npm - node-opcua-crypto - Versions diffs - 4.16.1 → 5.0.0 - Mend

node-opcua-crypto 4.16.1 → 5.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (31) hide show

package/LICENSE +23 -23
package/README.md +1 -1
package/dist/{chunk-MGQCHN54.mjs → chunk-BIS3W2GR.mjs} +507 -458
package/dist/chunk-BIS3W2GR.mjs.map +1 -0
package/dist/{chunk-JDT2M2NN.mjs → chunk-ISIVVQGT.mjs} +39 -38
package/dist/chunk-ISIVVQGT.mjs.map +1 -0
package/dist/{common-CFr95Map.d.mts → common-DxHkx4Pv.d.mts} +2 -2
package/dist/{common-CFr95Map.d.ts → common-DxHkx4Pv.d.ts} +2 -2
package/dist/index.d.mts +3 -3
package/dist/index.d.ts +3 -3
package/dist/index.js +573 -517
package/dist/index.js.map +1 -1
package/dist/index.mjs +2 -2
package/dist/source/index.d.mts +3 -3
package/dist/source/index.d.ts +3 -3
package/dist/source/index.js +549 -494
package/dist/source/index.js.map +1 -1
package/dist/source/index.mjs +1 -1
package/dist/source/index_web.d.mts +24 -18
package/dist/source/index_web.d.ts +24 -18
package/dist/source/index_web.js +549 -494
package/dist/source/index_web.js.map +1 -1
package/dist/source/index_web.mjs +1 -1
package/dist/source_nodejs/index.d.mts +11 -11
package/dist/source_nodejs/index.d.ts +11 -11
package/dist/source_nodejs/index.js +199 -193
package/dist/source_nodejs/index.js.map +1 -1
package/dist/source_nodejs/index.mjs +2 -2
package/package.json +3 -4
package/dist/chunk-JDT2M2NN.mjs.map +0 -1
package/dist/chunk-MGQCHN54.mjs.map +0 -1

package/dist/source/index_web.mjs CHANGED Viewed

@@ -71,7 +71,7 @@ import {
   verifyChunkSignature,
   verifyChunkSignatureWithDerivedKeys,
   verifyMessageChunkSignature
-} from "../chunk-MGQCHN54.mjs";
+} from "../chunk-BIS3W2GR.mjs";
 export {
   CertificatePurpose,
   PaddingAlgorithm,

package/dist/source_nodejs/index.d.mts CHANGED Viewed

@@ -1,5 +1,13 @@
-import { C as Certificate, a as PublicKey, P as PrivateKey, d as CertificatePEM, f as PublicKeyPEM, e as PrivateKeyPEM, g as CertificateRevocationList } from '../common-CFr95Map.mjs';
-import 'crypto';
+import { C as Certificate, K as KeyObject, P as PrivateKey, d as CertificatePEM, f as PublicKeyPEM, e as PrivateKeyPEM, a as PublicKey, g as CertificateRevocationList } from '../common-DxHkx4Pv.mjs';
+import 'node:crypto';
+declare function generatePrivateKeyFile(privateKeyFilename: string, modulusLength: 1024 | 2048 | 3072 | 4096): Promise<void>;
+/**
+ * alternate function to generate PrivateKeyFile, using jsrsasign.
+ *
+ * This function is slower than generatePrivateKeyFile
+ */
+declare function generatePrivateKeyFileAlternate(privateKeyFilename: string, modulusLength: 2048 | 3072 | 4096): Promise<void>;
 /**
  * read a DER or PEM certificate from file
@@ -8,7 +16,7 @@ declare function readCertificate(filename: string): Certificate;
 /**
  * read a DER or PEM certificate from file
  */
-declare function readPublicKey(filename: string): PublicKey;
+declare function readPublicKey(filename: string): KeyObject;
 /**
  * read a DER or PEM certificate from file
  */
@@ -34,12 +42,4 @@ declare function readCertificateRevocationList(filename: string): Promise<Certif
 type CertificateSigningRequest = Buffer;
 declare function readCertificateSigningRequest(filename: string): Promise<CertificateSigningRequest>;
-declare function generatePrivateKeyFile(privateKeyFilename: string, modulusLength: 1024 | 2048 | 3072 | 4096): Promise<void>;
-/**
- * alternate function to generate PrivateKeyFile, using jsrsasign.
- *
- * This function is slower than generatePrivateKeyFile
- */
-declare function generatePrivateKeyFileAlternate(privateKeyFilename: string, modulusLength: 2048 | 3072 | 4096): Promise<void>;
 export { type CertificateSigningRequest, generatePrivateKeyFile, generatePrivateKeyFileAlternate, getCertificateStore, readCertificate, readCertificatePEM, readCertificateRevocationList, readCertificateSigningRequest, readPrivateKey, readPrivateKeyPEM, readPrivateRsaKey, readPublicKey, readPublicKeyPEM, readPublicRsaKey, setCertificateStore };

package/dist/source_nodejs/index.d.ts CHANGED Viewed

@@ -1,5 +1,13 @@
-import { C as Certificate, a as PublicKey, P as PrivateKey, d as CertificatePEM, f as PublicKeyPEM, e as PrivateKeyPEM, g as CertificateRevocationList } from '../common-CFr95Map.js';
-import 'crypto';
+import { C as Certificate, K as KeyObject, P as PrivateKey, d as CertificatePEM, f as PublicKeyPEM, e as PrivateKeyPEM, a as PublicKey, g as CertificateRevocationList } from '../common-DxHkx4Pv.js';
+import 'node:crypto';
+declare function generatePrivateKeyFile(privateKeyFilename: string, modulusLength: 1024 | 2048 | 3072 | 4096): Promise<void>;
+/**
+ * alternate function to generate PrivateKeyFile, using jsrsasign.
+ *
+ * This function is slower than generatePrivateKeyFile
+ */
+declare function generatePrivateKeyFileAlternate(privateKeyFilename: string, modulusLength: 2048 | 3072 | 4096): Promise<void>;
 /**
  * read a DER or PEM certificate from file
@@ -8,7 +16,7 @@ declare function readCertificate(filename: string): Certificate;
 /**
  * read a DER or PEM certificate from file
  */
-declare function readPublicKey(filename: string): PublicKey;
+declare function readPublicKey(filename: string): KeyObject;
 /**
  * read a DER or PEM certificate from file
  */
@@ -34,12 +42,4 @@ declare function readCertificateRevocationList(filename: string): Promise<Certif
 type CertificateSigningRequest = Buffer;
 declare function readCertificateSigningRequest(filename: string): Promise<CertificateSigningRequest>;
-declare function generatePrivateKeyFile(privateKeyFilename: string, modulusLength: 1024 | 2048 | 3072 | 4096): Promise<void>;
-/**
- * alternate function to generate PrivateKeyFile, using jsrsasign.
- *
- * This function is slower than generatePrivateKeyFile
- */
-declare function generatePrivateKeyFileAlternate(privateKeyFilename: string, modulusLength: 2048 | 3072 | 4096): Promise<void>;
 export { type CertificateSigningRequest, generatePrivateKeyFile, generatePrivateKeyFileAlternate, getCertificateStore, readCertificate, readCertificatePEM, readCertificateRevocationList, readCertificateSigningRequest, readPrivateKey, readPrivateKeyPEM, readPrivateRsaKey, readPublicKey, readPublicKeyPEM, readPublicRsaKey, setCertificateStore };

package/dist/source_nodejs/index.js CHANGED Viewed

@@ -47,31 +47,24 @@ __export(source_nodejs_exports, {
 });
 module.exports = __toCommonJS(source_nodejs_exports);
-// source_nodejs/read.ts
-var import_assert5 = __toESM(require("assert"));
+// source_nodejs/generate_private_key_filename.ts
 var import_node_fs = __toESM(require("fs"));
-var import_node_path = __toESM(require("path"));
-var import_crypto = require("crypto");
-// source/crypto_utils.ts
-var import_constants = __toESM(require("constants"));
-var import_assert4 = __toESM(require("assert"));
-var import_hexy = __toESM(require("hexy"));
+var import_jsrsasign3 = __toESM(require("jsrsasign"));
-// source/buffer_utils.ts
-var createFastUninitializedBuffer = Buffer.allocUnsafe ? Buffer.allocUnsafe : (size) => {
-  return new Buffer(size);
-};
+// source/common.ts
+var import_node_crypto = __toESM(require("crypto"));
+var KeyObjectOrig = import_node_crypto.default.KeyObject;
+var { createPrivateKey: createPrivateKeyFromNodeJSCrypto } = import_node_crypto.default;
 // source/crypto_explore_certificate.ts
-var import_assert3 = __toESM(require("assert"));
+var import_node_assert4 = __toESM(require("assert"));
 // source/asn1.ts
-var import_assert = __toESM(require("assert"));
+var import_node_assert = __toESM(require("assert"));
 function readTag(buf, pos) {
   const start = pos;
   if (buf.length <= pos) {
-    throw new Error("Invalid position : buf.length=" + buf.length + " pos =" + pos);
+    throw new Error(`Invalid position : buf.length=${buf.length} pos=${pos}`);
   }
   const tag = buf.readUInt8(pos);
   pos += 1;
@@ -88,38 +81,18 @@ function readTag(buf, pos) {
   return { start, tag, position: pos, length };
 }
-// source/directory_name.ts
-var import_assert2 = __toESM(require("assert"));
+// source/crypto_utils.ts
+var import_node_assert2 = __toESM(require("assert"));
+var import_node_constants = __toESM(require("constants"));
+var import_node_crypto2 = require("crypto");
+var import_jsrsasign = __toESM(require("jsrsasign"));
-// source/crypto_explore_certificate.ts
-function split_der(certificateChain) {
-  const certificate_chain = [];
-  do {
-    const block_info = readTag(certificateChain, 0);
-    const length = block_info.position + block_info.length;
-    const der_certificate = certificateChain.subarray(0, length);
-    certificate_chain.push(der_certificate);
-    certificateChain = certificateChain.subarray(length);
-  } while (certificateChain.length > 0);
-  return certificate_chain;
-}
-function combine_der(certificates) {
-  for (const cert of certificates) {
-    const b = split_der(cert);
-    let sum = 0;
-    b.forEach((block) => {
-      const block_info = readTag(block, 0);
-      (0, import_assert3.default)(block_info.position + block_info.length === block.length);
-      sum += block.length;
-    });
-    (0, import_assert3.default)(sum === cert.length);
-  }
-  return Buffer.concat(certificates);
-}
+// source/buffer_utils.ts
+var createFastUninitializedBuffer = Buffer.allocUnsafe ? Buffer.allocUnsafe : (size) => {
+  return new Buffer(size);
+};
 // source/crypto_utils.ts
-var import_jsrsasign = __toESM(require("jsrsasign"));
-var { hexy } = import_hexy.default;
 var PEM_REGEX = /^(-----BEGIN (.*)-----\r?\n([/+=a-zA-Z0-9\r\n]*)\r?\n-----END \2-----\r?\n?)/gm;
 var PEM_TYPE_REGEX = /^(-----BEGIN (.*)-----)/m;
 function identifyPemType(rawKey) {
@@ -134,192 +107,103 @@ function removeTrailingLF(str) {
   return tmp;
 }
 function toPem(raw_key, pem) {
-  (0, import_assert4.default)(raw_key, "expecting a key");
-  (0, import_assert4.default)(typeof pem === "string");
+  (0, import_node_assert2.default)(raw_key, "expecting a key");
+  (0, import_node_assert2.default)(typeof pem === "string");
   let pemType = identifyPemType(raw_key);
   if (pemType) {
     return Buffer.isBuffer(raw_key) ? removeTrailingLF(raw_key.toString("utf8")) : removeTrailingLF(raw_key);
   } else {
     pemType = pem;
-    (0, import_assert4.default)(["CERTIFICATE REQUEST", "CERTIFICATE", "RSA PRIVATE KEY", "PUBLIC KEY", "X509 CRL"].indexOf(pemType) >= 0);
+    (0, import_node_assert2.default)(["CERTIFICATE REQUEST", "CERTIFICATE", "RSA PRIVATE KEY", "PUBLIC KEY", "X509 CRL"].indexOf(pemType) >= 0);
     let b = raw_key.toString("base64");
-    let str = "-----BEGIN " + pemType + "-----\n";
+    let str = `-----BEGIN ${pemType}-----
+`;
     while (b.length) {
-      str += b.substring(0, 64) + "\n";
+      str += `${b.substring(0, 64)}
+`;
       b = b.substring(64);
     }
-    str += "-----END " + pemType + "-----";
+    str += `-----END ${pemType}-----`;
     return str;
   }
 }
 function convertPEMtoDER(raw_key) {
   let match;
-  let pemType;
+  let _pemType;
   let base64str;
   const parts = [];
   PEM_REGEX.lastIndex = 0;
-  while ((match = PEM_REGEX.exec(raw_key)) !== null) {
-    pemType = match[2];
+  match = PEM_REGEX.exec(raw_key);
+  while (match !== null) {
+    _pemType = match[2];
     base64str = match[3];
     base64str = base64str.replace(/\r?\n/g, "");
     parts.push(Buffer.from(base64str, "base64"));
+    match = PEM_REGEX.exec(raw_key);
   }
   return combine_der(parts);
 }
-var RSA_PKCS1_OAEP_PADDING = import_constants.default.RSA_PKCS1_OAEP_PADDING;
-var RSA_PKCS1_PADDING = import_constants.default.RSA_PKCS1_PADDING;
-(0, import_assert4.default)(4 /* RSA_PKCS1_OAEP_PADDING */ === import_constants.default.RSA_PKCS1_OAEP_PADDING);
-(0, import_assert4.default)(1 /* RSA_PKCS1_PADDING */ === import_constants.default.RSA_PKCS1_PADDING);
+var RSA_PKCS1_OAEP_PADDING = import_node_constants.default.RSA_PKCS1_OAEP_PADDING;
+var RSA_PKCS1_PADDING = import_node_constants.default.RSA_PKCS1_PADDING;
+(0, import_node_assert2.default)(4 /* RSA_PKCS1_OAEP_PADDING */ === import_node_constants.default.RSA_PKCS1_OAEP_PADDING);
+(0, import_node_assert2.default)(1 /* RSA_PKCS1_PADDING */ === import_node_constants.default.RSA_PKCS1_PADDING);
-// source_nodejs/read.ts
-var import_sshpk = __toESM(require("sshpk"));
-function _readPemFile(filename) {
-  (0, import_assert5.default)(typeof filename === "string");
-  return removeTrailingLF(import_node_fs.default.readFileSync(filename, "utf-8"));
-}
-function _readPemOrDerFileAsDER(filename) {
-  if (filename.match(/.*\.der/)) {
-    return import_node_fs.default.readFileSync(filename);
-  }
-  const raw_key = _readPemFile(filename);
-  return convertPEMtoDER(raw_key);
-}
-function readCertificate(filename) {
-  return _readPemOrDerFileAsDER(filename);
-}
-function readPublicKey(filename) {
-  if (filename.match(/.*\.der/)) {
-    const der = import_node_fs.default.readFileSync(filename);
-    return (0, import_crypto.createPublicKey)(der);
-  } else {
-    const raw_key = _readPemFile(filename);
-    return (0, import_crypto.createPublicKey)(raw_key);
-  }
-}
-function myCreatePrivateKey(rawKey) {
-  if (!import_crypto.createPrivateKey || process.env.NO_CREATE_PRIVATEKEY) {
-    if (Buffer.isBuffer(rawKey)) {
-      const pemKey = toPem(rawKey, "PRIVATE KEY");
-      (0, import_assert5.default)(["RSA PRIVATE KEY", "PRIVATE KEY"].indexOf(identifyPemType(pemKey)) >= 0);
-      return { hidden: pemKey };
-    }
-    return { hidden: ensureTrailingLF(rawKey) };
-  }
-  const backup = process.env.OPENSSL_CONF;
-  process.env.OPENSSL_CONF = "/dev/null";
-  const retValue = (0, import_crypto.createPrivateKey)(rawKey);
-  process.env.OPENSSL_CONF = backup;
-  return { hidden: retValue };
-}
-function ensureTrailingLF(str) {
-  return str.match(/\n$/) ? str : str + "\n";
-}
-function readPrivateKey(filename) {
-  if (filename.match(/.*\.der/)) {
-    const der = import_node_fs.default.readFileSync(filename);
-    return myCreatePrivateKey(der);
-  } else {
-    const raw_key = _readPemFile(filename);
-    return myCreatePrivateKey(raw_key);
-  }
-}
-function readCertificatePEM(filename) {
-  return _readPemFile(filename);
-}
-function readPublicKeyPEM(filename) {
-  return _readPemFile(filename);
-}
-function readPrivateKeyPEM(filename) {
-  return _readPemFile(filename);
-}
-var _g_certificate_store = "";
-function setCertificateStore(store) {
-  const old_store = _g_certificate_store;
-  _g_certificate_store = store;
-  return old_store;
-}
-function getCertificateStore() {
-  if (!_g_certificate_store) {
-    _g_certificate_store = import_node_path.default.join(__dirname, "../../certificates/");
-  }
-  return _g_certificate_store;
-}
-function readPrivateRsaKey(filename) {
-  if (!import_crypto.createPrivateKey) {
-    throw new Error("createPrivateKey is not supported in this environment");
-  }
-  if (filename.substring(0, 1) !== "." && !import_node_fs.default.existsSync(filename)) {
-    filename = import_node_path.default.join(getCertificateStore(), filename);
-  }
-  const content = import_node_fs.default.readFileSync(filename, "utf8");
-  const sshKey = import_sshpk.default.parsePrivateKey(content, "auto");
-  const key = sshKey.toString("pkcs1");
-  const hidden = (0, import_crypto.createPrivateKey)({ format: "pem", type: "pkcs1", key });
-  return { hidden };
-}
-function readPublicRsaKey(filename) {
-  if (filename.substring(0, 1) !== "." && !import_node_fs.default.existsSync(filename)) {
-    filename = import_node_path.default.join(getCertificateStore(), filename);
-  }
-  const content = import_node_fs.default.readFileSync(filename, "utf-8");
-  const sshKey = import_sshpk.default.parseKey(content, "ssh");
-  const key = sshKey.toString("pkcs1");
-  return (0, import_crypto.createPublicKey)({ format: "pem", type: "pkcs1", key });
-}
+// source/directory_name.ts
+var import_node_assert3 = __toESM(require("assert"));
-// source_nodejs/read_certificate_revocation_list.ts
-var import_node_fs2 = __toESM(require("fs"));
-async function readCertificateRevocationList(filename) {
-  const crl = await import_node_fs2.default.promises.readFile(filename);
-  if (crl[0] === 48 && crl[1] === 130) {
-    return crl;
-  }
-  const raw_crl = crl.toString();
-  return convertPEMtoDER(raw_crl);
+// source/crypto_explore_certificate.ts
+function split_der(certificateChain) {
+  const certificate_chain = [];
+  do {
+    const block_info = readTag(certificateChain, 0);
+    const length = block_info.position + block_info.length;
+    const der_certificate = certificateChain.subarray(0, length);
+    certificate_chain.push(der_certificate);
+    certificateChain = certificateChain.subarray(length);
+  } while (certificateChain.length > 0);
+  return certificate_chain;
 }
-// source_nodejs/read_certificate_signing_request.ts
-var import_node_fs3 = __toESM(require("fs"));
-async function readCertificateSigningRequest(filename) {
-  const csr = await import_node_fs3.default.promises.readFile(filename);
-  if (csr[0] === 48 && csr[1] === 130) {
-    return csr;
+function combine_der(certificates) {
+  for (const cert of certificates) {
+    const b = split_der(cert);
+    let sum = 0;
+    b.forEach((block) => {
+      const block_info = readTag(block, 0);
+      (0, import_node_assert4.default)(block_info.position + block_info.length === block.length);
+      sum += block.length;
+    });
+    (0, import_node_assert4.default)(sum === cert.length);
   }
-  const raw_crl = csr.toString();
-  return convertPEMtoDER(raw_crl);
+  return Buffer.concat(certificates);
 }
-// source_nodejs/generate_private_key_filename.ts
-var import_node_fs4 = __toESM(require("fs"));
-// source/explore_private_key.ts
-var doDebug = !!process.env.DEBUG;
-// source/common.ts
-var import_crypto2 = __toESM(require("crypto"));
-var KeyObjectOrig = import_crypto2.default.KeyObject;
-var { createPrivateKey: createPrivateKeyFromNodeJSCrypto } = import_crypto2.default;
 // source/crypto_utils2.ts
-var import_assert6 = __toESM(require("assert"));
+var import_node_assert5 = __toESM(require("assert"));
 var import_jsrsasign2 = __toESM(require("jsrsasign"));
 // source/derived_keys.ts
-var import_assert8 = __toESM(require("assert"));
+var import_node_assert7 = __toESM(require("assert"));
+var import_node_crypto3 = require("crypto");
 // source/explore_certificate.ts
-var import_assert7 = __toESM(require("assert"));
+var import_node_assert6 = __toESM(require("assert"));
+// source/explore_private_key.ts
+var doDebug = !!process.env.DEBUG;
+// source/verify_certificate_signature.ts
+var import_node_crypto4 = require("crypto");
 // source/x509/_crypto.ts
-var x509 = __toESM(require("@peculiar/x509"));
+var import_node_crypto5 = __toESM(require("crypto"));
 var import_webcrypto = require("@peculiar/webcrypto");
-var import_crypto3 = __toESM(require("crypto"));
+var x509 = __toESM(require("@peculiar/x509"));
 var x5092 = __toESM(require("@peculiar/x509"));
 var doDebug2 = false;
 var _crypto;
 var ignoreCrypto = process.env.IGNORE_SUBTLE_FROM_CRYPTO;
 if (typeof window === "undefined") {
-  _crypto = import_crypto3.default;
+  _crypto = import_node_crypto5.default;
   if (!_crypto?.subtle || ignoreCrypto) {
     _crypto = new import_webcrypto.Crypto();
     doDebug2 && console.warn("using @peculiar/webcrypto");
@@ -333,7 +217,7 @@ if (typeof window === "undefined") {
   x509.cryptoProvider.set(crypto);
 }
 function getCrypto() {
-  return _crypto || crypto || require("crypto");
+  return _crypto || crypto || import_node_crypto5.default;
 }
 // source/x509/create_key_pair.ts
@@ -4047,20 +3931,142 @@ var AsnSchemaStorage = class {
 var schemaStorage = new AsnSchemaStorage();
 // source_nodejs/generate_private_key_filename.ts
-var import_jsrsasign3 = __toESM(require("jsrsasign"));
 async function generatePrivateKeyFile(privateKeyFilename, modulusLength) {
   const keys = await generateKeyPair(modulusLength);
   const privateKeyPem = await privateKeyToPEM(keys.privateKey);
-  await import_node_fs4.default.promises.writeFile(privateKeyFilename, privateKeyPem.privPem, "utf-8");
+  await import_node_fs.default.promises.writeFile(privateKeyFilename, privateKeyPem.privPem, "utf-8");
   privateKeyPem.privPem = "";
   privateKeyPem.privDer = new ArrayBuffer(0);
 }
 async function generatePrivateKeyFileAlternate(privateKeyFilename, modulusLength) {
   const kp = import_jsrsasign3.default.KEYUTIL.generateKeypair("RSA", modulusLength);
   const prv = kp.prvKeyObj;
-  const pub = kp.pubKeyObj;
+  const _pub = kp.pubKeyObj;
   const prvpem = import_jsrsasign3.default.KEYUTIL.getPEM(prv, "PKCS8PRV");
-  await import_node_fs4.default.promises.writeFile(privateKeyFilename, prvpem, "utf-8");
+  await import_node_fs.default.promises.writeFile(privateKeyFilename, prvpem, "utf-8");
+}
+// source_nodejs/read.ts
+var import_node_assert8 = __toESM(require("assert"));
+var import_node_crypto6 = require("crypto");
+var import_node_fs2 = __toESM(require("fs"));
+var import_node_path = __toESM(require("path"));
+var import_sshpk = __toESM(require("sshpk"));
+function _readPemFile(filename) {
+  (0, import_node_assert8.default)(typeof filename === "string");
+  return removeTrailingLF(import_node_fs2.default.readFileSync(filename, "utf-8"));
+}
+function _readPemOrDerFileAsDER(filename) {
+  if (filename.match(/.*\.der/)) {
+    return import_node_fs2.default.readFileSync(filename);
+  }
+  const raw_key = _readPemFile(filename);
+  return convertPEMtoDER(raw_key);
+}
+function readCertificate(filename) {
+  return _readPemOrDerFileAsDER(filename);
+}
+function readPublicKey(filename) {
+  if (filename.match(/.*\.der/)) {
+    const der = import_node_fs2.default.readFileSync(filename);
+    return (0, import_node_crypto6.createPublicKey)(der);
+  } else {
+    const raw_key = _readPemFile(filename);
+    return (0, import_node_crypto6.createPublicKey)(raw_key);
+  }
+}
+function myCreatePrivateKey(rawKey) {
+  if (!import_node_crypto6.createPrivateKey || process.env.NO_CREATE_PRIVATEKEY) {
+    if (Buffer.isBuffer(rawKey)) {
+      const pemKey = toPem(rawKey, "PRIVATE KEY");
+      (0, import_node_assert8.default)(["RSA PRIVATE KEY", "PRIVATE KEY"].indexOf(identifyPemType(pemKey)) >= 0);
+      return { hidden: pemKey };
+    }
+    return { hidden: ensureTrailingLF(rawKey) };
+  }
+  const backup = process.env.OPENSSL_CONF;
+  process.env.OPENSSL_CONF = "/dev/null";
+  const retValue = (0, import_node_crypto6.createPrivateKey)(rawKey);
+  process.env.OPENSSL_CONF = backup;
+  return { hidden: retValue };
+}
+function ensureTrailingLF(str) {
+  return str.match(/\n$/) ? str : `${str}
+`;
+}
+function readPrivateKey(filename) {
+  if (filename.match(/.*\.der/)) {
+    const der = import_node_fs2.default.readFileSync(filename);
+    return myCreatePrivateKey(der);
+  } else {
+    const raw_key = _readPemFile(filename);
+    return myCreatePrivateKey(raw_key);
+  }
+}
+function readCertificatePEM(filename) {
+  return _readPemFile(filename);
+}
+function readPublicKeyPEM(filename) {
+  return _readPemFile(filename);
+}
+function readPrivateKeyPEM(filename) {
+  return _readPemFile(filename);
+}
+var _g_certificate_store = "";
+function setCertificateStore(store) {
+  const old_store = _g_certificate_store;
+  _g_certificate_store = store;
+  return old_store;
+}
+function getCertificateStore() {
+  if (!_g_certificate_store) {
+    _g_certificate_store = import_node_path.default.join(__dirname, "../../certificates/");
+  }
+  return _g_certificate_store;
+}
+function readPrivateRsaKey(filename) {
+  if (!import_node_crypto6.createPrivateKey) {
+    throw new Error("createPrivateKey is not supported in this environment");
+  }
+  if (filename.substring(0, 1) !== "." && !import_node_fs2.default.existsSync(filename)) {
+    filename = import_node_path.default.join(getCertificateStore(), filename);
+  }
+  const content = import_node_fs2.default.readFileSync(filename, "utf8");
+  const sshKey = import_sshpk.default.parsePrivateKey(content, "auto");
+  const key = sshKey.toString("pkcs1");
+  const hidden = (0, import_node_crypto6.createPrivateKey)({ format: "pem", type: "pkcs1", key });
+  return { hidden };
+}
+function readPublicRsaKey(filename) {
+  if (filename.substring(0, 1) !== "." && !import_node_fs2.default.existsSync(filename)) {
+    filename = import_node_path.default.join(getCertificateStore(), filename);
+  }
+  const content = import_node_fs2.default.readFileSync(filename, "utf-8");
+  const sshKey = import_sshpk.default.parseKey(content, "ssh");
+  const key = sshKey.toString("pkcs1");
+  return (0, import_node_crypto6.createPublicKey)({ format: "pem", type: "pkcs1", key });
+}
+// source_nodejs/read_certificate_revocation_list.ts
+var import_node_fs3 = __toESM(require("fs"));
+async function readCertificateRevocationList(filename) {
+  const crl = await import_node_fs3.default.promises.readFile(filename);
+  if (crl[0] === 48 && crl[1] === 130) {
+    return crl;
+  }
+  const raw_crl = crl.toString();
+  return convertPEMtoDER(raw_crl);
+}
+// source_nodejs/read_certificate_signing_request.ts
+var import_node_fs4 = __toESM(require("fs"));
+async function readCertificateSigningRequest(filename) {
+  const csr = await import_node_fs4.default.promises.readFile(filename);
+  if (csr[0] === 48 && csr[1] === 130) {
+    return csr;
+  }
+  const raw_crl = csr.toString();
+  return convertPEMtoDER(raw_crl);
 }
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {