You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
107 lines
2.8 KiB
107 lines
2.8 KiB
// Copyright 2015 Joyent, Inc. |
|
|
|
module.exports = { |
|
read: read, |
|
write: write |
|
}; |
|
|
|
var assert = require('assert-plus'); |
|
var Buffer = require('safer-buffer').Buffer; |
|
var utils = require('../utils'); |
|
var Key = require('../key'); |
|
var PrivateKey = require('../private-key'); |
|
|
|
var pem = require('./pem'); |
|
var ssh = require('./ssh'); |
|
var rfc4253 = require('./rfc4253'); |
|
var dnssec = require('./dnssec'); |
|
|
|
var DNSSEC_PRIVKEY_HEADER_PREFIX = 'Private-key-format: v1'; |
|
|
|
function read(buf, options) { |
|
if (typeof (buf) === 'string') { |
|
if (buf.trim().match(/^[-]+[ ]*BEGIN/)) |
|
return (pem.read(buf, options)); |
|
if (buf.match(/^\s*ssh-[a-z]/)) |
|
return (ssh.read(buf, options)); |
|
if (buf.match(/^\s*ecdsa-/)) |
|
return (ssh.read(buf, options)); |
|
if (findDNSSECHeader(buf)) |
|
return (dnssec.read(buf, options)); |
|
buf = Buffer.from(buf, 'binary'); |
|
} else { |
|
assert.buffer(buf); |
|
if (findPEMHeader(buf)) |
|
return (pem.read(buf, options)); |
|
if (findSSHHeader(buf)) |
|
return (ssh.read(buf, options)); |
|
if (findDNSSECHeader(buf)) |
|
return (dnssec.read(buf, options)); |
|
} |
|
if (buf.readUInt32BE(0) < buf.length) |
|
return (rfc4253.read(buf, options)); |
|
throw (new Error('Failed to auto-detect format of key')); |
|
} |
|
|
|
function findSSHHeader(buf) { |
|
var offset = 0; |
|
while (offset < buf.length && |
|
(buf[offset] === 32 || buf[offset] === 10 || buf[offset] === 9)) |
|
++offset; |
|
if (offset + 4 <= buf.length && |
|
buf.slice(offset, offset + 4).toString('ascii') === 'ssh-') |
|
return (true); |
|
if (offset + 6 <= buf.length && |
|
buf.slice(offset, offset + 6).toString('ascii') === 'ecdsa-') |
|
return (true); |
|
return (false); |
|
} |
|
|
|
function findPEMHeader(buf) { |
|
var offset = 0; |
|
while (offset < buf.length && |
|
(buf[offset] === 32 || buf[offset] === 10)) |
|
++offset; |
|
if (buf[offset] !== 45) |
|
return (false); |
|
while (offset < buf.length && |
|
(buf[offset] === 45)) |
|
++offset; |
|
while (offset < buf.length && |
|
(buf[offset] === 32)) |
|
++offset; |
|
if (offset + 5 > buf.length || |
|
buf.slice(offset, offset + 5).toString('ascii') !== 'BEGIN') |
|
return (false); |
|
return (true); |
|
} |
|
|
|
function findDNSSECHeader(buf) { |
|
// private case first |
|
if (buf.length <= DNSSEC_PRIVKEY_HEADER_PREFIX.length) |
|
return (false); |
|
var headerCheck = buf.slice(0, DNSSEC_PRIVKEY_HEADER_PREFIX.length); |
|
if (headerCheck.toString('ascii') === DNSSEC_PRIVKEY_HEADER_PREFIX) |
|
return (true); |
|
|
|
// public-key RFC3110 ? |
|
// 'domain.com. IN KEY ...' or 'domain.com. IN DNSKEY ...' |
|
// skip any comment-lines |
|
if (typeof (buf) !== 'string') { |
|
buf = buf.toString('ascii'); |
|
} |
|
var lines = buf.split('\n'); |
|
var line = 0; |
|
/* JSSTYLED */ |
|
while (lines[line].match(/^\;/)) |
|
line++; |
|
if (lines[line].toString('ascii').match(/\. IN KEY /)) |
|
return (true); |
|
if (lines[line].toString('ascii').match(/\. IN DNSKEY /)) |
|
return (true); |
|
return (false); |
|
} |
|
|
|
function write(key, options) { |
|
throw (new Error('"auto" format cannot be used for writing')); |
|
}
|
|
|