coolaj86
/
acme.js
mirror of https://github.com/therootcompany/acme.js.git
1
0
Fork 0
Code Issues 1 Projects Releases Wiki Activity

make Prettier

This commit is contained in:
AJ ONeal 2019-10-02 15:04:54 -06:00
parent 87a12c36b0
commit 6c11446e2f
14 changed files with 3452 additions and 2548 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -1,3 +1,4 @@
dist/
*.gz *.gz
.*.sw* .*.sw*
.ignore .ignore

8
.prettierrc Normal file
View File

@ -0,0 +1,8 @@
{
"bracketSpacing": true,
"printWidth": 80,
"singleQuote": true,
"tabWidth": 4,
"trailingComma": "none",
"useTabs": true
}

60
bin/bundle.js Normal file
View File

@ -0,0 +1,60 @@
#!/usr/bin/env node
(async function() {
'use strict';
var UglifyJS = require('uglify-js');
var path = require('path');
var fs = require('fs');
var promisify = require('util').promisify;
var readFile = promisify(fs.readFile);
var writeFile = promisify(fs.writeFile);
var gzip = promisify(require('zlib').gzip);
// The order is specific, and it matters
var files = await Promise.all(
[
'../lib/encoding.js',
'../lib/asn1-packer.js',
'../lib/x509.js',
'../lib/ecdsa.js',
'../lib/rsa.js',
'../lib/keypairs.js',
'../lib/asn1-parser.js',
'../lib/csr.js',
'../lib/acme.js'
].map(async function(file) {
return (await readFile(path.join(__dirname, file), 'utf8')).trim();
})
);
var header =
[
'// Copyright 2015-2019 AJ ONeal. All rights reserved',
'/* This Source Code Form is subject to the terms of the Mozilla Public',
' * License, v. 2.0. If a copy of the MPL was not distributed with this',
' * file, You can obtain one at http://mozilla.org/MPL/2.0/. */'
].join('\n') + '\n';
var file = header + files.join('\n') + '\n';
await writeFile(path.join(__dirname, '../dist', 'acme.js'), file);
await writeFile(
path.join(__dirname, '../dist', 'acme.js.gz'),
await gzip(file)
);
// TODO source maps?
var result = UglifyJS.minify(file, {
compress: true,
// mangling doesn't save significant
mangle: false
});
if (result.error) {
throw result.error;
}
file = header + result.code;
await writeFile(path.join(__dirname, '../dist', 'acme.min.js'), file);
await writeFile(
path.join(__dirname, '../dist', 'acme.min.js.gz'),
await gzip(file)
);
})();

2324
lib/acme.js
View File

File diff suppressed because it is too large Load Diff

238
lib/asn1-packer.js
View File

@ -1,127 +1,147 @@
;(function (exports) { (function(exports) {
'use strict'; 'use strict';
if (!exports.ASN1) { exports.ASN1 = {}; } if (!exports.ASN1) {
if (!exports.Enc) { exports.Enc = {}; } exports.ASN1 = {};
if (!exports.PEM) { exports.PEM = {}; } }
if (!exports.Enc) {
exports.Enc = {};
}
if (!exports.PEM) {
exports.PEM = {};
}
var ASN1 = exports.ASN1; var ASN1 = exports.ASN1;
var Enc = exports.Enc; var Enc = exports.Enc;
var PEM = exports.PEM; var PEM = exports.PEM;
// //
// Packer // Packer
// //
// Almost every ASN.1 type that's important for CSR // Almost every ASN.1 type that's important for CSR
// can be represented generically with only a few rules. // can be represented generically with only a few rules.
exports.ASN1 = function ASN1(/*type, hexstrings...*/) { exports.ASN1 = function ASN1(/*type, hexstrings...*/) {
var args = Array.prototype.slice.call(arguments); var args = Array.prototype.slice.call(arguments);
var typ = args.shift(); var typ = args.shift();
var str = args.join('').replace(/\s+/g, '').toLowerCase(); var str = args
var len = (str.length/2); .join('')
var lenlen = 0; .replace(/\s+/g, '')
var hex = typ; .toLowerCase();
var len = str.length / 2;
var lenlen = 0;
var hex = typ;
// We can't have an odd number of hex chars // We can't have an odd number of hex chars
if (len !== Math.round(len)) { if (len !== Math.round(len)) {
throw new Error("invalid hex"); throw new Error('invalid hex');
} }
// The first byte of any ASN.1 sequence is the type (Sequence, Integer, etc) // The first byte of any ASN.1 sequence is the type (Sequence, Integer, etc)
// The second byte is either the size of the value, or the size of its size // The second byte is either the size of the value, or the size of its size
// 1. If the second byte is < 0x80 (128) it is considered the size // 1. If the second byte is < 0x80 (128) it is considered the size
// 2. If it is > 0x80 then it describes the number of bytes of the size // 2. If it is > 0x80 then it describes the number of bytes of the size
// ex: 0x82 means the next 2 bytes describe the size of the value // ex: 0x82 means the next 2 bytes describe the size of the value
// 3. The special case of exactly 0x80 is "indefinite" length (to end-of-file) // 3. The special case of exactly 0x80 is "indefinite" length (to end-of-file)
if (len > 127) { if (len > 127) {
lenlen += 1; lenlen += 1;
while (len > 255) { while (len > 255) {
lenlen += 1; lenlen += 1;
len = len >> 8; len = len >> 8;
} }
} }
if (lenlen) { hex += Enc.numToHex(0x80 + lenlen); } if (lenlen) {
return hex + Enc.numToHex(str.length/2) + str; hex += Enc.numToHex(0x80 + lenlen);
}; }
return hex + Enc.numToHex(str.length / 2) + str;
};
// The Integer type has some special rules // The Integer type has some special rules
ASN1.UInt = function UINT() { ASN1.UInt = function UINT() {
var str = Array.prototype.slice.call(arguments).join(''); var str = Array.prototype.slice.call(arguments).join('');
var first = parseInt(str.slice(0, 2), 16); var first = parseInt(str.slice(0, 2), 16);
// If the first byte is 0x80 or greater, the number is considered negative // If the first byte is 0x80 or greater, the number is considered negative
// Therefore we add a '00' prefix if the 0x80 bit is set // Therefore we add a '00' prefix if the 0x80 bit is set
if (0x80 & first) { str = '00' + str; } if (0x80 & first) {
str = '00' + str;
}
return ASN1('02', str); return ASN1('02', str);
}; };
// The Bit String type also has a special rule // The Bit String type also has a special rule
ASN1.BitStr = function BITSTR() { ASN1.BitStr = function BITSTR() {
var str = Array.prototype.slice.call(arguments).join(''); var str = Array.prototype.slice.call(arguments).join('');
// '00' is a mask of how many bits of the next byte to ignore // '00' is a mask of how many bits of the next byte to ignore
return ASN1('03', '00' + str); return ASN1('03', '00' + str);
}; };
ASN1.pack = function (arr) { ASN1.pack = function(arr) {
var typ = Enc.numToHex(arr[0]); var typ = Enc.numToHex(arr[0]);
var str = ''; var str = '';
if (Array.isArray(arr[1])) { if (Array.isArray(arr[1])) {
arr[1].forEach(function (a) { arr[1].forEach(function(a) {
str += ASN1.pack(a); str += ASN1.pack(a);
}); });
} else if ('string' === typeof arr[1]) { } else if ('string' === typeof arr[1]) {
str = arr[1]; str = arr[1];
} else { } else {
throw new Error("unexpected array"); throw new Error('unexpected array');
} }
if ('03' === typ) { if ('03' === typ) {
return ASN1.BitStr(str); return ASN1.BitStr(str);
} else if ('02' === typ) { } else if ('02' === typ) {
return ASN1.UInt(str); return ASN1.UInt(str);
} else { } else {
return ASN1(typ, str); return ASN1(typ, str);
} }
}; };
Object.keys(ASN1).forEach(function (k) { Object.keys(ASN1).forEach(function(k) {
exports.ASN1[k] = ASN1[k]; exports.ASN1[k] = ASN1[k];
}); });
ASN1 = exports.ASN1; ASN1 = exports.ASN1;
PEM.packBlock = function (opts) { PEM.packBlock = function(opts) {
// TODO allow for headers? // TODO allow for headers?
return '-----BEGIN ' + opts.type + '-----\n' return (
+ Enc.bufToBase64(opts.bytes).match(/.{1,64}/g).join('\n') + '\n' '-----BEGIN ' +
+ '-----END ' + opts.type + '-----' opts.type +
; '-----\n' +
}; Enc.bufToBase64(opts.bytes)
.match(/.{1,64}/g)
.join('\n') +
'\n' +
'-----END ' +
opts.type +
'-----'
);
};
Enc.bufToBase64 = function (u8) { Enc.bufToBase64 = function(u8) {
var bin = ''; var bin = '';
u8.forEach(function (i) { u8.forEach(function(i) {
bin += String.fromCharCode(i); bin += String.fromCharCode(i);
}); });
return btoa(bin); return btoa(bin);
}; };
Enc.hexToBuf = function (hex) { Enc.hexToBuf = function(hex) {
var arr = []; var arr = [];
hex.match(/.{2}/g).forEach(function (h) { hex.match(/.{2}/g).forEach(function(h) {
arr.push(parseInt(h, 16)); arr.push(parseInt(h, 16));
}); });
return 'undefined' !== typeof Uint8Array ? new Uint8Array(arr) : arr; return 'undefined' !== typeof Uint8Array ? new Uint8Array(arr) : arr;
}; };
Enc.numToHex = function (d) { Enc.numToHex = function(d) {
d = d.toString(16); d = d.toString(16);
if (d.length % 2) { if (d.length % 2) {
return '0' + d; return '0' + d;
} }
return d; return d;
}; };
})('undefined' !== typeof window ? window : module.exports);
}('undefined' !== typeof window ? window : module.exports));

339
lib/asn1-parser.js
View File

@ -2,160 +2,221 @@
/* This Source Code Form is subject to the terms of the Mozilla Public /* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this * License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
;(function (exports) { (function(exports) {
'use strict'; 'use strict';
if (!exports.ASN1) { exports.ASN1 = {}; } if (!exports.ASN1) {
if (!exports.Enc) { exports.Enc = {}; } exports.ASN1 = {};
if (!exports.PEM) { exports.PEM = {}; } }
if (!exports.Enc) {
exports.Enc = {};
}
if (!exports.PEM) {
exports.PEM = {};
}
var ASN1 = exports.ASN1; var ASN1 = exports.ASN1;
var Enc = exports.Enc; var Enc = exports.Enc;
var PEM = exports.PEM; var PEM = exports.PEM;
// //
// Parser // Parser
// //
// Although I've only seen 9 max in https certificates themselves, // Although I've only seen 9 max in https certificates themselves,
// but each domain list could have up to 100 // but each domain list could have up to 100
ASN1.ELOOPN = 102; ASN1.ELOOPN = 102;
ASN1.ELOOP = "uASN1.js Error: iterated over " + ASN1.ELOOPN + "+ elements (probably a malformed file)"; ASN1.ELOOP =
// I've seen https certificates go 29 deep 'uASN1.js Error: iterated over ' +
ASN1.EDEEPN = 60; ASN1.ELOOPN +
ASN1.EDEEP = "uASN1.js Error: element nested " + ASN1.EDEEPN + "+ layers deep (probably a malformed file)"; '+ elements (probably a malformed file)';
// Container Types are Sequence 0x30, Container Array? (0xA0, 0xA1) // I've seen https certificates go 29 deep
// Value Types are Boolean 0x01, Integer 0x02, Null 0x05, Object ID 0x06, String 0x0C, 0x16, 0x13, 0x1e Value Array? (0x82) ASN1.EDEEPN = 60;
// Bit String (0x03) and Octet String (0x04) may be values or containers ASN1.EDEEP =
// Sometimes Bit String is used as a container (RSA Pub Spki) 'uASN1.js Error: element nested ' +
ASN1.CTYPES = [ 0x30, 0x31, 0xa0, 0xa1 ]; ASN1.EDEEPN +
ASN1.VTYPES = [ 0x01, 0x02, 0x05, 0x06, 0x0c, 0x82 ]; '+ layers deep (probably a malformed file)';
ASN1.parse = function parseAsn1Helper(buf) { // Container Types are Sequence 0x30, Container Array? (0xA0, 0xA1)
//var ws = ' '; // Value Types are Boolean 0x01, Integer 0x02, Null 0x05, Object ID 0x06, String 0x0C, 0x16, 0x13, 0x1e Value Array? (0x82)
function parseAsn1(buf, depth, eager) { // Bit String (0x03) and Octet String (0x04) may be values or containers
if (depth.length >= ASN1.EDEEPN) { throw new Error(ASN1.EDEEP); } // Sometimes Bit String is used as a container (RSA Pub Spki)
ASN1.CTYPES = [0x30, 0x31, 0xa0, 0xa1];
ASN1.VTYPES = [0x01, 0x02, 0x05, 0x06, 0x0c, 0x82];
ASN1.parse = function parseAsn1Helper(buf) {
//var ws = ' ';
function parseAsn1(buf, depth, eager) {
if (depth.length >= ASN1.EDEEPN) {
throw new Error(ASN1.EDEEP);
}
var index = 2; // we know, at minimum, data starts after type (0) and lengthSize (1) var index = 2; // we know, at minimum, data starts after type (0) and lengthSize (1)
var asn1 = { type: buf[0], lengthSize: 0, length: buf[1] }; var asn1 = { type: buf[0], lengthSize: 0, length: buf[1] };
var child; var child;
var iters = 0; var iters = 0;
var adjust = 0; var adjust = 0;
var adjustedLen; var adjustedLen;
// Determine how many bytes the length uses, and what it is // Determine how many bytes the length uses, and what it is
if (0x80 & asn1.length) { if (0x80 & asn1.length) {
asn1.lengthSize = 0x7f & asn1.length; asn1.lengthSize = 0x7f & asn1.length;
// I think that buf->hex->int solves the problem of Endianness... not sure // I think that buf->hex->int solves the problem of Endianness... not sure
asn1.length = parseInt(Enc.bufToHex(buf.slice(index, index + asn1.lengthSize)), 16); asn1.length = parseInt(
index += asn1.lengthSize; Enc.bufToHex(buf.slice(index, index + asn1.lengthSize)),
} 16
);
index += asn1.lengthSize;
}
// High-order bit Integers have a leading 0x00 to signify that they are positive. // High-order bit Integers have a leading 0x00 to signify that they are positive.
// Bit Streams use the first byte to signify padding, which x.509 doesn't use. // Bit Streams use the first byte to signify padding, which x.509 doesn't use.
if (0x00 === buf[index] && (0x02 === asn1.type || 0x03 === asn1.type)) { if (
// However, 0x00 on its own is a valid number 0x00 === buf[index] &&
if (asn1.length > 1) { (0x02 === asn1.type || 0x03 === asn1.type)
index += 1; ) {
adjust = -1; // However, 0x00 on its own is a valid number
} if (asn1.length > 1) {
} index += 1;
adjustedLen = asn1.length + adjust; adjust = -1;
}
}
adjustedLen = asn1.length + adjust;
//console.warn(depth.join(ws) + '0x' + Enc.numToHex(asn1.type), index, 'len:', asn1.length, asn1); //console.warn(depth.join(ws) + '0x' + Enc.numToHex(asn1.type), index, 'len:', asn1.length, asn1);
function parseChildren(eager) { function parseChildren(eager) {
asn1.children = []; asn1.children = [];
//console.warn('1 len:', (2 + asn1.lengthSize + asn1.length), 'idx:', index, 'clen:', 0); //console.warn('1 len:', (2 + asn1.lengthSize + asn1.length), 'idx:', index, 'clen:', 0);
while (iters < ASN1.ELOOPN && index < (2 + asn1.length + asn1.lengthSize)) { while (
iters += 1; iters < ASN1.ELOOPN &&
depth.length += 1; index < 2 + asn1.length + asn1.lengthSize
child = parseAsn1(buf.slice(index, index + adjustedLen), depth, eager); ) {
depth.length -= 1; iters += 1;
// The numbers don't match up exactly and I don't remember why... depth.length += 1;
// probably something with adjustedLen or some such, but the tests pass child = parseAsn1(
index += (2 + child.lengthSize + child.length); buf.slice(index, index + adjustedLen),
//console.warn('2 len:', (2 + asn1.lengthSize + asn1.length), 'idx:', index, 'clen:', (2 + child.lengthSize + child.length)); depth,
if (index > (2 + asn1.lengthSize + asn1.length)) { eager
if (!eager) { console.error(JSON.stringify(asn1, ASN1._replacer, 2)); } );
throw new Error("Parse error: child value length (" + child.length depth.length -= 1;
+ ") is greater than remaining parent length (" + (asn1.length - index) // The numbers don't match up exactly and I don't remember why...
+ " = " + asn1.length + " - " + index + ")"); // probably something with adjustedLen or some such, but the tests pass
} index += 2 + child.lengthSize + child.length;
asn1.children.push(child); //console.warn('2 len:', (2 + asn1.lengthSize + asn1.length), 'idx:', index, 'clen:', (2 + child.lengthSize + child.length));
//console.warn(depth.join(ws) + '0x' + Enc.numToHex(asn1.type), index, 'len:', asn1.length, asn1); if (index > 2 + asn1.lengthSize + asn1.length) {
} if (!eager) {
if (index !== (2 + asn1.lengthSize + asn1.length)) { console.error(
//console.warn('index:', index, 'length:', (2 + asn1.lengthSize + asn1.length)); JSON.stringify(asn1, ASN1._replacer, 2)
throw new Error("premature end-of-file"); );
} }
if (iters >= ASN1.ELOOPN) { throw new Error(ASN1.ELOOP); } throw new Error(
'Parse error: child value length (' +
child.length +
') is greater than remaining parent length (' +
(asn1.length - index) +
' = ' +
asn1.length +
' - ' +
index +
')'
);
}
asn1.children.push(child);
//console.warn(depth.join(ws) + '0x' + Enc.numToHex(asn1.type), index, 'len:', asn1.length, asn1);
}
if (index !== 2 + asn1.lengthSize + asn1.length) {
//console.warn('index:', index, 'length:', (2 + asn1.lengthSize + asn1.length));
throw new Error('premature end-of-file');
}
if (iters >= ASN1.ELOOPN) {
throw new Error(ASN1.ELOOP);
}
delete asn1.value; delete asn1.value;
return asn1; return asn1;
} }
// Recurse into types that are _always_ containers // Recurse into types that are _always_ containers
if (-1 !== ASN1.CTYPES.indexOf(asn1.type)) { return parseChildren(eager); } if (-1 !== ASN1.CTYPES.indexOf(asn1.type)) {
return parseChildren(eager);
}
// Return types that are _always_ values // Return types that are _always_ values
asn1.value = buf.slice(index, index + adjustedLen); asn1.value = buf.slice(index, index + adjustedLen);
if (-1 !== ASN1.VTYPES.indexOf(asn1.type)) { return asn1; } if (-1 !== ASN1.VTYPES.indexOf(asn1.type)) {
return asn1;
}
// For ambigious / unknown types, recurse and return on failure // For ambigious / unknown types, recurse and return on failure
// (and return child array size to zero) // (and return child array size to zero)
try { return parseChildren(true); } try {
catch(e) { asn1.children.length = 0; return asn1; } return parseChildren(true);
} } catch (e) {
asn1.children.length = 0;
return asn1;
}
}
var asn1 = parseAsn1(buf, []); var asn1 = parseAsn1(buf, []);
var len = buf.byteLength || buf.length; var len = buf.byteLength || buf.length;
if (len !== 2 + asn1.lengthSize + asn1.length) { if (len !== 2 + asn1.lengthSize + asn1.length) {
throw new Error("Length of buffer does not match length of ASN.1 sequence."); throw new Error(
} 'Length of buffer does not match length of ASN.1 sequence.'
return asn1; );
}; }
ASN1._replacer = function (k, v) { return asn1;
if ('type' === k) { return '0x' + Enc.numToHex(v); } };
if (v && 'value' === k) { return '0x' + Enc.bufToHex(v.data || v); } ASN1._replacer = function(k, v) {
return v; if ('type' === k) {
}; return '0x' + Enc.numToHex(v);
}
if (v && 'value' === k) {
return '0x' + Enc.bufToHex(v.data || v);
}
return v;
};
// don't replace the full parseBlock, if it exists // don't replace the full parseBlock, if it exists
PEM.parseBlock = PEM.parseBlock || function (str) { PEM.parseBlock =
var der = str.split(/\n/).filter(function (line) { PEM.parseBlock ||
return !/-----/.test(line); function(str) {
}).join(''); var der = str
return { bytes: Enc.base64ToBuf(der) }; .split(/\n/)
}; .filter(function(line) {
return !/-----/.test(line);
})
.join('');
return { bytes: Enc.base64ToBuf(der) };
};
Enc.base64ToBuf = function (b64) { Enc.base64ToBuf = function(b64) {
return Enc.binToBuf(atob(b64)); return Enc.binToBuf(atob(b64));
}; };
Enc.binToBuf = function (bin) { Enc.binToBuf = function(bin) {
var arr = bin.split('').map(function (ch) { var arr = bin.split('').map(function(ch) {
return ch.charCodeAt(0); return ch.charCodeAt(0);
}); });
return 'undefined' !== typeof Uint8Array ? new Uint8Array(arr) : arr; return 'undefined' !== typeof Uint8Array ? new Uint8Array(arr) : arr;
}; };
Enc.bufToHex = function (u8) { Enc.bufToHex = function(u8) {
var hex = []; var hex = [];
var i, h; var i, h;
var len = (u8.byteLength || u8.length); var len = u8.byteLength || u8.length;
for (i = 0; i < len; i += 1) { for (i = 0; i < len; i += 1) {
h = u8[i].toString(16); h = u8[i].toString(16);
if (h.length % 2) { h = '0' + h; } if (h.length % 2) {
hex.push(h); h = '0' + h;
} }
hex.push(h);
}
return hex.join('').toLowerCase(); return hex.join('').toLowerCase();
}; };
Enc.numToHex = function (d) { Enc.numToHex = function(d) {
d = d.toString(16); d = d.toString(16);
if (d.length % 2) { if (d.length % 2) {
return '0' + d; return '0' + d;
} }
return d; return d;
}; };
})('undefined' !== typeof window ? window : module.exports);
}('undefined' !== typeof window ? window : module.exports));

644
lib/csr.js
View File

@ -2,297 +2,401 @@
/* This Source Code Form is subject to the terms of the Mozilla Public /* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this * License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
(function (exports) { (function(exports) {
'use strict'; 'use strict';
/*global Promise*/ /*global Promise*/
var ASN1 = exports.ASN1; var ASN1 = exports.ASN1;
var Enc = exports.Enc; var Enc = exports.Enc;
var PEM = exports.PEM; var PEM = exports.PEM;
var X509 = exports.x509; var X509 = exports.x509;
var Keypairs = exports.Keypairs; var Keypairs = exports.Keypairs;
// TODO find a way that the prior node-ish way of `module.exports = function () {}` isn't broken // TODO find a way that the prior node-ish way of `module.exports = function () {}` isn't broken
var CSR = exports.CSR = function (opts) { var CSR = (exports.CSR = function(opts) {
// We're using a Promise here to be compatible with the browser version // We're using a Promise here to be compatible with the browser version
// which will probably use the webcrypto API for some of the conversions // which will probably use the webcrypto API for some of the conversions
return CSR._prepare(opts).then(function (opts) { return CSR._prepare(opts).then(function(opts) {
return CSR.create(opts).then(function (bytes) { return CSR.create(opts).then(function(bytes) {
return CSR._encode(opts, bytes); return CSR._encode(opts, bytes);
}); });
}); });
}; });
CSR._prepare = function (opts) { CSR._prepare = function(opts) {
return Promise.resolve().then(function () { return Promise.resolve().then(function() {
var Keypairs; var Keypairs;
opts = JSON.parse(JSON.stringify(opts)); opts = JSON.parse(JSON.stringify(opts));
// We do a bit of extra error checking for user convenience // We do a bit of extra error checking for user convenience
if (!opts) { throw new Error("You must pass options with key and domains to rsacsr"); } if (!opts) {
if (!Array.isArray(opts.domains) || 0 === opts.domains.length) { throw new Error(
new Error("You must pass options.domains as a non-empty array"); 'You must pass options with key and domains to rsacsr'
} );
}
if (!Array.isArray(opts.domains) || 0 === opts.domains.length) {
new Error('You must pass options.domains as a non-empty array');
}
// I need to check that 例.中国 is a valid domain name // I need to check that 例.中国 is a valid domain name
if (!opts.domains.every(function (d) { if (
// allow punycode? xn-- !opts.domains.every(function(d) {
if ('string' === typeof d /*&& /\./.test(d) && !/--/.test(d)*/) { // allow punycode? xn--
return true; if (
} 'string' ===
})) { typeof d /*&& /\./.test(d) && !/--/.test(d)*/
throw new Error("You must pass options.domains as strings"); ) {
} return true;
}
})
) {
throw new Error('You must pass options.domains as strings');
}
if (opts.jwk) { return opts; } if (opts.jwk) {
if (opts.key && opts.key.kty) { return opts;
opts.jwk = opts.key; }
return opts; if (opts.key && opts.key.kty) {
} opts.jwk = opts.key;
if (!opts.pem && !opts.key) { return opts;
throw new Error("You must pass options.key as a JSON web key"); }
} if (!opts.pem && !opts.key) {
throw new Error('You must pass options.key as a JSON web key');
}
Keypairs = exports.Keypairs; Keypairs = exports.Keypairs;
if (!exports.Keypairs) { if (!exports.Keypairs) {
throw new Error("Keypairs.js is an optional dependency for PEM-to-JWK.\n" throw new Error(
+ "Install it if you'd like to use it:\n" 'Keypairs.js is an optional dependency for PEM-to-JWK.\n' +
+ "\tnpm install --save rasha\n" "Install it if you'd like to use it:\n" +
+ "Otherwise supply a jwk as the private key." '\tnpm install --save rasha\n' +
); 'Otherwise supply a jwk as the private key.'
} );
}
return Keypairs.import({ pem: opts.pem || opts.key }).then(function (pair) { return Keypairs.import({ pem: opts.pem || opts.key }).then(function(
opts.jwk = pair.private; pair
return opts; ) {
}); opts.jwk = pair.private;
}); return opts;
}; });
});
};
CSR._encode = function (opts, bytes) { CSR._encode = function(opts, bytes) {
if ('der' === (opts.encoding||'').toLowerCase()) { if ('der' === (opts.encoding || '').toLowerCase()) {
return bytes; return bytes;
} }
return PEM.packBlock({ return PEM.packBlock({
type: "CERTIFICATE REQUEST" type: 'CERTIFICATE REQUEST',
, bytes: bytes /* { jwk: jwk, domains: opts.domains } */ bytes: bytes /* { jwk: jwk, domains: opts.domains } */
}); });
}; };
CSR.create = function createCsr(opts) { CSR.create = function createCsr(opts) {
var hex = CSR.request(opts.jwk, opts.domains); var hex = CSR.request(opts.jwk, opts.domains);
return CSR._sign(opts.jwk, hex).then(function (csr) { return CSR._sign(opts.jwk, hex).then(function(csr) {
return Enc.hexToBuf(csr); return Enc.hexToBuf(csr);
}); });
}; };
// //
// EC / RSA // EC / RSA
// //
CSR.request = function createCsrBodyEc(jwk, domains) { CSR.request = function createCsrBodyEc(jwk, domains) {
var asn1pub; var asn1pub;
if (/^EC/i.test(jwk.kty)) { if (/^EC/i.test(jwk.kty)) {
asn1pub = X509.packCsrEcPublicKey(jwk); asn1pub = X509.packCsrEcPublicKey(jwk);
} else { } else {
asn1pub = X509.packCsrRsaPublicKey(jwk); asn1pub = X509.packCsrRsaPublicKey(jwk);
} }
return X509.packCsr(asn1pub, domains); return X509.packCsr(asn1pub, domains);
}; };
CSR._sign = function csrEcSig(jwk, request) { CSR._sign = function csrEcSig(jwk, request) {
// Took some tips from https://gist.github.com/codermapuche/da4f96cdb6d5ff53b7ebc156ec46a10a // Took some tips from https://gist.github.com/codermapuche/da4f96cdb6d5ff53b7ebc156ec46a10a
// TODO will have to convert web ECDSA signatures to PEM ECDSA signatures (but RSA should be the same) // TODO will have to convert web ECDSA signatures to PEM ECDSA signatures (but RSA should be the same)
// TODO have a consistent non-private way to sign // TODO have a consistent non-private way to sign
return Keypairs._sign({ jwk: jwk, format: 'x509' }, Enc.hexToBuf(request)).then(function (sig) { return Keypairs._sign(
return CSR._toDer({ request: request, signature: sig, kty: jwk.kty }); { jwk: jwk, format: 'x509' },
}); Enc.hexToBuf(request)
}; ).then(function(sig) {
return CSR._toDer({
request: request,
signature: sig,
kty: jwk.kty
});
});
};
CSR._toDer = function encode(opts) { CSR._toDer = function encode(opts) {
var sty; var sty;
if (/^EC/i.test(opts.kty)) { if (/^EC/i.test(opts.kty)) {
// 1.2.840.10045.4.3.2 ecdsaWithSHA256 (ANSI X9.62 ECDSA algorithm with SHA256) // 1.2.840.10045.4.3.2 ecdsaWithSHA256 (ANSI X9.62 ECDSA algorithm with SHA256)
sty = ASN1('30', ASN1('06', '2a8648ce3d040302')); sty = ASN1('30', ASN1('06', '2a8648ce3d040302'));
} else { } else {
// 1.2.840.113549.1.1.11 sha256WithRSAEncryption (PKCS #1) // 1.2.840.113549.1.1.11 sha256WithRSAEncryption (PKCS #1)
sty = ASN1('30', ASN1('06', '2a864886f70d01010b'), ASN1('05')); sty = ASN1('30', ASN1('06', '2a864886f70d01010b'), ASN1('05'));
} }
return ASN1('30' return ASN1(
// The Full CSR Request Body '30',
, opts.request // The Full CSR Request Body
// The Signature Type opts.request,
, sty // The Signature Type
// The Signature sty,
, ASN1.BitStr(Enc.bufToHex(opts.signature)) // The Signature
); ASN1.BitStr(Enc.bufToHex(opts.signature))
}; );
};
X509.packCsr = function (asn1pubkey, domains) { X509.packCsr = function(asn1pubkey, domains) {
return ASN1('30' return ASN1(
// Version (0) '30',
, ASN1.UInt('00') // Version (0)
ASN1.UInt('00'),
// 2.5.4.3 commonName (X.520 DN component) // 2.5.4.3 commonName (X.520 DN component)
, ASN1('30', ASN1('31', ASN1('30', ASN1('06', '550403'), ASN1('0c', Enc.utf8ToHex(domains[0]))))) ASN1(
'30',
ASN1(
'31',
ASN1(
'30',
ASN1('06', '550403'),
ASN1('0c', Enc.utf8ToHex(domains[0]))
)
)
),
// Public Key (RSA or EC) // Public Key (RSA or EC)
, asn1pubkey asn1pubkey,
// Request Body // Request Body
, ASN1('a0' ASN1(
, ASN1('30' 'a0',
// 1.2.840.113549.1.9.14 extensionRequest (PKCS #9 via CRMF) ASN1(
, ASN1('06', '2a864886f70d01090e') '30',
, ASN1('31' // 1.2.840.113549.1.9.14 extensionRequest (PKCS #9 via CRMF)
, ASN1('30' ASN1('06', '2a864886f70d01090e'),
, ASN1('30' ASN1(
// 2.5.29.17 subjectAltName (X.509 extension) '31',
, ASN1('06', '551d11') ASN1(
, ASN1('04' '30',
, ASN1('30', domains.map(function (d) { ASN1(
return ASN1('82', Enc.utf8ToHex(d)); '30',
}).join('')))))))) // 2.5.29.17 subjectAltName (X.509 extension)
); ASN1('06', '551d11'),
}; ASN1(
'04',
ASN1(
'30',
domains
.map(function(d) {
return ASN1(
'82',
Enc.utf8ToHex(d)
);
})
.join('')
)
)
)
)
)
)
)
);
};
// TODO finish this later // TODO finish this later
// we want to parse the domains, the public key, and verify the signature // we want to parse the domains, the public key, and verify the signature
CSR._info = function (der) { CSR._info = function(der) {
// standard base64 PEM // standard base64 PEM
if ('string' === typeof der && '-' === der[0]) { if ('string' === typeof der && '-' === der[0]) {
der = PEM.parseBlock(der).bytes; der = PEM.parseBlock(der).bytes;
} }
// jose urlBase64 not-PEM // jose urlBase64 not-PEM
if ('string' === typeof der) { if ('string' === typeof der) {
der = Enc.base64ToBuf(der); der = Enc.base64ToBuf(der);
} }
// not supporting binary-encoded bas64 // not supporting binary-encoded bas64
var c = ASN1.parse(der); var c = ASN1.parse(der);
var kty; var kty;
// A cert has 3 parts: cert, signature meta, signature // A cert has 3 parts: cert, signature meta, signature
if (c.children.length !== 3) { if (c.children.length !== 3) {
throw new Error("doesn't look like a certificate request: expected 3 parts of header"); throw new Error(
} "doesn't look like a certificate request: expected 3 parts of header"
var sig = c.children[2]; );
if (sig.children.length) { }
// ASN1/X509 EC var sig = c.children[2];
sig = sig.children[0]; if (sig.children.length) {
sig = ASN1('30', ASN1.UInt(Enc.bufToHex(sig.children[0].value)), ASN1.UInt(Enc.bufToHex(sig.children[1].value))); // ASN1/X509 EC
sig = Enc.hexToBuf(sig); sig = sig.children[0];
kty = 'EC'; sig = ASN1(
} else { '30',
// Raw RSA Sig ASN1.UInt(Enc.bufToHex(sig.children[0].value)),
sig = sig.value; ASN1.UInt(Enc.bufToHex(sig.children[1].value))
kty = 'RSA'; );
} sig = Enc.hexToBuf(sig);
//c.children[1]; // signature type kty = 'EC';
var req = c.children[0]; } else {
// TODO utf8 // Raw RSA Sig
if (4 !== req.children.length) { sig = sig.value;
throw new Error("doesn't look like a certificate request: expected 4 parts to request"); kty = 'RSA';
} }
// 0 null //c.children[1]; // signature type
// 1 commonName / subject var req = c.children[0];
var sub = Enc.bufToBin(req.children[1].children[0].children[0].children[1].value); // TODO utf8
// 3 public key (type, key) if (4 !== req.children.length) {
//console.log('oid', Enc.bufToHex(req.children[2].children[0].children[0].value)); throw new Error(
var pub; "doesn't look like a certificate request: expected 4 parts to request"
// TODO reuse ASN1 parser for these? );
if ('EC' === kty) { }
// throw away compression byte // 0 null
pub = req.children[2].children[1].value.slice(1); // 1 commonName / subject
pub = { kty: kty, x: pub.slice(0, 32), y: pub.slice(32) }; var sub = Enc.bufToBin(
while (0 === pub.x[0]) { pub.x = pub.x.slice(1); } req.children[1].children[0].children[0].children[1].value
while (0 === pub.y[0]) { pub.y = pub.y.slice(1); } );
if ((pub.x.length || pub.x.byteLength) > 48) { // 3 public key (type, key)
pub.crv = 'P-521'; //console.log('oid', Enc.bufToHex(req.children[2].children[0].children[0].value));
} else if ((pub.x.length || pub.x.byteLength) > 32) { var pub;
pub.crv = 'P-384'; // TODO reuse ASN1 parser for these?
} else { if ('EC' === kty) {
pub.crv = 'P-256'; // throw away compression byte
} pub = req.children[2].children[1].value.slice(1);
pub.x = Enc.bufToUrlBase64(pub.x); pub = { kty: kty, x: pub.slice(0, 32), y: pub.slice(32) };
pub.y = Enc.bufToUrlBase64(pub.y); while (0 === pub.x[0]) {
} else { pub.x = pub.x.slice(1);
pub = req.children[2].children[1].children[0]; }
pub = { kty: kty, n: pub.children[0].value, e: pub.children[1].value }; while (0 === pub.y[0]) {
while (0 === pub.n[0]) { pub.n = pub.n.slice(1); } pub.y = pub.y.slice(1);
while (0 === pub.e[0]) { pub.e = pub.e.slice(1); } }
pub.n = Enc.bufToUrlBase64(pub.n); if ((pub.x.length || pub.x.byteLength) > 48) {
pub.e = Enc.bufToUrlBase64(pub.e); pub.crv = 'P-521';
} } else if ((pub.x.length || pub.x.byteLength) > 32) {
// 4 extensions pub.crv = 'P-384';
var domains = req.children[3].children.filter(function (seq) { } else {
// 1.2.840.113549.1.9.14 extensionRequest (PKCS #9 via CRMF) pub.crv = 'P-256';
if ('2a864886f70d01090e' === Enc.bufToHex(seq.children[0].value)) { }
return true; pub.x = Enc.bufToUrlBase64(pub.x);
} pub.y = Enc.bufToUrlBase64(pub.y);
}).map(function (seq) { } else {
return seq.children[1].children[0].children.filter(function (seq2) { pub = req.children[2].children[1].children[0];
// subjectAltName (X.509 extension) pub = {
if ('551d11' === Enc.bufToHex(seq2.children[0].value)) { kty: kty,
return true; n: pub.children[0].value,
} e: pub.children[1].value
}).map(function (seq2) { };
return seq2.children[1].children[0].children.map(function (name) { while (0 === pub.n[0]) {
// TODO utf8 pub.n = pub.n.slice(1);
return Enc.bufToBin(name.value); }
}); while (0 === pub.e[0]) {
})[0]; pub.e = pub.e.slice(1);
})[0]; }
pub.n = Enc.bufToUrlBase64(pub.n);
pub.e = Enc.bufToUrlBase64(pub.e);
}
// 4 extensions
var domains = req.children[3].children
.filter(function(seq) {
// 1.2.840.113549.1.9.14 extensionRequest (PKCS #9 via CRMF)
if (
'2a864886f70d01090e' === Enc.bufToHex(seq.children[0].value)
) {
return true;
}
})
.map(function(seq) {
return seq.children[1].children[0].children
.filter(function(seq2) {
// subjectAltName (X.509 extension)
if ('551d11' === Enc.bufToHex(seq2.children[0].value)) {
return true;
}
})
.map(function(seq2) {
return seq2.children[1].children[0].children.map(
function(name) {
// TODO utf8
return Enc.bufToBin(name.value);
}
);
})[0];
})[0];
return { return {
subject: sub subject: sub,
, altnames: domains altnames: domains,
, jwk: pub jwk: pub,
, signature: sig signature: sig
}; };
}; };
X509.packCsrRsaPublicKey = function (jwk) { X509.packCsrRsaPublicKey = function(jwk) {
// Sequence the key // Sequence the key
var n = ASN1.UInt(Enc.base64ToHex(jwk.n)); var n = ASN1.UInt(Enc.base64ToHex(jwk.n));
var e = ASN1.UInt(Enc.base64ToHex(jwk.e)); var e = ASN1.UInt(Enc.base64ToHex(jwk.e));
var asn1pub = ASN1('30', n, e); var asn1pub = ASN1('30', n, e);
// Add the CSR pub key header // Add the CSR pub key header
return ASN1('30', ASN1('30', ASN1('06', '2a864886f70d010101'), ASN1('05')), ASN1.BitStr(asn1pub)); return ASN1(
}; '30',
ASN1('30', ASN1('06', '2a864886f70d010101'), ASN1('05')),
ASN1.BitStr(asn1pub)
);
};
X509.packCsrEcPublicKey = function (jwk) { X509.packCsrEcPublicKey = function(jwk) {
var ecOid = X509._oids[jwk.crv]; var ecOid = X509._oids[jwk.crv];
if (!ecOid) { if (!ecOid) {
throw new Error("Unsupported namedCurve '" + jwk.crv + "'. Supported types are " + Object.keys(X509._oids)); throw new Error(
} "Unsupported namedCurve '" +
var cmp = '04'; // 04 == x+y, 02 == x-only jwk.crv +
var hxy = ''; "'. Supported types are " +
// Placeholder. I'm not even sure if compression should be supported. Object.keys(X509._oids)
if (!jwk.y) { cmp = '02'; } );
hxy += Enc.base64ToHex(jwk.x); }
if (jwk.y) { hxy += Enc.base64ToHex(jwk.y); } var cmp = '04'; // 04 == x+y, 02 == x-only
var hxy = '';
// Placeholder. I'm not even sure if compression should be supported.
if (!jwk.y) {
cmp = '02';
}
hxy += Enc.base64ToHex(jwk.x);
if (jwk.y) {
hxy += Enc.base64ToHex(jwk.y);
}
// 1.2.840.10045.2.1 ecPublicKey // 1.2.840.10045.2.1 ecPublicKey
return ASN1('30', ASN1('30', ASN1('06', '2a8648ce3d0201'), ASN1('06', ecOid)), ASN1.BitStr(cmp + hxy)); return ASN1(
}; '30',
X509._oids = { ASN1('30', ASN1('06', '2a8648ce3d0201'), ASN1('06', ecOid)),
// 1.2.840.10045.3.1.7 prime256v1 ASN1.BitStr(cmp + hxy)
// (ANSI X9.62 named elliptic curve) (06 08 - 2A 86 48 CE 3D 03 01 07) );
'P-256': '2a8648ce3d030107' };
// 1.3.132.0.34 P-384 (06 05 - 2B 81 04 00 22) X509._oids = {
// (SEC 2 recommended EC domain secp256r1) // 1.2.840.10045.3.1.7 prime256v1
, 'P-384': '2b81040022' // (ANSI X9.62 named elliptic curve) (06 08 - 2A 86 48 CE 3D 03 01 07)
// requires more logic and isn't a recommended standard 'P-256': '2a8648ce3d030107',
// 1.3.132.0.35 P-521 (06 05 - 2B 81 04 00 23) // 1.3.132.0.34 P-384 (06 05 - 2B 81 04 00 22)
// (SEC 2 alternate P-521) // (SEC 2 recommended EC domain secp256r1)
//, 'P-521': '2B 81 04 00 23' 'P-384': '2b81040022'
}; // requires more logic and isn't a recommended standard
// 1.3.132.0.35 P-521 (06 05 - 2B 81 04 00 23)
// (SEC 2 alternate P-521)
//, 'P-521': '2B 81 04 00 23'
};
// don't replace the full parseBlock, if it exists // don't replace the full parseBlock, if it exists
PEM.parseBlock = PEM.parseBlock || function (str) { PEM.parseBlock =
var der = str.split(/\n/).filter(function (line) { PEM.parseBlock ||
return !/-----/.test(line); function(str) {
}).join(''); var der = str
return { bytes: Enc.base64ToBuf(der) }; .split(/\n/)
}; .filter(function(line) {
return !/-----/.test(line);
}('undefined' === typeof window ? module.exports : window)); })
.join('');
return { bytes: Enc.base64ToBuf(der) };
};
})('undefined' === typeof window ? module.exports : window);

375
lib/ecdsa.js
View File

@ -1,172 +1,227 @@
/*global Promise*/ /*global Promise*/
(function (exports) { (function(exports) {
'use strict'; 'use strict';
var EC = exports.Eckles = {}; var EC = (exports.Eckles = {});
var x509 = exports.x509; var x509 = exports.x509;
if ('undefined' !== typeof module) { module.exports = EC; } if ('undefined' !== typeof module) {
var PEM = exports.PEM; module.exports = EC;
var SSH = exports.SSH; }
var Enc = {}; var PEM = exports.PEM;
var textEncoder = new TextEncoder(); var SSH = exports.SSH;
var Enc = {};
var textEncoder = new TextEncoder();
EC._stance = "We take the stance that if you're knowledgeable enough to" EC._stance =
+ " properly and securely use non-standard crypto then you shouldn't need Bluecrypt anyway."; "We take the stance that if you're knowledgeable enough to" +
EC._universal = "Bluecrypt only supports crypto with standard cross-browser and cross-platform support."; " properly and securely use non-standard crypto then you shouldn't need Bluecrypt anyway.";
EC.generate = function (opts) { EC._universal =
var wcOpts = {}; 'Bluecrypt only supports crypto with standard cross-browser and cross-platform support.';
if (!opts) { opts = {}; } EC.generate = function(opts) {
if (!opts.kty) { opts.kty = 'EC'; } var wcOpts = {};
if (!opts) {
opts = {};
}
if (!opts.kty) {
opts.kty = 'EC';
}
// ECDSA has only the P curves and an associated bitlength // ECDSA has only the P curves and an associated bitlength
wcOpts.name = 'ECDSA'; wcOpts.name = 'ECDSA';
if (!opts.namedCurve) { if (!opts.namedCurve) {
opts.namedCurve = 'P-256'; opts.namedCurve = 'P-256';
} }
wcOpts.namedCurve = opts.namedCurve; // true for supported curves wcOpts.namedCurve = opts.namedCurve; // true for supported curves
if (/256/.test(wcOpts.namedCurve)) { if (/256/.test(wcOpts.namedCurve)) {
wcOpts.namedCurve = 'P-256'; wcOpts.namedCurve = 'P-256';
wcOpts.hash = { name: "SHA-256" }; wcOpts.hash = { name: 'SHA-256' };
} else if (/384/.test(wcOpts.namedCurve)) { } else if (/384/.test(wcOpts.namedCurve)) {
wcOpts.namedCurve = 'P-384'; wcOpts.namedCurve = 'P-384';
wcOpts.hash = { name: "SHA-384" }; wcOpts.hash = { name: 'SHA-384' };
} else { } else {
return Promise.Reject(new Error("'" + wcOpts.namedCurve + "' is not an NIST approved ECDSA namedCurve. " return Promise.Reject(
+ " Please choose either 'P-256' or 'P-384'. " new Error(
+ EC._stance)); "'" +
} wcOpts.namedCurve +
"' is not an NIST approved ECDSA namedCurve. " +
" Please choose either 'P-256' or 'P-384'. " +
EC._stance
)
);
}
var extractable = true; var extractable = true;
return window.crypto.subtle.generateKey( return window.crypto.subtle
wcOpts .generateKey(wcOpts, extractable, ['sign', 'verify'])
, extractable .then(function(result) {
, [ 'sign', 'verify' ] return window.crypto.subtle
).then(function (result) { .exportKey('jwk', result.privateKey)
return window.crypto.subtle.exportKey( .then(function(privJwk) {
"jwk" privJwk.key_ops = undefined;
, result.privateKey privJwk.ext = undefined;
).then(function (privJwk) { return {
privJwk.key_ops = undefined; private: privJwk,
privJwk.ext = undefined; public: EC.neuter({ jwk: privJwk })
return { };
private: privJwk });
, public: EC.neuter({ jwk: privJwk }) });
}; };
});
});
};
EC.export = function (opts) { EC.export = function(opts) {
return Promise.resolve().then(function () { return Promise.resolve().then(function() {
if (!opts || !opts.jwk || 'object' !== typeof opts.jwk) { if (!opts || !opts.jwk || 'object' !== typeof opts.jwk) {
throw new Error("must pass { jwk: jwk } as a JSON object"); throw new Error('must pass { jwk: jwk } as a JSON object');
} }
var jwk = JSON.parse(JSON.stringify(opts.jwk)); var jwk = JSON.parse(JSON.stringify(opts.jwk));
var format = opts.format; var format = opts.format;
if (opts.public || -1 !== [ 'spki', 'pkix', 'ssh', 'rfc4716' ].indexOf(format)) { if (
jwk.d = null; opts.public ||
} -1 !== ['spki', 'pkix', 'ssh', 'rfc4716'].indexOf(format)
if ('EC' !== jwk.kty) { ) {
throw new Error("options.jwk.kty must be 'EC' for EC keys"); jwk.d = null;
} }
if (!jwk.d) { if ('EC' !== jwk.kty) {
if (!format || -1 !== [ 'spki', 'pkix' ].indexOf(format)) { throw new Error("options.jwk.kty must be 'EC' for EC keys");
format = 'spki'; }
} else if (-1 !== [ 'ssh', 'rfc4716' ].indexOf(format)) { if (!jwk.d) {
format = 'ssh'; if (!format || -1 !== ['spki', 'pkix'].indexOf(format)) {
} else { format = 'spki';
throw new Error("options.format must be 'spki' or 'ssh' for public EC keys, not (" } else if (-1 !== ['ssh', 'rfc4716'].indexOf(format)) {
+ typeof format + ") " + format); format = 'ssh';
} } else {
} else { throw new Error(
if (!format || 'sec1' === format) { "options.format must be 'spki' or 'ssh' for public EC keys, not (" +
format = 'sec1'; typeof format +
} else if ('pkcs8' !== format) { ') ' +
throw new Error("options.format must be 'sec1' or 'pkcs8' for private EC keys, not '" + format + "'"); format
} );
} }
if (-1 === [ 'P-256', 'P-384' ].indexOf(jwk.crv)) { } else {
throw new Error("options.jwk.crv must be either P-256 or P-384 for EC keys, not '" + jwk.crv + "'"); if (!format || 'sec1' === format) {
} format = 'sec1';
if (!jwk.y) { } else if ('pkcs8' !== format) {
throw new Error("options.jwk.y must be a urlsafe base64-encoded either P-256 or P-384"); throw new Error(
} "options.format must be 'sec1' or 'pkcs8' for private EC keys, not '" +
format +
"'"
);
}
}
if (-1 === ['P-256', 'P-384'].indexOf(jwk.crv)) {
throw new Error(
"options.jwk.crv must be either P-256 or P-384 for EC keys, not '" +
jwk.crv +
"'"
);
}
if (!jwk.y) {
throw new Error(
'options.jwk.y must be a urlsafe base64-encoded either P-256 or P-384'
);
}
if ('sec1' === format) { if ('sec1' === format) {
return PEM.packBlock({ type: "EC PRIVATE KEY", bytes: x509.packSec1(jwk) }); return PEM.packBlock({
} else if ('pkcs8' === format) { type: 'EC PRIVATE KEY',
return PEM.packBlock({ type: "PRIVATE KEY", bytes: x509.packPkcs8(jwk) }); bytes: x509.packSec1(jwk)
} else if (-1 !== [ 'spki', 'pkix' ].indexOf(format)) { });
return PEM.packBlock({ type: "PUBLIC KEY", bytes: x509.packSpki(jwk) }); } else if ('pkcs8' === format) {
} else if (-1 !== [ 'ssh', 'rfc4716' ].indexOf(format)) { return PEM.packBlock({
return SSH.packSsh(jwk); type: 'PRIVATE KEY',
} else { bytes: x509.packPkcs8(jwk)
throw new Error("Sanity Error: reached unreachable code block with format: " + format); });
} } else if (-1 !== ['spki', 'pkix'].indexOf(format)) {
}); return PEM.packBlock({
}; type: 'PUBLIC KEY',
EC.pack = function (opts) { bytes: x509.packSpki(jwk)
return Promise.resolve().then(function () { });
return EC.exportSync(opts); } else if (-1 !== ['ssh', 'rfc4716'].indexOf(format)) {
}); return SSH.packSsh(jwk);
}; } else {
throw new Error(
'Sanity Error: reached unreachable code block with format: ' +
format
);
}
});
};
EC.pack = function(opts) {
return Promise.resolve().then(function() {
return EC.exportSync(opts);
});
};
// Chopping off the private parts is now part of the public API. // Chopping off the private parts is now part of the public API.
// I thought it sounded a little too crude at first, but it really is the best name in every possible way. // I thought it sounded a little too crude at first, but it really is the best name in every possible way.
EC.neuter = function (opts) { EC.neuter = function(opts) {
// trying to find the best balance of an immutable copy with custom attributes // trying to find the best balance of an immutable copy with custom attributes
var jwk = {}; var jwk = {};
Object.keys(opts.jwk).forEach(function (k) { Object.keys(opts.jwk).forEach(function(k) {
if ('undefined' === typeof opts.jwk[k]) { return; } if ('undefined' === typeof opts.jwk[k]) {
// ignore EC private parts return;
if ('d' === k) { return; } }
jwk[k] = JSON.parse(JSON.stringify(opts.jwk[k])); // ignore EC private parts
}); if ('d' === k) {
return jwk; return;
}; }
jwk[k] = JSON.parse(JSON.stringify(opts.jwk[k]));
});
return jwk;
};
// https://stackoverflow.com/questions/42588786/how-to-fingerprint-a-jwk // https://stackoverflow.com/questions/42588786/how-to-fingerprint-a-jwk
EC.__thumbprint = function (jwk) { EC.__thumbprint = function(jwk) {
// Use the same entropy for SHA as for key // Use the same entropy for SHA as for key
var alg = 'SHA-256'; var alg = 'SHA-256';
if (/384/.test(jwk.crv)) { if (/384/.test(jwk.crv)) {
alg = 'SHA-384'; alg = 'SHA-384';
} }
return window.crypto.subtle.digest( return window.crypto.subtle
{ name: alg } .digest(
, textEncoder.encode('{"crv":"' + jwk.crv + '","kty":"EC","x":"' + jwk.x + '","y":"' + jwk.y + '"}') { name: alg },
).then(function (hash) { textEncoder.encode(
return Enc.bufToUrlBase64(new Uint8Array(hash)); '{"crv":"' +
}); jwk.crv +
}; '","kty":"EC","x":"' +
jwk.x +
'","y":"' +
jwk.y +
'"}'
)
)
.then(function(hash) {
return Enc.bufToUrlBase64(new Uint8Array(hash));
});
};
EC.thumbprint = function (opts) { EC.thumbprint = function(opts) {
return Promise.resolve().then(function () { return Promise.resolve().then(function() {
var jwk; var jwk;
if ('EC' === opts.kty) { if ('EC' === opts.kty) {
jwk = opts; jwk = opts;
} else if (opts.jwk) { } else if (opts.jwk) {
jwk = opts.jwk; jwk = opts.jwk;
} else { } else {
return EC.import(opts).then(function (jwk) { return EC.import(opts).then(function(jwk) {
return EC.__thumbprint(jwk); return EC.__thumbprint(jwk);
}); });
} }
return EC.__thumbprint(jwk); return EC.__thumbprint(jwk);
}); });
}; };
Enc.bufToUrlBase64 = function (u8) { Enc.bufToUrlBase64 = function(u8) {
return Enc.bufToBase64(u8) return Enc.bufToBase64(u8)
.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, ''); .replace(/\+/g, '-')
}; .replace(/\//g, '_')
.replace(/=/g, '');
};
Enc.bufToBase64 = function (u8) { Enc.bufToBase64 = function(u8) {
var bin = ''; var bin = '';
u8.forEach(function (i) { u8.forEach(function(i) {
bin += String.fromCharCode(i); bin += String.fromCharCode(i);
}); });
return btoa(bin); return btoa(bin);
}; };
})('undefined' !== typeof module ? module.exports : window);
}('undefined' !== typeof module ? module.exports : window));

255
lib/encoding.js
View File

@ -1,140 +1,151 @@
(function (exports) { (function(exports) {
var Enc = (exports.Enc = {});
var Enc = exports.Enc = {}; Enc.bufToBin = function(buf) {
var bin = '';
// cannot use .map() because Uint8Array would return only 0s
buf.forEach(function(ch) {
bin += String.fromCharCode(ch);
});
return bin;
};
Enc.bufToBin = function (buf) { Enc.bufToHex = function toHex(u8) {
var bin = ''; var hex = [];
// cannot use .map() because Uint8Array would return only 0s var i, h;
buf.forEach(function (ch) { var len = u8.byteLength || u8.length;
bin += String.fromCharCode(ch);
});
return bin;
};
Enc.bufToHex = function toHex(u8) { for (i = 0; i < len; i += 1) {
var hex = []; h = u8[i].toString(16);
var i, h; if (h.length % 2) {
var len = (u8.byteLength || u8.length); h = '0' + h;
}
hex.push(h);
}
for (i = 0; i < len; i += 1) { return hex.join('').toLowerCase();
h = u8[i].toString(16); };
if (h.length % 2) { h = '0' + h; }
hex.push(h);
}
return hex.join('').toLowerCase(); Enc.urlBase64ToBase64 = function urlsafeBase64ToBase64(str) {
}; var r = str % 4;
if (2 === r) {
str += '==';
} else if (3 === r) {
str += '=';
}
return str.replace(/-/g, '+').replace(/_/g, '/');
};
Enc.urlBase64ToBase64 = function urlsafeBase64ToBase64(str) { Enc.base64ToBuf = function(b64) {
var r = str % 4; return Enc.binToBuf(atob(b64));
if (2 === r) { };
str += '=='; Enc.binToBuf = function(bin) {
} else if (3 === r) { var arr = bin.split('').map(function(ch) {
str += '='; return ch.charCodeAt(0);
} });
return str.replace(/-/g, '+').replace(/_/g, '/'); return 'undefined' !== typeof Uint8Array ? new Uint8Array(arr) : arr;
}; };
Enc.bufToHex = function(u8) {
var hex = [];
var i, h;
var len = u8.byteLength || u8.length;
Enc.base64ToBuf = function (b64) { for (i = 0; i < len; i += 1) {
return Enc.binToBuf(atob(b64)); h = u8[i].toString(16);
}; if (h.length % 2) {
Enc.binToBuf = function (bin) { h = '0' + h;
var arr = bin.split('').map(function (ch) { }
return ch.charCodeAt(0); hex.push(h);
}); }
return 'undefined' !== typeof Uint8Array ? new Uint8Array(arr) : arr;
};
Enc.bufToHex = function (u8) {
var hex = [];
var i, h;
var len = (u8.byteLength || u8.length);
for (i = 0; i < len; i += 1) { return hex.join('').toLowerCase();
h = u8[i].toString(16); };
if (h.length % 2) { h = '0' + h; } Enc.numToHex = function(d) {
hex.push(h); d = d.toString(16);
} if (d.length % 2) {
return '0' + d;
}
return d;
};
return hex.join('').toLowerCase(); Enc.bufToUrlBase64 = function(u8) {
}; return Enc.base64ToUrlBase64(Enc.bufToBase64(u8));
Enc.numToHex = function (d) { };
d = d.toString(16);
if (d.length % 2) {
return '0' + d;
}
return d;
};
Enc.bufToUrlBase64 = function (u8) { Enc.base64ToUrlBase64 = function(str) {
return Enc.base64ToUrlBase64(Enc.bufToBase64(u8)); return str
}; .replace(/\+/g, '-')
.replace(/\//g, '_')
.replace(/=/g, '');
};
Enc.base64ToUrlBase64 = function (str) { Enc.bufToBase64 = function(u8) {
return str.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, ''); var bin = '';
}; u8.forEach(function(i) {
bin += String.fromCharCode(i);
});
return btoa(bin);
};
Enc.bufToBase64 = function (u8) { Enc.hexToBuf = function(hex) {
var bin = ''; var arr = [];
u8.forEach(function (i) { hex.match(/.{2}/g).forEach(function(h) {
bin += String.fromCharCode(i); arr.push(parseInt(h, 16));
}); });
return btoa(bin); return 'undefined' !== typeof Uint8Array ? new Uint8Array(arr) : arr;
}; };
Enc.hexToBuf = function (hex) { Enc.numToHex = function(d) {
var arr = []; d = d.toString(16);
hex.match(/.{2}/g).forEach(function (h) { if (d.length % 2) {
arr.push(parseInt(h, 16)); return '0' + d;
}); }
return 'undefined' !== typeof Uint8Array ? new Uint8Array(arr) : arr; return d;
}; };
Enc.numToHex = function (d) { //
d = d.toString(16); // JWK to SSH (tested working)
if (d.length % 2) { //
return '0' + d; Enc.base64ToHex = function(b64) {
} var bin = atob(Enc.urlBase64ToBase64(b64));
return d; return Enc.binToHex(bin);
}; };
Enc.binToHex = function(bin) {
return bin
.split('')
.map(function(ch) {
var h = ch.charCodeAt(0).toString(16);
if (h.length % 2) {
h = '0' + h;
}
return h;
})
.join('');
};
// TODO are there any nuance differences here?
Enc.utf8ToHex = Enc.binToHex;
// Enc.hexToBase64 = function(hex) {
// JWK to SSH (tested working) return btoa(Enc.hexToBin(hex));
// };
Enc.base64ToHex = function (b64) {
var bin = atob(Enc.urlBase64ToBase64(b64));
return Enc.binToHex(bin);
};
Enc.binToHex = function (bin) { Enc.hexToBin = function(hex) {
return bin.split('').map(function (ch) { return hex
var h = ch.charCodeAt(0).toString(16); .match(/.{2}/g)
if (h.length % 2) { h = '0' + h; } .map(function(h) {
return h; return String.fromCharCode(parseInt(h, 16));
}).join(''); })
}; .join('');
// TODO are there any nuance differences here? };
Enc.utf8ToHex = Enc.binToHex;
Enc.hexToBase64 = function (hex) { Enc.urlBase64ToBase64 = function urlsafeBase64ToBase64(str) {
return btoa(Enc.hexToBin(hex)); var r = str % 4;
}; if (2 === r) {
str += '==';
Enc.hexToBin = function (hex) { } else if (3 === r) {
return hex.match(/.{2}/g).map(function (h) { str += '=';
return String.fromCharCode(parseInt(h, 16)); }
}).join(''); return str.replace(/-/g, '+').replace(/_/g, '/');
}; };
})('undefined' !== typeof exports ? module.exports : window);
Enc.urlBase64ToBase64 = function urlsafeBase64ToBase64(str) {
var r = str % 4;
if (2 === r) {
str += '==';
} else if (3 === r) {
str += '=';
}
return str.replace(/-/g, '+').replace(/_/g, '/');
};
}('undefined' !== typeof exports ? module.exports : window ));

712
lib/keypairs.js
View File

@ -1,348 +1,432 @@
/*global Promise*/ /*global Promise*/
(function (exports) { (function(exports) {
'use strict'; 'use strict';
var Keypairs = exports.Keypairs = {}; var Keypairs = (exports.Keypairs = {});
var Rasha = exports.Rasha; var Rasha = exports.Rasha;
var Eckles = exports.Eckles; var Eckles = exports.Eckles;
var Enc = exports.Enc || {}; var Enc = exports.Enc || {};
Keypairs._stance = "We take the stance that if you're knowledgeable enough to" Keypairs._stance =
+ " properly and securely use non-standard crypto then you shouldn't need Bluecrypt anyway."; "We take the stance that if you're knowledgeable enough to" +
Keypairs._universal = "Bluecrypt only supports crypto with standard cross-browser and cross-platform support."; " properly and securely use non-standard crypto then you shouldn't need Bluecrypt anyway.";
Keypairs.generate = function (opts) { Keypairs._universal =
opts = opts || {}; 'Bluecrypt only supports crypto with standard cross-browser and cross-platform support.';
var p; Keypairs.generate = function(opts) {
if (!opts.kty) { opts.kty = opts.type; } opts = opts || {};
if (!opts.kty) { opts.kty = 'EC'; } var p;
if (/^EC/i.test(opts.kty)) { if (!opts.kty) {
p = Eckles.generate(opts); opts.kty = opts.type;
} else if (/^RSA$/i.test(opts.kty)) { }
p = Rasha.generate(opts); if (!opts.kty) {
} else { opts.kty = 'EC';
return Promise.Reject(new Error("'" + opts.kty + "' is not a well-supported key type." }
+ Keypairs._universal if (/^EC/i.test(opts.kty)) {
+ " Please choose 'EC', or 'RSA' if you have good reason to.")); p = Eckles.generate(opts);
} } else if (/^RSA$/i.test(opts.kty)) {
return p.then(function (pair) { p = Rasha.generate(opts);
return Keypairs.thumbprint({ jwk: pair.public }).then(function (thumb) { } else {
pair.private.kid = thumb; // maybe not the same id on the private key? return Promise.Reject(
pair.public.kid = thumb; new Error(
return pair; "'" +
}); opts.kty +
}); "' is not a well-supported key type." +
}; Keypairs._universal +
" Please choose 'EC', or 'RSA' if you have good reason to."
)
);
}
return p.then(function(pair) {
return Keypairs.thumbprint({ jwk: pair.public }).then(function(
thumb
) {
pair.private.kid = thumb; // maybe not the same id on the private key?
pair.public.kid = thumb;
return pair;
});
});
};
Keypairs.export = function (opts) { Keypairs.export = function(opts) {
return Eckles.export(opts).catch(function (err) { return Eckles.export(opts).catch(function(err) {
return Rasha.export(opts).catch(function () { return Rasha.export(opts).catch(function() {
return Promise.reject(err); return Promise.reject(err);
}); });
}); });
}; };
/**
* Chopping off the private parts is now part of the public API.
* I thought it sounded a little too crude at first, but it really is the best name in every possible way.
*/
Keypairs.neuter = function(opts) {
/** trying to find the best balance of an immutable copy with custom attributes */
var jwk = {};
Object.keys(opts.jwk).forEach(function(k) {
if ('undefined' === typeof opts.jwk[k]) {
return;
}
// ignore RSA and EC private parts
if (-1 !== ['d', 'p', 'q', 'dp', 'dq', 'qi'].indexOf(k)) {
return;
}
jwk[k] = JSON.parse(JSON.stringify(opts.jwk[k]));
});
return jwk;
};
/** Keypairs.thumbprint = function(opts) {
* Chopping off the private parts is now part of the public API. return Promise.resolve().then(function() {
* I thought it sounded a little too crude at first, but it really is the best name in every possible way. if (/EC/i.test(opts.jwk.kty)) {
*/ return Eckles.thumbprint(opts);
Keypairs.neuter = function (opts) { } else {
/** trying to find the best balance of an immutable copy with custom attributes */ return Rasha.thumbprint(opts);
var jwk = {}; }
Object.keys(opts.jwk).forEach(function (k) { });
if ('undefined' === typeof opts.jwk[k]) { return; } };
// ignore RSA and EC private parts
if (-1 !== ['d', 'p', 'q', 'dp', 'dq', 'qi'].indexOf(k)) { return; }
jwk[k] = JSON.parse(JSON.stringify(opts.jwk[k]));
});
return jwk;
};
Keypairs.thumbprint = function (opts) { Keypairs.publish = function(opts) {
return Promise.resolve().then(function () { if ('object' !== typeof opts.jwk || !opts.jwk.kty) {
if (/EC/i.test(opts.jwk.kty)) { throw new Error('invalid jwk: ' + JSON.stringify(opts.jwk));
return Eckles.thumbprint(opts); }
} else {
return Rasha.thumbprint(opts);
}
});
};
Keypairs.publish = function (opts) { /** returns a copy */
if ('object' !== typeof opts.jwk || !opts.jwk.kty) { throw new Error("invalid jwk: " + JSON.stringify(opts.jwk)); } var jwk = Keypairs.neuter(opts);
/** returns a copy */ if (jwk.exp) {
var jwk = Keypairs.neuter(opts); jwk.exp = setTime(jwk.exp);
} else {
if (opts.exp) {
jwk.exp = setTime(opts.exp);
} else if (opts.expiresIn) {
jwk.exp = Math.round(Date.now() / 1000) + opts.expiresIn;
} else if (opts.expiresAt) {
jwk.exp = opts.expiresAt;
}
}
if (!jwk.use && false !== jwk.use) {
jwk.use = 'sig';
}
if (jwk.exp) { if (jwk.kid) {
jwk.exp = setTime(jwk.exp); return Promise.resolve(jwk);
} else { }
if (opts.exp) { jwk.exp = setTime(opts.exp); } return Keypairs.thumbprint({ jwk: jwk }).then(function(thumb) {
else if (opts.expiresIn) { jwk.exp = Math.round(Date.now()/1000) + opts.expiresIn; } jwk.kid = thumb;
else if (opts.expiresAt) { jwk.exp = opts.expiresAt; } return jwk;
} });
if (!jwk.use && false !== jwk.use) { jwk.use = "sig"; } };
if (jwk.kid) { return Promise.resolve(jwk); } // JWT a.k.a. JWS with Claims using Compact Serialization
return Keypairs.thumbprint({ jwk: jwk }).then(function (thumb) { jwk.kid = thumb; return jwk; }); Keypairs.signJwt = function(opts) {
}; return Keypairs.thumbprint({ jwk: opts.jwk }).then(function(thumb) {
var header = opts.header || {};
var claims = JSON.parse(JSON.stringify(opts.claims || {}));
header.typ = 'JWT';
// JWT a.k.a. JWS with Claims using Compact Serialization if (!header.kid) {
Keypairs.signJwt = function (opts) { header.kid = thumb;
return Keypairs.thumbprint({ jwk: opts.jwk }).then(function (thumb) { }
var header = opts.header || {}; if (!header.alg && opts.alg) {
var claims = JSON.parse(JSON.stringify(opts.claims || {})); header.alg = opts.alg;
header.typ = 'JWT'; }
if (!claims.iat && (false === claims.iat || false === opts.iat)) {
claims.iat = undefined;
} else if (!claims.iat) {
claims.iat = Math.round(Date.now() / 1000);
}
if (!header.kid) { header.kid = thumb; } if (opts.exp) {
if (!header.alg && opts.alg) { header.alg = opts.alg; } claims.exp = setTime(opts.exp);
if (!claims.iat && (false === claims.iat || false === opts.iat)) { } else if (
claims.iat = undefined; !claims.exp &&
} else if (!claims.iat) { (false === claims.exp || false === opts.exp)
claims.iat = Math.round(Date.now()/1000); ) {
} claims.exp = undefined;
} else if (!claims.exp) {
throw new Error(
"opts.claims.exp should be the expiration date as seconds, human form (i.e. '1h' or '15m') or false"
);
}
if (opts.exp) { if (opts.iss) {
claims.exp = setTime(opts.exp); claims.iss = opts.iss;
} else if (!claims.exp && (false === claims.exp || false === opts.exp)) { }
claims.exp = undefined; if (!claims.iss && (false === claims.iss || false === opts.iss)) {
} else if (!claims.exp) { claims.iss = undefined;
throw new Error("opts.claims.exp should be the expiration date as seconds, human form (i.e. '1h' or '15m') or false"); } else if (!claims.iss) {
} throw new Error(
'opts.claims.iss should be in the form of https://example.com/, a secure OIDC base url'
);
}
if (opts.iss) { claims.iss = opts.iss; } return Keypairs.signJws({
if (!claims.iss && (false === claims.iss || false === opts.iss)) { jwk: opts.jwk,
claims.iss = undefined; pem: opts.pem,
} else if (!claims.iss) { protected: header,
throw new Error("opts.claims.iss should be in the form of https://example.com/, a secure OIDC base url"); header: undefined,
} payload: claims
}).then(function(jws) {
return [jws.protected, jws.payload, jws.signature].join('.');
});
});
};
return Keypairs.signJws({ Keypairs.signJws = function(opts) {
jwk: opts.jwk return Keypairs.thumbprint(opts).then(function(thumb) {
, pem: opts.pem function alg() {
, protected: header if (!opts.jwk) {
, header: undefined throw new Error(
, payload: claims "opts.jwk must exist and must declare 'typ'"
}).then(function (jws) { );
return [ jws.protected, jws.payload, jws.signature ].join('.'); }
}); if (opts.jwk.alg) {
}); return opts.jwk.alg;
}; }
var typ = 'RSA' === opts.jwk.kty ? 'RS' : 'ES';
return typ + Keypairs._getBits(opts);
}
Keypairs.signJws = function (opts) { function sign() {
return Keypairs.thumbprint(opts).then(function (thumb) { var protect = opts.protected;
var payload = opts.payload;
function alg() { // Compute JWS signature
if (!opts.jwk) { var protectedHeader = '';
throw new Error("opts.jwk must exist and must declare 'typ'"); // Because unprotected headers are allowed, regrettably...
} // https://stackoverflow.com/a/46288694
if (opts.jwk.alg) { return opts.jwk.alg; } if (false !== protect) {
var typ = ('RSA' === opts.jwk.kty) ? "RS" : "ES"; if (!protect) {
return typ + Keypairs._getBits(opts); protect = {};
} }
if (!protect.alg) {
protect.alg = alg();
}
// There's a particular request where ACME / Let's Encrypt explicitly doesn't use a kid
if (false === protect.kid) {
protect.kid = undefined;
} else if (!protect.kid) {
protect.kid = thumb;
}
protectedHeader = JSON.stringify(protect);
}
function sign() { // Not sure how to handle the empty case since ACME POST-as-GET must be empty
var protect = opts.protected; //if (!payload) {
var payload = opts.payload; // throw new Error("opts.payload should be JSON, string, or ArrayBuffer (it may be empty, but that must be explicit)");
//}
// Trying to detect if it's a plain object (not Buffer, ArrayBuffer, Array, Uint8Array, etc)
if (
payload &&
'string' !== typeof payload &&
'undefined' === typeof payload.byteLength &&
'undefined' === typeof payload.buffer
) {
payload = JSON.stringify(payload);
}
// Converting to a buffer, even if it was just converted to a string
if ('string' === typeof payload) {
payload = Enc.binToBuf(payload);
}
// Compute JWS signature // node specifies RSA-SHAxxx even when it's actually ecdsa (it's all encoded x509 shasums anyway)
var protectedHeader = ""; var protected64 = Enc.strToUrlBase64(protectedHeader);
// Because unprotected headers are allowed, regrettably... var payload64 = Enc.bufToUrlBase64(payload);
// https://stackoverflow.com/a/46288694 var msg = protected64 + '.' + payload64;
if (false !== protect) {
if (!protect) { protect = {}; }
if (!protect.alg) { protect.alg = alg(); }
// There's a particular request where ACME / Let's Encrypt explicitly doesn't use a kid
if (false === protect.kid) { protect.kid = undefined; }
else if (!protect.kid) { protect.kid = thumb; }
protectedHeader = JSON.stringify(protect);
}
// Not sure how to handle the empty case since ACME POST-as-GET must be empty return Keypairs._sign(opts, msg).then(function(buf) {
//if (!payload) { var signedMsg = {
// throw new Error("opts.payload should be JSON, string, or ArrayBuffer (it may be empty, but that must be explicit)"); protected: protected64,
//} payload: payload64,
// Trying to detect if it's a plain object (not Buffer, ArrayBuffer, Array, Uint8Array, etc) signature: Enc.bufToUrlBase64(buf)
if (payload && ('string' !== typeof payload) };
&& ('undefined' === typeof payload.byteLength)
&& ('undefined' === typeof payload.buffer)
) {
payload = JSON.stringify(payload);
}
// Converting to a buffer, even if it was just converted to a string
if ('string' === typeof payload) {
payload = Enc.binToBuf(payload);
}
// node specifies RSA-SHAxxx even when it's actually ecdsa (it's all encoded x509 shasums anyway) return signedMsg;
var protected64 = Enc.strToUrlBase64(protectedHeader); });
var payload64 = Enc.bufToUrlBase64(payload); }
var msg = protected64 + '.' + payload64;
return Keypairs._sign(opts, msg).then(function (buf) { if (opts.jwk) {
var signedMsg = { return sign();
protected: protected64 } else {
, payload: payload64 return Keypairs.import({ pem: opts.pem }).then(function(pair) {
, signature: Enc.bufToUrlBase64(buf) opts.jwk = pair.private;
}; return sign();
});
}
});
};
return signedMsg; Keypairs._sign = function(opts, payload) {
}); return Keypairs._import(opts).then(function(privkey) {
} if ('string' === typeof payload) {
payload = new TextEncoder().encode(payload);
}
return window.crypto.subtle
.sign(
{
name: Keypairs._getName(opts),
hash: { name: 'SHA-' + Keypairs._getBits(opts) }
},
privkey,
payload
)
.then(function(signature) {
signature = new Uint8Array(signature); // ArrayBuffer -> u8
// This will come back into play for CSRs, but not for JOSE
if (
'EC' === opts.jwk.kty &&
/x509|asn1/i.test(opts.format)
) {
return Keypairs._ecdsaJoseSigToAsn1Sig(signature);
} else {
// jose/jws/jwt
return signature;
}
});
});
};
Keypairs._getBits = function(opts) {
if (opts.alg) {
return opts.alg.replace(/[a-z\-]/gi, '');
}
// base64 len to byte len
var len = Math.floor((opts.jwk.n || '').length * 0.75);
if (opts.jwk) { // TODO this may be a bug
return sign(); // need to confirm that the padding is no more or less than 1 byte
} else { if (/521/.test(opts.jwk.crv) || len >= 511) {
return Keypairs.import({ pem: opts.pem }).then(function (pair) { return '512';
opts.jwk = pair.private; } else if (/384/.test(opts.jwk.crv) || len >= 383) {
return sign(); return '384';
}); }
}
});
};
Keypairs._sign = function (opts, payload) { return '256';
return Keypairs._import(opts).then(function (privkey) { };
if ('string' === typeof payload) { Keypairs._getName = function(opts) {
payload = (new TextEncoder()).encode(payload); if (/EC/i.test(opts.jwk.kty)) {
} return 'ECDSA';
return window.crypto.subtle.sign( } else {
{ name: Keypairs._getName(opts) return 'RSASSA-PKCS1-v1_5';
, hash: { name: 'SHA-' + Keypairs._getBits(opts) } }
} };
, privkey Keypairs._import = function(opts) {
, payload return Promise.resolve().then(function() {
).then(function (signature) { var ops;
signature = new Uint8Array(signature); // ArrayBuffer -> u8 // all private keys just happen to have a 'd'
// This will come back into play for CSRs, but not for JOSE if (opts.jwk.d) {
if ('EC' === opts.jwk.kty && /x509|asn1/i.test(opts.format)) { ops = ['sign'];
return Keypairs._ecdsaJoseSigToAsn1Sig(signature); } else {
} else { ops = ['verify'];
// jose/jws/jwt }
return signature; // gotta mark it as extractable, as if it matters
} opts.jwk.ext = true;
}); opts.jwk.key_ops = ops;
});
};
Keypairs._getBits = function (opts) {
if (opts.alg) { return opts.alg.replace(/[a-z\-]/ig, ''); }
// base64 len to byte len
var len = Math.floor((opts.jwk.n||'').length * 0.75);
// TODO this may be a bug return window.crypto.subtle
// need to confirm that the padding is no more or less than 1 byte .importKey(
if (/521/.test(opts.jwk.crv) || len >= 511) { 'jwk',
return '512'; opts.jwk,
} else if (/384/.test(opts.jwk.crv) || len >= 383) { {
return '384'; name: Keypairs._getName(opts),
} namedCurve: opts.jwk.crv,
hash: { name: 'SHA-' + Keypairs._getBits(opts) }
},
true,
ops
)
.then(function(privkey) {
delete opts.jwk.ext;
return privkey;
});
});
};
// ECDSA JOSE / JWS / JWT signatures differ from "normal" ASN1/X509 ECDSA signatures
// https://tools.ietf.org/html/rfc7518#section-3.4
Keypairs._ecdsaJoseSigToAsn1Sig = function(bufsig) {
// it's easier to do the manipulation in the browser with an array
bufsig = Array.from(bufsig);
var hlen = bufsig.length / 2; // should be even
var r = bufsig.slice(0, hlen);
var s = bufsig.slice(hlen);
// unpad positive ints less than 32 bytes wide
while (!r[0]) {
r = r.slice(1);
}
while (!s[0]) {
s = s.slice(1);
}
// pad (or re-pad) ambiguously non-negative BigInts, up to 33 bytes wide
if (0x80 & r[0]) {
r.unshift(0);
}
if (0x80 & s[0]) {
s.unshift(0);
}
return '256'; var len = 2 + r.length + 2 + s.length;
}; var head = [0x30];
Keypairs._getName = function (opts) { // hard code 0x80 + 1 because it won't be longer than
if (/EC/i.test(opts.jwk.kty)) { // two SHA512 plus two pad bytes (130 bytes <= 256)
return 'ECDSA'; if (len >= 0x80) {
} else { head.push(0x81);
return 'RSASSA-PKCS1-v1_5'; }
} head.push(len);
};
Keypairs._import = function (opts) {
return Promise.resolve().then(function () {
var ops;
// all private keys just happen to have a 'd'
if (opts.jwk.d) {
ops = [ 'sign' ];
} else {
ops = [ 'verify' ];
}
// gotta mark it as extractable, as if it matters
opts.jwk.ext = true;
opts.jwk.key_ops = ops;
return window.crypto.subtle.importKey( return Uint8Array.from(
"jwk" head.concat([0x02, r.length], r, [0x02, s.length], s)
, opts.jwk );
, { name: Keypairs._getName(opts) };
, namedCurve: opts.jwk.crv
, hash: { name: 'SHA-' + Keypairs._getBits(opts) } }
, true
, ops
).then(function (privkey) {
delete opts.jwk.ext;
return privkey;
});
});
};
// ECDSA JOSE / JWS / JWT signatures differ from "normal" ASN1/X509 ECDSA signatures
// https://tools.ietf.org/html/rfc7518#section-3.4
Keypairs._ecdsaJoseSigToAsn1Sig = function (bufsig) {
// it's easier to do the manipulation in the browser with an array
bufsig = Array.from(bufsig);
var hlen = bufsig.length / 2; // should be even
var r = bufsig.slice(0, hlen);
var s = bufsig.slice(hlen);
// unpad positive ints less than 32 bytes wide
while (!r[0]) { r = r.slice(1); }
while (!s[0]) { s = s.slice(1); }
// pad (or re-pad) ambiguously non-negative BigInts, up to 33 bytes wide
if (0x80 & r[0]) { r.unshift(0); }
if (0x80 & s[0]) { s.unshift(0); }
var len = 2 + r.length + 2 + s.length; function setTime(time) {
var head = [0x30]; if ('number' === typeof time) {
// hard code 0x80 + 1 because it won't be longer than return time;
// two SHA512 plus two pad bytes (130 bytes <= 256) }
if (len >= 0x80) { head.push(0x81); }
head.push(len);
return Uint8Array.from(head.concat([0x02, r.length], r, [0x02, s.length], s)); var t = time.match(/^(\-?\d+)([dhms])$/i);
}; if (!t || !t[0]) {
throw new Error(
"'" +
time +
"' should be datetime in seconds or human-readable format (i.e. 3d, 1h, 15m, 30s"
);
}
function setTime(time) { var now = Math.round(Date.now() / 1000);
if ('number' === typeof time) { return time; } var num = parseInt(t[1], 10);
var unit = t[2];
var mult = 1;
switch (unit) {
// fancy fallthrough, what fun!
case 'd':
mult *= 24;
/*falls through*/
case 'h':
mult *= 60;
/*falls through*/
case 'm':
mult *= 60;
/*falls through*/
case 's':
mult *= 1;
}
var t = time.match(/^(\-?\d+)([dhms])$/i); return now + mult * num;
if (!t || !t[0]) { }
throw new Error("'" + time + "' should be datetime in seconds or human-readable format (i.e. 3d, 1h, 15m, 30s");
}
var now = Math.round(Date.now()/1000); Enc.hexToBuf = function(hex) {
var num = parseInt(t[1], 10); var arr = [];
var unit = t[2]; hex.match(/.{2}/g).forEach(function(h) {
var mult = 1; arr.push(parseInt(h, 16));
switch(unit) { });
// fancy fallthrough, what fun! return 'undefined' !== typeof Uint8Array ? new Uint8Array(arr) : arr;
case 'd': };
mult *= 24; Enc.strToUrlBase64 = function(str) {
/*falls through*/ return Enc.bufToUrlBase64(Enc.binToBuf(str));
case 'h': };
mult *= 60; Enc.binToBuf = function(bin) {
/*falls through*/ var arr = bin.split('').map(function(ch) {
case 'm': return ch.charCodeAt(0);
mult *= 60; });
/*falls through*/ return 'undefined' !== typeof Uint8Array ? new Uint8Array(arr) : arr;
case 's': };
mult *= 1; })('undefined' !== typeof module ? module.exports : window);
}
return now + (mult * num);
}
Enc.hexToBuf = function (hex) {
var arr = [];
hex.match(/.{2}/g).forEach(function (h) {
arr.push(parseInt(h, 16));
});
return 'undefined' !== typeof Uint8Array ? new Uint8Array(arr) : arr;
};
Enc.strToUrlBase64 = function (str) {
return Enc.bufToUrlBase64(Enc.binToBuf(str));
};
Enc.binToBuf = function (bin) {
var arr = bin.split('').map(function (ch) {
return ch.charCodeAt(0);
});
return 'undefined' !== typeof Uint8Array ? new Uint8Array(arr) : arr;
};
}('undefined' !== typeof module ? module.exports : window));

398
lib/rsa.js
View File

@ -1,187 +1,235 @@
/*global Promise*/ /*global Promise*/
(function (exports) { (function(exports) {
'use strict'; 'use strict';
var RSA = exports.Rasha = {}; var RSA = (exports.Rasha = {});
var x509 = exports.x509; var x509 = exports.x509;
if ('undefined' !== typeof module) { module.exports = RSA; } if ('undefined' !== typeof module) {
var PEM = exports.PEM; module.exports = RSA;
var SSH = exports.SSH; }
var Enc = {}; var PEM = exports.PEM;
var textEncoder = new TextEncoder(); var SSH = exports.SSH;
var Enc = {};
var textEncoder = new TextEncoder();
RSA._stance = "We take the stance that if you're knowledgeable enough to" RSA._stance =
+ " properly and securely use non-standard crypto then you shouldn't need Bluecrypt anyway."; "We take the stance that if you're knowledgeable enough to" +
RSA._universal = "Bluecrypt only supports crypto with standard cross-browser and cross-platform support."; " properly and securely use non-standard crypto then you shouldn't need Bluecrypt anyway.";
RSA.generate = function (opts) { RSA._universal =
var wcOpts = {}; 'Bluecrypt only supports crypto with standard cross-browser and cross-platform support.';
if (!opts) { opts = {}; } RSA.generate = function(opts) {
if (!opts.kty) { opts.kty = 'RSA'; } var wcOpts = {};
if (!opts) {
opts = {};
}
if (!opts.kty) {
opts.kty = 'RSA';
}
// Support PSS? I don't think it's used for Let's Encrypt // Support PSS? I don't think it's used for Let's Encrypt
wcOpts.name = 'RSASSA-PKCS1-v1_5'; wcOpts.name = 'RSASSA-PKCS1-v1_5';
if (!opts.modulusLength) { if (!opts.modulusLength) {
opts.modulusLength = 2048; opts.modulusLength = 2048;
} }
wcOpts.modulusLength = opts.modulusLength; wcOpts.modulusLength = opts.modulusLength;
if (wcOpts.modulusLength >= 2048 && wcOpts.modulusLength < 3072) { if (wcOpts.modulusLength >= 2048 && wcOpts.modulusLength < 3072) {
// erring on the small side... for no good reason // erring on the small side... for no good reason
wcOpts.hash = { name: "SHA-256" }; wcOpts.hash = { name: 'SHA-256' };
} else if (wcOpts.modulusLength >= 3072 && wcOpts.modulusLength < 4096) { } else if (
wcOpts.hash = { name: "SHA-384" }; wcOpts.modulusLength >= 3072 &&
} else if (wcOpts.modulusLength < 4097) { wcOpts.modulusLength < 4096
wcOpts.hash = { name: "SHA-512" }; ) {
} else { wcOpts.hash = { name: 'SHA-384' };
// Public key thumbprints should be paired with a hash of similar length, } else if (wcOpts.modulusLength < 4097) {
// so anything above SHA-512's keyspace would be left under-represented anyway. wcOpts.hash = { name: 'SHA-512' };
return Promise.Reject(new Error("'" + wcOpts.modulusLength + "' is not within the safe and universally" } else {
+ " acceptable range of 2048-4096. Typically you should pick 2048, 3072, or 4096, though other values" // Public key thumbprints should be paired with a hash of similar length,
+ " divisible by 8 are allowed. " + RSA._stance)); // so anything above SHA-512's keyspace would be left under-represented anyway.
} return Promise.Reject(
// TODO maybe allow this to be set to any of the standard values? new Error(
wcOpts.publicExponent = new Uint8Array([0x01, 0x00, 0x01]); "'" +
wcOpts.modulusLength +
"' is not within the safe and universally" +
' acceptable range of 2048-4096. Typically you should pick 2048, 3072, or 4096, though other values' +
' divisible by 8 are allowed. ' +
RSA._stance
)
);
}
// TODO maybe allow this to be set to any of the standard values?
wcOpts.publicExponent = new Uint8Array([0x01, 0x00, 0x01]);
var extractable = true; var extractable = true;
return window.crypto.subtle.generateKey( return window.crypto.subtle
wcOpts .generateKey(wcOpts, extractable, ['sign', 'verify'])
, extractable .then(function(result) {
, [ 'sign', 'verify' ] return window.crypto.subtle
).then(function (result) { .exportKey('jwk', result.privateKey)
return window.crypto.subtle.exportKey( .then(function(privJwk) {
"jwk" return {
, result.privateKey private: privJwk,
).then(function (privJwk) { public: RSA.neuter({ jwk: privJwk })
return { };
private: privJwk });
, public: RSA.neuter({ jwk: privJwk }) });
}; };
});
});
};
// Chopping off the private parts is now part of the public API. // Chopping off the private parts is now part of the public API.
// I thought it sounded a little too crude at first, but it really is the best name in every possible way. // I thought it sounded a little too crude at first, but it really is the best name in every possible way.
RSA.neuter = function (opts) { RSA.neuter = function(opts) {
// trying to find the best balance of an immutable copy with custom attributes // trying to find the best balance of an immutable copy with custom attributes
var jwk = {}; var jwk = {};
Object.keys(opts.jwk).forEach(function (k) { Object.keys(opts.jwk).forEach(function(k) {
if ('undefined' === typeof opts.jwk[k]) { return; } if ('undefined' === typeof opts.jwk[k]) {
// ignore RSA private parts return;
if (-1 !== ['d', 'p', 'q', 'dp', 'dq', 'qi'].indexOf(k)) { return; } }
jwk[k] = JSON.parse(JSON.stringify(opts.jwk[k])); // ignore RSA private parts
}); if (-1 !== ['d', 'p', 'q', 'dp', 'dq', 'qi'].indexOf(k)) {
return jwk; return;
}; }
jwk[k] = JSON.parse(JSON.stringify(opts.jwk[k]));
});
return jwk;
};
// https://stackoverflow.com/questions/42588786/how-to-fingerprint-a-jwk // https://stackoverflow.com/questions/42588786/how-to-fingerprint-a-jwk
RSA.__thumbprint = function (jwk) { RSA.__thumbprint = function(jwk) {
// Use the same entropy for SHA as for key // Use the same entropy for SHA as for key
var len = Math.floor(jwk.n.length * 0.75); var len = Math.floor(jwk.n.length * 0.75);
var alg = 'SHA-256'; var alg = 'SHA-256';
// TODO this may be a bug // TODO this may be a bug
// need to confirm that the padding is no more or less than 1 byte // need to confirm that the padding is no more or less than 1 byte
if (len >= 511) { if (len >= 511) {
alg = 'SHA-512'; alg = 'SHA-512';
} else if (len >= 383) { } else if (len >= 383) {
alg = 'SHA-384'; alg = 'SHA-384';
} }
return window.crypto.subtle.digest( return window.crypto.subtle
{ name: alg } .digest(
, textEncoder.encode('{"e":"' + jwk.e + '","kty":"RSA","n":"' + jwk.n + '"}') { name: alg },
).then(function (hash) { textEncoder.encode(
return Enc.bufToUrlBase64(new Uint8Array(hash)); '{"e":"' + jwk.e + '","kty":"RSA","n":"' + jwk.n + '"}'
}); )
}; )
.then(function(hash) {
return Enc.bufToUrlBase64(new Uint8Array(hash));
});
};
RSA.thumbprint = function (opts) { RSA.thumbprint = function(opts) {
return Promise.resolve().then(function () { return Promise.resolve().then(function() {
var jwk; var jwk;
if ('EC' === opts.kty) { if ('EC' === opts.kty) {
jwk = opts; jwk = opts;
} else if (opts.jwk) { } else if (opts.jwk) {
jwk = opts.jwk; jwk = opts.jwk;
} else { } else {
return RSA.import(opts).then(function (jwk) { return RSA.import(opts).then(function(jwk) {
return RSA.__thumbprint(jwk); return RSA.__thumbprint(jwk);
}); });
} }
return RSA.__thumbprint(jwk); return RSA.__thumbprint(jwk);
}); });
}; };
RSA.export = function (opts) { RSA.export = function(opts) {
return Promise.resolve().then(function () { return Promise.resolve().then(function() {
if (!opts || !opts.jwk || 'object' !== typeof opts.jwk) { if (!opts || !opts.jwk || 'object' !== typeof opts.jwk) {
throw new Error("must pass { jwk: jwk }"); throw new Error('must pass { jwk: jwk }');
} }
var jwk = JSON.parse(JSON.stringify(opts.jwk)); var jwk = JSON.parse(JSON.stringify(opts.jwk));
var format = opts.format; var format = opts.format;
var pub = opts.public; var pub = opts.public;
if (pub || -1 !== [ 'spki', 'pkix', 'ssh', 'rfc4716' ].indexOf(format)) { if (
jwk = RSA.neuter({ jwk: jwk }); pub ||
} -1 !== ['spki', 'pkix', 'ssh', 'rfc4716'].indexOf(format)
if ('RSA' !== jwk.kty) { ) {
throw new Error("options.jwk.kty must be 'RSA' for RSA keys"); jwk = RSA.neuter({ jwk: jwk });
} }
if (!jwk.p) { if ('RSA' !== jwk.kty) {
// TODO test for n and e throw new Error("options.jwk.kty must be 'RSA' for RSA keys");
pub = true; }
if (!format || 'pkcs1' === format) { if (!jwk.p) {
format = 'pkcs1'; // TODO test for n and e
} else if (-1 !== [ 'spki', 'pkix' ].indexOf(format)) { pub = true;
format = 'spki'; if (!format || 'pkcs1' === format) {
} else if (-1 !== [ 'ssh', 'rfc4716' ].indexOf(format)) { format = 'pkcs1';
format = 'ssh'; } else if (-1 !== ['spki', 'pkix'].indexOf(format)) {
} else { format = 'spki';
throw new Error("options.format must be 'spki', 'pkcs1', or 'ssh' for public RSA keys, not (" } else if (-1 !== ['ssh', 'rfc4716'].indexOf(format)) {
+ typeof format + ") " + format); format = 'ssh';
} } else {
} else { throw new Error(
// TODO test for all necessary keys (d, p, q ...) "options.format must be 'spki', 'pkcs1', or 'ssh' for public RSA keys, not (" +
if (!format || 'pkcs1' === format) { typeof format +
format = 'pkcs1'; ') ' +
} else if ('pkcs8' !== format) { format
throw new Error("options.format must be 'pkcs1' or 'pkcs8' for private RSA keys"); );
} }
} } else {
// TODO test for all necessary keys (d, p, q ...)
if (!format || 'pkcs1' === format) {
format = 'pkcs1';
} else if ('pkcs8' !== format) {
throw new Error(
"options.format must be 'pkcs1' or 'pkcs8' for private RSA keys"
);
}
}
if ('pkcs1' === format) { if ('pkcs1' === format) {
if (jwk.d) { if (jwk.d) {
return PEM.packBlock({ type: "RSA PRIVATE KEY", bytes: x509.packPkcs1(jwk) }); return PEM.packBlock({
} else { type: 'RSA PRIVATE KEY',
return PEM.packBlock({ type: "RSA PUBLIC KEY", bytes: x509.packPkcs1(jwk) }); bytes: x509.packPkcs1(jwk)
} });
} else if ('pkcs8' === format) { } else {
return PEM.packBlock({ type: "PRIVATE KEY", bytes: x509.packPkcs8(jwk) }); return PEM.packBlock({
} else if (-1 !== [ 'spki', 'pkix' ].indexOf(format)) { type: 'RSA PUBLIC KEY',
return PEM.packBlock({ type: "PUBLIC KEY", bytes: x509.packSpki(jwk) }); bytes: x509.packPkcs1(jwk)
} else if (-1 !== [ 'ssh', 'rfc4716' ].indexOf(format)) { });
return SSH.pack({ jwk: jwk, comment: opts.comment }); }
} else { } else if ('pkcs8' === format) {
throw new Error("Sanity Error: reached unreachable code block with format: " + format); return PEM.packBlock({
} type: 'PRIVATE KEY',
}); bytes: x509.packPkcs8(jwk)
}; });
RSA.pack = function (opts) { } else if (-1 !== ['spki', 'pkix'].indexOf(format)) {
// wrapped in a promise for API compatibility return PEM.packBlock({
// with the forthcoming browser version type: 'PUBLIC KEY',
// (and potential future native node capability) bytes: x509.packSpki(jwk)
return Promise.resolve().then(function () { });
return RSA.export(opts); } else if (-1 !== ['ssh', 'rfc4716'].indexOf(format)) {
}); return SSH.pack({ jwk: jwk, comment: opts.comment });
}; } else {
throw new Error(
'Sanity Error: reached unreachable code block with format: ' +
format
);
}
});
};
RSA.pack = function(opts) {
// wrapped in a promise for API compatibility
// with the forthcoming browser version
// (and potential future native node capability)
return Promise.resolve().then(function() {
return RSA.export(opts);
});
};
Enc.bufToUrlBase64 = function (u8) { Enc.bufToUrlBase64 = function(u8) {
return Enc.bufToBase64(u8) return Enc.bufToBase64(u8)
.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, ''); .replace(/\+/g, '-')
}; .replace(/\//g, '_')
.replace(/=/g, '');
};
Enc.bufToBase64 = function (u8) { Enc.bufToBase64 = function(u8) {
var bin = ''; var bin = '';
u8.forEach(function (i) { u8.forEach(function(i) {
bin += String.fromCharCode(i); bin += String.fromCharCode(i);
}); });
return btoa(bin); return btoa(bin);
}; };
})('undefined' !== typeof module ? module.exports : window);
}('undefined' !== typeof module ? module.exports : window));

538
lib/x509.js
View File

@ -1,279 +1,301 @@
(function (exports) { (function(exports) {
'use strict'; 'use strict';
var x509 = exports.x509 = {}; var x509 = (exports.x509 = {});
var ASN1 = exports.ASN1; var ASN1 = exports.ASN1;
var Enc = exports.Enc; var Enc = exports.Enc;
// 1.2.840.10045.3.1.7 // 1.2.840.10045.3.1.7
// prime256v1 (ANSI X9.62 named elliptic curve) // prime256v1 (ANSI X9.62 named elliptic curve)
var OBJ_ID_EC = '06 08 2A8648CE3D030107'.replace(/\s+/g, '').toLowerCase(); var OBJ_ID_EC = '06 08 2A8648CE3D030107'.replace(/\s+/g, '').toLowerCase();
// 1.3.132.0.34 // 1.3.132.0.34
// secp384r1 (SECG (Certicom) named elliptic curve) // secp384r1 (SECG (Certicom) named elliptic curve)
var OBJ_ID_EC_384 = '06 05 2B81040022'.replace(/\s+/g, '').toLowerCase(); var OBJ_ID_EC_384 = '06 05 2B81040022'.replace(/\s+/g, '').toLowerCase();
// 1.2.840.10045.2.1 // 1.2.840.10045.2.1
// ecPublicKey (ANSI X9.62 public key type) // ecPublicKey (ANSI X9.62 public key type)
var OBJ_ID_EC_PUB = '06 07 2A8648CE3D0201'.replace(/\s+/g, '').toLowerCase(); var OBJ_ID_EC_PUB = '06 07 2A8648CE3D0201'
.replace(/\s+/g, '')
.toLowerCase();
x509.parseSec1 = function parseEcOnlyPrivkey(u8, jwk) { x509.parseSec1 = function parseEcOnlyPrivkey(u8, jwk) {
var index = 7; var index = 7;
var len = 32; var len = 32;
var olen = OBJ_ID_EC.length / 2; var olen = OBJ_ID_EC.length / 2;
if ("P-384" === jwk.crv) { if ('P-384' === jwk.crv) {
olen = OBJ_ID_EC_384.length / 2; olen = OBJ_ID_EC_384.length / 2;
index = 8; index = 8;
len = 48; len = 48;
} }
if (len !== u8[index - 1]) { if (len !== u8[index - 1]) {
throw new Error("Unexpected bitlength " + len); throw new Error('Unexpected bitlength ' + len);
} }
// private part is d // private part is d
var d = u8.slice(index, index + len); var d = u8.slice(index, index + len);
// compression bit index // compression bit index
var ci = index + len + 2 + olen + 2 + 3; var ci = index + len + 2 + olen + 2 + 3;
var c = u8[ci]; var c = u8[ci];
var x, y; var x, y;
if (0x04 === c) { if (0x04 === c) {
y = u8.slice(ci + 1 + len, ci + 1 + len + len); y = u8.slice(ci + 1 + len, ci + 1 + len + len);
} else if (0x02 !== c) { } else if (0x02 !== c) {
throw new Error("not a supported EC private key"); throw new Error('not a supported EC private key');
} }
x = u8.slice(ci + 1, ci + 1 + len); x = u8.slice(ci + 1, ci + 1 + len);
return { return {
kty: jwk.kty kty: jwk.kty,
, crv: jwk.crv crv: jwk.crv,
, d: Enc.bufToUrlBase64(d) d: Enc.bufToUrlBase64(d),
//, dh: Enc.bufToHex(d) //, dh: Enc.bufToHex(d)
, x: Enc.bufToUrlBase64(x) x: Enc.bufToUrlBase64(x),
//, xh: Enc.bufToHex(x) //, xh: Enc.bufToHex(x)
, y: Enc.bufToUrlBase64(y) y: Enc.bufToUrlBase64(y)
//, yh: Enc.bufToHex(y) //, yh: Enc.bufToHex(y)
}; };
}; };
x509.packPkcs1 = function (jwk) { x509.packPkcs1 = function(jwk) {
var n = ASN1.UInt(Enc.base64ToHex(jwk.n)); var n = ASN1.UInt(Enc.base64ToHex(jwk.n));
var e = ASN1.UInt(Enc.base64ToHex(jwk.e)); var e = ASN1.UInt(Enc.base64ToHex(jwk.e));
if (!jwk.d) { if (!jwk.d) {
return Enc.hexToBuf(ASN1('30', n, e)); return Enc.hexToBuf(ASN1('30', n, e));
} }
return Enc.hexToBuf(ASN1('30' return Enc.hexToBuf(
, ASN1.UInt('00') ASN1(
, n '30',
, e ASN1.UInt('00'),
, ASN1.UInt(Enc.base64ToHex(jwk.d)) n,
, ASN1.UInt(Enc.base64ToHex(jwk.p)) e,
, ASN1.UInt(Enc.base64ToHex(jwk.q)) ASN1.UInt(Enc.base64ToHex(jwk.d)),
, ASN1.UInt(Enc.base64ToHex(jwk.dp)) ASN1.UInt(Enc.base64ToHex(jwk.p)),
, ASN1.UInt(Enc.base64ToHex(jwk.dq)) ASN1.UInt(Enc.base64ToHex(jwk.q)),
, ASN1.UInt(Enc.base64ToHex(jwk.qi)) ASN1.UInt(Enc.base64ToHex(jwk.dp)),
)); ASN1.UInt(Enc.base64ToHex(jwk.dq)),
}; ASN1.UInt(Enc.base64ToHex(jwk.qi))
)
);
};
x509.parsePkcs8 = function parseEcPkcs8(u8, jwk) { x509.parsePkcs8 = function parseEcPkcs8(u8, jwk) {
var index = 24 + (OBJ_ID_EC.length / 2); var index = 24 + OBJ_ID_EC.length / 2;
var len = 32; var len = 32;
if ("P-384" === jwk.crv) { if ('P-384' === jwk.crv) {
index = 24 + (OBJ_ID_EC_384.length / 2) + 2; index = 24 + OBJ_ID_EC_384.length / 2 + 2;
len = 48; len = 48;
} }
//console.log(index, u8.slice(index)); //console.log(index, u8.slice(index));
if (0x04 !== u8[index]) { if (0x04 !== u8[index]) {
//console.log(jwk); //console.log(jwk);
throw new Error("privkey not found"); throw new Error('privkey not found');
} }
var d = u8.slice(index + 2, index + 2 + len); var d = u8.slice(index + 2, index + 2 + len);
var ci = index + 2 + len + 5; var ci = index + 2 + len + 5;
var xi = ci + 1; var xi = ci + 1;
var x = u8.slice(xi, xi + len); var x = u8.slice(xi, xi + len);
var yi = xi + len; var yi = xi + len;
var y; var y;
if (0x04 === u8[ci]) { if (0x04 === u8[ci]) {
y = u8.slice(yi, yi + len); y = u8.slice(yi, yi + len);
} else if (0x02 !== u8[ci]) { } else if (0x02 !== u8[ci]) {
throw new Error("invalid compression bit (expected 0x04 or 0x02)"); throw new Error('invalid compression bit (expected 0x04 or 0x02)');
} }
return { return {
kty: jwk.kty kty: jwk.kty,
, crv: jwk.crv crv: jwk.crv,
, d: Enc.bufToUrlBase64(d) d: Enc.bufToUrlBase64(d),
//, dh: Enc.bufToHex(d) //, dh: Enc.bufToHex(d)
, x: Enc.bufToUrlBase64(x) x: Enc.bufToUrlBase64(x),
//, xh: Enc.bufToHex(x) //, xh: Enc.bufToHex(x)
, y: Enc.bufToUrlBase64(y) y: Enc.bufToUrlBase64(y)
//, yh: Enc.bufToHex(y) //, yh: Enc.bufToHex(y)
}; };
}; };
x509.parseSpki = function parsePem(u8, jwk) { x509.parseSpki = function parsePem(u8, jwk) {
var ci = 16 + OBJ_ID_EC.length / 2; var ci = 16 + OBJ_ID_EC.length / 2;
var len = 32; var len = 32;
if ("P-384" === jwk.crv) { if ('P-384' === jwk.crv) {
ci = 16 + OBJ_ID_EC_384.length / 2; ci = 16 + OBJ_ID_EC_384.length / 2;
len = 48; len = 48;
} }
var c = u8[ci]; var c = u8[ci];
var xi = ci + 1; var xi = ci + 1;
var x = u8.slice(xi, xi + len); var x = u8.slice(xi, xi + len);
var yi = xi + len; var yi = xi + len;
var y; var y;
if (0x04 === c) { if (0x04 === c) {
y = u8.slice(yi, yi + len); y = u8.slice(yi, yi + len);
} else if (0x02 !== c) { } else if (0x02 !== c) {
throw new Error("not a supported EC private key"); throw new Error('not a supported EC private key');
} }
return { return {
kty: jwk.kty kty: jwk.kty,
, crv: jwk.crv crv: jwk.crv,
, x: Enc.bufToUrlBase64(x) x: Enc.bufToUrlBase64(x),
//, xh: Enc.bufToHex(x) //, xh: Enc.bufToHex(x)
, y: Enc.bufToUrlBase64(y) y: Enc.bufToUrlBase64(y)
//, yh: Enc.bufToHex(y) //, yh: Enc.bufToHex(y)
}; };
}; };
x509.parsePkix = x509.parseSpki; x509.parsePkix = x509.parseSpki;
x509.packSec1 = function (jwk) { x509.packSec1 = function(jwk) {
var d = Enc.base64ToHex(jwk.d); var d = Enc.base64ToHex(jwk.d);
var x = Enc.base64ToHex(jwk.x); var x = Enc.base64ToHex(jwk.x);
var y = Enc.base64ToHex(jwk.y); var y = Enc.base64ToHex(jwk.y);
var objId = ('P-256' === jwk.crv) ? OBJ_ID_EC : OBJ_ID_EC_384; var objId = 'P-256' === jwk.crv ? OBJ_ID_EC : OBJ_ID_EC_384;
return Enc.hexToBuf( return Enc.hexToBuf(
ASN1('30' ASN1(
, ASN1.UInt('01') '30',
, ASN1('04', d) ASN1.UInt('01'),
, ASN1('A0', objId) ASN1('04', d),
, ASN1('A1', ASN1.BitStr('04' + x + y))) ASN1('A0', objId),
); ASN1('A1', ASN1.BitStr('04' + x + y))
}; )
/** );
* take a private jwk and creates a der from it };
* @param {*} jwk /**
*/ * take a private jwk and creates a der from it
x509.packPkcs8 = function (jwk) { * @param {*} jwk
if ('RSA' === jwk.kty) { */
if (!jwk.d) { x509.packPkcs8 = function(jwk) {
// Public RSA if ('RSA' === jwk.kty) {
return Enc.hexToBuf(ASN1('30' if (!jwk.d) {
, ASN1('30' // Public RSA
, ASN1('06', '2a864886f70d010101') return Enc.hexToBuf(
, ASN1('05') ASN1(
) '30',
, ASN1.BitStr(ASN1('30' ASN1(
, ASN1.UInt(Enc.base64ToHex(jwk.n)) '30',
, ASN1.UInt(Enc.base64ToHex(jwk.e)) ASN1('06', '2a864886f70d010101'),
)) ASN1('05')
)); ),
} ASN1.BitStr(
ASN1(
'30',
ASN1.UInt(Enc.base64ToHex(jwk.n)),
ASN1.UInt(Enc.base64ToHex(jwk.e))
)
)
)
);
}
// Private RSA // Private RSA
return Enc.hexToBuf(ASN1('30' return Enc.hexToBuf(
, ASN1.UInt('00') ASN1(
, ASN1('30' '30',
, ASN1('06', '2a864886f70d010101') ASN1.UInt('00'),
, ASN1('05') ASN1('30', ASN1('06', '2a864886f70d010101'), ASN1('05')),
) ASN1(
, ASN1('04' '04',
, ASN1('30' ASN1(
, ASN1.UInt('00') '30',
, ASN1.UInt(Enc.base64ToHex(jwk.n)) ASN1.UInt('00'),
, ASN1.UInt(Enc.base64ToHex(jwk.e)) ASN1.UInt(Enc.base64ToHex(jwk.n)),
, ASN1.UInt(Enc.base64ToHex(jwk.d)) ASN1.UInt(Enc.base64ToHex(jwk.e)),
, ASN1.UInt(Enc.base64ToHex(jwk.p)) ASN1.UInt(Enc.base64ToHex(jwk.d)),
, ASN1.UInt(Enc.base64ToHex(jwk.q)) ASN1.UInt(Enc.base64ToHex(jwk.p)),
, ASN1.UInt(Enc.base64ToHex(jwk.dp)) ASN1.UInt(Enc.base64ToHex(jwk.q)),
, ASN1.UInt(Enc.base64ToHex(jwk.dq)) ASN1.UInt(Enc.base64ToHex(jwk.dp)),
, ASN1.UInt(Enc.base64ToHex(jwk.qi)) ASN1.UInt(Enc.base64ToHex(jwk.dq)),
) ASN1.UInt(Enc.base64ToHex(jwk.qi))
) )
)); )
} )
);
}
var d = Enc.base64ToHex(jwk.d); var d = Enc.base64ToHex(jwk.d);
var x = Enc.base64ToHex(jwk.x); var x = Enc.base64ToHex(jwk.x);
var y = Enc.base64ToHex(jwk.y); var y = Enc.base64ToHex(jwk.y);
var objId = ('P-256' === jwk.crv) ? OBJ_ID_EC : OBJ_ID_EC_384; var objId = 'P-256' === jwk.crv ? OBJ_ID_EC : OBJ_ID_EC_384;
return Enc.hexToBuf( return Enc.hexToBuf(
ASN1('30' ASN1(
, ASN1.UInt('00') '30',
, ASN1('30' ASN1.UInt('00'),
, OBJ_ID_EC_PUB ASN1('30', OBJ_ID_EC_PUB, objId),
, objId ASN1(
) '04',
, ASN1('04' ASN1(
, ASN1('30' '30',
, ASN1.UInt('01') ASN1.UInt('01'),
, ASN1('04', d) ASN1('04', d),
, ASN1('A1', ASN1.BitStr('04' + x + y))))) ASN1('A1', ASN1.BitStr('04' + x + y))
); )
}; )
x509.packSpki = function (jwk) { )
if (/EC/i.test(jwk.kty)) { );
return x509.packSpkiEc(jwk); };
} x509.packSpki = function(jwk) {
return x509.packSpkiRsa(jwk); if (/EC/i.test(jwk.kty)) {
}; return x509.packSpkiEc(jwk);
x509.packSpkiRsa = function (jwk) { }
if (!jwk.d) { return x509.packSpkiRsa(jwk);
// Public RSA };
return Enc.hexToBuf(ASN1('30' x509.packSpkiRsa = function(jwk) {
, ASN1('30' if (!jwk.d) {
, ASN1('06', '2a864886f70d010101') // Public RSA
, ASN1('05') return Enc.hexToBuf(
) ASN1(
, ASN1.BitStr(ASN1('30' '30',
, ASN1.UInt(Enc.base64ToHex(jwk.n)) ASN1('30', ASN1('06', '2a864886f70d010101'), ASN1('05')),
, ASN1.UInt(Enc.base64ToHex(jwk.e)) ASN1.BitStr(
)) ASN1(
)); '30',
} ASN1.UInt(Enc.base64ToHex(jwk.n)),
ASN1.UInt(Enc.base64ToHex(jwk.e))
)
)
)
);
}
// Private RSA // Private RSA
return Enc.hexToBuf(ASN1('30' return Enc.hexToBuf(
, ASN1.UInt('00') ASN1(
, ASN1('30' '30',
, ASN1('06', '2a864886f70d010101') ASN1.UInt('00'),
, ASN1('05') ASN1('30', ASN1('06', '2a864886f70d010101'), ASN1('05')),
) ASN1(
, ASN1('04' '04',
, ASN1('30' ASN1(
, ASN1.UInt('00') '30',
, ASN1.UInt(Enc.base64ToHex(jwk.n)) ASN1.UInt('00'),
, ASN1.UInt(Enc.base64ToHex(jwk.e)) ASN1.UInt(Enc.base64ToHex(jwk.n)),
, ASN1.UInt(Enc.base64ToHex(jwk.d)) ASN1.UInt(Enc.base64ToHex(jwk.e)),
, ASN1.UInt(Enc.base64ToHex(jwk.p)) ASN1.UInt(Enc.base64ToHex(jwk.d)),
, ASN1.UInt(Enc.base64ToHex(jwk.q)) ASN1.UInt(Enc.base64ToHex(jwk.p)),
, ASN1.UInt(Enc.base64ToHex(jwk.dp)) ASN1.UInt(Enc.base64ToHex(jwk.q)),
, ASN1.UInt(Enc.base64ToHex(jwk.dq)) ASN1.UInt(Enc.base64ToHex(jwk.dp)),
, ASN1.UInt(Enc.base64ToHex(jwk.qi)) ASN1.UInt(Enc.base64ToHex(jwk.dq)),
) ASN1.UInt(Enc.base64ToHex(jwk.qi))
) )
)); )
}; )
x509.packSpkiEc = function (jwk) { );
var x = Enc.base64ToHex(jwk.x); };
var y = Enc.base64ToHex(jwk.y); x509.packSpkiEc = function(jwk) {
var objId = ('P-256' === jwk.crv) ? OBJ_ID_EC : OBJ_ID_EC_384; var x = Enc.base64ToHex(jwk.x);
return Enc.hexToBuf( var y = Enc.base64ToHex(jwk.y);
ASN1('30' var objId = 'P-256' === jwk.crv ? OBJ_ID_EC : OBJ_ID_EC_384;
, ASN1('30' return Enc.hexToBuf(
, OBJ_ID_EC_PUB ASN1(
, objId '30',
) ASN1('30', OBJ_ID_EC_PUB, objId),
, ASN1.BitStr('04' + x + y)) ASN1.BitStr('04' + x + y)
); )
}; );
x509.packPkix = x509.packSpki; };
x509.packPkix = x509.packSpki;
}('undefined' !== typeof module ? module.exports : window)); })('undefined' !== typeof module ? module.exports : window);

26
package-lock.json generated
View File

@ -1,6 +1,6 @@
{ {
"name": "@bluecrypt/acme", "name": "acme",
"version": "1.0.0", "version": "2.0.0-wip.0",
"lockfileVersion": 1, "lockfileVersion": 1,
"requires": true, "requires": true,
"dependencies": { "dependencies": {
@ -82,6 +82,12 @@
"glob": "^7.1.1" "glob": "^7.1.1"
} }
}, },
"commander": {
"version": "2.20.1",
"resolved": "https://registry.npmjs.org/commander/-/commander-2.20.1.tgz",
"integrity": "sha512-cCuLsMhJeWQ/ZpsFTbE765kvVfoeSddc4nU3up4fV+fDBcfUXnbITJ+JzhkdjzOqhURjZgujxaioam4RM9yGUg==",
"dev": true
},
"concat-map": { "concat-map": {
"version": "0.0.1", "version": "0.0.1",
"resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz",
@ -509,6 +515,12 @@
"integrity": "sha512-BvE/TwpZX4FXExxOxZyRGQQv651MSwmWKZGqvmPcRIjDqWub67kTKuIMx43cZZrS/cBBzwBcNDWoFxt2XEFIpQ==", "integrity": "sha512-BvE/TwpZX4FXExxOxZyRGQQv651MSwmWKZGqvmPcRIjDqWub67kTKuIMx43cZZrS/cBBzwBcNDWoFxt2XEFIpQ==",
"dev": true "dev": true
}, },
"source-map": {
"version": "0.6.1",
"resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz",
"integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==",
"dev": true
},
"statuses": { "statuses": {
"version": "1.4.0", "version": "1.4.0",
"resolved": "https://registry.npmjs.org/statuses/-/statuses-1.4.0.tgz", "resolved": "https://registry.npmjs.org/statuses/-/statuses-1.4.0.tgz",
@ -525,6 +537,16 @@
"mime-types": "~2.1.24" "mime-types": "~2.1.24"
} }
}, },
"uglify-js": {
"version": "3.6.0",
"resolved": "https://registry.npmjs.org/uglify-js/-/uglify-js-3.6.0.tgz",
"integrity": "sha512-W+jrUHJr3DXKhrsS7NUVxn3zqMOFn0hL/Ei6v0anCIMoKC93TjcflTagwIHLW7SfMFfiQuktQyFVCFHGUE0+yg==",
"dev": true,
"requires": {
"commander": "~2.20.0",
"source-map": "~0.6.1"
}
},
"unpipe": { "unpipe": {
"version": "1.0.0", "version": "1.0.0",
"resolved": "https://registry.npmjs.org/unpipe/-/unpipe-1.0.0.tgz", "resolved": "https://registry.npmjs.org/unpipe/-/unpipe-1.0.0.tgz",

82
package.json
View File

@ -1,42 +1,44 @@
{ {
"name": "@bluecrypt/acme", "name": "acme",
"version": "1.0.1", "version": "2.0.0-wip.0",
"description": "Free SSL certificates through Let's Encrypt, right in your browser", "description": "Free SSL certificates through Let's Encrypt, right in your browser",
"main": "bluecrypt-acme.js", "main": "bluecrypt-acme.js",
"homepage": "https://rootprojects.org/acme/", "homepage": "https://rootprojects.org/acme/",
"directories": { "directories": {
"lib": "lib" "lib": "lib"
}, },
"files": [ "files": [
"lib", "lib",
"bluecrypt-acme.js", "dist"
"bluecrypt-acme.min.js" ],
], "scripts": {
"scripts": { "build": "node bin/bundle.js",
"test": "node server.js", "lint": "jshint lib bin",
"start": "node server.js" "test": "node server.js",
}, "start": "node server.js"
"repository": { },
"type": "git", "repository": {
"url": "https://git.coolaj86.com/coolaj86/bluecrypt-acme.js.git" "type": "git",
}, "url": "https://git.coolaj86.com/coolaj86/bluecrypt-acme.js.git"
"keywords": [ },
"ACME", "keywords": [
"Let's Encrypt", "ACME",
"browser", "Let's Encrypt",
"EC", "browser",
"RSA", "EC",
"CSR", "RSA",
"greenlock", "CSR",
"VanillaJS", "greenlock",
"ZeroSSL" "VanillaJS",
], "ZeroSSL"
"author": "AJ ONeal <coolaj86@gmail.com> (https://coolaj86.com/)", ],
"license": "MPL-2.0", "author": "AJ ONeal <coolaj86@gmail.com> (https://coolaj86.com/)",
"devDependencies": { "license": "MPL-2.0",
"@root/request": "^1.3.10", "devDependencies": {
"dig.js": "^1.3.9", "@root/request": "^1.3.10",
"dns-suite": "^1.2.12", "dig.js": "^1.3.9",
"express": "^4.16.4" "dns-suite": "^1.2.12",
} "express": "^4.16.4",
"uglify-js": "^3.6.0"
}
} }