@electerm/ssh2 1.17.1 → 1.17.2

package/lib/protocol/Protocol.js

@@ -629,35 +629,65 @@ class Protocol {
     sendPacket(this, this._packetRW.write.finalize(packet));
   }
   authPK(username, pubKey, keyAlgo, cbSign) {
+    if (pubKey && pubKey.certificate) {
+      return this.authPKCert(username, pubKey, keyAlgo, cbSign);
+    }
+    if (this._server)
+      throw new Error('Client-only method called in server mode');
+
+    pubKey = parseKey(pubKey);
+    if (pubKey instanceof Error)
+      throw new Error('Invalid key');
+
+    let keyType = pubKey.type;
+    if (keyType === 'ssh-rsa') {
+      for (const algo of ['rsa-sha2-512', 'rsa-sha2-256']) {
+        if (this._remoteHostKeyAlgorithms.includes(algo)) {
+          keyType = algo;
+          break;
+        }
+      }
+    }
+    pubKey = pubKey.getPublicSSH();
+
+    if (typeof keyAlgo === 'function') {
+      cbSign = keyAlgo;
+      keyAlgo = undefined;
+    }
+    if (!keyAlgo)
+      keyAlgo = keyType;
+
+    // For standard public keys, the algorithm name on the wire (keyAlgo)
+    // is the same as the algorithm used for signing (signAlgo).
+    this._authPKCommon(username, keyAlgo, pubKey, keyAlgo, cbSign);
+  }
+
+  authPKCert(username, pubKey, keyAlgo, cbSign) {
     if (this._server)
       throw new Error('Client-only method called in server mode');
 
-    const origPubKey = pubKey;
-    
     // Only parse if it's not already a parsed key object
-    // Check for common key object properties
-    if (typeof pubKey !== 'object' || pubKey === null || 
+    if (typeof pubKey !== 'object' || pubKey === null ||
         typeof pubKey.type !== 'string' || typeof pubKey.getPublicSSH !== 'function') {
       pubKey = parseKey(pubKey);
       if (pubKey instanceof Error)
         throw new Error('Invalid key');
     }
 
-    let keyType = pubKey.type;
-    
     // Check if this is a certificate-wrapped key
-    let pubKeyData = pubKey.getPublicSSH();
+    let pubKeyData;
     let isCertificate = false;
     if (pubKey.getCertificateBuffer) {
-      // This is a CertificateKey, use the certificate data instead
       pubKeyData = pubKey.getCertificateBuffer();
       isCertificate = true;
       this._debug && this._debug('Using SSH certificate for authentication');
+    } else {
+      pubKeyData = pubKey.getPublicSSH();
     }
 
-    // Upgrade RSA to SHA2 variants if server supports them
-    // signAlgo is the actual algorithm used for signing
-    // NOTE: Order must match getKeyAlgos() in client.js - rsa-sha2-256 first
+    let keyType = pubKey.type;
+    
+    // Determine the base signing algorithm (upgrading RSA if needed)
     let signAlgo = keyType;
     if (keyType === 'ssh-rsa') {
       for (const algo of ['rsa-sha2-256', 'rsa-sha2-512']) {
@@ -667,12 +697,10 @@ class Protocol {
         }
       }
     }
-    
-    // For certificates, append the cert suffix to the algorithm for the packet
-    // but keep signAlgo as the base signing algorithm
+
+    // Determine the algorithm name to use in the packet (keyAlgo)
     if (isCertificate) {
       // Map the signing algorithm to certificate algorithm
-      // e.g., rsa-sha2-512 -> rsa-sha2-512-cert-v01@openssh.com
       if (signAlgo === 'rsa-sha2-512') {
         keyType = 'rsa-sha2-512-cert-v01@openssh.com';
       } else if (signAlgo === 'rsa-sha2-256') {
@@ -692,7 +720,6 @@ class Protocol {
       }
       this._debug && this._debug(`Certificate key algorithm: ${keyType}`);
     } else {
-      // For non-certificates, keyType should be signAlgo
       keyType = signAlgo;
     }
 
@@ -700,118 +727,119 @@ class Protocol {
       cbSign = keyAlgo;
       keyAlgo = undefined;
     }
-    
-    // For certificates, we must use the certificate algorithm regardless of what was passed
+
+    // For certificates, default to the determined cert type if not provided
     if (isCertificate) {
       keyAlgo = keyType;
     } else if (!keyAlgo) {
       keyAlgo = keyType;
     }
 
-    const userLen = Buffer.byteLength(username);
-    const algoLen = Buffer.byteLength(keyAlgo);
-    // For certificates, signAlgo is the base signing algorithm (e.g., rsa-sha2-512)
-    // For non-certificates, signAlgo equals keyAlgo
-    const signAlgoLen = Buffer.byteLength(signAlgo);
-    const pubKeyLen = pubKeyData.length;
-    const sessionID = this._kex.sessionID;
-    const sesLen = sessionID.length;
-    const payloadLen =
-      (cbSign ? 4 + sesLen : 0)
-        + 1 + 4 + userLen + 4 + 14 + 4 + 9 + 1 + 4 + algoLen + 4 + pubKeyLen;
-    let packet;
-    let p;
-    if (cbSign) {
-      packet = Buffer.allocUnsafe(payloadLen);
-      p = 0;
-      writeUInt32BE(packet, sesLen, p);
-      packet.set(sessionID, p += 4);
-      p += sesLen;
-    } else {
-      packet = this._packetRW.write.alloc(payloadLen);
-      p = this._packetRW.write.allocStart;
-    }
-
-    packet[p] = MESSAGE.USERAUTH_REQUEST;
-
-    writeUInt32BE(packet, userLen, ++p);
-    packet.utf8Write(username, p += 4, userLen);
-
-    writeUInt32BE(packet, 14, p += userLen);
-    packet.utf8Write('ssh-connection', p += 4, 14);
-
-    writeUInt32BE(packet, 9, p += 14);
-    packet.utf8Write('publickey', p += 4, 9);
-
-    packet[p += 9] = (cbSign ? 1 : 0);
-
-    writeUInt32BE(packet, algoLen, ++p);
-    packet.utf8Write(keyAlgo, p += 4, algoLen);
+    this._authPKCommon(username, keyAlgo, pubKeyData, signAlgo, cbSign);
+  }
 
-    writeUInt32BE(packet, pubKeyLen, p += algoLen);
-    packet.set(pubKeyData, p += 4);
+  _authPKCommon(username, algo, pubKey, signAlgo, cbSign) {
+    const userLen = Buffer.byteLength(username);
+    const algoLen = Buffer.byteLength(algo);
+    const pubKeyLen = pubKey.length;
+    
+    // Calculate payload length for the basic packet
+    // Header: MSG_USERAUTH_REQUEST (1) + user (4+len) + service (4+14) + method (4+9) + sign_flag (1) + algo (4+len) + key (4+len)
+    const basePayloadLen = 1 + 4 + userLen + 4 + 14 + 4 + 9 + 1 + 4 + algoLen + 4 + pubKeyLen;
 
     if (!cbSign) {
-      this._authsQueue.push('publickey');
+      // -----------------------------------------------------------------------
+      // Send "Check" Packet (Signature Flag = 0)
+      // -----------------------------------------------------------------------
+      const packet = this._packetRW.write.alloc(basePayloadLen);
+      let p = this._packetRW.write.allocStart;
 
-      this._debug && this._debug(
-        'Outbound: Sending USERAUTH_REQUEST (publickey -- check)'
-      );
-      sendPacket(this, this._packetRW.write.finalize(packet));
-      return;
-    }
-
-    cbSign(packet, (signature) => {
-      signature = convertSignature(signature, signAlgo);
-      if (signature === false)
-        throw new Error('Error while converting handshake signature');
-
-      const sigLen = signature.length;
-      p = this._packetRW.write.allocStart;
-      packet = this._packetRW.write.alloc(
-        1 + 4 + userLen + 4 + 14 + 4 + 9 + 1 + 4 + algoLen + 4 + pubKeyLen + 4
-          + 4 + signAlgoLen + 4 + sigLen
-      );
-
-      // TODO: simply copy from original "packet" to new `packet` to avoid
-      // having to write each individual field a second time?
       packet[p] = MESSAGE.USERAUTH_REQUEST;
-
       writeUInt32BE(packet, userLen, ++p);
       packet.utf8Write(username, p += 4, userLen);
-
       writeUInt32BE(packet, 14, p += userLen);
       packet.utf8Write('ssh-connection', p += 4, 14);
-
       writeUInt32BE(packet, 9, p += 14);
       packet.utf8Write('publickey', p += 4, 9);
-
-      packet[p += 9] = 1;
-
+      packet[p += 9] = 0; // Not signed
       writeUInt32BE(packet, algoLen, ++p);
-      packet.utf8Write(keyAlgo, p += 4, algoLen);
-
+      packet.utf8Write(algo, p += 4, algoLen);
       writeUInt32BE(packet, pubKeyLen, p += algoLen);
-      packet.set(pubKeyData, p += 4);
+      packet.set(pubKey, p += 4);
 
-      // Signature blob: length-prefixed (algorithm string + raw signature)
-      // For RSA signatures, use the base signing algorithm (without cert suffix)
-      // The cert suffix is only used in the public key algorithm field of the main packet
-      writeUInt32BE(packet, 4 + signAlgoLen + 4 + sigLen, p += pubKeyLen);
+      this._authsQueue.push('publickey');
+      this._debug && this._debug('Outbound: Sending USERAUTH_REQUEST (publickey -- check)');
+      sendPacket(this, this._packetRW.write.finalize(packet));
+      return;
+    }
 
+    // -------------------------------------------------------------------------
+    // Signing Process
+    // -------------------------------------------------------------------------
+    const sessionID = this._kex.sessionID;
+    const sesLen = sessionID.length;
+    
+    // Construct the data payload to be signed: SessionID + UserAuth Request Packet
+    // (Note: The packet construction here mimics the one above but sets sign_flag = 1)
+    const dataToSignLen = 4 + sesLen + basePayloadLen;
+    const dataToSign = Buffer.allocUnsafe(dataToSignLen);
+    let p = 0;
+
+    writeUInt32BE(dataToSign, sesLen, p);
+    dataToSign.set(sessionID, p += 4);
+    p += sesLen;
+
+    dataToSign[p] = MESSAGE.USERAUTH_REQUEST;
+    writeUInt32BE(dataToSign, userLen, ++p);
+    dataToSign.utf8Write(username, p += 4, userLen);
+    writeUInt32BE(dataToSign, 14, p += userLen);
+    dataToSign.utf8Write('ssh-connection', p += 4, 14);
+    writeUInt32BE(dataToSign, 9, p += 14);
+    dataToSign.utf8Write('publickey', p += 4, 9);
+    dataToSign[p += 9] = 1; // Signed
+    writeUInt32BE(dataToSign, algoLen, ++p);
+    dataToSign.utf8Write(algo, p += 4, algoLen);
+    writeUInt32BE(dataToSign, pubKeyLen, p += algoLen);
+    dataToSign.set(pubKey, p += 4);
+
+    cbSign(dataToSign, (signature) => {
+      signature = convertSignature(signature, signAlgo);
+      if (signature === false)
+        throw new Error('Error while converting handshake signature');
+
+      const sigLen = signature.length;
+      const signAlgoLen = Buffer.byteLength(signAlgo);
+
+      // -----------------------------------------------------------------------
+      // Send Signed Packet
+      // -----------------------------------------------------------------------
+      // We reconstruct the packet to send. It is identical to the data part of 
+      // dataToSign (minus SessionID), plus the signature blob appended at the end.
+      
+      const totalPacketLen = basePayloadLen + 4 + 4 + signAlgoLen + 4 + sigLen;
+      p = this._packetRW.write.allocStart;
+      const packet = this._packetRW.write.alloc(totalPacketLen);
+
+      // Copy the standard fields from our signing buffer (skipping sessionID)
+      // Offset of packet start in dataToSign is 4 + sesLen
+      const packetStartInSigData = 4 + sesLen;
+      bufferCopy(dataToSign, packet, packetStartInSigData, dataToSign.length, p);
+      
+      // Move pointer to end of copied data
+      p += (dataToSign.length - packetStartInSigData);
+
+      // Append Signature Blob
+      // Length of signature structure (string len + string + blob len + blob)
+      writeUInt32BE(packet, 4 + signAlgoLen + 4 + sigLen, p);
+      
       writeUInt32BE(packet, signAlgoLen, p += 4);
       packet.utf8Write(signAlgo, p += 4, signAlgoLen);
-
+      
       writeUInt32BE(packet, sigLen, p += signAlgoLen);
       packet.set(signature, p += 4);
 
-      // Servers shouldn't send packet type 60 in response to signed publickey
-      // attempts, but if they do, interpret as type 60.
       this._authsQueue.push('publickey');
-
-      this._debug && this._debug(
-        'Outbound: Sending USERAUTH_REQUEST (publickey)'
-      );
+      this._debug && this._debug('Outbound: Sending USERAUTH_REQUEST (publickey)');
       sendPacket(this, this._packetRW.write.finalize(packet));
     });
   }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@electerm/ssh2",
-  "version": "1.17.1",
+  "version": "1.17.2",
   "author": "Brian White <mscdex@mscdex.net>",
   "description": "SSH2 client and server modules written in pure JavaScript for node.js",
   "main": "./lib/index.js",