xml-crypto-next 7.0.2 → 7.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/lib/hash-algorithms.d.ts +4 -0
  2. package/lib/hash-algorithms.js +24 -1
  3. package/lib/hash-algorithms.js.map +1 -1
  4. package/lib/types.d.ts +1 -1
  5. package/lib/types.js.map +1 -1
  6. package/package.json +1 -1
package/lib/hash-algorithms.d.ts CHANGED
@@ -15,3 +15,7 @@ export declare class Sha512 implements HashAlgorithm {
15
15
  getHash: (xml: any) => string;
16
16
  getAlgorithmName: () => string;
17
17
  }
18
+ export declare class Shake256 implements HashAlgorithm {
19
+ getHash: (xml: any) => string;
20
+ getAlgorithmName: () => string;
21
+ }
package/lib/hash-algorithms.js CHANGED
@@ -1,6 +1,6 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.Sha512 = exports.Sha384 = exports.Sha256 = exports.Sha1 = void 0;
3
+ exports.Shake256 = exports.Sha512 = exports.Sha384 = exports.Sha256 = exports.Sha1 = void 0;
4
4
  const crypto = require("crypto");
5
5
  class Sha1 {
6
6
  constructor() {
@@ -58,4 +58,27 @@ class Sha512 {
58
58
  }
59
59
  }
60
60
  exports.Sha512 = Sha512;
61
+ class Shake256 {
62
+ constructor() {
63
+ // Ed448 内部使用的 SHAKE256 输出长度固定为 114 字节
64
+ this.getHash = function (xml) {
65
+ const shasum = crypto.createHash("shake256", {
66
+ outputLength: 114
67
+ });
68
+ shasum.update(xml, "utf8");
69
+ const res = shasum.digest("base64");
70
+ return res;
71
+ };
72
+ this.getAlgorithmName = function () {
73
+ // 这是一个非标准的 URI,因为标准 Ed448 (PureEdDSA) 不在 DigestMethod 中暴露 SHAKE256。
74
+ // 如果你的库强制需要一个字符串,你可能需要查阅该库的文档。
75
+ // 有些实现可能会复用 sha3-512 的 URI 或者使用自定义 URI。
76
+ // 这里提供一个可能的表示,或者保持与你之前的映射逻辑一致(如果那是库的要求)。
77
+ // 但在密码学上,它不是 sha3-512。
78
+ return "http://www.w3.org/2001/04/xmldsig-more#shake256";
79
+ // 如果必须兼容旧系统且它们错误地期望 sha3-512,请谨慎更改,但原理上是错的。
80
+ };
81
+ }
82
+ }
83
+ exports.Shake256 = Shake256;
61
84
  //# sourceMappingURL=hash-algorithms.js.map
package/lib/hash-algorithms.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"hash-algorithms.js","sourceRoot":"","sources":["../src/hash-algorithms.ts"],"names":[],"mappings":";;;AAAA,iCAAiC;AAGjC,MAAa,IAAI;IAAjB;QACE,YAAO,GAAG,UAAU,GAAG;YACrB,MAAM,MAAM,GAAG,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;YACzC,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;YAC3B,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YACpC,OAAO,GAAG,CAAC;QACb,CAAC,CAAC;QAEF,qBAAgB,GAAG;YACjB,OAAO,wCAAwC,CAAC;QAClD,CAAC,CAAC;IACJ,CAAC;CAAA;AAXD,oBAWC;AAED,MAAa,MAAM;IAAnB;QACE,YAAO,GAAG,UAAU,GAAG;YACrB,MAAM,MAAM,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;YAC3C,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;YAC3B,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YACpC,OAAO,GAAG,CAAC;QACb,CAAC,CAAC;QAEF,qBAAgB,GAAG;YACjB,OAAO,yCAAyC,CAAC;QACnD,CAAC,CAAC;IACJ,CAAC;CAAA;AAXD,wBAWC;AACD,MAAa,MAAM;IAAnB;QACE,YAAO,GAAG,UAAU,GAAG;YACrB,MAAM,MAAM,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;YAC3C,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;YAC3B,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YACpC,OAAO,GAAG,CAAC;QACb,CAAC,CAAC;QAEF,qBAAgB,GAAG;YACjB,OAAO,yCAAyC,CAAC;QACnD,CAAC,CAAC;IACJ,CAAC;CAAA;AAXD,wBAWC;AACD,MAAa,MAAM;IAAnB;QACE,YAAO,GAAG,UAAU,GAAG;YACrB,MAAM,MAAM,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;YAC3C,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;YAC3B,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YACpC,OAAO,GAAG,CAAC;QACb,CAAC,CAAC;QAEF,qBAAgB,GAAG;YACjB,OAAO,yCAAyC,CAAC;QACnD,CAAC,CAAC;IACJ,CAAC;CAAA;AAXD,wBAWC","sourcesContent":["import * as crypto from \"crypto\";\r\nimport type { HashAlgorithm } from \"./types\";\r\n\r\nexport class Sha1 implements HashAlgorithm {\r\n getHash = function (xml) {\r\n const shasum = crypto.createHash(\"sha1\");\r\n shasum.update(xml, \"utf8\");\r\n const res = shasum.digest(\"base64\");\r\n return res;\r\n };\r\n\r\n getAlgorithmName = function () {\r\n return \"http://www.w3.org/2000/09/xmldsig#sha1\";\r\n };\r\n}\r\n\r\nexport class Sha256 implements HashAlgorithm {\r\n getHash = function (xml) {\r\n const shasum = crypto.createHash(\"sha256\");\r\n shasum.update(xml, \"utf8\");\r\n const res = shasum.digest(\"base64\");\r\n return res;\r\n };\r\n\r\n getAlgorithmName = function () {\r\n return \"http://www.w3.org/2001/04/xmlenc#sha256\";\r\n };\r\n}\r\nexport class Sha384 implements HashAlgorithm {\r\n getHash = function (xml) {\r\n const shasum = crypto.createHash(\"sha384\");\r\n shasum.update(xml, \"utf8\");\r\n const res = shasum.digest(\"base64\");\r\n return res;\r\n };\r\n\r\n getAlgorithmName = function () {\r\n return \"http://www.w3.org/2001/04/xmlenc#sha384\";\r\n };\r\n}\r\nexport class Sha512 implements HashAlgorithm {\r\n getHash = function (xml) {\r\n const shasum = crypto.createHash(\"sha512\");\r\n shasum.update(xml, \"utf8\");\r\n const res = shasum.digest(\"base64\");\r\n return res;\r\n };\r\n\r\n getAlgorithmName = function () {\r\n return \"http://www.w3.org/2001/04/xmlenc#sha512\";\r\n };\r\n}\r\n"]}
1
+ {"version":3,"file":"hash-algorithms.js","sourceRoot":"","sources":["../src/hash-algorithms.ts"],"names":[],"mappings":";;;AAAA,iCAAiC;AAGjC,MAAa,IAAI;IAAjB;QACE,YAAO,GAAG,UAAU,GAAG;YACrB,MAAM,MAAM,GAAG,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;YACzC,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;YAC3B,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YACpC,OAAO,GAAG,CAAC;QACb,CAAC,CAAC;QAEF,qBAAgB,GAAG;YACjB,OAAO,wCAAwC,CAAC;QAClD,CAAC,CAAC;IACJ,CAAC;CAAA;AAXD,oBAWC;AAED,MAAa,MAAM;IAAnB;QACE,YAAO,GAAG,UAAU,GAAG;YACrB,MAAM,MAAM,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;YAC3C,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;YAC3B,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YACpC,OAAO,GAAG,CAAC;QACb,CAAC,CAAC;QAEF,qBAAgB,GAAG;YACjB,OAAO,yCAAyC,CAAC;QACnD,CAAC,CAAC;IACJ,CAAC;CAAA;AAXD,wBAWC;AACD,MAAa,MAAM;IAAnB;QACE,YAAO,GAAG,UAAU,GAAG;YACrB,MAAM,MAAM,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;YAC3C,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;YAC3B,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YACpC,OAAO,GAAG,CAAC;QACb,CAAC,CAAC;QAEF,qBAAgB,GAAG;YACjB,OAAO,yCAAyC,CAAC;QACnD,CAAC,CAAC;IACJ,CAAC;CAAA;AAXD,wBAWC;AACD,MAAa,MAAM;IAAnB;QACE,YAAO,GAAG,UAAU,GAAG;YACrB,MAAM,MAAM,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;YAC3C,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;YAC3B,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YACpC,OAAO,GAAG,CAAC;QACb,CAAC,CAAC;QAEF,qBAAgB,GAAG;YACjB,OAAO,yCAAyC,CAAC;QACnD,CAAC,CAAC;IACJ,CAAC;CAAA;AAXD,wBAWC;AACD,MAAa,QAAQ;IAArB;QACE,sCAAsC;QAEtC,YAAO,GAAG,UAAU,GAAG;YACrB,MAAM,MAAM,GAAG,MAAM,CAAC,UAAU,CAAC,UAAU,EAAC;gBAC1C,YAAY,EAAE,GAAG;aAClB,CAAC,CAAC;YACH,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;YAC3B,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YACpC,OAAO,GAAG,CAAC;QACb,CAAC,CAAC;QAEF,qBAAgB,GAAG;YACrB,oEAAoE;YAChE,+BAA+B;YAC/B,wCAAwC;YACxC,yCAAyC;YACzC,uBAAuB;YACvB,OAAO,iDAAiD,CAAC;YACzD,4CAA4C;QAC9C,CAAC,CAAC;IACJ,CAAC;CAAA;AArBD,4BAqBC","sourcesContent":["import * as crypto from \"crypto\";\r\nimport type { HashAlgorithm } from \"./types\";\r\n\r\nexport class Sha1 implements HashAlgorithm {\r\n getHash = function (xml) {\r\n const shasum = crypto.createHash(\"sha1\");\r\n shasum.update(xml, \"utf8\");\r\n const res = shasum.digest(\"base64\");\r\n return res;\r\n };\r\n\r\n getAlgorithmName = function () {\r\n return \"http://www.w3.org/2000/09/xmldsig#sha1\";\r\n };\r\n}\r\n\r\nexport class Sha256 implements HashAlgorithm {\r\n getHash = function (xml) {\r\n const shasum = crypto.createHash(\"sha256\");\r\n shasum.update(xml, \"utf8\");\r\n const res = shasum.digest(\"base64\");\r\n return res;\r\n };\r\n\r\n getAlgorithmName = function () {\r\n return \"http://www.w3.org/2001/04/xmlenc#sha256\";\r\n };\r\n}\r\nexport class Sha384 implements HashAlgorithm {\r\n getHash = function (xml) {\r\n const shasum = crypto.createHash(\"sha384\");\r\n shasum.update(xml, \"utf8\");\r\n const res = shasum.digest(\"base64\");\r\n return res;\r\n };\r\n\r\n getAlgorithmName = function () {\r\n return \"http://www.w3.org/2001/04/xmlenc#sha384\";\r\n };\r\n}\r\nexport class Sha512 implements HashAlgorithm {\r\n getHash = function (xml) {\r\n const shasum = crypto.createHash(\"sha512\");\r\n shasum.update(xml, \"utf8\");\r\n const res = shasum.digest(\"base64\");\r\n return res;\r\n };\r\n\r\n getAlgorithmName = function () {\r\n return \"http://www.w3.org/2001/04/xmlenc#sha512\";\r\n };\r\n}\r\nexport class Shake256 implements HashAlgorithm {\r\n // Ed448 内部使用的 SHAKE256 输出长度固定为 114 字节\r\n\r\n getHash = function (xml) {\r\n const shasum = crypto.createHash(\"shake256\",{\r\n outputLength: 114\r\n });\r\n shasum.update(xml, \"utf8\");\r\n const res = shasum.digest(\"base64\");\r\n return res;\r\n };\r\n\r\n getAlgorithmName = function () {\r\n// 这是一个非标准的 URI,因为标准 Ed448 (PureEdDSA) 不在 DigestMethod 中暴露 SHAKE256。\r\n // 如果你的库强制需要一个字符串,你可能需要查阅该库的文档。\r\n // 有些实现可能会复用 sha3-512 的 URI 或者使用自定义 URI。\r\n // 这里提供一个可能的表示,或者保持与你之前的映射逻辑一致(如果那是库的要求)。\r\n // 但在密码学上,它不是 sha3-512。\r\n return \"http://www.w3.org/2001/04/xmldsig-more#shake256\";\r\n // 如果必须兼容旧系统且它们错误地期望 sha3-512,请谨慎更改,但原理上是错的。\r\n };\r\n}\r\n\r\n"]}
package/lib/types.d.ts CHANGED
@@ -2,7 +2,7 @@ import * as crypto from "crypto";
2
2
  export type ErrorFirstCallback<T> = (err: Error | null, result?: T) => void;
3
3
  export type CanonicalizationAlgorithmType = "http://www.w3.org/TR/2001/REC-xml-c14n-20010315" | "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" | "http://www.w3.org/2001/10/xml-exc-c14n#" | "http://www.w3.org/2001/10/xml-exc-c14n#WithComments" | string;
4
4
  export type CanonicalizationOrTransformAlgorithmType = CanonicalizationAlgorithmType | "http://www.w3.org/2000/09/xmldsig#enveloped-signature";
5
- export type HashAlgorithmType = "http://www.w3.org/2000/09/xmldsig#sha1" | "http://www.w3.org/2001/04/xmlenc#sha256" | "http://www.w3.org/2001/04/xmlenc#sha384" | "http://www.w3.org/2001/04/xmlenc#sha512" | string;
5
+ export type HashAlgorithmType = "http://www.w3.org/2000/09/xmldsig#sha1" | "http://www.w3.org/2001/04/xmlenc#sha256" | "http://www.w3.org/2001/04/xmlenc#sha384" | "http://www.w3.org/2001/04/xmlenc#sha512" | "http://www.w3.org/2001/04/xmlenc#sha3-512" | string;
6
6
  export type SignatureAlgorithmType = "http://www.w3.org/2000/09/xmldsig#rsa-sha1" | "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" | "http://www.w3.org/2007/05/xmldsig-more#sha256-rsa-MGF1" | "http://www.w3.org/2001/04/xmldsig-more#rsa-sha384" | "http://www.w3.org/2007/05/xmldsig-more#sha384-rsa-MGF1" | "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512" | "http://www.w3.org/2007/05/xmldsig-more#sha512-rsa-MGF1" | "http://www.w3.org/2007/05/xmldsig-more#eddsa-ed25519" | "http://www.w3.org/2021/04/xmldsig-more#eddsa-ed448" | "http://www.w3.org/2000/09/xmldsig#hmac-sha1" | string;
7
7
  /**
8
8
  * @param cert the certificate as a string or array of strings (@see https://www.w3.org/TR/2008/REC-xmldsig-core-20080610/#sec-X509Data)
package/lib/types.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":";AAAA,mCAAmC;AACnC,6CAA6C;AAC7C,0DAA0D;AAC1D,oEAAoE;AACpE,qEAAqE;;AAgQrE,wEAsBC;AAxDD;;;;;;;;;;;;;;;;;;;;GAoBG;AAEH,SAAS,oBAAoB,CAC3B,gBAAyB;IAEzB,OAAO,OAAO,gBAAgB,KAAK,UAAU,CAAC;AAChD,CAAC;AAED;;;;;GAKG;AACH,SAAgB,8BAA8B,CAC5C,WAA8B;IAK9B,OAAO,CAAC,CAAC,GAAG,IAAuC,EAAE,EAAE;QACrD,MAAM,gBAAgB,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QAC/C,IAAI,oBAAoB,CAAC,gBAAgB,CAAC,EAAE,CAAC;YAC3C,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,WAAW,CAAC,GAAI,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAO,CAAC,CAAC;gBACxD,gBAAgB,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;YACjC,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,gBAAgB,CAAC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC;YAC5E,CAAC;QACH,CAAC;aAAM,CAAC;YACN,OAAO,WAAW,CAAC,GAAI,IAAU,CAAC,CAAC;QACrC,CAAC;IACH,CAAC,CAGA,CAAC;AACJ,CAAC","sourcesContent":["/* eslint-disable no-unused-vars */\n// Type definitions for @node-saml/xml-crypto\n// Project: https://github.com/node-saml/xml-crypto#readme\n// Original definitions by: Eric Heikes <https://github.com/eheikes>\n// Max Chehab <https://github.com/maxchehab>\n\n/// <reference types=\"node\" />\n\nimport * as crypto from \"crypto\";\n\nexport type ErrorFirstCallback<T> = (err: Error | null, result?: T) => void;\n\nexport type CanonicalizationAlgorithmType =\n | \"http://www.w3.org/TR/2001/REC-xml-c14n-20010315\"\n | \"http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments\"\n | \"http://www.w3.org/2001/10/xml-exc-c14n#\"\n | \"http://www.w3.org/2001/10/xml-exc-c14n#WithComments\"\n | string;\n\nexport type CanonicalizationOrTransformAlgorithmType =\n | CanonicalizationAlgorithmType\n | \"http://www.w3.org/2000/09/xmldsig#enveloped-signature\";\n\nexport type HashAlgorithmType =\n | \"http://www.w3.org/2000/09/xmldsig#sha1\"\n | \"http://www.w3.org/2001/04/xmlenc#sha256\"\n | \"http://www.w3.org/2001/04/xmlenc#sha384\"\n | \"http://www.w3.org/2001/04/xmlenc#sha512\"\n | string;\n\nexport type SignatureAlgorithmType =\n | \"http://www.w3.org/2000/09/xmldsig#rsa-sha1\"\n | \"http://www.w3.org/2001/04/xmldsig-more#rsa-sha256\"\n | \"http://www.w3.org/2007/05/xmldsig-more#sha256-rsa-MGF1\"\n | \"http://www.w3.org/2001/04/xmldsig-more#rsa-sha384\"\n | \"http://www.w3.org/2007/05/xmldsig-more#sha384-rsa-MGF1\"\n | \"http://www.w3.org/2001/04/xmldsig-more#rsa-sha512\"\n | \"http://www.w3.org/2007/05/xmldsig-more#sha512-rsa-MGF1\"\n | \"http://www.w3.org/2007/05/xmldsig-more#eddsa-ed25519\"\n | \"http://www.w3.org/2021/04/xmldsig-more#eddsa-ed448\"\n | \"http://www.w3.org/2000/09/xmldsig#hmac-sha1\"\n | string;\n\n/**\n * @param cert the certificate as a string or array of strings (@see https://www.w3.org/TR/2008/REC-xmldsig-core-20080610/#sec-X509Data)\n * @param prefix an optional namespace alias to be used for the generated XML\n */\nexport interface GetKeyInfoContentArgs {\n publicCert?: crypto.KeyLike;\n prefix?: string | null;\n}\n\n/**\n * Object attributes as defined in XMLDSig spec and are emitted verbatim\n * @see https://www.w3.org/TR/xmldsig-core/#sec-Object\n */\nexport interface ObjectAttributes {\n /** Optional ID attribute */\n Id?: string;\n /** Optional MIME type attribute */\n MimeType?: string;\n /** Optional encoding attribute */\n Encoding?: string;\n\n /** Any additional custom attributes */\n [key: string]: string | undefined;\n}\n\n/**\n * Options for the SignedXml constructor.\n */\nexport interface SignedXmlOptions {\n idMode?: \"wssecurity\";\n idAttribute?: string;\n privateKey?: crypto.KeyLike;\n publicCert?: crypto.KeyLike;\n signatureAlgorithm?: SignatureAlgorithmType;\n canonicalizationAlgorithm?: CanonicalizationAlgorithmType;\n inclusiveNamespacesPrefixList?: string | string[];\n implicitTransforms?: ReadonlyArray<CanonicalizationOrTransformAlgorithmType>;\n keyInfoAttributes?: Record<string, string>;\n\n getKeyInfoContent?(args?: GetKeyInfoContentArgs): string | null;\n\n getCertFromKeyInfo?(keyInfo?: Node | null): string | null;\n\n objects?: Array<{ content: string; attributes?: ObjectAttributes }>;\n}\n\nexport interface NamespacePrefix {\n prefix: string;\n namespaceURI: string;\n}\n\nexport interface RenderedNamespace {\n rendered: string;\n newDefaultNs: string;\n}\n\nexport interface CanonicalizationOrTransformationAlgorithmProcessOptions {\n defaultNs?: string;\n defaultNsForPrefix?: Record<string, string>;\n ancestorNamespaces?: NamespacePrefix[];\n signatureNode?: Node | null;\n inclusiveNamespacesPrefixList?: string[];\n}\n\nexport interface ComputeSignatureOptionsLocation {\n reference?: string;\n action?: \"append\" | \"prepend\" | \"before\" | \"after\";\n}\n\n/**\n * Options for the computeSignature method.\n *\n * - `prefix` {String} Adds a prefix for the generated signature tags\n * - `attrs` {Object} A hash of attributes and values `attrName: value` to add to the signature root node\n * - `location` {{ reference: String, action: String }}\n * - `existingPrefixes` {Object} A hash of prefixes and namespaces `prefix: namespace` already in the xml\n * An object with a `reference` key which should\n * contain a XPath expression, an `action` key which\n * should contain one of the following values:\n * `append`, `prepend`, `before`, `after`\n */\nexport interface ComputeSignatureOptions {\n prefix?: string;\n attrs?: Record<string, string>;\n location?: ComputeSignatureOptionsLocation;\n existingPrefixes?: Record<string, string>;\n}\n\n/**\n * Represents a reference node for XML digital signature.\n */\nexport interface Reference {\n // The XPath expression that selects the data to be signed.\n xpath?: string;\n\n // An array of transforms to be applied to the data before signing.\n transforms: ReadonlyArray<CanonicalizationOrTransformAlgorithmType>;\n\n // The algorithm used to calculate the digest value of the data.\n digestAlgorithm: HashAlgorithmType;\n\n // The URI that identifies the data to be signed.\n uri: string;\n\n // Optional. The digest value of the referenced data.\n digestValue?: unknown;\n\n // A list of namespace prefixes to be treated as \"inclusive\" during canonicalization.\n inclusiveNamespacesPrefixList: string[];\n\n // Optional. Indicates whether the URI is empty.\n isEmptyUri: boolean;\n\n // Optional. The `Id` attribute of the reference node.\n id?: string;\n\n // Optional. The `Type` attribute of the reference node.\n type?: string;\n\n // Optional. The type of the reference node.\n ancestorNamespaces?: NamespacePrefix[];\n\n validationError?: Error;\n\n getValidatedNode(xpathSelector?: string): Node | null;\n\n signedReference?: string;\n}\n\n/** Implement this to create a new CanonicalizationOrTransformationAlgorithm */\nexport interface CanonicalizationOrTransformationAlgorithm {\n process(\n node: Node,\n options: CanonicalizationOrTransformationAlgorithmProcessOptions,\n ): Node | string;\n\n getAlgorithmName(): CanonicalizationOrTransformAlgorithmType;\n}\n\n/** Implement this to create a new HashAlgorithm */\nexport interface HashAlgorithm {\n getAlgorithmName(): HashAlgorithmType;\n\n getHash(xml: string): string;\n}\n\n/** Extend this to create a new SignatureAlgorithm */\nexport interface SignatureAlgorithm {\n /**\n * Sign the given string using the given key\n */\n getSignature(signedInfo: crypto.BinaryLike, privateKey: crypto.KeyLike): string;\n\n getSignature(\n signedInfo: crypto.BinaryLike,\n privateKey: crypto.KeyLike,\n callback?: ErrorFirstCallback<string>,\n ): void;\n\n /**\n * Verify the given signature of the given string using key\n *\n * @param key a public cert, public key, or private key can be passed here\n */\n verifySignature(material: string, key: crypto.KeyLike, signatureValue: string): boolean;\n\n verifySignature(\n material: string,\n key: crypto.KeyLike,\n signatureValue: string,\n callback?: ErrorFirstCallback<boolean>,\n ): void;\n\n getAlgorithmName(): SignatureAlgorithmType;\n}\n\n/** Implement this to create a new TransformAlgorithm */\nexport interface TransformAlgorithm {\n getAlgorithmName(): CanonicalizationOrTransformAlgorithmType;\n\n process(node: Node): string;\n}\n\n/**\n * ### Sign\n * #### Properties\n * - {@link SignedXml#privateKey} [required]\n * - {@link SignedXml#publicCert} [optional]\n * - {@link SignedXml#signatureAlgorithm} [optional]\n * - {@link SignedXml#canonicalizationAlgorithm} [optional]\n * #### Api\n * - {@link SignedXml#addReference}\n * - {@link SignedXml#computeSignature}\n * - {@link SignedXml#getSignedXml}\n * - {@link SignedXml#getSignatureXml}\n * - {@link SignedXml#getOriginalXmlWithIds}\n *\n * ### Verify\n * #### Properties\n * - {@link SignedXml#publicCert} [optional]\n * #### Api\n * - {@link SignedXml#loadSignature}\n * - {@link SignedXml#checkSignature}\n */\n\nfunction isErrorFirstCallback<T>(\n possibleCallback: unknown,\n): possibleCallback is ErrorFirstCallback<T> {\n return typeof possibleCallback === \"function\";\n}\n\n/**\n * This function will add a callback version of a sync function.\n *\n * This follows the factory pattern.\n * Just call this function, passing the function that you'd like to add a callback version of.\n */\nexport function createOptionalCallbackFunction<T, A extends unknown[]>(\n syncVersion: (...args: A) => T,\n): {\n (...args: A): T;\n (...args: [...A, ErrorFirstCallback<T>]): void;\n} {\n return ((...args: A | [...A, ErrorFirstCallback<T>]) => {\n const possibleCallback = args[args.length - 1];\n if (isErrorFirstCallback(possibleCallback)) {\n try {\n const result = syncVersion(...(args.slice(0, -1) as A));\n possibleCallback(null, result);\n } catch (err) {\n possibleCallback(err instanceof Error ? err : new Error(\"Unknown error\"));\n }\n } else {\n return syncVersion(...(args as A));\n }\n }) as {\n (...args: A): T;\n (...args: [...A, ErrorFirstCallback<T>]): void;\n };\n}\n"]}
1
+ {"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":";AAAA,mCAAmC;AACnC,6CAA6C;AAC7C,0DAA0D;AAC1D,oEAAoE;AACpE,qEAAqE;;AAmQrE,wEAsBC;AAxDD;;;;;;;;;;;;;;;;;;;;GAoBG;AAEH,SAAS,oBAAoB,CAC3B,gBAAyB;IAEzB,OAAO,OAAO,gBAAgB,KAAK,UAAU,CAAC;AAChD,CAAC;AAED;;;;;GAKG;AACH,SAAgB,8BAA8B,CAC5C,WAA8B;IAK9B,OAAO,CAAC,CAAC,GAAG,IAAuC,EAAE,EAAE;QACrD,MAAM,gBAAgB,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QAC/C,IAAI,oBAAoB,CAAC,gBAAgB,CAAC,EAAE,CAAC;YAC3C,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,WAAW,CAAC,GAAI,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAO,CAAC,CAAC;gBACxD,gBAAgB,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;YACjC,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,gBAAgB,CAAC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC;YAC5E,CAAC;QACH,CAAC;aAAM,CAAC;YACN,OAAO,WAAW,CAAC,GAAI,IAAU,CAAC,CAAC;QACrC,CAAC;IACH,CAAC,CAGA,CAAC;AACJ,CAAC","sourcesContent":["/* eslint-disable no-unused-vars */\n// Type definitions for @node-saml/xml-crypto\n// Project: https://github.com/node-saml/xml-crypto#readme\n// Original definitions by: Eric Heikes <https://github.com/eheikes>\n// Max Chehab <https://github.com/maxchehab>\n\n/// <reference types=\"node\" />\n\nimport * as crypto from \"crypto\";\n\nexport type ErrorFirstCallback<T> = (err: Error | null, result?: T) => void;\n\nexport type CanonicalizationAlgorithmType =\n | \"http://www.w3.org/TR/2001/REC-xml-c14n-20010315\"\n | \"http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments\"\n | \"http://www.w3.org/2001/10/xml-exc-c14n#\"\n | \"http://www.w3.org/2001/10/xml-exc-c14n#WithComments\"\n | string;\n\nexport type CanonicalizationOrTransformAlgorithmType =\n | CanonicalizationAlgorithmType\n | \"http://www.w3.org/2000/09/xmldsig#enveloped-signature\";\n\nexport type HashAlgorithmType =\n | \"http://www.w3.org/2000/09/xmldsig#sha1\"\n | \"http://www.w3.org/2001/04/xmlenc#sha256\"\n | \"http://www.w3.org/2001/04/xmlenc#sha384\"\n | \"http://www.w3.org/2001/04/xmlenc#sha512\"\n | \"http://www.w3.org/2001/04/xmlenc#sha3-512\"\n\n\n | string;\n\nexport type SignatureAlgorithmType =\n | \"http://www.w3.org/2000/09/xmldsig#rsa-sha1\"\n | \"http://www.w3.org/2001/04/xmldsig-more#rsa-sha256\"\n | \"http://www.w3.org/2007/05/xmldsig-more#sha256-rsa-MGF1\"\n | \"http://www.w3.org/2001/04/xmldsig-more#rsa-sha384\"\n | \"http://www.w3.org/2007/05/xmldsig-more#sha384-rsa-MGF1\"\n | \"http://www.w3.org/2001/04/xmldsig-more#rsa-sha512\"\n | \"http://www.w3.org/2007/05/xmldsig-more#sha512-rsa-MGF1\"\n | \"http://www.w3.org/2007/05/xmldsig-more#eddsa-ed25519\"\n | \"http://www.w3.org/2021/04/xmldsig-more#eddsa-ed448\"\n | \"http://www.w3.org/2000/09/xmldsig#hmac-sha1\"\n | string;\n\n/**\n * @param cert the certificate as a string or array of strings (@see https://www.w3.org/TR/2008/REC-xmldsig-core-20080610/#sec-X509Data)\n * @param prefix an optional namespace alias to be used for the generated XML\n */\nexport interface GetKeyInfoContentArgs {\n publicCert?: crypto.KeyLike;\n prefix?: string | null;\n}\n\n/**\n * Object attributes as defined in XMLDSig spec and are emitted verbatim\n * @see https://www.w3.org/TR/xmldsig-core/#sec-Object\n */\nexport interface ObjectAttributes {\n /** Optional ID attribute */\n Id?: string;\n /** Optional MIME type attribute */\n MimeType?: string;\n /** Optional encoding attribute */\n Encoding?: string;\n\n /** Any additional custom attributes */\n [key: string]: string | undefined;\n}\n\n/**\n * Options for the SignedXml constructor.\n */\nexport interface SignedXmlOptions {\n idMode?: \"wssecurity\";\n idAttribute?: string;\n privateKey?: crypto.KeyLike;\n publicCert?: crypto.KeyLike;\n signatureAlgorithm?: SignatureAlgorithmType;\n canonicalizationAlgorithm?: CanonicalizationAlgorithmType;\n inclusiveNamespacesPrefixList?: string | string[];\n implicitTransforms?: ReadonlyArray<CanonicalizationOrTransformAlgorithmType>;\n keyInfoAttributes?: Record<string, string>;\n\n getKeyInfoContent?(args?: GetKeyInfoContentArgs): string | null;\n\n getCertFromKeyInfo?(keyInfo?: Node | null): string | null;\n\n objects?: Array<{ content: string; attributes?: ObjectAttributes }>;\n}\n\nexport interface NamespacePrefix {\n prefix: string;\n namespaceURI: string;\n}\n\nexport interface RenderedNamespace {\n rendered: string;\n newDefaultNs: string;\n}\n\nexport interface CanonicalizationOrTransformationAlgorithmProcessOptions {\n defaultNs?: string;\n defaultNsForPrefix?: Record<string, string>;\n ancestorNamespaces?: NamespacePrefix[];\n signatureNode?: Node | null;\n inclusiveNamespacesPrefixList?: string[];\n}\n\nexport interface ComputeSignatureOptionsLocation {\n reference?: string;\n action?: \"append\" | \"prepend\" | \"before\" | \"after\";\n}\n\n/**\n * Options for the computeSignature method.\n *\n * - `prefix` {String} Adds a prefix for the generated signature tags\n * - `attrs` {Object} A hash of attributes and values `attrName: value` to add to the signature root node\n * - `location` {{ reference: String, action: String }}\n * - `existingPrefixes` {Object} A hash of prefixes and namespaces `prefix: namespace` already in the xml\n * An object with a `reference` key which should\n * contain a XPath expression, an `action` key which\n * should contain one of the following values:\n * `append`, `prepend`, `before`, `after`\n */\nexport interface ComputeSignatureOptions {\n prefix?: string;\n attrs?: Record<string, string>;\n location?: ComputeSignatureOptionsLocation;\n existingPrefixes?: Record<string, string>;\n}\n\n/**\n * Represents a reference node for XML digital signature.\n */\nexport interface Reference {\n // The XPath expression that selects the data to be signed.\n xpath?: string;\n\n // An array of transforms to be applied to the data before signing.\n transforms: ReadonlyArray<CanonicalizationOrTransformAlgorithmType>;\n\n // The algorithm used to calculate the digest value of the data.\n digestAlgorithm: HashAlgorithmType;\n\n // The URI that identifies the data to be signed.\n uri: string;\n\n // Optional. The digest value of the referenced data.\n digestValue?: unknown;\n\n // A list of namespace prefixes to be treated as \"inclusive\" during canonicalization.\n inclusiveNamespacesPrefixList: string[];\n\n // Optional. Indicates whether the URI is empty.\n isEmptyUri: boolean;\n\n // Optional. The `Id` attribute of the reference node.\n id?: string;\n\n // Optional. The `Type` attribute of the reference node.\n type?: string;\n\n // Optional. The type of the reference node.\n ancestorNamespaces?: NamespacePrefix[];\n\n validationError?: Error;\n\n getValidatedNode(xpathSelector?: string): Node | null;\n\n signedReference?: string;\n}\n\n/** Implement this to create a new CanonicalizationOrTransformationAlgorithm */\nexport interface CanonicalizationOrTransformationAlgorithm {\n process(\n node: Node,\n options: CanonicalizationOrTransformationAlgorithmProcessOptions,\n ): Node | string;\n\n getAlgorithmName(): CanonicalizationOrTransformAlgorithmType;\n}\n\n/** Implement this to create a new HashAlgorithm */\nexport interface HashAlgorithm {\n getAlgorithmName(): HashAlgorithmType;\n\n getHash(xml: string): string;\n}\n\n/** Extend this to create a new SignatureAlgorithm */\nexport interface SignatureAlgorithm {\n /**\n * Sign the given string using the given key\n */\n getSignature(signedInfo: crypto.BinaryLike, privateKey: crypto.KeyLike): string;\n\n getSignature(\n signedInfo: crypto.BinaryLike,\n privateKey: crypto.KeyLike,\n callback?: ErrorFirstCallback<string>,\n ): void;\n\n /**\n * Verify the given signature of the given string using key\n *\n * @param key a public cert, public key, or private key can be passed here\n */\n verifySignature(material: string, key: crypto.KeyLike, signatureValue: string): boolean;\n\n verifySignature(\n material: string,\n key: crypto.KeyLike,\n signatureValue: string,\n callback?: ErrorFirstCallback<boolean>,\n ): void;\n\n getAlgorithmName(): SignatureAlgorithmType;\n}\n\n/** Implement this to create a new TransformAlgorithm */\nexport interface TransformAlgorithm {\n getAlgorithmName(): CanonicalizationOrTransformAlgorithmType;\n\n process(node: Node): string;\n}\n\n/**\n * ### Sign\n * #### Properties\n * - {@link SignedXml#privateKey} [required]\n * - {@link SignedXml#publicCert} [optional]\n * - {@link SignedXml#signatureAlgorithm} [optional]\n * - {@link SignedXml#canonicalizationAlgorithm} [optional]\n * #### Api\n * - {@link SignedXml#addReference}\n * - {@link SignedXml#computeSignature}\n * - {@link SignedXml#getSignedXml}\n * - {@link SignedXml#getSignatureXml}\n * - {@link SignedXml#getOriginalXmlWithIds}\n *\n * ### Verify\n * #### Properties\n * - {@link SignedXml#publicCert} [optional]\n * #### Api\n * - {@link SignedXml#loadSignature}\n * - {@link SignedXml#checkSignature}\n */\n\nfunction isErrorFirstCallback<T>(\n possibleCallback: unknown,\n): possibleCallback is ErrorFirstCallback<T> {\n return typeof possibleCallback === \"function\";\n}\n\n/**\n * This function will add a callback version of a sync function.\n *\n * This follows the factory pattern.\n * Just call this function, passing the function that you'd like to add a callback version of.\n */\nexport function createOptionalCallbackFunction<T, A extends unknown[]>(\n syncVersion: (...args: A) => T,\n): {\n (...args: A): T;\n (...args: [...A, ErrorFirstCallback<T>]): void;\n} {\n return ((...args: A | [...A, ErrorFirstCallback<T>]) => {\n const possibleCallback = args[args.length - 1];\n if (isErrorFirstCallback(possibleCallback)) {\n try {\n const result = syncVersion(...(args.slice(0, -1) as A));\n possibleCallback(null, result);\n } catch (err) {\n possibleCallback(err instanceof Error ? err : new Error(\"Unknown error\"));\n }\n } else {\n return syncVersion(...(args as A));\n }\n }) as {\n (...args: A): T;\n (...args: [...A, ErrorFirstCallback<T>]): void;\n };\n}\n"]}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "xml-crypto-next",
3
- "version": "7.0.2",
3
+ "version": "7.0.3",
4
4
  "private": false,
5
5
  "description": "Xml digital signature and encryption library for Node.js",
6
6
  "keywords": [