|
|
- // Copyright 2017 Joyent, Inc.
-
- module.exports = {
- read: read,
- verify: verify,
- sign: sign,
- signAsync: signAsync,
- write: write,
-
- /* Internal private API */
- fromBuffer: fromBuffer,
- toBuffer: toBuffer
- };
-
- var assert = require('assert-plus');
- var SSHBuffer = require('../ssh-buffer');
- var crypto = require('crypto');
- var Buffer = require('safer-buffer').Buffer;
- var algs = require('../algs');
- var Key = require('../key');
- var PrivateKey = require('../private-key');
- var Identity = require('../identity');
- var rfc4253 = require('./rfc4253');
- var Signature = require('../signature');
- var utils = require('../utils');
- var Certificate = require('../certificate');
-
- function verify(cert, key) {
- /*
- * We always give an issuerKey, so if our verify() is being called then
- * there was no signature. Return false.
- */
- return (false);
- }
-
- var TYPES = {
- 'user': 1,
- 'host': 2
- };
- Object.keys(TYPES).forEach(function (k) { TYPES[TYPES[k]] = k; });
-
- var ECDSA_ALGO = /^ecdsa-sha2-([^@-]+)-cert-v01@openssh.com$/;
-
- function read(buf, options) {
- if (Buffer.isBuffer(buf))
- buf = buf.toString('ascii');
- var parts = buf.trim().split(/[ \t\n]+/g);
- if (parts.length < 2 || parts.length > 3)
- throw (new Error('Not a valid SSH certificate line'));
-
- var algo = parts[0];
- var data = parts[1];
-
- data = Buffer.from(data, 'base64');
- return (fromBuffer(data, algo));
- }
-
- function fromBuffer(data, algo, partial) {
- var sshbuf = new SSHBuffer({ buffer: data });
- var innerAlgo = sshbuf.readString();
- if (algo !== undefined && innerAlgo !== algo)
- throw (new Error('SSH certificate algorithm mismatch'));
- if (algo === undefined)
- algo = innerAlgo;
-
- var cert = {};
- cert.signatures = {};
- cert.signatures.openssh = {};
-
- cert.signatures.openssh.nonce = sshbuf.readBuffer();
-
- var key = {};
- var parts = (key.parts = []);
- key.type = getAlg(algo);
-
- var partCount = algs.info[key.type].parts.length;
- while (parts.length < partCount)
- parts.push(sshbuf.readPart());
- assert.ok(parts.length >= 1, 'key must have at least one part');
-
- var algInfo = algs.info[key.type];
- if (key.type === 'ecdsa') {
- var res = ECDSA_ALGO.exec(algo);
- assert.ok(res !== null);
- assert.strictEqual(res[1], parts[0].data.toString());
- }
-
- for (var i = 0; i < algInfo.parts.length; ++i) {
- parts[i].name = algInfo.parts[i];
- if (parts[i].name !== 'curve' &&
- algInfo.normalize !== false) {
- var p = parts[i];
- p.data = utils.mpNormalize(p.data);
- }
- }
-
- cert.subjectKey = new Key(key);
-
- cert.serial = sshbuf.readInt64();
-
- var type = TYPES[sshbuf.readInt()];
- assert.string(type, 'valid cert type');
-
- cert.signatures.openssh.keyId = sshbuf.readString();
-
- var principals = [];
- var pbuf = sshbuf.readBuffer();
- var psshbuf = new SSHBuffer({ buffer: pbuf });
- while (!psshbuf.atEnd())
- principals.push(psshbuf.readString());
- if (principals.length === 0)
- principals = ['*'];
-
- cert.subjects = principals.map(function (pr) {
- if (type === 'user')
- return (Identity.forUser(pr));
- else if (type === 'host')
- return (Identity.forHost(pr));
- throw (new Error('Unknown identity type ' + type));
- });
-
- cert.validFrom = int64ToDate(sshbuf.readInt64());
- cert.validUntil = int64ToDate(sshbuf.readInt64());
-
- var exts = [];
- var extbuf = new SSHBuffer({ buffer: sshbuf.readBuffer() });
- var ext;
- while (!extbuf.atEnd()) {
- ext = { critical: true };
- ext.name = extbuf.readString();
- ext.data = extbuf.readBuffer();
- exts.push(ext);
- }
- extbuf = new SSHBuffer({ buffer: sshbuf.readBuffer() });
- while (!extbuf.atEnd()) {
- ext = { critical: false };
- ext.name = extbuf.readString();
- ext.data = extbuf.readBuffer();
- exts.push(ext);
- }
- cert.signatures.openssh.exts = exts;
-
- /* reserved */
- sshbuf.readBuffer();
-
- var signingKeyBuf = sshbuf.readBuffer();
- cert.issuerKey = rfc4253.read(signingKeyBuf);
-
- /*
- * OpenSSH certs don't give the identity of the issuer, just their
- * public key. So, we use an Identity that matches anything. The
- * isSignedBy() function will later tell you if the key matches.
- */
- cert.issuer = Identity.forHost('**');
-
- var sigBuf = sshbuf.readBuffer();
- cert.signatures.openssh.signature =
- Signature.parse(sigBuf, cert.issuerKey.type, 'ssh');
-
- if (partial !== undefined) {
- partial.remainder = sshbuf.remainder();
- partial.consumed = sshbuf._offset;
- }
-
- return (new Certificate(cert));
- }
-
- function int64ToDate(buf) {
- var i = buf.readUInt32BE(0) * 4294967296;
- i += buf.readUInt32BE(4);
- var d = new Date();
- d.setTime(i * 1000);
- d.sourceInt64 = buf;
- return (d);
- }
-
- function dateToInt64(date) {
- if (date.sourceInt64 !== undefined)
- return (date.sourceInt64);
- var i = Math.round(date.getTime() / 1000);
- var upper = Math.floor(i / 4294967296);
- var lower = Math.floor(i % 4294967296);
- var buf = Buffer.alloc(8);
- buf.writeUInt32BE(upper, 0);
- buf.writeUInt32BE(lower, 4);
- return (buf);
- }
-
- function sign(cert, key) {
- if (cert.signatures.openssh === undefined)
- cert.signatures.openssh = {};
- try {
- var blob = toBuffer(cert, true);
- } catch (e) {
- delete (cert.signatures.openssh);
- return (false);
- }
- var sig = cert.signatures.openssh;
- var hashAlgo = undefined;
- if (key.type === 'rsa' || key.type === 'dsa')
- hashAlgo = 'sha1';
- var signer = key.createSign(hashAlgo);
- signer.write(blob);
- sig.signature = signer.sign();
- return (true);
- }
-
- function signAsync(cert, signer, done) {
- if (cert.signatures.openssh === undefined)
- cert.signatures.openssh = {};
- try {
- var blob = toBuffer(cert, true);
- } catch (e) {
- delete (cert.signatures.openssh);
- done(e);
- return;
- }
- var sig = cert.signatures.openssh;
-
- signer(blob, function (err, signature) {
- if (err) {
- done(err);
- return;
- }
- try {
- /*
- * This will throw if the signature isn't of a
- * type/algo that can be used for SSH.
- */
- signature.toBuffer('ssh');
- } catch (e) {
- done(e);
- return;
- }
- sig.signature = signature;
- done();
- });
- }
-
- function write(cert, options) {
- if (options === undefined)
- options = {};
-
- var blob = toBuffer(cert);
- var out = getCertType(cert.subjectKey) + ' ' + blob.toString('base64');
- if (options.comment)
- out = out + ' ' + options.comment;
- return (out);
- }
-
-
- function toBuffer(cert, noSig) {
- assert.object(cert.signatures.openssh, 'signature for openssh format');
- var sig = cert.signatures.openssh;
-
- if (sig.nonce === undefined)
- sig.nonce = crypto.randomBytes(16);
- var buf = new SSHBuffer({});
- buf.writeString(getCertType(cert.subjectKey));
- buf.writeBuffer(sig.nonce);
-
- var key = cert.subjectKey;
- var algInfo = algs.info[key.type];
- algInfo.parts.forEach(function (part) {
- buf.writePart(key.part[part]);
- });
-
- buf.writeInt64(cert.serial);
-
- var type = cert.subjects[0].type;
- assert.notStrictEqual(type, 'unknown');
- cert.subjects.forEach(function (id) {
- assert.strictEqual(id.type, type);
- });
- type = TYPES[type];
- buf.writeInt(type);
-
- if (sig.keyId === undefined) {
- sig.keyId = cert.subjects[0].type + '_' +
- (cert.subjects[0].uid || cert.subjects[0].hostname);
- }
- buf.writeString(sig.keyId);
-
- var sub = new SSHBuffer({});
- cert.subjects.forEach(function (id) {
- if (type === TYPES.host)
- sub.writeString(id.hostname);
- else if (type === TYPES.user)
- sub.writeString(id.uid);
- });
- buf.writeBuffer(sub.toBuffer());
-
- buf.writeInt64(dateToInt64(cert.validFrom));
- buf.writeInt64(dateToInt64(cert.validUntil));
-
- var exts = sig.exts;
- if (exts === undefined)
- exts = [];
-
- var extbuf = new SSHBuffer({});
- exts.forEach(function (ext) {
- if (ext.critical !== true)
- return;
- extbuf.writeString(ext.name);
- extbuf.writeBuffer(ext.data);
- });
- buf.writeBuffer(extbuf.toBuffer());
-
- extbuf = new SSHBuffer({});
- exts.forEach(function (ext) {
- if (ext.critical === true)
- return;
- extbuf.writeString(ext.name);
- extbuf.writeBuffer(ext.data);
- });
- buf.writeBuffer(extbuf.toBuffer());
-
- /* reserved */
- buf.writeBuffer(Buffer.alloc(0));
-
- sub = rfc4253.write(cert.issuerKey);
- buf.writeBuffer(sub);
-
- if (!noSig)
- buf.writeBuffer(sig.signature.toBuffer('ssh'));
-
- return (buf.toBuffer());
- }
-
- function getAlg(certType) {
- if (certType === 'ssh-rsa-cert-v01@openssh.com')
- return ('rsa');
- if (certType === 'ssh-dss-cert-v01@openssh.com')
- return ('dsa');
- if (certType.match(ECDSA_ALGO))
- return ('ecdsa');
- if (certType === 'ssh-ed25519-cert-v01@openssh.com')
- return ('ed25519');
- throw (new Error('Unsupported cert type ' + certType));
- }
-
- function getCertType(key) {
- if (key.type === 'rsa')
- return ('ssh-rsa-cert-v01@openssh.com');
- if (key.type === 'dsa')
- return ('ssh-dss-cert-v01@openssh.com');
- if (key.type === 'ecdsa')
- return ('ecdsa-sha2-' + key.curve + '-cert-v01@openssh.com');
- if (key.type === 'ed25519')
- return ('ssh-ed25519-cert-v01@openssh.com');
- throw (new Error('Unsupported key type ' + key.type));
- }
|