diff options
Diffstat (limited to 'node_modules/sshpk/lib/utils.js')
-rw-r--r-- | node_modules/sshpk/lib/utils.js | 81 |
1 files changed, 48 insertions, 33 deletions
diff --git a/node_modules/sshpk/lib/utils.js b/node_modules/sshpk/lib/utils.js index 4dcaf9c7a..6b83a322d 100644 --- a/node_modules/sshpk/lib/utils.js +++ b/node_modules/sshpk/lib/utils.js @@ -17,7 +17,8 @@ module.exports = { publicFromPrivateECDSA: publicFromPrivateECDSA, zeroPadToLength: zeroPadToLength, writeBitString: writeBitString, - readBitString: readBitString + readBitString: readBitString, + pbkdf2: pbkdf2 }; var assert = require('assert-plus'); @@ -28,8 +29,9 @@ var crypto = require('crypto'); var algs = require('./algs'); var asn1 = require('asn1'); -var ec, jsbn; -var nacl; +var ec = require('ecc-jsbn/lib/ec'); +var jsbn = require('jsbn').BigInteger; +var nacl = require('tweetnacl'); var MAX_CLASS_DEPTH = 3; @@ -86,8 +88,9 @@ function assertCompatible(obj, klass, needVer, name) { } var CIPHER_LEN = { - 'des-ede3-cbc': { key: 7, iv: 8 }, - 'aes-128-cbc': { key: 16, iv: 16 } + 'des-ede3-cbc': { key: 24, iv: 8 }, + 'aes-128-cbc': { key: 16, iv: 16 }, + 'aes-256-cbc': { key: 32, iv: 16 } }; var PKCS5_SALT_LEN = 8; @@ -122,6 +125,40 @@ function opensslKeyDeriv(cipher, salt, passphrase, count) { }); } +/* See: RFC2898 */ +function pbkdf2(hashAlg, salt, iterations, size, passphrase) { + var hkey = Buffer.alloc(salt.length + 4); + salt.copy(hkey); + + var gen = 0, ts = []; + var i = 1; + while (gen < size) { + var t = T(i++); + gen += t.length; + ts.push(t); + } + return (Buffer.concat(ts).slice(0, size)); + + function T(I) { + hkey.writeUInt32BE(I, hkey.length - 4); + + var hmac = crypto.createHmac(hashAlg, passphrase); + hmac.update(hkey); + + var Ti = hmac.digest(); + var Uc = Ti; + var c = 1; + while (c++ < iterations) { + hmac = crypto.createHmac(hashAlg, passphrase); + hmac.update(Uc); + Uc = hmac.digest(); + for (var x = 0; x < Ti.length; ++x) + Ti[x] ^= Uc[x]; + } + return (Ti); + } +} + /* Count leading zero bits on a buffer */ function countZeros(buf) { var o = 0, obit = 8; @@ -256,15 +293,9 @@ function calculateDSAPublic(g, p, x) { assert.buffer(g); assert.buffer(p); assert.buffer(x); - try { - var bigInt = require('jsbn').BigInteger; - } catch (e) { - throw (new Error('To load a PKCS#8 format DSA private key, ' + - 'the node jsbn library is required.')); - } - g = new bigInt(g); - p = new bigInt(p); - x = new bigInt(x); + g = new jsbn(g); + p = new jsbn(p); + x = new jsbn(x); var y = g.modPow(x, p); var ybuf = bigintToMpBuf(y); return (ybuf); @@ -273,9 +304,6 @@ function calculateDSAPublic(g, p, x) { function calculateED25519Public(k) { assert.buffer(k); - if (nacl === undefined) - nacl = require('tweetnacl'); - var kp = nacl.sign.keyPair.fromSeed(new Uint8Array(k)); return (Buffer.from(kp.publicKey)); } @@ -283,9 +311,6 @@ function calculateED25519Public(k) { function calculateX25519Public(k) { assert.buffer(k); - if (nacl === undefined) - nacl = require('tweetnacl'); - var kp = nacl.box.keyPair.fromSeed(new Uint8Array(k)); return (Buffer.from(kp.publicKey)); } @@ -293,18 +318,12 @@ function calculateX25519Public(k) { function addRSAMissing(key) { assert.object(key); assertCompatible(key, PrivateKey, [1, 1]); - try { - var bigInt = require('jsbn').BigInteger; - } catch (e) { - throw (new Error('To write a PEM private key from ' + - 'this source, the node jsbn lib is required.')); - } - var d = new bigInt(key.part.d.data); + var d = new jsbn(key.part.d.data); var buf; if (!key.part.dmodp) { - var p = new bigInt(key.part.p.data); + var p = new jsbn(key.part.p.data); var dmodp = d.mod(p.subtract(1)); buf = bigintToMpBuf(dmodp); @@ -312,7 +331,7 @@ function addRSAMissing(key) { key.parts.push(key.part.dmodp); } if (!key.part.dmodq) { - var q = new bigInt(key.part.q.data); + var q = new jsbn(key.part.q.data); var dmodq = d.mod(q.subtract(1)); buf = bigintToMpBuf(dmodq); @@ -324,10 +343,6 @@ function addRSAMissing(key) { function publicFromPrivateECDSA(curveName, priv) { assert.string(curveName, 'curveName'); assert.buffer(priv); - if (ec === undefined) - ec = require('ecc-jsbn/lib/ec'); - if (jsbn === undefined) - jsbn = require('jsbn').BigInteger; var params = algs.curves[curveName]; var p = new jsbn(params.p); var a = new jsbn(params.a); |