1 |
|
2 |
|
3 |
|
4 |
|
5 |
|
6 |
|
7 |
|
8 | import crypto = require('crypto');
|
9 | import { Stream } from 'stream';
|
10 |
|
11 | declare class SshPK {}
|
12 |
|
13 | declare namespace SshPK {
|
14 | class Algo {
|
15 | parts: string[];
|
16 | sizePart?: string | undefined;
|
17 | normalize?: boolean | undefined;
|
18 | }
|
19 |
|
20 | class algInfo {
|
21 | dsa: Algo;
|
22 | rsa: Algo;
|
23 | ecdsa: Algo;
|
24 | ed25519: Algo;
|
25 | curve25519: Algo;
|
26 | }
|
27 |
|
28 | class algPrivInfo {
|
29 | dsa: Algo;
|
30 | rsa: Algo;
|
31 | ecdsa: Algo;
|
32 | ed25519: Algo;
|
33 | curve25519: Algo;
|
34 | }
|
35 |
|
36 | class hashAlgs {
|
37 | md5: boolean;
|
38 | sha1: boolean;
|
39 | sha256: boolean;
|
40 | sha384: boolean;
|
41 | sha512: boolean;
|
42 | }
|
43 |
|
44 | class Curve {
|
45 | size: number;
|
46 | pkcs8oid: string;
|
47 | p: Buffer;
|
48 | a: Buffer;
|
49 | b: Buffer;
|
50 | s: Buffer;
|
51 | n: Buffer;
|
52 | G: Buffer;
|
53 | }
|
54 |
|
55 | class curves {
|
56 | nistp256: Curve;
|
57 | nistp384: Curve;
|
58 | nistp512: Curve;
|
59 | }
|
60 |
|
61 | class algs {
|
62 | info: algInfo;
|
63 | privInfo: algPrivInfo;
|
64 | hashAlgs: hashAlgs;
|
65 | curves: curves;
|
66 | }
|
67 |
|
68 | class Certificate {
|
69 | subjects: Identity[];
|
70 | issuer: Identity;
|
71 | subjectKey: Key;
|
72 | issuerKey: Key;
|
73 | signatures: { x509: Signature; openssh: Signature };
|
74 | serial: Buffer;
|
75 | validFrom: Date;
|
76 | validUntil: Date;
|
77 | static formats: Formats;
|
78 | constructor(opts: any);
|
79 |
|
80 | toBuffer(format: string, options?: any): Buffer;
|
81 |
|
82 | toString(format: string, options?: any): string;
|
83 |
|
84 | fingerprint(algo: string): Fingerprint;
|
85 |
|
86 | hash(algo: string): string;
|
87 |
|
88 | isExpired(when: Date): boolean;
|
89 |
|
90 | isSignedBy(issuerCert: Certificate): boolean;
|
91 |
|
92 | isSignedByKey(issuerKey: Key): boolean;
|
93 |
|
94 | signWith(key: PrivateKey): void;
|
95 |
|
96 | getExtensions():
|
97 | | Array<{ format: 'x509'; oid: string; critical: boolean; pathLen: number }>
|
98 | | Array<{ format: 'openssh'; name: string; critical: boolean; data: Buffer }>;
|
99 | getExtension(
|
100 | keyOrOid: string,
|
101 | ):
|
102 | | { format: 'x509'; oid: string; critical: boolean; pathLen: number }
|
103 | | { format: 'openssh'; name: string; critical: boolean; data: Buffer }
|
104 | | undefined;
|
105 | static createSelfSigned(
|
106 | subjectOrSubjects: Identity[],
|
107 | key: Key,
|
108 | options: { validFrom?: Date; validUntil?: Date; lifetime?: number; serial?: Buffer; purposes?: string[] },
|
109 | ): Certificate;
|
110 |
|
111 | static create(
|
112 | subjectOrSubjects: string,
|
113 | key: Key,
|
114 | issuer: string,
|
115 | issuerKey: PrivateKey,
|
116 | options: any,
|
117 | ): Certificate;
|
118 |
|
119 | static parse(
|
120 | data: string | Buffer,
|
121 | format: string,
|
122 | options: { validFrom?: Date; validUntil?: Date; lifetime?: number; serial?: Buffer; purposes?: string[] },
|
123 | ): Certificate;
|
124 |
|
125 | static isCertificate(data: string | Buffer, ver: string): boolean;
|
126 | }
|
127 |
|
128 | class DiffieHellman {
|
129 | constructor(key: Key);
|
130 |
|
131 | getPublicKey(): Key;
|
132 | getPrivateKey(): PrivateKey;
|
133 | getKey(): PrivateKey;
|
134 | setKey(key: PrivateKey): void;
|
135 | setPrivateKey(key: PrivateKey): void;
|
136 |
|
137 | computeSecret(otherpk: PrivateKey): Buffer;
|
138 |
|
139 | generateKey(): PrivateKey;
|
140 | generateKeys(): PrivateKey;
|
141 | }
|
142 |
|
143 | class X9ECParameters {
|
144 | G: any;
|
145 | g: any;
|
146 | n: any;
|
147 | h: any;
|
148 | }
|
149 |
|
150 | class ECPublic {
|
151 | constructor(params: X9ECParameters, buffer: Buffer);
|
152 | }
|
153 |
|
154 | class ECPrivate {
|
155 | constructor(params: X9ECParameters, buffer: Buffer);
|
156 | deriveSharedSecret(pk: Key): Buffer;
|
157 | }
|
158 |
|
159 | class Verifier {
|
160 | constructor(key: Key, hashAlgo: string);
|
161 |
|
162 | update(chunk: string | Buffer): void;
|
163 |
|
164 | verify(signature: string): boolean;
|
165 | }
|
166 |
|
167 | class Signer extends Stream.Writable {
|
168 | private constructor();
|
169 |
|
170 | update(data: crypto.BinaryLike): this;
|
171 | update(data: string, input_encoding: crypto.Encoding): this;
|
172 | sign(private_key: crypto.KeyLike | crypto.SignKeyObjectInput | crypto.SignPrivateKeyInput): Buffer;
|
173 | sign(
|
174 | private_key: crypto.KeyLike | crypto.SignKeyObjectInput | crypto.SignPrivateKeyInput,
|
175 | output_format: crypto.BinaryToTextEncoding,
|
176 | ): string;
|
177 | sign(): Signature;
|
178 | }
|
179 | class FingerprintFormatError implements Error {
|
180 | name: string;
|
181 | message: string;
|
182 | constructor(fp: Fingerprint, format: string);
|
183 | }
|
184 |
|
185 | class InvalidAlgorithmError implements Error {
|
186 | name: string;
|
187 | message: string;
|
188 | constructor(algo: string);
|
189 | }
|
190 |
|
191 | class KeyParseError implements Error {
|
192 | name: string;
|
193 | message: string;
|
194 | constructor(name: string, format: string, innerErr: any);
|
195 | }
|
196 |
|
197 | class SignatureParseError implements Error {
|
198 | name: string;
|
199 | message: string;
|
200 | constructor(type: string, format: string, innerErr: any);
|
201 | }
|
202 |
|
203 | class CertificateParseError implements Error {
|
204 | name: string;
|
205 | message: string;
|
206 | constructor(name: string, format: string, innerErr: any);
|
207 | }
|
208 |
|
209 | class KeyEncryptedError implements Error {
|
210 | name: string;
|
211 | message: string;
|
212 | constructor(name: string, format: string);
|
213 | }
|
214 |
|
215 | class Fingerprint {
|
216 | algorithm: string;
|
217 | hash: string;
|
218 | type: string;
|
219 | constructor(opts: any);
|
220 |
|
221 | toString(format?: string): string;
|
222 | matches(other: Fingerprint): boolean;
|
223 | addColons(fp: string): string;
|
224 | base64Strip(fp: string): string;
|
225 | sshBase64Format(alg: string, h: string): string;
|
226 | isFingerprint(obj: string | Buffer, ver: string): boolean;
|
227 |
|
228 | static parse(fp: string, options: any): Fingerprint;
|
229 | }
|
230 |
|
231 | class Identity {
|
232 | cn: string;
|
233 | components: string[];
|
234 | componentLookup: any;
|
235 | type: string;
|
236 | hostname: string;
|
237 | uid: string;
|
238 | email: string;
|
239 | constructor(opts: any);
|
240 |
|
241 | toString(): string;
|
242 |
|
243 | toAsn1(der: Buffer | string, tag: string): void;
|
244 |
|
245 | equals(other: Identity): boolean;
|
246 |
|
247 | static forHost(hostname: string): Identity;
|
248 | static forUser(uid: string): Identity;
|
249 | static forEmail(email: string): Identity;
|
250 | static parseDN(dn: string): Identity;
|
251 | static parseAsn1(dn: Buffer | string, top: string): Identity;
|
252 | static isIdentity(dn: Buffer | string, ver: string): boolean;
|
253 | }
|
254 |
|
255 | class Format {
|
256 | read: (buf: Buffer, options?: any) => Buffer;
|
257 | write: (key: Key, options?: any) => Buffer;
|
258 | }
|
259 |
|
260 | class Formats {
|
261 | auto: Format;
|
262 | pem: Format;
|
263 | pkcs1: Format;
|
264 | pkcs8: Format;
|
265 | rfc4253: Format;
|
266 | ssh: Format;
|
267 | 'ssh-private': Format;
|
268 | openssh: Format;
|
269 | }
|
270 |
|
271 | class Verify {
|
272 | verify(data: string, fmt: string): boolean;
|
273 | }
|
274 |
|
275 | class Key {
|
276 | type: string;
|
277 | parts: string;
|
278 | part: string;
|
279 | comment?: string | undefined;
|
280 | source?: string | undefined;
|
281 | curve?: string | undefined;
|
282 | size: number;
|
283 | constructor(opts: any);
|
284 |
|
285 | static formats: Formats;
|
286 |
|
287 | toBuffer(format: string, options?: any): Buffer;
|
288 | toString(format: string, options?: any): string;
|
289 | hash(algo: string): Buffer;
|
290 | fingerprint(algo: string): Fingerprint;
|
291 | defaultHashAlgorithm(): string;
|
292 | createVerify(algo: string): Verify;
|
293 | createDiffieHellman(): DiffieHellman;
|
294 | createDH(): DiffieHellman;
|
295 |
|
296 | static parse(data: string | Buffer, format: string, options: any): Key;
|
297 |
|
298 | static isKey(obj: string | Buffer, ver: string): boolean;
|
299 | }
|
300 |
|
301 | class PrivateKey {
|
302 | comment?: string | undefined;
|
303 | constructor(opts: any);
|
304 |
|
305 | static formats: Formats;
|
306 |
|
307 | toBuffer(format: string, options: any): Buffer;
|
308 | hash(algo: string): Buffer;
|
309 | toPublic(): Key;
|
310 | derive(newType: string, newSize: number): PrivateKey;
|
311 | createVerify(hashAlgo: string): Key;
|
312 | createSign(hashAlgo: string): Signer;
|
313 |
|
314 | static parse(data: string | Buffer, format: string, options: any): PrivateKey;
|
315 | static isPrivateKey(data: string | Buffer, ver: string): boolean;
|
316 | }
|
317 |
|
318 | class Signature {
|
319 | extras?: Array<{ exts?: { oid: string; critical: boolean; pathLen: number } }>;
|
320 | exts?: Array<{ name: string; critical: boolean; data: Buffer }>;
|
321 | constructor(opts: any);
|
322 | toBuffer(format: string): Buffer;
|
323 | toString(format: string): string;
|
324 |
|
325 | static parse(data: string | Buffer, type: string, format: string): Signature;
|
326 |
|
327 | static isSignature(obj: string | Buffer, ver: string): boolean;
|
328 | }
|
329 |
|
330 | class SSHPart {
|
331 | data: Buffer;
|
332 | }
|
333 |
|
334 | class SSHBuffer {
|
335 | constructor(opts: any);
|
336 | toBuffer(): Buffer;
|
337 | atEnd(): boolean;
|
338 | remainder(): Buffer;
|
339 | skip(n: number): void;
|
340 | expand(): void;
|
341 | readPart(): SSHPart;
|
342 | readBuffer(): Buffer;
|
343 | readString(): string;
|
344 | readInt(): number;
|
345 | readInt64(): Buffer;
|
346 | readChar(): string;
|
347 | writeBuffer(buf: Buffer): void;
|
348 | writeString(buf: string): void;
|
349 | writeCString(buf: string): void;
|
350 | writeInt(buf: number): void;
|
351 | writeInt64(buf: Buffer): void;
|
352 | writeChar(buf: string): void;
|
353 | writePart(buf: SSHPart): void;
|
354 | write(buf: Buffer): void;
|
355 | }
|
356 |
|
357 | function bufferSplit(buf: Buffer, chr: string): Buffer[];
|
358 | function addRSAMissing(key: PrivateKey): void;
|
359 | function calculateDSAPublic(g: Buffer, p: Buffer, x: Buffer): Buffer;
|
360 | function mpNormalize(buf: Buffer): Buffer;
|
361 | function ecNormalize(buf: Buffer, addZero: boolean): Buffer;
|
362 | function countZeros(buf: Buffer): number;
|
363 | function assertCompatible(obj: any, klass: any, needVer: string, name: string): void;
|
364 | function isCompatible(obj: any, klass: any, needVer: string): boolean;
|
365 | class OpenSllKeyDeriv {
|
366 | key: Buffer;
|
367 | iv: Buffer;
|
368 | }
|
369 | function opensslKeyDeriv(cipher: string, salt: string, passphrase: string, count: number): OpenSllKeyDeriv;
|
370 |
|
371 | class OpensshCipherInfo {
|
372 | keySize: number;
|
373 | blockSize: number;
|
374 | opensslName: string;
|
375 | }
|
376 | function opensshCipherInfo(cipber: string): OpensshCipherInfo;
|
377 |
|
378 | function parseKey(data: string | Buffer, format: string, options?: any): Key;
|
379 | function parseFingerprint(fp: string, options?: any): Fingerprint;
|
380 | function parseSignature(data: string | Buffer, type: string, format: string): Signature;
|
381 | function parsePrivateKey(data: string | Buffer, format: string, options?: any): PrivateKey;
|
382 |
|
383 | function parseCertificate(data: string | Buffer, format: string, options?: any): Certificate;
|
384 | function createSelfSignedCertificate(
|
385 | subjectOrSubjects: Identity | Identity[],
|
386 | key: Key,
|
387 | options?: { validFrom?: Date; validUntil?: Date; lifetime?: number; serial?: Buffer; purposes?: string[] },
|
388 | ): Certificate;
|
389 | function createCertificate(
|
390 | subjectOrSubjects: Identity | Identity[],
|
391 | key: Key,
|
392 | issuer: Identity,
|
393 | issuerKey: PrivateKey,
|
394 | options?: { validFrom?: Date; validUntil?: Date; lifetime?: number; serial?: Buffer; purposes?: string[] },
|
395 | ): Certificate;
|
396 |
|
397 | function identityFromDN(dn: string): Identity;
|
398 | function identityForHost(hostname: string): Identity;
|
399 | function identityForUser(uid: string): Identity;
|
400 | function identityForEmail(email: string): Identity;
|
401 | }
|
402 |
|
403 | export = SshPK;
|