-
Notifications
You must be signed in to change notification settings - Fork 0
/
crypto.coffee
73 lines (62 loc) · 2.83 KB
/
crypto.coffee
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
###
* c) 2010-2015 Sebastian Glaser <anx@ulzq.de>
This file is part of gear.
gear is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
gear is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with gear. If not, see <http://www.gnu.org/licenses/>.
# SSL/TLS and Certificate - Management
###
return unless $require -> @npm 'node-forge'
{ tls, asn1, pkcs12, pki, md } = forge = require 'node-forge'
{ md5, sha1, sha256, sha512 } = md
{ rsa } = pki
pki.pemCertificateToPemURL = (cert,proto='irac') -> proto + '.' + cert.replace(/[\r\n]/g,'').replace(/-----[A-Z ]+-----/g,'')
pki.pemCertificateFromPemURL = (url) -> '-----BEGIN CERTIFICATE-----\r\n' + url.replace(/^[^.]+\./,'') + '\r\n-----END CERTIFICATE-----'
pki.certificateToPemURL = (cert,proto='irac') -> pki.pemCertificateToPemURL pki.certificateToPem(cert), proto
pki.certificateFromPemURL = (url) -> pki.certificateFromPem pki.pemCertificateFromPemURL url
$static
$forge: forge
$pki: pki
$rsa: rsa
$md5: (str)-> md5.create( ).update(str).digest().toHex()
$sha1: (str)-> sha1.create( ).update(str).digest().toHex()
$sha256: (str)-> sha256.create().update(str).digest().toHex()
$sha512: (str)-> sha512.create().update(str).digest().toHex()
$sha1r: (str)-> sha1.create( ).update(str).digest()
$B32: (plain)->
charTable = 'abcdefghijklmnopqrstuvwxyz234567'
shiftIndex = digit = i = 0
plain = new Uint8Array(plain)
encoded = ''
while i < plain.length
current = plain[i]
if shiftIndex > 3
digit = current & 0xff >> shiftIndex
shiftIndex = (shiftIndex + 5) % 8
digit = digit << shiftIndex | (if i + 1 < plain.length then plain[i + 1] else 0) >> 8 - shiftIndex
i++
else
digit = current >> 8 - ( shiftIndex + 5 ) & 0x1f
shiftIndex = ( shiftIndex + 5 ) % 8
i++ if shiftIndex is 0
encoded += charTable[digit]
encoded
$onion: (key=false)->
if key is false
key = rsa.generateKeyPair bits: 1024, e: 0x10001
key.pem = pki.privateKeyToPem key.privateKey
else if typeof key is 'string'
key = publicKey: pki.publicKeyFromPem key
key.onion = $B32( new Buffer pki.getPublicKeyFingerprint(key.publicKey).data, 'binary' ).substr(0,16)
key.pem_public = pki.publicKeyToPem key.publicKey
key
$irac: (key)->
key = key || $auth.cakey.publicKey
$B32 new Buffer pki.getPublicKeyFingerprint(key,md:sha256.create()).data, 'binary'