Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
node-opcua-crypto
Advanced tools
node-opcua-crypto - npm Package Compare versions
Comparing version 1.8.0 to 1.9.0
@@ -0,0 +0,0 @@ module.exports = { |
| export * from "./read"; | ||
| export * from "./read_certificate_revocation_list"; | ||
| export * from "./read_certificate_signing_request"; |
@@ -0,0 +0,0 @@ "use strict"; |
| import { CertificateRevocationList } from "../source/common"; | ||
| export declare function readCertificateRevocationList(filename: string): Promise<CertificateRevocationList>; |
@@ -18,3 +18,3 @@ "use strict"; | ||
| return __awaiter(this, void 0, void 0, function* () { | ||
| const crl = yield util_1.promisify(fs.readFile)(filename); | ||
| const crl = yield (0, util_1.promisify)(fs.readFile)(filename); | ||
| if (crl[0] === 0x30 && crl[1] === 0x82) { | ||
@@ -25,3 +25,3 @@ // der format | ||
| const raw_crl = crl.toString(); | ||
| return crypto_utils_1.convertPEMtoDER(raw_crl); | ||
| return (0, crypto_utils_1.convertPEMtoDER)(raw_crl); | ||
| }); | ||
@@ -28,0 +28,0 @@ } |
| /// <reference types="node" /> | ||
| export declare type CertificateSigningRequest = Buffer; | ||
| export declare function readCertificateSigningRequest(filename: string): Promise<CertificateSigningRequest>; |
@@ -18,3 +18,3 @@ "use strict"; | ||
| return __awaiter(this, void 0, void 0, function* () { | ||
| const csr = yield util_1.promisify(fs.readFile)(filename); | ||
| const csr = yield (0, util_1.promisify)(fs.readFile)(filename); | ||
| if (csr[0] === 0x30 && csr[1] === 0x82) { | ||
@@ -25,3 +25,3 @@ // der format | ||
| const raw_crl = csr.toString(); | ||
| return crypto_utils_1.convertPEMtoDER(raw_crl); | ||
| return (0, crypto_utils_1.convertPEMtoDER)(raw_crl); | ||
| }); | ||
@@ -28,0 +28,0 @@ } |
@@ -0,0 +0,0 @@ import { Certificate, CertificatePEM, PrivateKey, PrivateKeyPEM, PublicKey, PublicKeyPEM } from "../source/common"; |
@@ -15,3 +15,3 @@ "use strict"; | ||
| const raw_key = fs.readFileSync(filename, "utf8"); | ||
| const pemType = crypto_utils_1.identifyPemType(raw_key); | ||
| const pemType = (0, crypto_utils_1.identifyPemType)(raw_key); | ||
| assert(typeof pemType === "string"); // must have a valid pem type | ||
@@ -30,3 +30,3 @@ return raw_key; | ||
| const raw_key = _readPemFile(filename); | ||
| return crypto_utils_1.convertPEMtoDER(raw_key); | ||
| return (0, crypto_utils_1.convertPEMtoDER)(raw_key); | ||
| } | ||
@@ -33,0 +33,0 @@ /** |
@@ -26,3 +26,3 @@ /// <reference types="node" /> | ||
| export interface BlockInfo { | ||
| tag: TagType; | ||
| tag: TagType | number; | ||
| position: number; | ||
@@ -54,2 +54,3 @@ length: number; | ||
| export declare function _readAlgorithmIdentifier(buffer: Buffer, block: BlockInfo): AlgorithmIdentifier; | ||
| export declare function _readECCAlgorithmIdentifier(buffer: Buffer, block: BlockInfo): AlgorithmIdentifier; | ||
| export declare type SignatureValue = string; | ||
@@ -56,0 +57,0 @@ export declare function _readSignatureValueBin(buffer: Buffer, block: BlockInfo): Buffer; |
| "use strict"; | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
| exports._readTime = exports._findBlockAtIndex = exports._readDirectoryName = exports.compactDirectoryName = exports._readValue = exports._readVersionValue = exports._readBooleanValue = exports._readIntegerValue = exports._readLongIntegerValue = exports._readSignatureValue = exports._readSignatureValueBin = exports._readAlgorithmIdentifier = exports._readObjectIdentifier = exports._readListOfInteger = exports._readIntegerAsByteString = exports._getBlock = exports._readOctetString = exports.formatBuffer2DigitHexWithColum = exports._readBitString = exports.parseBitString = exports._readStruct = exports.readTag = exports.TagType = void 0; | ||
| exports._readTime = exports._findBlockAtIndex = exports._readDirectoryName = exports.compactDirectoryName = exports._readValue = exports._readVersionValue = exports._readBooleanValue = exports._readIntegerValue = exports._readLongIntegerValue = exports._readSignatureValue = exports._readSignatureValueBin = exports._readECCAlgorithmIdentifier = exports._readAlgorithmIdentifier = exports._readObjectIdentifier = exports._readListOfInteger = exports._readIntegerAsByteString = exports._getBlock = exports._readOctetString = exports.formatBuffer2DigitHexWithColum = exports._readBitString = exports.parseBitString = exports._readStruct = exports.readTag = exports.TagType = void 0; | ||
| const assert = require("assert"); | ||
@@ -179,2 +179,11 @@ const oid_map_1 = require("./oid_map"); | ||
| exports._readAlgorithmIdentifier = _readAlgorithmIdentifier; | ||
| ; | ||
| function _readECCAlgorithmIdentifier(buffer, block) { | ||
| const inner_blocks = _readStruct(buffer, block); | ||
| return { | ||
| identifier: _readObjectIdentifier(buffer, inner_blocks[1]).name, // difference with RSA as algorithm is second element of nested block | ||
| }; | ||
| } | ||
| exports._readECCAlgorithmIdentifier = _readECCAlgorithmIdentifier; | ||
| ; | ||
| function _readSignatureValueBin(buffer, block) { | ||
@@ -181,0 +190,0 @@ return _readBitString(buffer, block).data; |
@@ -6,2 +6,2 @@ /// <reference types="node" /> | ||
| */ | ||
| export declare const createFastUninitializedBuffer: typeof Buffer.allocUnsafe; | ||
| export declare const createFastUninitializedBuffer: (size: number) => Buffer; |
@@ -0,0 +0,0 @@ "use strict"; |
@@ -0,0 +0,0 @@ /// <reference types="node" /> |
| "use strict"; | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
| //# sourceMappingURL=common.js.map |
@@ -0,0 +0,0 @@ /** |
@@ -65,7 +65,7 @@ "use strict"; | ||
| function _readAttributeTypeAndValue(buffer, block) { | ||
| let inner_blocks = asn1_1._readStruct(buffer, block); | ||
| inner_blocks = asn1_1._readStruct(buffer, inner_blocks[0]); | ||
| let inner_blocks = (0, asn1_1._readStruct)(buffer, block); | ||
| inner_blocks = (0, asn1_1._readStruct)(buffer, inner_blocks[0]); | ||
| const data = { | ||
| identifier: asn1_1._readObjectIdentifier(buffer, inner_blocks[0]).name, | ||
| value: asn1_1._readValue(buffer, inner_blocks[1]), | ||
| identifier: (0, asn1_1._readObjectIdentifier)(buffer, inner_blocks[0]).name, | ||
| value: (0, asn1_1._readValue)(buffer, inner_blocks[1]), | ||
| }; | ||
@@ -79,3 +79,3 @@ const result = {}; | ||
| function _readRelativeDistinguishedName(buffer, block) { | ||
| const inner_blocks = asn1_1._readStruct(buffer, block); | ||
| const inner_blocks = (0, asn1_1._readStruct)(buffer, block); | ||
| const data = inner_blocks.map((block) => _readAttributeTypeAndValue(buffer, block)); | ||
@@ -92,6 +92,6 @@ const result = {}; | ||
| function _readValidity(buffer, block) { | ||
| const inner_blocks = asn1_1._readStruct(buffer, block); | ||
| const inner_blocks = (0, asn1_1._readStruct)(buffer, block); | ||
| return { | ||
| notBefore: asn1_1._readTime(buffer, inner_blocks[0]), | ||
| notAfter: asn1_1._readTime(buffer, inner_blocks[1]), | ||
| notBefore: (0, asn1_1._readTime)(buffer, inner_blocks[0]), | ||
| notAfter: (0, asn1_1._readTime)(buffer, inner_blocks[1]), | ||
| }; | ||
@@ -116,13 +116,13 @@ } | ||
| // KeyIdentifier ::= OCTET STRING | ||
| const block_info = asn1_1.readTag(buffer, 0); | ||
| const blocks = asn1_1._readStruct(buffer, block_info); | ||
| const keyIdentifier_block = asn1_1._findBlockAtIndex(blocks, 0); | ||
| const authorityCertIssuer_block = asn1_1._findBlockAtIndex(blocks, 1); | ||
| const authorityCertSerialNumber_block = asn1_1._findBlockAtIndex(blocks, 2); | ||
| const block_info = (0, asn1_1.readTag)(buffer, 0); | ||
| const blocks = (0, asn1_1._readStruct)(buffer, block_info); | ||
| const keyIdentifier_block = (0, asn1_1._findBlockAtIndex)(blocks, 0); | ||
| const authorityCertIssuer_block = (0, asn1_1._findBlockAtIndex)(blocks, 1); | ||
| const authorityCertSerialNumber_block = (0, asn1_1._findBlockAtIndex)(blocks, 2); | ||
| function _readAuthorityCertIssuer(block) { | ||
| const inner_blocks = asn1_1._readStruct(buffer, block); | ||
| const directoryName_block = asn1_1._findBlockAtIndex(inner_blocks, 4); | ||
| const inner_blocks = (0, asn1_1._readStruct)(buffer, block); | ||
| const directoryName_block = (0, asn1_1._findBlockAtIndex)(inner_blocks, 4); | ||
| if (directoryName_block) { | ||
| const a = asn1_1._readStruct(buffer, directoryName_block); | ||
| return asn1_1._readDirectoryName(buffer, a[0]); | ||
| const a = (0, asn1_1._readStruct)(buffer, directoryName_block); | ||
| return (0, asn1_1._readDirectoryName)(buffer, a[0]); | ||
| } | ||
@@ -134,12 +134,12 @@ else { | ||
| function _readAuthorityCertIssuerFingerPrint(block) { | ||
| const inner_blocks = asn1_1._readStruct(buffer, block); | ||
| const directoryName_block = asn1_1._findBlockAtIndex(inner_blocks, 4); | ||
| const inner_blocks = (0, asn1_1._readStruct)(buffer, block); | ||
| const directoryName_block = (0, asn1_1._findBlockAtIndex)(inner_blocks, 4); | ||
| if (!directoryName_block) { | ||
| return ""; | ||
| } | ||
| const a = asn1_1._readStruct(buffer, directoryName_block); | ||
| const a = (0, asn1_1._readStruct)(buffer, directoryName_block); | ||
| if (a.length < 1) { | ||
| return ""; | ||
| } | ||
| return directoryName_block ? asn1_1.formatBuffer2DigitHexWithColum(crypto_utils_1.makeSHA1Thumbprint(asn1_1._getBlock(buffer, a[0]))) : ""; | ||
| return directoryName_block ? (0, asn1_1.formatBuffer2DigitHexWithColum)((0, crypto_utils_1.makeSHA1Thumbprint)((0, asn1_1._getBlock)(buffer, a[0]))) : ""; | ||
| } | ||
@@ -154,5 +154,5 @@ const authorityCertIssuer = authorityCertIssuer_block ? _readAuthorityCertIssuer(authorityCertIssuer_block) : null; | ||
| serial: authorityCertSerialNumber_block | ||
| ? asn1_1.formatBuffer2DigitHexWithColum(asn1_1._getBlock(buffer, authorityCertSerialNumber_block)) | ||
| ? (0, asn1_1.formatBuffer2DigitHexWithColum)((0, asn1_1._getBlock)(buffer, authorityCertSerialNumber_block)) | ||
| : null, | ||
| keyIdentifier: keyIdentifier_block ? asn1_1.formatBuffer2DigitHexWithColum(asn1_1._getBlock(buffer, keyIdentifier_block)) : null, // can be null for self-signed certf | ||
| keyIdentifier: keyIdentifier_block ? (0, asn1_1.formatBuffer2DigitHexWithColum)((0, asn1_1._getBlock)(buffer, keyIdentifier_block)) : null, // can be null for self-signed certf | ||
| }; | ||
@@ -187,5 +187,5 @@ } | ||
| function readBasicConstraint2_5_29_19(buffer, block) { | ||
| const block_info = asn1_1.readTag(buffer, 0); | ||
| const inner_blocks = asn1_1._readStruct(buffer, block_info); | ||
| const cA = inner_blocks.length > 0 ? asn1_1._readBooleanValue(buffer, inner_blocks[0]) : false; | ||
| const block_info = (0, asn1_1.readTag)(buffer, 0); | ||
| const inner_blocks = (0, asn1_1._readStruct)(buffer, block_info); | ||
| const cA = inner_blocks.length > 0 ? (0, asn1_1._readBooleanValue)(buffer, inner_blocks[0]) : false; | ||
| // console.log("buffer[block_info.position] = ", buffer[block_info.position]); | ||
@@ -195,3 +195,3 @@ // const cA = buffer[block_info.position] ? true : false; | ||
| if (inner_blocks.length > 1) { | ||
| pathLengthConstraint = asn1_1._readIntegerValue(buffer, inner_blocks[1]); | ||
| pathLengthConstraint = (0, asn1_1._readIntegerValue)(buffer, inner_blocks[1]); | ||
| } | ||
@@ -222,3 +222,3 @@ return { critical: true, cA, pathLengthConstraint }; | ||
| }; | ||
| const blocks = asn1_1._readStruct(buffer, block); | ||
| const blocks = (0, asn1_1._readStruct)(buffer, block); | ||
| function _readFromType(buffer, block, type) { | ||
@@ -249,7 +249,7 @@ switch (type) { | ||
| function _readSubjectAltNames(buffer) { | ||
| const block_info = asn1_1.readTag(buffer, 0); | ||
| const block_info = (0, asn1_1.readTag)(buffer, 0); | ||
| return _readGeneralNames(buffer, block_info); | ||
| } | ||
| function readKeyUsage(oid, buffer) { | ||
| const block_info = asn1_1.readTag(buffer, 0); | ||
| const block_info = (0, asn1_1.readTag)(buffer, 0); | ||
| // get value as BIT STRING | ||
@@ -290,4 +290,4 @@ let b2 = 0x00; | ||
| // see https://tools.ietf.org/html/rfc5280#section-4.2.1.12 | ||
| const block_info = asn1_1.readTag(buffer, 0); | ||
| const inner_blocks = asn1_1._readStruct(buffer, block_info); | ||
| const block_info = (0, asn1_1.readTag)(buffer, 0); | ||
| const inner_blocks = (0, asn1_1._readStruct)(buffer, block_info); | ||
| const extKeyUsage = { | ||
@@ -305,3 +305,3 @@ serverAuth: false, | ||
| for (const block of inner_blocks) { | ||
| const identifier = asn1_1._readObjectIdentifier(buffer, block); | ||
| const identifier = (0, asn1_1._readObjectIdentifier)(buffer, block); | ||
| extKeyUsage[identifier.name] = true; | ||
@@ -347,4 +347,4 @@ } | ||
| function _readSubjectPublicKey(buffer) { | ||
| const block_info = asn1_1.readTag(buffer, 0); | ||
| const blocks = asn1_1._readStruct(buffer, block_info); | ||
| const block_info = (0, asn1_1.readTag)(buffer, 0); | ||
| const blocks = (0, asn1_1._readStruct)(buffer, block_info); | ||
| return { | ||
@@ -365,3 +365,3 @@ modulus: buffer.slice(blocks[0].position + 1, blocks[0].position + blocks[0].length), | ||
| function _readExtension(buffer, block) { | ||
| const inner_blocks = asn1_1._readStruct(buffer, block); | ||
| const inner_blocks = (0, asn1_1._readStruct)(buffer, block); | ||
| if (inner_blocks.length === 3) { | ||
@@ -371,4 +371,4 @@ assert(inner_blocks[1].tag === asn1_1.TagType.BOOLEAN); | ||
| } | ||
| const identifier = asn1_1._readObjectIdentifier(buffer, inner_blocks[0]); | ||
| const buf = asn1_1._getBlock(buffer, inner_blocks[1]); | ||
| const identifier = (0, asn1_1._readObjectIdentifier)(buffer, inner_blocks[0]); | ||
| const buf = (0, asn1_1._getBlock)(buffer, inner_blocks[1]); | ||
| let value = null; | ||
@@ -391,3 +391,3 @@ switch (identifier.name) { | ||
| */ | ||
| value = asn1_1.formatBuffer2DigitHexWithColum(asn1_1._readOctetString(buffer, inner_blocks[1])); | ||
| value = (0, asn1_1.formatBuffer2DigitHexWithColum)((0, asn1_1._readOctetString)(buffer, inner_blocks[1])); | ||
| break; | ||
@@ -425,4 +425,4 @@ case "subjectAltName": | ||
| assert(block.tag === 0xa3); | ||
| let inner_blocks = asn1_1._readStruct(buffer, block); | ||
| inner_blocks = asn1_1._readStruct(buffer, inner_blocks[0]); | ||
| let inner_blocks = (0, asn1_1._readStruct)(buffer, block); | ||
| inner_blocks = (0, asn1_1._readStruct)(buffer, inner_blocks[0]); | ||
| const extensions = inner_blocks.map((block) => _readExtension(buffer, block)); | ||
@@ -460,10 +460,10 @@ const result = {}; | ||
| function _readSubjectPublicKeyInfo(buffer, block) { | ||
| const inner_blocks = asn1_1._readStruct(buffer, block); | ||
| const inner_blocks = (0, asn1_1._readStruct)(buffer, block); | ||
| // algorithm identifier | ||
| const algorithm = asn1_1._readAlgorithmIdentifier(buffer, inner_blocks[0]); | ||
| const algorithm = (0, asn1_1._readAlgorithmIdentifier)(buffer, inner_blocks[0]); | ||
| //const parameters = _readBitString(buffer,inner_blocks[1]); | ||
| const subjectPublicKey = asn1_1._readBitString(buffer, inner_blocks[1]); | ||
| const subjectPublicKey = (0, asn1_1._readBitString)(buffer, inner_blocks[1]); | ||
| // read the 2 big integers of the key | ||
| const data = subjectPublicKey.data; | ||
| const values = asn1_1._readListOfInteger(data); | ||
| const values = (0, asn1_1._readListOfInteger)(data); | ||
| // xx const value = _readListOfInteger(data); | ||
@@ -478,14 +478,31 @@ return { | ||
| } | ||
| function _readSubjectECCPublicKeyInfo(buffer, block) { | ||
| const inner_blocks = (0, asn1_1._readStruct)(buffer, block); | ||
| // first parameter is the second element of the first block, which is why we have another algorithm | ||
| const algorithm = (0, asn1_1._readECCAlgorithmIdentifier)(buffer, inner_blocks[0]); | ||
| // the public key is already in bit format, we just need to read it | ||
| const subjectPublicKey = (0, asn1_1._readBitString)(buffer, inner_blocks[1]); | ||
| // take out the data which is the entirity of our public key | ||
| const data = subjectPublicKey.data; | ||
| return { | ||
| algorithm: algorithm.identifier, | ||
| keyLength: (data.length - 1), | ||
| subjectPublicKey: { | ||
| modulus: data | ||
| } | ||
| }; | ||
| } | ||
| function readTbsCertificate(buffer, block) { | ||
| const blocks = asn1_1._readStruct(buffer, block); | ||
| let version, serialNumber, signature, issuer, validity, subject, subjectFingerPrint, subjectPublicKeyInfo, extensions; | ||
| const blocks = (0, asn1_1._readStruct)(buffer, block); | ||
| let version, serialNumber, signature, issuer, validity, subject, subjectFingerPrint, extensions; | ||
| let subjectPublicKeyInfo; | ||
| if (blocks.length === 6) { | ||
| // X509 Version 1: | ||
| version = 1; | ||
| serialNumber = asn1_1.formatBuffer2DigitHexWithColum(asn1_1._readLongIntegerValue(buffer, blocks[0])); | ||
| signature = asn1_1._readAlgorithmIdentifier(buffer, blocks[1]); | ||
| serialNumber = (0, asn1_1.formatBuffer2DigitHexWithColum)((0, asn1_1._readLongIntegerValue)(buffer, blocks[0])); | ||
| signature = (0, asn1_1._readAlgorithmIdentifier)(buffer, blocks[1]); | ||
| issuer = _readName(buffer, blocks[2]); | ||
| validity = _readValidity(buffer, blocks[3]); | ||
| subject = _readName(buffer, blocks[4]); | ||
| subjectFingerPrint = asn1_1.formatBuffer2DigitHexWithColum(crypto_utils_1.makeSHA1Thumbprint(asn1_1._getBlock(buffer, blocks[4]))); | ||
| subjectFingerPrint = (0, asn1_1.formatBuffer2DigitHexWithColum)((0, crypto_utils_1.makeSHA1Thumbprint)((0, asn1_1._getBlock)(buffer, blocks[4]))); | ||
| subjectPublicKeyInfo = _readSubjectPublicKeyInfo(buffer, blocks[5]); | ||
@@ -496,15 +513,27 @@ extensions = null; | ||
| // X509 Version 3: | ||
| const version_block = asn1_1._findBlockAtIndex(blocks, 0); | ||
| const version_block = (0, asn1_1._findBlockAtIndex)(blocks, 0); | ||
| if (!version_block) { | ||
| throw new Error("cannot find version block"); | ||
| } | ||
| version = asn1_1._readVersionValue(buffer, version_block) + 1; | ||
| serialNumber = asn1_1.formatBuffer2DigitHexWithColum(asn1_1._readLongIntegerValue(buffer, blocks[1])); | ||
| signature = asn1_1._readAlgorithmIdentifier(buffer, blocks[2]); | ||
| version = (0, asn1_1._readVersionValue)(buffer, version_block) + 1; | ||
| serialNumber = (0, asn1_1.formatBuffer2DigitHexWithColum)((0, asn1_1._readLongIntegerValue)(buffer, blocks[1])); | ||
| signature = (0, asn1_1._readAlgorithmIdentifier)(buffer, blocks[2]); | ||
| issuer = _readName(buffer, blocks[3]); | ||
| validity = _readValidity(buffer, blocks[4]); | ||
| subject = _readName(buffer, blocks[5]); | ||
| subjectFingerPrint = asn1_1.formatBuffer2DigitHexWithColum(crypto_utils_1.makeSHA1Thumbprint(asn1_1._getBlock(buffer, blocks[5]))); | ||
| subjectPublicKeyInfo = _readSubjectPublicKeyInfo(buffer, blocks[6]); | ||
| const extensionBlock = asn1_1._findBlockAtIndex(blocks, 3); | ||
| subjectFingerPrint = (0, asn1_1.formatBuffer2DigitHexWithColum)((0, crypto_utils_1.makeSHA1Thumbprint)((0, asn1_1._getBlock)(buffer, blocks[5]))); | ||
| const inner_block = (0, asn1_1._readStruct)(buffer, blocks[6]); | ||
| const what_type = (0, asn1_1._readAlgorithmIdentifier)(buffer, inner_block[0]).identifier; | ||
| switch (what_type) { | ||
| case "rsaEncryption": { | ||
| subjectPublicKeyInfo = _readSubjectPublicKeyInfo(buffer, blocks[6]); | ||
| break; | ||
| } | ||
| case "ecPublicKey": | ||
| default: { | ||
| subjectPublicKeyInfo = _readSubjectECCPublicKeyInfo(buffer, blocks[6]); | ||
| break; | ||
| } | ||
| } | ||
| const extensionBlock = (0, asn1_1._findBlockAtIndex)(blocks, 3); | ||
| if (!extensionBlock) { | ||
@@ -540,8 +569,8 @@ // tslint:disable-next-line: no-console | ||
| if (!certificate._exploreCertificate_cache) { | ||
| const block_info = asn1_1.readTag(certificate, 0); | ||
| const blocks = asn1_1._readStruct(certificate, block_info); | ||
| const block_info = (0, asn1_1.readTag)(certificate, 0); | ||
| const blocks = (0, asn1_1._readStruct)(certificate, block_info); | ||
| certificate._exploreCertificate_cache = { | ||
| tbsCertificate: readTbsCertificate(certificate, blocks[0]), | ||
| signatureAlgorithm: asn1_1._readAlgorithmIdentifier(certificate, blocks[1]), | ||
| signatureValue: asn1_1._readSignatureValue(certificate, blocks[2]), | ||
| signatureAlgorithm: (0, asn1_1._readAlgorithmIdentifier)(certificate, blocks[1]), | ||
| signatureValue: (0, asn1_1._readSignatureValue)(certificate, blocks[2]), | ||
| }; | ||
@@ -561,3 +590,3 @@ } | ||
| do { | ||
| const block_info = asn1_1.readTag(certificateChain, 0); | ||
| const block_info = (0, asn1_1.readTag)(certificateChain, 0); | ||
| const length = block_info.position + block_info.length; | ||
@@ -583,3 +612,3 @@ const der_certificate = certificateChain.slice(0, length); | ||
| b.forEach((block) => { | ||
| const block_info = asn1_1.readTag(block, 0); | ||
| const block_info = (0, asn1_1.readTag)(block, 0); | ||
| //xx console.log("xxxx" ,cert.length,block_info); | ||
@@ -586,0 +615,0 @@ //xx console.log(cert.toString("base64")); |
@@ -0,0 +0,0 @@ /// <reference types="node" /> |
@@ -15,3 +15,3 @@ "use strict"; | ||
| const jsrsasign = require("jsrsasign"); | ||
| const PEM_REGEX = /^(-----BEGIN (.*)-----\r?\n([\/+=a-zA-Z0-9\r\n]*)\r?\n-----END \2-----\r?\n)/gm; | ||
| const PEM_REGEX = /^(-----BEGIN (.*)-----\r?\n([/+=a-zA-Z0-9\r\n]*)\r?\n-----END \2-----\r?\n)/gm; | ||
| const PEM_TYPE_REGEX = /^(-----BEGIN (.*)-----)/m; | ||
@@ -47,3 +47,3 @@ // Copyright 2012 The Obvious Corporation. | ||
| } | ||
| return crypto_explore_certificate_1.combine_der(parts); | ||
| return (0, crypto_explore_certificate_1.combine_der)(parts); | ||
| } | ||
@@ -86,6 +86,6 @@ exports.convertPEMtoDER = convertPEMtoDER; | ||
| if (buffer.length > 1024) { | ||
| return hexy_1.hexy(buffer.slice(0, 1024), { width, format: "twos" }) + "\n .... ( " + buffer.length + ")"; | ||
| return (0, hexy_1.hexy)(buffer.slice(0, 1024), { width, format: "twos" }) + "\n .... ( " + buffer.length + ")"; | ||
| } | ||
| else { | ||
| return hexy_1.hexy(buffer, { width, format: "twos" }); | ||
| return (0, hexy_1.hexy)(buffer, { width, format: "twos" }); | ||
| } | ||
@@ -104,3 +104,3 @@ } | ||
| function makeMessageChunkSignature(chunk, options) { | ||
| assert(options.hasOwnProperty("algorithm")); | ||
| assert(Object.prototype.hasOwnProperty.call(options, "algorithm")); | ||
| assert(chunk instanceof Buffer); | ||
@@ -113,3 +113,3 @@ assert(["RSA PRIVATE KEY", "PRIVATE KEY"].indexOf(identifyPemType(options.privateKey)) >= 0); | ||
| assert(!options.signatureLength || signature.length === options.signatureLength); | ||
| return signature; // Buffer | ||
| return signature; | ||
| } | ||
@@ -204,6 +204,6 @@ exports.makeMessageChunkSignature = makeMessageChunkSignature; | ||
| const nbBlocks = Math.ceil(buffer.length / chunk_size); | ||
| const outputBuffer = buffer_utils_1.createFastUninitializedBuffer(nbBlocks * blockSize); | ||
| const outputBuffer = (0, buffer_utils_1.createFastUninitializedBuffer)(nbBlocks * blockSize); | ||
| for (let i = 0; i < nbBlocks; i++) { | ||
| const currentBlock = buffer.slice(chunk_size * i, chunk_size * (i + 1)); | ||
| const encrypted_chunk = exports.publicEncrypt(currentBlock, publicKey, algorithm); | ||
| const encrypted_chunk = (0, exports.publicEncrypt)(currentBlock, publicKey, algorithm); | ||
| assert(encrypted_chunk.length === blockSize); | ||
@@ -219,7 +219,7 @@ encrypted_chunk.copy(outputBuffer, i * blockSize); | ||
| const nbBlocks = Math.ceil(buffer.length / blockSize); | ||
| const outputBuffer = buffer_utils_1.createFastUninitializedBuffer(nbBlocks * blockSize); | ||
| const outputBuffer = (0, buffer_utils_1.createFastUninitializedBuffer)(nbBlocks * blockSize); | ||
| let total_length = 0; | ||
| for (let i = 0; i < nbBlocks; i++) { | ||
| const currentBlock = buffer.slice(blockSize * i, Math.min(blockSize * (i + 1), buffer.length)); | ||
| const decrypted_buf = exports.privateDecrypt(currentBlock, privateKey, algorithm); | ||
| const decrypted_buf = (0, exports.privateDecrypt)(currentBlock, privateKey, algorithm); | ||
| decrypted_buf.copy(outputBuffer, total_length); | ||
@@ -226,0 +226,0 @@ total_length += decrypted_buf.length; |
@@ -0,0 +0,0 @@ /// <reference types="node" /> |
@@ -71,3 +71,3 @@ "use strict"; | ||
| let index = 1; | ||
| let p_hash = buffer_utils_1.createFastUninitializedBuffer(0); | ||
| let p_hash = (0, buffer_utils_1.createFastUninitializedBuffer)(0); | ||
| while (p_hash.length <= minLength) { | ||
@@ -93,2 +93,5 @@ /* eslint new-cap:0 */ | ||
| const buf = makePseudoRandomBuffer(secret, seed, minLength, options.sha1or256); | ||
| // +---------------+---------------------+-----------------------+ | ||
| // + signingKey + encryptingKey + initializationVector + | ||
| // +---------------+---------------------+-----------------------+ | ||
| return { | ||
@@ -149,3 +152,3 @@ signatureLength: options.signatureLength, | ||
| // of the certificate's public key | ||
| const cert = explore_certificate_1.exploreCertificateInfo(options.publicKey); | ||
| const cert = (0, explore_certificate_1.exploreCertificateInfo)(options.publicKey); | ||
| signatureLength = cert.publicKeyLength || 0; // 1024 bits = 128Bytes or 2048=256Bytes | ||
@@ -155,3 +158,3 @@ } | ||
| const signature = chunk.slice(chunk.length - signatureLength); | ||
| return crypto_utils_1.verifyMessageChunkSignature(block_to_verify, signature, options); | ||
| return (0, crypto_utils_1.verifyMessageChunkSignature)(block_to_verify, signature, options); | ||
| } | ||
@@ -184,5 +187,5 @@ exports.verifyChunkSignature = verifyChunkSignature; | ||
| function computePaddingFooter(buffer, derivedKeys) { | ||
| assert(derivedKeys.hasOwnProperty("encryptingBlockSize")); | ||
| assert(Object.prototype.hasOwnProperty.call(derivedKeys, "encryptingBlockSize")); | ||
| const paddingSize = derivedKeys.encryptingBlockSize - ((buffer.length + 1) % derivedKeys.encryptingBlockSize); | ||
| const padding = buffer_utils_1.createFastUninitializedBuffer(paddingSize + 1); | ||
| const padding = (0, buffer_utils_1.createFastUninitializedBuffer)(paddingSize + 1); | ||
| padding.fill(paddingSize); | ||
@@ -193,3 +196,3 @@ return padding; | ||
| function derivedKeys_algorithm(derivedKeys) { | ||
| assert(derivedKeys.hasOwnProperty("algorithm")); | ||
| assert(Object.prototype.hasOwnProperty.call(derivedKeys, "algorithm")); | ||
| const algorithm = derivedKeys.algorithm || "aes-128-cbc"; | ||
@@ -196,0 +199,0 @@ assert(algorithm === "aes-128-cbc" || algorithm === "aes-256-cbc"); |
@@ -0,0 +0,0 @@ /// <reference types="node" /> |
@@ -7,21 +7,21 @@ "use strict"; | ||
| function readNameForCrl(buffer, block) { | ||
| return asn1_1._readDirectoryName(buffer, block); | ||
| return (0, asn1_1._readDirectoryName)(buffer, block); | ||
| } | ||
| exports.readNameForCrl = readNameForCrl; | ||
| function _readTbsCertList(buffer, blockInfo) { | ||
| const blocks = asn1_1._readStruct(buffer, blockInfo); | ||
| const version = asn1_1._readIntegerValue(buffer, blocks[0]); | ||
| const signature = asn1_1._readAlgorithmIdentifier(buffer, blocks[1]); | ||
| const blocks = (0, asn1_1._readStruct)(buffer, blockInfo); | ||
| const version = (0, asn1_1._readIntegerValue)(buffer, blocks[0]); | ||
| const signature = (0, asn1_1._readAlgorithmIdentifier)(buffer, blocks[1]); | ||
| const issuer = readNameForCrl(buffer, blocks[2]); | ||
| const issuerFingerprint = asn1_1.formatBuffer2DigitHexWithColum(crypto_utils_1.makeSHA1Thumbprint(asn1_1._getBlock(buffer, blocks[2]))); | ||
| const thisUpdate = asn1_1._readTime(buffer, blocks[3]); | ||
| const nextUpdate = asn1_1._readTime(buffer, blocks[4]); | ||
| const issuerFingerprint = (0, asn1_1.formatBuffer2DigitHexWithColum)((0, crypto_utils_1.makeSHA1Thumbprint)((0, asn1_1._getBlock)(buffer, blocks[2]))); | ||
| const thisUpdate = (0, asn1_1._readTime)(buffer, blocks[3]); | ||
| const nextUpdate = (0, asn1_1._readTime)(buffer, blocks[4]); | ||
| const revokedCertificates = []; | ||
| if (blocks[5] && blocks[5].tag < 0x80) { | ||
| const list = asn1_1._readStruct(buffer, blocks[5]); | ||
| const list = (0, asn1_1._readStruct)(buffer, blocks[5]); | ||
| for (const r of list) { | ||
| // sometime blocks[5] doesn't exits .. in this case | ||
| const rr = asn1_1._readStruct(buffer, r); | ||
| const userCertificate = asn1_1.formatBuffer2DigitHexWithColum(asn1_1._readLongIntegerValue(buffer, rr[0])); | ||
| const revocationDate = asn1_1._readTime(buffer, rr[1]); | ||
| const rr = (0, asn1_1._readStruct)(buffer, r); | ||
| const userCertificate = (0, asn1_1.formatBuffer2DigitHexWithColum)((0, asn1_1._readLongIntegerValue)(buffer, rr[0])); | ||
| const revocationDate = (0, asn1_1._readTime)(buffer, rr[1]); | ||
| revokedCertificates.push({ | ||
@@ -33,3 +33,3 @@ revocationDate, | ||
| } | ||
| const ext0 = asn1_1._findBlockAtIndex(blocks, 0); | ||
| const ext0 = (0, asn1_1._findBlockAtIndex)(blocks, 0); | ||
| return { issuer, issuerFingerprint, thisUpdate, nextUpdate, signature, revokedCertificates }; | ||
@@ -39,7 +39,7 @@ } | ||
| function exploreCertificateRevocationList(crl) { | ||
| const blockInfo = asn1_1.readTag(crl, 0); | ||
| const blocks = asn1_1._readStruct(crl, blockInfo); | ||
| const blockInfo = (0, asn1_1.readTag)(crl, 0); | ||
| const blocks = (0, asn1_1._readStruct)(crl, blockInfo); | ||
| const tbsCertList = _readTbsCertList(crl, blocks[0]); | ||
| const signatureAlgorithm = asn1_1._readAlgorithmIdentifier(crl, blocks[1]); | ||
| const signatureValue = asn1_1._readSignatureValueBin(crl, blocks[2]); | ||
| const signatureAlgorithm = (0, asn1_1._readAlgorithmIdentifier)(crl, blocks[1]); | ||
| const signatureValue = (0, asn1_1._readSignatureValueBin)(crl, blocks[2]); | ||
| return { tbsCertList, signatureAlgorithm, signatureValue }; | ||
@@ -46,0 +46,0 @@ } |
@@ -0,0 +0,0 @@ /// <reference types="node" /> |
@@ -7,5 +7,5 @@ "use strict"; | ||
| function _readExtensionRequest(buffer) { | ||
| const block = asn1_1.readTag(buffer, 0); | ||
| const inner_blocks = asn1_1._readStruct(buffer, block); | ||
| const extensions = inner_blocks.map((block1) => crypto_explore_certificate_1._readExtension(buffer, block1)); | ||
| const block = (0, asn1_1.readTag)(buffer, 0); | ||
| const inner_blocks = (0, asn1_1._readStruct)(buffer, block); | ||
| const extensions = inner_blocks.map((block1) => (0, crypto_explore_certificate_1._readExtension)(buffer, block1)); | ||
| const result = {}; | ||
@@ -19,15 +19,15 @@ for (const e of extensions) { | ||
| function readCertificationRequestInfo(buffer, block) { | ||
| const blocks = asn1_1._readStruct(buffer, block); | ||
| const blocks = (0, asn1_1._readStruct)(buffer, block); | ||
| if (blocks.length === 4) { | ||
| const extensionRequestBlock = asn1_1._findBlockAtIndex(blocks, 0); | ||
| const extensionRequestBlock = (0, asn1_1._findBlockAtIndex)(blocks, 0); | ||
| if (!extensionRequestBlock) { | ||
| throw new Error("cannot find extensionRequest block"); | ||
| } | ||
| const blocks1 = asn1_1._readStruct(buffer, extensionRequestBlock); | ||
| const blocks2 = asn1_1._readStruct(buffer, blocks1[0]); | ||
| const identifier = asn1_1._readObjectIdentifier(buffer, blocks2[0]); | ||
| const blocks1 = (0, asn1_1._readStruct)(buffer, extensionRequestBlock); | ||
| const blocks2 = (0, asn1_1._readStruct)(buffer, blocks1[0]); | ||
| const identifier = (0, asn1_1._readObjectIdentifier)(buffer, blocks2[0]); | ||
| if (identifier.name !== "extensionRequest") { | ||
| throw new Error(" Cannot find extension Request in ASN1 block"); | ||
| } | ||
| const buf = asn1_1._getBlock(buffer, blocks2[1]); | ||
| const buf = (0, asn1_1._getBlock)(buffer, blocks2[1]); | ||
| const extensionRequest = _readExtensionRequest(buf); | ||
@@ -41,4 +41,4 @@ return { extensionRequest }; | ||
| function exploreCertificateSigningRequest(crl) { | ||
| const blockInfo = asn1_1.readTag(crl, 0); | ||
| const blocks = asn1_1._readStruct(crl, blockInfo); | ||
| const blockInfo = (0, asn1_1.readTag)(crl, 0); | ||
| const blocks = (0, asn1_1._readStruct)(crl, blockInfo); | ||
| const csrInfo = readCertificationRequestInfo(crl, blocks[0]); | ||
@@ -45,0 +45,0 @@ return csrInfo; |
@@ -7,3 +7,3 @@ /** | ||
| import { DirectoryName } from "./asn1"; | ||
| export declare type PublicKeyLength = 128 | 256 | 384 | 512; | ||
| export declare type PublicKeyLength = 64 | 96 | 128 | 256 | 384 | 512; | ||
| /** | ||
@@ -10,0 +10,0 @@ * A structure exposing useful information about a certificate |
@@ -12,3 +12,3 @@ "use strict"; | ||
| if (typeof certificate === "string") { | ||
| certificate = crypto_utils_1.convertPEMtoDER(certificate); | ||
| certificate = (0, crypto_utils_1.convertPEMtoDER)(certificate); | ||
| } | ||
@@ -27,3 +27,3 @@ assert(certificate instanceof Buffer); | ||
| certificate = coerceCertificate(certificate); | ||
| const certInfo = crypto_explore_certificate_1.exploreCertificate(certificate); | ||
| const certInfo = (0, crypto_explore_certificate_1.exploreCertificate)(certificate); | ||
| const data = { | ||
@@ -30,0 +30,0 @@ publicKeyLength: certInfo.tbsCertificate.subjectPublicKeyInfo.keyLength, |
@@ -0,0 +0,0 @@ /// <reference types="node" /> |
@@ -27,4 +27,4 @@ "use strict"; | ||
| assert(privateKey instanceof Buffer); | ||
| const block_info = asn1_1.readTag(privateKey, 0); | ||
| const blocks = asn1_1._readStruct(privateKey, block_info); | ||
| const block_info = (0, asn1_1.readTag)(privateKey, 0); | ||
| const blocks = (0, asn1_1._readStruct)(privateKey, block_info); | ||
| if (blocks.length === 9) { | ||
@@ -66,4 +66,4 @@ // alice_rsa | ||
| const bb = privateKey.slice(b.position, b.position + b.length); | ||
| const block_info1 = asn1_1.readTag(bb, 0); | ||
| const blocks1 = asn1_1._readStruct(bb, block_info1); | ||
| const block_info1 = (0, asn1_1.readTag)(bb, 0); | ||
| const blocks1 = (0, asn1_1._readStruct)(bb, block_info1); | ||
| /* istanbul ignore next */ | ||
@@ -70,0 +70,0 @@ if (doDebug) { |
@@ -0,0 +0,0 @@ /** |
@@ -0,0 +0,0 @@ "use strict"; |
@@ -0,0 +0,0 @@ export declare const oid_map: { |
@@ -9,2 +9,25 @@ "use strict"; | ||
| "0.9.2342.19200300.100.1.25": { d: "domainComponent", c: "Men are from Mars, this OID is from Pluto" }, | ||
| "1.2.840.10045.2": { d: "publicKeyType", c: "ANSI X9.62" }, | ||
| "1.2.840.10045.2.1": { d: "ecPublicKey", c: "ANSI X9.62 public key type" }, | ||
| "1.2.840.10045.3.0.1": { d: "c2pnb163v1", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.0.2": { d: "c2pnb163v2", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.0.3": { d: "c2pnb163v3", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.0.5": { d: "c2tnb191v1", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.0.6": { d: "c2tnb191v2", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.0.7": { d: "c2tnb191v3", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.0.10": { d: "c2pnb208w1", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.0.11": { d: "c2tnb239v1", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.0.12": { d: "c2tnb239v2", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.0.13": { d: "c2tnb239v3", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.0.16": { d: "c2pnb272w1", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.0.18": { d: "c2tnb359v1", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.0.19": { d: "c2pnb368w1", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.0.20": { d: "c2tnb431r1", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.1.1": { d: "prime192v1", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.1.2": { d: "prime192v2", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.1.3": { d: "prime192v3", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.1.4": { d: "prime239v1", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.1.5": { d: "prime239v2", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.1.6": { d: "prime239v3", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.1.7": { d: "prime256v1", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.113549.1.1": { d: "pkcs-1", c: "", w: false }, | ||
@@ -42,2 +65,7 @@ "1.2.840.113549.1.1.1": { d: "rsaEncryption", c: "PKCS #1", w: false }, | ||
| "1.2.840.113549.1.9.14": { d: "extensionRequest", c: "PKCS #9 via CRMF", w: false }, | ||
| "1.3.6.1.4.1.311.2.1.21": { d: "1.3.6.1.4.1.311.2.1.21", c: "SPC_INDIVIDUAL_SP_KEY_PURPOSE_OBJID" }, | ||
| "1.3.6.1.4.1.311.2.1.22": { d: "1.3.6.1.4.1.311.2.1.22", c: "SPC_COMMERCIAL_SP_KEY_PURPOSE_OBJID" }, | ||
| "1.3.6.1.4.1.311.10.3.1": { d: "1.3.6.1.4.1.311.10.3.1", c: "Signer of CTLs -- szOID_KP_CTL_USAGE_SIGNING" }, | ||
| "1.3.6.1.4.1.311.10.3.4": { d: "1.3.6.1.4.1.311.10.3.4", c: "szOID_EFS_RECOVERY (Encryption File System)" }, | ||
| "1.3.6.1.5.5.7.3.17": { d: "1.3.6.1.5.5.7.3.17", c: "Internet Key Exchange (IKE)" }, | ||
| "1.3.6.1.5.5.7.3.1": { d: "serverAuth", c: "PKIX key purpose" }, | ||
@@ -56,2 +84,16 @@ "1.3.6.1.5.5.7.3.2": { d: "clientAuth", c: "PKIX key purpose" }, | ||
| "1.3.6.1.5.5.7.3.14": { d: "eapOverLAN", c: "PKIX key purpose" }, | ||
| "1.3.36.3.3.2.8.1.1.1": { d: "brainpoolP160r1", c: "ECC Brainpool Standard Curves and Curve Generation" }, | ||
| "1.3.36.3.3.2.8.1.1.2": { d: "brainpoolP160t1", c: "ECC Brainpool Standard Curves and Curve Generation" }, | ||
| "1.3.36.3.3.2.8.1.1.3": { d: "brainpoolP192r1", c: "ECC Brainpool Standard Curves and Curve Generation" }, | ||
| "1.3.36.3.3.2.8.1.1.4": { d: "brainpoolP192t1", c: "ECC Brainpool Standard Curves and Curve Generation" }, | ||
| "1.3.36.3.3.2.8.1.1.5": { d: "brainpoolP224r1", c: "ECC Brainpool Standard Curves and Curve Generation" }, | ||
| "1.3.36.3.3.2.8.1.1.6": { d: "brainpoolP224t1", c: "ECC Brainpool Standard Curves and Curve Generation" }, | ||
| "1.3.36.3.3.2.8.1.1.7": { d: "brainpoolP256r1", c: "ECC Brainpool Standard Curves and Curve Generation" }, | ||
| "1.3.36.3.3.2.8.1.1.8": { d: "brainpoolP256t1", c: "ECC Brainpool Standard Curves and Curve Generation" }, | ||
| "1.3.36.3.3.2.8.1.1.9": { d: "brainpoolP320r1", c: "ECC Brainpool Standard Curves and Curve Generation" }, | ||
| "1.3.36.3.3.2.8.1.1.10": { d: "brainpoolP320t1", c: "ECC Brainpool Standard Curves and Curve Generation" }, | ||
| "1.3.36.3.3.2.8.1.1.11": { d: "brainpoolP384r1", c: "ECC Brainpool Standard Curves and Curve Generation" }, | ||
| "1.3.36.3.3.2.8.1.1.12": { d: "brainpoolP384t1", c: "ECC Brainpool Standard Curves and Curve Generation" }, | ||
| "1.3.36.3.3.2.8.1.1.13": { d: "brainpoolP512r1", c: "ECC Brainpool Standard Curves and Curve Generation" }, | ||
| "1.3.36.3.3.2.8.1.1.14": { d: "brainpoolP512t1", c: "ECC Brainpool Standard Curves and Curve Generation" }, | ||
| "2.5.4.0": { d: "objectClass", c: "X.520 DN component", w: false }, | ||
@@ -58,0 +100,0 @@ "2.5.4.1": { d: "aliasedEntryName", c: "X.520 DN component", w: false }, |
| import { Certificate } from "./common"; | ||
| import { PrivateKey } from "./common"; | ||
| export declare function publicKeyAndPrivateKeyMatches(certificate: Certificate, privateKey: PrivateKey): boolean; |
@@ -7,4 +7,4 @@ "use strict"; | ||
| function publicKeyAndPrivateKeyMatches(certificate, privateKey) { | ||
| const i = _1.exploreCertificate(certificate); | ||
| const j = explore_private_key_1.explorePrivateKey(privateKey); | ||
| const i = (0, _1.exploreCertificate)(certificate); | ||
| const j = (0, explore_private_key_1.explorePrivateKey)(privateKey); | ||
| const modulus1 = i.tbsCertificate.subjectPublicKeyInfo.subjectPublicKey.modulus; | ||
@@ -11,0 +11,0 @@ const modulus2 = j.modulus; |
@@ -0,0 +0,0 @@ /// <reference types="node" /> |
@@ -24,11 +24,11 @@ "use strict"; | ||
| function verifyCertificateOrClrSignature(certificateOrCrl, parentCertificate) { | ||
| const block_info = asn1_1.readTag(certificateOrCrl, 0); | ||
| const blocks = asn1_1._readStruct(certificateOrCrl, block_info); | ||
| const block_info = (0, asn1_1.readTag)(certificateOrCrl, 0); | ||
| const blocks = (0, asn1_1._readStruct)(certificateOrCrl, block_info); | ||
| const bufferToBeSigned = certificateOrCrl.slice(block_info.position, blocks[1].position - 2); | ||
| //xx console.log("bufferToBeSigned = ", bufferToBeSigned.length, bufferToBeSigned.toString("hex").substr(0, 50), bufferToBeSigned.toString("hex").substr(-10)); | ||
| const signatureAlgorithm = asn1_1._readAlgorithmIdentifier(certificateOrCrl, blocks[1]); | ||
| const signatureValue = asn1_1._readSignatureValueBin(certificateOrCrl, blocks[2]); | ||
| const p = crypto_explore_certificate_1.split_der(parentCertificate)[0]; | ||
| const signatureAlgorithm = (0, asn1_1._readAlgorithmIdentifier)(certificateOrCrl, blocks[1]); | ||
| const signatureValue = (0, asn1_1._readSignatureValueBin)(certificateOrCrl, blocks[2]); | ||
| const p = (0, crypto_explore_certificate_1.split_der)(parentCertificate)[0]; | ||
| //xx const publicKey = extractPublicKeyFromCertificateSync(p); | ||
| const certPem = crypto_utils_1.toPem(p, "CERTIFICATE"); | ||
| const certPem = (0, crypto_utils_1.toPem)(p, "CERTIFICATE"); | ||
| const verify = crypto.createVerify(signatureAlgorithm.identifier); | ||
@@ -56,3 +56,3 @@ verify.update(bufferToBeSigned); | ||
| // parent child must have keyCertSign | ||
| const certParentInfo = crypto_explore_certificate_1.exploreCertificate(certParent); | ||
| const certParentInfo = (0, crypto_explore_certificate_1.exploreCertificate)(certParent); | ||
| const keyUsage = certParentInfo.tbsCertificate.extensions.keyUsage; | ||
@@ -73,3 +73,3 @@ // istanbul ignore next | ||
| } | ||
| const certInfo = crypto_explore_certificate_1.exploreCertificate(cert); | ||
| const certInfo = (0, crypto_explore_certificate_1.exploreCertificate)(cert); | ||
| // istanbul ignore next | ||
@@ -76,0 +76,0 @@ if (!certInfo.tbsCertificate.extensions) { |
| module.exports = { | ||
| ...require("./dist/source"), | ||
| }; |
| export * from "./dist/source"; | ||
| export * from "./dist/source_nodejs"; |
@@ -0,0 +0,0 @@ module.exports = { |
| { | ||
| "name": "node-opcua-crypto", | ||
| "version": "1.8.0", | ||
| "version": "1.9.0", | ||
| "description": "Crypto tools for Node-OPCUA", | ||
@@ -18,3 +18,3 @@ "main": "./index.js", | ||
| "prettier-format": "prettier --config .prettierrc.js lib/**/*.ts test/**/*.ts --write", | ||
| "ncu": "npx npm-check-updates -u" | ||
| "ncu": "npx npm-check-updates -u -x env-paths,chalk" | ||
| }, | ||
@@ -32,27 +32,24 @@ "keywords": [ | ||
| "devDependencies": { | ||
| "@types/mocha": "^8.2.2", | ||
| "@types/node": "^15.6.1", | ||
| "@types/should": "^13.0.0", | ||
| "@typescript-eslint/eslint-plugin": "^4.25.0", | ||
| "@typescript-eslint/parser": "^4.25.0", | ||
| "eslint": "^7.27.0", | ||
| "eslint-config-prettier": "^8.3.0", | ||
| "eslint-plugin-prettier": "^3.4.0", | ||
| "lorem-ipsum": "^2.0.3", | ||
| "mocha": "^8.4.0", | ||
| "prettier": "^2.3.0", | ||
| "@types/mocha": "^9.1.0", | ||
| "@types/node": "^17.0.21", | ||
| "@typescript-eslint/eslint-plugin": "^5.12.1", | ||
| "@typescript-eslint/parser": "^5.12.1", | ||
| "eslint": "^8.10.0", | ||
| "eslint-config-prettier": "^8.4.0", | ||
| "eslint-plugin-prettier": "^4.0.0", | ||
| "lorem-ipsum": "^2.0.4", | ||
| "mocha": "^9.2.1", | ||
| "prettier": "^2.5.1", | ||
| "should": "^13.2.3", | ||
| "source-map": "^0.7.3", | ||
| "source-map-support": "^0.5.19", | ||
| "ts-node": "^10.0.0", | ||
| "tslint": "^6.1.3", | ||
| "tslint-config-prettier": "^1.18.0", | ||
| "typescript": "^4.3.2" | ||
| "source-map-support": "^0.5.21", | ||
| "ts-node": "^10.5.0", | ||
| "typescript": "^4.5.5" | ||
| }, | ||
| "dependencies": { | ||
| "better-assert": "^1.0.2", | ||
| "chalk": "^4.1.1", | ||
| "hexy": "^0.3.1", | ||
| "jsrsasign": "^10.2.0", | ||
| "sshpk": "^1.16.1" | ||
| "chalk": "^4.1.2", | ||
| "hexy": "0.3.4", | ||
| "jsrsasign": "^10.5.8", | ||
| "sshpk": "^1.17.0" | ||
| }, | ||
@@ -59,0 +56,0 @@ "repository": { |
@@ -0,0 +0,0 @@ # node-opcua-crypto |
| export * from "./read"; | ||
| export * from "./read_certificate_revocation_list"; | ||
| export * from "./read_certificate_signing_request"; |
@@ -0,0 +0,0 @@ import * as fs from "fs"; |
@@ -0,0 +0,0 @@ import * as fs from "fs"; |
@@ -0,0 +0,0 @@ import * as assert from "assert"; |
@@ -26,9 +26,9 @@ import * as assert from "assert"; | ||
| SEQUENCE = 0x30, | ||
| SET= 0x31, | ||
| SET = 0x31, | ||
| A3= 0xA3 | ||
| A3 = 0xA3 | ||
| } | ||
| export interface BlockInfo { | ||
| tag: TagType; | ||
| tag: TagType | number; | ||
| position: number; | ||
@@ -107,3 +107,2 @@ length: number; | ||
| const data = _getBlock(buffer, block); | ||
| // number of skipped bits | ||
@@ -210,5 +209,12 @@ const ignore_bits = data.readUInt8(0); | ||
| identifier: _readObjectIdentifier(buffer, inner_blocks[0]).name, | ||
| }; | ||
| } | ||
| } | ||
| }; | ||
| export function _readECCAlgorithmIdentifier(buffer: Buffer, block: BlockInfo): AlgorithmIdentifier { | ||
| const inner_blocks = _readStruct(buffer, block); | ||
| return { | ||
| identifier: _readObjectIdentifier(buffer, inner_blocks[1]).name, // difference with RSA as algorithm is second element of nested block | ||
| } | ||
| }; | ||
| export type SignatureValue = string; | ||
@@ -215,0 +221,0 @@ |
@@ -0,0 +0,0 @@ // |
@@ -0,0 +0,0 @@ export type Nonce = Buffer; |
@@ -70,2 +70,3 @@ /** | ||
| _readAlgorithmIdentifier, | ||
| _readECCAlgorithmIdentifier, | ||
| _readBooleanValue, | ||
@@ -568,2 +569,22 @@ _readIntegerValue, | ||
| function _readSubjectECCPublicKeyInfo(buffer: Buffer, block: BlockInfo): SubjectPublicKeyInfo { | ||
| const inner_blocks = _readStruct(buffer, block); | ||
| // first parameter is the second element of the first block, which is why we have another algorithm | ||
| const algorithm = _readECCAlgorithmIdentifier(buffer, inner_blocks[0]); | ||
| // the public key is already in bit format, we just need to read it | ||
| const subjectPublicKey = _readBitString(buffer, inner_blocks[1]); | ||
| // take out the data which is the entirity of our public key | ||
| const data = subjectPublicKey.data; | ||
| return { | ||
| algorithm: algorithm.identifier, | ||
| keyLength: (data.length - 1) as PublicKeyLength, | ||
| subjectPublicKey: { | ||
| modulus: data | ||
| } | ||
| }; | ||
| } | ||
| export interface SubjectPublicKeyInfo { | ||
@@ -612,3 +633,4 @@ algorithm: string; | ||
| let version, serialNumber, signature, issuer, validity, subject, subjectFingerPrint, subjectPublicKeyInfo, extensions; | ||
| let version, serialNumber, signature, issuer, validity, subject, subjectFingerPrint, extensions; | ||
| let subjectPublicKeyInfo: SubjectPublicKeyInfo; | ||
@@ -630,3 +652,2 @@ if (blocks.length === 6) { | ||
| // X509 Version 3: | ||
| const version_block = _findBlockAtIndex(blocks, 0); | ||
@@ -643,4 +664,18 @@ if (!version_block) { | ||
| subjectFingerPrint = formatBuffer2DigitHexWithColum(makeSHA1Thumbprint(_getBlock(buffer, blocks[5]))); | ||
| subjectPublicKeyInfo = _readSubjectPublicKeyInfo(buffer, blocks[6]); | ||
| const inner_block = _readStruct(buffer, blocks[6]) | ||
| const what_type = _readAlgorithmIdentifier(buffer, inner_block[0]).identifier | ||
| switch (what_type) { | ||
| case "rsaEncryption": { | ||
| subjectPublicKeyInfo = _readSubjectPublicKeyInfo(buffer, blocks[6]); | ||
| break; | ||
| } | ||
| case "ecPublicKey": | ||
| default: { | ||
| subjectPublicKeyInfo = _readSubjectECCPublicKeyInfo(buffer, blocks[6]); | ||
| break; | ||
| } | ||
| } | ||
| const extensionBlock = _findBlockAtIndex(blocks, 3); | ||
@@ -647,0 +682,0 @@ if (!extensionBlock) { |
@@ -15,3 +15,3 @@ // tslint:disabled:no-var-requires | ||
| const PEM_REGEX = /^(-----BEGIN (.*)-----\r?\n([\/+=a-zA-Z0-9\r\n]*)\r?\n-----END \2-----\r?\n)/gm; | ||
| const PEM_REGEX = /^(-----BEGIN (.*)-----\r?\n([/+=a-zA-Z0-9\r\n]*)\r?\n-----END \2-----\r?\n)/gm; | ||
@@ -110,3 +110,3 @@ const PEM_TYPE_REGEX = /^(-----BEGIN (.*)-----)/m; | ||
| export function makeMessageChunkSignature(chunk: Buffer, options: MakeMessageChunkSignatureOptions): Buffer { | ||
| assert(options.hasOwnProperty("algorithm")); | ||
| assert(Object.prototype.hasOwnProperty.call(options,"algorithm")); | ||
| assert(chunk instanceof Buffer); | ||
@@ -119,3 +119,3 @@ assert(["RSA PRIVATE KEY", "PRIVATE KEY"].indexOf(identifyPemType(options.privateKey) as string) >= 0); | ||
| assert(!options.signatureLength || signature.length === options.signatureLength); | ||
| return signature as Buffer; // Buffer | ||
| return signature; | ||
| } | ||
@@ -122,0 +122,0 @@ |
@@ -122,2 +122,5 @@ /** | ||
| // +---------------+---------------------+-----------------------+ | ||
| // + signingKey + encryptingKey + initializationVector + | ||
| // +---------------+---------------------+-----------------------+ | ||
| return { | ||
@@ -216,3 +219,3 @@ signatureLength: options.signatureLength, | ||
| export function computePaddingFooter(buffer: Buffer, derivedKeys: DerivedKeys): Buffer { | ||
| assert(derivedKeys.hasOwnProperty("encryptingBlockSize")); | ||
| assert(Object.prototype.hasOwnProperty.call(derivedKeys, "encryptingBlockSize")); | ||
| const paddingSize = derivedKeys.encryptingBlockSize - ((buffer.length + 1) % derivedKeys.encryptingBlockSize); | ||
@@ -225,3 +228,3 @@ const padding = createFastUninitializedBuffer(paddingSize + 1); | ||
| function derivedKeys_algorithm(derivedKeys: DerivedKeys) { | ||
| assert(derivedKeys.hasOwnProperty("algorithm")); | ||
| assert(Object.prototype.hasOwnProperty.call(derivedKeys, "algorithm")); | ||
| const algorithm = derivedKeys.algorithm || "aes-128-cbc"; | ||
@@ -228,0 +231,0 @@ assert(algorithm === "aes-128-cbc" || algorithm === "aes-256-cbc"); |
@@ -0,0 +0,0 @@ import { |
@@ -0,0 +0,0 @@ import * as assert from "assert"; |
@@ -11,3 +11,3 @@ /** | ||
| export type PublicKeyLength = 128 | 256 | 384 | 512; | ||
| export type PublicKeyLength = 64 | 96 | 128 | 256 | 384 | 512; | ||
@@ -14,0 +14,0 @@ /** |
@@ -0,0 +0,0 @@ import * as assert from "assert"; |
@@ -0,0 +0,0 @@ /** |
@@ -7,2 +7,26 @@ // https://github.com/lapo-luchini/asn1js/blob/master/oids.js | ||
| "1.2.840.10045.2": { d: "publicKeyType", c: "ANSI X9.62" }, | ||
| "1.2.840.10045.2.1": { d: "ecPublicKey", c: "ANSI X9.62 public key type" }, | ||
| "1.2.840.10045.3.0.1": { d: "c2pnb163v1", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.0.2": { d: "c2pnb163v2", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.0.3": { d: "c2pnb163v3", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.0.5": { d: "c2tnb191v1", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.0.6": { d: "c2tnb191v2", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.0.7": { d: "c2tnb191v3", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.0.10": { d: "c2pnb208w1", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.0.11": { d: "c2tnb239v1", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.0.12": { d: "c2tnb239v2", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.0.13": { d: "c2tnb239v3", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.0.16": { d: "c2pnb272w1", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.0.18": { d: "c2tnb359v1", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.0.19": { d: "c2pnb368w1", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.0.20": { d: "c2tnb431r1", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.1.1": { d: "prime192v1", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.1.2": { d: "prime192v2", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.1.3": { d: "prime192v3", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.1.4": { d: "prime239v1", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.1.5": { d: "prime239v2", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.1.6": { d: "prime239v3", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.10045.3.1.7": { d: "prime256v1", c: "ANSI X9.62 named elliptic curve" }, | ||
| "1.2.840.113549.1.1": { d: "pkcs-1", c: "", w: false }, | ||
@@ -42,2 +66,8 @@ "1.2.840.113549.1.1.1": { d: "rsaEncryption", c: "PKCS #1", w: false }, | ||
| "1.3.6.1.4.1.311.2.1.21": { d: "1.3.6.1.4.1.311.2.1.21", c: "SPC_INDIVIDUAL_SP_KEY_PURPOSE_OBJID" }, | ||
| "1.3.6.1.4.1.311.2.1.22": { d: "1.3.6.1.4.1.311.2.1.22", c: "SPC_COMMERCIAL_SP_KEY_PURPOSE_OBJID" }, | ||
| "1.3.6.1.4.1.311.10.3.1": { d: "1.3.6.1.4.1.311.10.3.1", c: "Signer of CTLs -- szOID_KP_CTL_USAGE_SIGNING" }, | ||
| "1.3.6.1.4.1.311.10.3.4": { d: "1.3.6.1.4.1.311.10.3.4", c: "szOID_EFS_RECOVERY (Encryption File System)" }, | ||
| "1.3.6.1.5.5.7.3.17": { d: "1.3.6.1.5.5.7.3.17", c: "Internet Key Exchange (IKE)" }, | ||
| "1.3.6.1.5.5.7.3.1": { d: "serverAuth", c: "PKIX key purpose" }, | ||
@@ -57,2 +87,17 @@ "1.3.6.1.5.5.7.3.2": { d: "clientAuth", c: "PKIX key purpose" }, | ||
| "1.3.36.3.3.2.8.1.1.1": { d: "brainpoolP160r1", c: "ECC Brainpool Standard Curves and Curve Generation" }, | ||
| "1.3.36.3.3.2.8.1.1.2": { d: "brainpoolP160t1", c: "ECC Brainpool Standard Curves and Curve Generation" }, | ||
| "1.3.36.3.3.2.8.1.1.3": { d: "brainpoolP192r1", c: "ECC Brainpool Standard Curves and Curve Generation" }, | ||
| "1.3.36.3.3.2.8.1.1.4": { d: "brainpoolP192t1", c: "ECC Brainpool Standard Curves and Curve Generation" }, | ||
| "1.3.36.3.3.2.8.1.1.5": { d: "brainpoolP224r1", c: "ECC Brainpool Standard Curves and Curve Generation" }, | ||
| "1.3.36.3.3.2.8.1.1.6": { d: "brainpoolP224t1", c: "ECC Brainpool Standard Curves and Curve Generation" }, | ||
| "1.3.36.3.3.2.8.1.1.7": { d: "brainpoolP256r1", c: "ECC Brainpool Standard Curves and Curve Generation" }, | ||
| "1.3.36.3.3.2.8.1.1.8": { d: "brainpoolP256t1", c: "ECC Brainpool Standard Curves and Curve Generation" }, | ||
| "1.3.36.3.3.2.8.1.1.9": { d: "brainpoolP320r1", c: "ECC Brainpool Standard Curves and Curve Generation" }, | ||
| "1.3.36.3.3.2.8.1.1.10": { d: "brainpoolP320t1", c: "ECC Brainpool Standard Curves and Curve Generation" }, | ||
| "1.3.36.3.3.2.8.1.1.11": { d: "brainpoolP384r1", c: "ECC Brainpool Standard Curves and Curve Generation" }, | ||
| "1.3.36.3.3.2.8.1.1.12": { d: "brainpoolP384t1", c: "ECC Brainpool Standard Curves and Curve Generation" }, | ||
| "1.3.36.3.3.2.8.1.1.13": { d: "brainpoolP512r1", c: "ECC Brainpool Standard Curves and Curve Generation" }, | ||
| "1.3.36.3.3.2.8.1.1.14": { d: "brainpoolP512t1", c: "ECC Brainpool Standard Curves and Curve Generation" }, | ||
| "2.5.4.0": { d: "objectClass", c: "X.520 DN component", w: false }, | ||
@@ -59,0 +104,0 @@ "2.5.4.1": { d: "aliasedEntryName", c: "X.520 DN component", w: false }, |
@@ -0,0 +0,0 @@ import { exploreCertificate } from "."; |
@@ -0,0 +0,0 @@ // tslint:disable: no-console |
@@ -0,0 +0,0 @@ // tslint:disable: no-console |
@@ -0,0 +0,0 @@ { |
@@ -0,0 +0,0 @@ { |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by36.06%
517474
- Dev dependency count
- decreased by-16.67%
15
- Number of package files
- increased by38.82%
118
- Lines of code
- increased by50.46%
7836
Worsened metrics
- Number of low supply chain risk alerts
- increased by50%
6
Dependency changes
+ Addedhexy@0.3.4(transitive)
- Removedhexy@0.3.5(transitive)
Updatedchalk@^4.1.2
Updatedhexy@0.3.4
Updatedjsrsasign@^10.5.8
Updatedsshpk@^1.17.0