terminate statement
This commit is contained in:
parent
d894570bd4
commit
e3c35c525f
@ -9,7 +9,7 @@ module.exports = {
|
|||||||
privateExport: function (key, options) {
|
privateExport: function (key, options) {
|
||||||
const nbuf = key.n.toBuffer();
|
const nbuf = key.n.toBuffer();
|
||||||
|
|
||||||
let ebuf = Buffer.alloc(4)
|
let ebuf = Buffer.alloc(4);
|
||||||
ebuf.writeUInt32BE(key.e, 0);
|
ebuf.writeUInt32BE(key.e, 0);
|
||||||
//Slice leading zeroes
|
//Slice leading zeroes
|
||||||
while (ebuf[0] === 0) ebuf = ebuf.slice(1);
|
while (ebuf[0] === 0) ebuf = ebuf.slice(1);
|
||||||
|
@ -1,148 +1,183 @@
|
|||||||
var ber = require('asn1').Ber;
|
/**
|
||||||
var _ = require('../utils')._;
|
* PKCS1 padding and signature scheme
|
||||||
var utils = require('../utils');
|
*/
|
||||||
|
|
||||||
const PRIVATE_OPENING_BOUNDARY = '-----BEGIN RSA PRIVATE KEY-----';
|
var BigInteger = require('../libs/jsbn');
|
||||||
const PRIVATE_CLOSING_BOUNDARY = '-----END RSA PRIVATE KEY-----';
|
var crypt = require('crypto');
|
||||||
|
var SIGN_INFO_HEAD = {
|
||||||
|
md2: Buffer.from('3020300c06082a864886f70d020205000410', 'hex'),
|
||||||
|
md5: Buffer.from('3020300c06082a864886f70d020505000410', 'hex'),
|
||||||
|
sha1: Buffer.from('3021300906052b0e03021a05000414', 'hex'),
|
||||||
|
sha224: Buffer.from('302d300d06096086480165030402040500041c', 'hex'),
|
||||||
|
sha256: Buffer.from('3031300d060960864801650304020105000420', 'hex'),
|
||||||
|
sha384: Buffer.from('3041300d060960864801650304020205000430', 'hex'),
|
||||||
|
sha512: Buffer.from('3051300d060960864801650304020305000440', 'hex'),
|
||||||
|
ripemd160: Buffer.from('3021300906052b2403020105000414', 'hex'),
|
||||||
|
rmd160: Buffer.from('3021300906052b2403020105000414', 'hex')
|
||||||
|
};
|
||||||
|
|
||||||
const PUBLIC_OPENING_BOUNDARY = '-----BEGIN RSA PUBLIC KEY-----';
|
var SIGN_ALG_TO_HASH_ALIASES = {
|
||||||
const PUBLIC_CLOSING_BOUNDARY = '-----END RSA PUBLIC KEY-----';
|
'ripemd160': 'rmd160'
|
||||||
|
};
|
||||||
|
|
||||||
module.exports = {
|
var DEFAULT_HASH_FUNCTION = 'sha256';
|
||||||
privateExport: function (key, options) {
|
|
||||||
options = options || {};
|
|
||||||
|
|
||||||
var n = key.n.toBuffer();
|
module.exports = {
|
||||||
var d = key.d.toBuffer();
|
isEncryption: true,
|
||||||
var p = key.p.toBuffer();
|
isSignature: true
|
||||||
var q = key.q.toBuffer();
|
};
|
||||||
var dmp1 = key.dmp1.toBuffer();
|
|
||||||
var dmq1 = key.dmq1.toBuffer();
|
|
||||||
var coeff = key.coeff.toBuffer();
|
|
||||||
|
|
||||||
var length = n.length + d.length + p.length + q.length + dmp1.length + dmq1.length + coeff.length + 512; // magic
|
module.exports.makeScheme = function (key, options) {
|
||||||
var writer = new ber.Writer({size: length});
|
function Scheme(key, options) {
|
||||||
|
this.key = key;
|
||||||
writer.startSequence();
|
this.options = options;
|
||||||
writer.writeInt(0);
|
|
||||||
writer.writeBuffer(n, 2);
|
|
||||||
writer.writeInt(key.e);
|
|
||||||
writer.writeBuffer(d, 2);
|
|
||||||
writer.writeBuffer(p, 2);
|
|
||||||
writer.writeBuffer(q, 2);
|
|
||||||
writer.writeBuffer(dmp1, 2);
|
|
||||||
writer.writeBuffer(dmq1, 2);
|
|
||||||
writer.writeBuffer(coeff, 2);
|
|
||||||
writer.endSequence();
|
|
||||||
|
|
||||||
if (options.type === 'der') {
|
|
||||||
return writer.buffer;
|
|
||||||
} else {
|
|
||||||
return PRIVATE_OPENING_BOUNDARY + '\n' + utils.linebrk(writer.buffer.toString('base64'), 64) + '\n' + PRIVATE_CLOSING_BOUNDARY;
|
|
||||||
}
|
|
||||||
},
|
|
||||||
|
|
||||||
privateImport: function (key, data, options) {
|
|
||||||
options = options || {};
|
|
||||||
var buffer;
|
|
||||||
|
|
||||||
if (options.type !== 'der') {
|
|
||||||
if (Buffer.isBuffer(data)) {
|
|
||||||
data = data.toString('utf8');
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (_.isString(data)) {
|
Scheme.prototype.maxMessageLength = function () {
|
||||||
var pem = utils.trimSurroundingText(data, PRIVATE_OPENING_BOUNDARY, PRIVATE_CLOSING_BOUNDARY)
|
if (this.options.encryptionSchemeOptions && this.options.encryptionSchemeOptions.padding == 3) {
|
||||||
.replace(/\s+|\n\r|\n|\r$/gm, '');
|
return this.key.encryptedDataLength;
|
||||||
buffer = Buffer.from(pem, 'base64');
|
|
||||||
} else {
|
|
||||||
throw Error('Unsupported key format');
|
|
||||||
}
|
}
|
||||||
} else if (Buffer.isBuffer(data)) {
|
return this.key.encryptedDataLength - 11;
|
||||||
buffer = data;
|
};
|
||||||
} else {
|
|
||||||
throw Error('Unsupported key format');
|
|
||||||
}
|
|
||||||
|
|
||||||
var reader = new ber.Reader(buffer);
|
|
||||||
reader.readSequence();
|
|
||||||
reader.readString(2, true); // just zero
|
|
||||||
key.setPrivate(
|
|
||||||
reader.readString(2, true), // modulus
|
|
||||||
reader.readString(2, true), // publicExponent
|
|
||||||
reader.readString(2, true), // privateExponent
|
|
||||||
reader.readString(2, true), // prime1
|
|
||||||
reader.readString(2, true), // prime2
|
|
||||||
reader.readString(2, true), // exponent1 -- d mod (p1)
|
|
||||||
reader.readString(2, true), // exponent2 -- d mod (q-1)
|
|
||||||
reader.readString(2, true) // coefficient -- (inverse of q) mod p
|
|
||||||
);
|
|
||||||
},
|
|
||||||
|
|
||||||
publicExport: function (key, options) {
|
|
||||||
options = options || {};
|
|
||||||
|
|
||||||
var n = key.n.toBuffer();
|
|
||||||
var length = n.length + 512; // magic
|
|
||||||
|
|
||||||
var bodyWriter = new ber.Writer({size: length});
|
|
||||||
bodyWriter.startSequence();
|
|
||||||
bodyWriter.writeBuffer(n, 2);
|
|
||||||
bodyWriter.writeInt(key.e);
|
|
||||||
bodyWriter.endSequence();
|
|
||||||
|
|
||||||
if (options.type === 'der') {
|
|
||||||
return bodyWriter.buffer;
|
|
||||||
} else {
|
|
||||||
return PUBLIC_OPENING_BOUNDARY + '\n' + utils.linebrk(bodyWriter.buffer.toString('base64'), 64) + '\n' + PUBLIC_CLOSING_BOUNDARY;
|
|
||||||
}
|
|
||||||
},
|
|
||||||
|
|
||||||
publicImport: function (key, data, options) {
|
|
||||||
options = options || {};
|
|
||||||
var buffer;
|
|
||||||
|
|
||||||
if (options.type !== 'der') {
|
|
||||||
if (Buffer.isBuffer(data)) {
|
|
||||||
data = data.toString('utf8');
|
|
||||||
}
|
|
||||||
|
|
||||||
if (_.isString(data)) {
|
|
||||||
var pem = utils.trimSurroundingText(data, PUBLIC_OPENING_BOUNDARY, PUBLIC_CLOSING_BOUNDARY)
|
|
||||||
.replace(/\s+|\n\r|\n|\r$/gm, '');
|
|
||||||
buffer = Buffer.from(pem, 'base64');
|
|
||||||
}
|
|
||||||
} else if (Buffer.isBuffer(data)) {
|
|
||||||
buffer = data;
|
|
||||||
} else {
|
|
||||||
throw Error('Unsupported key format');
|
|
||||||
}
|
|
||||||
|
|
||||||
var body = new ber.Reader(buffer);
|
|
||||||
body.readSequence();
|
|
||||||
key.setPublic(
|
|
||||||
body.readString(0x02, true), // modulus
|
|
||||||
body.readString(0x02, true) // publicExponent
|
|
||||||
);
|
|
||||||
},
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Trying autodetect and import key
|
* Pad input Buffer to encryptedDataLength bytes, and return Buffer.from
|
||||||
* @param key
|
* alg: PKCS#1
|
||||||
* @param data
|
* @param buffer
|
||||||
|
* @returns {Buffer}
|
||||||
*/
|
*/
|
||||||
autoImport: function (key, data) {
|
Scheme.prototype.encPad = function (buffer, options) {
|
||||||
// [\S\s]* matches zero or more of any character
|
options = options || {};
|
||||||
if (/^[\S\s]*-----BEGIN RSA PRIVATE KEY-----\s*(?=(([A-Za-z0-9+/=]+\s*)+))\1-----END RSA PRIVATE KEY-----[\S\s]*$/g.test(data)) {
|
var filled;
|
||||||
module.exports.privateImport(key, data);
|
if (buffer.length > this.key.maxMessageLength) {
|
||||||
return true;
|
throw new Error("Message too long for RSA (n=" + this.key.encryptedDataLength + ", l=" + buffer.length + ")");
|
||||||
}
|
}
|
||||||
|
|
||||||
if (/^[\S\s]*-----BEGIN RSA PUBLIC KEY-----\s*(?=(([A-Za-z0-9+/=]+\s*)+))\1-----END RSA PUBLIC KEY-----[\S\s]*$/g.test(data)) {
|
if (this.options.encryptionSchemeOptions && this.options.encryptionSchemeOptions.padding == 3) {
|
||||||
module.exports.publicImport(key, data);
|
//RSA_NO_PADDING treated like JAVA left pad with zero character
|
||||||
return true;
|
filled = Buffer.alloc(this.key.maxMessageLength - buffer.length);
|
||||||
|
filled.fill(0);
|
||||||
|
return Buffer.concat([filled, buffer]);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Type 1: zeros padding for private key encrypt */
|
||||||
|
if (options.type === 1) {
|
||||||
|
filled = Buffer.alloc(this.key.encryptedDataLength - buffer.length - 1);
|
||||||
|
filled.fill(0xff, 0, filled.length - 1);
|
||||||
|
filled[0] = 1;
|
||||||
|
filled[filled.length - 1] = 0;
|
||||||
|
|
||||||
|
return Buffer.concat([filled, buffer]);
|
||||||
|
} else {
|
||||||
|
/* random padding for public key encrypt */
|
||||||
|
filled = Buffer.alloc(this.key.encryptedDataLength - buffer.length);
|
||||||
|
filled[0] = 0;
|
||||||
|
filled[1] = 2;
|
||||||
|
var rand = crypt.randomBytes(filled.length - 3);
|
||||||
|
for (var i = 0; i < rand.length; i++) {
|
||||||
|
var r = rand[i];
|
||||||
|
while (r === 0) { // non-zero only
|
||||||
|
r = crypt.randomBytes(1)[0];
|
||||||
|
}
|
||||||
|
filled[i + 2] = r;
|
||||||
|
}
|
||||||
|
filled[filled.length - 1] = 0;
|
||||||
|
return Buffer.concat([filled, buffer]);
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Unpad input Buffer and, if valid, return the Buffer object
|
||||||
|
* alg: PKCS#1 (type 2, random)
|
||||||
|
* @param buffer
|
||||||
|
* @returns {Buffer}
|
||||||
|
*/
|
||||||
|
Scheme.prototype.encUnPad = function (buffer, options) {
|
||||||
|
return buffer;
|
||||||
|
};
|
||||||
|
|
||||||
|
Scheme.prototype.sign = function (buffer) {
|
||||||
|
var hashAlgorithm = this.options.signingSchemeOptions.hash || DEFAULT_HASH_FUNCTION;
|
||||||
|
hashAlgorithm = SIGN_ALG_TO_HASH_ALIASES[hashAlgorithm] || hashAlgorithm;
|
||||||
|
|
||||||
|
var hasher = crypt.createHash(hashAlgorithm);
|
||||||
|
hasher.update(buffer);
|
||||||
|
var hash = this.pkcs1pad(hasher.digest(), hashAlgorithm);
|
||||||
|
var res = this.key.$doPrivate(new BigInteger(hash)).toBuffer(this.key.encryptedDataLength);
|
||||||
|
|
||||||
|
return res;
|
||||||
|
};
|
||||||
|
|
||||||
|
Scheme.prototype.verify = function (buffer, signature, signature_encoding) {
|
||||||
|
if (this.options.encryptionSchemeOptions && this.options.encryptionSchemeOptions.padding == 3) {
|
||||||
|
//RSA_NO_PADDING has no verify data
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
};
|
var hashAlgorithm = this.options.signingSchemeOptions.hash || DEFAULT_HASH_FUNCTION;
|
||||||
|
hashAlgorithm = SIGN_ALG_TO_HASH_ALIASES[hashAlgorithm] || hashAlgorithm;
|
||||||
|
|
||||||
|
if (signature_encoding) {
|
||||||
|
signature = Buffer.from(signature, signature_encoding);
|
||||||
|
}
|
||||||
|
|
||||||
|
var hasher = crypt.createHash(hashAlgorithm);
|
||||||
|
hasher.update(buffer);
|
||||||
|
var hash = this.pkcs1pad(hasher.digest(), hashAlgorithm);
|
||||||
|
var m = this.key.$doPublic(new BigInteger(signature));
|
||||||
|
|
||||||
|
return m.toBuffer().toString('hex') == hash.toString('hex');
|
||||||
|
};
|
||||||
|
|
||||||
|
/**
|
||||||
|
* PKCS#1 zero pad input buffer to max data length
|
||||||
|
* @param hashBuf
|
||||||
|
* @param hashAlgorithm
|
||||||
|
* @returns {*}
|
||||||
|
*/
|
||||||
|
Scheme.prototype.pkcs0pad = function (buffer) {
|
||||||
|
var filled = Buffer.alloc(this.key.maxMessageLength - buffer.length);
|
||||||
|
filled.fill(0);
|
||||||
|
return Buffer.concat([filled, buffer]);
|
||||||
|
};
|
||||||
|
|
||||||
|
Scheme.prototype.pkcs0unpad = function (buffer) {
|
||||||
|
var unPad;
|
||||||
|
if (typeof buffer.lastIndexOf == "function") { //patch for old node version
|
||||||
|
unPad = buffer.slice(buffer.lastIndexOf('\0') + 1, buffer.length);
|
||||||
|
} else {
|
||||||
|
unPad = buffer.slice(String.prototype.lastIndexOf.call(buffer, '\0') + 1, buffer.length);
|
||||||
|
}
|
||||||
|
|
||||||
|
return unPad;
|
||||||
|
};
|
||||||
|
|
||||||
|
/**
|
||||||
|
* PKCS#1 pad input buffer to max data length
|
||||||
|
* @param hashBuf
|
||||||
|
* @param hashAlgorithm
|
||||||
|
* @returns {*}
|
||||||
|
*/
|
||||||
|
Scheme.prototype.pkcs1pad = function (hashBuf, hashAlgorithm) {
|
||||||
|
var digest = SIGN_INFO_HEAD[hashAlgorithm];
|
||||||
|
if (!digest) {
|
||||||
|
throw Error('Unsupported hash algorithm');
|
||||||
|
}
|
||||||
|
|
||||||
|
var data = Buffer.concat([digest, hashBuf]);
|
||||||
|
|
||||||
|
if (data.length + 10 > this.key.encryptedDataLength) {
|
||||||
|
throw Error('Key is too short for signing algorithm (' + hashAlgorithm + ')');
|
||||||
|
}
|
||||||
|
|
||||||
|
var filled = Buffer.alloc(this.key.encryptedDataLength - data.length - 1);
|
||||||
|
filled.fill(0xff, 0, filled.length - 1);
|
||||||
|
filled[0] = 1;
|
||||||
|
filled[filled.length - 1] = 0;
|
||||||
|
|
||||||
|
var res = Buffer.concat([filled, data]);
|
||||||
|
|
||||||
|
return res;
|
||||||
|
};
|
||||||
|
|
||||||
|
return new Scheme(key, options);
|
||||||
|
};
|
Loading…
Reference in New Issue
Block a user