node-opcua-crypto 1.7.4 → 1.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.fossa.yml +18 -18
- package/.github/FUNDING.yml +12 -12
- package/.github/workflows/main.yml +32 -32
- package/.prettierrc.js +6 -6
- package/LICENSE +22 -22
- package/README.md +14 -14
- package/dist/asn1.d.ts +69 -0
- package/dist/asn1.js +349 -0
- package/dist/asn1.js.map +1 -0
- package/dist/buffer_utils.d.ts +6 -0
- package/dist/buffer_utils.js +22 -0
- package/dist/buffer_utils.js.map +1 -0
- package/dist/common.d.ts +11 -0
- package/dist/common.js +3 -0
- package/dist/common.js.map +1 -0
- package/dist/crypto_explore_certificate.d.ts +95 -0
- package/dist/crypto_explore_certificate.js +547 -0
- package/dist/crypto_explore_certificate.js.map +1 -0
- package/dist/crypto_utils.d.ts +106 -0
- package/dist/crypto_utils.js +370 -0
- package/dist/crypto_utils.js.map +1 -0
- package/dist/derived_keys.d.ts +72 -0
- package/dist/derived_keys.js +247 -0
- package/dist/derived_keys.js.map +1 -0
- package/dist/explore_certificate.d.ts +30 -0
- package/dist/explore_certificate.js +44 -0
- package/dist/explore_certificate.js.map +1 -0
- package/dist/explore_certificate_revocation_list.d.ts +30 -0
- package/dist/explore_certificate_revocation_list.js +67 -0
- package/dist/explore_certificate_revocation_list.js.map +1 -0
- package/dist/index.d.ts +10 -0
- package/dist/index.js +23 -0
- package/dist/index.js.map +1 -0
- package/dist/oid_map.d.ts +7 -0
- package/dist/oid_map.js +262 -0
- package/dist/oid_map.js.map +1 -0
- package/dist/source/asn1.d.ts +73 -73
- package/dist/source/asn1.js +359 -359
- package/dist/source/buffer_utils.d.ts +6 -5
- package/dist/source/buffer_utils.js +21 -21
- package/dist/source/common.d.ts +12 -12
- package/dist/source/common.js +2 -2
- package/dist/source/crypto_explore_certificate.d.ts +107 -107
- package/dist/source/crypto_explore_certificate.js +600 -600
- package/dist/source/crypto_utils.d.ts +78 -78
- package/dist/source/crypto_utils.js +280 -280
- package/dist/source/derived_keys.d.ts +72 -72
- package/dist/source/derived_keys.js +248 -245
- package/dist/source/derived_keys.js.map +1 -1
- package/dist/source/explore_certificate.d.ts +30 -30
- package/dist/source/explore_certificate.js +43 -43
- package/dist/source/explore_certificate_revocation_list.d.ts +28 -28
- package/dist/source/explore_certificate_revocation_list.js +44 -44
- package/dist/source/explore_certificate_signing_request.d.ts +13 -13
- package/dist/source/explore_certificate_signing_request.js +44 -44
- package/dist/source/explore_private_key.d.ts +29 -29
- package/dist/source/explore_private_key.js +96 -96
- package/dist/source/index.d.ts +13 -13
- package/dist/source/index.js +25 -25
- package/dist/source/oid_map.d.ts +7 -7
- package/dist/source/oid_map.js +303 -303
- package/dist/source/public_private_match.d.ts +3 -3
- package/dist/source/public_private_match.js +16 -16
- package/dist/source/verify_certificate_signature.d.ts +10 -10
- package/dist/source/verify_certificate_signature.js +101 -101
- package/dist/source_nodejs/index.d.ts +3 -3
- package/dist/source_nodejs/index.js +15 -15
- package/dist/source_nodejs/read.d.ts +29 -29
- package/dist/source_nodejs/read.js +94 -94
- package/dist/source_nodejs/read_certificate_revocation_list.d.ts +2 -2
- package/dist/source_nodejs/read_certificate_revocation_list.js +27 -27
- package/dist/source_nodejs/read_certificate_signing_request.d.ts +3 -3
- package/dist/source_nodejs/read_certificate_signing_request.js +27 -27
- package/dist/verify_cerficate_signature.d.ts +10 -0
- package/dist/verify_cerficate_signature.js +102 -0
- package/dist/verify_cerficate_signature.js.map +1 -0
- package/index.d.ts +2 -2
- package/index.js +4 -4
- package/index_web.js +3 -3
- package/package.json +17 -17
- package/source/asn1.ts +404 -404
- package/source/buffer_utils.ts +18 -18
- package/source/common.ts +13 -13
- package/source/crypto_explore_certificate.ts +763 -763
- package/source/crypto_utils.ts +321 -321
- package/source/derived_keys.ts +287 -284
- package/source/explore_certificate.ts +66 -66
- package/source/explore_certificate_revocation_list.ts +93 -93
- package/source/explore_certificate_signing_request.ts +58 -58
- package/source/explore_private_key.ts +121 -121
- package/source/index.ts +13 -13
- package/source/oid_map.ts +310 -310
- package/source/public_private_match.ts +17 -17
- package/source/verify_certificate_signature.ts +105 -105
- package/source_nodejs/index.ts +2 -2
- package/source_nodejs/read.ts +95 -95
- package/source_nodejs/read_certificate_revocation_list.ts +14 -14
- package/source_nodejs/read_certificate_signing_request.ts +17 -17
- package/test_certificate.ts +34 -34
- package/tsconfig.json +18 -18
- package/tslint.json +34 -34
- package/pnpm-lock.yaml +0 -1689
|
@@ -1,44 +1,44 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
/**
|
|
3
|
-
* @module node_opcua_crypto
|
|
4
|
-
*/
|
|
5
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
-
exports.exploreCertificateInfo = exports.coerceCertificate = void 0;
|
|
7
|
-
const crypto_explore_certificate_1 = require("./crypto_explore_certificate");
|
|
8
|
-
const crypto_utils_1 = require("./crypto_utils");
|
|
9
|
-
const assert = require("assert");
|
|
10
|
-
function coerceCertificate(certificate) {
|
|
11
|
-
if (typeof certificate === "string") {
|
|
12
|
-
certificate = (0, crypto_utils_1.convertPEMtoDER)(certificate);
|
|
13
|
-
}
|
|
14
|
-
assert(certificate instanceof Buffer);
|
|
15
|
-
return certificate;
|
|
16
|
-
}
|
|
17
|
-
exports.coerceCertificate = coerceCertificate;
|
|
18
|
-
/**
|
|
19
|
-
* @method exploreCertificateInfo
|
|
20
|
-
* returns useful information about the certificate such as public key length, start date and end of validity date,
|
|
21
|
-
* and CN
|
|
22
|
-
* @param certificate the certificate to explore
|
|
23
|
-
*/
|
|
24
|
-
function exploreCertificateInfo(certificate) {
|
|
25
|
-
certificate = coerceCertificate(certificate);
|
|
26
|
-
const certInfo = (0, crypto_explore_certificate_1.exploreCertificate)(certificate);
|
|
27
|
-
const data = {
|
|
28
|
-
publicKeyLength: certInfo.tbsCertificate.subjectPublicKeyInfo.keyLength,
|
|
29
|
-
notBefore: certInfo.tbsCertificate.validity.notBefore,
|
|
30
|
-
notAfter: certInfo.tbsCertificate.validity.notAfter,
|
|
31
|
-
publicKey: certInfo.tbsCertificate.subjectPublicKeyInfo.subjectPublicKey,
|
|
32
|
-
subject: certInfo.tbsCertificate.subject,
|
|
33
|
-
};
|
|
34
|
-
// istanbul ignore next
|
|
35
|
-
if (!(data.publicKeyLength === 512 ||
|
|
36
|
-
data.publicKeyLength === 384 ||
|
|
37
|
-
data.publicKeyLength === 256 ||
|
|
38
|
-
data.publicKeyLength === 128)) {
|
|
39
|
-
throw new Error("Invalid public key length (expecting 128,256,384 or 512)" + data.publicKeyLength);
|
|
40
|
-
}
|
|
41
|
-
return data;
|
|
42
|
-
}
|
|
43
|
-
exports.exploreCertificateInfo = exploreCertificateInfo;
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* @module node_opcua_crypto
|
|
4
|
+
*/
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.exploreCertificateInfo = exports.coerceCertificate = void 0;
|
|
7
|
+
const crypto_explore_certificate_1 = require("./crypto_explore_certificate");
|
|
8
|
+
const crypto_utils_1 = require("./crypto_utils");
|
|
9
|
+
const assert = require("assert");
|
|
10
|
+
function coerceCertificate(certificate) {
|
|
11
|
+
if (typeof certificate === "string") {
|
|
12
|
+
certificate = (0, crypto_utils_1.convertPEMtoDER)(certificate);
|
|
13
|
+
}
|
|
14
|
+
assert(certificate instanceof Buffer);
|
|
15
|
+
return certificate;
|
|
16
|
+
}
|
|
17
|
+
exports.coerceCertificate = coerceCertificate;
|
|
18
|
+
/**
|
|
19
|
+
* @method exploreCertificateInfo
|
|
20
|
+
* returns useful information about the certificate such as public key length, start date and end of validity date,
|
|
21
|
+
* and CN
|
|
22
|
+
* @param certificate the certificate to explore
|
|
23
|
+
*/
|
|
24
|
+
function exploreCertificateInfo(certificate) {
|
|
25
|
+
certificate = coerceCertificate(certificate);
|
|
26
|
+
const certInfo = (0, crypto_explore_certificate_1.exploreCertificate)(certificate);
|
|
27
|
+
const data = {
|
|
28
|
+
publicKeyLength: certInfo.tbsCertificate.subjectPublicKeyInfo.keyLength,
|
|
29
|
+
notBefore: certInfo.tbsCertificate.validity.notBefore,
|
|
30
|
+
notAfter: certInfo.tbsCertificate.validity.notAfter,
|
|
31
|
+
publicKey: certInfo.tbsCertificate.subjectPublicKeyInfo.subjectPublicKey,
|
|
32
|
+
subject: certInfo.tbsCertificate.subject,
|
|
33
|
+
};
|
|
34
|
+
// istanbul ignore next
|
|
35
|
+
if (!(data.publicKeyLength === 512 ||
|
|
36
|
+
data.publicKeyLength === 384 ||
|
|
37
|
+
data.publicKeyLength === 256 ||
|
|
38
|
+
data.publicKeyLength === 128)) {
|
|
39
|
+
throw new Error("Invalid public key length (expecting 128,256,384 or 512)" + data.publicKeyLength);
|
|
40
|
+
}
|
|
41
|
+
return data;
|
|
42
|
+
}
|
|
43
|
+
exports.exploreCertificateInfo = exploreCertificateInfo;
|
|
44
44
|
//# sourceMappingURL=explore_certificate.js.map
|
|
@@ -1,28 +1,28 @@
|
|
|
1
|
-
/// <reference types="node" />
|
|
2
|
-
import { AlgorithmIdentifier, BlockInfo, DirectoryName } from "./asn1";
|
|
3
|
-
import { CertificateRevocationList } from "./common";
|
|
4
|
-
export declare type Version = string;
|
|
5
|
-
export declare type Name = string;
|
|
6
|
-
export declare type CertificateSerialNumber = string;
|
|
7
|
-
export declare type Extensions = Record<string, unknown>;
|
|
8
|
-
export interface RevokedCertificate {
|
|
9
|
-
userCertificate: CertificateSerialNumber;
|
|
10
|
-
revocationDate: Date;
|
|
11
|
-
crlEntryExtensions?: Extensions;
|
|
12
|
-
}
|
|
13
|
-
export interface TBSCertList {
|
|
14
|
-
version?: Version;
|
|
15
|
-
signature: AlgorithmIdentifier;
|
|
16
|
-
issuer: Name;
|
|
17
|
-
issuerFingerprint: string;
|
|
18
|
-
thisUpdate: Date;
|
|
19
|
-
nextUpdate?: Date;
|
|
20
|
-
revokedCertificates: RevokedCertificate[];
|
|
21
|
-
}
|
|
22
|
-
export interface CertificateRevocationListInfo {
|
|
23
|
-
tbsCertList: TBSCertList;
|
|
24
|
-
signatureAlgorithm: AlgorithmIdentifier;
|
|
25
|
-
signatureValue: Buffer;
|
|
26
|
-
}
|
|
27
|
-
export declare function readNameForCrl(buffer: Buffer, block: BlockInfo): DirectoryName;
|
|
28
|
-
export declare function exploreCertificateRevocationList(crl: CertificateRevocationList): CertificateRevocationListInfo;
|
|
1
|
+
/// <reference types="node" />
|
|
2
|
+
import { AlgorithmIdentifier, BlockInfo, DirectoryName } from "./asn1";
|
|
3
|
+
import { CertificateRevocationList } from "./common";
|
|
4
|
+
export declare type Version = string;
|
|
5
|
+
export declare type Name = string;
|
|
6
|
+
export declare type CertificateSerialNumber = string;
|
|
7
|
+
export declare type Extensions = Record<string, unknown>;
|
|
8
|
+
export interface RevokedCertificate {
|
|
9
|
+
userCertificate: CertificateSerialNumber;
|
|
10
|
+
revocationDate: Date;
|
|
11
|
+
crlEntryExtensions?: Extensions;
|
|
12
|
+
}
|
|
13
|
+
export interface TBSCertList {
|
|
14
|
+
version?: Version;
|
|
15
|
+
signature: AlgorithmIdentifier;
|
|
16
|
+
issuer: Name;
|
|
17
|
+
issuerFingerprint: string;
|
|
18
|
+
thisUpdate: Date;
|
|
19
|
+
nextUpdate?: Date;
|
|
20
|
+
revokedCertificates: RevokedCertificate[];
|
|
21
|
+
}
|
|
22
|
+
export interface CertificateRevocationListInfo {
|
|
23
|
+
tbsCertList: TBSCertList;
|
|
24
|
+
signatureAlgorithm: AlgorithmIdentifier;
|
|
25
|
+
signatureValue: Buffer;
|
|
26
|
+
}
|
|
27
|
+
export declare function readNameForCrl(buffer: Buffer, block: BlockInfo): DirectoryName;
|
|
28
|
+
export declare function exploreCertificateRevocationList(crl: CertificateRevocationList): CertificateRevocationListInfo;
|
|
@@ -1,45 +1,45 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.exploreCertificateRevocationList = exports.readNameForCrl = void 0;
|
|
4
|
-
const asn1_1 = require("./asn1");
|
|
5
|
-
const crypto_utils_1 = require("./crypto_utils");
|
|
6
|
-
function readNameForCrl(buffer, block) {
|
|
7
|
-
return (0, asn1_1._readDirectoryName)(buffer, block);
|
|
8
|
-
}
|
|
9
|
-
exports.readNameForCrl = readNameForCrl;
|
|
10
|
-
function _readTbsCertList(buffer, blockInfo) {
|
|
11
|
-
const blocks = (0, asn1_1._readStruct)(buffer, blockInfo);
|
|
12
|
-
const version = (0, asn1_1._readIntegerValue)(buffer, blocks[0]);
|
|
13
|
-
const signature = (0, asn1_1._readAlgorithmIdentifier)(buffer, blocks[1]);
|
|
14
|
-
const issuer = readNameForCrl(buffer, blocks[2]);
|
|
15
|
-
const issuerFingerprint = (0, asn1_1.formatBuffer2DigitHexWithColum)((0, crypto_utils_1.makeSHA1Thumbprint)((0, asn1_1._getBlock)(buffer, blocks[2])));
|
|
16
|
-
const thisUpdate = (0, asn1_1._readTime)(buffer, blocks[3]);
|
|
17
|
-
const nextUpdate = (0, asn1_1._readTime)(buffer, blocks[4]);
|
|
18
|
-
const revokedCertificates = [];
|
|
19
|
-
if (blocks[5] && blocks[5].tag < 0x80) {
|
|
20
|
-
const list = (0, asn1_1._readStruct)(buffer, blocks[5]);
|
|
21
|
-
for (const r of list) {
|
|
22
|
-
// sometime blocks[5] doesn't exits .. in this case
|
|
23
|
-
const rr = (0, asn1_1._readStruct)(buffer, r);
|
|
24
|
-
const userCertificate = (0, asn1_1.formatBuffer2DigitHexWithColum)((0, asn1_1._readLongIntegerValue)(buffer, rr[0]));
|
|
25
|
-
const revocationDate = (0, asn1_1._readTime)(buffer, rr[1]);
|
|
26
|
-
revokedCertificates.push({
|
|
27
|
-
revocationDate,
|
|
28
|
-
userCertificate,
|
|
29
|
-
});
|
|
30
|
-
}
|
|
31
|
-
}
|
|
32
|
-
const ext0 = (0, asn1_1._findBlockAtIndex)(blocks, 0);
|
|
33
|
-
return { issuer, issuerFingerprint, thisUpdate, nextUpdate, signature, revokedCertificates };
|
|
34
|
-
}
|
|
35
|
-
// see https://tools.ietf.org/html/rfc5280
|
|
36
|
-
function exploreCertificateRevocationList(crl) {
|
|
37
|
-
const blockInfo = (0, asn1_1.readTag)(crl, 0);
|
|
38
|
-
const blocks = (0, asn1_1._readStruct)(crl, blockInfo);
|
|
39
|
-
const tbsCertList = _readTbsCertList(crl, blocks[0]);
|
|
40
|
-
const signatureAlgorithm = (0, asn1_1._readAlgorithmIdentifier)(crl, blocks[1]);
|
|
41
|
-
const signatureValue = (0, asn1_1._readSignatureValueBin)(crl, blocks[2]);
|
|
42
|
-
return { tbsCertList, signatureAlgorithm, signatureValue };
|
|
43
|
-
}
|
|
44
|
-
exports.exploreCertificateRevocationList = exploreCertificateRevocationList;
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.exploreCertificateRevocationList = exports.readNameForCrl = void 0;
|
|
4
|
+
const asn1_1 = require("./asn1");
|
|
5
|
+
const crypto_utils_1 = require("./crypto_utils");
|
|
6
|
+
function readNameForCrl(buffer, block) {
|
|
7
|
+
return (0, asn1_1._readDirectoryName)(buffer, block);
|
|
8
|
+
}
|
|
9
|
+
exports.readNameForCrl = readNameForCrl;
|
|
10
|
+
function _readTbsCertList(buffer, blockInfo) {
|
|
11
|
+
const blocks = (0, asn1_1._readStruct)(buffer, blockInfo);
|
|
12
|
+
const version = (0, asn1_1._readIntegerValue)(buffer, blocks[0]);
|
|
13
|
+
const signature = (0, asn1_1._readAlgorithmIdentifier)(buffer, blocks[1]);
|
|
14
|
+
const issuer = readNameForCrl(buffer, blocks[2]);
|
|
15
|
+
const issuerFingerprint = (0, asn1_1.formatBuffer2DigitHexWithColum)((0, crypto_utils_1.makeSHA1Thumbprint)((0, asn1_1._getBlock)(buffer, blocks[2])));
|
|
16
|
+
const thisUpdate = (0, asn1_1._readTime)(buffer, blocks[3]);
|
|
17
|
+
const nextUpdate = (0, asn1_1._readTime)(buffer, blocks[4]);
|
|
18
|
+
const revokedCertificates = [];
|
|
19
|
+
if (blocks[5] && blocks[5].tag < 0x80) {
|
|
20
|
+
const list = (0, asn1_1._readStruct)(buffer, blocks[5]);
|
|
21
|
+
for (const r of list) {
|
|
22
|
+
// sometime blocks[5] doesn't exits .. in this case
|
|
23
|
+
const rr = (0, asn1_1._readStruct)(buffer, r);
|
|
24
|
+
const userCertificate = (0, asn1_1.formatBuffer2DigitHexWithColum)((0, asn1_1._readLongIntegerValue)(buffer, rr[0]));
|
|
25
|
+
const revocationDate = (0, asn1_1._readTime)(buffer, rr[1]);
|
|
26
|
+
revokedCertificates.push({
|
|
27
|
+
revocationDate,
|
|
28
|
+
userCertificate,
|
|
29
|
+
});
|
|
30
|
+
}
|
|
31
|
+
}
|
|
32
|
+
const ext0 = (0, asn1_1._findBlockAtIndex)(blocks, 0);
|
|
33
|
+
return { issuer, issuerFingerprint, thisUpdate, nextUpdate, signature, revokedCertificates };
|
|
34
|
+
}
|
|
35
|
+
// see https://tools.ietf.org/html/rfc5280
|
|
36
|
+
function exploreCertificateRevocationList(crl) {
|
|
37
|
+
const blockInfo = (0, asn1_1.readTag)(crl, 0);
|
|
38
|
+
const blocks = (0, asn1_1._readStruct)(crl, blockInfo);
|
|
39
|
+
const tbsCertList = _readTbsCertList(crl, blocks[0]);
|
|
40
|
+
const signatureAlgorithm = (0, asn1_1._readAlgorithmIdentifier)(crl, blocks[1]);
|
|
41
|
+
const signatureValue = (0, asn1_1._readSignatureValueBin)(crl, blocks[2]);
|
|
42
|
+
return { tbsCertList, signatureAlgorithm, signatureValue };
|
|
43
|
+
}
|
|
44
|
+
exports.exploreCertificateRevocationList = exploreCertificateRevocationList;
|
|
45
45
|
//# sourceMappingURL=explore_certificate_revocation_list.js.map
|
|
@@ -1,13 +1,13 @@
|
|
|
1
|
-
/// <reference types="node" />
|
|
2
|
-
import { BlockInfo } from "./asn1";
|
|
3
|
-
import { BasicConstraints, X509KeyUsage } from "./crypto_explore_certificate";
|
|
4
|
-
export interface ExtensionRequest {
|
|
5
|
-
basicConstraints: BasicConstraints;
|
|
6
|
-
keyUsage: X509KeyUsage;
|
|
7
|
-
subjectAltName: any;
|
|
8
|
-
}
|
|
9
|
-
export interface CertificateSigningRequestInfo {
|
|
10
|
-
extensionRequest: ExtensionRequest;
|
|
11
|
-
}
|
|
12
|
-
export declare function readCertificationRequestInfo(buffer: Buffer, block: BlockInfo): CertificateSigningRequestInfo;
|
|
13
|
-
export declare function exploreCertificateSigningRequest(crl: Buffer): CertificateSigningRequestInfo;
|
|
1
|
+
/// <reference types="node" />
|
|
2
|
+
import { BlockInfo } from "./asn1";
|
|
3
|
+
import { BasicConstraints, X509KeyUsage } from "./crypto_explore_certificate";
|
|
4
|
+
export interface ExtensionRequest {
|
|
5
|
+
basicConstraints: BasicConstraints;
|
|
6
|
+
keyUsage: X509KeyUsage;
|
|
7
|
+
subjectAltName: any;
|
|
8
|
+
}
|
|
9
|
+
export interface CertificateSigningRequestInfo {
|
|
10
|
+
extensionRequest: ExtensionRequest;
|
|
11
|
+
}
|
|
12
|
+
export declare function readCertificationRequestInfo(buffer: Buffer, block: BlockInfo): CertificateSigningRequestInfo;
|
|
13
|
+
export declare function exploreCertificateSigningRequest(crl: Buffer): CertificateSigningRequestInfo;
|
|
@@ -1,45 +1,45 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.exploreCertificateSigningRequest = exports.readCertificationRequestInfo = void 0;
|
|
4
|
-
const asn1_1 = require("./asn1");
|
|
5
|
-
const crypto_explore_certificate_1 = require("./crypto_explore_certificate");
|
|
6
|
-
function _readExtensionRequest(buffer) {
|
|
7
|
-
const block = (0, asn1_1.readTag)(buffer, 0);
|
|
8
|
-
const inner_blocks = (0, asn1_1._readStruct)(buffer, block);
|
|
9
|
-
const extensions = inner_blocks.map((block1) => (0, crypto_explore_certificate_1._readExtension)(buffer, block1));
|
|
10
|
-
const result = {};
|
|
11
|
-
for (const e of extensions) {
|
|
12
|
-
result[e.identifier.name] = e.value;
|
|
13
|
-
}
|
|
14
|
-
const { basicConstraints, keyUsage, subjectAltName } = result;
|
|
15
|
-
return { basicConstraints, keyUsage, subjectAltName };
|
|
16
|
-
}
|
|
17
|
-
function readCertificationRequestInfo(buffer, block) {
|
|
18
|
-
const blocks = (0, asn1_1._readStruct)(buffer, block);
|
|
19
|
-
if (blocks.length === 4) {
|
|
20
|
-
const extensionRequestBlock = (0, asn1_1._findBlockAtIndex)(blocks, 0);
|
|
21
|
-
if (!extensionRequestBlock) {
|
|
22
|
-
throw new Error("cannot find extensionRequest block");
|
|
23
|
-
}
|
|
24
|
-
const blocks1 = (0, asn1_1._readStruct)(buffer, extensionRequestBlock);
|
|
25
|
-
const blocks2 = (0, asn1_1._readStruct)(buffer, blocks1[0]);
|
|
26
|
-
const identifier = (0, asn1_1._readObjectIdentifier)(buffer, blocks2[0]);
|
|
27
|
-
if (identifier.name !== "extensionRequest") {
|
|
28
|
-
throw new Error(" Cannot find extension Request in ASN1 block");
|
|
29
|
-
}
|
|
30
|
-
const buf = (0, asn1_1._getBlock)(buffer, blocks2[1]);
|
|
31
|
-
const extensionRequest = _readExtensionRequest(buf);
|
|
32
|
-
return { extensionRequest };
|
|
33
|
-
}
|
|
34
|
-
throw new Error("Invalid CSR or ");
|
|
35
|
-
}
|
|
36
|
-
exports.readCertificationRequestInfo = readCertificationRequestInfo;
|
|
37
|
-
// see https://tools.ietf.org/html/rfc2986 : Certification Request Syntax Specification Version 1.7
|
|
38
|
-
function exploreCertificateSigningRequest(crl) {
|
|
39
|
-
const blockInfo = (0, asn1_1.readTag)(crl, 0);
|
|
40
|
-
const blocks = (0, asn1_1._readStruct)(crl, blockInfo);
|
|
41
|
-
const csrInfo = readCertificationRequestInfo(crl, blocks[0]);
|
|
42
|
-
return csrInfo;
|
|
43
|
-
}
|
|
44
|
-
exports.exploreCertificateSigningRequest = exploreCertificateSigningRequest;
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.exploreCertificateSigningRequest = exports.readCertificationRequestInfo = void 0;
|
|
4
|
+
const asn1_1 = require("./asn1");
|
|
5
|
+
const crypto_explore_certificate_1 = require("./crypto_explore_certificate");
|
|
6
|
+
function _readExtensionRequest(buffer) {
|
|
7
|
+
const block = (0, asn1_1.readTag)(buffer, 0);
|
|
8
|
+
const inner_blocks = (0, asn1_1._readStruct)(buffer, block);
|
|
9
|
+
const extensions = inner_blocks.map((block1) => (0, crypto_explore_certificate_1._readExtension)(buffer, block1));
|
|
10
|
+
const result = {};
|
|
11
|
+
for (const e of extensions) {
|
|
12
|
+
result[e.identifier.name] = e.value;
|
|
13
|
+
}
|
|
14
|
+
const { basicConstraints, keyUsage, subjectAltName } = result;
|
|
15
|
+
return { basicConstraints, keyUsage, subjectAltName };
|
|
16
|
+
}
|
|
17
|
+
function readCertificationRequestInfo(buffer, block) {
|
|
18
|
+
const blocks = (0, asn1_1._readStruct)(buffer, block);
|
|
19
|
+
if (blocks.length === 4) {
|
|
20
|
+
const extensionRequestBlock = (0, asn1_1._findBlockAtIndex)(blocks, 0);
|
|
21
|
+
if (!extensionRequestBlock) {
|
|
22
|
+
throw new Error("cannot find extensionRequest block");
|
|
23
|
+
}
|
|
24
|
+
const blocks1 = (0, asn1_1._readStruct)(buffer, extensionRequestBlock);
|
|
25
|
+
const blocks2 = (0, asn1_1._readStruct)(buffer, blocks1[0]);
|
|
26
|
+
const identifier = (0, asn1_1._readObjectIdentifier)(buffer, blocks2[0]);
|
|
27
|
+
if (identifier.name !== "extensionRequest") {
|
|
28
|
+
throw new Error(" Cannot find extension Request in ASN1 block");
|
|
29
|
+
}
|
|
30
|
+
const buf = (0, asn1_1._getBlock)(buffer, blocks2[1]);
|
|
31
|
+
const extensionRequest = _readExtensionRequest(buf);
|
|
32
|
+
return { extensionRequest };
|
|
33
|
+
}
|
|
34
|
+
throw new Error("Invalid CSR or ");
|
|
35
|
+
}
|
|
36
|
+
exports.readCertificationRequestInfo = readCertificationRequestInfo;
|
|
37
|
+
// see https://tools.ietf.org/html/rfc2986 : Certification Request Syntax Specification Version 1.7
|
|
38
|
+
function exploreCertificateSigningRequest(crl) {
|
|
39
|
+
const blockInfo = (0, asn1_1.readTag)(crl, 0);
|
|
40
|
+
const blocks = (0, asn1_1._readStruct)(crl, blockInfo);
|
|
41
|
+
const csrInfo = readCertificationRequestInfo(crl, blocks[0]);
|
|
42
|
+
return csrInfo;
|
|
43
|
+
}
|
|
44
|
+
exports.exploreCertificateSigningRequest = exploreCertificateSigningRequest;
|
|
45
45
|
//# sourceMappingURL=explore_certificate_signing_request.js.map
|
|
@@ -1,29 +1,29 @@
|
|
|
1
|
-
/// <reference types="node" />
|
|
2
|
-
import { PrivateKey } from "./common";
|
|
3
|
-
export interface PrivateKeyInternals {
|
|
4
|
-
/***/
|
|
5
|
-
version: Buffer;
|
|
6
|
-
modulus: Buffer;
|
|
7
|
-
publicExponent: Buffer;
|
|
8
|
-
privateExponent: Buffer;
|
|
9
|
-
prime1: Buffer;
|
|
10
|
-
prime2: Buffer;
|
|
11
|
-
exponent1: Buffer;
|
|
12
|
-
exponent2: Buffer;
|
|
13
|
-
}
|
|
14
|
-
/**
|
|
15
|
-
*
|
|
16
|
-
* @param privateKey RSAPrivateKey ::= SEQUENCE {
|
|
17
|
-
* version Version,
|
|
18
|
-
* modulus INTEGER, -- n
|
|
19
|
-
* publicExponent INTEGER, -- e
|
|
20
|
-
* privateExponent INTEGER, -- d
|
|
21
|
-
* prime1 INTEGER, -- p
|
|
22
|
-
* prime2 INTEGER, -- q
|
|
23
|
-
* exponent1 INTEGER, -- d mod (p-1)
|
|
24
|
-
* exponent2 INTEGER, -- d mod (q-1)
|
|
25
|
-
* coefficient INTEGER, -- (inverse of q) mod p
|
|
26
|
-
* otherPrimeInfos OtherPrimeInfos OPTIONAL
|
|
27
|
-
}
|
|
28
|
-
*/
|
|
29
|
-
export declare function explorePrivateKey(privateKey: PrivateKey): PrivateKeyInternals;
|
|
1
|
+
/// <reference types="node" />
|
|
2
|
+
import { PrivateKey } from "./common";
|
|
3
|
+
export interface PrivateKeyInternals {
|
|
4
|
+
/***/
|
|
5
|
+
version: Buffer;
|
|
6
|
+
modulus: Buffer;
|
|
7
|
+
publicExponent: Buffer;
|
|
8
|
+
privateExponent: Buffer;
|
|
9
|
+
prime1: Buffer;
|
|
10
|
+
prime2: Buffer;
|
|
11
|
+
exponent1: Buffer;
|
|
12
|
+
exponent2: Buffer;
|
|
13
|
+
}
|
|
14
|
+
/**
|
|
15
|
+
*
|
|
16
|
+
* @param privateKey RSAPrivateKey ::= SEQUENCE {
|
|
17
|
+
* version Version,
|
|
18
|
+
* modulus INTEGER, -- n
|
|
19
|
+
* publicExponent INTEGER, -- e
|
|
20
|
+
* privateExponent INTEGER, -- d
|
|
21
|
+
* prime1 INTEGER, -- p
|
|
22
|
+
* prime2 INTEGER, -- q
|
|
23
|
+
* exponent1 INTEGER, -- d mod (p-1)
|
|
24
|
+
* exponent2 INTEGER, -- d mod (q-1)
|
|
25
|
+
* coefficient INTEGER, -- (inverse of q) mod p
|
|
26
|
+
* otherPrimeInfos OtherPrimeInfos OPTIONAL
|
|
27
|
+
}
|
|
28
|
+
*/
|
|
29
|
+
export declare function explorePrivateKey(privateKey: PrivateKey): PrivateKeyInternals;
|
|
@@ -1,97 +1,97 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.explorePrivateKey = void 0;
|
|
4
|
-
const assert = require("assert");
|
|
5
|
-
const asn1_1 = require("./asn1");
|
|
6
|
-
function f(buffer, b) {
|
|
7
|
-
return buffer.slice(b.position + 1, b.position + b.length);
|
|
8
|
-
}
|
|
9
|
-
const doDebug = !!process.env.DEBUG;
|
|
10
|
-
/**
|
|
11
|
-
*
|
|
12
|
-
* @param privateKey RSAPrivateKey ::= SEQUENCE {
|
|
13
|
-
* version Version,
|
|
14
|
-
* modulus INTEGER, -- n
|
|
15
|
-
* publicExponent INTEGER, -- e
|
|
16
|
-
* privateExponent INTEGER, -- d
|
|
17
|
-
* prime1 INTEGER, -- p
|
|
18
|
-
* prime2 INTEGER, -- q
|
|
19
|
-
* exponent1 INTEGER, -- d mod (p-1)
|
|
20
|
-
* exponent2 INTEGER, -- d mod (q-1)
|
|
21
|
-
* coefficient INTEGER, -- (inverse of q) mod p
|
|
22
|
-
* otherPrimeInfos OtherPrimeInfos OPTIONAL
|
|
23
|
-
}
|
|
24
|
-
*/
|
|
25
|
-
function explorePrivateKey(privateKey) {
|
|
26
|
-
assert(privateKey instanceof Buffer);
|
|
27
|
-
const block_info = (0, asn1_1.readTag)(privateKey, 0);
|
|
28
|
-
const blocks = (0, asn1_1._readStruct)(privateKey, block_info);
|
|
29
|
-
if (blocks.length === 9) {
|
|
30
|
-
// alice_rsa
|
|
31
|
-
const version = f(privateKey, blocks[0]); // _readIntegerAsByteString(privateKey, blocks1[0]);
|
|
32
|
-
const modulus = f(privateKey, blocks[1]);
|
|
33
|
-
const publicExponent = f(privateKey, blocks[2]);
|
|
34
|
-
const privateExponent = f(privateKey, blocks[3]);
|
|
35
|
-
const prime1 = f(privateKey, blocks[4]);
|
|
36
|
-
const prime2 = f(privateKey, blocks[5]);
|
|
37
|
-
const exponent1 = f(privateKey, blocks[6]);
|
|
38
|
-
const exponent2 = f(privateKey, blocks[7]);
|
|
39
|
-
return {
|
|
40
|
-
version,
|
|
41
|
-
modulus,
|
|
42
|
-
publicExponent,
|
|
43
|
-
privateExponent,
|
|
44
|
-
prime1,
|
|
45
|
-
prime2,
|
|
46
|
-
exponent1,
|
|
47
|
-
exponent2
|
|
48
|
-
};
|
|
49
|
-
}
|
|
50
|
-
/* istanbul ignore next */
|
|
51
|
-
if (doDebug) {
|
|
52
|
-
// tslint:disable:no-console
|
|
53
|
-
console.log("--------------------");
|
|
54
|
-
console.log(block_info);
|
|
55
|
-
// tslint:disable:no-console
|
|
56
|
-
console.log(blocks.map((b) => ({
|
|
57
|
-
tag: asn1_1.TagType[b.tag] + " 0x" + b.tag.toString(16),
|
|
58
|
-
l: b.length,
|
|
59
|
-
p: b.position,
|
|
60
|
-
buff: privateKey.slice(b.position, b.position + b.length).toString("hex"),
|
|
61
|
-
})));
|
|
62
|
-
}
|
|
63
|
-
const b = blocks[2];
|
|
64
|
-
const bb = privateKey.slice(b.position, b.position + b.length);
|
|
65
|
-
const block_info1 = (0, asn1_1.readTag)(bb, 0);
|
|
66
|
-
const blocks1 = (0, asn1_1._readStruct)(bb, block_info1);
|
|
67
|
-
/* istanbul ignore next */
|
|
68
|
-
if (doDebug) {
|
|
69
|
-
// tslint:disable:no-console
|
|
70
|
-
console.log(blocks1.map((b) => ({
|
|
71
|
-
tag: asn1_1.TagType[b.tag] + " 0x" + b.tag.toString(16),
|
|
72
|
-
l: b.length,
|
|
73
|
-
p: b.position,
|
|
74
|
-
buff: bb.slice(b.position, b.position + b.length).toString("hex"),
|
|
75
|
-
})));
|
|
76
|
-
}
|
|
77
|
-
const version = f(bb, blocks1[0]);
|
|
78
|
-
const modulus = f(bb, blocks1[1]);
|
|
79
|
-
const publicExponent = f(bb, blocks1[2]);
|
|
80
|
-
const privateExponent = f(bb, blocks1[3]);
|
|
81
|
-
const prime1 = f(bb, blocks1[4]);
|
|
82
|
-
const prime2 = f(bb, blocks1[5]);
|
|
83
|
-
const exponent1 = f(bb, blocks1[6]);
|
|
84
|
-
const exponent2 = f(bb, blocks1[7]);
|
|
85
|
-
return {
|
|
86
|
-
version,
|
|
87
|
-
modulus,
|
|
88
|
-
publicExponent,
|
|
89
|
-
privateExponent,
|
|
90
|
-
prime1,
|
|
91
|
-
prime2,
|
|
92
|
-
exponent1,
|
|
93
|
-
exponent2
|
|
94
|
-
};
|
|
95
|
-
}
|
|
96
|
-
exports.explorePrivateKey = explorePrivateKey;
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.explorePrivateKey = void 0;
|
|
4
|
+
const assert = require("assert");
|
|
5
|
+
const asn1_1 = require("./asn1");
|
|
6
|
+
function f(buffer, b) {
|
|
7
|
+
return buffer.slice(b.position + 1, b.position + b.length);
|
|
8
|
+
}
|
|
9
|
+
const doDebug = !!process.env.DEBUG;
|
|
10
|
+
/**
|
|
11
|
+
*
|
|
12
|
+
* @param privateKey RSAPrivateKey ::= SEQUENCE {
|
|
13
|
+
* version Version,
|
|
14
|
+
* modulus INTEGER, -- n
|
|
15
|
+
* publicExponent INTEGER, -- e
|
|
16
|
+
* privateExponent INTEGER, -- d
|
|
17
|
+
* prime1 INTEGER, -- p
|
|
18
|
+
* prime2 INTEGER, -- q
|
|
19
|
+
* exponent1 INTEGER, -- d mod (p-1)
|
|
20
|
+
* exponent2 INTEGER, -- d mod (q-1)
|
|
21
|
+
* coefficient INTEGER, -- (inverse of q) mod p
|
|
22
|
+
* otherPrimeInfos OtherPrimeInfos OPTIONAL
|
|
23
|
+
}
|
|
24
|
+
*/
|
|
25
|
+
function explorePrivateKey(privateKey) {
|
|
26
|
+
assert(privateKey instanceof Buffer);
|
|
27
|
+
const block_info = (0, asn1_1.readTag)(privateKey, 0);
|
|
28
|
+
const blocks = (0, asn1_1._readStruct)(privateKey, block_info);
|
|
29
|
+
if (blocks.length === 9) {
|
|
30
|
+
// alice_rsa
|
|
31
|
+
const version = f(privateKey, blocks[0]); // _readIntegerAsByteString(privateKey, blocks1[0]);
|
|
32
|
+
const modulus = f(privateKey, blocks[1]);
|
|
33
|
+
const publicExponent = f(privateKey, blocks[2]);
|
|
34
|
+
const privateExponent = f(privateKey, blocks[3]);
|
|
35
|
+
const prime1 = f(privateKey, blocks[4]);
|
|
36
|
+
const prime2 = f(privateKey, blocks[5]);
|
|
37
|
+
const exponent1 = f(privateKey, blocks[6]);
|
|
38
|
+
const exponent2 = f(privateKey, blocks[7]);
|
|
39
|
+
return {
|
|
40
|
+
version,
|
|
41
|
+
modulus,
|
|
42
|
+
publicExponent,
|
|
43
|
+
privateExponent,
|
|
44
|
+
prime1,
|
|
45
|
+
prime2,
|
|
46
|
+
exponent1,
|
|
47
|
+
exponent2
|
|
48
|
+
};
|
|
49
|
+
}
|
|
50
|
+
/* istanbul ignore next */
|
|
51
|
+
if (doDebug) {
|
|
52
|
+
// tslint:disable:no-console
|
|
53
|
+
console.log("--------------------");
|
|
54
|
+
console.log(block_info);
|
|
55
|
+
// tslint:disable:no-console
|
|
56
|
+
console.log(blocks.map((b) => ({
|
|
57
|
+
tag: asn1_1.TagType[b.tag] + " 0x" + b.tag.toString(16),
|
|
58
|
+
l: b.length,
|
|
59
|
+
p: b.position,
|
|
60
|
+
buff: privateKey.slice(b.position, b.position + b.length).toString("hex"),
|
|
61
|
+
})));
|
|
62
|
+
}
|
|
63
|
+
const b = blocks[2];
|
|
64
|
+
const bb = privateKey.slice(b.position, b.position + b.length);
|
|
65
|
+
const block_info1 = (0, asn1_1.readTag)(bb, 0);
|
|
66
|
+
const blocks1 = (0, asn1_1._readStruct)(bb, block_info1);
|
|
67
|
+
/* istanbul ignore next */
|
|
68
|
+
if (doDebug) {
|
|
69
|
+
// tslint:disable:no-console
|
|
70
|
+
console.log(blocks1.map((b) => ({
|
|
71
|
+
tag: asn1_1.TagType[b.tag] + " 0x" + b.tag.toString(16),
|
|
72
|
+
l: b.length,
|
|
73
|
+
p: b.position,
|
|
74
|
+
buff: bb.slice(b.position, b.position + b.length).toString("hex"),
|
|
75
|
+
})));
|
|
76
|
+
}
|
|
77
|
+
const version = f(bb, blocks1[0]);
|
|
78
|
+
const modulus = f(bb, blocks1[1]);
|
|
79
|
+
const publicExponent = f(bb, blocks1[2]);
|
|
80
|
+
const privateExponent = f(bb, blocks1[3]);
|
|
81
|
+
const prime1 = f(bb, blocks1[4]);
|
|
82
|
+
const prime2 = f(bb, blocks1[5]);
|
|
83
|
+
const exponent1 = f(bb, blocks1[6]);
|
|
84
|
+
const exponent2 = f(bb, blocks1[7]);
|
|
85
|
+
return {
|
|
86
|
+
version,
|
|
87
|
+
modulus,
|
|
88
|
+
publicExponent,
|
|
89
|
+
privateExponent,
|
|
90
|
+
prime1,
|
|
91
|
+
prime2,
|
|
92
|
+
exponent1,
|
|
93
|
+
exponent2
|
|
94
|
+
};
|
|
95
|
+
}
|
|
96
|
+
exports.explorePrivateKey = explorePrivateKey;
|
|
97
97
|
//# sourceMappingURL=explore_private_key.js.map
|
package/dist/source/index.d.ts
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* @module node_opcua_crypto
|
|
3
|
-
*/
|
|
4
|
-
export * from "./common";
|
|
5
|
-
export * from "./derived_keys";
|
|
6
|
-
export * from "./explore_certificate";
|
|
7
|
-
export * from "./crypto_utils";
|
|
8
|
-
export * from "./crypto_explore_certificate";
|
|
9
|
-
export * from "./verify_certificate_signature";
|
|
10
|
-
export * from "./explore_certificate_revocation_list";
|
|
11
|
-
export * from "./explore_certificate_signing_request";
|
|
12
|
-
export * from "./explore_private_key";
|
|
13
|
-
export * from "./public_private_match";
|
|
1
|
+
/**
|
|
2
|
+
* @module node_opcua_crypto
|
|
3
|
+
*/
|
|
4
|
+
export * from "./common";
|
|
5
|
+
export * from "./derived_keys";
|
|
6
|
+
export * from "./explore_certificate";
|
|
7
|
+
export * from "./crypto_utils";
|
|
8
|
+
export * from "./crypto_explore_certificate";
|
|
9
|
+
export * from "./verify_certificate_signature";
|
|
10
|
+
export * from "./explore_certificate_revocation_list";
|
|
11
|
+
export * from "./explore_certificate_signing_request";
|
|
12
|
+
export * from "./explore_private_key";
|
|
13
|
+
export * from "./public_private_match";
|