node-opcua-crypto 1.11.0 → 2.0.0

package/dist/source/buffer_utils.d.ts

@@ -1,6 +1,6 @@
-/// <reference types="node" />
-/**
- * @internal
- * @private
- */
-export declare const createFastUninitializedBuffer: (size: number) => Buffer;
+/// <reference types="node" />
+/**
+ * @internal
+ * @private
+ */
+export declare const createFastUninitializedBuffer: (size: number) => Buffer;

package/dist/source/buffer_utils.js

@@ -1,22 +1,22 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.createFastUninitializedBuffer = void 0;
-//
-// note: new Buffer(size)#  is deprecated since: v6.0. and is replaced with Buffer.allocUnsafe
-//       to ensure backward compatibility we have to replace
-//       new Buffer(size) with createFastUninitializedBuffer(size)
-//
-//       Buffer.alloc and Buffer.allocUnsafe have been introduced in nodejs 5.1.0
-//  in node 0.11 new Buffer
-//
-/**
- * @internal
- * @private
- */
-exports.createFastUninitializedBuffer = Buffer.allocUnsafe
-    ? Buffer.allocUnsafe
-    : (size) => {
-        // istanbul ignore next
-        return new Buffer(size);
-    };
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createFastUninitializedBuffer = void 0;
+//
+// note: new Buffer(size)#  is deprecated since: v6.0. and is replaced with Buffer.allocUnsafe
+//       to ensure backward compatibility we have to replace
+//       new Buffer(size) with createFastUninitializedBuffer(size)
+//
+//       Buffer.alloc and Buffer.allocUnsafe have been introduced in nodejs 5.1.0
+//  in node 0.11 new Buffer
+//
+/**
+ * @internal
+ * @private
+ */
+exports.createFastUninitializedBuffer = Buffer.allocUnsafe
+    ? Buffer.allocUnsafe
+    : (size) => {
+        // istanbul ignore next
+        return new Buffer(size);
+    };
 //# sourceMappingURL=buffer_utils.js.map

package/dist/source/certificate_matches_private_key.d.ts

@@ -0,0 +1,2 @@
+import { Certificate, PrivateKey } from "./common";
+export declare function certificateMatchesPrivateKey(certificate: Certificate, privateKey: PrivateKey): boolean;

package/dist/source/certificate_matches_private_key.js

@@ -0,0 +1,22 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.certificateMatchesPrivateKey = void 0;
+const crypto_utils_1 = require("./crypto_utils");
+/**
+ * check that the given certificate matches the given private key
+ * @param certificate
+ * @param privateKey
+ */
+function certificateMatchesPrivateKeyPEM(certificate, privateKey) {
+    const initialBuffer = Buffer.from("Lorem Ipsum");
+    const encryptedBuffer = (0, crypto_utils_1.publicEncrypt_long)(initialBuffer, certificate, 256, 11);
+    const decryptedBuffer = (0, crypto_utils_1.privateDecrypt_long)(encryptedBuffer, privateKey, 256);
+    return initialBuffer.toString("utf-8") === decryptedBuffer.toString("utf-8");
+}
+function certificateMatchesPrivateKey(certificate, privateKey) {
+    const certificatePEM = (0, crypto_utils_1.toPem)(certificate, "CERTIFICATE");
+    const privateKeyPEM = (0, crypto_utils_1.toPem)(privateKey, "RSA PRIVATE KEY");
+    return certificateMatchesPrivateKeyPEM(certificatePEM, privateKeyPEM);
+}
+exports.certificateMatchesPrivateKey = certificateMatchesPrivateKey;
+//# sourceMappingURL=certificate_matches_private_key.js.map

package/dist/source/certificate_matches_private_key.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"certificate_matches_private_key.js","sourceRoot":"","sources":["../../source/certificate_matches_private_key.ts"],"names":[],"mappings":";;;AACA,iDAAgF;AAEhF;;;;GAIG;AACH,SAAS,+BAA+B,CAAC,WAA2B,EAAE,UAAyB;IAC3F,MAAM,aAAa,GAAG,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IACjD,MAAM,eAAe,GAAG,IAAA,iCAAkB,EAAC,aAAa,EAAE,WAAW,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAChF,MAAM,eAAe,GAAG,IAAA,kCAAmB,EAAC,eAAe,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC;IAC9E,OAAO,aAAa,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,eAAe,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;AACjF,CAAC;AAED,SAAgB,4BAA4B,CAAC,WAAwB,EAAE,UAAsB;IACzF,MAAM,cAAc,GAAG,IAAA,oBAAK,EAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IACzD,MAAM,aAAa,GAAG,IAAA,oBAAK,EAAC,UAAU,EAAE,iBAAiB,CAAC,CAAC;IAC3D,OAAO,+BAA+B,CAAC,cAAc,EAAE,aAAa,CAAC,CAAC;AAC1E,CAAC;AAJD,oEAIC"}

package/dist/source/common.d.ts

@@ -1,12 +1,12 @@
-/// <reference types="node" />
-export declare type Nonce = Buffer;
-export declare type PEM = string;
-export declare type DER = Buffer;
-export declare type Certificate = DER;
-export declare type CertificatePEM = PEM;
-export declare type PrivateKey = DER;
-export declare type PrivateKeyPEM = PEM;
-export declare type PublicKey = DER;
-export declare type PublicKeyPEM = PEM;
-export declare type Signature = Buffer;
-export declare type CertificateRevocationList = Buffer;
+/// <reference types="node" />
+export type Nonce = Buffer;
+export type PEM = string;
+export type DER = Buffer;
+export type Certificate = DER;
+export type CertificatePEM = PEM;
+export type PrivateKey = DER;
+export type PrivateKeyPEM = PEM;
+export type PublicKey = DER;
+export type PublicKeyPEM = PEM;
+export type Signature = Buffer;
+export type CertificateRevocationList = Buffer;

package/dist/source/common.js

@@ -1,3 +1,3 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
 //# sourceMappingURL=common.js.map

package/dist/source/crypto_explore_certificate.d.ts

@@ -1,107 +1,107 @@
-/**
- * @module node_opcua_crypto
- */
-/// <reference types="node" />
-import { BlockInfo, AlgorithmIdentifier, SignatureValue, DirectoryName } from "./asn1";
-import { Certificate } from "./common";
-import { PublicKeyLength } from "./explore_certificate";
-export interface AttributeTypeAndValue {
-    [key: string]: any;
-}
-export interface Validity {
-    notBefore: Date;
-    notAfter: Date;
-}
-export interface X509KeyUsage {
-    digitalSignature: boolean;
-    nonRepudiation: boolean;
-    keyEncipherment: boolean;
-    dataEncipherment: boolean;
-    keyAgreement: boolean;
-    keyCertSign: boolean;
-    cRLSign: boolean;
-    encipherOnly: boolean;
-    decipherOnly: boolean;
-}
-export interface X509ExtKeyUsage {
-    clientAuth: boolean;
-    serverAuth: boolean;
-    codeSigning: boolean;
-    emailProtection: boolean;
-    timeStamping: boolean;
-    ocspSigning: boolean;
-    ipsecEndSystem: boolean;
-    ipsecTunnel: boolean;
-    ipsecUser: boolean;
-}
-export interface SubjectPublicKey {
-    modulus: Buffer;
-}
-export declare function _readExtension(buffer: Buffer, block: BlockInfo): {
-    identifier: {
-        oid: string;
-        name: string;
-    };
-    value: any;
-};
-export interface SubjectPublicKeyInfo {
-    algorithm: string;
-    keyLength: PublicKeyLength;
-    subjectPublicKey: SubjectPublicKey;
-}
-export interface BasicConstraints {
-    critical: boolean;
-    cA: boolean;
-    pathLengthConstraint?: number;
-}
-export interface AuthorityKeyIdentifier {
-    keyIdentifier: string | null;
-    authorityCertIssuer: DirectoryName | null;
-    authorityCertIssuerFingerPrint: string;
-    serial: string | null;
-}
-export interface CertificateExtension {
-    basicConstraints: BasicConstraints;
-    subjectKeyIdentifier?: string;
-    authorityKeyIdentifier?: AuthorityKeyIdentifier;
-    keyUsage?: X509KeyUsage;
-    extKeyUsage?: X509ExtKeyUsage;
-    subjectAltName?: any;
-}
-export interface TbsCertificate {
-    version: number;
-    serialNumber: string;
-    issuer: any;
-    signature: AlgorithmIdentifier;
-    validity: Validity;
-    subject: DirectoryName;
-    subjectFingerPrint: string;
-    subjectPublicKeyInfo: SubjectPublicKeyInfo;
-    extensions: CertificateExtension | null;
-}
-export declare function readTbsCertificate(buffer: Buffer, block: BlockInfo): TbsCertificate;
-export interface CertificateInternals {
-    tbsCertificate: TbsCertificate;
-    signatureAlgorithm: AlgorithmIdentifier;
-    signatureValue: SignatureValue;
-}
-/**
- * explore a certificate structure
- * @param certificate
- * @returns a json object that exhibits the internal data of the certificate
- */
-export declare function exploreCertificate(certificate: Certificate): CertificateInternals;
-/**
- * @method split_der
- * split a multi chain certificates
- * @param certificateChain  the certificate chain in der (binary) format}
- * @returns an array of Der , each element of the array is one certificate of the chain
- */
-export declare function split_der(certificateChain: Certificate): Certificate[];
-/**
- * @method combine_der
- * combine an array of certificates into a single blob
- * @param certificates a array with the individual DER certificates of the chain
- * @return a concatenated buffer containing the certificates
- */
-export declare function combine_der(certificates: Certificate[]): Certificate;
+/**
+ * @module node_opcua_crypto
+ */
+/// <reference types="node" />
+import { BlockInfo, AlgorithmIdentifier, SignatureValue, DirectoryName } from "./asn1";
+import { Certificate } from "./common";
+import { PublicKeyLength } from "./explore_certificate";
+export interface AttributeTypeAndValue {
+    [key: string]: any;
+}
+export interface Validity {
+    notBefore: Date;
+    notAfter: Date;
+}
+export interface X509KeyUsage {
+    digitalSignature: boolean;
+    nonRepudiation: boolean;
+    keyEncipherment: boolean;
+    dataEncipherment: boolean;
+    keyAgreement: boolean;
+    keyCertSign: boolean;
+    cRLSign: boolean;
+    encipherOnly: boolean;
+    decipherOnly: boolean;
+}
+export interface X509ExtKeyUsage {
+    clientAuth: boolean;
+    serverAuth: boolean;
+    codeSigning: boolean;
+    emailProtection: boolean;
+    timeStamping: boolean;
+    ocspSigning: boolean;
+    ipsecEndSystem: boolean;
+    ipsecTunnel: boolean;
+    ipsecUser: boolean;
+}
+export interface SubjectPublicKey {
+    modulus: Buffer;
+}
+export declare function _readExtension(buffer: Buffer, block: BlockInfo): {
+    identifier: {
+        oid: string;
+        name: string;
+    };
+    value: any;
+};
+export interface SubjectPublicKeyInfo {
+    algorithm: string;
+    keyLength: PublicKeyLength;
+    subjectPublicKey: SubjectPublicKey;
+}
+export interface BasicConstraints {
+    critical: boolean;
+    cA: boolean;
+    pathLengthConstraint?: number;
+}
+export interface AuthorityKeyIdentifier {
+    keyIdentifier: string | null;
+    authorityCertIssuer: DirectoryName | null;
+    authorityCertIssuerFingerPrint: string;
+    serial: string | null;
+}
+export interface CertificateExtension {
+    basicConstraints: BasicConstraints;
+    subjectKeyIdentifier?: string;
+    authorityKeyIdentifier?: AuthorityKeyIdentifier;
+    keyUsage?: X509KeyUsage;
+    extKeyUsage?: X509ExtKeyUsage;
+    subjectAltName?: any;
+}
+export interface TbsCertificate {
+    version: number;
+    serialNumber: string;
+    issuer: any;
+    signature: AlgorithmIdentifier;
+    validity: Validity;
+    subject: DirectoryName;
+    subjectFingerPrint: string;
+    subjectPublicKeyInfo: SubjectPublicKeyInfo;
+    extensions: CertificateExtension | null;
+}
+export declare function readTbsCertificate(buffer: Buffer, block: BlockInfo): TbsCertificate;
+export interface CertificateInternals {
+    tbsCertificate: TbsCertificate;
+    signatureAlgorithm: AlgorithmIdentifier;
+    signatureValue: SignatureValue;
+}
+/**
+ * explore a certificate structure
+ * @param certificate
+ * @returns a json object that exhibits the internal data of the certificate
+ */
+export declare function exploreCertificate(certificate: Certificate): CertificateInternals;
+/**
+ * @method split_der
+ * split a multi chain certificates
+ * @param certificateChain  the certificate chain in der (binary) format}
+ * @returns an array of Der , each element of the array is one certificate of the chain
+ */
+export declare function split_der(certificateChain: Certificate): Certificate[];
+/**
+ * @method combine_der
+ * combine an array of certificates into a single blob
+ * @param certificates a array with the individual DER certificates of the chain
+ * @return a concatenated buffer containing the certificates
+ */
+export declare function combine_der(certificates: Certificate[]): Certificate;