You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
124 lines
3.4 KiB
124 lines
3.4 KiB
// Copyright 2018 Joyent, Inc.
|
|
|
|
module.exports = {
|
|
read: read,
|
|
write: write
|
|
};
|
|
|
|
var assert = require('assert-plus');
|
|
var Buffer = require('safer-buffer').Buffer;
|
|
var utils = require('../utils');
|
|
var Key = require('../key');
|
|
var PrivateKey = require('../private-key');
|
|
|
|
var pem = require('./pem');
|
|
var ssh = require('./ssh');
|
|
var rfc4253 = require('./rfc4253');
|
|
var dnssec = require('./dnssec');
|
|
var putty = require('./putty');
|
|
|
|
var DNSSEC_PRIVKEY_HEADER_PREFIX = 'Private-key-format: v1';
|
|
|
|
function read(buf, options) {
|
|
if (typeof (buf) === 'string') {
|
|
if (buf.trim().match(/^[-]+[ ]*BEGIN/))
|
|
return (pem.read(buf, options));
|
|
if (buf.match(/^\s*ssh-[a-z]/))
|
|
return (ssh.read(buf, options));
|
|
if (buf.match(/^\s*ecdsa-/))
|
|
return (ssh.read(buf, options));
|
|
if (buf.match(/^putty-user-key-file-2:/i))
|
|
return (putty.read(buf, options));
|
|
if (findDNSSECHeader(buf))
|
|
return (dnssec.read(buf, options));
|
|
buf = Buffer.from(buf, 'binary');
|
|
} else {
|
|
assert.buffer(buf);
|
|
if (findPEMHeader(buf))
|
|
return (pem.read(buf, options));
|
|
if (findSSHHeader(buf))
|
|
return (ssh.read(buf, options));
|
|
if (findPuTTYHeader(buf))
|
|
return (putty.read(buf, options));
|
|
if (findDNSSECHeader(buf))
|
|
return (dnssec.read(buf, options));
|
|
}
|
|
if (buf.readUInt32BE(0) < buf.length)
|
|
return (rfc4253.read(buf, options));
|
|
throw (new Error('Failed to auto-detect format of key'));
|
|
}
|
|
|
|
function findPuTTYHeader(buf) {
|
|
var offset = 0;
|
|
while (offset < buf.length &&
|
|
(buf[offset] === 32 || buf[offset] === 10 || buf[offset] === 9))
|
|
++offset;
|
|
if (offset + 22 <= buf.length &&
|
|
buf.slice(offset, offset + 22).toString('ascii').toLowerCase() ===
|
|
'putty-user-key-file-2:')
|
|
return (true);
|
|
return (false);
|
|
}
|
|
|
|
function findSSHHeader(buf) {
|
|
var offset = 0;
|
|
while (offset < buf.length &&
|
|
(buf[offset] === 32 || buf[offset] === 10 || buf[offset] === 9))
|
|
++offset;
|
|
if (offset + 4 <= buf.length &&
|
|
buf.slice(offset, offset + 4).toString('ascii') === 'ssh-')
|
|
return (true);
|
|
if (offset + 6 <= buf.length &&
|
|
buf.slice(offset, offset + 6).toString('ascii') === 'ecdsa-')
|
|
return (true);
|
|
return (false);
|
|
}
|
|
|
|
function findPEMHeader(buf) {
|
|
var offset = 0;
|
|
while (offset < buf.length &&
|
|
(buf[offset] === 32 || buf[offset] === 10))
|
|
++offset;
|
|
if (buf[offset] !== 45)
|
|
return (false);
|
|
while (offset < buf.length &&
|
|
(buf[offset] === 45))
|
|
++offset;
|
|
while (offset < buf.length &&
|
|
(buf[offset] === 32))
|
|
++offset;
|
|
if (offset + 5 > buf.length ||
|
|
buf.slice(offset, offset + 5).toString('ascii') !== 'BEGIN')
|
|
return (false);
|
|
return (true);
|
|
}
|
|
|
|
function findDNSSECHeader(buf) {
|
|
// private case first
|
|
if (buf.length <= DNSSEC_PRIVKEY_HEADER_PREFIX.length)
|
|
return (false);
|
|
var headerCheck = buf.slice(0, DNSSEC_PRIVKEY_HEADER_PREFIX.length);
|
|
if (headerCheck.toString('ascii') === DNSSEC_PRIVKEY_HEADER_PREFIX)
|
|
return (true);
|
|
|
|
// public-key RFC3110 ?
|
|
// 'domain.com. IN KEY ...' or 'domain.com. IN DNSKEY ...'
|
|
// skip any comment-lines
|
|
if (typeof (buf) !== 'string') {
|
|
buf = buf.toString('ascii');
|
|
}
|
|
var lines = buf.split('\n');
|
|
var line = 0;
|
|
/* JSSTYLED */
|
|
while (lines[line].match(/^\;/))
|
|
line++;
|
|
if (lines[line].toString('ascii').match(/\. IN KEY /))
|
|
return (true);
|
|
if (lines[line].toString('ascii').match(/\. IN DNSKEY /))
|
|
return (true);
|
|
return (false);
|
|
}
|
|
|
|
function write(key, options) {
|
|
throw (new Error('"auto" format cannot be used for writing'));
|
|
}
|