UNPKG

@shockpkg/ria-packager

Version:

Package for creating Adobe AIR packages

github.com/shockpkg/ria-packager

shockpkg/ria-packager

220 lines (207 loc) 7.09 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.SecurityTimestamper = void 0; var _nodeForge = require("node-forge"); var _meta = require("../meta.js"); /** * SecurityTimestamper object. */ class SecurityTimestamper { /** * The timestamp server URL. */ /** * The default headers for HTTP requests. */ headers = { // eslint-disable-next-line @typescript-eslint/naming-convention 'User-Agent': `${_meta.NAME}/${_meta.VERSION}` }; /** * A fetch-like interface requiring only a sebset of features. */ fetch = typeof fetch === 'undefined' ? null : fetch; /** * SecurityTimestamper constructor. * * @param url The timestamp server URL. */ constructor(url) { this.url = url; } /** * Timestamp data digested with specified algorithm. * * @param digested The data to timestamp. * @param digest Digest algorithm. * @returns Timestamp data. */ async timestamp(digested, digest) { const encodedRequest = this._encodeRequest(digested, digest); const response = await this._sendRequest(encodedRequest); return this._decodeResponse(response); } /** * Send message request and return response or error on failure. * * @param message Encoded message. * @returns Encoded response. */ async _sendRequest(message) { const { url, headers } = this; const fetch = this._ensureFetch(); const response = await fetch(url, { method: 'POST', headers, body: message }); if (response.status !== 200) { throw new Error(`Status code: ${response.status}: ${url}`); } return new Uint8Array(await response.arrayBuffer()); } /** * Encode request. * * @param digested Digested message. * @param digest Digest algorithm. * @returns Encoded request. */ _encodeRequest(digested, digest) { digest = digest.toLowerCase(); let iod = ''; switch (digest) { case 'sha1': { iod = _nodeForge.pki.oids.sha1; break; } case 'sha256': { iod = _nodeForge.pki.oids.sha256; break; } default: { throw new Error(`Unsupported digest algorithm: ${digest}`); } } const certReq = true; const hashAlgoDef = _nodeForge.asn1.create(_nodeForge.asn1.Class.UNIVERSAL, _nodeForge.asn1.Type.SEQUENCE, true, [_nodeForge.asn1.create(_nodeForge.asn1.Class.UNIVERSAL, _nodeForge.asn1.Type.OID, false, _nodeForge.asn1.oidToDer(iod).getBytes()), _nodeForge.asn1.create(_nodeForge.asn1.Class.UNIVERSAL, _nodeForge.asn1.Type.NULL, false, '')]); const messageImprintDef = _nodeForge.asn1.create(_nodeForge.asn1.Class.UNIVERSAL, _nodeForge.asn1.Type.SEQUENCE, true, [hashAlgoDef, _nodeForge.asn1.create(_nodeForge.asn1.Class.UNIVERSAL, _nodeForge.asn1.Type.OCTETSTRING, false, // eslint-disable-next-line unicorn/prefer-code-point String.fromCharCode(...digested))]); // Could be set to some bytes. // ie: reqPolicy = 'some bytes'; const reqPolicy = null; const asn1ReqPolicy = reqPolicy ? _nodeForge.asn1.create(_nodeForge.asn1.Class.UNIVERSAL, _nodeForge.asn1.Type.OID, false, reqPolicy) : null; // Always null. const nonceDER = null; // This could be a DER encodable, if extensions is set to be? // Just null for now. // const extensions = null; // const asn1Extn = extensions ? extensions : null; const asn1Extn = null; const tsaReqDef = _nodeForge.asn1.create(_nodeForge.asn1.Class.UNIVERSAL, _nodeForge.asn1.Type.SEQUENCE, true, [_nodeForge.asn1.create(_nodeForge.asn1.Class.UNIVERSAL, _nodeForge.asn1.Type.INTEGER, false, // eslint-disable-next-line unicorn/prefer-code-point String.fromCharCode(1)), messageImprintDef, asn1ReqPolicy, nonceDER, _nodeForge.asn1.create(_nodeForge.asn1.Class.UNIVERSAL, _nodeForge.asn1.Type.BOOLEAN, false, // eslint-disable-next-line unicorn/prefer-code-point String.fromCharCode(certReq ? 0xff : 0)), asn1Extn].filter(Boolean)); return _nodeForge.util.binary.raw.decode(_nodeForge.asn1.toDer(tsaReqDef).bytes()); } /** * Decode response. * * @param response Encoded response. * @returns Decoded response. */ _decodeResponse(response) { const object = _nodeForge.asn1.fromDer(new _nodeForge.util.ByteStringBuffer(response)); const validator = { name: 'root', tagClass: _nodeForge.asn1.Class.UNIVERSAL, type: _nodeForge.asn1.Type.SEQUENCE, constructed: true, value: [{ name: 'root.statusInfo', tagClass: _nodeForge.asn1.Class.UNIVERSAL, type: _nodeForge.asn1.Type.SEQUENCE, constructed: true, value: [{ name: 'root.statusInfo.pkiStatus', tagClass: _nodeForge.asn1.Class.UNIVERSAL, type: _nodeForge.asn1.Type.INTEGER, constructed: false, captureAsn1: 'root.statusInfo.pkiStatus', optional: true }, { name: 'root.statusInfo.pkiFreeText', tagClass: _nodeForge.asn1.Class.UNIVERSAL, type: _nodeForge.asn1.Type.UTF8, constructed: false, captureAsn1: 'root.statusInfo.pkiFreeText', optional: true }, { name: 'root.statusInfo.pkiFailureInfo', tagClass: _nodeForge.asn1.Class.UNIVERSAL, type: _nodeForge.asn1.Type.BITSTRING, constructed: false, captureAsn1: 'root.statusInfo.pkiFailureInfo', optional: true }] }, { name: 'root.tst', tagClass: _nodeForge.asn1.Class.UNIVERSAL, type: _nodeForge.asn1.Type.SEQUENCE, constructed: true, captureAsn1: 'root.tst', optional: true }] }; const capture = {}; const errors = []; const success = _nodeForge.asn1.validate(object, validator, capture, errors); if (!success || errors.length) { const error = errors[0] || 'Unknown error'; throw new Error(`Decode error: ${error}`); } const pkiStatus = capture['root.statusInfo.pkiStatus']; if (!pkiStatus) { throw new Error('Missing PKI status'); } if (pkiStatus.value.length !== 1) { throw new Error(`Unexpected PKI status length: ${pkiStatus.value.length}`); } // eslint-disable-next-line unicorn/prefer-code-point const pkiStatusCode = pkiStatus.value.charCodeAt(0); if (pkiStatusCode !== 0 && pkiStatusCode !== 1) { throw new Error(`Unexpected PKI status code: ${pkiStatusCode}`); } const tst = capture['root.tst']; if (!tst) { throw new Error('Missing PKI TSTInfo'); } return _nodeForge.util.binary.raw.decode(_nodeForge.asn1.toDer(tst).bytes()); } /** * Ensure fetch-like function is set. * * @returns The fetch-like function. */ _ensureFetch() { const { fetch } = this; if (!fetch) { throw new Error('Default fetch not available'); } return fetch; } } exports.SecurityTimestamper = SecurityTimestamper; //# sourceMappingURL=timestamper.js.map