ASWI - Pokročilé softwarové inženýrství » ASWI 2020 » Webová aplikace simulující kontingenční tabulku (CIV) - VLDC

var asn1 = require('./asn1')

var aesid = require('./aesid.json')

var fixProc = require('./fixProc')

var ciphers = require('browserify-aes')

var compat = require('pbkdf2')

var Buffer = require('safe-buffer').Buffer

module.exports = parseKeys

function parseKeys (buffer) {

  var password

  if (typeof buffer === 'object' && !Buffer.isBuffer(buffer)) {

    password = buffer.passphrase

    buffer = buffer.key

  }

  if (typeof buffer === 'string') {

    buffer = Buffer.from(buffer)

  }

  var stripped = fixProc(buffer, password)

  var type = stripped.tag

  var data = stripped.data

  var subtype, ndata

  switch (type) {

    case 'CERTIFICATE':

      ndata = asn1.certificate.decode(data, 'der').tbsCertificate.subjectPublicKeyInfo

      // falls through

    case 'PUBLIC KEY':

      if (!ndata) {

        ndata = asn1.PublicKey.decode(data, 'der')

      }

      subtype = ndata.algorithm.algorithm.join('.')

      switch (subtype) {

        case '1.2.840.113549.1.1.1':

          return asn1.RSAPublicKey.decode(ndata.subjectPublicKey.data, 'der')

        case '1.2.840.10045.2.1':

          ndata.subjectPrivateKey = ndata.subjectPublicKey

          return {

            type: 'ec',

            data: ndata

          }

        case '1.2.840.10040.4.1':

          ndata.algorithm.params.pub_key = asn1.DSAparam.decode(ndata.subjectPublicKey.data, 'der')

          return {

            type: 'dsa',

            data: ndata.algorithm.params

          }

        default: throw new Error('unknown key id ' + subtype)

      }

      throw new Error('unknown key type ' + type)

    case 'ENCRYPTED PRIVATE KEY':

      data = asn1.EncryptedPrivateKey.decode(data, 'der')

      data = decrypt(data, password)

      // falls through

    case 'PRIVATE KEY':

      ndata = asn1.PrivateKey.decode(data, 'der')

      subtype = ndata.algorithm.algorithm.join('.')

      switch (subtype) {

        case '1.2.840.113549.1.1.1':

          return asn1.RSAPrivateKey.decode(ndata.subjectPrivateKey, 'der')

        case '1.2.840.10045.2.1':

          return {

            curve: ndata.algorithm.curve,

            privateKey: asn1.ECPrivateKey.decode(ndata.subjectPrivateKey, 'der').privateKey

          }

        case '1.2.840.10040.4.1':

          ndata.algorithm.params.priv_key = asn1.DSAparam.decode(ndata.subjectPrivateKey, 'der')

          return {

            type: 'dsa',

            params: ndata.algorithm.params

          }

        default: throw new Error('unknown key id ' + subtype)

      }

      throw new Error('unknown key type ' + type)

    case 'RSA PUBLIC KEY':

      return asn1.RSAPublicKey.decode(data, 'der')

    case 'RSA PRIVATE KEY':

      return asn1.RSAPrivateKey.decode(data, 'der')

    case 'DSA PRIVATE KEY':

      return {

        type: 'dsa',

        params: asn1.DSAPrivateKey.decode(data, 'der')

      }

    case 'EC PRIVATE KEY':

      data = asn1.ECPrivateKey.decode(data, 'der')

      return {

        curve: data.parameters.value,

        privateKey: data.privateKey

      }

    default: throw new Error('unknown key type ' + type)

  }

}

parseKeys.signature = asn1.signature

function decrypt (data, password) {

  var salt = data.algorithm.decrypt.kde.kdeparams.salt

  var iters = parseInt(data.algorithm.decrypt.kde.kdeparams.iters.toString(), 10)

  var algo = aesid[data.algorithm.decrypt.cipher.algo.join('.')]

  var iv = data.algorithm.decrypt.cipher.iv

  var cipherText = data.subjectPrivateKey

  var keylen = parseInt(algo.split('-')[1], 10) / 8

  var key = compat.pbkdf2Sync(password, salt, iters, keylen, 'sha1')

  var cipher = ciphers.createDecipheriv(algo, key, iv)

  var out = []

  out.push(cipher.update(cipherText))

  out.push(cipher.final())

  return Buffer.concat(out)

}