Commit | Line | Data |
---|---|---|
c0d53c71 JA |
1 | /**\r |
2 | * PEM\r | |
3 | * \r | |
4 | * A class to parse some PEM stuff.\r | |
5 | * Copyright (c) 2007 Henri Torgemane\r | |
6 | * \r | |
7 | * See LICENSE.txt for full license information.\r | |
8 | */\r | |
9 | package com.hurlant.util.der\r | |
10 | {\r | |
11 | import com.hurlant.crypto.rsa.RSAKey;\r | |
12 | import com.hurlant.math.BigInteger;\r | |
13 | import com.hurlant.util.Base64;\r | |
14 | \r | |
15 | import flash.utils.ByteArray;\r | |
16 | import com.hurlant.util.Hex;\r | |
17 | \r | |
18 | public class PEM\r | |
19 | {\r | |
20 | private static const RSA_PRIVATE_KEY_HEADER:String = "-----BEGIN RSA PRIVATE KEY-----";\r | |
21 | private static const RSA_PRIVATE_KEY_FOOTER:String = "-----END RSA PRIVATE KEY-----";\r | |
22 | private static const RSA_PUBLIC_KEY_HEADER:String = "-----BEGIN PUBLIC KEY-----";\r | |
23 | private static const RSA_PUBLIC_KEY_FOOTER:String = "-----END PUBLIC KEY-----";\r | |
24 | private static const CERTIFICATE_HEADER:String = "-----BEGIN CERTIFICATE-----";\r | |
25 | private static const CERTIFICATE_FOOTER:String = "-----END CERTIFICATE-----";\r | |
26 | \r | |
27 | \r | |
28 | \r | |
29 | /**\r | |
30 | * \r | |
31 | * Read a structure encoded according to\r | |
32 | * ftp://ftp.rsasecurity.com/pub/pkcs/ascii/pkcs-1v2.asc\r | |
33 | * section 11.1.2\r | |
34 | * \r | |
35 | * @param str\r | |
36 | * @return \r | |
37 | * \r | |
38 | */\r | |
39 | public static function readRSAPrivateKey(str:String):RSAKey {\r | |
40 | var der:ByteArray = extractBinary(RSA_PRIVATE_KEY_HEADER, RSA_PRIVATE_KEY_FOOTER, str);\r | |
41 | if (der==null) return null;\r | |
42 | var obj:* = DER.parse(der);\r | |
43 | if (obj is Array) {\r | |
44 | var arr:Array = obj as Array;\r | |
45 | // arr[0] is Version. should be 0. should be checked. shoulda woulda coulda.\r | |
46 | return new RSAKey(\r | |
47 | arr[1], // N\r | |
48 | arr[2].valueOf(), // E\r | |
49 | arr[3], // D\r | |
50 | arr[4], // P\r | |
51 | arr[5], // Q\r | |
52 | arr[6], // DMP1\r | |
53 | arr[7], // DMQ1 \r | |
54 | arr[8]); // IQMP\r | |
55 | } else {\r | |
56 | // dunno\r | |
57 | return null;\r | |
58 | }\r | |
59 | }\r | |
60 | \r | |
61 | \r | |
62 | /**\r | |
63 | * Read a structure encoded according to some spec somewhere\r | |
64 | * Also, follows some chunk from\r | |
65 | * ftp://ftp.rsasecurity.com/pub/pkcs/ascii/pkcs-1v2.asc\r | |
66 | * section 11.1\r | |
67 | * \r | |
68 | * @param str\r | |
69 | * @return \r | |
70 | * \r | |
71 | */\r | |
72 | public static function readRSAPublicKey(str:String):RSAKey {\r | |
73 | var der:ByteArray = extractBinary(RSA_PUBLIC_KEY_HEADER, RSA_PUBLIC_KEY_FOOTER, str);\r | |
74 | if (der==null) return null;\r | |
75 | var obj:* = DER.parse(der);\r | |
76 | if (obj is Array) {\r | |
77 | var arr:Array = obj as Array;\r | |
78 | // arr[0] = [ <some crap that means "rsaEncryption">, null ]; ( apparently, that's an X-509 Algorithm Identifier.\r | |
79 | if (arr[0][0].toString()!=OID.RSA_ENCRYPTION) {\r | |
80 | return null;\r | |
81 | }\r | |
82 | // arr[1] is a ByteArray begging to be parsed as DER\r | |
83 | arr[1].position = 1; // there's a 0x00 byte up front. find out why later. like, read a spec.\r | |
84 | obj = DER.parse(arr[1]);\r | |
85 | if (obj is Array) {\r | |
86 | arr = obj as Array;\r | |
87 | // arr[0] = modulus\r | |
88 | // arr[1] = public expt.\r | |
89 | return new RSAKey(arr[0], arr[1]);\r | |
90 | } else {\r | |
91 | return null;\r | |
92 | }\r | |
93 | } else {\r | |
94 | // dunno\r | |
95 | return null;\r | |
96 | }\r | |
97 | }\r | |
98 | \r | |
99 | public static function readCertIntoArray(str:String):ByteArray {\r | |
100 | var tmp:ByteArray = extractBinary(CERTIFICATE_HEADER, CERTIFICATE_FOOTER, str);\r | |
101 | return tmp;\r | |
102 | }\r | |
103 | \r | |
104 | private static function extractBinary(header:String, footer:String, str:String):ByteArray {\r | |
105 | var i:int = str.indexOf(header);\r | |
106 | if (i==-1) return null;\r | |
107 | i += header.length;\r | |
108 | var j:int = str.indexOf(footer);\r | |
109 | if (j==-1) return null;\r | |
110 | var b64:String = str.substring(i, j);\r | |
111 | // remove whitesapces.\r | |
112 | b64 = b64.replace(/\s/mg, '');\r | |
113 | // decode\r | |
114 | return Base64.decodeToByteArray(b64);\r | |
115 | }\r | |
116 | \r | |
117 | }\r | |
118 | } |