UNPKG

25.3 kBTypeScriptView Raw
1/// <reference types="node" />
2
3import { BerReader, BerWriter } from "asn1";
4import crypto = require("crypto");
5import { Writable } from "stream";
6
7declare class SshPK {}
8
9declare namespace SshPK {
10 // == algs.js == //
11
12 type AlgorithmType = "dsa" | "rsa" | "ecdsa" | "ed25519";
13 type AlgorithmTypeWithCurve = AlgorithmType | "curve25519";
14 type ShaHashType = "sha1" | "sha256" | "sha384" | "sha512";
15 type AlgorithmHashType = "md5" | ShaHashType;
16 type CurveType = "nistp256" | "nistp384" | "nistp521";
17 type AlgorithmPart = "p" | "q" | "g" | "y" | "x" | "n" | "e" | "d" | "iqmp" | "curve" | "Q" | "A" | "k";
18 type KeyType = "public" | "private";
19
20 class Algo {
21 parts: string[];
22 sizePart?: string | undefined;
23 normalize?: boolean | undefined;
24 }
25
26 class algInfo {
27 dsa: Algo;
28 rsa: Algo;
29 ecdsa: Algo;
30 ed25519: Algo;
31 curve25519: Algo;
32 }
33
34 class algPrivInfo {
35 dsa: Algo;
36 rsa: Algo;
37 ecdsa: Algo;
38 ed25519: Algo;
39 curve25519: Algo;
40 }
41
42 class hashAlgs {
43 md5: boolean;
44 sha1: boolean;
45 sha256: boolean;
46 sha384: boolean;
47 sha512: boolean;
48 }
49
50 class Curve {
51 size: number;
52 pkcs8oid: string;
53 p: Buffer;
54 a: Buffer;
55 b: Buffer;
56 s: Buffer;
57 n: Buffer;
58 G: Buffer;
59 }
60
61 class curves {
62 nistp256: Curve;
63 nistp384: Curve;
64 nistp512: Curve;
65 }
66
67 class algs {
68 info: algInfo;
69 privInfo: algPrivInfo;
70 hashAlgs: hashAlgs;
71 curves: curves;
72 }
73
74 // == certificate.js == //
75
76 interface CertificateOptions {
77 subjects: Identity[];
78 subjectKey: Key;
79 issuer: Identity;
80 issuerKey?: Key;
81
82 signatures: { x509: Signature; openssh: Signature };
83 serial: Buffer;
84 validFrom: Date;
85 validUntil: Date;
86
87 purposes?: string[];
88 }
89
90 interface CertificateCreateOptions {
91 lifetime?: number;
92 validFrom?: Date;
93 validUntil?: Date;
94 serial?: Buffer;
95 purposes?: string[];
96 ca?: boolean;
97 }
98
99 type CertificateFormat = "openssh" | "pem" | "x509";
100
101 class Certificate {
102 subjects: Identity[];
103 issuer: Identity;
104 subjectKey: Key;
105 issuerKey?: Key;
106 signatures: { x509?: Format.x509Signature; openssh?: Format.OpenSshSignature };
107 serial: Buffer;
108 validFrom: Date;
109 validUntil: Date;
110 purposes?: string[];
111
112 static formats: { [key in CertificateFormat]: Format };
113
114 constructor(opts: CertificateOptions);
115
116 toBuffer(format: CertificateFormat, options?: Format.WriteOptions): Buffer;
117
118 toString(format: CertificateFormat, options?: Format.WriteOptions): string;
119
120 fingerprint(algo?: AlgorithmHashType): Fingerprint;
121
122 hash(algo: AlgorithmHashType): string;
123
124 isExpired(when?: Date): boolean;
125
126 isSignedBy(issuerCert: Certificate): boolean;
127
128 getExtension(keyOrOid: string): Format.OpenSshSignatureExt | Format.x509SignatureExt | undefined;
129
130 getExtensions(): Array<Format.OpenSshSignatureExt | Format.x509SignatureExt>;
131
132 isSignedByKey(issuerKey: Key): boolean;
133
134 signWith(key: PrivateKey): void;
135
136 static createSelfSigned(
137 subjectOrSubjects: Identity | Identity[],
138 key: PrivateKey,
139 options?: CertificateCreateOptions,
140 ): Certificate;
141
142 static create(
143 subjectOrSubjects: Identity | Identity[],
144 key: Key | PrivateKey,
145 issuer: Identity,
146 issuerKey: PrivateKey,
147 options?: CertificateCreateOptions,
148 ): Certificate;
149
150 static parse(data: string | Buffer, format: CertificateFormat, options?: string | KeyParseOptions): Certificate;
151
152 static isCertificate(data: string | Buffer, ver: Version): boolean;
153 }
154
155 function parseCertificate(
156 data: string | Buffer,
157 format: CertificateFormat,
158 options?: string | KeyParseOptions,
159 ): Certificate;
160
161 function createSelfSignedCertificate(
162 subjectOrSubjects: Identity | Identity[],
163 key: PrivateKey,
164 options?: CertificateCreateOptions,
165 ): Certificate;
166
167 function createCertificate(
168 subjectOrSubjects: Identity | Identity[],
169 key: Key | PrivateKey,
170 issuer: Identity,
171 issuerKey: PrivateKey,
172 options?: CertificateCreateOptions,
173 ): Certificate;
174
175 // == dhe.js == //
176
177 class DiffieHellman {
178 private constructor(key: Key | PrivateKey);
179
180 getPublicKey(): Key;
181 getPrivateKey(): PrivateKey | undefined;
182 getKey(): PrivateKey | undefined;
183 setKey(key: PrivateKey): void;
184 setPrivateKey(key: PrivateKey): void;
185
186 computeSecret(otherpk: Key): Buffer;
187
188 generateKey(): PrivateKey;
189 generateKeys(): PrivateKey;
190 }
191
192 // == ed-compat.js == //
193
194 class Verifier extends Writable {
195 constructor(key: Key, hashAlgo: "sha512");
196
197 update(chunk: string | Buffer): void;
198
199 verify(signature: Signature): boolean;
200 }
201
202 class Signer extends Writable {
203 private constructor();
204
205 update(data: crypto.BinaryLike): this;
206 update(data: string, input_encoding: crypto.Encoding): this;
207
208 sign(private_key: crypto.KeyLike | crypto.SignKeyObjectInput | crypto.SignPrivateKeyInput): Buffer;
209 sign(
210 private_key: crypto.KeyLike | crypto.SignKeyObjectInput | crypto.SignPrivateKeyInput,
211 output_format: crypto.BinaryToTextEncoding,
212 ): string;
213 sign(): Signature;
214 }
215
216 // == errors.js == //
217
218 class FingerprintFormatError implements Error {
219 name: string;
220 message: string;
221 fingerprint?: Fingerprint;
222 format?: string;
223
224 constructor(fp?: Fingerprint, format?: string);
225 }
226
227 class InvalidAlgorithmError implements Error {
228 name: string;
229 message: string;
230 algorithm: string;
231
232 constructor(algo: string);
233 }
234
235 class KeyParseError implements Error {
236 name: string;
237 message: string;
238 format: string;
239 keyName: string;
240 innerErr: Error;
241
242 constructor(name: string, format: string, innerErr: Error);
243 }
244
245 class SignatureParseError implements Error {
246 name: string;
247 message: string;
248 type: string;
249 format: string;
250 innerErr: Error;
251
252 constructor(type: string, format: string, innerErr: Error);
253 }
254
255 class KeyEncryptedError implements Error {
256 name: string;
257 message: string;
258 format: string;
259 keyName: string;
260
261 constructor(name: string, format: string);
262 }
263
264 class CertificateParseError implements Error {
265 name: string;
266 message: string;
267 format: string;
268 certName: string;
269 innerErr: Error;
270
271 constructor(name: string, format: string, innerErr: Error);
272 }
273
274 // == fingerprint.js == //
275
276 type FingerprintType = "key" | "certificate";
277 type FingerprintHashType = "ssh" | "spki";
278
279 interface FingerprintOptions {
280 type: FingerprintType;
281 hash: Buffer;
282 algorithm: AlgorithmHashType;
283 hashType?: FingerprintHashType;
284 }
285
286 interface FingerprintParseOptions {
287 enAlgs?: string[];
288 algotirhms?: string[];
289 type?: FingerprintType;
290 hashType?: FingerprintHashType;
291 }
292
293 class Fingerprint {
294 algorithm: AlgorithmHashType;
295 hash: Buffer;
296 type: FingerprintType;
297 constructor(opts: FingerprintOptions);
298
299 toString(format?: "hex" | "base64"): string;
300 matches(other: Key | PrivateKey | Certificate): boolean;
301
302 static parse(fp: string, options?: string[] | FingerprintParseOptions): Fingerprint;
303
304 static isFingerprint(obj: any, ver: Version): boolean;
305 }
306
307 function parseFingerprint(fp: string, options?: string[] | FingerprintParseOptions): Fingerprint;
308
309 // == formats/*.js == //
310
311 interface Format {
312 read(buf: string | Buffer, options?: Format.ReadOptions): Key | Certificate;
313 write(keyOrCert: Key | PrivateKey | Certificate, options?: Format.WriteOptions): Buffer;
314 }
315
316 namespace Format {
317 interface ReadOptions {
318 passphrase?: string | Buffer;
319 cipher?: SshPrivateCipher;
320 }
321
322 interface WriteOptions extends ReadOptions {
323 hashAlgo?: "sha1" | "sha256" | "sha512";
324 comment?: string;
325 }
326
327 interface Auto extends Format {
328 read(buf: string | Buffer, options?: ReadOptions): Key;
329 write(key: Key): Buffer;
330 }
331
332 interface DnsSec extends Format {
333 read(buf: string | Buffer): Key;
334 write(key: PrivateKey, options?: { hashAlgo?: "sha1" | "sha256" | "sha512" }): Buffer;
335 }
336
337 interface OpenSshSignatureExt {
338 critical: boolean;
339 name: string;
340 data: Buffer;
341 }
342
343 interface OpenSshSignature {
344 nonce: Buffer;
345 keyId: string;
346 exts: OpenSshSignatureExt[];
347 signature: Signature;
348 }
349
350 interface OpenSshCert extends Format {
351 read(buf: string | Buffer): Certificate;
352 verify(): false;
353 sign(cert: Certificate, key: PrivateKey): boolean;
354 signAsync(
355 cert: Certificate,
356 signer: (blob: Buffer, done: (err: Error | undefined, signature: Signature) => void) => void,
357 done: (err?: Error) => void,
358 ): void;
359 write(cert: Certificate, options?: { comment?: string }): Buffer;
360 }
361
362 interface Pem extends Format {
363 read(buf: string | Buffer, options?: ReadOptions, forceType?: "pkcs1" | "pkcs8"): Key;
364 write(key: Key, options?: any, type?: "pkcs1" | "pkcs8"): Buffer;
365 }
366
367 interface Pkcs1 extends Format {
368 read(buf: string | Buffer, options?: ReadOptions): Key;
369 readPkcs1(alg: "RSA" | "DSA" | "EC" | "ECDSA", type: "public", der: BerReader): Key;
370 readPkcs1(
371 alg: "RSA" | "DSA" | "EC" | "ECDSA" | "EDDSA" | "EdDSA",
372 type: "private",
373 der: BerReader,
374 ): PrivateKey;
375 write(key: Key): Buffer;
376 writePkcs1(der: BerWriter, key: Key): void;
377 }
378
379 interface Pkcs8 extends Format {
380 read(buf: string | Buffer, options?: ReadOptions): Key;
381 readPkcs8(alg: any, type: KeyType, der: BerReader): Key;
382 write(key: Key): Buffer;
383 writePkcs8(der: BerWriter, key: Key): void;
384 pkcs8ToBuffer(key: Key): Buffer;
385
386 readECDSACurve(der: BerReader): CurveType;
387 writeECDSACurve(key: Key, der: BerWriter): void;
388 }
389
390 interface Putty extends Format {
391 read(buf: string | Buffer): Key;
392 write(key: Key): Buffer;
393 }
394
395 type Rfc4253Algorithm =
396 | "ssh-dss"
397 | "ssh-rsa"
398 | "ssh-ed25519"
399 | "ssh-curve25519"
400 | "ecdsa-sha2-nistp256"
401 | "ecdsa-sha2-nistp384"
402 | "ecdsa-sha2-nistp521";
403
404 interface Rfc4253 extends Format {
405 read(buf: string | Buffer): Key;
406 readType(type: KeyType | undefined, buf: string | Buffer): Key;
407 write(key: Key): Buffer;
408 /* semi-private api, used by sshpk-agent */
409 readPartial(type: KeyType | undefined, buf: string | Buffer): Key;
410
411 /* shared with ssh format */
412 readInternal(partial: boolean, type: KeyType | undefined, buf: string | Buffer): Key;
413 keyTypeToAlg(key: Key): Rfc4253Algorithm;
414 algToKeyType(alg: Rfc4253Algorithm): AlgorithmTypeWithCurve;
415 }
416
417 type SshPrivateCipher =
418 | "3des-cbc"
419 | "blowfish-cbc"
420 | "aes128-cbc"
421 | "aes128-ctr"
422 | "aes128-gcm@openssh.com"
423 | "aes192-cbc"
424 | "aes192-ctr"
425 | "aes192-gcm@openssh.com"
426 | "aes256-cbc"
427 | "aes256-ctr"
428 | "aes256-gcm@openssh.com";
429
430 interface SshPrivate extends Format {
431 read(buf: string | Buffer, options?: ReadOptions, forceType?: "pkcs1" | "pkcs8"): Key;
432 readSSHPrivate(type: KeyType, buf: Buffer, options: { passphrase: string | Buffer }): Key;
433 write(key: Key, options?: ReadOptions): Buffer;
434 }
435
436 interface Ssh extends Format {
437 read(buf: string | Buffer): Key;
438 write(key: Key): Buffer;
439 }
440
441 interface x509Pem extends Format {
442 read(buf: string | Buffer): Certificate;
443 verify(cert: Certificate, key: Key): boolean;
444 sign(cert: Certificate, key: PrivateKey): boolean;
445 write(cert: Certificate): Buffer;
446 }
447
448 type x509SignAlgorithm =
449 | "rsa-md5"
450 | "rsa-sha1"
451 | "rsa-sha256"
452 | "rsa-sha384"
453 | "rsa-sha512"
454 | "dsa-sha1"
455 | "dsa-sha256"
456 | "ecdsa-sha1"
457 | "ecdsa-sha256"
458 | "ecdsa-sha384"
459 | "ecdsa-sha512"
460 | "ed25519-sha512";
461
462 type x509ExtsOid = "2.5.29.35" | "2.5.29.17" | "2.5.29.19" | "2.5.29.15" | "2.5.29.37";
463
464 interface x509SignatureExt {
465 oid: x509ExtsOid;
466 critical: boolean;
467 pathLen?: number;
468 bits?: string;
469 data?: string;
470 }
471
472 interface x509Signature {
473 signature: Signature;
474 algo: x509SignAlgorithm;
475 extras: { issuerUniqueID: Buffer; subjectUniqueID: Buffer; exts: x509SignatureExt[] };
476 cache: Buffer;
477 }
478
479 interface x509 extends Format {
480 read(buf: string | Buffer): Certificate;
481 verify(cert: Certificate, key: Key): boolean;
482 sign(cert: Certificate, key: PrivateKey): boolean;
483 signAsync(
484 cert: Certificate,
485 signer: (blob: Buffer, done: (err: Error | undefined, signature: Signature) => void) => void,
486 done: (err?: Error) => void,
487 ): void;
488 write(cert: Certificate): Buffer;
489 }
490 }
491
492 // == identity.js == //
493
494 type IndentityOidName =
495 | "cn"
496 | "o"
497 | "ou"
498 | "l"
499 | "s"
500 | "c"
501 | "sn"
502 | "postalCode"
503 | "serialNumber"
504 | "street"
505 | "x500UniqueIdentifier"
506 | "role"
507 | "telephoneNumber"
508 | "description"
509 | "dc"
510 | "uid"
511 | "mail"
512 | "title"
513 | "gn"
514 | "initials"
515 | "pseudonym"
516 | "emailAddress";
517
518 type IdentityOidValue =
519 | "2.5.4.3"
520 | "2.5.4.10"
521 | "2.5.4.11"
522 | "2.5.4.7"
523 | "2.5.4.8"
524 | "2.5.4.6"
525 | "2.5.4.4"
526 | "2.5.4.17"
527 | "2.5.4.5"
528 | "2.5.4.9"
529 | "2.5.4.45"
530 | "2.5.4.72"
531 | "2.5.4.20"
532 | "2.5.4.13"
533 | "0.9.2342.19200300.100.1.25"
534 | "0.9.2342.19200300.100.1.1"
535 | "0.9.2342.19200300.100.1.3"
536 | "2.5.4.12"
537 | "2.5.4.42"
538 | "2.5.4.43"
539 | "2.5.4.65"
540 | "1.2.840.113549.1.9.1";
541
542 type IdentityType = "host" | "user" | "email";
543 type IdentityTypeWithUnknown = IdentityType | "unknown";
544
545 interface IdentityComponent {
546 name?: IndentityOidName;
547 oid?: IdentityOidValue;
548 asn1type?: number;
549 value: Buffer | string;
550 }
551
552 interface IdentityNameComponent {
553 name: IndentityOidName;
554 value: Buffer | string;
555 }
556
557 class Identity {
558 components: IdentityComponent[];
559 componentLookup: { [key in IndentityOidName]: IdentityComponent[] };
560 type: IdentityTypeWithUnknown;
561
562 cn?: string;
563 hostname?: string;
564 uid?: string;
565 email?: string;
566
567 constructor(opts: {
568 components: IdentityComponent[];
569 type?: IdentityType;
570 hostname?: string;
571 uid?: string;
572 email?: string;
573 });
574
575 toString(): string;
576
577 get(name: IndentityOidName, asArray?: false): string;
578 get(name: IndentityOidName, asArray: true): string[];
579
580 toArray(): IdentityNameComponent[];
581
582 toAsn1(der: BerWriter, tag?: number): void;
583
584 equals(other: Identity): boolean;
585
586 static forHost(hostname: string): Identity;
587 static forUser(uid: string): Identity;
588 static forEmail(email: string): Identity;
589 static parseDN(dn: string): Identity;
590 static fromArray(components: IdentityNameComponent[]): Identity;
591 static parseAsn1(dn: BerReader, top?: number): Identity;
592
593 static isIdentity(obj: any, ver: Version): boolean;
594 }
595
596 function identityFromDN(dn: string): Identity;
597 function identityForHost(hostname: string): Identity;
598 function identityForUser(uid: string): Identity;
599 function identityForEmail(email: string): Identity;
600 function identityFromArray(components: IdentityNameComponent[]): Identity;
601
602 // == key.js == //
603
604 type KeyFormatType =
605 | "auto"
606 | "pem"
607 | "pkcs1"
608 | "pkcs8"
609 | "rfc4253"
610 | "ssh"
611 | "ssh-private"
612 | "openssh"
613 | "dnssec"
614 | "putty"
615 | "ppk";
616
617 interface KeyPart {
618 name: AlgorithmPart;
619 data: Buffer;
620 }
621
622 interface KeyOptions {
623 parts: KeyPart[];
624 type: AlgorithmTypeWithCurve;
625 comment?: string;
626 source?: string;
627 }
628
629 interface KeyParseOptions extends Format.ReadOptions {
630 filename?: string;
631 }
632
633 /** extends crypto.Verify but override 'verify' function */
634 interface Verify {
635 update(data: crypto.BinaryLike): Verify;
636 update(data: string, input_encoding: crypto.Encoding): Verify;
637
638 verify(signature: Signature): boolean;
639 verify(signature: string | Buffer, fmt?: crypto.BinaryToTextEncoding): boolean;
640 }
641
642 class Key {
643 type: AlgorithmTypeWithCurve;
644 parts: KeyPart[];
645 part: { [key in AlgorithmType]: KeyPart };
646 comment?: string;
647 source?: string;
648 curve?: string;
649 size: number;
650 constructor(opts: KeyOptions);
651
652 static formats: { [key in KeyFormatType]: Format };
653
654 toBuffer(format: KeyFormatType, options?: Format.WriteOptions): Buffer;
655 toString(format: KeyFormatType, options?: Format.WriteOptions): string;
656 hash(algo: AlgorithmHashType, type?: FingerprintHashType): Buffer;
657 fingerprint(algo?: AlgorithmHashType, type?: FingerprintHashType): Fingerprint;
658 defaultHashAlgorithm(): ShaHashType;
659 createVerify(algo?: AlgorithmHashType): Verify;
660 createDiffieHellman(): DiffieHellman;
661 createDH(): DiffieHellman;
662
663 static parse(data: string | Buffer, format?: KeyFormatType, options?: string | KeyParseOptions): Key;
664
665 static isKey(obj: any, ver: Version): boolean;
666 }
667
668 function parseKey(
669 data: string | Buffer,
670 format?: KeyFormatType,
671 options?: string | (Format.ReadOptions & { filename?: string }),
672 ): Key;
673
674 // == private-key.js == //
675
676 type PrivateKeyFormatType =
677 | "auto"
678 | "pem"
679 | "pkcs1"
680 | "pkcs8"
681 | "rfc4253"
682 | "ssh"
683 | "ssh-private"
684 | "openssh"
685 | "dnssec";
686
687 class PrivateKey {
688 type: AlgorithmTypeWithCurve;
689 parts: KeyPart[];
690 part: { [key in AlgorithmType]: KeyPart };
691 comment?: string;
692 source?: string;
693 curve?: string;
694 size: number;
695 constructor(opts: KeyOptions);
696
697 toBuffer(format: PrivateKeyFormatType, options?: Format.WriteOptions): Buffer;
698 toString(format: PrivateKeyFormatType, options?: Format.WriteOptions): string;
699 hash(algo: AlgorithmHashType, type?: FingerprintHashType): Buffer;
700 fingerprint(algo?: AlgorithmHashType, type?: FingerprintHashType): Fingerprint;
701 defaultHashAlgorithm(): ShaHashType;
702 toPublic(): Key;
703 derive(newType: "ed25519" | "curve25519"): PrivateKey;
704 createVerify(algo?: AlgorithmHashType): Verify;
705 createSign(hashAlgo: AlgorithmHashType): Signer;
706 createDiffieHellman(): DiffieHellman;
707 createDH(): DiffieHellman;
708
709 static parse(
710 data: string | Buffer,
711 format?: PrivateKeyFormatType,
712 options?: string | KeyParseOptions,
713 ): PrivateKey;
714
715 static isPrivateKey(data: any, ver: Version): boolean;
716
717 static generate(type: "ecdsa", options?: { curve?: CurveType }): PrivateKey;
718 static generate(type: "ed25519"): PrivateKey;
719 }
720
721 namespace PrivateKey {
722 let formats: { [key in PrivateKeyFormatType]: Format };
723 }
724
725 function parsePrivateKey(
726 data: string | Buffer,
727 format?: PrivateKeyFormatType,
728 options?: string | KeyParseOptions,
729 ): PrivateKey;
730
731 function generatePrivateKey(type: "ecdsa", options?: { curve?: CurveType }): PrivateKey;
732 function generatePrivateKey(type: "ed25519"): PrivateKey;
733
734 // == signature.js == //
735
736 type SignatureFormatType = "asn1" | "ssh" | "raw";
737 type SignaturePartType = "r" | "s" | "sig";
738
739 interface SignaturePart {
740 name: SignaturePartType;
741 data: Buffer;
742 }
743
744 interface SignatureOptions {
745 type: AlgorithmType;
746 hashAlgo?: AlgorithmHashType;
747 curve?: CurveType;
748 parts: SignaturePart[];
749 }
750
751 class Signature {
752 type: AlgorithmType;
753 hashAlgorithm?: AlgorithmHashType;
754 curve?: CurveType;
755 parts: SignaturePart[];
756 part: { [key in SignaturePartType]: SignaturePart };
757
758 constructor(opts: SignatureOptions);
759 toBuffer(format?: SignatureFormatType): Buffer;
760 toString(format?: SignatureFormatType): string;
761
762 static parse(data: string | Buffer, type: AlgorithmType, format: SignatureFormatType): Signature;
763
764 static isSignature(obj: any, ver: Version): boolean;
765 }
766
767 function parseSignature(data: string | Buffer, type: AlgorithmType, format: SignatureFormatType): Signature;
768
769 // == ssh-buffer.js == //
770
771 class SSHPart {
772 data: Buffer;
773 }
774
775 class SSHBuffer {
776 constructor(opts: { buffer?: Buffer });
777
778 toBuffer(): Buffer;
779 atEnd(): boolean;
780 remainder(): Buffer;
781 skip(n: number): void;
782 expand(): void;
783 readPart(): SSHPart;
784 readBuffer(): Buffer;
785 readString(): string;
786 readCString(): string;
787 readInt(): number;
788 readInt64(): Buffer;
789 readChar(): string;
790 writeBuffer(buf: Buffer): void;
791 writeString(buf: string): void;
792 writeCString(buf: string): void;
793 writeInt(buf: number): void;
794 writeInt64(buf: Buffer): void;
795 writeChar(buf: string): void;
796 writePart(buf: SSHPart): void;
797 write(buf: Buffer): void;
798 }
799
800 // == utils.js == //
801
802 type Version = [number, number];
803
804 function bufferSplit(buf: Buffer, chr: string): Buffer[];
805
806 function addRSAMissing(key: PrivateKey): void;
807
808 function calculateDSAPublic(g: Buffer, p: Buffer, x: Buffer): Buffer;
809
810 function calculateED25519Public(k: Buffer): Buffer;
811
812 function calculateX25519Public(k: Buffer): Buffer;
813
814 function mpNormalize(buf: Buffer): Buffer;
815
816 function mpDenormalize(buf: Buffer): Buffer;
817
818 function ecNormalize(buf: Buffer, addZero?: boolean): Buffer;
819
820 function countZeros(buf: Buffer): number;
821
822 function assertCompatible(obj: object, klass: any, needVer: Version, name?: string): void;
823
824 function isCompatible(obj: object, klass: any, needVer: Version): boolean;
825
826 interface OpenSslKeyDeriv {
827 key: Buffer;
828 iv: Buffer;
829 }
830
831 function opensslKeyDeriv(
832 cipher: "des-ede3-cbc" | "aes-128-cbc" | "aes-256-cbc",
833 salt: Buffer,
834 passphrase: Buffer,
835 count: number,
836 ): OpenSslKeyDeriv;
837
838 type OpenSshCipherName =
839 | "des-ede3-cbc"
840 | "bf-cbc"
841 | "aes-128-cbc"
842 | "aes-128-ctr"
843 | "aes-128-gcm"
844 | "aes-192-cbc"
845 | "aes-192-ctr"
846 | "aes-192-gcm"
847 | "aes-256-cbc"
848 | "aes-256-ctr"
849 | "aes-256-gcm";
850
851 class OpenSshCipherInfo {
852 keySize: number;
853 blockSize: number;
854 opensslName: OpenSshCipherName;
855 }
856
857 function opensshCipherInfo(cipter: Format.SshPrivateCipher): OpenSshCipherInfo;
858
859 function publicFromPrivateECDSA(curveName: CurveType, priv: Buffer): Key;
860
861 function zeroPadToLength(buf: Buffer, len: number): Buffer;
862
863 function writeBitString(der: BerWriter, buf: Buffer, tag?: number): void;
864
865 function readBitString(der: BerReader, tag?: number): Buffer;
866
867 function pbkdf2(
868 hashAlg: string,
869 salt: Buffer,
870 iterations: number,
871 size: number,
872 passphrase: crypto.BinaryLike,
873 ): Buffer;
874}
875
876export = SshPK;