forked from nodejs/node
-
Notifications
You must be signed in to change notification settings - Fork 0
/
crypto_spkac.cc
128 lines (97 loc) · 3.66 KB
/
crypto_spkac.cc
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
#include "crypto/crypto_spkac.h"
#include "crypto/crypto_common.h"
#include "crypto/crypto_util.h"
#include "allocated_buffer-inl.h"
#include "env-inl.h"
#include "memory_tracker-inl.h"
#include "node.h"
#include "v8.h"
namespace node {
using v8::FunctionCallbackInfo;
using v8::Local;
using v8::Object;
using v8::Value;
namespace crypto {
namespace SPKAC {
bool VerifySpkac(const ArrayBufferOrViewContents<char>& input) {
NetscapeSPKIPointer spki(
NETSCAPE_SPKI_b64_decode(input.data(), input.size()));
if (!spki)
return false;
EVPKeyPointer pkey(X509_PUBKEY_get(spki->spkac->pubkey));
if (!pkey)
return false;
return NETSCAPE_SPKI_verify(spki.get(), pkey.get()) > 0;
}
void VerifySpkac(const FunctionCallbackInfo<Value>& args) {
Environment* env = Environment::GetCurrent(args);
ArrayBufferOrViewContents<char> input(args[0]);
if (input.size() == 0)
return args.GetReturnValue().SetEmptyString();
if (UNLIKELY(!input.CheckSizeInt32()))
return THROW_ERR_OUT_OF_RANGE(env, "spkac is too large");
args.GetReturnValue().Set(VerifySpkac(input));
}
AllocatedBuffer ExportPublicKey(Environment* env,
const ArrayBufferOrViewContents<char>& input,
size_t* size) {
BIOPointer bio(BIO_new(BIO_s_mem()));
if (!bio) return AllocatedBuffer();
NetscapeSPKIPointer spki(
NETSCAPE_SPKI_b64_decode(input.data(), input.size()));
if (!spki) return AllocatedBuffer();
EVPKeyPointer pkey(NETSCAPE_SPKI_get_pubkey(spki.get()));
if (!pkey) return AllocatedBuffer();
if (PEM_write_bio_PUBKEY(bio.get(), pkey.get()) <= 0)
return AllocatedBuffer();
BUF_MEM* ptr;
BIO_get_mem_ptr(bio.get(), &ptr);
*size = ptr->length;
AllocatedBuffer buf = AllocatedBuffer::AllocateManaged(env, *size);
memcpy(buf.data(), ptr->data, *size);
return buf;
}
void ExportPublicKey(const FunctionCallbackInfo<Value>& args) {
Environment* env = Environment::GetCurrent(args);
ArrayBufferOrViewContents<char> input(args[0]);
if (input.size() == 0)
return args.GetReturnValue().SetEmptyString();
if (UNLIKELY(!input.CheckSizeInt32()))
return THROW_ERR_OUT_OF_RANGE(env, "spkac is too large");
size_t pkey_size;
AllocatedBuffer pkey = ExportPublicKey(env, input, &pkey_size);
if (pkey.data() == nullptr)
return args.GetReturnValue().SetEmptyString();
args.GetReturnValue().Set(pkey.ToBuffer().ToLocalChecked());
}
OpenSSLBuffer ExportChallenge(const ArrayBufferOrViewContents<char>& input) {
NetscapeSPKIPointer sp(
NETSCAPE_SPKI_b64_decode(input.data(), input.size()));
if (!sp)
return nullptr;
unsigned char* buf = nullptr;
ASN1_STRING_to_UTF8(&buf, sp->spkac->challenge);
return OpenSSLBuffer(reinterpret_cast<char*>(buf));
}
void ExportChallenge(const FunctionCallbackInfo<Value>& args) {
Environment* env = Environment::GetCurrent(args);
ArrayBufferOrViewContents<char> input(args[0]);
if (input.size() == 0)
return args.GetReturnValue().SetEmptyString();
if (UNLIKELY(!input.CheckSizeInt32()))
return THROW_ERR_OUT_OF_RANGE(env, "spkac is too large");
OpenSSLBuffer cert = ExportChallenge(input);
if (!cert)
return args.GetReturnValue().SetEmptyString();
Local<Value> outString =
Encode(env->isolate(), cert.get(), strlen(cert.get()), BUFFER);
args.GetReturnValue().Set(outString);
}
void Initialize(Environment* env, Local<Object> target) {
env->SetMethodNoSideEffect(target, "certVerifySpkac", VerifySpkac);
env->SetMethodNoSideEffect(target, "certExportPublicKey", ExportPublicKey);
env->SetMethodNoSideEffect(target, "certExportChallenge", ExportChallenge);
}
} // namespace SPKAC
} // namespace crypto
} // namespace node