@naylence/advanced-security 0.3.2 → 0.3.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. package/dist/browser/index.js +34 -10
  2. package/dist/browser/index.js.map +1 -1
  3. package/dist/cjs/naylence/fame/security/cert/default-ca-service.js +33 -3
  4. package/dist/cjs/naylence/fame/security/cert/default-ca-service.js.map +1 -1
  5. package/dist/cjs/naylence/fame/security/cert/internal-ca-service.js +1 -7
  6. package/dist/cjs/naylence/fame/security/cert/internal-ca-service.js.map +1 -1
  7. package/dist/esm/naylence/fame/security/cert/default-ca-service.js +33 -3
  8. package/dist/esm/naylence/fame/security/cert/default-ca-service.js.map +1 -1
  9. package/dist/esm/naylence/fame/security/cert/internal-ca-service.js +1 -7
  10. package/dist/esm/naylence/fame/security/cert/internal-ca-service.js.map +1 -1
  11. package/dist/types/naylence/fame/security/cert/default-ca-service.d.ts.map +1 -1
  12. package/dist/types/naylence/fame/security/cert/internal-ca-service.d.ts.map +1 -1
  13. package/package.json +1 -1
package/dist/browser/index.js CHANGED
@@ -7395,12 +7395,6 @@ function hexToArrayBuffer(hex) {
7395
7395
  }
7396
7396
  return bytes.buffer;
7397
7397
  }
7398
- function encodeBitString(data) {
7399
- const input = new Uint8Array(data);
7400
- const bitString = new Uint8Array(input.length + 1);
7401
- bitString.set(input, 1);
7402
- return bitString.buffer;
7403
- }
7404
7398
  async function createEd25519Certificate(options) {
7405
7399
  const subtle = await getSubtleCrypto();
7406
7400
  await ensureCrypto();
@@ -7440,7 +7434,7 @@ async function createEd25519Certificate(options) {
7440
7434
  const certificate = new Certificate({
7441
7435
  tbsCertificate,
7442
7436
  signatureAlgorithm,
7443
- signatureValue: encodeBitString(signature),
7437
+ signatureValue: signature,
7444
7438
  });
7445
7439
  certificate.tbsCertificateRaw = tbsDer;
7446
7440
  return AsnConvert.serialize(certificate);
@@ -8246,10 +8240,40 @@ class DefaultCAService extends CAService {
8246
8240
  });
8247
8241
  console.debug("Using root CA for signing:", csr.requesterId);
8248
8242
  }
8249
- // TODO: Parse CSR, extract public key, and sign certificate
8250
- // For now, delegate to the signing service (which will throw until implemented)
8243
+ // Issue the certificate using the configured signing service
8251
8244
  try {
8252
- return await signingService.issueCertificate(csr);
8245
+ const { certificatePem, expiresAt } = await signingService.issueCertificate(csr);
8246
+ const chainParts = [certificatePem.trim()];
8247
+ const rootCertPem = credentials.rootCaCertPem?.trim();
8248
+ const signingCertPem = credentials.signingCertPem?.trim();
8249
+ const normalizeCert = (pem) => pem?.trim();
8250
+ if (credentials.intermediateChainPem) {
8251
+ const intermediateCerts = this.parseCertificateChain(credentials.intermediateChainPem);
8252
+ for (const certPem of intermediateCerts) {
8253
+ const normalized = normalizeCert(certPem);
8254
+ if (!normalized) {
8255
+ continue;
8256
+ }
8257
+ if (normalized === chainParts[0]) {
8258
+ continue;
8259
+ }
8260
+ if (rootCertPem && normalized === rootCertPem) {
8261
+ continue;
8262
+ }
8263
+ chainParts.push(normalized);
8264
+ }
8265
+ }
8266
+ else if (signingCertPem && signingCertPem !== rootCertPem) {
8267
+ if (signingCertPem !== chainParts[0]) {
8268
+ chainParts.push(signingCertPem);
8269
+ }
8270
+ }
8271
+ const certificateChainPem = chainParts.join("\n");
8272
+ return {
8273
+ certificatePem,
8274
+ certificateChainPem,
8275
+ expiresAt,
8276
+ };
8253
8277
  }
8254
8278
  catch (error) {
8255
8279
  console.error("Certificate issuance failed:", csr.requesterId, error);