npm - node-opcua-crypto - Versions diffs - 5.3.0 → 5.3.2 - Mend

node-opcua-crypto 5.3.0 → 5.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (28) hide show

package/dist/{chunk-7GWSCCWS.cjs → chunk-IKQT3ICS.cjs} +96 -22
package/dist/chunk-IKQT3ICS.cjs.map +1 -0
package/dist/{chunk-KCVNMSLI.js → chunk-ODR4HUB7.js} +66 -15
package/dist/chunk-ODR4HUB7.js.map +1 -0
package/dist/{chunk-ERHE4VFS.cjs → chunk-TSW463FI.cjs} +68 -17
package/dist/chunk-TSW463FI.cjs.map +1 -0
package/dist/{chunk-QGNXSXUU.js → chunk-UEEZA3YS.js} +82 -8
package/dist/chunk-UEEZA3YS.js.map +1 -0
package/dist/index.cjs +23 -3
package/dist/index.cjs.map +1 -1
package/dist/index.d.cts +2 -2
package/dist/index.d.ts +2 -2
package/dist/index.js +25 -5
package/dist/source/index_web.cjs +6 -2
package/dist/source/index_web.cjs.map +1 -1
package/dist/source/index_web.d.cts +10 -1
package/dist/source/index_web.d.ts +10 -1
package/dist/source/index_web.js +7 -3
package/dist/source_nodejs/index.cjs +19 -3
package/dist/source_nodejs/index.cjs.map +1 -1
package/dist/source_nodejs/index.d.cts +67 -2
package/dist/source_nodejs/index.d.ts +67 -2
package/dist/source_nodejs/index.js +20 -4
package/package.json +5 -5
package/dist/chunk-7GWSCCWS.cjs.map +0 -1
package/dist/chunk-ERHE4VFS.cjs.map +0 -1
package/dist/chunk-KCVNMSLI.js.map +0 -1
package/dist/chunk-QGNXSXUU.js.map +0 -1

package/dist/{chunk-ERHE4VFS.cjs → chunk-TSW463FI.cjs} RENAMED Viewed

@@ -1,4 +1,4 @@
-"use strict";Object.defineProperty(exports, "__esModule", {value: true}); function _interopRequireWildcard(obj) { if (obj && obj.__esModule) { return obj; } else { var newObj = {}; if (obj != null) { for (var key in obj) { if (Object.prototype.hasOwnProperty.call(obj, key)) { newObj[key] = obj[key]; } } } newObj.default = obj; return newObj; } } function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } function _nullishCoalesce(lhs, rhsFn) { if (lhs != null) { return lhs; } else { return rhsFn(); } } function _optionalChain(ops) { let lastAccessLHS = undefined; let value = ops[0]; let i = 1; while (i < ops.length) { const op = ops[i]; const fn = ops[i + 1]; i += 2; if ((op === 'optionalAccess' || op === 'optionalCall') && value == null) { return undefined; } if (op === 'access' || op === 'optionalAccess') { lastAccessLHS = value; value = fn(value); } else if (op === 'call' || op === 'optionalCall') { value = fn((...args) => value.call(lastAccessLHS, ...args)); lastAccessLHS = undefined; } } return value; }var __defProp = Object.defineProperty;
+"use strict";Object.defineProperty(exports, "__esModule", {value: true}); function _interopRequireWildcard(obj) { if (obj && obj.__esModule) { return obj; } else { var newObj = {}; if (obj != null) { for (var key in obj) { if (Object.prototype.hasOwnProperty.call(obj, key)) { newObj[key] = obj[key]; } } } newObj.default = obj; return newObj; } } function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } function _nullishCoalesce(lhs, rhsFn) { if (lhs != null) { return lhs; } else { return rhsFn(); } } function _optionalChain(ops) { let lastAccessLHS = undefined; let value = ops[0]; let i = 1; while (i < ops.length) { const op = ops[i]; const fn = ops[i + 1]; i += 2; if ((op === 'optionalAccess' || op === 'optionalCall') && value == null) { return undefined; } if (op === 'access' || op === 'optionalAccess') { lastAccessLHS = value; value = fn(value); } else if (op === 'call' || op === 'optionalCall') { value = fn((...args) => value.call(lastAccessLHS, ...args)); lastAccessLHS = undefined; } } return value; } var _class;var __defProp = Object.defineProperty;
 var __export = (target, all) => {
   for (var name in all)
     __defProp(target, name, { get: all[name], enumerable: true });
@@ -1168,41 +1168,90 @@ function readTbsCertificate(buffer, block) {
     extensions
   };
 }
+var LRUCache = (_class = class {
+  constructor(maxSize) {;_class.prototype.__init.call(this);
+    this.maxSize = maxSize;
+  }
+  __init() {this.map = /* @__PURE__ */ new Map()}
+  get(key) {
+    if (!this.map.has(key)) {
+      return void 0;
+    }
+    const val = this.map.get(key);
+    if (val !== void 0) {
+      this.map.delete(key);
+      this.map.set(key, val);
+      return val;
+    }
+    return void 0;
+  }
+  set(key, value) {
+    if (this.map.has(key)) {
+      this.map.delete(key);
+    } else if (this.map.size >= this.maxSize) {
+      const oldestKey = this.map.keys().next().value;
+      if (oldestKey !== void 0) {
+        this.map.delete(oldestKey);
+      }
+    }
+    this.map.set(key, value);
+  }
+  clear() {
+    this.map.clear();
+  }
+}, _class);
+var exploreCertificateCache = new LRUCache(1e3);
+function clearExploreCertificateCache() {
+  exploreCertificateCache.clear();
+}
 function exploreCertificate(certificate) {
   _assert2.default.call(void 0, Buffer.isBuffer(certificate));
-  const certificate_priv = certificate;
-  if (!certificate_priv._exploreCertificate_cache) {
+  const key = certificate.toString("base64");
+  let cached = exploreCertificateCache.get(key);
+  if (!cached) {
+    verify_certificate_der_structure(certificate);
     const block_info = readTag(certificate, 0);
     const blocks = readStruct(certificate, block_info);
-    certificate_priv._exploreCertificate_cache = {
+    cached = {
       tbsCertificate: readTbsCertificate(certificate, blocks[0]),
       signatureAlgorithm: readAlgorithmIdentifier(certificate, blocks[1]),
       signatureValue: readSignatureValue(certificate, blocks[2])
     };
+    exploreCertificateCache.set(key, cached);
   }
-  return certificate_priv._exploreCertificate_cache;
+  return cached;
 }
 function split_der(certificateChain) {
   const certificate_chain = [];
   do {
     const block_info = readTag(certificateChain, 0);
     const length = block_info.position + block_info.length;
+    if (length > certificateChain.length) {
+      throw new Error("Invalid certificate chain: block length exceeds buffer length");
+    }
     const der_certificate = certificateChain.subarray(0, length);
     certificate_chain.push(der_certificate);
     certificateChain = certificateChain.subarray(length);
   } while (certificateChain.length > 0);
   return certificate_chain;
 }
+function verify_certificate_der_structure(cert) {
+  const blocks = split_der(cert);
+  let sum = 0;
+  for (const block of blocks) {
+    const block_info = readTag(block, 0);
+    if (block_info.position + block_info.length !== block.length) {
+      throw new Error("Invalid certificate buffer: block length doesn't match");
+    }
+    sum += block.length;
+  }
+  if (sum !== cert.length) {
+    throw new Error("Invalid certificate buffer: total block length doesn't match buffer length");
+  }
+}
 function combine_der(certificates) {
   for (const cert of certificates) {
-    const b = split_der(cert);
-    let sum = 0;
-    b.forEach((block) => {
-      const block_info = readTag(block, 0);
-      _assert2.default.call(void 0, block_info.position + block_info.length === block.length);
-      sum += block.length;
-    });
-    _assert2.default.call(void 0, sum === cert.length);
+    verify_certificate_der_structure(cert);
   }
   return Buffer.concat(certificates);
 }
@@ -1311,13 +1360,13 @@ async function verifyCertificateChain(certificateChain) {
     if (!certInfo.tbsCertificate.extensions) {
       return {
         status: "BadCertificateInvalid",
-        reason: "Cannot find X409 Extension 3 in certificate"
+        reason: "Cannot find X509 Extension 3 in certificate"
       };
     }
     if (!certParentInfo.tbsCertificate.extensions || !certInfo.tbsCertificate.extensions.authorityKeyIdentifier) {
       return {
         status: "BadCertificateInvalid",
-        reason: "Cannot find X409 Extension 3 in certificate (parent)"
+        reason: "Cannot find X509 Extension 3 in certificate (parent)"
       };
     }
     if (certParentInfo.tbsCertificate.extensions.subjectKeyIdentifier !== certInfo.tbsCertificate.extensions.authorityKeyIdentifier.keyIdentifier) {
@@ -6502,7 +6551,9 @@ var asn1 = { readDirectoryName, readTag, readStruct, readAlgorithmIdentifier, re
-exports.createPrivateKeyFromNodeJSCrypto = createPrivateKeyFromNodeJSCrypto; exports.isKeyObject = isKeyObject; exports.CertificatePurpose = CertificatePurpose; exports.identifyPemType = identifyPemType; exports.removeTrailingLF = removeTrailingLF; exports.toPem = toPem; exports.convertPEMtoDER = convertPEMtoDER; exports.hexDump = hexDump; exports.makeMessageChunkSignature = makeMessageChunkSignature; exports.verifyMessageChunkSignature = verifyMessageChunkSignature; exports.makeSHA1Thumbprint = makeSHA1Thumbprint; exports.RSA_PKCS1_OAEP_PADDING = RSA_PKCS1_OAEP_PADDING; exports.RSA_PKCS1_PADDING = RSA_PKCS1_PADDING; exports.PaddingAlgorithm = PaddingAlgorithm; exports.publicEncrypt_native = publicEncrypt_native; exports.privateDecrypt_native = privateDecrypt_native; exports.publicEncrypt = publicEncrypt; exports.privateDecrypt = privateDecrypt; exports.publicEncrypt_long = publicEncrypt_long; exports.privateDecrypt_long = privateDecrypt_long; exports.coerceCertificatePem = coerceCertificatePem; exports.extractPublicKeyFromCertificateSync = extractPublicKeyFromCertificateSync; exports.extractPublicKeyFromCertificate = extractPublicKeyFromCertificate; exports.readExtension = readExtension; exports.readTbsCertificate = readTbsCertificate; exports.exploreCertificate = exploreCertificate; exports.split_der = split_der; exports.combine_der = combine_der; exports.readNameForCrl = readNameForCrl; exports.exploreCertificateRevocationList = exploreCertificateRevocationList; exports.verifyCertificateOrClrSignature = verifyCertificateOrClrSignature; exports.verifyCertificateSignature = verifyCertificateSignature; exports.verifyCertificateRevocationListSignature = verifyCertificateRevocationListSignature; exports.verifyCertificateChain = verifyCertificateChain; exports.isCrlIssuedByCertificate = isCrlIssuedByCertificate; exports.verifyCrlIssuedByCertificate = verifyCrlIssuedByCertificate; exports.exploreAsn1 = exploreAsn1; exports.coerceCertificate = coerceCertificate; exports.exploreCertificateInfo = exploreCertificateInfo; exports.readCertificationRequestInfo = readCertificationRequestInfo; exports.exploreCertificateSigningRequest = exploreCertificateSigningRequest; exports.explorePrivateKey = explorePrivateKey; exports.identifyDERContent = identifyDERContent; exports.Subject = Subject; exports.generateKeyPair = generateKeyPair; exports.generatePrivateKey = generatePrivateKey; exports.privateKeyToPEM = privateKeyToPEM; exports.derToPrivateKey = derToPrivateKey; exports.pemToPrivateKey = pemToPrivateKey; exports.coercePEMorDerToPrivateKey = coercePEMorDerToPrivateKey; exports._coercePrivateKey = _coercePrivateKey; exports.createCertificateSigningRequest = createCertificateSigningRequest; exports.createSelfSignedCertificate = createSelfSignedCertificate; exports.rsaLengthPrivateKey = rsaLengthPrivateKey; exports.toPem2 = toPem2; exports.coercePrivateKeyPem = coercePrivateKeyPem; exports.coercePublicKeyPem = coercePublicKeyPem; exports.coerceRsaPublicKeyPem = coerceRsaPublicKeyPem; exports.rsaLengthPublicKey = rsaLengthPublicKey; exports.rsaLengthRsaPublicKey = rsaLengthRsaPublicKey; exports.makePseudoRandomBuffer = makePseudoRandomBuffer; exports.computeDerivedKeys = computeDerivedKeys; exports.reduceLength = reduceLength; exports.removePadding = removePadding; exports.verifyChunkSignature = verifyChunkSignature; exports.computePaddingFooter = computePaddingFooter; exports.encryptBufferWithDerivedKeys = encryptBufferWithDerivedKeys; exports.decryptBufferWithDerivedKeys = decryptBufferWithDerivedKeys; exports.makeMessageChunkSignatureWithDerivedKeys = makeMessageChunkSignatureWithDerivedKeys; exports.verifyChunkSignatureWithDerivedKeys = verifyChunkSignatureWithDerivedKeys; exports.makePrivateKeyFromPem = makePrivateKeyFromPem; exports.makePrivateKeyThumbPrint = makePrivateKeyThumbPrint; exports.publicKeyAndPrivateKeyMatches = publicKeyAndPrivateKeyMatches; exports.certificateMatchesPrivateKey = certificateMatchesPrivateKey; exports.asn1 = asn1;
+exports.createPrivateKeyFromNodeJSCrypto = createPrivateKeyFromNodeJSCrypto; exports.isKeyObject = isKeyObject; exports.CertificatePurpose = CertificatePurpose; exports.identifyPemType = identifyPemType; exports.removeTrailingLF = removeTrailingLF; exports.toPem = toPem; exports.convertPEMtoDER = convertPEMtoDER; exports.hexDump = hexDump; exports.makeMessageChunkSignature = makeMessageChunkSignature; exports.verifyMessageChunkSignature = verifyMessageChunkSignature; exports.makeSHA1Thumbprint = makeSHA1Thumbprint; exports.RSA_PKCS1_OAEP_PADDING = RSA_PKCS1_OAEP_PADDING; exports.RSA_PKCS1_PADDING = RSA_PKCS1_PADDING; exports.PaddingAlgorithm = PaddingAlgorithm; exports.publicEncrypt_native = publicEncrypt_native; exports.privateDecrypt_native = privateDecrypt_native; exports.publicEncrypt = publicEncrypt; exports.privateDecrypt = privateDecrypt; exports.publicEncrypt_long = publicEncrypt_long; exports.privateDecrypt_long = privateDecrypt_long; exports.coerceCertificatePem = coerceCertificatePem; exports.extractPublicKeyFromCertificateSync = extractPublicKeyFromCertificateSync; exports.extractPublicKeyFromCertificate = extractPublicKeyFromCertificate; exports.readExtension = readExtension; exports.readTbsCertificate = readTbsCertificate; exports.clearExploreCertificateCache = clearExploreCertificateCache; exports.exploreCertificate = exploreCertificate; exports.split_der = split_der; exports.verify_certificate_der_structure = verify_certificate_der_structure; exports.combine_der = combine_der; exports.readNameForCrl = readNameForCrl; exports.exploreCertificateRevocationList = exploreCertificateRevocationList; exports.verifyCertificateOrClrSignature = verifyCertificateOrClrSignature; exports.verifyCertificateSignature = verifyCertificateSignature; exports.verifyCertificateRevocationListSignature = verifyCertificateRevocationListSignature; exports.verifyCertificateChain = verifyCertificateChain; exports.isCrlIssuedByCertificate = isCrlIssuedByCertificate; exports.verifyCrlIssuedByCertificate = verifyCrlIssuedByCertificate; exports.exploreAsn1 = exploreAsn1; exports.coerceCertificate = coerceCertificate; exports.exploreCertificateInfo = exploreCertificateInfo; exports.readCertificationRequestInfo = readCertificationRequestInfo; exports.exploreCertificateSigningRequest = exploreCertificateSigningRequest; exports.explorePrivateKey = explorePrivateKey; exports.identifyDERContent = identifyDERContent; exports.Subject = Subject; exports.generateKeyPair = generateKeyPair; exports.generatePrivateKey = generatePrivateKey; exports.privateKeyToPEM = privateKeyToPEM; exports.derToPrivateKey = derToPrivateKey; exports.pemToPrivateKey = pemToPrivateKey; exports.coercePEMorDerToPrivateKey = coercePEMorDerToPrivateKey; exports._coercePrivateKey = _coercePrivateKey; exports.createCertificateSigningRequest = createCertificateSigningRequest; exports.createSelfSignedCertificate = createSelfSignedCertificate; exports.rsaLengthPrivateKey = rsaLengthPrivateKey; exports.toPem2 = toPem2; exports.coercePrivateKeyPem = coercePrivateKeyPem; exports.coercePublicKeyPem = coercePublicKeyPem; exports.coerceRsaPublicKeyPem = coerceRsaPublicKeyPem; exports.rsaLengthPublicKey = rsaLengthPublicKey; exports.rsaLengthRsaPublicKey = rsaLengthRsaPublicKey; exports.makePseudoRandomBuffer = makePseudoRandomBuffer; exports.computeDerivedKeys = computeDerivedKeys; exports.reduceLength = reduceLength; exports.removePadding = removePadding; exports.verifyChunkSignature = verifyChunkSignature; exports.computePaddingFooter = computePaddingFooter; exports.encryptBufferWithDerivedKeys = encryptBufferWithDerivedKeys; exports.decryptBufferWithDerivedKeys = decryptBufferWithDerivedKeys; exports.makeMessageChunkSignatureWithDerivedKeys = makeMessageChunkSignatureWithDerivedKeys; exports.verifyChunkSignatureWithDerivedKeys = verifyChunkSignatureWithDerivedKeys; exports.makePrivateKeyFromPem = makePrivateKeyFromPem; exports.makePrivateKeyThumbPrint = makePrivateKeyThumbPrint; exports.publicKeyAndPrivateKeyMatches = publicKeyAndPrivateKeyMatches; exports.certificateMatchesPrivateKey = certificateMatchesPrivateKey; exports.asn1 = asn1;
 /*! Bundled license information:
 pvtsutils/build/index.es.js:
@@ -6571,4 +6622,4 @@ asn1js/build/index.es.js:
    *
    *)
 */
-//# sourceMappingURL=chunk-ERHE4VFS.cjs.map
+//# sourceMappingURL=chunk-TSW463FI.cjs.map