summaryrefslogtreecommitdiff
path: root/deps/npm/node_modules/request/node_modules/http-signature/node_modules/sshpk/lib/dhe.js
diff options
context:
space:
mode:
Diffstat (limited to 'deps/npm/node_modules/request/node_modules/http-signature/node_modules/sshpk/lib/dhe.js')
-rw-r--r--deps/npm/node_modules/request/node_modules/http-signature/node_modules/sshpk/lib/dhe.js103
1 files changed, 101 insertions, 2 deletions
diff --git a/deps/npm/node_modules/request/node_modules/http-signature/node_modules/sshpk/lib/dhe.js b/deps/npm/node_modules/request/node_modules/http-signature/node_modules/sshpk/lib/dhe.js
index 8f9548ce57..74f5e04702 100644
--- a/deps/npm/node_modules/request/node_modules/http-signature/node_modules/sshpk/lib/dhe.js
+++ b/deps/npm/node_modules/request/node_modules/http-signature/node_modules/sshpk/lib/dhe.js
@@ -1,12 +1,17 @@
-// Copyright 2015 Joyent, Inc.
+// Copyright 2017 Joyent, Inc.
-module.exports = DiffieHellman;
+module.exports = {
+ DiffieHellman: DiffieHellman,
+ generateECDSA: generateECDSA,
+ generateED25519: generateED25519
+};
var assert = require('assert-plus');
var crypto = require('crypto');
var algs = require('./algs');
var utils = require('./utils');
var ed;
+var nacl;
var Key = require('./key');
var PrivateKey = require('./private-key');
@@ -309,3 +314,97 @@ ECPrivate.prototype.deriveSharedSecret = function (pubKey) {
var S = pubKey._pub.multiply(this._priv);
return (new Buffer(S.getX().toBigInteger().toByteArray()));
};
+
+function generateED25519() {
+ if (nacl === undefined)
+ nacl = require('tweetnacl');
+
+ var pair = nacl.sign.keyPair();
+ var priv = new Buffer(pair.secretKey);
+ var pub = new Buffer(pair.publicKey);
+ assert.strictEqual(priv.length, 64);
+ assert.strictEqual(pub.length, 32);
+
+ var parts = [];
+ parts.push({name: 'R', data: pub});
+ parts.push({name: 'r', data: priv});
+ var key = new PrivateKey({
+ type: 'ed25519',
+ parts: parts
+ });
+ return (key);
+}
+
+/* Generates a new ECDSA private key on a given curve. */
+function generateECDSA(curve) {
+ var parts = [];
+ var key;
+
+ if (CRYPTO_HAVE_ECDH) {
+ /*
+ * Node crypto doesn't expose key generation directly, but the
+ * ECDH instances can generate keys. It turns out this just
+ * calls into the OpenSSL generic key generator, and we can
+ * read its output happily without doing an actual DH. So we
+ * use that here.
+ */
+ var osCurve = {
+ 'nistp256': 'prime256v1',
+ 'nistp384': 'secp384r1',
+ 'nistp521': 'secp521r1'
+ }[curve];
+
+ var dh = crypto.createECDH(osCurve);
+ dh.generateKeys();
+
+ parts.push({name: 'curve',
+ data: new Buffer(curve)});
+ parts.push({name: 'Q', data: dh.getPublicKey()});
+ parts.push({name: 'd', data: dh.getPrivateKey()});
+
+ key = new PrivateKey({
+ type: 'ecdsa',
+ curve: curve,
+ parts: parts
+ });
+ return (key);
+
+ } else {
+ if (ecdh === undefined)
+ ecdh = require('ecc-jsbn');
+ if (ec === undefined)
+ ec = require('ecc-jsbn/lib/ec');
+ if (jsbn === undefined)
+ jsbn = require('jsbn').BigInteger;
+
+ var ecParams = new X9ECParameters(curve);
+
+ /* This algorithm taken from FIPS PUB 186-4 (section B.4.1) */
+ var n = ecParams.getN();
+ /*
+ * The crypto.randomBytes() function can only give us whole
+ * bytes, so taking a nod from X9.62, we round up.
+ */
+ var cByteLen = Math.ceil((n.bitLength() + 64) / 8);
+ var c = new jsbn(crypto.randomBytes(cByteLen));
+
+ var n1 = n.subtract(jsbn.ONE);
+ var priv = c.mod(n1).add(jsbn.ONE);
+ var pub = ecParams.getG().multiply(priv);
+
+ priv = new Buffer(priv.toByteArray());
+ pub = new Buffer(ecParams.getCurve().
+ encodePointHex(pub), 'hex');
+
+ parts.push({name: 'curve', data: new Buffer(curve)});
+ parts.push({name: 'Q', data: pub});
+ parts.push({name: 'd', data: priv});
+
+ key = new PrivateKey({
+ type: 'ecdsa',
+ curve: curve,
+ parts: parts
+ });
+ return (key);
+ }
+}
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-01 11:31:56 +0000