refactor: update asn1.ts helper functions

Author: panva

src/lib/asn1.ts

@@ -6,6 +6,14 @@ import { isCryptoKey, isKeyObject } from './is_key_like.js'
 
 import type { KeyImportOptions } from '../key/import.js'
 
+/**
+ * Formats a base64 string as a PEM-encoded key with proper line breaks and headers.
+ *
+ * @param b64 - Base64-encoded key data
+ * @param descriptor - Key type descriptor (e.g., "PUBLIC KEY", "PRIVATE KEY")
+ *
+ * @returns PEM-formatted string
+ */
 const formatPEM = (b64: string, descriptor: string) => {
   const newlined = (b64.match(/.{1,64}/g) || []).join('\n')
   return `-----BEGIN ${descriptor}-----\n${newlined}\n-----END ${descriptor}-----`
@@ -59,61 +67,64 @@ export const toPKCS8 = (key: unknown): Promise<string> => {
   return genericExport('private', 'pkcs8', key)
 }
 
-const findOid = (keyData: Uint8Array, oid: number[], from = 0): boolean => {
-  if (from === 0) {
-    oid.unshift(oid.length)
-    oid.unshift(0x06)
-  }
-  const i = keyData.indexOf(oid[0], from)
-  if (i === -1) return false
-  const sub = keyData.subarray(i, i + oid.length)
-  if (sub.length !== oid.length) return false
-  return sub.every((value, index) => value === oid[index]) || findOid(keyData, oid, i + 1)
-}
-
+/**
+ * Detects the named curve from ECDH/ECDSA key data by searching for curve OID patterns.
+ *
+ * @param keyData - The key data to analyze
+ *
+ * @returns The curve name ('P-256', 'P-384', or 'P-521') or undefined if not found
+ */
 const getNamedCurve = (keyData: Uint8Array): string | undefined => {
-  switch (true) {
-    case findOid(keyData, [0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07]):
-      return 'P-256'
-    case findOid(keyData, [0x2b, 0x81, 0x04, 0x00, 0x22]):
-      return 'P-384'
-    case findOid(keyData, [0x2b, 0x81, 0x04, 0x00, 0x23]):
-      return 'P-521'
-    default:
-      return undefined
+  // OID patterns for NIST curves (Object Identifier byte sequences)
+  const patterns = Object.entries({
+    'P-256': [0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07],
+    'P-384': [0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x22],
+    'P-521': [0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x23],
+  })
+
+  const maxPatternLen = Math.max(...patterns.map(([, bytes]) => bytes.length))
+
+  for (let i = 0; i <= keyData.byteLength - maxPatternLen; i++) {
+    for (const [curve, bytes] of patterns) {
+      if (i <= keyData.byteLength - bytes.length) {
+        if (keyData.subarray(i, i + bytes.length).every((byte, idx) => byte === bytes[idx])) {
+          return curve
+        }
+      }
+    }
   }
+
+  return undefined
 }
 
 const genericImport = async (
-  replace: RegExp,
   keyFormat: 'spki' | 'pkcs8',
-  pem: string,
+  keyData: Uint8Array,
   alg: string,
   options?: KeyImportOptions,
 ) => {
   let algorithm: RsaHashedImportParams | EcKeyAlgorithm | Algorithm
   let keyUsages: KeyUsage[]
 
-  const keyData = new Uint8Array(
-    atob(pem.replace(replace, ''))
-      .split('')
-      .map((c) => c.charCodeAt(0)),
-  )
-
   const isPublic = keyFormat === 'spki'
 
+  // Helper functions for determining key usage based on key type
+  const getSignatureUsages = (): KeyUsage[] => (isPublic ? ['verify'] : ['sign'])
+  const getEncryptionUsages = (): KeyUsage[] =>
+    isPublic ? ['encrypt', 'wrapKey'] : ['decrypt', 'unwrapKey']
+
   switch (alg) {
     case 'PS256':
     case 'PS384':
     case 'PS512':
       algorithm = { name: 'RSA-PSS', hash: `SHA-${alg.slice(-3)}` }
-      keyUsages = isPublic ? ['verify'] : ['sign']
+      keyUsages = getSignatureUsages()
       break
     case 'RS256':
     case 'RS384':
     case 'RS512':
       algorithm = { name: 'RSASSA-PKCS1-v1_5', hash: `SHA-${alg.slice(-3)}` }
-      keyUsages = isPublic ? ['verify'] : ['sign']
+      keyUsages = getSignatureUsages()
       break
     case 'RSA-OAEP':
     case 'RSA-OAEP-256':
@@ -123,33 +134,29 @@ const genericImport = async (
         name: 'RSA-OAEP',
         hash: `SHA-${parseInt(alg.slice(-3), 10) || 1}`,
       }
-      keyUsages = isPublic ? ['encrypt', 'wrapKey'] : ['decrypt', 'unwrapKey']
+      keyUsages = getEncryptionUsages()
       break
     case 'ES256':
-      algorithm = { name: 'ECDSA', namedCurve: 'P-256' }
-      keyUsages = isPublic ? ['verify'] : ['sign']
-      break
     case 'ES384':
-      algorithm = { name: 'ECDSA', namedCurve: 'P-384' }
-      keyUsages = isPublic ? ['verify'] : ['sign']
-      break
-    case 'ES512':
-      algorithm = { name: 'ECDSA', namedCurve: 'P-521' }
-      keyUsages = isPublic ? ['verify'] : ['sign']
+    case 'ES512': {
+      const curveMap = { ES256: 'P-256', ES384: 'P-384', ES512: 'P-521' } as const
+      algorithm = { name: 'ECDSA', namedCurve: curveMap[alg] }
+      keyUsages = getSignatureUsages()
       break
+    }
     case 'ECDH-ES':
     case 'ECDH-ES+A128KW':
     case 'ECDH-ES+A192KW':
     case 'ECDH-ES+A256KW': {
       const namedCurve = getNamedCurve(keyData)
-      algorithm = namedCurve?.startsWith('P-') ? { name: 'ECDH', namedCurve } : { name: 'X25519' }
+      algorithm = namedCurve ? { name: 'ECDH', namedCurve } : { name: 'X25519' }
       keyUsages = isPublic ? [] : ['deriveBits']
       break
     }
-    case 'Ed25519': // Fall through
+    case 'Ed25519':
     case 'EdDSA':
       algorithm = { name: 'Ed25519' }
-      keyUsages = isPublic ? ['verify'] : ['sign']
+      keyUsages = getSignatureUsages()
       break
     default:
       throw new JOSENotSupported('Invalid or unsupported "alg" (Algorithm) value')
@@ -171,110 +178,100 @@ type PEMImportFunction = (
 ) => Promise<types.CryptoKey>
 
 export const fromPKCS8: PEMImportFunction = (pem, alg, options?) => {
-  return genericImport(/(?:-----(?:BEGIN|END) PRIVATE KEY-----|\s)/g, 'pkcs8', pem, alg, options)
+  const keyData = decodeBase64(pem.replace(/(?:-----(?:BEGIN|END) PRIVATE KEY-----|\s)/g, ''))
+  return genericImport('pkcs8', keyData, alg, options)
 }
 
 export const fromSPKI: PEMImportFunction = (pem, alg, options?) => {
-  return genericImport(/(?:-----(?:BEGIN|END) PUBLIC KEY-----|\s)/g, 'spki', pem, alg, options)
+  const keyData = decodeBase64(pem.replace(/(?:-----(?:BEGIN|END) PUBLIC KEY-----|\s)/g, ''))
+  return genericImport('spki', keyData, alg, options)
 }
 
-function getElement(seq: Uint8Array) {
-  const result = []
-  let next = 0
-
-  while (next < seq.length) {
-    const nextPart = parseElement(seq.subarray(next))
-    result.push(nextPart)
-    next += nextPart.byteLength
+/**
+ * Extracts the Subject Public Key Info (SPKI) from an X.509 certificate. Parses the ASN.1 DER
+ * structure to locate and extract the public key portion.
+ *
+ * @param buf - DER-encoded X.509 certificate bytes
+ *
+ * @returns SPKI structure as bytes
+ */
+function spkiFromX509(buf: Uint8Array): Uint8Array {
+  // Parse ASN.1 DER structure to extract SPKI from X.509 certificate
+  let pos = 0
+
+  // Helper function to parse ASN.1 length encoding (both short and long form)
+  const parseLength = (): number => {
+    const first = buf[pos++]
+    if (first & 0x80) {
+      // Long form: first byte indicates number of subsequent length bytes
+      const lengthOfLength = first & 0x7f
+      let length = 0
+      for (let i = 0; i < lengthOfLength; i++) {
+        length = (length << 8) | buf[pos++]
+      }
+      return length
+    }
+    // Short form: length is encoded directly in first byte
+    return first
   }
-  return result
-}
 
-function parseElement(bytes: Uint8Array) {
-  let position = 0
-
-  // tag
-  let tag = bytes[0] & 0x1f
-  position++
-  if (tag === 0x1f) {
-    tag = 0
-    while (bytes[position] >= 0x80) {
-      tag = tag * 128 + bytes[position] - 0x80
-      position++
+  // Helper function to skip ASN.1 elements (tag + length + content)
+  const skipElement = (count: number = 1): void => {
+    if (count <= 0) return
+    pos++ // Skip tag byte
+    const length = parseLength()
+    pos += length // Skip content bytes
+    if (count > 1) {
+      skipElement(count - 1) // Recursively skip remaining elements
     }
-    tag = tag * 128 + bytes[position] - 0x80
-    position++
   }
 
-  // length
-  let length = 0
-  if (bytes[position] < 0x80) {
-    length = bytes[position]
-    position++
-  } else if (length === 0x80) {
-    length = 0
-
-    while (bytes[position + length] !== 0 || bytes[position + length + 1] !== 0) {
-      if (length > bytes.byteLength) {
-        throw new TypeError('invalid indefinite form length')
-      }
-      length++
-    }
+  // Parse outer certificate SEQUENCE
+  if (buf[pos++] !== 0x30) throw new Error('Invalid certificate structure')
+  parseLength() // Skip certificate length
 
-    const byteLength = position + length + 2
-    return {
-      byteLength,
-      contents: bytes.subarray(position, position + length),
-      raw: bytes.subarray(0, byteLength),
-    }
+  // Parse tbsCertificate (To Be Signed Certificate) SEQUENCE
+  if (buf[pos++] !== 0x30) throw new Error('Invalid tbsCertificate structure')
+  parseLength() // Skip tbsCertificate length
+
+  if (buf[pos] === 0xa0) {
+    // Optional version field present (context-specific [0])
+    // Skip: version, serialNumber, signature algorithm, issuer, validity, subject
+    skipElement(6)
   } else {
-    const numberOfDigits = bytes[position] & 0x7f
-    position++
-    length = 0
-    for (let i = 0; i < numberOfDigits; i++) {
-      length = length * 256 + bytes[position]
-      position++
-    }
+    // No version field (defaults to v1)
+    // Skip: serialNumber, signature algorithm, issuer, validity, subject
+    skipElement(5)
   }
 
-  const byteLength = position + length
-  return {
-    byteLength,
-    contents: bytes.subarray(position, byteLength),
-    raw: bytes.subarray(0, byteLength),
-  }
-}
+  // Extract subjectPublicKeyInfo SEQUENCE
+  const spkiStart = pos
+  if (buf[pos++] !== 0x30) throw new Error('Invalid SPKI structure')
+  const spkiContentLength = parseLength()
 
-function spkiFromX509(buf: Uint8Array) {
-  const tbsCertificate = getElement(getElement(parseElement(buf).contents)[0].contents)
-  return encodeBase64(tbsCertificate[tbsCertificate[0].raw[0] === 0xa0 ? 6 : 5].raw)
+  // Return the complete SPKI structure (tag + length + content)
+  return buf.subarray(spkiStart, spkiStart + spkiContentLength + (pos - spkiStart))
 }
 
-let createPublicKey: any
-function getSPKI(x509: string): string {
-  try {
-    // @ts-ignore
-    createPublicKey ??= globalThis.process?.getBuiltinModule?.('node:crypto')?.createPublicKey
-  } catch {
-    createPublicKey = 0
-  }
-
-  if (createPublicKey) {
-    try {
-      return createPublicKey(x509).export({ format: 'pem', type: 'spki' })
-    } catch {}
-  }
-  const pem = x509.replace(/(?:-----(?:BEGIN|END) CERTIFICATE-----|\s)/g, '')
-  const raw = decodeBase64(pem)
-  return formatPEM(spkiFromX509(raw), 'PUBLIC KEY')
+/**
+ * Extracts SPKI from a PEM-encoded X.509 certificate string.
+ *
+ * @param x509 - PEM-encoded X.509 certificate
+ *
+ * @returns SPKI structure as bytes
+ */
+function extractX509SPKI(x509: string): Uint8Array {
+  const base64Content = x509.replace(/(?:-----(?:BEGIN|END) CERTIFICATE-----|\s)/g, '')
+  const derBytes = decodeBase64(base64Content)
+  return spkiFromX509(derBytes)
 }
 
 export const fromX509: PEMImportFunction = (pem, alg, options?) => {
-  let spki: string
+  let spki: Uint8Array
   try {
-    spki = getSPKI(pem)
+    spki = extractX509SPKI(pem)
   } catch (cause) {
     throw new TypeError('Failed to parse the X.509 certificate', { cause })
   }
-  return fromSPKI(spki, alg, options)
+  return genericImport('spki', spki, alg, options)
 }