coolaj86/ecdsa-csr.js
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Compare commits

base: coolaj86:master
Branches Tags
coolaj86:master
coolaj86:uasn1
coolaj86:v1.1.1
coolaj86:v1.1.0
coolaj86:v1.0.2
coolaj86:v1.0.1
coolaj86:v1.0.0
..
compare: coolaj86:v1.0.1
Branches Tags
coolaj86:master
coolaj86:uasn1
coolaj86:v1.1.1
coolaj86:v1.1.0
coolaj86:v1.0.2
coolaj86:v1.0.1
coolaj86:v1.0.0

No commits in common. "master" and "v1.0.1" have entirely different histories.
master ... v1.0.1

11 changed files with 341 additions and 398 deletions
Show Stats Expand all files Collapse all files

15
README.md
View File

@ -1,7 +1,7 @@
ECDSA-CSR.js
=========
Sponsored by [Root](https://therootcompany.com), built for [ACME.js](https://git.coolaj86.com/coolaj86/acme.js) and [Greenlock.js](https://git.coolaj86.com/coolaj86/greenlock-express.js)
Sponsored by [Root](https://therootcompany.com)
A focused, **zero-dependency** library that can do exactly one thing really, really well:
* Generate a Certificate Signing Requests (CSR), and sign it!
@ -38,8 +38,7 @@ var edsacsr = require('ecdsa-csr');
var domains = [ 'example.com', 'www.example.com', 'api.example.com' ];
return ecdsacsr({ key: key, domains: domains }).then(function (csr) {
console.log('CSR PEM:');
console.log(csr);
console.log('CSR PEM:', csr);
});
```
@ -49,11 +48,7 @@ return ecdsacsr({ key: key, domains: domains }).then(function (csr) {
* PEM may be a plain string or a Buffer*
* DER must be a Buffer*
* `domains` must be a list of strings representing domain names
* correctly handles utf-8
* you may also use punycoded, if needed
* `subject` will be `domains[0]` by default
* you shouldn't use this unless you need to
* you may need to if you need utf-8 for domains, but punycode for the subject
* must be plain oldl utf8, not punycode
* "Buffer" can be a node Buffer, a JavaScript Uint8Array,
or a JavaScript Array which contains only numbers between 0 and 255.
@ -82,10 +77,12 @@ Known Issues
------------
I've learned to be careful about talking about the future,
however, I literally just published this last night (2018-11-17)
however, I literally just published this tonight (2018-11-17)
and there are a few things I plan to address but haven't yet:
* JWK not yet supported
* non-ascii domains, such as 例.中国 not yet supported
* total domains length over 127 characters not yet supported
New to Crypto?
--------------

8
bin/ecdsacsr.js
View File

@ -1,4 +1,4 @@
#!/usr/bin/env node
#!/bin/env node
'use strict';
var fs = require('fs');
@ -10,8 +10,8 @@ var domains = process.argv[3].split(/,/);
var keypem = fs.readFileSync(keyname, 'ascii');
ecdsacsr({ key: keypem, domains: domains }).then(function (csr) {
// Using error so that we can redirect stdout to file
//console.error("CN=" + domains[0]);
//console.error("subjectAltName=" + domains.join(','));
console.error("CN=" + domains[0]);
console.error("subjectAltName=" + domains.join(','));
console.error();
console.log(csr);
});

5
fixtures/privkey-ec-p256.pkcs8.pem
View File

@ -1,5 +0,0 @@
-----BEGIN EC PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgiYydo27aNGO9DBUW
eGEPD8oNi1LZDqfxPmQlieLBjVShRANCAAQhPVJYvGxpw+ITlnXqOSikCfz/7zms
yODIKiSueMN+3pj9icDgDnTJl7sKcWyp4Nymc9u5s/pyliJVyd680hjK
-----END EC PRIVATE KEY-----

5
fixtures/privkey-ec-p256.sec1.pem
View File

@ -1,5 +0,0 @@
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIImMnaNu2jRjvQwVFnhhDw/KDYtS2Q6n8T5kJYniwY1UoAoGCCqGSM49
AwEHoUQDQgAEIT1SWLxsacPiE5Z16jkopAn8/+85rMjgyCokrnjDft6Y/YnA4A50
yZe7CnFsqeDcpnPbubP6cpYiVcnevNIYyg==
-----END EC PRIVATE KEY-----

6
fixtures/privkey-ec-p384.pkcs8.pem
View File

@ -1,6 +0,0 @@
-----BEGIN EC PRIVATE KEY-----
MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBeXK4IRZJNNLxTv078
zPTnPXy+HiRvXSzO+7/ul1e4ZZXqV8TI8THJRhawDoDaR1WhZANiAATbMRTRsoJr
t6Mosgnyg8acuGqHHKK/j/DfwrZrRI8Lp2xJ33+CU0nyVyq/Sx9/kZtUPiOe7zdL
qxyfr9N4CPcRk5EQZs6zp3OhWlq6Cf5dAwzIL07hUtsMMUYFlMmUyxs=
-----END EC PRIVATE KEY-----

6
fixtures/privkey-ec-p384.sec1.pem
View File

@ -1,6 +0,0 @@
-----BEGIN EC PRIVATE KEY-----
MIGkAgEBBDBeXK4IRZJNNLxTv078zPTnPXy+HiRvXSzO+7/ul1e4ZZXqV8TI8THJ
RhawDoDaR1WgBwYFK4EEACKhZANiAATbMRTRsoJrt6Mosgnyg8acuGqHHKK/j/Df
wrZrRI8Lp2xJ33+CU0nyVyq/Sx9/kZtUPiOe7zdLqxyfr9N4CPcRk5EQZs6zp3Oh
Wlq6Cf5dAwzIL07hUtsMMUYFlMmUyxs=
-----END EC PRIVATE KEY-----

4
fixtures/pub-ec-p256.spki.pem
View File

@ -1,4 +0,0 @@
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEIT1SWLxsacPiE5Z16jkopAn8/+85
rMjgyCokrnjDft6Y/YnA4A50yZe7CnFsqeDcpnPbubP6cpYiVcnevNIYyg==
-----END PUBLIC KEY-----

5
fixtures/pub-ec-p384.spki.pem
View File

@ -1,5 +0,0 @@
-----BEGIN PUBLIC KEY-----
MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE2zEU0bKCa7ejKLIJ8oPGnLhqhxyiv4/w
38K2a0SPC6dsSd9/glNJ8lcqv0sff5GbVD4jnu83S6scn6/TeAj3EZOREGbOs6dz
oVpaugn+XQMMyC9O4VLbDDFGBZTJlMsb
-----END PUBLIC KEY-----

650
lib/ecdsacsr.js
View File

@ -6,26 +6,195 @@ var crypto = require('crypto');
// prime256v1 (ANSI X9.62 named elliptic curve)
var OBJ_ID_EC = '06 08 2A8648CE3D030107'.replace(/\s+/g, '').toLowerCase();
var ECDSACSR = {};
var ECDSA = {};
var DER = {};
var PEM = {};
var ASN1;
var Hex = {};
var AB = {};
function fromBase64(b64) {
var buf;
var ab;
if ('undefined' === typeof atob) {
buf = Buffer.from(b64, 'base64');
return buf.buffer.slice(buf.byteOffset, buf.byteOffset + buf.byteLength);
}
buf = atob(b64);
ab = new ArrayBuffer(buf.length);
ab = new Uint8Array(ab);
buf.split('').forEach(function (ch, i) {
ab[i] = ch.charCodeAt(0);
});
return ab.buffer;
}
//
// CSR - the main event
//
function parsePem(pem) {
var typ;
var pub;
var crv;
var der = fromBase64(pem.split(/\n/).filter(function (line, i) {
if (0 === i) {
if (/ PUBLIC /.test(line)) {
pub = true;
} else if (/ PRIVATE /.test(line)) {
pub = false;
}
if (/ EC/.test(line)) {
typ = 'EC';
}
}
return !/---/.test(line);
}).join(''));
ECDSACSR.create = function createEcCsr(keypem, domains) {
var pemblock = PEM.parseBlock(keypem);
var ecpub = PEM.parseEcPubkey(pemblock.der);
var request = ECDSACSR.request(ecpub, domains);
return AB.fromHex(ECDSACSR.sign(keypem, request));
};
if (!typ || 'EC' === typ) {
var hex = toHex(der).toLowerCase();
if (-1 !== hex.indexOf(OBJ_ID_EC)) {
typ = 'EC';
crv = 'P-256';
} else {
// TODO more than just P-256
console.warn("unsupported ec curve");
}
}
ECDSACSR.request = function createCsrBodyEc(xy, domains) {
return { typ: typ, pub: pub, der: der, crv: crv };
}
function toHex(ab) {
var hex = [];
var u8 = new Uint8Array(ab);
var size = u8.byteLength;
var i;
var h;
for (i = 0; i < size; i += 1) {
h = u8[i].toString(16);
if (2 === h.length) {
hex.push(h);
} else {
hex.push('0' + h);
}
}
return hex.join('');
}
function fromHex(hex) {
if ('undefined' !== typeof Buffer) {
return Buffer.from(hex, 'hex');
}
var ab = new ArrayBuffer(hex.length/2);
var i;
var j;
ab = new Uint8Array(ab);
for (i = 0, j = 0; i < (hex.length/2); i += 1) {
ab[i] = parseInt(hex.slice(j, j+1), 16);
j += 2;
}
return ab.buffer;
}
function readEcPubkey(der) {
// the key is the last 520 bits of both the private key and the public key
// he 3 bits prior identify the key as
var x, y;
var compressed;
var keylen = 32;
var offset = 64;
var headerSize = 4;
var header = toHex(der.slice(der.byteLength - (offset + headerSize), der.byteLength - offset));
if ('03420004' !== header) {
offset = 32;
header = toHex(der.slice(der.byteLength - (offset + headerSize), der.byteLength - offset));
if ('03420002' !== header) {
throw new Error("not a valid EC P-256 key (expected 0x0342004 or 0x0342002 as pub key preamble, but found " + header + ")");
}
}
// The one good thing that came from the b***kchain hysteria: good EC documentation
// https://davidederosa.com/basic-blockchain-programming/elliptic-curve-keys/
compressed = ('2' === header[header.byteLength -1]);
x = der.slice(der.byteLength - offset, (der.byteLength - offset) + keylen);
if (!compressed) {
y = der.slice(der.byteLength - keylen, der.byteLength);
}
return {
x: x
, y: y || null
};
}
function formatAsPem(str) {
var finalString = '';
while (str.length > 0) {
finalString += str.substring(0, 64) + '\n';
str = str.substring(64);
}
return finalString;
}
function toBase64(der) {
if ('undefined' === typeof btoa) {
return Buffer.from(der).toString('base64');
}
var chs = [];
der.forEach(function (b) {
chs.push(String.fromCharCode(b));
});
return btoa(chs.join(''));
}
// these are static ASN.1 segments
// The head specifies that there will be 3 segments and a content length
// (those segments will be content, signature header, and signature)
var csrHead = '30 82 {0seq0len}'.replace(/\s+/g, '');
// The tail specifies the ES256 signature header (and is followed by the signature
var csrEcFoot =
( '30 0A'
// 1.2.840.10045.4.3.2 ecdsaWithSHA256
// (ANSI X9.62 ECDSA algorithm with SHA256)
+ '06 08 2A 86 48 CE 3D 04 03 02'
+ '03 {len} 00' // bit stream (why??)
+ '30 {rslen}' // sequence
+ '02 {rlen} {r}' // integer r
+ '02 {slen} {s}' // integer s
).replace(/\s+/g, '');
var csrDomains = '82 {dlen} {domain.tld}'; // 2+n bytes (type 82?)
function strToHex(str) {
return str.split('').map(function (ch) {
var h = ch.charCodeAt(0).toString(16);
if (2 === h.length) {
return h;
}
return '0' + h;
}).join('');
}
function numToHex(d) {
d = d.toString(16);
if (d.length % 2) {
return '0' + d;
}
return d;
}
function fromHex(hex) {
if ('undefined' !== typeof Buffer) {
return Buffer.from(hex, 'hex');
}
var ab = new ArrayBuffer(hex.length/2);
var i;
var j;
ab = new Uint8Array(ab);
for (i = 0, j = 0; i < (hex.length/2); i += 1) {
ab[i] = parseInt(hex.slice(j, j+1), 16);
j += 2;
}
return ab.buffer;
}
function createCsrBodyEc(domains, xy) {
var altnames = domains.map(function (d) {
return csrDomains.replace(/{dlen}/, numToHex(d.length)).replace(/{domain\.tld}/, strToHex(d));
}).join('').replace(/\s+/g, '');
var sublen = domains[0].length;
var sanlen = (altnames.length/2);
var publen = xy.x.byteLength;
var compression = '04';
var hxy = '';
@ -40,89 +209,79 @@ ECDSACSR.request = function createCsrBodyEc(xy, domains) {
// I haven't learned yet, and I'm not sure if it's allowed at all
compression = '02';
}
hxy += Hex.fromAB(xy.x);
if (xy.y) { hxy += Hex.fromAB(xy.y); }
hxy += toHex(xy.x);
if (xy.y) {
hxy += toHex(xy.y);
}
// Sorry for the mess, but it is what it is
return ASN1('30'
var body = [ '30 81 {+85+n}' // 4 bytes, sequence
.replace(/{[^}]+}/, numToHex(
3
+ 13 + sublen
+ 27 + publen // Length for EC-related P-256 stuff
+ 30 + sanlen
))
// Version (0)
, ASN1.UInt('00')
// #0 Total 3
, '02 01 00' // 3 bytes, int 0
// CN / Subject
, ASN1('30'
, ASN1('31'
, ASN1('30'
// object id (commonName)
, ASN1('06', '55 04 03')
, ASN1('0C', Hex.fromString(domains[0])))))
// Subject
// #1 Total 2+11+n
, '30 {3.2.0seqlen}' // 2 bytes, sequence
.replace(/{[^}]+}/, numToHex(2+2+5+2+sublen))
, '31 {4.3.0setlen}' // 2 bytes, set
.replace(/{[^}]+}/, numToHex(2+5+2+sublen))
, '30 {5.4.0seqlen}' // 2 bytes, sequence
.replace(/{[^}]+}/, numToHex(5+2+sublen))
, '06 03 55 04 03' // 5 bytes, object id (commonName)
, '0C {dlen} {domain.tld}' // 2+n bytes, utf8string
.replace(/{dlen}/, numToHex(sublen))
.replace(/{domain\.tld}/, strToHex(domains[0]))
// EC P-256 Public Key
, ASN1('30'
, ASN1('30'
// P-256 Public Key
// #2 Total 2+25+xy
, '30 {+25+xy}' // 2 bytes, sequence
.replace(/{[^}]+}/, numToHex(2+9+10+3+1+publen))
, '30 13' // 2 bytes, sequence
// 1.2.840.10045.2.1 ecPublicKey
// (ANSI X9.62 public key type)
, ASN1('06', '2A 86 48 CE 3D 02 01')
, '06 07 2A 86 48 CE 3D 02 01' // 9 bytes, object id
// 1.2.840.10045.3.1.7 prime256v1
// (ANSI X9.62 named elliptic curve)
, ASN1('06', '2A 86 48 CE 3D 03 01 07')
)
, ASN1.BitStr(compression + hxy))
, '06 08 2A 86 48 CE 3D 03 01 07' // 10 bytes, object id
, '03 {xylen} 00 {xy}' // 3+1+n bytes
.replace(/{xylen}/, numToHex(publen+2))
.replace(/{xy}/, compression + hxy)
// CSR Extension Subject Alternative Names
, ASN1('A0'
, ASN1('30'
// Altnames
// #3 Total 2+28+n
, 'A0 {+28}' // 2 bytes, ?? [4B]
.replace(/{[^}]+}/, numToHex(2+11+2+2+2+5+2+2+sanlen))
, '30 {+26}' // 2 bytes, sequence
.replace(/{[^}]+}/, numToHex(11+2+2+2+5+2+2+sanlen))
// (extensionRequest (PKCS #9 via CRMF))
, ASN1('06', '2A 86 48 86 F7 0D 01 09 0E')
, ASN1('31'
, ASN1('30'
, ASN1('30'
, '06 09 2A 86 48 86 F7 0D 01 09 0E' // 11 bytes, object id
, '31 {+13}' // 2 bytes, set
.replace(/{[^}]+}/, numToHex(2+2+5+2+2+sanlen))
, '30 {+11}' // 2 bytes, sequence
.replace(/{[^}]+}/, numToHex(2+5+2+2+sanlen))
, '30 {+9}' // 2 bytes, sequence
.replace(/{[^}]+}/, numToHex(5+2+2+sanlen))
// (subjectAltName (X.509 extension))
, ASN1('06', '55 1D 11')
, ASN1('04'
, ASN1('30', domains.map(function (d) {
return ASN1('82', Hex.fromString(d));
}).join(''))))))))
);
};
, '06 03 55 1D 11' // 5 bytes, object id
, '04 {+2}' // 2 bytes, octet string
.replace(/{[^}]+}/, numToHex(2+sanlen))
, '30 {+n}' // 2 bytes, sequence
.replace(/{[^}]+}/, numToHex(sanlen))
, '{altnames}' // n (elements of sequence)
.replace(/{altnames}/, altnames)
];
body = body.join('').replace(/\s+/g, '');
return fromHex(body);
}
ECDSACSR.sign = function csrEcSig(keypem, request) {
var sig = ECDSA.sign(keypem, AB.fromHex(request));
var rLen = sig.r.byteLength;
var rc = '';
var sLen = sig.s.byteLength;
var sc = '';
if (0x80 & new Uint8Array(sig.r)[0]) { rc = '00'; rLen += 1; }
if (0x80 & new Uint8Array(sig.s)[0]) { sc = '00'; sLen += 1; }
return ASN1('30'
// The Full CSR Request Body
, request
// The Signature Type
, ASN1('30'
// 1.2.840.10045.4.3.2 ecdsaWithSHA256
// (ANSI X9.62 ECDSA algorithm with SHA256)
, ASN1('06', '2A 86 48 CE 3D 04 03 02')
)
// The Signature, embedded in a Bit Stream
, ASN1.BitStr(
// As far as I can tell this is a completely separate ASN.1 structure
// that just so happens to be embedded in a Bit String of another ASN.1
ASN1('30'
, ASN1.UInt(Hex.fromAB(sig.r))
, ASN1.UInt(Hex.fromAB(sig.s))))
);
};
//
// ECDSA
//
// Took some tips from https://gist.github.com/codermapuche/da4f96cdb6d5ff53b7ebc156ec46a10a
ECDSA.sign = function signEc(keypem, ab) {
// https://gist.github.com/codermapuche/da4f96cdb6d5ff53b7ebc156ec46a10a
function signEc(keypem, ab) {
// Signer is a stream
var sign = crypto.createSign('SHA256');
sign.write(new Uint8Array(ab));
@ -155,26 +314,89 @@ ECDSA.sign = function signEc(keypem, ab) {
if (0 === r[0]) { r = r.slice(1); }
return { raw: sig.buffer, r: r.buffer, s: s.buffer };
};
}
//
// DER
//
function createEcCsr(domains, keypem, ecpub) {
// TODO get pub from priv
DER.toCSR = function createEcCsrPem(der) {
var pem = PEM._format(AB.toBase64(der));
var csrBody = createCsrBodyEc(domains, ecpub);
var sig = signEc(keypem, csrBody);
var rLen = sig.r.byteLength;
var rc = '';
var sLen = sig.s.byteLength;
var sc = '';
if (0x80 & new Uint8Array(sig.r)[0]) { rc = '00'; rLen += 1; }
if (0x80 & new Uint8Array(sig.s)[0]) { sc = '00'; sLen += 1; }
var csrSig = csrEcFoot
.replace(/{len}/, numToHex(1 + 2 + 2 + 2 + rLen + sLen))
.replace(/{rslen}/, numToHex(2 + 2 + rLen + sLen))
.replace(/{rlen}/, numToHex(rLen))
.replace(/{r}/, rc + toHex(sig.r))
.replace(/{slen}/, numToHex(sLen))
.replace(/{s}/, sc + toHex(sig.s))
;
// Note: If we supported P-521 a number of the lengths would change
// by one byte and that would be... annoying to update
var len = csrBody.byteLength + (csrSig.length/2);
/*
console.log('sig:', sig.raw.byteLength, toHex(sig.raw));
console.log('r:', sig.r.byteLength, toHex(sig.r));
console.log('s:', sig.s.byteLength, toHex(sig.s));
console.log('csr sig:', csrSig.length / 2, csrSig);
console.log('csrBodyLen + csrSigLen', numToHex(len));
*/
var head = csrHead.replace(/{[^}]+}/, numToHex(len));
var ab = new Uint8Array(new ArrayBuffer((head.length/2) + len));
var i = 0;
fromHex(head).forEach(function (b) {
ab[i] = b;
i += 1;
});
csrBody.forEach(function (b) {
ab[i] = b;
i += 1;
});
fromHex(csrSig).forEach(function (b) {
ab[i] = b;
i += 1;
});
return ab;
}
function createEcCsrPem(domains, keypem) {
var pemblock = parsePem(keypem);
var ecpub = readEcPubkey(pemblock.der);
var ab = createEcCsr(domains, keypem, ecpub);
var pem = formatAsPem(toBase64(ab));
return '-----BEGIN CERTIFICATE REQUEST-----\n' + pem + '-----END CERTIFICATE REQUEST-----';
};
}
//
// PEM
//
// Taken from Unibabel
// https://git.coolaj86.com/coolaj86/unibabel.js#readme
// https://coolaj86.com/articles/base64-unicode-utf-8-javascript-and-you/
function utf8ToUint8Array(str) {
var escstr = encodeURIComponent(str);
// replaces any uri escape sequence, such as %0A,
// with binary escape, such as 0x0A
var binstr = escstr.replace(/%([0-9A-F]{2})/g, function(match, p1) {
return String.fromCharCode('0x' + p1);
});
var buf = new Uint8Array(binstr.length);
binstr.split('').forEach(function (ch, i) {
buf[i] = ch.charCodeAt(0);
});
// Just for error checking
PEM.from = function ensurePem(key) {
return buf;
}
function ensurePem(key) {
if (!key) { throw new Error("no private key given"); }
// whether PEM or DER, convert to Uint8Array
if ('string' === typeof key) { key = AB.utf8ToUint8Array(key); }
if ('string' === typeof key) { key = utf8ToUint8Array(key); }
// for consistency
if (key instanceof Buffer) { key = new Uint8Array(key.buffer.slice(key.byteOffset, key.byteOffset + key.byteLength)); }
@ -197,7 +419,7 @@ PEM.from = function ensurePem(key) {
// if DER, convert to PEM
if ((0x30 === key[0]) && (0x80 & key[1])) {
key = AB.toBase64(key);
key = toBase64(key);
}
key = [].map.call(key, function (i) {
return String.fromCharCode(i);
@ -211,224 +433,7 @@ PEM.from = function ensurePem(key) {
throw new Error("key does not appear to be in PEM formt (does not begin with either '-' or 'M'),"
+ " nor DER format (does not begin with 0x308X)");
}
};
PEM.parseBlock = function parsePem(pem) {
var typ;
var pub;
var crv;
var der = AB.fromBase64(pem.split(/\n/).filter(function (line, i) {
if (0 === i) {
if (/ PUBLIC /.test(line)) {
pub = true;
} else if (/ PRIVATE /.test(line)) {
pub = false;
}
if (/ EC/.test(line)) {
typ = 'EC';
}
}
return !/---/.test(line);
}).join(''));
if (!typ || 'EC' === typ) {
var hex = Hex.fromAB(der).toLowerCase();
if (-1 !== hex.indexOf(OBJ_ID_EC)) {
typ = 'EC';
crv = 'P-256';
} else {
// TODO support P-384 as well (but probably nothing else)
console.warn("unsupported ec curve");
}
}
return { typ: typ, pub: pub, der: der, crv: crv };
};
PEM._format = function formatAsPem(str) {
var finalString = '';
while (str.length > 0) {
finalString += str.substring(0, 64) + '\n';
str = str.substring(64);
}
return finalString;
};
PEM.parseEcPubkey = function readEcPubkey(der) {
// the key is the last 520 bits of both the private key and the public key
// he 3 bits prior identify the key as
var x, y;
var compressed;
var keylen = 32;
var offset = 64;
var headerSize = 4;
var header = Hex.fromAB(der.slice(der.byteLength - (offset + headerSize), der.byteLength - offset));
if ('03420004' !== header) {
offset = 32;
header = Hex.fromAB(der.slice(der.byteLength - (offset + headerSize), der.byteLength - offset));
if ('03420002' !== header) {
throw new Error("not a valid EC P-256 key (expected 0x0342004 or 0x0342002 as pub key preamble, but found " + header + ")");
}
}
// The one good thing that came from the b***kchain hysteria: good EC documentation
// https://davidederosa.com/basic-blockchain-programming/elliptic-curve-keys/
compressed = ('2' === header[header.byteLength -1]);
x = der.slice(der.byteLength - offset, (der.byteLength - offset) + keylen);
if (!compressed) {
y = der.slice(der.byteLength - keylen, der.byteLength);
}
return {
x: x
, y: y || null
};
};
//
// A dumbed-down, minimal ASN.1 packer
//
// Almost every ASN.1 type that's important for CSR
// can be represented generically with only a few rules.
ASN1 = function ASN1(/*type, hexstrings...*/) {
var args = Array.prototype.slice.call(arguments);
var typ = args.shift();
var str = args.join('').replace(/\s+/g, '').toLowerCase();
var len = (str.length/2);
var lenlen = 0;
var hex = typ;
// We can't have an odd number of hex chars
if (len !== Math.round(len)) {
throw new Error("invalid hex");
}
// The first byte of any ASN.1 sequence is the type (Sequence, Integer, etc)
// The second byte is either the size of the value, or the size of its size
// 1. If the second byte is < 0x80 (128) it is considered the size
// 2. If it is > 0x80 then it describes the number of bytes of the size
// ex: 0x82 means the next 2 bytes describe the size of the value
// 3. The special case of exactly 0x80 is "indefinite" length (to end-of-file)
if (len > 127) {
lenlen += 1;
while (len > 255) {
lenlen += 1;
len = len >> 8;
}
}
if (lenlen) { hex += Hex.fromInt(0x80 + lenlen); }
return hex + Hex.fromInt(str.length/2) + str;
};
// The Integer type has some special rules
ASN1.UInt = function UINT() {
var str = Array.prototype.slice.call(arguments).join('');
var first = parseInt(str.slice(0, 2), 16);
// If the first byte is 0x80 or greater, the number is considered negative
// Therefore we add a '00' prefix if the 0x80 bit is set
if (0x80 & first) { str = '00' + str; }
return ASN1('02', str);
};
// The Bit String type also has a special rule
ASN1.BitStr = function BITSTR() {
var str = Array.prototype.slice.call(arguments).join('');
// '00' is a mask of how many bits of the next byte to ignore
return ASN1('03', '00' + str);
};
//
// Hex, Base64, Buffer, String
//
Hex.fromAB = function toHex(ab) {
var hex = [];
var u8 = new Uint8Array(ab);
var size = u8.byteLength;
var i;
var h;
for (i = 0; i < size; i += 1) {
h = u8[i].toString(16);
if (2 === h.length) {
hex.push(h);
} else {
hex.push('0' + h);
}
}
return hex.join('');
};
Hex.fromString = function strToHex(str) {
var escstr = encodeURIComponent(str);
// replaces any uri escape sequence, such as %0A,
// with binary escape, such as 0x0A
var binstr = escstr.replace(/%([0-9A-F]{2})/g, function(match, p1) {
return String.fromCharCode('0x' + p1);
});
return binstr.split('').map(function (b) {
var h = b.charCodeAt(0).toString(16);
if (2 === h.length) { return h; }
return '0' + h;
}).join('');
};
Hex.fromInt = function numToHex(d) {
d = d.toString(16);
if (d.length % 2) {
return '0' + d;
}
return d;
};
// Taken from Unibabel
// https://git.coolaj86.com/coolaj86/unibabel.js#readme
// https://coolaj86.com/articles/base64-unicode-utf-8-javascript-and-you/
AB.utf8ToUint8Array = function (str) {
var escstr = encodeURIComponent(str);
// replaces any uri escape sequence, such as %0A,
// with binary escape, such as 0x0A
var binstr = escstr.replace(/%([0-9A-F]{2})/g, function(match, p1) {
return String.fromCharCode('0x' + p1);
});
var buf = new Uint8Array(binstr.length);
binstr.split('').forEach(function (ch, i) {
buf[i] = ch.charCodeAt(0);
});
return buf;
};
AB.fromHex = function fromHex(hex) {
if ('undefined' !== typeof Buffer) {
return Buffer.from(hex, 'hex');
}
var ab = new ArrayBuffer(hex.length/2);
var i;
var j;
ab = new Uint8Array(ab);
for (i = 0, j = 0; i < (hex.length/2); i += 1) {
ab[i] = parseInt(hex.slice(j, j+1), 16);
j += 2;
}
return ab.buffer;
};
AB.fromBase64 = function fromBase64(b64) {
var buf = Buffer.from(b64, 'base64');
return buf.buffer.slice(buf.byteOffset, buf.byteOffset + buf.byteLength);
};
AB.toBase64 = function toBase64(der) {
return Buffer.from(der).toString('base64');
};
}
/*global Promise*/
module.exports = function (opts) {
@ -451,7 +456,8 @@ module.exports = function (opts) {
})) {
throw new Error("You must pass options.domains as utf8 strings (not punycode)");
}
var key = PEM.from(opts.key);
return DER.toCSR(ECDSACSR.create(key, opts.domains));
var key = ensurePem(opts.key);
return createEcCsrPem(opts.domains, key);
});
};

4
package.json
View File

@ -1,6 +1,6 @@
{
"name": "ecdsa-csr",
"version": "1.1.1",
"version": "1.0.1",
"description": "A focused, zero-dependency library to generate a Certificate Signing Request (CSR) and sign it!",
"main": "index.js",
"bin": {
@ -10,7 +10,7 @@
"lib": "lib"
},
"scripts": {
"postinstall": "node lib/telemetry.js event:install",
"postinstall": "node lib/telemetry.js install",
"test": "echo \"Error: no test specified\" && exit 1"
},
"repository": {

29
test.sh
View File

@ -1,29 +0,0 @@
#!/bin/bash
# creating privkey
openssl ecparam -genkey -name prime256v1 -noout -out ./privkey-ec-p256.pem
# canonical example
rm csr.pem
node bin/ecdsacsr.js ./privkey-ec-p256.pem example.com,www.example.com > csr.pem
openssl req -text -noout -verify -in csr.pem 2>&1 | grep 'verify OK' && echo 'pass' || echo 'FAIL'
# 100 domains (max allowed by Let's Encrypt)
rm csr.pem
node bin/ecdsacsr.js ./privkey-ec-p256.pem example.com,www.example.com,api.example.com,assets.example.com,ftp.example.com,example.org,www.example.org,api.example.org,assets.example.org,ftp.example.org,example.co,www.example.co,api.example.co,assets.example.co,ftp.example.co,example.net,www.example.net,api.example.net,assets.example.net,ftp.example.net,whatever.com,www.whatever.com,api.whatever.com,assets.whatever.com,ftp.whatever.com,whatever.org,www.whatever.org,api.whatever.org,assets.whatever.org,ftp.whatever.org,whatever.net,www.whatever.net,api.whatever.net,assets.whatever.net,ftp.whatever.net,whatever.co,www.whatever.co,api.whatever.co,assets.whatever.co,ftp.whatever.co,sample.com,www.sample.com,api.sample.com,assets.sample.com,ftp.sample.com,sample.org,www.sample.org,api.sample.org,assets.sample.org,ftp.sample.org,sample.net,www.sample.net,api.sample.net,assets.sample.net,ftp.sample.net,sample.co,www.sample.co,api.sample.co,assets.sample.co,ftp.sample.co,foobar.com,www.foobar.com,api.foobar.com,assets.foobar.com,ftp.foobar.com,foobar.org,www.foobar.org,api.foobar.org,assets.foobar.org,ftp.foobar.org,foobar.net,www.foobar.net,api.foobar.net,assets.foobar.net,ftp.foobar.net,foobar.co,www.foobar.co,api.foobar.co,assets.foobar.co,ftp.foobar.co,quux.com,www.quux.com,api.quux.com,assets.quux.com,ftp.quux.com,quux.org,www.quux.org,api.quux.org,assets.quux.org,ftp.quux.org,quux.net,www.quux.net,api.quux.net,assets.quux.net,ftp.quux.net,quux.co,www.quux.co,api.quux.co,assets.quux.co,ftp.quux.co >csr.pem
openssl req -text -noout -verify -in csr.pem 2>&1 | grep 'verify OK' && echo 'pass' || echo 'FAIL'
# single domain
rm csr.pem
node bin/ecdsacsr.js ./privkey-ec-p256.pem example.com > csr.pem
openssl req -text -noout -verify -in csr.pem 2>&1 | grep 'verify OK' && echo 'pass' || echo 'FAIL'
# utf8 domain
rm csr.pem
node bin/ecdsacsr.js ./privkey-ec-p256.pem 例.中国,example.com > csr.pem
openssl req -text -noout -verify -in csr.pem 2>&1 | grep 'verify OK' && echo 'pass' || echo 'FAIL'
#openssl req -text -noout -verify -in csr.pem