micro509 0.1.1 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/dist/index.d.ts +2 -2
- package/dist/index.js +1 -1
- package/dist/pkcs/pkcs7.d.ts +86 -1
- package/dist/pkcs/pkcs7.js +1 -1
- package/dist/pkcs/pkcs7.js.map +1 -1
- package/dist/pkcs.d.ts +2 -2
- package/dist/pkcs.js +1 -1
- package/dist/revocation/crl.js +1 -1
- package/dist/revocation/ocsp.js +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -58,7 +58,7 @@ in a single zero-dependency JS package:
|
|
|
58
58
|
|
|
59
59
|
- **OCSP** — build requests, parse and validate responses, verify responder authorization
|
|
60
60
|
- **PFX / PKCS#12** — create and parse password-protected key+cert bundles
|
|
61
|
-
- **PKCS#7 / CMS** —
|
|
61
|
+
- **PKCS#7 / CMS** — sign content, parse and verify SignedData, extract cert bags
|
|
62
62
|
- **CRLs** — create, parse, verify, and check revocation status
|
|
63
63
|
- **Encrypted keys** — PBES2 PKCS#8, legacy OpenSSL encrypted PEM, PKCS#1, SEC1
|
|
64
64
|
- **Key import/export** — PKCS#8, SPKI, JWK, PKCS#1, SEC1 with generation for RSA, ECDSA, Ed25519
|
package/dist/index.d.ts
CHANGED
|
@@ -7,7 +7,7 @@ import { AuthorityInformationAccess, BasicConstraints, CertificateExtensionsInpu
|
|
|
7
7
|
import { ParsedBitFlags } from "./internal/x509/extension-bits.js";
|
|
8
8
|
import { DecodedExtensionMap, DecodedExtensionValue, ExtensionDecoder, ExtensionDecoderMap, ParseOptions, ParsedCertificate, ParsedCertificateSigningRequest, ParsedDistributionPoint, ParsedDistributionPointName, ParsedExtension, ParsedIssuingDistributionPoint, ParsedName, ParsedNameAttribute, ParsedRelativeDistinguishedName, decodeExtension, decodeExtensionMap, decodeExtensions, defineExtensionDecoder, defineExtensionDecoderMap, findExtension, parseCertificateChainPem, parseCertificateDer, parseCertificatePem, parseCertificateSigningRequestDer, parseCertificateSigningRequestPem } from "./x509/parse.js";
|
|
9
9
|
import { CreatePfxInput, ParsePfxErrorCode, ParsePfxFailure, ParsePfxOptions, ParsePfxResult, ParsedPfx, ParsedPfxAttribute, ParsedPfxBag, ParsedPfxBagAttributes, PfxBagAttributesInput, PfxCertificateBagInput, PfxCertificateSource, PfxEncryptionOptions, PfxMaterial, PfxPrivateKeyBagInput, PfxPrivateKeySource, createPfx, parsePfxDer, parsePfxPem } from "./pkcs/pfx.js";
|
|
10
|
-
import { ParsePkcs7CertBagResult, ParsePkcs7ErrorCode, ParsePkcs7Failure, ParsePkcs7SignedDataResult, ParsedPkcs7SignedData, ParsedPkcs7SignerInfo, Pkcs7CertBag, Pkcs7CertificateSource, VerifyPkcs7SignedDataFailure, VerifyPkcs7SignedDataResult, createPkcs7CertBagDer, createPkcs7CertBagPem, parsePkcs7CertBagDer, parsePkcs7CertBagPem, parsePkcs7SignedDataDer, parsePkcs7SignedDataPem, verifyPkcs7SignedData } from "./pkcs/pkcs7.js";
|
|
10
|
+
import { CreatePkcs7SignedDataDerResult, CreatePkcs7SignedDataErrorCode, CreatePkcs7SignedDataFailure, CreatePkcs7SignedDataInput, CreatePkcs7SignedDataResult, ParsePkcs7CertBagResult, ParsePkcs7ErrorCode, ParsePkcs7Failure, ParsePkcs7SignedDataResult, ParsedPkcs7SignedData, ParsedPkcs7SignerInfo, Pkcs7CertBag, Pkcs7CertificateSource, Pkcs7SignedDataMaterial, Pkcs7Signer, VerifyPkcs7SignedDataFailure, VerifyPkcs7SignedDataResult, createPkcs7CertBagDer, createPkcs7CertBagPem, createPkcs7SignedDataDer, createPkcs7SignedDataPem, parsePkcs7CertBagDer, parsePkcs7CertBagPem, parsePkcs7SignedDataDer, parsePkcs7SignedDataPem, verifyPkcs7SignedData } from "./pkcs/pkcs7.js";
|
|
11
11
|
import { CertificateRevocationListMaterial, CheckCertificateRevocationAgainstCrlInput, CheckCertificateRevocationAgainstCrlResult, CreateCertificateRevocationListInput, CrlCertificateSource, CrlSource, ParsedCertificateRevocationList, ParsedRevokedCertificate, RevocationReason, RevokedCertificateInput, ValidateCertificateRevocationListFailure, ValidateCertificateRevocationListInput, ValidateCertificateRevocationListResult, VerifyCertificateRevocationListFailure, VerifyCertificateRevocationListResult, checkCertificateRevocationAgainstCrl, createCertificateRevocationList, isCertificateRevoked, parseCertificateRevocationListDer, parseCertificateRevocationListPem, validateCertificateRevocationList, verifyCertificateRevocationList } from "./revocation/crl.js";
|
|
12
12
|
import { CreateOcspRequestInput, CreateOcspRequestItemInput, CreateOcspResponseInput, CreateOcspSingleResponseInput, OcspCertStatus, OcspCertificateSource, OcspRequestMaterial, OcspRequestSource, OcspResponseMaterial, ParsedOcspCertId, ParsedOcspRequest, ParsedOcspResponderId, ParsedOcspResponse, ParsedOcspSingleResponse, ValidateOcspResponseFailure, ValidateOcspResponseInput, ValidateOcspResponseResult, VerifyOcspResponseFailure, VerifyOcspResponseResult, createOcspRequest, createOcspResponse, parseOcspRequestDer, parseOcspRequestPem, parseOcspResponseDer, parseOcspResponsePem, validateOcspResponse, verifyOcspResponse } from "./revocation/ocsp.js";
|
|
13
13
|
import { CheckCertificateRevocationInput, CheckCertificateRevocationResult, ConfiguredOcspResponder, OcspResponderCandidate, OcspResponderSource, ResolveOcspResponderCandidatesInput, RevocationCertificateSource, RevocationCrlEvidenceInput, RevocationEvidenceInput, RevocationEvidenceKind, RevocationOcspEvidenceInput, RevocationStatus, checkCertificateRevocation, getCertificateOcspResponderUris, resolveOcspResponderCandidates } from "./revocation/revocation.js";
|
|
@@ -18,4 +18,4 @@ import { PolicyValidationInput } from "./verify/policy.js";
|
|
|
18
18
|
import { BuildCandidatePathInput, BuildCandidatePathResult, CandidatePath, CertificateSource, ChainRevocationInput, CsrSource, EkuCheckFailure, EkuCheckPurpose, EkuCheckResult, TrustAnchor, ValidateCandidatePathInput, ValidateCandidatePathResult, ValidateCandidatePathSuccess, ValidateForCaInput, ValidateForCodeSigningInput, ValidateForTlsClientInput, ValidateForTlsServerInput, VerifiedCertificateChain, VerifyCertificateChainInput, VerifyChainFailure, VerifyChainResult, VerifyErrorCode, VerifyFailureDetails, VerifyPurpose, VerifyRequestFailure, VerifyRequestResult, buildCandidatePath, checkExtendedKeyUsage, trustAnchorFromCertificate, validateCandidatePath, validateForCa, validateForCodeSigning, validateForTlsClient, validateForTlsServer, verifyCertificateChain, verifyCertificateSigningRequest } from "./verify/verify.js";
|
|
19
19
|
import { CertificateMaterial, CreateCertificateInput, CreateSelfSignedCertificateInput, SelfSignedCertificateResult, ValidityInput, createCertificate, createSelfSignedCertificate } from "./x509/certificate.js";
|
|
20
20
|
import { CreateCsrInput, CsrMaterial, createCertificateSigningRequest } from "./x509/csr.js";
|
|
21
|
-
export { type AuthorityInformationAccess, type BasicConstraints, type BuildCandidatePathInput, type BuildCandidatePathResult, type CandidatePath, type CategorizedPemBlocks, type CertificateExtensionsInput, type CertificateMaterial, type CertificatePolicies, type CertificateRevocationListMaterial, type CertificateRevocationStatus, type CertificateSource, type ChainRevocationInput, type CheckCertificateRevocationAgainstCrlInput, type CheckCertificateRevocationAgainstCrlResult, type CheckCertificateRevocationInput, type CheckCertificateRevocationResult, type CheckChainRevocationInput, type CheckChainRevocationResult, type CheckChainRevocationValue, type ConfiguredOcspResponder, type CreateCertificateInput, type CreateCertificateRevocationListInput, type CreateCsrInput, type CreateOcspRequestInput, type CreateOcspRequestItemInput, type CreateOcspResponseInput, type CreateOcspSingleResponseInput, type CreatePfxInput, type CreateSelfSignedCertificateInput, type CrlCertificateSource, type CrlSource, type CsrMaterial, type CsrSource, type DecodedExtensionMap, type DecodedExtensionValue, type DistributionPoint, type DistributionPointName, type DnsServiceIdentityInput, type EcKeyAlgorithmInput, type EcNamedCurve, type Ed25519KeyAlgorithmInput, type EkuCheckFailure, type EkuCheckPurpose, type EkuCheckResult, type EncryptedPkcs8Options, type ErrorResult, type ExtendedKeyUsage, type ExtensionDecoder, type ExtensionDecoderMap, type GeneralName, type GeneralSubtree, type ImportEcPublicKeyInput, type ImportEd25519PublicKeyInput, type ImportRsaPublicKeyInput, type IndexedErrorResult, type IndexedMicro509Error, type InhibitAnyPolicy, type InitialNameConstraintsInput, type IpServiceIdentityInput, type IssuingDistributionPoint, type KeyAlgorithmInput, type KeyPairMaterial, type KeyUsage, type LegacyPemEncryptionOptions, type MatchServiceIdentityErrorCode, type MatchServiceIdentityFailure, type MatchServiceIdentityInput, type MatchServiceIdentityResult, type MatchServiceIdentitySuccess, type Micro509Error, type NameAttribute, type NameConstraintForm, type NameConstraints, type NameFieldKey, type NameInput, type NameObject, type OcspCertStatus, type OcspCertificateSource, type OcspRequestMaterial, type OcspRequestSource, type OcspResponderCandidate, type OcspResponderSource, type OcspResponseMaterial, type ParseOptions, type ParsePfxErrorCode, type ParsePfxFailure, type ParsePfxOptions, type ParsePfxResult, type ParsePkcs7CertBagResult, type ParsePkcs7ErrorCode, type ParsePkcs7Failure, type ParsePkcs7SignedDataResult, type ParsedBitFlags, type ParsedCertificate, type ParsedCertificateRevocationList, type ParsedCertificateSigningRequest, type ParsedDistributionPoint, type ParsedDistributionPointName, type ParsedExtension, type ParsedIssuingDistributionPoint, type ParsedName, type ParsedNameAttribute, type ParsedNameConstraintForm, type ParsedOcspCertId, type ParsedOcspRequest, type ParsedOcspResponderId, type ParsedOcspResponse, type ParsedOcspSingleResponse, type ParsedPfx, type ParsedPfxAttribute, type ParsedPfxBag, type ParsedPfxBagAttributes, type ParsedPkcs7SignedData, type ParsedPkcs7SignerInfo, type ParsedRelativeDistinguishedName, type ParsedRevokedCertificate, type Pbes2EncryptionOptions, type Pbes2EncryptionScheme, type Pbes2Prf, type PemBlock, type PfxBagAttributesInput, type PfxCertificateBagInput, type PfxCertificateSource, type PfxEncryptionOptions, type PfxMaterial, type PfxPrivateKeyBagInput, type PfxPrivateKeySource, type Pkcs7CertBag, type Pkcs7CertificateSource, type PolicyConstraints, type PolicyInformation, type PolicyMapping, type PolicyMappings, type PolicyQualifierInfo, type PolicyValidationInput, type PrivateKeyImportInput, type PublicKeyImportInput, type RelativeDistinguishedNameInput, type ResolveOcspResponderCandidatesInput, type Result, type RevocationCertificateSource, type RevocationCrlEvidenceInput, type RevocationEvidenceInput, type RevocationEvidenceKind, type RevocationExecutionError, type RevocationIndeterminateReason, type RevocationOcspEvidenceInput, type RevocationPolicy, type RevocationReason, type RevocationSource, type RevocationStatus, type RevokedCertificateInput, type RsaHash, type RsaKeyAlgorithmInput, type RsaScheme, type SelfSignedCertificateResult, type ServiceIdentityInput, type ServiceIdentityType, type SrvServiceIdentityInput, type SubjectAltName, type TrustAnchor, type UriServiceIdentityInput, type ValidateCandidatePathInput, type ValidateCandidatePathResult, type ValidateCandidatePathSuccess, type ValidateCertificateRevocationListFailure, type ValidateCertificateRevocationListInput, type ValidateCertificateRevocationListResult, type ValidateForCaInput, type ValidateForCodeSigningInput, type ValidateForTlsClientInput, type ValidateForTlsServerInput, type ValidateOcspResponseFailure, type ValidateOcspResponseInput, type ValidateOcspResponseResult, type ValidityInput, type VerifiedCertificateChain, type VerifyCertificateChainInput, type VerifyCertificateRevocationListFailure, type VerifyCertificateRevocationListResult, type VerifyChainFailure, type VerifyChainResult, type VerifyErrorCode, type VerifyFailureDetails, type VerifyOcspResponseFailure, type VerifyOcspResponseResult, type VerifyPkcs7SignedDataFailure, type VerifyPkcs7SignedDataResult, type VerifyPurpose, type VerifyRequestFailure, type VerifyRequestResult, type VerifyServiceIdentityInput, buildCandidatePath, categorizePemBlocks, checkCertificateRevocation, checkCertificateRevocationAgainstCrl, checkChainRevocation, checkExtendedKeyUsage, createCertificate, createCertificateRevocationList, createCertificateSigningRequest, createOcspRequest, createOcspResponse, createPfx, createPkcs7CertBagDer, createPkcs7CertBagPem, createSelfSignedCertificate, decodeExtension, decodeExtensionMap, decodeExtensions, defineExtensionDecoder, defineExtensionDecoderMap, exportBinaryBase64, exportEncryptedPkcs1Pem, exportEncryptedPkcs8Der, exportEncryptedPkcs8Pem, exportEncryptedSec1Pem, exportPkcs1Der, exportPkcs1Pem, exportPkcs8Der, exportPkcs8Pem, exportPrivateJwk, exportPublicJwk, exportSec1Der, exportSec1Pem, exportSpkiDer, exportSpkiPem, findExtension, generateKeyPair, getCertificateOcspResponderUris, importEncryptedPkcs1Pem, importEncryptedPkcs8Der, importEncryptedPkcs8Pem, importEncryptedSec1Pem, importPkcs1Der, importPkcs1Pem, importPkcs8Base64, importPkcs8Der, importPkcs8Pem, importPrivateJwk, importPublicJwk, importSec1Der, importSec1Pem, importSpkiBase64, importSpkiDer, importSpkiPem, isCertificateRevoked, matchCertificateServiceIdentity, matchServiceIdentity, parseCertificateChainPem, parseCertificateDer, parseCertificatePem, parseCertificateRevocationListDer, parseCertificateRevocationListPem, parseCertificateSigningRequestDer, parseCertificateSigningRequestPem, parseOcspRequestDer, parseOcspRequestPem, parseOcspResponseDer, parseOcspResponsePem, parsePfxDer, parsePfxPem, parsePkcs7CertBagDer, parsePkcs7CertBagPem, parsePkcs7SignedDataDer, parsePkcs7SignedDataPem, pemDecode, pemEncode, resolveOcspResponderCandidates, splitPemBlocks, trustAnchorFromCertificate, validateCandidatePath, validateCertificateRevocationList, validateForCa, validateForCodeSigning, validateForTlsClient, validateForTlsServer, validateOcspResponse, verifyCertificateChain, verifyCertificateRevocationList, verifyCertificateSigningRequest, verifyOcspResponse, verifyPkcs7SignedData };
|
|
21
|
+
export { type AuthorityInformationAccess, type BasicConstraints, type BuildCandidatePathInput, type BuildCandidatePathResult, type CandidatePath, type CategorizedPemBlocks, type CertificateExtensionsInput, type CertificateMaterial, type CertificatePolicies, type CertificateRevocationListMaterial, type CertificateRevocationStatus, type CertificateSource, type ChainRevocationInput, type CheckCertificateRevocationAgainstCrlInput, type CheckCertificateRevocationAgainstCrlResult, type CheckCertificateRevocationInput, type CheckCertificateRevocationResult, type CheckChainRevocationInput, type CheckChainRevocationResult, type CheckChainRevocationValue, type ConfiguredOcspResponder, type CreateCertificateInput, type CreateCertificateRevocationListInput, type CreateCsrInput, type CreateOcspRequestInput, type CreateOcspRequestItemInput, type CreateOcspResponseInput, type CreateOcspSingleResponseInput, type CreatePfxInput, type CreatePkcs7SignedDataDerResult, type CreatePkcs7SignedDataErrorCode, type CreatePkcs7SignedDataFailure, type CreatePkcs7SignedDataInput, type CreatePkcs7SignedDataResult, type CreateSelfSignedCertificateInput, type CrlCertificateSource, type CrlSource, type CsrMaterial, type CsrSource, type DecodedExtensionMap, type DecodedExtensionValue, type DistributionPoint, type DistributionPointName, type DnsServiceIdentityInput, type EcKeyAlgorithmInput, type EcNamedCurve, type Ed25519KeyAlgorithmInput, type EkuCheckFailure, type EkuCheckPurpose, type EkuCheckResult, type EncryptedPkcs8Options, type ErrorResult, type ExtendedKeyUsage, type ExtensionDecoder, type ExtensionDecoderMap, type GeneralName, type GeneralSubtree, type ImportEcPublicKeyInput, type ImportEd25519PublicKeyInput, type ImportRsaPublicKeyInput, type IndexedErrorResult, type IndexedMicro509Error, type InhibitAnyPolicy, type InitialNameConstraintsInput, type IpServiceIdentityInput, type IssuingDistributionPoint, type KeyAlgorithmInput, type KeyPairMaterial, type KeyUsage, type LegacyPemEncryptionOptions, type MatchServiceIdentityErrorCode, type MatchServiceIdentityFailure, type MatchServiceIdentityInput, type MatchServiceIdentityResult, type MatchServiceIdentitySuccess, type Micro509Error, type NameAttribute, type NameConstraintForm, type NameConstraints, type NameFieldKey, type NameInput, type NameObject, type OcspCertStatus, type OcspCertificateSource, type OcspRequestMaterial, type OcspRequestSource, type OcspResponderCandidate, type OcspResponderSource, type OcspResponseMaterial, type ParseOptions, type ParsePfxErrorCode, type ParsePfxFailure, type ParsePfxOptions, type ParsePfxResult, type ParsePkcs7CertBagResult, type ParsePkcs7ErrorCode, type ParsePkcs7Failure, type ParsePkcs7SignedDataResult, type ParsedBitFlags, type ParsedCertificate, type ParsedCertificateRevocationList, type ParsedCertificateSigningRequest, type ParsedDistributionPoint, type ParsedDistributionPointName, type ParsedExtension, type ParsedIssuingDistributionPoint, type ParsedName, type ParsedNameAttribute, type ParsedNameConstraintForm, type ParsedOcspCertId, type ParsedOcspRequest, type ParsedOcspResponderId, type ParsedOcspResponse, type ParsedOcspSingleResponse, type ParsedPfx, type ParsedPfxAttribute, type ParsedPfxBag, type ParsedPfxBagAttributes, type ParsedPkcs7SignedData, type ParsedPkcs7SignerInfo, type ParsedRelativeDistinguishedName, type ParsedRevokedCertificate, type Pbes2EncryptionOptions, type Pbes2EncryptionScheme, type Pbes2Prf, type PemBlock, type PfxBagAttributesInput, type PfxCertificateBagInput, type PfxCertificateSource, type PfxEncryptionOptions, type PfxMaterial, type PfxPrivateKeyBagInput, type PfxPrivateKeySource, type Pkcs7CertBag, type Pkcs7CertificateSource, type Pkcs7SignedDataMaterial, type Pkcs7Signer, type PolicyConstraints, type PolicyInformation, type PolicyMapping, type PolicyMappings, type PolicyQualifierInfo, type PolicyValidationInput, type PrivateKeyImportInput, type PublicKeyImportInput, type RelativeDistinguishedNameInput, type ResolveOcspResponderCandidatesInput, type Result, type RevocationCertificateSource, type RevocationCrlEvidenceInput, type RevocationEvidenceInput, type RevocationEvidenceKind, type RevocationExecutionError, type RevocationIndeterminateReason, type RevocationOcspEvidenceInput, type RevocationPolicy, type RevocationReason, type RevocationSource, type RevocationStatus, type RevokedCertificateInput, type RsaHash, type RsaKeyAlgorithmInput, type RsaScheme, type SelfSignedCertificateResult, type ServiceIdentityInput, type ServiceIdentityType, type SrvServiceIdentityInput, type SubjectAltName, type TrustAnchor, type UriServiceIdentityInput, type ValidateCandidatePathInput, type ValidateCandidatePathResult, type ValidateCandidatePathSuccess, type ValidateCertificateRevocationListFailure, type ValidateCertificateRevocationListInput, type ValidateCertificateRevocationListResult, type ValidateForCaInput, type ValidateForCodeSigningInput, type ValidateForTlsClientInput, type ValidateForTlsServerInput, type ValidateOcspResponseFailure, type ValidateOcspResponseInput, type ValidateOcspResponseResult, type ValidityInput, type VerifiedCertificateChain, type VerifyCertificateChainInput, type VerifyCertificateRevocationListFailure, type VerifyCertificateRevocationListResult, type VerifyChainFailure, type VerifyChainResult, type VerifyErrorCode, type VerifyFailureDetails, type VerifyOcspResponseFailure, type VerifyOcspResponseResult, type VerifyPkcs7SignedDataFailure, type VerifyPkcs7SignedDataResult, type VerifyPurpose, type VerifyRequestFailure, type VerifyRequestResult, type VerifyServiceIdentityInput, buildCandidatePath, categorizePemBlocks, checkCertificateRevocation, checkCertificateRevocationAgainstCrl, checkChainRevocation, checkExtendedKeyUsage, createCertificate, createCertificateRevocationList, createCertificateSigningRequest, createOcspRequest, createOcspResponse, createPfx, createPkcs7CertBagDer, createPkcs7CertBagPem, createPkcs7SignedDataDer, createPkcs7SignedDataPem, createSelfSignedCertificate, decodeExtension, decodeExtensionMap, decodeExtensions, defineExtensionDecoder, defineExtensionDecoderMap, exportBinaryBase64, exportEncryptedPkcs1Pem, exportEncryptedPkcs8Der, exportEncryptedPkcs8Pem, exportEncryptedSec1Pem, exportPkcs1Der, exportPkcs1Pem, exportPkcs8Der, exportPkcs8Pem, exportPrivateJwk, exportPublicJwk, exportSec1Der, exportSec1Pem, exportSpkiDer, exportSpkiPem, findExtension, generateKeyPair, getCertificateOcspResponderUris, importEncryptedPkcs1Pem, importEncryptedPkcs8Der, importEncryptedPkcs8Pem, importEncryptedSec1Pem, importPkcs1Der, importPkcs1Pem, importPkcs8Base64, importPkcs8Der, importPkcs8Pem, importPrivateJwk, importPublicJwk, importSec1Der, importSec1Pem, importSpkiBase64, importSpkiDer, importSpkiPem, isCertificateRevoked, matchCertificateServiceIdentity, matchServiceIdentity, parseCertificateChainPem, parseCertificateDer, parseCertificatePem, parseCertificateRevocationListDer, parseCertificateRevocationListPem, parseCertificateSigningRequestDer, parseCertificateSigningRequestPem, parseOcspRequestDer, parseOcspRequestPem, parseOcspResponseDer, parseOcspResponsePem, parsePfxDer, parsePfxPem, parsePkcs7CertBagDer, parsePkcs7CertBagPem, parsePkcs7SignedDataDer, parsePkcs7SignedDataPem, pemDecode, pemEncode, resolveOcspResponderCandidates, splitPemBlocks, trustAnchorFromCertificate, validateCandidatePath, validateCertificateRevocationList, validateForCa, validateForCodeSigning, validateForTlsClient, validateForTlsServer, validateOcspResponse, verifyCertificateChain, verifyCertificateRevocationList, verifyCertificateSigningRequest, verifyOcspResponse, verifyPkcs7SignedData };
|
package/dist/index.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
import{categorizePemBlocks as e,pemDecode as t,pemEncode as n,splitPemBlocks as r}from"./pem/pem.js";import{exportBinaryBase64 as i,exportEncryptedPkcs1Pem as a,exportEncryptedPkcs8Der as o,exportEncryptedPkcs8Pem as s,exportEncryptedSec1Pem as c,exportPkcs1Der as l,exportPkcs1Pem as u,exportPkcs8Der as d,exportPkcs8Pem as f,exportPrivateJwk as p,exportPublicJwk as m,exportSec1Der as h,exportSec1Pem as g,exportSpkiDer as _,exportSpkiPem as v,generateKeyPair as y,importEncryptedPkcs1Pem as b,importEncryptedPkcs8Der as x,importEncryptedPkcs8Pem as S,importEncryptedSec1Pem as C,importPkcs1Der as w,importPkcs1Pem as T,importPkcs8Base64 as E,importPkcs8Der as D,importPkcs8Pem as O,importPrivateJwk as k,importPublicJwk as A,importSec1Der as j,importSec1Pem as M,importSpkiBase64 as N,importSpkiDer as P,importSpkiPem as F}from"./keys/keys.js";import{decodeExtension as I,decodeExtensionMap as L,decodeExtensions as R,defineExtensionDecoder as z,defineExtensionDecoderMap as B,findExtension as V,parseCertificateChainPem as H,parseCertificateDer as U,parseCertificatePem as W,parseCertificateSigningRequestDer as G,parseCertificateSigningRequestPem as K}from"./x509/parse.js";import{createPfx as q,parsePfxDer as J,parsePfxPem as Y}from"./pkcs/pfx.js";import{createPkcs7CertBagDer as X,createPkcs7CertBagPem as Z,
|
|
1
|
+
import{categorizePemBlocks as e,pemDecode as t,pemEncode as n,splitPemBlocks as r}from"./pem/pem.js";import{exportBinaryBase64 as i,exportEncryptedPkcs1Pem as a,exportEncryptedPkcs8Der as o,exportEncryptedPkcs8Pem as s,exportEncryptedSec1Pem as c,exportPkcs1Der as l,exportPkcs1Pem as u,exportPkcs8Der as d,exportPkcs8Pem as f,exportPrivateJwk as p,exportPublicJwk as m,exportSec1Der as h,exportSec1Pem as g,exportSpkiDer as _,exportSpkiPem as v,generateKeyPair as y,importEncryptedPkcs1Pem as b,importEncryptedPkcs8Der as x,importEncryptedPkcs8Pem as S,importEncryptedSec1Pem as C,importPkcs1Der as w,importPkcs1Pem as T,importPkcs8Base64 as E,importPkcs8Der as D,importPkcs8Pem as O,importPrivateJwk as k,importPublicJwk as A,importSec1Der as j,importSec1Pem as M,importSpkiBase64 as N,importSpkiDer as P,importSpkiPem as F}from"./keys/keys.js";import{decodeExtension as I,decodeExtensionMap as L,decodeExtensions as R,defineExtensionDecoder as z,defineExtensionDecoderMap as B,findExtension as V,parseCertificateChainPem as H,parseCertificateDer as U,parseCertificatePem as W,parseCertificateSigningRequestDer as G,parseCertificateSigningRequestPem as K}from"./x509/parse.js";import{createPfx as q,parsePfxDer as J,parsePfxPem as Y}from"./pkcs/pfx.js";import{createPkcs7CertBagDer as X,createPkcs7CertBagPem as Z,createPkcs7SignedDataDer as Q,createPkcs7SignedDataPem as $,parsePkcs7CertBagDer as ee,parsePkcs7CertBagPem as te,parsePkcs7SignedDataDer as ne,parsePkcs7SignedDataPem as re,verifyPkcs7SignedData as ie}from"./pkcs/pkcs7.js";import{checkCertificateRevocationAgainstCrl as ae,createCertificateRevocationList as oe,isCertificateRevoked as se,parseCertificateRevocationListDer as ce,parseCertificateRevocationListPem as le,validateCertificateRevocationList as ue,verifyCertificateRevocationList as de}from"./revocation/crl.js";import{checkChainRevocation as fe}from"./revocation/chain.js";import{matchCertificateServiceIdentity as pe,matchServiceIdentity as me}from"./verify/identity.js";import{buildCandidatePath as he,checkExtendedKeyUsage as ge,trustAnchorFromCertificate as _e,validateCandidatePath as ve,validateForCa as ye,validateForCodeSigning as be,validateForTlsClient as xe,validateForTlsServer as Se,verifyCertificateChain as Ce,verifyCertificateSigningRequest as we}from"./verify/verify.js";import{createOcspRequest as Te,createOcspResponse as Ee,parseOcspRequestDer as De,parseOcspRequestPem as Oe,parseOcspResponseDer as ke,parseOcspResponsePem as Ae,validateOcspResponse as je,verifyOcspResponse as Me}from"./revocation/ocsp.js";import{checkCertificateRevocation as Ne,getCertificateOcspResponderUris as Pe,resolveOcspResponderCandidates as Fe}from"./revocation/revocation.js";import{createCertificate as Ie,createSelfSignedCertificate as Le}from"./x509/certificate.js";import{createCertificateSigningRequest as Re}from"./x509/csr.js";export{he as buildCandidatePath,e as categorizePemBlocks,Ne as checkCertificateRevocation,ae as checkCertificateRevocationAgainstCrl,fe as checkChainRevocation,ge as checkExtendedKeyUsage,Ie as createCertificate,oe as createCertificateRevocationList,Re as createCertificateSigningRequest,Te as createOcspRequest,Ee as createOcspResponse,q as createPfx,X as createPkcs7CertBagDer,Z as createPkcs7CertBagPem,Q as createPkcs7SignedDataDer,$ as createPkcs7SignedDataPem,Le as createSelfSignedCertificate,I as decodeExtension,L as decodeExtensionMap,R as decodeExtensions,z as defineExtensionDecoder,B as defineExtensionDecoderMap,i as exportBinaryBase64,a as exportEncryptedPkcs1Pem,o as exportEncryptedPkcs8Der,s as exportEncryptedPkcs8Pem,c as exportEncryptedSec1Pem,l as exportPkcs1Der,u as exportPkcs1Pem,d as exportPkcs8Der,f as exportPkcs8Pem,p as exportPrivateJwk,m as exportPublicJwk,h as exportSec1Der,g as exportSec1Pem,_ as exportSpkiDer,v as exportSpkiPem,V as findExtension,y as generateKeyPair,Pe as getCertificateOcspResponderUris,b as importEncryptedPkcs1Pem,x as importEncryptedPkcs8Der,S as importEncryptedPkcs8Pem,C as importEncryptedSec1Pem,w as importPkcs1Der,T as importPkcs1Pem,E as importPkcs8Base64,D as importPkcs8Der,O as importPkcs8Pem,k as importPrivateJwk,A as importPublicJwk,j as importSec1Der,M as importSec1Pem,N as importSpkiBase64,P as importSpkiDer,F as importSpkiPem,se as isCertificateRevoked,pe as matchCertificateServiceIdentity,me as matchServiceIdentity,H as parseCertificateChainPem,U as parseCertificateDer,W as parseCertificatePem,ce as parseCertificateRevocationListDer,le as parseCertificateRevocationListPem,G as parseCertificateSigningRequestDer,K as parseCertificateSigningRequestPem,De as parseOcspRequestDer,Oe as parseOcspRequestPem,ke as parseOcspResponseDer,Ae as parseOcspResponsePem,J as parsePfxDer,Y as parsePfxPem,ee as parsePkcs7CertBagDer,te as parsePkcs7CertBagPem,ne as parsePkcs7SignedDataDer,re as parsePkcs7SignedDataPem,t as pemDecode,n as pemEncode,Fe as resolveOcspResponderCandidates,r as splitPemBlocks,_e as trustAnchorFromCertificate,ve as validateCandidatePath,ue as validateCertificateRevocationList,ye as validateForCa,be as validateForCodeSigning,xe as validateForTlsClient,Se as validateForTlsServer,je as validateOcspResponse,Ce as verifyCertificateChain,de as verifyCertificateRevocationList,we as verifyCertificateSigningRequest,Me as verifyOcspResponse,ie as verifyPkcs7SignedData};
|
package/dist/pkcs/pkcs7.d.ts
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
import { ErrorResult, Micro509Error } from "../result/result.js";
|
|
2
2
|
import { ParsedCertificate, ParsedName } from "../x509/parse.js";
|
|
3
|
+
import { SignatureProfileInput } from "../internal/crypto/signing.js";
|
|
3
4
|
|
|
4
5
|
//#region src/pkcs/pkcs7.d.ts
|
|
5
6
|
/** PEM text (may contain multiple CERTIFICATE blocks) or raw DER bytes. */
|
|
@@ -100,6 +101,90 @@ declare function createPkcs7CertBagDer(certificates: readonly Pkcs7CertificateSo
|
|
|
100
101
|
* Creates a degenerate PKCS#7 SignedData certificate bag and returns DER, PEM, and base64 forms.
|
|
101
102
|
*/
|
|
102
103
|
declare function createPkcs7CertBagPem(certificates: readonly Pkcs7CertificateSource[]): Pkcs7CertBag;
|
|
104
|
+
/** A single signer for {@linkcode createPkcs7SignedDataDer} / {@linkcode createPkcs7SignedDataPem}. */
|
|
105
|
+
interface Pkcs7Signer {
|
|
106
|
+
/**
|
|
107
|
+
* Signer certificate (PEM text with one CERTIFICATE block, or raw DER).
|
|
108
|
+
* Embedded in the SignedData certificate set and referenced by the
|
|
109
|
+
* SignerInfo via issuerAndSerialNumber.
|
|
110
|
+
*/
|
|
111
|
+
readonly certificate: Pkcs7CertificateSource;
|
|
112
|
+
/** Private key matching the certificate's public key, used to sign. */
|
|
113
|
+
readonly privateKey: CryptoKey;
|
|
114
|
+
/**
|
|
115
|
+
* Signature profile. Defaults to inferring the algorithm from the key
|
|
116
|
+
* (e.g. ECDSA→ecdsa-with-SHA*, RSA→sha*WithRSAEncryption, Ed25519).
|
|
117
|
+
* Pass `{ kind: 'rsa-pss' }` to force RSA-PSS padding for an RSA-PSS key.
|
|
118
|
+
*/
|
|
119
|
+
readonly signature?: SignatureProfileInput;
|
|
120
|
+
}
|
|
121
|
+
/** Input for {@linkcode createPkcs7SignedDataDer} / {@linkcode createPkcs7SignedDataPem}. */
|
|
122
|
+
interface CreatePkcs7SignedDataInput {
|
|
123
|
+
/** Content to encapsulate and sign (the eContent). */
|
|
124
|
+
readonly content: Uint8Array;
|
|
125
|
+
/** One or more signers. Each produces a SignerInfo with signed attributes. */
|
|
126
|
+
readonly signers: readonly Pkcs7Signer[];
|
|
127
|
+
/**
|
|
128
|
+
* Additional certificates to embed (e.g. intermediates). Signer
|
|
129
|
+
* certificates are always embedded; duplicate DER is removed.
|
|
130
|
+
*/
|
|
131
|
+
readonly additionalCertificates?: readonly Pkcs7CertificateSource[];
|
|
132
|
+
/**
|
|
133
|
+
* Encapsulated content type OID.
|
|
134
|
+
* @default `'1.2.840.113549.1.7.1'` (pkcs7-data)
|
|
135
|
+
*/
|
|
136
|
+
readonly encapsulatedContentTypeOid?: string;
|
|
137
|
+
}
|
|
138
|
+
/** DER, PEM, and base64 encodings of a PKCS#7 SignedData structure. */
|
|
139
|
+
interface Pkcs7SignedDataMaterial {
|
|
140
|
+
/** Raw DER-encoded PKCS#7 SignedData. */
|
|
141
|
+
readonly der: Uint8Array;
|
|
142
|
+
/** PEM-armored PKCS#7 (`-----BEGIN PKCS7-----`). */
|
|
143
|
+
readonly pem: string;
|
|
144
|
+
/** Base64-encoded DER (no PEM armor). */
|
|
145
|
+
readonly base64: string;
|
|
146
|
+
}
|
|
147
|
+
/** Caller-correctable failure codes from {@linkcode createPkcs7SignedDataDer} / {@linkcode createPkcs7SignedDataPem}. */
|
|
148
|
+
type CreatePkcs7SignedDataErrorCode = "no_signers" | "invalid_signer_certificate" | "unsupported_signer_key";
|
|
149
|
+
/** Error payload for a failed PKCS#7 SignedData creation. */
|
|
150
|
+
interface CreatePkcs7SignedDataFailure extends Micro509Error<CreatePkcs7SignedDataErrorCode> {
|
|
151
|
+
/** Always `false` for failures. */
|
|
152
|
+
readonly ok: false;
|
|
153
|
+
}
|
|
154
|
+
/** Success-or-failure result from {@linkcode createPkcs7SignedDataDer}. */
|
|
155
|
+
type CreatePkcs7SignedDataDerResult = {
|
|
156
|
+
/** Creation succeeded. */readonly ok: true; /** Raw DER-encoded SignedData. */
|
|
157
|
+
readonly value: Uint8Array;
|
|
158
|
+
} | ErrorResult<CreatePkcs7SignedDataErrorCode, Record<never, never>, CreatePkcs7SignedDataFailure>;
|
|
159
|
+
/** Success-or-failure result from {@linkcode createPkcs7SignedDataPem}. */
|
|
160
|
+
type CreatePkcs7SignedDataResult = {
|
|
161
|
+
/** Creation succeeded. */readonly ok: true; /** DER, PEM, and base64 forms of the SignedData. */
|
|
162
|
+
readonly value: Pkcs7SignedDataMaterial;
|
|
163
|
+
} | ErrorResult<CreatePkcs7SignedDataErrorCode, Record<never, never>, CreatePkcs7SignedDataFailure>;
|
|
164
|
+
/**
|
|
165
|
+
* Creates a PKCS#7/CMS SignedData with one or more signers over `content`.
|
|
166
|
+
*
|
|
167
|
+
* Each signer uses the RFC 5652 Section 5.4 signed-attributes flow: the
|
|
168
|
+
* signature covers a `SET OF` authenticated attributes carrying `contentType`
|
|
169
|
+
* and `messageDigest` (the digest of the encapsulated content). The content is
|
|
170
|
+
* embedded (attached signature), so the result verifies with
|
|
171
|
+
* {@linkcode verifyPkcs7SignedData} without any external data.
|
|
172
|
+
*
|
|
173
|
+
* The content digest is derived from each signer's key (P-256/RSA-SHA256 →
|
|
174
|
+
* SHA-256, P-384 → SHA-384, P-521 → SHA-512, Ed25519 → SHA-512 per RFC 8419).
|
|
175
|
+
*
|
|
176
|
+
* Returns a {@linkcode CreatePkcs7SignedDataDerResult}: the raw DER on success,
|
|
177
|
+
* or a typed failure for caller-correctable input (no signers, a signer source
|
|
178
|
+
* that is not exactly one certificate, or an unsupported signer key). Use
|
|
179
|
+
* {@linkcode createPkcs7SignedDataPem} for PEM + base64.
|
|
180
|
+
*/
|
|
181
|
+
declare function createPkcs7SignedDataDer(input: CreatePkcs7SignedDataInput): Promise<CreatePkcs7SignedDataDerResult>;
|
|
182
|
+
/**
|
|
183
|
+
* Creates a PKCS#7/CMS SignedData over `content` and returns DER, PEM, and
|
|
184
|
+
* base64 forms, or a typed {@linkcode CreatePkcs7SignedDataFailure} for
|
|
185
|
+
* caller-correctable input.
|
|
186
|
+
*/
|
|
187
|
+
declare function createPkcs7SignedDataPem(input: CreatePkcs7SignedDataInput): Promise<CreatePkcs7SignedDataResult>;
|
|
103
188
|
/** Parses a DER-encoded PKCS#7 cert bag, returning the contained certificates. */
|
|
104
189
|
declare function parsePkcs7CertBagDer(der: Uint8Array): ParsePkcs7CertBagResult;
|
|
105
190
|
/** Parses a PEM-armored PKCS#7 cert bag. Expects exactly one `PKCS7` PEM block. */
|
|
@@ -127,5 +212,5 @@ declare function parsePkcs7SignedDataPem(pem: string): ParsePkcs7SignedDataResul
|
|
|
127
212
|
*/
|
|
128
213
|
declare function verifyPkcs7SignedData(input: string | Uint8Array | ParsedPkcs7SignedData): Promise<VerifyPkcs7SignedDataResult>;
|
|
129
214
|
//#endregion
|
|
130
|
-
export { ParsePkcs7CertBagResult, ParsePkcs7ErrorCode, ParsePkcs7Failure, ParsePkcs7SignedDataResult, ParsedPkcs7SignedData, ParsedPkcs7SignerInfo, Pkcs7CertBag, Pkcs7CertificateSource, VerifyPkcs7SignedDataFailure, VerifyPkcs7SignedDataResult, createPkcs7CertBagDer, createPkcs7CertBagPem, parsePkcs7CertBagDer, parsePkcs7CertBagPem, parsePkcs7SignedDataDer, parsePkcs7SignedDataPem, verifyPkcs7SignedData };
|
|
215
|
+
export { CreatePkcs7SignedDataDerResult, CreatePkcs7SignedDataErrorCode, CreatePkcs7SignedDataFailure, CreatePkcs7SignedDataInput, CreatePkcs7SignedDataResult, ParsePkcs7CertBagResult, ParsePkcs7ErrorCode, ParsePkcs7Failure, ParsePkcs7SignedDataResult, ParsedPkcs7SignedData, ParsedPkcs7SignerInfo, Pkcs7CertBag, Pkcs7CertificateSource, Pkcs7SignedDataMaterial, Pkcs7Signer, VerifyPkcs7SignedDataFailure, VerifyPkcs7SignedDataResult, createPkcs7CertBagDer, createPkcs7CertBagPem, createPkcs7SignedDataDer, createPkcs7SignedDataPem, parsePkcs7CertBagDer, parsePkcs7CertBagPem, parsePkcs7SignedDataDer, parsePkcs7SignedDataPem, verifyPkcs7SignedData };
|
|
131
216
|
//# sourceMappingURL=pkcs7.d.ts.map
|
package/dist/pkcs/pkcs7.js
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
import{concatBytes as e,explicitContext as t,integerFromNumber as n,objectIdentifier as r,readElement as i,readRootElement as a,readSequenceChildren as o,sequence as s,setOf as c}from"../internal/asn1/der.js";import{childrenOf as l,decodeIntegerNumber as u,decodeObjectIdentifier as d,decodeString as f,requireElement as p,toArrayBuffer as m,toHex as h}from"../internal/asn1/asn1.js";import{OIDS as g}from"../internal/asn1/oids.js";import{getCrypto as _}from"../internal/crypto/webcrypto.js";import{base64Encode as v}from"../internal/shared/base64.js";import{pemEncode as y,splitPemBlocks as b}from"../pem/pem.js";import{describeHashAlgorithm as x,describeSignatureAlgorithm as S}from"../internal/crypto/algorithm-names.js";import{nameFieldKeyFromOid as C}from"../internal/x509/name-fields.js";import{parseCertificateDer as w}from"../x509/parse.js";import{verifySignedDataDetailed as T}from"../internal/crypto/sig-verify.js";import{compareDistinguishedNames as E}from"../internal/shared/dn.js";function D(i){let a=i.flatMap(I),o=s([n(1),c([]),s([r(g.pkcs7Data)]),t(0,e(a)),c([])]);return s([r(g.pkcs7SignedData),t(0,o)])}function O(e){let t=D(e);return{der:t,pem:y(`PKCS7`,t),base64:v(t)}}function k(e){let t=j(e);return t.ok?{ok:!0,value:t.value.certificates}:t}function A(e){try{let t=b(e).filter(e=>e.label===`PKCS7`);if(t.length!==1)return P(`malformed`,`Expected exactly one PKCS7 PEM block`);let n=t[0];return n===void 0?P(`malformed`,`Missing PKCS7 block`):k(n.bytes)}catch{return P(`malformed`,`Expected exactly one PKCS7 PEM block`)}}function j(e){try{let t=o(e,{maxDepth:64}),n=t[0],r=t[1];if(n===void 0||r===void 0||t.length!==2||n.tag!==6||r.tag!==160||l(e,r).length!==1)return P(`malformed`,`Malformed PKCS#7 content info`);let i=d(n.value);if(i!==g.pkcs7SignedData)return P(`not_signed_data`,`PKCS#7 content is not signedData`);let a=l(e,W(e,r,0,`signedData`)),s=a[0],c=a[1],f=a[2],p=a.slice(3),m=p[p.length-1],h,_;for(let e of p.slice(0,-1)){if(e?.tag===160){if(_!==void 0)return P(`malformed`,`SignedData certificates field must precede CRLs field`);if(h!==void 0)return P(`malformed`,`SignedData certificates field must not repeat`);h=e;continue}if(e?.tag===161){if(_!==void 0)return P(`malformed`,`SignedData CRLs field must not repeat`);_=e;continue}return P(`malformed`,`Malformed SignedData optional field`)}if(s===void 0||c===void 0||f===void 0||m===void 0||m.tag!==49)return P(`malformed`,`Malformed SignedData`);let v=e.slice(f.start-f.headerLength,f.end),y=o(v),b=y[0],S=y[1],C=R(e,c);return b===void 0?P(`malformed`,`Malformed EncapsulatedContentInfo`):{ok:!0,value:{der:new Uint8Array(e),contentTypeOid:i,version:u(s.value),digestAlgorithmOids:C,digestAlgorithmNames:C.map(e=>x(e)),encapsulatedContentTypeOid:d(b.value),...S===void 0?{}:{encapsulatedContent:B(v,S)},certificates:L(e,h),signerInfos:z(e,m)}}}catch{return P(`malformed`,`Malformed PKCS#7 structure`)}}function M(e){try{let t=b(e).filter(e=>e.label===`PKCS7`),n=t[0];return n===void 0||t.length!==1?P(`malformed`,`Expected exactly one PKCS7 PEM block`):j(n.bytes)}catch{return P(`malformed`,`Expected exactly one PKCS7 PEM block`)}}async function N(e){let t;if(typeof e==`string`){let n=M(e);if(!n.ok)return n;t=n.value}else if(e instanceof Uint8Array){let n=j(e);if(!n.ok)return n;t=n.value}else{if(!Q(e))return F(`malformed`,`SignedData parsed input is malformed`);let n=j(new Uint8Array(e.der));if(!n.ok)return n;t=n.value}if(t.encapsulatedContent===void 0)return F(`content_missing`,`SignedData encapsulated content is missing`);for(let e of t.signerInfos){let n=t.certificates.find(t=>X(t,e));if(n===void 0)return F(`signer_not_found`,`Signer certificate not found in SignedData certificates`);if(e.hasSignedAttrs){let r=await Y(e,n,t.encapsulatedContent,t.encapsulatedContentTypeOid);if(!r.ok)return r;continue}let r;try{let i=await T(e.signatureAlgorithmOid,e.signatureAlgorithmParametersDer,n.publicKeyAlgorithmOid,n.publicKeyParametersOid,n.subjectPublicKeyInfoDer,e.signature,t.encapsulatedContent);if(!i.ok)return i.code===`verification_error`?F(`malformed`,`SignedData signature verification failed`):F(`malformed`,`Unsupported signature algorithm in SignedData`);r=i.valid}catch{return F(`malformed`,`Unsupported signature algorithm in SignedData`)}if(!r)return F(`signature_invalid`,`SignedData signature does not verify`)}return{ok:!0,value:t}}function P(e,t){return{ok:!1,error:{ok:!1,code:e,message:t},code:e,message:t}}function F(e,t){return{ok:!1,error:{ok:!1,code:e,message:t},code:e,message:t}}function I(e){return typeof e==`string`?b(e).filter(e=>e.label===`CERTIFICATE`).map(e=>new Uint8Array(e.bytes)):[new Uint8Array(e)]}function L(e,t){if(t===void 0||t.tag!==160)return[];let n=[],r=t.start;for(;r<t.end;){let t=i(e,r);n.push(w(e.slice(r,t.end))),r=t.end}return n}function R(e,t){let n=[];if(t.tag!==49)throw Error(`digestAlgorithms must use SET`);for(let r of l(e,t)){if(r.tag!==48)throw Error(`digestAlgorithm must use AlgorithmIdentifier SEQUENCE`);let t=o(e.slice(r.start-r.headerLength,r.end)),i=t[0];if(i===void 0||t.length<1||t.length>2||i.tag!==6)throw Error(`Malformed digest AlgorithmIdentifier`);n.push(d(i.value))}return n}function z(e,t){let n=[];for(let r of l(e,t)){let t=e.slice(r.start-r.headerLength,r.end),i=o(t),a=i[0],s=i[1],c=i[2],l=3,f=i[l]?.tag===160?i[l]:void 0,m=f!==void 0;m&&(l+=1);let g=i[l],_=i[l+1],v=i[l+2];if(a===void 0||s===void 0||c===void 0||g===void 0||_===void 0||_.tag!==4||i.length>l+3||v!==void 0&&v.tag!==161)throw Error(`Malformed SignerInfo`);let y=d(p(o(t.slice(c.start-c.headerLength,c.end))[0],`digest algorithm OID`).value),b=t.slice(g.start-g.headerLength,g.end),C=o(b),w=d(p(C[0],`signature algorithm OID`).value),T=C[1],E=V(t.slice(s.start-s.headerLength,s.end));n.push({version:u(a.value),...E.issuer===void 0?{}:{issuer:E.issuer},...E.serialNumberHex===void 0?{}:{serialNumberHex:E.serialNumberHex},...E.subjectKeyIdentifier===void 0?{}:{subjectKeyIdentifier:E.subjectKeyIdentifier},digestAlgorithmOid:y,digestAlgorithmName:x(y),signatureAlgorithmOid:w,signatureAlgorithmName:S(w,T===void 0?void 0:new Uint8Array(b.slice(T.start-T.headerLength,T.end))),...T===void 0?{}:{signatureAlgorithmParametersDer:new Uint8Array(b.slice(T.start-T.headerLength,T.end))},signatureHex:h(_.value),signature:new Uint8Array(_.value),hasSignedAttrs:m,...f===void 0?{}:{signedAttrsDer:new Uint8Array(t.slice(f.start-f.headerLength,f.end))}})}return n}function B(e,t){if(t.tag!==160)throw Error(`Unexpected encapsulated content tag`);let n=i(e,t.start);if(n.tag!==4)throw Error(`Expected encapsulated OCTET STRING`);return n.value}function V(e){let t=a(e,{maxDepth:64});if(t.tag===128){if(t.value.length===0)throw Error(`SignerIdentifier subjectKeyIdentifier must not be empty`);return{subjectKeyIdentifier:h(t.value)}}if(t.tag===48){let t=o(e),n=t[0],r=t[1];if(n===void 0||r===void 0||t.length!==2)throw Error(`SignerIdentifier issuerAndSerialNumber is malformed`);if(n.tag!==48)throw Error(`SignerIdentifier issuer must use Name SEQUENCE`);if(r.tag!==2)throw Error(`SignerIdentifier serialNumber must use INTEGER`);return $(r.value,`SignerIdentifier serialNumber`),{issuer:U(e,n),serialNumberHex:h(r.value)}}throw Error(`Unsupported SignerIdentifier tag: ${String(t.tag)}`)}const H=new TextDecoder;function U(e,t){let n=h(e.slice(t.start-t.headerLength,t.end)),r=[],i=[],a={};for(let n of l(e,t)){let t=[],o={};for(let r of l(e,n)){let n=l(e,r),s=p(n[0],`signer issuer attribute OID`),c=p(n[1],`signer issuer attribute value`),u=d(s.value),m;try{m=f(c.tag,c.value)}catch{m=H.decode(c.value)}let h=C(u),g=h===void 0?{oid:u,valueTag:c.tag,value:m}:{oid:u,key:h,valueTag:c.tag,value:m};t.push(g),i.push(g),h!==void 0&&(o[h]===void 0&&(o[h]=m),a[h]===void 0&&(a[h]=m))}r.push({derHex:h(e.slice(n.start-n.headerLength,n.end)),attributes:t,values:o})}return{derHex:n,rdns:r,attributes:i,values:a}}function W(e,t,n,r){let a=t.start,o=0;for(;a<t.end;){let t=i(e,a);if(o===n)return t;a=t.end,o+=1}throw Error(`Missing ${r}`)}function G(e){switch(e){case g.sha256:return`SHA-256`;case g.sha384:return`SHA-384`;case g.sha512:return`SHA-512`;default:throw Error(`Unsupported digest algorithm OID: ${e}`)}}function K(e){let t=i(e),n,r;for(let i of l(e,t)){let t=e.slice(i.start-i.headerLength,i.end),a=o(t),s=a[0],c=a[1];if(s===void 0||c===void 0||a.length!==2||c.tag!==49)throw Error(`Malformed signedAttrs attribute`);let u=d(s.value),f=l(t,c);if(u===g.cmsMessageDigest){if(n!==void 0||f.length!==1)throw Error(`messageDigest attribute must appear exactly once with one value`);let e=f[0];if(e===void 0||e.tag!==4)throw Error(`messageDigest attribute value must use OCTET STRING`);n=e.value;continue}if(u===g.cmsContentType){if(r!==void 0||f.length!==1)throw Error(`contentType attribute must appear exactly once with one value`);let e=f[0];if(e===void 0||e.tag!==6)throw Error(`contentType attribute value must use OBJECT IDENTIFIER`);r=d(e.value)}}if(n===void 0)throw Error(`Missing messageDigest attribute in signedAttrs`);if(r===void 0)throw Error(`Missing contentType attribute in signedAttrs`);return{messageDigest:n,contentTypeOid:r}}function q(e){let t=new Uint8Array(e);return t[0]=49,t}function J(e,t){if(e.length!==t.length)return!1;let n=0;for(let r=0;r<e.length;r+=1)n|=(e[r]??0)^(t[r]??0);return n===0}async function Y(e,t,n,r){if(e.signedAttrsDer===void 0)return F(`malformed`,`Missing signedAttrs DER`);let i;try{Z(e.signedAttrsDer),i=K(e.signedAttrsDer)}catch{return F(`malformed`,`Malformed signedAttrs in SignedData`)}if(i.contentTypeOid!==r)return F(`malformed`,`SignedData contentType attribute does not match`);let a;try{let t=G(e.digestAlgorithmOid);a=new Uint8Array(await _().subtle.digest(t,m(n)))}catch{return F(`malformed`,`Unsupported digest algorithm in SignedData`)}if(!J(a,i.messageDigest))return F(`message_digest_mismatch`,`Content digest does not match messageDigest attribute`);let o;try{o=q(e.signedAttrsDer)}catch{return F(`malformed`,`Malformed signedAttrs in SignedData`)}let s;try{let n=await T(e.signatureAlgorithmOid,e.signatureAlgorithmParametersDer,t.publicKeyAlgorithmOid,t.publicKeyParametersOid,t.subjectPublicKeyInfoDer,e.signature,o);if(!n.ok)return n.code===`verification_error`?F(`malformed`,`SignedData signature verification failed`):F(`malformed`,`Unsupported signature algorithm in SignedData`);s=n.valid}catch{return F(`malformed`,`Unsupported signature algorithm in SignedData`)}return s?{ok:!0}:F(`signature_invalid`,`SignedData signature over signedAttrs does not verify`)}function X(e,t){return t.issuer!==void 0||t.serialNumberHex!==void 0?t.issuer!==void 0&&t.serialNumberHex!==void 0&&e.serialNumberHex===t.serialNumberHex&&E(e.issuer,t.issuer):t.subjectKeyIdentifier!==void 0&&e.subjectKeyIdentifier===t.subjectKeyIdentifier}function Z(e){if(i(e).tag!==160)throw Error(`signedAttrs must use IMPLICIT [0] tag`)}function Q(e){return`der`in e&&e.der instanceof Uint8Array}function $(e,t){let n=e[0];if(n===void 0)throw Error(`${t} must not be empty`);if(n&128)throw Error(`${t} must be non-negative`);if(e.length>1&&n===0&&!((e[1]??0)&128))throw Error(`${t} must use minimal encoding`)}export{D as createPkcs7CertBagDer,O as createPkcs7CertBagPem,k as parsePkcs7CertBagDer,A as parsePkcs7CertBagPem,j as parsePkcs7SignedDataDer,M as parsePkcs7SignedDataPem,N as verifyPkcs7SignedData};
|
|
1
|
+
import{concatBytes as e,explicitContext as t,integer as n,integerFromNumber as r,nullValue as i,objectIdentifier as a,octetString as o,readElement as s,readRootElement as c,readSequenceChildren as l,sequence as u,setOf as d}from"../internal/asn1/der.js";import{childrenOf as f,decodeIntegerNumber as p,decodeObjectIdentifier as m,decodeString as h,hexToBytes as g,requireElement as _,toArrayBuffer as v,toHex as y}from"../internal/asn1/asn1.js";import{OIDS as b}from"../internal/asn1/oids.js";import{getCrypto as x}from"../internal/crypto/webcrypto.js";import{base64Encode as S}from"../internal/shared/base64.js";import{pemEncode as C,splitPemBlocks as w}from"../pem/pem.js";import{describeHashAlgorithm as T,describeSignatureAlgorithm as E}from"../internal/crypto/algorithm-names.js";import{nameFieldKeyFromOid as D}from"../internal/x509/name-fields.js";import{parseCertificateDer as O}from"../x509/parse.js";import{verifySignedDataDetailed as k}from"../internal/crypto/sig-verify.js";import{encodeAlgorithmIdentifier as A,getSignatureAlgorithm as j,signBytes as M}from"../internal/crypto/signing.js";import{compareDistinguishedNames as N}from"../internal/shared/dn.js";function P(n){let i=n.flatMap(G),o=u([r(1),d([]),u([a(b.pkcs7Data)]),t(0,e(i)),d([])]);return u([a(b.pkcs7SignedData),t(0,o)])}function F(e){let t=P(e);return{der:t,pem:C(`PKCS7`,t),base64:S(t)}}async function I(e){if(e.signers.length===0)return W(`no_signers`,`createPkcs7SignedData requires at least one signer`);let s=e.encapsulatedContentTypeOid??b.pkcs7Data,c=e.content.slice(),l=[],f=new Set,p=e=>{let t=y(e);f.has(t)||(f.add(t),l.push(e))},m=new Set,h=[];for(let t of e.signers){let e=G(t.certificate),l=e[0];if(l===void 0||e.length!==1)return W(`invalid_signer_certificate`,`Each PKCS#7 signer must provide exactly one certificate`);p(l);let d;try{d=O(l)}catch{return W(`invalid_signer_certificate`,`Each PKCS#7 signer certificate must be a parseable X.509 certificate`)}let f;try{f=j(t.privateKey,t.signature)}catch{return W(`unsupported_signer_key`,`Unsupported signer key or signature profile`)}let _=J(t.privateKey);if(_===void 0)return W(`unsupported_signer_key`,`Unsupported signer key algorithm for content digest`);m.add(_.digestOid);let{setForSigning:y,implicitForEmit:b}=Y(s,new Uint8Array(await x().subtle.digest(_.hashName,v(c)))),S=await M(t.privateKey,f,y);h.push(u([r(1),u([g(d.issuer.derHex),n(g(d.serialNumberHex))]),u([a(_.digestOid),i()]),b,A(f),o(S)]))}for(let t of e.additionalCertificates??[])for(let e of G(t))p(e);let _=s===b.pkcs7Data?1:3,S=new Uint8Array(d(l));S[0]=160;let C=u([r(_),d([...m].map(e=>u([a(e),i()]))),u([a(s),t(0,o(c))]),S,d(h)]);return{ok:!0,value:u([a(b.pkcs7SignedData),t(0,C)])}}async function ee(e){let t=await I(e);return t.ok?{ok:!0,value:{der:t.value,pem:C(`PKCS7`,t.value),base64:S(t.value)}}:t}function L(e){let t=z(e);return t.ok?{ok:!0,value:t.value.certificates}:t}function R(e){try{let t=w(e).filter(e=>e.label===`PKCS7`);if(t.length!==1)return H(`malformed`,`Expected exactly one PKCS7 PEM block`);let n=t[0];return n===void 0?H(`malformed`,`Missing PKCS7 block`):L(n.bytes)}catch{return H(`malformed`,`Expected exactly one PKCS7 PEM block`)}}function z(e){try{let t=l(e,{maxDepth:64}),n=t[0],r=t[1];if(n===void 0||r===void 0||t.length!==2||n.tag!==6||r.tag!==160||f(e,r).length!==1)return H(`malformed`,`Malformed PKCS#7 content info`);let i=m(n.value);if(i!==b.pkcs7SignedData)return H(`not_signed_data`,`PKCS#7 content is not signedData`);let a=f(e,ae(e,r,0,`signedData`)),o=a[0],s=a[1],c=a[2],u=a.slice(3),d=u[u.length-1],h,g;for(let e of u.slice(0,-1)){if(e?.tag===160){if(g!==void 0)return H(`malformed`,`SignedData certificates field must precede CRLs field`);if(h!==void 0)return H(`malformed`,`SignedData certificates field must not repeat`);h=e;continue}if(e?.tag===161){if(g!==void 0)return H(`malformed`,`SignedData CRLs field must not repeat`);g=e;continue}return H(`malformed`,`Malformed SignedData optional field`)}if(o===void 0||s===void 0||c===void 0||d===void 0||d.tag!==49)return H(`malformed`,`Malformed SignedData`);let _=e.slice(c.start-c.headerLength,c.end),v=l(_),y=v[0],x=v[1],S=Z(e,s);return y===void 0?H(`malformed`,`Malformed EncapsulatedContentInfo`):{ok:!0,value:{der:new Uint8Array(e),contentTypeOid:i,version:p(o.value),digestAlgorithmOids:S,digestAlgorithmNames:S.map(e=>T(e)),encapsulatedContentTypeOid:m(y.value),...x===void 0?{}:{encapsulatedContent:te(_,x)},certificates:X(e,h),signerInfos:Q(e,d)}}}catch{return H(`malformed`,`Malformed PKCS#7 structure`)}}function B(e){try{let t=w(e).filter(e=>e.label===`PKCS7`),n=t[0];return n===void 0||t.length!==1?H(`malformed`,`Expected exactly one PKCS7 PEM block`):z(n.bytes)}catch{return H(`malformed`,`Expected exactly one PKCS7 PEM block`)}}async function V(e){let t;if(typeof e==`string`){let n=B(e);if(!n.ok)return n;t=n.value}else if(e instanceof Uint8Array){let n=z(e);if(!n.ok)return n;t=n.value}else{if(!fe(e))return U(`malformed`,`SignedData parsed input is malformed`);let n=z(new Uint8Array(e.der));if(!n.ok)return n;t=n.value}if(t.encapsulatedContent===void 0)return U(`content_missing`,`SignedData encapsulated content is missing`);for(let e of t.signerInfos){let n=t.certificates.find(t=>ue(t,e));if(n===void 0)return U(`signer_not_found`,`Signer certificate not found in SignedData certificates`);if(e.hasSignedAttrs){let r=await le(e,n,t.encapsulatedContent,t.encapsulatedContentTypeOid);if(!r.ok)return r;continue}let r;try{let i=await k(e.signatureAlgorithmOid,e.signatureAlgorithmParametersDer,n.publicKeyAlgorithmOid,n.publicKeyParametersOid,n.subjectPublicKeyInfoDer,e.signature,t.encapsulatedContent);if(!i.ok)return i.code===`verification_error`?U(`malformed`,`SignedData signature verification failed`):U(`malformed`,`Unsupported signature algorithm in SignedData`);r=i.valid}catch{return U(`malformed`,`Unsupported signature algorithm in SignedData`)}if(!r)return U(`signature_invalid`,`SignedData signature does not verify`)}return{ok:!0,value:t}}function H(e,t){return{ok:!1,error:{ok:!1,code:e,message:t},code:e,message:t}}function U(e,t){return{ok:!1,error:{ok:!1,code:e,message:t},code:e,message:t}}function W(e,t){return{ok:!1,error:{ok:!1,code:e,message:t},code:e,message:t}}function G(e){return typeof e==`string`?w(e).filter(e=>e.label===`CERTIFICATE`).map(e=>new Uint8Array(e.bytes)):[new Uint8Array(e)]}function K(e){return`hash`in e}function q(e){return`namedCurve`in e}function J(e){let t=e.algorithm;if(t.name===`ECDSA`){if(!q(t))return;switch(t.namedCurve){case`P-256`:return{hashName:`SHA-256`,digestOid:b.sha256};case`P-384`:return{hashName:`SHA-384`,digestOid:b.sha384};case`P-521`:return{hashName:`SHA-512`,digestOid:b.sha512};default:return}}if(t.name===`RSASSA-PKCS1-v1_5`||t.name===`RSA-PSS`){if(!K(t))return;switch(t.hash.name){case`SHA-256`:return{hashName:`SHA-256`,digestOid:b.sha256};case`SHA-384`:return{hashName:`SHA-384`,digestOid:b.sha384};case`SHA-512`:return{hashName:`SHA-512`,digestOid:b.sha512};default:return}}if(t.name===`Ed25519`)return{hashName:`SHA-512`,digestOid:b.sha512}}function Y(e,t){let n=d([u([a(b.cmsContentType),d([a(e)])]),u([a(b.cmsMessageDigest),d([o(t)])])]),r=new Uint8Array(n);return r[0]=160,{setForSigning:n,implicitForEmit:r}}function X(e,t){if(t===void 0||t.tag!==160)return[];let n=[],r=t.start;for(;r<t.end;){let t=s(e,r);n.push(O(e.slice(r,t.end))),r=t.end}return n}function Z(e,t){let n=[];if(t.tag!==49)throw Error(`digestAlgorithms must use SET`);for(let r of f(e,t)){if(r.tag!==48)throw Error(`digestAlgorithm must use AlgorithmIdentifier SEQUENCE`);let t=l(e.slice(r.start-r.headerLength,r.end)),i=t[0];if(i===void 0||t.length<1||t.length>2||i.tag!==6)throw Error(`Malformed digest AlgorithmIdentifier`);n.push(m(i.value))}return n}function Q(e,t){let n=[];for(let r of f(e,t)){let t=e.slice(r.start-r.headerLength,r.end),i=l(t),a=i[0],o=i[1],s=i[2],c=3,u=i[c]?.tag===160?i[c]:void 0,d=u!==void 0;d&&(c+=1);let f=i[c],h=i[c+1],g=i[c+2];if(a===void 0||o===void 0||s===void 0||f===void 0||h===void 0||h.tag!==4||i.length>c+3||g!==void 0&&g.tag!==161)throw Error(`Malformed SignerInfo`);let v=m(_(l(t.slice(s.start-s.headerLength,s.end))[0],`digest algorithm OID`).value),b=t.slice(f.start-f.headerLength,f.end),x=l(b),S=m(_(x[0],`signature algorithm OID`).value),C=x[1],w=ne(t.slice(o.start-o.headerLength,o.end));n.push({version:p(a.value),...w.issuer===void 0?{}:{issuer:w.issuer},...w.serialNumberHex===void 0?{}:{serialNumberHex:w.serialNumberHex},...w.subjectKeyIdentifier===void 0?{}:{subjectKeyIdentifier:w.subjectKeyIdentifier},digestAlgorithmOid:v,digestAlgorithmName:T(v),signatureAlgorithmOid:S,signatureAlgorithmName:E(S,C===void 0?void 0:new Uint8Array(b.slice(C.start-C.headerLength,C.end))),...C===void 0?{}:{signatureAlgorithmParametersDer:new Uint8Array(b.slice(C.start-C.headerLength,C.end))},signatureHex:y(h.value),signature:new Uint8Array(h.value),hasSignedAttrs:d,...u===void 0?{}:{signedAttrsDer:new Uint8Array(t.slice(u.start-u.headerLength,u.end))}})}return n}function te(e,t){if(t.tag!==160)throw Error(`Unexpected encapsulated content tag`);let n=s(e,t.start);if(n.tag!==4)throw Error(`Expected encapsulated OCTET STRING`);return n.value}function ne(e){let t=c(e,{maxDepth:64});if(t.tag===128){if(t.value.length===0)throw Error(`SignerIdentifier subjectKeyIdentifier must not be empty`);return{subjectKeyIdentifier:y(t.value)}}if(t.tag===48){let t=l(e),n=t[0],r=t[1];if(n===void 0||r===void 0||t.length!==2)throw Error(`SignerIdentifier issuerAndSerialNumber is malformed`);if(n.tag!==48)throw Error(`SignerIdentifier issuer must use Name SEQUENCE`);if(r.tag!==2)throw Error(`SignerIdentifier serialNumber must use INTEGER`);return pe(r.value,`SignerIdentifier serialNumber`),{issuer:ie(e,n),serialNumberHex:y(r.value)}}throw Error(`Unsupported SignerIdentifier tag: ${String(t.tag)}`)}const re=new TextDecoder;function ie(e,t){let n=y(e.slice(t.start-t.headerLength,t.end)),r=[],i=[],a={};for(let n of f(e,t)){let t=[],o={};for(let r of f(e,n)){let n=f(e,r),s=_(n[0],`signer issuer attribute OID`),c=_(n[1],`signer issuer attribute value`),l=m(s.value),u;try{u=h(c.tag,c.value)}catch{u=re.decode(c.value)}let d=D(l),p=d===void 0?{oid:l,valueTag:c.tag,value:u}:{oid:l,key:d,valueTag:c.tag,value:u};t.push(p),i.push(p),d!==void 0&&(o[d]===void 0&&(o[d]=u),a[d]===void 0&&(a[d]=u))}r.push({derHex:y(e.slice(n.start-n.headerLength,n.end)),attributes:t,values:o})}return{derHex:n,rdns:r,attributes:i,values:a}}function ae(e,t,n,r){let i=t.start,a=0;for(;i<t.end;){let t=s(e,i);if(a===n)return t;i=t.end,a+=1}throw Error(`Missing ${r}`)}function oe(e){switch(e){case b.sha256:return`SHA-256`;case b.sha384:return`SHA-384`;case b.sha512:return`SHA-512`;default:throw Error(`Unsupported digest algorithm OID: ${e}`)}}function $(e){let t=s(e),n,r;for(let i of f(e,t)){let t=e.slice(i.start-i.headerLength,i.end),a=l(t),o=a[0],s=a[1];if(o===void 0||s===void 0||a.length!==2||s.tag!==49)throw Error(`Malformed signedAttrs attribute`);let c=m(o.value),u=f(t,s);if(c===b.cmsMessageDigest){if(n!==void 0||u.length!==1)throw Error(`messageDigest attribute must appear exactly once with one value`);let e=u[0];if(e===void 0||e.tag!==4)throw Error(`messageDigest attribute value must use OCTET STRING`);n=e.value;continue}if(c===b.cmsContentType){if(r!==void 0||u.length!==1)throw Error(`contentType attribute must appear exactly once with one value`);let e=u[0];if(e===void 0||e.tag!==6)throw Error(`contentType attribute value must use OBJECT IDENTIFIER`);r=m(e.value)}}if(n===void 0)throw Error(`Missing messageDigest attribute in signedAttrs`);if(r===void 0)throw Error(`Missing contentType attribute in signedAttrs`);return{messageDigest:n,contentTypeOid:r}}function se(e){let t=new Uint8Array(e);return t[0]=49,t}function ce(e,t){if(e.length!==t.length)return!1;let n=0;for(let r=0;r<e.length;r+=1)n|=(e[r]??0)^(t[r]??0);return n===0}async function le(e,t,n,r){if(e.signedAttrsDer===void 0)return U(`malformed`,`Missing signedAttrs DER`);let i;try{de(e.signedAttrsDer),i=$(e.signedAttrsDer)}catch{return U(`malformed`,`Malformed signedAttrs in SignedData`)}if(i.contentTypeOid!==r)return U(`malformed`,`SignedData contentType attribute does not match`);let a;try{let t=oe(e.digestAlgorithmOid);a=new Uint8Array(await x().subtle.digest(t,v(n)))}catch{return U(`malformed`,`Unsupported digest algorithm in SignedData`)}if(!ce(a,i.messageDigest))return U(`message_digest_mismatch`,`Content digest does not match messageDigest attribute`);let o;try{o=se(e.signedAttrsDer)}catch{return U(`malformed`,`Malformed signedAttrs in SignedData`)}let s;try{let n=await k(e.signatureAlgorithmOid,e.signatureAlgorithmParametersDer,t.publicKeyAlgorithmOid,t.publicKeyParametersOid,t.subjectPublicKeyInfoDer,e.signature,o);if(!n.ok)return n.code===`verification_error`?U(`malformed`,`SignedData signature verification failed`):U(`malformed`,`Unsupported signature algorithm in SignedData`);s=n.valid}catch{return U(`malformed`,`Unsupported signature algorithm in SignedData`)}return s?{ok:!0}:U(`signature_invalid`,`SignedData signature over signedAttrs does not verify`)}function ue(e,t){return t.issuer!==void 0||t.serialNumberHex!==void 0?t.issuer!==void 0&&t.serialNumberHex!==void 0&&e.serialNumberHex===t.serialNumberHex&&N(e.issuer,t.issuer):t.subjectKeyIdentifier!==void 0&&e.subjectKeyIdentifier===t.subjectKeyIdentifier}function de(e){if(s(e).tag!==160)throw Error(`signedAttrs must use IMPLICIT [0] tag`)}function fe(e){return`der`in e&&e.der instanceof Uint8Array}function pe(e,t){let n=e[0];if(n===void 0)throw Error(`${t} must not be empty`);if(n&128)throw Error(`${t} must be non-negative`);if(e.length>1&&n===0&&!((e[1]??0)&128))throw Error(`${t} must use minimal encoding`)}export{P as createPkcs7CertBagDer,F as createPkcs7CertBagPem,I as createPkcs7SignedDataDer,ee as createPkcs7SignedDataPem,L as parsePkcs7CertBagDer,R as parsePkcs7CertBagPem,z as parsePkcs7SignedDataDer,B as parsePkcs7SignedDataPem,V as verifyPkcs7SignedData};
|
|
2
2
|
//# sourceMappingURL=pkcs7.js.map
|
package/dist/pkcs/pkcs7.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"pkcs7.js","names":[],"sources":["../../src/pkcs/pkcs7.ts"],"sourcesContent":["/**\n * PKCS#7/CMS certificate bags and SignedData.\n *\n * Creates degenerate (signature-less) certificate bags, parses RFC 2315 / RFC 5652\n * SignedData structures, and verifies signer signatures including signed-attribute flows.\n *\n * @module\n */\n\nimport {\n\tchildrenOf,\n\tdecodeIntegerNumber,\n\tdecodeObjectIdentifier,\n\tdecodeString,\n\trequireElement,\n\ttoArrayBuffer,\n\ttoHex,\n} from '#micro509/internal/asn1/asn1.ts';\nimport type { DerElement } from '#micro509/internal/asn1/der.ts';\nimport {\n\tconcatBytes,\n\tDEFAULT_MAX_DER_DEPTH,\n\texplicitContext,\n\tintegerFromNumber,\n\tobjectIdentifier,\n\treadElement,\n\treadRootElement,\n\treadSequenceChildren,\n\tsequence,\n\tsetOf,\n} from '#micro509/internal/asn1/der.ts';\nimport { OIDS } from '#micro509/internal/asn1/oids.ts';\nimport {\n\tdescribeHashAlgorithm,\n\tdescribeSignatureAlgorithm,\n} from '#micro509/internal/crypto/algorithm-names.ts';\nimport { verifySignedDataDetailed } from '#micro509/internal/crypto/sig-verify.ts';\nimport { getCrypto } from '#micro509/internal/crypto/webcrypto.ts';\nimport { base64Encode } from '#micro509/internal/shared/base64.ts';\nimport { compareDistinguishedNames } from '#micro509/internal/shared/dn.ts';\nimport { pemEncode, splitPemBlocks } from '#micro509/pem/pem.ts';\nimport type { ErrorResult, Micro509Error } from '#micro509/result/result.ts';\nimport { type NameFieldKey, nameFieldKeyFromOid } from '#micro509/x509/name.ts';\nimport type {\n\tParsedCertificate,\n\tParsedName,\n\tParsedNameAttribute,\n\tParsedRelativeDistinguishedName,\n} from '#micro509/x509/parse.ts';\nimport { parseCertificateDer } from '#micro509/x509/parse.ts';\n\n/** PEM text (may contain multiple CERTIFICATE blocks) or raw DER bytes. */\nexport type Pkcs7CertificateSource = string | Uint8Array;\n\n/** DER, PEM, and base64 encodings of a PKCS#7 certificate bag. */\nexport interface Pkcs7CertBag {\n\t/** Raw DER-encoded PKCS#7 structure. */\n\treadonly der: Uint8Array;\n\t/** PEM-armored PKCS#7 (`-----BEGIN PKCS7-----`). */\n\treadonly pem: string;\n\t/** Base64-encoded DER (no PEM armor). */\n\treadonly base64: string;\n}\n\n/** A single SignerInfo decoded from a PKCS#7 SignedData structure. */\nexport interface ParsedPkcs7SignerInfo {\n\t/** CMS SignerInfo version (typically 1 for issuerAndSerialNumber). */\n\treadonly version: number;\n\t/** Parsed issuer distinguished name, if present (issuerAndSerialNumber signer identifier). */\n\treadonly issuer?: ParsedName;\n\t/** Hex-encoded serial number used to locate the signer certificate, if present. */\n\treadonly serialNumberHex?: string;\n\t/** Hex-encoded SubjectKeyIdentifier used to locate the signer certificate, if present. */\n\treadonly subjectKeyIdentifier?: string;\n\t/** OID of the digest algorithm used to hash the content. */\n\treadonly digestAlgorithmOid: string;\n\t/** Human-readable digest algorithm name (e.g. `\"SHA-256\"`). */\n\treadonly digestAlgorithmName: string;\n\t/** OID of the algorithm used to produce the signature. */\n\treadonly signatureAlgorithmOid: string;\n\t/** Human-readable signature algorithm name. */\n\treadonly signatureAlgorithmName: string;\n\t/** Raw DER of the signature AlgorithmIdentifier parameters, if present. */\n\treadonly signatureAlgorithmParametersDer?: Uint8Array;\n\t/** Hex-encoded raw signature bytes. */\n\treadonly signatureHex: string;\n\t/** Raw signature bytes. */\n\treadonly signature: Uint8Array;\n\t/** Whether this SignerInfo includes authenticated (signed) attributes. */\n\treadonly hasSignedAttrs: boolean;\n\t/** Raw DER of signedAttrs with original IMPLICIT [0] tag (0xa0). Present only when `hasSignedAttrs` is true. */\n\treadonly signedAttrsDer?: Uint8Array;\n}\n\n/** Decoded PKCS#7 SignedData content, including certificates and signer info. */\nexport interface ParsedPkcs7SignedData {\n\t/** Original DER bytes when this object came from {@linkcode parsePkcs7SignedDataDer} or PEM parsing. */\n\treadonly der?: Uint8Array;\n\t/** Outer ContentInfo type OID (always `pkcs7-signedData`). */\n\treadonly contentTypeOid: string;\n\t/** SignedData version number. */\n\treadonly version: number;\n\t/** OIDs of digest algorithms declared in `digestAlgorithms`. */\n\treadonly digestAlgorithmOids: readonly string[];\n\t/** Human-readable digest algorithm names declared in `digestAlgorithms`. */\n\treadonly digestAlgorithmNames: readonly string[];\n\t/** OID of the encapsulated content type (e.g. `pkcs7-data`). */\n\treadonly encapsulatedContentTypeOid: string;\n\t/** Raw encapsulated content bytes. Absent in degenerate (certs-only) bags. */\n\treadonly encapsulatedContent?: Uint8Array;\n\t/** Certificates included in the SignedData certificate set. */\n\treadonly certificates: readonly ParsedCertificate[];\n\t/** Decoded signer info entries. Empty for degenerate cert bags. */\n\treadonly signerInfos: readonly ParsedPkcs7SignerInfo[];\n}\n\n// ---------------------------------------------------------------------------\n// Result types for PKCS#7 parsing\n// ---------------------------------------------------------------------------\n\n/** Error codes for PKCS#7 parse failures. */\nexport type ParsePkcs7ErrorCode = 'malformed' | 'not_signed_data';\n\n/** Error payload for a failed PKCS#7 parse. */\nexport interface ParsePkcs7Failure extends Micro509Error<ParsePkcs7ErrorCode> {\n\t/** Always `false` for failures. */\n\treadonly ok: false;\n}\n\n/** Success-or-failure result from {@linkcode parsePkcs7SignedDataDer} / {@linkcode parsePkcs7SignedDataPem}. */\nexport type ParsePkcs7SignedDataResult =\n\t| {\n\t\t\t/** Parse succeeded. */\n\t\t\treadonly ok: true;\n\t\t\t/** Decoded SignedData. */\n\t\t\treadonly value: ParsedPkcs7SignedData;\n\t }\n\t| ErrorResult<ParsePkcs7ErrorCode, Record<never, never>, ParsePkcs7Failure>;\n\n/** Success-or-failure result from {@linkcode parsePkcs7CertBagDer} / {@linkcode parsePkcs7CertBagPem}. */\nexport type ParsePkcs7CertBagResult =\n\t| {\n\t\t\t/** Parse succeeded. */\n\t\t\treadonly ok: true;\n\t\t\t/** Parsed certificates from the cert bag. */\n\t\t\treadonly value: readonly ParsedCertificate[];\n\t }\n\t| ErrorResult<ParsePkcs7ErrorCode, Record<never, never>, ParsePkcs7Failure>;\n\n/** Error payload for a failed {@linkcode verifyPkcs7SignedData} call. */\nexport interface VerifyPkcs7SignedDataFailure\n\textends Micro509Error<\n\t\t| 'signer_not_found'\n\t\t| 'signature_invalid'\n\t\t| 'message_digest_mismatch'\n\t\t| 'content_missing'\n\t\t| ParsePkcs7ErrorCode\n\t> {\n\t/** Always `false` for failures. */\n\treadonly ok: false;\n}\n\n/** Success-or-failure result from {@linkcode verifyPkcs7SignedData}. */\nexport type VerifyPkcs7SignedDataResult =\n\t| {\n\t\t\t/** Verification succeeded. */\n\t\t\treadonly ok: true;\n\t\t\t/** The verified SignedData structure. */\n\t\t\treadonly value: ParsedPkcs7SignedData;\n\t }\n\t| ErrorResult<\n\t\t\t| 'signer_not_found'\n\t\t\t| 'signature_invalid'\n\t\t\t| 'message_digest_mismatch'\n\t\t\t| 'content_missing'\n\t\t\t| ParsePkcs7ErrorCode,\n\t\t\tRecord<never, never>,\n\t\t\tVerifyPkcs7SignedDataFailure\n\t >;\n\n// ---------------------------------------------------------------------------\n// createPkcs7CertBag\n// ---------------------------------------------------------------------------\n\n/**\n * Creates a degenerate PKCS#7 SignedData structure containing only certificates (no signers).\n *\n * Returns the raw DER encoding. Use {@linkcode createPkcs7CertBagPem} for PEM + base64.\n */\nexport function createPkcs7CertBagDer(certificates: readonly Pkcs7CertificateSource[]): Uint8Array {\n\tconst certificateDers = certificates.flatMap(normalizeCertificateSource);\n\tconst signedData = sequence([\n\t\tintegerFromNumber(1),\n\t\tsetOf([]),\n\t\tsequence([objectIdentifier(OIDS.pkcs7Data)]),\n\t\texplicitContext(0, concatBytes(certificateDers)),\n\t\tsetOf([]),\n\t]);\n\treturn sequence([objectIdentifier(OIDS.pkcs7SignedData), explicitContext(0, signedData)]);\n}\n\n/**\n * Creates a degenerate PKCS#7 SignedData certificate bag and returns DER, PEM, and base64 forms.\n */\nexport function createPkcs7CertBagPem(\n\tcertificates: readonly Pkcs7CertificateSource[],\n): Pkcs7CertBag {\n\tconst der = createPkcs7CertBagDer(certificates);\n\treturn {\n\t\tder,\n\t\tpem: pemEncode('PKCS7', der),\n\t\tbase64: base64Encode(der),\n\t};\n}\n\n// ---------------------------------------------------------------------------\n// parsePkcs7CertBag — Result-returning\n// ---------------------------------------------------------------------------\n\n/** Parses a DER-encoded PKCS#7 cert bag, returning the contained certificates. */\nexport function parsePkcs7CertBagDer(der: Uint8Array): ParsePkcs7CertBagResult {\n\tconst result = parsePkcs7SignedDataDer(der);\n\tif (!result.ok) {\n\t\treturn result;\n\t}\n\treturn { ok: true, value: result.value.certificates };\n}\n\n/** Parses a PEM-armored PKCS#7 cert bag. Expects exactly one `PKCS7` PEM block. */\nexport function parsePkcs7CertBagPem(pem: string): ParsePkcs7CertBagResult {\n\ttry {\n\t\tconst blocks = splitPemBlocks(pem).filter((block) => block.label === 'PKCS7');\n\t\tif (blocks.length !== 1) {\n\t\t\treturn pkcs7Failure('malformed', 'Expected exactly one PKCS7 PEM block');\n\t\t}\n\t\tconst block = blocks[0];\n\t\tif (block === undefined) {\n\t\t\treturn pkcs7Failure('malformed', 'Missing PKCS7 block');\n\t\t}\n\t\treturn parsePkcs7CertBagDer(block.bytes);\n\t} catch {\n\t\treturn pkcs7Failure('malformed', 'Expected exactly one PKCS7 PEM block');\n\t}\n}\n\n// ---------------------------------------------------------------------------\n// parsePkcs7SignedData — Result-returning\n// ---------------------------------------------------------------------------\n\n/** Decodes a DER-encoded PKCS#7 ContentInfo expecting `signedData` content type. */\nexport function parsePkcs7SignedDataDer(der: Uint8Array): ParsePkcs7SignedDataResult {\n\ttry {\n\t\tconst contentInfo = readSequenceChildren(der, { maxDepth: DEFAULT_MAX_DER_DEPTH });\n\t\tconst contentType = contentInfo[0];\n\t\tconst content = contentInfo[1];\n\t\tif (\n\t\t\tcontentType === undefined ||\n\t\t\tcontent === undefined ||\n\t\t\tcontentInfo.length !== 2 ||\n\t\t\tcontentType.tag !== 0x06 ||\n\t\t\tcontent.tag !== 0xa0\n\t\t) {\n\t\t\treturn pkcs7Failure('malformed', 'Malformed PKCS#7 content info');\n\t\t}\n\t\tif (childrenOf(der, content).length !== 1) {\n\t\t\treturn pkcs7Failure('malformed', 'Malformed PKCS#7 content info');\n\t\t}\n\t\tconst contentTypeOid = decodeObjectIdentifier(contentType.value);\n\t\tif (contentTypeOid !== OIDS.pkcs7SignedData) {\n\t\t\treturn pkcs7Failure('not_signed_data', 'PKCS#7 content is not signedData');\n\t\t}\n\t\tconst signedData = childAt(der, content, 0, 'signedData');\n\t\tconst signedDataChildren = childrenOf(der, signedData);\n\t\tconst version = signedDataChildren[0];\n\t\tconst digestAlgorithms = signedDataChildren[1];\n\t\tconst encapContentInfo = signedDataChildren[2];\n\t\tconst trailingChildren = signedDataChildren.slice(3);\n\t\tconst signerInfos = trailingChildren[trailingChildren.length - 1];\n\t\tlet certificates: ReturnType<typeof readElement> | undefined;\n\t\tlet crls: ReturnType<typeof readElement> | undefined;\n\t\tfor (const child of trailingChildren.slice(0, -1)) {\n\t\t\tif (child?.tag === 0xa0) {\n\t\t\t\tif (crls !== undefined) {\n\t\t\t\t\treturn pkcs7Failure('malformed', 'SignedData certificates field must precede CRLs field');\n\t\t\t\t}\n\t\t\t\tif (certificates !== undefined) {\n\t\t\t\t\treturn pkcs7Failure('malformed', 'SignedData certificates field must not repeat');\n\t\t\t\t}\n\t\t\t\tcertificates = child;\n\t\t\t\tcontinue;\n\t\t\t}\n\t\t\tif (child?.tag === 0xa1) {\n\t\t\t\tif (crls !== undefined) {\n\t\t\t\t\treturn pkcs7Failure('malformed', 'SignedData CRLs field must not repeat');\n\t\t\t\t}\n\t\t\t\tcrls = child;\n\t\t\t\tcontinue;\n\t\t\t}\n\t\t\treturn pkcs7Failure('malformed', 'Malformed SignedData optional field');\n\t\t}\n\t\tif (\n\t\t\tversion === undefined ||\n\t\t\tdigestAlgorithms === undefined ||\n\t\t\tencapContentInfo === undefined ||\n\t\t\tsignerInfos === undefined ||\n\t\t\tsignerInfos.tag !== 0x31\n\t\t) {\n\t\t\treturn pkcs7Failure('malformed', 'Malformed SignedData');\n\t\t}\n\t\tconst encapDer = der.slice(\n\t\t\tencapContentInfo.start - encapContentInfo.headerLength,\n\t\t\tencapContentInfo.end,\n\t\t);\n\t\tconst encapChildren = readSequenceChildren(encapDer);\n\t\tconst encapType = encapChildren[0];\n\t\tconst encapContent = encapChildren[1];\n\t\tconst digestAlgorithmOids = parseDigestAlgorithms(der, digestAlgorithms);\n\t\tif (encapType === undefined) {\n\t\t\treturn pkcs7Failure('malformed', 'Malformed EncapsulatedContentInfo');\n\t\t}\n\t\treturn {\n\t\t\tok: true,\n\t\t\tvalue: {\n\t\t\t\tder: new Uint8Array(der),\n\t\t\t\tcontentTypeOid,\n\t\t\t\tversion: decodeIntegerNumber(version.value),\n\t\t\t\tdigestAlgorithmOids,\n\t\t\t\tdigestAlgorithmNames: digestAlgorithmOids.map((oid) => describeHashAlgorithm(oid)),\n\t\t\t\tencapsulatedContentTypeOid: decodeObjectIdentifier(encapType.value),\n\t\t\t\t...(encapContent === undefined\n\t\t\t\t\t? {}\n\t\t\t\t\t: {\n\t\t\t\t\t\t\tencapsulatedContent: extractEncapsulatedContent(encapDer, encapContent),\n\t\t\t\t\t\t}),\n\t\t\t\tcertificates: parseCertificateSet(der, certificates),\n\t\t\t\tsignerInfos: parseSignerInfos(der, signerInfos),\n\t\t\t},\n\t\t};\n\t} catch {\n\t\treturn pkcs7Failure('malformed', 'Malformed PKCS#7 structure');\n\t}\n}\n\n/** Decodes a PEM-armored PKCS#7 SignedData. Expects exactly one `PKCS7` PEM block. */\nexport function parsePkcs7SignedDataPem(pem: string): ParsePkcs7SignedDataResult {\n\ttry {\n\t\tconst blocks = splitPemBlocks(pem).filter((block) => block.label === 'PKCS7');\n\t\tconst block = blocks[0];\n\t\tif (block === undefined || blocks.length !== 1) {\n\t\t\treturn pkcs7Failure('malformed', 'Expected exactly one PKCS7 PEM block');\n\t\t}\n\t\treturn parsePkcs7SignedDataDer(block.bytes);\n\t} catch {\n\t\treturn pkcs7Failure('malformed', 'Expected exactly one PKCS7 PEM block');\n\t}\n}\n\n// ---------------------------------------------------------------------------\n// verifyPkcs7SignedData\n// ---------------------------------------------------------------------------\n\n/**\n * Verifies all signer signatures in a PKCS#7 SignedData structure.\n *\n * Accepts PEM text, raw DER, or an already-parsed {@linkcode ParsedPkcs7SignedData}.\n * For each signer, locates the matching certificate in the embedded set and\n * verifies the signature (including signed-attribute digest checks per RFC 5652 Section 5.4).\n *\n * @example\n * ```ts\n * import { verifyPkcs7SignedData } from 'micro509';\n *\n * const result = await verifyPkcs7SignedData(pkcs7Pem);\n * if (result.ok) {\n * console.log('all signers verified');\n * }\n * ```\n */\nexport async function verifyPkcs7SignedData(\n\tinput: string | Uint8Array | ParsedPkcs7SignedData,\n): Promise<VerifyPkcs7SignedDataResult> {\n\tlet parsed: ParsedPkcs7SignedData;\n\tif (typeof input === 'string') {\n\t\tconst result = parsePkcs7SignedDataPem(input);\n\t\tif (!result.ok) {\n\t\t\treturn result;\n\t\t}\n\t\tparsed = result.value;\n\t} else if (input instanceof Uint8Array) {\n\t\tconst result = parsePkcs7SignedDataDer(input);\n\t\tif (!result.ok) {\n\t\t\treturn result;\n\t\t}\n\t\tparsed = result.value;\n\t} else {\n\t\tif (!hasReparseablePkcs7SignedData(input)) {\n\t\t\treturn verifyPkcs7Failure('malformed', 'SignedData parsed input is malformed');\n\t\t}\n\t\tconst result = parsePkcs7SignedDataDer(new Uint8Array(input.der));\n\t\tif (!result.ok) {\n\t\t\treturn result;\n\t\t}\n\t\tparsed = result.value;\n\t}\n\tif (parsed.encapsulatedContent === undefined) {\n\t\treturn verifyPkcs7Failure('content_missing', 'SignedData encapsulated content is missing');\n\t}\n\tfor (const signerInfo of parsed.signerInfos) {\n\t\tconst signer = parsed.certificates.find((certificate) =>\n\t\t\tsignerIdentifierMatches(certificate, signerInfo),\n\t\t);\n\t\tif (signer === undefined) {\n\t\t\treturn verifyPkcs7Failure(\n\t\t\t\t'signer_not_found',\n\t\t\t\t'Signer certificate not found in SignedData certificates',\n\t\t\t);\n\t\t}\n\t\tif (signerInfo.hasSignedAttrs) {\n\t\t\tconst attrsResult = await verifySignedAttrs(\n\t\t\t\tsignerInfo,\n\t\t\t\tsigner,\n\t\t\t\tparsed.encapsulatedContent,\n\t\t\t\tparsed.encapsulatedContentTypeOid,\n\t\t\t);\n\t\t\tif (!attrsResult.ok) {\n\t\t\t\treturn attrsResult;\n\t\t\t}\n\t\t\tcontinue;\n\t\t}\n\t\tlet verified: boolean;\n\t\ttry {\n\t\t\tconst verificationResult = await verifySignedDataDetailed(\n\t\t\t\tsignerInfo.signatureAlgorithmOid,\n\t\t\t\tsignerInfo.signatureAlgorithmParametersDer,\n\t\t\t\tsigner.publicKeyAlgorithmOid,\n\t\t\t\tsigner.publicKeyParametersOid,\n\t\t\t\tsigner.subjectPublicKeyInfoDer,\n\t\t\t\tsignerInfo.signature,\n\t\t\t\tparsed.encapsulatedContent,\n\t\t\t);\n\t\t\tif (!verificationResult.ok) {\n\t\t\t\tif (verificationResult.code === 'verification_error') {\n\t\t\t\t\treturn verifyPkcs7Failure('malformed', 'SignedData signature verification failed');\n\t\t\t\t}\n\t\t\t\treturn verifyPkcs7Failure('malformed', 'Unsupported signature algorithm in SignedData');\n\t\t\t}\n\t\t\tverified = verificationResult.valid;\n\t\t} catch {\n\t\t\treturn verifyPkcs7Failure('malformed', 'Unsupported signature algorithm in SignedData');\n\t\t}\n\t\tif (!verified) {\n\t\t\treturn verifyPkcs7Failure('signature_invalid', 'SignedData signature does not verify');\n\t\t}\n\t}\n\treturn { ok: true, value: parsed };\n}\n\n// ---------------------------------------------------------------------------\n// Private helpers\n// ---------------------------------------------------------------------------\n\n/** Shorthand for constructing a PKCS#7 parse failure result. */\nfunction pkcs7Failure(\n\tcode: ParsePkcs7ErrorCode,\n\tmessage: string,\n): ErrorResult<ParsePkcs7ErrorCode, Record<never, never>, ParsePkcs7Failure> {\n\tconst error: ParsePkcs7Failure = { ok: false, code, message };\n\treturn { ok: false, error, code, message };\n}\n\n/** Shorthand for constructing a PKCS#7 verification failure result. */\nfunction verifyPkcs7Failure(\n\tcode:\n\t\t| 'signer_not_found'\n\t\t| 'signature_invalid'\n\t\t| 'message_digest_mismatch'\n\t\t| 'content_missing'\n\t\t| ParsePkcs7ErrorCode,\n\tmessage: string,\n): ErrorResult<\n\t| 'signer_not_found'\n\t| 'signature_invalid'\n\t| 'message_digest_mismatch'\n\t| 'content_missing'\n\t| ParsePkcs7ErrorCode,\n\tRecord<never, never>,\n\tVerifyPkcs7SignedDataFailure\n> {\n\tconst error: VerifyPkcs7SignedDataFailure = { ok: false, code, message };\n\treturn { ok: false, error, code, message };\n}\n\n/** Converts PEM text to an array of DER certificate blobs, or wraps raw DER. */\nfunction normalizeCertificateSource(source: Pkcs7CertificateSource): readonly Uint8Array[] {\n\tif (typeof source === 'string') {\n\t\treturn splitPemBlocks(source)\n\t\t\t.filter((block) => block.label === 'CERTIFICATE')\n\t\t\t.map((block) => new Uint8Array(block.bytes));\n\t}\n\treturn [new Uint8Array(source)];\n}\n\n/** Parses the IMPLICIT [0] certificate set from a SignedData structure. */\nfunction parseCertificateSet(\n\tsource: Uint8Array,\n\tcertificates: ReturnType<typeof readElement> | undefined,\n): readonly ParsedCertificate[] {\n\tif (certificates === undefined || certificates.tag !== 0xa0) {\n\t\treturn [];\n\t}\n\tconst parsed: ParsedCertificate[] = [];\n\tlet offset = certificates.start;\n\twhile (offset < certificates.end) {\n\t\tconst element = readElement(source, offset);\n\t\tparsed.push(parseCertificateDer(source.slice(offset, element.end)));\n\t\toffset = element.end;\n\t}\n\treturn parsed;\n}\n\n/** Extracts the list of digest algorithm OIDs from the digestAlgorithms SET. */\nfunction parseDigestAlgorithms(\n\tsource: Uint8Array,\n\telement: ReturnType<typeof readElement>,\n): readonly string[] {\n\tconst digests: string[] = [];\n\tif (element.tag !== 0x31) {\n\t\tthrow new Error('digestAlgorithms must use SET');\n\t}\n\tfor (const child of childrenOf(source, element)) {\n\t\tif (child.tag !== 0x30) {\n\t\t\tthrow new Error('digestAlgorithm must use AlgorithmIdentifier SEQUENCE');\n\t\t}\n\t\tconst childDer = source.slice(child.start - child.headerLength, child.end);\n\t\tconst parts = readSequenceChildren(childDer);\n\t\tconst oid = parts[0];\n\t\tif (oid === undefined || parts.length < 1 || parts.length > 2 || oid.tag !== 0x06) {\n\t\t\tthrow new Error('Malformed digest AlgorithmIdentifier');\n\t\t}\n\t\tdigests.push(decodeObjectIdentifier(oid.value));\n\t}\n\treturn digests;\n}\n\n/** Decodes the signerInfos SET OF from a SignedData structure. */\nfunction parseSignerInfos(\n\tsource: Uint8Array,\n\telement: ReturnType<typeof readElement>,\n): readonly ParsedPkcs7SignerInfo[] {\n\tconst signers: ParsedPkcs7SignerInfo[] = [];\n\tfor (const signerInfo of childrenOf(source, element)) {\n\t\tconst signerDer = source.slice(signerInfo.start - signerInfo.headerLength, signerInfo.end);\n\t\tconst parts = readSequenceChildren(signerDer);\n\t\tconst version = parts[0];\n\t\tconst sid = parts[1];\n\t\tconst digestAlgorithm = parts[2];\n\t\tlet index = 3;\n\t\tconst signedAttrsElement = parts[index]?.tag === 0xa0 ? parts[index] : undefined;\n\t\tconst hasSignedAttrs = signedAttrsElement !== undefined;\n\t\tif (hasSignedAttrs) {\n\t\t\tindex += 1;\n\t\t}\n\t\tconst signatureAlgorithm = parts[index];\n\t\tconst signature = parts[index + 1];\n\t\tconst unauthenticatedAttributes = parts[index + 2];\n\t\tif (\n\t\t\tversion === undefined ||\n\t\t\tsid === undefined ||\n\t\t\tdigestAlgorithm === undefined ||\n\t\t\tsignatureAlgorithm === undefined ||\n\t\t\tsignature === undefined ||\n\t\t\tsignature.tag !== 0x04 ||\n\t\t\tparts.length > index + 3 ||\n\t\t\t(unauthenticatedAttributes !== undefined && unauthenticatedAttributes.tag !== 0xa1)\n\t\t) {\n\t\t\tthrow new Error('Malformed SignerInfo');\n\t\t}\n\t\tconst digestAlgorithmDer = signerDer.slice(\n\t\t\tdigestAlgorithm.start - digestAlgorithm.headerLength,\n\t\t\tdigestAlgorithm.end,\n\t\t);\n\t\tconst digestAlgorithmOid = decodeObjectIdentifier(\n\t\t\trequireElement(readSequenceChildren(digestAlgorithmDer)[0], 'digest algorithm OID').value,\n\t\t);\n\t\tconst signatureAlgorithmDer = signerDer.slice(\n\t\t\tsignatureAlgorithm.start - signatureAlgorithm.headerLength,\n\t\t\tsignatureAlgorithm.end,\n\t\t);\n\t\tconst signatureAlgorithmChildren = readSequenceChildren(signatureAlgorithmDer);\n\t\tconst signatureAlgorithmOid = decodeObjectIdentifier(\n\t\t\trequireElement(signatureAlgorithmChildren[0], 'signature algorithm OID').value,\n\t\t);\n\t\tconst signatureAlgorithmParams = signatureAlgorithmChildren[1];\n\t\tconst parsedSid = parseSignerIdentifier(signerDer.slice(sid.start - sid.headerLength, sid.end));\n\t\tsigners.push({\n\t\t\tversion: decodeIntegerNumber(version.value),\n\t\t\t...(parsedSid.issuer === undefined ? {} : { issuer: parsedSid.issuer }),\n\t\t\t...(parsedSid.serialNumberHex === undefined\n\t\t\t\t? {}\n\t\t\t\t: { serialNumberHex: parsedSid.serialNumberHex }),\n\t\t\t...(parsedSid.subjectKeyIdentifier === undefined\n\t\t\t\t? {}\n\t\t\t\t: { subjectKeyIdentifier: parsedSid.subjectKeyIdentifier }),\n\t\t\tdigestAlgorithmOid,\n\t\t\tdigestAlgorithmName: describeHashAlgorithm(digestAlgorithmOid),\n\t\t\tsignatureAlgorithmOid,\n\t\t\tsignatureAlgorithmName: describeSignatureAlgorithm(\n\t\t\t\tsignatureAlgorithmOid,\n\t\t\t\tsignatureAlgorithmParams === undefined\n\t\t\t\t\t? undefined\n\t\t\t\t\t: new Uint8Array(\n\t\t\t\t\t\t\tsignatureAlgorithmDer.slice(\n\t\t\t\t\t\t\t\tsignatureAlgorithmParams.start - signatureAlgorithmParams.headerLength,\n\t\t\t\t\t\t\t\tsignatureAlgorithmParams.end,\n\t\t\t\t\t\t\t),\n\t\t\t\t\t\t),\n\t\t\t),\n\t\t\t...(signatureAlgorithmParams === undefined\n\t\t\t\t? {}\n\t\t\t\t: {\n\t\t\t\t\t\tsignatureAlgorithmParametersDer: new Uint8Array(\n\t\t\t\t\t\t\tsignatureAlgorithmDer.slice(\n\t\t\t\t\t\t\t\tsignatureAlgorithmParams.start - signatureAlgorithmParams.headerLength,\n\t\t\t\t\t\t\t\tsignatureAlgorithmParams.end,\n\t\t\t\t\t\t\t),\n\t\t\t\t\t\t),\n\t\t\t\t\t}),\n\t\t\tsignatureHex: toHex(signature.value),\n\t\t\tsignature: new Uint8Array(signature.value),\n\t\t\thasSignedAttrs,\n\t\t\t...(signedAttrsElement === undefined\n\t\t\t\t? {}\n\t\t\t\t: {\n\t\t\t\t\t\tsignedAttrsDer: new Uint8Array(\n\t\t\t\t\t\t\tsignerDer.slice(\n\t\t\t\t\t\t\t\tsignedAttrsElement.start - signedAttrsElement.headerLength,\n\t\t\t\t\t\t\t\tsignedAttrsElement.end,\n\t\t\t\t\t\t\t),\n\t\t\t\t\t\t),\n\t\t\t\t\t}),\n\t\t});\n\t}\n\treturn signers;\n}\n\n/** Unwraps the OCTET STRING inside the IMPLICIT [0] encapsulated content. */\nfunction extractEncapsulatedContent(\n\tencapDer: Uint8Array,\n\telement: ReturnType<typeof readElement>,\n): Uint8Array {\n\tif (element.tag !== 0xa0) {\n\t\tthrow new Error('Unexpected encapsulated content tag');\n\t}\n\tconst inner = readElement(encapDer, element.start);\n\tif (inner.tag !== 0x04) {\n\t\tthrow new Error('Expected encapsulated OCTET STRING');\n\t}\n\treturn inner.value;\n}\n\n/** Extracts issuer Name and serial number from an issuerAndSerialNumber SEQUENCE, or subjectKeyIdentifier from [0] IMPLICIT. */\nfunction parseSignerIdentifier(der: Uint8Array): {\n\treadonly issuer?: ParsedName;\n\treadonly serialNumberHex?: string;\n\treadonly subjectKeyIdentifier?: string;\n} {\n\tconst element = readRootElement(der, { maxDepth: DEFAULT_MAX_DER_DEPTH });\n\t// [0] IMPLICIT SubjectKeyIdentifier\n\tif (element.tag === 0x80) {\n\t\tif (element.value.length === 0) {\n\t\t\tthrow new Error('SignerIdentifier subjectKeyIdentifier must not be empty');\n\t\t}\n\t\treturn {\n\t\t\tsubjectKeyIdentifier: toHex(element.value),\n\t\t};\n\t}\n\t// SEQUENCE { issuer Name, serialNumber INTEGER }\n\tif (element.tag === 0x30) {\n\t\tconst top = readSequenceChildren(der);\n\t\tconst issuerElement = top[0];\n\t\tconst serial = top[1];\n\t\tif (issuerElement === undefined || serial === undefined || top.length !== 2) {\n\t\t\tthrow new Error('SignerIdentifier issuerAndSerialNumber is malformed');\n\t\t}\n\t\tif (issuerElement.tag !== 0x30) {\n\t\t\tthrow new Error('SignerIdentifier issuer must use Name SEQUENCE');\n\t\t}\n\t\tif (serial.tag !== 0x02) {\n\t\t\tthrow new Error('SignerIdentifier serialNumber must use INTEGER');\n\t\t}\n\t\tassertImplicitSerialNumberEncoding(serial.value, 'SignerIdentifier serialNumber');\n\t\treturn {\n\t\t\tissuer: parseSignerIssuerName(der, issuerElement),\n\t\t\tserialNumberHex: toHex(serial.value),\n\t\t};\n\t}\n\tthrow new Error(`Unsupported SignerIdentifier tag: ${String(element.tag)}`);\n}\n\nconst textDecoder = new TextDecoder();\n\n/** Parses a Name SEQUENCE element from a PKCS#7 signer identifier into a {@linkcode ParsedName}. */\nfunction parseSignerIssuerName(source: Uint8Array, element: DerElement): ParsedName {\n\tconst derHex = toHex(source.slice(element.start - element.headerLength, element.end));\n\tconst rdns: ParsedRelativeDistinguishedName[] = [];\n\tconst allAttributes: ParsedNameAttribute[] = [];\n\tconst values: Partial<Record<NameFieldKey, string>> = {};\n\tfor (const setElement of childrenOf(source, element)) {\n\t\tconst rdnAttributes: ParsedNameAttribute[] = [];\n\t\tconst rdnValues: Partial<Record<NameFieldKey, string>> = {};\n\t\tfor (const attrSequence of childrenOf(source, setElement)) {\n\t\t\tconst parts = childrenOf(source, attrSequence);\n\t\t\tconst oidElement = requireElement(parts[0], 'signer issuer attribute OID');\n\t\t\tconst valueElement = requireElement(parts[1], 'signer issuer attribute value');\n\t\t\tconst oid = decodeObjectIdentifier(oidElement.value);\n\t\t\tlet fieldValue: string;\n\t\t\ttry {\n\t\t\t\tfieldValue = decodeString(valueElement.tag, valueElement.value);\n\t\t\t} catch {\n\t\t\t\tfieldValue = textDecoder.decode(valueElement.value);\n\t\t\t}\n\t\t\tconst fieldKey = nameFieldKeyFromOid(oid);\n\t\t\tconst attribute: ParsedNameAttribute =\n\t\t\t\tfieldKey !== undefined\n\t\t\t\t\t? { oid, key: fieldKey, valueTag: valueElement.tag, value: fieldValue }\n\t\t\t\t\t: { oid, valueTag: valueElement.tag, value: fieldValue };\n\t\t\trdnAttributes.push(attribute);\n\t\t\tallAttributes.push(attribute);\n\t\t\tif (fieldKey !== undefined) {\n\t\t\t\tif (rdnValues[fieldKey] === undefined) {\n\t\t\t\t\trdnValues[fieldKey] = fieldValue;\n\t\t\t\t}\n\t\t\t\tif (values[fieldKey] === undefined) {\n\t\t\t\t\tvalues[fieldKey] = fieldValue;\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t\trdns.push({\n\t\t\tderHex: toHex(source.slice(setElement.start - setElement.headerLength, setElement.end)),\n\t\t\tattributes: rdnAttributes,\n\t\t\tvalues: rdnValues,\n\t\t});\n\t}\n\treturn { derHex, rdns, attributes: allAttributes, values };\n}\n\n/** Returns the nth child element inside a constructed ASN.1 element, or throws. */\nfunction childAt(source: Uint8Array, parent: DerElement, index: number, label: string): DerElement {\n\tlet offset = parent.start;\n\tlet currentIndex = 0;\n\twhile (offset < parent.end) {\n\t\tconst child = readElement(source, offset);\n\t\tif (currentIndex === index) {\n\t\t\treturn child;\n\t\t}\n\t\toffset = child.end;\n\t\tcurrentIndex += 1;\n\t}\n\tthrow new Error(`Missing ${label}`);\n}\n\n// ---------------------------------------------------------------------------\n// CMS signed attributes verification (RFC 5652 Section 5.4)\n// ---------------------------------------------------------------------------\n\n/** Maps a digest algorithm OID to the WebCrypto hash name. */\nfunction digestAlgorithmHash(digestAlgorithmOid: string): 'SHA-256' | 'SHA-384' | 'SHA-512' {\n\tswitch (digestAlgorithmOid) {\n\t\tcase OIDS.sha256:\n\t\t\treturn 'SHA-256';\n\t\tcase OIDS.sha384:\n\t\t\treturn 'SHA-384';\n\t\tcase OIDS.sha512:\n\t\t\treturn 'SHA-512';\n\t\tdefault:\n\t\t\tthrow new Error(`Unsupported digest algorithm OID: ${digestAlgorithmOid}`);\n\t}\n}\n\n/** Parses required signed attributes and enforces uniqueness + exact-one-value shape. */\nfunction parseSignedAttributeRequirements(signedAttrsDer: Uint8Array): {\n\treadonly messageDigest: Uint8Array;\n\treadonly contentTypeOid: string;\n} {\n\tconst outer = readElement(signedAttrsDer);\n\tlet messageDigest: Uint8Array | undefined;\n\tlet contentTypeOid: string | undefined;\n\tfor (const attr of childrenOf(signedAttrsDer, outer)) {\n\t\tconst attrDer = signedAttrsDer.slice(attr.start - attr.headerLength, attr.end);\n\t\tconst parts = readSequenceChildren(attrDer);\n\t\tconst oid = parts[0];\n\t\tconst values = parts[1];\n\t\tif (oid === undefined || values === undefined || parts.length !== 2 || values.tag !== 0x31) {\n\t\t\tthrow new Error('Malformed signedAttrs attribute');\n\t\t}\n\t\tconst attrOid = decodeObjectIdentifier(oid.value);\n\t\tconst valueElements = childrenOf(attrDer, values);\n\t\tif (attrOid === OIDS.cmsMessageDigest) {\n\t\t\tif (messageDigest !== undefined || valueElements.length !== 1) {\n\t\t\t\tthrow new Error('messageDigest attribute must appear exactly once with one value');\n\t\t\t}\n\t\t\tconst digestElement = valueElements[0];\n\t\t\tif (digestElement === undefined || digestElement.tag !== 0x04) {\n\t\t\t\tthrow new Error('messageDigest attribute value must use OCTET STRING');\n\t\t\t}\n\t\t\tmessageDigest = digestElement.value;\n\t\t\tcontinue;\n\t\t}\n\t\tif (attrOid === OIDS.cmsContentType) {\n\t\t\tif (contentTypeOid !== undefined || valueElements.length !== 1) {\n\t\t\t\tthrow new Error('contentType attribute must appear exactly once with one value');\n\t\t\t}\n\t\t\tconst contentType = valueElements[0];\n\t\t\tif (contentType === undefined || contentType.tag !== 0x06) {\n\t\t\t\tthrow new Error('contentType attribute value must use OBJECT IDENTIFIER');\n\t\t\t}\n\t\t\tcontentTypeOid = decodeObjectIdentifier(contentType.value);\n\t\t}\n\t}\n\tif (messageDigest === undefined) {\n\t\tthrow new Error('Missing messageDigest attribute in signedAttrs');\n\t}\n\tif (contentTypeOid === undefined) {\n\t\tthrow new Error('Missing contentType attribute in signedAttrs');\n\t}\n\treturn { messageDigest, contentTypeOid };\n}\n\n/** Replaces the IMPLICIT [0] tag (0xa0) with SET OF (0x31) per RFC 5652 Section 5.4. */\nfunction retagSignedAttrsAsSet(signedAttrsDer: Uint8Array): Uint8Array {\n\t// Replace IMPLICIT [0] tag (0xa0) with SET OF tag (0x31) per RFC 5652 Section 5.4\n\tconst copy = new Uint8Array(signedAttrsDer);\n\tcopy[0] = 0x31;\n\treturn copy;\n}\n\n/** Constant-time byte comparison to avoid timing side-channels in digest checks. */\nfunction constantTimeEqual(a: Uint8Array, b: Uint8Array): boolean {\n\tif (a.length !== b.length) {\n\t\treturn false;\n\t}\n\tlet diff = 0;\n\tfor (let index = 0; index < a.length; index += 1) {\n\t\tdiff |= (a[index] ?? 0) ^ (b[index] ?? 0);\n\t}\n\treturn diff === 0;\n}\n\n/** Verifies a signed-attributes flow: digest match + signature over re-tagged attrs. */\nasync function verifySignedAttrs(\n\tsignerInfo: ParsedPkcs7SignerInfo,\n\tsigner: ParsedCertificate,\n\tencapsulatedContent: Uint8Array,\n\tencapsulatedContentTypeOid: string,\n): Promise<\n\t| { readonly ok: true }\n\t| ErrorResult<\n\t\t\t| 'signer_not_found'\n\t\t\t| 'signature_invalid'\n\t\t\t| 'message_digest_mismatch'\n\t\t\t| 'content_missing'\n\t\t\t| ParsePkcs7ErrorCode,\n\t\t\tRecord<never, never>,\n\t\t\tVerifyPkcs7SignedDataFailure\n\t >\n> {\n\tif (signerInfo.signedAttrsDer === undefined) {\n\t\treturn verifyPkcs7Failure('malformed', 'Missing signedAttrs DER');\n\t}\n\t// Step 1: Parse required signed attributes from signedAttrs\n\tlet signedAttributes: { readonly messageDigest: Uint8Array; readonly contentTypeOid: string };\n\ttry {\n\t\tassertImplicitSignedAttrsDer(signerInfo.signedAttrsDer);\n\t\tsignedAttributes = parseSignedAttributeRequirements(signerInfo.signedAttrsDer);\n\t} catch {\n\t\treturn verifyPkcs7Failure('malformed', 'Malformed signedAttrs in SignedData');\n\t}\n\tif (signedAttributes.contentTypeOid !== encapsulatedContentTypeOid) {\n\t\treturn verifyPkcs7Failure('malformed', 'SignedData contentType attribute does not match');\n\t}\n\t// Step 2: Compute digest of encapsulated content\n\tlet actualDigest: Uint8Array;\n\ttry {\n\t\tconst hash = digestAlgorithmHash(signerInfo.digestAlgorithmOid);\n\t\tactualDigest = new Uint8Array(\n\t\t\tawait getCrypto().subtle.digest(hash, toArrayBuffer(encapsulatedContent)),\n\t\t);\n\t} catch {\n\t\treturn verifyPkcs7Failure('malformed', 'Unsupported digest algorithm in SignedData');\n\t}\n\t// Step 3: Compare digests (constant-time)\n\tif (!constantTimeEqual(actualDigest, signedAttributes.messageDigest)) {\n\t\treturn verifyPkcs7Failure(\n\t\t\t'message_digest_mismatch',\n\t\t\t'Content digest does not match messageDigest attribute',\n\t\t);\n\t}\n\t// Step 4: Verify signature over re-tagged signedAttrs (0xa0 → 0x31 SET OF)\n\tlet signedData: Uint8Array;\n\ttry {\n\t\tsignedData = retagSignedAttrsAsSet(signerInfo.signedAttrsDer);\n\t} catch {\n\t\treturn verifyPkcs7Failure('malformed', 'Malformed signedAttrs in SignedData');\n\t}\n\tlet verified: boolean;\n\ttry {\n\t\tconst verificationResult = await verifySignedDataDetailed(\n\t\t\tsignerInfo.signatureAlgorithmOid,\n\t\t\tsignerInfo.signatureAlgorithmParametersDer,\n\t\t\tsigner.publicKeyAlgorithmOid,\n\t\t\tsigner.publicKeyParametersOid,\n\t\t\tsigner.subjectPublicKeyInfoDer,\n\t\t\tsignerInfo.signature,\n\t\t\tsignedData,\n\t\t);\n\t\tif (!verificationResult.ok) {\n\t\t\tif (verificationResult.code === 'verification_error') {\n\t\t\t\treturn verifyPkcs7Failure('malformed', 'SignedData signature verification failed');\n\t\t\t}\n\t\t\treturn verifyPkcs7Failure('malformed', 'Unsupported signature algorithm in SignedData');\n\t\t}\n\t\tverified = verificationResult.valid;\n\t} catch {\n\t\treturn verifyPkcs7Failure('malformed', 'Unsupported signature algorithm in SignedData');\n\t}\n\tif (!verified) {\n\t\treturn verifyPkcs7Failure(\n\t\t\t'signature_invalid',\n\t\t\t'SignedData signature over signedAttrs does not verify',\n\t\t);\n\t}\n\treturn { ok: true };\n}\n\nfunction signerIdentifierMatches(\n\tcertificate: ParsedCertificate,\n\tsignerInfo: ParsedPkcs7SignerInfo,\n): boolean {\n\tif (signerInfo.issuer !== undefined || signerInfo.serialNumberHex !== undefined) {\n\t\treturn (\n\t\t\tsignerInfo.issuer !== undefined &&\n\t\t\tsignerInfo.serialNumberHex !== undefined &&\n\t\t\tcertificate.serialNumberHex === signerInfo.serialNumberHex &&\n\t\t\tcompareDistinguishedNames(certificate.issuer, signerInfo.issuer)\n\t\t);\n\t}\n\treturn (\n\t\tsignerInfo.subjectKeyIdentifier !== undefined &&\n\t\tcertificate.subjectKeyIdentifier === signerInfo.subjectKeyIdentifier\n\t);\n}\n\nfunction assertImplicitSignedAttrsDer(signedAttrsDer: Uint8Array): void {\n\tif (readElement(signedAttrsDer).tag !== 0xa0) {\n\t\tthrow new Error('signedAttrs must use IMPLICIT [0] tag');\n\t}\n}\n\nfunction hasReparseablePkcs7SignedData(\n\tvalue: ParsedPkcs7SignedData,\n): value is ParsedPkcs7SignedData & { readonly der: Uint8Array } {\n\treturn 'der' in value && value.der instanceof Uint8Array;\n}\n\nfunction assertImplicitSerialNumberEncoding(bytes: Uint8Array, label: string): void {\n\tconst first = bytes[0];\n\tif (first === undefined) {\n\t\tthrow new Error(`${label} must not be empty`);\n\t}\n\tif ((first & 0x80) !== 0) {\n\t\tthrow new Error(`${label} must be non-negative`);\n\t}\n\tif (bytes.length > 1 && first === 0 && ((bytes[1] ?? 0) & 0x80) === 0) {\n\t\tthrow new Error(`${label} must use minimal encoding`);\n\t}\n}\n"],"mappings":"k+BA6LA,SAAgB,EAAsB,EAA6D,CAClG,IAAM,EAAkB,EAAa,QAAQ,CAA0B,EACjE,EAAa,EAAS,CAC3B,EAAkB,CAAC,EACnB,EAAM,CAAC,CAAC,EACR,EAAS,CAAC,EAAiB,EAAK,SAAS,CAAC,CAAC,EAC3C,EAAgB,EAAG,EAAY,CAAe,CAAC,EAC/C,EAAM,CAAC,CAAC,CACT,CAAC,EACD,OAAO,EAAS,CAAC,EAAiB,EAAK,eAAe,EAAG,EAAgB,EAAG,CAAU,CAAC,CAAC,CACzF,CAKA,SAAgB,EACf,EACe,CACf,IAAM,EAAM,EAAsB,CAAY,EAC9C,MAAO,CACN,MACA,IAAK,EAAU,QAAS,CAAG,EAC3B,OAAQ,EAAa,CAAG,CACzB,CACD,CAOA,SAAgB,EAAqB,EAA0C,CAC9E,IAAM,EAAS,EAAwB,CAAG,EAI1C,OAHK,EAAO,GAGL,CAAE,GAAI,GAAM,MAAO,EAAO,MAAM,YAAa,EAF5C,CAGT,CAGA,SAAgB,EAAqB,EAAsC,CAC1E,GAAI,CACH,IAAM,EAAS,EAAe,CAAG,CAAC,CAAC,OAAQ,GAAU,EAAM,QAAU,OAAO,EAC5E,GAAI,EAAO,SAAW,EACrB,OAAO,EAAa,YAAa,sCAAsC,EAExE,IAAM,EAAQ,EAAO,GAIrB,OAHI,IAAU,IAAA,GACN,EAAa,YAAa,qBAAqB,EAEhD,EAAqB,EAAM,KAAK,CACxC,MAAQ,CACP,OAAO,EAAa,YAAa,sCAAsC,CACxE,CACD,CAOA,SAAgB,EAAwB,EAA6C,CACpF,GAAI,CACH,IAAM,EAAc,EAAqB,EAAK,CAAE,SAAA,EAAgC,CAAC,EAC3E,EAAc,EAAY,GAC1B,EAAU,EAAY,GAU5B,GARC,IAAgB,IAAA,IAChB,IAAY,IAAA,IACZ,EAAY,SAAW,GACvB,EAAY,MAAQ,GACpB,EAAQ,MAAQ,KAIb,EAAW,EAAK,CAAO,CAAC,CAAC,SAAW,EACvC,OAAO,EAAa,YAAa,+BAA+B,EAEjE,IAAM,EAAiB,EAAuB,EAAY,KAAK,EAC/D,GAAI,IAAmB,EAAK,gBAC3B,OAAO,EAAa,kBAAmB,kCAAkC,EAG1E,IAAM,EAAqB,EAAW,EADnB,EAAQ,EAAK,EAAS,EAAG,YACQ,CAAC,EAC/C,EAAU,EAAmB,GAC7B,EAAmB,EAAmB,GACtC,EAAmB,EAAmB,GACtC,EAAmB,EAAmB,MAAM,CAAC,EAC7C,EAAc,EAAiB,EAAiB,OAAS,GAC3D,EACA,EACJ,IAAK,IAAM,KAAS,EAAiB,MAAM,EAAG,EAAE,EAAG,CAClD,GAAI,GAAO,MAAQ,IAAM,CACxB,GAAI,IAAS,IAAA,GACZ,OAAO,EAAa,YAAa,uDAAuD,EAEzF,GAAI,IAAiB,IAAA,GACpB,OAAO,EAAa,YAAa,+CAA+C,EAEjF,EAAe,EACf,QACD,CACA,GAAI,GAAO,MAAQ,IAAM,CACxB,GAAI,IAAS,IAAA,GACZ,OAAO,EAAa,YAAa,uCAAuC,EAEzE,EAAO,EACP,QACD,CACA,OAAO,EAAa,YAAa,qCAAqC,CACvE,CACA,GACC,IAAY,IAAA,IACZ,IAAqB,IAAA,IACrB,IAAqB,IAAA,IACrB,IAAgB,IAAA,IAChB,EAAY,MAAQ,GAEpB,OAAO,EAAa,YAAa,sBAAsB,EAExD,IAAM,EAAW,EAAI,MACpB,EAAiB,MAAQ,EAAiB,aAC1C,EAAiB,GAClB,EACM,EAAgB,EAAqB,CAAQ,EAC7C,EAAY,EAAc,GAC1B,EAAe,EAAc,GAC7B,EAAsB,EAAsB,EAAK,CAAgB,EAIvE,OAHI,IAAc,IAAA,GACV,EAAa,YAAa,mCAAmC,EAE9D,CACN,GAAI,GACJ,MAAO,CACN,IAAK,IAAI,WAAW,CAAG,EACvB,iBACA,QAAS,EAAoB,EAAQ,KAAK,EAC1C,sBACA,qBAAsB,EAAoB,IAAK,GAAQ,EAAsB,CAAG,CAAC,EACjF,2BAA4B,EAAuB,EAAU,KAAK,EAClE,GAAI,IAAiB,IAAA,GAClB,CAAC,EACD,CACA,oBAAqB,EAA2B,EAAU,CAAY,CACvE,EACF,aAAc,EAAoB,EAAK,CAAY,EACnD,YAAa,EAAiB,EAAK,CAAW,CAC/C,CACD,CACD,MAAQ,CACP,OAAO,EAAa,YAAa,4BAA4B,CAC9D,CACD,CAGA,SAAgB,EAAwB,EAAyC,CAChF,GAAI,CACH,IAAM,EAAS,EAAe,CAAG,CAAC,CAAC,OAAQ,GAAU,EAAM,QAAU,OAAO,EACtE,EAAQ,EAAO,GAIrB,OAHI,IAAU,IAAA,IAAa,EAAO,SAAW,EACrC,EAAa,YAAa,sCAAsC,EAEjE,EAAwB,EAAM,KAAK,CAC3C,MAAQ,CACP,OAAO,EAAa,YAAa,sCAAsC,CACxE,CACD,CAuBA,eAAsB,EACrB,EACuC,CACvC,IAAI,EACJ,GAAI,OAAO,GAAU,SAAU,CAC9B,IAAM,EAAS,EAAwB,CAAK,EAC5C,GAAI,CAAC,EAAO,GACX,OAAO,EAER,EAAS,EAAO,KACjB,MAAO,GAAI,aAAiB,WAAY,CACvC,IAAM,EAAS,EAAwB,CAAK,EAC5C,GAAI,CAAC,EAAO,GACX,OAAO,EAER,EAAS,EAAO,KACjB,KAAO,CACN,GAAI,CAAC,EAA8B,CAAK,EACvC,OAAO,EAAmB,YAAa,sCAAsC,EAE9E,IAAM,EAAS,EAAwB,IAAI,WAAW,EAAM,GAAG,CAAC,EAChE,GAAI,CAAC,EAAO,GACX,OAAO,EAER,EAAS,EAAO,KACjB,CACA,GAAI,EAAO,sBAAwB,IAAA,GAClC,OAAO,EAAmB,kBAAmB,4CAA4C,EAE1F,IAAK,IAAM,KAAc,EAAO,YAAa,CAC5C,IAAM,EAAS,EAAO,aAAa,KAAM,GACxC,EAAwB,EAAa,CAAU,CAChD,EACA,GAAI,IAAW,IAAA,GACd,OAAO,EACN,mBACA,yDACD,EAED,GAAI,EAAW,eAAgB,CAC9B,IAAM,EAAc,MAAM,EACzB,EACA,EACA,EAAO,oBACP,EAAO,0BACR,EACA,GAAI,CAAC,EAAY,GAChB,OAAO,EAER,QACD,CACA,IAAI,EACJ,GAAI,CACH,IAAM,EAAqB,MAAM,EAChC,EAAW,sBACX,EAAW,gCACX,EAAO,sBACP,EAAO,uBACP,EAAO,wBACP,EAAW,UACX,EAAO,mBACR,EACA,GAAI,CAAC,EAAmB,GAIvB,OAHI,EAAmB,OAAS,qBACxB,EAAmB,YAAa,0CAA0C,EAE3E,EAAmB,YAAa,+CAA+C,EAEvF,EAAW,EAAmB,KAC/B,MAAQ,CACP,OAAO,EAAmB,YAAa,+CAA+C,CACvF,CACA,GAAI,CAAC,EACJ,OAAO,EAAmB,oBAAqB,sCAAsC,CAEvF,CACA,MAAO,CAAE,GAAI,GAAM,MAAO,CAAO,CAClC,CAOA,SAAS,EACR,EACA,EAC4E,CAE5E,MAAO,CAAE,GAAI,GAAO,MAAA,CADe,GAAI,GAAO,OAAM,SAC5B,EAAG,OAAM,SAAQ,CAC1C,CAGA,SAAS,EACR,EAMA,EASC,CAED,MAAO,CAAE,GAAI,GAAO,MAAA,CAD0B,GAAI,GAAO,OAAM,SACvC,EAAG,OAAM,SAAQ,CAC1C,CAGA,SAAS,EAA2B,EAAuD,CAM1F,OALI,OAAO,GAAW,SACd,EAAe,CAAM,CAAC,CAC3B,OAAQ,GAAU,EAAM,QAAU,aAAa,CAAC,CAChD,IAAK,GAAU,IAAI,WAAW,EAAM,KAAK,CAAC,EAEtC,CAAC,IAAI,WAAW,CAAM,CAAC,CAC/B,CAGA,SAAS,EACR,EACA,EAC+B,CAC/B,GAAI,IAAiB,IAAA,IAAa,EAAa,MAAQ,IACtD,MAAO,CAAC,EAET,IAAM,EAA8B,CAAC,EACjC,EAAS,EAAa,MAC1B,KAAO,EAAS,EAAa,KAAK,CACjC,IAAM,EAAU,EAAY,EAAQ,CAAM,EAC1C,EAAO,KAAK,EAAoB,EAAO,MAAM,EAAQ,EAAQ,GAAG,CAAC,CAAC,EAClE,EAAS,EAAQ,GAClB,CACA,OAAO,CACR,CAGA,SAAS,EACR,EACA,EACoB,CACpB,IAAM,EAAoB,CAAC,EAC3B,GAAI,EAAQ,MAAQ,GACnB,MAAU,MAAM,+BAA+B,EAEhD,IAAK,IAAM,KAAS,EAAW,EAAQ,CAAO,EAAG,CAChD,GAAI,EAAM,MAAQ,GACjB,MAAU,MAAM,uDAAuD,EAGxE,IAAM,EAAQ,EADG,EAAO,MAAM,EAAM,MAAQ,EAAM,aAAc,EAAM,GAC5B,CAAC,EACrC,EAAM,EAAM,GAClB,GAAI,IAAQ,IAAA,IAAa,EAAM,OAAS,GAAK,EAAM,OAAS,GAAK,EAAI,MAAQ,EAC5E,MAAU,MAAM,sCAAsC,EAEvD,EAAQ,KAAK,EAAuB,EAAI,KAAK,CAAC,CAC/C,CACA,OAAO,CACR,CAGA,SAAS,EACR,EACA,EACmC,CACnC,IAAM,EAAmC,CAAC,EAC1C,IAAK,IAAM,KAAc,EAAW,EAAQ,CAAO,EAAG,CACrD,IAAM,EAAY,EAAO,MAAM,EAAW,MAAQ,EAAW,aAAc,EAAW,GAAG,EACnF,EAAQ,EAAqB,CAAS,EACtC,EAAU,EAAM,GAChB,EAAM,EAAM,GACZ,EAAkB,EAAM,GAC1B,EAAQ,EACN,EAAqB,EAAM,EAAM,EAAE,MAAQ,IAAO,EAAM,GAAS,IAAA,GACjE,EAAiB,IAAuB,IAAA,GAC1C,IACH,GAAS,GAEV,IAAM,EAAqB,EAAM,GAC3B,EAAY,EAAM,EAAQ,GAC1B,EAA4B,EAAM,EAAQ,GAChD,GACC,IAAY,IAAA,IACZ,IAAQ,IAAA,IACR,IAAoB,IAAA,IACpB,IAAuB,IAAA,IACvB,IAAc,IAAA,IACd,EAAU,MAAQ,GAClB,EAAM,OAAS,EAAQ,GACtB,IAA8B,IAAA,IAAa,EAA0B,MAAQ,IAE9E,MAAU,MAAM,sBAAsB,EAMvC,IAAM,EAAqB,EAC1B,EAAe,EALW,EAAU,MACpC,EAAgB,MAAQ,EAAgB,aACxC,EAAgB,GAGqC,CAAC,CAAC,CAAC,GAAI,sBAAsB,CAAC,CAAC,KACrF,EACM,EAAwB,EAAU,MACvC,EAAmB,MAAQ,EAAmB,aAC9C,EAAmB,GACpB,EACM,EAA6B,EAAqB,CAAqB,EACvE,EAAwB,EAC7B,EAAe,EAA2B,GAAI,yBAAyB,CAAC,CAAC,KAC1E,EACM,EAA2B,EAA2B,GACtD,EAAY,EAAsB,EAAU,MAAM,EAAI,MAAQ,EAAI,aAAc,EAAI,GAAG,CAAC,EAC9F,EAAQ,KAAK,CACZ,QAAS,EAAoB,EAAQ,KAAK,EAC1C,GAAI,EAAU,SAAW,IAAA,GAAY,CAAC,EAAI,CAAE,OAAQ,EAAU,MAAO,EACrE,GAAI,EAAU,kBAAoB,IAAA,GAC/B,CAAC,EACD,CAAE,gBAAiB,EAAU,eAAgB,EAChD,GAAI,EAAU,uBAAyB,IAAA,GACpC,CAAC,EACD,CAAE,qBAAsB,EAAU,oBAAqB,EAC1D,qBACA,oBAAqB,EAAsB,CAAkB,EAC7D,wBACA,uBAAwB,EACvB,EACA,IAA6B,IAAA,GAC1B,IAAA,GACA,IAAI,WACJ,EAAsB,MACrB,EAAyB,MAAQ,EAAyB,aAC1D,EAAyB,GAC1B,CACD,CACH,EACA,GAAI,IAA6B,IAAA,GAC9B,CAAC,EACD,CACA,gCAAiC,IAAI,WACpC,EAAsB,MACrB,EAAyB,MAAQ,EAAyB,aAC1D,EAAyB,GAC1B,CACD,CACD,EACF,aAAc,EAAM,EAAU,KAAK,EACnC,UAAW,IAAI,WAAW,EAAU,KAAK,EACzC,iBACA,GAAI,IAAuB,IAAA,GACxB,CAAC,EACD,CACA,eAAgB,IAAI,WACnB,EAAU,MACT,EAAmB,MAAQ,EAAmB,aAC9C,EAAmB,GACpB,CACD,CACD,CACH,CAAC,CACF,CACA,OAAO,CACR,CAGA,SAAS,EACR,EACA,EACa,CACb,GAAI,EAAQ,MAAQ,IACnB,MAAU,MAAM,qCAAqC,EAEtD,IAAM,EAAQ,EAAY,EAAU,EAAQ,KAAK,EACjD,GAAI,EAAM,MAAQ,EACjB,MAAU,MAAM,oCAAoC,EAErD,OAAO,EAAM,KACd,CAGA,SAAS,EAAsB,EAI7B,CACD,IAAM,EAAU,EAAgB,EAAK,CAAE,SAAA,EAAgC,CAAC,EAExE,GAAI,EAAQ,MAAQ,IAAM,CACzB,GAAI,EAAQ,MAAM,SAAW,EAC5B,MAAU,MAAM,yDAAyD,EAE1E,MAAO,CACN,qBAAsB,EAAM,EAAQ,KAAK,CAC1C,CACD,CAEA,GAAI,EAAQ,MAAQ,GAAM,CACzB,IAAM,EAAM,EAAqB,CAAG,EAC9B,EAAgB,EAAI,GACpB,EAAS,EAAI,GACnB,GAAI,IAAkB,IAAA,IAAa,IAAW,IAAA,IAAa,EAAI,SAAW,EACzE,MAAU,MAAM,qDAAqD,EAEtE,GAAI,EAAc,MAAQ,GACzB,MAAU,MAAM,gDAAgD,EAEjE,GAAI,EAAO,MAAQ,EAClB,MAAU,MAAM,gDAAgD,EAGjE,OADA,EAAmC,EAAO,MAAO,+BAA+B,EACzE,CACN,OAAQ,EAAsB,EAAK,CAAa,EAChD,gBAAiB,EAAM,EAAO,KAAK,CACpC,CACD,CACA,MAAU,MAAM,qCAAqC,OAAO,EAAQ,GAAG,GAAG,CAC3E,CAEA,MAAM,EAAc,IAAI,YAGxB,SAAS,EAAsB,EAAoB,EAAiC,CACnF,IAAM,EAAS,EAAM,EAAO,MAAM,EAAQ,MAAQ,EAAQ,aAAc,EAAQ,GAAG,CAAC,EAC9E,EAA0C,CAAC,EAC3C,EAAuC,CAAC,EACxC,EAAgD,CAAC,EACvD,IAAK,IAAM,KAAc,EAAW,EAAQ,CAAO,EAAG,CACrD,IAAM,EAAuC,CAAC,EACxC,EAAmD,CAAC,EAC1D,IAAK,IAAM,KAAgB,EAAW,EAAQ,CAAU,EAAG,CAC1D,IAAM,EAAQ,EAAW,EAAQ,CAAY,EACvC,EAAa,EAAe,EAAM,GAAI,6BAA6B,EACnE,EAAe,EAAe,EAAM,GAAI,+BAA+B,EACvE,EAAM,EAAuB,EAAW,KAAK,EAC/C,EACJ,GAAI,CACH,EAAa,EAAa,EAAa,IAAK,EAAa,KAAK,CAC/D,MAAQ,CACP,EAAa,EAAY,OAAO,EAAa,KAAK,CACnD,CACA,IAAM,EAAW,EAAoB,CAAG,EAClC,EACL,IAAa,IAAA,GAEV,CAAE,MAAK,SAAU,EAAa,IAAK,MAAO,CAAW,EADrD,CAAE,MAAK,IAAK,EAAU,SAAU,EAAa,IAAK,MAAO,CAAW,EAExE,EAAc,KAAK,CAAS,EAC5B,EAAc,KAAK,CAAS,EACxB,IAAa,IAAA,KACZ,EAAU,KAAc,IAAA,KAC3B,EAAU,GAAY,GAEnB,EAAO,KAAc,IAAA,KACxB,EAAO,GAAY,GAGtB,CACA,EAAK,KAAK,CACT,OAAQ,EAAM,EAAO,MAAM,EAAW,MAAQ,EAAW,aAAc,EAAW,GAAG,CAAC,EACtF,WAAY,EACZ,OAAQ,CACT,CAAC,CACF,CACA,MAAO,CAAE,SAAQ,OAAM,WAAY,EAAe,QAAO,CAC1D,CAGA,SAAS,EAAQ,EAAoB,EAAoB,EAAe,EAA2B,CAClG,IAAI,EAAS,EAAO,MAChB,EAAe,EACnB,KAAO,EAAS,EAAO,KAAK,CAC3B,IAAM,EAAQ,EAAY,EAAQ,CAAM,EACxC,GAAI,IAAiB,EACpB,OAAO,EAER,EAAS,EAAM,IACf,GAAgB,CACjB,CACA,MAAU,MAAM,WAAW,GAAO,CACnC,CAOA,SAAS,EAAoB,EAA+D,CAC3F,OAAQ,EAAR,CACC,KAAK,EAAK,OACT,MAAO,UACR,KAAK,EAAK,OACT,MAAO,UACR,KAAK,EAAK,OACT,MAAO,UACR,QACC,MAAU,MAAM,qCAAqC,GAAoB,CAC3E,CACD,CAGA,SAAS,EAAiC,EAGxC,CACD,IAAM,EAAQ,EAAY,CAAc,EACpC,EACA,EACJ,IAAK,IAAM,KAAQ,EAAW,EAAgB,CAAK,EAAG,CACrD,IAAM,EAAU,EAAe,MAAM,EAAK,MAAQ,EAAK,aAAc,EAAK,GAAG,EACvE,EAAQ,EAAqB,CAAO,EACpC,EAAM,EAAM,GACZ,EAAS,EAAM,GACrB,GAAI,IAAQ,IAAA,IAAa,IAAW,IAAA,IAAa,EAAM,SAAW,GAAK,EAAO,MAAQ,GACrF,MAAU,MAAM,iCAAiC,EAElD,IAAM,EAAU,EAAuB,EAAI,KAAK,EAC1C,EAAgB,EAAW,EAAS,CAAM,EAChD,GAAI,IAAY,EAAK,iBAAkB,CACtC,GAAI,IAAkB,IAAA,IAAa,EAAc,SAAW,EAC3D,MAAU,MAAM,iEAAiE,EAElF,IAAM,EAAgB,EAAc,GACpC,GAAI,IAAkB,IAAA,IAAa,EAAc,MAAQ,EACxD,MAAU,MAAM,qDAAqD,EAEtE,EAAgB,EAAc,MAC9B,QACD,CACA,GAAI,IAAY,EAAK,eAAgB,CACpC,GAAI,IAAmB,IAAA,IAAa,EAAc,SAAW,EAC5D,MAAU,MAAM,+DAA+D,EAEhF,IAAM,EAAc,EAAc,GAClC,GAAI,IAAgB,IAAA,IAAa,EAAY,MAAQ,EACpD,MAAU,MAAM,wDAAwD,EAEzE,EAAiB,EAAuB,EAAY,KAAK,CAC1D,CACD,CACA,GAAI,IAAkB,IAAA,GACrB,MAAU,MAAM,gDAAgD,EAEjE,GAAI,IAAmB,IAAA,GACtB,MAAU,MAAM,8CAA8C,EAE/D,MAAO,CAAE,gBAAe,gBAAe,CACxC,CAGA,SAAS,EAAsB,EAAwC,CAEtE,IAAM,EAAO,IAAI,WAAW,CAAc,EAE1C,MADA,GAAK,GAAK,GACH,CACR,CAGA,SAAS,EAAkB,EAAe,EAAwB,CACjE,GAAI,EAAE,SAAW,EAAE,OAClB,MAAO,GAER,IAAI,EAAO,EACX,IAAK,IAAI,EAAQ,EAAG,EAAQ,EAAE,OAAQ,GAAS,EAC9C,IAAS,EAAE,IAAU,IAAM,EAAE,IAAU,GAExC,OAAO,IAAS,CACjB,CAGA,eAAe,EACd,EACA,EACA,EACA,EAYC,CACD,GAAI,EAAW,iBAAmB,IAAA,GACjC,OAAO,EAAmB,YAAa,yBAAyB,EAGjE,IAAI,EACJ,GAAI,CACH,EAA6B,EAAW,cAAc,EACtD,EAAmB,EAAiC,EAAW,cAAc,CAC9E,MAAQ,CACP,OAAO,EAAmB,YAAa,qCAAqC,CAC7E,CACA,GAAI,EAAiB,iBAAmB,EACvC,OAAO,EAAmB,YAAa,iDAAiD,EAGzF,IAAI,EACJ,GAAI,CACH,IAAM,EAAO,EAAoB,EAAW,kBAAkB,EAC9D,EAAe,IAAI,WAClB,MAAM,EAAU,CAAC,CAAC,OAAO,OAAO,EAAM,EAAc,CAAmB,CAAC,CACzE,CACD,MAAQ,CACP,OAAO,EAAmB,YAAa,4CAA4C,CACpF,CAEA,GAAI,CAAC,EAAkB,EAAc,EAAiB,aAAa,EAClE,OAAO,EACN,0BACA,uDACD,EAGD,IAAI,EACJ,GAAI,CACH,EAAa,EAAsB,EAAW,cAAc,CAC7D,MAAQ,CACP,OAAO,EAAmB,YAAa,qCAAqC,CAC7E,CACA,IAAI,EACJ,GAAI,CACH,IAAM,EAAqB,MAAM,EAChC,EAAW,sBACX,EAAW,gCACX,EAAO,sBACP,EAAO,uBACP,EAAO,wBACP,EAAW,UACX,CACD,EACA,GAAI,CAAC,EAAmB,GAIvB,OAHI,EAAmB,OAAS,qBACxB,EAAmB,YAAa,0CAA0C,EAE3E,EAAmB,YAAa,+CAA+C,EAEvF,EAAW,EAAmB,KAC/B,MAAQ,CACP,OAAO,EAAmB,YAAa,+CAA+C,CACvF,CAOA,OANK,EAME,CAAE,GAAI,EAAK,EALV,EACN,oBACA,uDACD,CAGF,CAEA,SAAS,EACR,EACA,EACU,CASV,OARI,EAAW,SAAW,IAAA,IAAa,EAAW,kBAAoB,IAAA,GAEpE,EAAW,SAAW,IAAA,IACtB,EAAW,kBAAoB,IAAA,IAC/B,EAAY,kBAAoB,EAAW,iBAC3C,EAA0B,EAAY,OAAQ,EAAW,MAAM,EAIhE,EAAW,uBAAyB,IAAA,IACpC,EAAY,uBAAyB,EAAW,oBAElD,CAEA,SAAS,EAA6B,EAAkC,CACvE,GAAI,EAAY,CAAc,CAAC,CAAC,MAAQ,IACvC,MAAU,MAAM,uCAAuC,CAEzD,CAEA,SAAS,EACR,EACgE,CAChE,MAAO,QAAS,GAAS,EAAM,eAAe,UAC/C,CAEA,SAAS,EAAmC,EAAmB,EAAqB,CACnF,IAAM,EAAQ,EAAM,GACpB,GAAI,IAAU,IAAA,GACb,MAAU,MAAM,GAAG,EAAM,mBAAmB,EAE7C,GAAK,EAAQ,IACZ,MAAU,MAAM,GAAG,EAAM,sBAAsB,EAEhD,GAAI,EAAM,OAAS,GAAK,IAAU,GAAA,GAAO,EAAM,IAAM,GAAK,KACzD,MAAU,MAAM,GAAG,EAAM,2BAA2B,CAEtD"}
|
|
1
|
+
{"version":3,"file":"pkcs7.js","names":[],"sources":["../../src/pkcs/pkcs7.ts"],"sourcesContent":["/**\n * PKCS#7/CMS certificate bags and SignedData.\n *\n * Creates degenerate (signature-less) certificate bags, parses RFC 2315 / RFC 5652\n * SignedData structures, and verifies signer signatures including signed-attribute flows.\n *\n * @module\n */\n\nimport {\n\tchildrenOf,\n\tdecodeIntegerNumber,\n\tdecodeObjectIdentifier,\n\tdecodeString,\n\thexToBytes,\n\trequireElement,\n\ttoArrayBuffer,\n\ttoHex,\n} from '#micro509/internal/asn1/asn1.ts';\nimport type { DerElement } from '#micro509/internal/asn1/der.ts';\nimport {\n\tconcatBytes,\n\tDEFAULT_MAX_DER_DEPTH,\n\texplicitContext,\n\tinteger,\n\tintegerFromNumber,\n\tnullValue,\n\tobjectIdentifier,\n\toctetString,\n\treadElement,\n\treadRootElement,\n\treadSequenceChildren,\n\tsequence,\n\tsetOf,\n} from '#micro509/internal/asn1/der.ts';\nimport { OIDS } from '#micro509/internal/asn1/oids.ts';\nimport {\n\tdescribeHashAlgorithm,\n\tdescribeSignatureAlgorithm,\n} from '#micro509/internal/crypto/algorithm-names.ts';\nimport { verifySignedDataDetailed } from '#micro509/internal/crypto/sig-verify.ts';\nimport {\n\tencodeAlgorithmIdentifier,\n\tgetSignatureAlgorithm,\n\ttype SignatureAlgorithmIdentifier,\n\ttype SignatureProfileInput,\n\tsignBytes,\n} from '#micro509/internal/crypto/signing.ts';\nimport { getCrypto } from '#micro509/internal/crypto/webcrypto.ts';\nimport { base64Encode } from '#micro509/internal/shared/base64.ts';\nimport { compareDistinguishedNames } from '#micro509/internal/shared/dn.ts';\nimport { pemEncode, splitPemBlocks } from '#micro509/pem/pem.ts';\nimport type { ErrorResult, Micro509Error } from '#micro509/result/result.ts';\nimport { type NameFieldKey, nameFieldKeyFromOid } from '#micro509/x509/name.ts';\nimport type {\n\tParsedCertificate,\n\tParsedName,\n\tParsedNameAttribute,\n\tParsedRelativeDistinguishedName,\n} from '#micro509/x509/parse.ts';\nimport { parseCertificateDer } from '#micro509/x509/parse.ts';\n\n/** PEM text (may contain multiple CERTIFICATE blocks) or raw DER bytes. */\nexport type Pkcs7CertificateSource = string | Uint8Array;\n\n/** DER, PEM, and base64 encodings of a PKCS#7 certificate bag. */\nexport interface Pkcs7CertBag {\n\t/** Raw DER-encoded PKCS#7 structure. */\n\treadonly der: Uint8Array;\n\t/** PEM-armored PKCS#7 (`-----BEGIN PKCS7-----`). */\n\treadonly pem: string;\n\t/** Base64-encoded DER (no PEM armor). */\n\treadonly base64: string;\n}\n\n/** A single SignerInfo decoded from a PKCS#7 SignedData structure. */\nexport interface ParsedPkcs7SignerInfo {\n\t/** CMS SignerInfo version (typically 1 for issuerAndSerialNumber). */\n\treadonly version: number;\n\t/** Parsed issuer distinguished name, if present (issuerAndSerialNumber signer identifier). */\n\treadonly issuer?: ParsedName;\n\t/** Hex-encoded serial number used to locate the signer certificate, if present. */\n\treadonly serialNumberHex?: string;\n\t/** Hex-encoded SubjectKeyIdentifier used to locate the signer certificate, if present. */\n\treadonly subjectKeyIdentifier?: string;\n\t/** OID of the digest algorithm used to hash the content. */\n\treadonly digestAlgorithmOid: string;\n\t/** Human-readable digest algorithm name (e.g. `\"SHA-256\"`). */\n\treadonly digestAlgorithmName: string;\n\t/** OID of the algorithm used to produce the signature. */\n\treadonly signatureAlgorithmOid: string;\n\t/** Human-readable signature algorithm name. */\n\treadonly signatureAlgorithmName: string;\n\t/** Raw DER of the signature AlgorithmIdentifier parameters, if present. */\n\treadonly signatureAlgorithmParametersDer?: Uint8Array;\n\t/** Hex-encoded raw signature bytes. */\n\treadonly signatureHex: string;\n\t/** Raw signature bytes. */\n\treadonly signature: Uint8Array;\n\t/** Whether this SignerInfo includes authenticated (signed) attributes. */\n\treadonly hasSignedAttrs: boolean;\n\t/** Raw DER of signedAttrs with original IMPLICIT [0] tag (0xa0). Present only when `hasSignedAttrs` is true. */\n\treadonly signedAttrsDer?: Uint8Array;\n}\n\n/** Decoded PKCS#7 SignedData content, including certificates and signer info. */\nexport interface ParsedPkcs7SignedData {\n\t/** Original DER bytes when this object came from {@linkcode parsePkcs7SignedDataDer} or PEM parsing. */\n\treadonly der?: Uint8Array;\n\t/** Outer ContentInfo type OID (always `pkcs7-signedData`). */\n\treadonly contentTypeOid: string;\n\t/** SignedData version number. */\n\treadonly version: number;\n\t/** OIDs of digest algorithms declared in `digestAlgorithms`. */\n\treadonly digestAlgorithmOids: readonly string[];\n\t/** Human-readable digest algorithm names declared in `digestAlgorithms`. */\n\treadonly digestAlgorithmNames: readonly string[];\n\t/** OID of the encapsulated content type (e.g. `pkcs7-data`). */\n\treadonly encapsulatedContentTypeOid: string;\n\t/** Raw encapsulated content bytes. Absent in degenerate (certs-only) bags. */\n\treadonly encapsulatedContent?: Uint8Array;\n\t/** Certificates included in the SignedData certificate set. */\n\treadonly certificates: readonly ParsedCertificate[];\n\t/** Decoded signer info entries. Empty for degenerate cert bags. */\n\treadonly signerInfos: readonly ParsedPkcs7SignerInfo[];\n}\n\n// ---------------------------------------------------------------------------\n// Result types for PKCS#7 parsing\n// ---------------------------------------------------------------------------\n\n/** Error codes for PKCS#7 parse failures. */\nexport type ParsePkcs7ErrorCode = 'malformed' | 'not_signed_data';\n\n/** Error payload for a failed PKCS#7 parse. */\nexport interface ParsePkcs7Failure extends Micro509Error<ParsePkcs7ErrorCode> {\n\t/** Always `false` for failures. */\n\treadonly ok: false;\n}\n\n/** Success-or-failure result from {@linkcode parsePkcs7SignedDataDer} / {@linkcode parsePkcs7SignedDataPem}. */\nexport type ParsePkcs7SignedDataResult =\n\t| {\n\t\t\t/** Parse succeeded. */\n\t\t\treadonly ok: true;\n\t\t\t/** Decoded SignedData. */\n\t\t\treadonly value: ParsedPkcs7SignedData;\n\t }\n\t| ErrorResult<ParsePkcs7ErrorCode, Record<never, never>, ParsePkcs7Failure>;\n\n/** Success-or-failure result from {@linkcode parsePkcs7CertBagDer} / {@linkcode parsePkcs7CertBagPem}. */\nexport type ParsePkcs7CertBagResult =\n\t| {\n\t\t\t/** Parse succeeded. */\n\t\t\treadonly ok: true;\n\t\t\t/** Parsed certificates from the cert bag. */\n\t\t\treadonly value: readonly ParsedCertificate[];\n\t }\n\t| ErrorResult<ParsePkcs7ErrorCode, Record<never, never>, ParsePkcs7Failure>;\n\n/** Error payload for a failed {@linkcode verifyPkcs7SignedData} call. */\nexport interface VerifyPkcs7SignedDataFailure\n\textends Micro509Error<\n\t\t| 'signer_not_found'\n\t\t| 'signature_invalid'\n\t\t| 'message_digest_mismatch'\n\t\t| 'content_missing'\n\t\t| ParsePkcs7ErrorCode\n\t> {\n\t/** Always `false` for failures. */\n\treadonly ok: false;\n}\n\n/** Success-or-failure result from {@linkcode verifyPkcs7SignedData}. */\nexport type VerifyPkcs7SignedDataResult =\n\t| {\n\t\t\t/** Verification succeeded. */\n\t\t\treadonly ok: true;\n\t\t\t/** The verified SignedData structure. */\n\t\t\treadonly value: ParsedPkcs7SignedData;\n\t }\n\t| ErrorResult<\n\t\t\t| 'signer_not_found'\n\t\t\t| 'signature_invalid'\n\t\t\t| 'message_digest_mismatch'\n\t\t\t| 'content_missing'\n\t\t\t| ParsePkcs7ErrorCode,\n\t\t\tRecord<never, never>,\n\t\t\tVerifyPkcs7SignedDataFailure\n\t >;\n\n// ---------------------------------------------------------------------------\n// createPkcs7CertBag\n// ---------------------------------------------------------------------------\n\n/**\n * Creates a degenerate PKCS#7 SignedData structure containing only certificates (no signers).\n *\n * Returns the raw DER encoding. Use {@linkcode createPkcs7CertBagPem} for PEM + base64.\n */\nexport function createPkcs7CertBagDer(certificates: readonly Pkcs7CertificateSource[]): Uint8Array {\n\tconst certificateDers = certificates.flatMap(normalizeCertificateSource);\n\tconst signedData = sequence([\n\t\tintegerFromNumber(1),\n\t\tsetOf([]),\n\t\tsequence([objectIdentifier(OIDS.pkcs7Data)]),\n\t\texplicitContext(0, concatBytes(certificateDers)),\n\t\tsetOf([]),\n\t]);\n\treturn sequence([objectIdentifier(OIDS.pkcs7SignedData), explicitContext(0, signedData)]);\n}\n\n/**\n * Creates a degenerate PKCS#7 SignedData certificate bag and returns DER, PEM, and base64 forms.\n */\nexport function createPkcs7CertBagPem(\n\tcertificates: readonly Pkcs7CertificateSource[],\n): Pkcs7CertBag {\n\tconst der = createPkcs7CertBagDer(certificates);\n\treturn {\n\t\tder,\n\t\tpem: pemEncode('PKCS7', der),\n\t\tbase64: base64Encode(der),\n\t};\n}\n\n// ---------------------------------------------------------------------------\n// createPkcs7SignedData\n// ---------------------------------------------------------------------------\n\n/** A single signer for {@linkcode createPkcs7SignedDataDer} / {@linkcode createPkcs7SignedDataPem}. */\nexport interface Pkcs7Signer {\n\t/**\n\t * Signer certificate (PEM text with one CERTIFICATE block, or raw DER).\n\t * Embedded in the SignedData certificate set and referenced by the\n\t * SignerInfo via issuerAndSerialNumber.\n\t */\n\treadonly certificate: Pkcs7CertificateSource;\n\t/** Private key matching the certificate's public key, used to sign. */\n\treadonly privateKey: CryptoKey;\n\t/**\n\t * Signature profile. Defaults to inferring the algorithm from the key\n\t * (e.g. ECDSA→ecdsa-with-SHA*, RSA→sha*WithRSAEncryption, Ed25519).\n\t * Pass `{ kind: 'rsa-pss' }` to force RSA-PSS padding for an RSA-PSS key.\n\t */\n\treadonly signature?: SignatureProfileInput;\n}\n\n/** Input for {@linkcode createPkcs7SignedDataDer} / {@linkcode createPkcs7SignedDataPem}. */\nexport interface CreatePkcs7SignedDataInput {\n\t/** Content to encapsulate and sign (the eContent). */\n\treadonly content: Uint8Array;\n\t/** One or more signers. Each produces a SignerInfo with signed attributes. */\n\treadonly signers: readonly Pkcs7Signer[];\n\t/**\n\t * Additional certificates to embed (e.g. intermediates). Signer\n\t * certificates are always embedded; duplicate DER is removed.\n\t */\n\treadonly additionalCertificates?: readonly Pkcs7CertificateSource[];\n\t/**\n\t * Encapsulated content type OID.\n\t * @default `'1.2.840.113549.1.7.1'` (pkcs7-data)\n\t */\n\treadonly encapsulatedContentTypeOid?: string;\n}\n\n/** DER, PEM, and base64 encodings of a PKCS#7 SignedData structure. */\nexport interface Pkcs7SignedDataMaterial {\n\t/** Raw DER-encoded PKCS#7 SignedData. */\n\treadonly der: Uint8Array;\n\t/** PEM-armored PKCS#7 (`-----BEGIN PKCS7-----`). */\n\treadonly pem: string;\n\t/** Base64-encoded DER (no PEM armor). */\n\treadonly base64: string;\n}\n\n/** Caller-correctable failure codes from {@linkcode createPkcs7SignedDataDer} / {@linkcode createPkcs7SignedDataPem}. */\nexport type CreatePkcs7SignedDataErrorCode =\n\t| 'no_signers'\n\t| 'invalid_signer_certificate'\n\t| 'unsupported_signer_key';\n\n/** Error payload for a failed PKCS#7 SignedData creation. */\nexport interface CreatePkcs7SignedDataFailure\n\textends Micro509Error<CreatePkcs7SignedDataErrorCode> {\n\t/** Always `false` for failures. */\n\treadonly ok: false;\n}\n\n/** Success-or-failure result from {@linkcode createPkcs7SignedDataDer}. */\nexport type CreatePkcs7SignedDataDerResult =\n\t| {\n\t\t\t/** Creation succeeded. */\n\t\t\treadonly ok: true;\n\t\t\t/** Raw DER-encoded SignedData. */\n\t\t\treadonly value: Uint8Array;\n\t }\n\t| ErrorResult<CreatePkcs7SignedDataErrorCode, Record<never, never>, CreatePkcs7SignedDataFailure>;\n\n/** Success-or-failure result from {@linkcode createPkcs7SignedDataPem}. */\nexport type CreatePkcs7SignedDataResult =\n\t| {\n\t\t\t/** Creation succeeded. */\n\t\t\treadonly ok: true;\n\t\t\t/** DER, PEM, and base64 forms of the SignedData. */\n\t\t\treadonly value: Pkcs7SignedDataMaterial;\n\t }\n\t| ErrorResult<CreatePkcs7SignedDataErrorCode, Record<never, never>, CreatePkcs7SignedDataFailure>;\n\n/**\n * Creates a PKCS#7/CMS SignedData with one or more signers over `content`.\n *\n * Each signer uses the RFC 5652 Section 5.4 signed-attributes flow: the\n * signature covers a `SET OF` authenticated attributes carrying `contentType`\n * and `messageDigest` (the digest of the encapsulated content). The content is\n * embedded (attached signature), so the result verifies with\n * {@linkcode verifyPkcs7SignedData} without any external data.\n *\n * The content digest is derived from each signer's key (P-256/RSA-SHA256 →\n * SHA-256, P-384 → SHA-384, P-521 → SHA-512, Ed25519 → SHA-512 per RFC 8419).\n *\n * Returns a {@linkcode CreatePkcs7SignedDataDerResult}: the raw DER on success,\n * or a typed failure for caller-correctable input (no signers, a signer source\n * that is not exactly one certificate, or an unsupported signer key). Use\n * {@linkcode createPkcs7SignedDataPem} for PEM + base64.\n */\nexport async function createPkcs7SignedDataDer(\n\tinput: CreatePkcs7SignedDataInput,\n): Promise<CreatePkcs7SignedDataDerResult> {\n\tif (input.signers.length === 0) {\n\t\treturn createPkcs7Failure('no_signers', 'createPkcs7SignedData requires at least one signer');\n\t}\n\tconst encapsulatedContentTypeOid = input.encapsulatedContentTypeOid ?? OIDS.pkcs7Data;\n\n\t// Snapshot the caller-owned content into a private copy before any await.\n\t// Every signer's messageDigest and the emitted eContent must derive from the\n\t// same bytes; reading input.content across awaits could otherwise observe a\n\t// caller mutation and yield a SignedData whose digest disagrees with its own\n\t// encapsulated content.\n\tconst content = input.content.slice();\n\n\tconst certificateDers: Uint8Array[] = [];\n\tconst seenCertificates = new Set<string>();\n\tconst addCertificate = (der: Uint8Array): void => {\n\t\tconst hex = toHex(der);\n\t\tif (!seenCertificates.has(hex)) {\n\t\t\tseenCertificates.add(hex);\n\t\t\tcertificateDers.push(der);\n\t\t}\n\t};\n\n\tconst digestAlgorithmOids = new Set<string>();\n\tconst signerInfos: Uint8Array[] = [];\n\tfor (const signer of input.signers) {\n\t\tconst signerCertDers = normalizeCertificateSource(signer.certificate);\n\t\tconst signerCertDer = signerCertDers[0];\n\t\tif (signerCertDer === undefined || signerCertDers.length !== 1) {\n\t\t\treturn createPkcs7Failure(\n\t\t\t\t'invalid_signer_certificate',\n\t\t\t\t'Each PKCS#7 signer must provide exactly one certificate',\n\t\t\t);\n\t\t}\n\t\taddCertificate(signerCertDer);\n\t\t// parseCertificateDer throws on malformed DER — a caller-correctable input,\n\t\t// so convert it to the typed invalid_signer_certificate failure rather than\n\t\t// rejecting the public Promise.\n\t\tlet certificate: ParsedCertificate;\n\t\ttry {\n\t\t\tcertificate = parseCertificateDer(signerCertDer);\n\t\t} catch {\n\t\t\treturn createPkcs7Failure(\n\t\t\t\t'invalid_signer_certificate',\n\t\t\t\t'Each PKCS#7 signer certificate must be a parseable X.509 certificate',\n\t\t\t);\n\t\t}\n\t\t// getSignatureAlgorithm throws only for unsupported/misconfigured keys —\n\t\t// all caller-correctable, so map to a typed failure rather than propagate.\n\t\tlet signatureAlgorithm: SignatureAlgorithmIdentifier;\n\t\ttry {\n\t\t\tsignatureAlgorithm = getSignatureAlgorithm(signer.privateKey, signer.signature);\n\t\t} catch {\n\t\t\treturn createPkcs7Failure(\n\t\t\t\t'unsupported_signer_key',\n\t\t\t\t'Unsupported signer key or signature profile',\n\t\t\t);\n\t\t}\n\t\tconst digest = contentDigestForPrivateKey(signer.privateKey);\n\t\tif (digest === undefined) {\n\t\t\treturn createPkcs7Failure(\n\t\t\t\t'unsupported_signer_key',\n\t\t\t\t'Unsupported signer key algorithm for content digest',\n\t\t\t);\n\t\t}\n\t\tdigestAlgorithmOids.add(digest.digestOid);\n\t\tconst messageDigest = new Uint8Array(\n\t\t\tawait getCrypto().subtle.digest(digest.hashName, toArrayBuffer(content)),\n\t\t);\n\t\tconst { setForSigning, implicitForEmit } = buildSignedAttributes(\n\t\t\tencapsulatedContentTypeOid,\n\t\t\tmessageDigest,\n\t\t);\n\t\tconst signature = await signBytes(signer.privateKey, signatureAlgorithm, setForSigning);\n\t\tsignerInfos.push(\n\t\t\tsequence([\n\t\t\t\tintegerFromNumber(1),\n\t\t\t\tsequence([\n\t\t\t\t\thexToBytes(certificate.issuer.derHex),\n\t\t\t\t\tinteger(hexToBytes(certificate.serialNumberHex)),\n\t\t\t\t]),\n\t\t\t\tsequence([objectIdentifier(digest.digestOid), nullValue()]),\n\t\t\t\timplicitForEmit,\n\t\t\t\tencodeAlgorithmIdentifier(signatureAlgorithm),\n\t\t\t\toctetString(signature),\n\t\t\t]),\n\t\t);\n\t}\n\n\tfor (const source of input.additionalCertificates ?? []) {\n\t\tfor (const der of normalizeCertificateSource(source)) {\n\t\t\taddCertificate(der);\n\t\t}\n\t}\n\n\t// SignedData version: 1 for id-data content, otherwise 3 (RFC 5652 Section 5.1).\n\tconst signedDataVersion = encapsulatedContentTypeOid === OIDS.pkcs7Data ? 1 : 3;\n\t// certificates [0] IMPLICIT CertificateSet — a DER SET OF must be canonically\n\t// ordered, so sort via setOf, then retag 0x31 -> 0xa0 for the IMPLICIT [0].\n\tconst certificateSet = new Uint8Array(setOf(certificateDers));\n\tcertificateSet[0] = 0xa0;\n\tconst signedData = sequence([\n\t\tintegerFromNumber(signedDataVersion),\n\t\tsetOf([...digestAlgorithmOids].map((oid) => sequence([objectIdentifier(oid), nullValue()]))),\n\t\tsequence([\n\t\t\tobjectIdentifier(encapsulatedContentTypeOid),\n\t\t\texplicitContext(0, octetString(content)),\n\t\t]),\n\t\tcertificateSet,\n\t\tsetOf(signerInfos),\n\t]);\n\treturn {\n\t\tok: true,\n\t\tvalue: sequence([objectIdentifier(OIDS.pkcs7SignedData), explicitContext(0, signedData)]),\n\t};\n}\n\n/**\n * Creates a PKCS#7/CMS SignedData over `content` and returns DER, PEM, and\n * base64 forms, or a typed {@linkcode CreatePkcs7SignedDataFailure} for\n * caller-correctable input.\n */\nexport async function createPkcs7SignedDataPem(\n\tinput: CreatePkcs7SignedDataInput,\n): Promise<CreatePkcs7SignedDataResult> {\n\tconst der = await createPkcs7SignedDataDer(input);\n\tif (!der.ok) {\n\t\treturn der;\n\t}\n\treturn {\n\t\tok: true,\n\t\tvalue: { der: der.value, pem: pemEncode('PKCS7', der.value), base64: base64Encode(der.value) },\n\t};\n}\n\n// ---------------------------------------------------------------------------\n// parsePkcs7CertBag — Result-returning\n// ---------------------------------------------------------------------------\n\n/** Parses a DER-encoded PKCS#7 cert bag, returning the contained certificates. */\nexport function parsePkcs7CertBagDer(der: Uint8Array): ParsePkcs7CertBagResult {\n\tconst result = parsePkcs7SignedDataDer(der);\n\tif (!result.ok) {\n\t\treturn result;\n\t}\n\treturn { ok: true, value: result.value.certificates };\n}\n\n/** Parses a PEM-armored PKCS#7 cert bag. Expects exactly one `PKCS7` PEM block. */\nexport function parsePkcs7CertBagPem(pem: string): ParsePkcs7CertBagResult {\n\ttry {\n\t\tconst blocks = splitPemBlocks(pem).filter((block) => block.label === 'PKCS7');\n\t\tif (blocks.length !== 1) {\n\t\t\treturn pkcs7Failure('malformed', 'Expected exactly one PKCS7 PEM block');\n\t\t}\n\t\tconst block = blocks[0];\n\t\tif (block === undefined) {\n\t\t\treturn pkcs7Failure('malformed', 'Missing PKCS7 block');\n\t\t}\n\t\treturn parsePkcs7CertBagDer(block.bytes);\n\t} catch {\n\t\treturn pkcs7Failure('malformed', 'Expected exactly one PKCS7 PEM block');\n\t}\n}\n\n// ---------------------------------------------------------------------------\n// parsePkcs7SignedData — Result-returning\n// ---------------------------------------------------------------------------\n\n/** Decodes a DER-encoded PKCS#7 ContentInfo expecting `signedData` content type. */\nexport function parsePkcs7SignedDataDer(der: Uint8Array): ParsePkcs7SignedDataResult {\n\ttry {\n\t\tconst contentInfo = readSequenceChildren(der, { maxDepth: DEFAULT_MAX_DER_DEPTH });\n\t\tconst contentType = contentInfo[0];\n\t\tconst content = contentInfo[1];\n\t\tif (\n\t\t\tcontentType === undefined ||\n\t\t\tcontent === undefined ||\n\t\t\tcontentInfo.length !== 2 ||\n\t\t\tcontentType.tag !== 0x06 ||\n\t\t\tcontent.tag !== 0xa0\n\t\t) {\n\t\t\treturn pkcs7Failure('malformed', 'Malformed PKCS#7 content info');\n\t\t}\n\t\tif (childrenOf(der, content).length !== 1) {\n\t\t\treturn pkcs7Failure('malformed', 'Malformed PKCS#7 content info');\n\t\t}\n\t\tconst contentTypeOid = decodeObjectIdentifier(contentType.value);\n\t\tif (contentTypeOid !== OIDS.pkcs7SignedData) {\n\t\t\treturn pkcs7Failure('not_signed_data', 'PKCS#7 content is not signedData');\n\t\t}\n\t\tconst signedData = childAt(der, content, 0, 'signedData');\n\t\tconst signedDataChildren = childrenOf(der, signedData);\n\t\tconst version = signedDataChildren[0];\n\t\tconst digestAlgorithms = signedDataChildren[1];\n\t\tconst encapContentInfo = signedDataChildren[2];\n\t\tconst trailingChildren = signedDataChildren.slice(3);\n\t\tconst signerInfos = trailingChildren[trailingChildren.length - 1];\n\t\tlet certificates: ReturnType<typeof readElement> | undefined;\n\t\tlet crls: ReturnType<typeof readElement> | undefined;\n\t\tfor (const child of trailingChildren.slice(0, -1)) {\n\t\t\tif (child?.tag === 0xa0) {\n\t\t\t\tif (crls !== undefined) {\n\t\t\t\t\treturn pkcs7Failure('malformed', 'SignedData certificates field must precede CRLs field');\n\t\t\t\t}\n\t\t\t\tif (certificates !== undefined) {\n\t\t\t\t\treturn pkcs7Failure('malformed', 'SignedData certificates field must not repeat');\n\t\t\t\t}\n\t\t\t\tcertificates = child;\n\t\t\t\tcontinue;\n\t\t\t}\n\t\t\tif (child?.tag === 0xa1) {\n\t\t\t\tif (crls !== undefined) {\n\t\t\t\t\treturn pkcs7Failure('malformed', 'SignedData CRLs field must not repeat');\n\t\t\t\t}\n\t\t\t\tcrls = child;\n\t\t\t\tcontinue;\n\t\t\t}\n\t\t\treturn pkcs7Failure('malformed', 'Malformed SignedData optional field');\n\t\t}\n\t\tif (\n\t\t\tversion === undefined ||\n\t\t\tdigestAlgorithms === undefined ||\n\t\t\tencapContentInfo === undefined ||\n\t\t\tsignerInfos === undefined ||\n\t\t\tsignerInfos.tag !== 0x31\n\t\t) {\n\t\t\treturn pkcs7Failure('malformed', 'Malformed SignedData');\n\t\t}\n\t\tconst encapDer = der.slice(\n\t\t\tencapContentInfo.start - encapContentInfo.headerLength,\n\t\t\tencapContentInfo.end,\n\t\t);\n\t\tconst encapChildren = readSequenceChildren(encapDer);\n\t\tconst encapType = encapChildren[0];\n\t\tconst encapContent = encapChildren[1];\n\t\tconst digestAlgorithmOids = parseDigestAlgorithms(der, digestAlgorithms);\n\t\tif (encapType === undefined) {\n\t\t\treturn pkcs7Failure('malformed', 'Malformed EncapsulatedContentInfo');\n\t\t}\n\t\treturn {\n\t\t\tok: true,\n\t\t\tvalue: {\n\t\t\t\tder: new Uint8Array(der),\n\t\t\t\tcontentTypeOid,\n\t\t\t\tversion: decodeIntegerNumber(version.value),\n\t\t\t\tdigestAlgorithmOids,\n\t\t\t\tdigestAlgorithmNames: digestAlgorithmOids.map((oid) => describeHashAlgorithm(oid)),\n\t\t\t\tencapsulatedContentTypeOid: decodeObjectIdentifier(encapType.value),\n\t\t\t\t...(encapContent === undefined\n\t\t\t\t\t? {}\n\t\t\t\t\t: {\n\t\t\t\t\t\t\tencapsulatedContent: extractEncapsulatedContent(encapDer, encapContent),\n\t\t\t\t\t\t}),\n\t\t\t\tcertificates: parseCertificateSet(der, certificates),\n\t\t\t\tsignerInfos: parseSignerInfos(der, signerInfos),\n\t\t\t},\n\t\t};\n\t} catch {\n\t\treturn pkcs7Failure('malformed', 'Malformed PKCS#7 structure');\n\t}\n}\n\n/** Decodes a PEM-armored PKCS#7 SignedData. Expects exactly one `PKCS7` PEM block. */\nexport function parsePkcs7SignedDataPem(pem: string): ParsePkcs7SignedDataResult {\n\ttry {\n\t\tconst blocks = splitPemBlocks(pem).filter((block) => block.label === 'PKCS7');\n\t\tconst block = blocks[0];\n\t\tif (block === undefined || blocks.length !== 1) {\n\t\t\treturn pkcs7Failure('malformed', 'Expected exactly one PKCS7 PEM block');\n\t\t}\n\t\treturn parsePkcs7SignedDataDer(block.bytes);\n\t} catch {\n\t\treturn pkcs7Failure('malformed', 'Expected exactly one PKCS7 PEM block');\n\t}\n}\n\n// ---------------------------------------------------------------------------\n// verifyPkcs7SignedData\n// ---------------------------------------------------------------------------\n\n/**\n * Verifies all signer signatures in a PKCS#7 SignedData structure.\n *\n * Accepts PEM text, raw DER, or an already-parsed {@linkcode ParsedPkcs7SignedData}.\n * For each signer, locates the matching certificate in the embedded set and\n * verifies the signature (including signed-attribute digest checks per RFC 5652 Section 5.4).\n *\n * @example\n * ```ts\n * import { verifyPkcs7SignedData } from 'micro509';\n *\n * const result = await verifyPkcs7SignedData(pkcs7Pem);\n * if (result.ok) {\n * console.log('all signers verified');\n * }\n * ```\n */\nexport async function verifyPkcs7SignedData(\n\tinput: string | Uint8Array | ParsedPkcs7SignedData,\n): Promise<VerifyPkcs7SignedDataResult> {\n\tlet parsed: ParsedPkcs7SignedData;\n\tif (typeof input === 'string') {\n\t\tconst result = parsePkcs7SignedDataPem(input);\n\t\tif (!result.ok) {\n\t\t\treturn result;\n\t\t}\n\t\tparsed = result.value;\n\t} else if (input instanceof Uint8Array) {\n\t\tconst result = parsePkcs7SignedDataDer(input);\n\t\tif (!result.ok) {\n\t\t\treturn result;\n\t\t}\n\t\tparsed = result.value;\n\t} else {\n\t\tif (!hasReparseablePkcs7SignedData(input)) {\n\t\t\treturn verifyPkcs7Failure('malformed', 'SignedData parsed input is malformed');\n\t\t}\n\t\tconst result = parsePkcs7SignedDataDer(new Uint8Array(input.der));\n\t\tif (!result.ok) {\n\t\t\treturn result;\n\t\t}\n\t\tparsed = result.value;\n\t}\n\tif (parsed.encapsulatedContent === undefined) {\n\t\treturn verifyPkcs7Failure('content_missing', 'SignedData encapsulated content is missing');\n\t}\n\tfor (const signerInfo of parsed.signerInfos) {\n\t\tconst signer = parsed.certificates.find((certificate) =>\n\t\t\tsignerIdentifierMatches(certificate, signerInfo),\n\t\t);\n\t\tif (signer === undefined) {\n\t\t\treturn verifyPkcs7Failure(\n\t\t\t\t'signer_not_found',\n\t\t\t\t'Signer certificate not found in SignedData certificates',\n\t\t\t);\n\t\t}\n\t\tif (signerInfo.hasSignedAttrs) {\n\t\t\tconst attrsResult = await verifySignedAttrs(\n\t\t\t\tsignerInfo,\n\t\t\t\tsigner,\n\t\t\t\tparsed.encapsulatedContent,\n\t\t\t\tparsed.encapsulatedContentTypeOid,\n\t\t\t);\n\t\t\tif (!attrsResult.ok) {\n\t\t\t\treturn attrsResult;\n\t\t\t}\n\t\t\tcontinue;\n\t\t}\n\t\tlet verified: boolean;\n\t\ttry {\n\t\t\tconst verificationResult = await verifySignedDataDetailed(\n\t\t\t\tsignerInfo.signatureAlgorithmOid,\n\t\t\t\tsignerInfo.signatureAlgorithmParametersDer,\n\t\t\t\tsigner.publicKeyAlgorithmOid,\n\t\t\t\tsigner.publicKeyParametersOid,\n\t\t\t\tsigner.subjectPublicKeyInfoDer,\n\t\t\t\tsignerInfo.signature,\n\t\t\t\tparsed.encapsulatedContent,\n\t\t\t);\n\t\t\tif (!verificationResult.ok) {\n\t\t\t\tif (verificationResult.code === 'verification_error') {\n\t\t\t\t\treturn verifyPkcs7Failure('malformed', 'SignedData signature verification failed');\n\t\t\t\t}\n\t\t\t\treturn verifyPkcs7Failure('malformed', 'Unsupported signature algorithm in SignedData');\n\t\t\t}\n\t\t\tverified = verificationResult.valid;\n\t\t} catch {\n\t\t\treturn verifyPkcs7Failure('malformed', 'Unsupported signature algorithm in SignedData');\n\t\t}\n\t\tif (!verified) {\n\t\t\treturn verifyPkcs7Failure('signature_invalid', 'SignedData signature does not verify');\n\t\t}\n\t}\n\treturn { ok: true, value: parsed };\n}\n\n// ---------------------------------------------------------------------------\n// Private helpers\n// ---------------------------------------------------------------------------\n\n/** Shorthand for constructing a PKCS#7 parse failure result. */\nfunction pkcs7Failure(\n\tcode: ParsePkcs7ErrorCode,\n\tmessage: string,\n): ErrorResult<ParsePkcs7ErrorCode, Record<never, never>, ParsePkcs7Failure> {\n\tconst error: ParsePkcs7Failure = { ok: false, code, message };\n\treturn { ok: false, error, code, message };\n}\n\n/** Shorthand for constructing a PKCS#7 verification failure result. */\nfunction verifyPkcs7Failure(\n\tcode:\n\t\t| 'signer_not_found'\n\t\t| 'signature_invalid'\n\t\t| 'message_digest_mismatch'\n\t\t| 'content_missing'\n\t\t| ParsePkcs7ErrorCode,\n\tmessage: string,\n): ErrorResult<\n\t| 'signer_not_found'\n\t| 'signature_invalid'\n\t| 'message_digest_mismatch'\n\t| 'content_missing'\n\t| ParsePkcs7ErrorCode,\n\tRecord<never, never>,\n\tVerifyPkcs7SignedDataFailure\n> {\n\tconst error: VerifyPkcs7SignedDataFailure = { ok: false, code, message };\n\treturn { ok: false, error, code, message };\n}\n\n/** Shorthand for constructing a PKCS#7 SignedData creation failure result. */\nfunction createPkcs7Failure(\n\tcode: CreatePkcs7SignedDataErrorCode,\n\tmessage: string,\n): ErrorResult<CreatePkcs7SignedDataErrorCode, Record<never, never>, CreatePkcs7SignedDataFailure> {\n\tconst error: CreatePkcs7SignedDataFailure = { ok: false, code, message };\n\treturn { ok: false, error, code, message };\n}\n\n/** Converts PEM text to an array of DER certificate blobs, or wraps raw DER. */\nfunction normalizeCertificateSource(source: Pkcs7CertificateSource): readonly Uint8Array[] {\n\tif (typeof source === 'string') {\n\t\treturn splitPemBlocks(source)\n\t\t\t.filter((block) => block.label === 'CERTIFICATE')\n\t\t\t.map((block) => new Uint8Array(block.bytes));\n\t}\n\treturn [new Uint8Array(source)];\n}\n\n/** Type guard: key algorithm carries an RSA `hash`. */\nfunction signerHasHash(algorithm: KeyAlgorithm): algorithm is RsaHashedKeyAlgorithm {\n\treturn 'hash' in algorithm;\n}\n\n/** Type guard: key algorithm carries an EC `namedCurve`. */\nfunction signerHasNamedCurve(algorithm: KeyAlgorithm): algorithm is EcKeyAlgorithm {\n\treturn 'namedCurve' in algorithm;\n}\n\n/**\n * Resolves the content-digest hash and its OID for a signer key.\n *\n * Pairs each key with the digest used by its signature algorithm (RFC 5754):\n * P-256/RSA-SHA256 → SHA-256, P-384 → SHA-384, P-521 → SHA-512. Ed25519 uses\n * SHA-512 for the messageDigest attribute, per RFC 8419.\n */\nfunction contentDigestForPrivateKey(\n\tprivateKey: CryptoKey,\n):\n\t| { readonly hashName: 'SHA-256' | 'SHA-384' | 'SHA-512'; readonly digestOid: string }\n\t| undefined {\n\tconst algorithm = privateKey.algorithm;\n\tif (algorithm.name === 'ECDSA') {\n\t\tif (!signerHasNamedCurve(algorithm)) {\n\t\t\treturn undefined;\n\t\t}\n\t\tswitch (algorithm.namedCurve) {\n\t\t\tcase 'P-256':\n\t\t\t\treturn { hashName: 'SHA-256', digestOid: OIDS.sha256 };\n\t\t\tcase 'P-384':\n\t\t\t\treturn { hashName: 'SHA-384', digestOid: OIDS.sha384 };\n\t\t\tcase 'P-521':\n\t\t\t\treturn { hashName: 'SHA-512', digestOid: OIDS.sha512 };\n\t\t\tdefault:\n\t\t\t\treturn undefined;\n\t\t}\n\t}\n\tif (algorithm.name === 'RSASSA-PKCS1-v1_5' || algorithm.name === 'RSA-PSS') {\n\t\tif (!signerHasHash(algorithm)) {\n\t\t\treturn undefined;\n\t\t}\n\t\tswitch (algorithm.hash.name) {\n\t\t\tcase 'SHA-256':\n\t\t\t\treturn { hashName: 'SHA-256', digestOid: OIDS.sha256 };\n\t\t\tcase 'SHA-384':\n\t\t\t\treturn { hashName: 'SHA-384', digestOid: OIDS.sha384 };\n\t\t\tcase 'SHA-512':\n\t\t\t\treturn { hashName: 'SHA-512', digestOid: OIDS.sha512 };\n\t\t\tdefault:\n\t\t\t\treturn undefined;\n\t\t}\n\t}\n\tif (algorithm.name === 'Ed25519') {\n\t\treturn { hashName: 'SHA-512', digestOid: OIDS.sha512 };\n\t}\n\treturn undefined;\n}\n\n/**\n * Builds CMS signed attributes (contentType + messageDigest) in two forms:\n * `setForSigning` (SET OF, tag 0x31) is what the signature covers per RFC 5652\n * Section 5.4; `implicitForEmit` (IMPLICIT [0], tag 0xa0) is what goes in the\n * SignerInfo. The two differ only in the leading tag byte.\n */\nfunction buildSignedAttributes(\n\tcontentTypeOid: string,\n\tmessageDigest: Uint8Array,\n): { readonly setForSigning: Uint8Array; readonly implicitForEmit: Uint8Array } {\n\tconst setForSigning = setOf([\n\t\tsequence([objectIdentifier(OIDS.cmsContentType), setOf([objectIdentifier(contentTypeOid)])]),\n\t\tsequence([objectIdentifier(OIDS.cmsMessageDigest), setOf([octetString(messageDigest)])]),\n\t]);\n\tconst implicitForEmit = new Uint8Array(setForSigning);\n\timplicitForEmit[0] = 0xa0;\n\treturn { setForSigning, implicitForEmit };\n}\n\n/** Parses the IMPLICIT [0] certificate set from a SignedData structure. */\nfunction parseCertificateSet(\n\tsource: Uint8Array,\n\tcertificates: ReturnType<typeof readElement> | undefined,\n): readonly ParsedCertificate[] {\n\tif (certificates === undefined || certificates.tag !== 0xa0) {\n\t\treturn [];\n\t}\n\tconst parsed: ParsedCertificate[] = [];\n\tlet offset = certificates.start;\n\twhile (offset < certificates.end) {\n\t\tconst element = readElement(source, offset);\n\t\tparsed.push(parseCertificateDer(source.slice(offset, element.end)));\n\t\toffset = element.end;\n\t}\n\treturn parsed;\n}\n\n/** Extracts the list of digest algorithm OIDs from the digestAlgorithms SET. */\nfunction parseDigestAlgorithms(\n\tsource: Uint8Array,\n\telement: ReturnType<typeof readElement>,\n): readonly string[] {\n\tconst digests: string[] = [];\n\tif (element.tag !== 0x31) {\n\t\tthrow new Error('digestAlgorithms must use SET');\n\t}\n\tfor (const child of childrenOf(source, element)) {\n\t\tif (child.tag !== 0x30) {\n\t\t\tthrow new Error('digestAlgorithm must use AlgorithmIdentifier SEQUENCE');\n\t\t}\n\t\tconst childDer = source.slice(child.start - child.headerLength, child.end);\n\t\tconst parts = readSequenceChildren(childDer);\n\t\tconst oid = parts[0];\n\t\tif (oid === undefined || parts.length < 1 || parts.length > 2 || oid.tag !== 0x06) {\n\t\t\tthrow new Error('Malformed digest AlgorithmIdentifier');\n\t\t}\n\t\tdigests.push(decodeObjectIdentifier(oid.value));\n\t}\n\treturn digests;\n}\n\n/** Decodes the signerInfos SET OF from a SignedData structure. */\nfunction parseSignerInfos(\n\tsource: Uint8Array,\n\telement: ReturnType<typeof readElement>,\n): readonly ParsedPkcs7SignerInfo[] {\n\tconst signers: ParsedPkcs7SignerInfo[] = [];\n\tfor (const signerInfo of childrenOf(source, element)) {\n\t\tconst signerDer = source.slice(signerInfo.start - signerInfo.headerLength, signerInfo.end);\n\t\tconst parts = readSequenceChildren(signerDer);\n\t\tconst version = parts[0];\n\t\tconst sid = parts[1];\n\t\tconst digestAlgorithm = parts[2];\n\t\tlet index = 3;\n\t\tconst signedAttrsElement = parts[index]?.tag === 0xa0 ? parts[index] : undefined;\n\t\tconst hasSignedAttrs = signedAttrsElement !== undefined;\n\t\tif (hasSignedAttrs) {\n\t\t\tindex += 1;\n\t\t}\n\t\tconst signatureAlgorithm = parts[index];\n\t\tconst signature = parts[index + 1];\n\t\tconst unauthenticatedAttributes = parts[index + 2];\n\t\tif (\n\t\t\tversion === undefined ||\n\t\t\tsid === undefined ||\n\t\t\tdigestAlgorithm === undefined ||\n\t\t\tsignatureAlgorithm === undefined ||\n\t\t\tsignature === undefined ||\n\t\t\tsignature.tag !== 0x04 ||\n\t\t\tparts.length > index + 3 ||\n\t\t\t(unauthenticatedAttributes !== undefined && unauthenticatedAttributes.tag !== 0xa1)\n\t\t) {\n\t\t\tthrow new Error('Malformed SignerInfo');\n\t\t}\n\t\tconst digestAlgorithmDer = signerDer.slice(\n\t\t\tdigestAlgorithm.start - digestAlgorithm.headerLength,\n\t\t\tdigestAlgorithm.end,\n\t\t);\n\t\tconst digestAlgorithmOid = decodeObjectIdentifier(\n\t\t\trequireElement(readSequenceChildren(digestAlgorithmDer)[0], 'digest algorithm OID').value,\n\t\t);\n\t\tconst signatureAlgorithmDer = signerDer.slice(\n\t\t\tsignatureAlgorithm.start - signatureAlgorithm.headerLength,\n\t\t\tsignatureAlgorithm.end,\n\t\t);\n\t\tconst signatureAlgorithmChildren = readSequenceChildren(signatureAlgorithmDer);\n\t\tconst signatureAlgorithmOid = decodeObjectIdentifier(\n\t\t\trequireElement(signatureAlgorithmChildren[0], 'signature algorithm OID').value,\n\t\t);\n\t\tconst signatureAlgorithmParams = signatureAlgorithmChildren[1];\n\t\tconst parsedSid = parseSignerIdentifier(signerDer.slice(sid.start - sid.headerLength, sid.end));\n\t\tsigners.push({\n\t\t\tversion: decodeIntegerNumber(version.value),\n\t\t\t...(parsedSid.issuer === undefined ? {} : { issuer: parsedSid.issuer }),\n\t\t\t...(parsedSid.serialNumberHex === undefined\n\t\t\t\t? {}\n\t\t\t\t: { serialNumberHex: parsedSid.serialNumberHex }),\n\t\t\t...(parsedSid.subjectKeyIdentifier === undefined\n\t\t\t\t? {}\n\t\t\t\t: { subjectKeyIdentifier: parsedSid.subjectKeyIdentifier }),\n\t\t\tdigestAlgorithmOid,\n\t\t\tdigestAlgorithmName: describeHashAlgorithm(digestAlgorithmOid),\n\t\t\tsignatureAlgorithmOid,\n\t\t\tsignatureAlgorithmName: describeSignatureAlgorithm(\n\t\t\t\tsignatureAlgorithmOid,\n\t\t\t\tsignatureAlgorithmParams === undefined\n\t\t\t\t\t? undefined\n\t\t\t\t\t: new Uint8Array(\n\t\t\t\t\t\t\tsignatureAlgorithmDer.slice(\n\t\t\t\t\t\t\t\tsignatureAlgorithmParams.start - signatureAlgorithmParams.headerLength,\n\t\t\t\t\t\t\t\tsignatureAlgorithmParams.end,\n\t\t\t\t\t\t\t),\n\t\t\t\t\t\t),\n\t\t\t),\n\t\t\t...(signatureAlgorithmParams === undefined\n\t\t\t\t? {}\n\t\t\t\t: {\n\t\t\t\t\t\tsignatureAlgorithmParametersDer: new Uint8Array(\n\t\t\t\t\t\t\tsignatureAlgorithmDer.slice(\n\t\t\t\t\t\t\t\tsignatureAlgorithmParams.start - signatureAlgorithmParams.headerLength,\n\t\t\t\t\t\t\t\tsignatureAlgorithmParams.end,\n\t\t\t\t\t\t\t),\n\t\t\t\t\t\t),\n\t\t\t\t\t}),\n\t\t\tsignatureHex: toHex(signature.value),\n\t\t\tsignature: new Uint8Array(signature.value),\n\t\t\thasSignedAttrs,\n\t\t\t...(signedAttrsElement === undefined\n\t\t\t\t? {}\n\t\t\t\t: {\n\t\t\t\t\t\tsignedAttrsDer: new Uint8Array(\n\t\t\t\t\t\t\tsignerDer.slice(\n\t\t\t\t\t\t\t\tsignedAttrsElement.start - signedAttrsElement.headerLength,\n\t\t\t\t\t\t\t\tsignedAttrsElement.end,\n\t\t\t\t\t\t\t),\n\t\t\t\t\t\t),\n\t\t\t\t\t}),\n\t\t});\n\t}\n\treturn signers;\n}\n\n/** Unwraps the OCTET STRING inside the IMPLICIT [0] encapsulated content. */\nfunction extractEncapsulatedContent(\n\tencapDer: Uint8Array,\n\telement: ReturnType<typeof readElement>,\n): Uint8Array {\n\tif (element.tag !== 0xa0) {\n\t\tthrow new Error('Unexpected encapsulated content tag');\n\t}\n\tconst inner = readElement(encapDer, element.start);\n\tif (inner.tag !== 0x04) {\n\t\tthrow new Error('Expected encapsulated OCTET STRING');\n\t}\n\treturn inner.value;\n}\n\n/** Extracts issuer Name and serial number from an issuerAndSerialNumber SEQUENCE, or subjectKeyIdentifier from [0] IMPLICIT. */\nfunction parseSignerIdentifier(der: Uint8Array): {\n\treadonly issuer?: ParsedName;\n\treadonly serialNumberHex?: string;\n\treadonly subjectKeyIdentifier?: string;\n} {\n\tconst element = readRootElement(der, { maxDepth: DEFAULT_MAX_DER_DEPTH });\n\t// [0] IMPLICIT SubjectKeyIdentifier\n\tif (element.tag === 0x80) {\n\t\tif (element.value.length === 0) {\n\t\t\tthrow new Error('SignerIdentifier subjectKeyIdentifier must not be empty');\n\t\t}\n\t\treturn {\n\t\t\tsubjectKeyIdentifier: toHex(element.value),\n\t\t};\n\t}\n\t// SEQUENCE { issuer Name, serialNumber INTEGER }\n\tif (element.tag === 0x30) {\n\t\tconst top = readSequenceChildren(der);\n\t\tconst issuerElement = top[0];\n\t\tconst serial = top[1];\n\t\tif (issuerElement === undefined || serial === undefined || top.length !== 2) {\n\t\t\tthrow new Error('SignerIdentifier issuerAndSerialNumber is malformed');\n\t\t}\n\t\tif (issuerElement.tag !== 0x30) {\n\t\t\tthrow new Error('SignerIdentifier issuer must use Name SEQUENCE');\n\t\t}\n\t\tif (serial.tag !== 0x02) {\n\t\t\tthrow new Error('SignerIdentifier serialNumber must use INTEGER');\n\t\t}\n\t\tassertImplicitSerialNumberEncoding(serial.value, 'SignerIdentifier serialNumber');\n\t\treturn {\n\t\t\tissuer: parseSignerIssuerName(der, issuerElement),\n\t\t\tserialNumberHex: toHex(serial.value),\n\t\t};\n\t}\n\tthrow new Error(`Unsupported SignerIdentifier tag: ${String(element.tag)}`);\n}\n\nconst textDecoder = new TextDecoder();\n\n/** Parses a Name SEQUENCE element from a PKCS#7 signer identifier into a {@linkcode ParsedName}. */\nfunction parseSignerIssuerName(source: Uint8Array, element: DerElement): ParsedName {\n\tconst derHex = toHex(source.slice(element.start - element.headerLength, element.end));\n\tconst rdns: ParsedRelativeDistinguishedName[] = [];\n\tconst allAttributes: ParsedNameAttribute[] = [];\n\tconst values: Partial<Record<NameFieldKey, string>> = {};\n\tfor (const setElement of childrenOf(source, element)) {\n\t\tconst rdnAttributes: ParsedNameAttribute[] = [];\n\t\tconst rdnValues: Partial<Record<NameFieldKey, string>> = {};\n\t\tfor (const attrSequence of childrenOf(source, setElement)) {\n\t\t\tconst parts = childrenOf(source, attrSequence);\n\t\t\tconst oidElement = requireElement(parts[0], 'signer issuer attribute OID');\n\t\t\tconst valueElement = requireElement(parts[1], 'signer issuer attribute value');\n\t\t\tconst oid = decodeObjectIdentifier(oidElement.value);\n\t\t\tlet fieldValue: string;\n\t\t\ttry {\n\t\t\t\tfieldValue = decodeString(valueElement.tag, valueElement.value);\n\t\t\t} catch {\n\t\t\t\tfieldValue = textDecoder.decode(valueElement.value);\n\t\t\t}\n\t\t\tconst fieldKey = nameFieldKeyFromOid(oid);\n\t\t\tconst attribute: ParsedNameAttribute =\n\t\t\t\tfieldKey !== undefined\n\t\t\t\t\t? { oid, key: fieldKey, valueTag: valueElement.tag, value: fieldValue }\n\t\t\t\t\t: { oid, valueTag: valueElement.tag, value: fieldValue };\n\t\t\trdnAttributes.push(attribute);\n\t\t\tallAttributes.push(attribute);\n\t\t\tif (fieldKey !== undefined) {\n\t\t\t\tif (rdnValues[fieldKey] === undefined) {\n\t\t\t\t\trdnValues[fieldKey] = fieldValue;\n\t\t\t\t}\n\t\t\t\tif (values[fieldKey] === undefined) {\n\t\t\t\t\tvalues[fieldKey] = fieldValue;\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t\trdns.push({\n\t\t\tderHex: toHex(source.slice(setElement.start - setElement.headerLength, setElement.end)),\n\t\t\tattributes: rdnAttributes,\n\t\t\tvalues: rdnValues,\n\t\t});\n\t}\n\treturn { derHex, rdns, attributes: allAttributes, values };\n}\n\n/** Returns the nth child element inside a constructed ASN.1 element, or throws. */\nfunction childAt(source: Uint8Array, parent: DerElement, index: number, label: string): DerElement {\n\tlet offset = parent.start;\n\tlet currentIndex = 0;\n\twhile (offset < parent.end) {\n\t\tconst child = readElement(source, offset);\n\t\tif (currentIndex === index) {\n\t\t\treturn child;\n\t\t}\n\t\toffset = child.end;\n\t\tcurrentIndex += 1;\n\t}\n\tthrow new Error(`Missing ${label}`);\n}\n\n// ---------------------------------------------------------------------------\n// CMS signed attributes verification (RFC 5652 Section 5.4)\n// ---------------------------------------------------------------------------\n\n/** Maps a digest algorithm OID to the WebCrypto hash name. */\nfunction digestAlgorithmHash(digestAlgorithmOid: string): 'SHA-256' | 'SHA-384' | 'SHA-512' {\n\tswitch (digestAlgorithmOid) {\n\t\tcase OIDS.sha256:\n\t\t\treturn 'SHA-256';\n\t\tcase OIDS.sha384:\n\t\t\treturn 'SHA-384';\n\t\tcase OIDS.sha512:\n\t\t\treturn 'SHA-512';\n\t\tdefault:\n\t\t\tthrow new Error(`Unsupported digest algorithm OID: ${digestAlgorithmOid}`);\n\t}\n}\n\n/** Parses required signed attributes and enforces uniqueness + exact-one-value shape. */\nfunction parseSignedAttributeRequirements(signedAttrsDer: Uint8Array): {\n\treadonly messageDigest: Uint8Array;\n\treadonly contentTypeOid: string;\n} {\n\tconst outer = readElement(signedAttrsDer);\n\tlet messageDigest: Uint8Array | undefined;\n\tlet contentTypeOid: string | undefined;\n\tfor (const attr of childrenOf(signedAttrsDer, outer)) {\n\t\tconst attrDer = signedAttrsDer.slice(attr.start - attr.headerLength, attr.end);\n\t\tconst parts = readSequenceChildren(attrDer);\n\t\tconst oid = parts[0];\n\t\tconst values = parts[1];\n\t\tif (oid === undefined || values === undefined || parts.length !== 2 || values.tag !== 0x31) {\n\t\t\tthrow new Error('Malformed signedAttrs attribute');\n\t\t}\n\t\tconst attrOid = decodeObjectIdentifier(oid.value);\n\t\tconst valueElements = childrenOf(attrDer, values);\n\t\tif (attrOid === OIDS.cmsMessageDigest) {\n\t\t\tif (messageDigest !== undefined || valueElements.length !== 1) {\n\t\t\t\tthrow new Error('messageDigest attribute must appear exactly once with one value');\n\t\t\t}\n\t\t\tconst digestElement = valueElements[0];\n\t\t\tif (digestElement === undefined || digestElement.tag !== 0x04) {\n\t\t\t\tthrow new Error('messageDigest attribute value must use OCTET STRING');\n\t\t\t}\n\t\t\tmessageDigest = digestElement.value;\n\t\t\tcontinue;\n\t\t}\n\t\tif (attrOid === OIDS.cmsContentType) {\n\t\t\tif (contentTypeOid !== undefined || valueElements.length !== 1) {\n\t\t\t\tthrow new Error('contentType attribute must appear exactly once with one value');\n\t\t\t}\n\t\t\tconst contentType = valueElements[0];\n\t\t\tif (contentType === undefined || contentType.tag !== 0x06) {\n\t\t\t\tthrow new Error('contentType attribute value must use OBJECT IDENTIFIER');\n\t\t\t}\n\t\t\tcontentTypeOid = decodeObjectIdentifier(contentType.value);\n\t\t}\n\t}\n\tif (messageDigest === undefined) {\n\t\tthrow new Error('Missing messageDigest attribute in signedAttrs');\n\t}\n\tif (contentTypeOid === undefined) {\n\t\tthrow new Error('Missing contentType attribute in signedAttrs');\n\t}\n\treturn { messageDigest, contentTypeOid };\n}\n\n/** Replaces the IMPLICIT [0] tag (0xa0) with SET OF (0x31) per RFC 5652 Section 5.4. */\nfunction retagSignedAttrsAsSet(signedAttrsDer: Uint8Array): Uint8Array {\n\t// Replace IMPLICIT [0] tag (0xa0) with SET OF tag (0x31) per RFC 5652 Section 5.4\n\tconst copy = new Uint8Array(signedAttrsDer);\n\tcopy[0] = 0x31;\n\treturn copy;\n}\n\n/** Constant-time byte comparison to avoid timing side-channels in digest checks. */\nfunction constantTimeEqual(a: Uint8Array, b: Uint8Array): boolean {\n\tif (a.length !== b.length) {\n\t\treturn false;\n\t}\n\tlet diff = 0;\n\tfor (let index = 0; index < a.length; index += 1) {\n\t\tdiff |= (a[index] ?? 0) ^ (b[index] ?? 0);\n\t}\n\treturn diff === 0;\n}\n\n/** Verifies a signed-attributes flow: digest match + signature over re-tagged attrs. */\nasync function verifySignedAttrs(\n\tsignerInfo: ParsedPkcs7SignerInfo,\n\tsigner: ParsedCertificate,\n\tencapsulatedContent: Uint8Array,\n\tencapsulatedContentTypeOid: string,\n): Promise<\n\t| { readonly ok: true }\n\t| ErrorResult<\n\t\t\t| 'signer_not_found'\n\t\t\t| 'signature_invalid'\n\t\t\t| 'message_digest_mismatch'\n\t\t\t| 'content_missing'\n\t\t\t| ParsePkcs7ErrorCode,\n\t\t\tRecord<never, never>,\n\t\t\tVerifyPkcs7SignedDataFailure\n\t >\n> {\n\tif (signerInfo.signedAttrsDer === undefined) {\n\t\treturn verifyPkcs7Failure('malformed', 'Missing signedAttrs DER');\n\t}\n\t// Step 1: Parse required signed attributes from signedAttrs\n\tlet signedAttributes: { readonly messageDigest: Uint8Array; readonly contentTypeOid: string };\n\ttry {\n\t\tassertImplicitSignedAttrsDer(signerInfo.signedAttrsDer);\n\t\tsignedAttributes = parseSignedAttributeRequirements(signerInfo.signedAttrsDer);\n\t} catch {\n\t\treturn verifyPkcs7Failure('malformed', 'Malformed signedAttrs in SignedData');\n\t}\n\tif (signedAttributes.contentTypeOid !== encapsulatedContentTypeOid) {\n\t\treturn verifyPkcs7Failure('malformed', 'SignedData contentType attribute does not match');\n\t}\n\t// Step 2: Compute digest of encapsulated content\n\tlet actualDigest: Uint8Array;\n\ttry {\n\t\tconst hash = digestAlgorithmHash(signerInfo.digestAlgorithmOid);\n\t\tactualDigest = new Uint8Array(\n\t\t\tawait getCrypto().subtle.digest(hash, toArrayBuffer(encapsulatedContent)),\n\t\t);\n\t} catch {\n\t\treturn verifyPkcs7Failure('malformed', 'Unsupported digest algorithm in SignedData');\n\t}\n\t// Step 3: Compare digests (constant-time)\n\tif (!constantTimeEqual(actualDigest, signedAttributes.messageDigest)) {\n\t\treturn verifyPkcs7Failure(\n\t\t\t'message_digest_mismatch',\n\t\t\t'Content digest does not match messageDigest attribute',\n\t\t);\n\t}\n\t// Step 4: Verify signature over re-tagged signedAttrs (0xa0 → 0x31 SET OF)\n\tlet signedData: Uint8Array;\n\ttry {\n\t\tsignedData = retagSignedAttrsAsSet(signerInfo.signedAttrsDer);\n\t} catch {\n\t\treturn verifyPkcs7Failure('malformed', 'Malformed signedAttrs in SignedData');\n\t}\n\tlet verified: boolean;\n\ttry {\n\t\tconst verificationResult = await verifySignedDataDetailed(\n\t\t\tsignerInfo.signatureAlgorithmOid,\n\t\t\tsignerInfo.signatureAlgorithmParametersDer,\n\t\t\tsigner.publicKeyAlgorithmOid,\n\t\t\tsigner.publicKeyParametersOid,\n\t\t\tsigner.subjectPublicKeyInfoDer,\n\t\t\tsignerInfo.signature,\n\t\t\tsignedData,\n\t\t);\n\t\tif (!verificationResult.ok) {\n\t\t\tif (verificationResult.code === 'verification_error') {\n\t\t\t\treturn verifyPkcs7Failure('malformed', 'SignedData signature verification failed');\n\t\t\t}\n\t\t\treturn verifyPkcs7Failure('malformed', 'Unsupported signature algorithm in SignedData');\n\t\t}\n\t\tverified = verificationResult.valid;\n\t} catch {\n\t\treturn verifyPkcs7Failure('malformed', 'Unsupported signature algorithm in SignedData');\n\t}\n\tif (!verified) {\n\t\treturn verifyPkcs7Failure(\n\t\t\t'signature_invalid',\n\t\t\t'SignedData signature over signedAttrs does not verify',\n\t\t);\n\t}\n\treturn { ok: true };\n}\n\nfunction signerIdentifierMatches(\n\tcertificate: ParsedCertificate,\n\tsignerInfo: ParsedPkcs7SignerInfo,\n): boolean {\n\tif (signerInfo.issuer !== undefined || signerInfo.serialNumberHex !== undefined) {\n\t\treturn (\n\t\t\tsignerInfo.issuer !== undefined &&\n\t\t\tsignerInfo.serialNumberHex !== undefined &&\n\t\t\tcertificate.serialNumberHex === signerInfo.serialNumberHex &&\n\t\t\tcompareDistinguishedNames(certificate.issuer, signerInfo.issuer)\n\t\t);\n\t}\n\treturn (\n\t\tsignerInfo.subjectKeyIdentifier !== undefined &&\n\t\tcertificate.subjectKeyIdentifier === signerInfo.subjectKeyIdentifier\n\t);\n}\n\nfunction assertImplicitSignedAttrsDer(signedAttrsDer: Uint8Array): void {\n\tif (readElement(signedAttrsDer).tag !== 0xa0) {\n\t\tthrow new Error('signedAttrs must use IMPLICIT [0] tag');\n\t}\n}\n\nfunction hasReparseablePkcs7SignedData(\n\tvalue: ParsedPkcs7SignedData,\n): value is ParsedPkcs7SignedData & { readonly der: Uint8Array } {\n\treturn 'der' in value && value.der instanceof Uint8Array;\n}\n\nfunction assertImplicitSerialNumberEncoding(bytes: Uint8Array, label: string): void {\n\tconst first = bytes[0];\n\tif (first === undefined) {\n\t\tthrow new Error(`${label} must not be empty`);\n\t}\n\tif ((first & 0x80) !== 0) {\n\t\tthrow new Error(`${label} must be non-negative`);\n\t}\n\tif (bytes.length > 1 && first === 0 && ((bytes[1] ?? 0) & 0x80) === 0) {\n\t\tthrow new Error(`${label} must use minimal encoding`);\n\t}\n}\n"],"mappings":"mpCAwMA,SAAgB,EAAsB,EAA6D,CAClG,IAAM,EAAkB,EAAa,QAAQ,CAA0B,EACjE,EAAa,EAAS,CAC3B,EAAkB,CAAC,EACnB,EAAM,CAAC,CAAC,EACR,EAAS,CAAC,EAAiB,EAAK,SAAS,CAAC,CAAC,EAC3C,EAAgB,EAAG,EAAY,CAAe,CAAC,EAC/C,EAAM,CAAC,CAAC,CACT,CAAC,EACD,OAAO,EAAS,CAAC,EAAiB,EAAK,eAAe,EAAG,EAAgB,EAAG,CAAU,CAAC,CAAC,CACzF,CAKA,SAAgB,EACf,EACe,CACf,IAAM,EAAM,EAAsB,CAAY,EAC9C,MAAO,CACN,MACA,IAAK,EAAU,QAAS,CAAG,EAC3B,OAAQ,EAAa,CAAG,CACzB,CACD,CAsGA,eAAsB,EACrB,EAC0C,CAC1C,GAAI,EAAM,QAAQ,SAAW,EAC5B,OAAO,EAAmB,aAAc,oDAAoD,EAE7F,IAAM,EAA6B,EAAM,4BAA8B,EAAK,UAOtE,EAAU,EAAM,QAAQ,MAAM,EAE9B,EAAgC,CAAC,EACjC,EAAmB,IAAI,IACvB,EAAkB,GAA0B,CACjD,IAAM,EAAM,EAAM,CAAG,EAChB,EAAiB,IAAI,CAAG,IAC5B,EAAiB,IAAI,CAAG,EACxB,EAAgB,KAAK,CAAG,EAE1B,EAEM,EAAsB,IAAI,IAC1B,EAA4B,CAAC,EACnC,IAAK,IAAM,KAAU,EAAM,QAAS,CACnC,IAAM,EAAiB,EAA2B,EAAO,WAAW,EAC9D,EAAgB,EAAe,GACrC,GAAI,IAAkB,IAAA,IAAa,EAAe,SAAW,EAC5D,OAAO,EACN,6BACA,yDACD,EAED,EAAe,CAAa,EAI5B,IAAI,EACJ,GAAI,CACH,EAAc,EAAoB,CAAa,CAChD,MAAQ,CACP,OAAO,EACN,6BACA,sEACD,CACD,CAGA,IAAI,EACJ,GAAI,CACH,EAAqB,EAAsB,EAAO,WAAY,EAAO,SAAS,CAC/E,MAAQ,CACP,OAAO,EACN,yBACA,6CACD,CACD,CACA,IAAM,EAAS,EAA2B,EAAO,UAAU,EAC3D,GAAI,IAAW,IAAA,GACd,OAAO,EACN,yBACA,qDACD,EAED,EAAoB,IAAI,EAAO,SAAS,EAIxC,GAAM,CAAE,gBAAe,mBAAoB,EAC1C,EACA,IALyB,WACzB,MAAM,EAAU,CAAC,CAAC,OAAO,OAAO,EAAO,SAAU,EAAc,CAAO,CAAC,CAI3D,CACb,EACM,EAAY,MAAM,EAAU,EAAO,WAAY,EAAoB,CAAa,EACtF,EAAY,KACX,EAAS,CACR,EAAkB,CAAC,EACnB,EAAS,CACR,EAAW,EAAY,OAAO,MAAM,EACpC,EAAQ,EAAW,EAAY,eAAe,CAAC,CAChD,CAAC,EACD,EAAS,CAAC,EAAiB,EAAO,SAAS,EAAG,EAAU,CAAC,CAAC,EAC1D,EACA,EAA0B,CAAkB,EAC5C,EAAY,CAAS,CACtB,CAAC,CACF,CACD,CAEA,IAAK,IAAM,KAAU,EAAM,wBAA0B,CAAC,EACrD,IAAK,IAAM,KAAO,EAA2B,CAAM,EAClD,EAAe,CAAG,EAKpB,IAAM,EAAoB,IAA+B,EAAK,UAAY,EAAI,EAGxE,EAAiB,IAAI,WAAW,EAAM,CAAe,CAAC,EAC5D,EAAe,GAAK,IACpB,IAAM,EAAa,EAAS,CAC3B,EAAkB,CAAiB,EACnC,EAAM,CAAC,GAAG,CAAmB,CAAC,CAAC,IAAK,GAAQ,EAAS,CAAC,EAAiB,CAAG,EAAG,EAAU,CAAC,CAAC,CAAC,CAAC,EAC3F,EAAS,CACR,EAAiB,CAA0B,EAC3C,EAAgB,EAAG,EAAY,CAAO,CAAC,CACxC,CAAC,EACD,EACA,EAAM,CAAW,CAClB,CAAC,EACD,MAAO,CACN,GAAI,GACJ,MAAO,EAAS,CAAC,EAAiB,EAAK,eAAe,EAAG,EAAgB,EAAG,CAAU,CAAC,CAAC,CACzF,CACD,CAOA,eAAsB,GACrB,EACuC,CACvC,IAAM,EAAM,MAAM,EAAyB,CAAK,EAIhD,OAHK,EAAI,GAGF,CACN,GAAI,GACJ,MAAO,CAAE,IAAK,EAAI,MAAO,IAAK,EAAU,QAAS,EAAI,KAAK,EAAG,OAAQ,EAAa,EAAI,KAAK,CAAE,CAC9F,EALQ,CAMT,CAOA,SAAgB,EAAqB,EAA0C,CAC9E,IAAM,EAAS,EAAwB,CAAG,EAI1C,OAHK,EAAO,GAGL,CAAE,GAAI,GAAM,MAAO,EAAO,MAAM,YAAa,EAF5C,CAGT,CAGA,SAAgB,EAAqB,EAAsC,CAC1E,GAAI,CACH,IAAM,EAAS,EAAe,CAAG,CAAC,CAAC,OAAQ,GAAU,EAAM,QAAU,OAAO,EAC5E,GAAI,EAAO,SAAW,EACrB,OAAO,EAAa,YAAa,sCAAsC,EAExE,IAAM,EAAQ,EAAO,GAIrB,OAHI,IAAU,IAAA,GACN,EAAa,YAAa,qBAAqB,EAEhD,EAAqB,EAAM,KAAK,CACxC,MAAQ,CACP,OAAO,EAAa,YAAa,sCAAsC,CACxE,CACD,CAOA,SAAgB,EAAwB,EAA6C,CACpF,GAAI,CACH,IAAM,EAAc,EAAqB,EAAK,CAAE,SAAA,EAAgC,CAAC,EAC3E,EAAc,EAAY,GAC1B,EAAU,EAAY,GAU5B,GARC,IAAgB,IAAA,IAChB,IAAY,IAAA,IACZ,EAAY,SAAW,GACvB,EAAY,MAAQ,GACpB,EAAQ,MAAQ,KAIb,EAAW,EAAK,CAAO,CAAC,CAAC,SAAW,EACvC,OAAO,EAAa,YAAa,+BAA+B,EAEjE,IAAM,EAAiB,EAAuB,EAAY,KAAK,EAC/D,GAAI,IAAmB,EAAK,gBAC3B,OAAO,EAAa,kBAAmB,kCAAkC,EAG1E,IAAM,EAAqB,EAAW,EADnB,GAAQ,EAAK,EAAS,EAAG,YACQ,CAAC,EAC/C,EAAU,EAAmB,GAC7B,EAAmB,EAAmB,GACtC,EAAmB,EAAmB,GACtC,EAAmB,EAAmB,MAAM,CAAC,EAC7C,EAAc,EAAiB,EAAiB,OAAS,GAC3D,EACA,EACJ,IAAK,IAAM,KAAS,EAAiB,MAAM,EAAG,EAAE,EAAG,CAClD,GAAI,GAAO,MAAQ,IAAM,CACxB,GAAI,IAAS,IAAA,GACZ,OAAO,EAAa,YAAa,uDAAuD,EAEzF,GAAI,IAAiB,IAAA,GACpB,OAAO,EAAa,YAAa,+CAA+C,EAEjF,EAAe,EACf,QACD,CACA,GAAI,GAAO,MAAQ,IAAM,CACxB,GAAI,IAAS,IAAA,GACZ,OAAO,EAAa,YAAa,uCAAuC,EAEzE,EAAO,EACP,QACD,CACA,OAAO,EAAa,YAAa,qCAAqC,CACvE,CACA,GACC,IAAY,IAAA,IACZ,IAAqB,IAAA,IACrB,IAAqB,IAAA,IACrB,IAAgB,IAAA,IAChB,EAAY,MAAQ,GAEpB,OAAO,EAAa,YAAa,sBAAsB,EAExD,IAAM,EAAW,EAAI,MACpB,EAAiB,MAAQ,EAAiB,aAC1C,EAAiB,GAClB,EACM,EAAgB,EAAqB,CAAQ,EAC7C,EAAY,EAAc,GAC1B,EAAe,EAAc,GAC7B,EAAsB,EAAsB,EAAK,CAAgB,EAIvE,OAHI,IAAc,IAAA,GACV,EAAa,YAAa,mCAAmC,EAE9D,CACN,GAAI,GACJ,MAAO,CACN,IAAK,IAAI,WAAW,CAAG,EACvB,iBACA,QAAS,EAAoB,EAAQ,KAAK,EAC1C,sBACA,qBAAsB,EAAoB,IAAK,GAAQ,EAAsB,CAAG,CAAC,EACjF,2BAA4B,EAAuB,EAAU,KAAK,EAClE,GAAI,IAAiB,IAAA,GAClB,CAAC,EACD,CACA,oBAAqB,GAA2B,EAAU,CAAY,CACvE,EACF,aAAc,EAAoB,EAAK,CAAY,EACnD,YAAa,EAAiB,EAAK,CAAW,CAC/C,CACD,CACD,MAAQ,CACP,OAAO,EAAa,YAAa,4BAA4B,CAC9D,CACD,CAGA,SAAgB,EAAwB,EAAyC,CAChF,GAAI,CACH,IAAM,EAAS,EAAe,CAAG,CAAC,CAAC,OAAQ,GAAU,EAAM,QAAU,OAAO,EACtE,EAAQ,EAAO,GAIrB,OAHI,IAAU,IAAA,IAAa,EAAO,SAAW,EACrC,EAAa,YAAa,sCAAsC,EAEjE,EAAwB,EAAM,KAAK,CAC3C,MAAQ,CACP,OAAO,EAAa,YAAa,sCAAsC,CACxE,CACD,CAuBA,eAAsB,EACrB,EACuC,CACvC,IAAI,EACJ,GAAI,OAAO,GAAU,SAAU,CAC9B,IAAM,EAAS,EAAwB,CAAK,EAC5C,GAAI,CAAC,EAAO,GACX,OAAO,EAER,EAAS,EAAO,KACjB,MAAO,GAAI,aAAiB,WAAY,CACvC,IAAM,EAAS,EAAwB,CAAK,EAC5C,GAAI,CAAC,EAAO,GACX,OAAO,EAER,EAAS,EAAO,KACjB,KAAO,CACN,GAAI,CAAC,GAA8B,CAAK,EACvC,OAAO,EAAmB,YAAa,sCAAsC,EAE9E,IAAM,EAAS,EAAwB,IAAI,WAAW,EAAM,GAAG,CAAC,EAChE,GAAI,CAAC,EAAO,GACX,OAAO,EAER,EAAS,EAAO,KACjB,CACA,GAAI,EAAO,sBAAwB,IAAA,GAClC,OAAO,EAAmB,kBAAmB,4CAA4C,EAE1F,IAAK,IAAM,KAAc,EAAO,YAAa,CAC5C,IAAM,EAAS,EAAO,aAAa,KAAM,GACxC,GAAwB,EAAa,CAAU,CAChD,EACA,GAAI,IAAW,IAAA,GACd,OAAO,EACN,mBACA,yDACD,EAED,GAAI,EAAW,eAAgB,CAC9B,IAAM,EAAc,MAAM,GACzB,EACA,EACA,EAAO,oBACP,EAAO,0BACR,EACA,GAAI,CAAC,EAAY,GAChB,OAAO,EAER,QACD,CACA,IAAI,EACJ,GAAI,CACH,IAAM,EAAqB,MAAM,EAChC,EAAW,sBACX,EAAW,gCACX,EAAO,sBACP,EAAO,uBACP,EAAO,wBACP,EAAW,UACX,EAAO,mBACR,EACA,GAAI,CAAC,EAAmB,GAIvB,OAHI,EAAmB,OAAS,qBACxB,EAAmB,YAAa,0CAA0C,EAE3E,EAAmB,YAAa,+CAA+C,EAEvF,EAAW,EAAmB,KAC/B,MAAQ,CACP,OAAO,EAAmB,YAAa,+CAA+C,CACvF,CACA,GAAI,CAAC,EACJ,OAAO,EAAmB,oBAAqB,sCAAsC,CAEvF,CACA,MAAO,CAAE,GAAI,GAAM,MAAO,CAAO,CAClC,CAOA,SAAS,EACR,EACA,EAC4E,CAE5E,MAAO,CAAE,GAAI,GAAO,MAAA,CADe,GAAI,GAAO,OAAM,SAC5B,EAAG,OAAM,SAAQ,CAC1C,CAGA,SAAS,EACR,EAMA,EASC,CAED,MAAO,CAAE,GAAI,GAAO,MAAA,CAD0B,GAAI,GAAO,OAAM,SACvC,EAAG,OAAM,SAAQ,CAC1C,CAGA,SAAS,EACR,EACA,EACkG,CAElG,MAAO,CAAE,GAAI,GAAO,MAAA,CAD0B,GAAI,GAAO,OAAM,SACvC,EAAG,OAAM,SAAQ,CAC1C,CAGA,SAAS,EAA2B,EAAuD,CAM1F,OALI,OAAO,GAAW,SACd,EAAe,CAAM,CAAC,CAC3B,OAAQ,GAAU,EAAM,QAAU,aAAa,CAAC,CAChD,IAAK,GAAU,IAAI,WAAW,EAAM,KAAK,CAAC,EAEtC,CAAC,IAAI,WAAW,CAAM,CAAC,CAC/B,CAGA,SAAS,EAAc,EAA6D,CACnF,MAAO,SAAU,CAClB,CAGA,SAAS,EAAoB,EAAsD,CAClF,MAAO,eAAgB,CACxB,CASA,SAAS,EACR,EAGY,CACZ,IAAM,EAAY,EAAW,UAC7B,GAAI,EAAU,OAAS,QAAS,CAC/B,GAAI,CAAC,EAAoB,CAAS,EACjC,OAED,OAAQ,EAAU,WAAlB,CACC,IAAK,QACJ,MAAO,CAAE,SAAU,UAAW,UAAW,EAAK,MAAO,EACtD,IAAK,QACJ,MAAO,CAAE,SAAU,UAAW,UAAW,EAAK,MAAO,EACtD,IAAK,QACJ,MAAO,CAAE,SAAU,UAAW,UAAW,EAAK,MAAO,EACtD,QACC,MACF,CACD,CACA,GAAI,EAAU,OAAS,qBAAuB,EAAU,OAAS,UAAW,CAC3E,GAAI,CAAC,EAAc,CAAS,EAC3B,OAED,OAAQ,EAAU,KAAK,KAAvB,CACC,IAAK,UACJ,MAAO,CAAE,SAAU,UAAW,UAAW,EAAK,MAAO,EACtD,IAAK,UACJ,MAAO,CAAE,SAAU,UAAW,UAAW,EAAK,MAAO,EACtD,IAAK,UACJ,MAAO,CAAE,SAAU,UAAW,UAAW,EAAK,MAAO,EACtD,QACC,MACF,CACD,CACA,GAAI,EAAU,OAAS,UACtB,MAAO,CAAE,SAAU,UAAW,UAAW,EAAK,MAAO,CAGvD,CAQA,SAAS,EACR,EACA,EAC+E,CAC/E,IAAM,EAAgB,EAAM,CAC3B,EAAS,CAAC,EAAiB,EAAK,cAAc,EAAG,EAAM,CAAC,EAAiB,CAAc,CAAC,CAAC,CAAC,CAAC,EAC3F,EAAS,CAAC,EAAiB,EAAK,gBAAgB,EAAG,EAAM,CAAC,EAAY,CAAa,CAAC,CAAC,CAAC,CAAC,CACxF,CAAC,EACK,EAAkB,IAAI,WAAW,CAAa,EAEpD,MADA,GAAgB,GAAK,IACd,CAAE,gBAAe,iBAAgB,CACzC,CAGA,SAAS,EACR,EACA,EAC+B,CAC/B,GAAI,IAAiB,IAAA,IAAa,EAAa,MAAQ,IACtD,MAAO,CAAC,EAET,IAAM,EAA8B,CAAC,EACjC,EAAS,EAAa,MAC1B,KAAO,EAAS,EAAa,KAAK,CACjC,IAAM,EAAU,EAAY,EAAQ,CAAM,EAC1C,EAAO,KAAK,EAAoB,EAAO,MAAM,EAAQ,EAAQ,GAAG,CAAC,CAAC,EAClE,EAAS,EAAQ,GAClB,CACA,OAAO,CACR,CAGA,SAAS,EACR,EACA,EACoB,CACpB,IAAM,EAAoB,CAAC,EAC3B,GAAI,EAAQ,MAAQ,GACnB,MAAU,MAAM,+BAA+B,EAEhD,IAAK,IAAM,KAAS,EAAW,EAAQ,CAAO,EAAG,CAChD,GAAI,EAAM,MAAQ,GACjB,MAAU,MAAM,uDAAuD,EAGxE,IAAM,EAAQ,EADG,EAAO,MAAM,EAAM,MAAQ,EAAM,aAAc,EAAM,GAC5B,CAAC,EACrC,EAAM,EAAM,GAClB,GAAI,IAAQ,IAAA,IAAa,EAAM,OAAS,GAAK,EAAM,OAAS,GAAK,EAAI,MAAQ,EAC5E,MAAU,MAAM,sCAAsC,EAEvD,EAAQ,KAAK,EAAuB,EAAI,KAAK,CAAC,CAC/C,CACA,OAAO,CACR,CAGA,SAAS,EACR,EACA,EACmC,CACnC,IAAM,EAAmC,CAAC,EAC1C,IAAK,IAAM,KAAc,EAAW,EAAQ,CAAO,EAAG,CACrD,IAAM,EAAY,EAAO,MAAM,EAAW,MAAQ,EAAW,aAAc,EAAW,GAAG,EACnF,EAAQ,EAAqB,CAAS,EACtC,EAAU,EAAM,GAChB,EAAM,EAAM,GACZ,EAAkB,EAAM,GAC1B,EAAQ,EACN,EAAqB,EAAM,EAAM,EAAE,MAAQ,IAAO,EAAM,GAAS,IAAA,GACjE,EAAiB,IAAuB,IAAA,GAC1C,IACH,GAAS,GAEV,IAAM,EAAqB,EAAM,GAC3B,EAAY,EAAM,EAAQ,GAC1B,EAA4B,EAAM,EAAQ,GAChD,GACC,IAAY,IAAA,IACZ,IAAQ,IAAA,IACR,IAAoB,IAAA,IACpB,IAAuB,IAAA,IACvB,IAAc,IAAA,IACd,EAAU,MAAQ,GAClB,EAAM,OAAS,EAAQ,GACtB,IAA8B,IAAA,IAAa,EAA0B,MAAQ,IAE9E,MAAU,MAAM,sBAAsB,EAMvC,IAAM,EAAqB,EAC1B,EAAe,EALW,EAAU,MACpC,EAAgB,MAAQ,EAAgB,aACxC,EAAgB,GAGqC,CAAC,CAAC,CAAC,GAAI,sBAAsB,CAAC,CAAC,KACrF,EACM,EAAwB,EAAU,MACvC,EAAmB,MAAQ,EAAmB,aAC9C,EAAmB,GACpB,EACM,EAA6B,EAAqB,CAAqB,EACvE,EAAwB,EAC7B,EAAe,EAA2B,GAAI,yBAAyB,CAAC,CAAC,KAC1E,EACM,EAA2B,EAA2B,GACtD,EAAY,GAAsB,EAAU,MAAM,EAAI,MAAQ,EAAI,aAAc,EAAI,GAAG,CAAC,EAC9F,EAAQ,KAAK,CACZ,QAAS,EAAoB,EAAQ,KAAK,EAC1C,GAAI,EAAU,SAAW,IAAA,GAAY,CAAC,EAAI,CAAE,OAAQ,EAAU,MAAO,EACrE,GAAI,EAAU,kBAAoB,IAAA,GAC/B,CAAC,EACD,CAAE,gBAAiB,EAAU,eAAgB,EAChD,GAAI,EAAU,uBAAyB,IAAA,GACpC,CAAC,EACD,CAAE,qBAAsB,EAAU,oBAAqB,EAC1D,qBACA,oBAAqB,EAAsB,CAAkB,EAC7D,wBACA,uBAAwB,EACvB,EACA,IAA6B,IAAA,GAC1B,IAAA,GACA,IAAI,WACJ,EAAsB,MACrB,EAAyB,MAAQ,EAAyB,aAC1D,EAAyB,GAC1B,CACD,CACH,EACA,GAAI,IAA6B,IAAA,GAC9B,CAAC,EACD,CACA,gCAAiC,IAAI,WACpC,EAAsB,MACrB,EAAyB,MAAQ,EAAyB,aAC1D,EAAyB,GAC1B,CACD,CACD,EACF,aAAc,EAAM,EAAU,KAAK,EACnC,UAAW,IAAI,WAAW,EAAU,KAAK,EACzC,iBACA,GAAI,IAAuB,IAAA,GACxB,CAAC,EACD,CACA,eAAgB,IAAI,WACnB,EAAU,MACT,EAAmB,MAAQ,EAAmB,aAC9C,EAAmB,GACpB,CACD,CACD,CACH,CAAC,CACF,CACA,OAAO,CACR,CAGA,SAAS,GACR,EACA,EACa,CACb,GAAI,EAAQ,MAAQ,IACnB,MAAU,MAAM,qCAAqC,EAEtD,IAAM,EAAQ,EAAY,EAAU,EAAQ,KAAK,EACjD,GAAI,EAAM,MAAQ,EACjB,MAAU,MAAM,oCAAoC,EAErD,OAAO,EAAM,KACd,CAGA,SAAS,GAAsB,EAI7B,CACD,IAAM,EAAU,EAAgB,EAAK,CAAE,SAAA,EAAgC,CAAC,EAExE,GAAI,EAAQ,MAAQ,IAAM,CACzB,GAAI,EAAQ,MAAM,SAAW,EAC5B,MAAU,MAAM,yDAAyD,EAE1E,MAAO,CACN,qBAAsB,EAAM,EAAQ,KAAK,CAC1C,CACD,CAEA,GAAI,EAAQ,MAAQ,GAAM,CACzB,IAAM,EAAM,EAAqB,CAAG,EAC9B,EAAgB,EAAI,GACpB,EAAS,EAAI,GACnB,GAAI,IAAkB,IAAA,IAAa,IAAW,IAAA,IAAa,EAAI,SAAW,EACzE,MAAU,MAAM,qDAAqD,EAEtE,GAAI,EAAc,MAAQ,GACzB,MAAU,MAAM,gDAAgD,EAEjE,GAAI,EAAO,MAAQ,EAClB,MAAU,MAAM,gDAAgD,EAGjE,OADA,GAAmC,EAAO,MAAO,+BAA+B,EACzE,CACN,OAAQ,GAAsB,EAAK,CAAa,EAChD,gBAAiB,EAAM,EAAO,KAAK,CACpC,CACD,CACA,MAAU,MAAM,qCAAqC,OAAO,EAAQ,GAAG,GAAG,CAC3E,CAEA,MAAM,GAAc,IAAI,YAGxB,SAAS,GAAsB,EAAoB,EAAiC,CACnF,IAAM,EAAS,EAAM,EAAO,MAAM,EAAQ,MAAQ,EAAQ,aAAc,EAAQ,GAAG,CAAC,EAC9E,EAA0C,CAAC,EAC3C,EAAuC,CAAC,EACxC,EAAgD,CAAC,EACvD,IAAK,IAAM,KAAc,EAAW,EAAQ,CAAO,EAAG,CACrD,IAAM,EAAuC,CAAC,EACxC,EAAmD,CAAC,EAC1D,IAAK,IAAM,KAAgB,EAAW,EAAQ,CAAU,EAAG,CAC1D,IAAM,EAAQ,EAAW,EAAQ,CAAY,EACvC,EAAa,EAAe,EAAM,GAAI,6BAA6B,EACnE,EAAe,EAAe,EAAM,GAAI,+BAA+B,EACvE,EAAM,EAAuB,EAAW,KAAK,EAC/C,EACJ,GAAI,CACH,EAAa,EAAa,EAAa,IAAK,EAAa,KAAK,CAC/D,MAAQ,CACP,EAAa,GAAY,OAAO,EAAa,KAAK,CACnD,CACA,IAAM,EAAW,EAAoB,CAAG,EAClC,EACL,IAAa,IAAA,GAEV,CAAE,MAAK,SAAU,EAAa,IAAK,MAAO,CAAW,EADrD,CAAE,MAAK,IAAK,EAAU,SAAU,EAAa,IAAK,MAAO,CAAW,EAExE,EAAc,KAAK,CAAS,EAC5B,EAAc,KAAK,CAAS,EACxB,IAAa,IAAA,KACZ,EAAU,KAAc,IAAA,KAC3B,EAAU,GAAY,GAEnB,EAAO,KAAc,IAAA,KACxB,EAAO,GAAY,GAGtB,CACA,EAAK,KAAK,CACT,OAAQ,EAAM,EAAO,MAAM,EAAW,MAAQ,EAAW,aAAc,EAAW,GAAG,CAAC,EACtF,WAAY,EACZ,OAAQ,CACT,CAAC,CACF,CACA,MAAO,CAAE,SAAQ,OAAM,WAAY,EAAe,QAAO,CAC1D,CAGA,SAAS,GAAQ,EAAoB,EAAoB,EAAe,EAA2B,CAClG,IAAI,EAAS,EAAO,MAChB,EAAe,EACnB,KAAO,EAAS,EAAO,KAAK,CAC3B,IAAM,EAAQ,EAAY,EAAQ,CAAM,EACxC,GAAI,IAAiB,EACpB,OAAO,EAER,EAAS,EAAM,IACf,GAAgB,CACjB,CACA,MAAU,MAAM,WAAW,GAAO,CACnC,CAOA,SAAS,GAAoB,EAA+D,CAC3F,OAAQ,EAAR,CACC,KAAK,EAAK,OACT,MAAO,UACR,KAAK,EAAK,OACT,MAAO,UACR,KAAK,EAAK,OACT,MAAO,UACR,QACC,MAAU,MAAM,qCAAqC,GAAoB,CAC3E,CACD,CAGA,SAAS,EAAiC,EAGxC,CACD,IAAM,EAAQ,EAAY,CAAc,EACpC,EACA,EACJ,IAAK,IAAM,KAAQ,EAAW,EAAgB,CAAK,EAAG,CACrD,IAAM,EAAU,EAAe,MAAM,EAAK,MAAQ,EAAK,aAAc,EAAK,GAAG,EACvE,EAAQ,EAAqB,CAAO,EACpC,EAAM,EAAM,GACZ,EAAS,EAAM,GACrB,GAAI,IAAQ,IAAA,IAAa,IAAW,IAAA,IAAa,EAAM,SAAW,GAAK,EAAO,MAAQ,GACrF,MAAU,MAAM,iCAAiC,EAElD,IAAM,EAAU,EAAuB,EAAI,KAAK,EAC1C,EAAgB,EAAW,EAAS,CAAM,EAChD,GAAI,IAAY,EAAK,iBAAkB,CACtC,GAAI,IAAkB,IAAA,IAAa,EAAc,SAAW,EAC3D,MAAU,MAAM,iEAAiE,EAElF,IAAM,EAAgB,EAAc,GACpC,GAAI,IAAkB,IAAA,IAAa,EAAc,MAAQ,EACxD,MAAU,MAAM,qDAAqD,EAEtE,EAAgB,EAAc,MAC9B,QACD,CACA,GAAI,IAAY,EAAK,eAAgB,CACpC,GAAI,IAAmB,IAAA,IAAa,EAAc,SAAW,EAC5D,MAAU,MAAM,+DAA+D,EAEhF,IAAM,EAAc,EAAc,GAClC,GAAI,IAAgB,IAAA,IAAa,EAAY,MAAQ,EACpD,MAAU,MAAM,wDAAwD,EAEzE,EAAiB,EAAuB,EAAY,KAAK,CAC1D,CACD,CACA,GAAI,IAAkB,IAAA,GACrB,MAAU,MAAM,gDAAgD,EAEjE,GAAI,IAAmB,IAAA,GACtB,MAAU,MAAM,8CAA8C,EAE/D,MAAO,CAAE,gBAAe,gBAAe,CACxC,CAGA,SAAS,GAAsB,EAAwC,CAEtE,IAAM,EAAO,IAAI,WAAW,CAAc,EAE1C,MADA,GAAK,GAAK,GACH,CACR,CAGA,SAAS,GAAkB,EAAe,EAAwB,CACjE,GAAI,EAAE,SAAW,EAAE,OAClB,MAAO,GAER,IAAI,EAAO,EACX,IAAK,IAAI,EAAQ,EAAG,EAAQ,EAAE,OAAQ,GAAS,EAC9C,IAAS,EAAE,IAAU,IAAM,EAAE,IAAU,GAExC,OAAO,IAAS,CACjB,CAGA,eAAe,GACd,EACA,EACA,EACA,EAYC,CACD,GAAI,EAAW,iBAAmB,IAAA,GACjC,OAAO,EAAmB,YAAa,yBAAyB,EAGjE,IAAI,EACJ,GAAI,CACH,GAA6B,EAAW,cAAc,EACtD,EAAmB,EAAiC,EAAW,cAAc,CAC9E,MAAQ,CACP,OAAO,EAAmB,YAAa,qCAAqC,CAC7E,CACA,GAAI,EAAiB,iBAAmB,EACvC,OAAO,EAAmB,YAAa,iDAAiD,EAGzF,IAAI,EACJ,GAAI,CACH,IAAM,EAAO,GAAoB,EAAW,kBAAkB,EAC9D,EAAe,IAAI,WAClB,MAAM,EAAU,CAAC,CAAC,OAAO,OAAO,EAAM,EAAc,CAAmB,CAAC,CACzE,CACD,MAAQ,CACP,OAAO,EAAmB,YAAa,4CAA4C,CACpF,CAEA,GAAI,CAAC,GAAkB,EAAc,EAAiB,aAAa,EAClE,OAAO,EACN,0BACA,uDACD,EAGD,IAAI,EACJ,GAAI,CACH,EAAa,GAAsB,EAAW,cAAc,CAC7D,MAAQ,CACP,OAAO,EAAmB,YAAa,qCAAqC,CAC7E,CACA,IAAI,EACJ,GAAI,CACH,IAAM,EAAqB,MAAM,EAChC,EAAW,sBACX,EAAW,gCACX,EAAO,sBACP,EAAO,uBACP,EAAO,wBACP,EAAW,UACX,CACD,EACA,GAAI,CAAC,EAAmB,GAIvB,OAHI,EAAmB,OAAS,qBACxB,EAAmB,YAAa,0CAA0C,EAE3E,EAAmB,YAAa,+CAA+C,EAEvF,EAAW,EAAmB,KAC/B,MAAQ,CACP,OAAO,EAAmB,YAAa,+CAA+C,CACvF,CAOA,OANK,EAME,CAAE,GAAI,EAAK,EALV,EACN,oBACA,uDACD,CAGF,CAEA,SAAS,GACR,EACA,EACU,CASV,OARI,EAAW,SAAW,IAAA,IAAa,EAAW,kBAAoB,IAAA,GAEpE,EAAW,SAAW,IAAA,IACtB,EAAW,kBAAoB,IAAA,IAC/B,EAAY,kBAAoB,EAAW,iBAC3C,EAA0B,EAAY,OAAQ,EAAW,MAAM,EAIhE,EAAW,uBAAyB,IAAA,IACpC,EAAY,uBAAyB,EAAW,oBAElD,CAEA,SAAS,GAA6B,EAAkC,CACvE,GAAI,EAAY,CAAc,CAAC,CAAC,MAAQ,IACvC,MAAU,MAAM,uCAAuC,CAEzD,CAEA,SAAS,GACR,EACgE,CAChE,MAAO,QAAS,GAAS,EAAM,eAAe,UAC/C,CAEA,SAAS,GAAmC,EAAmB,EAAqB,CACnF,IAAM,EAAQ,EAAM,GACpB,GAAI,IAAU,IAAA,GACb,MAAU,MAAM,GAAG,EAAM,mBAAmB,EAE7C,GAAK,EAAQ,IACZ,MAAU,MAAM,GAAG,EAAM,sBAAsB,EAEhD,GAAI,EAAM,OAAS,GAAK,IAAU,GAAA,GAAO,EAAM,IAAM,GAAK,KACzD,MAAU,MAAM,GAAG,EAAM,2BAA2B,CAEtD"}
|
package/dist/pkcs.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { Pbes2EncryptionOptions, Pbes2EncryptionScheme, Pbes2Prf } from "./internal/crypto/pbes2.js";
|
|
2
2
|
import { ParsedPkcs12MacData, Pkcs12MacOptions, createPkcs12MacData, parsePkcs12MacData } from "./pkcs/pkcs12-mac.js";
|
|
3
3
|
import { CreatePfxInput, ParsePfxErrorCode, ParsePfxFailure, ParsePfxOptions, ParsePfxResult, ParsedPfx, ParsedPfxAttribute, ParsedPfxBag, ParsedPfxBagAttributes, PfxBagAttributesInput, PfxCertificateBagInput, PfxCertificateSource, PfxEncryptionOptions, PfxMaterial, PfxPrivateKeyBagInput, PfxPrivateKeySource, createPfx, parsePfxDer, parsePfxPem } from "./pkcs/pfx.js";
|
|
4
|
-
import { ParsePkcs7CertBagResult, ParsePkcs7ErrorCode, ParsePkcs7Failure, ParsePkcs7SignedDataResult, ParsedPkcs7SignedData, ParsedPkcs7SignerInfo, Pkcs7CertBag, Pkcs7CertificateSource, VerifyPkcs7SignedDataFailure, VerifyPkcs7SignedDataResult, createPkcs7CertBagDer, createPkcs7CertBagPem, parsePkcs7CertBagDer, parsePkcs7CertBagPem, parsePkcs7SignedDataDer, parsePkcs7SignedDataPem, verifyPkcs7SignedData } from "./pkcs/pkcs7.js";
|
|
5
|
-
export { type CreatePfxInput, type ParsePfxErrorCode, type ParsePfxFailure, type ParsePfxOptions, type ParsePfxResult, type ParsePkcs7CertBagResult, type ParsePkcs7ErrorCode, type ParsePkcs7Failure, type ParsePkcs7SignedDataResult, type ParsedPfx, type ParsedPfxAttribute, type ParsedPfxBag, type ParsedPfxBagAttributes, type ParsedPkcs12MacData, type ParsedPkcs7SignedData, type ParsedPkcs7SignerInfo, type Pbes2EncryptionOptions, type Pbes2EncryptionScheme, type Pbes2Prf, type PfxBagAttributesInput, type PfxCertificateBagInput, type PfxCertificateSource, type PfxEncryptionOptions, type PfxMaterial, type PfxPrivateKeyBagInput, type PfxPrivateKeySource, type Pkcs12MacOptions, type Pkcs7CertBag, type Pkcs7CertificateSource, type VerifyPkcs7SignedDataFailure, type VerifyPkcs7SignedDataResult, createPfx, createPkcs12MacData, createPkcs7CertBagDer, createPkcs7CertBagPem, parsePfxDer, parsePfxPem, parsePkcs12MacData, parsePkcs7CertBagDer, parsePkcs7CertBagPem, parsePkcs7SignedDataDer, parsePkcs7SignedDataPem, verifyPkcs7SignedData };
|
|
4
|
+
import { CreatePkcs7SignedDataDerResult, CreatePkcs7SignedDataErrorCode, CreatePkcs7SignedDataFailure, CreatePkcs7SignedDataInput, CreatePkcs7SignedDataResult, ParsePkcs7CertBagResult, ParsePkcs7ErrorCode, ParsePkcs7Failure, ParsePkcs7SignedDataResult, ParsedPkcs7SignedData, ParsedPkcs7SignerInfo, Pkcs7CertBag, Pkcs7CertificateSource, Pkcs7SignedDataMaterial, Pkcs7Signer, VerifyPkcs7SignedDataFailure, VerifyPkcs7SignedDataResult, createPkcs7CertBagDer, createPkcs7CertBagPem, createPkcs7SignedDataDer, createPkcs7SignedDataPem, parsePkcs7CertBagDer, parsePkcs7CertBagPem, parsePkcs7SignedDataDer, parsePkcs7SignedDataPem, verifyPkcs7SignedData } from "./pkcs/pkcs7.js";
|
|
5
|
+
export { type CreatePfxInput, type CreatePkcs7SignedDataDerResult, type CreatePkcs7SignedDataErrorCode, type CreatePkcs7SignedDataFailure, type CreatePkcs7SignedDataInput, type CreatePkcs7SignedDataResult, type ParsePfxErrorCode, type ParsePfxFailure, type ParsePfxOptions, type ParsePfxResult, type ParsePkcs7CertBagResult, type ParsePkcs7ErrorCode, type ParsePkcs7Failure, type ParsePkcs7SignedDataResult, type ParsedPfx, type ParsedPfxAttribute, type ParsedPfxBag, type ParsedPfxBagAttributes, type ParsedPkcs12MacData, type ParsedPkcs7SignedData, type ParsedPkcs7SignerInfo, type Pbes2EncryptionOptions, type Pbes2EncryptionScheme, type Pbes2Prf, type PfxBagAttributesInput, type PfxCertificateBagInput, type PfxCertificateSource, type PfxEncryptionOptions, type PfxMaterial, type PfxPrivateKeyBagInput, type PfxPrivateKeySource, type Pkcs12MacOptions, type Pkcs7CertBag, type Pkcs7CertificateSource, type Pkcs7SignedDataMaterial, type Pkcs7Signer, type VerifyPkcs7SignedDataFailure, type VerifyPkcs7SignedDataResult, createPfx, createPkcs12MacData, createPkcs7CertBagDer, createPkcs7CertBagPem, createPkcs7SignedDataDer, createPkcs7SignedDataPem, parsePfxDer, parsePfxPem, parsePkcs12MacData, parsePkcs7CertBagDer, parsePkcs7CertBagPem, parsePkcs7SignedDataDer, parsePkcs7SignedDataPem, verifyPkcs7SignedData };
|
package/dist/pkcs.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
import{createPkcs12MacData as e,parsePkcs12MacData as t}from"./pkcs/pkcs12-mac.js";import{createPfx as n,parsePfxDer as r,parsePfxPem as i}from"./pkcs/pfx.js";import{createPkcs7CertBagDer as a,createPkcs7CertBagPem as o,
|
|
1
|
+
import{createPkcs12MacData as e,parsePkcs12MacData as t}from"./pkcs/pkcs12-mac.js";import{createPfx as n,parsePfxDer as r,parsePfxPem as i}from"./pkcs/pfx.js";import{createPkcs7CertBagDer as a,createPkcs7CertBagPem as o,createPkcs7SignedDataDer as s,createPkcs7SignedDataPem as c,parsePkcs7CertBagDer as l,parsePkcs7CertBagPem as u,parsePkcs7SignedDataDer as d,parsePkcs7SignedDataPem as f,verifyPkcs7SignedData as p}from"./pkcs/pkcs7.js";export{n as createPfx,e as createPkcs12MacData,a as createPkcs7CertBagDer,o as createPkcs7CertBagPem,s as createPkcs7SignedDataDer,c as createPkcs7SignedDataPem,r as parsePfxDer,i as parsePfxPem,t as parsePkcs12MacData,l as parsePkcs7CertBagDer,u as parsePkcs7CertBagPem,d as parsePkcs7SignedDataDer,f as parsePkcs7SignedDataPem,p as verifyPkcs7SignedData};
|
package/dist/revocation/crl.js
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
import{bitString as e,concatBytes as t,explicitContext as n,generalizedTime as r,implicitConstructedContext as i,implicitPrimitiveContext as a,integer as o,integerFromNumber as s,readElement as c,readRootElement as l,readSequenceChildren as u,sequence as d,time as f,tlv as p}from"../internal/asn1/der.js";import{childrenOf as m,decodeBoolean as ee,decodeIntegerNumber as h,decodeObjectIdentifier as g,decodeString as _,extractBitStringValue as v,hexToBytes as y,parseTime as b,requireElement as x,toHex as S}from"../internal/asn1/asn1.js";import{OIDS as C}from"../internal/asn1/oids.js";import{base64Encode as w}from"../internal/shared/base64.js";import{pemDecode as T,pemEncode as E}from"../pem/pem.js";import{exportSpkiDer as D}from"../keys/keys.js";import{describeSignatureAlgorithm as te}from"../internal/crypto/algorithm-names.js";import{decodeIpAddress as ne}from"../internal/shared/ip.js";import{encodeDistributionPointReasonFlagsContent as re,parseDistributionPointReasonFlagsContent as O}from"../internal/x509/extension-bits.js";import{nameFieldKeyFromOid as k}from"../internal/x509/name-fields.js";import{encodeName as ie,encodeRelativeDistinguishedName as ae}from"../x509/name.js";import{buildSubjectKeyIdentifier as oe,encodeCrlDistributionPoints as se,encodeExtension as A,encodeSubjectAltName as ce}from"../x509/extensions.js";import{parseCertificateDer as le,parseCertificateFromSource as j}from"../x509/parse.js";import{verifySignedDataDetailed as ue}from"../internal/crypto/sig-verify.js";import{compareDistinguishedNames as M,compareNameAttributeValue as de}from"../internal/shared/dn.js";import{encodeAlgorithmIdentifier as fe,getSignatureAlgorithm as pe,signBytes as me}from"../internal/crypto/signing.js";const he={unspecified:0,keyCompromise:1,cACompromise:2,affiliationChanged:3,superseded:4,cessationOfOperation:5,certificateHold:6,removeFromCRL:8,privilegeWithdrawn:9,aACompromise:10};async function ge(t){let r=pe(t.signerPrivateKey),i=t.thisUpdate??new Date,a=t.nextUpdate,o=await Me(t.issuerPublicKey,t.crlNumber,t.baseCrlNumber,t.issuingDistributionPoint,t.freshestCrlDistributionPoints),c=t.revokedCertificates??[],l=c.length===0?[]:[d(c.map(e=>Ne(e,i)))],u=d([s(1),fe(r),ie(t.issuer),f(i),...a===void 0?[]:[f(a)],...l,...o.length===0?[]:[n(0,d(o))]]),p=await me(t.signerPrivateKey,r,u),m=d([u,fe(r),e(p)]);return{der:m,pem:E(`X509 CRL`,m),base64:w(m)}}function N(e){let t=u(e,{maxDepth:64});if(t.length!==3)throw Error(`Malformed CRL`);let n=x(t[0],`TBSCertList`),r=x(t[1],`signatureAlgorithm`),i=x(t[2],`signatureValue`),a=tt(e.slice(n.start-n.headerLength,n.end)),o=Xe(e,r);return{der:new Uint8Array(e),version:a.version,tbsCertListDer:e.slice(n.start-n.headerLength,n.end),signatureValue:v(i),issuer:a.issuer,thisUpdate:a.thisUpdate,...a.nextUpdate===void 0?{}:{nextUpdate:a.nextUpdate},signatureAlgorithmOid:o.oid,signatureAlgorithmName:te(o.oid,o.parametersDer),...o.parametersDer===void 0?{}:{signatureAlgorithmParametersDer:o.parametersDer},...a.authorityKeyIdentifier===void 0?{}:{authorityKeyIdentifier:a.authorityKeyIdentifier},...a.crlNumber===void 0?{}:{crlNumber:a.crlNumber},...a.baseCrlNumber===void 0?{}:{baseCrlNumber:a.baseCrlNumber},...a.issuingDistributionPoint===void 0?{}:{issuingDistributionPoint:a.issuingDistributionPoint},...a.freshestCrlDistributionPoints===void 0?{}:{freshestCrlDistributionPoints:a.freshestCrlDistributionPoints},revokedCertificates:a.revokedCertificates}}function P(e){return N(T(`X509 CRL`,e))}async function _e(e,t){let n,r;try{n=typeof e==`string`?P(e):N(new Uint8Array(e)),r=typeof t==`string`?$e(t):Qe(new Uint8Array(t))}catch{return I(`signature_invalid`,`certificate revocation list or issuer certificate input is malformed`)}let i;try{i=await ue(n.signatureAlgorithmOid,n.signatureAlgorithmParametersDer,r.publicKeyAlgorithmOid,r.publicKeyParametersOid,r.subjectPublicKeyInfoDer,n.signatureValue,n.tbsCertListDer)}catch{return I(`signature_invalid`,`certificate revocation list signature verification failed`)}return i.ok?i.valid?{ok:!0,value:n}:I(`signature_invalid`,`certificate revocation list signature does not verify`):i.code===`verification_error`?I(`signature_invalid`,`certificate revocation list signature verification failed`):I(`signature_invalid`,`certificate revocation list signature uses unsupported algorithm parameters`)}async function F(e){let t;try{t=et(e.crl)}catch{return L(`signature_invalid`,`certificate revocation list signed content is malformed`)}let n;try{n=Q(e.issuerCertificate)}catch{return L(`signature_invalid`,`issuer certificate input is malformed`)}if(!M(t.issuer,n.subject))return L(`issuer_mismatch`,`CRL issuer name does not match certificate subject`);if(t.authorityKeyIdentifier!==void 0&&n.subjectKeyIdentifier!==void 0&&t.authorityKeyIdentifier!==n.subjectKeyIdentifier)return L(`issuer_mismatch`,`CRL authority key identifier does not match issuer subject key identifier`);if(n.keyUsage!==void 0&&!n.keyUsage.flags.includes(`cRLSign`))return L(`crl_sign_not_permitted`,`issuer certificate key usage does not permit CRL signing`);let r;try{r=await ue(t.signatureAlgorithmOid,t.signatureAlgorithmParametersDer,n.publicKeyAlgorithmOid,n.publicKeyParametersOid,n.subjectPublicKeyInfoDer,t.signatureValue,t.tbsCertListDer)}catch{return L(`signature_invalid`,`certificate revocation list signature verification failed`)}if(!r.ok)return r.code===`verification_error`?L(`signature_invalid`,`certificate revocation list signature verification failed`):L(`signature_invalid`,`certificate revocation list signature uses unsupported algorithm parameters`);if(!r.valid)return L(`signature_invalid`,`certificate revocation list signature does not verify`);let i=e.at??new Date,a=e.clockSkewMs??0;return t.thisUpdate.getTime()-a>i.getTime()||t.nextUpdate!==void 0&&t.nextUpdate.getTime()+a<i.getTime()?L(`stale_crl`,`CRL is not valid at requested time`):{ok:!0,value:t}}async function ve(e){let t;try{t=Q(e.certificate)}catch{return R(`non_applicable`,`certificate input is malformed`)}let n=await F({crl:e.crl,issuerCertificate:e.issuerCertificate,...e.at===void 0?{}:{at:e.at},...e.clockSkewMs===void 0?{}:{clockSkewMs:e.clockSkewMs}});if(!n.ok)return R(n.code,n.message);let r;if(e.deltaCrl!==void 0){let t=await F({crl:e.deltaCrl,issuerCertificate:e.issuerCertificate,...e.at===void 0?{}:{at:e.at},...e.clockSkewMs===void 0?{}:{clockSkewMs:e.clockSkewMs}});if(!t.ok)return R(t.code,t.message);let i=be(n.value,t.value);if(i!==void 0)return i;r=t.value}let i=V(t,n.value);if(i!==void 0)return i;if(r!==void 0){let e=V(t,r,!0);if(e!==void 0)return e}let a=B(t,n.value);if(!a.ok)return a;let o;if(r!==void 0){let e=B(t,r);if(!e.ok)return e;o=e.entry}return Ce(t,e.at??new Date,n.value,a.entry,o)}function I(e,t){return{ok:!1,error:{ok:!1,code:e,message:t},code:e,message:t}}function L(e,t){return{ok:!1,error:{ok:!1,code:e,message:t},code:e,message:t}}function R(e,t,n){return{ok:!1,error:{ok:!1,code:e,message:t,...n===void 0?{}:{details:n}},code:e,message:t,...n===void 0?{}:{details:n}}}function z(e){return{ok:!0,value:e}}function ye(e,t){let n=typeof e==`string`?Z(e):S(e);return t.revokedCertificates.some(e=>Z(e.serialNumberHex)===n)}function B(e,t){let n=Z(e.serialNumberHex),r,i=!1,a;for(let o of t.revokedCertificates){if(o.certificateIssuer!==void 0&&(r=o.certificateIssuer),Z(o.serialNumberHex)!==n)continue;let s=Se(e,t,r);if(s===`match`){if(a!==void 0)return R(`signature_invalid`,`CRL contains multiple revoked entries for certificate`);a=o;continue}s===`unsupported`&&(i=!0)}return a===void 0?i?H(`indirect_crl_unsupported`,`indirect CRL entry certificateIssuer must include a directoryName`):{ok:!0}:{ok:!0,entry:a}}function V(e,t,n=!1){if(!n&&t.baseCrlNumber!==void 0)return H(`delta_crl_unsupported`,`a delta CRL cannot be used as the primary complete CRL input`);let r=t.issuingDistributionPoint,i=r?.indirectCrl===!0;if(!i&&!M(e.issuer,t.issuer))return H(`issuer_mismatch`,`CRL issuer does not match certificate issuer for direct CRL processing`);if(r?.onlyContainsAttributeCerts===!0)return H(`certificate_scope_mismatch`,`attribute-certificate-only CRLs are not applicable to public-key certificates`);let a=e.basicConstraints?.ca===!0;if(r?.onlyContainsUserCerts===!0&&a)return H(`certificate_scope_mismatch`,`CRL only applies to end-entity certificates`);if(r?.onlyContainsCACerts===!0&&!a)return H(`certificate_scope_mismatch`,`CRL only applies to CA certificates`);let o=e.crlDistributionPoints??[];if(o.length===0)return r?.distributionPoint===void 0?i&&!M(e.issuer,t.issuer)?H(`issuer_mismatch`,`indirect CRLs for alternate certificate issuers require matching CRLIssuer distribution points`):void 0:H(`distribution_point_mismatch`,`certificates without CRL distribution points only accept full-scope CRLs`);let s=!1,c=!1,l=!1,u=!1,d=!1;for(let n of o){if(!i&&n.crlIssuer!==void 0){s=!0;continue}if(i&&(!M(e.issuer,t.issuer)||n.crlIssuer!==void 0)){let e=xe(n.crlIssuer,t);if(e===`unsupported`){u=!0;continue}if(!e){l=!0;continue}}if(!we(n.distributionPoint,r?.distributionPoint,t.issuer)){c=!0;continue}if(!Ae(n.reasons,r?.onlySomeReasons)){d=!0;continue}return}return d?H(`reasons_mismatch`,`certificate distribution point reasons do not overlap the CRL reason scope`):u?H(`indirect_crl_unsupported`,`indirect CRL distribution points must identify the CRL issuer with directoryName`):l?H(`issuer_mismatch`,`certificate distribution points do not authorize this indirect CRL issuer`):c?H(`distribution_point_mismatch`,`certificate distribution points do not match the CRL issuing distribution point`):s?H(`indirect_crl_unsupported`,`certificate distribution points that name alternate CRL issuers are not supported yet`):H(`distribution_point_mismatch`,`certificate distribution points do not match the CRL scope`)}function be(e,t){if(e.baseCrlNumber!==void 0)return H(`delta_crl_incompatible`,`complete CRL input must not itself be a delta CRL`);if(t.baseCrlNumber===void 0)return H(`delta_crl_incompatible`,`delta CRL input must include a delta CRL indicator`);if(!M(e.issuer,t.issuer))return H(`delta_crl_incompatible`,`complete and delta CRLs must share the same issuer`);if(e.authorityKeyIdentifier!==t.authorityKeyIdentifier)return H(`delta_crl_incompatible`,`complete and delta CRLs must share the same authority key identifier`);if(!Ee(e.issuingDistributionPoint,t.issuingDistributionPoint))return H(`delta_crl_incompatible`,`complete and delta CRLs must share the same issuing distribution point scope`);if(e.crlNumber===void 0||t.crlNumber===void 0)return H(`delta_crl_incompatible`,`complete and delta CRLs must both carry CRL numbers for delta processing`);if(e.crlNumber<t.baseCrlNumber)return H(`delta_crl_incompatible`,`delta CRL base number must not exceed the complete CRL number`);if(e.crlNumber>=t.crlNumber)return H(`delta_crl_incompatible`,`delta CRL number must be newer than the complete CRL number`)}function xe(e,t){if(e===void 0)return!1;let n=!1;for(let r of e){if(r.type===`directoryName`){if(X(r.derHex,t.issuer))return!0;continue}n=!0}return n?`unsupported`:!1}function Se(e,t,n){if(n===void 0)return M(e.issuer,t.issuer)?`match`:`mismatch`;let r=!1;for(let t of n){if(t.type===`directoryName`){if(X(t.derHex,e.issuer))return`match`;continue}r=!0}return r?`unsupported`:`mismatch`}function H(e,t){return R(`non_applicable`,t,{reason:e})}function Ce(e,t,n,r,i){if(i!==void 0)if(i.reasonCode===`removeFromCRL`){if(r?.reasonCode===`certificateHold`||e.notAfter.getTime()<t.getTime())return z({status:`good`,crl:n})}else return z({status:`revoked`,crl:n,revocationDate:i.revocationDate,...i.reasonCode===void 0?{}:{reasonCode:i.reasonCode}});return z(r===void 0?{status:`good`,crl:n}:{status:`revoked`,crl:n,revocationDate:r.revocationDate,...r.reasonCode===void 0?{}:{reasonCode:r.reasonCode}})}function we(e,t,n){if(t===void 0)return!0;if(e===void 0)return!1;if(e.fullName!==void 0&&t.fullName!==void 0)return e.fullName.some(e=>t.fullName?.some(t=>W(e,t))===!0);if(e.relativeName!==void 0&&t.fullName!==void 0){let r=U(n,e.relativeName);return t.fullName.some(e=>e.type===`directoryName`&&e.derHex===r)}if(e.relativeName!==void 0&&t.relativeName!==void 0)return G(e.relativeName,t.relativeName);if(e.fullName!==void 0&&t.relativeName!==void 0){let r=U(n,t.relativeName);return e.fullName.some(e=>e.type===`directoryName`&&e.derHex===r)}return!1}function U(e,t){let n=e.rdns.map(e=>y(e.derHex)),r=Te(y(t.derHex));return n.push(r),S(d(n))}function Te(e){return p(49,l(e,{maxDepth:64}).value)}function Ee(e,t){return e===void 0||t===void 0?e===t:De(e.distributionPoint,t.distributionPoint)&&e.onlyContainsUserCerts===!0==(t.onlyContainsUserCerts===!0)&&e.onlyContainsCACerts===!0==(t.onlyContainsCACerts===!0)&&e.indirectCrl===!0==(t.indirectCrl===!0)&&e.onlyContainsAttributeCerts===!0==(t.onlyContainsAttributeCerts===!0)&&ke(e.onlySomeReasons,t.onlySomeReasons)}function De(e,t){return e===void 0||t===void 0?e===t:e.fullName!==void 0||t.fullName!==void 0?e.fullName===void 0||t.fullName===void 0?!1:Oe(e.fullName,t.fullName):e.relativeName===void 0||t.relativeName===void 0?!1:G(e.relativeName,t.relativeName)}function Oe(e,t){if(e.length!==t.length)return!1;let n=Array(t.length).fill(!1);for(let r of e){let e=!1;for(let i=0;i<t.length;i+=1){let a=t[i];if(!(a===void 0||n[i])&&W(r,a)){n[i]=!0,e=!0;break}}if(!e)return!1}return!0}function ke(e,t){return e===void 0||t===void 0?e===t:e.flags.length===t.flags.length?e.flags.every(e=>t.flags.includes(e)):!1}function Ae(e,t){return e===void 0||t===void 0?!0:e.flags.some(e=>t.flags.includes(e))}function W(e,t){if(e.type===`dns`&&t.type===`dns`||e.type===`email`&&t.type===`email`||e.type===`ip`&&t.type===`ip`||e.type===`uri`&&t.type===`uri`)return e.value===t.value;if(e.type===`directoryName`&&t.type===`directoryName`){let n=Y(e.derHex),r=Y(t.derHex);return n===void 0||r===void 0?!1:M(n,r)}return e.type===`unknown`&&t.type===`unknown`?e.tag===t.tag&&je(e.value,t.value):!1}function je(e,t){if(e.length!==t.length)return!1;for(let n=0;n<e.length;n+=1)if(e[n]!==t[n])return!1;return!0}function G(e,t){if(e.attributes.length!==t.attributes.length)return!1;let n=Array(t.attributes.length).fill(!1);for(let r of e.attributes){let e=!1;for(let i=0;i<t.attributes.length;i+=1){let a=t.attributes[i];if(!(a===void 0||n[i])&&de(r,a)){n[i]=!0,e=!0;break}}if(!e)return!1}return!0}async function Me(e,t,n,r,i){let o=[];if(e!==void 0){let t=await D(e);o.push(A(C.authorityKeyIdentifier,d([a(0,oe(t))])))}return t!==void 0&&o.push(A(C.cRLNumber,s(t))),n!==void 0&&o.push(A(C.deltaCRLIndicator,s(n),!0)),r!==void 0&&o.push(A(C.issuingDistributionPoint,He(r),!0)),i!==void 0&&i.length>0&&o.push(A(C.freshestCRL,se(i))),o}function Ne(e,t){let n=Pe(e);return d([o(e.serialNumber),f(e.revocationDate??t),...n.length===0?[]:[d(n)]])}function Pe(e){let t=[];return e.reasonCode!==void 0&&t.push(A(C.cRLReason,p(10,Uint8Array.of(he[e.reasonCode])))),e.invalidityDate!==void 0&&t.push(A(C.invalidityDate,r(e.invalidityDate))),t}function Fe(e,t){if(e===void 0||t===void 0)return{};let n,r,i,a=new Set;for(let o of m(e,t)){let t=m(e,o);if(t.length<2||t.length>3||t.length===3&&t[1]?.tag!==1)throw Error(`Malformed revoked certificate extension`);let s=g(x(t[0],`revoked certificate extension OID`).value);if(a.has(s))throw Error(`Duplicate revoked certificate extension OID: ${s}`);a.add(s);let u=x(t[t.length-1],`revoked certificate extension value`);if(u.tag!==4)throw Error(`Revoked certificate extension value must use OCTET STRING`);if(s===C.cRLReason&&(n=Ze(c(u.value).value[0])),s===C.invalidityDate&&(r=b(c(u.value))),s===C.certificateIssuer){let e=l(u.value,{maxDepth:64});if(e.tag!==48)throw Error(`certificateIssuer must use SEQUENCE`);i=q(u.value,e)}}return{...n===void 0?{}:{reasonCode:n},...r===void 0?{}:{invalidityDate:r},...i===void 0?{}:{certificateIssuer:i}}}function Ie(e){let t=l(e,{maxDepth:64}),n,r,i,a,o,s;for(let c of m(e,t))if(c.tag===160){if(n!==void 0)throw Error(`IssuingDistributionPoint distributionPoint must not repeat`);let t=K(e,c);t!==void 0&&(n=t)}else if(c.tag===129){if(r!==void 0)throw Error(`IssuingDistributionPoint onlyContainsUserCerts must not repeat`);r=J(c)}else if(c.tag===130){if(i!==void 0)throw Error(`IssuingDistributionPoint onlyContainsCACerts must not repeat`);i=J(c)}else if(c.tag===131){if(a!==void 0)throw Error(`IssuingDistributionPoint onlySomeReasons must not repeat`);a=O(c.value)}else if(c.tag===132){if(o!==void 0)throw Error(`IssuingDistributionPoint indirectCrl must not repeat`);o=J(c)}else if(c.tag===133){if(s!==void 0)throw Error(`IssuingDistributionPoint onlyContainsAttributeCerts must not repeat`);s=J(c)}else throw Error(`Unsupported IssuingDistributionPoint field tag: ${String(c.tag)}`);if([r,i,s].filter(e=>e===!0).length>1)throw Error(`IssuingDistributionPoint scope booleans are mutually exclusive`);return{...n===void 0?{}:{distributionPoint:n},...r===void 0?{}:{onlyContainsUserCerts:r},...i===void 0?{}:{onlyContainsCACerts:i},...a===void 0?{}:{onlySomeReasons:a},...o===void 0?{}:{indirectCrl:o},...s===void 0?{}:{onlyContainsAttributeCerts:s}}}function Le(e){let t=l(e,{maxDepth:64});if(t.tag!==48)throw Error(`DistributionPoints must use SEQUENCE`);let n=m(e,t);if(n.length===0)throw Error(`DistributionPoints must not be empty`);return n.map(t=>Re(e,t))}function K(e,t){let n=m(e,t);if(n.length!==1)throw Error(`distributionPointName must contain exactly one choice`);let r=x(n[0],`distributionPointName`);if(r.tag===160){let t=m(e,r);if(t.length===0)throw Error(`distributionPointName fullName must not be empty`);for(let e of t)if((e.tag&192)!=128)throw Error(`distributionPointName fullName must contain GeneralName entries`);return{fullName:t.map(e=>ze(e))}}if(r.tag===161)return{relativeName:Be(e,r)};throw Error(`Unsupported distributionPointName tag: ${String(r.tag)}`)}function Re(e,t){if(t.tag!==48)throw Error(`DistributionPoint must use SEQUENCE`);let n,r,i;for(let a of m(e,t))if(a.tag===160){if(n!==void 0)throw Error(`DistributionPoint distributionPoint must not repeat`);let t=K(e,a);t!==void 0&&(n=t)}else if(a.tag===129){if(r!==void 0)throw Error(`DistributionPoint reasons must not repeat`);r=O(a.value)}else if(a.tag===162){if(i!==void 0)throw Error(`DistributionPoint crlIssuer must not repeat`);i=q(e,a)}else throw Error(`Unsupported DistributionPoint field tag: ${String(a.tag)}`);if(n===void 0&&i===void 0)throw Error(`DistributionPoint must include distributionPoint or crlIssuer`);return{...n===void 0?{}:{distributionPoint:n},...r===void 0?{}:{reasons:r},...i===void 0?{}:{crlIssuer:i}}}function ze(e){switch(e.tag){case 129:return{type:`email`,value:$.decode(e.value)};case 130:return{type:`dns`,value:$.decode(e.value)};case 134:return{type:`uri`,value:$.decode(e.value)};case 135:return{type:`ip`,value:ne(e.value)};case 164:return{type:`directoryName`,derHex:S(Ge(e))};default:return{type:`unknown`,tag:e.tag,value:new Uint8Array(e.value)}}}function q(e,t){let n=m(e,t);if(n.length===0)throw Error(`GeneralNames must not be empty`);for(let e of n)if((e.tag&192)!=128)throw Error(`GeneralNames must contain GeneralName entries`);return n.map(e=>ze(e))}function Be(e,t){let n=[],r={};for(let i of m(e,t)){let t=m(e,i),a=g(x(t[0],`name OID`).value),o=x(t[1],`name value`),s=k(a),c=Ve(o),l=s===void 0?{oid:a,valueTag:o.tag,value:c}:{oid:a,key:s,valueTag:o.tag,value:c};n.push(l),s!==void 0&&r[s]===void 0&&(r[s]=c)}return{derHex:S(e.slice(t.start-t.headerLength,t.end)),attributes:n,values:r}}function Ve(e){return _(e.tag,e.value)}function J(e){return(e.value[0]??0)!==0}function He(e){if([e.onlyContainsUserCerts===!0,e.onlyContainsCACerts===!0,e.onlyContainsAttributeCerts===!0].filter(Boolean).length>1)throw Error(`IssuingDistributionPoint can assert at most one of user, CA, or attribute cert scope`);let t=[];return e.distributionPoint!==void 0&&t.push(i(0,Ue(e.distributionPoint))),e.onlyContainsUserCerts&&t.push(a(1,Uint8Array.of(255))),e.onlyContainsCACerts&&t.push(a(2,Uint8Array.of(255))),e.onlySomeReasons!==void 0&&e.onlySomeReasons.length>0&&t.push(a(3,re(e.onlySomeReasons))),e.indirectCrl&&t.push(a(4,Uint8Array.of(255))),e.onlyContainsAttributeCerts&&t.push(a(5,Uint8Array.of(255))),d(t)}function Ue(e){if(e===void 0)throw Error(`IssuingDistributionPoint distributionPoint is required`);if(e.fullName!==void 0&&e.relativeName!==void 0)throw Error(`DistributionPointName cannot contain both fullName and relativeName`);if(e.fullName!==void 0){if(e.fullName.length===0)throw Error(`DistributionPointName fullName must not be empty`);return i(0,We(e.fullName))}if(e.relativeName!==void 0){let t=ae(e.relativeName),n=c(t);return i(1,t.slice(n.start,n.end))}throw Error(`DistributionPointName must contain fullName or relativeName`)}function We(e){return t(e.map(e=>ce(e)))}function Ge(e){return e.value.length>0&&e.value[0]===48?new Uint8Array(e.value):p(48,e.value)}function Ke(e,t){let n=S(e.slice(t.start-t.headerLength,t.end)),r=[],i=[],a={};for(let n of m(e,t)){let t=[],o={};for(let r of m(e,n)){let n=m(e,r),s=x(n[0],`issuer attribute OID`),c=x(n[1],`issuer attribute value`),l=g(s.value),u;try{u=_(c.tag,c.value)}catch{u=$.decode(c.value)}let d=k(l),f=d===void 0?{oid:l,valueTag:c.tag,value:u}:{oid:l,key:d,valueTag:c.tag,value:u};t.push(f),i.push(f),d!==void 0&&(o[d]===void 0&&(o[d]=u),a[d]===void 0&&(a[d]=u))}r.push({derHex:S(e.slice(n.start-n.headerLength,n.end)),attributes:t,values:o})}return{derHex:n,rdns:r,attributes:i,values:a}}function Y(e){try{let t=y(e),n=qe(t,l(t,{maxDepth:64}));return n.tag===48?Ke(t,n):void 0}catch{return}}function qe(e,t){if(t.tag!==48)return t;let n=m(e,t),r=n[0];return n.length===1&&r?.tag===48?r:t}function X(e,t){let n=Y(e);return n===void 0?!1:M(n,t)}function Je(e){let t=l(e,{maxDepth:64,allowOpaqueConstructedTags:[161,162]});if(t.tag!==48)throw Error(`authorityKeyIdentifier must use SEQUENCE`);let n,r=!1,i=!1,a=-1;for(let o of m(e,t)){if(o.tag===128){if(n!==void 0)throw Error(`authorityKeyIdentifier keyIdentifier must not repeat`);if(a>=0)throw Error(`authorityKeyIdentifier fields must preserve DER order`);n=S(o.value),a=0;continue}if(o.tag===161){if(r)throw Error(`authorityKeyIdentifier authorityCertIssuer must not repeat`);if(a>=1)throw Error(`authorityKeyIdentifier fields must preserve DER order`);q(e,o),r=!0,a=1;continue}if(o.tag===130){if(i)throw Error(`authorityKeyIdentifier authorityCertSerialNumber must not repeat`);if(a>=2||!r)throw Error(`authorityKeyIdentifier fields must preserve DER order`);Ye(o.value,`authorityKeyIdentifier authorityCertSerialNumber`),i=!0,a=2;continue}throw Error(`Unsupported authorityKeyIdentifier field tag: ${String(o.tag)}`)}return n}function Ye(e,t){let n=e[0];if(n===void 0)throw Error(`${t} must not be empty`);if(n&128)throw Error(`${t} must be non-negative`);if(e.length>1&&n===0&&!((e[1]??0)&128))throw Error(`${t} must use minimal encoding`)}function Xe(e,t){let n=m(e,t),r=x(n[0],`algorithm OID`),i=n[1];return i===void 0?{oid:g(r.value)}:{oid:g(r.value),parametersDer:e.slice(i.start-i.headerLength,i.end)}}function Z(e){return e.toLowerCase()}function Ze(e){switch(e){case 0:return`unspecified`;case 1:return`keyCompromise`;case 2:return`cACompromise`;case 3:return`affiliationChanged`;case 4:return`superseded`;case 5:return`cessationOfOperation`;case 6:return`certificateHold`;case 8:return`removeFromCRL`;case 9:return`privilegeWithdrawn`;case 10:return`aACompromise`}}function Qe(e){return j(e)}function $e(e){return j(e)}function et(e){if(typeof e==`string`)return P(e);if(e instanceof Uint8Array)return N(new Uint8Array(e));if(rt(e))return N(new Uint8Array(e.der));throw Error(`certificate revocation list input is malformed`)}function tt(e){let t=m(e,l(e,{maxDepth:64})),n=0,r=1,i=t[n];if(i!==void 0&&i.tag!==2&&i.tag!==48)throw Error(`version must use INTEGER`);if(i?.tag===2){let e=x(t[n],`version`);if(e.tag!==2)throw Error(`version must use INTEGER`);if(r=h(e.value)+1,r!==2)throw Error(`Unsupported CRL version: ${String(r)}`);n+=1}n+=1;let a=x(t[n],`issuer`),o=x(t[n+1],`thisUpdate`),s=n+2,d=t[s],f=d!==void 0&&(d.tag===23||d.tag===24)?b(d):void 0;f!==void 0&&(s+=1);let p=[],_=t[s];_?.tag===48&&(p=m(e,_).map(t=>{let n=e.slice(t.start-t.headerLength,t.end),i=u(n),a=x(i[0],`revoked serialNumber`);if(a.tag!==2)throw Error(`revoked serialNumber must use INTEGER`);let o=i[2];if(o!==void 0&&r!==2)throw Error(`revoked certificate extensions require CRL version 2`);let s=Fe(n,o);return{serialNumberHex:S(a.value),revocationDate:b(x(i[1],`revocationDate`)),...s.reasonCode===void 0?{}:{reasonCode:s.reasonCode},...s.invalidityDate===void 0?{}:{invalidityDate:s.invalidityDate},...s.certificateIssuer===void 0?{}:{certificateIssuer:s.certificateIssuer}}}),s+=1);let v,y,w,T,E,D=t[s];if(D?.tag===160){if(r!==2)throw Error(`CRL extensions require version 2`);let t=new Set,n=x(m(e,D)[0],`crl extensions`);for(let r of m(e,n)){let n=m(e,r);if(n.length<2||n.length>3||n.length===3&&n[1]?.tag!==1)throw Error(`Malformed CRL extension`);let i=g(x(n[0],`extension OID`).value);if(t.has(i))throw Error(`Duplicate CRL extension OID: ${i}`);t.add(i);let a=n.length===3?ee(x(n[1],`extension critical`).value):!1,o=x(n[n.length-1],`extension value`);if(o.tag!==4)throw Error(`CRL extension value must use OCTET STRING`);if(i!==C.authorityKeyIdentifier&&i!==C.cRLNumber&&i!==C.deltaCRLIndicator&&i!==C.issuingDistributionPoint&&i!==C.freshestCRL&&a)throw Error(`Unsupported critical CRL extension OID: ${i}`);i===C.authorityKeyIdentifier&&(v=Je(o.value)),i===C.cRLNumber&&(y=h(c(o.value).value)),i===C.deltaCRLIndicator&&(w=h(c(o.value).value)),i===C.issuingDistributionPoint&&(T=Ie(o.value)),i===C.freshestCRL&&(E=Le(o.value))}}return{version:r,issuer:Ke(e,a),thisUpdate:b(o),...f===void 0?{}:{nextUpdate:f},...v===void 0?{}:{authorityKeyIdentifier:v},...y===void 0?{}:{crlNumber:y},...w===void 0?{}:{baseCrlNumber:w},...T===void 0?{}:{issuingDistributionPoint:T},...E===void 0?{}:{freshestCrlDistributionPoints:E},revokedCertificates:p}}function Q(e){return nt(e)?le(new Uint8Array(e.der)):j(e)}function nt(e){return typeof e!=`string`&&`subjectPublicKeyInfoDer`in e}function rt(e){return`der`in e&&e.der instanceof Uint8Array}const $=new TextDecoder;export{ve as checkCertificateRevocationAgainstCrl,ge as createCertificateRevocationList,ye as isCertificateRevoked,N as parseCertificateRevocationListDer,P as parseCertificateRevocationListPem,F as validateCertificateRevocationList,_e as verifyCertificateRevocationList};
|
|
1
|
+
import{bitString as e,concatBytes as t,explicitContext as n,generalizedTime as r,implicitConstructedContext as i,implicitPrimitiveContext as a,integer as o,integerFromNumber as s,readElement as c,readRootElement as l,readSequenceChildren as u,sequence as d,time as f,tlv as p}from"../internal/asn1/der.js";import{childrenOf as m,decodeBoolean as ee,decodeIntegerNumber as h,decodeObjectIdentifier as g,decodeString as _,extractBitStringValue as v,hexToBytes as y,parseTime as b,requireElement as x,toHex as S}from"../internal/asn1/asn1.js";import{OIDS as C}from"../internal/asn1/oids.js";import{base64Encode as w}from"../internal/shared/base64.js";import{pemDecode as T,pemEncode as E}from"../pem/pem.js";import{exportSpkiDer as D}from"../keys/keys.js";import{describeSignatureAlgorithm as te}from"../internal/crypto/algorithm-names.js";import{decodeIpAddress as ne}from"../internal/shared/ip.js";import{encodeDistributionPointReasonFlagsContent as re,parseDistributionPointReasonFlagsContent as O}from"../internal/x509/extension-bits.js";import{nameFieldKeyFromOid as k}from"../internal/x509/name-fields.js";import{encodeName as ie,encodeRelativeDistinguishedName as ae}from"../x509/name.js";import{buildSubjectKeyIdentifier as oe,encodeCrlDistributionPoints as se,encodeExtension as A,encodeSubjectAltName as ce}from"../x509/extensions.js";import{parseCertificateDer as le,parseCertificateFromSource as j}from"../x509/parse.js";import{verifySignedDataDetailed as ue}from"../internal/crypto/sig-verify.js";import{encodeAlgorithmIdentifier as de,getSignatureAlgorithm as fe,signBytes as pe}from"../internal/crypto/signing.js";import{compareDistinguishedNames as M,compareNameAttributeValue as me}from"../internal/shared/dn.js";const he={unspecified:0,keyCompromise:1,cACompromise:2,affiliationChanged:3,superseded:4,cessationOfOperation:5,certificateHold:6,removeFromCRL:8,privilegeWithdrawn:9,aACompromise:10};async function ge(t){let r=fe(t.signerPrivateKey),i=t.thisUpdate??new Date,a=t.nextUpdate,o=await Me(t.issuerPublicKey,t.crlNumber,t.baseCrlNumber,t.issuingDistributionPoint,t.freshestCrlDistributionPoints),c=t.revokedCertificates??[],l=c.length===0?[]:[d(c.map(e=>Ne(e,i)))],u=d([s(1),de(r),ie(t.issuer),f(i),...a===void 0?[]:[f(a)],...l,...o.length===0?[]:[n(0,d(o))]]),p=await pe(t.signerPrivateKey,r,u),m=d([u,de(r),e(p)]);return{der:m,pem:E(`X509 CRL`,m),base64:w(m)}}function N(e){let t=u(e,{maxDepth:64});if(t.length!==3)throw Error(`Malformed CRL`);let n=x(t[0],`TBSCertList`),r=x(t[1],`signatureAlgorithm`),i=x(t[2],`signatureValue`),a=tt(e.slice(n.start-n.headerLength,n.end)),o=Xe(e,r);return{der:new Uint8Array(e),version:a.version,tbsCertListDer:e.slice(n.start-n.headerLength,n.end),signatureValue:v(i),issuer:a.issuer,thisUpdate:a.thisUpdate,...a.nextUpdate===void 0?{}:{nextUpdate:a.nextUpdate},signatureAlgorithmOid:o.oid,signatureAlgorithmName:te(o.oid,o.parametersDer),...o.parametersDer===void 0?{}:{signatureAlgorithmParametersDer:o.parametersDer},...a.authorityKeyIdentifier===void 0?{}:{authorityKeyIdentifier:a.authorityKeyIdentifier},...a.crlNumber===void 0?{}:{crlNumber:a.crlNumber},...a.baseCrlNumber===void 0?{}:{baseCrlNumber:a.baseCrlNumber},...a.issuingDistributionPoint===void 0?{}:{issuingDistributionPoint:a.issuingDistributionPoint},...a.freshestCrlDistributionPoints===void 0?{}:{freshestCrlDistributionPoints:a.freshestCrlDistributionPoints},revokedCertificates:a.revokedCertificates}}function P(e){return N(T(`X509 CRL`,e))}async function _e(e,t){let n,r;try{n=typeof e==`string`?P(e):N(new Uint8Array(e)),r=typeof t==`string`?$e(t):Qe(new Uint8Array(t))}catch{return I(`signature_invalid`,`certificate revocation list or issuer certificate input is malformed`)}let i;try{i=await ue(n.signatureAlgorithmOid,n.signatureAlgorithmParametersDer,r.publicKeyAlgorithmOid,r.publicKeyParametersOid,r.subjectPublicKeyInfoDer,n.signatureValue,n.tbsCertListDer)}catch{return I(`signature_invalid`,`certificate revocation list signature verification failed`)}return i.ok?i.valid?{ok:!0,value:n}:I(`signature_invalid`,`certificate revocation list signature does not verify`):i.code===`verification_error`?I(`signature_invalid`,`certificate revocation list signature verification failed`):I(`signature_invalid`,`certificate revocation list signature uses unsupported algorithm parameters`)}async function F(e){let t;try{t=et(e.crl)}catch{return L(`signature_invalid`,`certificate revocation list signed content is malformed`)}let n;try{n=Q(e.issuerCertificate)}catch{return L(`signature_invalid`,`issuer certificate input is malformed`)}if(!M(t.issuer,n.subject))return L(`issuer_mismatch`,`CRL issuer name does not match certificate subject`);if(t.authorityKeyIdentifier!==void 0&&n.subjectKeyIdentifier!==void 0&&t.authorityKeyIdentifier!==n.subjectKeyIdentifier)return L(`issuer_mismatch`,`CRL authority key identifier does not match issuer subject key identifier`);if(n.keyUsage!==void 0&&!n.keyUsage.flags.includes(`cRLSign`))return L(`crl_sign_not_permitted`,`issuer certificate key usage does not permit CRL signing`);let r;try{r=await ue(t.signatureAlgorithmOid,t.signatureAlgorithmParametersDer,n.publicKeyAlgorithmOid,n.publicKeyParametersOid,n.subjectPublicKeyInfoDer,t.signatureValue,t.tbsCertListDer)}catch{return L(`signature_invalid`,`certificate revocation list signature verification failed`)}if(!r.ok)return r.code===`verification_error`?L(`signature_invalid`,`certificate revocation list signature verification failed`):L(`signature_invalid`,`certificate revocation list signature uses unsupported algorithm parameters`);if(!r.valid)return L(`signature_invalid`,`certificate revocation list signature does not verify`);let i=e.at??new Date,a=e.clockSkewMs??0;return t.thisUpdate.getTime()-a>i.getTime()||t.nextUpdate!==void 0&&t.nextUpdate.getTime()+a<i.getTime()?L(`stale_crl`,`CRL is not valid at requested time`):{ok:!0,value:t}}async function ve(e){let t;try{t=Q(e.certificate)}catch{return R(`non_applicable`,`certificate input is malformed`)}let n=await F({crl:e.crl,issuerCertificate:e.issuerCertificate,...e.at===void 0?{}:{at:e.at},...e.clockSkewMs===void 0?{}:{clockSkewMs:e.clockSkewMs}});if(!n.ok)return R(n.code,n.message);let r;if(e.deltaCrl!==void 0){let t=await F({crl:e.deltaCrl,issuerCertificate:e.issuerCertificate,...e.at===void 0?{}:{at:e.at},...e.clockSkewMs===void 0?{}:{clockSkewMs:e.clockSkewMs}});if(!t.ok)return R(t.code,t.message);let i=be(n.value,t.value);if(i!==void 0)return i;r=t.value}let i=V(t,n.value);if(i!==void 0)return i;if(r!==void 0){let e=V(t,r,!0);if(e!==void 0)return e}let a=B(t,n.value);if(!a.ok)return a;let o;if(r!==void 0){let e=B(t,r);if(!e.ok)return e;o=e.entry}return Ce(t,e.at??new Date,n.value,a.entry,o)}function I(e,t){return{ok:!1,error:{ok:!1,code:e,message:t},code:e,message:t}}function L(e,t){return{ok:!1,error:{ok:!1,code:e,message:t},code:e,message:t}}function R(e,t,n){return{ok:!1,error:{ok:!1,code:e,message:t,...n===void 0?{}:{details:n}},code:e,message:t,...n===void 0?{}:{details:n}}}function z(e){return{ok:!0,value:e}}function ye(e,t){let n=typeof e==`string`?Z(e):S(e);return t.revokedCertificates.some(e=>Z(e.serialNumberHex)===n)}function B(e,t){let n=Z(e.serialNumberHex),r,i=!1,a;for(let o of t.revokedCertificates){if(o.certificateIssuer!==void 0&&(r=o.certificateIssuer),Z(o.serialNumberHex)!==n)continue;let s=Se(e,t,r);if(s===`match`){if(a!==void 0)return R(`signature_invalid`,`CRL contains multiple revoked entries for certificate`);a=o;continue}s===`unsupported`&&(i=!0)}return a===void 0?i?H(`indirect_crl_unsupported`,`indirect CRL entry certificateIssuer must include a directoryName`):{ok:!0}:{ok:!0,entry:a}}function V(e,t,n=!1){if(!n&&t.baseCrlNumber!==void 0)return H(`delta_crl_unsupported`,`a delta CRL cannot be used as the primary complete CRL input`);let r=t.issuingDistributionPoint,i=r?.indirectCrl===!0;if(!i&&!M(e.issuer,t.issuer))return H(`issuer_mismatch`,`CRL issuer does not match certificate issuer for direct CRL processing`);if(r?.onlyContainsAttributeCerts===!0)return H(`certificate_scope_mismatch`,`attribute-certificate-only CRLs are not applicable to public-key certificates`);let a=e.basicConstraints?.ca===!0;if(r?.onlyContainsUserCerts===!0&&a)return H(`certificate_scope_mismatch`,`CRL only applies to end-entity certificates`);if(r?.onlyContainsCACerts===!0&&!a)return H(`certificate_scope_mismatch`,`CRL only applies to CA certificates`);let o=e.crlDistributionPoints??[];if(o.length===0)return r?.distributionPoint===void 0?i&&!M(e.issuer,t.issuer)?H(`issuer_mismatch`,`indirect CRLs for alternate certificate issuers require matching CRLIssuer distribution points`):void 0:H(`distribution_point_mismatch`,`certificates without CRL distribution points only accept full-scope CRLs`);let s=!1,c=!1,l=!1,u=!1,d=!1;for(let n of o){if(!i&&n.crlIssuer!==void 0){s=!0;continue}if(i&&(!M(e.issuer,t.issuer)||n.crlIssuer!==void 0)){let e=xe(n.crlIssuer,t);if(e===`unsupported`){u=!0;continue}if(!e){l=!0;continue}}if(!we(n.distributionPoint,r?.distributionPoint,t.issuer)){c=!0;continue}if(!Ae(n.reasons,r?.onlySomeReasons)){d=!0;continue}return}return d?H(`reasons_mismatch`,`certificate distribution point reasons do not overlap the CRL reason scope`):u?H(`indirect_crl_unsupported`,`indirect CRL distribution points must identify the CRL issuer with directoryName`):l?H(`issuer_mismatch`,`certificate distribution points do not authorize this indirect CRL issuer`):c?H(`distribution_point_mismatch`,`certificate distribution points do not match the CRL issuing distribution point`):s?H(`indirect_crl_unsupported`,`certificate distribution points that name alternate CRL issuers are not supported yet`):H(`distribution_point_mismatch`,`certificate distribution points do not match the CRL scope`)}function be(e,t){if(e.baseCrlNumber!==void 0)return H(`delta_crl_incompatible`,`complete CRL input must not itself be a delta CRL`);if(t.baseCrlNumber===void 0)return H(`delta_crl_incompatible`,`delta CRL input must include a delta CRL indicator`);if(!M(e.issuer,t.issuer))return H(`delta_crl_incompatible`,`complete and delta CRLs must share the same issuer`);if(e.authorityKeyIdentifier!==t.authorityKeyIdentifier)return H(`delta_crl_incompatible`,`complete and delta CRLs must share the same authority key identifier`);if(!Ee(e.issuingDistributionPoint,t.issuingDistributionPoint))return H(`delta_crl_incompatible`,`complete and delta CRLs must share the same issuing distribution point scope`);if(e.crlNumber===void 0||t.crlNumber===void 0)return H(`delta_crl_incompatible`,`complete and delta CRLs must both carry CRL numbers for delta processing`);if(e.crlNumber<t.baseCrlNumber)return H(`delta_crl_incompatible`,`delta CRL base number must not exceed the complete CRL number`);if(e.crlNumber>=t.crlNumber)return H(`delta_crl_incompatible`,`delta CRL number must be newer than the complete CRL number`)}function xe(e,t){if(e===void 0)return!1;let n=!1;for(let r of e){if(r.type===`directoryName`){if(X(r.derHex,t.issuer))return!0;continue}n=!0}return n?`unsupported`:!1}function Se(e,t,n){if(n===void 0)return M(e.issuer,t.issuer)?`match`:`mismatch`;let r=!1;for(let t of n){if(t.type===`directoryName`){if(X(t.derHex,e.issuer))return`match`;continue}r=!0}return r?`unsupported`:`mismatch`}function H(e,t){return R(`non_applicable`,t,{reason:e})}function Ce(e,t,n,r,i){if(i!==void 0)if(i.reasonCode===`removeFromCRL`){if(r?.reasonCode===`certificateHold`||e.notAfter.getTime()<t.getTime())return z({status:`good`,crl:n})}else return z({status:`revoked`,crl:n,revocationDate:i.revocationDate,...i.reasonCode===void 0?{}:{reasonCode:i.reasonCode}});return z(r===void 0?{status:`good`,crl:n}:{status:`revoked`,crl:n,revocationDate:r.revocationDate,...r.reasonCode===void 0?{}:{reasonCode:r.reasonCode}})}function we(e,t,n){if(t===void 0)return!0;if(e===void 0)return!1;if(e.fullName!==void 0&&t.fullName!==void 0)return e.fullName.some(e=>t.fullName?.some(t=>W(e,t))===!0);if(e.relativeName!==void 0&&t.fullName!==void 0){let r=U(n,e.relativeName);return t.fullName.some(e=>e.type===`directoryName`&&e.derHex===r)}if(e.relativeName!==void 0&&t.relativeName!==void 0)return G(e.relativeName,t.relativeName);if(e.fullName!==void 0&&t.relativeName!==void 0){let r=U(n,t.relativeName);return e.fullName.some(e=>e.type===`directoryName`&&e.derHex===r)}return!1}function U(e,t){let n=e.rdns.map(e=>y(e.derHex)),r=Te(y(t.derHex));return n.push(r),S(d(n))}function Te(e){return p(49,l(e,{maxDepth:64}).value)}function Ee(e,t){return e===void 0||t===void 0?e===t:De(e.distributionPoint,t.distributionPoint)&&e.onlyContainsUserCerts===!0==(t.onlyContainsUserCerts===!0)&&e.onlyContainsCACerts===!0==(t.onlyContainsCACerts===!0)&&e.indirectCrl===!0==(t.indirectCrl===!0)&&e.onlyContainsAttributeCerts===!0==(t.onlyContainsAttributeCerts===!0)&&ke(e.onlySomeReasons,t.onlySomeReasons)}function De(e,t){return e===void 0||t===void 0?e===t:e.fullName!==void 0||t.fullName!==void 0?e.fullName===void 0||t.fullName===void 0?!1:Oe(e.fullName,t.fullName):e.relativeName===void 0||t.relativeName===void 0?!1:G(e.relativeName,t.relativeName)}function Oe(e,t){if(e.length!==t.length)return!1;let n=Array(t.length).fill(!1);for(let r of e){let e=!1;for(let i=0;i<t.length;i+=1){let a=t[i];if(!(a===void 0||n[i])&&W(r,a)){n[i]=!0,e=!0;break}}if(!e)return!1}return!0}function ke(e,t){return e===void 0||t===void 0?e===t:e.flags.length===t.flags.length?e.flags.every(e=>t.flags.includes(e)):!1}function Ae(e,t){return e===void 0||t===void 0?!0:e.flags.some(e=>t.flags.includes(e))}function W(e,t){if(e.type===`dns`&&t.type===`dns`||e.type===`email`&&t.type===`email`||e.type===`ip`&&t.type===`ip`||e.type===`uri`&&t.type===`uri`)return e.value===t.value;if(e.type===`directoryName`&&t.type===`directoryName`){let n=Y(e.derHex),r=Y(t.derHex);return n===void 0||r===void 0?!1:M(n,r)}return e.type===`unknown`&&t.type===`unknown`?e.tag===t.tag&&je(e.value,t.value):!1}function je(e,t){if(e.length!==t.length)return!1;for(let n=0;n<e.length;n+=1)if(e[n]!==t[n])return!1;return!0}function G(e,t){if(e.attributes.length!==t.attributes.length)return!1;let n=Array(t.attributes.length).fill(!1);for(let r of e.attributes){let e=!1;for(let i=0;i<t.attributes.length;i+=1){let a=t.attributes[i];if(!(a===void 0||n[i])&&me(r,a)){n[i]=!0,e=!0;break}}if(!e)return!1}return!0}async function Me(e,t,n,r,i){let o=[];if(e!==void 0){let t=await D(e);o.push(A(C.authorityKeyIdentifier,d([a(0,oe(t))])))}return t!==void 0&&o.push(A(C.cRLNumber,s(t))),n!==void 0&&o.push(A(C.deltaCRLIndicator,s(n),!0)),r!==void 0&&o.push(A(C.issuingDistributionPoint,He(r),!0)),i!==void 0&&i.length>0&&o.push(A(C.freshestCRL,se(i))),o}function Ne(e,t){let n=Pe(e);return d([o(e.serialNumber),f(e.revocationDate??t),...n.length===0?[]:[d(n)]])}function Pe(e){let t=[];return e.reasonCode!==void 0&&t.push(A(C.cRLReason,p(10,Uint8Array.of(he[e.reasonCode])))),e.invalidityDate!==void 0&&t.push(A(C.invalidityDate,r(e.invalidityDate))),t}function Fe(e,t){if(e===void 0||t===void 0)return{};let n,r,i,a=new Set;for(let o of m(e,t)){let t=m(e,o);if(t.length<2||t.length>3||t.length===3&&t[1]?.tag!==1)throw Error(`Malformed revoked certificate extension`);let s=g(x(t[0],`revoked certificate extension OID`).value);if(a.has(s))throw Error(`Duplicate revoked certificate extension OID: ${s}`);a.add(s);let u=x(t[t.length-1],`revoked certificate extension value`);if(u.tag!==4)throw Error(`Revoked certificate extension value must use OCTET STRING`);if(s===C.cRLReason&&(n=Ze(c(u.value).value[0])),s===C.invalidityDate&&(r=b(c(u.value))),s===C.certificateIssuer){let e=l(u.value,{maxDepth:64});if(e.tag!==48)throw Error(`certificateIssuer must use SEQUENCE`);i=q(u.value,e)}}return{...n===void 0?{}:{reasonCode:n},...r===void 0?{}:{invalidityDate:r},...i===void 0?{}:{certificateIssuer:i}}}function Ie(e){let t=l(e,{maxDepth:64}),n,r,i,a,o,s;for(let c of m(e,t))if(c.tag===160){if(n!==void 0)throw Error(`IssuingDistributionPoint distributionPoint must not repeat`);let t=K(e,c);t!==void 0&&(n=t)}else if(c.tag===129){if(r!==void 0)throw Error(`IssuingDistributionPoint onlyContainsUserCerts must not repeat`);r=J(c)}else if(c.tag===130){if(i!==void 0)throw Error(`IssuingDistributionPoint onlyContainsCACerts must not repeat`);i=J(c)}else if(c.tag===131){if(a!==void 0)throw Error(`IssuingDistributionPoint onlySomeReasons must not repeat`);a=O(c.value)}else if(c.tag===132){if(o!==void 0)throw Error(`IssuingDistributionPoint indirectCrl must not repeat`);o=J(c)}else if(c.tag===133){if(s!==void 0)throw Error(`IssuingDistributionPoint onlyContainsAttributeCerts must not repeat`);s=J(c)}else throw Error(`Unsupported IssuingDistributionPoint field tag: ${String(c.tag)}`);if([r,i,s].filter(e=>e===!0).length>1)throw Error(`IssuingDistributionPoint scope booleans are mutually exclusive`);return{...n===void 0?{}:{distributionPoint:n},...r===void 0?{}:{onlyContainsUserCerts:r},...i===void 0?{}:{onlyContainsCACerts:i},...a===void 0?{}:{onlySomeReasons:a},...o===void 0?{}:{indirectCrl:o},...s===void 0?{}:{onlyContainsAttributeCerts:s}}}function Le(e){let t=l(e,{maxDepth:64});if(t.tag!==48)throw Error(`DistributionPoints must use SEQUENCE`);let n=m(e,t);if(n.length===0)throw Error(`DistributionPoints must not be empty`);return n.map(t=>Re(e,t))}function K(e,t){let n=m(e,t);if(n.length!==1)throw Error(`distributionPointName must contain exactly one choice`);let r=x(n[0],`distributionPointName`);if(r.tag===160){let t=m(e,r);if(t.length===0)throw Error(`distributionPointName fullName must not be empty`);for(let e of t)if((e.tag&192)!=128)throw Error(`distributionPointName fullName must contain GeneralName entries`);return{fullName:t.map(e=>ze(e))}}if(r.tag===161)return{relativeName:Be(e,r)};throw Error(`Unsupported distributionPointName tag: ${String(r.tag)}`)}function Re(e,t){if(t.tag!==48)throw Error(`DistributionPoint must use SEQUENCE`);let n,r,i;for(let a of m(e,t))if(a.tag===160){if(n!==void 0)throw Error(`DistributionPoint distributionPoint must not repeat`);let t=K(e,a);t!==void 0&&(n=t)}else if(a.tag===129){if(r!==void 0)throw Error(`DistributionPoint reasons must not repeat`);r=O(a.value)}else if(a.tag===162){if(i!==void 0)throw Error(`DistributionPoint crlIssuer must not repeat`);i=q(e,a)}else throw Error(`Unsupported DistributionPoint field tag: ${String(a.tag)}`);if(n===void 0&&i===void 0)throw Error(`DistributionPoint must include distributionPoint or crlIssuer`);return{...n===void 0?{}:{distributionPoint:n},...r===void 0?{}:{reasons:r},...i===void 0?{}:{crlIssuer:i}}}function ze(e){switch(e.tag){case 129:return{type:`email`,value:$.decode(e.value)};case 130:return{type:`dns`,value:$.decode(e.value)};case 134:return{type:`uri`,value:$.decode(e.value)};case 135:return{type:`ip`,value:ne(e.value)};case 164:return{type:`directoryName`,derHex:S(Ge(e))};default:return{type:`unknown`,tag:e.tag,value:new Uint8Array(e.value)}}}function q(e,t){let n=m(e,t);if(n.length===0)throw Error(`GeneralNames must not be empty`);for(let e of n)if((e.tag&192)!=128)throw Error(`GeneralNames must contain GeneralName entries`);return n.map(e=>ze(e))}function Be(e,t){let n=[],r={};for(let i of m(e,t)){let t=m(e,i),a=g(x(t[0],`name OID`).value),o=x(t[1],`name value`),s=k(a),c=Ve(o),l=s===void 0?{oid:a,valueTag:o.tag,value:c}:{oid:a,key:s,valueTag:o.tag,value:c};n.push(l),s!==void 0&&r[s]===void 0&&(r[s]=c)}return{derHex:S(e.slice(t.start-t.headerLength,t.end)),attributes:n,values:r}}function Ve(e){return _(e.tag,e.value)}function J(e){return(e.value[0]??0)!==0}function He(e){if([e.onlyContainsUserCerts===!0,e.onlyContainsCACerts===!0,e.onlyContainsAttributeCerts===!0].filter(Boolean).length>1)throw Error(`IssuingDistributionPoint can assert at most one of user, CA, or attribute cert scope`);let t=[];return e.distributionPoint!==void 0&&t.push(i(0,Ue(e.distributionPoint))),e.onlyContainsUserCerts&&t.push(a(1,Uint8Array.of(255))),e.onlyContainsCACerts&&t.push(a(2,Uint8Array.of(255))),e.onlySomeReasons!==void 0&&e.onlySomeReasons.length>0&&t.push(a(3,re(e.onlySomeReasons))),e.indirectCrl&&t.push(a(4,Uint8Array.of(255))),e.onlyContainsAttributeCerts&&t.push(a(5,Uint8Array.of(255))),d(t)}function Ue(e){if(e===void 0)throw Error(`IssuingDistributionPoint distributionPoint is required`);if(e.fullName!==void 0&&e.relativeName!==void 0)throw Error(`DistributionPointName cannot contain both fullName and relativeName`);if(e.fullName!==void 0){if(e.fullName.length===0)throw Error(`DistributionPointName fullName must not be empty`);return i(0,We(e.fullName))}if(e.relativeName!==void 0){let t=ae(e.relativeName),n=c(t);return i(1,t.slice(n.start,n.end))}throw Error(`DistributionPointName must contain fullName or relativeName`)}function We(e){return t(e.map(e=>ce(e)))}function Ge(e){return e.value.length>0&&e.value[0]===48?new Uint8Array(e.value):p(48,e.value)}function Ke(e,t){let n=S(e.slice(t.start-t.headerLength,t.end)),r=[],i=[],a={};for(let n of m(e,t)){let t=[],o={};for(let r of m(e,n)){let n=m(e,r),s=x(n[0],`issuer attribute OID`),c=x(n[1],`issuer attribute value`),l=g(s.value),u;try{u=_(c.tag,c.value)}catch{u=$.decode(c.value)}let d=k(l),f=d===void 0?{oid:l,valueTag:c.tag,value:u}:{oid:l,key:d,valueTag:c.tag,value:u};t.push(f),i.push(f),d!==void 0&&(o[d]===void 0&&(o[d]=u),a[d]===void 0&&(a[d]=u))}r.push({derHex:S(e.slice(n.start-n.headerLength,n.end)),attributes:t,values:o})}return{derHex:n,rdns:r,attributes:i,values:a}}function Y(e){try{let t=y(e),n=qe(t,l(t,{maxDepth:64}));return n.tag===48?Ke(t,n):void 0}catch{return}}function qe(e,t){if(t.tag!==48)return t;let n=m(e,t),r=n[0];return n.length===1&&r?.tag===48?r:t}function X(e,t){let n=Y(e);return n===void 0?!1:M(n,t)}function Je(e){let t=l(e,{maxDepth:64,allowOpaqueConstructedTags:[161,162]});if(t.tag!==48)throw Error(`authorityKeyIdentifier must use SEQUENCE`);let n,r=!1,i=!1,a=-1;for(let o of m(e,t)){if(o.tag===128){if(n!==void 0)throw Error(`authorityKeyIdentifier keyIdentifier must not repeat`);if(a>=0)throw Error(`authorityKeyIdentifier fields must preserve DER order`);n=S(o.value),a=0;continue}if(o.tag===161){if(r)throw Error(`authorityKeyIdentifier authorityCertIssuer must not repeat`);if(a>=1)throw Error(`authorityKeyIdentifier fields must preserve DER order`);q(e,o),r=!0,a=1;continue}if(o.tag===130){if(i)throw Error(`authorityKeyIdentifier authorityCertSerialNumber must not repeat`);if(a>=2||!r)throw Error(`authorityKeyIdentifier fields must preserve DER order`);Ye(o.value,`authorityKeyIdentifier authorityCertSerialNumber`),i=!0,a=2;continue}throw Error(`Unsupported authorityKeyIdentifier field tag: ${String(o.tag)}`)}return n}function Ye(e,t){let n=e[0];if(n===void 0)throw Error(`${t} must not be empty`);if(n&128)throw Error(`${t} must be non-negative`);if(e.length>1&&n===0&&!((e[1]??0)&128))throw Error(`${t} must use minimal encoding`)}function Xe(e,t){let n=m(e,t),r=x(n[0],`algorithm OID`),i=n[1];return i===void 0?{oid:g(r.value)}:{oid:g(r.value),parametersDer:e.slice(i.start-i.headerLength,i.end)}}function Z(e){return e.toLowerCase()}function Ze(e){switch(e){case 0:return`unspecified`;case 1:return`keyCompromise`;case 2:return`cACompromise`;case 3:return`affiliationChanged`;case 4:return`superseded`;case 5:return`cessationOfOperation`;case 6:return`certificateHold`;case 8:return`removeFromCRL`;case 9:return`privilegeWithdrawn`;case 10:return`aACompromise`}}function Qe(e){return j(e)}function $e(e){return j(e)}function et(e){if(typeof e==`string`)return P(e);if(e instanceof Uint8Array)return N(new Uint8Array(e));if(rt(e))return N(new Uint8Array(e.der));throw Error(`certificate revocation list input is malformed`)}function tt(e){let t=m(e,l(e,{maxDepth:64})),n=0,r=1,i=t[n];if(i!==void 0&&i.tag!==2&&i.tag!==48)throw Error(`version must use INTEGER`);if(i?.tag===2){let e=x(t[n],`version`);if(e.tag!==2)throw Error(`version must use INTEGER`);if(r=h(e.value)+1,r!==2)throw Error(`Unsupported CRL version: ${String(r)}`);n+=1}n+=1;let a=x(t[n],`issuer`),o=x(t[n+1],`thisUpdate`),s=n+2,d=t[s],f=d!==void 0&&(d.tag===23||d.tag===24)?b(d):void 0;f!==void 0&&(s+=1);let p=[],_=t[s];_?.tag===48&&(p=m(e,_).map(t=>{let n=e.slice(t.start-t.headerLength,t.end),i=u(n),a=x(i[0],`revoked serialNumber`);if(a.tag!==2)throw Error(`revoked serialNumber must use INTEGER`);let o=i[2];if(o!==void 0&&r!==2)throw Error(`revoked certificate extensions require CRL version 2`);let s=Fe(n,o);return{serialNumberHex:S(a.value),revocationDate:b(x(i[1],`revocationDate`)),...s.reasonCode===void 0?{}:{reasonCode:s.reasonCode},...s.invalidityDate===void 0?{}:{invalidityDate:s.invalidityDate},...s.certificateIssuer===void 0?{}:{certificateIssuer:s.certificateIssuer}}}),s+=1);let v,y,w,T,E,D=t[s];if(D?.tag===160){if(r!==2)throw Error(`CRL extensions require version 2`);let t=new Set,n=x(m(e,D)[0],`crl extensions`);for(let r of m(e,n)){let n=m(e,r);if(n.length<2||n.length>3||n.length===3&&n[1]?.tag!==1)throw Error(`Malformed CRL extension`);let i=g(x(n[0],`extension OID`).value);if(t.has(i))throw Error(`Duplicate CRL extension OID: ${i}`);t.add(i);let a=n.length===3?ee(x(n[1],`extension critical`).value):!1,o=x(n[n.length-1],`extension value`);if(o.tag!==4)throw Error(`CRL extension value must use OCTET STRING`);if(i!==C.authorityKeyIdentifier&&i!==C.cRLNumber&&i!==C.deltaCRLIndicator&&i!==C.issuingDistributionPoint&&i!==C.freshestCRL&&a)throw Error(`Unsupported critical CRL extension OID: ${i}`);i===C.authorityKeyIdentifier&&(v=Je(o.value)),i===C.cRLNumber&&(y=h(c(o.value).value)),i===C.deltaCRLIndicator&&(w=h(c(o.value).value)),i===C.issuingDistributionPoint&&(T=Ie(o.value)),i===C.freshestCRL&&(E=Le(o.value))}}return{version:r,issuer:Ke(e,a),thisUpdate:b(o),...f===void 0?{}:{nextUpdate:f},...v===void 0?{}:{authorityKeyIdentifier:v},...y===void 0?{}:{crlNumber:y},...w===void 0?{}:{baseCrlNumber:w},...T===void 0?{}:{issuingDistributionPoint:T},...E===void 0?{}:{freshestCrlDistributionPoints:E},revokedCertificates:p}}function Q(e){return nt(e)?le(new Uint8Array(e.der)):j(e)}function nt(e){return typeof e!=`string`&&`subjectPublicKeyInfoDer`in e}function rt(e){return`der`in e&&e.der instanceof Uint8Array}const $=new TextDecoder;export{ve as checkCertificateRevocationAgainstCrl,ge as createCertificateRevocationList,ye as isCertificateRevoked,N as parseCertificateRevocationListDer,P as parseCertificateRevocationListPem,F as validateCertificateRevocationList,_e as verifyCertificateRevocationList};
|
|
2
2
|
//# sourceMappingURL=crl.js.map
|
package/dist/revocation/ocsp.js
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
import{bitString as e,concatBytes as t,explicitContext as n,implicitPrimitiveContext as r,integer as i,nullValue as a,objectIdentifier as o,octetString as s,readElement as c,readRootElement as l,readSequenceChildren as u,sequence as d,time as f,tlv as p}from"../internal/asn1/der.js";import{childrenOf as m,decodeNonNegativeIntegerNumber as h,decodeObjectIdentifier as g,decodeString as _,extractBitStringValue as v,hexToBytes as y,parseTime as b,requireElement as x,toArrayBuffer as S,toHex as C}from"../internal/asn1/asn1.js";import{OIDS as w}from"../internal/asn1/oids.js";import{getCrypto as T}from"../internal/crypto/webcrypto.js";import{base64Encode as E}from"../internal/shared/base64.js";import{pemDecode as D,pemEncode as O}from"../pem/pem.js";import{describeHashAlgorithm as k,describeSignatureAlgorithm as ee}from"../internal/crypto/algorithm-names.js";import{parseCertificateDer as A,parseCertificateFromSource as j}from"../x509/parse.js";import{verifySignedDataDetailed as te}from"../internal/crypto/sig-verify.js";import{compareDistinguishedNames as M}from"../internal/shared/dn.js";import{encodeAlgorithmIdentifier as ne,getSignatureAlgorithm as re,signBytes as ie}from"../internal/crypto/signing.js";import{verifyCertificateChain as ae}from"../verify/verify.js";async function oe(e){let t=e.hashAlgorithm??`SHA-1`,r=[];for(let n of e.requests){let e=await K(n.certificate),i=await K(n.issuerCertificate);r.push(d([await U(e,i,t)]))}let i=[d(r)];e.nonce!==void 0&&i.push(n(2,d([d([o(w.ocspNonce),s(s(e.nonce))])])));let a=d([d(i)]);return{der:a,pem:O(`OCSP REQUEST`,a),base64:E(a)}}function N(e){let t=u(e,{maxDepth:64});if(t.length<1||t.length>2)throw Error(`Malformed OCSP request`);let n=x(t[0],`tbsRequest`),r=t[1];if(r!==void 0&&r.tag!==160)throw Error(`Malformed OCSP request`);r!==void 0&&Me(e,r);let i=m(e,n),a=0;if(i[a]?.tag===160){let t=m(e,x(i[a],`version`)),n=x(t[0],`version`);if(t.length!==1||n.tag!==2)throw Error(`version must use INTEGER`);if(h(n.value,`OCSP request version`)!==0)throw Error(`Unsupported OCSP request version`);a+=1}let o=i[a];o?.tag===161&&(je(e,o),a+=1);let s=x(i[a],`requestList`);if(s.tag!==48)throw Error(`requestList must use SEQUENCE`);if(m(e,s).length===0)throw Error(`requestList must not be empty`);let c=m(e,s).map(t=>{let n=m(e,t);if(n.length<1||n.length>2||n[1]!==void 0&&n[1].tag!==160)throw Error(`Malformed OCSP request entry`);let r=x(n[0],`reqCert`);return q(e.slice(r.start-r.headerLength,r.end))});a+=1;let l=i[a];if(l!==void 0&&l.tag!==162||i.length!==a+(l===void 0?0:1))throw Error(`Malformed OCSP request`);let d=l===void 0?void 0:X(e,l);return{der:new Uint8Array(e),requests:c,...d===void 0?{}:{nonce:d}}}function P(e){return N(D(`OCSP REQUEST`,e))}function F(e){let t=u(e,{maxDepth:64});if(t.length<1||t.length>2)throw Error(`Malformed OCSP response`);let n=x(t[0],`responseStatus`);if(n.tag!==10)throw Error(`responseStatus must use ENUMERATED`);let r=De(h(n.value,`OCSP responseStatus`)),i=t[1];if(i===void 0)return{der:new Uint8Array(e),responseStatus:r};if(i.tag!==160)throw Error(`Malformed OCSP response`);let a=m(e,i),o=x(a[0],`responseBytes`);if(a.length!==1||o.tag!==48)throw Error(`Malformed OCSP response`);let s=m(e,o);if(s.length!==2)throw Error(`responseBytes must contain responseType and response`);let c=x(s[0],`responseType`),l=x(s[1],`response`);if(l.tag!==4)throw Error(`response must use OCTET STRING`);let d=g(c.value);if(d!==w.ocspBasicResponse)return{der:new Uint8Array(e),responseStatus:r,responseTypeOid:d};let f=l.value,p=u(f);if(p.length<3||p.length>4)throw Error(`Malformed BasicOCSPResponse`);let _=x(p[0],`responseData`),y=x(p[1],`signatureAlgorithm`),b=x(p[2],`signatureValue`),S=p[3];if(S!==void 0&&S.tag!==160)throw Error(`Malformed BasicOCSPResponse`);let C=m(f,y),T=g(x(C[0],`signatureAlgorithm OID`).value),E=C[1],D=f.slice(_.start-_.headerLength,_.end),O=ue(D);return{der:new Uint8Array(e),responseStatus:r,responseTypeOid:d,responseDataDer:D,responderId:O.responderId,signatureAlgorithmOid:T,signatureAlgorithmName:ee(T,E===void 0?void 0:f.slice(E.start-E.headerLength,E.end)),signatureValue:v(b),producedAt:O.producedAt,responses:O.responses,...O.nonce===void 0?{}:{nonce:O.nonce},...S?.tag===160?{certificates:Ee(f,S)}:{}}}function I(e){return F(D(`OCSP RESPONSE`,e))}async function se(i){let a=await K(i.signerCertificate),c=re(i.signerPrivateKey),l=i.producedAt??new Date,u=i.hashAlgorithm??`SHA-1`,m=[];for(let e of i.responses){let t=await K(e.certificate),n=await K(e.issuerCertificate);m.push(await he(t,n,e,u))}let h=[r(2,await G(`SHA-1`,Z(a.subjectPublicKeyInfoDer))),f(l),d(m)];i.nonce!==void 0&&h.push(n(1,d([d([o(w.ocspNonce),s(s(i.nonce))])])));let g=d(h),_=await ie(i.signerPrivateKey,c,g),v=i.includedCertificates===void 0?[]:await Promise.all(i.includedCertificates.map(K)),y=[g,ne(c),e(_)];v.length>0&&y.push(n(0,t(v.map(e=>e.der))));let b=d(y),x=d([p(10,Uint8Array.of(0)),n(0,d([o(w.ocspBasicResponse),s(b)]))]);return{der:x,pem:O(`OCSP RESPONSE`,x),base64:E(x)}}async function L(e,t){let n;try{n=B(e)}catch{return R(`signature_invalid`,`OCSP response signed content is malformed`)}if(n.responseDataDer===void 0||n.signatureAlgorithmOid===void 0||n.signatureValue===void 0)return R(`signature_invalid`,`OCSP response is not signed`);let r;try{r=await K(t)}catch{return R(`signature_invalid`,`OCSP signer certificate input is malformed`)}let i;try{i=await te(n.signatureAlgorithmOid,void 0,r.publicKeyAlgorithmOid,r.publicKeyParametersOid,r.subjectPublicKeyInfoDer,n.signatureValue,n.responseDataDer)}catch{return R(`signature_invalid`,`OCSP response signature verification failed`)}return i.ok?i.valid?{ok:!0,value:n}:R(`signature_invalid`,`OCSP response signature does not verify`):i.code===`verification_error`?R(`signature_invalid`,`OCSP response signature verification failed`):R(`signature_invalid`,`OCSP response signature uses unsupported algorithm parameters`)}async function ce(e){let t;try{t=B(e.response)}catch{return z(`signature_invalid`,`OCSP response signed content is malformed`)}if(t.responseStatus!==`successful`)return z(`response_status_invalid`,`OCSP response status is ${t.responseStatus}`);let n;try{n=await K(e.issuerCertificate)}catch{return z(`signature_invalid`,`issuer certificate input is malformed`)}let r;try{r=e.responderCertificate??await de(t.certificates,t.responderId)??t.certificates?.[0]??e.issuerCertificate}catch{return z(`signature_invalid`,`OCSP responder certificate input is malformed`)}let i;try{i=await K(r)}catch{return z(`signature_invalid`,`OCSP responder certificate input is malformed`)}let a=await L(t,i);if(!a.ok)return z(a.code,a.message);let o;try{o=await fe(t.responderId,i)}catch{return z(`signature_invalid`,`OCSP responder certificate input is malformed`)}if(!o.ok)return o;if(!H(i,n)){let r=e.allowChainedResponderCertificate===!0;if(!r&&!pe(i,n))return z(`responder_chain_invalid`,`Delegated OCSP responder must be directly issued by issuer certificate`);if(!(await ae({leaf:i.der,intermediates:r?me(t.certificates,i,n):[],roots:[n.der]})).ok)return z(`responder_chain_invalid`,`OCSP responder certificate chain does not validate`);if(i.extendedKeyUsage===void 0||!i.extendedKeyUsage.includes(`ocspSigning`))return z(`ocsp_signing_missing`,`Delegated OCSP responder lacks ocspSigning EKU`)}let s=e.at??new Date,c=e.clockSkewMs??0;if(t.producedAt!==void 0&&t.producedAt.getTime()-c>s.getTime())return z(`stale_response`,`OCSP response producedAt is later than requested time`);for(let e of t.responses??[]){let r;try{r=await W(e.certId.hashAlgorithmOid,n,e.certId.serialNumberHex)}catch{return z(`signature_invalid`,`OCSP response CertID hash algorithm is unsupported`)}if(e.certId.issuerNameHashHex!==r.issuerNameHashHex||e.certId.issuerKeyHashHex!==r.issuerKeyHashHex)return z(`issuer_mismatch`,`OCSP response certId does not match issuer certificate`);if(e.thisUpdate.getTime()-c>s.getTime()||e.nextUpdate!==void 0&&e.nextUpdate.getTime()+c<s.getTime())return z(`stale_response`,`OCSP response is not valid at requested time`);if(t.producedAt!==void 0&&e.nextUpdate!==void 0&&t.producedAt.getTime()-c>e.nextUpdate.getTime())return z(`stale_response`,`OCSP response producedAt is later than nextUpdate`)}if(Ae(t.responses??[]))return z(`signature_invalid`,`OCSP response contains multiple status entries for the same certificate`);if(e.request!==void 0){let n;try{n=le(e.request)}catch{return z(`request_mismatch`,`OCSP request input is malformed`)}if(n.nonce!==void 0&&n.nonce!==t.nonce)return z(`nonce_mismatch`,`OCSP response nonce does not match request nonce`);let r=new Set(n.requests.map(e=>$(e))),i=new Set((t.responses??[]).map(e=>$(e.certId)));for(let e of t.responses??[])if(!r.has($(e.certId)))return z(`request_mismatch`,`OCSP response includes a certId not present in request`);for(let e of r)if(!i.has(e))return z(`request_mismatch`,`OCSP response does not cover every requested certId`)}return{ok:!0,value:t}}function R(e,t){return{ok:!1,error:{ok:!1,code:e,message:t},code:e,message:t}}function z(e,t){return{ok:!1,error:{ok:!1,code:e,message:t},code:e,message:t}}function B(e){if(typeof e==`string`)return I(e);if(e instanceof Uint8Array)return F(e);if(Q(e))return F(new Uint8Array(e.der));throw Error(`OCSP response input is malformed`)}function le(e){if(typeof e==`string`)return P(e);if(e instanceof Uint8Array)return N(e);if(Oe(e))return N(new Uint8Array(e.der));throw Error(`OCSP request input is malformed`)}function ue(e){let t=u(e);if(t.length<3||t.length>5)throw Error(`Malformed OCSP responseData`);let n=0;if(t[n]?.tag===160){let r=m(e,x(t[n],`version`)),i=x(r[0],`version`);if(r.length!==1||i.tag!==2)throw Error(`version must use INTEGER`);if(h(i.value,`OCSP response version`)!==0)throw Error(`Unsupported OCSP response version`);n+=1}let r=ye(e,x(t[n],`responderID`));n+=1;let i=x(t[n],`producedAt`),a=x(t[n+1],`responses`);if(a.tag!==48)throw Error(`responses must use SEQUENCE`);if(m(e,a).length===0)throw Error(`responses must not be empty`);let o=t[n+2];if(o!==void 0&&o.tag!==161||t.length!==n+2+(o===void 0?0:1))throw Error(`Malformed OCSP responseData`);let s=o===void 0?void 0:X(e,o),c=m(e,a).map(t=>ve(e,t));return ke(c),{responderId:r,producedAt:b(i),responses:c,...s===void 0?{}:{nonce:s}}}async function de(e,t){if(!(e===void 0||t===void 0)){for(let n of e)if(await V(t,n))return n}}async function fe(e,t){return e===void 0||await V(e,t)?{ok:!0}:e.type===`byName`?z(`responder_id_mismatch`,`OCSP responder certificate subject does not match responderID byName`):z(`responder_id_mismatch`,`OCSP responder certificate public key does not match responderID byKeyHash`)}async function V(e,t){return e.type===`byName`?Se(e.name,t.subject):C(await G(`SHA-1`,Z(t.subjectPublicKeyInfoDer)))===e.keyHashHex}function H(e,t){return e.serialNumberHex===t.serialNumberHex&&M(e.issuer,t.issuer)&&M(e.subject,t.subject)&&e.subjectPublicKeyInfoDer.length===t.subjectPublicKeyInfoDer.length&&e.subjectPublicKeyInfoDer.every((e,n)=>e===t.subjectPublicKeyInfoDer[n])}function pe(e,t){return!(!M(e.issuer,t.subject)||e.authorityKeyIdentifier!==void 0&&t.subjectKeyIdentifier!==void 0&&e.authorityKeyIdentifier!==t.subjectKeyIdentifier)}function me(e,t,n){if(e===void 0)return[];let r=[];for(let i of e)H(i,t)||H(i,n)||r.push(i.der);return r}async function U(e,t,n){let r=n===`SHA-1`?w.sha1:w.sha256,c=await W(r,t,e.serialNumberHex);return d([d([o(r),a()]),s(y(c.issuerNameHashHex)),s(y(c.issuerKeyHashHex)),i(y(c.serialNumberHex))])}async function W(e,t,n){let r=Ie(e);return{hashAlgorithmOid:e,hashAlgorithmName:k(e),issuerNameHashHex:C(await G(r,y(t.subject.derHex))),issuerKeyHashHex:C(await G(r,Z(t.subjectPublicKeyInfoDer))),serialNumberHex:n}}async function G(e,t){return new Uint8Array(await T().subtle.digest(e,S(t)))}async function he(e,t,r,i){return d([await U(e,t,i),ge(r),f(r.thisUpdate??new Date),...r.nextUpdate===void 0?[]:[n(0,f(r.nextUpdate))]])}function ge(e){switch(e.certStatus){case`good`:return p(128,new Uint8Array);case`unknown`:return p(130,new Uint8Array);case`revoked`:{let r=[f(e.revokedAt??e.thisUpdate??new Date)];return e.revocationReasonCode!==void 0&&r.push(n(0,p(10,Uint8Array.of(e.revocationReasonCode)))),p(161,t(r))}}}function K(e){return _e(e)?A(new Uint8Array(e.der)):j(e)}function _e(e){return typeof e!=`string`&&`subjectPublicKeyInfoDer`in e}function q(e){let t=l(e,{maxDepth:64});if(t.tag!==48)throw Error(`CertID must use SEQUENCE`);let n=m(e,t);if(n.length!==4)throw Error(`CertID must contain hashAlgorithm, issuerNameHash, issuerKeyHash, and serialNumber`);let r=x(n[0],`hashAlgorithm`);if(r.tag!==48)throw Error(`hashAlgorithm must use SEQUENCE`);let i=m(e,r);if(i.length<1||i.length>2)throw Error(`Malformed hashAlgorithm`);let a=g(x(i[0],`hashAlgorithm OID`).value);if(x(n[1],`issuerNameHash`).tag!==4)throw Error(`issuerNameHash must use OCTET STRING`);if(x(n[2],`issuerKeyHash`).tag!==4)throw Error(`issuerKeyHash must use OCTET STRING`);let o=x(n[3],`serialNumber`);if(o.tag!==2)throw Error(`serialNumber must use INTEGER`);return{hashAlgorithmOid:a,hashAlgorithmName:k(a),issuerNameHashHex:C(x(n[1],`issuerNameHash`).value),issuerKeyHashHex:C(x(n[2],`issuerKeyHash`).value),serialNumberHex:C(o.value)}}function ve(e,t){let n=m(e,t);if(n.length<3||n.length>5)throw Error(`Malformed OCSP SingleResponse`);let r=x(n[0],`certId`),i=x(n[1],`certStatus`),a=x(n[2],`thisUpdate`),o=3,s=n[o]?.tag===160?n[o]:void 0;s!==void 0&&(Ne(e,s),o+=1);let c=n[o];if(c!==void 0&&c.tag!==161||n.length!==o+(c===void 0?0:1))throw Error(`Malformed OCSP SingleResponse`);let l,u;if(i.tag===128){if(i.value.length!==0)throw Error(`OCSP good certStatus must be empty`);return{certId:q(e.slice(r.start-r.headerLength,r.end)),certStatus:`good`,thisUpdate:b(a),...s===void 0?{}:{nextUpdate:b(x(m(e,s)[0],`nextUpdate`))}}}if(i.tag===161){let t=m(e,i);if(t.length<1||t.length>2)throw Error(`Malformed OCSP revoked certStatus`);l=b(x(t[0],`revocationTime`));let n=t[1];if(n?.tag===160){let t=m(e,n),r=x(t[0],`revocationReason`);if(t.length!==1||r.tag!==10)throw Error(`revocationReason must use ENUMERATED`);u=h(r.value,`OCSP revocationReason`)}else if(n!==void 0)throw Error(`Malformed OCSP revoked certStatus`)}else if(i.tag!==130)throw Error(`Unsupported OCSP certStatus tag: ${String(i.tag)}`);else if(i.value.length!==0)throw Error(`OCSP unknown certStatus must be empty`);return{certId:q(e.slice(r.start-r.headerLength,r.end)),certStatus:i.tag===130?`unknown`:`revoked`,thisUpdate:b(a),...s===void 0?{}:{nextUpdate:b(x(m(e,s)[0],`nextUpdate`))},...l===void 0?{}:{revokedAt:l},...u===void 0?{}:{revocationReasonCode:u}}}function ye(e,t){switch(t.tag){case 130:if(t.value.length===0)throw Error(`ResponderID byKeyHash must not be empty`);return{type:`byKeyHash`,keyHashHex:C(t.value)};case 161:if(m(e,t).length!==1)throw Error(`ResponderID byName must wrap exactly one Name`);return{type:`byName`,name:be(e,x(m(e,t)[0],`ResponderID byName`))};default:throw Error(`Unsupported OCSP responderID tag: ${String(t.tag)}`)}}function be(e,t){if(t.tag!==48)throw Error(`ResponderID byName must use Name SEQUENCE`);let n=[],r=[],i={};for(let a of m(e,t)){let t=xe(e,a);n.push(t);for(let e of t.attributes)r.push(e),e.key!==void 0&&i[e.key]===void 0&&(i[e.key]=e.value)}return{derHex:C(e.slice(t.start-t.headerLength,t.end)),rdns:n,attributes:r,values:i}}function xe(e,t){let n=[],r={};for(let i of m(e,t)){let t=m(e,i),a=g(x(t[0],`name OID`).value),o=x(t[1],`name value`),s=Te(a),c=_(o.tag,o.value),l=s===void 0?{oid:a,valueTag:o.tag,value:c}:{oid:a,key:s,valueTag:o.tag,value:c};n.push(l),s!==void 0&&r[s]===void 0&&(r[s]=c)}return{derHex:C(e.slice(t.start-t.headerLength,t.end)),attributes:n,values:r}}function Se(e,t){if(e.rdns.length!==t.rdns.length)return!1;for(let n=0;n<e.rdns.length;n+=1){let r=e.rdns[n],i=t.rdns[n];if(r===void 0||i===void 0||!Ce(r,i))return!1}return!0}function Ce(e,t){if(e.attributes.length!==t.attributes.length)return!1;let n=Array(t.attributes.length).fill(!1);for(let r of e.attributes){let e=!1;for(let i=0;i<t.attributes.length;i+=1){let a=t.attributes[i];if(!(a===void 0||n[i])&&we(r,a)){n[i]=!0,e=!0;break}}if(!e)return!1}return!0}function we(e,t){if(e.oid!==t.oid)return!1;if(J(e.valueTag)&&J(t.valueTag)){let n=Y(e.value),r=Y(t.value);return n===void 0||r===void 0?!1:n===r}return e.valueTag===t.valueTag&&e.value===t.value}function J(e){return e===12||e===19}function Y(e){let t=e.normalize(`NFKC`);if(!/[^\P{Cc}\t\n\r]/u.test(t))return t.toLowerCase().trim().replace(/\s+/gu,` `)}function Te(e){switch(e){case w.commonName:return`commonName`;case w.surname:return`surname`;case w.serialNumber:return`serialNumber`;case w.countryName:return`country`;case w.localityName:return`locality`;case w.stateOrProvinceName:return`state`;case w.streetAddress:return`street`;case w.organizationName:return`organization`;case w.organizationalUnitName:return`organizationalUnit`;case w.title:return`title`;case w.givenName:return`givenName`;case w.emailAddress:return`emailAddress`;default:return}}function X(e,t){let n=m(e,t),r=x(n[0],`extensions`);if(n.length!==1||r.tag!==48)throw Error(`Malformed OCSP extensions`);let i=new Set,a;for(let t of m(e,r)){let n=m(e,t);if(n.length<2||n.length>3||n.length===3&&n[1]?.tag!==1)throw Error(`Malformed OCSP extension`);let r=g(x(n[0],`extension OID`).value);if(i.has(r))throw Error(`Duplicate OCSP extension OID: ${r}`);i.add(r);let o=x(n[n.length-1],`extnValue`);if(o.tag!==4)throw Error(`OCSP extension value must use OCTET STRING`);if(r!==w.ocspNonce)continue;let s=l(o.value,{maxDepth:64});if(s.tag!==4)throw Error(`OCSP nonce extension value must use OCTET STRING`);a=C(s.value)}return a}function Ee(e,t){let n=[],r=t.start;for(;r<t.end;){let t=c(e,r);n.push(A(e.slice(r,t.end))),r=t.end}return n}function Z(e){let t=x(m(e,c(e))[1],`subjectPublicKey BIT STRING`);if(t.tag!==3)throw Error(`SPKI missing subjectPublicKey BIT STRING`);return t.value.slice(1)}function De(e){switch(e){case 0:return`successful`;case 1:return`malformedRequest`;case 2:return`internalError`;case 3:return`tryLater`;case 5:return`sigRequired`;case 6:return`unauthorized`;default:throw Error(`Unsupported OCSP responseStatus value: ${String(e)}`)}}function Oe(e){return`der`in e&&e.der instanceof Uint8Array}function Q(e){return`der`in e&&e.der instanceof Uint8Array}function ke(e){let t=new Set;for(let n of e){let e=$(n.certId);if(t.has(e))throw Error(`Duplicate OCSP response CertID`);t.add(e)}}function Ae(e){let t=new Set;for(let n of e){let e=Fe(n.certId.serialNumberHex);if(t.has(e))return!0;t.add(e)}return!1}function je(e,t){let n=m(e,t),r=x(n[0],`requestorName`);if(n.length!==1||(r.tag&192)!=128)throw Error(`requestorName must wrap exactly one GeneralName`)}function Me(e,t){let n=m(e,t),r=x(n[0],`optionalSignature`);if(n.length!==1||r.tag!==48)throw Error(`optionalSignature must wrap exactly one Signature`);let i=m(e,r);if(i.length<2||i.length>3||i[0]?.tag!==48||i[2]!==void 0&&i[2]?.tag!==160)throw Error(`Malformed optionalSignature`);let a=x(i[0],`signatureAlgorithm`),o=x(i[1],`signature`),s=i[2];if(Pe(e,a,`optionalSignature algorithm`),v(o),s!==void 0){let t=m(e,s);if(t.length!==1||t[0]?.tag!==48)throw Error(`optionalSignature certs must use SEQUENCE OF Certificate`)}}function Ne(e,t){let n=m(e,t),r=x(n[0],`nextUpdate`);if(n.length!==1||r.tag!==23&&r.tag!==24)throw Error(`nextUpdate must wrap exactly one time value`)}function Pe(e,t,n){let r=m(e,t);if(t.tag!==48||r.length<1||r.length>2||r[0]?.tag!==6)throw Error(`${n} must use AlgorithmIdentifier SEQUENCE`);g(x(r[0],`${n} OID`).value)}function Fe(e){return e.toLowerCase()}function Ie(e){switch(e){case w.sha1:return`SHA-1`;case w.sha256:return`SHA-256`;default:throw Error(`Unsupported OCSP hash algorithm OID: ${e}`)}}function $(e){return[e.hashAlgorithmOid,e.issuerNameHashHex,e.issuerKeyHashHex,e.serialNumberHex].join(`:`)}export{oe as createOcspRequest,se as createOcspResponse,N as parseOcspRequestDer,P as parseOcspRequestPem,F as parseOcspResponseDer,I as parseOcspResponsePem,ce as validateOcspResponse,L as verifyOcspResponse};
|
|
1
|
+
import{bitString as e,concatBytes as t,explicitContext as n,implicitPrimitiveContext as r,integer as i,nullValue as a,objectIdentifier as o,octetString as s,readElement as c,readRootElement as l,readSequenceChildren as u,sequence as d,time as f,tlv as p}from"../internal/asn1/der.js";import{childrenOf as m,decodeNonNegativeIntegerNumber as h,decodeObjectIdentifier as g,decodeString as _,extractBitStringValue as v,hexToBytes as y,parseTime as b,requireElement as x,toArrayBuffer as S,toHex as C}from"../internal/asn1/asn1.js";import{OIDS as w}from"../internal/asn1/oids.js";import{getCrypto as T}from"../internal/crypto/webcrypto.js";import{base64Encode as E}from"../internal/shared/base64.js";import{pemDecode as D,pemEncode as O}from"../pem/pem.js";import{describeHashAlgorithm as k,describeSignatureAlgorithm as ee}from"../internal/crypto/algorithm-names.js";import{parseCertificateDer as A,parseCertificateFromSource as j}from"../x509/parse.js";import{verifySignedDataDetailed as te}from"../internal/crypto/sig-verify.js";import{encodeAlgorithmIdentifier as ne,getSignatureAlgorithm as re,signBytes as ie}from"../internal/crypto/signing.js";import{compareDistinguishedNames as M}from"../internal/shared/dn.js";import{verifyCertificateChain as ae}from"../verify/verify.js";async function oe(e){let t=e.hashAlgorithm??`SHA-1`,r=[];for(let n of e.requests){let e=await K(n.certificate),i=await K(n.issuerCertificate);r.push(d([await U(e,i,t)]))}let i=[d(r)];e.nonce!==void 0&&i.push(n(2,d([d([o(w.ocspNonce),s(s(e.nonce))])])));let a=d([d(i)]);return{der:a,pem:O(`OCSP REQUEST`,a),base64:E(a)}}function N(e){let t=u(e,{maxDepth:64});if(t.length<1||t.length>2)throw Error(`Malformed OCSP request`);let n=x(t[0],`tbsRequest`),r=t[1];if(r!==void 0&&r.tag!==160)throw Error(`Malformed OCSP request`);r!==void 0&&Me(e,r);let i=m(e,n),a=0;if(i[a]?.tag===160){let t=m(e,x(i[a],`version`)),n=x(t[0],`version`);if(t.length!==1||n.tag!==2)throw Error(`version must use INTEGER`);if(h(n.value,`OCSP request version`)!==0)throw Error(`Unsupported OCSP request version`);a+=1}let o=i[a];o?.tag===161&&(je(e,o),a+=1);let s=x(i[a],`requestList`);if(s.tag!==48)throw Error(`requestList must use SEQUENCE`);if(m(e,s).length===0)throw Error(`requestList must not be empty`);let c=m(e,s).map(t=>{let n=m(e,t);if(n.length<1||n.length>2||n[1]!==void 0&&n[1].tag!==160)throw Error(`Malformed OCSP request entry`);let r=x(n[0],`reqCert`);return q(e.slice(r.start-r.headerLength,r.end))});a+=1;let l=i[a];if(l!==void 0&&l.tag!==162||i.length!==a+(l===void 0?0:1))throw Error(`Malformed OCSP request`);let d=l===void 0?void 0:X(e,l);return{der:new Uint8Array(e),requests:c,...d===void 0?{}:{nonce:d}}}function P(e){return N(D(`OCSP REQUEST`,e))}function F(e){let t=u(e,{maxDepth:64});if(t.length<1||t.length>2)throw Error(`Malformed OCSP response`);let n=x(t[0],`responseStatus`);if(n.tag!==10)throw Error(`responseStatus must use ENUMERATED`);let r=De(h(n.value,`OCSP responseStatus`)),i=t[1];if(i===void 0)return{der:new Uint8Array(e),responseStatus:r};if(i.tag!==160)throw Error(`Malformed OCSP response`);let a=m(e,i),o=x(a[0],`responseBytes`);if(a.length!==1||o.tag!==48)throw Error(`Malformed OCSP response`);let s=m(e,o);if(s.length!==2)throw Error(`responseBytes must contain responseType and response`);let c=x(s[0],`responseType`),l=x(s[1],`response`);if(l.tag!==4)throw Error(`response must use OCTET STRING`);let d=g(c.value);if(d!==w.ocspBasicResponse)return{der:new Uint8Array(e),responseStatus:r,responseTypeOid:d};let f=l.value,p=u(f);if(p.length<3||p.length>4)throw Error(`Malformed BasicOCSPResponse`);let _=x(p[0],`responseData`),y=x(p[1],`signatureAlgorithm`),b=x(p[2],`signatureValue`),S=p[3];if(S!==void 0&&S.tag!==160)throw Error(`Malformed BasicOCSPResponse`);let C=m(f,y),T=g(x(C[0],`signatureAlgorithm OID`).value),E=C[1],D=f.slice(_.start-_.headerLength,_.end),O=ue(D);return{der:new Uint8Array(e),responseStatus:r,responseTypeOid:d,responseDataDer:D,responderId:O.responderId,signatureAlgorithmOid:T,signatureAlgorithmName:ee(T,E===void 0?void 0:f.slice(E.start-E.headerLength,E.end)),signatureValue:v(b),producedAt:O.producedAt,responses:O.responses,...O.nonce===void 0?{}:{nonce:O.nonce},...S?.tag===160?{certificates:Ee(f,S)}:{}}}function I(e){return F(D(`OCSP RESPONSE`,e))}async function se(i){let a=await K(i.signerCertificate),c=re(i.signerPrivateKey),l=i.producedAt??new Date,u=i.hashAlgorithm??`SHA-1`,m=[];for(let e of i.responses){let t=await K(e.certificate),n=await K(e.issuerCertificate);m.push(await he(t,n,e,u))}let h=[r(2,await G(`SHA-1`,Z(a.subjectPublicKeyInfoDer))),f(l),d(m)];i.nonce!==void 0&&h.push(n(1,d([d([o(w.ocspNonce),s(s(i.nonce))])])));let g=d(h),_=await ie(i.signerPrivateKey,c,g),v=i.includedCertificates===void 0?[]:await Promise.all(i.includedCertificates.map(K)),y=[g,ne(c),e(_)];v.length>0&&y.push(n(0,t(v.map(e=>e.der))));let b=d(y),x=d([p(10,Uint8Array.of(0)),n(0,d([o(w.ocspBasicResponse),s(b)]))]);return{der:x,pem:O(`OCSP RESPONSE`,x),base64:E(x)}}async function L(e,t){let n;try{n=B(e)}catch{return R(`signature_invalid`,`OCSP response signed content is malformed`)}if(n.responseDataDer===void 0||n.signatureAlgorithmOid===void 0||n.signatureValue===void 0)return R(`signature_invalid`,`OCSP response is not signed`);let r;try{r=await K(t)}catch{return R(`signature_invalid`,`OCSP signer certificate input is malformed`)}let i;try{i=await te(n.signatureAlgorithmOid,void 0,r.publicKeyAlgorithmOid,r.publicKeyParametersOid,r.subjectPublicKeyInfoDer,n.signatureValue,n.responseDataDer)}catch{return R(`signature_invalid`,`OCSP response signature verification failed`)}return i.ok?i.valid?{ok:!0,value:n}:R(`signature_invalid`,`OCSP response signature does not verify`):i.code===`verification_error`?R(`signature_invalid`,`OCSP response signature verification failed`):R(`signature_invalid`,`OCSP response signature uses unsupported algorithm parameters`)}async function ce(e){let t;try{t=B(e.response)}catch{return z(`signature_invalid`,`OCSP response signed content is malformed`)}if(t.responseStatus!==`successful`)return z(`response_status_invalid`,`OCSP response status is ${t.responseStatus}`);let n;try{n=await K(e.issuerCertificate)}catch{return z(`signature_invalid`,`issuer certificate input is malformed`)}let r;try{r=e.responderCertificate??await de(t.certificates,t.responderId)??t.certificates?.[0]??e.issuerCertificate}catch{return z(`signature_invalid`,`OCSP responder certificate input is malformed`)}let i;try{i=await K(r)}catch{return z(`signature_invalid`,`OCSP responder certificate input is malformed`)}let a=await L(t,i);if(!a.ok)return z(a.code,a.message);let o;try{o=await fe(t.responderId,i)}catch{return z(`signature_invalid`,`OCSP responder certificate input is malformed`)}if(!o.ok)return o;if(!H(i,n)){let r=e.allowChainedResponderCertificate===!0;if(!r&&!pe(i,n))return z(`responder_chain_invalid`,`Delegated OCSP responder must be directly issued by issuer certificate`);if(!(await ae({leaf:i.der,intermediates:r?me(t.certificates,i,n):[],roots:[n.der]})).ok)return z(`responder_chain_invalid`,`OCSP responder certificate chain does not validate`);if(i.extendedKeyUsage===void 0||!i.extendedKeyUsage.includes(`ocspSigning`))return z(`ocsp_signing_missing`,`Delegated OCSP responder lacks ocspSigning EKU`)}let s=e.at??new Date,c=e.clockSkewMs??0;if(t.producedAt!==void 0&&t.producedAt.getTime()-c>s.getTime())return z(`stale_response`,`OCSP response producedAt is later than requested time`);for(let e of t.responses??[]){let r;try{r=await W(e.certId.hashAlgorithmOid,n,e.certId.serialNumberHex)}catch{return z(`signature_invalid`,`OCSP response CertID hash algorithm is unsupported`)}if(e.certId.issuerNameHashHex!==r.issuerNameHashHex||e.certId.issuerKeyHashHex!==r.issuerKeyHashHex)return z(`issuer_mismatch`,`OCSP response certId does not match issuer certificate`);if(e.thisUpdate.getTime()-c>s.getTime()||e.nextUpdate!==void 0&&e.nextUpdate.getTime()+c<s.getTime())return z(`stale_response`,`OCSP response is not valid at requested time`);if(t.producedAt!==void 0&&e.nextUpdate!==void 0&&t.producedAt.getTime()-c>e.nextUpdate.getTime())return z(`stale_response`,`OCSP response producedAt is later than nextUpdate`)}if(Ae(t.responses??[]))return z(`signature_invalid`,`OCSP response contains multiple status entries for the same certificate`);if(e.request!==void 0){let n;try{n=le(e.request)}catch{return z(`request_mismatch`,`OCSP request input is malformed`)}if(n.nonce!==void 0&&n.nonce!==t.nonce)return z(`nonce_mismatch`,`OCSP response nonce does not match request nonce`);let r=new Set(n.requests.map(e=>$(e))),i=new Set((t.responses??[]).map(e=>$(e.certId)));for(let e of t.responses??[])if(!r.has($(e.certId)))return z(`request_mismatch`,`OCSP response includes a certId not present in request`);for(let e of r)if(!i.has(e))return z(`request_mismatch`,`OCSP response does not cover every requested certId`)}return{ok:!0,value:t}}function R(e,t){return{ok:!1,error:{ok:!1,code:e,message:t},code:e,message:t}}function z(e,t){return{ok:!1,error:{ok:!1,code:e,message:t},code:e,message:t}}function B(e){if(typeof e==`string`)return I(e);if(e instanceof Uint8Array)return F(e);if(Q(e))return F(new Uint8Array(e.der));throw Error(`OCSP response input is malformed`)}function le(e){if(typeof e==`string`)return P(e);if(e instanceof Uint8Array)return N(e);if(Oe(e))return N(new Uint8Array(e.der));throw Error(`OCSP request input is malformed`)}function ue(e){let t=u(e);if(t.length<3||t.length>5)throw Error(`Malformed OCSP responseData`);let n=0;if(t[n]?.tag===160){let r=m(e,x(t[n],`version`)),i=x(r[0],`version`);if(r.length!==1||i.tag!==2)throw Error(`version must use INTEGER`);if(h(i.value,`OCSP response version`)!==0)throw Error(`Unsupported OCSP response version`);n+=1}let r=ye(e,x(t[n],`responderID`));n+=1;let i=x(t[n],`producedAt`),a=x(t[n+1],`responses`);if(a.tag!==48)throw Error(`responses must use SEQUENCE`);if(m(e,a).length===0)throw Error(`responses must not be empty`);let o=t[n+2];if(o!==void 0&&o.tag!==161||t.length!==n+2+(o===void 0?0:1))throw Error(`Malformed OCSP responseData`);let s=o===void 0?void 0:X(e,o),c=m(e,a).map(t=>ve(e,t));return ke(c),{responderId:r,producedAt:b(i),responses:c,...s===void 0?{}:{nonce:s}}}async function de(e,t){if(!(e===void 0||t===void 0)){for(let n of e)if(await V(t,n))return n}}async function fe(e,t){return e===void 0||await V(e,t)?{ok:!0}:e.type===`byName`?z(`responder_id_mismatch`,`OCSP responder certificate subject does not match responderID byName`):z(`responder_id_mismatch`,`OCSP responder certificate public key does not match responderID byKeyHash`)}async function V(e,t){return e.type===`byName`?Se(e.name,t.subject):C(await G(`SHA-1`,Z(t.subjectPublicKeyInfoDer)))===e.keyHashHex}function H(e,t){return e.serialNumberHex===t.serialNumberHex&&M(e.issuer,t.issuer)&&M(e.subject,t.subject)&&e.subjectPublicKeyInfoDer.length===t.subjectPublicKeyInfoDer.length&&e.subjectPublicKeyInfoDer.every((e,n)=>e===t.subjectPublicKeyInfoDer[n])}function pe(e,t){return!(!M(e.issuer,t.subject)||e.authorityKeyIdentifier!==void 0&&t.subjectKeyIdentifier!==void 0&&e.authorityKeyIdentifier!==t.subjectKeyIdentifier)}function me(e,t,n){if(e===void 0)return[];let r=[];for(let i of e)H(i,t)||H(i,n)||r.push(i.der);return r}async function U(e,t,n){let r=n===`SHA-1`?w.sha1:w.sha256,c=await W(r,t,e.serialNumberHex);return d([d([o(r),a()]),s(y(c.issuerNameHashHex)),s(y(c.issuerKeyHashHex)),i(y(c.serialNumberHex))])}async function W(e,t,n){let r=Ie(e);return{hashAlgorithmOid:e,hashAlgorithmName:k(e),issuerNameHashHex:C(await G(r,y(t.subject.derHex))),issuerKeyHashHex:C(await G(r,Z(t.subjectPublicKeyInfoDer))),serialNumberHex:n}}async function G(e,t){return new Uint8Array(await T().subtle.digest(e,S(t)))}async function he(e,t,r,i){return d([await U(e,t,i),ge(r),f(r.thisUpdate??new Date),...r.nextUpdate===void 0?[]:[n(0,f(r.nextUpdate))]])}function ge(e){switch(e.certStatus){case`good`:return p(128,new Uint8Array);case`unknown`:return p(130,new Uint8Array);case`revoked`:{let r=[f(e.revokedAt??e.thisUpdate??new Date)];return e.revocationReasonCode!==void 0&&r.push(n(0,p(10,Uint8Array.of(e.revocationReasonCode)))),p(161,t(r))}}}function K(e){return _e(e)?A(new Uint8Array(e.der)):j(e)}function _e(e){return typeof e!=`string`&&`subjectPublicKeyInfoDer`in e}function q(e){let t=l(e,{maxDepth:64});if(t.tag!==48)throw Error(`CertID must use SEQUENCE`);let n=m(e,t);if(n.length!==4)throw Error(`CertID must contain hashAlgorithm, issuerNameHash, issuerKeyHash, and serialNumber`);let r=x(n[0],`hashAlgorithm`);if(r.tag!==48)throw Error(`hashAlgorithm must use SEQUENCE`);let i=m(e,r);if(i.length<1||i.length>2)throw Error(`Malformed hashAlgorithm`);let a=g(x(i[0],`hashAlgorithm OID`).value);if(x(n[1],`issuerNameHash`).tag!==4)throw Error(`issuerNameHash must use OCTET STRING`);if(x(n[2],`issuerKeyHash`).tag!==4)throw Error(`issuerKeyHash must use OCTET STRING`);let o=x(n[3],`serialNumber`);if(o.tag!==2)throw Error(`serialNumber must use INTEGER`);return{hashAlgorithmOid:a,hashAlgorithmName:k(a),issuerNameHashHex:C(x(n[1],`issuerNameHash`).value),issuerKeyHashHex:C(x(n[2],`issuerKeyHash`).value),serialNumberHex:C(o.value)}}function ve(e,t){let n=m(e,t);if(n.length<3||n.length>5)throw Error(`Malformed OCSP SingleResponse`);let r=x(n[0],`certId`),i=x(n[1],`certStatus`),a=x(n[2],`thisUpdate`),o=3,s=n[o]?.tag===160?n[o]:void 0;s!==void 0&&(Ne(e,s),o+=1);let c=n[o];if(c!==void 0&&c.tag!==161||n.length!==o+(c===void 0?0:1))throw Error(`Malformed OCSP SingleResponse`);let l,u;if(i.tag===128){if(i.value.length!==0)throw Error(`OCSP good certStatus must be empty`);return{certId:q(e.slice(r.start-r.headerLength,r.end)),certStatus:`good`,thisUpdate:b(a),...s===void 0?{}:{nextUpdate:b(x(m(e,s)[0],`nextUpdate`))}}}if(i.tag===161){let t=m(e,i);if(t.length<1||t.length>2)throw Error(`Malformed OCSP revoked certStatus`);l=b(x(t[0],`revocationTime`));let n=t[1];if(n?.tag===160){let t=m(e,n),r=x(t[0],`revocationReason`);if(t.length!==1||r.tag!==10)throw Error(`revocationReason must use ENUMERATED`);u=h(r.value,`OCSP revocationReason`)}else if(n!==void 0)throw Error(`Malformed OCSP revoked certStatus`)}else if(i.tag!==130)throw Error(`Unsupported OCSP certStatus tag: ${String(i.tag)}`);else if(i.value.length!==0)throw Error(`OCSP unknown certStatus must be empty`);return{certId:q(e.slice(r.start-r.headerLength,r.end)),certStatus:i.tag===130?`unknown`:`revoked`,thisUpdate:b(a),...s===void 0?{}:{nextUpdate:b(x(m(e,s)[0],`nextUpdate`))},...l===void 0?{}:{revokedAt:l},...u===void 0?{}:{revocationReasonCode:u}}}function ye(e,t){switch(t.tag){case 130:if(t.value.length===0)throw Error(`ResponderID byKeyHash must not be empty`);return{type:`byKeyHash`,keyHashHex:C(t.value)};case 161:if(m(e,t).length!==1)throw Error(`ResponderID byName must wrap exactly one Name`);return{type:`byName`,name:be(e,x(m(e,t)[0],`ResponderID byName`))};default:throw Error(`Unsupported OCSP responderID tag: ${String(t.tag)}`)}}function be(e,t){if(t.tag!==48)throw Error(`ResponderID byName must use Name SEQUENCE`);let n=[],r=[],i={};for(let a of m(e,t)){let t=xe(e,a);n.push(t);for(let e of t.attributes)r.push(e),e.key!==void 0&&i[e.key]===void 0&&(i[e.key]=e.value)}return{derHex:C(e.slice(t.start-t.headerLength,t.end)),rdns:n,attributes:r,values:i}}function xe(e,t){let n=[],r={};for(let i of m(e,t)){let t=m(e,i),a=g(x(t[0],`name OID`).value),o=x(t[1],`name value`),s=Te(a),c=_(o.tag,o.value),l=s===void 0?{oid:a,valueTag:o.tag,value:c}:{oid:a,key:s,valueTag:o.tag,value:c};n.push(l),s!==void 0&&r[s]===void 0&&(r[s]=c)}return{derHex:C(e.slice(t.start-t.headerLength,t.end)),attributes:n,values:r}}function Se(e,t){if(e.rdns.length!==t.rdns.length)return!1;for(let n=0;n<e.rdns.length;n+=1){let r=e.rdns[n],i=t.rdns[n];if(r===void 0||i===void 0||!Ce(r,i))return!1}return!0}function Ce(e,t){if(e.attributes.length!==t.attributes.length)return!1;let n=Array(t.attributes.length).fill(!1);for(let r of e.attributes){let e=!1;for(let i=0;i<t.attributes.length;i+=1){let a=t.attributes[i];if(!(a===void 0||n[i])&&we(r,a)){n[i]=!0,e=!0;break}}if(!e)return!1}return!0}function we(e,t){if(e.oid!==t.oid)return!1;if(J(e.valueTag)&&J(t.valueTag)){let n=Y(e.value),r=Y(t.value);return n===void 0||r===void 0?!1:n===r}return e.valueTag===t.valueTag&&e.value===t.value}function J(e){return e===12||e===19}function Y(e){let t=e.normalize(`NFKC`);if(!/[^\P{Cc}\t\n\r]/u.test(t))return t.toLowerCase().trim().replace(/\s+/gu,` `)}function Te(e){switch(e){case w.commonName:return`commonName`;case w.surname:return`surname`;case w.serialNumber:return`serialNumber`;case w.countryName:return`country`;case w.localityName:return`locality`;case w.stateOrProvinceName:return`state`;case w.streetAddress:return`street`;case w.organizationName:return`organization`;case w.organizationalUnitName:return`organizationalUnit`;case w.title:return`title`;case w.givenName:return`givenName`;case w.emailAddress:return`emailAddress`;default:return}}function X(e,t){let n=m(e,t),r=x(n[0],`extensions`);if(n.length!==1||r.tag!==48)throw Error(`Malformed OCSP extensions`);let i=new Set,a;for(let t of m(e,r)){let n=m(e,t);if(n.length<2||n.length>3||n.length===3&&n[1]?.tag!==1)throw Error(`Malformed OCSP extension`);let r=g(x(n[0],`extension OID`).value);if(i.has(r))throw Error(`Duplicate OCSP extension OID: ${r}`);i.add(r);let o=x(n[n.length-1],`extnValue`);if(o.tag!==4)throw Error(`OCSP extension value must use OCTET STRING`);if(r!==w.ocspNonce)continue;let s=l(o.value,{maxDepth:64});if(s.tag!==4)throw Error(`OCSP nonce extension value must use OCTET STRING`);a=C(s.value)}return a}function Ee(e,t){let n=[],r=t.start;for(;r<t.end;){let t=c(e,r);n.push(A(e.slice(r,t.end))),r=t.end}return n}function Z(e){let t=x(m(e,c(e))[1],`subjectPublicKey BIT STRING`);if(t.tag!==3)throw Error(`SPKI missing subjectPublicKey BIT STRING`);return t.value.slice(1)}function De(e){switch(e){case 0:return`successful`;case 1:return`malformedRequest`;case 2:return`internalError`;case 3:return`tryLater`;case 5:return`sigRequired`;case 6:return`unauthorized`;default:throw Error(`Unsupported OCSP responseStatus value: ${String(e)}`)}}function Oe(e){return`der`in e&&e.der instanceof Uint8Array}function Q(e){return`der`in e&&e.der instanceof Uint8Array}function ke(e){let t=new Set;for(let n of e){let e=$(n.certId);if(t.has(e))throw Error(`Duplicate OCSP response CertID`);t.add(e)}}function Ae(e){let t=new Set;for(let n of e){let e=Fe(n.certId.serialNumberHex);if(t.has(e))return!0;t.add(e)}return!1}function je(e,t){let n=m(e,t),r=x(n[0],`requestorName`);if(n.length!==1||(r.tag&192)!=128)throw Error(`requestorName must wrap exactly one GeneralName`)}function Me(e,t){let n=m(e,t),r=x(n[0],`optionalSignature`);if(n.length!==1||r.tag!==48)throw Error(`optionalSignature must wrap exactly one Signature`);let i=m(e,r);if(i.length<2||i.length>3||i[0]?.tag!==48||i[2]!==void 0&&i[2]?.tag!==160)throw Error(`Malformed optionalSignature`);let a=x(i[0],`signatureAlgorithm`),o=x(i[1],`signature`),s=i[2];if(Pe(e,a,`optionalSignature algorithm`),v(o),s!==void 0){let t=m(e,s);if(t.length!==1||t[0]?.tag!==48)throw Error(`optionalSignature certs must use SEQUENCE OF Certificate`)}}function Ne(e,t){let n=m(e,t),r=x(n[0],`nextUpdate`);if(n.length!==1||r.tag!==23&&r.tag!==24)throw Error(`nextUpdate must wrap exactly one time value`)}function Pe(e,t,n){let r=m(e,t);if(t.tag!==48||r.length<1||r.length>2||r[0]?.tag!==6)throw Error(`${n} must use AlgorithmIdentifier SEQUENCE`);g(x(r[0],`${n} OID`).value)}function Fe(e){return e.toLowerCase()}function Ie(e){switch(e){case w.sha1:return`SHA-1`;case w.sha256:return`SHA-256`;default:throw Error(`Unsupported OCSP hash algorithm OID: ${e}`)}}function $(e){return[e.hashAlgorithmOid,e.issuerNameHashHex,e.issuerKeyHashHex,e.serialNumberHex].join(`:`)}export{oe as createOcspRequest,se as createOcspResponse,N as parseOcspRequestDer,P as parseOcspRequestPem,F as parseOcspResponseDer,I as parseOcspResponsePem,ce as validateOcspResponse,L as verifyOcspResponse};
|
|
2
2
|
//# sourceMappingURL=ocsp.js.map
|