dergeorg/SmartShopper
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

https

Browse Source 
express server läuft jetzt mit https
This commit is contained in:
Lukas Nowy
2018-12-16 19:08:08 +01:00
parent 5589b0df3f
commit fd947bd852
475 changed files with 91128 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
express-server/node_modules/ursa-optional/.travis.yml generated vendored Normal file
View File

@ -0,0 +1,19 @@
language: node_js
sudo: false
env:
- CXX=g++-4.8
node_js:
- "0.12"
- "4"
- "5"
- "6"
- "7"
- "8"
- "9"
- "10"
addons:
apt:
sources:
- ubuntu-toolchain-r-test
packages:
- g++-4.8

194
express-server/node_modules/ursa-optional/LICENSE.txt generated vendored Normal file
View File

@ -0,0 +1,194 @@
Copyright 2012 The Obvious Corporation.
http://obvious.com/
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-------------------------------------------------------------------------
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS

596
express-server/node_modules/ursa-optional/README.md generated vendored Normal file
View File

@ -0,0 +1,596 @@
URSA - RSA public/private key OpenSSL bindings for Node.js
====
[![Build Status](https://travis-ci.org/JoshKaufman/ursa.svg?branch=master)](https://travis-ci.org/JoshKaufman/ursa)
> NOTE: This package was transfered from [Medium](https://github.com/Medium) and [NodePrime](https://github.com/NodePrime) to [quartzjer](https://github.com/quartzjer) to [JoshKaufman](https://github.com/joshkaufman) on 8-2017. Pull requests are welcomed to help maintain it.
--
This Node module provides a fairly complete set of wrappers for the
RSA public/private key crypto functionality of OpenSSL.
It is being actively developed for node.js 0.8.* through 0.12.* and io.js. If you find it doesn't work for you, please file a bug (see below).
It has been tested on Windows by [SLaks](https://github.com/SLaks). (see [additional installation requirements](#windows-install))
Table of Contents
-----------------
- [Simple Encrypt / Decrypt Example](#simple-encrypt--decrypt-example)
- [Building and Installing](#building-and-installing)
- [Usage](#usage)
- [Top-level Exports](#top-level-exports)
- [Public Key Methods](#public-key-methods)
- [Private Key Methods](#private-key-methods)
- [Signer Methods](#signer-methods)
- [Verifier Methods](#verifier-methods)
- [Constants](#constants)
- [Contributing](#contributing)
- [Authors](#authors)
- [License](#license)
- [Related Repos](#other-repos-that-may-be-of-interest)
Simple Encrypt / Decrypt Example
--------------------------------
```javascript
// openssl genrsa -out certs/server/my-server.key.pem 2048
// openssl rsa -in certs/server/my-server.key.pem -pubout -out certs/client/my-server.pub
'use strict';
var fs = require('fs')
, ursa = require('ursa')
, crt
, key
, msg
;
key = ursa.createPrivateKey(fs.readFileSync('./certs/server/my-server.key.pem'));
crt = ursa.createPublicKey(fs.readFileSync('./certs/client/my-server.pub'));
console.log('Encrypt with Public');
msg = crt.encrypt("Everything is going to be 200 OK", 'utf8', 'base64');
console.log('encrypted', msg, '\n');
console.log('Decrypt with Private');
msg = key.decrypt(msg, 'base64', 'utf8');
console.log('decrypted', msg, '\n');
console.log('############################################');
console.log('Reverse Public -> Private, Private -> Public');
console.log('############################################\n');
console.log('Encrypt with Private (called public)');
msg = key.privateEncrypt("Everything is going to be 200 OK", 'utf8', 'base64');
console.log('encrypted', msg, '\n');
console.log('Decrypt with Public (called private)');
msg = crt.publicDecrypt(msg, 'base64', 'utf8');
console.log('decrypted', msg, '\n');
```
Building and Installing
-----------------------
```shell
npm install ursa
```
Or grab the source and
```shell
npm install
```
Testing
-------
```shell
npm test
```
Or
```shell
node ./test/test.js
```
<a id="windows-install"></a>
On Windows, you'll need to install some dependencies first:
- [OpenSSL](http://slproweb.com/products/Win32OpenSSL.html) (normal, not light)
in the same bitness as your Node.js installation.
- OpenSSL must be installed in the a specific install directory (`C:\OpenSSL-Win32` or `C:\OpenSSL-Win64`)
- If you get `Error: The specified module could not be found.`, copy `libeay32.dll` from the OpenSSL bin directory to this module's bin directory, or to Windows\System32. If you don't have `libeay32.dll`, you may have to install OpenSSL v1.0.2, not v1.1.x.
- [node-gyp](https://github.com/nodejs/node-gyp) (`npm install -g node-gyp`)
- You will need [python 2.7](http://www.python.org/download/releases/2.7.3#download) and a compatible version
Visual Studio installed first. Even with that, `node-gyp` installation or use can have
issues on Windows. The `node-gyp` [README file](https://github.com/nodejs/node-gyp) has detailed instructions
if you have difficulties. [This post](https://www.robertkehoe.com/2015/03/fix-node-gyp-rebuild-error-on-windows/)
is also a good reference.
Usage
-----
This library aims to be convenient to use, allowing one to pass in and
get back regular string objects. However, it is also meant to be reasonably
easy to use efficiently, allowing one to pass in and get back Buffer
objects. Using Buffers is always the more efficient option.
All methods that can deal with strings take one or more arguments indicating
the encoding to use when interpreting an argument or generating a result.
These are limited to the usual encoding names that are valid for use with
Buffers: `base64` `binary` `hex` and `utf8`. If an encoding is left undefined
and the argument is a string, then the encoding is *always* assumed to be
`utf8`. If an argument is a Buffer, then the encoding (if defined at all)
is ignored. An undefined output encoding is *always* interpreted as a request
for a Buffer result.
The library knows how to read and output PEM format files for both
public and private keys, and it can generate new private keys (aka
keypairs).
The usual public-encryption / private-decryption operations by default
use padding mode `RSA_PKCS1_OAEP_PADDING`, which is the recommended
mode for all new applications (as of this writing). Note that this mode
builds-in a random element into every encryption operation, making it
unnecessary to waste time or effort adding randomness in at a higher layer.
This default may be overridden to use the older mode `RSA_PKCS1_PADDING`
if needed.
The less well-understood private-encryption / public-decryption operations
(used for building signature mechanisms) by default use padding
mode `RSA_PKCS1_PADDING`. This doesn't build in any randomness (but that's
not usually a problem for applications that use these operations). This
default may be overridden to use `RSA_NO_PADDING` if needed.
See the doc comments and tests for the excruciating details, but here's
a quick rundown of the available top-level exports and instance methods:
Top-Level Exports
-----------------
### ursa.createPrivateKey(pem, password, encoding)
Create and return a private key (aka a keypair) read in from the given
PEM-format file. If defined, the given password is used to decrypt
the PEM file.
The encoding, if specified, applies to both other arguments.
See "Public Key Methods" below for more details.
### ursa.createPrivateKeyFromComponents(modulus, exponent, p, q, dp, dq, inverseQ, d)
Create and return a private key from the given components.
### ursa.createPublicKeyFromComponents(modulus, exponent)
Create and return a public key from the given components.
### ursa.assertKey(obj)
Convenient shorthand for `assert(ursa.isKey(obj))`.
### ursa.assertPrivateKey(obj)
Convenient shorthand for `assert(ursa.isPrivateKey(obj))`.
### ursa.assertPublicKey(obj)
Convenient shorthand for `assert(ursa.isPublicKey(obj))`.
### ursa.coerceKey(orig)
Coerce the given key value into a key object (either public or
private), returning it. If given a private key object, this just
returns it as-is. If given a string or Buffer, it tries to parse it as
PEM. Anything else will result in an error.
### ursa.coercePrivateKey(orig)
Coerce the given key value into a private key object, returning it. If
given a private key object, this just returns it as-is. If given a
string or Buffer, it tries to parse it as PEM. Anything else will
result in an error.
### ursa.coercePublicKey(orig)
Coerce the given key value into a public key object, returning it. If
given a private key object, this just returns it as-is. If given a
string or Buffer, it tries to parse it as PEM. Anything else will
result in an error.
### ursa.createPublicKey(pem, encoding)
Create and return a public key read in from the given PEM-format file.
See "Public Key Methods" below for more details.
### ursa.createSigner(algorithm)
Create and return a signer which can sign a hash generated with the named
algorithm (such as `"sha256"` or `"md5"`). See "Signer Methods" below
for more details.
This function is similar to `crypto.createSign()`, except this function
takes a hash algorithm name (e.g., `"sha256"`) and not a crypto+hash name
combination (e.g., `"RSA-SHA256"`).
### ursa.createVerifier(algorithm)
Create and return a verifier which can verify a hash generated with the
named algorithm (such as `"sha256"` or `"md5"`). See "Verifier Methods" below
for more details.
This function is similar to `crypto.createVerify()`, except this function
takes a hash algorithm name (e.g., `"sha256"`) and not a crypto+hash name
combination (e.g., `"RSA-SHA256"`).
### ursa.equalKeys(key1, key2)
This returns `true` if and only if both arguments are key objects of
the same type (public or private) and their contents match.
### ursa.generatePrivateKey(modulusBits, exponent)
Create and return a freshly-generated private key (aka a keypair).
The first argument indicates the number of bits in the modulus (1024
or more is generally considered secure). The second argument indicates
the exponent value, which must be odd (65537 is the typical value; 3
and 17 are also common). Both arguments are optional and default to
2048 and 65537 (respectively).
This method will throw if `modulusBits` is less than `512` (because
it's pretty crazy to want a key with that few bits) or if `exponent`
is even (because RSA only works for odd exponents).
Using the command-line `openssl` tool, this operation is
equivalent to:
```shell
openssl genrsa -out key-name.pem <modulusBits>
```
for exponent 65537, or for exponent 3 with the additional option
`-3`. (That tool doesn't support other exponents.)
### ursa.isKey(obj)
Return `true` if the given object is a key object (public or private) that
was created by this module. Return `false` if not.
### ursa.isPrivateKey(obj)
Return `true` if the given object is a private key object that
was created by this module. Return `false` if not.
### ursa.isPublicKey(obj)
Return `true` if the given object is a public key object that
was created by this module. Return `false` if not.
Note that, even though all the public key operations work on private
keys, this function only returns true if the given object is a
public key, per se.
### ursa.matchingPublicKeys(key1, key2)
This returns `true` if and only if both arguments are key objects of
some sort (either can be public or private, and they don't have to
be the same) and their public aspects match each other.
### ursa.openSshPublicKey(key, encoding)
This returns `publicKey` from ssh-rsa public key-string. First argument
must be a string like `ssh-rsa AAAAB3Nz.... user@localhost` or Buffer of pubKey bits.
### ursa.sshFingerprint(sshKey, sshEncoding, outEncoding)
Return the SSH-style public key fingerprint of the given SSH-format
public key (which was, perhaps, the result of a call to
`toPublicSsh()` on a key object).
This is no more and no less than an MD5 hash of the given SSH-format
public key. This function doesn't actually check to see if the given
key is valid (garbage in, garbage out).
Using the command-line `ssh-keygen` tool, this operation is
equivalent to:
```shell
ssh-keygen -l -f key-name.sshpub
```
This operation is also equivalent to this:
```shell
cat key-name.sshpub | awk '{print $2}' | base64 --decode | md5
```
Public Key Methods
------------------
These are all the methods available on public keys. These methods are
*also* available on private keys (since private keys have all the
underlying data necessary to perform the public-side operations).
### encrypt(buf, bufEncoding, outEncoding, padding)
This performs the "public encrypt" operation on the given buffer. The
result is always a byte sequence that is the same size as the key
associated with the instance. (For example, if the key is 2048 bits,
then the result of this operation will be 2048 bits, aka 256 bytes.)
The input buffer is limited to be no larger than the key size
minus 41 bytes.
If no padding mode is specified, the default, and recommended, mode
is `ursa.RSA_PKCS1_OAEP_PADDING`. The mode
`ursa.RSA_PKCS1_PADDING` is also supported.
### getExponent(encoding)
Get the public exponent as an unsigned big-endian byte sequence.
### getModulus(encoding)
Get the public modulus as an unsigned big-endian byte sequence.
### hashAndVerify(algorithm, buf, sig, encoding, use\_pss\_padding, salt\_len)
This is a friendly wrapper for verifying signatures. The given buffer
is hashed using the named algorithm, and the result is verified
against the given signature. This returns `true` if the hash and
signature match and the signature was produced by the appropriate
private key. This returns `false` if the signature is a valid signature
(structurally) but doesn't match. This throws an exception in other
cases.
The encoding, if specified, applies to both buffer-like arguments. The
algorithm must always be a string.
If `use_pss_padding` is truthy then [RSASSA-PSS](http://tools.ietf.org/html/rfc3447#section-8.1)
padding is used when verifying the signature. `salt_len`, if specified, is
the length of the PSS salt (in bytes) or one of the following:
- `RSA_PKCS1_SALT_LEN_HLEN` (the same as the hash length, default).
- `RSA_PKCS1_SALT_LEN_MAX` (maximum permissable value).
### publicDecrypt(buf, bufEncoding, outEncoding)
This performs the "public decrypt" operation on the given buffer. The
result is always a byte sequence that is no more than the size of the
key associated with the instance. (For example, if the key is 2048
bits, then the result of this operation will be no more than 2048
bits, aka 256 bytes.)
If no padding mode is specified, the default, and recommended, mode
is `ursa.RSA_PKCS1_PADDING`. The mode `ursa.RSA_NO_PADDING` is also supported.
### toPublicPem(encoding)
This converts the public key data into a PEM-format file.
### toPublicSsh(encoding)
This converts the public key data into an SSH-format file. This is the
file format one finds in SSH's `authorized_keys` and `known_hosts` files.
When used in such files, the contents are base64-encoded and prefixed with
the label `ssh-rsa`. Depending on context, the line a key appears on may
also have a host name prefix (in `known_hosts`) or comment suffix
(in `authorized_keys`).
Using the command-line `ssh-keygen` tool, this operation is equivalent to:
```shell
ssh-keygen -y -f key-name.pem > key-name.sshpub
```
### toPublicSshFingerprint(encoding)
Return the SSH-style public key fingerprint of this key. See
`ursa.sshFingerprint()`, above, for more details.
### verify(algorithm, hash, sig, encoding)
This performs an RSA public-verify on the given hash buffer, which
should be the result of performing the hash operation named by
the algorithm (such as `"sha256"` or `"md5"`) on some data. The
signature buffer is checked to see if it contains a private-signed
statement of the algorithm and hash. The method returns `true` if
the signature and hash match, or `false` if the signature and hash
don't match but the signature is at least a valid signature of
some sort. In any other situation, this throws an exception.
The encoding, if specified, applies to both buffer-like arguments. The
algorithm must always be a string.
This method is the underlying one used as part of the implementation
of the higher-level and much friendlier `ursa.createVerifier()` and
`hashAndVerify()`.
### ununseal(ununsealer)
This is an internal method that is used in the implementation of
`ursa.isKey()` `ursa.isPrivateKey()` `ursa.isPublicKey()` and
associated assertion functions. When called externally, it will
always return `undefined`.
Private Key Methods
-------------------
These are the methods available on private keys, above and beyond
what is available for public keys.
### decrypt(buf, bufEncoding, outEncoding, padding)
This performs the "private decrypt" operation on the given buffer. The
result is always a byte sequence that is no more than the size of the
key associated with the instance. (For example, if the key is 2048
bits, then the result of this operation will be no more than 2048
bits, aka 256 bytes.)
If no padding mode is specified, the default, and recommended, mode
is `ursa.RSA_PKCS1_OAEP_PADDING`. The mode
`ursa.RSA_PKCS1_PADDING` is also supported.
### getPrivateExponent(encoding)
Get the private exponent as an unsigned big-endian byte sequence. The returned
exponent is not encrypted in any way, so this method should be used with caution.
### hashAndSign(algorithm, buf, bufEncoding, outEncoding, use\_pss\_padding, salt\_len)
This is a friendly wrapper for producing signatures. The given buffer
is hashed using the named algorithm, and the result is signed using
the private key held by this instance. The return value of this method
is the signature.
If `use_pss_padding` is truthy then [RSASSA-PSS](http://tools.ietf.org/html/rfc3447#section-8.1)
padding is used when generating the signature. The `salt_len`, if specified, is
the length of the PSS salt (in bytes) or one of the following:
- `RSA_PKCS1_SALT_LEN_HLEN` (the same as the hash length, default).
- `RSA_PKCS1_SALT_LEN_RECOVER` (assume `RSA_PKCS1_SALT_LEN_MAX` was used when the padding was added).
### privateEncrypt(buf, bufEncoding, outEncoding)
This performs the "private encrypt" operation on the given buffer. The
result is always a byte sequence that is the same size as the key
associated with the instance. (For example, if the key is 2048 bits,
then the result of this operation will be 2048 bits, aka 256 bytes.)
The input buffer is limited to be no larger than the key size
minus 12 bytes.
If no padding mode is specified, the default, and recommended, mode
is `ursa.RSA_PKCS1_PADDING`. The mode `ursa.RSA_NO_PADDING` is also supported.
### sign(algorithm, hash, hashEncoding, outEncoding)
This performs an RSA private-sign on the given hash buffer, which
should be the result of performing the hash operation named by
the algorithm (such as `"sha256"` or `"md5"`) on some data. The
result of this operation may later be passed to `verify()` on the
corresponding public key.
This method is the underlying one used as part of the implementation
of the higher-level and much friendlier `ursa.createSigner()` and
`hashAndSign()`.
### toPrivatePem(encoding)
This converts the private key data into a PEM-format file. The result
is not encrypted, so it behooves the user of this method to take care
with the result if the key is sensitive from a security standpoint,
which is often the case with such things. (YMMV of course.)
Signer Methods
--------------
These are the methods available on signer objects, which are returned
by `ursa.createSigner()`. These are similar to the objects returned
from `crypto.createSign()`.
### update(buf, bufEncoding)
Update the hash in-progress with the given data.
### sign(privateKey, outEncoding)
Get the final hash of the data, and sign it using the private key. The
return value is the signature, suitable for later verification.
Verifier Methods
----------------
These are the methods available on verifier objects, which are returned
by `ursa.createVerifier()`. These are similar to the objects returned
from `crypto.createVerify()`.
### update(buf, bufEncoding)
Update the hash in-progress with the given data.
### verify(publicKey, sig, sigEncoding)
Get the final hash of the data, and verify that the given signature
both matches it and was produced by the private key corresponding to
the given public key.
This returns `true` if the signature and hash match appropriately,
or `false` if the signature appears to be generally valid (e.g.
structurally) yet doesn't match. This throws an exception in all
other cases.
Constants
---------
Allowed padding modes for public/private encryption/decryption:
* `ursa.RSA_PKCS1_PADDING`
* `ursa.RSA_NO_PADDING`
* `ursa.RSA_PKCS1_OAEP_PADDING`
Contributing
------------
Questions, comments, bug reports, and pull requests are all welcome.
Submit them at [the project on GitHub](https://github.com/quartzjer/ursa/).
Bug reports that include steps-to-reproduce (including code) are the
best. Even better, make them in the form of pull requests that update
the test suite. Thanks!
Authors
-------
Current (2015+) maintenance by [Jeremie Miller](https://github.com/quartzjer).
Previous (2014) maintenance sponsored by [NodePrime](http://nodeprime.com).
Original Author (2012): [Dan Bornstein](https://github.com/danfuzz)
([personal website](http://www.milk.com/)), supported by
[The Obvious Corporation](http://obvious.com/) (now [Medium](https://medium.com/)).
With contribution from:
* [C J Silverio](https://github.com/ceejbot)
* [Tyler Neylon](https://github.com/tylerneylon)
With thanks to:
* [node-rsa](https://github.com/chrisa/node-rsa) by Chris Andrews,
for inspiration
License
-------
Updates Copyright 2014 [NodePrime, Inc.](http://nodeprime.com/).
Original Copyright 2012 [The Obvious Corporation](http://obvious.com/).
Licensed under the Apache License, Version 2.0.
See the top-level file `[LICENSE.txt](LICENSE.txt)` and
(http://www.apache.org/licenses/LICENSE-2.0).
Other Repos that may be of Interest:
-----------------------
* https://github.com/mal/forsake
* https://github.com/rzcoder/node-rsa
* https://github.com/roblabla/ursa-purejs
* https://github.com/coolaj86/nodejs-self-signed-certificate-example
* https://github.com/coolaj86/node-ssl-root-cas/wiki/Painless-Self-Signed-Certificates-in-node.js
* https://github.com/coolaj86/node-ssl-root-cas
* https://github.com/coolaj86/nodejs-ssl-trusted-peer-example
* https://github.com/coolaj86/bitcrypt

27
express-server/node_modules/ursa-optional/binding.gyp generated vendored Normal file
View File

@ -0,0 +1,27 @@
{
"targets": [
{
'target_name': 'ursaNative',
'sources': [ 'src/ursaNative.cc' ],
'conditions': [
[ 'OS=="win"', {
'defines': [
'uint=unsigned int',
],
'include_dirs': [
# use node's bundled openssl headers platforms
'<(node_root_dir)/deps/openssl/openssl/include',
"<!(node -e \"require('nan')\")"
],
}, { # OS!="win"
'include_dirs': [
# use node's bundled openssl headers on Unix platforms
'<(node_root_dir)/deps/openssl/openssl/include',
"<!(node -e \"require('nan')\")"
],
}],
],
}
]
}

324
express-server/node_modules/ursa-optional/build/Makefile generated vendored Normal file
View File

@ -0,0 +1,324 @@
# We borrow heavily from the kernel build setup, though we are simpler since
# we don't have Kconfig tweaking settings on us.
# The implicit make rules have it looking for RCS files, among other things.
# We instead explicitly write all the rules we care about.
# It's even quicker (saves ~200ms) to pass -r on the command line.
MAKEFLAGS=-r
# The source directory tree.
srcdir := ..
abs_srcdir := $(abspath $(srcdir))
# The name of the builddir.
builddir_name ?= .
# The V=1 flag on command line makes us verbosely print command lines.
ifdef V
quiet=
else
quiet=quiet_
endif
# Specify BUILDTYPE=Release on the command line for a release build.
BUILDTYPE ?= Release
# Directory all our build output goes into.
# Note that this must be two directories beneath src/ for unit tests to pass,
# as they reach into the src/ directory for data with relative paths.
builddir ?= $(builddir_name)/$(BUILDTYPE)
abs_builddir := $(abspath $(builddir))
depsdir := $(builddir)/.deps
# Object output directory.
obj := $(builddir)/obj
abs_obj := $(abspath $(obj))
# We build up a list of every single one of the targets so we can slurp in the
# generated dependency rule Makefiles in one pass.
all_deps :=
CC.target ?= $(CC)
CFLAGS.target ?= $(CFLAGS)
CXX.target ?= $(CXX)
CXXFLAGS.target ?= $(CXXFLAGS) $(CPPFLAGS)
LINK.target ?= $(LINK)
LDFLAGS.target ?= $(LDFLAGS)
AR.target ?= $(AR)
# C++ apps need to be linked with g++.
LINK ?= $(CXX.target)
# TODO(evan): move all cross-compilation logic to gyp-time so we don't need
# to replicate this environment fallback in make as well.
CC.host ?= gcc
CFLAGS.host ?=
CXX.host ?= g++
CXXFLAGS.host ?=
LINK.host ?= $(CXX.host)
LDFLAGS.host ?=
AR.host ?= ar
# Define a dir function that can handle spaces.
# http://www.gnu.org/software/make/manual/make.html#Syntax-of-Functions
# "leading spaces cannot appear in the text of the first argument as written.
# These characters can be put into the argument value by variable substitution."
empty :=
space := $(empty) $(empty)
# http://stackoverflow.com/questions/1189781/using-make-dir-or-notdir-on-a-path-with-spaces
replace_spaces = $(subst $(space),?,$1)
unreplace_spaces = $(subst ?,$(space),$1)
dirx = $(call unreplace_spaces,$(dir $(call replace_spaces,$1)))
# Flags to make gcc output dependency info. Note that you need to be
# careful here to use the flags that ccache and distcc can understand.
# We write to a dep file on the side first and then rename at the end
# so we can't end up with a broken dep file.
depfile = $(depsdir)/$(call replace_spaces,$@).d
DEPFLAGS = -MMD -MF $(depfile).raw
# We have to fixup the deps output in a few ways.
# (1) the file output should mention the proper .o file.
# ccache or distcc lose the path to the target, so we convert a rule of
# the form:
# foobar.o: DEP1 DEP2
# into
# path/to/foobar.o: DEP1 DEP2
# (2) we want missing files not to cause us to fail to build.
# We want to rewrite
# foobar.o: DEP1 DEP2 \
# DEP3
# to
# DEP1:
# DEP2:
# DEP3:
# so if the files are missing, they're just considered phony rules.
# We have to do some pretty insane escaping to get those backslashes
# and dollar signs past make, the shell, and sed at the same time.
# Doesn't work with spaces, but that's fine: .d files have spaces in
# their names replaced with other characters.
define fixup_dep
# The depfile may not exist if the input file didn't have any #includes.
touch $(depfile).raw
# Fixup path as in (1).
sed -e "s|^$(notdir $@)|$@|" $(depfile).raw >> $(depfile)
# Add extra rules as in (2).
# We remove slashes and replace spaces with new lines;
# remove blank lines;
# delete the first line and append a colon to the remaining lines.
sed -e 's|\\||' -e 'y| |\n|' $(depfile).raw |\
grep -v '^$$' |\
sed -e 1d -e 's|$$|:|' \
>> $(depfile)
rm $(depfile).raw
endef
# Command definitions:
# - cmd_foo is the actual command to run;
# - quiet_cmd_foo is the brief-output summary of the command.
quiet_cmd_cc = CC($(TOOLSET)) $@
cmd_cc = $(CC.$(TOOLSET)) $(GYP_CFLAGS) $(DEPFLAGS) $(CFLAGS.$(TOOLSET)) -c -o $@ $<
quiet_cmd_cxx = CXX($(TOOLSET)) $@
cmd_cxx = $(CXX.$(TOOLSET)) $(GYP_CXXFLAGS) $(DEPFLAGS) $(CXXFLAGS.$(TOOLSET)) -c -o $@ $<
quiet_cmd_touch = TOUCH $@
cmd_touch = touch $@
quiet_cmd_copy = COPY $@
# send stderr to /dev/null to ignore messages when linking directories.
cmd_copy = ln -f "$<" "$@" 2>/dev/null || (rm -rf "$@" && cp -af "$<" "$@")
quiet_cmd_alink = AR($(TOOLSET)) $@
cmd_alink = rm -f $@ && $(AR.$(TOOLSET)) crs $@ $(filter %.o,$^)
quiet_cmd_alink_thin = AR($(TOOLSET)) $@
cmd_alink_thin = rm -f $@ && $(AR.$(TOOLSET)) crsT $@ $(filter %.o,$^)
# Due to circular dependencies between libraries :(, we wrap the
# special "figure out circular dependencies" flags around the entire
# input list during linking.
quiet_cmd_link = LINK($(TOOLSET)) $@
cmd_link = $(LINK.$(TOOLSET)) $(GYP_LDFLAGS) $(LDFLAGS.$(TOOLSET)) -o $@ -Wl,--start-group $(LD_INPUTS) -Wl,--end-group $(LIBS)
# We support two kinds of shared objects (.so):
# 1) shared_library, which is just bundling together many dependent libraries
# into a link line.
# 2) loadable_module, which is generating a module intended for dlopen().
#
# They differ only slightly:
# In the former case, we want to package all dependent code into the .so.
# In the latter case, we want to package just the API exposed by the
# outermost module.
# This means shared_library uses --whole-archive, while loadable_module doesn't.
# (Note that --whole-archive is incompatible with the --start-group used in
# normal linking.)
# Other shared-object link notes:
# - Set SONAME to the library filename so our binaries don't reference
# the local, absolute paths used on the link command-line.
quiet_cmd_solink = SOLINK($(TOOLSET)) $@
cmd_solink = $(LINK.$(TOOLSET)) -shared $(GYP_LDFLAGS) $(LDFLAGS.$(TOOLSET)) -Wl,-soname=$(@F) -o $@ -Wl,--whole-archive $(LD_INPUTS) -Wl,--no-whole-archive $(LIBS)
quiet_cmd_solink_module = SOLINK_MODULE($(TOOLSET)) $@
cmd_solink_module = $(LINK.$(TOOLSET)) -shared $(GYP_LDFLAGS) $(LDFLAGS.$(TOOLSET)) -Wl,-soname=$(@F) -o $@ -Wl,--start-group $(filter-out FORCE_DO_CMD, $^) -Wl,--end-group $(LIBS)
# Define an escape_quotes function to escape single quotes.
# This allows us to handle quotes properly as long as we always use
# use single quotes and escape_quotes.
escape_quotes = $(subst ','\'',$(1))
# This comment is here just to include a ' to unconfuse syntax highlighting.
# Define an escape_vars function to escape '$' variable syntax.
# This allows us to read/write command lines with shell variables (e.g.
# $LD_LIBRARY_PATH), without triggering make substitution.
escape_vars = $(subst $$,$$$$,$(1))
# Helper that expands to a shell command to echo a string exactly as it is in
# make. This uses printf instead of echo because printf's behaviour with respect
# to escape sequences is more portable than echo's across different shells
# (e.g., dash, bash).
exact_echo = printf '%s\n' '$(call escape_quotes,$(1))'
# Helper to compare the command we're about to run against the command
# we logged the last time we ran the command. Produces an empty
# string (false) when the commands match.
# Tricky point: Make has no string-equality test function.
# The kernel uses the following, but it seems like it would have false
# positives, where one string reordered its arguments.
# arg_check = $(strip $(filter-out $(cmd_$(1)), $(cmd_$@)) \
# $(filter-out $(cmd_$@), $(cmd_$(1))))
# We instead substitute each for the empty string into the other, and
# say they're equal if both substitutions produce the empty string.
# .d files contain ? instead of spaces, take that into account.
command_changed = $(or $(subst $(cmd_$(1)),,$(cmd_$(call replace_spaces,$@))),\
$(subst $(cmd_$(call replace_spaces,$@)),,$(cmd_$(1))))
# Helper that is non-empty when a prerequisite changes.
# Normally make does this implicitly, but we force rules to always run
# so we can check their command lines.
# $? -- new prerequisites
# $| -- order-only dependencies
prereq_changed = $(filter-out FORCE_DO_CMD,$(filter-out $|,$?))
# Helper that executes all postbuilds until one fails.
define do_postbuilds
@E=0;\
for p in $(POSTBUILDS); do\
eval $$p;\
E=$$?;\
if [ $$E -ne 0 ]; then\
break;\
fi;\
done;\
if [ $$E -ne 0 ]; then\
rm -rf "$@";\
exit $$E;\
fi
endef
# do_cmd: run a command via the above cmd_foo names, if necessary.
# Should always run for a given target to handle command-line changes.
# Second argument, if non-zero, makes it do asm/C/C++ dependency munging.
# Third argument, if non-zero, makes it do POSTBUILDS processing.
# Note: We intentionally do NOT call dirx for depfile, since it contains ? for
# spaces already and dirx strips the ? characters.
define do_cmd
$(if $(or $(command_changed),$(prereq_changed)),
@$(call exact_echo, $($(quiet)cmd_$(1)))
@mkdir -p "$(call dirx,$@)" "$(dir $(depfile))"
$(if $(findstring flock,$(word 1,$(cmd_$1))),
@$(cmd_$(1))
@echo " $(quiet_cmd_$(1)): Finished",
@$(cmd_$(1))
)
@$(call exact_echo,$(call escape_vars,cmd_$(call replace_spaces,$@) := $(cmd_$(1)))) > $(depfile)
@$(if $(2),$(fixup_dep))
$(if $(and $(3), $(POSTBUILDS)),
$(call do_postbuilds)
)
)
endef
# Declare the "all" target first so it is the default,
# even though we don't have the deps yet.
.PHONY: all
all:
# make looks for ways to re-generate included makefiles, but in our case, we
# don't have a direct way. Explicitly telling make that it has nothing to do
# for them makes it go faster.
%.d: ;
# Use FORCE_DO_CMD to force a target to run. Should be coupled with
# do_cmd.
.PHONY: FORCE_DO_CMD
FORCE_DO_CMD:
TOOLSET := target
# Suffix rules, putting all outputs into $(obj).
$(obj).$(TOOLSET)/%.o: $(srcdir)/%.c FORCE_DO_CMD
@$(call do_cmd,cc,1)
$(obj).$(TOOLSET)/%.o: $(srcdir)/%.cc FORCE_DO_CMD
@$(call do_cmd,cxx,1)
$(obj).$(TOOLSET)/%.o: $(srcdir)/%.cpp FORCE_DO_CMD
@$(call do_cmd,cxx,1)
$(obj).$(TOOLSET)/%.o: $(srcdir)/%.cxx FORCE_DO_CMD
@$(call do_cmd,cxx,1)
$(obj).$(TOOLSET)/%.o: $(srcdir)/%.S FORCE_DO_CMD
@$(call do_cmd,cc,1)
$(obj).$(TOOLSET)/%.o: $(srcdir)/%.s FORCE_DO_CMD
@$(call do_cmd,cc,1)
# Try building from generated source, too.
$(obj).$(TOOLSET)/%.o: $(obj).$(TOOLSET)/%.c FORCE_DO_CMD
@$(call do_cmd,cc,1)
$(obj).$(TOOLSET)/%.o: $(obj).$(TOOLSET)/%.cc FORCE_DO_CMD
@$(call do_cmd,cxx,1)
$(obj).$(TOOLSET)/%.o: $(obj).$(TOOLSET)/%.cpp FORCE_DO_CMD
@$(call do_cmd,cxx,1)
$(obj).$(TOOLSET)/%.o: $(obj).$(TOOLSET)/%.cxx FORCE_DO_CMD
@$(call do_cmd,cxx,1)
$(obj).$(TOOLSET)/%.o: $(obj).$(TOOLSET)/%.S FORCE_DO_CMD
@$(call do_cmd,cc,1)
$(obj).$(TOOLSET)/%.o: $(obj).$(TOOLSET)/%.s FORCE_DO_CMD
@$(call do_cmd,cc,1)
$(obj).$(TOOLSET)/%.o: $(obj)/%.c FORCE_DO_CMD
@$(call do_cmd,cc,1)
$(obj).$(TOOLSET)/%.o: $(obj)/%.cc FORCE_DO_CMD
@$(call do_cmd,cxx,1)
$(obj).$(TOOLSET)/%.o: $(obj)/%.cpp FORCE_DO_CMD
@$(call do_cmd,cxx,1)
$(obj).$(TOOLSET)/%.o: $(obj)/%.cxx FORCE_DO_CMD
@$(call do_cmd,cxx,1)
$(obj).$(TOOLSET)/%.o: $(obj)/%.S FORCE_DO_CMD
@$(call do_cmd,cc,1)
$(obj).$(TOOLSET)/%.o: $(obj)/%.s FORCE_DO_CMD
@$(call do_cmd,cc,1)
ifeq ($(strip $(foreach prefix,$(NO_LOAD),\
$(findstring $(join ^,$(prefix)),\
$(join ^,ursaNative.target.mk)))),)
include ursaNative.target.mk
endif
quiet_cmd_regen_makefile = ACTION Regenerating $@
cmd_regen_makefile = cd $(srcdir); /usr/share/node-gyp/gyp/gyp_main.py -fmake --ignore-environment "--toplevel-dir=." -I/nodeapps/https-test/greenlock-express.js/node_modules/ursa-optional/build/config.gypi -I/usr/share/node-gyp/addon.gypi -I/usr/include/nodejs/common.gypi "--depth=." "-Goutput_dir=." "--generator-output=build" "-Dlibrary=shared_library" "-Dvisibility=default" "-Dnode_root_dir=/usr/include/nodejs" "-Dnode_gyp_dir=/usr/share/node-gyp" "-Dnode_lib_file=/usr/include/nodejs/<(target_arch)/node.lib" "-Dmodule_root_dir=/nodeapps/https-test/greenlock-express.js/node_modules/ursa-optional" "-Dnode_engine=v8" binding.gyp
Makefile: $(srcdir)/../../../../../usr/include/nodejs/common.gypi $(srcdir)/build/config.gypi $(srcdir)/binding.gyp $(srcdir)/../../../../../usr/share/node-gyp/addon.gypi
$(call do_cmd,regen_makefile)
# "all" is a concatenation of the "all" targets from all the included
# sub-makefiles. This is just here to clarify.
all:
# Add in dependency-tracking rules. $(all_deps) is the list of every single
# target in our tree. Only consider the ones with .d (dependency) info:
d_files := $(wildcard $(foreach f,$(all_deps),$(depsdir)/$(f).d))
ifneq ($(d_files),)
include $(d_files)
endif

1
express-server/node_modules/ursa-optional/build/Release/.deps/Release/obj.target/ursaNative.node.d generated vendored Normal file
View File

@ -0,0 +1 @@
cmd_Release/obj.target/ursaNative.node := g++ -shared -pthread -rdynamic -m64 -Wl,-soname=ursaNative.node -o Release/obj.target/ursaNative.node -Wl,--start-group Release/obj.target/ursaNative/src/ursaNative.o -Wl,--end-group

53
express-server/node_modules/ursa-optional/build/Release/.deps/Release/obj.target/ursaNative/src/ursaNative.o.d generated vendored Normal file
View File

@ -0,0 +1,53 @@
cmd_Release/obj.target/ursaNative/src/ursaNative.o := g++ '-DNODE_GYP_MODULE_NAME=ursaNative' '-DUSING_UV_SHARED=1' '-DUSING_V8_SHARED=1' '-DV8_DEPRECATION_WARNINGS=1' '-D_LARGEFILE_SOURCE' '-D_FILE_OFFSET_BITS=64' '-DBUILDING_NODE_EXTENSION' -I/usr/include/nodejs/include/node -I/usr/include/nodejs/src -I/usr/include/nodejs/deps/uv/include -I/usr/include/nodejs/deps/v8/include -I/usr/include/nodejs/deps/openssl/openssl/include -I../../nan -fPIC -pthread -Wall -Wextra -Wno-unused-parameter -m64 -O3 -fno-omit-frame-pointer -fno-rtti -fno-exceptions -std=gnu++0x -MMD -MF ./Release/.deps/Release/obj.target/ursaNative/src/ursaNative.o.d.raw -c -o Release/obj.target/ursaNative/src/ursaNative.o ../src/ursaNative.cc
Release/obj.target/ursaNative/src/ursaNative.o: ../src/ursaNative.cc \
../src/ursaNative.h /usr/include/nodejs/src/node.h \
/usr/include/nodejs/deps/v8/include/v8.h \
/usr/include/nodejs/deps/v8/include/v8-version.h \
/usr/include/nodejs/deps/v8/include/v8config.h \
/usr/include/nodejs/src/node_version.h ../../nan/nan.h \
/usr/include/nodejs/src/node_version.h \
/usr/include/nodejs/deps/uv/include/uv.h \
/usr/include/nodejs/deps/uv/include/uv-errno.h \
/usr/include/nodejs/deps/uv/include/uv-version.h \
/usr/include/nodejs/deps/uv/include/uv-unix.h \
/usr/include/nodejs/deps/uv/include/uv-threadpool.h \
/usr/include/nodejs/deps/uv/include/uv-linux.h \
/usr/include/nodejs/src/node_buffer.h /usr/include/nodejs/src/node.h \
/usr/include/nodejs/src/node_object_wrap.h ../../nan/nan_callbacks.h \
../../nan/nan_callbacks_12_inl.h ../../nan/nan_maybe_43_inl.h \
../../nan/nan_converters.h ../../nan/nan_converters_43_inl.h \
../../nan/nan_new.h ../../nan/nan_implementation_12_inl.h \
../../nan/nan_persistent_12_inl.h ../../nan/nan_weak.h \
../../nan/nan_object_wrap.h ../../nan/nan_private.h \
../../nan/nan_typedarray_contents.h ../../nan/nan_json.h
../src/ursaNative.cc:
../src/ursaNative.h:
/usr/include/nodejs/src/node.h:
/usr/include/nodejs/deps/v8/include/v8.h:
/usr/include/nodejs/deps/v8/include/v8-version.h:
/usr/include/nodejs/deps/v8/include/v8config.h:
/usr/include/nodejs/src/node_version.h:
../../nan/nan.h:
/usr/include/nodejs/src/node_version.h:
/usr/include/nodejs/deps/uv/include/uv.h:
/usr/include/nodejs/deps/uv/include/uv-errno.h:
/usr/include/nodejs/deps/uv/include/uv-version.h:
/usr/include/nodejs/deps/uv/include/uv-unix.h:
/usr/include/nodejs/deps/uv/include/uv-threadpool.h:
/usr/include/nodejs/deps/uv/include/uv-linux.h:
/usr/include/nodejs/src/node_buffer.h:
/usr/include/nodejs/src/node.h:
/usr/include/nodejs/src/node_object_wrap.h:
../../nan/nan_callbacks.h:
../../nan/nan_callbacks_12_inl.h:
../../nan/nan_maybe_43_inl.h:
../../nan/nan_converters.h:
../../nan/nan_converters_43_inl.h:
../../nan/nan_new.h:
../../nan/nan_implementation_12_inl.h:
../../nan/nan_persistent_12_inl.h:
../../nan/nan_weak.h:
../../nan/nan_object_wrap.h:
../../nan/nan_private.h:
../../nan/nan_typedarray_contents.h:
../../nan/nan_json.h:

1
express-server/node_modules/ursa-optional/build/Release/.deps/Release/ursaNative.node.d generated vendored Normal file
View File

@ -0,0 +1 @@
cmd_Release/ursaNative.node := ln -f "Release/obj.target/ursaNative.node" "Release/ursaNative.node" 2>/dev/null || (rm -rf "Release/ursaNative.node" && cp -af "Release/obj.target/ursaNative.node" "Release/ursaNative.node")

BIN
express-server/node_modules/ursa-optional/build/Release/obj.target/ursaNative.node generated vendored Normal file
View File

Binary file not shown.

BIN
express-server/node_modules/ursa-optional/build/Release/obj.target/ursaNative/src/ursaNative.o generated vendored Normal file
View File

Binary file not shown.

BIN
express-server/node_modules/ursa-optional/build/Release/ursaNative.node generated vendored Normal file
View File

Binary file not shown.

6
express-server/node_modules/ursa-optional/build/binding.Makefile generated vendored Normal file
View File

@ -0,0 +1,6 @@
# This file is generated by gyp; do not edit.
export builddir_name ?= ./build/.
.PHONY: all
all:
$(MAKE) ursaNative

153
express-server/node_modules/ursa-optional/build/config.gypi generated vendored Normal file
View File

@ -0,0 +1,153 @@
# Do not edit. File was generated by node-gyp's "configure" step
{
"target_defaults": {
"cflags": [],
"default_configuration": "Release",
"defines": [],
"include_dirs": [],
"libraries": []
},
"variables": {
"asan": 0,
"coverage": "false",
"debug_devtools": "node",
"debug_http2": "false",
"debug_nghttp2": "false",
"force_dynamic_crt": 0,
"host_arch": "x64",
"icu_gyp_path": "tools/icu/icu-system.gyp",
"icu_small": "false",
"llvm_version": 0,
"node_byteorder": "little",
"node_enable_d8": "false",
"node_enable_v8_vtunejit": "false",
"node_install_npm": "false",
"node_module_version": 57,
"node_no_browser_globals": "false",
"node_prefix": "/usr",
"node_release_urlbase": "",
"node_shared": "false",
"node_shared_cares": "true",
"node_shared_http_parser": "true",
"node_shared_libuv": "true",
"node_shared_nghttp2": "true",
"node_shared_openssl": "true",
"node_shared_zlib": "true",
"node_tag": "",
"node_use_bundled_v8": "true",
"node_use_dtrace": "false",
"node_use_etw": "false",
"node_use_lttng": "false",
"node_use_openssl": "true",
"node_use_perfctr": "false",
"node_use_v8_platform": "true",
"node_without_node_options": "false",
"openssl_fips": "",
"openssl_no_asm": 0,
"shlib_suffix": "so.57",
"target_arch": "x64",
"uv_parent_path": "/deps/uv/",
"uv_use_dtrace": "false",
"v8_enable_gdbjit": 0,
"v8_enable_i18n_support": 1,
"v8_enable_inspector": 1,
"v8_no_strict_aliasing": 1,
"v8_optimized_debug": 0,
"v8_promise_internal_field_count": 1,
"v8_random_seed": 0,
"v8_trace_maps": 0,
"v8_use_snapshot": "false",
"want_separate_host_toolset": 0,
"nodedir": "/usr/include/nodejs",
"standalone_static_library": 1,
"cache_lock_stale": "60000",
"legacy_bundling": "",
"sign_git_tag": "",
"user_agent": "npm/3.5.2 node/v8.10.0 linux x64",
"always_auth": "",
"bin_links": "true",
"key": "",
"description": "true",
"fetch_retries": "2",
"heading": "npm",
"init_version": "1.0.0",
"if_present": "",
"user": "",
"force": "",
"only": "",
"cache_min": "10",
"init_license": "ISC",
"editor": "vi",
"rollback": "true",
"tag_version_prefix": "v",
"cache_max": "Infinity",
"userconfig": "/root/.npmrc",
"tmp": "/tmp",
"engine_strict": "",
"init_author_name": "",
"init_author_url": "",
"depth": "Infinity",
"save_dev": "",
"usage": "",
"progress": "true",
"https_proxy": "",
"onload_script": "",
"rebuild_bundle": "true",
"shell": "/bin/bash",
"save_bundle": "",
"prefix": "/usr/local",
"dry_run": "",
"cache_lock_wait": "10000",
"registry": "https://registry.npmjs.org/",
"browser": "",
"save_optional": "",
"scope": "",
"searchopts": "",
"versions": "",
"cache": "/root/.npm",
"searchsort": "name",
"global_style": "",
"ignore_scripts": "",
"version": "",
"viewer": "man",
"local_address": "",
"color": "true",
"fetch_retry_mintimeout": "10000",
"umask": "0022",
"fetch_retry_maxtimeout": "60000",
"message": "%s",
"ca": "",
"cert": "",
"global": "",
"link": "",
"unicode": "true",
"access": "",
"also": "",
"save": "",
"long": "",
"production": "",
"unsafe_perm": "",
"node_version": "8.10.0",
"tag": "latest",
"git_tag_version": "true",
"shrinkwrap": "true",
"fetch_retry_factor": "10",
"proprietary_attribs": "true",
"strict_ssl": "true",
"npat": "",
"save_exact": "",
"globalconfig": "/etc/npmrc",
"init_module": "/root/.npm-init.js",
"dev": "",
"parseable": "",
"globalignorefile": "/etc/npmignore",
"cache_lock_retries": "10",
"save_prefix": "^",
"group": "",
"init_author_email": "",
"searchexclude": "",
"git": "git",
"optional": "true",
"json": ""
}
}

145
express-server/node_modules/ursa-optional/build/ursaNative.target.mk generated vendored Normal file
View File

@ -0,0 +1,145 @@
# This file is generated by gyp; do not edit.
TOOLSET := target
TARGET := ursaNative
DEFS_Debug := \
'-DNODE_GYP_MODULE_NAME=ursaNative' \
'-DUSING_UV_SHARED=1' \
'-DUSING_V8_SHARED=1' \
'-DV8_DEPRECATION_WARNINGS=1' \
'-D_LARGEFILE_SOURCE' \
'-D_FILE_OFFSET_BITS=64' \
'-DBUILDING_NODE_EXTENSION' \
'-DDEBUG' \
'-D_DEBUG' \
'-DV8_ENABLE_CHECKS'
# Flags passed to all source files.
CFLAGS_Debug := \
-fPIC \
-pthread \
-Wall \
-Wextra \
-Wno-unused-parameter \
-m64 \
-g \
-O0
# Flags passed to only C files.
CFLAGS_C_Debug :=
# Flags passed to only C++ files.
CFLAGS_CC_Debug := \
-fno-rtti \
-fno-exceptions \
-std=gnu++0x
INCS_Debug := \
-I/usr/include/nodejs/include/node \
-I/usr/include/nodejs/src \
-I/usr/include/nodejs/deps/uv/include \
-I/usr/include/nodejs/deps/v8/include \
-I/usr/include/nodejs/deps/openssl/openssl/include \
-I$(srcdir)/../nan
DEFS_Release := \
'-DNODE_GYP_MODULE_NAME=ursaNative' \
'-DUSING_UV_SHARED=1' \
'-DUSING_V8_SHARED=1' \
'-DV8_DEPRECATION_WARNINGS=1' \
'-D_LARGEFILE_SOURCE' \
'-D_FILE_OFFSET_BITS=64' \
'-DBUILDING_NODE_EXTENSION'
# Flags passed to all source files.
CFLAGS_Release := \
-fPIC \
-pthread \
-Wall \
-Wextra \
-Wno-unused-parameter \
-m64 \
-O3 \
-fno-omit-frame-pointer
# Flags passed to only C files.
CFLAGS_C_Release :=
# Flags passed to only C++ files.
CFLAGS_CC_Release := \
-fno-rtti \
-fno-exceptions \
-std=gnu++0x
INCS_Release := \
-I/usr/include/nodejs/include/node \
-I/usr/include/nodejs/src \
-I/usr/include/nodejs/deps/uv/include \
-I/usr/include/nodejs/deps/v8/include \
-I/usr/include/nodejs/deps/openssl/openssl/include \
-I$(srcdir)/../nan
OBJS := \
$(obj).target/$(TARGET)/src/ursaNative.o
# Add to the list of files we specially track dependencies for.
all_deps += $(OBJS)
# CFLAGS et al overrides must be target-local.
# See "Target-specific Variable Values" in the GNU Make manual.
$(OBJS): TOOLSET := $(TOOLSET)
$(OBJS): GYP_CFLAGS := $(DEFS_$(BUILDTYPE)) $(INCS_$(BUILDTYPE)) $(CFLAGS_$(BUILDTYPE)) $(CFLAGS_C_$(BUILDTYPE))
$(OBJS): GYP_CXXFLAGS := $(DEFS_$(BUILDTYPE)) $(INCS_$(BUILDTYPE)) $(CFLAGS_$(BUILDTYPE)) $(CFLAGS_CC_$(BUILDTYPE))
# Suffix rules, putting all outputs into $(obj).
$(obj).$(TOOLSET)/$(TARGET)/%.o: $(srcdir)/%.cc FORCE_DO_CMD
@$(call do_cmd,cxx,1)
# Try building from generated source, too.
$(obj).$(TOOLSET)/$(TARGET)/%.o: $(obj).$(TOOLSET)/%.cc FORCE_DO_CMD
@$(call do_cmd,cxx,1)
$(obj).$(TOOLSET)/$(TARGET)/%.o: $(obj)/%.cc FORCE_DO_CMD
@$(call do_cmd,cxx,1)
# End of this set of suffix rules
### Rules for final target.
LDFLAGS_Debug := \
-pthread \
-rdynamic \
-m64
LDFLAGS_Release := \
-pthread \
-rdynamic \
-m64
LIBS :=
$(obj).target/ursaNative.node: GYP_LDFLAGS := $(LDFLAGS_$(BUILDTYPE))
$(obj).target/ursaNative.node: LIBS := $(LIBS)
$(obj).target/ursaNative.node: TOOLSET := $(TOOLSET)
$(obj).target/ursaNative.node: $(OBJS) FORCE_DO_CMD
$(call do_cmd,solink_module)
all_deps += $(obj).target/ursaNative.node
# Add target alias
.PHONY: ursaNative
ursaNative: $(builddir)/ursaNative.node
# Copy this to the executable output path.
$(builddir)/ursaNative.node: TOOLSET := $(TOOLSET)
$(builddir)/ursaNative.node: $(obj).target/ursaNative.node FORCE_DO_CMD
$(call do_cmd,copy)
all_deps += $(builddir)/ursaNative.node
# Short alias for building this executable.
.PHONY: ursaNative.node
ursaNative.node: $(obj).target/ursaNative.node $(builddir)/ursaNative.node
# Add executable to "all" target.
.PHONY: all
all: $(builddir)/ursaNative.node

752
express-server/node_modules/ursa-optional/lib/ursa.js generated vendored Normal file
View File

@ -0,0 +1,752 @@
// Copyright 2012 The Obvious Corporation.
/*
* "ursa": RSA crypto, with an emphasis on Buffer objects
*/
/*
* Modules used
*/
"use strict";
// Note: This also forces OpenSSL to be initialized, which is important!
var crypto = require("crypto");
var assert = require("assert");
var ursaNative = require("bindings")("ursaNative");
var RsaWrap = ursaNative.RsaWrap;
var textToNid = ursaNative.textToNid;
/*
* Variable definitions
*/
/** encoding constant */
var BASE64 = "base64";
/** encoding constant */
var BINARY = "binary";
/** encoding constant */
var HEX = "hex";
/** type name */
var STRING = "string";
/** encoding constant */
var UTF8 = "utf8";
/** encoding constant */
var UTF16 = "utf16le";
/** hash algorithm constant */
var MD5 = "md5";
/** regex that matches PEM files, capturing the file type */
var PEM_REGEX =
/^(-----BEGIN (.*) KEY-----\r?\n[:\s,-\/+=a-zA-Z0-9\r\n]*\r?\n-----END \2 KEY-----\r?\n)/m;
/** "unsealer" key object to authenticate objects */
var theUnsealer = [ "ursa unsealer" ];
/*
* Helper functions
*/
/**
* Return true iff x is either a string or a Buffer.
*/
function isStringOrBuffer(x) {
return (typeof x === STRING) || Buffer.isBuffer(x);
}
/**
* Extract and identify the PEM file type represented in the given
* buffer. Returns the extracted type string or undefined if the
* buffer doesn't seem to be any sort of PEM format file.
*/
function identifyPemType(buf) {
var str = encodeBuffer(buf, UTF8);
var match = PEM_REGEX.exec(str);
if (!match) {
return undefined;
}
return match[2];
}
/**
* Return whether the given buffer or string appears (trivially) to be a
* valid public key file in PEM format.
*/
function isPublicKeyPem(buf) {
var kind = identifyPemType(buf);
return (kind == "PUBLIC");
}
/**
* Return whether the given buffer or string appears (trivially) to be a
* valid private key file in PEM format.
*/
function isPrivateKeyPem(buf) {
var kind = identifyPemType(buf);
return (kind == "RSA PRIVATE");
}
/**
* Return a buffer containing the encoding of the given bigint for use
* as part of an SSH-style public key file. The input value must be a
* buffer representing an unsigned bigint in big-endian order.
*/
function toSshBigint(value) {
// The output is signed, so we need to add an extra 00 byte at the
// head if the high-order bit is set.
var prefix00 = ((value[0] & 0x80) !== 0);
var length = value.length + (prefix00 ? 1 : 0);
var result = new Buffer(length + 4);
var offset = 0;
result.writeUInt32BE(length, offset);
offset += 4;
if (prefix00) {
result[offset] = 0;
offset++;
}
value.copy(result, offset);
return result;
}
/**
* Create and return a buffer containing an SSH-style public key file for
* the given RsaWrap object.
*
* For the record, an SSH-style public key file consists of three
* concatenated values, each one length-prefixed:
*
* literal string "ssh-rsa"
* exponent
* modulus
*
* The literal string header is length-prefixed. The two numbers are
* represented as signed big-int values in big-endian order, also
* length-prefixed.
*/
function createSshPublicKey(rsa) {
var e = toSshBigint(rsa.getExponent());
var m = toSshBigint(rsa.getModulus());
var header = toSshBigint(new Buffer("ssh-rsa", UTF8));
var result = new Buffer(header.length + m.length + e.length);
var offset = 0;
header.copy(result, offset);
offset += header.length;
e.copy(result, offset);
offset += e.length;
m.copy(result, offset);
return result;
}
/**
* Validate the given encoding name. Throws an exception if invalid.
*/
function validateEncoding(encoding) {
switch (encoding) {
case BASE64:
case BINARY:
case HEX:
case UTF16:
case UTF8: {
// These are all valid.
break;
}
default: {
throw new Error("Invalid encoding: " + encoding);
}
}
}
/**
* Convert a buffer into an appropriately-encoded string, or return it
* unmodified if the encoding is undefined.
*/
function encodeBuffer(buf, encoding) {
if (encoding === undefined) {
return buf;
}
validateEncoding(encoding);
return buf.toString(encoding);
}
/**
* Return a buffer or undefined argument as-is, or convert a given
* string into a buffer by using the indicated encoding. An undefined
* encoding is interpreted to mean UTF8.
*/
function decodeString(str, encoding) {
if ((str === undefined) || Buffer.isBuffer(str)) {
return str;
}
if (encoding === undefined) {
encoding = UTF8;
}
validateEncoding(encoding);
return new Buffer(str, encoding);
}
/**
* OpenSSH Public key to RSA
* @param {String|Object} key OpenSSH Public Key
* @param <String> key encoding, default 'base64'
* @returns {PublicKey}
*/
function openSshPublicKey(key, encoding) {
if (!Buffer.isBuffer(key)) {
key = key.substr(0, 3) === 'ssh' ? key.split(' ')[1] : key;
key = new Buffer(key, encoding || 'base64');
}
function parsePublicKey(key) {
var parts = [],
partsLength = 3;
while(key.length) {
var dLen = key.readInt32BE(0);
var data = key.slice(4, dLen+4);
key = key.slice(4+dLen);
parts.push(data);
if (!(--partsLength)) break;
}
return {
modulus : parts[2],
exponent: parts[1],
type : parts[0]
};
}
var pubKey = parsePublicKey(key);
var rsa = new RsaWrap();
if (pubKey.type != 'ssh-rsa') {
throw new TypeError('Only "ssh-rsa" format supported');
}
rsa.openPublicSshKey(pubKey.modulus, pubKey.exponent);
return PublicKey(rsa);
}
/**
* Public Key object. This is the externally-visible object that one gets
* when constructing an instance from a public key. The constructor takes
* a native RsaWrap object.
*/
function PublicKey(rsa) {
var self;
function getExponent(encoding) {
return encodeBuffer(rsa.getExponent(), encoding);
}
function getModulus(encoding) {
return encodeBuffer(rsa.getModulus(), encoding);
}
function toPublicPem(encoding) {
return encodeBuffer(rsa.getPublicKeyPem(), encoding);
}
function toPublicSsh(encoding) {
return encodeBuffer(createSshPublicKey(rsa), encoding);
}
function toPublicSshFingerprint(encoding) {
return sshFingerprint(createSshPublicKey(rsa), undefined, encoding);
}
function encrypt(buf, bufEncoding, outEncoding, padding) {
buf = decodeString(buf, bufEncoding);
padding = (padding === undefined) ?
ursaNative.RSA_PKCS1_OAEP_PADDING : padding;
return encodeBuffer(rsa.publicEncrypt(buf, padding), outEncoding);
}
function publicDecrypt(buf, bufEncoding, outEncoding, padding) {
buf = decodeString(buf, bufEncoding);
padding = (padding === undefined) ?
ursaNative.RSA_PKCS1_PADDING : padding;
return encodeBuffer(rsa.publicDecrypt(buf, padding), outEncoding);
}
function verify(algorithm, hash, sig, encoding) {
algorithm = textToNid(algorithm);
hash = decodeString(hash, encoding);
sig = decodeString(sig, encoding);
return rsa.verify(algorithm, hash, sig);
}
function hashAndVerify(algorithm, buf, sig, encoding,
use_pss_padding, salt_len) {
if (use_pss_padding) {
sig = publicDecrypt(sig, encoding, undefined,
ursaNative.RSA_NO_PADDING);
var hash = crypto.createHash(algorithm);
hash.update(decodeString(buf, encoding));
buf = new Buffer(hash.digest(BINARY), BINARY);
return rsa.verifyPSSPadding(textToNid(algorithm), buf, sig,
(salt_len === undefined) ? ursaNative.RSA_PKCS1_SALT_LEN_HLEN : salt_len);
} else {
var verifier = createVerifier(algorithm);
verifier.update(buf, encoding);
return verifier.verify(self, sig, encoding);
}
}
function unseal(unsealer) {
return (unsealer === theUnsealer) ? self : undefined;
}
self = {
encrypt: encrypt,
getExponent: getExponent,
getModulus: getModulus,
hashAndVerify: hashAndVerify,
publicDecrypt: publicDecrypt,
toPublicPem: toPublicPem,
toPublicSsh: toPublicSsh,
toPublicSshFingerprint: toPublicSshFingerprint,
verify: verify,
unseal: unseal
};
return self;
}
/**
* Private Key object. This is the externally-visible object that one
* gets when constructing an instance from a private key (aka a
* keypair). The constructor takes a native RsaWrap object.
*/
function PrivateKey(rsa) {
var self;
function getPrivateExponent(encoding) {
return encodeBuffer(rsa.getPrivateExponent(), encoding);
}
function toPrivatePem(encoding) {
return encodeBuffer(rsa.getPrivateKeyPem(), encoding);
}
function toEncryptedPrivatePem(passPhrase, cipher, encoding) {
if(!passPhrase) return toPrivatePem(encoding);
return encodeBuffer(rsa.getPrivateKeyPem(passPhrase, cipher));
}
function decrypt(buf, bufEncoding, outEncoding, padding) {
buf = decodeString(buf, bufEncoding);
padding = (padding === undefined) ? ursaNative.RSA_PKCS1_OAEP_PADDING : padding;
return encodeBuffer(rsa.privateDecrypt(buf, padding), outEncoding);
}
function privateEncrypt(buf, bufEncoding, outEncoding, padding) {
buf = decodeString(buf, bufEncoding);
padding = (padding === undefined) ? ursaNative.RSA_PKCS1_PADDING : padding;
return encodeBuffer(rsa.privateEncrypt(buf, padding), outEncoding);
}
function sign(algorithm, hash, hashEncoding, outEncoding) {
algorithm = textToNid(algorithm);
hash = decodeString(hash, hashEncoding);
return encodeBuffer(rsa.sign(algorithm, hash), outEncoding);
}
function hashAndSign(algorithm, buf, bufEncoding, outEncoding,
use_pss_padding, salt_len) {
if (use_pss_padding) {
var hash = crypto.createHash(algorithm);
hash.update(decodeString(buf, bufEncoding));
buf = new Buffer(hash.digest(BINARY), BINARY);
buf = rsa.addPSSPadding(textToNid(algorithm), buf,
(salt_len === undefined) ? ursaNative.RSA_PKCS1_SALT_LEN_HLEN : salt_len);
return privateEncrypt(buf, undefined, outEncoding,
ursaNative.RSA_NO_PADDING);
} else {
var signer = createSigner(algorithm);
signer.update(buf, bufEncoding);
return signer.sign(self, outEncoding);
}
}
self = PublicKey(rsa);
self.decrypt = decrypt;
self.getPrivateExponent = getPrivateExponent;
self.hashAndSign = hashAndSign;
self.privateEncrypt = privateEncrypt;
self.sign = sign;
self.toPrivatePem = toPrivatePem;
self.toEncryptedPrivatePem = toEncryptedPrivatePem;
return self;
}
/*
* Exported bindings
*/
/**
* Create a new public key object, from the given PEM-encoded file.
*/
function createPublicKey(pem, encoding) {
var rsa = new RsaWrap();
pem = decodeString(pem, encoding);
try {
rsa.setPublicKeyPem(pem);
} catch (ex) {
if (!isPublicKeyPem(pem)) {
throw new Error("Not a public key.");
}
throw ex;
}
return PublicKey(rsa);
}
/**
* Create a new private key object, from the given PEM-encoded file,
* optionally decrypting the file with a password.
*/
function createPrivateKey(pem, password, encoding) {
var rsa = new RsaWrap();
pem = decodeString(pem, encoding);
password = decodeString(password, encoding);
try {
// Note: The native code is sensitive to the actual number of
// arguments. It's *not* okay to pass undefined as a password.
if (password) {
rsa.setPrivateKeyPem(pem, password);
} else {
rsa.setPrivateKeyPem(pem);
}
} catch (ex) {
if (!isPrivateKeyPem(pem)) {
throw new Error("Not a private key.");
}
throw ex;
}
return PrivateKey(rsa);
}
/**
* Create public key from components
*/
function createPublicKeyFromComponents(modulus, exponent) {
var rsa = new RsaWrap();
rsa.createPublicKeyFromComponents(modulus, exponent);
return PublicKey(rsa);
}
/**
* Create private key from components
*/
function createPrivateKeyFromComponents(modulus, exponent, p, q, dp, dq, inverseQ, d) {
var rsa = new RsaWrap();
rsa.createPrivateKeyFromComponents(modulus, exponent, p, q, dp, dq, inverseQ, d);
return PrivateKey(rsa);
}
/**
* Generate a new private key object (aka a keypair).
*/
function generatePrivateKey(modulusBits, exponent) {
if (modulusBits === undefined) {
modulusBits = 2048;
}
if (exponent === undefined) {
exponent = 65537;
}
var rsa = new RsaWrap();
rsa.generatePrivateKey(modulusBits, exponent);
return PrivateKey(rsa);
}
/**
* Create a key object from a PEM format file, either a private or
* public key depending on what kind of file is passed in. If given
* a private key file, it must not be encrypted.
*/
function createKey(pem, encoding) {
pem = decodeString(pem, encoding);
if (isPublicKeyPem(pem)) {
return createPublicKey(pem);
} else if (isPrivateKeyPem(pem)) {
return createPrivateKey(pem);
} else {
throw new Error("Not a key.");
}
}
/**
* Return the SSH-style public key fingerprint of the given SSH-format
* public key.
*/
function sshFingerprint(sshKey, sshEncoding, outEncoding) {
var hash = crypto.createHash(MD5);
hash.update(decodeString(sshKey, sshEncoding));
var result = new Buffer(hash.digest(BINARY), BINARY);
return encodeBuffer(result, outEncoding);
}
/**
* Return whether the given object is a key object (either public or
* private), as constructed by this module.
*/
function isKey(obj) {
var obj2;
try {
var unseal = obj.unseal;
if (typeof unseal !== "function") {
return false;
}
obj2 = unseal(theUnsealer);
} catch (ex) {
// Ignore; can't assume that other objects obey any particular
// unsealing protocol.
// TODO: Log?
return false;
}
return obj2 !== undefined;
}
/**
* Return whether the given object is a private key object, as
* constructed by this module.
*/
function isPrivateKey(obj) {
return isKey(obj) && (obj.decrypt !== undefined);
}
/**
* Return whether the given object is a public key object (per se), as
* constructed by this module.
*/
function isPublicKey(obj) {
return isKey(obj) && !isPrivateKey(obj);
}
/**
* Assert wrapper for isKey().
*/
function assertKey(obj) {
assert(isKey(obj));
}
/**
* Assert wrapper for isPrivateKey().
*/
function assertPrivateKey(obj) {
assert(isPrivateKey(obj));
}
/**
* Assert wrapper for isPublicKey().
*/
function assertPublicKey(obj) {
assert(isPublicKey(obj));
}
/**
* Coerce the given key value into an private key object, returning
* it. If given a private key object, this just returns it as-is. If
* given a string or Buffer, it tries to parse it as PEM. Anything
* else is an error.
*/
function coercePrivateKey(orig) {
if (isPrivateKey(orig)) {
return orig;
} else if (isStringOrBuffer(orig)) {
return createPrivateKey(orig);
}
throw new Error("Not a private key: " + orig);
}
/**
* Coerce the given key value into a public key object, returning
* it. If given a private key object, this just returns it as-is. If
* given a string or Buffer, it tries to parse it as PEM. Anything
* else is an error.
*/
function coercePublicKey(orig) {
if (isPublicKey(orig)) {
return orig;
} else if (isStringOrBuffer(orig)) {
return createPublicKey(orig);
}
throw new Error("Not a public key: " + orig);
}
/**
* Coerce the given key value into a key object (either public or
* private), returning it. If given a private key object, this just
* returns it as-is. If given a string or Buffer, it tries to parse it
* as PEM. Anything else is an error.
*/
function coerceKey(orig) {
if (isKey(orig)) {
return orig;
} else if (isStringOrBuffer(orig)) {
return createKey(orig);
}
throw new Error("Not a key: " + orig);
}
/**
* Check whether the two objects are both keys of some sort and
* have the same public part.
*/
function matchingPublicKeys(key1, key2) {
if (!(isKey(key1) && isKey(key2))) {
return false;
}
// This isn't the most efficient implementation, but it will suffice:
// We convert both to ssh form, which has very little leeway for
// variation, and compare bytes.
var ssh1 = key1.toPublicSsh(UTF8);
var ssh2 = key2.toPublicSsh(UTF8);
return ssh1 === ssh2;
}
/**
* Check whether the two objects are both keys of some sort, are
* both public or both private, and have the same contents.
*/
function equalKeys(key1, key2) {
// See above for rationale. In this case, there's no ssh form for
// private keys, so we just use PEM for that.
if (isPrivateKey(key1) && isPrivateKey(key2)) {
var pem1 = key1.toPrivatePem(UTF8);
var pem2 = key2.toPrivatePem(UTF8);
return pem1 === pem2;
}
if (isPublicKey(key1) && isPublicKey(key2)) {
return matchingPublicKeys(key1, key2);
}
return false;
}
/**
* Create a signer object.
*/
function createSigner(algorithm) {
var hash = crypto.createHash(algorithm);
var self = {};
function update(buf, bufEncoding) {
buf = decodeString(buf, bufEncoding);
hash.update(buf);
return self;
}
function sign(privateKey, outEncoding) {
var hashBuf = new Buffer(hash.digest(BINARY), BINARY);
return privateKey.sign(algorithm, hashBuf, undefined, outEncoding);
}
self.sign = sign;
self.update = update;
return self;
}
/**
* Create a verifier object.
*/
function createVerifier(algorithm) {
var hash = crypto.createHash(algorithm);
var self = {};
function update(buf, bufEncoding) {
buf = decodeString(buf, bufEncoding);
hash.update(buf);
return self;
}
function verify(publicKey, sig, sigEncoding) {
var hashBuf = new Buffer(hash.digest(BINARY), BINARY);
sig = decodeString(sig, sigEncoding);
return publicKey.verify(algorithm, hashBuf, sig);
}
self.update = update;
self.verify = verify;
return self;
}
/*
* Initialization
*/
module.exports = {
assertKey: assertKey,
assertPrivateKey: assertPrivateKey,
assertPublicKey: assertPublicKey,
coerceKey: coerceKey,
coercePrivateKey: coercePrivateKey,
coercePublicKey: coercePublicKey,
createKey: createKey,
createPrivateKey: createPrivateKey,
createPrivateKeyFromComponents: createPrivateKeyFromComponents,
openSshPublicKey: openSshPublicKey,
createPublicKey: createPublicKey,
createPublicKeyFromComponents: createPublicKeyFromComponents,
createSigner: createSigner,
createVerifier: createVerifier,
equalKeys: equalKeys,
generatePrivateKey: generatePrivateKey,
isKey: isKey,
isPrivateKey: isPrivateKey,
isPublicKey: isPublicKey,
matchingPublicKeys: matchingPublicKeys,
sshFingerprint: sshFingerprint,
RSA_NO_PADDING: ursaNative.RSA_NO_PADDING,
RSA_PKCS1_PADDING: ursaNative.RSA_PKCS1_PADDING,
RSA_PKCS1_OAEP_PADDING: ursaNative.RSA_PKCS1_OAEP_PADDING,
RSA_PKCS1_SALT_LEN_HLEN: ursaNative.RSA_PKCS1_SALT_LEN_HLEN,
RSA_PKCS1_SALT_LEN_MAX: ursaNative.RSA_PKCS1_SALT_LEN_MAX,
RSA_PKCS1_SALT_LEN_RECOVER: ursaNative.RSA_PKCS1_SALT_LEN_RECOVER
};

110
express-server/node_modules/ursa-optional/package.json generated vendored Normal file
View File

@ -0,0 +1,110 @@
{
"_args": [
[
"ursa-optional@^0.9.10",
"/nodeapps/https-test/greenlock-express.js/node_modules/rsa-compat"
]
],
"_from": "ursa-optional@>=0.9.10 <0.10.0",
"_hasShrinkwrap": false,
"_id": "ursa-optional@0.9.10",
"_inCache": true,
"_installable": true,
"_location": "/ursa-optional",
"_nodeVersion": "10.13.0",
"_npmOperationalInternal": {
"host": "s3://npm-registry-packages",
"tmp": "tmp/ursa-optional_0.9.10_1541526082762_0.09868043920674285"
},
"_npmUser": {
"email": "mkg20001@gmail.com",
"name": "mkg20001"
},
"_npmVersion": "6.4.1",
"_phantomChildren": {},
"_requested": {
"name": "ursa-optional",
"raw": "ursa-optional@^0.9.10",
"rawSpec": "^0.9.10",
"scope": null,
"spec": ">=0.9.10 <0.10.0",
"type": "range"
},
"_requiredBy": [
"/rsa-compat"
],
"_resolved": "https://registry.npmjs.org/ursa-optional/-/ursa-optional-0.9.10.tgz",
"_shasum": "f2eabfe0b6001dbf07a78740cd0a6e5ba6eb2554",
"_shrinkwrap": null,
"_spec": "ursa-optional@^0.9.10",
"_where": "/nodeapps/https-test/greenlock-express.js/node_modules/rsa-compat",
"author": {
"email": "danfuzz@milk.com",
"name": "Dan Bornstein",
"url": "http://www.milk.com/"
},
"bugs": {
"url": "https://github.com/mkg20001/ursa/issues"
},
"dependencies": {
"bindings": "^1.3.0",
"nan": "^2.11.1"
},
"description": "RSA public/private key OpenSSL bindings for node and io.js",
"devDependencies": {
"mocha": "^5.2.0"
},
"directories": {
"lib": "lib",
"test": "test"
},
"dist": {
"fileCount": 21,
"integrity": "sha512-RvEbhnxlggX4MXon7KQulTFiJQtLJZpSb9ZSa7ZTkOW0AzqiVTaLjI4vxaSzJBDH9dwZ3ltZadFiBaZslp6haA==",
"npm-signature": "-----BEGIN PGP SIGNATURE-----\r\nVersion: OpenPGP.js v3.0.4\r\nComment: https://openpgpjs.org\r\n\r\nwsFcBAEBCAAQBQJb4dJDCRA9TVsSAnZWagAAjP4P/27Bci055Hpb+wCQWR4s\nHVYq0NnLrTcDuMGzpJxI48QvueBMFGH2zUWZWfHuzoiGAoDaTPMtMg7BLV+S\nU2GTKkjgfZYOYS/fCGt/zv2/7pxXDy0cFUFhZWY9e6Rrupwmcdc24uiJHcxA\nazLQpqb9nm/cwXWqs+9gwkidJ6G+VgouujaNkhsvugIZDYDfXmEW4cTw+aUH\nmtjOh8l/Csc+GOxJulW6rOM9qEDOopULVCVowtJb1Rfz/aZgdDE3iSIzcrzS\nTstfVsA30JJmxy87YZYyGyJpRbV5Sig9o3fA9HaEkuZTxzLZxlUW6Qkh4DD4\n8zq1CnEeJAL/Y70aowApumLDojOOhSB+GHjmR/cshyALHGEe6aRmQWG7HYdz\nIeMJT559AtuW8wmf7lOuPGJnrGWpQwqp/6QJIDmptgGLqISOHh8Pi0NBhevJ\nz9KUISSIPJ7GmdLBohkRfXeUDAh8swsuLhG2XmDESbzh7ZntlN1+vB4EmVee\njMI3d7JRdQNUnnEW6epu/bGE73lWUsLJVbl8N1mkMwLMG1V/eAe81ft5Bafh\nTAYdUnA2ZfuGM2OGnuKwtOsMLQLbU+PP10/MjmchCKDXzouuSbVDvmmRqeza\n/KmGnFT1d7bEhzGdCQkeHTpPo5+1tKF/A36RBP4cJT2+d7GjHIe3lhFJUG/+\nOai6\r\n=H75D\r\n-----END PGP SIGNATURE-----\r\n",
"shasum": "f2eabfe0b6001dbf07a78740cd0a6e5ba6eb2554",
"tarball": "https://registry.npmjs.org/ursa-optional/-/ursa-optional-0.9.10.tgz",
"unpackedSize": 158923
},
"engines": {
"node": ">=0.10.0"
},
"gitHead": "0999dcf62cced5102913f925cb4fcfabdd480dfb",
"homepage": "https://github.com/mkg20001/ursa#readme",
"keywords": [
"crypto",
"digest",
"hash",
"key",
"openssl",
"private",
"public",
"rsa",
"sign",
"signature",
"verification",
"verify"
],
"license": "Apache-2.0",
"main": "lib/ursa.js",
"maintainers": [
{
"name": "mkg20001",
"email": "mkg20001@gmail.com"
}
],
"name": "ursa-optional",
"optionalDependencies": {},
"readme": "ERROR: No README data found!",
"repository": {
"type": "git",
"url": "git+https://github.com/mkg20001/ursa.git"
},
"scripts": {
"install": "node rebuild.js",
"rebuild": "node-gyp rebuild",
"test": "mocha --recursive --reporter spec",
"test-watch": "npm test -- -w --reporter min"
},
"version": "0.9.10"
}

17
express-server/node_modules/ursa-optional/rebuild.js generated vendored Normal file
View File

@ -0,0 +1,17 @@
var cp = require('child_process');
var verbose = Boolean(process.env.URSA_VERBOSE);
if (verbose) {
var p = cp.spawn(process.execPath, [process.env.npm_execpath, 'run', 'rebuild'], {cwd: process.cwd(), stdio: 'inherit'});
} else {
var p = cp.spawnSync(process.execPath, [process.env.npm_execpath, 'run', 'rebuild'], {cwd: process.cwd()});
if (p.status || p.signal || p.error) {
console.log('ursaNative bindings compilation fail. This is not an issue. Modules that depend on it will use fallbacks.');
var fs = require('fs');
if (p.error) {
fs.writeFileSync('./stderr.log', p.error.stack);
} else {
fs.writeFileSync('./stdout.log', p.stdout);
fs.writeFileSync('./stderr.log', p.stderr);
}
}
}

1865
express-server/node_modules/ursa-optional/src/ursaNative.cc generated vendored Normal file
View File

File diff suppressed because it is too large Load Diff

56
express-server/node_modules/ursa-optional/src/ursaNative.h generated vendored Normal file
View File

@ -0,0 +1,56 @@
// Copyright 2012 The Obvious Corporation.
#ifndef URSA_NATIVE_H
#define URSA_NATIVE_H
#ifndef BUILDING_NODE_EXTENSION
#define BUILDING_NODE_EXTENSION
#endif
#include <node.h>
#include <nan.h>
#include <v8.h>
#include <openssl/rsa.h>
class RsaWrap : public node::ObjectWrap
{
public:
static void InitClass(v8::Local<v8::Object> target);
protected:
RsaWrap();
~RsaWrap();
static NAN_METHOD(New);
static NAN_METHOD(GeneratePrivateKey);
static NAN_METHOD(GetExponent);
static NAN_METHOD(GetPrivateExponent);
static NAN_METHOD(GetModulus);
static NAN_METHOD(GetPrivateKeyPem);
static NAN_METHOD(GetPublicKeyPem);
static NAN_METHOD(PrivateDecrypt);
static NAN_METHOD(PrivateEncrypt);
static NAN_METHOD(PublicDecrypt);
static NAN_METHOD(PublicEncrypt);
static NAN_METHOD(SetPrivateKeyPem);
static NAN_METHOD(SetPublicKeyPem);
static NAN_METHOD(Sign);
static NAN_METHOD(Verify);
static NAN_METHOD(CreatePrivateKeyFromComponents);
static NAN_METHOD(CreatePublicKeyFromComponents);
static NAN_METHOD(OpenPublicSshKey);
static NAN_METHOD(AddPSSPadding);
static NAN_METHOD(VerifyPSSPadding);
private:
static RsaWrap *expectPrivateKey(RsaWrap *obj);
static RsaWrap *expectSet(RsaWrap *obj);
static RsaWrap *expectUnset(RsaWrap *obj);
BIGNUM *rsa_n, *rsa_e, *rsa_d;
RSA *rsa;
};
NAN_METHOD(TextToNid);
#endif // def URSA_NATIVE_H

5
express-server/node_modules/ursa-optional/test/.eslintrc.json generated vendored Normal file
View File

@ -0,0 +1,5 @@
{
"rules": {
"no-unused-vars": [2]
}
}

15
express-server/node_modules/ursa-optional/test/another_zorch.pem generated vendored Normal file
View File

@ -0,0 +1,15 @@
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQDhVzXvfTvYzne0gkD9FHlTYhsuB6wBUIZRNTZaai4EpKzleZbr
hq/R7M4DMA4UbiiuI68fMagcFYgUgfspDb3QBYVSRDpF0OmxGm4ww0LOjsHH/0ZQ
LnsFvbHNQcgJiYkLHQFRi9ARweuZNCRnw3fMY1GhfO5sq7J7SzAAbKQ3vwIDAQAB
AoGAOPTnMBpyZxGA1kJaFN348KeKgS71PfvRh3Mwwte1u/y3quT5zZxkkmYNiGa8
GFPjumhQmkzd1gNnOu/DwRO1Fwbp0bfqwCLnd2Lz400ZrwN/S+hlzu+YR1rKOH7C
7q/BeAm/hGVejsmkl16WgEpkqTzo11566Gat9UWDAw7C1ZkCQQD2MkPuQH6P5hwF
sy0mr4zfA3+X0L032jyjajakgM9Zn2XnPeYL/R/Cx0h1oBke3CPrKNaRhRCrBwUz
MUx3gkm7AkEA6lBXfCfsiPWzLe6klV+vFaDl40x53AMy+pL0VE/f8GSqHwGPL1q1
aa2AtiSCD505g6vq934V3K/KDK2THug3zQJAHnGIxOVkwRaLUIkfhDEhElK0bGl7
fHSYGvz/VMg427RCPZ4B3Gmoi8VoyGLLuG0wY9vg7I2vyfZMRlBKTFzoEQJAIeh2
gJUWect0npUGZEdwguTB397VU61y1yglC35zncozhEEpg2TRE/XzxmgKGlBaXl+m
pSIt773Qs3z66WIZkQJBAN4pwewrHawHa9yLH5X9zomL8yk7kboRguk2BaZND+KP
ENbnMowAligtYJ7w2KqpHZMJHwIOg8Yd2T9bPZKMW78=
-----END RSA PRIVATE KEY-----

30
express-server/node_modules/ursa-optional/test/blort-pass.pem generated vendored Normal file
View File

@ -0,0 +1,30 @@
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,0EE0329ADBEED6A1
CdxXjx5dnHDVa4swmD2X/Q9jsvN8Xcy8rUW7pcn7ijdn4uEpzVax9YD2Ewy9RsuS
3Qmhon6YdkjzqjShSXa4p2HXziZlZmgqxOHwUn1IxBK/Bne4WgpBWhkVmccCUaYm
rQhx7SwiqghzXXWvs/lDFjV9LdMFT1McUF7YY2jMmLgZjIsGKX0B/wBMF3E0/Zdo
9rYwelwS+ZYrQFcXxhZI8lg/KMmhgqEgRwjp+9z0j5H3e82Rs7eH68f2SFKld1ZY
3kQzHtTU8pGwdhWTSgxHmNMBWk2UV+TXhl88yZfYd0ugPZGk1luXu++MQLCktgfS
9xVpCmZyuxJgY8Trvf/Sc5fSfF/oB7/5TluTH5ap4jn1mELYnc/bPwZ79IKROlUs
LqcZYTRX46NLhNgqQlFyHCqOomxncxkdnkKE5jJ9AFheda4ZUX6ZL9KpCl4J13NG
aEr/D/8e/c7J5GZRWXu6kskWfDHDT/85Shpk32jxxN1/uugc3ENERojWLVoKggT8
gtbOQ2hc3g5EqFkOcofrn74M4fEd5UymJVbr6rcaFoBtwMoTB38u4ILmmdEqYPhk
1YnJUSy9etN/fJhpS1sye0ic8xrY6ymsQKc2kYvKjCf34zKUNeLHE15f4++DN2nK
7ECbfBsIZcCJ/EyS+RfO2iaPlgx/J3I3IiQRlZv6zN72ZW8xDeEZUMDzTr8LO/GG
inIWEeXiq3H6Fi7lg1QkZqG5wfsMFWiaBkm5JDCtA7RyAecwaUvetXhMhycBWIrp
/BlyYV1pmGREWzJbN2DHVO8eZJKKEWqp2tCPko3U35+t6ps6OZbiuq4xL9mOaRmx
ukn8kjl1TgoQ1NBCjXEs0q01tlzMf2GoK/KQwqZmIpEJXo0eadyLok7nK11EuDGx
AQmHP8ycXJRC34rbN8HBVE2iMiSkhZGLvXpeEo7wrSM/AflkSWwAT61unpKC26EH
eClranXixvOF8c1peAIjn0eagW4rVTFfZbNDAbKwSeNQY/keSHvmOtq9AHDU8NhN
uFl5o958qkKFyp/bgHw9CfHdvtXDebMfbSekspKcYXmI46sWy73r5AmxVY1Axh4C
lqNm3sKPhQZ2LsX17yM7M1QyBjgytH8/a5ecpFyrAmiAx1BL4mU5d3KAzxCO0sQM
ZVyin3hbTBHffh5kGU5OH2xjquKqHmUZLlNhWIsfYBKdqenXBsQoGPPwL1kVNNxj
uP4AB0Xk/BUIVvKsNfcCTr0iP8YtVXYW4jD0Y+OtoLHc6e4vLUW15cYJZIYfg9zf
5rwY8MaP2XTcJovNIsKoyEYxfnMmrlTIbaT0H7JE4nbWx4nnR7X6ybk7KbuS4dVJ
uNswQWQr6WJ29kvv4pvNCKAEPXyTQeIWw9bG8ETB7xuDXgzHJkXZPhs4vGOqTxpf
JkeJtR61rnoqFBEhncHMdF9c5fTSZRcYtTt6miNc6CYJs5tdQvY82XN4H/adqghI
NN/bqFAxLxA4RoXmibIybt+IEf2ejCl2xfWPs9ejnctYL+5JLFT4+IpOQDh/3rtG
fSKhaigLCt7yprOsAxxGg/OF6I6gwNgfeujApoTQIgq0X/frF2YvjP7xNLw8oNeU
-----END RSA PRIVATE KEY-----

27
express-server/node_modules/ursa-optional/test/blort.pem generated vendored Normal file
View File

@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEArgov0KHVYlOtS15/WIO0Hpz9NIuWQiH/9VuCqjEnsMJdZR20
NsxiNCjMTjOXtl8jCGFAp8fyb5peT7Qlp4xZky6odeyFEc6Z9QInyRSVBozlRoYS
hefQ6JSPFaF9k+FYFN/xz0LYHZwZCW+r78dQV9ZGKBQT61El8NiriiqKq1SBZiEI
7jT18J0i6H1qFVAkkZcyz3v85/yudPUC1wBFwzfk9yJ9O8bpNlGonxlDoQKXxHS8
yV15dTqAAoeVysBqQk1/NiDQuEJMbrq3cfDll0scsnVec0dwIUNY9UasxrbPpwk0
0ce54uWjwYl/sQ+AOvKZhJXbJFEfKyFi8f2EdQIDAQABAoIBADZx7V9hITXvY2kO
mNwB55kkF3oWqNzrcf05sXi4g+giBcGaN0RlT9ttX+ye6zkcLgNzGRzjyg3rxtE8
VANEPslycTTi1wYpEbS6BeQ70hsIfLlBPA4z5QC9aL2llXlrp3hwTl8+VAl/Sb3P
94O9YH76A1yKW2jkK/Bad99zS4opEvKRaBdMN3epphrUaUbseCckrgQp5/JVxSLm
0/rQ7fFhGjiTbn7YdMHLzDkESqUqVdpuU7XQYupb3xiLlHMthgNRzhkrPEHOlcyy
l5WIxP5mEoBbIc1WteiwgYkPhHpGFSXkXmsnmuqpI504JXvWyOZ0CVLBpcg1+YOl
9JG9askCgYEA5sSIz8Z8AJ2uQ4sWfP44kfd2kSFPcEY8ehyRewR+qOtA1S9Jni0y
5BSYUP3a6Z8eolj70SAVY68WQ1HHVyzPv84RRKYRUiMQPccUZbTjLYtX+fGjriQc
EhchV0ZHSweCsu5S0LdZtcWIF2t4Kq+6fLD8aFjfv5KgzkP5/EhoDNsCgYEAwRHF
CrijUmzqjhielwp72frwJOdjdsb9RT5kZMOvlCyPpxjdTZwW3AXScKrzotYAFzlS
70FxIcB2ewStZwObMVk91ZWDU8QI4aMf6P/aN7hNILmbPsZ8HXEEYrWzxNFtTtfP
YqLCDMbuvSEaQ3/K+lVU3j/6OlAWVbo72fFBzO8CgYEAuIC+GdFJ53wqjhowWrMv
K5U9GQAW8V9WjxM0RbTsR8X/yfLK20qr+6tztJ2iX1M3PPoEK8mJEHA2TpCd3lcX
qvTo3YghJRifraTz6/VaBVn5dv75rQt13gjcQVkROy3AE6t0Tyeo9CoAiykDpK1n
XrZquEsGabakFwZGYqzJdC0CgYBv4zhpyi78KZqU1rexmKXF4aMh/+aogxFr+4h6
zN0H5fsqP0KhI4Ar6kPWf3vKNnK/Ar2JYkeJ49vF1yQWuwRJSQqIqKj+9nCfMsXf
Zca02932xRmu+6AZ/9Em015nBWdvdan944zJks/wUyrBS2H6SVFxq2n8OUV4UQE2
gJY9iQKBgQDazbQaXKDuJDHTMsvZfIXdhXC0vbWb5P0TJ0lUz5lN5dfLxVj/MyCS
7Es98RTf+4wcBMBUDO5Qs5/2Wv0ZSkb2SCJ73Tvs7cnJZwY7MpY53wvhr4jIjAog
DdvScUn3F/qn8sURn0uu9Kz9fqrC/tZeANU6cpBBtWykTLb/spmwuQ==
-----END RSA PRIVATE KEY-----

9
express-server/node_modules/ursa-optional/test/blort.pub generated vendored Normal file
View File

@ -0,0 +1,9 @@
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgov0KHVYlOtS15/WIO0
Hpz9NIuWQiH/9VuCqjEnsMJdZR20NsxiNCjMTjOXtl8jCGFAp8fyb5peT7Qlp4xZ
ky6odeyFEc6Z9QInyRSVBozlRoYShefQ6JSPFaF9k+FYFN/xz0LYHZwZCW+r78dQ
V9ZGKBQT61El8NiriiqKq1SBZiEI7jT18J0i6H1qFVAkkZcyz3v85/yudPUC1wBF
wzfk9yJ9O8bpNlGonxlDoQKXxHS8yV15dTqAAoeVysBqQk1/NiDQuEJMbrq3cfDl
l0scsnVec0dwIUNY9UasxrbPpwk00ce54uWjwYl/sQ+AOvKZhJXbJFEfKyFi8f2E
dQIDAQAB
-----END PUBLIC KEY-----

1
express-server/node_modules/ursa-optional/test/blort.sshpub generated vendored Normal file
View File

@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCuCi/QodViU61LXn9Yg7QenP00i5ZCIf/1W4KqMSewwl1lHbQ2zGI0KMxOM5e2XyMIYUCnx/Jvml5PtCWnjFmTLqh17IURzpn1AifJFJUGjOVGhhKF59DolI8VoX2T4VgU3/HPQtgdnBkJb6vvx1BX1kYoFBPrUSXw2KuKKoqrVIFmIQjuNPXwnSLofWoVUCSRlzLPe/zn/K509QLXAEXDN+T3In07xuk2UaifGUOhApfEdLzJXXl1OoACh5XKwGpCTX82INC4Qkxuurdx8OWXSxyydV5zR3AhQ1j1RqzGts+nCTTRx7ni5aPBiX+xD4A68pmEldskUR8rIWLx/YR1

215
express-server/node_modules/ursa-optional/test/fixture.js generated vendored Normal file
View File

@ -0,0 +1,215 @@
// Copyright 2012 The Obvious Corporation.
/*
* Common fixture for use across tests
*/
/*
* Modules used
*/
"use strict";
var fs = require("fs");
var ursa = require("../lib/ursa");
var ursaNative = require("bindings")("ursaNative");
/*
* Variable definitions
*/
var BASE64 = "base64";
var BINARY = "binary";
var HEX = "hex";
var SHA1 = "sha1";
var SHA256 = "sha256";
var UTF8 = "utf8";
var DES_EDE3_CBC = "des-ede3-cbc";
var PASS_PRIVATE_KEY = fs.readFileSync(__dirname + "/blort-pass.pem");
var PRIVATE_KEY = fs.readFileSync(__dirname + "/blort.pem");
var PUBLIC_KEY = fs.readFileSync(__dirname + "/blort.pub");
var SSH_PUBLIC_KEY_FILE = fs.readFileSync(__dirname + "/blort.sshpub");
var PRIVATE_KEY_2 = fs.readFileSync(__dirname + "/zorch.pem");
var PUBLIC_KEY_2 = fs.readFileSync(__dirname + "/zorch.pub");
var PRIVATE_KEY_2 = fs.readFileSync(__dirname + "/zorch.pem");
var PRIVATE_KEY_3 = fs.readFileSync(__dirname + "/another_zorch.pem");
var PASSWORD = new Buffer("biscuits", UTF8);
var EXPONENT_HEX = "010001";
var MODULUS_HEX =
"ae0a2fd0a1d56253ad4b5e7f5883b41e9cfd348b964221fff55b82aa3127b0c2" +
"5d651db436cc623428cc4e3397b65f23086140a7c7f26f9a5e4fb425a78c5993" +
"2ea875ec8511ce99f50227c91495068ce546861285e7d0e8948f15a17d93e158" +
"14dff1cf42d81d9c19096fabefc75057d646281413eb5125f0d8ab8a2a8aab54" +
"81662108ee34f5f09d22e87d6a155024919732cf7bfce7fcae74f502d70045c3" +
"37e4f7227d3bc6e93651a89f1943a10297c474bcc95d79753a80028795cac06a" +
"424d7f3620d0b8424c6ebab771f0e5974b1cb2755e734770214358f546acc6b6" +
"cfa70934d1c7b9e2e5a3c1897fb10f803af2998495db24511f2b2162f1fd8475";
var PLAINTEXT = "Muffins are tasty.";
var PLAINTEXT_PADDED =
"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0" +
"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0" +
"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0" +
"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0" +
"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0" +
"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0" +
"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0" +
"\0\0\0\0\0\0\0\0\0\0\0\0\0\0" + "Muffins are tasty.";
var PRIVATE_CIPHERTEXT_HEX =
"98a96084dc8dfad2c4e604dc20def71acbf784b8b34ecafeb2840e238ac8031c" +
"7559004fa8337d20889b8a582af4f7d3707ab41d0a81487f0d80fb82be49537c" +
"2b9cd8dbb3b772fe0306ff9b4b99faa7cc26d5c04b1e8e79505bac1e8f2cdad2" +
"d3d8680eee3c16db8742b61935fca9679070d278f988ce4d414ab49a544c9088" +
"17a0d340a41384f4b8d826e41031ddcd3f72c29dec2fee0355a8203ea0d381a1" +
"a0f0969804d4968fb2e6220db5cf02e2c2200ff9d0a5a5037ac859a55c005ecc" +
"52ce194a6a9624c71547c96cf90d911caa4097f9cdfded71d23c9f8f5551188c" +
"8326357d54224ab25b9f29c1efdbc960a0968e4c9027cd507ffadd8dff93256c";
var PRIVATE_OLD_PAD_CIPHER_HEX =
"69d1c385929fc00f89aa98ae9cd8529afe884b581505acdcd4ceaa10bfda9adc" +
"79c472dd7e35bcc94f1146459c6a8d96e572116c7a62f1da5dd18cdb8f81e72b" +
"4a4649f40470e88c11b04fdf72e48c6adb44c41edc0c4c56074a041c03017f72" +
"f66a000066a4dbe888119c83f79e7cb8f667f0af1af41cf4adf21320fada9355" +
"6d056a2fdb1f5a9f5708e096a7408a115efa14f0e2f94feaa32322aa4af9c97a" +
"438d205f62317020e657c5057227a3d7e60a6a6658781cf41b0820988a4f9e8e" +
"b947c424248d231c3e43c711b0c4a4342a0fa484d0e3ded231a695250f4dafcf" +
"f9e94d02e3f74d4c509cfae24b8615e619805c9cdc9e85faed7d706dd6891383";
var PUBLIC_CIPHERTEXT_HEX =
"16b5e95a02db09e95bb5419998b3c5f450571578be271602828740242236e6aa" +
"0bce325d6b9a681038c864e0877a3e68e20329a3602829128385f182a20f06c7" +
"6f4c82f4f58481ff19ac2db9fd2b6b097047f741fa81a6c6a50b33259f3458b7" +
"5adcc40cc7ce71654d69936f1f77bdc684d069615ffeb71566487cdd62c55bc9" +
"5688452cb1857c91fd6cc0c7506f974ff4274a88b768f5e332b64933cabc9ef5" +
"2204e62f8682c177d5c7aa6e94e66125ad7a42eb9352e6af1ea6478e92599454" +
"65bc54fed2b45317713f7caa98cbd28a14c4c7fabe8689e735985e3fa6bd7ca8" +
"bda58bee1b3cba48cb0d1508c79c23d48413b3dc296aabf5291288783ff037ef";
var PUBLIC_CIPHERTEXT_NP_HEX =
"51b965fd83d619f9c3fec28330c7564c90439da62ec962f0c22df2e8e5bf9e52" +
"712755d4bb004a0dcfd8e6e0acc92553805c11158b3e36a3f74d4da6574514e8" +
"10313bcbe601fe43c7bb74872ab1a252ea78db775175662ed20baf05e870a265" +
"1a06afdec90e9bd7a21cba0282ae0ca07e82898bcfbcc162d4f6780f5db89216" +
"7a85bb5d26afc7551f356b054bb1ebb312fa02e212b2d0a751964a6ca790d6dd" +
"424df1beb5e7887ae8498070955ba65777b02c7e47ebbfdfc81a54b6fa506869" +
"29cf603b19cbaf1f32ad795ee8b6619b3dd8764626483425334cc892afc9e6e2" +
"ca371a850ae29336f559da16acc250600febcbd57524ccc0f181c995ce3f74ba";
var PLAINTEXT_SHA256 =
"44d7b7069244377863405b7c6a8c1e0fde6c68f02631668e41de3e9503429dcb";
var PLAINTEXT_SHA256_SIGNATURE =
"98349f92a91a2de46a897901a54b395a85fb618ac904d3d01d3c37d54fbdaba5" +
"f2f17fbcd45b9237b0b2f63398d5ab113c67cf3a356d30a14eeff9b53b0e7bef" +
"8b347d835cb60550b082d86293f5fb3354a1d6d85ff19f1c6696683dc3ff55d6" +
"72b88f3d365b0d56a65e3f974a795feee84b2097646673ccb4336950c04a3ba9" +
"bd189c9ae03ee824bd5a70a5c40c6ea0b124f4256a18a054d175e339c0f4fdfd" +
"32edacdec17940343889b2f940edf10c9da338db59972735049eea77632ff895" +
"53d42ded904959718c9cf5e43a50a315ab860be64d0bd4ef69bd01154d2108a9" +
"5127b0de26318d8b0c87eace03502c0cbfbe4683c5da7cf30bce3a386534b302";
var SSH_PUBLIC_KEY =
new Buffer(SSH_PUBLIC_KEY_FILE.toString(UTF8).slice(8), BASE64);
var SSH_PUBLIC_KEY_FINGERPRINT_HEX = "e7738e886aaf6f0301d62d459a892dc3";
var FAKE_SHA256_TO_SIGN =
"0123456789abcdef00112233445566778899aabbccddeeff9876543210fedcba";
var FAKE_SHA256_SIGNATURE =
"023fad1e5a94d417fc81ef477cc307578451791a87458794f993b9c8acd680aa" +
"0458532349fafec4df9351f6962b656b6c71fe977ec9d9c4cc2956a0d22ab9c8" +
"3a3639148d0bfe2a1d606868bee0b5a0c0d7b2bfaf80d4ed35d31f22733812dd" +
"454e8beb119c935f250000f44eeefd61d45bffb3aa42bcb8be6eb5331dc83a14" +
"bfc4df1dd2120f1d1b8539bd28cd4ebb6f3cf9439279278f5d472b75bff73c1b" +
"9b7cf713f311e3e25d7b0bfa0ee25f25f78c06335d8440e6a96318d0246c1581" +
"31c351b661694cfd688cd12f16db60ca496ca75338830d98dd1545ca835832d0" +
"15398a8dbc55eccb5c95fc9e825960ebd99b9b614e18fe0284a2def94cfe9aba";
var PRIVATE_KEY_COMPONENTS = {
modulus: new Buffer('4Vc173072M53tIJA/RR5U2IbLgesAVCGUTU2WmouBKSs5XmW64av0ezOAzAOFG4oriOvHzGoHBWIFIH7KQ290AWFUkQ6RdDpsRpuMMNCzo7Bx/9GUC57Bb2xzUHICYmJCx0BUYvQEcHrmTQkZ8N3zGNRoXzubKuye0swAGykN78=', 'base64'),
exponent: new Buffer('AQAB', 'base64'),
p: new Buffer('9jJD7kB+j+YcBbMtJq+M3wN/l9C9N9o8o2o2pIDPWZ9l5z3mC/0fwsdIdaAZHtwj6yjWkYUQqwcFMzFMd4JJuw==', 'base64'),
q: new Buffer('6lBXfCfsiPWzLe6klV+vFaDl40x53AMy+pL0VE/f8GSqHwGPL1q1aa2AtiSCD505g6vq934V3K/KDK2THug3zQ==', 'base64'),
dp: new Buffer('HnGIxOVkwRaLUIkfhDEhElK0bGl7fHSYGvz/VMg427RCPZ4B3Gmoi8VoyGLLuG0wY9vg7I2vyfZMRlBKTFzoEQ==', 'base64'),
dq: new Buffer('Ieh2gJUWect0npUGZEdwguTB397VU61y1yglC35zncozhEEpg2TRE/XzxmgKGlBaXl+mpSIt773Qs3z66WIZkQ==', 'base64'),
inverseQ: new Buffer('3inB7CsdrAdr3Isflf3OiYvzKTuRuhGC6TYFpk0P4o8Q1ucyjACWKC1gnvDYqqkdkwkfAg6Dxh3ZP1s9koxbvw==', 'base64'),
d: new Buffer('OPTnMBpyZxGA1kJaFN348KeKgS71PfvRh3Mwwte1u/y3quT5zZxkkmYNiGa8GFPjumhQmkzd1gNnOu/DwRO1Fwbp0bfqwCLnd2Lz400ZrwN/S+hlzu+YR1rKOH7C7q/BeAm/hGVejsmkl16WgEpkqTzo11566Gat9UWDAw7C1Zk=', 'base64'),
};
// From ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1-vec.zip
var PSS_MODULUS_HEX =
"a2ba40ee07e3b2bd2f02ce227f36a195024486e49c19cb41bbbdfbba98b22b0e"+
"577c2eeaffa20d883a76e65e394c69d4b3c05a1e8fadda27edb2a42bc000fe88"+
"8b9b32c22d15add0cd76b3e7936e19955b220dd17d4ea904b1ec102b2e4de775"+
"1222aa99151024c7cb41cc5ea21d00eeb41f7c800834d2c6e06bce3bce7ea9a5";
var PSS_M_HEX =
"859eef2fd78aca00308bdc471193bf55bf9d78db8f8a672b484634f3c9c26e64"+
"78ae10260fe0dd8c082e53a5293af2173cd50c6d5d354febf78b26021c25c027"+
"12e78cd4694c9f469777e451e7f8e9e04cd3739c6bbfedae487fb55644e9ca74"+
"ff77a53cb729802f6ed4a5ffa8ba159890fc";
var PSS_MHASH_HEX =
"37b66ae0445843353d47ecb0b4fd14c110e62d6a";
var PSS_EM_HEX =
"66e4672e836ad121ba244bed6576b867d9a447c28a6e66a5b87dee7fbc7e65af" +
"5057f86fae8984d9ba7f969ad6fe02a4d75f7445fefdd85b6d3a477c28d24ba1" +
"e3756f792dd1dce8ca94440ecb5279ecd3183a311fc896da1cb39311af37ea4a" +
"75e24bdbfd5c1da0de7cecdf1a896f9d8bc816d97cd7a2c43bad546fbe8cfebc";
var PSS_S_HEX =
"8daa627d3de7595d63056c7ec659e54406f10610128baae821c8b2a0f3936d54" +
"dc3bdce46689f6b7951bb18e840542769718d5715d210d85efbb596192032c42" +
"be4c29972c856275eb6d5a45f05f51876fc6743deddd28caec9bb30ea99e02c3" +
"488269604fe497f74ccd7c7fca1671897123cbd30def5d54a2b5536ad90a747e";
var PSS_PUBLIC_KEY = fs.readFileSync(__dirname + "/pss_tv.pub");
/*
* Exported bindings
*/
module.exports = {
BASE64: BASE64,
BINARY: BINARY,
HEX: HEX,
SHA1: SHA1,
SHA256: SHA256,
UTF8: UTF8,
DES_EDE3_CBC: DES_EDE3_CBC,
EXPONENT_HEX: EXPONENT_HEX,
FAKE_SHA256_TO_SIGN: FAKE_SHA256_TO_SIGN,
FAKE_SHA256_SIGNATURE: FAKE_SHA256_SIGNATURE,
MODULUS_HEX: MODULUS_HEX,
PASSWORD: PASSWORD,
PASS_PRIVATE_KEY: PASS_PRIVATE_KEY,
PLAINTEXT: PLAINTEXT,
PLAINTEXT_PADDED: PLAINTEXT_PADDED,
PLAINTEXT_SHA256: PLAINTEXT_SHA256,
PLAINTEXT_SHA256_SIGNATURE: PLAINTEXT_SHA256_SIGNATURE,
PRIVATE_CIPHERTEXT_HEX: PRIVATE_CIPHERTEXT_HEX,
PRIVATE_OLD_PAD_CIPHER_HEX: PRIVATE_OLD_PAD_CIPHER_HEX,
PRIVATE_KEY: PRIVATE_KEY,
PRIVATE_KEY_2: PRIVATE_KEY_2,
PRIVATE_KEY_3: PRIVATE_KEY_3,
PUBLIC_CIPHERTEXT_HEX: PUBLIC_CIPHERTEXT_HEX,
PUBLIC_CIPHERTEXT_NP_HEX: PUBLIC_CIPHERTEXT_NP_HEX,
PUBLIC_KEY: PUBLIC_KEY,
PUBLIC_KEY_2: PUBLIC_KEY_2,
SSH_PUBLIC_KEY: SSH_PUBLIC_KEY,
SSH_PUBLIC_KEY_FINGERPRINT_HEX: SSH_PUBLIC_KEY_FINGERPRINT_HEX,
PRIVATE_KEY_COMPONENTS: PRIVATE_KEY_COMPONENTS,
PSS_MODULUS_HEX: PSS_MODULUS_HEX,
PSS_M_HEX: PSS_M_HEX,
PSS_MHASH_HEX: PSS_MHASH_HEX,
PSS_EM_HEX: PSS_EM_HEX,
PSS_S_HEX: PSS_S_HEX,
PSS_PUBLIC_KEY: PSS_PUBLIC_KEY,
RsaWrap: ursaNative.RsaWrap,
ursa: ursa,
ursaNative: ursaNative
};

752
express-server/node_modules/ursa-optional/test/native.js generated vendored Normal file
View File

@ -0,0 +1,752 @@
// Copyright 2012 The Obvious Corporation.
/*
* Tests of the underlying RsaWrap class.
*/
/*
* Modules used
*/
"use strict";
var assert = require("assert");
var fixture = require("./fixture");
var RsaWrap = fixture.RsaWrap;
var ursaNative = fixture.ursaNative;
var textToNid = ursaNative.textToNid;
var nodeVersion = Number(process.version.match(/^v(\d+\.\d+)/)[1]);
/**
* Asserts that two strings are equal, ignoring Windows newline differences
*/
function assertStringEqual(actual, expected, message) {
assert.equal(actual.replace(/\r\n/g, '\n'), expected.replace(/\r\n/g, '\n'), message);
}
describe('native', function() {
it('new', function() {
new RsaWrap();
});
it('setPrivateKeyPem', function() {
var rsa = new RsaWrap();
rsa.setPrivateKeyPem(fixture.PRIVATE_KEY);
rsa = new RsaWrap();
rsa.setPrivateKeyPem(fixture.PASS_PRIVATE_KEY, fixture.PASSWORD);
});
it('fail_setPrivateKeyPem', function() {
var rsa = new RsaWrap();
function f1() {
rsa.setPrivateKeyPem();
}
assert.throws(f1, /Missing args\[0]\./);
function f2() {
rsa.setPrivateKeyPem("x");
}
assert.throws(f2, /Expected a Buffer in args\[0]\./);
function f3() {
rsa.setPrivateKeyPem(new Buffer("x"));
}
assert.throws(f3, /no start line/);
function f4() {
rsa.setPrivateKeyPem(fixture.PASS_PRIVATE_KEY, undefined);
}
assert.throws(f4, /Expected a Buffer in args\[1]\./);
function f5() {
rsa.setPrivateKeyPem(fixture.PASS_PRIVATE_KEY, "x");
}
assert.throws(f5, /Expected a Buffer in args\[1]\./);
function f6() {
rsa.setPrivateKeyPem(fixture.PASS_PRIVATE_KEY,
new Buffer("INCORRECT PASS"));
}
assert.throws(f6, /bad decrypt/);
// Check for "set once."
function f7() {
rsa.setPrivateKeyPem(fixture.PRIVATE_KEY);
}
f7();
assert.throws(f7, /Key already set\./);
});
it('setPublicKeyPem', function() {
var rsa = new RsaWrap();
rsa.setPublicKeyPem(fixture.PUBLIC_KEY);
});
it('fail_setPublicKeyPem', function() {
var rsa = new RsaWrap();
function f1() {
rsa.setPublicKeyPem();
}
assert.throws(f1, /Missing args\[0]\./);
function f2() {
rsa.setPublicKeyPem("x");
}
assert.throws(f2, /Expected a Buffer in args\[0]\./);
function f3() {
rsa.setPublicKeyPem(new Buffer("x"));
}
assert.throws(f3, /no start line/);
// Check for "set once."
function f4() {
rsa.setPublicKeyPem(fixture.PUBLIC_KEY);
}
f4();
assert.throws(f4, /Key already set\./);
});
it('getExponent', function() {
var rsa = new RsaWrap();
rsa.setPublicKeyPem(fixture.PUBLIC_KEY);
var value = rsa.getExponent().toString(fixture.HEX);
assert.equal(value, fixture.EXPONENT_HEX);
rsa = new RsaWrap();
rsa.setPrivateKeyPem(fixture.PRIVATE_KEY);
value = rsa.getExponent().toString(fixture.HEX);
assert.equal(value, fixture.EXPONENT_HEX);
});
it('fail_getExponent', function() {
var rsa = new RsaWrap();
function f1() {
rsa.getExponent();
}
assert.throws(f1, /Key not yet set\./);
});
it('getModulus', function() {
var rsa = new RsaWrap();
rsa.setPublicKeyPem(fixture.PUBLIC_KEY);
var value = rsa.getModulus().toString(fixture.HEX);
assert.equal(value, fixture.MODULUS_HEX);
rsa = new RsaWrap();
rsa.setPrivateKeyPem(fixture.PRIVATE_KEY);
value = rsa.getModulus().toString(fixture.HEX);
assert.equal(value, fixture.MODULUS_HEX);
});
it('fail_getModulus', function() {
var rsa = new RsaWrap();
function f1() {
rsa.getModulus();
}
assert.throws(f1, /Key not yet set\./);
});
it('getPrivateExponent', function() {
var rsa = new RsaWrap();
rsa.createPrivateKeyFromComponents(
fixture.PRIVATE_KEY_COMPONENTS.modulus,
fixture.PRIVATE_KEY_COMPONENTS.exponent,
fixture.PRIVATE_KEY_COMPONENTS.p,
fixture.PRIVATE_KEY_COMPONENTS.q,
fixture.PRIVATE_KEY_COMPONENTS.dp,
fixture.PRIVATE_KEY_COMPONENTS.dq,
fixture.PRIVATE_KEY_COMPONENTS.inverseQ,
fixture.PRIVATE_KEY_COMPONENTS.d);
var value = rsa.getPrivateExponent();
assert.equal(value.toString(fixture.HEX), fixture.PRIVATE_KEY_COMPONENTS.d.toString(fixture.HEX));
});
it('getPrivateKeyPem', function() {
var keyStr = fixture.PRIVATE_KEY.toString(fixture.UTF8);
var rsa = new RsaWrap();
rsa.setPrivateKeyPem(fixture.PRIVATE_KEY);
var pem = rsa.getPrivateKeyPem().toString(fixture.UTF8);
assertStringEqual(pem, keyStr);
});
it.skip('getPrivateKeyPemWithPassPhrase', function() {
var keyStr = fixture.PASS_PRIVATE_KEY.toString(fixture.UTF8);
var rsa = new RsaWrap();
rsa.setPrivateKeyPem(fixture.PASS_PRIVATE_KEY, fixture.PASSWORD);
var pem = rsa.getPrivateKeyPem(fixture.PASSWORD, fixture.DES_EDE3_CBC).toString(fixture.UTF8);
assertStringEqual(pem, keyStr);
})
it('fail_getPrivateKeyPem', function() {
var rsa = new RsaWrap();
function f1() {
rsa.getPrivateKeyPem();
}
assert.throws(f1, /Key not yet set\./);
rsa.setPublicKeyPem(fixture.PUBLIC_KEY);
assert.throws(f1, /Expected a private key\./);
});
it('getPublicKeyPem', function() {
var keyStr = fixture.PUBLIC_KEY.toString(fixture.UTF8);
var rsa = new RsaWrap();
rsa.setPublicKeyPem(fixture.PUBLIC_KEY);
var pem = rsa.getPublicKeyPem().toString(fixture.UTF8);
assertStringEqual(pem, keyStr);
rsa = new RsaWrap();
rsa.setPrivateKeyPem(fixture.PRIVATE_KEY);
pem = rsa.getPublicKeyPem().toString(fixture.UTF8);
assertStringEqual(pem, keyStr);
});
it('fail_getPublicKeyPem', function() {
var rsa = new RsaWrap();
function f1() {
rsa.getPublicKeyPem();
}
assert.throws(f1, /Key not yet set\./);
});
it('privateDecrypt', function() {
var rsa = new RsaWrap();
rsa.setPrivateKeyPem(fixture.PRIVATE_KEY);
var encoded = new Buffer(fixture.PRIVATE_CIPHERTEXT_HEX, fixture.HEX);
var decoded = rsa.privateDecrypt(encoded, ursaNative.RSA_PKCS1_OAEP_PADDING).toString(fixture.UTF8);
assert.equal(decoded, fixture.PLAINTEXT);
encoded = new Buffer(fixture.PRIVATE_OLD_PAD_CIPHER_HEX, fixture.HEX);
decoded = rsa.privateDecrypt(encoded, ursaNative.RSA_PKCS1_PADDING).toString(fixture.UTF8);
assert.equal(decoded, fixture.PLAINTEXT);
});
it('fail_privateDecrypt', function() {
var rsa = new RsaWrap();
function f1() {
rsa.privateDecrypt();
}
assert.throws(f1, /Key not yet set\./);
rsa.setPublicKeyPem(fixture.PUBLIC_KEY);
assert.throws(f1, /Expected a private key\./);
rsa = new RsaWrap();
rsa.setPrivateKeyPem(fixture.PRIVATE_KEY);
function f2() {
rsa.privateDecrypt("x", ursaNative.RSA_PKCS1_OAEP_PADDING);
}
assert.throws(f2, /Expected a Buffer in args\[0]\./);
function f3() {
rsa.privateDecrypt(new Buffer("x"), ursaNative.RSA_PKCS1_OAEP_PADDING);
}
assert.throws(f3, /decoding error/);
function f4() {
rsa.privateDecrypt(new Buffer("x"), "str");
}
assert.throws(f4, /Expected a 32-bit integer/);
});
it('publicEncrypt', function() {
// No other reasonable way to test this than to do a round trip.
var plainBuf = new Buffer(fixture.PLAINTEXT, fixture.UTF8);
var priv = new RsaWrap();
priv.setPrivateKeyPem(fixture.PRIVATE_KEY);
var rsa = new RsaWrap();
rsa.setPublicKeyPem(fixture.PUBLIC_KEY);
var encoded = rsa.publicEncrypt(plainBuf, ursaNative.RSA_PKCS1_OAEP_PADDING);
var decoded = priv.privateDecrypt(encoded, ursaNative.RSA_PKCS1_OAEP_PADDING).toString(fixture.UTF8);
assert.equal(decoded, fixture.PLAINTEXT);
encoded = priv.publicEncrypt(plainBuf, ursaNative.RSA_PKCS1_OAEP_PADDING);
decoded = priv.privateDecrypt(encoded, ursaNative.RSA_PKCS1_OAEP_PADDING).toString(fixture.UTF8);
assert.equal(decoded, fixture.PLAINTEXT);
// Test with old-style padding.
encoded = rsa.publicEncrypt(plainBuf, ursaNative.RSA_PKCS1_PADDING);
decoded = priv.privateDecrypt(encoded, ursaNative.RSA_PKCS1_PADDING);
decoded = decoded.toString(fixture.UTF8);
assert.equal(decoded, fixture.PLAINTEXT);
});
it('fail_publicEncrypt', function() {
var rsa = new RsaWrap();
function f1() {
rsa.publicEncrypt();
}
assert.throws(f1, /Key not yet set\./);
rsa = new RsaWrap();
rsa.setPublicKeyPem(fixture.PUBLIC_KEY);
function f2() {
rsa.publicEncrypt("x", ursaNative.RSA_PKCS1_OAEP_PADDING);
}
assert.throws(f2, /Expected a Buffer in args\[0]\./);
function f3() {
rsa.publicEncrypt(new Buffer(2048), ursaNative.RSA_PKCS1_OAEP_PADDING);
}
assert.throws(f3, /too large/);
function f4() {
rsa.publicEncrypt(new Buffer("x"), "str");
}
assert.throws(f4, /Expected a 32-bit integer/);
});
it('privateEncrypt', function() {
var rsa = new RsaWrap();
rsa.setPrivateKeyPem(fixture.PRIVATE_KEY);
var plainBuf = new Buffer(fixture.PLAINTEXT, fixture.UTF8);
var encoded = rsa.privateEncrypt(plainBuf, ursaNative.RSA_PKCS1_PADDING).toString(fixture.HEX);
assert.equal(encoded, fixture.PUBLIC_CIPHERTEXT_HEX);
});
it('fail_privateEncrypt', function() {
var rsa = new RsaWrap();
function f1() {
rsa.privateEncrypt();
}
assert.throws(f1, /Key not yet set\./);
rsa = new RsaWrap();
rsa.setPublicKeyPem(fixture.PUBLIC_KEY);
assert.throws(f1, /Expected a private key\./);
rsa = new RsaWrap();
rsa.setPrivateKeyPem(fixture.PRIVATE_KEY);
function f2() {
rsa.privateEncrypt("x", ursaNative.RSA_PKCS1_PADDING);
}
assert.throws(f2, /Expected a Buffer in args\[0]\./);
function f3() {
rsa.privateEncrypt(new Buffer(2048), ursaNative.RSA_PKCS1_PADDING);
}
assert.throws(f3, /too large/);
});
it('publicDecrypt', function() {
var rsa = new RsaWrap();
rsa.setPublicKeyPem(fixture.PUBLIC_KEY);
var encoded = new Buffer(fixture.PUBLIC_CIPHERTEXT_HEX, fixture.HEX);
var decoded = rsa.publicDecrypt(encoded, ursaNative.RSA_PKCS1_PADDING).toString(fixture.UTF8);
assert.equal(decoded, fixture.PLAINTEXT);
rsa = new RsaWrap();
rsa.setPrivateKeyPem(fixture.PRIVATE_KEY);
encoded = new Buffer(fixture.PUBLIC_CIPHERTEXT_HEX, fixture.HEX);
decoded = rsa.publicDecrypt(encoded, ursaNative.RSA_PKCS1_PADDING).toString(fixture.UTF8);
assert.equal(decoded, fixture.PLAINTEXT);
});
it('fail_publicDecrypt', function() {
var rsa = new RsaWrap();
function f1() {
rsa.publicDecrypt();
}
assert.throws(f1, /Key not yet set\./);
rsa.setPublicKeyPem(fixture.PUBLIC_KEY);
function f2() {
rsa.publicDecrypt("x", ursaNative.RSA_PKCS1_PADDING);
}
assert.throws(f2, /Expected a Buffer in args\[0]\./);
function f3() {
rsa.publicDecrypt(new Buffer("x"), ursaNative.RSA_PKCS1_PADDING);
}
assert.throws(f3, /padding_check/);
});
it('generatePrivateKey', function() {
var rsa = new RsaWrap();
rsa.generatePrivateKey(512, 65537);
// Do a round trip check.
var plainBuf = new Buffer(fixture.PLAINTEXT, fixture.UTF8);
var encoded = rsa.publicEncrypt(plainBuf, ursaNative.RSA_PKCS1_OAEP_PADDING);
var decoded = rsa.privateDecrypt(encoded, ursaNative.RSA_PKCS1_OAEP_PADDING).toString(fixture.UTF8);
assert.equal(decoded, fixture.PLAINTEXT);
// Extract the public key, and try using it for a round trip.
var pubKey = new RsaWrap();
pubKey.setPublicKeyPem(rsa.getPublicKeyPem());
encoded = pubKey.publicEncrypt(plainBuf, ursaNative.RSA_PKCS1_OAEP_PADDING);
decoded = rsa.privateDecrypt(encoded, ursaNative.RSA_PKCS1_OAEP_PADDING).toString(fixture.UTF8);
assert.equal(decoded, fixture.PLAINTEXT);
// Similarly, try decoding with an extracted private key.
var privKey = new RsaWrap();
privKey.setPrivateKeyPem(rsa.getPrivateKeyPem());
decoded = privKey.privateDecrypt(encoded, ursaNative.RSA_PKCS1_OAEP_PADDING).toString(fixture.UTF8);
assert.equal(decoded, fixture.PLAINTEXT);
});
it('fail_generatePrivateKey', function() {
var rsa = new RsaWrap();
function f1() {
rsa.generatePrivateKey();
}
assert.throws(f1, /Missing args\[0]\./);
function f2() {
rsa.generatePrivateKey("x");
}
assert.throws(f2, /Expected a 32-bit integer in args\[0]\./);
function f3() {
rsa.generatePrivateKey(10);
}
assert.throws(f3, /Missing args\[1]\./);
function f4() {
rsa.generatePrivateKey(20, "x");
}
assert.throws(f4, /Expected a 32-bit integer in args\[1]\./);
function f5() {
rsa.generatePrivateKey(512, 2);
}
assert.throws(f5, /Expected odd exponent\./);
function f6() {
rsa.generatePrivateKey(512, 0);
}
assert.throws(f6, /Expected positive exponent\./);
function f7() {
rsa.generatePrivateKey(511, 1);
}
assert.throws(f7, /Expected modulus bit count >= 512\./);
// Use the original f1(), above, for this test.
rsa.setPublicKeyPem(fixture.PUBLIC_KEY);
assert.throws(f1, /Key already set\./);
});
it('sign', function() {
var rsa = new RsaWrap();
rsa.setPrivateKeyPem(fixture.PRIVATE_KEY);
var buf = new Buffer(fixture.FAKE_SHA256_TO_SIGN, fixture.HEX);
var sig = rsa.sign(textToNid(fixture.SHA256), buf);
assert.equal(sig.toString(fixture.HEX), fixture.FAKE_SHA256_SIGNATURE);
buf = new Buffer(fixture.PLAINTEXT_SHA256, fixture.HEX);
sig = rsa.sign(textToNid(fixture.SHA256), buf);
assert.equal(sig.toString(fixture.HEX), fixture.PLAINTEXT_SHA256_SIGNATURE);
});
it('fail_sign', function() {
var rsa = new RsaWrap();
function f1() {
rsa.sign();
}
assert.throws(f1, /Key not yet set\./);
rsa = new RsaWrap();
rsa.setPublicKeyPem(fixture.PUBLIC_KEY);
assert.throws(f1, /Expected a private key\./);
rsa = new RsaWrap();
rsa.setPrivateKeyPem(fixture.PRIVATE_KEY);
function f2() {
rsa.sign("x", "x");
}
assert.throws(f2, /Expected a 32-bit integer in args\[0]\./);
function f3() {
rsa.sign(1, "x");
}
assert.throws(f3, /Expected a Buffer in args\[1]\./);
function f4() {
rsa.sign(1, new Buffer(2048));
}
assert.throws(f4, /too big/);
function f5() {
rsa.sign(99999, new Buffer(16));
}
assert.throws(f5, /unknown algorithm/);
});
it('verify', function() {
var rsa = new RsaWrap();
rsa.setPublicKeyPem(fixture.PUBLIC_KEY);
var hash = new Buffer(fixture.FAKE_SHA256_TO_SIGN, fixture.HEX);
var sig = new Buffer(fixture.FAKE_SHA256_SIGNATURE, fixture.HEX);
assert.equal(rsa.verify(textToNid(fixture.SHA256), hash, sig), true);
// Private keys should be able to verify too.
hash = new Buffer(fixture.PLAINTEXT_SHA256, fixture.HEX);
sig = new Buffer(fixture.PLAINTEXT_SHA256_SIGNATURE, fixture.HEX);
assert.equal(rsa.verify(textToNid(fixture.SHA256), hash, sig), true);
// Signature mismatch should return false (and not, e.g., throw).
hash = new Buffer(fixture.FAKE_SHA256_TO_SIGN, fixture.HEX);
sig = new Buffer(fixture.PLAINTEXT_SHA256_SIGNATURE, fixture.HEX);
assert.equal(rsa.verify(textToNid(fixture.SHA256), hash, sig), false);
});
it('fail_verify', function() {
var rsa = new RsaWrap();
function f1() {
rsa.verify();
}
assert.throws(f1, /Key not yet set\./);
rsa = new RsaWrap();
rsa.setPublicKeyPem(fixture.PUBLIC_KEY);
function f2() {
rsa.verify("x", "x", "x");
}
assert.throws(f2, /Expected a 32-bit integer in args\[0]\./);
function f3() {
rsa.verify(1, "x", "x");
}
assert.throws(f3, /Expected a Buffer in args\[1]\./);
function f4() {
rsa.verify(1, new Buffer(16), "x");
}
assert.throws(f4, /Expected a Buffer in args\[2]\./);
function f5() {
var hash = new Buffer(10);
var sig = new Buffer(5);
hash.fill(0);
sig.fill(0);
rsa.verify(1, hash, sig);
}
assert.throws(f5, /wrong signature length/);
function f6() {
var buf = new Buffer(256);
buf.fill(0);
rsa.verify(1, new Buffer(10), buf);
}
assert.throws(f6, /padding_check/);
function f7() {
var hash = new Buffer(fixture.PLAINTEXT_SHA256, fixture.HEX);
var sig = new Buffer(fixture.PLAINTEXT_SHA256_SIGNATURE, fixture.HEX);
rsa.verify(textToNid(fixture.SHA1), hash, sig);
}
if (nodeVersion < 10) {
assert.throws(f7, /algorithm mismatch/);
} else {
assert.ifError(f7(), true);
}
function f8() {
var hash = new Buffer(fixture.PLAINTEXT_SHA256, fixture.HEX);
var sig = new Buffer(fixture.PLAINTEXT_SHA256_SIGNATURE, fixture.HEX);
rsa.verify(1234567, hash, sig);
}
assert.throws(f8, nodeVersion < 10 ? /algorithm mismatch/ : /unknown algorithm type/);
});
it('textToNid', function() {
// I don't think you can count on the return values being anything
// other than integer values and that aliases should return equal
// values.
function verifyInt(value) {
if (typeof value !== "number") {
throw new Exception("Not a number: " + value);
}
if (value !== Math.floor(value)) {
throw new Exception("Not an integer: " + value);
}
}
verifyInt(textToNid("aes-128-ecb"));
verifyInt(textToNid("md5"));
verifyInt(textToNid("rsa"));
verifyInt(textToNid("sha1"));
verifyInt(textToNid("sha256"));
verifyInt(textToNid("RSA-SHA256"));
verifyInt(textToNid("pkcs7"));
assert.equal(textToNid("RSA-SHA256"), textToNid("sha256WithRSAEncryption"));
assert.equal(textToNid("AES-128-ECB"), textToNid("aes-128-ecb"));
});
it('fail_textToNid', function() {
function f1() {
textToNid();
}
assert.throws(f1, /Missing args\[0\]/);
function f2() {
textToNid(123);
}
assert.throws(f2, /Expected a string in args\[0\]/);
function f3() {
textToNid("blort");
}
assert.throws(f3, /asn1/);
});
it('PSSPadding', function() {
_test_PSSPadding(ursaNative.RSA_PKCS1_SALT_LEN_HLEN);
_test_PSSPadding(ursaNative.RSA_PKCS1_SALT_LEN_RECOVER);
var rsa = new RsaWrap();
rsa.createPublicKeyFromComponents(
new Buffer(fixture.PSS_MODULUS_HEX, fixture.HEX),
new Buffer(fixture.EXPONENT_HEX, fixture.HEX));
var tvhash = new Buffer(fixture.PSS_MHASH_HEX, fixture.HEX);
var tvem = new Buffer(fixture.PSS_EM_HEX, fixture.HEX);
assert.equal(rsa.verifyPSSPadding(
textToNid(fixture.SHA1), tvhash, tvem, ursaNative.RSA_PKCS1_SALT_LEN_HLEN), true);
});
it('fail_PSSPadding', function() {
var rsa = new RsaWrap();
function f1() {
rsa.addPSSPadding();
}
assert.throws(f1, /Key not yet set\./);
rsa.setPublicKeyPem(fixture.PUBLIC_KEY);
assert.throws(f1, /Not enough args\./);
var nid = textToNid(fixture.SHA256);
var hash = new Buffer(fixture.FAKE_SHA256_TO_SIGN, fixture.HEX);
var slen = ursaNative.RSA_PKCS1_SALT_LEN_HLEN;
function f2() {
rsa.addPSSPadding("x", hash, slen);
}
assert.throws(f2, /Expected a 32-bit integer in args\[0\]\./);
function f3() {
rsa.addPSSPadding(nid, "x", slen);
}
assert.throws(f3, /Expected a Buffer in args\[1\]\./);
function f4() {
rsa.addPSSPadding(nid, hash, "x");
}
assert.throws(f4, /Expected a 32-bit integer in args\[2\]\./);
function f5() {
rsa.addPSSPadding(nid, hash, 1000000);
}
assert.throws(f5, /data too large for key size/);
function f6() {
rsa.addPSSPadding(nid, hash, -3);
}
assert.throws(f6, /salt length check failed/);
var em = rsa.addPSSPadding(nid, hash, slen);
function f7() {
rsa.verifyPSSPadding();
}
assert.throws(f7, /Not enough args\./);
function f8() {
rsa.verifyPSSPadding("x", hash, em, slen);
}
assert.throws(f8, /Expected a 32-bit integer in args\[0\]\./);
function f9() {
rsa.verifyPSSPadding(nid, "x", em, slen);
}
assert.throws(f9, /Expected a Buffer in args\[1\]\./);
function f10() {
rsa.verifyPSSPadding(nid, hash, "x", slen);
}
assert.throws(f10, /Expected a Buffer in args\[2\]\./);
function f11() {
rsa.verifyPSSPadding(nid, hash, em, "x");
}
assert.throws(f11, /Expected a 32-bit integer in args\[3\]\./);
function f12() {
rsa.verifyPSSPadding(nid, hash, em, 1000000);
}
assert.throws(f12, /data too large/);
function f13() {
rsa.verifyPSSPadding(nid, hash, em, -3);
}
assert.throws(f13, /salt length check failed/);
em[em.length-1] ^= 2;
function f14() {
rsa.verifyPSSPadding(nid, hash, em, slen);
}
assert.throws(f14, /last octet invalid/);
em[em.length-1] ^= 2;
em[1] ^= 2;
assert.throws(f14, /salt length recovery failed/);
});
})
function _test_PSSPadding(slen)
{
var rsa = new RsaWrap();
rsa.setPublicKeyPem(fixture.PUBLIC_KEY);
var nid = textToNid(fixture.SHA256);
var hash = new Buffer(fixture.FAKE_SHA256_TO_SIGN, fixture.HEX);
var em = rsa.addPSSPadding(nid, hash, slen);
assert.equal(rsa.verifyPSSPadding(nid, hash, em, slen), true);
}

6
express-server/node_modules/ursa-optional/test/pss_tv.pub generated vendored Normal file
View File

@ -0,0 +1,6 @@
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCiukDuB+OyvS8CziJ/NqGVAkSG
5JwZy0G7vfu6mLIrDld8Lur/og2IOnbmXjlMadSzwFoej63aJ+2ypCvAAP6Ii5sy
wi0VrdDNdrPnk24ZlVsiDdF9TqkEsewQKy5N53USIqqZFRAkx8tBzF6iHQDutB98
gAg00sbga847zn6ppQIDAQAB
-----END PUBLIC KEY-----

608
express-server/node_modules/ursa-optional/test/test.js generated vendored Normal file
View File

@ -0,0 +1,608 @@
// Copyright 2012 The Obvious Corporation.
/*
* Tests of ursa
*/
/*
* Modules used
*/
"use strict";
var assert = require("assert");
var fixture = require("./fixture");
var ursa = fixture.ursa;
/**
* Asserts that two strings are equal, ignoring Windows newline differences
*/
function assertStringEqual(actual, expected, message) {
assert.equal(actual.replace(/\r\n/g, '\n'), expected.replace(/\r\n/g, '\n'), message);
}
/*
* Helper functions
*/
function test_getExponent(key) {
var buf = key.getExponent();
assert.equal(buf.toString(fixture.HEX), fixture.EXPONENT_HEX);
var result = key.getExponent(fixture.HEX);
assert.equal(result, fixture.EXPONENT_HEX);
result = key.getExponent(fixture.BASE64);
assert.equal(result, buf.toString(fixture.BASE64));
result = key.getExponent(fixture.BINARY);
assert.equal(result, buf.toString(fixture.BINARY));
result = key.getExponent(fixture.UTF8);
assert.equal(result, buf.toString(fixture.UTF8));
}
function test_getModulus(key) {
var buf = key.getModulus();
assert.equal(buf.toString(fixture.HEX), fixture.MODULUS_HEX);
var result = key.getModulus(fixture.HEX);
assert.equal(result, fixture.MODULUS_HEX);
result = key.getModulus(fixture.BASE64);
assert.equal(result, buf.toString(fixture.BASE64));
result = key.getModulus(fixture.BINARY);
assert.equal(result, buf.toString(fixture.BINARY));
result = key.getModulus(fixture.UTF8);
assert.equal(result, buf.toString(fixture.UTF8));
}
function test_toPublicPem(key) {
var keyString = fixture.PUBLIC_KEY.toString(fixture.UTF8);
var result = key.toPublicPem().toString(fixture.UTF8);
assertStringEqual(result, keyString);
result = key.toPublicPem(fixture.UTF8);
assertStringEqual(result, keyString);
}
function test_toPublicSsh(key) {
var keyString = fixture.SSH_PUBLIC_KEY.toString(fixture.BASE64);
var result = key.toPublicSsh().toString(fixture.BASE64);
assert.equal(result, keyString);
result = key.toPublicSsh(fixture.BASE64);
assert.equal(result, keyString);
}
function test_toPublicSshFingerprint(key) {
var result = key.toPublicSshFingerprint().toString(fixture.HEX);
assert.equal(result, fixture.SSH_PUBLIC_KEY_FINGERPRINT_HEX);
result = key.toPublicSshFingerprint(fixture.HEX);
assert.equal(result, fixture.SSH_PUBLIC_KEY_FINGERPRINT_HEX);
}
function test_encrypt(key) {
// The sanest way to test this is to do a round trip.
var privKey = ursa.createPrivateKey(fixture.PRIVATE_KEY)
var encoded = key.encrypt(new Buffer(fixture.PLAINTEXT, fixture.UTF8));
var decoded = privKey.decrypt(encoded, undefined, fixture.UTF8);
assert.equal(decoded, fixture.PLAINTEXT);
encoded = key.encrypt(fixture.PLAINTEXT, fixture.UTF8, fixture.BASE64);
decoded = privKey.decrypt(encoded, fixture.BASE64, fixture.UTF8);
assert.equal(decoded, fixture.PLAINTEXT);
encoded = key.encrypt(fixture.PLAINTEXT, undefined, fixture.HEX);
decoded = privKey.decrypt(encoded, fixture.HEX, fixture.UTF8);
assert.equal(decoded, fixture.PLAINTEXT);
}
function test_publicDecrypt(key) {
var encoded = new Buffer(fixture.PUBLIC_CIPHERTEXT_HEX, fixture.HEX);
var decoded = key.publicDecrypt(encoded).toString(fixture.UTF8);
assert.equal(decoded, fixture.PLAINTEXT);
decoded = key.publicDecrypt(fixture.PUBLIC_CIPHERTEXT_HEX, fixture.HEX,
fixture.UTF8);
assert.equal(decoded, fixture.PLAINTEXT);
decoded = key.publicDecrypt(fixture.PUBLIC_CIPHERTEXT_NP_HEX, fixture.HEX,
fixture.UTF8, ursa.RSA_NO_PADDING);
assert.equal(decoded, fixture.PLAINTEXT_PADDED);
}
function test_verify(key) {
assert.equal(key.verify(fixture.SHA256, fixture.PLAINTEXT_SHA256,
fixture.PLAINTEXT_SHA256_SIGNATURE,
fixture.HEX), true);
var hash = new Buffer(fixture.PLAINTEXT_SHA256, fixture.HEX);
var sig = new Buffer(fixture.PLAINTEXT_SHA256_SIGNATURE, fixture.HEX);
assert.equal(key.verify(fixture.SHA256, hash, sig), true);
}
function test_hashAndVerify(key) {
assert.equal(key.hashAndVerify(fixture.SHA256,
new Buffer(fixture.PLAINTEXT, fixture.UTF8),
fixture.PLAINTEXT_SHA256_SIGNATURE,
fixture.HEX),
true);
var key2 = ursa.createPublicKeyFromComponents(
new Buffer(fixture.PSS_MODULUS_HEX, fixture.HEX),
new Buffer(fixture.EXPONENT_HEX, fixture.HEX));
assert.equal(key2.hashAndVerify(fixture.SHA1,
fixture.PSS_M_HEX,
fixture.PSS_S_HEX,
fixture.HEX,
true,
ursa.RSA_PKCS1_SALT_LEN_HLEN),
true);
assert.equal(key2.hashAndVerify(fixture.SHA1,
fixture.PSS_M_HEX,
fixture.PSS_S_HEX,
fixture.HEX,
true),
true);
}
function testPublicKeyMethods(key) {
test_getExponent(key);
test_getModulus(key);
test_toPublicPem(key);
test_toPublicSsh(key);
test_toPublicSshFingerprint(key);
test_encrypt(key);
test_publicDecrypt(key);
test_verify(key);
test_hashAndVerify(key);
}
function test_toPrivatePem(key) {
var keyString = fixture.PRIVATE_KEY.toString(fixture.UTF8);
var result = key.toPrivatePem().toString(fixture.UTF8);
assertStringEqual(result, keyString);
result = key.toPrivatePem(fixture.UTF8);
assertStringEqual(result, keyString);
}
function test_toEncryptedPrivatePem(key) {
var password = fixture.PASSWORD.toString(fixture.UTF8);
var cipher = fixture.DES_EDE3_CBC;
var keyString = fixture.PASS_PRIVATE_KEY.toString(fixture.UTF8);
var pem = key.toEncryptedPrivatePem(password, cipher).toString(fixture.UTF8);
var plainTextKey = ursa.createPrivateKey(pem, password);
assertStringEqual(plainTextKey.toPrivatePem().toString(), fixture.PRIVATE_KEY.toString());
pem = key.toEncryptedPrivatePem(password, cipher, fixture.UTF8).toString(fixture.UTF8);
plainTextKey = ursa.createPrivateKey(pem, password);
assertStringEqual(plainTextKey.toPrivatePem().toString(), fixture.PRIVATE_KEY.toString());
}
function test_decrypt(key) {
var encoded = new Buffer(fixture.PRIVATE_CIPHERTEXT_HEX, fixture.HEX);
var decoded = key.decrypt(encoded).toString(fixture.UTF8);
assert.equal(decoded, fixture.PLAINTEXT);
decoded = key.decrypt(fixture.PRIVATE_CIPHERTEXT_HEX, fixture.HEX,
fixture.UTF8);
assert.equal(decoded, fixture.PLAINTEXT);
}
function test_privateEncrypt(key) {
var encoded = key.privateEncrypt(
new Buffer(fixture.PLAINTEXT, fixture.UTF8)).toString(fixture.HEX);
assert.equal(encoded, fixture.PUBLIC_CIPHERTEXT_HEX);
encoded = key.privateEncrypt(fixture.PLAINTEXT, fixture.UTF8, fixture.HEX);
assert.equal(encoded, fixture.PUBLIC_CIPHERTEXT_HEX);
encoded = key.privateEncrypt(fixture.PLAINTEXT, undefined, fixture.HEX);
assert.equal(encoded, fixture.PUBLIC_CIPHERTEXT_HEX);
encoded = key.privateEncrypt(fixture.PLAINTEXT_PADDED, fixture.UTF8, fixture.HEX, ursa.RSA_NO_PADDING);
assert.equal(encoded, fixture.PUBLIC_CIPHERTEXT_NP_HEX);
}
function test_sign(key) {
var sig = key.sign(fixture.SHA256,
fixture.PLAINTEXT_SHA256, fixture.HEX,
fixture.BASE64);
sig = new Buffer(sig, fixture.BASE64);
assert.equal(sig.toString(fixture.HEX), fixture.PLAINTEXT_SHA256_SIGNATURE);
var buf = new Buffer(fixture.PLAINTEXT_SHA256, fixture.HEX);
sig = key.sign(fixture.SHA256, buf, undefined, fixture.HEX);
assert.equal(sig, fixture.PLAINTEXT_SHA256_SIGNATURE);
}
function test_hashAndSign(key) {
var sig = key.hashAndSign(fixture.SHA256, fixture.PLAINTEXT,
fixture.UTF8, fixture.HEX);
assert.equal(sig, fixture.PLAINTEXT_SHA256_SIGNATURE);
// PSS uses random salt so can't have a fixture
var sig = key.hashAndSign(fixture.SHA256, fixture.PLAINTEXT,
fixture.UTF8, fixture.HEX,
true, ursa.RSA_PKCS1_SALT_LEN_MAX);
assert.equal(key.hashAndVerify(
fixture.SHA256,
new Buffer(fixture.PLAINTEXT).toString(fixture.HEX),
sig,
fixture.HEX,
true,
ursa.RSA_PKCS1_SALT_LEN_MAX),
true);
}
function testPrivateKeyMethods(key) {
test_toPrivatePem(key);
test_toEncryptedPrivatePem(key);
test_decrypt(key);
test_privateEncrypt(key);
test_hashAndSign(key);
test_sign(key);
}
describe('main', function() {
it('Basics', function() {
ursa.createPublicKey(fixture.PUBLIC_KEY);
ursa.createPrivateKey(fixture.PRIVATE_KEY);
ursa.createPrivateKey(fixture.PASS_PRIVATE_KEY, fixture.PASSWORD);
ursa.generatePrivateKey(512);
ursa.createPublicKey(fixture.PUBLIC_KEY.toString(fixture.UTF8));
ursa.createPrivateKey(fixture.PRIVATE_KEY.toString(fixture.BASE64),
undefined, fixture.BASE64);
});
it('Types', function() {
var pub = ursa.createPublicKey(fixture.PUBLIC_KEY);
var priv = ursa.createPrivateKey(fixture.PRIVATE_KEY);
var msg;
msg = "Problem with isKey()";
assert.equal(ursa.isKey(pub), true, msg);
assert.equal(ursa.isKey(priv), true, msg);
assert.equal(ursa.isKey(undefined), false, msg);
assert.equal(ursa.isKey("x"), false, msg);
msg = "Problem with isPublicKey()";
assert.equal(ursa.isPublicKey(pub), true, msg);
assert.equal(ursa.isPublicKey(priv), false, msg);
assert.equal(ursa.isPublicKey(undefined), false, msg);
assert.equal(ursa.isPublicKey("x"), false, msg);
msg = "Problem with isPrivateKey()";
assert.equal(ursa.isPrivateKey(pub), false, msg);
assert.equal(ursa.isPrivateKey(priv), true, msg);
assert.equal(ursa.isPrivateKey(undefined), false, msg);
assert.equal(ursa.isPrivateKey("x"), false, msg);
assert.doesNotThrow(function () { ursa.assertKey(pub); });
assert.doesNotThrow(function () { ursa.assertKey(priv); });
assert.throws(function () { ursa.assertKey(undefined); });
assert.throws(function () { ursa.assertKey("x"); });
assert.doesNotThrow(function () { ursa.assertPublicKey(pub); });
assert.throws(function () { ursa.assertPublicKey(priv); });
assert.throws(function () { ursa.assertPublicKey(undefined); });
assert.throws(function () { ursa.assertPublicKey("x"); });
assert.throws(function () { ursa.assertPrivateKey(pub); });
assert.doesNotThrow(function () { ursa.assertPrivateKey(priv); });
assert.throws(function () { ursa.assertPrivateKey(undefined); });
assert.throws(function () { ursa.assertPrivateKey("x"); });
});
it('createKey', function() {
var priv = ursa.createKey(fixture.PRIVATE_KEY);
assert(ursa.isPrivateKey(priv), true);
var pub = ursa.createKey(fixture.PUBLIC_KEY);
assert(ursa.isPublicKey(pub), true);
function f1() {
ursa.createKey("yo there");
}
assert.throws(f1, /Not a key\./);
});
it('createPrivateKeyFromComponents', function() {
var privFromComponents = ursa.createPrivateKeyFromComponents(
fixture.PRIVATE_KEY_COMPONENTS.modulus,
fixture.PRIVATE_KEY_COMPONENTS.exponent,
fixture.PRIVATE_KEY_COMPONENTS.p,
fixture.PRIVATE_KEY_COMPONENTS.q,
fixture.PRIVATE_KEY_COMPONENTS.dp,
fixture.PRIVATE_KEY_COMPONENTS.dq,
fixture.PRIVATE_KEY_COMPONENTS.inverseQ,
fixture.PRIVATE_KEY_COMPONENTS.d);
assert(ursa.isPrivateKey(privFromComponents), true);
var privFromPem = ursa.createPrivateKey(fixture.PRIVATE_KEY_3);
assert.equal(privFromComponents.toPrivatePem('utf8'), privFromPem.toPrivatePem('utf8'));
});
it('createPublicKeyFromComponents', function() {
var pubFromComponents = ursa.createPublicKeyFromComponents(
new Buffer(fixture.PSS_MODULUS_HEX, fixture.HEX),
new Buffer(fixture.EXPONENT_HEX, fixture.HEX));
assert(ursa.isPublicKey(pubFromComponents), true);
var pubFromPem = ursa.createPublicKey(fixture.PSS_PUBLIC_KEY);
assert.equal(pubFromComponents.toPublicPem('utf8'),
pubFromPem.toPublicPem('utf8'));
});
it('fail_createPublicKey', function() {
// This is mostly tested at the native level. This just tests the
// extra failures added at the high level.
function f1() {
ursa.createPublicKey(fixture.PRIVATE_KEY);
}
assert.throws(f1, /Not a public key\./);
});
it('fail_createPrivateKey', function() {
// This is mostly tested at the native level. This just tests the
// extra failures added at the high level.
function f1() {
ursa.createPrivateKey(fixture.PUBLIC_KEY);
}
assert.throws(f1, /Not a private key\./);
});
it('coerceKey', function() {
var priv = ursa.coerceKey(fixture.PRIVATE_KEY);
assert(ursa.isPrivateKey(priv), true);
priv = ursa.coerceKey(fixture.PRIVATE_KEY.toString());
assert(ursa.isPrivateKey(priv), true);
var pub = ursa.coerceKey(fixture.PUBLIC_KEY);
assert(ursa.isPublicKey(pub), true);
pub = ursa.coerceKey(fixture.PUBLIC_KEY.toString());
assert(ursa.isPublicKey(pub), true);
assert.equal(ursa.coerceKey(priv), priv);
assert.equal(ursa.coerceKey(pub), pub);
});
it('coercePrivateKey', function() {
var priv = ursa.coercePrivateKey(fixture.PRIVATE_KEY);
assert(ursa.isPrivateKey(priv), true);
priv = ursa.coercePrivateKey(fixture.PRIVATE_KEY.toString());
assert(ursa.isPrivateKey(priv), true);
assert.equal(ursa.coercePrivateKey(priv), priv);
});
it('coercePublicKey', function() {
var pub = ursa.coercePublicKey(fixture.PUBLIC_KEY);
assert(ursa.isPublicKey(pub), true);
pub = ursa.coercePublicKey(fixture.PUBLIC_KEY.toString());
assert(ursa.isPublicKey(pub), true);
assert.equal(ursa.coercePublicKey(pub), pub);
});
it('fail_coerceKey', function() {
function f1() {
ursa.coerceKey("foo");
}
assert.throws(f1, /Not a key/);
function f2() {
ursa.coerceKey(new Buffer(200));
}
assert.throws(f2, /Not a key/);
function f3() {
ursa.coerceKey([]);
}
assert.throws(f3, /Not a key/);
});
it('fail_coercePrivateKey', function() {
function f1() {
ursa.coercePrivateKey("foo");
}
assert.throws(f1, /Not a private key/);
function f2() {
ursa.coercePrivateKey(new Buffer(200));
}
assert.throws(f2, /Not a private key/);
function f3() {
ursa.coercePrivateKey([]);
}
assert.throws(f3, /Not a private key/);
function f4() {
ursa.coercePrivateKey(fixture.PUBLIC_KEY);
}
assert.throws(f4, /Not a private key/);
function f5() {
ursa.coercePrivateKey(fixture.PUBLIC_KEY.toString());
}
assert.throws(f5, /Not a private key/);
});
it('fail_coercePublicKey', function() {
function f1() {
ursa.coercePublicKey("foo");
}
assert.throws(f1, /Not a public key/);
function f2() {
ursa.coercePublicKey(new Buffer(200));
}
assert.throws(f2, /Not a public key/);
function f3() {
ursa.coercePublicKey([]);
}
assert.throws(f3, /Not a public key/);
function f4() {
ursa.coercePublicKey(fixture.PRIVATE_KEY);
}
assert.throws(f4, /Not a public key/);
function f5() {
ursa.coercePublicKey(fixture.PRIVATE_KEY.toString());
}
assert.throws(f5, /Not a public key/);
});
it('PublicKey', function() {
var key = ursa.createPublicKey(fixture.PUBLIC_KEY);
testPublicKeyMethods(key);
});
it('PrivateKey', function() {
var key = ursa.createPrivateKey(fixture.PRIVATE_KEY);
testPublicKeyMethods(key);
testPrivateKeyMethods(key);
});
it('GeneratedKey', function() {
// Just do a round trip. If that works, then it's safe to believe
// the native tests (which are more comprehensive).
var key = ursa.generatePrivateKey();
var encoded = key.encrypt(fixture.PLAINTEXT, fixture.UTF8);
var decoded = key.decrypt(encoded, undefined, fixture.UTF8);
assert.equal(decoded, fixture.PLAINTEXT);
});
it('sshFingerprint', function() {
var key = fixture.SSH_PUBLIC_KEY;
var finger = ursa.sshFingerprint(fixture.SSH_PUBLIC_KEY);
assert.equal(finger.toString(fixture.HEX),
fixture.SSH_PUBLIC_KEY_FINGERPRINT_HEX);
finger = ursa.sshFingerprint(fixture.SSH_PUBLIC_KEY, undefined,
fixture.HEX);
assert.equal(finger, fixture.SSH_PUBLIC_KEY_FINGERPRINT_HEX);
finger = ursa.sshFingerprint(
fixture.SSH_PUBLIC_KEY.toString(fixture.BASE64),
fixture.BASE64, fixture.HEX);
assert.equal(finger, fixture.SSH_PUBLIC_KEY_FINGERPRINT_HEX);
});
it('equalKeys', function() {
var pub = ursa.createPublicKey(fixture.PUBLIC_KEY);
var priv = ursa.createPrivateKey(fixture.PRIVATE_KEY);
var samePub = ursa.createPublicKey(fixture.PUBLIC_KEY);
var samePriv = ursa.createPrivateKey(fixture.PRIVATE_KEY);
var diffPub = ursa.createPublicKey(fixture.PUBLIC_KEY_2);
var diffPriv = ursa.createPrivateKey(fixture.PRIVATE_KEY_2);
assert.equal(ursa.equalKeys("1", "2"), false);
assert.equal(ursa.equalKeys(123, 123), false);
assert.equal(ursa.equalKeys(pub, null), false);
assert.equal(ursa.equalKeys(true, pub), false);
assert.equal(ursa.equalKeys(pub, pub), true);
assert.equal(ursa.equalKeys(priv, priv), true);
assert.equal(ursa.equalKeys(pub, priv), false);
assert.equal(ursa.equalKeys(priv, pub), false);
assert.equal(ursa.equalKeys(pub, samePub), true);
assert.equal(ursa.equalKeys(priv, samePriv), true);
assert.equal(ursa.equalKeys(pub, diffPub), false);
assert.equal(ursa.equalKeys(priv, diffPriv), false);
});
it('matchingPublicKeys', function() {
var pub = ursa.createPublicKey(fixture.PUBLIC_KEY);
var priv = ursa.createPrivateKey(fixture.PRIVATE_KEY);
var samePub = ursa.createPublicKey(fixture.PUBLIC_KEY);
var samePriv = ursa.createPrivateKey(fixture.PRIVATE_KEY);
var diffPub = ursa.createPublicKey(fixture.PUBLIC_KEY_2);
var diffPriv = ursa.createPrivateKey(fixture.PRIVATE_KEY_2);
assert.equal(ursa.matchingPublicKeys("1", "2"), false);
assert.equal(ursa.matchingPublicKeys(123, 123), false);
assert.equal(ursa.matchingPublicKeys(pub, null), false);
assert.equal(ursa.matchingPublicKeys(true, pub), false);
assert.equal(ursa.matchingPublicKeys(pub, pub), true);
assert.equal(ursa.matchingPublicKeys(priv, priv), true);
assert.equal(ursa.matchingPublicKeys(pub, priv), true);
assert.equal(ursa.matchingPublicKeys(priv, pub), true);
assert.equal(ursa.matchingPublicKeys(pub, samePub), true);
assert.equal(ursa.matchingPublicKeys(priv, samePriv), true);
assert.equal(ursa.matchingPublicKeys(pub, samePriv), true);
assert.equal(ursa.matchingPublicKeys(priv, samePub), true);
assert.equal(ursa.matchingPublicKeys(pub, diffPub), false);
assert.equal(ursa.matchingPublicKeys(pub, diffPriv), false);
assert.equal(ursa.matchingPublicKeys(priv, diffPriv), false);
assert.equal(ursa.matchingPublicKeys(priv, diffPub), false);
});
it('Signer', function() {
var key = ursa.createPrivateKey(fixture.PRIVATE_KEY);
var signer = ursa.createSigner(fixture.SHA256);
var ret = signer.update(fixture.PLAINTEXT, fixture.UTF8);
assert.equal(ret === signer, true);
var sig = signer.sign(key, fixture.HEX);
assert.equal(sig, fixture.PLAINTEXT_SHA256_SIGNATURE);
});
it('Verifier', function() {
var key = ursa.createPublicKey(fixture.PUBLIC_KEY);
var verifier = ursa.createVerifier(fixture.SHA256);
var ret = verifier.update(fixture.PLAINTEXT, fixture.UTF8);
assert.equal(ret === verifier, true);
assert.equal(verifier.verify(key, fixture.PLAINTEXT_SHA256_SIGNATURE,
fixture.HEX),
true);
var verifier = ursa.createVerifier(fixture.SHA256);
verifier.update(new Buffer(fixture.PLAINTEXT, fixture.UTF8));
var sigBuf = new Buffer(fixture.PLAINTEXT_SHA256_SIGNATURE, fixture.HEX);
assert.equal(verifier.verify(key, sigBuf), true);
});
it('openSshPublicKey', function() {
var sshKey = ursa.openSshPublicKey(fixture.SSH_PUBLIC_KEY),
pubKey = ursa.createPublicKey(fixture.PUBLIC_KEY);
assert.equal(ursa.equalKeys(sshKey, pubKey), true);
});
})

27
express-server/node_modules/ursa-optional/test/zorch.pem generated vendored Normal file
View File

@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAtZPKWwG02rHQAZP95ckEo/rY7nAOJO+TRT5Kf7Ym4xJGBMCc
5Ach5j4o1OFzKWaHgtfGM01Le3fdGx4VwxLcSlUI9ixvlhhKEqkRpGr8vphCDx0v
g+jXseQ2axrR6uHrdYA+8ASnfiuxILDXCRLwmPlliFA4D0qoWenOmqeNT7+98opZ
eN0BQxiOE/MXluSVpdVK/IQo5ggFDMBrHmq2+5L2I7JNkZOxADcilecrSrg1bt3F
ppKWGt49tpcCldOFx50iXE7ca1y4fOtBx0rm4JPzmFIYB1hu3mIT/xd3p2MY5dMr
Q9kYbeRcxcal1xXreLyWf2KslrPwwxZFR9QVoQIDAQABAoIBAGhaJ1FmCaolxoUh
qCkG/cO/xixB+d8AUILa6bW72V1mgxb4GzJxZuoLjyvI5YZFhluL5jxVj6vFlyye
faM+k5ukgyH3J6n7C5bt01XKprZiipRlEYmdp1h071FeeIWkkM1WhtUp15iLQ6Cm
AO8WE2/W5KMSdyVSoq4J0NLQuEW705nRBw0KvKOu/16MI3ASIYAhDh2N+celiq0B
QEFdMNIY4mQwRmoW8+nTVh3szVd6GXMH0etcQlDz7dLwXYm4qSw+dQusFjYZ6s4U
HKjIxFsCy32B8XoLKi2gKY0u4SE56H9Qcp05y1fZe20lfenf3Der0ucrX0THj1/Z
HLSTJgECgYEA6qlVbK0gm/iX8p62U/t3e1NtHyv3UlmmFPuHS4Z/cX4hErym0FJk
ln/Ggo2cSlyw83TjQFPRGvCDbULa/pKJow0PyGk0+LHELk5bguGtq0EMpd2ZmUKs
QIPcWXzbzismuH3x8zcNvErCEWvU7aDW8NznZes/a4aIjUR8DdG/l6UCgYEAxha2
/EBp5YTubNIIVSROUMpzYmrJJSMdvCz7eu0yfREQFzAbgyhdOkBx7jdAzAVAINOw
iVNP2h/DcOwGgcTun7RpBQ4QToDviNKQwp2Vh/DTYpuGzYgDJzmb+UawXQhXR9/F
eWzYkb2HFZVQ6Quhd0uFE71B4NFD1FPqEDfERU0CgYBBPt/fnauJcm9dKD/tzeeE
xMd8eU8E+KQzBVSy7SyWM8miWg3PsnkBV3msZw9jpa4VoxRkmGl1ohYI1SPq0Hew
fDs9L/NoipTPgz3ygCk3ipinrZu9f0pBjehAgXTkOB9GAM67Hz2UcvzOtzq275eT
1PgJ4IT7sqZZEQelGAK7eQKBgDunK4Pbggh0d7idp5S8UjlSPl0s+1YLtTCt+y2R
sNqpAMd63U4qIakhLy4lxYWrLxyzoz43sJxnZFvlODBsNdAybE3xZke93GS/xIhX
HGjLxVy0qWvLwedWGfp/pyzdDiu+36Epfi6lfMCrLqp/rihWvcSsAeLKIjsW6i3o
HVshAoGActqcGaI+rt5A1FFwzNbZYiu8QLjtMV+Je8oryP58HZTfDf31vkIi3MdR
G4jDp9POKxkn+AIfX6GOt2skC+mJGACbjPXCcuSaIYS6LyUmdZ22N+063yiiex2M
irL6oqJcmS8k8DD34fhNPC+Z8KMkcqp0xNm9ikmJLNmEY5eeaiI=
-----END RSA PRIVATE KEY-----

9
express-server/node_modules/ursa-optional/test/zorch.pub generated vendored Normal file
View File

@ -0,0 +1,9 @@
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZPKWwG02rHQAZP95ckE
o/rY7nAOJO+TRT5Kf7Ym4xJGBMCc5Ach5j4o1OFzKWaHgtfGM01Le3fdGx4VwxLc
SlUI9ixvlhhKEqkRpGr8vphCDx0vg+jXseQ2axrR6uHrdYA+8ASnfiuxILDXCRLw
mPlliFA4D0qoWenOmqeNT7+98opZeN0BQxiOE/MXluSVpdVK/IQo5ggFDMBrHmq2
+5L2I7JNkZOxADcilecrSrg1bt3FppKWGt49tpcCldOFx50iXE7ca1y4fOtBx0rm
4JPzmFIYB1hu3mIT/xd3p2MY5dMrQ9kYbeRcxcal1xXreLyWf2KslrPwwxZFR9QV
oQIDAQAB
-----END PUBLIC KEY-----