From cfae4f202d217ced1f5a0f42b3b1ef7c41839c4d Mon Sep 17 00:00:00 2001
From: Amy Yan <ayanamydev@gmail.com>
Date: Thu, 18 Jul 2024 11:27:25 +1000
Subject: [PATCH] wip: x509 extensions

---
 src/config.ts          |  1 +
 src/keys/utils/x509.ts | 40 ++++++++++++++++++++++++++++++++++++++++
 2 files changed, 41 insertions(+)

diff --git a/src/config.ts b/src/config.ts
index 393ce8117..d6051d3fb 100644
--- a/src/config.ts
+++ b/src/config.ts
@@ -55,6 +55,7 @@ const config = {
     extensions: {
       polykeyVersion: '1.3.6.1.4.1.57167.2.2.1',
       nodeSignature: '1.3.6.1.4.1.57167.2.2.2',
+      networkAuthentication: '1.3.6.1.4.1.57167.2.2.3',
     },
   },
   /**
diff --git a/src/keys/utils/x509.ts b/src/keys/utils/x509.ts
index 695b2c59b..7a4afc594 100644
--- a/src/keys/utils/x509.ts
+++ b/src/keys/utils/x509.ts
@@ -32,6 +32,12 @@ class PolykeyNodeSignatureString {
   public value: ArrayBuffer;
 }
 
+@asn1.AsnType({ type: asn1.AsnTypeTypes.Choice })
+class PolykeyNetworkAuthenticationString {
+  @asn1.AsnProp({ type: asn1.AsnPropTypes.IA5String })
+  public value: string;
+}
+
 class PolykeyVersionExtension extends x509.Extension {
   public readonly version: string;
 
@@ -88,6 +94,32 @@ class PolykeyNodeSignatureExtension extends x509.Extension {
   }
 }
 
+class PolykeyNetworkAuthenticationExtension extends x509.Extension {
+  public readonly tokens: Array<string>;
+
+  public constructor(raw: ArrayBuffer);
+  public constructor(tokens: Array<string>, critical?: boolean);
+  public constructor(...args: any[]) {
+    if (args[0] instanceof ArrayBuffer || ArrayBuffer.isView(args[0])) {
+      super(args[0]);
+      const tokensString = asn1.AsnConvert.parse(
+        this.value,
+        PolykeyNetworkAuthenticationString,
+      );
+      this.tokens = tokensString.value.split("\u0000");
+    } else {
+      const tokensString = new PolykeyNetworkAuthenticationString();
+      tokensString.value = args[0].join("\u0000");
+      super(
+        config.oids.extensions.polykeyVersion,
+        args[1],
+        asn1.AsnSerializer.serialize(tokensString),
+      );
+      this.tokens = args[0];
+    }
+  }
+}
+
 /**
  * Statically registers the PolykeyVersionExtension
  */
@@ -104,6 +136,14 @@ x509.ExtensionFactory.register(
   PolykeyNodeSignatureExtension,
 );
 
+/**
+ * Statically registers the PolykeyNetworkAuthenticationExtension
+ */
+x509.ExtensionFactory.register(
+  config.oids.extensions.networkAuthentication,
+  PolykeyNetworkAuthenticationExtension,
+)
+
 const extendedKeyUsageFlags = {
   serverAuth: '1.3.6.1.5.5.7.3.1',
   clientAuth: '1.3.6.1.5.5.7.3.2',