corrade-nucleus-nucleons – Blame information for rev 22

Subversion Repositories:
Rev:
Rev Author Line No. Line
22 office 1 /**
2 * Functions to output keys in SSH-friendly formats.
3 *
4 * This is part of the Forge project which may be used under the terms of
5 * either the BSD License or the GNU General Public License (GPL) Version 2.
6 *
7 * See: https://github.com/digitalbazaar/forge/blob/cbebca3780658703d925b61b2caffb1d263a6c1d/LICENSE
8 *
9 * @author https://github.com/shellac
10 */
11 var forge = require('./forge');
12 require('./aes');
13 require('./hmac');
14 require('./md5');
15 require('./sha1');
16 require('./util');
17  
18 var ssh = module.exports = forge.ssh = forge.ssh || {};
19  
20 /**
21 * Encodes (and optionally encrypts) a private RSA key as a Putty PPK file.
22 *
23 * @param privateKey the key.
24 * @param passphrase a passphrase to protect the key (falsy for no encryption).
25 * @param comment a comment to include in the key file.
26 *
27 * @return the PPK file as a string.
28 */
29 ssh.privateKeyToPutty = function(privateKey, passphrase, comment) {
30 comment = comment || '';
31 passphrase = passphrase || '';
32 var algorithm = 'ssh-rsa';
33 var encryptionAlgorithm = (passphrase === '') ? 'none' : 'aes256-cbc';
34  
35 var ppk = 'PuTTY-User-Key-File-2: ' + algorithm + '\r\n';
36 ppk += 'Encryption: ' + encryptionAlgorithm + '\r\n';
37 ppk += 'Comment: ' + comment + '\r\n';
38  
39 // public key into buffer for ppk
40 var pubbuffer = forge.util.createBuffer();
41 _addStringToBuffer(pubbuffer, algorithm);
42 _addBigIntegerToBuffer(pubbuffer, privateKey.e);
43 _addBigIntegerToBuffer(pubbuffer, privateKey.n);
44  
45 // write public key
46 var pub = forge.util.encode64(pubbuffer.bytes(), 64);
47 var length = Math.floor(pub.length / 66) + 1; // 66 = 64 + \r\n
48 ppk += 'Public-Lines: ' + length + '\r\n';
49 ppk += pub;
50  
51 // private key into a buffer
52 var privbuffer = forge.util.createBuffer();
53 _addBigIntegerToBuffer(privbuffer, privateKey.d);
54 _addBigIntegerToBuffer(privbuffer, privateKey.p);
55 _addBigIntegerToBuffer(privbuffer, privateKey.q);
56 _addBigIntegerToBuffer(privbuffer, privateKey.qInv);
57  
58 // optionally encrypt the private key
59 var priv;
60 if(!passphrase) {
61 // use the unencrypted buffer
62 priv = forge.util.encode64(privbuffer.bytes(), 64);
63 } else {
64 // encrypt RSA key using passphrase
65 var encLen = privbuffer.length() + 16 - 1;
66 encLen -= encLen % 16;
67  
68 // pad private key with sha1-d data -- needs to be a multiple of 16
69 var padding = _sha1(privbuffer.bytes());
70  
71 padding.truncate(padding.length() - encLen + privbuffer.length());
72 privbuffer.putBuffer(padding);
73  
74 var aeskey = forge.util.createBuffer();
75 aeskey.putBuffer(_sha1('\x00\x00\x00\x00', passphrase));
76 aeskey.putBuffer(_sha1('\x00\x00\x00\x01', passphrase));
77  
78 // encrypt some bytes using CBC mode
79 // key is 40 bytes, so truncate *by* 8 bytes
80 var cipher = forge.aes.createEncryptionCipher(aeskey.truncate(8), 'CBC');
81 cipher.start(forge.util.createBuffer().fillWithByte(0, 16));
82 cipher.update(privbuffer.copy());
83 cipher.finish();
84 var encrypted = cipher.output;
85  
86 // Note: this appears to differ from Putty -- is forge wrong, or putty?
87 // due to padding we finish as an exact multiple of 16
88 encrypted.truncate(16); // all padding
89  
90 priv = forge.util.encode64(encrypted.bytes(), 64);
91 }
92  
93 // output private key
94 length = Math.floor(priv.length / 66) + 1; // 64 + \r\n
95 ppk += '\r\nPrivate-Lines: ' + length + '\r\n';
96 ppk += priv;
97  
98 // MAC
99 var mackey = _sha1('putty-private-key-file-mac-key', passphrase);
100  
101 var macbuffer = forge.util.createBuffer();
102 _addStringToBuffer(macbuffer, algorithm);
103 _addStringToBuffer(macbuffer, encryptionAlgorithm);
104 _addStringToBuffer(macbuffer, comment);
105 macbuffer.putInt32(pubbuffer.length());
106 macbuffer.putBuffer(pubbuffer);
107 macbuffer.putInt32(privbuffer.length());
108 macbuffer.putBuffer(privbuffer);
109  
110 var hmac = forge.hmac.create();
111 hmac.start('sha1', mackey);
112 hmac.update(macbuffer.bytes());
113  
114 ppk += '\r\nPrivate-MAC: ' + hmac.digest().toHex() + '\r\n';
115  
116 return ppk;
117 };
118  
119 /**
120 * Encodes a public RSA key as an OpenSSH file.
121 *
122 * @param key the key.
123 * @param comment a comment.
124 *
125 * @return the public key in OpenSSH format.
126 */
127 ssh.publicKeyToOpenSSH = function(key, comment) {
128 var type = 'ssh-rsa';
129 comment = comment || '';
130  
131 var buffer = forge.util.createBuffer();
132 _addStringToBuffer(buffer, type);
133 _addBigIntegerToBuffer(buffer, key.e);
134 _addBigIntegerToBuffer(buffer, key.n);
135  
136 return type + ' ' + forge.util.encode64(buffer.bytes()) + ' ' + comment;
137 };
138  
139 /**
140 * Encodes a private RSA key as an OpenSSH file.
141 *
142 * @param key the key.
143 * @param passphrase a passphrase to protect the key (falsy for no encryption).
144 *
145 * @return the public key in OpenSSH format.
146 */
147 ssh.privateKeyToOpenSSH = function(privateKey, passphrase) {
148 if(!passphrase) {
149 return forge.pki.privateKeyToPem(privateKey);
150 }
151 // OpenSSH private key is just a legacy format, it seems
152 return forge.pki.encryptRsaPrivateKey(privateKey, passphrase,
153 {legacy: true, algorithm: 'aes128'});
154 };
155  
156 /**
157 * Gets the SSH fingerprint for the given public key.
158 *
159 * @param options the options to use.
160 * [md] the message digest object to use (defaults to forge.md.md5).
161 * [encoding] an alternative output encoding, such as 'hex'
162 * (defaults to none, outputs a byte buffer).
163 * [delimiter] the delimiter to use between bytes for 'hex' encoded
164 * output, eg: ':' (defaults to none).
165 *
166 * @return the fingerprint as a byte buffer or other encoding based on options.
167 */
168 ssh.getPublicKeyFingerprint = function(key, options) {
169 options = options || {};
170 var md = options.md || forge.md.md5.create();
171  
172 var type = 'ssh-rsa';
173 var buffer = forge.util.createBuffer();
174 _addStringToBuffer(buffer, type);
175 _addBigIntegerToBuffer(buffer, key.e);
176 _addBigIntegerToBuffer(buffer, key.n);
177  
178 // hash public key bytes
179 md.start();
180 md.update(buffer.getBytes());
181 var digest = md.digest();
182 if(options.encoding === 'hex') {
183 var hex = digest.toHex();
184 if(options.delimiter) {
185 return hex.match(/.{2}/g).join(options.delimiter);
186 }
187 return hex;
188 } else if(options.encoding === 'binary') {
189 return digest.getBytes();
190 } else if(options.encoding) {
191 throw new Error('Unknown encoding "' + options.encoding + '".');
192 }
193 return digest;
194 };
195  
196 /**
197 * Adds len(val) then val to a buffer.
198 *
199 * @param buffer the buffer to add to.
200 * @param val a big integer.
201 */
202 function _addBigIntegerToBuffer(buffer, val) {
203 var hexVal = val.toString(16);
204 // ensure 2s complement +ve
205 if(hexVal[0] >= '8') {
206 hexVal = '00' + hexVal;
207 }
208 var bytes = forge.util.hexToBytes(hexVal);
209 buffer.putInt32(bytes.length);
210 buffer.putBytes(bytes);
211 }
212  
213 /**
214 * Adds len(val) then val to a buffer.
215 *
216 * @param buffer the buffer to add to.
217 * @param val a string.
218 */
219 function _addStringToBuffer(buffer, val) {
220 buffer.putInt32(val.length);
221 buffer.putString(val);
222 }
223  
224 /**
225 * Hashes the arguments into one value using SHA-1.
226 *
227 * @return the sha1 hash of the provided arguments.
228 */
229 function _sha1() {
230 var sha = forge.md.sha1.create();
231 var num = arguments.length;
232 for (var i = 0; i < num; ++i) {
233 sha.update(arguments[i]);
234 }
235 return sha.digest();
236 }