASN1('30', ASN1('06', '2a864886f70d010101'), ASN1('05')), |
|||
ASN1( |
|||
'04', |
|||
ASN1( |
|||
'30', |
|||
ASN1.UInt('00'), |
|||
ASN1.UInt(Enc.base64ToHex(jwk.n)), |
|||
ASN1.UInt(Enc.base64ToHex(jwk.e)), |
|||
ASN1.UInt(Enc.base64ToHex(jwk.d)), |
|||
ASN1.UInt(Enc.base64ToHex(jwk.p)), |
|||
ASN1.UInt(Enc.base64ToHex(jwk.q)), |
|||
ASN1.UInt(Enc.base64ToHex(jwk.dp)), |
|||
ASN1.UInt(Enc.base64ToHex(jwk.dq)), |
|||
ASN1.UInt(Enc.base64ToHex(jwk.qi)) |
|||
) |
|||
) |
|||
) |
|||
); |
|||
} |
|||
|
|||
var d = Enc.base64ToHex(jwk.d); |
|||
var x = Enc.base64ToHex(jwk.x); |
|||
var y = Enc.base64ToHex(jwk.y); |
|||
var objId = ('P-256' === jwk.crv) ? OBJ_ID_EC : OBJ_ID_EC_384; |
|||
return Enc.hexToBuf( |
|||
ASN1('30' |
|||
, ASN1.UInt('00') |
|||
, ASN1('30' |
|||
, OBJ_ID_EC_PUB |
|||
, objId |
|||
) |
|||
, ASN1('04' |
|||
, ASN1('30' |
|||
, ASN1.UInt('01') |
|||
, ASN1('04', d) |
|||
, ASN1('A1', ASN1.BitStr('04' + x + y))))) |
|||
); |
|||
}; |
|||
x509.packSpki = function (jwk) { |
|||
if (/EC/i.test(jwk.kty)) { |
|||
return x509.packSpkiEc(jwk); |
|||
} |
|||
return x509.packSpkiRsa(jwk); |
|||
}; |
|||
x509.packSpkiRsa = function (jwk) { |
|||
if (!jwk.d) { |
|||
// Public RSA
|
|||
return Enc.hexToBuf(ASN1('30' |
|||
, ASN1('30' |
|||
, ASN1('06', '2a864886f70d010101') |
|||
, ASN1('05') |
|||
) |
|||
, ASN1.BitStr(ASN1('30' |
|||
, ASN1.UInt(Enc.base64ToHex(jwk.n)) |
|||
, ASN1.UInt(Enc.base64ToHex(jwk.e)) |
|||
)) |
|||
)); |
|||
} |
|||
var d = Enc.base64ToHex(jwk.d); |
|||
var x = Enc.base64ToHex(jwk.x); |
|||
var y = Enc.base64ToHex(jwk.y); |
|||
var objId = 'P-256' === jwk.crv ? OBJ_ID_EC : OBJ_ID_EC_384; |
|||
return Enc.hexToBuf( |
|||
ASN1( |
|||
'30', |
|||
ASN1.UInt('00'), |
|||
ASN1('30', OBJ_ID_EC_PUB, objId), |
|||
ASN1( |
|||
'04', |
|||
ASN1( |
|||
'30', |
|||
ASN1.UInt('01'), |
|||
ASN1('04', d), |
|||
ASN1('A1', ASN1.BitStr('04' + x + y)) |
|||
) |
|||
) |
|||
) |
|||
); |
|||
}; |
|||
x509.packSpki = function(jwk) { |
|||
if (/EC/i.test(jwk.kty)) { |
|||
return x509.packSpkiEc(jwk); |
|||
} |
|||
return x509.packSpkiRsa(jwk); |
|||
}; |
|||
x509.packSpkiRsa = function(jwk) { |
|||
if (!jwk.d) { |
|||
// Public RSA
|
|||
return Enc.hexToBuf( |
|||
ASN1( |
|||
'30', |
|||
ASN1('30', ASN1('06', '2a864886f70d010101'), ASN1('05')), |
|||
ASN1.BitStr( |
|||
ASN1( |
|||
'30', |
|||
ASN1.UInt(Enc.base64ToHex(jwk.n)), |
|||
ASN1.UInt(Enc.base64ToHex(jwk.e)) |
|||
) |
|||
) |
|||
) |
|||
); |
|||
} |
|||
|
|||
// Private RSA
|
|||
return Enc.hexToBuf(ASN1('30' |
|||
, ASN1.UInt('00') |
|||
, ASN1('30' |
|||
, ASN1('06', '2a864886f70d010101') |
|||
, ASN1('05') |
|||
) |
|||
, ASN1('04' |
|||
, ASN1('30' |
|||
, ASN1.UInt('00') |
|||
, ASN1.UInt(Enc.base64ToHex(jwk.n)) |
|||
, ASN1.UInt(Enc.base64ToHex(jwk.e)) |
|||
, ASN1.UInt(Enc.base64ToHex(jwk.d)) |
|||
, ASN1.UInt(Enc.base64ToHex(jwk.p)) |
|||
, ASN1.UInt(Enc.base64ToHex(jwk.q)) |
|||
, ASN1.UInt(Enc.base64ToHex(jwk.dp)) |
|||
, ASN1.UInt(Enc.base64ToHex(jwk.dq)) |
|||
, ASN1.UInt(Enc.base64ToHex(jwk.qi)) |
|||
) |
|||
) |
|||
)); |
|||
}; |
|||
x509.packSpkiEc = function (jwk) { |
|||
var x = Enc.base64ToHex(jwk.x); |
|||
var y = Enc.base64ToHex(jwk.y); |
|||
var objId = ('P-256' === jwk.crv) ? OBJ_ID_EC : OBJ_ID_EC_384; |
|||
return Enc.hexToBuf( |
|||
ASN1('30' |
|||
, ASN1('30' |
|||
, OBJ_ID_EC_PUB |
|||
, objId |
|||
) |
|||
, ASN1.BitStr('04' + x + y)) |
|||
); |
|||
}; |
|||
x509.packPkix = x509.packSpki; |
|||
|
|||
}('undefined' !== typeof module ? module.exports : window)); |
|||
// Private RSA
|
|||
return Enc.hexToBuf( |
|||
ASN1( |
|||
'30', |
|||
ASN1.UInt('00'), |
|||
ASN1('30', ASN1('06', '2a864886f70d010101'), ASN1('05')), |
|||
ASN1( |
|||
'04', |
|||
ASN1( |
|||
'30', |
|||
ASN1.UInt('00'), |
|||
ASN1.UInt(Enc.base64ToHex(jwk.n)), |
|||
ASN1.UInt(Enc.base64ToHex(jwk.e)), |
|||
ASN1.UInt(Enc.base64ToHex(jwk.d)), |
|||
ASN1.UInt(Enc.base64ToHex(jwk.p)), |
|||
ASN1.UInt(Enc.base64ToHex(jwk.q)), |
|||
ASN1.UInt(Enc.base64ToHex(jwk.dp)), |
|||
ASN1.UInt(Enc.base64ToHex(jwk.dq)), |
|||
ASN1.UInt(Enc.base64ToHex(jwk.qi)) |
|||
) |
|||
) |
|||
) |
|||
); |
|||
}; |
|||
x509.packSpkiEc = function(jwk) { |
|||
var x = Enc.base64ToHex(jwk.x); |
|||
var y = Enc.base64ToHex(jwk.y); |
|||
var objId = 'P-256' === jwk.crv ? OBJ_ID_EC : OBJ_ID_EC_384; |
|||
return Enc.hexToBuf( |
|||
ASN1( |
|||
'30', |
|||
ASN1('30', OBJ_ID_EC_PUB, objId), |
|||
ASN1.BitStr('04' + x + y) |
|||
) |
|||
); |
|||
}; |
|||
x509.packPkix = x509.packSpki; |
|||
})('undefined' !== typeof module ? module.exports : window); |
|||
|
@ -1,42 +1,44 @@ |
|||
{ |
|||
"name": "@bluecrypt/acme", |
|||
"version": "1.0.1", |
|||
"description": "Free SSL certificates through Let's Encrypt, right in your browser", |
|||
"main": "bluecrypt-acme.js", |
|||
"homepage": "https://rootprojects.org/acme/", |
|||
"directories": { |
|||
"lib": "lib" |
|||
}, |
|||
"files": [ |
|||
"lib", |
|||
"bluecrypt-acme.js", |
|||
"bluecrypt-acme.min.js" |
|||
], |
|||
"scripts": { |
|||
"test": "node server.js", |
|||
"start": "node server.js" |
|||
}, |
|||
"repository": { |
|||
"type": "git", |
|||
"url": "https://git.coolaj86.com/coolaj86/bluecrypt-acme.js.git" |
|||
}, |
|||
"keywords": [ |
|||
"ACME", |
|||
"Let's Encrypt", |
|||
"browser", |
|||
"EC", |
|||
"RSA", |
|||
"CSR", |
|||
"greenlock", |
|||
"VanillaJS", |
|||
"ZeroSSL" |
|||
], |
|||
"author": "AJ ONeal <coolaj86@gmail.com> (https://coolaj86.com/)", |
|||
"license": "MPL-2.0", |
|||
"devDependencies": { |
|||
"@root/request": "^1.3.10", |
|||
"dig.js": "^1.3.9", |
|||
"dns-suite": "^1.2.12", |
|||
"express": "^4.16.4" |
|||
} |
|||
"name": "acme", |
|||
"version": "2.0.0-wip.0", |
|||
"description": "Free SSL certificates through Let's Encrypt, right in your browser", |
|||
"main": "bluecrypt-acme.js", |
|||
"homepage": "https://rootprojects.org/acme/", |
|||
"directories": { |
|||
"lib": "lib" |
|||
}, |
|||
"files": [ |
|||
"lib", |
|||
"dist" |
|||
], |
|||
"scripts": { |
|||
"build": "node bin/bundle.js", |
|||
"lint": "jshint lib bin", |
|||
"test": "node server.js", |
|||
"start": "node server.js" |
|||
}, |
|||
"repository": { |
|||
"type": "git", |
|||
"url": "https://git.coolaj86.com/coolaj86/bluecrypt-acme.js.git" |
|||
}, |
|||
"keywords": [ |
|||
"ACME", |
|||
"Let's Encrypt", |
|||
"browser", |
|||
"EC", |
|||
"RSA", |
|||
"CSR", |
|||
"greenlock", |
|||
"VanillaJS", |
|||
"ZeroSSL" |
|||
], |
|||
"author": "AJ ONeal <coolaj86@gmail.com> (https://coolaj86.com/)", |
|||
"license": "MPL-2.0", |
|||
"devDependencies": { |
|||
"@root/request": "^1.3.10", |
|||
"dig.js": "^1.3.9", |
|||
"dns-suite": "^1.2.12", |
|||
"express": "^4.16.4", |
|||
"uglify-js": "^3.6.0" |
|||
} |
|||
} |
|||
|
Loading…
Reference in new issue