From 324bf5f6d547b543e648e4d7ca96a3428bc0a1e5 Mon Sep 17 00:00:00 2001
From: AJ ONeal <aj@daplie.com>
Date: Tue, 2 Aug 2016 12:35:23 -0400
Subject: [PATCH] fixes

---
 lib/rsa-extra.js | 58 ++++++++++++------------------------------------
 lib/rsa-ursa.js  | 14 +++++++-----
 node.js          | 17 +++++++++-----
 3 files changed, 34 insertions(+), 55 deletions(-)

diff --git a/lib/rsa-extra.js b/lib/rsa-extra.js
index 6218b5e..a5e2737 100644
--- a/lib/rsa-extra.js
+++ b/lib/rsa-extra.js
@@ -1,39 +1,9 @@
 'use strict';
 
-//var crypto = require('crypto');
-var forge = require('node-forge');
-
-function binstrToB64(binstr) {
-  return new Buffer(binstr, 'binary').toString('base64');
+function binstrToB64Url(binstr) {
+  return new Buffer(binstr, 'binary').toString('base64')
+    .replace(/[+]/g, "-").replace(/\//g, "_").replace(/=/g,"");
 }
-function b64ToBinstr(b64) {
-  return new Buffer(b64, 'b64').toString('binary');
-}
-
-/*
-  importPemPrivateKey: function(pem) {
-    var key = forge.pki.privateKeyFromPem(pem);
-    return {
-      privateKey: exportPrivateKey(key),
-      publicKey: exportPublicKey(key)
-    };
-  },
-
-  importPemCertificate: function(pem) {
-    return forge.pki.certificateFromPem(pem);
-  },
-
-  privateKeyToPem: function(privateKey) {
-    var priv = importPrivateKey(privateKey);
-    return forge.pki.privateKeyToPem(priv);
-  },
-
-  certificateToPem: function(certificate) {
-    var derCert = base64ToBytes(certificate);
-    var cert = forge.pki.certificateFromAsn1(forge.asn1.fromDer(derCert));
-    return forge.pki.certificateToPem(cert);
-  },
-*/
 
 var extrac = module.exports = {
   //
@@ -44,22 +14,22 @@ var extrac = module.exports = {
 
     return {
       kty: "RSA"
-    , n: binstrToB64(k.n.toByteArray())
-    , e: binstrToB64(k.e.toByteArray())
-    , d: binstrToB64(k.d.toByteArray())
-    , p: binstrToB64(k.p.toByteArray())
-    , q: binstrToB64(k.q.toByteArray())
-    , dp: binstrToB64(k.dP.toByteArray())
-    , dq: binstrToB64(k.dQ.toByteArray())
-    , qi: binstrToB64(k.qInv.toByteArray())
+    , n: binstrToB64Url(k.n.toByteArray())
+    , e: binstrToB64Url(k.e.toByteArray())
+    , d: binstrToB64Url(k.d.toByteArray())
+    , p: binstrToB64Url(k.p.toByteArray())
+    , q: binstrToB64Url(k.q.toByteArray())
+    , dp: binstrToB64Url(k.dP.toByteArray())
+    , dq: binstrToB64Url(k.dQ.toByteArray())
+    , qi: binstrToB64Url(k.qInv.toByteArray())
     };
   }
 , _forgeToPublicJwk: function (keypair) {
     var k = keypair._forge || keypair._forgePublic;
     return {
       kty: "RSA"
-    , n: binstrToB64(k.n.toByteArray())
-    , e: binstrToB64(k.e.toByteArray())
+    , n: binstrToB64Url(k.n.toByteArray())
+    , e: binstrToB64Url(k.e.toByteArray())
     };
   }
 
@@ -140,7 +110,7 @@ var extrac = module.exports = {
       }
     }
 
-    if (keypair._forge) {
+    if (keypair._forge || keypair._forgePublic) {
       return extrac._forgeToPublicJwk(keypair);
     }
 
diff --git a/lib/rsa-ursa.js b/lib/rsa-ursa.js
index 43dec95..b128af9 100644
--- a/lib/rsa-ursa.js
+++ b/lib/rsa-ursa.js
@@ -95,11 +95,13 @@ var ursac = module.exports = {
       return;
     }
 
-    keypair._ursaPublic = ursa.createPublicKeyFromComponents.apply(
-      ursa
-    , ursac._publicJwkToComponents(keypair.publicKeyJwk)
-    );
-    keypair._ursaPublic.toJSON = notToJson;
+    if (keypair.publicKeyJwk) {
+      keypair._ursaPublic = ursa.createPublicKeyFromComponents.apply(
+        ursa
+      , ursac._publicJwkToComponents(keypair.publicKeyJwk)
+      );
+      keypair._ursaPublic.toJSON = notToJson;
+    }
   }
 , import: function (keypair) {
     ursac._ursaImportJwk(keypair);
@@ -142,7 +144,7 @@ var ursac = module.exports = {
     if (keypair.publicKeyJwk) {
       ursac._ursaImportPublicJwk(keypair);
 
-      return keypair._ursa.toPublicPem().toString('ascii');
+      return keypair._ursaPublic.toPublicPem().toString('ascii');
     }
 
     if (keypair.privateKeyJwk) {
diff --git a/node.js b/node.js
index 7827f75..6a16c01 100644
--- a/node.js
+++ b/node.js
@@ -31,12 +31,19 @@ function create(deps) {
   };
   RSA._internal = require('./lib/node');//.create(deps);
 
-  RSA.thumbprint = function (jwk) {
-    jwk = jwk.privateKeyJwk || jwk.publicKeyJwk || jwk;
-    if (!jwk.e || !jwk.n) {
+  RSA._thumbprintInput = function (n, e) {
+    // #L147 const rsaThumbprintTemplate = `{"e":"%s","kty":"RSA","n":"%s"}`
+    return new Buffer('{"e":"'+ e + '","kty":"RSA","n":"'+ n +'"}', 'ascii');
+  };
+  RSA.thumbprint = function (keypair) {
+    var publicKeyJwk = RSA.exportPublicJwk(keypair);
+
+    if (!publicKeyJwk.e || !publicKeyJwk.n) {
       throw new Error("You must provide an RSA jwk with 'e' and 'n' (the public components)");
     }
-    var input = RSA.utils._forgeBytesToBuf('{"e":"'+ jwk.e + '","kty":"RSA","n":"'+ jwk.n +'"}');
+
+    var input = RSA._thumbprintInput(publicKeyJwk.n, publicKeyJwk.e);
+    console.log('thumbprint input', input.toString('ascii'));
     var base64Digest = crypto.createHash('sha256').update(input).digest('base64');
 
     return RSA.utils.toWebsafeBase64(base64Digest);
@@ -87,7 +94,7 @@ function create(deps) {
       }
 
       if (options.thumprint) {
-        keypair.thumbprint = RSA.thumbprint(keypair.privateKeyJwk /*|| keypair.publicKeyJwk*/);
+        keypair.thumbprint = RSA.thumbprint(keypair);
       }
 
       if (options.internal) {