// Copyright 2018-present AJ ONeal. All rights reserved /* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ (function (exports) { 'use strict'; /*global Promise*/ var ASN1 = exports.ASN1; var Enc = exports.Enc; var PEM = exports.PEM; var X509 = exports.x509; var Keypairs = exports.Keypairs; // TODO find a way that the prior node-ish way of `module.exports = function () {}` isn't broken var CSR = exports.CSR = function (opts) { // We're using a Promise here to be compatible with the browser version // which will probably use the webcrypto API for some of the conversions return CSR._prepare(opts).then(function (opts) { return CSR.create(opts).then(function (bytes) { return CSR._encode(opts, bytes); }); }); }; CSR._prepare = function (opts) { return Promise.resolve().then(function () { var Keypairs; opts = JSON.parse(JSON.stringify(opts)); // We do a bit of extra error checking for user convenience if (!opts) { throw new Error("You must pass options with key and domains to rsacsr"); } if (!Array.isArray(opts.domains) || 0 === opts.domains.length) { new Error("You must pass options.domains as a non-empty array"); } // I need to check that 例.中国 is a valid domain name if (!opts.domains.every(function (d) { // allow punycode? xn-- if ('string' === typeof d /*&& /\./.test(d) && !/--/.test(d)*/) { return true; } })) { throw new Error("You must pass options.domains as strings"); } if (opts.jwk) { return opts; } if (opts.key && opts.key.kty) { opts.jwk = opts.key; return opts; } if (!opts.pem && !opts.key) { throw new Error("You must pass options.key as a JSON web key"); } Keypairs = exports.Keypairs; if (!exports.Keypairs) { throw new Error("Keypairs.js is an optional dependency for PEM-to-JWK.\n" + "Install it if you'd like to use it:\n" + "\tnpm install --save rasha\n" + "Otherwise supply a jwk as the private key." ); } return Keypairs.import({ pem: opts.pem || opts.key }).then(function (pair) { opts.jwk = pair.private; return opts; }); }); }; CSR._encode = function (opts, bytes) { if ('der' === (opts.encoding||'').toLowerCase()) { return bytes; } return PEM.packBlock({ type: "CERTIFICATE REQUEST" , bytes: bytes /* { jwk: jwk, domains: opts.domains } */ }); }; CSR.create = function createCsr(opts) { var hex = CSR.request(opts.jwk, opts.domains); return CSR._sign(opts.jwk, hex).then(function (csr) { return Enc.hexToBuf(csr); }); }; // // EC / RSA // CSR.request = function createCsrBodyEc(jwk, domains) { var asn1pub; if (/^EC/i.test(jwk.kty)) { asn1pub = X509.packCsrEcPublicKey(jwk); } else { asn1pub = X509.packCsrRsaPublicKey(jwk); } return X509.packCsr(asn1pub, domains); }; CSR._sign = function csrEcSig(jwk, request) { // Took some tips from https://gist.github.com/codermapuche/da4f96cdb6d5ff53b7ebc156ec46a10a // TODO will have to convert web ECDSA signatures to PEM ECDSA signatures (but RSA should be the same) // TODO have a consistent non-private way to sign return Keypairs._sign({ jwk: jwk, format: 'x509' }, Enc.hexToBuf(request)).then(function (sig) { return CSR._toDer({ request: request, signature: sig, kty: jwk.kty }); }); }; CSR._toDer = function encode(opts) { var sty; if (/^EC/i.test(opts.kty)) { // 1.2.840.10045.4.3.2 ecdsaWithSHA256 (ANSI X9.62 ECDSA algorithm with SHA256) sty = ASN1('30', ASN1('06', '2a8648ce3d040302')); } else { // 1.2.840.113549.1.1.11 sha256WithRSAEncryption (PKCS #1) sty = ASN1('30', ASN1('06', '2a864886f70d01010b'), ASN1('05')); } return ASN1('30' // The Full CSR Request Body , opts.request // The Signature Type , sty // The Signature , ASN1.BitStr(Enc.bufToHex(opts.signature)) ); }; X509.packCsr = function (asn1pubkey, domains) { return ASN1('30' // Version (0) , ASN1.UInt('00') // 2.5.4.3 commonName (X.520 DN component) , ASN1('30', ASN1('31', ASN1('30', ASN1('06', '550403'), ASN1('0c', Enc.utf8ToHex(domains[0]))))) // Public Key (RSA or EC) , asn1pubkey // Request Body , ASN1('a0' , ASN1('30' // 1.2.840.113549.1.9.14 extensionRequest (PKCS #9 via CRMF) , ASN1('06', '2a864886f70d01090e') , ASN1('31' , ASN1('30' , ASN1('30' // 2.5.29.17 subjectAltName (X.509 extension) , ASN1('06', '551d11') , ASN1('04' , ASN1('30', domains.map(function (d) { return ASN1('82', Enc.utf8ToHex(d)); }).join('')))))))) ); }; // TODO finish this later // we want to parse the domains, the public key, and verify the signature CSR._info = function (der) { // standard base64 PEM if ('string' === typeof der && '-' === der[0]) { der = PEM.parseBlock(der).bytes; } // jose urlBase64 not-PEM if ('string' === typeof der) { der = Enc.base64ToBuf(der); } // not supporting binary-encoded bas64 var c = ASN1.parse(der); var kty; // A cert has 3 parts: cert, signature meta, signature if (c.children.length !== 3) { throw new Error("doesn't look like a certificate request: expected 3 parts of header"); } var sig = c.children[2]; if (sig.children.length) { // ASN1/X509 EC sig = sig.children[0]; sig = ASN1('30', ASN1.UInt(Enc.bufToHex(sig.children[0].value)), ASN1.UInt(Enc.bufToHex(sig.children[1].value))); sig = Enc.hexToBuf(sig); kty = 'EC'; } else { // Raw RSA Sig sig = sig.value; kty = 'RSA'; } //c.children[1]; // signature type var req = c.children[0]; // TODO utf8 if (4 !== req.children.length) { throw new Error("doesn't look like a certificate request: expected 4 parts to request"); } // 0 null // 1 commonName / subject var sub = Enc.bufToBin(req.children[1].children[0].children[0].children[1].value); // 3 public key (type, key) //console.log('oid', Enc.bufToHex(req.children[2].children[0].children[0].value)); var pub; // TODO reuse ASN1 parser for these? if ('EC' === kty) { // throw away compression byte pub = req.children[2].children[1].value.slice(1); pub = { kty: kty, x: pub.slice(0, 32), y: pub.slice(32) }; while (0 === pub.x[0]) { pub.x = pub.x.slice(1); } while (0 === pub.y[0]) { pub.y = pub.y.slice(1); } if ((pub.x.length || pub.x.byteLength) > 48) { pub.crv = 'P-521'; } else if ((pub.x.length || pub.x.byteLength) > 32) { pub.crv = 'P-384'; } else { pub.crv = 'P-256'; } pub.x = Enc.bufToUrlBase64(pub.x); pub.y = Enc.bufToUrlBase64(pub.y); } else { pub = req.children[2].children[1].children[0]; pub = { kty: kty, n: pub.children[0].value, e: pub.children[1].value }; while (0 === pub.n[0]) { pub.n = pub.n.slice(1); } while (0 === pub.e[0]) { pub.e = pub.e.slice(1); } pub.n = Enc.bufToUrlBase64(pub.n); pub.e = Enc.bufToUrlBase64(pub.e); } // 4 extensions var domains = req.children[3].children.filter(function (seq) { // 1.2.840.113549.1.9.14 extensionRequest (PKCS #9 via CRMF) if ('2a864886f70d01090e' === Enc.bufToHex(seq.children[0].value)) { return true; } }).map(function (seq) { return seq.children[1].children[0].children.filter(function (seq2) { // subjectAltName (X.509 extension) if ('551d11' === Enc.bufToHex(seq2.children[0].value)) { return true; } }).map(function (seq2) { return seq2.children[1].children[0].children.map(function (name) { // TODO utf8 return Enc.bufToBin(name.value); }); })[0]; })[0]; return { subject: sub , altnames: domains , jwk: pub , signature: sig }; }; X509.packCsrRsaPublicKey = function (jwk) { // Sequence the key var n = ASN1.UInt(Enc.base64ToHex(jwk.n)); var e = ASN1.UInt(Enc.base64ToHex(jwk.e)); var asn1pub = ASN1('30', n, e); // Add the CSR pub key header return ASN1('30', ASN1('30', ASN1('06', '2a864886f70d010101'), ASN1('05')), ASN1.BitStr(asn1pub)); }; X509.packCsrEcPublicKey = function (jwk) { var ecOid = X509._oids[jwk.crv]; if (!ecOid) { throw new Error("Unsupported namedCurve '" + jwk.crv + "'. Supported types are " + Object.keys(X509._oids)); } var cmp = '04'; // 04 == x+y, 02 == x-only var hxy = ''; // Placeholder. I'm not even sure if compression should be supported. if (!jwk.y) { cmp = '02'; } hxy += Enc.base64ToHex(jwk.x); if (jwk.y) { hxy += Enc.base64ToHex(jwk.y); } // 1.2.840.10045.2.1 ecPublicKey return ASN1('30', ASN1('30', ASN1('06', '2a8648ce3d0201'), ASN1('06', ecOid)), ASN1.BitStr(cmp + hxy)); }; X509._oids = { // 1.2.840.10045.3.1.7 prime256v1 // (ANSI X9.62 named elliptic curve) (06 08 - 2A 86 48 CE 3D 03 01 07) 'P-256': '2a8648ce3d030107' // 1.3.132.0.34 P-384 (06 05 - 2B 81 04 00 22) // (SEC 2 recommended EC domain secp256r1) , 'P-384': '2b81040022' // requires more logic and isn't a recommended standard // 1.3.132.0.35 P-521 (06 05 - 2B 81 04 00 23) // (SEC 2 alternate P-521) //, 'P-521': '2B 81 04 00 23' }; // don't replace the full parseBlock, if it exists PEM.parseBlock = PEM.parseBlock || function (str) { var der = str.split(/\n/).filter(function (line) { return !/-----/.test(line); }).join(''); return { bytes: Enc.base64ToBuf(der) }; }; }('undefined' === typeof window ? module.exports : window));