From 726b81b19251674e149ccfbb1abacbd837fc6db0 Mon Sep 17 00:00:00 2001 From: LinuxWizard42 Date: Wed, 12 Oct 2022 23:08:57 +0300 Subject: Removed files that should not have been included in git --- node_modules/sshpk/lib/signature.js | 314 ------------------------------------ 1 file changed, 314 deletions(-) delete mode 100644 node_modules/sshpk/lib/signature.js (limited to 'node_modules/sshpk/lib/signature.js') diff --git a/node_modules/sshpk/lib/signature.js b/node_modules/sshpk/lib/signature.js deleted file mode 100644 index aa8fdbb..0000000 --- a/node_modules/sshpk/lib/signature.js +++ /dev/null @@ -1,314 +0,0 @@ -// Copyright 2015 Joyent, Inc. - -module.exports = Signature; - -var assert = require('assert-plus'); -var Buffer = require('safer-buffer').Buffer; -var algs = require('./algs'); -var crypto = require('crypto'); -var errs = require('./errors'); -var utils = require('./utils'); -var asn1 = require('asn1'); -var SSHBuffer = require('./ssh-buffer'); - -var InvalidAlgorithmError = errs.InvalidAlgorithmError; -var SignatureParseError = errs.SignatureParseError; - -function Signature(opts) { - assert.object(opts, 'options'); - assert.arrayOfObject(opts.parts, 'options.parts'); - assert.string(opts.type, 'options.type'); - - var partLookup = {}; - for (var i = 0; i < opts.parts.length; ++i) { - var part = opts.parts[i]; - partLookup[part.name] = part; - } - - this.type = opts.type; - this.hashAlgorithm = opts.hashAlgo; - this.curve = opts.curve; - this.parts = opts.parts; - this.part = partLookup; -} - -Signature.prototype.toBuffer = function (format) { - if (format === undefined) - format = 'asn1'; - assert.string(format, 'format'); - - var buf; - var stype = 'ssh-' + this.type; - - switch (this.type) { - case 'rsa': - switch (this.hashAlgorithm) { - case 'sha256': - stype = 'rsa-sha2-256'; - break; - case 'sha512': - stype = 'rsa-sha2-512'; - break; - case 'sha1': - case undefined: - break; - default: - throw (new Error('SSH signature ' + - 'format does not support hash ' + - 'algorithm ' + this.hashAlgorithm)); - } - if (format === 'ssh') { - buf = new SSHBuffer({}); - buf.writeString(stype); - buf.writePart(this.part.sig); - return (buf.toBuffer()); - } else { - return (this.part.sig.data); - } - break; - - case 'ed25519': - if (format === 'ssh') { - buf = new SSHBuffer({}); - buf.writeString(stype); - buf.writePart(this.part.sig); - return (buf.toBuffer()); - } else { - return (this.part.sig.data); - } - break; - - case 'dsa': - case 'ecdsa': - var r, s; - if (format === 'asn1') { - var der = new asn1.BerWriter(); - der.startSequence(); - r = utils.mpNormalize(this.part.r.data); - s = utils.mpNormalize(this.part.s.data); - der.writeBuffer(r, asn1.Ber.Integer); - der.writeBuffer(s, asn1.Ber.Integer); - der.endSequence(); - return (der.buffer); - } else if (format === 'ssh' && this.type === 'dsa') { - buf = new SSHBuffer({}); - buf.writeString('ssh-dss'); - r = this.part.r.data; - if (r.length > 20 && r[0] === 0x00) - r = r.slice(1); - s = this.part.s.data; - if (s.length > 20 && s[0] === 0x00) - s = s.slice(1); - if ((this.hashAlgorithm && - this.hashAlgorithm !== 'sha1') || - r.length + s.length !== 40) { - throw (new Error('OpenSSH only supports ' + - 'DSA signatures with SHA1 hash')); - } - buf.writeBuffer(Buffer.concat([r, s])); - return (buf.toBuffer()); - } else if (format === 'ssh' && this.type === 'ecdsa') { - var inner = new SSHBuffer({}); - r = this.part.r.data; - inner.writeBuffer(r); - inner.writePart(this.part.s); - - buf = new SSHBuffer({}); - /* XXX: find a more proper way to do this? */ - var curve; - if (r[0] === 0x00) - r = r.slice(1); - var sz = r.length * 8; - if (sz === 256) - curve = 'nistp256'; - else if (sz === 384) - curve = 'nistp384'; - else if (sz === 528) - curve = 'nistp521'; - buf.writeString('ecdsa-sha2-' + curve); - buf.writeBuffer(inner.toBuffer()); - return (buf.toBuffer()); - } - throw (new Error('Invalid signature format')); - default: - throw (new Error('Invalid signature data')); - } -}; - -Signature.prototype.toString = function (format) { - assert.optionalString(format, 'format'); - return (this.toBuffer(format).toString('base64')); -}; - -Signature.parse = function (data, type, format) { - if (typeof (data) === 'string') - data = Buffer.from(data, 'base64'); - assert.buffer(data, 'data'); - assert.string(format, 'format'); - assert.string(type, 'type'); - - var opts = {}; - opts.type = type.toLowerCase(); - opts.parts = []; - - try { - assert.ok(data.length > 0, 'signature must not be empty'); - switch (opts.type) { - case 'rsa': - return (parseOneNum(data, type, format, opts)); - case 'ed25519': - return (parseOneNum(data, type, format, opts)); - - case 'dsa': - case 'ecdsa': - if (format === 'asn1') - return (parseDSAasn1(data, type, format, opts)); - else if (opts.type === 'dsa') - return (parseDSA(data, type, format, opts)); - else - return (parseECDSA(data, type, format, opts)); - - default: - throw (new InvalidAlgorithmError(type)); - } - - } catch (e) { - if (e instanceof InvalidAlgorithmError) - throw (e); - throw (new SignatureParseError(type, format, e)); - } -}; - -function parseOneNum(data, type, format, opts) { - if (format === 'ssh') { - try { - var buf = new SSHBuffer({buffer: data}); - var head = buf.readString(); - } catch (e) { - /* fall through */ - } - if (buf !== undefined) { - var msg = 'SSH signature does not match expected ' + - 'type (expected ' + type + ', got ' + head + ')'; - switch (head) { - case 'ssh-rsa': - assert.strictEqual(type, 'rsa', msg); - opts.hashAlgo = 'sha1'; - break; - case 'rsa-sha2-256': - assert.strictEqual(type, 'rsa', msg); - opts.hashAlgo = 'sha256'; - break; - case 'rsa-sha2-512': - assert.strictEqual(type, 'rsa', msg); - opts.hashAlgo = 'sha512'; - break; - case 'ssh-ed25519': - assert.strictEqual(type, 'ed25519', msg); - opts.hashAlgo = 'sha512'; - break; - default: - throw (new Error('Unknown SSH signature ' + - 'type: ' + head)); - } - var sig = buf.readPart(); - assert.ok(buf.atEnd(), 'extra trailing bytes'); - sig.name = 'sig'; - opts.parts.push(sig); - return (new Signature(opts)); - } - } - opts.parts.push({name: 'sig', data: data}); - return (new Signature(opts)); -} - -function parseDSAasn1(data, type, format, opts) { - var der = new asn1.BerReader(data); - der.readSequence(); - var r = der.readString(asn1.Ber.Integer, true); - var s = der.readString(asn1.Ber.Integer, true); - - opts.parts.push({name: 'r', data: utils.mpNormalize(r)}); - opts.parts.push({name: 's', data: utils.mpNormalize(s)}); - - return (new Signature(opts)); -} - -function parseDSA(data, type, format, opts) { - if (data.length != 40) { - var buf = new SSHBuffer({buffer: data}); - var d = buf.readBuffer(); - if (d.toString('ascii') === 'ssh-dss') - d = buf.readBuffer(); - assert.ok(buf.atEnd(), 'extra trailing bytes'); - assert.strictEqual(d.length, 40, 'invalid inner length'); - data = d; - } - opts.parts.push({name: 'r', data: data.slice(0, 20)}); - opts.parts.push({name: 's', data: data.slice(20, 40)}); - return (new Signature(opts)); -} - -function parseECDSA(data, type, format, opts) { - var buf = new SSHBuffer({buffer: data}); - - var r, s; - var inner = buf.readBuffer(); - var stype = inner.toString('ascii'); - if (stype.slice(0, 6) === 'ecdsa-') { - var parts = stype.split('-'); - assert.strictEqual(parts[0], 'ecdsa'); - assert.strictEqual(parts[1], 'sha2'); - opts.curve = parts[2]; - switch (opts.curve) { - case 'nistp256': - opts.hashAlgo = 'sha256'; - break; - case 'nistp384': - opts.hashAlgo = 'sha384'; - break; - case 'nistp521': - opts.hashAlgo = 'sha512'; - break; - default: - throw (new Error('Unsupported ECDSA curve: ' + - opts.curve)); - } - inner = buf.readBuffer(); - assert.ok(buf.atEnd(), 'extra trailing bytes on outer'); - buf = new SSHBuffer({buffer: inner}); - r = buf.readPart(); - } else { - r = {data: inner}; - } - - s = buf.readPart(); - assert.ok(buf.atEnd(), 'extra trailing bytes'); - - r.name = 'r'; - s.name = 's'; - - opts.parts.push(r); - opts.parts.push(s); - return (new Signature(opts)); -} - -Signature.isSignature = function (obj, ver) { - return (utils.isCompatible(obj, Signature, ver)); -}; - -/* - * API versions for Signature: - * [1,0] -- initial ver - * [2,0] -- support for rsa in full ssh format, compat with sshpk-agent - * hashAlgorithm property - * [2,1] -- first tagged version - */ -Signature.prototype._sshpkApiVersion = [2, 1]; - -Signature._oldVersionDetect = function (obj) { - assert.func(obj.toBuffer); - if (obj.hasOwnProperty('hashAlgorithm')) - return ([2, 0]); - return ([1, 0]); -}; -- cgit v1.2.3-86-g962b