js-libp2p-crypto/src/keys/index.js

'use strict'

const protobuf = require('protons')
const keysPBM = protobuf(require('./keys.proto'))
require('node-forge/lib/asn1')
require('node-forge/lib/rsa')
require('node-forge/lib/pbe')
const forge = require('node-forge/lib/forge')

exports = module.exports

const supportedKeys = {
  rsa: require('./rsa-class'),
  ed25519: require('./ed25519-class'),
  secp256k1: require('libp2p-crypto-secp256k1')(keysPBM, require('../random-bytes'))
}

exports.supportedKeys = supportedKeys
exports.keysPBM = keysPBM

function isValidKeyType (keyType) {
  const key = supportedKeys[keyType.toLowerCase()]
  return key !== undefined
}

exports.keyStretcher = require('./key-stretcher')
exports.generateEphemeralKeyPair = require('./ephemeral-keys')

// Generates a keypair of the given type and bitsize
exports.generateKeyPair = async (type, bits) => { // eslint-disable-line require-await
  let key = supportedKeys[type.toLowerCase()]

  if (!key) {
    throw new Error('invalid or unsupported key type')
  }

  return key.generateKeyPair(bits)
}

// Generates a keypair of the given type and bitsize
// seed is a 32 byte uint8array
exports.generateKeyPairFromSeed = async (type, seed, bits) => { // eslint-disable-line require-await
  let key = supportedKeys[type.toLowerCase()]
  if (!key) {
    throw new Error('invalid or unsupported key type')
  }
  if (type.toLowerCase() !== 'ed25519') {
    throw new Error('Seed key derivation is unimplemented for RSA or secp256k1')
  }
  return key.generateKeyPairFromSeed(seed, bits)
}

// Converts a protobuf serialized public key into its
// representative object
exports.unmarshalPublicKey = (buf) => {
  const decoded = keysPBM.PublicKey.decode(buf)
  const data = decoded.Data

  switch (decoded.Type) {
    case keysPBM.KeyType.RSA:
      return supportedKeys.rsa.unmarshalRsaPublicKey(data)
    case keysPBM.KeyType.Ed25519:
      return supportedKeys.ed25519.unmarshalEd25519PublicKey(data)
    case keysPBM.KeyType.Secp256k1:
      if (supportedKeys.secp256k1) {
        return supportedKeys.secp256k1.unmarshalSecp256k1PublicKey(data)
      } else {
        throw new Error('secp256k1 support requires libp2p-crypto-secp256k1 package')
      }
    default:
      throw new Error('invalid or unsupported key type')
  }
}

// Converts a public key object into a protobuf serialized public key
exports.marshalPublicKey = (key, type) => {
  type = (type || 'rsa').toLowerCase()
  if (!isValidKeyType(type)) {
    throw new Error('invalid or unsupported key type')
  }

  return key.bytes
}

// Converts a protobuf serialized private key into its
// representative object
exports.unmarshalPrivateKey = async (buf) => { // eslint-disable-line require-await
  const decoded = keysPBM.PrivateKey.decode(buf)
  const data = decoded.Data

  switch (decoded.Type) {
    case keysPBM.KeyType.RSA:
      return supportedKeys.rsa.unmarshalRsaPrivateKey(data)
    case keysPBM.KeyType.Ed25519:
      return supportedKeys.ed25519.unmarshalEd25519PrivateKey(data)
    case keysPBM.KeyType.Secp256k1:
      if (supportedKeys.secp256k1) {
        return supportedKeys.secp256k1.unmarshalSecp256k1PrivateKey(data)
      } else {
        throw new Error('secp256k1 support requires libp2p-crypto-secp256k1 package')
      }
    default:
      throw new Error('invalid or unsupported key type')
  }
}

// Converts a private key object into a protobuf serialized private key
exports.marshalPrivateKey = (key, type) => {
  type = (type || 'rsa').toLowerCase()
  if (!isValidKeyType(type)) {
    throw new Error('invalid or unsupported key type')
  }

  return key.bytes
}

exports.import = async (pem, password) => { // eslint-disable-line require-await
  const key = forge.pki.decryptRsaPrivateKey(pem, password)
  if (key === null) {
    throw new Error('Cannot read the key, most likely the password is wrong or not a RSA key')
  }
  let der = forge.asn1.toDer(forge.pki.privateKeyToAsn1(key))
  der = Buffer.from(der.getBytes(), 'binary')
  return supportedKeys.rsa.unmarshalRsaPrivateKey(der)
}
inital commit 2016-05-19 18:47:48 +02:00			`'use strict'`

feat: switch protocol-buffers to protons (#110) Ref https://github.com/ipfs/js-ipfs/issues/991 2017-09-07 11:37:56 +02:00			`const protobuf = require('protons')`
fix: use regular protocol-buffers until protobufjs is fixed (#109) 2017-09-06 08:29:45 +01:00			`const keysPBM = protobuf(require('./keys.proto'))`
fix: clean up, bundle size reduction BREAKING CHANGE: getRandomValues method exported from src/keys/rsa-browser.js and src/keys/rsa.js signature has changed from accepting an array to a number for random byte length 2019-01-08 18:37:03 +00:00			`require('node-forge/lib/asn1')`
			`require('node-forge/lib/rsa')`
			`require('node-forge/lib/pbe')`
			`const forge = require('node-forge/lib/forge')`
refactor: the whole thing (#102) 2017-07-22 10:57:27 -07:00
			`exports = module.exports`

fix: circular circular dep -> DI 2017-07-22 13:25:15 -07:00			`const supportedKeys = {`
			`rsa: require('./rsa-class'),`
			`ed25519: require('./ed25519-class'),`
			`secp256k1: require('libp2p-crypto-secp256k1')(keysPBM, require('../random-bytes'))`
			`}`

			`exports.supportedKeys = supportedKeys`
			`exports.keysPBM = keysPBM`
refactor: the whole thing (#102) 2017-07-22 10:57:27 -07:00
			`function isValidKeyType (keyType) {`
fix: circular circular dep -> DI 2017-07-22 13:25:15 -07:00			`const key = supportedKeys[keyType.toLowerCase()]`
refactor: the whole thing (#102) 2017-07-22 10:57:27 -07:00			`return key !== undefined`
			`}`

			`exports.keyStretcher = require('./key-stretcher')`
			`exports.generateEphemeralKeyPair = require('./ephemeral-keys')`

			`// Generates a keypair of the given type and bitsize`
feat: refactor to use async/await (#131) BREAKING CHANGE: API refactored to use async/await feat: WIP use async await fix: passing tests chore: update travis node.js versions fix: skip ursa optional tests on windows fix: benchmarks docs: update docs fix: remove broken and intested private key decrypt chore: update deps 2019-07-10 17:15:26 +01:00			`exports.generateKeyPair = async (type, bits) => { // eslint-disable-line require-await`
fix: circular circular dep -> DI 2017-07-22 13:25:15 -07:00			`let key = supportedKeys[type.toLowerCase()]`
refactor: the whole thing (#102) 2017-07-22 10:57:27 -07:00
			`if (!key) {`
feat: refactor to use async/await (#131) BREAKING CHANGE: API refactored to use async/await feat: WIP use async await fix: passing tests chore: update travis node.js versions fix: skip ursa optional tests on windows fix: benchmarks docs: update docs fix: remove broken and intested private key decrypt chore: update deps 2019-07-10 17:15:26 +01:00			`throw new Error('invalid or unsupported key type')`
refactor: the whole thing (#102) 2017-07-22 10:57:27 -07:00			`}`

feat: refactor to use async/await (#131) BREAKING CHANGE: API refactored to use async/await feat: WIP use async await fix: passing tests chore: update travis node.js versions fix: skip ursa optional tests on windows fix: benchmarks docs: update docs fix: remove broken and intested private key decrypt chore: update deps 2019-07-10 17:15:26 +01:00			`return key.generateKeyPair(bits)`
refactor: the whole thing (#102) 2017-07-22 10:57:27 -07:00			`}`

			`// Generates a keypair of the given type and bitsize`
			`// seed is a 32 byte uint8array`
feat: refactor to use async/await (#131) BREAKING CHANGE: API refactored to use async/await feat: WIP use async await fix: passing tests chore: update travis node.js versions fix: skip ursa optional tests on windows fix: benchmarks docs: update docs fix: remove broken and intested private key decrypt chore: update deps 2019-07-10 17:15:26 +01:00			`exports.generateKeyPairFromSeed = async (type, seed, bits) => { // eslint-disable-line require-await`
fix: circular circular dep -> DI 2017-07-22 13:25:15 -07:00			`let key = supportedKeys[type.toLowerCase()]`
refactor: the whole thing (#102) 2017-07-22 10:57:27 -07:00			`if (!key) {`
feat: refactor to use async/await (#131) BREAKING CHANGE: API refactored to use async/await feat: WIP use async await fix: passing tests chore: update travis node.js versions fix: skip ursa optional tests on windows fix: benchmarks docs: update docs fix: remove broken and intested private key decrypt chore: update deps 2019-07-10 17:15:26 +01:00			`throw new Error('invalid or unsupported key type')`
refactor: the whole thing (#102) 2017-07-22 10:57:27 -07:00			`}`
			`if (type.toLowerCase() !== 'ed25519') {`
feat: refactor to use async/await (#131) BREAKING CHANGE: API refactored to use async/await feat: WIP use async await fix: passing tests chore: update travis node.js versions fix: skip ursa optional tests on windows fix: benchmarks docs: update docs fix: remove broken and intested private key decrypt chore: update deps 2019-07-10 17:15:26 +01:00			`throw new Error('Seed key derivation is unimplemented for RSA or secp256k1')`
refactor: the whole thing (#102) 2017-07-22 10:57:27 -07:00			`}`
feat: refactor to use async/await (#131) BREAKING CHANGE: API refactored to use async/await feat: WIP use async await fix: passing tests chore: update travis node.js versions fix: skip ursa optional tests on windows fix: benchmarks docs: update docs fix: remove broken and intested private key decrypt chore: update deps 2019-07-10 17:15:26 +01:00			`return key.generateKeyPairFromSeed(seed, bits)`
refactor: the whole thing (#102) 2017-07-22 10:57:27 -07:00			`}`

			`// Converts a protobuf serialized public key into its`
			`// representative object`
			`exports.unmarshalPublicKey = (buf) => {`
fix: circular circular dep -> DI 2017-07-22 13:25:15 -07:00			`const decoded = keysPBM.PublicKey.decode(buf)`
fix: use regular protocol-buffers until protobufjs is fixed (#109) 2017-09-06 08:29:45 +01:00			`const data = decoded.Data`
refactor: the whole thing (#102) 2017-07-22 10:57:27 -07:00
			`switch (decoded.Type) {`
fix: circular circular dep -> DI 2017-07-22 13:25:15 -07:00			`case keysPBM.KeyType.RSA:`
fix: switch to protobufjs (#107) rm unsafe-eval 2017-09-05 12:05:47 +02:00			`return supportedKeys.rsa.unmarshalRsaPublicKey(data)`
fix: circular circular dep -> DI 2017-07-22 13:25:15 -07:00			`case keysPBM.KeyType.Ed25519:`
fix: switch to protobufjs (#107) rm unsafe-eval 2017-09-05 12:05:47 +02:00			`return supportedKeys.ed25519.unmarshalEd25519PublicKey(data)`
fix: circular circular dep -> DI 2017-07-22 13:25:15 -07:00			`case keysPBM.KeyType.Secp256k1:`
			`if (supportedKeys.secp256k1) {`
fix: switch to protobufjs (#107) rm unsafe-eval 2017-09-05 12:05:47 +02:00			`return supportedKeys.secp256k1.unmarshalSecp256k1PublicKey(data)`
refactor: the whole thing (#102) 2017-07-22 10:57:27 -07:00			`} else {`
			`throw new Error('secp256k1 support requires libp2p-crypto-secp256k1 package')`
			`}`
			`default:`
			`throw new Error('invalid or unsupported key type')`
			`}`
			`}`

			`// Converts a public key object into a protobuf serialized public key`
			`exports.marshalPublicKey = (key, type) => {`
			`type = (type \|\| 'rsa').toLowerCase()`
			`if (!isValidKeyType(type)) {`
			`throw new Error('invalid or unsupported key type')`
			`}`

			`return key.bytes`
			`}`

			`// Converts a protobuf serialized private key into its`
			`// representative object`
feat: refactor to use async/await (#131) BREAKING CHANGE: API refactored to use async/await feat: WIP use async await fix: passing tests chore: update travis node.js versions fix: skip ursa optional tests on windows fix: benchmarks docs: update docs fix: remove broken and intested private key decrypt chore: update deps 2019-07-10 17:15:26 +01:00			`exports.unmarshalPrivateKey = async (buf) => { // eslint-disable-line require-await`
			`const decoded = keysPBM.PrivateKey.decode(buf)`
fix: use regular protocol-buffers until protobufjs is fixed (#109) 2017-09-06 08:29:45 +01:00			`const data = decoded.Data`
refactor: the whole thing (#102) 2017-07-22 10:57:27 -07:00
			`switch (decoded.Type) {`
fix: circular circular dep -> DI 2017-07-22 13:25:15 -07:00			`case keysPBM.KeyType.RSA:`
feat: refactor to use async/await (#131) BREAKING CHANGE: API refactored to use async/await feat: WIP use async await fix: passing tests chore: update travis node.js versions fix: skip ursa optional tests on windows fix: benchmarks docs: update docs fix: remove broken and intested private key decrypt chore: update deps 2019-07-10 17:15:26 +01:00			`return supportedKeys.rsa.unmarshalRsaPrivateKey(data)`
fix: circular circular dep -> DI 2017-07-22 13:25:15 -07:00			`case keysPBM.KeyType.Ed25519:`
feat: refactor to use async/await (#131) BREAKING CHANGE: API refactored to use async/await feat: WIP use async await fix: passing tests chore: update travis node.js versions fix: skip ursa optional tests on windows fix: benchmarks docs: update docs fix: remove broken and intested private key decrypt chore: update deps 2019-07-10 17:15:26 +01:00			`return supportedKeys.ed25519.unmarshalEd25519PrivateKey(data)`
fix: circular circular dep -> DI 2017-07-22 13:25:15 -07:00			`case keysPBM.KeyType.Secp256k1:`
			`if (supportedKeys.secp256k1) {`
feat: refactor to use async/await (#131) BREAKING CHANGE: API refactored to use async/await feat: WIP use async await fix: passing tests chore: update travis node.js versions fix: skip ursa optional tests on windows fix: benchmarks docs: update docs fix: remove broken and intested private key decrypt chore: update deps 2019-07-10 17:15:26 +01:00			`return supportedKeys.secp256k1.unmarshalSecp256k1PrivateKey(data)`
refactor: the whole thing (#102) 2017-07-22 10:57:27 -07:00			`} else {`
feat: refactor to use async/await (#131) BREAKING CHANGE: API refactored to use async/await feat: WIP use async await fix: passing tests chore: update travis node.js versions fix: skip ursa optional tests on windows fix: benchmarks docs: update docs fix: remove broken and intested private key decrypt chore: update deps 2019-07-10 17:15:26 +01:00			`throw new Error('secp256k1 support requires libp2p-crypto-secp256k1 package')`
refactor: the whole thing (#102) 2017-07-22 10:57:27 -07:00			`}`
			`default:`
feat: refactor to use async/await (#131) BREAKING CHANGE: API refactored to use async/await feat: WIP use async await fix: passing tests chore: update travis node.js versions fix: skip ursa optional tests on windows fix: benchmarks docs: update docs fix: remove broken and intested private key decrypt chore: update deps 2019-07-10 17:15:26 +01:00			`throw new Error('invalid or unsupported key type')`
refactor: the whole thing (#102) 2017-07-22 10:57:27 -07:00			`}`
			`}`

			`// Converts a private key object into a protobuf serialized private key`
			`exports.marshalPrivateKey = (key, type) => {`
			`type = (type \|\| 'rsa').toLowerCase()`
			`if (!isValidKeyType(type)) {`
			`throw new Error('invalid or unsupported key type')`
			`}`

			`return key.bytes`
feat: add support for secp256k1 keys through the `libp2p-crypto-secp256k1` module 2017-02-04 04:23:38 -05:00			`}`
feat: key exchange with jsrsasign (#115) * feat: export/import password protected RSA key * docs: crypto.key.import * test: import with wrong password * fix: lint * test: importing openssl keys * just to trigger circle with new ubuntu * feat: get the RSA key id * feat: get the ED 25519 key id * feat: pbkdf2 * fix(pbkdf2): base64 has more chars to guess than hex * chore: update deps 2017-12-20 21:11:47 +13:00
feat: refactor to use async/await (#131) BREAKING CHANGE: API refactored to use async/await feat: WIP use async await fix: passing tests chore: update travis node.js versions fix: skip ursa optional tests on windows fix: benchmarks docs: update docs fix: remove broken and intested private key decrypt chore: update deps 2019-07-10 17:15:26 +01:00			`exports.import = async (pem, password) => { // eslint-disable-line require-await`
			`const key = forge.pki.decryptRsaPrivateKey(pem, password)`
			`if (key === null) {`
			`throw new Error('Cannot read the key, most likely the password is wrong or not a RSA key')`
feat: key exchange with jsrsasign (#115) * feat: export/import password protected RSA key * docs: crypto.key.import * test: import with wrong password * fix: lint * test: importing openssl keys * just to trigger circle with new ubuntu * feat: get the RSA key id * feat: get the ED 25519 key id * feat: pbkdf2 * fix(pbkdf2): base64 has more chars to guess than hex * chore: update deps 2017-12-20 21:11:47 +13:00			`}`
feat: refactor to use async/await (#131) BREAKING CHANGE: API refactored to use async/await feat: WIP use async await fix: passing tests chore: update travis node.js versions fix: skip ursa optional tests on windows fix: benchmarks docs: update docs fix: remove broken and intested private key decrypt chore: update deps 2019-07-10 17:15:26 +01:00			`let der = forge.asn1.toDer(forge.pki.privateKeyToAsn1(key))`
			`der = Buffer.from(der.getBytes(), 'binary')`
			`return supportedKeys.rsa.unmarshalRsaPrivateKey(der)`
feat: key exchange with jsrsasign (#115) * feat: export/import password protected RSA key * docs: crypto.key.import * test: import with wrong password * fix: lint * test: importing openssl keys * just to trigger circle with new ubuntu * feat: get the RSA key id * feat: get the ED 25519 key id * feat: pbkdf2 * fix(pbkdf2): base64 has more chars to guess than hex * chore: update deps 2017-12-20 21:11:47 +13:00			`}`