1 |
|
2 |
|
3 | var assert = require('assert-plus');
|
4 | var sshpk = require('sshpk');
|
5 | var util = require('util');
|
6 |
|
7 | var HASH_ALGOS = {
|
8 | 'sha1': true,
|
9 | 'sha256': true,
|
10 | 'sha512': true
|
11 | };
|
12 |
|
13 | var PK_ALGOS = {
|
14 | 'rsa': true,
|
15 | 'dsa': true,
|
16 | 'ecdsa': true
|
17 | };
|
18 |
|
19 | var HEADER = {
|
20 | AUTH: 'authorization',
|
21 | SIG: 'signature'
|
22 | };
|
23 |
|
24 | function HttpSignatureError(message, caller) {
|
25 | if (Error.captureStackTrace)
|
26 | Error.captureStackTrace(this, caller || HttpSignatureError);
|
27 |
|
28 | this.message = message;
|
29 | this.name = caller.name;
|
30 | }
|
31 | util.inherits(HttpSignatureError, Error);
|
32 |
|
33 | function InvalidAlgorithmError(message) {
|
34 | HttpSignatureError.call(this, message, InvalidAlgorithmError);
|
35 | }
|
36 | util.inherits(InvalidAlgorithmError, HttpSignatureError);
|
37 |
|
38 | function validateAlgorithm(algorithm) {
|
39 | var alg = algorithm.toLowerCase().split('-');
|
40 |
|
41 | if (alg.length !== 2) {
|
42 | throw (new InvalidAlgorithmError(alg[0].toUpperCase() + ' is not a ' +
|
43 | 'valid algorithm'));
|
44 | }
|
45 |
|
46 | if (alg[0] !== 'hmac' && !PK_ALGOS[alg[0]]) {
|
47 | throw (new InvalidAlgorithmError(alg[0].toUpperCase() + ' type keys ' +
|
48 | 'are not supported'));
|
49 | }
|
50 |
|
51 | if (!HASH_ALGOS[alg[1]]) {
|
52 | throw (new InvalidAlgorithmError(alg[1].toUpperCase() + ' is not a ' +
|
53 | 'supported hash algorithm'));
|
54 | }
|
55 |
|
56 | return (alg);
|
57 | }
|
58 |
|
59 |
|
60 |
|
61 | module.exports = {
|
62 | HEADER: HEADER,
|
63 |
|
64 | HASH_ALGOS: HASH_ALGOS,
|
65 | PK_ALGOS: PK_ALGOS,
|
66 |
|
67 | HttpSignatureError: HttpSignatureError,
|
68 | InvalidAlgorithmError: InvalidAlgorithmError,
|
69 |
|
70 | validateAlgorithm: validateAlgorithm,
|
71 |
|
72 | |
73 |
|
74 |
|
75 |
|
76 |
|
77 |
|
78 |
|
79 |
|
80 |
|
81 |
|
82 |
|
83 | sshKeyToPEM: function sshKeyToPEM(key) {
|
84 | assert.string(key, 'ssh_key');
|
85 |
|
86 | var k = sshpk.parseKey(key, 'ssh');
|
87 | return (k.toString('pem'));
|
88 | },
|
89 |
|
90 |
|
91 | |
92 |
|
93 |
|
94 |
|
95 |
|
96 |
|
97 |
|
98 |
|
99 | fingerprint: function fingerprint(key) {
|
100 | assert.string(key, 'ssh_key');
|
101 |
|
102 | var k = sshpk.parseKey(key, 'ssh');
|
103 | return (k.fingerprint('md5').toString('hex'));
|
104 | },
|
105 |
|
106 | |
107 |
|
108 |
|
109 |
|
110 |
|
111 | pemToRsaSSHKey: function pemToRsaSSHKey(pem, comment) {
|
112 | assert.equal('string', typeof (pem), 'typeof pem');
|
113 |
|
114 | var k = sshpk.parseKey(pem, 'pem');
|
115 | k.comment = comment;
|
116 | return (k.toString('ssh'));
|
117 | }
|
118 | };
|