node-opcua-crypto 5.3.0 → 5.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (23) hide show
  1. package/dist/{chunk-ERHE4VFS.cjs → chunk-3KSBDOQT.cjs} +3 -3
  2. package/dist/{chunk-ERHE4VFS.cjs.map → chunk-3KSBDOQT.cjs.map} +1 -1
  3. package/dist/{chunk-QGNXSXUU.js → chunk-ISWOJ526.js} +82 -8
  4. package/dist/chunk-ISWOJ526.js.map +1 -0
  5. package/dist/{chunk-7GWSCCWS.cjs → chunk-MUTGGDEL.cjs} +96 -22
  6. package/dist/chunk-MUTGGDEL.cjs.map +1 -0
  7. package/dist/{chunk-KCVNMSLI.js → chunk-Z4PNMXBN.js} +3 -3
  8. package/dist/{chunk-KCVNMSLI.js.map → chunk-Z4PNMXBN.js.map} +1 -1
  9. package/dist/index.cjs +19 -3
  10. package/dist/index.cjs.map +1 -1
  11. package/dist/index.d.cts +1 -1
  12. package/dist/index.d.ts +1 -1
  13. package/dist/index.js +20 -4
  14. package/dist/source/index_web.cjs +2 -2
  15. package/dist/source/index_web.js +1 -1
  16. package/dist/source_nodejs/index.cjs +19 -3
  17. package/dist/source_nodejs/index.cjs.map +1 -1
  18. package/dist/source_nodejs/index.d.cts +67 -2
  19. package/dist/source_nodejs/index.d.ts +67 -2
  20. package/dist/source_nodejs/index.js +20 -4
  21. package/package.json +2 -2
  22. package/dist/chunk-7GWSCCWS.cjs.map +0 -1
  23. package/dist/chunk-QGNXSXUU.js.map +0 -1
package/dist/{chunk-QGNXSXUU.js → chunk-ISWOJ526.js} RENAMED
@@ -1,12 +1,14 @@
1
1
  import {
2
2
  __dirname,
3
+ combine_der,
3
4
  convertPEMtoDER,
4
5
  generateKeyPair,
5
6
  identifyPemType,
6
7
  privateKeyToPEM,
7
8
  removeTrailingLF,
9
+ split_der,
8
10
  toPem
9
- } from "./chunk-KCVNMSLI.js";
11
+ } from "./chunk-Z4PNMXBN.js";
10
12
 
11
13
  // source_nodejs/generate_private_key_filename.ts
12
14
  import { generateKeyPairSync } from "crypto";
@@ -37,15 +39,49 @@ function _readPemFile(filename) {
37
39
  assert(typeof filename === "string");
38
40
  return removeTrailingLF(fs2.readFileSync(filename, "utf-8"));
39
41
  }
40
- function _readPemOrDerFileAsDER(filename) {
42
+ function _countPemCertBlocks(pem) {
43
+ const matches = pem.match(/-----BEGIN CERTIFICATE-----/g);
44
+ return matches ? matches.length : 0;
45
+ }
46
+ function readCertificate(filename) {
41
47
  if (filename.match(/.*\.der/)) {
42
48
  return fs2.readFileSync(filename);
43
49
  }
44
- const raw_key = _readPemFile(filename);
45
- return convertPEMtoDER(raw_key);
50
+ const pem = _readPemFile(filename);
51
+ const count = _countPemCertBlocks(pem);
52
+ if (count > 1) {
53
+ console.warn(
54
+ `[node-opcua-crypto] readCertificate: "${path.basename(filename)}" contains ${count} PEM certificate block(s) but only the first will be used. Use readCertificateChain() to read all certificates.`
55
+ );
56
+ }
57
+ return convertPEMtoDER(pem);
46
58
  }
47
- function readCertificate(filename) {
48
- return _readPemOrDerFileAsDER(filename);
59
+ function readCertificateChain(filename) {
60
+ if (filename.match(/.*\.der/)) {
61
+ return split_der(fs2.readFileSync(filename));
62
+ }
63
+ const pem = _readPemFile(filename);
64
+ return _extractAllPemDerCertificates(pem);
65
+ }
66
+ async function readCertificateChainAsync(filename) {
67
+ const buf = await fs2.promises.readFile(filename);
68
+ if (filename.match(/.*\.der/)) {
69
+ return split_der(buf);
70
+ }
71
+ const pem = removeTrailingLF(buf.toString("utf-8"));
72
+ return _extractAllPemDerCertificates(pem);
73
+ }
74
+ function _extractAllPemDerCertificates(pem) {
75
+ const certs = [];
76
+ const regex = /-----BEGIN CERTIFICATE-----\r?\n([/+=a-zA-Z0-9\r\n]*)\r?\n-----END CERTIFICATE-----/g;
77
+ let match;
78
+ match = regex.exec(pem);
79
+ while (match !== null) {
80
+ const base64 = match[1].replace(/\r?\n/g, "");
81
+ certs.push(Buffer.from(base64, "base64"));
82
+ match = regex.exec(pem);
83
+ }
84
+ return certs;
49
85
  }
50
86
  async function readCertificateAsync(filename) {
51
87
  const buf = await fs2.promises.readFile(filename);
@@ -53,6 +89,12 @@ async function readCertificateAsync(filename) {
53
89
  return buf;
54
90
  }
55
91
  const raw_key = removeTrailingLF(buf.toString("utf-8"));
92
+ const count = _countPemCertBlocks(raw_key);
93
+ if (count > 1) {
94
+ console.warn(
95
+ `[node-opcua-crypto] readCertificateAsync: "${path.basename(filename)}" contains ${count} PEM certificate block(s) but only the first will be used. Use readCertificateChainAsync() to read all certificates.`
96
+ );
97
+ }
56
98
  return convertPEMtoDER(raw_key);
57
99
  }
58
100
  function readPublicKey(filename) {
@@ -184,10 +226,36 @@ async function readCertificateSigningRequest(filename) {
184
226
  return convertPEMtoDER(raw_crl);
185
227
  }
186
228
 
229
+ // source_nodejs/write.ts
230
+ import fs5 from "fs";
231
+ function certificatesToPem(certificates) {
232
+ const certs = Array.isArray(certificates) ? certificates : [certificates];
233
+ return `${certs.map((der) => toPem(der, "CERTIFICATE")).join("\n")}
234
+ `;
235
+ }
236
+ function writeCertificateChain(filename, certificates) {
237
+ fs5.writeFileSync(filename, certificatesToPem(certificates), "utf-8");
238
+ }
239
+ async function writeCertificateChainAsync(filename, certificates) {
240
+ await fs5.promises.writeFile(filename, certificatesToPem(certificates), "utf-8");
241
+ }
242
+ function certificatesToDer(certificates) {
243
+ const certs = Array.isArray(certificates) ? certificates : [certificates];
244
+ return combine_der(certs);
245
+ }
246
+ function writeCertificateChainDer(filename, certificates) {
247
+ fs5.writeFileSync(filename, certificatesToDer(certificates));
248
+ }
249
+ async function writeCertificateChainDerAsync(filename, certificates) {
250
+ await fs5.promises.writeFile(filename, certificatesToDer(certificates));
251
+ }
252
+
187
253
  export {
188
254
  generatePrivateKeyFile,
189
255
  generatePrivateKeyFileAlternate,
190
256
  readCertificate,
257
+ readCertificateChain,
258
+ readCertificateChainAsync,
191
259
  readCertificateAsync,
192
260
  readPublicKey,
193
261
  readPublicKeyAsync,
@@ -204,6 +272,12 @@ export {
204
272
  readPrivateRsaKey,
205
273
  readPublicRsaKey,
206
274
  readCertificateRevocationList,
207
- readCertificateSigningRequest
275
+ readCertificateSigningRequest,
276
+ certificatesToPem,
277
+ writeCertificateChain,
278
+ writeCertificateChainAsync,
279
+ certificatesToDer,
280
+ writeCertificateChainDer,
281
+ writeCertificateChainDerAsync
208
282
  };
209
- //# sourceMappingURL=chunk-QGNXSXUU.js.map
283
+ //# sourceMappingURL=chunk-ISWOJ526.js.map
package/dist/chunk-ISWOJ526.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../source_nodejs/generate_private_key_filename.ts","../source_nodejs/read.ts","../source_nodejs/read_certificate_revocation_list.ts","../source_nodejs/read_certificate_signing_request.ts","../source_nodejs/write.ts"],"sourcesContent":["// ---------------------------------------------------------------------------------------------------------------------\n// node-opcua-crypto\n// ---------------------------------------------------------------------------------------------------------------------\n// Copyright (c) 2014-2022 - Etienne Rossignon - etienne.rossignon (at) gadz.org\n// Copyright (c) 2022-2026 - Sterfive.com\n// ---------------------------------------------------------------------------------------------------------------------\n//\n// This project is licensed under the terms of the MIT license.\n//\n// Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated\n// documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the\n// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to\n// permit persons to whom the Software is furnished to do so, subject to the following conditions:\n//\n// The above copyright notice and this permission notice shall be included in all copies or substantial portions of the\n// Software.\n//\n// THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE\n// WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR\n// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR\n// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n// ---------------------------------------------------------------------------------------------------------------------\n\nimport { generateKeyPairSync } from \"node:crypto\";\nimport fs from \"node:fs\";\nimport { generateKeyPair, privateKeyToPEM } from \"../source/index.js\";\nexport async function generatePrivateKeyFile(privateKeyFilename: string, modulusLength: 1024 | 2048 | 3072 | 4096) {\n const keys = await generateKeyPair(modulusLength);\n const privateKeyPem = await privateKeyToPEM(keys.privateKey);\n await fs.promises.writeFile(privateKeyFilename, privateKeyPem.privPem, \"utf-8\");\n privateKeyPem.privPem = \"\";\n privateKeyPem.privDer = new ArrayBuffer(0);\n}\n\n/**\n * alternate function to generate PrivateKeyFile, using native\n * node:crypto.\n *\n * This function is slower than generatePrivateKeyFile\n */\nexport async function generatePrivateKeyFileAlternate(privateKeyFilename: string, modulusLength: 2048 | 3072 | 4096) {\n const { privateKey } = generateKeyPairSync(\"rsa\", {\n modulusLength,\n privateKeyEncoding: { type: \"pkcs8\", format: \"pem\" },\n publicKeyEncoding: { type: \"spki\", format: \"pem\" },\n });\n await fs.promises.writeFile(privateKeyFilename, privateKey, \"utf-8\");\n}\n","// ---------------------------------------------------------------------------------------------------------------------\n// node-opcua-crypto\n// ---------------------------------------------------------------------------------------------------------------------\n// Copyright (c) 2014-2022 - Etienne Rossignon - etienne.rossignon (at) gadz.org\n// Copyright (c) 2022-2026 - Sterfive.com\n// ---------------------------------------------------------------------------------------------------------------------\n//\n// This project is licensed under the terms of the MIT license.\n//\n// Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated\n// documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the\n// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to\n// permit persons to whom the Software is furnished to do so, subject to the following conditions:\n//\n// The above copyright notice and this permission notice shall be included in all copies or substantial portions of the\n// Software.\n//\n// THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE\n// WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR\n// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR\n// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n// ---------------------------------------------------------------------------------------------------------------------\n\nimport assert from \"node:assert\";\nimport { createPrivateKey, createPublicKey } from \"node:crypto\";\nimport fs from \"node:fs\";\nimport path from \"node:path\";\nimport sshpk from \"sshpk\";\nimport type {\n Certificate,\n CertificatePEM,\n DER,\n KeyObject,\n PEM,\n PrivateKey,\n PrivateKeyPEM,\n PublicKey,\n PublicKeyPEM,\n} from \"../source/common.js\";\nimport { split_der } from \"../source/crypto_explore_certificate.js\";\nimport { convertPEMtoDER, identifyPemType, removeTrailingLF, toPem } from \"../source/crypto_utils.js\";\n\nfunction _readPemFile(filename: string): PEM {\n assert(typeof filename === \"string\");\n return removeTrailingLF(fs.readFileSync(filename, \"utf-8\"));\n}\n\nfunction _readPemOrDerFileAsDER(filename: string): DER {\n if (filename.match(/.*\\.der/)) {\n return fs.readFileSync(filename) as Buffer;\n }\n const raw_key: string = _readPemFile(filename);\n return convertPEMtoDER(raw_key);\n}\n\nfunction _countPemCertBlocks(pem: string): number {\n const matches = pem.match(/-----BEGIN CERTIFICATE-----/g);\n return matches ? matches.length : 0;\n}\n\n/**\n * Read a DER or PEM certificate from file.\n *\n * **Note:** If the PEM file contains multiple certificate blocks\n * (e.g. a leaf cert + CA chain), only the **first** certificate\n * is returned. Use {@link readCertificateChain} to read all\n * certificates individually.\n *\n * @deprecated Use {@link readCertificateChain} instead, which\n * returns each certificate as a separate DER buffer.\n */\nexport function readCertificate(filename: string): Certificate {\n if (filename.match(/.*\\.der/)) {\n return fs.readFileSync(filename) as Certificate;\n }\n const pem = _readPemFile(filename);\n const count = _countPemCertBlocks(pem);\n if (count > 1) {\n console.warn(\n `[node-opcua-crypto] readCertificate: \"${path.basename(filename)}\"` +\n ` contains ${count} PEM certificate block(s) but only the first` +\n ` will be used. Use readCertificateChain() to read all certificates.`,\n );\n }\n return convertPEMtoDER(pem) as Certificate;\n}\n\n/**\n * Read a PEM or DER certificate file that may contain multiple\n * certificates (e.g. a leaf cert + CA issuer chain) and return\n * each certificate as a separate DER `Buffer`.\n *\n * - For a DER file, returns a single-element array.\n * - For a PEM file with N certificate blocks, returns N elements\n * in the same order they appear in the file (leaf first).\n */\nexport function readCertificateChain(filename: string): Certificate[] {\n if (filename.match(/.*\\.der/)) {\n return split_der(fs.readFileSync(filename) as Certificate);\n }\n const pem = _readPemFile(filename);\n return _extractAllPemDerCertificates(pem);\n}\n\n/**\n * Async version of {@link readCertificateChain}.\n */\nexport async function readCertificateChainAsync(filename: string): Promise<Certificate[]> {\n const buf = await fs.promises.readFile(filename);\n if (filename.match(/.*\\.der/)) {\n return split_der(buf as Certificate);\n }\n const pem = removeTrailingLF(buf.toString(\"utf-8\"));\n return _extractAllPemDerCertificates(pem);\n}\n\n/**\n * Extract all CERTIFICATE PEM blocks from a PEM string and\n * return each as a separate DER `Buffer`.\n */\nfunction _extractAllPemDerCertificates(pem: string): Certificate[] {\n const certs: Certificate[] = [];\n const regex = /-----BEGIN CERTIFICATE-----\\r?\\n([/+=a-zA-Z0-9\\r\\n]*)\\r?\\n-----END CERTIFICATE-----/g;\n let match: RegExpExecArray | null;\n match = regex.exec(pem);\n while (match !== null) {\n const base64 = match[1].replace(/\\r?\\n/g, \"\");\n certs.push(Buffer.from(base64, \"base64\") as Certificate);\n match = regex.exec(pem);\n }\n return certs;\n}\n\n/**\n * Async version of {@link readCertificate}.\n * Uses `fs.promises.readFile` so the event loop is not blocked\n * during I/O.\n *\n * **Note:** If the PEM file contains multiple certificate blocks,\n * only the first is returned. Use {@link readCertificateChainAsync}.\n *\n * @deprecated Use {@link readCertificateChainAsync} instead.\n */\nexport async function readCertificateAsync(filename: string): Promise<Certificate> {\n const buf = await fs.promises.readFile(filename);\n if (filename.match(/.*\\.der/)) {\n return buf as Certificate;\n }\n const raw_key = removeTrailingLF(buf.toString(\"utf-8\"));\n const count = _countPemCertBlocks(raw_key);\n if (count > 1) {\n console.warn(\n `[node-opcua-crypto] readCertificateAsync: \"${path.basename(filename)}\"` +\n ` contains ${count} PEM certificate block(s) but only the first` +\n ` will be used. Use readCertificateChainAsync() to read all certificates.`,\n );\n }\n return convertPEMtoDER(raw_key) as Certificate;\n}\n\n/**\n * read a DER or PEM certificate from file\n */\nexport function readPublicKey(filename: string): KeyObject {\n if (filename.match(/.*\\.der/)) {\n const der = fs.readFileSync(filename) as Buffer;\n return createPublicKey(der);\n } else {\n const raw_key: string = _readPemFile(filename);\n return createPublicKey(raw_key);\n }\n}\n\n/**\n * Async version of {@link readPublicKey}.\n */\nexport async function readPublicKeyAsync(filename: string): Promise<KeyObject> {\n const buf = await fs.promises.readFile(filename);\n if (filename.match(/.*\\.der/)) {\n return createPublicKey(buf);\n }\n return createPublicKey(removeTrailingLF(buf.toString(\"utf-8\")));\n}\n\n// console.log(\"createPrivateKey\", (crypto as any).createPrivateKey, process.env.NO_CREATE_PRIVATEKEY);\n\nfunction myCreatePrivateKey(rawKey: string | Buffer): PrivateKey {\n if (!createPrivateKey || process.env.NO_CREATE_PRIVATEKEY) {\n // we are not running nodejs or createPrivateKey is not supported in the environment\n if (Buffer.isBuffer(rawKey)) {\n const pemKey = toPem(rawKey, \"PRIVATE KEY\");\n assert([\"RSA PRIVATE KEY\", \"PRIVATE KEY\"].indexOf(identifyPemType(pemKey) as string) >= 0);\n return { hidden: pemKey };\n }\n return { hidden: ensureTrailingLF(rawKey as string) };\n }\n // see https://askubuntu.com/questions/1409458/openssl-config-cuases-error-in-node-js-crypto-how-should-the-config-be-updated\n const backup = process.env.OPENSSL_CONF;\n process.env.OPENSSL_CONF = \"/dev/null\";\n const retValue = createPrivateKey(rawKey);\n process.env.OPENSSL_CONF = backup;\n return { hidden: retValue };\n}\n\nfunction ensureTrailingLF(str: string): string {\n return str.match(/\\n$/) ? str : `${str}\\n`;\n}\n/**\n * read a DER or PEM certificate from file\n */\nexport function readPrivateKey(filename: string): PrivateKey {\n if (filename.match(/.*\\.der/)) {\n const der: Buffer = fs.readFileSync(filename);\n return myCreatePrivateKey(der);\n } else {\n const raw_key: string = _readPemFile(filename);\n return myCreatePrivateKey(raw_key);\n }\n}\n\n/**\n * Async version of {@link readPrivateKey}.\n */\nexport async function readPrivateKeyAsync(filename: string): Promise<PrivateKey> {\n const buf = await fs.promises.readFile(filename);\n if (filename.match(/.*\\.der/)) {\n return myCreatePrivateKey(buf);\n }\n return myCreatePrivateKey(removeTrailingLF(buf.toString(\"utf-8\")));\n}\n\nexport function readCertificatePEM(filename: string): CertificatePEM {\n return _readPemFile(filename);\n}\n\n/**\n * Async version of {@link readCertificatePEM}.\n */\nexport async function readCertificatePEMAsync(filename: string): Promise<CertificatePEM> {\n const buf = await fs.promises.readFile(filename, \"utf-8\");\n return removeTrailingLF(buf);\n}\n\nexport function readPublicKeyPEM(filename: string): PublicKeyPEM {\n return _readPemFile(filename);\n}\n\n/**\n * Async version of {@link readPublicKeyPEM}.\n */\nexport async function readPublicKeyPEMAsync(filename: string): Promise<PublicKeyPEM> {\n const buf = await fs.promises.readFile(filename, \"utf-8\");\n return removeTrailingLF(buf);\n}\n/**\n *\n * @deprecated\n */\nexport function readPrivateKeyPEM(filename: string): PrivateKeyPEM {\n return _readPemFile(filename);\n}\n\n/**\n * Async version of {@link readPrivateKeyPEM}.\n * @deprecated\n */\nexport async function readPrivateKeyPEMAsync(filename: string): Promise<PrivateKeyPEM> {\n const buf = await fs.promises.readFile(filename, \"utf-8\");\n return removeTrailingLF(buf);\n}\n\nlet _g_certificate_store: string = \"\";\n\nexport function setCertificateStore(store: string): string {\n const old_store = _g_certificate_store;\n _g_certificate_store = store;\n return old_store;\n}\nexport function getCertificateStore(): string {\n if (!_g_certificate_store) {\n _g_certificate_store = path.join(__dirname, \"../../certificates/\");\n }\n return _g_certificate_store;\n}\n/**\n *\n * @param filename\n */\nexport function readPrivateRsaKey(filename: string): PrivateKey {\n if (!createPrivateKey) {\n throw new Error(\"createPrivateKey is not supported in this environment\");\n }\n if (filename.substring(0, 1) !== \".\" && !fs.existsSync(filename)) {\n filename = path.join(getCertificateStore(), filename);\n }\n const content = fs.readFileSync(filename, \"utf8\");\n const sshKey = sshpk.parsePrivateKey(content, \"auto\");\n const key = sshKey.toString(\"pkcs1\") as PEM;\n const hidden = createPrivateKey({ format: \"pem\", type: \"pkcs1\", key });\n return { hidden };\n}\n\nexport function readPublicRsaKey(filename: string): PublicKey {\n if (filename.substring(0, 1) !== \".\" && !fs.existsSync(filename)) {\n filename = path.join(getCertificateStore(), filename);\n }\n const content = fs.readFileSync(filename, \"utf-8\");\n const sshKey = sshpk.parseKey(content, \"ssh\");\n const key = sshKey.toString(\"pkcs1\") as PEM;\n return createPublicKey({ format: \"pem\", type: \"pkcs1\", key });\n}\n","// ---------------------------------------------------------------------------------------------------------------------\n// node-opcua-crypto\n// ---------------------------------------------------------------------------------------------------------------------\n// Copyright (c) 2014-2022 - Etienne Rossignon - etienne.rossignon (at) gadz.org\n// Copyright (c) 2022-2026 - Sterfive.com\n// ---------------------------------------------------------------------------------------------------------------------\n//\n// This project is licensed under the terms of the MIT license.\n//\n// Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated\n// documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the\n// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to\n// permit persons to whom the Software is furnished to do so, subject to the following conditions:\n//\n// The above copyright notice and this permission notice shall be included in all copies or substantial portions of the\n// Software.\n//\n// THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE\n// WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR\n// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR\n// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n// ---------------------------------------------------------------------------------------------------------------------\n\nimport fs from \"node:fs\";\nimport type { CertificateRevocationList } from \"../source/common.js\";\nimport { convertPEMtoDER } from \"../source/crypto_utils.js\";\n\nexport async function readCertificateRevocationList(filename: string): Promise<CertificateRevocationList> {\n const crl = await fs.promises.readFile(filename);\n if (crl[0] === 0x30 && crl[1] === 0x82) {\n // der format\n return crl as CertificateRevocationList;\n }\n const raw_crl = crl.toString();\n return convertPEMtoDER(raw_crl);\n}\n","// ---------------------------------------------------------------------------------------------------------------------\n// node-opcua-crypto\n// ---------------------------------------------------------------------------------------------------------------------\n// Copyright (c) 2014-2022 - Etienne Rossignon - etienne.rossignon (at) gadz.org\n// Copyright (c) 2022-2026 - Sterfive.com\n// ---------------------------------------------------------------------------------------------------------------------\n//\n// This project is licensed under the terms of the MIT license.\n//\n// Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated\n// documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the\n// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to\n// permit persons to whom the Software is furnished to do so, subject to the following conditions:\n//\n// The above copyright notice and this permission notice shall be included in all copies or substantial portions of the\n// Software.\n//\n// THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE\n// WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR\n// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR\n// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n// ---------------------------------------------------------------------------------------------------------------------\n\nimport fs from \"node:fs\";\nimport type { CertificateRevocationList } from \"../source/common.js\";\nimport { convertPEMtoDER } from \"../source/crypto_utils.js\";\n\nexport type CertificateSigningRequest = Buffer;\n\nexport async function readCertificateSigningRequest(filename: string): Promise<CertificateSigningRequest> {\n const csr = await fs.promises.readFile(filename);\n if (csr[0] === 0x30 && csr[1] === 0x82) {\n // der format\n return csr as CertificateRevocationList;\n }\n const raw_crl = csr.toString();\n return convertPEMtoDER(raw_crl);\n}\n","// ---------------------------------------------------------------------------------------------------------------------\n// node-opcua-crypto\n// ---------------------------------------------------------------------------------------------------------------------\n// Copyright (c) 2014-2022 - Etienne Rossignon - etienne.rossignon (at) gadz.org\n// Copyright (c) 2022-2026 - Sterfive.com\n// ---------------------------------------------------------------------------------------------------------------------\n//\n// This project is licensed under the terms of the MIT license.\n//\n// Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated\n// documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the\n// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to\n// permit persons to whom the Software is furnished to do so, subject to the following conditions:\n//\n// The above copyright notice and this permission notice shall be included in all copies or substantial portions of the\n// Software.\n//\n// THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE\n// WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR\n// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR\n// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n// ---------------------------------------------------------------------------------------------------------------------\n\nimport fs from \"node:fs\";\n\nimport type { Certificate } from \"../source/common.js\";\nimport { combine_der } from \"../source/crypto_explore_certificate.js\";\nimport { toPem } from \"../source/crypto_utils.js\";\n\n// ── PEM ──────────────────────────────────────────────────────\n\n/**\n * Convert one or more DER certificates to a PEM string.\n *\n * Accepts a single `Certificate` (DER buffer) or an array.\n * Returns a multi-block PEM string with each certificate\n * separated by a newline.\n */\nexport function certificatesToPem(certificates: Certificate | Certificate[]): string {\n const certs = Array.isArray(certificates) ? certificates : [certificates];\n return `${certs.map((der) => toPem(der, \"CERTIFICATE\")).join(\"\\n\")}\\n`;\n}\n\n/**\n * Write one or more DER certificates to a PEM file.\n *\n * Each certificate is written as a separate PEM block in the\n * order provided (typically leaf first, then issuer chain).\n */\nexport function writeCertificateChain(filename: string, certificates: Certificate | Certificate[]): void {\n fs.writeFileSync(filename, certificatesToPem(certificates), \"utf-8\");\n}\n\n/**\n * Async version of {@link writeCertificateChain}.\n */\nexport async function writeCertificateChainAsync(filename: string, certificates: Certificate | Certificate[]): Promise<void> {\n await fs.promises.writeFile(filename, certificatesToPem(certificates), \"utf-8\");\n}\n\n// ── DER ──────────────────────────────────────────────────────\n\n/**\n * Convert one or more DER certificates to a single concatenated\n * DER buffer (OPC UA certificate chain format).\n *\n * Accepts a single `Certificate` (DER buffer) or an array.\n */\nexport function certificatesToDer(certificates: Certificate | Certificate[]): Certificate {\n const certs = Array.isArray(certificates) ? certificates : [certificates];\n return combine_der(certs);\n}\n\n/**\n * Write one or more DER certificates to a `.der` file as a\n * concatenated DER chain (OPC UA binary chain format).\n *\n * Order should be leaf first, then issuer chain.\n */\nexport function writeCertificateChainDer(filename: string, certificates: Certificate | Certificate[]): void {\n fs.writeFileSync(filename, certificatesToDer(certificates));\n}\n\n/**\n * Async version of {@link writeCertificateChainDer}.\n */\nexport async function writeCertificateChainDerAsync(filename: string, certificates: Certificate | Certificate[]): Promise<void> {\n await fs.promises.writeFile(filename, certificatesToDer(certificates));\n}\n"],"mappings":";;;;;;;;;;;;;AAuBA,SAAS,2BAA2B;AACpC,OAAO,QAAQ;AAEf,eAAsB,uBAAuB,oBAA4B,eAA0C;AAC/G,QAAM,OAAO,MAAM,gBAAgB,aAAa;AAChD,QAAM,gBAAgB,MAAM,gBAAgB,KAAK,UAAU;AAC3D,QAAM,GAAG,SAAS,UAAU,oBAAoB,cAAc,SAAS,OAAO;AAC9E,gBAAc,UAAU;AACxB,gBAAc,UAAU,IAAI,YAAY,CAAC;AAC7C;AAQA,eAAsB,gCAAgC,oBAA4B,eAAmC;AACjH,QAAM,EAAE,WAAW,IAAI,oBAAoB,OAAO;AAAA,IAC9C;AAAA,IACA,oBAAoB,EAAE,MAAM,SAAS,QAAQ,MAAM;AAAA,IACnD,mBAAmB,EAAE,MAAM,QAAQ,QAAQ,MAAM;AAAA,EACrD,CAAC;AACD,QAAM,GAAG,SAAS,UAAU,oBAAoB,YAAY,OAAO;AACvE;;;ACxBA,OAAO,YAAY;AACnB,SAAS,kBAAkB,uBAAuB;AAClD,OAAOA,SAAQ;AACf,OAAO,UAAU;AACjB,OAAO,WAAW;AAelB,SAAS,aAAa,UAAuB;AACzC,SAAO,OAAO,aAAa,QAAQ;AACnC,SAAO,iBAAiBC,IAAG,aAAa,UAAU,OAAO,CAAC;AAC9D;AAUA,SAAS,oBAAoB,KAAqB;AAC9C,QAAM,UAAU,IAAI,MAAM,8BAA8B;AACxD,SAAO,UAAU,QAAQ,SAAS;AACtC;AAaO,SAAS,gBAAgB,UAA+B;AAC3D,MAAI,SAAS,MAAM,SAAS,GAAG;AAC3B,WAAOC,IAAG,aAAa,QAAQ;AAAA,EACnC;AACA,QAAM,MAAM,aAAa,QAAQ;AACjC,QAAM,QAAQ,oBAAoB,GAAG;AACrC,MAAI,QAAQ,GAAG;AACX,YAAQ;AAAA,MACJ,yCAAyC,KAAK,SAAS,QAAQ,CAAC,cACnD,KAAK;AAAA,IAEtB;AAAA,EACJ;AACA,SAAO,gBAAgB,GAAG;AAC9B;AAWO,SAAS,qBAAqB,UAAiC;AAClE,MAAI,SAAS,MAAM,SAAS,GAAG;AAC3B,WAAO,UAAUA,IAAG,aAAa,QAAQ,CAAgB;AAAA,EAC7D;AACA,QAAM,MAAM,aAAa,QAAQ;AACjC,SAAO,8BAA8B,GAAG;AAC5C;AAKA,eAAsB,0BAA0B,UAA0C;AACtF,QAAM,MAAM,MAAMA,IAAG,SAAS,SAAS,QAAQ;AAC/C,MAAI,SAAS,MAAM,SAAS,GAAG;AAC3B,WAAO,UAAU,GAAkB;AAAA,EACvC;AACA,QAAM,MAAM,iBAAiB,IAAI,SAAS,OAAO,CAAC;AAClD,SAAO,8BAA8B,GAAG;AAC5C;AAMA,SAAS,8BAA8B,KAA4B;AAC/D,QAAM,QAAuB,CAAC;AAC9B,QAAM,QAAQ;AACd,MAAI;AACJ,UAAQ,MAAM,KAAK,GAAG;AACtB,SAAO,UAAU,MAAM;AACnB,UAAM,SAAS,MAAM,CAAC,EAAE,QAAQ,UAAU,EAAE;AAC5C,UAAM,KAAK,OAAO,KAAK,QAAQ,QAAQ,CAAgB;AACvD,YAAQ,MAAM,KAAK,GAAG;AAAA,EAC1B;AACA,SAAO;AACX;AAYA,eAAsB,qBAAqB,UAAwC;AAC/E,QAAM,MAAM,MAAMA,IAAG,SAAS,SAAS,QAAQ;AAC/C,MAAI,SAAS,MAAM,SAAS,GAAG;AAC3B,WAAO;AAAA,EACX;AACA,QAAM,UAAU,iBAAiB,IAAI,SAAS,OAAO,CAAC;AACtD,QAAM,QAAQ,oBAAoB,OAAO;AACzC,MAAI,QAAQ,GAAG;AACX,YAAQ;AAAA,MACJ,8CAA8C,KAAK,SAAS,QAAQ,CAAC,cACxD,KAAK;AAAA,IAEtB;AAAA,EACJ;AACA,SAAO,gBAAgB,OAAO;AAClC;AAKO,SAAS,cAAc,UAA6B;AACvD,MAAI,SAAS,MAAM,SAAS,GAAG;AAC3B,UAAM,MAAMA,IAAG,aAAa,QAAQ;AACpC,WAAO,gBAAgB,GAAG;AAAA,EAC9B,OAAO;AACH,UAAM,UAAkB,aAAa,QAAQ;AAC7C,WAAO,gBAAgB,OAAO;AAAA,EAClC;AACJ;AAKA,eAAsB,mBAAmB,UAAsC;AAC3E,QAAM,MAAM,MAAMA,IAAG,SAAS,SAAS,QAAQ;AAC/C,MAAI,SAAS,MAAM,SAAS,GAAG;AAC3B,WAAO,gBAAgB,GAAG;AAAA,EAC9B;AACA,SAAO,gBAAgB,iBAAiB,IAAI,SAAS,OAAO,CAAC,CAAC;AAClE;AAIA,SAAS,mBAAmB,QAAqC;AAC7D,MAAI,CAAC,oBAAoB,QAAQ,IAAI,sBAAsB;AAEvD,QAAI,OAAO,SAAS,MAAM,GAAG;AACzB,YAAM,SAAS,MAAM,QAAQ,aAAa;AAC1C,aAAO,CAAC,mBAAmB,aAAa,EAAE,QAAQ,gBAAgB,MAAM,CAAW,KAAK,CAAC;AACzF,aAAO,EAAE,QAAQ,OAAO;AAAA,IAC5B;AACA,WAAO,EAAE,QAAQ,iBAAiB,MAAgB,EAAE;AAAA,EACxD;AAEA,QAAM,SAAS,QAAQ,IAAI;AAC3B,UAAQ,IAAI,eAAe;AAC3B,QAAM,WAAW,iBAAiB,MAAM;AACxC,UAAQ,IAAI,eAAe;AAC3B,SAAO,EAAE,QAAQ,SAAS;AAC9B;AAEA,SAAS,iBAAiB,KAAqB;AAC3C,SAAO,IAAI,MAAM,KAAK,IAAI,MAAM,GAAG,GAAG;AAAA;AAC1C;AAIO,SAAS,eAAe,UAA8B;AACzD,MAAI,SAAS,MAAM,SAAS,GAAG;AAC3B,UAAM,MAAcA,IAAG,aAAa,QAAQ;AAC5C,WAAO,mBAAmB,GAAG;AAAA,EACjC,OAAO;AACH,UAAM,UAAkB,aAAa,QAAQ;AAC7C,WAAO,mBAAmB,OAAO;AAAA,EACrC;AACJ;AAKA,eAAsB,oBAAoB,UAAuC;AAC7E,QAAM,MAAM,MAAMA,IAAG,SAAS,SAAS,QAAQ;AAC/C,MAAI,SAAS,MAAM,SAAS,GAAG;AAC3B,WAAO,mBAAmB,GAAG;AAAA,EACjC;AACA,SAAO,mBAAmB,iBAAiB,IAAI,SAAS,OAAO,CAAC,CAAC;AACrE;AAEO,SAAS,mBAAmB,UAAkC;AACjE,SAAO,aAAa,QAAQ;AAChC;AAKA,eAAsB,wBAAwB,UAA2C;AACrF,QAAM,MAAM,MAAMA,IAAG,SAAS,SAAS,UAAU,OAAO;AACxD,SAAO,iBAAiB,GAAG;AAC/B;AAEO,SAAS,iBAAiB,UAAgC;AAC7D,SAAO,aAAa,QAAQ;AAChC;AAKA,eAAsB,sBAAsB,UAAyC;AACjF,QAAM,MAAM,MAAMA,IAAG,SAAS,SAAS,UAAU,OAAO;AACxD,SAAO,iBAAiB,GAAG;AAC/B;AAKO,SAAS,kBAAkB,UAAiC;AAC/D,SAAO,aAAa,QAAQ;AAChC;AAMA,eAAsB,uBAAuB,UAA0C;AACnF,QAAM,MAAM,MAAMA,IAAG,SAAS,SAAS,UAAU,OAAO;AACxD,SAAO,iBAAiB,GAAG;AAC/B;AAEA,IAAI,uBAA+B;AAE5B,SAAS,oBAAoB,OAAuB;AACvD,QAAM,YAAY;AAClB,yBAAuB;AACvB,SAAO;AACX;AACO,SAAS,sBAA8B;AAC1C,MAAI,CAAC,sBAAsB;AACvB,2BAAuB,KAAK,KAAK,WAAW,qBAAqB;AAAA,EACrE;AACA,SAAO;AACX;AAKO,SAAS,kBAAkB,UAA8B;AAC5D,MAAI,CAAC,kBAAkB;AACnB,UAAM,IAAI,MAAM,uDAAuD;AAAA,EAC3E;AACA,MAAI,SAAS,UAAU,GAAG,CAAC,MAAM,OAAO,CAACA,IAAG,WAAW,QAAQ,GAAG;AAC9D,eAAW,KAAK,KAAK,oBAAoB,GAAG,QAAQ;AAAA,EACxD;AACA,QAAM,UAAUA,IAAG,aAAa,UAAU,MAAM;AAChD,QAAM,SAAS,MAAM,gBAAgB,SAAS,MAAM;AACpD,QAAM,MAAM,OAAO,SAAS,OAAO;AACnC,QAAM,SAAS,iBAAiB,EAAE,QAAQ,OAAO,MAAM,SAAS,IAAI,CAAC;AACrE,SAAO,EAAE,OAAO;AACpB;AAEO,SAAS,iBAAiB,UAA6B;AAC1D,MAAI,SAAS,UAAU,GAAG,CAAC,MAAM,OAAO,CAACA,IAAG,WAAW,QAAQ,GAAG;AAC9D,eAAW,KAAK,KAAK,oBAAoB,GAAG,QAAQ;AAAA,EACxD;AACA,QAAM,UAAUA,IAAG,aAAa,UAAU,OAAO;AACjD,QAAM,SAAS,MAAM,SAAS,SAAS,KAAK;AAC5C,QAAM,MAAM,OAAO,SAAS,OAAO;AACnC,SAAO,gBAAgB,EAAE,QAAQ,OAAO,MAAM,SAAS,IAAI,CAAC;AAChE;;;AC/RA,OAAOC,SAAQ;AAIf,eAAsB,8BAA8B,UAAsD;AACtG,QAAM,MAAM,MAAMC,IAAG,SAAS,SAAS,QAAQ;AAC/C,MAAI,IAAI,CAAC,MAAM,MAAQ,IAAI,CAAC,MAAM,KAAM;AAEpC,WAAO;AAAA,EACX;AACA,QAAM,UAAU,IAAI,SAAS;AAC7B,SAAO,gBAAgB,OAAO;AAClC;;;ACZA,OAAOC,SAAQ;AAMf,eAAsB,8BAA8B,UAAsD;AACtG,QAAM,MAAM,MAAMC,IAAG,SAAS,SAAS,QAAQ;AAC/C,MAAI,IAAI,CAAC,MAAM,MAAQ,IAAI,CAAC,MAAM,KAAM;AAEpC,WAAO;AAAA,EACX;AACA,QAAM,UAAU,IAAI,SAAS;AAC7B,SAAO,gBAAgB,OAAO;AAClC;;;ACdA,OAAOC,SAAQ;AAeR,SAAS,kBAAkB,cAAmD;AACjF,QAAM,QAAQ,MAAM,QAAQ,YAAY,IAAI,eAAe,CAAC,YAAY;AACxE,SAAO,GAAG,MAAM,IAAI,CAAC,QAAQ,MAAM,KAAK,aAAa,CAAC,EAAE,KAAK,IAAI,CAAC;AAAA;AACtE;AAQO,SAAS,sBAAsB,UAAkB,cAAiD;AACrG,EAAAC,IAAG,cAAc,UAAU,kBAAkB,YAAY,GAAG,OAAO;AACvE;AAKA,eAAsB,2BAA2B,UAAkB,cAA0D;AACzH,QAAMA,IAAG,SAAS,UAAU,UAAU,kBAAkB,YAAY,GAAG,OAAO;AAClF;AAUO,SAAS,kBAAkB,cAAwD;AACtF,QAAM,QAAQ,MAAM,QAAQ,YAAY,IAAI,eAAe,CAAC,YAAY;AACxE,SAAO,YAAY,KAAK;AAC5B;AAQO,SAAS,yBAAyB,UAAkB,cAAiD;AACxG,EAAAA,IAAG,cAAc,UAAU,kBAAkB,YAAY,CAAC;AAC9D;AAKA,eAAsB,8BAA8B,UAAkB,cAA0D;AAC5H,QAAMA,IAAG,SAAS,UAAU,UAAU,kBAAkB,YAAY,CAAC;AACzE;","names":["fs","fs","fs","fs","fs","fs","fs","fs","fs"]}
package/dist/{chunk-7GWSCCWS.cjs → chunk-MUTGGDEL.cjs} RENAMED
@@ -5,14 +5,16 @@
5
5
 
6
6
 
7
7
 
8
- var _chunkERHE4VFScjs = require('./chunk-ERHE4VFS.cjs');
8
+
9
+
10
+ var _chunk3KSBDOQTcjs = require('./chunk-3KSBDOQT.cjs');
9
11
 
10
12
  // source_nodejs/generate_private_key_filename.ts
11
13
  var _crypto = require('crypto');
12
14
  var _fs = require('fs'); var _fs2 = _interopRequireDefault(_fs);
13
15
  async function generatePrivateKeyFile(privateKeyFilename, modulusLength) {
14
- const keys = await _chunkERHE4VFScjs.generateKeyPair.call(void 0, modulusLength);
15
- const privateKeyPem = await _chunkERHE4VFScjs.privateKeyToPEM.call(void 0, keys.privateKey);
16
+ const keys = await _chunk3KSBDOQTcjs.generateKeyPair.call(void 0, modulusLength);
17
+ const privateKeyPem = await _chunk3KSBDOQTcjs.privateKeyToPEM.call(void 0, keys.privateKey);
16
18
  await _fs2.default.promises.writeFile(privateKeyFilename, privateKeyPem.privPem, "utf-8");
17
19
  privateKeyPem.privPem = "";
18
20
  privateKeyPem.privDer = new ArrayBuffer(0);
@@ -34,25 +36,65 @@ var _path = require('path'); var _path2 = _interopRequireDefault(_path);
34
36
  var _sshpk = require('sshpk'); var _sshpk2 = _interopRequireDefault(_sshpk);
35
37
  function _readPemFile(filename) {
36
38
  _assert2.default.call(void 0, typeof filename === "string");
37
- return _chunkERHE4VFScjs.removeTrailingLF.call(void 0, _fs2.default.readFileSync(filename, "utf-8"));
39
+ return _chunk3KSBDOQTcjs.removeTrailingLF.call(void 0, _fs2.default.readFileSync(filename, "utf-8"));
38
40
  }
39
- function _readPemOrDerFileAsDER(filename) {
41
+ function _countPemCertBlocks(pem) {
42
+ const matches = pem.match(/-----BEGIN CERTIFICATE-----/g);
43
+ return matches ? matches.length : 0;
44
+ }
45
+ function readCertificate(filename) {
40
46
  if (filename.match(/.*\.der/)) {
41
47
  return _fs2.default.readFileSync(filename);
42
48
  }
43
- const raw_key = _readPemFile(filename);
44
- return _chunkERHE4VFScjs.convertPEMtoDER.call(void 0, raw_key);
49
+ const pem = _readPemFile(filename);
50
+ const count = _countPemCertBlocks(pem);
51
+ if (count > 1) {
52
+ console.warn(
53
+ `[node-opcua-crypto] readCertificate: "${_path2.default.basename(filename)}" contains ${count} PEM certificate block(s) but only the first will be used. Use readCertificateChain() to read all certificates.`
54
+ );
55
+ }
56
+ return _chunk3KSBDOQTcjs.convertPEMtoDER.call(void 0, pem);
45
57
  }
46
- function readCertificate(filename) {
47
- return _readPemOrDerFileAsDER(filename);
58
+ function readCertificateChain(filename) {
59
+ if (filename.match(/.*\.der/)) {
60
+ return _chunk3KSBDOQTcjs.split_der.call(void 0, _fs2.default.readFileSync(filename));
61
+ }
62
+ const pem = _readPemFile(filename);
63
+ return _extractAllPemDerCertificates(pem);
64
+ }
65
+ async function readCertificateChainAsync(filename) {
66
+ const buf = await _fs2.default.promises.readFile(filename);
67
+ if (filename.match(/.*\.der/)) {
68
+ return _chunk3KSBDOQTcjs.split_der.call(void 0, buf);
69
+ }
70
+ const pem = _chunk3KSBDOQTcjs.removeTrailingLF.call(void 0, buf.toString("utf-8"));
71
+ return _extractAllPemDerCertificates(pem);
72
+ }
73
+ function _extractAllPemDerCertificates(pem) {
74
+ const certs = [];
75
+ const regex = /-----BEGIN CERTIFICATE-----\r?\n([/+=a-zA-Z0-9\r\n]*)\r?\n-----END CERTIFICATE-----/g;
76
+ let match;
77
+ match = regex.exec(pem);
78
+ while (match !== null) {
79
+ const base64 = match[1].replace(/\r?\n/g, "");
80
+ certs.push(Buffer.from(base64, "base64"));
81
+ match = regex.exec(pem);
82
+ }
83
+ return certs;
48
84
  }
49
85
  async function readCertificateAsync(filename) {
50
86
  const buf = await _fs2.default.promises.readFile(filename);
51
87
  if (filename.match(/.*\.der/)) {
52
88
  return buf;
53
89
  }
54
- const raw_key = _chunkERHE4VFScjs.removeTrailingLF.call(void 0, buf.toString("utf-8"));
55
- return _chunkERHE4VFScjs.convertPEMtoDER.call(void 0, raw_key);
90
+ const raw_key = _chunk3KSBDOQTcjs.removeTrailingLF.call(void 0, buf.toString("utf-8"));
91
+ const count = _countPemCertBlocks(raw_key);
92
+ if (count > 1) {
93
+ console.warn(
94
+ `[node-opcua-crypto] readCertificateAsync: "${_path2.default.basename(filename)}" contains ${count} PEM certificate block(s) but only the first will be used. Use readCertificateChainAsync() to read all certificates.`
95
+ );
96
+ }
97
+ return _chunk3KSBDOQTcjs.convertPEMtoDER.call(void 0, raw_key);
56
98
  }
57
99
  function readPublicKey(filename) {
58
100
  if (filename.match(/.*\.der/)) {
@@ -68,13 +110,13 @@ async function readPublicKeyAsync(filename) {
68
110
  if (filename.match(/.*\.der/)) {
69
111
  return _crypto.createPublicKey.call(void 0, buf);
70
112
  }
71
- return _crypto.createPublicKey.call(void 0, _chunkERHE4VFScjs.removeTrailingLF.call(void 0, buf.toString("utf-8")));
113
+ return _crypto.createPublicKey.call(void 0, _chunk3KSBDOQTcjs.removeTrailingLF.call(void 0, buf.toString("utf-8")));
72
114
  }
73
115
  function myCreatePrivateKey(rawKey) {
74
116
  if (!_crypto.createPrivateKey || process.env.NO_CREATE_PRIVATEKEY) {
75
117
  if (Buffer.isBuffer(rawKey)) {
76
- const pemKey = _chunkERHE4VFScjs.toPem.call(void 0, rawKey, "PRIVATE KEY");
77
- _assert2.default.call(void 0, ["RSA PRIVATE KEY", "PRIVATE KEY"].indexOf(_chunkERHE4VFScjs.identifyPemType.call(void 0, pemKey)) >= 0);
118
+ const pemKey = _chunk3KSBDOQTcjs.toPem.call(void 0, rawKey, "PRIVATE KEY");
119
+ _assert2.default.call(void 0, ["RSA PRIVATE KEY", "PRIVATE KEY"].indexOf(_chunk3KSBDOQTcjs.identifyPemType.call(void 0, pemKey)) >= 0);
78
120
  return { hidden: pemKey };
79
121
  }
80
122
  return { hidden: ensureTrailingLF(rawKey) };
@@ -103,28 +145,28 @@ async function readPrivateKeyAsync(filename) {
103
145
  if (filename.match(/.*\.der/)) {
104
146
  return myCreatePrivateKey(buf);
105
147
  }
106
- return myCreatePrivateKey(_chunkERHE4VFScjs.removeTrailingLF.call(void 0, buf.toString("utf-8")));
148
+ return myCreatePrivateKey(_chunk3KSBDOQTcjs.removeTrailingLF.call(void 0, buf.toString("utf-8")));
107
149
  }
108
150
  function readCertificatePEM(filename) {
109
151
  return _readPemFile(filename);
110
152
  }
111
153
  async function readCertificatePEMAsync(filename) {
112
154
  const buf = await _fs2.default.promises.readFile(filename, "utf-8");
113
- return _chunkERHE4VFScjs.removeTrailingLF.call(void 0, buf);
155
+ return _chunk3KSBDOQTcjs.removeTrailingLF.call(void 0, buf);
114
156
  }
115
157
  function readPublicKeyPEM(filename) {
116
158
  return _readPemFile(filename);
117
159
  }
118
160
  async function readPublicKeyPEMAsync(filename) {
119
161
  const buf = await _fs2.default.promises.readFile(filename, "utf-8");
120
- return _chunkERHE4VFScjs.removeTrailingLF.call(void 0, buf);
162
+ return _chunk3KSBDOQTcjs.removeTrailingLF.call(void 0, buf);
121
163
  }
122
164
  function readPrivateKeyPEM(filename) {
123
165
  return _readPemFile(filename);
124
166
  }
125
167
  async function readPrivateKeyPEMAsync(filename) {
126
168
  const buf = await _fs2.default.promises.readFile(filename, "utf-8");
127
- return _chunkERHE4VFScjs.removeTrailingLF.call(void 0, buf);
169
+ return _chunk3KSBDOQTcjs.removeTrailingLF.call(void 0, buf);
128
170
  }
129
171
  var _g_certificate_store = "";
130
172
  function setCertificateStore(store) {
@@ -169,7 +211,7 @@ async function readCertificateRevocationList(filename) {
169
211
  return crl;
170
212
  }
171
213
  const raw_crl = crl.toString();
172
- return _chunkERHE4VFScjs.convertPEMtoDER.call(void 0, raw_crl);
214
+ return _chunk3KSBDOQTcjs.convertPEMtoDER.call(void 0, raw_crl);
173
215
  }
174
216
 
175
217
  // source_nodejs/read_certificate_signing_request.ts
@@ -180,7 +222,31 @@ async function readCertificateSigningRequest(filename) {
180
222
  return csr;
181
223
  }
182
224
  const raw_crl = csr.toString();
183
- return _chunkERHE4VFScjs.convertPEMtoDER.call(void 0, raw_crl);
225
+ return _chunk3KSBDOQTcjs.convertPEMtoDER.call(void 0, raw_crl);
226
+ }
227
+
228
+ // source_nodejs/write.ts
229
+
230
+ function certificatesToPem(certificates) {
231
+ const certs = Array.isArray(certificates) ? certificates : [certificates];
232
+ return `${certs.map((der) => _chunk3KSBDOQTcjs.toPem.call(void 0, der, "CERTIFICATE")).join("\n")}
233
+ `;
234
+ }
235
+ function writeCertificateChain(filename, certificates) {
236
+ _fs2.default.writeFileSync(filename, certificatesToPem(certificates), "utf-8");
237
+ }
238
+ async function writeCertificateChainAsync(filename, certificates) {
239
+ await _fs2.default.promises.writeFile(filename, certificatesToPem(certificates), "utf-8");
240
+ }
241
+ function certificatesToDer(certificates) {
242
+ const certs = Array.isArray(certificates) ? certificates : [certificates];
243
+ return _chunk3KSBDOQTcjs.combine_der.call(void 0, certs);
244
+ }
245
+ function writeCertificateChainDer(filename, certificates) {
246
+ _fs2.default.writeFileSync(filename, certificatesToDer(certificates));
247
+ }
248
+ async function writeCertificateChainDerAsync(filename, certificates) {
249
+ await _fs2.default.promises.writeFile(filename, certificatesToDer(certificates));
184
250
  }
185
251
 
186
252
 
@@ -204,5 +270,13 @@ async function readCertificateSigningRequest(filename) {
204
270
 
205
271
 
206
272
 
207
- exports.generatePrivateKeyFile = generatePrivateKeyFile; exports.generatePrivateKeyFileAlternate = generatePrivateKeyFileAlternate; exports.readCertificate = readCertificate; exports.readCertificateAsync = readCertificateAsync; exports.readPublicKey = readPublicKey; exports.readPublicKeyAsync = readPublicKeyAsync; exports.readPrivateKey = readPrivateKey; exports.readPrivateKeyAsync = readPrivateKeyAsync; exports.readCertificatePEM = readCertificatePEM; exports.readCertificatePEMAsync = readCertificatePEMAsync; exports.readPublicKeyPEM = readPublicKeyPEM; exports.readPublicKeyPEMAsync = readPublicKeyPEMAsync; exports.readPrivateKeyPEM = readPrivateKeyPEM; exports.readPrivateKeyPEMAsync = readPrivateKeyPEMAsync; exports.setCertificateStore = setCertificateStore; exports.getCertificateStore = getCertificateStore; exports.readPrivateRsaKey = readPrivateRsaKey; exports.readPublicRsaKey = readPublicRsaKey; exports.readCertificateRevocationList = readCertificateRevocationList; exports.readCertificateSigningRequest = readCertificateSigningRequest;
208
- //# sourceMappingURL=chunk-7GWSCCWS.cjs.map
273
+
274
+
275
+
276
+
277
+
278
+
279
+
280
+
281
+ exports.generatePrivateKeyFile = generatePrivateKeyFile; exports.generatePrivateKeyFileAlternate = generatePrivateKeyFileAlternate; exports.readCertificate = readCertificate; exports.readCertificateChain = readCertificateChain; exports.readCertificateChainAsync = readCertificateChainAsync; exports.readCertificateAsync = readCertificateAsync; exports.readPublicKey = readPublicKey; exports.readPublicKeyAsync = readPublicKeyAsync; exports.readPrivateKey = readPrivateKey; exports.readPrivateKeyAsync = readPrivateKeyAsync; exports.readCertificatePEM = readCertificatePEM; exports.readCertificatePEMAsync = readCertificatePEMAsync; exports.readPublicKeyPEM = readPublicKeyPEM; exports.readPublicKeyPEMAsync = readPublicKeyPEMAsync; exports.readPrivateKeyPEM = readPrivateKeyPEM; exports.readPrivateKeyPEMAsync = readPrivateKeyPEMAsync; exports.setCertificateStore = setCertificateStore; exports.getCertificateStore = getCertificateStore; exports.readPrivateRsaKey = readPrivateRsaKey; exports.readPublicRsaKey = readPublicRsaKey; exports.readCertificateRevocationList = readCertificateRevocationList; exports.readCertificateSigningRequest = readCertificateSigningRequest; exports.certificatesToPem = certificatesToPem; exports.writeCertificateChain = writeCertificateChain; exports.writeCertificateChainAsync = writeCertificateChainAsync; exports.certificatesToDer = certificatesToDer; exports.writeCertificateChainDer = writeCertificateChainDer; exports.writeCertificateChainDerAsync = writeCertificateChainDerAsync;
282
+ //# sourceMappingURL=chunk-MUTGGDEL.cjs.map
package/dist/chunk-MUTGGDEL.cjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["/home/runner/work/node-opcua-crypto/node-opcua-crypto/packages/node-opcua-crypto/dist/chunk-MUTGGDEL.cjs","../source_nodejs/generate_private_key_filename.ts","../source_nodejs/read.ts","../source_nodejs/read_certificate_revocation_list.ts","../source_nodejs/read_certificate_signing_request.ts","../source_nodejs/write.ts"],"names":["fs"],"mappings":"AAAA;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACF,wDAA6B;AAC7B;AACA;ACYA,gCAAoC;AACpC,gEAAe;AAEf,MAAA,SAAsB,sBAAA,CAAuB,kBAAA,EAA4B,aAAA,EAA0C;AAC/G,EAAA,MAAM,KAAA,EAAO,MAAM,+CAAA,aAA6B,CAAA;AAChD,EAAA,MAAM,cAAA,EAAgB,MAAM,+CAAA,IAAgB,CAAK,UAAU,CAAA;AAC3D,EAAA,MAAM,YAAA,CAAG,QAAA,CAAS,SAAA,CAAU,kBAAA,EAAoB,aAAA,CAAc,OAAA,EAAS,OAAO,CAAA;AAC9E,EAAA,aAAA,CAAc,QAAA,EAAU,EAAA;AACxB,EAAA,aAAA,CAAc,QAAA,EAAU,IAAI,WAAA,CAAY,CAAC,CAAA;AAC7C;AAQA,MAAA,SAAsB,+BAAA,CAAgC,kBAAA,EAA4B,aAAA,EAAmC;AACjH,EAAA,MAAM,EAAE,WAAW,EAAA,EAAI,yCAAA,KAAoB,EAAO;AAAA,IAC9C,aAAA;AAAA,IACA,kBAAA,EAAoB,EAAE,IAAA,EAAM,OAAA,EAAS,MAAA,EAAQ,MAAM,CAAA;AAAA,IACnD,iBAAA,EAAmB,EAAE,IAAA,EAAM,MAAA,EAAQ,MAAA,EAAQ,MAAM;AAAA,EACrD,CAAC,CAAA;AACD,EAAA,MAAM,YAAA,CAAG,QAAA,CAAS,SAAA,CAAU,kBAAA,EAAoB,UAAA,EAAY,OAAO,CAAA;AACvE;ADlBA;AACA;AEPA,gFAAmB;AACnB;AACA;AACA,wEAAiB;AACjB,4EAAkB;AAelB,SAAS,YAAA,CAAa,QAAA,EAAuB;AACzC,EAAA,8BAAA,OAAc,SAAA,IAAa,QAAQ,CAAA;AACnC,EAAA,OAAO,gDAAA,YAAiBA,CAAG,YAAA,CAAa,QAAA,EAAU,OAAO,CAAC,CAAA;AAC9D;AAUA,SAAS,mBAAA,CAAoB,GAAA,EAAqB;AAC9C,EAAA,MAAM,QAAA,EAAU,GAAA,CAAI,KAAA,CAAM,8BAA8B,CAAA;AACxD,EAAA,OAAO,QAAA,EAAU,OAAA,CAAQ,OAAA,EAAS,CAAA;AACtC;AAaO,SAAS,eAAA,CAAgB,QAAA,EAA+B;AAC3D,EAAA,GAAA,CAAI,QAAA,CAAS,KAAA,CAAM,SAAS,CAAA,EAAG;AAC3B,IAAA,OAAOA,YAAAA,CAAG,YAAA,CAAa,QAAQ,CAAA;AAAA,EACnC;AACA,EAAA,MAAM,IAAA,EAAM,YAAA,CAAa,QAAQ,CAAA;AACjC,EAAA,MAAM,MAAA,EAAQ,mBAAA,CAAoB,GAAG,CAAA;AACrC,EAAA,GAAA,CAAI,MAAA,EAAQ,CAAA,EAAG;AACX,IAAA,OAAA,CAAQ,IAAA;AAAA,MACJ,CAAA,sCAAA,EAAyC,cAAA,CAAK,QAAA,CAAS,QAAQ,CAAC,CAAA,WAAA,EACnD,KAAK,CAAA,+GAAA;AAAA,IAEtB,CAAA;AAAA,EACJ;AACA,EAAA,OAAO,+CAAA,GAAmB,CAAA;AAC9B;AAWO,SAAS,oBAAA,CAAqB,QAAA,EAAiC;AAClE,EAAA,GAAA,CAAI,QAAA,CAAS,KAAA,CAAM,SAAS,CAAA,EAAG;AAC3B,IAAA,OAAO,yCAAA,YAAUA,CAAG,YAAA,CAAa,QAAQ,CAAgB,CAAA;AAAA,EAC7D;AACA,EAAA,MAAM,IAAA,EAAM,YAAA,CAAa,QAAQ,CAAA;AACjC,EAAA,OAAO,6BAAA,CAA8B,GAAG,CAAA;AAC5C;AAKA,MAAA,SAAsB,yBAAA,CAA0B,QAAA,EAA0C;AACtF,EAAA,MAAM,IAAA,EAAM,MAAMA,YAAAA,CAAG,QAAA,CAAS,QAAA,CAAS,QAAQ,CAAA;AAC/C,EAAA,GAAA,CAAI,QAAA,CAAS,KAAA,CAAM,SAAS,CAAA,EAAG;AAC3B,IAAA,OAAO,yCAAA,GAA4B,CAAA;AAAA,EACvC;AACA,EAAA,MAAM,IAAA,EAAM,gDAAA,GAAiB,CAAI,QAAA,CAAS,OAAO,CAAC,CAAA;AAClD,EAAA,OAAO,6BAAA,CAA8B,GAAG,CAAA;AAC5C;AAMA,SAAS,6BAAA,CAA8B,GAAA,EAA4B;AAC/D,EAAA,MAAM,MAAA,EAAuB,CAAC,CAAA;AAC9B,EAAA,MAAM,MAAA,EAAQ,sFAAA;AACd,EAAA,IAAI,KAAA;AACJ,EAAA,MAAA,EAAQ,KAAA,CAAM,IAAA,CAAK,GAAG,CAAA;AACtB,EAAA,MAAA,CAAO,MAAA,IAAU,IAAA,EAAM;AACnB,IAAA,MAAM,OAAA,EAAS,KAAA,CAAM,CAAC,CAAA,CAAE,OAAA,CAAQ,QAAA,EAAU,EAAE,CAAA;AAC5C,IAAA,KAAA,CAAM,IAAA,CAAK,MAAA,CAAO,IAAA,CAAK,MAAA,EAAQ,QAAQ,CAAgB,CAAA;AACvD,IAAA,MAAA,EAAQ,KAAA,CAAM,IAAA,CAAK,GAAG,CAAA;AAAA,EAC1B;AACA,EAAA,OAAO,KAAA;AACX;AAYA,MAAA,SAAsB,oBAAA,CAAqB,QAAA,EAAwC;AAC/E,EAAA,MAAM,IAAA,EAAM,MAAMA,YAAAA,CAAG,QAAA,CAAS,QAAA,CAAS,QAAQ,CAAA;AAC/C,EAAA,GAAA,CAAI,QAAA,CAAS,KAAA,CAAM,SAAS,CAAA,EAAG;AAC3B,IAAA,OAAO,GAAA;AAAA,EACX;AACA,EAAA,MAAM,QAAA,EAAU,gDAAA,GAAiB,CAAI,QAAA,CAAS,OAAO,CAAC,CAAA;AACtD,EAAA,MAAM,MAAA,EAAQ,mBAAA,CAAoB,OAAO,CAAA;AACzC,EAAA,GAAA,CAAI,MAAA,EAAQ,CAAA,EAAG;AACX,IAAA,OAAA,CAAQ,IAAA;AAAA,MACJ,CAAA,2CAAA,EAA8C,cAAA,CAAK,QAAA,CAAS,QAAQ,CAAC,CAAA,WAAA,EACxD,KAAK,CAAA,oHAAA;AAAA,IAEtB,CAAA;AAAA,EACJ;AACA,EAAA,OAAO,+CAAA,OAAuB,CAAA;AAClC;AAKO,SAAS,aAAA,CAAc,QAAA,EAA6B;AACvD,EAAA,GAAA,CAAI,QAAA,CAAS,KAAA,CAAM,SAAS,CAAA,EAAG;AAC3B,IAAA,MAAM,IAAA,EAAMA,YAAAA,CAAG,YAAA,CAAa,QAAQ,CAAA;AACpC,IAAA,OAAO,qCAAA,GAAmB,CAAA;AAAA,EAC9B,EAAA,KAAO;AACH,IAAA,MAAM,QAAA,EAAkB,YAAA,CAAa,QAAQ,CAAA;AAC7C,IAAA,OAAO,qCAAA,OAAuB,CAAA;AAAA,EAClC;AACJ;AAKA,MAAA,SAAsB,kBAAA,CAAmB,QAAA,EAAsC;AAC3E,EAAA,MAAM,IAAA,EAAM,MAAMA,YAAAA,CAAG,QAAA,CAAS,QAAA,CAAS,QAAQ,CAAA;AAC/C,EAAA,GAAA,CAAI,QAAA,CAAS,KAAA,CAAM,SAAS,CAAA,EAAG;AAC3B,IAAA,OAAO,qCAAA,GAAmB,CAAA;AAAA,EAC9B;AACA,EAAA,OAAO,qCAAA,gDAAgB,GAAiB,CAAI,QAAA,CAAS,OAAO,CAAC,CAAC,CAAA;AAClE;AAIA,SAAS,kBAAA,CAAmB,MAAA,EAAqC;AAC7D,EAAA,GAAA,CAAI,CAAC,yBAAA,GAAoB,OAAA,CAAQ,GAAA,CAAI,oBAAA,EAAsB;AAEvD,IAAA,GAAA,CAAI,MAAA,CAAO,QAAA,CAAS,MAAM,CAAA,EAAG;AACzB,MAAA,MAAM,OAAA,EAAS,qCAAA,MAAM,EAAQ,aAAa,CAAA;AAC1C,MAAA,8BAAA,CAAQ,iBAAA,EAAmB,aAAa,CAAA,CAAE,OAAA,CAAQ,+CAAA,MAAsB,CAAW,EAAA,GAAK,CAAC,CAAA;AACzF,MAAA,OAAO,EAAE,MAAA,EAAQ,OAAO,CAAA;AAAA,IAC5B;AACA,IAAA,OAAO,EAAE,MAAA,EAAQ,gBAAA,CAAiB,MAAgB,EAAE,CAAA;AAAA,EACxD;AAEA,EAAA,MAAM,OAAA,EAAS,OAAA,CAAQ,GAAA,CAAI,YAAA;AAC3B,EAAA,OAAA,CAAQ,GAAA,CAAI,aAAA,EAAe,WAAA;AAC3B,EAAA,MAAM,SAAA,EAAW,sCAAA,MAAuB,CAAA;AACxC,EAAA,OAAA,CAAQ,GAAA,CAAI,aAAA,EAAe,MAAA;AAC3B,EAAA,OAAO,EAAE,MAAA,EAAQ,SAAS,CAAA;AAC9B;AAEA,SAAS,gBAAA,CAAiB,GAAA,EAAqB;AAC3C,EAAA,OAAO,GAAA,CAAI,KAAA,CAAM,KAAK,EAAA,EAAI,IAAA,EAAM,CAAA,EAAA;AAAM;AAC1C;AAI6D;AAC1B,EAAA;AACS,IAAA;AACP,IAAA;AAC1B,EAAA;AACkC,IAAA;AACX,IAAA;AAC9B,EAAA;AACJ;AAK0C;AACR,EAAA;AACC,EAAA;AACE,IAAA;AACjC,EAAA;AAC0B,EAAA;AAC9B;AAEmC;AACH,EAAA;AAChC;AAKsB;AACY,EAAA;AACH,EAAA;AAC/B;AAEiC;AACD,EAAA;AAChC;AAKsB;AACY,EAAA;AACH,EAAA;AAC/B;AAKkC;AACF,EAAA;AAChC;AAMsB;AACY,EAAA;AACH,EAAA;AAC/B;AAEmC;AAEC;AACd,EAAA;AACK,EAAA;AAChB,EAAA;AACX;AAC8C;AACf,EAAA;AACK,IAAA;AAChC,EAAA;AACO,EAAA;AACX;AAKkC;AACP,EAAA;AACH,IAAA;AACpB,EAAA;AACiC,EAAA;AACR,IAAA;AACzB,EAAA;AACgC,EAAA;AACX,EAAA;AACO,EAAA;AACI,EAAA;AAChB,EAAA;AACpB;AAEiC;AACI,EAAA;AACR,IAAA;AACzB,EAAA;AACgC,EAAA;AACF,EAAA;AACF,EAAA;AACK,EAAA;AACrC;AF1GmC;AACA;AGtLpB;AAIO;AACY,EAAA;AACI,EAAA;AAEvB,IAAA;AACX,EAAA;AAC6B,EAAA;AACC,EAAA;AAClC;AHoLmC;AACA;AIjMpB;AAMO;AACY,EAAA;AACI,EAAA;AAEvB,IAAA;AACX,EAAA;AAC6B,EAAA;AACC,EAAA;AAClC;AJ6LmC;AACA;AK5MpB;AAemB;AACF,EAAA;AACC,EAAA;AAAqC;AACtE;AAQsC;AACP,EAAA;AAC/B;AAKsB;AACU,EAAA;AAChC;AAUkC;AACF,EAAA;AACJ,EAAA;AAC5B;AAQyC;AACV,EAAA;AAC/B;AAKsB;AACU,EAAA;AAChC;ALkKmC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA","file":"/home/runner/work/node-opcua-crypto/node-opcua-crypto/packages/node-opcua-crypto/dist/chunk-MUTGGDEL.cjs","sourcesContent":[null,"// ---------------------------------------------------------------------------------------------------------------------\n// node-opcua-crypto\n// ---------------------------------------------------------------------------------------------------------------------\n// Copyright (c) 2014-2022 - Etienne Rossignon - etienne.rossignon (at) gadz.org\n// Copyright (c) 2022-2026 - Sterfive.com\n// ---------------------------------------------------------------------------------------------------------------------\n//\n// This project is licensed under the terms of the MIT license.\n//\n// Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated\n// documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the\n// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to\n// permit persons to whom the Software is furnished to do so, subject to the following conditions:\n//\n// The above copyright notice and this permission notice shall be included in all copies or substantial portions of the\n// Software.\n//\n// THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE\n// WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR\n// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR\n// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n// ---------------------------------------------------------------------------------------------------------------------\n\nimport { generateKeyPairSync } from \"node:crypto\";\nimport fs from \"node:fs\";\nimport { generateKeyPair, privateKeyToPEM } from \"../source/index.js\";\nexport async function generatePrivateKeyFile(privateKeyFilename: string, modulusLength: 1024 | 2048 | 3072 | 4096) {\n const keys = await generateKeyPair(modulusLength);\n const privateKeyPem = await privateKeyToPEM(keys.privateKey);\n await fs.promises.writeFile(privateKeyFilename, privateKeyPem.privPem, \"utf-8\");\n privateKeyPem.privPem = \"\";\n privateKeyPem.privDer = new ArrayBuffer(0);\n}\n\n/**\n * alternate function to generate PrivateKeyFile, using native\n * node:crypto.\n *\n * This function is slower than generatePrivateKeyFile\n */\nexport async function generatePrivateKeyFileAlternate(privateKeyFilename: string, modulusLength: 2048 | 3072 | 4096) {\n const { privateKey } = generateKeyPairSync(\"rsa\", {\n modulusLength,\n privateKeyEncoding: { type: \"pkcs8\", format: \"pem\" },\n publicKeyEncoding: { type: \"spki\", format: \"pem\" },\n });\n await fs.promises.writeFile(privateKeyFilename, privateKey, \"utf-8\");\n}\n","// ---------------------------------------------------------------------------------------------------------------------\n// node-opcua-crypto\n// ---------------------------------------------------------------------------------------------------------------------\n// Copyright (c) 2014-2022 - Etienne Rossignon - etienne.rossignon (at) gadz.org\n// Copyright (c) 2022-2026 - Sterfive.com\n// ---------------------------------------------------------------------------------------------------------------------\n//\n// This project is licensed under the terms of the MIT license.\n//\n// Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated\n// documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the\n// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to\n// permit persons to whom the Software is furnished to do so, subject to the following conditions:\n//\n// The above copyright notice and this permission notice shall be included in all copies or substantial portions of the\n// Software.\n//\n// THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE\n// WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR\n// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR\n// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n// ---------------------------------------------------------------------------------------------------------------------\n\nimport assert from \"node:assert\";\nimport { createPrivateKey, createPublicKey } from \"node:crypto\";\nimport fs from \"node:fs\";\nimport path from \"node:path\";\nimport sshpk from \"sshpk\";\nimport type {\n Certificate,\n CertificatePEM,\n DER,\n KeyObject,\n PEM,\n PrivateKey,\n PrivateKeyPEM,\n PublicKey,\n PublicKeyPEM,\n} from \"../source/common.js\";\nimport { split_der } from \"../source/crypto_explore_certificate.js\";\nimport { convertPEMtoDER, identifyPemType, removeTrailingLF, toPem } from \"../source/crypto_utils.js\";\n\nfunction _readPemFile(filename: string): PEM {\n assert(typeof filename === \"string\");\n return removeTrailingLF(fs.readFileSync(filename, \"utf-8\"));\n}\n\nfunction _readPemOrDerFileAsDER(filename: string): DER {\n if (filename.match(/.*\\.der/)) {\n return fs.readFileSync(filename) as Buffer;\n }\n const raw_key: string = _readPemFile(filename);\n return convertPEMtoDER(raw_key);\n}\n\nfunction _countPemCertBlocks(pem: string): number {\n const matches = pem.match(/-----BEGIN CERTIFICATE-----/g);\n return matches ? matches.length : 0;\n}\n\n/**\n * Read a DER or PEM certificate from file.\n *\n * **Note:** If the PEM file contains multiple certificate blocks\n * (e.g. a leaf cert + CA chain), only the **first** certificate\n * is returned. Use {@link readCertificateChain} to read all\n * certificates individually.\n *\n * @deprecated Use {@link readCertificateChain} instead, which\n * returns each certificate as a separate DER buffer.\n */\nexport function readCertificate(filename: string): Certificate {\n if (filename.match(/.*\\.der/)) {\n return fs.readFileSync(filename) as Certificate;\n }\n const pem = _readPemFile(filename);\n const count = _countPemCertBlocks(pem);\n if (count > 1) {\n console.warn(\n `[node-opcua-crypto] readCertificate: \"${path.basename(filename)}\"` +\n ` contains ${count} PEM certificate block(s) but only the first` +\n ` will be used. Use readCertificateChain() to read all certificates.`,\n );\n }\n return convertPEMtoDER(pem) as Certificate;\n}\n\n/**\n * Read a PEM or DER certificate file that may contain multiple\n * certificates (e.g. a leaf cert + CA issuer chain) and return\n * each certificate as a separate DER `Buffer`.\n *\n * - For a DER file, returns a single-element array.\n * - For a PEM file with N certificate blocks, returns N elements\n * in the same order they appear in the file (leaf first).\n */\nexport function readCertificateChain(filename: string): Certificate[] {\n if (filename.match(/.*\\.der/)) {\n return split_der(fs.readFileSync(filename) as Certificate);\n }\n const pem = _readPemFile(filename);\n return _extractAllPemDerCertificates(pem);\n}\n\n/**\n * Async version of {@link readCertificateChain}.\n */\nexport async function readCertificateChainAsync(filename: string): Promise<Certificate[]> {\n const buf = await fs.promises.readFile(filename);\n if (filename.match(/.*\\.der/)) {\n return split_der(buf as Certificate);\n }\n const pem = removeTrailingLF(buf.toString(\"utf-8\"));\n return _extractAllPemDerCertificates(pem);\n}\n\n/**\n * Extract all CERTIFICATE PEM blocks from a PEM string and\n * return each as a separate DER `Buffer`.\n */\nfunction _extractAllPemDerCertificates(pem: string): Certificate[] {\n const certs: Certificate[] = [];\n const regex = /-----BEGIN CERTIFICATE-----\\r?\\n([/+=a-zA-Z0-9\\r\\n]*)\\r?\\n-----END CERTIFICATE-----/g;\n let match: RegExpExecArray | null;\n match = regex.exec(pem);\n while (match !== null) {\n const base64 = match[1].replace(/\\r?\\n/g, \"\");\n certs.push(Buffer.from(base64, \"base64\") as Certificate);\n match = regex.exec(pem);\n }\n return certs;\n}\n\n/**\n * Async version of {@link readCertificate}.\n * Uses `fs.promises.readFile` so the event loop is not blocked\n * during I/O.\n *\n * **Note:** If the PEM file contains multiple certificate blocks,\n * only the first is returned. Use {@link readCertificateChainAsync}.\n *\n * @deprecated Use {@link readCertificateChainAsync} instead.\n */\nexport async function readCertificateAsync(filename: string): Promise<Certificate> {\n const buf = await fs.promises.readFile(filename);\n if (filename.match(/.*\\.der/)) {\n return buf as Certificate;\n }\n const raw_key = removeTrailingLF(buf.toString(\"utf-8\"));\n const count = _countPemCertBlocks(raw_key);\n if (count > 1) {\n console.warn(\n `[node-opcua-crypto] readCertificateAsync: \"${path.basename(filename)}\"` +\n ` contains ${count} PEM certificate block(s) but only the first` +\n ` will be used. Use readCertificateChainAsync() to read all certificates.`,\n );\n }\n return convertPEMtoDER(raw_key) as Certificate;\n}\n\n/**\n * read a DER or PEM certificate from file\n */\nexport function readPublicKey(filename: string): KeyObject {\n if (filename.match(/.*\\.der/)) {\n const der = fs.readFileSync(filename) as Buffer;\n return createPublicKey(der);\n } else {\n const raw_key: string = _readPemFile(filename);\n return createPublicKey(raw_key);\n }\n}\n\n/**\n * Async version of {@link readPublicKey}.\n */\nexport async function readPublicKeyAsync(filename: string): Promise<KeyObject> {\n const buf = await fs.promises.readFile(filename);\n if (filename.match(/.*\\.der/)) {\n return createPublicKey(buf);\n }\n return createPublicKey(removeTrailingLF(buf.toString(\"utf-8\")));\n}\n\n// console.log(\"createPrivateKey\", (crypto as any).createPrivateKey, process.env.NO_CREATE_PRIVATEKEY);\n\nfunction myCreatePrivateKey(rawKey: string | Buffer): PrivateKey {\n if (!createPrivateKey || process.env.NO_CREATE_PRIVATEKEY) {\n // we are not running nodejs or createPrivateKey is not supported in the environment\n if (Buffer.isBuffer(rawKey)) {\n const pemKey = toPem(rawKey, \"PRIVATE KEY\");\n assert([\"RSA PRIVATE KEY\", \"PRIVATE KEY\"].indexOf(identifyPemType(pemKey) as string) >= 0);\n return { hidden: pemKey };\n }\n return { hidden: ensureTrailingLF(rawKey as string) };\n }\n // see https://askubuntu.com/questions/1409458/openssl-config-cuases-error-in-node-js-crypto-how-should-the-config-be-updated\n const backup = process.env.OPENSSL_CONF;\n process.env.OPENSSL_CONF = \"/dev/null\";\n const retValue = createPrivateKey(rawKey);\n process.env.OPENSSL_CONF = backup;\n return { hidden: retValue };\n}\n\nfunction ensureTrailingLF(str: string): string {\n return str.match(/\\n$/) ? str : `${str}\\n`;\n}\n/**\n * read a DER or PEM certificate from file\n */\nexport function readPrivateKey(filename: string): PrivateKey {\n if (filename.match(/.*\\.der/)) {\n const der: Buffer = fs.readFileSync(filename);\n return myCreatePrivateKey(der);\n } else {\n const raw_key: string = _readPemFile(filename);\n return myCreatePrivateKey(raw_key);\n }\n}\n\n/**\n * Async version of {@link readPrivateKey}.\n */\nexport async function readPrivateKeyAsync(filename: string): Promise<PrivateKey> {\n const buf = await fs.promises.readFile(filename);\n if (filename.match(/.*\\.der/)) {\n return myCreatePrivateKey(buf);\n }\n return myCreatePrivateKey(removeTrailingLF(buf.toString(\"utf-8\")));\n}\n\nexport function readCertificatePEM(filename: string): CertificatePEM {\n return _readPemFile(filename);\n}\n\n/**\n * Async version of {@link readCertificatePEM}.\n */\nexport async function readCertificatePEMAsync(filename: string): Promise<CertificatePEM> {\n const buf = await fs.promises.readFile(filename, \"utf-8\");\n return removeTrailingLF(buf);\n}\n\nexport function readPublicKeyPEM(filename: string): PublicKeyPEM {\n return _readPemFile(filename);\n}\n\n/**\n * Async version of {@link readPublicKeyPEM}.\n */\nexport async function readPublicKeyPEMAsync(filename: string): Promise<PublicKeyPEM> {\n const buf = await fs.promises.readFile(filename, \"utf-8\");\n return removeTrailingLF(buf);\n}\n/**\n *\n * @deprecated\n */\nexport function readPrivateKeyPEM(filename: string): PrivateKeyPEM {\n return _readPemFile(filename);\n}\n\n/**\n * Async version of {@link readPrivateKeyPEM}.\n * @deprecated\n */\nexport async function readPrivateKeyPEMAsync(filename: string): Promise<PrivateKeyPEM> {\n const buf = await fs.promises.readFile(filename, \"utf-8\");\n return removeTrailingLF(buf);\n}\n\nlet _g_certificate_store: string = \"\";\n\nexport function setCertificateStore(store: string): string {\n const old_store = _g_certificate_store;\n _g_certificate_store = store;\n return old_store;\n}\nexport function getCertificateStore(): string {\n if (!_g_certificate_store) {\n _g_certificate_store = path.join(__dirname, \"../../certificates/\");\n }\n return _g_certificate_store;\n}\n/**\n *\n * @param filename\n */\nexport function readPrivateRsaKey(filename: string): PrivateKey {\n if (!createPrivateKey) {\n throw new Error(\"createPrivateKey is not supported in this environment\");\n }\n if (filename.substring(0, 1) !== \".\" && !fs.existsSync(filename)) {\n filename = path.join(getCertificateStore(), filename);\n }\n const content = fs.readFileSync(filename, \"utf8\");\n const sshKey = sshpk.parsePrivateKey(content, \"auto\");\n const key = sshKey.toString(\"pkcs1\") as PEM;\n const hidden = createPrivateKey({ format: \"pem\", type: \"pkcs1\", key });\n return { hidden };\n}\n\nexport function readPublicRsaKey(filename: string): PublicKey {\n if (filename.substring(0, 1) !== \".\" && !fs.existsSync(filename)) {\n filename = path.join(getCertificateStore(), filename);\n }\n const content = fs.readFileSync(filename, \"utf-8\");\n const sshKey = sshpk.parseKey(content, \"ssh\");\n const key = sshKey.toString(\"pkcs1\") as PEM;\n return createPublicKey({ format: \"pem\", type: \"pkcs1\", key });\n}\n","// ---------------------------------------------------------------------------------------------------------------------\n// node-opcua-crypto\n// ---------------------------------------------------------------------------------------------------------------------\n// Copyright (c) 2014-2022 - Etienne Rossignon - etienne.rossignon (at) gadz.org\n// Copyright (c) 2022-2026 - Sterfive.com\n// ---------------------------------------------------------------------------------------------------------------------\n//\n// This project is licensed under the terms of the MIT license.\n//\n// Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated\n// documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the\n// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to\n// permit persons to whom the Software is furnished to do so, subject to the following conditions:\n//\n// The above copyright notice and this permission notice shall be included in all copies or substantial portions of the\n// Software.\n//\n// THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE\n// WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR\n// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR\n// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n// ---------------------------------------------------------------------------------------------------------------------\n\nimport fs from \"node:fs\";\nimport type { CertificateRevocationList } from \"../source/common.js\";\nimport { convertPEMtoDER } from \"../source/crypto_utils.js\";\n\nexport async function readCertificateRevocationList(filename: string): Promise<CertificateRevocationList> {\n const crl = await fs.promises.readFile(filename);\n if (crl[0] === 0x30 && crl[1] === 0x82) {\n // der format\n return crl as CertificateRevocationList;\n }\n const raw_crl = crl.toString();\n return convertPEMtoDER(raw_crl);\n}\n","// ---------------------------------------------------------------------------------------------------------------------\n// node-opcua-crypto\n// ---------------------------------------------------------------------------------------------------------------------\n// Copyright (c) 2014-2022 - Etienne Rossignon - etienne.rossignon (at) gadz.org\n// Copyright (c) 2022-2026 - Sterfive.com\n// ---------------------------------------------------------------------------------------------------------------------\n//\n// This project is licensed under the terms of the MIT license.\n//\n// Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated\n// documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the\n// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to\n// permit persons to whom the Software is furnished to do so, subject to the following conditions:\n//\n// The above copyright notice and this permission notice shall be included in all copies or substantial portions of the\n// Software.\n//\n// THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE\n// WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR\n// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR\n// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n// ---------------------------------------------------------------------------------------------------------------------\n\nimport fs from \"node:fs\";\nimport type { CertificateRevocationList } from \"../source/common.js\";\nimport { convertPEMtoDER } from \"../source/crypto_utils.js\";\n\nexport type CertificateSigningRequest = Buffer;\n\nexport async function readCertificateSigningRequest(filename: string): Promise<CertificateSigningRequest> {\n const csr = await fs.promises.readFile(filename);\n if (csr[0] === 0x30 && csr[1] === 0x82) {\n // der format\n return csr as CertificateRevocationList;\n }\n const raw_crl = csr.toString();\n return convertPEMtoDER(raw_crl);\n}\n","// ---------------------------------------------------------------------------------------------------------------------\n// node-opcua-crypto\n// ---------------------------------------------------------------------------------------------------------------------\n// Copyright (c) 2014-2022 - Etienne Rossignon - etienne.rossignon (at) gadz.org\n// Copyright (c) 2022-2026 - Sterfive.com\n// ---------------------------------------------------------------------------------------------------------------------\n//\n// This project is licensed under the terms of the MIT license.\n//\n// Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated\n// documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the\n// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to\n// permit persons to whom the Software is furnished to do so, subject to the following conditions:\n//\n// The above copyright notice and this permission notice shall be included in all copies or substantial portions of the\n// Software.\n//\n// THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE\n// WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR\n// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR\n// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n// ---------------------------------------------------------------------------------------------------------------------\n\nimport fs from \"node:fs\";\n\nimport type { Certificate } from \"../source/common.js\";\nimport { combine_der } from \"../source/crypto_explore_certificate.js\";\nimport { toPem } from \"../source/crypto_utils.js\";\n\n// ── PEM ──────────────────────────────────────────────────────\n\n/**\n * Convert one or more DER certificates to a PEM string.\n *\n * Accepts a single `Certificate` (DER buffer) or an array.\n * Returns a multi-block PEM string with each certificate\n * separated by a newline.\n */\nexport function certificatesToPem(certificates: Certificate | Certificate[]): string {\n const certs = Array.isArray(certificates) ? certificates : [certificates];\n return `${certs.map((der) => toPem(der, \"CERTIFICATE\")).join(\"\\n\")}\\n`;\n}\n\n/**\n * Write one or more DER certificates to a PEM file.\n *\n * Each certificate is written as a separate PEM block in the\n * order provided (typically leaf first, then issuer chain).\n */\nexport function writeCertificateChain(filename: string, certificates: Certificate | Certificate[]): void {\n fs.writeFileSync(filename, certificatesToPem(certificates), \"utf-8\");\n}\n\n/**\n * Async version of {@link writeCertificateChain}.\n */\nexport async function writeCertificateChainAsync(filename: string, certificates: Certificate | Certificate[]): Promise<void> {\n await fs.promises.writeFile(filename, certificatesToPem(certificates), \"utf-8\");\n}\n\n// ── DER ──────────────────────────────────────────────────────\n\n/**\n * Convert one or more DER certificates to a single concatenated\n * DER buffer (OPC UA certificate chain format).\n *\n * Accepts a single `Certificate` (DER buffer) or an array.\n */\nexport function certificatesToDer(certificates: Certificate | Certificate[]): Certificate {\n const certs = Array.isArray(certificates) ? certificates : [certificates];\n return combine_der(certs);\n}\n\n/**\n * Write one or more DER certificates to a `.der` file as a\n * concatenated DER chain (OPC UA binary chain format).\n *\n * Order should be leaf first, then issuer chain.\n */\nexport function writeCertificateChainDer(filename: string, certificates: Certificate | Certificate[]): void {\n fs.writeFileSync(filename, certificatesToDer(certificates));\n}\n\n/**\n * Async version of {@link writeCertificateChainDer}.\n */\nexport async function writeCertificateChainDerAsync(filename: string, certificates: Certificate | Certificate[]): Promise<void> {\n await fs.promises.writeFile(filename, certificatesToDer(certificates));\n}\n"]}
package/dist/{chunk-KCVNMSLI.js → chunk-Z4PNMXBN.js} RENAMED
@@ -1318,13 +1318,13 @@ async function verifyCertificateChain(certificateChain) {
1318
1318
  if (!certInfo.tbsCertificate.extensions) {
1319
1319
  return {
1320
1320
  status: "BadCertificateInvalid",
1321
- reason: "Cannot find X409 Extension 3 in certificate"
1321
+ reason: "Cannot find X509 Extension 3 in certificate"
1322
1322
  };
1323
1323
  }
1324
1324
  if (!certParentInfo.tbsCertificate.extensions || !certInfo.tbsCertificate.extensions.authorityKeyIdentifier) {
1325
1325
  return {
1326
1326
  status: "BadCertificateInvalid",
1327
- reason: "Cannot find X409 Extension 3 in certificate (parent)"
1327
+ reason: "Cannot find X509 Extension 3 in certificate (parent)"
1328
1328
  };
1329
1329
  }
1330
1330
  if (certParentInfo.tbsCertificate.extensions.subjectKeyIdentifier !== certInfo.tbsCertificate.extensions.authorityKeyIdentifier.keyIdentifier) {
@@ -6579,4 +6579,4 @@ asn1js/build/index.es.js:
6579
6579
  *
6580
6580
  *)
6581
6581
  */
6582
- //# sourceMappingURL=chunk-KCVNMSLI.js.map
6582
+ //# sourceMappingURL=chunk-Z4PNMXBN.js.map