@parcel/utils 2.16.1 → 2.16.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/index.js +70 -22
- package/lib/index.js.map +1 -1
- package/package.json +7 -7
package/lib/index.js
CHANGED
|
@@ -4296,7 +4296,7 @@ $aa3e068b956a6fc4$var$util.ByteStringBuffer.prototype._optimizeConstructedString
|
|
|
4296
4296
|
return this;
|
|
4297
4297
|
};
|
|
4298
4298
|
/**
|
|
4299
|
-
* Shortens this buffer by
|
|
4299
|
+
* Shortens this buffer by trimming bytes off of the end of this buffer.
|
|
4300
4300
|
*
|
|
4301
4301
|
* @param count the number of bytes to trim off.
|
|
4302
4302
|
*
|
|
@@ -4838,7 +4838,7 @@ $aa3e068b956a6fc4$var$util.DataBuffer = $aa3e068b956a6fc4$var$DataBuffer;
|
|
|
4838
4838
|
return this;
|
|
4839
4839
|
};
|
|
4840
4840
|
/**
|
|
4841
|
-
* Shortens this buffer by
|
|
4841
|
+
* Shortens this buffer by trimming bytes off of the end of this buffer.
|
|
4842
4842
|
*
|
|
4843
4843
|
* @param count the number of bytes to trim off.
|
|
4844
4844
|
*
|
|
@@ -5671,7 +5671,7 @@ $aa3e068b956a6fc4$var$util.text = {
|
|
|
5671
5671
|
if (argi < arguments.length) parts.push(arguments[argi++ + 1]);
|
|
5672
5672
|
else parts.push('<?>');
|
|
5673
5673
|
break;
|
|
5674
|
-
// FIXME: do proper
|
|
5674
|
+
// FIXME: do proper formatting for numbers, etc
|
|
5675
5675
|
//case 'f':
|
|
5676
5676
|
//case 'd':
|
|
5677
5677
|
case '%':
|
|
@@ -7122,7 +7122,7 @@ var $4ddacb2967c366b4$var$imix; // inverse mix-columns table
|
|
|
7122
7122
|
* The word [a0, a1, a2, a3] is a polynomial a3x^3 + a2x^2 + a1x + a0.
|
|
7123
7123
|
*
|
|
7124
7124
|
* Addition is performed by XOR'ing like powers of x. Multiplication
|
|
7125
|
-
* is performed in two steps, the first is an
|
|
7125
|
+
* is performed in two steps, the first is an algebraic expansion as
|
|
7126
7126
|
* you would do normally (where addition is XOR). But the result is
|
|
7127
7127
|
* a polynomial larger than 3 degrees and thus it cannot fit in a word. So
|
|
7128
7128
|
* next the result is modularly reduced by an AES-specific polynomial of
|
|
@@ -8395,6 +8395,9 @@ $dac3a60e3c7fa860$var$_IN('1.3.6.1.5.5.7.3.8', 'timeStamping');
|
|
|
8395
8395
|
GENERALIZEDTIME: 24,
|
|
8396
8396
|
BMPSTRING: 30
|
|
8397
8397
|
};
|
|
8398
|
+
/**
|
|
8399
|
+
* Sets the default maximum recursion depth when parsing ASN.1 structures.
|
|
8400
|
+
*/ $4842c66ab7bb0996$var$asn1.maxDepth = 256;
|
|
8398
8401
|
/**
|
|
8399
8402
|
* Creates a new asn1 object.
|
|
8400
8403
|
*
|
|
@@ -8576,6 +8579,8 @@ $dac3a60e3c7fa860$var$_IN('1.3.6.1.5.5.7.3.8', 'timeStamping');
|
|
|
8576
8579
|
* erroneously decode values that happen to be valid ASN.1. This
|
|
8577
8580
|
* flag will be deprecated or removed as soon as schema support is
|
|
8578
8581
|
* available. (default: true)
|
|
8582
|
+
* [maxDepth] override asn1.maxDepth recursion limit
|
|
8583
|
+
* (default: asn1.maxDepth)
|
|
8579
8584
|
*
|
|
8580
8585
|
* @throws Will throw an error for various malformed input conditions.
|
|
8581
8586
|
*
|
|
@@ -8594,6 +8599,7 @@ $dac3a60e3c7fa860$var$_IN('1.3.6.1.5.5.7.3.8', 'timeStamping');
|
|
|
8594
8599
|
if (!('strict' in options)) options.strict = true;
|
|
8595
8600
|
if (!('parseAllBytes' in options)) options.parseAllBytes = true;
|
|
8596
8601
|
if (!('decodeBitStrings' in options)) options.decodeBitStrings = true;
|
|
8602
|
+
if (!('maxDepth' in options)) options.maxDepth = $4842c66ab7bb0996$var$asn1.maxDepth;
|
|
8597
8603
|
// wrap in buffer if needed
|
|
8598
8604
|
if (typeof bytes === 'string') bytes = $ctKnW.util.createBuffer(bytes);
|
|
8599
8605
|
var byteCount = bytes.length();
|
|
@@ -8616,6 +8622,8 @@ $dac3a60e3c7fa860$var$_IN('1.3.6.1.5.5.7.3.8', 'timeStamping');
|
|
|
8616
8622
|
*
|
|
8617
8623
|
* @return the parsed asn1 object.
|
|
8618
8624
|
*/ function $4842c66ab7bb0996$var$_fromDer(bytes, remaining, depth, options) {
|
|
8625
|
+
// check depth limit
|
|
8626
|
+
if (depth >= options.maxDepth) throw new Error('ASN.1 parsing error: Max depth exceeded.');
|
|
8619
8627
|
// temporary storage for consumption calculations
|
|
8620
8628
|
var start;
|
|
8621
8629
|
// minimum length for ASN.1 DER structure is 2
|
|
@@ -8838,6 +8846,8 @@ $dac3a60e3c7fa860$var$_IN('1.3.6.1.5.5.7.3.8', 'timeStamping');
|
|
|
8838
8846
|
last = true;
|
|
8839
8847
|
valueBytes = [];
|
|
8840
8848
|
value = parseInt(values[i], 10);
|
|
8849
|
+
// TODO: Change bitwise logic to allow larger values.
|
|
8850
|
+
if (value > 0xffffffff) throw new Error('OID value too large; max is 32-bits.');
|
|
8841
8851
|
do {
|
|
8842
8852
|
b = value & 0x7F;
|
|
8843
8853
|
value = value >>> 7;
|
|
@@ -8870,8 +8880,11 @@ $dac3a60e3c7fa860$var$_IN('1.3.6.1.5.5.7.3.8', 'timeStamping');
|
|
|
8870
8880
|
// the last byte for each value
|
|
8871
8881
|
var value = 0;
|
|
8872
8882
|
while(bytes.length() > 0){
|
|
8883
|
+
// error if 7b shift would exceed Number.MAX_SAFE_INTEGER
|
|
8884
|
+
// (Number.MAX_SAFE_INTEGER / 128)
|
|
8885
|
+
if (value > 0x3fffffffffff) throw new Error('OID value too large; max is 53-bits.');
|
|
8873
8886
|
b = bytes.getByte();
|
|
8874
|
-
value = value
|
|
8887
|
+
value = value * 128;
|
|
8875
8888
|
// not the last byte for the value
|
|
8876
8889
|
if (b & 0x80) value += b & 0x7F;
|
|
8877
8890
|
else {
|
|
@@ -9139,13 +9152,48 @@ $dac3a60e3c7fa860$var$_IN('1.3.6.1.5.5.7.3.8', 'timeStamping');
|
|
|
9139
9152
|
if (v.value && $ctKnW.util.isArray(v.value)) {
|
|
9140
9153
|
var j = 0;
|
|
9141
9154
|
for(var i = 0; rval && i < v.value.length; ++i){
|
|
9142
|
-
|
|
9143
|
-
|
|
9144
|
-
|
|
9145
|
-
|
|
9146
|
-
|
|
9155
|
+
var schemaItem = v.value[i];
|
|
9156
|
+
rval = !!schemaItem.optional;
|
|
9157
|
+
// current child in the object
|
|
9158
|
+
var objChild = obj.value[j];
|
|
9159
|
+
// if there is no child left to match
|
|
9160
|
+
if (!objChild) {
|
|
9161
|
+
// if optional, ok (rval already true), else fail below
|
|
9162
|
+
if (!schemaItem.optional) {
|
|
9163
|
+
rval = false;
|
|
9164
|
+
if (errors) errors.push('[' + v.name + '] ' + 'Missing required element. Expected tag class "' + schemaItem.tagClass + '", type "' + schemaItem.type + '"');
|
|
9165
|
+
}
|
|
9166
|
+
continue;
|
|
9167
|
+
}
|
|
9168
|
+
// If schema explicitly specifies tagClass/type, do a quick structural check
|
|
9169
|
+
// to avoid unnecessary recursion/side-effects when tags clearly don't match.
|
|
9170
|
+
var schemaHasTag = typeof schemaItem.tagClass !== 'undefined' && typeof schemaItem.type !== 'undefined';
|
|
9171
|
+
if (schemaHasTag && (objChild.tagClass !== schemaItem.tagClass || objChild.type !== schemaItem.type)) {
|
|
9172
|
+
// Tags do not match.
|
|
9173
|
+
if (schemaItem.optional) {
|
|
9174
|
+
// Skip this schema element (don't consume objChild; don't call recursive validate).
|
|
9175
|
+
rval = true;
|
|
9176
|
+
continue;
|
|
9177
|
+
} else {
|
|
9178
|
+
// Required schema item mismatched - fail.
|
|
9179
|
+
rval = false;
|
|
9180
|
+
if (errors) errors.push('[' + v.name + '] ' + 'Tag mismatch. Expected (' + schemaItem.tagClass + ',' + schemaItem.type + '), got (' + objChild.tagClass + ',' + objChild.type + ')');
|
|
9181
|
+
break;
|
|
9182
|
+
}
|
|
9183
|
+
}
|
|
9184
|
+
// Tags are compatible (or schema did not declare tags) - dive into recursive validate.
|
|
9185
|
+
var childRval = $4842c66ab7bb0996$var$asn1.validate(objChild, schemaItem, capture, errors);
|
|
9186
|
+
if (childRval) {
|
|
9187
|
+
// consume this child
|
|
9188
|
+
++j;
|
|
9189
|
+
rval = true;
|
|
9190
|
+
} else if (schemaItem.optional) // validation failed but element is optional => skip schema item (don't consume child)
|
|
9191
|
+
rval = true;
|
|
9192
|
+
else {
|
|
9193
|
+
// required item failed
|
|
9194
|
+
rval = false;
|
|
9195
|
+
break;
|
|
9147
9196
|
}
|
|
9148
|
-
if (!rval && errors) errors.push('[' + v.name + '] ' + 'Tag class "' + v.tagClass + '", type "' + v.type + '" expected value length "' + v.value.length + '", got "' + obj.value.length + '"');
|
|
9149
9197
|
}
|
|
9150
9198
|
}
|
|
9151
9199
|
if (rval && capture) {
|
|
@@ -15269,7 +15317,7 @@ var $e581af606dac1487$var$digestInfoValidator = {
|
|
|
15269
15317
|
capture: 'algorithmIdentifier'
|
|
15270
15318
|
},
|
|
15271
15319
|
{
|
|
15272
|
-
// NULL
|
|
15320
|
+
// NULL parameters
|
|
15273
15321
|
name: 'DigestInfo.DigestAlgorithm.parameters',
|
|
15274
15322
|
tagClass: $e581af606dac1487$var$asn1.Class.UNIVERSAL,
|
|
15275
15323
|
type: $e581af606dac1487$var$asn1.Type.NULL,
|
|
@@ -15305,7 +15353,7 @@ var $e581af606dac1487$var$digestInfoValidator = {
|
|
|
15305
15353
|
*
|
|
15306
15354
|
* @param md the message digest object with the hash to sign.
|
|
15307
15355
|
*
|
|
15308
|
-
* @return the encoded message (ready for RSA
|
|
15356
|
+
* @return the encoded message (ready for RSA encryption)
|
|
15309
15357
|
*/ var $e581af606dac1487$var$emsaPkcs1v15encode = function(md) {
|
|
15310
15358
|
// get the oid for the algorithm
|
|
15311
15359
|
var oid;
|
|
@@ -15447,7 +15495,7 @@ var $e581af606dac1487$var$digestInfoValidator = {
|
|
|
15447
15495
|
*
|
|
15448
15496
|
* The parameter bt controls whether to put padding bytes before the
|
|
15449
15497
|
* message passed in. Set bt to either true or false to disable padding
|
|
15450
|
-
* completely (in order to handle e.g. EMSA-PSS encoding
|
|
15498
|
+
* completely (in order to handle e.g. EMSA-PSS encoding separately before),
|
|
15451
15499
|
* signaling whether the encryption operation is a public key operation
|
|
15452
15500
|
* (i.e. encrypting data) or not, i.e. private key operation (data signing).
|
|
15453
15501
|
*
|
|
@@ -16022,7 +16070,7 @@ var $e581af606dac1487$var$digestInfoValidator = {
|
|
|
16022
16070
|
}
|
|
16023
16071
|
// check hash algorithm identifier
|
|
16024
16072
|
// see PKCS1-v1-5DigestAlgorithms in RFC 8017
|
|
16025
|
-
// FIXME: add support to
|
|
16073
|
+
// FIXME: add support to validator for strict value choices
|
|
16026
16074
|
var oid = $e581af606dac1487$var$asn1.derToOid(capture.algorithmIdentifier);
|
|
16027
16075
|
if (!(oid === $ctKnW.oids.md2 || oid === $ctKnW.oids.md5 || oid === $ctKnW.oids.sha1 || oid === $ctKnW.oids.sha224 || oid === $ctKnW.oids.sha256 || oid === $ctKnW.oids.sha384 || oid === $ctKnW.oids.sha512 || oid === $ctKnW.oids['sha512-224'] || oid === $ctKnW.oids['sha512-256'])) {
|
|
16028
16076
|
var error = new Error('Unknown RSASSA-PKCS1-v1_5 DigestAlgorithm identifier.');
|
|
@@ -16031,7 +16079,7 @@ var $e581af606dac1487$var$digestInfoValidator = {
|
|
|
16031
16079
|
}
|
|
16032
16080
|
// special check for md2 and md5 that NULL parameters exist
|
|
16033
16081
|
if (oid === $ctKnW.oids.md2 || oid === $ctKnW.oids.md5) {
|
|
16034
|
-
if (!('parameters' in capture)) throw new Error("ASN.1 object does not contain a valid RSASSA-PKCS1-v1_5 DigestInfo value. Missing algorithm
|
|
16082
|
+
if (!('parameters' in capture)) throw new Error("ASN.1 object does not contain a valid RSASSA-PKCS1-v1_5 DigestInfo value. Missing algorithm identifier NULL parameters.");
|
|
16035
16083
|
}
|
|
16036
16084
|
// compare the given digest to the decrypted one
|
|
16037
16085
|
return digest === capture.digest;
|
|
@@ -16388,7 +16436,7 @@ var $e581af606dac1487$var$digestInfoValidator = {
|
|
|
16388
16436
|
|
|
16389
16437
|
1. The encryption block EB cannot be parsed unambiguously.
|
|
16390
16438
|
2. The padding string PS consists of fewer than eight octets
|
|
16391
|
-
or is
|
|
16439
|
+
or is inconsistent with the block type BT.
|
|
16392
16440
|
3. The decryption process is a public-key operation and the block
|
|
16393
16441
|
type BT is not 00 or 01, or the decryption process is a
|
|
16394
16442
|
private-key operation and the block type is not 02.
|
|
@@ -17190,7 +17238,7 @@ var $af4fabac5df619a8$var$pkcs12PbeParamsValidator = {
|
|
|
17190
17238
|
v copies of ID. */ var D = new $ctKnW.util.ByteBuffer();
|
|
17191
17239
|
D.fillWithByte(id, v);
|
|
17192
17240
|
/* 2. Concatenate copies of the salt together to create a string S of length
|
|
17193
|
-
v * ceil(s / v) bytes (the final copy of the salt may be
|
|
17241
|
+
v * ceil(s / v) bytes (the final copy of the salt may be truncated
|
|
17194
17242
|
to create S).
|
|
17195
17243
|
Note that if the salt is the empty string, then so is S. */ var Slen = v * Math.ceil(s / v);
|
|
17196
17244
|
var S = new $ctKnW.util.ByteBuffer();
|
|
@@ -20245,7 +20293,7 @@ var $f82685d976399f90$var$certificationRequestValidator = {
|
|
|
20245
20293
|
* Convert signature parameters object to ASN.1
|
|
20246
20294
|
*
|
|
20247
20295
|
* @param {String} oid Signature algorithm OID
|
|
20248
|
-
* @param params The signature
|
|
20296
|
+
* @param params The signature parameters object
|
|
20249
20297
|
* @return ASN.1 object representing signature parameters
|
|
20250
20298
|
*/ function $f82685d976399f90$var$_signatureParametersToAsn1(oid, params) {
|
|
20251
20299
|
switch(oid){
|
|
@@ -21299,7 +21347,7 @@ var $df5201b2e1aaa80b$var$certBagValidator = {
|
|
|
21299
21347
|
mac.update(data.value);
|
|
21300
21348
|
var macValue = mac.getMac();
|
|
21301
21349
|
if (macValue.getBytes() !== capture.macDigest) throw new Error('PKCS#12 MAC could not be verified. Invalid password?');
|
|
21302
|
-
}
|
|
21350
|
+
} else if (Array.isArray(obj.value) && obj.value.length > 2) /* This is pfx data that should have mac and verify macDigest */ throw new Error('Invalid PKCS#12. macData field present but MAC was not validated.');
|
|
21303
21351
|
$df5201b2e1aaa80b$var$_decodeAuthenticatedSafe(pfx, data.value, strict, password);
|
|
21304
21352
|
return pfx;
|
|
21305
21353
|
};
|
|
@@ -22286,7 +22334,7 @@ $1c135395252d0c3b$var$tls.Alert.Description = {
|
|
|
22286
22334
|
* @param length the length of the handshake message.
|
|
22287
22335
|
*/ $1c135395252d0c3b$var$tls.handleHelloRequest = function(c, record, length) {
|
|
22288
22336
|
// ignore renegotiation requests from the server during a handshake, but
|
|
22289
|
-
// if handshaking, send a warning alert that
|
|
22337
|
+
// if handshaking, send a warning alert that renegotiation is denied
|
|
22290
22338
|
if (!c.handshaking && c.handshakes > 0) {
|
|
22291
22339
|
// send alert warning
|
|
22292
22340
|
$1c135395252d0c3b$var$tls.queue(c, $1c135395252d0c3b$var$tls.createAlert(c, {
|
|
@@ -23827,7 +23875,7 @@ $1c135395252d0c3b$var$hsTable[$1c135395252d0c3b$var$tls.ConnectionEnd.client] =
|
|
|
23827
23875
|
]
|
|
23828
23876
|
];
|
|
23829
23877
|
// map server current expect state and handshake type to function
|
|
23830
|
-
// Note: CAD[CH] does not map to FB because
|
|
23878
|
+
// Note: CAD[CH] does not map to FB because renegotiation is prohibited
|
|
23831
23879
|
var $1c135395252d0c3b$var$H7 = $1c135395252d0c3b$var$tls.handleClientHello;
|
|
23832
23880
|
var $1c135395252d0c3b$var$H8 = $1c135395252d0c3b$var$tls.handleClientKeyExchange;
|
|
23833
23881
|
var $1c135395252d0c3b$var$H9 = $1c135395252d0c3b$var$tls.handleCertificateVerify;
|