node-opcua-crypto 5.3.5 → 5.3.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{chunk-CHOBVT6V.cjs → chunk-2DISC7JP.cjs} +23 -23
- package/dist/{chunk-CHOBVT6V.cjs.map → chunk-2DISC7JP.cjs.map} +1 -1
- package/dist/{chunk-ZGFOQAZK.js → chunk-EJK7NCWU.js} +2 -2
- package/dist/{chunk-LRB5Q533.cjs → chunk-FRVYTI7S.cjs} +222 -87
- package/dist/chunk-FRVYTI7S.cjs.map +1 -0
- package/dist/{chunk-JHDYJSUT.js → chunk-NX3DSTD6.js} +214 -79
- package/dist/chunk-NX3DSTD6.js.map +1 -0
- package/dist/index.cjs +3 -3
- package/dist/index.js +2 -2
- package/dist/source/index_web.cjs +2 -2
- package/dist/source/index_web.js +1 -1
- package/dist/source_nodejs/index.cjs +3 -3
- package/dist/source_nodejs/index.js +2 -2
- package/package.json +4 -4
- package/dist/chunk-JHDYJSUT.js.map +0 -1
- package/dist/chunk-LRB5Q533.cjs.map +0 -1
- /package/dist/{chunk-ZGFOQAZK.js.map → chunk-EJK7NCWU.js.map} +0 -0
|
@@ -7,14 +7,14 @@
|
|
|
7
7
|
|
|
8
8
|
|
|
9
9
|
|
|
10
|
-
var
|
|
10
|
+
var _chunkFRVYTI7Scjs = require('./chunk-FRVYTI7S.cjs');
|
|
11
11
|
|
|
12
12
|
// source_nodejs/generate_private_key_filename.ts
|
|
13
13
|
var _crypto = require('crypto');
|
|
14
14
|
var _fs = require('fs'); var _fs2 = _interopRequireDefault(_fs);
|
|
15
15
|
async function generatePrivateKeyFile(privateKeyFilename, modulusLength) {
|
|
16
|
-
const keys = await
|
|
17
|
-
const privateKeyPem = await
|
|
16
|
+
const keys = await _chunkFRVYTI7Scjs.generateKeyPair.call(void 0, modulusLength);
|
|
17
|
+
const privateKeyPem = await _chunkFRVYTI7Scjs.privateKeyToPEM.call(void 0, keys.privateKey);
|
|
18
18
|
await _fs2.default.promises.writeFile(privateKeyFilename, privateKeyPem.privPem, "utf-8");
|
|
19
19
|
privateKeyPem.privPem = "";
|
|
20
20
|
privateKeyPem.privDer = new ArrayBuffer(0);
|
|
@@ -36,7 +36,7 @@ var _path = require('path'); var _path2 = _interopRequireDefault(_path);
|
|
|
36
36
|
var _sshpk = require('sshpk'); var _sshpk2 = _interopRequireDefault(_sshpk);
|
|
37
37
|
function _readPemFile(filename) {
|
|
38
38
|
_assert2.default.call(void 0, typeof filename === "string");
|
|
39
|
-
return
|
|
39
|
+
return _chunkFRVYTI7Scjs.removeTrailingLF.call(void 0, _fs2.default.readFileSync(filename, "utf-8"));
|
|
40
40
|
}
|
|
41
41
|
function _countPemCertBlocks(pem) {
|
|
42
42
|
const matches = pem.match(/-----BEGIN CERTIFICATE-----/g);
|
|
@@ -53,11 +53,11 @@ function readCertificate(filename) {
|
|
|
53
53
|
`[node-opcua-crypto] readCertificate: "${_path2.default.basename(filename)}" contains ${count} PEM certificate block(s) but only the first will be used. Use readCertificateChain() to read all certificates.`
|
|
54
54
|
);
|
|
55
55
|
}
|
|
56
|
-
return
|
|
56
|
+
return _chunkFRVYTI7Scjs.convertPEMtoDER.call(void 0, pem);
|
|
57
57
|
}
|
|
58
58
|
function readCertificateChain(filename) {
|
|
59
59
|
if (filename.match(/.*\.der/)) {
|
|
60
|
-
return
|
|
60
|
+
return _chunkFRVYTI7Scjs.split_der.call(void 0, _fs2.default.readFileSync(filename));
|
|
61
61
|
}
|
|
62
62
|
const pem = _readPemFile(filename);
|
|
63
63
|
return _extractAllPemDerCertificates(pem);
|
|
@@ -65,9 +65,9 @@ function readCertificateChain(filename) {
|
|
|
65
65
|
async function readCertificateChainAsync(filename) {
|
|
66
66
|
const buf = await _fs2.default.promises.readFile(filename);
|
|
67
67
|
if (filename.match(/.*\.der/)) {
|
|
68
|
-
return
|
|
68
|
+
return _chunkFRVYTI7Scjs.split_der.call(void 0, buf);
|
|
69
69
|
}
|
|
70
|
-
const pem =
|
|
70
|
+
const pem = _chunkFRVYTI7Scjs.removeTrailingLF.call(void 0, buf.toString("utf-8"));
|
|
71
71
|
return _extractAllPemDerCertificates(pem);
|
|
72
72
|
}
|
|
73
73
|
function _extractAllPemDerCertificates(pem) {
|
|
@@ -79,7 +79,7 @@ function _extractAllPemDerCertificates(pem) {
|
|
|
79
79
|
const base64 = match[1].replace(/\r?\n/g, "");
|
|
80
80
|
const derBuffer = Buffer.from(base64, "base64");
|
|
81
81
|
try {
|
|
82
|
-
const separatedCerts =
|
|
82
|
+
const separatedCerts = _chunkFRVYTI7Scjs.split_der.call(void 0, derBuffer);
|
|
83
83
|
for (const c of separatedCerts) {
|
|
84
84
|
certs.push(c);
|
|
85
85
|
}
|
|
@@ -95,14 +95,14 @@ async function readCertificateAsync(filename) {
|
|
|
95
95
|
if (filename.match(/.*\.der/)) {
|
|
96
96
|
return buf;
|
|
97
97
|
}
|
|
98
|
-
const raw_key =
|
|
98
|
+
const raw_key = _chunkFRVYTI7Scjs.removeTrailingLF.call(void 0, buf.toString("utf-8"));
|
|
99
99
|
const count = _countPemCertBlocks(raw_key);
|
|
100
100
|
if (count > 1) {
|
|
101
101
|
console.warn(
|
|
102
102
|
`[node-opcua-crypto] readCertificateAsync: "${_path2.default.basename(filename)}" contains ${count} PEM certificate block(s) but only the first will be used. Use readCertificateChainAsync() to read all certificates.`
|
|
103
103
|
);
|
|
104
104
|
}
|
|
105
|
-
return
|
|
105
|
+
return _chunkFRVYTI7Scjs.convertPEMtoDER.call(void 0, raw_key);
|
|
106
106
|
}
|
|
107
107
|
function readPublicKey(filename) {
|
|
108
108
|
if (filename.match(/.*\.der/)) {
|
|
@@ -118,13 +118,13 @@ async function readPublicKeyAsync(filename) {
|
|
|
118
118
|
if (filename.match(/.*\.der/)) {
|
|
119
119
|
return _crypto.createPublicKey.call(void 0, buf);
|
|
120
120
|
}
|
|
121
|
-
return _crypto.createPublicKey.call(void 0,
|
|
121
|
+
return _crypto.createPublicKey.call(void 0, _chunkFRVYTI7Scjs.removeTrailingLF.call(void 0, buf.toString("utf-8")));
|
|
122
122
|
}
|
|
123
123
|
function myCreatePrivateKey(rawKey) {
|
|
124
124
|
if (!_crypto.createPrivateKey || process.env.NO_CREATE_PRIVATEKEY) {
|
|
125
125
|
if (Buffer.isBuffer(rawKey)) {
|
|
126
|
-
const pemKey =
|
|
127
|
-
_assert2.default.call(void 0, ["RSA PRIVATE KEY", "PRIVATE KEY"].indexOf(
|
|
126
|
+
const pemKey = _chunkFRVYTI7Scjs.toPem.call(void 0, rawKey, "PRIVATE KEY");
|
|
127
|
+
_assert2.default.call(void 0, ["RSA PRIVATE KEY", "PRIVATE KEY"].indexOf(_chunkFRVYTI7Scjs.identifyPemType.call(void 0, pemKey)) >= 0);
|
|
128
128
|
return { hidden: pemKey };
|
|
129
129
|
}
|
|
130
130
|
return { hidden: ensureTrailingLF(rawKey) };
|
|
@@ -153,28 +153,28 @@ async function readPrivateKeyAsync(filename) {
|
|
|
153
153
|
if (filename.match(/.*\.der/)) {
|
|
154
154
|
return myCreatePrivateKey(buf);
|
|
155
155
|
}
|
|
156
|
-
return myCreatePrivateKey(
|
|
156
|
+
return myCreatePrivateKey(_chunkFRVYTI7Scjs.removeTrailingLF.call(void 0, buf.toString("utf-8")));
|
|
157
157
|
}
|
|
158
158
|
function readCertificatePEM(filename) {
|
|
159
159
|
return _readPemFile(filename);
|
|
160
160
|
}
|
|
161
161
|
async function readCertificatePEMAsync(filename) {
|
|
162
162
|
const buf = await _fs2.default.promises.readFile(filename, "utf-8");
|
|
163
|
-
return
|
|
163
|
+
return _chunkFRVYTI7Scjs.removeTrailingLF.call(void 0, buf);
|
|
164
164
|
}
|
|
165
165
|
function readPublicKeyPEM(filename) {
|
|
166
166
|
return _readPemFile(filename);
|
|
167
167
|
}
|
|
168
168
|
async function readPublicKeyPEMAsync(filename) {
|
|
169
169
|
const buf = await _fs2.default.promises.readFile(filename, "utf-8");
|
|
170
|
-
return
|
|
170
|
+
return _chunkFRVYTI7Scjs.removeTrailingLF.call(void 0, buf);
|
|
171
171
|
}
|
|
172
172
|
function readPrivateKeyPEM(filename) {
|
|
173
173
|
return _readPemFile(filename);
|
|
174
174
|
}
|
|
175
175
|
async function readPrivateKeyPEMAsync(filename) {
|
|
176
176
|
const buf = await _fs2.default.promises.readFile(filename, "utf-8");
|
|
177
|
-
return
|
|
177
|
+
return _chunkFRVYTI7Scjs.removeTrailingLF.call(void 0, buf);
|
|
178
178
|
}
|
|
179
179
|
var _g_certificate_store = "";
|
|
180
180
|
function setCertificateStore(store) {
|
|
@@ -219,7 +219,7 @@ async function readCertificateRevocationList(filename) {
|
|
|
219
219
|
return crl;
|
|
220
220
|
}
|
|
221
221
|
const raw_crl = crl.toString();
|
|
222
|
-
return
|
|
222
|
+
return _chunkFRVYTI7Scjs.convertPEMtoDER.call(void 0, raw_crl);
|
|
223
223
|
}
|
|
224
224
|
|
|
225
225
|
// source_nodejs/read_certificate_signing_request.ts
|
|
@@ -230,14 +230,14 @@ async function readCertificateSigningRequest(filename) {
|
|
|
230
230
|
return csr;
|
|
231
231
|
}
|
|
232
232
|
const raw_crl = csr.toString();
|
|
233
|
-
return
|
|
233
|
+
return _chunkFRVYTI7Scjs.convertPEMtoDER.call(void 0, raw_crl);
|
|
234
234
|
}
|
|
235
235
|
|
|
236
236
|
// source_nodejs/write.ts
|
|
237
237
|
|
|
238
238
|
function certificatesToPem(certificates) {
|
|
239
239
|
const certs = Array.isArray(certificates) ? certificates : [certificates];
|
|
240
|
-
return `${certs.map((der) =>
|
|
240
|
+
return `${certs.map((der) => _chunkFRVYTI7Scjs.toPem.call(void 0, der, "CERTIFICATE")).join("\n")}
|
|
241
241
|
`;
|
|
242
242
|
}
|
|
243
243
|
function writeCertificateChain(filename, certificates) {
|
|
@@ -248,7 +248,7 @@ async function writeCertificateChainAsync(filename, certificates) {
|
|
|
248
248
|
}
|
|
249
249
|
function certificatesToDer(certificates) {
|
|
250
250
|
const certs = Array.isArray(certificates) ? certificates : [certificates];
|
|
251
|
-
return
|
|
251
|
+
return _chunkFRVYTI7Scjs.combine_der.call(void 0, certs);
|
|
252
252
|
}
|
|
253
253
|
function writeCertificateChainDer(filename, certificates) {
|
|
254
254
|
_fs2.default.writeFileSync(filename, certificatesToDer(certificates));
|
|
@@ -287,4 +287,4 @@ async function writeCertificateChainDerAsync(filename, certificates) {
|
|
|
287
287
|
|
|
288
288
|
|
|
289
289
|
exports.generatePrivateKeyFile = generatePrivateKeyFile; exports.generatePrivateKeyFileAlternate = generatePrivateKeyFileAlternate; exports.readCertificate = readCertificate; exports.readCertificateChain = readCertificateChain; exports.readCertificateChainAsync = readCertificateChainAsync; exports.readCertificateAsync = readCertificateAsync; exports.readPublicKey = readPublicKey; exports.readPublicKeyAsync = readPublicKeyAsync; exports.readPrivateKey = readPrivateKey; exports.readPrivateKeyAsync = readPrivateKeyAsync; exports.readCertificatePEM = readCertificatePEM; exports.readCertificatePEMAsync = readCertificatePEMAsync; exports.readPublicKeyPEM = readPublicKeyPEM; exports.readPublicKeyPEMAsync = readPublicKeyPEMAsync; exports.readPrivateKeyPEM = readPrivateKeyPEM; exports.readPrivateKeyPEMAsync = readPrivateKeyPEMAsync; exports.setCertificateStore = setCertificateStore; exports.getCertificateStore = getCertificateStore; exports.readPrivateRsaKey = readPrivateRsaKey; exports.readPublicRsaKey = readPublicRsaKey; exports.readCertificateRevocationList = readCertificateRevocationList; exports.readCertificateSigningRequest = readCertificateSigningRequest; exports.certificatesToPem = certificatesToPem; exports.writeCertificateChain = writeCertificateChain; exports.writeCertificateChainAsync = writeCertificateChainAsync; exports.certificatesToDer = certificatesToDer; exports.writeCertificateChainDer = writeCertificateChainDer; exports.writeCertificateChainDerAsync = writeCertificateChainDerAsync;
|
|
290
|
-
//# sourceMappingURL=chunk-
|
|
290
|
+
//# sourceMappingURL=chunk-2DISC7JP.cjs.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["/home/runner/work/node-opcua-crypto/node-opcua-crypto/packages/node-opcua-crypto/dist/chunk-CHOBVT6V.cjs","../source_nodejs/generate_private_key_filename.ts","../source_nodejs/read.ts","../source_nodejs/read_certificate_revocation_list.ts","../source_nodejs/read_certificate_signing_request.ts","../source_nodejs/write.ts"],"names":["fs"],"mappings":"AAAA;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACF,wDAA6B;AAC7B;AACA;ACYA,gCAAoC;AACpC,gEAAe;AAEf,MAAA,SAAsB,sBAAA,CAAuB,kBAAA,EAA4B,aAAA,EAA0C;AAC/G,EAAA,MAAM,KAAA,EAAO,MAAM,+CAAA,aAA6B,CAAA;AAChD,EAAA,MAAM,cAAA,EAAgB,MAAM,+CAAA,IAAgB,CAAK,UAAU,CAAA;AAC3D,EAAA,MAAM,YAAA,CAAG,QAAA,CAAS,SAAA,CAAU,kBAAA,EAAoB,aAAA,CAAc,OAAA,EAAS,OAAO,CAAA;AAC9E,EAAA,aAAA,CAAc,QAAA,EAAU,EAAA;AACxB,EAAA,aAAA,CAAc,QAAA,EAAU,IAAI,WAAA,CAAY,CAAC,CAAA;AAC7C;AAQA,MAAA,SAAsB,+BAAA,CAAgC,kBAAA,EAA4B,aAAA,EAAmC;AACjH,EAAA,MAAM,EAAE,WAAW,EAAA,EAAI,yCAAA,KAAoB,EAAO;AAAA,IAC9C,aAAA;AAAA,IACA,kBAAA,EAAoB,EAAE,IAAA,EAAM,OAAA,EAAS,MAAA,EAAQ,MAAM,CAAA;AAAA,IACnD,iBAAA,EAAmB,EAAE,IAAA,EAAM,MAAA,EAAQ,MAAA,EAAQ,MAAM;AAAA,EACrD,CAAC,CAAA;AACD,EAAA,MAAM,YAAA,CAAG,QAAA,CAAS,SAAA,CAAU,kBAAA,EAAoB,UAAA,EAAY,OAAO,CAAA;AACvE;ADlBA;AACA;AEPA,gFAAmB;AACnB;AACA;AACA,wEAAiB;AACjB,4EAAkB;AAelB,SAAS,YAAA,CAAa,QAAA,EAAuB;AACzC,EAAA,8BAAA,OAAc,SAAA,IAAa,QAAQ,CAAA;AACnC,EAAA,OAAO,gDAAA,YAAiBA,CAAG,YAAA,CAAa,QAAA,EAAU,OAAO,CAAC,CAAA;AAC9D;AAUA,SAAS,mBAAA,CAAoB,GAAA,EAAqB;AAC9C,EAAA,MAAM,QAAA,EAAU,GAAA,CAAI,KAAA,CAAM,8BAA8B,CAAA;AACxD,EAAA,OAAO,QAAA,EAAU,OAAA,CAAQ,OAAA,EAAS,CAAA;AACtC;AAaO,SAAS,eAAA,CAAgB,QAAA,EAA+B;AAC3D,EAAA,GAAA,CAAI,QAAA,CAAS,KAAA,CAAM,SAAS,CAAA,EAAG;AAC3B,IAAA,OAAOA,YAAAA,CAAG,YAAA,CAAa,QAAQ,CAAA;AAAA,EACnC;AACA,EAAA,MAAM,IAAA,EAAM,YAAA,CAAa,QAAQ,CAAA;AACjC,EAAA,MAAM,MAAA,EAAQ,mBAAA,CAAoB,GAAG,CAAA;AACrC,EAAA,GAAA,CAAI,MAAA,EAAQ,CAAA,EAAG;AACX,IAAA,OAAA,CAAQ,IAAA;AAAA,MACJ,CAAA,sCAAA,EAAyC,cAAA,CAAK,QAAA,CAAS,QAAQ,CAAC,CAAA,WAAA,EACnD,KAAK,CAAA,+GAAA;AAAA,IAEtB,CAAA;AAAA,EACJ;AACA,EAAA,OAAO,+CAAA,GAAmB,CAAA;AAC9B;AAWO,SAAS,oBAAA,CAAqB,QAAA,EAAiC;AAClE,EAAA,GAAA,CAAI,QAAA,CAAS,KAAA,CAAM,SAAS,CAAA,EAAG;AAC3B,IAAA,OAAO,yCAAA,YAAUA,CAAG,YAAA,CAAa,QAAQ,CAAgB,CAAA;AAAA,EAC7D;AACA,EAAA,MAAM,IAAA,EAAM,YAAA,CAAa,QAAQ,CAAA;AACjC,EAAA,OAAO,6BAAA,CAA8B,GAAG,CAAA;AAC5C;AAKA,MAAA,SAAsB,yBAAA,CAA0B,QAAA,EAA0C;AACtF,EAAA,MAAM,IAAA,EAAM,MAAMA,YAAAA,CAAG,QAAA,CAAS,QAAA,CAAS,QAAQ,CAAA;AAC/C,EAAA,GAAA,CAAI,QAAA,CAAS,KAAA,CAAM,SAAS,CAAA,EAAG;AAC3B,IAAA,OAAO,yCAAA,GAA4B,CAAA;AAAA,EACvC;AACA,EAAA,MAAM,IAAA,EAAM,gDAAA,GAAiB,CAAI,QAAA,CAAS,OAAO,CAAC,CAAA;AAClD,EAAA,OAAO,6BAAA,CAA8B,GAAG,CAAA;AAC5C;AAMA,SAAS,6BAAA,CAA8B,GAAA,EAA4B;AAC/D,EAAA,MAAM,MAAA,EAAuB,CAAC,CAAA;AAC9B,EAAA,MAAM,MAAA,EAAQ,sFAAA;AACd,EAAA,IAAI,KAAA;AACJ,EAAA,MAAA,EAAQ,KAAA,CAAM,IAAA,CAAK,GAAG,CAAA;AACtB,EAAA,MAAA,CAAO,MAAA,IAAU,IAAA,EAAM;AACnB,IAAA,MAAM,OAAA,EAAS,KAAA,CAAM,CAAC,CAAA,CAAE,OAAA,CAAQ,QAAA,EAAU,EAAE,CAAA;AAC5C,IAAA,MAAM,UAAA,EAAY,MAAA,CAAO,IAAA,CAAK,MAAA,EAAQ,QAAQ,CAAA;AAC9C,IAAA,IAAI;AACA,MAAA,MAAM,eAAA,EAAiB,yCAAA,SAAmB,CAAA;AAC1C,MAAA,IAAA,CAAA,MAAW,EAAA,GAAK,cAAA,EAAgB;AAC5B,QAAA,KAAA,CAAM,IAAA,CAAK,CAAC,CAAA;AAAA,MAChB;AAAA,IACJ,EAAA,MAAA,CAAS,IAAA,EAAM;AAEX,MAAA,KAAA,CAAM,IAAA,CAAK,SAAS,CAAA;AAAA,IACxB;AACA,IAAA,MAAA,EAAQ,KAAA,CAAM,IAAA,CAAK,GAAG,CAAA;AAAA,EAC1B;AACA,EAAA,OAAO,KAAA;AACX;AAYA,MAAA,SAAsB,oBAAA,CAAqB,QAAA,EAAwC;AAC/E,EAAA,MAAM,IAAA,EAAM,MAAMA,YAAAA,CAAG,QAAA,CAAS,QAAA,CAAS,QAAQ,CAAA;AAC/C,EAAA,GAAA,CAAI,QAAA,CAAS,KAAA,CAAM,SAAS,CAAA,EAAG;AAC3B,IAAA,OAAO,GAAA;AAAA,EACX;AACA,EAAA,MAAM,QAAA,EAAU,gDAAA,GAAiB,CAAI,QAAA,CAAS,OAAO,CAAC,CAAA;AACtD,EAAA,MAAM,MAAA,EAAQ,mBAAA,CAAoB,OAAO,CAAA;AACzC,EAAA,GAAA,CAAI,MAAA,EAAQ,CAAA,EAAG;AACX,IAAA,OAAA,CAAQ,IAAA;AAAA,MACJ,CAAA,2CAAA,EAA8C,cAAA,CAAK,QAAA,CAAS,QAAQ,CAAC,CAAA,WAAA,EACxD,KAAK,CAAA,oHAAA;AAAA,IAEtB,CAAA;AAAA,EACJ;AACA,EAAA,OAAO,+CAAA,OAAuB,CAAA;AAClC;AAKO,SAAS,aAAA,CAAc,QAAA,EAA6B;AACvD,EAAA,GAAA,CAAI,QAAA,CAAS,KAAA,CAAM,SAAS,CAAA,EAAG;AAC3B,IAAA,MAAM,IAAA,EAAMA,YAAAA,CAAG,YAAA,CAAa,QAAQ,CAAA;AACpC,IAAA,OAAO,qCAAA,GAAmB,CAAA;AAAA,EAC9B,EAAA,KAAO;AACH,IAAA,MAAM,QAAA,EAAkB,YAAA,CAAa,QAAQ,CAAA;AAC7C,IAAA,OAAO,qCAAA,OAAuB,CAAA;AAAA,EAClC;AACJ;AAKA,MAAA,SAAsB,kBAAA,CAAmB,QAAA,EAAsC;AAC3E,EAAA,MAAM,IAAA,EAAM,MAAMA,YAAAA,CAAG,QAAA,CAAS,QAAA,CAAS,QAAQ,CAAA;AAC/C,EAAA,GAAA,CAAI,QAAA,CAAS,KAAA,CAAM,SAAS,CAAA,EAAG;AAC3B,IAAA,OAAO,qCAAA,GAAmB,CAAA;AAAA,EAC9B;AACA,EAAA,OAAO,qCAAA,gDAAgB,GAAiB,CAAI,QAAA,CAAS,OAAO,CAAC,CAAC,CAAA;AAClE;AAIA,SAAS,kBAAA,CAAmB,MAAA,EAAqC;AAC7D,EAAA,GAAA,CAAI,CAAC,yBAAA,GAAoB,OAAA,CAAQ,GAAA,CAAI,oBAAA,EAAsB;AAEvD,IAAA,GAAA,CAAI,MAAA,CAAO,QAAA,CAAS,MAAM,CAAA,EAAG;AACzB,MAAA,MAAM,OAAA,EAAS,qCAAA,MAAM,EAAQ,aAAa,CAAA;AAC1C,MAAA,8BAAA,CAAQ,iBAAA,EAAmB,aAAa,CAAA,CAAE,OAAA,CAAQ,+CAAA,MAAsB,CAAW,EAAA,GAAK,CAAC,CAAA;AACzF,MAAA,OAAO,EAAE,MAAA,EAAQ,OAAO,CAAA;AAAA,IAC5B;AACA,IAAA,OAAO,EAAE,MAAA,EAAQ,gBAAA,CAAiB,MAAgB,EAAE,CAAA;AAAA,EACxD;AAEA,EAAA,MAAM,OAAA,EAAS,OAAA,CAAQ,GAAA,CAAI,YAAA;AAC3B,EAAA,OAAA,CAAQ,GAAA,CAAI,aAAA,EAAe,WAAA;AAC3B,EAAA,MAAM,SAAA,EAAW,sCAAA,MAAuB,CAAA;AACxC,EAAA,OAAA,CAAQ,GAAA,CAAI,aAAA,EAAe,MAAA;AAC3B,EAAA,OAAO,EAAE,MAAA,EAAQ,SAAS,CAAA;AAC9B;AAEA,SAAS,gBAAA,CAAiB,GAAA,EAAqB;AAC3C,EAAA,OAAO,GAAA,CAAI,KAAA,CAAM,KAAK,EAAA,EAAI,IAAA,EAAM,CAAA,EAAA;AAAM;AAC1C;AAI6D;AAC1B,EAAA;AACS,IAAA;AACP,IAAA;AAC1B,EAAA;AACkC,IAAA;AACX,IAAA;AAC9B,EAAA;AACJ;AAK0C;AACR,EAAA;AACC,EAAA;AACE,IAAA;AACjC,EAAA;AAC0B,EAAA;AAC9B;AAEmC;AACH,EAAA;AAChC;AAKsB;AACY,EAAA;AACH,EAAA;AAC/B;AAEiC;AACD,EAAA;AAChC;AAKsB;AACY,EAAA;AACH,EAAA;AAC/B;AAKkC;AACF,EAAA;AAChC;AAMsB;AACY,EAAA;AACH,EAAA;AAC/B;AAEmC;AAEC;AACd,EAAA;AACK,EAAA;AAChB,EAAA;AACX;AAC8C;AACf,EAAA;AACK,IAAA;AAChC,EAAA;AACO,EAAA;AACX;AAKkC;AACP,EAAA;AACH,IAAA;AACpB,EAAA;AACiC,EAAA;AACR,IAAA;AACzB,EAAA;AACgC,EAAA;AACX,EAAA;AACO,EAAA;AACI,EAAA;AAChB,EAAA;AACpB;AAEiC;AACI,EAAA;AACR,IAAA;AACzB,EAAA;AACgC,EAAA;AACF,EAAA;AACF,EAAA;AACK,EAAA;AACrC;AF3GmC;AACA;AG9LpB;AAIO;AACY,EAAA;AACI,EAAA;AAEvB,IAAA;AACX,EAAA;AAC6B,EAAA;AACC,EAAA;AAClC;AH4LmC;AACA;AIzMpB;AAMO;AACY,EAAA;AACI,EAAA;AAEvB,IAAA;AACX,EAAA;AAC6B,EAAA;AACC,EAAA;AAClC;AJqMmC;AACA;AKpNpB;AAemB;AACF,EAAA;AACC,EAAA;AAAqC;AACtE;AAQsC;AACP,EAAA;AAC/B;AAKsB;AACU,EAAA;AAChC;AAUkC;AACF,EAAA;AACJ,EAAA;AAC5B;AAQyC;AACV,EAAA;AAC/B;AAKsB;AACU,EAAA;AAChC;AL0KmC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA","file":"/home/runner/work/node-opcua-crypto/node-opcua-crypto/packages/node-opcua-crypto/dist/chunk-CHOBVT6V.cjs","sourcesContent":[null,"// ---------------------------------------------------------------------------------------------------------------------\n// node-opcua-crypto\n// ---------------------------------------------------------------------------------------------------------------------\n// Copyright (c) 2014-2022 - Etienne Rossignon - etienne.rossignon (at) gadz.org\n// Copyright (c) 2022-2026 - Sterfive.com\n// ---------------------------------------------------------------------------------------------------------------------\n//\n// This project is licensed under the terms of the MIT license.\n//\n// Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated\n// documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the\n// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to\n// permit persons to whom the Software is furnished to do so, subject to the following conditions:\n//\n// The above copyright notice and this permission notice shall be included in all copies or substantial portions of the\n// Software.\n//\n// THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE\n// WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR\n// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR\n// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n// ---------------------------------------------------------------------------------------------------------------------\n\nimport { generateKeyPairSync } from \"node:crypto\";\nimport fs from \"node:fs\";\nimport { generateKeyPair, privateKeyToPEM } from \"../source/index.js\";\nexport async function generatePrivateKeyFile(privateKeyFilename: string, modulusLength: 1024 | 2048 | 3072 | 4096) {\n const keys = await generateKeyPair(modulusLength);\n const privateKeyPem = await privateKeyToPEM(keys.privateKey);\n await fs.promises.writeFile(privateKeyFilename, privateKeyPem.privPem, \"utf-8\");\n privateKeyPem.privPem = \"\";\n privateKeyPem.privDer = new ArrayBuffer(0);\n}\n\n/**\n * alternate function to generate PrivateKeyFile, using native\n * node:crypto.\n *\n * This function is slower than generatePrivateKeyFile\n */\nexport async function generatePrivateKeyFileAlternate(privateKeyFilename: string, modulusLength: 2048 | 3072 | 4096) {\n const { privateKey } = generateKeyPairSync(\"rsa\", {\n modulusLength,\n privateKeyEncoding: { type: \"pkcs8\", format: \"pem\" },\n publicKeyEncoding: { type: \"spki\", format: \"pem\" },\n });\n await fs.promises.writeFile(privateKeyFilename, privateKey, \"utf-8\");\n}\n","// ---------------------------------------------------------------------------------------------------------------------\n// node-opcua-crypto\n// ---------------------------------------------------------------------------------------------------------------------\n// Copyright (c) 2014-2022 - Etienne Rossignon - etienne.rossignon (at) gadz.org\n// Copyright (c) 2022-2026 - Sterfive.com\n// ---------------------------------------------------------------------------------------------------------------------\n//\n// This project is licensed under the terms of the MIT license.\n//\n// Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated\n// documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the\n// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to\n// permit persons to whom the Software is furnished to do so, subject to the following conditions:\n//\n// The above copyright notice and this permission notice shall be included in all copies or substantial portions of the\n// Software.\n//\n// THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE\n// WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR\n// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR\n// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n// ---------------------------------------------------------------------------------------------------------------------\n\nimport assert from \"node:assert\";\nimport { createPrivateKey, createPublicKey } from \"node:crypto\";\nimport fs from \"node:fs\";\nimport path from \"node:path\";\nimport sshpk from \"sshpk\";\nimport type {\n Certificate,\n CertificatePEM,\n DER,\n KeyObject,\n PEM,\n PrivateKey,\n PrivateKeyPEM,\n PublicKey,\n PublicKeyPEM,\n} from \"../source/common.js\";\nimport { split_der } from \"../source/crypto_explore_certificate.js\";\nimport { convertPEMtoDER, identifyPemType, removeTrailingLF, toPem } from \"../source/crypto_utils.js\";\n\nfunction _readPemFile(filename: string): PEM {\n assert(typeof filename === \"string\");\n return removeTrailingLF(fs.readFileSync(filename, \"utf-8\"));\n}\n\nfunction _readPemOrDerFileAsDER(filename: string): DER {\n if (filename.match(/.*\\.der/)) {\n return fs.readFileSync(filename) as Buffer;\n }\n const raw_key: string = _readPemFile(filename);\n return convertPEMtoDER(raw_key);\n}\n\nfunction _countPemCertBlocks(pem: string): number {\n const matches = pem.match(/-----BEGIN CERTIFICATE-----/g);\n return matches ? matches.length : 0;\n}\n\n/**\n * Read a DER or PEM certificate from file.\n *\n * **Note:** If the PEM file contains multiple certificate blocks\n * (e.g. a leaf cert + CA chain), only the **first** certificate\n * is returned. Use {@link readCertificateChain} to read all\n * certificates individually.\n *\n * @deprecated Use {@link readCertificateChain} instead, which\n * returns each certificate as a separate DER buffer.\n */\nexport function readCertificate(filename: string): Certificate {\n if (filename.match(/.*\\.der/)) {\n return fs.readFileSync(filename) as Certificate;\n }\n const pem = _readPemFile(filename);\n const count = _countPemCertBlocks(pem);\n if (count > 1) {\n console.warn(\n `[node-opcua-crypto] readCertificate: \"${path.basename(filename)}\"` +\n ` contains ${count} PEM certificate block(s) but only the first` +\n ` will be used. Use readCertificateChain() to read all certificates.`,\n );\n }\n return convertPEMtoDER(pem) as Certificate;\n}\n\n/**\n * Read a PEM or DER certificate file that may contain multiple\n * certificates (e.g. a leaf cert + CA issuer chain) and return\n * each certificate as a separate DER `Buffer`.\n *\n * - For a DER file, returns a single-element array.\n * - For a PEM file with N certificate blocks, returns N elements\n * in the same order they appear in the file (leaf first).\n */\nexport function readCertificateChain(filename: string): Certificate[] {\n if (filename.match(/.*\\.der/)) {\n return split_der(fs.readFileSync(filename) as Certificate);\n }\n const pem = _readPemFile(filename);\n return _extractAllPemDerCertificates(pem);\n}\n\n/**\n * Async version of {@link readCertificateChain}.\n */\nexport async function readCertificateChainAsync(filename: string): Promise<Certificate[]> {\n const buf = await fs.promises.readFile(filename);\n if (filename.match(/.*\\.der/)) {\n return split_der(buf as Certificate);\n }\n const pem = removeTrailingLF(buf.toString(\"utf-8\"));\n return _extractAllPemDerCertificates(pem);\n}\n\n/**\n * Extract all CERTIFICATE PEM blocks from a PEM string and\n * return each as a separate DER `Buffer`.\n */\nfunction _extractAllPemDerCertificates(pem: string): Certificate[] {\n const certs: Certificate[] = [];\n const regex = /-----BEGIN CERTIFICATE-----\\r?\\n([/+=a-zA-Z0-9\\r\\n]*)\\r?\\n-----END CERTIFICATE-----/g;\n let match: RegExpExecArray | null;\n match = regex.exec(pem);\n while (match !== null) {\n const base64 = match[1].replace(/\\r?\\n/g, \"\");\n const derBuffer = Buffer.from(base64, \"base64\") as Certificate;\n try {\n const separatedCerts = split_der(derBuffer);\n for (const c of separatedCerts) {\n certs.push(c);\n }\n } catch (_err) {\n // Fallback: push buffer as is if it fails parsing\n certs.push(derBuffer);\n }\n match = regex.exec(pem);\n }\n return certs;\n}\n\n/**\n * Async version of {@link readCertificate}.\n * Uses `fs.promises.readFile` so the event loop is not blocked\n * during I/O.\n *\n * **Note:** If the PEM file contains multiple certificate blocks,\n * only the first is returned. Use {@link readCertificateChainAsync}.\n *\n * @deprecated Use {@link readCertificateChainAsync} instead.\n */\nexport async function readCertificateAsync(filename: string): Promise<Certificate> {\n const buf = await fs.promises.readFile(filename);\n if (filename.match(/.*\\.der/)) {\n return buf as Certificate;\n }\n const raw_key = removeTrailingLF(buf.toString(\"utf-8\"));\n const count = _countPemCertBlocks(raw_key);\n if (count > 1) {\n console.warn(\n `[node-opcua-crypto] readCertificateAsync: \"${path.basename(filename)}\"` +\n ` contains ${count} PEM certificate block(s) but only the first` +\n ` will be used. Use readCertificateChainAsync() to read all certificates.`,\n );\n }\n return convertPEMtoDER(raw_key) as Certificate;\n}\n\n/**\n * read a DER or PEM certificate from file\n */\nexport function readPublicKey(filename: string): KeyObject {\n if (filename.match(/.*\\.der/)) {\n const der = fs.readFileSync(filename) as Buffer;\n return createPublicKey(der);\n } else {\n const raw_key: string = _readPemFile(filename);\n return createPublicKey(raw_key);\n }\n}\n\n/**\n * Async version of {@link readPublicKey}.\n */\nexport async function readPublicKeyAsync(filename: string): Promise<KeyObject> {\n const buf = await fs.promises.readFile(filename);\n if (filename.match(/.*\\.der/)) {\n return createPublicKey(buf);\n }\n return createPublicKey(removeTrailingLF(buf.toString(\"utf-8\")));\n}\n\n// console.log(\"createPrivateKey\", (crypto as any).createPrivateKey, process.env.NO_CREATE_PRIVATEKEY);\n\nfunction myCreatePrivateKey(rawKey: string | Buffer): PrivateKey {\n if (!createPrivateKey || process.env.NO_CREATE_PRIVATEKEY) {\n // we are not running nodejs or createPrivateKey is not supported in the environment\n if (Buffer.isBuffer(rawKey)) {\n const pemKey = toPem(rawKey, \"PRIVATE KEY\");\n assert([\"RSA PRIVATE KEY\", \"PRIVATE KEY\"].indexOf(identifyPemType(pemKey) as string) >= 0);\n return { hidden: pemKey };\n }\n return { hidden: ensureTrailingLF(rawKey as string) };\n }\n // see https://askubuntu.com/questions/1409458/openssl-config-cuases-error-in-node-js-crypto-how-should-the-config-be-updated\n const backup = process.env.OPENSSL_CONF;\n process.env.OPENSSL_CONF = \"/dev/null\";\n const retValue = createPrivateKey(rawKey);\n process.env.OPENSSL_CONF = backup;\n return { hidden: retValue };\n}\n\nfunction ensureTrailingLF(str: string): string {\n return str.match(/\\n$/) ? str : `${str}\\n`;\n}\n/**\n * read a DER or PEM certificate from file\n */\nexport function readPrivateKey(filename: string): PrivateKey {\n if (filename.match(/.*\\.der/)) {\n const der: Buffer = fs.readFileSync(filename);\n return myCreatePrivateKey(der);\n } else {\n const raw_key: string = _readPemFile(filename);\n return myCreatePrivateKey(raw_key);\n }\n}\n\n/**\n * Async version of {@link readPrivateKey}.\n */\nexport async function readPrivateKeyAsync(filename: string): Promise<PrivateKey> {\n const buf = await fs.promises.readFile(filename);\n if (filename.match(/.*\\.der/)) {\n return myCreatePrivateKey(buf);\n }\n return myCreatePrivateKey(removeTrailingLF(buf.toString(\"utf-8\")));\n}\n\nexport function readCertificatePEM(filename: string): CertificatePEM {\n return _readPemFile(filename);\n}\n\n/**\n * Async version of {@link readCertificatePEM}.\n */\nexport async function readCertificatePEMAsync(filename: string): Promise<CertificatePEM> {\n const buf = await fs.promises.readFile(filename, \"utf-8\");\n return removeTrailingLF(buf);\n}\n\nexport function readPublicKeyPEM(filename: string): PublicKeyPEM {\n return _readPemFile(filename);\n}\n\n/**\n * Async version of {@link readPublicKeyPEM}.\n */\nexport async function readPublicKeyPEMAsync(filename: string): Promise<PublicKeyPEM> {\n const buf = await fs.promises.readFile(filename, \"utf-8\");\n return removeTrailingLF(buf);\n}\n/**\n *\n * @deprecated\n */\nexport function readPrivateKeyPEM(filename: string): PrivateKeyPEM {\n return _readPemFile(filename);\n}\n\n/**\n * Async version of {@link readPrivateKeyPEM}.\n * @deprecated\n */\nexport async function readPrivateKeyPEMAsync(filename: string): Promise<PrivateKeyPEM> {\n const buf = await fs.promises.readFile(filename, \"utf-8\");\n return removeTrailingLF(buf);\n}\n\nlet _g_certificate_store: string = \"\";\n\nexport function setCertificateStore(store: string): string {\n const old_store = _g_certificate_store;\n _g_certificate_store = store;\n return old_store;\n}\nexport function getCertificateStore(): string {\n if (!_g_certificate_store) {\n _g_certificate_store = path.join(__dirname, \"../../certificates/\");\n }\n return _g_certificate_store;\n}\n/**\n *\n * @param filename\n */\nexport function readPrivateRsaKey(filename: string): PrivateKey {\n if (!createPrivateKey) {\n throw new Error(\"createPrivateKey is not supported in this environment\");\n }\n if (filename.substring(0, 1) !== \".\" && !fs.existsSync(filename)) {\n filename = path.join(getCertificateStore(), filename);\n }\n const content = fs.readFileSync(filename, \"utf8\");\n const sshKey = sshpk.parsePrivateKey(content, \"auto\");\n const key = sshKey.toString(\"pkcs1\") as PEM;\n const hidden = createPrivateKey({ format: \"pem\", type: \"pkcs1\", key });\n return { hidden };\n}\n\nexport function readPublicRsaKey(filename: string): PublicKey {\n if (filename.substring(0, 1) !== \".\" && !fs.existsSync(filename)) {\n filename = path.join(getCertificateStore(), filename);\n }\n const content = fs.readFileSync(filename, \"utf-8\");\n const sshKey = sshpk.parseKey(content, \"ssh\");\n const key = sshKey.toString(\"pkcs1\") as PEM;\n return createPublicKey({ format: \"pem\", type: \"pkcs1\", key });\n}\n","// ---------------------------------------------------------------------------------------------------------------------\n// node-opcua-crypto\n// ---------------------------------------------------------------------------------------------------------------------\n// Copyright (c) 2014-2022 - Etienne Rossignon - etienne.rossignon (at) gadz.org\n// Copyright (c) 2022-2026 - Sterfive.com\n// ---------------------------------------------------------------------------------------------------------------------\n//\n// This project is licensed under the terms of the MIT license.\n//\n// Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated\n// documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the\n// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to\n// permit persons to whom the Software is furnished to do so, subject to the following conditions:\n//\n// The above copyright notice and this permission notice shall be included in all copies or substantial portions of the\n// Software.\n//\n// THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE\n// WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR\n// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR\n// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n// ---------------------------------------------------------------------------------------------------------------------\n\nimport fs from \"node:fs\";\nimport type { CertificateRevocationList } from \"../source/common.js\";\nimport { convertPEMtoDER } from \"../source/crypto_utils.js\";\n\nexport async function readCertificateRevocationList(filename: string): Promise<CertificateRevocationList> {\n const crl = await fs.promises.readFile(filename);\n if (crl[0] === 0x30 && crl[1] === 0x82) {\n // der format\n return crl as CertificateRevocationList;\n }\n const raw_crl = crl.toString();\n return convertPEMtoDER(raw_crl);\n}\n","// ---------------------------------------------------------------------------------------------------------------------\n// node-opcua-crypto\n// ---------------------------------------------------------------------------------------------------------------------\n// Copyright (c) 2014-2022 - Etienne Rossignon - etienne.rossignon (at) gadz.org\n// Copyright (c) 2022-2026 - Sterfive.com\n// ---------------------------------------------------------------------------------------------------------------------\n//\n// This project is licensed under the terms of the MIT license.\n//\n// Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated\n// documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the\n// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to\n// permit persons to whom the Software is furnished to do so, subject to the following conditions:\n//\n// The above copyright notice and this permission notice shall be included in all copies or substantial portions of the\n// Software.\n//\n// THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE\n// WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR\n// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR\n// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n// ---------------------------------------------------------------------------------------------------------------------\n\nimport fs from \"node:fs\";\nimport type { CertificateRevocationList } from \"../source/common.js\";\nimport { convertPEMtoDER } from \"../source/crypto_utils.js\";\n\nexport type CertificateSigningRequest = Buffer;\n\nexport async function readCertificateSigningRequest(filename: string): Promise<CertificateSigningRequest> {\n const csr = await fs.promises.readFile(filename);\n if (csr[0] === 0x30 && csr[1] === 0x82) {\n // der format\n return csr as CertificateRevocationList;\n }\n const raw_crl = csr.toString();\n return convertPEMtoDER(raw_crl);\n}\n","// ---------------------------------------------------------------------------------------------------------------------\n// node-opcua-crypto\n// ---------------------------------------------------------------------------------------------------------------------\n// Copyright (c) 2014-2022 - Etienne Rossignon - etienne.rossignon (at) gadz.org\n// Copyright (c) 2022-2026 - Sterfive.com\n// ---------------------------------------------------------------------------------------------------------------------\n//\n// This project is licensed under the terms of the MIT license.\n//\n// Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated\n// documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the\n// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to\n// permit persons to whom the Software is furnished to do so, subject to the following conditions:\n//\n// The above copyright notice and this permission notice shall be included in all copies or substantial portions of the\n// Software.\n//\n// THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE\n// WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR\n// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR\n// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n// ---------------------------------------------------------------------------------------------------------------------\n\nimport fs from \"node:fs\";\n\nimport type { Certificate } from \"../source/common.js\";\nimport { combine_der } from \"../source/crypto_explore_certificate.js\";\nimport { toPem } from \"../source/crypto_utils.js\";\n\n// ── PEM ──────────────────────────────────────────────────────\n\n/**\n * Convert one or more DER certificates to a PEM string.\n *\n * Accepts a single `Certificate` (DER buffer) or an array.\n * Returns a multi-block PEM string with each certificate\n * separated by a newline.\n */\nexport function certificatesToPem(certificates: Certificate | Certificate[]): string {\n const certs = Array.isArray(certificates) ? certificates : [certificates];\n return `${certs.map((der) => toPem(der, \"CERTIFICATE\")).join(\"\\n\")}\\n`;\n}\n\n/**\n * Write one or more DER certificates to a PEM file.\n *\n * Each certificate is written as a separate PEM block in the\n * order provided (typically leaf first, then issuer chain).\n */\nexport function writeCertificateChain(filename: string, certificates: Certificate | Certificate[]): void {\n fs.writeFileSync(filename, certificatesToPem(certificates), \"utf-8\");\n}\n\n/**\n * Async version of {@link writeCertificateChain}.\n */\nexport async function writeCertificateChainAsync(filename: string, certificates: Certificate | Certificate[]): Promise<void> {\n await fs.promises.writeFile(filename, certificatesToPem(certificates), \"utf-8\");\n}\n\n// ── DER ──────────────────────────────────────────────────────\n\n/**\n * Convert one or more DER certificates to a single concatenated\n * DER buffer (OPC UA certificate chain format).\n *\n * Accepts a single `Certificate` (DER buffer) or an array.\n */\nexport function certificatesToDer(certificates: Certificate | Certificate[]): Certificate {\n const certs = Array.isArray(certificates) ? certificates : [certificates];\n return combine_der(certs);\n}\n\n/**\n * Write one or more DER certificates to a `.der` file as a\n * concatenated DER chain (OPC UA binary chain format).\n *\n * Order should be leaf first, then issuer chain.\n */\nexport function writeCertificateChainDer(filename: string, certificates: Certificate | Certificate[]): void {\n fs.writeFileSync(filename, certificatesToDer(certificates));\n}\n\n/**\n * Async version of {@link writeCertificateChainDer}.\n */\nexport async function writeCertificateChainDerAsync(filename: string, certificates: Certificate | Certificate[]): Promise<void> {\n await fs.promises.writeFile(filename, certificatesToDer(certificates));\n}\n"]}
|
|
1
|
+
{"version":3,"sources":["/home/runner/work/node-opcua-crypto/node-opcua-crypto/packages/node-opcua-crypto/dist/chunk-2DISC7JP.cjs","../source_nodejs/generate_private_key_filename.ts","../source_nodejs/read.ts","../source_nodejs/read_certificate_revocation_list.ts","../source_nodejs/read_certificate_signing_request.ts","../source_nodejs/write.ts"],"names":["fs"],"mappings":"AAAA;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACF,wDAA6B;AAC7B;AACA;ACYA,gCAAoC;AACpC,gEAAe;AAEf,MAAA,SAAsB,sBAAA,CAAuB,kBAAA,EAA4B,aAAA,EAA0C;AAC/G,EAAA,MAAM,KAAA,EAAO,MAAM,+CAAA,aAA6B,CAAA;AAChD,EAAA,MAAM,cAAA,EAAgB,MAAM,+CAAA,IAAgB,CAAK,UAAU,CAAA;AAC3D,EAAA,MAAM,YAAA,CAAG,QAAA,CAAS,SAAA,CAAU,kBAAA,EAAoB,aAAA,CAAc,OAAA,EAAS,OAAO,CAAA;AAC9E,EAAA,aAAA,CAAc,QAAA,EAAU,EAAA;AACxB,EAAA,aAAA,CAAc,QAAA,EAAU,IAAI,WAAA,CAAY,CAAC,CAAA;AAC7C;AAQA,MAAA,SAAsB,+BAAA,CAAgC,kBAAA,EAA4B,aAAA,EAAmC;AACjH,EAAA,MAAM,EAAE,WAAW,EAAA,EAAI,yCAAA,KAAoB,EAAO;AAAA,IAC9C,aAAA;AAAA,IACA,kBAAA,EAAoB,EAAE,IAAA,EAAM,OAAA,EAAS,MAAA,EAAQ,MAAM,CAAA;AAAA,IACnD,iBAAA,EAAmB,EAAE,IAAA,EAAM,MAAA,EAAQ,MAAA,EAAQ,MAAM;AAAA,EACrD,CAAC,CAAA;AACD,EAAA,MAAM,YAAA,CAAG,QAAA,CAAS,SAAA,CAAU,kBAAA,EAAoB,UAAA,EAAY,OAAO,CAAA;AACvE;ADlBA;AACA;AEPA,gFAAmB;AACnB;AACA;AACA,wEAAiB;AACjB,4EAAkB;AAelB,SAAS,YAAA,CAAa,QAAA,EAAuB;AACzC,EAAA,8BAAA,OAAc,SAAA,IAAa,QAAQ,CAAA;AACnC,EAAA,OAAO,gDAAA,YAAiBA,CAAG,YAAA,CAAa,QAAA,EAAU,OAAO,CAAC,CAAA;AAC9D;AAUA,SAAS,mBAAA,CAAoB,GAAA,EAAqB;AAC9C,EAAA,MAAM,QAAA,EAAU,GAAA,CAAI,KAAA,CAAM,8BAA8B,CAAA;AACxD,EAAA,OAAO,QAAA,EAAU,OAAA,CAAQ,OAAA,EAAS,CAAA;AACtC;AAaO,SAAS,eAAA,CAAgB,QAAA,EAA+B;AAC3D,EAAA,GAAA,CAAI,QAAA,CAAS,KAAA,CAAM,SAAS,CAAA,EAAG;AAC3B,IAAA,OAAOA,YAAAA,CAAG,YAAA,CAAa,QAAQ,CAAA;AAAA,EACnC;AACA,EAAA,MAAM,IAAA,EAAM,YAAA,CAAa,QAAQ,CAAA;AACjC,EAAA,MAAM,MAAA,EAAQ,mBAAA,CAAoB,GAAG,CAAA;AACrC,EAAA,GAAA,CAAI,MAAA,EAAQ,CAAA,EAAG;AACX,IAAA,OAAA,CAAQ,IAAA;AAAA,MACJ,CAAA,sCAAA,EAAyC,cAAA,CAAK,QAAA,CAAS,QAAQ,CAAC,CAAA,WAAA,EACnD,KAAK,CAAA,+GAAA;AAAA,IAEtB,CAAA;AAAA,EACJ;AACA,EAAA,OAAO,+CAAA,GAAmB,CAAA;AAC9B;AAWO,SAAS,oBAAA,CAAqB,QAAA,EAAiC;AAClE,EAAA,GAAA,CAAI,QAAA,CAAS,KAAA,CAAM,SAAS,CAAA,EAAG;AAC3B,IAAA,OAAO,yCAAA,YAAUA,CAAG,YAAA,CAAa,QAAQ,CAAgB,CAAA;AAAA,EAC7D;AACA,EAAA,MAAM,IAAA,EAAM,YAAA,CAAa,QAAQ,CAAA;AACjC,EAAA,OAAO,6BAAA,CAA8B,GAAG,CAAA;AAC5C;AAKA,MAAA,SAAsB,yBAAA,CAA0B,QAAA,EAA0C;AACtF,EAAA,MAAM,IAAA,EAAM,MAAMA,YAAAA,CAAG,QAAA,CAAS,QAAA,CAAS,QAAQ,CAAA;AAC/C,EAAA,GAAA,CAAI,QAAA,CAAS,KAAA,CAAM,SAAS,CAAA,EAAG;AAC3B,IAAA,OAAO,yCAAA,GAA4B,CAAA;AAAA,EACvC;AACA,EAAA,MAAM,IAAA,EAAM,gDAAA,GAAiB,CAAI,QAAA,CAAS,OAAO,CAAC,CAAA;AAClD,EAAA,OAAO,6BAAA,CAA8B,GAAG,CAAA;AAC5C;AAMA,SAAS,6BAAA,CAA8B,GAAA,EAA4B;AAC/D,EAAA,MAAM,MAAA,EAAuB,CAAC,CAAA;AAC9B,EAAA,MAAM,MAAA,EAAQ,sFAAA;AACd,EAAA,IAAI,KAAA;AACJ,EAAA,MAAA,EAAQ,KAAA,CAAM,IAAA,CAAK,GAAG,CAAA;AACtB,EAAA,MAAA,CAAO,MAAA,IAAU,IAAA,EAAM;AACnB,IAAA,MAAM,OAAA,EAAS,KAAA,CAAM,CAAC,CAAA,CAAE,OAAA,CAAQ,QAAA,EAAU,EAAE,CAAA;AAC5C,IAAA,MAAM,UAAA,EAAY,MAAA,CAAO,IAAA,CAAK,MAAA,EAAQ,QAAQ,CAAA;AAC9C,IAAA,IAAI;AACA,MAAA,MAAM,eAAA,EAAiB,yCAAA,SAAmB,CAAA;AAC1C,MAAA,IAAA,CAAA,MAAW,EAAA,GAAK,cAAA,EAAgB;AAC5B,QAAA,KAAA,CAAM,IAAA,CAAK,CAAC,CAAA;AAAA,MAChB;AAAA,IACJ,EAAA,MAAA,CAAS,IAAA,EAAM;AAEX,MAAA,KAAA,CAAM,IAAA,CAAK,SAAS,CAAA;AAAA,IACxB;AACA,IAAA,MAAA,EAAQ,KAAA,CAAM,IAAA,CAAK,GAAG,CAAA;AAAA,EAC1B;AACA,EAAA,OAAO,KAAA;AACX;AAYA,MAAA,SAAsB,oBAAA,CAAqB,QAAA,EAAwC;AAC/E,EAAA,MAAM,IAAA,EAAM,MAAMA,YAAAA,CAAG,QAAA,CAAS,QAAA,CAAS,QAAQ,CAAA;AAC/C,EAAA,GAAA,CAAI,QAAA,CAAS,KAAA,CAAM,SAAS,CAAA,EAAG;AAC3B,IAAA,OAAO,GAAA;AAAA,EACX;AACA,EAAA,MAAM,QAAA,EAAU,gDAAA,GAAiB,CAAI,QAAA,CAAS,OAAO,CAAC,CAAA;AACtD,EAAA,MAAM,MAAA,EAAQ,mBAAA,CAAoB,OAAO,CAAA;AACzC,EAAA,GAAA,CAAI,MAAA,EAAQ,CAAA,EAAG;AACX,IAAA,OAAA,CAAQ,IAAA;AAAA,MACJ,CAAA,2CAAA,EAA8C,cAAA,CAAK,QAAA,CAAS,QAAQ,CAAC,CAAA,WAAA,EACxD,KAAK,CAAA,oHAAA;AAAA,IAEtB,CAAA;AAAA,EACJ;AACA,EAAA,OAAO,+CAAA,OAAuB,CAAA;AAClC;AAKO,SAAS,aAAA,CAAc,QAAA,EAA6B;AACvD,EAAA,GAAA,CAAI,QAAA,CAAS,KAAA,CAAM,SAAS,CAAA,EAAG;AAC3B,IAAA,MAAM,IAAA,EAAMA,YAAAA,CAAG,YAAA,CAAa,QAAQ,CAAA;AACpC,IAAA,OAAO,qCAAA,GAAmB,CAAA;AAAA,EAC9B,EAAA,KAAO;AACH,IAAA,MAAM,QAAA,EAAkB,YAAA,CAAa,QAAQ,CAAA;AAC7C,IAAA,OAAO,qCAAA,OAAuB,CAAA;AAAA,EAClC;AACJ;AAKA,MAAA,SAAsB,kBAAA,CAAmB,QAAA,EAAsC;AAC3E,EAAA,MAAM,IAAA,EAAM,MAAMA,YAAAA,CAAG,QAAA,CAAS,QAAA,CAAS,QAAQ,CAAA;AAC/C,EAAA,GAAA,CAAI,QAAA,CAAS,KAAA,CAAM,SAAS,CAAA,EAAG;AAC3B,IAAA,OAAO,qCAAA,GAAmB,CAAA;AAAA,EAC9B;AACA,EAAA,OAAO,qCAAA,gDAAgB,GAAiB,CAAI,QAAA,CAAS,OAAO,CAAC,CAAC,CAAA;AAClE;AAIA,SAAS,kBAAA,CAAmB,MAAA,EAAqC;AAC7D,EAAA,GAAA,CAAI,CAAC,yBAAA,GAAoB,OAAA,CAAQ,GAAA,CAAI,oBAAA,EAAsB;AAEvD,IAAA,GAAA,CAAI,MAAA,CAAO,QAAA,CAAS,MAAM,CAAA,EAAG;AACzB,MAAA,MAAM,OAAA,EAAS,qCAAA,MAAM,EAAQ,aAAa,CAAA;AAC1C,MAAA,8BAAA,CAAQ,iBAAA,EAAmB,aAAa,CAAA,CAAE,OAAA,CAAQ,+CAAA,MAAsB,CAAW,EAAA,GAAK,CAAC,CAAA;AACzF,MAAA,OAAO,EAAE,MAAA,EAAQ,OAAO,CAAA;AAAA,IAC5B;AACA,IAAA,OAAO,EAAE,MAAA,EAAQ,gBAAA,CAAiB,MAAgB,EAAE,CAAA;AAAA,EACxD;AAEA,EAAA,MAAM,OAAA,EAAS,OAAA,CAAQ,GAAA,CAAI,YAAA;AAC3B,EAAA,OAAA,CAAQ,GAAA,CAAI,aAAA,EAAe,WAAA;AAC3B,EAAA,MAAM,SAAA,EAAW,sCAAA,MAAuB,CAAA;AACxC,EAAA,OAAA,CAAQ,GAAA,CAAI,aAAA,EAAe,MAAA;AAC3B,EAAA,OAAO,EAAE,MAAA,EAAQ,SAAS,CAAA;AAC9B;AAEA,SAAS,gBAAA,CAAiB,GAAA,EAAqB;AAC3C,EAAA,OAAO,GAAA,CAAI,KAAA,CAAM,KAAK,EAAA,EAAI,IAAA,EAAM,CAAA,EAAA;AAAM;AAC1C;AAI6D;AAC1B,EAAA;AACS,IAAA;AACP,IAAA;AAC1B,EAAA;AACkC,IAAA;AACX,IAAA;AAC9B,EAAA;AACJ;AAK0C;AACR,EAAA;AACC,EAAA;AACE,IAAA;AACjC,EAAA;AAC0B,EAAA;AAC9B;AAEmC;AACH,EAAA;AAChC;AAKsB;AACY,EAAA;AACH,EAAA;AAC/B;AAEiC;AACD,EAAA;AAChC;AAKsB;AACY,EAAA;AACH,EAAA;AAC/B;AAKkC;AACF,EAAA;AAChC;AAMsB;AACY,EAAA;AACH,EAAA;AAC/B;AAEmC;AAEC;AACd,EAAA;AACK,EAAA;AAChB,EAAA;AACX;AAC8C;AACf,EAAA;AACK,IAAA;AAChC,EAAA;AACO,EAAA;AACX;AAKkC;AACP,EAAA;AACH,IAAA;AACpB,EAAA;AACiC,EAAA;AACR,IAAA;AACzB,EAAA;AACgC,EAAA;AACX,EAAA;AACO,EAAA;AACI,EAAA;AAChB,EAAA;AACpB;AAEiC;AACI,EAAA;AACR,IAAA;AACzB,EAAA;AACgC,EAAA;AACF,EAAA;AACF,EAAA;AACK,EAAA;AACrC;AF3GmC;AACA;AG9LpB;AAIO;AACY,EAAA;AACI,EAAA;AAEvB,IAAA;AACX,EAAA;AAC6B,EAAA;AACC,EAAA;AAClC;AH4LmC;AACA;AIzMpB;AAMO;AACY,EAAA;AACI,EAAA;AAEvB,IAAA;AACX,EAAA;AAC6B,EAAA;AACC,EAAA;AAClC;AJqMmC;AACA;AKpNpB;AAemB;AACF,EAAA;AACC,EAAA;AAAqC;AACtE;AAQsC;AACP,EAAA;AAC/B;AAKsB;AACU,EAAA;AAChC;AAUkC;AACF,EAAA;AACJ,EAAA;AAC5B;AAQyC;AACV,EAAA;AAC/B;AAKsB;AACU,EAAA;AAChC;AL0KmC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA","file":"/home/runner/work/node-opcua-crypto/node-opcua-crypto/packages/node-opcua-crypto/dist/chunk-2DISC7JP.cjs","sourcesContent":[null,"// ---------------------------------------------------------------------------------------------------------------------\n// node-opcua-crypto\n// ---------------------------------------------------------------------------------------------------------------------\n// Copyright (c) 2014-2022 - Etienne Rossignon - etienne.rossignon (at) gadz.org\n// Copyright (c) 2022-2026 - Sterfive.com\n// ---------------------------------------------------------------------------------------------------------------------\n//\n// This project is licensed under the terms of the MIT license.\n//\n// Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated\n// documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the\n// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to\n// permit persons to whom the Software is furnished to do so, subject to the following conditions:\n//\n// The above copyright notice and this permission notice shall be included in all copies or substantial portions of the\n// Software.\n//\n// THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE\n// WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR\n// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR\n// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n// ---------------------------------------------------------------------------------------------------------------------\n\nimport { generateKeyPairSync } from \"node:crypto\";\nimport fs from \"node:fs\";\nimport { generateKeyPair, privateKeyToPEM } from \"../source/index.js\";\nexport async function generatePrivateKeyFile(privateKeyFilename: string, modulusLength: 1024 | 2048 | 3072 | 4096) {\n const keys = await generateKeyPair(modulusLength);\n const privateKeyPem = await privateKeyToPEM(keys.privateKey);\n await fs.promises.writeFile(privateKeyFilename, privateKeyPem.privPem, \"utf-8\");\n privateKeyPem.privPem = \"\";\n privateKeyPem.privDer = new ArrayBuffer(0);\n}\n\n/**\n * alternate function to generate PrivateKeyFile, using native\n * node:crypto.\n *\n * This function is slower than generatePrivateKeyFile\n */\nexport async function generatePrivateKeyFileAlternate(privateKeyFilename: string, modulusLength: 2048 | 3072 | 4096) {\n const { privateKey } = generateKeyPairSync(\"rsa\", {\n modulusLength,\n privateKeyEncoding: { type: \"pkcs8\", format: \"pem\" },\n publicKeyEncoding: { type: \"spki\", format: \"pem\" },\n });\n await fs.promises.writeFile(privateKeyFilename, privateKey, \"utf-8\");\n}\n","// ---------------------------------------------------------------------------------------------------------------------\n// node-opcua-crypto\n// ---------------------------------------------------------------------------------------------------------------------\n// Copyright (c) 2014-2022 - Etienne Rossignon - etienne.rossignon (at) gadz.org\n// Copyright (c) 2022-2026 - Sterfive.com\n// ---------------------------------------------------------------------------------------------------------------------\n//\n// This project is licensed under the terms of the MIT license.\n//\n// Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated\n// documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the\n// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to\n// permit persons to whom the Software is furnished to do so, subject to the following conditions:\n//\n// The above copyright notice and this permission notice shall be included in all copies or substantial portions of the\n// Software.\n//\n// THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE\n// WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR\n// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR\n// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n// ---------------------------------------------------------------------------------------------------------------------\n\nimport assert from \"node:assert\";\nimport { createPrivateKey, createPublicKey } from \"node:crypto\";\nimport fs from \"node:fs\";\nimport path from \"node:path\";\nimport sshpk from \"sshpk\";\nimport type {\n Certificate,\n CertificatePEM,\n DER,\n KeyObject,\n PEM,\n PrivateKey,\n PrivateKeyPEM,\n PublicKey,\n PublicKeyPEM,\n} from \"../source/common.js\";\nimport { split_der } from \"../source/crypto_explore_certificate.js\";\nimport { convertPEMtoDER, identifyPemType, removeTrailingLF, toPem } from \"../source/crypto_utils.js\";\n\nfunction _readPemFile(filename: string): PEM {\n assert(typeof filename === \"string\");\n return removeTrailingLF(fs.readFileSync(filename, \"utf-8\"));\n}\n\nfunction _readPemOrDerFileAsDER(filename: string): DER {\n if (filename.match(/.*\\.der/)) {\n return fs.readFileSync(filename) as Buffer;\n }\n const raw_key: string = _readPemFile(filename);\n return convertPEMtoDER(raw_key);\n}\n\nfunction _countPemCertBlocks(pem: string): number {\n const matches = pem.match(/-----BEGIN CERTIFICATE-----/g);\n return matches ? matches.length : 0;\n}\n\n/**\n * Read a DER or PEM certificate from file.\n *\n * **Note:** If the PEM file contains multiple certificate blocks\n * (e.g. a leaf cert + CA chain), only the **first** certificate\n * is returned. Use {@link readCertificateChain} to read all\n * certificates individually.\n *\n * @deprecated Use {@link readCertificateChain} instead, which\n * returns each certificate as a separate DER buffer.\n */\nexport function readCertificate(filename: string): Certificate {\n if (filename.match(/.*\\.der/)) {\n return fs.readFileSync(filename) as Certificate;\n }\n const pem = _readPemFile(filename);\n const count = _countPemCertBlocks(pem);\n if (count > 1) {\n console.warn(\n `[node-opcua-crypto] readCertificate: \"${path.basename(filename)}\"` +\n ` contains ${count} PEM certificate block(s) but only the first` +\n ` will be used. Use readCertificateChain() to read all certificates.`,\n );\n }\n return convertPEMtoDER(pem) as Certificate;\n}\n\n/**\n * Read a PEM or DER certificate file that may contain multiple\n * certificates (e.g. a leaf cert + CA issuer chain) and return\n * each certificate as a separate DER `Buffer`.\n *\n * - For a DER file, returns a single-element array.\n * - For a PEM file with N certificate blocks, returns N elements\n * in the same order they appear in the file (leaf first).\n */\nexport function readCertificateChain(filename: string): Certificate[] {\n if (filename.match(/.*\\.der/)) {\n return split_der(fs.readFileSync(filename) as Certificate);\n }\n const pem = _readPemFile(filename);\n return _extractAllPemDerCertificates(pem);\n}\n\n/**\n * Async version of {@link readCertificateChain}.\n */\nexport async function readCertificateChainAsync(filename: string): Promise<Certificate[]> {\n const buf = await fs.promises.readFile(filename);\n if (filename.match(/.*\\.der/)) {\n return split_der(buf as Certificate);\n }\n const pem = removeTrailingLF(buf.toString(\"utf-8\"));\n return _extractAllPemDerCertificates(pem);\n}\n\n/**\n * Extract all CERTIFICATE PEM blocks from a PEM string and\n * return each as a separate DER `Buffer`.\n */\nfunction _extractAllPemDerCertificates(pem: string): Certificate[] {\n const certs: Certificate[] = [];\n const regex = /-----BEGIN CERTIFICATE-----\\r?\\n([/+=a-zA-Z0-9\\r\\n]*)\\r?\\n-----END CERTIFICATE-----/g;\n let match: RegExpExecArray | null;\n match = regex.exec(pem);\n while (match !== null) {\n const base64 = match[1].replace(/\\r?\\n/g, \"\");\n const derBuffer = Buffer.from(base64, \"base64\") as Certificate;\n try {\n const separatedCerts = split_der(derBuffer);\n for (const c of separatedCerts) {\n certs.push(c);\n }\n } catch (_err) {\n // Fallback: push buffer as is if it fails parsing\n certs.push(derBuffer);\n }\n match = regex.exec(pem);\n }\n return certs;\n}\n\n/**\n * Async version of {@link readCertificate}.\n * Uses `fs.promises.readFile` so the event loop is not blocked\n * during I/O.\n *\n * **Note:** If the PEM file contains multiple certificate blocks,\n * only the first is returned. Use {@link readCertificateChainAsync}.\n *\n * @deprecated Use {@link readCertificateChainAsync} instead.\n */\nexport async function readCertificateAsync(filename: string): Promise<Certificate> {\n const buf = await fs.promises.readFile(filename);\n if (filename.match(/.*\\.der/)) {\n return buf as Certificate;\n }\n const raw_key = removeTrailingLF(buf.toString(\"utf-8\"));\n const count = _countPemCertBlocks(raw_key);\n if (count > 1) {\n console.warn(\n `[node-opcua-crypto] readCertificateAsync: \"${path.basename(filename)}\"` +\n ` contains ${count} PEM certificate block(s) but only the first` +\n ` will be used. Use readCertificateChainAsync() to read all certificates.`,\n );\n }\n return convertPEMtoDER(raw_key) as Certificate;\n}\n\n/**\n * read a DER or PEM certificate from file\n */\nexport function readPublicKey(filename: string): KeyObject {\n if (filename.match(/.*\\.der/)) {\n const der = fs.readFileSync(filename) as Buffer;\n return createPublicKey(der);\n } else {\n const raw_key: string = _readPemFile(filename);\n return createPublicKey(raw_key);\n }\n}\n\n/**\n * Async version of {@link readPublicKey}.\n */\nexport async function readPublicKeyAsync(filename: string): Promise<KeyObject> {\n const buf = await fs.promises.readFile(filename);\n if (filename.match(/.*\\.der/)) {\n return createPublicKey(buf);\n }\n return createPublicKey(removeTrailingLF(buf.toString(\"utf-8\")));\n}\n\n// console.log(\"createPrivateKey\", (crypto as any).createPrivateKey, process.env.NO_CREATE_PRIVATEKEY);\n\nfunction myCreatePrivateKey(rawKey: string | Buffer): PrivateKey {\n if (!createPrivateKey || process.env.NO_CREATE_PRIVATEKEY) {\n // we are not running nodejs or createPrivateKey is not supported in the environment\n if (Buffer.isBuffer(rawKey)) {\n const pemKey = toPem(rawKey, \"PRIVATE KEY\");\n assert([\"RSA PRIVATE KEY\", \"PRIVATE KEY\"].indexOf(identifyPemType(pemKey) as string) >= 0);\n return { hidden: pemKey };\n }\n return { hidden: ensureTrailingLF(rawKey as string) };\n }\n // see https://askubuntu.com/questions/1409458/openssl-config-cuases-error-in-node-js-crypto-how-should-the-config-be-updated\n const backup = process.env.OPENSSL_CONF;\n process.env.OPENSSL_CONF = \"/dev/null\";\n const retValue = createPrivateKey(rawKey);\n process.env.OPENSSL_CONF = backup;\n return { hidden: retValue };\n}\n\nfunction ensureTrailingLF(str: string): string {\n return str.match(/\\n$/) ? str : `${str}\\n`;\n}\n/**\n * read a DER or PEM certificate from file\n */\nexport function readPrivateKey(filename: string): PrivateKey {\n if (filename.match(/.*\\.der/)) {\n const der: Buffer = fs.readFileSync(filename);\n return myCreatePrivateKey(der);\n } else {\n const raw_key: string = _readPemFile(filename);\n return myCreatePrivateKey(raw_key);\n }\n}\n\n/**\n * Async version of {@link readPrivateKey}.\n */\nexport async function readPrivateKeyAsync(filename: string): Promise<PrivateKey> {\n const buf = await fs.promises.readFile(filename);\n if (filename.match(/.*\\.der/)) {\n return myCreatePrivateKey(buf);\n }\n return myCreatePrivateKey(removeTrailingLF(buf.toString(\"utf-8\")));\n}\n\nexport function readCertificatePEM(filename: string): CertificatePEM {\n return _readPemFile(filename);\n}\n\n/**\n * Async version of {@link readCertificatePEM}.\n */\nexport async function readCertificatePEMAsync(filename: string): Promise<CertificatePEM> {\n const buf = await fs.promises.readFile(filename, \"utf-8\");\n return removeTrailingLF(buf);\n}\n\nexport function readPublicKeyPEM(filename: string): PublicKeyPEM {\n return _readPemFile(filename);\n}\n\n/**\n * Async version of {@link readPublicKeyPEM}.\n */\nexport async function readPublicKeyPEMAsync(filename: string): Promise<PublicKeyPEM> {\n const buf = await fs.promises.readFile(filename, \"utf-8\");\n return removeTrailingLF(buf);\n}\n/**\n *\n * @deprecated\n */\nexport function readPrivateKeyPEM(filename: string): PrivateKeyPEM {\n return _readPemFile(filename);\n}\n\n/**\n * Async version of {@link readPrivateKeyPEM}.\n * @deprecated\n */\nexport async function readPrivateKeyPEMAsync(filename: string): Promise<PrivateKeyPEM> {\n const buf = await fs.promises.readFile(filename, \"utf-8\");\n return removeTrailingLF(buf);\n}\n\nlet _g_certificate_store: string = \"\";\n\nexport function setCertificateStore(store: string): string {\n const old_store = _g_certificate_store;\n _g_certificate_store = store;\n return old_store;\n}\nexport function getCertificateStore(): string {\n if (!_g_certificate_store) {\n _g_certificate_store = path.join(__dirname, \"../../certificates/\");\n }\n return _g_certificate_store;\n}\n/**\n *\n * @param filename\n */\nexport function readPrivateRsaKey(filename: string): PrivateKey {\n if (!createPrivateKey) {\n throw new Error(\"createPrivateKey is not supported in this environment\");\n }\n if (filename.substring(0, 1) !== \".\" && !fs.existsSync(filename)) {\n filename = path.join(getCertificateStore(), filename);\n }\n const content = fs.readFileSync(filename, \"utf8\");\n const sshKey = sshpk.parsePrivateKey(content, \"auto\");\n const key = sshKey.toString(\"pkcs1\") as PEM;\n const hidden = createPrivateKey({ format: \"pem\", type: \"pkcs1\", key });\n return { hidden };\n}\n\nexport function readPublicRsaKey(filename: string): PublicKey {\n if (filename.substring(0, 1) !== \".\" && !fs.existsSync(filename)) {\n filename = path.join(getCertificateStore(), filename);\n }\n const content = fs.readFileSync(filename, \"utf-8\");\n const sshKey = sshpk.parseKey(content, \"ssh\");\n const key = sshKey.toString(\"pkcs1\") as PEM;\n return createPublicKey({ format: \"pem\", type: \"pkcs1\", key });\n}\n","// ---------------------------------------------------------------------------------------------------------------------\n// node-opcua-crypto\n// ---------------------------------------------------------------------------------------------------------------------\n// Copyright (c) 2014-2022 - Etienne Rossignon - etienne.rossignon (at) gadz.org\n// Copyright (c) 2022-2026 - Sterfive.com\n// ---------------------------------------------------------------------------------------------------------------------\n//\n// This project is licensed under the terms of the MIT license.\n//\n// Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated\n// documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the\n// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to\n// permit persons to whom the Software is furnished to do so, subject to the following conditions:\n//\n// The above copyright notice and this permission notice shall be included in all copies or substantial portions of the\n// Software.\n//\n// THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE\n// WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR\n// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR\n// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n// ---------------------------------------------------------------------------------------------------------------------\n\nimport fs from \"node:fs\";\nimport type { CertificateRevocationList } from \"../source/common.js\";\nimport { convertPEMtoDER } from \"../source/crypto_utils.js\";\n\nexport async function readCertificateRevocationList(filename: string): Promise<CertificateRevocationList> {\n const crl = await fs.promises.readFile(filename);\n if (crl[0] === 0x30 && crl[1] === 0x82) {\n // der format\n return crl as CertificateRevocationList;\n }\n const raw_crl = crl.toString();\n return convertPEMtoDER(raw_crl);\n}\n","// ---------------------------------------------------------------------------------------------------------------------\n// node-opcua-crypto\n// ---------------------------------------------------------------------------------------------------------------------\n// Copyright (c) 2014-2022 - Etienne Rossignon - etienne.rossignon (at) gadz.org\n// Copyright (c) 2022-2026 - Sterfive.com\n// ---------------------------------------------------------------------------------------------------------------------\n//\n// This project is licensed under the terms of the MIT license.\n//\n// Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated\n// documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the\n// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to\n// permit persons to whom the Software is furnished to do so, subject to the following conditions:\n//\n// The above copyright notice and this permission notice shall be included in all copies or substantial portions of the\n// Software.\n//\n// THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE\n// WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR\n// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR\n// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n// ---------------------------------------------------------------------------------------------------------------------\n\nimport fs from \"node:fs\";\nimport type { CertificateRevocationList } from \"../source/common.js\";\nimport { convertPEMtoDER } from \"../source/crypto_utils.js\";\n\nexport type CertificateSigningRequest = Buffer;\n\nexport async function readCertificateSigningRequest(filename: string): Promise<CertificateSigningRequest> {\n const csr = await fs.promises.readFile(filename);\n if (csr[0] === 0x30 && csr[1] === 0x82) {\n // der format\n return csr as CertificateRevocationList;\n }\n const raw_crl = csr.toString();\n return convertPEMtoDER(raw_crl);\n}\n","// ---------------------------------------------------------------------------------------------------------------------\n// node-opcua-crypto\n// ---------------------------------------------------------------------------------------------------------------------\n// Copyright (c) 2014-2022 - Etienne Rossignon - etienne.rossignon (at) gadz.org\n// Copyright (c) 2022-2026 - Sterfive.com\n// ---------------------------------------------------------------------------------------------------------------------\n//\n// This project is licensed under the terms of the MIT license.\n//\n// Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated\n// documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the\n// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to\n// permit persons to whom the Software is furnished to do so, subject to the following conditions:\n//\n// The above copyright notice and this permission notice shall be included in all copies or substantial portions of the\n// Software.\n//\n// THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE\n// WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR\n// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR\n// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n// ---------------------------------------------------------------------------------------------------------------------\n\nimport fs from \"node:fs\";\n\nimport type { Certificate } from \"../source/common.js\";\nimport { combine_der } from \"../source/crypto_explore_certificate.js\";\nimport { toPem } from \"../source/crypto_utils.js\";\n\n// ── PEM ──────────────────────────────────────────────────────\n\n/**\n * Convert one or more DER certificates to a PEM string.\n *\n * Accepts a single `Certificate` (DER buffer) or an array.\n * Returns a multi-block PEM string with each certificate\n * separated by a newline.\n */\nexport function certificatesToPem(certificates: Certificate | Certificate[]): string {\n const certs = Array.isArray(certificates) ? certificates : [certificates];\n return `${certs.map((der) => toPem(der, \"CERTIFICATE\")).join(\"\\n\")}\\n`;\n}\n\n/**\n * Write one or more DER certificates to a PEM file.\n *\n * Each certificate is written as a separate PEM block in the\n * order provided (typically leaf first, then issuer chain).\n */\nexport function writeCertificateChain(filename: string, certificates: Certificate | Certificate[]): void {\n fs.writeFileSync(filename, certificatesToPem(certificates), \"utf-8\");\n}\n\n/**\n * Async version of {@link writeCertificateChain}.\n */\nexport async function writeCertificateChainAsync(filename: string, certificates: Certificate | Certificate[]): Promise<void> {\n await fs.promises.writeFile(filename, certificatesToPem(certificates), \"utf-8\");\n}\n\n// ── DER ──────────────────────────────────────────────────────\n\n/**\n * Convert one or more DER certificates to a single concatenated\n * DER buffer (OPC UA certificate chain format).\n *\n * Accepts a single `Certificate` (DER buffer) or an array.\n */\nexport function certificatesToDer(certificates: Certificate | Certificate[]): Certificate {\n const certs = Array.isArray(certificates) ? certificates : [certificates];\n return combine_der(certs);\n}\n\n/**\n * Write one or more DER certificates to a `.der` file as a\n * concatenated DER chain (OPC UA binary chain format).\n *\n * Order should be leaf first, then issuer chain.\n */\nexport function writeCertificateChainDer(filename: string, certificates: Certificate | Certificate[]): void {\n fs.writeFileSync(filename, certificatesToDer(certificates));\n}\n\n/**\n * Async version of {@link writeCertificateChainDer}.\n */\nexport async function writeCertificateChainDerAsync(filename: string, certificates: Certificate | Certificate[]): Promise<void> {\n await fs.promises.writeFile(filename, certificatesToDer(certificates));\n}\n"]}
|
|
@@ -8,7 +8,7 @@ import {
|
|
|
8
8
|
removeTrailingLF,
|
|
9
9
|
split_der,
|
|
10
10
|
toPem
|
|
11
|
-
} from "./chunk-
|
|
11
|
+
} from "./chunk-NX3DSTD6.js";
|
|
12
12
|
|
|
13
13
|
// source_nodejs/generate_private_key_filename.ts
|
|
14
14
|
import { generateKeyPairSync } from "crypto";
|
|
@@ -288,4 +288,4 @@ export {
|
|
|
288
288
|
writeCertificateChainDer,
|
|
289
289
|
writeCertificateChainDerAsync
|
|
290
290
|
};
|
|
291
|
-
//# sourceMappingURL=chunk-
|
|
291
|
+
//# sourceMappingURL=chunk-EJK7NCWU.js.map
|