8abe6e50315b25fb98f72db675d5b85d9a4be5ff.svn-base
3.35 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
// Copyright 2018 Joyent, Inc.
module.exports = {
read: read,
write: write
};
var assert = require('assert-plus');
var Buffer = require('safer-buffer').Buffer;
var utils = require('../utils');
var Key = require('../key');
var PrivateKey = require('../private-key');
var pem = require('./pem');
var ssh = require('./ssh');
var rfc4253 = require('./rfc4253');
var dnssec = require('./dnssec');
var putty = require('./putty');
var DNSSEC_PRIVKEY_HEADER_PREFIX = 'Private-key-format: v1';
function read(buf, options) {
if (typeof (buf) === 'string') {
if (buf.trim().match(/^[-]+[ ]*BEGIN/))
return (pem.read(buf, options));
if (buf.match(/^\s*ssh-[a-z]/))
return (ssh.read(buf, options));
if (buf.match(/^\s*ecdsa-/))
return (ssh.read(buf, options));
if (buf.match(/^putty-user-key-file-2:/i))
return (putty.read(buf, options));
if (findDNSSECHeader(buf))
return (dnssec.read(buf, options));
buf = Buffer.from(buf, 'binary');
} else {
assert.buffer(buf);
if (findPEMHeader(buf))
return (pem.read(buf, options));
if (findSSHHeader(buf))
return (ssh.read(buf, options));
if (findPuTTYHeader(buf))
return (putty.read(buf, options));
if (findDNSSECHeader(buf))
return (dnssec.read(buf, options));
}
if (buf.readUInt32BE(0) < buf.length)
return (rfc4253.read(buf, options));
throw (new Error('Failed to auto-detect format of key'));
}
function findPuTTYHeader(buf) {
var offset = 0;
while (offset < buf.length &&
(buf[offset] === 32 || buf[offset] === 10 || buf[offset] === 9))
++offset;
if (offset + 22 <= buf.length &&
buf.slice(offset, offset + 22).toString('ascii').toLowerCase() ===
'putty-user-key-file-2:')
return (true);
return (false);
}
function findSSHHeader(buf) {
var offset = 0;
while (offset < buf.length &&
(buf[offset] === 32 || buf[offset] === 10 || buf[offset] === 9))
++offset;
if (offset + 4 <= buf.length &&
buf.slice(offset, offset + 4).toString('ascii') === 'ssh-')
return (true);
if (offset + 6 <= buf.length &&
buf.slice(offset, offset + 6).toString('ascii') === 'ecdsa-')
return (true);
return (false);
}
function findPEMHeader(buf) {
var offset = 0;
while (offset < buf.length &&
(buf[offset] === 32 || buf[offset] === 10))
++offset;
if (buf[offset] !== 45)
return (false);
while (offset < buf.length &&
(buf[offset] === 45))
++offset;
while (offset < buf.length &&
(buf[offset] === 32))
++offset;
if (offset + 5 > buf.length ||
buf.slice(offset, offset + 5).toString('ascii') !== 'BEGIN')
return (false);
return (true);
}
function findDNSSECHeader(buf) {
// private case first
if (buf.length <= DNSSEC_PRIVKEY_HEADER_PREFIX.length)
return (false);
var headerCheck = buf.slice(0, DNSSEC_PRIVKEY_HEADER_PREFIX.length);
if (headerCheck.toString('ascii') === DNSSEC_PRIVKEY_HEADER_PREFIX)
return (true);
// public-key RFC3110 ?
// 'domain.com. IN KEY ...' or 'domain.com. IN DNSKEY ...'
// skip any comment-lines
if (typeof (buf) !== 'string') {
buf = buf.toString('ascii');
}
var lines = buf.split('\n');
var line = 0;
/* JSSTYLED */
while (lines[line].match(/^\;/))
line++;
if (lines[line].toString('ascii').match(/\. IN KEY /))
return (true);
if (lines[line].toString('ascii').match(/\. IN DNSKEY /))
return (true);
return (false);
}
function write(key, options) {
throw (new Error('"auto" format cannot be used for writing'));
}