Added export_allowed file to make repository visible in cgit

author: LinuxWizard42 <computerwizard@linuxmail.org> 2022-10-12 22:54:37 +0300
committer: LinuxWizard42 <computerwizard@linuxmail.org> 2022-10-12 22:54:37 +0300
commit: 703e03aba33f234712206769f57717ba7d92d23d (patch)
tree: 0041f04ccb75bd5379c764e9fe42249fffe75fc3 /node_modules/sshpk/lib/signature.js
parent: ab6e257e6e9d9a483d7e86f220d8b209a2cd7753 (diff)
download: FlashRunner-703e03aba33f234712206769f57717ba7d92d23d.tar.gz
FlashRunner-703e03aba33f234712206769f57717ba7d92d23d.tar.zst
1 files changed, 314 insertions, 0 deletions
diff --git a/node_modules/sshpk/lib/signature.js b/node_modules/sshpk/lib/signature.js
new file mode 100644
index 0000000..aa8fdbb
--- /dev/null
+++ b/node_modules/sshpk/lib/signature.js
@@ -0,0 +1,314 @@
+// Copyright 2015 Joyent, Inc.
+
+module.exports = Signature;
+
+var assert = require('assert-plus');
+var Buffer = require('safer-buffer').Buffer;
+var algs = require('./algs');
+var crypto = require('crypto');
+var errs = require('./errors');
+var utils = require('./utils');
+var asn1 = require('asn1');
+var SSHBuffer = require('./ssh-buffer');
+
+var InvalidAlgorithmError = errs.InvalidAlgorithmError;
+var SignatureParseError = errs.SignatureParseError;
+
+function Signature(opts) {
+	assert.object(opts, 'options');
+	assert.arrayOfObject(opts.parts, 'options.parts');
+	assert.string(opts.type, 'options.type');
+
+	var partLookup = {};
+	for (var i = 0; i < opts.parts.length; ++i) {
+		var part = opts.parts[i];
+		partLookup[part.name] = part;
+	}
+
+	this.type = opts.type;
+	this.hashAlgorithm = opts.hashAlgo;
+	this.curve = opts.curve;
+	this.parts = opts.parts;
+	this.part = partLookup;
+}
+
+Signature.prototype.toBuffer = function (format) {
+	if (format === undefined)
+		format = 'asn1';
+	assert.string(format, 'format');
+
+	var buf;
+	var stype = 'ssh-' + this.type;
+
+	switch (this.type) {
+	case 'rsa':
+		switch (this.hashAlgorithm) {
+		case 'sha256':
+			stype = 'rsa-sha2-256';
+			break;
+		case 'sha512':
+			stype = 'rsa-sha2-512';
+			break;
+		case 'sha1':
+		case undefined:
+			break;
+		default:
+			throw (new Error('SSH signature ' +
+			    'format does not support hash ' +
+			    'algorithm ' + this.hashAlgorithm));
+		}
+		if (format === 'ssh') {
+			buf = new SSHBuffer({});
+			buf.writeString(stype);
+			buf.writePart(this.part.sig);
+			return (buf.toBuffer());
+		} else {
+			return (this.part.sig.data);
+		}
+		break;
+
+	case 'ed25519':
+		if (format === 'ssh') {
+			buf = new SSHBuffer({});
+			buf.writeString(stype);
+			buf.writePart(this.part.sig);
+			return (buf.toBuffer());
+		} else {
+			return (this.part.sig.data);
+		}
+		break;
+
+	case 'dsa':
+	case 'ecdsa':
+		var r, s;
+		if (format === 'asn1') {
+			var der = new asn1.BerWriter();
+			der.startSequence();
+			r = utils.mpNormalize(this.part.r.data);
+			s = utils.mpNormalize(this.part.s.data);
+			der.writeBuffer(r, asn1.Ber.Integer);
+			der.writeBuffer(s, asn1.Ber.Integer);
+			der.endSequence();
+			return (der.buffer);
+		} else if (format === 'ssh' && this.type === 'dsa') {
+			buf = new SSHBuffer({});
+			buf.writeString('ssh-dss');
+			r = this.part.r.data;
+			if (r.length > 20 && r[0] === 0x00)
+				r = r.slice(1);
+			s = this.part.s.data;
+			if (s.length > 20 && s[0] === 0x00)
+				s = s.slice(1);
+			if ((this.hashAlgorithm &&
+			    this.hashAlgorithm !== 'sha1') ||
+			    r.length + s.length !== 40) {
+				throw (new Error('OpenSSH only supports ' +
+				    'DSA signatures with SHA1 hash'));
+			}
+			buf.writeBuffer(Buffer.concat([r, s]));
+			return (buf.toBuffer());
+		} else if (format === 'ssh' && this.type === 'ecdsa') {
+			var inner = new SSHBuffer({});
+			r = this.part.r.data;
+			inner.writeBuffer(r);
+			inner.writePart(this.part.s);
+
+			buf = new SSHBuffer({});
+			/* XXX: find a more proper way to do this? */
+			var curve;
+			if (r[0] === 0x00)
+				r = r.slice(1);
+			var sz = r.length * 8;
+			if (sz === 256)
+				curve = 'nistp256';
+			else if (sz === 384)
+				curve = 'nistp384';
+			else if (sz === 528)
+				curve = 'nistp521';
+			buf.writeString('ecdsa-sha2-' + curve);
+			buf.writeBuffer(inner.toBuffer());
+			return (buf.toBuffer());
+		}
+		throw (new Error('Invalid signature format'));
+	default:
+		throw (new Error('Invalid signature data'));
+	}
+};
+
+Signature.prototype.toString = function (format) {
+	assert.optionalString(format, 'format');
+	return (this.toBuffer(format).toString('base64'));
+};
+
+Signature.parse = function (data, type, format) {
+	if (typeof (data) === 'string')
+		data = Buffer.from(data, 'base64');
+	assert.buffer(data, 'data');
+	assert.string(format, 'format');
+	assert.string(type, 'type');
+
+	var opts = {};
+	opts.type = type.toLowerCase();
+	opts.parts = [];
+
+	try {
+		assert.ok(data.length > 0, 'signature must not be empty');
+		switch (opts.type) {
+		case 'rsa':
+			return (parseOneNum(data, type, format, opts));
+		case 'ed25519':
+			return (parseOneNum(data, type, format, opts));
+
+		case 'dsa':
+		case 'ecdsa':
+			if (format === 'asn1')
+				return (parseDSAasn1(data, type, format, opts));
+			else if (opts.type === 'dsa')
+				return (parseDSA(data, type, format, opts));
+			else
+				return (parseECDSA(data, type, format, opts));
+
+		default:
+			throw (new InvalidAlgorithmError(type));
+		}
+
+	} catch (e) {
+		if (e instanceof InvalidAlgorithmError)
+			throw (e);
+		throw (new SignatureParseError(type, format, e));
+	}
+};
+
+function parseOneNum(data, type, format, opts) {
+	if (format === 'ssh') {
+		try {
+			var buf = new SSHBuffer({buffer: data});
+			var head = buf.readString();
+		} catch (e) {
+			/* fall through */
+		}
+		if (buf !== undefined) {
+			var msg = 'SSH signature does not match expected ' +
+			    'type (expected ' + type + ', got ' + head + ')';
+			switch (head) {
+			case 'ssh-rsa':
+				assert.strictEqual(type, 'rsa', msg);
+				opts.hashAlgo = 'sha1';
+				break;
+			case 'rsa-sha2-256':
+				assert.strictEqual(type, 'rsa', msg);
+				opts.hashAlgo = 'sha256';
+				break;
+			case 'rsa-sha2-512':
+				assert.strictEqual(type, 'rsa', msg);
+				opts.hashAlgo = 'sha512';
+				break;
+			case 'ssh-ed25519':
+				assert.strictEqual(type, 'ed25519', msg);
+				opts.hashAlgo = 'sha512';
+				break;
+			default:
+				throw (new Error('Unknown SSH signature ' +
+				    'type: ' + head));
+			}
+			var sig = buf.readPart();
+			assert.ok(buf.atEnd(), 'extra trailing bytes');
+			sig.name = 'sig';
+			opts.parts.push(sig);
+			return (new Signature(opts));
+		}
+	}
+	opts.parts.push({name: 'sig', data: data});
+	return (new Signature(opts));
+}
+
+function parseDSAasn1(data, type, format, opts) {
+	var der = new asn1.BerReader(data);
+	der.readSequence();
+	var r = der.readString(asn1.Ber.Integer, true);
+	var s = der.readString(asn1.Ber.Integer, true);
+
+	opts.parts.push({name: 'r', data: utils.mpNormalize(r)});
+	opts.parts.push({name: 's', data: utils.mpNormalize(s)});
+
+	return (new Signature(opts));
+}
+
+function parseDSA(data, type, format, opts) {
+	if (data.length != 40) {
+		var buf = new SSHBuffer({buffer: data});
+		var d = buf.readBuffer();
+		if (d.toString('ascii') === 'ssh-dss')
+			d = buf.readBuffer();
+		assert.ok(buf.atEnd(), 'extra trailing bytes');
+		assert.strictEqual(d.length, 40, 'invalid inner length');
+		data = d;
+	}
+	opts.parts.push({name: 'r', data: data.slice(0, 20)});
+	opts.parts.push({name: 's', data: data.slice(20, 40)});
+	return (new Signature(opts));
+}
+
+function parseECDSA(data, type, format, opts) {
+	var buf = new SSHBuffer({buffer: data});
+
+	var r, s;
+	var inner = buf.readBuffer();
+	var stype = inner.toString('ascii');
+	if (stype.slice(0, 6) === 'ecdsa-') {
+		var parts = stype.split('-');
+		assert.strictEqual(parts[0], 'ecdsa');
+		assert.strictEqual(parts[1], 'sha2');
+		opts.curve = parts[2];
+		switch (opts.curve) {
+		case 'nistp256':
+			opts.hashAlgo = 'sha256';
+			break;
+		case 'nistp384':
+			opts.hashAlgo = 'sha384';
+			break;
+		case 'nistp521':
+			opts.hashAlgo = 'sha512';
+			break;
+		default:
+			throw (new Error('Unsupported ECDSA curve: ' +
+			    opts.curve));
+		}
+		inner = buf.readBuffer();
+		assert.ok(buf.atEnd(), 'extra trailing bytes on outer');
+		buf = new SSHBuffer({buffer: inner});
+		r = buf.readPart();
+	} else {
+		r = {data: inner};
+	}
+
+	s = buf.readPart();
+	assert.ok(buf.atEnd(), 'extra trailing bytes');
+
+	r.name = 'r';
+	s.name = 's';
+
+	opts.parts.push(r);
+	opts.parts.push(s);
+	return (new Signature(opts));
+}
+
+Signature.isSignature = function (obj, ver) {
+	return (utils.isCompatible(obj, Signature, ver));
+};
+
+/*
+ * API versions for Signature:
+ * [1,0] -- initial ver
+ * [2,0] -- support for rsa in full ssh format, compat with sshpk-agent
+ *          hashAlgorithm property
+ * [2,1] -- first tagged version
+ */
+Signature.prototype._sshpkApiVersion = [2, 1];
+
+Signature._oldVersionDetect = function (obj) {
+	assert.func(obj.toBuffer);
+	if (obj.hasOwnProperty('hashAlgorithm'))
+		return ([2, 0]);
+	return ([1, 0]);
+};
author	LinuxWizard42 <computerwizard@linuxmail.org>	2022-10-12 22:54:37 +0300
committer	LinuxWizard42 <computerwizard@linuxmail.org>	2022-10-12 22:54:37 +0300
commit	703e03aba33f234712206769f57717ba7d92d23d (patch)
tree	0041f04ccb75bd5379c764e9fe42249fffe75fc3 /node_modules/sshpk/lib/signature.js
parent	ab6e257e6e9d9a483d7e86f220d8b209a2cd7753 (diff)
download	FlashRunner-703e03aba33f234712206769f57717ba7d92d23d.tar.gz FlashRunner-703e03aba33f234712206769f57717ba7d92d23d.tar.zst