@ -16,6 +16,13 @@ var OBJ_ID_EC_384 = '06 05 2B81040022'.replace(/\s+/g, '').toLowerCase();
// ecPublicKey (ANSI X9.62 public key type)
var OBJ_ID_EC_PUB = '06 07 2A8648CE3D0201' . replace ( /\s+/g , '' ) . toLowerCase ( ) ;
// 19 e c d s a - s h a 2 - n i s t p 2 5 6
var SSH_EC_P256 = '00000013 65 63 64 73 61 2d 73 68 61 32 2d 6e 69 73 74 70 32 35 36'
. replace ( /\s+/g , '' ) . toLowerCase ( ) ;
// 19 e c d s a - s h a 2 - n i s t p 3 8 4
var SSH_EC_P384 = '00000013 65 63 64 73 61 2d 73 68 61 32 2d 6e 69 73 74 70 33 38 34'
. replace ( /\s+/g , '' ) . toLowerCase ( ) ;
// The one good thing that came from the b***kchain hysteria: good EC documentation
// https://davidederosa.com/basic-blockchain-programming/elliptic-curve-keys/
@ -226,11 +233,35 @@ EC.parseSpki = function parsePem(u8, jwk) {
} ;
EC . parsePkix = EC . parseSpki ;
EC . parseSsh = function ( pem ) {
var jwk = { kty : 'EC' , crv : null , x : null , y : null } ;
var b64 = pem . split ( /\s+/g ) [ 1 ] ;
var buf = Buffer . from ( b64 , 'base64' ) ;
var hex = buf . toString ( 'hex' ) ;
var index = 40 ;
var len ;
if ( 0 === hex . indexOf ( SSH_EC_P256 ) ) {
jwk . crv = 'P-256' ;
len = 32 ;
} else if ( 0 === hex . indexOf ( SSH_EC_P384 ) ) {
jwk . crv = 'P-384' ;
len = 48 ;
}
var x = buf . slice ( index , index + len ) ;
var y = buf . slice ( index + len , index + len + len ) ;
jwk . x = PEM . _ toUrlSafeBase64 ( x ) ;
jwk . y = PEM . _ toUrlSafeBase64 ( y ) ;
return jwk ;
} ;
/*global Promise*/
EC . parse = function parseEc ( opts ) {
return Promise . resolve ( ) . then ( function ( ) {
if ( ! opts || ! opts . pem ) {
throw new Error ( "must pass { pem: pem }" ) ;
if ( ! opts || ! opts . pem || 'string' !== typeof opts . pem ) {
throw new Error ( "must pass { pem: pem } as a string" ) ;
}
if ( 0 === opts . pem . indexOf ( 'ecdsa-sha2-' ) ) {
return EC . parseSsh ( opts . pem ) ;
}
var pem = opts . pem ;
var u8 = PEM . parseBlock ( pem ) . der ;