1 |
|
2 |
|
3 |
|
4 |
|
5 |
|
6 |
|
7 |
|
8 |
|
9 |
|
10 |
|
11 |
|
12 |
|
13 |
|
14 |
|
15 |
|
16 |
|
17 |
|
18 |
|
19 |
|
20 |
|
21 |
|
22 |
|
23 |
|
24 |
|
25 |
|
26 | declare module "node-forge" {
|
27 | type Byte = number;
|
28 | type Bytes = string;
|
29 | type Hex = string;
|
30 | type Base64 = string;
|
31 | type Utf8 = string;
|
32 | type OID = string;
|
33 | type Encoding = "raw" | "utf8";
|
34 |
|
35 | namespace jsbn {
|
36 | interface RandomGenerator {
|
37 | nextBytes(bytes: number[]): void;
|
38 | }
|
39 | class BigInteger {
|
40 | static ZERO: BigInteger;
|
41 | static ONE: BigInteger;
|
42 | constructor(a: null);
|
43 | constructor(a: number, c: RandomGenerator);
|
44 | constructor(a: number, b: number, c: RandomGenerator);
|
45 | constructor(a: string, b?: number);
|
46 | constructor(a: number[], b?: number);
|
47 | constructor(a: BigInteger);
|
48 | data: number[];
|
49 | t: number;
|
50 | s: number;
|
51 | am(i: number, x: number, w: BigInteger, j: number, c: number, n: number): number;
|
52 | toString(b?: number): string;
|
53 | bitLength(): number;
|
54 | negate(): BigInteger;
|
55 | abs(): BigInteger;
|
56 | compareTo(a: BigInteger): number;
|
57 | bitLength(): number;
|
58 | mod(a: BigInteger): BigInteger;
|
59 | modPowInt(e: number, m: BigInteger): BigInteger;
|
60 | clone(): BigInteger;
|
61 | intValue(): number;
|
62 | byteValue(): number;
|
63 | shortValue(): number;
|
64 | signum(): number;
|
65 | toByteArray(): number[];
|
66 | equals(a: BigInteger): boolean;
|
67 | min(a: BigInteger): BigInteger;
|
68 | max(a: BigInteger): BigInteger;
|
69 | and(a: BigInteger): BigInteger;
|
70 | or(a: BigInteger): BigInteger;
|
71 | xor(a: BigInteger): BigInteger;
|
72 | andNot(a: BigInteger): BigInteger;
|
73 | not(): BigInteger;
|
74 | shiftLeft(n: number): BigInteger;
|
75 | shiftRight(n: number): BigInteger;
|
76 | getLowestSetBit(): number;
|
77 | bitCount(): number;
|
78 | testBit(n: number): boolean;
|
79 | clearBit(n: number): BigInteger
|
80 | flipBit(n: number): BigInteger
|
81 | add(a: BigInteger): BigInteger;
|
82 | subtract(a: BigInteger): BigInteger;
|
83 | multiply(a: BigInteger): BigInteger;
|
84 | square(): BigInteger;
|
85 | divide(a: BigInteger): BigInteger;
|
86 | remainder(a: BigInteger): BigInteger;
|
87 | divideAndRemainder(a: BigInteger): BigInteger[]; // Array of 2 items
|
88 | pow(e: number): BigInteger;
|
89 | modPow(e: BigInteger, m: BigInteger): BigInteger;
|
90 | gcd(a: BigInteger): BigInteger;
|
91 | modInverse(m: BigInteger): BigInteger;
|
92 | isProbablePrime(t: number): boolean;
|
93 | }
|
94 | }
|
95 |
|
96 | namespace pem {
|
97 |
|
98 | interface EncodeOptions {
|
99 | maxline?: number | undefined;
|
100 | }
|
101 |
|
102 | interface ObjectPEM {
|
103 | type: string;
|
104 | body: Bytes;
|
105 | procType?: any;
|
106 | contentDomain?: any;
|
107 | dekInfo?: any;
|
108 | headers?: any[] | undefined;
|
109 | }
|
110 |
|
111 | function encode(msg: ObjectPEM, options?: EncodeOptions): string;
|
112 | function decode(str: string): ObjectPEM[];
|
113 | }
|
114 |
|
115 | namespace pki {
|
116 | type PEM = string;
|
117 | type PublicKey = rsa.PublicKey | ed25519.Key;
|
118 | type PrivateKey = rsa.PrivateKey | ed25519.Key;
|
119 | type EncryptionOptions = {
|
120 | algorithm?: 'aes128' | 'aes192' | 'aes256' | '3des' | undefined;
|
121 | count?: number | undefined;
|
122 | saltSize?: number | undefined;
|
123 | prfAlgorithm?: 'sha1' | 'sha224' | 'sha256' | 'sha384' | 'sha512' | undefined;
|
124 | legacy?: boolean | undefined;
|
125 | };
|
126 |
|
127 | interface ByteBufferFingerprintOptions {
|
128 | |
129 |
|
130 |
|
131 | type?: 'SubjectPublicKeyInfo' | 'RSAPublicKey' | undefined;
|
132 | |
133 |
|
134 |
|
135 | delimiter?: string | undefined;
|
136 | |
137 |
|
138 |
|
139 | md?: md.MessageDigest | undefined;
|
140 | }
|
141 |
|
142 | interface HexFingerprintOptions extends ByteBufferFingerprintOptions {
|
143 | |
144 |
|
145 |
|
146 | encoding: 'hex';
|
147 | }
|
148 |
|
149 | interface BinaryFingerprintOptions extends ByteBufferFingerprintOptions {
|
150 | |
151 |
|
152 |
|
153 | encoding: 'binary';
|
154 | }
|
155 |
|
156 | interface KeyPair {
|
157 | publicKey: PublicKey;
|
158 | privateKey: PrivateKey;
|
159 | }
|
160 |
|
161 | interface oids {
|
162 | [key: string]: string;
|
163 | }
|
164 | var oids: oids;
|
165 |
|
166 | namespace rsa {
|
167 | type EncryptionScheme = 'RSAES-PKCS1-V1_5' | 'RSA-OAEP' | 'RAW' | 'NONE' | null;
|
168 | type SignatureScheme = 'RSASSA-PKCS1-V1_5' | pss.PSS | 'NONE' | null;
|
169 |
|
170 | interface PublicKey {
|
171 | n: jsbn.BigInteger;
|
172 | e: jsbn.BigInteger;
|
173 | encrypt(data: Bytes, scheme?: EncryptionScheme, schemeOptions?: any): Bytes;
|
174 | verify(digest: Bytes, signature: Bytes, scheme?: SignatureScheme): boolean;
|
175 | }
|
176 |
|
177 | interface PrivateKey {
|
178 | n: jsbn.BigInteger;
|
179 | e: jsbn.BigInteger;
|
180 | d: jsbn.BigInteger;
|
181 | p: jsbn.BigInteger;
|
182 | q: jsbn.BigInteger;
|
183 | dP: jsbn.BigInteger;
|
184 | dQ: jsbn.BigInteger;
|
185 | qInv: jsbn.BigInteger;
|
186 | decrypt(data: Bytes, scheme?: EncryptionScheme, schemeOptions?: any): Bytes;
|
187 | sign(md: md.MessageDigest, scheme?: SignatureScheme): Bytes;
|
188 | }
|
189 |
|
190 | interface KeyPair {
|
191 | publicKey: PublicKey;
|
192 | privateKey: PrivateKey;
|
193 | }
|
194 |
|
195 | interface GenerateKeyPairOptions {
|
196 | bits?: number | undefined;
|
197 | e?: number | undefined;
|
198 | workerScript?: string | undefined;
|
199 | workers?: number | undefined;
|
200 | workLoad?: number | undefined;
|
201 | prng?: any;
|
202 | algorithm?: string | undefined;
|
203 | }
|
204 |
|
205 | function setPublicKey(n: jsbn.BigInteger, e: jsbn.BigInteger): PublicKey;
|
206 |
|
207 | function generateKeyPair(bits?: number, e?: number, callback?: (err: Error, keypair: KeyPair) => void): KeyPair;
|
208 | function generateKeyPair(options?: GenerateKeyPairOptions, callback?: (err: Error, keypair: KeyPair) => void): KeyPair;
|
209 | }
|
210 |
|
211 | namespace ed25519 {
|
212 | type NativeBuffer = Buffer | Uint8Array;
|
213 | type Key = NativeBuffer;
|
214 |
|
215 | type ToNativeBufferParameters = {
|
216 | message: NativeBuffer | util.ByteBuffer
|
217 | } | {
|
218 | message: string;
|
219 | encoding: 'binary' | 'utf8';
|
220 | };
|
221 |
|
222 |
|
223 | type BinaryBuffer = NativeBuffer | util.ByteBuffer | string;
|
224 |
|
225 | namespace constants {
|
226 | const PUBLIC_KEY_BYTE_LENGTH = 32;
|
227 | const PRIVATE_KEY_BYTE_LENGTH = 64;
|
228 | const SEED_BYTE_LENGTH = 32;
|
229 | const SIGN_BYTE_LENGTH = 64;
|
230 | const HASH_BYTE_LENGTH = 64;
|
231 | }
|
232 |
|
233 |
|
234 | function generateKeyPair(options?: { seed?: NativeBuffer | string | undefined }): {
|
235 | publicKey: NativeBuffer;
|
236 | privateKey: NativeBuffer;
|
237 | };
|
238 |
|
239 | function publicKeyFromPrivateKey(options: { privateKey: BinaryBuffer }): NativeBuffer;
|
240 |
|
241 | function sign(options: ToNativeBufferParameters & {
|
242 | privateKey: BinaryBuffer
|
243 | }): NativeBuffer;
|
244 |
|
245 | function verify(options: ToNativeBufferParameters & {
|
246 | signature: BinaryBuffer,
|
247 | publicKey: BinaryBuffer
|
248 | }): boolean;
|
249 | }
|
250 |
|
251 | interface CertificateFieldOptions {
|
252 | name?: string | undefined;
|
253 | type?: string | undefined;
|
254 | shortName?: string | undefined;
|
255 | }
|
256 |
|
257 | interface CertificateField extends CertificateFieldOptions {
|
258 | valueConstructed?: boolean | undefined;
|
259 | valueTagClass?: asn1.Class | undefined;
|
260 | value?: any[] | string | undefined;
|
261 | extensions?: any[] | undefined;
|
262 | }
|
263 |
|
264 |
|
265 | interface Certificate {
|
266 | version: number;
|
267 | serialNumber: string;
|
268 | signature: any;
|
269 | siginfo: any;
|
270 | validity: {
|
271 | notBefore: Date;
|
272 | notAfter: Date;
|
273 | };
|
274 | issuer: {
|
275 | getField(sn: string | CertificateFieldOptions): any;
|
276 | addField(attr: CertificateField): void;
|
277 | attributes: any[];
|
278 | hash: any;
|
279 | };
|
280 | subject: {
|
281 | getField(sn: string | CertificateFieldOptions): any;
|
282 | addField(attr: CertificateField): void;
|
283 | attributes: any[];
|
284 | hash: any;
|
285 | };
|
286 | extensions: any[];
|
287 | privateKey: PrivateKey;
|
288 | publicKey: PublicKey;
|
289 | md: any;
|
290 | |
291 |
|
292 |
|
293 |
|
294 |
|
295 |
|
296 | setSubject(attrs: CertificateField[], uniqueId?: string): void;
|
297 | |
298 |
|
299 |
|
300 |
|
301 |
|
302 |
|
303 | setIssuer(attrs: CertificateField[], uniqueId?: string): void;
|
304 | |
305 |
|
306 |
|
307 |
|
308 |
|
309 | setExtensions(exts: any[]): void;
|
310 | |
311 |
|
312 |
|
313 |
|
314 |
|
315 |
|
316 |
|
317 |
|
318 |
|
319 | getExtension(options: string | {name: string;} | {id: number;}): {} | undefined;
|
320 |
|
321 | |
322 |
|
323 |
|
324 |
|
325 |
|
326 |
|
327 | sign(key: pki.PrivateKey, md?: md.MessageDigest): void;
|
328 | |
329 |
|
330 |
|
331 |
|
332 |
|
333 |
|
334 |
|
335 |
|
336 | verify(child: Certificate): boolean;
|
337 |
|
338 | |
339 |
|
340 |
|
341 |
|
342 |
|
343 |
|
344 |
|
345 |
|
346 |
|
347 |
|
348 | getAttribute(opts: string | GetAttributeOpts): Attribute | null;
|
349 |
|
350 | |
351 |
|
352 |
|
353 |
|
354 |
|
355 |
|
356 |
|
357 |
|
358 |
|
359 | isIssuer(parent: Certificate): boolean;
|
360 |
|
361 | |
362 |
|
363 |
|
364 |
|
365 |
|
366 |
|
367 |
|
368 |
|
369 |
|
370 | issued(child: Certificate): boolean;
|
371 | }
|
372 |
|
373 | |
374 |
|
375 |
|
376 | interface GetAttributeOpts {
|
377 | |
378 |
|
379 |
|
380 | type?: string | undefined;
|
381 | |
382 |
|
383 |
|
384 | name?: string | undefined;
|
385 | |
386 |
|
387 |
|
388 | shortName?: string | undefined;
|
389 | }
|
390 |
|
391 | interface Attribute {
|
392 | |
393 |
|
394 |
|
395 | name: string;
|
396 | |
397 |
|
398 |
|
399 | shortName?: string | undefined;
|
400 | |
401 |
|
402 |
|
403 | type: string;
|
404 | |
405 |
|
406 |
|
407 | value: any;
|
408 | |
409 |
|
410 |
|
411 | valueTagClass: number;
|
412 | |
413 |
|
414 |
|
415 | extensions?: any[] | undefined
|
416 | }
|
417 |
|
418 | interface CAStore {
|
419 | addCertificate(cert: Certificate | string): void;
|
420 | hasCertificate(cert: Certificate | string): boolean;
|
421 | removeCertificate(cert: Certificate | string): Certificate | null;
|
422 | listAllCertificates(): pki.Certificate[];
|
423 | getIssuer(subject: Certificate): Certificate | null;
|
424 | getBySubject(subject: string): Certificate | null;
|
425 | }
|
426 |
|
427 | function certificateFromAsn1(obj: asn1.Asn1, computeHash?: boolean): Certificate;
|
428 |
|
429 | function certificationRequestFromAsn1(obj: asn1.Asn1, computeHash?: boolean): Certificate;
|
430 |
|
431 | function certificateToAsn1(cert: Certificate): asn1.Asn1;
|
432 |
|
433 | function certificationRequestToAsn1(cert: Certificate): asn1.Asn1;
|
434 |
|
435 | function decryptRsaPrivateKey(pem: PEM, passphrase?: string): rsa.PrivateKey;
|
436 |
|
437 | function createCertificate(): Certificate;
|
438 |
|
439 | function certificationRequestToPem(cert: Certificate, maxline?: number): PEM;
|
440 |
|
441 | function certificationRequestFromPem(pem: PEM, computeHash?: boolean, strict?: boolean): Certificate;
|
442 |
|
443 | function createCertificationRequest(): Certificate;
|
444 |
|
445 | function certificateToPem(cert: Certificate, maxline?: number): PEM;
|
446 |
|
447 | function certificateFromPem(pem: PEM, computeHash?: boolean, strict?: boolean): Certificate;
|
448 |
|
449 | function createCaStore(certs?: ReadonlyArray<Certificate | pki.PEM>): CAStore;
|
450 |
|
451 | function verifyCertificateChain(
|
452 | caStore: CAStore,
|
453 | chain: Certificate[],
|
454 | options?: ((verified: boolean | string, depth: number, certs: Certificate[]) => boolean) | {
|
455 | verify?: ((verified: boolean | string, depth: number, certs: Certificate[]) => boolean) | undefined,
|
456 | validityCheckDate?: Date | null | undefined
|
457 | }): boolean;
|
458 |
|
459 | function pemToDer(pem: PEM): util.ByteStringBuffer;
|
460 |
|
461 | function privateKeyToPem(key: PrivateKey, maxline?: number): PEM;
|
462 |
|
463 | function privateKeyInfoToPem(key: asn1.Asn1, maxline?: number): PEM;
|
464 |
|
465 | function publicKeyToPem(key: PublicKey, maxline?: number): PEM;
|
466 |
|
467 | function publicKeyToRSAPublicKeyPem(key: PublicKey, maxline?: number): PEM;
|
468 |
|
469 | function publicKeyFromPem(pem: PEM): rsa.PublicKey;
|
470 |
|
471 | function privateKeyFromPem(pem: PEM): rsa.PrivateKey;
|
472 |
|
473 | function decryptPrivateKeyInfo(obj: asn1.Asn1, password: string): asn1.Asn1;
|
474 |
|
475 | function encryptPrivateKeyInfo(obj: asn1.Asn1, password: string, options?: EncryptionOptions): asn1.Asn1;
|
476 |
|
477 | function encryptedPrivateKeyFromPem(pem: PEM): asn1.Asn1;
|
478 |
|
479 | function encryptedPrivateKeyToPem(obj: asn1.Asn1): PEM;
|
480 |
|
481 | function decryptRsaPrivateKey(pem: PEM, password: string): rsa.PrivateKey;
|
482 |
|
483 | function encryptRsaPrivateKey(privateKey: PrivateKey, password: string, options?: EncryptionOptions): PEM;
|
484 |
|
485 | function privateKeyFromAsn1(privateKey: asn1.Asn1): PrivateKey;
|
486 |
|
487 | function privateKeyToAsn1(privateKey: PrivateKey): asn1.Asn1;
|
488 |
|
489 | function publicKeyFromAsn1(publicKey: asn1.Asn1): PublicKey;
|
490 |
|
491 | function publicKeyToAsn1(publicKey: PublicKey): asn1.Asn1;
|
492 |
|
493 | function publicKeyToRSAPublicKey(publicKey: PublicKey): any;
|
494 |
|
495 | type setRsaPublicKey = typeof rsa.setPublicKey;
|
496 |
|
497 | function wrapRsaPrivateKey(privateKey: asn1.Asn1): asn1.Asn1;
|
498 |
|
499 | function getPublicKeyFingerprint(publicKey: PublicKey, options?: ByteBufferFingerprintOptions): util.ByteStringBuffer;
|
500 | function getPublicKeyFingerprint(publicKey: PublicKey, options: HexFingerprintOptions): Hex;
|
501 | function getPublicKeyFingerprint(publicKey: PublicKey, options: BinaryFingerprintOptions): Bytes;
|
502 | }
|
503 |
|
504 | namespace random {
|
505 | function getBytes(count: number, callback?: (err: Error | null, bytes: Bytes) => any): Bytes;
|
506 | function getBytesSync(count: number): Bytes;
|
507 | type CB = (_: any, seed: string) => void;
|
508 | interface Random {
|
509 | seedFileSync: (needed: number) => string;
|
510 | seedFile: (needed: number, cb: CB) => void;
|
511 | }
|
512 | function createInstance(): Random;
|
513 | }
|
514 |
|
515 | namespace ssh {
|
516 | interface FingerprintOptions {
|
517 | |
518 |
|
519 |
|
520 | delimiter?: string | undefined;
|
521 | |
522 |
|
523 |
|
524 | encoding?: 'hex' | 'binary' | undefined;
|
525 | |
526 |
|
527 |
|
528 | md?: md.MessageDigest | undefined;
|
529 | }
|
530 |
|
531 | |
532 |
|
533 |
|
534 | function privateKeyToOpenSSH(privateKey: pki.PrivateKey, passphrase?: string): string;
|
535 |
|
536 | |
537 |
|
538 |
|
539 | function privateKeyToPutty(privateKey: pki.PrivateKey, passphrase?: string, comment?: string): string;
|
540 |
|
541 | |
542 |
|
543 |
|
544 | function publicKeyToOpenSSH(publicKey: pki.PublicKey, comment?: string): string | pki.PEM;
|
545 |
|
546 | |
547 |
|
548 |
|
549 | function getPublicKeyFingerprint(publicKey: pki.PublicKey, options?: FingerprintOptions): util.ByteStringBuffer | Hex | string;
|
550 | }
|
551 |
|
552 | namespace asn1 {
|
553 | enum Class {
|
554 | UNIVERSAL = 0x00,
|
555 | APPLICATION = 0x40,
|
556 | CONTEXT_SPECIFIC = 0x80,
|
557 | PRIVATE = 0xC0,
|
558 | }
|
559 |
|
560 | enum Type {
|
561 | NONE = 0,
|
562 | BOOLEAN = 1,
|
563 | INTEGER = 2,
|
564 | BITSTRING = 3,
|
565 | OCTETSTRING = 4,
|
566 | NULL = 5,
|
567 | OID = 6,
|
568 | ODESC = 7,
|
569 | EXTERNAL = 8,
|
570 | REAL = 9,
|
571 | ENUMERATED = 10,
|
572 | EMBEDDED = 11,
|
573 | UTF8 = 12,
|
574 | ROID = 13,
|
575 | SEQUENCE = 16,
|
576 | SET = 17,
|
577 | PRINTABLESTRING = 19,
|
578 | IA5STRING = 22,
|
579 | UTCTIME = 23,
|
580 | GENERALIZEDTIME = 24,
|
581 | BMPSTRING = 30,
|
582 | }
|
583 |
|
584 | interface Asn1 {
|
585 | tagClass: Class;
|
586 | type: Type;
|
587 | constructed: boolean;
|
588 | composed: boolean;
|
589 | value: Bytes | Asn1[];
|
590 | }
|
591 |
|
592 | function create(tagClass: Class, type: Type, constructed: boolean, value: Bytes | Asn1[]): Asn1;
|
593 | function fromDer(bytes: Bytes | util.ByteBuffer, strict?: boolean): Asn1;
|
594 | function toDer(obj: Asn1): util.ByteBuffer;
|
595 | function oidToDer(oid: OID): util.ByteStringBuffer;
|
596 | function derToOid(der: util.ByteStringBuffer): OID;
|
597 | }
|
598 |
|
599 | namespace util {
|
600 | function isArray(x: any): boolean;
|
601 | function isArrayBuffer(x: any): boolean;
|
602 | function isArrayBufferView(x: any): boolean;
|
603 |
|
604 | interface ArrayBufferView {
|
605 | buffer: ArrayBuffer;
|
606 | byteLength: number;
|
607 | }
|
608 |
|
609 | type ByteBuffer = ByteStringBuffer;
|
610 | class ByteStringBuffer {
|
611 | constructor(bytes?: Bytes | ArrayBuffer | ArrayBufferView | ByteStringBuffer);
|
612 | data: string;
|
613 | read: number;
|
614 | length(): number;
|
615 | isEmpty(): boolean;
|
616 | putByte(byte: Byte): ByteStringBuffer;
|
617 | fillWithByte(byte: Byte, n: number): ByteStringBuffer;
|
618 | putBytes(bytes: Bytes): ByteStringBuffer;
|
619 | putString(str: string): ByteStringBuffer;
|
620 | putInt16(int: number): ByteStringBuffer;
|
621 | putInt24(int: number): ByteStringBuffer;
|
622 | putInt32(int: number): ByteStringBuffer;
|
623 | putInt16Le(int: number): ByteStringBuffer;
|
624 | putInt24Le(int: number): ByteStringBuffer;
|
625 | putInt32Le(int: number): ByteStringBuffer;
|
626 | putInt(int: number, numOfBits: number): ByteStringBuffer;
|
627 | putSignedInt(int: number, numOfBits: number): ByteStringBuffer;
|
628 | putBuffer(buffer: ByteStringBuffer): ByteStringBuffer;
|
629 | getByte(): number;
|
630 | getInt16(): number;
|
631 | getInt24(): number;
|
632 | getInt32(): number;
|
633 | getInt16Le(): number;
|
634 | getInt24Le(): number;
|
635 | getInt32Le(): number;
|
636 | getInt(numOfBits: number): number;
|
637 | getSignedInt(numOfBits: number): number;
|
638 | getBytes(count?: number): Bytes;
|
639 | bytes(count?: number): Bytes;
|
640 | at(index: number): Byte;
|
641 | setAt(index: number, byte: number): ByteStringBuffer;
|
642 | last(): Byte;
|
643 | copy(): ByteStringBuffer;
|
644 | compact(): ByteStringBuffer;
|
645 | clear(): ByteStringBuffer;
|
646 | truncate(): ByteStringBuffer;
|
647 | toHex(): Hex;
|
648 | toString(): string;
|
649 | }
|
650 |
|
651 | function fillString(char: string, count: number): string;
|
652 | function xorBytes(bytes1: string, bytes2: string, count: number): string;
|
653 | function hexToBytes(hex: Hex): Bytes;
|
654 | function bytesToHex(bytes: Bytes): Hex;
|
655 | function int32ToBytes(int: number): Bytes;
|
656 | function encode64(bytes: Bytes, maxline?: number): Base64;
|
657 | function decode64(encoded: Base64): Bytes;
|
658 | function encodeUtf8(str: string): Utf8;
|
659 | function decodeUtf8(encoded: Utf8): string;
|
660 |
|
661 | function createBuffer(): ByteBuffer;
|
662 | function createBuffer(input: Bytes | ArrayBuffer | ArrayBufferView | ByteStringBuffer, encoding?: Encoding): ByteBuffer;
|
663 |
|
664 | namespace binary {
|
665 | namespace raw {
|
666 | function encode(x: Uint8Array): Bytes;
|
667 | function decode(str: Bytes, output?: Uint8Array, offset?: number): Uint8Array;
|
668 | }
|
669 | namespace hex {
|
670 | function encode(bytes: Bytes | ArrayBuffer | ArrayBufferView | ByteStringBuffer): Hex;
|
671 | function decode(hex: Hex, output?: Uint8Array, offset?: number): Uint8Array;
|
672 | }
|
673 | namespace base64 {
|
674 | function encode(input: Uint8Array, maxline?: number): Base64;
|
675 | function decode(input: Base64, output?: Uint8Array, offset?: number): Uint8Array;
|
676 | }
|
677 | }
|
678 |
|
679 | namespace text {
|
680 | namespace utf8 {
|
681 | function encode(str: string, output?: Uint8Array, offset?: number): Uint8Array;
|
682 | function decode(bytes: Uint8Array): Utf8;
|
683 | }
|
684 | namespace utf16 {
|
685 | function encode(str: string, output?: Uint8Array, offset?: number): Uint8Array;
|
686 | function decode(bytes: Uint8Array): string;
|
687 | }
|
688 | }
|
689 | }
|
690 |
|
691 | namespace pkcs12 {
|
692 |
|
693 | interface BagsFilter {
|
694 | localKeyId?: string | undefined;
|
695 | localKeyIdHex?: string | undefined;
|
696 | friendlyName?: string | undefined;
|
697 | bagType?: string | undefined;
|
698 | }
|
699 |
|
700 | interface Bag {
|
701 | type: string;
|
702 | attributes: any;
|
703 | key?: pki.PrivateKey | undefined;
|
704 | cert?: pki.Certificate | undefined;
|
705 | asn1: asn1.Asn1
|
706 | }
|
707 |
|
708 | interface Pkcs12Pfx {
|
709 | version: string;
|
710 | safeContents: {
|
711 | encrypted: boolean;
|
712 | safeBags: Bag[];
|
713 | }[];
|
714 | getBags: (filter: BagsFilter) => {
|
715 | [key: string]: Bag[] | undefined;
|
716 | localKeyId?: Bag[] | undefined;
|
717 | friendlyName?: Bag[] | undefined;
|
718 | };
|
719 | getBagsByFriendlyName: (fiendlyName: string, bagType: string) => Bag[]
|
720 | getBagsByLocalKeyId: (localKeyId: string, bagType: string) => Bag[]
|
721 | }
|
722 |
|
723 | function pkcs12FromAsn1(obj: any, strict?: boolean, password?: string): Pkcs12Pfx;
|
724 | function pkcs12FromAsn1(obj: any, password?: string): Pkcs12Pfx;
|
725 |
|
726 | function toPkcs12Asn1(
|
727 | key: pki.PrivateKey,
|
728 | cert: pki.Certificate | pki.Certificate[],
|
729 | password: string | null,
|
730 | options?: {
|
731 | algorithm?: 'aes128' | 'aes192' | 'aes256' | '3des' | undefined,
|
732 | count?: number | undefined,
|
733 | saltSize?: number | undefined,
|
734 | useMac?: boolean | undefined,
|
735 | localKeyId?: Hex | undefined,
|
736 | friendlyName?: string | undefined,
|
737 | generateLocalKeyId?: boolean | undefined,
|
738 | },
|
739 | ): asn1.Asn1;
|
740 |
|
741 | function generateKey(
|
742 | password: string | null | undefined,
|
743 | salt: util.ByteBuffer,
|
744 | id: Byte,
|
745 | iter: number,
|
746 | n: number,
|
747 | md?: md.MessageDigest,
|
748 | ): util.ByteBuffer;
|
749 | }
|
750 |
|
751 | namespace pkcs7 {
|
752 | interface PkcsSignedData {
|
753 | content?: string | util.ByteBuffer | undefined;
|
754 | contentInfo?: { value: any[] } | undefined;
|
755 |
|
756 | certificates: pki.Certificate[];
|
757 |
|
758 | addCertificate(certificate: pki.Certificate | string): void;
|
759 | addSigner(options: {
|
760 | key: pki.rsa.PrivateKey | string;
|
761 | certificate: pki.Certificate | string;
|
762 | digestAlgorithm: string;
|
763 | authenticatedAttributes?: { type: string; value?: string | undefined }[] | undefined;
|
764 | }): void;
|
765 | sign(options?:{
|
766 | detached?: boolean | undefined
|
767 | }): void;
|
768 | toAsn1(): asn1.Asn1;
|
769 | }
|
770 |
|
771 | function createSignedData(): PkcsSignedData;
|
772 |
|
773 | interface PkcsEnvelopedData {
|
774 | content?: string | util.ByteBuffer | undefined;
|
775 | addRecipient(certificate: pki.Certificate): void;
|
776 | encrypt(): void;
|
777 | toAsn1(): asn1.Asn1;
|
778 | }
|
779 |
|
780 | function createEnvelopedData(): PkcsEnvelopedData;
|
781 |
|
782 | function messageToPem(msg: PkcsSignedData, maxline?: number): string;
|
783 |
|
784 | function messageFromPem(pem: pki.PEM): PkcsEnvelopedData | PkcsSignedData;
|
785 | }
|
786 |
|
787 | namespace pkcs5 {
|
788 | function pbkdf2(password: string, salt: string, iterations: number, keySize: number): string;
|
789 | function pbkdf2(password: string, salt: string, iterations: number, keySize: number, messageDigest: md.MessageDigest): string;
|
790 | function pbkdf2(password: string, salt: string, iterations: number, keySize: number, callback: (err: Error | null, dk: string | null) => any): void;
|
791 | function pbkdf2(password: string, salt: string, iterations: number, keySize: number, messageDigest?: md.MessageDigest, callback?: (err: Error | null, dk: string | null) => any): void;
|
792 | }
|
793 |
|
794 | namespace md {
|
795 |
|
796 | interface MessageDigest {
|
797 | update(msg: string, encoding?: Encoding): MessageDigest;
|
798 | digest(): util.ByteStringBuffer;
|
799 | }
|
800 |
|
801 | namespace sha1 {
|
802 | function create(): MessageDigest;
|
803 | }
|
804 |
|
805 | namespace sha256 {
|
806 | function create(): MessageDigest;
|
807 | }
|
808 |
|
809 | namespace sha384 {
|
810 | function create(): MessageDigest;
|
811 | }
|
812 |
|
813 | namespace sha512 {
|
814 | function create(): MessageDigest;
|
815 | }
|
816 |
|
817 | namespace md5 {
|
818 | function create(): MessageDigest;
|
819 | }
|
820 |
|
821 | namespace hmac {
|
822 | }
|
823 | }
|
824 |
|
825 | namespace hmac {
|
826 |
|
827 | type Algorithm = "sha1" | "md5" | "sha256" | "sha512";
|
828 |
|
829 | interface HMAC {
|
830 | digest(): util.ByteBuffer;
|
831 | getMact(): util.ByteBuffer;
|
832 | start(md: Algorithm, key: string | util.ByteBuffer | null): void;
|
833 | update(bytes: string | util.ByteBuffer | Buffer): void;
|
834 | }
|
835 |
|
836 | function create(): HMAC;
|
837 | }
|
838 |
|
839 | namespace cipher {
|
840 |
|
841 | type Algorithm = "AES-ECB" | "AES-CBC" | "AES-CFB" | "AES-OFB" | "AES-CTR" | "AES-GCM" | "3DES-ECB" | "3DES-CBC" | "DES-ECB" | "DES-CBC";
|
842 |
|
843 | function createCipher(algorithm: Algorithm, payload: util.ByteBuffer | Bytes): BlockCipher;
|
844 | function createDecipher(algorithm: Algorithm, payload: util.ByteBuffer | Bytes): BlockCipher;
|
845 |
|
846 | interface StartOptions {
|
847 | iv?: util.ByteBuffer | Byte[] | Bytes | undefined;
|
848 | tag?: util.ByteStringBuffer | undefined;
|
849 | tagLength?: number | undefined;
|
850 | additionalData?: string | undefined;
|
851 | }
|
852 |
|
853 | interface BlockCipher {
|
854 | start: (options?: StartOptions) => void;
|
855 | update: (payload: util.ByteBuffer) => void;
|
856 | finish: () => boolean;
|
857 | output: util.ByteStringBuffer;
|
858 | mode: Mode;
|
859 | }
|
860 |
|
861 | interface Mode {
|
862 | tag: util.ByteStringBuffer;
|
863 | }
|
864 | }
|
865 |
|
866 | namespace pss {
|
867 | type PSS = any;
|
868 |
|
869 | function create(any: any): PSS;
|
870 | }
|
871 |
|
872 | namespace mgf {
|
873 | namespace mgf1 {
|
874 | function create(any: any): any;
|
875 | }
|
876 | }
|
877 |
|
878 | namespace tls {
|
879 | interface ProtocolVersion {
|
880 | major: Byte;
|
881 | minor: Byte;
|
882 | }
|
883 |
|
884 | const Versions: ProtocolVersion[];
|
885 | const SupportedVersions: ProtocolVersion[];
|
886 | const Version: ProtocolVersion;
|
887 |
|
888 | const MaxFragment: number;
|
889 |
|
890 | enum ConnectionEnd {
|
891 | server = 0,
|
892 | client = 1,
|
893 | }
|
894 |
|
895 | enum PRFAlgorithm {
|
896 | tls_prf_sha256 = 0,
|
897 | }
|
898 |
|
899 | enum BulkCipherAlgorithm {
|
900 | rc4 = 0,
|
901 | des3 = 1,
|
902 | aes = 2,
|
903 | }
|
904 |
|
905 | enum CipherType {
|
906 | stream = 0,
|
907 | block = 1,
|
908 | aead = 2,
|
909 | }
|
910 |
|
911 | enum MACAlgorithm {
|
912 | hmac_md5 = 0,
|
913 | hmac_sha1 = 1,
|
914 | hmac_sha256 = 2,
|
915 | hmac_sha384 = 3,
|
916 | hmac_sha512 = 4,
|
917 | }
|
918 |
|
919 | enum CompressionMethod {
|
920 | none = 0,
|
921 | deflate = 1,
|
922 | }
|
923 |
|
924 | enum ContentType {
|
925 | change_cipher_spec = 20,
|
926 | alert = 21,
|
927 | handshake = 22,
|
928 | application_data = 23,
|
929 | heartbeat = 24,
|
930 | }
|
931 |
|
932 | enum HandshakeType {
|
933 | hello_request = 0,
|
934 | client_hello = 1,
|
935 | server_hello = 2,
|
936 | certificate = 11,
|
937 | server_key_exchange = 12,
|
938 | certificate_request = 13,
|
939 | server_hello_done = 14,
|
940 | certificate_verify = 15,
|
941 | client_key_exchange = 16,
|
942 | finished = 20,
|
943 | }
|
944 |
|
945 | namespace Alert {
|
946 | enum Level {
|
947 | warning = 1,
|
948 | fatal = 2,
|
949 | }
|
950 |
|
951 | enum Description {
|
952 | close_notify = 0,
|
953 | unexpected_message = 10,
|
954 | bad_record_mac = 20,
|
955 | decryption_failed = 21,
|
956 | record_overflow = 22,
|
957 | decompression_failure = 30,
|
958 | handshake_failure = 40,
|
959 | bad_certificate = 42,
|
960 | unsupported_certificate = 43,
|
961 | certificate_revoked = 44,
|
962 | certificate_expired = 45,
|
963 | certificate_unknown = 46,
|
964 | illegal_parameter = 47,
|
965 | unknown_ca = 48,
|
966 | access_denied = 49,
|
967 | decode_error = 50,
|
968 | decrypt_error = 51,
|
969 | export_restriction = 60,
|
970 | protocol_version = 70,
|
971 | insufficient_security = 71,
|
972 | internal_error = 80,
|
973 | user_canceled = 90,
|
974 | no_renegotiation = 100,
|
975 | }
|
976 | }
|
977 |
|
978 | enum HeartbeatMessageType {
|
979 | heartbeat_request = 1,
|
980 | heartbeat_response = 2,
|
981 | }
|
982 |
|
983 | interface CipherSuite {
|
984 | id: [Byte, Byte];
|
985 | name: string;
|
986 | }
|
987 |
|
988 | const CipherSuites: { [name: string]: CipherSuite };
|
989 |
|
990 | interface CertificateRequest {
|
991 | certificate_types: util.ByteBuffer;
|
992 | certificate_authorities: util.ByteBuffer;
|
993 | }
|
994 |
|
995 | type ConnectionState = any;
|
996 |
|
997 | interface Connection {
|
998 | version: ProtocolVersion;
|
999 | entity: ConnectionEnd;
|
1000 | sessionId: Bytes | null;
|
1001 | caStore: pki.CAStore;
|
1002 | sessionCache: SessionCache | null;
|
1003 | cipherSuites: CipherSuite[];
|
1004 | connected(conn: Connection): void;
|
1005 | virtualHost: string | null;
|
1006 | verifyClient: boolean;
|
1007 | verify(
|
1008 | conn: Connection,
|
1009 | verified: Verified,
|
1010 | depth: number,
|
1011 | certs: pki.Certificate[]
|
1012 | ): Verified;
|
1013 | getCertificate:
|
1014 | | ((
|
1015 | conn: Connection,
|
1016 | hint: CertificateRequest | string[]
|
1017 | ) => pki.PEM | ReadonlyArray<pki.PEM>)
|
1018 | | null;
|
1019 | getPrivateKey:
|
1020 | | ((conn: Connection, certificate: pki.Certificate) => pki.PEM)
|
1021 | | null;
|
1022 | getSignature:
|
1023 | | ((
|
1024 | conn: Connection,
|
1025 | bytes: Bytes,
|
1026 | callback: (conn: Connection, bytes: Bytes) => void
|
1027 | ) => void)
|
1028 | | null;
|
1029 | input: util.ByteBuffer;
|
1030 | tlsData: util.ByteBuffer;
|
1031 | data: util.ByteBuffer;
|
1032 | tlsDataReady(conn: Connection): void;
|
1033 | dataReady(conn: Connection): void;
|
1034 | heartbeatReceived:
|
1035 | | ((conn: Connection, payload: util.ByteBuffer) => void)
|
1036 | | undefined;
|
1037 | closed(conn: Connection): void;
|
1038 | error(conn: Connection, error: TLSError): void;
|
1039 | deflate: ((inBytes: Bytes) => Bytes) | null;
|
1040 | inflate: ((inBytes: Bytes) => Bytes) | null;
|
1041 | reset(clearFail?: boolean): void;
|
1042 | record: Record | null;
|
1043 | session: Session | null;
|
1044 | peerCertificate: pki.Certificate | null;
|
1045 | state: { pending: ConnectionState | null; current: ConnectionState };
|
1046 | expect: number;
|
1047 | fragmented: Record | null;
|
1048 | records: Record[];
|
1049 | open: boolean;
|
1050 | handshakes: number;
|
1051 | handshaking: boolean;
|
1052 | isConnected: boolean;
|
1053 | fail: boolean;
|
1054 | handshake(sessionId?: Bytes | null): void;
|
1055 | process(data: Bytes): number;
|
1056 | prepare(data: Bytes): boolean;
|
1057 | prepareHeartbeatRequest(
|
1058 | payload: Bytes | util.ByteBuffer,
|
1059 | payloadLength?: number
|
1060 | ): boolean;
|
1061 | close(clearFail?: boolean): Connection;
|
1062 | }
|
1063 |
|
1064 | interface Record {
|
1065 | type: ContentType;
|
1066 | version: ProtocolVersion;
|
1067 | length: number;
|
1068 | fragment: util.ByteBuffer;
|
1069 | ready?: boolean | undefined;
|
1070 | }
|
1071 |
|
1072 | interface Session {
|
1073 | version: ProtocolVersion | null;
|
1074 | extensions: { [_: string]: object };
|
1075 | cipherSuite: CipherSuite | null;
|
1076 | compressionMethod: CompressionMethod | null;
|
1077 | serverCertificate: pki.Certificate | null;
|
1078 | clientCertificate: pki.Certificate | null;
|
1079 | md5: md.MessageDigest;
|
1080 | sha1: md.MessageDigest;
|
1081 | }
|
1082 |
|
1083 | interface SessionCache {
|
1084 | cache: { [key: string]: Session };
|
1085 | capacity: number;
|
1086 | order: [Hex];
|
1087 | getSession(sessionId: Bytes): Session;
|
1088 | setSession(sessionId: Bytes, session: Session): void;
|
1089 | }
|
1090 |
|
1091 | function createSessionCache(
|
1092 | cache?: SessionCache | { [key: string]: Session },
|
1093 | capacity?: number
|
1094 | ): SessionCache;
|
1095 |
|
1096 | interface Alert {
|
1097 | level: Alert.Level;
|
1098 | description: Alert.Description;
|
1099 | }
|
1100 |
|
1101 | interface TLSError extends Error {
|
1102 | message: string;
|
1103 | send: boolean;
|
1104 | origin: "server" | "client";
|
1105 | alert: Alert;
|
1106 | }
|
1107 |
|
1108 | type Verified = true | { message?: string | undefined; alert?: Alert.Description | undefined };
|
1109 |
|
1110 | function createConnection(options: {
|
1111 | server?: boolean | undefined;
|
1112 | sessionId?: Bytes | null | undefined;
|
1113 | caStore?: pki.CAStore | ReadonlyArray<pki.Certificate> | undefined;
|
1114 | sessionCache?: SessionCache | { [key: string]: Session } | undefined;
|
1115 | cipherSuites?: CipherSuite[] | undefined;
|
1116 | connected(conn: Connection): void;
|
1117 | virtualHost?: string | undefined;
|
1118 | verifyClient?: boolean | undefined;
|
1119 | verify?(
|
1120 | conn: Connection,
|
1121 | verified: Verified,
|
1122 | depth: number,
|
1123 | certs: pki.Certificate[]
|
1124 | ): Verified;
|
1125 | getCertificate?(
|
1126 | conn: Connection,
|
1127 | hint: CertificateRequest | string[]
|
1128 | ): pki.PEM | ReadonlyArray<pki.PEM>;
|
1129 | getPrivateKey?(conn: Connection, certificate: pki.Certificate): pki.PEM;
|
1130 | getSignature?(
|
1131 | conn: Connection,
|
1132 | bytes: Bytes,
|
1133 | callback: (conn: Connection, bytes: Bytes) => void
|
1134 | ): void;
|
1135 | tlsDataReady(conn: Connection): void;
|
1136 | dataReady(conn: Connection): void;
|
1137 | heartbeatReceived?(conn: Connection, payload: util.ByteBuffer): void;
|
1138 | closed(conn: Connection): void;
|
1139 | error(conn: Connection, error: TLSError): void;
|
1140 | deflate?(inBytes: Bytes): Bytes;
|
1141 | inflate?(inBytes: Bytes): Bytes;
|
1142 | }): Connection;
|
1143 |
|
1144 | function prf_tls1(
|
1145 | secret: string,
|
1146 | label: string,
|
1147 | seed: string,
|
1148 | length: number
|
1149 | ): util.ByteBuffer;
|
1150 |
|
1151 | function hmac_sha1(
|
1152 | key: string | ReadonlyArray<Byte> | util.ByteBuffer,
|
1153 | seqNum: [number, number],
|
1154 | record: Record
|
1155 | ): Bytes;
|
1156 | }
|
1157 | }
|
1158 |
|
\ | No newline at end of file |