1// Copyright 2015 Joyent, Inc. 2 3module.exports = { 4 read: read, 5 write: write 6}; 7 8var assert = require('assert-plus'); 9var Buffer = require('safer-buffer').Buffer; 10var rfc4253 = require('./rfc4253'); 11var utils = require('../utils'); 12var Key = require('../key'); 13var PrivateKey = require('../private-key'); 14 15var sshpriv = require('./ssh-private'); 16 17/*JSSTYLED*/ 18var SSHKEY_RE = /^([a-z0-9-]+)[ \t]+([a-zA-Z0-9+\/]+[=]*)([ \t]+([^ \t][^\n]*[\n]*)?)?$/; 19/*JSSTYLED*/ 20var SSHKEY_RE2 = /^([a-z0-9-]+)[ \t\n]+([a-zA-Z0-9+\/][a-zA-Z0-9+\/ \t\n=]*)([^a-zA-Z0-9+\/ \t\n=].*)?$/; 21 22function read(buf, options) { 23 if (typeof (buf) !== 'string') { 24 assert.buffer(buf, 'buf'); 25 buf = buf.toString('ascii'); 26 } 27 28 var trimmed = buf.trim().replace(/[\\\r]/g, ''); 29 var m = trimmed.match(SSHKEY_RE); 30 if (!m) 31 m = trimmed.match(SSHKEY_RE2); 32 assert.ok(m, 'key must match regex'); 33 34 var type = rfc4253.algToKeyType(m[1]); 35 var kbuf = Buffer.from(m[2], 'base64'); 36 37 /* 38 * This is a bit tricky. If we managed to parse the key and locate the 39 * key comment with the regex, then do a non-partial read and assert 40 * that we have consumed all bytes. If we couldn't locate the key 41 * comment, though, there may be whitespace shenanigans going on that 42 * have conjoined the comment to the rest of the key. We do a partial 43 * read in this case to try to make the best out of a sorry situation. 44 */ 45 var key; 46 var ret = {}; 47 if (m[4]) { 48 try { 49 key = rfc4253.read(kbuf); 50 51 } catch (e) { 52 m = trimmed.match(SSHKEY_RE2); 53 assert.ok(m, 'key must match regex'); 54 kbuf = Buffer.from(m[2], 'base64'); 55 key = rfc4253.readInternal(ret, 'public', kbuf); 56 } 57 } else { 58 key = rfc4253.readInternal(ret, 'public', kbuf); 59 } 60 61 assert.strictEqual(type, key.type); 62 63 if (m[4] && m[4].length > 0) { 64 key.comment = m[4]; 65 66 } else if (ret.consumed) { 67 /* 68 * Now the magic: trying to recover the key comment when it's 69 * gotten conjoined to the key or otherwise shenanigan'd. 70 * 71 * Work out how much base64 we used, then drop all non-base64 72 * chars from the beginning up to this point in the the string. 73 * Then offset in this and try to make up for missing = chars. 74 */ 75 var data = m[2] + (m[3] ? m[3] : ''); 76 var realOffset = Math.ceil(ret.consumed / 3) * 4; 77 data = data.slice(0, realOffset - 2). /*JSSTYLED*/ 78 replace(/[^a-zA-Z0-9+\/=]/g, '') + 79 data.slice(realOffset - 2); 80 81 var padding = ret.consumed % 3; 82 if (padding > 0 && 83 data.slice(realOffset - 1, realOffset) !== '=') 84 realOffset--; 85 while (data.slice(realOffset, realOffset + 1) === '=') 86 realOffset++; 87 88 /* Finally, grab what we think is the comment & clean it up. */ 89 var trailer = data.slice(realOffset); 90 trailer = trailer.replace(/[\r\n]/g, ' '). 91 replace(/^\s+/, ''); 92 if (trailer.match(/^[a-zA-Z0-9]/)) 93 key.comment = trailer; 94 } 95 96 return (key); 97} 98 99function write(key, options) { 100 assert.object(key); 101 if (!Key.isKey(key)) 102 throw (new Error('Must be a public key')); 103 104 var parts = []; 105 var alg = rfc4253.keyTypeToAlg(key); 106 parts.push(alg); 107 108 var buf = rfc4253.write(key); 109 parts.push(buf.toString('base64')); 110 111 if (key.comment) 112 parts.push(key.comment); 113 114 return (Buffer.from(parts.join(' '))); 115} 116