@sphereon/ssi-sdk-ext.x509-utils - npm Package Compare versions

Comparing version 0.26.1-next.9 to 0.26.1-next.10

dist/x509/x509-validator.js

		@@ -121,10 +121,10 @@ "use strict";
		for (let i = 0; i < chainLength; i++) {
		const cert = chain[i];
		const prevCert = i > 0 ? chain[i - 1] : undefined;
		if (blindlyTrusted.some((trusted) => (0, x509_utils_1.areCertificatesEqual)(trusted.certificate, cert.certificate))) {
		const currentCert = chain[i];
		const previousCert = i > 0 ? chain[i - 1] : undefined;
		if (blindlyTrusted.some((trusted) => (0, x509_utils_1.areCertificatesEqual)(trusted.certificate, currentCert.certificate))) {
		console.log(`Certificate chain validation success as single cert if blindly trusted. WARNING: ONLY USE FOR TESTING PURPOSES.`);
		return Object.assign({ error: false, critical: false, message: `Certificate chain validation success as single cert if blindly trusted. WARNING: ONLY USE FOR TESTING PURPOSES.`, verificationTime, certificateChain: chain.map((cert) => cert.certificateInfo) }, (client && { client }));
		return Object.assign({ error: false, critical: false, message: `Certificate chain validation success as single cert if blindly trusted. WARNING: ONLY USE FOR TESTING PURPOSES.`, trustAnchor: foundTrustAnchor === null \|\| foundTrustAnchor === void 0 ? void 0 : foundTrustAnchor.certificateInfo, verificationTime, certificateChain: chain.map((cert) => cert.certificateInfo) }, (client && { client }));
		}
		if (i > 0) {
		if (cert.x509Certificate.issuer !== chain[i - 1].x509Certificate.subject) {
		if (currentCert.x509Certificate.issuer !== chain[i - 1].x509Certificate.subject) {
		if (!reversed && !disallowReversedChain) {
		@@ -142,5 +142,5 @@ return yield validateX509CertificateChainImpl({
		}
		const result = yield cert.x509Certificate.verify({
		const result = yield currentCert.x509Certificate.verify({
		date: verificationTime,
		publicKey: (_c = prevCert === null \|\| prevCert === void 0 ? void 0 : prevCert.x509Certificate) === null \|\| _c === void 0 ? void 0 : _c.publicKey,
		publicKey: (_c = previousCert === null \|\| previousCert === void 0 ? void 0 : previousCert.x509Certificate) === null \|\| _c === void 0 ? void 0 : _c.publicKey,
		}, (_f = (_e = (_d = (0, pkijs_1.getCrypto)()) === null \|\| _d === void 0 ? void 0 : _d.crypto) !== null && _e !== void 0 ? _e : crypto) !== null && _f !== void 0 ? _f : global.crypto);
		@@ -159,3 +159,3 @@ if (!result) {
		}
		foundTrustAnchor = foundTrustAnchor !== null && foundTrustAnchor !== void 0 ? foundTrustAnchor : trustedCerts === null \|\| trustedCerts === void 0 ? void 0 : trustedCerts.find((trusted) => isSameCertificate(trusted.x509Certificate, cert.x509Certificate));
		foundTrustAnchor = foundTrustAnchor !== null && foundTrustAnchor !== void 0 ? foundTrustAnchor : trustedCerts === null \|\| trustedCerts === void 0 ? void 0 : trustedCerts.find((trusted) => isSameCertificate(trusted.x509Certificate, currentCert.x509Certificate));
		if (i === 0 && chainLength === 1 && allowSingleNoCAChainElement) {
		@@ -162,0 +162,0 @@ return Object.assign({ error: false, critical: false, message: `Certificate chain succeeded as allow single cert result is allowed: ${leafCert.certificateInfo.subject.dn.DN}.`, trustAnchor: foundTrustAnchor === null \|\| foundTrustAnchor === void 0 ? void 0 : foundTrustAnchor.certificateInfo, verificationTime }, (client && { client }));

package.json

		{
		"name": "@sphereon/ssi-sdk-ext.x509-utils",
		"description": "Sphereon SSI-SDK plugin functions for X.509 Certificate handling.",
		"version": "0.26.1-next.9+a173106",
		"version": "0.26.1-next.10+ab181a0",
		"source": "src/index.ts",
		@@ -45,3 +45,3 @@ "main": "dist/index.js",
		],
		"gitHead": "a173106e58c2e78b94a35f02be00aee1fea14b74"
		"gitHead": "ab181a04061d3ee13e4e90f53c1ff414bf6784ae"
		}

src/x509/x509-validator.ts

		@@ -179,5 +179,5 @@ import { AsnParser } from '@peculiar/asn1-schema'
		for (let i = 0; i < chainLength; i++) {
		const cert = chain[i]
		const prevCert = i > 0 ? chain[i - 1] : undefined
		if (blindlyTrusted.some((trusted) => areCertificatesEqual(trusted.certificate, cert.certificate))) {
		const currentCert = chain[i]
		const previousCert = i > 0 ? chain[i - 1] : undefined
		if (blindlyTrusted.some((trusted) => areCertificatesEqual(trusted.certificate, currentCert.certificate))) {
		console.log(`Certificate chain validation success as single cert if blindly trusted. WARNING: ONLY USE FOR TESTING PURPOSES.`)
		@@ -188,2 +188,3 @@ return {
		message: `Certificate chain validation success as single cert if blindly trusted. WARNING: ONLY USE FOR TESTING PURPOSES.`,
		trustAnchor: foundTrustAnchor?.certificateInfo,
		verificationTime,
		@@ -195,3 +196,3 @@ certificateChain: chain.map((cert) => cert.certificateInfo),
		if (i > 0) {
		if (cert.x509Certificate.issuer !== chain[i - 1].x509Certificate.subject) {
		if (currentCert.x509Certificate.issuer !== chain[i - 1].x509Certificate.subject) {
		if (!reversed && !disallowReversedChain) {
		@@ -215,6 +216,6 @@ return await validateX509CertificateChainImpl({
		}
		const result = await cert.x509Certificate.verify(
		const result = await currentCert.x509Certificate.verify(
		{
		date: verificationTime,
		publicKey: prevCert?.x509Certificate?.publicKey,
		publicKey: previousCert?.x509Certificate?.publicKey,
		},
		@@ -242,3 +243,3 @@ getCrypto()?.crypto ?? crypto ?? global.crypto

		foundTrustAnchor = foundTrustAnchor ?? trustedCerts?.find((trusted) => isSameCertificate(trusted.x509Certificate, cert.x509Certificate))
		foundTrustAnchor = foundTrustAnchor ?? trustedCerts?.find((trusted) => isSameCertificate(trusted.x509Certificate, currentCert.x509Certificate))

		@@ -245,0 +246,0 @@ if (i === 0 && chainLength === 1 && allowSingleNoCAChainElement) {

dist/x509/x509-validator.d.ts.map

Sorry, the diff of this file is not supported yet

dist/x509/x509-validator.js.map

Sorry, the diff of this file is not supported yet

@sphereon/ssi-sdk-ext.x509-utils - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics