node-opcua-crypto 5.1.0 → 5.3.0

package/dist/chunk-7GWSCCWS.cjs

@@ -0,0 +1,208 @@
+"use strict";Object.defineProperty(exports, "__esModule", {value: true}); function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
+
+
+
+
+
+
+var _chunkERHE4VFScjs = require('./chunk-ERHE4VFS.cjs');
+
+// source_nodejs/generate_private_key_filename.ts
+var _crypto = require('crypto');
+var _fs = require('fs'); var _fs2 = _interopRequireDefault(_fs);
+async function generatePrivateKeyFile(privateKeyFilename, modulusLength) {
+  const keys = await _chunkERHE4VFScjs.generateKeyPair.call(void 0, modulusLength);
+  const privateKeyPem = await _chunkERHE4VFScjs.privateKeyToPEM.call(void 0, keys.privateKey);
+  await _fs2.default.promises.writeFile(privateKeyFilename, privateKeyPem.privPem, "utf-8");
+  privateKeyPem.privPem = "";
+  privateKeyPem.privDer = new ArrayBuffer(0);
+}
+async function generatePrivateKeyFileAlternate(privateKeyFilename, modulusLength) {
+  const { privateKey } = _crypto.generateKeyPairSync.call(void 0, "rsa", {
+    modulusLength,
+    privateKeyEncoding: { type: "pkcs8", format: "pem" },
+    publicKeyEncoding: { type: "spki", format: "pem" }
+  });
+  await _fs2.default.promises.writeFile(privateKeyFilename, privateKey, "utf-8");
+}
+
+// source_nodejs/read.ts
+var _assert = require('assert'); var _assert2 = _interopRequireDefault(_assert);
+
+
+var _path = require('path'); var _path2 = _interopRequireDefault(_path);
+var _sshpk = require('sshpk'); var _sshpk2 = _interopRequireDefault(_sshpk);
+function _readPemFile(filename) {
+  _assert2.default.call(void 0, typeof filename === "string");
+  return _chunkERHE4VFScjs.removeTrailingLF.call(void 0, _fs2.default.readFileSync(filename, "utf-8"));
+}
+function _readPemOrDerFileAsDER(filename) {
+  if (filename.match(/.*\.der/)) {
+    return _fs2.default.readFileSync(filename);
+  }
+  const raw_key = _readPemFile(filename);
+  return _chunkERHE4VFScjs.convertPEMtoDER.call(void 0, raw_key);
+}
+function readCertificate(filename) {
+  return _readPemOrDerFileAsDER(filename);
+}
+async function readCertificateAsync(filename) {
+  const buf = await _fs2.default.promises.readFile(filename);
+  if (filename.match(/.*\.der/)) {
+    return buf;
+  }
+  const raw_key = _chunkERHE4VFScjs.removeTrailingLF.call(void 0, buf.toString("utf-8"));
+  return _chunkERHE4VFScjs.convertPEMtoDER.call(void 0, raw_key);
+}
+function readPublicKey(filename) {
+  if (filename.match(/.*\.der/)) {
+    const der = _fs2.default.readFileSync(filename);
+    return _crypto.createPublicKey.call(void 0, der);
+  } else {
+    const raw_key = _readPemFile(filename);
+    return _crypto.createPublicKey.call(void 0, raw_key);
+  }
+}
+async function readPublicKeyAsync(filename) {
+  const buf = await _fs2.default.promises.readFile(filename);
+  if (filename.match(/.*\.der/)) {
+    return _crypto.createPublicKey.call(void 0, buf);
+  }
+  return _crypto.createPublicKey.call(void 0, _chunkERHE4VFScjs.removeTrailingLF.call(void 0, buf.toString("utf-8")));
+}
+function myCreatePrivateKey(rawKey) {
+  if (!_crypto.createPrivateKey || process.env.NO_CREATE_PRIVATEKEY) {
+    if (Buffer.isBuffer(rawKey)) {
+      const pemKey = _chunkERHE4VFScjs.toPem.call(void 0, rawKey, "PRIVATE KEY");
+      _assert2.default.call(void 0, ["RSA PRIVATE KEY", "PRIVATE KEY"].indexOf(_chunkERHE4VFScjs.identifyPemType.call(void 0, pemKey)) >= 0);
+      return { hidden: pemKey };
+    }
+    return { hidden: ensureTrailingLF(rawKey) };
+  }
+  const backup = process.env.OPENSSL_CONF;
+  process.env.OPENSSL_CONF = "/dev/null";
+  const retValue = _crypto.createPrivateKey.call(void 0, rawKey);
+  process.env.OPENSSL_CONF = backup;
+  return { hidden: retValue };
+}
+function ensureTrailingLF(str) {
+  return str.match(/\n$/) ? str : `${str}
+`;
+}
+function readPrivateKey(filename) {
+  if (filename.match(/.*\.der/)) {
+    const der = _fs2.default.readFileSync(filename);
+    return myCreatePrivateKey(der);
+  } else {
+    const raw_key = _readPemFile(filename);
+    return myCreatePrivateKey(raw_key);
+  }
+}
+async function readPrivateKeyAsync(filename) {
+  const buf = await _fs2.default.promises.readFile(filename);
+  if (filename.match(/.*\.der/)) {
+    return myCreatePrivateKey(buf);
+  }
+  return myCreatePrivateKey(_chunkERHE4VFScjs.removeTrailingLF.call(void 0, buf.toString("utf-8")));
+}
+function readCertificatePEM(filename) {
+  return _readPemFile(filename);
+}
+async function readCertificatePEMAsync(filename) {
+  const buf = await _fs2.default.promises.readFile(filename, "utf-8");
+  return _chunkERHE4VFScjs.removeTrailingLF.call(void 0, buf);
+}
+function readPublicKeyPEM(filename) {
+  return _readPemFile(filename);
+}
+async function readPublicKeyPEMAsync(filename) {
+  const buf = await _fs2.default.promises.readFile(filename, "utf-8");
+  return _chunkERHE4VFScjs.removeTrailingLF.call(void 0, buf);
+}
+function readPrivateKeyPEM(filename) {
+  return _readPemFile(filename);
+}
+async function readPrivateKeyPEMAsync(filename) {
+  const buf = await _fs2.default.promises.readFile(filename, "utf-8");
+  return _chunkERHE4VFScjs.removeTrailingLF.call(void 0, buf);
+}
+var _g_certificate_store = "";
+function setCertificateStore(store) {
+  const old_store = _g_certificate_store;
+  _g_certificate_store = store;
+  return old_store;
+}
+function getCertificateStore() {
+  if (!_g_certificate_store) {
+    _g_certificate_store = _path2.default.join(__dirname, "../../certificates/");
+  }
+  return _g_certificate_store;
+}
+function readPrivateRsaKey(filename) {
+  if (!_crypto.createPrivateKey) {
+    throw new Error("createPrivateKey is not supported in this environment");
+  }
+  if (filename.substring(0, 1) !== "." && !_fs2.default.existsSync(filename)) {
+    filename = _path2.default.join(getCertificateStore(), filename);
+  }
+  const content = _fs2.default.readFileSync(filename, "utf8");
+  const sshKey = _sshpk2.default.parsePrivateKey(content, "auto");
+  const key = sshKey.toString("pkcs1");
+  const hidden = _crypto.createPrivateKey.call(void 0, { format: "pem", type: "pkcs1", key });
+  return { hidden };
+}
+function readPublicRsaKey(filename) {
+  if (filename.substring(0, 1) !== "." && !_fs2.default.existsSync(filename)) {
+    filename = _path2.default.join(getCertificateStore(), filename);
+  }
+  const content = _fs2.default.readFileSync(filename, "utf-8");
+  const sshKey = _sshpk2.default.parseKey(content, "ssh");
+  const key = sshKey.toString("pkcs1");
+  return _crypto.createPublicKey.call(void 0, { format: "pem", type: "pkcs1", key });
+}
+
+// source_nodejs/read_certificate_revocation_list.ts
+
+async function readCertificateRevocationList(filename) {
+  const crl = await _fs2.default.promises.readFile(filename);
+  if (crl[0] === 48 && crl[1] === 130) {
+    return crl;
+  }
+  const raw_crl = crl.toString();
+  return _chunkERHE4VFScjs.convertPEMtoDER.call(void 0, raw_crl);
+}
+
+// source_nodejs/read_certificate_signing_request.ts
+
+async function readCertificateSigningRequest(filename) {
+  const csr = await _fs2.default.promises.readFile(filename);
+  if (csr[0] === 48 && csr[1] === 130) {
+    return csr;
+  }
+  const raw_crl = csr.toString();
+  return _chunkERHE4VFScjs.convertPEMtoDER.call(void 0, raw_crl);
+}
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+exports.generatePrivateKeyFile = generatePrivateKeyFile; exports.generatePrivateKeyFileAlternate = generatePrivateKeyFileAlternate; exports.readCertificate = readCertificate; exports.readCertificateAsync = readCertificateAsync; exports.readPublicKey = readPublicKey; exports.readPublicKeyAsync = readPublicKeyAsync; exports.readPrivateKey = readPrivateKey; exports.readPrivateKeyAsync = readPrivateKeyAsync; exports.readCertificatePEM = readCertificatePEM; exports.readCertificatePEMAsync = readCertificatePEMAsync; exports.readPublicKeyPEM = readPublicKeyPEM; exports.readPublicKeyPEMAsync = readPublicKeyPEMAsync; exports.readPrivateKeyPEM = readPrivateKeyPEM; exports.readPrivateKeyPEMAsync = readPrivateKeyPEMAsync; exports.setCertificateStore = setCertificateStore; exports.getCertificateStore = getCertificateStore; exports.readPrivateRsaKey = readPrivateRsaKey; exports.readPublicRsaKey = readPublicRsaKey; exports.readCertificateRevocationList = readCertificateRevocationList; exports.readCertificateSigningRequest = readCertificateSigningRequest;
+//# sourceMappingURL=chunk-7GWSCCWS.cjs.map

package/dist/chunk-7GWSCCWS.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["/home/runner/work/node-opcua-crypto/node-opcua-crypto/packages/node-opcua-crypto/dist/chunk-7GWSCCWS.cjs","../source_nodejs/generate_private_key_filename.ts","../source_nodejs/read.ts","../source_nodejs/read_certificate_revocation_list.ts","../source_nodejs/read_certificate_signing_request.ts"],"names":["fs"],"mappings":"AAAA;AACE;AACA;AACA;AACA;AACA;AACA;AACF,wDAA6B;AAC7B;AACA;ACcA,gCAAoC;AACpC,gEAAe;AAEf,MAAA,SAAsB,sBAAA,CAAuB,kBAAA,EAA4B,aAAA,EAA0C;AAC/G,EAAA,MAAM,KAAA,EAAO,MAAM,+CAAA,aAA6B,CAAA;AAChD,EAAA,MAAM,cAAA,EAAgB,MAAM,+CAAA,IAAgB,CAAK,UAAU,CAAA;AAC3D,EAAA,MAAM,YAAA,CAAG,QAAA,CAAS,SAAA,CAAU,kBAAA,EAAoB,aAAA,CAAc,OAAA,EAAS,OAAO,CAAA;AAC9E,EAAA,aAAA,CAAc,QAAA,EAAU,EAAA;AACxB,EAAA,aAAA,CAAc,QAAA,EAAU,IAAI,WAAA,CAAY,CAAC,CAAA;AAC7C;AAQA,MAAA,SAAsB,+BAAA,CAAgC,kBAAA,EAA4B,aAAA,EAAmC;AACjH,EAAA,MAAM,EAAE,WAAW,EAAA,EAAI,yCAAA,KAAoB,EAAO;AAAA,IAC9C,aAAA;AAAA,IACA,kBAAA,EAAoB,EAAE,IAAA,EAAM,OAAA,EAAS,MAAA,EAAQ,MAAM,CAAA;AAAA,IACnD,iBAAA,EAAmB,EAAE,IAAA,EAAM,MAAA,EAAQ,MAAA,EAAQ,MAAM;AAAA,EACrD,CAAC,CAAA;AACD,EAAA,MAAM,YAAA,CAAG,QAAA,CAAS,SAAA,CAAU,kBAAA,EAAoB,UAAA,EAAY,OAAO,CAAA;AACvE;ADpBA;AACA;AELA,gFAAmB;AACnB;AACA;AACA,wEAAiB;AACjB,4EAAkB;AAclB,SAAS,YAAA,CAAa,QAAA,EAAuB;AACzC,EAAA,8BAAA,OAAc,SAAA,IAAa,QAAQ,CAAA;AACnC,EAAA,OAAO,gDAAA,YAAiBA,CAAG,YAAA,CAAa,QAAA,EAAU,OAAO,CAAC,CAAA;AAC9D;AAEA,SAAS,sBAAA,CAAuB,QAAA,EAAuB;AACnD,EAAA,GAAA,CAAI,QAAA,CAAS,KAAA,CAAM,SAAS,CAAA,EAAG;AAC3B,IAAA,OAAOA,YAAAA,CAAG,YAAA,CAAa,QAAQ,CAAA;AAAA,EACnC;AACA,EAAA,MAAM,QAAA,EAAkB,YAAA,CAAa,QAAQ,CAAA;AAC7C,EAAA,OAAO,+CAAA,OAAuB,CAAA;AAClC;AAKO,SAAS,eAAA,CAAgB,QAAA,EAA+B;AAC3D,EAAA,OAAO,sBAAA,CAAuB,QAAQ,CAAA;AAC1C;AAOA,MAAA,SAAsB,oBAAA,CAAqB,QAAA,EAAwC;AAC/E,EAAA,MAAM,IAAA,EAAM,MAAMA,YAAAA,CAAG,QAAA,CAAS,QAAA,CAAS,QAAQ,CAAA;AAC/C,EAAA,GAAA,CAAI,QAAA,CAAS,KAAA,CAAM,SAAS,CAAA,EAAG;AAC3B,IAAA,OAAO,GAAA;AAAA,EACX;AACA,EAAA,MAAM,QAAA,EAAU,gDAAA,GAAiB,CAAI,QAAA,CAAS,OAAO,CAAC,CAAA;AACtD,EAAA,OAAO,+CAAA,OAAuB,CAAA;AAClC;AAKO,SAAS,aAAA,CAAc,QAAA,EAA6B;AACvD,EAAA,GAAA,CAAI,QAAA,CAAS,KAAA,CAAM,SAAS,CAAA,EAAG;AAC3B,IAAA,MAAM,IAAA,EAAMA,YAAAA,CAAG,YAAA,CAAa,QAAQ,CAAA;AACpC,IAAA,OAAO,qCAAA,GAAmB,CAAA;AAAA,EAC9B,EAAA,KAAO;AACH,IAAA,MAAM,QAAA,EAAkB,YAAA,CAAa,QAAQ,CAAA;AAC7C,IAAA,OAAO,qCAAA,OAAuB,CAAA;AAAA,EAClC;AACJ;AAKA,MAAA,SAAsB,kBAAA,CAAmB,QAAA,EAAsC;AAC3E,EAAA,MAAM,IAAA,EAAM,MAAMA,YAAAA,CAAG,QAAA,CAAS,QAAA,CAAS,QAAQ,CAAA;AAC/C,EAAA,GAAA,CAAI,QAAA,CAAS,KAAA,CAAM,SAAS,CAAA,EAAG;AAC3B,IAAA,OAAO,qCAAA,GAAmB,CAAA;AAAA,EAC9B;AACA,EAAA,OAAO,qCAAA,gDAAgB,GAAiB,CAAI,QAAA,CAAS,OAAO,CAAC,CAAC,CAAA;AAClE;AAIA,SAAS,kBAAA,CAAmB,MAAA,EAAqC;AAC7D,EAAA,GAAA,CAAI,CAAC,yBAAA,GAAoB,OAAA,CAAQ,GAAA,CAAI,oBAAA,EAAsB;AAEvD,IAAA,GAAA,CAAI,MAAA,CAAO,QAAA,CAAS,MAAM,CAAA,EAAG;AACzB,MAAA,MAAM,OAAA,EAAS,qCAAA,MAAM,EAAQ,aAAa,CAAA;AAC1C,MAAA,8BAAA,CAAQ,iBAAA,EAAmB,aAAa,CAAA,CAAE,OAAA,CAAQ,+CAAA,MAAsB,CAAW,EAAA,GAAK,CAAC,CAAA;AACzF,MAAA,OAAO,EAAE,MAAA,EAAQ,OAAO,CAAA;AAAA,IAC5B;AACA,IAAA,OAAO,EAAE,MAAA,EAAQ,gBAAA,CAAiB,MAAgB,EAAE,CAAA;AAAA,EACxD;AAEA,EAAA,MAAM,OAAA,EAAS,OAAA,CAAQ,GAAA,CAAI,YAAA;AAC3B,EAAA,OAAA,CAAQ,GAAA,CAAI,aAAA,EAAe,WAAA;AAC3B,EAAA,MAAM,SAAA,EAAW,sCAAA,MAAuB,CAAA;AACxC,EAAA,OAAA,CAAQ,GAAA,CAAI,aAAA,EAAe,MAAA;AAC3B,EAAA,OAAO,EAAE,MAAA,EAAQ,SAAS,CAAA;AAC9B;AAEA,SAAS,gBAAA,CAAiB,GAAA,EAAqB;AAC3C,EAAA,OAAO,GAAA,CAAI,KAAA,CAAM,KAAK,EAAA,EAAI,IAAA,EAAM,CAAA,EAAA;AAAM;AAC1C;AAI6D;AAC1B,EAAA;AACS,IAAA;AACP,IAAA;AAC1B,EAAA;AACkC,IAAA;AACX,IAAA;AAC9B,EAAA;AACJ;AAK0C;AACR,EAAA;AACC,EAAA;AACE,IAAA;AACjC,EAAA;AAC0B,EAAA;AAC9B;AAEmC;AACH,EAAA;AAChC;AAKsB;AACY,EAAA;AACH,EAAA;AAC/B;AAEiC;AACD,EAAA;AAChC;AAKsB;AACY,EAAA;AACH,EAAA;AAC/B;AAKkC;AACF,EAAA;AAChC;AAMsB;AACY,EAAA;AACH,EAAA;AAC/B;AAEmC;AAEC;AACd,EAAA;AACK,EAAA;AAChB,EAAA;AACX;AAC8C;AACf,EAAA;AACK,IAAA;AAChC,EAAA;AACO,EAAA;AACX;AAKkC;AACP,EAAA;AACH,IAAA;AACpB,EAAA;AACiC,EAAA;AACR,IAAA;AACzB,EAAA;AACgC,EAAA;AACX,EAAA;AACO,EAAA;AACI,EAAA;AAChB,EAAA;AACpB;AAEiC;AACI,EAAA;AACR,IAAA;AACzB,EAAA;AACgC,EAAA;AACF,EAAA;AACF,EAAA;AACK,EAAA;AACrC;AF/DmC;AACA;AG5IpB;AAIO;AACY,EAAA;AACI,EAAA;AAEvB,IAAA;AACX,EAAA;AAC6B,EAAA;AACC,EAAA;AAClC;AH0ImC;AACA;AIvJpB;AAMO;AACY,EAAA;AACI,EAAA;AAEvB,IAAA;AACX,EAAA;AAC6B,EAAA;AACC,EAAA;AAClC;AJmJmC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA","file":"/home/runner/work/node-opcua-crypto/node-opcua-crypto/packages/node-opcua-crypto/dist/chunk-7GWSCCWS.cjs","sourcesContent":[null,"// ---------------------------------------------------------------------------------------------------------------------\n// node-opcua-crypto\n// ---------------------------------------------------------------------------------------------------------------------\n// Copyright (c) 2014-2022 - Etienne Rossignon - etienne.rossignon (at) gadz.org\n// Copyright (c) 2022-2026 - Sterfive.com\n// ---------------------------------------------------------------------------------------------------------------------\n//\n// This  project is licensed under the terms of the MIT license.\n//\n// Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated\n// documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the\n// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to\n// permit persons to whom the Software is furnished to do so,  subject to the following conditions:\n//\n// The above copyright notice and this permission notice shall be included in all copies or substantial portions of the\n// Software.\n//\n// THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE\n// WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR\n// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR\n// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n// ---------------------------------------------------------------------------------------------------------------------\n\nimport { generateKeyPairSync } from \"node:crypto\";\nimport fs from \"node:fs\";\nimport { generateKeyPair, privateKeyToPEM } from \"../source/index.js\";\nexport async function generatePrivateKeyFile(privateKeyFilename: string, modulusLength: 1024 | 2048 | 3072 | 4096) {\n    const keys = await generateKeyPair(modulusLength);\n    const privateKeyPem = await privateKeyToPEM(keys.privateKey);\n    await fs.promises.writeFile(privateKeyFilename, privateKeyPem.privPem, \"utf-8\");\n    privateKeyPem.privPem = \"\";\n    privateKeyPem.privDer = new ArrayBuffer(0);\n}\n\n/**\n * alternate function to generate PrivateKeyFile, using native\n * node:crypto.\n *\n * This function is slower than generatePrivateKeyFile\n */\nexport async function generatePrivateKeyFileAlternate(privateKeyFilename: string, modulusLength: 2048 | 3072 | 4096) {\n    const { privateKey } = generateKeyPairSync(\"rsa\", {\n        modulusLength,\n        privateKeyEncoding: { type: \"pkcs8\", format: \"pem\" },\n        publicKeyEncoding: { type: \"spki\", format: \"pem\" },\n    });\n    await fs.promises.writeFile(privateKeyFilename, privateKey, \"utf-8\");\n}\n","// ---------------------------------------------------------------------------------------------------------------------\n// node-opcua-crypto\n// ---------------------------------------------------------------------------------------------------------------------\n// Copyright (c) 2014-2022 - Etienne Rossignon - etienne.rossignon (at) gadz.org\n// Copyright (c) 2022-2026 - Sterfive.com\n// ---------------------------------------------------------------------------------------------------------------------\n//\n// This  project is licensed under the terms of the MIT license.\n//\n// Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated\n// documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the\n// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to\n// permit persons to whom the Software is furnished to do so,  subject to the following conditions:\n//\n// The above copyright notice and this permission notice shall be included in all copies or substantial portions of the\n// Software.\n//\n// THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE\n// WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR\n// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR\n// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n// ---------------------------------------------------------------------------------------------------------------------\n\nimport assert from \"node:assert\";\nimport { createPrivateKey, createPublicKey } from \"node:crypto\";\nimport fs from \"node:fs\";\nimport path from \"node:path\";\nimport sshpk from \"sshpk\";\nimport type {\n    Certificate,\n    CertificatePEM,\n    DER,\n    KeyObject,\n    PEM,\n    PrivateKey,\n    PrivateKeyPEM,\n    PublicKey,\n    PublicKeyPEM,\n} from \"../source/common.js\";\nimport { convertPEMtoDER, identifyPemType, removeTrailingLF, toPem } from \"../source/crypto_utils.js\";\n\nfunction _readPemFile(filename: string): PEM {\n    assert(typeof filename === \"string\");\n    return removeTrailingLF(fs.readFileSync(filename, \"utf-8\"));\n}\n\nfunction _readPemOrDerFileAsDER(filename: string): DER {\n    if (filename.match(/.*\\.der/)) {\n        return fs.readFileSync(filename) as Buffer;\n    }\n    const raw_key: string = _readPemFile(filename);\n    return convertPEMtoDER(raw_key);\n}\n\n/**\n * read a DER or PEM certificate from file\n */\nexport function readCertificate(filename: string): Certificate {\n    return _readPemOrDerFileAsDER(filename) as Certificate;\n}\n\n/**\n * Async version of {@link readCertificate}.\n * Uses `fs.promises.readFile` so the event loop is not blocked\n * during I/O.\n */\nexport async function readCertificateAsync(filename: string): Promise<Certificate> {\n    const buf = await fs.promises.readFile(filename);\n    if (filename.match(/.*\\.der/)) {\n        return buf as Certificate;\n    }\n    const raw_key = removeTrailingLF(buf.toString(\"utf-8\"));\n    return convertPEMtoDER(raw_key) as Certificate;\n}\n\n/**\n * read a DER or PEM certificate from file\n */\nexport function readPublicKey(filename: string): KeyObject {\n    if (filename.match(/.*\\.der/)) {\n        const der = fs.readFileSync(filename) as Buffer;\n        return createPublicKey(der);\n    } else {\n        const raw_key: string = _readPemFile(filename);\n        return createPublicKey(raw_key);\n    }\n}\n\n/**\n * Async version of {@link readPublicKey}.\n */\nexport async function readPublicKeyAsync(filename: string): Promise<KeyObject> {\n    const buf = await fs.promises.readFile(filename);\n    if (filename.match(/.*\\.der/)) {\n        return createPublicKey(buf);\n    }\n    return createPublicKey(removeTrailingLF(buf.toString(\"utf-8\")));\n}\n\n// console.log(\"createPrivateKey\", (crypto as any).createPrivateKey, process.env.NO_CREATE_PRIVATEKEY);\n\nfunction myCreatePrivateKey(rawKey: string | Buffer): PrivateKey {\n    if (!createPrivateKey || process.env.NO_CREATE_PRIVATEKEY) {\n        // we are not running nodejs or createPrivateKey is not supported in the environment\n        if (Buffer.isBuffer(rawKey)) {\n            const pemKey = toPem(rawKey, \"PRIVATE KEY\");\n            assert([\"RSA PRIVATE KEY\", \"PRIVATE KEY\"].indexOf(identifyPemType(pemKey) as string) >= 0);\n            return { hidden: pemKey };\n        }\n        return { hidden: ensureTrailingLF(rawKey as string) };\n    }\n    // see https://askubuntu.com/questions/1409458/openssl-config-cuases-error-in-node-js-crypto-how-should-the-config-be-updated\n    const backup = process.env.OPENSSL_CONF;\n    process.env.OPENSSL_CONF = \"/dev/null\";\n    const retValue = createPrivateKey(rawKey);\n    process.env.OPENSSL_CONF = backup;\n    return { hidden: retValue };\n}\n\nfunction ensureTrailingLF(str: string): string {\n    return str.match(/\\n$/) ? str : `${str}\\n`;\n}\n/**\n * read a DER or PEM certificate from file\n */\nexport function readPrivateKey(filename: string): PrivateKey {\n    if (filename.match(/.*\\.der/)) {\n        const der: Buffer = fs.readFileSync(filename);\n        return myCreatePrivateKey(der);\n    } else {\n        const raw_key: string = _readPemFile(filename);\n        return myCreatePrivateKey(raw_key);\n    }\n}\n\n/**\n * Async version of {@link readPrivateKey}.\n */\nexport async function readPrivateKeyAsync(filename: string): Promise<PrivateKey> {\n    const buf = await fs.promises.readFile(filename);\n    if (filename.match(/.*\\.der/)) {\n        return myCreatePrivateKey(buf);\n    }\n    return myCreatePrivateKey(removeTrailingLF(buf.toString(\"utf-8\")));\n}\n\nexport function readCertificatePEM(filename: string): CertificatePEM {\n    return _readPemFile(filename);\n}\n\n/**\n * Async version of {@link readCertificatePEM}.\n */\nexport async function readCertificatePEMAsync(filename: string): Promise<CertificatePEM> {\n    const buf = await fs.promises.readFile(filename, \"utf-8\");\n    return removeTrailingLF(buf);\n}\n\nexport function readPublicKeyPEM(filename: string): PublicKeyPEM {\n    return _readPemFile(filename);\n}\n\n/**\n * Async version of {@link readPublicKeyPEM}.\n */\nexport async function readPublicKeyPEMAsync(filename: string): Promise<PublicKeyPEM> {\n    const buf = await fs.promises.readFile(filename, \"utf-8\");\n    return removeTrailingLF(buf);\n}\n/**\n *\n * @deprecated\n */\nexport function readPrivateKeyPEM(filename: string): PrivateKeyPEM {\n    return _readPemFile(filename);\n}\n\n/**\n * Async version of {@link readPrivateKeyPEM}.\n * @deprecated\n */\nexport async function readPrivateKeyPEMAsync(filename: string): Promise<PrivateKeyPEM> {\n    const buf = await fs.promises.readFile(filename, \"utf-8\");\n    return removeTrailingLF(buf);\n}\n\nlet _g_certificate_store: string = \"\";\n\nexport function setCertificateStore(store: string): string {\n    const old_store = _g_certificate_store;\n    _g_certificate_store = store;\n    return old_store;\n}\nexport function getCertificateStore(): string {\n    if (!_g_certificate_store) {\n        _g_certificate_store = path.join(__dirname, \"../../certificates/\");\n    }\n    return _g_certificate_store;\n}\n/**\n *\n * @param filename\n */\nexport function readPrivateRsaKey(filename: string): PrivateKey {\n    if (!createPrivateKey) {\n        throw new Error(\"createPrivateKey is not supported in this environment\");\n    }\n    if (filename.substring(0, 1) !== \".\" && !fs.existsSync(filename)) {\n        filename = path.join(getCertificateStore(), filename);\n    }\n    const content = fs.readFileSync(filename, \"utf8\");\n    const sshKey = sshpk.parsePrivateKey(content, \"auto\");\n    const key = sshKey.toString(\"pkcs1\") as PEM;\n    const hidden = createPrivateKey({ format: \"pem\", type: \"pkcs1\", key });\n    return { hidden };\n}\n\nexport function readPublicRsaKey(filename: string): PublicKey {\n    if (filename.substring(0, 1) !== \".\" && !fs.existsSync(filename)) {\n        filename = path.join(getCertificateStore(), filename);\n    }\n    const content = fs.readFileSync(filename, \"utf-8\");\n    const sshKey = sshpk.parseKey(content, \"ssh\");\n    const key = sshKey.toString(\"pkcs1\") as PEM;\n    return createPublicKey({ format: \"pem\", type: \"pkcs1\", key });\n}\n","// ---------------------------------------------------------------------------------------------------------------------\n// node-opcua-crypto\n// ---------------------------------------------------------------------------------------------------------------------\n// Copyright (c) 2014-2022 - Etienne Rossignon - etienne.rossignon (at) gadz.org\n// Copyright (c) 2022-2026 - Sterfive.com\n// ---------------------------------------------------------------------------------------------------------------------\n//\n// This  project is licensed under the terms of the MIT license.\n//\n// Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated\n// documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the\n// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to\n// permit persons to whom the Software is furnished to do so,  subject to the following conditions:\n//\n// The above copyright notice and this permission notice shall be included in all copies or substantial portions of the\n// Software.\n//\n// THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE\n// WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR\n// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR\n// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n// ---------------------------------------------------------------------------------------------------------------------\n\nimport fs from \"node:fs\";\nimport type { CertificateRevocationList } from \"../source/common.js\";\nimport { convertPEMtoDER } from \"../source/crypto_utils.js\";\n\nexport async function readCertificateRevocationList(filename: string): Promise<CertificateRevocationList> {\n    const crl = await fs.promises.readFile(filename);\n    if (crl[0] === 0x30 && crl[1] === 0x82) {\n        // der format\n        return crl as CertificateRevocationList;\n    }\n    const raw_crl = crl.toString();\n    return convertPEMtoDER(raw_crl);\n}\n","// ---------------------------------------------------------------------------------------------------------------------\n// node-opcua-crypto\n// ---------------------------------------------------------------------------------------------------------------------\n// Copyright (c) 2014-2022 - Etienne Rossignon - etienne.rossignon (at) gadz.org\n// Copyright (c) 2022-2026 - Sterfive.com\n// ---------------------------------------------------------------------------------------------------------------------\n//\n// This  project is licensed under the terms of the MIT license.\n//\n// Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated\n// documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the\n// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to\n// permit persons to whom the Software is furnished to do so,  subject to the following conditions:\n//\n// The above copyright notice and this permission notice shall be included in all copies or substantial portions of the\n// Software.\n//\n// THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE\n// WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR\n// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR\n// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n// ---------------------------------------------------------------------------------------------------------------------\n\nimport fs from \"node:fs\";\nimport type { CertificateRevocationList } from \"../source/common.js\";\nimport { convertPEMtoDER } from \"../source/crypto_utils.js\";\n\nexport type CertificateSigningRequest = Buffer;\n\nexport async function readCertificateSigningRequest(filename: string): Promise<CertificateSigningRequest> {\n    const csr = await fs.promises.readFile(filename);\n    if (csr[0] === 0x30 && csr[1] === 0x82) {\n        // der format\n        return csr as CertificateRevocationList;\n    }\n    const raw_crl = csr.toString();\n    return convertPEMtoDER(raw_crl);\n}\n"]}