node-opcua-crypto 1.7.4 → 1.9.0

package/dist/source/public_private_match.d.ts

@@ -1,3 +1,3 @@
-import { Certificate } from "./common";
-import { PrivateKey } from "./common";
-export declare function publicKeyAndPrivateKeyMatches(certificate: Certificate, privateKey: PrivateKey): boolean;
+import { Certificate } from "./common";
+import { PrivateKey } from "./common";
+export declare function publicKeyAndPrivateKeyMatches(certificate: Certificate, privateKey: PrivateKey): boolean;

package/dist/source/public_private_match.js

@@ -1,17 +1,17 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.publicKeyAndPrivateKeyMatches = void 0;
-const _1 = require(".");
-const explore_private_key_1 = require("./explore_private_key");
-function publicKeyAndPrivateKeyMatches(certificate, privateKey) {
-    const i = (0, _1.exploreCertificate)(certificate);
-    const j = (0, explore_private_key_1.explorePrivateKey)(privateKey);
-    const modulus1 = i.tbsCertificate.subjectPublicKeyInfo.subjectPublicKey.modulus;
-    const modulus2 = j.modulus;
-    if (modulus1.length != modulus2.length) {
-        return false;
-    }
-    return modulus1.toString("hex") === modulus2.toString("hex");
-}
-exports.publicKeyAndPrivateKeyMatches = publicKeyAndPrivateKeyMatches;
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.publicKeyAndPrivateKeyMatches = void 0;
+const _1 = require(".");
+const explore_private_key_1 = require("./explore_private_key");
+function publicKeyAndPrivateKeyMatches(certificate, privateKey) {
+    const i = (0, _1.exploreCertificate)(certificate);
+    const j = (0, explore_private_key_1.explorePrivateKey)(privateKey);
+    const modulus1 = i.tbsCertificate.subjectPublicKeyInfo.subjectPublicKey.modulus;
+    const modulus2 = j.modulus;
+    if (modulus1.length != modulus2.length) {
+        return false;
+    }
+    return modulus1.toString("hex") === modulus2.toString("hex");
+}
+exports.publicKeyAndPrivateKeyMatches = publicKeyAndPrivateKeyMatches;
 //# sourceMappingURL=public_private_match.js.map

package/dist/source/verify_certificate_signature.d.ts

@@ -1,10 +1,10 @@
-/// <reference types="node" />
-import { Certificate } from "./common";
-export declare function verifyCertificateOrClrSignature(certificateOrCrl: Buffer, parentCertificate: Certificate): boolean;
-export declare function verifyCertificateSignature(certificate: Certificate, parentCertificate: Certificate): boolean;
-export declare function verifyCertificateRevocationListSignature(certificateRevocationList: Certificate, parentCertificate: Certificate): boolean;
-export declare type _VerifyStatus = "BadCertificateIssuerUseNotAllowed" | "BadCertificateInvalid" | "Good";
-export declare function verifyCertificateChain(certificateChain: Certificate[]): Promise<{
-    status: _VerifyStatus;
-    reason: string;
-}>;
+/// <reference types="node" />
+import { Certificate } from "./common";
+export declare function verifyCertificateOrClrSignature(certificateOrCrl: Buffer, parentCertificate: Certificate): boolean;
+export declare function verifyCertificateSignature(certificate: Certificate, parentCertificate: Certificate): boolean;
+export declare function verifyCertificateRevocationListSignature(certificateRevocationList: Certificate, parentCertificate: Certificate): boolean;
+export declare type _VerifyStatus = "BadCertificateIssuerUseNotAllowed" | "BadCertificateInvalid" | "Good";
+export declare function verifyCertificateChain(certificateChain: Certificate[]): Promise<{
+    status: _VerifyStatus;
+    reason: string;
+}>;

package/dist/source/verify_certificate_signature.js

@@ -1,102 +1,102 @@
-"use strict";
-// tslint:disable: no-console
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.verifyCertificateChain = exports.verifyCertificateRevocationListSignature = exports.verifyCertificateSignature = exports.verifyCertificateOrClrSignature = void 0;
-// Now that we got a hash of the original certificate,
-// we need to verify if we can obtain the same hash by using the same hashing function
-// (in this case SHA-384). In order to do that, we need to extract just the body of
-// the signed certificate. Which, in our case, is everything but the signature.
-// The start of the body is always the first digit of the second line of the following command:
-const crypto = require("crypto");
-const crypto_explore_certificate_1 = require("./crypto_explore_certificate");
-const crypto_utils_1 = require("./crypto_utils");
-const asn1_1 = require("./asn1");
-function verifyCertificateOrClrSignature(certificateOrCrl, parentCertificate) {
-    const block_info = (0, asn1_1.readTag)(certificateOrCrl, 0);
-    const blocks = (0, asn1_1._readStruct)(certificateOrCrl, block_info);
-    const bufferToBeSigned = certificateOrCrl.slice(block_info.position, blocks[1].position - 2);
-    //xx console.log("bufferToBeSigned  = ", bufferToBeSigned.length, bufferToBeSigned.toString("hex").substr(0, 50), bufferToBeSigned.toString("hex").substr(-10));
-    const signatureAlgorithm = (0, asn1_1._readAlgorithmIdentifier)(certificateOrCrl, blocks[1]);
-    const signatureValue = (0, asn1_1._readSignatureValueBin)(certificateOrCrl, blocks[2]);
-    const p = (0, crypto_explore_certificate_1.split_der)(parentCertificate)[0];
-    //xx    const publicKey = extractPublicKeyFromCertificateSync(p);
-    const certPem = (0, crypto_utils_1.toPem)(p, "CERTIFICATE");
-    const verify = crypto.createVerify(signatureAlgorithm.identifier);
-    verify.update(bufferToBeSigned);
-    verify.end();
-    return verify.verify(certPem, signatureValue);
-}
-exports.verifyCertificateOrClrSignature = verifyCertificateOrClrSignature;
-function verifyCertificateSignature(certificate, parentCertificate) {
-    return verifyCertificateOrClrSignature(certificate, parentCertificate);
-}
-exports.verifyCertificateSignature = verifyCertificateSignature;
-function verifyCertificateRevocationListSignature(certificateRevocationList, parentCertificate) {
-    return verifyCertificateOrClrSignature(certificateRevocationList, parentCertificate);
-}
-exports.verifyCertificateRevocationListSignature = verifyCertificateRevocationListSignature;
-function verifyCertificateChain(certificateChain) {
-    return __awaiter(this, void 0, void 0, function* () {
-        // verify that all the certificate
-        // second certificate must be used for CertificateSign
-        for (let index = 1; index < certificateChain.length; index++) {
-            const cert = certificateChain[index - 1];
-            const certParent = certificateChain[index];
-            // parent child must have keyCertSign
-            const certParentInfo = (0, crypto_explore_certificate_1.exploreCertificate)(certParent);
-            const keyUsage = certParentInfo.tbsCertificate.extensions.keyUsage;
-            // istanbul ignore next
-            if (!keyUsage.keyCertSign) {
-                return {
-                    status: "BadCertificateIssuerUseNotAllowed",
-                    reason: "One of the certificate in the chain has not keyUsage set for Certificate Signing",
-                };
-            }
-            const parentSignChild = verifyCertificateSignature(cert, certParent);
-            if (!parentSignChild) {
-                return {
-                    status: "BadCertificateInvalid",
-                    reason: "One of the certificate in the chain is not signing the previous certificate",
-                };
-            }
-            const certInfo = (0, crypto_explore_certificate_1.exploreCertificate)(cert);
-            // istanbul ignore next
-            if (!certInfo.tbsCertificate.extensions) {
-                return {
-                    status: "BadCertificateInvalid",
-                    reason: "Cannot find X409 Extension 3 in certificate",
-                };
-            }
-            // istanbul ignore next
-            if (!certParentInfo.tbsCertificate.extensions || !certInfo.tbsCertificate.extensions.authorityKeyIdentifier) {
-                return {
-                    status: "BadCertificateInvalid",
-                    reason: "Cannot find X409 Extension 3 in certificate (parent)",
-                };
-            }
-            // istanbul ignore next
-            if (certParentInfo.tbsCertificate.extensions.subjectKeyIdentifier !==
-                certInfo.tbsCertificate.extensions.authorityKeyIdentifier.keyIdentifier) {
-                return {
-                    status: "BadCertificateInvalid",
-                    reason: "subjectKeyIdentifier authorityKeyIdentifier in child certificate do not match subjectKeyIdentifier of parent certificate",
-                };
-            }
-        }
-        return {
-            status: "Good",
-            reason: `certificate chain is valid(length = ${certificateChain.length})`,
-        };
-    });
-}
-exports.verifyCertificateChain = verifyCertificateChain;
+"use strict";
+// tslint:disable: no-console
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.verifyCertificateChain = exports.verifyCertificateRevocationListSignature = exports.verifyCertificateSignature = exports.verifyCertificateOrClrSignature = void 0;
+// Now that we got a hash of the original certificate,
+// we need to verify if we can obtain the same hash by using the same hashing function
+// (in this case SHA-384). In order to do that, we need to extract just the body of
+// the signed certificate. Which, in our case, is everything but the signature.
+// The start of the body is always the first digit of the second line of the following command:
+const crypto = require("crypto");
+const crypto_explore_certificate_1 = require("./crypto_explore_certificate");
+const crypto_utils_1 = require("./crypto_utils");
+const asn1_1 = require("./asn1");
+function verifyCertificateOrClrSignature(certificateOrCrl, parentCertificate) {
+    const block_info = (0, asn1_1.readTag)(certificateOrCrl, 0);
+    const blocks = (0, asn1_1._readStruct)(certificateOrCrl, block_info);
+    const bufferToBeSigned = certificateOrCrl.slice(block_info.position, blocks[1].position - 2);
+    //xx console.log("bufferToBeSigned  = ", bufferToBeSigned.length, bufferToBeSigned.toString("hex").substr(0, 50), bufferToBeSigned.toString("hex").substr(-10));
+    const signatureAlgorithm = (0, asn1_1._readAlgorithmIdentifier)(certificateOrCrl, blocks[1]);
+    const signatureValue = (0, asn1_1._readSignatureValueBin)(certificateOrCrl, blocks[2]);
+    const p = (0, crypto_explore_certificate_1.split_der)(parentCertificate)[0];
+    //xx    const publicKey = extractPublicKeyFromCertificateSync(p);
+    const certPem = (0, crypto_utils_1.toPem)(p, "CERTIFICATE");
+    const verify = crypto.createVerify(signatureAlgorithm.identifier);
+    verify.update(bufferToBeSigned);
+    verify.end();
+    return verify.verify(certPem, signatureValue);
+}
+exports.verifyCertificateOrClrSignature = verifyCertificateOrClrSignature;
+function verifyCertificateSignature(certificate, parentCertificate) {
+    return verifyCertificateOrClrSignature(certificate, parentCertificate);
+}
+exports.verifyCertificateSignature = verifyCertificateSignature;
+function verifyCertificateRevocationListSignature(certificateRevocationList, parentCertificate) {
+    return verifyCertificateOrClrSignature(certificateRevocationList, parentCertificate);
+}
+exports.verifyCertificateRevocationListSignature = verifyCertificateRevocationListSignature;
+function verifyCertificateChain(certificateChain) {
+    return __awaiter(this, void 0, void 0, function* () {
+        // verify that all the certificate
+        // second certificate must be used for CertificateSign
+        for (let index = 1; index < certificateChain.length; index++) {
+            const cert = certificateChain[index - 1];
+            const certParent = certificateChain[index];
+            // parent child must have keyCertSign
+            const certParentInfo = (0, crypto_explore_certificate_1.exploreCertificate)(certParent);
+            const keyUsage = certParentInfo.tbsCertificate.extensions.keyUsage;
+            // istanbul ignore next
+            if (!keyUsage.keyCertSign) {
+                return {
+                    status: "BadCertificateIssuerUseNotAllowed",
+                    reason: "One of the certificate in the chain has not keyUsage set for Certificate Signing",
+                };
+            }
+            const parentSignChild = verifyCertificateSignature(cert, certParent);
+            if (!parentSignChild) {
+                return {
+                    status: "BadCertificateInvalid",
+                    reason: "One of the certificate in the chain is not signing the previous certificate",
+                };
+            }
+            const certInfo = (0, crypto_explore_certificate_1.exploreCertificate)(cert);
+            // istanbul ignore next
+            if (!certInfo.tbsCertificate.extensions) {
+                return {
+                    status: "BadCertificateInvalid",
+                    reason: "Cannot find X409 Extension 3 in certificate",
+                };
+            }
+            // istanbul ignore next
+            if (!certParentInfo.tbsCertificate.extensions || !certInfo.tbsCertificate.extensions.authorityKeyIdentifier) {
+                return {
+                    status: "BadCertificateInvalid",
+                    reason: "Cannot find X409 Extension 3 in certificate (parent)",
+                };
+            }
+            // istanbul ignore next
+            if (certParentInfo.tbsCertificate.extensions.subjectKeyIdentifier !==
+                certInfo.tbsCertificate.extensions.authorityKeyIdentifier.keyIdentifier) {
+                return {
+                    status: "BadCertificateInvalid",
+                    reason: "subjectKeyIdentifier authorityKeyIdentifier in child certificate do not match subjectKeyIdentifier of parent certificate",
+                };
+            }
+        }
+        return {
+            status: "Good",
+            reason: `certificate chain is valid(length = ${certificateChain.length})`,
+        };
+    });
+}
+exports.verifyCertificateChain = verifyCertificateChain;
 //# sourceMappingURL=verify_certificate_signature.js.map

package/dist/source_nodejs/index.d.ts

@@ -1,3 +1,3 @@
-export * from "./read";
-export * from "./read_certificate_revocation_list";
-export * from "./read_certificate_signing_request";
+export * from "./read";
+export * from "./read_certificate_revocation_list";
+export * from "./read_certificate_signing_request";

package/dist/source_nodejs/index.js

@@ -1,16 +1,16 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __exportStar = (this && this.__exportStar) || function(m, exports) {
-    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-__exportStar(require("./read"), exports);
-__exportStar(require("./read_certificate_revocation_list"), exports);
-__exportStar(require("./read_certificate_signing_request"), exports);
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./read"), exports);
+__exportStar(require("./read_certificate_revocation_list"), exports);
+__exportStar(require("./read_certificate_signing_request"), exports);
 //# sourceMappingURL=index.js.map

package/dist/source_nodejs/read.d.ts

@@ -1,29 +1,29 @@
-import { Certificate, CertificatePEM, PrivateKey, PrivateKeyPEM, PublicKey, PublicKeyPEM } from "../source/common";
-/**
- * @method readKeyPem
- * @param filename
- */
-export declare function readKeyPem(filename: string): string;
-/**
- * read a DER or PEM certificate from file
- */
-export declare function readCertificate(filename: string): Certificate;
-/**
- * read a DER or PEM certificate from file
- */
-export declare function readPublicKey(filename: string): PublicKey;
-/**
- * read a DER or PEM certificate from file
- */
-export declare function readPrivateKey(filename: string): PrivateKey;
-export declare function readCertificatePEM(filename: string): CertificatePEM;
-export declare function readPublicKeyPEM(filename: string): PublicKeyPEM;
-export declare function readPrivateKeyPEM(filename: string): PrivateKeyPEM;
-export declare function setCertificateStore(store: string): string;
-export declare function read_sshkey_as_pem(filename: string): PublicKeyPEM;
-/**
- *
- * @param filename
- */
-export declare function readPrivateRsaKey(filename: string): PrivateKeyPEM;
-export declare function readPublicRsaKey(filename: string): PublicKeyPEM;
+import { Certificate, CertificatePEM, PrivateKey, PrivateKeyPEM, PublicKey, PublicKeyPEM } from "../source/common";
+/**
+ * @method readKeyPem
+ * @param filename
+ */
+export declare function readKeyPem(filename: string): string;
+/**
+ * read a DER or PEM certificate from file
+ */
+export declare function readCertificate(filename: string): Certificate;
+/**
+ * read a DER or PEM certificate from file
+ */
+export declare function readPublicKey(filename: string): PublicKey;
+/**
+ * read a DER or PEM certificate from file
+ */
+export declare function readPrivateKey(filename: string): PrivateKey;
+export declare function readCertificatePEM(filename: string): CertificatePEM;
+export declare function readPublicKeyPEM(filename: string): PublicKeyPEM;
+export declare function readPrivateKeyPEM(filename: string): PrivateKeyPEM;
+export declare function setCertificateStore(store: string): string;
+export declare function read_sshkey_as_pem(filename: string): PublicKeyPEM;
+/**
+ *
+ * @param filename
+ */
+export declare function readPrivateRsaKey(filename: string): PrivateKeyPEM;
+export declare function readPublicRsaKey(filename: string): PublicKeyPEM;

package/dist/source_nodejs/read.js

@@ -1,95 +1,95 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.readPublicRsaKey = exports.readPrivateRsaKey = exports.read_sshkey_as_pem = exports.setCertificateStore = exports.readPrivateKeyPEM = exports.readPublicKeyPEM = exports.readCertificatePEM = exports.readPrivateKey = exports.readPublicKey = exports.readCertificate = exports.readKeyPem = void 0;
-const assert = require("assert");
-const fs = require("fs");
-const path = require("path");
-const crypto_utils_1 = require("../source/crypto_utils");
-const sshpk = require("sshpk");
-/**
- * @method readKeyPem
- * @param filename
- */
-function readKeyPem(filename) {
-    const raw_key = fs.readFileSync(filename, "utf8");
-    const pemType = (0, crypto_utils_1.identifyPemType)(raw_key);
-    assert(typeof pemType === "string"); // must have a valid pem type
-    return raw_key;
-}
-exports.readKeyPem = readKeyPem;
-function _readPemFile(filename) {
-    assert(typeof filename === "string");
-    return fs.readFileSync(filename, "ascii");
-}
-function _readPemOrDerFileAsDER(filename) {
-    if (filename.match(/.*\.der/)) {
-        return fs.readFileSync(filename);
-    }
-    const raw_key = _readPemFile(filename);
-    return (0, crypto_utils_1.convertPEMtoDER)(raw_key);
-}
-/**
- * read a DER or PEM certificate from file
- */
-function readCertificate(filename) {
-    return _readPemOrDerFileAsDER(filename);
-}
-exports.readCertificate = readCertificate;
-/**
- * read a DER or PEM certificate from file
- */
-function readPublicKey(filename) {
-    return _readPemOrDerFileAsDER(filename);
-}
-exports.readPublicKey = readPublicKey;
-/**
- * read a DER or PEM certificate from file
- */
-function readPrivateKey(filename) {
-    return _readPemOrDerFileAsDER(filename);
-}
-exports.readPrivateKey = readPrivateKey;
-function readCertificatePEM(filename) {
-    return _readPemFile(filename);
-}
-exports.readCertificatePEM = readCertificatePEM;
-function readPublicKeyPEM(filename) {
-    return _readPemFile(filename);
-}
-exports.readPublicKeyPEM = readPublicKeyPEM;
-function readPrivateKeyPEM(filename) {
-    return _readPemFile(filename);
-}
-exports.readPrivateKeyPEM = readPrivateKeyPEM;
-let __certificate_store = path.join(__dirname, "../../certificates/");
-function setCertificateStore(store) {
-    const old_store = __certificate_store;
-    __certificate_store = store;
-    return old_store;
-}
-exports.setCertificateStore = setCertificateStore;
-function read_sshkey_as_pem(filename) {
-    if (filename.substr(0, 1) !== ".") {
-        filename = __certificate_store + filename;
-    }
-    const key = fs.readFileSync(filename, "ascii");
-    const sshKey = sshpk.parseKey(key, "ssh");
-    return sshKey.toString("pkcs8");
-}
-exports.read_sshkey_as_pem = read_sshkey_as_pem;
-/**
- *
- * @param filename
- */
-function readPrivateRsaKey(filename) {
-    if (filename.substr(0, 1) !== "." && !fs.existsSync(filename)) {
-        filename = __certificate_store + filename;
-    }
-    return fs.readFileSync(filename, "ascii");
-}
-exports.readPrivateRsaKey = readPrivateRsaKey;
-function readPublicRsaKey(filename) {
-    return readPrivateRsaKey(filename);
-}
-exports.readPublicRsaKey = readPublicRsaKey;
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.readPublicRsaKey = exports.readPrivateRsaKey = exports.read_sshkey_as_pem = exports.setCertificateStore = exports.readPrivateKeyPEM = exports.readPublicKeyPEM = exports.readCertificatePEM = exports.readPrivateKey = exports.readPublicKey = exports.readCertificate = exports.readKeyPem = void 0;
+const assert = require("assert");
+const fs = require("fs");
+const path = require("path");
+const crypto_utils_1 = require("../source/crypto_utils");
+const sshpk = require("sshpk");
+/**
+ * @method readKeyPem
+ * @param filename
+ */
+function readKeyPem(filename) {
+    const raw_key = fs.readFileSync(filename, "utf8");
+    const pemType = (0, crypto_utils_1.identifyPemType)(raw_key);
+    assert(typeof pemType === "string"); // must have a valid pem type
+    return raw_key;
+}
+exports.readKeyPem = readKeyPem;
+function _readPemFile(filename) {
+    assert(typeof filename === "string");
+    return fs.readFileSync(filename, "ascii");
+}
+function _readPemOrDerFileAsDER(filename) {
+    if (filename.match(/.*\.der/)) {
+        return fs.readFileSync(filename);
+    }
+    const raw_key = _readPemFile(filename);
+    return (0, crypto_utils_1.convertPEMtoDER)(raw_key);
+}
+/**
+ * read a DER or PEM certificate from file
+ */
+function readCertificate(filename) {
+    return _readPemOrDerFileAsDER(filename);
+}
+exports.readCertificate = readCertificate;
+/**
+ * read a DER or PEM certificate from file
+ */
+function readPublicKey(filename) {
+    return _readPemOrDerFileAsDER(filename);
+}
+exports.readPublicKey = readPublicKey;
+/**
+ * read a DER or PEM certificate from file
+ */
+function readPrivateKey(filename) {
+    return _readPemOrDerFileAsDER(filename);
+}
+exports.readPrivateKey = readPrivateKey;
+function readCertificatePEM(filename) {
+    return _readPemFile(filename);
+}
+exports.readCertificatePEM = readCertificatePEM;
+function readPublicKeyPEM(filename) {
+    return _readPemFile(filename);
+}
+exports.readPublicKeyPEM = readPublicKeyPEM;
+function readPrivateKeyPEM(filename) {
+    return _readPemFile(filename);
+}
+exports.readPrivateKeyPEM = readPrivateKeyPEM;
+let __certificate_store = path.join(__dirname, "../../certificates/");
+function setCertificateStore(store) {
+    const old_store = __certificate_store;
+    __certificate_store = store;
+    return old_store;
+}
+exports.setCertificateStore = setCertificateStore;
+function read_sshkey_as_pem(filename) {
+    if (filename.substr(0, 1) !== ".") {
+        filename = __certificate_store + filename;
+    }
+    const key = fs.readFileSync(filename, "ascii");
+    const sshKey = sshpk.parseKey(key, "ssh");
+    return sshKey.toString("pkcs8");
+}
+exports.read_sshkey_as_pem = read_sshkey_as_pem;
+/**
+ *
+ * @param filename
+ */
+function readPrivateRsaKey(filename) {
+    if (filename.substr(0, 1) !== "." && !fs.existsSync(filename)) {
+        filename = __certificate_store + filename;
+    }
+    return fs.readFileSync(filename, "ascii");
+}
+exports.readPrivateRsaKey = readPrivateRsaKey;
+function readPublicRsaKey(filename) {
+    return readPrivateRsaKey(filename);
+}
+exports.readPublicRsaKey = readPublicRsaKey;
 //# sourceMappingURL=read.js.map

package/dist/source_nodejs/read_certificate_revocation_list.d.ts

@@ -1,2 +1,2 @@
-import { CertificateRevocationList } from "../source/common";
-export declare function readCertificateRevocationList(filename: string): Promise<CertificateRevocationList>;
+import { CertificateRevocationList } from "../source/common";
+export declare function readCertificateRevocationList(filename: string): Promise<CertificateRevocationList>;

package/dist/source_nodejs/read_certificate_revocation_list.js

@@ -1,28 +1,28 @@
-"use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.readCertificateRevocationList = void 0;
-const fs = require("fs");
-const util_1 = require("util");
-const crypto_utils_1 = require("../source/crypto_utils");
-function readCertificateRevocationList(filename) {
-    return __awaiter(this, void 0, void 0, function* () {
-        const crl = yield (0, util_1.promisify)(fs.readFile)(filename);
-        if (crl[0] === 0x30 && crl[1] === 0x82) {
-            // der format
-            return crl;
-        }
-        const raw_crl = crl.toString();
-        return (0, crypto_utils_1.convertPEMtoDER)(raw_crl);
-    });
-}
-exports.readCertificateRevocationList = readCertificateRevocationList;
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.readCertificateRevocationList = void 0;
+const fs = require("fs");
+const util_1 = require("util");
+const crypto_utils_1 = require("../source/crypto_utils");
+function readCertificateRevocationList(filename) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const crl = yield (0, util_1.promisify)(fs.readFile)(filename);
+        if (crl[0] === 0x30 && crl[1] === 0x82) {
+            // der format
+            return crl;
+        }
+        const raw_crl = crl.toString();
+        return (0, crypto_utils_1.convertPEMtoDER)(raw_crl);
+    });
+}
+exports.readCertificateRevocationList = readCertificateRevocationList;
 //# sourceMappingURL=read_certificate_revocation_list.js.map

package/dist/source_nodejs/read_certificate_signing_request.d.ts

@@ -1,3 +1,3 @@
-/// <reference types="node" />
-export declare type CertificateSigningRequest = Buffer;
-export declare function readCertificateSigningRequest(filename: string): Promise<CertificateSigningRequest>;
+/// <reference types="node" />
+export declare type CertificateSigningRequest = Buffer;
+export declare function readCertificateSigningRequest(filename: string): Promise<CertificateSigningRequest>;