From c7e3ab42d9b8135282f38786a76cfefcf08c004c Mon Sep 17 00:00:00 2001 From: Eugene Pankov Date: Mon, 31 Jan 2022 09:22:55 +0100 Subject: [PATCH] ssh: added DSA host key support - fixes #5120, fixes #3430 --- patches/ssh2+1.5.0.patch | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 patches/ssh2+1.5.0.patch diff --git a/patches/ssh2+1.5.0.patch b/patches/ssh2+1.5.0.patch new file mode 100644 index 00000000..d8d342e5 --- /dev/null +++ b/patches/ssh2+1.5.0.patch @@ -0,0 +1,39 @@ +diff --git a/node_modules/ssh2/lib/protocol/keyParser.js b/node_modules/ssh2/lib/protocol/keyParser.js +index 9860e3f..ee82e51 100644 +--- a/node_modules/ssh2/lib/protocol/keyParser.js ++++ b/node_modules/ssh2/lib/protocol/keyParser.js +@@ -15,6 +15,7 @@ const { + sign: sign_, + verify: verify_, + } = require('crypto'); ++const { createVerify: createVerifyDSS } = require('browserify-sign') + const supportedOpenSSLCiphers = getCiphers(); + + const { Ber } = require('asn1'); +@@ -404,6 +405,17 @@ const BaseKey = { + return new Error('No public key available'); + if (!algo || typeof algo !== 'string') + algo = this[SYM_HASH_ALGO]; ++ ++ if (algo === 'dss1') { ++ const verifier = createVerifyDSS('DSA-SHA1'); ++ verifier.update(data); ++ try { ++ return verifier.verify(pem, signature); ++ } catch (ex) { ++ return ex; ++ } ++ } ++ + try { + return verify_(algo, data, pem, signature); + } catch (ex) { +@@ -1343,7 +1355,7 @@ function parseDER(data, baseType, comment, fullType) { + return new Error('Malformed OpenSSH public key'); + pubPEM = genOpenSSLDSAPub(p, q, g, y); + pubSSH = genOpenSSHDSAPub(p, q, g, y); +- algo = 'sha1'; ++ algo = 'dss1'; + break; + } + case 'ssh-ed25519': {