firefox-main/toolkit/components/certviewer/content/vendor/pkijs.js (file symbol)

Source code

Revision control

Copy as Markdown

Other Tools

/*!
* Copyright (c) 2014, GlobalSign
* Copyright (c) 2015-2019, Peculiar Ventures
* All rights reserved.
*
* Author 2014-2019, Yury Strozhevsky
*
* Redistribution and use in source and binary forms, with or without modification,
* are permitted provided that the following conditions are met:
*
* * Redistributions of source code must retain the above copyright notice, this
* list of conditions and the following disclaimer.
*
* * Redistributions in binary form must reproduce the above copyright notice, this
* list of conditions and the following disclaimer in the documentation and/or
* other materials provided with the distribution.
*
* * Neither the name of the {organization} nor the names of its
* contributors may be used to endorse or promote products derived from
* this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
* ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
* ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
/*!
* MIT License
*
* Copyright (c) 2017-2024 Peculiar Ventures, LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*
*/
const ARRAY_BUFFER_NAME = "[object ArrayBuffer]";
class BufferSourceConverter {
static isArrayBuffer(data) {
return Object.prototype.toString.call(data) === ARRAY_BUFFER_NAME;
}
static toArrayBuffer(data) {
if (this.isArrayBuffer(data)) {
return data;
}
if (data.byteLength === data.buffer.byteLength) {
return data.buffer;
}
if (data.byteOffset === 0 && data.byteLength === data.buffer.byteLength) {
return data.buffer;
}
return this.toUint8Array(data.buffer)
.slice(data.byteOffset, data.byteOffset + data.byteLength)
.buffer;
}
static toUint8Array(data) {
return this.toView(data, Uint8Array);
}
static toView(data, type) {
if (data.constructor === type) {
return data;
}
if (this.isArrayBuffer(data)) {
return new type(data);
}
if (this.isArrayBufferView(data)) {
return new type(data.buffer, data.byteOffset, data.byteLength);
}
throw new TypeError("The provided value is not of type '(ArrayBuffer or ArrayBufferView)'");
}
static isBufferSource(data) {
return this.isArrayBufferView(data)
|| this.isArrayBuffer(data);
}
static isArrayBufferView(data) {
return ArrayBuffer.isView(data)
|| (data && this.isArrayBuffer(data.buffer));
}
static isEqual(a, b) {
const aView = BufferSourceConverter.toUint8Array(a);
const bView = BufferSourceConverter.toUint8Array(b);
if (aView.length !== bView.byteLength) {
return false;
}
for (let i = 0; i < aView.length; i++) {
if (aView[i] !== bView[i]) {
return false;
}
}
return true;
}
static concat(...args) {
let buffers;
if (Array.isArray(args[0]) && !(args[1] instanceof Function)) {
buffers = args[0];
}
else if (Array.isArray(args[0]) && args[1] instanceof Function) {
buffers = args[0];
}
else {
if (args[args.length - 1] instanceof Function) {
buffers = args.slice(0, args.length - 1);
}
else {
buffers = args;
}
}
let size = 0;
for (const buffer of buffers) {
size += buffer.byteLength;
}
const res = new Uint8Array(size);
let offset = 0;
for (const buffer of buffers) {
const view = this.toUint8Array(buffer);
res.set(view, offset);
offset += view.length;
}
if (args[args.length - 1] instanceof Function) {
return this.toView(res, args[args.length - 1]);
}
return res.buffer;
}
}
const STRING_TYPE = "string";
const HEX_REGEX = /^[0-9a-f\s]+$/i;
const BASE64_REGEX = /^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$/;
const BASE64URL_REGEX = /^[a-zA-Z0-9-_]+$/;
class Utf8Converter {
static fromString(text) {
const s = unescape(encodeURIComponent(text));
const uintArray = new Uint8Array(s.length);
for (let i = 0; i < s.length; i++) {
uintArray[i] = s.charCodeAt(i);
}
return uintArray.buffer;
}
static toString(buffer) {
const buf = BufferSourceConverter.toUint8Array(buffer);
let encodedString = "";
for (let i = 0; i < buf.length; i++) {
encodedString += String.fromCharCode(buf[i]);
}
const decodedString = decodeURIComponent(escape(encodedString));
return decodedString;
}
}
class Utf16Converter {
static toString(buffer, littleEndian = false) {
const arrayBuffer = BufferSourceConverter.toArrayBuffer(buffer);
const dataView = new DataView(arrayBuffer);
let res = "";
for (let i = 0; i < arrayBuffer.byteLength; i += 2) {
const code = dataView.getUint16(i, littleEndian);
res += String.fromCharCode(code);
}
return res;
}
static fromString(text, littleEndian = false) {
const res = new ArrayBuffer(text.length * 2);
const dataView = new DataView(res);
for (let i = 0; i < text.length; i++) {
dataView.setUint16(i * 2, text.charCodeAt(i), littleEndian);
}
return res;
}
}
class Convert {
static isHex(data) {
return typeof data === STRING_TYPE
&& HEX_REGEX.test(data);
}
static isBase64(data) {
return typeof data === STRING_TYPE
&& BASE64_REGEX.test(data);
}
static isBase64Url(data) {
return typeof data === STRING_TYPE
&& BASE64URL_REGEX.test(data);
}
static ToString(buffer, enc = "utf8") {
const buf = BufferSourceConverter.toUint8Array(buffer);
switch (enc.toLowerCase()) {
case "utf8":
return this.ToUtf8String(buf);
case "binary":
return this.ToBinary(buf);
case "hex":
return this.ToHex(buf);
case "base64":
return this.ToBase64(buf);
case "base64url":
return this.ToBase64Url(buf);
case "utf16le":
return Utf16Converter.toString(buf, true);
case "utf16":
case "utf16be":
return Utf16Converter.toString(buf);
default:
throw new Error(`Unknown type of encoding '${enc}'`);
}
}
static FromString(str, enc = "utf8") {
if (!str) {
return new ArrayBuffer(0);
}
switch (enc.toLowerCase()) {
case "utf8":
return this.FromUtf8String(str);
case "binary":
return this.FromBinary(str);
case "hex":
return this.FromHex(str);
case "base64":
return this.FromBase64(str);
case "base64url":
return this.FromBase64Url(str);
case "utf16le":
return Utf16Converter.fromString(str, true);
case "utf16":
case "utf16be":
return Utf16Converter.fromString(str);
default:
throw new Error(`Unknown type of encoding '${enc}'`);
}
}
static ToBase64(buffer) {
const buf = BufferSourceConverter.toUint8Array(buffer);
if (typeof btoa !== "undefined") {
const binary = this.ToString(buf, "binary");
return btoa(binary);
}
else {
return Buffer.from(buf).toString("base64");
}
}
static FromBase64(base64) {
const formatted = this.formatString(base64);
if (!formatted) {
return new ArrayBuffer(0);
}
if (!Convert.isBase64(formatted)) {
throw new TypeError("Argument 'base64Text' is not Base64 encoded");
}
if (typeof atob !== "undefined") {
return this.FromBinary(atob(formatted));
}
else {
return new Uint8Array(Buffer.from(formatted, "base64")).buffer;
}
}
static FromBase64Url(base64url) {
const formatted = this.formatString(base64url);
if (!formatted) {
return new ArrayBuffer(0);
}
if (!Convert.isBase64Url(formatted)) {
throw new TypeError("Argument 'base64url' is not Base64Url encoded");
}
return this.FromBase64(this.Base64Padding(formatted.replace(/\-/g, "+").replace(/\_/g, "/")));
}
static ToBase64Url(data) {
return this.ToBase64(data).replace(/\+/g, "-").replace(/\//g, "_").replace(/\=/g, "");
}
static FromUtf8String(text, encoding = Convert.DEFAULT_UTF8_ENCODING) {
switch (encoding) {
case "ascii":
return this.FromBinary(text);
case "utf8":
return Utf8Converter.fromString(text);
case "utf16":
case "utf16be":
return Utf16Converter.fromString(text);
case "utf16le":
case "usc2":
return Utf16Converter.fromString(text, true);
default:
throw new Error(`Unknown type of encoding '${encoding}'`);
}
}
static ToUtf8String(buffer, encoding = Convert.DEFAULT_UTF8_ENCODING) {
switch (encoding) {
case "ascii":
return this.ToBinary(buffer);
case "utf8":
return Utf8Converter.toString(buffer);
case "utf16":
case "utf16be":
return Utf16Converter.toString(buffer);
case "utf16le":
case "usc2":
return Utf16Converter.toString(buffer, true);
default:
throw new Error(`Unknown type of encoding '${encoding}'`);
}
}
static FromBinary(text) {
const stringLength = text.length;
const resultView = new Uint8Array(stringLength);
for (let i = 0; i < stringLength; i++) {
resultView[i] = text.charCodeAt(i);
}
return resultView.buffer;
}
static ToBinary(buffer) {
const buf = BufferSourceConverter.toUint8Array(buffer);
let res = "";
for (let i = 0; i < buf.length; i++) {
res += String.fromCharCode(buf[i]);
}
return res;
}
static ToHex(buffer) {
const buf = BufferSourceConverter.toUint8Array(buffer);
let result = "";
const len = buf.length;
for (let i = 0; i < len; i++) {
const byte = buf[i];
if (byte < 16) {
result += "0";
}
result += byte.toString(16);
}
return result;
}
static FromHex(hexString) {
let formatted = this.formatString(hexString);
if (!formatted) {
return new ArrayBuffer(0);
}
if (!Convert.isHex(formatted)) {
throw new TypeError("Argument 'hexString' is not HEX encoded");
}
if (formatted.length % 2) {
formatted = `0${formatted}`;
}
const res = new Uint8Array(formatted.length / 2);
for (let i = 0; i < formatted.length; i = i + 2) {
const c = formatted.slice(i, i + 2);
res[i / 2] = parseInt(c, 16);
}
return res.buffer;
}
static ToUtf16String(buffer, littleEndian = false) {
return Utf16Converter.toString(buffer, littleEndian);
}
static FromUtf16String(text, littleEndian = false) {
return Utf16Converter.fromString(text, littleEndian);
}
static Base64Padding(base64) {
const padCount = 4 - (base64.length % 4);
if (padCount < 4) {
for (let i = 0; i < padCount; i++) {
base64 += "=";
}
}
return base64;
}
static formatString(data) {
return (data === null || data === void 0 ? void 0 : data.replace(/[\n\r\t ]/g, "")) || "";
}
}
Convert.DEFAULT_UTF8_ENCODING = "utf8";
/*!
Copyright (c) Peculiar Ventures, LLC
*/
function getParametersValue(parameters, name, defaultValue) {↩
var _a;↩
if ((parameters instanceof Object) === false) {↩
return defaultValue;↩
}↩
return (_a = parameters[name]) !== null && _a !== void 0 ? _a : defaultValue;↩
}↩
function bufferToHexCodes(inputBuffer, inputOffset = 0, inputLength = (inputBuffer.byteLength - inputOffset), insertSpace = false) {↩
let result = "";↩
for (const item of (new Uint8Array(inputBuffer, inputOffset, inputLength))) {↩
const str = item.toString(16).toUpperCase();↩
if (str.length === 1) {↩
result += "0";↩
}↩
result += str;↩
if (insertSpace) {↩
result += " ";↩
}↩
}↩
return result.trim();↩
}↩
function utilFromBase(inputBuffer, inputBase) {↩
let result = 0;↩
if (inputBuffer.length === 1) {↩
return inputBuffer[0];↩
}↩
for (let i = (inputBuffer.length - 1); i >= 0; i--) {↩
result += inputBuffer[(inputBuffer.length - 1) - i] * Math.pow(2, inputBase * i);↩
}↩
return result;↩
}↩
function utilToBase(value, base, reserved = (-1)) {↩
const internalReserved = reserved;↩
let internalValue = value;↩
let result = 0;↩
let biggest = Math.pow(2, base);↩
for (let i = 1; i < 8; i++) {↩
if (value < biggest) {↩
let retBuf;↩
if (internalReserved < 0) {↩
retBuf = new ArrayBuffer(i);↩
result = i;↩
}↩
else {↩
if (internalReserved < i) {↩
return (new ArrayBuffer(0));↩
}↩
retBuf = new ArrayBuffer(internalReserved);↩
result = internalReserved;↩
}↩
const retView = new Uint8Array(retBuf);↩
for (let j = (i - 1); j >= 0; j--) {↩
const basis = Math.pow(2, j * base);↩
retView[result - j - 1] = Math.floor(internalValue / basis);↩
internalValue -= (retView[result - j - 1]) * basis;↩
}↩
return retBuf;↩
}↩
biggest *= Math.pow(2, base);↩
}↩
return new ArrayBuffer(0);↩
}↩
function utilConcatBuf(...buffers) {↩
let outputLength = 0;↩
let prevLength = 0;↩
for (const buffer of buffers) {↩
outputLength += buffer.byteLength;↩
}↩
const retBuf = new ArrayBuffer(outputLength);↩
const retView = new Uint8Array(retBuf);↩
for (const buffer of buffers) {↩
retView.set(new Uint8Array(buffer), prevLength);↩
prevLength += buffer.byteLength;↩
}↩
return retBuf;↩
}↩
function utilConcatView(...views) {↩
let outputLength = 0;↩
let prevLength = 0;↩
for (const view of views) {↩
outputLength += view.length;↩
}↩
const retBuf = new ArrayBuffer(outputLength);↩
const retView = new Uint8Array(retBuf);↩
for (const view of views) {↩
retView.set(view, prevLength);↩
prevLength += view.length;↩
}↩
return retView;↩
}↩
function utilDecodeTC() {↩
const buf = new Uint8Array(this.valueHex);↩
if (this.valueHex.byteLength >= 2) {↩
const condition1 = (buf[0] === 0xFF) && (buf[1] & 0x80);↩
const condition2 = (buf[0] === 0x00) && ((buf[1] & 0x80) === 0x00);↩
if (condition1 || condition2) {↩
this.warnings.push("Needlessly long format");↩
}↩
}↩
const bigIntBuffer = new ArrayBuffer(this.valueHex.byteLength);↩
const bigIntView = new Uint8Array(bigIntBuffer);↩
for (let i = 0; i < this.valueHex.byteLength; i++) {↩
bigIntView[i] = 0;↩
}↩
bigIntView[0] = (buf[0] & 0x80);↩
const bigInt = utilFromBase(bigIntView, 8);↩
const smallIntBuffer = new ArrayBuffer(this.valueHex.byteLength);↩
const smallIntView = new Uint8Array(smallIntBuffer);↩
for (let j = 0; j < this.valueHex.byteLength; j++) {↩
smallIntView[j] = buf[j];↩
}↩
smallIntView[0] &= 0x7F;↩
const smallInt = utilFromBase(smallIntView, 8);↩
return (smallInt - bigInt);↩
}↩
function utilEncodeTC(value) {↩
const modValue = (value < 0) ? (value * (-1)) : value;↩
let bigInt = 128;↩
for (let i = 1; i < 8; i++) {↩
if (modValue <= bigInt) {↩
if (value < 0) {↩
const smallInt = bigInt - modValue;↩
const retBuf = utilToBase(smallInt, 8, i);↩
const retView = new Uint8Array(retBuf);↩
retView[0] |= 0x80;↩
return retBuf;↩
}↩
let retBuf = utilToBase(modValue, 8, i);↩
let retView = new Uint8Array(retBuf);↩
if (retView[0] & 0x80) {↩
const tempBuf = retBuf.slice(0);↩
const tempView = new Uint8Array(tempBuf);↩
retBuf = new ArrayBuffer(retBuf.byteLength + 1);↩
retView = new Uint8Array(retBuf);↩
for (let k = 0; k < tempBuf.byteLength; k++) {↩
retView[k + 1] = tempView[k];↩
}↩
retView[0] = 0x00;↩
}↩
return retBuf;↩
}↩
bigInt *= Math.pow(2, 8);↩
}↩
return (new ArrayBuffer(0));↩
}↩
function isEqualBuffer(inputBuffer1, inputBuffer2) {↩
if (inputBuffer1.byteLength !== inputBuffer2.byteLength) {↩
return false;↩
}↩
const view1 = new Uint8Array(inputBuffer1);↩
const view2 = new Uint8Array(inputBuffer2);↩
for (let i = 0; i < view1.length; i++) {↩
if (view1[i] !== view2[i]) {↩
return false;↩
}↩
}↩
return true;↩
}↩
function padNumber(inputNumber, fullLength) {↩
const str = inputNumber.toString(10);↩
if (fullLength < str.length) {↩
return "";↩
}↩
const dif = fullLength - str.length;↩
const padding = new Array(dif);↩
for (let i = 0; i < dif; i++) {↩
padding[i] = "0";↩
}↩
const paddingString = padding.join("");↩
return paddingString.concat(str);↩
}↩
const base64Template = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";↩
const base64UrlTemplate = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_=";↩
function toBase64(input, useUrlTemplate = false, skipPadding = false, skipLeadingZeros = false) {↩
let i = 0;↩
let flag1 = 0;↩
let flag2 = 0;↩
let output = "";↩
const template = (useUrlTemplate) ? base64UrlTemplate : base64Template;↩
if (skipLeadingZeros) {↩
let nonZeroPosition = 0;↩
for (let i = 0; i < input.length; i++) {↩
if (input.charCodeAt(i) !== 0) {↩
nonZeroPosition = i;↩
break;↩
}↩
}↩
input = input.slice(nonZeroPosition);↩
}↩
while (i < input.length) {↩
const chr1 = input.charCodeAt(i++);↩
if (i >= input.length) {↩
flag1 = 1;↩
}↩
const chr2 = input.charCodeAt(i++);↩
if (i >= input.length) {↩
flag2 = 1;↩
}↩
const chr3 = input.charCodeAt(i++);↩
const enc1 = chr1 >> 2;↩
const enc2 = ((chr1 & 0x03) << 4) | (chr2 >> 4);↩
let enc3 = ((chr2 & 0x0F) << 2) | (chr3 >> 6);↩
let enc4 = chr3 & 0x3F;↩
if (flag1 === 1) {↩
enc3 = enc4 = 64;↩
}↩
else {↩
if (flag2 === 1) {↩
enc4 = 64;↩
}↩
}↩
if (skipPadding) {↩
if (enc3 === 64) {↩
output += `${template.charAt(enc1)}${template.charAt(enc2)}`;↩
}↩
else {↩
if (enc4 === 64) {↩
output += `${template.charAt(enc1)}${template.charAt(enc2)}${template.charAt(enc3)}`;↩
}↩
else {↩
output += `${template.charAt(enc1)}${template.charAt(enc2)}${template.charAt(enc3)}${template.charAt(enc4)}`;↩
}↩
}↩
}↩
else {↩
output += `${template.charAt(enc1)}${template.charAt(enc2)}${template.charAt(enc3)}${template.charAt(enc4)}`;↩
}↩
}↩
return output;↩
}↩
function fromBase64(input, useUrlTemplate = false, cutTailZeros = false) {↩
const template = (useUrlTemplate) ? base64UrlTemplate : base64Template;↩
function indexOf(toSearch) {↩
for (let i = 0; i < 64; i++) {↩
if (template.charAt(i) === toSearch)↩
return i;↩
}↩
return 64;↩
}↩
function test(incoming) {↩
return ((incoming === 64) ? 0x00 : incoming);↩
}↩
let i = 0;↩
let output = "";↩
while (i < input.length) {↩
const enc1 = indexOf(input.charAt(i++));↩
const enc2 = (i >= input.length) ? 0x00 : indexOf(input.charAt(i++));↩
const enc3 = (i >= input.length) ? 0x00 : indexOf(input.charAt(i++));↩
const enc4 = (i >= input.length) ? 0x00 : indexOf(input.charAt(i++));↩
const chr1 = (test(enc1) << 2) | (test(enc2) >> 4);↩
const chr2 = ((test(enc2) & 0x0F) << 4) | (test(enc3) >> 2);↩
const chr3 = ((test(enc3) & 0x03) << 6) | test(enc4);↩
output += String.fromCharCode(chr1);↩
if (enc3 !== 64) {↩
output += String.fromCharCode(chr2);↩
}↩
if (enc4 !== 64) {↩
output += String.fromCharCode(chr3);↩
}↩
}↩
if (cutTailZeros) {↩
const outputLength = output.length;↩
let nonZeroStart = (-1);↩
for (let i = (outputLength - 1); i >= 0; i--) {↩
if (output.charCodeAt(i) !== 0) {↩
nonZeroStart = i;↩
break;↩
}↩
}↩
if (nonZeroStart !== (-1)) {↩
output = output.slice(0, nonZeroStart + 1);↩
}↩
else {↩
output = "";↩
}↩
}↩
return output;↩
}↩
function arrayBufferToString(buffer) {↩
let resultString = "";↩
const view = new Uint8Array(buffer);↩
for (const element of view) {↩
resultString += String.fromCharCode(element);↩
}↩
return resultString;↩
}↩
function stringToArrayBuffer(str) {↩
const stringLength = str.length;↩
const resultBuffer = new ArrayBuffer(stringLength);↩
const resultView = new Uint8Array(resultBuffer);↩
for (let i = 0; i < stringLength; i++) {↩
resultView[i] = str.charCodeAt(i);↩
}↩
return resultBuffer;↩
}↩
const log2 = Math.log(2);↩
function nearestPowerOf2(length) {↩
const base = (Math.log(length) / log2);↩
const floor = Math.floor(base);↩
const round = Math.round(base);↩
return ((floor === round) ? floor : round);↩
}↩
function clearProps(object, propsArray) {↩
for (const prop of propsArray) {↩
delete object[prop];↩
}↩
}
/*!
* Copyright (c) 2014, GMO GlobalSign
* Copyright (c) 2015-2022, Peculiar Ventures
* All rights reserved.
*
* Author 2014-2019, Yury Strozhevsky
*
* Redistribution and use in source and binary forms, with or without modification,
* are permitted provided that the following conditions are met:
*
* * Redistributions of source code must retain the above copyright notice, this
* list of conditions and the following disclaimer.
*
* * Redistributions in binary form must reproduce the above copyright notice, this
* list of conditions and the following disclaimer in the documentation and/or
* other materials provided with the distribution.
*
* * Neither the name of the copyright holder nor the names of its
* contributors may be used to endorse or promote products derived from
* this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
* ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
* ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
function assertBigInt() {
if (typeof BigInt === "undefined") {
throw new Error("BigInt is not defined. Your environment doesn't implement BigInt.");
}
}
function concat(buffers) {
let outputLength = 0;
let prevLength = 0;
for (let i = 0; i < buffers.length; i++) {
const buffer = buffers[i];
outputLength += buffer.byteLength;
}
const retView = new Uint8Array(outputLength);
for (let i = 0; i < buffers.length; i++) {
const buffer = buffers[i];
retView.set(new Uint8Array(buffer), prevLength);
prevLength += buffer.byteLength;
}
return retView.buffer;
}
function checkBufferParams(baseBlock, inputBuffer, inputOffset, inputLength) {
if (!(inputBuffer instanceof Uint8Array)) {
baseBlock.error = "Wrong parameter: inputBuffer must be 'Uint8Array'";
return false;
}
if (!inputBuffer.byteLength) {
baseBlock.error = "Wrong parameter: inputBuffer has zero length";
return false;
}
if (inputOffset < 0) {
baseBlock.error = "Wrong parameter: inputOffset less than zero";
return false;
}
if (inputLength < 0) {
baseBlock.error = "Wrong parameter: inputLength less than zero";
return false;
}
if ((inputBuffer.byteLength - inputOffset - inputLength) < 0) {
baseBlock.error = "End of input reached before message was fully decoded (inconsistent offset and length values)";
return false;
}
return true;
}
class ViewWriter {
constructor() {
this.items = [];
}
write(buf) {
this.items.push(buf);
}
final() {
return concat(this.items);
}
}
const powers2 = [new Uint8Array([1])];
const digitsString = "0123456789";
const NAME = "name";
const VALUE_HEX_VIEW = "valueHexView";
const IS_HEX_ONLY = "isHexOnly";
const ID_BLOCK = "idBlock";
const TAG_CLASS = "tagClass";
const TAG_NUMBER = "tagNumber";
const IS_CONSTRUCTED = "isConstructed";
const FROM_BER = "fromBER";
const TO_BER = "toBER";
const LOCAL = "local";
const EMPTY_STRING$1 = "";
const EMPTY_BUFFER$1 = new ArrayBuffer(0);
const EMPTY_VIEW = new Uint8Array(0);
const END_OF_CONTENT_NAME = "EndOfContent";
const OCTET_STRING_NAME = "OCTET STRING";
const BIT_STRING_NAME = "BIT STRING";
function HexBlock(BaseClass) {
var _a;
return _a = class Some extends BaseClass {
get valueHex() {
return this.valueHexView.slice().buffer;
}
set valueHex(value) {
this.valueHexView = new Uint8Array(value);
}
constructor(...args) {
var _b;
super(...args);
const params = args[0] || {};
this.isHexOnly = (_b = params.isHexOnly) !== null && _b !== void 0 ? _b : false;
this.valueHexView = params.valueHex ? BufferSourceConverter.toUint8Array(params.valueHex) : EMPTY_VIEW;
}
fromBER(inputBuffer, inputOffset, inputLength) {
const view = inputBuffer instanceof ArrayBuffer ? new Uint8Array(inputBuffer) : inputBuffer;
if (!checkBufferParams(this, view, inputOffset, inputLength)) {
return -1;
}
const endLength = inputOffset + inputLength;
this.valueHexView = view.subarray(inputOffset, endLength);
if (!this.valueHexView.length) {
this.warnings.push("Zero buffer length");
return inputOffset;
}
this.blockLength = inputLength;
return endLength;
}
toBER(sizeOnly = false) {
if (!this.isHexOnly) {
this.error = "Flag 'isHexOnly' is not set, abort";
return EMPTY_BUFFER$1;
}
if (sizeOnly) {
return new ArrayBuffer(this.valueHexView.byteLength);
}
return (this.valueHexView.byteLength === this.valueHexView.buffer.byteLength)
? this.valueHexView.buffer
: this.valueHexView.slice().buffer;
}
toJSON() {
return {
...super.toJSON(),
isHexOnly: this.isHexOnly,
valueHex: Convert.ToHex(this.valueHexView),
};
}
},
_a.NAME = "hexBlock",
_a;
}
class LocalBaseBlock {
static blockName() {
return this.NAME;
}
get valueBeforeDecode() {
return this.valueBeforeDecodeView.slice().buffer;
}
set valueBeforeDecode(value) {
this.valueBeforeDecodeView = new Uint8Array(value);
}
constructor({ blockLength = 0, error = EMPTY_STRING$1, warnings = [], valueBeforeDecode = EMPTY_VIEW, } = {}) {
this.blockLength = blockLength;
this.error = error;
this.warnings = warnings;
this.valueBeforeDecodeView = BufferSourceConverter.toUint8Array(valueBeforeDecode);
}
toJSON() {
return {
blockName: this.constructor.NAME,
blockLength: this.blockLength,
error: this.error,
warnings: this.warnings,
valueBeforeDecode: Convert.ToHex(this.valueBeforeDecodeView),
};
}
}
LocalBaseBlock.NAME = "baseBlock";
class ValueBlock extends LocalBaseBlock {
fromBER(_inputBuffer, _inputOffset, _inputLength) {
throw TypeError("User need to make a specific function in a class which extends 'ValueBlock'");
}
toBER(_sizeOnly, _writer) {
throw TypeError("User need to make a specific function in a class which extends 'ValueBlock'");
}
}
ValueBlock.NAME = "valueBlock";
class LocalIdentificationBlock extends HexBlock(LocalBaseBlock) {
constructor({ idBlock = {} } = {}) {
var _a, _b, _c, _d;
super();
if (idBlock) {
this.isHexOnly = (_a = idBlock.isHexOnly) !== null && _a !== void 0 ? _a : false;
this.valueHexView = idBlock.valueHex
? BufferSourceConverter.toUint8Array(idBlock.valueHex)
: EMPTY_VIEW;
this.tagClass = (_b = idBlock.tagClass) !== null && _b !== void 0 ? _b : -1;
this.tagNumber = (_c = idBlock.tagNumber) !== null && _c !== void 0 ? _c : -1;
this.isConstructed = (_d = idBlock.isConstructed) !== null && _d !== void 0 ? _d : false;
}
else {
this.tagClass = -1;
this.tagNumber = -1;
this.isConstructed = false;
}
}
toBER(sizeOnly = false) {
let firstOctet = 0;
switch (this.tagClass) {
case 1:
firstOctet |= 0x00;
break;
case 2:
firstOctet |= 0x40;
break;
case 3:
firstOctet |= 0x80;
break;
case 4:
firstOctet |= 0xC0;
break;
default:
this.error = "Unknown tag class";
return EMPTY_BUFFER$1;
}
if (this.isConstructed)
firstOctet |= 0x20;
if (this.tagNumber < 31 && !this.isHexOnly) {
const retView = new Uint8Array(1);
if (!sizeOnly) {
let number = this.tagNumber;
number &= 0x1F;
firstOctet |= number;
retView[0] = firstOctet;
}
return retView.buffer;
}
if (!this.isHexOnly) {
const encodedBuf = utilToBase(this.tagNumber, 7);
const encodedView = new Uint8Array(encodedBuf);
const size = encodedBuf.byteLength;
const retView = new Uint8Array(size + 1);
retView[0] = (firstOctet | 0x1F);
if (!sizeOnly) {
for (let i = 0; i < (size - 1); i++)
retView[i + 1] = encodedView[i] | 0x80;
retView[size] = encodedView[size - 1];
}
return retView.buffer;
}
const retView = new Uint8Array(this.valueHexView.byteLength + 1);
retView[0] = (firstOctet | 0x1F);
if (!sizeOnly) {
const curView = this.valueHexView;
for (let i = 0; i < (curView.length - 1); i++)
retView[i + 1] = curView[i] | 0x80;
retView[this.valueHexView.byteLength] = curView[curView.length - 1];
}
return retView.buffer;
}
fromBER(inputBuffer, inputOffset, inputLength) {
const inputView = BufferSourceConverter.toUint8Array(inputBuffer);
if (!checkBufferParams(this, inputView, inputOffset, inputLength)) {
return -1;
}
const intBuffer = inputView.subarray(inputOffset, inputOffset + inputLength);
if (intBuffer.length === 0) {
this.error = "Zero buffer length";
return -1;
}
const tagClassMask = intBuffer[0] & 0xC0;
switch (tagClassMask) {
case 0x00:
this.tagClass = (1);
break;
case 0x40:
this.tagClass = (2);
break;
case 0x80:
this.tagClass = (3);
break;
case 0xC0:
this.tagClass = (4);
break;
default:
this.error = "Unknown tag class";
return -1;
}
this.isConstructed = (intBuffer[0] & 0x20) === 0x20;
this.isHexOnly = false;
const tagNumberMask = intBuffer[0] & 0x1F;
if (tagNumberMask !== 0x1F) {
this.tagNumber = (tagNumberMask);
this.blockLength = 1;
}
else {
let count = 1;
let intTagNumberBuffer = this.valueHexView = new Uint8Array(255);
let tagNumberBufferMaxLength = 255;
while (intBuffer[count] & 0x80) {
intTagNumberBuffer[count - 1] = intBuffer[count] & 0x7F;
count++;
if (count >= intBuffer.length) {
this.error = "End of input reached before message was fully decoded";
return -1;
}
if (count === tagNumberBufferMaxLength) {
tagNumberBufferMaxLength += 255;
const tempBufferView = new Uint8Array(tagNumberBufferMaxLength);
for (let i = 0; i < intTagNumberBuffer.length; i++)
tempBufferView[i] = intTagNumberBuffer[i];
intTagNumberBuffer = this.valueHexView = new Uint8Array(tagNumberBufferMaxLength);
}
}
this.blockLength = (count + 1);
intTagNumberBuffer[count - 1] = intBuffer[count] & 0x7F;
const tempBufferView = new Uint8Array(count);
for (let i = 0; i < count; i++)
tempBufferView[i] = intTagNumberBuffer[i];
intTagNumberBuffer = this.valueHexView = new Uint8Array(count);
intTagNumberBuffer.set(tempBufferView);
if (this.blockLength <= 9)
this.tagNumber = utilFromBase(intTagNumberBuffer, 7);
else {
this.isHexOnly = true;
this.warnings.push("Tag too long, represented as hex-coded");
}
}
if (((this.tagClass === 1))
&& (this.isConstructed)) {
switch (this.tagNumber) {
case 1:
case 2:
case 5:
case 6:
case 9:
case 13:
case 14:
case 23:
case 24:
case 31:
case 32:
case 33:
case 34:
this.error = "Constructed encoding used for primitive type";
return -1;
}
}
return (inputOffset + this.blockLength);
}
toJSON() {
return {
...super.toJSON(),
tagClass: this.tagClass,
tagNumber: this.tagNumber,
isConstructed: this.isConstructed,
};
}
}
LocalIdentificationBlock.NAME = "identificationBlock";
class LocalLengthBlock extends LocalBaseBlock {
constructor({ lenBlock = {} } = {}) {
var _a, _b, _c;
super();
this.isIndefiniteForm = (_a = lenBlock.isIndefiniteForm) !== null && _a !== void 0 ? _a : false;
this.longFormUsed = (_b = lenBlock.longFormUsed) !== null && _b !== void 0 ? _b : false;
this.length = (_c = lenBlock.length) !== null && _c !== void 0 ? _c : 0;
}
fromBER(inputBuffer, inputOffset, inputLength) {
const view = BufferSourceConverter.toUint8Array(inputBuffer);
if (!checkBufferParams(this, view, inputOffset, inputLength)) {
return -1;
}
const intBuffer = view.subarray(inputOffset, inputOffset + inputLength);
if (intBuffer.length === 0) {
this.error = "Zero buffer length";
return -1;
}
if (intBuffer[0] === 0xFF) {
this.error = "Length block 0xFF is reserved by standard";
return -1;
}
this.isIndefiniteForm = intBuffer[0] === 0x80;
if (this.isIndefiniteForm) {
this.blockLength = 1;
return (inputOffset + this.blockLength);
}
this.longFormUsed = !!(intBuffer[0] & 0x80);
if (this.longFormUsed === false) {
this.length = (intBuffer[0]);
this.blockLength = 1;
return (inputOffset + this.blockLength);
}
const count = intBuffer[0] & 0x7F;
if (count > 8) {
this.error = "Too big integer";
return -1;
}
if ((count + 1) > intBuffer.length) {
this.error = "End of input reached before message was fully decoded";
return -1;
}
const lenOffset = inputOffset + 1;
const lengthBufferView = view.subarray(lenOffset, lenOffset + count);
if (lengthBufferView[count - 1] === 0x00)
this.warnings.push("Needlessly long encoded length");
this.length = utilFromBase(lengthBufferView, 8);
if (this.longFormUsed && (this.length <= 127))
this.warnings.push("Unnecessary usage of long length form");
this.blockLength = count + 1;
return (inputOffset + this.blockLength);
}
toBER(sizeOnly = false) {
let retBuf;
let retView;
if (this.length > 127)
this.longFormUsed = true;
if (this.isIndefiniteForm) {
retBuf = new ArrayBuffer(1);
if (sizeOnly === false) {
retView = new Uint8Array(retBuf);
retView[0] = 0x80;
}
return retBuf;
}
if (this.longFormUsed) {
const encodedBuf = utilToBase(this.length, 8);
if (encodedBuf.byteLength > 127) {
this.error = "Too big length";
return (EMPTY_BUFFER$1);
}
retBuf = new ArrayBuffer(encodedBuf.byteLength + 1);
if (sizeOnly)
return retBuf;
const encodedView = new Uint8Array(encodedBuf);
retView = new Uint8Array(retBuf);
retView[0] = encodedBuf.byteLength | 0x80;
for (let i = 0; i < encodedBuf.byteLength; i++)
retView[i + 1] = encodedView[i];
return retBuf;
}
retBuf = new ArrayBuffer(1);
if (sizeOnly === false) {
retView = new Uint8Array(retBuf);
retView[0] = this.length;
}
return retBuf;
}
toJSON() {
return {
...super.toJSON(),
isIndefiniteForm: this.isIndefiniteForm,
longFormUsed: this.longFormUsed,
length: this.length,
};
}
}
LocalLengthBlock.NAME = "lengthBlock";
const typeStore = {};
class BaseBlock extends LocalBaseBlock {
constructor({ name = EMPTY_STRING$1, optional = false, primitiveSchema, ...parameters } = {}, valueBlockType) {
super(parameters);
this.name = name;
this.optional = optional;
if (primitiveSchema) {
this.primitiveSchema = primitiveSchema;
}
this.idBlock = new LocalIdentificationBlock(parameters);
this.lenBlock = new LocalLengthBlock(parameters);
this.valueBlock = valueBlockType ? new valueBlockType(parameters) : new ValueBlock(parameters);
}
fromBER(inputBuffer, inputOffset, inputLength) {
const resultOffset = this.valueBlock.fromBER(inputBuffer, inputOffset, (this.lenBlock.isIndefiniteForm)
? inputLength
: this.lenBlock.length);
if (resultOffset === -1) {
this.error = this.valueBlock.error;
return resultOffset;
}
if (!this.idBlock.error.length)
this.blockLength += this.idBlock.blockLength;
if (!this.lenBlock.error.length)
this.blockLength += this.lenBlock.blockLength;
if (!this.valueBlock.error.length)
this.blockLength += this.valueBlock.blockLength;
return resultOffset;
}
toBER(sizeOnly, writer) {
const _writer = writer || new ViewWriter();
if (!writer) {
prepareIndefiniteForm(this);
}
const idBlockBuf = this.idBlock.toBER(sizeOnly);
_writer.write(idBlockBuf);
if (this.lenBlock.isIndefiniteForm) {
_writer.write(new Uint8Array([0x80]).buffer);
this.valueBlock.toBER(sizeOnly, _writer);
_writer.write(new ArrayBuffer(2));
}
else {
const valueBlockBuf = this.valueBlock.toBER(sizeOnly);
this.lenBlock.length = valueBlockBuf.byteLength;
const lenBlockBuf = this.lenBlock.toBER(sizeOnly);
_writer.write(lenBlockBuf);
_writer.write(valueBlockBuf);
}
if (!writer) {
return _writer.final();
}
return EMPTY_BUFFER$1;
}
toJSON() {
const object = {
...super.toJSON(),
idBlock: this.idBlock.toJSON(),
lenBlock: this.lenBlock.toJSON(),
valueBlock: this.valueBlock.toJSON(),
name: this.name,
optional: this.optional,
};
if (this.primitiveSchema)
object.primitiveSchema = this.primitiveSchema.toJSON();
return object;
}
toString(encoding = "ascii") {
if (encoding === "ascii") {
return this.onAsciiEncoding();
}
return Convert.ToHex(this.toBER());
}
onAsciiEncoding() {
const name = this.constructor.NAME;
const value = Convert.ToHex(this.valueBlock.valueBeforeDecodeView);
return `${name} : ${value}`;
}
isEqual(other) {
if (this === other) {
return true;
}
if (!(other instanceof this.constructor)) {
return false;
}
const thisRaw = this.toBER();
const otherRaw = other.toBER();
return isEqualBuffer(thisRaw, otherRaw);
}
}
BaseBlock.NAME = "BaseBlock";
function prepareIndefiniteForm(baseBlock) {
var _a;
if (baseBlock instanceof typeStore.Constructed) {
for (const value of baseBlock.valueBlock.value) {
if (prepareIndefiniteForm(value)) {
baseBlock.lenBlock.isIndefiniteForm = true;
}
}
}
return !!((_a = baseBlock.lenBlock) === null || _a === void 0 ? void 0 : _a.isIndefiniteForm);
}
class BaseStringBlock extends BaseBlock {
getValue() {
return this.valueBlock.value;
}
setValue(value) {
this.valueBlock.value = value;
}
constructor({ value = EMPTY_STRING$1, ...parameters } = {}, stringValueBlockType) {
super(parameters, stringValueBlockType);
if (value) {
this.fromString(value);
}
}
fromBER(inputBuffer, inputOffset, inputLength) {
const resultOffset = this.valueBlock.fromBER(inputBuffer, inputOffset, (this.lenBlock.isIndefiniteForm)
? inputLength
: this.lenBlock.length);
if (resultOffset === -1) {
this.error = this.valueBlock.error;
return resultOffset;
}
this.fromBuffer(this.valueBlock.valueHexView);
if (!this.idBlock.error.length)
this.blockLength += this.idBlock.blockLength;
if (!this.lenBlock.error.length)
this.blockLength += this.lenBlock.blockLength;
if (!this.valueBlock.error.length)
this.blockLength += this.valueBlock.blockLength;
return resultOffset;
}
onAsciiEncoding() {
return `${this.constructor.NAME} : '${this.valueBlock.value}'`;
}
}
BaseStringBlock.NAME = "BaseStringBlock";
class LocalPrimitiveValueBlock extends HexBlock(ValueBlock) {
constructor({ isHexOnly = true, ...parameters } = {}) {
super(parameters);
this.isHexOnly = isHexOnly;
}
}
LocalPrimitiveValueBlock.NAME = "PrimitiveValueBlock";
var _a$w;
class Primitive extends BaseBlock {
constructor(parameters = {}) {
super(parameters, LocalPrimitiveValueBlock);
this.idBlock.isConstructed = false;
}
}
_a$w = Primitive;
(() => {
typeStore.Primitive = _a$w;
})();
Primitive.NAME = "PRIMITIVE";
function localChangeType(inputObject, newType) {
if (inputObject instanceof newType) {
return inputObject;
}
const newObject = new newType();
newObject.idBlock = inputObject.idBlock;
newObject.lenBlock = inputObject.lenBlock;
newObject.warnings = inputObject.warnings;
newObject.valueBeforeDecodeView = inputObject.valueBeforeDecodeView;
return newObject;
}
function localFromBER(inputBuffer, inputOffset = 0, inputLength = inputBuffer.length) {
const incomingOffset = inputOffset;
let returnObject = new BaseBlock({}, ValueBlock);
const baseBlock = new LocalBaseBlock();
if (!checkBufferParams(baseBlock, inputBuffer, inputOffset, inputLength)) {
returnObject.error = baseBlock.error;
return {
offset: -1,
result: returnObject,
};
}
const intBuffer = inputBuffer.subarray(inputOffset, inputOffset + inputLength);
if (!intBuffer.length) {
returnObject.error = "Zero buffer length";
return {
offset: -1,
result: returnObject,
};
}
let resultOffset = returnObject.idBlock.fromBER(inputBuffer, inputOffset, inputLength);
if (returnObject.idBlock.warnings.length) {
returnObject.warnings.concat(returnObject.idBlock.warnings);
}
if (resultOffset === -1) {
returnObject.error = returnObject.idBlock.error;
return {
offset: -1,
result: returnObject,
};
}
inputOffset = resultOffset;
inputLength -= returnObject.idBlock.blockLength;
resultOffset = returnObject.lenBlock.fromBER(inputBuffer, inputOffset, inputLength);
if (returnObject.lenBlock.warnings.length) {
returnObject.warnings.concat(returnObject.lenBlock.warnings);
}
if (resultOffset === -1) {
returnObject.error = returnObject.lenBlock.error;
return {
offset: -1,
result: returnObject,
};
}
inputOffset = resultOffset;
inputLength -= returnObject.lenBlock.blockLength;
if (!returnObject.idBlock.isConstructed
&& returnObject.lenBlock.isIndefiniteForm) {
returnObject.error = "Indefinite length form used for primitive encoding form";
return {
offset: -1,
result: returnObject,
};
}
let newASN1Type = BaseBlock;
switch (returnObject.idBlock.tagClass) {
case 1:
if ((returnObject.idBlock.tagNumber >= 37)
&& (returnObject.idBlock.isHexOnly === false)) {
returnObject.error = "UNIVERSAL 37 and upper tags are reserved by ASN.1 standard";
return {
offset: -1,
result: returnObject,
};
}
switch (returnObject.idBlock.tagNumber) {
case 0:
if ((returnObject.idBlock.isConstructed)
&& (returnObject.lenBlock.length > 0)) {
returnObject.error = "Type [UNIVERSAL 0] is reserved";
return {
offset: -1,
result: returnObject,
};
}
newASN1Type = typeStore.EndOfContent;
break;
case 1:
newASN1Type = typeStore.Boolean;
break;
case 2:
newASN1Type = typeStore.Integer;
break;
case 3:
newASN1Type = typeStore.BitString;
break;
case 4:
newASN1Type = typeStore.OctetString;
break;
case 5:
newASN1Type = typeStore.Null;
break;
case 6:
newASN1Type = typeStore.ObjectIdentifier;
break;
case 10:
newASN1Type = typeStore.Enumerated;
break;
case 12:
newASN1Type = typeStore.Utf8String;
break;
case 13:
newASN1Type = typeStore.RelativeObjectIdentifier;
break;
case 14:
newASN1Type = typeStore.TIME;
break;
case 15:
returnObject.error = "[UNIVERSAL 15] is reserved by ASN.1 standard";
return {
offset: -1,
result: returnObject,
};
case 16:
newASN1Type = typeStore.Sequence;
break;
case 17:
newASN1Type = typeStore.Set;
break;
case 18:
newASN1Type = typeStore.NumericString;
break;
case 19:
newASN1Type = typeStore.PrintableString;
break;
case 20:
newASN1Type = typeStore.TeletexString;
break;
case 21:
newASN1Type = typeStore.VideotexString;
break;
case 22:
newASN1Type = typeStore.IA5String;
break;
case 23:
newASN1Type = typeStore.UTCTime;
break;
case 24:
newASN1Type = typeStore.GeneralizedTime;
break;
case 25:
newASN1Type = typeStore.GraphicString;
break;
case 26:
newASN1Type = typeStore.VisibleString;
break;
case 27:
newASN1Type = typeStore.GeneralString;
break;
case 28:
newASN1Type = typeStore.UniversalString;
break;
case 29:
newASN1Type = typeStore.CharacterString;
break;
case 30:
newASN1Type = typeStore.BmpString;
break;
case 31:
newASN1Type = typeStore.DATE;
break;
case 32:
newASN1Type = typeStore.TimeOfDay;
break;
case 33:
newASN1Type = typeStore.DateTime;
break;
case 34:
newASN1Type = typeStore.Duration;
break;
default: {
const newObject = returnObject.idBlock.isConstructed
? new typeStore.Constructed()
: new typeStore.Primitive();
newObject.idBlock = returnObject.idBlock;
newObject.lenBlock = returnObject.lenBlock;
newObject.warnings = returnObject.warnings;
returnObject = newObject;
}
}
break;
case 2:
case 3:
case 4:
default: {
newASN1Type = returnObject.idBlock.isConstructed
? typeStore.Constructed
: typeStore.Primitive;
}
}
returnObject = localChangeType(returnObject, newASN1Type);
resultOffset = returnObject.fromBER(inputBuffer, inputOffset, returnObject.lenBlock.isIndefiniteForm ? inputLength : returnObject.lenBlock.length);
returnObject.valueBeforeDecodeView = inputBuffer.subarray(incomingOffset, incomingOffset + returnObject.blockLength);
return {
offset: resultOffset,
result: returnObject,
};
}
function fromBER(inputBuffer) {
if (!inputBuffer.byteLength) {
const result = new BaseBlock({}, ValueBlock);
result.error = "Input buffer has zero length";
return {
offset: -1,
result,
};
}
return localFromBER(BufferSourceConverter.toUint8Array(inputBuffer).slice(), 0, inputBuffer.byteLength);
}
function checkLen(indefiniteLength, length) {
if (indefiniteLength) {
return 1;
}
return length;
}
class LocalConstructedValueBlock extends ValueBlock {
constructor({ value = [], isIndefiniteForm = false, ...parameters } = {}) {
super(parameters);
this.value = value;
this.isIndefiniteForm = isIndefiniteForm;
}
fromBER(inputBuffer, inputOffset, inputLength) {
const view = BufferSourceConverter.toUint8Array(inputBuffer);
if (!checkBufferParams(this, view, inputOffset, inputLength)) {
return -1;
}
this.valueBeforeDecodeView = view.subarray(inputOffset, inputOffset + inputLength);
if (this.valueBeforeDecodeView.length === 0) {
this.warnings.push("Zero buffer length");
return inputOffset;
}
let currentOffset = inputOffset;
while (checkLen(this.isIndefiniteForm, inputLength) > 0) {
const returnObject = localFromBER(view, currentOffset, inputLength);
if (returnObject.offset === -1) {
this.error = returnObject.result.error;
this.warnings.concat(returnObject.result.warnings);
return -1;
}
currentOffset = returnObject.offset;
this.blockLength += returnObject.result.blockLength;
inputLength -= returnObject.result.blockLength;
this.value.push(returnObject.result);
if (this.isIndefiniteForm && returnObject.result.constructor.NAME === END_OF_CONTENT_NAME) {
break;
}
}
if (this.isIndefiniteForm) {
if (this.value[this.value.length - 1].constructor.NAME === END_OF_CONTENT_NAME) {
this.value.pop();
}
else {
this.warnings.push("No EndOfContent block encoded");
}
}
return currentOffset;
}
toBER(sizeOnly, writer) {
const _writer = writer || new ViewWriter();
for (let i = 0; i < this.value.length; i++) {
this.value[i].toBER(sizeOnly, _writer);
}
if (!writer) {
return _writer.final();
}
return EMPTY_BUFFER$1;
}
toJSON() {
const object = {
...super.toJSON(),
isIndefiniteForm: this.isIndefiniteForm,
value: [],
};
for (const value of this.value) {
object.value.push(value.toJSON());
}
return object;
}
}
LocalConstructedValueBlock.NAME = "ConstructedValueBlock";
var _a$v;
class Constructed extends BaseBlock {
constructor(parameters = {}) {
super(parameters, LocalConstructedValueBlock);
this.idBlock.isConstructed = true;
}
fromBER(inputBuffer, inputOffset, inputLength) {
this.valueBlock.isIndefiniteForm = this.lenBlock.isIndefiniteForm;
const resultOffset = this.valueBlock.fromBER(inputBuffer, inputOffset, (this.lenBlock.isIndefiniteForm) ? inputLength : this.lenBlock.length);
if (resultOffset === -1) {
this.error = this.valueBlock.error;
return resultOffset;
}
if (!this.idBlock.error.length)
this.blockLength += this.idBlock.blockLength;
if (!this.lenBlock.error.length)
this.blockLength += this.lenBlock.blockLength;
if (!this.valueBlock.error.length)
this.blockLength += this.valueBlock.blockLength;
return resultOffset;
}
onAsciiEncoding() {
const values = [];
for (const value of this.valueBlock.value) {
values.push(value.toString("ascii").split("\n").map((o) => ` ${o}`).join("\n"));
}
const blockName = this.idBlock.tagClass === 3
? `[${this.idBlock.tagNumber}]`
: this.constructor.NAME;
return values.length
? `${blockName} :\n${values.join("\n")}`
: `${blockName} :`;
}
}
_a$v = Constructed;
(() => {
typeStore.Constructed = _a$v;
})();
Constructed.NAME = "CONSTRUCTED";
class LocalEndOfContentValueBlock extends ValueBlock {
fromBER(inputBuffer, inputOffset, _inputLength) {
return inputOffset;
}
toBER(_sizeOnly) {
return EMPTY_BUFFER$1;
}
}
LocalEndOfContentValueBlock.override = "EndOfContentValueBlock";
var _a$u;
class EndOfContent extends BaseBlock {
constructor(parameters = {}) {
super(parameters, LocalEndOfContentValueBlock);
this.idBlock.tagClass = 1;
this.idBlock.tagNumber = 0;
}
}
_a$u = EndOfContent;
(() => {
typeStore.EndOfContent = _a$u;
})();
EndOfContent.NAME = END_OF_CONTENT_NAME;
var _a$t;
class Null extends BaseBlock {
constructor(parameters = {}) {
super(parameters, ValueBlock);
this.idBlock.tagClass = 1;
this.idBlock.tagNumber = 5;
}
fromBER(inputBuffer, inputOffset, inputLength) {
if (this.lenBlock.length > 0)
this.warnings.push("Non-zero length of value block for Null type");
if (!this.idBlock.error.length)
this.blockLength += this.idBlock.blockLength;
if (!this.lenBlock.error.length)
this.blockLength += this.lenBlock.blockLength;
this.blockLength += inputLength;
if ((inputOffset + inputLength) > inputBuffer.byteLength) {
this.error = "End of input reached before message was fully decoded (inconsistent offset and length values)";
return -1;
}
return (inputOffset + inputLength);
}
toBER(sizeOnly, writer) {
const retBuf = new ArrayBuffer(2);
if (!sizeOnly) {
const retView = new Uint8Array(retBuf);
retView[0] = 0x05;
retView[1] = 0x00;
}
if (writer) {
writer.write(retBuf);
}
return retBuf;
}
onAsciiEncoding() {
return `${this.constructor.NAME}`;
}
}
_a$t = Null;
(() => {
typeStore.Null = _a$t;
})();
Null.NAME = "NULL";
class LocalBooleanValueBlock extends HexBlock(ValueBlock) {
get value() {
for (const octet of this.valueHexView) {
if (octet > 0) {
return true;
}
}
return false;
}
set value(value) {
this.valueHexView[0] = value ? 0xFF : 0x00;
}
constructor({ value, ...parameters } = {}) {
super(parameters);
if (parameters.valueHex) {
this.valueHexView = BufferSourceConverter.toUint8Array(parameters.valueHex);
}
else {
this.valueHexView = new Uint8Array(1);
}
if (value) {
this.value = value;
}
}
fromBER(inputBuffer, inputOffset, inputLength) {
const inputView = BufferSourceConverter.toUint8Array(inputBuffer);
if (!checkBufferParams(this, inputView, inputOffset, inputLength)) {
return -1;
}
this.valueHexView = inputView.subarray(inputOffset, inputOffset + inputLength);
if (inputLength > 1)
this.warnings.push("Boolean value encoded in more then 1 octet");
this.isHexOnly = true;
utilDecodeTC.call(this);
this.blockLength = inputLength;
return (inputOffset + inputLength);
}
toBER() {
return this.valueHexView.slice();
}
toJSON() {
return {
...super.toJSON(),
value: this.value,
};
}
}
LocalBooleanValueBlock.NAME = "BooleanValueBlock";
var _a$s;
class Boolean extends BaseBlock {
getValue() {
return this.valueBlock.value;
}
setValue(value) {
this.valueBlock.value = value;
}
constructor(parameters = {}) {
super(parameters, LocalBooleanValueBlock);
this.idBlock.tagClass = 1;
this.idBlock.tagNumber = 1;
}
onAsciiEncoding() {
return `${this.constructor.NAME} : ${this.getValue}`;
}
}
_a$s = Boolean;
(() => {
typeStore.Boolean = _a$s;
})();
Boolean.NAME = "BOOLEAN";
class LocalOctetStringValueBlock extends HexBlock(LocalConstructedValueBlock) {
constructor({ isConstructed = false, ...parameters } = {}) {
super(parameters);
this.isConstructed = isConstructed;
}
fromBER(inputBuffer, inputOffset, inputLength) {
let resultOffset = 0;
if (this.isConstructed) {
this.isHexOnly = false;
resultOffset = LocalConstructedValueBlock.prototype.fromBER.call(this, inputBuffer, inputOffset, inputLength);
if (resultOffset === -1)
return resultOffset;
for (let i = 0; i < this.value.length; i++) {
const currentBlockName = this.value[i].constructor.NAME;
if (currentBlockName === END_OF_CONTENT_NAME) {
if (this.isIndefiniteForm)
break;
else {
this.error = "EndOfContent is unexpected, OCTET STRING may consists of OCTET STRINGs only";
return -1;
}
}
if (currentBlockName !== OCTET_STRING_NAME) {
this.error = "OCTET STRING may consists of OCTET STRINGs only";
return -1;
}
}
}
else {
this.isHexOnly = true;
resultOffset = super.fromBER(inputBuffer, inputOffset, inputLength);
this.blockLength = inputLength;
}
return resultOffset;
}
toBER(sizeOnly, writer) {
if (this.isConstructed)
return LocalConstructedValueBlock.prototype.toBER.call(this, sizeOnly, writer);
return sizeOnly
? new ArrayBuffer(this.valueHexView.byteLength)
: this.valueHexView.slice().buffer;
}
toJSON() {
return {
...super.toJSON(),
isConstructed: this.isConstructed,
};
}
}
LocalOctetStringValueBlock.NAME = "OctetStringValueBlock";
var _a$r;
class OctetString extends BaseBlock {
constructor({ idBlock = {}, lenBlock = {}, ...parameters } = {}) {
var _b, _c;
(_b = parameters.isConstructed) !== null && _b !== void 0 ? _b : (parameters.isConstructed = !!((_c = parameters.value) === null || _c === void 0 ? void 0 : _c.length));
super({
idBlock: {
isConstructed: parameters.isConstructed,
...idBlock,
},
lenBlock: {
...lenBlock,
isIndefiniteForm: !!parameters.isIndefiniteForm,
},
...parameters,
}, LocalOctetStringValueBlock);
this.idBlock.tagClass = 1;
this.idBlock.tagNumber = 4;
}
fromBER(inputBuffer, inputOffset, inputLength) {
this.valueBlock.isConstructed = this.idBlock.isConstructed;
this.valueBlock.isIndefiniteForm = this.lenBlock.isIndefiniteForm;
if (inputLength === 0) {
if (this.idBlock.error.length === 0)
this.blockLength += this.idBlock.blockLength;
if (this.lenBlock.error.length === 0)
this.blockLength += this.lenBlock.blockLength;
return inputOffset;
}
if (!this.valueBlock.isConstructed) {
const view = inputBuffer instanceof ArrayBuffer ? new Uint8Array(inputBuffer) : inputBuffer;
const buf = view.subarray(inputOffset, inputOffset + inputLength);
try {
if (buf.byteLength) {
const asn = localFromBER(buf, 0, buf.byteLength);
if (asn.offset !== -1 && asn.offset === inputLength) {
this.valueBlock.value = [asn.result];
}
}
}
catch {
}
}
return super.fromBER(inputBuffer, inputOffset, inputLength);
}
onAsciiEncoding() {
if (this.valueBlock.isConstructed || (this.valueBlock.value && this.valueBlock.value.length)) {
return Constructed.prototype.onAsciiEncoding.call(this);
}
const name = this.constructor.NAME;
const value = Convert.ToHex(this.valueBlock.valueHexView);
return `${name} : ${value}`;
}
getValue() {
if (!this.idBlock.isConstructed) {
return this.valueBlock.valueHexView.slice().buffer;
}
const array = [];
for (const content of this.valueBlock.value) {
if (content instanceof _a$r) {
array.push(content.valueBlock.valueHexView);
}
}
return BufferSourceConverter.concat(array);
}
}
_a$r = OctetString;
(() => {
typeStore.OctetString = _a$r;
})();
OctetString.NAME = OCTET_STRING_NAME;
class LocalBitStringValueBlock extends HexBlock(LocalConstructedValueBlock) {
constructor({ unusedBits = 0, isConstructed = false, ...parameters } = {}) {
super(parameters);
this.unusedBits = unusedBits;
this.isConstructed = isConstructed;
this.blockLength = this.valueHexView.byteLength;
}
fromBER(inputBuffer, inputOffset, inputLength) {
if (!inputLength) {
return inputOffset;
}
let resultOffset = -1;
if (this.isConstructed) {
resultOffset = LocalConstructedValueBlock.prototype.fromBER.call(this, inputBuffer, inputOffset, inputLength);
if (resultOffset === -1)
return resultOffset;
for (const value of this.value) {
const currentBlockName = value.constructor.NAME;
if (currentBlockName === END_OF_CONTENT_NAME) {
if (this.isIndefiniteForm)
break;
else {
this.error = "EndOfContent is unexpected, BIT STRING may consists of BIT STRINGs only";
return -1;
}
}
if (currentBlockName !== BIT_STRING_NAME) {
this.error = "BIT STRING may consists of BIT STRINGs only";
return -1;
}
const valueBlock = value.valueBlock;
if ((this.unusedBits > 0) && (valueBlock.unusedBits > 0)) {
this.error = "Using of \"unused bits\" inside constructive BIT STRING allowed for least one only";
return -1;
}
this.unusedBits = valueBlock.unusedBits;
}
return resultOffset;
}
const inputView = BufferSourceConverter.toUint8Array(inputBuffer);
if (!checkBufferParams(this, inputView, inputOffset, inputLength)) {
return -1;
}
const intBuffer = inputView.subarray(inputOffset, inputOffset + inputLength);
this.unusedBits = intBuffer[0];
if (this.unusedBits > 7) {
this.error = "Unused bits for BitString must be in range 0-7";
return -1;
}
if (!this.unusedBits) {
const buf = intBuffer.subarray(1);
try {
if (buf.byteLength) {
const asn = localFromBER(buf, 0, buf.byteLength);
if (asn.offset !== -1 && asn.offset === (inputLength - 1)) {
this.value = [asn.result];
}
}
}
catch {
}
}
this.valueHexView = intBuffer.subarray(1);
this.blockLength = intBuffer.length;
return (inputOffset + inputLength);
}
toBER(sizeOnly, writer) {
if (this.isConstructed) {
return LocalConstructedValueBlock.prototype.toBER.call(this, sizeOnly, writer);
}
if (sizeOnly) {
return new ArrayBuffer(this.valueHexView.byteLength + 1);
}
if (!this.valueHexView.byteLength) {
return EMPTY_BUFFER$1;
}
const retView = new Uint8Array(this.valueHexView.length + 1);
retView[0] = this.unusedBits;
retView.set(this.valueHexView, 1);
return retView.buffer;
}
toJSON() {
return {
...super.toJSON(),
unusedBits: this.unusedBits,
isConstructed: this.isConstructed,
};
}
}
LocalBitStringValueBlock.NAME = "BitStringValueBlock";
var _a$q;
class BitString extends BaseBlock {
constructor({ idBlock = {}, lenBlock = {}, ...parameters } = {}) {
var _b, _c;
(_b = parameters.isConstructed) !== null && _b !== void 0 ? _b : (parameters.isConstructed = !!((_c = parameters.value) === null || _c === void 0 ? void 0 : _c.length));
super({
idBlock: {
isConstructed: parameters.isConstructed,
...idBlock,
},
lenBlock: {
...lenBlock,
isIndefiniteForm: !!parameters.isIndefiniteForm,
},
...parameters,
}, LocalBitStringValueBlock);
this.idBlock.tagClass = 1;
this.idBlock.tagNumber = 3;
}
fromBER(inputBuffer, inputOffset, inputLength) {
this.valueBlock.isConstructed = this.idBlock.isConstructed;
this.valueBlock.isIndefiniteForm = this.lenBlock.isIndefiniteForm;
return super.fromBER(inputBuffer, inputOffset, inputLength);
}
onAsciiEncoding() {
if (this.valueBlock.isConstructed || (this.valueBlock.value && this.valueBlock.value.length)) {
return Constructed.prototype.onAsciiEncoding.call(this);
}
else {
const bits = [];
const valueHex = this.valueBlock.valueHexView;
for (const byte of valueHex) {
bits.push(byte.toString(2).padStart(8, "0"));
}
const bitsStr = bits.join("");
const name = this.constructor.NAME;
const value = bitsStr.substring(0, bitsStr.length - this.valueBlock.unusedBits);
return `${name} : ${value}`;
}
}
}
_a$q = BitString;
(() => {
typeStore.BitString = _a$q;
})();
BitString.NAME = BIT_STRING_NAME;
var _a$p;
function viewAdd(first, second) {
const c = new Uint8Array([0]);
const firstView = new Uint8Array(first);
const secondView = new Uint8Array(second);
let firstViewCopy = firstView.slice(0);
const firstViewCopyLength = firstViewCopy.length - 1;
const secondViewCopy = secondView.slice(0);
const secondViewCopyLength = secondViewCopy.length - 1;
let value = 0;
const max = (secondViewCopyLength < firstViewCopyLength) ? firstViewCopyLength : secondViewCopyLength;
let counter = 0;
for (let i = max; i >= 0; i--, counter++) {
switch (true) {
case (counter < secondViewCopy.length):
value = firstViewCopy[firstViewCopyLength - counter] + secondViewCopy[secondViewCopyLength - counter] + c[0];
break;
default:
value = firstViewCopy[firstViewCopyLength - counter] + c[0];
}
c[0] = value / 10;
switch (true) {
case (counter >= firstViewCopy.length):
firstViewCopy = utilConcatView(new Uint8Array([value % 10]), firstViewCopy);
break;
default:
firstViewCopy[firstViewCopyLength - counter] = value % 10;
}
}
if (c[0] > 0)
firstViewCopy = utilConcatView(c, firstViewCopy);
return firstViewCopy;
}
function power2(n) {
if (n >= powers2.length) {
for (let p = powers2.length; p <= n; p++) {
const c = new Uint8Array([0]);
let digits = (powers2[p - 1]).slice(0);
for (let i = (digits.length - 1); i >= 0; i--) {
const newValue = new Uint8Array([(digits[i] << 1) + c[0]]);
c[0] = newValue[0] / 10;
digits[i] = newValue[0] % 10;
}
if (c[0] > 0)
digits = utilConcatView(c, digits);
powers2.push(digits);
}
}
return powers2[n];
}
function viewSub(first, second) {
let b = 0;
const firstView = new Uint8Array(first);
const secondView = new Uint8Array(second);
const firstViewCopy = firstView.slice(0);
const firstViewCopyLength = firstViewCopy.length - 1;
const secondViewCopy = secondView.slice(0);
const secondViewCopyLength = secondViewCopy.length - 1;
let value;
let counter = 0;
for (let i = secondViewCopyLength; i >= 0; i--, counter++) {
value = firstViewCopy[firstViewCopyLength - counter] - secondViewCopy[secondViewCopyLength - counter] - b;
switch (true) {
case (value < 0):
b = 1;
firstViewCopy[firstViewCopyLength - counter] = value + 10;
break;
default:
b = 0;
firstViewCopy[firstViewCopyLength - counter] = value;
}
}
if (b > 0) {
for (let i = (firstViewCopyLength - secondViewCopyLength + 1); i >= 0; i--, counter++) {
value = firstViewCopy[firstViewCopyLength - counter] - b;
if (value < 0) {
b = 1;
firstViewCopy[firstViewCopyLength - counter] = value + 10;
}
else {
b = 0;
firstViewCopy[firstViewCopyLength - counter] = value;
break;
}
}
}
return firstViewCopy.slice();
}
class LocalIntegerValueBlock extends HexBlock(ValueBlock) {
setValueHex() {
if (this.valueHexView.length >= 4) {
this.warnings.push("Too big Integer for decoding, hex only");
this.isHexOnly = true;
this._valueDec = 0;
}
else {
this.isHexOnly = false;
if (this.valueHexView.length > 0) {
this._valueDec = utilDecodeTC.call(this);
}
}
}
constructor({ value, ...parameters } = {}) {
super(parameters);
this._valueDec = 0;
if (parameters.valueHex) {
this.setValueHex();
}
if (value !== undefined) {
this.valueDec = value;
}
}
set valueDec(v) {
this._valueDec = v;
this.isHexOnly = false;
this.valueHexView = new Uint8Array(utilEncodeTC(v));
}
get valueDec() {
return this._valueDec;
}
fromDER(inputBuffer, inputOffset, inputLength, expectedLength = 0) {
const offset = this.fromBER(inputBuffer, inputOffset, inputLength);
if (offset === -1)
return offset;
const view = this.valueHexView;
if ((view[0] === 0x00) && ((view[1] & 0x80) !== 0)) {
this.valueHexView = view.subarray(1);
}
else {
if (expectedLength !== 0) {
if (view.length < expectedLength) {
if ((expectedLength - view.length) > 1)
expectedLength = view.length + 1;
this.valueHexView = view.subarray(expectedLength - view.length);
}
}
}
return offset;
}
toDER(sizeOnly = false) {
const view = this.valueHexView;
switch (true) {
case ((view[0] & 0x80) !== 0):
{
const updatedView = new Uint8Array(this.valueHexView.length + 1);
updatedView[0] = 0x00;
updatedView.set(view, 1);
this.valueHexView = updatedView;
}
break;
case ((view[0] === 0x00) && ((view[1] & 0x80) === 0)):
{
this.valueHexView = this.valueHexView.subarray(1);
}
break;
}
return this.toBER(sizeOnly);
}
fromBER(inputBuffer, inputOffset, inputLength) {
const resultOffset = super.fromBER(inputBuffer, inputOffset, inputLength);
if (resultOffset === -1) {
return resultOffset;
}
this.setValueHex();
return resultOffset;
}
toBER(sizeOnly) {
return sizeOnly
? new ArrayBuffer(this.valueHexView.length)
: this.valueHexView.slice().buffer;
}
toJSON() {
return {
...super.toJSON(),
valueDec: this.valueDec,
};
}
toString() {
const firstBit = (this.valueHexView.length * 8) - 1;
let digits = new Uint8Array((this.valueHexView.length * 8) / 3);
let bitNumber = 0;
let currentByte;
const asn1View = this.valueHexView;
let result = "";
let flag = false;
for (let byteNumber = (asn1View.byteLength - 1); byteNumber >= 0; byteNumber--) {
currentByte = asn1View[byteNumber];
for (let i = 0; i < 8; i++) {
if ((currentByte & 1) === 1) {
switch (bitNumber) {
case firstBit:
digits = viewSub(power2(bitNumber), digits);
result = "-";
break;
default:
digits = viewAdd(digits, power2(bitNumber));
}
}
bitNumber++;
currentByte >>= 1;
}
}
for (let i = 0; i < digits.length; i++) {
if (digits[i])
flag = true;
if (flag)
result += digitsString.charAt(digits[i]);
}
if (flag === false)
result += digitsString.charAt(0);
return result;
}
}
_a$p = LocalIntegerValueBlock;
LocalIntegerValueBlock.NAME = "IntegerValueBlock";
(() => {
Object.defineProperty(_a$p.prototype, "valueHex", {
set: function (v) {
this.valueHexView = new Uint8Array(v);
this.setValueHex();
},
get: function () {
return this.valueHexView.slice().buffer;
},
});
})();
var _a$o;
class Integer extends BaseBlock {
constructor(parameters = {}) {
super(parameters, LocalIntegerValueBlock);
this.idBlock.tagClass = 1;
this.idBlock.tagNumber = 2;
}
toBigInt() {
assertBigInt();
return BigInt(this.valueBlock.toString());
}
static fromBigInt(value) {
assertBigInt();
const bigIntValue = BigInt(value);
const writer = new ViewWriter();
const hex = bigIntValue.toString(16).replace(/^-/, "");
const view = new Uint8Array(Convert.FromHex(hex));
if (bigIntValue < 0) {
const first = new Uint8Array(view.length + (view[0] & 0x80 ? 1 : 0));
first[0] |= 0x80;
const firstInt = BigInt(`0x${Convert.ToHex(first)}`);
const secondInt = firstInt + bigIntValue;
const second = BufferSourceConverter.toUint8Array(Convert.FromHex(secondInt.toString(16)));
second[0] |= 0x80;
writer.write(second);
}
else {
if (view[0] & 0x80) {
writer.write(new Uint8Array([0]));
}
writer.write(view);
}
const res = new _a$o({ valueHex: writer.final() });
return res;
}
convertToDER() {
const integer = new _a$o({ valueHex: this.valueBlock.valueHexView });
integer.valueBlock.toDER();
return integer;
}
convertFromDER() {
return new _a$o({
valueHex: this.valueBlock.valueHexView[0] === 0
? this.valueBlock.valueHexView.subarray(1)
: this.valueBlock.valueHexView,
});
}
onAsciiEncoding() {
return `${this.constructor.NAME} : ${this.valueBlock.toString()}`;
}
}
_a$o = Integer;
(() => {
typeStore.Integer = _a$o;
})();
Integer.NAME = "INTEGER";
var _a$n;
class Enumerated extends Integer {
constructor(parameters = {}) {
super(parameters);
this.idBlock.tagClass = 1;
this.idBlock.tagNumber = 10;
}
}
_a$n = Enumerated;
(() => {
typeStore.Enumerated = _a$n;
})();
Enumerated.NAME = "ENUMERATED";
class LocalSidValueBlock extends HexBlock(ValueBlock) {
constructor({ valueDec = -1, isFirstSid = false, ...parameters } = {}) {
super(parameters);
this.valueDec = valueDec;
this.isFirstSid = isFirstSid;
}
fromBER(inputBuffer, inputOffset, inputLength) {
if (!inputLength) {
return inputOffset;
}
const inputView = BufferSourceConverter.toUint8Array(inputBuffer);
if (!checkBufferParams(this, inputView, inputOffset, inputLength)) {
return -1;
}
const intBuffer = inputView.subarray(inputOffset, inputOffset + inputLength);
this.valueHexView = new Uint8Array(inputLength);
for (let i = 0; i < inputLength; i++) {
this.valueHexView[i] = intBuffer[i] & 0x7F;
this.blockLength++;
if ((intBuffer[i] & 0x80) === 0x00)
break;
}
const tempView = new Uint8Array(this.blockLength);
for (let i = 0; i < this.blockLength; i++) {
tempView[i] = this.valueHexView[i];
}
this.valueHexView = tempView;
if ((intBuffer[this.blockLength - 1] & 0x80) !== 0x00) {
this.error = "End of input reached before message was fully decoded";
return -1;
}
if (this.valueHexView[0] === 0x00)
this.warnings.push("Needlessly long format of SID encoding");
if (this.blockLength <= 8)
this.valueDec = utilFromBase(this.valueHexView, 7);
else {
this.isHexOnly = true;
this.warnings.push("Too big SID for decoding, hex only");
}
return (inputOffset + this.blockLength);
}
set valueBigInt(value) {
assertBigInt();
let bits = BigInt(value).toString(2);
while (bits.length % 7) {
bits = "0" + bits;
}
const bytes = new Uint8Array(bits.length / 7);
for (let i = 0; i < bytes.length; i++) {
bytes[i] = parseInt(bits.slice(i * 7, i * 7 + 7), 2) + (i + 1 < bytes.length ? 0x80 : 0);
}
this.fromBER(bytes.buffer, 0, bytes.length);
}
toBER(sizeOnly) {
if (this.isHexOnly) {
if (sizeOnly)
return (new ArrayBuffer(this.valueHexView.byteLength));
const curView = this.valueHexView;
const retView = new Uint8Array(this.blockLength);
for (let i = 0; i < (this.blockLength - 1); i++)
retView[i] = curView[i] | 0x80;
retView[this.blockLength - 1] = curView[this.blockLength - 1];
return retView.buffer;
}
const encodedBuf = utilToBase(this.valueDec, 7);
if (encodedBuf.byteLength === 0) {
this.error = "Error during encoding SID value";
return EMPTY_BUFFER$1;
}
const retView = new Uint8Array(encodedBuf.byteLength);
if (!sizeOnly) {
const encodedView = new Uint8Array(encodedBuf);
const len = encodedBuf.byteLength - 1;
for (let i = 0; i < len; i++)
retView[i] = encodedView[i] | 0x80;
retView[len] = encodedView[len];
}
return retView;
}
toString() {
let result = "";
if (this.isHexOnly)
result = Convert.ToHex(this.valueHexView);
else {
if (this.isFirstSid) {
let sidValue = this.valueDec;
if (this.valueDec <= 39)
result = "0.";
else {
if (this.valueDec <= 79) {
result = "1.";
sidValue -= 40;
}
else {
result = "2.";
sidValue -= 80;
}
}
result += sidValue.toString();
}
else
result = this.valueDec.toString();
}
return result;
}
toJSON() {
return {
...super.toJSON(),
valueDec: this.valueDec,
isFirstSid: this.isFirstSid,
};
}
}
LocalSidValueBlock.NAME = "sidBlock";
class LocalObjectIdentifierValueBlock extends ValueBlock {
constructor({ value = EMPTY_STRING$1, ...parameters } = {}) {
super(parameters);
this.value = [];
if (value) {
this.fromString(value);
}
}
fromBER(inputBuffer, inputOffset, inputLength) {
let resultOffset = inputOffset;
while (inputLength > 0) {
const sidBlock = new LocalSidValueBlock();
resultOffset = sidBlock.fromBER(inputBuffer, resultOffset, inputLength);
if (resultOffset === -1) {
this.blockLength = 0;
this.error = sidBlock.error;
return resultOffset;
}
if (this.value.length === 0)
sidBlock.isFirstSid = true;
this.blockLength += sidBlock.blockLength;
inputLength -= sidBlock.blockLength;
this.value.push(sidBlock);
}
return resultOffset;
}
toBER(sizeOnly) {
const retBuffers = [];
for (let i = 0; i < this.value.length; i++) {
const valueBuf = this.value[i].toBER(sizeOnly);
if (valueBuf.byteLength === 0) {
this.error = this.value[i].error;
return EMPTY_BUFFER$1;
}
retBuffers.push(valueBuf);
}
return concat(retBuffers);
}
fromString(string) {
this.value = [];
let pos1 = 0;
let pos2 = 0;
let sid = "";
let flag = false;
do {
pos2 = string.indexOf(".", pos1);
if (pos2 === -1)
sid = string.substring(pos1);
else
sid = string.substring(pos1, pos2);
pos1 = pos2 + 1;
if (flag) {
const sidBlock = this.value[0];
let plus = 0;
switch (sidBlock.valueDec) {
case 0:
break;
case 1:
plus = 40;
break;
case 2:
plus = 80;
break;
default:
this.value = [];
return;
}
const parsedSID = parseInt(sid, 10);
if (isNaN(parsedSID))
return;
sidBlock.valueDec = parsedSID + plus;
flag = false;
}
else {
const sidBlock = new LocalSidValueBlock();
if (sid > Number.MAX_SAFE_INTEGER) {
assertBigInt();
const sidValue = BigInt(sid);
sidBlock.valueBigInt = sidValue;
}
else {
sidBlock.valueDec = parseInt(sid, 10);
if (isNaN(sidBlock.valueDec))
return;
}
if (!this.value.length) {
sidBlock.isFirstSid = true;
flag = true;
}
this.value.push(sidBlock);
}
} while (pos2 !== -1);
}
toString() {
let result = "";
let isHexOnly = false;
for (let i = 0; i < this.value.length; i++) {
isHexOnly = this.value[i].isHexOnly;
let sidStr = this.value[i].toString();
if (i !== 0)
result = `${result}.`;
if (isHexOnly) {
sidStr = `{${sidStr}}`;
if (this.value[i].isFirstSid)
result = `2.{${sidStr} - 80}`;
else
result += sidStr;
}
else
result += sidStr;
}
return result;
}
toJSON() {
const object = {
...super.toJSON(),
value: this.toString(),
sidArray: [],
};
for (let i = 0; i < this.value.length; i++) {
object.sidArray.push(this.value[i].toJSON());
}
return object;
}
}
LocalObjectIdentifierValueBlock.NAME = "ObjectIdentifierValueBlock";
var _a$m;
class ObjectIdentifier extends BaseBlock {
getValue() {
return this.valueBlock.toString();
}
setValue(value) {
this.valueBlock.fromString(value);
}
constructor(parameters = {}) {
super(parameters, LocalObjectIdentifierValueBlock);
this.idBlock.tagClass = 1;
this.idBlock.tagNumber = 6;
}
onAsciiEncoding() {
return `${this.constructor.NAME} : ${this.valueBlock.toString() || "empty"}`;
}
toJSON() {
return {
...super.toJSON(),
value: this.getValue(),
};
}
}
_a$m = ObjectIdentifier;
(() => {
typeStore.ObjectIdentifier = _a$m;
})();
ObjectIdentifier.NAME = "OBJECT IDENTIFIER";
class LocalRelativeSidValueBlock extends HexBlock(LocalBaseBlock) {
constructor({ valueDec = 0, ...parameters } = {}) {
super(parameters);
this.valueDec = valueDec;
}
fromBER(inputBuffer, inputOffset, inputLength) {
if (inputLength === 0)
return inputOffset;
const inputView = BufferSourceConverter.toUint8Array(inputBuffer);
if (!checkBufferParams(this, inputView, inputOffset, inputLength))
return -1;
const intBuffer = inputView.subarray(inputOffset, inputOffset + inputLength);
this.valueHexView = new Uint8Array(inputLength);
for (let i = 0; i < inputLength; i++) {
this.valueHexView[i] = intBuffer[i] & 0x7F;
this.blockLength++;
if ((intBuffer[i] & 0x80) === 0x00)
break;
}
const tempView = new Uint8Array(this.blockLength);
for (let i = 0; i < this.blockLength; i++)
tempView[i] = this.valueHexView[i];
this.valueHexView = tempView;
if ((intBuffer[this.blockLength - 1] & 0x80) !== 0x00) {
this.error = "End of input reached before message was fully decoded";
return -1;
}
if (this.valueHexView[0] === 0x00)
this.warnings.push("Needlessly long format of SID encoding");
if (this.blockLength <= 8)
this.valueDec = utilFromBase(this.valueHexView, 7);
else {
this.isHexOnly = true;
this.warnings.push("Too big SID for decoding, hex only");
}
return (inputOffset + this.blockLength);
}
toBER(sizeOnly) {
if (this.isHexOnly) {
if (sizeOnly)
return (new ArrayBuffer(this.valueHexView.byteLength));
const curView = this.valueHexView;
const retView = new Uint8Array(this.blockLength);
for (let i = 0; i < (this.blockLength - 1); i++)
retView[i] = curView[i] | 0x80;
retView[this.blockLength - 1] = curView[this.blockLength - 1];
return retView.buffer;
}
const encodedBuf = utilToBase(this.valueDec, 7);
if (encodedBuf.byteLength === 0) {
this.error = "Error during encoding SID value";
return EMPTY_BUFFER$1;
}
const retView = new Uint8Array(encodedBuf.byteLength);
if (!sizeOnly) {
const encodedView = new Uint8Array(encodedBuf);
const len = encodedBuf.byteLength - 1;
for (let i = 0; i < len; i++)
retView[i] = encodedView[i] | 0x80;
retView[len] = encodedView[len];
}
return retView.buffer;
}
toString() {
let result = "";
if (this.isHexOnly)
result = Convert.ToHex(this.valueHexView);
else {
result = this.valueDec.toString();
}
return result;
}
toJSON() {
return {
...super.toJSON(),
valueDec: this.valueDec,
};
}
}
LocalRelativeSidValueBlock.NAME = "relativeSidBlock";
class LocalRelativeObjectIdentifierValueBlock extends ValueBlock {
constructor({ value = EMPTY_STRING$1, ...parameters } = {}) {
super(parameters);
this.value = [];
if (value) {
this.fromString(value);
}
}
fromBER(inputBuffer, inputOffset, inputLength) {
let resultOffset = inputOffset;
while (inputLength > 0) {
const sidBlock = new LocalRelativeSidValueBlock();
resultOffset = sidBlock.fromBER(inputBuffer, resultOffset, inputLength);
if (resultOffset === -1) {
this.blockLength = 0;
this.error = sidBlock.error;
return resultOffset;
}
this.blockLength += sidBlock.blockLength;
inputLength -= sidBlock.blockLength;
this.value.push(sidBlock);
}
return resultOffset;
}
toBER(sizeOnly, _writer) {
const retBuffers = [];
for (let i = 0; i < this.value.length; i++) {
const valueBuf = this.value[i].toBER(sizeOnly);
if (valueBuf.byteLength === 0) {
this.error = this.value[i].error;
return EMPTY_BUFFER$1;
}
retBuffers.push(valueBuf);
}
return concat(retBuffers);
}
fromString(string) {
this.value = [];
let pos1 = 0;
let pos2 = 0;
let sid = "";
do {
pos2 = string.indexOf(".", pos1);
if (pos2 === -1)
sid = string.substring(pos1);
else
sid = string.substring(pos1, pos2);
pos1 = pos2 + 1;
const sidBlock = new LocalRelativeSidValueBlock();
sidBlock.valueDec = parseInt(sid, 10);
if (isNaN(sidBlock.valueDec))
return true;
this.value.push(sidBlock);
} while (pos2 !== -1);
return true;
}
toString() {
let result = "";
let isHexOnly = false;
for (let i = 0; i < this.value.length; i++) {
isHexOnly = this.value[i].isHexOnly;
let sidStr = this.value[i].toString();
if (i !== 0)
result = `${result}.`;
if (isHexOnly) {
sidStr = `{${sidStr}}`;
result += sidStr;
}
else
result += sidStr;
}
return result;
}
toJSON() {
const object = {
...super.toJSON(),
value: this.toString(),
sidArray: [],
};
for (let i = 0; i < this.value.length; i++)
object.sidArray.push(this.value[i].toJSON());
return object;
}
}
LocalRelativeObjectIdentifierValueBlock.NAME = "RelativeObjectIdentifierValueBlock";
var _a$l;
class RelativeObjectIdentifier extends BaseBlock {
getValue() {
return this.valueBlock.toString();
}
setValue(value) {
this.valueBlock.fromString(value);
}
constructor(parameters = {}) {
super(parameters, LocalRelativeObjectIdentifierValueBlock);
this.idBlock.tagClass = 1;
this.idBlock.tagNumber = 13;
}
onAsciiEncoding() {
return `${this.constructor.NAME} : ${this.valueBlock.toString() || "empty"}`;
}
toJSON() {
return {
...super.toJSON(),
value: this.getValue(),
};
}
}
_a$l = RelativeObjectIdentifier;
(() => {
typeStore.RelativeObjectIdentifier = _a$l;
})();
RelativeObjectIdentifier.NAME = "RelativeObjectIdentifier";
var _a$k;
class Sequence extends Constructed {
constructor(parameters = {}) {
super(parameters);
this.idBlock.tagClass = 1;
this.idBlock.tagNumber = 16;
}
}
_a$k = Sequence;
(() => {
typeStore.Sequence = _a$k;
})();
Sequence.NAME = "SEQUENCE";
var _a$j;
class Set extends Constructed {
constructor(parameters = {}) {
super(parameters);
this.idBlock.tagClass = 1;
this.idBlock.tagNumber = 17;
}
}
_a$j = Set;
(() => {
typeStore.Set = _a$j;
})();
Set.NAME = "SET";
class LocalStringValueBlock extends HexBlock(ValueBlock) {
constructor({ ...parameters } = {}) {
super(parameters);
this.isHexOnly = true;
this.value = EMPTY_STRING$1;
}
toJSON() {
return {
...super.toJSON(),
value: this.value,
};
}
}
LocalStringValueBlock.NAME = "StringValueBlock";
class LocalSimpleStringValueBlock extends LocalStringValueBlock {
}
LocalSimpleStringValueBlock.NAME = "SimpleStringValueBlock";
class LocalSimpleStringBlock extends BaseStringBlock {
constructor({ ...parameters } = {}) {
super(parameters, LocalSimpleStringValueBlock);
}
fromBuffer(inputBuffer) {
this.valueBlock.value = String.fromCharCode.apply(null, BufferSourceConverter.toUint8Array(inputBuffer));
}
fromString(inputString) {
const strLen = inputString.length;
const view = this.valueBlock.valueHexView = new Uint8Array(strLen);
for (let i = 0; i < strLen; i++)
view[i] = inputString.charCodeAt(i);
this.valueBlock.value = inputString;
}
}
LocalSimpleStringBlock.NAME = "SIMPLE STRING";
class LocalUtf8StringValueBlock extends LocalSimpleStringBlock {
fromBuffer(inputBuffer) {
this.valueBlock.valueHexView = BufferSourceConverter.toUint8Array(inputBuffer);
try {
this.valueBlock.value = Convert.ToUtf8String(inputBuffer);
}
catch (ex) {
this.warnings.push(`Error during "decodeURIComponent": ${ex}, using raw string`);
this.valueBlock.value = Convert.ToBinary(inputBuffer);
}
}
fromString(inputString) {
this.valueBlock.valueHexView = new Uint8Array(Convert.FromUtf8String(inputString));
this.valueBlock.value = inputString;
}
}
LocalUtf8StringValueBlock.NAME = "Utf8StringValueBlock";
var _a$i;
class Utf8String extends LocalUtf8StringValueBlock {
constructor(parameters = {}) {
super(parameters);
this.idBlock.tagClass = 1;
this.idBlock.tagNumber = 12;
}
}
_a$i = Utf8String;
(() => {
typeStore.Utf8String = _a$i;
})();
Utf8String.NAME = "UTF8String";
class LocalBmpStringValueBlock extends LocalSimpleStringBlock {
fromBuffer(inputBuffer) {
this.valueBlock.value = Convert.ToUtf16String(inputBuffer);
this.valueBlock.valueHexView = BufferSourceConverter.toUint8Array(inputBuffer);
}
fromString(inputString) {
this.valueBlock.value = inputString;
this.valueBlock.valueHexView = new Uint8Array(Convert.FromUtf16String(inputString));
}
}
LocalBmpStringValueBlock.NAME = "BmpStringValueBlock";
var _a$h;
class BmpString extends LocalBmpStringValueBlock {
constructor({ ...parameters } = {}) {
super(parameters);
this.idBlock.tagClass = 1;
this.idBlock.tagNumber = 30;
}
}
_a$h = BmpString;
(() => {
typeStore.BmpString = _a$h;
})();
BmpString.NAME = "BMPString";
class LocalUniversalStringValueBlock extends LocalSimpleStringBlock {
fromBuffer(inputBuffer) {
const copyBuffer = ArrayBuffer.isView(inputBuffer) ? inputBuffer.slice().buffer : inputBuffer.slice(0);
const valueView = new Uint8Array(copyBuffer);
for (let i = 0; i < valueView.length; i += 4) {
valueView[i] = valueView[i + 3];
valueView[i + 1] = valueView[i + 2];
valueView[i + 2] = 0x00;
valueView[i + 3] = 0x00;
}
this.valueBlock.value = String.fromCharCode.apply(null, new Uint32Array(copyBuffer));
}
fromString(inputString) {
const strLength = inputString.length;
const valueHexView = this.valueBlock.valueHexView = new Uint8Array(strLength * 4);
for (let i = 0; i < strLength; i++) {
const codeBuf = utilToBase(inputString.charCodeAt(i), 8);
const codeView = new Uint8Array(codeBuf);
if (codeView.length > 4)
continue;
const dif = 4 - codeView.length;
for (let j = (codeView.length - 1); j >= 0; j--)
valueHexView[i * 4 + j + dif] = codeView[j];
}
this.valueBlock.value = inputString;
}
}
LocalUniversalStringValueBlock.NAME = "UniversalStringValueBlock";
var _a$g;
class UniversalString extends LocalUniversalStringValueBlock {
constructor({ ...parameters } = {}) {
super(parameters);
this.idBlock.tagClass = 1;
this.idBlock.tagNumber = 28;
}
}
_a$g = UniversalString;
(() => {
typeStore.UniversalString = _a$g;
})();
UniversalString.NAME = "UniversalString";
var _a$f;
class NumericString extends LocalSimpleStringBlock {
constructor(parameters = {}) {
super(parameters);
this.idBlock.tagClass = 1;
this.idBlock.tagNumber = 18;
}
}
_a$f = NumericString;
(() => {
typeStore.NumericString = _a$f;
})();
NumericString.NAME = "NumericString";
var _a$e;
class PrintableString extends LocalSimpleStringBlock {
constructor(parameters = {}) {
super(parameters);
this.idBlock.tagClass = 1;
this.idBlock.tagNumber = 19;
}
}
_a$e = PrintableString;
(() => {
typeStore.PrintableString = _a$e;
})();
PrintableString.NAME = "PrintableString";
var _a$d;
class TeletexString extends LocalSimpleStringBlock {
constructor(parameters = {}) {
super(parameters);
this.idBlock.tagClass = 1;
this.idBlock.tagNumber = 20;
}
}
_a$d = TeletexString;
(() => {
typeStore.TeletexString = _a$d;
})();
TeletexString.NAME = "TeletexString";
var _a$c;
class VideotexString extends LocalSimpleStringBlock {
constructor(parameters = {}) {
super(parameters);
this.idBlock.tagClass = 1;
this.idBlock.tagNumber = 21;
}
}
_a$c = VideotexString;
(() => {
typeStore.VideotexString = _a$c;
})();
VideotexString.NAME = "VideotexString";
var _a$b;
class IA5String extends LocalSimpleStringBlock {
constructor(parameters = {}) {
super(parameters);
this.idBlock.tagClass = 1;
this.idBlock.tagNumber = 22;
}
}
_a$b = IA5String;
(() => {
typeStore.IA5String = _a$b;
})();
IA5String.NAME = "IA5String";
var _a$a;
class GraphicString extends LocalSimpleStringBlock {
constructor(parameters = {}) {
super(parameters);
this.idBlock.tagClass = 1;
this.idBlock.tagNumber = 25;
}
}
_a$a = GraphicString;
(() => {
typeStore.GraphicString = _a$a;
})();
GraphicString.NAME = "GraphicString";
var _a$9;
class VisibleString extends LocalSimpleStringBlock {
constructor(parameters = {}) {
super(parameters);
this.idBlock.tagClass = 1;
this.idBlock.tagNumber = 26;
}
}
_a$9 = VisibleString;
(() => {
typeStore.VisibleString = _a$9;
})();
VisibleString.NAME = "VisibleString";
var _a$8;
class GeneralString extends LocalSimpleStringBlock {
constructor(parameters = {}) {
super(parameters);
this.idBlock.tagClass = 1;
this.idBlock.tagNumber = 27;
}
}
_a$8 = GeneralString;
(() => {
typeStore.GeneralString = _a$8;
})();
GeneralString.NAME = "GeneralString";
var _a$7;
class CharacterString extends LocalSimpleStringBlock {
constructor(parameters = {}) {
super(parameters);
this.idBlock.tagClass = 1;
this.idBlock.tagNumber = 29;
}
}
_a$7 = CharacterString;
(() => {
typeStore.CharacterString = _a$7;
})();
CharacterString.NAME = "CharacterString";
var _a$6;
class UTCTime extends VisibleString {
constructor({ value, valueDate, ...parameters } = {}) {
super(parameters);
this.year = 0;
this.month = 0;
this.day = 0;
this.hour = 0;
this.minute = 0;
this.second = 0;
if (value) {
this.fromString(value);
this.valueBlock.valueHexView = new Uint8Array(value.length);
for (let i = 0; i < value.length; i++)
this.valueBlock.valueHexView[i] = value.charCodeAt(i);
}
if (valueDate) {
this.fromDate(valueDate);
this.valueBlock.valueHexView = new Uint8Array(this.toBuffer());
}
this.idBlock.tagClass = 1;
this.idBlock.tagNumber = 23;
}
fromBuffer(inputBuffer) {
this.fromString(String.fromCharCode.apply(null, BufferSourceConverter.toUint8Array(inputBuffer)));
}
toBuffer() {
const str = this.toString();
const buffer = new ArrayBuffer(str.length);
const view = new Uint8Array(buffer);
for (let i = 0; i < str.length; i++)
view[i] = str.charCodeAt(i);
return buffer;
}
fromDate(inputDate) {
this.year = inputDate.getUTCFullYear();
this.month = inputDate.getUTCMonth() + 1;
this.day = inputDate.getUTCDate();
this.hour = inputDate.getUTCHours();
this.minute = inputDate.getUTCMinutes();
this.second = inputDate.getUTCSeconds();
}
toDate() {
return (new Date(Date.UTC(this.year, this.month - 1, this.day, this.hour, this.minute, this.second)));
}
fromString(inputString) {
const parser = /(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})Z/ig;
const parserArray = parser.exec(inputString);
if (parserArray === null) {
this.error = "Wrong input string for conversion";
return;
}
const year = parseInt(parserArray[1], 10);
if (year >= 50)
this.year = 1900 + year;
else
this.year = 2000 + year;
this.month = parseInt(parserArray[2], 10);
this.day = parseInt(parserArray[3], 10);
this.hour = parseInt(parserArray[4], 10);
this.minute = parseInt(parserArray[5], 10);
this.second = parseInt(parserArray[6], 10);
}
toString(encoding = "iso") {
if (encoding === "iso") {
const outputArray = new Array(7);
outputArray[0] = padNumber(((this.year < 2000) ? (this.year - 1900) : (this.year - 2000)), 2);
outputArray[1] = padNumber(this.month, 2);
outputArray[2] = padNumber(this.day, 2);
outputArray[3] = padNumber(this.hour, 2);
outputArray[4] = padNumber(this.minute, 2);
outputArray[5] = padNumber(this.second, 2);
outputArray[6] = "Z";
return outputArray.join("");
}
return super.toString(encoding);
}
onAsciiEncoding() {
return `${this.constructor.NAME} : ${this.toDate().toISOString()}`;
}
toJSON() {
return {
...super.toJSON(),
year: this.year,
month: this.month,
day: this.day,
hour: this.hour,
minute: this.minute,
second: this.second,
};
}
}
_a$6 = UTCTime;
(() => {
typeStore.UTCTime = _a$6;
})();
UTCTime.NAME = "UTCTime";
var _a$5;
class GeneralizedTime extends UTCTime {
constructor(parameters = {}) {
var _b;
super(parameters);
(_b = this.millisecond) !== null && _b !== void 0 ? _b : (this.millisecond = 0);
this.idBlock.tagClass = 1;
this.idBlock.tagNumber = 24;
}
fromDate(inputDate) {
super.fromDate(inputDate);
this.millisecond = inputDate.getUTCMilliseconds();
}
toDate() {
const utcDate = Date.UTC(this.year, this.month - 1, this.day, this.hour, this.minute, this.second, this.millisecond);
return (new Date(utcDate));
}
fromString(inputString) {
let isUTC = false;
let timeString = "";
let dateTimeString = "";
let fractionPart = 0;
let parser;
let hourDifference = 0;
let minuteDifference = 0;
if (inputString[inputString.length - 1] === "Z") {
timeString = inputString.substring(0, inputString.length - 1);
isUTC = true;
}
else {
const number = new Number(inputString[inputString.length - 1]);
if (isNaN(number.valueOf()))
throw new Error("Wrong input string for conversion");
timeString = inputString;
}
if (isUTC) {
if (timeString.indexOf("+") !== -1)
throw new Error("Wrong input string for conversion");
if (timeString.indexOf("-") !== -1)
throw new Error("Wrong input string for conversion");
}
else {
let multiplier = 1;
let differencePosition = timeString.indexOf("+");
let differenceString = "";
if (differencePosition === -1) {
differencePosition = timeString.indexOf("-");
multiplier = -1;
}
if (differencePosition !== -1) {
differenceString = timeString.substring(differencePosition + 1);
timeString = timeString.substring(0, differencePosition);
if ((differenceString.length !== 2) && (differenceString.length !== 4))
throw new Error("Wrong input string for conversion");
let number = parseInt(differenceString.substring(0, 2), 10);
if (isNaN(number.valueOf()))
throw new Error("Wrong input string for conversion");
hourDifference = multiplier * number;
if (differenceString.length === 4) {
number = parseInt(differenceString.substring(2, 4), 10);
if (isNaN(number.valueOf()))
throw new Error("Wrong input string for conversion");
minuteDifference = multiplier * number;
}
}
}
let fractionPointPosition = timeString.indexOf(".");
if (fractionPointPosition === -1)
fractionPointPosition = timeString.indexOf(",");
if (fractionPointPosition !== -1) {
const fractionPartCheck = new Number(`0${timeString.substring(fractionPointPosition)}`);
if (isNaN(fractionPartCheck.valueOf()))
throw new Error("Wrong input string for conversion");
fractionPart = fractionPartCheck.valueOf();
dateTimeString = timeString.substring(0, fractionPointPosition);
}
else
dateTimeString = timeString;
switch (true) {
case (dateTimeString.length === 8):
parser = /(\d{4})(\d{2})(\d{2})/ig;
if (fractionPointPosition !== -1)
throw new Error("Wrong input string for conversion");
break;
case (dateTimeString.length === 10):
parser = /(\d{4})(\d{2})(\d{2})(\d{2})/ig;
if (fractionPointPosition !== -1) {
let fractionResult = 60 * fractionPart;
this.minute = Math.floor(fractionResult);
fractionResult = 60 * (fractionResult - this.minute);
this.second = Math.floor(fractionResult);
fractionResult = 1000 * (fractionResult - this.second);
this.millisecond = Math.floor(fractionResult);
}
break;
case (dateTimeString.length === 12):
parser = /(\d{4})(\d{2})(\d{2})(\d{2})(\d{2})/ig;
if (fractionPointPosition !== -1) {
let fractionResult = 60 * fractionPart;
this.second = Math.floor(fractionResult);
fractionResult = 1000 * (fractionResult - this.second);
this.millisecond = Math.floor(fractionResult);
}
break;
case (dateTimeString.length === 14):
parser = /(\d{4})(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})/ig;
if (fractionPointPosition !== -1) {
const fractionResult = 1000 * fractionPart;
this.millisecond = Math.floor(fractionResult);
}
break;
default:
throw new Error("Wrong input string for conversion");
}
const parserArray = parser.exec(dateTimeString);
if (parserArray === null)
throw new Error("Wrong input string for conversion");
for (let j = 1; j < parserArray.length; j++) {
switch (j) {
case 1:
this.year = parseInt(parserArray[j], 10);
break;
case 2:
this.month = parseInt(parserArray[j], 10);
break;
case 3:
this.day = parseInt(parserArray[j], 10);
break;
case 4:
this.hour = parseInt(parserArray[j], 10) + hourDifference;
break;
case 5:
this.minute = parseInt(parserArray[j], 10) + minuteDifference;
break;
case 6:
this.second = parseInt(parserArray[j], 10);
break;
default:
throw new Error("Wrong input string for conversion");
}
}
if (isUTC === false) {
const tempDate = new Date(this.year, this.month, this.day, this.hour, this.minute, this.second, this.millisecond);
this.year = tempDate.getUTCFullYear();
this.month = tempDate.getUTCMonth();
this.day = tempDate.getUTCDay();
this.hour = tempDate.getUTCHours();
this.minute = tempDate.getUTCMinutes();
this.second = tempDate.getUTCSeconds();
this.millisecond = tempDate.getUTCMilliseconds();
}
}
toString(encoding = "iso") {
if (encoding === "iso") {
const outputArray = [];
outputArray.push(padNumber(this.year, 4));
outputArray.push(padNumber(this.month, 2));
outputArray.push(padNumber(this.day, 2));
outputArray.push(padNumber(this.hour, 2));
outputArray.push(padNumber(this.minute, 2));
outputArray.push(padNumber(this.second, 2));
if (this.millisecond !== 0) {
outputArray.push(".");
outputArray.push(padNumber(this.millisecond, 3));
}
outputArray.push("Z");
return outputArray.join("");
}
return super.toString(encoding);
}
toJSON() {
return {
...super.toJSON(),
millisecond: this.millisecond,
};
}
}
_a$5 = GeneralizedTime;
(() => {
typeStore.GeneralizedTime = _a$5;
})();
GeneralizedTime.NAME = "GeneralizedTime";
var _a$4;
let DATE$2 = class DATE extends Utf8String {
constructor(parameters = {}) {
super(parameters);
this.idBlock.tagClass = 1;
this.idBlock.tagNumber = 31;
}
};
_a$4 = DATE$2;
(() => {
typeStore.DATE = _a$4;
})();
DATE$2.NAME = "DATE";
var _a$3;
class TimeOfDay extends Utf8String {
constructor(parameters = {}) {
super(parameters);
this.idBlock.tagClass = 1;
this.idBlock.tagNumber = 32;
}
}
_a$3 = TimeOfDay;
(() => {
typeStore.TimeOfDay = _a$3;
})();
TimeOfDay.NAME = "TimeOfDay";
var _a$2;
class DateTime extends Utf8String {
constructor(parameters = {}) {
super(parameters);
this.idBlock.tagClass = 1;
this.idBlock.tagNumber = 33;
}
}
_a$2 = DateTime;
(() => {
typeStore.DateTime = _a$2;
})();
DateTime.NAME = "DateTime";
var _a$1;
class Duration extends Utf8String {
constructor(parameters = {}) {
super(parameters);
this.idBlock.tagClass = 1;
this.idBlock.tagNumber = 34;
}
}
_a$1 = Duration;
(() => {
typeStore.Duration = _a$1;
})();
Duration.NAME = "Duration";
var _a$x;
class TIME extends Utf8String {
constructor(parameters = {}) {
super(parameters);
this.idBlock.tagClass = 1;
this.idBlock.tagNumber = 14;
}
}
_a$x = TIME;
(() => {
typeStore.TIME = _a$x;
})();
TIME.NAME = "TIME";
class Any {
constructor({ name = EMPTY_STRING$1, optional = false } = {}) {
this.name = name;
this.optional = optional;
}
}
class Choice extends Any {
constructor({ value = [], ...parameters } = {}) {
super(parameters);
this.value = value;
}
}
class Repeated extends Any {
constructor({ value = new Any(), local = false, ...parameters } = {}) {
super(parameters);
this.value = value;
this.local = local;
}
}
class RawData {
get data() {
return this.dataView.slice().buffer;
}
set data(value) {
this.dataView = BufferSourceConverter.toUint8Array(value);
}
constructor({ data = EMPTY_VIEW } = {}) {
this.dataView = BufferSourceConverter.toUint8Array(data);
}
fromBER(inputBuffer, inputOffset, inputLength) {
const endLength = inputOffset + inputLength;
this.dataView = BufferSourceConverter.toUint8Array(inputBuffer).subarray(inputOffset, endLength);
return endLength;
}
toBER(_sizeOnly) {
return this.dataView.slice().buffer;
}
}
function compareSchema(root, inputData, inputSchema) {
if (inputSchema instanceof Choice) {
for (const element of inputSchema.value) {
const result = compareSchema(root, inputData, element);
if (result.verified) {
return {
verified: true,
result: root,
};
}
}
{
const _result = {
verified: false,
result: { error: "Wrong values for Choice type" },
};
if (inputSchema.hasOwnProperty(NAME))
_result.name = inputSchema.name;
return _result;
}
}
if (inputSchema instanceof Any) {
if (inputSchema.hasOwnProperty(NAME))
root[inputSchema.name] = inputData;
return {
verified: true,
result: root,
};
}
if ((root instanceof Object) === false) {
return {
verified: false,
result: { error: "Wrong root object" },
};
}
if ((inputData instanceof Object) === false) {
return {
verified: false,
result: { error: "Wrong ASN.1 data" },
};
}
if ((inputSchema instanceof Object) === false) {
return {
verified: false,
result: { error: "Wrong ASN.1 schema" },
};
}
if ((ID_BLOCK in inputSchema) === false) {
return {
verified: false,
result: { error: "Wrong ASN.1 schema" },
};
}
if ((FROM_BER in inputSchema.idBlock) === false) {
return {
verified: false,
result: { error: "Wrong ASN.1 schema" },
};
}
if ((TO_BER in inputSchema.idBlock) === false) {
return {
verified: false,
result: { error: "Wrong ASN.1 schema" },
};
}
const encodedId = inputSchema.idBlock.toBER(false);
if (encodedId.byteLength === 0) {
return {
verified: false,
result: { error: "Error encoding idBlock for ASN.1 schema" },
};
}
const decodedOffset = inputSchema.idBlock.fromBER(encodedId, 0, encodedId.byteLength);
if (decodedOffset === -1) {
return {
verified: false,
result: { error: "Error decoding idBlock for ASN.1 schema" },
};
}
if (inputSchema.idBlock.hasOwnProperty(TAG_CLASS) === false) {
return {
verified: false,
result: { error: "Wrong ASN.1 schema" },
};
}
if (inputSchema.idBlock.tagClass !== inputData.idBlock.tagClass) {
return {
verified: false,
result: root,
};
}
if (inputSchema.idBlock.hasOwnProperty(TAG_NUMBER) === false) {
return {
verified: false,
result: { error: "Wrong ASN.1 schema" },
};
}
if (inputSchema.idBlock.tagNumber !== inputData.idBlock.tagNumber) {
return {
verified: false,
result: root,
};
}
if (inputSchema.idBlock.hasOwnProperty(IS_CONSTRUCTED) === false) {
return {
verified: false,
result: { error: "Wrong ASN.1 schema" },
};
}
if (inputSchema.idBlock.isConstructed !== inputData.idBlock.isConstructed) {
return {
verified: false,
result: root,
};
}
if (!(IS_HEX_ONLY in inputSchema.idBlock)) {
return {
verified: false,
result: { error: "Wrong ASN.1 schema" },
};
}
if (inputSchema.idBlock.isHexOnly !== inputData.idBlock.isHexOnly) {
return {
verified: false,
result: root,
};
}
if (inputSchema.idBlock.isHexOnly) {
if ((VALUE_HEX_VIEW in inputSchema.idBlock) === false) {
return {
verified: false,
result: { error: "Wrong ASN.1 schema" },
};
}
const schemaView = inputSchema.idBlock.valueHexView;
const asn1View = inputData.idBlock.valueHexView;
if (schemaView.length !== asn1View.length) {
return {
verified: false,
result: root,
};
}
for (let i = 0; i < schemaView.length; i++) {
if (schemaView[i] !== asn1View[1]) {
return {
verified: false,
result: root,
};
}
}
}
if (inputSchema.name) {
inputSchema.name = inputSchema.name.replace(/^\s+|\s+$/g, EMPTY_STRING$1);
if (inputSchema.name)
root[inputSchema.name] = inputData;
}
if (inputSchema instanceof typeStore.Constructed) {
let admission = 0;
let result = {
verified: false,
result: { error: "Unknown error" },
};
let maxLength = inputSchema.valueBlock.value.length;
if (maxLength > 0) {
if (inputSchema.valueBlock.value[0] instanceof Repeated) {
maxLength = inputData.valueBlock.value.length;
}
}
if (maxLength === 0) {
return {
verified: true,
result: root,
};
}
if ((inputData.valueBlock.value.length === 0)
&& (inputSchema.valueBlock.value.length !== 0)) {
let _optional = true;
for (let i = 0; i < inputSchema.valueBlock.value.length; i++)
_optional = _optional && (inputSchema.valueBlock.value[i].optional || false);
if (_optional) {
return {
verified: true,
result: root,
};
}
if (inputSchema.name) {
inputSchema.name = inputSchema.name.replace(/^\s+|\s+$/g, EMPTY_STRING$1);
if (inputSchema.name)
delete root[inputSchema.name];
}
root.error = "Inconsistent object length";
return {
verified: false,
result: root,
};
}
for (let i = 0; i < maxLength; i++) {
if ((i - admission) >= inputData.valueBlock.value.length) {
if (inputSchema.valueBlock.value[i].optional === false) {
const _result = {
verified: false,
result: root,
};
root.error = "Inconsistent length between ASN.1 data and schema";
if (inputSchema.name) {
inputSchema.name = inputSchema.name.replace(/^\s+|\s+$/g, EMPTY_STRING$1);
if (inputSchema.name) {
delete root[inputSchema.name];
_result.name = inputSchema.name;
}
}
return _result;
}
}
else {
if (inputSchema.valueBlock.value[0] instanceof Repeated) {
result = compareSchema(root, inputData.valueBlock.value[i], inputSchema.valueBlock.value[0].value);
if (result.verified === false) {
if (inputSchema.valueBlock.value[0].optional)
admission++;
else {
if (inputSchema.name) {
inputSchema.name = inputSchema.name.replace(/^\s+|\s+$/g, EMPTY_STRING$1);
if (inputSchema.name)
delete root[inputSchema.name];
}
return result;
}
}
if ((NAME in inputSchema.valueBlock.value[0]) && (inputSchema.valueBlock.value[0].name.length > 0)) {
let arrayRoot = {};
if ((LOCAL in inputSchema.valueBlock.value[0]) && (inputSchema.valueBlock.value[0].local))
arrayRoot = inputData;
else
arrayRoot = root;
if (typeof arrayRoot[inputSchema.valueBlock.value[0].name] === "undefined")
arrayRoot[inputSchema.valueBlock.value[0].name] = [];
arrayRoot[inputSchema.valueBlock.value[0].name].push(inputData.valueBlock.value[i]);
}
}
else {
result = compareSchema(root, inputData.valueBlock.value[i - admission], inputSchema.valueBlock.value[i]);
if (result.verified === false) {
if (inputSchema.valueBlock.value[i].optional)
admission++;
else {
if (inputSchema.name) {
inputSchema.name = inputSchema.name.replace(/^\s+|\s+$/g, EMPTY_STRING$1);
if (inputSchema.name)
delete root[inputSchema.name];
}
return result;
}
}
}
}
}
if (result.verified === false) {
const _result = {
verified: false,
result: root,
};
if (inputSchema.name) {
inputSchema.name = inputSchema.name.replace(/^\s+|\s+$/g, EMPTY_STRING$1);
if (inputSchema.name) {
delete root[inputSchema.name];
_result.name = inputSchema.name;
}
}
return _result;
}
return {
verified: true,
result: root,
};
}
if (inputSchema.primitiveSchema
&& (VALUE_HEX_VIEW in inputData.valueBlock)) {
const asn1 = localFromBER(inputData.valueBlock.valueHexView);
if (asn1.offset === -1) {
const _result = {
verified: false,
result: asn1.result,
};
if (inputSchema.name) {
inputSchema.name = inputSchema.name.replace(/^\s+|\s+$/g, EMPTY_STRING$1);
if (inputSchema.name) {
delete root[inputSchema.name];
_result.name = inputSchema.name;
}
}
return _result;
}
return compareSchema(root, asn1.result, inputSchema.primitiveSchema);
}
return {
verified: true,
result: root,
};
}
const EMPTY_BUFFER = new ArrayBuffer(0);
const EMPTY_STRING = "";
class ArgumentError extends TypeError {
constructor() {
super(...arguments);
this.name = ArgumentError.NAME;
}
static isType(value, type) {
if (typeof type === "string") {
if (type === "Array" && Array.isArray(value)) {
return true;
}
else if (type === "ArrayBuffer" && value instanceof ArrayBuffer) {
return true;
}
else if (type === "ArrayBufferView" && ArrayBuffer.isView(value)) {
return true;
}
else if (typeof value === type) {
return true;
}
}
else if (value instanceof type) {
return true;
}
return false;
}
static assert(value, name, ...types) {
for (const type of types) {
if (this.isType(value, type)) {
return;
}
}
const typeNames = types.map(o => o instanceof Function && "name" in o ? o.name : `${o}`);
throw new ArgumentError(`Parameter '${name}' is not of type ${typeNames.length > 1 ? `(${typeNames.join(" or ")})` : typeNames[0]}`);
}
}
ArgumentError.NAME = "ArgumentError";
class ParameterError extends TypeError {
static assert(...args) {
let target = null;
let params;
let fields;
if (typeof args[0] === "string") {
target = args[0];
params = args[1];
fields = args.slice(2);
}
else {
params = args[0];
fields = args.slice(1);
}
ArgumentError.assert(params, "parameters", "object");
for (const field of fields) {
const value = params[field];
if (value === undefined || value === null) {
throw new ParameterError(field, target);
}
}
}
static assertEmpty(value, name, target) {
if (value === undefined || value === null) {
throw new ParameterError(name, target);
}
}
constructor(field, target = null, message) {
super();
this.name = ParameterError.NAME;
this.field = field;
if (target) {
this.target = target;
}
if (message) {
this.message = message;
}
else {
this.message = `Absent mandatory parameter '${field}' ${target ? ` in '${target}'` : EMPTY_STRING}`;
}
}
}
ParameterError.NAME = "ParameterError";
class AsnError extends Error {
static assertSchema(asn1, target) {
if (!asn1.verified) {
throw new Error(`Object's schema was not verified against input data for ${target}`);
}
}
static assert(asn, target) {
if (asn.offset === -1) {
throw new AsnError(`Error during parsing of ASN.1 data. Data is not correct for '${target}'.`);
}
}
constructor(message) {
super(message);
this.name = "AsnError";
}
}
class PkiObject {
static blockName() {
return this.CLASS_NAME;
}
static fromBER(raw) {
const asn1 = fromBER(raw);
AsnError.assert(asn1, this.name);
try {
return new this({ schema: asn1.result });
}
catch (e) {
throw new AsnError(`Cannot create '${this.CLASS_NAME}' from ASN.1 object`);
}
}
static defaultValues(memberName) {
throw new Error(`Invalid member name for ${this.CLASS_NAME} class: ${memberName}`);
}
static schema(parameters = {}) {
throw new Error(`Method '${this.CLASS_NAME}.schema' should be overridden`);
}
get className() {
return this.constructor.CLASS_NAME;
}
toString(encoding = "hex") {
let schema;
try {
schema = this.toSchema();
}
catch {
schema = this.toSchema(true);
}
return Convert.ToString(schema.toBER(), encoding);
}
}
PkiObject.CLASS_NAME = "PkiObject";
function stringPrep(inputString) {
let isSpace = false;
let cutResult = EMPTY_STRING;
const result = inputString.trim();
for (let i = 0; i < result.length; i++) {
if (result.charCodeAt(i) === 32) {
if (isSpace === false)
isSpace = true;
}
else {
if (isSpace) {
cutResult += " ";
isSpace = false;
}
cutResult += result[i];
}
}
return cutResult.toLowerCase();
}
const TYPE$5 = "type";
const VALUE$6 = "value";
class AttributeTypeAndValue extends PkiObject {
constructor(parameters = {}) {
super();
this.type = getParametersValue(parameters, TYPE$5, AttributeTypeAndValue.defaultValues(TYPE$5));
this.value = getParametersValue(parameters, VALUE$6, AttributeTypeAndValue.defaultValues(VALUE$6));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case TYPE$5:
return EMPTY_STRING;
case VALUE$6:
return {};
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new ObjectIdentifier({ name: (names.type || EMPTY_STRING) }),
new Any({ name: (names.value || EMPTY_STRING) })
]
}));
}
fromSchema(schema) {
clearProps(schema, [
TYPE$5,
"typeValue"
]);
const asn1 = compareSchema(schema, schema, AttributeTypeAndValue.schema({
names: {
type: TYPE$5,
value: "typeValue"
}
}));
AsnError.assertSchema(asn1, this.className);
this.type = asn1.result.type.valueBlock.toString();
this.value = asn1.result.typeValue;
}
toSchema() {
return (new Sequence({
value: [
new ObjectIdentifier({ value: this.type }),
this.value
]
}));
}
toJSON() {
const _object = {
type: this.type
};
if (Object.keys(this.value).length !== 0) {
_object.value = (this.value).toJSON();
}
else {
_object.value = this.value;
}
return _object;
}
isEqual(compareTo) {
const stringBlockNames = [
Utf8String.blockName(),
BmpString.blockName(),
UniversalString.blockName(),
NumericString.blockName(),
PrintableString.blockName(),
TeletexString.blockName(),
VideotexString.blockName(),
IA5String.blockName(),
GraphicString.blockName(),
VisibleString.blockName(),
GeneralString.blockName(),
CharacterString.blockName()
];
if (compareTo instanceof ArrayBuffer) {
return BufferSourceConverter.isEqual(this.value.valueBeforeDecodeView, compareTo);
}
if (compareTo.constructor.blockName() === AttributeTypeAndValue.blockName()) {
if (this.type !== compareTo.type)
return false;
const isStringPair = [false, false];
const thisName = this.value.constructor.blockName();
for (const name of stringBlockNames) {
if (thisName === name) {
isStringPair[0] = true;
}
if (compareTo.value.constructor.blockName() === name) {
isStringPair[1] = true;
}
}
if (isStringPair[0] !== isStringPair[1]) {
return false;
}
const isString = (isStringPair[0] && isStringPair[1]);
if (isString) {
const value1 = stringPrep(this.value.valueBlock.value);
const value2 = stringPrep(compareTo.value.valueBlock.value);
if (value1.localeCompare(value2) !== 0)
return false;
}
else {
if (!BufferSourceConverter.isEqual(this.value.valueBeforeDecodeView, compareTo.value.valueBeforeDecodeView))
return false;
}
return true;
}
return false;
}
}
AttributeTypeAndValue.CLASS_NAME = "AttributeTypeAndValue";
const TYPE_AND_VALUES = "typesAndValues";
const VALUE_BEFORE_DECODE = "valueBeforeDecode";
const RDN = "RDN";
class RelativeDistinguishedNames extends PkiObject {
constructor(parameters = {}) {
super();
this.typesAndValues = getParametersValue(parameters, TYPE_AND_VALUES, RelativeDistinguishedNames.defaultValues(TYPE_AND_VALUES));
this.valueBeforeDecode = getParametersValue(parameters, VALUE_BEFORE_DECODE, RelativeDistinguishedNames.defaultValues(VALUE_BEFORE_DECODE));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case TYPE_AND_VALUES:
return [];
case VALUE_BEFORE_DECODE:
return EMPTY_BUFFER;
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case TYPE_AND_VALUES:
return (memberValue.length === 0);
case VALUE_BEFORE_DECODE:
return (memberValue.byteLength === 0);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Repeated({
name: (names.repeatedSequence || EMPTY_STRING),
value: new Set({
value: [
new Repeated({
name: (names.repeatedSet || EMPTY_STRING),
value: AttributeTypeAndValue.schema(names.typeAndValue || {})
})
]
})
})
]
}));
}
fromSchema(schema) {
clearProps(schema, [
RDN,
TYPE_AND_VALUES
]);
const asn1 = compareSchema(schema, schema, RelativeDistinguishedNames.schema({
names: {
blockName: RDN,
repeatedSet: TYPE_AND_VALUES
}
}));
AsnError.assertSchema(asn1, this.className);
if (TYPE_AND_VALUES in asn1.result) {
this.typesAndValues = Array.from(asn1.result.typesAndValues, element => new AttributeTypeAndValue({ schema: element }));
}
this.valueBeforeDecode = asn1.result.RDN.valueBeforeDecodeView.slice().buffer;
}
toSchema() {
if (this.valueBeforeDecode.byteLength === 0) {
return (new Sequence({
value: [new Set({
value: Array.from(this.typesAndValues, o => o.toSchema())
})]
}));
}
const asn1 = fromBER(this.valueBeforeDecode);
AsnError.assert(asn1, "RelativeDistinguishedNames");
if (!(asn1.result instanceof Sequence)) {
throw new Error("ASN.1 result should be SEQUENCE");
}
return asn1.result;
}
toJSON() {
return {
typesAndValues: Array.from(this.typesAndValues, o => o.toJSON())
};
}
isEqual(compareTo) {
if (compareTo instanceof RelativeDistinguishedNames) {
if (this.typesAndValues.length !== compareTo.typesAndValues.length)
return false;
for (const [index, typeAndValue] of this.typesAndValues.entries()) {
if (typeAndValue.isEqual(compareTo.typesAndValues[index]) === false)
return false;
}
return true;
}
if (compareTo instanceof ArrayBuffer) {
return isEqualBuffer(this.valueBeforeDecode, compareTo);
}
return false;
}
}
RelativeDistinguishedNames.CLASS_NAME = "RelativeDistinguishedNames";
const TYPE$4 = "type";
const VALUE$5 = "value";
function builtInStandardAttributes(parameters = {}, optional = false) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
optional,
value: [
new Constructed({
optional: true,
idBlock: {
tagClass: 2,
tagNumber: 1
},
name: (names.country_name || EMPTY_STRING),
value: [
new Choice({
value: [
new NumericString(),
new PrintableString()
]
})
]
}),
new Constructed({
optional: true,
idBlock: {
tagClass: 2,
tagNumber: 2
},
name: (names.administration_domain_name || EMPTY_STRING),
value: [
new Choice({
value: [
new NumericString(),
new PrintableString()
]
})
]
}),
new Primitive({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
name: (names.network_address || EMPTY_STRING),
isHexOnly: true
}),
new Primitive({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 1
},
name: (names.terminal_identifier || EMPTY_STRING),
isHexOnly: true
}),
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 2
},
name: (names.private_domain_name || EMPTY_STRING),
value: [
new Choice({
value: [
new NumericString(),
new PrintableString()
]
})
]
}),
new Primitive({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 3
},
name: (names.organization_name || EMPTY_STRING),
isHexOnly: true
}),
new Primitive({
optional: true,
name: (names.numeric_user_identifier || EMPTY_STRING),
idBlock: {
tagClass: 3,
tagNumber: 4
},
isHexOnly: true
}),
new Constructed({
optional: true,
name: (names.personal_name || EMPTY_STRING),
idBlock: {
tagClass: 3,
tagNumber: 5
},
value: [
new Primitive({
idBlock: {
tagClass: 3,
tagNumber: 0
},
isHexOnly: true
}),
new Primitive({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 1
},
isHexOnly: true
}),
new Primitive({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 2
},
isHexOnly: true
}),
new Primitive({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 3
},
isHexOnly: true
})
]
}),
new Constructed({
optional: true,
name: (names.organizational_unit_names || EMPTY_STRING),
idBlock: {
tagClass: 3,
tagNumber: 6
},
value: [
new Repeated({
value: new PrintableString()
})
]
})
]
}));
}
function builtInDomainDefinedAttributes(optional = false) {
return (new Sequence({
optional,
value: [
new PrintableString(),
new PrintableString()
]
}));
}
function extensionAttributes(optional = false) {
return (new Set({
optional,
value: [
new Primitive({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
isHexOnly: true
}),
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: [new Any()]
})
]
}));
}
class GeneralName extends PkiObject {
constructor(parameters = {}) {
super();
this.type = getParametersValue(parameters, TYPE$4, GeneralName.defaultValues(TYPE$4));
this.value = getParametersValue(parameters, VALUE$5, GeneralName.defaultValues(VALUE$5));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case TYPE$4:
return 9;
case VALUE$5:
return {};
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case TYPE$4:
return (memberValue === GeneralName.defaultValues(memberName));
case VALUE$5:
return (Object.keys(memberValue).length === 0);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Choice({
value: [
new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
name: (names.blockName || EMPTY_STRING),
value: [
new ObjectIdentifier(),
new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [new Any()]
})
]
}),
new Primitive({
name: (names.blockName || EMPTY_STRING),
idBlock: {
tagClass: 3,
tagNumber: 1
}
}),
new Primitive({
name: (names.blockName || EMPTY_STRING),
idBlock: {
tagClass: 3,
tagNumber: 2
}
}),
new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 3
},
name: (names.blockName || EMPTY_STRING),
value: [
builtInStandardAttributes((names.builtInStandardAttributes || {}), false),
builtInDomainDefinedAttributes(true),
extensionAttributes(true)
]
}),
new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 4
},
name: (names.blockName || EMPTY_STRING),
value: [RelativeDistinguishedNames.schema(names.directoryName || {})]
}),
new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 5
},
name: (names.blockName || EMPTY_STRING),
value: [
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [
new Choice({
value: [
new TeletexString(),
new PrintableString(),
new UniversalString(),
new Utf8String(),
new BmpString()
]
})
]
}),
new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: [
new Choice({
value: [
new TeletexString(),
new PrintableString(),
new UniversalString(),
new Utf8String(),
new BmpString()
]
})
]
})
]
}),
new Primitive({
name: (names.blockName || EMPTY_STRING),
idBlock: {
tagClass: 3,
tagNumber: 6
}
}),
new Primitive({
name: (names.blockName || EMPTY_STRING),
idBlock: {
tagClass: 3,
tagNumber: 7
}
}),
new Primitive({
name: (names.blockName || EMPTY_STRING),
idBlock: {
tagClass: 3,
tagNumber: 8
}
})
]
}));
}
fromSchema(schema) {
clearProps(schema, [
"blockName",
"otherName",
"rfc822Name",
"dNSName",
"x400Address",
"directoryName",
"ediPartyName",
"uniformResourceIdentifier",
"iPAddress",
"registeredID"
]);
const asn1 = compareSchema(schema, schema, GeneralName.schema({
names: {
blockName: "blockName",
otherName: "otherName",
rfc822Name: "rfc822Name",
dNSName: "dNSName",
x400Address: "x400Address",
directoryName: {
names: {
blockName: "directoryName"
}
},
ediPartyName: "ediPartyName",
uniformResourceIdentifier: "uniformResourceIdentifier",
iPAddress: "iPAddress",
registeredID: "registeredID"
}
}));
AsnError.assertSchema(asn1, this.className);
this.type = asn1.result.blockName.idBlock.tagNumber;
switch (this.type) {
case 0:
this.value = asn1.result.blockName;
break;
case 1:
case 2:
case 6:
{
const value = asn1.result.blockName;
value.idBlock.tagClass = 1;
value.idBlock.tagNumber = 22;
const valueBER = value.toBER(false);
const asnValue = fromBER(valueBER);
AsnError.assert(asnValue, "GeneralName value");
this.value = asnValue.result.valueBlock.value;
}
break;
case 3:
this.value = asn1.result.blockName;
break;
case 4:
this.value = new RelativeDistinguishedNames({ schema: asn1.result.directoryName });
break;
case 5:
this.value = asn1.result.ediPartyName;
break;
case 7:
this.value = new OctetString({ valueHex: asn1.result.blockName.valueBlock.valueHex });
break;
case 8:
{
const value = asn1.result.blockName;
value.idBlock.tagClass = 1;
value.idBlock.tagNumber = 6;
const valueBER = value.toBER(false);
const asnValue = fromBER(valueBER);
AsnError.assert(asnValue, "GeneralName registeredID");
this.value = asnValue.result.valueBlock.toString();
}
break;
}
}
toSchema() {
switch (this.type) {
case 0:
case 3:
case 5:
return new Constructed({
idBlock: {
tagClass: 3,
tagNumber: this.type
},
value: [
this.value
]
});
case 1:
case 2:
case 6:
{
const value = new IA5String({ value: this.value });
value.idBlock.tagClass = 3;
value.idBlock.tagNumber = this.type;
return value;
}
case 4:
return new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 4
},
value: [this.value.toSchema()]
});
case 7:
{
const value = this.value;
value.idBlock.tagClass = 3;
value.idBlock.tagNumber = this.type;
return value;
}
case 8:
{
const value = new ObjectIdentifier({ value: this.value });
value.idBlock.tagClass = 3;
value.idBlock.tagNumber = this.type;
return value;
}
default:
return GeneralName.schema();
}
}
toJSON() {
const _object = {
type: this.type,
value: EMPTY_STRING
};
if ((typeof this.value) === "string")
_object.value = this.value;
else {
try {
_object.value = this.value.toJSON();
}
catch {
}
}
return _object;
}
}
GeneralName.CLASS_NAME = "GeneralName";
const ACCESS_METHOD = "accessMethod";
const ACCESS_LOCATION = "accessLocation";
const CLEAR_PROPS$1v = [
ACCESS_METHOD,
ACCESS_LOCATION,
];
class AccessDescription extends PkiObject {
constructor(parameters = {}) {
super();
this.accessMethod = getParametersValue(parameters, ACCESS_METHOD, AccessDescription.defaultValues(ACCESS_METHOD));
this.accessLocation = getParametersValue(parameters, ACCESS_LOCATION, AccessDescription.defaultValues(ACCESS_LOCATION));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case ACCESS_METHOD:
return EMPTY_STRING;
case ACCESS_LOCATION:
return new GeneralName();
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new ObjectIdentifier({ name: (names.accessMethod || EMPTY_STRING) }),
GeneralName.schema(names.accessLocation || {})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$1v);
const asn1 = compareSchema(schema, schema, AccessDescription.schema({
names: {
accessMethod: ACCESS_METHOD,
accessLocation: {
names: {
blockName: ACCESS_LOCATION
}
}
}
}));
AsnError.assertSchema(asn1, this.className);
this.accessMethod = asn1.result.accessMethod.valueBlock.toString();
this.accessLocation = new GeneralName({ schema: asn1.result.accessLocation });
}
toSchema() {
return (new Sequence({
value: [
new ObjectIdentifier({ value: this.accessMethod }),
this.accessLocation.toSchema()
]
}));
}
toJSON() {
return {
accessMethod: this.accessMethod,
accessLocation: this.accessLocation.toJSON()
};
}
}
AccessDescription.CLASS_NAME = "AccessDescription";
const SECONDS = "seconds";
const MILLIS = "millis";
const MICROS = "micros";
class Accuracy extends PkiObject {
constructor(parameters = {}) {
super();
if (SECONDS in parameters) {
this.seconds = getParametersValue(parameters, SECONDS, Accuracy.defaultValues(SECONDS));
}
if (MILLIS in parameters) {
this.millis = getParametersValue(parameters, MILLIS, Accuracy.defaultValues(MILLIS));
}
if (MICROS in parameters) {
this.micros = getParametersValue(parameters, MICROS, Accuracy.defaultValues(MICROS));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case SECONDS:
case MILLIS:
case MICROS:
return 0;
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case SECONDS:
case MILLIS:
case MICROS:
return (memberValue === Accuracy.defaultValues(memberName));
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
optional: true,
value: [
new Integer({
optional: true,
name: (names.seconds || EMPTY_STRING)
}),
new Primitive({
name: (names.millis || EMPTY_STRING),
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
}
}),
new Primitive({
name: (names.micros || EMPTY_STRING),
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 1
}
})
]
}));
}
fromSchema(schema) {
clearProps(schema, [
SECONDS,
MILLIS,
MICROS,
]);
const asn1 = compareSchema(schema, schema, Accuracy.schema({
names: {
seconds: SECONDS,
millis: MILLIS,
micros: MICROS,
}
}));
AsnError.assertSchema(asn1, this.className);
if ("seconds" in asn1.result) {
this.seconds = asn1.result.seconds.valueBlock.valueDec;
}
if ("millis" in asn1.result) {
const intMillis = new Integer({ valueHex: asn1.result.millis.valueBlock.valueHex });
this.millis = intMillis.valueBlock.valueDec;
}
if ("micros" in asn1.result) {
const intMicros = new Integer({ valueHex: asn1.result.micros.valueBlock.valueHex });
this.micros = intMicros.valueBlock.valueDec;
}
}
toSchema() {
const outputArray = [];
if (this.seconds !== undefined)
outputArray.push(new Integer({ value: this.seconds }));
if (this.millis !== undefined) {
const intMillis = new Integer({ value: this.millis });
outputArray.push(new Primitive({
idBlock: {
tagClass: 3,
tagNumber: 0
},
valueHex: intMillis.valueBlock.valueHexView
}));
}
if (this.micros !== undefined) {
const intMicros = new Integer({ value: this.micros });
outputArray.push(new Primitive({
idBlock: {
tagClass: 3,
tagNumber: 1
},
valueHex: intMicros.valueBlock.valueHexView
}));
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const _object = {};
if (this.seconds !== undefined)
_object.seconds = this.seconds;
if (this.millis !== undefined)
_object.millis = this.millis;
if (this.micros !== undefined)
_object.micros = this.micros;
return _object;
}
}
Accuracy.CLASS_NAME = "Accuracy";
const ALGORITHM_ID = "algorithmId";
const ALGORITHM_PARAMS = "algorithmParams";
const ALGORITHM$2 = "algorithm";
const PARAMS = "params";
const CLEAR_PROPS$1u = [
ALGORITHM$2,
PARAMS
];
class AlgorithmIdentifier extends PkiObject {
constructor(parameters = {}) {
super();
this.algorithmId = getParametersValue(parameters, ALGORITHM_ID, AlgorithmIdentifier.defaultValues(ALGORITHM_ID));
if (ALGORITHM_PARAMS in parameters) {
this.algorithmParams = getParametersValue(parameters, ALGORITHM_PARAMS, AlgorithmIdentifier.defaultValues(ALGORITHM_PARAMS));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case ALGORITHM_ID:
return EMPTY_STRING;
case ALGORITHM_PARAMS:
return new Any();
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case ALGORITHM_ID:
return (memberValue === EMPTY_STRING);
case ALGORITHM_PARAMS:
return (memberValue instanceof Any);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
optional: (names.optional || false),
value: [
new ObjectIdentifier({ name: (names.algorithmIdentifier || EMPTY_STRING) }),
new Any({ name: (names.algorithmParams || EMPTY_STRING), optional: true })
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$1u);
const asn1 = compareSchema(schema, schema, AlgorithmIdentifier.schema({
names: {
algorithmIdentifier: ALGORITHM$2,
algorithmParams: PARAMS
}
}));
AsnError.assertSchema(asn1, this.className);
this.algorithmId = asn1.result.algorithm.valueBlock.toString();
if (PARAMS in asn1.result) {
this.algorithmParams = asn1.result.params;
}
}
toSchema() {
const outputArray = [];
outputArray.push(new ObjectIdentifier({ value: this.algorithmId }));
if (this.algorithmParams && !(this.algorithmParams instanceof Any)) {
outputArray.push(this.algorithmParams);
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const object = {
algorithmId: this.algorithmId
};
if (this.algorithmParams && !(this.algorithmParams instanceof Any)) {
object.algorithmParams = this.algorithmParams.toJSON();
}
return object;
}
isEqual(algorithmIdentifier) {
if (!(algorithmIdentifier instanceof AlgorithmIdentifier)) {
return false;
}
if (this.algorithmId !== algorithmIdentifier.algorithmId) {
return false;
}
if (this.algorithmParams) {
if (algorithmIdentifier.algorithmParams) {
return JSON.stringify(this.algorithmParams) === JSON.stringify(algorithmIdentifier.algorithmParams);
}
return false;
}
if (algorithmIdentifier.algorithmParams) {
return false;
}
return true;
}
}
AlgorithmIdentifier.CLASS_NAME = "AlgorithmIdentifier";
const ALT_NAMES = "altNames";
const CLEAR_PROPS$1t = [
ALT_NAMES
];
class AltName extends PkiObject {
constructor(parameters = {}) {
super();
this.altNames = getParametersValue(parameters, ALT_NAMES, AltName.defaultValues(ALT_NAMES));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case ALT_NAMES:
return [];
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Repeated({
name: (names.altNames || EMPTY_STRING),
value: GeneralName.schema()
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$1t);
const asn1 = compareSchema(schema, schema, AltName.schema({
names: {
altNames: ALT_NAMES
}
}));
AsnError.assertSchema(asn1, this.className);
if (ALT_NAMES in asn1.result) {
this.altNames = Array.from(asn1.result.altNames, element => new GeneralName({ schema: element }));
}
}
toSchema() {
return (new Sequence({
value: Array.from(this.altNames, o => o.toSchema())
}));
}
toJSON() {
return {
altNames: Array.from(this.altNames, o => o.toJSON())
};
}
}
AltName.CLASS_NAME = "AltName";
const TYPE$3 = "type";
const VALUES$1 = "values";
const CLEAR_PROPS$1s = [
TYPE$3,
VALUES$1
];
class Attribute extends PkiObject {
constructor(parameters = {}) {
super();
this.type = getParametersValue(parameters, TYPE$3, Attribute.defaultValues(TYPE$3));
this.values = getParametersValue(parameters, VALUES$1, Attribute.defaultValues(VALUES$1));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case TYPE$3:
return EMPTY_STRING;
case VALUES$1:
return [];
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case TYPE$3:
return (memberValue === EMPTY_STRING);
case VALUES$1:
return (memberValue.length === 0);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new ObjectIdentifier({ name: (names.type || EMPTY_STRING) }),
new Set({
name: (names.setName || EMPTY_STRING),
value: [
new Repeated({
name: (names.values || EMPTY_STRING),
value: new Any()
})
]
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$1s);
const asn1 = compareSchema(schema, schema, Attribute.schema({
names: {
type: TYPE$3,
values: VALUES$1
}
}));
AsnError.assertSchema(asn1, this.className);
this.type = asn1.result.type.valueBlock.toString();
this.values = asn1.result.values;
}
toSchema() {
return (new Sequence({
value: [
new ObjectIdentifier({ value: this.type }),
new Set({
value: this.values
})
]
}));
}
toJSON() {
return {
type: this.type,
values: Array.from(this.values, o => o.toJSON())
};
}
}
Attribute.CLASS_NAME = "Attribute";
const NOT_BEFORE_TIME = "notBeforeTime";
const NOT_AFTER_TIME = "notAfterTime";
const CLEAR_PROPS$1r = [
NOT_BEFORE_TIME,
NOT_AFTER_TIME,
];
class AttCertValidityPeriod extends PkiObject {
constructor(parameters = {}) {
super();
this.notBeforeTime = getParametersValue(parameters, NOT_BEFORE_TIME, AttCertValidityPeriod.defaultValues(NOT_BEFORE_TIME));
this.notAfterTime = getParametersValue(parameters, NOT_AFTER_TIME, AttCertValidityPeriod.defaultValues(NOT_AFTER_TIME));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case NOT_BEFORE_TIME:
case NOT_AFTER_TIME:
return new Date(0, 0, 0);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new GeneralizedTime({ name: (names.notBeforeTime || EMPTY_STRING) }),
new GeneralizedTime({ name: (names.notAfterTime || EMPTY_STRING) })
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$1r);
const asn1 = compareSchema(schema, schema, AttCertValidityPeriod.schema({
names: {
notBeforeTime: NOT_BEFORE_TIME,
notAfterTime: NOT_AFTER_TIME
}
}));
AsnError.assertSchema(asn1, this.className);
this.notBeforeTime = asn1.result.notBeforeTime.toDate();
this.notAfterTime = asn1.result.notAfterTime.toDate();
}
toSchema() {
return (new Sequence({
value: [
new GeneralizedTime({ valueDate: this.notBeforeTime }),
new GeneralizedTime({ valueDate: this.notAfterTime }),
]
}));
}
toJSON() {
return {
notBeforeTime: this.notBeforeTime,
notAfterTime: this.notAfterTime
};
}
}
AttCertValidityPeriod.CLASS_NAME = "AttCertValidityPeriod";
const NAMES = "names";
const GENERAL_NAMES = "generalNames";
class GeneralNames extends PkiObject {
constructor(parameters = {}) {
super();
this.names = getParametersValue(parameters, NAMES, GeneralNames.defaultValues(NAMES));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case "names":
return [];
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}, optional = false) {
const names = getParametersValue(parameters, NAMES, {});
return (new Sequence({
optional,
name: (names.blockName || EMPTY_STRING),
value: [
new Repeated({
name: (names.generalNames || EMPTY_STRING),
value: GeneralName.schema()
})
]
}));
}
fromSchema(schema) {
clearProps(schema, [
NAMES,
GENERAL_NAMES
]);
const asn1 = compareSchema(schema, schema, GeneralNames.schema({
names: {
blockName: NAMES,
generalNames: GENERAL_NAMES
}
}));
AsnError.assertSchema(asn1, this.className);
this.names = Array.from(asn1.result.generalNames, element => new GeneralName({ schema: element }));
}
toSchema() {
return (new Sequence({
value: Array.from(this.names, o => o.toSchema())
}));
}
toJSON() {
return {
names: Array.from(this.names, o => o.toJSON())
};
}
}
GeneralNames.CLASS_NAME = "GeneralNames";
const id_SubjectDirectoryAttributes = "2.5.29.9";
const id_SubjectKeyIdentifier = "2.5.29.14";
const id_KeyUsage = "2.5.29.15";
const id_PrivateKeyUsagePeriod = "2.5.29.16";
const id_SubjectAltName = "2.5.29.17";
const id_IssuerAltName = "2.5.29.18";
const id_BasicConstraints = "2.5.29.19";
const id_CRLNumber = "2.5.29.20";
const id_BaseCRLNumber = "2.5.29.27";
const id_CRLReason = "2.5.29.21";
const id_InvalidityDate = "2.5.29.24";
const id_IssuingDistributionPoint = "2.5.29.28";
const id_CertificateIssuer = "2.5.29.29";
const id_NameConstraints = "2.5.29.30";
const id_CRLDistributionPoints = "2.5.29.31";
const id_FreshestCRL = "2.5.29.46";
const id_CertificatePolicies = "2.5.29.32";
const id_AnyPolicy = "2.5.29.32.0";
const id_MicrosoftAppPolicies = "1.3.6.1.4.1.311.21.10";
const id_PolicyMappings = "2.5.29.33";
const id_AuthorityKeyIdentifier = "2.5.29.35";
const id_PolicyConstraints = "2.5.29.36";
const id_ExtKeyUsage = "2.5.29.37";
const id_InhibitAnyPolicy = "2.5.29.54";
const id_AuthorityInfoAccess = "1.3.6.1.5.5.7.1.1";
const id_SubjectInfoAccess = "1.3.6.1.5.5.7.1.11";
const id_SignedCertificateTimestampList = "1.3.6.1.4.1.11129.2.4.2";
const id_MicrosoftCertTemplateV1 = "1.3.6.1.4.1.311.20.2";
const id_MicrosoftPrevCaCertHash = "1.3.6.1.4.1.311.21.2";
const id_MicrosoftCertTemplateV2 = "1.3.6.1.4.1.311.21.7";
const id_MicrosoftCaVersion = "1.3.6.1.4.1.311.21.1";
const id_QCStatements = "1.3.6.1.5.5.7.1.3";
const id_ContentType_Data = "1.2.840.113549.1.7.1";
const id_ContentType_SignedData = "1.2.840.113549.1.7.2";
const id_ContentType_EnvelopedData = "1.2.840.113549.1.7.3";
const id_ContentType_EncryptedData = "1.2.840.113549.1.7.6";
const id_eContentType_TSTInfo = "1.2.840.113549.1.9.16.1.4";
const id_CertBag_X509Certificate = "1.2.840.113549.1.9.22.1";
const id_CertBag_SDSICertificate = "1.2.840.113549.1.9.22.2";
const id_CertBag_AttributeCertificate = "1.2.840.113549.1.9.22.3";
const id_CRLBag_X509CRL = "1.2.840.113549.1.9.23.1";
const id_pkix = "1.3.6.1.5.5.7";
const id_ad = `${id_pkix}.48`;
const id_PKIX_OCSP_Basic = `${id_ad}.1.1`;
const id_ad_caIssuers = `${id_ad}.2`;
const id_ad_ocsp = `${id_ad}.1`;
const id_sha1 = "1.3.14.3.2.26";
const id_sha256 = "2.16.840.1.101.3.4.2.1";
const id_sha384 = "2.16.840.1.101.3.4.2.2";
const id_sha512 = "2.16.840.1.101.3.4.2.3";
const KEY_IDENTIFIER$1 = "keyIdentifier";
const AUTHORITY_CERT_ISSUER = "authorityCertIssuer";
const AUTHORITY_CERT_SERIAL_NUMBER = "authorityCertSerialNumber";
const CLEAR_PROPS$1q = [
KEY_IDENTIFIER$1,
AUTHORITY_CERT_ISSUER,
AUTHORITY_CERT_SERIAL_NUMBER,
];
class AuthorityKeyIdentifier extends PkiObject {
constructor(parameters = {}) {
super();
if (KEY_IDENTIFIER$1 in parameters) {
this.keyIdentifier = getParametersValue(parameters, KEY_IDENTIFIER$1, AuthorityKeyIdentifier.defaultValues(KEY_IDENTIFIER$1));
}
if (AUTHORITY_CERT_ISSUER in parameters) {
this.authorityCertIssuer = getParametersValue(parameters, AUTHORITY_CERT_ISSUER, AuthorityKeyIdentifier.defaultValues(AUTHORITY_CERT_ISSUER));
}
if (AUTHORITY_CERT_SERIAL_NUMBER in parameters) {
this.authorityCertSerialNumber = getParametersValue(parameters, AUTHORITY_CERT_SERIAL_NUMBER, AuthorityKeyIdentifier.defaultValues(AUTHORITY_CERT_SERIAL_NUMBER));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case KEY_IDENTIFIER$1:
return new OctetString();
case AUTHORITY_CERT_ISSUER:
return [];
case AUTHORITY_CERT_SERIAL_NUMBER:
return new Integer();
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Primitive({
name: (names.keyIdentifier || EMPTY_STRING),
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
}
}),
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: [
new Repeated({
name: (names.authorityCertIssuer || EMPTY_STRING),
value: GeneralName.schema()
})
]
}),
new Primitive({
name: (names.authorityCertSerialNumber || EMPTY_STRING),
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 2
}
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$1q);
const asn1 = compareSchema(schema, schema, AuthorityKeyIdentifier.schema({
names: {
keyIdentifier: KEY_IDENTIFIER$1,
authorityCertIssuer: AUTHORITY_CERT_ISSUER,
authorityCertSerialNumber: AUTHORITY_CERT_SERIAL_NUMBER
}
}));
AsnError.assertSchema(asn1, this.className);
if (KEY_IDENTIFIER$1 in asn1.result)
this.keyIdentifier = new OctetString({ valueHex: asn1.result.keyIdentifier.valueBlock.valueHex });
if (AUTHORITY_CERT_ISSUER in asn1.result)
this.authorityCertIssuer = Array.from(asn1.result.authorityCertIssuer, o => new GeneralName({ schema: o }));
if (AUTHORITY_CERT_SERIAL_NUMBER in asn1.result)
this.authorityCertSerialNumber = new Integer({ valueHex: asn1.result.authorityCertSerialNumber.valueBlock.valueHex });
}
toSchema() {
const outputArray = [];
if (this.keyIdentifier) {
outputArray.push(new Primitive({
idBlock: {
tagClass: 3,
tagNumber: 0
},
valueHex: this.keyIdentifier.valueBlock.valueHexView
}));
}
if (this.authorityCertIssuer) {
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: Array.from(this.authorityCertIssuer, o => o.toSchema())
}));
}
if (this.authorityCertSerialNumber) {
outputArray.push(new Primitive({
idBlock: {
tagClass: 3,
tagNumber: 2
},
valueHex: this.authorityCertSerialNumber.valueBlock.valueHexView
}));
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const object = {};
if (this.keyIdentifier) {
object.keyIdentifier = this.keyIdentifier.toJSON();
}
if (this.authorityCertIssuer) {
object.authorityCertIssuer = Array.from(this.authorityCertIssuer, o => o.toJSON());
}
if (this.authorityCertSerialNumber) {
object.authorityCertSerialNumber = this.authorityCertSerialNumber.toJSON();
}
return object;
}
}
AuthorityKeyIdentifier.CLASS_NAME = "AuthorityKeyIdentifier";
const PATH_LENGTH_CONSTRAINT = "pathLenConstraint";
const CA = "cA";
class BasicConstraints extends PkiObject {
constructor(parameters = {}) {
super();
this.cA = getParametersValue(parameters, CA, false);
if (PATH_LENGTH_CONSTRAINT in parameters) {
this.pathLenConstraint = getParametersValue(parameters, PATH_LENGTH_CONSTRAINT, 0);
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case CA:
return false;
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Boolean({
optional: true,
name: (names.cA || EMPTY_STRING)
}),
new Integer({
optional: true,
name: (names.pathLenConstraint || EMPTY_STRING)
})
]
}));
}
fromSchema(schema) {
clearProps(schema, [
CA,
PATH_LENGTH_CONSTRAINT
]);
const asn1 = compareSchema(schema, schema, BasicConstraints.schema({
names: {
cA: CA,
pathLenConstraint: PATH_LENGTH_CONSTRAINT
}
}));
AsnError.assertSchema(asn1, this.className);
if (CA in asn1.result) {
this.cA = asn1.result.cA.valueBlock.value;
}
if (PATH_LENGTH_CONSTRAINT in asn1.result) {
if (asn1.result.pathLenConstraint.valueBlock.isHexOnly) {
this.pathLenConstraint = asn1.result.pathLenConstraint;
}
else {
this.pathLenConstraint = asn1.result.pathLenConstraint.valueBlock.valueDec;
}
}
}
toSchema() {
const outputArray = [];
if (this.cA !== BasicConstraints.defaultValues(CA))
outputArray.push(new Boolean({ value: this.cA }));
if (PATH_LENGTH_CONSTRAINT in this) {
if (this.pathLenConstraint instanceof Integer) {
outputArray.push(this.pathLenConstraint);
}
else {
outputArray.push(new Integer({ value: this.pathLenConstraint }));
}
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const object = {};
if (this.cA !== BasicConstraints.defaultValues(CA)) {
object.cA = this.cA;
}
if (PATH_LENGTH_CONSTRAINT in this) {
if (this.pathLenConstraint instanceof Integer) {
object.pathLenConstraint = this.pathLenConstraint.toJSON();
}
else {
object.pathLenConstraint = this.pathLenConstraint;
}
}
return object;
}
}
BasicConstraints.CLASS_NAME = "BasicConstraints";
const CERTIFICATE_INDEX = "certificateIndex";
const KEY_INDEX = "keyIndex";
class CAVersion extends PkiObject {
constructor(parameters = {}) {
super();
this.certificateIndex = getParametersValue(parameters, CERTIFICATE_INDEX, CAVersion.defaultValues(CERTIFICATE_INDEX));
this.keyIndex = getParametersValue(parameters, KEY_INDEX, CAVersion.defaultValues(KEY_INDEX));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case CERTIFICATE_INDEX:
case KEY_INDEX:
return 0;
default:
return super.defaultValues(memberName);
}
}
static schema() {
return (new Integer());
}
fromSchema(schema) {
if (schema.constructor.blockName() !== Integer.blockName()) {
throw new Error("Object's schema was not verified against input data for CAVersion");
}
let value = schema.valueBlock.valueHex.slice(0);
const valueView = new Uint8Array(value);
switch (true) {
case (value.byteLength < 4):
{
const tempValue = new ArrayBuffer(4);
const tempValueView = new Uint8Array(tempValue);
tempValueView.set(valueView, 4 - value.byteLength);
value = tempValue.slice(0);
}
break;
case (value.byteLength > 4):
{
const tempValue = new ArrayBuffer(4);
const tempValueView = new Uint8Array(tempValue);
tempValueView.set(valueView.slice(0, 4));
value = tempValue.slice(0);
}
break;
}
const keyIndexBuffer = value.slice(0, 2);
const keyIndexView8 = new Uint8Array(keyIndexBuffer);
let temp = keyIndexView8[0];
keyIndexView8[0] = keyIndexView8[1];
keyIndexView8[1] = temp;
const keyIndexView16 = new Uint16Array(keyIndexBuffer);
this.keyIndex = keyIndexView16[0];
const certificateIndexBuffer = value.slice(2);
const certificateIndexView8 = new Uint8Array(certificateIndexBuffer);
temp = certificateIndexView8[0];
certificateIndexView8[0] = certificateIndexView8[1];
certificateIndexView8[1] = temp;
const certificateIndexView16 = new Uint16Array(certificateIndexBuffer);
this.certificateIndex = certificateIndexView16[0];
}
toSchema() {
const certificateIndexBuffer = new ArrayBuffer(2);
const certificateIndexView = new Uint16Array(certificateIndexBuffer);
certificateIndexView[0] = this.certificateIndex;
const certificateIndexView8 = new Uint8Array(certificateIndexBuffer);
let temp = certificateIndexView8[0];
certificateIndexView8[0] = certificateIndexView8[1];
certificateIndexView8[1] = temp;
const keyIndexBuffer = new ArrayBuffer(2);
const keyIndexView = new Uint16Array(keyIndexBuffer);
keyIndexView[0] = this.keyIndex;
const keyIndexView8 = new Uint8Array(keyIndexBuffer);
temp = keyIndexView8[0];
keyIndexView8[0] = keyIndexView8[1];
keyIndexView8[1] = temp;
return (new Integer({
valueHex: utilConcatBuf(keyIndexBuffer, certificateIndexBuffer)
}));
}
toJSON() {
return {
certificateIndex: this.certificateIndex,
keyIndex: this.keyIndex
};
}
}
CAVersion.CLASS_NAME = "CAVersion";
const POLICY_QUALIFIER_ID = "policyQualifierId";
const QUALIFIER = "qualifier";
const CLEAR_PROPS$1p = [
POLICY_QUALIFIER_ID,
QUALIFIER
];
class PolicyQualifierInfo extends PkiObject {
constructor(parameters = {}) {
super();
this.policyQualifierId = getParametersValue(parameters, POLICY_QUALIFIER_ID, PolicyQualifierInfo.defaultValues(POLICY_QUALIFIER_ID));
this.qualifier = getParametersValue(parameters, QUALIFIER, PolicyQualifierInfo.defaultValues(QUALIFIER));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case POLICY_QUALIFIER_ID:
return EMPTY_STRING;
case QUALIFIER:
return new Any();
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new ObjectIdentifier({ name: (names.policyQualifierId || EMPTY_STRING) }),
new Any({ name: (names.qualifier || EMPTY_STRING) })
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$1p);
const asn1 = compareSchema(schema, schema, PolicyQualifierInfo.schema({
names: {
policyQualifierId: POLICY_QUALIFIER_ID,
qualifier: QUALIFIER
}
}));
AsnError.assertSchema(asn1, this.className);
this.policyQualifierId = asn1.result.policyQualifierId.valueBlock.toString();
this.qualifier = asn1.result.qualifier;
}
toSchema() {
return (new Sequence({
value: [
new ObjectIdentifier({ value: this.policyQualifierId }),
this.qualifier
]
}));
}
toJSON() {
return {
policyQualifierId: this.policyQualifierId,
qualifier: this.qualifier.toJSON()
};
}
}
PolicyQualifierInfo.CLASS_NAME = "PolicyQualifierInfo";
const POLICY_IDENTIFIER = "policyIdentifier";
const POLICY_QUALIFIERS = "policyQualifiers";
const CLEAR_PROPS$1o = [
POLICY_IDENTIFIER,
POLICY_QUALIFIERS
];
class PolicyInformation extends PkiObject {
constructor(parameters = {}) {
super();
this.policyIdentifier = getParametersValue(parameters, POLICY_IDENTIFIER, PolicyInformation.defaultValues(POLICY_IDENTIFIER));
if (POLICY_QUALIFIERS in parameters) {
this.policyQualifiers = getParametersValue(parameters, POLICY_QUALIFIERS, PolicyInformation.defaultValues(POLICY_QUALIFIERS));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case POLICY_IDENTIFIER:
return EMPTY_STRING;
case POLICY_QUALIFIERS:
return [];
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new ObjectIdentifier({ name: (names.policyIdentifier || EMPTY_STRING) }),
new Sequence({
optional: true,
value: [
new Repeated({
name: (names.policyQualifiers || EMPTY_STRING),
value: PolicyQualifierInfo.schema()
})
]
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$1o);
const asn1 = compareSchema(schema, schema, PolicyInformation.schema({
names: {
policyIdentifier: POLICY_IDENTIFIER,
policyQualifiers: POLICY_QUALIFIERS
}
}));
AsnError.assertSchema(asn1, this.className);
this.policyIdentifier = asn1.result.policyIdentifier.valueBlock.toString();
if (POLICY_QUALIFIERS in asn1.result) {
this.policyQualifiers = Array.from(asn1.result.policyQualifiers, element => new PolicyQualifierInfo({ schema: element }));
}
}
toSchema() {
const outputArray = [];
outputArray.push(new ObjectIdentifier({ value: this.policyIdentifier }));
if (this.policyQualifiers) {
outputArray.push(new Sequence({
value: Array.from(this.policyQualifiers, o => o.toSchema())
}));
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const res = {
policyIdentifier: this.policyIdentifier
};
if (this.policyQualifiers)
res.policyQualifiers = Array.from(this.policyQualifiers, o => o.toJSON());
return res;
}
}
PolicyInformation.CLASS_NAME = "PolicyInformation";
const CERTIFICATE_POLICIES = "certificatePolicies";
const CLEAR_PROPS$1n = [
CERTIFICATE_POLICIES,
];
class CertificatePolicies extends PkiObject {
constructor(parameters = {}) {
super();
this.certificatePolicies = getParametersValue(parameters, CERTIFICATE_POLICIES, CertificatePolicies.defaultValues(CERTIFICATE_POLICIES));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case CERTIFICATE_POLICIES:
return [];
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Repeated({
name: (names.certificatePolicies || EMPTY_STRING),
value: PolicyInformation.schema()
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$1n);
const asn1 = compareSchema(schema, schema, CertificatePolicies.schema({
names: {
certificatePolicies: CERTIFICATE_POLICIES
}
}));
AsnError.assertSchema(asn1, this.className);
this.certificatePolicies = Array.from(asn1.result.certificatePolicies, element => new PolicyInformation({ schema: element }));
}
toSchema() {
return (new Sequence({
value: Array.from(this.certificatePolicies, o => o.toSchema())
}));
}
toJSON() {
return {
certificatePolicies: Array.from(this.certificatePolicies, o => o.toJSON())
};
}
}
CertificatePolicies.CLASS_NAME = "CertificatePolicies";
const TEMPLATE_ID = "templateID";
const TEMPLATE_MAJOR_VERSION = "templateMajorVersion";
const TEMPLATE_MINOR_VERSION = "templateMinorVersion";
const CLEAR_PROPS$1m = [
TEMPLATE_ID,
TEMPLATE_MAJOR_VERSION,
TEMPLATE_MINOR_VERSION
];
class CertificateTemplate extends PkiObject {
constructor(parameters = {}) {
super();
this.templateID = getParametersValue(parameters, TEMPLATE_ID, CertificateTemplate.defaultValues(TEMPLATE_ID));
if (TEMPLATE_MAJOR_VERSION in parameters) {
this.templateMajorVersion = getParametersValue(parameters, TEMPLATE_MAJOR_VERSION, CertificateTemplate.defaultValues(TEMPLATE_MAJOR_VERSION));
}
if (TEMPLATE_MINOR_VERSION in parameters) {
this.templateMinorVersion = getParametersValue(parameters, TEMPLATE_MINOR_VERSION, CertificateTemplate.defaultValues(TEMPLATE_MINOR_VERSION));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case TEMPLATE_ID:
return EMPTY_STRING;
case TEMPLATE_MAJOR_VERSION:
case TEMPLATE_MINOR_VERSION:
return 0;
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new ObjectIdentifier({ name: (names.templateID || EMPTY_STRING) }),
new Integer({
name: (names.templateMajorVersion || EMPTY_STRING),
optional: true
}),
new Integer({
name: (names.templateMinorVersion || EMPTY_STRING),
optional: true
}),
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$1m);
const asn1 = compareSchema(schema, schema, CertificateTemplate.schema({
names: {
templateID: TEMPLATE_ID,
templateMajorVersion: TEMPLATE_MAJOR_VERSION,
templateMinorVersion: TEMPLATE_MINOR_VERSION
}
}));
AsnError.assertSchema(asn1, this.className);
this.templateID = asn1.result.templateID.valueBlock.toString();
if (TEMPLATE_MAJOR_VERSION in asn1.result) {
this.templateMajorVersion = asn1.result.templateMajorVersion.valueBlock.valueDec;
}
if (TEMPLATE_MINOR_VERSION in asn1.result) {
this.templateMinorVersion = asn1.result.templateMinorVersion.valueBlock.valueDec;
}
}
toSchema() {
const outputArray = [];
outputArray.push(new ObjectIdentifier({ value: this.templateID }));
if (TEMPLATE_MAJOR_VERSION in this) {
outputArray.push(new Integer({ value: this.templateMajorVersion }));
}
if (TEMPLATE_MINOR_VERSION in this) {
outputArray.push(new Integer({ value: this.templateMinorVersion }));
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const res = {
templateID: this.templateID
};
if (TEMPLATE_MAJOR_VERSION in this)
res.templateMajorVersion = this.templateMajorVersion;
if (TEMPLATE_MINOR_VERSION in this)
res.templateMinorVersion = this.templateMinorVersion;
return res;
}
}
const DISTRIBUTION_POINT$1 = "distributionPoint";
const DISTRIBUTION_POINT_NAMES$1 = "distributionPointNames";
const REASONS = "reasons";
const CRL_ISSUER = "cRLIssuer";
const CRL_ISSUER_NAMES = "cRLIssuerNames";
const CLEAR_PROPS$1l = [
DISTRIBUTION_POINT$1,
DISTRIBUTION_POINT_NAMES$1,
REASONS,
CRL_ISSUER,
CRL_ISSUER_NAMES,
];
class DistributionPoint extends PkiObject {
constructor(parameters = {}) {
super();
if (DISTRIBUTION_POINT$1 in parameters) {
this.distributionPoint = getParametersValue(parameters, DISTRIBUTION_POINT$1, DistributionPoint.defaultValues(DISTRIBUTION_POINT$1));
}
if (REASONS in parameters) {
this.reasons = getParametersValue(parameters, REASONS, DistributionPoint.defaultValues(REASONS));
}
if (CRL_ISSUER in parameters) {
this.cRLIssuer = getParametersValue(parameters, CRL_ISSUER, DistributionPoint.defaultValues(CRL_ISSUER));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case DISTRIBUTION_POINT$1:
return [];
case REASONS:
return new BitString();
case CRL_ISSUER:
return [];
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [
new Choice({
value: [
new Constructed({
name: (names.distributionPoint || EMPTY_STRING),
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [
new Repeated({
name: (names.distributionPointNames || EMPTY_STRING),
value: GeneralName.schema()
})
]
}),
new Constructed({
name: (names.distributionPoint || EMPTY_STRING),
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: RelativeDistinguishedNames.schema().valueBlock.value
})
]
})
]
}),
new Primitive({
name: (names.reasons || EMPTY_STRING),
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 1
}
}),
new Constructed({
name: (names.cRLIssuer || EMPTY_STRING),
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 2
},
value: [
new Repeated({
name: (names.cRLIssuerNames || EMPTY_STRING),
value: GeneralName.schema()
})
]
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$1l);
const asn1 = compareSchema(schema, schema, DistributionPoint.schema({
names: {
distributionPoint: DISTRIBUTION_POINT$1,
distributionPointNames: DISTRIBUTION_POINT_NAMES$1,
reasons: REASONS,
cRLIssuer: CRL_ISSUER,
cRLIssuerNames: CRL_ISSUER_NAMES
}
}));
AsnError.assertSchema(asn1, this.className);
if (DISTRIBUTION_POINT$1 in asn1.result) {
if (asn1.result.distributionPoint.idBlock.tagNumber === 0) {
this.distributionPoint = Array.from(asn1.result.distributionPointNames, element => new GeneralName({ schema: element }));
}
if (asn1.result.distributionPoint.idBlock.tagNumber === 1) {
this.distributionPoint = new RelativeDistinguishedNames({
schema: new Sequence({
value: asn1.result.distributionPoint.valueBlock.value
})
});
}
}
if (REASONS in asn1.result) {
this.reasons = new BitString({ valueHex: asn1.result.reasons.valueBlock.valueHex });
}
if (CRL_ISSUER in asn1.result) {
this.cRLIssuer = Array.from(asn1.result.cRLIssuerNames, element => new GeneralName({ schema: element }));
}
}
toSchema() {
const outputArray = [];
if (this.distributionPoint) {
let internalValue;
if (this.distributionPoint instanceof Array) {
internalValue = new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: Array.from(this.distributionPoint, o => o.toSchema())
});
}
else {
internalValue = new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: [this.distributionPoint.toSchema()]
});
}
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [internalValue]
}));
}
if (this.reasons) {
outputArray.push(new Primitive({
idBlock: {
tagClass: 3,
tagNumber: 1
},
valueHex: this.reasons.valueBlock.valueHexView
}));
}
if (this.cRLIssuer) {
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 2
},
value: Array.from(this.cRLIssuer, o => o.toSchema())
}));
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const object = {};
if (this.distributionPoint) {
if (this.distributionPoint instanceof Array) {
object.distributionPoint = Array.from(this.distributionPoint, o => o.toJSON());
}
else {
object.distributionPoint = this.distributionPoint.toJSON();
}
}
if (this.reasons) {
object.reasons = this.reasons.toJSON();
}
if (this.cRLIssuer) {
object.cRLIssuer = Array.from(this.cRLIssuer, o => o.toJSON());
}
return object;
}
}
DistributionPoint.CLASS_NAME = "DistributionPoint";
const DISTRIBUTION_POINTS = "distributionPoints";
const CLEAR_PROPS$1k = [
DISTRIBUTION_POINTS
];
class CRLDistributionPoints extends PkiObject {
constructor(parameters = {}) {
super();
this.distributionPoints = getParametersValue(parameters, DISTRIBUTION_POINTS, CRLDistributionPoints.defaultValues(DISTRIBUTION_POINTS));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case DISTRIBUTION_POINTS:
return [];
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Repeated({
name: (names.distributionPoints || EMPTY_STRING),
value: DistributionPoint.schema()
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$1k);
const asn1 = compareSchema(schema, schema, CRLDistributionPoints.schema({
names: {
distributionPoints: DISTRIBUTION_POINTS
}
}));
AsnError.assertSchema(asn1, this.className);
this.distributionPoints = Array.from(asn1.result.distributionPoints, element => new DistributionPoint({ schema: element }));
}
toSchema() {
return (new Sequence({
value: Array.from(this.distributionPoints, o => o.toSchema())
}));
}
toJSON() {
return {
distributionPoints: Array.from(this.distributionPoints, o => o.toJSON())
};
}
}
CRLDistributionPoints.CLASS_NAME = "CRLDistributionPoints";
const KEY_PURPOSES = "keyPurposes";
const CLEAR_PROPS$1j = [
KEY_PURPOSES,
];
class ExtKeyUsage extends PkiObject {
constructor(parameters = {}) {
super();
this.keyPurposes = getParametersValue(parameters, KEY_PURPOSES, ExtKeyUsage.defaultValues(KEY_PURPOSES));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case KEY_PURPOSES:
return [];
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Repeated({
name: (names.keyPurposes || EMPTY_STRING),
value: new ObjectIdentifier()
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$1j);
const asn1 = compareSchema(schema, schema, ExtKeyUsage.schema({
names: {
keyPurposes: KEY_PURPOSES
}
}));
AsnError.assertSchema(asn1, this.className);
this.keyPurposes = Array.from(asn1.result.keyPurposes, (element) => element.valueBlock.toString());
}
toSchema() {
return (new Sequence({
value: Array.from(this.keyPurposes, element => new ObjectIdentifier({ value: element }))
}));
}
toJSON() {
return {
keyPurposes: Array.from(this.keyPurposes)
};
}
}
ExtKeyUsage.CLASS_NAME = "ExtKeyUsage";
const ACCESS_DESCRIPTIONS = "accessDescriptions";
class InfoAccess extends PkiObject {
constructor(parameters = {}) {
super();
this.accessDescriptions = getParametersValue(parameters, ACCESS_DESCRIPTIONS, InfoAccess.defaultValues(ACCESS_DESCRIPTIONS));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case ACCESS_DESCRIPTIONS:
return [];
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Repeated({
name: (names.accessDescriptions || EMPTY_STRING),
value: AccessDescription.schema()
})
]
}));
}
fromSchema(schema) {
clearProps(schema, [
ACCESS_DESCRIPTIONS
]);
const asn1 = compareSchema(schema, schema, InfoAccess.schema({
names: {
accessDescriptions: ACCESS_DESCRIPTIONS
}
}));
AsnError.assertSchema(asn1, this.className);
this.accessDescriptions = Array.from(asn1.result.accessDescriptions, element => new AccessDescription({ schema: element }));
}
toSchema() {
return (new Sequence({
value: Array.from(this.accessDescriptions, o => o.toSchema())
}));
}
toJSON() {
return {
accessDescriptions: Array.from(this.accessDescriptions, o => o.toJSON())
};
}
}
InfoAccess.CLASS_NAME = "InfoAccess";
const DISTRIBUTION_POINT = "distributionPoint";
const DISTRIBUTION_POINT_NAMES = "distributionPointNames";
const ONLY_CONTAINS_USER_CERTS = "onlyContainsUserCerts";
const ONLY_CONTAINS_CA_CERTS = "onlyContainsCACerts";
const ONLY_SOME_REASON = "onlySomeReasons";
const INDIRECT_CRL = "indirectCRL";
const ONLY_CONTAINS_ATTRIBUTE_CERTS = "onlyContainsAttributeCerts";
const CLEAR_PROPS$1i = [
DISTRIBUTION_POINT,
DISTRIBUTION_POINT_NAMES,
ONLY_CONTAINS_USER_CERTS,
ONLY_CONTAINS_CA_CERTS,
ONLY_SOME_REASON,
INDIRECT_CRL,
ONLY_CONTAINS_ATTRIBUTE_CERTS,
];
class IssuingDistributionPoint extends PkiObject {
constructor(parameters = {}) {
super();
if (DISTRIBUTION_POINT in parameters) {
this.distributionPoint = getParametersValue(parameters, DISTRIBUTION_POINT, IssuingDistributionPoint.defaultValues(DISTRIBUTION_POINT));
}
this.onlyContainsUserCerts = getParametersValue(parameters, ONLY_CONTAINS_USER_CERTS, IssuingDistributionPoint.defaultValues(ONLY_CONTAINS_USER_CERTS));
this.onlyContainsCACerts = getParametersValue(parameters, ONLY_CONTAINS_CA_CERTS, IssuingDistributionPoint.defaultValues(ONLY_CONTAINS_CA_CERTS));
if (ONLY_SOME_REASON in parameters) {
this.onlySomeReasons = getParametersValue(parameters, ONLY_SOME_REASON, IssuingDistributionPoint.defaultValues(ONLY_SOME_REASON));
}
this.indirectCRL = getParametersValue(parameters, INDIRECT_CRL, IssuingDistributionPoint.defaultValues(INDIRECT_CRL));
this.onlyContainsAttributeCerts = getParametersValue(parameters, ONLY_CONTAINS_ATTRIBUTE_CERTS, IssuingDistributionPoint.defaultValues(ONLY_CONTAINS_ATTRIBUTE_CERTS));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case DISTRIBUTION_POINT:
return [];
case ONLY_CONTAINS_USER_CERTS:
return false;
case ONLY_CONTAINS_CA_CERTS:
return false;
case ONLY_SOME_REASON:
return 0;
case INDIRECT_CRL:
return false;
case ONLY_CONTAINS_ATTRIBUTE_CERTS:
return false;
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [
new Choice({
value: [
new Constructed({
name: (names.distributionPoint || EMPTY_STRING),
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [
new Repeated({
name: (names.distributionPointNames || EMPTY_STRING),
value: GeneralName.schema()
})
]
}),
new Constructed({
name: (names.distributionPoint || EMPTY_STRING),
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: RelativeDistinguishedNames.schema().valueBlock.value
})
]
})
]
}),
new Primitive({
name: (names.onlyContainsUserCerts || EMPTY_STRING),
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 1
}
}),
new Primitive({
name: (names.onlyContainsCACerts || EMPTY_STRING),
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 2
}
}),
new Primitive({
name: (names.onlySomeReasons || EMPTY_STRING),
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 3
}
}),
new Primitive({
name: (names.indirectCRL || EMPTY_STRING),
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 4
}
}),
new Primitive({
name: (names.onlyContainsAttributeCerts || EMPTY_STRING),
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 5
}
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$1i);
const asn1 = compareSchema(schema, schema, IssuingDistributionPoint.schema({
names: {
distributionPoint: DISTRIBUTION_POINT,
distributionPointNames: DISTRIBUTION_POINT_NAMES,
onlyContainsUserCerts: ONLY_CONTAINS_USER_CERTS,
onlyContainsCACerts: ONLY_CONTAINS_CA_CERTS,
onlySomeReasons: ONLY_SOME_REASON,
indirectCRL: INDIRECT_CRL,
onlyContainsAttributeCerts: ONLY_CONTAINS_ATTRIBUTE_CERTS
}
}));
AsnError.assertSchema(asn1, this.className);
if (DISTRIBUTION_POINT in asn1.result) {
switch (true) {
case (asn1.result.distributionPoint.idBlock.tagNumber === 0):
this.distributionPoint = Array.from(asn1.result.distributionPointNames, element => new GeneralName({ schema: element }));
break;
case (asn1.result.distributionPoint.idBlock.tagNumber === 1):
{
this.distributionPoint = new RelativeDistinguishedNames({
schema: new Sequence({
value: asn1.result.distributionPoint.valueBlock.value
})
});
}
break;
default:
throw new Error("Unknown tagNumber for distributionPoint: {$asn1.result.distributionPoint.idBlock.tagNumber}");
}
}
if (ONLY_CONTAINS_USER_CERTS in asn1.result) {
const view = new Uint8Array(asn1.result.onlyContainsUserCerts.valueBlock.valueHex);
this.onlyContainsUserCerts = (view[0] !== 0x00);
}
if (ONLY_CONTAINS_CA_CERTS in asn1.result) {
const view = new Uint8Array(asn1.result.onlyContainsCACerts.valueBlock.valueHex);
this.onlyContainsCACerts = (view[0] !== 0x00);
}
if (ONLY_SOME_REASON in asn1.result) {
const view = new Uint8Array(asn1.result.onlySomeReasons.valueBlock.valueHex);
this.onlySomeReasons = view[0];
}
if (INDIRECT_CRL in asn1.result) {
const view = new Uint8Array(asn1.result.indirectCRL.valueBlock.valueHex);
this.indirectCRL = (view[0] !== 0x00);
}
if (ONLY_CONTAINS_ATTRIBUTE_CERTS in asn1.result) {
const view = new Uint8Array(asn1.result.onlyContainsAttributeCerts.valueBlock.valueHex);
this.onlyContainsAttributeCerts = (view[0] !== 0x00);
}
}
toSchema() {
const outputArray = [];
if (this.distributionPoint) {
let value;
if (this.distributionPoint instanceof Array) {
value = new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: Array.from(this.distributionPoint, o => o.toSchema())
});
}
else {
value = this.distributionPoint.toSchema();
value.idBlock.tagClass = 3;
value.idBlock.tagNumber = 1;
}
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [value]
}));
}
if (this.onlyContainsUserCerts !== IssuingDistributionPoint.defaultValues(ONLY_CONTAINS_USER_CERTS)) {
outputArray.push(new Primitive({
idBlock: {
tagClass: 3,
tagNumber: 1
},
valueHex: (new Uint8Array([0xFF])).buffer
}));
}
if (this.onlyContainsCACerts !== IssuingDistributionPoint.defaultValues(ONLY_CONTAINS_CA_CERTS)) {
outputArray.push(new Primitive({
idBlock: {
tagClass: 3,
tagNumber: 2
},
valueHex: (new Uint8Array([0xFF])).buffer
}));
}
if (this.onlySomeReasons !== undefined) {
const buffer = new ArrayBuffer(1);
const view = new Uint8Array(buffer);
view[0] = this.onlySomeReasons;
outputArray.push(new Primitive({
idBlock: {
tagClass: 3,
tagNumber: 3
},
valueHex: buffer
}));
}
if (this.indirectCRL !== IssuingDistributionPoint.defaultValues(INDIRECT_CRL)) {
outputArray.push(new Primitive({
idBlock: {
tagClass: 3,
tagNumber: 4
},
valueHex: (new Uint8Array([0xFF])).buffer
}));
}
if (this.onlyContainsAttributeCerts !== IssuingDistributionPoint.defaultValues(ONLY_CONTAINS_ATTRIBUTE_CERTS)) {
outputArray.push(new Primitive({
idBlock: {
tagClass: 3,
tagNumber: 5
},
valueHex: (new Uint8Array([0xFF])).buffer
}));
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const obj = {};
if (this.distributionPoint) {
if (this.distributionPoint instanceof Array) {
obj.distributionPoint = Array.from(this.distributionPoint, o => o.toJSON());
}
else {
obj.distributionPoint = this.distributionPoint.toJSON();
}
}
if (this.onlyContainsUserCerts !== IssuingDistributionPoint.defaultValues(ONLY_CONTAINS_USER_CERTS)) {
obj.onlyContainsUserCerts = this.onlyContainsUserCerts;
}
if (this.onlyContainsCACerts !== IssuingDistributionPoint.defaultValues(ONLY_CONTAINS_CA_CERTS)) {
obj.onlyContainsCACerts = this.onlyContainsCACerts;
}
if (ONLY_SOME_REASON in this) {
obj.onlySomeReasons = this.onlySomeReasons;
}
if (this.indirectCRL !== IssuingDistributionPoint.defaultValues(INDIRECT_CRL)) {
obj.indirectCRL = this.indirectCRL;
}
if (this.onlyContainsAttributeCerts !== IssuingDistributionPoint.defaultValues(ONLY_CONTAINS_ATTRIBUTE_CERTS)) {
obj.onlyContainsAttributeCerts = this.onlyContainsAttributeCerts;
}
return obj;
}
}
IssuingDistributionPoint.CLASS_NAME = "IssuingDistributionPoint";
const BASE = "base";
const MINIMUM = "minimum";
const MAXIMUM = "maximum";
const CLEAR_PROPS$1h = [
BASE,
MINIMUM,
MAXIMUM
];
class GeneralSubtree extends PkiObject {
constructor(parameters = {}) {
super();
this.base = getParametersValue(parameters, BASE, GeneralSubtree.defaultValues(BASE));
this.minimum = getParametersValue(parameters, MINIMUM, GeneralSubtree.defaultValues(MINIMUM));
if (MAXIMUM in parameters) {
this.maximum = getParametersValue(parameters, MAXIMUM, GeneralSubtree.defaultValues(MAXIMUM));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case BASE:
return new GeneralName();
case MINIMUM:
return 0;
case MAXIMUM:
return 0;
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
GeneralName.schema(names.base || {}),
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [new Integer({ name: (names.minimum || EMPTY_STRING) })]
}),
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: [new Integer({ name: (names.maximum || EMPTY_STRING) })]
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$1h);
const asn1 = compareSchema(schema, schema, GeneralSubtree.schema({
names: {
base: {
names: {
blockName: BASE
}
},
minimum: MINIMUM,
maximum: MAXIMUM
}
}));
AsnError.assertSchema(asn1, this.className);
this.base = new GeneralName({ schema: asn1.result.base });
if (MINIMUM in asn1.result) {
if (asn1.result.minimum.valueBlock.isHexOnly)
this.minimum = asn1.result.minimum;
else
this.minimum = asn1.result.minimum.valueBlock.valueDec;
}
if (MAXIMUM in asn1.result) {
if (asn1.result.maximum.valueBlock.isHexOnly)
this.maximum = asn1.result.maximum;
else
this.maximum = asn1.result.maximum.valueBlock.valueDec;
}
}
toSchema() {
const outputArray = [];
outputArray.push(this.base.toSchema());
if (this.minimum !== 0) {
let valueMinimum = 0;
if (this.minimum instanceof Integer) {
valueMinimum = this.minimum;
}
else {
valueMinimum = new Integer({ value: this.minimum });
}
outputArray.push(new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [valueMinimum]
}));
}
if (MAXIMUM in this) {
let valueMaximum = 0;
if (this.maximum instanceof Integer) {
valueMaximum = this.maximum;
}
else {
valueMaximum = new Integer({ value: this.maximum });
}
outputArray.push(new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: [valueMaximum]
}));
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const res = {
base: this.base.toJSON()
};
if (this.minimum !== 0) {
if (typeof this.minimum === "number") {
res.minimum = this.minimum;
}
else {
res.minimum = this.minimum.toJSON();
}
}
if (this.maximum !== undefined) {
if (typeof this.maximum === "number") {
res.maximum = this.maximum;
}
else {
res.maximum = this.maximum.toJSON();
}
}
return res;
}
}
GeneralSubtree.CLASS_NAME = "GeneralSubtree";
const PERMITTED_SUBTREES = "permittedSubtrees";
const EXCLUDED_SUBTREES = "excludedSubtrees";
const CLEAR_PROPS$1g = [
PERMITTED_SUBTREES,
EXCLUDED_SUBTREES
];
class NameConstraints extends PkiObject {
constructor(parameters = {}) {
super();
if (PERMITTED_SUBTREES in parameters) {
this.permittedSubtrees = getParametersValue(parameters, PERMITTED_SUBTREES, NameConstraints.defaultValues(PERMITTED_SUBTREES));
}
if (EXCLUDED_SUBTREES in parameters) {
this.excludedSubtrees = getParametersValue(parameters, EXCLUDED_SUBTREES, NameConstraints.defaultValues(EXCLUDED_SUBTREES));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case PERMITTED_SUBTREES:
case EXCLUDED_SUBTREES:
return [];
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [
new Repeated({
name: (names.permittedSubtrees || EMPTY_STRING),
value: GeneralSubtree.schema()
})
]
}),
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: [
new Repeated({
name: (names.excludedSubtrees || EMPTY_STRING),
value: GeneralSubtree.schema()
})
]
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$1g);
const asn1 = compareSchema(schema, schema, NameConstraints.schema({
names: {
permittedSubtrees: PERMITTED_SUBTREES,
excludedSubtrees: EXCLUDED_SUBTREES
}
}));
AsnError.assertSchema(asn1, this.className);
if (PERMITTED_SUBTREES in asn1.result)
this.permittedSubtrees = Array.from(asn1.result.permittedSubtrees, element => new GeneralSubtree({ schema: element }));
if (EXCLUDED_SUBTREES in asn1.result)
this.excludedSubtrees = Array.from(asn1.result.excludedSubtrees, element => new GeneralSubtree({ schema: element }));
}
toSchema() {
const outputArray = [];
if (this.permittedSubtrees) {
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: Array.from(this.permittedSubtrees, o => o.toSchema())
}));
}
if (this.excludedSubtrees) {
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: Array.from(this.excludedSubtrees, o => o.toSchema())
}));
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const object = {};
if (this.permittedSubtrees) {
object.permittedSubtrees = Array.from(this.permittedSubtrees, o => o.toJSON());
}
if (this.excludedSubtrees) {
object.excludedSubtrees = Array.from(this.excludedSubtrees, o => o.toJSON());
}
return object;
}
}
NameConstraints.CLASS_NAME = "NameConstraints";
const REQUIRE_EXPLICIT_POLICY = "requireExplicitPolicy";
const INHIBIT_POLICY_MAPPING = "inhibitPolicyMapping";
const CLEAR_PROPS$1f = [
REQUIRE_EXPLICIT_POLICY,
INHIBIT_POLICY_MAPPING,
];
class PolicyConstraints extends PkiObject {
constructor(parameters = {}) {
super();
if (REQUIRE_EXPLICIT_POLICY in parameters) {
this.requireExplicitPolicy = getParametersValue(parameters, REQUIRE_EXPLICIT_POLICY, PolicyConstraints.defaultValues(REQUIRE_EXPLICIT_POLICY));
}
if (INHIBIT_POLICY_MAPPING in parameters) {
this.inhibitPolicyMapping = getParametersValue(parameters, INHIBIT_POLICY_MAPPING, PolicyConstraints.defaultValues(INHIBIT_POLICY_MAPPING));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case REQUIRE_EXPLICIT_POLICY:
return 0;
case INHIBIT_POLICY_MAPPING:
return 0;
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Primitive({
name: (names.requireExplicitPolicy || EMPTY_STRING),
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
}
}),
new Primitive({
name: (names.inhibitPolicyMapping || EMPTY_STRING),
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 1
}
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$1f);
const asn1 = compareSchema(schema, schema, PolicyConstraints.schema({
names: {
requireExplicitPolicy: REQUIRE_EXPLICIT_POLICY,
inhibitPolicyMapping: INHIBIT_POLICY_MAPPING
}
}));
AsnError.assertSchema(asn1, this.className);
if (REQUIRE_EXPLICIT_POLICY in asn1.result) {
const field1 = asn1.result.requireExplicitPolicy;
field1.idBlock.tagClass = 1;
field1.idBlock.tagNumber = 2;
const ber1 = field1.toBER(false);
const int1 = fromBER(ber1);
AsnError.assert(int1, "Integer");
this.requireExplicitPolicy = int1.result.valueBlock.valueDec;
}
if (INHIBIT_POLICY_MAPPING in asn1.result) {
const field2 = asn1.result.inhibitPolicyMapping;
field2.idBlock.tagClass = 1;
field2.idBlock.tagNumber = 2;
const ber2 = field2.toBER(false);
const int2 = fromBER(ber2);
AsnError.assert(int2, "Integer");
this.inhibitPolicyMapping = int2.result.valueBlock.valueDec;
}
}
toSchema() {
const outputArray = [];
if (REQUIRE_EXPLICIT_POLICY in this) {
const int1 = new Integer({ value: this.requireExplicitPolicy });
int1.idBlock.tagClass = 3;
int1.idBlock.tagNumber = 0;
outputArray.push(int1);
}
if (INHIBIT_POLICY_MAPPING in this) {
const int2 = new Integer({ value: this.inhibitPolicyMapping });
int2.idBlock.tagClass = 3;
int2.idBlock.tagNumber = 1;
outputArray.push(int2);
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const res = {};
if (REQUIRE_EXPLICIT_POLICY in this) {
res.requireExplicitPolicy = this.requireExplicitPolicy;
}
if (INHIBIT_POLICY_MAPPING in this) {
res.inhibitPolicyMapping = this.inhibitPolicyMapping;
}
return res;
}
}
PolicyConstraints.CLASS_NAME = "PolicyConstraints";
const ISSUER_DOMAIN_POLICY = "issuerDomainPolicy";
const SUBJECT_DOMAIN_POLICY = "subjectDomainPolicy";
const CLEAR_PROPS$1e = [
ISSUER_DOMAIN_POLICY,
SUBJECT_DOMAIN_POLICY
];
class PolicyMapping extends PkiObject {
constructor(parameters = {}) {
super();
this.issuerDomainPolicy = getParametersValue(parameters, ISSUER_DOMAIN_POLICY, PolicyMapping.defaultValues(ISSUER_DOMAIN_POLICY));
this.subjectDomainPolicy = getParametersValue(parameters, SUBJECT_DOMAIN_POLICY, PolicyMapping.defaultValues(SUBJECT_DOMAIN_POLICY));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case ISSUER_DOMAIN_POLICY:
return EMPTY_STRING;
case SUBJECT_DOMAIN_POLICY:
return EMPTY_STRING;
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new ObjectIdentifier({ name: (names.issuerDomainPolicy || EMPTY_STRING) }),
new ObjectIdentifier({ name: (names.subjectDomainPolicy || EMPTY_STRING) })
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$1e);
const asn1 = compareSchema(schema, schema, PolicyMapping.schema({
names: {
issuerDomainPolicy: ISSUER_DOMAIN_POLICY,
subjectDomainPolicy: SUBJECT_DOMAIN_POLICY
}
}));
AsnError.assertSchema(asn1, this.className);
this.issuerDomainPolicy = asn1.result.issuerDomainPolicy.valueBlock.toString();
this.subjectDomainPolicy = asn1.result.subjectDomainPolicy.valueBlock.toString();
}
toSchema() {
return (new Sequence({
value: [
new ObjectIdentifier({ value: this.issuerDomainPolicy }),
new ObjectIdentifier({ value: this.subjectDomainPolicy })
]
}));
}
toJSON() {
return {
issuerDomainPolicy: this.issuerDomainPolicy,
subjectDomainPolicy: this.subjectDomainPolicy
};
}
}
PolicyMapping.CLASS_NAME = "PolicyMapping";
const MAPPINGS = "mappings";
const CLEAR_PROPS$1d = [
MAPPINGS,
];
class PolicyMappings extends PkiObject {
constructor(parameters = {}) {
super();
this.mappings = getParametersValue(parameters, MAPPINGS, PolicyMappings.defaultValues(MAPPINGS));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case MAPPINGS:
return [];
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Repeated({
name: (names.mappings || EMPTY_STRING),
value: PolicyMapping.schema()
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$1d);
const asn1 = compareSchema(schema, schema, PolicyMappings.schema({
names: {
mappings: MAPPINGS
}
}));
AsnError.assertSchema(asn1, this.className);
this.mappings = Array.from(asn1.result.mappings, element => new PolicyMapping({ schema: element }));
}
toSchema() {
return (new Sequence({
value: Array.from(this.mappings, o => o.toSchema())
}));
}
toJSON() {
return {
mappings: Array.from(this.mappings, o => o.toJSON())
};
}
}
PolicyMappings.CLASS_NAME = "PolicyMappings";
const NOT_BEFORE$1 = "notBefore";
const NOT_AFTER$1 = "notAfter";
const CLEAR_PROPS$1c = [
NOT_BEFORE$1,
NOT_AFTER$1
];
class PrivateKeyUsagePeriod extends PkiObject {
constructor(parameters = {}) {
super();
if (NOT_BEFORE$1 in parameters) {
this.notBefore = getParametersValue(parameters, NOT_BEFORE$1, PrivateKeyUsagePeriod.defaultValues(NOT_BEFORE$1));
}
if (NOT_AFTER$1 in parameters) {
this.notAfter = getParametersValue(parameters, NOT_AFTER$1, PrivateKeyUsagePeriod.defaultValues(NOT_AFTER$1));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case NOT_BEFORE$1:
return new Date();
case NOT_AFTER$1:
return new Date();
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Primitive({
name: (names.notBefore || EMPTY_STRING),
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
}
}),
new Primitive({
name: (names.notAfter || EMPTY_STRING),
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 1
}
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$1c);
const asn1 = compareSchema(schema, schema, PrivateKeyUsagePeriod.schema({
names: {
notBefore: NOT_BEFORE$1,
notAfter: NOT_AFTER$1
}
}));
AsnError.assertSchema(asn1, this.className);
if (NOT_BEFORE$1 in asn1.result) {
const localNotBefore = new GeneralizedTime();
localNotBefore.fromBuffer(asn1.result.notBefore.valueBlock.valueHex);
this.notBefore = localNotBefore.toDate();
}
if (NOT_AFTER$1 in asn1.result) {
const localNotAfter = new GeneralizedTime({ valueHex: asn1.result.notAfter.valueBlock.valueHex });
localNotAfter.fromBuffer(asn1.result.notAfter.valueBlock.valueHex);
this.notAfter = localNotAfter.toDate();
}
}
toSchema() {
const outputArray = [];
if (NOT_BEFORE$1 in this) {
outputArray.push(new Primitive({
idBlock: {
tagClass: 3,
tagNumber: 0
},
valueHex: (new GeneralizedTime({ valueDate: this.notBefore })).valueBlock.valueHexView
}));
}
if (NOT_AFTER$1 in this) {
outputArray.push(new Primitive({
idBlock: {
tagClass: 3,
tagNumber: 1
},
valueHex: (new GeneralizedTime({ valueDate: this.notAfter })).valueBlock.valueHexView
}));
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const res = {};
if (this.notBefore) {
res.notBefore = this.notBefore;
}
if (this.notAfter) {
res.notAfter = this.notAfter;
}
return res;
}
}
PrivateKeyUsagePeriod.CLASS_NAME = "PrivateKeyUsagePeriod";
const ID = "id";
const TYPE$2 = "type";
const VALUES = "values";
const QC_STATEMENT_CLEAR_PROPS = [
ID,
TYPE$2
];
const QC_STATEMENTS_CLEAR_PROPS = [
VALUES
];
class QCStatement extends PkiObject {
constructor(parameters = {}) {
super();
this.id = getParametersValue(parameters, ID, QCStatement.defaultValues(ID));
if (TYPE$2 in parameters) {
this.type = getParametersValue(parameters, TYPE$2, QCStatement.defaultValues(TYPE$2));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case ID:
return EMPTY_STRING;
case TYPE$2:
return new Null();
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case ID:
return (memberValue === EMPTY_STRING);
case TYPE$2:
return (memberValue instanceof Null);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new ObjectIdentifier({ name: (names.id || EMPTY_STRING) }),
new Any({
name: (names.type || EMPTY_STRING),
optional: true
})
]
}));
}
fromSchema(schema) {
clearProps(schema, QC_STATEMENT_CLEAR_PROPS);
const asn1 = compareSchema(schema, schema, QCStatement.schema({
names: {
id: ID,
type: TYPE$2
}
}));
AsnError.assertSchema(asn1, this.className);
this.id = asn1.result.id.valueBlock.toString();
if (TYPE$2 in asn1.result)
this.type = asn1.result.type;
}
toSchema() {
const value = [
new ObjectIdentifier({ value: this.id })
];
if (TYPE$2 in this)
value.push(this.type);
return (new Sequence({
value,
}));
}
toJSON() {
const object = {
id: this.id
};
if (this.type) {
object.type = this.type.toJSON();
}
return object;
}
}
QCStatement.CLASS_NAME = "QCStatement";
class QCStatements extends PkiObject {
constructor(parameters = {}) {
super();
this.values = getParametersValue(parameters, VALUES, QCStatements.defaultValues(VALUES));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case VALUES:
return [];
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case VALUES:
return (memberValue.length === 0);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Repeated({
name: (names.values || EMPTY_STRING),
value: QCStatement.schema(names.value || {})
}),
]
}));
}
fromSchema(schema) {
clearProps(schema, QC_STATEMENTS_CLEAR_PROPS);
const asn1 = compareSchema(schema, schema, QCStatements.schema({
names: {
values: VALUES
}
}));
AsnError.assertSchema(asn1, this.className);
this.values = Array.from(asn1.result.values, element => new QCStatement({ schema: element }));
}
toSchema() {
return (new Sequence({
value: Array.from(this.values, o => o.toSchema())
}));
}
toJSON() {
return {
values: Array.from(this.values, o => o.toJSON())
};
}
}
QCStatements.CLASS_NAME = "QCStatements";
class ByteStream {
constructor(parameters = {}) {
if ("view" in parameters) {
this.fromUint8Array(parameters.view);
}
else if ("buffer" in parameters) {
this.fromArrayBuffer(parameters.buffer);
}
else if ("string" in parameters) {
this.fromString(parameters.string);
}
else if ("hexstring" in parameters) {
this.fromHexString(parameters.hexstring);
}
else {
if ("length" in parameters && parameters.length > 0) {
this.length = parameters.length;
if (parameters.stub) {
for (let i = 0; i < this._view.length; i++) {
this._view[i] = parameters.stub;
}
}
}
else {
this.length = 0;
}
}
}
set buffer(value) {
this._buffer = value;
this._view = new Uint8Array(this._buffer);
}
get buffer() {
return this._buffer;
}
set view(value) {
this._buffer = new ArrayBuffer(value.length);
this._view = new Uint8Array(this._buffer);
this._view.set(value);
}
get view() {
return this._view;
}
get length() {
return this.view.byteLength;
}
set length(value) {
this._buffer = new ArrayBuffer(value);
this._view = new Uint8Array(this._buffer);
}
clear() {
this._buffer = new ArrayBuffer(0);
this._view = new Uint8Array(this._buffer);
}
fromArrayBuffer(array) {
this._buffer = array;
this._view = new Uint8Array(this._buffer);
}
fromUint8Array(array) {
this.fromArrayBuffer(new Uint8Array(array).buffer);
}
fromString(string) {
const stringLength = string.length;
this.length = stringLength;
for (let i = 0; i < stringLength; i++)
this.view[i] = string.charCodeAt(i);
}
toString(start = 0, length = (this.view.length - start)) {
let result = "";
if ((start >= this.view.length) || (start < 0)) {
start = 0;
}
if ((length >= this.view.length) || (length < 0)) {
length = this.view.length - start;
}
for (let i = start; i < (start + length); i++)
result += String.fromCharCode(this.view[i]);
return result;
}
fromHexString(hexString) {
const stringLength = hexString.length;
this.buffer = new ArrayBuffer(stringLength >> 1);
this.view = new Uint8Array(this.buffer);
const hexMap = new Map();
hexMap.set("0", 0x00);
hexMap.set("1", 0x01);
hexMap.set("2", 0x02);
hexMap.set("3", 0x03);
hexMap.set("4", 0x04);
hexMap.set("5", 0x05);
hexMap.set("6", 0x06);
hexMap.set("7", 0x07);
hexMap.set("8", 0x08);
hexMap.set("9", 0x09);
hexMap.set("A", 0x0A);
hexMap.set("a", 0x0A);
hexMap.set("B", 0x0B);
hexMap.set("b", 0x0B);
hexMap.set("C", 0x0C);
hexMap.set("c", 0x0C);
hexMap.set("D", 0x0D);
hexMap.set("d", 0x0D);
hexMap.set("E", 0x0E);
hexMap.set("e", 0x0E);
hexMap.set("F", 0x0F);
hexMap.set("f", 0x0F);
let j = 0;
let temp = 0x00;
for (let i = 0; i < stringLength; i++) {
if (!(i % 2)) {
temp = hexMap.get(hexString.charAt(i)) << 4;
}
else {
temp |= hexMap.get(hexString.charAt(i));
this.view[j] = temp;
j++;
}
}
}
toHexString(start = 0, length = (this.view.length - start)) {
let result = "";
if ((start >= this.view.length) || (start < 0)) {
start = 0;
}
if ((length >= this.view.length) || (length < 0)) {
length = this.view.length - start;
}
for (let i = start; i < (start + length); i++) {
const str = this.view[i].toString(16).toUpperCase();
result = result + ((str.length == 1) ? "0" : "") + str;
}
return result;
}
copy(start = 0, length = (this.length - start)) {
if (!start && !this.length) {
return new ByteStream();
}
if ((start < 0) || (start > (this.length - 1))) {
throw new Error(`Wrong start position: ${start}`);
}
const stream = new ByteStream({
buffer: this._buffer.slice(start, start + length)
});
return stream;
}
slice(start = 0, end = this.length) {
if (!start && !this.length) {
return new ByteStream();
}
if ((start < 0) || (start > (this.length - 1))) {
throw new Error(`Wrong start position: ${start}`);
}
const stream = new ByteStream({
buffer: this._buffer.slice(start, end),
});
return stream;
}
realloc(size) {
const buffer = new ArrayBuffer(size);
const view = new Uint8Array(buffer);
if (size > this._view.length)
view.set(this._view);
else {
view.set(new Uint8Array(this._buffer, 0, size));
}
this._buffer = buffer;
this._view = new Uint8Array(this._buffer);
}
append(stream) {
const initialSize = this.length;
const streamViewLength = stream.length;
const subarrayView = stream._view.subarray();
this.realloc(initialSize + streamViewLength);
this._view.set(subarrayView, initialSize);
}
insert(stream, start = 0, length = (this.length - start)) {
if (start > (this.length - 1))
return false;
if (length > (this.length - start)) {
length = this.length - start;
}
if (length > stream.length) {
length = stream.length;
}
if (length == stream.length)
this._view.set(stream._view, start);
else {
this._view.set(stream._view.subarray(0, length), start);
}
return true;
}
isEqual(stream) {
if (this.length != stream.length)
return false;
for (let i = 0; i < stream.length; i++) {
if (this.view[i] != stream.view[i])
return false;
}
return true;
}
isEqualView(view) {
if (view.length != this.view.length)
return false;
for (let i = 0; i < view.length; i++) {
if (this.view[i] != view[i])
return false;
}
return true;
}
findPattern(pattern, start_, length_, backward_) {
const { start, length, backward } = this.prepareFindParameters(start_, length_, backward_);
const patternLength = pattern.length;
if (patternLength > length) {
return (-1);
}
const patternArray = [];
for (let i = 0; i < patternLength; i++)
patternArray.push(pattern.view[i]);
for (let i = 0; i <= (length - patternLength); i++) {
let equal = true;
const equalStart = (backward) ? (start - patternLength - i) : (start + i);
for (let j = 0; j < patternLength; j++) {
if (this.view[j + equalStart] != patternArray[j]) {
equal = false;
break;
}
}
if (equal) {
return (backward) ? (start - patternLength - i) : (start + patternLength + i);
}
}
return (-1);
}
findFirstIn(patterns, start_, length_, backward_) {
const { start, length, backward } = this.prepareFindParameters(start_, length_, backward_);
const result = {
id: (-1),
position: (backward) ? 0 : (start + length),
length: 0
};
for (let i = 0; i < patterns.length; i++) {
const position = this.findPattern(patterns[i], start, length, backward);
if (position != (-1)) {
let valid = false;
const patternLength = patterns[i].length;
if (backward) {
if ((position - patternLength) >= (result.position - result.length))
valid = true;
}
else {
if ((position - patternLength) <= (result.position - result.length))
valid = true;
}
if (valid) {
result.position = position;
result.id = i;
result.length = patternLength;
}
}
}
return result;
}
findAllIn(patterns, start_, length_) {
let { start, length } = this.prepareFindParameters(start_, length_);
const result = [];
let patternFound = {
id: (-1),
position: start
};
do {
const position = patternFound.position;
patternFound = this.findFirstIn(patterns, patternFound.position, length);
if (patternFound.id == (-1)) {
break;
}
length -= (patternFound.position - position);
result.push({
id: patternFound.id,
position: patternFound.position
});
} while (true);
return result;
}
findAllPatternIn(pattern, start_, length_) {
const { start, length } = this.prepareFindParameters(start_, length_);
const result = [];
const patternLength = pattern.length;
if (patternLength > length) {
return (-1);
}
const patternArray = Array.from(pattern.view);
for (let i = 0; i <= (length - patternLength); i++) {
let equal = true;
const equalStart = start + i;
for (let j = 0; j < patternLength; j++) {
if (this.view[j + equalStart] != patternArray[j]) {
equal = false;
break;
}
}
if (equal) {
result.push(start + patternLength + i);
i += (patternLength - 1);
}
}
return result;
}
findFirstNotIn(patterns, start_, length_, backward_) {
let { start, length, backward } = this.prepareFindParameters(start_, length_, backward_);
const result = {
left: {
id: (-1),
position: start
},
right: {
id: (-1),
position: 0
},
value: new ByteStream()
};
let currentLength = length;
while (currentLength > 0) {
result.right = this.findFirstIn(patterns, (backward) ? (start - length + currentLength) : (start + length - currentLength), currentLength, backward);
if (result.right.id == (-1)) {
length = currentLength;
if (backward) {
start -= length;
}
else {
start = result.left.position;
}
result.value = new ByteStream({
buffer: this._buffer.slice(start, start + length),
});
break;
}
if (result.right.position != ((backward) ? (result.left.position - patterns[result.right.id].length) : (result.left.position + patterns[result.right.id].length))) {
if (backward) {
start = result.right.position + patterns[result.right.id].length;
length = result.left.position - result.right.position - patterns[result.right.id].length;
}
else {
start = result.left.position;
length = result.right.position - result.left.position - patterns[result.right.id].length;
}
result.value = new ByteStream({
buffer: this._buffer.slice(start, start + length),
});
break;
}
result.left = result.right;
currentLength -= patterns[result.right.id].length;
}
if (backward) {
const temp = result.right;
result.right = result.left;
result.left = temp;
}
return result;
}
findAllNotIn(patterns, start_, length_) {
let { start, length } = this.prepareFindParameters(start_, length_);
const result = [];
let patternFound = {
left: {
id: (-1),
position: start
},
right: {
id: (-1),
position: start
},
value: new ByteStream()
};
do {
const position = patternFound.right.position;
patternFound = this.findFirstNotIn(patterns, patternFound.right.position, length);
length -= (patternFound.right.position - position);
result.push({
left: {
id: patternFound.left.id,
position: patternFound.left.position
},
right: {
id: patternFound.right.id,
position: patternFound.right.position
},
value: patternFound.value
});
} while (patternFound.right.id != (-1));
return result;
}
findFirstSequence(patterns, start_, length_, backward_) {
let { start, length, backward } = this.prepareFindParameters(start_, length_, backward_);
const firstIn = this.skipNotPatterns(patterns, start, length, backward);
if (firstIn == (-1)) {
return {
position: (-1),
value: new ByteStream()
};
}
const firstNotIn = this.skipPatterns(patterns, firstIn, length - ((backward) ? (start - firstIn) : (firstIn - start)), backward);
if (backward) {
start = firstNotIn;
length = (firstIn - firstNotIn);
}
else {
start = firstIn;
length = (firstNotIn - firstIn);
}
const value = new ByteStream({
buffer: this._buffer.slice(start, start + length),
});
return {
position: firstNotIn,
value
};
}
findAllSequences(patterns, start_, length_) {
let { start, length } = this.prepareFindParameters(start_, length_);
const result = [];
let patternFound = {
position: start,
value: new ByteStream()
};
do {
const position = patternFound.position;
patternFound = this.findFirstSequence(patterns, patternFound.position, length);
if (patternFound.position != (-1)) {
length -= (patternFound.position - position);
result.push({
position: patternFound.position,
value: patternFound.value,
});
}
} while (patternFound.position != (-1));
return result;
}
findPairedPatterns(leftPattern, rightPattern, start_, length_) {
const result = [];
if (leftPattern.isEqual(rightPattern))
return result;
const { start, length } = this.prepareFindParameters(start_, length_);
let currentPositionLeft = 0;
const leftPatterns = this.findAllPatternIn(leftPattern, start, length);
if (!Array.isArray(leftPatterns) || leftPatterns.length == 0) {
return result;
}
const rightPatterns = this.findAllPatternIn(rightPattern, start, length);
if (!Array.isArray(rightPatterns) || rightPatterns.length == 0) {
return result;
}
while (currentPositionLeft < leftPatterns.length) {
if (rightPatterns.length == 0) {
break;
}
if (leftPatterns[0] == rightPatterns[0]) {
result.push({
left: leftPatterns[0],
right: rightPatterns[0]
});
leftPatterns.splice(0, 1);
rightPatterns.splice(0, 1);
continue;
}
if (leftPatterns[currentPositionLeft] > rightPatterns[0]) {
break;
}
while (leftPatterns[currentPositionLeft] < rightPatterns[0]) {
currentPositionLeft++;
if (currentPositionLeft >= leftPatterns.length) {
break;
}
}
result.push({
left: leftPatterns[currentPositionLeft - 1],
right: rightPatterns[0]
});
leftPatterns.splice(currentPositionLeft - 1, 1);
rightPatterns.splice(0, 1);
currentPositionLeft = 0;
}
result.sort((a, b) => (a.left - b.left));
return result;
}
findPairedArrays(inputLeftPatterns, inputRightPatterns, start_, length_) {
const { start, length } = this.prepareFindParameters(start_, length_);
const result = [];
let currentPositionLeft = 0;
const leftPatterns = this.findAllIn(inputLeftPatterns, start, length);
if (leftPatterns.length == 0)
return result;
const rightPatterns = this.findAllIn(inputRightPatterns, start, length);
if (rightPatterns.length == 0)
return result;
while (currentPositionLeft < leftPatterns.length) {
if (rightPatterns.length == 0) {
break;
}
if (leftPatterns[0].position == rightPatterns[0].position) {
result.push({
left: leftPatterns[0],
right: rightPatterns[0]
});
leftPatterns.splice(0, 1);
rightPatterns.splice(0, 1);
continue;
}
if (leftPatterns[currentPositionLeft].position > rightPatterns[0].position) {
break;
}
while (leftPatterns[currentPositionLeft].position < rightPatterns[0].position) {
currentPositionLeft++;
if (currentPositionLeft >= leftPatterns.length) {
break;
}
}
result.push({
left: leftPatterns[currentPositionLeft - 1],
right: rightPatterns[0]
});
leftPatterns.splice(currentPositionLeft - 1, 1);
rightPatterns.splice(0, 1);
currentPositionLeft = 0;
}
result.sort((a, b) => (a.left.position - b.left.position));
return result;
}
replacePattern(searchPattern, replacePattern, start_, length_, findAllResult = null) {
let result = [];
let i;
const output = {
status: (-1),
searchPatternPositions: [],
replacePatternPositions: []
};
const { start, length } = this.prepareFindParameters(start_, length_);
if (findAllResult == null) {
result = this.findAllIn([searchPattern], start, length);
if (result.length == 0) {
return output;
}
}
else {
result = findAllResult;
}
output.searchPatternPositions.push(...Array.from(result, element => element.position));
const patternDifference = searchPattern.length - replacePattern.length;
const changedBuffer = new ArrayBuffer(this.view.length - (result.length * patternDifference));
const changedView = new Uint8Array(changedBuffer);
changedView.set(new Uint8Array(this.buffer, 0, start));
for (i = 0; i < result.length; i++) {
const currentPosition = (i == 0) ? start : result[i - 1].position;
changedView.set(new Uint8Array(this.buffer, currentPosition, result[i].position - searchPattern.length - currentPosition), currentPosition - i * patternDifference);
changedView.set(replacePattern.view, result[i].position - searchPattern.length - i * patternDifference);
output.replacePatternPositions.push(result[i].position - searchPattern.length - i * patternDifference);
}
i--;
changedView.set(new Uint8Array(this.buffer, result[i].position, this.length - result[i].position), result[i].position - searchPattern.length + replacePattern.length - i * patternDifference);
this.buffer = changedBuffer;
this.view = new Uint8Array(this.buffer);
output.status = 1;
return output;
}
skipPatterns(patterns, start_, length_, backward_) {
const { start, length, backward } = this.prepareFindParameters(start_, length_, backward_);
let result = start;
for (let k = 0; k < patterns.length; k++) {
const patternLength = patterns[k].length;
const equalStart = (backward) ? (result - patternLength) : (result);
let equal = true;
for (let j = 0; j < patternLength; j++) {
if (this.view[j + equalStart] != patterns[k].view[j]) {
equal = false;
break;
}
}
if (equal) {
k = (-1);
if (backward) {
result -= patternLength;
if (result <= 0)
return result;
}
else {
result += patternLength;
if (result >= (start + length))
return result;
}
}
}
return result;
}
skipNotPatterns(patterns, start_, length_, backward_) {
const { start, length, backward } = this.prepareFindParameters(start_, length_, backward_);
let result = (-1);
for (let i = 0; i < length; i++) {
for (let k = 0; k < patterns.length; k++) {
const patternLength = patterns[k].length;
const equalStart = (backward) ? (start - i - patternLength) : (start + i);
let equal = true;
for (let j = 0; j < patternLength; j++) {
if (this.view[j + equalStart] != patterns[k].view[j]) {
equal = false;
break;
}
}
if (equal) {
result = (backward) ? (start - i) : (start + i);
break;
}
}
if (result != (-1)) {
break;
}
}
return result;
}
prepareFindParameters(start = null, length = null, backward = false) {
if (start === null) {
start = (backward) ? this.length : 0;
}
if (start > this.length) {
start = this.length;
}
if (backward) {
if (length === null) {
length = start;
}
if (length > start) {
length = start;
}
}
else {
if (length === null) {
length = this.length - start;
}
if (length > (this.length - start)) {
length = this.length - start;
}
}
return { start, length, backward };
}
}
const pow2_24 = 16777216;
class SeqStream {
constructor(parameters = {}) {
this._stream = new ByteStream();
this._length = 0;
this._start = 0;
this.backward = false;
this.appendBlock = 0;
this.prevLength = 0;
this.prevStart = 0;
if ("view" in parameters) {
this.stream = new ByteStream({ view: parameters.view });
}
else if ("buffer" in parameters) {
this.stream = new ByteStream({ buffer: parameters.buffer });
}
else if ("string" in parameters) {
this.stream = new ByteStream({ string: parameters.string });
}
else if ("hexstring" in parameters) {
this.stream = new ByteStream({ hexstring: parameters.hexstring });
}
else if ("stream" in parameters) {
this.stream = parameters.stream.slice();
}
else {
this.stream = new ByteStream();
}
if ("backward" in parameters && parameters.backward) {
this.backward = parameters.backward;
this._start = this.stream.length;
}
if ("length" in parameters && parameters.length > 0) {
this._length = parameters.length;
}
if ("start" in parameters && parameters.start && parameters.start > 0) {
this._start = parameters.start;
}
if ("appendBlock" in parameters && parameters.appendBlock && parameters.appendBlock > 0) {
this.appendBlock = parameters.appendBlock;
}
}
set stream(value) {
this._stream = value;
this.prevLength = this._length;
this._length = value.length;
this.prevStart = this._start;
this._start = 0;
}
get stream() {
return this._stream;
}
set length(value) {
this.prevLength = this._length;
this._length = value;
}
get length() {
if (this.appendBlock) {
return this.start;
}
return this._length;
}
set start(value) {
if (value > this.stream.length)
return;
this.prevStart = this._start;
this.prevLength = this._length;
this._length -= (this.backward) ? (this._start - value) : (value - this._start);
this._start = value;
}
get start() {
return this._start;
}
get buffer() {
return this._stream.buffer.slice(0, this._length);
}
resetPosition() {
this._start = this.prevStart;
this._length = this.prevLength;
}
findPattern(pattern, gap = null) {
if ((gap == null) || (gap > this.length)) {
gap = this.length;
}
const result = this.stream.findPattern(pattern, this.start, this.length, this.backward);
if (result == (-1))
return result;
if (this.backward) {
if (result < (this.start - pattern.length - gap)) {
return (-1);
}
}
else {
if (result > (this.start + pattern.length + gap)) {
return (-1);
}
}
this.start = result;
return result;
}
findFirstIn(patterns, gap = null) {
if ((gap == null) || (gap > this.length)) {
gap = this.length;
}
const result = this.stream.findFirstIn(patterns, this.start, this.length, this.backward);
if (result.id == (-1))
return result;
if (this.backward) {
if (result.position < (this.start - patterns[result.id].length - gap)) {
return {
id: (-1),
position: (this.backward) ? 0 : (this.start + this.length)
};
}
}
else {
if (result.position > (this.start + patterns[result.id].length + gap)) {
return {
id: (-1),
position: (this.backward) ? 0 : (this.start + this.length)
};
}
}
this.start = result.position;
return result;
}
findAllIn(patterns) {
const start = (this.backward) ? (this.start - this.length) : this.start;
return this.stream.findAllIn(patterns, start, this.length);
}
findFirstNotIn(patterns, gap = null) {
if ((gap == null) || (gap > this._length)) {
gap = this._length;
}
const result = this._stream.findFirstNotIn(patterns, this._start, this._length, this.backward);
if ((result.left.id == (-1)) && (result.right.id == (-1))) {
return result;
}
if (this.backward) {
if (result.right.id != (-1)) {
if (result.right.position < (this._start - patterns[result.right.id].length - gap)) {
return {
left: {
id: (-1),
position: this._start
},
right: {
id: (-1),
position: 0
},
value: new ByteStream()
};
}
}
}
else {
if (result.left.id != (-1)) {
if (result.left.position > (this._start + patterns[result.left.id].length + gap)) {
return {
left: {
id: (-1),
position: this._start
},
right: {
id: (-1),
position: 0
},
value: new ByteStream()
};
}
}
}
if (this.backward) {
if (result.left.id == (-1)) {
this.start = 0;
}
else {
this.start = result.left.position;
}
}
else {
if (result.right.id == (-1)) {
this.start = (this._start + this._length);
}
else {
this.start = result.right.position;
}
}
return result;
}
findAllNotIn(patterns) {
const start = (this.backward) ? (this._start - this._length) : this._start;
return this._stream.findAllNotIn(patterns, start, this._length);
}
findFirstSequence(patterns, length = null, gap = null) {
if ((length == null) || (length > this._length)) {
length = this._length;
}
if ((gap == null) || (gap > length)) {
gap = length;
}
const result = this._stream.findFirstSequence(patterns, this._start, length, this.backward);
if (result.value.length == 0) {
return result;
}
if (this.backward) {
if (result.position < (this._start - result.value.length - gap)) {
return {
position: (-1),
value: new ByteStream()
};
}
}
else {
if (result.position > (this._start + result.value.length + gap)) {
return {
position: (-1),
value: new ByteStream()
};
}
}
this.start = result.position;
return result;
}
findAllSequences(patterns) {
const start = (this.backward) ? (this.start - this.length) : this.start;
return this.stream.findAllSequences(patterns, start, this.length);
}
findPairedPatterns(leftPattern, rightPattern, gap = null) {
if ((gap == null) || (gap > this.length)) {
gap = this.length;
}
const start = (this.backward) ? (this.start - this.length) : this.start;
const result = this.stream.findPairedPatterns(leftPattern, rightPattern, start, this.length);
if (result.length) {
if (this.backward) {
if (result[0].right < (this.start - rightPattern.length - gap)) {
return [];
}
}
else {
if (result[0].left > (this.start + leftPattern.length + gap)) {
return [];
}
}
}
return result;
}
findPairedArrays(leftPatterns, rightPatterns, gap = null) {
if ((gap == null) || (gap > this.length)) {
gap = this.length;
}
const start = (this.backward) ? (this.start - this.length) : this.start;
const result = this.stream.findPairedArrays(leftPatterns, rightPatterns, start, this.length);
if (result.length) {
if (this.backward) {
if (result[0].right.position < (this.start - rightPatterns[result[0].right.id].length - gap)) {
return [];
}
}
else {
if (result[0].left.position > (this.start + leftPatterns[result[0].left.id].length + gap)) {
return [];
}
}
}
return result;
}
replacePattern(searchPattern, replacePattern) {
const start = (this.backward) ? (this.start - this.length) : this.start;
return this.stream.replacePattern(searchPattern, replacePattern, start, this.length);
}
skipPatterns(patterns) {
const result = this.stream.skipPatterns(patterns, this.start, this.length, this.backward);
this.start = result;
return result;
}
skipNotPatterns(patterns) {
const result = this.stream.skipNotPatterns(patterns, this.start, this.length, this.backward);
if (result == (-1))
return (-1);
this.start = result;
return result;
}
append(stream) {
this.beforeAppend(stream.length);
this._stream.view.set(stream.view, this._start);
this._length += (stream.length * 2);
this.start = (this._start + stream.length);
this.prevLength -= (stream.length * 2);
}
appendView(view) {
this.beforeAppend(view.length);
this._stream.view.set(view, this._start);
this._length += (view.length * 2);
this.start = (this._start + view.length);
this.prevLength -= (view.length * 2);
}
appendChar(char) {
this.beforeAppend(1);
this._stream.view[this._start] = char;
this._length += 2;
this.start = (this._start + 1);
this.prevLength -= 2;
}
appendUint16(number) {
this.beforeAppend(2);
const value = new Uint16Array([number]);
const view = new Uint8Array(value.buffer);
this.stream.view[this._start] = view[1];
this._stream.view[this._start + 1] = view[0];
this._length += 4;
this.start = this._start + 2;
this.prevLength -= 4;
}
appendUint24(number) {
this.beforeAppend(3);
const value = new Uint32Array([number]);
const view = new Uint8Array(value.buffer);
this._stream.view[this._start] = view[2];
this._stream.view[this._start + 1] = view[1];
this._stream.view[this._start + 2] = view[0];
this._length += 6;
this.start = (this._start + 3);
this.prevLength -= 6;
}
appendUint32(number) {
this.beforeAppend(4);
const value = new Uint32Array([number]);
const view = new Uint8Array(value.buffer);
this._stream.view[this._start] = view[3];
this._stream.view[this._start + 1] = view[2];
this._stream.view[this._start + 2] = view[1];
this._stream.view[this._start + 3] = view[0];
this._length += 8;
this.start = (this._start + 4);
this.prevLength -= 8;
}
appendInt16(number) {
this.beforeAppend(2);
const value = new Int16Array([number]);
const view = new Uint8Array(value.buffer);
this._stream.view[this._start] = view[1];
this._stream.view[this._start + 1] = view[0];
this._length += 4;
this.start = (this._start + 2);
this.prevLength -= 4;
}
appendInt32(number) {
this.beforeAppend(4);
const value = new Int32Array([number]);
const view = new Uint8Array(value.buffer);
this._stream.view[this._start] = view[3];
this._stream.view[this._start + 1] = view[2];
this._stream.view[this._start + 2] = view[1];
this._stream.view[this._start + 3] = view[0];
this._length += 8;
this.start = (this._start + 4);
this.prevLength -= 8;
}
getBlock(size, changeLength = true) {
if (this._length <= 0) {
return new Uint8Array(0);
}
if (this._length < size) {
size = this._length;
}
let result;
if (this.backward) {
const view = this._stream.view.subarray(this._length - size, this._length);
result = new Uint8Array(size);
for (let i = 0; i < size; i++) {
result[size - 1 - i] = view[i];
}
}
else {
result = this._stream.view.subarray(this._start, this._start + size);
}
if (changeLength) {
this.start += ((this.backward) ? ((-1) * size) : size);
}
return result;
}
getUint16(changeLength = true) {
const block = this.getBlock(2, changeLength);
if (block.length < 2)
return 0;
return (block[0] << 8) | block[1];
}
getInt16(changeLength = true) {
const num = this.getUint16(changeLength);
const negative = 0x8000;
if (num & negative) {
return -(negative - (num ^ negative));
}
return num;
}
getUint24(changeLength = true) {
const block = this.getBlock(4, changeLength);
if (block.length < 3)
return 0;
return (block[0] << 16) |
(block[1] << 8) |
block[2];
}
getUint32(changeLength = true) {
const block = this.getBlock(4, changeLength);
if (block.length < 4)
return 0;
return (block[0] * pow2_24) +
(block[1] << 16) +
(block[2] << 8) +
block[3];
}
getInt32(changeLength = true) {
const num = this.getUint32(changeLength);
const negative = 0x80000000;
if (num & negative) {
return -(negative - (num ^ negative));
}
return num;
}
beforeAppend(size) {
if ((this._start + size) > this._stream.length) {
if (size > this.appendBlock) {
this.appendBlock = size + SeqStream.APPEND_BLOCK;
}
this._stream.realloc(this._stream.length + this.appendBlock);
}
}
}
SeqStream.APPEND_BLOCK = 1000;
// copied from utils
function isBytes(a) {
return (a instanceof Uint8Array ||
(a != null && typeof a === 'object' && a.constructor.name === 'Uint8Array'));
}
function bytes(b, ...lengths) {
if (!isBytes(b))
throw new Error('Uint8Array expected');
if (lengths.length > 0 && !lengths.includes(b.length))
throw new Error(`Uint8Array expected of length ${lengths}, not of length=${b.length}`);
}
function exists(instance, checkFinished = true) {
if (instance.destroyed)
throw new Error('Hash instance has been destroyed');
if (checkFinished && instance.finished)
throw new Error('Hash#digest() has already been called');
}
function output(out, instance) {
bytes(out);
const min = instance.outputLen;
if (out.length < min) {
throw new Error(`digestInto() expects output buffer of length at least ${min}`);
}
}
/*! noble-hashes - MIT License (c) 2022 Paul Miller (paulmillr.com) */
// We use WebCrypto aka globalThis.crypto, which exists in browsers and node.js 16+.
// node.js versions earlier than v19 don't declare it in global scope.
// For node.js, package.json#exports field mapping rewrites import
// from `crypto` to `cryptoNode`, which imports native module.
// Makes the utils un-importable in browsers without a bundler.
// Once node.js 18 is deprecated (2025-04-30), we can just drop the import.
// Cast array to view
const createView = (arr) => new DataView(arr.buffer, arr.byteOffset, arr.byteLength);
// The rotate right (circular right shift) operation for uint32
const rotr = (word, shift) => (word << (32 - shift)) | (word >>> shift);
// The rotate left (circular left shift) operation for uint32
const rotl = (word, shift) => (word << shift) | ((word >>> (32 - shift)) >>> 0);
new Uint8Array(new Uint32Array([0x11223344]).buffer)[0] === 0x44;
/**
* @example utf8ToBytes('abc') // new Uint8Array([97, 98, 99])
*/
function utf8ToBytes(str) {
if (typeof str !== 'string')
throw new Error(`utf8ToBytes expected string, got ${typeof str}`);
return new Uint8Array(new TextEncoder().encode(str)); // https://bugzil.la/1681809
}
/**
* Normalizes (non-hex) string or Uint8Array to Uint8Array.
* Warning: when Uint8Array is passed, it would NOT get copied.
* Keep in mind for future mutable operations.
*/
function toBytes(data) {
if (typeof data === 'string')
data = utf8ToBytes(data);
bytes(data);
return data;
}
// For runtime check if class implements interface
class Hash {
// Safe version that clones internal state
clone() {
return this._cloneInto();
}
}
function wrapConstructor(hashCons) {
const hashC = (msg) => hashCons().update(toBytes(msg)).digest();
const tmp = hashCons();
hashC.outputLen = tmp.outputLen;
hashC.blockLen = tmp.blockLen;
hashC.create = () => hashCons();
return hashC;
}
// Polyfill for Safari 14
function setBigUint64(view, byteOffset, value, isLE) {
if (typeof view.setBigUint64 === 'function')
return view.setBigUint64(byteOffset, value, isLE);
const _32n = BigInt(32);
const _u32_max = BigInt(0xffffffff);
const wh = Number((value >> _32n) & _u32_max);
const wl = Number(value & _u32_max);
const h = isLE ? 4 : 0;
const l = isLE ? 0 : 4;
view.setUint32(byteOffset + h, wh, isLE);
view.setUint32(byteOffset + l, wl, isLE);
}
// Choice: a ? b : c
const Chi = (a, b, c) => (a & b) ^ (~a & c);
// Majority function, true if any two inpust is true
const Maj = (a, b, c) => (a & b) ^ (a & c) ^ (b & c);
/**
* Merkle-Damgard hash construction base class.
* Could be used to create MD5, RIPEMD, SHA1, SHA2.
*/
class HashMD extends Hash {
constructor(blockLen, outputLen, padOffset, isLE) {
super();
this.blockLen = blockLen;
this.outputLen = outputLen;
this.padOffset = padOffset;
this.isLE = isLE;
this.finished = false;
this.length = 0;
this.pos = 0;
this.destroyed = false;
this.buffer = new Uint8Array(blockLen);
this.view = createView(this.buffer);
}
update(data) {
exists(this);
const { view, buffer, blockLen } = this;
data = toBytes(data);
const len = data.length;
for (let pos = 0; pos < len;) {
const take = Math.min(blockLen - this.pos, len - pos);
// Fast path: we have at least one block in input, cast it to view and process
if (take === blockLen) {
const dataView = createView(data);
for (; blockLen <= len - pos; pos += blockLen)
this.process(dataView, pos);
continue;
}
buffer.set(data.subarray(pos, pos + take), this.pos);
this.pos += take;
pos += take;
if (this.pos === blockLen) {
this.process(view, 0);
this.pos = 0;
}
}
this.length += data.length;
this.roundClean();
return this;
}
digestInto(out) {
exists(this);
output(out, this);
this.finished = true;
// Padding
// We can avoid allocation of buffer for padding completely if it
// was previously not allocated here. But it won't change performance.
const { buffer, view, blockLen, isLE } = this;
let { pos } = this;
// append the bit '1' to the message
buffer[pos++] = 0b10000000;
this.buffer.subarray(pos).fill(0);
// we have less than padOffset left in buffer, so we cannot put length in
// current block, need process it and pad again
if (this.padOffset > blockLen - pos) {
this.process(view, 0);
pos = 0;
}
// Pad until full block byte with zeros
for (let i = pos; i < blockLen; i++)
buffer[i] = 0;
// Note: sha512 requires length to be 128bit integer, but length in JS will overflow before that
// You need to write around 2 exabytes (u64_max / 8 / (1024**6)) for this to happen.
// So we just write lowest 64 bits of that value.
setBigUint64(view, blockLen - 8, BigInt(this.length * 8), isLE);
this.process(view, 0);
const oview = createView(out);
const len = this.outputLen;
// NOTE: we do division by 4 later, which should be fused in single op with modulo by JIT
if (len % 4)
throw new Error('_sha2: outputLen should be aligned to 32bit');
const outLen = len / 4;
const state = this.get();
if (outLen > state.length)
throw new Error('_sha2: outputLen bigger than state');
for (let i = 0; i < outLen; i++)
oview.setUint32(4 * i, state[i], isLE);
}
digest() {
const { buffer, outputLen } = this;
this.digestInto(buffer);
const res = buffer.slice(0, outputLen);
this.destroy();
return res;
}
_cloneInto(to) {
to || (to = new this.constructor());
to.set(...this.get());
const { blockLen, buffer, length, finished, destroyed, pos } = this;
to.length = length;
to.pos = pos;
to.finished = finished;
to.destroyed = destroyed;
if (length % blockLen)
to.buffer.set(buffer);
return to;
}
}
// SHA1 (RFC 3174) was cryptographically broken. It's still used. Don't use it for a new protocol.
// Initial state
const SHA1_IV = /* @__PURE__ */ new Uint32Array([
0x67452301, 0xefcdab89, 0x98badcfe, 0x10325476, 0xc3d2e1f0,
]);
// Temporary buffer, not used to store anything between runs
// Named this way because it matches specification.
const SHA1_W = /* @__PURE__ */ new Uint32Array(80);
let SHA1$1 = class SHA1 extends HashMD {
constructor() {
super(64, 20, 8, false);
this.A = SHA1_IV[0] | 0;
this.B = SHA1_IV[1] | 0;
this.C = SHA1_IV[2] | 0;
this.D = SHA1_IV[3] | 0;
this.E = SHA1_IV[4] | 0;
}
get() {
const { A, B, C, D, E } = this;
return [A, B, C, D, E];
}
set(A, B, C, D, E) {
this.A = A | 0;
this.B = B | 0;
this.C = C | 0;
this.D = D | 0;
this.E = E | 0;
}
process(view, offset) {
for (let i = 0; i < 16; i++, offset += 4)
SHA1_W[i] = view.getUint32(offset, false);
for (let i = 16; i < 80; i++)
SHA1_W[i] = rotl(SHA1_W[i - 3] ^ SHA1_W[i - 8] ^ SHA1_W[i - 14] ^ SHA1_W[i - 16], 1);
// Compression function main loop, 80 rounds
let { A, B, C, D, E } = this;
for (let i = 0; i < 80; i++) {
let F, K;
if (i < 20) {
F = Chi(B, C, D);
K = 0x5a827999;
}
else if (i < 40) {
F = B ^ C ^ D;
K = 0x6ed9eba1;
}
else if (i < 60) {
F = Maj(B, C, D);
K = 0x8f1bbcdc;
}
else {
F = B ^ C ^ D;
K = 0xca62c1d6;
}
const T = (rotl(A, 5) + F + E + K + SHA1_W[i]) | 0;
E = D;
D = C;
C = rotl(B, 30);
B = A;
A = T;
}
// Add the compressed chunk to the current hash value
A = (A + this.A) | 0;
B = (B + this.B) | 0;
C = (C + this.C) | 0;
D = (D + this.D) | 0;
E = (E + this.E) | 0;
this.set(A, B, C, D, E);
}
roundClean() {
SHA1_W.fill(0);
}
destroy() {
this.set(0, 0, 0, 0, 0);
this.buffer.fill(0);
}
};
const sha1 = /* @__PURE__ */ wrapConstructor(() => new SHA1$1());
// SHA2-256 need to try 2^128 hashes to execute birthday attack.
// BTC network is doing 2^67 hashes/sec as per early 2023.
// Round constants:
// first 32 bits of the fractional parts of the cube roots of the first 64 primes 2..311)
// prettier-ignore
const SHA256_K = /* @__PURE__ */ new Uint32Array([
0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
]);
// Initial state:
// first 32 bits of the fractional parts of the square roots of the first 8 primes 2..19
// prettier-ignore
const SHA256_IV = /* @__PURE__ */ new Uint32Array([
0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19
]);
// Temporary buffer, not used to store anything between runs
// Named this way because it matches specification.
const SHA256_W = /* @__PURE__ */ new Uint32Array(64);
let SHA256$1 = class SHA256 extends HashMD {
constructor() {
super(64, 32, 8, false);
// We cannot use array here since array allows indexing by variable
// which means optimizer/compiler cannot use registers.
this.A = SHA256_IV[0] | 0;
this.B = SHA256_IV[1] | 0;
this.C = SHA256_IV[2] | 0;
this.D = SHA256_IV[3] | 0;
this.E = SHA256_IV[4] | 0;
this.F = SHA256_IV[5] | 0;
this.G = SHA256_IV[6] | 0;
this.H = SHA256_IV[7] | 0;
}
get() {
const { A, B, C, D, E, F, G, H } = this;
return [A, B, C, D, E, F, G, H];
}
// prettier-ignore
set(A, B, C, D, E, F, G, H) {
this.A = A | 0;
this.B = B | 0;
this.C = C | 0;
this.D = D | 0;
this.E = E | 0;
this.F = F | 0;
this.G = G | 0;
this.H = H | 0;
}
process(view, offset) {
// Extend the first 16 words into the remaining 48 words w[16..63] of the message schedule array
for (let i = 0; i < 16; i++, offset += 4)
SHA256_W[i] = view.getUint32(offset, false);
for (let i = 16; i < 64; i++) {
const W15 = SHA256_W[i - 15];
const W2 = SHA256_W[i - 2];
const s0 = rotr(W15, 7) ^ rotr(W15, 18) ^ (W15 >>> 3);
const s1 = rotr(W2, 17) ^ rotr(W2, 19) ^ (W2 >>> 10);
SHA256_W[i] = (s1 + SHA256_W[i - 7] + s0 + SHA256_W[i - 16]) | 0;
}
// Compression function main loop, 64 rounds
let { A, B, C, D, E, F, G, H } = this;
for (let i = 0; i < 64; i++) {
const sigma1 = rotr(E, 6) ^ rotr(E, 11) ^ rotr(E, 25);
const T1 = (H + sigma1 + Chi(E, F, G) + SHA256_K[i] + SHA256_W[i]) | 0;
const sigma0 = rotr(A, 2) ^ rotr(A, 13) ^ rotr(A, 22);
const T2 = (sigma0 + Maj(A, B, C)) | 0;
H = G;
G = F;
F = E;
E = (D + T1) | 0;
D = C;
C = B;
B = A;
A = (T1 + T2) | 0;
}
// Add the compressed chunk to the current hash value
A = (A + this.A) | 0;
B = (B + this.B) | 0;
C = (C + this.C) | 0;
D = (D + this.D) | 0;
E = (E + this.E) | 0;
F = (F + this.F) | 0;
G = (G + this.G) | 0;
H = (H + this.H) | 0;
this.set(A, B, C, D, E, F, G, H);
}
roundClean() {
SHA256_W.fill(0);
}
destroy() {
this.set(0, 0, 0, 0, 0, 0, 0, 0);
this.buffer.fill(0);
}
};
/**
* SHA2-256 hash function
* @param message - data that would be hashed
*/
const sha256 = /* @__PURE__ */ wrapConstructor(() => new SHA256$1());
const U32_MASK64 = /* @__PURE__ */ BigInt(2 ** 32 - 1);
const _32n = /* @__PURE__ */ BigInt(32);
// We are not using BigUint64Array, because they are extremely slow as per 2022
function fromBig(n, le = false) {
if (le)
return { h: Number(n & U32_MASK64), l: Number((n >> _32n) & U32_MASK64) };
return { h: Number((n >> _32n) & U32_MASK64) | 0, l: Number(n & U32_MASK64) | 0 };
}
function split(lst, le = false) {
let Ah = new Uint32Array(lst.length);
let Al = new Uint32Array(lst.length);
for (let i = 0; i < lst.length; i++) {
const { h, l } = fromBig(lst[i], le);
[Ah[i], Al[i]] = [h, l];
}
return [Ah, Al];
}
const toBig = (h, l) => (BigInt(h >>> 0) << _32n) | BigInt(l >>> 0);
// for Shift in [0, 32)
const shrSH = (h, _l, s) => h >>> s;
const shrSL = (h, l, s) => (h << (32 - s)) | (l >>> s);
// Right rotate for Shift in [1, 32)
const rotrSH = (h, l, s) => (h >>> s) | (l << (32 - s));
const rotrSL = (h, l, s) => (h << (32 - s)) | (l >>> s);
// Right rotate for Shift in (32, 64), NOTE: 32 is special case.
const rotrBH = (h, l, s) => (h << (64 - s)) | (l >>> (s - 32));
const rotrBL = (h, l, s) => (h >>> (s - 32)) | (l << (64 - s));
// Right rotate for shift===32 (just swaps l&h)
const rotr32H = (_h, l) => l;
const rotr32L = (h, _l) => h;
// Left rotate for Shift in [1, 32)
const rotlSH = (h, l, s) => (h << s) | (l >>> (32 - s));
const rotlSL = (h, l, s) => (l << s) | (h >>> (32 - s));
// Left rotate for Shift in (32, 64), NOTE: 32 is special case.
const rotlBH = (h, l, s) => (l << (s - 32)) | (h >>> (64 - s));
const rotlBL = (h, l, s) => (h << (s - 32)) | (l >>> (64 - s));
// JS uses 32-bit signed integers for bitwise operations which means we cannot
// simple take carry out of low bit sum by shift, we need to use division.
function add(Ah, Al, Bh, Bl) {
const l = (Al >>> 0) + (Bl >>> 0);
return { h: (Ah + Bh + ((l / 2 ** 32) | 0)) | 0, l: l | 0 };
}
// Addition with more than 2 elements
const add3L = (Al, Bl, Cl) => (Al >>> 0) + (Bl >>> 0) + (Cl >>> 0);
const add3H = (low, Ah, Bh, Ch) => (Ah + Bh + Ch + ((low / 2 ** 32) | 0)) | 0;
const add4L = (Al, Bl, Cl, Dl) => (Al >>> 0) + (Bl >>> 0) + (Cl >>> 0) + (Dl >>> 0);
const add4H = (low, Ah, Bh, Ch, Dh) => (Ah + Bh + Ch + Dh + ((low / 2 ** 32) | 0)) | 0;
const add5L = (Al, Bl, Cl, Dl, El) => (Al >>> 0) + (Bl >>> 0) + (Cl >>> 0) + (Dl >>> 0) + (El >>> 0);
const add5H = (low, Ah, Bh, Ch, Dh, Eh) => (Ah + Bh + Ch + Dh + Eh + ((low / 2 ** 32) | 0)) | 0;
// prettier-ignore
const u64 = {
fromBig, split, toBig,
shrSH, shrSL,
rotrSH, rotrSL, rotrBH, rotrBL,
rotr32H, rotr32L,
rotlSH, rotlSL, rotlBH, rotlBL,
add, add3L, add3H, add4L, add4H, add5H, add5L,
};
// Round contants (first 32 bits of the fractional parts of the cube roots of the first 80 primes 2..409):
// prettier-ignore
const [SHA512_Kh, SHA512_Kl] = /* @__PURE__ */ (() => u64.split([
'0x428a2f98d728ae22', '0x7137449123ef65cd', '0xb5c0fbcfec4d3b2f', '0xe9b5dba58189dbbc',
'0x3956c25bf348b538', '0x59f111f1b605d019', '0x923f82a4af194f9b', '0xab1c5ed5da6d8118',
'0xd807aa98a3030242', '0x12835b0145706fbe', '0x243185be4ee4b28c', '0x550c7dc3d5ffb4e2',
'0x72be5d74f27b896f', '0x80deb1fe3b1696b1', '0x9bdc06a725c71235', '0xc19bf174cf692694',
'0xe49b69c19ef14ad2', '0xefbe4786384f25e3', '0x0fc19dc68b8cd5b5', '0x240ca1cc77ac9c65',
'0x2de92c6f592b0275', '0x4a7484aa6ea6e483', '0x5cb0a9dcbd41fbd4', '0x76f988da831153b5',
'0x983e5152ee66dfab', '0xa831c66d2db43210', '0xb00327c898fb213f', '0xbf597fc7beef0ee4',
'0xc6e00bf33da88fc2', '0xd5a79147930aa725', '0x06ca6351e003826f', '0x142929670a0e6e70',
'0x27b70a8546d22ffc', '0x2e1b21385c26c926', '0x4d2c6dfc5ac42aed', '0x53380d139d95b3df',
'0x650a73548baf63de', '0x766a0abb3c77b2a8', '0x81c2c92e47edaee6', '0x92722c851482353b',
'0xa2bfe8a14cf10364', '0xa81a664bbc423001', '0xc24b8b70d0f89791', '0xc76c51a30654be30',
'0xd192e819d6ef5218', '0xd69906245565a910', '0xf40e35855771202a', '0x106aa07032bbd1b8',
'0x19a4c116b8d2d0c8', '0x1e376c085141ab53', '0x2748774cdf8eeb99', '0x34b0bcb5e19b48a8',
'0x391c0cb3c5c95a63', '0x4ed8aa4ae3418acb', '0x5b9cca4f7763e373', '0x682e6ff3d6b2b8a3',
'0x748f82ee5defb2fc', '0x78a5636f43172f60', '0x84c87814a1f0ab72', '0x8cc702081a6439ec',
'0x90befffa23631e28', '0xa4506cebde82bde9', '0xbef9a3f7b2c67915', '0xc67178f2e372532b',
'0xca273eceea26619c', '0xd186b8c721c0c207', '0xeada7dd6cde0eb1e', '0xf57d4f7fee6ed178',
'0x06f067aa72176fba', '0x0a637dc5a2c898a6', '0x113f9804bef90dae', '0x1b710b35131c471b',
'0x28db77f523047d84', '0x32caab7b40c72493', '0x3c9ebe0a15c9bebc', '0x431d67c49c100d4c',
'0x4cc5d4becb3e42b6', '0x597f299cfc657e2a', '0x5fcb6fab3ad6faec', '0x6c44198c4a475817'
].map(n => BigInt(n))))();
// Temporary buffer, not used to store anything between runs
const SHA512_W_H = /* @__PURE__ */ new Uint32Array(80);
const SHA512_W_L = /* @__PURE__ */ new Uint32Array(80);
let SHA512$1 = class SHA512 extends HashMD {
constructor() {
super(128, 64, 16, false);
// We cannot use array here since array allows indexing by variable which means optimizer/compiler cannot use registers.
// Also looks cleaner and easier to verify with spec.
// Initial state (first 32 bits of the fractional parts of the square roots of the first 8 primes 2..19):
// h -- high 32 bits, l -- low 32 bits
this.Ah = 0x6a09e667 | 0;
this.Al = 0xf3bcc908 | 0;
this.Bh = 0xbb67ae85 | 0;
this.Bl = 0x84caa73b | 0;
this.Ch = 0x3c6ef372 | 0;
this.Cl = 0xfe94f82b | 0;
this.Dh = 0xa54ff53a | 0;
this.Dl = 0x5f1d36f1 | 0;
this.Eh = 0x510e527f | 0;
this.El = 0xade682d1 | 0;
this.Fh = 0x9b05688c | 0;
this.Fl = 0x2b3e6c1f | 0;
this.Gh = 0x1f83d9ab | 0;
this.Gl = 0xfb41bd6b | 0;
this.Hh = 0x5be0cd19 | 0;
this.Hl = 0x137e2179 | 0;
}
// prettier-ignore
get() {
const { Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl } = this;
return [Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl];
}
// prettier-ignore
set(Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl) {
this.Ah = Ah | 0;
this.Al = Al | 0;
this.Bh = Bh | 0;
this.Bl = Bl | 0;
this.Ch = Ch | 0;
this.Cl = Cl | 0;
this.Dh = Dh | 0;
this.Dl = Dl | 0;
this.Eh = Eh | 0;
this.El = El | 0;
this.Fh = Fh | 0;
this.Fl = Fl | 0;
this.Gh = Gh | 0;
this.Gl = Gl | 0;
this.Hh = Hh | 0;
this.Hl = Hl | 0;
}
process(view, offset) {
// Extend the first 16 words into the remaining 64 words w[16..79] of the message schedule array
for (let i = 0; i < 16; i++, offset += 4) {
SHA512_W_H[i] = view.getUint32(offset);
SHA512_W_L[i] = view.getUint32((offset += 4));
}
for (let i = 16; i < 80; i++) {
// s0 := (w[i-15] rightrotate 1) xor (w[i-15] rightrotate 8) xor (w[i-15] rightshift 7)
const W15h = SHA512_W_H[i - 15] | 0;
const W15l = SHA512_W_L[i - 15] | 0;
const s0h = u64.rotrSH(W15h, W15l, 1) ^ u64.rotrSH(W15h, W15l, 8) ^ u64.shrSH(W15h, W15l, 7);
const s0l = u64.rotrSL(W15h, W15l, 1) ^ u64.rotrSL(W15h, W15l, 8) ^ u64.shrSL(W15h, W15l, 7);
// s1 := (w[i-2] rightrotate 19) xor (w[i-2] rightrotate 61) xor (w[i-2] rightshift 6)
const W2h = SHA512_W_H[i - 2] | 0;
const W2l = SHA512_W_L[i - 2] | 0;
const s1h = u64.rotrSH(W2h, W2l, 19) ^ u64.rotrBH(W2h, W2l, 61) ^ u64.shrSH(W2h, W2l, 6);
const s1l = u64.rotrSL(W2h, W2l, 19) ^ u64.rotrBL(W2h, W2l, 61) ^ u64.shrSL(W2h, W2l, 6);
// SHA256_W[i] = s0 + s1 + SHA256_W[i - 7] + SHA256_W[i - 16];
const SUMl = u64.add4L(s0l, s1l, SHA512_W_L[i - 7], SHA512_W_L[i - 16]);
const SUMh = u64.add4H(SUMl, s0h, s1h, SHA512_W_H[i - 7], SHA512_W_H[i - 16]);
SHA512_W_H[i] = SUMh | 0;
SHA512_W_L[i] = SUMl | 0;
}
let { Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl } = this;
// Compression function main loop, 80 rounds
for (let i = 0; i < 80; i++) {
// S1 := (e rightrotate 14) xor (e rightrotate 18) xor (e rightrotate 41)
const sigma1h = u64.rotrSH(Eh, El, 14) ^ u64.rotrSH(Eh, El, 18) ^ u64.rotrBH(Eh, El, 41);
const sigma1l = u64.rotrSL(Eh, El, 14) ^ u64.rotrSL(Eh, El, 18) ^ u64.rotrBL(Eh, El, 41);
//const T1 = (H + sigma1 + Chi(E, F, G) + SHA256_K[i] + SHA256_W[i]) | 0;
const CHIh = (Eh & Fh) ^ (~Eh & Gh);
const CHIl = (El & Fl) ^ (~El & Gl);
// T1 = H + sigma1 + Chi(E, F, G) + SHA512_K[i] + SHA512_W[i]
// prettier-ignore
const T1ll = u64.add5L(Hl, sigma1l, CHIl, SHA512_Kl[i], SHA512_W_L[i]);
const T1h = u64.add5H(T1ll, Hh, sigma1h, CHIh, SHA512_Kh[i], SHA512_W_H[i]);
const T1l = T1ll | 0;
// S0 := (a rightrotate 28) xor (a rightrotate 34) xor (a rightrotate 39)
const sigma0h = u64.rotrSH(Ah, Al, 28) ^ u64.rotrBH(Ah, Al, 34) ^ u64.rotrBH(Ah, Al, 39);
const sigma0l = u64.rotrSL(Ah, Al, 28) ^ u64.rotrBL(Ah, Al, 34) ^ u64.rotrBL(Ah, Al, 39);
const MAJh = (Ah & Bh) ^ (Ah & Ch) ^ (Bh & Ch);
const MAJl = (Al & Bl) ^ (Al & Cl) ^ (Bl & Cl);
Hh = Gh | 0;
Hl = Gl | 0;
Gh = Fh | 0;
Gl = Fl | 0;
Fh = Eh | 0;
Fl = El | 0;
({ h: Eh, l: El } = u64.add(Dh | 0, Dl | 0, T1h | 0, T1l | 0));
Dh = Ch | 0;
Dl = Cl | 0;
Ch = Bh | 0;
Cl = Bl | 0;
Bh = Ah | 0;
Bl = Al | 0;
const All = u64.add3L(T1l, sigma0l, MAJl);
Ah = u64.add3H(All, T1h, sigma0h, MAJh);
Al = All | 0;
}
// Add the compressed chunk to the current hash value
({ h: Ah, l: Al } = u64.add(this.Ah | 0, this.Al | 0, Ah | 0, Al | 0));
({ h: Bh, l: Bl } = u64.add(this.Bh | 0, this.Bl | 0, Bh | 0, Bl | 0));
({ h: Ch, l: Cl } = u64.add(this.Ch | 0, this.Cl | 0, Ch | 0, Cl | 0));
({ h: Dh, l: Dl } = u64.add(this.Dh | 0, this.Dl | 0, Dh | 0, Dl | 0));
({ h: Eh, l: El } = u64.add(this.Eh | 0, this.El | 0, Eh | 0, El | 0));
({ h: Fh, l: Fl } = u64.add(this.Fh | 0, this.Fl | 0, Fh | 0, Fl | 0));
({ h: Gh, l: Gl } = u64.add(this.Gh | 0, this.Gl | 0, Gh | 0, Gl | 0));
({ h: Hh, l: Hl } = u64.add(this.Hh | 0, this.Hl | 0, Hh | 0, Hl | 0));
this.set(Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl);
}
roundClean() {
SHA512_W_H.fill(0);
SHA512_W_L.fill(0);
}
destroy() {
this.buffer.fill(0);
this.set(0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
}
};
let SHA384$1 = class SHA384 extends SHA512$1 {
constructor() {
super();
// h -- high 32 bits, l -- low 32 bits
this.Ah = 0xcbbb9d5d | 0;
this.Al = 0xc1059ed8 | 0;
this.Bh = 0x629a292a | 0;
this.Bl = 0x367cd507 | 0;
this.Ch = 0x9159015a | 0;
this.Cl = 0x3070dd17 | 0;
this.Dh = 0x152fecd8 | 0;
this.Dl = 0xf70e5939 | 0;
this.Eh = 0x67332667 | 0;
this.El = 0xffc00b31 | 0;
this.Fh = 0x8eb44a87 | 0;
this.Fl = 0x68581511 | 0;
this.Gh = 0xdb0c2e0d | 0;
this.Gl = 0x64f98fa7 | 0;
this.Hh = 0x47b5481d | 0;
this.Hl = 0xbefa4fa4 | 0;
this.outputLen = 48;
}
};
const sha512 = /* @__PURE__ */ wrapConstructor(() => new SHA512$1());
const sha384 = /* @__PURE__ */ wrapConstructor(() => new SHA384$1());
var _a;
class ECNamedCurves {
static register(name, id, size) {
this.namedCurves[name.toLowerCase()] = this.namedCurves[id] = { name, id, size };
}
static find(nameOrId) {
return this.namedCurves[nameOrId.toLowerCase()] || null;
}
}
_a = ECNamedCurves;
ECNamedCurves.namedCurves = {};
(() => {
_a.register("P-256", "1.2.840.10045.3.1.7", 32);
_a.register("P-384", "1.3.132.0.34", 48);
_a.register("P-521", "1.3.132.0.35", 66);
_a.register("brainpoolP256r1", "1.3.36.3.3.2.8.1.1.7", 32);
_a.register("brainpoolP384r1", "1.3.36.3.3.2.8.1.1.11", 48);
_a.register("brainpoolP512r1", "1.3.36.3.3.2.8.1.1.13", 64);
})();
const X = "x";
const Y = "y";
const NAMED_CURVE$1 = "namedCurve";
class ECPublicKey extends PkiObject {
constructor(parameters = {}) {
super();
this.x = getParametersValue(parameters, X, ECPublicKey.defaultValues(X));
this.y = getParametersValue(parameters, Y, ECPublicKey.defaultValues(Y));
this.namedCurve = getParametersValue(parameters, NAMED_CURVE$1, ECPublicKey.defaultValues(NAMED_CURVE$1));
if (parameters.json) {
this.fromJSON(parameters.json);
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case X:
case Y:
return EMPTY_BUFFER;
case NAMED_CURVE$1:
return EMPTY_STRING;
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case X:
case Y:
return memberValue instanceof ArrayBuffer &&
(isEqualBuffer(memberValue, ECPublicKey.defaultValues(memberName)));
case NAMED_CURVE$1:
return typeof memberValue === "string" &&
memberValue === ECPublicKey.defaultValues(memberName);
default:
return super.defaultValues(memberName);
}
}
static schema() {
return new RawData();
}
fromSchema(schema1) {
const view = BufferSourceConverter.toUint8Array(schema1);
if (view[0] !== 0x04) {
throw new Error("Object's schema was not verified against input data for ECPublicKey");
}
const namedCurve = ECNamedCurves.find(this.namedCurve);
if (!namedCurve) {
throw new Error(`Incorrect curve OID: ${this.namedCurve}`);
}
const coordinateLength = namedCurve.size;
if (view.byteLength !== (coordinateLength * 2 + 1)) {
throw new Error("Object's schema was not verified against input data for ECPublicKey");
}
this.namedCurve = namedCurve.name;
this.x = view.slice(1, coordinateLength + 1).buffer;
this.y = view.slice(1 + coordinateLength, coordinateLength * 2 + 1).buffer;
}
toSchema() {
return new RawData({
data: utilConcatBuf((new Uint8Array([0x04])).buffer, this.x, this.y)
});
}
toJSON() {
const namedCurve = ECNamedCurves.find(this.namedCurve);
return {
crv: namedCurve ? namedCurve.name : this.namedCurve,
x: toBase64(arrayBufferToString(this.x), true, true, false),
y: toBase64(arrayBufferToString(this.y), true, true, false)
};
}
fromJSON(json) {
ParameterError.assert("json", json, "crv", "x", "y");
let coordinateLength = 0;
const namedCurve = ECNamedCurves.find(json.crv);
if (namedCurve) {
this.namedCurve = namedCurve.id;
coordinateLength = namedCurve.size;
}
const xConvertBuffer = stringToArrayBuffer(fromBase64(json.x, true));
if (xConvertBuffer.byteLength < coordinateLength) {
this.x = new ArrayBuffer(coordinateLength);
const view = new Uint8Array(this.x);
const convertBufferView = new Uint8Array(xConvertBuffer);
view.set(convertBufferView, 1);
}
else {
this.x = xConvertBuffer.slice(0, coordinateLength);
}
const yConvertBuffer = stringToArrayBuffer(fromBase64(json.y, true));
if (yConvertBuffer.byteLength < coordinateLength) {
this.y = new ArrayBuffer(coordinateLength);
const view = new Uint8Array(this.y);
const convertBufferView = new Uint8Array(yConvertBuffer);
view.set(convertBufferView, 1);
}
else {
this.y = yConvertBuffer.slice(0, coordinateLength);
}
}
}
ECPublicKey.CLASS_NAME = "ECPublicKey";
const MODULUS$1 = "modulus";
const PUBLIC_EXPONENT$1 = "publicExponent";
const CLEAR_PROPS$1b = [MODULUS$1, PUBLIC_EXPONENT$1];
class RSAPublicKey extends PkiObject {
constructor(parameters = {}) {
super();
this.modulus = getParametersValue(parameters, MODULUS$1, RSAPublicKey.defaultValues(MODULUS$1));
this.publicExponent = getParametersValue(parameters, PUBLIC_EXPONENT$1, RSAPublicKey.defaultValues(PUBLIC_EXPONENT$1));
if (parameters.json) {
this.fromJSON(parameters.json);
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case MODULUS$1:
return new Integer();
case PUBLIC_EXPONENT$1:
return new Integer();
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Integer({ name: (names.modulus || EMPTY_STRING) }),
new Integer({ name: (names.publicExponent || EMPTY_STRING) })
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$1b);
const asn1 = compareSchema(schema, schema, RSAPublicKey.schema({
names: {
modulus: MODULUS$1,
publicExponent: PUBLIC_EXPONENT$1
}
}));
AsnError.assertSchema(asn1, this.className);
this.modulus = asn1.result.modulus.convertFromDER(256);
this.publicExponent = asn1.result.publicExponent;
}
toSchema() {
return (new Sequence({
value: [
this.modulus.convertToDER(),
this.publicExponent
]
}));
}
toJSON() {
return {
n: Convert.ToBase64Url(this.modulus.valueBlock.valueHexView),
e: Convert.ToBase64Url(this.publicExponent.valueBlock.valueHexView),
};
}
fromJSON(json) {
ParameterError.assert("json", json, "n", "e");
const array = stringToArrayBuffer(fromBase64(json.n, true));
this.modulus = new Integer({ valueHex: array.slice(0, Math.pow(2, nearestPowerOf2(array.byteLength))) });
this.publicExponent = new Integer({ valueHex: stringToArrayBuffer(fromBase64(json.e, true)).slice(0, 3) });
}
}
RSAPublicKey.CLASS_NAME = "RSAPublicKey";
const ALGORITHM$1 = "algorithm";
const SUBJECT_PUBLIC_KEY = "subjectPublicKey";
const CLEAR_PROPS$1a = [ALGORITHM$1, SUBJECT_PUBLIC_KEY];
class PublicKeyInfo extends PkiObject {
get parsedKey() {
if (this._parsedKey === undefined) {
switch (this.algorithm.algorithmId) {
case "1.2.840.10045.2.1":
if ("algorithmParams" in this.algorithm) {
if (this.algorithm.algorithmParams.constructor.blockName() === ObjectIdentifier.blockName()) {
try {
this._parsedKey = new ECPublicKey({
namedCurve: this.algorithm.algorithmParams.valueBlock.toString(),
schema: this.subjectPublicKey.valueBlock.valueHexView
});
}
catch {
}
}
}
break;
case "1.2.840.113549.1.1.1":
{
const publicKeyASN1 = fromBER(this.subjectPublicKey.valueBlock.valueHexView);
if (publicKeyASN1.offset !== -1) {
try {
this._parsedKey = new RSAPublicKey({ schema: publicKeyASN1.result });
}
catch {
}
}
}
break;
}
this._parsedKey || (this._parsedKey = null);
}
return this._parsedKey || undefined;
}
set parsedKey(value) {
this._parsedKey = value;
}
constructor(parameters = {}) {
super();
this.algorithm = getParametersValue(parameters, ALGORITHM$1, PublicKeyInfo.defaultValues(ALGORITHM$1));
this.subjectPublicKey = getParametersValue(parameters, SUBJECT_PUBLIC_KEY, PublicKeyInfo.defaultValues(SUBJECT_PUBLIC_KEY));
const parsedKey = getParametersValue(parameters, "parsedKey", null);
if (parsedKey) {
this.parsedKey = parsedKey;
}
if (parameters.json) {
this.fromJSON(parameters.json);
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case ALGORITHM$1:
return new AlgorithmIdentifier();
case SUBJECT_PUBLIC_KEY:
return new BitString();
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
AlgorithmIdentifier.schema(names.algorithm || {}),
new BitString({ name: (names.subjectPublicKey || EMPTY_STRING) })
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$1a);
const asn1 = compareSchema(schema, schema, PublicKeyInfo.schema({
names: {
algorithm: {
names: {
blockName: ALGORITHM$1
}
},
subjectPublicKey: SUBJECT_PUBLIC_KEY
}
}));
AsnError.assertSchema(asn1, this.className);
this.algorithm = new AlgorithmIdentifier({ schema: asn1.result.algorithm });
this.subjectPublicKey = asn1.result.subjectPublicKey;
}
toSchema() {
return (new Sequence({
value: [
this.algorithm.toSchema(),
this.subjectPublicKey
]
}));
}
toJSON() {
if (!this.parsedKey) {
return {
algorithm: this.algorithm.toJSON(),
subjectPublicKey: this.subjectPublicKey.toJSON(),
};
}
const jwk = {};
switch (this.algorithm.algorithmId) {
case "1.2.840.10045.2.1":
jwk.kty = "EC";
break;
case "1.2.840.113549.1.1.1":
jwk.kty = "RSA";
break;
}
const publicKeyJWK = this.parsedKey.toJSON();
Object.assign(jwk, publicKeyJWK);
return jwk;
}
fromJSON(json) {
if ("kty" in json) {
switch (json.kty.toUpperCase()) {
case "EC":
this.parsedKey = new ECPublicKey({ json });
this.algorithm = new AlgorithmIdentifier({
algorithmId: "1.2.840.10045.2.1",
algorithmParams: new ObjectIdentifier({ value: this.parsedKey.namedCurve })
});
break;
case "RSA":
this.parsedKey = new RSAPublicKey({ json });
this.algorithm = new AlgorithmIdentifier({
algorithmId: "1.2.840.113549.1.1.1",
algorithmParams: new Null()
});
break;
default:
throw new Error(`Invalid value for "kty" parameter: ${json.kty}`);
}
this.subjectPublicKey = new BitString({ valueHex: this.parsedKey.toSchema().toBER(false) });
}
}
async importKey(publicKey, crypto = getCrypto(true)) {
try {
if (!publicKey) {
throw new Error("Need to provide publicKey input parameter");
}
const exportedKey = await crypto.exportKey("spki", publicKey);
const asn1 = fromBER(exportedKey);
try {
this.fromSchema(asn1.result);
}
catch {
throw new Error("Error during initializing object from schema");
}
}
catch (e) {
const message = e instanceof Error ? e.message : `${e}`;
throw new Error(`Error during exporting public key: ${message}`);
}
}
}
PublicKeyInfo.CLASS_NAME = "PublicKeyInfo";
const VERSION$l = "version";
const PRIVATE_KEY$1 = "privateKey";
const NAMED_CURVE = "namedCurve";
const PUBLIC_KEY$1 = "publicKey";
const CLEAR_PROPS$19 = [
VERSION$l,
PRIVATE_KEY$1,
NAMED_CURVE,
PUBLIC_KEY$1
];
class ECPrivateKey extends PkiObject {
constructor(parameters = {}) {
super();
this.version = getParametersValue(parameters, VERSION$l, ECPrivateKey.defaultValues(VERSION$l));
this.privateKey = getParametersValue(parameters, PRIVATE_KEY$1, ECPrivateKey.defaultValues(PRIVATE_KEY$1));
if (NAMED_CURVE in parameters) {
this.namedCurve = getParametersValue(parameters, NAMED_CURVE, ECPrivateKey.defaultValues(NAMED_CURVE));
}
if (PUBLIC_KEY$1 in parameters) {
this.publicKey = getParametersValue(parameters, PUBLIC_KEY$1, ECPrivateKey.defaultValues(PUBLIC_KEY$1));
}
if (parameters.json) {
this.fromJSON(parameters.json);
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case VERSION$l:
return 1;
case PRIVATE_KEY$1:
return new OctetString();
case NAMED_CURVE:
return EMPTY_STRING;
case PUBLIC_KEY$1:
return new ECPublicKey();
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case VERSION$l:
return (memberValue === ECPrivateKey.defaultValues(memberName));
case PRIVATE_KEY$1:
return (memberValue.isEqual(ECPrivateKey.defaultValues(memberName)));
case NAMED_CURVE:
return (memberValue === EMPTY_STRING);
case PUBLIC_KEY$1:
return ((ECPublicKey.compareWithDefault(NAMED_CURVE, memberValue.namedCurve)) &&
(ECPublicKey.compareWithDefault("x", memberValue.x)) &&
(ECPublicKey.compareWithDefault("y", memberValue.y)));
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Integer({ name: (names.version || EMPTY_STRING) }),
new OctetString({ name: (names.privateKey || EMPTY_STRING) }),
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [
new ObjectIdentifier({ name: (names.namedCurve || EMPTY_STRING) })
]
}),
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: [
new BitString({ name: (names.publicKey || EMPTY_STRING) })
]
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$19);
const asn1 = compareSchema(schema, schema, ECPrivateKey.schema({
names: {
version: VERSION$l,
privateKey: PRIVATE_KEY$1,
namedCurve: NAMED_CURVE,
publicKey: PUBLIC_KEY$1
}
}));
AsnError.assertSchema(asn1, this.className);
this.version = asn1.result.version.valueBlock.valueDec;
this.privateKey = asn1.result.privateKey;
if (NAMED_CURVE in asn1.result) {
this.namedCurve = asn1.result.namedCurve.valueBlock.toString();
}
if (PUBLIC_KEY$1 in asn1.result) {
const publicKeyData = { schema: asn1.result.publicKey.valueBlock.valueHex };
if (NAMED_CURVE in this) {
publicKeyData.namedCurve = this.namedCurve;
}
this.publicKey = new ECPublicKey(publicKeyData);
}
}
toSchema() {
const outputArray = [
new Integer({ value: this.version }),
this.privateKey
];
if (this.namedCurve) {
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [
new ObjectIdentifier({ value: this.namedCurve })
]
}));
}
if (this.publicKey) {
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: [
new BitString({ valueHex: this.publicKey.toSchema().toBER(false) })
]
}));
}
return new Sequence({
value: outputArray
});
}
toJSON() {
if (!this.namedCurve || ECPrivateKey.compareWithDefault(NAMED_CURVE, this.namedCurve)) {
throw new Error("Not enough information for making JSON: absent \"namedCurve\" value");
}
const curve = ECNamedCurves.find(this.namedCurve);
const privateKeyJSON = {
crv: curve ? curve.name : this.namedCurve,
d: Convert.ToBase64Url(this.privateKey.valueBlock.valueHexView),
};
if (this.publicKey) {
const publicKeyJSON = this.publicKey.toJSON();
privateKeyJSON.x = publicKeyJSON.x;
privateKeyJSON.y = publicKeyJSON.y;
}
return privateKeyJSON;
}
fromJSON(json) {
ParameterError.assert("json", json, "crv", "d");
let coordinateLength = 0;
const curve = ECNamedCurves.find(json.crv);
if (curve) {
this.namedCurve = curve.id;
coordinateLength = curve.size;
}
const convertBuffer = Convert.FromBase64Url(json.d);
if (convertBuffer.byteLength < coordinateLength) {
const buffer = new ArrayBuffer(coordinateLength);
const view = new Uint8Array(buffer);
const convertBufferView = new Uint8Array(convertBuffer);
view.set(convertBufferView, 1);
this.privateKey = new OctetString({ valueHex: buffer });
}
else {
this.privateKey = new OctetString({ valueHex: convertBuffer.slice(0, coordinateLength) });
}
if (json.x && json.y) {
this.publicKey = new ECPublicKey({ json });
}
}
}
ECPrivateKey.CLASS_NAME = "ECPrivateKey";
const PRIME = "prime";
const EXPONENT = "exponent";
const COEFFICIENT$1 = "coefficient";
const CLEAR_PROPS$18 = [
PRIME,
EXPONENT,
COEFFICIENT$1,
];
class OtherPrimeInfo extends PkiObject {
constructor(parameters = {}) {
super();
this.prime = getParametersValue(parameters, PRIME, OtherPrimeInfo.defaultValues(PRIME));
this.exponent = getParametersValue(parameters, EXPONENT, OtherPrimeInfo.defaultValues(EXPONENT));
this.coefficient = getParametersValue(parameters, COEFFICIENT$1, OtherPrimeInfo.defaultValues(COEFFICIENT$1));
if (parameters.json) {
this.fromJSON(parameters.json);
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case PRIME:
return new Integer();
case EXPONENT:
return new Integer();
case COEFFICIENT$1:
return new Integer();
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Integer({ name: (names.prime || EMPTY_STRING) }),
new Integer({ name: (names.exponent || EMPTY_STRING) }),
new Integer({ name: (names.coefficient || EMPTY_STRING) })
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$18);
const asn1 = compareSchema(schema, schema, OtherPrimeInfo.schema({
names: {
prime: PRIME,
exponent: EXPONENT,
coefficient: COEFFICIENT$1
}
}));
AsnError.assertSchema(asn1, this.className);
this.prime = asn1.result.prime.convertFromDER();
this.exponent = asn1.result.exponent.convertFromDER();
this.coefficient = asn1.result.coefficient.convertFromDER();
}
toSchema() {
return (new Sequence({
value: [
this.prime.convertToDER(),
this.exponent.convertToDER(),
this.coefficient.convertToDER()
]
}));
}
toJSON() {
return {
r: Convert.ToBase64Url(this.prime.valueBlock.valueHexView),
d: Convert.ToBase64Url(this.exponent.valueBlock.valueHexView),
t: Convert.ToBase64Url(this.coefficient.valueBlock.valueHexView),
};
}
fromJSON(json) {
ParameterError.assert("json", json, "r", "d", "r");
this.prime = new Integer({ valueHex: Convert.FromBase64Url(json.r) });
this.exponent = new Integer({ valueHex: Convert.FromBase64Url(json.d) });
this.coefficient = new Integer({ valueHex: Convert.FromBase64Url(json.t) });
}
}
OtherPrimeInfo.CLASS_NAME = "OtherPrimeInfo";
const VERSION$k = "version";
const MODULUS = "modulus";
const PUBLIC_EXPONENT = "publicExponent";
const PRIVATE_EXPONENT = "privateExponent";
const PRIME1 = "prime1";
const PRIME2 = "prime2";
const EXPONENT1 = "exponent1";
const EXPONENT2 = "exponent2";
const COEFFICIENT = "coefficient";
const OTHER_PRIME_INFOS = "otherPrimeInfos";
const CLEAR_PROPS$17 = [
VERSION$k,
MODULUS,
PUBLIC_EXPONENT,
PRIVATE_EXPONENT,
PRIME1,
PRIME2,
EXPONENT1,
EXPONENT2,
COEFFICIENT,
OTHER_PRIME_INFOS
];
class RSAPrivateKey extends PkiObject {
constructor(parameters = {}) {
super();
this.version = getParametersValue(parameters, VERSION$k, RSAPrivateKey.defaultValues(VERSION$k));
this.modulus = getParametersValue(parameters, MODULUS, RSAPrivateKey.defaultValues(MODULUS));
this.publicExponent = getParametersValue(parameters, PUBLIC_EXPONENT, RSAPrivateKey.defaultValues(PUBLIC_EXPONENT));
this.privateExponent = getParametersValue(parameters, PRIVATE_EXPONENT, RSAPrivateKey.defaultValues(PRIVATE_EXPONENT));
this.prime1 = getParametersValue(parameters, PRIME1, RSAPrivateKey.defaultValues(PRIME1));
this.prime2 = getParametersValue(parameters, PRIME2, RSAPrivateKey.defaultValues(PRIME2));
this.exponent1 = getParametersValue(parameters, EXPONENT1, RSAPrivateKey.defaultValues(EXPONENT1));
this.exponent2 = getParametersValue(parameters, EXPONENT2, RSAPrivateKey.defaultValues(EXPONENT2));
this.coefficient = getParametersValue(parameters, COEFFICIENT, RSAPrivateKey.defaultValues(COEFFICIENT));
if (OTHER_PRIME_INFOS in parameters) {
this.otherPrimeInfos = getParametersValue(parameters, OTHER_PRIME_INFOS, RSAPrivateKey.defaultValues(OTHER_PRIME_INFOS));
}
if (parameters.json) {
this.fromJSON(parameters.json);
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case VERSION$k:
return 0;
case MODULUS:
return new Integer();
case PUBLIC_EXPONENT:
return new Integer();
case PRIVATE_EXPONENT:
return new Integer();
case PRIME1:
return new Integer();
case PRIME2:
return new Integer();
case EXPONENT1:
return new Integer();
case EXPONENT2:
return new Integer();
case COEFFICIENT:
return new Integer();
case OTHER_PRIME_INFOS:
return [];
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Integer({ name: (names.version || EMPTY_STRING) }),
new Integer({ name: (names.modulus || EMPTY_STRING) }),
new Integer({ name: (names.publicExponent || EMPTY_STRING) }),
new Integer({ name: (names.privateExponent || EMPTY_STRING) }),
new Integer({ name: (names.prime1 || EMPTY_STRING) }),
new Integer({ name: (names.prime2 || EMPTY_STRING) }),
new Integer({ name: (names.exponent1 || EMPTY_STRING) }),
new Integer({ name: (names.exponent2 || EMPTY_STRING) }),
new Integer({ name: (names.coefficient || EMPTY_STRING) }),
new Sequence({
optional: true,
value: [
new Repeated({
name: (names.otherPrimeInfosName || EMPTY_STRING),
value: OtherPrimeInfo.schema(names.otherPrimeInfo || {})
})
]
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$17);
const asn1 = compareSchema(schema, schema, RSAPrivateKey.schema({
names: {
version: VERSION$k,
modulus: MODULUS,
publicExponent: PUBLIC_EXPONENT,
privateExponent: PRIVATE_EXPONENT,
prime1: PRIME1,
prime2: PRIME2,
exponent1: EXPONENT1,
exponent2: EXPONENT2,
coefficient: COEFFICIENT,
otherPrimeInfo: {
names: {
blockName: OTHER_PRIME_INFOS
}
}
}
}));
AsnError.assertSchema(asn1, this.className);
this.version = asn1.result.version.valueBlock.valueDec;
this.modulus = asn1.result.modulus.convertFromDER(256);
this.publicExponent = asn1.result.publicExponent;
this.privateExponent = asn1.result.privateExponent.convertFromDER(256);
this.prime1 = asn1.result.prime1.convertFromDER(128);
this.prime2 = asn1.result.prime2.convertFromDER(128);
this.exponent1 = asn1.result.exponent1.convertFromDER(128);
this.exponent2 = asn1.result.exponent2.convertFromDER(128);
this.coefficient = asn1.result.coefficient.convertFromDER(128);
if (OTHER_PRIME_INFOS in asn1.result)
this.otherPrimeInfos = Array.from(asn1.result.otherPrimeInfos, element => new OtherPrimeInfo({ schema: element }));
}
toSchema() {
const outputArray = [];
outputArray.push(new Integer({ value: this.version }));
outputArray.push(this.modulus.convertToDER());
outputArray.push(this.publicExponent);
outputArray.push(this.privateExponent.convertToDER());
outputArray.push(this.prime1.convertToDER());
outputArray.push(this.prime2.convertToDER());
outputArray.push(this.exponent1.convertToDER());
outputArray.push(this.exponent2.convertToDER());
outputArray.push(this.coefficient.convertToDER());
if (this.otherPrimeInfos) {
outputArray.push(new Sequence({
value: Array.from(this.otherPrimeInfos, o => o.toSchema())
}));
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const jwk = {
n: Convert.ToBase64Url(this.modulus.valueBlock.valueHexView),
e: Convert.ToBase64Url(this.publicExponent.valueBlock.valueHexView),
d: Convert.ToBase64Url(this.privateExponent.valueBlock.valueHexView),
p: Convert.ToBase64Url(this.prime1.valueBlock.valueHexView),
q: Convert.ToBase64Url(this.prime2.valueBlock.valueHexView),
dp: Convert.ToBase64Url(this.exponent1.valueBlock.valueHexView),
dq: Convert.ToBase64Url(this.exponent2.valueBlock.valueHexView),
qi: Convert.ToBase64Url(this.coefficient.valueBlock.valueHexView),
};
if (this.otherPrimeInfos) {
jwk.oth = Array.from(this.otherPrimeInfos, o => o.toJSON());
}
return jwk;
}
fromJSON(json) {
ParameterError.assert("json", json, "n", "e", "d", "p", "q", "dp", "dq", "qi");
this.modulus = new Integer({ valueHex: Convert.FromBase64Url(json.n) });
this.publicExponent = new Integer({ valueHex: Convert.FromBase64Url(json.e) });
this.privateExponent = new Integer({ valueHex: Convert.FromBase64Url(json.d) });
this.prime1 = new Integer({ valueHex: Convert.FromBase64Url(json.p) });
this.prime2 = new Integer({ valueHex: Convert.FromBase64Url(json.q) });
this.exponent1 = new Integer({ valueHex: Convert.FromBase64Url(json.dp) });
this.exponent2 = new Integer({ valueHex: Convert.FromBase64Url(json.dq) });
this.coefficient = new Integer({ valueHex: Convert.FromBase64Url(json.qi) });
if (json.oth) {
this.otherPrimeInfos = Array.from(json.oth, (element) => new OtherPrimeInfo({ json: element }));
}
}
}
RSAPrivateKey.CLASS_NAME = "RSAPrivateKey";
const VERSION$j = "version";
const PRIVATE_KEY_ALGORITHM = "privateKeyAlgorithm";
const PRIVATE_KEY = "privateKey";
const ATTRIBUTES$5 = "attributes";
const PARSED_KEY = "parsedKey";
const CLEAR_PROPS$16 = [
VERSION$j,
PRIVATE_KEY_ALGORITHM,
PRIVATE_KEY,
ATTRIBUTES$5
];
class PrivateKeyInfo extends PkiObject {
constructor(parameters = {}) {
super();
this.version = getParametersValue(parameters, VERSION$j, PrivateKeyInfo.defaultValues(VERSION$j));
this.privateKeyAlgorithm = getParametersValue(parameters, PRIVATE_KEY_ALGORITHM, PrivateKeyInfo.defaultValues(PRIVATE_KEY_ALGORITHM));
this.privateKey = getParametersValue(parameters, PRIVATE_KEY, PrivateKeyInfo.defaultValues(PRIVATE_KEY));
if (ATTRIBUTES$5 in parameters) {
this.attributes = getParametersValue(parameters, ATTRIBUTES$5, PrivateKeyInfo.defaultValues(ATTRIBUTES$5));
}
if (PARSED_KEY in parameters) {
this.parsedKey = getParametersValue(parameters, PARSED_KEY, PrivateKeyInfo.defaultValues(PARSED_KEY));
}
if (parameters.json) {
this.fromJSON(parameters.json);
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case VERSION$j:
return 0;
case PRIVATE_KEY_ALGORITHM:
return new AlgorithmIdentifier();
case PRIVATE_KEY:
return new OctetString();
case ATTRIBUTES$5:
return [];
case PARSED_KEY:
return {};
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Integer({ name: (names.version || EMPTY_STRING) }),
AlgorithmIdentifier.schema(names.privateKeyAlgorithm || {}),
new OctetString({ name: (names.privateKey || EMPTY_STRING) }),
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [
new Repeated({
name: (names.attributes || EMPTY_STRING),
value: Attribute.schema()
})
]
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$16);
const asn1 = compareSchema(schema, schema, PrivateKeyInfo.schema({
names: {
version: VERSION$j,
privateKeyAlgorithm: {
names: {
blockName: PRIVATE_KEY_ALGORITHM
}
},
privateKey: PRIVATE_KEY,
attributes: ATTRIBUTES$5
}
}));
AsnError.assertSchema(asn1, this.className);
this.version = asn1.result.version.valueBlock.valueDec;
this.privateKeyAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.privateKeyAlgorithm });
this.privateKey = asn1.result.privateKey;
if (ATTRIBUTES$5 in asn1.result)
this.attributes = Array.from(asn1.result.attributes, element => new Attribute({ schema: element }));
switch (this.privateKeyAlgorithm.algorithmId) {
case "1.2.840.113549.1.1.1":
{
const privateKeyASN1 = fromBER(this.privateKey.valueBlock.valueHexView);
if (privateKeyASN1.offset !== -1)
this.parsedKey = new RSAPrivateKey({ schema: privateKeyASN1.result });
}
break;
case "1.2.840.10045.2.1":
if ("algorithmParams" in this.privateKeyAlgorithm) {
if (this.privateKeyAlgorithm.algorithmParams instanceof ObjectIdentifier) {
const privateKeyASN1 = fromBER(this.privateKey.valueBlock.valueHexView);
if (privateKeyASN1.offset !== -1) {
this.parsedKey = new ECPrivateKey({
namedCurve: this.privateKeyAlgorithm.algorithmParams.valueBlock.toString(),
schema: privateKeyASN1.result
});
}
}
}
break;
}
}
toSchema() {
const outputArray = [
new Integer({ value: this.version }),
this.privateKeyAlgorithm.toSchema(),
this.privateKey
];
if (this.attributes) {
outputArray.push(new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: Array.from(this.attributes, o => o.toSchema())
}));
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
if (!this.parsedKey) {
const object = {
version: this.version,
privateKeyAlgorithm: this.privateKeyAlgorithm.toJSON(),
privateKey: this.privateKey.toJSON(),
};
if (this.attributes) {
object.attributes = Array.from(this.attributes, o => o.toJSON());
}
return object;
}
const jwk = {};
switch (this.privateKeyAlgorithm.algorithmId) {
case "1.2.840.10045.2.1":
jwk.kty = "EC";
break;
case "1.2.840.113549.1.1.1":
jwk.kty = "RSA";
break;
}
const publicKeyJWK = this.parsedKey.toJSON();
Object.assign(jwk, publicKeyJWK);
return jwk;
}
fromJSON(json) {
if ("kty" in json) {
switch (json.kty.toUpperCase()) {
case "EC":
this.parsedKey = new ECPrivateKey({ json });
this.privateKeyAlgorithm = new AlgorithmIdentifier({
algorithmId: "1.2.840.10045.2.1",
algorithmParams: new ObjectIdentifier({ value: this.parsedKey.namedCurve })
});
break;
case "RSA":
this.parsedKey = new RSAPrivateKey({ json });
this.privateKeyAlgorithm = new AlgorithmIdentifier({
algorithmId: "1.2.840.113549.1.1.1",
algorithmParams: new Null()
});
break;
default:
throw new Error(`Invalid value for "kty" parameter: ${json.kty}`);
}
this.privateKey = new OctetString({ valueHex: this.parsedKey.toSchema().toBER(false) });
}
}
}
PrivateKeyInfo.CLASS_NAME = "PrivateKeyInfo";
const CONTENT_TYPE$1 = "contentType";
const CONTENT_ENCRYPTION_ALGORITHM = "contentEncryptionAlgorithm";
const ENCRYPTED_CONTENT = "encryptedContent";
const CLEAR_PROPS$15 = [
CONTENT_TYPE$1,
CONTENT_ENCRYPTION_ALGORITHM,
ENCRYPTED_CONTENT,
];
const PIECE_SIZE = 1024;
class EncryptedContentInfo extends PkiObject {
constructor(parameters = {}) {
super();
this.contentType = getParametersValue(parameters, CONTENT_TYPE$1, EncryptedContentInfo.defaultValues(CONTENT_TYPE$1));
this.contentEncryptionAlgorithm = getParametersValue(parameters, CONTENT_ENCRYPTION_ALGORITHM, EncryptedContentInfo.defaultValues(CONTENT_ENCRYPTION_ALGORITHM));
if (ENCRYPTED_CONTENT in parameters && parameters.encryptedContent) {
this.encryptedContent = parameters.encryptedContent;
if ((this.encryptedContent.idBlock.tagClass === 1) &&
(this.encryptedContent.idBlock.tagNumber === 4)) {
if (this.encryptedContent.idBlock.isConstructed === false && !parameters.disableSplit) {
const constrString = new OctetString({
idBlock: { isConstructed: true },
isConstructed: true
});
let offset = 0;
const valueHex = this.encryptedContent.valueBlock.valueHexView.slice().buffer;
let length = valueHex.byteLength;
while (length > 0) {
const pieceView = new Uint8Array(valueHex, offset, ((offset + PIECE_SIZE) > valueHex.byteLength) ? (valueHex.byteLength - offset) : PIECE_SIZE);
const _array = new ArrayBuffer(pieceView.length);
const _view = new Uint8Array(_array);
for (let i = 0; i < _view.length; i++)
_view[i] = pieceView[i];
constrString.valueBlock.value.push(new OctetString({ valueHex: _array }));
length -= pieceView.length;
offset += pieceView.length;
}
this.encryptedContent = constrString;
}
}
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case CONTENT_TYPE$1:
return EMPTY_STRING;
case CONTENT_ENCRYPTION_ALGORITHM:
return new AlgorithmIdentifier();
case ENCRYPTED_CONTENT:
return new OctetString();
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case CONTENT_TYPE$1:
return (memberValue === EMPTY_STRING);
case CONTENT_ENCRYPTION_ALGORITHM:
return ((memberValue.algorithmId === EMPTY_STRING) && (("algorithmParams" in memberValue) === false));
case ENCRYPTED_CONTENT:
return (memberValue.isEqual(EncryptedContentInfo.defaultValues(ENCRYPTED_CONTENT)));
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new ObjectIdentifier({ name: (names.contentType || EMPTY_STRING) }),
AlgorithmIdentifier.schema(names.contentEncryptionAlgorithm || {}),
new Choice({
value: [
new Constructed({
name: (names.encryptedContent || EMPTY_STRING),
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [
new Repeated({
value: new OctetString()
})
]
}),
new Primitive({
name: (names.encryptedContent || EMPTY_STRING),
idBlock: {
tagClass: 3,
tagNumber: 0
}
})
]
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$15);
const asn1 = compareSchema(schema, schema, EncryptedContentInfo.schema({
names: {
contentType: CONTENT_TYPE$1,
contentEncryptionAlgorithm: {
names: {
blockName: CONTENT_ENCRYPTION_ALGORITHM
}
},
encryptedContent: ENCRYPTED_CONTENT
}
}));
AsnError.assertSchema(asn1, this.className);
this.contentType = asn1.result.contentType.valueBlock.toString();
this.contentEncryptionAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.contentEncryptionAlgorithm });
if (ENCRYPTED_CONTENT in asn1.result) {
this.encryptedContent = asn1.result.encryptedContent;
this.encryptedContent.idBlock.tagClass = 1;
this.encryptedContent.idBlock.tagNumber = 4;
}
}
toSchema() {
const sequenceLengthBlock = {
isIndefiniteForm: false
};
const outputArray = [];
outputArray.push(new ObjectIdentifier({ value: this.contentType }));
outputArray.push(this.contentEncryptionAlgorithm.toSchema());
if (this.encryptedContent) {
sequenceLengthBlock.isIndefiniteForm = this.encryptedContent.idBlock.isConstructed;
const encryptedValue = this.encryptedContent;
encryptedValue.idBlock.tagClass = 3;
encryptedValue.idBlock.tagNumber = 0;
encryptedValue.lenBlock.isIndefiniteForm = this.encryptedContent.idBlock.isConstructed;
outputArray.push(encryptedValue);
}
return (new Sequence({
lenBlock: sequenceLengthBlock,
value: outputArray
}));
}
toJSON() {
const res = {
contentType: this.contentType,
contentEncryptionAlgorithm: this.contentEncryptionAlgorithm.toJSON()
};
if (this.encryptedContent) {
res.encryptedContent = this.encryptedContent.toJSON();
}
return res;
}
getEncryptedContent() {
if (!this.encryptedContent) {
throw new Error("Parameter 'encryptedContent' is undefined");
}
return OctetString.prototype.getValue.call(this.encryptedContent);
}
}
EncryptedContentInfo.CLASS_NAME = "EncryptedContentInfo";
const HASH_ALGORITHM$4 = "hashAlgorithm";
const MASK_GEN_ALGORITHM$1 = "maskGenAlgorithm";
const SALT_LENGTH = "saltLength";
const TRAILER_FIELD = "trailerField";
const CLEAR_PROPS$14 = [
HASH_ALGORITHM$4,
MASK_GEN_ALGORITHM$1,
SALT_LENGTH,
TRAILER_FIELD
];
class RSASSAPSSParams extends PkiObject {
constructor(parameters = {}) {
super();
this.hashAlgorithm = getParametersValue(parameters, HASH_ALGORITHM$4, RSASSAPSSParams.defaultValues(HASH_ALGORITHM$4));
this.maskGenAlgorithm = getParametersValue(parameters, MASK_GEN_ALGORITHM$1, RSASSAPSSParams.defaultValues(MASK_GEN_ALGORITHM$1));
this.saltLength = getParametersValue(parameters, SALT_LENGTH, RSASSAPSSParams.defaultValues(SALT_LENGTH));
this.trailerField = getParametersValue(parameters, TRAILER_FIELD, RSASSAPSSParams.defaultValues(TRAILER_FIELD));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case HASH_ALGORITHM$4:
return new AlgorithmIdentifier({
algorithmId: "1.3.14.3.2.26",
algorithmParams: new Null()
});
case MASK_GEN_ALGORITHM$1:
return new AlgorithmIdentifier({
algorithmId: "1.2.840.113549.1.1.8",
algorithmParams: (new AlgorithmIdentifier({
algorithmId: "1.3.14.3.2.26",
algorithmParams: new Null()
})).toSchema()
});
case SALT_LENGTH:
return 20;
case TRAILER_FIELD:
return 1;
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
optional: true,
value: [AlgorithmIdentifier.schema(names.hashAlgorithm || {})]
}),
new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 1
},
optional: true,
value: [AlgorithmIdentifier.schema(names.maskGenAlgorithm || {})]
}),
new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 2
},
optional: true,
value: [new Integer({ name: (names.saltLength || EMPTY_STRING) })]
}),
new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 3
},
optional: true,
value: [new Integer({ name: (names.trailerField || EMPTY_STRING) })]
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$14);
const asn1 = compareSchema(schema, schema, RSASSAPSSParams.schema({
names: {
hashAlgorithm: {
names: {
blockName: HASH_ALGORITHM$4
}
},
maskGenAlgorithm: {
names: {
blockName: MASK_GEN_ALGORITHM$1
}
},
saltLength: SALT_LENGTH,
trailerField: TRAILER_FIELD
}
}));
AsnError.assertSchema(asn1, this.className);
if (HASH_ALGORITHM$4 in asn1.result)
this.hashAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.hashAlgorithm });
if (MASK_GEN_ALGORITHM$1 in asn1.result)
this.maskGenAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.maskGenAlgorithm });
if (SALT_LENGTH in asn1.result)
this.saltLength = asn1.result.saltLength.valueBlock.valueDec;
if (TRAILER_FIELD in asn1.result)
this.trailerField = asn1.result.trailerField.valueBlock.valueDec;
}
toSchema() {
const outputArray = [];
if (!this.hashAlgorithm.isEqual(RSASSAPSSParams.defaultValues(HASH_ALGORITHM$4))) {
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [this.hashAlgorithm.toSchema()]
}));
}
if (!this.maskGenAlgorithm.isEqual(RSASSAPSSParams.defaultValues(MASK_GEN_ALGORITHM$1))) {
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: [this.maskGenAlgorithm.toSchema()]
}));
}
if (this.saltLength !== RSASSAPSSParams.defaultValues(SALT_LENGTH)) {
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 2
},
value: [new Integer({ value: this.saltLength })]
}));
}
if (this.trailerField !== RSASSAPSSParams.defaultValues(TRAILER_FIELD)) {
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 3
},
value: [new Integer({ value: this.trailerField })]
}));
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const res = {};
if (!this.hashAlgorithm.isEqual(RSASSAPSSParams.defaultValues(HASH_ALGORITHM$4))) {
res.hashAlgorithm = this.hashAlgorithm.toJSON();
}
if (!this.maskGenAlgorithm.isEqual(RSASSAPSSParams.defaultValues(MASK_GEN_ALGORITHM$1))) {
res.maskGenAlgorithm = this.maskGenAlgorithm.toJSON();
}
if (this.saltLength !== RSASSAPSSParams.defaultValues(SALT_LENGTH)) {
res.saltLength = this.saltLength;
}
if (this.trailerField !== RSASSAPSSParams.defaultValues(TRAILER_FIELD)) {
res.trailerField = this.trailerField;
}
return res;
}
}
RSASSAPSSParams.CLASS_NAME = "RSASSAPSSParams";
const SALT = "salt";
const ITERATION_COUNT = "iterationCount";
const KEY_LENGTH = "keyLength";
const PRF = "prf";
const CLEAR_PROPS$13 = [
SALT,
ITERATION_COUNT,
KEY_LENGTH,
PRF
];
class PBKDF2Params extends PkiObject {
constructor(parameters = {}) {
super();
this.salt = getParametersValue(parameters, SALT, PBKDF2Params.defaultValues(SALT));
this.iterationCount = getParametersValue(parameters, ITERATION_COUNT, PBKDF2Params.defaultValues(ITERATION_COUNT));
if (KEY_LENGTH in parameters) {
this.keyLength = getParametersValue(parameters, KEY_LENGTH, PBKDF2Params.defaultValues(KEY_LENGTH));
}
if (PRF in parameters) {
this.prf = getParametersValue(parameters, PRF, PBKDF2Params.defaultValues(PRF));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case SALT:
return {};
case ITERATION_COUNT:
return (-1);
case KEY_LENGTH:
return 0;
case PRF:
return new AlgorithmIdentifier({
algorithmId: "1.3.14.3.2.26",
algorithmParams: new Null()
});
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Choice({
value: [
new OctetString({ name: (names.saltPrimitive || EMPTY_STRING) }),
AlgorithmIdentifier.schema(names.saltConstructed || {})
]
}),
new Integer({ name: (names.iterationCount || EMPTY_STRING) }),
new Integer({
name: (names.keyLength || EMPTY_STRING),
optional: true
}),
AlgorithmIdentifier.schema(names.prf || {
names: {
optional: true
}
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$13);
const asn1 = compareSchema(schema, schema, PBKDF2Params.schema({
names: {
saltPrimitive: SALT,
saltConstructed: {
names: {
blockName: SALT
}
},
iterationCount: ITERATION_COUNT,
keyLength: KEY_LENGTH,
prf: {
names: {
blockName: PRF,
optional: true
}
}
}
}));
AsnError.assertSchema(asn1, this.className);
this.salt = asn1.result.salt;
this.iterationCount = asn1.result.iterationCount.valueBlock.valueDec;
if (KEY_LENGTH in asn1.result)
this.keyLength = asn1.result.keyLength.valueBlock.valueDec;
if (PRF in asn1.result)
this.prf = new AlgorithmIdentifier({ schema: asn1.result.prf });
}
toSchema() {
const outputArray = [];
outputArray.push(this.salt);
outputArray.push(new Integer({ value: this.iterationCount }));
if (KEY_LENGTH in this) {
if (PBKDF2Params.defaultValues(KEY_LENGTH) !== this.keyLength)
outputArray.push(new Integer({ value: this.keyLength }));
}
if (this.prf) {
if (PBKDF2Params.defaultValues(PRF).isEqual(this.prf) === false)
outputArray.push(this.prf.toSchema());
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const res = {
salt: this.salt.toJSON(),
iterationCount: this.iterationCount
};
if (KEY_LENGTH in this) {
if (PBKDF2Params.defaultValues(KEY_LENGTH) !== this.keyLength)
res.keyLength = this.keyLength;
}
if (this.prf) {
if (PBKDF2Params.defaultValues(PRF).isEqual(this.prf) === false)
res.prf = this.prf.toJSON();
}
return res;
}
}
PBKDF2Params.CLASS_NAME = "PBKDF2Params";
const KEY_DERIVATION_FUNC = "keyDerivationFunc";
const ENCRYPTION_SCHEME = "encryptionScheme";
const CLEAR_PROPS$12 = [
KEY_DERIVATION_FUNC,
ENCRYPTION_SCHEME
];
class PBES2Params extends PkiObject {
constructor(parameters = {}) {
super();
this.keyDerivationFunc = getParametersValue(parameters, KEY_DERIVATION_FUNC, PBES2Params.defaultValues(KEY_DERIVATION_FUNC));
this.encryptionScheme = getParametersValue(parameters, ENCRYPTION_SCHEME, PBES2Params.defaultValues(ENCRYPTION_SCHEME));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case KEY_DERIVATION_FUNC:
return new AlgorithmIdentifier();
case ENCRYPTION_SCHEME:
return new AlgorithmIdentifier();
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
AlgorithmIdentifier.schema(names.keyDerivationFunc || {}),
AlgorithmIdentifier.schema(names.encryptionScheme || {})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$12);
const asn1 = compareSchema(schema, schema, PBES2Params.schema({
names: {
keyDerivationFunc: {
names: {
blockName: KEY_DERIVATION_FUNC
}
},
encryptionScheme: {
names: {
blockName: ENCRYPTION_SCHEME
}
}
}
}));
AsnError.assertSchema(asn1, this.className);
this.keyDerivationFunc = new AlgorithmIdentifier({ schema: asn1.result.keyDerivationFunc });
this.encryptionScheme = new AlgorithmIdentifier({ schema: asn1.result.encryptionScheme });
}
toSchema() {
return (new Sequence({
value: [
this.keyDerivationFunc.toSchema(),
this.encryptionScheme.toSchema()
]
}));
}
toJSON() {
return {
keyDerivationFunc: this.keyDerivationFunc.toJSON(),
encryptionScheme: this.encryptionScheme.toJSON()
};
}
}
PBES2Params.CLASS_NAME = "PBES2Params";
class AbstractCryptoEngine {
constructor(parameters) {
this.crypto = parameters.crypto;
this.subtle = "webkitSubtle" in parameters.crypto
? parameters.crypto.webkitSubtle
: parameters.crypto.subtle;
this.name = getParametersValue(parameters, "name", EMPTY_STRING);
}
async encrypt(...args) {
return this.subtle.encrypt(...args);
}
async decrypt(...args) {
return this.subtle.decrypt(...args);
}
sign(...args) {
return this.subtle.sign(...args);
}
async verify(...args) {
return this.subtle.verify(...args);
}
async digest(...args) {
return this.subtle.digest(...args);
}
async generateKey(...args) {
return this.subtle.generateKey(...args);
}
async deriveKey(...args) {
return this.subtle.deriveKey(...args);
}
async deriveBits(...args) {
return this.subtle.deriveBits(...args);
}
async wrapKey(...args) {
return this.subtle.wrapKey(...args);
}
async unwrapKey(...args) {
return this.subtle.unwrapKey(...args);
}
exportKey(...args) {
return this.subtle.exportKey(...args);
}
importKey(...args) {
return this.subtle.importKey(...args);
}
getRandomValues(array) {
if (array === null) {
throw new Error("Argument \"array\" must not be null");
}
return this.crypto.getRandomValues(array);
}
}
async function makePKCS12B2Key(hashAlgorithm, keyLength, password, salt, iterationCount) {
let u;
let v;
let md;
switch (hashAlgorithm.toUpperCase()) {
case "SHA-1":
u = 20;
v = 64;
md = sha1;
break;
case "SHA-256":
u = 32;
v = 64;
md = sha256;
break;
case "SHA-384":
u = 48;
v = 128;
md = sha384;
break;
case "SHA-512":
u = 64;
v = 128;
md = sha512;
break;
default:
throw new Error("Unsupported hashing algorithm");
}
const originalPassword = new Uint8Array(password);
let decodedPassword = new TextDecoder().decode(password);
const encodedPassword = new TextEncoder().encode(decodedPassword);
if (encodedPassword.some((byte, i) => byte !== originalPassword[i])) {
decodedPassword = String.fromCharCode(...originalPassword);
}
const passwordTransformed = new Uint8Array(decodedPassword.length * 2 + 2);
const passwordView = new DataView(passwordTransformed.buffer);
for (let i = 0; i < decodedPassword.length; i++) {
passwordView.setUint16(i * 2, decodedPassword.charCodeAt(i), false);
}
passwordView.setUint16(decodedPassword.length * 2, 0, false);
const D = new Uint8Array(v).fill(3);
const saltView = new Uint8Array(salt);
const S = new Uint8Array(v * Math.ceil(saltView.length / v)).map((_, i) => saltView[i % saltView.length]);
const P = new Uint8Array(v * Math.ceil(passwordTransformed.length / v)).map((_, i) => passwordTransformed[i % passwordTransformed.length]);
let I = new Uint8Array(S.length + P.length);
I.set(S);
I.set(P, S.length);
const c = Math.ceil((keyLength >> 3) / u);
const result = [];
for (let i = 0; i < c; i++) {
let A = new Uint8Array(D.length + I.length);
A.set(D);
A.set(I, D.length);
for (let j = 0; j < iterationCount; j++) {
A = md(A);
}
const B = new Uint8Array(v).map((_, i) => A[i % A.length]);
const k = Math.ceil(saltView.length / v) + Math.ceil(passwordTransformed.length / v);
const iRound = [];
for (let j = 0; j < k; j++) {
const chunk = Array.from(I.slice(j * v, (j + 1) * v));
let x = 0x1ff;
for (let l = B.length - 1; l >= 0; l--) {
x >>= 8;
x += B[l] + (chunk[l] || 0);
chunk[l] = x & 0xff;
}
iRound.push(...chunk);
}
I = new Uint8Array(iRound);
result.push(...A);
}
return new Uint8Array(result.slice(0, keyLength >> 3)).buffer;
}
function prepareAlgorithm(data) {
const res = typeof data === "string"
? { name: data }
: data;
if ("hash" in res) {
return {
...res,
hash: prepareAlgorithm(res.hash)
};
}
return res;
}
class CryptoEngine extends AbstractCryptoEngine {
async importKey(format, keyData, algorithm, extractable, keyUsages) {
var _a, _b, _c, _d, _e, _f;
let jwk = {};
const alg = prepareAlgorithm(algorithm);
switch (format.toLowerCase()) {
case "raw":
return this.subtle.importKey("raw", keyData, algorithm, extractable, keyUsages);
case "spki":
{
const asn1 = fromBER(BufferSourceConverter.toArrayBuffer(keyData));
AsnError.assert(asn1, "keyData");
const publicKeyInfo = new PublicKeyInfo();
try {
publicKeyInfo.fromSchema(asn1.result);
}
catch {
throw new ArgumentError("Incorrect keyData");
}
switch (alg.name.toUpperCase()) {
case "RSA-PSS":
{
if (!alg.hash) {
throw new ParameterError("hash", "algorithm.hash", "Incorrect hash algorithm: Hash algorithm is missed");
}
switch (alg.hash.name.toUpperCase()) {
case "SHA-1":
jwk.alg = "PS1";
break;
case "SHA-256":
jwk.alg = "PS256";
break;
case "SHA-384":
jwk.alg = "PS384";
break;
case "SHA-512":
jwk.alg = "PS512";
break;
default:
throw new Error(`Incorrect hash algorithm: ${alg.hash.name.toUpperCase()}`);
}
}
case "RSASSA-PKCS1-V1_5":
{
keyUsages = ["verify"];
jwk.kty = "RSA";
jwk.ext = extractable;
jwk.key_ops = keyUsages;
if (publicKeyInfo.algorithm.algorithmId !== "1.2.840.113549.1.1.1")
throw new Error(`Incorrect public key algorithm: ${publicKeyInfo.algorithm.algorithmId}`);
if (!jwk.alg) {
if (!alg.hash) {
throw new ParameterError("hash", "algorithm.hash", "Incorrect hash algorithm: Hash algorithm is missed");
}
switch (alg.hash.name.toUpperCase()) {
case "SHA-1":
jwk.alg = "RS1";
break;
case "SHA-256":
jwk.alg = "RS256";
break;
case "SHA-384":
jwk.alg = "RS384";
break;
case "SHA-512":
jwk.alg = "RS512";
break;
default:
throw new Error(`Incorrect hash algorithm: ${alg.hash.name.toUpperCase()}`);
}
}
const publicKeyJSON = publicKeyInfo.toJSON();
Object.assign(jwk, publicKeyJSON);
}
break;
case "ECDSA":
keyUsages = ["verify"];
case "ECDH":
{
jwk = {
kty: "EC",
ext: extractable,
key_ops: keyUsages
};
if (publicKeyInfo.algorithm.algorithmId !== "1.2.840.10045.2.1") {
throw new Error(`Incorrect public key algorithm: ${publicKeyInfo.algorithm.algorithmId}`);
}
const publicKeyJSON = publicKeyInfo.toJSON();
Object.assign(jwk, publicKeyJSON);
}
break;
case "RSA-OAEP":
{
jwk.kty = "RSA";
jwk.ext = extractable;
jwk.key_ops = keyUsages;
if (this.name.toLowerCase() === "safari")
jwk.alg = "RSA-OAEP";
else {
if (!alg.hash) {
throw new ParameterError("hash", "algorithm.hash", "Incorrect hash algorithm: Hash algorithm is missed");
}
switch (alg.hash.name.toUpperCase()) {
case "SHA-1":
jwk.alg = "RSA-OAEP";
break;
case "SHA-256":
jwk.alg = "RSA-OAEP-256";
break;
case "SHA-384":
jwk.alg = "RSA-OAEP-384";
break;
case "SHA-512":
jwk.alg = "RSA-OAEP-512";
break;
default:
throw new Error(`Incorrect hash algorithm: ${alg.hash.name.toUpperCase()}`);
}
}
const publicKeyJSON = publicKeyInfo.toJSON();
Object.assign(jwk, publicKeyJSON);
}
break;
case "RSAES-PKCS1-V1_5":
{
jwk.kty = "RSA";
jwk.ext = extractable;
jwk.key_ops = keyUsages;
jwk.alg = "PS1";
const publicKeyJSON = publicKeyInfo.toJSON();
Object.assign(jwk, publicKeyJSON);
}
break;
default:
throw new Error(`Incorrect algorithm name: ${alg.name.toUpperCase()}`);
}
}
break;
case "pkcs8":
{
const privateKeyInfo = new PrivateKeyInfo();
const asn1 = fromBER(BufferSourceConverter.toArrayBuffer(keyData));
AsnError.assert(asn1, "keyData");
try {
privateKeyInfo.fromSchema(asn1.result);
}
catch {
throw new Error("Incorrect keyData");
}
if (!privateKeyInfo.parsedKey)
throw new Error("Incorrect keyData");
switch (alg.name.toUpperCase()) {
case "RSA-PSS":
{
switch ((_a = alg.hash) === null || _a === void 0 ? void 0 : _a.name.toUpperCase()) {
case "SHA-1":
jwk.alg = "PS1";
break;
case "SHA-256":
jwk.alg = "PS256";
break;
case "SHA-384":
jwk.alg = "PS384";
break;
case "SHA-512":
jwk.alg = "PS512";
break;
default:
throw new Error(`Incorrect hash algorithm: ${(_b = alg.hash) === null || _b === void 0 ? void 0 : _b.name.toUpperCase()}`);
}
}
case "RSASSA-PKCS1-V1_5":
{
keyUsages = ["sign"];
jwk.kty = "RSA";
jwk.ext = extractable;
jwk.key_ops = keyUsages;
if (privateKeyInfo.privateKeyAlgorithm.algorithmId !== "1.2.840.113549.1.1.1")
throw new Error(`Incorrect private key algorithm: ${privateKeyInfo.privateKeyAlgorithm.algorithmId}`);
if (("alg" in jwk) === false) {
switch ((_c = alg.hash) === null || _c === void 0 ? void 0 : _c.name.toUpperCase()) {
case "SHA-1":
jwk.alg = "RS1";
break;
case "SHA-256":
jwk.alg = "RS256";
break;
case "SHA-384":
jwk.alg = "RS384";
break;
case "SHA-512":
jwk.alg = "RS512";
break;
default:
throw new Error(`Incorrect hash algorithm: ${(_d = alg.hash) === null || _d === void 0 ? void 0 : _d.name.toUpperCase()}`);
}
}
const privateKeyJSON = privateKeyInfo.toJSON();
Object.assign(jwk, privateKeyJSON);
}
break;
case "ECDSA":
keyUsages = ["sign"];
case "ECDH":
{
jwk = {
kty: "EC",
ext: extractable,
key_ops: keyUsages
};
if (privateKeyInfo.privateKeyAlgorithm.algorithmId !== "1.2.840.10045.2.1")
throw new Error(`Incorrect algorithm: ${privateKeyInfo.privateKeyAlgorithm.algorithmId}`);
const privateKeyJSON = privateKeyInfo.toJSON();
Object.assign(jwk, privateKeyJSON);
}
break;
case "RSA-OAEP":
{
jwk.kty = "RSA";
jwk.ext = extractable;
jwk.key_ops = keyUsages;
if (this.name.toLowerCase() === "safari")
jwk.alg = "RSA-OAEP";
else {
switch ((_e = alg.hash) === null || _e === void 0 ? void 0 : _e.name.toUpperCase()) {
case "SHA-1":
jwk.alg = "RSA-OAEP";
break;
case "SHA-256":
jwk.alg = "RSA-OAEP-256";
break;
case "SHA-384":
jwk.alg = "RSA-OAEP-384";
break;
case "SHA-512":
jwk.alg = "RSA-OAEP-512";
break;
default:
throw new Error(`Incorrect hash algorithm: ${(_f = alg.hash) === null || _f === void 0 ? void 0 : _f.name.toUpperCase()}`);
}
}
const privateKeyJSON = privateKeyInfo.toJSON();
Object.assign(jwk, privateKeyJSON);
}
break;
case "RSAES-PKCS1-V1_5":
{
keyUsages = ["decrypt"];
jwk.kty = "RSA";
jwk.ext = extractable;
jwk.key_ops = keyUsages;
jwk.alg = "PS1";
const privateKeyJSON = privateKeyInfo.toJSON();
Object.assign(jwk, privateKeyJSON);
}
break;
default:
throw new Error(`Incorrect algorithm name: ${alg.name.toUpperCase()}`);
}
}
break;
case "jwk":
jwk = keyData;
break;
default:
throw new Error(`Incorrect format: ${format}`);
}
if (this.name.toLowerCase() === "safari") {
try {
return this.subtle.importKey("jwk", stringToArrayBuffer(JSON.stringify(jwk)), algorithm, extractable, keyUsages);
}
catch {
return this.subtle.importKey("jwk", jwk, algorithm, extractable, keyUsages);
}
}
return this.subtle.importKey("jwk", jwk, algorithm, extractable, keyUsages);
}
async exportKey(format, key) {
let jwk = await this.subtle.exportKey("jwk", key);
if (this.name.toLowerCase() === "safari") {
if (jwk instanceof ArrayBuffer) {
jwk = JSON.parse(arrayBufferToString(jwk));
}
}
switch (format.toLowerCase()) {
case "raw":
return this.subtle.exportKey("raw", key);
case "spki": {
const publicKeyInfo = new PublicKeyInfo();
try {
publicKeyInfo.fromJSON(jwk);
}
catch {
throw new Error("Incorrect key data");
}
return publicKeyInfo.toSchema().toBER(false);
}
case "pkcs8": {
const privateKeyInfo = new PrivateKeyInfo();
try {
privateKeyInfo.fromJSON(jwk);
}
catch {
throw new Error("Incorrect key data");
}
return privateKeyInfo.toSchema().toBER(false);
}
case "jwk":
return jwk;
default:
throw new Error(`Incorrect format: ${format}`);
}
}
async convert(inputFormat, outputFormat, keyData, algorithm, extractable, keyUsages) {
if (inputFormat.toLowerCase() === outputFormat.toLowerCase()) {
return keyData;
}
const key = await this.importKey(inputFormat, keyData, algorithm, extractable, keyUsages);
return this.exportKey(outputFormat, key);
}
getAlgorithmByOID(oid, safety = false, target) {
switch (oid) {
case "1.2.840.113549.1.1.1":
return {
name: "RSAES-PKCS1-v1_5"
};
case "1.2.840.113549.1.1.5":
return {
name: "RSASSA-PKCS1-v1_5",
hash: {
name: "SHA-1"
}
};
case "1.2.840.113549.1.1.11":
return {
name: "RSASSA-PKCS1-v1_5",
hash: {
name: "SHA-256"
}
};
case "1.2.840.113549.1.1.12":
return {
name: "RSASSA-PKCS1-v1_5",
hash: {
name: "SHA-384"
}
};
case "1.2.840.113549.1.1.13":
return {
name: "RSASSA-PKCS1-v1_5",
hash: {
name: "SHA-512"
}
};
case "1.2.840.113549.1.1.10":
return {
name: "RSA-PSS"
};
case "1.2.840.113549.1.1.7":
return {
name: "RSA-OAEP"
};
case "1.2.840.10045.2.1":
case "1.2.840.10045.4.1":
return {
name: "ECDSA",
hash: {
name: "SHA-1"
}
};
case "1.2.840.10045.4.3.2":
return {
name: "ECDSA",
hash: {
name: "SHA-256"
}
};
case "1.2.840.10045.4.3.3":
return {
name: "ECDSA",
hash: {
name: "SHA-384"
}
};
case "1.2.840.10045.4.3.4":
return {
name: "ECDSA",
hash: {
name: "SHA-512"
}
};
case "1.3.133.16.840.63.0.2":
return {
name: "ECDH",
kdf: "SHA-1"
};
case "1.3.132.1.11.1":
return {
name: "ECDH",
kdf: "SHA-256"
};
case "1.3.132.1.11.2":
return {
name: "ECDH",
kdf: "SHA-384"
};
case "1.3.132.1.11.3":
return {
name: "ECDH",
kdf: "SHA-512"
};
case "2.16.840.1.101.3.4.1.2":
return {
name: "AES-CBC",
length: 128
};
case "2.16.840.1.101.3.4.1.22":
return {
name: "AES-CBC",
length: 192
};
case "2.16.840.1.101.3.4.1.42":
return {
name: "AES-CBC",
length: 256
};
case "2.16.840.1.101.3.4.1.6":
return {
name: "AES-GCM",
length: 128
};
case "2.16.840.1.101.3.4.1.26":
return {
name: "AES-GCM",
length: 192
};
case "2.16.840.1.101.3.4.1.46":
return {
name: "AES-GCM",
length: 256
};
case "2.16.840.1.101.3.4.1.4":
return {
name: "AES-CFB",
length: 128
};
case "2.16.840.1.101.3.4.1.24":
return {
name: "AES-CFB",
length: 192
};
case "2.16.840.1.101.3.4.1.44":
return {
name: "AES-CFB",
length: 256
};
case "2.16.840.1.101.3.4.1.5":
return {
name: "AES-KW",
length: 128
};
case "2.16.840.1.101.3.4.1.25":
return {
name: "AES-KW",
length: 192
};
case "2.16.840.1.101.3.4.1.45":
return {
name: "AES-KW",
length: 256
};
case "1.2.840.113549.2.7":
return {
name: "HMAC",
hash: {
name: "SHA-1"
}
};
case "1.2.840.113549.2.9":
return {
name: "HMAC",
hash: {
name: "SHA-256"
}
};
case "1.2.840.113549.2.10":
return {
name: "HMAC",
hash: {
name: "SHA-384"
}
};
case "1.2.840.113549.2.11":
return {
name: "HMAC",
hash: {
name: "SHA-512"
}
};
case "1.2.840.113549.1.9.16.3.5":
return {
name: "DH"
};
case "1.3.14.3.2.26":
return {
name: "SHA-1"
};
case "2.16.840.1.101.3.4.2.1":
return {
name: "SHA-256"
};
case "2.16.840.1.101.3.4.2.2":
return {
name: "SHA-384"
};
case "2.16.840.1.101.3.4.2.3":
return {
name: "SHA-512"
};
case "1.2.840.113549.1.5.12":
return {
name: "PBKDF2"
};
case "1.2.840.10045.3.1.7":
return {
name: "P-256"
};
case "1.3.132.0.34":
return {
name: "P-384"
};
case "1.3.132.0.35":
return {
name: "P-521"
};
}
if (safety) {
throw new Error(`Unsupported algorithm identifier ${target ? `for ${target} ` : EMPTY_STRING}: ${oid}`);
}
return {};
}
getOIDByAlgorithm(algorithm, safety = false, target) {
let result = EMPTY_STRING;
switch (algorithm.name.toUpperCase()) {
case "RSAES-PKCS1-V1_5":
result = "1.2.840.113549.1.1.1";
break;
case "RSASSA-PKCS1-V1_5":
switch (algorithm.hash.name.toUpperCase()) {
case "SHA-1":
result = "1.2.840.113549.1.1.5";
break;
case "SHA-256":
result = "1.2.840.113549.1.1.11";
break;
case "SHA-384":
result = "1.2.840.113549.1.1.12";
break;
case "SHA-512":
result = "1.2.840.113549.1.1.13";
break;
}
break;
case "RSA-PSS":
result = "1.2.840.113549.1.1.10";
break;
case "RSA-OAEP":
result = "1.2.840.113549.1.1.7";
break;
case "ECDSA":
switch (algorithm.hash.name.toUpperCase()) {
case "SHA-1":
result = "1.2.840.10045.4.1";
break;
case "SHA-256":
result = "1.2.840.10045.4.3.2";
break;
case "SHA-384":
result = "1.2.840.10045.4.3.3";
break;
case "SHA-512":
result = "1.2.840.10045.4.3.4";
break;
}
break;
case "ECDH":
switch (algorithm.kdf.toUpperCase()) {
case "SHA-1":
result = "1.3.133.16.840.63.0.2";
break;
case "SHA-256":
result = "1.3.132.1.11.1";
break;
case "SHA-384":
result = "1.3.132.1.11.2";
break;
case "SHA-512":
result = "1.3.132.1.11.3";
break;
}
break;
case "AES-CTR":
break;
case "AES-CBC":
switch (algorithm.length) {
case 128:
result = "2.16.840.1.101.3.4.1.2";
break;
case 192:
result = "2.16.840.1.101.3.4.1.22";
break;
case 256:
result = "2.16.840.1.101.3.4.1.42";
break;
}
break;
case "AES-CMAC":
break;
case "AES-GCM":
switch (algorithm.length) {
case 128:
result = "2.16.840.1.101.3.4.1.6";
break;
case 192:
result = "2.16.840.1.101.3.4.1.26";
break;
case 256:
result = "2.16.840.1.101.3.4.1.46";
break;
}
break;
case "AES-CFB":
switch (algorithm.length) {
case 128:
result = "2.16.840.1.101.3.4.1.4";
break;
case 192:
result = "2.16.840.1.101.3.4.1.24";
break;
case 256:
result = "2.16.840.1.101.3.4.1.44";
break;
}
break;
case "AES-KW":
switch (algorithm.length) {
case 128:
result = "2.16.840.1.101.3.4.1.5";
break;
case 192:
result = "2.16.840.1.101.3.4.1.25";
break;
case 256:
result = "2.16.840.1.101.3.4.1.45";
break;
}
break;
case "HMAC":
switch (algorithm.hash.name.toUpperCase()) {
case "SHA-1":
result = "1.2.840.113549.2.7";
break;
case "SHA-256":
result = "1.2.840.113549.2.9";
break;
case "SHA-384":
result = "1.2.840.113549.2.10";
break;
case "SHA-512":
result = "1.2.840.113549.2.11";
break;
}
break;
case "DH":
result = "1.2.840.113549.1.9.16.3.5";
break;
case "SHA-1":
result = "1.3.14.3.2.26";
break;
case "SHA-256":
result = "2.16.840.1.101.3.4.2.1";
break;
case "SHA-384":
result = "2.16.840.1.101.3.4.2.2";
break;
case "SHA-512":
result = "2.16.840.1.101.3.4.2.3";
break;
case "CONCAT":
break;
case "HKDF":
break;
case "PBKDF2":
result = "1.2.840.113549.1.5.12";
break;
case "P-256":
result = "1.2.840.10045.3.1.7";
break;
case "P-384":
result = "1.3.132.0.34";
break;
case "P-521":
result = "1.3.132.0.35";
break;
}
if (!result && safety) {
throw new Error(`Unsupported algorithm ${target ? `for ${target} ` : EMPTY_STRING}: ${algorithm.name}`);
}
return result;
}
getAlgorithmParameters(algorithmName, operation) {
let result = {
algorithm: {},
usages: []
};
switch (algorithmName.toUpperCase()) {
case "RSAES-PKCS1-V1_5":
case "RSASSA-PKCS1-V1_5":
switch (operation.toLowerCase()) {
case "generatekey":
result = {
algorithm: {
name: "RSASSA-PKCS1-v1_5",
modulusLength: 2048,
publicExponent: new Uint8Array([0x01, 0x00, 0x01]),
hash: {
name: "SHA-256"
}
},
usages: ["sign", "verify"]
};
break;
case "verify":
case "sign":
case "importkey":
result = {
algorithm: {
name: "RSASSA-PKCS1-v1_5",
hash: {
name: "SHA-256"
}
},
usages: ["verify"]
};
break;
case "exportkey":
default:
return {
algorithm: {
name: "RSASSA-PKCS1-v1_5"
},
usages: []
};
}
break;
case "RSA-PSS":
switch (operation.toLowerCase()) {
case "sign":
case "verify":
result = {
algorithm: {
name: "RSA-PSS",
hash: {
name: "SHA-1"
},
saltLength: 20
},
usages: ["sign", "verify"]
};
break;
case "generatekey":
result = {
algorithm: {
name: "RSA-PSS",
modulusLength: 2048,
publicExponent: new Uint8Array([0x01, 0x00, 0x01]),
hash: {
name: "SHA-1"
}
},
usages: ["sign", "verify"]
};
break;
case "importkey":
result = {
algorithm: {
name: "RSA-PSS",
hash: {
name: "SHA-1"
}
},
usages: ["verify"]
};
break;
case "exportkey":
default:
return {
algorithm: {
name: "RSA-PSS"
},
usages: []
};
}
break;
case "RSA-OAEP":
switch (operation.toLowerCase()) {
case "encrypt":
case "decrypt":
result = {
algorithm: {
name: "RSA-OAEP"
},
usages: ["encrypt", "decrypt"]
};
break;
case "generatekey":
result = {
algorithm: {
name: "RSA-OAEP",
modulusLength: 2048,
publicExponent: new Uint8Array([0x01, 0x00, 0x01]),
hash: {
name: "SHA-256"
}
},
usages: ["encrypt", "decrypt", "wrapKey", "unwrapKey"]
};
break;
case "importkey":
result = {
algorithm: {
name: "RSA-OAEP",
hash: {
name: "SHA-256"
}
},
usages: ["encrypt"]
};
break;
case "exportkey":
default:
return {
algorithm: {
name: "RSA-OAEP"
},
usages: []
};
}
break;
case "ECDSA":
switch (operation.toLowerCase()) {
case "generatekey":
result = {
algorithm: {
name: "ECDSA",
namedCurve: "P-256"
},
usages: ["sign", "verify"]
};
break;
case "importkey":
result = {
algorithm: {
name: "ECDSA",
namedCurve: "P-256"
},
usages: ["verify"]
};
break;
case "verify":
case "sign":
result = {
algorithm: {
name: "ECDSA",
hash: {
name: "SHA-256"
}
},
usages: ["sign"]
};
break;
default:
return {
algorithm: {
name: "ECDSA"
},
usages: []
};
}
break;
case "ECDH":
switch (operation.toLowerCase()) {
case "exportkey":
case "importkey":
case "generatekey":
result = {
algorithm: {
name: "ECDH",
namedCurve: "P-256"
},
usages: ["deriveKey", "deriveBits"]
};
break;
case "derivekey":
case "derivebits":
result = {
algorithm: {
name: "ECDH",
namedCurve: "P-256",
public: []
},
usages: ["encrypt", "decrypt"]
};
break;
default:
return {
algorithm: {
name: "ECDH"
},
usages: []
};
}
break;
case "AES-CTR":
switch (operation.toLowerCase()) {
case "importkey":
case "exportkey":
case "generatekey":
result = {
algorithm: {
name: "AES-CTR",
length: 256
},
usages: ["encrypt", "decrypt", "wrapKey", "unwrapKey"]
};
break;
case "decrypt":
case "encrypt":
result = {
algorithm: {
name: "AES-CTR",
counter: new Uint8Array(16),
length: 10
},
usages: ["encrypt", "decrypt", "wrapKey", "unwrapKey"]
};
break;
default:
return {
algorithm: {
name: "AES-CTR"
},
usages: []
};
}
break;
case "AES-CBC":
switch (operation.toLowerCase()) {
case "importkey":
case "exportkey":
case "generatekey":
result = {
algorithm: {
name: "AES-CBC",
length: 256
},
usages: ["encrypt", "decrypt", "wrapKey", "unwrapKey"]
};
break;
case "decrypt":
case "encrypt":
result = {
algorithm: {
name: "AES-CBC",
iv: this.getRandomValues(new Uint8Array(16))
},
usages: ["encrypt", "decrypt", "wrapKey", "unwrapKey"]
};
break;
default:
return {
algorithm: {
name: "AES-CBC"
},
usages: []
};
}
break;
case "AES-GCM":
switch (operation.toLowerCase()) {
case "importkey":
case "exportkey":
case "generatekey":
result = {
algorithm: {
name: "AES-GCM",
length: 256
},
usages: ["encrypt", "decrypt", "wrapKey", "unwrapKey"]
};
break;
case "decrypt":
case "encrypt":
result = {
algorithm: {
name: "AES-GCM",
iv: this.getRandomValues(new Uint8Array(16))
},
usages: ["encrypt", "decrypt", "wrapKey", "unwrapKey"]
};
break;
default:
return {
algorithm: {
name: "AES-GCM"
},
usages: []
};
}
break;
case "AES-KW":
switch (operation.toLowerCase()) {
case "importkey":
case "exportkey":
case "generatekey":
case "wrapkey":
case "unwrapkey":
result = {
algorithm: {
name: "AES-KW",
length: 256
},
usages: ["wrapKey", "unwrapKey"]
};
break;
default:
return {
algorithm: {
name: "AES-KW"
},
usages: []
};
}
break;
case "HMAC":
switch (operation.toLowerCase()) {
case "sign":
case "verify":
result = {
algorithm: {
name: "HMAC"
},
usages: ["sign", "verify"]
};
break;
case "importkey":
case "exportkey":
case "generatekey":
result = {
algorithm: {
name: "HMAC",
length: 32,
hash: {
name: "SHA-256"
}
},
usages: ["sign", "verify"]
};
break;
default:
return {
algorithm: {
name: "HMAC"
},
usages: []
};
}
break;
case "HKDF":
switch (operation.toLowerCase()) {
case "derivekey":
result = {
algorithm: {
name: "HKDF",
hash: "SHA-256",
salt: new Uint8Array([]),
info: new Uint8Array([])
},
usages: ["encrypt", "decrypt"]
};
break;
default:
return {
algorithm: {
name: "HKDF"
},
usages: []
};
}
break;
case "PBKDF2":
switch (operation.toLowerCase()) {
case "derivekey":
result = {
algorithm: {
name: "PBKDF2",
hash: { name: "SHA-256" },
salt: new Uint8Array([]),
iterations: 10000
},
usages: ["encrypt", "decrypt"]
};
break;
default:
return {
algorithm: {
name: "PBKDF2"
},
usages: []
};
}
break;
}
return result;
}
getHashAlgorithm(signatureAlgorithm) {
let result = EMPTY_STRING;
switch (signatureAlgorithm.algorithmId) {
case "1.2.840.10045.4.1":
case "1.2.840.113549.1.1.5":
result = "SHA-1";
break;
case "1.2.840.10045.4.3.2":
case "1.2.840.113549.1.1.11":
result = "SHA-256";
break;
case "1.2.840.10045.4.3.3":
case "1.2.840.113549.1.1.12":
result = "SHA-384";
break;
case "1.2.840.10045.4.3.4":
case "1.2.840.113549.1.1.13":
result = "SHA-512";
break;
case "1.2.840.113549.1.1.10":
{
try {
const params = new RSASSAPSSParams({ schema: signatureAlgorithm.algorithmParams });
if (params.hashAlgorithm) {
const algorithm = this.getAlgorithmByOID(params.hashAlgorithm.algorithmId);
if ("name" in algorithm) {
result = algorithm.name;
}
else {
return EMPTY_STRING;
}
}
else
result = "SHA-1";
}
catch {
}
}
break;
}
return result;
}
async encryptEncryptedContentInfo(parameters) {
ParameterError.assert(parameters, "password", "contentEncryptionAlgorithm", "hmacHashAlgorithm", "iterationCount", "contentToEncrypt", "contentToEncrypt", "contentType");
const contentEncryptionOID = this.getOIDByAlgorithm(parameters.contentEncryptionAlgorithm, true, "contentEncryptionAlgorithm");
const pbkdf2OID = this.getOIDByAlgorithm({
name: "PBKDF2"
}, true, "PBKDF2");
const hmacOID = this.getOIDByAlgorithm({
name: "HMAC",
hash: {
name: parameters.hmacHashAlgorithm
}
}, true, "hmacHashAlgorithm");
const ivBuffer = new ArrayBuffer(16);
const ivView = new Uint8Array(ivBuffer);
this.getRandomValues(ivView);
const saltBuffer = new ArrayBuffer(64);
const saltView = new Uint8Array(saltBuffer);
this.getRandomValues(saltView);
const contentView = new Uint8Array(parameters.contentToEncrypt);
const pbkdf2Params = new PBKDF2Params({
salt: new OctetString({ valueHex: saltBuffer }),
iterationCount: parameters.iterationCount,
prf: new AlgorithmIdentifier({
algorithmId: hmacOID,
algorithmParams: new Null()
})
});
const passwordView = new Uint8Array(parameters.password);
const pbkdfKey = await this.importKey("raw", passwordView, "PBKDF2", false, ["deriveKey"]);
const derivedKey = await this.deriveKey({
name: "PBKDF2",
hash: {
name: parameters.hmacHashAlgorithm
},
salt: saltView,
iterations: parameters.iterationCount
}, pbkdfKey, parameters.contentEncryptionAlgorithm, false, ["encrypt"]);
const encryptedData = await this.encrypt({
name: parameters.contentEncryptionAlgorithm.name,
iv: ivView
}, derivedKey, contentView);
const pbes2Parameters = new PBES2Params({
keyDerivationFunc: new AlgorithmIdentifier({
algorithmId: pbkdf2OID,
algorithmParams: pbkdf2Params.toSchema()
}),
encryptionScheme: new AlgorithmIdentifier({
algorithmId: contentEncryptionOID,
algorithmParams: new OctetString({ valueHex: ivBuffer })
})
});
return new EncryptedContentInfo({
contentType: parameters.contentType,
contentEncryptionAlgorithm: new AlgorithmIdentifier({
algorithmId: "1.2.840.113549.1.5.13",
algorithmParams: pbes2Parameters.toSchema()
}),
encryptedContent: new OctetString({ valueHex: encryptedData })
});
}
async decryptEncryptedContentInfo(parameters) {
ParameterError.assert(parameters, "password", "encryptedContentInfo");
if (parameters.encryptedContentInfo.contentEncryptionAlgorithm.algorithmId !== "1.2.840.113549.1.5.13")
throw new Error(`Unknown "contentEncryptionAlgorithm": ${parameters.encryptedContentInfo.contentEncryptionAlgorithm.algorithmId}`);
let pbes2Parameters;
try {
pbes2Parameters = new PBES2Params({ schema: parameters.encryptedContentInfo.contentEncryptionAlgorithm.algorithmParams });
}
catch {
throw new Error("Incorrectly encoded \"pbes2Parameters\"");
}
let pbkdf2Params;
try {
pbkdf2Params = new PBKDF2Params({ schema: pbes2Parameters.keyDerivationFunc.algorithmParams });
}
catch {
throw new Error("Incorrectly encoded \"pbkdf2Params\"");
}
const contentEncryptionAlgorithm = this.getAlgorithmByOID(pbes2Parameters.encryptionScheme.algorithmId, true);
const ivBuffer = pbes2Parameters.encryptionScheme.algorithmParams.valueBlock.valueHex;
const ivView = new Uint8Array(ivBuffer);
const saltBuffer = pbkdf2Params.salt.valueBlock.valueHex;
const saltView = new Uint8Array(saltBuffer);
const iterationCount = pbkdf2Params.iterationCount;
let hmacHashAlgorithm = "SHA-1";
if (pbkdf2Params.prf) {
const algorithm = this.getAlgorithmByOID(pbkdf2Params.prf.algorithmId, true);
hmacHashAlgorithm = algorithm.hash.name;
}
const pbkdfKey = await this.importKey("raw", parameters.password, "PBKDF2", false, ["deriveKey"]);
const result = await this.deriveKey({
name: "PBKDF2",
hash: {
name: hmacHashAlgorithm
},
salt: saltView,
iterations: iterationCount
}, pbkdfKey, contentEncryptionAlgorithm, false, ["decrypt"]);
const dataBuffer = parameters.encryptedContentInfo.getEncryptedContent();
return this.decrypt({
name: contentEncryptionAlgorithm.name,
iv: ivView
}, result, dataBuffer);
}
async stampDataWithPassword(parameters) {
if ((parameters instanceof Object) === false)
throw new Error("Parameters must have type \"Object\"");
ParameterError.assert(parameters, "password", "hashAlgorithm", "iterationCount", "salt", "contentToStamp");
let length;
switch (parameters.hashAlgorithm.toLowerCase()) {
case "sha-1":
length = 160;
break;
case "sha-256":
length = 256;
break;
case "sha-384":
length = 384;
break;
case "sha-512":
length = 512;
break;
default:
throw new Error(`Incorrect "parameters.hashAlgorithm" parameter: ${parameters.hashAlgorithm}`);
}
const hmacAlgorithm = {
name: "HMAC",
length,
hash: {
name: parameters.hashAlgorithm
}
};
const pkcsKey = await makePKCS12B2Key(parameters.hashAlgorithm, length, parameters.password, parameters.salt, parameters.iterationCount);
const hmacKey = await this.importKey("raw", new Uint8Array(pkcsKey), hmacAlgorithm, false, ["sign"]);
return this.sign(hmacAlgorithm, hmacKey, new Uint8Array(parameters.contentToStamp));
}
async verifyDataStampedWithPassword(parameters) {
ParameterError.assert(parameters, "password", "hashAlgorithm", "salt", "iterationCount", "contentToVerify", "signatureToVerify");
let length = 0;
switch (parameters.hashAlgorithm.toLowerCase()) {
case "sha-1":
length = 160;
break;
case "sha-256":
length = 256;
break;
case "sha-384":
length = 384;
break;
case "sha-512":
length = 512;
break;
default:
throw new Error(`Incorrect "parameters.hashAlgorithm" parameter: ${parameters.hashAlgorithm}`);
}
const hmacAlgorithm = {
name: "HMAC",
length,
hash: {
name: parameters.hashAlgorithm
}
};
const pkcsKey = await makePKCS12B2Key(parameters.hashAlgorithm, length, parameters.password, parameters.salt, parameters.iterationCount);
const hmacKey = await this.importKey("raw", new Uint8Array(pkcsKey), hmacAlgorithm, false, ["verify"]);
return this.verify(hmacAlgorithm, hmacKey, new Uint8Array(parameters.signatureToVerify), new Uint8Array(parameters.contentToVerify));
}
async getSignatureParameters(privateKey, hashAlgorithm = "SHA-1") {
this.getOIDByAlgorithm({ name: hashAlgorithm }, true, "hashAlgorithm");
const signatureAlgorithm = new AlgorithmIdentifier();
const parameters = this.getAlgorithmParameters(privateKey.algorithm.name, "sign");
if (!Object.keys(parameters.algorithm).length) {
throw new Error("Parameter 'algorithm' is empty");
}
const algorithm = parameters.algorithm;
if ("hash" in privateKey.algorithm && privateKey.algorithm.hash && privateKey.algorithm.hash.name) {
algorithm.hash.name = privateKey.algorithm.hash.name;
}
else {
algorithm.hash.name = hashAlgorithm;
}
switch (privateKey.algorithm.name.toUpperCase()) {
case "RSASSA-PKCS1-V1_5":
case "ECDSA":
signatureAlgorithm.algorithmId = this.getOIDByAlgorithm(algorithm, true);
break;
case "RSA-PSS":
{
switch (algorithm.hash.name.toUpperCase()) {
case "SHA-256":
algorithm.saltLength = 32;
break;
case "SHA-384":
algorithm.saltLength = 48;
break;
case "SHA-512":
algorithm.saltLength = 64;
break;
}
const paramsObject = {};
if (algorithm.hash.name.toUpperCase() !== "SHA-1") {
const hashAlgorithmOID = this.getOIDByAlgorithm({ name: algorithm.hash.name }, true, "hashAlgorithm");
paramsObject.hashAlgorithm = new AlgorithmIdentifier({
algorithmId: hashAlgorithmOID,
algorithmParams: new Null()
});
paramsObject.maskGenAlgorithm = new AlgorithmIdentifier({
algorithmId: "1.2.840.113549.1.1.8",
algorithmParams: paramsObject.hashAlgorithm.toSchema()
});
}
if (algorithm.saltLength !== 20)
paramsObject.saltLength = algorithm.saltLength;
const pssParameters = new RSASSAPSSParams(paramsObject);
signatureAlgorithm.algorithmId = "1.2.840.113549.1.1.10";
signatureAlgorithm.algorithmParams = pssParameters.toSchema();
}
break;
default:
throw new Error(`Unsupported signature algorithm: ${privateKey.algorithm.name}`);
}
return {
signatureAlgorithm,
parameters
};
}
async signWithPrivateKey(data, privateKey, parameters) {
const signature = await this.sign(parameters.algorithm, privateKey, data);
if (parameters.algorithm.name === "ECDSA") {
return createCMSECDSASignature(signature);
}
return signature;
}
fillPublicKeyParameters(publicKeyInfo, signatureAlgorithm) {
const parameters = {};
const shaAlgorithm = this.getHashAlgorithm(signatureAlgorithm);
if (shaAlgorithm === EMPTY_STRING)
throw new Error(`Unsupported signature algorithm: ${signatureAlgorithm.algorithmId}`);
let algorithmId;
if (signatureAlgorithm.algorithmId === "1.2.840.113549.1.1.10")
algorithmId = signatureAlgorithm.algorithmId;
else
algorithmId = publicKeyInfo.algorithm.algorithmId;
const algorithmObject = this.getAlgorithmByOID(algorithmId, true);
parameters.algorithm = this.getAlgorithmParameters(algorithmObject.name, "importKey");
if ("hash" in parameters.algorithm.algorithm)
parameters.algorithm.algorithm.hash.name = shaAlgorithm;
if (algorithmObject.name === "ECDSA") {
const publicKeyAlgorithm = publicKeyInfo.algorithm;
if (!publicKeyAlgorithm.algorithmParams) {
throw new Error("Algorithm parameters for ECDSA public key are missed");
}
const publicKeyAlgorithmParams = publicKeyAlgorithm.algorithmParams;
if ("idBlock" in publicKeyAlgorithm.algorithmParams) {
if (!((publicKeyAlgorithmParams.idBlock.tagClass === 1) && (publicKeyAlgorithmParams.idBlock.tagNumber === 6))) {
throw new Error("Incorrect type for ECDSA public key parameters");
}
}
const curveObject = this.getAlgorithmByOID(publicKeyAlgorithmParams.valueBlock.toString(), true);
parameters.algorithm.algorithm.namedCurve = curveObject.name;
}
return parameters;
}
async getPublicKey(publicKeyInfo, signatureAlgorithm, parameters) {
if (!parameters) {
parameters = this.fillPublicKeyParameters(publicKeyInfo, signatureAlgorithm);
}
const publicKeyInfoBuffer = publicKeyInfo.toSchema().toBER(false);
return this.importKey("spki", publicKeyInfoBuffer, parameters.algorithm.algorithm, true, parameters.algorithm.usages);
}
async verifyWithPublicKey(data, signature, publicKeyInfo, signatureAlgorithm, shaAlgorithm) {
let publicKey;
if (!shaAlgorithm) {
shaAlgorithm = this.getHashAlgorithm(signatureAlgorithm);
if (!shaAlgorithm)
throw new Error(`Unsupported signature algorithm: ${signatureAlgorithm.algorithmId}`);
publicKey = await this.getPublicKey(publicKeyInfo, signatureAlgorithm);
}
else {
const parameters = {};
let algorithmId;
if (signatureAlgorithm.algorithmId === "1.2.840.113549.1.1.10")
algorithmId = signatureAlgorithm.algorithmId;
else
algorithmId = publicKeyInfo.algorithm.algorithmId;
const algorithmObject = this.getAlgorithmByOID(algorithmId, true);
parameters.algorithm = this.getAlgorithmParameters(algorithmObject.name, "importKey");
if ("hash" in parameters.algorithm.algorithm)
parameters.algorithm.algorithm.hash.name = shaAlgorithm;
if (algorithmObject.name === "ECDSA") {
let algorithmParamsChecked = false;
if (("algorithmParams" in publicKeyInfo.algorithm) === true) {
if ("idBlock" in publicKeyInfo.algorithm.algorithmParams) {
if ((publicKeyInfo.algorithm.algorithmParams.idBlock.tagClass === 1) && (publicKeyInfo.algorithm.algorithmParams.idBlock.tagNumber === 6))
algorithmParamsChecked = true;
}
}
if (algorithmParamsChecked === false) {
throw new Error("Incorrect type for ECDSA public key parameters");
}
const curveObject = this.getAlgorithmByOID(publicKeyInfo.algorithm.algorithmParams.valueBlock.toString(), true);
parameters.algorithm.algorithm.namedCurve = curveObject.name;
}
publicKey = await this.getPublicKey(publicKeyInfo, null, parameters);
}
const algorithm = this.getAlgorithmParameters(publicKey.algorithm.name, "verify");
if ("hash" in algorithm.algorithm)
algorithm.algorithm.hash.name = shaAlgorithm;
let signatureValue = signature.valueBlock.valueHexView;
if (publicKey.algorithm.name === "ECDSA") {
const namedCurve = ECNamedCurves.find(publicKey.algorithm.namedCurve);
if (!namedCurve) {
throw new Error("Unsupported named curve in use");
}
const asn1 = fromBER(signatureValue);
AsnError.assert(asn1, "Signature value");
signatureValue = createECDSASignatureFromCMS(asn1.result, namedCurve.size);
}
if (publicKey.algorithm.name === "RSA-PSS") {
const pssParameters = new RSASSAPSSParams({ schema: signatureAlgorithm.algorithmParams });
if ("saltLength" in pssParameters)
algorithm.algorithm.saltLength = pssParameters.saltLength;
else
algorithm.algorithm.saltLength = 20;
let hashAlgo = "SHA-1";
if ("hashAlgorithm" in pssParameters) {
const hashAlgorithm = this.getAlgorithmByOID(pssParameters.hashAlgorithm.algorithmId, true);
hashAlgo = hashAlgorithm.name;
}
algorithm.algorithm.hash.name = hashAlgo;
}
return this.verify(algorithm.algorithm, publicKey, signatureValue, data);
}
}
let engine = {
name: "none",
crypto: null,
};
function isCryptoEngine(engine) {
return engine
&& typeof engine === "object"
&& "crypto" in engine
? true
: false;
}
function setEngine(name, ...args) {
let crypto = null;
if (args.length < 2) {
if (args.length) {
crypto = args[0];
}
else {
crypto = typeof self !== "undefined" && self.crypto ? new CryptoEngine({ name: "browser", crypto: self.crypto }) : null;
}
}
else {
const cryptoArg = args[0];
const subtleArg = args[1];
if (isCryptoEngine(subtleArg)) {
crypto = subtleArg;
}
else if (isCryptoEngine(cryptoArg)) {
crypto = cryptoArg;
}
else if ("subtle" in cryptoArg && "getRandomValues" in cryptoArg) {
crypto = new CryptoEngine({
crypto: cryptoArg,
});
}
}
if ((typeof process !== "undefined") && ("pid" in process) && (typeof global !== "undefined") && (typeof window === "undefined")) {
if (typeof global[process.pid] === "undefined") {
global[process.pid] = {};
}
else {
if (typeof global[process.pid] !== "object") {
throw new Error(`Name global.${process.pid} already exists and it is not an object`);
}
}
if (typeof global[process.pid].pkijs === "undefined") {
global[process.pid].pkijs = {};
}
else {
if (typeof global[process.pid].pkijs !== "object") {
throw new Error(`Name global.${process.pid}.pkijs already exists and it is not an object`);
}
}
global[process.pid].pkijs.engine = {
name: name,
crypto,
};
}
else {
engine = {
name: name,
crypto,
};
}
}
function getEngine() {
if ((typeof process !== "undefined") && ("pid" in process) && (typeof global !== "undefined") && (typeof window === "undefined")) {
let _engine;
try {
_engine = global[process.pid].pkijs.engine;
}
catch {
throw new Error("Please call 'setEngine' before call to 'getEngine'");
}
return _engine;
}
return engine;
}
function getCrypto(safety = false) {
const _engine = getEngine();
if (!_engine.crypto && safety) {
throw new Error("Unable to create WebCrypto object");
}
return _engine.crypto;
}
function getRandomValues(view) {
return getCrypto(true).getRandomValues(view);
}
function getOIDByAlgorithm(algorithm, safety, target) {
return getCrypto(true).getOIDByAlgorithm(algorithm, safety, target);
}
function getAlgorithmParameters(algorithmName, operation) {
return getCrypto(true).getAlgorithmParameters(algorithmName, operation);
}
function createCMSECDSASignature(signatureBuffer) {
if ((signatureBuffer.byteLength % 2) !== 0)
return EMPTY_BUFFER;
const length = signatureBuffer.byteLength / 2;
const rBuffer = new ArrayBuffer(length);
const rView = new Uint8Array(rBuffer);
rView.set(new Uint8Array(signatureBuffer, 0, length));
const rInteger = new Integer({ valueHex: rBuffer });
const sBuffer = new ArrayBuffer(length);
const sView = new Uint8Array(sBuffer);
sView.set(new Uint8Array(signatureBuffer, length, length));
const sInteger = new Integer({ valueHex: sBuffer });
return (new Sequence({
value: [
rInteger.convertToDER(),
sInteger.convertToDER()
]
})).toBER(false);
}
function createECDSASignatureFromCMS(cmsSignature, pointSize) {
if (!(cmsSignature instanceof Sequence
&& cmsSignature.valueBlock.value.length === 2
&& cmsSignature.valueBlock.value[0] instanceof Integer
&& cmsSignature.valueBlock.value[1] instanceof Integer))
return EMPTY_BUFFER;
const rValueView = cmsSignature.valueBlock.value[0].convertFromDER().valueBlock.valueHexView;
const sValueView = cmsSignature.valueBlock.value[1].convertFromDER().valueBlock.valueHexView;
const res = new Uint8Array(pointSize * 2);
res.set(rValueView, pointSize - rValueView.byteLength);
res.set(sValueView, (2 * pointSize) - sValueView.byteLength);
return res.buffer;
}
function getAlgorithmByOID(oid, safety = false, target) {
return getCrypto(true).getAlgorithmByOID(oid, safety, target);
}
function getHashAlgorithm(signatureAlgorithm) {
return getCrypto(true).getHashAlgorithm(signatureAlgorithm);
}
async function kdfWithCounter(hashFunction, zBuffer, Counter, SharedInfo, crypto) {
switch (hashFunction.toUpperCase()) {
case "SHA-1":
case "SHA-256":
case "SHA-384":
case "SHA-512":
break;
default:
throw new ArgumentError(`Unknown hash function: ${hashFunction}`);
}
ArgumentError.assert(zBuffer, "zBuffer", "ArrayBuffer");
if (zBuffer.byteLength === 0)
throw new ArgumentError("'zBuffer' has zero length, error");
ArgumentError.assert(SharedInfo, "SharedInfo", "ArrayBuffer");
if (Counter > 255)
throw new ArgumentError("Please set 'Counter' argument to value less or equal to 255");
const counterBuffer = new ArrayBuffer(4);
const counterView = new Uint8Array(counterBuffer);
counterView[0] = 0x00;
counterView[1] = 0x00;
counterView[2] = 0x00;
counterView[3] = Counter;
let combinedBuffer = EMPTY_BUFFER;
combinedBuffer = utilConcatBuf(combinedBuffer, zBuffer);
combinedBuffer = utilConcatBuf(combinedBuffer, counterBuffer);
combinedBuffer = utilConcatBuf(combinedBuffer, SharedInfo);
const result = await crypto.digest({ name: hashFunction }, combinedBuffer);
return {
counter: Counter,
result
};
}
async function kdf(hashFunction, Zbuffer, keydatalen, SharedInfo, crypto = getCrypto(true)) {
let hashLength = 0;
let maxCounter = 1;
switch (hashFunction.toUpperCase()) {
case "SHA-1":
hashLength = 160;
break;
case "SHA-256":
hashLength = 256;
break;
case "SHA-384":
hashLength = 384;
break;
case "SHA-512":
hashLength = 512;
break;
default:
throw new ArgumentError(`Unknown hash function: ${hashFunction}`);
}
ArgumentError.assert(Zbuffer, "Zbuffer", "ArrayBuffer");
if (Zbuffer.byteLength === 0)
throw new ArgumentError("'Zbuffer' has zero length, error");
ArgumentError.assert(SharedInfo, "SharedInfo", "ArrayBuffer");
const quotient = keydatalen / hashLength;
if (Math.floor(quotient) > 0) {
maxCounter = Math.floor(quotient);
if ((quotient - maxCounter) > 0)
maxCounter++;
}
const incomingResult = [];
for (let i = 1; i <= maxCounter; i++)
incomingResult.push(await kdfWithCounter(hashFunction, Zbuffer, i, SharedInfo, crypto));
let combinedBuffer = EMPTY_BUFFER;
let currentCounter = 1;
let found = true;
while (found) {
found = false;
for (const result of incomingResult) {
if (result.counter === currentCounter) {
combinedBuffer = utilConcatBuf(combinedBuffer, result.result);
found = true;
break;
}
}
currentCounter++;
}
keydatalen >>= 3;
if (combinedBuffer.byteLength > keydatalen) {
const newBuffer = new ArrayBuffer(keydatalen);
const newView = new Uint8Array(newBuffer);
const combinedView = new Uint8Array(combinedBuffer);
for (let i = 0; i < keydatalen; i++)
newView[i] = combinedView[i];
return newBuffer;
}
return combinedBuffer;
}
const VERSION$i = "version";
const LOG_ID = "logID";
const EXTENSIONS$6 = "extensions";
const TIMESTAMP = "timestamp";
const HASH_ALGORITHM$3 = "hashAlgorithm";
const SIGNATURE_ALGORITHM$8 = "signatureAlgorithm";
const SIGNATURE$7 = "signature";
const NONE = "none";
const MD5 = "md5";
const SHA1 = "sha1";
const SHA224 = "sha224";
const SHA256 = "sha256";
const SHA384 = "sha384";
const SHA512 = "sha512";
const ANONYMOUS = "anonymous";
const RSA = "rsa";
const DSA = "dsa";
const ECDSA = "ecdsa";
class SignedCertificateTimestamp extends PkiObject {
constructor(parameters = {}) {
super();
this.version = getParametersValue(parameters, VERSION$i, SignedCertificateTimestamp.defaultValues(VERSION$i));
this.logID = getParametersValue(parameters, LOG_ID, SignedCertificateTimestamp.defaultValues(LOG_ID));
this.timestamp = getParametersValue(parameters, TIMESTAMP, SignedCertificateTimestamp.defaultValues(TIMESTAMP));
this.extensions = getParametersValue(parameters, EXTENSIONS$6, SignedCertificateTimestamp.defaultValues(EXTENSIONS$6));
this.hashAlgorithm = getParametersValue(parameters, HASH_ALGORITHM$3, SignedCertificateTimestamp.defaultValues(HASH_ALGORITHM$3));
this.signatureAlgorithm = getParametersValue(parameters, SIGNATURE_ALGORITHM$8, SignedCertificateTimestamp.defaultValues(SIGNATURE_ALGORITHM$8));
this.signature = getParametersValue(parameters, SIGNATURE$7, SignedCertificateTimestamp.defaultValues(SIGNATURE$7));
if ("stream" in parameters && parameters.stream) {
this.fromStream(parameters.stream);
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case VERSION$i:
return 0;
case LOG_ID:
case EXTENSIONS$6:
return EMPTY_BUFFER;
case TIMESTAMP:
return new Date(0);
case HASH_ALGORITHM$3:
case SIGNATURE_ALGORITHM$8:
return EMPTY_STRING;
case SIGNATURE$7:
return EMPTY_BUFFER;
default:
return super.defaultValues(memberName);
}
}
fromSchema(schema) {
if ((schema instanceof RawData) === false)
throw new Error("Object's schema was not verified against input data for SignedCertificateTimestamp");
const seqStream = new SeqStream({
stream: new ByteStream({
buffer: schema.data
})
});
this.fromStream(seqStream);
}
fromStream(stream) {
const blockLength = stream.getUint16();
this.version = (stream.getBlock(1))[0];
if (this.version === 0) {
this.logID = (new Uint8Array(stream.getBlock(32))).buffer.slice(0);
this.timestamp = new Date(utilFromBase(new Uint8Array(stream.getBlock(8)), 8));
const extensionsLength = stream.getUint16();
this.extensions = (new Uint8Array(stream.getBlock(extensionsLength))).buffer.slice(0);
switch ((stream.getBlock(1))[0]) {
case 0:
this.hashAlgorithm = NONE;
break;
case 1:
this.hashAlgorithm = MD5;
break;
case 2:
this.hashAlgorithm = SHA1;
break;
case 3:
this.hashAlgorithm = SHA224;
break;
case 4:
this.hashAlgorithm = SHA256;
break;
case 5:
this.hashAlgorithm = SHA384;
break;
case 6:
this.hashAlgorithm = SHA512;
break;
default:
throw new Error("Object's stream was not correct for SignedCertificateTimestamp");
}
switch ((stream.getBlock(1))[0]) {
case 0:
this.signatureAlgorithm = ANONYMOUS;
break;
case 1:
this.signatureAlgorithm = RSA;
break;
case 2:
this.signatureAlgorithm = DSA;
break;
case 3:
this.signatureAlgorithm = ECDSA;
break;
default:
throw new Error("Object's stream was not correct for SignedCertificateTimestamp");
}
const signatureLength = stream.getUint16();
this.signature = new Uint8Array(stream.getBlock(signatureLength)).buffer.slice(0);
if (blockLength !== (47 + extensionsLength + signatureLength)) {
throw new Error("Object's stream was not correct for SignedCertificateTimestamp");
}
}
}
toSchema() {
const stream = this.toStream();
return new RawData({ data: stream.stream.buffer });
}
toStream() {
const stream = new SeqStream();
stream.appendUint16(47 + this.extensions.byteLength + this.signature.byteLength);
stream.appendChar(this.version);
stream.appendView(new Uint8Array(this.logID));
const timeBuffer = new ArrayBuffer(8);
const timeView = new Uint8Array(timeBuffer);
const baseArray = utilToBase(this.timestamp.valueOf(), 8);
timeView.set(new Uint8Array(baseArray), 8 - baseArray.byteLength);
stream.appendView(timeView);
stream.appendUint16(this.extensions.byteLength);
if (this.extensions.byteLength)
stream.appendView(new Uint8Array(this.extensions));
let _hashAlgorithm;
switch (this.hashAlgorithm.toLowerCase()) {
case NONE:
_hashAlgorithm = 0;
break;
case MD5:
_hashAlgorithm = 1;
break;
case SHA1:
_hashAlgorithm = 2;
break;
case SHA224:
_hashAlgorithm = 3;
break;
case SHA256:
_hashAlgorithm = 4;
break;
case SHA384:
_hashAlgorithm = 5;
break;
case SHA512:
_hashAlgorithm = 6;
break;
default:
throw new Error(`Incorrect data for hashAlgorithm: ${this.hashAlgorithm}`);
}
stream.appendChar(_hashAlgorithm);
let _signatureAlgorithm;
switch (this.signatureAlgorithm.toLowerCase()) {
case ANONYMOUS:
_signatureAlgorithm = 0;
break;
case RSA:
_signatureAlgorithm = 1;
break;
case DSA:
_signatureAlgorithm = 2;
break;
case ECDSA:
_signatureAlgorithm = 3;
break;
default:
throw new Error(`Incorrect data for signatureAlgorithm: ${this.signatureAlgorithm}`);
}
stream.appendChar(_signatureAlgorithm);
stream.appendUint16(this.signature.byteLength);
stream.appendView(new Uint8Array(this.signature));
return stream;
}
toJSON() {
return {
version: this.version,
logID: bufferToHexCodes(this.logID),
timestamp: this.timestamp,
extensions: bufferToHexCodes(this.extensions),
hashAlgorithm: this.hashAlgorithm,
signatureAlgorithm: this.signatureAlgorithm,
signature: bufferToHexCodes(this.signature),
};
}
async verify(logs, data, dataType = 0, crypto = getCrypto(true)) {
const logId = toBase64(arrayBufferToString(this.logID));
let publicKeyBase64 = null;
const stream = new SeqStream();
for (const log of logs) {
if (log.log_id === logId) {
publicKeyBase64 = log.key;
break;
}
}
if (!publicKeyBase64) {
throw new Error(`Public key not found for CT with logId: ${logId}`);
}
const pki = stringToArrayBuffer(fromBase64(publicKeyBase64));
const publicKeyInfo = PublicKeyInfo.fromBER(pki);
stream.appendChar(0x00);
stream.appendChar(0x00);
const timeBuffer = new ArrayBuffer(8);
const timeView = new Uint8Array(timeBuffer);
const baseArray = utilToBase(this.timestamp.valueOf(), 8);
timeView.set(new Uint8Array(baseArray), 8 - baseArray.byteLength);
stream.appendView(timeView);
stream.appendUint16(dataType);
if (dataType === 0)
stream.appendUint24(data.byteLength);
stream.appendView(new Uint8Array(data));
stream.appendUint16(this.extensions.byteLength);
if (this.extensions.byteLength !== 0)
stream.appendView(new Uint8Array(this.extensions));
return crypto.verifyWithPublicKey(stream.buffer.slice(0, stream.length), new OctetString({ valueHex: this.signature }), publicKeyInfo, { algorithmId: EMPTY_STRING }, "SHA-256");
}
}
SignedCertificateTimestamp.CLASS_NAME = "SignedCertificateTimestamp";
async function verifySCTsForCertificate(certificate, issuerCertificate, logs, index = (-1), crypto = getCrypto(true)) {
let parsedValue = null;
const stream = new SeqStream();
if (certificate.extensions) {
for (let i = certificate.extensions.length - 1; i >= 0; i--) {
switch (certificate.extensions[i].extnID) {
case id_SignedCertificateTimestampList:
{
parsedValue = certificate.extensions[i].parsedValue;
if (!parsedValue || parsedValue.timestamps.length === 0)
throw new Error("Nothing to verify in the certificate");
certificate.extensions.splice(i, 1);
}
break;
}
}
}
if (parsedValue === null)
throw new Error("No SignedCertificateTimestampList extension in the specified certificate");
const tbs = certificate.encodeTBS().toBER();
const issuerId = await crypto.digest({ name: "SHA-256" }, new Uint8Array(issuerCertificate.subjectPublicKeyInfo.toSchema().toBER(false)));
stream.appendView(new Uint8Array(issuerId));
stream.appendUint24(tbs.byteLength);
stream.appendView(new Uint8Array(tbs));
const preCert = stream.stream.slice(0, stream.length);
if (index === (-1)) {
const verifyArray = [];
for (const timestamp of parsedValue.timestamps) {
const verifyResult = await timestamp.verify(logs, preCert.buffer, 1, crypto);
verifyArray.push(verifyResult);
}
return verifyArray;
}
if (index >= parsedValue.timestamps.length)
index = (parsedValue.timestamps.length - 1);
return [await parsedValue.timestamps[index].verify(logs, preCert.buffer, 1, crypto)];
}
const TIMESTAMPS = "timestamps";
class SignedCertificateTimestampList extends PkiObject {
constructor(parameters = {}) {
super();
this.timestamps = getParametersValue(parameters, TIMESTAMPS, SignedCertificateTimestampList.defaultValues(TIMESTAMPS));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case TIMESTAMPS:
return [];
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case TIMESTAMPS:
return (memberValue.length === 0);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
var _a;
const names = getParametersValue(parameters, "names", {});
(_a = names.optional) !== null && _a !== void 0 ? _a : (names.optional = false);
return (new OctetString({
name: (names.blockName || "SignedCertificateTimestampList"),
optional: names.optional
}));
}
fromSchema(schema) {
if ((schema instanceof OctetString) === false) {
throw new Error("Object's schema was not verified against input data for SignedCertificateTimestampList");
}
const seqStream = new SeqStream({
stream: new ByteStream({
buffer: schema.valueBlock.valueHex
})
});
const dataLength = seqStream.getUint16();
if (dataLength !== seqStream.length) {
throw new Error("Object's schema was not verified against input data for SignedCertificateTimestampList");
}
while (seqStream.length) {
this.timestamps.push(new SignedCertificateTimestamp({ stream: seqStream }));
}
}
toSchema() {
const stream = new SeqStream();
let overallLength = 0;
const timestampsData = [];
for (const timestamp of this.timestamps) {
const timestampStream = timestamp.toStream();
timestampsData.push(timestampStream);
overallLength += timestampStream.stream.buffer.byteLength;
}
stream.appendUint16(overallLength);
for (const timestamp of timestampsData) {
stream.appendView(timestamp.stream.view);
}
return new OctetString({ valueHex: stream.stream.buffer.slice(0) });
}
toJSON() {
return {
timestamps: Array.from(this.timestamps, o => o.toJSON())
};
}
}
SignedCertificateTimestampList.CLASS_NAME = "SignedCertificateTimestampList";
const ATTRIBUTES$4 = "attributes";
const CLEAR_PROPS$11 = [
ATTRIBUTES$4
];
class SubjectDirectoryAttributes extends PkiObject {
constructor(parameters = {}) {
super();
this.attributes = getParametersValue(parameters, ATTRIBUTES$4, SubjectDirectoryAttributes.defaultValues(ATTRIBUTES$4));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case ATTRIBUTES$4:
return [];
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Repeated({
name: (names.attributes || EMPTY_STRING),
value: Attribute.schema()
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$11);
const asn1 = compareSchema(schema, schema, SubjectDirectoryAttributes.schema({
names: {
attributes: ATTRIBUTES$4
}
}));
AsnError.assertSchema(asn1, this.className);
this.attributes = Array.from(asn1.result.attributes, element => new Attribute({ schema: element }));
}
toSchema() {
return (new Sequence({
value: Array.from(this.attributes, o => o.toSchema())
}));
}
toJSON() {
return {
attributes: Array.from(this.attributes, o => o.toJSON())
};
}
}
SubjectDirectoryAttributes.CLASS_NAME = "SubjectDirectoryAttributes";
class ExtensionValueFactory {
static getItems() {
if (!this.types) {
this.types = {};
ExtensionValueFactory.register(id_SubjectAltName, "SubjectAltName", AltName);
ExtensionValueFactory.register(id_IssuerAltName, "IssuerAltName", AltName);
ExtensionValueFactory.register(id_AuthorityKeyIdentifier, "AuthorityKeyIdentifier", AuthorityKeyIdentifier);
ExtensionValueFactory.register(id_BasicConstraints, "BasicConstraints", BasicConstraints);
ExtensionValueFactory.register(id_MicrosoftCaVersion, "MicrosoftCaVersion", CAVersion);
ExtensionValueFactory.register(id_CertificatePolicies, "CertificatePolicies", CertificatePolicies);
ExtensionValueFactory.register(id_MicrosoftAppPolicies, "CertificatePoliciesMicrosoft", CertificatePolicies);
ExtensionValueFactory.register(id_MicrosoftCertTemplateV2, "MicrosoftCertTemplateV2", CertificateTemplate);
ExtensionValueFactory.register(id_CRLDistributionPoints, "CRLDistributionPoints", CRLDistributionPoints);
ExtensionValueFactory.register(id_FreshestCRL, "FreshestCRL", CRLDistributionPoints);
ExtensionValueFactory.register(id_ExtKeyUsage, "ExtKeyUsage", ExtKeyUsage);
ExtensionValueFactory.register(id_CertificateIssuer, "CertificateIssuer", GeneralNames);
ExtensionValueFactory.register(id_AuthorityInfoAccess, "AuthorityInfoAccess", InfoAccess);
ExtensionValueFactory.register(id_SubjectInfoAccess, "SubjectInfoAccess", InfoAccess);
ExtensionValueFactory.register(id_IssuingDistributionPoint, "IssuingDistributionPoint", IssuingDistributionPoint);
ExtensionValueFactory.register(id_NameConstraints, "NameConstraints", NameConstraints);
ExtensionValueFactory.register(id_PolicyConstraints, "PolicyConstraints", PolicyConstraints);
ExtensionValueFactory.register(id_PolicyMappings, "PolicyMappings", PolicyMappings);
ExtensionValueFactory.register(id_PrivateKeyUsagePeriod, "PrivateKeyUsagePeriod", PrivateKeyUsagePeriod);
ExtensionValueFactory.register(id_QCStatements, "QCStatements", QCStatements);
ExtensionValueFactory.register(id_SignedCertificateTimestampList, "SignedCertificateTimestampList", SignedCertificateTimestampList);
ExtensionValueFactory.register(id_SubjectDirectoryAttributes, "SubjectDirectoryAttributes", SubjectDirectoryAttributes);
}
return this.types;
}
static fromBER(id, raw) {
const asn1 = fromBER(raw);
if (asn1.offset === -1) {
return null;
}
const item = this.find(id);
if (item) {
try {
return new item.type({ schema: asn1.result });
}
catch {
const res = new item.type();
res.parsingError = `Incorrectly formatted value of extension ${item.name} (${id})`;
return res;
}
}
return asn1.result;
}
static find(id) {
const types = this.getItems();
return types[id] || null;
}
static register(id, name, type) {
this.getItems()[id] = { name, type };
}
}
const EXTN_ID = "extnID";
const CRITICAL = "critical";
const EXTN_VALUE = "extnValue";
const PARSED_VALUE$5 = "parsedValue";
const CLEAR_PROPS$10 = [
EXTN_ID,
CRITICAL,
EXTN_VALUE
];
class Extension extends PkiObject {
get parsedValue() {
if (this._parsedValue === undefined) {
const parsedValue = ExtensionValueFactory.fromBER(this.extnID, this.extnValue.valueBlock.valueHexView);
this._parsedValue = parsedValue;
}
return this._parsedValue || undefined;
}
set parsedValue(value) {
this._parsedValue = value;
}
constructor(parameters = {}) {
super();
this.extnID = getParametersValue(parameters, EXTN_ID, Extension.defaultValues(EXTN_ID));
this.critical = getParametersValue(parameters, CRITICAL, Extension.defaultValues(CRITICAL));
if (EXTN_VALUE in parameters) {
this.extnValue = new OctetString({ valueHex: parameters.extnValue });
}
else {
this.extnValue = Extension.defaultValues(EXTN_VALUE);
}
if (PARSED_VALUE$5 in parameters) {
this.parsedValue = getParametersValue(parameters, PARSED_VALUE$5, Extension.defaultValues(PARSED_VALUE$5));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case EXTN_ID:
return EMPTY_STRING;
case CRITICAL:
return false;
case EXTN_VALUE:
return new OctetString();
case PARSED_VALUE$5:
return {};
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new ObjectIdentifier({ name: (names.extnID || EMPTY_STRING) }),
new Boolean({
name: (names.critical || EMPTY_STRING),
optional: true
}),
new OctetString({ name: (names.extnValue || EMPTY_STRING) })
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$10);
const asn1 = compareSchema(schema, schema, Extension.schema({
names: {
extnID: EXTN_ID,
critical: CRITICAL,
extnValue: EXTN_VALUE
}
}));
AsnError.assertSchema(asn1, this.className);
this.extnID = asn1.result.extnID.valueBlock.toString();
if (CRITICAL in asn1.result) {
this.critical = asn1.result.critical.valueBlock.value;
}
this.extnValue = asn1.result.extnValue;
}
toSchema() {
const outputArray = [];
outputArray.push(new ObjectIdentifier({ value: this.extnID }));
if (this.critical !== Extension.defaultValues(CRITICAL)) {
outputArray.push(new Boolean({ value: this.critical }));
}
outputArray.push(this.extnValue);
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const object = {
extnID: this.extnID,
extnValue: this.extnValue.toJSON(),
};
if (this.critical !== Extension.defaultValues(CRITICAL)) {
object.critical = this.critical;
}
if (this.parsedValue && this.parsedValue.toJSON) {
object.parsedValue = this.parsedValue.toJSON();
}
return object;
}
}
Extension.CLASS_NAME = "Extension";
const EXTENSIONS$5 = "extensions";
const CLEAR_PROPS$$ = [
EXTENSIONS$5,
];
class Extensions extends PkiObject {
constructor(parameters = {}) {
super();
this.extensions = getParametersValue(parameters, EXTENSIONS$5, Extensions.defaultValues(EXTENSIONS$5));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case EXTENSIONS$5:
return [];
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}, optional = false) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
optional,
name: (names.blockName || EMPTY_STRING),
value: [
new Repeated({
name: (names.extensions || EMPTY_STRING),
value: Extension.schema(names.extension || {})
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$$);
const asn1 = compareSchema(schema, schema, Extensions.schema({
names: {
extensions: EXTENSIONS$5
}
}));
AsnError.assertSchema(asn1, this.className);
this.extensions = Array.from(asn1.result.extensions, element => new Extension({ schema: element }));
}
toSchema() {
return (new Sequence({
value: Array.from(this.extensions, o => o.toSchema())
}));
}
toJSON() {
return {
extensions: this.extensions.map(o => o.toJSON())
};
}
}
Extensions.CLASS_NAME = "Extensions";
const ISSUER$5 = "issuer";
const SERIAL_NUMBER$6 = "serialNumber";
const ISSUER_UID = "issuerUID";
const CLEAR_PROPS$_ = [
ISSUER$5,
SERIAL_NUMBER$6,
ISSUER_UID,
];
class IssuerSerial extends PkiObject {
constructor(parameters = {}) {
super();
this.issuer = getParametersValue(parameters, ISSUER$5, IssuerSerial.defaultValues(ISSUER$5));
this.serialNumber = getParametersValue(parameters, SERIAL_NUMBER$6, IssuerSerial.defaultValues(SERIAL_NUMBER$6));
if (ISSUER_UID in parameters) {
this.issuerUID = getParametersValue(parameters, ISSUER_UID, IssuerSerial.defaultValues(ISSUER_UID));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case ISSUER$5:
return new GeneralNames();
case SERIAL_NUMBER$6:
return new Integer();
case ISSUER_UID:
return new BitString();
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
GeneralNames.schema(names.issuer || {}),
new Integer({ name: (names.serialNumber || EMPTY_STRING) }),
new BitString({
optional: true,
name: (names.issuerUID || EMPTY_STRING)
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$_);
const asn1 = compareSchema(schema, schema, IssuerSerial.schema({
names: {
issuer: {
names: {
blockName: ISSUER$5
}
},
serialNumber: SERIAL_NUMBER$6,
issuerUID: ISSUER_UID
}
}));
AsnError.assertSchema(asn1, this.className);
this.issuer = new GeneralNames({ schema: asn1.result.issuer });
this.serialNumber = asn1.result.serialNumber;
if (ISSUER_UID in asn1.result)
this.issuerUID = asn1.result.issuerUID;
}
toSchema() {
const result = new Sequence({
value: [
this.issuer.toSchema(),
this.serialNumber
]
});
if (this.issuerUID) {
result.valueBlock.value.push(this.issuerUID);
}
return result;
}
toJSON() {
const result = {
issuer: this.issuer.toJSON(),
serialNumber: this.serialNumber.toJSON()
};
if (this.issuerUID) {
result.issuerUID = this.issuerUID.toJSON();
}
return result;
}
}
IssuerSerial.CLASS_NAME = "IssuerSerial";
const VERSION$h = "version";
const BASE_CERTIFICATE_ID$2 = "baseCertificateID";
const SUBJECT_NAME = "subjectName";
const ISSUER$4 = "issuer";
const SIGNATURE$6 = "signature";
const SERIAL_NUMBER$5 = "serialNumber";
const ATTR_CERT_VALIDITY_PERIOD$1 = "attrCertValidityPeriod";
const ATTRIBUTES$3 = "attributes";
const ISSUER_UNIQUE_ID$2 = "issuerUniqueID";
const EXTENSIONS$4 = "extensions";
const CLEAR_PROPS$Z = [
VERSION$h,
BASE_CERTIFICATE_ID$2,
SUBJECT_NAME,
ISSUER$4,
SIGNATURE$6,
SERIAL_NUMBER$5,
ATTR_CERT_VALIDITY_PERIOD$1,
ATTRIBUTES$3,
ISSUER_UNIQUE_ID$2,
EXTENSIONS$4,
];
class AttributeCertificateInfoV1 extends PkiObject {
constructor(parameters = {}) {
super();
this.version = getParametersValue(parameters, VERSION$h, AttributeCertificateInfoV1.defaultValues(VERSION$h));
if (BASE_CERTIFICATE_ID$2 in parameters) {
this.baseCertificateID = getParametersValue(parameters, BASE_CERTIFICATE_ID$2, AttributeCertificateInfoV1.defaultValues(BASE_CERTIFICATE_ID$2));
}
if (SUBJECT_NAME in parameters) {
this.subjectName = getParametersValue(parameters, SUBJECT_NAME, AttributeCertificateInfoV1.defaultValues(SUBJECT_NAME));
}
this.issuer = getParametersValue(parameters, ISSUER$4, AttributeCertificateInfoV1.defaultValues(ISSUER$4));
this.signature = getParametersValue(parameters, SIGNATURE$6, AttributeCertificateInfoV1.defaultValues(SIGNATURE$6));
this.serialNumber = getParametersValue(parameters, SERIAL_NUMBER$5, AttributeCertificateInfoV1.defaultValues(SERIAL_NUMBER$5));
this.attrCertValidityPeriod = getParametersValue(parameters, ATTR_CERT_VALIDITY_PERIOD$1, AttributeCertificateInfoV1.defaultValues(ATTR_CERT_VALIDITY_PERIOD$1));
this.attributes = getParametersValue(parameters, ATTRIBUTES$3, AttributeCertificateInfoV1.defaultValues(ATTRIBUTES$3));
if (ISSUER_UNIQUE_ID$2 in parameters)
this.issuerUniqueID = getParametersValue(parameters, ISSUER_UNIQUE_ID$2, AttributeCertificateInfoV1.defaultValues(ISSUER_UNIQUE_ID$2));
if (EXTENSIONS$4 in parameters) {
this.extensions = getParametersValue(parameters, EXTENSIONS$4, AttributeCertificateInfoV1.defaultValues(EXTENSIONS$4));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case VERSION$h:
return 0;
case BASE_CERTIFICATE_ID$2:
return new IssuerSerial();
case SUBJECT_NAME:
return new GeneralNames();
case ISSUER$4:
return new GeneralNames();
case SIGNATURE$6:
return new AlgorithmIdentifier();
case SERIAL_NUMBER$5:
return new Integer();
case ATTR_CERT_VALIDITY_PERIOD$1:
return new AttCertValidityPeriod();
case ATTRIBUTES$3:
return [];
case ISSUER_UNIQUE_ID$2:
return new BitString();
case EXTENSIONS$4:
return new Extensions();
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Integer({ name: (names.version || EMPTY_STRING) }),
new Choice({
value: [
new Constructed({
name: (names.baseCertificateID || EMPTY_STRING),
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: IssuerSerial.schema().valueBlock.value
}),
new Constructed({
name: (names.subjectName || EMPTY_STRING),
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: GeneralNames.schema().valueBlock.value
}),
]
}),
GeneralNames.schema({
names: {
blockName: (names.issuer || EMPTY_STRING)
}
}),
AlgorithmIdentifier.schema(names.signature || {}),
new Integer({ name: (names.serialNumber || EMPTY_STRING) }),
AttCertValidityPeriod.schema(names.attrCertValidityPeriod || {}),
new Sequence({
name: (names.attributes || EMPTY_STRING),
value: [
new Repeated({
value: Attribute.schema()
})
]
}),
new BitString({
optional: true,
name: (names.issuerUniqueID || EMPTY_STRING)
}),
Extensions.schema(names.extensions || {}, true)
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$Z);
const asn1 = compareSchema(schema, schema, AttributeCertificateInfoV1.schema({
names: {
version: VERSION$h,
baseCertificateID: BASE_CERTIFICATE_ID$2,
subjectName: SUBJECT_NAME,
issuer: ISSUER$4,
signature: {
names: {
blockName: SIGNATURE$6
}
},
serialNumber: SERIAL_NUMBER$5,
attrCertValidityPeriod: {
names: {
blockName: ATTR_CERT_VALIDITY_PERIOD$1
}
},
attributes: ATTRIBUTES$3,
issuerUniqueID: ISSUER_UNIQUE_ID$2,
extensions: {
names: {
blockName: EXTENSIONS$4
}
}
}
}));
AsnError.assertSchema(asn1, this.className);
this.version = asn1.result.version.valueBlock.valueDec;
if (BASE_CERTIFICATE_ID$2 in asn1.result) {
this.baseCertificateID = new IssuerSerial({
schema: new Sequence({
value: asn1.result.baseCertificateID.valueBlock.value
})
});
}
if (SUBJECT_NAME in asn1.result) {
this.subjectName = new GeneralNames({
schema: new Sequence({
value: asn1.result.subjectName.valueBlock.value
})
});
}
this.issuer = asn1.result.issuer;
this.signature = new AlgorithmIdentifier({ schema: asn1.result.signature });
this.serialNumber = asn1.result.serialNumber;
this.attrCertValidityPeriod = new AttCertValidityPeriod({ schema: asn1.result.attrCertValidityPeriod });
this.attributes = Array.from(asn1.result.attributes.valueBlock.value, element => new Attribute({ schema: element }));
if (ISSUER_UNIQUE_ID$2 in asn1.result) {
this.issuerUniqueID = asn1.result.issuerUniqueID;
}
if (EXTENSIONS$4 in asn1.result) {
this.extensions = new Extensions({ schema: asn1.result.extensions });
}
}
toSchema() {
const result = new Sequence({
value: [new Integer({ value: this.version })]
});
if (this.baseCertificateID) {
result.valueBlock.value.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: this.baseCertificateID.toSchema().valueBlock.value
}));
}
if (this.subjectName) {
result.valueBlock.value.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: this.subjectName.toSchema().valueBlock.value
}));
}
result.valueBlock.value.push(this.issuer.toSchema());
result.valueBlock.value.push(this.signature.toSchema());
result.valueBlock.value.push(this.serialNumber);
result.valueBlock.value.push(this.attrCertValidityPeriod.toSchema());
result.valueBlock.value.push(new Sequence({
value: Array.from(this.attributes, o => o.toSchema())
}));
if (this.issuerUniqueID) {
result.valueBlock.value.push(this.issuerUniqueID);
}
if (this.extensions) {
result.valueBlock.value.push(this.extensions.toSchema());
}
return result;
}
toJSON() {
const result = {
version: this.version
};
if (this.baseCertificateID) {
result.baseCertificateID = this.baseCertificateID.toJSON();
}
if (this.subjectName) {
result.subjectName = this.subjectName.toJSON();
}
result.issuer = this.issuer.toJSON();
result.signature = this.signature.toJSON();
result.serialNumber = this.serialNumber.toJSON();
result.attrCertValidityPeriod = this.attrCertValidityPeriod.toJSON();
result.attributes = Array.from(this.attributes, o => o.toJSON());
if (this.issuerUniqueID) {
result.issuerUniqueID = this.issuerUniqueID.toJSON();
}
if (this.extensions) {
result.extensions = this.extensions.toJSON();
}
return result;
}
}
AttributeCertificateInfoV1.CLASS_NAME = "AttributeCertificateInfoV1";
const ACINFO$1 = "acinfo";
const SIGNATURE_ALGORITHM$7 = "signatureAlgorithm";
const SIGNATURE_VALUE$4 = "signatureValue";
const CLEAR_PROPS$Y = [
ACINFO$1,
SIGNATURE_VALUE$4,
SIGNATURE_ALGORITHM$7
];
class AttributeCertificateV1 extends PkiObject {
constructor(parameters = {}) {
super();
this.acinfo = getParametersValue(parameters, ACINFO$1, AttributeCertificateV1.defaultValues(ACINFO$1));
this.signatureAlgorithm = getParametersValue(parameters, SIGNATURE_ALGORITHM$7, AttributeCertificateV1.defaultValues(SIGNATURE_ALGORITHM$7));
this.signatureValue = getParametersValue(parameters, SIGNATURE_VALUE$4, AttributeCertificateV1.defaultValues(SIGNATURE_VALUE$4));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case ACINFO$1:
return new AttributeCertificateInfoV1();
case SIGNATURE_ALGORITHM$7:
return new AlgorithmIdentifier();
case SIGNATURE_VALUE$4:
return new BitString();
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
AttributeCertificateInfoV1.schema(names.acinfo || {}),
AlgorithmIdentifier.schema(names.signatureAlgorithm || {}),
new BitString({ name: (names.signatureValue || EMPTY_STRING) })
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$Y);
const asn1 = compareSchema(schema, schema, AttributeCertificateV1.schema({
names: {
acinfo: {
names: {
blockName: ACINFO$1
}
},
signatureAlgorithm: {
names: {
blockName: SIGNATURE_ALGORITHM$7
}
},
signatureValue: SIGNATURE_VALUE$4
}
}));
AsnError.assertSchema(asn1, this.className);
this.acinfo = new AttributeCertificateInfoV1({ schema: asn1.result.acinfo });
this.signatureAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.signatureAlgorithm });
this.signatureValue = asn1.result.signatureValue;
}
toSchema() {
return (new Sequence({
value: [
this.acinfo.toSchema(),
this.signatureAlgorithm.toSchema(),
this.signatureValue
]
}));
}
toJSON() {
return {
acinfo: this.acinfo.toJSON(),
signatureAlgorithm: this.signatureAlgorithm.toJSON(),
signatureValue: this.signatureValue.toJSON(),
};
}
}
AttributeCertificateV1.CLASS_NAME = "AttributeCertificateV1";
const DIGESTED_OBJECT_TYPE = "digestedObjectType";
const OTHER_OBJECT_TYPE_ID = "otherObjectTypeID";
const DIGEST_ALGORITHM$2 = "digestAlgorithm";
const OBJECT_DIGEST = "objectDigest";
const CLEAR_PROPS$X = [
DIGESTED_OBJECT_TYPE,
OTHER_OBJECT_TYPE_ID,
DIGEST_ALGORITHM$2,
OBJECT_DIGEST,
];
class ObjectDigestInfo extends PkiObject {
constructor(parameters = {}) {
super();
this.digestedObjectType = getParametersValue(parameters, DIGESTED_OBJECT_TYPE, ObjectDigestInfo.defaultValues(DIGESTED_OBJECT_TYPE));
if (OTHER_OBJECT_TYPE_ID in parameters) {
this.otherObjectTypeID = getParametersValue(parameters, OTHER_OBJECT_TYPE_ID, ObjectDigestInfo.defaultValues(OTHER_OBJECT_TYPE_ID));
}
this.digestAlgorithm = getParametersValue(parameters, DIGEST_ALGORITHM$2, ObjectDigestInfo.defaultValues(DIGEST_ALGORITHM$2));
this.objectDigest = getParametersValue(parameters, OBJECT_DIGEST, ObjectDigestInfo.defaultValues(OBJECT_DIGEST));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case DIGESTED_OBJECT_TYPE:
return new Enumerated();
case OTHER_OBJECT_TYPE_ID:
return new ObjectIdentifier();
case DIGEST_ALGORITHM$2:
return new AlgorithmIdentifier();
case OBJECT_DIGEST:
return new BitString();
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Enumerated({ name: (names.digestedObjectType || EMPTY_STRING) }),
new ObjectIdentifier({
optional: true,
name: (names.otherObjectTypeID || EMPTY_STRING)
}),
AlgorithmIdentifier.schema(names.digestAlgorithm || {}),
new BitString({ name: (names.objectDigest || EMPTY_STRING) }),
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$X);
const asn1 = compareSchema(schema, schema, ObjectDigestInfo.schema({
names: {
digestedObjectType: DIGESTED_OBJECT_TYPE,
otherObjectTypeID: OTHER_OBJECT_TYPE_ID,
digestAlgorithm: {
names: {
blockName: DIGEST_ALGORITHM$2
}
},
objectDigest: OBJECT_DIGEST
}
}));
AsnError.assertSchema(asn1, this.className);
this.digestedObjectType = asn1.result.digestedObjectType;
if (OTHER_OBJECT_TYPE_ID in asn1.result) {
this.otherObjectTypeID = asn1.result.otherObjectTypeID;
}
this.digestAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.digestAlgorithm });
this.objectDigest = asn1.result.objectDigest;
}
toSchema() {
const result = new Sequence({
value: [this.digestedObjectType]
});
if (this.otherObjectTypeID) {
result.valueBlock.value.push(this.otherObjectTypeID);
}
result.valueBlock.value.push(this.digestAlgorithm.toSchema());
result.valueBlock.value.push(this.objectDigest);
return result;
}
toJSON() {
const result = {
digestedObjectType: this.digestedObjectType.toJSON(),
digestAlgorithm: this.digestAlgorithm.toJSON(),
objectDigest: this.objectDigest.toJSON(),
};
if (this.otherObjectTypeID) {
result.otherObjectTypeID = this.otherObjectTypeID.toJSON();
}
return result;
}
}
ObjectDigestInfo.CLASS_NAME = "ObjectDigestInfo";
const ISSUER_NAME = "issuerName";
const BASE_CERTIFICATE_ID$1 = "baseCertificateID";
const OBJECT_DIGEST_INFO$1 = "objectDigestInfo";
const CLEAR_PROPS$W = [
ISSUER_NAME,
BASE_CERTIFICATE_ID$1,
OBJECT_DIGEST_INFO$1
];
class V2Form extends PkiObject {
constructor(parameters = {}) {
super();
if (ISSUER_NAME in parameters) {
this.issuerName = getParametersValue(parameters, ISSUER_NAME, V2Form.defaultValues(ISSUER_NAME));
}
if (BASE_CERTIFICATE_ID$1 in parameters) {
this.baseCertificateID = getParametersValue(parameters, BASE_CERTIFICATE_ID$1, V2Form.defaultValues(BASE_CERTIFICATE_ID$1));
}
if (OBJECT_DIGEST_INFO$1 in parameters) {
this.objectDigestInfo = getParametersValue(parameters, OBJECT_DIGEST_INFO$1, V2Form.defaultValues(OBJECT_DIGEST_INFO$1));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case ISSUER_NAME:
return new GeneralNames();
case BASE_CERTIFICATE_ID$1:
return new IssuerSerial();
case OBJECT_DIGEST_INFO$1:
return new ObjectDigestInfo();
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
GeneralNames.schema({
names: {
blockName: names.issuerName
}
}, true),
new Constructed({
optional: true,
name: (names.baseCertificateID || EMPTY_STRING),
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: IssuerSerial.schema().valueBlock.value
}),
new Constructed({
optional: true,
name: (names.objectDigestInfo || EMPTY_STRING),
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: ObjectDigestInfo.schema().valueBlock.value
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$W);
const asn1 = compareSchema(schema, schema, V2Form.schema({
names: {
issuerName: ISSUER_NAME,
baseCertificateID: BASE_CERTIFICATE_ID$1,
objectDigestInfo: OBJECT_DIGEST_INFO$1
}
}));
AsnError.assertSchema(asn1, this.className);
if (ISSUER_NAME in asn1.result)
this.issuerName = new GeneralNames({ schema: asn1.result.issuerName });
if (BASE_CERTIFICATE_ID$1 in asn1.result) {
this.baseCertificateID = new IssuerSerial({
schema: new Sequence({
value: asn1.result.baseCertificateID.valueBlock.value
})
});
}
if (OBJECT_DIGEST_INFO$1 in asn1.result) {
this.objectDigestInfo = new ObjectDigestInfo({
schema: new Sequence({
value: asn1.result.objectDigestInfo.valueBlock.value
})
});
}
}
toSchema() {
const result = new Sequence();
if (this.issuerName)
result.valueBlock.value.push(this.issuerName.toSchema());
if (this.baseCertificateID) {
result.valueBlock.value.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: this.baseCertificateID.toSchema().valueBlock.value
}));
}
if (this.objectDigestInfo) {
result.valueBlock.value.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: this.objectDigestInfo.toSchema().valueBlock.value
}));
}
return result;
}
toJSON() {
const result = {};
if (this.issuerName) {
result.issuerName = this.issuerName.toJSON();
}
if (this.baseCertificateID) {
result.baseCertificateID = this.baseCertificateID.toJSON();
}
if (this.objectDigestInfo) {
result.objectDigestInfo = this.objectDigestInfo.toJSON();
}
return result;
}
}
V2Form.CLASS_NAME = "V2Form";
const BASE_CERTIFICATE_ID = "baseCertificateID";
const ENTITY_NAME = "entityName";
const OBJECT_DIGEST_INFO = "objectDigestInfo";
const CLEAR_PROPS$V = [
BASE_CERTIFICATE_ID,
ENTITY_NAME,
OBJECT_DIGEST_INFO
];
class Holder extends PkiObject {
constructor(parameters = {}) {
super();
if (BASE_CERTIFICATE_ID in parameters) {
this.baseCertificateID = getParametersValue(parameters, BASE_CERTIFICATE_ID, Holder.defaultValues(BASE_CERTIFICATE_ID));
}
if (ENTITY_NAME in parameters) {
this.entityName = getParametersValue(parameters, ENTITY_NAME, Holder.defaultValues(ENTITY_NAME));
}
if (OBJECT_DIGEST_INFO in parameters) {
this.objectDigestInfo = getParametersValue(parameters, OBJECT_DIGEST_INFO, Holder.defaultValues(OBJECT_DIGEST_INFO));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case BASE_CERTIFICATE_ID:
return new IssuerSerial();
case ENTITY_NAME:
return new GeneralNames();
case OBJECT_DIGEST_INFO:
return new ObjectDigestInfo();
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Constructed({
optional: true,
name: (names.baseCertificateID || EMPTY_STRING),
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: IssuerSerial.schema().valueBlock.value
}),
new Constructed({
optional: true,
name: (names.entityName || EMPTY_STRING),
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: GeneralNames.schema().valueBlock.value
}),
new Constructed({
optional: true,
name: (names.objectDigestInfo || EMPTY_STRING),
idBlock: {
tagClass: 3,
tagNumber: 2
},
value: ObjectDigestInfo.schema().valueBlock.value
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$V);
const asn1 = compareSchema(schema, schema, Holder.schema({
names: {
baseCertificateID: BASE_CERTIFICATE_ID,
entityName: ENTITY_NAME,
objectDigestInfo: OBJECT_DIGEST_INFO
}
}));
AsnError.assertSchema(asn1, this.className);
if (BASE_CERTIFICATE_ID in asn1.result) {
this.baseCertificateID = new IssuerSerial({
schema: new Sequence({
value: asn1.result.baseCertificateID.valueBlock.value
})
});
}
if (ENTITY_NAME in asn1.result) {
this.entityName = new GeneralNames({
schema: new Sequence({
value: asn1.result.entityName.valueBlock.value
})
});
}
if (OBJECT_DIGEST_INFO in asn1.result) {
this.objectDigestInfo = new ObjectDigestInfo({
schema: new Sequence({
value: asn1.result.objectDigestInfo.valueBlock.value
})
});
}
}
toSchema() {
const result = new Sequence();
if (this.baseCertificateID) {
result.valueBlock.value.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: this.baseCertificateID.toSchema().valueBlock.value
}));
}
if (this.entityName) {
result.valueBlock.value.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: this.entityName.toSchema().valueBlock.value
}));
}
if (this.objectDigestInfo) {
result.valueBlock.value.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 2
},
value: this.objectDigestInfo.toSchema().valueBlock.value
}));
}
return result;
}
toJSON() {
const result = {};
if (this.baseCertificateID) {
result.baseCertificateID = this.baseCertificateID.toJSON();
}
if (this.entityName) {
result.entityName = this.entityName.toJSON();
}
if (this.objectDigestInfo) {
result.objectDigestInfo = this.objectDigestInfo.toJSON();
}
return result;
}
}
Holder.CLASS_NAME = "Holder";
const VERSION$g = "version";
const HOLDER = "holder";
const ISSUER$3 = "issuer";
const SIGNATURE$5 = "signature";
const SERIAL_NUMBER$4 = "serialNumber";
const ATTR_CERT_VALIDITY_PERIOD = "attrCertValidityPeriod";
const ATTRIBUTES$2 = "attributes";
const ISSUER_UNIQUE_ID$1 = "issuerUniqueID";
const EXTENSIONS$3 = "extensions";
const CLEAR_PROPS$U = [
VERSION$g,
HOLDER,
ISSUER$3,
SIGNATURE$5,
SERIAL_NUMBER$4,
ATTR_CERT_VALIDITY_PERIOD,
ATTRIBUTES$2,
ISSUER_UNIQUE_ID$1,
EXTENSIONS$3
];
class AttributeCertificateInfoV2 extends PkiObject {
constructor(parameters = {}) {
super();
this.version = getParametersValue(parameters, VERSION$g, AttributeCertificateInfoV2.defaultValues(VERSION$g));
this.holder = getParametersValue(parameters, HOLDER, AttributeCertificateInfoV2.defaultValues(HOLDER));
this.issuer = getParametersValue(parameters, ISSUER$3, AttributeCertificateInfoV2.defaultValues(ISSUER$3));
this.signature = getParametersValue(parameters, SIGNATURE$5, AttributeCertificateInfoV2.defaultValues(SIGNATURE$5));
this.serialNumber = getParametersValue(parameters, SERIAL_NUMBER$4, AttributeCertificateInfoV2.defaultValues(SERIAL_NUMBER$4));
this.attrCertValidityPeriod = getParametersValue(parameters, ATTR_CERT_VALIDITY_PERIOD, AttributeCertificateInfoV2.defaultValues(ATTR_CERT_VALIDITY_PERIOD));
this.attributes = getParametersValue(parameters, ATTRIBUTES$2, AttributeCertificateInfoV2.defaultValues(ATTRIBUTES$2));
if (ISSUER_UNIQUE_ID$1 in parameters) {
this.issuerUniqueID = getParametersValue(parameters, ISSUER_UNIQUE_ID$1, AttributeCertificateInfoV2.defaultValues(ISSUER_UNIQUE_ID$1));
}
if (EXTENSIONS$3 in parameters) {
this.extensions = getParametersValue(parameters, EXTENSIONS$3, AttributeCertificateInfoV2.defaultValues(EXTENSIONS$3));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case VERSION$g:
return 1;
case HOLDER:
return new Holder();
case ISSUER$3:
return {};
case SIGNATURE$5:
return new AlgorithmIdentifier();
case SERIAL_NUMBER$4:
return new Integer();
case ATTR_CERT_VALIDITY_PERIOD:
return new AttCertValidityPeriod();
case ATTRIBUTES$2:
return [];
case ISSUER_UNIQUE_ID$1:
return new BitString();
case EXTENSIONS$3:
return new Extensions();
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Integer({ name: (names.version || EMPTY_STRING) }),
Holder.schema(names.holder || {}),
new Choice({
value: [
GeneralNames.schema({
names: {
blockName: (names.issuer || EMPTY_STRING)
}
}),
new Constructed({
name: (names.issuer || EMPTY_STRING),
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: V2Form.schema().valueBlock.value
})
]
}),
AlgorithmIdentifier.schema(names.signature || {}),
new Integer({ name: (names.serialNumber || EMPTY_STRING) }),
AttCertValidityPeriod.schema(names.attrCertValidityPeriod || {}),
new Sequence({
name: (names.attributes || EMPTY_STRING),
value: [
new Repeated({
value: Attribute.schema()
})
]
}),
new BitString({
optional: true,
name: (names.issuerUniqueID || EMPTY_STRING)
}),
Extensions.schema(names.extensions || {}, true)
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$U);
const asn1 = compareSchema(schema, schema, AttributeCertificateInfoV2.schema({
names: {
version: VERSION$g,
holder: {
names: {
blockName: HOLDER
}
},
issuer: ISSUER$3,
signature: {
names: {
blockName: SIGNATURE$5
}
},
serialNumber: SERIAL_NUMBER$4,
attrCertValidityPeriod: {
names: {
blockName: ATTR_CERT_VALIDITY_PERIOD
}
},
attributes: ATTRIBUTES$2,
issuerUniqueID: ISSUER_UNIQUE_ID$1,
extensions: {
names: {
blockName: EXTENSIONS$3
}
}
}
}));
AsnError.assertSchema(asn1, this.className);
this.version = asn1.result.version.valueBlock.valueDec;
this.holder = new Holder({ schema: asn1.result.holder });
switch (asn1.result.issuer.idBlock.tagClass) {
case 3:
this.issuer = new V2Form({
schema: new Sequence({
value: asn1.result.issuer.valueBlock.value
})
});
break;
case 1:
default:
throw new Error("Incorrect value for 'issuer' in AttributeCertificateInfoV2");
}
this.signature = new AlgorithmIdentifier({ schema: asn1.result.signature });
this.serialNumber = asn1.result.serialNumber;
this.attrCertValidityPeriod = new AttCertValidityPeriod({ schema: asn1.result.attrCertValidityPeriod });
this.attributes = Array.from(asn1.result.attributes.valueBlock.value, element => new Attribute({ schema: element }));
if (ISSUER_UNIQUE_ID$1 in asn1.result) {
this.issuerUniqueID = asn1.result.issuerUniqueID;
}
if (EXTENSIONS$3 in asn1.result) {
this.extensions = new Extensions({ schema: asn1.result.extensions });
}
}
toSchema() {
const result = new Sequence({
value: [
new Integer({ value: this.version }),
this.holder.toSchema(),
new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: this.issuer.toSchema().valueBlock.value
}),
this.signature.toSchema(),
this.serialNumber,
this.attrCertValidityPeriod.toSchema(),
new Sequence({
value: Array.from(this.attributes, o => o.toSchema())
})
]
});
if (this.issuerUniqueID) {
result.valueBlock.value.push(this.issuerUniqueID);
}
if (this.extensions) {
result.valueBlock.value.push(this.extensions.toSchema());
}
return result;
}
toJSON() {
const result = {
version: this.version,
holder: this.holder.toJSON(),
issuer: this.issuer.toJSON(),
signature: this.signature.toJSON(),
serialNumber: this.serialNumber.toJSON(),
attrCertValidityPeriod: this.attrCertValidityPeriod.toJSON(),
attributes: Array.from(this.attributes, o => o.toJSON())
};
if (this.issuerUniqueID) {
result.issuerUniqueID = this.issuerUniqueID.toJSON();
}
if (this.extensions) {
result.extensions = this.extensions.toJSON();
}
return result;
}
}
AttributeCertificateInfoV2.CLASS_NAME = "AttributeCertificateInfoV2";
const ACINFO = "acinfo";
const SIGNATURE_ALGORITHM$6 = "signatureAlgorithm";
const SIGNATURE_VALUE$3 = "signatureValue";
const CLEAR_PROPS$T = [
ACINFO,
SIGNATURE_ALGORITHM$6,
SIGNATURE_VALUE$3,
];
class AttributeCertificateV2 extends PkiObject {
constructor(parameters = {}) {
super();
this.acinfo = getParametersValue(parameters, ACINFO, AttributeCertificateV2.defaultValues(ACINFO));
this.signatureAlgorithm = getParametersValue(parameters, SIGNATURE_ALGORITHM$6, AttributeCertificateV2.defaultValues(SIGNATURE_ALGORITHM$6));
this.signatureValue = getParametersValue(parameters, SIGNATURE_VALUE$3, AttributeCertificateV2.defaultValues(SIGNATURE_VALUE$3));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case ACINFO:
return new AttributeCertificateInfoV2();
case SIGNATURE_ALGORITHM$6:
return new AlgorithmIdentifier();
case SIGNATURE_VALUE$3:
return new BitString();
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
AttributeCertificateInfoV2.schema(names.acinfo || {}),
AlgorithmIdentifier.schema(names.signatureAlgorithm || {}),
new BitString({ name: (names.signatureValue || EMPTY_STRING) })
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$T);
const asn1 = compareSchema(schema, schema, AttributeCertificateV2.schema({
names: {
acinfo: {
names: {
blockName: ACINFO
}
},
signatureAlgorithm: {
names: {
blockName: SIGNATURE_ALGORITHM$6
}
},
signatureValue: SIGNATURE_VALUE$3
}
}));
AsnError.assertSchema(asn1, this.className);
this.acinfo = new AttributeCertificateInfoV2({ schema: asn1.result.acinfo });
this.signatureAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.signatureAlgorithm });
this.signatureValue = asn1.result.signatureValue;
}
toSchema() {
return (new Sequence({
value: [
this.acinfo.toSchema(),
this.signatureAlgorithm.toSchema(),
this.signatureValue
]
}));
}
toJSON() {
return {
acinfo: this.acinfo.toJSON(),
signatureAlgorithm: this.signatureAlgorithm.toJSON(),
signatureValue: this.signatureValue.toJSON(),
};
}
}
AttributeCertificateV2.CLASS_NAME = "AttributeCertificateV2";
const CONTENT_TYPE = "contentType";
const CONTENT = "content";
const CLEAR_PROPS$S = [CONTENT_TYPE, CONTENT];
class ContentInfo extends PkiObject {
constructor(parameters = {}) {
super();
this.contentType = getParametersValue(parameters, CONTENT_TYPE, ContentInfo.defaultValues(CONTENT_TYPE));
this.content = getParametersValue(parameters, CONTENT, ContentInfo.defaultValues(CONTENT));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case CONTENT_TYPE:
return EMPTY_STRING;
case CONTENT:
return new Any();
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case CONTENT_TYPE:
return (typeof memberValue === "string" &&
memberValue === this.defaultValues(CONTENT_TYPE));
case CONTENT:
return (memberValue instanceof Any);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
if (("optional" in names) === false) {
names.optional = false;
}
return (new Sequence({
name: (names.blockName || "ContentInfo"),
optional: names.optional,
value: [
new ObjectIdentifier({ name: (names.contentType || CONTENT_TYPE) }),
new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [new Any({ name: (names.content || CONTENT) })]
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$S);
const asn1 = compareSchema(schema, schema, ContentInfo.schema());
AsnError.assertSchema(asn1, this.className);
this.contentType = asn1.result.contentType.valueBlock.toString();
this.content = asn1.result.content;
}
toSchema() {
return (new Sequence({
value: [
new ObjectIdentifier({ value: this.contentType }),
new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [this.content]
})
]
}));
}
toJSON() {
const object = {
contentType: this.contentType
};
if (!(this.content instanceof Any)) {
object.content = this.content.toJSON();
}
return object;
}
}
ContentInfo.CLASS_NAME = "ContentInfo";
ContentInfo.DATA = id_ContentType_Data;
ContentInfo.SIGNED_DATA = id_ContentType_SignedData;
ContentInfo.ENVELOPED_DATA = id_ContentType_EnvelopedData;
ContentInfo.ENCRYPTED_DATA = id_ContentType_EncryptedData;
const TYPE$1 = "type";
const VALUE$4 = "value";
const UTC_TIME_NAME = "utcTimeName";
const GENERAL_TIME_NAME = "generalTimeName";
const CLEAR_PROPS$R = [UTC_TIME_NAME, GENERAL_TIME_NAME];
var TimeType;
(function (TimeType) {
TimeType[TimeType["UTCTime"] = 0] = "UTCTime";
TimeType[TimeType["GeneralizedTime"] = 1] = "GeneralizedTime";
TimeType[TimeType["empty"] = 2] = "empty";
})(TimeType || (TimeType = {}));
class Time extends PkiObject {
constructor(parameters = {}) {
super();
this.type = getParametersValue(parameters, TYPE$1, Time.defaultValues(TYPE$1));
this.value = getParametersValue(parameters, VALUE$4, Time.defaultValues(VALUE$4));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case TYPE$1:
return 0;
case VALUE$4:
return new Date(0, 0, 0);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}, optional = false) {
const names = getParametersValue(parameters, "names", {});
return (new Choice({
optional,
value: [
new UTCTime({ name: (names.utcTimeName || EMPTY_STRING) }),
new GeneralizedTime({ name: (names.generalTimeName || EMPTY_STRING) })
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$R);
const asn1 = compareSchema(schema, schema, Time.schema({
names: {
utcTimeName: UTC_TIME_NAME,
generalTimeName: GENERAL_TIME_NAME
}
}));
AsnError.assertSchema(asn1, this.className);
if (UTC_TIME_NAME in asn1.result) {
this.type = 0;
this.value = asn1.result.utcTimeName.toDate();
}
if (GENERAL_TIME_NAME in asn1.result) {
this.type = 1;
this.value = asn1.result.generalTimeName.toDate();
}
}
toSchema() {
if (this.type === 0) {
return new UTCTime({ valueDate: this.value });
}
else if (this.type === 1) {
return new GeneralizedTime({ valueDate: this.value });
}
return {};
}
toJSON() {
return {
type: this.type,
value: this.value
};
}
}
Time.CLASS_NAME = "Time";
const TBS$4 = "tbs";
const VERSION$f = "version";
const SERIAL_NUMBER$3 = "serialNumber";
const SIGNATURE$4 = "signature";
const ISSUER$2 = "issuer";
const NOT_BEFORE = "notBefore";
const NOT_AFTER = "notAfter";
const SUBJECT$1 = "subject";
const SUBJECT_PUBLIC_KEY_INFO = "subjectPublicKeyInfo";
const ISSUER_UNIQUE_ID = "issuerUniqueID";
const SUBJECT_UNIQUE_ID = "subjectUniqueID";
const EXTENSIONS$2 = "extensions";
const SIGNATURE_ALGORITHM$5 = "signatureAlgorithm";
const SIGNATURE_VALUE$2 = "signatureValue";
const TBS_CERTIFICATE = "tbsCertificate";
const TBS_CERTIFICATE_VERSION = `${TBS_CERTIFICATE}.${VERSION$f}`;
const TBS_CERTIFICATE_SERIAL_NUMBER = `${TBS_CERTIFICATE}.${SERIAL_NUMBER$3}`;
const TBS_CERTIFICATE_SIGNATURE = `${TBS_CERTIFICATE}.${SIGNATURE$4}`;
const TBS_CERTIFICATE_ISSUER = `${TBS_CERTIFICATE}.${ISSUER$2}`;
const TBS_CERTIFICATE_NOT_BEFORE = `${TBS_CERTIFICATE}.${NOT_BEFORE}`;
const TBS_CERTIFICATE_NOT_AFTER = `${TBS_CERTIFICATE}.${NOT_AFTER}`;
const TBS_CERTIFICATE_SUBJECT = `${TBS_CERTIFICATE}.${SUBJECT$1}`;
const TBS_CERTIFICATE_SUBJECT_PUBLIC_KEY = `${TBS_CERTIFICATE}.${SUBJECT_PUBLIC_KEY_INFO}`;
const TBS_CERTIFICATE_ISSUER_UNIQUE_ID = `${TBS_CERTIFICATE}.${ISSUER_UNIQUE_ID}`;
const TBS_CERTIFICATE_SUBJECT_UNIQUE_ID = `${TBS_CERTIFICATE}.${SUBJECT_UNIQUE_ID}`;
const TBS_CERTIFICATE_EXTENSIONS = `${TBS_CERTIFICATE}.${EXTENSIONS$2}`;
const CLEAR_PROPS$Q = [
TBS_CERTIFICATE,
TBS_CERTIFICATE_VERSION,
TBS_CERTIFICATE_SERIAL_NUMBER,
TBS_CERTIFICATE_SIGNATURE,
TBS_CERTIFICATE_ISSUER,
TBS_CERTIFICATE_NOT_BEFORE,
TBS_CERTIFICATE_NOT_AFTER,
TBS_CERTIFICATE_SUBJECT,
TBS_CERTIFICATE_SUBJECT_PUBLIC_KEY,
TBS_CERTIFICATE_ISSUER_UNIQUE_ID,
TBS_CERTIFICATE_SUBJECT_UNIQUE_ID,
TBS_CERTIFICATE_EXTENSIONS,
SIGNATURE_ALGORITHM$5,
SIGNATURE_VALUE$2
];
function tbsCertificate(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || TBS_CERTIFICATE),
value: [
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [
new Integer({ name: (names.tbsCertificateVersion || TBS_CERTIFICATE_VERSION) })
]
}),
new Integer({ name: (names.tbsCertificateSerialNumber || TBS_CERTIFICATE_SERIAL_NUMBER) }),
AlgorithmIdentifier.schema(names.signature || {
names: {
blockName: TBS_CERTIFICATE_SIGNATURE
}
}),
RelativeDistinguishedNames.schema(names.issuer || {
names: {
blockName: TBS_CERTIFICATE_ISSUER
}
}),
new Sequence({
name: (names.tbsCertificateValidity || "tbsCertificate.validity"),
value: [
Time.schema(names.notBefore || {
names: {
utcTimeName: TBS_CERTIFICATE_NOT_BEFORE,
generalTimeName: TBS_CERTIFICATE_NOT_BEFORE
}
}),
Time.schema(names.notAfter || {
names: {
utcTimeName: TBS_CERTIFICATE_NOT_AFTER,
generalTimeName: TBS_CERTIFICATE_NOT_AFTER
}
})
]
}),
RelativeDistinguishedNames.schema(names.subject || {
names: {
blockName: TBS_CERTIFICATE_SUBJECT
}
}),
PublicKeyInfo.schema(names.subjectPublicKeyInfo || {
names: {
blockName: TBS_CERTIFICATE_SUBJECT_PUBLIC_KEY
}
}),
new Primitive({
name: (names.tbsCertificateIssuerUniqueID || TBS_CERTIFICATE_ISSUER_UNIQUE_ID),
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 1
}
}),
new Primitive({
name: (names.tbsCertificateSubjectUniqueID || TBS_CERTIFICATE_SUBJECT_UNIQUE_ID),
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 2
}
}),
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 3
},
value: [Extensions.schema(names.extensions || {
names: {
blockName: TBS_CERTIFICATE_EXTENSIONS
}
})]
})
]
}));
}
class Certificate extends PkiObject {
get tbs() {
return BufferSourceConverter.toArrayBuffer(this.tbsView);
}
set tbs(value) {
this.tbsView = new Uint8Array(value);
}
constructor(parameters = {}) {
super();
this.tbsView = new Uint8Array(getParametersValue(parameters, TBS$4, Certificate.defaultValues(TBS$4)));
this.version = getParametersValue(parameters, VERSION$f, Certificate.defaultValues(VERSION$f));
this.serialNumber = getParametersValue(parameters, SERIAL_NUMBER$3, Certificate.defaultValues(SERIAL_NUMBER$3));
this.signature = getParametersValue(parameters, SIGNATURE$4, Certificate.defaultValues(SIGNATURE$4));
this.issuer = getParametersValue(parameters, ISSUER$2, Certificate.defaultValues(ISSUER$2));
this.notBefore = getParametersValue(parameters, NOT_BEFORE, Certificate.defaultValues(NOT_BEFORE));
this.notAfter = getParametersValue(parameters, NOT_AFTER, Certificate.defaultValues(NOT_AFTER));
this.subject = getParametersValue(parameters, SUBJECT$1, Certificate.defaultValues(SUBJECT$1));
this.subjectPublicKeyInfo = getParametersValue(parameters, SUBJECT_PUBLIC_KEY_INFO, Certificate.defaultValues(SUBJECT_PUBLIC_KEY_INFO));
if (ISSUER_UNIQUE_ID in parameters) {
this.issuerUniqueID = getParametersValue(parameters, ISSUER_UNIQUE_ID, Certificate.defaultValues(ISSUER_UNIQUE_ID));
}
if (SUBJECT_UNIQUE_ID in parameters) {
this.subjectUniqueID = getParametersValue(parameters, SUBJECT_UNIQUE_ID, Certificate.defaultValues(SUBJECT_UNIQUE_ID));
}
if (EXTENSIONS$2 in parameters) {
this.extensions = getParametersValue(parameters, EXTENSIONS$2, Certificate.defaultValues(EXTENSIONS$2));
}
this.signatureAlgorithm = getParametersValue(parameters, SIGNATURE_ALGORITHM$5, Certificate.defaultValues(SIGNATURE_ALGORITHM$5));
this.signatureValue = getParametersValue(parameters, SIGNATURE_VALUE$2, Certificate.defaultValues(SIGNATURE_VALUE$2));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case TBS$4:
return EMPTY_BUFFER;
case VERSION$f:
return 0;
case SERIAL_NUMBER$3:
return new Integer();
case SIGNATURE$4:
return new AlgorithmIdentifier();
case ISSUER$2:
return new RelativeDistinguishedNames();
case NOT_BEFORE:
return new Time();
case NOT_AFTER:
return new Time();
case SUBJECT$1:
return new RelativeDistinguishedNames();
case SUBJECT_PUBLIC_KEY_INFO:
return new PublicKeyInfo();
case ISSUER_UNIQUE_ID:
return EMPTY_BUFFER;
case SUBJECT_UNIQUE_ID:
return EMPTY_BUFFER;
case EXTENSIONS$2:
return [];
case SIGNATURE_ALGORITHM$5:
return new AlgorithmIdentifier();
case SIGNATURE_VALUE$2:
return new BitString();
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
tbsCertificate(names.tbsCertificate),
AlgorithmIdentifier.schema(names.signatureAlgorithm || {
names: {
blockName: SIGNATURE_ALGORITHM$5
}
}),
new BitString({ name: (names.signatureValue || SIGNATURE_VALUE$2) })
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$Q);
const asn1 = compareSchema(schema, schema, Certificate.schema({
names: {
tbsCertificate: {
names: {
extensions: {
names: {
extensions: TBS_CERTIFICATE_EXTENSIONS
}
}
}
}
}
}));
AsnError.assertSchema(asn1, this.className);
this.tbsView = asn1.result.tbsCertificate.valueBeforeDecodeView;
if (TBS_CERTIFICATE_VERSION in asn1.result)
this.version = asn1.result[TBS_CERTIFICATE_VERSION].valueBlock.valueDec;
this.serialNumber = asn1.result[TBS_CERTIFICATE_SERIAL_NUMBER];
this.signature = new AlgorithmIdentifier({ schema: asn1.result[TBS_CERTIFICATE_SIGNATURE] });
this.issuer = new RelativeDistinguishedNames({ schema: asn1.result[TBS_CERTIFICATE_ISSUER] });
this.notBefore = new Time({ schema: asn1.result[TBS_CERTIFICATE_NOT_BEFORE] });
this.notAfter = new Time({ schema: asn1.result[TBS_CERTIFICATE_NOT_AFTER] });
this.subject = new RelativeDistinguishedNames({ schema: asn1.result[TBS_CERTIFICATE_SUBJECT] });
this.subjectPublicKeyInfo = new PublicKeyInfo({ schema: asn1.result[TBS_CERTIFICATE_SUBJECT_PUBLIC_KEY] });
if (TBS_CERTIFICATE_ISSUER_UNIQUE_ID in asn1.result)
this.issuerUniqueID = asn1.result[TBS_CERTIFICATE_ISSUER_UNIQUE_ID].valueBlock.valueHex;
if (TBS_CERTIFICATE_SUBJECT_UNIQUE_ID in asn1.result)
this.subjectUniqueID = asn1.result[TBS_CERTIFICATE_SUBJECT_UNIQUE_ID].valueBlock.valueHex;
if (TBS_CERTIFICATE_EXTENSIONS in asn1.result)
this.extensions = Array.from(asn1.result[TBS_CERTIFICATE_EXTENSIONS], element => new Extension({ schema: element }));
this.signatureAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.signatureAlgorithm });
this.signatureValue = asn1.result.signatureValue;
}
encodeTBS() {
const outputArray = [];
if ((VERSION$f in this) && (this.version !== Certificate.defaultValues(VERSION$f))) {
outputArray.push(new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [
new Integer({ value: this.version })
]
}));
}
outputArray.push(this.serialNumber);
outputArray.push(this.signature.toSchema());
outputArray.push(this.issuer.toSchema());
outputArray.push(new Sequence({
value: [
this.notBefore.toSchema(),
this.notAfter.toSchema()
]
}));
outputArray.push(this.subject.toSchema());
outputArray.push(this.subjectPublicKeyInfo.toSchema());
if (this.issuerUniqueID) {
outputArray.push(new Primitive({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 1
},
valueHex: this.issuerUniqueID
}));
}
if (this.subjectUniqueID) {
outputArray.push(new Primitive({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 2
},
valueHex: this.subjectUniqueID
}));
}
if (this.extensions) {
outputArray.push(new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 3
},
value: [new Sequence({
value: Array.from(this.extensions, o => o.toSchema())
})]
}));
}
return (new Sequence({
value: outputArray
}));
}
toSchema(encodeFlag = false) {
let tbsSchema;
if (encodeFlag === false) {
if (!this.tbsView.byteLength) {
return Certificate.schema().value[0];
}
const asn1 = fromBER(this.tbsView);
AsnError.assert(asn1, "TBS Certificate");
tbsSchema = asn1.result;
}
else {
tbsSchema = this.encodeTBS();
}
return (new Sequence({
value: [
tbsSchema,
this.signatureAlgorithm.toSchema(),
this.signatureValue
]
}));
}
toJSON() {
const res = {
tbs: Convert.ToHex(this.tbsView),
version: this.version,
serialNumber: this.serialNumber.toJSON(),
signature: this.signature.toJSON(),
issuer: this.issuer.toJSON(),
notBefore: this.notBefore.toJSON(),
notAfter: this.notAfter.toJSON(),
subject: this.subject.toJSON(),
subjectPublicKeyInfo: this.subjectPublicKeyInfo.toJSON(),
signatureAlgorithm: this.signatureAlgorithm.toJSON(),
signatureValue: this.signatureValue.toJSON(),
};
if ((VERSION$f in this) && (this.version !== Certificate.defaultValues(VERSION$f))) {
res.version = this.version;
}
if (this.issuerUniqueID) {
res.issuerUniqueID = Convert.ToHex(this.issuerUniqueID);
}
if (this.subjectUniqueID) {
res.subjectUniqueID = Convert.ToHex(this.subjectUniqueID);
}
if (this.extensions) {
res.extensions = Array.from(this.extensions, o => o.toJSON());
}
return res;
}
async getPublicKey(parameters, crypto = getCrypto(true)) {
return crypto.getPublicKey(this.subjectPublicKeyInfo, this.signatureAlgorithm, parameters);
}
async getKeyHash(hashAlgorithm = "SHA-1", crypto = getCrypto(true)) {
return crypto.digest({ name: hashAlgorithm }, this.subjectPublicKeyInfo.subjectPublicKey.valueBlock.valueHexView);
}
async sign(privateKey, hashAlgorithm = "SHA-1", crypto = getCrypto(true)) {
if (!privateKey) {
throw new Error("Need to provide a private key for signing");
}
const signatureParameters = await crypto.getSignatureParameters(privateKey, hashAlgorithm);
const parameters = signatureParameters.parameters;
this.signature = signatureParameters.signatureAlgorithm;
this.signatureAlgorithm = signatureParameters.signatureAlgorithm;
this.tbsView = new Uint8Array(this.encodeTBS().toBER());
const signature = await crypto.signWithPrivateKey(this.tbsView, privateKey, parameters);
this.signatureValue = new BitString({ valueHex: signature });
}
async verify(issuerCertificate, crypto = getCrypto(true)) {
let subjectPublicKeyInfo;
if (issuerCertificate) {
subjectPublicKeyInfo = issuerCertificate.subjectPublicKeyInfo;
}
else if (this.issuer.isEqual(this.subject)) {
subjectPublicKeyInfo = this.subjectPublicKeyInfo;
}
if (!(subjectPublicKeyInfo instanceof PublicKeyInfo)) {
throw new Error("Please provide issuer certificate as a parameter");
}
return crypto.verifyWithPublicKey(this.tbsView, this.signatureValue, subjectPublicKeyInfo, this.signatureAlgorithm);
}
}
Certificate.CLASS_NAME = "Certificate";
function checkCA(cert, signerCert = null) {
if (signerCert && cert.issuer.isEqual(signerCert.issuer) && cert.serialNumber.isEqual(signerCert.serialNumber)) {
return null;
}
let isCA = false;
if (cert.extensions) {
for (const extension of cert.extensions) {
if (extension.extnID === id_BasicConstraints && extension.parsedValue instanceof BasicConstraints) {
if (extension.parsedValue.cA) {
isCA = true;
break;
}
}
}
}
if (isCA) {
return cert;
}
return null;
}
const CERT_ID$1 = "certId";
const CERT_VALUE = "certValue";
const PARSED_VALUE$4 = "parsedValue";
const CLEAR_PROPS$P = [
CERT_ID$1,
CERT_VALUE
];
class CertBag extends PkiObject {
constructor(parameters = {}) {
super();
this.certId = getParametersValue(parameters, CERT_ID$1, CertBag.defaultValues(CERT_ID$1));
this.certValue = getParametersValue(parameters, CERT_VALUE, CertBag.defaultValues(CERT_VALUE));
if (PARSED_VALUE$4 in parameters) {
this.parsedValue = getParametersValue(parameters, PARSED_VALUE$4, CertBag.defaultValues(PARSED_VALUE$4));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case CERT_ID$1:
return EMPTY_STRING;
case CERT_VALUE:
return (new Any());
case PARSED_VALUE$4:
return {};
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case CERT_ID$1:
return (memberValue === EMPTY_STRING);
case CERT_VALUE:
return (memberValue instanceof Any);
case PARSED_VALUE$4:
return ((memberValue instanceof Object) && (Object.keys(memberValue).length === 0));
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new ObjectIdentifier({ name: (names.id || "id") }),
new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [new Any({ name: (names.value || "value") })]
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$P);
const asn1 = compareSchema(schema, schema, CertBag.schema({
names: {
id: CERT_ID$1,
value: CERT_VALUE
}
}));
AsnError.assertSchema(asn1, this.className);
this.certId = asn1.result.certId.valueBlock.toString();
this.certValue = asn1.result.certValue;
const certValueHex = this.certValue.valueBlock.valueHexView;
switch (this.certId) {
case id_CertBag_X509Certificate:
{
try {
this.parsedValue = Certificate.fromBER(certValueHex);
}
catch {
AttributeCertificateV2.fromBER(certValueHex);
}
}
break;
case id_CertBag_AttributeCertificate:
{
this.parsedValue = AttributeCertificateV2.fromBER(certValueHex);
}
break;
case id_CertBag_SDSICertificate:
default:
throw new Error(`Incorrect CERT_ID value in CertBag: ${this.certId}`);
}
}
toSchema() {
if (PARSED_VALUE$4 in this) {
if ("acinfo" in this.parsedValue) {
this.certId = id_CertBag_AttributeCertificate;
}
else {
this.certId = id_CertBag_X509Certificate;
}
this.certValue = new OctetString({ valueHex: this.parsedValue.toSchema().toBER(false) });
}
return (new Sequence({
value: [
new ObjectIdentifier({ value: this.certId }),
new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [(("toSchema" in this.certValue) ? this.certValue.toSchema() : this.certValue)]
})
]
}));
}
toJSON() {
return {
certId: this.certId,
certValue: this.certValue.toJSON()
};
}
}
CertBag.CLASS_NAME = "CertBag";
const USER_CERTIFICATE = "userCertificate";
const REVOCATION_DATE = "revocationDate";
const CRL_ENTRY_EXTENSIONS = "crlEntryExtensions";
const CLEAR_PROPS$O = [
USER_CERTIFICATE,
REVOCATION_DATE,
CRL_ENTRY_EXTENSIONS
];
class RevokedCertificate extends PkiObject {
constructor(parameters = {}) {
super();
this.userCertificate = getParametersValue(parameters, USER_CERTIFICATE, RevokedCertificate.defaultValues(USER_CERTIFICATE));
this.revocationDate = getParametersValue(parameters, REVOCATION_DATE, RevokedCertificate.defaultValues(REVOCATION_DATE));
if (CRL_ENTRY_EXTENSIONS in parameters) {
this.crlEntryExtensions = getParametersValue(parameters, CRL_ENTRY_EXTENSIONS, RevokedCertificate.defaultValues(CRL_ENTRY_EXTENSIONS));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case USER_CERTIFICATE:
return new Integer();
case REVOCATION_DATE:
return new Time();
case CRL_ENTRY_EXTENSIONS:
return new Extensions();
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Integer({ name: (names.userCertificate || USER_CERTIFICATE) }),
Time.schema({
names: {
utcTimeName: (names.revocationDate || REVOCATION_DATE),
generalTimeName: (names.revocationDate || REVOCATION_DATE)
}
}),
Extensions.schema({
names: {
blockName: (names.crlEntryExtensions || CRL_ENTRY_EXTENSIONS)
}
}, true)
]
});
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$O);
const asn1 = compareSchema(schema, schema, RevokedCertificate.schema());
AsnError.assertSchema(asn1, this.className);
this.userCertificate = asn1.result.userCertificate;
this.revocationDate = new Time({ schema: asn1.result.revocationDate });
if (CRL_ENTRY_EXTENSIONS in asn1.result) {
this.crlEntryExtensions = new Extensions({ schema: asn1.result.crlEntryExtensions });
}
}
toSchema() {
const outputArray = [
this.userCertificate,
this.revocationDate.toSchema()
];
if (this.crlEntryExtensions) {
outputArray.push(this.crlEntryExtensions.toSchema());
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const res = {
userCertificate: this.userCertificate.toJSON(),
revocationDate: this.revocationDate.toJSON(),
};
if (this.crlEntryExtensions) {
res.crlEntryExtensions = this.crlEntryExtensions.toJSON();
}
return res;
}
}
RevokedCertificate.CLASS_NAME = "RevokedCertificate";
const TBS$3 = "tbs";
const VERSION$e = "version";
const SIGNATURE$3 = "signature";
const ISSUER$1 = "issuer";
const THIS_UPDATE$1 = "thisUpdate";
const NEXT_UPDATE$1 = "nextUpdate";
const REVOKED_CERTIFICATES = "revokedCertificates";
const CRL_EXTENSIONS = "crlExtensions";
const SIGNATURE_ALGORITHM$4 = "signatureAlgorithm";
const SIGNATURE_VALUE$1 = "signatureValue";
const TBS_CERT_LIST = "tbsCertList";
const TBS_CERT_LIST_VERSION = `${TBS_CERT_LIST}.version`;
const TBS_CERT_LIST_SIGNATURE = `${TBS_CERT_LIST}.signature`;
const TBS_CERT_LIST_ISSUER = `${TBS_CERT_LIST}.issuer`;
const TBS_CERT_LIST_THIS_UPDATE = `${TBS_CERT_LIST}.thisUpdate`;
const TBS_CERT_LIST_NEXT_UPDATE = `${TBS_CERT_LIST}.nextUpdate`;
const TBS_CERT_LIST_REVOKED_CERTIFICATES = `${TBS_CERT_LIST}.revokedCertificates`;
const TBS_CERT_LIST_EXTENSIONS = `${TBS_CERT_LIST}.extensions`;
const CLEAR_PROPS$N = [
TBS_CERT_LIST,
TBS_CERT_LIST_VERSION,
TBS_CERT_LIST_SIGNATURE,
TBS_CERT_LIST_ISSUER,
TBS_CERT_LIST_THIS_UPDATE,
TBS_CERT_LIST_NEXT_UPDATE,
TBS_CERT_LIST_REVOKED_CERTIFICATES,
TBS_CERT_LIST_EXTENSIONS,
SIGNATURE_ALGORITHM$4,
SIGNATURE_VALUE$1
];
function tbsCertList(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || TBS_CERT_LIST),
value: [
new Integer({
optional: true,
name: (names.tbsCertListVersion || TBS_CERT_LIST_VERSION),
value: 2
}),
AlgorithmIdentifier.schema(names.signature || {
names: {
blockName: TBS_CERT_LIST_SIGNATURE
}
}),
RelativeDistinguishedNames.schema(names.issuer || {
names: {
blockName: TBS_CERT_LIST_ISSUER
}
}),
Time.schema(names.tbsCertListThisUpdate || {
names: {
utcTimeName: TBS_CERT_LIST_THIS_UPDATE,
generalTimeName: TBS_CERT_LIST_THIS_UPDATE
}
}),
Time.schema(names.tbsCertListNextUpdate || {
names: {
utcTimeName: TBS_CERT_LIST_NEXT_UPDATE,
generalTimeName: TBS_CERT_LIST_NEXT_UPDATE
}
}, true),
new Sequence({
optional: true,
value: [
new Repeated({
name: (names.tbsCertListRevokedCertificates || TBS_CERT_LIST_REVOKED_CERTIFICATES),
value: new Sequence({
value: [
new Integer(),
Time.schema(),
Extensions.schema({}, true)
]
})
})
]
}),
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [Extensions.schema(names.crlExtensions || {
names: {
blockName: TBS_CERT_LIST_EXTENSIONS
}
})]
})
]
}));
}
const WELL_KNOWN_EXTENSIONS = [
id_AuthorityKeyIdentifier,
id_IssuerAltName,
id_CRLNumber,
id_BaseCRLNumber,
id_IssuingDistributionPoint,
id_FreshestCRL,
id_AuthorityInfoAccess,
id_CRLReason,
id_InvalidityDate,
id_CertificateIssuer,
];
class CertificateRevocationList extends PkiObject {
get tbs() {
return BufferSourceConverter.toArrayBuffer(this.tbsView);
}
set tbs(value) {
this.tbsView = new Uint8Array(value);
}
constructor(parameters = {}) {
super();
this.tbsView = new Uint8Array(getParametersValue(parameters, TBS$3, CertificateRevocationList.defaultValues(TBS$3)));
this.version = getParametersValue(parameters, VERSION$e, CertificateRevocationList.defaultValues(VERSION$e));
this.signature = getParametersValue(parameters, SIGNATURE$3, CertificateRevocationList.defaultValues(SIGNATURE$3));
this.issuer = getParametersValue(parameters, ISSUER$1, CertificateRevocationList.defaultValues(ISSUER$1));
this.thisUpdate = getParametersValue(parameters, THIS_UPDATE$1, CertificateRevocationList.defaultValues(THIS_UPDATE$1));
if (NEXT_UPDATE$1 in parameters) {
this.nextUpdate = getParametersValue(parameters, NEXT_UPDATE$1, CertificateRevocationList.defaultValues(NEXT_UPDATE$1));
}
if (REVOKED_CERTIFICATES in parameters) {
this.revokedCertificates = getParametersValue(parameters, REVOKED_CERTIFICATES, CertificateRevocationList.defaultValues(REVOKED_CERTIFICATES));
}
if (CRL_EXTENSIONS in parameters) {
this.crlExtensions = getParametersValue(parameters, CRL_EXTENSIONS, CertificateRevocationList.defaultValues(CRL_EXTENSIONS));
}
this.signatureAlgorithm = getParametersValue(parameters, SIGNATURE_ALGORITHM$4, CertificateRevocationList.defaultValues(SIGNATURE_ALGORITHM$4));
this.signatureValue = getParametersValue(parameters, SIGNATURE_VALUE$1, CertificateRevocationList.defaultValues(SIGNATURE_VALUE$1));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case TBS$3:
return EMPTY_BUFFER;
case VERSION$e:
return 0;
case SIGNATURE$3:
return new AlgorithmIdentifier();
case ISSUER$1:
return new RelativeDistinguishedNames();
case THIS_UPDATE$1:
return new Time();
case NEXT_UPDATE$1:
return new Time();
case REVOKED_CERTIFICATES:
return [];
case CRL_EXTENSIONS:
return new Extensions();
case SIGNATURE_ALGORITHM$4:
return new AlgorithmIdentifier();
case SIGNATURE_VALUE$1:
return new BitString();
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || "CertificateList"),
value: [
tbsCertList(parameters),
AlgorithmIdentifier.schema(names.signatureAlgorithm || {
names: {
blockName: SIGNATURE_ALGORITHM$4
}
}),
new BitString({ name: (names.signatureValue || SIGNATURE_VALUE$1) })
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$N);
const asn1 = compareSchema(schema, schema, CertificateRevocationList.schema());
AsnError.assertSchema(asn1, this.className);
this.tbsView = asn1.result.tbsCertList.valueBeforeDecodeView;
if (TBS_CERT_LIST_VERSION in asn1.result) {
this.version = asn1.result[TBS_CERT_LIST_VERSION].valueBlock.valueDec;
}
this.signature = new AlgorithmIdentifier({ schema: asn1.result[TBS_CERT_LIST_SIGNATURE] });
this.issuer = new RelativeDistinguishedNames({ schema: asn1.result[TBS_CERT_LIST_ISSUER] });
this.thisUpdate = new Time({ schema: asn1.result[TBS_CERT_LIST_THIS_UPDATE] });
if (TBS_CERT_LIST_NEXT_UPDATE in asn1.result) {
this.nextUpdate = new Time({ schema: asn1.result[TBS_CERT_LIST_NEXT_UPDATE] });
}
if (TBS_CERT_LIST_REVOKED_CERTIFICATES in asn1.result) {
this.revokedCertificates = Array.from(asn1.result[TBS_CERT_LIST_REVOKED_CERTIFICATES], element => new RevokedCertificate({ schema: element }));
}
if (TBS_CERT_LIST_EXTENSIONS in asn1.result) {
this.crlExtensions = new Extensions({ schema: asn1.result[TBS_CERT_LIST_EXTENSIONS] });
}
this.signatureAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.signatureAlgorithm });
this.signatureValue = asn1.result.signatureValue;
}
encodeTBS() {
const outputArray = [];
if (this.version !== CertificateRevocationList.defaultValues(VERSION$e)) {
outputArray.push(new Integer({ value: this.version }));
}
outputArray.push(this.signature.toSchema());
outputArray.push(this.issuer.toSchema());
outputArray.push(this.thisUpdate.toSchema());
if (this.nextUpdate) {
outputArray.push(this.nextUpdate.toSchema());
}
if (this.revokedCertificates) {
outputArray.push(new Sequence({
value: Array.from(this.revokedCertificates, o => o.toSchema())
}));
}
if (this.crlExtensions) {
outputArray.push(new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [
this.crlExtensions.toSchema()
]
}));
}
return (new Sequence({
value: outputArray
}));
}
toSchema(encodeFlag = false) {
let tbsSchema;
if (!encodeFlag) {
if (!this.tbsView.byteLength) {
return CertificateRevocationList.schema();
}
const asn1 = fromBER(this.tbsView);
AsnError.assert(asn1, "TBS Certificate Revocation List");
tbsSchema = asn1.result;
}
else {
tbsSchema = this.encodeTBS();
}
return (new Sequence({
value: [
tbsSchema,
this.signatureAlgorithm.toSchema(),
this.signatureValue
]
}));
}
toJSON() {
const res = {
tbs: Convert.ToHex(this.tbsView),
version: this.version,
signature: this.signature.toJSON(),
issuer: this.issuer.toJSON(),
thisUpdate: this.thisUpdate.toJSON(),
signatureAlgorithm: this.signatureAlgorithm.toJSON(),
signatureValue: this.signatureValue.toJSON()
};
if (this.version !== CertificateRevocationList.defaultValues(VERSION$e))
res.version = this.version;
if (this.nextUpdate) {
res.nextUpdate = this.nextUpdate.toJSON();
}
if (this.revokedCertificates) {
res.revokedCertificates = Array.from(this.revokedCertificates, o => o.toJSON());
}
if (this.crlExtensions) {
res.crlExtensions = this.crlExtensions.toJSON();
}
return res;
}
isCertificateRevoked(certificate) {
if (!this.issuer.isEqual(certificate.issuer)) {
return false;
}
if (!this.revokedCertificates) {
return false;
}
for (const revokedCertificate of this.revokedCertificates) {
if (revokedCertificate.userCertificate.isEqual(certificate.serialNumber)) {
return true;
}
}
return false;
}
async sign(privateKey, hashAlgorithm = "SHA-1", crypto = getCrypto(true)) {
if (!privateKey) {
throw new Error("Need to provide a private key for signing");
}
const signatureParameters = await crypto.getSignatureParameters(privateKey, hashAlgorithm);
const { parameters } = signatureParameters;
this.signature = signatureParameters.signatureAlgorithm;
this.signatureAlgorithm = signatureParameters.signatureAlgorithm;
this.tbsView = new Uint8Array(this.encodeTBS().toBER());
const signature = await crypto.signWithPrivateKey(this.tbsView, privateKey, parameters);
this.signatureValue = new BitString({ valueHex: signature });
}
async verify(parameters = {}, crypto = getCrypto(true)) {
let subjectPublicKeyInfo;
if (parameters.issuerCertificate) {
subjectPublicKeyInfo = parameters.issuerCertificate.subjectPublicKeyInfo;
if (!this.issuer.isEqual(parameters.issuerCertificate.subject)) {
return false;
}
}
if (parameters.publicKeyInfo) {
subjectPublicKeyInfo = parameters.publicKeyInfo;
}
if (!subjectPublicKeyInfo) {
throw new Error("Issuer's certificate must be provided as an input parameter");
}
if (this.crlExtensions) {
for (const extension of this.crlExtensions.extensions) {
if (extension.critical) {
if (!WELL_KNOWN_EXTENSIONS.includes(extension.extnID))
return false;
}
}
}
return crypto.verifyWithPublicKey(this.tbsView, this.signatureValue, subjectPublicKeyInfo, this.signatureAlgorithm);
}
}
CertificateRevocationList.CLASS_NAME = "CertificateRevocationList";
const CRL_ID = "crlId";
const CRL_VALUE = "crlValue";
const PARSED_VALUE$3 = "parsedValue";
const CLEAR_PROPS$M = [
CRL_ID,
CRL_VALUE,
];
class CRLBag extends PkiObject {
constructor(parameters = {}) {
super();
this.crlId = getParametersValue(parameters, CRL_ID, CRLBag.defaultValues(CRL_ID));
this.crlValue = getParametersValue(parameters, CRL_VALUE, CRLBag.defaultValues(CRL_VALUE));
if (PARSED_VALUE$3 in parameters) {
this.parsedValue = getParametersValue(parameters, PARSED_VALUE$3, CRLBag.defaultValues(PARSED_VALUE$3));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case CRL_ID:
return EMPTY_STRING;
case CRL_VALUE:
return (new Any());
case PARSED_VALUE$3:
return {};
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case CRL_ID:
return (memberValue === EMPTY_STRING);
case CRL_VALUE:
return (memberValue instanceof Any);
case PARSED_VALUE$3:
return ((memberValue instanceof Object) && (Object.keys(memberValue).length === 0));
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new ObjectIdentifier({ name: (names.id || "id") }),
new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [new Any({ name: (names.value || "value") })]
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$M);
const asn1 = compareSchema(schema, schema, CRLBag.schema({
names: {
id: CRL_ID,
value: CRL_VALUE
}
}));
AsnError.assertSchema(asn1, this.className);
this.crlId = asn1.result.crlId.valueBlock.toString();
this.crlValue = asn1.result.crlValue;
switch (this.crlId) {
case id_CRLBag_X509CRL:
{
this.parsedValue = CertificateRevocationList.fromBER(this.certValue.valueBlock.valueHex);
}
break;
default:
throw new Error(`Incorrect CRL_ID value in CRLBag: ${this.crlId}`);
}
}
toSchema() {
if (this.parsedValue) {
this.crlId = id_CRLBag_X509CRL;
this.crlValue = new OctetString({ valueHex: this.parsedValue.toSchema().toBER(false) });
}
return (new Sequence({
value: [
new ObjectIdentifier({ value: this.crlId }),
new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [this.crlValue.toSchema()]
})
]
}));
}
toJSON() {
return {
crlId: this.crlId,
crlValue: this.crlValue.toJSON()
};
}
}
CRLBag.CLASS_NAME = "CRLBag";
const VERSION$d = "version";
const ENCRYPTED_CONTENT_INFO$1 = "encryptedContentInfo";
const UNPROTECTED_ATTRS$1 = "unprotectedAttrs";
const CLEAR_PROPS$L = [
VERSION$d,
ENCRYPTED_CONTENT_INFO$1,
UNPROTECTED_ATTRS$1,
];
class EncryptedData extends PkiObject {
constructor(parameters = {}) {
super();
this.version = getParametersValue(parameters, VERSION$d, EncryptedData.defaultValues(VERSION$d));
this.encryptedContentInfo = getParametersValue(parameters, ENCRYPTED_CONTENT_INFO$1, EncryptedData.defaultValues(ENCRYPTED_CONTENT_INFO$1));
if (UNPROTECTED_ATTRS$1 in parameters) {
this.unprotectedAttrs = getParametersValue(parameters, UNPROTECTED_ATTRS$1, EncryptedData.defaultValues(UNPROTECTED_ATTRS$1));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case VERSION$d:
return 0;
case ENCRYPTED_CONTENT_INFO$1:
return new EncryptedContentInfo();
case UNPROTECTED_ATTRS$1:
return [];
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case VERSION$d:
return (memberValue === 0);
case ENCRYPTED_CONTENT_INFO$1:
return ((EncryptedContentInfo.compareWithDefault("contentType", memberValue.contentType)) &&
(EncryptedContentInfo.compareWithDefault("contentEncryptionAlgorithm", memberValue.contentEncryptionAlgorithm)) &&
(EncryptedContentInfo.compareWithDefault("encryptedContent", memberValue.encryptedContent)));
case UNPROTECTED_ATTRS$1:
return (memberValue.length === 0);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Integer({ name: (names.version || EMPTY_STRING) }),
EncryptedContentInfo.schema(names.encryptedContentInfo || {}),
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: [
new Repeated({
name: (names.unprotectedAttrs || EMPTY_STRING),
value: Attribute.schema()
})
]
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$L);
const asn1 = compareSchema(schema, schema, EncryptedData.schema({
names: {
version: VERSION$d,
encryptedContentInfo: {
names: {
blockName: ENCRYPTED_CONTENT_INFO$1
}
},
unprotectedAttrs: UNPROTECTED_ATTRS$1
}
}));
AsnError.assertSchema(asn1, this.className);
this.version = asn1.result.version.valueBlock.valueDec;
this.encryptedContentInfo = new EncryptedContentInfo({ schema: asn1.result.encryptedContentInfo });
if (UNPROTECTED_ATTRS$1 in asn1.result)
this.unprotectedAttrs = Array.from(asn1.result.unprotectedAttrs, element => new Attribute({ schema: element }));
}
toSchema() {
const outputArray = [];
outputArray.push(new Integer({ value: this.version }));
outputArray.push(this.encryptedContentInfo.toSchema());
if (this.unprotectedAttrs) {
outputArray.push(new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: Array.from(this.unprotectedAttrs, o => o.toSchema())
}));
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const res = {
version: this.version,
encryptedContentInfo: this.encryptedContentInfo.toJSON()
};
if (this.unprotectedAttrs)
res.unprotectedAttrs = Array.from(this.unprotectedAttrs, o => o.toJSON());
return res;
}
async encrypt(parameters, crypto = getCrypto(true)) {
ArgumentError.assert(parameters, "parameters", "object");
const encryptParams = {
...parameters,
contentType: "1.2.840.113549.1.7.1",
};
this.encryptedContentInfo = await crypto.encryptEncryptedContentInfo(encryptParams);
}
async decrypt(parameters, crypto = getCrypto(true)) {
ArgumentError.assert(parameters, "parameters", "object");
const decryptParams = {
...parameters,
encryptedContentInfo: this.encryptedContentInfo,
};
return crypto.decryptEncryptedContentInfo(decryptParams);
}
}
EncryptedData.CLASS_NAME = "EncryptedData";
const ENCRYPTION_ALGORITHM = "encryptionAlgorithm";
const ENCRYPTED_DATA = "encryptedData";
const PARSED_VALUE$2 = "parsedValue";
const CLEAR_PROPS$K = [
ENCRYPTION_ALGORITHM,
ENCRYPTED_DATA,
];
class PKCS8ShroudedKeyBag extends PkiObject {
constructor(parameters = {}) {
super();
this.encryptionAlgorithm = getParametersValue(parameters, ENCRYPTION_ALGORITHM, PKCS8ShroudedKeyBag.defaultValues(ENCRYPTION_ALGORITHM));
this.encryptedData = getParametersValue(parameters, ENCRYPTED_DATA, PKCS8ShroudedKeyBag.defaultValues(ENCRYPTED_DATA));
if (PARSED_VALUE$2 in parameters) {
this.parsedValue = getParametersValue(parameters, PARSED_VALUE$2, PKCS8ShroudedKeyBag.defaultValues(PARSED_VALUE$2));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case ENCRYPTION_ALGORITHM:
return (new AlgorithmIdentifier());
case ENCRYPTED_DATA:
return (new OctetString());
case PARSED_VALUE$2:
return {};
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case ENCRYPTION_ALGORITHM:
return ((AlgorithmIdentifier.compareWithDefault("algorithmId", memberValue.algorithmId)) &&
(("algorithmParams" in memberValue) === false));
case ENCRYPTED_DATA:
return (memberValue.isEqual(PKCS8ShroudedKeyBag.defaultValues(memberName)));
case PARSED_VALUE$2:
return ((memberValue instanceof Object) && (Object.keys(memberValue).length === 0));
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
AlgorithmIdentifier.schema(names.encryptionAlgorithm || {
names: {
blockName: ENCRYPTION_ALGORITHM
}
}),
new Choice({
value: [
new OctetString({ name: (names.encryptedData || ENCRYPTED_DATA) }),
new OctetString({
idBlock: {
isConstructed: true
},
name: (names.encryptedData || ENCRYPTED_DATA)
})
]
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$K);
const asn1 = compareSchema(schema, schema, PKCS8ShroudedKeyBag.schema({
names: {
encryptionAlgorithm: {
names: {
blockName: ENCRYPTION_ALGORITHM
}
},
encryptedData: ENCRYPTED_DATA
}
}));
AsnError.assertSchema(asn1, this.className);
this.encryptionAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.encryptionAlgorithm });
this.encryptedData = asn1.result.encryptedData;
}
toSchema() {
return (new Sequence({
value: [
this.encryptionAlgorithm.toSchema(),
this.encryptedData
]
}));
}
toJSON() {
return {
encryptionAlgorithm: this.encryptionAlgorithm.toJSON(),
encryptedData: this.encryptedData.toJSON(),
};
}
async parseInternalValues(parameters, crypto = getCrypto(true)) {
const cmsEncrypted = new EncryptedData({
encryptedContentInfo: new EncryptedContentInfo({
contentEncryptionAlgorithm: this.encryptionAlgorithm,
encryptedContent: this.encryptedData
})
});
const decryptedData = await cmsEncrypted.decrypt(parameters, crypto);
this.parsedValue = PrivateKeyInfo.fromBER(decryptedData);
}
async makeInternalValues(parameters, crypto = getCrypto(true)) {
if (!this.parsedValue) {
throw new Error("Please initialize \"parsedValue\" first");
}
const cmsEncrypted = new EncryptedData();
const encryptParams = {
...parameters,
contentToEncrypt: this.parsedValue.toSchema().toBER(false),
};
await cmsEncrypted.encrypt(encryptParams, crypto);
if (!cmsEncrypted.encryptedContentInfo.encryptedContent) {
throw new Error("The filed `encryptedContent` in EncryptedContentInfo is empty");
}
this.encryptionAlgorithm = cmsEncrypted.encryptedContentInfo.contentEncryptionAlgorithm;
this.encryptedData = cmsEncrypted.encryptedContentInfo.encryptedContent;
}
}
PKCS8ShroudedKeyBag.CLASS_NAME = "PKCS8ShroudedKeyBag";
const SECRET_TYPE_ID = "secretTypeId";
const SECRET_VALUE = "secretValue";
const CLEAR_PROPS$J = [
SECRET_TYPE_ID,
SECRET_VALUE,
];
class SecretBag extends PkiObject {
constructor(parameters = {}) {
super();
this.secretTypeId = getParametersValue(parameters, SECRET_TYPE_ID, SecretBag.defaultValues(SECRET_TYPE_ID));
this.secretValue = getParametersValue(parameters, SECRET_VALUE, SecretBag.defaultValues(SECRET_VALUE));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case SECRET_TYPE_ID:
return EMPTY_STRING;
case SECRET_VALUE:
return (new Any());
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case SECRET_TYPE_ID:
return (memberValue === EMPTY_STRING);
case SECRET_VALUE:
return (memberValue instanceof Any);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new ObjectIdentifier({ name: (names.id || "id") }),
new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [new Any({ name: (names.value || "value") })]
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$J);
const asn1 = compareSchema(schema, schema, SecretBag.schema({
names: {
id: SECRET_TYPE_ID,
value: SECRET_VALUE
}
}));
AsnError.assertSchema(asn1, this.className);
this.secretTypeId = asn1.result.secretTypeId.valueBlock.toString();
this.secretValue = asn1.result.secretValue;
}
toSchema() {
return (new Sequence({
value: [
new ObjectIdentifier({ value: this.secretTypeId }),
new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [this.secretValue.toSchema()]
})
]
}));
}
toJSON() {
return {
secretTypeId: this.secretTypeId,
secretValue: this.secretValue.toJSON()
};
}
}
SecretBag.CLASS_NAME = "SecretBag";
class SafeBagValueFactory {
static getItems() {
if (!this.items) {
this.items = {};
SafeBagValueFactory.register("1.2.840.113549.1.12.10.1.1", PrivateKeyInfo);
SafeBagValueFactory.register("1.2.840.113549.1.12.10.1.2", PKCS8ShroudedKeyBag);
SafeBagValueFactory.register("1.2.840.113549.1.12.10.1.3", CertBag);
SafeBagValueFactory.register("1.2.840.113549.1.12.10.1.4", CRLBag);
SafeBagValueFactory.register("1.2.840.113549.1.12.10.1.5", SecretBag);
SafeBagValueFactory.register("1.2.840.113549.1.12.10.1.6", SafeContents);
}
return this.items;
}
static register(id, type) {
this.getItems()[id] = type;
}
static find(id) {
return this.getItems()[id] || null;
}
}
const BAG_ID = "bagId";
const BAG_VALUE = "bagValue";
const BAG_ATTRIBUTES = "bagAttributes";
const CLEAR_PROPS$I = [
BAG_ID,
BAG_VALUE,
BAG_ATTRIBUTES
];
class SafeBag extends PkiObject {
constructor(parameters = {}) {
super();
this.bagId = getParametersValue(parameters, BAG_ID, SafeBag.defaultValues(BAG_ID));
this.bagValue = getParametersValue(parameters, BAG_VALUE, SafeBag.defaultValues(BAG_VALUE));
if (BAG_ATTRIBUTES in parameters) {
this.bagAttributes = getParametersValue(parameters, BAG_ATTRIBUTES, SafeBag.defaultValues(BAG_ATTRIBUTES));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case BAG_ID:
return EMPTY_STRING;
case BAG_VALUE:
return (new Any());
case BAG_ATTRIBUTES:
return [];
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case BAG_ID:
return (memberValue === EMPTY_STRING);
case BAG_VALUE:
return (memberValue instanceof Any);
case BAG_ATTRIBUTES:
return (memberValue.length === 0);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new ObjectIdentifier({ name: (names.bagId || BAG_ID) }),
new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [new Any({ name: (names.bagValue || BAG_VALUE) })]
}),
new Set({
optional: true,
value: [
new Repeated({
name: (names.bagAttributes || BAG_ATTRIBUTES),
value: Attribute.schema()
})
]
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$I);
const asn1 = compareSchema(schema, schema, SafeBag.schema({
names: {
bagId: BAG_ID,
bagValue: BAG_VALUE,
bagAttributes: BAG_ATTRIBUTES
}
}));
AsnError.assertSchema(asn1, this.className);
this.bagId = asn1.result.bagId.valueBlock.toString();
const bagType = SafeBagValueFactory.find(this.bagId);
if (!bagType) {
throw new Error(`Invalid BAG_ID for SafeBag: ${this.bagId}`);
}
this.bagValue = new bagType({ schema: asn1.result.bagValue });
if (BAG_ATTRIBUTES in asn1.result) {
this.bagAttributes = Array.from(asn1.result.bagAttributes, element => new Attribute({ schema: element }));
}
}
toSchema() {
const outputArray = [
new ObjectIdentifier({ value: this.bagId }),
new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [this.bagValue.toSchema()]
})
];
if (this.bagAttributes) {
outputArray.push(new Set({
value: Array.from(this.bagAttributes, o => o.toSchema())
}));
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const output = {
bagId: this.bagId,
bagValue: this.bagValue.toJSON()
};
if (this.bagAttributes) {
output.bagAttributes = Array.from(this.bagAttributes, o => o.toJSON());
}
return output;
}
}
SafeBag.CLASS_NAME = "SafeBag";
const SAFE_BUGS = "safeBags";
class SafeContents extends PkiObject {
constructor(parameters = {}) {
super();
this.safeBags = getParametersValue(parameters, SAFE_BUGS, SafeContents.defaultValues(SAFE_BUGS));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case SAFE_BUGS:
return [];
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case SAFE_BUGS:
return (memberValue.length === 0);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Repeated({
name: (names.safeBags || EMPTY_STRING),
value: SafeBag.schema()
})
]
}));
}
fromSchema(schema) {
clearProps(schema, [
SAFE_BUGS
]);
const asn1 = compareSchema(schema, schema, SafeContents.schema({
names: {
safeBags: SAFE_BUGS
}
}));
AsnError.assertSchema(asn1, this.className);
this.safeBags = Array.from(asn1.result.safeBags, element => new SafeBag({ schema: element }));
}
toSchema() {
return (new Sequence({
value: Array.from(this.safeBags, o => o.toSchema())
}));
}
toJSON() {
return {
safeBags: Array.from(this.safeBags, o => o.toJSON())
};
}
}
SafeContents.CLASS_NAME = "SafeContents";
const OTHER_CERT_FORMAT = "otherCertFormat";
const OTHER_CERT = "otherCert";
const CLEAR_PROPS$H = [
OTHER_CERT_FORMAT,
OTHER_CERT
];
class OtherCertificateFormat extends PkiObject {
constructor(parameters = {}) {
super();
this.otherCertFormat = getParametersValue(parameters, OTHER_CERT_FORMAT, OtherCertificateFormat.defaultValues(OTHER_CERT_FORMAT));
this.otherCert = getParametersValue(parameters, OTHER_CERT, OtherCertificateFormat.defaultValues(OTHER_CERT));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case OTHER_CERT_FORMAT:
return EMPTY_STRING;
case OTHER_CERT:
return new Any();
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new ObjectIdentifier({ name: (names.otherCertFormat || OTHER_CERT_FORMAT) }),
new Any({ name: (names.otherCert || OTHER_CERT) })
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$H);
const asn1 = compareSchema(schema, schema, OtherCertificateFormat.schema());
AsnError.assertSchema(asn1, this.className);
this.otherCertFormat = asn1.result.otherCertFormat.valueBlock.toString();
this.otherCert = asn1.result.otherCert;
}
toSchema() {
return (new Sequence({
value: [
new ObjectIdentifier({ value: this.otherCertFormat }),
this.otherCert
]
}));
}
toJSON() {
const res = {
otherCertFormat: this.otherCertFormat
};
if (!(this.otherCert instanceof Any)) {
res.otherCert = this.otherCert.toJSON();
}
return res;
}
}
const CERTIFICATES$1 = "certificates";
const CLEAR_PROPS$G = [
CERTIFICATES$1,
];
class CertificateSet extends PkiObject {
constructor(parameters = {}) {
super();
this.certificates = getParametersValue(parameters, CERTIFICATES$1, CertificateSet.defaultValues(CERTIFICATES$1));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case CERTIFICATES$1:
return [];
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Set({
name: (names.blockName || EMPTY_STRING),
value: [
new Repeated({
name: (names.certificates || CERTIFICATES$1),
value: new Choice({
value: [
Certificate.schema(),
new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [
new Any()
]
}),
new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: [
new Sequence
]
}),
new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 2
},
value: AttributeCertificateV2.schema().valueBlock.value
}),
new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 3
},
value: OtherCertificateFormat.schema().valueBlock.value
})
]
})
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$G);
const asn1 = compareSchema(schema, schema, CertificateSet.schema());
AsnError.assertSchema(asn1, this.className);
this.certificates = Array.from(asn1.result.certificates || [], (element) => {
const initialTagNumber = element.idBlock.tagNumber;
if (element.idBlock.tagClass === 1)
return new Certificate({ schema: element });
const elementSequence = new Sequence({
value: element.valueBlock.value
});
switch (initialTagNumber) {
case 1:
if (elementSequence.valueBlock.value[0].valueBlock.value[0].valueBlock.valueDec === 1) {
return new AttributeCertificateV2({ schema: elementSequence });
}
else {
return new AttributeCertificateV1({ schema: elementSequence });
}
case 2:
return new AttributeCertificateV2({ schema: elementSequence });
case 3:
return new OtherCertificateFormat({ schema: elementSequence });
}
return element;
});
}
toSchema() {
return (new Set({
value: Array.from(this.certificates, element => {
switch (true) {
case (element instanceof Certificate):
return element.toSchema();
case (element instanceof AttributeCertificateV1):
return new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: element.toSchema().valueBlock.value
});
case (element instanceof AttributeCertificateV2):
return new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 2
},
value: element.toSchema().valueBlock.value
});
case (element instanceof OtherCertificateFormat):
return new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 3
},
value: element.toSchema().valueBlock.value
});
}
return element.toSchema();
})
}));
}
toJSON() {
return {
certificates: Array.from(this.certificates, o => o.toJSON())
};
}
}
CertificateSet.CLASS_NAME = "CertificateSet";
const OTHER_REV_INFO_FORMAT = "otherRevInfoFormat";
const OTHER_REV_INFO = "otherRevInfo";
const CLEAR_PROPS$F = [
OTHER_REV_INFO_FORMAT,
OTHER_REV_INFO
];
class OtherRevocationInfoFormat extends PkiObject {
constructor(parameters = {}) {
super();
this.otherRevInfoFormat = getParametersValue(parameters, OTHER_REV_INFO_FORMAT, OtherRevocationInfoFormat.defaultValues(OTHER_REV_INFO_FORMAT));
this.otherRevInfo = getParametersValue(parameters, OTHER_REV_INFO, OtherRevocationInfoFormat.defaultValues(OTHER_REV_INFO));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case OTHER_REV_INFO_FORMAT:
return EMPTY_STRING;
case OTHER_REV_INFO:
return new Any();
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new ObjectIdentifier({ name: (names.otherRevInfoFormat || OTHER_REV_INFO_FORMAT) }),
new Any({ name: (names.otherRevInfo || OTHER_REV_INFO) })
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$F);
const asn1 = compareSchema(schema, schema, OtherRevocationInfoFormat.schema());
AsnError.assertSchema(asn1, this.className);
this.otherRevInfoFormat = asn1.result.otherRevInfoFormat.valueBlock.toString();
this.otherRevInfo = asn1.result.otherRevInfo;
}
toSchema() {
return (new Sequence({
value: [
new ObjectIdentifier({ value: this.otherRevInfoFormat }),
this.otherRevInfo
]
}));
}
toJSON() {
const res = {
otherRevInfoFormat: this.otherRevInfoFormat
};
if (!(this.otherRevInfo instanceof Any)) {
res.otherRevInfo = this.otherRevInfo.toJSON();
}
return res;
}
}
OtherRevocationInfoFormat.CLASS_NAME = "OtherRevocationInfoFormat";
const CRLS$3 = "crls";
const OTHER_REVOCATION_INFOS = "otherRevocationInfos";
const CLEAR_PROPS$E = [
CRLS$3
];
class RevocationInfoChoices extends PkiObject {
constructor(parameters = {}) {
super();
this.crls = getParametersValue(parameters, CRLS$3, RevocationInfoChoices.defaultValues(CRLS$3));
this.otherRevocationInfos = getParametersValue(parameters, OTHER_REVOCATION_INFOS, RevocationInfoChoices.defaultValues(OTHER_REVOCATION_INFOS));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case CRLS$3:
return [];
case OTHER_REVOCATION_INFOS:
return [];
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Set({
name: (names.blockName || EMPTY_STRING),
value: [
new Repeated({
name: (names.crls || EMPTY_STRING),
value: new Choice({
value: [
CertificateRevocationList.schema(),
new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: [
new ObjectIdentifier(),
new Any()
]
})
]
})
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$E);
const asn1 = compareSchema(schema, schema, RevocationInfoChoices.schema({
names: {
crls: CRLS$3
}
}));
AsnError.assertSchema(asn1, this.className);
if (asn1.result.crls) {
for (const element of asn1.result.crls) {
if (element.idBlock.tagClass === 1)
this.crls.push(new CertificateRevocationList({ schema: element }));
else
this.otherRevocationInfos.push(new OtherRevocationInfoFormat({ schema: element }));
}
}
}
toSchema() {
const outputArray = [];
outputArray.push(...Array.from(this.crls, o => o.toSchema()));
outputArray.push(...Array.from(this.otherRevocationInfos, element => {
const schema = element.toSchema();
schema.idBlock.tagClass = 3;
schema.idBlock.tagNumber = 1;
return schema;
}));
return (new Set({
value: outputArray
}));
}
toJSON() {
return {
crls: Array.from(this.crls, o => o.toJSON()),
otherRevocationInfos: Array.from(this.otherRevocationInfos, o => o.toJSON())
};
}
}
RevocationInfoChoices.CLASS_NAME = "RevocationInfoChoices";
const CERTS$3 = "certs";
const CRLS$2 = "crls";
const CLEAR_PROPS$D = [
CERTS$3,
CRLS$2,
];
class OriginatorInfo extends PkiObject {
constructor(parameters = {}) {
super();
this.crls = getParametersValue(parameters, CRLS$2, OriginatorInfo.defaultValues(CRLS$2));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case CERTS$3:
return new CertificateSet();
case CRLS$2:
return new RevocationInfoChoices();
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case CERTS$3:
return (memberValue.certificates.length === 0);
case CRLS$2:
return ((memberValue.crls.length === 0) && (memberValue.otherRevocationInfos.length === 0));
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Constructed({
name: (names.certs || EMPTY_STRING),
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: CertificateSet.schema().valueBlock.value
}),
new Constructed({
name: (names.crls || EMPTY_STRING),
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: RevocationInfoChoices.schema().valueBlock.value
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$D);
const asn1 = compareSchema(schema, schema, OriginatorInfo.schema({
names: {
certs: CERTS$3,
crls: CRLS$2
}
}));
AsnError.assertSchema(asn1, this.className);
if (CERTS$3 in asn1.result) {
this.certs = new CertificateSet({
schema: new Set({
value: asn1.result.certs.valueBlock.value
})
});
}
if (CRLS$2 in asn1.result) {
this.crls = new RevocationInfoChoices({
schema: new Set({
value: asn1.result.crls.valueBlock.value
})
});
}
}
toSchema() {
const sequenceValue = [];
if (this.certs) {
sequenceValue.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: this.certs.toSchema().valueBlock.value
}));
}
if (this.crls) {
sequenceValue.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: this.crls.toSchema().valueBlock.value
}));
}
return (new Sequence({
value: sequenceValue
}));
}
toJSON() {
const res = {};
if (this.certs) {
res.certs = this.certs.toJSON();
}
if (this.crls) {
res.crls = this.crls.toJSON();
}
return res;
}
}
OriginatorInfo.CLASS_NAME = "OriginatorInfo";
const ISSUER = "issuer";
const SERIAL_NUMBER$2 = "serialNumber";
const CLEAR_PROPS$C = [
ISSUER,
SERIAL_NUMBER$2,
];
class IssuerAndSerialNumber extends PkiObject {
constructor(parameters = {}) {
super();
this.issuer = getParametersValue(parameters, ISSUER, IssuerAndSerialNumber.defaultValues(ISSUER));
this.serialNumber = getParametersValue(parameters, SERIAL_NUMBER$2, IssuerAndSerialNumber.defaultValues(SERIAL_NUMBER$2));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case ISSUER:
return new RelativeDistinguishedNames();
case SERIAL_NUMBER$2:
return new Integer();
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
RelativeDistinguishedNames.schema(names.issuer || {}),
new Integer({ name: (names.serialNumber || EMPTY_STRING) })
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$C);
const asn1 = compareSchema(schema, schema, IssuerAndSerialNumber.schema({
names: {
issuer: {
names: {
blockName: ISSUER
}
},
serialNumber: SERIAL_NUMBER$2
}
}));
AsnError.assertSchema(asn1, this.className);
this.issuer = new RelativeDistinguishedNames({ schema: asn1.result.issuer });
this.serialNumber = asn1.result.serialNumber;
}
toSchema() {
return (new Sequence({
value: [
this.issuer.toSchema(),
this.serialNumber
]
}));
}
toJSON() {
return {
issuer: this.issuer.toJSON(),
serialNumber: this.serialNumber.toJSON(),
};
}
}
IssuerAndSerialNumber.CLASS_NAME = "IssuerAndSerialNumber";
const VARIANT$3 = "variant";
const VALUE$3 = "value";
const CLEAR_PROPS$B = [
"blockName"
];
class RecipientIdentifier extends PkiObject {
constructor(parameters = {}) {
super();
this.variant = getParametersValue(parameters, VARIANT$3, RecipientIdentifier.defaultValues(VARIANT$3));
if (VALUE$3 in parameters) {
this.value = getParametersValue(parameters, VALUE$3, RecipientIdentifier.defaultValues(VALUE$3));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case VARIANT$3:
return (-1);
case VALUE$3:
return {};
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case VARIANT$3:
return (memberValue === (-1));
case VALUE$3:
return (Object.keys(memberValue).length === 0);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Choice({
value: [
IssuerAndSerialNumber.schema({
names: {
blockName: (names.blockName || EMPTY_STRING)
}
}),
new Primitive({
name: (names.blockName || EMPTY_STRING),
idBlock: {
tagClass: 3,
tagNumber: 0
}
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$B);
const asn1 = compareSchema(schema, schema, RecipientIdentifier.schema({
names: {
blockName: "blockName"
}
}));
AsnError.assertSchema(asn1, this.className);
if (asn1.result.blockName.idBlock.tagClass === 1) {
this.variant = 1;
this.value = new IssuerAndSerialNumber({ schema: asn1.result.blockName });
}
else {
this.variant = 2;
this.value = new OctetString({ valueHex: asn1.result.blockName.valueBlock.valueHex });
}
}
toSchema() {
switch (this.variant) {
case 1:
if (!(this.value instanceof IssuerAndSerialNumber)) {
throw new Error("Incorrect type of RecipientIdentifier.value. It should be IssuerAndSerialNumber.");
}
return this.value.toSchema();
case 2:
if (!(this.value instanceof OctetString)) {
throw new Error("Incorrect type of RecipientIdentifier.value. It should be ASN.1 OctetString.");
}
return new Primitive({
idBlock: {
tagClass: 3,
tagNumber: 0
},
valueHex: this.value.valueBlock.valueHexView
});
default:
return new Any();
}
}
toJSON() {
const res = {
variant: this.variant
};
if ((this.variant === 1 || this.variant === 2) && this.value) {
res.value = this.value.toJSON();
}
return res;
}
}
RecipientIdentifier.CLASS_NAME = "RecipientIdentifier";
const VERSION$c = "version";
const RID$1 = "rid";
const KEY_ENCRYPTION_ALGORITHM$3 = "keyEncryptionAlgorithm";
const ENCRYPTED_KEY$3 = "encryptedKey";
const RECIPIENT_CERTIFICATE$1 = "recipientCertificate";
const CLEAR_PROPS$A = [
VERSION$c,
RID$1,
KEY_ENCRYPTION_ALGORITHM$3,
ENCRYPTED_KEY$3,
];
class KeyTransRecipientInfo extends PkiObject {
constructor(parameters = {}) {
super();
this.version = getParametersValue(parameters, VERSION$c, KeyTransRecipientInfo.defaultValues(VERSION$c));
this.rid = getParametersValue(parameters, RID$1, KeyTransRecipientInfo.defaultValues(RID$1));
this.keyEncryptionAlgorithm = getParametersValue(parameters, KEY_ENCRYPTION_ALGORITHM$3, KeyTransRecipientInfo.defaultValues(KEY_ENCRYPTION_ALGORITHM$3));
this.encryptedKey = getParametersValue(parameters, ENCRYPTED_KEY$3, KeyTransRecipientInfo.defaultValues(ENCRYPTED_KEY$3));
this.recipientCertificate = getParametersValue(parameters, RECIPIENT_CERTIFICATE$1, KeyTransRecipientInfo.defaultValues(RECIPIENT_CERTIFICATE$1));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case VERSION$c:
return (-1);
case RID$1:
return {};
case KEY_ENCRYPTION_ALGORITHM$3:
return new AlgorithmIdentifier();
case ENCRYPTED_KEY$3:
return new OctetString();
case RECIPIENT_CERTIFICATE$1:
return new Certificate();
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case VERSION$c:
return (memberValue === KeyTransRecipientInfo.defaultValues(VERSION$c));
case RID$1:
return (Object.keys(memberValue).length === 0);
case KEY_ENCRYPTION_ALGORITHM$3:
case ENCRYPTED_KEY$3:
return memberValue.isEqual(KeyTransRecipientInfo.defaultValues(memberName));
case RECIPIENT_CERTIFICATE$1:
return false;
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Integer({ name: (names.version || EMPTY_STRING) }),
RecipientIdentifier.schema(names.rid || {}),
AlgorithmIdentifier.schema(names.keyEncryptionAlgorithm || {}),
new OctetString({ name: (names.encryptedKey || EMPTY_STRING) })
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$A);
const asn1 = compareSchema(schema, schema, KeyTransRecipientInfo.schema({
names: {
version: VERSION$c,
rid: {
names: {
blockName: RID$1
}
},
keyEncryptionAlgorithm: {
names: {
blockName: KEY_ENCRYPTION_ALGORITHM$3
}
},
encryptedKey: ENCRYPTED_KEY$3
}
}));
AsnError.assertSchema(asn1, this.className);
this.version = asn1.result.version.valueBlock.valueDec;
if (asn1.result.rid.idBlock.tagClass === 3) {
this.rid = new OctetString({ valueHex: asn1.result.rid.valueBlock.valueHex });
}
else {
this.rid = new IssuerAndSerialNumber({ schema: asn1.result.rid });
}
this.keyEncryptionAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.keyEncryptionAlgorithm });
this.encryptedKey = asn1.result.encryptedKey;
}
toSchema() {
const outputArray = [];
if (this.rid instanceof IssuerAndSerialNumber) {
this.version = 0;
outputArray.push(new Integer({ value: this.version }));
outputArray.push(this.rid.toSchema());
}
else {
this.version = 2;
outputArray.push(new Integer({ value: this.version }));
outputArray.push(new Primitive({
idBlock: {
tagClass: 3,
tagNumber: 0
},
valueHex: this.rid.valueBlock.valueHexView
}));
}
outputArray.push(this.keyEncryptionAlgorithm.toSchema());
outputArray.push(this.encryptedKey);
return (new Sequence({
value: outputArray
}));
}
toJSON() {
return {
version: this.version,
rid: this.rid.toJSON(),
keyEncryptionAlgorithm: this.keyEncryptionAlgorithm.toJSON(),
encryptedKey: this.encryptedKey.toJSON(),
};
}
}
KeyTransRecipientInfo.CLASS_NAME = "KeyTransRecipientInfo";
const ALGORITHM = "algorithm";
const PUBLIC_KEY = "publicKey";
const CLEAR_PROPS$z = [
ALGORITHM,
PUBLIC_KEY
];
class OriginatorPublicKey extends PkiObject {
constructor(parameters = {}) {
super();
this.algorithm = getParametersValue(parameters, ALGORITHM, OriginatorPublicKey.defaultValues(ALGORITHM));
this.publicKey = getParametersValue(parameters, PUBLIC_KEY, OriginatorPublicKey.defaultValues(PUBLIC_KEY));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case ALGORITHM:
return new AlgorithmIdentifier();
case PUBLIC_KEY:
return new BitString();
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case ALGORITHM:
case PUBLIC_KEY:
return (memberValue.isEqual(OriginatorPublicKey.defaultValues(memberName)));
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
AlgorithmIdentifier.schema(names.algorithm || {}),
new BitString({ name: (names.publicKey || EMPTY_STRING) })
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$z);
const asn1 = compareSchema(schema, schema, OriginatorPublicKey.schema({
names: {
algorithm: {
names: {
blockName: ALGORITHM
}
},
publicKey: PUBLIC_KEY
}
}));
AsnError.assertSchema(asn1, this.className);
this.algorithm = new AlgorithmIdentifier({ schema: asn1.result.algorithm });
this.publicKey = asn1.result.publicKey;
}
toSchema() {
return (new Sequence({
value: [
this.algorithm.toSchema(),
this.publicKey
]
}));
}
toJSON() {
return {
algorithm: this.algorithm.toJSON(),
publicKey: this.publicKey.toJSON(),
};
}
}
OriginatorPublicKey.CLASS_NAME = "OriginatorPublicKey";
const VARIANT$2 = "variant";
const VALUE$2 = "value";
const CLEAR_PROPS$y = [
"blockName",
];
class OriginatorIdentifierOrKey extends PkiObject {
constructor(parameters = {}) {
super();
this.variant = getParametersValue(parameters, VARIANT$2, OriginatorIdentifierOrKey.defaultValues(VARIANT$2));
if (VALUE$2 in parameters) {
this.value = getParametersValue(parameters, VALUE$2, OriginatorIdentifierOrKey.defaultValues(VALUE$2));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case VARIANT$2:
return (-1);
case VALUE$2:
return {};
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case VARIANT$2:
return (memberValue === (-1));
case VALUE$2:
return (Object.keys(memberValue).length === 0);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Choice({
value: [
IssuerAndSerialNumber.schema({
names: {
blockName: (names.blockName || EMPTY_STRING)
}
}),
new Primitive({
idBlock: {
tagClass: 3,
tagNumber: 0
},
name: (names.blockName || EMPTY_STRING)
}),
new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 1
},
name: (names.blockName || EMPTY_STRING),
value: OriginatorPublicKey.schema().valueBlock.value
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$y);
const asn1 = compareSchema(schema, schema, OriginatorIdentifierOrKey.schema({
names: {
blockName: "blockName"
}
}));
AsnError.assertSchema(asn1, this.className);
if (asn1.result.blockName.idBlock.tagClass === 1) {
this.variant = 1;
this.value = new IssuerAndSerialNumber({ schema: asn1.result.blockName });
}
else {
if (asn1.result.blockName.idBlock.tagNumber === 0) {
asn1.result.blockName.idBlock.tagClass = 1;
asn1.result.blockName.idBlock.tagNumber = 4;
this.variant = 2;
this.value = asn1.result.blockName;
}
else {
this.variant = 3;
this.value = new OriginatorPublicKey({
schema: new Sequence({
value: asn1.result.blockName.valueBlock.value
})
});
}
}
}
toSchema() {
switch (this.variant) {
case 1:
return this.value.toSchema();
case 2:
this.value.idBlock.tagClass = 3;
this.value.idBlock.tagNumber = 0;
return this.value;
case 3:
{
const _schema = this.value.toSchema();
_schema.idBlock.tagClass = 3;
_schema.idBlock.tagNumber = 1;
return _schema;
}
default:
return new Any();
}
}
toJSON() {
const res = {
variant: this.variant
};
if ((this.variant === 1) || (this.variant === 2) || (this.variant === 3)) {
res.value = this.value.toJSON();
}
return res;
}
}
OriginatorIdentifierOrKey.CLASS_NAME = "OriginatorIdentifierOrKey";
const KEY_ATTR_ID = "keyAttrId";
const KEY_ATTR = "keyAttr";
const CLEAR_PROPS$x = [
KEY_ATTR_ID,
KEY_ATTR,
];
class OtherKeyAttribute extends PkiObject {
constructor(parameters = {}) {
super();
this.keyAttrId = getParametersValue(parameters, KEY_ATTR_ID, OtherKeyAttribute.defaultValues(KEY_ATTR_ID));
if (KEY_ATTR in parameters) {
this.keyAttr = getParametersValue(parameters, KEY_ATTR, OtherKeyAttribute.defaultValues(KEY_ATTR));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case KEY_ATTR_ID:
return EMPTY_STRING;
case KEY_ATTR:
return {};
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case KEY_ATTR_ID:
return (typeof memberValue === "string" && memberValue === EMPTY_STRING);
case KEY_ATTR:
return (Object.keys(memberValue).length === 0);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
optional: (names.optional || true),
name: (names.blockName || EMPTY_STRING),
value: [
new ObjectIdentifier({ name: (names.keyAttrId || EMPTY_STRING) }),
new Any({
optional: true,
name: (names.keyAttr || EMPTY_STRING)
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$x);
const asn1 = compareSchema(schema, schema, OtherKeyAttribute.schema({
names: {
keyAttrId: KEY_ATTR_ID,
keyAttr: KEY_ATTR
}
}));
AsnError.assertSchema(asn1, this.className);
this.keyAttrId = asn1.result.keyAttrId.valueBlock.toString();
if (KEY_ATTR in asn1.result) {
this.keyAttr = asn1.result.keyAttr;
}
}
toSchema() {
const outputArray = [];
outputArray.push(new ObjectIdentifier({ value: this.keyAttrId }));
if (KEY_ATTR in this) {
outputArray.push(this.keyAttr);
}
return (new Sequence({
value: outputArray,
}));
}
toJSON() {
const res = {
keyAttrId: this.keyAttrId
};
if (KEY_ATTR in this) {
res.keyAttr = this.keyAttr.toJSON();
}
return res;
}
}
OtherKeyAttribute.CLASS_NAME = "OtherKeyAttribute";
const SUBJECT_KEY_IDENTIFIER = "subjectKeyIdentifier";
const DATE$1 = "date";
const OTHER$1 = "other";
const CLEAR_PROPS$w = [
SUBJECT_KEY_IDENTIFIER,
DATE$1,
OTHER$1,
];
class RecipientKeyIdentifier extends PkiObject {
constructor(parameters = {}) {
super();
this.subjectKeyIdentifier = getParametersValue(parameters, SUBJECT_KEY_IDENTIFIER, RecipientKeyIdentifier.defaultValues(SUBJECT_KEY_IDENTIFIER));
if (DATE$1 in parameters) {
this.date = getParametersValue(parameters, DATE$1, RecipientKeyIdentifier.defaultValues(DATE$1));
}
if (OTHER$1 in parameters) {
this.other = getParametersValue(parameters, OTHER$1, RecipientKeyIdentifier.defaultValues(OTHER$1));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case SUBJECT_KEY_IDENTIFIER:
return new OctetString();
case DATE$1:
return new GeneralizedTime();
case OTHER$1:
return new OtherKeyAttribute();
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case SUBJECT_KEY_IDENTIFIER:
return (memberValue.isEqual(RecipientKeyIdentifier.defaultValues(SUBJECT_KEY_IDENTIFIER)));
case DATE$1:
return ((memberValue.year === 0) &&
(memberValue.month === 0) &&
(memberValue.day === 0) &&
(memberValue.hour === 0) &&
(memberValue.minute === 0) &&
(memberValue.second === 0) &&
(memberValue.millisecond === 0));
case OTHER$1:
return ((memberValue.keyAttrId === EMPTY_STRING) && (("keyAttr" in memberValue) === false));
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new OctetString({ name: (names.subjectKeyIdentifier || EMPTY_STRING) }),
new GeneralizedTime({
optional: true,
name: (names.date || EMPTY_STRING)
}),
OtherKeyAttribute.schema(names.other || {})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$w);
const asn1 = compareSchema(schema, schema, RecipientKeyIdentifier.schema({
names: {
subjectKeyIdentifier: SUBJECT_KEY_IDENTIFIER,
date: DATE$1,
other: {
names: {
blockName: OTHER$1
}
}
}
}));
AsnError.assertSchema(asn1, this.className);
this.subjectKeyIdentifier = asn1.result.subjectKeyIdentifier;
if (DATE$1 in asn1.result)
this.date = asn1.result.date;
if (OTHER$1 in asn1.result)
this.other = new OtherKeyAttribute({ schema: asn1.result.other });
}
toSchema() {
const outputArray = [];
outputArray.push(this.subjectKeyIdentifier);
if (this.date) {
outputArray.push(this.date);
}
if (this.other) {
outputArray.push(this.other.toSchema());
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const res = {
subjectKeyIdentifier: this.subjectKeyIdentifier.toJSON()
};
if (this.date) {
res.date = this.date.toJSON();
}
if (this.other) {
res.other = this.other.toJSON();
}
return res;
}
}
RecipientKeyIdentifier.CLASS_NAME = "RecipientKeyIdentifier";
const VARIANT$1 = "variant";
const VALUE$1 = "value";
const CLEAR_PROPS$v = [
"blockName",
];
class KeyAgreeRecipientIdentifier extends PkiObject {
constructor(parameters = {}) {
super();
this.variant = getParametersValue(parameters, VARIANT$1, KeyAgreeRecipientIdentifier.defaultValues(VARIANT$1));
this.value = getParametersValue(parameters, VALUE$1, KeyAgreeRecipientIdentifier.defaultValues(VALUE$1));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case VARIANT$1:
return (-1);
case VALUE$1:
return {};
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case VARIANT$1:
return (memberValue === (-1));
case VALUE$1:
return (Object.keys(memberValue).length === 0);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Choice({
value: [
IssuerAndSerialNumber.schema(names.issuerAndSerialNumber || {
names: {
blockName: (names.blockName || EMPTY_STRING)
}
}),
new Constructed({
name: (names.blockName || EMPTY_STRING),
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: RecipientKeyIdentifier.schema(names.rKeyId || {
names: {
blockName: (names.blockName || EMPTY_STRING)
}
}).valueBlock.value
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$v);
const asn1 = compareSchema(schema, schema, KeyAgreeRecipientIdentifier.schema({
names: {
blockName: "blockName"
}
}));
AsnError.assertSchema(asn1, this.className);
if (asn1.result.blockName.idBlock.tagClass === 1) {
this.variant = 1;
this.value = new IssuerAndSerialNumber({ schema: asn1.result.blockName });
}
else {
this.variant = 2;
this.value = new RecipientKeyIdentifier({
schema: new Sequence({
value: asn1.result.blockName.valueBlock.value
})
});
}
}
toSchema() {
switch (this.variant) {
case 1:
return this.value.toSchema();
case 2:
return new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: this.value.toSchema().valueBlock.value
});
default:
return new Any();
}
}
toJSON() {
const res = {
variant: this.variant,
};
if ((this.variant === 1) || (this.variant === 2)) {
res.value = this.value.toJSON();
}
return res;
}
}
KeyAgreeRecipientIdentifier.CLASS_NAME = "KeyAgreeRecipientIdentifier";
const RID = "rid";
const ENCRYPTED_KEY$2 = "encryptedKey";
const CLEAR_PROPS$u = [
RID,
ENCRYPTED_KEY$2,
];
class RecipientEncryptedKey extends PkiObject {
constructor(parameters = {}) {
super();
this.rid = getParametersValue(parameters, RID, RecipientEncryptedKey.defaultValues(RID));
this.encryptedKey = getParametersValue(parameters, ENCRYPTED_KEY$2, RecipientEncryptedKey.defaultValues(ENCRYPTED_KEY$2));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case RID:
return new KeyAgreeRecipientIdentifier();
case ENCRYPTED_KEY$2:
return new OctetString();
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case RID:
return ((memberValue.variant === (-1)) && (("value" in memberValue) === false));
case ENCRYPTED_KEY$2:
return (memberValue.isEqual(RecipientEncryptedKey.defaultValues(ENCRYPTED_KEY$2)));
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
KeyAgreeRecipientIdentifier.schema(names.rid || {}),
new OctetString({ name: (names.encryptedKey || EMPTY_STRING) })
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$u);
const asn1 = compareSchema(schema, schema, RecipientEncryptedKey.schema({
names: {
rid: {
names: {
blockName: RID
}
},
encryptedKey: ENCRYPTED_KEY$2
}
}));
AsnError.assertSchema(asn1, this.className);
this.rid = new KeyAgreeRecipientIdentifier({ schema: asn1.result.rid });
this.encryptedKey = asn1.result.encryptedKey;
}
toSchema() {
return (new Sequence({
value: [
this.rid.toSchema(),
this.encryptedKey
]
}));
}
toJSON() {
return {
rid: this.rid.toJSON(),
encryptedKey: this.encryptedKey.toJSON(),
};
}
}
RecipientEncryptedKey.CLASS_NAME = "RecipientEncryptedKey";
const ENCRYPTED_KEYS = "encryptedKeys";
const RECIPIENT_ENCRYPTED_KEYS = "RecipientEncryptedKeys";
const CLEAR_PROPS$t = [
RECIPIENT_ENCRYPTED_KEYS,
];
class RecipientEncryptedKeys extends PkiObject {
constructor(parameters = {}) {
super();
this.encryptedKeys = getParametersValue(parameters, ENCRYPTED_KEYS, RecipientEncryptedKeys.defaultValues(ENCRYPTED_KEYS));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case ENCRYPTED_KEYS:
return [];
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case ENCRYPTED_KEYS:
return (memberValue.length === 0);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Repeated({
name: (names.RecipientEncryptedKeys || EMPTY_STRING),
value: RecipientEncryptedKey.schema()
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$t);
const asn1 = compareSchema(schema, schema, RecipientEncryptedKeys.schema({
names: {
RecipientEncryptedKeys: RECIPIENT_ENCRYPTED_KEYS
}
}));
AsnError.assertSchema(asn1, this.className);
this.encryptedKeys = Array.from(asn1.result.RecipientEncryptedKeys, element => new RecipientEncryptedKey({ schema: element }));
}
toSchema() {
return (new Sequence({
value: Array.from(this.encryptedKeys, o => o.toSchema())
}));
}
toJSON() {
return {
encryptedKeys: Array.from(this.encryptedKeys, o => o.toJSON())
};
}
}
RecipientEncryptedKeys.CLASS_NAME = "RecipientEncryptedKeys";
const VERSION$b = "version";
const ORIGINATOR = "originator";
const UKM = "ukm";
const KEY_ENCRYPTION_ALGORITHM$2 = "keyEncryptionAlgorithm";
const RECIPIENT_ENCRYPTED_KEY = "recipientEncryptedKeys";
const RECIPIENT_CERTIFICATE = "recipientCertificate";
const RECIPIENT_PUBLIC_KEY = "recipientPublicKey";
const CLEAR_PROPS$s = [
VERSION$b,
ORIGINATOR,
UKM,
KEY_ENCRYPTION_ALGORITHM$2,
RECIPIENT_ENCRYPTED_KEY,
];
class KeyAgreeRecipientInfo extends PkiObject {
constructor(parameters = {}) {
super();
this.version = getParametersValue(parameters, VERSION$b, KeyAgreeRecipientInfo.defaultValues(VERSION$b));
this.originator = getParametersValue(parameters, ORIGINATOR, KeyAgreeRecipientInfo.defaultValues(ORIGINATOR));
if (UKM in parameters) {
this.ukm = getParametersValue(parameters, UKM, KeyAgreeRecipientInfo.defaultValues(UKM));
}
this.keyEncryptionAlgorithm = getParametersValue(parameters, KEY_ENCRYPTION_ALGORITHM$2, KeyAgreeRecipientInfo.defaultValues(KEY_ENCRYPTION_ALGORITHM$2));
this.recipientEncryptedKeys = getParametersValue(parameters, RECIPIENT_ENCRYPTED_KEY, KeyAgreeRecipientInfo.defaultValues(RECIPIENT_ENCRYPTED_KEY));
this.recipientCertificate = getParametersValue(parameters, RECIPIENT_CERTIFICATE, KeyAgreeRecipientInfo.defaultValues(RECIPIENT_CERTIFICATE));
this.recipientPublicKey = getParametersValue(parameters, RECIPIENT_PUBLIC_KEY, KeyAgreeRecipientInfo.defaultValues(RECIPIENT_PUBLIC_KEY));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case VERSION$b:
return 0;
case ORIGINATOR:
return new OriginatorIdentifierOrKey();
case UKM:
return new OctetString();
case KEY_ENCRYPTION_ALGORITHM$2:
return new AlgorithmIdentifier();
case RECIPIENT_ENCRYPTED_KEY:
return new RecipientEncryptedKeys();
case RECIPIENT_CERTIFICATE:
return new Certificate();
case RECIPIENT_PUBLIC_KEY:
return null;
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case VERSION$b:
return (memberValue === 0);
case ORIGINATOR:
return ((memberValue.variant === (-1)) && (("value" in memberValue) === false));
case UKM:
return (memberValue.isEqual(KeyAgreeRecipientInfo.defaultValues(UKM)));
case KEY_ENCRYPTION_ALGORITHM$2:
return ((memberValue.algorithmId === EMPTY_STRING) && (("algorithmParams" in memberValue) === false));
case RECIPIENT_ENCRYPTED_KEY:
return (memberValue.encryptedKeys.length === 0);
case RECIPIENT_CERTIFICATE:
return false;
case RECIPIENT_PUBLIC_KEY:
return false;
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: names.blockName || EMPTY_STRING,
value: [
new Integer({ name: names.version || EMPTY_STRING }),
new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [
OriginatorIdentifierOrKey.schema(names.originator || {})
]
}),
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: [new OctetString({ name: names.ukm || EMPTY_STRING })]
}),
AlgorithmIdentifier.schema(names.keyEncryptionAlgorithm || {}),
RecipientEncryptedKeys.schema(names.recipientEncryptedKeys || {})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$s);
const asn1 = compareSchema(schema, schema, KeyAgreeRecipientInfo.schema({
names: {
version: VERSION$b,
originator: {
names: {
blockName: ORIGINATOR
}
},
ukm: UKM,
keyEncryptionAlgorithm: {
names: {
blockName: KEY_ENCRYPTION_ALGORITHM$2
}
},
recipientEncryptedKeys: {
names: {
blockName: RECIPIENT_ENCRYPTED_KEY
}
}
}
}));
AsnError.assertSchema(asn1, this.className);
this.version = asn1.result.version.valueBlock.valueDec;
this.originator = new OriginatorIdentifierOrKey({ schema: asn1.result.originator });
if (UKM in asn1.result)
this.ukm = asn1.result.ukm;
this.keyEncryptionAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.keyEncryptionAlgorithm });
this.recipientEncryptedKeys = new RecipientEncryptedKeys({ schema: asn1.result.recipientEncryptedKeys });
}
toSchema() {
const outputArray = [];
outputArray.push(new Integer({ value: this.version }));
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [this.originator.toSchema()]
}));
if (this.ukm) {
outputArray.push(new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: [this.ukm]
}));
}
outputArray.push(this.keyEncryptionAlgorithm.toSchema());
outputArray.push(this.recipientEncryptedKeys.toSchema());
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const res = {
version: this.version,
originator: this.originator.toJSON(),
keyEncryptionAlgorithm: this.keyEncryptionAlgorithm.toJSON(),
recipientEncryptedKeys: this.recipientEncryptedKeys.toJSON(),
};
if (this.ukm) {
res.ukm = this.ukm.toJSON();
}
return res;
}
}
KeyAgreeRecipientInfo.CLASS_NAME = "KeyAgreeRecipientInfo";
const KEY_IDENTIFIER = "keyIdentifier";
const DATE = "date";
const OTHER = "other";
const CLEAR_PROPS$r = [
KEY_IDENTIFIER,
DATE,
OTHER,
];
class KEKIdentifier extends PkiObject {
constructor(parameters = {}) {
super();
this.keyIdentifier = getParametersValue(parameters, KEY_IDENTIFIER, KEKIdentifier.defaultValues(KEY_IDENTIFIER));
if (DATE in parameters) {
this.date = getParametersValue(parameters, DATE, KEKIdentifier.defaultValues(DATE));
}
if (OTHER in parameters) {
this.other = getParametersValue(parameters, OTHER, KEKIdentifier.defaultValues(OTHER));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case KEY_IDENTIFIER:
return new OctetString();
case DATE:
return new GeneralizedTime();
case OTHER:
return new OtherKeyAttribute();
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case KEY_IDENTIFIER:
return (memberValue.isEqual(KEKIdentifier.defaultValues(KEY_IDENTIFIER)));
case DATE:
return ((memberValue.year === 0) &&
(memberValue.month === 0) &&
(memberValue.day === 0) &&
(memberValue.hour === 0) &&
(memberValue.minute === 0) &&
(memberValue.second === 0) &&
(memberValue.millisecond === 0));
case OTHER:
return ((memberValue.compareWithDefault("keyAttrId", memberValue.keyAttrId)) &&
(("keyAttr" in memberValue) === false));
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new OctetString({ name: (names.keyIdentifier || EMPTY_STRING) }),
new GeneralizedTime({
optional: true,
name: (names.date || EMPTY_STRING)
}),
OtherKeyAttribute.schema(names.other || {})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$r);
const asn1 = compareSchema(schema, schema, KEKIdentifier.schema({
names: {
keyIdentifier: KEY_IDENTIFIER,
date: DATE,
other: {
names: {
blockName: OTHER
}
}
}
}));
AsnError.assertSchema(asn1, this.className);
this.keyIdentifier = asn1.result.keyIdentifier;
if (DATE in asn1.result)
this.date = asn1.result.date;
if (OTHER in asn1.result)
this.other = new OtherKeyAttribute({ schema: asn1.result.other });
}
toSchema() {
const outputArray = [];
outputArray.push(this.keyIdentifier);
if (this.date) {
outputArray.push(this.date);
}
if (this.other) {
outputArray.push(this.other.toSchema());
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const res = {
keyIdentifier: this.keyIdentifier.toJSON()
};
if (this.date) {
res.date = this.date;
}
if (this.other) {
res.other = this.other.toJSON();
}
return res;
}
}
KEKIdentifier.CLASS_NAME = "KEKIdentifier";
const VERSION$a = "version";
const KEK_ID = "kekid";
const KEY_ENCRYPTION_ALGORITHM$1 = "keyEncryptionAlgorithm";
const ENCRYPTED_KEY$1 = "encryptedKey";
const PER_DEFINED_KEK = "preDefinedKEK";
const CLEAR_PROPS$q = [
VERSION$a,
KEK_ID,
KEY_ENCRYPTION_ALGORITHM$1,
ENCRYPTED_KEY$1,
];
class KEKRecipientInfo extends PkiObject {
constructor(parameters = {}) {
super();
this.version = getParametersValue(parameters, VERSION$a, KEKRecipientInfo.defaultValues(VERSION$a));
this.kekid = getParametersValue(parameters, KEK_ID, KEKRecipientInfo.defaultValues(KEK_ID));
this.keyEncryptionAlgorithm = getParametersValue(parameters, KEY_ENCRYPTION_ALGORITHM$1, KEKRecipientInfo.defaultValues(KEY_ENCRYPTION_ALGORITHM$1));
this.encryptedKey = getParametersValue(parameters, ENCRYPTED_KEY$1, KEKRecipientInfo.defaultValues(ENCRYPTED_KEY$1));
this.preDefinedKEK = getParametersValue(parameters, PER_DEFINED_KEK, KEKRecipientInfo.defaultValues(PER_DEFINED_KEK));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case VERSION$a:
return 0;
case KEK_ID:
return new KEKIdentifier();
case KEY_ENCRYPTION_ALGORITHM$1:
return new AlgorithmIdentifier();
case ENCRYPTED_KEY$1:
return new OctetString();
case PER_DEFINED_KEK:
return EMPTY_BUFFER;
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case "KEKRecipientInfo":
return (memberValue === KEKRecipientInfo.defaultValues(VERSION$a));
case KEK_ID:
return ((memberValue.compareWithDefault("keyIdentifier", memberValue.keyIdentifier)) &&
(("date" in memberValue) === false) &&
(("other" in memberValue) === false));
case KEY_ENCRYPTION_ALGORITHM$1:
return ((memberValue.algorithmId === EMPTY_STRING) && (("algorithmParams" in memberValue) === false));
case ENCRYPTED_KEY$1:
return (memberValue.isEqual(KEKRecipientInfo.defaultValues(ENCRYPTED_KEY$1)));
case PER_DEFINED_KEK:
return (memberValue.byteLength === 0);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Integer({ name: (names.version || EMPTY_STRING) }),
KEKIdentifier.schema(names.kekid || {}),
AlgorithmIdentifier.schema(names.keyEncryptionAlgorithm || {}),
new OctetString({ name: (names.encryptedKey || EMPTY_STRING) })
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$q);
const asn1 = compareSchema(schema, schema, KEKRecipientInfo.schema({
names: {
version: VERSION$a,
kekid: {
names: {
blockName: KEK_ID
}
},
keyEncryptionAlgorithm: {
names: {
blockName: KEY_ENCRYPTION_ALGORITHM$1
}
},
encryptedKey: ENCRYPTED_KEY$1
}
}));
AsnError.assertSchema(asn1, this.className);
this.version = asn1.result.version.valueBlock.valueDec;
this.kekid = new KEKIdentifier({ schema: asn1.result.kekid });
this.keyEncryptionAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.keyEncryptionAlgorithm });
this.encryptedKey = asn1.result.encryptedKey;
}
toSchema() {
return (new Sequence({
value: [
new Integer({ value: this.version }),
this.kekid.toSchema(),
this.keyEncryptionAlgorithm.toSchema(),
this.encryptedKey
]
}));
}
toJSON() {
return {
version: this.version,
kekid: this.kekid.toJSON(),
keyEncryptionAlgorithm: this.keyEncryptionAlgorithm.toJSON(),
encryptedKey: this.encryptedKey.toJSON(),
};
}
}
KEKRecipientInfo.CLASS_NAME = "KEKRecipientInfo";
const VERSION$9 = "version";
const KEY_DERIVATION_ALGORITHM = "keyDerivationAlgorithm";
const KEY_ENCRYPTION_ALGORITHM = "keyEncryptionAlgorithm";
const ENCRYPTED_KEY = "encryptedKey";
const PASSWORD = "password";
const CLEAR_PROPS$p = [
VERSION$9,
KEY_DERIVATION_ALGORITHM,
KEY_ENCRYPTION_ALGORITHM,
ENCRYPTED_KEY
];
class PasswordRecipientinfo extends PkiObject {
constructor(parameters = {}) {
super();
this.version = getParametersValue(parameters, VERSION$9, PasswordRecipientinfo.defaultValues(VERSION$9));
if (KEY_DERIVATION_ALGORITHM in parameters) {
this.keyDerivationAlgorithm = getParametersValue(parameters, KEY_DERIVATION_ALGORITHM, PasswordRecipientinfo.defaultValues(KEY_DERIVATION_ALGORITHM));
}
this.keyEncryptionAlgorithm = getParametersValue(parameters, KEY_ENCRYPTION_ALGORITHM, PasswordRecipientinfo.defaultValues(KEY_ENCRYPTION_ALGORITHM));
this.encryptedKey = getParametersValue(parameters, ENCRYPTED_KEY, PasswordRecipientinfo.defaultValues(ENCRYPTED_KEY));
this.password = getParametersValue(parameters, PASSWORD, PasswordRecipientinfo.defaultValues(PASSWORD));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case VERSION$9:
return (-1);
case KEY_DERIVATION_ALGORITHM:
return new AlgorithmIdentifier();
case KEY_ENCRYPTION_ALGORITHM:
return new AlgorithmIdentifier();
case ENCRYPTED_KEY:
return new OctetString();
case PASSWORD:
return EMPTY_BUFFER;
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case VERSION$9:
return (memberValue === (-1));
case KEY_DERIVATION_ALGORITHM:
case KEY_ENCRYPTION_ALGORITHM:
return ((memberValue.algorithmId === EMPTY_STRING) && (("algorithmParams" in memberValue) === false));
case ENCRYPTED_KEY:
return (memberValue.isEqual(PasswordRecipientinfo.defaultValues(ENCRYPTED_KEY)));
case PASSWORD:
return (memberValue.byteLength === 0);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Integer({ name: (names.version || EMPTY_STRING) }),
new Constructed({
name: (names.keyDerivationAlgorithm || EMPTY_STRING),
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: AlgorithmIdentifier.schema().valueBlock.value
}),
AlgorithmIdentifier.schema(names.keyEncryptionAlgorithm || {}),
new OctetString({ name: (names.encryptedKey || EMPTY_STRING) })
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$p);
const asn1 = compareSchema(schema, schema, PasswordRecipientinfo.schema({
names: {
version: VERSION$9,
keyDerivationAlgorithm: KEY_DERIVATION_ALGORITHM,
keyEncryptionAlgorithm: {
names: {
blockName: KEY_ENCRYPTION_ALGORITHM
}
},
encryptedKey: ENCRYPTED_KEY
}
}));
AsnError.assertSchema(asn1, this.className);
this.version = asn1.result.version.valueBlock.valueDec;
if (KEY_DERIVATION_ALGORITHM in asn1.result) {
this.keyDerivationAlgorithm = new AlgorithmIdentifier({
schema: new Sequence({
value: asn1.result.keyDerivationAlgorithm.valueBlock.value
})
});
}
this.keyEncryptionAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.keyEncryptionAlgorithm });
this.encryptedKey = asn1.result.encryptedKey;
}
toSchema() {
const outputArray = [];
outputArray.push(new Integer({ value: this.version }));
if (this.keyDerivationAlgorithm) {
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: this.keyDerivationAlgorithm.toSchema().valueBlock.value
}));
}
outputArray.push(this.keyEncryptionAlgorithm.toSchema());
outputArray.push(this.encryptedKey);
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const res = {
version: this.version,
keyEncryptionAlgorithm: this.keyEncryptionAlgorithm.toJSON(),
encryptedKey: this.encryptedKey.toJSON(),
};
if (this.keyDerivationAlgorithm) {
res.keyDerivationAlgorithm = this.keyDerivationAlgorithm.toJSON();
}
return res;
}
}
PasswordRecipientinfo.CLASS_NAME = "PasswordRecipientInfo";
const ORI_TYPE = "oriType";
const ORI_VALUE = "oriValue";
const CLEAR_PROPS$o = [
ORI_TYPE,
ORI_VALUE
];
class OtherRecipientInfo extends PkiObject {
constructor(parameters = {}) {
super();
this.oriType = getParametersValue(parameters, ORI_TYPE, OtherRecipientInfo.defaultValues(ORI_TYPE));
this.oriValue = getParametersValue(parameters, ORI_VALUE, OtherRecipientInfo.defaultValues(ORI_VALUE));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case ORI_TYPE:
return EMPTY_STRING;
case ORI_VALUE:
return {};
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case ORI_TYPE:
return (memberValue === EMPTY_STRING);
case ORI_VALUE:
return (Object.keys(memberValue).length === 0);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new ObjectIdentifier({ name: (names.oriType || EMPTY_STRING) }),
new Any({ name: (names.oriValue || EMPTY_STRING) })
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$o);
const asn1 = compareSchema(schema, schema, OtherRecipientInfo.schema({
names: {
oriType: ORI_TYPE,
oriValue: ORI_VALUE
}
}));
AsnError.assertSchema(asn1, this.className);
this.oriType = asn1.result.oriType.valueBlock.toString();
this.oriValue = asn1.result.oriValue;
}
toSchema() {
return (new Sequence({
value: [
new ObjectIdentifier({ value: this.oriType }),
this.oriValue
]
}));
}
toJSON() {
const res = {
oriType: this.oriType
};
if (!OtherRecipientInfo.compareWithDefault(ORI_VALUE, this.oriValue)) {
res.oriValue = this.oriValue.toJSON();
}
return res;
}
}
OtherRecipientInfo.CLASS_NAME = "OtherRecipientInfo";
const VARIANT = "variant";
const VALUE = "value";
const CLEAR_PROPS$n = [
"blockName"
];
class RecipientInfo extends PkiObject {
constructor(parameters = {}) {
super();
this.variant = getParametersValue(parameters, VARIANT, RecipientInfo.defaultValues(VARIANT));
if (VALUE in parameters) {
this.value = getParametersValue(parameters, VALUE, RecipientInfo.defaultValues(VALUE));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case VARIANT:
return (-1);
case VALUE:
return {};
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case VARIANT:
return (memberValue === RecipientInfo.defaultValues(memberName));
case VALUE:
return (Object.keys(memberValue).length === 0);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Choice({
value: [
KeyTransRecipientInfo.schema({
names: {
blockName: (names.blockName || EMPTY_STRING)
}
}),
new Constructed({
name: (names.blockName || EMPTY_STRING),
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: KeyAgreeRecipientInfo.schema().valueBlock.value
}),
new Constructed({
name: (names.blockName || EMPTY_STRING),
idBlock: {
tagClass: 3,
tagNumber: 2
},
value: KEKRecipientInfo.schema().valueBlock.value
}),
new Constructed({
name: (names.blockName || EMPTY_STRING),
idBlock: {
tagClass: 3,
tagNumber: 3
},
value: PasswordRecipientinfo.schema().valueBlock.value
}),
new Constructed({
name: (names.blockName || EMPTY_STRING),
idBlock: {
tagClass: 3,
tagNumber: 4
},
value: OtherRecipientInfo.schema().valueBlock.value
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$n);
const asn1 = compareSchema(schema, schema, RecipientInfo.schema({
names: {
blockName: "blockName"
}
}));
AsnError.assertSchema(asn1, this.className);
if (asn1.result.blockName.idBlock.tagClass === 1) {
this.variant = 1;
this.value = new KeyTransRecipientInfo({ schema: asn1.result.blockName });
}
else {
const blockSequence = new Sequence({
value: asn1.result.blockName.valueBlock.value
});
switch (asn1.result.blockName.idBlock.tagNumber) {
case 1:
this.variant = 2;
this.value = new KeyAgreeRecipientInfo({ schema: blockSequence });
break;
case 2:
this.variant = 3;
this.value = new KEKRecipientInfo({ schema: blockSequence });
break;
case 3:
this.variant = 4;
this.value = new PasswordRecipientinfo({ schema: blockSequence });
break;
case 4:
this.variant = 5;
this.value = new OtherRecipientInfo({ schema: blockSequence });
break;
default:
throw new Error("Incorrect structure of RecipientInfo block");
}
}
}
toSchema() {
ParameterError.assertEmpty(this.value, "value", "RecipientInfo");
const _schema = this.value.toSchema();
switch (this.variant) {
case 1:
return _schema;
case 2:
case 3:
case 4:
_schema.idBlock.tagClass = 3;
_schema.idBlock.tagNumber = (this.variant - 1);
return _schema;
default:
return new Any();
}
}
toJSON() {
const res = {
variant: this.variant
};
if (this.value && (this.variant >= 1) && (this.variant <= 4)) {
res.value = this.value.toJSON();
}
return res;
}
}
RecipientInfo.CLASS_NAME = "RecipientInfo";
const HASH_ALGORITHM$2 = "hashAlgorithm";
const MASK_GEN_ALGORITHM = "maskGenAlgorithm";
const P_SOURCE_ALGORITHM = "pSourceAlgorithm";
const CLEAR_PROPS$m = [
HASH_ALGORITHM$2,
MASK_GEN_ALGORITHM,
P_SOURCE_ALGORITHM
];
class RSAESOAEPParams extends PkiObject {
constructor(parameters = {}) {
super();
this.hashAlgorithm = getParametersValue(parameters, HASH_ALGORITHM$2, RSAESOAEPParams.defaultValues(HASH_ALGORITHM$2));
this.maskGenAlgorithm = getParametersValue(parameters, MASK_GEN_ALGORITHM, RSAESOAEPParams.defaultValues(MASK_GEN_ALGORITHM));
this.pSourceAlgorithm = getParametersValue(parameters, P_SOURCE_ALGORITHM, RSAESOAEPParams.defaultValues(P_SOURCE_ALGORITHM));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case HASH_ALGORITHM$2:
return new AlgorithmIdentifier({
algorithmId: "1.3.14.3.2.26",
algorithmParams: new Null()
});
case MASK_GEN_ALGORITHM:
return new AlgorithmIdentifier({
algorithmId: "1.2.840.113549.1.1.8",
algorithmParams: (new AlgorithmIdentifier({
algorithmId: "1.3.14.3.2.26",
algorithmParams: new Null()
})).toSchema()
});
case P_SOURCE_ALGORITHM:
return new AlgorithmIdentifier({
algorithmId: "1.2.840.113549.1.1.9",
algorithmParams: new OctetString({ valueHex: (new Uint8Array([0xda, 0x39, 0xa3, 0xee, 0x5e, 0x6b, 0x4b, 0x0d, 0x32, 0x55, 0xbf, 0xef, 0x95, 0x60, 0x18, 0x90, 0xaf, 0xd8, 0x07, 0x09])).buffer })
});
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
optional: true,
value: [AlgorithmIdentifier.schema(names.hashAlgorithm || {})]
}),
new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 1
},
optional: true,
value: [AlgorithmIdentifier.schema(names.maskGenAlgorithm || {})]
}),
new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 2
},
optional: true,
value: [AlgorithmIdentifier.schema(names.pSourceAlgorithm || {})]
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$m);
const asn1 = compareSchema(schema, schema, RSAESOAEPParams.schema({
names: {
hashAlgorithm: {
names: {
blockName: HASH_ALGORITHM$2
}
},
maskGenAlgorithm: {
names: {
blockName: MASK_GEN_ALGORITHM
}
},
pSourceAlgorithm: {
names: {
blockName: P_SOURCE_ALGORITHM
}
}
}
}));
AsnError.assertSchema(asn1, this.className);
if (HASH_ALGORITHM$2 in asn1.result)
this.hashAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.hashAlgorithm });
if (MASK_GEN_ALGORITHM in asn1.result)
this.maskGenAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.maskGenAlgorithm });
if (P_SOURCE_ALGORITHM in asn1.result)
this.pSourceAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.pSourceAlgorithm });
}
toSchema() {
const outputArray = [];
if (!this.hashAlgorithm.isEqual(RSAESOAEPParams.defaultValues(HASH_ALGORITHM$2))) {
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [this.hashAlgorithm.toSchema()]
}));
}
if (!this.maskGenAlgorithm.isEqual(RSAESOAEPParams.defaultValues(MASK_GEN_ALGORITHM))) {
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: [this.maskGenAlgorithm.toSchema()]
}));
}
if (!this.pSourceAlgorithm.isEqual(RSAESOAEPParams.defaultValues(P_SOURCE_ALGORITHM))) {
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 2
},
value: [this.pSourceAlgorithm.toSchema()]
}));
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const res = {};
if (!this.hashAlgorithm.isEqual(RSAESOAEPParams.defaultValues(HASH_ALGORITHM$2))) {
res.hashAlgorithm = this.hashAlgorithm.toJSON();
}
if (!this.maskGenAlgorithm.isEqual(RSAESOAEPParams.defaultValues(MASK_GEN_ALGORITHM))) {
res.maskGenAlgorithm = this.maskGenAlgorithm.toJSON();
}
if (!this.pSourceAlgorithm.isEqual(RSAESOAEPParams.defaultValues(P_SOURCE_ALGORITHM))) {
res.pSourceAlgorithm = this.pSourceAlgorithm.toJSON();
}
return res;
}
}
RSAESOAEPParams.CLASS_NAME = "RSAESOAEPParams";
const KEY_INFO = "keyInfo";
const ENTITY_U_INFO = "entityUInfo";
const SUPP_PUB_INFO = "suppPubInfo";
const CLEAR_PROPS$l = [
KEY_INFO,
ENTITY_U_INFO,
SUPP_PUB_INFO
];
class ECCCMSSharedInfo extends PkiObject {
constructor(parameters = {}) {
super();
this.keyInfo = getParametersValue(parameters, KEY_INFO, ECCCMSSharedInfo.defaultValues(KEY_INFO));
if (ENTITY_U_INFO in parameters) {
this.entityUInfo = getParametersValue(parameters, ENTITY_U_INFO, ECCCMSSharedInfo.defaultValues(ENTITY_U_INFO));
}
this.suppPubInfo = getParametersValue(parameters, SUPP_PUB_INFO, ECCCMSSharedInfo.defaultValues(SUPP_PUB_INFO));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case KEY_INFO:
return new AlgorithmIdentifier();
case ENTITY_U_INFO:
return new OctetString();
case SUPP_PUB_INFO:
return new OctetString();
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case KEY_INFO:
case ENTITY_U_INFO:
case SUPP_PUB_INFO:
return (memberValue.isEqual(ECCCMSSharedInfo.defaultValues(memberName)));
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
AlgorithmIdentifier.schema(names.keyInfo || {}),
new Constructed({
name: (names.entityUInfo || EMPTY_STRING),
idBlock: {
tagClass: 3,
tagNumber: 0
},
optional: true,
value: [new OctetString()]
}),
new Constructed({
name: (names.suppPubInfo || EMPTY_STRING),
idBlock: {
tagClass: 3,
tagNumber: 2
},
value: [new OctetString()]
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$l);
const asn1 = compareSchema(schema, schema, ECCCMSSharedInfo.schema({
names: {
keyInfo: {
names: {
blockName: KEY_INFO
}
},
entityUInfo: ENTITY_U_INFO,
suppPubInfo: SUPP_PUB_INFO
}
}));
AsnError.assertSchema(asn1, this.className);
this.keyInfo = new AlgorithmIdentifier({ schema: asn1.result.keyInfo });
if (ENTITY_U_INFO in asn1.result)
this.entityUInfo = asn1.result.entityUInfo.valueBlock.value[0];
this.suppPubInfo = asn1.result.suppPubInfo.valueBlock.value[0];
}
toSchema() {
const outputArray = [];
outputArray.push(this.keyInfo.toSchema());
if (this.entityUInfo) {
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [this.entityUInfo]
}));
}
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 2
},
value: [this.suppPubInfo]
}));
return new Sequence({
value: outputArray
});
}
toJSON() {
const res = {
keyInfo: this.keyInfo.toJSON(),
suppPubInfo: this.suppPubInfo.toJSON(),
};
if (this.entityUInfo) {
res.entityUInfo = this.entityUInfo.toJSON();
}
return res;
}
}
ECCCMSSharedInfo.CLASS_NAME = "ECCCMSSharedInfo";
const VERSION$8 = "version";
const ORIGINATOR_INFO = "originatorInfo";
const RECIPIENT_INFOS = "recipientInfos";
const ENCRYPTED_CONTENT_INFO = "encryptedContentInfo";
const UNPROTECTED_ATTRS = "unprotectedAttrs";
const CLEAR_PROPS$k = [
VERSION$8,
ORIGINATOR_INFO,
RECIPIENT_INFOS,
ENCRYPTED_CONTENT_INFO,
UNPROTECTED_ATTRS
];
const defaultEncryptionParams = {
kdfAlgorithm: "SHA-512",
kekEncryptionLength: 256
};
const curveLengthByName = {
"P-256": 256,
"P-384": 384,
"P-521": 528
};
class EnvelopedData extends PkiObject {
constructor(parameters = {}) {
super();
this.version = getParametersValue(parameters, VERSION$8, EnvelopedData.defaultValues(VERSION$8));
if (ORIGINATOR_INFO in parameters) {
this.originatorInfo = getParametersValue(parameters, ORIGINATOR_INFO, EnvelopedData.defaultValues(ORIGINATOR_INFO));
}
this.recipientInfos = getParametersValue(parameters, RECIPIENT_INFOS, EnvelopedData.defaultValues(RECIPIENT_INFOS));
this.encryptedContentInfo = getParametersValue(parameters, ENCRYPTED_CONTENT_INFO, EnvelopedData.defaultValues(ENCRYPTED_CONTENT_INFO));
if (UNPROTECTED_ATTRS in parameters) {
this.unprotectedAttrs = getParametersValue(parameters, UNPROTECTED_ATTRS, EnvelopedData.defaultValues(UNPROTECTED_ATTRS));
}
this.policy = {
disableSplit: !!parameters.disableSplit,
};
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case VERSION$8:
return 0;
case ORIGINATOR_INFO:
return new OriginatorInfo();
case RECIPIENT_INFOS:
return [];
case ENCRYPTED_CONTENT_INFO:
return new EncryptedContentInfo();
case UNPROTECTED_ATTRS:
return [];
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case VERSION$8:
return (memberValue === EnvelopedData.defaultValues(memberName));
case ORIGINATOR_INFO:
return ((memberValue.certs.certificates.length === 0) && (memberValue.crls.crls.length === 0));
case RECIPIENT_INFOS:
case UNPROTECTED_ATTRS:
return (memberValue.length === 0);
case ENCRYPTED_CONTENT_INFO:
return ((EncryptedContentInfo.compareWithDefault("contentType", memberValue.contentType)) &&
(EncryptedContentInfo.compareWithDefault("contentEncryptionAlgorithm", memberValue.contentEncryptionAlgorithm) &&
(EncryptedContentInfo.compareWithDefault("encryptedContent", memberValue.encryptedContent))));
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Integer({ name: (names.version || EMPTY_STRING) }),
new Constructed({
name: (names.originatorInfo || EMPTY_STRING),
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: OriginatorInfo.schema().valueBlock.value
}),
new Set({
value: [
new Repeated({
name: (names.recipientInfos || EMPTY_STRING),
value: RecipientInfo.schema()
})
]
}),
EncryptedContentInfo.schema(names.encryptedContentInfo || {}),
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: [
new Repeated({
name: (names.unprotectedAttrs || EMPTY_STRING),
value: Attribute.schema()
})
]
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$k);
const asn1 = compareSchema(schema, schema, EnvelopedData.schema({
names: {
version: VERSION$8,
originatorInfo: ORIGINATOR_INFO,
recipientInfos: RECIPIENT_INFOS,
encryptedContentInfo: {
names: {
blockName: ENCRYPTED_CONTENT_INFO
}
},
unprotectedAttrs: UNPROTECTED_ATTRS
}
}));
AsnError.assertSchema(asn1, this.className);
this.version = asn1.result.version.valueBlock.valueDec;
if (ORIGINATOR_INFO in asn1.result) {
this.originatorInfo = new OriginatorInfo({
schema: new Sequence({
value: asn1.result.originatorInfo.valueBlock.value
})
});
}
this.recipientInfos = Array.from(asn1.result.recipientInfos, o => new RecipientInfo({ schema: o }));
this.encryptedContentInfo = new EncryptedContentInfo({ schema: asn1.result.encryptedContentInfo });
if (UNPROTECTED_ATTRS in asn1.result)
this.unprotectedAttrs = Array.from(asn1.result.unprotectedAttrs, o => new Attribute({ schema: o }));
}
toSchema() {
const outputArray = [];
outputArray.push(new Integer({ value: this.version }));
if (this.originatorInfo) {
outputArray.push(new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: this.originatorInfo.toSchema().valueBlock.value
}));
}
outputArray.push(new Set({
value: Array.from(this.recipientInfos, o => o.toSchema())
}));
outputArray.push(this.encryptedContentInfo.toSchema());
if (this.unprotectedAttrs) {
outputArray.push(new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: Array.from(this.unprotectedAttrs, o => o.toSchema())
}));
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const res = {
version: this.version,
recipientInfos: Array.from(this.recipientInfos, o => o.toJSON()),
encryptedContentInfo: this.encryptedContentInfo.toJSON(),
};
if (this.originatorInfo)
res.originatorInfo = this.originatorInfo.toJSON();
if (this.unprotectedAttrs)
res.unprotectedAttrs = Array.from(this.unprotectedAttrs, o => o.toJSON());
return res;
}
addRecipientByCertificate(certificate, parameters, variant, crypto = getCrypto(true)) {
const encryptionParameters = Object.assign({ useOAEP: true, oaepHashAlgorithm: "SHA-512" }, defaultEncryptionParams, parameters || {});
if (certificate.subjectPublicKeyInfo.algorithm.algorithmId.indexOf("1.2.840.113549") !== (-1))
variant = 1;
else {
if (certificate.subjectPublicKeyInfo.algorithm.algorithmId.indexOf("1.2.840.10045") !== (-1))
variant = 2;
else
throw new Error(`Unknown type of certificate's public key: ${certificate.subjectPublicKeyInfo.algorithm.algorithmId}`);
}
switch (variant) {
case 1:
{
let algorithmId;
let algorithmParams;
if (encryptionParameters.useOAEP === true) {
algorithmId = crypto.getOIDByAlgorithm({
name: "RSA-OAEP"
}, true, "keyEncryptionAlgorithm");
const hashOID = crypto.getOIDByAlgorithm({
name: encryptionParameters.oaepHashAlgorithm
}, true, "RSAES-OAEP-params");
const hashAlgorithm = new AlgorithmIdentifier({
algorithmId: hashOID,
algorithmParams: new Null()
});
const rsaOAEPParams = new RSAESOAEPParams({
hashAlgorithm,
maskGenAlgorithm: new AlgorithmIdentifier({
algorithmId: "1.2.840.113549.1.1.8",
algorithmParams: hashAlgorithm.toSchema()
})
});
algorithmParams = rsaOAEPParams.toSchema();
}
else {
algorithmId = crypto.getOIDByAlgorithm({
name: "RSAES-PKCS1-v1_5"
});
if (algorithmId === EMPTY_STRING)
throw new Error("Can not find OID for RSAES-PKCS1-v1_5");
algorithmParams = new Null();
}
const keyInfo = new KeyTransRecipientInfo({
version: 0,
rid: new IssuerAndSerialNumber({
issuer: certificate.issuer,
serialNumber: certificate.serialNumber
}),
keyEncryptionAlgorithm: new AlgorithmIdentifier({
algorithmId,
algorithmParams
}),
recipientCertificate: certificate,
});
this.recipientInfos.push(new RecipientInfo({
variant: 1,
value: keyInfo
}));
}
break;
case 2:
{
const recipientIdentifier = new KeyAgreeRecipientIdentifier({
variant: 1,
value: new IssuerAndSerialNumber({
issuer: certificate.issuer,
serialNumber: certificate.serialNumber
})
});
this._addKeyAgreeRecipientInfo(recipientIdentifier, encryptionParameters, { recipientCertificate: certificate }, crypto);
}
break;
default:
throw new Error(`Unknown "variant" value: ${variant}`);
}
return true;
}
addRecipientByPreDefinedData(preDefinedData, parameters = {}, variant, crypto = getCrypto(true)) {
ArgumentError.assert(preDefinedData, "preDefinedData", "ArrayBuffer");
if (!preDefinedData.byteLength) {
throw new Error("Pre-defined data could have zero length");
}
if (!parameters.keyIdentifier) {
const keyIdentifierBuffer = new ArrayBuffer(16);
const keyIdentifierView = new Uint8Array(keyIdentifierBuffer);
crypto.getRandomValues(keyIdentifierView);
parameters.keyIdentifier = keyIdentifierBuffer;
}
if (!parameters.hmacHashAlgorithm)
parameters.hmacHashAlgorithm = "SHA-512";
if (parameters.iterationCount === undefined) {
parameters.iterationCount = 2048;
}
if (!parameters.keyEncryptionAlgorithm) {
parameters.keyEncryptionAlgorithm = {
name: "AES-KW",
length: 256
};
}
if (!parameters.keyEncryptionAlgorithmParams)
parameters.keyEncryptionAlgorithmParams = new Null();
switch (variant) {
case 1:
{
const kekOID = crypto.getOIDByAlgorithm(parameters.keyEncryptionAlgorithm, true, "keyEncryptionAlgorithm");
const keyInfo = new KEKRecipientInfo({
version: 4,
kekid: new KEKIdentifier({
keyIdentifier: new OctetString({ valueHex: parameters.keyIdentifier })
}),
keyEncryptionAlgorithm: new AlgorithmIdentifier({
algorithmId: kekOID,
algorithmParams: parameters.keyEncryptionAlgorithmParams
}),
preDefinedKEK: preDefinedData
});
this.recipientInfos.push(new RecipientInfo({
variant: 3,
value: keyInfo
}));
}
break;
case 2:
{
const pbkdf2OID = crypto.getOIDByAlgorithm({ name: "PBKDF2" }, true, "keyDerivationAlgorithm");
const saltBuffer = new ArrayBuffer(64);
const saltView = new Uint8Array(saltBuffer);
crypto.getRandomValues(saltView);
const hmacOID = crypto.getOIDByAlgorithm({
name: "HMAC",
hash: {
name: parameters.hmacHashAlgorithm
}
}, true, "hmacHashAlgorithm");
const pbkdf2Params = new PBKDF2Params({
salt: new OctetString({ valueHex: saltBuffer }),
iterationCount: parameters.iterationCount,
prf: new AlgorithmIdentifier({
algorithmId: hmacOID,
algorithmParams: new Null()
})
});
const kekOID = crypto.getOIDByAlgorithm(parameters.keyEncryptionAlgorithm, true, "keyEncryptionAlgorithm");
const keyInfo = new PasswordRecipientinfo({
version: 0,
keyDerivationAlgorithm: new AlgorithmIdentifier({
algorithmId: pbkdf2OID,
algorithmParams: pbkdf2Params.toSchema()
}),
keyEncryptionAlgorithm: new AlgorithmIdentifier({
algorithmId: kekOID,
algorithmParams: parameters.keyEncryptionAlgorithmParams
}),
password: preDefinedData
});
this.recipientInfos.push(new RecipientInfo({
variant: 4,
value: keyInfo
}));
}
break;
default:
throw new Error(`Unknown value for "variant": ${variant}`);
}
}
addRecipientByKeyIdentifier(key, keyId, parameters, crypto = getCrypto(true)) {
const encryptionParameters = Object.assign({}, defaultEncryptionParams, parameters || {});
const recipientIdentifier = new KeyAgreeRecipientIdentifier({
variant: 2,
value: new RecipientKeyIdentifier({
subjectKeyIdentifier: new OctetString({ valueHex: keyId }),
})
});
this._addKeyAgreeRecipientInfo(recipientIdentifier, encryptionParameters, { recipientPublicKey: key }, crypto);
}
_addKeyAgreeRecipientInfo(recipientIdentifier, encryptionParameters, extraRecipientInfoParams, crypto = getCrypto(true)) {
const encryptedKey = new RecipientEncryptedKey({
rid: recipientIdentifier
});
const aesKWoid = crypto.getOIDByAlgorithm({
name: "AES-KW",
length: encryptionParameters.kekEncryptionLength
}, true, "keyEncryptionAlgorithm");
const aesKW = new AlgorithmIdentifier({
algorithmId: aesKWoid,
});
const ecdhOID = crypto.getOIDByAlgorithm({
name: "ECDH",
kdf: encryptionParameters.kdfAlgorithm
}, true, "KeyAgreeRecipientInfo");
const ukmBuffer = new ArrayBuffer(64);
const ukmView = new Uint8Array(ukmBuffer);
crypto.getRandomValues(ukmView);
const recipientInfoParams = {
version: 3,
ukm: new OctetString({ valueHex: ukmBuffer }),
keyEncryptionAlgorithm: new AlgorithmIdentifier({
algorithmId: ecdhOID,
algorithmParams: aesKW.toSchema()
}),
recipientEncryptedKeys: new RecipientEncryptedKeys({
encryptedKeys: [encryptedKey]
})
};
const keyInfo = new KeyAgreeRecipientInfo(Object.assign(recipientInfoParams, extraRecipientInfoParams));
this.recipientInfos.push(new RecipientInfo({
variant: 2,
value: keyInfo
}));
}
async encrypt(contentEncryptionAlgorithm, contentToEncrypt, crypto = getCrypto(true)) {
const ivBuffer = new ArrayBuffer(16);
const ivView = new Uint8Array(ivBuffer);
crypto.getRandomValues(ivView);
const contentView = new Uint8Array(contentToEncrypt);
const contentEncryptionOID = crypto.getOIDByAlgorithm(contentEncryptionAlgorithm, true, "contentEncryptionAlgorithm");
const sessionKey = await crypto.generateKey(contentEncryptionAlgorithm, true, ["encrypt"]);
const encryptedContent = await crypto.encrypt({
name: contentEncryptionAlgorithm.name,
iv: ivView
}, sessionKey, contentView);
const exportedSessionKey = await crypto.exportKey("raw", sessionKey);
this.version = 2;
this.encryptedContentInfo = new EncryptedContentInfo({
disableSplit: this.policy.disableSplit,
contentType: "1.2.840.113549.1.7.1",
contentEncryptionAlgorithm: new AlgorithmIdentifier({
algorithmId: contentEncryptionOID,
algorithmParams: new OctetString({ valueHex: ivBuffer })
}),
encryptedContent: new OctetString({ valueHex: encryptedContent })
});
const SubKeyAgreeRecipientInfo = async (index) => {
const recipientInfo = this.recipientInfos[index].value;
let recipientCurve;
let recipientPublicKey;
if (recipientInfo.recipientPublicKey) {
recipientCurve = recipientInfo.recipientPublicKey.algorithm.namedCurve;
recipientPublicKey = recipientInfo.recipientPublicKey;
}
else if (recipientInfo.recipientCertificate) {
const curveObject = recipientInfo.recipientCertificate.subjectPublicKeyInfo.algorithm.algorithmParams;
if (curveObject.constructor.blockName() !== ObjectIdentifier.blockName())
throw new Error(`Incorrect "recipientCertificate" for index ${index}`);
const curveOID = curveObject.valueBlock.toString();
switch (curveOID) {
case "1.2.840.10045.3.1.7":
recipientCurve = "P-256";
break;
case "1.3.132.0.34":
recipientCurve = "P-384";
break;
case "1.3.132.0.35":
recipientCurve = "P-521";
break;
default:
throw new Error(`Incorrect curve OID for index ${index}`);
}
recipientPublicKey = await recipientInfo.recipientCertificate.getPublicKey({
algorithm: {
algorithm: {
name: "ECDH",
namedCurve: recipientCurve
},
usages: []
}
}, crypto);
}
else {
throw new Error("Unsupported RecipientInfo");
}
const recipientCurveLength = curveLengthByName[recipientCurve];
const ecdhKeys = await crypto.generateKey({ name: "ECDH", namedCurve: recipientCurve }, true, ["deriveBits"]);
const exportedECDHPublicKey = await crypto.exportKey("spki", ecdhKeys.publicKey);
const derivedBits = await crypto.deriveBits({
name: "ECDH",
public: recipientPublicKey
}, ecdhKeys.privateKey, recipientCurveLength);
const aesKWAlgorithm = new AlgorithmIdentifier({ schema: recipientInfo.keyEncryptionAlgorithm.algorithmParams });
const kwAlgorithm = crypto.getAlgorithmByOID(aesKWAlgorithm.algorithmId, true, "aesKWAlgorithm");
let kwLength = kwAlgorithm.length;
const kwLengthBuffer = new ArrayBuffer(4);
const kwLengthView = new Uint8Array(kwLengthBuffer);
for (let j = 3; j >= 0; j--) {
kwLengthView[j] = kwLength;
kwLength >>= 8;
}
const eccInfo = new ECCCMSSharedInfo({
keyInfo: new AlgorithmIdentifier({
algorithmId: aesKWAlgorithm.algorithmId
}),
entityUInfo: recipientInfo.ukm,
suppPubInfo: new OctetString({ valueHex: kwLengthBuffer })
});
const encodedInfo = eccInfo.toSchema().toBER(false);
const ecdhAlgorithm = crypto.getAlgorithmByOID(recipientInfo.keyEncryptionAlgorithm.algorithmId, true, "ecdhAlgorithm");
const derivedKeyRaw = await kdf(ecdhAlgorithm.kdf, derivedBits, kwAlgorithm.length, encodedInfo, crypto);
const awsKW = await crypto.importKey("raw", derivedKeyRaw, { name: "AES-KW" }, true, ["wrapKey"]);
const wrappedKey = await crypto.wrapKey("raw", sessionKey, awsKW, { name: "AES-KW" });
const originator = new OriginatorIdentifierOrKey();
originator.variant = 3;
originator.value = OriginatorPublicKey.fromBER(exportedECDHPublicKey);
recipientInfo.originator = originator;
recipientInfo.recipientEncryptedKeys.encryptedKeys[0].encryptedKey = new OctetString({ valueHex: wrappedKey });
return { ecdhPrivateKey: ecdhKeys.privateKey };
};
const SubKeyTransRecipientInfo = async (index) => {
const recipientInfo = this.recipientInfos[index].value;
const algorithmParameters = crypto.getAlgorithmByOID(recipientInfo.keyEncryptionAlgorithm.algorithmId, true, "keyEncryptionAlgorithm");
if (algorithmParameters.name === "RSA-OAEP") {
const schema = recipientInfo.keyEncryptionAlgorithm.algorithmParams;
const rsaOAEPParams = new RSAESOAEPParams({ schema });
algorithmParameters.hash = crypto.getAlgorithmByOID(rsaOAEPParams.hashAlgorithm.algorithmId);
if (("name" in algorithmParameters.hash) === false)
throw new Error(`Incorrect OID for hash algorithm: ${rsaOAEPParams.hashAlgorithm.algorithmId}`);
}
try {
const publicKey = await recipientInfo.recipientCertificate.getPublicKey({
algorithm: {
algorithm: algorithmParameters,
usages: ["encrypt", "wrapKey"]
}
}, crypto);
const encryptedKey = await crypto.encrypt(publicKey.algorithm, publicKey, exportedSessionKey);
recipientInfo.encryptedKey = new OctetString({ valueHex: encryptedKey });
}
catch {
}
};
const SubKEKRecipientInfo = async (index) => {
const recipientInfo = this.recipientInfos[index].value;
const kekAlgorithm = crypto.getAlgorithmByOID(recipientInfo.keyEncryptionAlgorithm.algorithmId, true, "kekAlgorithm");
const kekKey = await crypto.importKey("raw", new Uint8Array(recipientInfo.preDefinedKEK), kekAlgorithm, true, ["wrapKey"]);
const wrappedKey = await crypto.wrapKey("raw", sessionKey, kekKey, kekAlgorithm);
recipientInfo.encryptedKey = new OctetString({ valueHex: wrappedKey });
};
const SubPasswordRecipientinfo = async (index) => {
const recipientInfo = this.recipientInfos[index].value;
let pbkdf2Params;
if (!recipientInfo.keyDerivationAlgorithm)
throw new Error("Please append encoded \"keyDerivationAlgorithm\"");
if (!recipientInfo.keyDerivationAlgorithm.algorithmParams)
throw new Error("Incorrectly encoded \"keyDerivationAlgorithm\"");
try {
pbkdf2Params = new PBKDF2Params({ schema: recipientInfo.keyDerivationAlgorithm.algorithmParams });
}
catch {
throw new Error("Incorrectly encoded \"keyDerivationAlgorithm\"");
}
const passwordView = new Uint8Array(recipientInfo.password);
const derivationKey = await crypto.importKey("raw", passwordView, "PBKDF2", false, ["deriveKey"]);
const kekAlgorithm = crypto.getAlgorithmByOID(recipientInfo.keyEncryptionAlgorithm.algorithmId, true, "kekAlgorithm");
let hmacHashAlgorithm = "SHA-1";
if (pbkdf2Params.prf) {
const prfAlgorithm = crypto.getAlgorithmByOID(pbkdf2Params.prf.algorithmId, true, "prfAlgorithm");
hmacHashAlgorithm = prfAlgorithm.hash.name;
}
const saltView = new Uint8Array(pbkdf2Params.salt.valueBlock.valueHex);
const iterations = pbkdf2Params.iterationCount;
const derivedKey = await crypto.deriveKey({
name: "PBKDF2",
hash: {
name: hmacHashAlgorithm
},
salt: saltView,
iterations
}, derivationKey, kekAlgorithm, true, ["wrapKey"]);
const wrappedKey = await crypto.wrapKey("raw", sessionKey, derivedKey, kekAlgorithm);
recipientInfo.encryptedKey = new OctetString({ valueHex: wrappedKey });
};
const res = [];
for (let i = 0; i < this.recipientInfos.length; i++) {
switch (this.recipientInfos[i].variant) {
case 1:
res.push(await SubKeyTransRecipientInfo(i));
break;
case 2:
res.push(await SubKeyAgreeRecipientInfo(i));
break;
case 3:
res.push(await SubKEKRecipientInfo(i));
break;
case 4:
res.push(await SubPasswordRecipientinfo(i));
break;
default:
throw new Error(`Unknown recipient type in array with index ${i}`);
}
}
return res;
}
async decrypt(recipientIndex, parameters, crypto = getCrypto(true)) {
const decryptionParameters = parameters || {};
if ((recipientIndex + 1) > this.recipientInfos.length) {
throw new Error(`Maximum value for "index" is: ${this.recipientInfos.length - 1}`);
}
const SubKeyAgreeRecipientInfo = async (index) => {
const recipientInfo = this.recipientInfos[index].value;
let curveOID;
let recipientCurve;
let recipientCurveLength;
const originator = recipientInfo.originator;
if (decryptionParameters.recipientCertificate) {
const curveObject = decryptionParameters.recipientCertificate.subjectPublicKeyInfo.algorithm.algorithmParams;
if (curveObject.constructor.blockName() !== ObjectIdentifier.blockName()) {
throw new Error(`Incorrect "recipientCertificate" for index ${index}`);
}
curveOID = curveObject.valueBlock.toString();
}
else if (originator.value.algorithm.algorithmParams) {
const curveObject = originator.value.algorithm.algorithmParams;
if (curveObject.constructor.blockName() !== ObjectIdentifier.blockName()) {
throw new Error(`Incorrect originator for index ${index}`);
}
curveOID = curveObject.valueBlock.toString();
}
else {
throw new Error("Parameter \"recipientCertificate\" is mandatory for \"KeyAgreeRecipientInfo\" if algorithm params are missing from originator");
}
if (!decryptionParameters.recipientPrivateKey)
throw new Error("Parameter \"recipientPrivateKey\" is mandatory for \"KeyAgreeRecipientInfo\"");
switch (curveOID) {
case "1.2.840.10045.3.1.7":
recipientCurve = "P-256";
recipientCurveLength = 256;
break;
case "1.3.132.0.34":
recipientCurve = "P-384";
recipientCurveLength = 384;
break;
case "1.3.132.0.35":
recipientCurve = "P-521";
recipientCurveLength = 528;
break;
default:
throw new Error(`Incorrect curve OID for index ${index}`);
}
let ecdhPrivateKey;
let keyCrypto = crypto;
if (BufferSourceConverter.isBufferSource(decryptionParameters.recipientPrivateKey)) {
ecdhPrivateKey = await crypto.importKey("pkcs8", decryptionParameters.recipientPrivateKey, {
name: "ECDH",
namedCurve: recipientCurve
}, true, ["deriveBits"]);
}
else {
ecdhPrivateKey = decryptionParameters.recipientPrivateKey;
if ("crypto" in decryptionParameters && decryptionParameters.crypto) {
keyCrypto = decryptionParameters.crypto.subtle;
}
}
if (("algorithmParams" in originator.value.algorithm) === false)
originator.value.algorithm.algorithmParams = new ObjectIdentifier({ value: curveOID });
const buffer = originator.value.toSchema().toBER(false);
const ecdhPublicKey = await crypto.importKey("spki", buffer, {
name: "ECDH",
namedCurve: recipientCurve
}, true, []);
const sharedSecret = await keyCrypto.deriveBits({
name: "ECDH",
public: ecdhPublicKey
}, ecdhPrivateKey, recipientCurveLength);
async function applyKDF(includeAlgorithmParams) {
includeAlgorithmParams = includeAlgorithmParams || false;
const aesKWAlgorithm = new AlgorithmIdentifier({ schema: recipientInfo.keyEncryptionAlgorithm.algorithmParams });
const kwAlgorithm = crypto.getAlgorithmByOID(aesKWAlgorithm.algorithmId, true, "kwAlgorithm");
let kwLength = kwAlgorithm.length;
const kwLengthBuffer = new ArrayBuffer(4);
const kwLengthView = new Uint8Array(kwLengthBuffer);
for (let j = 3; j >= 0; j--) {
kwLengthView[j] = kwLength;
kwLength >>= 8;
}
const keyInfoAlgorithm = {
algorithmId: aesKWAlgorithm.algorithmId
};
if (includeAlgorithmParams) {
keyInfoAlgorithm.algorithmParams = new Null();
}
const eccInfo = new ECCCMSSharedInfo({
keyInfo: new AlgorithmIdentifier(keyInfoAlgorithm),
entityUInfo: recipientInfo.ukm,
suppPubInfo: new OctetString({ valueHex: kwLengthBuffer })
});
const encodedInfo = eccInfo.toSchema().toBER(false);
const ecdhAlgorithm = crypto.getAlgorithmByOID(recipientInfo.keyEncryptionAlgorithm.algorithmId, true, "ecdhAlgorithm");
if (!ecdhAlgorithm.name) {
throw new Error(`Incorrect OID for key encryption algorithm: ${recipientInfo.keyEncryptionAlgorithm.algorithmId}`);
}
return kdf(ecdhAlgorithm.kdf, sharedSecret, kwAlgorithm.length, encodedInfo, crypto);
}
const kdfResult = await applyKDF();
const importAesKwKey = async (kdfResult) => {
return crypto.importKey("raw", kdfResult, { name: "AES-KW" }, true, ["unwrapKey"]);
};
const aesKwKey = await importAesKwKey(kdfResult);
const unwrapSessionKey = async (aesKwKey) => {
const algorithmId = this.encryptedContentInfo.contentEncryptionAlgorithm.algorithmId;
const contentEncryptionAlgorithm = crypto.getAlgorithmByOID(algorithmId, true, "contentEncryptionAlgorithm");
return crypto.unwrapKey("raw", recipientInfo.recipientEncryptedKeys.encryptedKeys[0].encryptedKey.valueBlock.valueHexView, aesKwKey, { name: "AES-KW" }, contentEncryptionAlgorithm, true, ["decrypt"]);
};
try {
return await unwrapSessionKey(aesKwKey);
}
catch {
const kdfResult = await applyKDF(true);
const aesKwKey = await importAesKwKey(kdfResult);
return unwrapSessionKey(aesKwKey);
}
};
const SubKeyTransRecipientInfo = async (index) => {
const recipientInfo = this.recipientInfos[index].value;
if (!decryptionParameters.recipientPrivateKey) {
throw new Error("Parameter \"recipientPrivateKey\" is mandatory for \"KeyTransRecipientInfo\"");
}
const algorithmParameters = crypto.getAlgorithmByOID(recipientInfo.keyEncryptionAlgorithm.algorithmId, true, "keyEncryptionAlgorithm");
if (algorithmParameters.name === "RSA-OAEP") {
const schema = recipientInfo.keyEncryptionAlgorithm.algorithmParams;
const rsaOAEPParams = new RSAESOAEPParams({ schema });
algorithmParameters.hash = crypto.getAlgorithmByOID(rsaOAEPParams.hashAlgorithm.algorithmId);
if (("name" in algorithmParameters.hash) === false)
throw new Error(`Incorrect OID for hash algorithm: ${rsaOAEPParams.hashAlgorithm.algorithmId}`);
}
let privateKey;
let keyCrypto = crypto;
if (BufferSourceConverter.isBufferSource(decryptionParameters.recipientPrivateKey)) {
privateKey = await crypto.importKey("pkcs8", decryptionParameters.recipientPrivateKey, algorithmParameters, true, ["decrypt"]);
}
else {
privateKey = decryptionParameters.recipientPrivateKey;
if ("crypto" in decryptionParameters && decryptionParameters.crypto) {
keyCrypto = decryptionParameters.crypto.subtle;
}
}
const sessionKey = await keyCrypto.decrypt(privateKey.algorithm, privateKey, recipientInfo.encryptedKey.valueBlock.valueHexView);
const algorithmId = this.encryptedContentInfo.contentEncryptionAlgorithm.algorithmId;
const contentEncryptionAlgorithm = crypto.getAlgorithmByOID(algorithmId, true, "contentEncryptionAlgorithm");
if (("name" in contentEncryptionAlgorithm) === false)
throw new Error(`Incorrect "contentEncryptionAlgorithm": ${algorithmId}`);
return crypto.importKey("raw", sessionKey, contentEncryptionAlgorithm, true, ["decrypt"]);
};
const SubKEKRecipientInfo = async (index) => {
const recipientInfo = this.recipientInfos[index].value;
if (!decryptionParameters.preDefinedData)
throw new Error("Parameter \"preDefinedData\" is mandatory for \"KEKRecipientInfo\"");
const kekAlgorithm = crypto.getAlgorithmByOID(recipientInfo.keyEncryptionAlgorithm.algorithmId, true, "kekAlgorithm");
const importedKey = await crypto.importKey("raw", decryptionParameters.preDefinedData, kekAlgorithm, true, ["unwrapKey"]);
const algorithmId = this.encryptedContentInfo.contentEncryptionAlgorithm.algorithmId;
const contentEncryptionAlgorithm = crypto.getAlgorithmByOID(algorithmId, true, "contentEncryptionAlgorithm");
if (!contentEncryptionAlgorithm.name) {
throw new Error(`Incorrect "contentEncryptionAlgorithm": ${algorithmId}`);
}
return crypto.unwrapKey("raw", recipientInfo.encryptedKey.valueBlock.valueHexView, importedKey, kekAlgorithm, contentEncryptionAlgorithm, true, ["decrypt"]);
};
const SubPasswordRecipientinfo = async (index) => {
const recipientInfo = this.recipientInfos[index].value;
let pbkdf2Params;
if (!decryptionParameters.preDefinedData) {
throw new Error("Parameter \"preDefinedData\" is mandatory for \"KEKRecipientInfo\"");
}
if (!recipientInfo.keyDerivationAlgorithm) {
throw new Error("Please append encoded \"keyDerivationAlgorithm\"");
}
if (!recipientInfo.keyDerivationAlgorithm.algorithmParams) {
throw new Error("Incorrectly encoded \"keyDerivationAlgorithm\"");
}
try {
pbkdf2Params = new PBKDF2Params({ schema: recipientInfo.keyDerivationAlgorithm.algorithmParams });
}
catch {
throw new Error("Incorrectly encoded \"keyDerivationAlgorithm\"");
}
const pbkdf2Key = await crypto.importKey("raw", decryptionParameters.preDefinedData, "PBKDF2", false, ["deriveKey"]);
const kekAlgorithm = crypto.getAlgorithmByOID(recipientInfo.keyEncryptionAlgorithm.algorithmId, true, "keyEncryptionAlgorithm");
const hmacHashAlgorithm = pbkdf2Params.prf
? crypto.getAlgorithmByOID(pbkdf2Params.prf.algorithmId, true, "prfAlgorithm").hash.name
: "SHA-1";
const saltView = new Uint8Array(pbkdf2Params.salt.valueBlock.valueHex);
const iterations = pbkdf2Params.iterationCount;
const kekKey = await crypto.deriveKey({
name: "PBKDF2",
hash: {
name: hmacHashAlgorithm
},
salt: saltView,
iterations
}, pbkdf2Key, kekAlgorithm, true, ["unwrapKey"]);
const algorithmId = this.encryptedContentInfo.contentEncryptionAlgorithm.algorithmId;
const contentEncryptionAlgorithm = crypto.getAlgorithmByOID(algorithmId, true, "contentEncryptionAlgorithm");
return crypto.unwrapKey("raw", recipientInfo.encryptedKey.valueBlock.valueHexView, kekKey, kekAlgorithm, contentEncryptionAlgorithm, true, ["decrypt"]);
};
let unwrappedKey;
switch (this.recipientInfos[recipientIndex].variant) {
case 1:
unwrappedKey = await SubKeyTransRecipientInfo(recipientIndex);
break;
case 2:
unwrappedKey = await SubKeyAgreeRecipientInfo(recipientIndex);
break;
case 3:
unwrappedKey = await SubKEKRecipientInfo(recipientIndex);
break;
case 4:
unwrappedKey = await SubPasswordRecipientinfo(recipientIndex);
break;
default:
throw new Error(`Unknown recipient type in array with index ${recipientIndex}`);
}
const algorithmId = this.encryptedContentInfo.contentEncryptionAlgorithm.algorithmId;
const contentEncryptionAlgorithm = crypto.getAlgorithmByOID(algorithmId, true, "contentEncryptionAlgorithm");
const ivBuffer = this.encryptedContentInfo.contentEncryptionAlgorithm.algorithmParams.valueBlock.valueHex;
const ivView = new Uint8Array(ivBuffer);
if (!this.encryptedContentInfo.encryptedContent) {
throw new Error("Required property `encryptedContent` is empty");
}
const dataBuffer = this.encryptedContentInfo.getEncryptedContent();
return crypto.decrypt({
name: contentEncryptionAlgorithm.name,
iv: ivView
}, unwrappedKey, dataBuffer);
}
}
EnvelopedData.CLASS_NAME = "EnvelopedData";
const SAFE_CONTENTS = "safeContents";
const PARSED_VALUE$1 = "parsedValue";
const CONTENT_INFOS = "contentInfos";
class AuthenticatedSafe extends PkiObject {
constructor(parameters = {}) {
super();
this.safeContents = getParametersValue(parameters, SAFE_CONTENTS, AuthenticatedSafe.defaultValues(SAFE_CONTENTS));
if (PARSED_VALUE$1 in parameters) {
this.parsedValue = getParametersValue(parameters, PARSED_VALUE$1, AuthenticatedSafe.defaultValues(PARSED_VALUE$1));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case SAFE_CONTENTS:
return [];
case PARSED_VALUE$1:
return {};
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case SAFE_CONTENTS:
return (memberValue.length === 0);
case PARSED_VALUE$1:
return ((memberValue instanceof Object) && (Object.keys(memberValue).length === 0));
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Repeated({
name: (names.contentInfos || EMPTY_STRING),
value: ContentInfo.schema()
})
]
}));
}
fromSchema(schema) {
clearProps(schema, [
CONTENT_INFOS
]);
const asn1 = compareSchema(schema, schema, AuthenticatedSafe.schema({
names: {
contentInfos: CONTENT_INFOS
}
}));
AsnError.assertSchema(asn1, this.className);
this.safeContents = Array.from(asn1.result.contentInfos, element => new ContentInfo({ schema: element }));
}
toSchema() {
return (new Sequence({
value: Array.from(this.safeContents, o => o.toSchema())
}));
}
toJSON() {
return {
safeContents: Array.from(this.safeContents, o => o.toJSON())
};
}
async parseInternalValues(parameters, crypto = getCrypto(true)) {
ParameterError.assert(parameters, SAFE_CONTENTS);
ArgumentError.assert(parameters.safeContents, SAFE_CONTENTS, "Array");
if (parameters.safeContents.length !== this.safeContents.length) {
throw new ArgumentError("Length of \"parameters.safeContents\" must be equal to \"this.safeContents.length\"");
}
this.parsedValue = {
safeContents: [],
};
for (const [index, content] of this.safeContents.entries()) {
const safeContent = parameters.safeContents[index];
const errorTarget = `parameters.safeContents[${index}]`;
switch (content.contentType) {
case id_ContentType_Data:
{
ArgumentError.assert(content.content, "this.safeContents[j].content", OctetString);
const authSafeContent = content.content.getValue();
this.parsedValue.safeContents.push({
privacyMode: 0,
value: SafeContents.fromBER(authSafeContent)
});
}
break;
case id_ContentType_EnvelopedData:
{
const cmsEnveloped = new EnvelopedData({ schema: content.content });
ParameterError.assert(errorTarget, safeContent, "recipientCertificate", "recipientKey");
const envelopedData = safeContent;
const recipientCertificate = envelopedData.recipientCertificate;
const recipientKey = envelopedData.recipientKey;
const decrypted = await cmsEnveloped.decrypt(0, {
recipientCertificate,
recipientPrivateKey: recipientKey
}, crypto);
this.parsedValue.safeContents.push({
privacyMode: 2,
value: SafeContents.fromBER(decrypted),
});
}
break;
case id_ContentType_EncryptedData:
{
const cmsEncrypted = new EncryptedData({ schema: content.content });
ParameterError.assert(errorTarget, safeContent, "password");
const password = safeContent.password;
const decrypted = await cmsEncrypted.decrypt({
password
}, crypto);
this.parsedValue.safeContents.push({
privacyMode: 1,
value: SafeContents.fromBER(decrypted),
});
}
break;
default:
throw new Error(`Unknown "contentType" for AuthenticatedSafe: " ${content.contentType}`);
}
}
}
async makeInternalValues(parameters, crypto = getCrypto(true)) {
if (!(this.parsedValue)) {
throw new Error("Please run \"parseValues\" first or add \"parsedValue\" manually");
}
ArgumentError.assert(this.parsedValue, "this.parsedValue", "object");
ArgumentError.assert(this.parsedValue.safeContents, "this.parsedValue.safeContents", "Array");
ArgumentError.assert(parameters, "parameters", "object");
ParameterError.assert(parameters, "safeContents");
ArgumentError.assert(parameters.safeContents, "parameters.safeContents", "Array");
if (parameters.safeContents.length !== this.parsedValue.safeContents.length) {
throw new ArgumentError("Length of \"parameters.safeContents\" must be equal to \"this.parsedValue.safeContents\"");
}
this.safeContents = [];
for (const [index, content] of this.parsedValue.safeContents.entries()) {
ParameterError.assert("content", content, "privacyMode", "value");
ArgumentError.assert(content.value, "content.value", SafeContents);
switch (content.privacyMode) {
case 0:
{
const contentBuffer = content.value.toSchema().toBER(false);
this.safeContents.push(new ContentInfo({
contentType: "1.2.840.113549.1.7.1",
content: new OctetString({ valueHex: contentBuffer })
}));
}
break;
case 1:
{
const cmsEncrypted = new EncryptedData();
const currentParameters = parameters.safeContents[index];
currentParameters.contentToEncrypt = content.value.toSchema().toBER(false);
await cmsEncrypted.encrypt(currentParameters, crypto);
this.safeContents.push(new ContentInfo({
contentType: "1.2.840.113549.1.7.6",
content: cmsEncrypted.toSchema()
}));
}
break;
case 2:
{
const cmsEnveloped = new EnvelopedData();
const contentToEncrypt = content.value.toSchema().toBER(false);
const safeContent = parameters.safeContents[index];
ParameterError.assert(`parameters.safeContents[${index}]`, safeContent, "encryptingCertificate", "encryptionAlgorithm");
switch (true) {
case (safeContent.encryptionAlgorithm.name.toLowerCase() === "aes-cbc"):
case (safeContent.encryptionAlgorithm.name.toLowerCase() === "aes-gcm"):
break;
default:
throw new Error(`Incorrect parameter "encryptionAlgorithm" in "parameters.safeContents[i]": ${safeContent.encryptionAlgorithm}`);
}
switch (true) {
case (safeContent.encryptionAlgorithm.length === 128):
case (safeContent.encryptionAlgorithm.length === 192):
case (safeContent.encryptionAlgorithm.length === 256):
break;
default:
throw new Error(`Incorrect parameter "encryptionAlgorithm.length" in "parameters.safeContents[i]": ${safeContent.encryptionAlgorithm.length}`);
}
const encryptionAlgorithm = safeContent.encryptionAlgorithm;
cmsEnveloped.addRecipientByCertificate(safeContent.encryptingCertificate, {}, undefined, crypto);
await cmsEnveloped.encrypt(encryptionAlgorithm, contentToEncrypt, crypto);
this.safeContents.push(new ContentInfo({
contentType: "1.2.840.113549.1.7.3",
content: cmsEnveloped.toSchema()
}));
}
break;
default:
throw new Error(`Incorrect value for "content.privacyMode": ${content.privacyMode}`);
}
}
return this;
}
}
AuthenticatedSafe.CLASS_NAME = "AuthenticatedSafe";
const HASH_ALGORITHM$1 = "hashAlgorithm";
const ISSUER_NAME_HASH = "issuerNameHash";
const ISSUER_KEY_HASH = "issuerKeyHash";
const SERIAL_NUMBER$1 = "serialNumber";
const CLEAR_PROPS$j = [
HASH_ALGORITHM$1,
ISSUER_NAME_HASH,
ISSUER_KEY_HASH,
SERIAL_NUMBER$1,
];
class CertID extends PkiObject {
static async create(certificate, parameters, crypto = getCrypto(true)) {
const certID = new CertID();
await certID.createForCertificate(certificate, parameters, crypto);
return certID;
}
constructor(parameters = {}) {
super();
this.hashAlgorithm = getParametersValue(parameters, HASH_ALGORITHM$1, CertID.defaultValues(HASH_ALGORITHM$1));
this.issuerNameHash = getParametersValue(parameters, ISSUER_NAME_HASH, CertID.defaultValues(ISSUER_NAME_HASH));
this.issuerKeyHash = getParametersValue(parameters, ISSUER_KEY_HASH, CertID.defaultValues(ISSUER_KEY_HASH));
this.serialNumber = getParametersValue(parameters, SERIAL_NUMBER$1, CertID.defaultValues(SERIAL_NUMBER$1));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case HASH_ALGORITHM$1:
return new AlgorithmIdentifier();
case ISSUER_NAME_HASH:
case ISSUER_KEY_HASH:
return new OctetString();
case SERIAL_NUMBER$1:
return new Integer();
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case HASH_ALGORITHM$1:
return ((memberValue.algorithmId === EMPTY_STRING) && (("algorithmParams" in memberValue) === false));
case ISSUER_NAME_HASH:
case ISSUER_KEY_HASH:
case SERIAL_NUMBER$1:
return (memberValue.isEqual(CertID.defaultValues(SERIAL_NUMBER$1)));
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
AlgorithmIdentifier.schema(names.hashAlgorithmObject || {
names: {
blockName: (names.hashAlgorithm || EMPTY_STRING)
}
}),
new OctetString({ name: (names.issuerNameHash || EMPTY_STRING) }),
new OctetString({ name: (names.issuerKeyHash || EMPTY_STRING) }),
new Integer({ name: (names.serialNumber || EMPTY_STRING) })
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$j);
const asn1 = compareSchema(schema, schema, CertID.schema({
names: {
hashAlgorithm: HASH_ALGORITHM$1,
issuerNameHash: ISSUER_NAME_HASH,
issuerKeyHash: ISSUER_KEY_HASH,
serialNumber: SERIAL_NUMBER$1
}
}));
AsnError.assertSchema(asn1, this.className);
this.hashAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.hashAlgorithm });
this.issuerNameHash = asn1.result.issuerNameHash;
this.issuerKeyHash = asn1.result.issuerKeyHash;
this.serialNumber = asn1.result.serialNumber;
}
toSchema() {
return (new Sequence({
value: [
this.hashAlgorithm.toSchema(),
this.issuerNameHash,
this.issuerKeyHash,
this.serialNumber
]
}));
}
toJSON() {
return {
hashAlgorithm: this.hashAlgorithm.toJSON(),
issuerNameHash: this.issuerNameHash.toJSON(),
issuerKeyHash: this.issuerKeyHash.toJSON(),
serialNumber: this.serialNumber.toJSON(),
};
}
isEqual(certificateID) {
if (this.hashAlgorithm.algorithmId !== certificateID.hashAlgorithm.algorithmId) {
return false;
}
if (!BufferSourceConverter.isEqual(this.issuerNameHash.valueBlock.valueHexView, certificateID.issuerNameHash.valueBlock.valueHexView)) {
return false;
}
if (!BufferSourceConverter.isEqual(this.issuerKeyHash.valueBlock.valueHexView, certificateID.issuerKeyHash.valueBlock.valueHexView)) {
return false;
}
if (!this.serialNumber.isEqual(certificateID.serialNumber)) {
return false;
}
return true;
}
async createForCertificate(certificate, parameters, crypto = getCrypto(true)) {
ParameterError.assert(parameters, HASH_ALGORITHM$1, "issuerCertificate");
const hashOID = crypto.getOIDByAlgorithm({ name: parameters.hashAlgorithm }, true, "hashAlgorithm");
this.hashAlgorithm = new AlgorithmIdentifier({
algorithmId: hashOID,
algorithmParams: new Null()
});
const issuerCertificate = parameters.issuerCertificate;
this.serialNumber = certificate.serialNumber;
const hashIssuerName = await crypto.digest({ name: parameters.hashAlgorithm }, issuerCertificate.subject.toSchema().toBER(false));
this.issuerNameHash = new OctetString({ valueHex: hashIssuerName });
const issuerKeyBuffer = issuerCertificate.subjectPublicKeyInfo.subjectPublicKey.valueBlock.valueHexView;
const hashIssuerKey = await crypto.digest({ name: parameters.hashAlgorithm }, issuerKeyBuffer);
this.issuerKeyHash = new OctetString({ valueHex: hashIssuerKey });
}
}
CertID.CLASS_NAME = "CertID";
const CERT_ID = "certID";
const CERT_STATUS = "certStatus";
const THIS_UPDATE = "thisUpdate";
const NEXT_UPDATE = "nextUpdate";
const SINGLE_EXTENSIONS = "singleExtensions";
const CLEAR_PROPS$i = [
CERT_ID,
CERT_STATUS,
THIS_UPDATE,
NEXT_UPDATE,
SINGLE_EXTENSIONS,
];
class SingleResponse extends PkiObject {
constructor(parameters = {}) {
super();
this.certID = getParametersValue(parameters, CERT_ID, SingleResponse.defaultValues(CERT_ID));
this.certStatus = getParametersValue(parameters, CERT_STATUS, SingleResponse.defaultValues(CERT_STATUS));
this.thisUpdate = getParametersValue(parameters, THIS_UPDATE, SingleResponse.defaultValues(THIS_UPDATE));
if (NEXT_UPDATE in parameters) {
this.nextUpdate = getParametersValue(parameters, NEXT_UPDATE, SingleResponse.defaultValues(NEXT_UPDATE));
}
if (SINGLE_EXTENSIONS in parameters) {
this.singleExtensions = getParametersValue(parameters, SINGLE_EXTENSIONS, SingleResponse.defaultValues(SINGLE_EXTENSIONS));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case CERT_ID:
return new CertID();
case CERT_STATUS:
return {};
case THIS_UPDATE:
case NEXT_UPDATE:
return new Date(0, 0, 0);
case SINGLE_EXTENSIONS:
return [];
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case CERT_ID:
return ((CertID.compareWithDefault("hashAlgorithm", memberValue.hashAlgorithm)) &&
(CertID.compareWithDefault("issuerNameHash", memberValue.issuerNameHash)) &&
(CertID.compareWithDefault("issuerKeyHash", memberValue.issuerKeyHash)) &&
(CertID.compareWithDefault("serialNumber", memberValue.serialNumber)));
case CERT_STATUS:
return (Object.keys(memberValue).length === 0);
case THIS_UPDATE:
case NEXT_UPDATE:
return (memberValue === SingleResponse.defaultValues(memberName));
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
CertID.schema(names.certID || {}),
new Choice({
value: [
new Primitive({
name: (names.certStatus || EMPTY_STRING),
idBlock: {
tagClass: 3,
tagNumber: 0
},
}),
new Constructed({
name: (names.certStatus || EMPTY_STRING),
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: [
new GeneralizedTime(),
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [new Enumerated()]
})
]
}),
new Primitive({
name: (names.certStatus || EMPTY_STRING),
idBlock: {
tagClass: 3,
tagNumber: 2
},
lenBlock: { length: 1 }
})
]
}),
new GeneralizedTime({ name: (names.thisUpdate || EMPTY_STRING) }),
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [new GeneralizedTime({ name: (names.nextUpdate || EMPTY_STRING) })]
}),
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: [Extensions.schema(names.singleExtensions || {})]
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$i);
const asn1 = compareSchema(schema, schema, SingleResponse.schema({
names: {
certID: {
names: {
blockName: CERT_ID
}
},
certStatus: CERT_STATUS,
thisUpdate: THIS_UPDATE,
nextUpdate: NEXT_UPDATE,
singleExtensions: {
names: {
blockName: SINGLE_EXTENSIONS
}
}
}
}));
AsnError.assertSchema(asn1, this.className);
this.certID = new CertID({ schema: asn1.result.certID });
this.certStatus = asn1.result.certStatus;
this.thisUpdate = asn1.result.thisUpdate.toDate();
if (NEXT_UPDATE in asn1.result)
this.nextUpdate = asn1.result.nextUpdate.toDate();
if (SINGLE_EXTENSIONS in asn1.result)
this.singleExtensions = Array.from(asn1.result.singleExtensions.valueBlock.value, element => new Extension({ schema: element }));
}
toSchema() {
const outputArray = [];
outputArray.push(this.certID.toSchema());
outputArray.push(this.certStatus);
outputArray.push(new GeneralizedTime({ valueDate: this.thisUpdate }));
if (this.nextUpdate) {
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [new GeneralizedTime({ valueDate: this.nextUpdate })]
}));
}
if (this.singleExtensions) {
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: [new Sequence({ value: Array.from(this.singleExtensions, o => o.toSchema()) })]
}));
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const res = {
certID: this.certID.toJSON(),
certStatus: this.certStatus.toJSON(),
thisUpdate: this.thisUpdate
};
if (this.nextUpdate) {
res.nextUpdate = this.nextUpdate;
}
if (this.singleExtensions) {
res.singleExtensions = Array.from(this.singleExtensions, o => o.toJSON());
}
return res;
}
}
SingleResponse.CLASS_NAME = "SingleResponse";
const TBS$2 = "tbs";
const VERSION$7 = "version";
const RESPONDER_ID = "responderID";
const PRODUCED_AT = "producedAt";
const RESPONSES = "responses";
const RESPONSE_EXTENSIONS = "responseExtensions";
const RESPONSE_DATA = "ResponseData";
const RESPONSE_DATA_VERSION = `${RESPONSE_DATA}.${VERSION$7}`;
const RESPONSE_DATA_RESPONDER_ID = `${RESPONSE_DATA}.${RESPONDER_ID}`;
const RESPONSE_DATA_PRODUCED_AT = `${RESPONSE_DATA}.${PRODUCED_AT}`;
const RESPONSE_DATA_RESPONSES = `${RESPONSE_DATA}.${RESPONSES}`;
const RESPONSE_DATA_RESPONSE_EXTENSIONS = `${RESPONSE_DATA}.${RESPONSE_EXTENSIONS}`;
const CLEAR_PROPS$h = [
RESPONSE_DATA,
RESPONSE_DATA_VERSION,
RESPONSE_DATA_RESPONDER_ID,
RESPONSE_DATA_PRODUCED_AT,
RESPONSE_DATA_RESPONSES,
RESPONSE_DATA_RESPONSE_EXTENSIONS
];
class ResponseData extends PkiObject {
get tbs() {
return BufferSourceConverter.toArrayBuffer(this.tbsView);
}
set tbs(value) {
this.tbsView = new Uint8Array(value);
}
constructor(parameters = {}) {
super();
this.tbsView = new Uint8Array(getParametersValue(parameters, TBS$2, ResponseData.defaultValues(TBS$2)));
if (VERSION$7 in parameters) {
this.version = getParametersValue(parameters, VERSION$7, ResponseData.defaultValues(VERSION$7));
}
this.responderID = getParametersValue(parameters, RESPONDER_ID, ResponseData.defaultValues(RESPONDER_ID));
this.producedAt = getParametersValue(parameters, PRODUCED_AT, ResponseData.defaultValues(PRODUCED_AT));
this.responses = getParametersValue(parameters, RESPONSES, ResponseData.defaultValues(RESPONSES));
if (RESPONSE_EXTENSIONS in parameters) {
this.responseExtensions = getParametersValue(parameters, RESPONSE_EXTENSIONS, ResponseData.defaultValues(RESPONSE_EXTENSIONS));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case VERSION$7:
return 0;
case TBS$2:
return EMPTY_BUFFER;
case RESPONDER_ID:
return {};
case PRODUCED_AT:
return new Date(0, 0, 0);
case RESPONSES:
case RESPONSE_EXTENSIONS:
return [];
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case TBS$2:
return (memberValue.byteLength === 0);
case RESPONDER_ID:
return (Object.keys(memberValue).length === 0);
case PRODUCED_AT:
return (memberValue === ResponseData.defaultValues(memberName));
case RESPONSES:
case RESPONSE_EXTENSIONS:
return (memberValue.length === 0);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || RESPONSE_DATA),
value: [
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [new Integer({ name: (names.version || RESPONSE_DATA_VERSION) })]
}),
new Choice({
value: [
new Constructed({
name: (names.responderID || RESPONSE_DATA_RESPONDER_ID),
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: [RelativeDistinguishedNames.schema(names.ResponseDataByName || {
names: {
blockName: "ResponseData.byName"
}
})]
}),
new Constructed({
name: (names.responderID || RESPONSE_DATA_RESPONDER_ID),
idBlock: {
tagClass: 3,
tagNumber: 2
},
value: [new OctetString({ name: (names.ResponseDataByKey || "ResponseData.byKey") })]
})
]
}),
new GeneralizedTime({ name: (names.producedAt || RESPONSE_DATA_PRODUCED_AT) }),
new Sequence({
value: [
new Repeated({
name: RESPONSE_DATA_RESPONSES,
value: SingleResponse.schema(names.response || {})
})
]
}),
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: [Extensions.schema(names.extensions || {
names: {
blockName: RESPONSE_DATA_RESPONSE_EXTENSIONS
}
})]
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$h);
const asn1 = compareSchema(schema, schema, ResponseData.schema());
AsnError.assertSchema(asn1, this.className);
this.tbsView = asn1.result.ResponseData.valueBeforeDecodeView;
if (RESPONSE_DATA_VERSION in asn1.result)
this.version = asn1.result[RESPONSE_DATA_VERSION].valueBlock.valueDec;
if (asn1.result[RESPONSE_DATA_RESPONDER_ID].idBlock.tagNumber === 1)
this.responderID = new RelativeDistinguishedNames({ schema: asn1.result[RESPONSE_DATA_RESPONDER_ID].valueBlock.value[0] });
else
this.responderID = asn1.result[RESPONSE_DATA_RESPONDER_ID].valueBlock.value[0];
this.producedAt = asn1.result[RESPONSE_DATA_PRODUCED_AT].toDate();
this.responses = Array.from(asn1.result[RESPONSE_DATA_RESPONSES], element => new SingleResponse({ schema: element }));
if (RESPONSE_DATA_RESPONSE_EXTENSIONS in asn1.result)
this.responseExtensions = Array.from(asn1.result[RESPONSE_DATA_RESPONSE_EXTENSIONS].valueBlock.value, element => new Extension({ schema: element }));
}
toSchema(encodeFlag = false) {
let tbsSchema;
if (encodeFlag === false) {
if (!this.tbsView.byteLength) {
return ResponseData.schema();
}
const asn1 = fromBER(this.tbsView);
AsnError.assert(asn1, "TBS Response Data");
tbsSchema = asn1.result;
}
else {
const outputArray = [];
if (VERSION$7 in this) {
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [new Integer({ value: this.version })]
}));
}
if (this.responderID instanceof RelativeDistinguishedNames) {
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: [this.responderID.toSchema()]
}));
}
else {
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 2
},
value: [this.responderID]
}));
}
outputArray.push(new GeneralizedTime({ valueDate: this.producedAt }));
outputArray.push(new Sequence({
value: Array.from(this.responses, o => o.toSchema())
}));
if (this.responseExtensions) {
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: [new Sequence({
value: Array.from(this.responseExtensions, o => o.toSchema())
})]
}));
}
tbsSchema = new Sequence({
value: outputArray
});
}
return tbsSchema;
}
toJSON() {
const res = {};
if (VERSION$7 in this) {
res.version = this.version;
}
if (this.responderID) {
res.responderID = this.responderID;
}
if (this.producedAt) {
res.producedAt = this.producedAt;
}
if (this.responses) {
res.responses = Array.from(this.responses, o => o.toJSON());
}
if (this.responseExtensions) {
res.responseExtensions = Array.from(this.responseExtensions, o => o.toJSON());
}
return res;
}
}
ResponseData.CLASS_NAME = "ResponseData";
const TRUSTED_CERTS = "trustedCerts";
const CERTS$2 = "certs";
const CRLS$1 = "crls";
const OCSPS$1 = "ocsps";
const CHECK_DATE = "checkDate";
const FIND_ORIGIN = "findOrigin";
const FIND_ISSUER = "findIssuer";
var ChainValidationCode;
(function (ChainValidationCode) {
ChainValidationCode[ChainValidationCode["unknown"] = -1] = "unknown";
ChainValidationCode[ChainValidationCode["success"] = 0] = "success";
ChainValidationCode[ChainValidationCode["noRevocation"] = 11] = "noRevocation";
ChainValidationCode[ChainValidationCode["noPath"] = 60] = "noPath";
ChainValidationCode[ChainValidationCode["noValidPath"] = 97] = "noValidPath";
})(ChainValidationCode || (ChainValidationCode = {}));
class ChainValidationError extends Error {
constructor(code, message) {
super(message);
this.name = ChainValidationError.NAME;
this.code = code;
this.message = message;
}
}
ChainValidationError.NAME = "ChainValidationError";
function isTrusted(cert, trustedList) {
for (let i = 0; i < trustedList.length; i++) {
if (BufferSourceConverter.isEqual(cert.tbsView, trustedList[i].tbsView)) {
return true;
}
}
return false;
}
class CertificateChainValidationEngine {
constructor(parameters = {}) {
this.trustedCerts = getParametersValue(parameters, TRUSTED_CERTS, this.defaultValues(TRUSTED_CERTS));
this.certs = getParametersValue(parameters, CERTS$2, this.defaultValues(CERTS$2));
this.crls = getParametersValue(parameters, CRLS$1, this.defaultValues(CRLS$1));
this.ocsps = getParametersValue(parameters, OCSPS$1, this.defaultValues(OCSPS$1));
this.checkDate = getParametersValue(parameters, CHECK_DATE, this.defaultValues(CHECK_DATE));
this.findOrigin = getParametersValue(parameters, FIND_ORIGIN, this.defaultValues(FIND_ORIGIN));
this.findIssuer = getParametersValue(parameters, FIND_ISSUER, this.defaultValues(FIND_ISSUER));
}
static defaultFindOrigin(certificate, validationEngine) {
if (certificate.tbsView.byteLength === 0) {
certificate.tbsView = new Uint8Array(certificate.encodeTBS().toBER());
}
for (const localCert of validationEngine.certs) {
if (localCert.tbsView.byteLength === 0) {
localCert.tbsView = new Uint8Array(localCert.encodeTBS().toBER());
}
if (BufferSourceConverter.isEqual(certificate.tbsView, localCert.tbsView))
return "Intermediate Certificates";
}
for (const trustedCert of validationEngine.trustedCerts) {
if (trustedCert.tbsView.byteLength === 0)
trustedCert.tbsView = new Uint8Array(trustedCert.encodeTBS().toBER());
if (BufferSourceConverter.isEqual(certificate.tbsView, trustedCert.tbsView))
return "Trusted Certificates";
}
return "Unknown";
}
async defaultFindIssuer(certificate, validationEngine, crypto = getCrypto(true)) {
const result = [];
let keyIdentifier = null;
let authorityCertIssuer = null;
let authorityCertSerialNumber = null;
if (certificate.subject.isEqual(certificate.issuer)) {
try {
const verificationResult = await certificate.verify(undefined, crypto);
if (verificationResult) {
return [certificate];
}
}
catch {
}
}
if (certificate.extensions) {
for (const extension of certificate.extensions) {
if (extension.extnID === id_AuthorityKeyIdentifier && extension.parsedValue instanceof AuthorityKeyIdentifier) {
if (extension.parsedValue.keyIdentifier) {
keyIdentifier = extension.parsedValue.keyIdentifier;
}
else {
if (extension.parsedValue.authorityCertIssuer) {
authorityCertIssuer = extension.parsedValue.authorityCertIssuer;
}
if (extension.parsedValue.authorityCertSerialNumber) {
authorityCertSerialNumber = extension.parsedValue.authorityCertSerialNumber;
}
}
break;
}
}
}
function checkCertificate(possibleIssuer) {
if (keyIdentifier !== null) {
if (possibleIssuer.extensions) {
let extensionFound = false;
for (const extension of possibleIssuer.extensions) {
if (extension.extnID === id_SubjectKeyIdentifier && extension.parsedValue) {
extensionFound = true;
if (BufferSourceConverter.isEqual(extension.parsedValue.valueBlock.valueHex, keyIdentifier.valueBlock.valueHexView)) {
result.push(possibleIssuer);
}
break;
}
}
if (extensionFound) {
return;
}
}
}
let authorityCertSerialNumberEqual = false;
if (authorityCertSerialNumber !== null)
authorityCertSerialNumberEqual = possibleIssuer.serialNumber.isEqual(authorityCertSerialNumber);
if (authorityCertIssuer !== null) {
if (possibleIssuer.subject.isEqual(authorityCertIssuer)) {
if (authorityCertSerialNumberEqual)
result.push(possibleIssuer);
}
}
else {
if (certificate.issuer.isEqual(possibleIssuer.subject))
result.push(possibleIssuer);
}
}
for (const trustedCert of validationEngine.trustedCerts) {
checkCertificate(trustedCert);
}
for (const intermediateCert of validationEngine.certs) {
checkCertificate(intermediateCert);
}
for (let i = result.length - 1; i >= 0; i--) {
try {
const verificationResult = await certificate.verify(result[i], crypto);
if (verificationResult === false)
result.splice(i, 1);
}
catch {
result.splice(i, 1);
}
}
return result;
}
defaultValues(memberName) {
switch (memberName) {
case TRUSTED_CERTS:
return [];
case CERTS$2:
return [];
case CRLS$1:
return [];
case OCSPS$1:
return [];
case CHECK_DATE:
return new Date();
case FIND_ORIGIN:
return CertificateChainValidationEngine.defaultFindOrigin;
case FIND_ISSUER:
return this.defaultFindIssuer;
default:
throw new Error(`Invalid member name for CertificateChainValidationEngine class: ${memberName}`);
}
}
async sort(passedWhenNotRevValues = false, crypto = getCrypto(true)) {
const localCerts = [];
const buildPath = async (certificate, crypto) => {
const result = [];
function checkUnique(array) {
let unique = true;
for (let i = 0; i < array.length; i++) {
for (let j = 0; j < array.length; j++) {
if (j === i)
continue;
if (array[i] === array[j]) {
unique = false;
break;
}
}
if (!unique)
break;
}
return unique;
}
if (isTrusted(certificate, this.trustedCerts)) {
return [[certificate]];
}
const findIssuerResult = await this.findIssuer(certificate, this, crypto);
if (findIssuerResult.length === 0) {
throw new Error("No valid certificate paths found");
}
for (let i = 0; i < findIssuerResult.length; i++) {
if (BufferSourceConverter.isEqual(findIssuerResult[i].tbsView, certificate.tbsView)) {
result.push([findIssuerResult[i]]);
continue;
}
const buildPathResult = await buildPath(findIssuerResult[i], crypto);
for (let j = 0; j < buildPathResult.length; j++) {
const copy = buildPathResult[j].slice();
copy.splice(0, 0, findIssuerResult[i]);
if (checkUnique(copy))
result.push(copy);
else
result.push(buildPathResult[j]);
}
}
return result;
};
const findCRL = async (certificate) => {
const issuerCertificates = [];
const crls = [];
const crlsAndCertificates = [];
issuerCertificates.push(...localCerts.filter(element => certificate.issuer.isEqual(element.subject)));
if (issuerCertificates.length === 0) {
return {
status: 1,
statusMessage: "No certificate's issuers"
};
}
crls.push(...this.crls.filter(o => o.issuer.isEqual(certificate.issuer)));
if (crls.length === 0) {
return {
status: 2,
statusMessage: "No CRLs for specific certificate issuer"
};
}
for (let i = 0; i < crls.length; i++) {
const crl = crls[i];
if (crl.nextUpdate && crl.nextUpdate.value < this.checkDate) {
continue;
}
for (let j = 0; j < issuerCertificates.length; j++) {
try {
const result = await crls[i].verify({ issuerCertificate: issuerCertificates[j] }, crypto);
if (result) {
crlsAndCertificates.push({
crl: crls[i],
certificate: issuerCertificates[j]
});
break;
}
}
catch {
}
}
}
if (crlsAndCertificates.length) {
return {
status: 0,
statusMessage: EMPTY_STRING,
result: crlsAndCertificates
};
}
return {
status: 3,
statusMessage: "No valid CRLs found"
};
};
const findOCSP = async (certificate, issuerCertificate) => {
const hashAlgorithm = crypto.getAlgorithmByOID(certificate.signatureAlgorithm.algorithmId);
if (!hashAlgorithm.name) {
return 1;
}
if (!hashAlgorithm.hash) {
return 1;
}
for (let i = 0; i < this.ocsps.length; i++) {
const ocsp = this.ocsps[i];
const result = await ocsp.getCertificateStatus(certificate, issuerCertificate, crypto);
if (result.isForCertificate) {
if (result.status === 0)
return 0;
return 1;
}
}
return 2;
};
async function checkForCA(certificate, needToCheckCRL = false) {
let isCA = false;
let mustBeCA = false;
let keyUsagePresent = false;
let cRLSign = false;
if (certificate.extensions) {
for (let j = 0; j < certificate.extensions.length; j++) {
const extension = certificate.extensions[j];
if (extension.critical && !extension.parsedValue) {
return {
result: false,
resultCode: 6,
resultMessage: `Unable to parse critical certificate extension: ${extension.extnID}`
};
}
if (extension.extnID === id_KeyUsage) {
keyUsagePresent = true;
const view = new Uint8Array(extension.parsedValue.valueBlock.valueHex);
if ((view[0] & 0x04) === 0x04)
mustBeCA = true;
if ((view[0] & 0x02) === 0x02)
cRLSign = true;
}
if (extension.extnID === id_BasicConstraints) {
if ("cA" in extension.parsedValue) {
if (extension.parsedValue.cA === true)
isCA = true;
}
}
}
if ((mustBeCA === true) && (isCA === false)) {
return {
result: false,
resultCode: 3,
resultMessage: "Unable to build certificate chain - using \"keyCertSign\" flag set without BasicConstraints"
};
}
if ((keyUsagePresent === true) && (isCA === true) && (mustBeCA === false)) {
return {
result: false,
resultCode: 4,
resultMessage: "Unable to build certificate chain - \"keyCertSign\" flag was not set"
};
}
if ((isCA === true) && (keyUsagePresent === true) && ((needToCheckCRL) && (cRLSign === false))) {
return {
result: false,
resultCode: 5,
resultMessage: "Unable to build certificate chain - intermediate certificate must have \"cRLSign\" key usage flag"
};
}
}
if (isCA === false) {
return {
result: false,
resultCode: 7,
resultMessage: "Unable to build certificate chain - more than one possible end-user certificate"
};
}
return {
result: true,
resultCode: 0,
resultMessage: EMPTY_STRING
};
}
const basicCheck = async (path, checkDate) => {
for (let i = 0; i < path.length; i++) {
if ((path[i].notBefore.value > checkDate) ||
(path[i].notAfter.value < checkDate)) {
return {
result: false,
resultCode: 8,
resultMessage: "The certificate is either not yet valid or expired"
};
}
}
if (path.length < 2) {
return {
result: false,
resultCode: 9,
resultMessage: "Too short certificate path"
};
}
for (let i = (path.length - 2); i >= 0; i--) {
if (path[i].issuer.isEqual(path[i].subject) === false) {
if (path[i].issuer.isEqual(path[i + 1].subject) === false) {
return {
result: false,
resultCode: 10,
resultMessage: "Incorrect name chaining"
};
}
}
}
if ((this.crls.length !== 0) || (this.ocsps.length !== 0)) {
for (let i = 0; i < (path.length - 1); i++) {
let ocspResult = 2;
let crlResult = {
status: 0,
statusMessage: EMPTY_STRING
};
if (this.ocsps.length !== 0) {
ocspResult = await findOCSP(path[i], path[i + 1]);
switch (ocspResult) {
case 0:
continue;
case 1:
return {
result: false,
resultCode: 12,
resultMessage: "One of certificates was revoked via OCSP response"
};
}
}
if (this.crls.length !== 0) {
crlResult = await findCRL(path[i]);
if (crlResult.status === 0 && crlResult.result) {
for (let j = 0; j < crlResult.result.length; j++) {
const isCertificateRevoked = crlResult.result[j].crl.isCertificateRevoked(path[i]);
if (isCertificateRevoked) {
return {
result: false,
resultCode: 12,
resultMessage: "One of certificates had been revoked"
};
}
const isCertificateCA = await checkForCA(crlResult.result[j].certificate, true);
if (isCertificateCA.result === false) {
return {
result: false,
resultCode: 13,
resultMessage: "CRL issuer certificate is not a CA certificate or does not have crlSign flag"
};
}
}
}
else {
if (passedWhenNotRevValues === false) {
throw new ChainValidationError(ChainValidationCode.noRevocation, `No revocation values found for one of certificates: ${crlResult.statusMessage}`);
}
}
}
else {
if (ocspResult === 2) {
return {
result: false,
resultCode: 11,
resultMessage: "No revocation values found for one of certificates"
};
}
}
if ((ocspResult === 2) && (crlResult.status === 2) && passedWhenNotRevValues) {
const issuerCertificate = path[i + 1];
let extensionFound = false;
if (issuerCertificate.extensions) {
for (const extension of issuerCertificate.extensions) {
switch (extension.extnID) {
case id_CRLDistributionPoints:
case id_FreshestCRL:
case id_AuthorityInfoAccess:
extensionFound = true;
break;
}
}
}
if (extensionFound) {
throw new ChainValidationError(ChainValidationCode.noRevocation, `No revocation values found for one of certificates: ${crlResult.statusMessage}`);
}
}
}
}
for (const [i, cert] of path.entries()) {
if (!i) {
continue;
}
const result = await checkForCA(cert);
if (!result.result) {
return {
result: false,
resultCode: 14,
resultMessage: "One of intermediate certificates is not a CA certificate"
};
}
}
return {
result: true
};
};
localCerts.push(...this.trustedCerts);
localCerts.push(...this.certs);
for (let i = 0; i < localCerts.length; i++) {
for (let j = 0; j < localCerts.length; j++) {
if (i === j)
continue;
if (BufferSourceConverter.isEqual(localCerts[i].tbsView, localCerts[j].tbsView)) {
localCerts.splice(j, 1);
i = 0;
break;
}
}
}
const leafCert = localCerts[localCerts.length - 1];
let result;
const certificatePath = [leafCert];
result = await buildPath(leafCert, crypto);
if (result.length === 0) {
throw new ChainValidationError(ChainValidationCode.noPath, "Unable to find certificate path");
}
for (let i = result.length - 1; i >= 0; i--) {
let found = false;
for (let j = 0; j < (result[i]).length; j++) {
const certificate = (result[i])[j];
for (let k = 0; k < this.trustedCerts.length; k++) {
if (BufferSourceConverter.isEqual(certificate.tbsView, this.trustedCerts[k].tbsView)) {
found = true;
break;
}
}
if (found)
break;
}
if (!found) {
result.splice(i, 1);
}
}
if (result.length === 0) {
throw new ChainValidationError(ChainValidationCode.noValidPath, "No valid certificate paths found");
}
let shortestLength = result[0].length;
let shortestIndex = 0;
for (let i = 0; i < result.length; i++) {
if (result[i].length < shortestLength) {
shortestLength = result[i].length;
shortestIndex = i;
}
}
for (let i = 0; i < result[shortestIndex].length; i++)
certificatePath.push((result[shortestIndex])[i]);
result = await basicCheck(certificatePath, this.checkDate);
if (result.result === false)
throw result;
return certificatePath;
}
async verify(parameters = {}, crypto = getCrypto(true)) {
function compareDNSName(name, constraint) {
const namePrepared = stringPrep(name);
const constraintPrepared = stringPrep(constraint);
const nameSplitted = namePrepared.split(".");
const constraintSplitted = constraintPrepared.split(".");
const nameLen = nameSplitted.length;
const constrLen = constraintSplitted.length;
if ((nameLen === 0) || (constrLen === 0) || (nameLen < constrLen)) {
return false;
}
for (let i = 0; i < nameLen; i++) {
if (nameSplitted[i].length === 0) {
return false;
}
}
for (let i = 0; i < constrLen; i++) {
if (constraintSplitted[i].length === 0) {
if (i === 0) {
if (constrLen === 1) {
return false;
}
continue;
}
return false;
}
}
for (let i = 0; i < constrLen; i++) {
if (constraintSplitted[constrLen - 1 - i].length === 0) {
continue;
}
if (nameSplitted[nameLen - 1 - i].localeCompare(constraintSplitted[constrLen - 1 - i]) !== 0) {
return false;
}
}
return true;
}
function compareRFC822Name(name, constraint) {
const namePrepared = stringPrep(name);
const constraintPrepared = stringPrep(constraint);
const nameSplitted = namePrepared.split("@");
const constraintSplitted = constraintPrepared.split("@");
if ((nameSplitted.length === 0) || (constraintSplitted.length === 0) || (nameSplitted.length < constraintSplitted.length))
return false;
if (constraintSplitted.length === 1) {
const result = compareDNSName(nameSplitted[1], constraintSplitted[0]);
if (result) {
const ns = nameSplitted[1].split(".");
const cs = constraintSplitted[0].split(".");
if (cs[0].length === 0)
return true;
return ns.length === cs.length;
}
return false;
}
return (namePrepared.localeCompare(constraintPrepared) === 0);
}
function compareUniformResourceIdentifier(name, constraint) {
let namePrepared = stringPrep(name);
const constraintPrepared = stringPrep(constraint);
const ns = namePrepared.split("/");
const cs = constraintPrepared.split("/");
if (cs.length > 1)
return false;
if (ns.length > 1) {
for (let i = 0; i < ns.length; i++) {
if ((ns[i].length > 0) && (ns[i].charAt(ns[i].length - 1) !== ":")) {
const nsPort = ns[i].split(":");
namePrepared = nsPort[0];
break;
}
}
}
const result = compareDNSName(namePrepared, constraintPrepared);
if (result) {
const nameSplitted = namePrepared.split(".");
const constraintSplitted = constraintPrepared.split(".");
if (constraintSplitted[0].length === 0)
return true;
return nameSplitted.length === constraintSplitted.length;
}
return false;
}
function compareIPAddress(name, constraint) {
const nameView = name.valueBlock.valueHexView;
const constraintView = constraint.valueBlock.valueHexView;
if ((nameView.length === 4) && (constraintView.length === 8)) {
for (let i = 0; i < 4; i++) {
if ((nameView[i] ^ constraintView[i]) & constraintView[i + 4])
return false;
}
return true;
}
if ((nameView.length === 16) && (constraintView.length === 32)) {
for (let i = 0; i < 16; i++) {
if ((nameView[i] ^ constraintView[i]) & constraintView[i + 16])
return false;
}
return true;
}
return false;
}
function compareDirectoryName(name, constraint) {
if ((name.typesAndValues.length === 0) || (constraint.typesAndValues.length === 0))
return true;
if (name.typesAndValues.length < constraint.typesAndValues.length)
return false;
let result = true;
let nameStart = 0;
for (let i = 0; i < constraint.typesAndValues.length; i++) {
let localResult = false;
for (let j = nameStart; j < name.typesAndValues.length; j++) {
localResult = name.typesAndValues[j].isEqual(constraint.typesAndValues[i]);
if (name.typesAndValues[j].type === constraint.typesAndValues[i].type)
result = result && localResult;
if (localResult === true) {
if ((nameStart === 0) || (nameStart === j)) {
nameStart = j + 1;
break;
}
else
return false;
}
}
if (localResult === false)
return false;
}
return (nameStart === 0) ? false : result;
}
try {
if (this.certs.length === 0)
throw new Error("Empty certificate array");
const passedWhenNotRevValues = parameters.passedWhenNotRevValues || false;
const initialPolicySet = parameters.initialPolicySet || [id_AnyPolicy];
const initialExplicitPolicy = parameters.initialExplicitPolicy || false;
const initialPolicyMappingInhibit = parameters.initialPolicyMappingInhibit || false;
const initialInhibitPolicy = parameters.initialInhibitPolicy || false;
const initialPermittedSubtreesSet = parameters.initialPermittedSubtreesSet || [];
const initialExcludedSubtreesSet = parameters.initialExcludedSubtreesSet || [];
const initialRequiredNameForms = parameters.initialRequiredNameForms || [];
let explicitPolicyIndicator = initialExplicitPolicy;
let policyMappingInhibitIndicator = initialPolicyMappingInhibit;
let inhibitAnyPolicyIndicator = initialInhibitPolicy;
const pendingConstraints = [
false,
false,
false,
];
let explicitPolicyPending = 0;
let policyMappingInhibitPending = 0;
let inhibitAnyPolicyPending = 0;
let permittedSubtrees = initialPermittedSubtreesSet;
let excludedSubtrees = initialExcludedSubtreesSet;
const requiredNameForms = initialRequiredNameForms;
let pathDepth = 1;
this.certs = await this.sort(passedWhenNotRevValues, crypto);
const allPolicies = [];
allPolicies.push(id_AnyPolicy);
const policiesAndCerts = [];
const anyPolicyArray = new Array(this.certs.length - 1);
for (let ii = 0; ii < (this.certs.length - 1); ii++)
anyPolicyArray[ii] = true;
policiesAndCerts.push(anyPolicyArray);
const policyMappings = new Array(this.certs.length - 1);
const certPolicies = new Array(this.certs.length - 1);
let explicitPolicyStart = (explicitPolicyIndicator) ? (this.certs.length - 1) : (-1);
for (let i = (this.certs.length - 2); i >= 0; i--, pathDepth++) {
const cert = this.certs[i];
if (cert.extensions) {
for (let j = 0; j < cert.extensions.length; j++) {
const extension = cert.extensions[j];
if (extension.extnID === id_CertificatePolicies) {
certPolicies[i] = extension.parsedValue;
for (let s = 0; s < allPolicies.length; s++) {
if (allPolicies[s] === id_AnyPolicy) {
delete (policiesAndCerts[s])[i];
break;
}
}
for (let k = 0; k < extension.parsedValue.certificatePolicies.length; k++) {
let policyIndex = (-1);
const policyId = extension.parsedValue.certificatePolicies[k].policyIdentifier;
for (let s = 0; s < allPolicies.length; s++) {
if (policyId === allPolicies[s]) {
policyIndex = s;
break;
}
}
if (policyIndex === (-1)) {
allPolicies.push(policyId);
const certArray = new Array(this.certs.length - 1);
certArray[i] = true;
policiesAndCerts.push(certArray);
}
else
(policiesAndCerts[policyIndex])[i] = true;
}
}
if (extension.extnID === id_PolicyMappings) {
if (policyMappingInhibitIndicator) {
return {
result: false,
resultCode: 98,
resultMessage: "Policy mapping prohibited"
};
}
policyMappings[i] = extension.parsedValue;
}
if (extension.extnID === id_PolicyConstraints) {
if (explicitPolicyIndicator === false) {
if (extension.parsedValue.requireExplicitPolicy === 0) {
explicitPolicyIndicator = true;
explicitPolicyStart = i;
}
else {
if (pendingConstraints[0] === false) {
pendingConstraints[0] = true;
explicitPolicyPending = extension.parsedValue.requireExplicitPolicy;
}
else
explicitPolicyPending = (explicitPolicyPending > extension.parsedValue.requireExplicitPolicy) ? extension.parsedValue.requireExplicitPolicy : explicitPolicyPending;
}
if (extension.parsedValue.inhibitPolicyMapping === 0)
policyMappingInhibitIndicator = true;
else {
if (pendingConstraints[1] === false) {
pendingConstraints[1] = true;
policyMappingInhibitPending = extension.parsedValue.inhibitPolicyMapping + 1;
}
else
policyMappingInhibitPending = (policyMappingInhibitPending > (extension.parsedValue.inhibitPolicyMapping + 1)) ? (extension.parsedValue.inhibitPolicyMapping + 1) : policyMappingInhibitPending;
}
}
}
if (extension.extnID === id_InhibitAnyPolicy) {
if (inhibitAnyPolicyIndicator === false) {
if (extension.parsedValue.valueBlock.valueDec === 0)
inhibitAnyPolicyIndicator = true;
else {
if (pendingConstraints[2] === false) {
pendingConstraints[2] = true;
inhibitAnyPolicyPending = extension.parsedValue.valueBlock.valueDec;
}
else
inhibitAnyPolicyPending = (inhibitAnyPolicyPending > extension.parsedValue.valueBlock.valueDec) ? extension.parsedValue.valueBlock.valueDec : inhibitAnyPolicyPending;
}
}
}
}
if (inhibitAnyPolicyIndicator === true) {
let policyIndex = (-1);
for (let searchAnyPolicy = 0; searchAnyPolicy < allPolicies.length; searchAnyPolicy++) {
if (allPolicies[searchAnyPolicy] === id_AnyPolicy) {
policyIndex = searchAnyPolicy;
break;
}
}
if (policyIndex !== (-1))
delete (policiesAndCerts[0])[i];
}
if (explicitPolicyIndicator === false) {
if (pendingConstraints[0] === true) {
explicitPolicyPending--;
if (explicitPolicyPending === 0) {
explicitPolicyIndicator = true;
explicitPolicyStart = i;
pendingConstraints[0] = false;
}
}
}
if (policyMappingInhibitIndicator === false) {
if (pendingConstraints[1] === true) {
policyMappingInhibitPending--;
if (policyMappingInhibitPending === 0) {
policyMappingInhibitIndicator = true;
pendingConstraints[1] = false;
}
}
}
if (inhibitAnyPolicyIndicator === false) {
if (pendingConstraints[2] === true) {
inhibitAnyPolicyPending--;
if (inhibitAnyPolicyPending === 0) {
inhibitAnyPolicyIndicator = true;
pendingConstraints[2] = false;
}
}
}
}
}
for (let i = 0; i < (this.certs.length - 1); i++) {
if ((i < (this.certs.length - 2)) && (typeof policyMappings[i + 1] !== "undefined")) {
for (let k = 0; k < policyMappings[i + 1].mappings.length; k++) {
if ((policyMappings[i + 1].mappings[k].issuerDomainPolicy === id_AnyPolicy) || (policyMappings[i + 1].mappings[k].subjectDomainPolicy === id_AnyPolicy)) {
return {
result: false,
resultCode: 99,
resultMessage: "The \"anyPolicy\" should not be a part of policy mapping scheme"
};
}
let issuerDomainPolicyIndex = (-1);
let subjectDomainPolicyIndex = (-1);
for (let n = 0; n < allPolicies.length; n++) {
if (allPolicies[n] === policyMappings[i + 1].mappings[k].issuerDomainPolicy)
issuerDomainPolicyIndex = n;
if (allPolicies[n] === policyMappings[i + 1].mappings[k].subjectDomainPolicy)
subjectDomainPolicyIndex = n;
}
if (typeof (policiesAndCerts[issuerDomainPolicyIndex])[i] !== "undefined")
delete (policiesAndCerts[issuerDomainPolicyIndex])[i];
for (let j = 0; j < certPolicies[i].certificatePolicies.length; j++) {
if (policyMappings[i + 1].mappings[k].subjectDomainPolicy === certPolicies[i].certificatePolicies[j].policyIdentifier) {
if ((issuerDomainPolicyIndex !== (-1)) && (subjectDomainPolicyIndex !== (-1))) {
for (let m = 0; m <= i; m++) {
if (typeof (policiesAndCerts[subjectDomainPolicyIndex])[m] !== "undefined") {
(policiesAndCerts[issuerDomainPolicyIndex])[m] = true;
delete (policiesAndCerts[subjectDomainPolicyIndex])[m];
}
}
}
}
}
}
}
}
for (let i = 0; i < allPolicies.length; i++) {
if (allPolicies[i] === id_AnyPolicy) {
for (let j = 0; j < explicitPolicyStart; j++)
delete (policiesAndCerts[i])[j];
}
}
const authConstrPolicies = [];
for (let i = 0; i < policiesAndCerts.length; i++) {
let found = true;
for (let j = 0; j < (this.certs.length - 1); j++) {
let anyPolicyFound = false;
if ((j < explicitPolicyStart) && (allPolicies[i] === id_AnyPolicy) && (allPolicies.length > 1)) {
found = false;
break;
}
if (typeof (policiesAndCerts[i])[j] === "undefined") {
if (j >= explicitPolicyStart) {
for (let k = 0; k < allPolicies.length; k++) {
if (allPolicies[k] === id_AnyPolicy) {
if ((policiesAndCerts[k])[j] === true)
anyPolicyFound = true;
break;
}
}
}
if (!anyPolicyFound) {
found = false;
break;
}
}
}
if (found === true)
authConstrPolicies.push(allPolicies[i]);
}
let userConstrPolicies = [];
if ((initialPolicySet.length === 1) && (initialPolicySet[0] === id_AnyPolicy) && (explicitPolicyIndicator === false))
userConstrPolicies = initialPolicySet;
else {
if ((authConstrPolicies.length === 1) && (authConstrPolicies[0] === id_AnyPolicy))
userConstrPolicies = initialPolicySet;
else {
for (let i = 0; i < authConstrPolicies.length; i++) {
for (let j = 0; j < initialPolicySet.length; j++) {
if ((initialPolicySet[j] === authConstrPolicies[i]) || (initialPolicySet[j] === id_AnyPolicy)) {
userConstrPolicies.push(authConstrPolicies[i]);
break;
}
}
}
}
}
const policyResult = {
result: (userConstrPolicies.length > 0),
resultCode: 0,
resultMessage: (userConstrPolicies.length > 0) ? EMPTY_STRING : "Zero \"userConstrPolicies\" array, no intersections with \"authConstrPolicies\"",
authConstrPolicies,
userConstrPolicies,
explicitPolicyIndicator,
policyMappings,
certificatePath: this.certs
};
if (userConstrPolicies.length === 0)
return policyResult;
if (policyResult.result === false)
return policyResult;
pathDepth = 1;
for (let i = (this.certs.length - 2); i >= 0; i--, pathDepth++) {
const cert = this.certs[i];
let subjectAltNames = [];
let certPermittedSubtrees = [];
let certExcludedSubtrees = [];
if (cert.extensions) {
for (let j = 0; j < cert.extensions.length; j++) {
const extension = cert.extensions[j];
if (extension.extnID === id_NameConstraints) {
if ("permittedSubtrees" in extension.parsedValue)
certPermittedSubtrees = certPermittedSubtrees.concat(extension.parsedValue.permittedSubtrees);
if ("excludedSubtrees" in extension.parsedValue)
certExcludedSubtrees = certExcludedSubtrees.concat(extension.parsedValue.excludedSubtrees);
}
if (extension.extnID === id_SubjectAltName)
subjectAltNames = subjectAltNames.concat(extension.parsedValue.altNames);
}
}
let formFound = (requiredNameForms.length <= 0);
for (let j = 0; j < requiredNameForms.length; j++) {
switch (requiredNameForms[j].base.type) {
case 4:
{
if (requiredNameForms[j].base.value.typesAndValues.length !== cert.subject.typesAndValues.length)
continue;
formFound = true;
for (let k = 0; k < cert.subject.typesAndValues.length; k++) {
if (cert.subject.typesAndValues[k].type !== requiredNameForms[j].base.value.typesAndValues[k].type) {
formFound = false;
break;
}
}
if (formFound === true)
break;
}
break;
default:
}
}
if (formFound === false) {
policyResult.result = false;
policyResult.resultCode = 21;
policyResult.resultMessage = "No necessary name form found";
throw policyResult;
}
const constrGroups = [
[],
[],
[],
[],
[],
];
for (let j = 0; j < permittedSubtrees.length; j++) {
switch (permittedSubtrees[j].base.type) {
case 1:
constrGroups[0].push(permittedSubtrees[j]);
break;
case 2:
constrGroups[1].push(permittedSubtrees[j]);
break;
case 4:
constrGroups[2].push(permittedSubtrees[j]);
break;
case 6:
constrGroups[3].push(permittedSubtrees[j]);
break;
case 7:
constrGroups[4].push(permittedSubtrees[j]);
break;
default:
}
}
for (let p = 0; p < 5; p++) {
let groupPermitted = false;
let valueExists = false;
const group = constrGroups[p];
for (let j = 0; j < group.length; j++) {
switch (p) {
case 0:
if (subjectAltNames.length > 0) {
for (let k = 0; k < subjectAltNames.length; k++) {
if (subjectAltNames[k].type === 1) {
valueExists = true;
groupPermitted = groupPermitted || compareRFC822Name(subjectAltNames[k].value, group[j].base.value);
}
}
}
else {
for (let k = 0; k < cert.subject.typesAndValues.length; k++) {
if ((cert.subject.typesAndValues[k].type === "1.2.840.113549.1.9.1") ||
(cert.subject.typesAndValues[k].type === "0.9.2342.19200300.100.1.3")) {
valueExists = true;
groupPermitted = groupPermitted || compareRFC822Name(cert.subject.typesAndValues[k].value.valueBlock.value, group[j].base.value);
}
}
}
break;
case 1:
if (subjectAltNames.length > 0) {
for (let k = 0; k < subjectAltNames.length; k++) {
if (subjectAltNames[k].type === 2) {
valueExists = true;
groupPermitted = groupPermitted || compareDNSName(subjectAltNames[k].value, group[j].base.value);
}
}
}
break;
case 2:
valueExists = true;
groupPermitted = compareDirectoryName(cert.subject, group[j].base.value);
break;
case 3:
if (subjectAltNames.length > 0) {
for (let k = 0; k < subjectAltNames.length; k++) {
if (subjectAltNames[k].type === 6) {
valueExists = true;
groupPermitted = groupPermitted || compareUniformResourceIdentifier(subjectAltNames[k].value, group[j].base.value);
}
}
}
break;
case 4:
if (subjectAltNames.length > 0) {
for (let k = 0; k < subjectAltNames.length; k++) {
if (subjectAltNames[k].type === 7) {
valueExists = true;
groupPermitted = groupPermitted || compareIPAddress(subjectAltNames[k].value, group[j].base.value);
}
}
}
break;
default:
}
if (groupPermitted)
break;
}
if ((groupPermitted === false) && (group.length > 0) && valueExists) {
policyResult.result = false;
policyResult.resultCode = 41;
policyResult.resultMessage = "Failed to meet \"permitted sub-trees\" name constraint";
throw policyResult;
}
}
let excluded = false;
for (let j = 0; j < excludedSubtrees.length; j++) {
switch (excludedSubtrees[j].base.type) {
case 1:
if (subjectAltNames.length >= 0) {
for (let k = 0; k < subjectAltNames.length; k++) {
if (subjectAltNames[k].type === 1)
excluded = excluded || compareRFC822Name(subjectAltNames[k].value, excludedSubtrees[j].base.value);
}
}
else {
for (let k = 0; k < cert.subject.typesAndValues.length; k++) {
if ((cert.subject.typesAndValues[k].type === "1.2.840.113549.1.9.1") ||
(cert.subject.typesAndValues[k].type === "0.9.2342.19200300.100.1.3"))
excluded = excluded || compareRFC822Name(cert.subject.typesAndValues[k].value.valueBlock.value, excludedSubtrees[j].base.value);
}
}
break;
case 2:
if (subjectAltNames.length > 0) {
for (let k = 0; k < subjectAltNames.length; k++) {
if (subjectAltNames[k].type === 2)
excluded = excluded || compareDNSName(subjectAltNames[k].value, excludedSubtrees[j].base.value);
}
}
break;
case 4:
excluded = excluded || compareDirectoryName(cert.subject, excludedSubtrees[j].base.value);
break;
case 6:
if (subjectAltNames.length > 0) {
for (let k = 0; k < subjectAltNames.length; k++) {
if (subjectAltNames[k].type === 6)
excluded = excluded || compareUniformResourceIdentifier(subjectAltNames[k].value, excludedSubtrees[j].base.value);
}
}
break;
case 7:
if (subjectAltNames.length > 0) {
for (let k = 0; k < subjectAltNames.length; k++) {
if (subjectAltNames[k].type === 7)
excluded = excluded || compareIPAddress(subjectAltNames[k].value, excludedSubtrees[j].base.value);
}
}
break;
default:
}
if (excluded)
break;
}
if (excluded === true) {
policyResult.result = false;
policyResult.resultCode = 42;
policyResult.resultMessage = "Failed to meet \"excluded sub-trees\" name constraint";
throw policyResult;
}
permittedSubtrees = permittedSubtrees.concat(certPermittedSubtrees);
excludedSubtrees = excludedSubtrees.concat(certExcludedSubtrees);
}
return policyResult;
}
catch (error) {
if (error instanceof Error) {
if (error instanceof ChainValidationError) {
return {
result: false,
resultCode: error.code,
resultMessage: error.message,
error: error,
};
}
return {
result: false,
resultCode: ChainValidationCode.unknown,
resultMessage: error.message,
error: error,
};
}
if (error && typeof error === "object" && "resultMessage" in error) {
return error;
}
return {
result: false,
resultCode: -1,
resultMessage: `${error}`,
};
}
}
}
const TBS_RESPONSE_DATA = "tbsResponseData";
const SIGNATURE_ALGORITHM$3 = "signatureAlgorithm";
const SIGNATURE$2 = "signature";
const CERTS$1 = "certs";
const BASIC_OCSP_RESPONSE = "BasicOCSPResponse";
const BASIC_OCSP_RESPONSE_TBS_RESPONSE_DATA = `${BASIC_OCSP_RESPONSE}.${TBS_RESPONSE_DATA}`;
const BASIC_OCSP_RESPONSE_SIGNATURE_ALGORITHM = `${BASIC_OCSP_RESPONSE}.${SIGNATURE_ALGORITHM$3}`;
const BASIC_OCSP_RESPONSE_SIGNATURE = `${BASIC_OCSP_RESPONSE}.${SIGNATURE$2}`;
const BASIC_OCSP_RESPONSE_CERTS = `${BASIC_OCSP_RESPONSE}.${CERTS$1}`;
const CLEAR_PROPS$g = [
BASIC_OCSP_RESPONSE_TBS_RESPONSE_DATA,
BASIC_OCSP_RESPONSE_SIGNATURE_ALGORITHM,
BASIC_OCSP_RESPONSE_SIGNATURE,
BASIC_OCSP_RESPONSE_CERTS
];
class BasicOCSPResponse extends PkiObject {
constructor(parameters = {}) {
super();
this.tbsResponseData = getParametersValue(parameters, TBS_RESPONSE_DATA, BasicOCSPResponse.defaultValues(TBS_RESPONSE_DATA));
this.signatureAlgorithm = getParametersValue(parameters, SIGNATURE_ALGORITHM$3, BasicOCSPResponse.defaultValues(SIGNATURE_ALGORITHM$3));
this.signature = getParametersValue(parameters, SIGNATURE$2, BasicOCSPResponse.defaultValues(SIGNATURE$2));
if (CERTS$1 in parameters) {
this.certs = getParametersValue(parameters, CERTS$1, BasicOCSPResponse.defaultValues(CERTS$1));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case TBS_RESPONSE_DATA:
return new ResponseData();
case SIGNATURE_ALGORITHM$3:
return new AlgorithmIdentifier();
case SIGNATURE$2:
return new BitString();
case CERTS$1:
return [];
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case "type":
{
let comparisonResult = ((ResponseData.compareWithDefault("tbs", memberValue.tbs)) &&
(ResponseData.compareWithDefault("responderID", memberValue.responderID)) &&
(ResponseData.compareWithDefault("producedAt", memberValue.producedAt)) &&
(ResponseData.compareWithDefault("responses", memberValue.responses)));
if ("responseExtensions" in memberValue)
comparisonResult = comparisonResult && (ResponseData.compareWithDefault("responseExtensions", memberValue.responseExtensions));
return comparisonResult;
}
case SIGNATURE_ALGORITHM$3:
return ((memberValue.algorithmId === EMPTY_STRING) && (("algorithmParams" in memberValue) === false));
case SIGNATURE$2:
return (memberValue.isEqual(BasicOCSPResponse.defaultValues(memberName)));
case CERTS$1:
return (memberValue.length === 0);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || BASIC_OCSP_RESPONSE),
value: [
ResponseData.schema(names.tbsResponseData || {
names: {
blockName: BASIC_OCSP_RESPONSE_TBS_RESPONSE_DATA
}
}),
AlgorithmIdentifier.schema(names.signatureAlgorithm || {
names: {
blockName: BASIC_OCSP_RESPONSE_SIGNATURE_ALGORITHM
}
}),
new BitString({ name: (names.signature || BASIC_OCSP_RESPONSE_SIGNATURE) }),
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [
new Sequence({
value: [new Repeated({
name: BASIC_OCSP_RESPONSE_CERTS,
value: Certificate.schema(names.certs || {})
})]
})
]
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$g);
const asn1 = compareSchema(schema, schema, BasicOCSPResponse.schema());
AsnError.assertSchema(asn1, this.className);
this.tbsResponseData = new ResponseData({ schema: asn1.result[BASIC_OCSP_RESPONSE_TBS_RESPONSE_DATA] });
this.signatureAlgorithm = new AlgorithmIdentifier({ schema: asn1.result[BASIC_OCSP_RESPONSE_SIGNATURE_ALGORITHM] });
this.signature = asn1.result[BASIC_OCSP_RESPONSE_SIGNATURE];
if (BASIC_OCSP_RESPONSE_CERTS in asn1.result) {
this.certs = Array.from(asn1.result[BASIC_OCSP_RESPONSE_CERTS], element => new Certificate({ schema: element }));
}
}
toSchema() {
const outputArray = [];
outputArray.push(this.tbsResponseData.toSchema());
outputArray.push(this.signatureAlgorithm.toSchema());
outputArray.push(this.signature);
if (this.certs) {
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [
new Sequence({
value: Array.from(this.certs, o => o.toSchema())
})
]
}));
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const res = {
tbsResponseData: this.tbsResponseData.toJSON(),
signatureAlgorithm: this.signatureAlgorithm.toJSON(),
signature: this.signature.toJSON(),
};
if (this.certs) {
res.certs = Array.from(this.certs, o => o.toJSON());
}
return res;
}
async getCertificateStatus(certificate, issuerCertificate, crypto = getCrypto(true)) {
const result = {
isForCertificate: false,
status: 2
};
const hashesObject = {};
const certIDs = [];
for (const response of this.tbsResponseData.responses) {
const hashAlgorithm = crypto.getAlgorithmByOID(response.certID.hashAlgorithm.algorithmId, true, "CertID.hashAlgorithm");
if (!hashesObject[hashAlgorithm.name]) {
hashesObject[hashAlgorithm.name] = 1;
const certID = new CertID();
certIDs.push(certID);
await certID.createForCertificate(certificate, {
hashAlgorithm: hashAlgorithm.name,
issuerCertificate
}, crypto);
}
}
for (const response of this.tbsResponseData.responses) {
for (const id of certIDs) {
if (response.certID.isEqual(id)) {
result.isForCertificate = true;
try {
switch (response.certStatus.idBlock.isConstructed) {
case true:
if (response.certStatus.idBlock.tagNumber === 1)
result.status = 1;
break;
case false:
switch (response.certStatus.idBlock.tagNumber) {
case 0:
result.status = 0;
break;
case 2:
result.status = 2;
break;
default:
}
break;
default:
}
}
catch {
}
return result;
}
}
}
return result;
}
async sign(privateKey, hashAlgorithm = "SHA-1", crypto = getCrypto(true)) {
if (!privateKey) {
throw new Error("Need to provide a private key for signing");
}
const signatureParams = await crypto.getSignatureParameters(privateKey, hashAlgorithm);
const algorithm = signatureParams.parameters.algorithm;
if (!("name" in algorithm)) {
throw new Error("Empty algorithm");
}
this.signatureAlgorithm = signatureParams.signatureAlgorithm;
this.tbsResponseData.tbsView = new Uint8Array(this.tbsResponseData.toSchema(true).toBER());
const signature = await crypto.signWithPrivateKey(this.tbsResponseData.tbsView, privateKey, { algorithm });
this.signature = new BitString({ valueHex: signature });
}
async verify(params = {}, crypto = getCrypto(true)) {
let signerCert = null;
let certIndex = -1;
const trustedCerts = params.trustedCerts || [];
if (!this.certs) {
throw new Error("No certificates attached to the BasicOCSPResponse");
}
switch (true) {
case (this.tbsResponseData.responderID instanceof RelativeDistinguishedNames):
for (const [index, certificate] of this.certs.entries()) {
if (certificate.subject.isEqual(this.tbsResponseData.responderID)) {
certIndex = index;
break;
}
}
break;
case (this.tbsResponseData.responderID instanceof OctetString):
for (const [index, cert] of this.certs.entries()) {
const hash = await crypto.digest({ name: "sha-1" }, cert.subjectPublicKeyInfo.subjectPublicKey.valueBlock.valueHexView);
if (isEqualBuffer(hash, this.tbsResponseData.responderID.valueBlock.valueHex)) {
certIndex = index;
break;
}
}
break;
default:
throw new Error("Wrong value for responderID");
}
if (certIndex === (-1))
throw new Error("Correct certificate was not found in OCSP response");
signerCert = this.certs[certIndex];
const additionalCerts = [signerCert];
for (const cert of this.certs) {
const caCert = await checkCA(cert, signerCert);
if (caCert) {
additionalCerts.push(caCert);
}
}
const certChain = new CertificateChainValidationEngine({
certs: additionalCerts,
trustedCerts,
});
const verificationResult = await certChain.verify({}, crypto);
if (!verificationResult.result) {
throw new Error("Validation of signer's certificate failed");
}
return crypto.verifyWithPublicKey(this.tbsResponseData.tbsView, this.signature, this.certs[certIndex].subjectPublicKeyInfo, this.signatureAlgorithm);
}
}
BasicOCSPResponse.CLASS_NAME = "BasicOCSPResponse";
const TBS$1 = "tbs";
const VERSION$6 = "version";
const SUBJECT = "subject";
const SPKI = "subjectPublicKeyInfo";
const ATTRIBUTES$1 = "attributes";
const SIGNATURE_ALGORITHM$2 = "signatureAlgorithm";
const SIGNATURE_VALUE = "signatureValue";
const CSR_INFO = "CertificationRequestInfo";
const CSR_INFO_VERSION = `${CSR_INFO}.version`;
const CSR_INFO_SUBJECT = `${CSR_INFO}.subject`;
const CSR_INFO_SPKI = `${CSR_INFO}.subjectPublicKeyInfo`;
const CSR_INFO_ATTRS = `${CSR_INFO}.attributes`;
const CLEAR_PROPS$f = [
CSR_INFO,
CSR_INFO_VERSION,
CSR_INFO_SUBJECT,
CSR_INFO_SPKI,
CSR_INFO_ATTRS,
SIGNATURE_ALGORITHM$2,
SIGNATURE_VALUE
];
function CertificationRequestInfo(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.CertificationRequestInfo || CSR_INFO),
value: [
new Integer({ name: (names.CertificationRequestInfoVersion || CSR_INFO_VERSION) }),
RelativeDistinguishedNames.schema(names.subject || {
names: {
blockName: CSR_INFO_SUBJECT
}
}),
PublicKeyInfo.schema({
names: {
blockName: CSR_INFO_SPKI
}
}),
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [
new Repeated({
optional: true,
name: (names.CertificationRequestInfoAttributes || CSR_INFO_ATTRS),
value: Attribute.schema(names.attributes || {})
})
]
})
]
}));
}
class CertificationRequest extends PkiObject {
get tbs() {
return BufferSourceConverter.toArrayBuffer(this.tbsView);
}
set tbs(value) {
this.tbsView = new Uint8Array(value);
}
constructor(parameters = {}) {
super();
this.tbsView = new Uint8Array(getParametersValue(parameters, TBS$1, CertificationRequest.defaultValues(TBS$1)));
this.version = getParametersValue(parameters, VERSION$6, CertificationRequest.defaultValues(VERSION$6));
this.subject = getParametersValue(parameters, SUBJECT, CertificationRequest.defaultValues(SUBJECT));
this.subjectPublicKeyInfo = getParametersValue(parameters, SPKI, CertificationRequest.defaultValues(SPKI));
if (ATTRIBUTES$1 in parameters) {
this.attributes = getParametersValue(parameters, ATTRIBUTES$1, CertificationRequest.defaultValues(ATTRIBUTES$1));
}
this.signatureAlgorithm = getParametersValue(parameters, SIGNATURE_ALGORITHM$2, CertificationRequest.defaultValues(SIGNATURE_ALGORITHM$2));
this.signatureValue = getParametersValue(parameters, SIGNATURE_VALUE, CertificationRequest.defaultValues(SIGNATURE_VALUE));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case TBS$1:
return EMPTY_BUFFER;
case VERSION$6:
return 0;
case SUBJECT:
return new RelativeDistinguishedNames();
case SPKI:
return new PublicKeyInfo();
case ATTRIBUTES$1:
return [];
case SIGNATURE_ALGORITHM$2:
return new AlgorithmIdentifier();
case SIGNATURE_VALUE:
return new BitString();
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
value: [
CertificationRequestInfo(names.certificationRequestInfo || {}),
new Sequence({
name: (names.signatureAlgorithm || SIGNATURE_ALGORITHM$2),
value: [
new ObjectIdentifier(),
new Any({ optional: true })
]
}),
new BitString({ name: (names.signatureValue || SIGNATURE_VALUE) })
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$f);
const asn1 = compareSchema(schema, schema, CertificationRequest.schema());
AsnError.assertSchema(asn1, this.className);
this.tbsView = asn1.result.CertificationRequestInfo.valueBeforeDecodeView;
this.version = asn1.result[CSR_INFO_VERSION].valueBlock.valueDec;
this.subject = new RelativeDistinguishedNames({ schema: asn1.result[CSR_INFO_SUBJECT] });
this.subjectPublicKeyInfo = new PublicKeyInfo({ schema: asn1.result[CSR_INFO_SPKI] });
if (CSR_INFO_ATTRS in asn1.result) {
this.attributes = Array.from(asn1.result[CSR_INFO_ATTRS], element => new Attribute({ schema: element }));
}
this.signatureAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.signatureAlgorithm });
this.signatureValue = asn1.result.signatureValue;
}
encodeTBS() {
const outputArray = [
new Integer({ value: this.version }),
this.subject.toSchema(),
this.subjectPublicKeyInfo.toSchema()
];
if (ATTRIBUTES$1 in this) {
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: Array.from(this.attributes || [], o => o.toSchema())
}));
}
return (new Sequence({
value: outputArray
}));
}
toSchema(encodeFlag = false) {
let tbsSchema;
if (encodeFlag === false) {
if (this.tbsView.byteLength === 0) {
return CertificationRequest.schema();
}
const asn1 = fromBER(this.tbsView);
AsnError.assert(asn1, "PKCS#10 Certificate Request");
tbsSchema = asn1.result;
}
else {
tbsSchema = this.encodeTBS();
}
return (new Sequence({
value: [
tbsSchema,
this.signatureAlgorithm.toSchema(),
this.signatureValue
]
}));
}
toJSON() {
const object = {
tbs: Convert.ToHex(this.tbsView),
version: this.version,
subject: this.subject.toJSON(),
subjectPublicKeyInfo: this.subjectPublicKeyInfo.toJSON(),
signatureAlgorithm: this.signatureAlgorithm.toJSON(),
signatureValue: this.signatureValue.toJSON(),
};
if (ATTRIBUTES$1 in this) {
object.attributes = Array.from(this.attributes || [], o => o.toJSON());
}
return object;
}
async sign(privateKey, hashAlgorithm = "SHA-1", crypto = getCrypto(true)) {
if (!privateKey) {
throw new Error("Need to provide a private key for signing");
}
const signatureParams = await crypto.getSignatureParameters(privateKey, hashAlgorithm);
const parameters = signatureParams.parameters;
this.signatureAlgorithm = signatureParams.signatureAlgorithm;
this.tbsView = new Uint8Array(this.encodeTBS().toBER());
const signature = await crypto.signWithPrivateKey(this.tbsView, privateKey, parameters);
this.signatureValue = new BitString({ valueHex: signature });
}
async verify(crypto = getCrypto(true)) {
return crypto.verifyWithPublicKey(this.tbsView, this.signatureValue, this.subjectPublicKeyInfo, this.signatureAlgorithm);
}
async getPublicKey(parameters, crypto = getCrypto(true)) {
return crypto.getPublicKey(this.subjectPublicKeyInfo, this.signatureAlgorithm, parameters);
}
}
CertificationRequest.CLASS_NAME = "CertificationRequest";
const DIGEST_ALGORITHM$1 = "digestAlgorithm";
const DIGEST = "digest";
const CLEAR_PROPS$e = [
DIGEST_ALGORITHM$1,
DIGEST
];
class DigestInfo extends PkiObject {
constructor(parameters = {}) {
super();
this.digestAlgorithm = getParametersValue(parameters, DIGEST_ALGORITHM$1, DigestInfo.defaultValues(DIGEST_ALGORITHM$1));
this.digest = getParametersValue(parameters, DIGEST, DigestInfo.defaultValues(DIGEST));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case DIGEST_ALGORITHM$1:
return new AlgorithmIdentifier();
case DIGEST:
return new OctetString();
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case DIGEST_ALGORITHM$1:
return ((AlgorithmIdentifier.compareWithDefault("algorithmId", memberValue.algorithmId)) &&
(("algorithmParams" in memberValue) === false));
case DIGEST:
return (memberValue.isEqual(DigestInfo.defaultValues(memberName)));
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
AlgorithmIdentifier.schema(names.digestAlgorithm || {
names: {
blockName: DIGEST_ALGORITHM$1
}
}),
new OctetString({ name: (names.digest || DIGEST) })
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$e);
const asn1 = compareSchema(schema, schema, DigestInfo.schema({
names: {
digestAlgorithm: {
names: {
blockName: DIGEST_ALGORITHM$1
}
},
digest: DIGEST
}
}));
AsnError.assertSchema(asn1, this.className);
this.digestAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.digestAlgorithm });
this.digest = asn1.result.digest;
}
toSchema() {
return (new Sequence({
value: [
this.digestAlgorithm.toSchema(),
this.digest
]
}));
}
toJSON() {
return {
digestAlgorithm: this.digestAlgorithm.toJSON(),
digest: this.digest.toJSON(),
};
}
}
DigestInfo.CLASS_NAME = "DigestInfo";
const E_CONTENT_TYPE = "eContentType";
const E_CONTENT = "eContent";
const CLEAR_PROPS$d = [
E_CONTENT_TYPE,
E_CONTENT,
];
class EncapsulatedContentInfo extends PkiObject {
constructor(parameters = {}) {
super();
this.eContentType = getParametersValue(parameters, E_CONTENT_TYPE, EncapsulatedContentInfo.defaultValues(E_CONTENT_TYPE));
if (E_CONTENT in parameters) {
this.eContent = getParametersValue(parameters, E_CONTENT, EncapsulatedContentInfo.defaultValues(E_CONTENT));
if ((this.eContent.idBlock.tagClass === 1) &&
(this.eContent.idBlock.tagNumber === 4)) {
if (this.eContent.idBlock.isConstructed === false) {
const constrString = new OctetString({
idBlock: { isConstructed: true },
isConstructed: true
});
let offset = 0;
const viewHex = this.eContent.valueBlock.valueHexView.slice().buffer;
let length = viewHex.byteLength;
while (length > 0) {
const pieceView = new Uint8Array(viewHex, offset, ((offset + 65536) > viewHex.byteLength) ? (viewHex.byteLength - offset) : 65536);
const _array = new ArrayBuffer(pieceView.length);
const _view = new Uint8Array(_array);
for (let i = 0; i < _view.length; i++) {
_view[i] = pieceView[i];
}
constrString.valueBlock.value.push(new OctetString({ valueHex: _array }));
length -= pieceView.length;
offset += pieceView.length;
}
this.eContent = constrString;
}
}
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case E_CONTENT_TYPE:
return EMPTY_STRING;
case E_CONTENT:
return new OctetString();
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case E_CONTENT_TYPE:
return (memberValue === EMPTY_STRING);
case E_CONTENT:
{
if ((memberValue.idBlock.tagClass === 1) && (memberValue.idBlock.tagNumber === 4))
return (memberValue.isEqual(EncapsulatedContentInfo.defaultValues(E_CONTENT)));
return false;
}
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new ObjectIdentifier({ name: (names.eContentType || EMPTY_STRING) }),
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [
new Any({ name: (names.eContent || EMPTY_STRING) })
]
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$d);
const asn1 = compareSchema(schema, schema, EncapsulatedContentInfo.schema({
names: {
eContentType: E_CONTENT_TYPE,
eContent: E_CONTENT
}
}));
AsnError.assertSchema(asn1, this.className);
this.eContentType = asn1.result.eContentType.valueBlock.toString();
if (E_CONTENT in asn1.result)
this.eContent = asn1.result.eContent;
}
toSchema() {
const outputArray = [];
outputArray.push(new ObjectIdentifier({ value: this.eContentType }));
if (this.eContent) {
if (EncapsulatedContentInfo.compareWithDefault(E_CONTENT, this.eContent) === false) {
outputArray.push(new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [this.eContent]
}));
}
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const res = {
eContentType: this.eContentType
};
if (this.eContent && EncapsulatedContentInfo.compareWithDefault(E_CONTENT, this.eContent) === false) {
res.eContent = this.eContent.toJSON();
}
return res;
}
}
EncapsulatedContentInfo.CLASS_NAME = "EncapsulatedContentInfo";
class KeyBag extends PrivateKeyInfo {
constructor(parameters = {}) {
super(parameters);
}
}
const MAC = "mac";
const MAC_SALT = "macSalt";
const ITERATIONS = "iterations";
const CLEAR_PROPS$c = [
MAC,
MAC_SALT,
ITERATIONS
];
class MacData extends PkiObject {
constructor(parameters = {}) {
super();
this.mac = getParametersValue(parameters, MAC, MacData.defaultValues(MAC));
this.macSalt = getParametersValue(parameters, MAC_SALT, MacData.defaultValues(MAC_SALT));
if (ITERATIONS in parameters) {
this.iterations = getParametersValue(parameters, ITERATIONS, MacData.defaultValues(ITERATIONS));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case MAC:
return new DigestInfo();
case MAC_SALT:
return new OctetString();
case ITERATIONS:
return 1;
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case MAC:
return ((DigestInfo.compareWithDefault("digestAlgorithm", memberValue.digestAlgorithm)) &&
(DigestInfo.compareWithDefault("digest", memberValue.digest)));
case MAC_SALT:
return (memberValue.isEqual(MacData.defaultValues(memberName)));
case ITERATIONS:
return (memberValue === MacData.defaultValues(memberName));
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
optional: (names.optional || true),
value: [
DigestInfo.schema(names.mac || {
names: {
blockName: MAC
}
}),
new OctetString({ name: (names.macSalt || MAC_SALT) }),
new Integer({
optional: true,
name: (names.iterations || ITERATIONS)
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$c);
const asn1 = compareSchema(schema, schema, MacData.schema({
names: {
mac: {
names: {
blockName: MAC
}
},
macSalt: MAC_SALT,
iterations: ITERATIONS
}
}));
AsnError.assertSchema(asn1, this.className);
this.mac = new DigestInfo({ schema: asn1.result.mac });
this.macSalt = asn1.result.macSalt;
if (ITERATIONS in asn1.result)
this.iterations = asn1.result.iterations.valueBlock.valueDec;
}
toSchema() {
const outputArray = [
this.mac.toSchema(),
this.macSalt
];
if (this.iterations !== undefined) {
outputArray.push(new Integer({ value: this.iterations }));
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const res = {
mac: this.mac.toJSON(),
macSalt: this.macSalt.toJSON(),
};
if (this.iterations !== undefined) {
res.iterations = this.iterations;
}
return res;
}
}
MacData.CLASS_NAME = "MacData";
const HASH_ALGORITHM = "hashAlgorithm";
const HASHED_MESSAGE = "hashedMessage";
const CLEAR_PROPS$b = [
HASH_ALGORITHM,
HASHED_MESSAGE,
];
class MessageImprint extends PkiObject {
static async create(hashAlgorithm, message, crypto = getCrypto(true)) {
const hashAlgorithmOID = crypto.getOIDByAlgorithm({ name: hashAlgorithm }, true, "hashAlgorithm");
const hashedMessage = await crypto.digest(hashAlgorithm, message);
const res = new MessageImprint({
hashAlgorithm: new AlgorithmIdentifier({
algorithmId: hashAlgorithmOID,
algorithmParams: new Null(),
}),
hashedMessage: new OctetString({ valueHex: hashedMessage })
});
return res;
}
constructor(parameters = {}) {
super();
this.hashAlgorithm = getParametersValue(parameters, HASH_ALGORITHM, MessageImprint.defaultValues(HASH_ALGORITHM));
this.hashedMessage = getParametersValue(parameters, HASHED_MESSAGE, MessageImprint.defaultValues(HASHED_MESSAGE));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case HASH_ALGORITHM:
return new AlgorithmIdentifier();
case HASHED_MESSAGE:
return new OctetString();
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case HASH_ALGORITHM:
return ((memberValue.algorithmId === EMPTY_STRING) && (("algorithmParams" in memberValue) === false));
case HASHED_MESSAGE:
return (memberValue.isEqual(MessageImprint.defaultValues(memberName)) === 0);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
AlgorithmIdentifier.schema(names.hashAlgorithm || {}),
new OctetString({ name: (names.hashedMessage || EMPTY_STRING) })
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$b);
const asn1 = compareSchema(schema, schema, MessageImprint.schema({
names: {
hashAlgorithm: {
names: {
blockName: HASH_ALGORITHM
}
},
hashedMessage: HASHED_MESSAGE
}
}));
AsnError.assertSchema(asn1, this.className);
this.hashAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.hashAlgorithm });
this.hashedMessage = asn1.result.hashedMessage;
}
toSchema() {
return (new Sequence({
value: [
this.hashAlgorithm.toSchema(),
this.hashedMessage
]
}));
}
toJSON() {
return {
hashAlgorithm: this.hashAlgorithm.toJSON(),
hashedMessage: this.hashedMessage.toJSON(),
};
}
}
MessageImprint.CLASS_NAME = "MessageImprint";
const REQ_CERT = "reqCert";
const SINGLE_REQUEST_EXTENSIONS = "singleRequestExtensions";
const CLEAR_PROPS$a = [
REQ_CERT,
SINGLE_REQUEST_EXTENSIONS,
];
class Request extends PkiObject {
constructor(parameters = {}) {
super();
this.reqCert = getParametersValue(parameters, REQ_CERT, Request.defaultValues(REQ_CERT));
if (SINGLE_REQUEST_EXTENSIONS in parameters) {
this.singleRequestExtensions = getParametersValue(parameters, SINGLE_REQUEST_EXTENSIONS, Request.defaultValues(SINGLE_REQUEST_EXTENSIONS));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case REQ_CERT:
return new CertID();
case SINGLE_REQUEST_EXTENSIONS:
return [];
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case REQ_CERT:
return (memberValue.isEqual(Request.defaultValues(memberName)));
case SINGLE_REQUEST_EXTENSIONS:
return (memberValue.length === 0);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
CertID.schema(names.reqCert || {}),
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [Extensions.schema(names.extensions || {
names: {
blockName: (names.singleRequestExtensions || EMPTY_STRING)
}
})]
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$a);
const asn1 = compareSchema(schema, schema, Request.schema({
names: {
reqCert: {
names: {
blockName: REQ_CERT
}
},
extensions: {
names: {
blockName: SINGLE_REQUEST_EXTENSIONS
}
}
}
}));
AsnError.assertSchema(asn1, this.className);
this.reqCert = new CertID({ schema: asn1.result.reqCert });
if (SINGLE_REQUEST_EXTENSIONS in asn1.result) {
this.singleRequestExtensions = Array.from(asn1.result.singleRequestExtensions.valueBlock.value, element => new Extension({ schema: element }));
}
}
toSchema() {
const outputArray = [];
outputArray.push(this.reqCert.toSchema());
if (this.singleRequestExtensions) {
outputArray.push(new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [
new Sequence({
value: Array.from(this.singleRequestExtensions, o => o.toSchema())
})
]
}));
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const res = {
reqCert: this.reqCert.toJSON()
};
if (this.singleRequestExtensions) {
res.singleRequestExtensions = Array.from(this.singleRequestExtensions, o => o.toJSON());
}
return res;
}
}
Request.CLASS_NAME = "Request";
const TBS = "tbs";
const VERSION$5 = "version";
const REQUESTOR_NAME = "requestorName";
const REQUEST_LIST = "requestList";
const REQUEST_EXTENSIONS = "requestExtensions";
const TBS_REQUEST$1 = "TBSRequest";
const TBS_REQUEST_VERSION = `${TBS_REQUEST$1}.${VERSION$5}`;
const TBS_REQUEST_REQUESTOR_NAME = `${TBS_REQUEST$1}.${REQUESTOR_NAME}`;
const TBS_REQUEST_REQUESTS = `${TBS_REQUEST$1}.requests`;
const TBS_REQUEST_REQUEST_EXTENSIONS = `${TBS_REQUEST$1}.${REQUEST_EXTENSIONS}`;
const CLEAR_PROPS$9 = [
TBS_REQUEST$1,
TBS_REQUEST_VERSION,
TBS_REQUEST_REQUESTOR_NAME,
TBS_REQUEST_REQUESTS,
TBS_REQUEST_REQUEST_EXTENSIONS
];
class TBSRequest extends PkiObject {
get tbs() {
return BufferSourceConverter.toArrayBuffer(this.tbsView);
}
set tbs(value) {
this.tbsView = new Uint8Array(value);
}
constructor(parameters = {}) {
super();
this.tbsView = new Uint8Array(getParametersValue(parameters, TBS, TBSRequest.defaultValues(TBS)));
if (VERSION$5 in parameters) {
this.version = getParametersValue(parameters, VERSION$5, TBSRequest.defaultValues(VERSION$5));
}
if (REQUESTOR_NAME in parameters) {
this.requestorName = getParametersValue(parameters, REQUESTOR_NAME, TBSRequest.defaultValues(REQUESTOR_NAME));
}
this.requestList = getParametersValue(parameters, REQUEST_LIST, TBSRequest.defaultValues(REQUEST_LIST));
if (REQUEST_EXTENSIONS in parameters) {
this.requestExtensions = getParametersValue(parameters, REQUEST_EXTENSIONS, TBSRequest.defaultValues(REQUEST_EXTENSIONS));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case TBS:
return EMPTY_BUFFER;
case VERSION$5:
return 0;
case REQUESTOR_NAME:
return new GeneralName();
case REQUEST_LIST:
case REQUEST_EXTENSIONS:
return [];
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case TBS:
return (memberValue.byteLength === 0);
case VERSION$5:
return (memberValue === TBSRequest.defaultValues(memberName));
case REQUESTOR_NAME:
return ((memberValue.type === GeneralName.defaultValues("type")) && (Object.keys(memberValue.value).length === 0));
case REQUEST_LIST:
case REQUEST_EXTENSIONS:
return (memberValue.length === 0);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || TBS_REQUEST$1),
value: [
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [new Integer({ name: (names.TBSRequestVersion || TBS_REQUEST_VERSION) })]
}),
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: [GeneralName.schema(names.requestorName || {
names: {
blockName: TBS_REQUEST_REQUESTOR_NAME
}
})]
}),
new Sequence({
name: (names.requestList || "TBSRequest.requestList"),
value: [
new Repeated({
name: (names.requests || TBS_REQUEST_REQUESTS),
value: Request.schema(names.requestNames || {})
})
]
}),
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 2
},
value: [Extensions.schema(names.extensions || {
names: {
blockName: (names.requestExtensions || TBS_REQUEST_REQUEST_EXTENSIONS)
}
})]
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$9);
const asn1 = compareSchema(schema, schema, TBSRequest.schema());
AsnError.assertSchema(asn1, this.className);
this.tbsView = asn1.result.TBSRequest.valueBeforeDecodeView;
if (TBS_REQUEST_VERSION in asn1.result)
this.version = asn1.result[TBS_REQUEST_VERSION].valueBlock.valueDec;
if (TBS_REQUEST_REQUESTOR_NAME in asn1.result)
this.requestorName = new GeneralName({ schema: asn1.result[TBS_REQUEST_REQUESTOR_NAME] });
this.requestList = Array.from(asn1.result[TBS_REQUEST_REQUESTS], element => new Request({ schema: element }));
if (TBS_REQUEST_REQUEST_EXTENSIONS in asn1.result)
this.requestExtensions = Array.from(asn1.result[TBS_REQUEST_REQUEST_EXTENSIONS].valueBlock.value, element => new Extension({ schema: element }));
}
toSchema(encodeFlag = false) {
let tbsSchema;
if (encodeFlag === false) {
if (this.tbsView.byteLength === 0)
return TBSRequest.schema();
const asn1 = fromBER(this.tbsView);
AsnError.assert(asn1, "TBS Request");
if (!(asn1.result instanceof Sequence)) {
throw new Error("ASN.1 result should be SEQUENCE");
}
tbsSchema = asn1.result;
}
else {
const outputArray = [];
if (this.version !== undefined) {
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [new Integer({ value: this.version })]
}));
}
if (this.requestorName) {
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: [this.requestorName.toSchema()]
}));
}
outputArray.push(new Sequence({
value: Array.from(this.requestList, o => o.toSchema())
}));
if (this.requestExtensions) {
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 2
},
value: [
new Sequence({
value: Array.from(this.requestExtensions, o => o.toSchema())
})
]
}));
}
tbsSchema = new Sequence({
value: outputArray
});
}
return tbsSchema;
}
toJSON() {
const res = {};
if (this.version != undefined)
res.version = this.version;
if (this.requestorName) {
res.requestorName = this.requestorName.toJSON();
}
res.requestList = Array.from(this.requestList, o => o.toJSON());
if (this.requestExtensions) {
res.requestExtensions = Array.from(this.requestExtensions, o => o.toJSON());
}
return res;
}
}
TBSRequest.CLASS_NAME = "TBSRequest";
const SIGNATURE_ALGORITHM$1 = "signatureAlgorithm";
const SIGNATURE$1 = "signature";
const CERTS = "certs";
class Signature extends PkiObject {
constructor(parameters = {}) {
super();
this.signatureAlgorithm = getParametersValue(parameters, SIGNATURE_ALGORITHM$1, Signature.defaultValues(SIGNATURE_ALGORITHM$1));
this.signature = getParametersValue(parameters, SIGNATURE$1, Signature.defaultValues(SIGNATURE$1));
if (CERTS in parameters) {
this.certs = getParametersValue(parameters, CERTS, Signature.defaultValues(CERTS));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case SIGNATURE_ALGORITHM$1:
return new AlgorithmIdentifier();
case SIGNATURE$1:
return new BitString();
case CERTS:
return [];
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case SIGNATURE_ALGORITHM$1:
return ((memberValue.algorithmId === EMPTY_STRING) && (("algorithmParams" in memberValue) === false));
case SIGNATURE$1:
return (memberValue.isEqual(Signature.defaultValues(memberName)));
case CERTS:
return (memberValue.length === 0);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
AlgorithmIdentifier.schema(names.signatureAlgorithm || {}),
new BitString({ name: (names.signature || EMPTY_STRING) }),
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [
new Sequence({
value: [new Repeated({
name: (names.certs || EMPTY_STRING),
value: Certificate.schema({})
})]
})
]
})
]
}));
}
fromSchema(schema) {
clearProps(schema, [
SIGNATURE_ALGORITHM$1,
SIGNATURE$1,
CERTS
]);
const asn1 = compareSchema(schema, schema, Signature.schema({
names: {
signatureAlgorithm: {
names: {
blockName: SIGNATURE_ALGORITHM$1
}
},
signature: SIGNATURE$1,
certs: CERTS
}
}));
AsnError.assertSchema(asn1, this.className);
this.signatureAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.signatureAlgorithm });
this.signature = asn1.result.signature;
if (CERTS in asn1.result)
this.certs = Array.from(asn1.result.certs, element => new Certificate({ schema: element }));
}
toSchema() {
const outputArray = [];
outputArray.push(this.signatureAlgorithm.toSchema());
outputArray.push(this.signature);
if (this.certs) {
outputArray.push(new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [
new Sequence({
value: Array.from(this.certs, o => o.toSchema())
})
]
}));
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const res = {
signatureAlgorithm: this.signatureAlgorithm.toJSON(),
signature: this.signature.toJSON(),
};
if (this.certs) {
res.certs = Array.from(this.certs, o => o.toJSON());
}
return res;
}
}
Signature.CLASS_NAME = "Signature";
const TBS_REQUEST = "tbsRequest";
const OPTIONAL_SIGNATURE = "optionalSignature";
const CLEAR_PROPS$8 = [
TBS_REQUEST,
OPTIONAL_SIGNATURE
];
class OCSPRequest extends PkiObject {
constructor(parameters = {}) {
super();
this.tbsRequest = getParametersValue(parameters, TBS_REQUEST, OCSPRequest.defaultValues(TBS_REQUEST));
if (OPTIONAL_SIGNATURE in parameters) {
this.optionalSignature = getParametersValue(parameters, OPTIONAL_SIGNATURE, OCSPRequest.defaultValues(OPTIONAL_SIGNATURE));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case TBS_REQUEST:
return new TBSRequest();
case OPTIONAL_SIGNATURE:
return new Signature();
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case TBS_REQUEST:
return ((TBSRequest.compareWithDefault("tbs", memberValue.tbs)) &&
(TBSRequest.compareWithDefault("version", memberValue.version)) &&
(TBSRequest.compareWithDefault("requestorName", memberValue.requestorName)) &&
(TBSRequest.compareWithDefault("requestList", memberValue.requestList)) &&
(TBSRequest.compareWithDefault("requestExtensions", memberValue.requestExtensions)));
case OPTIONAL_SIGNATURE:
return ((Signature.compareWithDefault("signatureAlgorithm", memberValue.signatureAlgorithm)) &&
(Signature.compareWithDefault("signature", memberValue.signature)) &&
(Signature.compareWithDefault("certs", memberValue.certs)));
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: names.blockName || "OCSPRequest",
value: [
TBSRequest.schema(names.tbsRequest || {
names: {
blockName: TBS_REQUEST
}
}),
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [
Signature.schema(names.optionalSignature || {
names: {
blockName: OPTIONAL_SIGNATURE
}
})
]
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$8);
const asn1 = compareSchema(schema, schema, OCSPRequest.schema());
AsnError.assertSchema(asn1, this.className);
this.tbsRequest = new TBSRequest({ schema: asn1.result.tbsRequest });
if (OPTIONAL_SIGNATURE in asn1.result)
this.optionalSignature = new Signature({ schema: asn1.result.optionalSignature });
}
toSchema(encodeFlag = false) {
const outputArray = [];
outputArray.push(this.tbsRequest.toSchema(encodeFlag));
if (this.optionalSignature)
outputArray.push(new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [
this.optionalSignature.toSchema()
]
}));
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const res = {
tbsRequest: this.tbsRequest.toJSON()
};
if (this.optionalSignature) {
res.optionalSignature = this.optionalSignature.toJSON();
}
return res;
}
async createForCertificate(certificate, parameters, crypto = getCrypto(true)) {
const certID = new CertID();
await certID.createForCertificate(certificate, parameters, crypto);
this.tbsRequest.requestList.push(new Request({
reqCert: certID,
}));
}
async sign(privateKey, hashAlgorithm = "SHA-1", crypto = getCrypto(true)) {
ParameterError.assertEmpty(privateKey, "privateKey", "OCSPRequest.sign method");
if (!this.optionalSignature) {
throw new Error("Need to create \"optionalSignature\" field before signing");
}
const signatureParams = await crypto.getSignatureParameters(privateKey, hashAlgorithm);
const parameters = signatureParams.parameters;
this.optionalSignature.signatureAlgorithm = signatureParams.signatureAlgorithm;
const tbs = this.tbsRequest.toSchema(true).toBER(false);
const signature = await crypto.signWithPrivateKey(tbs, privateKey, parameters);
this.optionalSignature.signature = new BitString({ valueHex: signature });
}
verify() {
}
}
OCSPRequest.CLASS_NAME = "OCSPRequest";
const RESPONSE_TYPE = "responseType";
const RESPONSE = "response";
const CLEAR_PROPS$7 = [
RESPONSE_TYPE,
RESPONSE
];
class ResponseBytes extends PkiObject {
constructor(parameters = {}) {
super();
this.responseType = getParametersValue(parameters, RESPONSE_TYPE, ResponseBytes.defaultValues(RESPONSE_TYPE));
this.response = getParametersValue(parameters, RESPONSE, ResponseBytes.defaultValues(RESPONSE));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case RESPONSE_TYPE:
return EMPTY_STRING;
case RESPONSE:
return new OctetString();
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case RESPONSE_TYPE:
return (memberValue === EMPTY_STRING);
case RESPONSE:
return (memberValue.isEqual(ResponseBytes.defaultValues(memberName)));
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new ObjectIdentifier({ name: (names.responseType || EMPTY_STRING) }),
new OctetString({ name: (names.response || EMPTY_STRING) })
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$7);
const asn1 = compareSchema(schema, schema, ResponseBytes.schema({
names: {
responseType: RESPONSE_TYPE,
response: RESPONSE
}
}));
AsnError.assertSchema(asn1, this.className);
this.responseType = asn1.result.responseType.valueBlock.toString();
this.response = asn1.result.response;
}
toSchema() {
return (new Sequence({
value: [
new ObjectIdentifier({ value: this.responseType }),
this.response
]
}));
}
toJSON() {
return {
responseType: this.responseType,
response: this.response.toJSON(),
};
}
}
ResponseBytes.CLASS_NAME = "ResponseBytes";
const RESPONSE_STATUS = "responseStatus";
const RESPONSE_BYTES = "responseBytes";
class OCSPResponse extends PkiObject {
constructor(parameters = {}) {
super();
this.responseStatus = getParametersValue(parameters, RESPONSE_STATUS, OCSPResponse.defaultValues(RESPONSE_STATUS));
if (RESPONSE_BYTES in parameters) {
this.responseBytes = getParametersValue(parameters, RESPONSE_BYTES, OCSPResponse.defaultValues(RESPONSE_BYTES));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case RESPONSE_STATUS:
return new Enumerated();
case RESPONSE_BYTES:
return new ResponseBytes();
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case RESPONSE_STATUS:
return (memberValue.isEqual(OCSPResponse.defaultValues(memberName)));
case RESPONSE_BYTES:
return ((ResponseBytes.compareWithDefault("responseType", memberValue.responseType)) &&
(ResponseBytes.compareWithDefault("response", memberValue.response)));
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || "OCSPResponse"),
value: [
new Enumerated({ name: (names.responseStatus || RESPONSE_STATUS) }),
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [
ResponseBytes.schema(names.responseBytes || {
names: {
blockName: RESPONSE_BYTES
}
})
]
})
]
}));
}
fromSchema(schema) {
clearProps(schema, [
RESPONSE_STATUS,
RESPONSE_BYTES
]);
const asn1 = compareSchema(schema, schema, OCSPResponse.schema());
AsnError.assertSchema(asn1, this.className);
this.responseStatus = asn1.result.responseStatus;
if (RESPONSE_BYTES in asn1.result)
this.responseBytes = new ResponseBytes({ schema: asn1.result.responseBytes });
}
toSchema() {
const outputArray = [];
outputArray.push(this.responseStatus);
if (this.responseBytes) {
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [this.responseBytes.toSchema()]
}));
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const res = {
responseStatus: this.responseStatus.toJSON()
};
if (this.responseBytes) {
res.responseBytes = this.responseBytes.toJSON();
}
return res;
}
async getCertificateStatus(certificate, issuerCertificate, crypto = getCrypto(true)) {
let basicResponse;
const result = {
isForCertificate: false,
status: 2
};
if (!this.responseBytes)
return result;
if (this.responseBytes.responseType !== id_PKIX_OCSP_Basic)
return result;
try {
const asn1Basic = fromBER(this.responseBytes.response.valueBlock.valueHexView);
AsnError.assert(asn1Basic, "Basic OCSP response");
basicResponse = new BasicOCSPResponse({ schema: asn1Basic.result });
}
catch {
return result;
}
return basicResponse.getCertificateStatus(certificate, issuerCertificate, crypto);
}
async sign(privateKey, hashAlgorithm, crypto = getCrypto(true)) {
var _a;
if (this.responseBytes && this.responseBytes.responseType === id_PKIX_OCSP_Basic) {
const basicResponse = BasicOCSPResponse.fromBER(this.responseBytes.response.valueBlock.valueHexView);
return basicResponse.sign(privateKey, hashAlgorithm, crypto);
}
throw new Error(`Unknown ResponseBytes type: ${((_a = this.responseBytes) === null || _a === void 0 ? void 0 : _a.responseType) || "Unknown"}`);
}
async verify(issuerCertificate = null, crypto = getCrypto(true)) {
var _a;
if ((RESPONSE_BYTES in this) === false)
throw new Error("Empty ResponseBytes field");
if (this.responseBytes && this.responseBytes.responseType === id_PKIX_OCSP_Basic) {
const basicResponse = BasicOCSPResponse.fromBER(this.responseBytes.response.valueBlock.valueHexView);
if (issuerCertificate !== null) {
if (!basicResponse.certs) {
basicResponse.certs = [];
}
basicResponse.certs.push(issuerCertificate);
}
return basicResponse.verify({}, crypto);
}
throw new Error(`Unknown ResponseBytes type: ${((_a = this.responseBytes) === null || _a === void 0 ? void 0 : _a.responseType) || "Unknown"}`);
}
}
OCSPResponse.CLASS_NAME = "OCSPResponse";
const TYPE = "type";
const ATTRIBUTES = "attributes";
const ENCODED_VALUE = "encodedValue";
const CLEAR_PROPS$6 = [
ATTRIBUTES
];
class SignedAndUnsignedAttributes extends PkiObject {
constructor(parameters = {}) {
super();
this.type = getParametersValue(parameters, TYPE, SignedAndUnsignedAttributes.defaultValues(TYPE));
this.attributes = getParametersValue(parameters, ATTRIBUTES, SignedAndUnsignedAttributes.defaultValues(ATTRIBUTES));
this.encodedValue = getParametersValue(parameters, ENCODED_VALUE, SignedAndUnsignedAttributes.defaultValues(ENCODED_VALUE));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case TYPE:
return (-1);
case ATTRIBUTES:
return [];
case ENCODED_VALUE:
return EMPTY_BUFFER;
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case TYPE:
return (memberValue === SignedAndUnsignedAttributes.defaultValues(TYPE));
case ATTRIBUTES:
return (memberValue.length === 0);
case ENCODED_VALUE:
return (memberValue.byteLength === 0);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Constructed({
name: (names.blockName || EMPTY_STRING),
optional: true,
idBlock: {
tagClass: 3,
tagNumber: names.tagNumber || 0
},
value: [
new Repeated({
name: (names.attributes || EMPTY_STRING),
value: Attribute.schema()
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$6);
const asn1 = compareSchema(schema, schema, SignedAndUnsignedAttributes.schema({
names: {
tagNumber: this.type,
attributes: ATTRIBUTES
}
}));
AsnError.assertSchema(asn1, this.className);
this.type = asn1.result.idBlock.tagNumber;
this.encodedValue = BufferSourceConverter.toArrayBuffer(asn1.result.valueBeforeDecodeView);
const encodedView = new Uint8Array(this.encodedValue);
encodedView[0] = 0x31;
if ((ATTRIBUTES in asn1.result) === false) {
if (this.type === 0)
throw new Error("Wrong structure of SignedUnsignedAttributes");
else
return;
}
this.attributes = Array.from(asn1.result.attributes, element => new Attribute({ schema: element }));
}
toSchema() {
if (SignedAndUnsignedAttributes.compareWithDefault(TYPE, this.type) || SignedAndUnsignedAttributes.compareWithDefault(ATTRIBUTES, this.attributes))
throw new Error("Incorrectly initialized \"SignedAndUnsignedAttributes\" class");
return (new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: this.type
},
value: Array.from(this.attributes, o => o.toSchema())
}));
}
toJSON() {
if (SignedAndUnsignedAttributes.compareWithDefault(TYPE, this.type) || SignedAndUnsignedAttributes.compareWithDefault(ATTRIBUTES, this.attributes))
throw new Error("Incorrectly initialized \"SignedAndUnsignedAttributes\" class");
return {
type: this.type,
attributes: Array.from(this.attributes, o => o.toJSON())
};
}
}
SignedAndUnsignedAttributes.CLASS_NAME = "SignedAndUnsignedAttributes";
const VERSION$4 = "version";
const SID = "sid";
const DIGEST_ALGORITHM = "digestAlgorithm";
const SIGNED_ATTRS = "signedAttrs";
const SIGNATURE_ALGORITHM = "signatureAlgorithm";
const SIGNATURE = "signature";
const UNSIGNED_ATTRS = "unsignedAttrs";
const SIGNER_INFO = "SignerInfo";
const SIGNER_INFO_VERSION = `${SIGNER_INFO}.${VERSION$4}`;
const SIGNER_INFO_SID = `${SIGNER_INFO}.${SID}`;
const SIGNER_INFO_DIGEST_ALGORITHM = `${SIGNER_INFO}.${DIGEST_ALGORITHM}`;
const SIGNER_INFO_SIGNED_ATTRS = `${SIGNER_INFO}.${SIGNED_ATTRS}`;
const SIGNER_INFO_SIGNATURE_ALGORITHM = `${SIGNER_INFO}.${SIGNATURE_ALGORITHM}`;
const SIGNER_INFO_SIGNATURE = `${SIGNER_INFO}.${SIGNATURE}`;
const SIGNER_INFO_UNSIGNED_ATTRS = `${SIGNER_INFO}.${UNSIGNED_ATTRS}`;
const CLEAR_PROPS$5 = [
SIGNER_INFO_VERSION,
SIGNER_INFO_SID,
SIGNER_INFO_DIGEST_ALGORITHM,
SIGNER_INFO_SIGNED_ATTRS,
SIGNER_INFO_SIGNATURE_ALGORITHM,
SIGNER_INFO_SIGNATURE,
SIGNER_INFO_UNSIGNED_ATTRS
];
class SignerInfo extends PkiObject {
constructor(parameters = {}) {
super();
this.version = getParametersValue(parameters, VERSION$4, SignerInfo.defaultValues(VERSION$4));
this.sid = getParametersValue(parameters, SID, SignerInfo.defaultValues(SID));
this.digestAlgorithm = getParametersValue(parameters, DIGEST_ALGORITHM, SignerInfo.defaultValues(DIGEST_ALGORITHM));
if (SIGNED_ATTRS in parameters) {
this.signedAttrs = getParametersValue(parameters, SIGNED_ATTRS, SignerInfo.defaultValues(SIGNED_ATTRS));
}
this.signatureAlgorithm = getParametersValue(parameters, SIGNATURE_ALGORITHM, SignerInfo.defaultValues(SIGNATURE_ALGORITHM));
this.signature = getParametersValue(parameters, SIGNATURE, SignerInfo.defaultValues(SIGNATURE));
if (UNSIGNED_ATTRS in parameters) {
this.unsignedAttrs = getParametersValue(parameters, UNSIGNED_ATTRS, SignerInfo.defaultValues(UNSIGNED_ATTRS));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case VERSION$4:
return 0;
case SID:
return new Any();
case DIGEST_ALGORITHM:
return new AlgorithmIdentifier();
case SIGNED_ATTRS:
return new SignedAndUnsignedAttributes({ type: 0 });
case SIGNATURE_ALGORITHM:
return new AlgorithmIdentifier();
case SIGNATURE:
return new OctetString();
case UNSIGNED_ATTRS:
return new SignedAndUnsignedAttributes({ type: 1 });
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case VERSION$4:
return (SignerInfo.defaultValues(VERSION$4) === memberValue);
case SID:
return (memberValue instanceof Any);
case DIGEST_ALGORITHM:
if ((memberValue instanceof AlgorithmIdentifier) === false)
return false;
return memberValue.isEqual(SignerInfo.defaultValues(DIGEST_ALGORITHM));
case SIGNED_ATTRS:
return ((SignedAndUnsignedAttributes.compareWithDefault("type", memberValue.type))
&& (SignedAndUnsignedAttributes.compareWithDefault("attributes", memberValue.attributes))
&& (SignedAndUnsignedAttributes.compareWithDefault("encodedValue", memberValue.encodedValue)));
case SIGNATURE_ALGORITHM:
if ((memberValue instanceof AlgorithmIdentifier) === false)
return false;
return memberValue.isEqual(SignerInfo.defaultValues(SIGNATURE_ALGORITHM));
case SIGNATURE:
case UNSIGNED_ATTRS:
return ((SignedAndUnsignedAttributes.compareWithDefault("type", memberValue.type))
&& (SignedAndUnsignedAttributes.compareWithDefault("attributes", memberValue.attributes))
&& (SignedAndUnsignedAttributes.compareWithDefault("encodedValue", memberValue.encodedValue)));
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: SIGNER_INFO,
value: [
new Integer({ name: (names.version || SIGNER_INFO_VERSION) }),
new Choice({
value: [
IssuerAndSerialNumber.schema(names.sidSchema || {
names: {
blockName: SIGNER_INFO_SID
}
}),
new Choice({
value: [
new Constructed({
optional: true,
name: (names.sid || SIGNER_INFO_SID),
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [new OctetString()]
}),
new Primitive({
optional: true,
name: (names.sid || SIGNER_INFO_SID),
idBlock: {
tagClass: 3,
tagNumber: 0
}
}),
]
}),
]
}),
AlgorithmIdentifier.schema(names.digestAlgorithm || {
names: {
blockName: SIGNER_INFO_DIGEST_ALGORITHM
}
}),
SignedAndUnsignedAttributes.schema(names.signedAttrs || {
names: {
blockName: SIGNER_INFO_SIGNED_ATTRS,
tagNumber: 0
}
}),
AlgorithmIdentifier.schema(names.signatureAlgorithm || {
names: {
blockName: SIGNER_INFO_SIGNATURE_ALGORITHM
}
}),
new OctetString({ name: (names.signature || SIGNER_INFO_SIGNATURE) }),
SignedAndUnsignedAttributes.schema(names.unsignedAttrs || {
names: {
blockName: SIGNER_INFO_UNSIGNED_ATTRS,
tagNumber: 1
}
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$5);
const asn1 = compareSchema(schema, schema, SignerInfo.schema());
AsnError.assertSchema(asn1, this.className);
this.version = asn1.result[SIGNER_INFO_VERSION].valueBlock.valueDec;
const currentSid = asn1.result[SIGNER_INFO_SID];
if (currentSid.idBlock.tagClass === 1)
this.sid = new IssuerAndSerialNumber({ schema: currentSid });
else
this.sid = currentSid;
this.digestAlgorithm = new AlgorithmIdentifier({ schema: asn1.result[SIGNER_INFO_DIGEST_ALGORITHM] });
if (SIGNER_INFO_SIGNED_ATTRS in asn1.result)
this.signedAttrs = new SignedAndUnsignedAttributes({ type: 0, schema: asn1.result[SIGNER_INFO_SIGNED_ATTRS] });
this.signatureAlgorithm = new AlgorithmIdentifier({ schema: asn1.result[SIGNER_INFO_SIGNATURE_ALGORITHM] });
this.signature = asn1.result[SIGNER_INFO_SIGNATURE];
if (SIGNER_INFO_UNSIGNED_ATTRS in asn1.result)
this.unsignedAttrs = new SignedAndUnsignedAttributes({ type: 1, schema: asn1.result[SIGNER_INFO_UNSIGNED_ATTRS] });
}
toSchema() {
if (SignerInfo.compareWithDefault(SID, this.sid))
throw new Error("Incorrectly initialized \"SignerInfo\" class");
const outputArray = [];
outputArray.push(new Integer({ value: this.version }));
if (this.sid instanceof IssuerAndSerialNumber)
outputArray.push(this.sid.toSchema());
else
outputArray.push(this.sid);
outputArray.push(this.digestAlgorithm.toSchema());
if (this.signedAttrs) {
if (SignerInfo.compareWithDefault(SIGNED_ATTRS, this.signedAttrs) === false)
outputArray.push(this.signedAttrs.toSchema());
}
outputArray.push(this.signatureAlgorithm.toSchema());
outputArray.push(this.signature);
if (this.unsignedAttrs) {
if (SignerInfo.compareWithDefault(UNSIGNED_ATTRS, this.unsignedAttrs) === false)
outputArray.push(this.unsignedAttrs.toSchema());
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
if (SignerInfo.compareWithDefault(SID, this.sid)) {
throw new Error("Incorrectly initialized \"SignerInfo\" class");
}
const res = {
version: this.version,
digestAlgorithm: this.digestAlgorithm.toJSON(),
signatureAlgorithm: this.signatureAlgorithm.toJSON(),
signature: this.signature.toJSON(),
};
if (!(this.sid instanceof Any))
res.sid = this.sid.toJSON();
if (this.signedAttrs && SignerInfo.compareWithDefault(SIGNED_ATTRS, this.signedAttrs) === false) {
res.signedAttrs = this.signedAttrs.toJSON();
}
if (this.unsignedAttrs && SignerInfo.compareWithDefault(UNSIGNED_ATTRS, this.unsignedAttrs) === false) {
res.unsignedAttrs = this.unsignedAttrs.toJSON();
}
return res;
}
}
SignerInfo.CLASS_NAME = "SignerInfo";
const VERSION$3 = "version";
const POLICY = "policy";
const MESSAGE_IMPRINT$1 = "messageImprint";
const SERIAL_NUMBER = "serialNumber";
const GEN_TIME = "genTime";
const ORDERING = "ordering";
const NONCE$1 = "nonce";
const ACCURACY = "accuracy";
const TSA = "tsa";
const EXTENSIONS$1 = "extensions";
const TST_INFO = "TSTInfo";
const TST_INFO_VERSION = `${TST_INFO}.${VERSION$3}`;
const TST_INFO_POLICY = `${TST_INFO}.${POLICY}`;
const TST_INFO_MESSAGE_IMPRINT = `${TST_INFO}.${MESSAGE_IMPRINT$1}`;
const TST_INFO_SERIAL_NUMBER = `${TST_INFO}.${SERIAL_NUMBER}`;
const TST_INFO_GEN_TIME = `${TST_INFO}.${GEN_TIME}`;
const TST_INFO_ACCURACY = `${TST_INFO}.${ACCURACY}`;
const TST_INFO_ORDERING = `${TST_INFO}.${ORDERING}`;
const TST_INFO_NONCE = `${TST_INFO}.${NONCE$1}`;
const TST_INFO_TSA = `${TST_INFO}.${TSA}`;
const TST_INFO_EXTENSIONS = `${TST_INFO}.${EXTENSIONS$1}`;
const CLEAR_PROPS$4 = [
TST_INFO_VERSION,
TST_INFO_POLICY,
TST_INFO_MESSAGE_IMPRINT,
TST_INFO_SERIAL_NUMBER,
TST_INFO_GEN_TIME,
TST_INFO_ACCURACY,
TST_INFO_ORDERING,
TST_INFO_NONCE,
TST_INFO_TSA,
TST_INFO_EXTENSIONS
];
class TSTInfo extends PkiObject {
constructor(parameters = {}) {
super();
this.version = getParametersValue(parameters, VERSION$3, TSTInfo.defaultValues(VERSION$3));
this.policy = getParametersValue(parameters, POLICY, TSTInfo.defaultValues(POLICY));
this.messageImprint = getParametersValue(parameters, MESSAGE_IMPRINT$1, TSTInfo.defaultValues(MESSAGE_IMPRINT$1));
this.serialNumber = getParametersValue(parameters, SERIAL_NUMBER, TSTInfo.defaultValues(SERIAL_NUMBER));
this.genTime = getParametersValue(parameters, GEN_TIME, TSTInfo.defaultValues(GEN_TIME));
if (ACCURACY in parameters) {
this.accuracy = getParametersValue(parameters, ACCURACY, TSTInfo.defaultValues(ACCURACY));
}
if (ORDERING in parameters) {
this.ordering = getParametersValue(parameters, ORDERING, TSTInfo.defaultValues(ORDERING));
}
if (NONCE$1 in parameters) {
this.nonce = getParametersValue(parameters, NONCE$1, TSTInfo.defaultValues(NONCE$1));
}
if (TSA in parameters) {
this.tsa = getParametersValue(parameters, TSA, TSTInfo.defaultValues(TSA));
}
if (EXTENSIONS$1 in parameters) {
this.extensions = getParametersValue(parameters, EXTENSIONS$1, TSTInfo.defaultValues(EXTENSIONS$1));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case VERSION$3:
return 0;
case POLICY:
return EMPTY_STRING;
case MESSAGE_IMPRINT$1:
return new MessageImprint();
case SERIAL_NUMBER:
return new Integer();
case GEN_TIME:
return new Date(0, 0, 0);
case ACCURACY:
return new Accuracy();
case ORDERING:
return false;
case NONCE$1:
return new Integer();
case TSA:
return new GeneralName();
case EXTENSIONS$1:
return [];
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case VERSION$3:
case POLICY:
case GEN_TIME:
case ORDERING:
return (memberValue === TSTInfo.defaultValues(ORDERING));
case MESSAGE_IMPRINT$1:
return ((MessageImprint.compareWithDefault(HASH_ALGORITHM, memberValue.hashAlgorithm)) &&
(MessageImprint.compareWithDefault(HASHED_MESSAGE, memberValue.hashedMessage)));
case SERIAL_NUMBER:
case NONCE$1:
return (memberValue.isEqual(TSTInfo.defaultValues(NONCE$1)));
case ACCURACY:
return ((Accuracy.compareWithDefault(SECONDS, memberValue.seconds)) &&
(Accuracy.compareWithDefault(MILLIS, memberValue.millis)) &&
(Accuracy.compareWithDefault(MICROS, memberValue.micros)));
case TSA:
return ((GeneralName.compareWithDefault(TYPE$4, memberValue.type)) &&
(GeneralName.compareWithDefault(VALUE$5, memberValue.value)));
case EXTENSIONS$1:
return (memberValue.length === 0);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || TST_INFO),
value: [
new Integer({ name: (names.version || TST_INFO_VERSION) }),
new ObjectIdentifier({ name: (names.policy || TST_INFO_POLICY) }),
MessageImprint.schema(names.messageImprint || {
names: {
blockName: TST_INFO_MESSAGE_IMPRINT
}
}),
new Integer({ name: (names.serialNumber || TST_INFO_SERIAL_NUMBER) }),
new GeneralizedTime({ name: (names.genTime || TST_INFO_GEN_TIME) }),
Accuracy.schema(names.accuracy || {
names: {
blockName: TST_INFO_ACCURACY
}
}),
new Boolean({
name: (names.ordering || TST_INFO_ORDERING),
optional: true
}),
new Integer({
name: (names.nonce || TST_INFO_NONCE),
optional: true
}),
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [GeneralName.schema(names.tsa || {
names: {
blockName: TST_INFO_TSA
}
})]
}),
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: [
new Repeated({
name: (names.extensions || TST_INFO_EXTENSIONS),
value: Extension.schema(names.extension || {})
})
]
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$4);
const asn1 = compareSchema(schema, schema, TSTInfo.schema());
AsnError.assertSchema(asn1, this.className);
this.version = asn1.result[TST_INFO_VERSION].valueBlock.valueDec;
this.policy = asn1.result[TST_INFO_POLICY].valueBlock.toString();
this.messageImprint = new MessageImprint({ schema: asn1.result[TST_INFO_MESSAGE_IMPRINT] });
this.serialNumber = asn1.result[TST_INFO_SERIAL_NUMBER];
this.genTime = asn1.result[TST_INFO_GEN_TIME].toDate();
if (TST_INFO_ACCURACY in asn1.result)
this.accuracy = new Accuracy({ schema: asn1.result[TST_INFO_ACCURACY] });
if (TST_INFO_ORDERING in asn1.result)
this.ordering = asn1.result[TST_INFO_ORDERING].valueBlock.value;
if (TST_INFO_NONCE in asn1.result)
this.nonce = asn1.result[TST_INFO_NONCE];
if (TST_INFO_TSA in asn1.result)
this.tsa = new GeneralName({ schema: asn1.result[TST_INFO_TSA] });
if (TST_INFO_EXTENSIONS in asn1.result)
this.extensions = Array.from(asn1.result[TST_INFO_EXTENSIONS], element => new Extension({ schema: element }));
}
toSchema() {
const outputArray = [];
outputArray.push(new Integer({ value: this.version }));
outputArray.push(new ObjectIdentifier({ value: this.policy }));
outputArray.push(this.messageImprint.toSchema());
outputArray.push(this.serialNumber);
outputArray.push(new GeneralizedTime({ valueDate: this.genTime }));
if (this.accuracy)
outputArray.push(this.accuracy.toSchema());
if (this.ordering !== undefined)
outputArray.push(new Boolean({ value: this.ordering }));
if (this.nonce)
outputArray.push(this.nonce);
if (this.tsa) {
outputArray.push(new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [this.tsa.toSchema()]
}));
}
if (this.extensions) {
outputArray.push(new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: Array.from(this.extensions, o => o.toSchema())
}));
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const res = {
version: this.version,
policy: this.policy,
messageImprint: this.messageImprint.toJSON(),
serialNumber: this.serialNumber.toJSON(),
genTime: this.genTime
};
if (this.accuracy)
res.accuracy = this.accuracy.toJSON();
if (this.ordering !== undefined)
res.ordering = this.ordering;
if (this.nonce)
res.nonce = this.nonce.toJSON();
if (this.tsa)
res.tsa = this.tsa.toJSON();
if (this.extensions)
res.extensions = Array.from(this.extensions, o => o.toJSON());
return res;
}
async verify(params, crypto = getCrypto(true)) {
if (!params.data) {
throw new Error("\"data\" is a mandatory attribute for TST_INFO verification");
}
const data = params.data;
if (params.notBefore) {
if (this.genTime < params.notBefore)
throw new Error("Generation time for TSTInfo object is less than notBefore value");
}
if (params.notAfter) {
if (this.genTime > params.notAfter)
throw new Error("Generation time for TSTInfo object is more than notAfter value");
}
const shaAlgorithm = crypto.getAlgorithmByOID(this.messageImprint.hashAlgorithm.algorithmId, true, "MessageImprint.hashAlgorithm");
const hash = await crypto.digest(shaAlgorithm.name, new Uint8Array(data));
return BufferSourceConverter.isEqual(hash, this.messageImprint.hashedMessage.valueBlock.valueHexView);
}
}
TSTInfo.CLASS_NAME = "TSTInfo";
const VERSION$2 = "version";
const DIGEST_ALGORITHMS = "digestAlgorithms";
const ENCAP_CONTENT_INFO = "encapContentInfo";
const CERTIFICATES = "certificates";
const CRLS = "crls";
const SIGNER_INFOS = "signerInfos";
const OCSPS = "ocsps";
const SIGNED_DATA = "SignedData";
const SIGNED_DATA_VERSION = `${SIGNED_DATA}.${VERSION$2}`;
const SIGNED_DATA_DIGEST_ALGORITHMS = `${SIGNED_DATA}.${DIGEST_ALGORITHMS}`;
const SIGNED_DATA_ENCAP_CONTENT_INFO = `${SIGNED_DATA}.${ENCAP_CONTENT_INFO}`;
const SIGNED_DATA_CERTIFICATES = `${SIGNED_DATA}.${CERTIFICATES}`;
const SIGNED_DATA_CRLS = `${SIGNED_DATA}.${CRLS}`;
const SIGNED_DATA_SIGNER_INFOS = `${SIGNED_DATA}.${SIGNER_INFOS}`;
const CLEAR_PROPS$3 = [
SIGNED_DATA_VERSION,
SIGNED_DATA_DIGEST_ALGORITHMS,
SIGNED_DATA_ENCAP_CONTENT_INFO,
SIGNED_DATA_CERTIFICATES,
SIGNED_DATA_CRLS,
SIGNED_DATA_SIGNER_INFOS
];
class SignedDataVerifyError extends Error {
constructor({ message, code = 0, date = new Date(), signatureVerified = null, signerCertificate = null, signerCertificateVerified = null, timestampSerial = null, certificatePath = [], }) {
super(message);
this.name = "SignedDataVerifyError";
this.date = date;
this.code = code;
this.timestampSerial = timestampSerial;
this.signatureVerified = signatureVerified;
this.signerCertificate = signerCertificate;
this.signerCertificateVerified = signerCertificateVerified;
this.certificatePath = certificatePath;
}
}
class SignedData extends PkiObject {
constructor(parameters = {}) {
super();
this.version = getParametersValue(parameters, VERSION$2, SignedData.defaultValues(VERSION$2));
this.digestAlgorithms = getParametersValue(parameters, DIGEST_ALGORITHMS, SignedData.defaultValues(DIGEST_ALGORITHMS));
this.encapContentInfo = getParametersValue(parameters, ENCAP_CONTENT_INFO, SignedData.defaultValues(ENCAP_CONTENT_INFO));
if (CERTIFICATES in parameters) {
this.certificates = getParametersValue(parameters, CERTIFICATES, SignedData.defaultValues(CERTIFICATES));
}
if (CRLS in parameters) {
this.crls = getParametersValue(parameters, CRLS, SignedData.defaultValues(CRLS));
}
if (OCSPS in parameters) {
this.ocsps = getParametersValue(parameters, OCSPS, SignedData.defaultValues(OCSPS));
}
this.signerInfos = getParametersValue(parameters, SIGNER_INFOS, SignedData.defaultValues(SIGNER_INFOS));
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case VERSION$2:
return 0;
case DIGEST_ALGORITHMS:
return [];
case ENCAP_CONTENT_INFO:
return new EncapsulatedContentInfo();
case CERTIFICATES:
return [];
case CRLS:
return [];
case OCSPS:
return [];
case SIGNER_INFOS:
return [];
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case VERSION$2:
return (memberValue === SignedData.defaultValues(VERSION$2));
case ENCAP_CONTENT_INFO:
return EncapsulatedContentInfo.compareWithDefault("eContentType", memberValue.eContentType) &&
EncapsulatedContentInfo.compareWithDefault("eContent", memberValue.eContent);
case DIGEST_ALGORITHMS:
case CERTIFICATES:
case CRLS:
case OCSPS:
case SIGNER_INFOS:
return (memberValue.length === 0);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
if (names.optional === undefined) {
names.optional = false;
}
return (new Sequence({
name: (names.blockName || SIGNED_DATA),
optional: names.optional,
value: [
new Integer({ name: (names.version || SIGNED_DATA_VERSION) }),
new Set({
value: [
new Repeated({
name: (names.digestAlgorithms || SIGNED_DATA_DIGEST_ALGORITHMS),
value: AlgorithmIdentifier.schema()
})
]
}),
EncapsulatedContentInfo.schema(names.encapContentInfo || {
names: {
blockName: SIGNED_DATA_ENCAP_CONTENT_INFO
}
}),
new Constructed({
name: (names.certificates || SIGNED_DATA_CERTIFICATES),
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: CertificateSet.schema().valueBlock.value
}),
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: RevocationInfoChoices.schema(names.crls || {
names: {
crls: SIGNED_DATA_CRLS
}
}).valueBlock.value
}),
new Set({
value: [
new Repeated({
name: (names.signerInfos || SIGNED_DATA_SIGNER_INFOS),
value: SignerInfo.schema()
})
]
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$3);
const asn1 = compareSchema(schema, schema, SignedData.schema());
AsnError.assertSchema(asn1, this.className);
this.version = asn1.result[SIGNED_DATA_VERSION].valueBlock.valueDec;
if (SIGNED_DATA_DIGEST_ALGORITHMS in asn1.result)
this.digestAlgorithms = Array.from(asn1.result[SIGNED_DATA_DIGEST_ALGORITHMS], algorithm => new AlgorithmIdentifier({ schema: algorithm }));
this.encapContentInfo = new EncapsulatedContentInfo({ schema: asn1.result[SIGNED_DATA_ENCAP_CONTENT_INFO] });
if (SIGNED_DATA_CERTIFICATES in asn1.result) {
const certificateSet = new CertificateSet({
schema: new Set({
value: asn1.result[SIGNED_DATA_CERTIFICATES].valueBlock.value
})
});
this.certificates = certificateSet.certificates.slice(0);
}
if (SIGNED_DATA_CRLS in asn1.result) {
this.crls = Array.from(asn1.result[SIGNED_DATA_CRLS], (crl) => {
if (crl.idBlock.tagClass === 1)
return new CertificateRevocationList({ schema: crl });
crl.idBlock.tagClass = 1;
crl.idBlock.tagNumber = 16;
return new OtherRevocationInfoFormat({ schema: crl });
});
}
if (SIGNED_DATA_SIGNER_INFOS in asn1.result)
this.signerInfos = Array.from(asn1.result[SIGNED_DATA_SIGNER_INFOS], signerInfoSchema => new SignerInfo({ schema: signerInfoSchema }));
}
toSchema(encodeFlag = false) {
const outputArray = [];
if ((this.certificates && this.certificates.length && this.certificates.some(o => o instanceof OtherCertificateFormat))
|| (this.crls && this.crls.length && this.crls.some(o => o instanceof OtherRevocationInfoFormat))) {
this.version = 5;
}
else if (this.certificates && this.certificates.length && this.certificates.some(o => o instanceof AttributeCertificateV2)) {
this.version = 4;
}
else if ((this.certificates && this.certificates.length && this.certificates.some(o => o instanceof AttributeCertificateV1))
|| this.signerInfos.some(o => o.version === 3)
|| this.encapContentInfo.eContentType !== SignedData.ID_DATA) {
this.version = 3;
}
else {
this.version = 1;
}
outputArray.push(new Integer({ value: this.version }));
outputArray.push(new Set({
value: Array.from(this.digestAlgorithms, algorithm => algorithm.toSchema())
}));
outputArray.push(this.encapContentInfo.toSchema());
if (this.certificates) {
const certificateSet = new CertificateSet({ certificates: this.certificates });
const certificateSetSchema = certificateSet.toSchema();
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: certificateSetSchema.valueBlock.value
}));
}
if (this.crls) {
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 1
},
value: Array.from(this.crls, crl => {
if (crl instanceof OtherRevocationInfoFormat) {
const crlSchema = crl.toSchema();
crlSchema.idBlock.tagClass = 3;
crlSchema.idBlock.tagNumber = 1;
return crlSchema;
}
return crl.toSchema(encodeFlag);
})
}));
}
outputArray.push(new Set({
value: Array.from(this.signerInfos, signerInfo => signerInfo.toSchema())
}));
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const res = {
version: this.version,
digestAlgorithms: Array.from(this.digestAlgorithms, algorithm => algorithm.toJSON()),
encapContentInfo: this.encapContentInfo.toJSON(),
signerInfos: Array.from(this.signerInfos, signerInfo => signerInfo.toJSON()),
};
if (this.certificates) {
res.certificates = Array.from(this.certificates, certificate => certificate.toJSON());
}
if (this.crls) {
res.crls = Array.from(this.crls, crl => crl.toJSON());
}
return res;
}
async verify({ signer = (-1), data = (EMPTY_BUFFER), trustedCerts = [], checkDate = (new Date()), checkChain = false, passedWhenNotRevValues = false, extendedMode = false, findOrigin = null, findIssuer = null } = {}, crypto = getCrypto(true)) {
let signerCert = null;
let timestampSerial = null;
try {
let messageDigestValue = EMPTY_BUFFER;
let shaAlgorithm = EMPTY_STRING;
let certificatePath = [];
const signerInfo = this.signerInfos[signer];
if (!signerInfo) {
throw new SignedDataVerifyError({
date: checkDate,
code: 1,
message: "Unable to get signer by supplied index",
});
}
if (!this.certificates) {
throw new SignedDataVerifyError({
date: checkDate,
code: 2,
message: "No certificates attached to this signed data",
});
}
if (signerInfo.sid instanceof IssuerAndSerialNumber) {
for (const certificate of this.certificates) {
if (!(certificate instanceof Certificate))
continue;
if ((certificate.issuer.isEqual(signerInfo.sid.issuer)) &&
(certificate.serialNumber.isEqual(signerInfo.sid.serialNumber))) {
signerCert = certificate;
break;
}
}
}
else {
const sid = signerInfo.sid;
const keyId = sid.idBlock.isConstructed
? sid.valueBlock.value[0].valueBlock.valueHex
: sid.valueBlock.valueHex;
for (const certificate of this.certificates) {
if (!(certificate instanceof Certificate)) {
continue;
}
const digest = await crypto.digest({ name: "sha-1" }, certificate.subjectPublicKeyInfo.subjectPublicKey.valueBlock.valueHexView);
if (isEqualBuffer(digest, keyId)) {
signerCert = certificate;
break;
}
}
}
if (!signerCert) {
throw new SignedDataVerifyError({
date: checkDate,
code: 3,
message: "Unable to find signer certificate",
});
}
if (this.encapContentInfo.eContentType === id_eContentType_TSTInfo) {
if (!this.encapContentInfo.eContent) {
throw new SignedDataVerifyError({
date: checkDate,
code: 15,
message: "Error during verification: TSTInfo eContent is empty",
signatureVerified: null,
signerCertificate: signerCert,
timestampSerial,
signerCertificateVerified: true
});
}
let tstInfo;
try {
tstInfo = TSTInfo.fromBER(this.encapContentInfo.eContent.valueBlock.valueHexView);
}
catch {
throw new SignedDataVerifyError({
date: checkDate,
code: 15,
message: "Error during verification: TSTInfo wrong ASN.1 schema ",
signatureVerified: null,
signerCertificate: signerCert,
timestampSerial,
signerCertificateVerified: true
});
}
checkDate = tstInfo.genTime;
timestampSerial = tstInfo.serialNumber.valueBlock.valueHexView.slice().buffer;
if (data.byteLength === 0) {
throw new SignedDataVerifyError({
date: checkDate,
code: 4,
message: "Missed detached data input array",
});
}
if (!(await tstInfo.verify({ data }, crypto))) {
throw new SignedDataVerifyError({
date: checkDate,
code: 15,
message: "Error during verification: TSTInfo verification is failed",
signatureVerified: false,
signerCertificate: signerCert,
timestampSerial,
signerCertificateVerified: true
});
}
}
if (checkChain) {
const certs = this.certificates.filter(certificate => (certificate instanceof Certificate && !!checkCA(certificate, signerCert)));
const chainParams = {
checkDate,
certs,
trustedCerts,
};
if (findIssuer) {
chainParams.findIssuer = findIssuer;
}
if (findOrigin) {
chainParams.findOrigin = findOrigin;
}
const chainEngine = new CertificateChainValidationEngine(chainParams);
chainEngine.certs.push(signerCert);
if (this.crls) {
for (const crl of this.crls) {
if ("thisUpdate" in crl)
chainEngine.crls.push(crl);
else {
if (crl.otherRevInfoFormat === id_PKIX_OCSP_Basic)
chainEngine.ocsps.push(new BasicOCSPResponse({ schema: crl.otherRevInfo }));
}
}
}
if (this.ocsps) {
chainEngine.ocsps.push(...(this.ocsps));
}
const verificationResult = await chainEngine.verify({ passedWhenNotRevValues }, crypto)
.catch(e => {
throw new SignedDataVerifyError({
date: checkDate,
code: 5,
message: `Validation of signer's certificate failed with error: ${((e instanceof Object) ? e.resultMessage : e)}`,
signerCertificate: signerCert,
signerCertificateVerified: false
});
});
if (verificationResult.certificatePath) {
certificatePath = verificationResult.certificatePath;
}
if (!verificationResult.result)
throw new SignedDataVerifyError({
date: checkDate,
code: 5,
message: `Validation of signer's certificate failed: ${verificationResult.resultMessage}`,
signerCertificate: signerCert,
signerCertificateVerified: false
});
}
const signerInfoHashAlgorithm = crypto.getAlgorithmByOID(signerInfo.digestAlgorithm.algorithmId);
if (!("name" in signerInfoHashAlgorithm)) {
throw new SignedDataVerifyError({
date: checkDate,
code: 7,
message: `Unsupported signature algorithm: ${signerInfo.digestAlgorithm.algorithmId}`,
signerCertificate: signerCert,
signerCertificateVerified: true
});
}
shaAlgorithm = signerInfoHashAlgorithm.name;
const eContent = this.encapContentInfo.eContent;
if (eContent) {
if ((eContent.idBlock.tagClass === 1) &&
(eContent.idBlock.tagNumber === 4)) {
data = eContent.getValue();
}
else
data = eContent.valueBlock.valueBeforeDecodeView.slice().buffer;
}
else {
if (data.byteLength === 0) {
throw new SignedDataVerifyError({
date: checkDate,
code: 8,
message: "Missed detached data input array",
signerCertificate: signerCert,
signerCertificateVerified: true
});
}
}
if (signerInfo.signedAttrs) {
let foundContentType = false;
let foundMessageDigest = false;
for (const attribute of signerInfo.signedAttrs.attributes) {
if (attribute.type === "1.2.840.113549.1.9.3")
foundContentType = true;
if (attribute.type === "1.2.840.113549.1.9.4") {
foundMessageDigest = true;
messageDigestValue = attribute.values[0].valueBlock.valueHex;
}
if (foundContentType && foundMessageDigest)
break;
}
if (foundContentType === false) {
throw new SignedDataVerifyError({
date: checkDate,
code: 9,
message: "Attribute \"content-type\" is a mandatory attribute for \"signed attributes\"",
signerCertificate: signerCert,
signerCertificateVerified: true
});
}
if (foundMessageDigest === false) {
throw new SignedDataVerifyError({
date: checkDate,
code: 10,
message: "Attribute \"message-digest\" is a mandatory attribute for \"signed attributes\"",
signatureVerified: null,
signerCertificate: signerCert,
signerCertificateVerified: true
});
}
}
if (signerInfo.signedAttrs) {
const messageDigest = await crypto.digest(shaAlgorithm, new Uint8Array(data));
if (!isEqualBuffer(messageDigest, messageDigestValue)) {
throw new SignedDataVerifyError({
date: checkDate,
code: 15,
message: "Error during verification: Message digest doesn't match",
signatureVerified: null,
signerCertificate: signerCert,
timestampSerial,
signerCertificateVerified: true
});
}
data = signerInfo.signedAttrs.encodedValue;
}
const verifyResult = signerInfo.signatureAlgorithm.algorithmId === "1.2.840.113549.1.1.1"
? await crypto.verifyWithPublicKey(data, signerInfo.signature, signerCert.subjectPublicKeyInfo, signerInfo.signatureAlgorithm, shaAlgorithm)
: await crypto.verifyWithPublicKey(data, signerInfo.signature, signerCert.subjectPublicKeyInfo, signerInfo.signatureAlgorithm);
if (extendedMode) {
return {
date: checkDate,
code: 14,
message: EMPTY_STRING,
signatureVerified: verifyResult,
signerCertificate: signerCert,
timestampSerial,
signerCertificateVerified: true,
certificatePath
};
}
else {
return verifyResult;
}
}
catch (e) {
if (e instanceof SignedDataVerifyError) {
throw e;
}
throw new SignedDataVerifyError({
date: checkDate,
code: 15,
message: `Error during verification: ${e instanceof Error ? e.message : e}`,
signatureVerified: null,
signerCertificate: signerCert,
timestampSerial,
signerCertificateVerified: true
});
}
}
async sign(privateKey, signerIndex, hashAlgorithm = "SHA-1", data = (EMPTY_BUFFER), crypto = getCrypto(true)) {
var _a;
if (!privateKey)
throw new Error("Need to provide a private key for signing");
const signerInfo = this.signerInfos[signerIndex];
if (!signerInfo) {
throw new RangeError("SignerInfo index is out of range");
}
if (!((_a = signerInfo.signedAttrs) === null || _a === void 0 ? void 0 : _a.attributes.length) && "hash" in privateKey.algorithm && "hash" in privateKey.algorithm && privateKey.algorithm.hash) {
hashAlgorithm = privateKey.algorithm.hash.name;
}
const hashAlgorithmOID = crypto.getOIDByAlgorithm({ name: hashAlgorithm }, true, "hashAlgorithm");
if ((this.digestAlgorithms.filter(algorithm => algorithm.algorithmId === hashAlgorithmOID)).length === 0) {
this.digestAlgorithms.push(new AlgorithmIdentifier({
algorithmId: hashAlgorithmOID,
algorithmParams: new Null()
}));
}
signerInfo.digestAlgorithm = new AlgorithmIdentifier({
algorithmId: hashAlgorithmOID,
algorithmParams: new Null()
});
const signatureParams = await crypto.getSignatureParameters(privateKey, hashAlgorithm);
const parameters = signatureParams.parameters;
signerInfo.signatureAlgorithm = signatureParams.signatureAlgorithm;
if (signerInfo.signedAttrs) {
if (signerInfo.signedAttrs.encodedValue.byteLength !== 0)
data = signerInfo.signedAttrs.encodedValue;
else {
data = signerInfo.signedAttrs.toSchema().toBER();
const view = BufferSourceConverter.toUint8Array(data);
view[0] = 0x31;
}
}
else {
const eContent = this.encapContentInfo.eContent;
if (eContent) {
if ((eContent.idBlock.tagClass === 1) &&
(eContent.idBlock.tagNumber === 4)) {
data = eContent.getValue();
}
else
data = eContent.valueBlock.valueBeforeDecodeView.slice().buffer;
}
else {
if (data.byteLength === 0)
throw new Error("Missed detached data input array");
}
}
const signature = await crypto.signWithPrivateKey(data, privateKey, parameters);
signerInfo.signature = new OctetString({ valueHex: signature });
}
}
SignedData.CLASS_NAME = "SignedData";
SignedData.ID_DATA = id_ContentType_Data;
const VERSION$1 = "version";
const AUTH_SAFE = "authSafe";
const MAC_DATA = "macData";
const PARSED_VALUE = "parsedValue";
const CLERA_PROPS = [
VERSION$1,
AUTH_SAFE,
MAC_DATA
];
class PFX extends PkiObject {
constructor(parameters = {}) {
super();
this.version = getParametersValue(parameters, VERSION$1, PFX.defaultValues(VERSION$1));
this.authSafe = getParametersValue(parameters, AUTH_SAFE, PFX.defaultValues(AUTH_SAFE));
if (MAC_DATA in parameters) {
this.macData = getParametersValue(parameters, MAC_DATA, PFX.defaultValues(MAC_DATA));
}
if (PARSED_VALUE in parameters) {
this.parsedValue = getParametersValue(parameters, PARSED_VALUE, PFX.defaultValues(PARSED_VALUE));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case VERSION$1:
return 3;
case AUTH_SAFE:
return (new ContentInfo());
case MAC_DATA:
return (new MacData());
case PARSED_VALUE:
return {};
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case VERSION$1:
return (memberValue === PFX.defaultValues(memberName));
case AUTH_SAFE:
return ((ContentInfo.compareWithDefault("contentType", memberValue.contentType)) &&
(ContentInfo.compareWithDefault("content", memberValue.content)));
case MAC_DATA:
return ((MacData.compareWithDefault("mac", memberValue.mac)) &&
(MacData.compareWithDefault("macSalt", memberValue.macSalt)) &&
(MacData.compareWithDefault("iterations", memberValue.iterations)));
case PARSED_VALUE:
return ((memberValue instanceof Object) && (Object.keys(memberValue).length === 0));
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Integer({ name: (names.version || VERSION$1) }),
ContentInfo.schema(names.authSafe || {
names: {
blockName: AUTH_SAFE
}
}),
MacData.schema(names.macData || {
names: {
blockName: MAC_DATA,
optional: true
}
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLERA_PROPS);
const asn1 = compareSchema(schema, schema, PFX.schema({
names: {
version: VERSION$1,
authSafe: {
names: {
blockName: AUTH_SAFE
}
},
macData: {
names: {
blockName: MAC_DATA
}
}
}
}));
AsnError.assertSchema(asn1, this.className);
this.version = asn1.result.version.valueBlock.valueDec;
this.authSafe = new ContentInfo({ schema: asn1.result.authSafe });
if (MAC_DATA in asn1.result)
this.macData = new MacData({ schema: asn1.result.macData });
}
toSchema() {
const outputArray = [
new Integer({ value: this.version }),
this.authSafe.toSchema()
];
if (this.macData) {
outputArray.push(this.macData.toSchema());
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const output = {
version: this.version,
authSafe: this.authSafe.toJSON()
};
if (this.macData) {
output.macData = this.macData.toJSON();
}
return output;
}
async makeInternalValues(parameters = {}, crypto = getCrypto(true)) {
ArgumentError.assert(parameters, "parameters", "object");
if (!this.parsedValue) {
throw new Error("Please call \"parseValues\" function first in order to make \"parsedValue\" data");
}
ParameterError.assertEmpty(this.parsedValue.integrityMode, "integrityMode", "parsedValue");
ParameterError.assertEmpty(this.parsedValue.authenticatedSafe, "authenticatedSafe", "parsedValue");
switch (this.parsedValue.integrityMode) {
case 0:
{
if (!("iterations" in parameters))
throw new ParameterError("iterations");
ParameterError.assertEmpty(parameters.pbkdf2HashAlgorithm, "pbkdf2HashAlgorithm");
ParameterError.assertEmpty(parameters.hmacHashAlgorithm, "hmacHashAlgorithm");
ParameterError.assertEmpty(parameters.password, "password");
const saltBuffer = new ArrayBuffer(64);
const saltView = new Uint8Array(saltBuffer);
crypto.getRandomValues(saltView);
const data = this.parsedValue.authenticatedSafe.toSchema().toBER(false);
this.authSafe = new ContentInfo({
contentType: ContentInfo.DATA,
content: new OctetString({ valueHex: data })
});
const result = await crypto.stampDataWithPassword({
password: parameters.password,
hashAlgorithm: parameters.hmacHashAlgorithm,
salt: saltBuffer,
iterationCount: parameters.iterations,
contentToStamp: data
});
this.macData = new MacData({
mac: new DigestInfo({
digestAlgorithm: new AlgorithmIdentifier({
algorithmId: crypto.getOIDByAlgorithm({ name: parameters.hmacHashAlgorithm }, true, "hmacHashAlgorithm"),
}),
digest: new OctetString({ valueHex: result })
}),
macSalt: new OctetString({ valueHex: saltBuffer }),
iterations: parameters.iterations
});
}
break;
case 1:
{
if (!("signingCertificate" in parameters)) {
throw new ParameterError("signingCertificate");
}
ParameterError.assertEmpty(parameters.privateKey, "privateKey");
ParameterError.assertEmpty(parameters.hashAlgorithm, "hashAlgorithm");
const toBeSigned = this.parsedValue.authenticatedSafe.toSchema().toBER(false);
const cmsSigned = new SignedData({
version: 1,
encapContentInfo: new EncapsulatedContentInfo({
eContentType: "1.2.840.113549.1.7.1",
eContent: new OctetString({ valueHex: toBeSigned })
}),
certificates: [parameters.signingCertificate]
});
const result = await crypto.digest({ name: parameters.hashAlgorithm }, new Uint8Array(toBeSigned));
const signedAttr = [];
signedAttr.push(new Attribute({
type: "1.2.840.113549.1.9.3",
values: [
new ObjectIdentifier({ value: "1.2.840.113549.1.7.1" })
]
}));
signedAttr.push(new Attribute({
type: "1.2.840.113549.1.9.5",
values: [
new UTCTime({ valueDate: new Date() })
]
}));
signedAttr.push(new Attribute({
type: "1.2.840.113549.1.9.4",
values: [
new OctetString({ valueHex: result })
]
}));
cmsSigned.signerInfos.push(new SignerInfo({
version: 1,
sid: new IssuerAndSerialNumber({
issuer: parameters.signingCertificate.issuer,
serialNumber: parameters.signingCertificate.serialNumber
}),
signedAttrs: new SignedAndUnsignedAttributes({
type: 0,
attributes: signedAttr
})
}));
await cmsSigned.sign(parameters.privateKey, 0, parameters.hashAlgorithm, undefined, crypto);
this.authSafe = new ContentInfo({
contentType: "1.2.840.113549.1.7.2",
content: cmsSigned.toSchema(true)
});
}
break;
default:
throw new Error(`Parameter "integrityMode" has unknown value: ${this.parsedValue.integrityMode}`);
}
}
async parseInternalValues(parameters, crypto = getCrypto(true)) {
ArgumentError.assert(parameters, "parameters", "object");
if (parameters.checkIntegrity === undefined) {
parameters.checkIntegrity = true;
}
this.parsedValue = {};
switch (this.authSafe.contentType) {
case ContentInfo.DATA:
{
ParameterError.assertEmpty(parameters.password, "password");
this.parsedValue.integrityMode = 0;
ArgumentError.assert(this.authSafe.content, "authSafe.content", OctetString);
const authSafeContent = this.authSafe.content.getValue();
this.parsedValue.authenticatedSafe = AuthenticatedSafe.fromBER(authSafeContent);
if (parameters.checkIntegrity) {
if (!this.macData) {
throw new Error("Absent \"macData\" value, can not check PKCS#12 data integrity");
}
const hashAlgorithm = crypto.getAlgorithmByOID(this.macData.mac.digestAlgorithm.algorithmId, true, "digestAlgorithm");
const result = await crypto.verifyDataStampedWithPassword({
password: parameters.password,
hashAlgorithm: hashAlgorithm.name,
salt: BufferSourceConverter.toArrayBuffer(this.macData.macSalt.valueBlock.valueHexView),
iterationCount: this.macData.iterations || 1,
contentToVerify: authSafeContent,
signatureToVerify: BufferSourceConverter.toArrayBuffer(this.macData.mac.digest.valueBlock.valueHexView),
});
if (!result) {
throw new Error("Integrity for the PKCS#12 data is broken!");
}
}
}
break;
case ContentInfo.SIGNED_DATA:
{
this.parsedValue.integrityMode = 1;
const cmsSigned = new SignedData({ schema: this.authSafe.content });
const eContent = cmsSigned.encapContentInfo.eContent;
ParameterError.assert(eContent, "eContent", "cmsSigned.encapContentInfo");
ArgumentError.assert(eContent, "eContent", OctetString);
const data = eContent.getValue();
this.parsedValue.authenticatedSafe = AuthenticatedSafe.fromBER(data);
const ok = await cmsSigned.verify({ signer: 0, checkChain: false }, crypto);
if (!ok) {
throw new Error("Integrity for the PKCS#12 data is broken!");
}
}
break;
default:
throw new Error(`Incorrect value for "this.authSafe.contentType": ${this.authSafe.contentType}`);
}
}
}
PFX.CLASS_NAME = "PFX";
const STATUS$1 = "status";
const STATUS_STRINGS = "statusStrings";
const FAIL_INFO = "failInfo";
const CLEAR_PROPS$2 = [
STATUS$1,
STATUS_STRINGS,
FAIL_INFO
];
var PKIStatus;
(function (PKIStatus) {
PKIStatus[PKIStatus["granted"] = 0] = "granted";
PKIStatus[PKIStatus["grantedWithMods"] = 1] = "grantedWithMods";
PKIStatus[PKIStatus["rejection"] = 2] = "rejection";
PKIStatus[PKIStatus["waiting"] = 3] = "waiting";
PKIStatus[PKIStatus["revocationWarning"] = 4] = "revocationWarning";
PKIStatus[PKIStatus["revocationNotification"] = 5] = "revocationNotification";
})(PKIStatus || (PKIStatus = {}));
class PKIStatusInfo extends PkiObject {
constructor(parameters = {}) {
super();
this.status = getParametersValue(parameters, STATUS$1, PKIStatusInfo.defaultValues(STATUS$1));
if (STATUS_STRINGS in parameters) {
this.statusStrings = getParametersValue(parameters, STATUS_STRINGS, PKIStatusInfo.defaultValues(STATUS_STRINGS));
}
if (FAIL_INFO in parameters) {
this.failInfo = getParametersValue(parameters, FAIL_INFO, PKIStatusInfo.defaultValues(FAIL_INFO));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case STATUS$1:
return 2;
case STATUS_STRINGS:
return [];
case FAIL_INFO:
return new BitString();
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case STATUS$1:
return (memberValue === PKIStatusInfo.defaultValues(memberName));
case STATUS_STRINGS:
return (memberValue.length === 0);
case FAIL_INFO:
return (memberValue.isEqual(PKIStatusInfo.defaultValues(memberName)));
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || EMPTY_STRING),
value: [
new Integer({ name: (names.status || EMPTY_STRING) }),
new Sequence({
optional: true,
value: [
new Repeated({
name: (names.statusStrings || EMPTY_STRING),
value: new Utf8String()
})
]
}),
new BitString({
name: (names.failInfo || EMPTY_STRING),
optional: true
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$2);
const asn1 = compareSchema(schema, schema, PKIStatusInfo.schema({
names: {
status: STATUS$1,
statusStrings: STATUS_STRINGS,
failInfo: FAIL_INFO
}
}));
AsnError.assertSchema(asn1, this.className);
const _status = asn1.result.status;
if ((_status.valueBlock.isHexOnly === true) ||
(_status.valueBlock.valueDec < 0) ||
(_status.valueBlock.valueDec > 5))
throw new Error("PKIStatusInfo \"status\" has invalid value");
this.status = _status.valueBlock.valueDec;
if (STATUS_STRINGS in asn1.result)
this.statusStrings = asn1.result.statusStrings;
if (FAIL_INFO in asn1.result)
this.failInfo = asn1.result.failInfo;
}
toSchema() {
const outputArray = [];
outputArray.push(new Integer({ value: this.status }));
if (this.statusStrings) {
outputArray.push(new Sequence({
optional: true,
value: this.statusStrings
}));
}
if (this.failInfo) {
outputArray.push(this.failInfo);
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const res = {
status: this.status
};
if (this.statusStrings) {
res.statusStrings = Array.from(this.statusStrings, o => o.toJSON());
}
if (this.failInfo) {
res.failInfo = this.failInfo.toJSON();
}
return res;
}
}
PKIStatusInfo.CLASS_NAME = "PKIStatusInfo";
const VERSION = "version";
const MESSAGE_IMPRINT = "messageImprint";
const REQ_POLICY = "reqPolicy";
const NONCE = "nonce";
const CERT_REQ = "certReq";
const EXTENSIONS = "extensions";
const TIME_STAMP_REQ = "TimeStampReq";
const TIME_STAMP_REQ_VERSION = `${TIME_STAMP_REQ}.${VERSION}`;
const TIME_STAMP_REQ_MESSAGE_IMPRINT = `${TIME_STAMP_REQ}.${MESSAGE_IMPRINT}`;
const TIME_STAMP_REQ_POLICY = `${TIME_STAMP_REQ}.${REQ_POLICY}`;
const TIME_STAMP_REQ_NONCE = `${TIME_STAMP_REQ}.${NONCE}`;
const TIME_STAMP_REQ_CERT_REQ = `${TIME_STAMP_REQ}.${CERT_REQ}`;
const TIME_STAMP_REQ_EXTENSIONS = `${TIME_STAMP_REQ}.${EXTENSIONS}`;
const CLEAR_PROPS$1 = [
TIME_STAMP_REQ_VERSION,
TIME_STAMP_REQ_MESSAGE_IMPRINT,
TIME_STAMP_REQ_POLICY,
TIME_STAMP_REQ_NONCE,
TIME_STAMP_REQ_CERT_REQ,
TIME_STAMP_REQ_EXTENSIONS,
];
class TimeStampReq extends PkiObject {
constructor(parameters = {}) {
super();
this.version = getParametersValue(parameters, VERSION, TimeStampReq.defaultValues(VERSION));
this.messageImprint = getParametersValue(parameters, MESSAGE_IMPRINT, TimeStampReq.defaultValues(MESSAGE_IMPRINT));
if (REQ_POLICY in parameters) {
this.reqPolicy = getParametersValue(parameters, REQ_POLICY, TimeStampReq.defaultValues(REQ_POLICY));
}
if (NONCE in parameters) {
this.nonce = getParametersValue(parameters, NONCE, TimeStampReq.defaultValues(NONCE));
}
if (CERT_REQ in parameters) {
this.certReq = getParametersValue(parameters, CERT_REQ, TimeStampReq.defaultValues(CERT_REQ));
}
if (EXTENSIONS in parameters) {
this.extensions = getParametersValue(parameters, EXTENSIONS, TimeStampReq.defaultValues(EXTENSIONS));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case VERSION:
return 0;
case MESSAGE_IMPRINT:
return new MessageImprint();
case REQ_POLICY:
return EMPTY_STRING;
case NONCE:
return new Integer();
case CERT_REQ:
return false;
case EXTENSIONS:
return [];
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case VERSION:
case REQ_POLICY:
case CERT_REQ:
return (memberValue === TimeStampReq.defaultValues(memberName));
case MESSAGE_IMPRINT:
return ((MessageImprint.compareWithDefault("hashAlgorithm", memberValue.hashAlgorithm)) &&
(MessageImprint.compareWithDefault("hashedMessage", memberValue.hashedMessage)));
case NONCE:
return (memberValue.isEqual(TimeStampReq.defaultValues(memberName)));
case EXTENSIONS:
return (memberValue.length === 0);
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || TIME_STAMP_REQ),
value: [
new Integer({ name: (names.version || TIME_STAMP_REQ_VERSION) }),
MessageImprint.schema(names.messageImprint || {
names: {
blockName: TIME_STAMP_REQ_MESSAGE_IMPRINT
}
}),
new ObjectIdentifier({
name: (names.reqPolicy || TIME_STAMP_REQ_POLICY),
optional: true
}),
new Integer({
name: (names.nonce || TIME_STAMP_REQ_NONCE),
optional: true
}),
new Boolean({
name: (names.certReq || TIME_STAMP_REQ_CERT_REQ),
optional: true
}),
new Constructed({
optional: true,
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: [new Repeated({
name: (names.extensions || TIME_STAMP_REQ_EXTENSIONS),
value: Extension.schema()
})]
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS$1);
const asn1 = compareSchema(schema, schema, TimeStampReq.schema());
AsnError.assertSchema(asn1, this.className);
this.version = asn1.result[TIME_STAMP_REQ_VERSION].valueBlock.valueDec;
this.messageImprint = new MessageImprint({ schema: asn1.result[TIME_STAMP_REQ_MESSAGE_IMPRINT] });
if (TIME_STAMP_REQ_POLICY in asn1.result)
this.reqPolicy = asn1.result[TIME_STAMP_REQ_POLICY].valueBlock.toString();
if (TIME_STAMP_REQ_NONCE in asn1.result)
this.nonce = asn1.result[TIME_STAMP_REQ_NONCE];
if (TIME_STAMP_REQ_CERT_REQ in asn1.result)
this.certReq = asn1.result[TIME_STAMP_REQ_CERT_REQ].valueBlock.value;
if (TIME_STAMP_REQ_EXTENSIONS in asn1.result)
this.extensions = Array.from(asn1.result[TIME_STAMP_REQ_EXTENSIONS], element => new Extension({ schema: element }));
}
toSchema() {
const outputArray = [];
outputArray.push(new Integer({ value: this.version }));
outputArray.push(this.messageImprint.toSchema());
if (this.reqPolicy)
outputArray.push(new ObjectIdentifier({ value: this.reqPolicy }));
if (this.nonce)
outputArray.push(this.nonce);
if ((CERT_REQ in this) && (TimeStampReq.compareWithDefault(CERT_REQ, this.certReq) === false))
outputArray.push(new Boolean({ value: this.certReq }));
if (this.extensions) {
outputArray.push(new Constructed({
idBlock: {
tagClass: 3,
tagNumber: 0
},
value: Array.from(this.extensions, o => o.toSchema())
}));
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const res = {
version: this.version,
messageImprint: this.messageImprint.toJSON()
};
if (this.reqPolicy !== undefined)
res.reqPolicy = this.reqPolicy;
if (this.nonce !== undefined)
res.nonce = this.nonce.toJSON();
if ((this.certReq !== undefined) && (TimeStampReq.compareWithDefault(CERT_REQ, this.certReq) === false))
res.certReq = this.certReq;
if (this.extensions) {
res.extensions = Array.from(this.extensions, o => o.toJSON());
}
return res;
}
}
TimeStampReq.CLASS_NAME = "TimeStampReq";
const STATUS = "status";
const TIME_STAMP_TOKEN = "timeStampToken";
const TIME_STAMP_RESP = "TimeStampResp";
const TIME_STAMP_RESP_STATUS = `${TIME_STAMP_RESP}.${STATUS}`;
const TIME_STAMP_RESP_TOKEN = `${TIME_STAMP_RESP}.${TIME_STAMP_TOKEN}`;
const CLEAR_PROPS = [
TIME_STAMP_RESP_STATUS,
TIME_STAMP_RESP_TOKEN
];
class TimeStampResp extends PkiObject {
constructor(parameters = {}) {
super();
this.status = getParametersValue(parameters, STATUS, TimeStampResp.defaultValues(STATUS));
if (TIME_STAMP_TOKEN in parameters) {
this.timeStampToken = getParametersValue(parameters, TIME_STAMP_TOKEN, TimeStampResp.defaultValues(TIME_STAMP_TOKEN));
}
if (parameters.schema) {
this.fromSchema(parameters.schema);
}
}
static defaultValues(memberName) {
switch (memberName) {
case STATUS:
return new PKIStatusInfo();
case TIME_STAMP_TOKEN:
return new ContentInfo();
default:
return super.defaultValues(memberName);
}
}
static compareWithDefault(memberName, memberValue) {
switch (memberName) {
case STATUS:
return ((PKIStatusInfo.compareWithDefault(STATUS, memberValue.status)) &&
(("statusStrings" in memberValue) === false) &&
(("failInfo" in memberValue) === false));
case TIME_STAMP_TOKEN:
return ((memberValue.contentType === EMPTY_STRING) &&
(memberValue.content instanceof Any));
default:
return super.defaultValues(memberName);
}
}
static schema(parameters = {}) {
const names = getParametersValue(parameters, "names", {});
return (new Sequence({
name: (names.blockName || TIME_STAMP_RESP),
value: [
PKIStatusInfo.schema(names.status || {
names: {
blockName: TIME_STAMP_RESP_STATUS
}
}),
ContentInfo.schema(names.timeStampToken || {
names: {
blockName: TIME_STAMP_RESP_TOKEN,
optional: true
}
})
]
}));
}
fromSchema(schema) {
clearProps(schema, CLEAR_PROPS);
const asn1 = compareSchema(schema, schema, TimeStampResp.schema());
AsnError.assertSchema(asn1, this.className);
this.status = new PKIStatusInfo({ schema: asn1.result[TIME_STAMP_RESP_STATUS] });
if (TIME_STAMP_RESP_TOKEN in asn1.result)
this.timeStampToken = new ContentInfo({ schema: asn1.result[TIME_STAMP_RESP_TOKEN] });
}
toSchema() {
const outputArray = [];
outputArray.push(this.status.toSchema());
if (this.timeStampToken) {
outputArray.push(this.timeStampToken.toSchema());
}
return (new Sequence({
value: outputArray
}));
}
toJSON() {
const res = {
status: this.status.toJSON()
};
if (this.timeStampToken) {
res.timeStampToken = this.timeStampToken.toJSON();
}
return res;
}
async sign(privateKey, hashAlgorithm, crypto = getCrypto(true)) {
this.assertContentType();
const signed = new SignedData({ schema: this.timeStampToken.content });
return signed.sign(privateKey, 0, hashAlgorithm, undefined, crypto);
}
async verify(verificationParameters = { signer: 0, trustedCerts: [], data: EMPTY_BUFFER }, crypto = getCrypto(true)) {
this.assertContentType();
const signed = new SignedData({ schema: this.timeStampToken.content });
return signed.verify(verificationParameters, crypto);
}
assertContentType() {
if (!this.timeStampToken) {
throw new Error("timeStampToken is absent in TSP response");
}
if (this.timeStampToken.contentType !== id_ContentType_SignedData) {
throw new Error(`Wrong format of timeStampToken: ${this.timeStampToken.contentType}`);
}
}
}
TimeStampResp.CLASS_NAME = "TimeStampResp";
function initCryptoEngine() {
if (typeof globalThis !== "undefined" && "crypto" in globalThis) {
let engineName = "webcrypto";
if ("webkitSubtle" in globalThis.crypto) {
engineName = "safari";
}
setEngine(engineName, new CryptoEngine({ name: engineName, crypto: globalThis.crypto }));
}
else if (typeof crypto !== "undefined" && "webcrypto" in crypto) {
const name = "NodeJS ^15";
const nodeCrypto = crypto.webcrypto;
setEngine(name, new CryptoEngine({ name, crypto: nodeCrypto }));
}
}
initCryptoEngine();
export { AbstractCryptoEngine, AccessDescription, Accuracy, AlgorithmIdentifier, AltName, ArgumentError, AsnError, AttCertValidityPeriod, Attribute, AttributeCertificateInfoV1, AttributeCertificateInfoV2, AttributeCertificateV1, AttributeCertificateV2, AttributeTypeAndValue, AuthenticatedSafe, AuthorityKeyIdentifier, BasicConstraints, BasicOCSPResponse, CAVersion, CRLBag, CRLDistributionPoints, CertBag, CertID, Certificate, CertificateChainValidationEngine, CertificatePolicies, CertificateRevocationList, CertificateSet, CertificateTemplate, CertificationRequest, ChainValidationCode, ChainValidationError, ContentInfo, CryptoEngine, DigestInfo, DistributionPoint, ECCCMSSharedInfo, ECNamedCurves, ECPrivateKey, ECPublicKey, EncapsulatedContentInfo, EncryptedContentInfo, EncryptedData, EnvelopedData, ExtKeyUsage, Extension, ExtensionValueFactory, Extensions, GeneralName, GeneralNames, GeneralSubtree, HASHED_MESSAGE, HASH_ALGORITHM, Holder, InfoAccess, IssuerAndSerialNumber, IssuerSerial, IssuingDistributionPoint, KEKIdentifier, KEKRecipientInfo, KeyAgreeRecipientIdentifier, KeyAgreeRecipientInfo, KeyBag, KeyTransRecipientInfo, MICROS, MILLIS, MacData, MessageImprint, NameConstraints, OCSPRequest, OCSPResponse, ObjectDigestInfo, OriginatorIdentifierOrKey, OriginatorInfo, OriginatorPublicKey, OtherCertificateFormat, OtherKeyAttribute, OtherPrimeInfo, OtherRecipientInfo, OtherRevocationInfoFormat, PBES2Params, PBKDF2Params, PFX, PKCS8ShroudedKeyBag, PKIStatus, PKIStatusInfo, POLICY_IDENTIFIER, POLICY_QUALIFIERS, ParameterError, PasswordRecipientinfo, PkiObject, PolicyConstraints, PolicyInformation, PolicyMapping, PolicyMappings, PolicyQualifierInfo, PrivateKeyInfo, PrivateKeyUsagePeriod, PublicKeyInfo, QCStatement, QCStatements, RDN, RSAESOAEPParams, RSAPrivateKey, RSAPublicKey, RSASSAPSSParams, RecipientEncryptedKey, RecipientEncryptedKeys, RecipientIdentifier, RecipientInfo, RecipientKeyIdentifier, RelativeDistinguishedNames, Request, ResponseBytes, ResponseData, RevocationInfoChoices, RevokedCertificate, SECONDS, SafeBag, SafeBagValueFactory, SafeContents, SecretBag, Signature, SignedAndUnsignedAttributes, SignedCertificateTimestamp, SignedCertificateTimestampList, SignedData, SignedDataVerifyError, SignerInfo, SingleResponse, SubjectDirectoryAttributes, TBSRequest, TSTInfo, TYPE$4 as TYPE, TYPE_AND_VALUES, Time, TimeStampReq, TimeStampResp, TimeType, V2Form, VALUE$5 as VALUE, VALUE_BEFORE_DECODE, checkCA, createCMSECDSASignature, createECDSASignatureFromCMS, engine, getAlgorithmByOID, getAlgorithmParameters, getCrypto, getEngine, getHashAlgorithm, getOIDByAlgorithm, getRandomValues, id_AnyPolicy, id_AuthorityInfoAccess, id_AuthorityKeyIdentifier, id_BaseCRLNumber, id_BasicConstraints, id_CRLBag_X509CRL, id_CRLDistributionPoints, id_CRLNumber, id_CRLReason, id_CertBag_AttributeCertificate, id_CertBag_SDSICertificate, id_CertBag_X509Certificate, id_CertificateIssuer, id_CertificatePolicies, id_ContentType_Data, id_ContentType_EncryptedData, id_ContentType_EnvelopedData, id_ContentType_SignedData, id_ExtKeyUsage, id_FreshestCRL, id_InhibitAnyPolicy, id_InvalidityDate, id_IssuerAltName, id_IssuingDistributionPoint, id_KeyUsage, id_MicrosoftAppPolicies, id_MicrosoftCaVersion, id_MicrosoftCertTemplateV1, id_MicrosoftCertTemplateV2, id_MicrosoftPrevCaCertHash, id_NameConstraints, id_PKIX_OCSP_Basic, id_PolicyConstraints, id_PolicyMappings, id_PrivateKeyUsagePeriod, id_QCStatements, id_SignedCertificateTimestampList, id_SubjectAltName, id_SubjectDirectoryAttributes, id_SubjectInfoAccess, id_SubjectKeyIdentifier, id_ad, id_ad_caIssuers, id_ad_ocsp, id_eContentType_TSTInfo, id_pkix, id_sha1, id_sha256, id_sha384, id_sha512, kdf, setEngine, stringPrep, verifySCTsForCertificate };