cleanup

2019-05-07 02:08:40 -06:00 · 2019-05-07 02:08:40 -06:00 · 806b7e6a91
commit 806b7e6a91
parent 32321ea87d
4 changed files with 2 additions and 786 deletions
--- a/index.html
+++ b/index.html
@ -129,9 +129,10 @@
      <pre><code class="js-acme-order-response">&nbsp;</code></pre>
    </details>
    <br>
    <footer>View source: <a href="https://git.rootprojects.org/root/bluecrypt-acme.js">@bluecrypt/acme</a></footer>
-    <script src="./lib/bluecrypt-encoding.js"></script>
+    <script src="./lib/encoding.js"></script>
    <script src="./lib/asn1-packer.js"></script>
    <script src="./lib/x509.js"></script>
    <script src="./lib/ecdsa.js"></script>
--- a/lib/browser-acme.js
+++ b/lib/browser-acme.js
@ -1,699 +0,0 @@
 /*global CSR*/
 // CSR takes a while to load after the page load
 (function (exports) {
 'use strict';
 var BACME = exports.ACME = {};
 var webFetch = exports.fetch;
 var Keypairs = exports.Keypairs;
 var Promise = exports.Promise;
 var directoryUrl = 'https://acme-staging-v02.api.letsencrypt.org/directory';
 var directory;
 var nonceUrl;
 var nonce;
 var accountKeypair;
 var accountJwk;
 var accountUrl;
 BACME.challengePrefixes = {
  'http-01': '/.well-known/acme-challenge'
 , 'dns-01': '_acme-challenge'
 };
 BACME._logHeaders = function (resp) {
  console.log('Headers:');
  Array.from(resp.headers.entries()).forEach(function (h) { console.log(h[0] + ': ' + h[1]); });
 };
 BACME._logBody = function (body) {
  console.log('Body:');
  console.log(JSON.stringify(body, null, 2));
  console.log('');
 };
 BACME.directory = function (opts) {
  return webFetch(opts.directoryUrl || directoryUrl, { mode: 'cors' }).then(function (resp) {
    BACME._logHeaders(resp);
    return resp.json().then(function (reply) {
      if (/error/.test(reply.type)) {
        return Promise.reject(new Error(reply.detail || reply.type));
      }
      directory = reply;
      nonceUrl = directory.newNonce || 'https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce';
      accountUrl = directory.newAccount || 'https://acme-staging-v02.api.letsencrypt.org/acme/new-account';
      orderUrl = directory.newOrder || "https://acme-staging-v02.api.letsencrypt.org/acme/new-order";
      BACME._logBody(reply);
      return reply;
    });
  });
 };
 BACME.nonce = function () {
  return webFetch(nonceUrl, { mode: 'cors' }).then(function (resp) {
    BACME._logHeaders(resp);
    nonce = resp.headers.get('replay-nonce');
    console.log('Nonce:', nonce);
    // resp.body is empty
    return resp.headers.get('replay-nonce');
  });
 };
 BACME.accounts = {};
 // type = ECDSA
 // bitlength = 256
 BACME.accounts.generateKeypair = function (opts) {
  return BACME.generateKeypair(opts).then(function (result) {
    accountKeypair = result;
    return webCrypto.subtle.exportKey(
      "jwk"
    , result.privateKey
    ).then(function (privJwk) {
      accountJwk = privJwk;
      console.log('private jwk:');
      console.log(JSON.stringify(privJwk, null, 2));
      return privJwk;
      /*
      return webCrypto.subtle.exportKey(
        "pkcs8"
      , result.privateKey
      ).then(function (keydata) {
        console.log('pkcs8:');
        console.log(Array.from(new Uint8Array(keydata)));
        return privJwk;
        //return accountKeypair;
      });
      */
    });
  });
 };
 // json to url-safe base64
 BACME._jsto64 = function (json) {
  return btoa(JSON.stringify(json)).replace(/\+/g, '-').replace(/\//g, '_').replace(/=+$/g, '');
 };
 var textEncoder = new TextEncoder();
 BACME._importKey = function (jwk) {
  var alg; // I think the 256 refers to the hash
  var wcOpts = {};
  var extractable = true; // TODO make optionally false?
  var priv = jwk;
  var pub;
  // ECDSA
  if (/^EC/i.test(jwk.kty)) {
    wcOpts.name = 'ECDSA';
    wcOpts.namedCurve = jwk.crv;
    alg = 'ES256';
    pub = {
      crv: priv.crv
    , kty: priv.kty
    , x: priv.x
    , y: priv.y
    };
    if (!priv.d) {
      priv = null;
    }
  }
  // RSA
  if (/^RS/i.test(jwk.kty)) {
    wcOpts.name = 'RSASSA-PKCS1-v1_5';
    wcOpts.hash = { name: "SHA-256" };
    alg = 'RS256';
    pub = {
      e: priv.e
    , kty: priv.kty
    , n: priv.n
    };
    if (!priv.p) {
      priv = null;
    }
  }
  return window.crypto.subtle.importKey(
    "jwk"
  , pub
  , wcOpts
  , extractable
  , [ "verify" ]
  ).then(function (publicKey) {
    function give(privateKey) {
      return {
        wcPub: publicKey
      , wcKey: privateKey
      , wcKeypair: { publicKey: publicKey, privateKey: privateKey }
      , meta: {
          alg: alg
        , name: wcOpts.name
        , hash: wcOpts.hash
        }
      , jwk: jwk
      };
    }
    if (!priv) {
      return give();
    }
    return window.crypto.subtle.importKey(
      "jwk"
    , priv
    , wcOpts
    , extractable
    , [ "sign"/*, "verify"*/ ]
    ).then(give);
  });
 };
 BACME._sign = function (opts) {
  var wcPrivKey = opts.abstractKey.wcKeypair.privateKey;
  var wcOpts = opts.abstractKey.meta;
  var alg = opts.abstractKey.meta.alg; // I think the 256 refers to the hash
  var signHash;
  console.log('kty', opts.abstractKey.jwk.kty);
  signHash = { name: "SHA-" + alg.replace(/[a-z]+/ig, '') };
  var msg = textEncoder.encode(opts.protected64 + '.' + opts.payload64);
  console.log('msg:', msg);
  return window.crypto.subtle.sign(
    { name: wcOpts.name, hash: signHash }
  , wcPrivKey
  , msg
  ).then(function (signature) {
    //console.log('sig1:', signature);
    //console.log('sig2:', new Uint8Array(signature));
    //console.log('sig3:', Array.prototype.slice.call(new Uint8Array(signature)));
    // convert buffer to urlsafe base64
    var sig64 = btoa(Array.prototype.map.call(new Uint8Array(signature), function (ch) {
      return String.fromCharCode(ch);
    }).join('')).replace(/\+/g, '-').replace(/\//g, '_').replace(/=+$/g, '');
    console.log('[1] URL-safe Base64 Signature:');
    console.log(sig64);
    var signedMsg = {
      protected: opts.protected64
    , payload: opts.payload64
    , signature: sig64
    };
    console.log('Signed Base64 Msg:');
    console.log(JSON.stringify(signedMsg, null, 2));
    return signedMsg;
  });
 };
 // email = john.doe@gmail.com
 // jwk = { ... }
 // agree = true
 BACME.accounts.sign = function (opts) {
  return BACME._importKey(opts.jwk).then(function (abstractKey) {
    var payloadJson =
      { termsOfServiceAgreed: opts.agree
      , onlyReturnExisting: false
      , contact: opts.contacts || [ 'mailto:' + opts.email ]
      };
    console.log('payload:');
    console.log(payloadJson);
    var payload64 = BACME._jsto64(
      payloadJson
    );
    var protectedJson =
      { nonce: opts.nonce
      , url: accountUrl
      , alg: abstractKey.meta.alg
      , jwk: null
      };
    if (/EC/i.test(opts.jwk.kty)) {
      protectedJson.jwk = {
        crv: opts.jwk.crv
      , kty: opts.jwk.kty
      , x: opts.jwk.x
      , y: opts.jwk.y
      };
    } else if (/RS/i.test(opts.jwk.kty)) {
      protectedJson.jwk = {
        e: opts.jwk.e
      , kty: opts.jwk.kty
      , n: opts.jwk.n
      };
    } else {
      return Promise.reject(new Error("[acme.accounts.sign] unsupported key type '" + opts.jwk.kty + "'"));
    }
    console.log('protected:');
    console.log(protectedJson);
    var protected64 = BACME._jsto64(
      protectedJson
    );
    // Note: this function hashes before signing so send data, not the hash
    return BACME._sign({
      abstractKey: abstractKey
    , payload64: payload64
    , protected64: protected64
    });
  });
 };
 var accountId;
 BACME.accounts.set = function (opts) {
  nonce = null;
  return window.fetch(accountUrl, {
    mode: 'cors'
  , method: 'POST'
  , headers: { 'Content-Type': 'application/jose+json' }
  , body: JSON.stringify(opts.signedAccount)
  }).then(function (resp) {
    BACME._logHeaders(resp);
    nonce = resp.headers.get('replay-nonce');
    accountId = resp.headers.get('location');
    console.log('Next nonce:', nonce);
    console.log('Location/kid:', accountId);
    if (!resp.headers.get('content-type')) {
     console.log('Body: <none>');
     return { kid: accountId };
    }
    return resp.json().then(function (result) {
      if (/^Error/i.test(result.detail)) {
        return Promise.reject(new Error(result.detail));
      }
      result.kid = accountId;
      BACME._logBody(result);
      return result;
    });
  });
 };
 var orderUrl;
 BACME.orders = {};
 // identifiers = [ { type: 'dns', value: 'example.com' }, { type: 'dns', value: '*.example.com' } ]
 // signedAccount
 BACME.orders.sign = function (opts) {
  var payload64 = BACME._jsto64({ identifiers: opts.identifiers });
  return BACME._importKey(opts.jwk).then(function (abstractKey) {
    var protected64 = BACME._jsto64(
      { nonce: nonce, alg: abstractKey.meta.alg/*'ES256'*/, url: orderUrl, kid: opts.kid }
    );
    console.log('abstractKey:');
    console.log(abstractKey);
    return BACME._sign({
      abstractKey: abstractKey
    , payload64: payload64
    , protected64: protected64
    }).then(function (sig) {
      if (!sig) {
        throw new Error('sig is undefined... nonsense!');
      }
      console.log('newsig', sig);
      return sig;
    });
  });
 };
 var currentOrderUrl;
 var authorizationUrls;
 var finalizeUrl;
 BACME.orders.create = function (opts) {
  nonce = null;
  return window.fetch(orderUrl, {
    mode: 'cors'
  , method: 'POST'
  , headers: { 'Content-Type': 'application/jose+json' }
  , body: JSON.stringify(opts.signedOrder)
  }).then(function (resp) {
    BACME._logHeaders(resp);
    currentOrderUrl = resp.headers.get('location');
    nonce = resp.headers.get('replay-nonce');
    console.log('Next nonce:', nonce);
    return resp.json().then(function (result) {
      if (/^Error/i.test(result.detail)) {
        return Promise.reject(new Error(result.detail));
      }
      authorizationUrls = result.authorizations;
      finalizeUrl = result.finalize;
      BACME._logBody(result);
      result.url = currentOrderUrl;
      return result;
    });
  });
 };
 BACME.challenges = {};
 BACME.challenges.all = function () {
  var challenges = [];
  function next() {
    if (!authorizationUrls.length) {
      return challenges;
    }
    return BACME.challenges.view().then(function (challenge) {
      challenges.push(challenge);
      return next();
    });
  }
  return next();
 };
 BACME.challenges.view = function () {
  var authzUrl = authorizationUrls.pop();
  var token;
  var challengeDomain;
  var challengeUrl;
  return window.fetch(authzUrl, {
    mode: 'cors'
  }).then(function (resp) {
    BACME._logHeaders(resp);
    return resp.json().then(function (result) {
      // Note: select the challenge you wish to use
      var challenge = result.challenges.slice(0).pop();
      token = challenge.token;
      challengeUrl = challenge.url;
      challengeDomain = result.identifier.value;
      BACME._logBody(result);
      return {
        challenges: result.challenges
      , expires: result.expires
      , identifier: result.identifier
      , status: result.status
      , wildcard: result.wildcard
      //, token: challenge.token
      //, url: challenge.url
      //, domain: result.identifier.value,
      };
    });
  });
 };
 var thumbprint;
 var keyAuth;
 var httpPath;
 var dnsAuth;
 var dnsRecord;
 BACME.thumbprint = function (opts) {
  // https://stackoverflow.com/questions/42588786/how-to-fingerprint-a-jwk
  var accountJwk = opts.jwk;
  var keys;
  if (/^EC/i.test(opts.jwk.kty)) {
    keys = [ 'crv', 'kty', 'x', 'y' ];
  } else if (/^RS/i.test(opts.jwk.kty)) {
    keys = [ 'e', 'kty', 'n' ];
  }
  var accountPublicStr = '{' + keys.map(function (key) {
    return '"' + key + '":"' + accountJwk[key] + '"';
  }).join(',') + '}';
  return window.crypto.subtle.digest(
    { name: "SHA-256" } // SHA-256 is spec'd, non-optional
  , textEncoder.encode(accountPublicStr)
  ).then(function (hash) {
    thumbprint = btoa(Array.prototype.map.call(new Uint8Array(hash), function (ch) {
      return String.fromCharCode(ch);
    }).join('')).replace(/\+/g, '-').replace(/\//g, '_').replace(/=+$/g, '');
    console.log('Thumbprint:');
    console.log(opts);
    console.log(accountPublicStr);
    console.log(thumbprint);
    return thumbprint;
  });
 };
 // { token, thumbprint, challengeDomain }
 BACME.challenges['http-01'] = function (opts) {
  // The contents of the key authorization file
  keyAuth = opts.token + '.' + opts.thumbprint;
  // Where the key authorization file goes
  httpPath = 'http://' + opts.challengeDomain + '/.well-known/acme-challenge/' + opts.token;
  console.log("echo '" + keyAuth + "' > '" + httpPath + "'");
  return {
    path: httpPath
  , value: keyAuth
  };
 };
 // { keyAuth }
 BACME.challenges['dns-01'] = function (opts) {
  console.log('opts.keyAuth for DNS:');
  console.log(opts.keyAuth);
  return window.crypto.subtle.digest(
    { name: "SHA-256", }
  , textEncoder.encode(opts.keyAuth)
  ).then(function (hash) {
    dnsAuth = btoa(Array.prototype.map.call(new Uint8Array(hash), function (ch) {
      return String.fromCharCode(ch);
    }).join('')).replace(/\+/g, '-').replace(/\//g, '_').replace(/=+$/g, '');
    dnsRecord = '_acme-challenge.' + opts.challengeDomain;
    console.log('DNS TXT Auth:');
    // The name of the record
    console.log(dnsRecord);
    // The TXT record value
    console.log(dnsAuth);
    return {
      type: 'TXT'
    , host: dnsRecord
    , answer: dnsAuth
    };
  });
 };
 var challengePollUrl;
 // { jwk, challengeUrl, accountId (kid) }
 BACME.challenges.accept = function (opts) {
  var payload64 = BACME._jsto64({});
  return BACME._importKey(opts.jwk).then(function (abstractKey) {
    var protected64 = BACME._jsto64(
      { nonce: nonce, alg: abstractKey.meta.alg/*'ES256'*/, url: opts.challengeUrl, kid: opts.accountId }
    );
    return BACME._sign({
      abstractKey: abstractKey
    , payload64: payload64
    , protected64: protected64
    });
  }).then(function (signedAccept) {
    nonce = null;
    return window.fetch(
      opts.challengeUrl
    , { mode: 'cors'
      , method: 'POST'
      , headers: { 'Content-Type': 'application/jose+json' }
      , body: JSON.stringify(signedAccept)
      }
    ).then(function (resp) {
      BACME._logHeaders(resp);
      nonce = resp.headers.get('replay-nonce');
      console.log("ACCEPT NONCE:", nonce);
      return resp.json().then(function (reply) {
        challengePollUrl = reply.url;
        console.log('Challenge ACK:');
        console.log(JSON.stringify(reply));
        return reply;
      });
    });
  });
 };
 BACME.challenges.check = function (opts) {
  return window.fetch(opts.challengePollUrl, { mode: 'cors' }).then(function (resp) {
    BACME._logHeaders(resp);
    return resp.json().then(function (reply) {
      if (/error/.test(reply.type)) {
        return Promise.reject(new Error(reply.detail || reply.type));
      }
      challengePollUrl = reply.url;
      BACME._logBody(reply);
      return reply;
    });
  });
 };
 var domainKeypair;
 var domainJwk;
 BACME.generateKeypair = function (opts) {
  var wcOpts = {};
  // ECDSA has only the P curves and an associated bitlength
  if (/^EC/i.test(opts.type)) {
    wcOpts.name = 'ECDSA';
    if (/256/.test(opts.bitlength)) {
      wcOpts.namedCurve = 'P-256';
    }
  }
  // RSA-PSS is another option, but I don't think it's used for Let's Encrypt
  // I think the hash is only necessary for signing, not generation or import
  if (/^RS/i.test(opts.type)) {
    wcOpts.name = 'RSASSA-PKCS1-v1_5';
    wcOpts.modulusLength = opts.bitlength;
    if (opts.bitlength < 2048) {
      wcOpts.modulusLength = opts.bitlength * 8;
    }
    wcOpts.publicExponent = new Uint8Array([0x01, 0x00, 0x01]);
    wcOpts.hash = { name: "SHA-256" };
  }
  var extractable = true;
  return window.crypto.subtle.generateKey(
    wcOpts
  , extractable
  , [ 'sign', 'verify' ]
  );
 };
 BACME.domains = {};
 // TODO factor out from BACME.accounts.generateKeypair even more
 BACME.domains.generateKeypair = function (opts) {
  return BACME.generateKeypair(opts).then(function (result) {
    domainKeypair = result;
    return window.crypto.subtle.exportKey(
      "jwk"
    , result.privateKey
    ).then(function (privJwk) {
      domainJwk = privJwk;
      console.log('private jwk:');
      console.log(JSON.stringify(privJwk, null, 2));
      return privJwk;
    });
  });
 };
 // { serverJwk, domains }
 BACME.orders.generateCsr = function (opts) {
  return BACME._importKey(opts.serverJwk).then(function (abstractKey) {
    return Promise.resolve(CSR.generate({ keypair: abstractKey.wcKeypair, domains: opts.domains }));
  });
 };
 var certificateUrl;
 // { csr, jwk, finalizeUrl, accountId }
 BACME.orders.finalize = function (opts) {
  var payload64 = BACME._jsto64(
    { csr: opts.csr }
  );
  return BACME._importKey(opts.jwk).then(function (abstractKey) {
    var protected64 = BACME._jsto64(
      { nonce: nonce, alg: abstractKey.meta.alg/*'ES256'*/, url: opts.finalizeUrl, kid: opts.accountId }
    );
    return BACME._sign({
      abstractKey: abstractKey
    , payload64: payload64
    , protected64: protected64
    });
  }).then(function (signedFinal) {
    nonce = null;
    return window.fetch(
      opts.finalizeUrl
    , { mode: 'cors'
      , method: 'POST'
      , headers: { 'Content-Type': 'application/jose+json' }
      , body: JSON.stringify(signedFinal)
      }
    ).then(function (resp) {
      BACME._logHeaders(resp);
      nonce = resp.headers.get('replay-nonce');
      return resp.json().then(function (reply) {
        if (/error/.test(reply.type)) {
          return Promise.reject(new Error(reply.detail || reply.type));
        }
        certificateUrl = reply.certificate;
        BACME._logBody(reply);
        return reply;
      });
    });
  });
 };
 BACME.orders.receive = function (opts) {
  return window.fetch(
    opts.certificateUrl
  , { mode: 'cors'
    , method: 'GET'
    }
  ).then(function (resp) {
    BACME._logHeaders(resp);
    nonce = resp.headers.get('replay-nonce');
    return resp.text().then(function (reply) {
      BACME._logBody(reply);
      return reply;
    });
  });
 };
 BACME.orders.check = function (opts) {
  return window.fetch(
    opts.orderUrl
  , { mode: 'cors'
    , method: 'GET'
    }
  ).then(function (resp) {
    BACME._logHeaders(resp);
    return resp.json().then(function (reply) {
      if (/error/.test(reply.type)) {
        return Promise.reject(new Error(reply.detail || reply.type));
      }
      BACME._logBody(reply);
      return reply;
    });
  });
 };
 }(window));
--- a/lib/bluecrypt-encoding.js
+++ b/lib/bluecrypt-encoding.js
--- a/lib/keypairs.js.min2
+++ b/lib/keypairs.js.min2
@ -1,86 +0,0 @@
 /*global Promise*/
 (function (exports) {
 'use strict';
 var Keypairs = exports.Keypairs = {};
 Keypairs._stance = "We take the stance that if you're knowledgeable enough to"
  + " properly and securely use non-standard crypto then you shouldn't need Bluecrypt anyway.";
 Keypairs._universal = "Bluecrypt only supports crypto with standard cross-browser and cross-platform support.";
 Keypairs.generate = function (opts) {
  var wcOpts = {};
  if (!opts) {
    opts = {};
  }
  if (!opts.kty) {
    opts.kty = 'EC';
  }
  // ECDSA has only the P curves and an associated bitlength
  if (/^EC/i.test(opts.kty)) {
    wcOpts.name = 'ECDSA';
    if (!opts.namedCurve) {
      opts.namedCurve = 'P-256';
    }
    wcOpts.namedCurve = opts.namedCurve; // true for supported curves
    if (/256/.test(wcOpts.namedCurve)) {
      wcOpts.namedCurve = 'P-256';
      wcOpts.hash = { name: "SHA-256" };
    } else if (/384/.test(wcOpts.namedCurve)) {
      wcOpts.namedCurve = 'P-384';
      wcOpts.hash = { name: "SHA-384" };
    } else {
      return Promise.Reject(new Error("'" + wcOpts.namedCurve + "' is not an NIST approved ECDSA namedCurve. "
        + " Please choose either 'P-256' or 'P-384'. "
        + Keypairs._stance));
    }
  } else if (/^RSA$/i.test(opts.kty)) {
    // Support PSS? I don't think it's used for Let's Encrypt
    wcOpts.name = 'RSASSA-PKCS1-v1_5';
    if (!opts.modulusLength) {
      opts.modulusLength = 2048;
    }
    wcOpts.modulusLength = opts.modulusLength;
    if (wcOpts.modulusLength >= 2048 && wcOpts.modulusLength < 3072) {
      // erring on the small side... for no good reason
      wcOpts.hash = { name: "SHA-256" };
    } else if (wcOpts.modulusLength >= 3072 && wcOpts.modulusLength < 4096) {
      wcOpts.hash = { name: "SHA-384" };
    } else if (wcOpts.modulusLength < 4097) {
      wcOpts.hash = { name: "SHA-512" };
    } else {
      // Public key thumbprints should be paired with a hash of similar length,
      // so anything above SHA-512's keyspace would be left under-represented anyway.
      return Promise.Reject(new Error("'" + wcOpts.modulusLength + "' is not within the safe and universally"
        + " acceptable range of 2048-4096. Typically you should pick 2048, 3072, or 4096, though other values"
        + " divisible by 8 are allowed. " + Keypairs._stance));
    }
    // TODO maybe allow this to be set to any of the standard values?
    wcOpts.publicExponent = new Uint8Array([0x01, 0x00, 0x01]);
  } else {
    return Promise.Reject(new Error("'" + opts.kty + "' is not a well-supported key type."
      + Keypairs._universal
      + " Please choose either 'EC' or 'RSA' keys."));
  }
  var extractable = true;
  return window.crypto.subtle.generateKey(
    wcOpts
  , extractable
  , [ 'sign', 'verify' ]
  ).then(function (result) {
    return window.crypto.subtle.exportKey(
      "jwk"
    , result.privateKey
    ).then(function (privJwk) {
      // TODO remove
      console.log('private jwk:');
      console.log(JSON.stringify(privJwk, null, 2));
      return {
        privateKey: privJwk
      };
    });
  });
 };
 }(window));