npm - node-opcua-server-configuration - Versions diffs - 2.97.0 → 2.98.1 - Mend

node-opcua-server-configuration 2.97.0 → 2.98.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (32) hide show

package/dist/clientTools/index.d.ts +1 -1
package/dist/clientTools/index.js +17 -17
package/dist/clientTools/push_certificate_management_client.d.ts +176 -176
package/dist/clientTools/push_certificate_management_client.js +463 -463
package/dist/clientTools/push_certificate_management_client.js.map +1 -1
package/dist/index.d.ts +10 -10
package/dist/index.js +27 -27
package/dist/push_certificate_manager.d.ts +141 -141
package/dist/push_certificate_manager.js +2 -2
package/dist/server/install_certificate_file_watcher.d.ts +5 -5
package/dist/server/install_certificate_file_watcher.js +23 -23
package/dist/server/install_push_certitifate_management.d.ts +19 -19
package/dist/server/install_push_certitifate_management.js +215 -215
package/dist/server/promote_trust_list.d.ts +6 -6
package/dist/server/promote_trust_list.js +175 -175
package/dist/server/push_certificate_manager_helpers.d.ts +4 -4
package/dist/server/push_certificate_manager_helpers.js +411 -411
package/dist/server/push_certificate_manager_server_impl.d.ts +47 -47
package/dist/server/push_certificate_manager_server_impl.js +525 -525
package/dist/server/roles_and_permissions.d.ts +3 -3
package/dist/server/roles_and_permissions.js +38 -38
package/dist/server/tools.d.ts +3 -3
package/dist/server/tools.js +19 -19
package/dist/server/trust_list_server.d.ts +13 -13
package/dist/server/trust_list_server.js +89 -89
package/dist/standard_certificate_types.d.ts +6 -6
package/dist/standard_certificate_types.js +13 -13
package/dist/trust_list.d.ts +79 -79
package/dist/trust_list.js +2 -2
package/dist/trust_list_impl.js +25 -25
package/package.json +32 -28
package/bin/configurator.ts +0 -304

package/dist/server/promote_trust_list.js CHANGED Viewed

@@ -1,176 +1,176 @@
-"use strict";
-/**
- * @module node-opcua-server-configuration
- */
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.installAccessRestrictionOnTrustList = exports.promoteTrustList = void 0;
-const memfs_1 = require("memfs");
-const node_opcua_debug_1 = require("node-opcua-debug");
-const node_opcua_status_code_1 = require("node-opcua-status-code");
-const node_opcua_variant_1 = require("node-opcua-variant");
-const node_opcua_data_model_1 = require("node-opcua-data-model");
-const node_opcua_file_transfer_1 = require("node-opcua-file-transfer");
-const node_opcua_crypto_1 = require("node-opcua-crypto");
-const trust_list_server_1 = require("./trust_list_server");
-const tools_1 = require("./tools");
-const roles_and_permissions_1 = require("./roles_and_permissions");
-const debugLog = (0, node_opcua_debug_1.make_debugLog)("ServerConfiguration");
-const doDebug = (0, node_opcua_debug_1.checkDebugFlag)("ServerConfiguration");
-const warningLog = (0, node_opcua_debug_1.make_warningLog)("ServerConfiguration");
-const errorLog = debugLog;
-function trustListIsAlreadyOpened(trustList) {
-    return false; // to do...
-}
-function _closeAndUpdate(inputArguments, context) {
-    return __awaiter(this, void 0, void 0, function* () {
-        return { statusCode: node_opcua_status_code_1.StatusCodes.Good };
-    });
-}
-// in TrustList
-function _addCertificate(inputArguments, context) {
-    return __awaiter(this, void 0, void 0, function* () {
-        // If the Certificate is issued by a CA then the Client shall provide the entire
-        // chain in the certificate argument (see OPC 10000-6). After validating the Certificate,
-        // the Server shall add the CA Certificates to the Issuers list in the Trust List.
-        // The leaf Certificate is added to the list specified by the isTrustedCertificate argument.
-        if (!(0, tools_1.hasEncryptedChannel)(context)) {
-            return { statusCode: node_opcua_status_code_1.StatusCodes.BadSecurityModeInsufficient };
-        }
-        if (!(0, tools_1.hasExpectedUserAccess)(context)) {
-            return { statusCode: node_opcua_status_code_1.StatusCodes.BadUserAccessDenied };
-        }
-        const trustList = context.object;
-        const cm = trustList.$$certificateManager || null;
-        // The trust list must have been bound
-        if (!cm) {
-            return { statusCode: node_opcua_status_code_1.StatusCodes.BadInternalError };
-        }
-        // This method cannot be called if the file object is open.
-        if (trustListIsAlreadyOpened(trustList)) {
-            return { statusCode: node_opcua_status_code_1.StatusCodes.BadInvalidState };
-        }
-        const certificateChain = inputArguments[0].value;
-        const isTrustedCertificate = inputArguments[1].value;
-        const certificates = (0, node_opcua_crypto_1.split_der)(certificateChain);
-        // validate certificate first
-        const r = yield (0, node_opcua_crypto_1.verifyCertificateChain)(certificates);
-        if (r.status !== "Good") {
-            warningLog("Invalid certificate ", r.status, r.reason);
-            return { statusCode: node_opcua_status_code_1.StatusCodes.BadCertificateInvalid };
-        }
-        for (let i = 0; i < certificates.length; i++) {
-            const certificate = certificates[i];
-            if (i === certificates.length - 1 && isTrustedCertificate) {
-                yield cm.trustCertificate(certificate);
-            }
-            else {
-                yield cm.addIssuer(certificate);
-            }
-        }
-        debugLog("_addCertificate - done isTrustedCertificate= ", isTrustedCertificate);
-        return { statusCode: node_opcua_status_code_1.StatusCodes.Good };
-    });
-}
-function _removeCertificate(inputArguments, context) {
-    return __awaiter(this, void 0, void 0, function* () {
-        if (!(0, tools_1.hasEncryptedChannel)(context)) {
-            return { statusCode: node_opcua_status_code_1.StatusCodes.BadSecurityModeInsufficient };
-        }
-        if (!(0, tools_1.hasExpectedUserAccess)(context)) {
-            return { statusCode: node_opcua_status_code_1.StatusCodes.BadUserAccessDenied };
-        }
-        return { statusCode: node_opcua_status_code_1.StatusCodes.Good };
-    });
-}
-let counter = 0;
-function promoteTrustList(trustList) {
-    return __awaiter(this, void 0, void 0, function* () {
-        const filename = `/tmpFile${counter}`;
-        counter += 1;
-        (0, node_opcua_file_transfer_1.installFileType)(trustList, { filename, fileSystem: memfs_1.fs });
-        // we need to change the default open method
-        const open = trustList.getChildByName("Open");
-        const _open_asyncExecutionFunction = open._asyncExecutionFunction;
-        // ... and bind the extended methods as well.
-        const closeAndUpdate = trustList.getChildByName("CloseAndUpdate");
-        const openWithMasks = trustList.getChildByName("OpenWithMasks");
-        const addCertificate = trustList.getChildByName("AddCertificate");
-        const removeCertificate = trustList.getChildByName("RemoveCertificate");
-        function _openTrustList(trustMask, inputArgs, context, callback) {
-            if (trustListIsAlreadyOpened(trustList)) {
-                return callback(null, { statusCode: node_opcua_status_code_1.StatusCodes.BadInvalidState });
-            }
-            // if (trustList.isOpened) {
-            //     warningLog("TrustList is already opened")
-            //     return { statusCode: StatusCodes.BadInvalidState};
-            // }
-            // The Open Method shall not support modes other than Read (0x01) and the Write + EraseExisting (0x06).
-            const openMask = inputArgs[0].value;
-            if (openMask !== node_opcua_file_transfer_1.OpenFileMode.Read && openMask !== node_opcua_file_transfer_1.OpenFileMode.WriteEraseExisting) {
-                return callback(null, { statusCode: node_opcua_status_code_1.StatusCodes.BadInvalidArgument });
-            }
-            // possible statusCode: Bad_UserAccessDenied	The current user does not have the rights required.
-            const certificateManager = trustList.$$certificateManager || undefined;
-            if (certificateManager) {
-                (0, trust_list_server_1.writeTrustList)(memfs_1.fs, filename, trustMask, certificateManager)
-                    .then(() => {
-                    //  trustList.isOpened = true;
-                    _open_asyncExecutionFunction.call(this, inputArgs, context, callback);
-                })
-                    .catch((err) => {
-                    errorLog(err);
-                    callback(err, { statusCode: node_opcua_status_code_1.StatusCodes.BadInternalError });
-                });
-            }
-            else {
-                warningLog("certificateManager is not defined on trustlist do something to update the document before we open it");
-                return _open_asyncExecutionFunction.call(this, inputArgs, context, callback);
-            }
-        }
-        function _openCallback(inputArgs, context, callback) {
-            _openTrustList.call(this, trust_list_server_1.TrustListMasks.All, inputArgs, context, callback);
-        }
-        open.bindMethod(_openCallback);
-        function _openWithMaskCallback(inputArgs, context, callback) {
-            const trustListMask = inputArgs[0].value;
-            inputArgs[0] = new node_opcua_variant_1.Variant({ dataType: node_opcua_variant_1.DataType.Byte, value: node_opcua_file_transfer_1.OpenFileMode.Read });
-            _openTrustList.call(this, trustListMask, inputArgs, context, callback);
-        }
-        // The OpenWithMasks Method allows a Client to read only the portion of the Trust List.
-        // This Method can only be used to read the Trust List.
-        openWithMasks.bindMethod(_openWithMaskCallback);
-        addCertificate.bindMethod(_addCertificate);
-        removeCertificate.bindMethod(_removeCertificate);
-        closeAndUpdate === null || closeAndUpdate === void 0 ? void 0 : closeAndUpdate.bindMethod(_closeAndUpdate);
-        function install_method_handle_on_TrustListType(addressSpace) {
-            const fileType = addressSpace.findObjectType("TrustListType");
-            if (!fileType || fileType.addCertificate.isBound()) {
-                return;
-            }
-            fileType.open && fileType.open.bindMethod(_openCallback);
-            fileType.addCertificate.bindMethod(_addCertificate);
-            fileType.removeCertificate.bindMethod(_removeCertificate);
-            fileType.openWithMasks && fileType.openWithMasks.bindMethod(_openWithMaskCallback);
-            fileType.closeAndUpdate && fileType.closeAndUpdate.bindMethod(_closeAndUpdate);
-        }
-        install_method_handle_on_TrustListType(trustList.addressSpace);
-    });
-}
-exports.promoteTrustList = promoteTrustList;
-function installAccessRestrictionOnTrustList(trustList) {
-    for (const m of trustList.getComponents()) {
-        m === null || m === void 0 ? void 0 : m.setRolePermissions(roles_and_permissions_1.rolePermissionAdminOnly);
-        m === null || m === void 0 ? void 0 : m.setAccessRestrictions(node_opcua_data_model_1.AccessRestrictionsFlag.SigningRequired | node_opcua_data_model_1.AccessRestrictionsFlag.EncryptionRequired);
-    }
-}
-exports.installAccessRestrictionOnTrustList = installAccessRestrictionOnTrustList;
+"use strict";
+/**
+ * @module node-opcua-server-configuration
+ */
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.installAccessRestrictionOnTrustList = exports.promoteTrustList = void 0;
+const memfs_1 = require("memfs");
+const node_opcua_debug_1 = require("node-opcua-debug");
+const node_opcua_status_code_1 = require("node-opcua-status-code");
+const node_opcua_variant_1 = require("node-opcua-variant");
+const node_opcua_data_model_1 = require("node-opcua-data-model");
+const node_opcua_file_transfer_1 = require("node-opcua-file-transfer");
+const node_opcua_crypto_1 = require("node-opcua-crypto");
+const trust_list_server_1 = require("./trust_list_server");
+const tools_1 = require("./tools");
+const roles_and_permissions_1 = require("./roles_and_permissions");
+const debugLog = (0, node_opcua_debug_1.make_debugLog)("ServerConfiguration");
+const doDebug = (0, node_opcua_debug_1.checkDebugFlag)("ServerConfiguration");
+const warningLog = (0, node_opcua_debug_1.make_warningLog)("ServerConfiguration");
+const errorLog = debugLog;
+function trustListIsAlreadyOpened(trustList) {
+    return false; // to do...
+}
+function _closeAndUpdate(inputArguments, context) {
+    return __awaiter(this, void 0, void 0, function* () {
+        return { statusCode: node_opcua_status_code_1.StatusCodes.Good };
+    });
+}
+// in TrustList
+function _addCertificate(inputArguments, context) {
+    return __awaiter(this, void 0, void 0, function* () {
+        // If the Certificate is issued by a CA then the Client shall provide the entire
+        // chain in the certificate argument (see OPC 10000-6). After validating the Certificate,
+        // the Server shall add the CA Certificates to the Issuers list in the Trust List.
+        // The leaf Certificate is added to the list specified by the isTrustedCertificate argument.
+        if (!(0, tools_1.hasEncryptedChannel)(context)) {
+            return { statusCode: node_opcua_status_code_1.StatusCodes.BadSecurityModeInsufficient };
+        }
+        if (!(0, tools_1.hasExpectedUserAccess)(context)) {
+            return { statusCode: node_opcua_status_code_1.StatusCodes.BadUserAccessDenied };
+        }
+        const trustList = context.object;
+        const cm = trustList.$$certificateManager || null;
+        // The trust list must have been bound
+        if (!cm) {
+            return { statusCode: node_opcua_status_code_1.StatusCodes.BadInternalError };
+        }
+        // This method cannot be called if the file object is open.
+        if (trustListIsAlreadyOpened(trustList)) {
+            return { statusCode: node_opcua_status_code_1.StatusCodes.BadInvalidState };
+        }
+        const certificateChain = inputArguments[0].value;
+        const isTrustedCertificate = inputArguments[1].value;
+        const certificates = (0, node_opcua_crypto_1.split_der)(certificateChain);
+        // validate certificate first
+        const r = yield (0, node_opcua_crypto_1.verifyCertificateChain)(certificates);
+        if (r.status !== "Good") {
+            warningLog("Invalid certificate ", r.status, r.reason);
+            return { statusCode: node_opcua_status_code_1.StatusCodes.BadCertificateInvalid };
+        }
+        for (let i = 0; i < certificates.length; i++) {
+            const certificate = certificates[i];
+            if (i === certificates.length - 1 && isTrustedCertificate) {
+                yield cm.trustCertificate(certificate);
+            }
+            else {
+                yield cm.addIssuer(certificate);
+            }
+        }
+        debugLog("_addCertificate - done isTrustedCertificate= ", isTrustedCertificate);
+        return { statusCode: node_opcua_status_code_1.StatusCodes.Good };
+    });
+}
+function _removeCertificate(inputArguments, context) {
+    return __awaiter(this, void 0, void 0, function* () {
+        if (!(0, tools_1.hasEncryptedChannel)(context)) {
+            return { statusCode: node_opcua_status_code_1.StatusCodes.BadSecurityModeInsufficient };
+        }
+        if (!(0, tools_1.hasExpectedUserAccess)(context)) {
+            return { statusCode: node_opcua_status_code_1.StatusCodes.BadUserAccessDenied };
+        }
+        return { statusCode: node_opcua_status_code_1.StatusCodes.Good };
+    });
+}
+let counter = 0;
+function promoteTrustList(trustList) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const filename = `/tmpFile${counter}`;
+        counter += 1;
+        (0, node_opcua_file_transfer_1.installFileType)(trustList, { filename, fileSystem: memfs_1.fs });
+        // we need to change the default open method
+        const open = trustList.getChildByName("Open");
+        const _open_asyncExecutionFunction = open._asyncExecutionFunction;
+        // ... and bind the extended methods as well.
+        const closeAndUpdate = trustList.getChildByName("CloseAndUpdate");
+        const openWithMasks = trustList.getChildByName("OpenWithMasks");
+        const addCertificate = trustList.getChildByName("AddCertificate");
+        const removeCertificate = trustList.getChildByName("RemoveCertificate");
+        function _openTrustList(trustMask, inputArgs, context, callback) {
+            if (trustListIsAlreadyOpened(trustList)) {
+                return callback(null, { statusCode: node_opcua_status_code_1.StatusCodes.BadInvalidState });
+            }
+            // if (trustList.isOpened) {
+            //     warningLog("TrustList is already opened")
+            //     return { statusCode: StatusCodes.BadInvalidState};
+            // }
+            // The Open Method shall not support modes other than Read (0x01) and the Write + EraseExisting (0x06).
+            const openMask = inputArgs[0].value;
+            if (openMask !== node_opcua_file_transfer_1.OpenFileMode.Read && openMask !== node_opcua_file_transfer_1.OpenFileMode.WriteEraseExisting) {
+                return callback(null, { statusCode: node_opcua_status_code_1.StatusCodes.BadInvalidArgument });
+            }
+            // possible statusCode: Bad_UserAccessDenied	The current user does not have the rights required.
+            const certificateManager = trustList.$$certificateManager || undefined;
+            if (certificateManager) {
+                (0, trust_list_server_1.writeTrustList)(memfs_1.fs, filename, trustMask, certificateManager)
+                    .then(() => {
+                    //  trustList.isOpened = true;
+                    _open_asyncExecutionFunction.call(this, inputArgs, context, callback);
+                })
+                    .catch((err) => {
+                    errorLog(err);
+                    callback(err, { statusCode: node_opcua_status_code_1.StatusCodes.BadInternalError });
+                });
+            }
+            else {
+                warningLog("certificateManager is not defined on trustlist do something to update the document before we open it");
+                return _open_asyncExecutionFunction.call(this, inputArgs, context, callback);
+            }
+        }
+        function _openCallback(inputArgs, context, callback) {
+            _openTrustList.call(this, trust_list_server_1.TrustListMasks.All, inputArgs, context, callback);
+        }
+        open.bindMethod(_openCallback);
+        function _openWithMaskCallback(inputArgs, context, callback) {
+            const trustListMask = inputArgs[0].value;
+            inputArgs[0] = new node_opcua_variant_1.Variant({ dataType: node_opcua_variant_1.DataType.Byte, value: node_opcua_file_transfer_1.OpenFileMode.Read });
+            _openTrustList.call(this, trustListMask, inputArgs, context, callback);
+        }
+        // The OpenWithMasks Method allows a Client to read only the portion of the Trust List.
+        // This Method can only be used to read the Trust List.
+        openWithMasks.bindMethod(_openWithMaskCallback);
+        addCertificate.bindMethod(_addCertificate);
+        removeCertificate.bindMethod(_removeCertificate);
+        closeAndUpdate === null || closeAndUpdate === void 0 ? void 0 : closeAndUpdate.bindMethod(_closeAndUpdate);
+        function install_method_handle_on_TrustListType(addressSpace) {
+            const fileType = addressSpace.findObjectType("TrustListType");
+            if (!fileType || fileType.addCertificate.isBound()) {
+                return;
+            }
+            fileType.open && fileType.open.bindMethod(_openCallback);
+            fileType.addCertificate.bindMethod(_addCertificate);
+            fileType.removeCertificate.bindMethod(_removeCertificate);
+            fileType.openWithMasks && fileType.openWithMasks.bindMethod(_openWithMaskCallback);
+            fileType.closeAndUpdate && fileType.closeAndUpdate.bindMethod(_closeAndUpdate);
+        }
+        install_method_handle_on_TrustListType(trustList.addressSpace);
+    });
+}
+exports.promoteTrustList = promoteTrustList;
+function installAccessRestrictionOnTrustList(trustList) {
+    for (const m of trustList.getComponents()) {
+        m === null || m === void 0 ? void 0 : m.setRolePermissions(roles_and_permissions_1.rolePermissionAdminOnly);
+        m === null || m === void 0 ? void 0 : m.setAccessRestrictions(node_opcua_data_model_1.AccessRestrictionsFlag.SigningRequired | node_opcua_data_model_1.AccessRestrictionsFlag.EncryptionRequired);
+    }
+}
+exports.installAccessRestrictionOnTrustList = installAccessRestrictionOnTrustList;
 //# sourceMappingURL=promote_trust_list.js.map

package/dist/server/push_certificate_manager_helpers.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { AddressSpace, UACertificateGroup } from "node-opcua-address-space";
-import { PushCertificateManagerServerOptions } from "./push_certificate_manager_server_impl";
-export declare function promoteCertificateGroup(certificateGroup: UACertificateGroup): Promise<void>;
-export declare function installPushCertificateManagement(addressSpace: AddressSpace, options: PushCertificateManagerServerOptions): Promise<void>;
+import { AddressSpace, UACertificateGroup } from "node-opcua-address-space";
+import { PushCertificateManagerServerOptions } from "./push_certificate_manager_server_impl";
+export declare function promoteCertificateGroup(certificateGroup: UACertificateGroup): Promise<void>;
+export declare function installPushCertificateManagement(addressSpace: AddressSpace, options: PushCertificateManagerServerOptions): Promise<void>;