coolaj86/ecdsa-csr.js
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

v1.1.0: Fix #1 (byte size calc) and #2 (utf-8 strings)

Browse Source
This commit is contained in:
AJ ONeal 2018-11-18 16:08:45 -07:00
parent 6161eff921
commit 4b8f32a871
5 changed files with 152 additions and 114 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
README.md
View File

@ -49,7 +49,11 @@ return ecdsacsr({ key: key, domains: domains }).then(function (csr) {
* PEM may be a plain string or a Buffer*
* DER must be a Buffer*
* `domains` must be a list of strings representing domain names
* must be plain oldl utf8, not punycode
* correctly handles utf-8
* you may also use punycoded, if needed
* `subject` will be `domains[0]` by default
* you shouldn't use this unless you need to
* you may need to if you need utf-8 for domains, but punycode for the subject
* "Buffer" can be a node Buffer, a JavaScript Uint8Array,
or a JavaScript Array which contains only numbers between 0 and 255.
@ -78,12 +82,10 @@ Known Issues
------------
I've learned to be careful about talking about the future,
however, I literally just published this tonight (2018-11-17)
however, I literally just published this last night (2018-11-17)
and there are a few things I plan to address but haven't yet:
* JWK not yet supported
* non-ascii domains, such as 例.中国 not yet supported
* total domains length over 127 characters not yet supported
New to Crypto?
--------------

5
bin/ecdsacsr.js
View File

@ -10,7 +10,8 @@ var domains = process.argv[3].split(/,/);
var keypem = fs.readFileSync(keyname, 'ascii');
ecdsacsr({ key: keypem, domains: domains }).then(function (csr) {
console.error("CN=" + domains[0]);
console.error("subjectAltName=" + domains.join(','));
// Using error so that we can redirect stdout to file
//console.error("CN=" + domains[0]);
//console.error("subjectAltName=" + domains.join(','));
console.log(csr);
});

218
lib/ecdsacsr.js
View File

@ -6,6 +6,55 @@ var crypto = require('crypto');
// prime256v1 (ANSI X9.62 named elliptic curve)
var OBJ_ID_EC = '06 08 2A8648CE3D030107'.replace(/\s+/g, '').toLowerCase();
function ASN1() {
var args = Array.prototype.slice.call(arguments);
var typ = args.shift();
var str = args.join('').replace(/\s+/g, '');
var len = (str.length/2);
var len2 = len;
var lenlen = 0;
var hex = typ;
var hlen = '';
// high-order bit means multiple bytes
if (len2 !== Math.round(len2)) {
throw new Error("invalid hex");
}
if (len2 > 127) {
lenlen += 1;
while (len2 > 255) {
lenlen += 1;
len2 = len2 >> 8;
//console.warn("LEN2", len2);
}
}
if (lenlen) {
hlen = numToHex(0x80 + lenlen);
}
/*
console.warn(
'typ:', typ
, 'lenlen:', hlen
, 'len:', len, numToHex(len)
);
console.warn('str:', str);
*/
return hex + hlen + numToHex(len) + str;
}
ASN1.UInt = function UINT() {
var str = Array.prototype.slice.call(arguments).join('');
var first = parseInt(str.slice(0, 2), 16);
// high-order bit means signed, negative
// we want positive, so we pad with a leading '00'
if (0x80 & first) { str = '00' + str; }
return ASN1('02', str);
};
ASN1.BitStr = function BITSTR() {
var str = Array.prototype.slice.call(arguments).join('');
// '00' is a mask of how many bits of the next byte to ignore
return ASN1('03', '00' + str);
};
function fromBase64(b64) {
var buf;
var ab;
@ -139,29 +188,32 @@ function toBase64(der) {
return btoa(chs.join(''));
}
// these are static ASN.1 segments
// The head specifies that there will be 3 segments and a content length
// (those segments will be content, signature header, and signature)
var csrHead = '30 82 {0seq0len}'.replace(/\s+/g, '');
// The tail specifies the ES256 signature header (and is followed by the signature
var csrEcFoot =
( '30 0A'
function csrEcSig(r, s) {
return [
ASN1('30'
// 1.2.840.10045.4.3.2 ecdsaWithSHA256
// (ANSI X9.62 ECDSA algorithm with SHA256)
+ '06 08 2A 86 48 CE 3D 04 03 02'
+ '03 {len} 00' // bit stream (why??)
+ '30 {rslen}' // sequence
+ '02 {rlen} {r}' // integer r
+ '02 {slen} {s}' // integer s
).replace(/\s+/g, '');
var csrDomains = '82 {dlen} {domain.tld}'; // 2+n bytes (type 82?)
, ASN1('06', '2A 86 48 CE 3D 04 03 02')
)
, ASN1.BitStr(
ASN1('30'
, ASN1.UInt(toHex(r))
, ASN1.UInt(toHex(s))
)
)
].join('');
}
function strToHex(str) {
return str.split('').map(function (ch) {
var h = ch.charCodeAt(0).toString(16);
if (2 === h.length) {
return h;
}
var escstr = encodeURIComponent(str);
// replaces any uri escape sequence, such as %0A,
// with binary escape, such as 0x0A
var binstr = escstr.replace(/%([0-9A-F]{2})/g, function(match, p1) {
return String.fromCharCode('0x' + p1);
});
return binstr.split('').map(function (b) {
var h = b.charCodeAt(0).toString(16);
if (2 === h.length) { return h; }
return '0' + h;
}).join('');
}
@ -190,11 +242,6 @@ function fromHex(hex) {
}
function createCsrBodyEc(domains, xy) {
var altnames = domains.map(function (d) {
return csrDomains.replace(/{dlen}/, numToHex(d.length)).replace(/{domain\.tld}/, strToHex(d));
}).join('').replace(/\s+/g, '');
var sublen = domains[0].length;
var sanlen = (altnames.length/2);
var publen = xy.x.byteLength;
var compression = '04';
var hxy = '';
@ -214,70 +261,55 @@ function createCsrBodyEc(domains, xy) {
hxy += toHex(xy.y);
}
var body = [ '30 81 {+85+n}' // 4 bytes, sequence
.replace(/{[^}]+}/, numToHex(
3
+ 13 + sublen
+ 27 + publen // Length for EC-related P-256 stuff
+ 30 + sanlen
))
var version = ASN1.UInt('00');
var subject = ASN1('30'
, ASN1('31'
, ASN1('30'
// object id (commonName)
, ASN1('06', '55 04 03')
, ASN1('0C', strToHex(domains[0])))));
var pubkey = ASN1('30'
, ASN1('30'
// 1.2.840.10045.2.1 ecPublicKey
// (ANSI X9.62 public key type)
, ASN1('06', '2A 86 48 CE 3D 02 01')
// 1.2.840.10045.3.1.7 prime256v1
// (ANSI X9.62 named elliptic curve)
, ASN1('06', '2A 86 48 CE 3D 03 01 07')
)
, ASN1.BitStr(compression + hxy));
var altnames = ASN1('A0'
, ASN1('30'
// (extensionRequest (PKCS #9 via CRMF))
, ASN1('06', '2A 86 48 86 F7 0D 01 09 0E')
, ASN1('31'
, ASN1('30'
, ASN1('30'
// (subjectAltName (X.509 extension))
, ASN1('06', '55 1D 11')
, ASN1('04'
, ASN1('30', domains.map(function (d) {
return ASN1('82', strToHex(d));
}).join(''))))))));
var body = ASN1('30'
// #0 Total 3
, '02 01 00' // 3 bytes, int 0
, version
// Subject
// #1 Total 2+11+n
, '30 {3.2.0seqlen}' // 2 bytes, sequence
.replace(/{[^}]+}/, numToHex(2+2+5+2+sublen))
, '31 {4.3.0setlen}' // 2 bytes, set
.replace(/{[^}]+}/, numToHex(2+5+2+sublen))
, '30 {5.4.0seqlen}' // 2 bytes, sequence
.replace(/{[^}]+}/, numToHex(5+2+sublen))
, '06 03 55 04 03' // 5 bytes, object id (commonName)
, '0C {dlen} {domain.tld}' // 2+n bytes, utf8string
.replace(/{dlen}/, numToHex(sublen))
.replace(/{domain\.tld}/, strToHex(domains[0]))
, subject
// P-256 Public Key
// #2 Total 2+25+xy
, '30 {+25+xy}' // 2 bytes, sequence
.replace(/{[^}]+}/, numToHex(2+9+10+3+1+publen))
, '30 13' // 2 bytes, sequence
// 1.2.840.10045.2.1 ecPublicKey
// (ANSI X9.62 public key type)
, '06 07 2A 86 48 CE 3D 02 01' // 9 bytes, object id
// 1.2.840.10045.3.1.7 prime256v1
// (ANSI X9.62 named elliptic curve)
, '06 08 2A 86 48 CE 3D 03 01 07' // 10 bytes, object id
, '03 {xylen} 00 {xy}' // 3+1+n bytes
.replace(/{xylen}/, numToHex(publen+2))
.replace(/{xy}/, compression + hxy)
, pubkey
// Altnames
// #3 Total 2+28+n
, 'A0 {+28}' // 2 bytes, ?? [4B]
.replace(/{[^}]+}/, numToHex(2+11+2+2+2+5+2+2+sanlen))
, '30 {+26}' // 2 bytes, sequence
.replace(/{[^}]+}/, numToHex(11+2+2+2+5+2+2+sanlen))
// (extensionRequest (PKCS #9 via CRMF))
, '06 09 2A 86 48 86 F7 0D 01 09 0E' // 11 bytes, object id
, '31 {+13}' // 2 bytes, set
.replace(/{[^}]+}/, numToHex(2+2+5+2+2+sanlen))
, '30 {+11}' // 2 bytes, sequence
.replace(/{[^}]+}/, numToHex(2+5+2+2+sanlen))
, '30 {+9}' // 2 bytes, sequence
.replace(/{[^}]+}/, numToHex(5+2+2+sanlen))
// (subjectAltName (X.509 extension))
, '06 03 55 1D 11' // 5 bytes, object id
, '04 {+2}' // 2 bytes, octet string
.replace(/{[^}]+}/, numToHex(2+sanlen))
, '30 {+n}' // 2 bytes, sequence
.replace(/{[^}]+}/, numToHex(sanlen))
, '{altnames}' // n (elements of sequence)
.replace(/{altnames}/, altnames)
];
body = body.join('').replace(/\s+/g, '');
return fromHex(body);
, altnames
);
return body;
}
// https://gist.github.com/codermapuche/da4f96cdb6d5ff53b7ebc156ec46a10a
@ -320,7 +352,7 @@ function createEcCsr(domains, keypem, ecpub) {
// TODO get pub from priv
var csrBody = createCsrBodyEc(domains, ecpub);
var sig = signEc(keypem, csrBody);
var sig = signEc(keypem, fromHex(csrBody));
var rLen = sig.r.byteLength;
var rc = '';
var sLen = sig.s.byteLength;
@ -329,18 +361,8 @@ function createEcCsr(domains, keypem, ecpub) {
if (0x80 & new Uint8Array(sig.r)[0]) { rc = '00'; rLen += 1; }
if (0x80 & new Uint8Array(sig.s)[0]) { sc = '00'; sLen += 1; }
var csrSig = csrEcFoot
.replace(/{len}/, numToHex(1 + 2 + 2 + 2 + rLen + sLen))
.replace(/{rslen}/, numToHex(2 + 2 + rLen + sLen))
.replace(/{rlen}/, numToHex(rLen))
.replace(/{r}/, rc + toHex(sig.r))
.replace(/{slen}/, numToHex(sLen))
.replace(/{s}/, sc + toHex(sig.s))
;
var csrSig = csrEcSig(sig.r, sig.s);
// Note: If we supported P-521 a number of the lengths would change
// by one byte and that would be... annoying to update
var len = csrBody.byteLength + (csrSig.length/2);
/*
console.log('sig:', sig.raw.byteLength, toHex(sig.raw));
console.log('r:', sig.r.byteLength, toHex(sig.r));
@ -348,23 +370,7 @@ function createEcCsr(domains, keypem, ecpub) {
console.log('csr sig:', csrSig.length / 2, csrSig);
console.log('csrBodyLen + csrSigLen', numToHex(len));
*/
var head = csrHead.replace(/{[^}]+}/, numToHex(len));
var ab = new Uint8Array(new ArrayBuffer((head.length/2) + len));
var i = 0;
fromHex(head).forEach(function (b) {
ab[i] = b;
i += 1;
});
csrBody.forEach(function (b) {
ab[i] = b;
i += 1;
});
fromHex(csrSig).forEach(function (b) {
ab[i] = b;
i += 1;
});
return ab;
return fromHex(ASN1('30', csrBody, csrSig));
}
function createEcCsrPem(domains, keypem) {

4
package.json
View File

@ -1,6 +1,6 @@
{
"name": "ecdsa-csr",
"version": "1.0.2",
"version": "1.1.0",
"description": "A focused, zero-dependency library to generate a Certificate Signing Request (CSR) and sign it!",
"main": "index.js",
"bin": {
@ -10,7 +10,7 @@
"lib": "lib"
},
"scripts": {
"postinstall": "node lib/telemetry.js install",
"postinstall": "node lib/telemetry.js event:install",
"test": "echo \"Error: no test specified\" && exit 1"
},
"repository": {

29
test.sh Normal file
View File

@ -0,0 +1,29 @@
#!/bin/bash
# creating privkey
openssl ecparam -genkey -name prime256v1 -noout -out ./privkey-ec-p256.pem
# canonical example
rm csr.pem
node bin/ecdsacsr.js ./privkey-ec-p256.pem example.com,www.example.com > csr.pem
openssl req -text -noout -verify -in csr.pem 2>&1 | grep 'verify OK' && echo 'pass' || echo 'FAIL'
# 100 domains (max allowed by Let's Encrypt)
rm csr.pem
node bin/ecdsacsr.js ./privkey-ec-p256.pem example.com,www.example.com,api.example.com,assets.example.com,ftp.example.com,example.org,www.example.org,api.example.org,assets.example.org,ftp.example.org,example.co,www.example.co,api.example.co,assets.example.co,ftp.example.co,example.net,www.example.net,api.example.net,assets.example.net,ftp.example.net,whatever.com,www.whatever.com,api.whatever.com,assets.whatever.com,ftp.whatever.com,whatever.org,www.whatever.org,api.whatever.org,assets.whatever.org,ftp.whatever.org,whatever.net,www.whatever.net,api.whatever.net,assets.whatever.net,ftp.whatever.net,whatever.co,www.whatever.co,api.whatever.co,assets.whatever.co,ftp.whatever.co,sample.com,www.sample.com,api.sample.com,assets.sample.com,ftp.sample.com,sample.org,www.sample.org,api.sample.org,assets.sample.org,ftp.sample.org,sample.net,www.sample.net,api.sample.net,assets.sample.net,ftp.sample.net,sample.co,www.sample.co,api.sample.co,assets.sample.co,ftp.sample.co,foobar.com,www.foobar.com,api.foobar.com,assets.foobar.com,ftp.foobar.com,foobar.org,www.foobar.org,api.foobar.org,assets.foobar.org,ftp.foobar.org,foobar.net,www.foobar.net,api.foobar.net,assets.foobar.net,ftp.foobar.net,foobar.co,www.foobar.co,api.foobar.co,assets.foobar.co,ftp.foobar.co,quux.com,www.quux.com,api.quux.com,assets.quux.com,ftp.quux.com,quux.org,www.quux.org,api.quux.org,assets.quux.org,ftp.quux.org,quux.net,www.quux.net,api.quux.net,assets.quux.net,ftp.quux.net,quux.co,www.quux.co,api.quux.co,assets.quux.co,ftp.quux.co >csr.pem
openssl req -text -noout -verify -in csr.pem 2>&1 | grep 'verify OK' && echo 'pass' || echo 'FAIL'
# single domain
rm csr.pem
node bin/ecdsacsr.js ./privkey-ec-p256.pem example.com > csr.pem
openssl req -text -noout -verify -in csr.pem 2>&1 | grep 'verify OK' && echo 'pass' || echo 'FAIL'
# utf8 domain
rm csr.pem
node bin/ecdsacsr.js ./privkey-ec-p256.pem 例.中国,example.com > csr.pem
openssl req -text -noout -verify -in csr.pem 2>&1 | grep 'verify OK' && echo 'pass' || echo 'FAIL'
#openssl req -text -noout -verify -in csr.pem