mirror of
				https://github.com/therootcompany/keypairs.js.git
				synced 2024-11-16 17:29:03 +00:00 
			
		
		
		
	make Prettier v2
This commit is contained in:
		
							parent
							
								
									e880ef3f83
								
							
						
					
					
						commit
						b1df7af626
					
				
							
								
								
									
										8
									
								
								.prettierrc
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										8
									
								
								.prettierrc
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,8 @@ | ||||
| { | ||||
|   "bracketSpacing": true, | ||||
|   "printWidth": 80, | ||||
|   "singleQuote": true, | ||||
|   "tabWidth": 4, | ||||
|   "trailingComma": "none", | ||||
|   "useTabs": true | ||||
| } | ||||
| @ -23,7 +23,7 @@ if ( | ||||
| 		namedCurve: format === 'P-384' ? 'P-384' : 'P-256', | ||||
| 		encoding: format === 'der' ? 'der' : 'pem' | ||||
| 	}) | ||||
| 		.then(function(key) { | ||||
| 		.then(function (key) { | ||||
| 			if ('der' === infile || 'der' === format) { | ||||
| 				key.private = key.private.toString('binary'); | ||||
| 				key.public = key.public.toString('binary'); | ||||
| @ -31,7 +31,7 @@ if ( | ||||
| 			console.log(key.private); | ||||
| 			console.log(key.public); | ||||
| 		}) | ||||
| 		.catch(function(err) { | ||||
| 		.catch(function (err) { | ||||
| 			console.error(err); | ||||
| 			process.exit(1); | ||||
| 		}); | ||||
| @ -58,10 +58,10 @@ if ('string' === typeof key) { | ||||
| 	} | ||||
| 	var pub = -1 !== ['public', 'spki', 'pkix'].indexOf(format); | ||||
| 	Eckles.import({ pem: key, public: pub || format }) | ||||
| 		.then(function(jwk) { | ||||
| 		.then(function (jwk) { | ||||
| 			console.log(JSON.stringify(jwk, null, 2)); | ||||
| 		}) | ||||
| 		.catch(function(err) { | ||||
| 		.catch(function (err) { | ||||
| 			console.error(err); | ||||
| 			process.exit(1); | ||||
| 		}); | ||||
| @ -71,10 +71,10 @@ if ('string' === typeof key) { | ||||
| 		return; | ||||
| 	} | ||||
| 	Eckles.export({ jwk: key, format: format }) | ||||
| 		.then(function(pem) { | ||||
| 		.then(function (pem) { | ||||
| 			console.log(pem); | ||||
| 		}) | ||||
| 		.catch(function(err) { | ||||
| 		.catch(function (err) { | ||||
| 			console.error(err); | ||||
| 			process.exit(2); | ||||
| 		}); | ||||
|  | ||||
							
								
								
									
										12
									
								
								bin/rasha.js
									
									
									
									
									
								
							
							
						
						
									
										12
									
								
								bin/rasha.js
									
									
									
									
									
								
							| @ -29,7 +29,7 @@ if ( | ||||
| 		modulusLength: parseInt(format, 10) || 2048, | ||||
| 		encoding: parseInt(format, 10) ? null : format | ||||
| 	}) | ||||
| 		.then(function(key) { | ||||
| 		.then(function (key) { | ||||
| 			if ('der' === infile || 'der' === format) { | ||||
| 				key.private = key.private.toString('binary'); | ||||
| 				key.public = key.public.toString('binary'); | ||||
| @ -37,7 +37,7 @@ if ( | ||||
| 			console.info(key.private); | ||||
| 			console.info(key.public); | ||||
| 		}) | ||||
| 		.catch(function(err) { | ||||
| 		.catch(function (err) { | ||||
| 			console.error(err); | ||||
| 			process.exit(1); | ||||
| 		}); | ||||
| @ -74,10 +74,10 @@ if ('string' === typeof key) { | ||||
| 
 | ||||
| 	var pub = -1 !== ['public', 'spki', 'pkix'].indexOf(format); | ||||
| 	Rasha.import({ pem: key, public: pub || format }) | ||||
| 		.then(function(jwk) { | ||||
| 		.then(function (jwk) { | ||||
| 			console.info(JSON.stringify(jwk, null, 2)); | ||||
| 		}) | ||||
| 		.catch(function(err) { | ||||
| 		.catch(function (err) { | ||||
| 			console.error(err); | ||||
| 			process.exit(1); | ||||
| 		}); | ||||
| @ -87,14 +87,14 @@ if ('string' === typeof key) { | ||||
| 		return; | ||||
| 	} | ||||
| 	Rasha.export({ jwk: key, format: format }) | ||||
| 		.then(function(pem) { | ||||
| 		.then(function (pem) { | ||||
| 			if (sign) { | ||||
| 				signMessage(pem, msg); | ||||
| 				return; | ||||
| 			} | ||||
| 			console.info(pem); | ||||
| 		}) | ||||
| 		.catch(function(err) { | ||||
| 		.catch(function (err) { | ||||
| 			console.error(err); | ||||
| 			process.exit(2); | ||||
| 		}); | ||||
|  | ||||
							
								
								
									
										26
									
								
								ecdsa.js
									
									
									
									
									
								
							
							
						
						
									
										26
									
								
								ecdsa.js
									
									
									
									
									
								
							| @ -29,8 +29,8 @@ EC._universal = | ||||
| 	'Bluecrypt only supports crypto with standard cross-browser and cross-platform support.'; | ||||
| EC.generate = native.generate; | ||||
| 
 | ||||
| EC.export = function(opts) { | ||||
| 	return Promise.resolve().then(function() { | ||||
| EC.export = function (opts) { | ||||
| 	return Promise.resolve().then(function () { | ||||
| 		if (!opts || !opts.jwk || 'object' !== typeof opts.jwk) { | ||||
| 			throw new Error('must pass { jwk: jwk } as a JSON object'); | ||||
| 		} | ||||
| @ -109,8 +109,8 @@ EC.export = function(opts) { | ||||
| }; | ||||
| native.export = EC.export; | ||||
| 
 | ||||
| EC.import = function(opts) { | ||||
| 	return Promise.resolve().then(function() { | ||||
| EC.import = function (opts) { | ||||
| 	return Promise.resolve().then(function () { | ||||
| 		if (!opts || !opts.pem || 'string' !== typeof opts.pem) { | ||||
| 			throw new Error('must pass { pem: pem } as a string'); | ||||
| 		} | ||||
| @ -178,18 +178,18 @@ EC.import = function(opts) { | ||||
| }; | ||||
| native.import = EC.import; | ||||
| 
 | ||||
| EC.pack = function(opts) { | ||||
| 	return Promise.resolve().then(function() { | ||||
| EC.pack = function (opts) { | ||||
| 	return Promise.resolve().then(function () { | ||||
| 		return EC.export(opts); | ||||
| 	}); | ||||
| }; | ||||
| 
 | ||||
| // Chopping off the private parts is now part of the public API.
 | ||||
| // I thought it sounded a little too crude at first, but it really is the best name in every possible way.
 | ||||
| EC.neuter = function(opts) { | ||||
| EC.neuter = function (opts) { | ||||
| 	// trying to find the best balance of an immutable copy with custom attributes
 | ||||
| 	var jwk = {}; | ||||
| 	Object.keys(opts.jwk).forEach(function(k) { | ||||
| 	Object.keys(opts.jwk).forEach(function (k) { | ||||
| 		if ('undefined' === typeof opts.jwk[k]) { | ||||
| 			return; | ||||
| 		} | ||||
| @ -204,7 +204,7 @@ EC.neuter = function(opts) { | ||||
| native.neuter = EC.neuter; | ||||
| 
 | ||||
| // https://stackoverflow.com/questions/42588786/how-to-fingerprint-a-jwk
 | ||||
| EC.__thumbprint = function(jwk) { | ||||
| EC.__thumbprint = function (jwk) { | ||||
| 	// Use the same entropy for SHA as for key
 | ||||
| 	var alg = 'SHA-256'; | ||||
| 	if (/384/.test(jwk.crv)) { | ||||
| @ -218,20 +218,20 @@ EC.__thumbprint = function(jwk) { | ||||
| 		'","y":"' + | ||||
| 		jwk.y + | ||||
| 		'"}'; | ||||
| 	return sha2.sum(alg, payload).then(function(hash) { | ||||
| 	return sha2.sum(alg, payload).then(function (hash) { | ||||
| 		return Enc.bufToUrlBase64(Uint8Array.from(hash)); | ||||
| 	}); | ||||
| }; | ||||
| 
 | ||||
| EC.thumbprint = function(opts) { | ||||
| 	return Promise.resolve().then(function() { | ||||
| EC.thumbprint = function (opts) { | ||||
| 	return Promise.resolve().then(function () { | ||||
| 		var jwk; | ||||
| 		if ('EC' === opts.kty) { | ||||
| 			jwk = opts; | ||||
| 		} else if (opts.jwk) { | ||||
| 			jwk = opts.jwk; | ||||
| 		} else { | ||||
| 			return native.import(opts).then(function(jwk) { | ||||
| 			return native.import(opts).then(function (jwk) { | ||||
| 				return EC.__thumbprint(jwk); | ||||
| 			}); | ||||
| 		} | ||||
|  | ||||
							
								
								
									
										66
									
								
								keypairs.js
									
									
									
									
									
								
							
							
						
						
									
										66
									
								
								keypairs.js
									
									
									
									
									
								
							| @ -9,7 +9,7 @@ var Rasha = require('./rsa.js'); | ||||
| var Eckles = require('./ecdsa.js'); | ||||
| var native = require('./lib/node/keypairs.js'); | ||||
| 
 | ||||
| Keypairs.parse = function(opts) { | ||||
| Keypairs.parse = function (opts) { | ||||
| 	opts = opts || {}; | ||||
| 
 | ||||
| 	var err; | ||||
| @ -21,7 +21,7 @@ Keypairs.parse = function(opts) { | ||||
| 		try { | ||||
| 			jwk = JSON.parse(opts.key); | ||||
| 			p = Keypairs.export({ jwk: jwk }) | ||||
| 				.catch(function(e) { | ||||
| 				.catch(function (e) { | ||||
| 					pem = opts.key; | ||||
| 					err = new Error( | ||||
| 						"Not a valid jwk '" + | ||||
| @ -32,11 +32,11 @@ Keypairs.parse = function(opts) { | ||||
| 					err.code = 'EINVALID'; | ||||
| 					return Promise.reject(err); | ||||
| 				}) | ||||
| 				.then(function() { | ||||
| 				.then(function () { | ||||
| 					return jwk; | ||||
| 				}); | ||||
| 		} catch (e) { | ||||
| 			p = Keypairs.import({ pem: opts.key }).catch(function(e) { | ||||
| 			p = Keypairs.import({ pem: opts.key }).catch(function (e) { | ||||
| 				err = new Error( | ||||
| 					'Could not parse key (type ' + | ||||
| 						typeof opts.key + | ||||
| @ -53,10 +53,10 @@ Keypairs.parse = function(opts) { | ||||
| 		p = Promise.resolve(opts.key); | ||||
| 	} | ||||
| 
 | ||||
| 	return p.then(function(jwk) { | ||||
| 	return p.then(function (jwk) { | ||||
| 		var pubopts = JSON.parse(JSON.stringify(opts)); | ||||
| 		pubopts.jwk = jwk; | ||||
| 		return Keypairs.publish(pubopts).then(function(pub) { | ||||
| 		return Keypairs.publish(pubopts).then(function (pub) { | ||||
| 			// 'd' happens to be the name of a private part of both RSA and ECDSA keys
 | ||||
| 			if (opts.public || opts.publish || !jwk.d) { | ||||
| 				if (opts.private) { | ||||
| @ -75,13 +75,13 @@ Keypairs.parse = function(opts) { | ||||
| 	}); | ||||
| }; | ||||
| 
 | ||||
| Keypairs.parseOrGenerate = function(opts) { | ||||
| Keypairs.parseOrGenerate = function (opts) { | ||||
| 	if (!opts.key) { | ||||
| 		return Keypairs.generate(opts); | ||||
| 	} | ||||
| 	opts.private = true; | ||||
| 	return Keypairs.parse(opts).catch(function(e) { | ||||
| 		return Keypairs.generate(opts).then(function(pair) { | ||||
| 	return Keypairs.parse(opts).catch(function (e) { | ||||
| 		return Keypairs.generate(opts).then(function (pair) { | ||||
| 			pair.parseError = e; | ||||
| 			return pair; | ||||
| 		}); | ||||
| @ -93,7 +93,7 @@ Keypairs._stance = | ||||
| 	" properly and securely use non-standard crypto then you shouldn't need Bluecrypt anyway."; | ||||
| Keypairs._universal = | ||||
| 	'Bluecrypt only supports crypto with standard cross-browser and cross-platform support.'; | ||||
| Keypairs.generate = function(opts) { | ||||
| Keypairs.generate = function (opts) { | ||||
| 	opts = opts || {}; | ||||
| 	var p; | ||||
| 	if (!opts.kty) { | ||||
| @ -117,8 +117,8 @@ Keypairs.generate = function(opts) { | ||||
| 			) | ||||
| 		); | ||||
| 	} | ||||
| 	return p.then(function(pair) { | ||||
| 		return Keypairs.thumbprint({ jwk: pair.public }).then(function(thumb) { | ||||
| 	return p.then(function (pair) { | ||||
| 		return Keypairs.thumbprint({ jwk: pair.public }).then(function (thumb) { | ||||
| 			pair.private.kid = thumb; // maybe not the same id on the private key?
 | ||||
| 			pair.public.kid = thumb; | ||||
| 			return pair; | ||||
| @ -126,22 +126,22 @@ Keypairs.generate = function(opts) { | ||||
| 	}); | ||||
| }; | ||||
| 
 | ||||
| Keypairs.import = function(opts) { | ||||
| Keypairs.import = function (opts) { | ||||
| 	return Eckles.import(opts) | ||||
| 		.catch(function() { | ||||
| 		.catch(function () { | ||||
| 			return Rasha.import(opts); | ||||
| 		}) | ||||
| 		.then(function(jwk) { | ||||
| 			return Keypairs.thumbprint({ jwk: jwk }).then(function(thumb) { | ||||
| 		.then(function (jwk) { | ||||
| 			return Keypairs.thumbprint({ jwk: jwk }).then(function (thumb) { | ||||
| 				jwk.kid = thumb; | ||||
| 				return jwk; | ||||
| 			}); | ||||
| 		}); | ||||
| }; | ||||
| 
 | ||||
| Keypairs.export = function(opts) { | ||||
| 	return Eckles.export(opts).catch(function(err) { | ||||
| 		return Rasha.export(opts).catch(function() { | ||||
| Keypairs.export = function (opts) { | ||||
| 	return Eckles.export(opts).catch(function (err) { | ||||
| 		return Rasha.export(opts).catch(function () { | ||||
| 			return Promise.reject(err); | ||||
| 		}); | ||||
| 	}); | ||||
| @ -153,10 +153,10 @@ native.export = Keypairs.export; | ||||
|  * Chopping off the private parts is now part of the public API. | ||||
|  * I thought it sounded a little too crude at first, but it really is the best name in every possible way. | ||||
|  */ | ||||
| Keypairs.neuter = function(opts) { | ||||
| Keypairs.neuter = function (opts) { | ||||
| 	/** trying to find the best balance of an immutable copy with custom attributes */ | ||||
| 	var jwk = {}; | ||||
| 	Object.keys(opts.jwk).forEach(function(k) { | ||||
| 	Object.keys(opts.jwk).forEach(function (k) { | ||||
| 		if ('undefined' === typeof opts.jwk[k]) { | ||||
| 			return; | ||||
| 		} | ||||
| @ -169,8 +169,8 @@ Keypairs.neuter = function(opts) { | ||||
| 	return jwk; | ||||
| }; | ||||
| 
 | ||||
| Keypairs.thumbprint = function(opts) { | ||||
| 	return Promise.resolve().then(function() { | ||||
| Keypairs.thumbprint = function (opts) { | ||||
| 	return Promise.resolve().then(function () { | ||||
| 		if (/EC/i.test(opts.jwk.kty)) { | ||||
| 			return Eckles.thumbprint(opts); | ||||
| 		} else { | ||||
| @ -179,7 +179,7 @@ Keypairs.thumbprint = function(opts) { | ||||
| 	}); | ||||
| }; | ||||
| 
 | ||||
| Keypairs.publish = function(opts) { | ||||
| Keypairs.publish = function (opts) { | ||||
| 	if ('object' !== typeof opts.jwk || !opts.jwk.kty) { | ||||
| 		throw new Error('invalid jwk: ' + JSON.stringify(opts.jwk)); | ||||
| 	} | ||||
| @ -205,15 +205,15 @@ Keypairs.publish = function(opts) { | ||||
| 	if (jwk.kid) { | ||||
| 		return Promise.resolve(jwk); | ||||
| 	} | ||||
| 	return Keypairs.thumbprint({ jwk: jwk }).then(function(thumb) { | ||||
| 	return Keypairs.thumbprint({ jwk: jwk }).then(function (thumb) { | ||||
| 		jwk.kid = thumb; | ||||
| 		return jwk; | ||||
| 	}); | ||||
| }; | ||||
| 
 | ||||
| // JWT a.k.a. JWS with Claims using Compact Serialization
 | ||||
| Keypairs.signJwt = function(opts) { | ||||
| 	return Keypairs.thumbprint({ jwk: opts.jwk }).then(function(thumb) { | ||||
| Keypairs.signJwt = function (opts) { | ||||
| 	return Keypairs.thumbprint({ jwk: opts.jwk }).then(function (thumb) { | ||||
| 		var header = opts.header || {}; | ||||
| 		var claims = JSON.parse(JSON.stringify(opts.claims || {})); | ||||
| 		header.typ = 'JWT'; | ||||
| @ -260,14 +260,14 @@ Keypairs.signJwt = function(opts) { | ||||
| 			protected: header, | ||||
| 			header: undefined, | ||||
| 			payload: claims | ||||
| 		}).then(function(jws) { | ||||
| 		}).then(function (jws) { | ||||
| 			return [jws.protected, jws.payload, jws.signature].join('.'); | ||||
| 		}); | ||||
| 	}); | ||||
| }; | ||||
| 
 | ||||
| Keypairs.signJws = function(opts) { | ||||
| 	return Keypairs.thumbprint(opts).then(function(thumb) { | ||||
| Keypairs.signJws = function (opts) { | ||||
| 	return Keypairs.thumbprint(opts).then(function (thumb) { | ||||
| 		function alg() { | ||||
| 			if (!opts.jwk) { | ||||
| 				throw new Error("opts.jwk must exist and must declare 'typ'"); | ||||
| @ -321,7 +321,7 @@ Keypairs.signJws = function(opts) { | ||||
| 			var payload64 = Enc.bufToUrlBase64(payload); | ||||
| 			var msg = protected64 + '.' + payload64; | ||||
| 
 | ||||
| 			return native._sign(opts, msg).then(function(buf) { | ||||
| 			return native._sign(opts, msg).then(function (buf) { | ||||
| 				var signedMsg = { | ||||
| 					protected: protected64, | ||||
| 					payload: payload64, | ||||
| @ -335,7 +335,7 @@ Keypairs.signJws = function(opts) { | ||||
| 		if (opts.jwk) { | ||||
| 			return sign(); | ||||
| 		} else { | ||||
| 			return Keypairs.import({ pem: opts.pem }).then(function(pair) { | ||||
| 			return Keypairs.import({ pem: opts.pem }).then(function (pair) { | ||||
| 				opts.jwk = pair.private; | ||||
| 				return sign(); | ||||
| 			}); | ||||
| @ -346,7 +346,7 @@ Keypairs.signJws = function(opts) { | ||||
| // TODO expose consistently
 | ||||
| Keypairs.sign = native._sign; | ||||
| 
 | ||||
| Keypairs._getBits = function(opts) { | ||||
| Keypairs._getBits = function (opts) { | ||||
| 	if (opts.alg) { | ||||
| 		return opts.alg.replace(/[a-z\-]/gi, ''); | ||||
| 	} | ||||
|  | ||||
| @ -4,7 +4,7 @@ var native = module.exports; | ||||
| // XXX received from caller
 | ||||
| var EC = native; | ||||
| 
 | ||||
| native.generate = function(opts) { | ||||
| native.generate = function (opts) { | ||||
| 	var wcOpts = {}; | ||||
| 	if (!opts) { | ||||
| 		opts = {}; | ||||
| @ -41,10 +41,10 @@ native.generate = function(opts) { | ||||
| 	var extractable = true; | ||||
| 	return window.crypto.subtle | ||||
| 		.generateKey(wcOpts, extractable, ['sign', 'verify']) | ||||
| 		.then(function(result) { | ||||
| 		.then(function (result) { | ||||
| 			return window.crypto.subtle | ||||
| 				.exportKey('jwk', result.privateKey) | ||||
| 				.then(function(privJwk) { | ||||
| 				.then(function (privJwk) { | ||||
| 					privJwk.key_ops = undefined; | ||||
| 					privJwk.ext = undefined; | ||||
| 					return { | ||||
|  | ||||
| @ -2,8 +2,8 @@ | ||||
| 
 | ||||
| var Keypairs = module.exports; | ||||
| 
 | ||||
| Keypairs._sign = function(opts, payload) { | ||||
| 	return Keypairs._import(opts).then(function(privkey) { | ||||
| Keypairs._sign = function (opts, payload) { | ||||
| 	return Keypairs._import(opts).then(function (privkey) { | ||||
| 		if ('string' === typeof payload) { | ||||
| 			payload = new TextEncoder().encode(payload); | ||||
| 		} | ||||
| @ -17,7 +17,7 @@ Keypairs._sign = function(opts, payload) { | ||||
| 				privkey, | ||||
| 				payload | ||||
| 			) | ||||
| 			.then(function(signature) { | ||||
| 			.then(function (signature) { | ||||
| 				signature = new Uint8Array(signature); // ArrayBuffer -> u8
 | ||||
| 				// This will come back into play for CSRs, but not for JOSE
 | ||||
| 				if ('EC' === opts.jwk.kty && /x509|asn1/i.test(opts.format)) { | ||||
| @ -30,8 +30,8 @@ Keypairs._sign = function(opts, payload) { | ||||
| 	}); | ||||
| }; | ||||
| 
 | ||||
| Keypairs._import = function(opts) { | ||||
| 	return Promise.resolve().then(function() { | ||||
| Keypairs._import = function (opts) { | ||||
| 	return Promise.resolve().then(function () { | ||||
| 		var ops; | ||||
| 		// all private keys just happen to have a 'd'
 | ||||
| 		if (opts.jwk.d) { | ||||
| @ -55,7 +55,7 @@ Keypairs._import = function(opts) { | ||||
| 				true, | ||||
| 				ops | ||||
| 			) | ||||
| 			.then(function(privkey) { | ||||
| 			.then(function (privkey) { | ||||
| 				delete opts.jwk.ext; | ||||
| 				return privkey; | ||||
| 			}); | ||||
| @ -64,7 +64,7 @@ Keypairs._import = function(opts) { | ||||
| 
 | ||||
| // ECDSA JOSE / JWS / JWT signatures differ from "normal" ASN1/X509 ECDSA signatures
 | ||||
| // https://tools.ietf.org/html/rfc7518#section-3.4
 | ||||
| Keypairs._ecdsaJoseSigToAsn1Sig = function(bufsig) { | ||||
| Keypairs._ecdsaJoseSigToAsn1Sig = function (bufsig) { | ||||
| 	// it's easier to do the manipulation in the browser with an array
 | ||||
| 	bufsig = Array.from(bufsig); | ||||
| 	var hlen = bufsig.length / 2; // should be even
 | ||||
| @ -99,7 +99,7 @@ Keypairs._ecdsaJoseSigToAsn1Sig = function(bufsig) { | ||||
| 	); | ||||
| }; | ||||
| 
 | ||||
| Keypairs._getName = function(opts) { | ||||
| Keypairs._getName = function (opts) { | ||||
| 	if (/EC/i.test(opts.jwk.kty)) { | ||||
| 		return 'ECDSA'; | ||||
| 	} else { | ||||
|  | ||||
| @ -4,7 +4,7 @@ var native = module.exports; | ||||
| // XXX added by caller: _stance, neuter
 | ||||
| var RSA = native; | ||||
| 
 | ||||
| native.generate = function(opts) { | ||||
| native.generate = function (opts) { | ||||
| 	var wcOpts = {}; | ||||
| 	if (!opts) { | ||||
| 		opts = {}; | ||||
| @ -46,10 +46,10 @@ native.generate = function(opts) { | ||||
| 	var extractable = true; | ||||
| 	return window.crypto.subtle | ||||
| 		.generateKey(wcOpts, extractable, ['sign', 'verify']) | ||||
| 		.then(function(result) { | ||||
| 		.then(function (result) { | ||||
| 			return window.crypto.subtle | ||||
| 				.exportKey('jwk', result.privateKey) | ||||
| 				.then(function(privJwk) { | ||||
| 				.then(function (privJwk) { | ||||
| 					return { | ||||
| 						private: privJwk, | ||||
| 						public: RSA.neuter({ jwk: privJwk }) | ||||
|  | ||||
| @ -3,7 +3,7 @@ | ||||
| var sha2 = module.exports; | ||||
| 
 | ||||
| var encoder = new TextEncoder(); | ||||
| sha2.sum = function(alg, str) { | ||||
| sha2.sum = function (alg, str) { | ||||
| 	var data = str; | ||||
| 	if ('string' === typeof data) { | ||||
| 		data = encoder.encode(str); | ||||
|  | ||||
| @ -5,8 +5,8 @@ var native = module.exports; | ||||
| var EC = native; | ||||
| // TODO SSH
 | ||||
| 
 | ||||
| native.generate = function(opts) { | ||||
| 	return Promise.resolve().then(function() { | ||||
| native.generate = function (opts) { | ||||
| 	return Promise.resolve().then(function () { | ||||
| 		var typ = 'ec'; | ||||
| 		var format = opts.format; | ||||
| 		var encoding = opts.encoding; | ||||
| @ -48,7 +48,7 @@ native.generate = function(opts) { | ||||
| 			pub = { type: 'spki', format: 'pem' }; | ||||
| 		} | ||||
| 
 | ||||
| 		return new Promise(function(resolve, reject) { | ||||
| 		return new Promise(function (resolve, reject) { | ||||
| 			return require('crypto').generateKeyPair( | ||||
| 				typ, | ||||
| 				{ | ||||
| @ -56,7 +56,7 @@ native.generate = function(opts) { | ||||
| 					privateKeyEncoding: priv, | ||||
| 					publicKeyEncoding: pub | ||||
| 				}, | ||||
| 				function(err, pubkey, privkey) { | ||||
| 				function (err, pubkey, privkey) { | ||||
| 					if (err) { | ||||
| 						reject(err); | ||||
| 					} | ||||
| @ -66,7 +66,7 @@ native.generate = function(opts) { | ||||
| 					}); | ||||
| 				} | ||||
| 			); | ||||
| 		}).then(function(keypair) { | ||||
| 		}).then(function (keypair) { | ||||
| 			if ('jwk' === format) { | ||||
| 				return Promise.all([ | ||||
| 					native.import({ | ||||
| @ -78,7 +78,7 @@ native.generate = function(opts) { | ||||
| 						format: pub.type, | ||||
| 						public: true | ||||
| 					}) | ||||
| 				]).then(function(pair) { | ||||
| 				]).then(function (pair) { | ||||
| 					return { | ||||
| 						private: pair[0], | ||||
| 						public: pair[1] | ||||
| @ -96,12 +96,12 @@ native.generate = function(opts) { | ||||
| 					format: format, | ||||
| 					public: true | ||||
| 				}) | ||||
| 				.then(function(jwk) { | ||||
| 				.then(function (jwk) { | ||||
| 					return EC.export({ | ||||
| 						jwk: jwk, | ||||
| 						format: opts.format, | ||||
| 						public: true | ||||
| 					}).then(function(pub) { | ||||
| 					}).then(function (pub) { | ||||
| 						return { | ||||
| 							private: keypair.private, | ||||
| 							public: pub | ||||
|  | ||||
| @ -4,7 +4,7 @@ | ||||
|  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 | ||||
| 'use strict'; | ||||
| 
 | ||||
| module.exports = function(bitlen, exp) { | ||||
| module.exports = function (bitlen, exp) { | ||||
| 	var k = require('node-forge').pki.rsa.generateKeyPair({ | ||||
| 		bits: bitlen || 2048, | ||||
| 		e: exp || 0x10001 | ||||
|  | ||||
| @ -4,7 +4,7 @@ | ||||
|  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 | ||||
| 'use strict'; | ||||
| 
 | ||||
| module.exports = function(bitlen, exp) { | ||||
| module.exports = function (bitlen, exp) { | ||||
| 	var keypair = require('crypto').generateKeyPairSync('rsa', { | ||||
| 		modulusLength: bitlen, | ||||
| 		publicExponent: exp, | ||||
|  | ||||
| @ -4,7 +4,7 @@ | ||||
|  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 | ||||
| 'use strict'; | ||||
| 
 | ||||
| module.exports = function(bitlen, exp) { | ||||
| module.exports = function (bitlen, exp) { | ||||
| 	var ursa; | ||||
| 	try { | ||||
| 		ursa = require('ursa'); | ||||
| @ -13,10 +13,7 @@ module.exports = function(bitlen, exp) { | ||||
| 	} | ||||
| 	var keypair = ursa.generatePrivateKey(bitlen, exp); | ||||
| 	var result = { | ||||
| 		privateKeyPem: keypair | ||||
| 			.toPrivatePem() | ||||
| 			.toString('ascii') | ||||
| 			.trim() | ||||
| 		privateKeyPem: keypair.toPrivatePem().toString('ascii').trim() | ||||
| 	}; | ||||
| 	return result; | ||||
| }; | ||||
|  | ||||
| @ -6,7 +6,7 @@ | ||||
| 
 | ||||
| var oldver = false; | ||||
| 
 | ||||
| module.exports = function(bitlen, exp) { | ||||
| module.exports = function (bitlen, exp) { | ||||
| 	bitlen = parseInt(bitlen, 10) || 2048; | ||||
| 	exp = parseInt(exp, 10) || 65537; | ||||
| 
 | ||||
|  | ||||
| @ -3,17 +3,14 @@ | ||||
| var Keypairs = module.exports; | ||||
| var crypto = require('crypto'); | ||||
| 
 | ||||
| Keypairs._sign = function(opts, payload) { | ||||
| 	return Keypairs._import(opts).then(function(pem) { | ||||
| Keypairs._sign = function (opts, payload) { | ||||
| 	return Keypairs._import(opts).then(function (pem) { | ||||
| 		payload = Buffer.from(payload); | ||||
| 
 | ||||
| 		// node specifies RSA-SHAxxx even when it's actually ecdsa (it's all encoded x509 shasums anyway)
 | ||||
| 		// TODO opts.alg = (protect||header).alg
 | ||||
| 		var nodeAlg = 'SHA' + Keypairs._getBits(opts); | ||||
| 		var binsig = crypto | ||||
| 			.createSign(nodeAlg) | ||||
| 			.update(payload) | ||||
| 			.sign(pem); | ||||
| 		var binsig = crypto.createSign(nodeAlg).update(payload).sign(pem); | ||||
| 
 | ||||
| 		if ('EC' === opts.jwk.kty && !/x509|asn1/i.test(opts.format)) { | ||||
| 			// ECDSA JWT signatures differ from "normal" ECDSA signatures
 | ||||
| @ -25,7 +22,7 @@ Keypairs._sign = function(opts, payload) { | ||||
| 	}); | ||||
| }; | ||||
| 
 | ||||
| Keypairs._import = function(opts) { | ||||
| Keypairs._import = function (opts) { | ||||
| 	if (opts.pem && opts.jwk) { | ||||
| 		return Promise.resolve(opts.pem); | ||||
| 	} else { | ||||
| @ -34,7 +31,7 @@ Keypairs._import = function(opts) { | ||||
| 	} | ||||
| }; | ||||
| 
 | ||||
| Keypairs._ecdsaAsn1SigToJoseSig = function(binsig) { | ||||
| Keypairs._ecdsaAsn1SigToJoseSig = function (binsig) { | ||||
| 	// should have asn1 sequence header of 0x30
 | ||||
| 	if (0x30 !== binsig[0]) { | ||||
| 		throw new Error('Impossible EC SHA head marker'); | ||||
|  | ||||
| @ -7,9 +7,9 @@ var RSA = native; | ||||
| var PEM = require('@root/pem'); | ||||
| var X509 = require('@root/x509'); | ||||
| 
 | ||||
| native.generate = function(opts) { | ||||
| native.generate = function (opts) { | ||||
| 	opts.kty = 'RSA'; | ||||
| 	return native._generate(opts).then(function(pair) { | ||||
| 	return native._generate(opts).then(function (pair) { | ||||
| 		var format = opts.format; | ||||
| 		var encoding = opts.encoding; | ||||
| 
 | ||||
| @ -74,23 +74,23 @@ native.generate = function(opts) { | ||||
| 		} | ||||
| 
 | ||||
| 		var exOpts = { jwk: pair.private, format: format, encoding: encoding }; | ||||
| 		return RSA.export(exOpts).then(function(priv) { | ||||
| 		return RSA.export(exOpts).then(function (priv) { | ||||
| 			exOpts.public = true; | ||||
| 			if ('pkcs8' === exOpts.format) { | ||||
| 				exOpts.format = 'spki'; | ||||
| 			} | ||||
| 			return RSA.export(exOpts).then(function(pub) { | ||||
| 			return RSA.export(exOpts).then(function (pub) { | ||||
| 				return { private: priv, public: pub }; | ||||
| 			}); | ||||
| 		}); | ||||
| 	}); | ||||
| }; | ||||
| 
 | ||||
| native._generate = function(opts) { | ||||
| native._generate = function (opts) { | ||||
| 	if (!opts) { | ||||
| 		opts = {}; | ||||
| 	} | ||||
| 	return new Promise(function(resolve, reject) { | ||||
| 	return new Promise(function (resolve, reject) { | ||||
| 		try { | ||||
| 			var modlen = opts.modulusLength || 2048; | ||||
| 			var exp = opts.publicExponent || 0x10001; | ||||
|  | ||||
| @ -4,14 +4,11 @@ | ||||
| var sha2 = module.exports; | ||||
| var crypto = require('crypto'); | ||||
| 
 | ||||
| sha2.sum = function(alg, str) { | ||||
| 	return Promise.resolve().then(function() { | ||||
| sha2.sum = function (alg, str) { | ||||
| 	return Promise.resolve().then(function () { | ||||
| 		var sha = 'sha' + String(alg).replace(/^sha-?/i, ''); | ||||
| 		// utf8 is the default for strings
 | ||||
| 		var buf = Buffer.from(str); | ||||
| 		return crypto | ||||
| 			.createHash(sha) | ||||
| 			.update(buf) | ||||
| 			.digest(); | ||||
| 		return crypto.createHash(sha).update(buf).digest(); | ||||
| 	}); | ||||
| }; | ||||
|  | ||||
							
								
								
									
										26
									
								
								rsa.js
									
									
									
									
									
								
							
							
						
						
									
										26
									
								
								rsa.js
									
									
									
									
									
								
							| @ -20,10 +20,10 @@ RSA.generate = native.generate; | ||||
| 
 | ||||
| // Chopping off the private parts is now part of the public API.
 | ||||
| // I thought it sounded a little too crude at first, but it really is the best name in every possible way.
 | ||||
| RSA.neuter = function(opts) { | ||||
| RSA.neuter = function (opts) { | ||||
| 	// trying to find the best balance of an immutable copy with custom attributes
 | ||||
| 	var jwk = {}; | ||||
| 	Object.keys(opts.jwk).forEach(function(k) { | ||||
| 	Object.keys(opts.jwk).forEach(function (k) { | ||||
| 		if ('undefined' === typeof opts.jwk[k]) { | ||||
| 			return; | ||||
| 		} | ||||
| @ -38,7 +38,7 @@ RSA.neuter = function(opts) { | ||||
| native.neuter = RSA.neuter; | ||||
| 
 | ||||
| // https://stackoverflow.com/questions/42588786/how-to-fingerprint-a-jwk
 | ||||
| RSA.__thumbprint = function(jwk) { | ||||
| RSA.__thumbprint = function (jwk) { | ||||
| 	// Use the same entropy for SHA as for key
 | ||||
| 	var len = Math.floor(jwk.n.length * 0.75); | ||||
| 	var alg = 'SHA-256'; | ||||
| @ -51,20 +51,20 @@ RSA.__thumbprint = function(jwk) { | ||||
| 	} | ||||
| 	return sha2 | ||||
| 		.sum(alg, '{"e":"' + jwk.e + '","kty":"RSA","n":"' + jwk.n + '"}') | ||||
| 		.then(function(hash) { | ||||
| 		.then(function (hash) { | ||||
| 			return Enc.bufToUrlBase64(Uint8Array.from(hash)); | ||||
| 		}); | ||||
| }; | ||||
| 
 | ||||
| RSA.thumbprint = function(opts) { | ||||
| 	return Promise.resolve().then(function() { | ||||
| RSA.thumbprint = function (opts) { | ||||
| 	return Promise.resolve().then(function () { | ||||
| 		var jwk; | ||||
| 		if ('EC' === opts.kty) { | ||||
| 			jwk = opts; | ||||
| 		} else if (opts.jwk) { | ||||
| 			jwk = opts.jwk; | ||||
| 		} else { | ||||
| 			return RSA.import(opts).then(function(jwk) { | ||||
| 			return RSA.import(opts).then(function (jwk) { | ||||
| 				return RSA.__thumbprint(jwk); | ||||
| 			}); | ||||
| 		} | ||||
| @ -72,8 +72,8 @@ RSA.thumbprint = function(opts) { | ||||
| 	}); | ||||
| }; | ||||
| 
 | ||||
| RSA.export = function(opts) { | ||||
| 	return Promise.resolve().then(function() { | ||||
| RSA.export = function (opts) { | ||||
| 	return Promise.resolve().then(function () { | ||||
| 		if (!opts || !opts.jwk || 'object' !== typeof opts.jwk) { | ||||
| 			throw new Error('must pass { jwk: jwk }'); | ||||
| 		} | ||||
| @ -152,16 +152,16 @@ RSA.export = function(opts) { | ||||
| }; | ||||
| native.export = RSA.export; | ||||
| 
 | ||||
| RSA.pack = function(opts) { | ||||
| RSA.pack = function (opts) { | ||||
| 	// wrapped in a promise for API compatibility
 | ||||
| 	// with the forthcoming browser version
 | ||||
| 	// (and potential future native node capability)
 | ||||
| 	return Promise.resolve().then(function() { | ||||
| 	return Promise.resolve().then(function () { | ||||
| 		return RSA.export(opts); | ||||
| 	}); | ||||
| }; | ||||
| 
 | ||||
| RSA._importSync = function(opts) { | ||||
| RSA._importSync = function (opts) { | ||||
| 	if (!opts || !opts.pem || 'string' !== typeof opts.pem) { | ||||
| 		throw new Error('must pass { pem: pem } as a string'); | ||||
| 	} | ||||
| @ -185,7 +185,7 @@ RSA.parse = function parseRsa(opts) { | ||||
| 	// wrapped in a promise for API compatibility
 | ||||
| 	// with the forthcoming browser version
 | ||||
| 	// (and potential future native node capability)
 | ||||
| 	return Promise.resolve().then(function() { | ||||
| 	return Promise.resolve().then(function () { | ||||
| 		return RSA._importSync(opts); | ||||
| 	}); | ||||
| }; | ||||
|  | ||||
| @ -4,7 +4,7 @@ var Keypairs = require('../'); | ||||
| 
 | ||||
| /* global Promise*/ | ||||
| Keypairs.parseOrGenerate({ key: null }) | ||||
| 	.then(function(pair) { | ||||
| 	.then(function (pair) { | ||||
| 		// should NOT have any warning output
 | ||||
| 		if (!pair.private || !pair.public) { | ||||
| 			throw new Error('missing key pairs'); | ||||
| @ -12,42 +12,42 @@ Keypairs.parseOrGenerate({ key: null }) | ||||
| 
 | ||||
| 		return Promise.all([ | ||||
| 			// Testing Public Part of key
 | ||||
| 			Keypairs.export({ jwk: pair.public }).then(function(pem) { | ||||
| 			Keypairs.export({ jwk: pair.public }).then(function (pem) { | ||||
| 				if (!/--BEGIN PUBLIC/.test(pem)) { | ||||
| 					throw new Error('did not export public pem'); | ||||
| 				} | ||||
| 				return Promise.all([ | ||||
| 					Keypairs.parse({ key: pem }).then(function(pair) { | ||||
| 					Keypairs.parse({ key: pem }).then(function (pair) { | ||||
| 						if (pair.private) { | ||||
| 							throw new Error("shouldn't have private part"); | ||||
| 						} | ||||
| 						return true; | ||||
| 					}), | ||||
| 					Keypairs.parse({ key: pem, private: true }) | ||||
| 						.then(function() { | ||||
| 						.then(function () { | ||||
| 							var err = new Error( | ||||
| 								'should have thrown an error when private key was required and public pem was given' | ||||
| 							); | ||||
| 							err.code = 'NOERR'; | ||||
| 							throw err; | ||||
| 						}) | ||||
| 						.catch(function(e) { | ||||
| 						.catch(function (e) { | ||||
| 							if ('NOERR' === e.code) { | ||||
| 								throw e; | ||||
| 							} | ||||
| 							return true; | ||||
| 						}) | ||||
| 				]).then(function() { | ||||
| 				]).then(function () { | ||||
| 					return true; | ||||
| 				}); | ||||
| 			}), | ||||
| 			// Testing Private Part of Key
 | ||||
| 			Keypairs.export({ jwk: pair.private }).then(function(pem) { | ||||
| 			Keypairs.export({ jwk: pair.private }).then(function (pem) { | ||||
| 				if (!/--BEGIN .*PRIVATE KEY--/.test(pem)) { | ||||
| 					throw new Error('did not export private pem: ' + pem); | ||||
| 				} | ||||
| 				return Promise.all([ | ||||
| 					Keypairs.parse({ key: pem }).then(function(pair) { | ||||
| 					Keypairs.parse({ key: pem }).then(function (pair) { | ||||
| 						if (!pair.private) { | ||||
| 							throw new Error('should have private part'); | ||||
| 						} | ||||
| @ -56,7 +56,7 @@ Keypairs.parseOrGenerate({ key: null }) | ||||
| 						} | ||||
| 						return true; | ||||
| 					}), | ||||
| 					Keypairs.parse({ key: pem, public: true }).then(function( | ||||
| 					Keypairs.parse({ key: pem, public: true }).then(function ( | ||||
| 						pair | ||||
| 					) { | ||||
| 						if (pair.private) { | ||||
| @ -69,12 +69,12 @@ Keypairs.parseOrGenerate({ key: null }) | ||||
| 						} | ||||
| 						return true; | ||||
| 					}) | ||||
| 				]).then(function() { | ||||
| 				]).then(function () { | ||||
| 					return true; | ||||
| 				}); | ||||
| 			}), | ||||
| 			Keypairs.parseOrGenerate({ key: 'not a key', public: true }).then( | ||||
| 				function(pair) { | ||||
| 				function (pair) { | ||||
| 					// SHOULD have warning output
 | ||||
| 					if (!pair.private || !pair.public) { | ||||
| 						throw new Error( | ||||
| @ -89,18 +89,18 @@ Keypairs.parseOrGenerate({ key: null }) | ||||
| 					return true; | ||||
| 				} | ||||
| 			), | ||||
| 			Keypairs.parse({ key: JSON.stringify(pair.private) }).then(function( | ||||
| 				pair | ||||
| 			) { | ||||
| 				if (!pair.private || !pair.public) { | ||||
| 					throw new Error('missing key pairs (stringified jwt)'); | ||||
| 			Keypairs.parse({ key: JSON.stringify(pair.private) }).then( | ||||
| 				function (pair) { | ||||
| 					if (!pair.private || !pair.public) { | ||||
| 						throw new Error('missing key pairs (stringified jwt)'); | ||||
| 					} | ||||
| 					return true; | ||||
| 				} | ||||
| 				return true; | ||||
| 			}), | ||||
| 			), | ||||
| 			Keypairs.parse({ | ||||
| 				key: JSON.stringify(pair.private), | ||||
| 				public: true | ||||
| 			}).then(function(pair) { | ||||
| 			}).then(function (pair) { | ||||
| 				if (pair.private) { | ||||
| 					throw new Error("has private key when it shouldn't"); | ||||
| 				} | ||||
| @ -110,14 +110,14 @@ Keypairs.parseOrGenerate({ key: null }) | ||||
| 				return true; | ||||
| 			}), | ||||
| 			Keypairs.parse({ key: JSON.stringify(pair.public), private: true }) | ||||
| 				.then(function() { | ||||
| 				.then(function () { | ||||
| 					var err = new Error( | ||||
| 						'should have thrown an error when private key was required and public jwk was given' | ||||
| 					); | ||||
| 					err.code = 'NOERR'; | ||||
| 					throw err; | ||||
| 				}) | ||||
| 				.catch(function(e) { | ||||
| 				.catch(function (e) { | ||||
| 					if ('NOERR' === e.code) { | ||||
| 						throw e; | ||||
| 					} | ||||
| @ -130,7 +130,7 @@ Keypairs.parseOrGenerate({ key: null }) | ||||
| 				alg: 'ES256', | ||||
| 				iss: 'https://example.com/', | ||||
| 				exp: '1h' | ||||
| 			}).then(function(jwt) { | ||||
| 			}).then(function (jwt) { | ||||
| 				var parts = jwt.split('.'); | ||||
| 				var now = Math.round(Date.now() / 1000); | ||||
| 				var token = { | ||||
| @ -144,10 +144,10 @@ Keypairs.parseOrGenerate({ key: null }) | ||||
| 				} | ||||
| 				throw new Error('token was not properly generated'); | ||||
| 			}) | ||||
| 		]).then(function(results) { | ||||
| 		]).then(function (results) { | ||||
| 			if ( | ||||
| 				results.length && | ||||
| 				results.every(function(v) { | ||||
| 				results.every(function (v) { | ||||
| 					return true === v; | ||||
| 				}) | ||||
| 			) { | ||||
| @ -158,7 +158,7 @@ Keypairs.parseOrGenerate({ key: null }) | ||||
| 			} | ||||
| 		}); | ||||
| 	}) | ||||
| 	.catch(function(e) { | ||||
| 	.catch(function (e) { | ||||
| 		console.error('Caught an unexpected (failing) error:'); | ||||
| 		console.error(e); | ||||
| 		process.exit(1); | ||||
|  | ||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user