Comparing version 1.17.0 to 1.18.0
@@ -388,9 +388,13 @@ // Copyright 2018 Joyent, Inc. | ||
var A; | ||
if (der.peek() === asn1.Ber.BitString) { | ||
A = utils.readBitString(der); | ||
A = utils.zeroPadToLength(A, 32); | ||
} else { | ||
var A, tag; | ||
while ((tag = der.peek()) !== null) { | ||
if (tag === (asn1.Ber.Context | 1)) { | ||
A = utils.readBitString(der, tag); | ||
} else { | ||
der.readSequence(tag); | ||
der._offset += der.length; | ||
} | ||
} | ||
if (A === undefined) | ||
A = utils.calculateED25519Public(k); | ||
} | ||
@@ -439,4 +443,7 @@ var key = { | ||
if (PrivateKey.isPrivateKey(key)) { | ||
var sillyInt = Buffer.from([0]); | ||
der.writeBuffer(sillyInt, asn1.Ber.Integer); | ||
var version = 0; | ||
if (key.type === 'ed25519') | ||
version = 1; | ||
var vbuf = Buffer.from([version]); | ||
der.writeBuffer(vbuf, asn1.Ber.Integer); | ||
} | ||
@@ -470,5 +477,5 @@ | ||
if (PrivateKey.isPrivateKey(key)) | ||
throw (new Error('Ed25519 private keys in pkcs8 ' + | ||
'format are not supported')); | ||
writePkcs8EdDSAPublic(key, der); | ||
writePkcs8EdDSAPrivate(key, der); | ||
else | ||
writePkcs8EdDSAPublic(key, der); | ||
break; | ||
@@ -630,6 +637,11 @@ default: | ||
var k = utils.mpNormalize(key.part.k.data, true); | ||
der.startSequence(asn1.Ber.OctetString); | ||
var k = utils.mpNormalize(key.part.k.data); | ||
/* RFCs call for storing exactly 32 bytes, so strip any leading zeros */ | ||
while (k.length > 32 && k[0] === 0x00) | ||
k = k.slice(1); | ||
der.writeBuffer(k, asn1.Ber.OctetString); | ||
der.endSequence(); | ||
utils.writeBitString(der, key.part.A.data, asn1.Ber.Context | 1); | ||
} |
{ | ||
"name": "sshpk", | ||
"version": "1.17.0", | ||
"version": "1.18.0", | ||
"description": "A library for finding and using SSH public keys", | ||
@@ -52,4 +52,3 @@ "main": "lib/index.js", | ||
}, | ||
"optionalDependencies": { | ||
}, | ||
"optionalDependencies": {}, | ||
"devDependencies": { | ||
@@ -56,0 +55,0 @@ "tape": "^3.5.0", |
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
230846
5958
0