forked from ibmruntimes/node-zcrypto
-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.js
126 lines (96 loc) · 4.17 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
/*
* Licensed Materials - Property of IBM
* (C) Copyright IBM Corp. 2020. All Rights Reserved.
* US Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
*/
var forge = require("node-forge");
const fs = require('fs')
const zcrypto = require('./build/Release/zcrypto.node');
// Helper functions
function ArrayToString(array) {
var out, i, len, c;
out = "";
len = array.length;
i = 0;
while(i < len) {
c = array[i++];
out += String.fromCharCode(c);
}
return out;
}
function derToPem(der) {
var asnObj = forge.asn1.fromDer(der);
var asn1Cert = forge.pki.certificateFromAsn1(asnObj);
return forge.pki.certificateToPem(asn1Cert);
};
function ConvertP12ToPKCS1(string, passphrase) {
var asn = forge.asn1.fromDer(string, false)
var p12 = forge.pkcs12.pkcs12FromAsn1(asn, false, passphrase);
var bags = p12.getBags({bagType: forge.pki.oids.certBag});
var bag = bags[forge.pki.oids.certBag][0];
var keyData = p12.getBags({ bagType: forge.pki.oids.pkcs8ShroudedKeyBag })[forge.pki.oids.pkcs8ShroudedKeyBag]
.concat(p12.getBags({ bagType: forge.pki.oids.keyBag })[forge.pki.oids.keyBag]);
var certBags = p12.getBags({ bagType: forge.pki.oids.certBag })[forge.pki.oids.certBag];
var certificate = forge.pki.certificateToPem(certBags[0].cert);
var key = keyData.length ? forge.pki.privateKeyToPem(keyData[0].key) : undefined;
const rsaPrivateKey = forge.pki.privateKeyToAsn1(keyData[0].key);
var forgePublicKey = forge.pki.rsa.setPublicKey(keyData[0].key.n, keyData[0].key.e);
var publickey = forge.pki.publicKeyToPem(forgePublicKey);
return {
key: key,
cert: certificate,
publickey: publickey
};
}
function ConvertP12ToPKCS8(string, passphrase) {
var asn = forge.asn1.fromDer(string, false)
var p12 = forge.pkcs12.pkcs12FromAsn1(asn, false, passphrase);
var bags = p12.getBags({bagType: forge.pki.oids.certBag});
var bag = bags[forge.pki.oids.certBag][0];
var keyData = p12.getBags({ bagType: forge.pki.oids.pkcs8ShroudedKeyBag })[forge.pki.oids.pkcs8ShroudedKeyBag]
.concat(p12.getBags({ bagType: forge.pki.oids.keyBag })[forge.pki.oids.keyBag]);
var certBags = p12.getBags({ bagType: forge.pki.oids.certBag })[forge.pki.oids.certBag];
var certificate = forge.pki.certificateToPem(certBags[0].cert);
// convert a Forge private key to an ASN.1 RSAPrivateKey
const rsaPrivateKey = forge.pki.privateKeyToAsn1(keyData[0].key);
// wrap an RSAPrivateKey ASN.1 object in a PKCS#8 ASN.1 PrivateKeyInfo
const privateKeyInfo = forge.pki.wrapRsaPrivateKey(rsaPrivateKey);
// convert a PKCS#8 ASN.1 PrivateKeyInfo to PEM
var key = keyData.length ? forge.pki.privateKeyInfoToPem(privateKeyInfo) : undefined;
var forgePublicKey = forge.pki.rsa.setPublicKey(keyData[0].key.n, keyData[0].key.e);
var publickey = forge.pki.publicKeyToPem(forgePublicKey);
return {
key: key,
cert: certificate,
publickey: publickey
};
}
function exportKeysToPKCS8(obj, label, passphrase = "root") {
var p12File = obj.exportKeyToBuffer(passphrase, label);
return ConvertP12ToPKCS8(ArrayToString(p12File), passphrase);
}
function exportPublicKey(obj, label, passphrase = "root") {
var p12File = obj.exportKeyToBuffer(passphrase, label);
return ConvertP12ToPublicKey(ArrayToString(p12File), passphrase);
}
function exportKeysToPKCS1(obj, label, passphrase = "root") {
var p12File = obj.exportKeyToBuffer(passphrase, label);
return ConvertP12ToPKCS1(ArrayToString(p12File), passphrase);
}
function exportCertToPEM(obj, label) {
var p12File = obj.exportCertToBuffer(label);
return derToPem(ArrayToString(p12File));
}
function exportP12FileToPEM(file, passphrase = "root") {
var p12File = fs.readFileSync(file, "binary");
return ConvertP12ToPEM(p12File, passphrase);
}
// Exposed API
zcrypto.exportKeysToPKCS8 = exportKeysToPKCS8;
zcrypto.exportKeysToPKCS1 = exportKeysToPKCS1;
zcrypto.exportCertToPEM = exportCertToPEM;
zcrypto.exportLabelToPEM = exportKeysToPKCS1;
zcrypto.exportKeysToPEM = exportKeysToPKCS1;
zcrypto.exportCertToPEM = exportCertToPEM;
zcrypto.exportP12FileToPEM = exportP12FileToPEM;
module.exports = zcrypto;