diff options
Diffstat (limited to 'ext/node/polyfills/_crypto/crypto_browserify/parse_asn1')
4 files changed, 0 insertions, 383 deletions
diff --git a/ext/node/polyfills/_crypto/crypto_browserify/parse_asn1/asn1.js b/ext/node/polyfills/_crypto/crypto_browserify/parse_asn1/asn1.js deleted file mode 100644 index 9023cf259..000000000 --- a/ext/node/polyfills/_crypto/crypto_browserify/parse_asn1/asn1.js +++ /dev/null @@ -1,117 +0,0 @@ -// Copyright 2018-2023 the Deno authors. All rights reserved. MIT license. -// Copyright 2017 crypto-browserify. All rights reserved. MIT license. -// from https://github.com/crypto-browserify/parse-asn1/blob/fbd70dca8670d17955893e083ca69118908570be/asn1.js - -import asn1 from "internal:deno_node/polyfills/_crypto/crypto_browserify/asn1.js/mod.js"; -import certificate from "internal:deno_node/polyfills/_crypto/crypto_browserify/parse_asn1/certificate.js"; -export { certificate }; - -export const RSAPrivateKey = asn1.define("RSAPrivateKey", function () { - this.seq().obj( - this.key("version").int(), - this.key("modulus").int(), - this.key("publicExponent").int(), - this.key("privateExponent").int(), - this.key("prime1").int(), - this.key("prime2").int(), - this.key("exponent1").int(), - this.key("exponent2").int(), - this.key("coefficient").int(), - ); -}); - -export const RSAPublicKey = asn1.define("RSAPublicKey", function () { - this.seq().obj( - this.key("modulus").int(), - this.key("publicExponent").int(), - ); -}); - -export const PublicKey = asn1.define("SubjectPublicKeyInfo", function () { - this.seq().obj( - this.key("algorithm").use(AlgorithmIdentifier), - this.key("subjectPublicKey").bitstr(), - ); -}); - -const AlgorithmIdentifier = asn1.define("AlgorithmIdentifier", function () { - this.seq().obj( - this.key("algorithm").objid(), - this.key("none").null_().optional(), - this.key("curve").objid().optional(), - this.key("params").seq().obj( - this.key("p").int(), - this.key("q").int(), - this.key("g").int(), - ).optional(), - ); -}); - -export const PrivateKey = asn1.define("PrivateKeyInfo", function () { - this.seq().obj( - this.key("version").int(), - this.key("algorithm").use(AlgorithmIdentifier), - this.key("subjectPrivateKey").octstr(), - ); -}); -export const EncryptedPrivateKey = asn1.define( - "EncryptedPrivateKeyInfo", - function () { - this.seq().obj( - this.key("algorithm").seq().obj( - this.key("id").objid(), - this.key("decrypt").seq().obj( - this.key("kde").seq().obj( - this.key("id").objid(), - this.key("kdeparams").seq().obj( - this.key("salt").octstr(), - this.key("iters").int(), - ), - ), - this.key("cipher").seq().obj( - this.key("algo").objid(), - this.key("iv").octstr(), - ), - ), - ), - this.key("subjectPrivateKey").octstr(), - ); - }, -); - -export const DSAPrivateKey = asn1.define("DSAPrivateKey", function () { - this.seq().obj( - this.key("version").int(), - this.key("p").int(), - this.key("q").int(), - this.key("g").int(), - this.key("pub_key").int(), - this.key("priv_key").int(), - ); -}); - -export const DSAparam = asn1.define("DSAparam", function () { - this.int(); -}); - -export const ECPrivateKey = asn1.define("ECPrivateKey", function () { - this.seq().obj( - this.key("version").int(), - this.key("privateKey").octstr(), - this.key("parameters").optional().explicit(0).use(ECParameters), - this.key("publicKey").optional().explicit(1).bitstr(), - ); -}); - -const ECParameters = asn1.define("ECParameters", function () { - this.choice({ - namedCurve: this.objid(), - }); -}); - -export const signature = asn1.define("signature", function () { - this.seq().obj( - this.key("r").int(), - this.key("s").int(), - ); -}); diff --git a/ext/node/polyfills/_crypto/crypto_browserify/parse_asn1/certificate.js b/ext/node/polyfills/_crypto/crypto_browserify/parse_asn1/certificate.js deleted file mode 100644 index 484aa41c4..000000000 --- a/ext/node/polyfills/_crypto/crypto_browserify/parse_asn1/certificate.js +++ /dev/null @@ -1,91 +0,0 @@ -// Copyright 2018-2023 the Deno authors. All rights reserved. MIT license. -// Copyright 2017 crypto-browserify. All rights reserved. MIT license. -// from https://github.com/crypto-browserify/parse-asn1/blob/fbd70dca8670d17955893e083ca69118908570be/certificate.js - -import * as asn from "internal:deno_node/polyfills/_crypto/crypto_browserify/asn1.js/mod.js"; - -const Time = asn.define("Time", function () { - this.choice({ - utcTime: this.utctime(), - generalTime: this.gentime(), - }); -}); - -const AttributeTypeValue = asn.define("AttributeTypeValue", function () { - this.seq().obj( - this.key("type").objid(), - this.key("value").any(), - ); -}); - -const AlgorithmIdentifier = asn.define("AlgorithmIdentifier", function () { - this.seq().obj( - this.key("algorithm").objid(), - this.key("parameters").optional(), - this.key("curve").objid().optional(), - ); -}); - -const SubjectPublicKeyInfo = asn.define("SubjectPublicKeyInfo", function () { - this.seq().obj( - this.key("algorithm").use(AlgorithmIdentifier), - this.key("subjectPublicKey").bitstr(), - ); -}); - -const RelativeDistinguishedName = asn.define( - "RelativeDistinguishedName", - function () { - this.setof(AttributeTypeValue); - }, -); - -const RDNSequence = asn.define("RDNSequence", function () { - this.seqof(RelativeDistinguishedName); -}); - -const Name = asn.define("Name", function () { - this.choice({ - rdnSequence: this.use(RDNSequence), - }); -}); - -const Validity = asn.define("Validity", function () { - this.seq().obj( - this.key("notBefore").use(Time), - this.key("notAfter").use(Time), - ); -}); - -const Extension = asn.define("Extension", function () { - this.seq().obj( - this.key("extnID").objid(), - this.key("critical").bool().def(false), - this.key("extnValue").octstr(), - ); -}); - -const TBSCertificate = asn.define("TBSCertificate", function () { - this.seq().obj( - this.key("version").explicit(0).int().optional(), - this.key("serialNumber").int(), - this.key("signature").use(AlgorithmIdentifier), - this.key("issuer").use(Name), - this.key("validity").use(Validity), - this.key("subject").use(Name), - this.key("subjectPublicKeyInfo").use(SubjectPublicKeyInfo), - this.key("issuerUniqueID").implicit(1).bitstr().optional(), - this.key("subjectUniqueID").implicit(2).bitstr().optional(), - this.key("extensions").explicit(3).seqof(Extension).optional(), - ); -}); - -export const X509Certificate = asn.define("X509Certificate", function () { - this.seq().obj( - this.key("tbsCertificate").use(TBSCertificate), - this.key("signatureAlgorithm").use(AlgorithmIdentifier), - this.key("signatureValue").bitstr(), - ); -}); - -export default X509Certificate; diff --git a/ext/node/polyfills/_crypto/crypto_browserify/parse_asn1/fix_proc.js b/ext/node/polyfills/_crypto/crypto_browserify/parse_asn1/fix_proc.js deleted file mode 100644 index 9c78f7bb2..000000000 --- a/ext/node/polyfills/_crypto/crypto_browserify/parse_asn1/fix_proc.js +++ /dev/null @@ -1,37 +0,0 @@ -// Copyright 2018-2023 the Deno authors. All rights reserved. MIT license. -// Copyright 2017 crypto-browserify. All rights reserved. MIT license. -// from https://github.com/crypto-browserify/parse-asn1/blob/fbd70dca8670d17955893e083ca69118908570be/fixProc.js - -import evp from "internal:deno_node/polyfills/_crypto/crypto_browserify/evp_bytes_to_key.ts"; -import * as ciphers from "internal:deno_node/polyfills/_crypto/crypto_browserify/browserify_aes/mod.js"; -import { Buffer } from "internal:deno_node/polyfills/buffer.ts"; - -const findProc = - /Proc-Type: 4,ENCRYPTED[\n\r]+DEK-Info: AES-((?:128)|(?:192)|(?:256))-CBC,([0-9A-H]+)[\n\r]+([0-9A-z\n\r+/=]+)[\n\r]+/m; -const startRegex = /^-----BEGIN ((?:.*? KEY)|CERTIFICATE)-----/m; -const fullRegex = - /^-----BEGIN ((?:.*? KEY)|CERTIFICATE)-----([0-9A-z\n\r+/=]+)-----END \1-----$/m; -export default function (okey, password) { - const key = okey.toString(); - const match = key.match(findProc); - let decrypted; - if (!match) { - const match2 = key.match(fullRegex); - decrypted = Buffer.from(match2[2].replace(/[\r\n]/g, ""), "base64"); - } else { - const suite = "aes" + match[1]; - const iv = Buffer.from(match[2], "hex"); - const cipherText = Buffer.from(match[3].replace(/[\r\n]/g, ""), "base64"); - const cipherKey = evp(password, iv.slice(0, 8), parseInt(match[1], 10)).key; - const out = []; - const cipher = ciphers.createDecipheriv(suite, cipherKey, iv); - out.push(cipher.update(cipherText)); - out.push(cipher.final()); - decrypted = Buffer.concat(out); - } - const tag = key.match(startRegex)[1]; - return { - tag: tag, - data: decrypted, - }; -} diff --git a/ext/node/polyfills/_crypto/crypto_browserify/parse_asn1/mod.js b/ext/node/polyfills/_crypto/crypto_browserify/parse_asn1/mod.js deleted file mode 100644 index 66aa2227f..000000000 --- a/ext/node/polyfills/_crypto/crypto_browserify/parse_asn1/mod.js +++ /dev/null @@ -1,138 +0,0 @@ -// Copyright 2018-2023 the Deno authors. All rights reserved. MIT license. -// Copyright 2017 crypto-browserify. All rights reserved. MIT license. -// from https://github.com/crypto-browserify/parse-asn1/blob/fbd70dca8670d17955893e083ca69118908570be/index.js - -import * as asn1 from "internal:deno_node/polyfills/_crypto/crypto_browserify/parse_asn1/asn1.js"; -import fixProc from "internal:deno_node/polyfills/_crypto/crypto_browserify/parse_asn1/fix_proc.js"; -import * as ciphers from "internal:deno_node/polyfills/_crypto/crypto_browserify/browserify_aes/mod.js"; -import { Buffer } from "internal:deno_node/polyfills/buffer.ts"; -import { pbkdf2Sync } from "internal:deno_node/polyfills/internal/crypto/pbkdf2.ts"; - -const aesid = { - "2.16.840.1.101.3.4.1.1": "aes-128-ecb", - "2.16.840.1.101.3.4.1.2": "aes-128-cbc", - "2.16.840.1.101.3.4.1.3": "aes-128-ofb", - "2.16.840.1.101.3.4.1.4": "aes-128-cfb", - "2.16.840.1.101.3.4.1.21": "aes-192-ecb", - "2.16.840.1.101.3.4.1.22": "aes-192-cbc", - "2.16.840.1.101.3.4.1.23": "aes-192-ofb", - "2.16.840.1.101.3.4.1.24": "aes-192-cfb", - "2.16.840.1.101.3.4.1.41": "aes-256-ecb", - "2.16.840.1.101.3.4.1.42": "aes-256-cbc", - "2.16.840.1.101.3.4.1.43": "aes-256-ofb", - "2.16.840.1.101.3.4.1.44": "aes-256-cfb", -}; -export function parseKeys(buffer) { - let password; - if (typeof buffer === "object" && !Buffer.isBuffer(buffer)) { - password = buffer.passphrase; - buffer = buffer.key; - } - if (typeof buffer === "string") { - buffer = Buffer.from(buffer); - } - - const stripped = fixProc(buffer, password); - - const type = stripped.tag; - let data = stripped.data; - let subtype, ndata; - switch (type) { - case "CERTIFICATE": - ndata = asn1.certificate.decode(data, "der").tbsCertificate - .subjectPublicKeyInfo; - // falls through - case "PUBLIC KEY": - if (!ndata) { - ndata = asn1.PublicKey.decode(data, "der"); - } - subtype = ndata.algorithm.algorithm.join("."); - switch (subtype) { - case "1.2.840.113549.1.1.1": - return asn1.RSAPublicKey.decode(ndata.subjectPublicKey.data, "der"); - case "1.2.840.10045.2.1": - ndata.subjectPrivateKey = ndata.subjectPublicKey; - return { - type: "ec", - data: ndata, - }; - case "1.2.840.10040.4.1": - ndata.algorithm.params.pub_key = asn1.DSAparam.decode( - ndata.subjectPublicKey.data, - "der", - ); - return { - type: "dsa", - data: ndata.algorithm.params, - }; - default: - throw new Error("unknown key id " + subtype); - } - // throw new Error('unknown key type ' + type) - case "ENCRYPTED PRIVATE KEY": - data = asn1.EncryptedPrivateKey.decode(data, "der"); - data = decrypt(data, password); - // falls through - case "PRIVATE KEY": - ndata = asn1.PrivateKey.decode(data, "der"); - subtype = ndata.algorithm.algorithm.join("."); - switch (subtype) { - case "1.2.840.113549.1.1.1": - return asn1.RSAPrivateKey.decode(ndata.subjectPrivateKey, "der"); - case "1.2.840.10045.2.1": - return { - curve: ndata.algorithm.curve, - privateKey: asn1.ECPrivateKey.decode(ndata.subjectPrivateKey, "der") - .privateKey, - }; - case "1.2.840.10040.4.1": - ndata.algorithm.params.priv_key = asn1.DSAparam.decode( - ndata.subjectPrivateKey, - "der", - ); - return { - type: "dsa", - params: ndata.algorithm.params, - }; - default: - throw new Error("unknown key id " + subtype); - } - // throw new Error('unknown key type ' + type) - case "RSA PUBLIC KEY": - return asn1.RSAPublicKey.decode(data, "der"); - case "RSA PRIVATE KEY": - return asn1.RSAPrivateKey.decode(data, "der"); - case "DSA PRIVATE KEY": - return { - type: "dsa", - params: asn1.DSAPrivateKey.decode(data, "der"), - }; - case "EC PRIVATE KEY": - data = asn1.ECPrivateKey.decode(data, "der"); - return { - curve: data.parameters.value, - privateKey: data.privateKey, - }; - default: - throw new Error("unknown key type " + type); - } -} -export default parseKeys; -parseKeys.signature = asn1.signature; -function decrypt(data, password) { - const salt = data.algorithm.decrypt.kde.kdeparams.salt; - const iters = parseInt( - data.algorithm.decrypt.kde.kdeparams.iters.toString(), - 10, - ); - const algo = aesid[data.algorithm.decrypt.cipher.algo.join(".")]; - const iv = data.algorithm.decrypt.cipher.iv; - const cipherText = data.subjectPrivateKey; - const keylen = parseInt(algo.split("-")[1], 10) / 8; - const key = pbkdf2Sync(password, salt, iters, keylen, "sha1"); - const cipher = ciphers.createDecipheriv(algo, key, iv); - const out = []; - out.push(cipher.update(cipherText)); - out.push(cipher.final()); - return Buffer.concat(out); -} |