From 726b81b19251674e149ccfbb1abacbd837fc6db0 Mon Sep 17 00:00:00 2001 From: LinuxWizard42 Date: Wed, 12 Oct 2022 23:08:57 +0300 Subject: Removed files that should not have been included in git --- node_modules/sshpk/lib/formats/pem.js | 290 ---------------------------------- 1 file changed, 290 deletions(-) delete mode 100644 node_modules/sshpk/lib/formats/pem.js (limited to 'node_modules/sshpk/lib/formats/pem.js') diff --git a/node_modules/sshpk/lib/formats/pem.js b/node_modules/sshpk/lib/formats/pem.js deleted file mode 100644 index bbe78fc..0000000 --- a/node_modules/sshpk/lib/formats/pem.js +++ /dev/null @@ -1,290 +0,0 @@ -// Copyright 2018 Joyent, Inc. - -module.exports = { - read: read, - write: write -}; - -var assert = require('assert-plus'); -var asn1 = require('asn1'); -var crypto = require('crypto'); -var Buffer = require('safer-buffer').Buffer; -var algs = require('../algs'); -var utils = require('../utils'); -var Key = require('../key'); -var PrivateKey = require('../private-key'); - -var pkcs1 = require('./pkcs1'); -var pkcs8 = require('./pkcs8'); -var sshpriv = require('./ssh-private'); -var rfc4253 = require('./rfc4253'); - -var errors = require('../errors'); - -var OID_PBES2 = '1.2.840.113549.1.5.13'; -var OID_PBKDF2 = '1.2.840.113549.1.5.12'; - -var OID_TO_CIPHER = { - '1.2.840.113549.3.7': '3des-cbc', - '2.16.840.1.101.3.4.1.2': 'aes128-cbc', - '2.16.840.1.101.3.4.1.42': 'aes256-cbc' -}; -var CIPHER_TO_OID = {}; -Object.keys(OID_TO_CIPHER).forEach(function (k) { - CIPHER_TO_OID[OID_TO_CIPHER[k]] = k; -}); - -var OID_TO_HASH = { - '1.2.840.113549.2.7': 'sha1', - '1.2.840.113549.2.9': 'sha256', - '1.2.840.113549.2.11': 'sha512' -}; -var HASH_TO_OID = {}; -Object.keys(OID_TO_HASH).forEach(function (k) { - HASH_TO_OID[OID_TO_HASH[k]] = k; -}); - -/* - * For reading we support both PKCS#1 and PKCS#8. If we find a private key, - * we just take the public component of it and use that. - */ -function read(buf, options, forceType) { - var input = buf; - if (typeof (buf) !== 'string') { - assert.buffer(buf, 'buf'); - buf = buf.toString('ascii'); - } - - var lines = buf.trim().split(/[\r\n]+/g); - - var m; - var si = -1; - while (!m && si < lines.length) { - m = lines[++si].match(/*JSSTYLED*/ - /[-]+[ ]*BEGIN ([A-Z0-9][A-Za-z0-9]+ )?(PUBLIC|PRIVATE) KEY[ ]*[-]+/); - } - assert.ok(m, 'invalid PEM header'); - - var m2; - var ei = lines.length; - while (!m2 && ei > 0) { - m2 = lines[--ei].match(/*JSSTYLED*/ - /[-]+[ ]*END ([A-Z0-9][A-Za-z0-9]+ )?(PUBLIC|PRIVATE) KEY[ ]*[-]+/); - } - assert.ok(m2, 'invalid PEM footer'); - - /* Begin and end banners must match key type */ - assert.equal(m[2], m2[2]); - var type = m[2].toLowerCase(); - - var alg; - if (m[1]) { - /* They also must match algorithms, if given */ - assert.equal(m[1], m2[1], 'PEM header and footer mismatch'); - alg = m[1].trim(); - } - - lines = lines.slice(si, ei + 1); - - var headers = {}; - while (true) { - lines = lines.slice(1); - m = lines[0].match(/*JSSTYLED*/ - /^([A-Za-z0-9-]+): (.+)$/); - if (!m) - break; - headers[m[1].toLowerCase()] = m[2]; - } - - /* Chop off the first and last lines */ - lines = lines.slice(0, -1).join(''); - buf = Buffer.from(lines, 'base64'); - - var cipher, key, iv; - if (headers['proc-type']) { - var parts = headers['proc-type'].split(','); - if (parts[0] === '4' && parts[1] === 'ENCRYPTED') { - if (typeof (options.passphrase) === 'string') { - options.passphrase = Buffer.from( - options.passphrase, 'utf-8'); - } - if (!Buffer.isBuffer(options.passphrase)) { - throw (new errors.KeyEncryptedError( - options.filename, 'PEM')); - } else { - parts = headers['dek-info'].split(','); - assert.ok(parts.length === 2); - cipher = parts[0].toLowerCase(); - iv = Buffer.from(parts[1], 'hex'); - key = utils.opensslKeyDeriv(cipher, iv, - options.passphrase, 1).key; - } - } - } - - if (alg && alg.toLowerCase() === 'encrypted') { - var eder = new asn1.BerReader(buf); - var pbesEnd; - eder.readSequence(); - - eder.readSequence(); - pbesEnd = eder.offset + eder.length; - - var method = eder.readOID(); - if (method !== OID_PBES2) { - throw (new Error('Unsupported PEM/PKCS8 encryption ' + - 'scheme: ' + method)); - } - - eder.readSequence(); /* PBES2-params */ - - eder.readSequence(); /* keyDerivationFunc */ - var kdfEnd = eder.offset + eder.length; - var kdfOid = eder.readOID(); - if (kdfOid !== OID_PBKDF2) - throw (new Error('Unsupported PBES2 KDF: ' + kdfOid)); - eder.readSequence(); - var salt = eder.readString(asn1.Ber.OctetString, true); - var iterations = eder.readInt(); - var hashAlg = 'sha1'; - if (eder.offset < kdfEnd) { - eder.readSequence(); - var hashAlgOid = eder.readOID(); - hashAlg = OID_TO_HASH[hashAlgOid]; - if (hashAlg === undefined) { - throw (new Error('Unsupported PBKDF2 hash: ' + - hashAlgOid)); - } - } - eder._offset = kdfEnd; - - eder.readSequence(); /* encryptionScheme */ - var cipherOid = eder.readOID(); - cipher = OID_TO_CIPHER[cipherOid]; - if (cipher === undefined) { - throw (new Error('Unsupported PBES2 cipher: ' + - cipherOid)); - } - iv = eder.readString(asn1.Ber.OctetString, true); - - eder._offset = pbesEnd; - buf = eder.readString(asn1.Ber.OctetString, true); - - if (typeof (options.passphrase) === 'string') { - options.passphrase = Buffer.from( - options.passphrase, 'utf-8'); - } - if (!Buffer.isBuffer(options.passphrase)) { - throw (new errors.KeyEncryptedError( - options.filename, 'PEM')); - } - - var cinfo = utils.opensshCipherInfo(cipher); - - cipher = cinfo.opensslName; - key = utils.pbkdf2(hashAlg, salt, iterations, cinfo.keySize, - options.passphrase); - alg = undefined; - } - - if (cipher && key && iv) { - var cipherStream = crypto.createDecipheriv(cipher, key, iv); - var chunk, chunks = []; - cipherStream.once('error', function (e) { - if (e.toString().indexOf('bad decrypt') !== -1) { - throw (new Error('Incorrect passphrase ' + - 'supplied, could not decrypt key')); - } - throw (e); - }); - cipherStream.write(buf); - cipherStream.end(); - while ((chunk = cipherStream.read()) !== null) - chunks.push(chunk); - buf = Buffer.concat(chunks); - } - - /* The new OpenSSH internal format abuses PEM headers */ - if (alg && alg.toLowerCase() === 'openssh') - return (sshpriv.readSSHPrivate(type, buf, options)); - if (alg && alg.toLowerCase() === 'ssh2') - return (rfc4253.readType(type, buf, options)); - - var der = new asn1.BerReader(buf); - der.originalInput = input; - - /* - * All of the PEM file types start with a sequence tag, so chop it - * off here - */ - der.readSequence(); - - /* PKCS#1 type keys name an algorithm in the banner explicitly */ - if (alg) { - if (forceType) - assert.strictEqual(forceType, 'pkcs1'); - return (pkcs1.readPkcs1(alg, type, der)); - } else { - if (forceType) - assert.strictEqual(forceType, 'pkcs8'); - return (pkcs8.readPkcs8(alg, type, der)); - } -} - -function write(key, options, type) { - assert.object(key); - - var alg = { - 'ecdsa': 'EC', - 'rsa': 'RSA', - 'dsa': 'DSA', - 'ed25519': 'EdDSA' - }[key.type]; - var header; - - var der = new asn1.BerWriter(); - - if (PrivateKey.isPrivateKey(key)) { - if (type && type === 'pkcs8') { - header = 'PRIVATE KEY'; - pkcs8.writePkcs8(der, key); - } else { - if (type) - assert.strictEqual(type, 'pkcs1'); - header = alg + ' PRIVATE KEY'; - pkcs1.writePkcs1(der, key); - } - - } else if (Key.isKey(key)) { - if (type && type === 'pkcs1') { - header = alg + ' PUBLIC KEY'; - pkcs1.writePkcs1(der, key); - } else { - if (type) - assert.strictEqual(type, 'pkcs8'); - header = 'PUBLIC KEY'; - pkcs8.writePkcs8(der, key); - } - - } else { - throw (new Error('key is not a Key or PrivateKey')); - } - - var tmp = der.buffer.toString('base64'); - var len = tmp.length + (tmp.length / 64) + - 18 + 16 + header.length*2 + 10; - var buf = Buffer.alloc(len); - var o = 0; - o += buf.write('-----BEGIN ' + header + '-----\n', o); - for (var i = 0; i < tmp.length; ) { - var limit = i + 64; - if (limit > tmp.length) - limit = tmp.length; - o += buf.write(tmp.slice(i, limit), o); - buf[o++] = 10; - i = limit; - } - o += buf.write('-----END ' + header + '-----\n', o); - - return (buf.slice(0, o)); -} -- cgit v1.2.3-86-g962b