s2/minifyfromhtml
1
0
Fork 0
mirror of https://github.com/S2-/minifyfromhtml.git synced 2025-08-03 04:10:04 +02:00
Code Issues Releases Wiki Activity

update node modules

Browse Source
This commit is contained in:
s2
2019-03-29 15:56:41 +01:00
parent f114871153
commit 89c32fb4e6
8347 changed files with 390123 additions and 159877 deletions
Download Patch File Download Diff File Expand all files Collapse all files

126
node_modules/sshpk/README.md generated vendored
View File

@@ -126,6 +126,9 @@ Parameters
- `rfc4253`: raw OpenSSH wire format
- `openssh`: new post-OpenSSH 6.5 internal format, produced by
`ssh-keygen -o`
- `dnssec`: `.key` file format output by `dnssec-keygen` etc
- `putty`: the PuTTY `.ppk` file format (supports truncated variant without
all the lines from `Private-Lines:` onwards)
- `options` -- Optional Object, extra options, with keys:
- `filename` -- Optional String, name for the key being parsed
(eg. the filename that was opened). Used to generate
@@ -174,7 +177,7 @@ Parameters
Same as `this.toBuffer(format).toString()`.
### `Key#fingerprint([algorithm = 'sha256'])`
### `Key#fingerprint([algorithm = 'sha256'[, hashType = 'ssh']])`
Creates a new `Fingerprint` object representing this Key's fingerprint.
@@ -182,6 +185,9 @@ Parameters
- `algorithm` -- String name of hash algorithm to use, valid options are `md5`,
`sha1`, `sha256`, `sha384`, `sha512`
- `hashType` -- String name of fingerprint hash type to use, valid options are
`ssh` (the type of fingerprint used by OpenSSH, e.g. in
`ssh-keygen`), `spki` (used by HPKP, some OpenSSL applications)
### `Key#createVerify([hashAlgorithm])`
@@ -231,6 +237,7 @@ Parameters
`ssh-keygen -o`
- `pkcs1`, `pkcs8`: variants of `pem`
- `rfc4253`: raw OpenSSH wire format
- `dnssec`: `.private` format output by `dnssec-keygen` etc.
- `options` -- Optional Object, extra options, with keys:
- `filename` -- Optional String, name for the key being parsed
(eg. the filename that was opened). Used to generate
@@ -333,7 +340,7 @@ Parameters
## Fingerprints
### `parseFingerprint(fingerprint[, algorithms])`
### `parseFingerprint(fingerprint[, options])`
Pre-parses a fingerprint, creating a `Fingerprint` object that can be used to
quickly locate a key by using the `Fingerprint#matches` function.
@@ -341,9 +348,15 @@ quickly locate a key by using the `Fingerprint#matches` function.
Parameters
- `fingerprint` -- String, the fingerprint value, in any supported format
- `algorithms` -- Optional list of strings, names of hash algorithms to limit
support to. If `fingerprint` uses a hash algorithm not on
this list, throws `InvalidAlgorithmError`.
- `options` -- Optional Object, with properties:
- `algorithms` -- Array of strings, names of hash algorithms to limit
support to. If `fingerprint` uses a hash algorithm not on
this list, throws `InvalidAlgorithmError`.
- `hashType` -- String, the type of hash the fingerprint uses, either `ssh`
or `spki` (normally auto-detected based on the format, but
can be overridden)
- `type` -- String, the entity this fingerprint identifies, either `key` or
`certificate`
### `Fingerprint.isFingerprint(obj)`
@@ -364,14 +377,19 @@ Parameters
`base64`. If this `Fingerprint` uses the `md5` algorithm, the
default format is `hex`. Otherwise, the default is `base64`.
### `Fingerprint#matches(key)`
### `Fingerprint#matches(keyOrCertificate)`
Verifies whether or not this `Fingerprint` matches a given `Key`. This function
uses double-hashing to avoid leaking timing information. Returns a boolean.
Verifies whether or not this `Fingerprint` matches a given `Key` or
`Certificate`. This function uses double-hashing to avoid leaking timing
information. Returns a boolean.
Note that a `Key`-type Fingerprint will always return `false` if asked to match
a `Certificate` and vice versa.
Parameters
- `key` -- a `Key` object, the key to match this fingerprint against
- `keyOrCertificate` -- a `Key` object or `Certificate` object, the entity to
match this fingerprint against
## Signatures
@@ -507,6 +525,24 @@ is valid for. The possible strings at the moment are:
Authority)
* `'crl'` -- key can be used to sign Certificate Revocation Lists (CRLs)
### `Certificate#getExtension(nameOrOid)`
Retrieves information about a certificate extension, if present, or returns
`undefined` if not. The string argument `nameOrOid` should be either the OID
(for X509 extensions) or the name (for OpenSSH extensions) of the extension
to retrieve.
The object returned will have the following properties:
* `format` -- String, set to either `'x509'` or `'openssh'`
* `name` or `oid` -- String, only one set based on value of `format`
* `data` -- Buffer, the raw data inside the extension
### `Certificate#getExtensions()`
Returns an Array of all present certificate extensions, in the same manner and
format as `getExtension()`.
### `Certificate#isExpired([when])`
Tests whether the Certificate is currently expired (i.e. the `validFrom` and
@@ -614,6 +650,44 @@ Parameters
Returns an Identity instance.
### `identityFromArray(arr)`
Constructs an Identity from an array of DN components (see `Identity#toArray()`
for the format).
Parameters
- `arr` -- an Array of Objects, DN components with `name` and `value`
Returns an Identity instance.
Supported attributes in DNs:
| Attribute name | OID |
| -------------- | --- |
| `cn` | `2.5.4.3` |
| `o` | `2.5.4.10` |
| `ou` | `2.5.4.11` |
| `l` | `2.5.4.7` |
| `s` | `2.5.4.8` |
| `c` | `2.5.4.6` |
| `sn` | `2.5.4.4` |
| `postalCode` | `2.5.4.17` |
| `serialNumber` | `2.5.4.5` |
| `street` | `2.5.4.9` |
| `x500UniqueIdentifier` | `2.5.4.45` |
| `role` | `2.5.4.72` |
| `telephoneNumber` | `2.5.4.20` |
| `description` | `2.5.4.13` |
| `dc` | `0.9.2342.19200300.100.1.25` |
| `uid` | `0.9.2342.19200300.100.1.1` |
| `mail` | `0.9.2342.19200300.100.1.3` |
| `title` | `2.5.4.12` |
| `gn` | `2.5.4.42` |
| `initials` | `2.5.4.43` |
| `pseudonym` | `2.5.4.65` |
### `Identity#toString()`
Returns the identity as an LDAP-style DN string.
@@ -631,7 +705,39 @@ Set when `type` is `'host'`, `'user'`, or `'email'`, respectively. Strings.
### `Identity#cn`
The value of the first `CN=` in the DN, if any.
The value of the first `CN=` in the DN, if any. It's probably better to use
the `#get()` method instead of this property.
### `Identity#get(name[, asArray])`
Returns the value of a named attribute in the Identity DN. If there is no
attribute of the given name, returns `undefined`. If multiple components
of the DN contain an attribute of this name, an exception is thrown unless
the `asArray` argument is given as `true` -- then they will be returned as
an Array in the same order they appear in the DN.
Parameters
- `name` -- a String
- `asArray` -- an optional Boolean
### `Identity#toArray()`
Returns the Identity as an Array of DN component objects. This looks like:
```js
[ {
"name": "cn",
"value": "Joe Bloggs"
},
{
"name": "o",
"value": "Organisation Ltd"
} ]
```
Each object has a `name` and a `value` property. The returned objects may be
safely modified.
Errors
------

105
node_modules/sshpk/bin/sshpk-conv generated vendored
View File

@@ -1,7 +1,7 @@
#!/usr/bin/env node
// -*- mode: js -*-
// vim: set filetype=javascript :
// Copyright 2015 Joyent, Inc. All rights reserved.
// Copyright 2018 Joyent, Inc. All rights reserved.
var dashdash = require('dashdash');
var sshpk = require('../lib/index');
@@ -47,6 +47,21 @@ var options = [
type: 'bool',
help: 'Print key metadata instead of converting'
},
{
names: ['fingerprint', 'F'],
type: 'bool',
help: 'Output key fingerprint'
},
{
names: ['hash', 'H'],
type: 'string',
help: 'Hash function to use for key fingeprint with -F'
},
{
names: ['spki', 's'],
type: 'bool',
help: 'With -F, generates an SPKI fingerprint instead of SSH'
},
{
names: ['comment', 'c'],
type: 'string',
@@ -75,13 +90,18 @@ if (require.main === module) {
var help = parser.help({}).trimRight();
console.error('sshpk-conv: converts between SSH key formats\n');
console.error(help);
console.error('\navailable formats:');
console.error('\navailable key formats:');
console.error(' - pem, pkcs1 eg id_rsa');
console.error(' - ssh eg id_rsa.pub');
console.error(' - pkcs8 format you want for openssl');
console.error(' - openssh like output of ssh-keygen -o');
console.error(' - rfc4253 raw OpenSSH wire format');
console.error(' - dnssec dnssec-keygen format');
console.error(' - putty PuTTY ppk format');
console.error('\navailable fingerprint formats:');
console.error(' - hex colon-separated hex for SSH');
console.error(' straight hex for SPKI');
console.error(' - base64 SHA256:* format from OpenSSH');
process.exit(1);
}
@@ -111,9 +131,7 @@ if (require.main === module) {
inFile = fs.createReadStream(inFilePath);
}
} catch (e) {
console.error('sshpk-conv: error opening input file' +
': ' + e.name + ': ' + e.message);
process.exit(1);
ifError(e, 'error opening input file');
}
var outFile = process.stdout;
@@ -124,9 +142,7 @@ if (require.main === module) {
outFile = fs.createWriteStream(opts.out);
}
} catch (e) {
console.error('sshpk-conv: error opening output file' +
': ' + e.name + ': ' + e.message);
process.exit(1);
ifError(e, 'error opening output file');
}
var bufs = [];
@@ -150,20 +166,14 @@ if (require.main === module) {
} catch (e) {
if (e.name === 'KeyEncryptedError') {
getPassword(function (err, pw) {
if (err) {
console.log('sshpk-conv: ' +
err.name + ': ' +
err.message);
process.exit(1);
}
if (err)
ifError(err);
parseOpts.passphrase = pw;
processKey();
});
return;
}
console.error('sshpk-conv: ' +
e.name + ': ' + e.message);
process.exit(1);
ifError(e);
}
if (opts.derive)
@@ -172,18 +182,7 @@ if (require.main === module) {
if (opts.comment)
key.comment = opts.comment;
if (!opts.identify) {
fmt = undefined;
if (opts.outformat)
fmt = opts.outformat;
outFile.write(key.toBuffer(fmt));
if (fmt === 'ssh' ||
(!opts.private && fmt === undefined))
outFile.write('\n');
outFile.once('drain', function () {
process.exit(0);
});
} else {
if (opts.identify) {
var kind = 'public';
if (sshpk.PrivateKey.isPrivateKey(key))
kind = 'private';
@@ -193,10 +192,52 @@ if (require.main === module) {
console.log('ECDSA curve: %s', key.curve);
if (key.comment)
console.log('Comment: %s', key.comment);
console.log('Fingerprint:');
console.log(' ' + key.fingerprint().toString());
console.log(' ' + key.fingerprint('md5').toString());
console.log('SHA256 fingerprint: ' +
key.fingerprint('sha256').toString());
console.log('MD5 fingerprint: ' +
key.fingerprint('md5').toString());
console.log('SPKI-SHA256 fingerprint: ' +
key.fingerprint('sha256', 'spki').toString());
process.exit(0);
return;
}
if (opts.fingerprint) {
var hash = opts.hash;
var type = opts.spki ? 'spki' : 'ssh';
var format = opts.outformat;
var fp = key.fingerprint(hash, type).toString(format);
outFile.write(fp);
outFile.write('\n');
outFile.once('drain', function () {
process.exit(0);
});
return;
}
fmt = undefined;
if (opts.outformat)
fmt = opts.outformat;
outFile.write(key.toBuffer(fmt));
if (fmt === 'ssh' ||
(!opts.private && fmt === undefined))
outFile.write('\n');
outFile.once('drain', function () {
process.exit(0);
});
});
}
function ifError(e, txt) {
if (txt)
txt = txt + ': ';
else
txt = '';
console.error('sshpk-conv: ' + txt + e.name + ': ' + e.message);
if (process.env['DEBUG'] || process.env['V']) {
console.error(e.stack);
if (e.innerErr)
console.error(e.innerErr.stack);
}
process.exit(1);
}

3
node_modules/sshpk/bin/sshpk-verify generated vendored
View File

@@ -7,6 +7,7 @@ var dashdash = require('dashdash');
var sshpk = require('../lib/index');
var fs = require('fs');
var path = require('path');
var Buffer = require('safer-buffer').Buffer;
var options = [
{
@@ -93,7 +94,7 @@ if (require.main === module) {
}
var fmt = opts.format || 'asn1';
var sigData = new Buffer(opts.signature, 'base64');
var sigData = Buffer.from(opts.signature, 'base64');
var sig;
try {

38
node_modules/sshpk/lib/algs.js generated vendored
View File

@@ -1,5 +1,7 @@
// Copyright 2015 Joyent, Inc.
var Buffer = require('safer-buffer').Buffer;
var algInfo = {
'dsa': {
parts: ['p', 'q', 'g', 'y'],
@@ -52,27 +54,27 @@ var curves = {
'nistp256': {
size: 256,
pkcs8oid: '1.2.840.10045.3.1.7',
p: new Buffer(('00' +
p: Buffer.from(('00' +
'ffffffff 00000001 00000000 00000000' +
'00000000 ffffffff ffffffff ffffffff').
replace(/ /g, ''), 'hex'),
a: new Buffer(('00' +
a: Buffer.from(('00' +
'FFFFFFFF 00000001 00000000 00000000' +
'00000000 FFFFFFFF FFFFFFFF FFFFFFFC').
replace(/ /g, ''), 'hex'),
b: new Buffer((
b: Buffer.from((
'5ac635d8 aa3a93e7 b3ebbd55 769886bc' +
'651d06b0 cc53b0f6 3bce3c3e 27d2604b').
replace(/ /g, ''), 'hex'),
s: new Buffer(('00' +
s: Buffer.from(('00' +
'c49d3608 86e70493 6a6678e1 139d26b7' +
'819f7e90').
replace(/ /g, ''), 'hex'),
n: new Buffer(('00' +
n: Buffer.from(('00' +
'ffffffff 00000000 ffffffff ffffffff' +
'bce6faad a7179e84 f3b9cac2 fc632551').
replace(/ /g, ''), 'hex'),
G: new Buffer(('04' +
G: Buffer.from(('04' +
'6b17d1f2 e12c4247 f8bce6e5 63a440f2' +
'77037d81 2deb33a0 f4a13945 d898c296' +
'4fe342e2 fe1a7f9b 8ee7eb4a 7c0f9e16' +
@@ -82,31 +84,31 @@ var curves = {
'nistp384': {
size: 384,
pkcs8oid: '1.3.132.0.34',
p: new Buffer(('00' +
p: Buffer.from(('00' +
'ffffffff ffffffff ffffffff ffffffff' +
'ffffffff ffffffff ffffffff fffffffe' +
'ffffffff 00000000 00000000 ffffffff').
replace(/ /g, ''), 'hex'),
a: new Buffer(('00' +
a: Buffer.from(('00' +
'FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF' +
'FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE' +
'FFFFFFFF 00000000 00000000 FFFFFFFC').
replace(/ /g, ''), 'hex'),
b: new Buffer((
b: Buffer.from((
'b3312fa7 e23ee7e4 988e056b e3f82d19' +
'181d9c6e fe814112 0314088f 5013875a' +
'c656398d 8a2ed19d 2a85c8ed d3ec2aef').
replace(/ /g, ''), 'hex'),
s: new Buffer(('00' +
s: Buffer.from(('00' +
'a335926a a319a27a 1d00896a 6773a482' +
'7acdac73').
replace(/ /g, ''), 'hex'),
n: new Buffer(('00' +
n: Buffer.from(('00' +
'ffffffff ffffffff ffffffff ffffffff' +
'ffffffff ffffffff c7634d81 f4372ddf' +
'581a0db2 48b0a77a ecec196a ccc52973').
replace(/ /g, ''), 'hex'),
G: new Buffer(('04' +
G: Buffer.from(('04' +
'aa87ca22 be8b0537 8eb1c71e f320ad74' +
'6e1d3b62 8ba79b98 59f741e0 82542a38' +
'5502f25d bf55296c 3a545e38 72760ab7' +
@@ -118,34 +120,34 @@ var curves = {
'nistp521': {
size: 521,
pkcs8oid: '1.3.132.0.35',
p: new Buffer((
p: Buffer.from((
'01ffffff ffffffff ffffffff ffffffff' +
'ffffffff ffffffff ffffffff ffffffff' +
'ffffffff ffffffff ffffffff ffffffff' +
'ffffffff ffffffff ffffffff ffffffff' +
'ffff').replace(/ /g, ''), 'hex'),
a: new Buffer(('01FF' +
a: Buffer.from(('01FF' +
'FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF' +
'FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF' +
'FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF' +
'FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFC').
replace(/ /g, ''), 'hex'),
b: new Buffer(('51' +
b: Buffer.from(('51' +
'953eb961 8e1c9a1f 929a21a0 b68540ee' +
'a2da725b 99b315f3 b8b48991 8ef109e1' +
'56193951 ec7e937b 1652c0bd 3bb1bf07' +
'3573df88 3d2c34f1 ef451fd4 6b503f00').
replace(/ /g, ''), 'hex'),
s: new Buffer(('00' +
s: Buffer.from(('00' +
'd09e8800 291cb853 96cc6717 393284aa' +
'a0da64ba').replace(/ /g, ''), 'hex'),
n: new Buffer(('01ff' +
n: Buffer.from(('01ff' +
'ffffffff ffffffff ffffffff ffffffff' +
'ffffffff ffffffff ffffffff fffffffa' +
'51868783 bf2f966b 7fcc0148 f709a5d0' +
'3bb5c9b8 899c47ae bb6fb71e 91386409').
replace(/ /g, ''), 'hex'),
G: new Buffer(('04' +
G: Buffer.from(('04' +
'00c6 858e06b7 0404e9cd 9e3ecb66 2395b442' +
'9c648139 053fb521 f828af60 6b4d3dba' +
'a14b5e77 efe75928 fe1dc127 a2ffa8de' +

39
node_modules/sshpk/lib/certificate.js generated vendored
View File

@@ -3,6 +3,7 @@
module.exports = Certificate;
var assert = require('assert-plus');
var Buffer = require('safer-buffer').Buffer;
var algs = require('./algs');
var crypto = require('crypto');
var Fingerprint = require('./fingerprint');
@@ -119,6 +120,37 @@ Certificate.prototype.isSignedBy = function (issuerCert) {
return (this.isSignedByKey(issuerCert.subjectKey));
};
Certificate.prototype.getExtension = function (keyOrOid) {
assert.string(keyOrOid, 'keyOrOid');
var ext = this.getExtensions().filter(function (maybeExt) {
if (maybeExt.format === 'x509')
return (maybeExt.oid === keyOrOid);
if (maybeExt.format === 'openssh')
return (maybeExt.name === keyOrOid);
return (false);
})[0];
return (ext);
};
Certificate.prototype.getExtensions = function () {
var exts = [];
var x509 = this.signatures.x509;
if (x509 && x509.extras && x509.extras.exts) {
x509.extras.exts.forEach(function (ext) {
ext.format = 'x509';
exts.push(ext);
});
}
var openssh = this.signatures.openssh;
if (openssh && openssh.exts) {
openssh.exts.forEach(function (ext) {
ext.format = 'openssh';
exts.push(ext);
});
}
return (exts);
};
Certificate.prototype.isSignedByKey = function (issuerKey) {
utils.assertCompatible(issuerKey, Key, [1, 2], 'issuerKey');
@@ -185,7 +217,7 @@ Certificate.createSelfSigned = function (subjectOrSubjects, key, options) {
assert.optionalBuffer(options.serial, 'options.serial');
var serial = options.serial;
if (serial === undefined)
serial = new Buffer('0000000000000001', 'hex');
serial = Buffer.from('0000000000000001', 'hex');
var purposes = options.purposes;
if (purposes === undefined)
@@ -283,7 +315,7 @@ Certificate.create =
assert.optionalBuffer(options.serial, 'options.serial');
var serial = options.serial;
if (serial === undefined)
serial = new Buffer('0000000000000001', 'hex');
serial = Buffer.from('0000000000000001', 'hex');
var purposes = options.purposes;
if (purposes === undefined)
@@ -369,8 +401,9 @@ Certificate.isCertificate = function (obj, ver) {
/*
* API versions for Certificate:
* [1,0] -- initial ver
* [1,1] -- openssh format now unpacks extensions
*/
Certificate.prototype._sshpkApiVersion = [1, 0];
Certificate.prototype._sshpkApiVersion = [1, 1];
Certificate._oldVersionDetect = function (obj) {
return ([1, 0]);

54
node_modules/sshpk/lib/dhe.js generated vendored
View File

@@ -8,16 +8,19 @@ module.exports = {
var assert = require('assert-plus');
var crypto = require('crypto');
var Buffer = require('safer-buffer').Buffer;
var algs = require('./algs');
var utils = require('./utils');
var nacl;
var nacl = require('tweetnacl');
var Key = require('./key');
var PrivateKey = require('./private-key');
var CRYPTO_HAVE_ECDH = (crypto.createECDH !== undefined);
var ecdh, ec, jsbn;
var ecdh = require('ecc-jsbn');
var ec = require('ecc-jsbn/lib/ec');
var jsbn = require('jsbn').BigInteger;
function DiffieHellman(key) {
utils.assertCompatible(key, Key, [1, 4], 'key');
@@ -42,13 +45,6 @@ function DiffieHellman(key) {
} else if (key.type === 'ecdsa') {
if (!CRYPTO_HAVE_ECDH) {
if (ecdh === undefined)
ecdh = require('ecc-jsbn');
if (ec === undefined)
ec = require('ecc-jsbn/lib/ec');
if (jsbn === undefined)
jsbn = require('jsbn').BigInteger;
this._ecParams = new X9ECParameters(this._curve);
if (this._isPriv) {
@@ -75,9 +71,6 @@ function DiffieHellman(key) {
this._dh.setPublicKey(key.part.Q.data);
} else if (key.type === 'curve25519') {
if (nacl === undefined)
nacl = require('tweetnacl');
if (this._isPriv) {
utils.assertCompatible(key, PrivateKey, [1, 5], 'key');
this._priv = key.part.k.data;
@@ -189,7 +182,7 @@ DiffieHellman.prototype.computeSecret = function (otherpk) {
var secret = nacl.box.before(new Uint8Array(pub),
new Uint8Array(priv));
return (new Buffer(secret));
return (Buffer.from(secret));
}
throw (new Error('Invalid algorithm: ' + this._algo));
@@ -218,7 +211,7 @@ DiffieHellman.prototype.generateKey = function () {
this._dh.generateKeys();
parts.push({name: 'curve',
data: new Buffer(this._curve)});
data: Buffer.from(this._curve)});
parts.push({name: 'Q', data: this._dh.getPublicKey()});
parts.push({name: 'd', data: this._dh.getPrivateKey()});
this._key = new PrivateKey({
@@ -236,14 +229,14 @@ DiffieHellman.prototype.generateKey = function () {
priv = r.mod(n1).add(jsbn.ONE);
pub = this._ecParams.getG().multiply(priv);
priv = new Buffer(priv.toByteArray());
pub = new Buffer(this._ecParams.getCurve().
priv = Buffer.from(priv.toByteArray());
pub = Buffer.from(this._ecParams.getCurve().
encodePointHex(pub), 'hex');
this._priv = new ECPrivate(this._ecParams, priv);
parts.push({name: 'curve',
data: new Buffer(this._curve)});
data: Buffer.from(this._curve)});
parts.push({name: 'Q', data: pub});
parts.push({name: 'd', data: priv});
@@ -258,8 +251,8 @@ DiffieHellman.prototype.generateKey = function () {
} else if (this._algo === 'curve25519') {
var pair = nacl.box.keyPair();
priv = new Buffer(pair.secretKey);
pub = new Buffer(pair.publicKey);
priv = Buffer.from(pair.secretKey);
pub = Buffer.from(pair.publicKey);
priv = Buffer.concat([priv, pub]);
assert.strictEqual(priv.length, 64);
assert.strictEqual(pub.length, 32);
@@ -316,16 +309,13 @@ function ECPrivate(params, buffer) {
ECPrivate.prototype.deriveSharedSecret = function (pubKey) {
assert.ok(pubKey instanceof ECPublic);
var S = pubKey._pub.multiply(this._priv);
return (new Buffer(S.getX().toBigInteger().toByteArray()));
return (Buffer.from(S.getX().toBigInteger().toByteArray()));
};
function generateED25519() {
if (nacl === undefined)
nacl = require('tweetnacl');
var pair = nacl.sign.keyPair();
var priv = new Buffer(pair.secretKey);
var pub = new Buffer(pair.publicKey);
var priv = Buffer.from(pair.secretKey);
var pub = Buffer.from(pair.publicKey);
assert.strictEqual(priv.length, 64);
assert.strictEqual(pub.length, 32);
@@ -362,7 +352,7 @@ function generateECDSA(curve) {
dh.generateKeys();
parts.push({name: 'curve',
data: new Buffer(curve)});
data: Buffer.from(curve)});
parts.push({name: 'Q', data: dh.getPublicKey()});
parts.push({name: 'd', data: dh.getPrivateKey()});
@@ -373,12 +363,6 @@ function generateECDSA(curve) {
});
return (key);
} else {
if (ecdh === undefined)
ecdh = require('ecc-jsbn');
if (ec === undefined)
ec = require('ecc-jsbn/lib/ec');
if (jsbn === undefined)
jsbn = require('jsbn').BigInteger;
var ecParams = new X9ECParameters(curve);
@@ -395,11 +379,11 @@ function generateECDSA(curve) {
var priv = c.mod(n1).add(jsbn.ONE);
var pub = ecParams.getG().multiply(priv);
priv = new Buffer(priv.toByteArray());
pub = new Buffer(ecParams.getCurve().
priv = Buffer.from(priv.toByteArray());
pub = Buffer.from(ecParams.getCurve().
encodePointHex(pub), 'hex');
parts.push({name: 'curve', data: new Buffer(curve)});
parts.push({name: 'curve', data: Buffer.from(curve)});
parts.push({name: 'Q', data: pub});
parts.push({name: 'd', data: priv});

17
node_modules/sshpk/lib/ed-compat.js generated vendored
View File

@@ -5,16 +5,14 @@ module.exports = {
Signer: Signer
};
var nacl;
var nacl = require('tweetnacl');
var stream = require('stream');
var util = require('util');
var assert = require('assert-plus');
var Buffer = require('safer-buffer').Buffer;
var Signature = require('./signature');
function Verifier(key, hashAlgo) {
if (nacl === undefined)
nacl = require('tweetnacl');
if (hashAlgo.toLowerCase() !== 'sha512')
throw (new Error('ED25519 only supports the use of ' +
'SHA-512 hashes'));
@@ -33,7 +31,7 @@ Verifier.prototype._write = function (chunk, enc, cb) {
Verifier.prototype.update = function (chunk) {
if (typeof (chunk) === 'string')
chunk = new Buffer(chunk, 'binary');
chunk = Buffer.from(chunk, 'binary');
this.chunks.push(chunk);
};
@@ -45,7 +43,7 @@ Verifier.prototype.verify = function (signature, fmt) {
sig = signature.toBuffer('raw');
} else if (typeof (signature) === 'string') {
sig = new Buffer(signature, 'base64');
sig = Buffer.from(signature, 'base64');
} else if (Signature.isSignature(signature, [1, 0])) {
throw (new Error('signature was created by too old ' +
@@ -60,9 +58,6 @@ Verifier.prototype.verify = function (signature, fmt) {
};
function Signer(key, hashAlgo) {
if (nacl === undefined)
nacl = require('tweetnacl');
if (hashAlgo.toLowerCase() !== 'sha512')
throw (new Error('ED25519 only supports the use of ' +
'SHA-512 hashes'));
@@ -81,7 +76,7 @@ Signer.prototype._write = function (chunk, enc, cb) {
Signer.prototype.update = function (chunk) {
if (typeof (chunk) === 'string')
chunk = new Buffer(chunk, 'binary');
chunk = Buffer.from(chunk, 'binary');
this.chunks.push(chunk);
};
@@ -90,7 +85,7 @@ Signer.prototype.sign = function () {
new Uint8Array(Buffer.concat(this.chunks)),
new Uint8Array(Buffer.concat([
this.key.part.k.data, this.key.part.A.data])));
var sigBuf = new Buffer(sig);
var sigBuf = Buffer.from(sig);
var sigObj = Signature.parse(sigBuf, 'ed25519', 'raw');
sigObj.hashAlgorithm = 'sha512';
return (sigObj);

85
node_modules/sshpk/lib/fingerprint.js generated vendored
View File

@@ -1,12 +1,14 @@
// Copyright 2015 Joyent, Inc.
// Copyright 2018 Joyent, Inc.
module.exports = Fingerprint;
var assert = require('assert-plus');
var Buffer = require('safer-buffer').Buffer;
var algs = require('./algs');
var crypto = require('crypto');
var errs = require('./errors');
var Key = require('./key');
var PrivateKey = require('./private-key');
var Certificate = require('./certificate');
var utils = require('./utils');
@@ -25,11 +27,12 @@ function Fingerprint(opts) {
this.hash = opts.hash;
this.type = opts.type;
this.hashType = opts.hashType;
}
Fingerprint.prototype.toString = function (format) {
if (format === undefined) {
if (this.algorithm === 'md5')
if (this.algorithm === 'md5' || this.hashType === 'spki')
format = 'hex';
else
format = 'base64';
@@ -38,8 +41,12 @@ Fingerprint.prototype.toString = function (format) {
switch (format) {
case 'hex':
if (this.hashType === 'spki')
return (this.hash.toString('hex'));
return (addColons(this.hash.toString('hex')));
case 'base64':
if (this.hashType === 'spki')
return (this.hash.toString('base64'));
return (sshBase64Format(this.algorithm,
this.hash.toString('base64')));
default:
@@ -49,14 +56,20 @@ Fingerprint.prototype.toString = function (format) {
Fingerprint.prototype.matches = function (other) {
assert.object(other, 'key or certificate');
if (this.type === 'key') {
if (this.type === 'key' && this.hashType !== 'ssh') {
utils.assertCompatible(other, Key, [1, 7], 'key with spki');
if (PrivateKey.isPrivateKey(other)) {
utils.assertCompatible(other, PrivateKey, [1, 6],
'privatekey with spki support');
}
} else if (this.type === 'key') {
utils.assertCompatible(other, Key, [1, 0], 'key');
} else {
utils.assertCompatible(other, Certificate, [1, 0],
'certificate');
}
var theirHash = other.hash(this.algorithm);
var theirHash = other.hash(this.algorithm, this.hashType);
var theirHash2 = crypto.createHash(this.algorithm).
update(theirHash).digest('base64');
@@ -67,6 +80,11 @@ Fingerprint.prototype.matches = function (other) {
return (this.hash2 === theirHash2);
};
/*JSSTYLED*/
var base64RE = /^[A-Za-z0-9+\/=]+$/;
/*JSSTYLED*/
var hexRE = /^[a-fA-F0-9]+$/;
Fingerprint.parse = function (fp, options) {
assert.string(fp, 'fingerprint');
@@ -80,17 +98,22 @@ Fingerprint.parse = function (fp, options) {
options = {};
if (options.enAlgs !== undefined)
enAlgs = options.enAlgs;
if (options.algorithms !== undefined)
enAlgs = options.algorithms;
assert.optionalArrayOfString(enAlgs, 'algorithms');
var hashType = 'ssh';
if (options.hashType !== undefined)
hashType = options.hashType;
assert.string(hashType, 'options.hashType');
var parts = fp.split(':');
if (parts.length == 2) {
alg = parts[0].toLowerCase();
/*JSSTYLED*/
var base64RE = /^[A-Za-z0-9+\/=]+$/;
if (!base64RE.test(parts[1]))
throw (new FingerprintFormatError(fp));
try {
hash = new Buffer(parts[1], 'base64');
hash = Buffer.from(parts[1], 'base64');
} catch (e) {
throw (new FingerprintFormatError(fp));
}
@@ -98,16 +121,50 @@ Fingerprint.parse = function (fp, options) {
alg = 'md5';
if (parts[0].toLowerCase() === 'md5')
parts = parts.slice(1);
parts = parts.map(function (p) {
while (p.length < 2)
p = '0' + p;
if (p.length > 2)
throw (new FingerprintFormatError(fp));
return (p);
});
parts = parts.join('');
/*JSSTYLED*/
var md5RE = /^[a-fA-F0-9]+$/;
if (!md5RE.test(parts))
if (!hexRE.test(parts) || parts.length % 2 !== 0)
throw (new FingerprintFormatError(fp));
try {
hash = new Buffer(parts, 'hex');
hash = Buffer.from(parts, 'hex');
} catch (e) {
throw (new FingerprintFormatError(fp));
}
} else {
if (hexRE.test(fp)) {
hash = Buffer.from(fp, 'hex');
} else if (base64RE.test(fp)) {
hash = Buffer.from(fp, 'base64');
} else {
throw (new FingerprintFormatError(fp));
}
switch (hash.length) {
case 32:
alg = 'sha256';
break;
case 16:
alg = 'md5';
break;
case 20:
alg = 'sha1';
break;
case 64:
alg = 'sha512';
break;
default:
throw (new FingerprintFormatError(fp));
}
/* Plain hex/base64: guess it's probably SPKI unless told. */
if (options.hashType === undefined)
hashType = 'spki';
}
if (alg === undefined)
@@ -125,7 +182,8 @@ Fingerprint.parse = function (fp, options) {
return (new Fingerprint({
algorithm: alg,
hash: hash,
type: options.type || 'key'
type: options.type || 'key',
hashType: hashType
}));
};
@@ -151,8 +209,9 @@ Fingerprint.isFingerprint = function (obj, ver) {
* API versions for Fingerprint:
* [1,0] -- initial ver
* [1,1] -- first tagged ver
* [1,2] -- hashType and spki support
*/
Fingerprint.prototype._sshpkApiVersion = [1, 1];
Fingerprint.prototype._sshpkApiVersion = [1, 2];
Fingerprint._oldVersionDetect = function (obj) {
assert.func(obj.toString);

22
node_modules/sshpk/lib/formats/auto.js generated vendored
View File

@@ -1,4 +1,4 @@
// Copyright 2015 Joyent, Inc.
// Copyright 2018 Joyent, Inc.
module.exports = {
read: read,
@@ -6,6 +6,7 @@ module.exports = {
};
var assert = require('assert-plus');
var Buffer = require('safer-buffer').Buffer;
var utils = require('../utils');
var Key = require('../key');
var PrivateKey = require('../private-key');
@@ -14,6 +15,7 @@ var pem = require('./pem');
var ssh = require('./ssh');
var rfc4253 = require('./rfc4253');
var dnssec = require('./dnssec');
var putty = require('./putty');
var DNSSEC_PRIVKEY_HEADER_PREFIX = 'Private-key-format: v1';
@@ -25,15 +27,19 @@ function read(buf, options) {
return (ssh.read(buf, options));
if (buf.match(/^\s*ecdsa-/))
return (ssh.read(buf, options));
if (buf.match(/^putty-user-key-file-2:/i))
return (putty.read(buf, options));
if (findDNSSECHeader(buf))
return (dnssec.read(buf, options));
buf = new Buffer(buf, 'binary');
buf = Buffer.from(buf, 'binary');
} else {
assert.buffer(buf);
if (findPEMHeader(buf))
return (pem.read(buf, options));
if (findSSHHeader(buf))
return (ssh.read(buf, options));
if (findPuTTYHeader(buf))
return (putty.read(buf, options));
if (findDNSSECHeader(buf))
return (dnssec.read(buf, options));
}
@@ -42,6 +48,18 @@ function read(buf, options) {
throw (new Error('Failed to auto-detect format of key'));
}
function findPuTTYHeader(buf) {
var offset = 0;
while (offset < buf.length &&
(buf[offset] === 32 || buf[offset] === 10 || buf[offset] === 9))
++offset;
if (offset + 22 <= buf.length &&
buf.slice(offset, offset + 22).toString('ascii').toLowerCase() ===
'putty-user-key-file-2:')
return (true);
return (false);
}
function findSSHHeader(buf) {
var offset = 0;
while (offset < buf.length &&

15
node_modules/sshpk/lib/formats/dnssec.js generated vendored
View File

@@ -6,6 +6,7 @@ module.exports = {
};
var assert = require('assert-plus');
var Buffer = require('safer-buffer').Buffer;
var Key = require('../key');
var PrivateKey = require('../private-key');
var utils = require('../utils');
@@ -66,7 +67,7 @@ function readRFC3110(keyString) {
if (!supportedAlgosById[algorithm])
throw (new Error('Unsupported algorithm: ' + algorithm));
var base64key = elems.slice(6, elems.length).join();
var keyBuffer = new Buffer(base64key, 'base64');
var keyBuffer = Buffer.from(base64key, 'base64');
if (supportedAlgosById[algorithm].match(/^RSA-/)) {
// join the rest of the body into a single base64-blob
var publicExponentLen = keyBuffer.readUInt8(0);
@@ -101,7 +102,7 @@ function readRFC3110(keyString) {
curve: curve,
size: size,
parts: [
{name: 'curve', data: new Buffer(curve) },
{name: 'curve', data: Buffer.from(curve) },
{name: 'Q', data: utils.ecNormalize(keyBuffer) }
]
};
@@ -112,7 +113,7 @@ function readRFC3110(keyString) {
}
function elementToBuf(e) {
return (new Buffer(e.split(' ')[1], 'base64'));
return (Buffer.from(e.split(' ')[1], 'base64'));
}
function readDNSSECRSAPrivateKey(elements) {
@@ -161,7 +162,7 @@ function readDNSSECPrivateKey(alg, elements) {
}
if (supportedAlgosById[alg] === 'ECDSA-P384-SHA384' ||
supportedAlgosById[alg] === 'ECDSA-P256-SHA256') {
var d = new Buffer(elements[0].split(' ')[1], 'base64');
var d = Buffer.from(elements[0].split(' ')[1], 'base64');
var curve = 'nistp384';
var size = 384;
if (supportedAlgosById[alg] === 'ECDSA-P256-SHA256') {
@@ -176,7 +177,7 @@ function readDNSSECPrivateKey(alg, elements) {
curve: curve,
size: size,
parts: [
{name: 'curve', data: new Buffer(curve) },
{name: 'curve', data: Buffer.from(curve) },
{name: 'd', data: d },
{name: 'Q', data: Q }
]
@@ -237,7 +238,7 @@ function writeRSA(key, options) {
out += 'Created: ' + dnssecTimestamp(timestamp) + '\n';
out += 'Publish: ' + dnssecTimestamp(timestamp) + '\n';
out += 'Activate: ' + dnssecTimestamp(timestamp) + '\n';
return (new Buffer(out, 'ascii'));
return (Buffer.from(out, 'ascii'));
}
function writeECDSA(key, options) {
@@ -260,7 +261,7 @@ function writeECDSA(key, options) {
out += 'Publish: ' + dnssecTimestamp(timestamp) + '\n';
out += 'Activate: ' + dnssecTimestamp(timestamp) + '\n';
return (new Buffer(out, 'ascii'));
return (Buffer.from(out, 'ascii'));
}
function write(key, options) {

52
node_modules/sshpk/lib/formats/openssh-cert.js generated vendored
View File

@@ -15,6 +15,7 @@ module.exports = {
var assert = require('assert-plus');
var SSHBuffer = require('../ssh-buffer');
var crypto = require('crypto');
var Buffer = require('safer-buffer').Buffer;
var algs = require('../algs');
var Key = require('../key');
var PrivateKey = require('../private-key');
@@ -50,7 +51,7 @@ function read(buf, options) {
var algo = parts[0];
var data = parts[1];
data = new Buffer(data, 'base64');
data = Buffer.from(data, 'base64');
return (fromBuffer(data, algo));
}
@@ -121,8 +122,23 @@ function fromBuffer(data, algo, partial) {
cert.validFrom = int64ToDate(sshbuf.readInt64());
cert.validUntil = int64ToDate(sshbuf.readInt64());
cert.signatures.openssh.critical = sshbuf.readBuffer();
cert.signatures.openssh.exts = sshbuf.readBuffer();
var exts = [];
var extbuf = new SSHBuffer({ buffer: sshbuf.readBuffer() });
var ext;
while (!extbuf.atEnd()) {
ext = { critical: true };
ext.name = extbuf.readString();
ext.data = extbuf.readBuffer();
exts.push(ext);
}
extbuf = new SSHBuffer({ buffer: sshbuf.readBuffer() });
while (!extbuf.atEnd()) {
ext = { critical: false };
ext.name = extbuf.readString();
ext.data = extbuf.readBuffer();
exts.push(ext);
}
cert.signatures.openssh.exts = exts;
/* reserved */
sshbuf.readBuffer();
@@ -164,7 +180,7 @@ function dateToInt64(date) {
var i = Math.round(date.getTime() / 1000);
var upper = Math.floor(i / 4294967296);
var lower = Math.floor(i % 4294967296);
var buf = new Buffer(8);
var buf = Buffer.alloc(8);
buf.writeUInt32BE(upper, 0);
buf.writeUInt32BE(lower, 4);
return (buf);
@@ -277,16 +293,30 @@ function toBuffer(cert, noSig) {
buf.writeInt64(dateToInt64(cert.validFrom));
buf.writeInt64(dateToInt64(cert.validUntil));
if (sig.critical === undefined)
sig.critical = new Buffer(0);
buf.writeBuffer(sig.critical);
var exts = sig.exts;
if (exts === undefined)
exts = [];
if (sig.exts === undefined)
sig.exts = new Buffer(0);
buf.writeBuffer(sig.exts);
var extbuf = new SSHBuffer({});
exts.forEach(function (ext) {
if (ext.critical !== true)
return;
extbuf.writeString(ext.name);
extbuf.writeBuffer(ext.data);
});
buf.writeBuffer(extbuf.toBuffer());
extbuf = new SSHBuffer({});
exts.forEach(function (ext) {
if (ext.critical === true)
return;
extbuf.writeString(ext.name);
extbuf.writeBuffer(ext.data);
});
buf.writeBuffer(extbuf.toBuffer());
/* reserved */
buf.writeBuffer(new Buffer(0));
buf.writeBuffer(Buffer.alloc(0));
sub = rfc4253.write(cert.issuerKey);
buf.writeBuffer(sub);

123
node_modules/sshpk/lib/formats/pem.js generated vendored
View File

@@ -1,4 +1,4 @@
// Copyright 2015 Joyent, Inc.
// Copyright 2018 Joyent, Inc.
module.exports = {
read: read,
@@ -8,6 +8,7 @@ module.exports = {
var assert = require('assert-plus');
var asn1 = require('asn1');
var crypto = require('crypto');
var Buffer = require('safer-buffer').Buffer;
var algs = require('../algs');
var utils = require('../utils');
var Key = require('../key');
@@ -20,6 +21,29 @@ var rfc4253 = require('./rfc4253');
var errors = require('../errors');
var OID_PBES2 = '1.2.840.113549.1.5.13';
var OID_PBKDF2 = '1.2.840.113549.1.5.12';
var OID_TO_CIPHER = {
'1.2.840.113549.3.7': '3des-cbc',
'2.16.840.1.101.3.4.1.2': 'aes128-cbc',
'2.16.840.1.101.3.4.1.42': 'aes256-cbc'
};
var CIPHER_TO_OID = {};
Object.keys(OID_TO_CIPHER).forEach(function (k) {
CIPHER_TO_OID[OID_TO_CIPHER[k]] = k;
});
var OID_TO_HASH = {
'1.2.840.113549.2.7': 'sha1',
'1.2.840.113549.2.9': 'sha256',
'1.2.840.113549.2.11': 'sha512'
};
var HASH_TO_OID = {};
Object.keys(OID_TO_HASH).forEach(function (k) {
HASH_TO_OID[OID_TO_HASH[k]] = k;
});
/*
* For reading we support both PKCS#1 and PKCS#8. If we find a private key,
* we just take the public component of it and use that.
@@ -31,14 +55,22 @@ function read(buf, options, forceType) {
buf = buf.toString('ascii');
}
var lines = buf.trim().split('\n');
var lines = buf.trim().split(/[\r\n]+/g);
var m = lines[0].match(/*JSSTYLED*/
/[-]+[ ]*BEGIN ([A-Z0-9][A-Za-z0-9]+ )?(PUBLIC|PRIVATE) KEY[ ]*[-]+/);
var m;
var si = -1;
while (!m && si < lines.length) {
m = lines[++si].match(/*JSSTYLED*/
/[-]+[ ]*BEGIN ([A-Z0-9][A-Za-z0-9]+ )?(PUBLIC|PRIVATE) KEY[ ]*[-]+/);
}
assert.ok(m, 'invalid PEM header');
var m2 = lines[lines.length - 1].match(/*JSSTYLED*/
/[-]+[ ]*END ([A-Z0-9][A-Za-z0-9]+ )?(PUBLIC|PRIVATE) KEY[ ]*[-]+/);
var m2;
var ei = lines.length;
while (!m2 && ei > 0) {
m2 = lines[--ei].match(/*JSSTYLED*/
/[-]+[ ]*END ([A-Z0-9][A-Za-z0-9]+ )?(PUBLIC|PRIVATE) KEY[ ]*[-]+/);
}
assert.ok(m2, 'invalid PEM footer');
/* Begin and end banners must match key type */
@@ -52,6 +84,8 @@ function read(buf, options, forceType) {
alg = m[1].trim();
}
lines = lines.slice(si, ei + 1);
var headers = {};
while (true) {
lines = lines.slice(1);
@@ -62,12 +96,16 @@ function read(buf, options, forceType) {
headers[m[1].toLowerCase()] = m[2];
}
/* Chop off the first and last lines */
lines = lines.slice(0, -1).join('');
buf = Buffer.from(lines, 'base64');
var cipher, key, iv;
if (headers['proc-type']) {
var parts = headers['proc-type'].split(',');
if (parts[0] === '4' && parts[1] === 'ENCRYPTED') {
if (typeof (options.passphrase) === 'string') {
options.passphrase = new Buffer(
options.passphrase = Buffer.from(
options.passphrase, 'utf-8');
}
if (!Buffer.isBuffer(options.passphrase)) {
@@ -77,16 +115,77 @@ function read(buf, options, forceType) {
parts = headers['dek-info'].split(',');
assert.ok(parts.length === 2);
cipher = parts[0].toLowerCase();
iv = new Buffer(parts[1], 'hex');
iv = Buffer.from(parts[1], 'hex');
key = utils.opensslKeyDeriv(cipher, iv,
options.passphrase, 1).key;
}
}
}
/* Chop off the first and last lines */
lines = lines.slice(0, -1).join('');
buf = new Buffer(lines, 'base64');
if (alg && alg.toLowerCase() === 'encrypted') {
var eder = new asn1.BerReader(buf);
var pbesEnd;
eder.readSequence();
eder.readSequence();
pbesEnd = eder.offset + eder.length;
var method = eder.readOID();
if (method !== OID_PBES2) {
throw (new Error('Unsupported PEM/PKCS8 encryption ' +
'scheme: ' + method));
}
eder.readSequence(); /* PBES2-params */
eder.readSequence(); /* keyDerivationFunc */
var kdfEnd = eder.offset + eder.length;
var kdfOid = eder.readOID();
if (kdfOid !== OID_PBKDF2)
throw (new Error('Unsupported PBES2 KDF: ' + kdfOid));
eder.readSequence();
var salt = eder.readString(asn1.Ber.OctetString, true);
var iterations = eder.readInt();
var hashAlg = 'sha1';
if (eder.offset < kdfEnd) {
eder.readSequence();
var hashAlgOid = eder.readOID();
hashAlg = OID_TO_HASH[hashAlgOid];
if (hashAlg === undefined) {
throw (new Error('Unsupported PBKDF2 hash: ' +
hashAlgOid));
}
}
eder._offset = kdfEnd;
eder.readSequence(); /* encryptionScheme */
var cipherOid = eder.readOID();
cipher = OID_TO_CIPHER[cipherOid];
if (cipher === undefined) {
throw (new Error('Unsupported PBES2 cipher: ' +
cipherOid));
}
iv = eder.readString(asn1.Ber.OctetString, true);
eder._offset = pbesEnd;
buf = eder.readString(asn1.Ber.OctetString, true);
if (typeof (options.passphrase) === 'string') {
options.passphrase = Buffer.from(
options.passphrase, 'utf-8');
}
if (!Buffer.isBuffer(options.passphrase)) {
throw (new errors.KeyEncryptedError(
options.filename, 'PEM'));
}
var cinfo = utils.opensshCipherInfo(cipher);
cipher = cinfo.opensslName;
key = utils.pbkdf2(hashAlg, salt, iterations, cinfo.keySize,
options.passphrase);
alg = undefined;
}
if (cipher && key && iv) {
var cipherStream = crypto.createDecipheriv(cipher, key, iv);
@@ -174,7 +273,7 @@ function write(key, options, type) {
var tmp = der.buffer.toString('base64');
var len = tmp.length + (tmp.length / 64) +
18 + 16 + header.length*2 + 10;
var buf = new Buffer(len);
var buf = Buffer.alloc(len);
var o = 0;
o += buf.write('-----BEGIN ' + header + '-----\n', o);
for (var i = 0; i < tmp.length; ) {

17
node_modules/sshpk/lib/formats/pkcs1.js generated vendored
View File

@@ -9,6 +9,7 @@ module.exports = {
var assert = require('assert-plus');
var asn1 = require('asn1');
var Buffer = require('safer-buffer').Buffer;
var algs = require('../algs');
var utils = require('../utils');
@@ -209,7 +210,7 @@ function readPkcs1ECDSAPublic(der) {
var key = {
type: 'ecdsa',
parts: [
{ name: 'curve', data: new Buffer(curve) },
{ name: 'curve', data: Buffer.from(curve) },
{ name: 'Q', data: Q }
]
};
@@ -235,7 +236,7 @@ function readPkcs1ECDSAPrivate(der) {
var key = {
type: 'ecdsa',
parts: [
{ name: 'curve', data: new Buffer(curve) },
{ name: 'curve', data: Buffer.from(curve) },
{ name: 'Q', data: Q },
{ name: 'd', data: d }
]
@@ -285,8 +286,7 @@ function writePkcs1RSAPublic(der, key) {
}
function writePkcs1RSAPrivate(der, key) {
var ver = new Buffer(1);
ver[0] = 0;
var ver = Buffer.from([0]);
der.writeBuffer(ver, asn1.Ber.Integer);
der.writeBuffer(key.part.n.data, asn1.Ber.Integer);
@@ -302,8 +302,7 @@ function writePkcs1RSAPrivate(der, key) {
}
function writePkcs1DSAPrivate(der, key) {
var ver = new Buffer(1);
ver[0] = 0;
var ver = Buffer.from([0]);
der.writeBuffer(ver, asn1.Ber.Integer);
der.writeBuffer(key.part.p.data, asn1.Ber.Integer);
@@ -336,8 +335,7 @@ function writePkcs1ECDSAPublic(der, key) {
}
function writePkcs1ECDSAPrivate(der, key) {
var ver = new Buffer(1);
ver[0] = 1;
var ver = Buffer.from([1]);
der.writeBuffer(ver, asn1.Ber.Integer);
der.writeBuffer(key.part.d.data, asn1.Ber.OctetString);
@@ -356,8 +354,7 @@ function writePkcs1ECDSAPrivate(der, key) {
}
function writePkcs1EdDSAPrivate(der, key) {
var ver = new Buffer(1);
ver[0] = 1;
var ver = Buffer.from([1]);
der.writeBuffer(ver, asn1.Ber.Integer);
der.writeBuffer(key.part.k.data, asn1.Ber.OctetString);

47
node_modules/sshpk/lib/formats/pkcs8.js generated vendored
View File

@@ -1,10 +1,11 @@
// Copyright 2015 Joyent, Inc.
// Copyright 2018 Joyent, Inc.
module.exports = {
read: read,
readPkcs8: readPkcs8,
write: write,
writePkcs8: writePkcs8,
pkcs8ToBuffer: pkcs8ToBuffer,
readECDSACurve: readECDSACurve,
writeECDSACurve: writeECDSACurve
@@ -12,6 +13,7 @@ module.exports = {
var assert = require('assert-plus');
var asn1 = require('asn1');
var Buffer = require('safer-buffer').Buffer;
var algs = require('../algs');
var utils = require('../utils');
var Key = require('../key');
@@ -299,15 +301,27 @@ function readPkcs8ECDSAPrivate(der) {
assert.equal(version[0], 1, 'unknown version of ECDSA key');
var d = der.readString(asn1.Ber.OctetString, true);
der.readSequence(0xa1);
var Q;
var Q = der.readString(asn1.Ber.BitString, true);
Q = utils.ecNormalize(Q);
if (der.peek() == 0xa0) {
der.readSequence(0xa0);
der._offset += der.length;
}
if (der.peek() == 0xa1) {
der.readSequence(0xa1);
Q = der.readString(asn1.Ber.BitString, true);
Q = utils.ecNormalize(Q);
}
if (Q === undefined) {
var pub = utils.publicFromPrivateECDSA(curveName, d);
Q = pub.part.Q.data;
}
var key = {
type: 'ecdsa',
parts: [
{ name: 'curve', data: new Buffer(curveName) },
{ name: 'curve', data: Buffer.from(curveName) },
{ name: 'Q', data: Q },
{ name: 'd', data: d }
]
@@ -326,7 +340,7 @@ function readPkcs8ECDSAPublic(der) {
var key = {
type: 'ecdsa',
parts: [
{ name: 'curve', data: new Buffer(curveName) },
{ name: 'curve', data: Buffer.from(curveName) },
{ name: 'Q', data: Q }
]
};
@@ -411,12 +425,17 @@ function readPkcs8X25519Private(der) {
return (new PrivateKey(key));
}
function pkcs8ToBuffer(key) {
var der = new asn1.BerWriter();
writePkcs8(der, key);
return (der.buffer);
}
function writePkcs8(der, key) {
der.startSequence();
if (PrivateKey.isPrivateKey(key)) {
var sillyInt = new Buffer(1);
sillyInt[0] = 0x0;
var sillyInt = Buffer.from([0]);
der.writeBuffer(sillyInt, asn1.Ber.Integer);
}
@@ -464,8 +483,7 @@ function writePkcs8RSAPrivate(key, der) {
der.startSequence(asn1.Ber.OctetString);
der.startSequence();
var version = new Buffer(1);
version[0] = 0;
var version = Buffer.from([0]);
der.writeBuffer(version, asn1.Ber.Integer);
der.writeBuffer(key.part.n.data, asn1.Ber.Integer);
@@ -536,8 +554,7 @@ function writeECDSACurve(key, der) {
// ECParameters sequence
der.startSequence();
var version = new Buffer(1);
version.writeUInt8(1, 0);
var version = Buffer.from([1]);
der.writeBuffer(version, asn1.Ber.Integer);
// FieldID sequence
@@ -560,8 +577,7 @@ function writeECDSACurve(key, der) {
der.writeBuffer(curve.n, asn1.Ber.Integer);
var h = curve.h;
if (!h) {
h = new Buffer(1);
h[0] = 1;
h = Buffer.from([1]);
}
der.writeBuffer(h, asn1.Ber.Integer);
@@ -585,8 +601,7 @@ function writePkcs8ECDSAPrivate(key, der) {
der.startSequence(asn1.Ber.OctetString);
der.startSequence();
var version = new Buffer(1);
version[0] = 1;
var version = Buffer.from([1]);
der.writeBuffer(version, asn1.Ber.Integer);
der.writeBuffer(key.part.d.data, asn1.Ber.OctetString);

99
node_modules/sshpk/lib/formats/putty.js generated vendored Normal file
View File

@@ -0,0 +1,99 @@
// Copyright 2018 Joyent, Inc.
module.exports = {
read: read,
write: write
};
var assert = require('assert-plus');
var Buffer = require('safer-buffer').Buffer;
var rfc4253 = require('./rfc4253');
var Key = require('../key');
var errors = require('../errors');
function read(buf, options) {
var lines = buf.toString('ascii').split(/[\r\n]+/);
var found = false;
var parts;
var si = 0;
while (si < lines.length) {
parts = splitHeader(lines[si++]);
if (parts &&
parts[0].toLowerCase() === 'putty-user-key-file-2') {
found = true;
break;
}
}
if (!found) {
throw (new Error('No PuTTY format first line found'));
}
var alg = parts[1];
parts = splitHeader(lines[si++]);
assert.equal(parts[0].toLowerCase(), 'encryption');
parts = splitHeader(lines[si++]);
assert.equal(parts[0].toLowerCase(), 'comment');
var comment = parts[1];
parts = splitHeader(lines[si++]);
assert.equal(parts[0].toLowerCase(), 'public-lines');
var publicLines = parseInt(parts[1], 10);
if (!isFinite(publicLines) || publicLines < 0 ||
publicLines > lines.length) {
throw (new Error('Invalid public-lines count'));
}
var publicBuf = Buffer.from(
lines.slice(si, si + publicLines).join(''), 'base64');
var keyType = rfc4253.algToKeyType(alg);
var key = rfc4253.read(publicBuf);
if (key.type !== keyType) {
throw (new Error('Outer key algorithm mismatch'));
}
key.comment = comment;
return (key);
}
function splitHeader(line) {
var idx = line.indexOf(':');
if (idx === -1)
return (null);
var header = line.slice(0, idx);
++idx;
while (line[idx] === ' ')
++idx;
var rest = line.slice(idx);
return ([header, rest]);
}
function write(key, options) {
assert.object(key);
if (!Key.isKey(key))
throw (new Error('Must be a public key'));
var alg = rfc4253.keyTypeToAlg(key);
var buf = rfc4253.write(key);
var comment = key.comment || '';
var b64 = buf.toString('base64');
var lines = wrap(b64, 64);
lines.unshift('Public-Lines: ' + lines.length);
lines.unshift('Comment: ' + comment);
lines.unshift('Encryption: none');
lines.unshift('PuTTY-User-Key-File-2: ' + alg);
return (Buffer.from(lines.join('\n') + '\n'));
}
function wrap(txt, len) {
var lines = [];
var pos = 0;
while (pos < txt.length) {
lines.push(txt.slice(pos, pos + 64));
pos += 64;
}
return (lines);
}

3
node_modules/sshpk/lib/formats/rfc4253.js generated vendored
View File

@@ -14,6 +14,7 @@ module.exports = {
};
var assert = require('assert-plus');
var Buffer = require('safer-buffer').Buffer;
var algs = require('../algs');
var utils = require('../utils');
var Key = require('../key');
@@ -54,7 +55,7 @@ function keyTypeToAlg(key) {
function read(partial, type, buf, options) {
if (typeof (buf) === 'string')
buf = new Buffer(buf);
buf = Buffer.from(buf);
assert.buffer(buf, 'buf');
var key = {};

13
node_modules/sshpk/lib/formats/ssh-private.js generated vendored
View File

@@ -8,6 +8,7 @@ module.exports = {
var assert = require('assert-plus');
var asn1 = require('asn1');
var Buffer = require('safer-buffer').Buffer;
var algs = require('../algs');
var utils = require('../utils');
var crypto = require('crypto');
@@ -70,7 +71,7 @@ function readSSHPrivate(type, buf, options) {
}
if (typeof (options.passphrase) === 'string') {
options.passphrase = new Buffer(options.passphrase,
options.passphrase = Buffer.from(options.passphrase,
'utf-8');
}
if (!Buffer.isBuffer(options.passphrase)) {
@@ -88,7 +89,7 @@ function readSSHPrivate(type, buf, options) {
throw (new Error('bcrypt_pbkdf function returned ' +
'failure, parameters invalid'));
}
out = new Buffer(out);
out = Buffer.from(out);
var ckey = out.slice(0, cinf.keySize);
var iv = out.slice(cinf.keySize, cinf.keySize + cinf.blockSize);
var cipherStream = crypto.createDecipheriv(cinf.opensslName,
@@ -142,13 +143,13 @@ function write(key, options) {
var cipher = 'none';
var kdf = 'none';
var kdfopts = new Buffer(0);
var kdfopts = Buffer.alloc(0);
var cinf = { blockSize: 8 };
var passphrase;
if (options !== undefined) {
passphrase = options.passphrase;
if (typeof (passphrase) === 'string')
passphrase = new Buffer(passphrase, 'utf-8');
passphrase = Buffer.from(passphrase, 'utf-8');
if (passphrase !== undefined) {
assert.buffer(passphrase, 'options.passphrase');
assert.optionalString(options.cipher, 'options.cipher');
@@ -199,7 +200,7 @@ function write(key, options) {
throw (new Error('bcrypt_pbkdf function returned ' +
'failure, parameters invalid'));
}
out = new Buffer(out);
out = Buffer.from(out);
var ckey = out.slice(0, cinf.keySize);
var iv = out.slice(cinf.keySize, cinf.keySize + cinf.blockSize);
@@ -244,7 +245,7 @@ function write(key, options) {
var tmp = buf.toString('base64');
var len = tmp.length + (tmp.length / 70) +
18 + 16 + header.length*2 + 10;
buf = new Buffer(len);
buf = Buffer.alloc(len);
var o = 0;
o += buf.write('-----BEGIN ' + header + '-----\n', o);
for (var i = 0; i < tmp.length; ) {

7
node_modules/sshpk/lib/formats/ssh.js generated vendored
View File

@@ -6,6 +6,7 @@ module.exports = {
};
var assert = require('assert-plus');
var Buffer = require('safer-buffer').Buffer;
var rfc4253 = require('./rfc4253');
var utils = require('../utils');
var Key = require('../key');
@@ -31,7 +32,7 @@ function read(buf, options) {
assert.ok(m, 'key must match regex');
var type = rfc4253.algToKeyType(m[1]);
var kbuf = new Buffer(m[2], 'base64');
var kbuf = Buffer.from(m[2], 'base64');
/*
* This is a bit tricky. If we managed to parse the key and locate the
@@ -50,7 +51,7 @@ function read(buf, options) {
} catch (e) {
m = trimmed.match(SSHKEY_RE2);
assert.ok(m, 'key must match regex');
kbuf = new Buffer(m[2], 'base64');
kbuf = Buffer.from(m[2], 'base64');
key = rfc4253.readInternal(ret, 'public', kbuf);
}
} else {
@@ -110,5 +111,5 @@ function write(key, options) {
if (key.comment)
parts.push(key.comment);
return (new Buffer(parts.join(' ')));
return (Buffer.from(parts.join(' ')));
}

23
node_modules/sshpk/lib/formats/x509-pem.js generated vendored
View File

@@ -11,6 +11,7 @@ module.exports = {
var assert = require('assert-plus');
var asn1 = require('asn1');
var Buffer = require('safer-buffer').Buffer;
var algs = require('../algs');
var utils = require('../utils');
var Key = require('../key');
@@ -28,14 +29,24 @@ function read(buf, options) {
var lines = buf.trim().split(/[\r\n]+/g);
var m = lines[0].match(/*JSSTYLED*/
/[-]+[ ]*BEGIN CERTIFICATE[ ]*[-]+/);
var m;
var si = -1;
while (!m && si < lines.length) {
m = lines[++si].match(/*JSSTYLED*/
/[-]+[ ]*BEGIN CERTIFICATE[ ]*[-]+/);
}
assert.ok(m, 'invalid PEM header');
var m2 = lines[lines.length - 1].match(/*JSSTYLED*/
/[-]+[ ]*END CERTIFICATE[ ]*[-]+/);
var m2;
var ei = lines.length;
while (!m2 && ei > 0) {
m2 = lines[--ei].match(/*JSSTYLED*/
/[-]+[ ]*END CERTIFICATE[ ]*[-]+/);
}
assert.ok(m2, 'invalid PEM footer');
lines = lines.slice(si, ei + 1);
var headers = {};
while (true) {
lines = lines.slice(1);
@@ -48,7 +59,7 @@ function read(buf, options) {
/* Chop off the first and last lines */
lines = lines.slice(0, -1).join('');
buf = new Buffer(lines, 'base64');
buf = Buffer.from(lines, 'base64');
return (x509.read(buf, options));
}
@@ -60,7 +71,7 @@ function write(cert, options) {
var tmp = dbuf.toString('base64');
var len = tmp.length + (tmp.length / 64) +
18 + 16 + header.length*2 + 10;
var buf = new Buffer(len);
var buf = Buffer.alloc(len);
var o = 0;
o += buf.write('-----BEGIN ' + header + '-----\n', o);
for (var i = 0; i < tmp.length; ) {

41
node_modules/sshpk/lib/formats/x509.js generated vendored
View File

@@ -10,6 +10,7 @@ module.exports = {
var assert = require('assert-plus');
var asn1 = require('asn1');
var Buffer = require('safer-buffer').Buffer;
var algs = require('../algs');
var utils = require('../utils');
var Key = require('../key');
@@ -89,7 +90,7 @@ var EXTS = {
function read(buf, options) {
if (typeof (buf) === 'string') {
buf = new Buffer(buf, 'binary');
buf = Buffer.from(buf, 'binary');
}
assert.buffer(buf, 'buf');
@@ -202,6 +203,14 @@ function readDate(der) {
}
}
function writeDate(der, date) {
if (date.getUTCFullYear() >= 2050 || date.getUTCFullYear() < 1950) {
der.writeString(dateToGTime(date), asn1.Ber.GeneralizedTime);
} else {
der.writeString(dateToUTCTime(date), asn1.Ber.UTCTime);
}
}
/* RFC5280, section 4.2.1.6 (GeneralName type) */
var ALTNAME = {
OtherName: Local(0),
@@ -241,7 +250,8 @@ function readExtension(cert, buf, der) {
var extId = der.readOID();
var id;
var sig = cert.signatures.x509;
sig.extras.exts = [];
if (!sig.extras.exts)
sig.extras.exts = [];
var critical;
if (der.peek() === asn1.Ber.Boolean)
@@ -413,9 +423,11 @@ function gTimeToDate(t) {
return (d);
}
function zeroPad(n) {
function zeroPad(n, m) {
if (m === undefined)
m = 2;
var s = '' + n;
while (s.length < 2)
while (s.length < m)
s = '0' + s;
return (s);
}
@@ -432,6 +444,18 @@ function dateToUTCTime(d) {
return (s);
}
function dateToGTime(d) {
var s = '';
s += zeroPad(d.getUTCFullYear(), 4);
s += zeroPad(d.getUTCMonth() + 1);
s += zeroPad(d.getUTCDate());
s += zeroPad(d.getUTCHours());
s += zeroPad(d.getUTCMinutes());
s += zeroPad(d.getUTCSeconds());
s += 'Z';
return (s);
}
function sign(cert, key) {
if (cert.signatures.x509 === undefined)
cert.signatures.x509 = {};
@@ -500,7 +524,7 @@ function write(cert, options) {
der.endSequence();
var sigData = sig.signature.toBuffer('asn1');
var data = new Buffer(sigData.length + 1);
var data = Buffer.alloc(sigData.length + 1);
data[0] = 0;
sigData.copy(data, 1);
der.writeBuffer(data, asn1.Ber.BitString);
@@ -530,8 +554,8 @@ function writeTBSCert(cert, der) {
cert.issuer.toAsn1(der);
der.startSequence();
der.writeString(dateToUTCTime(cert.validFrom), asn1.Ber.UTCTime);
der.writeString(dateToUTCTime(cert.validUntil), asn1.Ber.UTCTime);
writeDate(der, cert.validFrom);
writeDate(der, cert.validUntil);
der.endSequence();
var subject = cert.subjects[0];
@@ -710,8 +734,7 @@ function writeBitField(setBits, bitIndex) {
var bitLen = bitIndex.length;
var blen = Math.ceil(bitLen / 8);
var unused = blen * 8 - bitLen;
var bits = new Buffer(1 + blen);
bits.fill(0);
var bits = Buffer.alloc(1 + blen); // zero-filled
bits[0] = unused;
for (var i = 0; i < bitLen; ++i) {
var byteN = 1 + Math.floor(i / 8);

93
node_modules/sshpk/lib/identity.js generated vendored
View File

@@ -11,6 +11,7 @@ var errs = require('./errors');
var util = require('util');
var utils = require('./utils');
var asn1 = require('asn1');
var Buffer = require('safer-buffer').Buffer;
/*JSSTYLED*/
var DNS_NAME_RE = /^([*]|[a-z0-9][a-z0-9\-]{0,62})(?:\.([*]|[a-z0-9][a-z0-9\-]{0,62}))*$/i;
@@ -23,9 +24,21 @@ oids.l = '2.5.4.7';
oids.s = '2.5.4.8';
oids.c = '2.5.4.6';
oids.sn = '2.5.4.4';
oids.postalCode = '2.5.4.17';
oids.serialNumber = '2.5.4.5';
oids.street = '2.5.4.9';
oids.x500UniqueIdentifier = '2.5.4.45';
oids.role = '2.5.4.72';
oids.telephoneNumber = '2.5.4.20';
oids.description = '2.5.4.13';
oids.dc = '0.9.2342.19200300.100.1.25';
oids.uid = '0.9.2342.19200300.100.1.1';
oids.mail = '0.9.2342.19200300.100.1.3';
oids.title = '2.5.4.12';
oids.gn = '2.5.4.42';
oids.initials = '2.5.4.43';
oids.pseudonym = '2.5.4.65';
oids.emailAddress = '1.2.840.113549.1.9.1';
var unoids = {};
Object.keys(oids).forEach(function (k) {
@@ -112,10 +125,39 @@ function Identity(opts) {
Identity.prototype.toString = function () {
return (this.components.map(function (c) {
return (c.name.toUpperCase() + '=' + c.value);
var n = c.name.toUpperCase();
/*JSSTYLED*/
n = n.replace(/=/g, '\\=');
var v = c.value;
/*JSSTYLED*/
v = v.replace(/,/g, '\\,');
return (n + '=' + v);
}).join(', '));
};
Identity.prototype.get = function (name, asArray) {
assert.string(name, 'name');
var arr = this.componentLookup[name];
if (arr === undefined || arr.length === 0)
return (undefined);
if (!asArray && arr.length > 1)
throw (new Error('Multiple values for attribute ' + name));
if (!asArray)
return (arr[0].value);
return (arr.map(function (c) {
return (c.value);
}));
};
Identity.prototype.toArray = function (idx) {
return (this.components.map(function (c) {
return ({
name: c.name,
value: c.value
});
}));
};
/*
* These are from X.680 -- PrintableString allowed chars are in section 37.4
* table 8. Spec for IA5Strings is "1,6 + SPACE + DEL" where 1 refers to
@@ -143,7 +185,7 @@ Identity.prototype.toAsn1 = function (der, tag) {
*/
if (c.asn1type === asn1.Ber.Utf8String ||
c.value.match(NOT_IA5)) {
var v = new Buffer(c.value, 'utf8');
var v = Buffer.from(c.value, 'utf8');
der.writeBuffer(v, asn1.Ber.Utf8String);
} else if (c.asn1type === asn1.Ber.IA5String ||
@@ -223,17 +265,60 @@ Identity.forEmail = function (email) {
Identity.parseDN = function (dn) {
assert.string(dn, 'dn');
var parts = dn.split(',');
var parts = [''];
var idx = 0;
var rem = dn;
while (rem.length > 0) {
var m;
/*JSSTYLED*/
if ((m = /^,/.exec(rem)) !== null) {
parts[++idx] = '';
rem = rem.slice(m[0].length);
/*JSSTYLED*/
} else if ((m = /^\\,/.exec(rem)) !== null) {
parts[idx] += ',';
rem = rem.slice(m[0].length);
/*JSSTYLED*/
} else if ((m = /^\\./.exec(rem)) !== null) {
parts[idx] += m[0];
rem = rem.slice(m[0].length);
/*JSSTYLED*/
} else if ((m = /^[^\\,]+/.exec(rem)) !== null) {
parts[idx] += m[0];
rem = rem.slice(m[0].length);
} else {
throw (new Error('Failed to parse DN'));
}
}
var cmps = parts.map(function (c) {
c = c.trim();
var eqPos = c.indexOf('=');
var name = c.slice(0, eqPos).toLowerCase();
while (eqPos > 0 && c.charAt(eqPos - 1) === '\\')
eqPos = c.indexOf('=', eqPos + 1);
if (eqPos === -1) {
throw (new Error('Failed to parse DN'));
}
/*JSSTYLED*/
var name = c.slice(0, eqPos).toLowerCase().replace(/\\=/g, '=');
var value = c.slice(eqPos + 1);
return ({ name: name, value: value });
});
return (new Identity({ components: cmps }));
};
Identity.fromArray = function (components) {
assert.arrayOfObject(components, 'components');
components.forEach(function (cmp) {
assert.object(cmp, 'component');
assert.string(cmp.name, 'component.name');
if (!Buffer.isBuffer(cmp.value) &&
!(typeof (cmp.value) === 'string')) {
throw (new Error('Invalid component value'));
}
});
return (new Identity({ components: components }));
};
Identity.parseAsn1 = function (der, top) {
var components = [];
der.readSequence(top);

1
node_modules/sshpk/lib/index.js generated vendored
View File

@@ -28,6 +28,7 @@ module.exports = {
identityForHost: Identity.forHost,
identityForUser: Identity.forUser,
identityForEmail: Identity.forEmail,
identityFromArray: Identity.fromArray,
/* errors */
FingerprintFormatError: errs.FingerprintFormatError,

41
node_modules/sshpk/lib/key.js generated vendored
View File

@@ -1,4 +1,4 @@
// Copyright 2017 Joyent, Inc.
// Copyright 2018 Joyent, Inc.
module.exports = Key;
@@ -32,6 +32,8 @@ formats['ssh'] = require('./formats/ssh');
formats['ssh-private'] = require('./formats/ssh-private');
formats['openssh'] = formats['ssh-private'];
formats['dnssec'] = require('./formats/dnssec');
formats['putty'] = require('./formats/putty');
formats['ppk'] = formats['putty'];
function Key(opts) {
assert.object(opts, 'options');
@@ -98,28 +100,44 @@ Key.prototype.toString = function (format, options) {
return (this.toBuffer(format, options).toString());
};
Key.prototype.hash = function (algo) {
Key.prototype.hash = function (algo, type) {
assert.string(algo, 'algorithm');
assert.optionalString(type, 'type');
if (type === undefined)
type = 'ssh';
algo = algo.toLowerCase();
if (algs.hashAlgs[algo] === undefined)
throw (new InvalidAlgorithmError(algo));
if (this._hashCache[algo])
return (this._hashCache[algo]);
var hash = crypto.createHash(algo).
update(this.toBuffer('rfc4253')).digest();
this._hashCache[algo] = hash;
var cacheKey = algo + '||' + type;
if (this._hashCache[cacheKey])
return (this._hashCache[cacheKey]);
var buf;
if (type === 'ssh') {
buf = this.toBuffer('rfc4253');
} else if (type === 'spki') {
buf = formats.pkcs8.pkcs8ToBuffer(this);
} else {
throw (new Error('Hash type ' + type + ' not supported'));
}
var hash = crypto.createHash(algo).update(buf).digest();
this._hashCache[cacheKey] = hash;
return (hash);
};
Key.prototype.fingerprint = function (algo) {
Key.prototype.fingerprint = function (algo, type) {
if (algo === undefined)
algo = 'sha256';
if (type === undefined)
type = 'ssh';
assert.string(algo, 'algorithm');
assert.string(type, 'type');
var opts = {
type: 'key',
hash: this.hash(algo),
algorithm: algo
hash: this.hash(algo, type),
algorithm: algo,
hashType: type
};
return (new Fingerprint(opts));
};
@@ -257,8 +275,9 @@ Key.isKey = function (obj, ver) {
* [1,4] -- added ed support, createDH
* [1,5] -- first explicitly tagged version
* [1,6] -- changed ed25519 part names
* [1,7] -- spki hash types
*/
Key.prototype._sshpkApiVersion = [1, 6];
Key.prototype._sshpkApiVersion = [1, 7];
Key._oldVersionDetect = function (obj) {
assert.func(obj.toBuffer);

34
node_modules/sshpk/lib/private-key.js generated vendored
View File

@@ -3,6 +3,7 @@
module.exports = PrivateKey;
var assert = require('assert-plus');
var Buffer = require('safer-buffer').Buffer;
var algs = require('./algs');
var crypto = require('crypto');
var Fingerprint = require('./fingerprint');
@@ -13,14 +14,8 @@ var utils = require('./utils');
var dhe = require('./dhe');
var generateECDSA = dhe.generateECDSA;
var generateED25519 = dhe.generateED25519;
var edCompat;
var nacl;
try {
edCompat = require('./ed-compat');
} catch (e) {
/* Just continue through, and bail out if we try to use it. */
}
var edCompat = require('./ed-compat');
var nacl = require('tweetnacl');
var Key = require('./key');
@@ -59,8 +54,12 @@ PrivateKey.prototype.toBuffer = function (format, options) {
return (formats[format].write(this, options));
};
PrivateKey.prototype.hash = function (algo) {
return (this.toPublic().hash(algo));
PrivateKey.prototype.hash = function (algo, type) {
return (this.toPublic().hash(algo, type));
};
PrivateKey.prototype.fingerprint = function (algo, type) {
return (this.toPublic().fingerprint(algo, type));
};
PrivateKey.prototype.toPublic = function () {
@@ -89,15 +88,12 @@ PrivateKey.prototype.derive = function (newType) {
var priv, pub, pair;
if (this.type === 'ed25519' && newType === 'curve25519') {
if (nacl === undefined)
nacl = require('tweetnacl');
priv = this.part.k.data;
if (priv[0] === 0x00)
priv = priv.slice(1);
pair = nacl.box.keyPair.fromSecretKey(new Uint8Array(priv));
pub = new Buffer(pair.publicKey);
pub = Buffer.from(pair.publicKey);
return (new PrivateKey({
type: 'curve25519',
@@ -107,15 +103,12 @@ PrivateKey.prototype.derive = function (newType) {
]
}));
} else if (this.type === 'curve25519' && newType === 'ed25519') {
if (nacl === undefined)
nacl = require('tweetnacl');
priv = this.part.k.data;
if (priv[0] === 0x00)
priv = priv.slice(1);
pair = nacl.sign.keyPair.fromSeed(new Uint8Array(priv));
pub = new Buffer(pair.publicKey);
pub = Buffer.from(pair.publicKey);
return (new PrivateKey({
type: 'ed25519',
@@ -166,7 +159,7 @@ PrivateKey.prototype.createSign = function (hashAlgo) {
v.sign = function () {
var sig = oldSign(key);
if (typeof (sig) === 'string')
sig = new Buffer(sig, 'binary');
sig = Buffer.from(sig, 'binary');
sig = Signature.parse(sig, type, 'asn1');
sig.hashAlgorithm = hashAlgo;
sig.curve = curve;
@@ -236,8 +229,9 @@ PrivateKey.generate = function (type, options) {
* [1,3] -- added derive, ed, createDH
* [1,4] -- first tagged version
* [1,5] -- changed ed25519 part names and format
* [1,6] -- type arguments for hash() and fingerprint()
*/
PrivateKey.prototype._sshpkApiVersion = [1, 5];
PrivateKey.prototype._sshpkApiVersion = [1, 6];
PrivateKey._oldVersionDetect = function (obj) {
assert.func(obj.toPublic);

3
node_modules/sshpk/lib/signature.js generated vendored
View File

@@ -3,6 +3,7 @@
module.exports = Signature;
var assert = require('assert-plus');
var Buffer = require('safer-buffer').Buffer;
var algs = require('./algs');
var crypto = require('crypto');
var errs = require('./errors');
@@ -141,7 +142,7 @@ Signature.prototype.toString = function (format) {
Signature.parse = function (data, type, format) {
if (typeof (data) === 'string')
data = new Buffer(data, 'base64');
data = Buffer.from(data, 'base64');
assert.buffer(data, 'data');
assert.string(format, 'format');
assert.string(type, 'type');

7
node_modules/sshpk/lib/ssh-buffer.js generated vendored
View File

@@ -3,6 +3,7 @@
module.exports = SSHBuffer;
var assert = require('assert-plus');
var Buffer = require('safer-buffer').Buffer;
function SSHBuffer(opts) {
assert.object(opts, 'options');
@@ -10,7 +11,7 @@ function SSHBuffer(opts) {
assert.buffer(opts.buffer, 'options.buffer');
this._size = opts.buffer ? opts.buffer.length : 1024;
this._buffer = opts.buffer || (new Buffer(this._size));
this._buffer = opts.buffer || Buffer.alloc(this._size);
this._offset = 0;
}
@@ -32,7 +33,7 @@ SSHBuffer.prototype.skip = function (n) {
SSHBuffer.prototype.expand = function () {
this._size *= 2;
var buf = new Buffer(this._size);
var buf = Buffer.alloc(this._size);
this._buffer.copy(buf, 0);
this._buffer = buf;
};
@@ -96,7 +97,7 @@ SSHBuffer.prototype.writeBuffer = function (buf) {
};
SSHBuffer.prototype.writeString = function (str) {
this.writeBuffer(new Buffer(str, 'utf8'));
this.writeBuffer(Buffer.from(str, 'utf8'));
};
SSHBuffer.prototype.writeCString = function (str) {

102
node_modules/sshpk/lib/utils.js generated vendored
View File

@@ -17,18 +17,21 @@ module.exports = {
publicFromPrivateECDSA: publicFromPrivateECDSA,
zeroPadToLength: zeroPadToLength,
writeBitString: writeBitString,
readBitString: readBitString
readBitString: readBitString,
pbkdf2: pbkdf2
};
var assert = require('assert-plus');
var Buffer = require('safer-buffer').Buffer;
var PrivateKey = require('./private-key');
var Key = require('./key');
var crypto = require('crypto');
var algs = require('./algs');
var asn1 = require('asn1');
var ec, jsbn;
var nacl;
var ec = require('ecc-jsbn/lib/ec');
var jsbn = require('jsbn').BigInteger;
var nacl = require('tweetnacl');
var MAX_CLASS_DEPTH = 3;
@@ -85,8 +88,9 @@ function assertCompatible(obj, klass, needVer, name) {
}
var CIPHER_LEN = {
'des-ede3-cbc': { key: 7, iv: 8 },
'aes-128-cbc': { key: 16, iv: 16 }
'des-ede3-cbc': { key: 24, iv: 8 },
'aes-128-cbc': { key: 16, iv: 16 },
'aes-256-cbc': { key: 32, iv: 16 }
};
var PKCS5_SALT_LEN = 8;
@@ -101,7 +105,7 @@ function opensslKeyDeriv(cipher, salt, passphrase, count) {
salt = salt.slice(0, PKCS5_SALT_LEN);
var D, D_prev, bufs;
var material = new Buffer(0);
var material = Buffer.alloc(0);
while (material.length < clen.key + clen.iv) {
bufs = [];
if (D_prev)
@@ -121,6 +125,40 @@ function opensslKeyDeriv(cipher, salt, passphrase, count) {
});
}
/* See: RFC2898 */
function pbkdf2(hashAlg, salt, iterations, size, passphrase) {
var hkey = Buffer.alloc(salt.length + 4);
salt.copy(hkey);
var gen = 0, ts = [];
var i = 1;
while (gen < size) {
var t = T(i++);
gen += t.length;
ts.push(t);
}
return (Buffer.concat(ts).slice(0, size));
function T(I) {
hkey.writeUInt32BE(I, hkey.length - 4);
var hmac = crypto.createHmac(hashAlg, passphrase);
hmac.update(hkey);
var Ti = hmac.digest();
var Uc = Ti;
var c = 1;
while (c++ < iterations) {
hmac = crypto.createHmac(hashAlg, passphrase);
hmac.update(Uc);
Uc = hmac.digest();
for (var x = 0; x < Ti.length; ++x)
Ti[x] ^= Uc[x];
}
return (Ti);
}
}
/* Count leading zero bits on a buffer */
function countZeros(buf) {
var o = 0, obit = 8;
@@ -185,7 +223,7 @@ function ecNormalize(buf, addZero) {
if (!addZero)
return (buf);
}
var b = new Buffer(buf.length + 1);
var b = Buffer.alloc(buf.length + 1);
b[0] = 0x0;
buf.copy(b, 1);
return (b);
@@ -203,7 +241,7 @@ function readBitString(der, tag) {
function writeBitString(der, buf, tag) {
if (tag === undefined)
tag = asn1.Ber.BitString;
var b = new Buffer(buf.length + 1);
var b = Buffer.alloc(buf.length + 1);
b[0] = 0x00;
buf.copy(b, 1);
der.writeBuffer(b, tag);
@@ -214,7 +252,7 @@ function mpNormalize(buf) {
while (buf.length > 1 && buf[0] === 0x00 && (buf[1] & 0x80) === 0x00)
buf = buf.slice(1);
if ((buf[0] & 0x80) === 0x80) {
var b = new Buffer(buf.length + 1);
var b = Buffer.alloc(buf.length + 1);
b[0] = 0x00;
buf.copy(b, 1);
buf = b;
@@ -237,7 +275,7 @@ function zeroPadToLength(buf, len) {
buf = buf.slice(1);
}
while (buf.length < len) {
var b = new Buffer(buf.length + 1);
var b = Buffer.alloc(buf.length + 1);
b[0] = 0x00;
buf.copy(b, 1);
buf = b;
@@ -246,7 +284,7 @@ function zeroPadToLength(buf, len) {
}
function bigintToMpBuf(bigint) {
var buf = new Buffer(bigint.toByteArray());
var buf = Buffer.from(bigint.toByteArray());
buf = mpNormalize(buf);
return (buf);
}
@@ -255,15 +293,9 @@ function calculateDSAPublic(g, p, x) {
assert.buffer(g);
assert.buffer(p);
assert.buffer(x);
try {
var bigInt = require('jsbn').BigInteger;
} catch (e) {
throw (new Error('To load a PKCS#8 format DSA private key, ' +
'the node jsbn library is required.'));
}
g = new bigInt(g);
p = new bigInt(p);
x = new bigInt(x);
g = new jsbn(g);
p = new jsbn(p);
x = new jsbn(x);
var y = g.modPow(x, p);
var ybuf = bigintToMpBuf(y);
return (ybuf);
@@ -272,38 +304,26 @@ function calculateDSAPublic(g, p, x) {
function calculateED25519Public(k) {
assert.buffer(k);
if (nacl === undefined)
nacl = require('tweetnacl');
var kp = nacl.sign.keyPair.fromSeed(new Uint8Array(k));
return (new Buffer(kp.publicKey));
return (Buffer.from(kp.publicKey));
}
function calculateX25519Public(k) {
assert.buffer(k);
if (nacl === undefined)
nacl = require('tweetnacl');
var kp = nacl.box.keyPair.fromSeed(new Uint8Array(k));
return (new Buffer(kp.publicKey));
return (Buffer.from(kp.publicKey));
}
function addRSAMissing(key) {
assert.object(key);
assertCompatible(key, PrivateKey, [1, 1]);
try {
var bigInt = require('jsbn').BigInteger;
} catch (e) {
throw (new Error('To write a PEM private key from ' +
'this source, the node jsbn lib is required.'));
}
var d = new bigInt(key.part.d.data);
var d = new jsbn(key.part.d.data);
var buf;
if (!key.part.dmodp) {
var p = new bigInt(key.part.p.data);
var p = new jsbn(key.part.p.data);
var dmodp = d.mod(p.subtract(1));
buf = bigintToMpBuf(dmodp);
@@ -311,7 +331,7 @@ function addRSAMissing(key) {
key.parts.push(key.part.dmodp);
}
if (!key.part.dmodq) {
var q = new bigInt(key.part.q.data);
var q = new jsbn(key.part.q.data);
var dmodq = d.mod(q.subtract(1));
buf = bigintToMpBuf(dmodq);
@@ -323,10 +343,6 @@ function addRSAMissing(key) {
function publicFromPrivateECDSA(curveName, priv) {
assert.string(curveName, 'curveName');
assert.buffer(priv);
if (ec === undefined)
ec = require('ecc-jsbn/lib/ec');
if (jsbn === undefined)
jsbn = require('jsbn').BigInteger;
var params = algs.curves[curveName];
var p = new jsbn(params.p);
var a = new jsbn(params.a);
@@ -336,10 +352,10 @@ function publicFromPrivateECDSA(curveName, priv) {
var d = new jsbn(mpNormalize(priv));
var pub = G.multiply(d);
pub = new Buffer(curve.encodePointHex(pub), 'hex');
pub = Buffer.from(curve.encodePointHex(pub), 'hex');
var parts = [];
parts.push({name: 'curve', data: new Buffer(curveName)});
parts.push({name: 'curve', data: Buffer.from(curveName)});
parts.push({name: 'Q', data: pub});
var key = new Key({type: 'ecdsa', curve: curve, parts: parts});

28
node_modules/sshpk/package.json generated vendored
View File

@@ -1,8 +1,8 @@
{
"_from": "sshpk@^1.7.0",
"_id": "sshpk@1.14.1",
"_id": "sshpk@1.16.1",
"_inBundle": false,
"_integrity": "sha1-Ew9Zde3a2WPx1W+SuaxsUfqfg+s=",
"_integrity": "sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg==",
"_location": "/sshpk",
"_phantomChildren": {},
"_requested": {
@@ -18,10 +18,10 @@
"_requiredBy": [
"/http-signature"
],
"_resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.14.1.tgz",
"_shasum": "130f5975eddad963f1d56f92b9ac6c51fa9f83eb",
"_resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.16.1.tgz",
"_shasum": "fb661c0bef29b39db40769ee39fa70093d6f6877",
"_spec": "sshpk@^1.7.0",
"_where": "/home/s2/Documents/Code/minifyfromhtml/node_modules/http-signature",
"_where": "E:\\projects\\p\\minifyfromhtml\\node_modules\\http-signature",
"author": {
"name": "Joyent, Inc"
},
@@ -56,6 +56,7 @@
"ecc-jsbn": "~0.1.1",
"getpass": "^0.1.1",
"jsbn": "~0.1.0",
"safer-buffer": "^2.0.2",
"tweetnacl": "~0.14.0"
},
"deprecated": false,
@@ -78,23 +79,18 @@
"license": "MIT",
"main": "lib/index.js",
"man": [
"/home/s2/Documents/Code/minifyfromhtml/node_modules/sshpk/man/man1/sshpk-conv.1",
"/home/s2/Documents/Code/minifyfromhtml/node_modules/sshpk/man/man1/sshpk-sign.1",
"/home/s2/Documents/Code/minifyfromhtml/node_modules/sshpk/man/man1/sshpk-verify.1"
"E:\\projects\\p\\minifyfromhtml\\node_modules\\sshpk\\man\\man1\\sshpk-conv.1",
"E:\\projects\\p\\minifyfromhtml\\node_modules\\sshpk\\man\\man1\\sshpk-sign.1",
"E:\\projects\\p\\minifyfromhtml\\node_modules\\sshpk\\man\\man1\\sshpk-verify.1"
],
"name": "sshpk",
"optionalDependencies": {
"bcrypt-pbkdf": "^1.0.0",
"ecc-jsbn": "~0.1.1",
"jsbn": "~0.1.0",
"tweetnacl": "~0.14.0"
},
"optionalDependencies": {},
"repository": {
"type": "git",
"url": "git+https://github.com/arekinath/node-sshpk.git"
"url": "git+https://github.com/joyent/node-sshpk.git"
},
"scripts": {
"test": "tape test/*.js"
},
"version": "1.14.1"
"version": "1.16.1"
}