@parcel/utils 2.0.0-nightly.1138 → 2.0.0-nightly.1158

package/lib/index.js

@@ -3438,6 +3438,7 @@ $parcel$export(module.exports, "loadConfig", () => $10671d0be444e08b$export$c1a4
 $parcel$export(module.exports, "DefaultMap", () => $5783bf7916ff59db$export$674cd7dcb504ac5c);
 $parcel$export(module.exports, "DefaultWeakMap", () => $5783bf7916ff59db$export$4924f7ffab2ae440);
 $parcel$export(module.exports, "makeDeferredWithPromise", () => $75952a43539cb60f$export$93f345b3f0dd27e7);
+$parcel$export(module.exports, "getProgressMessage", () => $01f892dcf45b57a7$export$d28945a2f2ba5e30);
 $parcel$export(module.exports, "isGlob", () => $e8d0e504a4244d84$export$f3a2344a73dbdd42);
 $parcel$export(module.exports, "isGlobMatch", () => $e8d0e504a4244d84$export$16e6d319a883f04e);
 $parcel$export(module.exports, "globSync", () => $e8d0e504a4244d84$export$42275ba87174c828);
@@ -7804,6 +7805,10 @@ $10862ec0f65326f9$var$_IN("1.3.14.3.2.29", "sha1WithRSASignature");
 $10862ec0f65326f9$var$_IN("2.16.840.1.101.3.4.2.1", "sha256");
 $10862ec0f65326f9$var$_IN("2.16.840.1.101.3.4.2.2", "sha384");
 $10862ec0f65326f9$var$_IN("2.16.840.1.101.3.4.2.3", "sha512");
+$10862ec0f65326f9$var$_IN("2.16.840.1.101.3.4.2.4", "sha224");
+$10862ec0f65326f9$var$_IN("2.16.840.1.101.3.4.2.5", "sha512-224");
+$10862ec0f65326f9$var$_IN("2.16.840.1.101.3.4.2.6", "sha512-256");
+$10862ec0f65326f9$var$_IN("1.2.840.113549.2.2", "md2");
 $10862ec0f65326f9$var$_IN("1.2.840.113549.2.5", "md5");
 // pkcs#7 content types
 $10862ec0f65326f9$var$_IN("1.2.840.113549.1.7.1", "data");
@@ -8129,6 +8134,8 @@ $10862ec0f65326f9$var$_IN("1.3.6.1.5.5.7.3.8", "timeStamping");
  * @param [options] object with options or boolean strict flag
  *          [strict] true to be strict when checking value lengths, false to
  *            allow truncated values (default: true).
+ *          [parseAllBytes] true to ensure all bytes are parsed
+ *            (default: true)
  *          [decodeBitStrings] true to attempt to decode the content of
  *            BIT STRINGs (not OCTET STRINGs) using strict mode. Note that
  *            without schema support to understand the data context this can
@@ -8136,21 +8143,34 @@ $10862ec0f65326f9$var$_IN("1.3.6.1.5.5.7.3.8", "timeStamping");
  *            flag will be deprecated or removed as soon as schema support is
  *            available. (default: true)
  *
+ * @throws Will throw an error for various malformed input conditions.
+ *
  * @return the parsed asn1 object.
  */ $579f29a8775d6845$var$asn1.fromDer = function(bytes, options) {
     if (options === undefined) options = {
         strict: true,
+        parseAllBytes: true,
         decodeBitStrings: true
     };
     if (typeof options === "boolean") options = {
         strict: options,
+        parseAllBytes: true,
         decodeBitStrings: true
     };
     if (!("strict" in options)) options.strict = true;
+    if (!("parseAllBytes" in options)) options.parseAllBytes = true;
     if (!("decodeBitStrings" in options)) options.decodeBitStrings = true;
     // wrap in buffer if needed
     if (typeof bytes === "string") bytes = $iGlOy.util.createBuffer(bytes);
-    return $579f29a8775d6845$var$_fromDer(bytes, bytes.length(), 0, options);
+    var byteCount = bytes.length();
+    var value = $579f29a8775d6845$var$_fromDer(bytes, bytes.length(), 0, options);
+    if (options.parseAllBytes && bytes.length() !== 0) {
+        var error = new Error("Unparsed DER bytes remain after ASN.1 parsing.");
+        error.byteCount = byteCount;
+        error.remaining = bytes.length();
+        throw error;
+    }
+    return value;
 };
 /**
  * Internal function to parse an asn1 object from a byte buffer in DER format.
@@ -8246,7 +8266,6 @@ $10862ec0f65326f9$var$_IN("1.3.6.1.5.5.7.3.8", "timeStamping");
             start = bytes.length();
             var subOptions = {
                 // enforce strict mode to avoid parsing ASN.1 from plain data
-                verbose: options.verbose,
                 strict: true,
                 decodeBitStrings: true
             };
@@ -8282,7 +8301,10 @@ $10862ec0f65326f9$var$_IN("1.3.6.1.5.5.7.3.8", "timeStamping");
                 value += String.fromCharCode(bytes.getInt16());
                 remaining -= 2;
             }
-        } else value = bytes.getBytes(length);
+        } else {
+            value = bytes.getBytes(length);
+            remaining -= length;
+        }
     }
     // add BIT STRING contents if available
     var asn1Options = bitStringContents === undefined ? null : {
@@ -8854,7 +8876,12 @@ var $579f29a8775d6845$var$_nonLatinRegex = /[^\\u0000-\\u00ff]/;
         } else if (obj.type === $579f29a8775d6845$var$asn1.Type.OCTETSTRING) {
             if (!$579f29a8775d6845$var$_nonLatinRegex.test(obj.value)) rval += "(" + obj.value + ") ";
             rval += "0x" + $iGlOy.util.bytesToHex(obj.value);
-        } else if (obj.type === $579f29a8775d6845$var$asn1.Type.UTF8) rval += $iGlOy.util.decodeUtf8(obj.value);
+        } else if (obj.type === $579f29a8775d6845$var$asn1.Type.UTF8) try {
+            rval += $iGlOy.util.decodeUtf8(obj.value);
+        } catch (e) {
+            if (e.message === "URI malformed") rval += "0x" + $iGlOy.util.bytesToHex(obj.value) + " (malformed UTF8)";
+            else throw e;
+        }
         else if (obj.type === $579f29a8775d6845$var$asn1.Type.PRINTABLESTRING || obj.type === $579f29a8775d6845$var$asn1.Type.IA5String) rval += obj.value;
         else if ($579f29a8775d6845$var$_nonLatinRegex.test(obj.value)) rval += "0x" + $iGlOy.util.bytesToHex(obj.value);
         else if (obj.value.length === 0) rval += "[null]";
@@ -14475,6 +14502,45 @@ var $8ab3548bea1beb81$var$publicKeyValidator = $iGlOy.pki.rsa.publicKeyValidator
         }
     ]
 };
+// validator for a DigestInfo structure
+var $8ab3548bea1beb81$var$digestInfoValidator = {
+    name: "DigestInfo",
+    tagClass: $8ab3548bea1beb81$var$asn1.Class.UNIVERSAL,
+    type: $8ab3548bea1beb81$var$asn1.Type.SEQUENCE,
+    constructed: true,
+    value: [
+        {
+            name: "DigestInfo.DigestAlgorithm",
+            tagClass: $8ab3548bea1beb81$var$asn1.Class.UNIVERSAL,
+            type: $8ab3548bea1beb81$var$asn1.Type.SEQUENCE,
+            constructed: true,
+            value: [
+                {
+                    name: "DigestInfo.DigestAlgorithm.algorithmIdentifier",
+                    tagClass: $8ab3548bea1beb81$var$asn1.Class.UNIVERSAL,
+                    type: $8ab3548bea1beb81$var$asn1.Type.OID,
+                    constructed: false,
+                    capture: "algorithmIdentifier"
+                },
+                {
+                    // NULL paramters
+                    name: "DigestInfo.DigestAlgorithm.parameters",
+                    tagClass: $8ab3548bea1beb81$var$asn1.Class.UNIVERSAL,
+                    type: $8ab3548bea1beb81$var$asn1.Type.NULL,
+                    constructed: false
+                }
+            ]
+        },
+        {
+            // digest
+            name: "DigestInfo.digest",
+            tagClass: $8ab3548bea1beb81$var$asn1.Class.UNIVERSAL,
+            type: $8ab3548bea1beb81$var$asn1.Type.OCTETSTRING,
+            constructed: false,
+            capture: "digest"
+        }
+    ]
+};
 /**
  * Wrap digest in DigestInfo object.
  *
@@ -15176,19 +15242,46 @@ var $8ab3548bea1beb81$var$publicKeyValidator = $iGlOy.pki.rsa.publicKeyValidator
    *          a Forge PSS object for RSASSA-PSS,
    *          'NONE' or null for none, DigestInfo will not be expected, but
    *            PKCS#1 v1.5 padding will still be used.
+   * @param options optional verify options
+   *          _parseAllDigestBytes testing flag to control parsing of all
+   *            digest bytes. Unsupported and not for general usage.
+   *            (default: true)
    *
    * @return true if the signature was verified, false if not.
-   */ key.verify = function(digest, signature, scheme) {
+   */ key.verify = function(digest, signature, scheme, options) {
         if (typeof scheme === "string") scheme = scheme.toUpperCase();
         else if (scheme === undefined) scheme = "RSASSA-PKCS1-V1_5";
+        if (options === undefined) options = {
+            _parseAllDigestBytes: true
+        };
+        if (!("_parseAllDigestBytes" in options)) options._parseAllDigestBytes = true;
         if (scheme === "RSASSA-PKCS1-V1_5") scheme = {
             verify: function(digest, d) {
                 // remove padding
                 d = $8ab3548bea1beb81$var$_decodePkcs1_v1_5(d, key, true);
                 // d is ASN.1 BER-encoded DigestInfo
-                var obj = $8ab3548bea1beb81$var$asn1.fromDer(d);
+                var obj = $8ab3548bea1beb81$var$asn1.fromDer(d, {
+                    parseAllBytes: options._parseAllDigestBytes
+                });
+                // validate DigestInfo
+                var capture = {};
+                var errors = [];
+                if (!$8ab3548bea1beb81$var$asn1.validate(obj, $8ab3548bea1beb81$var$digestInfoValidator, capture, errors)) {
+                    var error = new Error("ASN.1 object does not contain a valid RSASSA-PKCS1-v1_5 DigestInfo value.");
+                    error.errors = errors;
+                    throw error;
+                }
+                // check hash algorithm identifier
+                // see PKCS1-v1-5DigestAlgorithms in RFC 8017
+                // FIXME: add support to vaidator for strict value choices
+                var oid = $8ab3548bea1beb81$var$asn1.derToOid(capture.algorithmIdentifier);
+                if (!(oid === $iGlOy.oids.md2 || oid === $iGlOy.oids.md5 || oid === $iGlOy.oids.sha1 || oid === $iGlOy.oids.sha224 || oid === $iGlOy.oids.sha256 || oid === $iGlOy.oids.sha384 || oid === $iGlOy.oids.sha512 || oid === $iGlOy.oids["sha512-224"] || oid === $iGlOy.oids["sha512-256"])) {
+                    var error = new Error("Unknown RSASSA-PKCS1-v1_5 DigestAlgorithm identifier.");
+                    error.oid = oid;
+                    throw error;
+                }
                 // compare the given digest to the decrypted one
-                return digest === obj.value[1].value;
+                return digest === capture.digest;
             }
         };
         else if (scheme === "NONE" || scheme === "NULL" || scheme === null) scheme = {
@@ -34828,7 +34921,7 @@ async function $10671d0be444e08b$export$c1a4367d4847eb06(fs, filepath, filenames
         if (cachedOutput) return cachedOutput;
         try {
             let extname = (0, ($parcel$interopDefault($8C1kk$path))).extname(configFile).slice(1);
-            if (extname === "js") {
+            if (extname === "js" || extname === "cjs") {
                 let output = {
                     // $FlowFixMe
                     config: (0, (/*@__PURE__*/$parcel$interopDefault($284aeb9e515b63c0$exports)))(require(configFile)),
@@ -35069,6 +35162,22 @@ class $5783bf7916ff59db$export$4924f7ffab2ae440 extends WeakMap {
 
 
 
+function $01f892dcf45b57a7$export$d28945a2f2ba5e30(event) {
+    switch(event.phase){
+        case "transforming":
+            return `Building ${(0, ($parcel$interopDefault($8C1kk$path))).basename(event.filePath)}...`;
+        case "bundling":
+            return "Bundling...";
+        case "packaging":
+            return `Packaging ${event.bundle.displayName}...`;
+        case "optimizing":
+            return `Optimizing ${event.bundle.displayName}...`;
+    }
+    return null;
+}
+
+
+
 
 
 function $4b14026b40817fca$export$8a9ede1a78d6a1fe(stream) {