old-keypairs.js/keypairs.js

'use strict';

var Eckles = require('eckles');
var Rasha = require('rasha');
var Enc = {};
var Keypairs = module.exports;

/*global Promise*/

Keypairs.generate = function (opts) {
  opts = opts || {};
  var kty = opts.kty || opts.type;
  if ('RSA' === kty) {
    return Rasha.generate(opts);
  }
  return Eckles.generate(opts);
};

Keypairs.parse = function (opts) {
  opts = opts || {};

  var err;
  var jwk;
  var pem;
  var p;

  try {
    jwk = JSON.parse(opts.key);
    p = Keypairs.export({ jwk: jwk }).catch(function (e) {
      pem = opts.key;
      err = new Error("Not a valid jwk '" + JSON.stringify(jwk) + "':" + e.message);
      err.code = "EINVALID";
      return Promise.reject(err);
    }).then(function () {
      return jwk;
    });
  } catch(e) {
    p = Keypairs.import({ pem: opts.key }).catch(function (e) {
      err = new Error("Could not parse key (type " + typeof opts.key + ") '" + opts.key + "': " + e.message);
      err.code = "EPARSE";
      return Promise.reject(err);
    });
  }

  return p.then(function (jwk) {
    var pubopts = JSON.parse(JSON.stringify(opts));
    pubopts.jwk = jwk;
    return Keypairs.publish(pubopts).then(function (pub) {
      // 'd' happens to be the name of a private part of both RSA and ECDSA keys
      if (opts.public || opts.publish || !jwk.d) {
        if (opts.private) {
          // TODO test that it can actually sign?
          err = new Error("Not a private key '" + JSON.stringify(jwk) + "'");
          err.code = "ENOTPRIVATE";
          return Promise.reject(err);
        }
        return { public: pub };
      } else {
        return { private: jwk, public: pub };
      }
    });
  });
};

Keypairs.parseOrGenerate = function (opts) {
  if (!opts.key) { return Keypairs.generate(opts); }
  opts.private = true;
  return Keypairs.parse(opts).catch(function (e) {
    console.warn(e.message);
    return Keypairs.generate(opts);
  });
};

Keypairs.import = function (opts) {
  return Eckles.import(opts).catch(function () {
    return Rasha.import(opts);
  });
};

Keypairs.export = function (opts) {
  return Promise.resolve().then(function () {
    if ('RSA' === opts.jwk.kty) {
      return Rasha.export(opts);
    } else {
      return Eckles.export(opts);
    }
  });
};

Keypairs.publish = function (opts) {
  if ('object' !== typeof opts.jwk || !opts.jwk.kty) { throw new Error("invalid jwk: " + JSON.stringify(opts.jwk)); }

  // trying to find the best balance of an immutable copy with custom attributes
  var jwk = {};
  Object.keys(opts.jwk).forEach(function (k) {
    // ignore RSA and EC private parts
    if (-1 !== ['d', 'p', 'q', 'dp', 'dq', 'qi'].indexOf(k)) { return; }
    jwk[k] = JSON.parse(JSON.stringify(opts.jwk[k]));
  });

  if (!jwk.exp) {
    if (opts.expiresIn) { jwk.exp = Math.round(Date.now()/1000) + opts.expiresIn; }
    else { jwk.exp = opts.expiresAt; }
  }
  if (!jwk.use && false !== jwk.use) { jwk.use = "sig"; }

  if (jwk.kid) { return Promise.resolve(jwk); }
  return Keypairs.thumbprint({ jwk: jwk }).then(function (thumb) { jwk.kid = thumb; return jwk; });
};

Keypairs.thumbprint = function (opts) {
  return Promise.resolve().then(function () {
    if ('RSA' === opts.jwk.kty) {
      return Rasha.thumbprint(opts);
    } else {
      return Eckles.thumbprint(opts);
    }
  });
};

// JWT a.k.a. JWS with Claims using Compact Serialization
Keypairs.signJwt = function (opts) {
  return Keypairs.thumbprint({ jwk: opts.jwk }).then(function (thumb) {
    var header = opts.header || {};
    var claims = JSON.parse(JSON.stringify(opts.claims || {}));
    header.typ = 'JWT';
    if (!header.kid) {
      header.kid = thumb;
    }
    if (false === claims.iat) {
      claims.iat = undefined;
    } else if (!claims.iat) {
      claims.iat = Math.round(Date.now()/1000);
    }
    if (false === claims.exp) {
      claims.exp = undefined;
    } else if (!claims.exp) {
      throw new Error("opts.claims.exp should be the expiration date (as seconds since the Unix epoch) or false");
    }
    if (false === claims.iss) {
      claims.iss = undefined;
    } else if (!claims.iss) {
      throw new Error("opts.claims.iss should be in the form of https://example.com/, a secure OIDC base url");
    }

    return Keypairs.signJws({
      jwk: opts.jwk
    , pem: opts.pem
    , protected: header
    , header: undefined
    , payload: claims
    }).then(function (jws) {
      return [ jws.protected, jws.payload, jws.signature ].join('.');
    });
  });
};

Keypairs.signJws = function (opts) {
  return Keypairs.thumbprint(opts).then(function (thumb) {

    function alg() {
      if (!opts.jwk) {
        throw new Error("opts.jwk must exist and must declare 'typ'");
      }
      return ('RSA' === opts.jwk.typ) ? "RS256" : "ES256";
    }

    function sign(pem) {
      var header = opts.header;
      var protect = opts.protected;
      var payload = opts.payload;

      // Compute JWS signature
      var protectedHeader = "";
      // Because unprotected headers are allowed, regrettably...
      // https://stackoverflow.com/a/46288694
      if (false !== protect) {
        if (!protect) { protect = {}; }
        if (!protect.alg) { protect.alg = alg(); }
        // There's a particular request where Let's Encrypt explicitly doesn't use a kid
        if (!protect.kid && false !== protect.kid) { protect.kid = thumb; }
        protectedHeader = JSON.stringify(protect);
      }

      // Convert payload to Buffer
      if ('string' !== typeof payload && !Buffer.isBuffer(payload)) {
        if (!payload) {
          throw new Error("opts.payload should be JSON, string, or Buffer (it may be empty, but that must be explicit)");
        }
        payload = JSON.stringify(payload);
      }
      if ('string' === typeof payload) {
        payload = Buffer.from(payload, 'binary');
      }

      // node specifies RSA-SHAxxx even whet it's actually ecdsa (it's all encoded x509 shasums anyway)
      var nodeAlg = "RSA-SHA" + (((protect||header).alg||'').replace(/^[^\d]+/, '')||'256');
      var protected64 = Enc.strToUrlBase64(protectedHeader);
      var payload64 = Enc.bufToUrlBase64(payload);
      var sig = require('crypto')
        .createSign(nodeAlg)
        .update(protect ? (protected64 + "." + payload64) : payload64)
        .sign(pem, 'base64')
        .replace(/\+/g, '-')
        .replace(/\//g, '_')
        .replace(/=/g, '')
      ;

      return {
        header: header
      , protected: protected64 || undefined
      , payload: payload64
      , signature: sig
      };
    }

    if (opts.pem && opts.jwk) {
      return sign(opts.pem);
    } else {
      return Keypairs.export({ jwk: opts.jwk }).then(sign);
    }
  });
};

Enc.strToUrlBase64 = function (str) {
  // node automatically can tell the difference
  // between uc2 (utf-8) strings and binary strings
  // so we don't have to re-encode the strings
  return Buffer.from(str).toString('base64')
    .replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, '');
};
Enc.bufToUrlBase64 = function (buf) {
  // allow for Uint8Array as a Buffer
  return Buffer.from(buf).toString('base64')
    .replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, '');
};
v1.0.0: just wrap Rasha and Eckles for now 2019-02-23 02:27:20 -07:00			`'use strict';`

			`var Eckles = require('eckles');`
			`var Rasha = require('rasha');`
v1.0.1: export and update docs 2019-02-27 00:11:50 -07:00			`var Enc = {};`
			`var Keypairs = module.exports;`
v1.0.0: just wrap Rasha and Eckles for now 2019-02-23 02:27:20 -07:00
			`/global Promise/`

			`Keypairs.generate = function (opts) {`
			`opts = opts \|\| {};`
			`var kty = opts.kty \|\| opts.type;`
			`if ('RSA' === kty) {`
			`return Rasha.generate(opts);`
			`}`
			`return Eckles.generate(opts);`
			`};`

v1.1.0: Add tests, more convenience methods, more docs 2019-03-04 17:16:25 -07:00			`Keypairs.parse = function (opts) {`
			`opts = opts \|\| {};`

			`var err;`
			`var jwk;`
			`var pem;`
			`var p;`

			`try {`
			`jwk = JSON.parse(opts.key);`
			`p = Keypairs.export({ jwk: jwk }).catch(function (e) {`
			`pem = opts.key;`
			`err = new Error("Not a valid jwk '" + JSON.stringify(jwk) + "':" + e.message);`
			`err.code = "EINVALID";`
			`return Promise.reject(err);`
			`}).then(function () {`
			`return jwk;`
			`});`
			`} catch(e) {`
			`p = Keypairs.import({ pem: opts.key }).catch(function (e) {`
			`err = new Error("Could not parse key (type " + typeof opts.key + ") '" + opts.key + "': " + e.message);`
			`err.code = "EPARSE";`
			`return Promise.reject(err);`
			`});`
			`}`

			`return p.then(function (jwk) {`
			`var pubopts = JSON.parse(JSON.stringify(opts));`
			`pubopts.jwk = jwk;`
			`return Keypairs.publish(pubopts).then(function (pub) {`
			`// 'd' happens to be the name of a private part of both RSA and ECDSA keys`
			`if (opts.public \|\| opts.publish \|\| !jwk.d) {`
			`if (opts.private) {`
			`// TODO test that it can actually sign?`
			`err = new Error("Not a private key '" + JSON.stringify(jwk) + "'");`
			`err.code = "ENOTPRIVATE";`
			`return Promise.reject(err);`
			`}`
			`return { public: pub };`
			`} else {`
			`return { private: jwk, public: pub };`
			`}`
			`});`
			`});`
			`};`

			`Keypairs.parseOrGenerate = function (opts) {`
			`if (!opts.key) { return Keypairs.generate(opts); }`
			`opts.private = true;`
			`return Keypairs.parse(opts).catch(function (e) {`
			`console.warn(e.message);`
			`return Keypairs.generate(opts);`
			`});`
			`};`

v1.0.0: just wrap Rasha and Eckles for now 2019-02-23 02:27:20 -07:00			`Keypairs.import = function (opts) {`
v1.1.0: Add tests, more convenience methods, more docs 2019-03-04 17:16:25 -07:00			`return Eckles.import(opts).catch(function () {`
			`return Rasha.import(opts);`
v1.0.0: just wrap Rasha and Eckles for now 2019-02-23 02:27:20 -07:00			`});`
			`};`

			`Keypairs.export = function (opts) {`
			`return Promise.resolve().then(function () {`
			`if ('RSA' === opts.jwk.kty) {`
			`return Rasha.export(opts);`
			`} else {`
			`return Eckles.export(opts);`
			`}`
			`});`
			`};`
v1.1.0: Add tests, more convenience methods, more docs 2019-03-04 17:16:25 -07:00
			`Keypairs.publish = function (opts) {`
			`if ('object' !== typeof opts.jwk \|\| !opts.jwk.kty) { throw new Error("invalid jwk: " + JSON.stringify(opts.jwk)); }`

			`// trying to find the best balance of an immutable copy with custom attributes`
			`var jwk = {};`
			`Object.keys(opts.jwk).forEach(function (k) {`
			`// ignore RSA and EC private parts`
			`if (-1 !== ['d', 'p', 'q', 'dp', 'dq', 'qi'].indexOf(k)) { return; }`
			`jwk[k] = JSON.parse(JSON.stringify(opts.jwk[k]));`
			`});`

			`if (!jwk.exp) {`
			`if (opts.expiresIn) { jwk.exp = Math.round(Date.now()/1000) + opts.expiresIn; }`
			`else { jwk.exp = opts.expiresAt; }`
			`}`
			`if (!jwk.use && false !== jwk.use) { jwk.use = "sig"; }`

			`if (jwk.kid) { return Promise.resolve(jwk); }`
			`return Keypairs.thumbprint({ jwk: jwk }).then(function (thumb) { jwk.kid = thumb; return jwk; });`
			`};`
v1.0.0: just wrap Rasha and Eckles for now 2019-02-23 02:27:20 -07:00
			`Keypairs.thumbprint = function (opts) {`
			`return Promise.resolve().then(function () {`
			`if ('RSA' === opts.jwk.kty) {`
			`return Rasha.thumbprint(opts);`
			`} else {`
			`return Eckles.thumbprint(opts);`
			`}`
			`});`
			`};`
v1.0.1: export and update docs 2019-02-27 00:11:50 -07:00
			`// JWT a.k.a. JWS with Claims using Compact Serialization`
			`Keypairs.signJwt = function (opts) {`
			`return Keypairs.thumbprint({ jwk: opts.jwk }).then(function (thumb) {`
			`var header = opts.header \|\| {};`
			`var claims = JSON.parse(JSON.stringify(opts.claims \|\| {}));`
			`header.typ = 'JWT';`
			`if (!header.kid) {`
			`header.kid = thumb;`
			`}`
			`if (false === claims.iat) {`
			`claims.iat = undefined;`
			`} else if (!claims.iat) {`
			`claims.iat = Math.round(Date.now()/1000);`
			`}`
			`if (false === claims.exp) {`
			`claims.exp = undefined;`
			`} else if (!claims.exp) {`
			`throw new Error("opts.claims.exp should be the expiration date (as seconds since the Unix epoch) or false");`
			`}`
			`if (false === claims.iss) {`
			`claims.iss = undefined;`
			`} else if (!claims.iss) {`
			`throw new Error("opts.claims.iss should be in the form of https://example.com/, a secure OIDC base url");`
			`}`

			`return Keypairs.signJws({`
			`jwk: opts.jwk`
			`, pem: opts.pem`
			`, protected: header`
			`, header: undefined`
			`, payload: claims`
			`}).then(function (jws) {`
			`return [ jws.protected, jws.payload, jws.signature ].join('.');`
			`});`
			`});`
			`};`

			`Keypairs.signJws = function (opts) {`
			`return Keypairs.thumbprint(opts).then(function (thumb) {`

			`function alg() {`
			`if (!opts.jwk) {`
			`throw new Error("opts.jwk must exist and must declare 'typ'");`
			`}`
			`return ('RSA' === opts.jwk.typ) ? "RS256" : "ES256";`
			`}`

			`function sign(pem) {`
			`var header = opts.header;`
			`var protect = opts.protected;`
			`var payload = opts.payload;`

			`// Compute JWS signature`
			`var protectedHeader = "";`
			`// Because unprotected headers are allowed, regrettably...`
			`// https://stackoverflow.com/a/46288694`
			`if (false !== protect) {`
			`if (!protect) { protect = {}; }`
			`if (!protect.alg) { protect.alg = alg(); }`
			`// There's a particular request where Let's Encrypt explicitly doesn't use a kid`
			`if (!protect.kid && false !== protect.kid) { protect.kid = thumb; }`
			`protectedHeader = JSON.stringify(protect);`
			`}`

			`// Convert payload to Buffer`
			`if ('string' !== typeof payload && !Buffer.isBuffer(payload)) {`
			`if (!payload) {`
			`throw new Error("opts.payload should be JSON, string, or Buffer (it may be empty, but that must be explicit)");`
			`}`
			`payload = JSON.stringify(payload);`
			`}`
			`if ('string' === typeof payload) {`
			`payload = Buffer.from(payload, 'binary');`
			`}`

			`// node specifies RSA-SHAxxx even whet it's actually ecdsa (it's all encoded x509 shasums anyway)`
			`var nodeAlg = "RSA-SHA" + (((protect\|\|header).alg\|\|'').replace(/^[^\d]+/, '')\|\|'256');`
			`var protected64 = Enc.strToUrlBase64(protectedHeader);`
			`var payload64 = Enc.bufToUrlBase64(payload);`
			`var sig = require('crypto')`
			`.createSign(nodeAlg)`
			`.update(protect ? (protected64 + "." + payload64) : payload64)`
			`.sign(pem, 'base64')`
			`.replace(/\+/g, '-')`
			`.replace(/\//g, '_')`
			`.replace(/=/g, '')`
			`;`

			`return {`
			`header: header`
			`, protected: protected64 \|\| undefined`
			`, payload: payload64`
			`, signature: sig`
			`};`
			`}`

			`if (opts.pem && opts.jwk) {`
			`return sign(opts.pem);`
			`} else {`
			`return Keypairs.export({ jwk: opts.jwk }).then(sign);`
			`}`
			`});`
			`};`

			`Enc.strToUrlBase64 = function (str) {`
			`// node automatically can tell the difference`
			`// between uc2 (utf-8) strings and binary strings`
			`// so we don't have to re-encode the strings`
			`return Buffer.from(str).toString('base64')`
			`.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, '');`
			`};`
			`Enc.bufToUrlBase64 = function (buf) {`
			`// allow for Uint8Array as a Buffer`
			`return Buffer.from(buf).toString('base64')`
			`.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, '');`
			`};`