{"ast":null,"code":"// Copyright 2017 Joyent, Inc.\nmodule.exports = {\n  read: read,\n  write: write\n};\n\nvar assert = require('assert-plus');\n\nvar Buffer = require('safer-buffer').Buffer;\n\nvar Key = require('../key');\n\nvar PrivateKey = require('../private-key');\n\nvar utils = require('../utils');\n\nvar SSHBuffer = require('../ssh-buffer');\n\nvar Dhe = require('../dhe');\n\nvar supportedAlgos = {\n  'rsa-sha1': 5,\n  'rsa-sha256': 8,\n  'rsa-sha512': 10,\n  'ecdsa-p256-sha256': 13,\n  'ecdsa-p384-sha384': 14\n  /*\n   * ed25519 is hypothetically supported with id 15\n   * but the common tools available don't appear to be\n   * capable of generating/using ed25519 keys\n   */\n\n};\nvar supportedAlgosById = {};\nObject.keys(supportedAlgos).forEach(function (k) {\n  supportedAlgosById[supportedAlgos[k]] = k.toUpperCase();\n});\n\nfunction read(buf, options) {\n  if (typeof buf !== 'string') {\n    assert.buffer(buf, 'buf');\n    buf = buf.toString('ascii');\n  }\n\n  var lines = buf.split('\\n');\n\n  if (lines[0].match(/^Private-key-format\\: v1/)) {\n    var algElems = lines[1].split(' ');\n    var algoNum = parseInt(algElems[1], 10);\n    var algoName = algElems[2];\n    if (!supportedAlgosById[algoNum]) throw new Error('Unsupported algorithm: ' + algoName);\n    return readDNSSECPrivateKey(algoNum, lines.slice(2));\n  } // skip any comment-lines\n\n\n  var line = 0;\n  /* JSSTYLED */\n\n  while (lines[line].match(/^\\;/)) line++; // we should now have *one single* line left with our KEY on it.\n\n\n  if ((lines[line].match(/\\. IN KEY /) || lines[line].match(/\\. IN DNSKEY /)) && lines[line + 1].length === 0) {\n    return readRFC3110(lines[line]);\n  }\n\n  throw new Error('Cannot parse dnssec key');\n}\n\nfunction readRFC3110(keyString) {\n  var elems = keyString.split(' '); //unused var flags = parseInt(elems[3], 10);\n  //unused var protocol = parseInt(elems[4], 10);\n\n  var algorithm = parseInt(elems[5], 10);\n  if (!supportedAlgosById[algorithm]) throw new Error('Unsupported algorithm: ' + algorithm);\n  var base64key = elems.slice(6, elems.length).join();\n  var keyBuffer = Buffer.from(base64key, 'base64');\n\n  if (supportedAlgosById[algorithm].match(/^RSA-/)) {\n    // join the rest of the body into a single base64-blob\n    var publicExponentLen = keyBuffer.readUInt8(0);\n    if (publicExponentLen != 3 && publicExponentLen != 1) throw new Error('Cannot parse dnssec key: ' + 'unsupported exponent length');\n    var publicExponent = keyBuffer.slice(1, publicExponentLen + 1);\n    publicExponent = utils.mpNormalize(publicExponent);\n    var modulus = keyBuffer.slice(1 + publicExponentLen);\n    modulus = utils.mpNormalize(modulus); // now, make the key\n\n    var rsaKey = {\n      type: 'rsa',\n      parts: []\n    };\n    rsaKey.parts.push({\n      name: 'e',\n      data: publicExponent\n    });\n    rsaKey.parts.push({\n      name: 'n',\n      data: modulus\n    });\n    return new Key(rsaKey);\n  }\n\n  if (supportedAlgosById[algorithm] === 'ECDSA-P384-SHA384' || supportedAlgosById[algorithm] === 'ECDSA-P256-SHA256') {\n    var curve = 'nistp384';\n    var size = 384;\n\n    if (supportedAlgosById[algorithm].match(/^ECDSA-P256-SHA256/)) {\n      curve = 'nistp256';\n      size = 256;\n    }\n\n    var ecdsaKey = {\n      type: 'ecdsa',\n      curve: curve,\n      size: size,\n      parts: [{\n        name: 'curve',\n        data: Buffer.from(curve)\n      }, {\n        name: 'Q',\n        data: utils.ecNormalize(keyBuffer)\n      }]\n    };\n    return new Key(ecdsaKey);\n  }\n\n  throw new Error('Unsupported algorithm: ' + supportedAlgosById[algorithm]);\n}\n\nfunction elementToBuf(e) {\n  return Buffer.from(e.split(' ')[1], 'base64');\n}\n\nfunction readDNSSECRSAPrivateKey(elements) {\n  var rsaParams = {};\n  elements.forEach(function (element) {\n    if (element.split(' ')[0] === 'Modulus:') rsaParams['n'] = elementToBuf(element);else if (element.split(' ')[0] === 'PublicExponent:') rsaParams['e'] = elementToBuf(element);else if (element.split(' ')[0] === 'PrivateExponent:') rsaParams['d'] = elementToBuf(element);else if (element.split(' ')[0] === 'Prime1:') rsaParams['p'] = elementToBuf(element);else if (element.split(' ')[0] === 'Prime2:') rsaParams['q'] = elementToBuf(element);else if (element.split(' ')[0] === 'Exponent1:') rsaParams['dmodp'] = elementToBuf(element);else if (element.split(' ')[0] === 'Exponent2:') rsaParams['dmodq'] = elementToBuf(element);else if (element.split(' ')[0] === 'Coefficient:') rsaParams['iqmp'] = elementToBuf(element);\n  }); // now, make the key\n\n  var key = {\n    type: 'rsa',\n    parts: [{\n      name: 'e',\n      data: utils.mpNormalize(rsaParams['e'])\n    }, {\n      name: 'n',\n      data: utils.mpNormalize(rsaParams['n'])\n    }, {\n      name: 'd',\n      data: utils.mpNormalize(rsaParams['d'])\n    }, {\n      name: 'p',\n      data: utils.mpNormalize(rsaParams['p'])\n    }, {\n      name: 'q',\n      data: utils.mpNormalize(rsaParams['q'])\n    }, {\n      name: 'dmodp',\n      data: utils.mpNormalize(rsaParams['dmodp'])\n    }, {\n      name: 'dmodq',\n      data: utils.mpNormalize(rsaParams['dmodq'])\n    }, {\n      name: 'iqmp',\n      data: utils.mpNormalize(rsaParams['iqmp'])\n    }]\n  };\n  return new PrivateKey(key);\n}\n\nfunction readDNSSECPrivateKey(alg, elements) {\n  if (supportedAlgosById[alg].match(/^RSA-/)) {\n    return readDNSSECRSAPrivateKey(elements);\n  }\n\n  if (supportedAlgosById[alg] === 'ECDSA-P384-SHA384' || supportedAlgosById[alg] === 'ECDSA-P256-SHA256') {\n    var d = Buffer.from(elements[0].split(' ')[1], 'base64');\n    var curve = 'nistp384';\n    var size = 384;\n\n    if (supportedAlgosById[alg] === 'ECDSA-P256-SHA256') {\n      curve = 'nistp256';\n      size = 256;\n    } // DNSSEC generates the public-key on the fly (go calculate it)\n\n\n    var publicKey = utils.publicFromPrivateECDSA(curve, d);\n    var Q = publicKey.part['Q'].data;\n    var ecdsaKey = {\n      type: 'ecdsa',\n      curve: curve,\n      size: size,\n      parts: [{\n        name: 'curve',\n        data: Buffer.from(curve)\n      }, {\n        name: 'd',\n        data: d\n      }, {\n        name: 'Q',\n        data: Q\n      }]\n    };\n    return new PrivateKey(ecdsaKey);\n  }\n\n  throw new Error('Unsupported algorithm: ' + supportedAlgosById[alg]);\n}\n\nfunction dnssecTimestamp(date) {\n  var year = date.getFullYear() + ''; //stringify\n\n  var month = date.getMonth() + 1;\n  var timestampStr = year + month + date.getUTCDate();\n  timestampStr += '' + date.getUTCHours() + date.getUTCMinutes();\n  timestampStr += date.getUTCSeconds();\n  return timestampStr;\n}\n\nfunction rsaAlgFromOptions(opts) {\n  if (!opts || !opts.hashAlgo || opts.hashAlgo === 'sha1') return '5 (RSASHA1)';else if (opts.hashAlgo === 'sha256') return '8 (RSASHA256)';else if (opts.hashAlgo === 'sha512') return '10 (RSASHA512)';else throw new Error('Unknown or unsupported hash: ' + opts.hashAlgo);\n}\n\nfunction writeRSA(key, options) {\n  // if we're missing parts, add them.\n  if (!key.part.dmodp || !key.part.dmodq) {\n    utils.addRSAMissing(key);\n  }\n\n  var out = '';\n  out += 'Private-key-format: v1.3\\n';\n  out += 'Algorithm: ' + rsaAlgFromOptions(options) + '\\n';\n  var n = utils.mpDenormalize(key.part['n'].data);\n  out += 'Modulus: ' + n.toString('base64') + '\\n';\n  var e = utils.mpDenormalize(key.part['e'].data);\n  out += 'PublicExponent: ' + e.toString('base64') + '\\n';\n  var d = utils.mpDenormalize(key.part['d'].data);\n  out += 'PrivateExponent: ' + d.toString('base64') + '\\n';\n  var p = utils.mpDenormalize(key.part['p'].data);\n  out += 'Prime1: ' + p.toString('base64') + '\\n';\n  var q = utils.mpDenormalize(key.part['q'].data);\n  out += 'Prime2: ' + q.toString('base64') + '\\n';\n  var dmodp = utils.mpDenormalize(key.part['dmodp'].data);\n  out += 'Exponent1: ' + dmodp.toString('base64') + '\\n';\n  var dmodq = utils.mpDenormalize(key.part['dmodq'].data);\n  out += 'Exponent2: ' + dmodq.toString('base64') + '\\n';\n  var iqmp = utils.mpDenormalize(key.part['iqmp'].data);\n  out += 'Coefficient: ' + iqmp.toString('base64') + '\\n'; // Assume that we're valid as-of now\n\n  var timestamp = new Date();\n  out += 'Created: ' + dnssecTimestamp(timestamp) + '\\n';\n  out += 'Publish: ' + dnssecTimestamp(timestamp) + '\\n';\n  out += 'Activate: ' + dnssecTimestamp(timestamp) + '\\n';\n  return Buffer.from(out, 'ascii');\n}\n\nfunction writeECDSA(key, options) {\n  var out = '';\n  out += 'Private-key-format: v1.3\\n';\n\n  if (key.curve === 'nistp256') {\n    out += 'Algorithm: 13 (ECDSAP256SHA256)\\n';\n  } else if (key.curve === 'nistp384') {\n    out += 'Algorithm: 14 (ECDSAP384SHA384)\\n';\n  } else {\n    throw new Error('Unsupported curve');\n  }\n\n  var base64Key = key.part['d'].data.toString('base64');\n  out += 'PrivateKey: ' + base64Key + '\\n'; // Assume that we're valid as-of now\n\n  var timestamp = new Date();\n  out += 'Created: ' + dnssecTimestamp(timestamp) + '\\n';\n  out += 'Publish: ' + dnssecTimestamp(timestamp) + '\\n';\n  out += 'Activate: ' + dnssecTimestamp(timestamp) + '\\n';\n  return Buffer.from(out, 'ascii');\n}\n\nfunction write(key, options) {\n  if (PrivateKey.isPrivateKey(key)) {\n    if (key.type === 'rsa') {\n      return writeRSA(key, options);\n    } else if (key.type === 'ecdsa') {\n      return writeECDSA(key, options);\n    } else {\n      throw new Error('Unsupported algorithm: ' + key.type);\n    }\n  } else if (Key.isKey(key)) {\n    /*\n     * RFC3110 requires a keyname, and a keytype, which we\n     * don't really have a mechanism for specifying such\n     * additional metadata.\n     */\n    throw new Error('Format \"dnssec\" only supports ' + 'writing private keys');\n  } else {\n    throw new Error('key is not a Key or PrivateKey');\n  }\n}","map":{"version":3,"sources":["/Users/tylerkoenig/Code/personal/react-scss2/node_modules/sshpk/lib/formats/dnssec.js"],"names":["module","exports","read","write","assert","require","Buffer","Key","PrivateKey","utils","SSHBuffer","Dhe","supportedAlgos","supportedAlgosById","Object","keys","forEach","k","toUpperCase","buf","options","buffer","toString","lines","split","match","algElems","algoNum","parseInt","algoName","Error","readDNSSECPrivateKey","slice","line","length","readRFC3110","keyString","elems","algorithm","base64key","join","keyBuffer","from","publicExponentLen","readUInt8","publicExponent","mpNormalize","modulus","rsaKey","type","parts","push","name","data","curve","size","ecdsaKey","ecNormalize","elementToBuf","e","readDNSSECRSAPrivateKey","elements","rsaParams","element","key","alg","d","publicKey","publicFromPrivateECDSA","Q","part","dnssecTimestamp","date","year","getFullYear","month","getMonth","timestampStr","getUTCDate","getUTCHours","getUTCMinutes","getUTCSeconds","rsaAlgFromOptions","opts","hashAlgo","writeRSA","dmodp","dmodq","addRSAMissing","out","n","mpDenormalize","p","q","iqmp","timestamp","Date","writeECDSA","base64Key","isPrivateKey","isKey"],"mappings":"AAAA;AAEAA,MAAM,CAACC,OAAP,GAAiB;AAChBC,EAAAA,IAAI,EAAEA,IADU;AAEhBC,EAAAA,KAAK,EAAEA;AAFS,CAAjB;;AAKA,IAAIC,MAAM,GAAGC,OAAO,CAAC,aAAD,CAApB;;AACA,IAAIC,MAAM,GAAGD,OAAO,CAAC,cAAD,CAAP,CAAwBC,MAArC;;AACA,IAAIC,GAAG,GAAGF,OAAO,CAAC,QAAD,CAAjB;;AACA,IAAIG,UAAU,GAAGH,OAAO,CAAC,gBAAD,CAAxB;;AACA,IAAII,KAAK,GAAGJ,OAAO,CAAC,UAAD,CAAnB;;AACA,IAAIK,SAAS,GAAGL,OAAO,CAAC,eAAD,CAAvB;;AACA,IAAIM,GAAG,GAAGN,OAAO,CAAC,QAAD,CAAjB;;AAEA,IAAIO,cAAc,GAAG;AACpB,cAAa,CADO;AAEpB,gBAAe,CAFK;AAGpB,gBAAe,EAHK;AAIpB,uBAAsB,EAJF;AAKpB,uBAAsB;AACtB;AACD;AACA;AACA;AACA;;AAVqB,CAArB;AAaA,IAAIC,kBAAkB,GAAG,EAAzB;AACAC,MAAM,CAACC,IAAP,CAAYH,cAAZ,EAA4BI,OAA5B,CAAoC,UAAUC,CAAV,EAAa;AAChDJ,EAAAA,kBAAkB,CAACD,cAAc,CAACK,CAAD,CAAf,CAAlB,GAAwCA,CAAC,CAACC,WAAF,EAAxC;AACA,CAFD;;AAIA,SAAShB,IAAT,CAAciB,GAAd,EAAmBC,OAAnB,EAA4B;AAC3B,MAAI,OAAQD,GAAR,KAAiB,QAArB,EAA+B;AAC9Bf,IAAAA,MAAM,CAACiB,MAAP,CAAcF,GAAd,EAAmB,KAAnB;AACAA,IAAAA,GAAG,GAAGA,GAAG,CAACG,QAAJ,CAAa,OAAb,CAAN;AACA;;AACD,MAAIC,KAAK,GAAGJ,GAAG,CAACK,KAAJ,CAAU,IAAV,CAAZ;;AACA,MAAID,KAAK,CAAC,CAAD,CAAL,CAASE,KAAT,CAAe,0BAAf,CAAJ,EAAgD;AAC/C,QAAIC,QAAQ,GAAGH,KAAK,CAAC,CAAD,CAAL,CAASC,KAAT,CAAe,GAAf,CAAf;AACA,QAAIG,OAAO,GAAGC,QAAQ,CAACF,QAAQ,CAAC,CAAD,CAAT,EAAc,EAAd,CAAtB;AACA,QAAIG,QAAQ,GAAGH,QAAQ,CAAC,CAAD,CAAvB;AACA,QAAI,CAACb,kBAAkB,CAACc,OAAD,CAAvB,EACC,MAAO,IAAIG,KAAJ,CAAU,4BAA4BD,QAAtC,CAAP;AACD,WAAQE,oBAAoB,CAACJ,OAAD,EAAUJ,KAAK,CAACS,KAAN,CAAY,CAAZ,CAAV,CAA5B;AACA,GAb0B,CAe3B;;;AACA,MAAIC,IAAI,GAAG,CAAX;AACA;;AACA,SAAOV,KAAK,CAACU,IAAD,CAAL,CAAYR,KAAZ,CAAkB,KAAlB,CAAP,EACCQ,IAAI,GAnBsB,CAoB3B;;;AACA,MAAI,CAACV,KAAK,CAACU,IAAD,CAAL,CAAYR,KAAZ,CAAkB,YAAlB,KACDF,KAAK,CAACU,IAAD,CAAL,CAAYR,KAAZ,CAAkB,eAAlB,CADA,KACuCF,KAAK,CAACU,IAAI,GAAC,CAAN,CAAL,CAAcC,MAAd,KAAyB,CADpE,EACuE;AACtE,WAAQC,WAAW,CAACZ,KAAK,CAACU,IAAD,CAAN,CAAnB;AACA;;AACD,QAAO,IAAIH,KAAJ,CAAU,yBAAV,CAAP;AACA;;AAED,SAASK,WAAT,CAAqBC,SAArB,EAAgC;AAC/B,MAAIC,KAAK,GAAGD,SAAS,CAACZ,KAAV,CAAgB,GAAhB,CAAZ,CAD+B,CAE/B;AACA;;AACA,MAAIc,SAAS,GAAGV,QAAQ,CAACS,KAAK,CAAC,CAAD,CAAN,EAAW,EAAX,CAAxB;AACA,MAAI,CAACxB,kBAAkB,CAACyB,SAAD,CAAvB,EACC,MAAO,IAAIR,KAAJ,CAAU,4BAA4BQ,SAAtC,CAAP;AACD,MAAIC,SAAS,GAAGF,KAAK,CAACL,KAAN,CAAY,CAAZ,EAAeK,KAAK,CAACH,MAArB,EAA6BM,IAA7B,EAAhB;AACA,MAAIC,SAAS,GAAGnC,MAAM,CAACoC,IAAP,CAAYH,SAAZ,EAAuB,QAAvB,CAAhB;;AACA,MAAI1B,kBAAkB,CAACyB,SAAD,CAAlB,CAA8Bb,KAA9B,CAAoC,OAApC,CAAJ,EAAkD;AACjD;AACA,QAAIkB,iBAAiB,GAAGF,SAAS,CAACG,SAAV,CAAoB,CAApB,CAAxB;AACA,QAAID,iBAAiB,IAAI,CAArB,IAA0BA,iBAAiB,IAAI,CAAnD,EACC,MAAO,IAAIb,KAAJ,CAAU,8BACb,6BADG,CAAP;AAGD,QAAIe,cAAc,GAAGJ,SAAS,CAACT,KAAV,CAAgB,CAAhB,EAAmBW,iBAAiB,GAAC,CAArC,CAArB;AACAE,IAAAA,cAAc,GAAGpC,KAAK,CAACqC,WAAN,CAAkBD,cAAlB,CAAjB;AACA,QAAIE,OAAO,GAAGN,SAAS,CAACT,KAAV,CAAgB,IAAEW,iBAAlB,CAAd;AACAI,IAAAA,OAAO,GAAGtC,KAAK,CAACqC,WAAN,CAAkBC,OAAlB,CAAV,CAViD,CAWjD;;AACA,QAAIC,MAAM,GAAG;AACZC,MAAAA,IAAI,EAAE,KADM;AAEZC,MAAAA,KAAK,EAAE;AAFK,KAAb;AAIAF,IAAAA,MAAM,CAACE,KAAP,CAAaC,IAAb,CAAkB;AAAEC,MAAAA,IAAI,EAAE,GAAR;AAAaC,MAAAA,IAAI,EAAER;AAAnB,KAAlB;AACAG,IAAAA,MAAM,CAACE,KAAP,CAAaC,IAAb,CAAkB;AAAEC,MAAAA,IAAI,EAAE,GAAR;AAAaC,MAAAA,IAAI,EAAEN;AAAnB,KAAlB;AACA,WAAQ,IAAIxC,GAAJ,CAAQyC,MAAR,CAAR;AACA;;AACD,MAAInC,kBAAkB,CAACyB,SAAD,CAAlB,KAAkC,mBAAlC,IACAzB,kBAAkB,CAACyB,SAAD,CAAlB,KAAkC,mBADtC,EAC2D;AAC1D,QAAIgB,KAAK,GAAG,UAAZ;AACA,QAAIC,IAAI,GAAG,GAAX;;AACA,QAAI1C,kBAAkB,CAACyB,SAAD,CAAlB,CAA8Bb,KAA9B,CAAoC,oBAApC,CAAJ,EAA+D;AAC9D6B,MAAAA,KAAK,GAAG,UAAR;AACAC,MAAAA,IAAI,GAAG,GAAP;AACA;;AAED,QAAIC,QAAQ,GAAG;AACdP,MAAAA,IAAI,EAAE,OADQ;AAEdK,MAAAA,KAAK,EAAEA,KAFO;AAGdC,MAAAA,IAAI,EAAEA,IAHQ;AAIdL,MAAAA,KAAK,EAAE,CACN;AAACE,QAAAA,IAAI,EAAE,OAAP;AAAgBC,QAAAA,IAAI,EAAE/C,MAAM,CAACoC,IAAP,CAAYY,KAAZ;AAAtB,OADM,EAEN;AAACF,QAAAA,IAAI,EAAE,GAAP;AAAYC,QAAAA,IAAI,EAAE5C,KAAK,CAACgD,WAAN,CAAkBhB,SAAlB;AAAlB,OAFM;AAJO,KAAf;AASA,WAAQ,IAAIlC,GAAJ,CAAQiD,QAAR,CAAR;AACA;;AACD,QAAO,IAAI1B,KAAJ,CAAU,4BACbjB,kBAAkB,CAACyB,SAAD,CADf,CAAP;AAEA;;AAED,SAASoB,YAAT,CAAsBC,CAAtB,EAAyB;AACxB,SAAQrD,MAAM,CAACoC,IAAP,CAAYiB,CAAC,CAACnC,KAAF,CAAQ,GAAR,EAAa,CAAb,CAAZ,EAA6B,QAA7B,CAAR;AACA;;AAED,SAASoC,uBAAT,CAAiCC,QAAjC,EAA2C;AAC1C,MAAIC,SAAS,GAAG,EAAhB;AACAD,EAAAA,QAAQ,CAAC7C,OAAT,CAAiB,UAAU+C,OAAV,EAAmB;AACnC,QAAIA,OAAO,CAACvC,KAAR,CAAc,GAAd,EAAmB,CAAnB,MAA0B,UAA9B,EACCsC,SAAS,CAAC,GAAD,CAAT,GAAiBJ,YAAY,CAACK,OAAD,CAA7B,CADD,KAEK,IAAIA,OAAO,CAACvC,KAAR,CAAc,GAAd,EAAmB,CAAnB,MAA0B,iBAA9B,EACJsC,SAAS,CAAC,GAAD,CAAT,GAAiBJ,YAAY,CAACK,OAAD,CAA7B,CADI,KAEA,IAAIA,OAAO,CAACvC,KAAR,CAAc,GAAd,EAAmB,CAAnB,MAA0B,kBAA9B,EACJsC,SAAS,CAAC,GAAD,CAAT,GAAiBJ,YAAY,CAACK,OAAD,CAA7B,CADI,KAEA,IAAIA,OAAO,CAACvC,KAAR,CAAc,GAAd,EAAmB,CAAnB,MAA0B,SAA9B,EACJsC,SAAS,CAAC,GAAD,CAAT,GAAiBJ,YAAY,CAACK,OAAD,CAA7B,CADI,KAEA,IAAIA,OAAO,CAACvC,KAAR,CAAc,GAAd,EAAmB,CAAnB,MAA0B,SAA9B,EACJsC,SAAS,CAAC,GAAD,CAAT,GAAiBJ,YAAY,CAACK,OAAD,CAA7B,CADI,KAEA,IAAIA,OAAO,CAACvC,KAAR,CAAc,GAAd,EAAmB,CAAnB,MAA0B,YAA9B,EACJsC,SAAS,CAAC,OAAD,CAAT,GAAqBJ,YAAY,CAACK,OAAD,CAAjC,CADI,KAEA,IAAIA,OAAO,CAACvC,KAAR,CAAc,GAAd,EAAmB,CAAnB,MAA0B,YAA9B,EACJsC,SAAS,CAAC,OAAD,CAAT,GAAqBJ,YAAY,CAACK,OAAD,CAAjC,CADI,KAEA,IAAIA,OAAO,CAACvC,KAAR,CAAc,GAAd,EAAmB,CAAnB,MAA0B,cAA9B,EACJsC,SAAS,CAAC,MAAD,CAAT,GAAoBJ,YAAY,CAACK,OAAD,CAAhC;AACD,GAjBD,EAF0C,CAoB1C;;AACA,MAAIC,GAAG,GAAG;AACTf,IAAAA,IAAI,EAAE,KADG;AAETC,IAAAA,KAAK,EAAE,CACN;AAAEE,MAAAA,IAAI,EAAE,GAAR;AAAaC,MAAAA,IAAI,EAAE5C,KAAK,CAACqC,WAAN,CAAkBgB,SAAS,CAAC,GAAD,CAA3B;AAAnB,KADM,EAEN;AAAEV,MAAAA,IAAI,EAAE,GAAR;AAAaC,MAAAA,IAAI,EAAE5C,KAAK,CAACqC,WAAN,CAAkBgB,SAAS,CAAC,GAAD,CAA3B;AAAnB,KAFM,EAGN;AAAEV,MAAAA,IAAI,EAAE,GAAR;AAAaC,MAAAA,IAAI,EAAE5C,KAAK,CAACqC,WAAN,CAAkBgB,SAAS,CAAC,GAAD,CAA3B;AAAnB,KAHM,EAIN;AAAEV,MAAAA,IAAI,EAAE,GAAR;AAAaC,MAAAA,IAAI,EAAE5C,KAAK,CAACqC,WAAN,CAAkBgB,SAAS,CAAC,GAAD,CAA3B;AAAnB,KAJM,EAKN;AAAEV,MAAAA,IAAI,EAAE,GAAR;AAAaC,MAAAA,IAAI,EAAE5C,KAAK,CAACqC,WAAN,CAAkBgB,SAAS,CAAC,GAAD,CAA3B;AAAnB,KALM,EAMN;AAAEV,MAAAA,IAAI,EAAE,OAAR;AACIC,MAAAA,IAAI,EAAE5C,KAAK,CAACqC,WAAN,CAAkBgB,SAAS,CAAC,OAAD,CAA3B;AADV,KANM,EAQN;AAAEV,MAAAA,IAAI,EAAE,OAAR;AACIC,MAAAA,IAAI,EAAE5C,KAAK,CAACqC,WAAN,CAAkBgB,SAAS,CAAC,OAAD,CAA3B;AADV,KARM,EAUN;AAAEV,MAAAA,IAAI,EAAE,MAAR;AACIC,MAAAA,IAAI,EAAE5C,KAAK,CAACqC,WAAN,CAAkBgB,SAAS,CAAC,MAAD,CAA3B;AADV,KAVM;AAFE,GAAV;AAgBA,SAAQ,IAAItD,UAAJ,CAAewD,GAAf,CAAR;AACA;;AAED,SAASjC,oBAAT,CAA8BkC,GAA9B,EAAmCJ,QAAnC,EAA6C;AAC5C,MAAIhD,kBAAkB,CAACoD,GAAD,CAAlB,CAAwBxC,KAAxB,CAA8B,OAA9B,CAAJ,EAA4C;AAC3C,WAAQmC,uBAAuB,CAACC,QAAD,CAA/B;AACA;;AACD,MAAIhD,kBAAkB,CAACoD,GAAD,CAAlB,KAA4B,mBAA5B,IACApD,kBAAkB,CAACoD,GAAD,CAAlB,KAA4B,mBADhC,EACqD;AACpD,QAAIC,CAAC,GAAG5D,MAAM,CAACoC,IAAP,CAAYmB,QAAQ,CAAC,CAAD,CAAR,CAAYrC,KAAZ,CAAkB,GAAlB,EAAuB,CAAvB,CAAZ,EAAuC,QAAvC,CAAR;AACA,QAAI8B,KAAK,GAAG,UAAZ;AACA,QAAIC,IAAI,GAAG,GAAX;;AACA,QAAI1C,kBAAkB,CAACoD,GAAD,CAAlB,KAA4B,mBAAhC,EAAqD;AACpDX,MAAAA,KAAK,GAAG,UAAR;AACAC,MAAAA,IAAI,GAAG,GAAP;AACA,KAPmD,CAQpD;;;AACA,QAAIY,SAAS,GAAG1D,KAAK,CAAC2D,sBAAN,CAA6Bd,KAA7B,EAAoCY,CAApC,CAAhB;AACA,QAAIG,CAAC,GAAGF,SAAS,CAACG,IAAV,CAAe,GAAf,EAAoBjB,IAA5B;AACA,QAAIG,QAAQ,GAAG;AACdP,MAAAA,IAAI,EAAE,OADQ;AAEdK,MAAAA,KAAK,EAAEA,KAFO;AAGdC,MAAAA,IAAI,EAAEA,IAHQ;AAIdL,MAAAA,KAAK,EAAE,CACN;AAACE,QAAAA,IAAI,EAAE,OAAP;AAAgBC,QAAAA,IAAI,EAAE/C,MAAM,CAACoC,IAAP,CAAYY,KAAZ;AAAtB,OADM,EAEN;AAACF,QAAAA,IAAI,EAAE,GAAP;AAAYC,QAAAA,IAAI,EAAEa;AAAlB,OAFM,EAGN;AAACd,QAAAA,IAAI,EAAE,GAAP;AAAYC,QAAAA,IAAI,EAAEgB;AAAlB,OAHM;AAJO,KAAf;AAUA,WAAQ,IAAI7D,UAAJ,CAAegD,QAAf,CAAR;AACA;;AACD,QAAO,IAAI1B,KAAJ,CAAU,4BAA4BjB,kBAAkB,CAACoD,GAAD,CAAxD,CAAP;AACA;;AAED,SAASM,eAAT,CAAyBC,IAAzB,EAA+B;AAC9B,MAAIC,IAAI,GAAGD,IAAI,CAACE,WAAL,KAAqB,EAAhC,CAD8B,CACM;;AACpC,MAAIC,KAAK,GAAIH,IAAI,CAACI,QAAL,KAAkB,CAA/B;AACA,MAAIC,YAAY,GAAGJ,IAAI,GAAGE,KAAP,GAAeH,IAAI,CAACM,UAAL,EAAlC;AACAD,EAAAA,YAAY,IAAI,KAAKL,IAAI,CAACO,WAAL,EAAL,GAA0BP,IAAI,CAACQ,aAAL,EAA1C;AACAH,EAAAA,YAAY,IAAIL,IAAI,CAACS,aAAL,EAAhB;AACA,SAAQJ,YAAR;AACA;;AAED,SAASK,iBAAT,CAA2BC,IAA3B,EAAiC;AAChC,MAAI,CAACA,IAAD,IAAS,CAACA,IAAI,CAACC,QAAf,IAA2BD,IAAI,CAACC,QAAL,KAAkB,MAAjD,EACC,OAAQ,aAAR,CADD,KAEK,IAAID,IAAI,CAACC,QAAL,KAAkB,QAAtB,EACJ,OAAQ,eAAR,CADI,KAEA,IAAID,IAAI,CAACC,QAAL,KAAkB,QAAtB,EACJ,OAAQ,gBAAR,CADI,KAGJ,MAAO,IAAItD,KAAJ,CAAU,kCACbqD,IAAI,CAACC,QADF,CAAP;AAED;;AAED,SAASC,QAAT,CAAkBrB,GAAlB,EAAuB5C,OAAvB,EAAgC;AAC/B;AACA,MAAI,CAAC4C,GAAG,CAACM,IAAJ,CAASgB,KAAV,IAAmB,CAACtB,GAAG,CAACM,IAAJ,CAASiB,KAAjC,EAAwC;AACvC9E,IAAAA,KAAK,CAAC+E,aAAN,CAAoBxB,GAApB;AACA;;AAED,MAAIyB,GAAG,GAAG,EAAV;AACAA,EAAAA,GAAG,IAAI,4BAAP;AACAA,EAAAA,GAAG,IAAI,gBAAgBP,iBAAiB,CAAC9D,OAAD,CAAjC,GAA6C,IAApD;AACA,MAAIsE,CAAC,GAAGjF,KAAK,CAACkF,aAAN,CAAoB3B,GAAG,CAACM,IAAJ,CAAS,GAAT,EAAcjB,IAAlC,CAAR;AACAoC,EAAAA,GAAG,IAAI,cAAcC,CAAC,CAACpE,QAAF,CAAW,QAAX,CAAd,GAAqC,IAA5C;AACA,MAAIqC,CAAC,GAAGlD,KAAK,CAACkF,aAAN,CAAoB3B,GAAG,CAACM,IAAJ,CAAS,GAAT,EAAcjB,IAAlC,CAAR;AACAoC,EAAAA,GAAG,IAAI,qBAAqB9B,CAAC,CAACrC,QAAF,CAAW,QAAX,CAArB,GAA4C,IAAnD;AACA,MAAI4C,CAAC,GAAGzD,KAAK,CAACkF,aAAN,CAAoB3B,GAAG,CAACM,IAAJ,CAAS,GAAT,EAAcjB,IAAlC,CAAR;AACAoC,EAAAA,GAAG,IAAI,sBAAsBvB,CAAC,CAAC5C,QAAF,CAAW,QAAX,CAAtB,GAA6C,IAApD;AACA,MAAIsE,CAAC,GAAGnF,KAAK,CAACkF,aAAN,CAAoB3B,GAAG,CAACM,IAAJ,CAAS,GAAT,EAAcjB,IAAlC,CAAR;AACAoC,EAAAA,GAAG,IAAI,aAAaG,CAAC,CAACtE,QAAF,CAAW,QAAX,CAAb,GAAoC,IAA3C;AACA,MAAIuE,CAAC,GAAGpF,KAAK,CAACkF,aAAN,CAAoB3B,GAAG,CAACM,IAAJ,CAAS,GAAT,EAAcjB,IAAlC,CAAR;AACAoC,EAAAA,GAAG,IAAI,aAAaI,CAAC,CAACvE,QAAF,CAAW,QAAX,CAAb,GAAoC,IAA3C;AACA,MAAIgE,KAAK,GAAG7E,KAAK,CAACkF,aAAN,CAAoB3B,GAAG,CAACM,IAAJ,CAAS,OAAT,EAAkBjB,IAAtC,CAAZ;AACAoC,EAAAA,GAAG,IAAI,gBAAgBH,KAAK,CAAChE,QAAN,CAAe,QAAf,CAAhB,GAA2C,IAAlD;AACA,MAAIiE,KAAK,GAAG9E,KAAK,CAACkF,aAAN,CAAoB3B,GAAG,CAACM,IAAJ,CAAS,OAAT,EAAkBjB,IAAtC,CAAZ;AACAoC,EAAAA,GAAG,IAAI,gBAAgBF,KAAK,CAACjE,QAAN,CAAe,QAAf,CAAhB,GAA2C,IAAlD;AACA,MAAIwE,IAAI,GAAGrF,KAAK,CAACkF,aAAN,CAAoB3B,GAAG,CAACM,IAAJ,CAAS,MAAT,EAAiBjB,IAArC,CAAX;AACAoC,EAAAA,GAAG,IAAI,kBAAkBK,IAAI,CAACxE,QAAL,CAAc,QAAd,CAAlB,GAA4C,IAAnD,CAxB+B,CAyB/B;;AACA,MAAIyE,SAAS,GAAG,IAAIC,IAAJ,EAAhB;AACAP,EAAAA,GAAG,IAAI,cAAclB,eAAe,CAACwB,SAAD,CAA7B,GAA2C,IAAlD;AACAN,EAAAA,GAAG,IAAI,cAAclB,eAAe,CAACwB,SAAD,CAA7B,GAA2C,IAAlD;AACAN,EAAAA,GAAG,IAAI,eAAelB,eAAe,CAACwB,SAAD,CAA9B,GAA4C,IAAnD;AACA,SAAQzF,MAAM,CAACoC,IAAP,CAAY+C,GAAZ,EAAiB,OAAjB,CAAR;AACA;;AAED,SAASQ,UAAT,CAAoBjC,GAApB,EAAyB5C,OAAzB,EAAkC;AACjC,MAAIqE,GAAG,GAAG,EAAV;AACAA,EAAAA,GAAG,IAAI,4BAAP;;AAEA,MAAIzB,GAAG,CAACV,KAAJ,KAAc,UAAlB,EAA8B;AAC7BmC,IAAAA,GAAG,IAAI,mCAAP;AACA,GAFD,MAEO,IAAIzB,GAAG,CAACV,KAAJ,KAAc,UAAlB,EAA8B;AACpCmC,IAAAA,GAAG,IAAI,mCAAP;AACA,GAFM,MAEA;AACN,UAAO,IAAI3D,KAAJ,CAAU,mBAAV,CAAP;AACA;;AACD,MAAIoE,SAAS,GAAGlC,GAAG,CAACM,IAAJ,CAAS,GAAT,EAAcjB,IAAd,CAAmB/B,QAAnB,CAA4B,QAA5B,CAAhB;AACAmE,EAAAA,GAAG,IAAI,iBAAiBS,SAAjB,GAA6B,IAApC,CAZiC,CAcjC;;AACA,MAAIH,SAAS,GAAG,IAAIC,IAAJ,EAAhB;AACAP,EAAAA,GAAG,IAAI,cAAclB,eAAe,CAACwB,SAAD,CAA7B,GAA2C,IAAlD;AACAN,EAAAA,GAAG,IAAI,cAAclB,eAAe,CAACwB,SAAD,CAA7B,GAA2C,IAAlD;AACAN,EAAAA,GAAG,IAAI,eAAelB,eAAe,CAACwB,SAAD,CAA9B,GAA4C,IAAnD;AAEA,SAAQzF,MAAM,CAACoC,IAAP,CAAY+C,GAAZ,EAAiB,OAAjB,CAAR;AACA;;AAED,SAAStF,KAAT,CAAe6D,GAAf,EAAoB5C,OAApB,EAA6B;AAC5B,MAAIZ,UAAU,CAAC2F,YAAX,CAAwBnC,GAAxB,CAAJ,EAAkC;AACjC,QAAIA,GAAG,CAACf,IAAJ,KAAa,KAAjB,EAAwB;AACvB,aAAQoC,QAAQ,CAACrB,GAAD,EAAM5C,OAAN,CAAhB;AACA,KAFD,MAEO,IAAI4C,GAAG,CAACf,IAAJ,KAAa,OAAjB,EAA0B;AAChC,aAAQgD,UAAU,CAACjC,GAAD,EAAM5C,OAAN,CAAlB;AACA,KAFM,MAEA;AACN,YAAO,IAAIU,KAAJ,CAAU,4BAA4BkC,GAAG,CAACf,IAA1C,CAAP;AACA;AACD,GARD,MAQO,IAAI1C,GAAG,CAAC6F,KAAJ,CAAUpC,GAAV,CAAJ,EAAoB;AAC1B;AACF;AACA;AACA;AACA;AACE,UAAO,IAAIlC,KAAJ,CAAU,mCACb,sBADG,CAAP;AAEA,GARM,MAQA;AACN,UAAO,IAAIA,KAAJ,CAAU,gCAAV,CAAP;AACA;AACD","sourcesContent":["// Copyright 2017 Joyent, Inc.\n\nmodule.exports = {\n\tread: read,\n\twrite: write\n};\n\nvar assert = require('assert-plus');\nvar Buffer = require('safer-buffer').Buffer;\nvar Key = require('../key');\nvar PrivateKey = require('../private-key');\nvar utils = require('../utils');\nvar SSHBuffer = require('../ssh-buffer');\nvar Dhe = require('../dhe');\n\nvar supportedAlgos = {\n\t'rsa-sha1' : 5,\n\t'rsa-sha256' : 8,\n\t'rsa-sha512' : 10,\n\t'ecdsa-p256-sha256' : 13,\n\t'ecdsa-p384-sha384' : 14\n\t/*\n\t * ed25519 is hypothetically supported with id 15\n\t * but the common tools available don't appear to be\n\t * capable of generating/using ed25519 keys\n\t */\n};\n\nvar supportedAlgosById = {};\nObject.keys(supportedAlgos).forEach(function (k) {\n\tsupportedAlgosById[supportedAlgos[k]] = k.toUpperCase();\n});\n\nfunction read(buf, options) {\n\tif (typeof (buf) !== 'string') {\n\t\tassert.buffer(buf, 'buf');\n\t\tbuf = buf.toString('ascii');\n\t}\n\tvar lines = buf.split('\\n');\n\tif (lines[0].match(/^Private-key-format\\: v1/)) {\n\t\tvar algElems = lines[1].split(' ');\n\t\tvar algoNum = parseInt(algElems[1], 10);\n\t\tvar algoName = algElems[2];\n\t\tif (!supportedAlgosById[algoNum])\n\t\t\tthrow (new Error('Unsupported algorithm: ' + algoName));\n\t\treturn (readDNSSECPrivateKey(algoNum, lines.slice(2)));\n\t}\n\n\t// skip any comment-lines\n\tvar line = 0;\n\t/* JSSTYLED */\n\twhile (lines[line].match(/^\\;/))\n\t\tline++;\n\t// we should now have *one single* line left with our KEY on it.\n\tif ((lines[line].match(/\\. IN KEY /) ||\n\t    lines[line].match(/\\. IN DNSKEY /)) && lines[line+1].length === 0) {\n\t\treturn (readRFC3110(lines[line]));\n\t}\n\tthrow (new Error('Cannot parse dnssec key'));\n}\n\nfunction readRFC3110(keyString) {\n\tvar elems = keyString.split(' ');\n\t//unused var flags = parseInt(elems[3], 10);\n\t//unused var protocol = parseInt(elems[4], 10);\n\tvar algorithm = parseInt(elems[5], 10);\n\tif (!supportedAlgosById[algorithm])\n\t\tthrow (new Error('Unsupported algorithm: ' + algorithm));\n\tvar base64key = elems.slice(6, elems.length).join();\n\tvar keyBuffer = Buffer.from(base64key, 'base64');\n\tif (supportedAlgosById[algorithm].match(/^RSA-/)) {\n\t\t// join the rest of the body into a single base64-blob\n\t\tvar publicExponentLen = keyBuffer.readUInt8(0);\n\t\tif (publicExponentLen != 3 && publicExponentLen != 1)\n\t\t\tthrow (new Error('Cannot parse dnssec key: ' +\n\t\t\t    'unsupported exponent length'));\n\n\t\tvar publicExponent = keyBuffer.slice(1, publicExponentLen+1);\n\t\tpublicExponent = utils.mpNormalize(publicExponent);\n\t\tvar modulus = keyBuffer.slice(1+publicExponentLen);\n\t\tmodulus = utils.mpNormalize(modulus);\n\t\t// now, make the key\n\t\tvar rsaKey = {\n\t\t\ttype: 'rsa',\n\t\t\tparts: []\n\t\t};\n\t\trsaKey.parts.push({ name: 'e', data: publicExponent});\n\t\trsaKey.parts.push({ name: 'n', data: modulus});\n\t\treturn (new Key(rsaKey));\n\t}\n\tif (supportedAlgosById[algorithm] === 'ECDSA-P384-SHA384' ||\n\t    supportedAlgosById[algorithm] === 'ECDSA-P256-SHA256') {\n\t\tvar curve = 'nistp384';\n\t\tvar size = 384;\n\t\tif (supportedAlgosById[algorithm].match(/^ECDSA-P256-SHA256/)) {\n\t\t\tcurve = 'nistp256';\n\t\t\tsize = 256;\n\t\t}\n\n\t\tvar ecdsaKey = {\n\t\t\ttype: 'ecdsa',\n\t\t\tcurve: curve,\n\t\t\tsize: size,\n\t\t\tparts: [\n\t\t\t\t{name: 'curve', data: Buffer.from(curve) },\n\t\t\t\t{name: 'Q', data: utils.ecNormalize(keyBuffer) }\n\t\t\t]\n\t\t};\n\t\treturn (new Key(ecdsaKey));\n\t}\n\tthrow (new Error('Unsupported algorithm: ' +\n\t    supportedAlgosById[algorithm]));\n}\n\nfunction elementToBuf(e) {\n\treturn (Buffer.from(e.split(' ')[1], 'base64'));\n}\n\nfunction readDNSSECRSAPrivateKey(elements) {\n\tvar rsaParams = {};\n\telements.forEach(function (element) {\n\t\tif (element.split(' ')[0] === 'Modulus:')\n\t\t\trsaParams['n'] = elementToBuf(element);\n\t\telse if (element.split(' ')[0] === 'PublicExponent:')\n\t\t\trsaParams['e'] = elementToBuf(element);\n\t\telse if (element.split(' ')[0] === 'PrivateExponent:')\n\t\t\trsaParams['d'] = elementToBuf(element);\n\t\telse if (element.split(' ')[0] === 'Prime1:')\n\t\t\trsaParams['p'] = elementToBuf(element);\n\t\telse if (element.split(' ')[0] === 'Prime2:')\n\t\t\trsaParams['q'] = elementToBuf(element);\n\t\telse if (element.split(' ')[0] === 'Exponent1:')\n\t\t\trsaParams['dmodp'] = elementToBuf(element);\n\t\telse if (element.split(' ')[0] === 'Exponent2:')\n\t\t\trsaParams['dmodq'] = elementToBuf(element);\n\t\telse if (element.split(' ')[0] === 'Coefficient:')\n\t\t\trsaParams['iqmp'] = elementToBuf(element);\n\t});\n\t// now, make the key\n\tvar key = {\n\t\ttype: 'rsa',\n\t\tparts: [\n\t\t\t{ name: 'e', data: utils.mpNormalize(rsaParams['e'])},\n\t\t\t{ name: 'n', data: utils.mpNormalize(rsaParams['n'])},\n\t\t\t{ name: 'd', data: utils.mpNormalize(rsaParams['d'])},\n\t\t\t{ name: 'p', data: utils.mpNormalize(rsaParams['p'])},\n\t\t\t{ name: 'q', data: utils.mpNormalize(rsaParams['q'])},\n\t\t\t{ name: 'dmodp',\n\t\t\t    data: utils.mpNormalize(rsaParams['dmodp'])},\n\t\t\t{ name: 'dmodq',\n\t\t\t    data: utils.mpNormalize(rsaParams['dmodq'])},\n\t\t\t{ name: 'iqmp',\n\t\t\t    data: utils.mpNormalize(rsaParams['iqmp'])}\n\t\t]\n\t};\n\treturn (new PrivateKey(key));\n}\n\nfunction readDNSSECPrivateKey(alg, elements) {\n\tif (supportedAlgosById[alg].match(/^RSA-/)) {\n\t\treturn (readDNSSECRSAPrivateKey(elements));\n\t}\n\tif (supportedAlgosById[alg] === 'ECDSA-P384-SHA384' ||\n\t    supportedAlgosById[alg] === 'ECDSA-P256-SHA256') {\n\t\tvar d = Buffer.from(elements[0].split(' ')[1], 'base64');\n\t\tvar curve = 'nistp384';\n\t\tvar size = 384;\n\t\tif (supportedAlgosById[alg] === 'ECDSA-P256-SHA256') {\n\t\t\tcurve = 'nistp256';\n\t\t\tsize = 256;\n\t\t}\n\t\t// DNSSEC generates the public-key on the fly (go calculate it)\n\t\tvar publicKey = utils.publicFromPrivateECDSA(curve, d);\n\t\tvar Q = publicKey.part['Q'].data;\n\t\tvar ecdsaKey = {\n\t\t\ttype: 'ecdsa',\n\t\t\tcurve: curve,\n\t\t\tsize: size,\n\t\t\tparts: [\n\t\t\t\t{name: 'curve', data: Buffer.from(curve) },\n\t\t\t\t{name: 'd', data: d },\n\t\t\t\t{name: 'Q', data: Q }\n\t\t\t]\n\t\t};\n\t\treturn (new PrivateKey(ecdsaKey));\n\t}\n\tthrow (new Error('Unsupported algorithm: ' + supportedAlgosById[alg]));\n}\n\nfunction dnssecTimestamp(date) {\n\tvar year = date.getFullYear() + ''; //stringify\n\tvar month = (date.getMonth() + 1);\n\tvar timestampStr = year + month + date.getUTCDate();\n\ttimestampStr += '' + date.getUTCHours() + date.getUTCMinutes();\n\ttimestampStr += date.getUTCSeconds();\n\treturn (timestampStr);\n}\n\nfunction rsaAlgFromOptions(opts) {\n\tif (!opts || !opts.hashAlgo || opts.hashAlgo === 'sha1')\n\t\treturn ('5 (RSASHA1)');\n\telse if (opts.hashAlgo === 'sha256')\n\t\treturn ('8 (RSASHA256)');\n\telse if (opts.hashAlgo === 'sha512')\n\t\treturn ('10 (RSASHA512)');\n\telse\n\t\tthrow (new Error('Unknown or unsupported hash: ' +\n\t\t    opts.hashAlgo));\n}\n\nfunction writeRSA(key, options) {\n\t// if we're missing parts, add them.\n\tif (!key.part.dmodp || !key.part.dmodq) {\n\t\tutils.addRSAMissing(key);\n\t}\n\n\tvar out = '';\n\tout += 'Private-key-format: v1.3\\n';\n\tout += 'Algorithm: ' + rsaAlgFromOptions(options) + '\\n';\n\tvar n = utils.mpDenormalize(key.part['n'].data);\n\tout += 'Modulus: ' + n.toString('base64') + '\\n';\n\tvar e = utils.mpDenormalize(key.part['e'].data);\n\tout += 'PublicExponent: ' + e.toString('base64') + '\\n';\n\tvar d = utils.mpDenormalize(key.part['d'].data);\n\tout += 'PrivateExponent: ' + d.toString('base64') + '\\n';\n\tvar p = utils.mpDenormalize(key.part['p'].data);\n\tout += 'Prime1: ' + p.toString('base64') + '\\n';\n\tvar q = utils.mpDenormalize(key.part['q'].data);\n\tout += 'Prime2: ' + q.toString('base64') + '\\n';\n\tvar dmodp = utils.mpDenormalize(key.part['dmodp'].data);\n\tout += 'Exponent1: ' + dmodp.toString('base64') + '\\n';\n\tvar dmodq = utils.mpDenormalize(key.part['dmodq'].data);\n\tout += 'Exponent2: ' + dmodq.toString('base64') + '\\n';\n\tvar iqmp = utils.mpDenormalize(key.part['iqmp'].data);\n\tout += 'Coefficient: ' + iqmp.toString('base64') + '\\n';\n\t// Assume that we're valid as-of now\n\tvar timestamp = new Date();\n\tout += 'Created: ' + dnssecTimestamp(timestamp) + '\\n';\n\tout += 'Publish: ' + dnssecTimestamp(timestamp) + '\\n';\n\tout += 'Activate: ' + dnssecTimestamp(timestamp) + '\\n';\n\treturn (Buffer.from(out, 'ascii'));\n}\n\nfunction writeECDSA(key, options) {\n\tvar out = '';\n\tout += 'Private-key-format: v1.3\\n';\n\n\tif (key.curve === 'nistp256') {\n\t\tout += 'Algorithm: 13 (ECDSAP256SHA256)\\n';\n\t} else if (key.curve === 'nistp384') {\n\t\tout += 'Algorithm: 14 (ECDSAP384SHA384)\\n';\n\t} else {\n\t\tthrow (new Error('Unsupported curve'));\n\t}\n\tvar base64Key = key.part['d'].data.toString('base64');\n\tout += 'PrivateKey: ' + base64Key + '\\n';\n\n\t// Assume that we're valid as-of now\n\tvar timestamp = new Date();\n\tout += 'Created: ' + dnssecTimestamp(timestamp) + '\\n';\n\tout += 'Publish: ' + dnssecTimestamp(timestamp) + '\\n';\n\tout += 'Activate: ' + dnssecTimestamp(timestamp) + '\\n';\n\n\treturn (Buffer.from(out, 'ascii'));\n}\n\nfunction write(key, options) {\n\tif (PrivateKey.isPrivateKey(key)) {\n\t\tif (key.type === 'rsa') {\n\t\t\treturn (writeRSA(key, options));\n\t\t} else if (key.type === 'ecdsa') {\n\t\t\treturn (writeECDSA(key, options));\n\t\t} else {\n\t\t\tthrow (new Error('Unsupported algorithm: ' + key.type));\n\t\t}\n\t} else if (Key.isKey(key)) {\n\t\t/*\n\t\t * RFC3110 requires a keyname, and a keytype, which we\n\t\t * don't really have a mechanism for specifying such\n\t\t * additional metadata.\n\t\t */\n\t\tthrow (new Error('Format \"dnssec\" only supports ' +\n\t\t    'writing private keys'));\n\t} else {\n\t\tthrow (new Error('key is not a Key or PrivateKey'));\n\t}\n}\n"]},"metadata":{},"sourceType":"script"}