Diff

Differences From Artifact [757d0fe647]:

To Artifact [3e65cda43f]:


1
2

3
4
5


6
7
8

9
10

11














12
13
14
15
16
17
18
19
20
21
22
#! /usr/bin/env tclsh


lappend auto_path /home/rkeene/devel/tcl-duktape/build/work /home/rkeene/devel/tuapi /home/rkeene/devel/tclpkcs11-fossil/build/work {*}[glob -nocomplain -directory /opt/appfs/rkeene.org/tcllib/platform/latest/lib/ tcllib*]

package provide pki 0.10


catch {
	source /home/rkeene/devel/tcllib-pki/pki.tcl
}

package require duktape
package require tuapi

package require pki::pkcs11















proc pkcs11ModuleHandle {} {
	if {![info exists ::pkcs11ModuleHandle]} {
		set ::pkcs11ModuleHandle [::pki::pkcs11::loadmodule /home/rkeene/tmp/cackey/build/tcl/softokn3-pkcs11.so]
	}
	return $::pkcs11ModuleHandle
}

proc pkcs11ModuleUnload {handle} {
	if {[info exists ::pkcs11ModuleHandle] && $handle eq $::pkcs11ModuleHandle} {
		unset ::pkcs11ModuleHandle


>
|
|
|
>
>
|
|

>
|

>
|
>
>
>
>
>
>
>
>
>
>
>
>
>
>



|







1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
#! /usr/bin/env tclsh

if {[info exists ::env(SSH_AGENT_LIB_PATH)]} {
	lappend auto_path {*}$::env(SSH_AGENT_LIB_PATH)
}

if {[info exists ::env(SSH_AGENT_PKCS11_MODULE)]} {
	set ::pkcs11ModuleFilename $::env(SSH_AGENT_PKCS11_MODULE)
} else {
	set ::pkcs11ModuleFilename /home/rkeene/tmp/cackey/build/tcl/softokn3-pkcs11.so
}

package require duktape 0.7
package require tuapi
package require pki 0.6
package require pki::pkcs11 0.9.9

## HACK: Fix up older versions of "pki" to include the raw certificate
##       this is needed
apply {{} {
	set procToUpdate ::pki::x509::parse_cert
	if {![string match "*set ret(raw)*" [info body $procToUpdate]]} {
		set body [info body $procToUpdate]
		set body [string map {
			"::asn::asnGetSequence cert_seq wholething"
			"set ret(raw) $cert_seq; binary scan $ret(raw) H* ret(raw); ::asn::asnGetSequence cert_seq wholething"
		} $body]
		proc $procToUpdate [info args $procToUpdate] $body
	}
}}

proc pkcs11ModuleHandle {} {
	if {![info exists ::pkcs11ModuleHandle]} {
		set ::pkcs11ModuleHandle [::pki::pkcs11::loadmodule $::pkcs11ModuleFilename]
	}
	return $::pkcs11ModuleHandle
}

proc pkcs11ModuleUnload {handle} {
	if {[info exists ::pkcs11ModuleHandle] && $handle eq $::pkcs11ModuleHandle} {
		unset ::pkcs11ModuleHandle
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125




126
127
128
129
130
131
132
			}
		}
		X509.parseCert = __parseCert;
		delete __parseCert;
	}
}

proc initSSHAgent {} {
	foreach file {chrome-emu.js ssh-agent-noasync.js} {
		unset -nocomplain fd
		catch {
			set fd [open $file]
			set js($file) [read $fd]
		}
		catch {
			close $fd
		}
	}





	set jsHandle [::duktape::init -safe true]

	::duktape::tcl-function $jsHandle __puts {args} {
		if {[llength $args] ni {1 2}} {
			return -code error "wrong # args: puts ?{stderr|stdout}? message"
		}
		if {[llength $args] == 2} {







|
|
<

|
|






>
>
>
>







126
127
128
129
130
131
132
133
134

135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
			}
		}
		X509.parseCert = __parseCert;
		delete __parseCert;
	}
}

proc readFile {fileName} {
	if {![info exists ::readFile($fileName)]} {

		catch {
			set fd [open $fileName]
			set ::readFile($fileName) [read $fd]
		}
		catch {
			close $fd
		}
	}

	return $::readFile($fileName)
}

proc initSSHAgent {} {
	set jsHandle [::duktape::init -safe true]

	::duktape::tcl-function $jsHandle __puts {args} {
		if {[llength $args] ni {1 2}} {
			return -code error "wrong # args: puts ?{stderr|stdout}? message"
		}
		if {[llength $args] == 2} {
142
143
144
145
146
147
148
149
150
151
152
153

154
155
156
157
158
159
160
		runtime = {};
		runtime.puts = __puts;
		runtime.stderr = "stderr";
		delete __puts;
	}

	::duktape::eval $jsHandle {var goog = {DEBUG: false};}
	::duktape::eval $jsHandle $js(chrome-emu.js)
	addRSAToJS $jsHandle
	::duktape::eval $jsHandle $js(ssh-agent-noasync.js)
	::duktape::eval $jsHandle {cackeySSHAgentFeatures.enabled = true;}
	::duktape::eval $jsHandle {cackeySSHAgentFeatures.includeCerts = true;}

	::duktape::eval $jsHandle {
		function connection(callback) {
			this.sender = {
				id: "pnhechapfaindjhompbnflcldabbghjo"
			};
			this.onMessage = {
				listeners: [],







|

|

|
>







164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
		runtime = {};
		runtime.puts = __puts;
		runtime.stderr = "stderr";
		delete __puts;
	}

	::duktape::eval $jsHandle {var goog = {DEBUG: false};}
	::duktape::eval $jsHandle [readFile chrome-emu.js]
	addRSAToJS $jsHandle
	::duktape::eval $jsHandle [readFile ssh-agent-noasync.js]
	::duktape::eval $jsHandle {cackeySSHAgentFeatures.enabled = true;}
	::duktape::eval $jsHandle {cackeySSHAgentFeatures.includeCerts = false;}
	::duktape::eval $jsHandle {cackeySSHAgentFeatures.legacy = false;}
	::duktape::eval $jsHandle {
		function connection(callback) {
			this.sender = {
				id: "pnhechapfaindjhompbnflcldabbghjo"
			};
			this.onMessage = {
				listeners: [],
336
337
338
339
340
341
342

343


344
345
346
347
348
349
350
		puts stderr "ERROR: $::errorInfo"
		close $sock
	}
}

proc incomingConnection {sock args} {
	if {[catch {

		set jsHandle [initSSHAgent]



		::duktape::eval $jsHandle {var socket = new connection(handleDataFromAgent);}
		::duktape::eval $jsHandle "socket.handle = \"$sock\";"
		::duktape::eval $jsHandle {chrome.runtime.externalConnect(socket);}

		fconfigure $sock -translation binary -encoding binary -blocking true
		fileevent $sock readable [list handleData $sock $jsHandle]







>
|
>
>







359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
		puts stderr "ERROR: $::errorInfo"
		close $sock
	}
}

proc incomingConnection {sock args} {
	if {[catch {
		if {![info exists ::jsHandle]} {
			set ::jsHandle [initSSHAgent]
		}
		set jsHandle $::jsHandle

		::duktape::eval $jsHandle {var socket = new connection(handleDataFromAgent);}
		::duktape::eval $jsHandle "socket.handle = \"$sock\";"
		::duktape::eval $jsHandle {chrome.runtime.externalConnect(socket);}

		fconfigure $sock -translation binary -encoding binary -blocking true
		fileevent $sock readable [list handleData $sock $jsHandle]