Socket
Socket
Sign inDemoInstall

sshpk

Package Overview
Dependencies
9
Maintainers
8
Versions
50
Alerts
File Explorer

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

Comparing version 1.17.0 to 1.18.0

36

lib/formats/pkcs8.js

@@ -388,9 +388,13 @@ // Copyright 2018 Joyent, Inc.

var A;
if (der.peek() === asn1.Ber.BitString) {
A = utils.readBitString(der);
A = utils.zeroPadToLength(A, 32);
} else {
var A, tag;
while ((tag = der.peek()) !== null) {
if (tag === (asn1.Ber.Context | 1)) {
A = utils.readBitString(der, tag);
} else {
der.readSequence(tag);
der._offset += der.length;
}
}
if (A === undefined)
A = utils.calculateED25519Public(k);
}

@@ -439,4 +443,7 @@ var key = {

if (PrivateKey.isPrivateKey(key)) {
var sillyInt = Buffer.from([0]);
der.writeBuffer(sillyInt, asn1.Ber.Integer);
var version = 0;
if (key.type === 'ed25519')
version = 1;
var vbuf = Buffer.from([version]);
der.writeBuffer(vbuf, asn1.Ber.Integer);
}

@@ -470,5 +477,5 @@

if (PrivateKey.isPrivateKey(key))
throw (new Error('Ed25519 private keys in pkcs8 ' +
'format are not supported'));
writePkcs8EdDSAPublic(key, der);
writePkcs8EdDSAPrivate(key, der);
else
writePkcs8EdDSAPublic(key, der);
break;

@@ -630,6 +637,11 @@ default:

var k = utils.mpNormalize(key.part.k.data, true);
der.startSequence(asn1.Ber.OctetString);
var k = utils.mpNormalize(key.part.k.data);
/* RFCs call for storing exactly 32 bytes, so strip any leading zeros */
while (k.length > 32 && k[0] === 0x00)
k = k.slice(1);
der.writeBuffer(k, asn1.Ber.OctetString);
der.endSequence();
utils.writeBitString(der, key.part.A.data, asn1.Ber.Context | 1);
}
{
"name": "sshpk",
"version": "1.17.0",
"version": "1.18.0",
"description": "A library for finding and using SSH public keys",

@@ -52,4 +52,3 @@ "main": "lib/index.js",

},
"optionalDependencies": {
},
"optionalDependencies": {},
"devDependencies": {

@@ -56,0 +55,0 @@ "tape": "^3.5.0",

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc