n8n-nodes-customssh/dist/nodes/CustomSsh/utils/CipherUtils.js

n8n community node for advanced SSH connections with configurable ciphers and network device support

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.CipherUtils = void 0;
/**
 * Utility class for handling SSH cipher configurations
 */
class CipherUtils {
    /**
     * Get list of ciphers based on user selection
     */
    static configureCiphers(cipherSelection) {
        // Modern secure ciphers
        const secureCiphers = [
            'aes128-ctr',
            'aes192-ctr',
            'aes256-ctr',
            'aes128-gcm@openssh.com',
            'aes256-gcm@openssh.com',
            'chacha20-poly1305@openssh.com',
        ];
        // Legacy ciphers (older/less secure, but needed for some devices)
        const legacyCiphers = ['aes128-cbc', 'aes192-cbc', 'aes256-cbc', '3des-cbc'];
        // Handle specific cipher selection
        if (cipherSelection === 'all') {
            return [...secureCiphers, ...legacyCiphers];
        }
        else if (cipherSelection === 'secure-only') {
            return secureCiphers;
        }
        else if (cipherSelection === 'legacy-only') {
            return legacyCiphers;
        }
        else if (cipherSelection === 'aes256-cbc') {
            return ['aes256-cbc']; // Handle specific legacy cipher
        }
        return [cipherSelection];
    }
    /**
     * Configure key exchange algorithms based on compatibility needs
     */
    static configureKexAlgorithms(compatibility) {
        // Modern secure key exchange algorithms
        const secureKex = [
            'ecdh-sha2-nistp256',
            'ecdh-sha2-nistp384',
            'ecdh-sha2-nistp521',
            'diffie-hellman-group-exchange-sha256',
            'diffie-hellman-group14-sha256',
            'diffie-hellman-group16-sha512',
            'diffie-hellman-group18-sha512',
        ];
        // Legacy key exchange algorithms (older/less secure)
        const legacyKex = [
            'diffie-hellman-group1-sha1',
            'diffie-hellman-group14-sha1',
            'diffie-hellman-group-exchange-sha1',
        ];
        if (compatibility === 'high') {
            return [...secureKex, ...legacyKex];
        }
        else if (compatibility === 'legacy-only') {
            return legacyKex;
        }
        else if (compatibility === 'modern-only') {
            return secureKex;
        }
        // Default to medium compatibility
        return [...secureKex, 'diffie-hellman-group14-sha1'];
    }
    /**
     * Configure HMAC algorithms based on security level
     */
    static configureHmacAlgorithms(securityLevel) {
        // Modern secure HMAC algorithms
        const secureHmacs = [
            'hmac-sha2-256-etm@openssh.com',
            'hmac-sha2-512-etm@openssh.com',
            'hmac-sha2-256',
            'hmac-sha2-512',
        ];
        // Legacy HMAC algorithms
        const legacyHmacs = [
            'hmac-sha1',
            'hmac-md5',
            'hmac-sha1-96',
            'hmac-md5-96',
        ];
        if (securityLevel === 'high') {
            return secureHmacs;
        }
        else if (securityLevel === 'low') {
            return [...secureHmacs, ...legacyHmacs];
        }
        // Default to medium security
        return [...secureHmacs, 'hmac-sha1'];
    }
}
exports.CipherUtils = CipherUtils;