@bring-it/sftp
Version:
SFTP deployment tool for frontend
1 lines • 364 kB
JavaScript
export const __webpack_id__=562;export const __webpack_ids__=[562];export const __webpack_modules__={192:(e,t,r)=>{const{kMaxLength:n}=r(181),{createInflate:i,constants:{DEFLATE:s,INFLATE:o,Z_DEFAULT_CHUNK:a,Z_DEFAULT_COMPRESSION:c,Z_DEFAULT_MEMLEVEL:h,Z_DEFAULT_STRATEGY:l,Z_DEFAULT_WINDOWBITS:f,Z_PARTIAL_FLUSH:u}}=r(3106),d=i()._handle.constructor;function g(){throw new Error("Should not get here")}function A(e,t,r){const n=this._owner,i=new Error(e);i.errno=t,i.code=r,n._err=i}function p(e){e._handle&&(e._handle.close(),e._handle=null)}class E{constructor(e){const t=f,r=c,i=h,s=l;this._err=void 0,this._writeState=new Uint32Array(2),this._chunkSize=a,this._maxOutputLength=n,this._outBuffer=Buffer.allocUnsafe(this._chunkSize),this._outOffset=0,this._handle=new d(e),this._handle._owner=this,this._handle.onerror=A,this._handle.init(t,r,i,s,this._writeState,g,void 0)}writeSync(e,t){const r=this._handle;if(!r)throw new Error("Invalid Zlib instance");let n,i,s,o=e.length,a=this._chunkSize-this._outOffset,c=0,h=0;const l=this._writeState;let f=this._outBuffer,d=this._outOffset;const g=this._chunkSize;for(;;){if(r.writeSync(u,e,c,o,f,d,a),this._err)throw this._err;n=l[0],i=l[1];const t=o-i,A=a-n;if(A>0){const e=0===d&&A===f.length?f:f.slice(d,d+A);if(d+=A,s?void 0===s.push?s=[s,e]:s.push(e):s=e,h+=e.byteLength,h>this._maxOutputLength)throw p(this),new Error(`Output length exceeded maximum of ${this._maxOutputLength}`)}else if(0!==A)throw new Error("have should not go down");if((0===n||d>=g)&&(a=g,d=0,f=Buffer.allocUnsafe(g)),0!==n)break;c+=t,o=i}if(this._outBuffer=f,this._outOffset=d,0===h&&(s=Buffer.alloc(0)),t)return s.totalLen=h,s;if(void 0===s.push)return s;const A=Buffer.allocUnsafe(h);for(let e=0,t=0;e<s.length;++e){const r=s[e];A.set(r,t),t+=r.length}return A}}e.exports={PacketReader:class{cleanup(){}read(e){return e}},PacketWriter:class{constructor(e){this.allocStart=5,this.allocStartKEX=5,this._protocol=e}cleanup(){}alloc(e,t){return void 0===this._protocol._kexinit||t?this._protocol._cipher.allocPacket(e):Buffer.allocUnsafe(e)}finalize(e,t){return e}},ZlibPacketReader:class{constructor(){this._zlib=new E(o)}cleanup(){this._zlib&&p(this._zlib)}read(e){return this._zlib.writeSync(e,!1)}},ZlibPacketWriter:class{constructor(e){this.allocStart=0,this.allocStartKEX=0,this._protocol=e,this._zlib=new E(s)}cleanup(){this._zlib&&p(this._zlib)}alloc(e,t){return Buffer.allocUnsafe(e)}finalize(e,t){if(void 0===this._protocol._kexinit||t){const t=this._zlib.writeSync(e,!0),r=this._protocol._cipher.allocPacket(t.totalLen);if(void 0===t.push)r.set(t,5);else for(let e=0,n=5;e<t.length;++e){const i=t[e];r.set(i,n),n+=i.length}return r}return e}}}},605:(e,t,r)=>{const{createDecipheriv:n,createECDH:i,createHash:s,createHmac:o,createSign:a,createVerify:c,getCiphers:h,sign:l,verify:f}=r(6982),u=h(),{Ber:d}=r(8982),g=r(1259).pbkdf,{CIPHER_INFO:A}=r(9912),{eddsaSupported:p,SUPPORTED_CIPHER:E}=r(2132),{bufferSlice:_,makeBufferParser:I,readString:y,readUInt32BE:w,writeUInt32BE:b}=r(3160),m=Symbol("Hash Algorithm"),S=Symbol("Private key PEM"),v=Symbol("Public key PEM"),C=Symbol("Public key SSH"),B=Symbol("Decrypted Key"),k=Object.create(null);{const te=Object.keys(A);for(let re=0;re<te.length;++re){const ne=A[te[re]].sslName;ne&&!k[ne]&&(k[ne]=A[te[re]])}}const R=I();function N(e,t){let r=(t=t.base64Slice(0,t.length)).replace(/.{64}/g,"$&\n");return 63&t.length&&(r+="\n"),`-----BEGIN ${e} KEY-----\n${r}-----END ${e} KEY-----`}function T(e,t){const r=Buffer.allocUnsafe(e.length+t.length);return r.set(e,0),r.set(t,e.length),r}function L(e,t){const r=e.length;let n=e._pos||0;for(let i=0;i<t;++i){const t=r-n;if(n>=r||t<4)return!1;const i=w(e,n);if(t<4+i)return!1;n+=4+i}return e._pos=n,!0}function O(e,t){const r=new d.Writer;return r.startSequence(),r.startSequence(),r.writeOID("1.2.840.113549.1.1.1"),r.writeNull(),r.endSequence(),r.startSequence(d.BitString),r.writeByte(0),r.startSequence(),r.writeBuffer(e,d.Integer),r.writeBuffer(t,d.Integer),r.endSequence(),r.endSequence(),r.endSequence(),N("PUBLIC",r.buffer)}function U(e,t){const r=Buffer.allocUnsafe(15+t.length+4+e.length);b(r,7,0),r.utf8Write("ssh-rsa",4,7);let n=11;return b(r,t.length,n),r.set(t,n+=4),b(r,e.length,n+=t.length),r.set(e,n+4),r}const P=(()=>{function e(e){return BigInt(`0x${e.hexSlice(0,e.length)}`)}function t(e){let t=e.toString(16);if(1&t.length)t=`0${t}`;else{const e=t.charCodeAt(0);(56===e||57===e||e>=97&&e<=102)&&(t=`00${t}`)}return Buffer.from(t,"hex")}return function(r,n,i,s,o,a){const c=e(i);return N("RSA PRIVATE",function(e,t,r,n,i,s,o,a){const c=new d.Writer;return c.startSequence(),c.writeInt(0,d.Integer),c.writeBuffer(e,d.Integer),c.writeBuffer(t,d.Integer),c.writeBuffer(r,d.Integer),c.writeBuffer(n,d.Integer),c.writeBuffer(i,d.Integer),c.writeBuffer(s,d.Integer),c.writeBuffer(o,d.Integer),c.writeBuffer(a,d.Integer),c.endSequence(),c.buffer}(r,n,i,o,a,t(c%(e(o)-1n)),t(c%(e(a)-1n)),s))}})();function Q(e,t,r,n){const i=new d.Writer;return i.startSequence(),i.startSequence(),i.writeOID("1.2.840.10040.4.1"),i.startSequence(),i.writeBuffer(e,d.Integer),i.writeBuffer(t,d.Integer),i.writeBuffer(r,d.Integer),i.endSequence(),i.endSequence(),i.startSequence(d.BitString),i.writeByte(0),i.writeBuffer(n,d.Integer),i.endSequence(),i.endSequence(),N("PUBLIC",i.buffer)}function D(e,t,r,n){const i=Buffer.allocUnsafe(15+e.length+4+t.length+4+r.length+4+n.length);b(i,7,0),i.utf8Write("ssh-dss",4,7);let s=11;return b(i,e.length,s),i.set(e,s+=4),b(i,t.length,s+=e.length),i.set(t,s+=4),b(i,r.length,s+=t.length),i.set(r,s+=4),b(i,n.length,s+=r.length),i.set(n,s+4),i}function H(e,t,r,n,i){const s=new d.Writer;return s.startSequence(),s.writeInt(0,d.Integer),s.writeBuffer(e,d.Integer),s.writeBuffer(t,d.Integer),s.writeBuffer(r,d.Integer),s.writeBuffer(n,d.Integer),s.writeBuffer(i,d.Integer),s.endSequence(),N("DSA PRIVATE",s.buffer)}function x(e){const t=new d.Writer;return t.startSequence(),t.startSequence(),t.writeOID("1.3.101.112"),t.endSequence(),t.startSequence(d.BitString),t.writeByte(0),t._ensure(e.length),t._buf.set(e,t._offset),t._offset+=e.length,t.endSequence(),t.endSequence(),N("PUBLIC",t.buffer)}function F(e){const t=Buffer.allocUnsafe(19+e.length);return b(t,11,0),t.utf8Write("ssh-ed25519",4,11),b(t,e.length,15),t.set(e,19),t}function M(e){const t=new d.Writer;return t.startSequence(),t.writeInt(0,d.Integer),t.startSequence(),t.writeOID("1.3.101.112"),t.endSequence(),t.startSequence(d.OctetString),t.writeBuffer(e,d.OctetString),t.endSequence(),t.endSequence(),N("PRIVATE",t.buffer)}function K(e,t){const r=new d.Writer;return r.startSequence(),r.startSequence(),r.writeOID("1.2.840.10045.2.1"),r.writeOID(e),r.endSequence(),r.startSequence(d.BitString),r.writeByte(0),r._ensure(t.length),r._buf.set(t,r._offset),r._offset+=t.length,r.endSequence(),r.endSequence(),N("PUBLIC",r.buffer)}function W(e,t){let r;switch(e){case"1.2.840.10045.3.1.7":r="nistp256";break;case"1.3.132.0.34":r="nistp384";break;case"1.3.132.0.35":r="nistp521";break;default:return}const n=Buffer.allocUnsafe(39+t.length);return b(n,19,0),n.utf8Write(`ecdsa-sha2-${r}`,4,19),b(n,8,23),n.utf8Write(r,27,8),b(n,t.length,35),n.set(t,39),n}function q(e,t,r){const n=new d.Writer;return n.startSequence(),n.writeInt(1,d.Integer),n.writeBuffer(r,d.OctetString),n.startSequence(160),n.writeOID(e),n.endSequence(),n.startSequence(161),n.startSequence(d.BitString),n.writeByte(0),n._ensure(t.length),n._buf.set(t,n._offset),n._offset+=t.length,n.endSequence(),n.endSequence(),n.endSequence(),N("EC PRIVATE",n.buffer)}const G={sign:"function"==typeof l?function(e,t){const r=this[S];if(null===r)return new Error("No private key available");t&&"string"==typeof t||(t=this[m]);try{return l(t,e,r)}catch(e){return e}}:function(e,t){const r=this[S];if(null===r)return new Error("No private key available");t&&"string"==typeof t||(t=this[m]);const n=a(t);n.update(e);try{return n.sign(r)}catch(e){return e}},verify:"function"==typeof f?function(e,t,r){const n=this[v];if(null===n)return new Error("No public key available");r&&"string"==typeof r||(r=this[m]);try{return f(r,e,n,t)}catch(e){return e}}:function(e,t,r){const n=this[v];if(null===n)return new Error("No public key available");r&&"string"==typeof r||(r=this[m]);const i=c(r);i.update(e);try{return i.verify(n,t)}catch(e){return e}},isPrivateKey:function(){return null!==this[S]},getPrivatePEM:function(){return this[S]},getPublicPEM:function(){return this[v]},getPublicSSH:function(){return this[C]},equals:function(e){const t=ee(e);return!(t instanceof Error)&&this.type===t.type&&this[S]===t[S]&&this[v]===t[v]&&this[C].equals(t[C])}};function $(e,t,r,n,i,s,o){this.type=e,this.comment=t,this[S]=r,this[v]=n,this[C]=i,this[m]=s,this[B]=o}$.prototype=G;{const ie=/^-----BEGIN OPENSSH PRIVATE KEY-----(?:\r\n|\n)([\s\S]+)(?:\r\n|\n)-----END OPENSSH PRIVATE KEY-----$/;function se(e,t,r){const n=[];if(e.length<8)return new Error("Malformed OpenSSH private key");if(w(e,0)!==w(e,4))return r?new Error("OpenSSH key integrity check failed -- bad passphrase?"):new Error("OpenSSH key integrity check failed");let i,s;for(e._pos=8,i=0;i<t;++i){let t,i,o,a;const c=y(e,e._pos,!0);if(void 0===c)return new Error("Malformed OpenSSH private key");switch(c){case"ssh-rsa":{const r=y(e,e._pos);if(void 0===r)return new Error("Malformed OpenSSH private key");const n=y(e,e._pos);if(void 0===n)return new Error("Malformed OpenSSH private key");const s=y(e,e._pos);if(void 0===s)return new Error("Malformed OpenSSH private key");const c=y(e,e._pos);if(void 0===c)return new Error("Malformed OpenSSH private key");const h=y(e,e._pos);if(void 0===h)return new Error("Malformed OpenSSH private key");const l=y(e,e._pos);if(void 0===l)return new Error("Malformed OpenSSH private key");o=O(r,n),a=U(r,n),i=P(r,n,s,c,h,l),t="sha1";break}case"ssh-dss":{const r=y(e,e._pos);if(void 0===r)return new Error("Malformed OpenSSH private key");const n=y(e,e._pos);if(void 0===n)return new Error("Malformed OpenSSH private key");const s=y(e,e._pos);if(void 0===s)return new Error("Malformed OpenSSH private key");const c=y(e,e._pos);if(void 0===c)return new Error("Malformed OpenSSH private key");const h=y(e,e._pos);if(void 0===h)return new Error("Malformed OpenSSH private key");o=Q(r,n,s,c),a=D(r,n,s,c),i=H(r,n,s,c,h),t="sha1";break}case"ssh-ed25519":{if(!p)return new Error(`Unsupported OpenSSH private key type: ${c}`);const r=y(e,e._pos);if(void 0===r||32!==r.length)return new Error("Malformed OpenSSH private key");const n=y(e,e._pos);if(void 0===n||64!==n.length)return new Error("Malformed OpenSSH private key");o=x(r),a=F(r),i=M(_(n,0,32)),t=null;break}case"ecdsa-sha2-nistp256":t="sha256",s="1.2.840.10045.3.1.7";case"ecdsa-sha2-nistp384":void 0===t&&(t="sha384",s="1.3.132.0.34");case"ecdsa-sha2-nistp521":{if(void 0===t&&(t="sha512",s="1.3.132.0.35"),!L(e,1))return new Error("Malformed OpenSSH private key");const r=y(e,e._pos);if(void 0===r)return new Error("Malformed OpenSSH private key");const n=y(e,e._pos);if(void 0===n)return new Error("Malformed OpenSSH private key");o=K(s,r),a=W(s,r),i=q(s,r,n);break}default:return new Error(`Unsupported OpenSSH private key type: ${c}`)}const h=y(e,e._pos,!0);if(void 0===h)return new Error("Malformed OpenSSH private key");n.push(new $(c,h,i,o,a,t,r))}let o=0;for(i=e._pos;i<e.length;++i)if(e[i]!==++o%255)return new Error("Malformed OpenSSH private key");return n}$.parse=(e,t)=>{const r=ie.exec(e);if(null===r)return null;let i;const s=Buffer.from(r[1],"base64");if(s.length<31)return new Error("Malformed OpenSSH private key");const o=s.utf8Slice(0,15);if("openssh-key-v1\0"!==o)return new Error(`Unsupported OpenSSH key magic: ${o}`);const a=y(s,15,!0);if(void 0===a)return new Error("Malformed OpenSSH private key");if("none"!==a&&-1===E.indexOf(a))return new Error(`Unsupported cipher for OpenSSH key: ${a}`);const c=y(s,s._pos,!0);if(void 0===c)return new Error("Malformed OpenSSH private key");if("none"!==c){if("none"===a)return new Error("Malformed OpenSSH private key");if("bcrypt"!==c)return new Error(`Unsupported kdf name for OpenSSH key: ${c}`);if(!t)return new Error("Encrypted private OpenSSH key detected, but no passphrase given")}else if("none"!==a)return new Error("Malformed OpenSSH private key");let h,l,f;"none"!==a&&(h=A[a]);const u=y(s,s._pos);if(void 0===u)return new Error("Malformed OpenSSH private key");if(u.length)switch(c){case"none":return new Error("Malformed OpenSSH private key");case"bcrypt":{const e=y(u,0);if(void 0===e||u._pos+4>u.length)return new Error("Malformed OpenSSH private key");const r=w(u,u._pos),n=Buffer.allocUnsafe(h.keyLen+h.ivLen);if(0!==g(t,t.length,e,e.length,n,n.length,r))return new Error("Failed to generate information to decrypt key");l=_(n,0,h.keyLen),f=_(n,h.keyLen,n.length);break}}else if("none"!==c)return new Error("Malformed OpenSSH private key");if(s._pos+3>=s.length)return new Error("Malformed OpenSSH private key");const d=w(s,s._pos);if(s._pos+=4,d>0){for(let e=0;e<d;++e){const e=y(s,s._pos);if(void 0===e)return new Error("Malformed OpenSSH private key");if(void 0===y(e,0,!0))return new Error("Malformed OpenSSH private key")}let e=y(s,s._pos);if(void 0===e)return new Error("Malformed OpenSSH private key");if(void 0!==l){if(e.length<h.blockLen||e.length%h.blockLen!==0)return new Error("Malformed OpenSSH private key");try{const t={authTagLength:h.authLen},r=n(h.sslName,l,f,t);if(r.setAutoPadding(!1),h.authLen>0){if(s.length-s._pos<h.authLen)return new Error("Malformed OpenSSH private key");r.setAuthTag(_(s,s._pos,s._pos+=h.authLen))}e=T(r.update(e),r.final())}catch(e){return e}}if(s._pos!==s.length)return new Error("Malformed OpenSSH private key");i=se(e,d,void 0!==l)}else i=[];return i instanceof Error?i:i[0]}}function Y(e,t,r,n,i,s,o){this.type=e,this.comment=t,this[S]=r,this[v]=n,this[C]=i,this[m]=s,this[B]=o}Y.prototype=G;{const oe=/^-----BEGIN (RSA|DSA|EC) PRIVATE KEY-----(?:\r\n|\n)((?:[^:]+:\s*[\S].*(?:\r\n|\n))*)([\s\S]+)(?:\r\n|\n)-----END (RSA|DSA|EC) PRIVATE KEY-----$/;Y.parse=(e,t)=>{const r=oe.exec(e);if(null===r)return null;let o,a,c,h,l,f,g=Buffer.from(r[3],"base64"),A=r[2],p=!1;if(void 0!==A){A=A.split(/\r\n|\n/g);for(let e=0;e<A.length;++e){const r=A[e];let i=r.indexOf(":");if("DEK-Info"===r.slice(0,i)){const e=r.slice(i+2);if(i=e.indexOf(","),-1===i)continue;const o=e.slice(0,i).toLowerCase();if(-1===u.indexOf(o))return new Error(`Cipher (${o}) not supported for encrypted OpenSSH private key`);const a=k[o];if(!a)return new Error(`Cipher (${o}) not supported for encrypted OpenSSH private key`);const c=Buffer.from(e.slice(i+1),"hex");if(c.length!==a.ivLen)return new Error("Malformed encrypted OpenSSH private key");if(!t)return new Error("Encrypted OpenSSH private key detected, but no passphrase given");const h=_(c,0,8);let l=s("md5").update(t).update(h).digest();for(;l.length<a.keyLen;)l=T(l,s("md5").update(l).update(t).update(h).digest());l.length>a.keyLen&&(l=_(l,0,a.keyLen));try{const e=n(o,l,c);e.setAutoPadding(!1),g=T(e.update(g),e.final()),p=!0}catch(e){return e}}}}let E="Malformed OpenSSH private key";switch(p&&(E+=". Bad passphrase?"),r[1]){case"RSA":o="ssh-rsa",a=N("RSA PRIVATE",g);try{f=new d.Reader(g),f.readSequence(),f.readInt();const e=f.readString(d.Integer,!0);if(null===e)return new Error(E);const t=f.readString(d.Integer,!0);if(null===t)return new Error(E);c=O(e,t),h=U(e,t)}catch{return new Error(E)}l="sha1";break;case"DSA":o="ssh-dss",a=N("DSA PRIVATE",g);try{f=new d.Reader(g),f.readSequence(),f.readInt();const e=f.readString(d.Integer,!0);if(null===e)return new Error(E);const t=f.readString(d.Integer,!0);if(null===t)return new Error(E);const r=f.readString(d.Integer,!0);if(null===r)return new Error(E);const n=f.readString(d.Integer,!0);if(null===n)return new Error(E);c=Q(e,t,r,n),h=D(e,t,r,n)}catch{return new Error(E)}l="sha1";break;case"EC":{let e,t,r;try{f=new d.Reader(g),f.readSequence(),f.readInt(),t=f.readString(d.OctetString,!0),f.readByte();const n=f.readLength();if(null===n)return new Error(E);if(f._offset=n,r=f.readOID(),null===r)return new Error(E);switch(r){case"1.2.840.10045.3.1.7":e="prime256v1",o="ecdsa-sha2-nistp256",l="sha256";break;case"1.3.132.0.34":e="secp384r1",o="ecdsa-sha2-nistp384",l="sha384";break;case"1.3.132.0.35":e="secp521r1",o="ecdsa-sha2-nistp521",l="sha512";break;default:return new Error(`Unsupported private key EC OID: ${r}`)}}catch{return new Error(E)}a=N("EC PRIVATE",g);const n=function(e,t){const r=i(e);return r.setPrivateKey(t),r.getPublicKey()}(e,t);c=K(r,n),h=W(r,n);break}}return new Y(o,"",a,c,h,l,p)}}function X(e,t,r,n,i,s,o){this.type=e,this.comment=t,this[S]=r,this[v]=n,this[C]=i,this[m]=s,this[B]=o}X.prototype=G;{const ae=Buffer.alloc(0),ce=Buffer.from([0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]),he=Buffer.from([0,0,0,0]),le=Buffer.from([0,0,0,1]),fe=/^PuTTY-User-Key-File-2: (ssh-(?:rsa|dss))\r?\nEncryption: (aes256-cbc|none)\r?\nComment: ([^\r\n]*)\r?\nPublic-Lines: \d+\r?\n([\s\S]+?)\r?\nPrivate-Lines: \d+\r?\n([\s\S]+?)\r?\nPrivate-MAC: ([^\r\n]+)/;X.parse=(e,t)=>{const r=fe.exec(e);if(null===r)return null;const i=r[2],a="none"!==i;if(a&&!t)return new Error("Encrypted PPK private key detected, but no passphrase given");let c=Buffer.from(r[5],"base64");if(a){const e=A[i];let r=T(s("sha1").update(he).update(t).digest(),s("sha1").update(le).update(t).digest());r.length>e.keyLen&&(r=_(r,0,e.keyLen));try{const t=n(e.sslName,r,ce);t.setAutoPadding(!1),c=T(t.update(c),t.final())}catch(e){return e}}const h=r[1],l=r[3],f=Buffer.from(r[4],"base64"),u=r[6],d=h.length,g=i.length,p=Buffer.byteLength(l),E=f.length,I=c.length,w=Buffer.allocUnsafe(4+d+4+g+4+p+4+E+4+I);let m,S,v,C=0;if(b(w,d,C),w.utf8Write(h,C+=4,d),b(w,g,C+=d),w.utf8Write(i,C+=4,g),b(w,p,C+=g),w.utf8Write(l,C+=4,p),b(w,E,C+=p),w.set(f,C+=4),b(w,I,C+=E),w.set(c,C+4),t||(t=ae),o("sha1",s("sha1").update("putty-private-key-file-mac-key").update(t).digest()).update(w).digest("hex")!==u)return a?new Error("PPK private key integrity check failed -- bad passphrase?"):new Error("PPK private key integrity check failed");switch(f._pos=0,L(f,1),h){case"ssh-rsa":{const e=y(f,f._pos);if(void 0===e)return new Error("Malformed PPK public key");const t=y(f,f._pos);if(void 0===t)return new Error("Malformed PPK public key");const r=y(c,0);if(void 0===r)return new Error("Malformed PPK private key");const n=y(c,c._pos);if(void 0===n)return new Error("Malformed PPK private key");const i=y(c,c._pos);if(void 0===i)return new Error("Malformed PPK private key");const s=y(c,c._pos);if(void 0===s)return new Error("Malformed PPK private key");m=O(t,e),S=U(t,e),v=P(t,e,r,s,n,i);break}case"ssh-dss":{const e=y(f,f._pos);if(void 0===e)return new Error("Malformed PPK public key");const t=y(f,f._pos);if(void 0===t)return new Error("Malformed PPK public key");const r=y(f,f._pos);if(void 0===r)return new Error("Malformed PPK public key");const n=y(f,f._pos);if(void 0===n)return new Error("Malformed PPK public key");const i=y(c,0);if(void 0===i)return new Error("Malformed PPK private key");m=Q(e,t,r,n),S=D(e,t,r,n),v=H(e,t,r,n,i);break}}return new X(h,l,v,m,S,"sha1",a)}}function j(e,t,r,n,i){this.type=e,this.comment=t,this[S]=null,this[v]=r,this[C]=n,this[m]=i,this[B]=!1}j.prototype=G;{let ue;ue=p?/^(((?:ssh-(?:rsa|dss|ed25519))|ecdsa-sha2-nistp(?:256|384|521))(?:-cert-v0[01]@openssh.com)?) ([A-Z0-9a-z/+=]+)(?:$|\s+([\S].*)?)$/:/^(((?:ssh-(?:rsa|dss))|ecdsa-sha2-nistp(?:256|384|521))(?:-cert-v0[01]@openssh.com)?) ([A-Z0-9a-z/+=]+)(?:$|\s+([\S].*)?)$/,j.parse=e=>{const t=ue.exec(e);if(null===t)return null;const r=t[1],n=t[2],i=Buffer.from(t[3],"base64"),s=t[4]||"",o=y(i,i._pos,!0);return void 0===o||0!==o.indexOf(n)?new Error("Malformed OpenSSH public key"):z(i,n,s,r)}}function V(e,t,r,n,i){this.type=e,this.comment=t,this[S]=null,this[v]=r,this[C]=n,this[m]=i,this[B]=!1}V.prototype=G;{const de=/^---- BEGIN SSH2 PUBLIC KEY ----(?:\r?\n)((?:.{0,72}\r?\n)+)---- END SSH2 PUBLIC KEY ----$/,ge=/^[A-Z0-9a-z/+=\r\n]+$/,Ae=/^([\x21-\x39\x3B-\x7E]{1,64}): ((?:[^\\]*\\\r?\n)*[^\r\n]+)\r?\n/gm,pe=/\\\r?\n/g;V.parse=e=>{let t=de.exec(e);if(null===t)return null;const r=t[1];let n=0,i="";for(;t=Ae.exec(r);){const e=t[1],r=t[2].replace(pe,"");if(r.length>1024)return Ae.lastIndex=0,new Error("Malformed RFC4716 public key");n=Ae.lastIndex,"comment"===e.toLowerCase()&&(i=r,i.length>1&&34===i.charCodeAt(0)&&34===i.charCodeAt(i.length-1)&&(i=i.slice(1,-1)))}let s=r.slice(n);if(!ge.test(s))return new Error("Malformed RFC4716 public key");s=Buffer.from(s,"base64");const o=y(s,0,!0);if(void 0===o)return new Error("Malformed RFC4716 public key");let a=null,c=null;switch(o){case"ssh-rsa":{const e=y(s,s._pos);if(void 0===e)return new Error("Malformed RFC4716 public key");const t=y(s,s._pos);if(void 0===t)return new Error("Malformed RFC4716 public key");a=O(t,e),c=U(t,e);break}case"ssh-dss":{const e=y(s,s._pos);if(void 0===e)return new Error("Malformed RFC4716 public key");const t=y(s,s._pos);if(void 0===t)return new Error("Malformed RFC4716 public key");const r=y(s,s._pos);if(void 0===r)return new Error("Malformed RFC4716 public key");const n=y(s,s._pos);if(void 0===n)return new Error("Malformed RFC4716 public key");a=Q(e,t,r,n),c=D(e,t,r,n);break}default:return new Error("Malformed RFC4716 public key")}return new V(o,i,a,c,"sha1")}}function z(e,t,r,n){if(!J(t))return new Error(`Unsupported OpenSSH public key type: ${t}`);let i,s,o=null,a=null;switch(t){case"ssh-rsa":{const t=y(e,e._pos||0);if(void 0===t)return new Error("Malformed OpenSSH public key");const r=y(e,e._pos);if(void 0===r)return new Error("Malformed OpenSSH public key");o=O(r,t),a=U(r,t),i="sha1";break}case"ssh-dss":{const t=y(e,e._pos||0);if(void 0===t)return new Error("Malformed OpenSSH public key");const r=y(e,e._pos);if(void 0===r)return new Error("Malformed OpenSSH public key");const n=y(e,e._pos);if(void 0===n)return new Error("Malformed OpenSSH public key");const s=y(e,e._pos);if(void 0===s)return new Error("Malformed OpenSSH public key");o=Q(t,r,n,s),a=D(t,r,n,s),i="sha1";break}case"ssh-ed25519":{const t=y(e,e._pos||0);if(void 0===t||32!==t.length)return new Error("Malformed OpenSSH public key");o=x(t),a=F(t),i=null;break}case"ecdsa-sha2-nistp256":i="sha256",s="1.2.840.10045.3.1.7";case"ecdsa-sha2-nistp384":void 0===i&&(i="sha384",s="1.3.132.0.34");case"ecdsa-sha2-nistp521":{if(void 0===i&&(i="sha512",s="1.3.132.0.35"),!L(e,1))return new Error("Malformed OpenSSH public key");const t=y(e,e._pos||0);if(void 0===t)return new Error("Malformed OpenSSH public key");o=K(s,t),a=W(s,t);break}default:return new Error(`Unsupported OpenSSH public key type: ${t}`)}return new j(n,r,o,a,i)}function J(e){switch(e){case"ssh-rsa":case"ssh-dss":case"ecdsa-sha2-nistp256":case"ecdsa-sha2-nistp384":case"ecdsa-sha2-nistp521":return!0;case"ssh-ed25519":if(p)return!0;default:return!1}}function Z(e){return!!e&&"boolean"==typeof e[B]}function ee(e,t){if(Z(e))return e;let r,n;if(Buffer.isBuffer(e))r=e,e=e.utf8Slice(0,e.length).trim();else{if("string"!=typeof e)return new Error("Key data must be a Buffer or string");e=e.trim()}if(null!=t)if("string"==typeof t)t=Buffer.from(t);else if(!Buffer.isBuffer(t))return new Error("Passphrase must be a string or Buffer when supplied");if(null!==(n=$.parse(e,t)))return n;if(null!==(n=Y.parse(e,t)))return n;if(null!==(n=X.parse(e,t)))return n;if(null!==(n=j.parse(e)))return n;if(null!==(n=V.parse(e)))return n;if(r){R.init(r,0);const t=R.readString(!0);void 0!==t&&void 0!==(e=R.readRaw())&&(n=z(e,t,"",t),n instanceof Error&&(n=null)),R.clear()}return n||new Error("Unsupported key format")}e.exports={isParsedKey:Z,isSupportedKeyType:J,parseDERKey:(e,t)=>z(e,t,"",t),parseKey:ee}},861:(e,t,r)=>{const{createDiffieHellman:n,createDiffieHellmanGroup:i,createECDH:s,createHash:o,createPublicKey:a,diffieHellman:c,generateKeyPairSync:h,randomFillSync:l}=r(6982),{Ber:f}=r(8982),{COMPAT:u,curve25519Supported:d,DEFAULT_KEX:g,DEFAULT_SERVER_HOST_KEY:A,DEFAULT_CIPHER:p,DEFAULT_MAC:E,DEFAULT_COMPRESSION:_,DISCONNECT_REASON:I,MESSAGE:y}=r(2132),{CIPHER_INFO:w,createCipher:b,createDecipher:m,MAC_INFO:S}=r(9912),{parseDERKey:v}=r(605),{bufferFill:C,bufferParser:B,convertSignature:k,doFatalError:R,FastBuffer:N,sigSSHToASN1:T,writeUInt32BE:L}=r(3160),{PacketReader:O,PacketWriter:U,ZlibPacketReader:P,ZlibPacketWriter:Q}=r(192);let D;const H=Buffer.alloc(0);function x(e){let t;if(e._compatFlags&u.BAD_DHGEX){const r=e._offer.lists.kex;let n=r.array,i=!1;for(let e=0;e<n.length;++e)n[e].includes("group-exchange")&&(i||(i=!0,n=n.slice()),n.splice(e--,1));if(i){let i=17+e._offer.totalSize+1+4;const s=Buffer.from(n.join(","));i-=r.buffer.length-s.length;const o=e._offer.lists.all,a=new Uint8Array(o.buffer,o.byteOffset+4+r.buffer.length,o.length-(4+r.buffer.length));t=Buffer.allocUnsafe(i),L(t,s.length,17),t.set(s,21),t.set(a,21+s.length)}}void 0===t&&(t=Buffer.allocUnsafe(17+e._offer.totalSize+1+4),e._offer.copyAllTo(t,17)),e._debug&&e._debug("Outbound: Sending KEXINIT"),t[0]=y.KEXINIT,l(t,1,16),C(t,0,t.length-5),e._kexinit=t,e._packetRW.write.allocStart=0;{const r=e._packetRW.write.allocStartKEX,n=e._packetRW.write.alloc(t.length,!0);n.set(t,r),e._cipher.encrypt(e._packetRW.write.finalize(n,!0))}}function F(e,t){const r={kex:void 0,serverHostKey:void 0,cs:{cipher:void 0,mac:void 0,compress:void 0,lang:void 0},sc:{cipher:void 0,mac:void 0,compress:void 0,lang:void 0}};if(B.init(t,17),void 0===(r.kex=B.readList())||void 0===(r.serverHostKey=B.readList())||void 0===(r.cs.cipher=B.readList())||void 0===(r.sc.cipher=B.readList())||void 0===(r.cs.mac=B.readList())||void 0===(r.sc.mac=B.readList())||void 0===(r.cs.compress=B.readList())||void 0===(r.sc.compress=B.readList())||void 0===(r.cs.lang=B.readList())||void 0===(r.sc.lang=B.readList()))return B.clear(),R(e,"Received malformed KEXINIT","handshake",I.KEY_EXCHANGE_FAILED);const n=B.pos(),i=n<t.length&&1===t[n];B.clear();const s=e._offer,o=r;let a,c,h,l=s.lists.kex.array;if(e._compatFlags&u.BAD_DHGEX){let e=!1;for(let t=0;t<l.length;++t)-1!==l[t].indexOf("group-exchange")&&(e||(e=!0,l=l.slice()),l.splice(t--,1))}const f=e._debug;let d;if(f&&f("Inbound: Handshake in progress"),f&&f(`Handshake: (local) KEX method: ${l}`),f&&f(`Handshake: (remote) KEX method: ${o.kex}`),e._server?(c=l,a=o.kex,d=-1!==a.indexOf("ext-info-c")):(c=o.kex,a=l,d=-1!==c.indexOf("ext-info-s")),void 0===e._strictMode&&(e._server?e._strictMode=-1!==a.indexOf("kex-strict-c-v00@openssh.com"):e._strictMode=-1!==c.indexOf("kex-strict-s-v00@openssh.com"),e._strictMode&&(f&&f("Handshake: strict KEX mode enabled"),1!==e._decipher.inSeqno)))return f&&f("Handshake: KEXINIT not first packet in strict KEX mode"),R(e,"Handshake failed: KEXINIT not first packet in strict KEX mode","handshake",I.KEY_EXCHANGE_FAILED);for(h=0;h<a.length&&-1===c.indexOf(a[h]);++h);if(h===a.length)return f&&f("Handshake: no matching key exchange algorithm"),R(e,"Handshake failed: no matching key exchange algorithm","handshake",I.KEY_EXCHANGE_FAILED);r.kex=a[h],f&&f(`Handshake: KEX algorithm: ${a[h]}`),!i||o.kex.length&&a[h]===o.kex[0]||(e._skipNextInboundPacket=!0);const g=s.lists.serverHostKey.array;for(f&&f(`Handshake: (local) Host key format: ${g}`),f&&f(`Handshake: (remote) Host key format: ${o.serverHostKey}`),e._server?(c=g,a=o.serverHostKey):(c=o.serverHostKey,a=g),h=0;h<a.length&&-1===c.indexOf(a[h]);++h);if(h===a.length)return f&&f("Handshake: No matching host key format"),R(e,"Handshake failed: no matching host key format","handshake",I.KEY_EXCHANGE_FAILED);r.serverHostKey=a[h],f&&f(`Handshake: Host key format: ${a[h]}`);const A=s.lists.cs.cipher.array;for(f&&f(`Handshake: (local) C->S cipher: ${A}`),f&&f(`Handshake: (remote) C->S cipher: ${o.cs.cipher}`),e._server?(c=A,a=o.cs.cipher):(c=o.cs.cipher,a=A),h=0;h<a.length&&-1===c.indexOf(a[h]);++h);if(h===a.length)return f&&f("Handshake: No matching C->S cipher"),R(e,"Handshake failed: no matching C->S cipher","handshake",I.KEY_EXCHANGE_FAILED);r.cs.cipher=a[h],f&&f(`Handshake: C->S Cipher: ${a[h]}`);const p=s.lists.sc.cipher.array;for(f&&f(`Handshake: (local) S->C cipher: ${p}`),f&&f(`Handshake: (remote) S->C cipher: ${o.sc.cipher}`),e._server?(c=p,a=o.sc.cipher):(c=o.sc.cipher,a=p),h=0;h<a.length&&-1===c.indexOf(a[h]);++h);if(h===a.length)return f&&f("Handshake: No matching S->C cipher"),R(e,"Handshake failed: no matching S->C cipher","handshake",I.KEY_EXCHANGE_FAILED);r.sc.cipher=a[h],f&&f(`Handshake: S->C cipher: ${a[h]}`);const E=s.lists.cs.mac.array;if(f&&f(`Handshake: (local) C->S MAC: ${E}`),f&&f(`Handshake: (remote) C->S MAC: ${o.cs.mac}`),w[r.cs.cipher].authLen>0)r.cs.mac="",f&&f("Handshake: C->S MAC: <implicit>");else{for(e._server?(c=E,a=o.cs.mac):(c=o.cs.mac,a=E),h=0;h<a.length&&-1===c.indexOf(a[h]);++h);if(h===a.length)return f&&f("Handshake: No matching C->S MAC"),R(e,"Handshake failed: no matching C->S MAC","handshake",I.KEY_EXCHANGE_FAILED);r.cs.mac=a[h],f&&f(`Handshake: C->S MAC: ${a[h]}`)}const _=s.lists.sc.mac.array;if(f&&f(`Handshake: (local) S->C MAC: ${_}`),f&&f(`Handshake: (remote) S->C MAC: ${o.sc.mac}`),w[r.sc.cipher].authLen>0)r.sc.mac="",f&&f("Handshake: S->C MAC: <implicit>");else{for(e._server?(c=_,a=o.sc.mac):(c=o.sc.mac,a=_),h=0;h<a.length&&-1===c.indexOf(a[h]);++h);if(h===a.length)return f&&f("Handshake: No matching S->C MAC"),R(e,"Handshake failed: no matching S->C MAC","handshake",I.KEY_EXCHANGE_FAILED);r.sc.mac=a[h],f&&f(`Handshake: S->C MAC: ${a[h]}`)}const y=s.lists.cs.compress.array;for(f&&f(`Handshake: (local) C->S compression: ${y}`),f&&f(`Handshake: (remote) C->S compression: ${o.cs.compress}`),e._server?(c=y,a=o.cs.compress):(c=o.cs.compress,a=y),h=0;h<a.length&&-1===c.indexOf(a[h]);++h);if(h===a.length)return f&&f("Handshake: No matching C->S compression"),R(e,"Handshake failed: no matching C->S compression","handshake",I.KEY_EXCHANGE_FAILED);r.cs.compress=a[h],f&&f(`Handshake: C->S compression: ${a[h]}`);const b=s.lists.sc.compress.array;for(f&&f(`Handshake: (local) S->C compression: ${b}`),f&&f(`Handshake: (remote) S->C compression: ${o.sc.compress}`),e._server?(c=b,a=o.sc.compress):(c=o.sc.compress,a=b),h=0;h<a.length&&-1===c.indexOf(a[h]);++h);if(h===a.length)return f&&f("Handshake: No matching S->C compression"),R(e,"Handshake failed: no matching S->C compression","handshake",I.KEY_EXCHANGE_FAILED);r.sc.compress=a[h],f&&f(`Handshake: S->C compression: ${a[h]}`),r.cs.lang="",r.sc.lang="",e._kex&&(e._kexinit||x(e),e._decipher._onPayload=G.bind(e,{firstPacket:!1})),e._kex=M(r,e,t),e._kex.remoteExtInfoEnabled=d,e._kex.start()}const M=(()=>{function e(e){let t,r=0,n=e.length;for(;0===e[r];)++r,--n;return 128&e[r]?(t=Buffer.allocUnsafe(1+n),t[0]=0,e.copy(t,1,r),e=t):n!==e.length&&(t=Buffer.allocUnsafe(n),e.copy(t,0,r),e=t),e}class t{constructor(e,t,r){this._protocol=t,this.sessionID=t._kex?t._kex.sessionID:void 0,this.negotiated=e,this.remoteExtInfoEnabled=!1,this._step=1,this._public=null,this._dh=null,this._sentNEWKEYS=!1,this._receivedNEWKEYS=!1,this._finished=!1,this._hostVerified=!1,this._kexinit=t._kexinit,this._remoteKexinit=r,this._identRaw=t._identRaw,this._remoteIdentRaw=t._remoteIdentRaw,this._hostKey=void 0,this._dhData=void 0,this._sig=void 0}finish(e){if(this._finished)return!1;this._finished=!0;const t=this._protocol._server,r=this.negotiated,n=this.convertPublicKey(this._dhData);let i=this.computeSecret(this._dhData);if(i instanceof Error)return i.message=`Error while computing DH secret (${this.type}): ${i.message}`,i.level="handshake",R(this._protocol,i,I.KEY_EXCHANGE_FAILED);const s=o(this.hashName);W(s,t?this._remoteIdentRaw:this._identRaw),W(s,t?this._identRaw:this._remoteIdentRaw),W(s,t?this._remoteKexinit:this._kexinit),W(s,t?this._kexinit:this._remoteKexinit);const a=t?this._hostKey.getPublicSSH():this._hostKey;if(W(s,a),"groupex"===this.type){const e=this.getDHParams(),t=Buffer.allocUnsafe(4);L(t,this._minBits,0),s.update(t),L(t,this._prefBits,0),s.update(t),L(t,this._maxBits,0),s.update(t),W(s,e.prime),W(s,e.generator)}W(s,t?n:this.getPublicKey());const c=t?this.getPublicKey():n;W(s,c),W(s,i);const h=s.digest();if(t){let e;switch(this.negotiated.serverHostKey){case"rsa-sha2-256":e="sha256";break;case"rsa-sha2-512":e="sha512"}this._protocol._debug&&this._protocol._debug("Generating signature ...");let t=this._hostKey.sign(h,e);if(t instanceof Error)return R(this._protocol,`Handshake failed: signature generation failed for ${this._hostKey.type} host key: ${t.message}`,"handshake",I.KEY_EXCHANGE_FAILED);if(t=k(t,this._hostKey.type),!1===t)return R(this._protocol,`Handshake failed: signature conversion failed for ${this._hostKey.type} host key`,"handshake",I.KEY_EXCHANGE_FAILED);const r=this.negotiated.serverHostKey,n=Buffer.byteLength(r),i=4+n+4+t.length;let s=this._protocol._packetRW.write.allocStartKEX;const o=this._protocol._packetRW.write.alloc(5+a.length+4+c.length+4+i,!0);if(o[s]=y.KEXDH_REPLY,L(o,a.length,++s),o.set(a,s+=4),L(o,c.length,s+=a.length),o.set(c,s+=4),L(o,i,s+=c.length),L(o,n,s+=4),o.utf8Write(r,s+=4,n),L(o,t.length,s+=n),o.set(t,s+=4),this._protocol._debug){let e;switch(this.type){case"group":e="KEXDH_REPLY";break;case"groupex":e="KEXDH_GEX_REPLY";break;default:e="KEXECDH_REPLY"}this._protocol._debug(`Outbound: Sending ${e}`)}this._protocol._cipher.encrypt(this._protocol._packetRW.write.finalize(o,!0))}else{B.init(this._sig,0);const e=B.readString(!0);if(!e)return R(this._protocol,"Malformed packet while reading signature","handshake",I.KEY_EXCHANGE_FAILED);if(e!==r.serverHostKey)return R(this._protocol,`Wrong signature type: ${e}, expected: ${r.serverHostKey}`,"handshake",I.KEY_EXCHANGE_FAILED);let t,n,i=B.readString();if(B.clear(),void 0===i)return R(this._protocol,"Malformed packet while reading signature","handshake",I.KEY_EXCHANGE_FAILED);if(!(i=T(i,e)))return R(this._protocol,"Malformed signature","handshake",I.KEY_EXCHANGE_FAILED);{B.init(this._hostKey,0);const e=B.readString(!0),r=this._hostKey.slice(B.pos());if(B.clear(),t=v(r,e),t instanceof Error)return t.level="handshake",R(this._protocol,t,I.KEY_EXCHANGE_FAILED)}switch(this.negotiated.serverHostKey){case"rsa-sha2-256":n="sha256";break;case"rsa-sha2-512":n="sha512"}this._protocol._debug&&this._protocol._debug("Verifying signature ...");const s=t.verify(h,i,n);if(!0!==s)return s instanceof Error?this._protocol._debug&&this._protocol._debug(`Signature verification failed: ${s.stack}`):this._protocol._debug&&this._protocol._debug("Signature verification failed"),R(this._protocol,"Handshake failed: signature verification failed","handshake",I.KEY_EXCHANGE_FAILED);this._protocol._debug&&this._protocol._debug("Verified signature")}let l,f;!t&&e||$(this);const u=e=>{if(l)return $(this),l.outbound.seqno=this._protocol._cipher.outSeqno,this._protocol._cipher.free(),this._protocol._cipher=b(l),this._protocol._packetRW.write=f,l=void 0,f=void 0,this._protocol._onHandshakeComplete(r),!1;this.sessionID||(this.sessionID=h);{const e=Buffer.allocUnsafe(4+i.length);L(e,i.length,0),e.set(i,4),i=e}const n=w[r.cs.cipher],s=w[r.sc.cipher],o=q(n.ivLen,this.hashName,i,h,this.sessionID,"A"),a=q(s.ivLen,this.hashName,i,h,this.sessionID,"B"),c=q(n.keyLen,this.hashName,i,h,this.sessionID,"C"),d=q(s.keyLen,this.hashName,i,h,this.sessionID,"D");let g,A,p,E;n.authLen||(g=S[r.cs.mac],A=q(g.len,this.hashName,i,h,this.sessionID,"E")),s.authLen||(p=S[r.sc.mac],E=q(p.len,this.hashName,i,h,this.sessionID,"F"));const _={inbound:{onPayload:this._protocol._onPayload,seqno:this._protocol._decipher.inSeqno,decipherInfo:t?n:s,decipherIV:t?o:a,decipherKey:t?c:d,macInfo:t?g:p,macKey:t?A:E},outbound:{onWrite:this._protocol._onWrite,seqno:this._protocol._cipher.outSeqno,cipherInfo:t?s:n,cipherIV:t?a:o,cipherKey:t?d:c,macInfo:t?p:g,macKey:t?E:A}};this._protocol._decipher.free(),l=_,this._protocol._decipher=m(_);const I={read:void 0,write:void 0};switch(r.cs.compress){case"zlib":t?I.read=new P:I.write=new Q(this._protocol);break;case"zlib@openssh.com":if(this._protocol._authenticated){t?I.read=new P:I.write=new Q(this._protocol);break}default:t?I.read=new O:I.write=new U(this._protocol)}switch(r.sc.compress){case"zlib":t?I.write=new Q(this._protocol):I.read=new P;break;case"zlib@openssh.com":if(this._protocol._authenticated){t?I.write=new Q(this._protocol):I.read=new P;break}default:t?I.write=new U(this._protocol):I.read=new O}return this._protocol._packetRW.read.cleanup(),this._protocol._packetRW.write.cleanup(),this._protocol._packetRW.read=I.read,f=I.write,this._public=null,this._dh=null,this._kexinit=this._protocol._kexinit=void 0,this._remoteKexinit=void 0,this._identRaw=void 0,this._remoteIdentRaw=void 0,this._hostKey=void 0,this._dhData=void 0,this._sig=void 0,!e&&u()};return(t||e)&&(this.finish=u),t?void 0:u(e)}start(){if(!this._protocol._server){if(this._protocol._debug){let e;e="group"===this.type?"KEXDH_INIT":"KEXECDH_INIT",this._protocol._debug(`Outbound: Sending ${e}`)}const e=this.getPublicKey();let t=this._protocol._packetRW.write.allocStartKEX;const r=this._protocol._packetRW.write.alloc(5+e.length,!0);r[t]=y.KEXDH_INIT,L(r,e.length,++t),r.set(e,t+=4),this._protocol._cipher.encrypt(this._protocol._packetRW.write.finalize(r,!0))}}getPublicKey(){this.generateKeys();const e=this._public;if(e)return this.convertPublicKey(e)}convertPublicKey(e){let t,r=0,n=e.length;for(;0===e[r];)++r,--n;return 128&e[r]?(t=Buffer.allocUnsafe(1+n),t[0]=0,e.copy(t,1,r),t):(n!==e.length&&(t=Buffer.allocUnsafe(n),e.copy(t,0,r),e=t),e)}computeSecret(t){this.generateKeys();try{return e(this._dh.computeSecret(t))}catch(e){return e}}parse(e){const t=e[0];switch(this._step){case 1:if(this._protocol._server){if(t!==y.KEXDH_INIT)return R(this._protocol,`Received packet ${t} instead of ${y.KEXDH_INIT}`,"handshake",I.KEY_EXCHANGE_FAILED);this._protocol._debug&&this._protocol._debug("Received DH Init"),B.init(e,1);const r=B.readString();if(B.clear(),void 0===r)return R(this._protocol,"Received malformed KEX*_INIT","handshake",I.KEY_EXCHANGE_FAILED);this._dhData=r;let n=this._protocol._hostKeys[this.negotiated.serverHostKey];Array.isArray(n)&&(n=n[0]),this._hostKey=n,this.finish()}else{if(t!==y.KEXDH_REPLY)return R(this._protocol,`Received packet ${t} instead of ${y.KEXDH_REPLY}`,"handshake",I.KEY_EXCHANGE_FAILED);let r,n,i;if(this._protocol._debug&&this._protocol._debug("Received DH Reply"),B.init(e,1),void 0===(r=B.readString())||void 0===(n=B.readString())||void 0===(i=B.readString()))return B.clear(),R(this._protocol,"Received malformed KEX*_REPLY","handshake",I.KEY_EXCHANGE_FAILED);B.clear(),B.init(r,0);const s=B.readString(!0);if(B.clear(),void 0===s)return R(this._protocol,"Received malformed host public key","handshake",I.KEY_EXCHANGE_FAILED);if(s!==this.negotiated.serverHostKey)switch(this.negotiated.serverHostKey){case"rsa-sha2-256":case"rsa-sha2-512":if("ssh-rsa"===s)break;default:return R(this._protocol,"Host key does not match negotiated type","handshake",I.KEY_EXCHANGE_FAILED)}this._hostKey=r,this._dhData=n,this._sig=i;let o,a=!1;if(void 0===this._protocol._hostVerifier?(o=!0,this._protocol._debug&&this._protocol._debug("Host accepted by default (no verification)")):o=this._protocol._hostVerifier(r,e=>{if(!a){if(a=!0,!1===e)return this._protocol._debug&&this._protocol._debug("Host denied (verification failed)"),R(this._protocol,"Host denied (verification failed)","handshake",I.KEY_EXCHANGE_FAILED);this._protocol._debug&&this._protocol._debug("Host accepted (verified)"),this._hostVerified=!0,this._receivedNEWKEYS?this.finish():$(this)}}),void 0===o)return void++this._step;if(a=!0,!1===o)return this._protocol._debug&&this._protocol._debug("Host denied (verification failed)"),R(this._protocol,"Host denied (verification failed)","handshake",I.KEY_EXCHANGE_FAILED);this._protocol._debug&&this._protocol._debug("Host accepted (verified)"),this._hostVerified=!0,$(this)}++this._step;break;case 2:return t!==y.NEWKEYS?R(this._protocol,`Received packet ${t} instead of ${y.NEWKEYS}`,"handshake",I.KEY_EXCHANGE_FAILED):(this._protocol._debug&&this._protocol._debug("Inbound: NEWKEYS"),this._receivedNEWKEYS=!0,this._protocol._strictMode&&(this._protocol._decipher.inSeqno=0),++this._step,this.finish(!this._protocol._server&&!this._hostVerified));default:return R(this._protocol,`Received unexpected packet ${t} after NEWKEYS`,"handshake",I.KEY_EXCHANGE_FAILED)}}}class r extends t{constructor(e,...t){super(...t),this.type="25519",this.hashName=e,this._keys=null}generateKeys(){this._keys||(this._keys=h("x25519"))}getPublicKey(){return this.generateKeys(),this._keys.publicKey.export({type:"spki",format:"der"}).slice(-32)}convertPublicKey(e){let t,r=0,n=e.length;for(;0===e[r];)++r,--n;return 32===e.length||n!==e.length&&(t=Buffer.allocUnsafe(n),e.copy(t,0,r),e=t),e}computeSecret(t){this.generateKeys();try{const r=new f.Writer;return r.startSequence(),r.startSequence(),r.writeOID("1.3.101.110"),r.endSequence(),r.startSequence(f.BitString),r.writeByte(0),r._ensure(t.length),t.copy(r._buf,r._offset,0,t.length),r._offset+=t.length,r.endSequence(),r.endSequence(),e(c({privateKey:this._keys.privateKey,publicKey:a({key:r.buffer,type:"spki",format:"der"})}))}catch(e){return e}}}class l extends t{constructor(e,t,...r){super(...r),this.type="ecdh",this.curveName=e,this.hashName=t}generateKeys(){this._dh||(this._dh=s(this.curveName),this._public=this._dh.generateKeys())}}class g extends t{constructor(e,...t){super(...t),this.type="groupex",this.hashName=e,this._prime=null,this._generator=null,this._minBits=2048,this._prefBits=function(e){const t=w[e.cs.cipher],r=w[e.sc.cipher],n=8*Math.max(0,"des-ede3-cbc"===t.sslName?14:t.keyLen,t.blockLen,t.ivLen,"des-ede3-cbc"===r.sslName?14:r.keyLen,r.blockLen,r.ivLen);return n<=112?2048:n<=128?3072:n<=192?7680:8192}(this.negotiated),this._protocol._compatFlags&u.BUG_DHGEX_LARGE&&(this._prefBits=Math.min(this._prefBits,4096)),this._maxBits=8192}start(){if(this._protocol._server)return;this._protocol._debug&&this._protocol._debug("Outbound: Sending KEXDH_GEX_REQUEST");let e=this._protocol._packetRW.write.allocStartKEX;const t=this._protocol._packetRW.write.alloc(13,!0);t[e]=y.KEXDH_GEX_REQUEST,L(t,this._minBits,++e),L(t,this._prefBits,e+=4),L(t,this._maxBits,e+=4),this._protocol._cipher.encrypt(this._protocol._packetRW.write.finalize(t,!0))}generateKeys(){!this._dh&&this._prime&&this._generator&&(this._dh=n(this._prime,this._generator),this._public=this._dh.generateKeys())}setDHParams(e,t){if(!Buffer.isBuffer(e))throw new Error("Invalid prime value");if(!Buffer.isBuffer(t))throw new Error("Invalid generator value");this._prime=e,this._generator=t}getDHParams(){if(this._dh)return{prime:e(this._dh.getPrime()),generator:e(this._dh.getGenerator())}}parse(e){const r=e[0];switch(this._step){case 1:{if(this._protocol._server)return r!==y.KEXDH_GEX_REQUEST?R(this._protocol,`Received packet ${r} instead of `+y.KEXDH_GEX_REQUEST,"handshake",I.KEY_EXCHANGE_FAILED):R(this._protocol,"Group exchange not implemented for server","handshake",I.KEY_EXCHANGE_FAILED);if(r!==y.KEXDH_GEX_GROUP)return R(this._protocol,`Received packet ${r} instead of ${y.KEXDH_GEX_GROUP}`,"handshake",I.KEY_EXCHANGE_FAILED);let t,n;if(this._protocol._debug&&this._protocol._debug("Received DH GEX Group"),B.init(e,1),void 0===(t=B.readString())||void 0===(n=B.readString()))return B.clear(),R(this._protocol,"Received malformed KEXDH_GEX_GROUP","handshake",I.KEY_EXCHANGE_FAILED);B.clear(),this.setDHParams(t,n),this.generateKeys();const i=this.getPublicKey();this._protocol._debug&&this._protocol._debug("Outbound: Sending KEXDH_GEX_INIT");let s=this._protocol._packetRW.write.allocStartKEX;const o=this._protocol._packetRW.write.alloc(5+i.length,!0);o[s]=y.KEXDH_GEX_INIT,L(o,i.length,++s),o.set(i,s+=4),this._protocol._cipher.encrypt(this._protocol._packetRW.write.finalize(o,!0)),++this._step;break}case 2:if(this._protocol._server)return r!==y.KEXDH_GEX_INIT?R(this._protocol,`Received packet ${r} instead of ${y.KEXDH_GEX_INIT}`,"handshake",I.KEY_EXCHANGE_FAILED):(this._protocol._debug&&this._protocol._debug("Received DH GEX Init"),R(this._protocol,"Group exchange not implemented for server","handshake",I.KEY_EXCHANGE_FAILED));if(r!==y.KEXDH_GEX_REPLY)return R(this._protocol,`Received packet ${r} instead of ${y.KEXDH_GEX_REPLY}`,"handshake",I.KEY_EXCHANGE_FAILED);this._protocol._debug&&this._protocol._debug("Received DH GEX Reply"),this._step=1,e[0]=y.KEXDH_REPLY,this.parse=t.prototype.parse,this.parse(e)}}}class A extends t{constructor(e,t,...r){super(...r),this.type="group",this.groupName=e,this.hashName=t}start(){if(!this._protocol._server){this._protocol._debug&&this._protocol._debug("Outbound: Sending KEXDH_INIT");const e=this.getPublicKey();let t=this._protocol._packetRW.write.allocStartKEX;const r=this._protocol._packetRW.write.alloc(5+e.length,!0);r[t]=y.KEXDH_INIT,L(r,e.length,++t),r.set(e,t+=4),this._protocol._cipher.encrypt(this._protocol._packetRW.write.finalize(r,!0))}}generateKeys(){this._dh||(this._dh=i(this.groupName),this._public=this._dh.generateKeys())}getDHParams(){if(this._dh)return{prime:e(this._dh.getPrime()),generator:e(this._dh.getGenerator())}}}return(e,...t)=>{if("object"!=typeof e||null===e)throw new Error("Invalid negotiated argument");const n=e.kex;if("string"==typeof n){switch(t=[e,...t],n){case"curve25519-sha256":case"curve25519-sha256@libssh.org":if(!d)break;return new r("sha256",...t);case"ecdh-sha2-nistp256":return new l("prime256v1","sha256",...t);case"ecdh-sha2-nistp384":return new l("secp384r1","sha384",...t);case"ecdh-sha2-nistp521":return new l("secp521r1","sha512",...t);case"diffie-hellman-group1-sha1":return new A("modp2","sha1",...t);case"diffie-hellman-group14-sha1":return new A("modp14","sha1",...t);case"diffie-hellman-group14-sha256":return new A("modp14","sha256",...t);case"diffie-hellman-group15-sha512":return new A("modp15","sha512",...t);case"diffie-hellman-group16-sha512":return new A("modp16","sha512",...t);case"diffie-hellman-group17-sha512":return new A("modp17","sha512",...t);case"diffie-hellman-group18-sha512":return new A("modp18","sha512",...t);case"diffie-hellman-group-exchange-sha1":return new g("sha1",...t);case"diffie-hellman-group-exchange-sha256":return new g("sha256",...t)}throw new Error(`Unsupported key exchange algorithm: ${n}`)}throw new Error(`Invalid key exchange type: ${n}`)}})(),K=(()=>{const e=["kex","serverHostKey",["cs","cipher"],["sc","cipher"],["cs","mac"],["sc","mac"],["cs","compress"],["sc","compress"],["cs","lang"],["sc","lang"]];return class{constructor(t){if("object"!=typeof t||null===t)throw new TypeError("Argument must be an object");const r={kex:void 0,serverHostKey:void 0,cs:{cipher:void 0,mac:void 0,compress:void 0,lang:void 0},sc:{cipher:void 0,mac:void 0,compress:void 0,lang:void 0},all:void 0};let n=0;for(const i of e){let e,s,o,a;if("string"==typeof i)e=r,s=t[i],o=a=i;else{const n=i[0];e=r[n],a=i[1],s=t[n][a],o=`${n}.${a}`}const c={array:void 0,buffer:void 0};if(Buffer.isBuffer(s))c.array=(""+s).split(","),c.buffer=s,n+=4+s.length;else{if("string"==typeof s&&(s=s.split(",")),!Array.isArray(s))throw new TypeError(`Invalid \`${o}\` type: ${typeof s}`);c.array=s,c.buffer=Buffer.from(s.join(",")),n+=4+c.buffer.length}e[a]=c}const i=Buffer.allocUnsafe(n);r.all=i;let s=0;for(const t of e){let e;e="string"==typeof t?r[t].buffer:r[t[0]][t[1]].buffer,s=L(i,e.length,s),i.set(e,s),s+=e.length}this.totalSize=n,this.lists=r}copyAllTo(e,t){const r=this.lists.all;if("number"!=typeof t)throw new TypeError("Invalid offset value: "+typeof t);if(e.length-t<r.length)throw new Error("Insufficient space to copy list");return e.set(r,t),r.length}}})(),W=(()=>{const e=Buffer.allocUnsafe(4);return(t,r)=>{L(e,r.length,0),t.update(e),t.update(r)}})();function q(e,t,r,n,i,s){let a;if(e){let c=o(t).update(r).update(n).update(s).update(i).digest();for(;c.length<e;){const e=o(t).update(r).update(n).update(c).digest(),i=Buffer.allocUnsafe(c.length+e.length);i.set(c,0),i.set(e,c.length),c=i}a=c.length===e?c:new N(c.buffer,c.byteOffset,e)}else a=H;return a}function G(e,t){if(0===t.length)return void(this._debug&&this._debug("Inbound: Skipping empty packet payload"));if(this._skipNextInboundPacket)return void(this._skipNextInboundPacket=!1);const n=(t=this._packetRW.read.read(t))[0];if(!this._strictMode)switch(n){case y.IGNORE:case y.UNIMPLEMENTED:case y.DEBUG:return D||(D=r(4956)),D[n](this,t)}switch(n){case y.DISCONNECT:return D||(D=r(4956)),D[n](this,t);case y.KEXINIT:return e.firstPacket?(e.firstPacket=!1,F(this,t)):R(this,"Received extra KEXINIT during handshake","handshake",I.KEY_EXCHANGE_FAILED);default:if(n<20||n>49)return R(this,`Received unexpected packet type ${n}`,"handshake",I.KEY_EXCHANGE_FAILED)}return this._kex.parse(t)}function $(e){if(!e._sentNEWKEYS){e._protocol._debug&&e._protocol._debug("Outbound: Sending NEWKEYS");const t=e._protocol._packetRW.write.allocStartKEX,r=e._protocol._packetRW.write.alloc(1,!0);r[t]=y.NEWKEYS,e._protocol._cipher.encrypt(e._protocol._packetRW.write.finalize(r,!0)),e._sentNEWKEYS=!0,e._protocol._strictMode&&(e._protocol._cipher.outSeqno=0)}}e.exports={KexInit:K,kexinit:x,onKEXPayload:G,DEFAULT_KEXINIT_CLIENT:new K({kex:g.concat(["ext-info-c","kex-strict-c-v00@openssh.com"]),serverHostKey:A,cs:{cipher:p,mac:E,compress:_,lang:[]},sc:{cipher:p,mac:E,compress:_,lang:[]}}),DEFAULT_KEXINIT_SERVER:new K({kex:g.concat(["kex-strict-s-v00@openssh.com"]),serverHostKey:A,cs:{cipher:p,mac:E,compress:_,lang:[]},sc:{cipher:p,mac:E,compress:_,lang:[]}}),HANDLERS:{[y.KEXINIT]:F}}},1259:(e,t,r)=>{var n=r(4059).lowlevel.crypto_hash,i=0,s=function(){this.S=[new Uint32Array([3509652390,2564797868,805139163,3491422135,3101798381,1780907670,3128725573,4046225305,614570311,3012652279,134345442,2240740374,1667834072,1901547113,2757295779,4103290238,227898511,1921955416,1904987480,2182433518,2069144605,3260701109,2620446009,720527379,3318853667,677414384,3393288472,3101374703,2390351024,1614419982,1822297739,2954791486,3608508353,3174124327,2024746970,1432378464,3864339955,2857741204,1464375394,1676153920,1439316330,715854006,3033291828,289532110,2706671279,2087905683,3018724369,1668267050,732546397,1947742710,3462151