Overview
| Comment: | Better matching of requested blob to one of our certificates |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
fd3c9977892f23e41c79e08ee21c2377 |
| User & Date: | rkeene on 2019-02-04 23:17:59 |
| Other Links: | manifest | tags |
Context
|
2019-06-05
| ||
| 18:12 | Work on getting an SSH agent UI going check-in: 4ce30d9e04 user: rkeene tags: ssh-agent-ui | |
|
2019-02-06
| ||
| 17:58 | Disable SSH Agent by default for this release check-in: eb5db5feea user: rkeene tags: trunk | |
|
2019-02-04
| ||
| 23:17 | Better matching of requested blob to one of our certificates check-in: fd3c997789 user: rkeene tags: trunk | |
| 17:32 | More X.509v3 support for SSH agent check-in: 0defa19481 user: rkeene tags: trunk | |
Changes
Modified build/chrome/ssh-agent.js from [f7f7a0c55f] to [7141592f34].
| ︙ | ︙ | |||
199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 |
0x80 | ((charcode >> 6) & 0x3f),
0x80 | (charcode & 0x3f));
}
}
return utf8;
}
function cackeySSHAgentEncodeString(string) {
var result;
result = cackeySSHAgentEncodeLV(cackeySSHAgentEncodeToUTF8Array(string));
return(result);
}
| > > > > > > > > > > > > > > > > > > > > | > > > > | | | 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 |
0x80 | ((charcode >> 6) & 0x3f),
0x80 | (charcode & 0x3f));
}
}
return utf8;
}
function cackeySSHAgentDecodeFromUTF8Array(inputArray) {
var hexString;
var output;
hexString = cackeySSHAgentEncodeBinaryToHex(inputArray, "%");
output = decodeURIComponent(hexString)
return(output);
}
function cackeySSHAgentEncodeString(string) {
var result;
result = cackeySSHAgentEncodeLV(cackeySSHAgentEncodeToUTF8Array(string));
return(result);
}
function cackeySSHAgentDecodeString(input) {
var output;
output = cackeySSHAgentDecodeLV(input);
output.value = cackeySSHAgentDecodeFromUTF8Array(output.value);
return(output);
}
function cackeySSHAgentEncodeBinaryToHex(binaryString, prefix) {
var buffer;
if (!prefix) {
prefix = "";
}
switch (typeof(binaryString)) {
case "string":
buffer = binaryString.split("").map(function(c) {
return(prefix + c.charCodeAt(0).toString(16).padStart(2, '0'));
}).join("");
break;
default:
buffer = [];
new Uint8Array(binaryString).map(function(c) {
buffer.push(prefix + c.toString(16).padStart(2, '0'));
});
buffer = buffer.join("");
break;
}
return(buffer);
}
|
| ︙ | ︙ | |||
329 330 331 332 333 334 335 336 337 338 339 340 341 342 |
};
}
return(result);
}
function cackeySSHAgentDecodeCert(requestArray) {
}
/*
* Command Handlers
*/
async function cackeySSHAgentCommandRequestIdentity(request) {
var response;
| > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 |
};
}
return(result);
}
function cackeySSHAgentDecodeCert(requestArray) {
var type;
var decodeError;
var publicKeyType, publicKeyBlob;
var output;
try {
type = cackeySSHAgentDecodeString(requestArray);
} catch (decodeError) {
/*
* x509v3-sign-rsa requests are un-prefixed :-(
*/
type = {}
type.value = requestArray;
type.output = [];
}
/* It might be an x509v3-sign-rsa, which is unprefixed -- try to guess */
if (type.value[0] == 0x30) {
type = "x509v3-sign-rsa";
} else {
requestArray = type.output;
type = type.value;
}
switch (type) {
case "ssh-rsa":
case "x509v3-sign-rsa":
publicKeyType = "RSA";
publicKeyBlob = requestArray;
break;
case "x509v3-ssh-rsa":
publicKeyType = "RSA";
publicKeyBlob = cackeySSHAgentDecodeArray(requestArray).value[0];
break;
}
output = {
publicKeyType: publicKeyType,
publicKeyBlob: publicKeyBlob
};
return(output);
}
function cackeySSHAgentCompareRequestAndKey(key1, key2) {
var ignoredError;
try {
key1 = cackeySSHAgentDecodeCert(key1);
key2 = cackeySSHAgentDecodeCert(key2);
} catch (ignoredError) {
return(false);
}
if (key1.publicKeyType !== key2.publicKeyType) {
return(false);
}
if (key1.publicKeyBlob.join(",") === key2.publicKeyBlob.join(",")) {
return(true);
}
return(false);
}
/*
* Command Handlers
*/
async function cackeySSHAgentCommandRequestIdentity(request) {
var response;
|
| ︙ | ︙ | |||
426 427 428 429 430 431 432 433 434 435 |
* Find the certificate that matches the requested key
*/
certs = await cackeySSHAgentGetCertificates();
certToUse = null;
cackeySSHAgentGetSSHKeyTypes().forEach(function(sshKeyType) {
certs.forEach(function(cert) {
var key;
key = cackeySSHAgentEncodeCertToKeyAndID(cert.certificate, sshKeyType);
| > > > > | | 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 |
* Find the certificate that matches the requested key
*/
certs = await cackeySSHAgentGetCertificates();
certToUse = null;
cackeySSHAgentGetSSHKeyTypes().forEach(function(sshKeyType) {
certs.forEach(function(cert) {
var key;
if (certToUse) {
return;
}
key = cackeySSHAgentEncodeCertToKeyAndID(cert.certificate, sshKeyType);
if (cackeySSHAgentCompareRequestAndKey(key.key, keyInfo)) {
certToUse = cert;
certToUseType = key.publicKeyType;
}
});
});
/*
|
| ︙ | ︙ |