Context Navigation

← Previous Revision
Latest Revision
Next Revision →
Normal
Revision Log

source: trip-planner-front/node_modules/sshpk/lib/signature.js@ 188ee53

Last change on this file since 188ee53 was 6a3a178, checked in by Ema <ema_spirova@…>, 3 years ago
initial commit
Property mode set to `100644`
File size: 7.8 KB

Rev	Line
[6a3a178]	1	// Copyright 2015 Joyent, Inc.
	2
	3	module.exports = Signature;
	4
	5	var assert = require('assert-plus');
	6	var Buffer = require('safer-buffer').Buffer;
	7	var algs = require('./algs');
	8	var crypto = require('crypto');
	9	var errs = require('./errors');
	10	var utils = require('./utils');
	11	var asn1 = require('asn1');
	12	var SSHBuffer = require('./ssh-buffer');
	13
	14	var InvalidAlgorithmError = errs.InvalidAlgorithmError;
	15	var SignatureParseError = errs.SignatureParseError;
	16
	17	function Signature(opts) {
	18	assert.object(opts, 'options');
	19	assert.arrayOfObject(opts.parts, 'options.parts');
	20	assert.string(opts.type, 'options.type');
	21
	22	var partLookup = {};
	23	for (var i = 0; i < opts.parts.length; ++i) {
	24	var part = opts.parts[i];
	25	partLookup[part.name] = part;
	26	}
	27
	28	this.type = opts.type;
	29	this.hashAlgorithm = opts.hashAlgo;
	30	this.curve = opts.curve;
	31	this.parts = opts.parts;
	32	this.part = partLookup;
	33	}
	34
	35	Signature.prototype.toBuffer = function (format) {
	36	if (format === undefined)
	37	format = 'asn1';
	38	assert.string(format, 'format');
	39
	40	var buf;
	41	var stype = 'ssh-' + this.type;
	42
	43	switch (this.type) {
	44	case 'rsa':
	45	switch (this.hashAlgorithm) {
	46	case 'sha256':
	47	stype = 'rsa-sha2-256';
	48	break;
	49	case 'sha512':
	50	stype = 'rsa-sha2-512';
	51	break;
	52	case 'sha1':
	53	case undefined:
	54	break;
	55	default:
	56	throw (new Error('SSH signature ' +
	57	'format does not support hash ' +
	58	'algorithm ' + this.hashAlgorithm));
	59	}
	60	if (format === 'ssh') {
	61	buf = new SSHBuffer({});
	62	buf.writeString(stype);
	63	buf.writePart(this.part.sig);
	64	return (buf.toBuffer());
	65	} else {
	66	return (this.part.sig.data);
	67	}
	68	break;
	69
	70	case 'ed25519':
	71	if (format === 'ssh') {
	72	buf = new SSHBuffer({});
	73	buf.writeString(stype);
	74	buf.writePart(this.part.sig);
	75	return (buf.toBuffer());
	76	} else {
	77	return (this.part.sig.data);
	78	}
	79	break;
	80
	81	case 'dsa':
	82	case 'ecdsa':
	83	var r, s;
	84	if (format === 'asn1') {
	85	var der = new asn1.BerWriter();
	86	der.startSequence();
	87	r = utils.mpNormalize(this.part.r.data);
	88	s = utils.mpNormalize(this.part.s.data);
	89	der.writeBuffer(r, asn1.Ber.Integer);
	90	der.writeBuffer(s, asn1.Ber.Integer);
	91	der.endSequence();
	92	return (der.buffer);
	93	} else if (format === 'ssh' && this.type === 'dsa') {
	94	buf = new SSHBuffer({});
	95	buf.writeString('ssh-dss');
	96	r = this.part.r.data;
	97	if (r.length > 20 && r[0] === 0x00)
	98	r = r.slice(1);
	99	s = this.part.s.data;
	100	if (s.length > 20 && s[0] === 0x00)
	101	s = s.slice(1);
	102	if ((this.hashAlgorithm &&
	103	this.hashAlgorithm !== 'sha1') \|\|
	104	r.length + s.length !== 40) {
	105	throw (new Error('OpenSSH only supports ' +
	106	'DSA signatures with SHA1 hash'));
	107	}
	108	buf.writeBuffer(Buffer.concat([r, s]));
	109	return (buf.toBuffer());
	110	} else if (format === 'ssh' && this.type === 'ecdsa') {
	111	var inner = new SSHBuffer({});
	112	r = this.part.r.data;
	113	inner.writeBuffer(r);
	114	inner.writePart(this.part.s);
	115
	116	buf = new SSHBuffer({});
	117	/* XXX: find a more proper way to do this? */
	118	var curve;
	119	if (r[0] === 0x00)
	120	r = r.slice(1);
	121	var sz = r.length * 8;
	122	if (sz === 256)
	123	curve = 'nistp256';
	124	else if (sz === 384)
	125	curve = 'nistp384';
	126	else if (sz === 528)
	127	curve = 'nistp521';
	128	buf.writeString('ecdsa-sha2-' + curve);
	129	buf.writeBuffer(inner.toBuffer());
	130	return (buf.toBuffer());
	131	}
	132	throw (new Error('Invalid signature format'));
	133	default:
	134	throw (new Error('Invalid signature data'));
	135	}
	136	};
	137
	138	Signature.prototype.toString = function (format) {
	139	assert.optionalString(format, 'format');
	140	return (this.toBuffer(format).toString('base64'));
	141	};
	142
	143	Signature.parse = function (data, type, format) {
	144	if (typeof (data) === 'string')
	145	data = Buffer.from(data, 'base64');
	146	assert.buffer(data, 'data');
	147	assert.string(format, 'format');
	148	assert.string(type, 'type');
	149
	150	var opts = {};
	151	opts.type = type.toLowerCase();
	152	opts.parts = [];
	153
	154	try {
	155	assert.ok(data.length > 0, 'signature must not be empty');
	156	switch (opts.type) {
	157	case 'rsa':
	158	return (parseOneNum(data, type, format, opts));
	159	case 'ed25519':
	160	return (parseOneNum(data, type, format, opts));
	161
	162	case 'dsa':
	163	case 'ecdsa':
	164	if (format === 'asn1')
	165	return (parseDSAasn1(data, type, format, opts));
	166	else if (opts.type === 'dsa')
	167	return (parseDSA(data, type, format, opts));
	168	else
	169	return (parseECDSA(data, type, format, opts));
	170
	171	default:
	172	throw (new InvalidAlgorithmError(type));
	173	}
	174
	175	} catch (e) {
	176	if (e instanceof InvalidAlgorithmError)
	177	throw (e);
	178	throw (new SignatureParseError(type, format, e));
	179	}
	180	};
	181
	182	function parseOneNum(data, type, format, opts) {
	183	if (format === 'ssh') {
	184	try {
	185	var buf = new SSHBuffer({buffer: data});
	186	var head = buf.readString();
	187	} catch (e) {
	188	/* fall through */
	189	}
	190	if (buf !== undefined) {
	191	var msg = 'SSH signature does not match expected ' +
	192	'type (expected ' + type + ', got ' + head + ')';
	193	switch (head) {
	194	case 'ssh-rsa':
	195	assert.strictEqual(type, 'rsa', msg);
	196	opts.hashAlgo = 'sha1';
	197	break;
	198	case 'rsa-sha2-256':
	199	assert.strictEqual(type, 'rsa', msg);
	200	opts.hashAlgo = 'sha256';
	201	break;
	202	case 'rsa-sha2-512':
	203	assert.strictEqual(type, 'rsa', msg);
	204	opts.hashAlgo = 'sha512';
	205	break;
	206	case 'ssh-ed25519':
	207	assert.strictEqual(type, 'ed25519', msg);
	208	opts.hashAlgo = 'sha512';
	209	break;
	210	default:
	211	throw (new Error('Unknown SSH signature ' +
	212	'type: ' + head));
	213	}
	214	var sig = buf.readPart();
	215	assert.ok(buf.atEnd(), 'extra trailing bytes');
	216	sig.name = 'sig';
	217	opts.parts.push(sig);
	218	return (new Signature(opts));
	219	}
	220	}
	221	opts.parts.push({name: 'sig', data: data});
	222	return (new Signature(opts));
	223	}
	224
	225	function parseDSAasn1(data, type, format, opts) {
	226	var der = new asn1.BerReader(data);
	227	der.readSequence();
	228	var r = der.readString(asn1.Ber.Integer, true);
	229	var s = der.readString(asn1.Ber.Integer, true);
	230
	231	opts.parts.push({name: 'r', data: utils.mpNormalize(r)});
	232	opts.parts.push({name: 's', data: utils.mpNormalize(s)});
	233
	234	return (new Signature(opts));
	235	}
	236
	237	function parseDSA(data, type, format, opts) {
	238	if (data.length != 40) {
	239	var buf = new SSHBuffer({buffer: data});
	240	var d = buf.readBuffer();
	241	if (d.toString('ascii') === 'ssh-dss')
	242	d = buf.readBuffer();
	243	assert.ok(buf.atEnd(), 'extra trailing bytes');
	244	assert.strictEqual(d.length, 40, 'invalid inner length');
	245	data = d;
	246	}
	247	opts.parts.push({name: 'r', data: data.slice(0, 20)});
	248	opts.parts.push({name: 's', data: data.slice(20, 40)});
	249	return (new Signature(opts));
	250	}
	251
	252	function parseECDSA(data, type, format, opts) {
	253	var buf = new SSHBuffer({buffer: data});
	254
	255	var r, s;
	256	var inner = buf.readBuffer();
	257	var stype = inner.toString('ascii');
	258	if (stype.slice(0, 6) === 'ecdsa-') {
	259	var parts = stype.split('-');
	260	assert.strictEqual(parts[0], 'ecdsa');
	261	assert.strictEqual(parts[1], 'sha2');
	262	opts.curve = parts[2];
	263	switch (opts.curve) {
	264	case 'nistp256':
	265	opts.hashAlgo = 'sha256';
	266	break;
	267	case 'nistp384':
	268	opts.hashAlgo = 'sha384';
	269	break;
	270	case 'nistp521':
	271	opts.hashAlgo = 'sha512';
	272	break;
	273	default:
	274	throw (new Error('Unsupported ECDSA curve: ' +
	275	opts.curve));
	276	}
	277	inner = buf.readBuffer();
	278	assert.ok(buf.atEnd(), 'extra trailing bytes on outer');
	279	buf = new SSHBuffer({buffer: inner});
	280	r = buf.readPart();
	281	} else {
	282	r = {data: inner};
	283	}
	284
	285	s = buf.readPart();
	286	assert.ok(buf.atEnd(), 'extra trailing bytes');
	287
	288	r.name = 'r';
	289	s.name = 's';
	290
	291	opts.parts.push(r);
	292	opts.parts.push(s);
	293	return (new Signature(opts));
	294	}
	295
	296	Signature.isSignature = function (obj, ver) {
	297	return (utils.isCompatible(obj, Signature, ver));
	298	};
	299
	300	/*
	301	* API versions for Signature:
	302	* [1,0] -- initial ver
	303	* [2,0] -- support for rsa in full ssh format, compat with sshpk-agent
	304	* hashAlgorithm property
	305	* [2,1] -- first tagged version
	306	*/
	307	Signature.prototype._sshpkApiVersion = [2, 1];
	308
	309	Signature._oldVersionDetect = function (obj) {
	310	assert.func(obj.toBuffer);
	311	if (obj.hasOwnProperty('hashAlgorithm'))
	312	return ([2, 0]);
	313	return ([1, 0]);
	314	};

Note: See TracBrowser for help on using the repository browser.

Download in other formats: