partoschph68073
/
SmartMirror-Projektarbeit
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Software zum Installieren eines Smart-Mirror Frameworks , zum Nutzen von hochschulrelevanten Informationen, auf einem Raspberry-Pi.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
SmartMirror-Projektarbeit/node_modules/sshpk/lib/utils.js

utils.js 9.6KB
Raw Permalink Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404 
  1. // Copyright 2015 Joyent, Inc.

  2. 

  3. module.exports = {

  4. 	bufferSplit: bufferSplit,

  5. 	addRSAMissing: addRSAMissing,

  6. 	calculateDSAPublic: calculateDSAPublic,

  7. 	calculateED25519Public: calculateED25519Public,

  8. 	calculateX25519Public: calculateX25519Public,

  9. 	mpNormalize: mpNormalize,

  10. 	mpDenormalize: mpDenormalize,

  11. 	ecNormalize: ecNormalize,

  12. 	countZeros: countZeros,

  13. 	assertCompatible: assertCompatible,

  14. 	isCompatible: isCompatible,

  15. 	opensslKeyDeriv: opensslKeyDeriv,

  16. 	opensshCipherInfo: opensshCipherInfo,

  17. 	publicFromPrivateECDSA: publicFromPrivateECDSA,

  18. 	zeroPadToLength: zeroPadToLength,

  19. 	writeBitString: writeBitString,

  20. 	readBitString: readBitString,

  21. 	pbkdf2: pbkdf2

  22. };

  23. 

  24. var assert = require('assert-plus');

  25. var Buffer = require('safer-buffer').Buffer;

  26. var PrivateKey = require('./private-key');

  27. var Key = require('./key');

  28. var crypto = require('crypto');

  29. var algs = require('./algs');

  30. var asn1 = require('asn1');

  31. 

  32. var ec = require('ecc-jsbn/lib/ec');

  33. var jsbn = require('jsbn').BigInteger;

  34. var nacl = require('tweetnacl');

  35. 

  36. var MAX_CLASS_DEPTH = 3;

  37. 

  38. function isCompatible(obj, klass, needVer) {

  39. 	if (obj === null || typeof (obj) !== 'object')

  40. 		return (false);

  41. 	if (needVer === undefined)

  42. 		needVer = klass.prototype._sshpkApiVersion;

  43. 	if (obj instanceof klass &&

  44. 	    klass.prototype._sshpkApiVersion[0] == needVer[0])

  45. 		return (true);

  46. 	var proto = Object.getPrototypeOf(obj);

  47. 	var depth = 0;

  48. 	while (proto.constructor.name !== klass.name) {

  49. 		proto = Object.getPrototypeOf(proto);

  50. 		if (!proto || ++depth > MAX_CLASS_DEPTH)

  51. 			return (false);

  52. 	}

  53. 	if (proto.constructor.name !== klass.name)

  54. 		return (false);

  55. 	var ver = proto._sshpkApiVersion;

  56. 	if (ver === undefined)

  57. 		ver = klass._oldVersionDetect(obj);

  58. 	if (ver[0] != needVer[0] || ver[1] < needVer[1])

  59. 		return (false);

  60. 	return (true);

  61. }

  62. 

  63. function assertCompatible(obj, klass, needVer, name) {

  64. 	if (name === undefined)

  65. 		name = 'object';

  66. 	assert.ok(obj, name + ' must not be null');

  67. 	assert.object(obj, name + ' must be an object');

  68. 	if (needVer === undefined)

  69. 		needVer = klass.prototype._sshpkApiVersion;

  70. 	if (obj instanceof klass &&

  71. 	    klass.prototype._sshpkApiVersion[0] == needVer[0])

  72. 		return;

  73. 	var proto = Object.getPrototypeOf(obj);

  74. 	var depth = 0;

  75. 	while (proto.constructor.name !== klass.name) {

  76. 		proto = Object.getPrototypeOf(proto);

  77. 		assert.ok(proto && ++depth <= MAX_CLASS_DEPTH,

  78. 		    name + ' must be a ' + klass.name + ' instance');

  79. 	}

  80. 	assert.strictEqual(proto.constructor.name, klass.name,

  81. 	    name + ' must be a ' + klass.name + ' instance');

  82. 	var ver = proto._sshpkApiVersion;

  83. 	if (ver === undefined)

  84. 		ver = klass._oldVersionDetect(obj);

  85. 	assert.ok(ver[0] == needVer[0] && ver[1] >= needVer[1],

  86. 	    name + ' must be compatible with ' + klass.name + ' klass ' +

  87. 	    'version ' + needVer[0] + '.' + needVer[1]);

  88. }

  89. 

  90. var CIPHER_LEN = {

  91. 	'des-ede3-cbc': { key: 24, iv: 8 },

  92. 	'aes-128-cbc': { key: 16, iv: 16 },

  93. 	'aes-256-cbc': { key: 32, iv: 16 }

  94. };

  95. var PKCS5_SALT_LEN = 8;

  96. 

  97. function opensslKeyDeriv(cipher, salt, passphrase, count) {

  98. 	assert.buffer(salt, 'salt');

  99. 	assert.buffer(passphrase, 'passphrase');

  100. 	assert.number(count, 'iteration count');

  101. 

  102. 	var clen = CIPHER_LEN[cipher];

  103. 	assert.object(clen, 'supported cipher');

  104. 

  105. 	salt = salt.slice(0, PKCS5_SALT_LEN);

  106. 

  107. 	var D, D_prev, bufs;

  108. 	var material = Buffer.alloc(0);

  109. 	while (material.length < clen.key + clen.iv) {

  110. 		bufs = [];

  111. 		if (D_prev)

  112. 			bufs.push(D_prev);

  113. 		bufs.push(passphrase);

  114. 		bufs.push(salt);

  115. 		D = Buffer.concat(bufs);

  116. 		for (var j = 0; j < count; ++j)

  117. 			D = crypto.createHash('md5').update(D).digest();

  118. 		material = Buffer.concat([material, D]);

  119. 		D_prev = D;

  120. 	}

  121. 

  122. 	return ({

  123. 	    key: material.slice(0, clen.key),

  124. 	    iv: material.slice(clen.key, clen.key + clen.iv)

  125. 	});

  126. }

  127. 

  128. /* See: RFC2898 */

  129. function pbkdf2(hashAlg, salt, iterations, size, passphrase) {

  130. 	var hkey = Buffer.alloc(salt.length + 4);

  131. 	salt.copy(hkey);

  132. 

  133. 	var gen = 0, ts = [];

  134. 	var i = 1;

  135. 	while (gen < size) {

  136. 		var t = T(i++);

  137. 		gen += t.length;

  138. 		ts.push(t);

  139. 	}

  140. 	return (Buffer.concat(ts).slice(0, size));

  141. 

  142. 	function T(I) {

  143. 		hkey.writeUInt32BE(I, hkey.length - 4);

  144. 

  145. 		var hmac = crypto.createHmac(hashAlg, passphrase);

  146. 		hmac.update(hkey);

  147. 

  148. 		var Ti = hmac.digest();

  149. 		var Uc = Ti;

  150. 		var c = 1;

  151. 		while (c++ < iterations) {

  152. 			hmac = crypto.createHmac(hashAlg, passphrase);

  153. 			hmac.update(Uc);

  154. 			Uc = hmac.digest();

  155. 			for (var x = 0; x < Ti.length; ++x)

  156. 				Ti[x] ^= Uc[x];

  157. 		}

  158. 		return (Ti);

  159. 	}

  160. }

  161. 

  162. /* Count leading zero bits on a buffer */

  163. function countZeros(buf) {

  164. 	var o = 0, obit = 8;

  165. 	while (o < buf.length) {

  166. 		var mask = (1 << obit);

  167. 		if ((buf[o] & mask) === mask)

  168. 			break;

  169. 		obit--;

  170. 		if (obit < 0) {

  171. 			o++;

  172. 			obit = 8;

  173. 		}

  174. 	}

  175. 	return (o*8 + (8 - obit) - 1);

  176. }

  177. 

  178. function bufferSplit(buf, chr) {

  179. 	assert.buffer(buf);

  180. 	assert.string(chr);

  181. 

  182. 	var parts = [];

  183. 	var lastPart = 0;

  184. 	var matches = 0;

  185. 	for (var i = 0; i < buf.length; ++i) {

  186. 		if (buf[i] === chr.charCodeAt(matches))

  187. 			++matches;

  188. 		else if (buf[i] === chr.charCodeAt(0))

  189. 			matches = 1;

  190. 		else

  191. 			matches = 0;

  192. 

  193. 		if (matches >= chr.length) {

  194. 			var newPart = i + 1;

  195. 			parts.push(buf.slice(lastPart, newPart - matches));

  196. 			lastPart = newPart;

  197. 			matches = 0;

  198. 		}

  199. 	}

  200. 	if (lastPart <= buf.length)

  201. 		parts.push(buf.slice(lastPart, buf.length));

  202. 

  203. 	return (parts);

  204. }

  205. 

  206. function ecNormalize(buf, addZero) {

  207. 	assert.buffer(buf);

  208. 	if (buf[0] === 0x00 && buf[1] === 0x04) {

  209. 		if (addZero)

  210. 			return (buf);

  211. 		return (buf.slice(1));

  212. 	} else if (buf[0] === 0x04) {

  213. 		if (!addZero)

  214. 			return (buf);

  215. 	} else {

  216. 		while (buf[0] === 0x00)

  217. 			buf = buf.slice(1);

  218. 		if (buf[0] === 0x02 || buf[0] === 0x03)

  219. 			throw (new Error('Compressed elliptic curve points ' +

  220. 			    'are not supported'));

  221. 		if (buf[0] !== 0x04)

  222. 			throw (new Error('Not a valid elliptic curve point'));

  223. 		if (!addZero)

  224. 			return (buf);

  225. 	}

  226. 	var b = Buffer.alloc(buf.length + 1);

  227. 	b[0] = 0x0;

  228. 	buf.copy(b, 1);

  229. 	return (b);

  230. }

  231. 

  232. function readBitString(der, tag) {

  233. 	if (tag === undefined)

  234. 		tag = asn1.Ber.BitString;

  235. 	var buf = der.readString(tag, true);

  236. 	assert.strictEqual(buf[0], 0x00, 'bit strings with unused bits are ' +

  237. 	    'not supported (0x' + buf[0].toString(16) + ')');

  238. 	return (buf.slice(1));

  239. }

  240. 

  241. function writeBitString(der, buf, tag) {

  242. 	if (tag === undefined)

  243. 		tag = asn1.Ber.BitString;

  244. 	var b = Buffer.alloc(buf.length + 1);

  245. 	b[0] = 0x00;

  246. 	buf.copy(b, 1);

  247. 	der.writeBuffer(b, tag);

  248. }

  249. 

  250. function mpNormalize(buf) {

  251. 	assert.buffer(buf);

  252. 	while (buf.length > 1 && buf[0] === 0x00 && (buf[1] & 0x80) === 0x00)

  253. 		buf = buf.slice(1);

  254. 	if ((buf[0] & 0x80) === 0x80) {

  255. 		var b = Buffer.alloc(buf.length + 1);

  256. 		b[0] = 0x00;

  257. 		buf.copy(b, 1);

  258. 		buf = b;

  259. 	}

  260. 	return (buf);

  261. }

  262. 

  263. function mpDenormalize(buf) {

  264. 	assert.buffer(buf);

  265. 	while (buf.length > 1 && buf[0] === 0x00)

  266. 		buf = buf.slice(1);

  267. 	return (buf);

  268. }

  269. 

  270. function zeroPadToLength(buf, len) {

  271. 	assert.buffer(buf);

  272. 	assert.number(len);

  273. 	while (buf.length > len) {

  274. 		assert.equal(buf[0], 0x00);

  275. 		buf = buf.slice(1);

  276. 	}

  277. 	while (buf.length < len) {

  278. 		var b = Buffer.alloc(buf.length + 1);

  279. 		b[0] = 0x00;

  280. 		buf.copy(b, 1);

  281. 		buf = b;

  282. 	}

  283. 	return (buf);

  284. }

  285. 

  286. function bigintToMpBuf(bigint) {

  287. 	var buf = Buffer.from(bigint.toByteArray());

  288. 	buf = mpNormalize(buf);

  289. 	return (buf);

  290. }

  291. 

  292. function calculateDSAPublic(g, p, x) {

  293. 	assert.buffer(g);

  294. 	assert.buffer(p);

  295. 	assert.buffer(x);

  296. 	g = new jsbn(g);

  297. 	p = new jsbn(p);

  298. 	x = new jsbn(x);

  299. 	var y = g.modPow(x, p);

  300. 	var ybuf = bigintToMpBuf(y);

  301. 	return (ybuf);

  302. }

  303. 

  304. function calculateED25519Public(k) {

  305. 	assert.buffer(k);

  306. 

  307. 	var kp = nacl.sign.keyPair.fromSeed(new Uint8Array(k));

  308. 	return (Buffer.from(kp.publicKey));

  309. }

  310. 

  311. function calculateX25519Public(k) {

  312. 	assert.buffer(k);

  313. 

  314. 	var kp = nacl.box.keyPair.fromSeed(new Uint8Array(k));

  315. 	return (Buffer.from(kp.publicKey));

  316. }

  317. 

  318. function addRSAMissing(key) {

  319. 	assert.object(key);

  320. 	assertCompatible(key, PrivateKey, [1, 1]);

  321. 

  322. 	var d = new jsbn(key.part.d.data);

  323. 	var buf;

  324. 

  325. 	if (!key.part.dmodp) {

  326. 		var p = new jsbn(key.part.p.data);

  327. 		var dmodp = d.mod(p.subtract(1));

  328. 

  329. 		buf = bigintToMpBuf(dmodp);

  330. 		key.part.dmodp = {name: 'dmodp', data: buf};

  331. 		key.parts.push(key.part.dmodp);

  332. 	}

  333. 	if (!key.part.dmodq) {

  334. 		var q = new jsbn(key.part.q.data);

  335. 		var dmodq = d.mod(q.subtract(1));

  336. 

  337. 		buf = bigintToMpBuf(dmodq);

  338. 		key.part.dmodq = {name: 'dmodq', data: buf};

  339. 		key.parts.push(key.part.dmodq);

  340. 	}

  341. }

  342. 

  343. function publicFromPrivateECDSA(curveName, priv) {

  344. 	assert.string(curveName, 'curveName');

  345. 	assert.buffer(priv);

  346. 	var params = algs.curves[curveName];

  347. 	var p = new jsbn(params.p);

  348. 	var a = new jsbn(params.a);

  349. 	var b = new jsbn(params.b);

  350. 	var curve = new ec.ECCurveFp(p, a, b);

  351. 	var G = curve.decodePointHex(params.G.toString('hex'));

  352. 

  353. 	var d = new jsbn(mpNormalize(priv));

  354. 	var pub = G.multiply(d);

  355. 	pub = Buffer.from(curve.encodePointHex(pub), 'hex');

  356. 

  357. 	var parts = [];

  358. 	parts.push({name: 'curve', data: Buffer.from(curveName)});

  359. 	parts.push({name: 'Q', data: pub});

  360. 

  361. 	var key = new Key({type: 'ecdsa', curve: curve, parts: parts});

  362. 	return (key);

  363. }

  364. 

  365. function opensshCipherInfo(cipher) {

  366. 	var inf = {};

  367. 	switch (cipher) {

  368. 	case '3des-cbc':

  369. 		inf.keySize = 24;

  370. 		inf.blockSize = 8;

  371. 		inf.opensslName = 'des-ede3-cbc';

  372. 		break;

  373. 	case 'blowfish-cbc':

  374. 		inf.keySize = 16;

  375. 		inf.blockSize = 8;

  376. 		inf.opensslName = 'bf-cbc';

  377. 		break;

  378. 	case 'aes128-cbc':

  379. 	case 'aes128-ctr':

  380. 	case 'aes128-gcm@openssh.com':

  381. 		inf.keySize = 16;

  382. 		inf.blockSize = 16;

  383. 		inf.opensslName = 'aes-128-' + cipher.slice(7, 10);

  384. 		break;

  385. 	case 'aes192-cbc':

  386. 	case 'aes192-ctr':

  387. 	case 'aes192-gcm@openssh.com':

  388. 		inf.keySize = 24;

  389. 		inf.blockSize = 16;

  390. 		inf.opensslName = 'aes-192-' + cipher.slice(7, 10);

  391. 		break;

  392. 	case 'aes256-cbc':

  393. 	case 'aes256-ctr':

  394. 	case 'aes256-gcm@openssh.com':

  395. 		inf.keySize = 32;

  396. 		inf.blockSize = 16;

  397. 		inf.opensslName = 'aes-256-' + cipher.slice(7, 10);

  398. 		break;

  399. 	default:

  400. 		throw (new Error(

  401. 		    'Unsupported openssl cipher "' + cipher + '"'));

  402. 	}

  403. 	return (inf);

  404. }