pptx-react-viewer 1.1.4 → 1.1.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +512 -96
- package/dist/index.mjs +512 -97
- package/dist/viewer/index.js +530 -102
- package/dist/viewer/index.mjs +530 -103
- package/node_modules/emf-converter/dist/index.d.mts +2 -2
- package/node_modules/emf-converter/dist/index.d.ts +2 -2
- package/node_modules/emf-converter/dist/index.js +91 -33
- package/node_modules/emf-converter/dist/index.mjs +91 -33
- package/node_modules/emf-converter/package.json +1 -1
- package/node_modules/mtx-decompressor/dist/index.js +39 -9
- package/node_modules/mtx-decompressor/dist/index.mjs +39 -9
- package/node_modules/mtx-decompressor/package.json +1 -1
- package/node_modules/pptx-viewer-core/dist/cli/index.js +0 -0
- package/node_modules/pptx-viewer-core/dist/cli/index.mjs +0 -0
- package/node_modules/pptx-viewer-core/dist/converter/index.js +0 -0
- package/node_modules/pptx-viewer-core/dist/converter/index.mjs +0 -0
- package/node_modules/pptx-viewer-core/dist/index.d.mts +95 -11
- package/node_modules/pptx-viewer-core/dist/index.d.ts +95 -11
- package/node_modules/pptx-viewer-core/dist/index.js +795 -257
- package/node_modules/pptx-viewer-core/dist/index.mjs +791 -258
- package/node_modules/pptx-viewer-core/dist/{signature-inspection-status-BcJSdOvb.d.mts → signature-inspection-status-BCUpfCQh.d.mts} +13 -2
- package/node_modules/pptx-viewer-core/dist/{signature-inspection-status-BcJSdOvb.d.ts → signature-inspection-status-BCUpfCQh.d.ts} +13 -2
- package/node_modules/pptx-viewer-core/dist/signature-node/index.d.mts +2 -2
- package/node_modules/pptx-viewer-core/dist/signature-node/index.d.ts +2 -2
- package/node_modules/pptx-viewer-core/dist/signature-node/index.js +17 -3
- package/node_modules/pptx-viewer-core/dist/signature-node/index.mjs +16 -4
- package/node_modules/pptx-viewer-core/package.json +1 -1
- package/package.json +6 -4
|
@@ -136,8 +136,19 @@ interface OfficeSignatureReference {
|
|
|
136
136
|
* These functions operate on raw XML strings without requiring a DOM parser,
|
|
137
137
|
* making them platform-agnostic (browser + Node).
|
|
138
138
|
*/
|
|
139
|
-
/**
|
|
139
|
+
/**
|
|
140
|
+
* Escape special characters in an XML attribute value.
|
|
141
|
+
* Handles `&`, `<`, `>`, `"`, and `'` so the result is safe inside both
|
|
142
|
+
* double- and single-quoted attributes.
|
|
143
|
+
*/
|
|
140
144
|
declare function escapeXmlAttr(value: string): string;
|
|
145
|
+
/**
|
|
146
|
+
* Escape special characters in XML text content.
|
|
147
|
+
* Only `&`, `<`, and `>` need escaping outside of attribute values.
|
|
148
|
+
*/
|
|
149
|
+
declare function escapeXmlText(value: string): string;
|
|
150
|
+
/** Validate that `value` only contains characters from the standard base64 alphabet. */
|
|
151
|
+
declare function isValidBase64(value: string): boolean;
|
|
141
152
|
/**
|
|
142
153
|
* Extract an attribute value from the first matching XML tag via regex.
|
|
143
154
|
* Namespace prefixes on the tag name are supported via the pattern.
|
|
@@ -206,4 +217,4 @@ declare function computeDetailStatus(detail: Pick<SignatureDetail, 'signatureVal
|
|
|
206
217
|
*/
|
|
207
218
|
declare function computeVerificationStatus(details: SignatureDetail[]): DigitalSignatureReport['verificationStatus'];
|
|
208
219
|
|
|
209
|
-
export {
|
|
220
|
+
export { extractTagAttribute as A, isValidBase64 as B, type CertificateRevocationStatus as C, DIGEST_ALGORITHM_TO_HASH as D, ENTERPRISE_FAIL_ON_REVOCATION_UNKNOWN_ENV as E, normalizePartPath as F, resolveReferenceUriToPart as G, type LoadedSigningMaterial as L, OPC_RELATIONSHIP_TRANSFORM as O, PPTX_VIEWER_MANIFEST_NS as P, type ReferenceTransformResult as R, SUPPORTED_XML_CANON_TRANSFORMS as S, type TimestampAuthorityStatus as T, XMLDSIG_NS as X, DIGEST_ALGORITHM_TO_WEB_CRYPTO as a, DIGITAL_SIGNATURE_ORIGIN_REL_TYPE as b, DIGITAL_SIGNATURE_REL_TYPE as c, type DigitalSignatureReport as d, type DigitalSignatureVerificationStatus as e, ENTERPRISE_REQUIRE_REVOCATION_ENV as f, ENTERPRISE_REQUIRE_TIMESTAMP_ENV as g, ENTERPRISE_TRUST_ROOTS_FILE_ENV as h, ENTERPRISE_TRUST_ROOTS_PEM_ENV as i, type OfficeSignatureReference as j, type ParsedReferenceTransform as k, type SignOptions as l, type SignResult as m, type SignatureDetail as n, type SignatureDetailStatus as o, type SignatureCertificateInfo as p, type SignatureReferenceCheck as q, type SignatureValidationPolicy as r, XML_TRANSFORM_ENVELOPED_SIGNATURE as s, computeDetailStatus as t, computeDigestBase64 as u, computeVerificationStatus as v, escapeXmlAttr as w, escapeXmlText as x, extractAllTagText as y, extractFirstTagText as z };
|
|
@@ -136,8 +136,19 @@ interface OfficeSignatureReference {
|
|
|
136
136
|
* These functions operate on raw XML strings without requiring a DOM parser,
|
|
137
137
|
* making them platform-agnostic (browser + Node).
|
|
138
138
|
*/
|
|
139
|
-
/**
|
|
139
|
+
/**
|
|
140
|
+
* Escape special characters in an XML attribute value.
|
|
141
|
+
* Handles `&`, `<`, `>`, `"`, and `'` so the result is safe inside both
|
|
142
|
+
* double- and single-quoted attributes.
|
|
143
|
+
*/
|
|
140
144
|
declare function escapeXmlAttr(value: string): string;
|
|
145
|
+
/**
|
|
146
|
+
* Escape special characters in XML text content.
|
|
147
|
+
* Only `&`, `<`, and `>` need escaping outside of attribute values.
|
|
148
|
+
*/
|
|
149
|
+
declare function escapeXmlText(value: string): string;
|
|
150
|
+
/** Validate that `value` only contains characters from the standard base64 alphabet. */
|
|
151
|
+
declare function isValidBase64(value: string): boolean;
|
|
141
152
|
/**
|
|
142
153
|
* Extract an attribute value from the first matching XML tag via regex.
|
|
143
154
|
* Namespace prefixes on the tag name are supported via the pattern.
|
|
@@ -206,4 +217,4 @@ declare function computeDetailStatus(detail: Pick<SignatureDetail, 'signatureVal
|
|
|
206
217
|
*/
|
|
207
218
|
declare function computeVerificationStatus(details: SignatureDetail[]): DigitalSignatureReport['verificationStatus'];
|
|
208
219
|
|
|
209
|
-
export {
|
|
220
|
+
export { extractTagAttribute as A, isValidBase64 as B, type CertificateRevocationStatus as C, DIGEST_ALGORITHM_TO_HASH as D, ENTERPRISE_FAIL_ON_REVOCATION_UNKNOWN_ENV as E, normalizePartPath as F, resolveReferenceUriToPart as G, type LoadedSigningMaterial as L, OPC_RELATIONSHIP_TRANSFORM as O, PPTX_VIEWER_MANIFEST_NS as P, type ReferenceTransformResult as R, SUPPORTED_XML_CANON_TRANSFORMS as S, type TimestampAuthorityStatus as T, XMLDSIG_NS as X, DIGEST_ALGORITHM_TO_WEB_CRYPTO as a, DIGITAL_SIGNATURE_ORIGIN_REL_TYPE as b, DIGITAL_SIGNATURE_REL_TYPE as c, type DigitalSignatureReport as d, type DigitalSignatureVerificationStatus as e, ENTERPRISE_REQUIRE_REVOCATION_ENV as f, ENTERPRISE_REQUIRE_TIMESTAMP_ENV as g, ENTERPRISE_TRUST_ROOTS_FILE_ENV as h, ENTERPRISE_TRUST_ROOTS_PEM_ENV as i, type OfficeSignatureReference as j, type ParsedReferenceTransform as k, type SignOptions as l, type SignResult as m, type SignatureDetail as n, type SignatureDetailStatus as o, type SignatureCertificateInfo as p, type SignatureReferenceCheck as q, type SignatureValidationPolicy as r, XML_TRANSFORM_ENVELOPED_SIGNATURE as s, computeDetailStatus as t, computeDigestBase64 as u, computeVerificationStatus as v, escapeXmlAttr as w, escapeXmlText as x, extractAllTagText as y, extractFirstTagText as z };
|
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { p as SignatureCertificateInfo, L as LoadedSigningMaterial, C as CertificateRevocationStatus, T as TimestampAuthorityStatus, r as SignatureValidationPolicy, k as ParsedReferenceTransform, R as ReferenceTransformResult, q as SignatureReferenceCheck, l as SignOptions, m as SignResult, d as DigitalSignatureReport } from '../signature-inspection-status-
|
|
2
|
-
export { D as DIGEST_ALGORITHM_TO_HASH, a as DIGEST_ALGORITHM_TO_WEB_CRYPTO, b as DIGITAL_SIGNATURE_ORIGIN_REL_TYPE, c as DIGITAL_SIGNATURE_REL_TYPE, e as DigitalSignatureVerificationStatus, E as ENTERPRISE_FAIL_ON_REVOCATION_UNKNOWN_ENV, f as ENTERPRISE_REQUIRE_REVOCATION_ENV, g as ENTERPRISE_REQUIRE_TIMESTAMP_ENV, h as ENTERPRISE_TRUST_ROOTS_FILE_ENV, i as ENTERPRISE_TRUST_ROOTS_PEM_ENV, O as OPC_RELATIONSHIP_TRANSFORM, j as OfficeSignatureReference, P as PPTX_VIEWER_MANIFEST_NS, S as SUPPORTED_XML_CANON_TRANSFORMS, n as SignatureDetail, o as SignatureDetailStatus, X as XMLDSIG_NS, s as XML_TRANSFORM_ENVELOPED_SIGNATURE, t as computeDetailStatus, u as computeDigestBase64WebCrypto, v as computeVerificationStatus, w as escapeXmlAttr, x as
|
|
1
|
+
import { p as SignatureCertificateInfo, L as LoadedSigningMaterial, C as CertificateRevocationStatus, T as TimestampAuthorityStatus, r as SignatureValidationPolicy, k as ParsedReferenceTransform, R as ReferenceTransformResult, q as SignatureReferenceCheck, l as SignOptions, m as SignResult, d as DigitalSignatureReport } from '../signature-inspection-status-BCUpfCQh.mjs';
|
|
2
|
+
export { D as DIGEST_ALGORITHM_TO_HASH, a as DIGEST_ALGORITHM_TO_WEB_CRYPTO, b as DIGITAL_SIGNATURE_ORIGIN_REL_TYPE, c as DIGITAL_SIGNATURE_REL_TYPE, e as DigitalSignatureVerificationStatus, E as ENTERPRISE_FAIL_ON_REVOCATION_UNKNOWN_ENV, f as ENTERPRISE_REQUIRE_REVOCATION_ENV, g as ENTERPRISE_REQUIRE_TIMESTAMP_ENV, h as ENTERPRISE_TRUST_ROOTS_FILE_ENV, i as ENTERPRISE_TRUST_ROOTS_PEM_ENV, O as OPC_RELATIONSHIP_TRANSFORM, j as OfficeSignatureReference, P as PPTX_VIEWER_MANIFEST_NS, S as SUPPORTED_XML_CANON_TRANSFORMS, n as SignatureDetail, o as SignatureDetailStatus, X as XMLDSIG_NS, s as XML_TRANSFORM_ENVELOPED_SIGNATURE, t as computeDetailStatus, u as computeDigestBase64WebCrypto, v as computeVerificationStatus, w as escapeXmlAttr, x as escapeXmlText, y as extractAllTagText, z as extractFirstTagText, A as extractTagAttribute, B as isValidBase64, F as normalizePartPath, G as resolveReferenceUriToPart } from '../signature-inspection-status-BCUpfCQh.mjs';
|
|
3
3
|
import JSZip from 'jszip';
|
|
4
4
|
|
|
5
5
|
/**
|
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { p as SignatureCertificateInfo, L as LoadedSigningMaterial, C as CertificateRevocationStatus, T as TimestampAuthorityStatus, r as SignatureValidationPolicy, k as ParsedReferenceTransform, R as ReferenceTransformResult, q as SignatureReferenceCheck, l as SignOptions, m as SignResult, d as DigitalSignatureReport } from '../signature-inspection-status-
|
|
2
|
-
export { D as DIGEST_ALGORITHM_TO_HASH, a as DIGEST_ALGORITHM_TO_WEB_CRYPTO, b as DIGITAL_SIGNATURE_ORIGIN_REL_TYPE, c as DIGITAL_SIGNATURE_REL_TYPE, e as DigitalSignatureVerificationStatus, E as ENTERPRISE_FAIL_ON_REVOCATION_UNKNOWN_ENV, f as ENTERPRISE_REQUIRE_REVOCATION_ENV, g as ENTERPRISE_REQUIRE_TIMESTAMP_ENV, h as ENTERPRISE_TRUST_ROOTS_FILE_ENV, i as ENTERPRISE_TRUST_ROOTS_PEM_ENV, O as OPC_RELATIONSHIP_TRANSFORM, j as OfficeSignatureReference, P as PPTX_VIEWER_MANIFEST_NS, S as SUPPORTED_XML_CANON_TRANSFORMS, n as SignatureDetail, o as SignatureDetailStatus, X as XMLDSIG_NS, s as XML_TRANSFORM_ENVELOPED_SIGNATURE, t as computeDetailStatus, u as computeDigestBase64WebCrypto, v as computeVerificationStatus, w as escapeXmlAttr, x as
|
|
1
|
+
import { p as SignatureCertificateInfo, L as LoadedSigningMaterial, C as CertificateRevocationStatus, T as TimestampAuthorityStatus, r as SignatureValidationPolicy, k as ParsedReferenceTransform, R as ReferenceTransformResult, q as SignatureReferenceCheck, l as SignOptions, m as SignResult, d as DigitalSignatureReport } from '../signature-inspection-status-BCUpfCQh.js';
|
|
2
|
+
export { D as DIGEST_ALGORITHM_TO_HASH, a as DIGEST_ALGORITHM_TO_WEB_CRYPTO, b as DIGITAL_SIGNATURE_ORIGIN_REL_TYPE, c as DIGITAL_SIGNATURE_REL_TYPE, e as DigitalSignatureVerificationStatus, E as ENTERPRISE_FAIL_ON_REVOCATION_UNKNOWN_ENV, f as ENTERPRISE_REQUIRE_REVOCATION_ENV, g as ENTERPRISE_REQUIRE_TIMESTAMP_ENV, h as ENTERPRISE_TRUST_ROOTS_FILE_ENV, i as ENTERPRISE_TRUST_ROOTS_PEM_ENV, O as OPC_RELATIONSHIP_TRANSFORM, j as OfficeSignatureReference, P as PPTX_VIEWER_MANIFEST_NS, S as SUPPORTED_XML_CANON_TRANSFORMS, n as SignatureDetail, o as SignatureDetailStatus, X as XMLDSIG_NS, s as XML_TRANSFORM_ENVELOPED_SIGNATURE, t as computeDetailStatus, u as computeDigestBase64WebCrypto, v as computeVerificationStatus, w as escapeXmlAttr, x as escapeXmlText, y as extractAllTagText, z as extractFirstTagText, A as extractTagAttribute, B as isValidBase64, F as normalizePartPath, G as resolveReferenceUriToPart } from '../signature-inspection-status-BCUpfCQh.js';
|
|
3
3
|
import JSZip from 'jszip';
|
|
4
4
|
|
|
5
5
|
/**
|
|
@@ -56,7 +56,13 @@ var DIGEST_ALGORITHM_TO_WEB_CRYPTO = {
|
|
|
56
56
|
|
|
57
57
|
// src/core/utils/signature-xml-utils.ts
|
|
58
58
|
function escapeXmlAttr(value) {
|
|
59
|
-
return value.replace(/&/g, "&").replace(
|
|
59
|
+
return value.replace(/&/g, "&").replace(/</g, "<").replace(/>/g, ">").replace(/"/g, """).replace(/'/g, "'");
|
|
60
|
+
}
|
|
61
|
+
function escapeXmlText(value) {
|
|
62
|
+
return value.replace(/&/g, "&").replace(/</g, "<").replace(/>/g, ">");
|
|
63
|
+
}
|
|
64
|
+
function isValidBase64(value) {
|
|
65
|
+
return typeof value === "string" && value.length > 0 && /^[A-Za-z0-9+/=\s]+$/.test(value);
|
|
60
66
|
}
|
|
61
67
|
function extractTagAttribute(xml, tagName, attributeName) {
|
|
62
68
|
const pattern = new RegExp(
|
|
@@ -1081,7 +1087,7 @@ async function buildOfficeReferenceList(zip) {
|
|
|
1081
1087
|
}
|
|
1082
1088
|
function buildOfficeSignatureXml(references, privateKeyPem, certificatePem) {
|
|
1083
1089
|
const signedInfoReferencesXml = references.map(
|
|
1084
|
-
(reference) => `<Reference URI="${escapeXmlAttr(reference.uri)}"><DigestMethod Algorithm="${escapeXmlAttr(reference.digestMethod)}"/><DigestValue>${
|
|
1090
|
+
(reference) => `<Reference URI="${escapeXmlAttr(reference.uri)}"><DigestMethod Algorithm="${escapeXmlAttr(reference.digestMethod)}"/><DigestValue>${escapeXmlText(reference.digestValue)}</DigestValue></Reference>`
|
|
1085
1091
|
).join("");
|
|
1086
1092
|
const signedInfoXml = `<SignedInfo xmlns="${XMLDSIG_NS}"><CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>${signedInfoReferencesXml}</SignedInfo>`;
|
|
1087
1093
|
const canonicalSignedInfo = canonicalizeSignedInfoXml(signedInfoXml);
|
|
@@ -1090,8 +1096,14 @@ function buildOfficeSignatureXml(references, privateKeyPem, certificatePem) {
|
|
|
1090
1096
|
signer.end();
|
|
1091
1097
|
const signatureValueBase64 = signer.sign(privateKeyPem).toString("base64");
|
|
1092
1098
|
const certificateBase64 = pemCertificateToBase64(certificatePem);
|
|
1099
|
+
if (!isValidBase64(signatureValueBase64)) {
|
|
1100
|
+
throw new Error("Generated SignatureValue is not valid base64");
|
|
1101
|
+
}
|
|
1102
|
+
if (!isValidBase64(certificateBase64)) {
|
|
1103
|
+
throw new Error("X.509 certificate is not valid base64");
|
|
1104
|
+
}
|
|
1093
1105
|
const signingTime = (/* @__PURE__ */ new Date()).toISOString();
|
|
1094
|
-
return `<Signature xmlns="${XMLDSIG_NS}">${signedInfoXml}<SignatureValue>${signatureValueBase64}</SignatureValue><KeyInfo><X509Data><X509Certificate>${certificateBase64}</X509Certificate></X509Data></KeyInfo><Object><SignatureProperties><SignatureProperty><SigningTime>${
|
|
1106
|
+
return `<Signature xmlns="${XMLDSIG_NS}">${signedInfoXml}<SignatureValue>${escapeXmlText(signatureValueBase64)}</SignatureValue><KeyInfo><X509Data><X509Certificate>${escapeXmlText(certificateBase64)}</X509Certificate></X509Data></KeyInfo><Object><SignatureProperties><SignatureProperty><SigningTime>${escapeXmlText(signingTime)}</SigningTime></SignatureProperty></SignatureProperties></Object></Signature>`;
|
|
1095
1107
|
}
|
|
1096
1108
|
async function signPptxWithCertificate(data, certificateBuffer, options) {
|
|
1097
1109
|
try {
|
|
@@ -1169,6 +1181,7 @@ exports.computeDigestBase64 = computeDigestBase642;
|
|
|
1169
1181
|
exports.computeDigestBase64WebCrypto = computeDigestBase64;
|
|
1170
1182
|
exports.computeVerificationStatus = computeVerificationStatus;
|
|
1171
1183
|
exports.escapeXmlAttr = escapeXmlAttr;
|
|
1184
|
+
exports.escapeXmlText = escapeXmlText;
|
|
1172
1185
|
exports.evaluateCertificateRevocation = evaluateCertificateRevocation;
|
|
1173
1186
|
exports.evaluateTimestampAuthority = evaluateTimestampAuthority;
|
|
1174
1187
|
exports.extractAllTagText = extractAllTagText;
|
|
@@ -1181,6 +1194,7 @@ exports.getFirstDescendantElementByLocalName = getFirstDescendantElementByLocalN
|
|
|
1181
1194
|
exports.getNodeLocalName = getNodeLocalName;
|
|
1182
1195
|
exports.getSignatureValidationPolicy = getSignatureValidationPolicy;
|
|
1183
1196
|
exports.inspectPptxDigitalSignatures = inspectPptxDigitalSignatures;
|
|
1197
|
+
exports.isValidBase64 = isValidBase64;
|
|
1184
1198
|
exports.loadEnterpriseTrustRoots = loadEnterpriseTrustRoots;
|
|
1185
1199
|
exports.loadSigningMaterialFromBuffer = loadSigningMaterialFromBuffer;
|
|
1186
1200
|
exports.normalizePartPath = normalizePartPath;
|
|
@@ -43,7 +43,13 @@ var DIGEST_ALGORITHM_TO_WEB_CRYPTO = {
|
|
|
43
43
|
|
|
44
44
|
// src/core/utils/signature-xml-utils.ts
|
|
45
45
|
function escapeXmlAttr(value) {
|
|
46
|
-
return value.replace(/&/g, "&").replace(
|
|
46
|
+
return value.replace(/&/g, "&").replace(/</g, "<").replace(/>/g, ">").replace(/"/g, """).replace(/'/g, "'");
|
|
47
|
+
}
|
|
48
|
+
function escapeXmlText(value) {
|
|
49
|
+
return value.replace(/&/g, "&").replace(/</g, "<").replace(/>/g, ">");
|
|
50
|
+
}
|
|
51
|
+
function isValidBase64(value) {
|
|
52
|
+
return typeof value === "string" && value.length > 0 && /^[A-Za-z0-9+/=\s]+$/.test(value);
|
|
47
53
|
}
|
|
48
54
|
function extractTagAttribute(xml, tagName, attributeName) {
|
|
49
55
|
const pattern = new RegExp(
|
|
@@ -1068,7 +1074,7 @@ async function buildOfficeReferenceList(zip) {
|
|
|
1068
1074
|
}
|
|
1069
1075
|
function buildOfficeSignatureXml(references, privateKeyPem, certificatePem) {
|
|
1070
1076
|
const signedInfoReferencesXml = references.map(
|
|
1071
|
-
(reference) => `<Reference URI="${escapeXmlAttr(reference.uri)}"><DigestMethod Algorithm="${escapeXmlAttr(reference.digestMethod)}"/><DigestValue>${
|
|
1077
|
+
(reference) => `<Reference URI="${escapeXmlAttr(reference.uri)}"><DigestMethod Algorithm="${escapeXmlAttr(reference.digestMethod)}"/><DigestValue>${escapeXmlText(reference.digestValue)}</DigestValue></Reference>`
|
|
1072
1078
|
).join("");
|
|
1073
1079
|
const signedInfoXml = `<SignedInfo xmlns="${XMLDSIG_NS}"><CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>${signedInfoReferencesXml}</SignedInfo>`;
|
|
1074
1080
|
const canonicalSignedInfo = canonicalizeSignedInfoXml(signedInfoXml);
|
|
@@ -1077,8 +1083,14 @@ function buildOfficeSignatureXml(references, privateKeyPem, certificatePem) {
|
|
|
1077
1083
|
signer.end();
|
|
1078
1084
|
const signatureValueBase64 = signer.sign(privateKeyPem).toString("base64");
|
|
1079
1085
|
const certificateBase64 = pemCertificateToBase64(certificatePem);
|
|
1086
|
+
if (!isValidBase64(signatureValueBase64)) {
|
|
1087
|
+
throw new Error("Generated SignatureValue is not valid base64");
|
|
1088
|
+
}
|
|
1089
|
+
if (!isValidBase64(certificateBase64)) {
|
|
1090
|
+
throw new Error("X.509 certificate is not valid base64");
|
|
1091
|
+
}
|
|
1080
1092
|
const signingTime = (/* @__PURE__ */ new Date()).toISOString();
|
|
1081
|
-
return `<Signature xmlns="${XMLDSIG_NS}">${signedInfoXml}<SignatureValue>${signatureValueBase64}</SignatureValue><KeyInfo><X509Data><X509Certificate>${certificateBase64}</X509Certificate></X509Data></KeyInfo><Object><SignatureProperties><SignatureProperty><SigningTime>${
|
|
1093
|
+
return `<Signature xmlns="${XMLDSIG_NS}">${signedInfoXml}<SignatureValue>${escapeXmlText(signatureValueBase64)}</SignatureValue><KeyInfo><X509Data><X509Certificate>${escapeXmlText(certificateBase64)}</X509Certificate></X509Data></KeyInfo><Object><SignatureProperties><SignatureProperty><SigningTime>${escapeXmlText(signingTime)}</SigningTime></SignatureProperty></SignatureProperties></Object></Signature>`;
|
|
1082
1094
|
}
|
|
1083
1095
|
async function signPptxWithCertificate(data, certificateBuffer, options) {
|
|
1084
1096
|
try {
|
|
@@ -1128,4 +1140,4 @@ async function signPptxWithCertificate(data, certificateBuffer, options) {
|
|
|
1128
1140
|
}
|
|
1129
1141
|
}
|
|
1130
1142
|
|
|
1131
|
-
export { DIGEST_ALGORITHM_TO_HASH, DIGEST_ALGORITHM_TO_WEB_CRYPTO, DIGITAL_SIGNATURE_ORIGIN_REL_TYPE, DIGITAL_SIGNATURE_REL_TYPE, ENTERPRISE_FAIL_ON_REVOCATION_UNKNOWN_ENV, ENTERPRISE_REQUIRE_REVOCATION_ENV, ENTERPRISE_REQUIRE_TIMESTAMP_ENV, ENTERPRISE_TRUST_ROOTS_FILE_ENV, ENTERPRISE_TRUST_ROOTS_PEM_ENV, OPC_RELATIONSHIP_TRANSFORM, PPTX_VIEWER_MANIFEST_NS, SUPPORTED_XML_CANON_TRANSFORMS, XMLDSIG_NS, XML_TRANSFORM_ENVELOPED_SIGNATURE, applyReferenceTransforms, buildOcspRequestDer, buildReferenceChecksFromPptxViewerManifest, buildReferenceChecksFromSignatureXml, canonicalizeNode, canonicalizeSignedInfoXml, certFingerprintSha256, certPemFromBase64, certificateInfoFromBase64, computeDetailStatus, computeDigestBase642 as computeDigestBase64, computeDigestBase64 as computeDigestBase64WebCrypto, computeVerificationStatus, escapeXmlAttr, evaluateCertificateRevocation, evaluateTimestampAuthority, extractAllTagText, extractFirstTagText, extractOcspUrls, extractPemCertificatesFromText, extractReferenceTransforms, extractTagAttribute, getFirstDescendantElementByLocalName, getNodeLocalName, getSignatureValidationPolicy, inspectPptxDigitalSignatures, loadEnterpriseTrustRoots, loadSigningMaterialFromBuffer, normalizePartPath, parseOcspResponseStatus, pemCertificateToBase64, resolveReferenceUriToPart, signPptxWithCertificate, validateCertificateChain, verifySignatureValue };
|
|
1143
|
+
export { DIGEST_ALGORITHM_TO_HASH, DIGEST_ALGORITHM_TO_WEB_CRYPTO, DIGITAL_SIGNATURE_ORIGIN_REL_TYPE, DIGITAL_SIGNATURE_REL_TYPE, ENTERPRISE_FAIL_ON_REVOCATION_UNKNOWN_ENV, ENTERPRISE_REQUIRE_REVOCATION_ENV, ENTERPRISE_REQUIRE_TIMESTAMP_ENV, ENTERPRISE_TRUST_ROOTS_FILE_ENV, ENTERPRISE_TRUST_ROOTS_PEM_ENV, OPC_RELATIONSHIP_TRANSFORM, PPTX_VIEWER_MANIFEST_NS, SUPPORTED_XML_CANON_TRANSFORMS, XMLDSIG_NS, XML_TRANSFORM_ENVELOPED_SIGNATURE, applyReferenceTransforms, buildOcspRequestDer, buildReferenceChecksFromPptxViewerManifest, buildReferenceChecksFromSignatureXml, canonicalizeNode, canonicalizeSignedInfoXml, certFingerprintSha256, certPemFromBase64, certificateInfoFromBase64, computeDetailStatus, computeDigestBase642 as computeDigestBase64, computeDigestBase64 as computeDigestBase64WebCrypto, computeVerificationStatus, escapeXmlAttr, escapeXmlText, evaluateCertificateRevocation, evaluateTimestampAuthority, extractAllTagText, extractFirstTagText, extractOcspUrls, extractPemCertificatesFromText, extractReferenceTransforms, extractTagAttribute, getFirstDescendantElementByLocalName, getNodeLocalName, getSignatureValidationPolicy, inspectPptxDigitalSignatures, isValidBase64, loadEnterpriseTrustRoots, loadSigningMaterialFromBuffer, normalizePartPath, parseOcspResponseStatus, pemCertificateToBase64, resolveReferenceUriToPart, signPptxWithCertificate, validateCertificateChain, verifySignatureValue };
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "pptx-react-viewer",
|
|
3
|
-
"version": "1.1.
|
|
3
|
+
"version": "1.1.5",
|
|
4
4
|
"description": "React-based PowerPoint viewer, editor, and canvas export — depends on pptx-viewer-core",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"editor",
|
|
@@ -57,14 +57,16 @@
|
|
|
57
57
|
},
|
|
58
58
|
"dependencies": {
|
|
59
59
|
"clsx": "^2.1.1",
|
|
60
|
-
"
|
|
60
|
+
"dompurify": "^3.4.2",
|
|
61
|
+
"emf-converter": "^1.1.5",
|
|
61
62
|
"html2canvas-pro": "^2.0.2",
|
|
62
|
-
"mtx-decompressor": "^1.1.
|
|
63
|
-
"pptx-viewer-core": "^1.1.
|
|
63
|
+
"mtx-decompressor": "^1.1.5",
|
|
64
|
+
"pptx-viewer-core": "^1.1.5",
|
|
64
65
|
"tailwind-merge": "^3.5.0"
|
|
65
66
|
},
|
|
66
67
|
"devDependencies": {
|
|
67
68
|
"@tailwindcss/cli": "^4.2.4",
|
|
69
|
+
"@types/dompurify": "^3.2.0",
|
|
68
70
|
"@types/react": "^19.2.14",
|
|
69
71
|
"@types/react-dom": "^19.2.3",
|
|
70
72
|
"tailwindcss": "^4.2.4",
|