// Copyright 2015 Joyent, Inc.
module.exports = {
read: read, write: write
};
var assert = require('assert-plus'); var Buffer = require('safer-buffer').Buffer; var rfc4253 = require('./rfc4253'); var utils = require('../utils'); var Key = require('../key'); var PrivateKey = require('../private-key');
var sshpriv = require('./ssh-private');
/JSSTYLED/ var SSHKEY_RE = /^([a-z0-9-]+)[ t]+([a-zA-Z0-9+/]+[=]*)([ t]+([^ t][^n]*[n]*)?)?$/; /JSSTYLED/ var SSHKEY_RE2 = /^([a-z0-9-]+)[ tn]+([a-zA-Z0-9+/][a-zA-Z0-9+/ tn=]*)([^a-zA-Z0-9+/ tn=].*)?$/;
function read(buf, options) {
if (typeof (buf) !== 'string') { assert.buffer(buf, 'buf'); buf = buf.toString('ascii'); } var trimmed = buf.trim().replace(/[\\\r]/g, ''); var m = trimmed.match(SSHKEY_RE); if (!m) m = trimmed.match(SSHKEY_RE2); assert.ok(m, 'key must match regex'); var type = rfc4253.algToKeyType(m[1]); var kbuf = Buffer.from(m[2], 'base64'); /* * This is a bit tricky. If we managed to parse the key and locate the * key comment with the regex, then do a non-partial read and assert * that we have consumed all bytes. If we couldn't locate the key * comment, though, there may be whitespace shenanigans going on that * have conjoined the comment to the rest of the key. We do a partial * read in this case to try to make the best out of a sorry situation. */ var key; var ret = {}; if (m[4]) { try { key = rfc4253.read(kbuf); } catch (e) { m = trimmed.match(SSHKEY_RE2); assert.ok(m, 'key must match regex'); kbuf = Buffer.from(m[2], 'base64'); key = rfc4253.readInternal(ret, 'public', kbuf); } } else { key = rfc4253.readInternal(ret, 'public', kbuf); } assert.strictEqual(type, key.type); if (m[4] && m[4].length > 0) { key.comment = m[4]; } else if (ret.consumed) { /* * Now the magic: trying to recover the key comment when it's * gotten conjoined to the key or otherwise shenanigan'd. * * Work out how much base64 we used, then drop all non-base64 * chars from the beginning up to this point in the the string. * Then offset in this and try to make up for missing = chars. */ var data = m[2] + (m[3] ? m[3] : ''); var realOffset = Math.ceil(ret.consumed / 3) * 4; data = data.slice(0, realOffset - 2). /*JSSTYLED*/ replace(/[^a-zA-Z0-9+\/=]/g, '') + data.slice(realOffset - 2); var padding = ret.consumed % 3; if (padding > 0 && data.slice(realOffset - 1, realOffset) !== '=') realOffset--; while (data.slice(realOffset, realOffset + 1) === '=') realOffset++; /* Finally, grab what we think is the comment & clean it up. */ var trailer = data.slice(realOffset); trailer = trailer.replace(/[\r\n]/g, ' '). replace(/^\s+/, ''); if (trailer.match(/^[a-zA-Z0-9]/)) key.comment = trailer; } return (key);
}
function write(key, options) {
assert.object(key); if (!Key.isKey(key)) throw (new Error('Must be a public key')); var parts = []; var alg = rfc4253.keyTypeToAlg(key); parts.push(alg); var buf = rfc4253.write(key); parts.push(buf.toString('base64')); if (key.comment) parts.push(key.comment); return (Buffer.from(parts.join(' ')));
}