1 |
|
2 |
|
3 | declare module "node-forge" {
|
4 | type Byte = number;
|
5 | type Bytes = string;
|
6 | type Hex = string;
|
7 | type Base64 = string;
|
8 | type Utf8 = string;
|
9 | type OID = string;
|
10 | type Encoding = "raw" | "utf8";
|
11 |
|
12 | namespace jsbn {
|
13 | interface RandomGenerator {
|
14 | nextBytes(bytes: number[]): void;
|
15 | }
|
16 | class BigInteger {
|
17 | static ZERO: BigInteger;
|
18 | static ONE: BigInteger;
|
19 | constructor(a: null);
|
20 | constructor(a: number, c: RandomGenerator);
|
21 | constructor(a: number, b: number, c: RandomGenerator);
|
22 | constructor(a: string, b?: number);
|
23 | constructor(a: number[], b?: number);
|
24 | constructor(a: BigInteger);
|
25 | data: number[];
|
26 | t: number;
|
27 | s: number;
|
28 | am(i: number, x: number, w: BigInteger, j: number, c: number, n: number): number;
|
29 | toString(b?: number): string;
|
30 | bitLength(): number;
|
31 | negate(): BigInteger;
|
32 | abs(): BigInteger;
|
33 | compareTo(a: BigInteger): number;
|
34 | bitLength(): number;
|
35 | mod(a: BigInteger): BigInteger;
|
36 | modPowInt(e: number, m: BigInteger): BigInteger;
|
37 | clone(): BigInteger;
|
38 | intValue(): number;
|
39 | byteValue(): number;
|
40 | shortValue(): number;
|
41 | signum(): number;
|
42 | toByteArray(): number[];
|
43 | equals(a: BigInteger): boolean;
|
44 | min(a: BigInteger): BigInteger;
|
45 | max(a: BigInteger): BigInteger;
|
46 | and(a: BigInteger): BigInteger;
|
47 | or(a: BigInteger): BigInteger;
|
48 | xor(a: BigInteger): BigInteger;
|
49 | andNot(a: BigInteger): BigInteger;
|
50 | not(): BigInteger;
|
51 | shiftLeft(n: number): BigInteger;
|
52 | shiftRight(n: number): BigInteger;
|
53 | getLowestSetBit(): number;
|
54 | bitCount(): number;
|
55 | testBit(n: number): boolean;
|
56 | clearBit(n: number): BigInteger;
|
57 | flipBit(n: number): BigInteger;
|
58 | add(a: BigInteger): BigInteger;
|
59 | subtract(a: BigInteger): BigInteger;
|
60 | multiply(a: BigInteger): BigInteger;
|
61 | squareTo(a: BigInteger): BigInteger;
|
62 | divide(a: BigInteger): BigInteger;
|
63 | remainder(a: BigInteger): BigInteger;
|
64 | divideAndRemainder(a: BigInteger): BigInteger[]; // Array of 2 items
|
65 | pow(e: number): BigInteger;
|
66 | modPow(e: BigInteger, m: BigInteger): BigInteger;
|
67 | gcd(a: BigInteger): BigInteger;
|
68 | modInverse(m: BigInteger): BigInteger;
|
69 | isProbablePrime(t: number): boolean;
|
70 | }
|
71 | }
|
72 |
|
73 | namespace rc2 {
|
74 | type pad_function = (blockSize: number, buffer: util.ByteBuffer, decrypt: boolean) => boolean;
|
75 | interface cipher {
|
76 | start(iv: util.ByteBuffer | string | null, output?: util.ByteBuffer): void;
|
77 | update(input: util.ByteBuffer): void;
|
78 | finish(pad?: pad_function): boolean;
|
79 | output: util.ByteBuffer;
|
80 | }
|
81 |
|
82 | function expandKey(key: string | util.ByteBuffer, effKeyBits?: number): util.ByteBuffer;
|
83 | function startEncrypting(
|
84 | key: string | util.ByteBuffer,
|
85 | iv: util.ByteBuffer | Byte[] | Bytes,
|
86 | output: util.ByteBuffer | null,
|
87 | ): rc2.cipher;
|
88 | function createEncryptionCipher(key: string | util.ByteBuffer, bits?: number): rc2.cipher;
|
89 | function startDecrypting(
|
90 | key: string | util.ByteBuffer,
|
91 | iv: util.ByteBuffer | Byte[] | Bytes,
|
92 | output: util.ByteBuffer | null,
|
93 | ): rc2.cipher;
|
94 | function createDecryptionCipher(key: string | util.ByteBuffer, bits?: number): rc2.cipher;
|
95 | }
|
96 |
|
97 | namespace kem {
|
98 | namespace rsa {
|
99 | interface kem {
|
100 | /**
|
101 | * Generates a secret key and its encapsulation.
|
102 | *
|
103 | * @param publicKey the RSA public key to encrypt with.
|
104 | * @param keyLength the length, in bytes, of the secret key to generate.
|
105 | */
|
106 | encrypt(publicKey: pki.rsa.PublicKey, keyLength: number): EncryptResult;
|
107 | /**
|
108 | * Decrypts an encapsulated secret key.
|
109 | *
|
110 | * @param privateKey the RSA private key to decrypt with.
|
111 | * @param encapsulation the ciphertext for generating the secret key, as a binary-encoded
|
112 | * string of bytes.
|
113 | * @param keyLength the length, in bytes, of the secret key to generate.
|
114 | *
|
115 | * @return the secret key as a binary-encoded string of bytes.
|
116 | */
|
117 | decrypt(privateKey: pki.rsa.PrivateKey, encapsulation: string, keyLength: number): string;
|
118 | }
|
119 |
|
120 | interface random {
|
121 | getBytesSync(count: number): Bytes;
|
122 | }
|
123 |
|
124 | interface Options {
|
125 | |
126 |
|
127 |
|
128 | prng?: random | undefined;
|
129 | }
|
130 |
|
131 | |
132 |
|
133 |
|
134 |
|
135 |
|
136 |
|
137 |
|
138 |
|
139 |
|
140 |
|
141 |
|
142 |
|
143 | function create(kdf: KDF, options?: Options): kem;
|
144 | }
|
145 |
|
146 | interface EncryptResult {
|
147 | |
148 |
|
149 |
|
150 | encapsulation: string;
|
151 | |
152 |
|
153 |
|
154 | key: string;
|
155 | }
|
156 |
|
157 | interface KDF {
|
158 | |
159 |
|
160 |
|
161 |
|
162 |
|
163 |
|
164 |
|
165 |
|
166 | generate(x: string, length: number): string;
|
167 | }
|
168 |
|
169 | |
170 |
|
171 |
|
172 |
|
173 |
|
174 |
|
175 |
|
176 |
|
177 | class kdf1 implements KDF {
|
178 | constructor(md: md.MessageDigest, digestLength?: number);
|
179 | /**
|
180 | * Generate a key of the specified length.
|
181 | *
|
182 | * @param x the binary-encoded byte string to generate a key from.
|
183 | * @param length the number of bytes to generate (the size of the key).
|
184 | *
|
185 | * @return the key as a binary-encoded string.
|
186 | */
|
187 | generate(x: string, length: number): string;
|
188 | }
|
189 |
|
190 | /**
|
191 | * Creates a key derivation API object that implements KDF2 per ISO 18033-2.
|
192 | *
|
193 | * @param md the hash API to use.
|
194 | * @param digestLength a digest length that must be positive and less than or equal to `md.digestLength`.
|
195 | *
|
196 | * @return a KDF2 API object.
|
197 | */
|
198 | class kdf2 implements KDF {
|
199 | constructor(md: md.MessageDigest, digestLength?: number);
|
200 | /**
|
201 | * Generate a key of the specified length.
|
202 | *
|
203 | * @param x the binary-encoded byte string to generate a key from.
|
204 | * @param length the number of bytes to generate (the size of the key).
|
205 | *
|
206 | * @return the key as a binary-encoded string.
|
207 | */
|
208 | generate(x: string, length: number): string;
|
209 | }
|
210 | }
|
211 |
|
212 | namespace pem {
|
213 | interface EncodeOptions {
|
214 | maxline?: number | undefined;
|
215 | }
|
216 |
|
217 | interface ObjectPEM {
|
218 | type: string;
|
219 | body: Bytes;
|
220 | procType?: any;
|
221 | contentDomain?: any;
|
222 | dekInfo?: any;
|
223 | headers?: any[] | undefined;
|
224 | }
|
225 |
|
226 | function encode(msg: ObjectPEM, options?: EncodeOptions): string;
|
227 | function decode(str: string): ObjectPEM[];
|
228 | }
|
229 |
|
230 | namespace pki {
|
231 | type PEM = string;
|
232 | type PublicKey = rsa.PublicKey | ed25519.Key;
|
233 | type PrivateKey = rsa.PrivateKey | ed25519.Key;
|
234 | type EncryptionOptions = {
|
235 | algorithm?: "aes128" | "aes192" | "aes256" | "3des" | undefined;
|
236 | count?: number | undefined;
|
237 | saltSize?: number | undefined;
|
238 | prfAlgorithm?: "sha1" | "sha224" | "sha256" | "sha384" | "sha512" | undefined;
|
239 | legacy?: boolean | undefined;
|
240 | };
|
241 |
|
242 | interface ByteBufferFingerprintOptions {
|
243 | |
244 |
|
245 |
|
246 | type?: "SubjectPublicKeyInfo" | "RSAPublicKey" | undefined;
|
247 | |
248 |
|
249 |
|
250 | delimiter?: string | undefined;
|
251 | |
252 |
|
253 |
|
254 | md?: md.MessageDigest | undefined;
|
255 | }
|
256 |
|
257 | interface HexFingerprintOptions extends ByteBufferFingerprintOptions {
|
258 | |
259 |
|
260 |
|
261 | encoding: "hex";
|
262 | }
|
263 |
|
264 | interface BinaryFingerprintOptions extends ByteBufferFingerprintOptions {
|
265 | |
266 |
|
267 |
|
268 | encoding: "binary";
|
269 | }
|
270 |
|
271 | interface KeyPair {
|
272 | publicKey: PublicKey;
|
273 | privateKey: PrivateKey;
|
274 | }
|
275 |
|
276 | interface oids {
|
277 | [key: string]: string;
|
278 | }
|
279 | var oids: oids;
|
280 |
|
281 | namespace rsa {
|
282 | type EncryptionScheme = "RSAES-PKCS1-V1_5" | "RSA-OAEP" | "RAW" | "NONE" | null;
|
283 | type SignatureScheme = "RSASSA-PKCS1-V1_5" | pss.PSS | "NONE" | null;
|
284 |
|
285 | interface PublicKey {
|
286 | n: jsbn.BigInteger;
|
287 | e: jsbn.BigInteger;
|
288 | encrypt(data: Bytes, scheme?: EncryptionScheme, schemeOptions?: any): Bytes;
|
289 | verify(digest: Bytes, signature: Bytes, scheme?: SignatureScheme): boolean;
|
290 | }
|
291 |
|
292 | interface PrivateKey {
|
293 | n: jsbn.BigInteger;
|
294 | e: jsbn.BigInteger;
|
295 | d: jsbn.BigInteger;
|
296 | p: jsbn.BigInteger;
|
297 | q: jsbn.BigInteger;
|
298 | dP: jsbn.BigInteger;
|
299 | dQ: jsbn.BigInteger;
|
300 | qInv: jsbn.BigInteger;
|
301 | decrypt(data: Bytes, scheme?: EncryptionScheme, schemeOptions?: any): Bytes;
|
302 | sign(md: md.MessageDigest | Bytes, scheme?: SignatureScheme): Bytes;
|
303 | }
|
304 |
|
305 | interface KeyPair {
|
306 | publicKey: PublicKey;
|
307 | privateKey: PrivateKey;
|
308 | }
|
309 |
|
310 | interface GenerateKeyPairOptions {
|
311 | bits?: number | undefined;
|
312 | e?: number | undefined;
|
313 | workerScript?: string | undefined;
|
314 | workers?: number | undefined;
|
315 | workLoad?: number | undefined;
|
316 | prng?: any;
|
317 | algorithm?: string | undefined;
|
318 | }
|
319 |
|
320 | function setPublicKey(n: jsbn.BigInteger, e: jsbn.BigInteger): PublicKey;
|
321 |
|
322 | function setPrivateKey(
|
323 | n: jsbn.BigInteger,
|
324 | e: jsbn.BigInteger,
|
325 | d: jsbn.BigInteger,
|
326 | p: jsbn.BigInteger,
|
327 | q: jsbn.BigInteger,
|
328 | dP: jsbn.BigInteger,
|
329 | dQ: jsbn.BigInteger,
|
330 | qInv: jsbn.BigInteger,
|
331 | ): PrivateKey;
|
332 |
|
333 | function generateKeyPair(
|
334 | bits?: number,
|
335 | e?: number,
|
336 | callback?: (err: Error, keypair: KeyPair) => void,
|
337 | ): KeyPair;
|
338 | function generateKeyPair(
|
339 | options?: GenerateKeyPairOptions,
|
340 | callback?: (err: Error, keypair: KeyPair) => void,
|
341 | ): KeyPair;
|
342 | }
|
343 |
|
344 | namespace ed25519 {
|
345 | type NativeBuffer = Buffer | Uint8Array;
|
346 | type Key = NativeBuffer;
|
347 |
|
348 | type ToNativeBufferParameters =
|
349 | | {
|
350 | md: md.MessageDigest;
|
351 | }
|
352 | | {
|
353 | message: NativeBuffer | util.ByteBuffer;
|
354 | }
|
355 | | {
|
356 | message: string;
|
357 | encoding: "binary" | "utf8";
|
358 | };
|
359 |
|
360 |
|
361 | type BinaryBuffer = NativeBuffer | util.ByteBuffer | string;
|
362 |
|
363 | namespace constants {
|
364 | const PUBLIC_KEY_BYTE_LENGTH = 32;
|
365 | const PRIVATE_KEY_BYTE_LENGTH = 64;
|
366 | const SEED_BYTE_LENGTH = 32;
|
367 | const SIGN_BYTE_LENGTH = 64;
|
368 | const HASH_BYTE_LENGTH = 64;
|
369 | }
|
370 |
|
371 |
|
372 | function generateKeyPair(options?: { seed?: NativeBuffer | string | undefined }): {
|
373 | publicKey: NativeBuffer;
|
374 | privateKey: NativeBuffer;
|
375 | };
|
376 |
|
377 | function privateKeyFromAsn1(obj: asn1.Asn1): { privateKeyBytes: NativeBuffer };
|
378 |
|
379 | function publicKeyFromAsn1(obj: asn1.Asn1): NativeBuffer;
|
380 |
|
381 | function publicKeyFromPrivateKey(options: { privateKey: BinaryBuffer }): NativeBuffer;
|
382 |
|
383 | function sign(
|
384 | options: ToNativeBufferParameters & {
|
385 | privateKey: BinaryBuffer;
|
386 | },
|
387 | ): NativeBuffer;
|
388 |
|
389 | function verify(
|
390 | options: ToNativeBufferParameters & {
|
391 | signature: BinaryBuffer;
|
392 | publicKey: BinaryBuffer;
|
393 | },
|
394 | ): boolean;
|
395 | }
|
396 |
|
397 | interface CertificateFieldOptions {
|
398 | name?: string | undefined;
|
399 | type?: string | undefined;
|
400 | shortName?: string | undefined;
|
401 | }
|
402 |
|
403 | interface CertificateField extends CertificateFieldOptions {
|
404 | valueConstructed?: boolean | undefined;
|
405 | valueTagClass?: asn1.Class | undefined;
|
406 | value?: any[] | string | undefined;
|
407 | extensions?: any[] | undefined;
|
408 | }
|
409 |
|
410 | interface Certificate {
|
411 | version: number;
|
412 | serialNumber: string;
|
413 | signatureOid: string;
|
414 | signature: any;
|
415 | siginfo: {
|
416 | algorithmOid: string;
|
417 | parameters: any;
|
418 | };
|
419 | validity: {
|
420 | notBefore: Date;
|
421 | notAfter: Date;
|
422 | };
|
423 | issuer: {
|
424 | getField(sn: string | CertificateFieldOptions): any;
|
425 | addField(attr: CertificateField): void;
|
426 | attributes: CertificateField[];
|
427 | hash: any;
|
428 | };
|
429 | subject: {
|
430 | getField(sn: string | CertificateFieldOptions): any;
|
431 | addField(attr: CertificateField): void;
|
432 | attributes: CertificateField[];
|
433 | hash: any;
|
434 | };
|
435 | extensions: any[];
|
436 | privateKey: PrivateKey;
|
437 | publicKey: PublicKey;
|
438 | md: md.MessageDigest;
|
439 | signatureParameters: any;
|
440 | tbsCertificate: asn1.Asn1;
|
441 | |
442 |
|
443 |
|
444 |
|
445 |
|
446 |
|
447 | setSubject(attrs: CertificateField[], uniqueId?: string): void;
|
448 | |
449 |
|
450 |
|
451 |
|
452 |
|
453 |
|
454 | setIssuer(attrs: CertificateField[], uniqueId?: string): void;
|
455 | |
456 |
|
457 |
|
458 |
|
459 |
|
460 | setExtensions(exts: any[]): void;
|
461 | |
462 |
|
463 |
|
464 |
|
465 |
|
466 |
|
467 |
|
468 |
|
469 |
|
470 | getExtension(options: string | { name: string } | { id: number }): {} | undefined;
|
471 |
|
472 | |
473 |
|
474 |
|
475 |
|
476 |
|
477 |
|
478 | sign(key: pki.PrivateKey, md?: md.MessageDigest): void;
|
479 | |
480 |
|
481 |
|
482 |
|
483 |
|
484 |
|
485 |
|
486 |
|
487 | verify(child: Certificate): boolean;
|
488 |
|
489 | |
490 |
|
491 |
|
492 |
|
493 |
|
494 |
|
495 |
|
496 |
|
497 |
|
498 | isIssuer(parent: Certificate): boolean;
|
499 |
|
500 | |
501 |
|
502 |
|
503 |
|
504 |
|
505 |
|
506 |
|
507 |
|
508 |
|
509 | issued(child: Certificate): boolean;
|
510 |
|
511 | |
512 |
|
513 |
|
514 |
|
515 |
|
516 | generateSubjectKeyIdentifier(): util.ByteStringBuffer;
|
517 |
|
518 | |
519 |
|
520 |
|
521 |
|
522 |
|
523 |
|
524 |
|
525 | verifySubjectKeyIdentifier(): boolean;
|
526 | }
|
527 |
|
528 | interface CertificateSigningRequest {
|
529 | version: number;
|
530 | signatureOid: string | null;
|
531 | signature: any;
|
532 | siginfo: {
|
533 | algorithmOid: string | null;
|
534 | };
|
535 | subject: {
|
536 | getField(sn: string | CertificateFieldOptions): any;
|
537 | addField(attr: CertificateField): void;
|
538 | attributes: CertificateField[];
|
539 | hash: any;
|
540 | };
|
541 | publicKey: PublicKey | null;
|
542 | attributes: CertificateField[];
|
543 | |
544 |
|
545 |
|
546 |
|
547 |
|
548 |
|
549 |
|
550 |
|
551 |
|
552 |
|
553 | getAttribute(sn: string | GetAttributeOpts): Attribute | null;
|
554 | addAttribute(attr: CertificateField): void;
|
555 | md: md.MessageDigest | null;
|
556 | signatureParameters: any;
|
557 | certificationRequestInfo: asn1.Asn1 | null;
|
558 |
|
559 | |
560 |
|
561 |
|
562 |
|
563 |
|
564 |
|
565 | setSubject(attrs: CertificateField[]): void;
|
566 | setAttributes(attrs: CertificateField[]): void;
|
567 | |
568 |
|
569 |
|
570 |
|
571 |
|
572 |
|
573 | sign(key: pki.PrivateKey, md?: md.MessageDigest): void;
|
574 | |
575 |
|
576 |
|
577 |
|
578 |
|
579 |
|
580 | verify(): boolean;
|
581 | }
|
582 |
|
583 | |
584 |
|
585 |
|
586 | interface GetAttributeOpts {
|
587 | |
588 |
|
589 |
|
590 | type?: string | undefined;
|
591 | |
592 |
|
593 |
|
594 | name?: string | undefined;
|
595 | |
596 |
|
597 |
|
598 | shortName?: string | undefined;
|
599 | }
|
600 |
|
601 | interface Attribute {
|
602 | |
603 |
|
604 |
|
605 | name: string;
|
606 | |
607 |
|
608 |
|
609 | shortName?: string | undefined;
|
610 | |
611 |
|
612 |
|
613 | type: string;
|
614 | |
615 |
|
616 |
|
617 | value: any;
|
618 | |
619 |
|
620 |
|
621 | valueTagClass: number;
|
622 | |
623 |
|
624 |
|
625 | extensions?: any[] | undefined;
|
626 | }
|
627 |
|
628 | interface CAStore {
|
629 | addCertificate(cert: Certificate | string): void;
|
630 | hasCertificate(cert: Certificate | string): boolean;
|
631 | removeCertificate(cert: Certificate | string): Certificate | null;
|
632 | listAllCertificates(): pki.Certificate[];
|
633 | getIssuer(subject: Certificate): Certificate | null;
|
634 | getBySubject(subject: string): Certificate | null;
|
635 | }
|
636 |
|
637 | function certificateFromAsn1(obj: asn1.Asn1, computeHash?: boolean): Certificate;
|
638 |
|
639 | function certificationRequestFromAsn1(obj: asn1.Asn1, computeHash?: boolean): CertificateSigningRequest;
|
640 |
|
641 | function certificateToAsn1(cert: Certificate): asn1.Asn1;
|
642 |
|
643 | function certificationRequestToAsn1(cert: CertificateSigningRequest): asn1.Asn1;
|
644 |
|
645 | function decryptRsaPrivateKey(pem: PEM, passphrase?: string): rsa.PrivateKey;
|
646 |
|
647 | function createCertificate(): Certificate;
|
648 |
|
649 | function certificationRequestToPem(csr: CertificateSigningRequest, maxline?: number): PEM;
|
650 |
|
651 | function certificationRequestFromPem(
|
652 | pem: PEM,
|
653 | computeHash?: boolean,
|
654 | strict?: boolean,
|
655 | ): CertificateSigningRequest;
|
656 |
|
657 | function createCertificationRequest(): CertificateSigningRequest;
|
658 |
|
659 | function certificateToPem(cert: Certificate, maxline?: number): PEM;
|
660 |
|
661 | function certificateFromPem(pem: PEM, computeHash?: boolean, strict?: boolean): Certificate;
|
662 |
|
663 | function createCaStore(certs?: ReadonlyArray<Certificate | pki.PEM>): CAStore;
|
664 |
|
665 | function verifyCertificateChain(
|
666 | caStore: CAStore,
|
667 | chain: Certificate[],
|
668 | options?:
|
669 | | ((verified: boolean | string, depth: number, certs: Certificate[]) => boolean)
|
670 | | {
|
671 | verify?:
|
672 | | ((verified: boolean | string, depth: number, certs: Certificate[]) => boolean)
|
673 | | undefined;
|
674 | validityCheckDate?: Date | null | undefined;
|
675 | },
|
676 | ): boolean;
|
677 |
|
678 | function pemToDer(pem: PEM): util.ByteStringBuffer;
|
679 |
|
680 | function privateKeyToPem(key: PrivateKey, maxline?: number): PEM;
|
681 |
|
682 | function privateKeyInfoToPem(key: asn1.Asn1, maxline?: number): PEM;
|
683 |
|
684 | function publicKeyToPem(key: PublicKey, maxline?: number): PEM;
|
685 |
|
686 | function publicKeyToRSAPublicKeyPem(key: PublicKey, maxline?: number): PEM;
|
687 |
|
688 | function publicKeyFromPem(pem: PEM): rsa.PublicKey;
|
689 |
|
690 | function privateKeyFromPem(pem: PEM): rsa.PrivateKey;
|
691 |
|
692 | function decryptPrivateKeyInfo(obj: asn1.Asn1, password: string): asn1.Asn1;
|
693 |
|
694 | function encryptPrivateKeyInfo(obj: asn1.Asn1, password: string, options?: EncryptionOptions): asn1.Asn1;
|
695 |
|
696 | function encryptedPrivateKeyFromPem(pem: PEM): asn1.Asn1;
|
697 |
|
698 | function encryptedPrivateKeyToPem(obj: asn1.Asn1): PEM;
|
699 |
|
700 | function decryptRsaPrivateKey(pem: PEM, password: string): rsa.PrivateKey;
|
701 |
|
702 | function encryptRsaPrivateKey(privateKey: PrivateKey, password: string, options?: EncryptionOptions): PEM;
|
703 |
|
704 | function privateKeyFromAsn1(privateKey: asn1.Asn1): rsa.PrivateKey;
|
705 |
|
706 | function privateKeyToAsn1(privateKey: PrivateKey): asn1.Asn1;
|
707 |
|
708 | function publicKeyFromAsn1(publicKey: asn1.Asn1): rsa.PublicKey;
|
709 |
|
710 | function publicKeyToAsn1(publicKey: PublicKey): asn1.Asn1;
|
711 |
|
712 | function publicKeyToRSAPublicKey(publicKey: PublicKey): any;
|
713 |
|
714 | const setRsaPublicKey: typeof pki.rsa.setPublicKey;
|
715 |
|
716 | const setRsaPrivateKey: typeof pki.rsa.setPrivateKey;
|
717 |
|
718 | function wrapRsaPrivateKey(privateKey: asn1.Asn1): asn1.Asn1;
|
719 |
|
720 | function getPublicKeyFingerprint(
|
721 | publicKey: PublicKey,
|
722 | options?: ByteBufferFingerprintOptions,
|
723 | ): util.ByteStringBuffer;
|
724 | function getPublicKeyFingerprint(publicKey: PublicKey, options: HexFingerprintOptions): Hex;
|
725 | function getPublicKeyFingerprint(publicKey: PublicKey, options: BinaryFingerprintOptions): Bytes;
|
726 | }
|
727 |
|
728 | namespace random {
|
729 | function getBytes(count: number, callback?: (err: Error | null, bytes: Bytes) => any): void;
|
730 | function getBytesSync(count: number): Bytes;
|
731 | type CB = (_: any, seed: string) => void;
|
732 | interface Random {
|
733 | seedFileSync: (needed: number) => string;
|
734 | seedFile: (needed: number, cb: CB) => void;
|
735 | }
|
736 | function createInstance(): Random;
|
737 | }
|
738 |
|
739 | namespace ssh {
|
740 | interface FingerprintOptions {
|
741 | |
742 |
|
743 |
|
744 | delimiter?: string | undefined;
|
745 | |
746 |
|
747 |
|
748 | encoding?: "hex" | "binary" | undefined;
|
749 | |
750 |
|
751 |
|
752 | md?: md.MessageDigest | undefined;
|
753 | }
|
754 |
|
755 | |
756 |
|
757 |
|
758 | function privateKeyToOpenSSH(privateKey: pki.PrivateKey, passphrase?: string): string;
|
759 |
|
760 | |
761 |
|
762 |
|
763 | function privateKeyToPutty(privateKey: pki.PrivateKey, passphrase?: string, comment?: string): string;
|
764 |
|
765 | |
766 |
|
767 |
|
768 | function publicKeyToOpenSSH(publicKey: pki.PublicKey, comment?: string): string | pki.PEM;
|
769 |
|
770 | |
771 |
|
772 |
|
773 | function getPublicKeyFingerprint(
|
774 | publicKey: pki.PublicKey,
|
775 | options?: FingerprintOptions,
|
776 | ): util.ByteStringBuffer | Hex | string;
|
777 | }
|
778 |
|
779 | namespace asn1 {
|
780 | enum Class {
|
781 | UNIVERSAL = 0x00,
|
782 | APPLICATION = 0x40,
|
783 | CONTEXT_SPECIFIC = 0x80,
|
784 | PRIVATE = 0xc0,
|
785 | }
|
786 |
|
787 | enum Type {
|
788 | NONE = 0,
|
789 | BOOLEAN = 1,
|
790 | INTEGER = 2,
|
791 | BITSTRING = 3,
|
792 | OCTETSTRING = 4,
|
793 | NULL = 5,
|
794 | OID = 6,
|
795 | ODESC = 7,
|
796 | EXTERNAL = 8,
|
797 | REAL = 9,
|
798 | ENUMERATED = 10,
|
799 | EMBEDDED = 11,
|
800 | UTF8 = 12,
|
801 | ROID = 13,
|
802 | SEQUENCE = 16,
|
803 | SET = 17,
|
804 | PRINTABLESTRING = 19,
|
805 | IA5STRING = 22,
|
806 | UTCTIME = 23,
|
807 | GENERALIZEDTIME = 24,
|
808 | BMPSTRING = 30,
|
809 | }
|
810 |
|
811 | interface Asn1 {
|
812 | tagClass: Class;
|
813 | type: Type;
|
814 | constructed: boolean;
|
815 | composed: boolean;
|
816 | value: Bytes | Asn1[];
|
817 | }
|
818 |
|
819 | function create(tagClass: Class, type: Type, constructed: boolean, value: Bytes | Asn1[]): Asn1;
|
820 | function fromDer(bytes: Bytes | util.ByteBuffer, strict?: boolean): Asn1;
|
821 | function toDer(obj: Asn1): util.ByteBuffer;
|
822 |
|
823 | |
824 |
|
825 |
|
826 |
|
827 |
|
828 |
|
829 |
|
830 |
|
831 | function oidToDer(oid: OID): util.ByteBuffer;
|
832 |
|
833 | |
834 |
|
835 |
|
836 |
|
837 |
|
838 |
|
839 |
|
840 |
|
841 |
|
842 | function derToOid(bytes: Bytes | util.ByteBuffer): OID;
|
843 |
|
844 | function integerToDer(int: number): util.ByteBuffer;
|
845 | function derToInteger(bytes: Bytes | util.ByteBuffer): number;
|
846 |
|
847 | function dateToUtcTime(date: Date | string): Bytes;
|
848 | function utcTimeToDate(bytes: Bytes): Date;
|
849 |
|
850 | function dateToGeneralizedTime(date: Date | string): Bytes;
|
851 | function generalizedTimeToDate(bytes: Bytes): Date;
|
852 | }
|
853 |
|
854 | namespace util {
|
855 | function isArray(x: any): boolean;
|
856 | function isArrayBuffer(x: any): boolean;
|
857 | function isArrayBufferView(x: any): boolean;
|
858 |
|
859 | interface ArrayBufferView {
|
860 | buffer: ArrayBuffer;
|
861 | byteLength: number;
|
862 | }
|
863 |
|
864 | type ByteBuffer = ByteStringBuffer;
|
865 | class ByteStringBuffer {
|
866 | constructor(bytes?: Bytes | ArrayBuffer | ArrayBufferView | ByteStringBuffer);
|
867 | data: string;
|
868 | read: number;
|
869 | length(): number;
|
870 | isEmpty(): boolean;
|
871 | putByte(byte: Byte): ByteStringBuffer;
|
872 | fillWithByte(byte: Byte, n: number): ByteStringBuffer;
|
873 | putBytes(bytes: Bytes): ByteStringBuffer;
|
874 | putString(str: string): ByteStringBuffer;
|
875 | putInt16(int: number): ByteStringBuffer;
|
876 | putInt24(int: number): ByteStringBuffer;
|
877 | putInt32(int: number): ByteStringBuffer;
|
878 | putInt16Le(int: number): ByteStringBuffer;
|
879 | putInt24Le(int: number): ByteStringBuffer;
|
880 | putInt32Le(int: number): ByteStringBuffer;
|
881 | putInt(int: number, numOfBits: number): ByteStringBuffer;
|
882 | putSignedInt(int: number, numOfBits: number): ByteStringBuffer;
|
883 | putBuffer(buffer: ByteStringBuffer): ByteStringBuffer;
|
884 | getByte(): number;
|
885 | getInt16(): number;
|
886 | getInt24(): number;
|
887 | getInt32(): number;
|
888 | getInt16Le(): number;
|
889 | getInt24Le(): number;
|
890 | getInt32Le(): number;
|
891 | getInt(numOfBits: number): number;
|
892 | getSignedInt(numOfBits: number): number;
|
893 | getBytes(count?: number): Bytes;
|
894 | bytes(count?: number): Bytes;
|
895 | at(index: number): Byte;
|
896 | setAt(index: number, byte: number): ByteStringBuffer;
|
897 | last(): Byte;
|
898 | copy(): ByteStringBuffer;
|
899 | compact(): ByteStringBuffer;
|
900 | clear(): ByteStringBuffer;
|
901 | truncate(): ByteStringBuffer;
|
902 | toHex(): Hex;
|
903 | toString(): string;
|
904 | }
|
905 |
|
906 | function fillString(char: string, count: number): string;
|
907 | function xorBytes(bytes1: string, bytes2: string, count: number): string;
|
908 | function hexToBytes(hex: Hex): Bytes;
|
909 | function bytesToHex(bytes: Bytes): Hex;
|
910 | function int32ToBytes(int: number): Bytes;
|
911 | function encode64(bytes: Bytes, maxline?: number): Base64;
|
912 | function decode64(encoded: Base64): Bytes;
|
913 | function encodeUtf8(str: string): Utf8;
|
914 | function decodeUtf8(encoded: Utf8): string;
|
915 |
|
916 | function createBuffer(): ByteBuffer;
|
917 | function createBuffer(
|
918 | input: Bytes | ArrayBuffer | ArrayBufferView | ByteStringBuffer,
|
919 | encoding?: Encoding,
|
920 | ): ByteBuffer;
|
921 |
|
922 | namespace binary {
|
923 | namespace raw {
|
924 | function encode(x: Uint8Array): Bytes;
|
925 | function decode(str: Bytes, output?: Uint8Array, offset?: number): Uint8Array;
|
926 | }
|
927 | namespace hex {
|
928 | function encode(bytes: Bytes | ArrayBuffer | ArrayBufferView | ByteStringBuffer): Hex;
|
929 | function decode(hex: Hex, output?: Uint8Array, offset?: number): Uint8Array;
|
930 | }
|
931 | namespace base64 {
|
932 | function encode(input: Uint8Array, maxline?: number): Base64;
|
933 | function decode(input: Base64, output?: Uint8Array, offset?: number): Uint8Array;
|
934 | }
|
935 | }
|
936 |
|
937 | namespace text {
|
938 | namespace utf8 {
|
939 | function encode(str: string, output?: Uint8Array, offset?: number): Uint8Array;
|
940 | function decode(bytes: Uint8Array): Utf8;
|
941 | }
|
942 | namespace utf16 {
|
943 | function encode(str: string, output?: Uint8Array, offset?: number): Uint8Array;
|
944 | function decode(bytes: Uint8Array): string;
|
945 | }
|
946 | }
|
947 | }
|
948 |
|
949 | namespace pkcs12 {
|
950 | interface BagsFilter {
|
951 | localKeyId?: string | undefined;
|
952 | localKeyIdHex?: string | undefined;
|
953 | friendlyName?: string | undefined;
|
954 | bagType?: string | undefined;
|
955 | }
|
956 |
|
957 | interface Bag {
|
958 | type: string;
|
959 | attributes: any;
|
960 | key?: pki.PrivateKey | undefined;
|
961 | cert?: pki.Certificate | undefined;
|
962 | asn1: asn1.Asn1;
|
963 | }
|
964 |
|
965 | interface Pkcs12Pfx {
|
966 | version: string;
|
967 | safeContents: Array<{
|
968 | encrypted: boolean;
|
969 | safeBags: Bag[];
|
970 | }>;
|
971 | getBags: (filter: BagsFilter) => {
|
972 | [key: string]: Bag[] | undefined;
|
973 | localKeyId?: Bag[] | undefined;
|
974 | friendlyName?: Bag[] | undefined;
|
975 | };
|
976 | getBagsByFriendlyName: (fiendlyName: string, bagType: string) => Bag[];
|
977 | getBagsByLocalKeyId: (localKeyId: string, bagType: string) => Bag[];
|
978 | }
|
979 |
|
980 | function pkcs12FromAsn1(obj: any, strict?: boolean, password?: string): Pkcs12Pfx;
|
981 | function pkcs12FromAsn1(obj: any, password?: string): Pkcs12Pfx;
|
982 |
|
983 | function toPkcs12Asn1(
|
984 | key: pki.PrivateKey | null,
|
985 | cert: pki.Certificate | pki.Certificate[],
|
986 | password: string | null,
|
987 | options?: {
|
988 | algorithm?: "aes128" | "aes192" | "aes256" | "3des" | undefined;
|
989 | count?: number | undefined;
|
990 | saltSize?: number | undefined;
|
991 | useMac?: boolean | undefined;
|
992 | localKeyId?: Hex | undefined;
|
993 | friendlyName?: string | undefined;
|
994 | generateLocalKeyId?: boolean | undefined;
|
995 | },
|
996 | ): asn1.Asn1;
|
997 |
|
998 | function generateKey(
|
999 | password: string | null | undefined,
|
1000 | salt: util.ByteBuffer,
|
1001 | id: Byte,
|
1002 | iter: number,
|
1003 | n: number,
|
1004 | md?: md.MessageDigest,
|
1005 | ): util.ByteBuffer;
|
1006 | }
|
1007 |
|
1008 | namespace pkcs7 {
|
1009 | interface PkcsSignedData {
|
1010 | content?: string | util.ByteBuffer | undefined;
|
1011 | contentInfo?: { value: any[] } | undefined;
|
1012 |
|
1013 | certificates: pki.Certificate[];
|
1014 |
|
1015 | addCertificate(certificate: pki.Certificate | string): void;
|
1016 | addSigner(options: {
|
1017 | key: pki.rsa.PrivateKey | string;
|
1018 | certificate: pki.Certificate | string;
|
1019 | digestAlgorithm: string;
|
1020 | authenticatedAttributes?: Array<{ type: string; value?: string | undefined }> | undefined;
|
1021 | }): void;
|
1022 | sign(options?: { detached?: boolean | undefined }): void;
|
1023 | toAsn1(): asn1.Asn1;
|
1024 | }
|
1025 |
|
1026 | function createSignedData(): PkcsSignedData;
|
1027 |
|
1028 | interface Recipient {
|
1029 | version: number;
|
1030 | issuer: pki.CertificateField[];
|
1031 | serialNumber: Hex;
|
1032 | encryptedContent: {
|
1033 | algorithm: OID;
|
1034 | parameter: Bytes;
|
1035 | content: Bytes;
|
1036 | };
|
1037 | }
|
1038 |
|
1039 | interface PkcsEnvelopedData {
|
1040 | content?: string | util.ByteBuffer | undefined;
|
1041 | recipients: Recipient[];
|
1042 |
|
1043 | |
1044 |
|
1045 |
|
1046 |
|
1047 |
|
1048 | addRecipient(certificate: pki.Certificate): void;
|
1049 | |
1050 |
|
1051 |
|
1052 |
|
1053 |
|
1054 |
|
1055 |
|
1056 |
|
1057 |
|
1058 |
|
1059 |
|
1060 |
|
1061 |
|
1062 | encrypt(key?: util.ByteBuffer, cipher?: OID): void;
|
1063 |
|
1064 | |
1065 |
|
1066 |
|
1067 |
|
1068 |
|
1069 |
|
1070 |
|
1071 | findRecipient(cert: pki.Certificate): Recipient | null;
|
1072 | |
1073 |
|
1074 |
|
1075 |
|
1076 |
|
1077 |
|
1078 | decrypt(recipient: Recipient, privKey: pki.rsa.PrivateKey): void;
|
1079 |
|
1080 | toAsn1(): asn1.Asn1;
|
1081 | }
|
1082 |
|
1083 | function createEnvelopedData(): PkcsEnvelopedData;
|
1084 |
|
1085 |
|
1086 | type Captured<T> = T & {
|
1087 | rawCapture: any;
|
1088 | };
|
1089 |
|
1090 | |
1091 |
|
1092 |
|
1093 |
|
1094 |
|
1095 |
|
1096 |
|
1097 |
|
1098 | function messageToPem(msg: PkcsSignedData, maxline?: number): string;
|
1099 |
|
1100 | |
1101 |
|
1102 |
|
1103 |
|
1104 |
|
1105 |
|
1106 |
|
1107 | function messageFromPem(pem: pki.PEM): Captured<PkcsEnvelopedData | PkcsSignedData>;
|
1108 |
|
1109 | |
1110 |
|
1111 |
|
1112 |
|
1113 |
|
1114 |
|
1115 |
|
1116 | function messageFromAsn1(asn: asn1.Asn1): Captured<PkcsEnvelopedData | PkcsSignedData>;
|
1117 | }
|
1118 |
|
1119 | namespace pkcs5 {
|
1120 | function pbkdf2(password: string, salt: string, iterations: number, keySize: number): string;
|
1121 | function pbkdf2(
|
1122 | password: string,
|
1123 | salt: string,
|
1124 | iterations: number,
|
1125 | keySize: number,
|
1126 | messageDigest: md.MessageDigest | md.Algorithm,
|
1127 | ): string;
|
1128 | function pbkdf2(
|
1129 | password: string,
|
1130 | salt: string,
|
1131 | iterations: number,
|
1132 | keySize: number,
|
1133 | callback: (err: Error | null, dk: string | null) => any,
|
1134 | ): void;
|
1135 | function pbkdf2(
|
1136 | password: string,
|
1137 | salt: string,
|
1138 | iterations: number,
|
1139 | keySize: number,
|
1140 | messageDigest?: md.MessageDigest | md.Algorithm,
|
1141 | callback?: (err: Error | null, dk: string) => any,
|
1142 | ): void;
|
1143 | }
|
1144 |
|
1145 | const md: {
|
1146 | sha1: {
|
1147 | create(): md.sha1.MessageDigest;
|
1148 | };
|
1149 | sha256: {
|
1150 | create(): md.sha256.MessageDigest;
|
1151 | };
|
1152 | sha512: {
|
1153 | create<TAlg extends md.sha512.AlgorithmSelection = md.sha512.AlgorithmSelection.Sha512>(
|
1154 |
|
1155 | algorithm?: TAlg,
|
1156 | ): TAlg extends md.sha512.AlgorithmSelection.Sha384 ? md.sha512.Sha384MessageDigest
|
1157 | : TAlg extends md.sha512.AlgorithmSelection.Sha512224 ? md.sha512.Sha512224MessageDigest
|
1158 | : TAlg extends md.sha512.AlgorithmSelection.Sha512256 ? md.sha512.Sha512256MessageDigest
|
1159 | : TAlg extends md.sha512.AlgorithmSelection.Sha512 ? md.sha512.Sha512MessageDigest
|
1160 | : never;
|
1161 | sha224: {
|
1162 | create(): md.sha512.Sha512224MessageDigest;
|
1163 | };
|
1164 | sha256: {
|
1165 | create(): md.sha512.Sha512256MessageDigest;
|
1166 | };
|
1167 | sha384: {
|
1168 | create(): md.sha512.Sha384MessageDigest;
|
1169 | };
|
1170 | };
|
1171 | sha384: typeof md.sha512.sha384;
|
1172 | "sha512/224": typeof md.sha512.sha224;
|
1173 | "sha512/256": typeof md.sha512.sha256;
|
1174 | md5: {
|
1175 | create(): md.md5.MessageDigest;
|
1176 | };
|
1177 | algorithms: {
|
1178 | md5: typeof md.md5;
|
1179 | sha1: typeof md.sha1;
|
1180 | sha256: typeof md.sha256;
|
1181 | sha384: typeof md.sha384;
|
1182 | sha512: typeof md.sha512;
|
1183 | "sha512/224": (typeof md)["sha512/224"];
|
1184 | "sha512/256": (typeof md)["sha512/256"];
|
1185 | };
|
1186 | };
|
1187 |
|
1188 | const md5: typeof md.md5;
|
1189 | const sha1: typeof md.sha1;
|
1190 | const sha256: typeof md.sha256;
|
1191 | const sha384: typeof md.sha384;
|
1192 | const sha512: typeof md.sha512;
|
1193 |
|
1194 | namespace md {
|
1195 | type Algorithm = md5.Algorithm | sha1.Algorithm | sha256.Algorithm | sha512.Algorithm;
|
1196 |
|
1197 | interface MessageDigest {
|
1198 | readonly algorithm: Algorithm;
|
1199 | readonly blockLength: number;
|
1200 | readonly digestLength: number;
|
1201 | messageLength: number;
|
1202 | fullMessageLength: number[] | null;
|
1203 | readonly messageLengthSize: number;
|
1204 | update(msg: string, encoding?: Encoding): this;
|
1205 | digest(): util.ByteStringBuffer;
|
1206 | }
|
1207 |
|
1208 | namespace md5 {
|
1209 | type Algorithm = "md5";
|
1210 |
|
1211 | interface MessageDigest extends md.MessageDigest {
|
1212 | readonly algorithm: Algorithm;
|
1213 | readonly blockLength: 64;
|
1214 | readonly digestLength: 16;
|
1215 | readonly messageLengthSize: 8;
|
1216 | }
|
1217 | }
|
1218 |
|
1219 | namespace sha1 {
|
1220 | type Algorithm = "sha1";
|
1221 |
|
1222 | interface MessageDigest extends md.MessageDigest {
|
1223 | readonly algorithm: Algorithm;
|
1224 | readonly blockLength: 64;
|
1225 | readonly digestLength: 20;
|
1226 | readonly messageLengthSize: 8;
|
1227 | }
|
1228 | }
|
1229 |
|
1230 | namespace sha256 {
|
1231 | type Algorithm = "sha256";
|
1232 |
|
1233 | interface MessageDigest extends md.MessageDigest {
|
1234 | readonly algorithm: Algorithm;
|
1235 | readonly blockLength: 64;
|
1236 | readonly digestLength: 32;
|
1237 | readonly messageLengthSize: 8;
|
1238 | }
|
1239 | }
|
1240 |
|
1241 | namespace sha512 {
|
1242 | type Algorithm = Algorithm.Sha384 | Algorithm.Sha512 | Algorithm.Sha512224 | Algorithm.Sha512256;
|
1243 | namespace Algorithm {
|
1244 | type Sha384 = "sha384";
|
1245 | type Sha512 = "sha512";
|
1246 | type Sha512224 = "sha512/224";
|
1247 | type Sha512256 = "sha512/256";
|
1248 | }
|
1249 |
|
1250 | type AlgorithmSelection =
|
1251 | | AlgorithmSelection.Sha384
|
1252 | | AlgorithmSelection.Sha512
|
1253 | | AlgorithmSelection.Sha512224
|
1254 | | AlgorithmSelection.Sha512256;
|
1255 | namespace AlgorithmSelection {
|
1256 | type Sha384 = "SHA-384";
|
1257 | type Sha512 = "SHA-512";
|
1258 | type Sha512224 = "SHA-512/224";
|
1259 | type Sha512256 = "SHA-512/256";
|
1260 | }
|
1261 |
|
1262 | interface MessageDigest extends md.MessageDigest {
|
1263 | readonly algorithm: Algorithm;
|
1264 | readonly blockLength: 128;
|
1265 | readonly messageLengthSize: 16;
|
1266 | }
|
1267 |
|
1268 | interface Sha512224MessageDigest extends MessageDigest {
|
1269 | readonly algorithm: Algorithm.Sha512224;
|
1270 | readonly digestLength: 28;
|
1271 | }
|
1272 |
|
1273 | interface Sha512256MessageDigest extends MessageDigest {
|
1274 | readonly algorithm: Algorithm.Sha512256;
|
1275 | readonly digestLength: 32;
|
1276 | }
|
1277 |
|
1278 | interface Sha384MessageDigest extends MessageDigest {
|
1279 | readonly algorithm: Algorithm.Sha384;
|
1280 | readonly digestLength: 48;
|
1281 | }
|
1282 |
|
1283 | interface Sha512MessageDigest extends MessageDigest {
|
1284 | readonly algorithm: Algorithm.Sha512;
|
1285 | readonly digestLength: 64;
|
1286 | }
|
1287 | }
|
1288 | }
|
1289 |
|
1290 | namespace hmac {
|
1291 | type Algorithm = md.Algorithm;
|
1292 |
|
1293 | interface HMAC {
|
1294 | digest(): util.ByteBuffer;
|
1295 | getMac(): util.ByteBuffer;
|
1296 | start(md: Algorithm | md.MessageDigest, key: string | util.ByteBuffer | null): void;
|
1297 | update(bytes: string): void;
|
1298 | }
|
1299 |
|
1300 | function create(): HMAC;
|
1301 | }
|
1302 |
|
1303 | namespace cipher {
|
1304 | type Algorithm =
|
1305 | | "AES-ECB"
|
1306 | | "AES-CBC"
|
1307 | | "AES-CFB"
|
1308 | | "AES-OFB"
|
1309 | | "AES-CTR"
|
1310 | | "AES-GCM"
|
1311 | | "3DES-ECB"
|
1312 | | "3DES-CBC"
|
1313 | | "DES-ECB"
|
1314 | | "DES-CBC";
|
1315 |
|
1316 | function createCipher(algorithm: Algorithm, payload: util.ByteBuffer | Bytes): BlockCipher;
|
1317 | function createDecipher(algorithm: Algorithm, payload: util.ByteBuffer | Bytes): BlockCipher;
|
1318 |
|
1319 | interface StartOptions {
|
1320 | iv?: util.ByteBuffer | Byte[] | Bytes | undefined;
|
1321 | tag?: util.ByteStringBuffer | undefined;
|
1322 | tagLength?: number | undefined;
|
1323 | additionalData?: string | undefined;
|
1324 | }
|
1325 |
|
1326 | interface BlockCipher {
|
1327 | start: (options?: StartOptions) => void;
|
1328 | update: (payload: util.ByteBuffer) => void;
|
1329 | finish: () => boolean;
|
1330 | output: util.ByteStringBuffer;
|
1331 | mode: Mode;
|
1332 | }
|
1333 |
|
1334 | interface Mode {
|
1335 | tag: util.ByteStringBuffer;
|
1336 | }
|
1337 | }
|
1338 |
|
1339 | namespace pss {
|
1340 | type PSS = any;
|
1341 |
|
1342 | function create(any: any): PSS;
|
1343 | }
|
1344 |
|
1345 | namespace mgf {
|
1346 | namespace mgf1 {
|
1347 | function create(any: any): any;
|
1348 | }
|
1349 | }
|
1350 |
|
1351 | namespace tls {
|
1352 | interface ProtocolVersion {
|
1353 | major: Byte;
|
1354 | minor: Byte;
|
1355 | }
|
1356 |
|
1357 | const Versions: ProtocolVersion[];
|
1358 | const SupportedVersions: ProtocolVersion[];
|
1359 | const Version: ProtocolVersion;
|
1360 |
|
1361 | const MaxFragment: number;
|
1362 |
|
1363 | enum ConnectionEnd {
|
1364 | server = 0,
|
1365 | client = 1,
|
1366 | }
|
1367 |
|
1368 | enum PRFAlgorithm {
|
1369 | tls_prf_sha256 = 0,
|
1370 | }
|
1371 |
|
1372 | enum BulkCipherAlgorithm {
|
1373 | rc4 = 0,
|
1374 | des3 = 1,
|
1375 | aes = 2,
|
1376 | }
|
1377 |
|
1378 | enum CipherType {
|
1379 | stream = 0,
|
1380 | block = 1,
|
1381 | aead = 2,
|
1382 | }
|
1383 |
|
1384 | enum MACAlgorithm {
|
1385 | hmac_md5 = 0,
|
1386 | hmac_sha1 = 1,
|
1387 | hmac_sha256 = 2,
|
1388 | hmac_sha384 = 3,
|
1389 | hmac_sha512 = 4,
|
1390 | }
|
1391 |
|
1392 | enum CompressionMethod {
|
1393 | none = 0,
|
1394 | deflate = 1,
|
1395 | }
|
1396 |
|
1397 | enum ContentType {
|
1398 | change_cipher_spec = 20,
|
1399 | alert = 21,
|
1400 | handshake = 22,
|
1401 | application_data = 23,
|
1402 | heartbeat = 24,
|
1403 | }
|
1404 |
|
1405 | enum HandshakeType {
|
1406 | hello_request = 0,
|
1407 | client_hello = 1,
|
1408 | server_hello = 2,
|
1409 | certificate = 11,
|
1410 | server_key_exchange = 12,
|
1411 | certificate_request = 13,
|
1412 | server_hello_done = 14,
|
1413 | certificate_verify = 15,
|
1414 | client_key_exchange = 16,
|
1415 | finished = 20,
|
1416 | }
|
1417 |
|
1418 | namespace Alert {
|
1419 | enum Level {
|
1420 | warning = 1,
|
1421 | fatal = 2,
|
1422 | }
|
1423 |
|
1424 | enum Description {
|
1425 | close_notify = 0,
|
1426 | unexpected_message = 10,
|
1427 | bad_record_mac = 20,
|
1428 | decryption_failed = 21,
|
1429 | record_overflow = 22,
|
1430 | decompression_failure = 30,
|
1431 | handshake_failure = 40,
|
1432 | bad_certificate = 42,
|
1433 | unsupported_certificate = 43,
|
1434 | certificate_revoked = 44,
|
1435 | certificate_expired = 45,
|
1436 | certificate_unknown = 46,
|
1437 | illegal_parameter = 47,
|
1438 | unknown_ca = 48,
|
1439 | access_denied = 49,
|
1440 | decode_error = 50,
|
1441 | decrypt_error = 51,
|
1442 | export_restriction = 60,
|
1443 | protocol_version = 70,
|
1444 | insufficient_security = 71,
|
1445 | internal_error = 80,
|
1446 | user_canceled = 90,
|
1447 | no_renegotiation = 100,
|
1448 | }
|
1449 | }
|
1450 |
|
1451 | enum HeartbeatMessageType {
|
1452 | heartbeat_request = 1,
|
1453 | heartbeat_response = 2,
|
1454 | }
|
1455 |
|
1456 | interface CipherSuite {
|
1457 | id: [Byte, Byte];
|
1458 | name: string;
|
1459 | }
|
1460 |
|
1461 | const CipherSuites: { [name: string]: CipherSuite };
|
1462 |
|
1463 | interface CertificateRequest {
|
1464 | certificate_types: util.ByteBuffer;
|
1465 | certificate_authorities: util.ByteBuffer;
|
1466 | }
|
1467 |
|
1468 | type ConnectionState = any;
|
1469 |
|
1470 | interface Connection {
|
1471 | version: ProtocolVersion;
|
1472 | entity: ConnectionEnd;
|
1473 | sessionId: Bytes | null;
|
1474 | caStore: pki.CAStore;
|
1475 | sessionCache: SessionCache | null;
|
1476 | cipherSuites: CipherSuite[];
|
1477 | connected(conn: Connection): void;
|
1478 | virtualHost: string | null;
|
1479 | verifyClient: boolean;
|
1480 | verify(conn: Connection, verified: Verified, depth: number, certs: pki.Certificate[]): Verified;
|
1481 | getCertificate:
|
1482 | | ((conn: Connection, hint: CertificateRequest | string[]) => pki.PEM | readonly pki.PEM[])
|
1483 | | null;
|
1484 | getPrivateKey: ((conn: Connection, certificate: pki.Certificate) => pki.PEM) | null;
|
1485 | getSignature:
|
1486 | | ((conn: Connection, bytes: Bytes, callback: (conn: Connection, bytes: Bytes) => void) => void)
|
1487 | | null;
|
1488 | input: util.ByteBuffer;
|
1489 | tlsData: util.ByteBuffer;
|
1490 | data: util.ByteBuffer;
|
1491 | tlsDataReady(conn: Connection): void;
|
1492 | dataReady(conn: Connection): void;
|
1493 | heartbeatReceived: ((conn: Connection, payload: util.ByteBuffer) => void) | undefined;
|
1494 | closed(conn: Connection): void;
|
1495 | error(conn: Connection, error: TLSError): void;
|
1496 | deflate: ((inBytes: Bytes) => Bytes) | null;
|
1497 | inflate: ((inBytes: Bytes) => Bytes) | null;
|
1498 | reset(clearFail?: boolean): void;
|
1499 | record: Record | null;
|
1500 | session: Session | null;
|
1501 | peerCertificate: pki.Certificate | null;
|
1502 | state: { pending: ConnectionState | null; current: ConnectionState };
|
1503 | expect: number;
|
1504 | fragmented: Record | null;
|
1505 | records: Record[];
|
1506 | open: boolean;
|
1507 | handshakes: number;
|
1508 | handshaking: boolean;
|
1509 | isConnected: boolean;
|
1510 | fail: boolean;
|
1511 | handshake(sessionId?: Bytes | null): void;
|
1512 | process(data: Bytes): number;
|
1513 | prepare(data: Bytes): boolean;
|
1514 | prepareHeartbeatRequest(payload: Bytes | util.ByteBuffer, payloadLength?: number): boolean;
|
1515 | close(clearFail?: boolean): Connection;
|
1516 | }
|
1517 |
|
1518 | interface Record {
|
1519 | type: ContentType;
|
1520 | version: ProtocolVersion;
|
1521 | length: number;
|
1522 | fragment: util.ByteBuffer;
|
1523 | ready?: boolean | undefined;
|
1524 | }
|
1525 |
|
1526 | interface Session {
|
1527 | version: ProtocolVersion | null;
|
1528 | extensions: { [_: string]: object };
|
1529 | cipherSuite: CipherSuite | null;
|
1530 | compressionMethod: CompressionMethod | null;
|
1531 | serverCertificate: pki.Certificate | null;
|
1532 | clientCertificate: pki.Certificate | null;
|
1533 | md5: md.MessageDigest;
|
1534 | sha1: md.MessageDigest;
|
1535 | }
|
1536 |
|
1537 | interface SessionCache {
|
1538 | cache: { [key: string]: Session };
|
1539 | capacity: number;
|
1540 | order: [Hex];
|
1541 | getSession(sessionId: Bytes): Session;
|
1542 | setSession(sessionId: Bytes, session: Session): void;
|
1543 | }
|
1544 |
|
1545 | function createSessionCache(cache?: SessionCache | { [key: string]: Session }, capacity?: number): SessionCache;
|
1546 |
|
1547 | interface Alert {
|
1548 | level: Alert.Level;
|
1549 | description: Alert.Description;
|
1550 | }
|
1551 |
|
1552 | interface TLSError extends Error {
|
1553 | message: string;
|
1554 | send: boolean;
|
1555 | origin: "server" | "client";
|
1556 | alert: Alert;
|
1557 | }
|
1558 |
|
1559 | type Verified = true | { message?: string | undefined; alert?: Alert.Description | undefined };
|
1560 |
|
1561 | function createConnection(options: {
|
1562 | server?: boolean | undefined;
|
1563 | sessionId?: Bytes | null | undefined;
|
1564 | caStore?: pki.CAStore | readonly pki.Certificate[] | undefined;
|
1565 | sessionCache?: SessionCache | { [key: string]: Session } | undefined;
|
1566 | cipherSuites?: CipherSuite[] | undefined;
|
1567 | connected(conn: Connection): void;
|
1568 | virtualHost?: string | undefined;
|
1569 | verifyClient?: boolean | undefined;
|
1570 | verify?(conn: Connection, verified: Verified, depth: number, certs: pki.Certificate[]): Verified;
|
1571 | getCertificate?(conn: Connection, hint: CertificateRequest | string[]): pki.PEM | readonly pki.PEM[];
|
1572 | getPrivateKey?(conn: Connection, certificate: pki.Certificate): pki.PEM;
|
1573 | getSignature?(conn: Connection, bytes: Bytes, callback: (conn: Connection, bytes: Bytes) => void): void;
|
1574 | tlsDataReady(conn: Connection): void;
|
1575 | dataReady(conn: Connection): void;
|
1576 | heartbeatReceived?(conn: Connection, payload: util.ByteBuffer): void;
|
1577 | closed(conn: Connection): void;
|
1578 | error(conn: Connection, error: TLSError): void;
|
1579 | deflate?(inBytes: Bytes): Bytes;
|
1580 | inflate?(inBytes: Bytes): Bytes;
|
1581 | }): Connection;
|
1582 |
|
1583 | function prf_tls1(secret: string, label: string, seed: string, length: number): util.ByteBuffer;
|
1584 |
|
1585 | function hmac_sha1(
|
1586 | key: string | readonly Byte[] | util.ByteBuffer,
|
1587 | seqNum: [number, number],
|
1588 | record: Record,
|
1589 | ): Bytes;
|
1590 | }
|
1591 | }
|
1592 |
|
\ | No newline at end of file |