Skip to content

Commit

Permalink
#62 handle pkcs8 ECDSA keys with missing public parts
Browse files Browse the repository at this point in the history
Reviewed by: Cody Peter Mello <cody.mello@joyent.com>
  • Loading branch information
arekinath committed Jan 22, 2019
1 parent 574ff21 commit 684dbe6
Show file tree
Hide file tree
Showing 4 changed files with 31 additions and 4 deletions.
18 changes: 15 additions & 3 deletions lib/formats/pkcs8.js
Original file line number Diff line number Diff line change
Expand Up @@ -301,10 +301,22 @@ function readPkcs8ECDSAPrivate(der) {
assert.equal(version[0], 1, 'unknown version of ECDSA key');

var d = der.readString(asn1.Ber.OctetString, true);
der.readSequence(0xa1);
var Q;

var Q = der.readString(asn1.Ber.BitString, true);
Q = utils.ecNormalize(Q);
if (der.peek() == 0xa0) {
der.readSequence(0xa0);
der._offset += der.length;
}
if (der.peek() == 0xa1) {
der.readSequence(0xa1);
Q = der.readString(asn1.Ber.BitString, true);
Q = utils.ecNormalize(Q);
}

if (Q === undefined) {
var pub = utils.publicFromPrivateECDSA(curveName, d);
Q = pub.part.Q.data;
}

var key = {
type: 'ecdsa',
Expand Down
2 changes: 1 addition & 1 deletion package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "sshpk",
"version": "1.16.0",
"version": "1.16.1",
"description": "A library for finding and using SSH public keys",
"main": "lib/index.js",
"scripts": {
Expand Down
4 changes: 4 additions & 0 deletions test/assets/pkcs8-nopub.pem
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
-----BEGIN PRIVATE KEY-----
MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCD1/r3zho5W2MpyZEk+
2d7gxUcQYUJzvWSOiwkUxCj8Bw==
-----END PRIVATE KEY-----
11 changes: 11 additions & 0 deletions test/private-key.js
Original file line number Diff line number Diff line change
Expand Up @@ -373,6 +373,17 @@ test('PrivateKey.generate ecdsa p-384', function (t) {
t.end();
});

test('pkcs8 PrivateKey without public part', function (t) {
var pem = fs.readFileSync(path.join(testDir, 'pkcs8-nopub.pem'));
var key = sshpk.parsePrivateKey(pem, 'pem');
t.strictEqual(key.type, 'ecdsa');
t.strictEqual(key.curve, 'nistp256');
var fp = sshpk.parseFingerprint(
'SHA256:wU/JTqlHV21vv0tcaNOFUZD2FXciO2KwImEOW1+AH50');
t.ok(fp.matches(key));
t.end();
});

if (process.version.match(/^v0\.[0-9]\./))
return;

Expand Down

0 comments on commit 684dbe6

Please sign in to comment.