edockit 0.4.0 → 0.4.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +26 -1
- package/dist/{certificate-3c9dcdac.js → certificate-85461237.js} +11 -11
- package/dist/certificate-85461237.js.map +1 -0
- package/dist/{certificate-c7123a37.js → certificate-e6d074b8.js} +11 -11
- package/dist/certificate-e6d074b8.js.map +1 -0
- package/dist/core/parser/types.d.ts +16 -0
- package/dist/core/revocation/index.d.ts +1 -1
- package/dist/core/revocation/ocsp.d.ts +21 -0
- package/dist/core/trustedlist/build.d.ts +2 -1
- package/dist/core/trustedlist/index.d.ts +13 -0
- package/dist/core/trustedlist/loader.d.ts +14 -0
- package/dist/core/trustedlist/types.d.ts +4 -0
- package/dist/{identity-fca881b1.js → identity-2eb76bc9.js} +80 -7
- package/dist/identity-2eb76bc9.js.map +1 -0
- package/dist/{identity-c9e5052e.js → identity-d8910151.js} +77 -3
- package/dist/identity-d8910151.js.map +1 -0
- package/dist/index.cjs.js +3566 -164
- package/dist/index.cjs.js.map +1 -1
- package/dist/index.esm.js +3567 -165
- package/dist/index.esm.js.map +1 -1
- package/dist/index.umd.js +17 -17
- package/dist/index.umd.js.map +1 -1
- package/dist/{loader-ad1a5051.js → loader-776cb996.js} +21 -3
- package/dist/loader-776cb996.js.map +1 -0
- package/dist/{loader-7a0f771f.js → loader-9ce42535.js} +21 -2
- package/dist/loader-9ce42535.js.map +1 -0
- package/dist/{reference-provider-3838ebfb.js → reference-provider-1dd56087.js} +3 -3
- package/dist/{reference-provider-3838ebfb.js.map → reference-provider-1dd56087.js.map} +1 -1
- package/dist/{reference-provider-9bbbaab8.js → reference-provider-50466d83.js} +3 -3
- package/dist/{reference-provider-9bbbaab8.js.map → reference-provider-50466d83.js.map} +1 -1
- package/dist/trusted-list-build.cjs.js +65 -30
- package/dist/trusted-list-build.cjs.js.map +1 -1
- package/dist/trusted-list-build.esm.js +64 -28
- package/dist/trusted-list-build.esm.js.map +1 -1
- package/dist/trusted-list-bundled.cjs.js +4 -30392
- package/dist/trusted-list-bundled.cjs.js.map +1 -1
- package/dist/trusted-list-bundled.esm.js +4 -30392
- package/dist/trusted-list-bundled.esm.js.map +1 -1
- package/dist/trusted-list.cjs.js +3 -3
- package/dist/trusted-list.esm.js +3 -3
- package/package.json +8 -1
- package/dist/certificate-3c9dcdac.js.map +0 -1
- package/dist/certificate-c7123a37.js.map +0 -1
- package/dist/identity-c9e5052e.js.map +0 -1
- package/dist/identity-fca881b1.js.map +0 -1
- package/dist/loader-7a0f771f.js.map +0 -1
- package/dist/loader-ad1a5051.js.map +0 -1
package/CHANGELOG.md
CHANGED
|
@@ -7,6 +7,30 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
|
7
7
|
|
|
8
8
|
## [Unreleased]
|
|
9
9
|
|
|
10
|
+
## [0.4.1] - 2026-06-26
|
|
11
|
+
|
|
12
|
+
### Added
|
|
13
|
+
|
|
14
|
+
- **Embedded XAdES RevocationValues exposed** - `SignatureInfo.revocationValues` exposes the raw embedded OCSP/CRL material (base64 DER) from `xades:UnsignedSignatureProperties`. These properties are unsigned, so edockit does **not** use them as a revocation verdict; they are provided for consumers performing their own authenticated long-term validation
|
|
15
|
+
- **Trusted-list bundle identifier** - Compact trusted-list bundles and the bundled snapshot now carry a top-level `bundleId` (derived from `generatedAt`) so downstream consumers can identify a snapshot (previously `null`)
|
|
16
|
+
- **Resilient trusted-list regeneration** - `npm run update-trusted-list` carries forward last-known-good services only when every advertised TSL endpoint for a territory explicitly fails to fetch or parse, so transient failures and HTTP 200 error pages cannot silently drop a country while valid empty TSLs and successful removals are not resurrected; it also falls back to Node's native http(s) client for endpoints that block undici's client fingerprint (e.g. Estonia's `sr.riik.ee`)
|
|
17
|
+
|
|
18
|
+
### Changed
|
|
19
|
+
|
|
20
|
+
- **Lighter live revocation** - The issuer certificate required to build an OCSP request is now also resolved from certificates embedded in the signature's `RevocationValues` OCSP responses, and OCSP issuer resolution requires a candidate whose key actually signed the certificate — a same-name certificate that did not issue it is rejected and the AIA lookup is used instead. When the container ships no certificate chain, this lets the small live OCSP query answer revocation instead of falling back to downloading the full CRL (verified end-to-end: `method: "ocsp"` instead of `"crl"` for the LV eID sample). The status in the embedded response is not trusted — a fresh OCSP query is still made
|
|
21
|
+
- **Refreshed bundled EU trusted-list snapshot** - Regenerated from the EU LOTL with a fresh `generatedAt` and `bundleId`
|
|
22
|
+
- **Declared direct dependencies** - `asn1js`, `@peculiar/asn1-schema`, and `@peculiar/asn1-x509` are now declared dependencies (previously relied on transitively)
|
|
23
|
+
|
|
24
|
+
### Fixed
|
|
25
|
+
|
|
26
|
+
- **Per-signature XAdES properties** - `parseSignatureElement` now reads `RevocationValues`, `CertificateValues`, `SigningTime`, and `SignatureTimeStamp` from the current signature element instead of document-wide, so a signature in a multi-signature document no longer inherits the first signature's embedded material (which would point OCSP issuer resolution at the wrong certs)
|
|
27
|
+
- **Large national CRL parsing** - `parseCRL()` now parses CRLs that exceed asn1js's default `DEFAULT_MAX_NODES` (10000) DoS guard (e.g. the ~13k-entry Latvian LV eID CRL) by re-parsing with a raised, bounded node limit. Fixes `certificate_not_revoked_at_signing_time` returning `INDETERMINATE` with "Failed to parse CRL data" against `asn1js@^3.0.9`
|
|
28
|
+
- **InclusiveNamespaces XPath warning** - Node XPath queries now resolve namespace prefixes via `xpath.useNamespaces` instead of misusing `xpath.select`'s third (`single`) argument as a resolver, eliminating noisy "XPath evaluation failed" errors during signature parsing
|
|
29
|
+
|
|
30
|
+
### Security
|
|
31
|
+
|
|
32
|
+
- **Dependency advisory cleanup** - Updated the only affected runtime dependency, `@xmldom/xmldom`, to 0.9.10 (resolves high-severity XML injection and serialization DoS advisories) and cleared all remaining `npm audit` findings in the dev/test toolchain via in-range bumps and `esbuild`/`js-yaml` overrides. `npm audit` now reports 0 vulnerabilities
|
|
33
|
+
|
|
10
34
|
## [0.4.0] - 2026-03-19
|
|
11
35
|
|
|
12
36
|
### Added
|
|
@@ -113,7 +137,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
|
113
137
|
- File checksum verification (SHA-256/384/512)
|
|
114
138
|
- Browser and Node.js support
|
|
115
139
|
|
|
116
|
-
[Unreleased]: https://github.com/edgarsj/edockit/compare/v0.4.
|
|
140
|
+
[Unreleased]: https://github.com/edgarsj/edockit/compare/v0.4.1...HEAD
|
|
141
|
+
[0.4.1]: https://github.com/edgarsj/edockit/compare/v0.4.0...v0.4.1
|
|
117
142
|
[0.4.0]: https://github.com/edgarsj/edockit/compare/v0.3.0...v0.4.0
|
|
118
143
|
[0.3.0]: https://github.com/edgarsj/edockit/compare/v0.2.4...v0.3.0
|
|
119
144
|
[0.2.4]: https://github.com/edgarsj/edockit/compare/v0.2.3...v0.2.4
|
|
@@ -116,10 +116,13 @@ function queryByXPath(parent, xpathExpression, namespaces = NAMESPACES) {
|
|
|
116
116
|
// Node.js environment with xpath module
|
|
117
117
|
else {
|
|
118
118
|
const xpathLib = xpath;
|
|
119
|
-
const nsResolver = createNsResolverForNode(namespaces);
|
|
120
119
|
// Use a try-catch here to handle specific XPath issues
|
|
121
120
|
try {
|
|
122
|
-
|
|
121
|
+
// useNamespaces returns a select function that resolves prefixes (e.g. ec:)
|
|
122
|
+
// and always returns a node array. (xpath.select's 3rd arg is `single`, not a
|
|
123
|
+
// resolver, so passing the namespace map there silently breaks results.)
|
|
124
|
+
const selectWithNs = xpathLib.useNamespaces(namespaces);
|
|
125
|
+
const nodes = selectWithNs(xpathExpression, parent);
|
|
123
126
|
return nodes.length > 0 ? nodes[0] : null;
|
|
124
127
|
}
|
|
125
128
|
catch (err) {
|
|
@@ -177,10 +180,13 @@ function queryAllByXPath(parent, xpathExpression, namespaces = NAMESPACES) {
|
|
|
177
180
|
// Node.js environment with xpath module
|
|
178
181
|
else {
|
|
179
182
|
const xpathLib = xpath;
|
|
180
|
-
const nsResolver = createNsResolverForNode(namespaces);
|
|
181
183
|
// Use a try-catch here to handle specific XPath issues
|
|
182
184
|
try {
|
|
183
|
-
|
|
185
|
+
// useNamespaces returns a select function that resolves prefixes (e.g. ec:)
|
|
186
|
+
// and always returns a node array. (xpath.select's 3rd arg is `single`, not a
|
|
187
|
+
// resolver, so passing the namespace map there silently breaks results.)
|
|
188
|
+
const selectWithNs = xpathLib.useNamespaces(namespaces);
|
|
189
|
+
const nodes = selectWithNs(xpathExpression, parent);
|
|
184
190
|
return nodes;
|
|
185
191
|
}
|
|
186
192
|
catch (err) {
|
|
@@ -218,12 +224,6 @@ function createNsResolverForBrowser(namespaces) {
|
|
|
218
224
|
return namespaces[prefix] || null;
|
|
219
225
|
};
|
|
220
226
|
}
|
|
221
|
-
/**
|
|
222
|
-
* Helper function to create a namespace resolver for Node.js environments
|
|
223
|
-
*/
|
|
224
|
-
function createNsResolverForNode(namespaces) {
|
|
225
|
-
return namespaces;
|
|
226
|
-
}
|
|
227
227
|
/**
|
|
228
228
|
* Converts a CSS-like selector (with namespace support) to an XPath expression
|
|
229
229
|
*
|
|
@@ -546,4 +546,4 @@ function formatValidityPeriod(certInfo) {
|
|
|
546
546
|
}
|
|
547
547
|
|
|
548
548
|
export { querySelector as a, checkCertificateValidity as b, createXMLParser as c, formatPEM as d, extractSignerInfo as e, formatValidityPeriod as f, getSignerDisplayName as g, parseCertificate as p, querySelectorAll as q, serializeToXML as s };
|
|
549
|
-
//# sourceMappingURL=certificate-
|
|
549
|
+
//# sourceMappingURL=certificate-85461237.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"certificate-85461237.js","sources":["../src/utils/xmlParser.ts","../src/core/certificate.ts"],"sourcesContent":[null,null],"names":[],"mappings":";;;;;;;;AAGA;;;;;;;AAOG;AACa,SAAA,8BAA8B,CAAC,MAAY,EAAE,QAAgB,EAAA;IAC3E,MAAM,OAAO,GAAc,EAAE,CAAC;IAC9B,MAAM,SAAS,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;;IAG3D,MAAM,eAAe,GAAyC,EAAE,CAAC;AACjE,IAAA,KAAK,MAAM,GAAG,IAAI,SAAS,EAAE;AAC3B,QAAA,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;AACjD,QAAA,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;AACtB,YAAA,eAAe,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;SAC1C;AAAM,aAAA,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;AAC7B,YAAA,eAAe,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;SACxD;KACF;;IAGD,SAAS,UAAU,CAAC,IAAU,EAAA;AAC5B,QAAA,IAAI,CAAC,IAAI;YAAE,OAAO;AAElB,QAAA,IAAI,IAAI,CAAC,QAAQ,KAAK,CAAC,EAAE;;YAEvB,MAAM,OAAO,GAAG,IAAe,CAAC;AAChC,YAAA,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;AAClC,YAAA,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,CAAC;;AAGpC,YAAA,KAAK,MAAM,GAAG,IAAI,eAAe,EAAE;;AAEjC,gBAAA,IAAI,GAAG,CAAC,EAAE,IAAI,QAAQ,KAAK,CAAG,EAAA,GAAG,CAAC,EAAE,IAAI,GAAG,CAAC,IAAI,CAAA,CAAE,EAAE;AAClD,oBAAA,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;oBACtB,MAAM;iBACP;;AAED,gBAAA,IAAI,SAAS,KAAK,GAAG,CAAC,IAAI,IAAI,QAAQ,KAAK,GAAG,CAAC,IAAI,EAAE;AACnD,oBAAA,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;oBACtB,MAAM;iBACP;;gBAED,IAAI,QAAQ,CAAC,QAAQ,CAAC,CAAA,CAAA,EAAI,GAAG,CAAC,IAAI,CAAA,CAAE,CAAC,EAAE;AACrC,oBAAA,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;oBACtB,MAAM;iBACP;aACF;SACF;;AAGD,QAAA,IAAI,IAAI,CAAC,UAAU,EAAE;AACnB,YAAA,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;gBAC/C,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;aAChC;SACF;KACF;IAED,UAAU,CAAC,MAAM,CAAC,CAAC;AACnB,IAAA,OAAO,OAAO,CAAC;AACjB,CAAC;AAcD;AACO,MAAM,UAAU,GAAiB;AACtC,IAAA,EAAE,EAAE,oCAAoC;AACxC,IAAA,MAAM,EAAE,mCAAmC;AAC3C,IAAA,KAAK,EAAE,kCAAkC;AACzC,IAAA,EAAE,EAAE,yCAAyC;AAC7C,IAAA,SAAS,EAAE,yCAAyC;AACpD,IAAA,IAAI,EAAE,mCAAmC;AACzC,IAAA,MAAM,EAAE,kCAAkC;AAC1C,IAAA,KAAK,EAAE,mCAAmC;AAC1C,IAAA,QAAQ,EAAE,mCAAmC;AAC7C,IAAA,IAAI,EAAE,mCAAmC;CAC1C,CAAC;AAEF;;AAEG;SACa,eAAe,GAAA;;IAE7B,IAAI,OAAO,MAAM,KAAK,WAAW,IAAI,MAAM,CAAC,SAAS,EAAE;AACrD,QAAA,OAAO,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;KAC/B;;AAGD,IAAA,OAAO,IAAI,MAAM,CAAC,SAAS,EAAmC,CAAC;AACjE,CAAC;AAED;;;;;;;AAOG;AACG,SAAU,YAAY,CAC1B,MAA0B,EAC1B,eAAuB,EACvB,aAA2B,UAAU,EAAA;AAErC,IAAA,IAAI;;AAEF,QAAA,IAAI,OAAO,QAAQ,KAAK,WAAW,IAAI,OAAO,QAAQ,CAAC,QAAQ,KAAK,UAAU,EAAE;;AAE9E,YAAA,MAAM,QAAQ,GAAG,eAAe,IAAI,MAAM,GAAG,MAAM,CAAC,aAAa,GAAG,MAAM,CAAC;YAC3E,IAAI,CAAC,QAAQ,IAAI,OAAO,QAAQ,CAAC,QAAQ,KAAK,UAAU,EAAE;;;AAGxD,gBAAA,OAAO,IAAI,CAAC;aACb;AACD,YAAA,MAAM,UAAU,GAAG,0BAA0B,CAAC,UAAU,CAAC,CAAC;AAC1D,YAAA,MAAM,MAAM,GAAG,QAAQ,CAAC,QAAQ,CAC9B,eAAe,EACf,MAAM,EACN,UAAU,EACV,WAAW,CAAC,uBAAuB,EACnC,IAAI,CACL,CAAC;YACF,OAAO,MAAM,CAAC,eAA0B,CAAC;SAC1C;;aAEI;YACH,MAAM,QAAQ,GAAG,KAAK,CAAC;;AAGvB,YAAA,IAAI;;;;gBAIF,MAAM,YAAY,GAAG,QAAQ,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC;gBACxD,MAAM,KAAK,GAAG,YAAY,CAAC,eAAe,EAAE,MAAa,CAAW,CAAC;AACrE,gBAAA,OAAO,KAAK,CAAC,MAAM,GAAG,CAAC,GAAI,KAAK,CAAC,CAAC,CAAa,GAAG,IAAI,CAAC;aACxD;YAAC,OAAO,GAAY,EAAE;;gBAErB,IACE,OAAO,GAAG,KAAK,QAAQ;AACvB,oBAAA,GAAG,KAAK,IAAI;AACZ,oBAAA,SAAS,IAAI,GAAG;AAChB,oBAAA,OAAO,GAAG,CAAC,OAAO,KAAK,QAAQ;oBAC/B,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,sBAAsB,CAAC,EAC5C;;oBAEA,MAAM,KAAK,GAAG,eAAe,CAAC,KAAK,CAAC,0BAA0B,CAAC,CAAC;AAChE,oBAAA,IAAI,KAAK,IAAI,KAAK,CAAC,CAAC,CAAC,EAAE;AACrB,wBAAA,MAAM,WAAW,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;AAC7B,wBAAA,MAAM,eAAe,GAAG,CAAsB,mBAAA,EAAA,WAAW,IAAI,CAAC;wBAC9D,MAAM,KAAK,GAAG,QAAQ,CAAC,MAAM,CAAC,eAAe,EAAE,MAAa,CAAQ,CAAC;AACrE,wBAAA,OAAO,KAAK,CAAC,MAAM,GAAG,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;qBAC3C;iBACF;gBACD,MAAM,GAAG,CAAC;aACX;SACF;KACF;IAAC,OAAO,CAAC,EAAE;QACV,OAAO,CAAC,KAAK,CAAC,CAAA,6BAAA,EAAgC,eAAe,CAAI,EAAA,CAAA,EAAE,CAAC,CAAC,CAAC;AACtE,QAAA,OAAO,IAAI,CAAC;KACb;AACH,CAAC;AAED;;;;;;;AAOG;AACG,SAAU,eAAe,CAC7B,MAA0B,EAC1B,eAAuB,EACvB,aAA2B,UAAU,EAAA;AAErC,IAAA,IAAI;;AAEF,QAAA,IAAI,OAAO,QAAQ,KAAK,WAAW,IAAI,OAAO,QAAQ,CAAC,QAAQ,KAAK,UAAU,EAAE;;AAE9E,YAAA,MAAM,QAAQ,GAAG,eAAe,IAAI,MAAM,GAAG,MAAM,CAAC,aAAa,GAAG,MAAM,CAAC;YAC3E,IAAI,CAAC,QAAQ,IAAI,OAAO,QAAQ,CAAC,QAAQ,KAAK,UAAU,EAAE;;;AAGxD,gBAAA,OAAO,EAAE,CAAC;aACX;AACD,YAAA,MAAM,UAAU,GAAG,0BAA0B,CAAC,UAAU,CAAC,CAAC;AAC1D,YAAA,MAAM,MAAM,GAAG,QAAQ,CAAC,QAAQ,CAC9B,eAAe,EACf,MAAM,EACN,UAAU,EACV,WAAW,CAAC,0BAA0B,EACtC,IAAI,CACL,CAAC;YAEF,MAAM,QAAQ,GAAc,EAAE,CAAC;AAC/B,YAAA,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,cAAc,EAAE,CAAC,EAAE,EAAE;gBAC9C,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,CAAY,CAAC,CAAC;aAClD;AACD,YAAA,OAAO,QAAQ,CAAC;SACjB;;aAEI;YACH,MAAM,QAAQ,GAAG,KAAK,CAAC;;AAGvB,YAAA,IAAI;;;;gBAIF,MAAM,YAAY,GAAG,QAAQ,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC;gBACxD,MAAM,KAAK,GAAG,YAAY,CAAC,eAAe,EAAE,MAAa,CAAW,CAAC;AACrE,gBAAA,OAAO,KAAkB,CAAC;aAC3B;YAAC,OAAO,GAAY,EAAE;;gBAErB,IACE,OAAO,GAAG,KAAK,QAAQ;AACvB,oBAAA,GAAG,KAAK,IAAI;AACZ,oBAAA,SAAS,IAAI,GAAG;AAChB,oBAAA,OAAO,GAAG,CAAC,OAAO,KAAK,QAAQ;oBAC/B,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,sBAAsB,CAAC,EAC5C;;oBAEA,MAAM,KAAK,GAAG,eAAe,CAAC,KAAK,CAAC,0BAA0B,CAAC,CAAC;AAChE,oBAAA,IAAI,KAAK,IAAI,KAAK,CAAC,CAAC,CAAC,EAAE;AACrB,wBAAA,MAAM,WAAW,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;AAC7B,wBAAA,MAAM,eAAe,GAAG,CAAsB,mBAAA,EAAA,WAAW,IAAI,CAAC;wBAC9D,MAAM,KAAK,GAAG,QAAQ,CAAC,MAAM,CAAC,eAAe,EAAE,MAAa,CAAQ,CAAC;AACrE,wBAAA,OAAO,KAAkB,CAAC;qBAC3B;iBACF;gBACD,MAAM,GAAG,CAAC;aACX;SACF;KACF;IAAC,OAAO,CAAC,EAAE;QACV,OAAO,CAAC,KAAK,CAAC,CAAA,6BAAA,EAAgC,eAAe,CAAI,EAAA,CAAA,EAAE,CAAC,CAAC,CAAC;AACtE,QAAA,OAAO,EAAE,CAAC;KACX;AACH,CAAC;AAED;;AAEG;AACH,SAAS,0BAA0B,CAAC,UAAwB,EAAA;AAC1D,IAAA,OAAO,UAAU,MAAqB,EAAA;QACpC,IAAI,MAAM,KAAK,IAAI;AAAE,YAAA,OAAO,IAAI,CAAC;AACjC,QAAA,OAAO,UAAU,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC;AACpC,KAAC,CAAC;AACJ,CAAC;AAED;;;;;AAKG;AACG,SAAU,eAAe,CAAC,QAAgB,EAAA;;IAE9C,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;IACvD,MAAM,UAAU,GAAa,EAAE,CAAC;AAEhC,IAAA,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE;;AAExB,QAAA,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;AAErD,QAAA,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE;;;YAGzB,UAAU,CAAC,IAAI,CAAC,CAAsB,mBAAA,EAAA,QAAQ,CAAC,CAAC,CAAC,CAAI,EAAA,CAAA,CAAC,CAAC;SACxD;AAAM,aAAA,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE;;;YAGhC,UAAU,CAAC,IAAI,CAAC,CAAA,GAAA,EAAM,QAAQ,CAAC,CAAC,CAAC,CAAI,CAAA,EAAA,QAAQ,CAAC,CAAC,CAAC,yBAAyB,QAAQ,CAAC,CAAC,CAAC,CAAA,EAAA,CAAI,CAAC,CAAC;SAC3F;KACF;;AAGD,IAAA,OAAO,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AAChC,CAAC;AAED;;;;;;;AAOG;AACa,SAAA,aAAa,CAAC,MAA0B,EAAE,QAAgB,EAAA;;AAExE,IAAA,IAAI,OAAO,MAAM,CAAC,aAAa,KAAK,UAAU,EAAE;AAC9C,QAAA,IAAI;YACF,MAAM,MAAM,GAAG,MAAM,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC;AAC9C,YAAA,IAAI,MAAM;AAAE,gBAAA,OAAO,MAAM,CAAC;SAC3B;QAAC,OAAO,CAAC,EAAE;;SAEX;KACF;;IAGD,MAAM,QAAQ,GAAG,8BAA8B,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;AAClE,IAAA,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE;AACvB,QAAA,OAAO,QAAQ,CAAC,CAAC,CAAC,CAAC;KACpB;;AAGD,IAAA,IAAI;AACF,QAAA,MAAM,SAAS,GAAG,eAAe,CAAC,QAAQ,CAAC,CAAC;AAC5C,QAAA,OAAO,YAAY,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;KACxC;IAAC,OAAO,CAAC,EAAE;AACV,QAAA,OAAO,CAAC,IAAI,CAAC,4DAA4D,CAAC,CAAC;AAC3E,QAAA,OAAO,IAAI,CAAC;KACb;AACH,CAAC;AAED;;;;;;;AAOG;AACa,SAAA,gBAAgB,CAAC,MAA0B,EAAE,QAAgB,EAAA;;AAE3E,IAAA,IAAI,OAAO,MAAM,CAAC,gBAAgB,KAAK,UAAU,EAAE;AACjD,QAAA,IAAI;YACF,MAAM,OAAO,GAAG,MAAM,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;AAClD,YAAA,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE;gBACtB,MAAM,QAAQ,GAAc,EAAE,CAAC;AAC/B,gBAAA,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;oBACvC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAY,CAAC,CAAC;iBACtC;AACD,gBAAA,OAAO,QAAQ,CAAC;aACjB;SACF;QAAC,OAAO,CAAC,EAAE;;SAEX;KACF;;IAGD,MAAM,QAAQ,GAAG,8BAA8B,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;AAClE,IAAA,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE;AACvB,QAAA,OAAO,QAAQ,CAAC;KACjB;;AAGD,IAAA,IAAI;AACF,QAAA,MAAM,SAAS,GAAG,eAAe,CAAC,QAAQ,CAAC,CAAC;AAC5C,QAAA,OAAO,eAAe,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;KAC3C;IAAC,OAAO,CAAC,EAAE;AACV,QAAA,OAAO,CAAC,IAAI,CAAC,4DAA4D,CAAC,CAAC;AAC3E,QAAA,OAAO,EAAE,CAAC;KACX;AACH,CAAC;AAED;;AAEG;AACG,SAAU,cAAc,CAAC,IAAU,EAAA;;IAEvC,IAAI,OAAO,MAAM,KAAK,WAAW,IAAI,MAAM,CAAC,aAAa,EAAE;QACzD,OAAO,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC;KAC3D;;IAGD,OAAO,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC,iBAAiB,CAAC,IAAW,CAAC,CAAC;AACnE;;ACpVA;;;;AAIG;AACG,SAAU,SAAS,CAAC,UAAmB,EAAA;AAC3C,IAAA,IAAI,CAAC,UAAU;AAAE,QAAA,OAAO,EAAE,CAAC;;IAG3B,MAAM,WAAW,GAAG,UAAU,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;;IAGnD,MAAM,KAAK,GAAG,EAAE,CAAC;AACjB,IAAA,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;AAC/C,QAAA,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;KAC9C;;IAGD,OAAO,CAAA,6BAAA,EAAgC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,6BAA6B,CAAC;AACvF,CAAC;AAED;;;;AAIG;AACG,SAAU,iBAAiB,CAAC,WAA4B,EAAA;AAe5D,IAAA,MAAM,MAAM,GAAQ;QAClB,SAAS,EAAE,WAAW,CAAC,SAAS;QAChC,OAAO,EAAE,WAAW,CAAC,QAAQ;AAC7B,QAAA,MAAM,EAAE,EAAE;KACX,CAAC;;;AAKF,IAAA,IAAI;AACF,QAAA,IAAI,OAAO,WAAW,CAAC,OAAO,KAAK,QAAQ,IAAI,WAAW,CAAC,OAAO,KAAK,IAAI,EAAE;;AAE3E,YAAA,MAAM,OAAO,GAAG,WAAW,CAAC,OAAc,CAAC;AAC3C,YAAA,MAAM,CAAC,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;AACvC,YAAA,MAAM,CAAC,YAAY,GAAG,OAAO,CAAC,gBAAgB,CAAC;AAC/C,YAAA,MAAM,CAAC,OAAO,GAAG,OAAO,CAAC,WAAW,CAAC;SACtC;;AAGD,QAAA,IAAI,OAAO,WAAW,CAAC,MAAM,KAAK,QAAQ,IAAI,WAAW,CAAC,MAAM,KAAK,IAAI,EAAE;AACzE,YAAA,MAAM,MAAM,GAAG,WAAW,CAAC,MAAa,CAAC;YACzC,MAAM,CAAC,MAAM,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC;YAC7C,MAAM,CAAC,MAAM,CAAC,YAAY,GAAG,MAAM,CAAC,gBAAgB,CAAC;YACrD,MAAM,CAAC,MAAM,CAAC,OAAO,GAAG,MAAM,CAAC,WAAW,CAAC;SAC5C;KACF;IAAC,OAAO,CAAC,EAAE;AACV,QAAA,OAAO,CAAC,IAAI,CAAC,8CAA8C,EAAE,CAAC,CAAC,CAAC;KACjE;;AAGD,IAAA,IAAI;AACF,QAAA,IAAI,OAAO,WAAW,CAAC,OAAO,KAAK,QAAQ,EAAE;AAC3C,YAAA,MAAM,UAAU,GAAG,WAAW,CAAC,OAAiB,CAAC;;YAGjD,MAAM,YAAY,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;AAC3C,YAAA,KAAK,MAAM,IAAI,IAAI,YAAY,EAAE;AAC/B,gBAAA,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBAC5C,IAAI,GAAG,KAAK,IAAI;oBAAE,MAAM,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,IAAI,KAAK,CAAC;gBACjE,IAAI,GAAG,KAAK,GAAG;oBAAE,MAAM,CAAC,YAAY,GAAG,MAAM,CAAC,YAAY,IAAI,KAAK,CAAC;gBACpE,IAAI,GAAG,KAAK,GAAG;oBAAE,MAAM,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,KAAK,CAAC;gBAC1D,IAAI,GAAG,KAAK,IAAI;AAAE,oBAAA,MAAM,CAAC,OAAO,GAAG,KAAK,CAAC;AACzC,gBAAA,IAAI,GAAG,KAAK,GAAG,IAAI,GAAG,KAAK,IAAI;AAAE,oBAAA,MAAM,CAAC,SAAS,GAAG,KAAK,CAAC;AAC1D,gBAAA,IAAI,GAAG,KAAK,cAAc,IAAI,GAAG,KAAK,SAAS;oBAC7C,MAAM,CAAC,YAAY,GAAG,KAAK,EAAE,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;aACtD;SACF;AAED,QAAA,IAAI,OAAO,WAAW,CAAC,MAAM,KAAK,QAAQ,EAAE;AAC1C,YAAA,MAAM,SAAS,GAAG,WAAW,CAAC,MAAgB,CAAC;;YAG/C,MAAM,WAAW,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;AACzC,YAAA,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE;AAC9B,gBAAA,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBAC5C,IAAI,GAAG,KAAK,IAAI;AAAE,oBAAA,MAAM,CAAC,MAAM,CAAC,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,UAAU,IAAI,KAAK,CAAC;gBAC/E,IAAI,GAAG,KAAK,GAAG;AAAE,oBAAA,MAAM,CAAC,MAAM,CAAC,YAAY,GAAG,MAAM,CAAC,MAAM,CAAC,YAAY,IAAI,KAAK,CAAC;gBAClF,IAAI,GAAG,KAAK,GAAG;AAAE,oBAAA,MAAM,CAAC,MAAM,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,OAAO,IAAI,KAAK,CAAC;aACzE;SACF;KACF;IAAC,OAAO,CAAC,EAAE;AACV,QAAA,OAAO,CAAC,IAAI,CAAC,8CAA8C,EAAE,CAAC,CAAC,CAAC;KACjE;;AAGD,IAAA,IAAI;QACF,IAAI,aAAa,IAAI,WAAW,IAAK,WAAmB,CAAC,WAAW,EAAE,QAAQ,EAAE;AAC9E,YAAA,MAAM,WAAW,GAAI,WAAmB,CAAC,WAAW,CAAC;;AAErD,YAAA,MAAM,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,IAAI,WAAW,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;AACzE,YAAA,MAAM,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,WAAW,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;AACnE,YAAA,MAAM,CAAC,SAAS,GAAG,MAAM,CAAC,SAAS,IAAI,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;AACtE,YAAA,MAAM,CAAC,YAAY;gBACjB,MAAM,CAAC,YAAY,IAAI,WAAW,CAAC,QAAQ,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;AACrF,YAAA,MAAM,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;AAClE,YAAA,MAAM,CAAC,YAAY,GAAG,MAAM,CAAC,YAAY,IAAI,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;SAC7E;KACF;IAAC,OAAO,CAAC,EAAE;AACV,QAAA,OAAO,CAAC,IAAI,CAAC,iDAAiD,EAAE,CAAC,CAAC,CAAC;KACpE;;IAGD,IAAI,CAAC,MAAM,CAAC,YAAY,IAAI,WAAW,CAAC,YAAY,EAAE;AACpD,QAAA,MAAM,CAAC,YAAY,GAAG,WAAW,CAAC,YAAY,CAAC;KAChD;AAED,IAAA,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;AAIG;AACI,eAAe,gBAAgB,CAAC,QAAgB,EAAA;AACrD,IAAA,IAAI;QACF,IAAI,OAAO,GAAG,QAAQ,CAAC;;QAGvB,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,6BAA6B,CAAC,EAAE;;YAErD,MAAM,eAAe,GAAG,QAAQ,CAAC,OAAO,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;AAC1D,YAAA,OAAO,GAAG,SAAS,CAAC,eAAe,CAAC,CAAC;SACtC;AACD,QAAA,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC,OAAO,CAAC,CAAC;AAC1C,QAAA,MAAM,UAAU,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;QAE3C,OAAO;AACL,YAAA,OAAO,EAAE;gBACP,UAAU,EAAE,UAAU,CAAC,UAAU;gBACjC,YAAY,EAAE,UAAU,CAAC,YAAY;gBACrC,OAAO,EAAE,UAAU,CAAC,OAAO;gBAC3B,OAAO,EAAE,UAAU,CAAC,OAAO;gBAC3B,SAAS,EAAE,UAAU,CAAC,SAAS;gBAC/B,YAAY,EAAE,UAAU,CAAC,YAAY;AACtC,aAAA;YACD,SAAS,EAAE,UAAU,CAAC,SAAS;YAC/B,OAAO,EAAE,UAAU,CAAC,OAAO;YAC3B,MAAM,EAAE,UAAU,CAAC,MAAM;YACzB,YAAY,EAAE,IAAI,CAAC,YAAY;SAChC,CAAC;KACH;IAAC,OAAO,KAAK,EAAE;AACd,QAAA,OAAO,CAAC,KAAK,CAAC,4BAA4B,EAAE,KAAK,CAAC,CAAC;QACnD,MAAM,IAAI,KAAK,CACb,+BAA+B,IAAI,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAC3F,CAAC;KACH;AACH,CAAC;AAED;;;;;AAKG;AACG,SAAU,wBAAwB,CACtC,IAAuC,EACvC,SAAkB,GAAA,IAAI,IAAI,EAAE,EAAA;;AAG5B,IAAA,MAAM,SAAS,GAAG,WAAW,IAAI,IAAI,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;AACxE,IAAA,MAAM,OAAO,GAAG,UAAU,IAAI,IAAI,GAAG,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC;;AAGlE,IAAA,IAAI,SAAS,GAAG,SAAS,EAAE;QACzB,OAAO;AACL,YAAA,OAAO,EAAE,KAAK;AACd,YAAA,MAAM,EAAE,CAAyC,sCAAA,EAAA,SAAS,CAAC,WAAW,EAAE,CAAE,CAAA;SAC3E,CAAC;KACH;AAED,IAAA,IAAI,SAAS,GAAG,OAAO,EAAE;QACvB,OAAO;AACL,YAAA,OAAO,EAAE,KAAK;AACd,YAAA,MAAM,EAAE,CAAoC,iCAAA,EAAA,OAAO,CAAC,WAAW,EAAE,CAAE,CAAA;SACpE,CAAC;KACH;AAED,IAAA,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;AAC3B,CAAC;AAyBD;;;;AAIG;AACG,SAAU,oBAAoB,CAAC,QAAyB,EAAA;AAC5D,IAAA,MAAM,EAAE,OAAO,EAAE,GAAG,QAAQ,CAAC;IAE7B,IAAI,OAAO,CAAC,SAAS,IAAI,OAAO,CAAC,OAAO,EAAE;QACxC,OAAO,CAAA,EAAG,OAAO,CAAC,SAAS,IAAI,OAAO,CAAC,OAAO,CAAA,CAAE,CAAC;KAClD;AAED,IAAA,IAAI,OAAO,CAAC,UAAU,EAAE;QACtB,OAAO,OAAO,CAAC,UAAU,CAAC;KAC3B;;AAGD,IAAA,OAAO,OAAO,CAAC,YAAY,IAAI,gBAAgB,CAAC;AAClD,CAAC;AAED;;;;AAIG;AACG,SAAU,oBAAoB,CAAC,QAAyB,EAAA;AAC5D,IAAA,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,GAAG,QAAQ,CAAC;AAExC,IAAA,MAAM,UAAU,GAAG,CAAC,IAAU,KAAI;AAChC,QAAA,OAAO,IAAI,CAAC,kBAAkB,CAAC,SAAS,EAAE;AACxC,YAAA,IAAI,EAAE,SAAS;AACf,YAAA,KAAK,EAAE,MAAM;AACb,YAAA,GAAG,EAAE,SAAS;AACf,SAAA,CAAC,CAAC;AACL,KAAC,CAAC;IAEF,OAAO,CAAA,EAAG,UAAU,CAAC,SAAS,CAAC,CAAO,IAAA,EAAA,UAAU,CAAC,OAAO,CAAC,CAAA,CAAE,CAAC;AAC9D;;;;"}
|
|
@@ -139,10 +139,13 @@ function queryByXPath(parent, xpathExpression, namespaces = NAMESPACES) {
|
|
|
139
139
|
// Node.js environment with xpath module
|
|
140
140
|
else {
|
|
141
141
|
const xpathLib = xpath__namespace;
|
|
142
|
-
const nsResolver = createNsResolverForNode(namespaces);
|
|
143
142
|
// Use a try-catch here to handle specific XPath issues
|
|
144
143
|
try {
|
|
145
|
-
|
|
144
|
+
// useNamespaces returns a select function that resolves prefixes (e.g. ec:)
|
|
145
|
+
// and always returns a node array. (xpath.select's 3rd arg is `single`, not a
|
|
146
|
+
// resolver, so passing the namespace map there silently breaks results.)
|
|
147
|
+
const selectWithNs = xpathLib.useNamespaces(namespaces);
|
|
148
|
+
const nodes = selectWithNs(xpathExpression, parent);
|
|
146
149
|
return nodes.length > 0 ? nodes[0] : null;
|
|
147
150
|
}
|
|
148
151
|
catch (err) {
|
|
@@ -200,10 +203,13 @@ function queryAllByXPath(parent, xpathExpression, namespaces = NAMESPACES) {
|
|
|
200
203
|
// Node.js environment with xpath module
|
|
201
204
|
else {
|
|
202
205
|
const xpathLib = xpath__namespace;
|
|
203
|
-
const nsResolver = createNsResolverForNode(namespaces);
|
|
204
206
|
// Use a try-catch here to handle specific XPath issues
|
|
205
207
|
try {
|
|
206
|
-
|
|
208
|
+
// useNamespaces returns a select function that resolves prefixes (e.g. ec:)
|
|
209
|
+
// and always returns a node array. (xpath.select's 3rd arg is `single`, not a
|
|
210
|
+
// resolver, so passing the namespace map there silently breaks results.)
|
|
211
|
+
const selectWithNs = xpathLib.useNamespaces(namespaces);
|
|
212
|
+
const nodes = selectWithNs(xpathExpression, parent);
|
|
207
213
|
return nodes;
|
|
208
214
|
}
|
|
209
215
|
catch (err) {
|
|
@@ -241,12 +247,6 @@ function createNsResolverForBrowser(namespaces) {
|
|
|
241
247
|
return namespaces[prefix] || null;
|
|
242
248
|
};
|
|
243
249
|
}
|
|
244
|
-
/**
|
|
245
|
-
* Helper function to create a namespace resolver for Node.js environments
|
|
246
|
-
*/
|
|
247
|
-
function createNsResolverForNode(namespaces) {
|
|
248
|
-
return namespaces;
|
|
249
|
-
}
|
|
250
250
|
/**
|
|
251
251
|
* Converts a CSS-like selector (with namespace support) to an XPath expression
|
|
252
252
|
*
|
|
@@ -578,4 +578,4 @@ exports.parseCertificate = parseCertificate;
|
|
|
578
578
|
exports.querySelector = querySelector;
|
|
579
579
|
exports.querySelectorAll = querySelectorAll;
|
|
580
580
|
exports.serializeToXML = serializeToXML;
|
|
581
|
-
//# sourceMappingURL=certificate-
|
|
581
|
+
//# sourceMappingURL=certificate-e6d074b8.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"certificate-e6d074b8.js","sources":["../src/utils/xmlParser.ts","../src/core/certificate.ts"],"sourcesContent":[null,null],"names":["xmldom","xpath","X509Certificate"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAGA;;;;;;;AAOG;AACa,SAAA,8BAA8B,CAAC,MAAY,EAAE,QAAgB,EAAA;IAC3E,MAAM,OAAO,GAAc,EAAE,CAAC;IAC9B,MAAM,SAAS,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;;IAG3D,MAAM,eAAe,GAAyC,EAAE,CAAC;AACjE,IAAA,KAAK,MAAM,GAAG,IAAI,SAAS,EAAE;AAC3B,QAAA,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;AACjD,QAAA,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;AACtB,YAAA,eAAe,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;SAC1C;AAAM,aAAA,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;AAC7B,YAAA,eAAe,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;SACxD;KACF;;IAGD,SAAS,UAAU,CAAC,IAAU,EAAA;AAC5B,QAAA,IAAI,CAAC,IAAI;YAAE,OAAO;AAElB,QAAA,IAAI,IAAI,CAAC,QAAQ,KAAK,CAAC,EAAE;;YAEvB,MAAM,OAAO,GAAG,IAAe,CAAC;AAChC,YAAA,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;AAClC,YAAA,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,CAAC;;AAGpC,YAAA,KAAK,MAAM,GAAG,IAAI,eAAe,EAAE;;AAEjC,gBAAA,IAAI,GAAG,CAAC,EAAE,IAAI,QAAQ,KAAK,CAAG,EAAA,GAAG,CAAC,EAAE,IAAI,GAAG,CAAC,IAAI,CAAA,CAAE,EAAE;AAClD,oBAAA,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;oBACtB,MAAM;iBACP;;AAED,gBAAA,IAAI,SAAS,KAAK,GAAG,CAAC,IAAI,IAAI,QAAQ,KAAK,GAAG,CAAC,IAAI,EAAE;AACnD,oBAAA,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;oBACtB,MAAM;iBACP;;gBAED,IAAI,QAAQ,CAAC,QAAQ,CAAC,CAAA,CAAA,EAAI,GAAG,CAAC,IAAI,CAAA,CAAE,CAAC,EAAE;AACrC,oBAAA,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;oBACtB,MAAM;iBACP;aACF;SACF;;AAGD,QAAA,IAAI,IAAI,CAAC,UAAU,EAAE;AACnB,YAAA,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;gBAC/C,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;aAChC;SACF;KACF;IAED,UAAU,CAAC,MAAM,CAAC,CAAC;AACnB,IAAA,OAAO,OAAO,CAAC;AACjB,CAAC;AAcD;AACO,MAAM,UAAU,GAAiB;AACtC,IAAA,EAAE,EAAE,oCAAoC;AACxC,IAAA,MAAM,EAAE,mCAAmC;AAC3C,IAAA,KAAK,EAAE,kCAAkC;AACzC,IAAA,EAAE,EAAE,yCAAyC;AAC7C,IAAA,SAAS,EAAE,yCAAyC;AACpD,IAAA,IAAI,EAAE,mCAAmC;AACzC,IAAA,MAAM,EAAE,kCAAkC;AAC1C,IAAA,KAAK,EAAE,mCAAmC;AAC1C,IAAA,QAAQ,EAAE,mCAAmC;AAC7C,IAAA,IAAI,EAAE,mCAAmC;CAC1C,CAAC;AAEF;;AAEG;SACa,eAAe,GAAA;;IAE7B,IAAI,OAAO,MAAM,KAAK,WAAW,IAAI,MAAM,CAAC,SAAS,EAAE;AACrD,QAAA,OAAO,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;KAC/B;;AAGD,IAAA,OAAO,IAAIA,iBAAM,CAAC,SAAS,EAAmC,CAAC;AACjE,CAAC;AAED;;;;;;;AAOG;AACG,SAAU,YAAY,CAC1B,MAA0B,EAC1B,eAAuB,EACvB,aAA2B,UAAU,EAAA;AAErC,IAAA,IAAI;;AAEF,QAAA,IAAI,OAAO,QAAQ,KAAK,WAAW,IAAI,OAAO,QAAQ,CAAC,QAAQ,KAAK,UAAU,EAAE;;AAE9E,YAAA,MAAM,QAAQ,GAAG,eAAe,IAAI,MAAM,GAAG,MAAM,CAAC,aAAa,GAAG,MAAM,CAAC;YAC3E,IAAI,CAAC,QAAQ,IAAI,OAAO,QAAQ,CAAC,QAAQ,KAAK,UAAU,EAAE;;;AAGxD,gBAAA,OAAO,IAAI,CAAC;aACb;AACD,YAAA,MAAM,UAAU,GAAG,0BAA0B,CAAC,UAAU,CAAC,CAAC;AAC1D,YAAA,MAAM,MAAM,GAAG,QAAQ,CAAC,QAAQ,CAC9B,eAAe,EACf,MAAM,EACN,UAAU,EACV,WAAW,CAAC,uBAAuB,EACnC,IAAI,CACL,CAAC;YACF,OAAO,MAAM,CAAC,eAA0B,CAAC;SAC1C;;aAEI;YACH,MAAM,QAAQ,GAAGC,gBAAK,CAAC;;AAGvB,YAAA,IAAI;;;;gBAIF,MAAM,YAAY,GAAG,QAAQ,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC;gBACxD,MAAM,KAAK,GAAG,YAAY,CAAC,eAAe,EAAE,MAAa,CAAW,CAAC;AACrE,gBAAA,OAAO,KAAK,CAAC,MAAM,GAAG,CAAC,GAAI,KAAK,CAAC,CAAC,CAAa,GAAG,IAAI,CAAC;aACxD;YAAC,OAAO,GAAY,EAAE;;gBAErB,IACE,OAAO,GAAG,KAAK,QAAQ;AACvB,oBAAA,GAAG,KAAK,IAAI;AACZ,oBAAA,SAAS,IAAI,GAAG;AAChB,oBAAA,OAAO,GAAG,CAAC,OAAO,KAAK,QAAQ;oBAC/B,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,sBAAsB,CAAC,EAC5C;;oBAEA,MAAM,KAAK,GAAG,eAAe,CAAC,KAAK,CAAC,0BAA0B,CAAC,CAAC;AAChE,oBAAA,IAAI,KAAK,IAAI,KAAK,CAAC,CAAC,CAAC,EAAE;AACrB,wBAAA,MAAM,WAAW,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;AAC7B,wBAAA,MAAM,eAAe,GAAG,CAAsB,mBAAA,EAAA,WAAW,IAAI,CAAC;wBAC9D,MAAM,KAAK,GAAG,QAAQ,CAAC,MAAM,CAAC,eAAe,EAAE,MAAa,CAAQ,CAAC;AACrE,wBAAA,OAAO,KAAK,CAAC,MAAM,GAAG,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;qBAC3C;iBACF;gBACD,MAAM,GAAG,CAAC;aACX;SACF;KACF;IAAC,OAAO,CAAC,EAAE;QACV,OAAO,CAAC,KAAK,CAAC,CAAA,6BAAA,EAAgC,eAAe,CAAI,EAAA,CAAA,EAAE,CAAC,CAAC,CAAC;AACtE,QAAA,OAAO,IAAI,CAAC;KACb;AACH,CAAC;AAED;;;;;;;AAOG;AACG,SAAU,eAAe,CAC7B,MAA0B,EAC1B,eAAuB,EACvB,aAA2B,UAAU,EAAA;AAErC,IAAA,IAAI;;AAEF,QAAA,IAAI,OAAO,QAAQ,KAAK,WAAW,IAAI,OAAO,QAAQ,CAAC,QAAQ,KAAK,UAAU,EAAE;;AAE9E,YAAA,MAAM,QAAQ,GAAG,eAAe,IAAI,MAAM,GAAG,MAAM,CAAC,aAAa,GAAG,MAAM,CAAC;YAC3E,IAAI,CAAC,QAAQ,IAAI,OAAO,QAAQ,CAAC,QAAQ,KAAK,UAAU,EAAE;;;AAGxD,gBAAA,OAAO,EAAE,CAAC;aACX;AACD,YAAA,MAAM,UAAU,GAAG,0BAA0B,CAAC,UAAU,CAAC,CAAC;AAC1D,YAAA,MAAM,MAAM,GAAG,QAAQ,CAAC,QAAQ,CAC9B,eAAe,EACf,MAAM,EACN,UAAU,EACV,WAAW,CAAC,0BAA0B,EACtC,IAAI,CACL,CAAC;YAEF,MAAM,QAAQ,GAAc,EAAE,CAAC;AAC/B,YAAA,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,cAAc,EAAE,CAAC,EAAE,EAAE;gBAC9C,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,CAAY,CAAC,CAAC;aAClD;AACD,YAAA,OAAO,QAAQ,CAAC;SACjB;;aAEI;YACH,MAAM,QAAQ,GAAGA,gBAAK,CAAC;;AAGvB,YAAA,IAAI;;;;gBAIF,MAAM,YAAY,GAAG,QAAQ,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC;gBACxD,MAAM,KAAK,GAAG,YAAY,CAAC,eAAe,EAAE,MAAa,CAAW,CAAC;AACrE,gBAAA,OAAO,KAAkB,CAAC;aAC3B;YAAC,OAAO,GAAY,EAAE;;gBAErB,IACE,OAAO,GAAG,KAAK,QAAQ;AACvB,oBAAA,GAAG,KAAK,IAAI;AACZ,oBAAA,SAAS,IAAI,GAAG;AAChB,oBAAA,OAAO,GAAG,CAAC,OAAO,KAAK,QAAQ;oBAC/B,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,sBAAsB,CAAC,EAC5C;;oBAEA,MAAM,KAAK,GAAG,eAAe,CAAC,KAAK,CAAC,0BAA0B,CAAC,CAAC;AAChE,oBAAA,IAAI,KAAK,IAAI,KAAK,CAAC,CAAC,CAAC,EAAE;AACrB,wBAAA,MAAM,WAAW,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;AAC7B,wBAAA,MAAM,eAAe,GAAG,CAAsB,mBAAA,EAAA,WAAW,IAAI,CAAC;wBAC9D,MAAM,KAAK,GAAG,QAAQ,CAAC,MAAM,CAAC,eAAe,EAAE,MAAa,CAAQ,CAAC;AACrE,wBAAA,OAAO,KAAkB,CAAC;qBAC3B;iBACF;gBACD,MAAM,GAAG,CAAC;aACX;SACF;KACF;IAAC,OAAO,CAAC,EAAE;QACV,OAAO,CAAC,KAAK,CAAC,CAAA,6BAAA,EAAgC,eAAe,CAAI,EAAA,CAAA,EAAE,CAAC,CAAC,CAAC;AACtE,QAAA,OAAO,EAAE,CAAC;KACX;AACH,CAAC;AAED;;AAEG;AACH,SAAS,0BAA0B,CAAC,UAAwB,EAAA;AAC1D,IAAA,OAAO,UAAU,MAAqB,EAAA;QACpC,IAAI,MAAM,KAAK,IAAI;AAAE,YAAA,OAAO,IAAI,CAAC;AACjC,QAAA,OAAO,UAAU,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC;AACpC,KAAC,CAAC;AACJ,CAAC;AAED;;;;;AAKG;AACG,SAAU,eAAe,CAAC,QAAgB,EAAA;;IAE9C,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;IACvD,MAAM,UAAU,GAAa,EAAE,CAAC;AAEhC,IAAA,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE;;AAExB,QAAA,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;AAErD,QAAA,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE;;;YAGzB,UAAU,CAAC,IAAI,CAAC,CAAsB,mBAAA,EAAA,QAAQ,CAAC,CAAC,CAAC,CAAI,EAAA,CAAA,CAAC,CAAC;SACxD;AAAM,aAAA,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE;;;YAGhC,UAAU,CAAC,IAAI,CAAC,CAAA,GAAA,EAAM,QAAQ,CAAC,CAAC,CAAC,CAAI,CAAA,EAAA,QAAQ,CAAC,CAAC,CAAC,yBAAyB,QAAQ,CAAC,CAAC,CAAC,CAAA,EAAA,CAAI,CAAC,CAAC;SAC3F;KACF;;AAGD,IAAA,OAAO,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AAChC,CAAC;AAED;;;;;;;AAOG;AACa,SAAA,aAAa,CAAC,MAA0B,EAAE,QAAgB,EAAA;;AAExE,IAAA,IAAI,OAAO,MAAM,CAAC,aAAa,KAAK,UAAU,EAAE;AAC9C,QAAA,IAAI;YACF,MAAM,MAAM,GAAG,MAAM,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC;AAC9C,YAAA,IAAI,MAAM;AAAE,gBAAA,OAAO,MAAM,CAAC;SAC3B;QAAC,OAAO,CAAC,EAAE;;SAEX;KACF;;IAGD,MAAM,QAAQ,GAAG,8BAA8B,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;AAClE,IAAA,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE;AACvB,QAAA,OAAO,QAAQ,CAAC,CAAC,CAAC,CAAC;KACpB;;AAGD,IAAA,IAAI;AACF,QAAA,MAAM,SAAS,GAAG,eAAe,CAAC,QAAQ,CAAC,CAAC;AAC5C,QAAA,OAAO,YAAY,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;KACxC;IAAC,OAAO,CAAC,EAAE;AACV,QAAA,OAAO,CAAC,IAAI,CAAC,4DAA4D,CAAC,CAAC;AAC3E,QAAA,OAAO,IAAI,CAAC;KACb;AACH,CAAC;AAED;;;;;;;AAOG;AACa,SAAA,gBAAgB,CAAC,MAA0B,EAAE,QAAgB,EAAA;;AAE3E,IAAA,IAAI,OAAO,MAAM,CAAC,gBAAgB,KAAK,UAAU,EAAE;AACjD,QAAA,IAAI;YACF,MAAM,OAAO,GAAG,MAAM,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;AAClD,YAAA,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE;gBACtB,MAAM,QAAQ,GAAc,EAAE,CAAC;AAC/B,gBAAA,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;oBACvC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAY,CAAC,CAAC;iBACtC;AACD,gBAAA,OAAO,QAAQ,CAAC;aACjB;SACF;QAAC,OAAO,CAAC,EAAE;;SAEX;KACF;;IAGD,MAAM,QAAQ,GAAG,8BAA8B,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;AAClE,IAAA,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE;AACvB,QAAA,OAAO,QAAQ,CAAC;KACjB;;AAGD,IAAA,IAAI;AACF,QAAA,MAAM,SAAS,GAAG,eAAe,CAAC,QAAQ,CAAC,CAAC;AAC5C,QAAA,OAAO,eAAe,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;KAC3C;IAAC,OAAO,CAAC,EAAE;AACV,QAAA,OAAO,CAAC,IAAI,CAAC,4DAA4D,CAAC,CAAC;AAC3E,QAAA,OAAO,EAAE,CAAC;KACX;AACH,CAAC;AAED;;AAEG;AACG,SAAU,cAAc,CAAC,IAAU,EAAA;;IAEvC,IAAI,OAAO,MAAM,KAAK,WAAW,IAAI,MAAM,CAAC,aAAa,EAAE;QACzD,OAAO,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC;KAC3D;;IAGD,OAAO,IAAID,iBAAM,CAAC,aAAa,EAAE,CAAC,iBAAiB,CAAC,IAAW,CAAC,CAAC;AACnE;;ACpVA;;;;AAIG;AACG,SAAU,SAAS,CAAC,UAAmB,EAAA;AAC3C,IAAA,IAAI,CAAC,UAAU;AAAE,QAAA,OAAO,EAAE,CAAC;;IAG3B,MAAM,WAAW,GAAG,UAAU,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;;IAGnD,MAAM,KAAK,GAAG,EAAE,CAAC;AACjB,IAAA,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;AAC/C,QAAA,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;KAC9C;;IAGD,OAAO,CAAA,6BAAA,EAAgC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,6BAA6B,CAAC;AACvF,CAAC;AAED;;;;AAIG;AACG,SAAU,iBAAiB,CAAC,WAA4B,EAAA;AAe5D,IAAA,MAAM,MAAM,GAAQ;QAClB,SAAS,EAAE,WAAW,CAAC,SAAS;QAChC,OAAO,EAAE,WAAW,CAAC,QAAQ;AAC7B,QAAA,MAAM,EAAE,EAAE;KACX,CAAC;;;AAKF,IAAA,IAAI;AACF,QAAA,IAAI,OAAO,WAAW,CAAC,OAAO,KAAK,QAAQ,IAAI,WAAW,CAAC,OAAO,KAAK,IAAI,EAAE;;AAE3E,YAAA,MAAM,OAAO,GAAG,WAAW,CAAC,OAAc,CAAC;AAC3C,YAAA,MAAM,CAAC,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;AACvC,YAAA,MAAM,CAAC,YAAY,GAAG,OAAO,CAAC,gBAAgB,CAAC;AAC/C,YAAA,MAAM,CAAC,OAAO,GAAG,OAAO,CAAC,WAAW,CAAC;SACtC;;AAGD,QAAA,IAAI,OAAO,WAAW,CAAC,MAAM,KAAK,QAAQ,IAAI,WAAW,CAAC,MAAM,KAAK,IAAI,EAAE;AACzE,YAAA,MAAM,MAAM,GAAG,WAAW,CAAC,MAAa,CAAC;YACzC,MAAM,CAAC,MAAM,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC;YAC7C,MAAM,CAAC,MAAM,CAAC,YAAY,GAAG,MAAM,CAAC,gBAAgB,CAAC;YACrD,MAAM,CAAC,MAAM,CAAC,OAAO,GAAG,MAAM,CAAC,WAAW,CAAC;SAC5C;KACF;IAAC,OAAO,CAAC,EAAE;AACV,QAAA,OAAO,CAAC,IAAI,CAAC,8CAA8C,EAAE,CAAC,CAAC,CAAC;KACjE;;AAGD,IAAA,IAAI;AACF,QAAA,IAAI,OAAO,WAAW,CAAC,OAAO,KAAK,QAAQ,EAAE;AAC3C,YAAA,MAAM,UAAU,GAAG,WAAW,CAAC,OAAiB,CAAC;;YAGjD,MAAM,YAAY,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;AAC3C,YAAA,KAAK,MAAM,IAAI,IAAI,YAAY,EAAE;AAC/B,gBAAA,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBAC5C,IAAI,GAAG,KAAK,IAAI;oBAAE,MAAM,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,IAAI,KAAK,CAAC;gBACjE,IAAI,GAAG,KAAK,GAAG;oBAAE,MAAM,CAAC,YAAY,GAAG,MAAM,CAAC,YAAY,IAAI,KAAK,CAAC;gBACpE,IAAI,GAAG,KAAK,GAAG;oBAAE,MAAM,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,KAAK,CAAC;gBAC1D,IAAI,GAAG,KAAK,IAAI;AAAE,oBAAA,MAAM,CAAC,OAAO,GAAG,KAAK,CAAC;AACzC,gBAAA,IAAI,GAAG,KAAK,GAAG,IAAI,GAAG,KAAK,IAAI;AAAE,oBAAA,MAAM,CAAC,SAAS,GAAG,KAAK,CAAC;AAC1D,gBAAA,IAAI,GAAG,KAAK,cAAc,IAAI,GAAG,KAAK,SAAS;oBAC7C,MAAM,CAAC,YAAY,GAAG,KAAK,EAAE,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;aACtD;SACF;AAED,QAAA,IAAI,OAAO,WAAW,CAAC,MAAM,KAAK,QAAQ,EAAE;AAC1C,YAAA,MAAM,SAAS,GAAG,WAAW,CAAC,MAAgB,CAAC;;YAG/C,MAAM,WAAW,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;AACzC,YAAA,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE;AAC9B,gBAAA,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBAC5C,IAAI,GAAG,KAAK,IAAI;AAAE,oBAAA,MAAM,CAAC,MAAM,CAAC,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,UAAU,IAAI,KAAK,CAAC;gBAC/E,IAAI,GAAG,KAAK,GAAG;AAAE,oBAAA,MAAM,CAAC,MAAM,CAAC,YAAY,GAAG,MAAM,CAAC,MAAM,CAAC,YAAY,IAAI,KAAK,CAAC;gBAClF,IAAI,GAAG,KAAK,GAAG;AAAE,oBAAA,MAAM,CAAC,MAAM,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,OAAO,IAAI,KAAK,CAAC;aACzE;SACF;KACF;IAAC,OAAO,CAAC,EAAE;AACV,QAAA,OAAO,CAAC,IAAI,CAAC,8CAA8C,EAAE,CAAC,CAAC,CAAC;KACjE;;AAGD,IAAA,IAAI;QACF,IAAI,aAAa,IAAI,WAAW,IAAK,WAAmB,CAAC,WAAW,EAAE,QAAQ,EAAE;AAC9E,YAAA,MAAM,WAAW,GAAI,WAAmB,CAAC,WAAW,CAAC;;AAErD,YAAA,MAAM,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,IAAI,WAAW,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;AACzE,YAAA,MAAM,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,WAAW,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;AACnE,YAAA,MAAM,CAAC,SAAS,GAAG,MAAM,CAAC,SAAS,IAAI,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;AACtE,YAAA,MAAM,CAAC,YAAY;gBACjB,MAAM,CAAC,YAAY,IAAI,WAAW,CAAC,QAAQ,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;AACrF,YAAA,MAAM,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;AAClE,YAAA,MAAM,CAAC,YAAY,GAAG,MAAM,CAAC,YAAY,IAAI,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;SAC7E;KACF;IAAC,OAAO,CAAC,EAAE;AACV,QAAA,OAAO,CAAC,IAAI,CAAC,iDAAiD,EAAE,CAAC,CAAC,CAAC;KACpE;;IAGD,IAAI,CAAC,MAAM,CAAC,YAAY,IAAI,WAAW,CAAC,YAAY,EAAE;AACpD,QAAA,MAAM,CAAC,YAAY,GAAG,WAAW,CAAC,YAAY,CAAC;KAChD;AAED,IAAA,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;AAIG;AACI,eAAe,gBAAgB,CAAC,QAAgB,EAAA;AACrD,IAAA,IAAI;QACF,IAAI,OAAO,GAAG,QAAQ,CAAC;;QAGvB,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,6BAA6B,CAAC,EAAE;;YAErD,MAAM,eAAe,GAAG,QAAQ,CAAC,OAAO,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;AAC1D,YAAA,OAAO,GAAG,SAAS,CAAC,eAAe,CAAC,CAAC;SACtC;AACD,QAAA,MAAM,IAAI,GAAG,IAAIE,oBAAe,CAAC,OAAO,CAAC,CAAC;AAC1C,QAAA,MAAM,UAAU,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;QAE3C,OAAO;AACL,YAAA,OAAO,EAAE;gBACP,UAAU,EAAE,UAAU,CAAC,UAAU;gBACjC,YAAY,EAAE,UAAU,CAAC,YAAY;gBACrC,OAAO,EAAE,UAAU,CAAC,OAAO;gBAC3B,OAAO,EAAE,UAAU,CAAC,OAAO;gBAC3B,SAAS,EAAE,UAAU,CAAC,SAAS;gBAC/B,YAAY,EAAE,UAAU,CAAC,YAAY;AACtC,aAAA;YACD,SAAS,EAAE,UAAU,CAAC,SAAS;YAC/B,OAAO,EAAE,UAAU,CAAC,OAAO;YAC3B,MAAM,EAAE,UAAU,CAAC,MAAM;YACzB,YAAY,EAAE,IAAI,CAAC,YAAY;SAChC,CAAC;KACH;IAAC,OAAO,KAAK,EAAE;AACd,QAAA,OAAO,CAAC,KAAK,CAAC,4BAA4B,EAAE,KAAK,CAAC,CAAC;QACnD,MAAM,IAAI,KAAK,CACb,+BAA+B,IAAI,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAC3F,CAAC;KACH;AACH,CAAC;AAED;;;;;AAKG;AACG,SAAU,wBAAwB,CACtC,IAAuC,EACvC,SAAkB,GAAA,IAAI,IAAI,EAAE,EAAA;;AAG5B,IAAA,MAAM,SAAS,GAAG,WAAW,IAAI,IAAI,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;AACxE,IAAA,MAAM,OAAO,GAAG,UAAU,IAAI,IAAI,GAAG,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC;;AAGlE,IAAA,IAAI,SAAS,GAAG,SAAS,EAAE;QACzB,OAAO;AACL,YAAA,OAAO,EAAE,KAAK;AACd,YAAA,MAAM,EAAE,CAAyC,sCAAA,EAAA,SAAS,CAAC,WAAW,EAAE,CAAE,CAAA;SAC3E,CAAC;KACH;AAED,IAAA,IAAI,SAAS,GAAG,OAAO,EAAE;QACvB,OAAO;AACL,YAAA,OAAO,EAAE,KAAK;AACd,YAAA,MAAM,EAAE,CAAoC,iCAAA,EAAA,OAAO,CAAC,WAAW,EAAE,CAAE,CAAA;SACpE,CAAC;KACH;AAED,IAAA,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;AAC3B,CAAC;AAyBD;;;;AAIG;AACG,SAAU,oBAAoB,CAAC,QAAyB,EAAA;AAC5D,IAAA,MAAM,EAAE,OAAO,EAAE,GAAG,QAAQ,CAAC;IAE7B,IAAI,OAAO,CAAC,SAAS,IAAI,OAAO,CAAC,OAAO,EAAE;QACxC,OAAO,CAAA,EAAG,OAAO,CAAC,SAAS,IAAI,OAAO,CAAC,OAAO,CAAA,CAAE,CAAC;KAClD;AAED,IAAA,IAAI,OAAO,CAAC,UAAU,EAAE;QACtB,OAAO,OAAO,CAAC,UAAU,CAAC;KAC3B;;AAGD,IAAA,OAAO,OAAO,CAAC,YAAY,IAAI,gBAAgB,CAAC;AAClD,CAAC;AAED;;;;AAIG;AACG,SAAU,oBAAoB,CAAC,QAAyB,EAAA;AAC5D,IAAA,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,GAAG,QAAQ,CAAC;AAExC,IAAA,MAAM,UAAU,GAAG,CAAC,IAAU,KAAI;AAChC,QAAA,OAAO,IAAI,CAAC,kBAAkB,CAAC,SAAS,EAAE;AACxC,YAAA,IAAI,EAAE,SAAS;AACf,YAAA,KAAK,EAAE,MAAM;AACb,YAAA,GAAG,EAAE,SAAS;AACf,SAAA,CAAC,CAAC;AACL,KAAC,CAAC;IAEF,OAAO,CAAA,EAAG,UAAU,CAAC,SAAS,CAAC,CAAO,IAAA,EAAA,UAAU,CAAC,OAAO,CAAC,CAAA,CAAE,CAAC;AAC9D;;;;;;;;;;;;;"}
|
|
@@ -40,4 +40,20 @@ export interface SignatureInfo {
|
|
|
40
40
|
canonicalizationMethod?: string;
|
|
41
41
|
/** RFC 3161 timestamp token (base64 encoded) from xades:EncapsulatedTimeStamp */
|
|
42
42
|
signatureTimestamp?: string;
|
|
43
|
+
/**
|
|
44
|
+
* Raw embedded XAdES revocation material from
|
|
45
|
+
* xades:UnsignedSignatureProperties/xades:RevocationValues, as base64-encoded DER.
|
|
46
|
+
*
|
|
47
|
+
* NOTE: these values are exposed as-is and are NOT validated by edockit. They live
|
|
48
|
+
* in unsigned signature properties, so unless they are protected by a verified XAdES
|
|
49
|
+
* archive timestamp they are not authenticated and MUST NOT be trusted as a
|
|
50
|
+
* revocation verdict on their own. Verifying them requires checking the OCSP/CRL
|
|
51
|
+
* signature against a trusted issuer and enforcing freshness.
|
|
52
|
+
*/
|
|
53
|
+
revocationValues?: {
|
|
54
|
+
/** base64-encoded DER OCSP responses (xades:OCSPValues/EncapsulatedOCSPValue) */
|
|
55
|
+
ocsp: string[];
|
|
56
|
+
/** base64-encoded DER CRLs (xades:CRLValues/EncapsulatedCRLValue) */
|
|
57
|
+
crl: string[];
|
|
58
|
+
};
|
|
43
59
|
}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
1
|
export { checkCertificateRevocation, checkCertificatesRevocation } from "./check";
|
|
2
2
|
export { RevocationResult, RevocationCheckOptions, DEFAULT_REVOCATION_OPTIONS, OID } from "./types";
|
|
3
|
-
export { extractOCSPUrls, extractCAIssuersUrls, findIssuerInChain, checkOCSP } from "./ocsp";
|
|
3
|
+
export { extractOCSPUrls, extractCAIssuersUrls, findIssuerInChain, resolveIssuerFromChain, extractCertsFromOCSPResponses, checkOCSP, } from "./ocsp";
|
|
4
4
|
export { extractCRLUrls, checkCRL } from "./crl";
|
|
@@ -19,6 +19,27 @@ export declare function extractCAIssuersUrls(cert: X509Certificate): string[];
|
|
|
19
19
|
* @returns Issuer certificate or null if not found
|
|
20
20
|
*/
|
|
21
21
|
export declare function findIssuerInChain(cert: X509Certificate, chain: string[]): X509Certificate | null;
|
|
22
|
+
/**
|
|
23
|
+
* Extract any certificates carried inside embedded OCSP responses.
|
|
24
|
+
*
|
|
25
|
+
* OCSP responses frequently bundle the responder certificate and the issuer CA
|
|
26
|
+
* certificate. They are a useful offline source of the issuer certificate needed
|
|
27
|
+
* to build a (live) OCSP request when the container's certificate chain is empty.
|
|
28
|
+
*
|
|
29
|
+
* @param base64Responses Base64-encoded DER OCSP responses (from RevocationValues)
|
|
30
|
+
* @returns PEM-encoded certificates found in the responses
|
|
31
|
+
*/
|
|
32
|
+
export declare function extractCertsFromOCSPResponses(base64Responses: string[]): string[];
|
|
33
|
+
/**
|
|
34
|
+
* Resolve the issuer certificate for a cert from a candidate chain, preferring a
|
|
35
|
+
* candidate whose key actually signed the cert. This avoids building an OCSP
|
|
36
|
+
* request against the wrong (e.g. tampered, same-name) issuer.
|
|
37
|
+
*
|
|
38
|
+
* @param cert Certificate to find the issuer for
|
|
39
|
+
* @param chain Candidate certificates (PEM)
|
|
40
|
+
* @returns The verified issuer certificate, or null
|
|
41
|
+
*/
|
|
42
|
+
export declare function resolveIssuerFromChain(cert: X509Certificate, chain: string[]): Promise<X509Certificate | null>;
|
|
22
43
|
/**
|
|
23
44
|
* Fetch issuer certificate from AIA extension
|
|
24
45
|
* @param cert Certificate to fetch issuer for
|
|
@@ -1,4 +1,6 @@
|
|
|
1
|
+
import { formatTrustedListBundleId } from "./loader";
|
|
1
2
|
import type { CompactTrustedListBundle, TrustedListBundleManifest, TrustedListFetchOptions, TrustedListSource } from "./types";
|
|
3
|
+
export { formatTrustedListBundleId };
|
|
2
4
|
export interface RenderTrustedListJsonOptions {
|
|
3
5
|
pretty?: boolean;
|
|
4
6
|
}
|
|
@@ -28,7 +30,6 @@ export interface GenerateTrustedListBundleOptions extends TrustedListFetchOption
|
|
|
28
30
|
manifestOutputPath?: string;
|
|
29
31
|
baseUrl?: string;
|
|
30
32
|
}
|
|
31
|
-
export declare function formatTrustedListBundleId(generatedAt: string): string;
|
|
32
33
|
export declare function renderTrustedListJson(bundle: CompactTrustedListBundle, options?: RenderTrustedListJsonOptions): string;
|
|
33
34
|
export declare function buildTrustedListManifest(bundle: CompactTrustedListBundle, options?: BuildTrustedListManifestOptions): {
|
|
34
35
|
bundleId: string;
|
|
@@ -8,11 +8,24 @@ export * from "./identity";
|
|
|
8
8
|
export * from "./matcher";
|
|
9
9
|
export * from "./reference-provider";
|
|
10
10
|
export declare const DEFAULT_TRUSTED_LIST_SOURCES: TrustedListSource[];
|
|
11
|
+
export interface TrustedListFetchDiagnostics {
|
|
12
|
+
/**
|
|
13
|
+
* Territories whose advertised TSL endpoints were all attempted and all
|
|
14
|
+
* failed to fetch or parse. Valid empty TSLs and successfully parsed removals
|
|
15
|
+
* are deliberately excluded.
|
|
16
|
+
*/
|
|
17
|
+
unreachableTerritories: string[];
|
|
18
|
+
}
|
|
19
|
+
export interface TrustedListFetchResult {
|
|
20
|
+
bundle: CompactTrustedListBundle;
|
|
21
|
+
diagnostics: TrustedListFetchDiagnostics;
|
|
22
|
+
}
|
|
11
23
|
/**
|
|
12
24
|
* Low-level live fetch helper for LOTL/TSL processing.
|
|
13
25
|
*
|
|
14
26
|
* Primarily intended for Node.js build/update tooling. Browser callers generally
|
|
15
27
|
* need a proxy and should prefer the higher-level trusted-list update flow.
|
|
16
28
|
*/
|
|
29
|
+
export declare function fetchTrustedListBundleWithDiagnostics(sources?: TrustedListSource[], fetchOptions?: TrustedListFetchOptions): Promise<TrustedListFetchResult>;
|
|
17
30
|
export declare function fetchTrustedListBundle(sources?: TrustedListSource[], fetchOptions?: TrustedListFetchOptions): Promise<CompactTrustedListBundle>;
|
|
18
31
|
export declare function updateTrustedList(sources?: TrustedListSource[], fetchOptions?: TrustedListFetchOptions): Promise<TrustedListData>;
|
|
@@ -1,5 +1,19 @@
|
|
|
1
1
|
import type { CompactTrustedListBundle, TrustedListData, TrustedListSource, TrustedService } from "./types";
|
|
2
|
+
/**
|
|
3
|
+
* Derive a stable, filesystem/URL-safe bundle id from a generatedAt timestamp,
|
|
4
|
+
* e.g. "2026-06-25T18:30:00.000Z" -> "2026-06-25T18-30-00Z".
|
|
5
|
+
*/
|
|
6
|
+
export declare function formatTrustedListBundleId(generatedAt: string): string;
|
|
2
7
|
export declare function createEmptyTrustedListBundle(): CompactTrustedListBundle;
|
|
3
8
|
export declare function buildTrustedListData(bundle: CompactTrustedListBundle): TrustedListData;
|
|
4
9
|
export declare function buildCompactTrustedListBundle(services: TrustedService[], sources: TrustedListSource[], generatedAt?: string): CompactTrustedListBundle;
|
|
10
|
+
/**
|
|
11
|
+
* Carry forward last-known-good services only for territories whose advertised
|
|
12
|
+
* TSL endpoints were explicitly observed as unreachable during this fetch.
|
|
13
|
+
*
|
|
14
|
+
* A territory merely being absent from the fresh bundle is not sufficient:
|
|
15
|
+
* absence can represent a legitimate removal and must not resurrect stale trust.
|
|
16
|
+
* A territory present in the fresh bundle always wins.
|
|
17
|
+
*/
|
|
18
|
+
export declare function mergeForwardUnreachableTerritories(fresh: CompactTrustedListBundle, previous: CompactTrustedListBundle, unreachableTerritories: ReadonlySet<string>): CompactTrustedListBundle;
|
|
5
19
|
export declare function dedupeTrustedServices(services: TrustedService[]): TrustedService[];
|
|
@@ -62,6 +62,8 @@ export interface TrustedListIndexes {
|
|
|
62
62
|
}
|
|
63
63
|
export interface TrustedListData {
|
|
64
64
|
version: number;
|
|
65
|
+
/** Stable identifier for this snapshot, derived from generatedAt. */
|
|
66
|
+
bundleId?: string;
|
|
65
67
|
generatedAt: string;
|
|
66
68
|
sources: TrustedListSource[];
|
|
67
69
|
services: TrustedListEntry[];
|
|
@@ -100,6 +102,8 @@ export type CompactTrustedService = [
|
|
|
100
102
|
export type CompactTrustedListSource = [id: string, label: string, lotlUrl: string];
|
|
101
103
|
export interface CompactTrustedListBundle {
|
|
102
104
|
v: 2;
|
|
105
|
+
/** Stable identifier for this snapshot, derived from generatedAt. */
|
|
106
|
+
bundleId?: string;
|
|
103
107
|
generatedAt: string;
|
|
104
108
|
sources: CompactTrustedListSource[];
|
|
105
109
|
dns: string[];
|
|
@@ -3,10 +3,10 @@
|
|
|
3
3
|
* Copyright (c) 2025 Edgars Jēkabsons, ZenomyTech SIA
|
|
4
4
|
*/
|
|
5
5
|
import { X509Certificate } from '@peculiar/x509';
|
|
6
|
-
import {
|
|
7
|
-
import { CertID, Request, TBSRequest, OCSPRequest,
|
|
6
|
+
import { AsnConvert, AsnParser, OctetString } from '@peculiar/asn1-schema';
|
|
7
|
+
import { OCSPResponse, BasicOCSPResponse, CertID, Request, TBSRequest, OCSPRequest, OCSPResponseStatus } from '@peculiar/asn1-ocsp';
|
|
8
8
|
import { Certificate, AlgorithmIdentifier } from '@peculiar/asn1-x509';
|
|
9
|
-
import { g as fetchIssuerCertificate, c as arrayBufferToPEM, h as fetchOCSP, i as hexToArrayBuffer, n as normalizeDistinguishedName, d as arrayBufferToHex, j as normalizeKeyIdentifier } from './normalize-50862581.js';
|
|
9
|
+
import { b as base64ToArrayBuffer, g as fetchIssuerCertificate, c as arrayBufferToPEM, h as fetchOCSP, i as hexToArrayBuffer, n as normalizeDistinguishedName, d as arrayBufferToHex, j as normalizeKeyIdentifier } from './normalize-50862581.js';
|
|
10
10
|
|
|
11
11
|
// src/core/revocation/ocsp.ts
|
|
12
12
|
/**
|
|
@@ -87,6 +87,78 @@ function findIssuerInChain(cert, chain) {
|
|
|
87
87
|
}
|
|
88
88
|
return null;
|
|
89
89
|
}
|
|
90
|
+
/**
|
|
91
|
+
* Extract any certificates carried inside embedded OCSP responses.
|
|
92
|
+
*
|
|
93
|
+
* OCSP responses frequently bundle the responder certificate and the issuer CA
|
|
94
|
+
* certificate. They are a useful offline source of the issuer certificate needed
|
|
95
|
+
* to build a (live) OCSP request when the container's certificate chain is empty.
|
|
96
|
+
*
|
|
97
|
+
* @param base64Responses Base64-encoded DER OCSP responses (from RevocationValues)
|
|
98
|
+
* @returns PEM-encoded certificates found in the responses
|
|
99
|
+
*/
|
|
100
|
+
function extractCertsFromOCSPResponses(base64Responses) {
|
|
101
|
+
const pems = [];
|
|
102
|
+
for (const base64Response of base64Responses) {
|
|
103
|
+
try {
|
|
104
|
+
const response = AsnConvert.parse(base64ToArrayBuffer(base64Response), OCSPResponse);
|
|
105
|
+
if (!response.responseBytes) {
|
|
106
|
+
continue;
|
|
107
|
+
}
|
|
108
|
+
const basicResponse = AsnConvert.parse(response.responseBytes.response.buffer, BasicOCSPResponse);
|
|
109
|
+
for (const certificate of basicResponse.certs ?? []) {
|
|
110
|
+
try {
|
|
111
|
+
const x509 = new X509Certificate(new Uint8Array(AsnConvert.serialize(certificate)));
|
|
112
|
+
pems.push(x509.toString("pem"));
|
|
113
|
+
}
|
|
114
|
+
catch {
|
|
115
|
+
// Skip certificates that fail to parse
|
|
116
|
+
}
|
|
117
|
+
}
|
|
118
|
+
}
|
|
119
|
+
catch {
|
|
120
|
+
// Skip responses that fail to parse
|
|
121
|
+
}
|
|
122
|
+
}
|
|
123
|
+
return pems;
|
|
124
|
+
}
|
|
125
|
+
/**
|
|
126
|
+
* Resolve the issuer certificate for a cert from a candidate chain, preferring a
|
|
127
|
+
* candidate whose key actually signed the cert. This avoids building an OCSP
|
|
128
|
+
* request against the wrong (e.g. tampered, same-name) issuer.
|
|
129
|
+
*
|
|
130
|
+
* @param cert Certificate to find the issuer for
|
|
131
|
+
* @param chain Candidate certificates (PEM)
|
|
132
|
+
* @returns The verified issuer certificate, or null
|
|
133
|
+
*/
|
|
134
|
+
async function resolveIssuerFromChain(cert, chain) {
|
|
135
|
+
const nameMatches = [];
|
|
136
|
+
for (const pemCert of chain) {
|
|
137
|
+
try {
|
|
138
|
+
const candidate = new X509Certificate(pemCert);
|
|
139
|
+
if (candidate.subject === cert.issuer) {
|
|
140
|
+
nameMatches.push(candidate);
|
|
141
|
+
}
|
|
142
|
+
}
|
|
143
|
+
catch {
|
|
144
|
+
// Skip invalid certificates
|
|
145
|
+
}
|
|
146
|
+
}
|
|
147
|
+
// Prefer a candidate that actually issued the certificate.
|
|
148
|
+
for (const candidate of nameMatches) {
|
|
149
|
+
try {
|
|
150
|
+
if (await cert.verify({ publicKey: candidate, signatureOnly: true })) {
|
|
151
|
+
return candidate;
|
|
152
|
+
}
|
|
153
|
+
}
|
|
154
|
+
catch {
|
|
155
|
+
// Verification not possible for this candidate; try the next.
|
|
156
|
+
}
|
|
157
|
+
}
|
|
158
|
+
// A same-name certificate with the wrong key must not suppress the safer AIA
|
|
159
|
+
// lookup. Only return a candidate that cryptographically issued the cert.
|
|
160
|
+
return null;
|
|
161
|
+
}
|
|
90
162
|
/**
|
|
91
163
|
* Fetch issuer certificate from AIA extension
|
|
92
164
|
* @param cert Certificate to fetch issuer for
|
|
@@ -309,8 +381,9 @@ async function checkOCSP(cert, issuerCert, options = {}) {
|
|
|
309
381
|
// Try to find issuer certificate
|
|
310
382
|
let issuer = issuerCert;
|
|
311
383
|
if (!issuer) {
|
|
312
|
-
// Try certificate chain first
|
|
313
|
-
|
|
384
|
+
// Try the certificate chain first (prefer a candidate that actually issued the
|
|
385
|
+
// cert). The chain may include certs recovered from embedded OCSP responses.
|
|
386
|
+
issuer = await resolveIssuerFromChain(cert, certificateChain);
|
|
314
387
|
}
|
|
315
388
|
if (!issuer) {
|
|
316
389
|
// Try AIA extension
|
|
@@ -402,5 +475,5 @@ async function extractCertificateIdentityFromCertificate(certificatePem) {
|
|
|
402
475
|
};
|
|
403
476
|
}
|
|
404
477
|
|
|
405
|
-
export {
|
|
406
|
-
//# sourceMappingURL=identity-
|
|
478
|
+
export { extractIssuerIdentityFromCertificate as a, extractCertificateIdentityFromCertificate as b, checkOCSP as c, extractCertsFromOCSPResponses as e };
|
|
479
|
+
//# sourceMappingURL=identity-2eb76bc9.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"identity-2eb76bc9.js","sources":["../src/core/revocation/ocsp.ts","../src/core/trustedlist/identity.ts"],"sourcesContent":[null,null],"names":[],"mappings":";;;;;;;;;;AAAA;AAwBA;;AAEG;AACH,MAAM,yBAAyB,GAAG,mBAAmB,CAAC;AAEtD;;AAEG;AACH,MAAM,QAAQ,GAAG,eAAe,CAAC;AAEjC;;AAEG;AACH,eAAe,WAAW,CAAC,IAAiB,EAAA;IAC1C,IAAI,OAAO,MAAM,KAAK,WAAW,IAAI,MAAM,CAAC,MAAM,EAAE;QAClD,OAAO,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;KAC5C;;AAED,IAAA,MAAM,UAAU,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IACrC,MAAM,IAAI,GAAG,UAAU,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;IAC3C,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;AAC/B,IAAA,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC;AAC9B,CAAC;AAED;;;;AAIG;AACG,SAAU,eAAe,CAAC,IAAqB,EAAA;AACnD,IAAA,IAAI;QACF,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAC9B,yBAAyB,CACa,CAAC;QACzC,IAAI,CAAC,MAAM,EAAE;AACX,YAAA,OAAO,EAAE,CAAC;SACX;;AAGD,QAAA,OAAO,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,KAAK,CAAC,CAAC;KAC5E;AAAC,IAAA,MAAM;AACN,QAAA,OAAO,EAAE,CAAC;KACX;AACH,CAAC;AAED;;;;AAIG;AACG,SAAU,oBAAoB,CAAC,IAAqB,EAAA;AACxD,IAAA,IAAI;QACF,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAC9B,yBAAyB,CACa,CAAC;QACzC,IAAI,CAAC,MAAM,EAAE;AACX,YAAA,OAAO,EAAE,CAAC;SACX;AAED,QAAA,OAAO,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,KAAK,CAAC,CAAC;KACjF;AAAC,IAAA,MAAM;AACN,QAAA,OAAO,EAAE,CAAC;KACX;AACH,CAAC;AAED;;;;;AAKG;AACa,SAAA,iBAAiB,CAAC,IAAqB,EAAE,KAAe,EAAA;AACtE,IAAA,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC;AAE/B,IAAA,KAAK,MAAM,OAAO,IAAI,KAAK,EAAE;AAC3B,QAAA,IAAI;AACF,YAAA,MAAM,SAAS,GAAG,IAAI,eAAe,CAAC,OAAO,CAAC,CAAC;;AAE/C,YAAA,IAAI,SAAS,CAAC,OAAO,KAAK,UAAU,EAAE;AACpC,gBAAA,OAAO,SAAS,CAAC;aAClB;SACF;AAAC,QAAA,MAAM;;SAEP;KACF;AAED,IAAA,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;;;AASG;AACG,SAAU,6BAA6B,CAAC,eAAyB,EAAA;IACrE,MAAM,IAAI,GAAa,EAAE,CAAC;AAE1B,IAAA,KAAK,MAAM,cAAc,IAAI,eAAe,EAAE;AAC5C,QAAA,IAAI;AACF,YAAA,MAAM,QAAQ,GAAG,UAAU,CAAC,KAAK,CAAC,mBAAmB,CAAC,cAAc,CAAC,EAAE,YAAY,CAAC,CAAC;AACrF,YAAA,IAAI,CAAC,QAAQ,CAAC,aAAa,EAAE;gBAC3B,SAAS;aACV;AACD,YAAA,MAAM,aAAa,GAAG,UAAU,CAAC,KAAK,CACpC,QAAQ,CAAC,aAAa,CAAC,QAAQ,CAAC,MAAM,EACtC,iBAAiB,CAClB,CAAC;YACF,KAAK,MAAM,WAAW,IAAI,aAAa,CAAC,KAAK,IAAI,EAAE,EAAE;AACnD,gBAAA,IAAI;AACF,oBAAA,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC,IAAI,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC;oBACpF,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC;iBACjC;AAAC,gBAAA,MAAM;;iBAEP;aACF;SACF;AAAC,QAAA,MAAM;;SAEP;KACF;AAED,IAAA,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;;AAQG;AACI,eAAe,sBAAsB,CAC1C,IAAqB,EACrB,KAAe,EAAA;IAEf,MAAM,WAAW,GAAsB,EAAE,CAAC;AAC1C,IAAA,KAAK,MAAM,OAAO,IAAI,KAAK,EAAE;AAC3B,QAAA,IAAI;AACF,YAAA,MAAM,SAAS,GAAG,IAAI,eAAe,CAAC,OAAO,CAAC,CAAC;YAC/C,IAAI,SAAS,CAAC,OAAO,KAAK,IAAI,CAAC,MAAM,EAAE;AACrC,gBAAA,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;aAC7B;SACF;AAAC,QAAA,MAAM;;SAEP;KACF;;AAGD,IAAA,KAAK,MAAM,SAAS,IAAI,WAAW,EAAE;AACnC,QAAA,IAAI;AACF,YAAA,IAAI,MAAM,IAAI,CAAC,MAAM,CAAC,EAAE,SAAS,EAAE,SAAS,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,EAAE;AACpE,gBAAA,OAAO,SAAS,CAAC;aAClB;SACF;AAAC,QAAA,MAAM;;SAEP;KACF;;;AAID,IAAA,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;AAMG;AACI,eAAe,kBAAkB,CACtC,IAAqB,EACrB,OAAA,GAAkB,IAAI,EACtB,QAAiB,EAAA;AAEjB,IAAA,MAAM,IAAI,GAAG,oBAAoB,CAAC,IAAI,CAAC,CAAC;AAExC,IAAA,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE;AACtB,QAAA,IAAI;YACF,MAAM,MAAM,GAAG,MAAM,sBAAsB,CAAC,GAAG,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;YACpE,IAAI,MAAM,CAAC,EAAE,IAAI,MAAM,CAAC,IAAI,EAAE;;AAE5B,gBAAA,IAAI;AACF,oBAAA,OAAO,IAAI,eAAe,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;iBACzC;AAAC,gBAAA,MAAM;;oBAEN,MAAM,GAAG,GAAG,gBAAgB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AAC1C,oBAAA,OAAO,IAAI,eAAe,CAAC,GAAG,CAAC,CAAC;iBACjC;aACF;SACF;AAAC,QAAA,MAAM;;SAEP;KACF;AAED,IAAA,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;AAKG;AACI,eAAe,gBAAgB,CACpC,IAAqB,EACrB,UAA2B,EAAA;;;AAI3B,IAAA,MAAM,aAAa,GAAG,SAAS,CAAC,KAAK,CAAC,UAAU,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;AACvE,IAAA,MAAM,aAAa,GAAG,UAAU,CAAC,SAAS,CAAC,aAAa,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;AACjF,IAAA,MAAM,cAAc,GAAG,MAAM,WAAW,CAAC,aAAa,CAAC,CAAC;;AAGxD,IAAA,MAAM,aAAa,GAAG,MAAM,WAAW,CACrC,aAAa,CAAC,cAAc,CAAC,oBAAoB,CAAC,gBAAgB,CACnE,CAAC;;IAGF,MAAM,YAAY,GAAG,gBAAgB,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;;AAGzD,IAAA,MAAM,MAAM,GAAG,IAAI,MAAM,CAAC;QACxB,aAAa,EAAE,IAAI,mBAAmB,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC;AAC/D,QAAA,cAAc,EAAE,IAAI,WAAW,CAAC,cAAc,CAAC;AAC/C,QAAA,aAAa,EAAE,IAAI,WAAW,CAAC,aAAa,CAAC;AAC7C,QAAA,YAAY,EAAE,YAAY;AAC3B,KAAA,CAAC,CAAC;;IAGH,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC;;AAGjD,IAAA,MAAM,UAAU,GAAG,IAAI,UAAU,CAAC;QAChC,WAAW,EAAE,CAAC,OAAO,CAAC;AACvB,KAAA,CAAC,CAAC;;IAGH,MAAM,WAAW,GAAG,IAAI,WAAW,CAAC,EAAE,UAAU,EAAE,CAAC,CAAC;AAEpD,IAAA,OAAO,UAAU,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;AAC3C,CAAC;AAED;;;;AAIG;AACG,SAAU,iBAAiB,CAAC,YAAyB,EAAA;AACzD,IAAA,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;AAEvB,IAAA,IAAI;QACF,MAAM,QAAQ,GAAG,UAAU,CAAC,KAAK,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;;AAG9D,QAAA,QAAQ,QAAQ,CAAC,cAAc;YAC7B,KAAK,kBAAkB,CAAC,UAAU;gBAChC,MAAM;YACR,KAAK,kBAAkB,CAAC,gBAAgB;gBACtC,OAAO;AACL,oBAAA,OAAO,EAAE,KAAK;AACd,oBAAA,MAAM,EAAE,OAAO;AACf,oBAAA,MAAM,EAAE,MAAM;AACd,oBAAA,MAAM,EAAE,4CAA4C;AACpD,oBAAA,SAAS,EAAE,GAAG;iBACf,CAAC;YACJ,KAAK,kBAAkB,CAAC,aAAa;gBACnC,OAAO;AACL,oBAAA,OAAO,EAAE,KAAK;AACd,oBAAA,MAAM,EAAE,OAAO;AACf,oBAAA,MAAM,EAAE,MAAM;AACd,oBAAA,MAAM,EAAE,yCAAyC;AACjD,oBAAA,SAAS,EAAE,GAAG;iBACf,CAAC;YACJ,KAAK,kBAAkB,CAAC,QAAQ;gBAC9B,OAAO;AACL,oBAAA,OAAO,EAAE,KAAK;AACd,oBAAA,MAAM,EAAE,SAAS;AACjB,oBAAA,MAAM,EAAE,MAAM;AACd,oBAAA,MAAM,EAAE,oCAAoC;AAC5C,oBAAA,SAAS,EAAE,GAAG;iBACf,CAAC;YACJ,KAAK,kBAAkB,CAAC,WAAW;gBACjC,OAAO;AACL,oBAAA,OAAO,EAAE,KAAK;AACd,oBAAA,MAAM,EAAE,OAAO;AACf,oBAAA,MAAM,EAAE,MAAM;AACd,oBAAA,MAAM,EAAE,mCAAmC;AAC3C,oBAAA,SAAS,EAAE,GAAG;iBACf,CAAC;YACJ,KAAK,kBAAkB,CAAC,YAAY;gBAClC,OAAO;AACL,oBAAA,OAAO,EAAE,KAAK;AACd,oBAAA,MAAM,EAAE,OAAO;AACf,oBAAA,MAAM,EAAE,MAAM;AACd,oBAAA,MAAM,EAAE,uCAAuC;AAC/C,oBAAA,SAAS,EAAE,GAAG;iBACf,CAAC;AACJ,YAAA;gBACE,OAAO;AACL,oBAAA,OAAO,EAAE,KAAK;AACd,oBAAA,MAAM,EAAE,OAAO;AACf,oBAAA,MAAM,EAAE,MAAM;AACd,oBAAA,MAAM,EAAE,CAAA,wCAAA,EAA2C,QAAQ,CAAC,cAAc,CAAE,CAAA;AAC5E,oBAAA,SAAS,EAAE,GAAG;iBACf,CAAC;SACL;;AAGD,QAAA,IAAI,CAAC,QAAQ,CAAC,aAAa,EAAE;YAC3B,OAAO;AACL,gBAAA,OAAO,EAAE,KAAK;AACd,gBAAA,MAAM,EAAE,OAAO;AACf,gBAAA,MAAM,EAAE,MAAM;AACd,gBAAA,MAAM,EAAE,qCAAqC;AAC7C,gBAAA,SAAS,EAAE,GAAG;aACf,CAAC;SACH;;AAGD,QAAA,MAAM,aAAa,GAAG,UAAU,CAAC,KAAK,CACpC,QAAQ,CAAC,aAAa,CAAC,QAAQ,CAAC,MAAM,EACtC,iBAAiB,CAClB,CAAC;;AAGF,QAAA,MAAM,SAAS,GAAG,aAAa,CAAC,eAAe,CAAC,SAAS,CAAC;QAC1D,IAAI,CAAC,SAAS,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE;YACxC,OAAO;AACL,gBAAA,OAAO,EAAE,KAAK;AACd,gBAAA,MAAM,EAAE,OAAO;AACf,gBAAA,MAAM,EAAE,MAAM;AACd,gBAAA,MAAM,EAAE,8CAA8C;AACtD,gBAAA,SAAS,EAAE,GAAG;aACf,CAAC;SACH;AAED,QAAA,MAAM,cAAc,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;AACpC,QAAA,MAAM,UAAU,GAAG,cAAc,CAAC,UAAU,CAAC;;AAG7C,QAAA,IAAI,UAAU,CAAC,IAAI,KAAK,SAAS,EAAE;YACjC,OAAO;AACL,gBAAA,OAAO,EAAE,IAAI;AACb,gBAAA,MAAM,EAAE,MAAM;AACd,gBAAA,MAAM,EAAE,MAAM;AACd,gBAAA,SAAS,EAAE,GAAG;aACf,CAAC;SACH;AAAM,aAAA,IAAI,UAAU,CAAC,OAAO,EAAE;YAC7B,OAAO;AACL,gBAAA,OAAO,EAAE,KAAK;AACd,gBAAA,MAAM,EAAE,SAAS;AACjB,gBAAA,MAAM,EAAE,MAAM;AACd,gBAAA,MAAM,EACJ,UAAU,CAAC,OAAO,CAAC,gBAAgB,KAAK,SAAS;AAC/C,sBAAE,CAAgC,6BAAA,EAAA,UAAU,CAAC,OAAO,CAAC,gBAAgB,CAAG,CAAA,CAAA;AACxE,sBAAE,qBAAqB;AAC3B,gBAAA,SAAS,EAAE,UAAU,CAAC,OAAO,CAAC,cAAc;AAC5C,gBAAA,SAAS,EAAE,GAAG;aACf,CAAC;SACH;AAAM,aAAA,IAAI,UAAU,CAAC,OAAO,KAAK,SAAS,EAAE;YAC3C,OAAO;AACL,gBAAA,OAAO,EAAE,KAAK;AACd,gBAAA,MAAM,EAAE,SAAS;AACjB,gBAAA,MAAM,EAAE,MAAM;AACd,gBAAA,MAAM,EAAE,qDAAqD;AAC7D,gBAAA,SAAS,EAAE,GAAG;aACf,CAAC;SACH;QAED,OAAO;AACL,YAAA,OAAO,EAAE,KAAK;AACd,YAAA,MAAM,EAAE,OAAO;AACf,YAAA,MAAM,EAAE,MAAM;AACd,YAAA,MAAM,EAAE,gDAAgD;AACxD,YAAA,SAAS,EAAE,GAAG;SACf,CAAC;KACH;IAAC,OAAO,KAAK,EAAE;QACd,OAAO;AACL,YAAA,OAAO,EAAE,KAAK;AACd,YAAA,MAAM,EAAE,OAAO;AACf,YAAA,MAAM,EAAE,MAAM;AACd,YAAA,MAAM,EAAE,CAAkC,+BAAA,EAAA,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,CAAE,CAAA;AAClG,YAAA,SAAS,EAAE,GAAG;SACf,CAAC;KACH;AACH,CAAC;AAED;;;;;;AAMG;AACI,eAAe,SAAS,CAC7B,IAAqB,EACrB,UAAkC,EAClC,OAAA,GAAgF,EAAE,EAAA;AAElF,IAAA,MAAM,EAAE,OAAO,GAAG,IAAI,EAAE,gBAAgB,GAAG,EAAE,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC;AACpE,IAAA,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;;AAGvB,IAAA,MAAM,QAAQ,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC;AACvC,IAAA,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE;QACzB,OAAO;AACL,YAAA,OAAO,EAAE,KAAK;AACd,YAAA,MAAM,EAAE,SAAS;AACjB,YAAA,MAAM,EAAE,MAAM;AACd,YAAA,MAAM,EAAE,uCAAuC;AAC/C,YAAA,SAAS,EAAE,GAAG;SACf,CAAC;KACH;;IAGD,IAAI,MAAM,GAAG,UAAU,CAAC;IACxB,IAAI,CAAC,MAAM,EAAE;;;QAGX,MAAM,GAAG,MAAM,sBAAsB,CAAC,IAAI,EAAE,gBAAgB,CAAC,CAAC;KAC/D;IACD,IAAI,CAAC,MAAM,EAAE;;QAEX,MAAM,GAAG,MAAM,kBAAkB,CAAC,IAAI,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;KAC5D;IACD,IAAI,CAAC,MAAM,EAAE;QACX,OAAO;AACL,YAAA,OAAO,EAAE,KAAK;AACd,YAAA,MAAM,EAAE,SAAS;AACjB,YAAA,MAAM,EAAE,MAAM;AACd,YAAA,MAAM,EAAE,qDAAqD;AAC7D,YAAA,SAAS,EAAE,GAAG;SACf,CAAC;KACH;;AAGD,IAAA,IAAI,OAAoB,CAAC;AACzB,IAAA,IAAI;QACF,OAAO,GAAG,MAAM,gBAAgB,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;KAChD;IAAC,OAAO,KAAK,EAAE;QACd,OAAO;AACL,YAAA,OAAO,EAAE,KAAK;AACd,YAAA,MAAM,EAAE,OAAO;AACf,YAAA,MAAM,EAAE,MAAM;AACd,YAAA,MAAM,EAAE,CAAiC,8BAAA,EAAA,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,CAAE,CAAA;AACjG,YAAA,SAAS,EAAE,GAAG;SACf,CAAC;KACH;;AAGD,IAAA,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE;AAC1B,QAAA,IAAI;AACF,YAAA,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,GAAG,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;YAChE,IAAI,MAAM,CAAC,EAAE,IAAI,MAAM,CAAC,IAAI,EAAE;AAC5B,gBAAA,OAAO,iBAAiB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;aACvC;SACF;AAAC,QAAA,MAAM;;SAEP;KACF;IAED,OAAO;AACL,QAAA,OAAO,EAAE,KAAK;AACd,QAAA,MAAM,EAAE,OAAO;AACf,QAAA,MAAM,EAAE,MAAM;AACd,QAAA,MAAM,EAAE,0BAA0B;AAClC,QAAA,SAAS,EAAE,GAAG;KACf,CAAC;AACJ;;AC1eA,MAAM,4BAA4B,GAAG,WAAW,CAAC;AACjD,MAAM,0BAA0B,GAAG,WAAW,CAAC;AAO/C,eAAe,gBAAgB,CAAC,KAAkB,EAAA;AAChD,IAAA,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;AAC5D,IAAA,OAAO,gBAAgB,CAAC,MAAM,CAAC,CAAC;AAClC,CAAC;AAED,SAAS,4BAA4B,CAAC,WAA4B,EAAA;IAChE,MAAM,sBAAsB,GAAG,WAAW,CAAC,YAAY,CACrD,4BAA4B,CACa,CAAC;AAE5C,IAAA,OAAO,sBAAsB,CAAC,sBAAsB,EAAE,KAAK,CAAC,CAAC;AAC/D,CAAC;AAED,SAAS,0BAA0B,CAAC,WAA4B,EAAA;IAC9D,MAAM,oBAAoB,GAAG,WAAW,CAAC,YAAY,CACnD,0BAA0B,CACa,CAAC;AAE1C,IAAA,OAAO,sBAAsB,CAAC,oBAAoB,EAAE,KAAK,CAAC,CAAC;AAC7D,CAAC;AAEM,eAAe,oCAAoC,CACxD,cAAsB,EACtB,UAAwC,EAAE,EAAA;AAE1C,IAAA,MAAM,iBAAiB,GAAG,IAAI,eAAe,CAAC,cAAc,CAAC,CAAC;AAC9D,IAAA,IAAI,iBAAiB,GACnB,OAAO,CAAC,gBAAgB,IAAI,OAAO,CAAC,gBAAgB,CAAC,MAAM,GAAG,CAAC;UAC3D,iBAAiB,CAAC,iBAAiB,EAAE,OAAO,CAAC,gBAAgB,CAAC;UAC9D,IAAI,CAAC;AAEX,IAAA,IAAI,CAAC,iBAAiB,IAAI,OAAO,CAAC,YAAY,EAAE;AAC9C,QAAA,iBAAiB,GAAG,MAAM,kBAAkB,CAC1C,iBAAiB,EACjB,OAAO,CAAC,YAAY,CAAC,OAAO,EAC5B,OAAO,CAAC,YAAY,CAAC,QAAQ,CAC9B,CAAC;KACH;IAED,OAAO;AACL,QAAA,eAAe,EAAE,0BAA0B,CAAC,iBAAiB,CAAC,MAAM,CAAC;AACrE,QAAA,yBAAyB,EAAE,4BAA4B,CAAC,iBAAiB,CAAC;AAC1E,QAAA,iBAAiB,EAAE,iBAAiB;AAClC,cAAE;AACE,gBAAA,SAAS,EAAE,0BAA0B,CAAC,iBAAiB,CAAC,OAAO,CAAC;gBAChE,aAAa,EAAE,MAAM,gBAAgB,CAAC,iBAAiB,CAAC,SAAS,CAAC,OAAO,CAAC;AAC3E,aAAA;AACH,cAAE,IAAI;KACT,CAAC;AACJ,CAAC;AAEM,eAAe,yCAAyC,CAC7D,cAAsB,EAAA;AAEtB,IAAA,MAAM,WAAW,GAAG,IAAI,eAAe,CAAC,cAAc,CAAC,CAAC;IAExD,OAAO;AACL,QAAA,SAAS,EAAE,0BAA0B,CAAC,WAAW,CAAC,OAAO,CAAC;AAC1D,QAAA,uBAAuB,EAAE,0BAA0B,CAAC,WAAW,CAAC;QAChE,aAAa,EAAE,MAAM,gBAAgB,CAAC,WAAW,CAAC,SAAS,CAAC,OAAO,CAAC;KACrE,CAAC;AACJ;;;;"}
|
|
@@ -89,6 +89,78 @@ function findIssuerInChain(cert, chain) {
|
|
|
89
89
|
}
|
|
90
90
|
return null;
|
|
91
91
|
}
|
|
92
|
+
/**
|
|
93
|
+
* Extract any certificates carried inside embedded OCSP responses.
|
|
94
|
+
*
|
|
95
|
+
* OCSP responses frequently bundle the responder certificate and the issuer CA
|
|
96
|
+
* certificate. They are a useful offline source of the issuer certificate needed
|
|
97
|
+
* to build a (live) OCSP request when the container's certificate chain is empty.
|
|
98
|
+
*
|
|
99
|
+
* @param base64Responses Base64-encoded DER OCSP responses (from RevocationValues)
|
|
100
|
+
* @returns PEM-encoded certificates found in the responses
|
|
101
|
+
*/
|
|
102
|
+
function extractCertsFromOCSPResponses(base64Responses) {
|
|
103
|
+
const pems = [];
|
|
104
|
+
for (const base64Response of base64Responses) {
|
|
105
|
+
try {
|
|
106
|
+
const response = asn1Schema.AsnConvert.parse(normalize.base64ToArrayBuffer(base64Response), asn1Ocsp.OCSPResponse);
|
|
107
|
+
if (!response.responseBytes) {
|
|
108
|
+
continue;
|
|
109
|
+
}
|
|
110
|
+
const basicResponse = asn1Schema.AsnConvert.parse(response.responseBytes.response.buffer, asn1Ocsp.BasicOCSPResponse);
|
|
111
|
+
for (const certificate of basicResponse.certs ?? []) {
|
|
112
|
+
try {
|
|
113
|
+
const x509$1 = new x509.X509Certificate(new Uint8Array(asn1Schema.AsnConvert.serialize(certificate)));
|
|
114
|
+
pems.push(x509$1.toString("pem"));
|
|
115
|
+
}
|
|
116
|
+
catch {
|
|
117
|
+
// Skip certificates that fail to parse
|
|
118
|
+
}
|
|
119
|
+
}
|
|
120
|
+
}
|
|
121
|
+
catch {
|
|
122
|
+
// Skip responses that fail to parse
|
|
123
|
+
}
|
|
124
|
+
}
|
|
125
|
+
return pems;
|
|
126
|
+
}
|
|
127
|
+
/**
|
|
128
|
+
* Resolve the issuer certificate for a cert from a candidate chain, preferring a
|
|
129
|
+
* candidate whose key actually signed the cert. This avoids building an OCSP
|
|
130
|
+
* request against the wrong (e.g. tampered, same-name) issuer.
|
|
131
|
+
*
|
|
132
|
+
* @param cert Certificate to find the issuer for
|
|
133
|
+
* @param chain Candidate certificates (PEM)
|
|
134
|
+
* @returns The verified issuer certificate, or null
|
|
135
|
+
*/
|
|
136
|
+
async function resolveIssuerFromChain(cert, chain) {
|
|
137
|
+
const nameMatches = [];
|
|
138
|
+
for (const pemCert of chain) {
|
|
139
|
+
try {
|
|
140
|
+
const candidate = new x509.X509Certificate(pemCert);
|
|
141
|
+
if (candidate.subject === cert.issuer) {
|
|
142
|
+
nameMatches.push(candidate);
|
|
143
|
+
}
|
|
144
|
+
}
|
|
145
|
+
catch {
|
|
146
|
+
// Skip invalid certificates
|
|
147
|
+
}
|
|
148
|
+
}
|
|
149
|
+
// Prefer a candidate that actually issued the certificate.
|
|
150
|
+
for (const candidate of nameMatches) {
|
|
151
|
+
try {
|
|
152
|
+
if (await cert.verify({ publicKey: candidate, signatureOnly: true })) {
|
|
153
|
+
return candidate;
|
|
154
|
+
}
|
|
155
|
+
}
|
|
156
|
+
catch {
|
|
157
|
+
// Verification not possible for this candidate; try the next.
|
|
158
|
+
}
|
|
159
|
+
}
|
|
160
|
+
// A same-name certificate with the wrong key must not suppress the safer AIA
|
|
161
|
+
// lookup. Only return a candidate that cryptographically issued the cert.
|
|
162
|
+
return null;
|
|
163
|
+
}
|
|
92
164
|
/**
|
|
93
165
|
* Fetch issuer certificate from AIA extension
|
|
94
166
|
* @param cert Certificate to fetch issuer for
|
|
@@ -311,8 +383,9 @@ async function checkOCSP(cert, issuerCert, options = {}) {
|
|
|
311
383
|
// Try to find issuer certificate
|
|
312
384
|
let issuer = issuerCert;
|
|
313
385
|
if (!issuer) {
|
|
314
|
-
// Try certificate chain first
|
|
315
|
-
|
|
386
|
+
// Try the certificate chain first (prefer a candidate that actually issued the
|
|
387
|
+
// cert). The chain may include certs recovered from embedded OCSP responses.
|
|
388
|
+
issuer = await resolveIssuerFromChain(cert, certificateChain);
|
|
316
389
|
}
|
|
317
390
|
if (!issuer) {
|
|
318
391
|
// Try AIA extension
|
|
@@ -406,5 +479,6 @@ async function extractCertificateIdentityFromCertificate(certificatePem) {
|
|
|
406
479
|
|
|
407
480
|
exports.checkOCSP = checkOCSP;
|
|
408
481
|
exports.extractCertificateIdentityFromCertificate = extractCertificateIdentityFromCertificate;
|
|
482
|
+
exports.extractCertsFromOCSPResponses = extractCertsFromOCSPResponses;
|
|
409
483
|
exports.extractIssuerIdentityFromCertificate = extractIssuerIdentityFromCertificate;
|
|
410
|
-
//# sourceMappingURL=identity-
|
|
484
|
+
//# sourceMappingURL=identity-d8910151.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"identity-d8910151.js","sources":["../src/core/revocation/ocsp.ts","../src/core/trustedlist/identity.ts"],"sourcesContent":[null,null],"names":["X509Certificate","AsnConvert","base64ToArrayBuffer","OCSPResponse","BasicOCSPResponse","x509","fetchIssuerCertificate","arrayBufferToPEM","AsnParser","Certificate","hexToArrayBuffer","CertID","AlgorithmIdentifier","OctetString","Request","TBSRequest","OCSPRequest","OCSPResponseStatus","fetchOCSP","arrayBufferToHex","normalizeKeyIdentifier","normalizeDistinguishedName"],"mappings":";;;;;;;;;;;;AAAA;AAwBA;;AAEG;AACH,MAAM,yBAAyB,GAAG,mBAAmB,CAAC;AAEtD;;AAEG;AACH,MAAM,QAAQ,GAAG,eAAe,CAAC;AAEjC;;AAEG;AACH,eAAe,WAAW,CAAC,IAAiB,EAAA;IAC1C,IAAI,OAAO,MAAM,KAAK,WAAW,IAAI,MAAM,CAAC,MAAM,EAAE;QAClD,OAAO,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;KAC5C;;AAED,IAAA,MAAM,UAAU,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IACrC,MAAM,IAAI,GAAG,UAAU,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;IAC3C,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;AAC/B,IAAA,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC;AAC9B,CAAC;AAED;;;;AAIG;AACG,SAAU,eAAe,CAAC,IAAqB,EAAA;AACnD,IAAA,IAAI;QACF,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAC9B,yBAAyB,CACa,CAAC;QACzC,IAAI,CAAC,MAAM,EAAE;AACX,YAAA,OAAO,EAAE,CAAC;SACX;;AAGD,QAAA,OAAO,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,KAAK,CAAC,CAAC;KAC5E;AAAC,IAAA,MAAM;AACN,QAAA,OAAO,EAAE,CAAC;KACX;AACH,CAAC;AAED;;;;AAIG;AACG,SAAU,oBAAoB,CAAC,IAAqB,EAAA;AACxD,IAAA,IAAI;QACF,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAC9B,yBAAyB,CACa,CAAC;QACzC,IAAI,CAAC,MAAM,EAAE;AACX,YAAA,OAAO,EAAE,CAAC;SACX;AAED,QAAA,OAAO,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,KAAK,CAAC,CAAC;KACjF;AAAC,IAAA,MAAM;AACN,QAAA,OAAO,EAAE,CAAC;KACX;AACH,CAAC;AAED;;;;;AAKG;AACa,SAAA,iBAAiB,CAAC,IAAqB,EAAE,KAAe,EAAA;AACtE,IAAA,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC;AAE/B,IAAA,KAAK,MAAM,OAAO,IAAI,KAAK,EAAE;AAC3B,QAAA,IAAI;AACF,YAAA,MAAM,SAAS,GAAG,IAAIA,oBAAe,CAAC,OAAO,CAAC,CAAC;;AAE/C,YAAA,IAAI,SAAS,CAAC,OAAO,KAAK,UAAU,EAAE;AACpC,gBAAA,OAAO,SAAS,CAAC;aAClB;SACF;AAAC,QAAA,MAAM;;SAEP;KACF;AAED,IAAA,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;;;AASG;AACG,SAAU,6BAA6B,CAAC,eAAyB,EAAA;IACrE,MAAM,IAAI,GAAa,EAAE,CAAC;AAE1B,IAAA,KAAK,MAAM,cAAc,IAAI,eAAe,EAAE;AAC5C,QAAA,IAAI;AACF,YAAA,MAAM,QAAQ,GAAGC,qBAAU,CAAC,KAAK,CAACC,6BAAmB,CAAC,cAAc,CAAC,EAAEC,qBAAY,CAAC,CAAC;AACrF,YAAA,IAAI,CAAC,QAAQ,CAAC,aAAa,EAAE;gBAC3B,SAAS;aACV;AACD,YAAA,MAAM,aAAa,GAAGF,qBAAU,CAAC,KAAK,CACpC,QAAQ,CAAC,aAAa,CAAC,QAAQ,CAAC,MAAM,EACtCG,0BAAiB,CAClB,CAAC;YACF,KAAK,MAAM,WAAW,IAAI,aAAa,CAAC,KAAK,IAAI,EAAE,EAAE;AACnD,gBAAA,IAAI;AACF,oBAAA,MAAMC,MAAI,GAAG,IAAIL,oBAAe,CAAC,IAAI,UAAU,CAACC,qBAAU,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC;oBACpF,IAAI,CAAC,IAAI,CAACI,MAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC;iBACjC;AAAC,gBAAA,MAAM;;iBAEP;aACF;SACF;AAAC,QAAA,MAAM;;SAEP;KACF;AAED,IAAA,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;;AAQG;AACI,eAAe,sBAAsB,CAC1C,IAAqB,EACrB,KAAe,EAAA;IAEf,MAAM,WAAW,GAAsB,EAAE,CAAC;AAC1C,IAAA,KAAK,MAAM,OAAO,IAAI,KAAK,EAAE;AAC3B,QAAA,IAAI;AACF,YAAA,MAAM,SAAS,GAAG,IAAIL,oBAAe,CAAC,OAAO,CAAC,CAAC;YAC/C,IAAI,SAAS,CAAC,OAAO,KAAK,IAAI,CAAC,MAAM,EAAE;AACrC,gBAAA,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;aAC7B;SACF;AAAC,QAAA,MAAM;;SAEP;KACF;;AAGD,IAAA,KAAK,MAAM,SAAS,IAAI,WAAW,EAAE;AACnC,QAAA,IAAI;AACF,YAAA,IAAI,MAAM,IAAI,CAAC,MAAM,CAAC,EAAE,SAAS,EAAE,SAAS,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,EAAE;AACpE,gBAAA,OAAO,SAAS,CAAC;aAClB;SACF;AAAC,QAAA,MAAM;;SAEP;KACF;;;AAID,IAAA,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;AAMG;AACI,eAAe,kBAAkB,CACtC,IAAqB,EACrB,OAAA,GAAkB,IAAI,EACtB,QAAiB,EAAA;AAEjB,IAAA,MAAM,IAAI,GAAG,oBAAoB,CAAC,IAAI,CAAC,CAAC;AAExC,IAAA,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE;AACtB,QAAA,IAAI;YACF,MAAM,MAAM,GAAG,MAAMM,gCAAsB,CAAC,GAAG,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;YACpE,IAAI,MAAM,CAAC,EAAE,IAAI,MAAM,CAAC,IAAI,EAAE;;AAE5B,gBAAA,IAAI;AACF,oBAAA,OAAO,IAAIN,oBAAe,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;iBACzC;AAAC,gBAAA,MAAM;;oBAEN,MAAM,GAAG,GAAGO,0BAAgB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AAC1C,oBAAA,OAAO,IAAIP,oBAAe,CAAC,GAAG,CAAC,CAAC;iBACjC;aACF;SACF;AAAC,QAAA,MAAM;;SAEP;KACF;AAED,IAAA,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;AAKG;AACI,eAAe,gBAAgB,CACpC,IAAqB,EACrB,UAA2B,EAAA;;;AAI3B,IAAA,MAAM,aAAa,GAAGQ,oBAAS,CAAC,KAAK,CAAC,UAAU,CAAC,OAAO,EAAEC,oBAAW,CAAC,CAAC;AACvE,IAAA,MAAM,aAAa,GAAGR,qBAAU,CAAC,SAAS,CAAC,aAAa,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;AACjF,IAAA,MAAM,cAAc,GAAG,MAAM,WAAW,CAAC,aAAa,CAAC,CAAC;;AAGxD,IAAA,MAAM,aAAa,GAAG,MAAM,WAAW,CACrC,aAAa,CAAC,cAAc,CAAC,oBAAoB,CAAC,gBAAgB,CACnE,CAAC;;IAGF,MAAM,YAAY,GAAGS,0BAAgB,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;;AAGzD,IAAA,MAAM,MAAM,GAAG,IAAIC,eAAM,CAAC;QACxB,aAAa,EAAE,IAAIC,4BAAmB,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC;AAC/D,QAAA,cAAc,EAAE,IAAIC,sBAAW,CAAC,cAAc,CAAC;AAC/C,QAAA,aAAa,EAAE,IAAIA,sBAAW,CAAC,aAAa,CAAC;AAC7C,QAAA,YAAY,EAAE,YAAY;AAC3B,KAAA,CAAC,CAAC;;IAGH,MAAM,OAAO,GAAG,IAAIC,gBAAO,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC;;AAGjD,IAAA,MAAM,UAAU,GAAG,IAAIC,mBAAU,CAAC;QAChC,WAAW,EAAE,CAAC,OAAO,CAAC;AACvB,KAAA,CAAC,CAAC;;IAGH,MAAM,WAAW,GAAG,IAAIC,oBAAW,CAAC,EAAE,UAAU,EAAE,CAAC,CAAC;AAEpD,IAAA,OAAOf,qBAAU,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;AAC3C,CAAC;AAED;;;;AAIG;AACG,SAAU,iBAAiB,CAAC,YAAyB,EAAA;AACzD,IAAA,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;AAEvB,IAAA,IAAI;QACF,MAAM,QAAQ,GAAGA,qBAAU,CAAC,KAAK,CAAC,YAAY,EAAEE,qBAAY,CAAC,CAAC;;AAG9D,QAAA,QAAQ,QAAQ,CAAC,cAAc;YAC7B,KAAKc,2BAAkB,CAAC,UAAU;gBAChC,MAAM;YACR,KAAKA,2BAAkB,CAAC,gBAAgB;gBACtC,OAAO;AACL,oBAAA,OAAO,EAAE,KAAK;AACd,oBAAA,MAAM,EAAE,OAAO;AACf,oBAAA,MAAM,EAAE,MAAM;AACd,oBAAA,MAAM,EAAE,4CAA4C;AACpD,oBAAA,SAAS,EAAE,GAAG;iBACf,CAAC;YACJ,KAAKA,2BAAkB,CAAC,aAAa;gBACnC,OAAO;AACL,oBAAA,OAAO,EAAE,KAAK;AACd,oBAAA,MAAM,EAAE,OAAO;AACf,oBAAA,MAAM,EAAE,MAAM;AACd,oBAAA,MAAM,EAAE,yCAAyC;AACjD,oBAAA,SAAS,EAAE,GAAG;iBACf,CAAC;YACJ,KAAKA,2BAAkB,CAAC,QAAQ;gBAC9B,OAAO;AACL,oBAAA,OAAO,EAAE,KAAK;AACd,oBAAA,MAAM,EAAE,SAAS;AACjB,oBAAA,MAAM,EAAE,MAAM;AACd,oBAAA,MAAM,EAAE,oCAAoC;AAC5C,oBAAA,SAAS,EAAE,GAAG;iBACf,CAAC;YACJ,KAAKA,2BAAkB,CAAC,WAAW;gBACjC,OAAO;AACL,oBAAA,OAAO,EAAE,KAAK;AACd,oBAAA,MAAM,EAAE,OAAO;AACf,oBAAA,MAAM,EAAE,MAAM;AACd,oBAAA,MAAM,EAAE,mCAAmC;AAC3C,oBAAA,SAAS,EAAE,GAAG;iBACf,CAAC;YACJ,KAAKA,2BAAkB,CAAC,YAAY;gBAClC,OAAO;AACL,oBAAA,OAAO,EAAE,KAAK;AACd,oBAAA,MAAM,EAAE,OAAO;AACf,oBAAA,MAAM,EAAE,MAAM;AACd,oBAAA,MAAM,EAAE,uCAAuC;AAC/C,oBAAA,SAAS,EAAE,GAAG;iBACf,CAAC;AACJ,YAAA;gBACE,OAAO;AACL,oBAAA,OAAO,EAAE,KAAK;AACd,oBAAA,MAAM,EAAE,OAAO;AACf,oBAAA,MAAM,EAAE,MAAM;AACd,oBAAA,MAAM,EAAE,CAAA,wCAAA,EAA2C,QAAQ,CAAC,cAAc,CAAE,CAAA;AAC5E,oBAAA,SAAS,EAAE,GAAG;iBACf,CAAC;SACL;;AAGD,QAAA,IAAI,CAAC,QAAQ,CAAC,aAAa,EAAE;YAC3B,OAAO;AACL,gBAAA,OAAO,EAAE,KAAK;AACd,gBAAA,MAAM,EAAE,OAAO;AACf,gBAAA,MAAM,EAAE,MAAM;AACd,gBAAA,MAAM,EAAE,qCAAqC;AAC7C,gBAAA,SAAS,EAAE,GAAG;aACf,CAAC;SACH;;AAGD,QAAA,MAAM,aAAa,GAAGhB,qBAAU,CAAC,KAAK,CACpC,QAAQ,CAAC,aAAa,CAAC,QAAQ,CAAC,MAAM,EACtCG,0BAAiB,CAClB,CAAC;;AAGF,QAAA,MAAM,SAAS,GAAG,aAAa,CAAC,eAAe,CAAC,SAAS,CAAC;QAC1D,IAAI,CAAC,SAAS,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE;YACxC,OAAO;AACL,gBAAA,OAAO,EAAE,KAAK;AACd,gBAAA,MAAM,EAAE,OAAO;AACf,gBAAA,MAAM,EAAE,MAAM;AACd,gBAAA,MAAM,EAAE,8CAA8C;AACtD,gBAAA,SAAS,EAAE,GAAG;aACf,CAAC;SACH;AAED,QAAA,MAAM,cAAc,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;AACpC,QAAA,MAAM,UAAU,GAAG,cAAc,CAAC,UAAU,CAAC;;AAG7C,QAAA,IAAI,UAAU,CAAC,IAAI,KAAK,SAAS,EAAE;YACjC,OAAO;AACL,gBAAA,OAAO,EAAE,IAAI;AACb,gBAAA,MAAM,EAAE,MAAM;AACd,gBAAA,MAAM,EAAE,MAAM;AACd,gBAAA,SAAS,EAAE,GAAG;aACf,CAAC;SACH;AAAM,aAAA,IAAI,UAAU,CAAC,OAAO,EAAE;YAC7B,OAAO;AACL,gBAAA,OAAO,EAAE,KAAK;AACd,gBAAA,MAAM,EAAE,SAAS;AACjB,gBAAA,MAAM,EAAE,MAAM;AACd,gBAAA,MAAM,EACJ,UAAU,CAAC,OAAO,CAAC,gBAAgB,KAAK,SAAS;AAC/C,sBAAE,CAAgC,6BAAA,EAAA,UAAU,CAAC,OAAO,CAAC,gBAAgB,CAAG,CAAA,CAAA;AACxE,sBAAE,qBAAqB;AAC3B,gBAAA,SAAS,EAAE,UAAU,CAAC,OAAO,CAAC,cAAc;AAC5C,gBAAA,SAAS,EAAE,GAAG;aACf,CAAC;SACH;AAAM,aAAA,IAAI,UAAU,CAAC,OAAO,KAAK,SAAS,EAAE;YAC3C,OAAO;AACL,gBAAA,OAAO,EAAE,KAAK;AACd,gBAAA,MAAM,EAAE,SAAS;AACjB,gBAAA,MAAM,EAAE,MAAM;AACd,gBAAA,MAAM,EAAE,qDAAqD;AAC7D,gBAAA,SAAS,EAAE,GAAG;aACf,CAAC;SACH;QAED,OAAO;AACL,YAAA,OAAO,EAAE,KAAK;AACd,YAAA,MAAM,EAAE,OAAO;AACf,YAAA,MAAM,EAAE,MAAM;AACd,YAAA,MAAM,EAAE,gDAAgD;AACxD,YAAA,SAAS,EAAE,GAAG;SACf,CAAC;KACH;IAAC,OAAO,KAAK,EAAE;QACd,OAAO;AACL,YAAA,OAAO,EAAE,KAAK;AACd,YAAA,MAAM,EAAE,OAAO;AACf,YAAA,MAAM,EAAE,MAAM;AACd,YAAA,MAAM,EAAE,CAAkC,+BAAA,EAAA,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,CAAE,CAAA;AAClG,YAAA,SAAS,EAAE,GAAG;SACf,CAAC;KACH;AACH,CAAC;AAED;;;;;;AAMG;AACI,eAAe,SAAS,CAC7B,IAAqB,EACrB,UAAkC,EAClC,OAAA,GAAgF,EAAE,EAAA;AAElF,IAAA,MAAM,EAAE,OAAO,GAAG,IAAI,EAAE,gBAAgB,GAAG,EAAE,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC;AACpE,IAAA,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;;AAGvB,IAAA,MAAM,QAAQ,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC;AACvC,IAAA,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE;QACzB,OAAO;AACL,YAAA,OAAO,EAAE,KAAK;AACd,YAAA,MAAM,EAAE,SAAS;AACjB,YAAA,MAAM,EAAE,MAAM;AACd,YAAA,MAAM,EAAE,uCAAuC;AAC/C,YAAA,SAAS,EAAE,GAAG;SACf,CAAC;KACH;;IAGD,IAAI,MAAM,GAAG,UAAU,CAAC;IACxB,IAAI,CAAC,MAAM,EAAE;;;QAGX,MAAM,GAAG,MAAM,sBAAsB,CAAC,IAAI,EAAE,gBAAgB,CAAC,CAAC;KAC/D;IACD,IAAI,CAAC,MAAM,EAAE;;QAEX,MAAM,GAAG,MAAM,kBAAkB,CAAC,IAAI,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;KAC5D;IACD,IAAI,CAAC,MAAM,EAAE;QACX,OAAO;AACL,YAAA,OAAO,EAAE,KAAK;AACd,YAAA,MAAM,EAAE,SAAS;AACjB,YAAA,MAAM,EAAE,MAAM;AACd,YAAA,MAAM,EAAE,qDAAqD;AAC7D,YAAA,SAAS,EAAE,GAAG;SACf,CAAC;KACH;;AAGD,IAAA,IAAI,OAAoB,CAAC;AACzB,IAAA,IAAI;QACF,OAAO,GAAG,MAAM,gBAAgB,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;KAChD;IAAC,OAAO,KAAK,EAAE;QACd,OAAO;AACL,YAAA,OAAO,EAAE,KAAK;AACd,YAAA,MAAM,EAAE,OAAO;AACf,YAAA,MAAM,EAAE,MAAM;AACd,YAAA,MAAM,EAAE,CAAiC,8BAAA,EAAA,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,CAAE,CAAA;AACjG,YAAA,SAAS,EAAE,GAAG;SACf,CAAC;KACH;;AAGD,IAAA,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE;AAC1B,QAAA,IAAI;AACF,YAAA,MAAM,MAAM,GAAG,MAAMc,mBAAS,CAAC,GAAG,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;YAChE,IAAI,MAAM,CAAC,EAAE,IAAI,MAAM,CAAC,IAAI,EAAE;AAC5B,gBAAA,OAAO,iBAAiB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;aACvC;SACF;AAAC,QAAA,MAAM;;SAEP;KACF;IAED,OAAO;AACL,QAAA,OAAO,EAAE,KAAK;AACd,QAAA,MAAM,EAAE,OAAO;AACf,QAAA,MAAM,EAAE,MAAM;AACd,QAAA,MAAM,EAAE,0BAA0B;AAClC,QAAA,SAAS,EAAE,GAAG;KACf,CAAC;AACJ;;AC1eA,MAAM,4BAA4B,GAAG,WAAW,CAAC;AACjD,MAAM,0BAA0B,GAAG,WAAW,CAAC;AAO/C,eAAe,gBAAgB,CAAC,KAAkB,EAAA;AAChD,IAAA,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;AAC5D,IAAA,OAAOC,0BAAgB,CAAC,MAAM,CAAC,CAAC;AAClC,CAAC;AAED,SAAS,4BAA4B,CAAC,WAA4B,EAAA;IAChE,MAAM,sBAAsB,GAAG,WAAW,CAAC,YAAY,CACrD,4BAA4B,CACa,CAAC;AAE5C,IAAA,OAAOC,gCAAsB,CAAC,sBAAsB,EAAE,KAAK,CAAC,CAAC;AAC/D,CAAC;AAED,SAAS,0BAA0B,CAAC,WAA4B,EAAA;IAC9D,MAAM,oBAAoB,GAAG,WAAW,CAAC,YAAY,CACnD,0BAA0B,CACa,CAAC;AAE1C,IAAA,OAAOA,gCAAsB,CAAC,oBAAoB,EAAE,KAAK,CAAC,CAAC;AAC7D,CAAC;AAEM,eAAe,oCAAoC,CACxD,cAAsB,EACtB,UAAwC,EAAE,EAAA;AAE1C,IAAA,MAAM,iBAAiB,GAAG,IAAIpB,oBAAe,CAAC,cAAc,CAAC,CAAC;AAC9D,IAAA,IAAI,iBAAiB,GACnB,OAAO,CAAC,gBAAgB,IAAI,OAAO,CAAC,gBAAgB,CAAC,MAAM,GAAG,CAAC;UAC3D,iBAAiB,CAAC,iBAAiB,EAAE,OAAO,CAAC,gBAAgB,CAAC;UAC9D,IAAI,CAAC;AAEX,IAAA,IAAI,CAAC,iBAAiB,IAAI,OAAO,CAAC,YAAY,EAAE;AAC9C,QAAA,iBAAiB,GAAG,MAAM,kBAAkB,CAC1C,iBAAiB,EACjB,OAAO,CAAC,YAAY,CAAC,OAAO,EAC5B,OAAO,CAAC,YAAY,CAAC,QAAQ,CAC9B,CAAC;KACH;IAED,OAAO;AACL,QAAA,eAAe,EAAEqB,oCAA0B,CAAC,iBAAiB,CAAC,MAAM,CAAC;AACrE,QAAA,yBAAyB,EAAE,4BAA4B,CAAC,iBAAiB,CAAC;AAC1E,QAAA,iBAAiB,EAAE,iBAAiB;AAClC,cAAE;AACE,gBAAA,SAAS,EAAEA,oCAA0B,CAAC,iBAAiB,CAAC,OAAO,CAAC;gBAChE,aAAa,EAAE,MAAM,gBAAgB,CAAC,iBAAiB,CAAC,SAAS,CAAC,OAAO,CAAC;AAC3E,aAAA;AACH,cAAE,IAAI;KACT,CAAC;AACJ,CAAC;AAEM,eAAe,yCAAyC,CAC7D,cAAsB,EAAA;AAEtB,IAAA,MAAM,WAAW,GAAG,IAAIrB,oBAAe,CAAC,cAAc,CAAC,CAAC;IAExD,OAAO;AACL,QAAA,SAAS,EAAEqB,oCAA0B,CAAC,WAAW,CAAC,OAAO,CAAC;AAC1D,QAAA,uBAAuB,EAAE,0BAA0B,CAAC,WAAW,CAAC;QAChE,aAAa,EAAE,MAAM,gBAAgB,CAAC,WAAW,CAAC,SAAS,CAAC,OAAO,CAAC;KACrE,CAAC;AACJ;;;;;;;"}
|