node-opcua-crypto 2.2.0 → 3.0.0-beta.1

package/dist/source/public_private_match.js

@@ -1,37 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.certificateMatchesPrivateKey = exports.publicKeyAndPrivateKeyMatches = void 0;
-const explore_private_key_1 = require("./explore_private_key");
-const crypto_utils_1 = require("./crypto_utils");
-const crypto_explore_certificate_1 = require("./crypto_explore_certificate");
-function publicKeyAndPrivateKeyMatches(certificate, privateKey) {
-    const i = (0, crypto_explore_certificate_1.exploreCertificate)(certificate);
-    const j = (0, explore_private_key_1.explorePrivateKey)(privateKey);
-    const modulus1 = i.tbsCertificate.subjectPublicKeyInfo.subjectPublicKey.modulus;
-    const modulus2 = j.modulus;
-    if (modulus1.length != modulus2.length) {
-        return false;
-    }
-    return modulus1.toString("hex") === modulus2.toString("hex");
-}
-exports.publicKeyAndPrivateKeyMatches = publicKeyAndPrivateKeyMatches;
-/**
- * check that the given certificate matches the given private key
- * @param certificate
- * @param privateKey
- */
-function certificateMatchesPrivateKeyPEM(certificate, privateKey, blockSize) {
-    const initialBuffer = Buffer.from("Lorem Ipsum");
-    const encryptedBuffer = (0, crypto_utils_1.publicEncrypt_long)(initialBuffer, certificate, blockSize, 11);
-    const decryptedBuffer = (0, crypto_utils_1.privateDecrypt_long)(encryptedBuffer, privateKey, blockSize);
-    const finalString = decryptedBuffer.toString("utf-8");
-    return initialBuffer.toString("utf-8") === finalString;
-}
-function certificateMatchesPrivateKey(certificate, privateKey) {
-    const e = (0, explore_private_key_1.explorePrivateKey)(privateKey);
-    const blockSize = e.modulus.length;
-    const certificatePEM = (0, crypto_utils_1.toPem)(certificate, "CERTIFICATE");
-    return certificateMatchesPrivateKeyPEM(certificatePEM, privateKey, blockSize);
-}
-exports.certificateMatchesPrivateKey = certificateMatchesPrivateKey;
-//# sourceMappingURL=public_private_match.js.map

package/dist/source/public_private_match.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"public_private_match.js","sourceRoot":"","sources":["../../source/public_private_match.ts"],"names":[],"mappings":";;;AAAA,+DAA0D;AAE1D,iDAAgF;AAChF,6EAAkE;AAElE,SAAgB,6BAA6B,CAAC,WAAwB,EAAE,UAAsB;IAC1F,MAAM,CAAC,GAAG,IAAA,+CAAkB,EAAC,WAAW,CAAC,CAAC;IAC1C,MAAM,CAAC,GAAG,IAAA,uCAAiB,EAAC,UAAU,CAAC,CAAC;IAExC,MAAM,QAAQ,GAAG,CAAC,CAAC,cAAc,CAAC,oBAAoB,CAAC,gBAAgB,CAAC,OAAO,CAAC;IAChF,MAAM,QAAQ,GAAG,CAAC,CAAC,OAAO,CAAC;IAE3B,IAAI,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,MAAM,EAAE;QACpC,OAAO,KAAK,CAAC;KAChB;IACD,OAAO,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC,KAAK,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AACjE,CAAC;AAXD,sEAWC;AAED;;;;GAIG;AACH,SAAS,+BAA+B,CAAC,WAA2B,EAAE,UAAsB,EAAE,SAAiB;IAC3G,MAAM,aAAa,GAAG,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IACjD,MAAM,eAAe,GAAG,IAAA,iCAAkB,EAAC,aAAa,EAAE,WAAW,EAAE,SAAS,EAAE,EAAE,CAAC,CAAC;IACtF,MAAM,eAAe,GAAG,IAAA,kCAAmB,EAAC,eAAe,EAAE,UAAU,EAAE,SAAS,CAAC,CAAC;IACpF,MAAM,WAAW,GAAG,eAAe,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IACtD,OAAO,aAAa,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,WAAW,CAAC;AAC3D,CAAC;AAED,SAAgB,4BAA4B,CAAC,WAAwB,EAAE,UAAsB;IACzF,MAAM,CAAC,GAAG,IAAA,uCAAiB,EAAC,UAAU,CAAC,CAAC;IACxC,MAAM,SAAS,GAAG,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC;IACnC,MAAM,cAAc,GAAG,IAAA,oBAAK,EAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IACzD,OAAO,+BAA+B,CAAC,cAAc,EAAE,UAAU,EAAE,SAAS,CAAC,CAAC;AAClF,CAAC;AALD,oEAKC"}

package/dist/source/verify_certificate_signature.js

@@ -1,102 +0,0 @@
-"use strict";
-// tslint:disable: no-console
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.verifyCertificateChain = exports.verifyCertificateRevocationListSignature = exports.verifyCertificateSignature = exports.verifyCertificateOrClrSignature = void 0;
-// Now that we got a hash of the original certificate,
-// we need to verify if we can obtain the same hash by using the same hashing function
-// (in this case SHA-384). In order to do that, we need to extract just the body of
-// the signed certificate. Which, in our case, is everything but the signature.
-// The start of the body is always the first digit of the second line of the following command:
-const crypto = require("crypto");
-const crypto_explore_certificate_1 = require("./crypto_explore_certificate");
-const crypto_utils_1 = require("./crypto_utils");
-const asn1_1 = require("./asn1");
-function verifyCertificateOrClrSignature(certificateOrCrl, parentCertificate) {
-    const block_info = (0, asn1_1.readTag)(certificateOrCrl, 0);
-    const blocks = (0, asn1_1._readStruct)(certificateOrCrl, block_info);
-    const bufferToBeSigned = certificateOrCrl.slice(block_info.position, blocks[1].position - 2);
-    //xx console.log("bufferToBeSigned  = ", bufferToBeSigned.length, bufferToBeSigned.toString("hex").substr(0, 50), bufferToBeSigned.toString("hex").substr(-10));
-    const signatureAlgorithm = (0, asn1_1._readAlgorithmIdentifier)(certificateOrCrl, blocks[1]);
-    const signatureValue = (0, asn1_1._readSignatureValueBin)(certificateOrCrl, blocks[2]);
-    const p = (0, crypto_explore_certificate_1.split_der)(parentCertificate)[0];
-    //xx    const publicKey = extractPublicKeyFromCertificateSync(p);
-    const certPem = (0, crypto_utils_1.toPem)(p, "CERTIFICATE");
-    const verify = crypto.createVerify(signatureAlgorithm.identifier);
-    verify.update(bufferToBeSigned);
-    verify.end();
-    return verify.verify(certPem, signatureValue);
-}
-exports.verifyCertificateOrClrSignature = verifyCertificateOrClrSignature;
-function verifyCertificateSignature(certificate, parentCertificate) {
-    return verifyCertificateOrClrSignature(certificate, parentCertificate);
-}
-exports.verifyCertificateSignature = verifyCertificateSignature;
-function verifyCertificateRevocationListSignature(certificateRevocationList, parentCertificate) {
-    return verifyCertificateOrClrSignature(certificateRevocationList, parentCertificate);
-}
-exports.verifyCertificateRevocationListSignature = verifyCertificateRevocationListSignature;
-function verifyCertificateChain(certificateChain) {
-    return __awaiter(this, void 0, void 0, function* () {
-        // verify that all the certificate
-        // second certificate must be used for CertificateSign
-        for (let index = 1; index < certificateChain.length; index++) {
-            const cert = certificateChain[index - 1];
-            const certParent = certificateChain[index];
-            // parent child must have keyCertSign
-            const certParentInfo = (0, crypto_explore_certificate_1.exploreCertificate)(certParent);
-            const keyUsage = certParentInfo.tbsCertificate.extensions.keyUsage;
-            // istanbul ignore next
-            if (!keyUsage.keyCertSign) {
-                return {
-                    status: "BadCertificateIssuerUseNotAllowed",
-                    reason: "One of the certificate in the chain has not keyUsage set for Certificate Signing",
-                };
-            }
-            const parentSignChild = verifyCertificateSignature(cert, certParent);
-            if (!parentSignChild) {
-                return {
-                    status: "BadCertificateInvalid",
-                    reason: "One of the certificate in the chain is not signing the previous certificate",
-                };
-            }
-            const certInfo = (0, crypto_explore_certificate_1.exploreCertificate)(cert);
-            // istanbul ignore next
-            if (!certInfo.tbsCertificate.extensions) {
-                return {
-                    status: "BadCertificateInvalid",
-                    reason: "Cannot find X409 Extension 3 in certificate",
-                };
-            }
-            // istanbul ignore next
-            if (!certParentInfo.tbsCertificate.extensions || !certInfo.tbsCertificate.extensions.authorityKeyIdentifier) {
-                return {
-                    status: "BadCertificateInvalid",
-                    reason: "Cannot find X409 Extension 3 in certificate (parent)",
-                };
-            }
-            // istanbul ignore next
-            if (certParentInfo.tbsCertificate.extensions.subjectKeyIdentifier !==
-                certInfo.tbsCertificate.extensions.authorityKeyIdentifier.keyIdentifier) {
-                return {
-                    status: "BadCertificateInvalid",
-                    reason: "subjectKeyIdentifier authorityKeyIdentifier in child certificate do not match subjectKeyIdentifier of parent certificate",
-                };
-            }
-        }
-        return {
-            status: "Good",
-            reason: `certificate chain is valid(length = ${certificateChain.length})`,
-        };
-    });
-}
-exports.verifyCertificateChain = verifyCertificateChain;
-//# sourceMappingURL=verify_certificate_signature.js.map

package/dist/source/verify_certificate_signature.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"verify_certificate_signature.js","sourceRoot":"","sources":["../../source/verify_certificate_signature.ts"],"names":[],"mappings":";AAAA,6BAA6B;;;;;;;;;;;;AAE7B,sDAAsD;AACtD,sFAAsF;AACtF,mFAAmF;AACnF,+EAA+E;AAC/E,+FAA+F;AAC/F,iCAAiC;AAGjC,6EAA6E;AAC7E,iDAAuC;AACvC,iCAAoH;AAEpH,SAAgB,+BAA+B,CAAC,gBAAwB,EAAE,iBAA8B;IACpG,MAAM,UAAU,GAAG,IAAA,cAAO,EAAC,gBAAgB,EAAE,CAAC,CAAC,CAAC;IAChD,MAAM,MAAM,GAAG,IAAA,kBAAW,EAAC,gBAAgB,EAAE,UAAU,CAAC,CAAC;IACzD,MAAM,gBAAgB,GAAG,gBAAgB,CAAC,KAAK,CAAC,UAAU,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,QAAQ,GAAG,CAAC,CAAC,CAAC;IAE7F,gKAAgK;IAChK,MAAM,kBAAkB,GAAG,IAAA,+BAAwB,EAAC,gBAAgB,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;IACjF,MAAM,cAAc,GAAG,IAAA,6BAAsB,EAAC,gBAAgB,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;IAE3E,MAAM,CAAC,GAAG,IAAA,sCAAS,EAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC,CAAC;IAC1C,iEAAiE;IACjE,MAAM,OAAO,GAAG,IAAA,oBAAK,EAAC,CAAC,EAAE,aAAa,CAAC,CAAC;IACxC,MAAM,MAAM,GAAG,MAAM,CAAC,YAAY,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAC;IAClE,MAAM,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;IAChC,MAAM,CAAC,GAAG,EAAE,CAAC;IACb,OAAO,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;AAClD,CAAC;AAhBD,0EAgBC;AAED,SAAgB,0BAA0B,CAAC,WAAwB,EAAE,iBAA8B;IAC/F,OAAO,+BAA+B,CAAC,WAAW,EAAE,iBAAiB,CAAC,CAAC;AAC3E,CAAC;AAFD,gEAEC;AACD,SAAgB,wCAAwC,CACpD,yBAAsC,EACtC,iBAA8B;IAE9B,OAAO,+BAA+B,CAAC,yBAAyB,EAAE,iBAAiB,CAAC,CAAC;AACzF,CAAC;AALD,4FAKC;AAGD,SAAsB,sBAAsB,CAAC,gBAA+B;;QACxE,kCAAkC;QAClC,sDAAsD;QAEtD,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,KAAK,GAAG,gBAAgB,CAAC,MAAM,EAAE,KAAK,EAAE,EAAE;YAC1D,MAAM,IAAI,GAAG,gBAAgB,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;YACzC,MAAM,UAAU,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;YAE3C,qCAAqC;YACrC,MAAM,cAAc,GAAG,IAAA,+CAAkB,EAAC,UAAU,CAAC,CAAC;YACtD,MAAM,QAAQ,GAAG,cAAc,CAAC,cAAc,CAAC,UAAW,CAAC,QAAS,CAAC;YAErE,uBAAuB;YACvB,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE;gBACvB,OAAO;oBACH,MAAM,EAAE,mCAAmC;oBAC3C,MAAM,EAAE,kFAAkF;iBAC7F,CAAC;aACL;YAED,MAAM,eAAe,GAAG,0BAA0B,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;YACrE,IAAI,CAAC,eAAe,EAAE;gBAClB,OAAO;oBACH,MAAM,EAAE,uBAAuB;oBAC/B,MAAM,EAAE,6EAA6E;iBACxF,CAAC;aACL;YACD,MAAM,QAAQ,GAAG,IAAA,+CAAkB,EAAC,IAAI,CAAC,CAAC;YAE1C,uBAAuB;YACvB,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,UAAU,EAAE;gBACrC,OAAO;oBACH,MAAM,EAAE,uBAAuB;oBAC/B,MAAM,EAAE,6CAA6C;iBACxD,CAAC;aACL;YAED,uBAAuB;YACvB,IAAI,CAAC,cAAc,CAAC,cAAc,CAAC,UAAU,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,UAAU,CAAC,sBAAsB,EAAE;gBACzG,OAAO;oBACH,MAAM,EAAE,uBAAuB;oBAC/B,MAAM,EAAE,sDAAsD;iBACjE,CAAC;aACL;YAED,uBAAuB;YACvB,IACI,cAAc,CAAC,cAAc,CAAC,UAAU,CAAC,oBAAoB;gBAC7D,QAAQ,CAAC,cAAc,CAAC,UAAU,CAAC,sBAAsB,CAAC,aAAa,EACzE;gBACE,OAAO;oBACH,MAAM,EAAE,uBAAuB;oBAC/B,MAAM,EACF,0HAA0H;iBACjI,CAAC;aACL;SACJ;QACD,OAAO;YACH,MAAM,EAAE,MAAM;YACd,MAAM,EAAE,uCAAuC,gBAAgB,CAAC,MAAM,GAAG;SAC5E,CAAC;IACN,CAAC;CAAA;AA7DD,wDA6DC"}

package/dist/source_nodejs/index.d.ts

@@ -1,3 +0,0 @@
-export * from "./read";
-export * from "./read_certificate_revocation_list";
-export * from "./read_certificate_signing_request";

package/dist/source_nodejs/read.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"read.js","sourceRoot":"","sources":["../../source_nodejs/read.ts"],"names":[],"mappings":";;;AAAA,iCAAiC;AACjC,yBAAyB;AACzB,6BAA6B;AAC7B,mCAA2D;AAE3D,yDAA0E;AAE1E,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;AAE/B,SAAS,YAAY,CAAC,QAAgB;IAClC,MAAM,CAAC,OAAO,QAAQ,KAAK,QAAQ,CAAC,CAAC;IACrC,OAAO,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;AAC9C,CAAC;AAED,SAAS,sBAAsB,CAAC,QAAgB;IAC5C,IAAI,QAAQ,CAAC,KAAK,CAAC,SAAS,CAAC,EAAE;QAC3B,OAAO,EAAE,CAAC,YAAY,CAAC,QAAQ,CAAW,CAAC;KAC9C;IACD,MAAM,OAAO,GAAW,YAAY,CAAC,QAAQ,CAAC,CAAC;IAC/C,OAAO,IAAA,8BAAe,EAAC,OAAO,CAAC,CAAC;AACpC,CAAC;AAED;;GAEG;AACH,SAAgB,eAAe,CAAC,QAAgB;IAC5C,OAAO,sBAAsB,CAAC,QAAQ,CAAgB,CAAC;AAC3D,CAAC;AAFD,0CAEC;AAED;;GAEG;AACH,SAAgB,aAAa,CAAC,QAAgB;IAC1C,IAAI,QAAQ,CAAC,KAAK,CAAC,SAAS,CAAC,EAAE;QAC3B,MAAM,GAAG,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,CAAW,CAAC;QAChD,OAAO,IAAA,wBAAe,EAAC,GAAG,CAAC,CAAC;KAC/B;SAAM;QACH,MAAM,OAAO,GAAW,YAAY,CAAC,QAAQ,CAAC,CAAC;QAC/C,OAAO,IAAA,wBAAe,EAAC,OAAO,CAAC,CAAC;KACnC;AACL,CAAC;AARD,sCAQC;AAED,SAAS,kBAAkB,CAAC,MAAuB;IAC/C,6HAA6H;IAC7H,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC;IACxC,OAAO,CAAC,GAAG,CAAC,YAAY,GAAG,WAAW,CAAC;IACvC,MAAM,QAAQ,GAAG,IAAA,yBAAgB,EAAC,MAAM,CAAC,CAAC;IAC1C,OAAO,CAAC,GAAG,CAAC,YAAY,GAAG,MAAM,CAAC;IAClC,OAAO,QAAQ,CAAC;AACpB,CAAC;AACD;;GAEG;AACH,SAAgB,cAAc,CAAC,QAAgB;IAC3C,IAAI,QAAQ,CAAC,KAAK,CAAC,SAAS,CAAC,EAAE;QAC3B,MAAM,GAAG,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,CAAW,CAAC;QAChD,OAAO,kBAAkB,CAAC,GAAG,CAAC,CAAC;KAClC;SAAM;QACH,MAAM,OAAO,GAAW,YAAY,CAAC,QAAQ,CAAC,CAAC;QAC/C,OAAO,kBAAkB,CAAC,OAAO,CAAC,CAAC;KACtC;AACL,CAAC;AARD,wCAQC;AAED,SAAgB,kBAAkB,CAAC,QAAgB;IAC/C,OAAO,YAAY,CAAC,QAAQ,CAAC,CAAC;AAClC,CAAC;AAFD,gDAEC;AAED,SAAgB,gBAAgB,CAAC,QAAgB;IAC7C,OAAO,YAAY,CAAC,QAAQ,CAAC,CAAC;AAClC,CAAC;AAFD,4CAEC;AAED,SAAgB,iBAAiB,CAAC,QAAgB;IAC9C,OAAO,YAAY,CAAC,QAAQ,CAAC,CAAC;AAClC,CAAC;AAFD,8CAEC;AACD,IAAI,mBAAmB,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,qBAAqB,CAAC,CAAC;AAEtE,SAAgB,mBAAmB,CAAC,KAAa;IAC7C,MAAM,SAAS,GAAG,mBAAmB,CAAC;IACtC,mBAAmB,GAAG,KAAK,CAAC;IAC5B,OAAO,SAAS,CAAC;AACrB,CAAC;AAJD,kDAIC;AAED;;;GAGG;AACH,SAAgB,iBAAiB,CAAC,QAAgB;IAC9C,IAAI,QAAQ,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,GAAG,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE;QAC9D,QAAQ,GAAG,mBAAmB,GAAG,QAAQ,CAAC;KAC7C;IACD,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACnD,MAAM,MAAM,GAAG,KAAK,CAAC,eAAe,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IACtD,MAAM,GAAG,GAAG,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAQ,CAAC;IAC5C,OAAO,IAAA,yBAAgB,EAAC,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,EAAE,CAAC,CAAC;AACnE,CAAC;AARD,8CAQC;AAED,SAAgB,gBAAgB,CAAC,QAAgB;IAC7C,IAAI,QAAQ,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,GAAG,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE;QAC9D,QAAQ,GAAG,mBAAmB,GAAG,QAAQ,CAAC;KAC7C;IACD,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACnD,MAAM,MAAM,GAAG,KAAK,CAAC,QAAQ,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IAC9C,MAAM,GAAG,GAAG,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAQ,CAAC;IAC5C,OAAO,IAAA,wBAAe,EAAC,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,EAAE,CAAC,CAAC;AAClE,CAAC;AARD,4CAQC"}

package/dist/source_nodejs/read_certificate_revocation_list.js

@@ -1,28 +0,0 @@
-"use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.readCertificateRevocationList = void 0;
-const fs = require("fs");
-const util_1 = require("util");
-const crypto_utils_1 = require("../source/crypto_utils");
-function readCertificateRevocationList(filename) {
-    return __awaiter(this, void 0, void 0, function* () {
-        const crl = yield (0, util_1.promisify)(fs.readFile)(filename);
-        if (crl[0] === 0x30 && crl[1] === 0x82) {
-            // der format
-            return crl;
-        }
-        const raw_crl = crl.toString();
-        return (0, crypto_utils_1.convertPEMtoDER)(raw_crl);
-    });
-}
-exports.readCertificateRevocationList = readCertificateRevocationList;
-//# sourceMappingURL=read_certificate_revocation_list.js.map

package/dist/source_nodejs/read_certificate_revocation_list.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"read_certificate_revocation_list.js","sourceRoot":"","sources":["../../source_nodejs/read_certificate_revocation_list.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,yBAAyB;AACzB,+BAAiC;AACjC,yDAAyD;AAGzD,SAAsB,6BAA6B,CAAC,QAAgB;;QAChE,MAAM,GAAG,GAAG,MAAM,IAAA,gBAAS,EAAC,EAAE,CAAC,QAAQ,CAAC,CAAC,QAAQ,CAAC,CAAC;QACnD,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,IAAI,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE;YACpC,aAAa;YACb,OAAO,GAAgC,CAAC;SAC3C;QACD,MAAM,OAAO,GAAG,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC/B,OAAO,IAAA,8BAAe,EAAC,OAAO,CAAC,CAAC;IACpC,CAAC;CAAA;AARD,sEAQC"}

package/dist/source_nodejs/read_certificate_signing_request.js

@@ -1,28 +0,0 @@
-"use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.readCertificateSigningRequest = void 0;
-const fs = require("fs");
-const util_1 = require("util");
-const crypto_utils_1 = require("../source/crypto_utils");
-function readCertificateSigningRequest(filename) {
-    return __awaiter(this, void 0, void 0, function* () {
-        const csr = yield (0, util_1.promisify)(fs.readFile)(filename);
-        if (csr[0] === 0x30 && csr[1] === 0x82) {
-            // der format
-            return csr;
-        }
-        const raw_crl = csr.toString();
-        return (0, crypto_utils_1.convertPEMtoDER)(raw_crl);
-    });
-}
-exports.readCertificateSigningRequest = readCertificateSigningRequest;
-//# sourceMappingURL=read_certificate_signing_request.js.map

package/dist/source_nodejs/read_certificate_signing_request.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"read_certificate_signing_request.js","sourceRoot":"","sources":["../../source_nodejs/read_certificate_signing_request.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,yBAAyB;AACzB,+BAAiC;AACjC,yDAAyD;AAMzD,SAAsB,6BAA6B,CAAC,QAAgB;;QAChE,MAAM,GAAG,GAAG,MAAM,IAAA,gBAAS,EAAC,EAAE,CAAC,QAAQ,CAAC,CAAC,QAAQ,CAAC,CAAC;QACnD,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,IAAI,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE;YACpC,aAAa;YACb,OAAO,GAAgC,CAAC;SAC3C;QACD,MAAM,OAAO,GAAG,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC/B,OAAO,IAAA,8BAAe,EAAC,OAAO,CAAC,CAAC;IACpC,CAAC;CAAA;AARD,sEAQC"}

package/source/asn1.ts

@@ -1,404 +0,0 @@
-import * as assert from "assert";
-import { oid_map } from "./oid_map";
-
-// https://github.com/lapo-luchini/asn1js/blob/master/asn1.js
-export enum TagType {
-    BOOLEAN = 0x01,
-    INTEGER = 0x02,
-    BIT_STRING = 0x03,
-    OCTET_STRING = 0x04,
-    NULL = 0x05,
-    OBJECT_IDENTIFIER = 0x06,
-    UTF8String = 0x0c,
-    NumericString = 0x12,
-    PrintableString = 0x13,
-    TeletexString = 0x14,
-    IA5String = 0x16,
-    UTCTime = 0x17,
-    GeneralizedTime = 0x18,
-    GraphicString = 0x19,
-    VisibleString = 0x1a,
-    GeneralString = 0x1b,
-    UniversalString = 0x1c,
-    BMPString = 0x1e,
-
-    SEQUENCE = 0x30,
-    SET = 0x31,
-
-    A3 = 0xA3
-}
-
-export interface BlockInfo {
-    tag: TagType | number;
-    position: number;
-    length: number;
-}
-
-export function readTag(buf: Buffer, pos: number): BlockInfo {
-    assert(buf instanceof Buffer);
-    assert(Number.isFinite(pos) && pos >= 0);
-    // istanbul ignore next
-    if (buf.length <= pos) {
-        throw new Error("Invalid position : buf.length=" + buf.length + " pos =" + pos);
-    }
-    const tag = buf.readUInt8(pos);
-    pos += 1;
-
-    let length = buf.readUInt8(pos);
-    pos += 1;
-
-    // tslint:disable:no-bitwise
-    if (length > 127) {
-        const nbBytes = length & 0x7f;
-        length = 0;
-        for (let i = 0; i < nbBytes; i++) {
-            length = length * 256 + buf.readUInt8(pos);
-            pos += 1;
-        }
-    }
-    return { tag, position: pos, length };
-}
-
-export function _readStruct(buf: Buffer, blockInfo: BlockInfo): BlockInfo[] {
-    const length = blockInfo.length;
-    let cursor = blockInfo.position;
-    const end = blockInfo.position + length;
-    const blocks: BlockInfo[] = [];
-    while (cursor < end) {
-        const inner = readTag(buf, cursor);
-        cursor = inner.position + inner.length;
-        blocks.push(inner);
-    }
-    return blocks;
-}
-
-export function parseBitString(buffer: Buffer, start: number, end: number, maxLength: number): string {
-    const unusedBit = buffer.readUInt8(start),
-        lenBit = ((end - start - 1) << 3) - unusedBit,
-        intro = "(" + lenBit + " bit)\n";
-
-    let s = "",
-        skip = unusedBit;
-
-    for (let i = end - 1; i > start; --i) {
-        const b = buffer.readUInt8(i);
-
-        for (let j = skip; j < 8; ++j) {
-            // noinspection JSBitwiseOperatorUsage
-            s += (b >> j) & 1 ? "1" : "0";
-        }
-        skip = 0;
-        assert(s.length <= maxLength);
-    }
-    return intro + s;
-}
-
-export interface BitString {
-    lengthInBits: number;
-    lengthInBytes: number;
-    data: Buffer;
-    debug?: any;
-}
-
-export function _readBitString(buffer: Buffer, block: BlockInfo): BitString {
-    assert(block.tag === TagType.BIT_STRING);
-    const data = _getBlock(buffer, block);
-    // number of skipped bits
-    const ignore_bits = data.readUInt8(0);
-
-    return {
-        lengthInBits: data.length * 8 - ignore_bits,
-        lengthInBytes: data.length - 1,
-        data: data.slice(1),
-        debug: parseBitString(buffer, block.position, block.length + block.position, 5000),
-    };
-}
-
-export function formatBuffer2DigitHexWithColum(buffer: Buffer): string {
-    const value: string[] = [];
-    for (let i = 0; i < buffer.length; i++) {
-        value.push(("00" + buffer.readUInt8(i).toString(16)).substr(-2, 2));
-    }
-    // remove leading 00
-    return value
-        .join(":")
-        .toUpperCase()
-        .replace(/^(00:)*/, "");
-}
-
-export function _readOctetString(buffer: Buffer, block: BlockInfo): Buffer {
-    assert(block.tag === TagType.OCTET_STRING);
-    const tag = readTag(buffer, block.position);
-    assert(tag.tag === TagType.OCTET_STRING);
-
-    const nbBytes = tag.length;
-    const pos = tag.position;
-    const b = buffer.slice(pos, pos + nbBytes);
-    return b;
-}
-
-export function _getBlock(buffer: Buffer, block: BlockInfo): Buffer {
-    const start = block.position;
-    const end = block.position + block.length;
-    return buffer.slice(start, end);
-}
-
-export interface AlgorithmIdentifier {
-    identifier: string;
-}
-
-export function _readIntegerAsByteString(buffer: Buffer, block: BlockInfo): Buffer {
-    return _getBlock(buffer, block);
-}
-
-export function _readListOfInteger(buffer: Buffer): Buffer[] {
-    const block = readTag(buffer, 0);
-    const inner_blocks = _readStruct(buffer, block);
-    return inner_blocks.map((bblock: BlockInfo) => {
-        return _readIntegerAsByteString(buffer, bblock);
-    });
-}
-
-function parseOID(buffer: Buffer, start: number, end: number): string {
-    // ASN.1 JavaScript decoder
-    // Copyright (c) 2008-2014 Lapo Luchini <lapo@lapo.it>
-    let s = "",
-        n = 0,
-        bits = 0;
-    for (let i = start; i < end; ++i) {
-        const v = buffer.readUInt8(i);
-
-        // tslint:disable-next-line: no-bitwise
-        n = n * 128 + (v & 0x7f);
-        bits += 7;
-
-        // noinspection JSBitwiseOperatorUsage
-        // tslint:disable-next-line: no-bitwise
-        if (!(v & 0x80)) {
-            // finished
-            if (s === "") {
-                const m = n < 80 ? (n < 40 ? 0 : 1) : 2;
-                s = m + "." + (n - m * 40);
-            } else {
-                s += "." + n.toString();
-            }
-            n = 0;
-            bits = 0;
-        }
-    }
-    assert(bits === 0); // if (bits > 0) { s += ".incomplete"; }
-    return s;
-}
-
-export function _readObjectIdentifier(buffer: Buffer, block: BlockInfo): { oid: string; name: string } {
-    assert(block.tag === TagType.OBJECT_IDENTIFIER);
-    const b = buffer.slice(block.position, block.position + block.length);
-    const oid = parseOID(b, 0, block.length);
-    return {
-        oid,
-        name: oid_map[oid] ? oid_map[oid].d : oid,
-    };
-}
-
-export function _readAlgorithmIdentifier(buffer: Buffer, block: BlockInfo): AlgorithmIdentifier {
-    const inner_blocks = _readStruct(buffer, block);
-    return {
-        identifier: _readObjectIdentifier(buffer, inner_blocks[0]).name,
-    }
-};
-
-export function _readECCAlgorithmIdentifier(buffer: Buffer, block: BlockInfo): AlgorithmIdentifier {
-    const inner_blocks = _readStruct(buffer, block);
-    return {
-        identifier: _readObjectIdentifier(buffer, inner_blocks[1]).name, // difference with RSA as algorithm is second element of nested block
-    }
-};
-
-export type SignatureValue = string;
-
-export function _readSignatureValueBin(buffer: Buffer, block: BlockInfo): Buffer {
-    return _readBitString(buffer, block).data;
-}
-
-export function _readSignatureValue(buffer: Buffer, block: BlockInfo): SignatureValue {
-    return _readSignatureValueBin(buffer, block).toString("hex");
-}
-
-export function _readLongIntegerValue(buffer: Buffer, block: BlockInfo): Buffer {
-    assert(block.tag === TagType.INTEGER, "expecting a INTEGER tag");
-    const pos = block.position;
-    const nbBytes = block.length;
-    const buf = buffer.slice(pos, pos + nbBytes);
-    return buf;
-}
-
-export function _readIntegerValue(buffer: Buffer, block: BlockInfo): number {
-    assert(block.tag === TagType.INTEGER, "expecting a INTEGER tag");
-    let pos = block.position;
-    const nbBytes = block.length;
-    assert(nbBytes < 4);
-    let value = 0;
-    for (let i = 0; i < nbBytes; i++) {
-        value = value * 256 + buffer.readUInt8(pos);
-        pos += 1;
-    }
-    return value;
-}
-
-export function _readBooleanValue(buffer: Buffer, block: BlockInfo): boolean {
-    assert(block.tag === TagType.BOOLEAN, "expecting a BOOLEAN tag. got " + TagType[block.tag]);
-    const pos = block.position;
-    const nbBytes = block.length;
-    assert(nbBytes < 4);
-    const value = buffer.readUInt8(pos) ? true : false;
-    return value as boolean;
-}
-
-export function _readVersionValue(buffer: Buffer, block: BlockInfo): number {
-    block = readTag(buffer, block.position);
-    return _readIntegerValue(buffer, block);
-}
-
-/*
- 4.1.2.5.2  GeneralizedTime
-
- The generalized time type, GeneralizedTime, is a standard ASN.1 type
- for variable precision representation of time.  Optionally, the
- GeneralizedTime field can include a representation of the time
- differential between local and Greenwich Mean Time.
-
- For the purposes of this profile, GeneralizedTime values MUST be
- expressed Greenwich Mean Time (Zulu) and MUST include seconds (i.e.,
- times are YYYYMMDDHHMMSSZ), even where the number of seconds is zero.
- GeneralizedTime values MUST NOT include fractional seconds.
-
- */
-function convertGeneralizedTime(str: string): Date {
-    const year = parseInt(str.substr(0, 4), 10);
-    const month = parseInt(str.substr(4, 2), 10) - 1;
-    const day = parseInt(str.substr(6, 2), 10);
-    const hours = parseInt(str.substr(8, 2), 10);
-    const mins = parseInt(str.substr(10, 2), 10);
-    const secs = parseInt(str.substr(12, 2), 10);
-
-    return new Date(Date.UTC(year, month, day, hours, mins, secs));
-}
-
-function _readBMPString(buffer: Buffer, block: BlockInfo): string {
-    const strBuff = _getBlock(buffer, block);
-    let str = "";
-    for (let i = 0; i < strBuff.length; i += 2) {
-        const word = strBuff.readUInt16BE(i);
-        str += String.fromCharCode(word);
-    }
-    return str;
-}
-
-/*
- http://tools.ietf.org/html/rfc5280
-
- 4.1.2.5. Validity
- [...]
- As conforming to this profile MUST always encode certificate
- validity dates through the year 2049 as UTCTime; certificate validity
- dates in 2050 or later MUST be encoded as GeneralizedTime.
- Conforming applications MUST be able to process validity dates that
- are encoded in either UTCTime or GeneralizedTime.
- [...]
-
- 4.1.2.5.1  UTCTime
-
- The universal time type, UTCTime, is a standard ASN.1 type intended
- for representation of dates and time.  UTCTime specifies the year
- through the two low order digits and time is specified to the
- precision of one minute or one second.  UTCTime includes either Z
- (for Zulu, or Greenwich Mean Time) or a time differential.
-
- For the purposes of this profile, UTCTime values MUST be expressed
- Greenwich Mean Time (Zulu) and MUST include seconds (i.e., times are
- YYMMDDHHMMSSZ), even where the number of seconds is zero.  Conforming
- systems MUST interpret the year field (YY) as follows:
-
- Where YY is greater than or equal to 50, the year SHALL be
- interpreted as 19YY; and
-
- Where YY is less than 50, the year SHALL be interpreted as 20YY.
- */
-function convertUTCTime(str: string): Date {
-    let year = parseInt(str.substr(0, 2), 10);
-    const month = parseInt(str.substr(2, 2), 10) - 1;
-    const day = parseInt(str.substr(4, 2), 10);
-    const hours = parseInt(str.substr(6, 2), 10);
-    const mins = parseInt(str.substr(8, 2), 10);
-    const secs = parseInt(str.substr(10, 2), 10);
-
-    year += year >= 50 ? 1900 : 2000;
-    return new Date(Date.UTC(year, month, day, hours, mins, secs));
-}
-
-export function _readValue(buffer: Buffer, block: BlockInfo): any {
-    switch (block.tag) {
-        case TagType.BOOLEAN:
-            return _readBooleanValue(buffer, block);
-        case TagType.BMPString:
-            return _readBMPString(buffer, block);
-        case TagType.PrintableString:
-        case TagType.TeletexString:
-        case TagType.UTF8String:
-        case TagType.NumericString:
-        case TagType.IA5String:
-            return _getBlock(buffer, block).toString("ascii");
-        case TagType.UTCTime:
-            return convertUTCTime(_getBlock(buffer, block).toString("ascii"));
-        case TagType.GeneralizedTime:
-            return convertGeneralizedTime(_getBlock(buffer, block).toString("ascii"));
-        default:
-            throw new Error("Invalid tag 0x" + block.tag.toString(16) + "");
-        //xx return " ??? <" + block.tag + ">";
-    }
-}
-
-export interface DirectoryName {
-    stateOrProvinceName?: string;
-    localityName?: string;
-    organizationName?: string;
-    organizationUnitName?: string;
-    commonName?: string;
-    countryName?: string;
-}
-export function compactDirectoryName(d: DirectoryName): string {
-    return JSON.stringify(d);
-}
-
-export function _readDirectoryName(buffer: Buffer, block: BlockInfo): DirectoryName {
-    // AttributeTypeAndValue ::= SEQUENCE {
-    //    type   ATTRIBUTE.&id({SupportedAttributes}),
-    //    value  ATTRIBUTE.&Type({SupportedAttributes}{@type}),
-    const set_blocks = _readStruct(buffer, block);
-    const names: DirectoryName = {};
-    for (const set_block of set_blocks) {
-        assert(set_block.tag === 0x31);
-        const blocks = _readStruct(buffer, set_block);
-        assert(blocks.length === 1);
-        assert(blocks[0].tag === 0x30);
-
-        const sequenceBlock = _readStruct(buffer, blocks[0]);
-        assert(sequenceBlock.length === 2);
-
-        const type = _readObjectIdentifier(buffer, sequenceBlock[0]);
-        (names as any)[type.name] = _readValue(buffer, sequenceBlock[1]);
-    }
-    return names;
-}
-
-export function _findBlockAtIndex(blocks: BlockInfo[], index: number): BlockInfo | null {
-    const tmp = blocks.filter((b: BlockInfo) => b.tag === 0xa0 + index || b.tag === 0x80 + index);
-    if (tmp.length === 0) {
-        return null;
-    }
-    return tmp[0];
-}
-
-export function _readTime(buffer: Buffer, block: BlockInfo): any {
-    return _readValue(buffer, block);
-}

package/source/buffer_utils.ts

@@ -1,18 +0,0 @@
-//
-// note: new Buffer(size)#  is deprecated since: v6.0. and is replaced with Buffer.allocUnsafe
-//       to ensure backward compatibility we have to replace
-//       new Buffer(size) with createFastUninitializedBuffer(size)
-//
-//       Buffer.alloc and Buffer.allocUnsafe have been introduced in nodejs 5.1.0
-//  in node 0.11 new Buffer
-//
-/**
- * @internal
- * @private
- */
-export const createFastUninitializedBuffer = Buffer.allocUnsafe
-    ? Buffer.allocUnsafe
-    : (size: number): Buffer => {
-          // istanbul ignore next
-          return new Buffer(size);
-      };

package/source/common.ts

@@ -1,15 +0,0 @@
-import { KeyObject } from "node:crypto";
-
-export type PrivateKey = KeyObject;
-export type PublicKey = KeyObject;
-
-export type Nonce = Buffer;
-export type PEM = string;
-export type DER = Buffer;
-export type Certificate = DER;
-export type CertificatePEM = PEM; // certificate as a PEM string
-export type PrivateKeyPEM = PEM;
-export type PublicKeyPEM = PEM;
-
-export type Signature = Buffer;
-export type CertificateRevocationList = Buffer;