node-opcua-crypto 4.9.4 → 4.11.0

package/dist/source/index_web.mjs

@@ -4,28 +4,8 @@ import {
   RSA_PKCS1_OAEP_PADDING,
   RSA_PKCS1_PADDING,
   Subject,
-  TagType,
   _coercePrivateKey,
-  _findBlockAtIndex,
-  _getBlock,
-  _readAlgorithmIdentifier,
-  _readBitString,
-  _readBooleanValue,
-  _readDirectoryName,
-  _readECCAlgorithmIdentifier,
   _readExtension,
-  _readIntegerAsByteString,
-  _readIntegerValue,
-  _readListOfInteger,
-  _readLongIntegerValue,
-  _readObjectIdentifier,
-  _readOctetString,
-  _readSignatureValue,
-  _readSignatureValueBin,
-  _readStruct,
-  _readTime,
-  _readValue,
-  _readVersionValue,
   certificateMatchesPrivateKey,
   coerceCertificate,
   coerceCertificatePem,
@@ -34,7 +14,6 @@ import {
   coercePublicKeyPem,
   coerceRsaPublicKeyPem,
   combine_der,
-  compactDirectoryName,
   computeDerivedKeys,
   computePaddingFooter,
   convertPEMtoDER,
@@ -44,6 +23,7 @@ import {
   decryptBufferWithDerivedKeys,
   derToPrivateKey,
   encryptBufferWithDerivedKeys,
+  exploreAsn1,
   exploreCertificate,
   exploreCertificateInfo,
   exploreCertificateRevocationList,
@@ -51,7 +31,6 @@ import {
   explorePrivateKey,
   extractPublicKeyFromCertificate,
   extractPublicKeyFromCertificateSync,
-  formatBuffer2DigitHexWithColum,
   generateKeyPair,
   generatePrivateKey,
   hexDump,
@@ -60,9 +39,9 @@ import {
   makeMessageChunkSignature,
   makeMessageChunkSignatureWithDerivedKeys,
   makePrivateKeyFromPem,
+  makePrivateKeyThumbPrint,
   makePseudoRandomBuffer,
   makeSHA1Thumbprint,
-  parseBitString,
   pemToPrivateKey,
   privateDecrypt,
   privateDecrypt_long,
@@ -74,7 +53,6 @@ import {
   publicKeyAndPrivateKeyMatches,
   readCertificationRequestInfo,
   readNameForCrl,
-  readTag,
   readTbsCertificate,
   reduceLength,
   removePadding,
@@ -92,35 +70,15 @@ import {
   verifyChunkSignature,
   verifyChunkSignatureWithDerivedKeys,
   verifyMessageChunkSignature
-} from "../chunk-WLW5XUML.mjs";
+} from "../chunk-2RCYFHGG.mjs";
 export {
   CertificatePurpose,
   PaddingAlgorithm,
   RSA_PKCS1_OAEP_PADDING,
   RSA_PKCS1_PADDING,
   Subject,
-  TagType,
   _coercePrivateKey,
-  _findBlockAtIndex,
-  _getBlock,
-  _readAlgorithmIdentifier,
-  _readBitString,
-  _readBooleanValue,
-  _readDirectoryName,
-  _readECCAlgorithmIdentifier,
   _readExtension,
-  _readIntegerAsByteString,
-  _readIntegerValue,
-  _readListOfInteger,
-  _readLongIntegerValue,
-  _readObjectIdentifier,
-  _readOctetString,
-  _readSignatureValue,
-  _readSignatureValueBin,
-  _readStruct,
-  _readTime,
-  _readValue,
-  _readVersionValue,
   certificateMatchesPrivateKey,
   coerceCertificate,
   coerceCertificatePem,
@@ -129,7 +87,6 @@ export {
   coercePublicKeyPem,
   coerceRsaPublicKeyPem,
   combine_der,
-  compactDirectoryName,
   computeDerivedKeys,
   computePaddingFooter,
   convertPEMtoDER,
@@ -139,6 +96,7 @@ export {
   decryptBufferWithDerivedKeys,
   derToPrivateKey,
   encryptBufferWithDerivedKeys,
+  exploreAsn1,
   exploreCertificate,
   exploreCertificateInfo,
   exploreCertificateRevocationList,
@@ -146,7 +104,6 @@ export {
   explorePrivateKey,
   extractPublicKeyFromCertificate,
   extractPublicKeyFromCertificateSync,
-  formatBuffer2DigitHexWithColum,
   generateKeyPair,
   generatePrivateKey,
   hexDump,
@@ -155,9 +112,9 @@ export {
   makeMessageChunkSignature,
   makeMessageChunkSignatureWithDerivedKeys,
   makePrivateKeyFromPem,
+  makePrivateKeyThumbPrint,
   makePseudoRandomBuffer,
   makeSHA1Thumbprint,
-  parseBitString,
   pemToPrivateKey,
   privateDecrypt,
   privateDecrypt_long,
@@ -169,7 +126,6 @@ export {
   publicKeyAndPrivateKeyMatches,
   readCertificationRequestInfo,
   readNameForCrl,
-  readTag,
   readTbsCertificate,
   reduceLength,
   removePadding,

package/dist/source_nodejs/index.d.mts

@@ -9,7 +9,6 @@ declare function readCertificate(filename: string): Certificate;
  * read a DER or PEM certificate from file
  */
 declare function readPublicKey(filename: string): PublicKey;
-declare function makePrivateKeyThumbPrint(privateKey: PrivateKey): Buffer;
 /**
  * read a DER or PEM certificate from file
  */
@@ -43,4 +42,4 @@ declare function generatePrivateKeyFile(privateKeyFilename: string, modulusLengt
  */
 declare function generatePrivateKeyFileAlternate(privateKeyFilename: string, modulusLength: 2048 | 3072 | 4096): Promise<void>;
 
-export { type CertificateSigningRequest, generatePrivateKeyFile, generatePrivateKeyFileAlternate, getCertificateStore, makePrivateKeyThumbPrint, readCertificate, readCertificatePEM, readCertificateRevocationList, readCertificateSigningRequest, readPrivateKey, readPrivateKeyPEM, readPrivateRsaKey, readPublicKey, readPublicKeyPEM, readPublicRsaKey, setCertificateStore };
+export { type CertificateSigningRequest, generatePrivateKeyFile, generatePrivateKeyFileAlternate, getCertificateStore, readCertificate, readCertificatePEM, readCertificateRevocationList, readCertificateSigningRequest, readPrivateKey, readPrivateKeyPEM, readPrivateRsaKey, readPublicKey, readPublicKeyPEM, readPublicRsaKey, setCertificateStore };

package/dist/source_nodejs/index.d.ts

@@ -9,7 +9,6 @@ declare function readCertificate(filename: string): Certificate;
  * read a DER or PEM certificate from file
  */
 declare function readPublicKey(filename: string): PublicKey;
-declare function makePrivateKeyThumbPrint(privateKey: PrivateKey): Buffer;
 /**
  * read a DER or PEM certificate from file
  */
@@ -43,4 +42,4 @@ declare function generatePrivateKeyFile(privateKeyFilename: string, modulusLengt
  */
 declare function generatePrivateKeyFileAlternate(privateKeyFilename: string, modulusLength: 2048 | 3072 | 4096): Promise<void>;
 
-export { type CertificateSigningRequest, generatePrivateKeyFile, generatePrivateKeyFileAlternate, getCertificateStore, makePrivateKeyThumbPrint, readCertificate, readCertificatePEM, readCertificateRevocationList, readCertificateSigningRequest, readPrivateKey, readPrivateKeyPEM, readPrivateRsaKey, readPublicKey, readPublicKeyPEM, readPublicRsaKey, setCertificateStore };
+export { type CertificateSigningRequest, generatePrivateKeyFile, generatePrivateKeyFileAlternate, getCertificateStore, readCertificate, readCertificatePEM, readCertificateRevocationList, readCertificateSigningRequest, readPrivateKey, readPrivateKeyPEM, readPrivateRsaKey, readPublicKey, readPublicKeyPEM, readPublicRsaKey, setCertificateStore };

package/dist/source_nodejs/index.js

@@ -33,7 +33,6 @@ __export(source_nodejs_exports, {
   generatePrivateKeyFile: () => generatePrivateKeyFile,
   generatePrivateKeyFileAlternate: () => generatePrivateKeyFileAlternate,
   getCertificateStore: () => getCertificateStore,
-  makePrivateKeyThumbPrint: () => makePrivateKeyThumbPrint,
   readCertificate: () => readCertificate,
   readCertificatePEM: () => readCertificatePEM,
   readCertificateRevocationList: () => readCertificateRevocationList,
@@ -50,8 +49,8 @@ module.exports = __toCommonJS(source_nodejs_exports);
 
 // source_nodejs/read.ts
 var import_assert4 = __toESM(require("assert"));
-var import_fs = __toESM(require("fs"));
-var import_path = __toESM(require("path"));
+var import_node_fs = __toESM(require("fs"));
+var import_node_path = __toESM(require("path"));
 var import_crypto = require("crypto");
 
 // source/crypto_utils.ts
@@ -70,8 +69,7 @@ var import_assert2 = __toESM(require("assert"));
 // source/asn1.ts
 var import_assert = __toESM(require("assert"));
 function readTag(buf, pos) {
-  (0, import_assert.default)(buf instanceof Buffer);
-  (0, import_assert.default)(Number.isFinite(pos) && pos >= 0);
+  const start = pos;
   if (buf.length <= pos) {
     throw new Error("Invalid position : buf.length=" + buf.length + " pos =" + pos);
   }
@@ -87,7 +85,7 @@ function readTag(buf, pos) {
       pos += 1;
     }
   }
-  return { tag, position: pos, length };
+  return { start, tag, position: pos, length };
 }
 
 // source/crypto_explore_certificate.ts
@@ -174,11 +172,11 @@ var RSA_PKCS1_PADDING = import_constants.default.RSA_PKCS1_PADDING;
 var import_sshpk = __toESM(require("sshpk"));
 function _readPemFile(filename) {
   (0, import_assert4.default)(typeof filename === "string");
-  return removeTrailingLF(import_fs.default.readFileSync(filename, "utf-8"));
+  return removeTrailingLF(import_node_fs.default.readFileSync(filename, "utf-8"));
 }
 function _readPemOrDerFileAsDER(filename) {
   if (filename.match(/.*\.der/)) {
-    return import_fs.default.readFileSync(filename);
+    return import_node_fs.default.readFileSync(filename);
   }
   const raw_key = _readPemFile(filename);
   return convertPEMtoDER(raw_key);
@@ -188,7 +186,7 @@ function readCertificate(filename) {
 }
 function readPublicKey(filename) {
   if (filename.match(/.*\.der/)) {
-    const der = import_fs.default.readFileSync(filename);
+    const der = import_node_fs.default.readFileSync(filename);
     return (0, import_crypto.createPublicKey)(der);
   } else {
     const raw_key = _readPemFile(filename);
@@ -210,15 +208,12 @@ function myCreatePrivateKey(rawKey) {
   process.env.OPENSSL_CONF = backup;
   return { hidden: retValue };
 }
-function makePrivateKeyThumbPrint(privateKey) {
-  return Buffer.alloc(0);
-}
 function ensureTrailingLF(str) {
   return str.match(/\n$/) ? str : str + "\n";
 }
 function readPrivateKey(filename) {
   if (filename.match(/.*\.der/)) {
-    const der = import_fs.default.readFileSync(filename);
+    const der = import_node_fs.default.readFileSync(filename);
     return myCreatePrivateKey(der);
   } else {
     const raw_key = _readPemFile(filename);
@@ -242,7 +237,7 @@ function setCertificateStore(store) {
 }
 function getCertificateStore() {
   if (!_g_certificate_store) {
-    _g_certificate_store = import_path.default.join(__dirname, "../../certificates/");
+    _g_certificate_store = import_node_path.default.join(__dirname, "../../certificates/");
   }
   return _g_certificate_store;
 }
@@ -250,30 +245,29 @@ function readPrivateRsaKey(filename) {
   if (!import_crypto.createPrivateKey) {
     throw new Error("createPrivateKey is not supported in this environment");
   }
-  if (filename.substring(0, 1) !== "." && !import_fs.default.existsSync(filename)) {
-    filename = import_path.default.join(getCertificateStore(), filename);
+  if (filename.substring(0, 1) !== "." && !import_node_fs.default.existsSync(filename)) {
+    filename = import_node_path.default.join(getCertificateStore(), filename);
   }
-  const content = import_fs.default.readFileSync(filename, "utf8");
+  const content = import_node_fs.default.readFileSync(filename, "utf8");
   const sshKey = import_sshpk.default.parsePrivateKey(content, "auto");
   const key = sshKey.toString("pkcs1");
   const hidden = (0, import_crypto.createPrivateKey)({ format: "pem", type: "pkcs1", key });
   return { hidden };
 }
 function readPublicRsaKey(filename) {
-  if (filename.substring(0, 1) !== "." && !import_fs.default.existsSync(filename)) {
-    filename = import_path.default.join(getCertificateStore(), filename);
+  if (filename.substring(0, 1) !== "." && !import_node_fs.default.existsSync(filename)) {
+    filename = import_node_path.default.join(getCertificateStore(), filename);
   }
-  const content = import_fs.default.readFileSync(filename, "utf-8");
+  const content = import_node_fs.default.readFileSync(filename, "utf-8");
   const sshKey = import_sshpk.default.parseKey(content, "ssh");
   const key = sshKey.toString("pkcs1");
   return (0, import_crypto.createPublicKey)({ format: "pem", type: "pkcs1", key });
 }
 
 // source_nodejs/read_certificate_revocation_list.ts
-var import_fs2 = __toESM(require("fs"));
-var import_util = require("util");
+var import_node_fs2 = __toESM(require("fs"));
 async function readCertificateRevocationList(filename) {
-  const crl = await (0, import_util.promisify)(import_fs2.default.readFile)(filename);
+  const crl = await import_node_fs2.default.promises.readFile(filename);
   if (crl[0] === 48 && crl[1] === 130) {
     return crl;
   }
@@ -282,10 +276,9 @@ async function readCertificateRevocationList(filename) {
 }
 
 // source_nodejs/read_certificate_signing_request.ts
-var import_fs3 = __toESM(require("fs"));
-var import_util2 = require("util");
+var import_node_fs3 = __toESM(require("fs"));
 async function readCertificateSigningRequest(filename) {
-  const csr = await (0, import_util2.promisify)(import_fs3.default.readFile)(filename);
+  const csr = await import_node_fs3.default.promises.readFile(filename);
   if (csr[0] === 48 && csr[1] === 130) {
     return csr;
   }
@@ -294,25 +287,25 @@ async function readCertificateSigningRequest(filename) {
 }
 
 // source_nodejs/generate_private_key_filename.ts
-var import_fs4 = __toESM(require("fs"));
+var import_node_fs4 = __toESM(require("fs"));
+
+// source/explore_private_key.ts
+var doDebug = !!process.env.DEBUG;
 
 // source/common.ts
 var import_crypto2 = __toESM(require("crypto"));
 var KeyObjectOrig = import_crypto2.default.KeyObject;
 var { createPrivateKey: createPrivateKeyFromNodeJSCrypto } = import_crypto2.default;
 
-// source/derived_keys.ts
-var import_assert6 = __toESM(require("assert"));
-
-// source/explore_certificate.ts
+// source/crypto_utils2.ts
 var import_assert5 = __toESM(require("assert"));
+var import_jsrsasign2 = __toESM(require("jsrsasign"));
 
-// source/crypto_utils2.ts
+// source/derived_keys.ts
 var import_assert7 = __toESM(require("assert"));
-var import_jsrsasign2 = __toESM(require("jsrsasign"));
 
-// source/explore_private_key.ts
-var doDebug = !!process.env.DEBUG;
+// source/explore_certificate.ts
+var import_assert6 = __toESM(require("assert"));
 
 // source/x509/_crypto.ts
 var x509 = __toESM(require("@peculiar/x509"));
@@ -359,6 +352,9 @@ async function privateKeyToPEM(privateKey) {
   return { privPem, privDer };
 }
 
+// source/x509/coerce_private_key.ts
+var crypto2 = getCrypto();
+
 // source/x509/_get_attributes.ts
 var keyUsageApplication = x5092.KeyUsageFlags.keyEncipherment | x5092.KeyUsageFlags.nonRepudiation | x5092.KeyUsageFlags.dataEncipherment | x5092.KeyUsageFlags.keyCertSign | x5092.KeyUsageFlags.digitalSignature;
 var keyUsageCA = x5092.KeyUsageFlags.keyCertSign | x5092.KeyUsageFlags.cRLSign;
@@ -4064,15 +4060,12 @@ var AsnSchemaStorage = class {
 // ../../node_modules/@peculiar/asn1-schema/build/es2015/storage.js
 var schemaStorage = new AsnSchemaStorage();
 
-// source/x509/coerce_private_key.ts
-var crypto2 = getCrypto();
-
 // source_nodejs/generate_private_key_filename.ts
 var import_jsrsasign3 = __toESM(require("jsrsasign"));
 async function generatePrivateKeyFile(privateKeyFilename, modulusLength) {
   const keys = await generateKeyPair(modulusLength);
   const privateKeyPem = await privateKeyToPEM(keys.privateKey);
-  await import_fs4.default.promises.writeFile(privateKeyFilename, privateKeyPem.privPem, "utf-8");
+  await import_node_fs4.default.promises.writeFile(privateKeyFilename, privateKeyPem.privPem, "utf-8");
   privateKeyPem.privPem = "";
   privateKeyPem.privDer = new Uint8Array(0);
 }
@@ -4081,14 +4074,13 @@ async function generatePrivateKeyFileAlternate(privateKeyFilename, modulusLength
   const prv = kp.prvKeyObj;
   const pub = kp.pubKeyObj;
   const prvpem = import_jsrsasign3.default.KEYUTIL.getPEM(prv, "PKCS8PRV");
-  await import_fs4.default.promises.writeFile(privateKeyFilename, prvpem, "utf-8");
+  await import_node_fs4.default.promises.writeFile(privateKeyFilename, prvpem, "utf-8");
 }
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   generatePrivateKeyFile,
   generatePrivateKeyFileAlternate,
   getCertificateStore,
-  makePrivateKeyThumbPrint,
   readCertificate,
   readCertificatePEM,
   readCertificateRevocationList,