node-opcua-crypto/dist/chunk-EJK7NCWU.js

Crypto tools for Node-OPCUA

import {
  __dirname,
  combine_der,
  convertPEMtoDER,
  generateKeyPair,
  identifyPemType,
  privateKeyToPEM,
  removeTrailingLF,
  split_der,
  toPem
} from "./chunk-NX3DSTD6.js";

// source_nodejs/generate_private_key_filename.ts
import { generateKeyPairSync } from "crypto";
import fs from "fs";
async function generatePrivateKeyFile(privateKeyFilename, modulusLength) {
  const keys = await generateKeyPair(modulusLength);
  const privateKeyPem = await privateKeyToPEM(keys.privateKey);
  await fs.promises.writeFile(privateKeyFilename, privateKeyPem.privPem, "utf-8");
  privateKeyPem.privPem = "";
  privateKeyPem.privDer = new ArrayBuffer(0);
}
async function generatePrivateKeyFileAlternate(privateKeyFilename, modulusLength) {
  const { privateKey } = generateKeyPairSync("rsa", {
    modulusLength,
    privateKeyEncoding: { type: "pkcs8", format: "pem" },
    publicKeyEncoding: { type: "spki", format: "pem" }
  });
  await fs.promises.writeFile(privateKeyFilename, privateKey, "utf-8");
}

// source_nodejs/read.ts
import assert from "assert";
import { createPrivateKey, createPublicKey } from "crypto";
import fs2 from "fs";
import path from "path";
import sshpk from "sshpk";
function _readPemFile(filename) {
  assert(typeof filename === "string");
  return removeTrailingLF(fs2.readFileSync(filename, "utf-8"));
}
function _countPemCertBlocks(pem) {
  const matches = pem.match(/-----BEGIN CERTIFICATE-----/g);
  return matches ? matches.length : 0;
}
function readCertificate(filename) {
  if (filename.match(/.*\.der/)) {
    return fs2.readFileSync(filename);
  }
  const pem = _readPemFile(filename);
  const count = _countPemCertBlocks(pem);
  if (count > 1) {
    console.warn(
      `[node-opcua-crypto] readCertificate: "${path.basename(filename)}" contains ${count} PEM certificate block(s) but only the first will be used. Use readCertificateChain() to read all certificates.`
    );
  }
  return convertPEMtoDER(pem);
}
function readCertificateChain(filename) {
  if (filename.match(/.*\.der/)) {
    return split_der(fs2.readFileSync(filename));
  }
  const pem = _readPemFile(filename);
  return _extractAllPemDerCertificates(pem);
}
async function readCertificateChainAsync(filename) {
  const buf = await fs2.promises.readFile(filename);
  if (filename.match(/.*\.der/)) {
    return split_der(buf);
  }
  const pem = removeTrailingLF(buf.toString("utf-8"));
  return _extractAllPemDerCertificates(pem);
}
function _extractAllPemDerCertificates(pem) {
  const certs = [];
  const regex = /-----BEGIN CERTIFICATE-----\r?\n([/+=a-zA-Z0-9\r\n]*)\r?\n-----END CERTIFICATE-----/g;
  let match;
  match = regex.exec(pem);
  while (match !== null) {
    const base64 = match[1].replace(/\r?\n/g, "");
    const derBuffer = Buffer.from(base64, "base64");
    try {
      const separatedCerts = split_der(derBuffer);
      for (const c of separatedCerts) {
        certs.push(c);
      }
    } catch (_err) {
      certs.push(derBuffer);
    }
    match = regex.exec(pem);
  }
  return certs;
}
async function readCertificateAsync(filename) {
  const buf = await fs2.promises.readFile(filename);
  if (filename.match(/.*\.der/)) {
    return buf;
  }
  const raw_key = removeTrailingLF(buf.toString("utf-8"));
  const count = _countPemCertBlocks(raw_key);
  if (count > 1) {
    console.warn(
      `[node-opcua-crypto] readCertificateAsync: "${path.basename(filename)}" contains ${count} PEM certificate block(s) but only the first will be used. Use readCertificateChainAsync() to read all certificates.`
    );
  }
  return convertPEMtoDER(raw_key);
}
function readPublicKey(filename) {
  if (filename.match(/.*\.der/)) {
    const der = fs2.readFileSync(filename);
    return createPublicKey(der);
  } else {
    const raw_key = _readPemFile(filename);
    return createPublicKey(raw_key);
  }
}
async function readPublicKeyAsync(filename) {
  const buf = await fs2.promises.readFile(filename);
  if (filename.match(/.*\.der/)) {
    return createPublicKey(buf);
  }
  return createPublicKey(removeTrailingLF(buf.toString("utf-8")));
}
function myCreatePrivateKey(rawKey) {
  if (!createPrivateKey || process.env.NO_CREATE_PRIVATEKEY) {
    if (Buffer.isBuffer(rawKey)) {
      const pemKey = toPem(rawKey, "PRIVATE KEY");
      assert(["RSA PRIVATE KEY", "PRIVATE KEY"].indexOf(identifyPemType(pemKey)) >= 0);
      return { hidden: pemKey };
    }
    return { hidden: ensureTrailingLF(rawKey) };
  }
  const backup = process.env.OPENSSL_CONF;
  process.env.OPENSSL_CONF = "/dev/null";
  const retValue = createPrivateKey(rawKey);
  process.env.OPENSSL_CONF = backup;
  return { hidden: retValue };
}
function ensureTrailingLF(str) {
  return str.match(/\n$/) ? str : `${str}
`;
}
function readPrivateKey(filename) {
  if (filename.match(/.*\.der/)) {
    const der = fs2.readFileSync(filename);
    return myCreatePrivateKey(der);
  } else {
    const raw_key = _readPemFile(filename);
    return myCreatePrivateKey(raw_key);
  }
}
async function readPrivateKeyAsync(filename) {
  const buf = await fs2.promises.readFile(filename);
  if (filename.match(/.*\.der/)) {
    return myCreatePrivateKey(buf);
  }
  return myCreatePrivateKey(removeTrailingLF(buf.toString("utf-8")));
}
function readCertificatePEM(filename) {
  return _readPemFile(filename);
}
async function readCertificatePEMAsync(filename) {
  const buf = await fs2.promises.readFile(filename, "utf-8");
  return removeTrailingLF(buf);
}
function readPublicKeyPEM(filename) {
  return _readPemFile(filename);
}
async function readPublicKeyPEMAsync(filename) {
  const buf = await fs2.promises.readFile(filename, "utf-8");
  return removeTrailingLF(buf);
}
function readPrivateKeyPEM(filename) {
  return _readPemFile(filename);
}
async function readPrivateKeyPEMAsync(filename) {
  const buf = await fs2.promises.readFile(filename, "utf-8");
  return removeTrailingLF(buf);
}
var _g_certificate_store = "";
function setCertificateStore(store) {
  const old_store = _g_certificate_store;
  _g_certificate_store = store;
  return old_store;
}
function getCertificateStore() {
  if (!_g_certificate_store) {
    _g_certificate_store = path.join(__dirname, "../../certificates/");
  }
  return _g_certificate_store;
}
function readPrivateRsaKey(filename) {
  if (!createPrivateKey) {
    throw new Error("createPrivateKey is not supported in this environment");
  }
  if (filename.substring(0, 1) !== "." && !fs2.existsSync(filename)) {
    filename = path.join(getCertificateStore(), filename);
  }
  const content = fs2.readFileSync(filename, "utf8");
  const sshKey = sshpk.parsePrivateKey(content, "auto");
  const key = sshKey.toString("pkcs1");
  const hidden = createPrivateKey({ format: "pem", type: "pkcs1", key });
  return { hidden };
}
function readPublicRsaKey(filename) {
  if (filename.substring(0, 1) !== "." && !fs2.existsSync(filename)) {
    filename = path.join(getCertificateStore(), filename);
  }
  const content = fs2.readFileSync(filename, "utf-8");
  const sshKey = sshpk.parseKey(content, "ssh");
  const key = sshKey.toString("pkcs1");
  return createPublicKey({ format: "pem", type: "pkcs1", key });
}

// source_nodejs/read_certificate_revocation_list.ts
import fs3 from "fs";
async function readCertificateRevocationList(filename) {
  const crl = await fs3.promises.readFile(filename);
  if (crl[0] === 48 && crl[1] === 130) {
    return crl;
  }
  const raw_crl = crl.toString();
  return convertPEMtoDER(raw_crl);
}

// source_nodejs/read_certificate_signing_request.ts
import fs4 from "fs";
async function readCertificateSigningRequest(filename) {
  const csr = await fs4.promises.readFile(filename);
  if (csr[0] === 48 && csr[1] === 130) {
    return csr;
  }
  const raw_crl = csr.toString();
  return convertPEMtoDER(raw_crl);
}

// source_nodejs/write.ts
import fs5 from "fs";
function certificatesToPem(certificates) {
  const certs = Array.isArray(certificates) ? certificates : [certificates];
  return `${certs.map((der) => toPem(der, "CERTIFICATE")).join("\n")}
`;
}
function writeCertificateChain(filename, certificates) {
  fs5.writeFileSync(filename, certificatesToPem(certificates), "utf-8");
}
async function writeCertificateChainAsync(filename, certificates) {
  await fs5.promises.writeFile(filename, certificatesToPem(certificates), "utf-8");
}
function certificatesToDer(certificates) {
  const certs = Array.isArray(certificates) ? certificates : [certificates];
  return combine_der(certs);
}
function writeCertificateChainDer(filename, certificates) {
  fs5.writeFileSync(filename, certificatesToDer(certificates));
}
async function writeCertificateChainDerAsync(filename, certificates) {
  await fs5.promises.writeFile(filename, certificatesToDer(certificates));
}

export {
  generatePrivateKeyFile,
  generatePrivateKeyFileAlternate,
  readCertificate,
  readCertificateChain,
  readCertificateChainAsync,
  readCertificateAsync,
  readPublicKey,
  readPublicKeyAsync,
  readPrivateKey,
  readPrivateKeyAsync,
  readCertificatePEM,
  readCertificatePEMAsync,
  readPublicKeyPEM,
  readPublicKeyPEMAsync,
  readPrivateKeyPEM,
  readPrivateKeyPEMAsync,
  setCertificateStore,
  getCertificateStore,
  readPrivateRsaKey,
  readPublicRsaKey,
  readCertificateRevocationList,
  readCertificateSigningRequest,
  certificatesToPem,
  writeCertificateChain,
  writeCertificateChainAsync,
  certificatesToDer,
  writeCertificateChainDer,
  writeCertificateChainDerAsync
};
//# sourceMappingURL=chunk-EJK7NCWU.js.map