UNPKG

25.7 kBTypeScriptView Raw
1// Type definitions for sshpk 1.17
2// Project: https://github.com/joyent/node-sshpk
3// Definitions by: Meno Abels <https://github.com/mabels>
4// Alexander Lavallee <https://github.com/lavalleeale>
5// Lukáš Cezner <https://github.com/coalzombik>
6// Definitions: https://github.com/DefinitelyTyped/DefinitelyTyped
7
8/// <reference types="node" />
9
10import { BerWriter, BerReader } from 'asn1';
11import crypto = require('crypto');
12import { Writable } from 'stream';
13
14declare class SshPK {}
15
16declare namespace SshPK {
17 // == algs.js == //
18
19 type AlgorithmType = 'dsa' | 'rsa' | 'ecdsa' | 'ed25519';
20 type AlgorithmTypeWithCurve = AlgorithmType | 'curve25519';
21 type ShaHashType = 'sha1' | 'sha256' | 'sha384' | 'sha512';
22 type AlgorithmHashType = 'md5' | ShaHashType;
23 type CurveType = 'nistp256' | 'nistp384' | 'nistp521';
24 type AlgorithmPart = 'p' | 'q' | 'g' | 'y' | 'x' | 'n' | 'e' | 'd' | 'iqmp' | 'curve' | 'Q' | 'A' | 'k';
25 type KeyType = 'public' | 'private';
26
27 class Algo {
28 parts: string[];
29 sizePart?: string | undefined;
30 normalize?: boolean | undefined;
31 }
32
33 class algInfo {
34 dsa: Algo;
35 rsa: Algo;
36 ecdsa: Algo;
37 ed25519: Algo;
38 curve25519: Algo;
39 }
40
41 class algPrivInfo {
42 dsa: Algo;
43 rsa: Algo;
44 ecdsa: Algo;
45 ed25519: Algo;
46 curve25519: Algo;
47 }
48
49 class hashAlgs {
50 md5: boolean;
51 sha1: boolean;
52 sha256: boolean;
53 sha384: boolean;
54 sha512: boolean;
55 }
56
57 class Curve {
58 size: number;
59 pkcs8oid: string;
60 p: Buffer;
61 a: Buffer;
62 b: Buffer;
63 s: Buffer;
64 n: Buffer;
65 G: Buffer;
66 }
67
68 class curves {
69 nistp256: Curve;
70 nistp384: Curve;
71 nistp512: Curve;
72 }
73
74 class algs {
75 info: algInfo;
76 privInfo: algPrivInfo;
77 hashAlgs: hashAlgs;
78 curves: curves;
79 }
80
81 // == certificate.js == //
82
83 interface CertificateOptions {
84 subjects: Identity[];
85 subjectKey: Key;
86 issuer: Identity;
87 issuerKey?: Key;
88
89 signatures: { x509: Signature; openssh: Signature };
90 serial: Buffer;
91 validFrom: Date;
92 validUntil: Date;
93
94 purposes?: string[];
95 }
96
97 interface CertificateCreateOptions {
98 lifetime?: number;
99 validFrom?: Date;
100 validUntil?: Date;
101 serial?: Buffer;
102 purposes?: string[];
103 ca?: boolean;
104 }
105
106 type CertificateFormat = 'openssh' | 'pem' | 'x509';
107
108 class Certificate {
109 subjects: Identity[];
110 issuer: Identity;
111 subjectKey: Key;
112 issuerKey?: Key;
113 signatures: { x509?: Format.x509Signature; openssh?: Format.OpenSshSignature };
114 serial: Buffer;
115 validFrom: Date;
116 validUntil: Date;
117 purposes?: string[];
118
119 static formats: { [key in CertificateFormat]: Format };
120
121 constructor(opts: CertificateOptions);
122
123 toBuffer(format: CertificateFormat, options?: Format.WriteOptions): Buffer;
124
125 toString(format: CertificateFormat, options?: Format.WriteOptions): string;
126
127 fingerprint(algo?: AlgorithmHashType): Fingerprint;
128
129 hash(algo: AlgorithmHashType): string;
130
131 isExpired(when?: Date): boolean;
132
133 isSignedBy(issuerCert: Certificate): boolean;
134
135 getExtension(keyOrOid: string): Format.OpenSshSignatureExt | Format.x509SignatureExt | undefined;
136
137 getExtensions(): Array<Format.OpenSshSignatureExt | Format.x509SignatureExt>;
138
139 isSignedByKey(issuerKey: Key): boolean;
140
141 signWith(key: PrivateKey): void;
142
143 static createSelfSigned(
144 subjectOrSubjects: Identity | Identity[],
145 key: PrivateKey,
146 options?: CertificateCreateOptions,
147 ): Certificate;
148
149 static create(
150 subjectOrSubjects: Identity | Identity[],
151 key: Key | PrivateKey,
152 issuer: Identity,
153 issuerKey: PrivateKey,
154 options?: CertificateCreateOptions,
155 ): Certificate;
156
157 static parse(data: string | Buffer, format: CertificateFormat, options?: string | KeyParseOptions): Certificate;
158
159 static isCertificate(data: string | Buffer, ver: Version): boolean;
160 }
161
162 function parseCertificate(
163 data: string | Buffer,
164 format: CertificateFormat,
165 options?: string | KeyParseOptions,
166 ): Certificate;
167
168 function createSelfSignedCertificate(
169 subjectOrSubjects: Identity | Identity[],
170 key: PrivateKey,
171 options?: CertificateCreateOptions,
172 ): Certificate;
173
174 function createCertificate(
175 subjectOrSubjects: Identity | Identity[],
176 key: Key | PrivateKey,
177 issuer: Identity,
178 issuerKey: PrivateKey,
179 options?: CertificateCreateOptions,
180 ): Certificate;
181
182 // == dhe.js == //
183
184 class DiffieHellman {
185 private constructor(key: Key | PrivateKey);
186
187 getPublicKey(): Key;
188 getPrivateKey(): PrivateKey | undefined;
189 getKey(): PrivateKey | undefined;
190 setKey(key: PrivateKey): void;
191 setPrivateKey(key: PrivateKey): void;
192
193 computeSecret(otherpk: Key): Buffer;
194
195 generateKey(): PrivateKey;
196 generateKeys(): PrivateKey;
197 }
198
199 // == ed-compat.js == //
200
201 class Verifier extends Writable {
202 constructor(key: Key, hashAlgo: 'sha512');
203
204 update(chunk: string | Buffer): void;
205
206 verify(signature: Signature): boolean;
207 }
208
209 class Signer extends Writable {
210 private constructor();
211
212 update(data: crypto.BinaryLike): this;
213 update(data: string, input_encoding: crypto.Encoding): this;
214
215 sign(private_key: crypto.KeyLike | crypto.SignKeyObjectInput | crypto.SignPrivateKeyInput): Buffer;
216 sign(
217 private_key: crypto.KeyLike | crypto.SignKeyObjectInput | crypto.SignPrivateKeyInput,
218 output_format: crypto.BinaryToTextEncoding,
219 ): string;
220 sign(): Signature;
221 }
222
223 // == errors.js == //
224
225 class FingerprintFormatError implements Error {
226 name: string;
227 message: string;
228 fingerprint?: Fingerprint;
229 format?: string;
230
231 constructor(fp?: Fingerprint, format?: string);
232 }
233
234 class InvalidAlgorithmError implements Error {
235 name: string;
236 message: string;
237 algorithm: string;
238
239 constructor(algo: string);
240 }
241
242 class KeyParseError implements Error {
243 name: string;
244 message: string;
245 format: string;
246 keyName: string;
247 innerErr: Error;
248
249 constructor(name: string, format: string, innerErr: Error);
250 }
251
252 class SignatureParseError implements Error {
253 name: string;
254 message: string;
255 type: string;
256 format: string;
257 innerErr: Error;
258
259 constructor(type: string, format: string, innerErr: Error);
260 }
261
262 class KeyEncryptedError implements Error {
263 name: string;
264 message: string;
265 format: string;
266 keyName: string;
267
268 constructor(name: string, format: string);
269 }
270
271 class CertificateParseError implements Error {
272 name: string;
273 message: string;
274 format: string;
275 certName: string;
276 innerErr: Error;
277
278 constructor(name: string, format: string, innerErr: Error);
279 }
280
281 // == fingerprint.js == //
282
283 type FingerprintType = 'key' | 'certificate';
284 type FingerprintHashType = 'ssh' | 'spki';
285
286 interface FingerprintOptions {
287 type: FingerprintType;
288 hash: Buffer;
289 algorithm: AlgorithmHashType;
290 hashType?: FingerprintHashType;
291 }
292
293 interface FingerprintParseOptions {
294 enAlgs?: string[];
295 algotirhms?: string[];
296 type?: FingerprintType;
297 hashType?: FingerprintHashType;
298 }
299
300 class Fingerprint {
301 algorithm: AlgorithmHashType;
302 hash: Buffer;
303 type: FingerprintType;
304 constructor(opts: FingerprintOptions);
305
306 toString(format?: 'hex' | 'base64'): string;
307 matches(other: Key | PrivateKey | Certificate): boolean;
308
309 static parse(fp: string, options?: string[] | FingerprintParseOptions): Fingerprint;
310
311 static isFingerprint(obj: any, ver: Version): boolean;
312 }
313
314 function parseFingerprint(fp: string, options?: string[] | FingerprintParseOptions): Fingerprint;
315
316 // == formats/*.js == //
317
318 interface Format {
319 read(buf: string | Buffer, options?: Format.ReadOptions): Key | Certificate;
320 write(keyOrCert: Key | PrivateKey | Certificate, options?: Format.WriteOptions): Buffer;
321 }
322
323 namespace Format {
324 interface ReadOptions {
325 passphrase?: string | Buffer;
326 cipher?: SshPrivateCipher;
327 }
328
329 interface WriteOptions extends ReadOptions {
330 hashAlgo?: 'sha1' | 'sha256' | 'sha512';
331 comment?: string;
332 }
333
334 interface Auto extends Format {
335 read(buf: string | Buffer, options?: ReadOptions): Key;
336 write(key: Key): Buffer;
337 }
338
339 interface DnsSec extends Format {
340 read(buf: string | Buffer): Key;
341 write(key: PrivateKey, options?: { hashAlgo?: 'sha1' | 'sha256' | 'sha512' }): Buffer;
342 }
343
344 interface OpenSshSignatureExt {
345 critical: boolean;
346 name: string;
347 data: Buffer;
348 }
349
350 interface OpenSshSignature {
351 nonce: Buffer;
352 keyId: string;
353 exts: OpenSshSignatureExt[];
354 signature: Signature;
355 }
356
357 interface OpenSshCert extends Format {
358 read(buf: string | Buffer): Certificate;
359 verify(): false;
360 sign(cert: Certificate, key: PrivateKey): boolean;
361 signAsync(
362 cert: Certificate,
363 signer: (blob: Buffer, done: (err: Error | undefined, signature: Signature) => void) => void,
364 done: (err?: Error) => void,
365 ): void;
366 write(cert: Certificate, options?: { comment?: string }): Buffer;
367 }
368
369 interface Pem extends Format {
370 read(buf: string | Buffer, options?: ReadOptions, forceType?: 'pkcs1' | 'pkcs8'): Key;
371 write(key: Key, options?: any, type?: 'pkcs1' | 'pkcs8'): Buffer;
372 }
373
374 interface Pkcs1 extends Format {
375 read(buf: string | Buffer, options?: ReadOptions): Key;
376 readPkcs1(alg: 'RSA' | 'DSA' | 'EC' | 'ECDSA', type: 'public', der: BerReader): Key;
377 readPkcs1(
378 alg: 'RSA' | 'DSA' | 'EC' | 'ECDSA' | 'EDDSA' | 'EdDSA',
379 type: 'private',
380 der: BerReader,
381 ): PrivateKey;
382 write(key: Key): Buffer;
383 writePkcs1(der: BerWriter, key: Key): void;
384 }
385
386 interface Pkcs8 extends Format {
387 read(buf: string | Buffer, options?: ReadOptions): Key;
388 readPkcs8(alg: any, type: KeyType, der: BerReader): Key;
389 write(key: Key): Buffer;
390 writePkcs8(der: BerWriter, key: Key): void;
391 pkcs8ToBuffer(key: Key): Buffer;
392
393 readECDSACurve(der: BerReader): CurveType;
394 writeECDSACurve(key: Key, der: BerWriter): void;
395 }
396
397 interface Putty extends Format {
398 read(buf: string | Buffer): Key;
399 write(key: Key): Buffer;
400 }
401
402 type Rfc4253Algorithm =
403 | 'ssh-dss'
404 | 'ssh-rsa'
405 | 'ssh-ed25519'
406 | 'ssh-curve25519'
407 | 'ecdsa-sha2-nistp256'
408 | 'ecdsa-sha2-nistp384'
409 | 'ecdsa-sha2-nistp521';
410
411 interface Rfc4253 extends Format {
412 read(buf: string | Buffer): Key;
413 readType(type: KeyType | undefined, buf: string | Buffer): Key;
414 write(key: Key): Buffer;
415 /* semi-private api, used by sshpk-agent */
416 readPartial(type: KeyType | undefined, buf: string | Buffer): Key;
417
418 /* shared with ssh format */
419 readInternal(partial: boolean, type: KeyType | undefined, buf: string | Buffer): Key;
420 keyTypeToAlg(key: Key): Rfc4253Algorithm;
421 algToKeyType(alg: Rfc4253Algorithm): AlgorithmTypeWithCurve;
422 }
423
424 type SshPrivateCipher =
425 | '3des-cbc'
426 | 'blowfish-cbc'
427 | 'aes128-cbc'
428 | 'aes128-ctr'
429 | 'aes128-gcm@openssh.com'
430 | 'aes192-cbc'
431 | 'aes192-ctr'
432 | 'aes192-gcm@openssh.com'
433 | 'aes256-cbc'
434 | 'aes256-ctr'
435 | 'aes256-gcm@openssh.com';
436
437 interface SshPrivate extends Format {
438 read(buf: string | Buffer, options?: ReadOptions, forceType?: 'pkcs1' | 'pkcs8'): Key;
439 readSSHPrivate(type: KeyType, buf: Buffer, options: { passphrase: string | Buffer }): Key;
440 write(key: Key, options?: ReadOptions): Buffer;
441 }
442
443 interface Ssh extends Format {
444 read(buf: string | Buffer): Key;
445 write(key: Key): Buffer;
446 }
447
448 interface x509Pem extends Format {
449 read(buf: string | Buffer): Certificate;
450 verify(cert: Certificate, key: Key): boolean;
451 sign(cert: Certificate, key: PrivateKey): boolean;
452 write(cert: Certificate): Buffer;
453 }
454
455 type x509SignAlgorithm =
456 | 'rsa-md5'
457 | 'rsa-sha1'
458 | 'rsa-sha256'
459 | 'rsa-sha384'
460 | 'rsa-sha512'
461 | 'dsa-sha1'
462 | 'dsa-sha256'
463 | 'ecdsa-sha1'
464 | 'ecdsa-sha256'
465 | 'ecdsa-sha384'
466 | 'ecdsa-sha512'
467 | 'ed25519-sha512';
468
469 type x509ExtsOid = '2.5.29.35' | '2.5.29.17' | '2.5.29.19' | '2.5.29.15' | '2.5.29.37';
470
471 interface x509SignatureExt {
472 oid: x509ExtsOid;
473 critical: boolean;
474 pathLen?: number;
475 bits?: string;
476 data?: string;
477 }
478
479 interface x509Signature {
480 signature: Signature;
481 algo: x509SignAlgorithm;
482 extras: { issuerUniqueID: Buffer; subjectUniqueID: Buffer; exts: x509SignatureExt[] };
483 cache: Buffer;
484 }
485
486 interface x509 extends Format {
487 read(buf: string | Buffer): Certificate;
488 verify(cert: Certificate, key: Key): boolean;
489 sign(cert: Certificate, key: PrivateKey): boolean;
490 signAsync(
491 cert: Certificate,
492 signer: (blob: Buffer, done: (err: Error | undefined, signature: Signature) => void) => void,
493 done: (err?: Error) => void,
494 ): void;
495 write(cert: Certificate): Buffer;
496 }
497 }
498
499 // == identity.js == //
500
501 type IndentityOidName =
502 | 'cn'
503 | 'o'
504 | 'ou'
505 | 'l'
506 | 's'
507 | 'c'
508 | 'sn'
509 | 'postalCode'
510 | 'serialNumber'
511 | 'street'
512 | 'x500UniqueIdentifier'
513 | 'role'
514 | 'telephoneNumber'
515 | 'description'
516 | 'dc'
517 | 'uid'
518 | 'mail'
519 | 'title'
520 | 'gn'
521 | 'initials'
522 | 'pseudonym'
523 | 'emailAddress';
524
525 type IdentityOidValue =
526 | '2.5.4.3'
527 | '2.5.4.10'
528 | '2.5.4.11'
529 | '2.5.4.7'
530 | '2.5.4.8'
531 | '2.5.4.6'
532 | '2.5.4.4'
533 | '2.5.4.17'
534 | '2.5.4.5'
535 | '2.5.4.9'
536 | '2.5.4.45'
537 | '2.5.4.72'
538 | '2.5.4.20'
539 | '2.5.4.13'
540 | '0.9.2342.19200300.100.1.25'
541 | '0.9.2342.19200300.100.1.1'
542 | '0.9.2342.19200300.100.1.3'
543 | '2.5.4.12'
544 | '2.5.4.42'
545 | '2.5.4.43'
546 | '2.5.4.65'
547 | '1.2.840.113549.1.9.1';
548
549 type IdentityType = 'host' | 'user' | 'email';
550 type IdentityTypeWithUnknown = IdentityType | 'unknown';
551
552 interface IdentityComponent {
553 name?: IndentityOidName;
554 oid?: IdentityOidValue;
555 asn1type?: number;
556 value: Buffer | string;
557 }
558
559 interface IdentityNameComponent {
560 name: IndentityOidName;
561 value: Buffer | string;
562 }
563
564 class Identity {
565 components: IdentityComponent[];
566 componentLookup: { [key in IndentityOidName]: IdentityComponent[] };
567 type: IdentityTypeWithUnknown;
568
569 cn?: string;
570 hostname?: string;
571 uid?: string;
572 email?: string;
573
574 constructor(opts: {
575 components: IdentityComponent[];
576 type?: IdentityType;
577 hostname?: string;
578 uid?: string;
579 email?: string;
580 });
581
582 toString(): string;
583
584 get(name: IndentityOidName, asArray?: false): string;
585 get(name: IndentityOidName, asArray: true): string[];
586
587 toArray(): IdentityNameComponent[];
588
589 toAsn1(der: BerWriter, tag?: number): void;
590
591 equals(other: Identity): boolean;
592
593 static forHost(hostname: string): Identity;
594 static forUser(uid: string): Identity;
595 static forEmail(email: string): Identity;
596 static parseDN(dn: string): Identity;
597 static fromArray(components: IdentityNameComponent[]): Identity;
598 static parseAsn1(dn: BerReader, top?: number): Identity;
599
600 static isIdentity(obj: any, ver: Version): boolean;
601 }
602
603 function identityFromDN(dn: string): Identity;
604 function identityForHost(hostname: string): Identity;
605 function identityForUser(uid: string): Identity;
606 function identityForEmail(email: string): Identity;
607 function identityFromArray(components: IdentityNameComponent[]): Identity;
608
609 // == key.js == //
610
611 type KeyFormatType =
612 | 'auto'
613 | 'pem'
614 | 'pkcs1'
615 | 'pkcs8'
616 | 'rfc4253'
617 | 'ssh'
618 | 'ssh-private'
619 | 'openssh'
620 | 'dnssec'
621 | 'putty'
622 | 'ppk';
623
624 interface KeyPart {
625 name: AlgorithmPart;
626 data: Buffer;
627 }
628
629 interface KeyOptions {
630 parts: KeyPart[];
631 type: AlgorithmTypeWithCurve;
632 comment?: string;
633 source?: string;
634 }
635
636 interface KeyParseOptions extends Format.ReadOptions {
637 filename?: string;
638 }
639
640 /** extends crypto.Verify but override 'verify' function */
641 interface Verify {
642 update(data: crypto.BinaryLike): Verify;
643 update(data: string, input_encoding: crypto.Encoding): Verify;
644
645 verify(signature: Signature): boolean;
646 verify(signature: string | Buffer, fmt?: crypto.BinaryToTextEncoding): boolean;
647 }
648
649 class Key {
650 type: AlgorithmTypeWithCurve;
651 parts: KeyPart[];
652 part: { [key in AlgorithmType]: KeyPart };
653 comment?: string;
654 source?: string;
655 curve?: string;
656 size: number;
657 constructor(opts: KeyOptions);
658
659 static formats: { [key in KeyFormatType]: Format };
660
661 toBuffer(format: KeyFormatType, options?: Format.WriteOptions): Buffer;
662 toString(format: KeyFormatType, options?: Format.WriteOptions): string;
663 hash(algo: AlgorithmHashType, type?: FingerprintHashType): Buffer;
664 fingerprint(algo?: AlgorithmHashType, type?: FingerprintHashType): Fingerprint;
665 defaultHashAlgorithm(): ShaHashType;
666 createVerify(algo?: AlgorithmHashType): Verify;
667 createDiffieHellman(): DiffieHellman;
668 createDH(): DiffieHellman;
669
670 static parse(data: string | Buffer, format?: KeyFormatType, options?: string | KeyParseOptions): Key;
671
672 static isKey(obj: any, ver: Version): boolean;
673 }
674
675 function parseKey(
676 data: string | Buffer,
677 format?: KeyFormatType,
678 options?: string | (Format.ReadOptions & { filename?: string }),
679 ): Key;
680
681 // == private-key.js == //
682
683 type PrivateKeyFormatType =
684 | 'auto'
685 | 'pem'
686 | 'pkcs1'
687 | 'pkcs8'
688 | 'rfc4253'
689 | 'ssh'
690 | 'ssh-private'
691 | 'openssh'
692 | 'dnssec';
693
694 class PrivateKey {
695 type: AlgorithmTypeWithCurve;
696 parts: KeyPart[];
697 part: { [key in AlgorithmType]: KeyPart };
698 comment?: string;
699 source?: string;
700 curve?: string;
701 size: number;
702 constructor(opts: KeyOptions);
703
704 toBuffer(format: PrivateKeyFormatType, options?: Format.WriteOptions): Buffer;
705 toString(format: PrivateKeyFormatType, options?: Format.WriteOptions): string;
706 hash(algo: AlgorithmHashType, type?: FingerprintHashType): Buffer;
707 fingerprint(algo?: AlgorithmHashType, type?: FingerprintHashType): Fingerprint;
708 defaultHashAlgorithm(): ShaHashType;
709 toPublic(): Key;
710 derive(newType: 'ed25519' | 'curve25519'): PrivateKey;
711 createVerify(algo?: AlgorithmHashType): Verify;
712 createSign(hashAlgo: AlgorithmType): Signer;
713 createDiffieHellman(): DiffieHellman;
714 createDH(): DiffieHellman;
715
716 static parse(
717 data: string | Buffer,
718 format?: PrivateKeyFormatType,
719 options?: string | KeyParseOptions,
720 ): PrivateKey;
721
722 static isPrivateKey(data: any, ver: Version): boolean;
723
724 static generate(type: 'ecdsa', options?: { curve?: CurveType }): PrivateKey;
725 static generate(type: 'ed25519'): PrivateKey;
726 }
727
728 namespace PrivateKey {
729 let formats: { [key in PrivateKeyFormatType]: Format };
730 }
731
732 function parsePrivateKey(
733 data: string | Buffer,
734 format?: PrivateKeyFormatType,
735 options?: string | KeyParseOptions,
736 ): PrivateKey;
737
738 function generatePrivateKey(type: 'ecdsa', options?: { curve?: CurveType }): PrivateKey;
739 function generatePrivateKey(type: 'ed25519'): PrivateKey;
740
741 // == signature.js == //
742
743 type SignatureFormatType = 'asn1' | 'ssh' | 'raw';
744 type SignaturePartType = 'r' | 's' | 'sig';
745
746 interface SignaturePart {
747 name: SignaturePartType;
748 data: Buffer;
749 }
750
751 interface SignatureOptions {
752 type: AlgorithmType;
753 hashAlgo?: AlgorithmHashType;
754 curve?: CurveType;
755 parts: SignaturePart[];
756 }
757
758 class Signature {
759 type: AlgorithmType;
760 hashAlgorithm?: AlgorithmHashType;
761 curve?: CurveType;
762 parts: SignaturePart[];
763 part: { [key in SignaturePartType]: SignaturePart };
764
765 constructor(opts: SignatureOptions);
766 toBuffer(format?: SignatureFormatType): Buffer;
767 toString(format?: SignatureFormatType): string;
768
769 static parse(data: string | Buffer, type: AlgorithmType, format: SignatureFormatType): Signature;
770
771 static isSignature(obj: any, ver: Version): boolean;
772 }
773
774 function parseSignature(data: string | Buffer, type: AlgorithmType, format: SignatureFormatType): Signature;
775
776 // == ssh-buffer.js == //
777
778 class SSHPart {
779 data: Buffer;
780 }
781
782 class SSHBuffer {
783 constructor(opts: { buffer?: Buffer });
784
785 toBuffer(): Buffer;
786 atEnd(): boolean;
787 remainder(): Buffer;
788 skip(n: number): void;
789 expand(): void;
790 readPart(): SSHPart;
791 readBuffer(): Buffer;
792 readString(): string;
793 readCString(): string;
794 readInt(): number;
795 readInt64(): Buffer;
796 readChar(): string;
797 writeBuffer(buf: Buffer): void;
798 writeString(buf: string): void;
799 writeCString(buf: string): void;
800 writeInt(buf: number): void;
801 writeInt64(buf: Buffer): void;
802 writeChar(buf: string): void;
803 writePart(buf: SSHPart): void;
804 write(buf: Buffer): void;
805 }
806
807 // == utils.js == //
808
809 type Version = [number, number];
810
811 function bufferSplit(buf: Buffer, chr: string): Buffer[];
812
813 function addRSAMissing(key: PrivateKey): void;
814
815 function calculateDSAPublic(g: Buffer, p: Buffer, x: Buffer): Buffer;
816
817 function calculateED25519Public(k: Buffer): Buffer;
818
819 function calculateX25519Public(k: Buffer): Buffer;
820
821 function mpNormalize(buf: Buffer): Buffer;
822
823 function mpDenormalize(buf: Buffer): Buffer;
824
825 function ecNormalize(buf: Buffer, addZero?: boolean): Buffer;
826
827 function countZeros(buf: Buffer): number;
828
829 function assertCompatible(obj: object, klass: any, needVer: Version, name?: string): void;
830
831 function isCompatible(obj: object, klass: any, needVer: Version): boolean;
832
833 interface OpenSslKeyDeriv {
834 key: Buffer;
835 iv: Buffer;
836 }
837
838 function opensslKeyDeriv(
839 cipher: 'des-ede3-cbc' | 'aes-128-cbc' | 'aes-256-cbc',
840 salt: Buffer,
841 passphrase: Buffer,
842 count: number,
843 ): OpenSslKeyDeriv;
844
845 type OpenSshCipherName =
846 | 'des-ede3-cbc'
847 | 'bf-cbc'
848 | 'aes-128-cbc'
849 | 'aes-128-ctr'
850 | 'aes-128-gcm'
851 | 'aes-192-cbc'
852 | 'aes-192-ctr'
853 | 'aes-192-gcm'
854 | 'aes-256-cbc'
855 | 'aes-256-ctr'
856 | 'aes-256-gcm';
857
858 class OpenSshCipherInfo {
859 keySize: number;
860 blockSize: number;
861 opensslName: OpenSshCipherName;
862 }
863
864 function opensshCipherInfo(cipter: Format.SshPrivateCipher): OpenSshCipherInfo;
865
866 function publicFromPrivateECDSA(curveName: CurveType, priv: Buffer): Key;
867
868 function zeroPadToLength(buf: Buffer, len: number): Buffer;
869
870 function writeBitString(der: BerWriter, buf: Buffer, tag?: number): void;
871
872 function readBitString(der: BerReader, tag?: number): Buffer;
873
874 function pbkdf2(
875 hashAlg: string,
876 salt: Buffer,
877 iterations: number,
878 size: number,
879 passphrase: crypto.BinaryLike,
880 ): Buffer;
881}
882
883export = SshPK;