Skip to content

Commit

Permalink
lib,test: use more generic sha1 hash
Browse files Browse the repository at this point in the history 
This fixes a compatibility issue with node v10.
  • Loading branch information
@mscdex
mscdex committed Apr 25, 2018
1 parent cba957b commit ebf79f1
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 18 deletions.
32 changes: 15 additions & 17 deletions lib/ssh.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2852,10 +2852,8 @@ function onKEXDH_REPLY(self, info, verifiedHost) { // Client
var keyAlgo;
switch (info.sig_format) {
case 'ssh-rsa':
keyAlgo = 'RSA-SHA1';
break;
case 'ssh-dss':
keyAlgo = 'DSA-SHA1';
keyAlgo = 'sha1';
break;
case 'ecdsa-sha2-nistp256':
keyAlgo = 'sha256';
Expand All @@ -2880,15 +2878,17 @@ function onKEXDH_REPLY(self, info, verifiedHost) { // Client
verifier.update(outstate.exchangeHash);

var asn1KeyBuf;
if (keyAlgo === 'RSA-SHA1') {
asn1KeyBuf = RSAKeySSHToASN1(info.hostkey, self);
} else if (keyAlgo === 'DSA-SHA1') {
asn1KeyBuf = DSAKeySSHToASN1(info.hostkey, self);
rawsig = DSASigBareToBER(rawsig);
} else {
// ECDSA
asn1KeyBuf = ECDSAKeySSHToASN1(info.hostkey, self);
rawsig = ECDSASigSSHToASN1(rawsig, self);
switch (info.sig_format) {
case 'ssh-rsa':
asn1KeyBuf = RSAKeySSHToASN1(info.hostkey, self);
break;
case 'ssh-dss':
asn1KeyBuf = DSAKeySSHToASN1(info.hostkey, self);
rawsig = DSASigBareToBER(rawsig);
break;
default: // ECDSA
asn1KeyBuf = ECDSAKeySSHToASN1(info.hostkey, self);
rawsig = ECDSASigSSHToASN1(rawsig, self);
}

if (!asn1KeyBuf || !rawsig)
Expand Down Expand Up @@ -5150,10 +5150,8 @@ function KEXDH_REPLY(self, e) { // Server
var signAlgo;
switch (hostkeyAlgo) {
case 'ssh-rsa':
signAlgo = 'RSA-SHA1';
break;
case 'ssh-dss':
signAlgo = 'DSA-SHA1';
signAlgo = 'sha1';
break;
case 'ecdsa-sha2-nistp256':
signAlgo = 'sha256';
Expand All @@ -5179,9 +5177,9 @@ function KEXDH_REPLY(self, e) { // Server
return false;
}

if (signAlgo === 'DSA-SHA1') {
if (hostkeyAlgo === 'ssh-dss') {
signature = DSASigBERToBare(signature);
} else if (signAlgo !== 'RSA-SHA1') {
} else if (hostkeyAlgo !== 'ssh-rsa') {
// ECDSA
signature = ECDSASigASN1ToSSH(signature);
}
Expand Down
2 changes: 1 addition & 1 deletion test/test-packet60.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ function makePair(cb) {
}

function signWithClientKey(blob, syncCb) {
var signType = (PARSED_CLIENT_PRV_KEY.type === 'rsa' ? 'R' : 'D') + 'SA-SHA1';
var signType = 'sha1';
var signature = crypto.createSign(signType);
signature.update(blob);
signature = signature.sign(PARSED_CLIENT_PRV_KEY.privateOrig);
Expand Down

0 comments on commit ebf79f1

Please sign in to comment.