node-opcua-server-configuration 2.163.0 → 2.164.2

package/dist/server/roles_and_permissions.js.map

@@ -1 +1 @@
-{"version":3,"file":"roles_and_permissions.js","sourceRoot":"","sources":["../../source/server/roles_and_permissions.ts"],"names":[],"mappings":";;;AAAA,uEAAqG;AACrG,iEAA2E;AAE9D,QAAA,wBAAwB,GAAgC;IAEjE;QACI,MAAM,EAAE,yCAAc,CAAC,SAAS;QAChC,WAAW,EAAE,yCAAc,CAAC,MAAM;KACrC;IACD;QACI,MAAM,EAAE,yCAAc,CAAC,iBAAiB;QACxC,WAAW,EAAE,yCAAc,CAAC,MAAM;KACrC;IACD;QACI,MAAM,EAAE,yCAAc,CAAC,cAAc;QACrC,WAAW,EAAE,IAAA,0CAAkB,EAAC,mEAAmE,CAAC;KACvG;IACD;QACI,MAAM,EAAE,yCAAc,CAAC,aAAa;QACpC,WAAW,EAAE,sCAAc;KAC9B;CACJ,CAAC;AACW,QAAA,uBAAuB,GAAgC;IAChE;QACI,MAAM,EAAE,yCAAc,CAAC,aAAa;QACpC,WAAW,EAAE,sCAAc;KAC9B;IACJ;;;;;;;;MAQE;CACF,CAAC"}
+{"version":3,"file":"roles_and_permissions.js","sourceRoot":"","sources":["../../source/server/roles_and_permissions.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAkC,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAC1G,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAC;AAE3E,MAAM,CAAC,MAAM,wBAAwB,GAAgC;IACjE;QACI,MAAM,EAAE,cAAc,CAAC,SAAS;QAChC,WAAW,EAAE,cAAc,CAAC,MAAM;KACrC;IACD;QACI,MAAM,EAAE,cAAc,CAAC,iBAAiB;QACxC,WAAW,EAAE,cAAc,CAAC,MAAM;KACrC;IACD;QACI,MAAM,EAAE,cAAc,CAAC,cAAc;QACrC,WAAW,EAAE,kBAAkB,CAAC,mEAAmE,CAAC;KACvG;IACD;QACI,MAAM,EAAE,cAAc,CAAC,aAAa;QACpC,WAAW,EAAE,cAAc;KAC9B;CACJ,CAAC;AACF,MAAM,CAAC,MAAM,uBAAuB,GAAgC;IAChE;QACI,MAAM,EAAE,cAAc,CAAC,aAAa;QACpC,WAAW,EAAE,cAAc;KAC9B;IACD;;;;;;;;GAQD;CACF,CAAC"}

package/dist/server/tools.d.ts

@@ -1,3 +1,3 @@
-import { ISessionContext } from "node-opcua-address-space";
+import { type ISessionContext } from "node-opcua-address-space";
 export declare function hasExpectedUserAccess(context: ISessionContext): boolean;
 export declare function hasEncryptedChannel(context: ISessionContext): boolean;

package/dist/server/tools.js

@@ -1,18 +1,12 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.hasExpectedUserAccess = hasExpectedUserAccess;
-exports.hasEncryptedChannel = hasEncryptedChannel;
-const node_opcua_address_space_1 = require("node-opcua-address-space");
-const node_opcua_secure_channel_1 = require("node-opcua-secure-channel");
-function hasExpectedUserAccess(context) {
-    if (!context ||
-        !context.session ||
-        !context.session.userIdentityToken) {
+import { WellKnownRoles } from "node-opcua-address-space";
+import { MessageSecurityMode } from "node-opcua-secure-channel";
+export function hasExpectedUserAccess(context) {
+    if (!context || !context.session || !context.session.userIdentityToken) {
         return false;
     }
-    return context.currentUserHasRole(node_opcua_address_space_1.WellKnownRoles.SecurityAdmin);
+    return context.currentUserHasRole(WellKnownRoles.SecurityAdmin);
 }
-function hasEncryptedChannel(context) {
-    return !!(context.session?.channel?.securityMode === node_opcua_secure_channel_1.MessageSecurityMode.SignAndEncrypt);
+export function hasEncryptedChannel(context) {
+    return !!(context.session?.channel?.securityMode === MessageSecurityMode.SignAndEncrypt);
 }
 //# sourceMappingURL=tools.js.map

package/dist/server/tools.js.map

@@ -1 +1 @@
-{"version":3,"file":"tools.js","sourceRoot":"","sources":["../../source/server/tools.ts"],"names":[],"mappings":";;AAGA,sDAOC;AAED,kDAEC;AAdD,uEAA2E;AAC3E,yEAAgE;AAEhE,SAAgB,qBAAqB,CAAC,OAAwB;IAC1D,IAAI,CAAC,OAAO;QACR,CAAC,OAAO,CAAC,OAAO;QAChB,CAAC,OAAO,CAAC,OAAO,CAAC,iBAAiB,EAAE,CAAC;QACrC,OAAO,KAAK,CAAC;IACjB,CAAC;IACD,OAAO,OAAO,CAAC,kBAAkB,CAAC,yCAAc,CAAC,aAAa,CAAC,CAAC;AACpE,CAAC;AAED,SAAgB,mBAAmB,CAAC,OAAwB;IACxD,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE,OAAO,EAAE,YAAY,KAAK,+CAAmB,CAAC,cAAc,CAAC,CAAC;AAC7F,CAAC"}
+{"version":3,"file":"tools.js","sourceRoot":"","sources":["../../source/server/tools.ts"],"names":[],"mappings":"AAAA,OAAO,EAAwB,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAChF,OAAO,EAAE,mBAAmB,EAAE,MAAM,2BAA2B,CAAC;AAEhE,MAAM,UAAU,qBAAqB,CAAC,OAAwB;IAC1D,IAAI,CAAC,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,iBAAiB,EAAE,CAAC;QACrE,OAAO,KAAK,CAAC;IACjB,CAAC;IACD,OAAO,OAAO,CAAC,kBAAkB,CAAC,cAAc,CAAC,aAAa,CAAC,CAAC;AACpE,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,OAAwB;IACxD,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE,OAAO,EAAE,YAAY,KAAK,mBAAmB,CAAC,cAAc,CAAC,CAAC;AAC7F,CAAC"}

package/dist/server/trust_list_server.d.ts

@@ -1,6 +1,6 @@
-import { OPCUACertificateManager } from "node-opcua-certificate-manager";
+import type { OPCUACertificateManager } from "node-opcua-certificate-manager";
+import type { AbstractFs } from "node-opcua-file-transfer";
 import { TrustListDataType } from "node-opcua-types";
-import { AbstractFs } from "node-opcua-file-transfer";
 export declare enum TrustListMasks {
     None = 0,
     TrustedCertificates = 1,

package/dist/server/trust_list_server.js

@@ -1,30 +1,23 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.TrustListMasks = void 0;
-exports.buildTrustList = buildTrustList;
-exports.writeTrustList = writeTrustList;
-const fs_1 = __importDefault(require("fs"));
-const path_1 = __importDefault(require("path"));
-const node_opcua_types_1 = require("node-opcua-types");
-const node_opcua_binary_stream_1 = require("node-opcua-binary-stream");
-const node_opcua_crypto_1 = require("node-opcua-crypto");
-const node_opcua_debug_1 = require("node-opcua-debug");
-const errorLog = (0, node_opcua_debug_1.make_errorLog)("TrustListServer");
+import fs from "node:fs";
+import path from "node:path";
+import { BinaryStream } from "node-opcua-binary-stream";
+import { readCertificate, readCertificateRevocationList } from "node-opcua-crypto";
+import { make_errorLog } from "node-opcua-debug";
+import { TrustListDataType } from "node-opcua-types";
+const errorLog = make_errorLog("TrustListServer");
 async function readAll(folder) {
     const results = [];
-    const files = await fs_1.default.promises.readdir(folder);
+    const files = await fs.promises.readdir(folder);
     for (const f of files) {
-        const file = path_1.default.join(folder, f);
-        const ext = path_1.default.extname(file);
+        const file = path.join(folder, f);
+        const ext = path.extname(file);
         if (ext === ".der" || ext === ".pem") {
-            const buf = await (0, node_opcua_crypto_1.readCertificate)(file);
+            const buf = await readCertificate(file);
             results.push(buf);
         }
         else if (ext === ".crl") {
-            const buf = await (0, node_opcua_crypto_1.readCertificateRevocationList)(file);
+            // Strict validation: only accept valid CRL files
+            const buf = await readCertificateRevocationList(file);
             results.push(buf);
         }
         else {
@@ -33,7 +26,7 @@ async function readAll(folder) {
     }
     return results;
 }
-var TrustListMasks;
+export var TrustListMasks;
 (function (TrustListMasks) {
     TrustListMasks[TrustListMasks["None"] = 0] = "None";
     TrustListMasks[TrustListMasks["TrustedCertificates"] = 1] = "TrustedCertificates";
@@ -41,9 +34,9 @@ var TrustListMasks;
     TrustListMasks[TrustListMasks["IssuerCertificates"] = 4] = "IssuerCertificates";
     TrustListMasks[TrustListMasks["IssuerCrls"] = 8] = "IssuerCrls";
     TrustListMasks[TrustListMasks["All"] = 15] = "All";
-})(TrustListMasks || (exports.TrustListMasks = TrustListMasks = {}));
-async function buildTrustList(certificateManager, trustListFlag) {
-    const trustList = new node_opcua_types_1.TrustListDataType({
+})(TrustListMasks || (TrustListMasks = {}));
+export async function buildTrustList(certificateManager, trustListFlag) {
+    const trustList = new TrustListDataType({
         specifiedLists: trustListFlag,
         issuerCertificates: undefined,
         issuerCrls: undefined,
@@ -54,19 +47,37 @@ async function buildTrustList(certificateManager, trustListFlag) {
         trustList.trustedCertificates = await readAll(certificateManager.trustedFolder);
     }
     if ((trustListFlag & TrustListMasks.TrustedCrls) === TrustListMasks.TrustedCrls) {
-        trustList.trustedCrls = await readAll(certificateManager.crlFolder);
+        const crlFolder = certificateManager.crlFolder;
+        if (fs.existsSync(crlFolder)) {
+            trustList.trustedCrls = await readAll(crlFolder);
+        }
+        else {
+            trustList.trustedCrls = [];
+        }
     }
     if ((trustListFlag & TrustListMasks.IssuerCertificates) === TrustListMasks.IssuerCertificates) {
-        trustList.issuerCertificates = await readAll(certificateManager.issuersCertFolder);
+        const issuersCertFolder = certificateManager.issuersCertFolder;
+        if (fs.existsSync(issuersCertFolder)) {
+            trustList.issuerCertificates = await readAll(issuersCertFolder);
+        }
+        else {
+            trustList.issuerCertificates = [];
+        }
     }
     if ((trustListFlag & TrustListMasks.IssuerCrls) === TrustListMasks.IssuerCrls) {
-        trustList.issuerCrls = await readAll(certificateManager.issuersCrlFolder);
+        const issuersCrlFolder = certificateManager.issuersCrlFolder;
+        if (fs.existsSync(issuersCrlFolder)) {
+            trustList.issuerCrls = await readAll(issuersCrlFolder);
+        }
+        else {
+            trustList.issuerCrls = [];
+        }
     }
     return trustList;
 }
-async function writeTrustList(fs, filename, trustListFlag, certificateManager) {
+export async function writeTrustList(fs, filename, trustListFlag, certificateManager) {
     const trustList = await buildTrustList(certificateManager, trustListFlag);
-    const stream = new node_opcua_binary_stream_1.BinaryStream(trustList.binaryStoreSize());
+    const stream = new BinaryStream(trustList.binaryStoreSize());
     trustList.encode(stream);
     await new Promise((resolve, reject) => {
         fs.writeFile(filename, stream.buffer, "binary", (err) => {

package/dist/server/trust_list_server.js.map

@@ -1 +1 @@
-{"version":3,"file":"trust_list_server.js","sourceRoot":"","sources":["../../source/server/trust_list_server.ts"],"names":[],"mappings":";;;;;;AAwCA,wCAwBC;AAED,wCAgBC;AAlFD,4CAAoB;AACpB,gDAAwB;AAGxB,uDAAqD;AAErD,uEAAwD;AACxD,yDAAmF;AACnF,uDAAiD;AAEjD,MAAM,QAAQ,GAAG,IAAA,gCAAa,EAAC,iBAAiB,CAAC,CAAC;AAElD,KAAK,UAAU,OAAO,CAAC,MAAc;IACjC,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,MAAM,KAAK,GAAG,MAAM,YAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IAChD,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACpB,MAAM,IAAI,GAAG,cAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QAClC,MAAM,GAAG,GAAG,cAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QAC/B,IAAI,GAAG,KAAK,MAAM,IAAI,GAAG,KAAK,MAAM,EAAE,CAAC;YACnC,MAAM,GAAG,GAAG,MAAM,IAAA,mCAAe,EAAC,IAAI,CAAC,CAAC;YACxC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACtB,CAAC;aAAM,IAAI,GAAG,KAAK,MAAM,EAAE,CAAC;YACxB,MAAM,GAAG,GAAG,MAAM,IAAA,iDAA6B,EAAC,IAAI,CAAC,CAAC;YACtD,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACtB,CAAC;aAAM,CAAC;YACJ,QAAQ,CAAC,6BAA6B,EAAE,CAAC,CAAC,CAAC;QAC/C,CAAC;IACL,CAAC;IACD,OAAO,OAAO,CAAC;AACnB,CAAC;AAED,IAAY,cAOX;AAPD,WAAY,cAAc;IACtB,mDAAQ,CAAA;IACR,iFAAuB,CAAA;IACvB,iEAAe,CAAA;IACf,+EAAsB,CAAA;IACtB,+DAAc,CAAA;IACd,kDAAQ,CAAA;AACZ,CAAC,EAPW,cAAc,8BAAd,cAAc,QAOzB;AAEM,KAAK,UAAU,cAAc,CAChC,kBAA2C,EAC3C,aAA6B;IAE7B,MAAM,SAAS,GAAG,IAAI,oCAAiB,CAAC;QACpC,cAAc,EAAE,aAAa;QAC7B,kBAAkB,EAAE,SAAS;QAC7B,UAAU,EAAE,SAAS;QACrB,mBAAmB,EAAE,SAAS;QAC9B,WAAW,EAAE,SAAS;KACzB,CAAC,CAAC;IACH,IAAI,CAAC,aAAa,GAAG,cAAc,CAAC,mBAAmB,CAAC,KAAK,cAAc,CAAC,mBAAmB,EAAE,CAAC;QAC9F,SAAS,CAAC,mBAAmB,GAAG,MAAM,OAAO,CAAC,kBAAkB,CAAC,aAAa,CAAC,CAAC;IACpF,CAAC;IACD,IAAI,CAAC,aAAa,GAAG,cAAc,CAAC,WAAW,CAAC,KAAK,cAAc,CAAC,WAAW,EAAE,CAAC;QAC9E,SAAS,CAAC,WAAW,GAAG,MAAM,OAAO,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC;IACxE,CAAC;IACD,IAAI,CAAC,aAAa,GAAG,cAAc,CAAC,kBAAkB,CAAC,KAAK,cAAc,CAAC,kBAAkB,EAAE,CAAC;QAC5F,SAAS,CAAC,kBAAkB,GAAG,MAAM,OAAO,CAAC,kBAAkB,CAAC,iBAAiB,CAAC,CAAC;IACvF,CAAC;IACD,IAAI,CAAC,aAAa,GAAG,cAAc,CAAC,UAAU,CAAC,KAAK,cAAc,CAAC,UAAU,EAAE,CAAC;QAC5E,SAAS,CAAC,UAAU,GAAG,MAAM,OAAO,CAAC,kBAAkB,CAAC,gBAAgB,CAAC,CAAC;IAC9E,CAAC;IACD,OAAO,SAAS,CAAC;AACrB,CAAC;AAEM,KAAK,UAAU,cAAc,CAChC,EAAc,EACd,QAAgB,EAChB,aAA6B,EAE7B,kBAA2C;IAE3C,MAAM,SAAS,GAAG,MAAM,cAAc,CAAC,kBAAkB,EAAE,aAAa,CAAC,CAAC;IAC1E,MAAM,MAAM,GAAG,IAAI,uCAAY,CAAC,SAAS,CAAC,eAAe,EAAE,CAAC,CAAC;IAC7D,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACzB,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACxC,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,QAAQ,EAAE,CAAC,GAAG,EAAE,EAAE;YACpD,IAAI,GAAG;gBAAE,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC;YAC5B,OAAO,EAAE,CAAC;QACd,CAAC,CAAC,CAAC;IACP,CAAC,CAAC,CAAC;AACP,CAAC"}
+{"version":3,"file":"trust_list_server.js","sourceRoot":"","sources":["../../source/server/trust_list_server.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AAExD,OAAO,EAAE,eAAe,EAAE,6BAA6B,EAAE,MAAM,mBAAmB,CAAC;AACnF,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AAEjD,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAErD,MAAM,QAAQ,GAAG,aAAa,CAAC,iBAAiB,CAAC,CAAC;AAElD,KAAK,UAAU,OAAO,CAAC,MAAc;IACjC,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,MAAM,KAAK,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IAChD,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACpB,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QAClC,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QAC/B,IAAI,GAAG,KAAK,MAAM,IAAI,GAAG,KAAK,MAAM,EAAE,CAAC;YACnC,MAAM,GAAG,GAAG,MAAM,eAAe,CAAC,IAAI,CAAC,CAAC;YACxC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACtB,CAAC;aAAM,IAAI,GAAG,KAAK,MAAM,EAAE,CAAC;YACxB,iDAAiD;YACjD,MAAM,GAAG,GAAG,MAAM,6BAA6B,CAAC,IAAI,CAAC,CAAC;YACtD,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACtB,CAAC;aAAM,CAAC;YACJ,QAAQ,CAAC,6BAA6B,EAAE,CAAC,CAAC,CAAC;QAC/C,CAAC;IACL,CAAC;IACD,OAAO,OAAO,CAAC;AACnB,CAAC;AAED,MAAM,CAAN,IAAY,cAOX;AAPD,WAAY,cAAc;IACtB,mDAAQ,CAAA;IACR,iFAAuB,CAAA;IACvB,iEAAe,CAAA;IACf,+EAAsB,CAAA;IACtB,+DAAc,CAAA;IACd,kDAAQ,CAAA;AACZ,CAAC,EAPW,cAAc,KAAd,cAAc,QAOzB;AAED,MAAM,CAAC,KAAK,UAAU,cAAc,CAChC,kBAA2C,EAC3C,aAA6B;IAE7B,MAAM,SAAS,GAAG,IAAI,iBAAiB,CAAC;QACpC,cAAc,EAAE,aAAa;QAC7B,kBAAkB,EAAE,SAAS;QAC7B,UAAU,EAAE,SAAS;QACrB,mBAAmB,EAAE,SAAS;QAC9B,WAAW,EAAE,SAAS;KACzB,CAAC,CAAC;IACH,IAAI,CAAC,aAAa,GAAG,cAAc,CAAC,mBAAmB,CAAC,KAAK,cAAc,CAAC,mBAAmB,EAAE,CAAC;QAC9F,SAAS,CAAC,mBAAmB,GAAG,MAAM,OAAO,CAAC,kBAAkB,CAAC,aAAa,CAAC,CAAC;IACpF,CAAC;IACD,IAAI,CAAC,aAAa,GAAG,cAAc,CAAC,WAAW,CAAC,KAAK,cAAc,CAAC,WAAW,EAAE,CAAC;QAC9E,MAAM,SAAS,GAAG,kBAAkB,CAAC,SAAS,CAAC;QAC/C,IAAI,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YAC3B,SAAS,CAAC,WAAW,GAAG,MAAM,OAAO,CAAC,SAAS,CAAC,CAAC;QACrD,CAAC;aAAM,CAAC;YACJ,SAAS,CAAC,WAAW,GAAG,EAAE,CAAC;QAC/B,CAAC;IACL,CAAC;IACD,IAAI,CAAC,aAAa,GAAG,cAAc,CAAC,kBAAkB,CAAC,KAAK,cAAc,CAAC,kBAAkB,EAAE,CAAC;QAC5F,MAAM,iBAAiB,GAAG,kBAAkB,CAAC,iBAAiB,CAAC;QAC/D,IAAI,EAAE,CAAC,UAAU,CAAC,iBAAiB,CAAC,EAAE,CAAC;YACnC,SAAS,CAAC,kBAAkB,GAAG,MAAM,OAAO,CAAC,iBAAiB,CAAC,CAAC;QACpE,CAAC;aAAM,CAAC;YACJ,SAAS,CAAC,kBAAkB,GAAG,EAAE,CAAC;QACtC,CAAC;IACL,CAAC;IACD,IAAI,CAAC,aAAa,GAAG,cAAc,CAAC,UAAU,CAAC,KAAK,cAAc,CAAC,UAAU,EAAE,CAAC;QAC5E,MAAM,gBAAgB,GAAG,kBAAkB,CAAC,gBAAgB,CAAC;QAC7D,IAAI,EAAE,CAAC,UAAU,CAAC,gBAAgB,CAAC,EAAE,CAAC;YAClC,SAAS,CAAC,UAAU,GAAG,MAAM,OAAO,CAAC,gBAAgB,CAAC,CAAC;QAC3D,CAAC;aAAM,CAAC;YACJ,SAAS,CAAC,UAAU,GAAG,EAAE,CAAC;QAC9B,CAAC;IACL,CAAC;IACD,OAAO,SAAS,CAAC;AACrB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,cAAc,CAChC,EAAc,EACd,QAAgB,EAChB,aAA6B,EAE7B,kBAA2C;IAE3C,MAAM,SAAS,GAAG,MAAM,cAAc,CAAC,kBAAkB,EAAE,aAAa,CAAC,CAAC;IAC1E,MAAM,MAAM,GAAG,IAAI,YAAY,CAAC,SAAS,CAAC,eAAe,EAAE,CAAC,CAAC;IAC7D,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACzB,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACxC,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,QAAQ,EAAE,CAAC,GAAG,EAAE,EAAE;YACpD,IAAI,GAAG;gBAAE,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC;YAC5B,OAAO,EAAE,CAAC;QACd,CAAC,CAAC,CAAC;IACP,CAAC,CAAC,CAAC;AACP,CAAC"}

package/dist/standard_certificate_types.js

@@ -1,14 +1,11 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.CertificateType = void 0;
 /**
  * @module node-opcua-server-configuration
  */
-const node_opcua_nodeid_1 = require("node-opcua-nodeid");
-exports.CertificateType = {
-    Application: (0, node_opcua_nodeid_1.resolveNodeId)("ApplicationCertificateType"),
-    Https: (0, node_opcua_nodeid_1.resolveNodeId)("HttpsCertificateType"),
-    RsaMinApplication: (0, node_opcua_nodeid_1.resolveNodeId)("RsaMinApplicationCertificateType"),
-    RsaSha256Application: (0, node_opcua_nodeid_1.resolveNodeId)("RsaSha256ApplicationCertificateType"),
+import { resolveNodeId } from "node-opcua-nodeid";
+export const CertificateType = {
+    Application: resolveNodeId("ApplicationCertificateType"),
+    Https: resolveNodeId("HttpsCertificateType"),
+    RsaMinApplication: resolveNodeId("RsaMinApplicationCertificateType"),
+    RsaSha256Application: resolveNodeId("RsaSha256ApplicationCertificateType")
 };
 //# sourceMappingURL=standard_certificate_types.js.map

package/dist/standard_certificate_types.js.map

@@ -1 +1 @@
-{"version":3,"file":"standard_certificate_types.js","sourceRoot":"","sources":["../source/standard_certificate_types.ts"],"names":[],"mappings":";;;AAAA;;GAEG;AACH,yDAAkD;AAErC,QAAA,eAAe,GAAI;IAC5B,WAAW,EAAE,IAAA,iCAAa,EAAC,4BAA4B,CAAC;IACxD,KAAK,EAAE,IAAA,iCAAa,EAAC,sBAAsB,CAAC;IAC5C,iBAAiB,EAAE,IAAA,iCAAa,EAAC,kCAAkC,CAAC;IACpE,oBAAoB,EAAE,IAAA,iCAAa,EAAC,qCAAqC,CAAC;CAC7E,CAAC"}
+{"version":3,"file":"standard_certificate_types.js","sourceRoot":"","sources":["../source/standard_certificate_types.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAElD,MAAM,CAAC,MAAM,eAAe,GAAG;IAC3B,WAAW,EAAE,aAAa,CAAC,4BAA4B,CAAC;IACxD,KAAK,EAAE,aAAa,CAAC,sBAAsB,CAAC;IAC5C,iBAAiB,EAAE,aAAa,CAAC,kCAAkC,CAAC;IACpE,oBAAoB,EAAE,aAAa,CAAC,qCAAqC,CAAC;CAC7E,CAAC"}

package/dist/trust_list.d.ts

@@ -1,4 +1,4 @@
-import { StatusCode } from "node-opcua-status-code";
+import type { StatusCode } from "node-opcua-status-code";
 /**
  * @module node-opcua-server-configuration
  */
@@ -45,7 +45,7 @@ export interface ITrustList {
      *
      * This method cannot be called if the file object is open
      * @param  certificate - The DER encoded Certificate to add as a ByteStrng
-     * @param  isTrustedCertificate - If TRUE the Certificate is added to the Trusted Certificates List. If FALSE the Certificate is added to the Issuer Certificates List.
+     * @param  isTrustedCerticopy ficate - If TRUE the Certificate is added to the Trusted Certificates List. If FALSE the Certificate is added to the Issuer Certificates List.
      *
      * **Result Code**
      * - BadUserAccessDenied:     The current user does not have the rights required.

package/dist/trust_list.js

@@ -1,3 +1,2 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
+export {};
 //# sourceMappingURL=trust_list.js.map

package/dist/trust_list_impl.js

@@ -1,10 +1,9 @@
-"use strict";
 // /**
 //  * @module node-opcua-server-configuration
 //  */
 // import { StatusCode, StatusCodes } from "node-opcua-status-code";
 // import { ITrustList } from "./trust_list";
-Object.defineProperty(exports, "__esModule", { value: true });
+export {};
 // export class TrustList implements ITrustList {
 //   public async closeAndUpdate(
 //     applyChangesRequired: boolean

package/dist/trust_list_impl.js.map

@@ -1 +1 @@
-{"version":3,"file":"trust_list_impl.js","sourceRoot":"","sources":["../source/trust_list_impl.ts"],"names":[],"mappings":";AAAA,MAAM;AACN,6CAA6C;AAC7C,MAAM;AACN,oEAAoE;AACpE,6CAA6C;;AAE7C,iDAAiD;AAEjD,iCAAiC;AACjC,oCAAoC;AACpC,0BAA0B;AAE1B,oBAAoB;AACpB,MAAM;AAEN,iCAAiC;AACjC,2BAA2B;AAC3B,oCAAoC;AACpC,6BAA6B;AAC7B,4CAA4C;AAC5C,MAAM;AAEN,oCAAoC;AACpC,0BAA0B;AAC1B,oCAAoC;AACpC,6BAA6B;AAC7B,4CAA4C;AAC5C,MAAM;AACN,IAAI"}
+{"version":3,"file":"trust_list_impl.js","sourceRoot":"","sources":["../source/trust_list_impl.ts"],"names":[],"mappings":"AAAA,MAAM;AACN,6CAA6C;AAC7C,MAAM;AACN,oEAAoE;AACpE,6CAA6C;;AAE7C,iDAAiD;AAEjD,iCAAiC;AACjC,oCAAoC;AACpC,0BAA0B;AAE1B,oBAAoB;AACpB,MAAM;AAEN,iCAAiC;AACjC,2BAA2B;AAC3B,oCAAoC;AACpC,6BAA6B;AAC7B,4CAA4C;AAC5C,MAAM;AAEN,oCAAoC;AACpC,0BAA0B;AAC1B,oCAAoC;AACpC,6BAA6B;AAC7B,4CAA4C;AAC5C,MAAM;AACN,IAAI"}

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "node-opcua-server-configuration",
-    "version": "2.163.0",
+    "version": "2.164.2",
     "description": "pure nodejs OPCUA SDK - module server-configuration",
     "scripts": {
         "build": "tsc -b",
@@ -10,42 +10,41 @@
     },
     "main": "./dist/index.js",
     "types": "./dist/index.d.ts",
+    "type": "module",
     "dependencies": {
         "chalk": "4.1.2",
-        "memfs": "^4.56.10",
-        "node-opcua-address-space": "2.163.0",
-        "node-opcua-address-space-base": "2.163.0",
-        "node-opcua-assert": "2.157.0",
-        "node-opcua-basic-types": "2.162.0",
-        "node-opcua-binary-stream": "2.162.0",
-        "node-opcua-certificate-manager": "2.162.0",
-        "node-opcua-common": "2.163.0",
+        "memfs": "^4.56.11",
+        "node-opcua-address-space": "2.164.2",
+        "node-opcua-address-space-base": "2.164.0",
+        "node-opcua-assert": "2.164.0",
+        "node-opcua-basic-types": "2.164.0",
+        "node-opcua-binary-stream": "2.164.0",
+        "node-opcua-certificate-manager": "2.164.2",
+        "node-opcua-common": "2.164.0",
         "node-opcua-constants": "2.157.0",
-        "node-opcua-crypto": "4.16.1",
-        "node-opcua-data-model": "2.163.0",
-        "node-opcua-debug": "2.157.0",
-        "node-opcua-file-transfer": "2.163.0",
-        "node-opcua-hostname": "2.157.0",
-        "node-opcua-nodeid": "2.157.0",
-        "node-opcua-pki": "5.7.0",
-        "node-opcua-pseudo-session": "2.163.0",
-        "node-opcua-secure-channel": "2.163.0",
-        "node-opcua-server": "2.163.0",
-        "node-opcua-service-translate-browse-path": "2.163.0",
-        "node-opcua-status-code": "2.162.0",
-        "node-opcua-types": "2.163.0",
-        "node-opcua-variant": "2.163.0",
-        "rimraf": "6.1.2"
+        "node-opcua-crypto": "5.3.0",
+        "node-opcua-data-model": "2.164.0",
+        "node-opcua-debug": "2.164.0",
+        "node-opcua-file-transfer": "2.164.2",
+        "node-opcua-hostname": "2.164.0",
+        "node-opcua-nodeid": "2.164.0",
+        "node-opcua-pki": "6.8.2",
+        "node-opcua-pseudo-session": "2.164.2",
+        "node-opcua-secure-channel": "2.164.2",
+        "node-opcua-server": "2.164.2",
+        "node-opcua-service-translate-browse-path": "2.164.0",
+        "node-opcua-status-code": "2.164.0",
+        "node-opcua-types": "2.164.0",
+        "node-opcua-variant": "2.164.0"
     },
     "devDependencies": {
         "@types/mocha": "^10.0.10",
         "bcryptjs": "3.0.3",
         "mocha": "11.7.5",
-        "node-opcua-client": "2.163.0",
-        "node-opcua-data-value": "2.163.0",
-        "node-opcua-leak-detector": "2.157.0",
-        "node-opcua-nodesets": "2.162.0",
-        "ts-node": "^10.9.2"
+        "node-opcua-client": "2.164.2",
+        "node-opcua-data-value": "2.164.0",
+        "node-opcua-leak-detector": "2.164.0",
+        "node-opcua-nodesets": "2.163.1"
     },
     "author": "Etienne Rossignon",
     "license": "MIT",
@@ -62,7 +61,7 @@
         "internet of things"
     ],
     "homepage": "http://node-opcua.github.io/",
-    "gitHead": "20862daa7ac42893d32d2bcb4dcecc272c320a67",
+    "gitHead": "eb76d34b885c7584785d8eff69ada66f95b55c2e",
     "files": [
         "dist",
         "source"

package/source/clientTools/certificate_types.ts

@@ -0,0 +1,21 @@
+import { resolveNodeId } from "node-opcua-nodeid";
+
+// OPC UA Part 12 Certificate Types - defined once to avoid duplication
+export const rsaCertificateTypes = {
+    ApplicationInstanceCertificate_RSA_Min_Deprecated: resolveNodeId("ns=0;i=12537"),
+    ApplicationInstanceCertificate_RSA_Sha256: resolveNodeId("ns=0;i=12538"),
+    ApplicationInstanceCertificate_RSA_Sha256_2048: resolveNodeId("ns=0;i=12541"),
+    ApplicationInstanceCertificate_RSA_Sha256_4096: resolveNodeId("ns=0;i=12542")
+} as const;
+export const rsaCertificateTypesArray = Object.values(rsaCertificateTypes);
+
+export const eccCertificateTypes = {
+    ApplicationInstanceCertificate_ECC_Deprecated: resolveNodeId("ns=0;i=12556"), // deprecated
+    ApplicationInstanceCertificate_ECC_nistP256: resolveNodeId("ns=0;i=12557"),
+    ApplicationInstanceCertificate_ECC_nistP384: resolveNodeId("ns=0;i=12558"),
+    ApplicationInstanceCertificate_ECC_brainpoolP256r1: resolveNodeId("ns=0;i=12559"),
+    ApplicationInstanceCertificate_ECC_brainpoolP384r1: resolveNodeId("ns=0;i=12560"),
+    ApplicationInstanceCertificate_ECC_curve25519: resolveNodeId("ns=0;i=12561"),
+    ApplicationInstanceCertificate_ECC_curve448: resolveNodeId("ns=0;i=12562")
+} as const;
+export const eccCertificateTypesArray = Object.values(eccCertificateTypes);

package/source/clientTools/get_certificate_key_type.ts

@@ -0,0 +1,73 @@
+import { exploreCertificate } from "node-opcua-crypto";
+import { checkDebugFlag, make_debugLog, make_errorLog, make_warningLog } from "node-opcua-debug";
+
+const debugLog = make_debugLog("ServerConfiguration");
+const errorLog = make_errorLog("ServerConfiguration");
+const warningLog = make_warningLog("ServerConfiguration");
+const doDebug = checkDebugFlag("ServerConfiguration");
+
+/**
+ * Extract the key type from a certificate (RSA or ECC)
+ * @param certificate The certificate to analyze
+ * @returns "RSA" or "ECC" or null if unknown
+ */
+type AlgorithmIdentifierLike = {
+    identifier?: string;
+    oid?: string;
+};
+
+/**
+ * Extract the algorithm identifier from an algorithm object or string
+ * @param algorithm The algorithm to analyze
+ * @returns The algorithm identifier as a string, or undefined if not found
+ */
+function getAlgorithmId(algorithm: unknown): string | undefined {
+    if (typeof algorithm === "string") {
+        return algorithm;
+    }
+    if (algorithm && typeof algorithm === "object") {
+        const obj = algorithm as AlgorithmIdentifierLike;
+        return obj.identifier ?? obj.oid;
+    }
+    return undefined;
+}
+
+/**
+ * Extract the key type from a certificate (RSA or ECC)
+ * @param certificate The certificate to analyze
+ * @returns "RSA" or "ECC" or null if unknown
+ */
+export function getCertificateKeyType(certificate: Buffer): "RSA" | "ECC" | null {
+    try {
+        const certInfo = exploreCertificate(certificate);
+
+        // Use subject public key algorithm to determine key type
+        const publicKeyAlg = certInfo.tbsCertificate?.subjectPublicKeyInfo?.algorithm;
+        doDebug && debugLog("Certificate subjectPublicKeyInfo.algorithm:", publicKeyAlg);
+
+        const algorithmStr = getAlgorithmId(publicKeyAlg);
+
+        if (!algorithmStr) {
+            warningLog("Unable to extract public key algorithm from certificate");
+            return null;
+        }
+
+        const algorithmLower = algorithmStr.toLowerCase();
+
+        // RSA public key OID: 1.2.840.113549.1.1.1
+        if (algorithmStr.startsWith("1.2.840.113549.1.1.1") || algorithmLower.includes("rsa")) {
+            return "RSA";
+        }
+
+        // EC public key OID: 1.2.840.10045.2.1
+        if (algorithmStr.startsWith("1.2.840.10045.2.1") || algorithmLower.includes("ec") || algorithmLower.includes("ecc")) {
+            return "ECC";
+        }
+
+        warningLog("Unknown certificate public key algorithm:", algorithmStr);
+        return null;
+    } catch (err) {
+        errorLog("Error extracting certificate key type:", (err as Error).message);
+        return null;
+    }
+}

package/source/clientTools/index.ts

@@ -1 +1,2 @@
-export * from "./push_certificate_management_client"
+export * from "./certificate_types.js";
+export * from "./push_certificate_management_client.js";