Socket
Socket
Sign inDemoInstall

sshpk

Package Overview
Dependencies
2
Maintainers
1
Versions
50
Alerts
File Explorer

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

Comparing version 1.0.4 to 1.1.0

lib/signature.js

2

lib/algs.js

@@ -33,2 +33,3 @@ // Copyright 2015 Joyent, Inc.

size: 256,
pkcs8oid: '1.2.840.10045.3.1.7',
p: new Buffer(('00' +

@@ -59,2 +60,3 @@ 'ffffffff 00000001 00000000 00000000' +

size: 384,
pkcs8oid: '1.3.132.0.34',
p: new Buffer(('00' +

@@ -61,0 +63,0 @@ 'ffffffff ffffffff ffffffff ffffffff' +

@@ -41,6 +41,18 @@ // Copyright 2015 Joyent, Inc.

function SignatureParseError(type, format) {
if (Error.captureStackTrace)
Error.captureStackTrace(this, SignatureParseError);
this.name = 'SignatureParseError';
this.type = type;
this.format = format;
this.message = 'Failed to parse the given data as a ' + type +
' signature in ' + format + ' format';
}
util.inherits(SignatureParseError, Error);
module.exports = {
FingerprintFormatError: FingerprintFormatError,
InvalidAlgorithmError: InvalidAlgorithmError,
KeyParseError: KeyParseError
KeyParseError: KeyParseError,
SignatureParseError: SignatureParseError
};

8

lib/fingerprint.js

@@ -71,3 +71,5 @@ // Copyright 2015 Joyent, Inc.

alg = parts[0].toLowerCase();
if (!/^[A-Za-z0-9+\/=]+$/.test(parts[1]))
/*JSSTYLED*/
var base64RE = /^[A-Za-z0-9+\/=]+$/;
if (!base64RE.test(parts[1]))
throw (new FingerprintFormatError(fp));

@@ -84,3 +86,5 @@ try {

parts = parts.join('');
if (!/^[a-fA-F0-9]+$/.test(parts))
/*JSSTYLED*/
var md5RE = /^[a-fA-F0-9]+$/;
if (!md5RE.test(parts))
throw (new FingerprintFormatError(fp));

@@ -87,0 +91,0 @@ try {

@@ -448,43 +448,51 @@ // Copyright 2015 Joyent, Inc.

function writePkcs8ECDSA(key, der) {
// ECParameters sequence
der.startSequence();
var curve = algs.curves[key.curve];
if (curve.pkcs8oid) {
/* This one has a name in pkcs#8, so just write the oid */
der.writeOID(curve.pkcs8oid);
var version = new Buffer(1);
version.writeUInt8(1, 0);
der.writeBuffer(version, asn1.Ber.Integer);
} else {
// ECParameters sequence
der.startSequence();
var curve = algs.curves[key.curve];
var version = new Buffer(1);
version.writeUInt8(1, 0);
der.writeBuffer(version, asn1.Ber.Integer);
// FieldID sequence
der.startSequence();
der.writeOID('1.2.840.10045.1.1'); // prime-field
der.writeBuffer(curve.p, asn1.Ber.Integer);
der.endSequence();
// FieldID sequence
der.startSequence();
der.writeOID('1.2.840.10045.1.1'); // prime-field
der.writeBuffer(curve.p, asn1.Ber.Integer);
der.endSequence();
// Curve sequence
der.startSequence();
var a = curve.p;
if (a[0] === 0x0)
a = a.slice(1);
der.writeBuffer(a, asn1.Ber.OctetString);
der.writeBuffer(curve.b, asn1.Ber.OctetString);
der.writeBuffer(curve.s, asn1.Ber.BitString);
der.endSequence();
// Curve sequence
der.startSequence();
var a = curve.p;
if (a[0] === 0x0)
a = a.slice(1);
der.writeBuffer(a, asn1.Ber.OctetString);
der.writeBuffer(curve.b, asn1.Ber.OctetString);
der.writeBuffer(curve.s, asn1.Ber.BitString);
der.endSequence();
der.writeBuffer(curve.G, asn1.Ber.OctetString);
der.writeBuffer(curve.n, asn1.Ber.Integer);
var h = curve.h;
if (!h) {
h = new Buffer(1);
h.writeUInt8(1, 0);
der.writeBuffer(curve.G, asn1.Ber.OctetString);
der.writeBuffer(curve.n, asn1.Ber.Integer);
var h = curve.h;
if (!h) {
h = new Buffer(1);
h[0] = 1;
}
der.writeBuffer(h, asn1.Ber.Integer);
// ECParameters
der.endSequence();
}
der.writeBuffer(h, asn1.Ber.Integer);
// ECParameters
der.endSequence();
der.endSequence();
var Q = key.part.Q.data;
var pre = new Buffer(1);
pre[0] = 0x0;
if (Q[0] === 0x04)
Q = Buffer.concat([new Buffer(1), Q]);
Q = Buffer.concat([pre, Q]);
der.writeBuffer(Q, asn1.Ber.BitString);

@@ -491,0 +499,0 @@ }

@@ -5,2 +5,3 @@ // Copyright 2015 Joyent, Inc.

var Fingerprint = require('./fingerprint');
var Signature = require('./signature');
var errs = require('./errors');

@@ -14,2 +15,4 @@

parseFingerprint: Fingerprint.parse,
Signature: Signature,
parseSignature: Signature.parse,

@@ -19,3 +22,4 @@ /* errors */

InvalidAlgorithmError: errs.InvalidAlgorithmError,
KeyParseError: errs.KeyParseError
KeyParseError: errs.KeyParseError,
SignatureParseError: errs.SignatureParseError
};

@@ -7,2 +7,3 @@ // Copyright 2015 Joyent, Inc.

var Fingerprint = require('./fingerprint');
var Signature = require('./signature');
var errs = require('./errors');

@@ -99,23 +100,40 @@

Key.prototype.createVerify = function (hashAlgo) {
if (hashAlgo === undefined) {
hashAlgo = 'sha1';
if (this.type === 'rsa')
hashAlgo = 'sha256';
if (this.type === 'ecdsa') {
if (this.size <= 256)
hashAlgo = 'sha256';
else if (this.size <= 384)
hashAlgo = 'sha384';
else
hashAlgo = 'sha512';
}
}
assert.string(hashAlgo, 'hash algorithm');
var v, nm;
var v, nm, err;
try {
nm = this.type.toUpperCase() + '-';
if (this.type === 'ecdsa')
nm += 'with-';
nm = 'ecdsa-with-';
nm += hashAlgo.toUpperCase();
v = crypto.createVerify(nm);
} catch (e) {
if (e instanceof Error &&
e.message.match(/Unknown message digest/)) {
nm = 'RSA-';
nm += hashAlgo.toUpperCase();
v = crypto.createVerify(nm);
}
err = e;
}
if (v === undefined || (err instanceof Error &&
err.message.match(/Unknown message digest/))) {
nm = 'RSA-';
nm += hashAlgo.toUpperCase();
v = crypto.createVerify(nm);
}
assert.ok(v, 'failed to create verifier');
var oldVerify = v.verify.bind(v);
var key = this.toBuffer('pem');
console.log(key.toString());
v.verify = function (signature) {
return (oldVerify(key, signature));
v.verify = function (signature, fmt) {
if (typeof (signature) === 'object' &&
signature instanceof Signature)
return (oldVerify(key, signature.toBuffer('asn1')));
return (oldVerify(key, signature, fmt));
};

@@ -122,0 +140,0 @@ return (v);

{
"name": "sshpk",
"version": "1.0.4",
"version": "1.1.0",
"description": "A library for finding and using SSH public keys",

@@ -5,0 +5,0 @@ "main": "lib/index.js",

@@ -154,3 +154,3 @@ sshpk

### `Key#createVerify(hashAlgorithm)`
### `Key#createVerify([hashAlgorithm])`

@@ -164,5 +164,12 @@ Creates a `crypto.Verifier` specialized to use this Key (and the correct public

- `hashAlgorithm` -- String name of hash algorithm to use, any supported by
OpenSSL are valid, usually including `sha1`, `sha256`
- `hashAlgorithm` -- optional String name of hash algorithm to use, any
supported by OpenSSL are valid, usually including
`sha1`, `sha256`.
`v.verify(signature[, format])` Parameters
- `signature` -- either a Signature object, or a Buffer or String
- `format` -- optional String, name of format to interpret given String with.
Not valid if `signature` is a Signature or Buffer.
### `parseFingerprint(fingerprint[, algorithms])`

@@ -199,2 +206,32 @@

### `parseSignature(signature, algorithm, format)`
Parses a signature in a given format, createing a `Signature` object. Useful
for converting between the SSH and ASN.1 (PKCS/OpenSSL) signature formats for
DSA and ECDSA.
A Signature object can also be passed to a verifier produced by
`Key#createVerify()` and it will automatically be converted into the correct
format for verification.
Parameters
- `signature` -- a Buffer (binary) or String (base64), data of the actual
signature in the given format
- `algorithm` -- a String, name of the algorithm to be used, possible values
are `rsa`, `dsa` and `ecdsa`
- `format` -- a String, either `asn1` or `ssh`
### `Signature#toBuffer([format = 'asn1'])`
Converts a Signature to the given format and returns it as a Buffer.
Parameters
- `format` -- a String, either `asn1` or `ssh`
### `Signature#toString([format = 'asn1'])`
Same as `this.toBuffer(format).toString('base64')`.
Errors

@@ -201,0 +238,0 @@ ------

Sorry, the diff of this file is not supported yet

Sorry, the diff of this file is not supported yet

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc