npm - node-opcua-crypto - Versions diffs - 5.3.1 → 5.3.3 - Mend

node-opcua-crypto 5.3.1 → 5.3.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (23) hide show

package/dist/{chunk-ISWOJ526.js → chunk-DC5KIPR2.js} +2 -2
package/dist/{chunk-Z4PNMXBN.js → chunk-MFGOTDMX.js} +65 -13
package/dist/chunk-MFGOTDMX.js.map +1 -0
package/dist/{chunk-3KSBDOQT.cjs → chunk-R6I4NJSZ.cjs} +67 -15
package/dist/chunk-R6I4NJSZ.cjs.map +1 -0
package/dist/{chunk-MUTGGDEL.cjs → chunk-XJHDKGLH.cjs} +22 -22
package/dist/{chunk-MUTGGDEL.cjs.map → chunk-XJHDKGLH.cjs.map} +1 -1
package/dist/index.cjs +7 -3
package/dist/index.cjs.map +1 -1
package/dist/index.d.cts +1 -1
package/dist/index.d.ts +1 -1
package/dist/index.js +7 -3
package/dist/source/index_web.cjs +6 -2
package/dist/source/index_web.cjs.map +1 -1
package/dist/source/index_web.d.cts +10 -1
package/dist/source/index_web.d.ts +10 -1
package/dist/source/index_web.js +7 -3
package/dist/source_nodejs/index.cjs +3 -3
package/dist/source_nodejs/index.js +2 -2
package/package.json +6 -5
package/dist/chunk-3KSBDOQT.cjs.map +0 -1
package/dist/chunk-Z4PNMXBN.js.map +0 -1
/package/dist/{chunk-ISWOJ526.js.map → chunk-DC5KIPR2.js.map} +0 -0

package/dist/{chunk-ISWOJ526.js → chunk-DC5KIPR2.js} RENAMED Viewed

@@ -8,7 +8,7 @@ import {
   removeTrailingLF,
   split_der,
   toPem
-} from "./chunk-Z4PNMXBN.js";
+} from "./chunk-MFGOTDMX.js";
 // source_nodejs/generate_private_key_filename.ts
 import { generateKeyPairSync } from "crypto";
@@ -280,4 +280,4 @@ export {
   writeCertificateChainDer,
   writeCertificateChainDerAsync
 };
-//# sourceMappingURL=chunk-ISWOJ526.js.map
+//# sourceMappingURL=chunk-DC5KIPR2.js.map

package/dist/{chunk-Z4PNMXBN.js → chunk-MFGOTDMX.js} RENAMED Viewed

@@ -1175,41 +1175,90 @@ function readTbsCertificate(buffer, block) {
     extensions
   };
 }
+var LRUCache = class {
+  constructor(maxSize) {
+    this.maxSize = maxSize;
+  }
+  map = /* @__PURE__ */ new Map();
+  get(key) {
+    if (!this.map.has(key)) {
+      return void 0;
+    }
+    const val = this.map.get(key);
+    if (val !== void 0) {
+      this.map.delete(key);
+      this.map.set(key, val);
+      return val;
+    }
+    return void 0;
+  }
+  set(key, value) {
+    if (this.map.has(key)) {
+      this.map.delete(key);
+    } else if (this.map.size >= this.maxSize) {
+      const oldestKey = this.map.keys().next().value;
+      if (oldestKey !== void 0) {
+        this.map.delete(oldestKey);
+      }
+    }
+    this.map.set(key, value);
+  }
+  clear() {
+    this.map.clear();
+  }
+};
+var exploreCertificateCache = new LRUCache(1e3);
+function clearExploreCertificateCache() {
+  exploreCertificateCache.clear();
+}
 function exploreCertificate(certificate) {
   assert4(Buffer.isBuffer(certificate));
-  const certificate_priv = certificate;
-  if (!certificate_priv._exploreCertificate_cache) {
+  const key = certificate.toString("base64");
+  let cached = exploreCertificateCache.get(key);
+  if (!cached) {
+    verify_certificate_der_structure(certificate);
     const block_info = readTag(certificate, 0);
     const blocks = readStruct(certificate, block_info);
-    certificate_priv._exploreCertificate_cache = {
+    cached = {
       tbsCertificate: readTbsCertificate(certificate, blocks[0]),
       signatureAlgorithm: readAlgorithmIdentifier(certificate, blocks[1]),
       signatureValue: readSignatureValue(certificate, blocks[2])
     };
+    exploreCertificateCache.set(key, cached);
   }
-  return certificate_priv._exploreCertificate_cache;
+  return cached;
 }
 function split_der(certificateChain) {
   const certificate_chain = [];
   do {
     const block_info = readTag(certificateChain, 0);
     const length = block_info.position + block_info.length;
+    if (length > certificateChain.length) {
+      throw new Error("Invalid certificate chain: block length exceeds buffer length");
+    }
     const der_certificate = certificateChain.subarray(0, length);
     certificate_chain.push(der_certificate);
     certificateChain = certificateChain.subarray(length);
   } while (certificateChain.length > 0);
   return certificate_chain;
 }
+function verify_certificate_der_structure(cert) {
+  const blocks = split_der(cert);
+  let sum = 0;
+  for (const block of blocks) {
+    const block_info = readTag(block, 0);
+    if (block_info.position + block_info.length !== block.length) {
+      throw new Error("Invalid certificate buffer: block length doesn't match");
+    }
+    sum += block.length;
+  }
+  if (sum !== cert.length) {
+    throw new Error("Invalid certificate buffer: total block length doesn't match buffer length");
+  }
+}
 function combine_der(certificates) {
   for (const cert of certificates) {
-    const b = split_der(cert);
-    let sum = 0;
-    b.forEach((block) => {
-      const block_info = readTag(block, 0);
-      assert4(block_info.position + block_info.length === block.length);
-      sum += block.length;
-    });
-    assert4(sum === cert.length);
+    verify_certificate_der_structure(cert);
   }
   return Buffer.concat(certificates);
 }
@@ -1699,6 +1748,7 @@ var Subject = class _Subject {
 // source/x509/_crypto.ts
 import nativeCrypto from "crypto";
 import { Crypto as PeculiarWebCrypto } from "@peculiar/webcrypto";
+import "reflect-metadata";
 import * as x509 from "@peculiar/x509";
 import * as x5092 from "@peculiar/x509";
 var doDebug3 = false;
@@ -6460,8 +6510,10 @@ export {
   extractPublicKeyFromCertificate,
   readExtension,
   readTbsCertificate,
+  clearExploreCertificateCache,
   exploreCertificate,
   split_der,
+  verify_certificate_der_structure,
   combine_der,
   readNameForCrl,
   exploreCertificateRevocationList,
@@ -6579,4 +6631,4 @@ asn1js/build/index.es.js:
    *
    *)
 */
-//# sourceMappingURL=chunk-Z4PNMXBN.js.map
+//# sourceMappingURL=chunk-MFGOTDMX.js.map