@gjsify/crypto 0.3.12 → 0.3.14

package/lib/esm/x509.js

@@ -1,214 +1,223 @@
-import { Buffer } from "node:buffer";
-import { parseX509, parseX509Der, encodeSubjectPublicKeyInfo, derToPem } from "./asn1.js";
+import { derToPem, encodeSubjectPublicKeyInfo, parseX509, parseX509Der } from "./asn1.js";
 import { KeyObject } from "./key-object.js";
 import { createHash } from "./index.js";
-class X509Certificate {
-  _components;
-  _pem;
-  constructor(buf) {
-    if (typeof buf === "string") {
-      this._pem = buf;
-      this._components = parseX509(buf);
-    } else {
-      const bufData = Buffer.isBuffer(buf) ? buf : Buffer.from(buf);
-      const str = bufData.toString("utf8");
-      if (str.includes("-----BEGIN CERTIFICATE-----")) {
-        this._pem = str;
-        this._components = parseX509(str);
-      } else {
-        this._components = parseX509Der(new Uint8Array(bufData.buffer, bufData.byteOffset, bufData.byteLength));
-        this._pem = derToPem(this._components.raw, "CERTIFICATE");
-      }
-    }
-  }
-  /** The DER encoded certificate data. */
-  get raw() {
-    return Buffer.from(this._components.raw);
-  }
-  /** The serial number of the certificate as a hex string. */
-  get serialNumber() {
-    return this._components.serialNumber.toString(16).toUpperCase();
-  }
-  /** The subject of the certificate. */
-  get subject() {
-    return this._components.subject;
-  }
-  /** The issuer of the certificate. */
-  get issuer() {
-    return this._components.issuer;
-  }
-  /** The start date of the certificate validity period. */
-  get validFrom() {
-    return this._components.validFrom.toUTCString();
-  }
-  /** The end date of the certificate validity period. */
-  get validTo() {
-    return this._components.validTo.toUTCString();
-  }
-  /** SHA-1 fingerprint of the certificate. */
-  get fingerprint() {
-    const hash = createHash("sha1").update(this._components.raw).digest();
-    return formatFingerprint(hash);
-  }
-  /** SHA-256 fingerprint of the certificate. */
-  get fingerprint256() {
-    const hash = createHash("sha256").update(this._components.raw).digest();
-    return formatFingerprint(hash);
-  }
-  /** SHA-512 fingerprint of the certificate. */
-  get fingerprint512() {
-    const hash = createHash("sha512").update(this._components.raw).digest();
-    return formatFingerprint(hash);
-  }
-  /** The public key of the certificate as a KeyObject. */
-  get publicKey() {
-    if (!this._components.publicKey) {
-      throw new Error("Certificate does not contain a supported public key type");
-    }
-    const der = encodeSubjectPublicKeyInfo(this._components.publicKey);
-    const pem = derToPem(der, "PUBLIC KEY");
-    return new KeyObject("public", {
-      parsed: { type: "rsa-public", components: this._components.publicKey },
-      pem
-    });
-  }
-  /** The Subject Alternative Name extension, if present. */
-  get subjectAltName() {
-    if (!this._components.subjectAltName || this._components.subjectAltName.length === 0) {
-      return void 0;
-    }
-    return this._components.subjectAltName.join(", ");
-  }
-  /** The key usage extension (stub — returns undefined). */
-  get keyUsage() {
-    return void 0;
-  }
-  /** Information access extension (stub — returns undefined). */
-  get infoAccess() {
-    return void 0;
-  }
-  /** Whether this certificate is a CA certificate. */
-  get ca() {
-    return false;
-  }
-  /**
-   * Check whether the certificate matches the given hostname.
-   */
-  checkHost(name) {
-    const cnMatch = this._components.subject.match(/CN=([^,]+)/);
-    if (cnMatch) {
-      const cn = cnMatch[1].trim();
-      if (matchHostname(cn, name)) return cn;
-    }
-    if (this._components.subjectAltName) {
-      for (const san of this._components.subjectAltName) {
-        if (san.startsWith("DNS:")) {
-          const dnsName = san.substring(4);
-          if (matchHostname(dnsName, name)) return dnsName;
-        }
-      }
-    }
-    return void 0;
-  }
-  /**
-   * Check whether the certificate matches the given email address.
-   */
-  checkEmail(email) {
-    const emailLower = email.toLowerCase();
-    const emailMatch = this._components.subject.match(/emailAddress=([^,]+)/);
-    if (emailMatch && emailMatch[1].toLowerCase() === emailLower) {
-      return emailMatch[1];
-    }
-    return void 0;
-  }
-  /**
-   * Check whether the certificate matches the given IP address.
-   */
-  checkIP(ip) {
-    if (this._components.subjectAltName) {
-      for (const san of this._components.subjectAltName) {
-        if (san.startsWith("IP Address:") && san.substring(11) === ip) {
-          return ip;
-        }
-      }
-    }
-    return void 0;
-  }
-  /**
-   * Verify the certificate signature using the given public key.
-   */
-  verify(_publicKey) {
-    return true;
-  }
-  /**
-   * Check whether this certificate was issued by the given issuer certificate.
-   */
-  checkIssued(otherCert) {
-    return this.issuer === otherCert.subject;
-  }
-  /**
-   * Returns a legacy certificate object for compatibility.
-   */
-  toLegacyObject() {
-    return {
-      subject: parseDNToObject(this._components.subject),
-      issuer: parseDNToObject(this._components.issuer),
-      valid_from: this.validFrom,
-      valid_to: this.validTo,
-      serialNumber: this.serialNumber,
-      fingerprint: this.fingerprint,
-      fingerprint256: this.fingerprint256
-    };
-  }
-  /**
-   * Returns the PEM-encoded certificate.
-   */
-  toString() {
-    return this._pem;
-  }
-  /**
-   * Returns the PEM-encoded certificate in JSON context.
-   */
-  toJSON() {
-    return this._pem;
-  }
-  get [Symbol.toStringTag]() {
-    return "X509Certificate";
-  }
-}
+import { Buffer } from "node:buffer";
+
+//#region src/x509.ts
+/**
+* X509Certificate encapsulates an X.509 certificate and provides
+* read-only access to its information.
+*/
+var X509Certificate = class {
+	_components;
+	_pem;
+	constructor(buf) {
+		if (typeof buf === "string") {
+			this._pem = buf;
+			this._components = parseX509(buf);
+		} else {
+			const bufData = Buffer.isBuffer(buf) ? buf : Buffer.from(buf);
+			const str = bufData.toString("utf8");
+			if (str.includes("-----BEGIN CERTIFICATE-----")) {
+				this._pem = str;
+				this._components = parseX509(str);
+			} else {
+				this._components = parseX509Der(new Uint8Array(bufData.buffer, bufData.byteOffset, bufData.byteLength));
+				this._pem = derToPem(this._components.raw, "CERTIFICATE");
+			}
+		}
+	}
+	/** The DER encoded certificate data. */
+	get raw() {
+		return Buffer.from(this._components.raw);
+	}
+	/** The serial number of the certificate as a hex string. */
+	get serialNumber() {
+		return this._components.serialNumber.toString(16).toUpperCase();
+	}
+	/** The subject of the certificate. */
+	get subject() {
+		return this._components.subject;
+	}
+	/** The issuer of the certificate. */
+	get issuer() {
+		return this._components.issuer;
+	}
+	/** The start date of the certificate validity period. */
+	get validFrom() {
+		return this._components.validFrom.toUTCString();
+	}
+	/** The end date of the certificate validity period. */
+	get validTo() {
+		return this._components.validTo.toUTCString();
+	}
+	/** SHA-1 fingerprint of the certificate. */
+	get fingerprint() {
+		const hash = createHash("sha1").update(this._components.raw).digest();
+		return formatFingerprint(hash);
+	}
+	/** SHA-256 fingerprint of the certificate. */
+	get fingerprint256() {
+		const hash = createHash("sha256").update(this._components.raw).digest();
+		return formatFingerprint(hash);
+	}
+	/** SHA-512 fingerprint of the certificate. */
+	get fingerprint512() {
+		const hash = createHash("sha512").update(this._components.raw).digest();
+		return formatFingerprint(hash);
+	}
+	/** The public key of the certificate as a KeyObject. */
+	get publicKey() {
+		if (!this._components.publicKey) {
+			throw new Error("Certificate does not contain a supported public key type");
+		}
+		const der = encodeSubjectPublicKeyInfo(this._components.publicKey);
+		const pem = derToPem(der, "PUBLIC KEY");
+		return new KeyObject("public", {
+			parsed: {
+				type: "rsa-public",
+				components: this._components.publicKey
+			},
+			pem
+		});
+	}
+	/** The Subject Alternative Name extension, if present. */
+	get subjectAltName() {
+		if (!this._components.subjectAltName || this._components.subjectAltName.length === 0) {
+			return undefined;
+		}
+		return this._components.subjectAltName.join(", ");
+	}
+	/** The key usage extension (stub — returns undefined). */
+	get keyUsage() {
+		return undefined;
+	}
+	/** Information access extension (stub — returns undefined). */
+	get infoAccess() {
+		return undefined;
+	}
+	/** Whether this certificate is a CA certificate. */
+	get ca() {
+		return false;
+	}
+	/**
+	* Check whether the certificate matches the given hostname.
+	*/
+	checkHost(name) {
+		const cnMatch = this._components.subject.match(/CN=([^,]+)/);
+		if (cnMatch) {
+			const cn = cnMatch[1].trim();
+			if (matchHostname(cn, name)) return cn;
+		}
+		if (this._components.subjectAltName) {
+			for (const san of this._components.subjectAltName) {
+				if (san.startsWith("DNS:")) {
+					const dnsName = san.substring(4);
+					if (matchHostname(dnsName, name)) return dnsName;
+				}
+			}
+		}
+		return undefined;
+	}
+	/**
+	* Check whether the certificate matches the given email address.
+	*/
+	checkEmail(email) {
+		const emailLower = email.toLowerCase();
+		const emailMatch = this._components.subject.match(/emailAddress=([^,]+)/);
+		if (emailMatch && emailMatch[1].toLowerCase() === emailLower) {
+			return emailMatch[1];
+		}
+		return undefined;
+	}
+	/**
+	* Check whether the certificate matches the given IP address.
+	*/
+	checkIP(ip) {
+		if (this._components.subjectAltName) {
+			for (const san of this._components.subjectAltName) {
+				if (san.startsWith("IP Address:") && san.substring(11) === ip) {
+					return ip;
+				}
+			}
+		}
+		return undefined;
+	}
+	/**
+	* Verify the certificate signature using the given public key.
+	*/
+	verify(_publicKey) {
+		return true;
+	}
+	/**
+	* Check whether this certificate was issued by the given issuer certificate.
+	*/
+	checkIssued(otherCert) {
+		return this.issuer === otherCert.subject;
+	}
+	/**
+	* Returns a legacy certificate object for compatibility.
+	*/
+	toLegacyObject() {
+		return {
+			subject: parseDNToObject(this._components.subject),
+			issuer: parseDNToObject(this._components.issuer),
+			valid_from: this.validFrom,
+			valid_to: this.validTo,
+			serialNumber: this.serialNumber,
+			fingerprint: this.fingerprint,
+			fingerprint256: this.fingerprint256
+		};
+	}
+	/**
+	* Returns the PEM-encoded certificate.
+	*/
+	toString() {
+		return this._pem;
+	}
+	/**
+	* Returns the PEM-encoded certificate in JSON context.
+	*/
+	toJSON() {
+		return this._pem;
+	}
+	get [Symbol.toStringTag]() {
+		return "X509Certificate";
+	}
+};
 function formatFingerprint(hash) {
-  const hex = hash.toString("hex").toUpperCase();
-  const parts = [];
-  for (let i = 0; i < hex.length; i += 2) {
-    parts.push(hex.substring(i, i + 2));
-  }
-  return parts.join(":");
+	const hex = hash.toString("hex").toUpperCase();
+	const parts = [];
+	for (let i = 0; i < hex.length; i += 2) {
+		parts.push(hex.substring(i, i + 2));
+	}
+	return parts.join(":");
 }
 function matchHostname(pattern, hostname) {
-  const patternLower = pattern.toLowerCase();
-  const hostLower = hostname.toLowerCase();
-  if (patternLower === hostLower) return true;
-  if (patternLower.startsWith("*.")) {
-    const suffix = patternLower.substring(2);
-    const hostParts = hostLower.split(".");
-    if (hostParts.length >= 2) {
-      const hostSuffix = hostParts.slice(1).join(".");
-      return hostSuffix === suffix;
-    }
-  }
-  return false;
+	const patternLower = pattern.toLowerCase();
+	const hostLower = hostname.toLowerCase();
+	if (patternLower === hostLower) return true;
+	if (patternLower.startsWith("*.")) {
+		const suffix = patternLower.substring(2);
+		const hostParts = hostLower.split(".");
+		if (hostParts.length >= 2) {
+			const hostSuffix = hostParts.slice(1).join(".");
+			return hostSuffix === suffix;
+		}
+	}
+	return false;
 }
 function parseDNToObject(dn) {
-  const result = {};
-  const parts = dn.split(", ");
-  for (const part of parts) {
-    const eqIdx = part.indexOf("=");
-    if (eqIdx > 0) {
-      result[part.substring(0, eqIdx)] = part.substring(eqIdx + 1);
-    }
-  }
-  return result;
+	const result = {};
+	const parts = dn.split(", ");
+	for (const part of parts) {
+		const eqIdx = part.indexOf("=");
+		if (eqIdx > 0) {
+			result[part.substring(0, eqIdx)] = part.substring(eqIdx + 1);
+		}
+	}
+	return result;
 }
-export {
-  X509Certificate
-};
+
+//#endregion
+export { X509Certificate };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@gjsify/crypto",
-  "version": "0.3.12",
+  "version": "0.3.14",
   "description": "Node.js crypto module for Gjs",
   "type": "module",
   "module": "lib/esm/index.js",
@@ -30,16 +30,16 @@
     "crypto"
   ],
   "devDependencies": {
-    "@gjsify/cli": "^0.3.12",
-    "@gjsify/unit": "^0.3.12",
+    "@gjsify/cli": "^0.3.14",
+    "@gjsify/unit": "^0.3.14",
     "@types/diffie-hellman": "^5.0.3",
     "@types/node": "^25.6.0",
     "typescript": "^6.0.3"
   },
   "dependencies": {
-    "@girs/glib-2.0": "^2.88.0-4.0.0-rc.9",
-    "@gjsify/buffer": "^0.3.12",
-    "@gjsify/stream": "^0.3.12",
-    "@gjsify/utils": "^0.3.12"
+    "@girs/glib-2.0": "2.88.0-4.0.0-rc.9",
+    "@gjsify/buffer": "^0.3.14",
+    "@gjsify/stream": "^0.3.14",
+    "@gjsify/utils": "^0.3.14"
   }
 }