/*! * Copyright (c) 2014, GlobalSign * Copyright (c) 2015-2019, Peculiar Ventures * All rights reserved. * * Author 2014-2019, Yury Strozhevsky * * Redistribution and use in source and binary forms, with or without modification, * are permitted provided that the following conditions are met: * * * Redistributions of source code must retain the above copyright notice, this * list of conditions and the following disclaimer. * * * Redistributions in binary form must reproduce the above copyright notice, this * list of conditions and the following disclaimer in the documentation and/or * other materials provided with the distribution. * * * Neither the name of the {organization} nor the names of its * contributors may be used to endorse or promote products derived from * this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ 'use strict'; var asn1js = require('asn1js'); var pvtsutils = require('pvtsutils'); var pvutils = require('pvutils'); var bs = require('bytestreamjs'); var sha1 = require('@noble/hashes/sha1'); var sha2 = require('@noble/hashes/sha2'); function _interopNamespaceDefault(e) { var n = Object.create(null); if (e) { Object.keys(e).forEach(function (k) { if (k !== 'default') { var d = Object.getOwnPropertyDescriptor(e, k); Object.defineProperty(n, k, d.get ? d : { enumerable: true, get: function () { return e[k]; } }); } }); } n.default = e; return Object.freeze(n); } var asn1js__namespace = /*#__PURE__*/_interopNamespaceDefault(asn1js); var pvtsutils__namespace = /*#__PURE__*/_interopNamespaceDefault(pvtsutils); var pvutils__namespace = /*#__PURE__*/_interopNamespaceDefault(pvutils); var bs__namespace = /*#__PURE__*/_interopNamespaceDefault(bs); const EMPTY_BUFFER = new ArrayBuffer(0); const EMPTY_STRING = ""; class ArgumentError extends TypeError { constructor() { super(...arguments); this.name = ArgumentError.NAME; } static isType(value, type) { if (typeof type === "string") { if (type === "Array" && Array.isArray(value)) { return true; } else if (type === "ArrayBuffer" && value instanceof ArrayBuffer) { return true; } else if (type === "ArrayBufferView" && ArrayBuffer.isView(value)) { return true; } else if (typeof value === type) { return true; } } else if (value instanceof type) { return true; } return false; } static assert(value, name, ...types) { for (const type of types) { if (this.isType(value, type)) { return; } } const typeNames = types.map(o => o instanceof Function && "name" in o ? o.name : `${o}`); throw new ArgumentError(`Parameter '${name}' is not of type ${typeNames.length > 1 ? `(${typeNames.join(" or ")})` : typeNames[0]}`); } } ArgumentError.NAME = "ArgumentError"; class ParameterError extends TypeError { static assert(...args) { let target = null; let params; let fields; if (typeof args[0] === "string") { target = args[0]; params = args[1]; fields = args.slice(2); } else { params = args[0]; fields = args.slice(1); } ArgumentError.assert(params, "parameters", "object"); for (const field of fields) { const value = params[field]; if (value === undefined || value === null) { throw new ParameterError(field, target); } } } static assertEmpty(value, name, target) { if (value === undefined || value === null) { throw new ParameterError(name, target); } } constructor(field, target = null, message) { super(); this.name = ParameterError.NAME; this.field = field; if (target) { this.target = target; } if (message) { this.message = message; } else { this.message = `Absent mandatory parameter '${field}' ${target ? ` in '${target}'` : EMPTY_STRING}`; } } } ParameterError.NAME = "ParameterError"; class AsnError extends Error { static assertSchema(asn1, target) { if (!asn1.verified) { throw new Error(`Object's schema was not verified against input data for ${target}`); } } static assert(asn, target) { if (asn.offset === -1) { throw new AsnError(`Error during parsing of ASN.1 data. Data is not correct for '${target}'.`); } } constructor(message) { super(message); this.name = "AsnError"; } } class PkiObject { static blockName() { return this.CLASS_NAME; } static fromBER(raw) { const asn1 = asn1js__namespace.fromBER(raw); AsnError.assert(asn1, this.name); try { return new this({ schema: asn1.result }); } catch (e) { throw new AsnError(`Cannot create '${this.CLASS_NAME}' from ASN.1 object`); } } static defaultValues(memberName) { throw new Error(`Invalid member name for ${this.CLASS_NAME} class: ${memberName}`); } static schema(parameters = {}) { throw new Error(`Method '${this.CLASS_NAME}.schema' should be overridden`); } get className() { return this.constructor.CLASS_NAME; } toString(encoding = "hex") { let schema; try { schema = this.toSchema(); } catch { schema = this.toSchema(true); } return pvtsutils__namespace.Convert.ToString(schema.toBER(), encoding); } } PkiObject.CLASS_NAME = "PkiObject"; function stringPrep(inputString) { let isSpace = false; let cutResult = EMPTY_STRING; const result = inputString.trim(); for (let i = 0; i < result.length; i++) { if (result.charCodeAt(i) === 32) { if (isSpace === false) isSpace = true; } else { if (isSpace) { cutResult += " "; isSpace = false; } cutResult += result[i]; } } return cutResult.toLowerCase(); } const TYPE$5 = "type"; const VALUE$6 = "value"; class AttributeTypeAndValue extends PkiObject { constructor(parameters = {}) { super(); this.type = pvutils__namespace.getParametersValue(parameters, TYPE$5, AttributeTypeAndValue.defaultValues(TYPE$5)); this.value = pvutils__namespace.getParametersValue(parameters, VALUE$6, AttributeTypeAndValue.defaultValues(VALUE$6)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case TYPE$5: return EMPTY_STRING; case VALUE$6: return {}; default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.ObjectIdentifier({ name: (names.type || EMPTY_STRING) }), new asn1js__namespace.Any({ name: (names.value || EMPTY_STRING) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, [ TYPE$5, "typeValue" ]); const asn1 = asn1js__namespace.compareSchema(schema, schema, AttributeTypeAndValue.schema({ names: { type: TYPE$5, value: "typeValue" } })); AsnError.assertSchema(asn1, this.className); this.type = asn1.result.type.valueBlock.toString(); this.value = asn1.result.typeValue; } toSchema() { return (new asn1js__namespace.Sequence({ value: [ new asn1js__namespace.ObjectIdentifier({ value: this.type }), this.value ] })); } toJSON() { const _object = { type: this.type }; if (Object.keys(this.value).length !== 0) { _object.value = (this.value).toJSON(); } else { _object.value = this.value; } return _object; } isEqual(compareTo) { const stringBlockNames = [ asn1js__namespace.Utf8String.blockName(), asn1js__namespace.BmpString.blockName(), asn1js__namespace.UniversalString.blockName(), asn1js__namespace.NumericString.blockName(), asn1js__namespace.PrintableString.blockName(), asn1js__namespace.TeletexString.blockName(), asn1js__namespace.VideotexString.blockName(), asn1js__namespace.IA5String.blockName(), asn1js__namespace.GraphicString.blockName(), asn1js__namespace.VisibleString.blockName(), asn1js__namespace.GeneralString.blockName(), asn1js__namespace.CharacterString.blockName() ]; if (compareTo instanceof ArrayBuffer) { return pvtsutils__namespace.BufferSourceConverter.isEqual(this.value.valueBeforeDecodeView, compareTo); } if (compareTo.constructor.blockName() === AttributeTypeAndValue.blockName()) { if (this.type !== compareTo.type) return false; const isStringPair = [false, false]; const thisName = this.value.constructor.blockName(); for (const name of stringBlockNames) { if (thisName === name) { isStringPair[0] = true; } if (compareTo.value.constructor.blockName() === name) { isStringPair[1] = true; } } if (isStringPair[0] !== isStringPair[1]) { return false; } const isString = (isStringPair[0] && isStringPair[1]); if (isString) { const value1 = stringPrep(this.value.valueBlock.value); const value2 = stringPrep(compareTo.value.valueBlock.value); if (value1.localeCompare(value2) !== 0) return false; } else { if (!pvtsutils__namespace.BufferSourceConverter.isEqual(this.value.valueBeforeDecodeView, compareTo.value.valueBeforeDecodeView)) return false; } return true; } return false; } } AttributeTypeAndValue.CLASS_NAME = "AttributeTypeAndValue"; const TYPE_AND_VALUES = "typesAndValues"; const VALUE_BEFORE_DECODE = "valueBeforeDecode"; const RDN = "RDN"; class RelativeDistinguishedNames extends PkiObject { constructor(parameters = {}) { super(); this.typesAndValues = pvutils__namespace.getParametersValue(parameters, TYPE_AND_VALUES, RelativeDistinguishedNames.defaultValues(TYPE_AND_VALUES)); this.valueBeforeDecode = pvutils__namespace.getParametersValue(parameters, VALUE_BEFORE_DECODE, RelativeDistinguishedNames.defaultValues(VALUE_BEFORE_DECODE)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case TYPE_AND_VALUES: return []; case VALUE_BEFORE_DECODE: return EMPTY_BUFFER; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case TYPE_AND_VALUES: return (memberValue.length === 0); case VALUE_BEFORE_DECODE: return (memberValue.byteLength === 0); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Repeated({ name: (names.repeatedSequence || EMPTY_STRING), value: new asn1js__namespace.Set({ value: [ new asn1js__namespace.Repeated({ name: (names.repeatedSet || EMPTY_STRING), value: AttributeTypeAndValue.schema(names.typeAndValue || {}) }) ] }) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, [ RDN, TYPE_AND_VALUES ]); const asn1 = asn1js__namespace.compareSchema(schema, schema, RelativeDistinguishedNames.schema({ names: { blockName: RDN, repeatedSet: TYPE_AND_VALUES } })); AsnError.assertSchema(asn1, this.className); if (TYPE_AND_VALUES in asn1.result) { this.typesAndValues = Array.from(asn1.result.typesAndValues, element => new AttributeTypeAndValue({ schema: element })); } this.valueBeforeDecode = asn1.result.RDN.valueBeforeDecodeView.slice().buffer; } toSchema() { if (this.valueBeforeDecode.byteLength === 0) { return (new asn1js__namespace.Sequence({ value: [new asn1js__namespace.Set({ value: Array.from(this.typesAndValues, o => o.toSchema()) })] })); } const asn1 = asn1js__namespace.fromBER(this.valueBeforeDecode); AsnError.assert(asn1, "RelativeDistinguishedNames"); if (!(asn1.result instanceof asn1js__namespace.Sequence)) { throw new Error("ASN.1 result should be SEQUENCE"); } return asn1.result; } toJSON() { return { typesAndValues: Array.from(this.typesAndValues, o => o.toJSON()) }; } isEqual(compareTo) { if (compareTo instanceof RelativeDistinguishedNames) { if (this.typesAndValues.length !== compareTo.typesAndValues.length) return false; for (const [index, typeAndValue] of this.typesAndValues.entries()) { if (typeAndValue.isEqual(compareTo.typesAndValues[index]) === false) return false; } return true; } if (compareTo instanceof ArrayBuffer) { return pvutils__namespace.isEqualBuffer(this.valueBeforeDecode, compareTo); } return false; } } RelativeDistinguishedNames.CLASS_NAME = "RelativeDistinguishedNames"; const TYPE$4 = "type"; const VALUE$5 = "value"; function builtInStandardAttributes(parameters = {}, optional = false) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ optional, value: [ new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 2, tagNumber: 1 }, name: (names.country_name || EMPTY_STRING), value: [ new asn1js__namespace.Choice({ value: [ new asn1js__namespace.NumericString(), new asn1js__namespace.PrintableString() ] }) ] }), new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 2, tagNumber: 2 }, name: (names.administration_domain_name || EMPTY_STRING), value: [ new asn1js__namespace.Choice({ value: [ new asn1js__namespace.NumericString(), new asn1js__namespace.PrintableString() ] }) ] }), new asn1js__namespace.Primitive({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, name: (names.network_address || EMPTY_STRING), isHexOnly: true }), new asn1js__namespace.Primitive({ optional: true, idBlock: { tagClass: 3, tagNumber: 1 }, name: (names.terminal_identifier || EMPTY_STRING), isHexOnly: true }), new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 2 }, name: (names.private_domain_name || EMPTY_STRING), value: [ new asn1js__namespace.Choice({ value: [ new asn1js__namespace.NumericString(), new asn1js__namespace.PrintableString() ] }) ] }), new asn1js__namespace.Primitive({ optional: true, idBlock: { tagClass: 3, tagNumber: 3 }, name: (names.organization_name || EMPTY_STRING), isHexOnly: true }), new asn1js__namespace.Primitive({ optional: true, name: (names.numeric_user_identifier || EMPTY_STRING), idBlock: { tagClass: 3, tagNumber: 4 }, isHexOnly: true }), new asn1js__namespace.Constructed({ optional: true, name: (names.personal_name || EMPTY_STRING), idBlock: { tagClass: 3, tagNumber: 5 }, value: [ new asn1js__namespace.Primitive({ idBlock: { tagClass: 3, tagNumber: 0 }, isHexOnly: true }), new asn1js__namespace.Primitive({ optional: true, idBlock: { tagClass: 3, tagNumber: 1 }, isHexOnly: true }), new asn1js__namespace.Primitive({ optional: true, idBlock: { tagClass: 3, tagNumber: 2 }, isHexOnly: true }), new asn1js__namespace.Primitive({ optional: true, idBlock: { tagClass: 3, tagNumber: 3 }, isHexOnly: true }) ] }), new asn1js__namespace.Constructed({ optional: true, name: (names.organizational_unit_names || EMPTY_STRING), idBlock: { tagClass: 3, tagNumber: 6 }, value: [ new asn1js__namespace.Repeated({ value: new asn1js__namespace.PrintableString() }) ] }) ] })); } function builtInDomainDefinedAttributes(optional = false) { return (new asn1js__namespace.Sequence({ optional, value: [ new asn1js__namespace.PrintableString(), new asn1js__namespace.PrintableString() ] })); } function extensionAttributes(optional = false) { return (new asn1js__namespace.Set({ optional, value: [ new asn1js__namespace.Primitive({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, isHexOnly: true }), new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 1 }, value: [new asn1js__namespace.Any()] }) ] })); } class GeneralName extends PkiObject { constructor(parameters = {}) { super(); this.type = pvutils__namespace.getParametersValue(parameters, TYPE$4, GeneralName.defaultValues(TYPE$4)); this.value = pvutils__namespace.getParametersValue(parameters, VALUE$5, GeneralName.defaultValues(VALUE$5)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case TYPE$4: return 9; case VALUE$5: return {}; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case TYPE$4: return (memberValue === GeneralName.defaultValues(memberName)); case VALUE$5: return (Object.keys(memberValue).length === 0); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Choice({ value: [ new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.ObjectIdentifier(), new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: [new asn1js__namespace.Any()] }) ] }), new asn1js__namespace.Primitive({ name: (names.blockName || EMPTY_STRING), idBlock: { tagClass: 3, tagNumber: 1 } }), new asn1js__namespace.Primitive({ name: (names.blockName || EMPTY_STRING), idBlock: { tagClass: 3, tagNumber: 2 } }), new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 3 }, name: (names.blockName || EMPTY_STRING), value: [ builtInStandardAttributes((names.builtInStandardAttributes || {}), false), builtInDomainDefinedAttributes(true), extensionAttributes(true) ] }), new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 4 }, name: (names.blockName || EMPTY_STRING), value: [RelativeDistinguishedNames.schema(names.directoryName || {})] }), new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 5 }, name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: [ new asn1js__namespace.Choice({ value: [ new asn1js__namespace.TeletexString(), new asn1js__namespace.PrintableString(), new asn1js__namespace.UniversalString(), new asn1js__namespace.Utf8String(), new asn1js__namespace.BmpString() ] }) ] }), new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 1 }, value: [ new asn1js__namespace.Choice({ value: [ new asn1js__namespace.TeletexString(), new asn1js__namespace.PrintableString(), new asn1js__namespace.UniversalString(), new asn1js__namespace.Utf8String(), new asn1js__namespace.BmpString() ] }) ] }) ] }), new asn1js__namespace.Primitive({ name: (names.blockName || EMPTY_STRING), idBlock: { tagClass: 3, tagNumber: 6 } }), new asn1js__namespace.Primitive({ name: (names.blockName || EMPTY_STRING), idBlock: { tagClass: 3, tagNumber: 7 } }), new asn1js__namespace.Primitive({ name: (names.blockName || EMPTY_STRING), idBlock: { tagClass: 3, tagNumber: 8 } }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, [ "blockName", "otherName", "rfc822Name", "dNSName", "x400Address", "directoryName", "ediPartyName", "uniformResourceIdentifier", "iPAddress", "registeredID" ]); const asn1 = asn1js__namespace.compareSchema(schema, schema, GeneralName.schema({ names: { blockName: "blockName", otherName: "otherName", rfc822Name: "rfc822Name", dNSName: "dNSName", x400Address: "x400Address", directoryName: { names: { blockName: "directoryName" } }, ediPartyName: "ediPartyName", uniformResourceIdentifier: "uniformResourceIdentifier", iPAddress: "iPAddress", registeredID: "registeredID" } })); AsnError.assertSchema(asn1, this.className); this.type = asn1.result.blockName.idBlock.tagNumber; switch (this.type) { case 0: this.value = asn1.result.blockName; break; case 1: case 2: case 6: { const value = asn1.result.blockName; value.idBlock.tagClass = 1; value.idBlock.tagNumber = 22; const valueBER = value.toBER(false); const asnValue = asn1js__namespace.fromBER(valueBER); AsnError.assert(asnValue, "GeneralName value"); this.value = asnValue.result.valueBlock.value; } break; case 3: this.value = asn1.result.blockName; break; case 4: this.value = new RelativeDistinguishedNames({ schema: asn1.result.directoryName }); break; case 5: this.value = asn1.result.ediPartyName; break; case 7: this.value = new asn1js__namespace.OctetString({ valueHex: asn1.result.blockName.valueBlock.valueHex }); break; case 8: { const value = asn1.result.blockName; value.idBlock.tagClass = 1; value.idBlock.tagNumber = 6; const valueBER = value.toBER(false); const asnValue = asn1js__namespace.fromBER(valueBER); AsnError.assert(asnValue, "GeneralName registeredID"); this.value = asnValue.result.valueBlock.toString(); } break; } } toSchema() { switch (this.type) { case 0: case 3: case 5: return new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: this.type }, value: [ this.value ] }); case 1: case 2: case 6: { const value = new asn1js__namespace.IA5String({ value: this.value }); value.idBlock.tagClass = 3; value.idBlock.tagNumber = this.type; return value; } case 4: return new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 4 }, value: [this.value.toSchema()] }); case 7: { const value = this.value; value.idBlock.tagClass = 3; value.idBlock.tagNumber = this.type; return value; } case 8: { const value = new asn1js__namespace.ObjectIdentifier({ value: this.value }); value.idBlock.tagClass = 3; value.idBlock.tagNumber = this.type; return value; } default: return GeneralName.schema(); } } toJSON() { const _object = { type: this.type, value: EMPTY_STRING }; if ((typeof this.value) === "string") _object.value = this.value; else { try { _object.value = this.value.toJSON(); } catch { } } return _object; } } GeneralName.CLASS_NAME = "GeneralName"; const ACCESS_METHOD = "accessMethod"; const ACCESS_LOCATION = "accessLocation"; const CLEAR_PROPS$1v = [ ACCESS_METHOD, ACCESS_LOCATION, ]; class AccessDescription extends PkiObject { constructor(parameters = {}) { super(); this.accessMethod = pvutils__namespace.getParametersValue(parameters, ACCESS_METHOD, AccessDescription.defaultValues(ACCESS_METHOD)); this.accessLocation = pvutils__namespace.getParametersValue(parameters, ACCESS_LOCATION, AccessDescription.defaultValues(ACCESS_LOCATION)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case ACCESS_METHOD: return EMPTY_STRING; case ACCESS_LOCATION: return new GeneralName(); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.ObjectIdentifier({ name: (names.accessMethod || EMPTY_STRING) }), GeneralName.schema(names.accessLocation || {}) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$1v); const asn1 = asn1js__namespace.compareSchema(schema, schema, AccessDescription.schema({ names: { accessMethod: ACCESS_METHOD, accessLocation: { names: { blockName: ACCESS_LOCATION } } } })); AsnError.assertSchema(asn1, this.className); this.accessMethod = asn1.result.accessMethod.valueBlock.toString(); this.accessLocation = new GeneralName({ schema: asn1.result.accessLocation }); } toSchema() { return (new asn1js__namespace.Sequence({ value: [ new asn1js__namespace.ObjectIdentifier({ value: this.accessMethod }), this.accessLocation.toSchema() ] })); } toJSON() { return { accessMethod: this.accessMethod, accessLocation: this.accessLocation.toJSON() }; } } AccessDescription.CLASS_NAME = "AccessDescription"; const SECONDS = "seconds"; const MILLIS = "millis"; const MICROS = "micros"; class Accuracy extends PkiObject { constructor(parameters = {}) { super(); if (SECONDS in parameters) { this.seconds = pvutils__namespace.getParametersValue(parameters, SECONDS, Accuracy.defaultValues(SECONDS)); } if (MILLIS in parameters) { this.millis = pvutils__namespace.getParametersValue(parameters, MILLIS, Accuracy.defaultValues(MILLIS)); } if (MICROS in parameters) { this.micros = pvutils__namespace.getParametersValue(parameters, MICROS, Accuracy.defaultValues(MICROS)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case SECONDS: case MILLIS: case MICROS: return 0; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case SECONDS: case MILLIS: case MICROS: return (memberValue === Accuracy.defaultValues(memberName)); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), optional: true, value: [ new asn1js__namespace.Integer({ optional: true, name: (names.seconds || EMPTY_STRING) }), new asn1js__namespace.Primitive({ name: (names.millis || EMPTY_STRING), optional: true, idBlock: { tagClass: 3, tagNumber: 0 } }), new asn1js__namespace.Primitive({ name: (names.micros || EMPTY_STRING), optional: true, idBlock: { tagClass: 3, tagNumber: 1 } }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, [ SECONDS, MILLIS, MICROS, ]); const asn1 = asn1js__namespace.compareSchema(schema, schema, Accuracy.schema({ names: { seconds: SECONDS, millis: MILLIS, micros: MICROS, } })); AsnError.assertSchema(asn1, this.className); if ("seconds" in asn1.result) { this.seconds = asn1.result.seconds.valueBlock.valueDec; } if ("millis" in asn1.result) { const intMillis = new asn1js__namespace.Integer({ valueHex: asn1.result.millis.valueBlock.valueHex }); this.millis = intMillis.valueBlock.valueDec; } if ("micros" in asn1.result) { const intMicros = new asn1js__namespace.Integer({ valueHex: asn1.result.micros.valueBlock.valueHex }); this.micros = intMicros.valueBlock.valueDec; } } toSchema() { const outputArray = []; if (this.seconds !== undefined) outputArray.push(new asn1js__namespace.Integer({ value: this.seconds })); if (this.millis !== undefined) { const intMillis = new asn1js__namespace.Integer({ value: this.millis }); outputArray.push(new asn1js__namespace.Primitive({ idBlock: { tagClass: 3, tagNumber: 0 }, valueHex: intMillis.valueBlock.valueHexView })); } if (this.micros !== undefined) { const intMicros = new asn1js__namespace.Integer({ value: this.micros }); outputArray.push(new asn1js__namespace.Primitive({ idBlock: { tagClass: 3, tagNumber: 1 }, valueHex: intMicros.valueBlock.valueHexView })); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const _object = {}; if (this.seconds !== undefined) _object.seconds = this.seconds; if (this.millis !== undefined) _object.millis = this.millis; if (this.micros !== undefined) _object.micros = this.micros; return _object; } } Accuracy.CLASS_NAME = "Accuracy"; const ALGORITHM_ID = "algorithmId"; const ALGORITHM_PARAMS = "algorithmParams"; const ALGORITHM$2 = "algorithm"; const PARAMS = "params"; const CLEAR_PROPS$1u = [ ALGORITHM$2, PARAMS ]; class AlgorithmIdentifier extends PkiObject { constructor(parameters = {}) { super(); this.algorithmId = pvutils__namespace.getParametersValue(parameters, ALGORITHM_ID, AlgorithmIdentifier.defaultValues(ALGORITHM_ID)); if (ALGORITHM_PARAMS in parameters) { this.algorithmParams = pvutils__namespace.getParametersValue(parameters, ALGORITHM_PARAMS, AlgorithmIdentifier.defaultValues(ALGORITHM_PARAMS)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case ALGORITHM_ID: return EMPTY_STRING; case ALGORITHM_PARAMS: return new asn1js__namespace.Any(); default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case ALGORITHM_ID: return (memberValue === EMPTY_STRING); case ALGORITHM_PARAMS: return (memberValue instanceof asn1js__namespace.Any); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), optional: (names.optional || false), value: [ new asn1js__namespace.ObjectIdentifier({ name: (names.algorithmIdentifier || EMPTY_STRING) }), new asn1js__namespace.Any({ name: (names.algorithmParams || EMPTY_STRING), optional: true }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$1u); const asn1 = asn1js__namespace.compareSchema(schema, schema, AlgorithmIdentifier.schema({ names: { algorithmIdentifier: ALGORITHM$2, algorithmParams: PARAMS } })); AsnError.assertSchema(asn1, this.className); this.algorithmId = asn1.result.algorithm.valueBlock.toString(); if (PARAMS in asn1.result) { this.algorithmParams = asn1.result.params; } } toSchema() { const outputArray = []; outputArray.push(new asn1js__namespace.ObjectIdentifier({ value: this.algorithmId })); if (this.algorithmParams && !(this.algorithmParams instanceof asn1js__namespace.Any)) { outputArray.push(this.algorithmParams); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const object = { algorithmId: this.algorithmId }; if (this.algorithmParams && !(this.algorithmParams instanceof asn1js__namespace.Any)) { object.algorithmParams = this.algorithmParams.toJSON(); } return object; } isEqual(algorithmIdentifier) { if (!(algorithmIdentifier instanceof AlgorithmIdentifier)) { return false; } if (this.algorithmId !== algorithmIdentifier.algorithmId) { return false; } if (this.algorithmParams) { if (algorithmIdentifier.algorithmParams) { return JSON.stringify(this.algorithmParams) === JSON.stringify(algorithmIdentifier.algorithmParams); } return false; } if (algorithmIdentifier.algorithmParams) { return false; } return true; } } AlgorithmIdentifier.CLASS_NAME = "AlgorithmIdentifier"; const ALT_NAMES = "altNames"; const CLEAR_PROPS$1t = [ ALT_NAMES ]; class AltName extends PkiObject { constructor(parameters = {}) { super(); this.altNames = pvutils__namespace.getParametersValue(parameters, ALT_NAMES, AltName.defaultValues(ALT_NAMES)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case ALT_NAMES: return []; default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Repeated({ name: (names.altNames || EMPTY_STRING), value: GeneralName.schema() }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$1t); const asn1 = asn1js__namespace.compareSchema(schema, schema, AltName.schema({ names: { altNames: ALT_NAMES } })); AsnError.assertSchema(asn1, this.className); if (ALT_NAMES in asn1.result) { this.altNames = Array.from(asn1.result.altNames, element => new GeneralName({ schema: element })); } } toSchema() { return (new asn1js__namespace.Sequence({ value: Array.from(this.altNames, o => o.toSchema()) })); } toJSON() { return { altNames: Array.from(this.altNames, o => o.toJSON()) }; } } AltName.CLASS_NAME = "AltName"; const TYPE$3 = "type"; const VALUES$1 = "values"; const CLEAR_PROPS$1s = [ TYPE$3, VALUES$1 ]; class Attribute extends PkiObject { constructor(parameters = {}) { super(); this.type = pvutils__namespace.getParametersValue(parameters, TYPE$3, Attribute.defaultValues(TYPE$3)); this.values = pvutils__namespace.getParametersValue(parameters, VALUES$1, Attribute.defaultValues(VALUES$1)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case TYPE$3: return EMPTY_STRING; case VALUES$1: return []; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case TYPE$3: return (memberValue === EMPTY_STRING); case VALUES$1: return (memberValue.length === 0); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.ObjectIdentifier({ name: (names.type || EMPTY_STRING) }), new asn1js__namespace.Set({ name: (names.setName || EMPTY_STRING), value: [ new asn1js__namespace.Repeated({ name: (names.values || EMPTY_STRING), value: new asn1js__namespace.Any() }) ] }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$1s); const asn1 = asn1js__namespace.compareSchema(schema, schema, Attribute.schema({ names: { type: TYPE$3, values: VALUES$1 } })); AsnError.assertSchema(asn1, this.className); this.type = asn1.result.type.valueBlock.toString(); this.values = asn1.result.values; } toSchema() { return (new asn1js__namespace.Sequence({ value: [ new asn1js__namespace.ObjectIdentifier({ value: this.type }), new asn1js__namespace.Set({ value: this.values }) ] })); } toJSON() { return { type: this.type, values: Array.from(this.values, o => o.toJSON()) }; } } Attribute.CLASS_NAME = "Attribute"; const NOT_BEFORE_TIME = "notBeforeTime"; const NOT_AFTER_TIME = "notAfterTime"; const CLEAR_PROPS$1r = [ NOT_BEFORE_TIME, NOT_AFTER_TIME, ]; class AttCertValidityPeriod extends PkiObject { constructor(parameters = {}) { super(); this.notBeforeTime = pvutils__namespace.getParametersValue(parameters, NOT_BEFORE_TIME, AttCertValidityPeriod.defaultValues(NOT_BEFORE_TIME)); this.notAfterTime = pvutils__namespace.getParametersValue(parameters, NOT_AFTER_TIME, AttCertValidityPeriod.defaultValues(NOT_AFTER_TIME)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case NOT_BEFORE_TIME: case NOT_AFTER_TIME: return new Date(0, 0, 0); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.GeneralizedTime({ name: (names.notBeforeTime || EMPTY_STRING) }), new asn1js__namespace.GeneralizedTime({ name: (names.notAfterTime || EMPTY_STRING) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$1r); const asn1 = asn1js__namespace.compareSchema(schema, schema, AttCertValidityPeriod.schema({ names: { notBeforeTime: NOT_BEFORE_TIME, notAfterTime: NOT_AFTER_TIME } })); AsnError.assertSchema(asn1, this.className); this.notBeforeTime = asn1.result.notBeforeTime.toDate(); this.notAfterTime = asn1.result.notAfterTime.toDate(); } toSchema() { return (new asn1js__namespace.Sequence({ value: [ new asn1js__namespace.GeneralizedTime({ valueDate: this.notBeforeTime }), new asn1js__namespace.GeneralizedTime({ valueDate: this.notAfterTime }), ] })); } toJSON() { return { notBeforeTime: this.notBeforeTime, notAfterTime: this.notAfterTime }; } } AttCertValidityPeriod.CLASS_NAME = "AttCertValidityPeriod"; const NAMES = "names"; const GENERAL_NAMES = "generalNames"; class GeneralNames extends PkiObject { constructor(parameters = {}) { super(); this.names = pvutils__namespace.getParametersValue(parameters, NAMES, GeneralNames.defaultValues(NAMES)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case "names": return []; default: return super.defaultValues(memberName); } } static schema(parameters = {}, optional = false) { const names = pvutils__namespace.getParametersValue(parameters, NAMES, {}); return (new asn1js__namespace.Sequence({ optional, name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Repeated({ name: (names.generalNames || EMPTY_STRING), value: GeneralName.schema() }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, [ NAMES, GENERAL_NAMES ]); const asn1 = asn1js__namespace.compareSchema(schema, schema, GeneralNames.schema({ names: { blockName: NAMES, generalNames: GENERAL_NAMES } })); AsnError.assertSchema(asn1, this.className); this.names = Array.from(asn1.result.generalNames, element => new GeneralName({ schema: element })); } toSchema() { return (new asn1js__namespace.Sequence({ value: Array.from(this.names, o => o.toSchema()) })); } toJSON() { return { names: Array.from(this.names, o => o.toJSON()) }; } } GeneralNames.CLASS_NAME = "GeneralNames"; const id_SubjectDirectoryAttributes = "2.5.29.9"; const id_SubjectKeyIdentifier = "2.5.29.14"; const id_KeyUsage = "2.5.29.15"; const id_PrivateKeyUsagePeriod = "2.5.29.16"; const id_SubjectAltName = "2.5.29.17"; const id_IssuerAltName = "2.5.29.18"; const id_BasicConstraints = "2.5.29.19"; const id_CRLNumber = "2.5.29.20"; const id_BaseCRLNumber = "2.5.29.27"; const id_CRLReason = "2.5.29.21"; const id_InvalidityDate = "2.5.29.24"; const id_IssuingDistributionPoint = "2.5.29.28"; const id_CertificateIssuer = "2.5.29.29"; const id_NameConstraints = "2.5.29.30"; const id_CRLDistributionPoints = "2.5.29.31"; const id_FreshestCRL = "2.5.29.46"; const id_CertificatePolicies = "2.5.29.32"; const id_AnyPolicy = "2.5.29.32.0"; const id_MicrosoftAppPolicies = "1.3.6.1.4.1.311.21.10"; const id_PolicyMappings = "2.5.29.33"; const id_AuthorityKeyIdentifier = "2.5.29.35"; const id_PolicyConstraints = "2.5.29.36"; const id_ExtKeyUsage = "2.5.29.37"; const id_InhibitAnyPolicy = "2.5.29.54"; const id_AuthorityInfoAccess = "1.3.6.1.5.5.7.1.1"; const id_SubjectInfoAccess = "1.3.6.1.5.5.7.1.11"; const id_SignedCertificateTimestampList = "1.3.6.1.4.1.11129.2.4.2"; const id_MicrosoftCertTemplateV1 = "1.3.6.1.4.1.311.20.2"; const id_MicrosoftPrevCaCertHash = "1.3.6.1.4.1.311.21.2"; const id_MicrosoftCertTemplateV2 = "1.3.6.1.4.1.311.21.7"; const id_MicrosoftCaVersion = "1.3.6.1.4.1.311.21.1"; const id_QCStatements = "1.3.6.1.5.5.7.1.3"; const id_ContentType_Data = "1.2.840.113549.1.7.1"; const id_ContentType_SignedData = "1.2.840.113549.1.7.2"; const id_ContentType_EnvelopedData = "1.2.840.113549.1.7.3"; const id_ContentType_EncryptedData = "1.2.840.113549.1.7.6"; const id_eContentType_TSTInfo = "1.2.840.113549.1.9.16.1.4"; const id_CertBag_X509Certificate = "1.2.840.113549.1.9.22.1"; const id_CertBag_SDSICertificate = "1.2.840.113549.1.9.22.2"; const id_CertBag_AttributeCertificate = "1.2.840.113549.1.9.22.3"; const id_CRLBag_X509CRL = "1.2.840.113549.1.9.23.1"; const id_pkix = "1.3.6.1.5.5.7"; const id_ad = `${id_pkix}.48`; const id_PKIX_OCSP_Basic = `${id_ad}.1.1`; const id_ad_caIssuers = `${id_ad}.2`; const id_ad_ocsp = `${id_ad}.1`; const id_sha1 = "1.3.14.3.2.26"; const id_sha256 = "2.16.840.1.101.3.4.2.1"; const id_sha384 = "2.16.840.1.101.3.4.2.2"; const id_sha512 = "2.16.840.1.101.3.4.2.3"; const KEY_IDENTIFIER$1 = "keyIdentifier"; const AUTHORITY_CERT_ISSUER = "authorityCertIssuer"; const AUTHORITY_CERT_SERIAL_NUMBER = "authorityCertSerialNumber"; const CLEAR_PROPS$1q = [ KEY_IDENTIFIER$1, AUTHORITY_CERT_ISSUER, AUTHORITY_CERT_SERIAL_NUMBER, ]; class AuthorityKeyIdentifier extends PkiObject { constructor(parameters = {}) { super(); if (KEY_IDENTIFIER$1 in parameters) { this.keyIdentifier = pvutils__namespace.getParametersValue(parameters, KEY_IDENTIFIER$1, AuthorityKeyIdentifier.defaultValues(KEY_IDENTIFIER$1)); } if (AUTHORITY_CERT_ISSUER in parameters) { this.authorityCertIssuer = pvutils__namespace.getParametersValue(parameters, AUTHORITY_CERT_ISSUER, AuthorityKeyIdentifier.defaultValues(AUTHORITY_CERT_ISSUER)); } if (AUTHORITY_CERT_SERIAL_NUMBER in parameters) { this.authorityCertSerialNumber = pvutils__namespace.getParametersValue(parameters, AUTHORITY_CERT_SERIAL_NUMBER, AuthorityKeyIdentifier.defaultValues(AUTHORITY_CERT_SERIAL_NUMBER)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case KEY_IDENTIFIER$1: return new asn1js__namespace.OctetString(); case AUTHORITY_CERT_ISSUER: return []; case AUTHORITY_CERT_SERIAL_NUMBER: return new asn1js__namespace.Integer(); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Primitive({ name: (names.keyIdentifier || EMPTY_STRING), optional: true, idBlock: { tagClass: 3, tagNumber: 0 } }), new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 1 }, value: [ new asn1js__namespace.Repeated({ name: (names.authorityCertIssuer || EMPTY_STRING), value: GeneralName.schema() }) ] }), new asn1js__namespace.Primitive({ name: (names.authorityCertSerialNumber || EMPTY_STRING), optional: true, idBlock: { tagClass: 3, tagNumber: 2 } }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$1q); const asn1 = asn1js__namespace.compareSchema(schema, schema, AuthorityKeyIdentifier.schema({ names: { keyIdentifier: KEY_IDENTIFIER$1, authorityCertIssuer: AUTHORITY_CERT_ISSUER, authorityCertSerialNumber: AUTHORITY_CERT_SERIAL_NUMBER } })); AsnError.assertSchema(asn1, this.className); if (KEY_IDENTIFIER$1 in asn1.result) this.keyIdentifier = new asn1js__namespace.OctetString({ valueHex: asn1.result.keyIdentifier.valueBlock.valueHex }); if (AUTHORITY_CERT_ISSUER in asn1.result) this.authorityCertIssuer = Array.from(asn1.result.authorityCertIssuer, o => new GeneralName({ schema: o })); if (AUTHORITY_CERT_SERIAL_NUMBER in asn1.result) this.authorityCertSerialNumber = new asn1js__namespace.Integer({ valueHex: asn1.result.authorityCertSerialNumber.valueBlock.valueHex }); } toSchema() { const outputArray = []; if (this.keyIdentifier) { outputArray.push(new asn1js__namespace.Primitive({ idBlock: { tagClass: 3, tagNumber: 0 }, valueHex: this.keyIdentifier.valueBlock.valueHexView })); } if (this.authorityCertIssuer) { outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 1 }, value: Array.from(this.authorityCertIssuer, o => o.toSchema()) })); } if (this.authorityCertSerialNumber) { outputArray.push(new asn1js__namespace.Primitive({ idBlock: { tagClass: 3, tagNumber: 2 }, valueHex: this.authorityCertSerialNumber.valueBlock.valueHexView })); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const object = {}; if (this.keyIdentifier) { object.keyIdentifier = this.keyIdentifier.toJSON(); } if (this.authorityCertIssuer) { object.authorityCertIssuer = Array.from(this.authorityCertIssuer, o => o.toJSON()); } if (this.authorityCertSerialNumber) { object.authorityCertSerialNumber = this.authorityCertSerialNumber.toJSON(); } return object; } } AuthorityKeyIdentifier.CLASS_NAME = "AuthorityKeyIdentifier"; const PATH_LENGTH_CONSTRAINT = "pathLenConstraint"; const CA = "cA"; class BasicConstraints extends PkiObject { constructor(parameters = {}) { super(); this.cA = pvutils__namespace.getParametersValue(parameters, CA, false); if (PATH_LENGTH_CONSTRAINT in parameters) { this.pathLenConstraint = pvutils__namespace.getParametersValue(parameters, PATH_LENGTH_CONSTRAINT, 0); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case CA: return false; default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Boolean({ optional: true, name: (names.cA || EMPTY_STRING) }), new asn1js__namespace.Integer({ optional: true, name: (names.pathLenConstraint || EMPTY_STRING) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, [ CA, PATH_LENGTH_CONSTRAINT ]); const asn1 = asn1js__namespace.compareSchema(schema, schema, BasicConstraints.schema({ names: { cA: CA, pathLenConstraint: PATH_LENGTH_CONSTRAINT } })); AsnError.assertSchema(asn1, this.className); if (CA in asn1.result) { this.cA = asn1.result.cA.valueBlock.value; } if (PATH_LENGTH_CONSTRAINT in asn1.result) { if (asn1.result.pathLenConstraint.valueBlock.isHexOnly) { this.pathLenConstraint = asn1.result.pathLenConstraint; } else { this.pathLenConstraint = asn1.result.pathLenConstraint.valueBlock.valueDec; } } } toSchema() { const outputArray = []; if (this.cA !== BasicConstraints.defaultValues(CA)) outputArray.push(new asn1js__namespace.Boolean({ value: this.cA })); if (PATH_LENGTH_CONSTRAINT in this) { if (this.pathLenConstraint instanceof asn1js__namespace.Integer) { outputArray.push(this.pathLenConstraint); } else { outputArray.push(new asn1js__namespace.Integer({ value: this.pathLenConstraint })); } } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const object = {}; if (this.cA !== BasicConstraints.defaultValues(CA)) { object.cA = this.cA; } if (PATH_LENGTH_CONSTRAINT in this) { if (this.pathLenConstraint instanceof asn1js__namespace.Integer) { object.pathLenConstraint = this.pathLenConstraint.toJSON(); } else { object.pathLenConstraint = this.pathLenConstraint; } } return object; } } BasicConstraints.CLASS_NAME = "BasicConstraints"; const CERTIFICATE_INDEX = "certificateIndex"; const KEY_INDEX = "keyIndex"; class CAVersion extends PkiObject { constructor(parameters = {}) { super(); this.certificateIndex = pvutils__namespace.getParametersValue(parameters, CERTIFICATE_INDEX, CAVersion.defaultValues(CERTIFICATE_INDEX)); this.keyIndex = pvutils__namespace.getParametersValue(parameters, KEY_INDEX, CAVersion.defaultValues(KEY_INDEX)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case CERTIFICATE_INDEX: case KEY_INDEX: return 0; default: return super.defaultValues(memberName); } } static schema() { return (new asn1js__namespace.Integer()); } fromSchema(schema) { if (schema.constructor.blockName() !== asn1js__namespace.Integer.blockName()) { throw new Error("Object's schema was not verified against input data for CAVersion"); } let value = schema.valueBlock.valueHex.slice(0); const valueView = new Uint8Array(value); switch (true) { case (value.byteLength < 4): { const tempValue = new ArrayBuffer(4); const tempValueView = new Uint8Array(tempValue); tempValueView.set(valueView, 4 - value.byteLength); value = tempValue.slice(0); } break; case (value.byteLength > 4): { const tempValue = new ArrayBuffer(4); const tempValueView = new Uint8Array(tempValue); tempValueView.set(valueView.slice(0, 4)); value = tempValue.slice(0); } break; } const keyIndexBuffer = value.slice(0, 2); const keyIndexView8 = new Uint8Array(keyIndexBuffer); let temp = keyIndexView8[0]; keyIndexView8[0] = keyIndexView8[1]; keyIndexView8[1] = temp; const keyIndexView16 = new Uint16Array(keyIndexBuffer); this.keyIndex = keyIndexView16[0]; const certificateIndexBuffer = value.slice(2); const certificateIndexView8 = new Uint8Array(certificateIndexBuffer); temp = certificateIndexView8[0]; certificateIndexView8[0] = certificateIndexView8[1]; certificateIndexView8[1] = temp; const certificateIndexView16 = new Uint16Array(certificateIndexBuffer); this.certificateIndex = certificateIndexView16[0]; } toSchema() { const certificateIndexBuffer = new ArrayBuffer(2); const certificateIndexView = new Uint16Array(certificateIndexBuffer); certificateIndexView[0] = this.certificateIndex; const certificateIndexView8 = new Uint8Array(certificateIndexBuffer); let temp = certificateIndexView8[0]; certificateIndexView8[0] = certificateIndexView8[1]; certificateIndexView8[1] = temp; const keyIndexBuffer = new ArrayBuffer(2); const keyIndexView = new Uint16Array(keyIndexBuffer); keyIndexView[0] = this.keyIndex; const keyIndexView8 = new Uint8Array(keyIndexBuffer); temp = keyIndexView8[0]; keyIndexView8[0] = keyIndexView8[1]; keyIndexView8[1] = temp; return (new asn1js__namespace.Integer({ valueHex: pvutils__namespace.utilConcatBuf(keyIndexBuffer, certificateIndexBuffer) })); } toJSON() { return { certificateIndex: this.certificateIndex, keyIndex: this.keyIndex }; } } CAVersion.CLASS_NAME = "CAVersion"; const POLICY_QUALIFIER_ID = "policyQualifierId"; const QUALIFIER = "qualifier"; const CLEAR_PROPS$1p = [ POLICY_QUALIFIER_ID, QUALIFIER ]; class PolicyQualifierInfo extends PkiObject { constructor(parameters = {}) { super(); this.policyQualifierId = pvutils__namespace.getParametersValue(parameters, POLICY_QUALIFIER_ID, PolicyQualifierInfo.defaultValues(POLICY_QUALIFIER_ID)); this.qualifier = pvutils__namespace.getParametersValue(parameters, QUALIFIER, PolicyQualifierInfo.defaultValues(QUALIFIER)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case POLICY_QUALIFIER_ID: return EMPTY_STRING; case QUALIFIER: return new asn1js__namespace.Any(); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.ObjectIdentifier({ name: (names.policyQualifierId || EMPTY_STRING) }), new asn1js__namespace.Any({ name: (names.qualifier || EMPTY_STRING) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$1p); const asn1 = asn1js__namespace.compareSchema(schema, schema, PolicyQualifierInfo.schema({ names: { policyQualifierId: POLICY_QUALIFIER_ID, qualifier: QUALIFIER } })); AsnError.assertSchema(asn1, this.className); this.policyQualifierId = asn1.result.policyQualifierId.valueBlock.toString(); this.qualifier = asn1.result.qualifier; } toSchema() { return (new asn1js__namespace.Sequence({ value: [ new asn1js__namespace.ObjectIdentifier({ value: this.policyQualifierId }), this.qualifier ] })); } toJSON() { return { policyQualifierId: this.policyQualifierId, qualifier: this.qualifier.toJSON() }; } } PolicyQualifierInfo.CLASS_NAME = "PolicyQualifierInfo"; const POLICY_IDENTIFIER = "policyIdentifier"; const POLICY_QUALIFIERS = "policyQualifiers"; const CLEAR_PROPS$1o = [ POLICY_IDENTIFIER, POLICY_QUALIFIERS ]; class PolicyInformation extends PkiObject { constructor(parameters = {}) { super(); this.policyIdentifier = pvutils__namespace.getParametersValue(parameters, POLICY_IDENTIFIER, PolicyInformation.defaultValues(POLICY_IDENTIFIER)); if (POLICY_QUALIFIERS in parameters) { this.policyQualifiers = pvutils__namespace.getParametersValue(parameters, POLICY_QUALIFIERS, PolicyInformation.defaultValues(POLICY_QUALIFIERS)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case POLICY_IDENTIFIER: return EMPTY_STRING; case POLICY_QUALIFIERS: return []; default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.ObjectIdentifier({ name: (names.policyIdentifier || EMPTY_STRING) }), new asn1js__namespace.Sequence({ optional: true, value: [ new asn1js__namespace.Repeated({ name: (names.policyQualifiers || EMPTY_STRING), value: PolicyQualifierInfo.schema() }) ] }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$1o); const asn1 = asn1js__namespace.compareSchema(schema, schema, PolicyInformation.schema({ names: { policyIdentifier: POLICY_IDENTIFIER, policyQualifiers: POLICY_QUALIFIERS } })); AsnError.assertSchema(asn1, this.className); this.policyIdentifier = asn1.result.policyIdentifier.valueBlock.toString(); if (POLICY_QUALIFIERS in asn1.result) { this.policyQualifiers = Array.from(asn1.result.policyQualifiers, element => new PolicyQualifierInfo({ schema: element })); } } toSchema() { const outputArray = []; outputArray.push(new asn1js__namespace.ObjectIdentifier({ value: this.policyIdentifier })); if (this.policyQualifiers) { outputArray.push(new asn1js__namespace.Sequence({ value: Array.from(this.policyQualifiers, o => o.toSchema()) })); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const res = { policyIdentifier: this.policyIdentifier }; if (this.policyQualifiers) res.policyQualifiers = Array.from(this.policyQualifiers, o => o.toJSON()); return res; } } PolicyInformation.CLASS_NAME = "PolicyInformation"; const CERTIFICATE_POLICIES = "certificatePolicies"; const CLEAR_PROPS$1n = [ CERTIFICATE_POLICIES, ]; class CertificatePolicies extends PkiObject { constructor(parameters = {}) { super(); this.certificatePolicies = pvutils__namespace.getParametersValue(parameters, CERTIFICATE_POLICIES, CertificatePolicies.defaultValues(CERTIFICATE_POLICIES)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case CERTIFICATE_POLICIES: return []; default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Repeated({ name: (names.certificatePolicies || EMPTY_STRING), value: PolicyInformation.schema() }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$1n); const asn1 = asn1js__namespace.compareSchema(schema, schema, CertificatePolicies.schema({ names: { certificatePolicies: CERTIFICATE_POLICIES } })); AsnError.assertSchema(asn1, this.className); this.certificatePolicies = Array.from(asn1.result.certificatePolicies, element => new PolicyInformation({ schema: element })); } toSchema() { return (new asn1js__namespace.Sequence({ value: Array.from(this.certificatePolicies, o => o.toSchema()) })); } toJSON() { return { certificatePolicies: Array.from(this.certificatePolicies, o => o.toJSON()) }; } } CertificatePolicies.CLASS_NAME = "CertificatePolicies"; const TEMPLATE_ID = "templateID"; const TEMPLATE_MAJOR_VERSION = "templateMajorVersion"; const TEMPLATE_MINOR_VERSION = "templateMinorVersion"; const CLEAR_PROPS$1m = [ TEMPLATE_ID, TEMPLATE_MAJOR_VERSION, TEMPLATE_MINOR_VERSION ]; class CertificateTemplate extends PkiObject { constructor(parameters = {}) { super(); this.templateID = pvutils__namespace.getParametersValue(parameters, TEMPLATE_ID, CertificateTemplate.defaultValues(TEMPLATE_ID)); if (TEMPLATE_MAJOR_VERSION in parameters) { this.templateMajorVersion = pvutils__namespace.getParametersValue(parameters, TEMPLATE_MAJOR_VERSION, CertificateTemplate.defaultValues(TEMPLATE_MAJOR_VERSION)); } if (TEMPLATE_MINOR_VERSION in parameters) { this.templateMinorVersion = pvutils__namespace.getParametersValue(parameters, TEMPLATE_MINOR_VERSION, CertificateTemplate.defaultValues(TEMPLATE_MINOR_VERSION)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case TEMPLATE_ID: return EMPTY_STRING; case TEMPLATE_MAJOR_VERSION: case TEMPLATE_MINOR_VERSION: return 0; default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.ObjectIdentifier({ name: (names.templateID || EMPTY_STRING) }), new asn1js__namespace.Integer({ name: (names.templateMajorVersion || EMPTY_STRING), optional: true }), new asn1js__namespace.Integer({ name: (names.templateMinorVersion || EMPTY_STRING), optional: true }), ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$1m); const asn1 = asn1js__namespace.compareSchema(schema, schema, CertificateTemplate.schema({ names: { templateID: TEMPLATE_ID, templateMajorVersion: TEMPLATE_MAJOR_VERSION, templateMinorVersion: TEMPLATE_MINOR_VERSION } })); AsnError.assertSchema(asn1, this.className); this.templateID = asn1.result.templateID.valueBlock.toString(); if (TEMPLATE_MAJOR_VERSION in asn1.result) { this.templateMajorVersion = asn1.result.templateMajorVersion.valueBlock.valueDec; } if (TEMPLATE_MINOR_VERSION in asn1.result) { this.templateMinorVersion = asn1.result.templateMinorVersion.valueBlock.valueDec; } } toSchema() { const outputArray = []; outputArray.push(new asn1js__namespace.ObjectIdentifier({ value: this.templateID })); if (TEMPLATE_MAJOR_VERSION in this) { outputArray.push(new asn1js__namespace.Integer({ value: this.templateMajorVersion })); } if (TEMPLATE_MINOR_VERSION in this) { outputArray.push(new asn1js__namespace.Integer({ value: this.templateMinorVersion })); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const res = { templateID: this.templateID }; if (TEMPLATE_MAJOR_VERSION in this) res.templateMajorVersion = this.templateMajorVersion; if (TEMPLATE_MINOR_VERSION in this) res.templateMinorVersion = this.templateMinorVersion; return res; } } const DISTRIBUTION_POINT$1 = "distributionPoint"; const DISTRIBUTION_POINT_NAMES$1 = "distributionPointNames"; const REASONS = "reasons"; const CRL_ISSUER = "cRLIssuer"; const CRL_ISSUER_NAMES = "cRLIssuerNames"; const CLEAR_PROPS$1l = [ DISTRIBUTION_POINT$1, DISTRIBUTION_POINT_NAMES$1, REASONS, CRL_ISSUER, CRL_ISSUER_NAMES, ]; class DistributionPoint extends PkiObject { constructor(parameters = {}) { super(); if (DISTRIBUTION_POINT$1 in parameters) { this.distributionPoint = pvutils__namespace.getParametersValue(parameters, DISTRIBUTION_POINT$1, DistributionPoint.defaultValues(DISTRIBUTION_POINT$1)); } if (REASONS in parameters) { this.reasons = pvutils__namespace.getParametersValue(parameters, REASONS, DistributionPoint.defaultValues(REASONS)); } if (CRL_ISSUER in parameters) { this.cRLIssuer = pvutils__namespace.getParametersValue(parameters, CRL_ISSUER, DistributionPoint.defaultValues(CRL_ISSUER)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case DISTRIBUTION_POINT$1: return []; case REASONS: return new asn1js__namespace.BitString(); case CRL_ISSUER: return []; default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: [ new asn1js__namespace.Choice({ value: [ new asn1js__namespace.Constructed({ name: (names.distributionPoint || EMPTY_STRING), optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: [ new asn1js__namespace.Repeated({ name: (names.distributionPointNames || EMPTY_STRING), value: GeneralName.schema() }) ] }), new asn1js__namespace.Constructed({ name: (names.distributionPoint || EMPTY_STRING), optional: true, idBlock: { tagClass: 3, tagNumber: 1 }, value: RelativeDistinguishedNames.schema().valueBlock.value }) ] }) ] }), new asn1js__namespace.Primitive({ name: (names.reasons || EMPTY_STRING), optional: true, idBlock: { tagClass: 3, tagNumber: 1 } }), new asn1js__namespace.Constructed({ name: (names.cRLIssuer || EMPTY_STRING), optional: true, idBlock: { tagClass: 3, tagNumber: 2 }, value: [ new asn1js__namespace.Repeated({ name: (names.cRLIssuerNames || EMPTY_STRING), value: GeneralName.schema() }) ] }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$1l); const asn1 = asn1js__namespace.compareSchema(schema, schema, DistributionPoint.schema({ names: { distributionPoint: DISTRIBUTION_POINT$1, distributionPointNames: DISTRIBUTION_POINT_NAMES$1, reasons: REASONS, cRLIssuer: CRL_ISSUER, cRLIssuerNames: CRL_ISSUER_NAMES } })); AsnError.assertSchema(asn1, this.className); if (DISTRIBUTION_POINT$1 in asn1.result) { if (asn1.result.distributionPoint.idBlock.tagNumber === 0) { this.distributionPoint = Array.from(asn1.result.distributionPointNames, element => new GeneralName({ schema: element })); } if (asn1.result.distributionPoint.idBlock.tagNumber === 1) { this.distributionPoint = new RelativeDistinguishedNames({ schema: new asn1js__namespace.Sequence({ value: asn1.result.distributionPoint.valueBlock.value }) }); } } if (REASONS in asn1.result) { this.reasons = new asn1js__namespace.BitString({ valueHex: asn1.result.reasons.valueBlock.valueHex }); } if (CRL_ISSUER in asn1.result) { this.cRLIssuer = Array.from(asn1.result.cRLIssuerNames, element => new GeneralName({ schema: element })); } } toSchema() { const outputArray = []; if (this.distributionPoint) { let internalValue; if (this.distributionPoint instanceof Array) { internalValue = new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: Array.from(this.distributionPoint, o => o.toSchema()) }); } else { internalValue = new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 1 }, value: [this.distributionPoint.toSchema()] }); } outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: [internalValue] })); } if (this.reasons) { outputArray.push(new asn1js__namespace.Primitive({ idBlock: { tagClass: 3, tagNumber: 1 }, valueHex: this.reasons.valueBlock.valueHexView })); } if (this.cRLIssuer) { outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 2 }, value: Array.from(this.cRLIssuer, o => o.toSchema()) })); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const object = {}; if (this.distributionPoint) { if (this.distributionPoint instanceof Array) { object.distributionPoint = Array.from(this.distributionPoint, o => o.toJSON()); } else { object.distributionPoint = this.distributionPoint.toJSON(); } } if (this.reasons) { object.reasons = this.reasons.toJSON(); } if (this.cRLIssuer) { object.cRLIssuer = Array.from(this.cRLIssuer, o => o.toJSON()); } return object; } } DistributionPoint.CLASS_NAME = "DistributionPoint"; const DISTRIBUTION_POINTS = "distributionPoints"; const CLEAR_PROPS$1k = [ DISTRIBUTION_POINTS ]; class CRLDistributionPoints extends PkiObject { constructor(parameters = {}) { super(); this.distributionPoints = pvutils__namespace.getParametersValue(parameters, DISTRIBUTION_POINTS, CRLDistributionPoints.defaultValues(DISTRIBUTION_POINTS)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case DISTRIBUTION_POINTS: return []; default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Repeated({ name: (names.distributionPoints || EMPTY_STRING), value: DistributionPoint.schema() }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$1k); const asn1 = asn1js__namespace.compareSchema(schema, schema, CRLDistributionPoints.schema({ names: { distributionPoints: DISTRIBUTION_POINTS } })); AsnError.assertSchema(asn1, this.className); this.distributionPoints = Array.from(asn1.result.distributionPoints, element => new DistributionPoint({ schema: element })); } toSchema() { return (new asn1js__namespace.Sequence({ value: Array.from(this.distributionPoints, o => o.toSchema()) })); } toJSON() { return { distributionPoints: Array.from(this.distributionPoints, o => o.toJSON()) }; } } CRLDistributionPoints.CLASS_NAME = "CRLDistributionPoints"; const KEY_PURPOSES = "keyPurposes"; const CLEAR_PROPS$1j = [ KEY_PURPOSES, ]; class ExtKeyUsage extends PkiObject { constructor(parameters = {}) { super(); this.keyPurposes = pvutils__namespace.getParametersValue(parameters, KEY_PURPOSES, ExtKeyUsage.defaultValues(KEY_PURPOSES)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case KEY_PURPOSES: return []; default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Repeated({ name: (names.keyPurposes || EMPTY_STRING), value: new asn1js__namespace.ObjectIdentifier() }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$1j); const asn1 = asn1js__namespace.compareSchema(schema, schema, ExtKeyUsage.schema({ names: { keyPurposes: KEY_PURPOSES } })); AsnError.assertSchema(asn1, this.className); this.keyPurposes = Array.from(asn1.result.keyPurposes, (element) => element.valueBlock.toString()); } toSchema() { return (new asn1js__namespace.Sequence({ value: Array.from(this.keyPurposes, element => new asn1js__namespace.ObjectIdentifier({ value: element })) })); } toJSON() { return { keyPurposes: Array.from(this.keyPurposes) }; } } ExtKeyUsage.CLASS_NAME = "ExtKeyUsage"; const ACCESS_DESCRIPTIONS = "accessDescriptions"; class InfoAccess extends PkiObject { constructor(parameters = {}) { super(); this.accessDescriptions = pvutils__namespace.getParametersValue(parameters, ACCESS_DESCRIPTIONS, InfoAccess.defaultValues(ACCESS_DESCRIPTIONS)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case ACCESS_DESCRIPTIONS: return []; default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Repeated({ name: (names.accessDescriptions || EMPTY_STRING), value: AccessDescription.schema() }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, [ ACCESS_DESCRIPTIONS ]); const asn1 = asn1js__namespace.compareSchema(schema, schema, InfoAccess.schema({ names: { accessDescriptions: ACCESS_DESCRIPTIONS } })); AsnError.assertSchema(asn1, this.className); this.accessDescriptions = Array.from(asn1.result.accessDescriptions, element => new AccessDescription({ schema: element })); } toSchema() { return (new asn1js__namespace.Sequence({ value: Array.from(this.accessDescriptions, o => o.toSchema()) })); } toJSON() { return { accessDescriptions: Array.from(this.accessDescriptions, o => o.toJSON()) }; } } InfoAccess.CLASS_NAME = "InfoAccess"; const DISTRIBUTION_POINT = "distributionPoint"; const DISTRIBUTION_POINT_NAMES = "distributionPointNames"; const ONLY_CONTAINS_USER_CERTS = "onlyContainsUserCerts"; const ONLY_CONTAINS_CA_CERTS = "onlyContainsCACerts"; const ONLY_SOME_REASON = "onlySomeReasons"; const INDIRECT_CRL = "indirectCRL"; const ONLY_CONTAINS_ATTRIBUTE_CERTS = "onlyContainsAttributeCerts"; const CLEAR_PROPS$1i = [ DISTRIBUTION_POINT, DISTRIBUTION_POINT_NAMES, ONLY_CONTAINS_USER_CERTS, ONLY_CONTAINS_CA_CERTS, ONLY_SOME_REASON, INDIRECT_CRL, ONLY_CONTAINS_ATTRIBUTE_CERTS, ]; class IssuingDistributionPoint extends PkiObject { constructor(parameters = {}) { super(); if (DISTRIBUTION_POINT in parameters) { this.distributionPoint = pvutils__namespace.getParametersValue(parameters, DISTRIBUTION_POINT, IssuingDistributionPoint.defaultValues(DISTRIBUTION_POINT)); } this.onlyContainsUserCerts = pvutils__namespace.getParametersValue(parameters, ONLY_CONTAINS_USER_CERTS, IssuingDistributionPoint.defaultValues(ONLY_CONTAINS_USER_CERTS)); this.onlyContainsCACerts = pvutils__namespace.getParametersValue(parameters, ONLY_CONTAINS_CA_CERTS, IssuingDistributionPoint.defaultValues(ONLY_CONTAINS_CA_CERTS)); if (ONLY_SOME_REASON in parameters) { this.onlySomeReasons = pvutils__namespace.getParametersValue(parameters, ONLY_SOME_REASON, IssuingDistributionPoint.defaultValues(ONLY_SOME_REASON)); } this.indirectCRL = pvutils__namespace.getParametersValue(parameters, INDIRECT_CRL, IssuingDistributionPoint.defaultValues(INDIRECT_CRL)); this.onlyContainsAttributeCerts = pvutils__namespace.getParametersValue(parameters, ONLY_CONTAINS_ATTRIBUTE_CERTS, IssuingDistributionPoint.defaultValues(ONLY_CONTAINS_ATTRIBUTE_CERTS)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case DISTRIBUTION_POINT: return []; case ONLY_CONTAINS_USER_CERTS: return false; case ONLY_CONTAINS_CA_CERTS: return false; case ONLY_SOME_REASON: return 0; case INDIRECT_CRL: return false; case ONLY_CONTAINS_ATTRIBUTE_CERTS: return false; default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: [ new asn1js__namespace.Choice({ value: [ new asn1js__namespace.Constructed({ name: (names.distributionPoint || EMPTY_STRING), idBlock: { tagClass: 3, tagNumber: 0 }, value: [ new asn1js__namespace.Repeated({ name: (names.distributionPointNames || EMPTY_STRING), value: GeneralName.schema() }) ] }), new asn1js__namespace.Constructed({ name: (names.distributionPoint || EMPTY_STRING), idBlock: { tagClass: 3, tagNumber: 1 }, value: RelativeDistinguishedNames.schema().valueBlock.value }) ] }) ] }), new asn1js__namespace.Primitive({ name: (names.onlyContainsUserCerts || EMPTY_STRING), optional: true, idBlock: { tagClass: 3, tagNumber: 1 } }), new asn1js__namespace.Primitive({ name: (names.onlyContainsCACerts || EMPTY_STRING), optional: true, idBlock: { tagClass: 3, tagNumber: 2 } }), new asn1js__namespace.Primitive({ name: (names.onlySomeReasons || EMPTY_STRING), optional: true, idBlock: { tagClass: 3, tagNumber: 3 } }), new asn1js__namespace.Primitive({ name: (names.indirectCRL || EMPTY_STRING), optional: true, idBlock: { tagClass: 3, tagNumber: 4 } }), new asn1js__namespace.Primitive({ name: (names.onlyContainsAttributeCerts || EMPTY_STRING), optional: true, idBlock: { tagClass: 3, tagNumber: 5 } }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$1i); const asn1 = asn1js__namespace.compareSchema(schema, schema, IssuingDistributionPoint.schema({ names: { distributionPoint: DISTRIBUTION_POINT, distributionPointNames: DISTRIBUTION_POINT_NAMES, onlyContainsUserCerts: ONLY_CONTAINS_USER_CERTS, onlyContainsCACerts: ONLY_CONTAINS_CA_CERTS, onlySomeReasons: ONLY_SOME_REASON, indirectCRL: INDIRECT_CRL, onlyContainsAttributeCerts: ONLY_CONTAINS_ATTRIBUTE_CERTS } })); AsnError.assertSchema(asn1, this.className); if (DISTRIBUTION_POINT in asn1.result) { switch (true) { case (asn1.result.distributionPoint.idBlock.tagNumber === 0): this.distributionPoint = Array.from(asn1.result.distributionPointNames, element => new GeneralName({ schema: element })); break; case (asn1.result.distributionPoint.idBlock.tagNumber === 1): { this.distributionPoint = new RelativeDistinguishedNames({ schema: new asn1js__namespace.Sequence({ value: asn1.result.distributionPoint.valueBlock.value }) }); } break; default: throw new Error("Unknown tagNumber for distributionPoint: {$asn1.result.distributionPoint.idBlock.tagNumber}"); } } if (ONLY_CONTAINS_USER_CERTS in asn1.result) { const view = new Uint8Array(asn1.result.onlyContainsUserCerts.valueBlock.valueHex); this.onlyContainsUserCerts = (view[0] !== 0x00); } if (ONLY_CONTAINS_CA_CERTS in asn1.result) { const view = new Uint8Array(asn1.result.onlyContainsCACerts.valueBlock.valueHex); this.onlyContainsCACerts = (view[0] !== 0x00); } if (ONLY_SOME_REASON in asn1.result) { const view = new Uint8Array(asn1.result.onlySomeReasons.valueBlock.valueHex); this.onlySomeReasons = view[0]; } if (INDIRECT_CRL in asn1.result) { const view = new Uint8Array(asn1.result.indirectCRL.valueBlock.valueHex); this.indirectCRL = (view[0] !== 0x00); } if (ONLY_CONTAINS_ATTRIBUTE_CERTS in asn1.result) { const view = new Uint8Array(asn1.result.onlyContainsAttributeCerts.valueBlock.valueHex); this.onlyContainsAttributeCerts = (view[0] !== 0x00); } } toSchema() { const outputArray = []; if (this.distributionPoint) { let value; if (this.distributionPoint instanceof Array) { value = new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: Array.from(this.distributionPoint, o => o.toSchema()) }); } else { value = this.distributionPoint.toSchema(); value.idBlock.tagClass = 3; value.idBlock.tagNumber = 1; } outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: [value] })); } if (this.onlyContainsUserCerts !== IssuingDistributionPoint.defaultValues(ONLY_CONTAINS_USER_CERTS)) { outputArray.push(new asn1js__namespace.Primitive({ idBlock: { tagClass: 3, tagNumber: 1 }, valueHex: (new Uint8Array([0xFF])).buffer })); } if (this.onlyContainsCACerts !== IssuingDistributionPoint.defaultValues(ONLY_CONTAINS_CA_CERTS)) { outputArray.push(new asn1js__namespace.Primitive({ idBlock: { tagClass: 3, tagNumber: 2 }, valueHex: (new Uint8Array([0xFF])).buffer })); } if (this.onlySomeReasons !== undefined) { const buffer = new ArrayBuffer(1); const view = new Uint8Array(buffer); view[0] = this.onlySomeReasons; outputArray.push(new asn1js__namespace.Primitive({ idBlock: { tagClass: 3, tagNumber: 3 }, valueHex: buffer })); } if (this.indirectCRL !== IssuingDistributionPoint.defaultValues(INDIRECT_CRL)) { outputArray.push(new asn1js__namespace.Primitive({ idBlock: { tagClass: 3, tagNumber: 4 }, valueHex: (new Uint8Array([0xFF])).buffer })); } if (this.onlyContainsAttributeCerts !== IssuingDistributionPoint.defaultValues(ONLY_CONTAINS_ATTRIBUTE_CERTS)) { outputArray.push(new asn1js__namespace.Primitive({ idBlock: { tagClass: 3, tagNumber: 5 }, valueHex: (new Uint8Array([0xFF])).buffer })); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const obj = {}; if (this.distributionPoint) { if (this.distributionPoint instanceof Array) { obj.distributionPoint = Array.from(this.distributionPoint, o => o.toJSON()); } else { obj.distributionPoint = this.distributionPoint.toJSON(); } } if (this.onlyContainsUserCerts !== IssuingDistributionPoint.defaultValues(ONLY_CONTAINS_USER_CERTS)) { obj.onlyContainsUserCerts = this.onlyContainsUserCerts; } if (this.onlyContainsCACerts !== IssuingDistributionPoint.defaultValues(ONLY_CONTAINS_CA_CERTS)) { obj.onlyContainsCACerts = this.onlyContainsCACerts; } if (ONLY_SOME_REASON in this) { obj.onlySomeReasons = this.onlySomeReasons; } if (this.indirectCRL !== IssuingDistributionPoint.defaultValues(INDIRECT_CRL)) { obj.indirectCRL = this.indirectCRL; } if (this.onlyContainsAttributeCerts !== IssuingDistributionPoint.defaultValues(ONLY_CONTAINS_ATTRIBUTE_CERTS)) { obj.onlyContainsAttributeCerts = this.onlyContainsAttributeCerts; } return obj; } } IssuingDistributionPoint.CLASS_NAME = "IssuingDistributionPoint"; const BASE = "base"; const MINIMUM = "minimum"; const MAXIMUM = "maximum"; const CLEAR_PROPS$1h = [ BASE, MINIMUM, MAXIMUM ]; class GeneralSubtree extends PkiObject { constructor(parameters = {}) { super(); this.base = pvutils__namespace.getParametersValue(parameters, BASE, GeneralSubtree.defaultValues(BASE)); this.minimum = pvutils__namespace.getParametersValue(parameters, MINIMUM, GeneralSubtree.defaultValues(MINIMUM)); if (MAXIMUM in parameters) { this.maximum = pvutils__namespace.getParametersValue(parameters, MAXIMUM, GeneralSubtree.defaultValues(MAXIMUM)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case BASE: return new GeneralName(); case MINIMUM: return 0; case MAXIMUM: return 0; default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ GeneralName.schema(names.base || {}), new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: [new asn1js__namespace.Integer({ name: (names.minimum || EMPTY_STRING) })] }), new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 1 }, value: [new asn1js__namespace.Integer({ name: (names.maximum || EMPTY_STRING) })] }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$1h); const asn1 = asn1js__namespace.compareSchema(schema, schema, GeneralSubtree.schema({ names: { base: { names: { blockName: BASE } }, minimum: MINIMUM, maximum: MAXIMUM } })); AsnError.assertSchema(asn1, this.className); this.base = new GeneralName({ schema: asn1.result.base }); if (MINIMUM in asn1.result) { if (asn1.result.minimum.valueBlock.isHexOnly) this.minimum = asn1.result.minimum; else this.minimum = asn1.result.minimum.valueBlock.valueDec; } if (MAXIMUM in asn1.result) { if (asn1.result.maximum.valueBlock.isHexOnly) this.maximum = asn1.result.maximum; else this.maximum = asn1.result.maximum.valueBlock.valueDec; } } toSchema() { const outputArray = []; outputArray.push(this.base.toSchema()); if (this.minimum !== 0) { let valueMinimum = 0; if (this.minimum instanceof asn1js__namespace.Integer) { valueMinimum = this.minimum; } else { valueMinimum = new asn1js__namespace.Integer({ value: this.minimum }); } outputArray.push(new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: [valueMinimum] })); } if (MAXIMUM in this) { let valueMaximum = 0; if (this.maximum instanceof asn1js__namespace.Integer) { valueMaximum = this.maximum; } else { valueMaximum = new asn1js__namespace.Integer({ value: this.maximum }); } outputArray.push(new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 1 }, value: [valueMaximum] })); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const res = { base: this.base.toJSON() }; if (this.minimum !== 0) { if (typeof this.minimum === "number") { res.minimum = this.minimum; } else { res.minimum = this.minimum.toJSON(); } } if (this.maximum !== undefined) { if (typeof this.maximum === "number") { res.maximum = this.maximum; } else { res.maximum = this.maximum.toJSON(); } } return res; } } GeneralSubtree.CLASS_NAME = "GeneralSubtree"; const PERMITTED_SUBTREES = "permittedSubtrees"; const EXCLUDED_SUBTREES = "excludedSubtrees"; const CLEAR_PROPS$1g = [ PERMITTED_SUBTREES, EXCLUDED_SUBTREES ]; class NameConstraints extends PkiObject { constructor(parameters = {}) { super(); if (PERMITTED_SUBTREES in parameters) { this.permittedSubtrees = pvutils__namespace.getParametersValue(parameters, PERMITTED_SUBTREES, NameConstraints.defaultValues(PERMITTED_SUBTREES)); } if (EXCLUDED_SUBTREES in parameters) { this.excludedSubtrees = pvutils__namespace.getParametersValue(parameters, EXCLUDED_SUBTREES, NameConstraints.defaultValues(EXCLUDED_SUBTREES)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case PERMITTED_SUBTREES: case EXCLUDED_SUBTREES: return []; default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: [ new asn1js__namespace.Repeated({ name: (names.permittedSubtrees || EMPTY_STRING), value: GeneralSubtree.schema() }) ] }), new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 1 }, value: [ new asn1js__namespace.Repeated({ name: (names.excludedSubtrees || EMPTY_STRING), value: GeneralSubtree.schema() }) ] }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$1g); const asn1 = asn1js__namespace.compareSchema(schema, schema, NameConstraints.schema({ names: { permittedSubtrees: PERMITTED_SUBTREES, excludedSubtrees: EXCLUDED_SUBTREES } })); AsnError.assertSchema(asn1, this.className); if (PERMITTED_SUBTREES in asn1.result) this.permittedSubtrees = Array.from(asn1.result.permittedSubtrees, element => new GeneralSubtree({ schema: element })); if (EXCLUDED_SUBTREES in asn1.result) this.excludedSubtrees = Array.from(asn1.result.excludedSubtrees, element => new GeneralSubtree({ schema: element })); } toSchema() { const outputArray = []; if (this.permittedSubtrees) { outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: Array.from(this.permittedSubtrees, o => o.toSchema()) })); } if (this.excludedSubtrees) { outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 1 }, value: Array.from(this.excludedSubtrees, o => o.toSchema()) })); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const object = {}; if (this.permittedSubtrees) { object.permittedSubtrees = Array.from(this.permittedSubtrees, o => o.toJSON()); } if (this.excludedSubtrees) { object.excludedSubtrees = Array.from(this.excludedSubtrees, o => o.toJSON()); } return object; } } NameConstraints.CLASS_NAME = "NameConstraints"; const REQUIRE_EXPLICIT_POLICY = "requireExplicitPolicy"; const INHIBIT_POLICY_MAPPING = "inhibitPolicyMapping"; const CLEAR_PROPS$1f = [ REQUIRE_EXPLICIT_POLICY, INHIBIT_POLICY_MAPPING, ]; class PolicyConstraints extends PkiObject { constructor(parameters = {}) { super(); if (REQUIRE_EXPLICIT_POLICY in parameters) { this.requireExplicitPolicy = pvutils__namespace.getParametersValue(parameters, REQUIRE_EXPLICIT_POLICY, PolicyConstraints.defaultValues(REQUIRE_EXPLICIT_POLICY)); } if (INHIBIT_POLICY_MAPPING in parameters) { this.inhibitPolicyMapping = pvutils__namespace.getParametersValue(parameters, INHIBIT_POLICY_MAPPING, PolicyConstraints.defaultValues(INHIBIT_POLICY_MAPPING)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case REQUIRE_EXPLICIT_POLICY: return 0; case INHIBIT_POLICY_MAPPING: return 0; default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Primitive({ name: (names.requireExplicitPolicy || EMPTY_STRING), optional: true, idBlock: { tagClass: 3, tagNumber: 0 } }), new asn1js__namespace.Primitive({ name: (names.inhibitPolicyMapping || EMPTY_STRING), optional: true, idBlock: { tagClass: 3, tagNumber: 1 } }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$1f); const asn1 = asn1js__namespace.compareSchema(schema, schema, PolicyConstraints.schema({ names: { requireExplicitPolicy: REQUIRE_EXPLICIT_POLICY, inhibitPolicyMapping: INHIBIT_POLICY_MAPPING } })); AsnError.assertSchema(asn1, this.className); if (REQUIRE_EXPLICIT_POLICY in asn1.result) { const field1 = asn1.result.requireExplicitPolicy; field1.idBlock.tagClass = 1; field1.idBlock.tagNumber = 2; const ber1 = field1.toBER(false); const int1 = asn1js__namespace.fromBER(ber1); AsnError.assert(int1, "Integer"); this.requireExplicitPolicy = int1.result.valueBlock.valueDec; } if (INHIBIT_POLICY_MAPPING in asn1.result) { const field2 = asn1.result.inhibitPolicyMapping; field2.idBlock.tagClass = 1; field2.idBlock.tagNumber = 2; const ber2 = field2.toBER(false); const int2 = asn1js__namespace.fromBER(ber2); AsnError.assert(int2, "Integer"); this.inhibitPolicyMapping = int2.result.valueBlock.valueDec; } } toSchema() { const outputArray = []; if (REQUIRE_EXPLICIT_POLICY in this) { const int1 = new asn1js__namespace.Integer({ value: this.requireExplicitPolicy }); int1.idBlock.tagClass = 3; int1.idBlock.tagNumber = 0; outputArray.push(int1); } if (INHIBIT_POLICY_MAPPING in this) { const int2 = new asn1js__namespace.Integer({ value: this.inhibitPolicyMapping }); int2.idBlock.tagClass = 3; int2.idBlock.tagNumber = 1; outputArray.push(int2); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const res = {}; if (REQUIRE_EXPLICIT_POLICY in this) { res.requireExplicitPolicy = this.requireExplicitPolicy; } if (INHIBIT_POLICY_MAPPING in this) { res.inhibitPolicyMapping = this.inhibitPolicyMapping; } return res; } } PolicyConstraints.CLASS_NAME = "PolicyConstraints"; const ISSUER_DOMAIN_POLICY = "issuerDomainPolicy"; const SUBJECT_DOMAIN_POLICY = "subjectDomainPolicy"; const CLEAR_PROPS$1e = [ ISSUER_DOMAIN_POLICY, SUBJECT_DOMAIN_POLICY ]; class PolicyMapping extends PkiObject { constructor(parameters = {}) { super(); this.issuerDomainPolicy = pvutils__namespace.getParametersValue(parameters, ISSUER_DOMAIN_POLICY, PolicyMapping.defaultValues(ISSUER_DOMAIN_POLICY)); this.subjectDomainPolicy = pvutils__namespace.getParametersValue(parameters, SUBJECT_DOMAIN_POLICY, PolicyMapping.defaultValues(SUBJECT_DOMAIN_POLICY)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case ISSUER_DOMAIN_POLICY: return EMPTY_STRING; case SUBJECT_DOMAIN_POLICY: return EMPTY_STRING; default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.ObjectIdentifier({ name: (names.issuerDomainPolicy || EMPTY_STRING) }), new asn1js__namespace.ObjectIdentifier({ name: (names.subjectDomainPolicy || EMPTY_STRING) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$1e); const asn1 = asn1js__namespace.compareSchema(schema, schema, PolicyMapping.schema({ names: { issuerDomainPolicy: ISSUER_DOMAIN_POLICY, subjectDomainPolicy: SUBJECT_DOMAIN_POLICY } })); AsnError.assertSchema(asn1, this.className); this.issuerDomainPolicy = asn1.result.issuerDomainPolicy.valueBlock.toString(); this.subjectDomainPolicy = asn1.result.subjectDomainPolicy.valueBlock.toString(); } toSchema() { return (new asn1js__namespace.Sequence({ value: [ new asn1js__namespace.ObjectIdentifier({ value: this.issuerDomainPolicy }), new asn1js__namespace.ObjectIdentifier({ value: this.subjectDomainPolicy }) ] })); } toJSON() { return { issuerDomainPolicy: this.issuerDomainPolicy, subjectDomainPolicy: this.subjectDomainPolicy }; } } PolicyMapping.CLASS_NAME = "PolicyMapping"; const MAPPINGS = "mappings"; const CLEAR_PROPS$1d = [ MAPPINGS, ]; class PolicyMappings extends PkiObject { constructor(parameters = {}) { super(); this.mappings = pvutils__namespace.getParametersValue(parameters, MAPPINGS, PolicyMappings.defaultValues(MAPPINGS)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case MAPPINGS: return []; default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Repeated({ name: (names.mappings || EMPTY_STRING), value: PolicyMapping.schema() }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$1d); const asn1 = asn1js__namespace.compareSchema(schema, schema, PolicyMappings.schema({ names: { mappings: MAPPINGS } })); AsnError.assertSchema(asn1, this.className); this.mappings = Array.from(asn1.result.mappings, element => new PolicyMapping({ schema: element })); } toSchema() { return (new asn1js__namespace.Sequence({ value: Array.from(this.mappings, o => o.toSchema()) })); } toJSON() { return { mappings: Array.from(this.mappings, o => o.toJSON()) }; } } PolicyMappings.CLASS_NAME = "PolicyMappings"; const NOT_BEFORE$1 = "notBefore"; const NOT_AFTER$1 = "notAfter"; const CLEAR_PROPS$1c = [ NOT_BEFORE$1, NOT_AFTER$1 ]; class PrivateKeyUsagePeriod extends PkiObject { constructor(parameters = {}) { super(); if (NOT_BEFORE$1 in parameters) { this.notBefore = pvutils__namespace.getParametersValue(parameters, NOT_BEFORE$1, PrivateKeyUsagePeriod.defaultValues(NOT_BEFORE$1)); } if (NOT_AFTER$1 in parameters) { this.notAfter = pvutils__namespace.getParametersValue(parameters, NOT_AFTER$1, PrivateKeyUsagePeriod.defaultValues(NOT_AFTER$1)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case NOT_BEFORE$1: return new Date(); case NOT_AFTER$1: return new Date(); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Primitive({ name: (names.notBefore || EMPTY_STRING), optional: true, idBlock: { tagClass: 3, tagNumber: 0 } }), new asn1js__namespace.Primitive({ name: (names.notAfter || EMPTY_STRING), optional: true, idBlock: { tagClass: 3, tagNumber: 1 } }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$1c); const asn1 = asn1js__namespace.compareSchema(schema, schema, PrivateKeyUsagePeriod.schema({ names: { notBefore: NOT_BEFORE$1, notAfter: NOT_AFTER$1 } })); AsnError.assertSchema(asn1, this.className); if (NOT_BEFORE$1 in asn1.result) { const localNotBefore = new asn1js__namespace.GeneralizedTime(); localNotBefore.fromBuffer(asn1.result.notBefore.valueBlock.valueHex); this.notBefore = localNotBefore.toDate(); } if (NOT_AFTER$1 in asn1.result) { const localNotAfter = new asn1js__namespace.GeneralizedTime({ valueHex: asn1.result.notAfter.valueBlock.valueHex }); localNotAfter.fromBuffer(asn1.result.notAfter.valueBlock.valueHex); this.notAfter = localNotAfter.toDate(); } } toSchema() { const outputArray = []; if (NOT_BEFORE$1 in this) { outputArray.push(new asn1js__namespace.Primitive({ idBlock: { tagClass: 3, tagNumber: 0 }, valueHex: (new asn1js__namespace.GeneralizedTime({ valueDate: this.notBefore })).valueBlock.valueHexView })); } if (NOT_AFTER$1 in this) { outputArray.push(new asn1js__namespace.Primitive({ idBlock: { tagClass: 3, tagNumber: 1 }, valueHex: (new asn1js__namespace.GeneralizedTime({ valueDate: this.notAfter })).valueBlock.valueHexView })); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const res = {}; if (this.notBefore) { res.notBefore = this.notBefore; } if (this.notAfter) { res.notAfter = this.notAfter; } return res; } } PrivateKeyUsagePeriod.CLASS_NAME = "PrivateKeyUsagePeriod"; const ID = "id"; const TYPE$2 = "type"; const VALUES = "values"; const QC_STATEMENT_CLEAR_PROPS = [ ID, TYPE$2 ]; const QC_STATEMENTS_CLEAR_PROPS = [ VALUES ]; class QCStatement extends PkiObject { constructor(parameters = {}) { super(); this.id = pvutils__namespace.getParametersValue(parameters, ID, QCStatement.defaultValues(ID)); if (TYPE$2 in parameters) { this.type = pvutils__namespace.getParametersValue(parameters, TYPE$2, QCStatement.defaultValues(TYPE$2)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case ID: return EMPTY_STRING; case TYPE$2: return new asn1js__namespace.Null(); default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case ID: return (memberValue === EMPTY_STRING); case TYPE$2: return (memberValue instanceof asn1js__namespace.Null); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.ObjectIdentifier({ name: (names.id || EMPTY_STRING) }), new asn1js__namespace.Any({ name: (names.type || EMPTY_STRING), optional: true }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, QC_STATEMENT_CLEAR_PROPS); const asn1 = asn1js__namespace.compareSchema(schema, schema, QCStatement.schema({ names: { id: ID, type: TYPE$2 } })); AsnError.assertSchema(asn1, this.className); this.id = asn1.result.id.valueBlock.toString(); if (TYPE$2 in asn1.result) this.type = asn1.result.type; } toSchema() { const value = [ new asn1js__namespace.ObjectIdentifier({ value: this.id }) ]; if (TYPE$2 in this) value.push(this.type); return (new asn1js__namespace.Sequence({ value, })); } toJSON() { const object = { id: this.id }; if (this.type) { object.type = this.type.toJSON(); } return object; } } QCStatement.CLASS_NAME = "QCStatement"; class QCStatements extends PkiObject { constructor(parameters = {}) { super(); this.values = pvutils__namespace.getParametersValue(parameters, VALUES, QCStatements.defaultValues(VALUES)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case VALUES: return []; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case VALUES: return (memberValue.length === 0); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Repeated({ name: (names.values || EMPTY_STRING), value: QCStatement.schema(names.value || {}) }), ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, QC_STATEMENTS_CLEAR_PROPS); const asn1 = asn1js__namespace.compareSchema(schema, schema, QCStatements.schema({ names: { values: VALUES } })); AsnError.assertSchema(asn1, this.className); this.values = Array.from(asn1.result.values, element => new QCStatement({ schema: element })); } toSchema() { return (new asn1js__namespace.Sequence({ value: Array.from(this.values, o => o.toSchema()) })); } toJSON() { return { values: Array.from(this.values, o => o.toJSON()) }; } } QCStatements.CLASS_NAME = "QCStatements"; var _a; class ECNamedCurves { static register(name, id, size) { this.namedCurves[name.toLowerCase()] = this.namedCurves[id] = { name, id, size }; } static find(nameOrId) { return this.namedCurves[nameOrId.toLowerCase()] || null; } } _a = ECNamedCurves; ECNamedCurves.namedCurves = {}; (() => { _a.register("P-256", "1.2.840.10045.3.1.7", 32); _a.register("P-384", "1.3.132.0.34", 48); _a.register("P-521", "1.3.132.0.35", 66); _a.register("brainpoolP256r1", "1.3.36.3.3.2.8.1.1.7", 32); _a.register("brainpoolP384r1", "1.3.36.3.3.2.8.1.1.11", 48); _a.register("brainpoolP512r1", "1.3.36.3.3.2.8.1.1.13", 64); })(); const X = "x"; const Y = "y"; const NAMED_CURVE$1 = "namedCurve"; class ECPublicKey extends PkiObject { constructor(parameters = {}) { super(); this.x = pvutils__namespace.getParametersValue(parameters, X, ECPublicKey.defaultValues(X)); this.y = pvutils__namespace.getParametersValue(parameters, Y, ECPublicKey.defaultValues(Y)); this.namedCurve = pvutils__namespace.getParametersValue(parameters, NAMED_CURVE$1, ECPublicKey.defaultValues(NAMED_CURVE$1)); if (parameters.json) { this.fromJSON(parameters.json); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case X: case Y: return EMPTY_BUFFER; case NAMED_CURVE$1: return EMPTY_STRING; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case X: case Y: return memberValue instanceof ArrayBuffer && (pvutils__namespace.isEqualBuffer(memberValue, ECPublicKey.defaultValues(memberName))); case NAMED_CURVE$1: return typeof memberValue === "string" && memberValue === ECPublicKey.defaultValues(memberName); default: return super.defaultValues(memberName); } } static schema() { return new asn1js__namespace.RawData(); } fromSchema(schema1) { const view = pvtsutils.BufferSourceConverter.toUint8Array(schema1); if (view[0] !== 0x04) { throw new Error("Object's schema was not verified against input data for ECPublicKey"); } const namedCurve = ECNamedCurves.find(this.namedCurve); if (!namedCurve) { throw new Error(`Incorrect curve OID: ${this.namedCurve}`); } const coordinateLength = namedCurve.size; if (view.byteLength !== (coordinateLength * 2 + 1)) { throw new Error("Object's schema was not verified against input data for ECPublicKey"); } this.namedCurve = namedCurve.name; this.x = view.slice(1, coordinateLength + 1).buffer; this.y = view.slice(1 + coordinateLength, coordinateLength * 2 + 1).buffer; } toSchema() { return new asn1js__namespace.RawData({ data: pvutils__namespace.utilConcatBuf((new Uint8Array([0x04])).buffer, this.x, this.y) }); } toJSON() { const namedCurve = ECNamedCurves.find(this.namedCurve); return { crv: namedCurve ? namedCurve.name : this.namedCurve, x: pvutils__namespace.toBase64(pvutils__namespace.arrayBufferToString(this.x), true, true, false), y: pvutils__namespace.toBase64(pvutils__namespace.arrayBufferToString(this.y), true, true, false) }; } fromJSON(json) { ParameterError.assert("json", json, "crv", "x", "y"); let coordinateLength = 0; const namedCurve = ECNamedCurves.find(json.crv); if (namedCurve) { this.namedCurve = namedCurve.id; coordinateLength = namedCurve.size; } const xConvertBuffer = pvutils__namespace.stringToArrayBuffer(pvutils__namespace.fromBase64(json.x, true)); if (xConvertBuffer.byteLength < coordinateLength) { this.x = new ArrayBuffer(coordinateLength); const view = new Uint8Array(this.x); const convertBufferView = new Uint8Array(xConvertBuffer); view.set(convertBufferView, 1); } else { this.x = xConvertBuffer.slice(0, coordinateLength); } const yConvertBuffer = pvutils__namespace.stringToArrayBuffer(pvutils__namespace.fromBase64(json.y, true)); if (yConvertBuffer.byteLength < coordinateLength) { this.y = new ArrayBuffer(coordinateLength); const view = new Uint8Array(this.y); const convertBufferView = new Uint8Array(yConvertBuffer); view.set(convertBufferView, 1); } else { this.y = yConvertBuffer.slice(0, coordinateLength); } } } ECPublicKey.CLASS_NAME = "ECPublicKey"; const MODULUS$1 = "modulus"; const PUBLIC_EXPONENT$1 = "publicExponent"; const CLEAR_PROPS$1b = [MODULUS$1, PUBLIC_EXPONENT$1]; class RSAPublicKey extends PkiObject { constructor(parameters = {}) { super(); this.modulus = pvutils__namespace.getParametersValue(parameters, MODULUS$1, RSAPublicKey.defaultValues(MODULUS$1)); this.publicExponent = pvutils__namespace.getParametersValue(parameters, PUBLIC_EXPONENT$1, RSAPublicKey.defaultValues(PUBLIC_EXPONENT$1)); if (parameters.json) { this.fromJSON(parameters.json); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case MODULUS$1: return new asn1js__namespace.Integer(); case PUBLIC_EXPONENT$1: return new asn1js__namespace.Integer(); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Integer({ name: (names.modulus || EMPTY_STRING) }), new asn1js__namespace.Integer({ name: (names.publicExponent || EMPTY_STRING) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$1b); const asn1 = asn1js__namespace.compareSchema(schema, schema, RSAPublicKey.schema({ names: { modulus: MODULUS$1, publicExponent: PUBLIC_EXPONENT$1 } })); AsnError.assertSchema(asn1, this.className); this.modulus = asn1.result.modulus.convertFromDER(256); this.publicExponent = asn1.result.publicExponent; } toSchema() { return (new asn1js__namespace.Sequence({ value: [ this.modulus.convertToDER(), this.publicExponent ] })); } toJSON() { return { n: pvtsutils__namespace.Convert.ToBase64Url(this.modulus.valueBlock.valueHexView), e: pvtsutils__namespace.Convert.ToBase64Url(this.publicExponent.valueBlock.valueHexView), }; } fromJSON(json) { ParameterError.assert("json", json, "n", "e"); const array = pvutils__namespace.stringToArrayBuffer(pvutils__namespace.fromBase64(json.n, true)); this.modulus = new asn1js__namespace.Integer({ valueHex: array.slice(0, Math.pow(2, pvutils__namespace.nearestPowerOf2(array.byteLength))) }); this.publicExponent = new asn1js__namespace.Integer({ valueHex: pvutils__namespace.stringToArrayBuffer(pvutils__namespace.fromBase64(json.e, true)).slice(0, 3) }); } } RSAPublicKey.CLASS_NAME = "RSAPublicKey"; const ALGORITHM$1 = "algorithm"; const SUBJECT_PUBLIC_KEY = "subjectPublicKey"; const CLEAR_PROPS$1a = [ALGORITHM$1, SUBJECT_PUBLIC_KEY]; class PublicKeyInfo extends PkiObject { get parsedKey() { if (this._parsedKey === undefined) { switch (this.algorithm.algorithmId) { case "1.2.840.10045.2.1": if ("algorithmParams" in this.algorithm) { if (this.algorithm.algorithmParams.constructor.blockName() === asn1js__namespace.ObjectIdentifier.blockName()) { try { this._parsedKey = new ECPublicKey({ namedCurve: this.algorithm.algorithmParams.valueBlock.toString(), schema: this.subjectPublicKey.valueBlock.valueHexView }); } catch { } } } break; case "1.2.840.113549.1.1.1": { const publicKeyASN1 = asn1js__namespace.fromBER(this.subjectPublicKey.valueBlock.valueHexView); if (publicKeyASN1.offset !== -1) { try { this._parsedKey = new RSAPublicKey({ schema: publicKeyASN1.result }); } catch { } } } break; } this._parsedKey || (this._parsedKey = null); } return this._parsedKey || undefined; } set parsedKey(value) { this._parsedKey = value; } constructor(parameters = {}) { super(); this.algorithm = pvutils__namespace.getParametersValue(parameters, ALGORITHM$1, PublicKeyInfo.defaultValues(ALGORITHM$1)); this.subjectPublicKey = pvutils__namespace.getParametersValue(parameters, SUBJECT_PUBLIC_KEY, PublicKeyInfo.defaultValues(SUBJECT_PUBLIC_KEY)); const parsedKey = pvutils__namespace.getParametersValue(parameters, "parsedKey", null); if (parsedKey) { this.parsedKey = parsedKey; } if (parameters.json) { this.fromJSON(parameters.json); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case ALGORITHM$1: return new AlgorithmIdentifier(); case SUBJECT_PUBLIC_KEY: return new asn1js__namespace.BitString(); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ AlgorithmIdentifier.schema(names.algorithm || {}), new asn1js__namespace.BitString({ name: (names.subjectPublicKey || EMPTY_STRING) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$1a); const asn1 = asn1js__namespace.compareSchema(schema, schema, PublicKeyInfo.schema({ names: { algorithm: { names: { blockName: ALGORITHM$1 } }, subjectPublicKey: SUBJECT_PUBLIC_KEY } })); AsnError.assertSchema(asn1, this.className); this.algorithm = new AlgorithmIdentifier({ schema: asn1.result.algorithm }); this.subjectPublicKey = asn1.result.subjectPublicKey; } toSchema() { return (new asn1js__namespace.Sequence({ value: [ this.algorithm.toSchema(), this.subjectPublicKey ] })); } toJSON() { if (!this.parsedKey) { return { algorithm: this.algorithm.toJSON(), subjectPublicKey: this.subjectPublicKey.toJSON(), }; } const jwk = {}; switch (this.algorithm.algorithmId) { case "1.2.840.10045.2.1": jwk.kty = "EC"; break; case "1.2.840.113549.1.1.1": jwk.kty = "RSA"; break; } const publicKeyJWK = this.parsedKey.toJSON(); Object.assign(jwk, publicKeyJWK); return jwk; } fromJSON(json) { if ("kty" in json) { switch (json.kty.toUpperCase()) { case "EC": this.parsedKey = new ECPublicKey({ json }); this.algorithm = new AlgorithmIdentifier({ algorithmId: "1.2.840.10045.2.1", algorithmParams: new asn1js__namespace.ObjectIdentifier({ value: this.parsedKey.namedCurve }) }); break; case "RSA": this.parsedKey = new RSAPublicKey({ json }); this.algorithm = new AlgorithmIdentifier({ algorithmId: "1.2.840.113549.1.1.1", algorithmParams: new asn1js__namespace.Null() }); break; default: throw new Error(`Invalid value for "kty" parameter: ${json.kty}`); } this.subjectPublicKey = new asn1js__namespace.BitString({ valueHex: this.parsedKey.toSchema().toBER(false) }); } } async importKey(publicKey, crypto = getCrypto(true)) { try { if (!publicKey) { throw new Error("Need to provide publicKey input parameter"); } const exportedKey = await crypto.exportKey("spki", publicKey); const asn1 = asn1js__namespace.fromBER(exportedKey); try { this.fromSchema(asn1.result); } catch { throw new Error("Error during initializing object from schema"); } } catch (e) { const message = e instanceof Error ? e.message : `${e}`; throw new Error(`Error during exporting public key: ${message}`); } } } PublicKeyInfo.CLASS_NAME = "PublicKeyInfo"; const VERSION$l = "version"; const PRIVATE_KEY$1 = "privateKey"; const NAMED_CURVE = "namedCurve"; const PUBLIC_KEY$1 = "publicKey"; const CLEAR_PROPS$19 = [ VERSION$l, PRIVATE_KEY$1, NAMED_CURVE, PUBLIC_KEY$1 ]; class ECPrivateKey extends PkiObject { constructor(parameters = {}) { super(); this.version = pvutils__namespace.getParametersValue(parameters, VERSION$l, ECPrivateKey.defaultValues(VERSION$l)); this.privateKey = pvutils__namespace.getParametersValue(parameters, PRIVATE_KEY$1, ECPrivateKey.defaultValues(PRIVATE_KEY$1)); if (NAMED_CURVE in parameters) { this.namedCurve = pvutils__namespace.getParametersValue(parameters, NAMED_CURVE, ECPrivateKey.defaultValues(NAMED_CURVE)); } if (PUBLIC_KEY$1 in parameters) { this.publicKey = pvutils__namespace.getParametersValue(parameters, PUBLIC_KEY$1, ECPrivateKey.defaultValues(PUBLIC_KEY$1)); } if (parameters.json) { this.fromJSON(parameters.json); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case VERSION$l: return 1; case PRIVATE_KEY$1: return new asn1js__namespace.OctetString(); case NAMED_CURVE: return EMPTY_STRING; case PUBLIC_KEY$1: return new ECPublicKey(); default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case VERSION$l: return (memberValue === ECPrivateKey.defaultValues(memberName)); case PRIVATE_KEY$1: return (memberValue.isEqual(ECPrivateKey.defaultValues(memberName))); case NAMED_CURVE: return (memberValue === EMPTY_STRING); case PUBLIC_KEY$1: return ((ECPublicKey.compareWithDefault(NAMED_CURVE, memberValue.namedCurve)) && (ECPublicKey.compareWithDefault("x", memberValue.x)) && (ECPublicKey.compareWithDefault("y", memberValue.y))); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Integer({ name: (names.version || EMPTY_STRING) }), new asn1js__namespace.OctetString({ name: (names.privateKey || EMPTY_STRING) }), new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: [ new asn1js__namespace.ObjectIdentifier({ name: (names.namedCurve || EMPTY_STRING) }) ] }), new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 1 }, value: [ new asn1js__namespace.BitString({ name: (names.publicKey || EMPTY_STRING) }) ] }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$19); const asn1 = asn1js__namespace.compareSchema(schema, schema, ECPrivateKey.schema({ names: { version: VERSION$l, privateKey: PRIVATE_KEY$1, namedCurve: NAMED_CURVE, publicKey: PUBLIC_KEY$1 } })); AsnError.assertSchema(asn1, this.className); this.version = asn1.result.version.valueBlock.valueDec; this.privateKey = asn1.result.privateKey; if (NAMED_CURVE in asn1.result) { this.namedCurve = asn1.result.namedCurve.valueBlock.toString(); } if (PUBLIC_KEY$1 in asn1.result) { const publicKeyData = { schema: asn1.result.publicKey.valueBlock.valueHex }; if (NAMED_CURVE in this) { publicKeyData.namedCurve = this.namedCurve; } this.publicKey = new ECPublicKey(publicKeyData); } } toSchema() { const outputArray = [ new asn1js__namespace.Integer({ value: this.version }), this.privateKey ]; if (this.namedCurve) { outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: [ new asn1js__namespace.ObjectIdentifier({ value: this.namedCurve }) ] })); } if (this.publicKey) { outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 1 }, value: [ new asn1js__namespace.BitString({ valueHex: this.publicKey.toSchema().toBER(false) }) ] })); } return new asn1js__namespace.Sequence({ value: outputArray }); } toJSON() { if (!this.namedCurve || ECPrivateKey.compareWithDefault(NAMED_CURVE, this.namedCurve)) { throw new Error("Not enough information for making JSON: absent \"namedCurve\" value"); } const curve = ECNamedCurves.find(this.namedCurve); const privateKeyJSON = { crv: curve ? curve.name : this.namedCurve, d: pvtsutils__namespace.Convert.ToBase64Url(this.privateKey.valueBlock.valueHexView), }; if (this.publicKey) { const publicKeyJSON = this.publicKey.toJSON(); privateKeyJSON.x = publicKeyJSON.x; privateKeyJSON.y = publicKeyJSON.y; } return privateKeyJSON; } fromJSON(json) { ParameterError.assert("json", json, "crv", "d"); let coordinateLength = 0; const curve = ECNamedCurves.find(json.crv); if (curve) { this.namedCurve = curve.id; coordinateLength = curve.size; } const convertBuffer = pvtsutils__namespace.Convert.FromBase64Url(json.d); if (convertBuffer.byteLength < coordinateLength) { const buffer = new ArrayBuffer(coordinateLength); const view = new Uint8Array(buffer); const convertBufferView = new Uint8Array(convertBuffer); view.set(convertBufferView, 1); this.privateKey = new asn1js__namespace.OctetString({ valueHex: buffer }); } else { this.privateKey = new asn1js__namespace.OctetString({ valueHex: convertBuffer.slice(0, coordinateLength) }); } if (json.x && json.y) { this.publicKey = new ECPublicKey({ json }); } } } ECPrivateKey.CLASS_NAME = "ECPrivateKey"; const PRIME = "prime"; const EXPONENT = "exponent"; const COEFFICIENT$1 = "coefficient"; const CLEAR_PROPS$18 = [ PRIME, EXPONENT, COEFFICIENT$1, ]; class OtherPrimeInfo extends PkiObject { constructor(parameters = {}) { super(); this.prime = pvutils__namespace.getParametersValue(parameters, PRIME, OtherPrimeInfo.defaultValues(PRIME)); this.exponent = pvutils__namespace.getParametersValue(parameters, EXPONENT, OtherPrimeInfo.defaultValues(EXPONENT)); this.coefficient = pvutils__namespace.getParametersValue(parameters, COEFFICIENT$1, OtherPrimeInfo.defaultValues(COEFFICIENT$1)); if (parameters.json) { this.fromJSON(parameters.json); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case PRIME: return new asn1js__namespace.Integer(); case EXPONENT: return new asn1js__namespace.Integer(); case COEFFICIENT$1: return new asn1js__namespace.Integer(); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Integer({ name: (names.prime || EMPTY_STRING) }), new asn1js__namespace.Integer({ name: (names.exponent || EMPTY_STRING) }), new asn1js__namespace.Integer({ name: (names.coefficient || EMPTY_STRING) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$18); const asn1 = asn1js__namespace.compareSchema(schema, schema, OtherPrimeInfo.schema({ names: { prime: PRIME, exponent: EXPONENT, coefficient: COEFFICIENT$1 } })); AsnError.assertSchema(asn1, this.className); this.prime = asn1.result.prime.convertFromDER(); this.exponent = asn1.result.exponent.convertFromDER(); this.coefficient = asn1.result.coefficient.convertFromDER(); } toSchema() { return (new asn1js__namespace.Sequence({ value: [ this.prime.convertToDER(), this.exponent.convertToDER(), this.coefficient.convertToDER() ] })); } toJSON() { return { r: pvtsutils__namespace.Convert.ToBase64Url(this.prime.valueBlock.valueHexView), d: pvtsutils__namespace.Convert.ToBase64Url(this.exponent.valueBlock.valueHexView), t: pvtsutils__namespace.Convert.ToBase64Url(this.coefficient.valueBlock.valueHexView), }; } fromJSON(json) { ParameterError.assert("json", json, "r", "d", "r"); this.prime = new asn1js__namespace.Integer({ valueHex: pvtsutils__namespace.Convert.FromBase64Url(json.r) }); this.exponent = new asn1js__namespace.Integer({ valueHex: pvtsutils__namespace.Convert.FromBase64Url(json.d) }); this.coefficient = new asn1js__namespace.Integer({ valueHex: pvtsutils__namespace.Convert.FromBase64Url(json.t) }); } } OtherPrimeInfo.CLASS_NAME = "OtherPrimeInfo"; const VERSION$k = "version"; const MODULUS = "modulus"; const PUBLIC_EXPONENT = "publicExponent"; const PRIVATE_EXPONENT = "privateExponent"; const PRIME1 = "prime1"; const PRIME2 = "prime2"; const EXPONENT1 = "exponent1"; const EXPONENT2 = "exponent2"; const COEFFICIENT = "coefficient"; const OTHER_PRIME_INFOS = "otherPrimeInfos"; const CLEAR_PROPS$17 = [ VERSION$k, MODULUS, PUBLIC_EXPONENT, PRIVATE_EXPONENT, PRIME1, PRIME2, EXPONENT1, EXPONENT2, COEFFICIENT, OTHER_PRIME_INFOS ]; class RSAPrivateKey extends PkiObject { constructor(parameters = {}) { super(); this.version = pvutils__namespace.getParametersValue(parameters, VERSION$k, RSAPrivateKey.defaultValues(VERSION$k)); this.modulus = pvutils__namespace.getParametersValue(parameters, MODULUS, RSAPrivateKey.defaultValues(MODULUS)); this.publicExponent = pvutils__namespace.getParametersValue(parameters, PUBLIC_EXPONENT, RSAPrivateKey.defaultValues(PUBLIC_EXPONENT)); this.privateExponent = pvutils__namespace.getParametersValue(parameters, PRIVATE_EXPONENT, RSAPrivateKey.defaultValues(PRIVATE_EXPONENT)); this.prime1 = pvutils__namespace.getParametersValue(parameters, PRIME1, RSAPrivateKey.defaultValues(PRIME1)); this.prime2 = pvutils__namespace.getParametersValue(parameters, PRIME2, RSAPrivateKey.defaultValues(PRIME2)); this.exponent1 = pvutils__namespace.getParametersValue(parameters, EXPONENT1, RSAPrivateKey.defaultValues(EXPONENT1)); this.exponent2 = pvutils__namespace.getParametersValue(parameters, EXPONENT2, RSAPrivateKey.defaultValues(EXPONENT2)); this.coefficient = pvutils__namespace.getParametersValue(parameters, COEFFICIENT, RSAPrivateKey.defaultValues(COEFFICIENT)); if (OTHER_PRIME_INFOS in parameters) { this.otherPrimeInfos = pvutils__namespace.getParametersValue(parameters, OTHER_PRIME_INFOS, RSAPrivateKey.defaultValues(OTHER_PRIME_INFOS)); } if (parameters.json) { this.fromJSON(parameters.json); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case VERSION$k: return 0; case MODULUS: return new asn1js__namespace.Integer(); case PUBLIC_EXPONENT: return new asn1js__namespace.Integer(); case PRIVATE_EXPONENT: return new asn1js__namespace.Integer(); case PRIME1: return new asn1js__namespace.Integer(); case PRIME2: return new asn1js__namespace.Integer(); case EXPONENT1: return new asn1js__namespace.Integer(); case EXPONENT2: return new asn1js__namespace.Integer(); case COEFFICIENT: return new asn1js__namespace.Integer(); case OTHER_PRIME_INFOS: return []; default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Integer({ name: (names.version || EMPTY_STRING) }), new asn1js__namespace.Integer({ name: (names.modulus || EMPTY_STRING) }), new asn1js__namespace.Integer({ name: (names.publicExponent || EMPTY_STRING) }), new asn1js__namespace.Integer({ name: (names.privateExponent || EMPTY_STRING) }), new asn1js__namespace.Integer({ name: (names.prime1 || EMPTY_STRING) }), new asn1js__namespace.Integer({ name: (names.prime2 || EMPTY_STRING) }), new asn1js__namespace.Integer({ name: (names.exponent1 || EMPTY_STRING) }), new asn1js__namespace.Integer({ name: (names.exponent2 || EMPTY_STRING) }), new asn1js__namespace.Integer({ name: (names.coefficient || EMPTY_STRING) }), new asn1js__namespace.Sequence({ optional: true, value: [ new asn1js__namespace.Repeated({ name: (names.otherPrimeInfosName || EMPTY_STRING), value: OtherPrimeInfo.schema(names.otherPrimeInfo || {}) }) ] }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$17); const asn1 = asn1js__namespace.compareSchema(schema, schema, RSAPrivateKey.schema({ names: { version: VERSION$k, modulus: MODULUS, publicExponent: PUBLIC_EXPONENT, privateExponent: PRIVATE_EXPONENT, prime1: PRIME1, prime2: PRIME2, exponent1: EXPONENT1, exponent2: EXPONENT2, coefficient: COEFFICIENT, otherPrimeInfo: { names: { blockName: OTHER_PRIME_INFOS } } } })); AsnError.assertSchema(asn1, this.className); this.version = asn1.result.version.valueBlock.valueDec; this.modulus = asn1.result.modulus.convertFromDER(256); this.publicExponent = asn1.result.publicExponent; this.privateExponent = asn1.result.privateExponent.convertFromDER(256); this.prime1 = asn1.result.prime1.convertFromDER(128); this.prime2 = asn1.result.prime2.convertFromDER(128); this.exponent1 = asn1.result.exponent1.convertFromDER(128); this.exponent2 = asn1.result.exponent2.convertFromDER(128); this.coefficient = asn1.result.coefficient.convertFromDER(128); if (OTHER_PRIME_INFOS in asn1.result) this.otherPrimeInfos = Array.from(asn1.result.otherPrimeInfos, element => new OtherPrimeInfo({ schema: element })); } toSchema() { const outputArray = []; outputArray.push(new asn1js__namespace.Integer({ value: this.version })); outputArray.push(this.modulus.convertToDER()); outputArray.push(this.publicExponent); outputArray.push(this.privateExponent.convertToDER()); outputArray.push(this.prime1.convertToDER()); outputArray.push(this.prime2.convertToDER()); outputArray.push(this.exponent1.convertToDER()); outputArray.push(this.exponent2.convertToDER()); outputArray.push(this.coefficient.convertToDER()); if (this.otherPrimeInfos) { outputArray.push(new asn1js__namespace.Sequence({ value: Array.from(this.otherPrimeInfos, o => o.toSchema()) })); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const jwk = { n: pvtsutils__namespace.Convert.ToBase64Url(this.modulus.valueBlock.valueHexView), e: pvtsutils__namespace.Convert.ToBase64Url(this.publicExponent.valueBlock.valueHexView), d: pvtsutils__namespace.Convert.ToBase64Url(this.privateExponent.valueBlock.valueHexView), p: pvtsutils__namespace.Convert.ToBase64Url(this.prime1.valueBlock.valueHexView), q: pvtsutils__namespace.Convert.ToBase64Url(this.prime2.valueBlock.valueHexView), dp: pvtsutils__namespace.Convert.ToBase64Url(this.exponent1.valueBlock.valueHexView), dq: pvtsutils__namespace.Convert.ToBase64Url(this.exponent2.valueBlock.valueHexView), qi: pvtsutils__namespace.Convert.ToBase64Url(this.coefficient.valueBlock.valueHexView), }; if (this.otherPrimeInfos) { jwk.oth = Array.from(this.otherPrimeInfos, o => o.toJSON()); } return jwk; } fromJSON(json) { ParameterError.assert("json", json, "n", "e", "d", "p", "q", "dp", "dq", "qi"); this.modulus = new asn1js__namespace.Integer({ valueHex: pvtsutils__namespace.Convert.FromBase64Url(json.n) }); this.publicExponent = new asn1js__namespace.Integer({ valueHex: pvtsutils__namespace.Convert.FromBase64Url(json.e) }); this.privateExponent = new asn1js__namespace.Integer({ valueHex: pvtsutils__namespace.Convert.FromBase64Url(json.d) }); this.prime1 = new asn1js__namespace.Integer({ valueHex: pvtsutils__namespace.Convert.FromBase64Url(json.p) }); this.prime2 = new asn1js__namespace.Integer({ valueHex: pvtsutils__namespace.Convert.FromBase64Url(json.q) }); this.exponent1 = new asn1js__namespace.Integer({ valueHex: pvtsutils__namespace.Convert.FromBase64Url(json.dp) }); this.exponent2 = new asn1js__namespace.Integer({ valueHex: pvtsutils__namespace.Convert.FromBase64Url(json.dq) }); this.coefficient = new asn1js__namespace.Integer({ valueHex: pvtsutils__namespace.Convert.FromBase64Url(json.qi) }); if (json.oth) { this.otherPrimeInfos = Array.from(json.oth, (element) => new OtherPrimeInfo({ json: element })); } } } RSAPrivateKey.CLASS_NAME = "RSAPrivateKey"; const VERSION$j = "version"; const PRIVATE_KEY_ALGORITHM = "privateKeyAlgorithm"; const PRIVATE_KEY = "privateKey"; const ATTRIBUTES$5 = "attributes"; const PARSED_KEY = "parsedKey"; const CLEAR_PROPS$16 = [ VERSION$j, PRIVATE_KEY_ALGORITHM, PRIVATE_KEY, ATTRIBUTES$5 ]; class PrivateKeyInfo extends PkiObject { constructor(parameters = {}) { super(); this.version = pvutils__namespace.getParametersValue(parameters, VERSION$j, PrivateKeyInfo.defaultValues(VERSION$j)); this.privateKeyAlgorithm = pvutils__namespace.getParametersValue(parameters, PRIVATE_KEY_ALGORITHM, PrivateKeyInfo.defaultValues(PRIVATE_KEY_ALGORITHM)); this.privateKey = pvutils__namespace.getParametersValue(parameters, PRIVATE_KEY, PrivateKeyInfo.defaultValues(PRIVATE_KEY)); if (ATTRIBUTES$5 in parameters) { this.attributes = pvutils__namespace.getParametersValue(parameters, ATTRIBUTES$5, PrivateKeyInfo.defaultValues(ATTRIBUTES$5)); } if (PARSED_KEY in parameters) { this.parsedKey = pvutils__namespace.getParametersValue(parameters, PARSED_KEY, PrivateKeyInfo.defaultValues(PARSED_KEY)); } if (parameters.json) { this.fromJSON(parameters.json); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case VERSION$j: return 0; case PRIVATE_KEY_ALGORITHM: return new AlgorithmIdentifier(); case PRIVATE_KEY: return new asn1js__namespace.OctetString(); case ATTRIBUTES$5: return []; case PARSED_KEY: return {}; default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Integer({ name: (names.version || EMPTY_STRING) }), AlgorithmIdentifier.schema(names.privateKeyAlgorithm || {}), new asn1js__namespace.OctetString({ name: (names.privateKey || EMPTY_STRING) }), new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: [ new asn1js__namespace.Repeated({ name: (names.attributes || EMPTY_STRING), value: Attribute.schema() }) ] }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$16); const asn1 = asn1js__namespace.compareSchema(schema, schema, PrivateKeyInfo.schema({ names: { version: VERSION$j, privateKeyAlgorithm: { names: { blockName: PRIVATE_KEY_ALGORITHM } }, privateKey: PRIVATE_KEY, attributes: ATTRIBUTES$5 } })); AsnError.assertSchema(asn1, this.className); this.version = asn1.result.version.valueBlock.valueDec; this.privateKeyAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.privateKeyAlgorithm }); this.privateKey = asn1.result.privateKey; if (ATTRIBUTES$5 in asn1.result) this.attributes = Array.from(asn1.result.attributes, element => new Attribute({ schema: element })); switch (this.privateKeyAlgorithm.algorithmId) { case "1.2.840.113549.1.1.1": { const privateKeyASN1 = asn1js__namespace.fromBER(this.privateKey.valueBlock.valueHexView); if (privateKeyASN1.offset !== -1) this.parsedKey = new RSAPrivateKey({ schema: privateKeyASN1.result }); } break; case "1.2.840.10045.2.1": if ("algorithmParams" in this.privateKeyAlgorithm) { if (this.privateKeyAlgorithm.algorithmParams instanceof asn1js__namespace.ObjectIdentifier) { const privateKeyASN1 = asn1js__namespace.fromBER(this.privateKey.valueBlock.valueHexView); if (privateKeyASN1.offset !== -1) { this.parsedKey = new ECPrivateKey({ namedCurve: this.privateKeyAlgorithm.algorithmParams.valueBlock.toString(), schema: privateKeyASN1.result }); } } } break; } } toSchema() { const outputArray = [ new asn1js__namespace.Integer({ value: this.version }), this.privateKeyAlgorithm.toSchema(), this.privateKey ]; if (this.attributes) { outputArray.push(new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: Array.from(this.attributes, o => o.toSchema()) })); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { if (!this.parsedKey) { const object = { version: this.version, privateKeyAlgorithm: this.privateKeyAlgorithm.toJSON(), privateKey: this.privateKey.toJSON(), }; if (this.attributes) { object.attributes = Array.from(this.attributes, o => o.toJSON()); } return object; } const jwk = {}; switch (this.privateKeyAlgorithm.algorithmId) { case "1.2.840.10045.2.1": jwk.kty = "EC"; break; case "1.2.840.113549.1.1.1": jwk.kty = "RSA"; break; } const publicKeyJWK = this.parsedKey.toJSON(); Object.assign(jwk, publicKeyJWK); return jwk; } fromJSON(json) { if ("kty" in json) { switch (json.kty.toUpperCase()) { case "EC": this.parsedKey = new ECPrivateKey({ json }); this.privateKeyAlgorithm = new AlgorithmIdentifier({ algorithmId: "1.2.840.10045.2.1", algorithmParams: new asn1js__namespace.ObjectIdentifier({ value: this.parsedKey.namedCurve }) }); break; case "RSA": this.parsedKey = new RSAPrivateKey({ json }); this.privateKeyAlgorithm = new AlgorithmIdentifier({ algorithmId: "1.2.840.113549.1.1.1", algorithmParams: new asn1js__namespace.Null() }); break; default: throw new Error(`Invalid value for "kty" parameter: ${json.kty}`); } this.privateKey = new asn1js__namespace.OctetString({ valueHex: this.parsedKey.toSchema().toBER(false) }); } } } PrivateKeyInfo.CLASS_NAME = "PrivateKeyInfo"; const CONTENT_TYPE$1 = "contentType"; const CONTENT_ENCRYPTION_ALGORITHM = "contentEncryptionAlgorithm"; const ENCRYPTED_CONTENT = "encryptedContent"; const CLEAR_PROPS$15 = [ CONTENT_TYPE$1, CONTENT_ENCRYPTION_ALGORITHM, ENCRYPTED_CONTENT, ]; const PIECE_SIZE = 1024; class EncryptedContentInfo extends PkiObject { constructor(parameters = {}) { super(); this.contentType = pvutils__namespace.getParametersValue(parameters, CONTENT_TYPE$1, EncryptedContentInfo.defaultValues(CONTENT_TYPE$1)); this.contentEncryptionAlgorithm = pvutils__namespace.getParametersValue(parameters, CONTENT_ENCRYPTION_ALGORITHM, EncryptedContentInfo.defaultValues(CONTENT_ENCRYPTION_ALGORITHM)); if (ENCRYPTED_CONTENT in parameters && parameters.encryptedContent) { this.encryptedContent = parameters.encryptedContent; if ((this.encryptedContent.idBlock.tagClass === 1) && (this.encryptedContent.idBlock.tagNumber === 4)) { if (this.encryptedContent.idBlock.isConstructed === false && !parameters.disableSplit) { const constrString = new asn1js__namespace.OctetString({ idBlock: { isConstructed: true }, isConstructed: true }); let offset = 0; const valueHex = this.encryptedContent.valueBlock.valueHexView.slice().buffer; let length = valueHex.byteLength; while (length > 0) { const pieceView = new Uint8Array(valueHex, offset, ((offset + PIECE_SIZE) > valueHex.byteLength) ? (valueHex.byteLength - offset) : PIECE_SIZE); const _array = new ArrayBuffer(pieceView.length); const _view = new Uint8Array(_array); for (let i = 0; i < _view.length; i++) _view[i] = pieceView[i]; constrString.valueBlock.value.push(new asn1js__namespace.OctetString({ valueHex: _array })); length -= pieceView.length; offset += pieceView.length; } this.encryptedContent = constrString; } } } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case CONTENT_TYPE$1: return EMPTY_STRING; case CONTENT_ENCRYPTION_ALGORITHM: return new AlgorithmIdentifier(); case ENCRYPTED_CONTENT: return new asn1js__namespace.OctetString(); default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case CONTENT_TYPE$1: return (memberValue === EMPTY_STRING); case CONTENT_ENCRYPTION_ALGORITHM: return ((memberValue.algorithmId === EMPTY_STRING) && (("algorithmParams" in memberValue) === false)); case ENCRYPTED_CONTENT: return (memberValue.isEqual(EncryptedContentInfo.defaultValues(ENCRYPTED_CONTENT))); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.ObjectIdentifier({ name: (names.contentType || EMPTY_STRING) }), AlgorithmIdentifier.schema(names.contentEncryptionAlgorithm || {}), new asn1js__namespace.Choice({ value: [ new asn1js__namespace.Constructed({ name: (names.encryptedContent || EMPTY_STRING), idBlock: { tagClass: 3, tagNumber: 0 }, value: [ new asn1js__namespace.Repeated({ value: new asn1js__namespace.OctetString() }) ] }), new asn1js__namespace.Primitive({ name: (names.encryptedContent || EMPTY_STRING), idBlock: { tagClass: 3, tagNumber: 0 } }) ] }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$15); const asn1 = asn1js__namespace.compareSchema(schema, schema, EncryptedContentInfo.schema({ names: { contentType: CONTENT_TYPE$1, contentEncryptionAlgorithm: { names: { blockName: CONTENT_ENCRYPTION_ALGORITHM } }, encryptedContent: ENCRYPTED_CONTENT } })); AsnError.assertSchema(asn1, this.className); this.contentType = asn1.result.contentType.valueBlock.toString(); this.contentEncryptionAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.contentEncryptionAlgorithm }); if (ENCRYPTED_CONTENT in asn1.result) { this.encryptedContent = asn1.result.encryptedContent; this.encryptedContent.idBlock.tagClass = 1; this.encryptedContent.idBlock.tagNumber = 4; } } toSchema() { const sequenceLengthBlock = { isIndefiniteForm: false }; const outputArray = []; outputArray.push(new asn1js__namespace.ObjectIdentifier({ value: this.contentType })); outputArray.push(this.contentEncryptionAlgorithm.toSchema()); if (this.encryptedContent) { sequenceLengthBlock.isIndefiniteForm = this.encryptedContent.idBlock.isConstructed; const encryptedValue = this.encryptedContent; encryptedValue.idBlock.tagClass = 3; encryptedValue.idBlock.tagNumber = 0; encryptedValue.lenBlock.isIndefiniteForm = this.encryptedContent.idBlock.isConstructed; outputArray.push(encryptedValue); } return (new asn1js__namespace.Sequence({ lenBlock: sequenceLengthBlock, value: outputArray })); } toJSON() { const res = { contentType: this.contentType, contentEncryptionAlgorithm: this.contentEncryptionAlgorithm.toJSON() }; if (this.encryptedContent) { res.encryptedContent = this.encryptedContent.toJSON(); } return res; } getEncryptedContent() { if (!this.encryptedContent) { throw new Error("Parameter 'encryptedContent' is undefined"); } return asn1js__namespace.OctetString.prototype.getValue.call(this.encryptedContent); } } EncryptedContentInfo.CLASS_NAME = "EncryptedContentInfo"; const HASH_ALGORITHM$4 = "hashAlgorithm"; const MASK_GEN_ALGORITHM$1 = "maskGenAlgorithm"; const SALT_LENGTH = "saltLength"; const TRAILER_FIELD = "trailerField"; const CLEAR_PROPS$14 = [ HASH_ALGORITHM$4, MASK_GEN_ALGORITHM$1, SALT_LENGTH, TRAILER_FIELD ]; class RSASSAPSSParams extends PkiObject { constructor(parameters = {}) { super(); this.hashAlgorithm = pvutils__namespace.getParametersValue(parameters, HASH_ALGORITHM$4, RSASSAPSSParams.defaultValues(HASH_ALGORITHM$4)); this.maskGenAlgorithm = pvutils__namespace.getParametersValue(parameters, MASK_GEN_ALGORITHM$1, RSASSAPSSParams.defaultValues(MASK_GEN_ALGORITHM$1)); this.saltLength = pvutils__namespace.getParametersValue(parameters, SALT_LENGTH, RSASSAPSSParams.defaultValues(SALT_LENGTH)); this.trailerField = pvutils__namespace.getParametersValue(parameters, TRAILER_FIELD, RSASSAPSSParams.defaultValues(TRAILER_FIELD)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case HASH_ALGORITHM$4: return new AlgorithmIdentifier({ algorithmId: "1.3.14.3.2.26", algorithmParams: new asn1js__namespace.Null() }); case MASK_GEN_ALGORITHM$1: return new AlgorithmIdentifier({ algorithmId: "1.2.840.113549.1.1.8", algorithmParams: (new AlgorithmIdentifier({ algorithmId: "1.3.14.3.2.26", algorithmParams: new asn1js__namespace.Null() })).toSchema() }); case SALT_LENGTH: return 20; case TRAILER_FIELD: return 1; default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, optional: true, value: [AlgorithmIdentifier.schema(names.hashAlgorithm || {})] }), new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 1 }, optional: true, value: [AlgorithmIdentifier.schema(names.maskGenAlgorithm || {})] }), new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 2 }, optional: true, value: [new asn1js__namespace.Integer({ name: (names.saltLength || EMPTY_STRING) })] }), new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 3 }, optional: true, value: [new asn1js__namespace.Integer({ name: (names.trailerField || EMPTY_STRING) })] }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$14); const asn1 = asn1js__namespace.compareSchema(schema, schema, RSASSAPSSParams.schema({ names: { hashAlgorithm: { names: { blockName: HASH_ALGORITHM$4 } }, maskGenAlgorithm: { names: { blockName: MASK_GEN_ALGORITHM$1 } }, saltLength: SALT_LENGTH, trailerField: TRAILER_FIELD } })); AsnError.assertSchema(asn1, this.className); if (HASH_ALGORITHM$4 in asn1.result) this.hashAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.hashAlgorithm }); if (MASK_GEN_ALGORITHM$1 in asn1.result) this.maskGenAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.maskGenAlgorithm }); if (SALT_LENGTH in asn1.result) this.saltLength = asn1.result.saltLength.valueBlock.valueDec; if (TRAILER_FIELD in asn1.result) this.trailerField = asn1.result.trailerField.valueBlock.valueDec; } toSchema() { const outputArray = []; if (!this.hashAlgorithm.isEqual(RSASSAPSSParams.defaultValues(HASH_ALGORITHM$4))) { outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: [this.hashAlgorithm.toSchema()] })); } if (!this.maskGenAlgorithm.isEqual(RSASSAPSSParams.defaultValues(MASK_GEN_ALGORITHM$1))) { outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 1 }, value: [this.maskGenAlgorithm.toSchema()] })); } if (this.saltLength !== RSASSAPSSParams.defaultValues(SALT_LENGTH)) { outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 2 }, value: [new asn1js__namespace.Integer({ value: this.saltLength })] })); } if (this.trailerField !== RSASSAPSSParams.defaultValues(TRAILER_FIELD)) { outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 3 }, value: [new asn1js__namespace.Integer({ value: this.trailerField })] })); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const res = {}; if (!this.hashAlgorithm.isEqual(RSASSAPSSParams.defaultValues(HASH_ALGORITHM$4))) { res.hashAlgorithm = this.hashAlgorithm.toJSON(); } if (!this.maskGenAlgorithm.isEqual(RSASSAPSSParams.defaultValues(MASK_GEN_ALGORITHM$1))) { res.maskGenAlgorithm = this.maskGenAlgorithm.toJSON(); } if (this.saltLength !== RSASSAPSSParams.defaultValues(SALT_LENGTH)) { res.saltLength = this.saltLength; } if (this.trailerField !== RSASSAPSSParams.defaultValues(TRAILER_FIELD)) { res.trailerField = this.trailerField; } return res; } } RSASSAPSSParams.CLASS_NAME = "RSASSAPSSParams"; const SALT = "salt"; const ITERATION_COUNT = "iterationCount"; const KEY_LENGTH = "keyLength"; const PRF = "prf"; const CLEAR_PROPS$13 = [ SALT, ITERATION_COUNT, KEY_LENGTH, PRF ]; class PBKDF2Params extends PkiObject { constructor(parameters = {}) { super(); this.salt = pvutils__namespace.getParametersValue(parameters, SALT, PBKDF2Params.defaultValues(SALT)); this.iterationCount = pvutils__namespace.getParametersValue(parameters, ITERATION_COUNT, PBKDF2Params.defaultValues(ITERATION_COUNT)); if (KEY_LENGTH in parameters) { this.keyLength = pvutils__namespace.getParametersValue(parameters, KEY_LENGTH, PBKDF2Params.defaultValues(KEY_LENGTH)); } if (PRF in parameters) { this.prf = pvutils__namespace.getParametersValue(parameters, PRF, PBKDF2Params.defaultValues(PRF)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case SALT: return {}; case ITERATION_COUNT: return (-1); case KEY_LENGTH: return 0; case PRF: return new AlgorithmIdentifier({ algorithmId: "1.3.14.3.2.26", algorithmParams: new asn1js__namespace.Null() }); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Choice({ value: [ new asn1js__namespace.OctetString({ name: (names.saltPrimitive || EMPTY_STRING) }), AlgorithmIdentifier.schema(names.saltConstructed || {}) ] }), new asn1js__namespace.Integer({ name: (names.iterationCount || EMPTY_STRING) }), new asn1js__namespace.Integer({ name: (names.keyLength || EMPTY_STRING), optional: true }), AlgorithmIdentifier.schema(names.prf || { names: { optional: true } }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$13); const asn1 = asn1js__namespace.compareSchema(schema, schema, PBKDF2Params.schema({ names: { saltPrimitive: SALT, saltConstructed: { names: { blockName: SALT } }, iterationCount: ITERATION_COUNT, keyLength: KEY_LENGTH, prf: { names: { blockName: PRF, optional: true } } } })); AsnError.assertSchema(asn1, this.className); this.salt = asn1.result.salt; this.iterationCount = asn1.result.iterationCount.valueBlock.valueDec; if (KEY_LENGTH in asn1.result) this.keyLength = asn1.result.keyLength.valueBlock.valueDec; if (PRF in asn1.result) this.prf = new AlgorithmIdentifier({ schema: asn1.result.prf }); } toSchema() { const outputArray = []; outputArray.push(this.salt); outputArray.push(new asn1js__namespace.Integer({ value: this.iterationCount })); if (KEY_LENGTH in this) { if (PBKDF2Params.defaultValues(KEY_LENGTH) !== this.keyLength) outputArray.push(new asn1js__namespace.Integer({ value: this.keyLength })); } if (this.prf) { if (PBKDF2Params.defaultValues(PRF).isEqual(this.prf) === false) outputArray.push(this.prf.toSchema()); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const res = { salt: this.salt.toJSON(), iterationCount: this.iterationCount }; if (KEY_LENGTH in this) { if (PBKDF2Params.defaultValues(KEY_LENGTH) !== this.keyLength) res.keyLength = this.keyLength; } if (this.prf) { if (PBKDF2Params.defaultValues(PRF).isEqual(this.prf) === false) res.prf = this.prf.toJSON(); } return res; } } PBKDF2Params.CLASS_NAME = "PBKDF2Params"; const KEY_DERIVATION_FUNC = "keyDerivationFunc"; const ENCRYPTION_SCHEME = "encryptionScheme"; const CLEAR_PROPS$12 = [ KEY_DERIVATION_FUNC, ENCRYPTION_SCHEME ]; class PBES2Params extends PkiObject { constructor(parameters = {}) { super(); this.keyDerivationFunc = pvutils__namespace.getParametersValue(parameters, KEY_DERIVATION_FUNC, PBES2Params.defaultValues(KEY_DERIVATION_FUNC)); this.encryptionScheme = pvutils__namespace.getParametersValue(parameters, ENCRYPTION_SCHEME, PBES2Params.defaultValues(ENCRYPTION_SCHEME)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case KEY_DERIVATION_FUNC: return new AlgorithmIdentifier(); case ENCRYPTION_SCHEME: return new AlgorithmIdentifier(); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ AlgorithmIdentifier.schema(names.keyDerivationFunc || {}), AlgorithmIdentifier.schema(names.encryptionScheme || {}) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$12); const asn1 = asn1js__namespace.compareSchema(schema, schema, PBES2Params.schema({ names: { keyDerivationFunc: { names: { blockName: KEY_DERIVATION_FUNC } }, encryptionScheme: { names: { blockName: ENCRYPTION_SCHEME } } } })); AsnError.assertSchema(asn1, this.className); this.keyDerivationFunc = new AlgorithmIdentifier({ schema: asn1.result.keyDerivationFunc }); this.encryptionScheme = new AlgorithmIdentifier({ schema: asn1.result.encryptionScheme }); } toSchema() { return (new asn1js__namespace.Sequence({ value: [ this.keyDerivationFunc.toSchema(), this.encryptionScheme.toSchema() ] })); } toJSON() { return { keyDerivationFunc: this.keyDerivationFunc.toJSON(), encryptionScheme: this.encryptionScheme.toJSON() }; } } PBES2Params.CLASS_NAME = "PBES2Params"; class AbstractCryptoEngine { constructor(parameters) { this.crypto = parameters.crypto; this.subtle = "webkitSubtle" in parameters.crypto ? parameters.crypto.webkitSubtle : parameters.crypto.subtle; this.name = pvutils__namespace.getParametersValue(parameters, "name", EMPTY_STRING); } async encrypt(...args) { return this.subtle.encrypt(...args); } async decrypt(...args) { return this.subtle.decrypt(...args); } sign(...args) { return this.subtle.sign(...args); } async verify(...args) { return this.subtle.verify(...args); } async digest(...args) { return this.subtle.digest(...args); } async generateKey(...args) { return this.subtle.generateKey(...args); } async deriveKey(...args) { return this.subtle.deriveKey(...args); } async deriveBits(...args) { return this.subtle.deriveBits(...args); } async wrapKey(...args) { return this.subtle.wrapKey(...args); } async unwrapKey(...args) { return this.subtle.unwrapKey(...args); } exportKey(...args) { return this.subtle.exportKey(...args); } importKey(...args) { return this.subtle.importKey(...args); } getRandomValues(array) { if (array === null) { throw new Error("Argument \"array\" must not be null"); } return this.crypto.getRandomValues(array); } } async function makePKCS12B2Key(hashAlgorithm, keyLength, password, salt, iterationCount) { let u; let v; let md; switch (hashAlgorithm.toUpperCase()) { case "SHA-1": u = 20; v = 64; md = sha1.sha1; break; case "SHA-256": u = 32; v = 64; md = sha2.sha256; break; case "SHA-384": u = 48; v = 128; md = sha2.sha384; break; case "SHA-512": u = 64; v = 128; md = sha2.sha512; break; default: throw new Error("Unsupported hashing algorithm"); } const originalPassword = new Uint8Array(password); let decodedPassword = new TextDecoder().decode(password); const encodedPassword = new TextEncoder().encode(decodedPassword); if (encodedPassword.some((byte, i) => byte !== originalPassword[i])) { decodedPassword = String.fromCharCode(...originalPassword); } const passwordTransformed = new Uint8Array(decodedPassword.length * 2 + 2); const passwordView = new DataView(passwordTransformed.buffer); for (let i = 0; i < decodedPassword.length; i++) { passwordView.setUint16(i * 2, decodedPassword.charCodeAt(i), false); } passwordView.setUint16(decodedPassword.length * 2, 0, false); const D = new Uint8Array(v).fill(3); const saltView = new Uint8Array(salt); const S = new Uint8Array(v * Math.ceil(saltView.length / v)).map((_, i) => saltView[i % saltView.length]); const P = new Uint8Array(v * Math.ceil(passwordTransformed.length / v)).map((_, i) => passwordTransformed[i % passwordTransformed.length]); let I = new Uint8Array(S.length + P.length); I.set(S); I.set(P, S.length); const c = Math.ceil((keyLength >> 3) / u); const result = []; for (let i = 0; i < c; i++) { let A = new Uint8Array(D.length + I.length); A.set(D); A.set(I, D.length); for (let j = 0; j < iterationCount; j++) { A = md(A); } const B = new Uint8Array(v).map((_, i) => A[i % A.length]); const k = Math.ceil(saltView.length / v) + Math.ceil(passwordTransformed.length / v); const iRound = []; for (let j = 0; j < k; j++) { const chunk = Array.from(I.slice(j * v, (j + 1) * v)); let x = 0x1ff; for (let l = B.length - 1; l >= 0; l--) { x >>= 8; x += B[l] + (chunk[l] || 0); chunk[l] = x & 0xff; } iRound.push(...chunk); } I = new Uint8Array(iRound); result.push(...A); } return new Uint8Array(result.slice(0, keyLength >> 3)).buffer; } function prepareAlgorithm(data) { const res = typeof data === "string" ? { name: data } : data; if ("hash" in res) { return { ...res, hash: prepareAlgorithm(res.hash) }; } return res; } class CryptoEngine extends AbstractCryptoEngine { async importKey(format, keyData, algorithm, extractable, keyUsages) { var _a, _b, _c, _d, _e, _f; let jwk = {}; const alg = prepareAlgorithm(algorithm); switch (format.toLowerCase()) { case "raw": return this.subtle.importKey("raw", keyData, algorithm, extractable, keyUsages); case "spki": { const asn1 = asn1js__namespace.fromBER(pvtsutils__namespace.BufferSourceConverter.toArrayBuffer(keyData)); AsnError.assert(asn1, "keyData"); const publicKeyInfo = new PublicKeyInfo(); try { publicKeyInfo.fromSchema(asn1.result); } catch { throw new ArgumentError("Incorrect keyData"); } switch (alg.name.toUpperCase()) { case "RSA-PSS": { if (!alg.hash) { throw new ParameterError("hash", "algorithm.hash", "Incorrect hash algorithm: Hash algorithm is missed"); } switch (alg.hash.name.toUpperCase()) { case "SHA-1": jwk.alg = "PS1"; break; case "SHA-256": jwk.alg = "PS256"; break; case "SHA-384": jwk.alg = "PS384"; break; case "SHA-512": jwk.alg = "PS512"; break; default: throw new Error(`Incorrect hash algorithm: ${alg.hash.name.toUpperCase()}`); } } case "RSASSA-PKCS1-V1_5": { keyUsages = ["verify"]; jwk.kty = "RSA"; jwk.ext = extractable; jwk.key_ops = keyUsages; if (publicKeyInfo.algorithm.algorithmId !== "1.2.840.113549.1.1.1") throw new Error(`Incorrect public key algorithm: ${publicKeyInfo.algorithm.algorithmId}`); if (!jwk.alg) { if (!alg.hash) { throw new ParameterError("hash", "algorithm.hash", "Incorrect hash algorithm: Hash algorithm is missed"); } switch (alg.hash.name.toUpperCase()) { case "SHA-1": jwk.alg = "RS1"; break; case "SHA-256": jwk.alg = "RS256"; break; case "SHA-384": jwk.alg = "RS384"; break; case "SHA-512": jwk.alg = "RS512"; break; default: throw new Error(`Incorrect hash algorithm: ${alg.hash.name.toUpperCase()}`); } } const publicKeyJSON = publicKeyInfo.toJSON(); Object.assign(jwk, publicKeyJSON); } break; case "ECDSA": keyUsages = ["verify"]; case "ECDH": { jwk = { kty: "EC", ext: extractable, key_ops: keyUsages }; if (publicKeyInfo.algorithm.algorithmId !== "1.2.840.10045.2.1") { throw new Error(`Incorrect public key algorithm: ${publicKeyInfo.algorithm.algorithmId}`); } const publicKeyJSON = publicKeyInfo.toJSON(); Object.assign(jwk, publicKeyJSON); } break; case "RSA-OAEP": { jwk.kty = "RSA"; jwk.ext = extractable; jwk.key_ops = keyUsages; if (this.name.toLowerCase() === "safari") jwk.alg = "RSA-OAEP"; else { if (!alg.hash) { throw new ParameterError("hash", "algorithm.hash", "Incorrect hash algorithm: Hash algorithm is missed"); } switch (alg.hash.name.toUpperCase()) { case "SHA-1": jwk.alg = "RSA-OAEP"; break; case "SHA-256": jwk.alg = "RSA-OAEP-256"; break; case "SHA-384": jwk.alg = "RSA-OAEP-384"; break; case "SHA-512": jwk.alg = "RSA-OAEP-512"; break; default: throw new Error(`Incorrect hash algorithm: ${alg.hash.name.toUpperCase()}`); } } const publicKeyJSON = publicKeyInfo.toJSON(); Object.assign(jwk, publicKeyJSON); } break; case "RSAES-PKCS1-V1_5": { jwk.kty = "RSA"; jwk.ext = extractable; jwk.key_ops = keyUsages; jwk.alg = "PS1"; const publicKeyJSON = publicKeyInfo.toJSON(); Object.assign(jwk, publicKeyJSON); } break; default: throw new Error(`Incorrect algorithm name: ${alg.name.toUpperCase()}`); } } break; case "pkcs8": { const privateKeyInfo = new PrivateKeyInfo(); const asn1 = asn1js__namespace.fromBER(pvtsutils__namespace.BufferSourceConverter.toArrayBuffer(keyData)); AsnError.assert(asn1, "keyData"); try { privateKeyInfo.fromSchema(asn1.result); } catch { throw new Error("Incorrect keyData"); } if (!privateKeyInfo.parsedKey) throw new Error("Incorrect keyData"); switch (alg.name.toUpperCase()) { case "RSA-PSS": { switch ((_a = alg.hash) === null || _a === void 0 ? void 0 : _a.name.toUpperCase()) { case "SHA-1": jwk.alg = "PS1"; break; case "SHA-256": jwk.alg = "PS256"; break; case "SHA-384": jwk.alg = "PS384"; break; case "SHA-512": jwk.alg = "PS512"; break; default: throw new Error(`Incorrect hash algorithm: ${(_b = alg.hash) === null || _b === void 0 ? void 0 : _b.name.toUpperCase()}`); } } case "RSASSA-PKCS1-V1_5": { keyUsages = ["sign"]; jwk.kty = "RSA"; jwk.ext = extractable; jwk.key_ops = keyUsages; if (privateKeyInfo.privateKeyAlgorithm.algorithmId !== "1.2.840.113549.1.1.1") throw new Error(`Incorrect private key algorithm: ${privateKeyInfo.privateKeyAlgorithm.algorithmId}`); if (("alg" in jwk) === false) { switch ((_c = alg.hash) === null || _c === void 0 ? void 0 : _c.name.toUpperCase()) { case "SHA-1": jwk.alg = "RS1"; break; case "SHA-256": jwk.alg = "RS256"; break; case "SHA-384": jwk.alg = "RS384"; break; case "SHA-512": jwk.alg = "RS512"; break; default: throw new Error(`Incorrect hash algorithm: ${(_d = alg.hash) === null || _d === void 0 ? void 0 : _d.name.toUpperCase()}`); } } const privateKeyJSON = privateKeyInfo.toJSON(); Object.assign(jwk, privateKeyJSON); } break; case "ECDSA": keyUsages = ["sign"]; case "ECDH": { jwk = { kty: "EC", ext: extractable, key_ops: keyUsages }; if (privateKeyInfo.privateKeyAlgorithm.algorithmId !== "1.2.840.10045.2.1") throw new Error(`Incorrect algorithm: ${privateKeyInfo.privateKeyAlgorithm.algorithmId}`); const privateKeyJSON = privateKeyInfo.toJSON(); Object.assign(jwk, privateKeyJSON); } break; case "RSA-OAEP": { jwk.kty = "RSA"; jwk.ext = extractable; jwk.key_ops = keyUsages; if (this.name.toLowerCase() === "safari") jwk.alg = "RSA-OAEP"; else { switch ((_e = alg.hash) === null || _e === void 0 ? void 0 : _e.name.toUpperCase()) { case "SHA-1": jwk.alg = "RSA-OAEP"; break; case "SHA-256": jwk.alg = "RSA-OAEP-256"; break; case "SHA-384": jwk.alg = "RSA-OAEP-384"; break; case "SHA-512": jwk.alg = "RSA-OAEP-512"; break; default: throw new Error(`Incorrect hash algorithm: ${(_f = alg.hash) === null || _f === void 0 ? void 0 : _f.name.toUpperCase()}`); } } const privateKeyJSON = privateKeyInfo.toJSON(); Object.assign(jwk, privateKeyJSON); } break; case "RSAES-PKCS1-V1_5": { keyUsages = ["decrypt"]; jwk.kty = "RSA"; jwk.ext = extractable; jwk.key_ops = keyUsages; jwk.alg = "PS1"; const privateKeyJSON = privateKeyInfo.toJSON(); Object.assign(jwk, privateKeyJSON); } break; default: throw new Error(`Incorrect algorithm name: ${alg.name.toUpperCase()}`); } } break; case "jwk": jwk = keyData; break; default: throw new Error(`Incorrect format: ${format}`); } if (this.name.toLowerCase() === "safari") { try { return this.subtle.importKey("jwk", pvutils__namespace.stringToArrayBuffer(JSON.stringify(jwk)), algorithm, extractable, keyUsages); } catch { return this.subtle.importKey("jwk", jwk, algorithm, extractable, keyUsages); } } return this.subtle.importKey("jwk", jwk, algorithm, extractable, keyUsages); } async exportKey(format, key) { let jwk = await this.subtle.exportKey("jwk", key); if (this.name.toLowerCase() === "safari") { if (jwk instanceof ArrayBuffer) { jwk = JSON.parse(pvutils__namespace.arrayBufferToString(jwk)); } } switch (format.toLowerCase()) { case "raw": return this.subtle.exportKey("raw", key); case "spki": { const publicKeyInfo = new PublicKeyInfo(); try { publicKeyInfo.fromJSON(jwk); } catch { throw new Error("Incorrect key data"); } return publicKeyInfo.toSchema().toBER(false); } case "pkcs8": { const privateKeyInfo = new PrivateKeyInfo(); try { privateKeyInfo.fromJSON(jwk); } catch { throw new Error("Incorrect key data"); } return privateKeyInfo.toSchema().toBER(false); } case "jwk": return jwk; default: throw new Error(`Incorrect format: ${format}`); } } async convert(inputFormat, outputFormat, keyData, algorithm, extractable, keyUsages) { if (inputFormat.toLowerCase() === outputFormat.toLowerCase()) { return keyData; } const key = await this.importKey(inputFormat, keyData, algorithm, extractable, keyUsages); return this.exportKey(outputFormat, key); } getAlgorithmByOID(oid, safety = false, target) { switch (oid) { case "1.2.840.113549.1.1.1": return { name: "RSAES-PKCS1-v1_5" }; case "1.2.840.113549.1.1.5": return { name: "RSASSA-PKCS1-v1_5", hash: { name: "SHA-1" } }; case "1.2.840.113549.1.1.11": return { name: "RSASSA-PKCS1-v1_5", hash: { name: "SHA-256" } }; case "1.2.840.113549.1.1.12": return { name: "RSASSA-PKCS1-v1_5", hash: { name: "SHA-384" } }; case "1.2.840.113549.1.1.13": return { name: "RSASSA-PKCS1-v1_5", hash: { name: "SHA-512" } }; case "1.2.840.113549.1.1.10": return { name: "RSA-PSS" }; case "1.2.840.113549.1.1.7": return { name: "RSA-OAEP" }; case "1.2.840.10045.2.1": case "1.2.840.10045.4.1": return { name: "ECDSA", hash: { name: "SHA-1" } }; case "1.2.840.10045.4.3.2": return { name: "ECDSA", hash: { name: "SHA-256" } }; case "1.2.840.10045.4.3.3": return { name: "ECDSA", hash: { name: "SHA-384" } }; case "1.2.840.10045.4.3.4": return { name: "ECDSA", hash: { name: "SHA-512" } }; case "1.3.133.16.840.63.0.2": return { name: "ECDH", kdf: "SHA-1" }; case "1.3.132.1.11.1": return { name: "ECDH", kdf: "SHA-256" }; case "1.3.132.1.11.2": return { name: "ECDH", kdf: "SHA-384" }; case "1.3.132.1.11.3": return { name: "ECDH", kdf: "SHA-512" }; case "2.16.840.1.101.3.4.1.2": return { name: "AES-CBC", length: 128 }; case "2.16.840.1.101.3.4.1.22": return { name: "AES-CBC", length: 192 }; case "2.16.840.1.101.3.4.1.42": return { name: "AES-CBC", length: 256 }; case "2.16.840.1.101.3.4.1.6": return { name: "AES-GCM", length: 128 }; case "2.16.840.1.101.3.4.1.26": return { name: "AES-GCM", length: 192 }; case "2.16.840.1.101.3.4.1.46": return { name: "AES-GCM", length: 256 }; case "2.16.840.1.101.3.4.1.4": return { name: "AES-CFB", length: 128 }; case "2.16.840.1.101.3.4.1.24": return { name: "AES-CFB", length: 192 }; case "2.16.840.1.101.3.4.1.44": return { name: "AES-CFB", length: 256 }; case "2.16.840.1.101.3.4.1.5": return { name: "AES-KW", length: 128 }; case "2.16.840.1.101.3.4.1.25": return { name: "AES-KW", length: 192 }; case "2.16.840.1.101.3.4.1.45": return { name: "AES-KW", length: 256 }; case "1.2.840.113549.2.7": return { name: "HMAC", hash: { name: "SHA-1" } }; case "1.2.840.113549.2.9": return { name: "HMAC", hash: { name: "SHA-256" } }; case "1.2.840.113549.2.10": return { name: "HMAC", hash: { name: "SHA-384" } }; case "1.2.840.113549.2.11": return { name: "HMAC", hash: { name: "SHA-512" } }; case "1.2.840.113549.1.9.16.3.5": return { name: "DH" }; case "1.3.14.3.2.26": return { name: "SHA-1" }; case "2.16.840.1.101.3.4.2.1": return { name: "SHA-256" }; case "2.16.840.1.101.3.4.2.2": return { name: "SHA-384" }; case "2.16.840.1.101.3.4.2.3": return { name: "SHA-512" }; case "1.2.840.113549.1.5.12": return { name: "PBKDF2" }; case "1.2.840.10045.3.1.7": return { name: "P-256" }; case "1.3.132.0.34": return { name: "P-384" }; case "1.3.132.0.35": return { name: "P-521" }; } if (safety) { throw new Error(`Unsupported algorithm identifier ${target ? `for ${target} ` : EMPTY_STRING}: ${oid}`); } return {}; } getOIDByAlgorithm(algorithm, safety = false, target) { let result = EMPTY_STRING; switch (algorithm.name.toUpperCase()) { case "RSAES-PKCS1-V1_5": result = "1.2.840.113549.1.1.1"; break; case "RSASSA-PKCS1-V1_5": switch (algorithm.hash.name.toUpperCase()) { case "SHA-1": result = "1.2.840.113549.1.1.5"; break; case "SHA-256": result = "1.2.840.113549.1.1.11"; break; case "SHA-384": result = "1.2.840.113549.1.1.12"; break; case "SHA-512": result = "1.2.840.113549.1.1.13"; break; } break; case "RSA-PSS": result = "1.2.840.113549.1.1.10"; break; case "RSA-OAEP": result = "1.2.840.113549.1.1.7"; break; case "ECDSA": switch (algorithm.hash.name.toUpperCase()) { case "SHA-1": result = "1.2.840.10045.4.1"; break; case "SHA-256": result = "1.2.840.10045.4.3.2"; break; case "SHA-384": result = "1.2.840.10045.4.3.3"; break; case "SHA-512": result = "1.2.840.10045.4.3.4"; break; } break; case "ECDH": switch (algorithm.kdf.toUpperCase()) { case "SHA-1": result = "1.3.133.16.840.63.0.2"; break; case "SHA-256": result = "1.3.132.1.11.1"; break; case "SHA-384": result = "1.3.132.1.11.2"; break; case "SHA-512": result = "1.3.132.1.11.3"; break; } break; case "AES-CTR": break; case "AES-CBC": switch (algorithm.length) { case 128: result = "2.16.840.1.101.3.4.1.2"; break; case 192: result = "2.16.840.1.101.3.4.1.22"; break; case 256: result = "2.16.840.1.101.3.4.1.42"; break; } break; case "AES-CMAC": break; case "AES-GCM": switch (algorithm.length) { case 128: result = "2.16.840.1.101.3.4.1.6"; break; case 192: result = "2.16.840.1.101.3.4.1.26"; break; case 256: result = "2.16.840.1.101.3.4.1.46"; break; } break; case "AES-CFB": switch (algorithm.length) { case 128: result = "2.16.840.1.101.3.4.1.4"; break; case 192: result = "2.16.840.1.101.3.4.1.24"; break; case 256: result = "2.16.840.1.101.3.4.1.44"; break; } break; case "AES-KW": switch (algorithm.length) { case 128: result = "2.16.840.1.101.3.4.1.5"; break; case 192: result = "2.16.840.1.101.3.4.1.25"; break; case 256: result = "2.16.840.1.101.3.4.1.45"; break; } break; case "HMAC": switch (algorithm.hash.name.toUpperCase()) { case "SHA-1": result = "1.2.840.113549.2.7"; break; case "SHA-256": result = "1.2.840.113549.2.9"; break; case "SHA-384": result = "1.2.840.113549.2.10"; break; case "SHA-512": result = "1.2.840.113549.2.11"; break; } break; case "DH": result = "1.2.840.113549.1.9.16.3.5"; break; case "SHA-1": result = "1.3.14.3.2.26"; break; case "SHA-256": result = "2.16.840.1.101.3.4.2.1"; break; case "SHA-384": result = "2.16.840.1.101.3.4.2.2"; break; case "SHA-512": result = "2.16.840.1.101.3.4.2.3"; break; case "CONCAT": break; case "HKDF": break; case "PBKDF2": result = "1.2.840.113549.1.5.12"; break; case "P-256": result = "1.2.840.10045.3.1.7"; break; case "P-384": result = "1.3.132.0.34"; break; case "P-521": result = "1.3.132.0.35"; break; } if (!result && safety) { throw new Error(`Unsupported algorithm ${target ? `for ${target} ` : EMPTY_STRING}: ${algorithm.name}`); } return result; } getAlgorithmParameters(algorithmName, operation) { let result = { algorithm: {}, usages: [] }; switch (algorithmName.toUpperCase()) { case "RSAES-PKCS1-V1_5": case "RSASSA-PKCS1-V1_5": switch (operation.toLowerCase()) { case "generatekey": result = { algorithm: { name: "RSASSA-PKCS1-v1_5", modulusLength: 2048, publicExponent: new Uint8Array([0x01, 0x00, 0x01]), hash: { name: "SHA-256" } }, usages: ["sign", "verify"] }; break; case "verify": case "sign": case "importkey": result = { algorithm: { name: "RSASSA-PKCS1-v1_5", hash: { name: "SHA-256" } }, usages: ["verify"] }; break; case "exportkey": default: return { algorithm: { name: "RSASSA-PKCS1-v1_5" }, usages: [] }; } break; case "RSA-PSS": switch (operation.toLowerCase()) { case "sign": case "verify": result = { algorithm: { name: "RSA-PSS", hash: { name: "SHA-1" }, saltLength: 20 }, usages: ["sign", "verify"] }; break; case "generatekey": result = { algorithm: { name: "RSA-PSS", modulusLength: 2048, publicExponent: new Uint8Array([0x01, 0x00, 0x01]), hash: { name: "SHA-1" } }, usages: ["sign", "verify"] }; break; case "importkey": result = { algorithm: { name: "RSA-PSS", hash: { name: "SHA-1" } }, usages: ["verify"] }; break; case "exportkey": default: return { algorithm: { name: "RSA-PSS" }, usages: [] }; } break; case "RSA-OAEP": switch (operation.toLowerCase()) { case "encrypt": case "decrypt": result = { algorithm: { name: "RSA-OAEP" }, usages: ["encrypt", "decrypt"] }; break; case "generatekey": result = { algorithm: { name: "RSA-OAEP", modulusLength: 2048, publicExponent: new Uint8Array([0x01, 0x00, 0x01]), hash: { name: "SHA-256" } }, usages: ["encrypt", "decrypt", "wrapKey", "unwrapKey"] }; break; case "importkey": result = { algorithm: { name: "RSA-OAEP", hash: { name: "SHA-256" } }, usages: ["encrypt"] }; break; case "exportkey": default: return { algorithm: { name: "RSA-OAEP" }, usages: [] }; } break; case "ECDSA": switch (operation.toLowerCase()) { case "generatekey": result = { algorithm: { name: "ECDSA", namedCurve: "P-256" }, usages: ["sign", "verify"] }; break; case "importkey": result = { algorithm: { name: "ECDSA", namedCurve: "P-256" }, usages: ["verify"] }; break; case "verify": case "sign": result = { algorithm: { name: "ECDSA", hash: { name: "SHA-256" } }, usages: ["sign"] }; break; default: return { algorithm: { name: "ECDSA" }, usages: [] }; } break; case "ECDH": switch (operation.toLowerCase()) { case "exportkey": case "importkey": case "generatekey": result = { algorithm: { name: "ECDH", namedCurve: "P-256" }, usages: ["deriveKey", "deriveBits"] }; break; case "derivekey": case "derivebits": result = { algorithm: { name: "ECDH", namedCurve: "P-256", public: [] }, usages: ["encrypt", "decrypt"] }; break; default: return { algorithm: { name: "ECDH" }, usages: [] }; } break; case "AES-CTR": switch (operation.toLowerCase()) { case "importkey": case "exportkey": case "generatekey": result = { algorithm: { name: "AES-CTR", length: 256 }, usages: ["encrypt", "decrypt", "wrapKey", "unwrapKey"] }; break; case "decrypt": case "encrypt": result = { algorithm: { name: "AES-CTR", counter: new Uint8Array(16), length: 10 }, usages: ["encrypt", "decrypt", "wrapKey", "unwrapKey"] }; break; default: return { algorithm: { name: "AES-CTR" }, usages: [] }; } break; case "AES-CBC": switch (operation.toLowerCase()) { case "importkey": case "exportkey": case "generatekey": result = { algorithm: { name: "AES-CBC", length: 256 }, usages: ["encrypt", "decrypt", "wrapKey", "unwrapKey"] }; break; case "decrypt": case "encrypt": result = { algorithm: { name: "AES-CBC", iv: this.getRandomValues(new Uint8Array(16)) }, usages: ["encrypt", "decrypt", "wrapKey", "unwrapKey"] }; break; default: return { algorithm: { name: "AES-CBC" }, usages: [] }; } break; case "AES-GCM": switch (operation.toLowerCase()) { case "importkey": case "exportkey": case "generatekey": result = { algorithm: { name: "AES-GCM", length: 256 }, usages: ["encrypt", "decrypt", "wrapKey", "unwrapKey"] }; break; case "decrypt": case "encrypt": result = { algorithm: { name: "AES-GCM", iv: this.getRandomValues(new Uint8Array(16)) }, usages: ["encrypt", "decrypt", "wrapKey", "unwrapKey"] }; break; default: return { algorithm: { name: "AES-GCM" }, usages: [] }; } break; case "AES-KW": switch (operation.toLowerCase()) { case "importkey": case "exportkey": case "generatekey": case "wrapkey": case "unwrapkey": result = { algorithm: { name: "AES-KW", length: 256 }, usages: ["wrapKey", "unwrapKey"] }; break; default: return { algorithm: { name: "AES-KW" }, usages: [] }; } break; case "HMAC": switch (operation.toLowerCase()) { case "sign": case "verify": result = { algorithm: { name: "HMAC" }, usages: ["sign", "verify"] }; break; case "importkey": case "exportkey": case "generatekey": result = { algorithm: { name: "HMAC", length: 32, hash: { name: "SHA-256" } }, usages: ["sign", "verify"] }; break; default: return { algorithm: { name: "HMAC" }, usages: [] }; } break; case "HKDF": switch (operation.toLowerCase()) { case "derivekey": result = { algorithm: { name: "HKDF", hash: "SHA-256", salt: new Uint8Array([]), info: new Uint8Array([]) }, usages: ["encrypt", "decrypt"] }; break; default: return { algorithm: { name: "HKDF" }, usages: [] }; } break; case "PBKDF2": switch (operation.toLowerCase()) { case "derivekey": result = { algorithm: { name: "PBKDF2", hash: { name: "SHA-256" }, salt: new Uint8Array([]), iterations: 10000 }, usages: ["encrypt", "decrypt"] }; break; default: return { algorithm: { name: "PBKDF2" }, usages: [] }; } break; } return result; } getHashAlgorithm(signatureAlgorithm) { let result = EMPTY_STRING; switch (signatureAlgorithm.algorithmId) { case "1.2.840.10045.4.1": case "1.2.840.113549.1.1.5": result = "SHA-1"; break; case "1.2.840.10045.4.3.2": case "1.2.840.113549.1.1.11": result = "SHA-256"; break; case "1.2.840.10045.4.3.3": case "1.2.840.113549.1.1.12": result = "SHA-384"; break; case "1.2.840.10045.4.3.4": case "1.2.840.113549.1.1.13": result = "SHA-512"; break; case "1.2.840.113549.1.1.10": { try { const params = new RSASSAPSSParams({ schema: signatureAlgorithm.algorithmParams }); if (params.hashAlgorithm) { const algorithm = this.getAlgorithmByOID(params.hashAlgorithm.algorithmId); if ("name" in algorithm) { result = algorithm.name; } else { return EMPTY_STRING; } } else result = "SHA-1"; } catch { } } break; } return result; } async encryptEncryptedContentInfo(parameters) { ParameterError.assert(parameters, "password", "contentEncryptionAlgorithm", "hmacHashAlgorithm", "iterationCount", "contentToEncrypt", "contentToEncrypt", "contentType"); const contentEncryptionOID = this.getOIDByAlgorithm(parameters.contentEncryptionAlgorithm, true, "contentEncryptionAlgorithm"); const pbkdf2OID = this.getOIDByAlgorithm({ name: "PBKDF2" }, true, "PBKDF2"); const hmacOID = this.getOIDByAlgorithm({ name: "HMAC", hash: { name: parameters.hmacHashAlgorithm } }, true, "hmacHashAlgorithm"); const ivBuffer = new ArrayBuffer(16); const ivView = new Uint8Array(ivBuffer); this.getRandomValues(ivView); const saltBuffer = new ArrayBuffer(64); const saltView = new Uint8Array(saltBuffer); this.getRandomValues(saltView); const contentView = new Uint8Array(parameters.contentToEncrypt); const pbkdf2Params = new PBKDF2Params({ salt: new asn1js__namespace.OctetString({ valueHex: saltBuffer }), iterationCount: parameters.iterationCount, prf: new AlgorithmIdentifier({ algorithmId: hmacOID, algorithmParams: new asn1js__namespace.Null() }) }); const passwordView = new Uint8Array(parameters.password); const pbkdfKey = await this.importKey("raw", passwordView, "PBKDF2", false, ["deriveKey"]); const derivedKey = await this.deriveKey({ name: "PBKDF2", hash: { name: parameters.hmacHashAlgorithm }, salt: saltView, iterations: parameters.iterationCount }, pbkdfKey, parameters.contentEncryptionAlgorithm, false, ["encrypt"]); const encryptedData = await this.encrypt({ name: parameters.contentEncryptionAlgorithm.name, iv: ivView }, derivedKey, contentView); const pbes2Parameters = new PBES2Params({ keyDerivationFunc: new AlgorithmIdentifier({ algorithmId: pbkdf2OID, algorithmParams: pbkdf2Params.toSchema() }), encryptionScheme: new AlgorithmIdentifier({ algorithmId: contentEncryptionOID, algorithmParams: new asn1js__namespace.OctetString({ valueHex: ivBuffer }) }) }); return new EncryptedContentInfo({ contentType: parameters.contentType, contentEncryptionAlgorithm: new AlgorithmIdentifier({ algorithmId: "1.2.840.113549.1.5.13", algorithmParams: pbes2Parameters.toSchema() }), encryptedContent: new asn1js__namespace.OctetString({ valueHex: encryptedData }) }); } async decryptEncryptedContentInfo(parameters) { ParameterError.assert(parameters, "password", "encryptedContentInfo"); if (parameters.encryptedContentInfo.contentEncryptionAlgorithm.algorithmId !== "1.2.840.113549.1.5.13") throw new Error(`Unknown "contentEncryptionAlgorithm": ${parameters.encryptedContentInfo.contentEncryptionAlgorithm.algorithmId}`); let pbes2Parameters; try { pbes2Parameters = new PBES2Params({ schema: parameters.encryptedContentInfo.contentEncryptionAlgorithm.algorithmParams }); } catch { throw new Error("Incorrectly encoded \"pbes2Parameters\""); } let pbkdf2Params; try { pbkdf2Params = new PBKDF2Params({ schema: pbes2Parameters.keyDerivationFunc.algorithmParams }); } catch { throw new Error("Incorrectly encoded \"pbkdf2Params\""); } const contentEncryptionAlgorithm = this.getAlgorithmByOID(pbes2Parameters.encryptionScheme.algorithmId, true); const ivBuffer = pbes2Parameters.encryptionScheme.algorithmParams.valueBlock.valueHex; const ivView = new Uint8Array(ivBuffer); const saltBuffer = pbkdf2Params.salt.valueBlock.valueHex; const saltView = new Uint8Array(saltBuffer); const iterationCount = pbkdf2Params.iterationCount; let hmacHashAlgorithm = "SHA-1"; if (pbkdf2Params.prf) { const algorithm = this.getAlgorithmByOID(pbkdf2Params.prf.algorithmId, true); hmacHashAlgorithm = algorithm.hash.name; } const pbkdfKey = await this.importKey("raw", parameters.password, "PBKDF2", false, ["deriveKey"]); const result = await this.deriveKey({ name: "PBKDF2", hash: { name: hmacHashAlgorithm }, salt: saltView, iterations: iterationCount }, pbkdfKey, contentEncryptionAlgorithm, false, ["decrypt"]); const dataBuffer = parameters.encryptedContentInfo.getEncryptedContent(); return this.decrypt({ name: contentEncryptionAlgorithm.name, iv: ivView }, result, dataBuffer); } async stampDataWithPassword(parameters) { if ((parameters instanceof Object) === false) throw new Error("Parameters must have type \"Object\""); ParameterError.assert(parameters, "password", "hashAlgorithm", "iterationCount", "salt", "contentToStamp"); let length; switch (parameters.hashAlgorithm.toLowerCase()) { case "sha-1": length = 160; break; case "sha-256": length = 256; break; case "sha-384": length = 384; break; case "sha-512": length = 512; break; default: throw new Error(`Incorrect "parameters.hashAlgorithm" parameter: ${parameters.hashAlgorithm}`); } const hmacAlgorithm = { name: "HMAC", length, hash: { name: parameters.hashAlgorithm } }; const pkcsKey = await makePKCS12B2Key(parameters.hashAlgorithm, length, parameters.password, parameters.salt, parameters.iterationCount); const hmacKey = await this.importKey("raw", new Uint8Array(pkcsKey), hmacAlgorithm, false, ["sign"]); return this.sign(hmacAlgorithm, hmacKey, new Uint8Array(parameters.contentToStamp)); } async verifyDataStampedWithPassword(parameters) { ParameterError.assert(parameters, "password", "hashAlgorithm", "salt", "iterationCount", "contentToVerify", "signatureToVerify"); let length = 0; switch (parameters.hashAlgorithm.toLowerCase()) { case "sha-1": length = 160; break; case "sha-256": length = 256; break; case "sha-384": length = 384; break; case "sha-512": length = 512; break; default: throw new Error(`Incorrect "parameters.hashAlgorithm" parameter: ${parameters.hashAlgorithm}`); } const hmacAlgorithm = { name: "HMAC", length, hash: { name: parameters.hashAlgorithm } }; const pkcsKey = await makePKCS12B2Key(parameters.hashAlgorithm, length, parameters.password, parameters.salt, parameters.iterationCount); const hmacKey = await this.importKey("raw", new Uint8Array(pkcsKey), hmacAlgorithm, false, ["verify"]); return this.verify(hmacAlgorithm, hmacKey, new Uint8Array(parameters.signatureToVerify), new Uint8Array(parameters.contentToVerify)); } async getSignatureParameters(privateKey, hashAlgorithm = "SHA-1") { this.getOIDByAlgorithm({ name: hashAlgorithm }, true, "hashAlgorithm"); const signatureAlgorithm = new AlgorithmIdentifier(); const parameters = this.getAlgorithmParameters(privateKey.algorithm.name, "sign"); if (!Object.keys(parameters.algorithm).length) { throw new Error("Parameter 'algorithm' is empty"); } const algorithm = parameters.algorithm; if ("hash" in privateKey.algorithm && privateKey.algorithm.hash && privateKey.algorithm.hash.name) { algorithm.hash.name = privateKey.algorithm.hash.name; } else { algorithm.hash.name = hashAlgorithm; } switch (privateKey.algorithm.name.toUpperCase()) { case "RSASSA-PKCS1-V1_5": case "ECDSA": signatureAlgorithm.algorithmId = this.getOIDByAlgorithm(algorithm, true); break; case "RSA-PSS": { switch (algorithm.hash.name.toUpperCase()) { case "SHA-256": algorithm.saltLength = 32; break; case "SHA-384": algorithm.saltLength = 48; break; case "SHA-512": algorithm.saltLength = 64; break; } const paramsObject = {}; if (algorithm.hash.name.toUpperCase() !== "SHA-1") { const hashAlgorithmOID = this.getOIDByAlgorithm({ name: algorithm.hash.name }, true, "hashAlgorithm"); paramsObject.hashAlgorithm = new AlgorithmIdentifier({ algorithmId: hashAlgorithmOID, algorithmParams: new asn1js__namespace.Null() }); paramsObject.maskGenAlgorithm = new AlgorithmIdentifier({ algorithmId: "1.2.840.113549.1.1.8", algorithmParams: paramsObject.hashAlgorithm.toSchema() }); } if (algorithm.saltLength !== 20) paramsObject.saltLength = algorithm.saltLength; const pssParameters = new RSASSAPSSParams(paramsObject); signatureAlgorithm.algorithmId = "1.2.840.113549.1.1.10"; signatureAlgorithm.algorithmParams = pssParameters.toSchema(); } break; default: throw new Error(`Unsupported signature algorithm: ${privateKey.algorithm.name}`); } return { signatureAlgorithm, parameters }; } async signWithPrivateKey(data, privateKey, parameters) { const signature = await this.sign(parameters.algorithm, privateKey, data); if (parameters.algorithm.name === "ECDSA") { return createCMSECDSASignature(signature); } return signature; } fillPublicKeyParameters(publicKeyInfo, signatureAlgorithm) { const parameters = {}; const shaAlgorithm = this.getHashAlgorithm(signatureAlgorithm); if (shaAlgorithm === EMPTY_STRING) throw new Error(`Unsupported signature algorithm: ${signatureAlgorithm.algorithmId}`); let algorithmId; if (signatureAlgorithm.algorithmId === "1.2.840.113549.1.1.10") algorithmId = signatureAlgorithm.algorithmId; else algorithmId = publicKeyInfo.algorithm.algorithmId; const algorithmObject = this.getAlgorithmByOID(algorithmId, true); parameters.algorithm = this.getAlgorithmParameters(algorithmObject.name, "importKey"); if ("hash" in parameters.algorithm.algorithm) parameters.algorithm.algorithm.hash.name = shaAlgorithm; if (algorithmObject.name === "ECDSA") { const publicKeyAlgorithm = publicKeyInfo.algorithm; if (!publicKeyAlgorithm.algorithmParams) { throw new Error("Algorithm parameters for ECDSA public key are missed"); } const publicKeyAlgorithmParams = publicKeyAlgorithm.algorithmParams; if ("idBlock" in publicKeyAlgorithm.algorithmParams) { if (!((publicKeyAlgorithmParams.idBlock.tagClass === 1) && (publicKeyAlgorithmParams.idBlock.tagNumber === 6))) { throw new Error("Incorrect type for ECDSA public key parameters"); } } const curveObject = this.getAlgorithmByOID(publicKeyAlgorithmParams.valueBlock.toString(), true); parameters.algorithm.algorithm.namedCurve = curveObject.name; } return parameters; } async getPublicKey(publicKeyInfo, signatureAlgorithm, parameters) { if (!parameters) { parameters = this.fillPublicKeyParameters(publicKeyInfo, signatureAlgorithm); } const publicKeyInfoBuffer = publicKeyInfo.toSchema().toBER(false); return this.importKey("spki", publicKeyInfoBuffer, parameters.algorithm.algorithm, true, parameters.algorithm.usages); } async verifyWithPublicKey(data, signature, publicKeyInfo, signatureAlgorithm, shaAlgorithm) { let publicKey; if (!shaAlgorithm) { shaAlgorithm = this.getHashAlgorithm(signatureAlgorithm); if (!shaAlgorithm) throw new Error(`Unsupported signature algorithm: ${signatureAlgorithm.algorithmId}`); publicKey = await this.getPublicKey(publicKeyInfo, signatureAlgorithm); } else { const parameters = {}; let algorithmId; if (signatureAlgorithm.algorithmId === "1.2.840.113549.1.1.10") algorithmId = signatureAlgorithm.algorithmId; else algorithmId = publicKeyInfo.algorithm.algorithmId; const algorithmObject = this.getAlgorithmByOID(algorithmId, true); parameters.algorithm = this.getAlgorithmParameters(algorithmObject.name, "importKey"); if ("hash" in parameters.algorithm.algorithm) parameters.algorithm.algorithm.hash.name = shaAlgorithm; if (algorithmObject.name === "ECDSA") { let algorithmParamsChecked = false; if (("algorithmParams" in publicKeyInfo.algorithm) === true) { if ("idBlock" in publicKeyInfo.algorithm.algorithmParams) { if ((publicKeyInfo.algorithm.algorithmParams.idBlock.tagClass === 1) && (publicKeyInfo.algorithm.algorithmParams.idBlock.tagNumber === 6)) algorithmParamsChecked = true; } } if (algorithmParamsChecked === false) { throw new Error("Incorrect type for ECDSA public key parameters"); } const curveObject = this.getAlgorithmByOID(publicKeyInfo.algorithm.algorithmParams.valueBlock.toString(), true); parameters.algorithm.algorithm.namedCurve = curveObject.name; } publicKey = await this.getPublicKey(publicKeyInfo, null, parameters); } const algorithm = this.getAlgorithmParameters(publicKey.algorithm.name, "verify"); if ("hash" in algorithm.algorithm) algorithm.algorithm.hash.name = shaAlgorithm; let signatureValue = signature.valueBlock.valueHexView; if (publicKey.algorithm.name === "ECDSA") { const namedCurve = ECNamedCurves.find(publicKey.algorithm.namedCurve); if (!namedCurve) { throw new Error("Unsupported named curve in use"); } const asn1 = asn1js__namespace.fromBER(signatureValue); AsnError.assert(asn1, "Signature value"); signatureValue = createECDSASignatureFromCMS(asn1.result, namedCurve.size); } if (publicKey.algorithm.name === "RSA-PSS") { const pssParameters = new RSASSAPSSParams({ schema: signatureAlgorithm.algorithmParams }); if ("saltLength" in pssParameters) algorithm.algorithm.saltLength = pssParameters.saltLength; else algorithm.algorithm.saltLength = 20; let hashAlgo = "SHA-1"; if ("hashAlgorithm" in pssParameters) { const hashAlgorithm = this.getAlgorithmByOID(pssParameters.hashAlgorithm.algorithmId, true); hashAlgo = hashAlgorithm.name; } algorithm.algorithm.hash.name = hashAlgo; } return this.verify(algorithm.algorithm, publicKey, signatureValue, data); } } exports.engine = { name: "none", crypto: null, }; function isCryptoEngine(engine) { return engine && typeof engine === "object" && "crypto" in engine ? true : false; } function setEngine(name, ...args) { let crypto = null; if (args.length < 2) { if (args.length) { crypto = args[0]; } else { crypto = typeof self !== "undefined" && self.crypto ? new CryptoEngine({ name: "browser", crypto: self.crypto }) : null; } } else { const cryptoArg = args[0]; const subtleArg = args[1]; if (isCryptoEngine(subtleArg)) { crypto = subtleArg; } else if (isCryptoEngine(cryptoArg)) { crypto = cryptoArg; } else if ("subtle" in cryptoArg && "getRandomValues" in cryptoArg) { crypto = new CryptoEngine({ crypto: cryptoArg, }); } } if ((typeof process !== "undefined") && ("pid" in process) && (typeof global !== "undefined") && (typeof window === "undefined")) { if (typeof global[process.pid] === "undefined") { global[process.pid] = {}; } else { if (typeof global[process.pid] !== "object") { throw new Error(`Name global.${process.pid} already exists and it is not an object`); } } if (typeof global[process.pid].pkijs === "undefined") { global[process.pid].pkijs = {}; } else { if (typeof global[process.pid].pkijs !== "object") { throw new Error(`Name global.${process.pid}.pkijs already exists and it is not an object`); } } global[process.pid].pkijs.engine = { name: name, crypto, }; } else { exports.engine = { name: name, crypto, }; } } function getEngine() { if ((typeof process !== "undefined") && ("pid" in process) && (typeof global !== "undefined") && (typeof window === "undefined")) { let _engine; try { _engine = global[process.pid].pkijs.engine; } catch { throw new Error("Please call 'setEngine' before call to 'getEngine'"); } return _engine; } return exports.engine; } function getCrypto(safety = false) { const _engine = getEngine(); if (!_engine.crypto && safety) { throw new Error("Unable to create WebCrypto object"); } return _engine.crypto; } function getRandomValues(view) { return getCrypto(true).getRandomValues(view); } function getOIDByAlgorithm(algorithm, safety, target) { return getCrypto(true).getOIDByAlgorithm(algorithm, safety, target); } function getAlgorithmParameters(algorithmName, operation) { return getCrypto(true).getAlgorithmParameters(algorithmName, operation); } function createCMSECDSASignature(signatureBuffer) { if ((signatureBuffer.byteLength % 2) !== 0) return EMPTY_BUFFER; const length = signatureBuffer.byteLength / 2; const rBuffer = new ArrayBuffer(length); const rView = new Uint8Array(rBuffer); rView.set(new Uint8Array(signatureBuffer, 0, length)); const rInteger = new asn1js__namespace.Integer({ valueHex: rBuffer }); const sBuffer = new ArrayBuffer(length); const sView = new Uint8Array(sBuffer); sView.set(new Uint8Array(signatureBuffer, length, length)); const sInteger = new asn1js__namespace.Integer({ valueHex: sBuffer }); return (new asn1js__namespace.Sequence({ value: [ rInteger.convertToDER(), sInteger.convertToDER() ] })).toBER(false); } function createECDSASignatureFromCMS(cmsSignature, pointSize) { if (!(cmsSignature instanceof asn1js__namespace.Sequence && cmsSignature.valueBlock.value.length === 2 && cmsSignature.valueBlock.value[0] instanceof asn1js__namespace.Integer && cmsSignature.valueBlock.value[1] instanceof asn1js__namespace.Integer)) return EMPTY_BUFFER; const rValueView = cmsSignature.valueBlock.value[0].convertFromDER().valueBlock.valueHexView; const sValueView = cmsSignature.valueBlock.value[1].convertFromDER().valueBlock.valueHexView; const res = new Uint8Array(pointSize * 2); res.set(rValueView, pointSize - rValueView.byteLength); res.set(sValueView, (2 * pointSize) - sValueView.byteLength); return res.buffer; } function getAlgorithmByOID(oid, safety = false, target) { return getCrypto(true).getAlgorithmByOID(oid, safety, target); } function getHashAlgorithm(signatureAlgorithm) { return getCrypto(true).getHashAlgorithm(signatureAlgorithm); } async function kdfWithCounter(hashFunction, zBuffer, Counter, SharedInfo, crypto) { switch (hashFunction.toUpperCase()) { case "SHA-1": case "SHA-256": case "SHA-384": case "SHA-512": break; default: throw new ArgumentError(`Unknown hash function: ${hashFunction}`); } ArgumentError.assert(zBuffer, "zBuffer", "ArrayBuffer"); if (zBuffer.byteLength === 0) throw new ArgumentError("'zBuffer' has zero length, error"); ArgumentError.assert(SharedInfo, "SharedInfo", "ArrayBuffer"); if (Counter > 255) throw new ArgumentError("Please set 'Counter' argument to value less or equal to 255"); const counterBuffer = new ArrayBuffer(4); const counterView = new Uint8Array(counterBuffer); counterView[0] = 0x00; counterView[1] = 0x00; counterView[2] = 0x00; counterView[3] = Counter; let combinedBuffer = EMPTY_BUFFER; combinedBuffer = pvutils__namespace.utilConcatBuf(combinedBuffer, zBuffer); combinedBuffer = pvutils__namespace.utilConcatBuf(combinedBuffer, counterBuffer); combinedBuffer = pvutils__namespace.utilConcatBuf(combinedBuffer, SharedInfo); const result = await crypto.digest({ name: hashFunction }, combinedBuffer); return { counter: Counter, result }; } async function kdf(hashFunction, Zbuffer, keydatalen, SharedInfo, crypto = getCrypto(true)) { let hashLength = 0; let maxCounter = 1; switch (hashFunction.toUpperCase()) { case "SHA-1": hashLength = 160; break; case "SHA-256": hashLength = 256; break; case "SHA-384": hashLength = 384; break; case "SHA-512": hashLength = 512; break; default: throw new ArgumentError(`Unknown hash function: ${hashFunction}`); } ArgumentError.assert(Zbuffer, "Zbuffer", "ArrayBuffer"); if (Zbuffer.byteLength === 0) throw new ArgumentError("'Zbuffer' has zero length, error"); ArgumentError.assert(SharedInfo, "SharedInfo", "ArrayBuffer"); const quotient = keydatalen / hashLength; if (Math.floor(quotient) > 0) { maxCounter = Math.floor(quotient); if ((quotient - maxCounter) > 0) maxCounter++; } const incomingResult = []; for (let i = 1; i <= maxCounter; i++) incomingResult.push(await kdfWithCounter(hashFunction, Zbuffer, i, SharedInfo, crypto)); let combinedBuffer = EMPTY_BUFFER; let currentCounter = 1; let found = true; while (found) { found = false; for (const result of incomingResult) { if (result.counter === currentCounter) { combinedBuffer = pvutils__namespace.utilConcatBuf(combinedBuffer, result.result); found = true; break; } } currentCounter++; } keydatalen >>= 3; if (combinedBuffer.byteLength > keydatalen) { const newBuffer = new ArrayBuffer(keydatalen); const newView = new Uint8Array(newBuffer); const combinedView = new Uint8Array(combinedBuffer); for (let i = 0; i < keydatalen; i++) newView[i] = combinedView[i]; return newBuffer; } return combinedBuffer; } const VERSION$i = "version"; const LOG_ID = "logID"; const EXTENSIONS$6 = "extensions"; const TIMESTAMP = "timestamp"; const HASH_ALGORITHM$3 = "hashAlgorithm"; const SIGNATURE_ALGORITHM$8 = "signatureAlgorithm"; const SIGNATURE$7 = "signature"; const NONE = "none"; const MD5 = "md5"; const SHA1 = "sha1"; const SHA224 = "sha224"; const SHA256 = "sha256"; const SHA384 = "sha384"; const SHA512 = "sha512"; const ANONYMOUS = "anonymous"; const RSA = "rsa"; const DSA = "dsa"; const ECDSA = "ecdsa"; class SignedCertificateTimestamp extends PkiObject { constructor(parameters = {}) { super(); this.version = pvutils__namespace.getParametersValue(parameters, VERSION$i, SignedCertificateTimestamp.defaultValues(VERSION$i)); this.logID = pvutils__namespace.getParametersValue(parameters, LOG_ID, SignedCertificateTimestamp.defaultValues(LOG_ID)); this.timestamp = pvutils__namespace.getParametersValue(parameters, TIMESTAMP, SignedCertificateTimestamp.defaultValues(TIMESTAMP)); this.extensions = pvutils__namespace.getParametersValue(parameters, EXTENSIONS$6, SignedCertificateTimestamp.defaultValues(EXTENSIONS$6)); this.hashAlgorithm = pvutils__namespace.getParametersValue(parameters, HASH_ALGORITHM$3, SignedCertificateTimestamp.defaultValues(HASH_ALGORITHM$3)); this.signatureAlgorithm = pvutils__namespace.getParametersValue(parameters, SIGNATURE_ALGORITHM$8, SignedCertificateTimestamp.defaultValues(SIGNATURE_ALGORITHM$8)); this.signature = pvutils__namespace.getParametersValue(parameters, SIGNATURE$7, SignedCertificateTimestamp.defaultValues(SIGNATURE$7)); if ("stream" in parameters && parameters.stream) { this.fromStream(parameters.stream); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case VERSION$i: return 0; case LOG_ID: case EXTENSIONS$6: return EMPTY_BUFFER; case TIMESTAMP: return new Date(0); case HASH_ALGORITHM$3: case SIGNATURE_ALGORITHM$8: return EMPTY_STRING; case SIGNATURE$7: return EMPTY_BUFFER; default: return super.defaultValues(memberName); } } fromSchema(schema) { if ((schema instanceof asn1js__namespace.RawData) === false) throw new Error("Object's schema was not verified against input data for SignedCertificateTimestamp"); const seqStream = new bs__namespace.SeqStream({ stream: new bs__namespace.ByteStream({ buffer: schema.data }) }); this.fromStream(seqStream); } fromStream(stream) { const blockLength = stream.getUint16(); this.version = (stream.getBlock(1))[0]; if (this.version === 0) { this.logID = (new Uint8Array(stream.getBlock(32))).buffer.slice(0); this.timestamp = new Date(pvutils__namespace.utilFromBase(new Uint8Array(stream.getBlock(8)), 8)); const extensionsLength = stream.getUint16(); this.extensions = (new Uint8Array(stream.getBlock(extensionsLength))).buffer.slice(0); switch ((stream.getBlock(1))[0]) { case 0: this.hashAlgorithm = NONE; break; case 1: this.hashAlgorithm = MD5; break; case 2: this.hashAlgorithm = SHA1; break; case 3: this.hashAlgorithm = SHA224; break; case 4: this.hashAlgorithm = SHA256; break; case 5: this.hashAlgorithm = SHA384; break; case 6: this.hashAlgorithm = SHA512; break; default: throw new Error("Object's stream was not correct for SignedCertificateTimestamp"); } switch ((stream.getBlock(1))[0]) { case 0: this.signatureAlgorithm = ANONYMOUS; break; case 1: this.signatureAlgorithm = RSA; break; case 2: this.signatureAlgorithm = DSA; break; case 3: this.signatureAlgorithm = ECDSA; break; default: throw new Error("Object's stream was not correct for SignedCertificateTimestamp"); } const signatureLength = stream.getUint16(); this.signature = new Uint8Array(stream.getBlock(signatureLength)).buffer.slice(0); if (blockLength !== (47 + extensionsLength + signatureLength)) { throw new Error("Object's stream was not correct for SignedCertificateTimestamp"); } } } toSchema() { const stream = this.toStream(); return new asn1js__namespace.RawData({ data: stream.stream.buffer }); } toStream() { const stream = new bs__namespace.SeqStream(); stream.appendUint16(47 + this.extensions.byteLength + this.signature.byteLength); stream.appendChar(this.version); stream.appendView(new Uint8Array(this.logID)); const timeBuffer = new ArrayBuffer(8); const timeView = new Uint8Array(timeBuffer); const baseArray = pvutils__namespace.utilToBase(this.timestamp.valueOf(), 8); timeView.set(new Uint8Array(baseArray), 8 - baseArray.byteLength); stream.appendView(timeView); stream.appendUint16(this.extensions.byteLength); if (this.extensions.byteLength) stream.appendView(new Uint8Array(this.extensions)); let _hashAlgorithm; switch (this.hashAlgorithm.toLowerCase()) { case NONE: _hashAlgorithm = 0; break; case MD5: _hashAlgorithm = 1; break; case SHA1: _hashAlgorithm = 2; break; case SHA224: _hashAlgorithm = 3; break; case SHA256: _hashAlgorithm = 4; break; case SHA384: _hashAlgorithm = 5; break; case SHA512: _hashAlgorithm = 6; break; default: throw new Error(`Incorrect data for hashAlgorithm: ${this.hashAlgorithm}`); } stream.appendChar(_hashAlgorithm); let _signatureAlgorithm; switch (this.signatureAlgorithm.toLowerCase()) { case ANONYMOUS: _signatureAlgorithm = 0; break; case RSA: _signatureAlgorithm = 1; break; case DSA: _signatureAlgorithm = 2; break; case ECDSA: _signatureAlgorithm = 3; break; default: throw new Error(`Incorrect data for signatureAlgorithm: ${this.signatureAlgorithm}`); } stream.appendChar(_signatureAlgorithm); stream.appendUint16(this.signature.byteLength); stream.appendView(new Uint8Array(this.signature)); return stream; } toJSON() { return { version: this.version, logID: pvutils__namespace.bufferToHexCodes(this.logID), timestamp: this.timestamp, extensions: pvutils__namespace.bufferToHexCodes(this.extensions), hashAlgorithm: this.hashAlgorithm, signatureAlgorithm: this.signatureAlgorithm, signature: pvutils__namespace.bufferToHexCodes(this.signature), }; } async verify(logs, data, dataType = 0, crypto = getCrypto(true)) { const logId = pvutils__namespace.toBase64(pvutils__namespace.arrayBufferToString(this.logID)); let publicKeyBase64 = null; const stream = new bs__namespace.SeqStream(); for (const log of logs) { if (log.log_id === logId) { publicKeyBase64 = log.key; break; } } if (!publicKeyBase64) { throw new Error(`Public key not found for CT with logId: ${logId}`); } const pki = pvutils__namespace.stringToArrayBuffer(pvutils__namespace.fromBase64(publicKeyBase64)); const publicKeyInfo = PublicKeyInfo.fromBER(pki); stream.appendChar(0x00); stream.appendChar(0x00); const timeBuffer = new ArrayBuffer(8); const timeView = new Uint8Array(timeBuffer); const baseArray = pvutils__namespace.utilToBase(this.timestamp.valueOf(), 8); timeView.set(new Uint8Array(baseArray), 8 - baseArray.byteLength); stream.appendView(timeView); stream.appendUint16(dataType); if (dataType === 0) stream.appendUint24(data.byteLength); stream.appendView(new Uint8Array(data)); stream.appendUint16(this.extensions.byteLength); if (this.extensions.byteLength !== 0) stream.appendView(new Uint8Array(this.extensions)); return crypto.verifyWithPublicKey(stream.buffer.slice(0, stream.length), new asn1js__namespace.OctetString({ valueHex: this.signature }), publicKeyInfo, { algorithmId: EMPTY_STRING }, "SHA-256"); } } SignedCertificateTimestamp.CLASS_NAME = "SignedCertificateTimestamp"; async function verifySCTsForCertificate(certificate, issuerCertificate, logs, index = (-1), crypto = getCrypto(true)) { let parsedValue = null; const stream = new bs__namespace.SeqStream(); if (certificate.extensions) { for (let i = certificate.extensions.length - 1; i >= 0; i--) { switch (certificate.extensions[i].extnID) { case id_SignedCertificateTimestampList: { parsedValue = certificate.extensions[i].parsedValue; if (!parsedValue || parsedValue.timestamps.length === 0) throw new Error("Nothing to verify in the certificate"); certificate.extensions.splice(i, 1); } break; } } } if (parsedValue === null) throw new Error("No SignedCertificateTimestampList extension in the specified certificate"); const tbs = certificate.encodeTBS().toBER(); const issuerId = await crypto.digest({ name: "SHA-256" }, new Uint8Array(issuerCertificate.subjectPublicKeyInfo.toSchema().toBER(false))); stream.appendView(new Uint8Array(issuerId)); stream.appendUint24(tbs.byteLength); stream.appendView(new Uint8Array(tbs)); const preCert = stream.stream.slice(0, stream.length); if (index === (-1)) { const verifyArray = []; for (const timestamp of parsedValue.timestamps) { const verifyResult = await timestamp.verify(logs, preCert.buffer, 1, crypto); verifyArray.push(verifyResult); } return verifyArray; } if (index >= parsedValue.timestamps.length) index = (parsedValue.timestamps.length - 1); return [await parsedValue.timestamps[index].verify(logs, preCert.buffer, 1, crypto)]; } const TIMESTAMPS = "timestamps"; class SignedCertificateTimestampList extends PkiObject { constructor(parameters = {}) { super(); this.timestamps = pvutils__namespace.getParametersValue(parameters, TIMESTAMPS, SignedCertificateTimestampList.defaultValues(TIMESTAMPS)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case TIMESTAMPS: return []; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case TIMESTAMPS: return (memberValue.length === 0); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { var _a; const names = pvutils__namespace.getParametersValue(parameters, "names", {}); (_a = names.optional) !== null && _a !== void 0 ? _a : (names.optional = false); return (new asn1js__namespace.OctetString({ name: (names.blockName || "SignedCertificateTimestampList"), optional: names.optional })); } fromSchema(schema) { if ((schema instanceof asn1js__namespace.OctetString) === false) { throw new Error("Object's schema was not verified against input data for SignedCertificateTimestampList"); } const seqStream = new bs__namespace.SeqStream({ stream: new bs__namespace.ByteStream({ buffer: schema.valueBlock.valueHex }) }); const dataLength = seqStream.getUint16(); if (dataLength !== seqStream.length) { throw new Error("Object's schema was not verified against input data for SignedCertificateTimestampList"); } while (seqStream.length) { this.timestamps.push(new SignedCertificateTimestamp({ stream: seqStream })); } } toSchema() { const stream = new bs__namespace.SeqStream(); let overallLength = 0; const timestampsData = []; for (const timestamp of this.timestamps) { const timestampStream = timestamp.toStream(); timestampsData.push(timestampStream); overallLength += timestampStream.stream.buffer.byteLength; } stream.appendUint16(overallLength); for (const timestamp of timestampsData) { stream.appendView(timestamp.stream.view); } return new asn1js__namespace.OctetString({ valueHex: stream.stream.buffer.slice(0) }); } toJSON() { return { timestamps: Array.from(this.timestamps, o => o.toJSON()) }; } } SignedCertificateTimestampList.CLASS_NAME = "SignedCertificateTimestampList"; const ATTRIBUTES$4 = "attributes"; const CLEAR_PROPS$11 = [ ATTRIBUTES$4 ]; class SubjectDirectoryAttributes extends PkiObject { constructor(parameters = {}) { super(); this.attributes = pvutils__namespace.getParametersValue(parameters, ATTRIBUTES$4, SubjectDirectoryAttributes.defaultValues(ATTRIBUTES$4)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case ATTRIBUTES$4: return []; default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Repeated({ name: (names.attributes || EMPTY_STRING), value: Attribute.schema() }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$11); const asn1 = asn1js__namespace.compareSchema(schema, schema, SubjectDirectoryAttributes.schema({ names: { attributes: ATTRIBUTES$4 } })); AsnError.assertSchema(asn1, this.className); this.attributes = Array.from(asn1.result.attributes, element => new Attribute({ schema: element })); } toSchema() { return (new asn1js__namespace.Sequence({ value: Array.from(this.attributes, o => o.toSchema()) })); } toJSON() { return { attributes: Array.from(this.attributes, o => o.toJSON()) }; } } SubjectDirectoryAttributes.CLASS_NAME = "SubjectDirectoryAttributes"; class ExtensionValueFactory { static getItems() { if (!this.types) { this.types = {}; ExtensionValueFactory.register(id_SubjectAltName, "SubjectAltName", AltName); ExtensionValueFactory.register(id_IssuerAltName, "IssuerAltName", AltName); ExtensionValueFactory.register(id_AuthorityKeyIdentifier, "AuthorityKeyIdentifier", AuthorityKeyIdentifier); ExtensionValueFactory.register(id_BasicConstraints, "BasicConstraints", BasicConstraints); ExtensionValueFactory.register(id_MicrosoftCaVersion, "MicrosoftCaVersion", CAVersion); ExtensionValueFactory.register(id_CertificatePolicies, "CertificatePolicies", CertificatePolicies); ExtensionValueFactory.register(id_MicrosoftAppPolicies, "CertificatePoliciesMicrosoft", CertificatePolicies); ExtensionValueFactory.register(id_MicrosoftCertTemplateV2, "MicrosoftCertTemplateV2", CertificateTemplate); ExtensionValueFactory.register(id_CRLDistributionPoints, "CRLDistributionPoints", CRLDistributionPoints); ExtensionValueFactory.register(id_FreshestCRL, "FreshestCRL", CRLDistributionPoints); ExtensionValueFactory.register(id_ExtKeyUsage, "ExtKeyUsage", ExtKeyUsage); ExtensionValueFactory.register(id_CertificateIssuer, "CertificateIssuer", GeneralNames); ExtensionValueFactory.register(id_AuthorityInfoAccess, "AuthorityInfoAccess", InfoAccess); ExtensionValueFactory.register(id_SubjectInfoAccess, "SubjectInfoAccess", InfoAccess); ExtensionValueFactory.register(id_IssuingDistributionPoint, "IssuingDistributionPoint", IssuingDistributionPoint); ExtensionValueFactory.register(id_NameConstraints, "NameConstraints", NameConstraints); ExtensionValueFactory.register(id_PolicyConstraints, "PolicyConstraints", PolicyConstraints); ExtensionValueFactory.register(id_PolicyMappings, "PolicyMappings", PolicyMappings); ExtensionValueFactory.register(id_PrivateKeyUsagePeriod, "PrivateKeyUsagePeriod", PrivateKeyUsagePeriod); ExtensionValueFactory.register(id_QCStatements, "QCStatements", QCStatements); ExtensionValueFactory.register(id_SignedCertificateTimestampList, "SignedCertificateTimestampList", SignedCertificateTimestampList); ExtensionValueFactory.register(id_SubjectDirectoryAttributes, "SubjectDirectoryAttributes", SubjectDirectoryAttributes); } return this.types; } static fromBER(id, raw) { const asn1 = asn1js__namespace.fromBER(raw); if (asn1.offset === -1) { return null; } const item = this.find(id); if (item) { try { return new item.type({ schema: asn1.result }); } catch { const res = new item.type(); res.parsingError = `Incorrectly formatted value of extension ${item.name} (${id})`; return res; } } return asn1.result; } static find(id) { const types = this.getItems(); return types[id] || null; } static register(id, name, type) { this.getItems()[id] = { name, type }; } } const EXTN_ID = "extnID"; const CRITICAL = "critical"; const EXTN_VALUE = "extnValue"; const PARSED_VALUE$5 = "parsedValue"; const CLEAR_PROPS$10 = [ EXTN_ID, CRITICAL, EXTN_VALUE ]; class Extension extends PkiObject { get parsedValue() { if (this._parsedValue === undefined) { const parsedValue = ExtensionValueFactory.fromBER(this.extnID, this.extnValue.valueBlock.valueHexView); this._parsedValue = parsedValue; } return this._parsedValue || undefined; } set parsedValue(value) { this._parsedValue = value; } constructor(parameters = {}) { super(); this.extnID = pvutils__namespace.getParametersValue(parameters, EXTN_ID, Extension.defaultValues(EXTN_ID)); this.critical = pvutils__namespace.getParametersValue(parameters, CRITICAL, Extension.defaultValues(CRITICAL)); if (EXTN_VALUE in parameters) { this.extnValue = new asn1js__namespace.OctetString({ valueHex: parameters.extnValue }); } else { this.extnValue = Extension.defaultValues(EXTN_VALUE); } if (PARSED_VALUE$5 in parameters) { this.parsedValue = pvutils__namespace.getParametersValue(parameters, PARSED_VALUE$5, Extension.defaultValues(PARSED_VALUE$5)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case EXTN_ID: return EMPTY_STRING; case CRITICAL: return false; case EXTN_VALUE: return new asn1js__namespace.OctetString(); case PARSED_VALUE$5: return {}; default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.ObjectIdentifier({ name: (names.extnID || EMPTY_STRING) }), new asn1js__namespace.Boolean({ name: (names.critical || EMPTY_STRING), optional: true }), new asn1js__namespace.OctetString({ name: (names.extnValue || EMPTY_STRING) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$10); const asn1 = asn1js__namespace.compareSchema(schema, schema, Extension.schema({ names: { extnID: EXTN_ID, critical: CRITICAL, extnValue: EXTN_VALUE } })); AsnError.assertSchema(asn1, this.className); this.extnID = asn1.result.extnID.valueBlock.toString(); if (CRITICAL in asn1.result) { this.critical = asn1.result.critical.valueBlock.value; } this.extnValue = asn1.result.extnValue; } toSchema() { const outputArray = []; outputArray.push(new asn1js__namespace.ObjectIdentifier({ value: this.extnID })); if (this.critical !== Extension.defaultValues(CRITICAL)) { outputArray.push(new asn1js__namespace.Boolean({ value: this.critical })); } outputArray.push(this.extnValue); return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const object = { extnID: this.extnID, extnValue: this.extnValue.toJSON(), }; if (this.critical !== Extension.defaultValues(CRITICAL)) { object.critical = this.critical; } if (this.parsedValue && this.parsedValue.toJSON) { object.parsedValue = this.parsedValue.toJSON(); } return object; } } Extension.CLASS_NAME = "Extension"; const EXTENSIONS$5 = "extensions"; const CLEAR_PROPS$$ = [ EXTENSIONS$5, ]; class Extensions extends PkiObject { constructor(parameters = {}) { super(); this.extensions = pvutils__namespace.getParametersValue(parameters, EXTENSIONS$5, Extensions.defaultValues(EXTENSIONS$5)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case EXTENSIONS$5: return []; default: return super.defaultValues(memberName); } } static schema(parameters = {}, optional = false) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ optional, name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Repeated({ name: (names.extensions || EMPTY_STRING), value: Extension.schema(names.extension || {}) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$$); const asn1 = asn1js__namespace.compareSchema(schema, schema, Extensions.schema({ names: { extensions: EXTENSIONS$5 } })); AsnError.assertSchema(asn1, this.className); this.extensions = Array.from(asn1.result.extensions, element => new Extension({ schema: element })); } toSchema() { return (new asn1js__namespace.Sequence({ value: Array.from(this.extensions, o => o.toSchema()) })); } toJSON() { return { extensions: this.extensions.map(o => o.toJSON()) }; } } Extensions.CLASS_NAME = "Extensions"; const ISSUER$5 = "issuer"; const SERIAL_NUMBER$6 = "serialNumber"; const ISSUER_UID = "issuerUID"; const CLEAR_PROPS$_ = [ ISSUER$5, SERIAL_NUMBER$6, ISSUER_UID, ]; class IssuerSerial extends PkiObject { constructor(parameters = {}) { super(); this.issuer = pvutils__namespace.getParametersValue(parameters, ISSUER$5, IssuerSerial.defaultValues(ISSUER$5)); this.serialNumber = pvutils__namespace.getParametersValue(parameters, SERIAL_NUMBER$6, IssuerSerial.defaultValues(SERIAL_NUMBER$6)); if (ISSUER_UID in parameters) { this.issuerUID = pvutils__namespace.getParametersValue(parameters, ISSUER_UID, IssuerSerial.defaultValues(ISSUER_UID)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case ISSUER$5: return new GeneralNames(); case SERIAL_NUMBER$6: return new asn1js__namespace.Integer(); case ISSUER_UID: return new asn1js__namespace.BitString(); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ GeneralNames.schema(names.issuer || {}), new asn1js__namespace.Integer({ name: (names.serialNumber || EMPTY_STRING) }), new asn1js__namespace.BitString({ optional: true, name: (names.issuerUID || EMPTY_STRING) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$_); const asn1 = asn1js__namespace.compareSchema(schema, schema, IssuerSerial.schema({ names: { issuer: { names: { blockName: ISSUER$5 } }, serialNumber: SERIAL_NUMBER$6, issuerUID: ISSUER_UID } })); AsnError.assertSchema(asn1, this.className); this.issuer = new GeneralNames({ schema: asn1.result.issuer }); this.serialNumber = asn1.result.serialNumber; if (ISSUER_UID in asn1.result) this.issuerUID = asn1.result.issuerUID; } toSchema() { const result = new asn1js__namespace.Sequence({ value: [ this.issuer.toSchema(), this.serialNumber ] }); if (this.issuerUID) { result.valueBlock.value.push(this.issuerUID); } return result; } toJSON() { const result = { issuer: this.issuer.toJSON(), serialNumber: this.serialNumber.toJSON() }; if (this.issuerUID) { result.issuerUID = this.issuerUID.toJSON(); } return result; } } IssuerSerial.CLASS_NAME = "IssuerSerial"; const VERSION$h = "version"; const BASE_CERTIFICATE_ID$2 = "baseCertificateID"; const SUBJECT_NAME = "subjectName"; const ISSUER$4 = "issuer"; const SIGNATURE$6 = "signature"; const SERIAL_NUMBER$5 = "serialNumber"; const ATTR_CERT_VALIDITY_PERIOD$1 = "attrCertValidityPeriod"; const ATTRIBUTES$3 = "attributes"; const ISSUER_UNIQUE_ID$2 = "issuerUniqueID"; const EXTENSIONS$4 = "extensions"; const CLEAR_PROPS$Z = [ VERSION$h, BASE_CERTIFICATE_ID$2, SUBJECT_NAME, ISSUER$4, SIGNATURE$6, SERIAL_NUMBER$5, ATTR_CERT_VALIDITY_PERIOD$1, ATTRIBUTES$3, ISSUER_UNIQUE_ID$2, EXTENSIONS$4, ]; class AttributeCertificateInfoV1 extends PkiObject { constructor(parameters = {}) { super(); this.version = pvutils__namespace.getParametersValue(parameters, VERSION$h, AttributeCertificateInfoV1.defaultValues(VERSION$h)); if (BASE_CERTIFICATE_ID$2 in parameters) { this.baseCertificateID = pvutils__namespace.getParametersValue(parameters, BASE_CERTIFICATE_ID$2, AttributeCertificateInfoV1.defaultValues(BASE_CERTIFICATE_ID$2)); } if (SUBJECT_NAME in parameters) { this.subjectName = pvutils__namespace.getParametersValue(parameters, SUBJECT_NAME, AttributeCertificateInfoV1.defaultValues(SUBJECT_NAME)); } this.issuer = pvutils__namespace.getParametersValue(parameters, ISSUER$4, AttributeCertificateInfoV1.defaultValues(ISSUER$4)); this.signature = pvutils__namespace.getParametersValue(parameters, SIGNATURE$6, AttributeCertificateInfoV1.defaultValues(SIGNATURE$6)); this.serialNumber = pvutils__namespace.getParametersValue(parameters, SERIAL_NUMBER$5, AttributeCertificateInfoV1.defaultValues(SERIAL_NUMBER$5)); this.attrCertValidityPeriod = pvutils__namespace.getParametersValue(parameters, ATTR_CERT_VALIDITY_PERIOD$1, AttributeCertificateInfoV1.defaultValues(ATTR_CERT_VALIDITY_PERIOD$1)); this.attributes = pvutils__namespace.getParametersValue(parameters, ATTRIBUTES$3, AttributeCertificateInfoV1.defaultValues(ATTRIBUTES$3)); if (ISSUER_UNIQUE_ID$2 in parameters) this.issuerUniqueID = pvutils__namespace.getParametersValue(parameters, ISSUER_UNIQUE_ID$2, AttributeCertificateInfoV1.defaultValues(ISSUER_UNIQUE_ID$2)); if (EXTENSIONS$4 in parameters) { this.extensions = pvutils__namespace.getParametersValue(parameters, EXTENSIONS$4, AttributeCertificateInfoV1.defaultValues(EXTENSIONS$4)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case VERSION$h: return 0; case BASE_CERTIFICATE_ID$2: return new IssuerSerial(); case SUBJECT_NAME: return new GeneralNames(); case ISSUER$4: return new GeneralNames(); case SIGNATURE$6: return new AlgorithmIdentifier(); case SERIAL_NUMBER$5: return new asn1js__namespace.Integer(); case ATTR_CERT_VALIDITY_PERIOD$1: return new AttCertValidityPeriod(); case ATTRIBUTES$3: return []; case ISSUER_UNIQUE_ID$2: return new asn1js__namespace.BitString(); case EXTENSIONS$4: return new Extensions(); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Integer({ name: (names.version || EMPTY_STRING) }), new asn1js__namespace.Choice({ value: [ new asn1js__namespace.Constructed({ name: (names.baseCertificateID || EMPTY_STRING), idBlock: { tagClass: 3, tagNumber: 0 }, value: IssuerSerial.schema().valueBlock.value }), new asn1js__namespace.Constructed({ name: (names.subjectName || EMPTY_STRING), idBlock: { tagClass: 3, tagNumber: 1 }, value: GeneralNames.schema().valueBlock.value }), ] }), GeneralNames.schema({ names: { blockName: (names.issuer || EMPTY_STRING) } }), AlgorithmIdentifier.schema(names.signature || {}), new asn1js__namespace.Integer({ name: (names.serialNumber || EMPTY_STRING) }), AttCertValidityPeriod.schema(names.attrCertValidityPeriod || {}), new asn1js__namespace.Sequence({ name: (names.attributes || EMPTY_STRING), value: [ new asn1js__namespace.Repeated({ value: Attribute.schema() }) ] }), new asn1js__namespace.BitString({ optional: true, name: (names.issuerUniqueID || EMPTY_STRING) }), Extensions.schema(names.extensions || {}, true) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$Z); const asn1 = asn1js__namespace.compareSchema(schema, schema, AttributeCertificateInfoV1.schema({ names: { version: VERSION$h, baseCertificateID: BASE_CERTIFICATE_ID$2, subjectName: SUBJECT_NAME, issuer: ISSUER$4, signature: { names: { blockName: SIGNATURE$6 } }, serialNumber: SERIAL_NUMBER$5, attrCertValidityPeriod: { names: { blockName: ATTR_CERT_VALIDITY_PERIOD$1 } }, attributes: ATTRIBUTES$3, issuerUniqueID: ISSUER_UNIQUE_ID$2, extensions: { names: { blockName: EXTENSIONS$4 } } } })); AsnError.assertSchema(asn1, this.className); this.version = asn1.result.version.valueBlock.valueDec; if (BASE_CERTIFICATE_ID$2 in asn1.result) { this.baseCertificateID = new IssuerSerial({ schema: new asn1js__namespace.Sequence({ value: asn1.result.baseCertificateID.valueBlock.value }) }); } if (SUBJECT_NAME in asn1.result) { this.subjectName = new GeneralNames({ schema: new asn1js__namespace.Sequence({ value: asn1.result.subjectName.valueBlock.value }) }); } this.issuer = asn1.result.issuer; this.signature = new AlgorithmIdentifier({ schema: asn1.result.signature }); this.serialNumber = asn1.result.serialNumber; this.attrCertValidityPeriod = new AttCertValidityPeriod({ schema: asn1.result.attrCertValidityPeriod }); this.attributes = Array.from(asn1.result.attributes.valueBlock.value, element => new Attribute({ schema: element })); if (ISSUER_UNIQUE_ID$2 in asn1.result) { this.issuerUniqueID = asn1.result.issuerUniqueID; } if (EXTENSIONS$4 in asn1.result) { this.extensions = new Extensions({ schema: asn1.result.extensions }); } } toSchema() { const result = new asn1js__namespace.Sequence({ value: [new asn1js__namespace.Integer({ value: this.version })] }); if (this.baseCertificateID) { result.valueBlock.value.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: this.baseCertificateID.toSchema().valueBlock.value })); } if (this.subjectName) { result.valueBlock.value.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 1 }, value: this.subjectName.toSchema().valueBlock.value })); } result.valueBlock.value.push(this.issuer.toSchema()); result.valueBlock.value.push(this.signature.toSchema()); result.valueBlock.value.push(this.serialNumber); result.valueBlock.value.push(this.attrCertValidityPeriod.toSchema()); result.valueBlock.value.push(new asn1js__namespace.Sequence({ value: Array.from(this.attributes, o => o.toSchema()) })); if (this.issuerUniqueID) { result.valueBlock.value.push(this.issuerUniqueID); } if (this.extensions) { result.valueBlock.value.push(this.extensions.toSchema()); } return result; } toJSON() { const result = { version: this.version }; if (this.baseCertificateID) { result.baseCertificateID = this.baseCertificateID.toJSON(); } if (this.subjectName) { result.subjectName = this.subjectName.toJSON(); } result.issuer = this.issuer.toJSON(); result.signature = this.signature.toJSON(); result.serialNumber = this.serialNumber.toJSON(); result.attrCertValidityPeriod = this.attrCertValidityPeriod.toJSON(); result.attributes = Array.from(this.attributes, o => o.toJSON()); if (this.issuerUniqueID) { result.issuerUniqueID = this.issuerUniqueID.toJSON(); } if (this.extensions) { result.extensions = this.extensions.toJSON(); } return result; } } AttributeCertificateInfoV1.CLASS_NAME = "AttributeCertificateInfoV1"; const ACINFO$1 = "acinfo"; const SIGNATURE_ALGORITHM$7 = "signatureAlgorithm"; const SIGNATURE_VALUE$4 = "signatureValue"; const CLEAR_PROPS$Y = [ ACINFO$1, SIGNATURE_VALUE$4, SIGNATURE_ALGORITHM$7 ]; class AttributeCertificateV1 extends PkiObject { constructor(parameters = {}) { super(); this.acinfo = pvutils__namespace.getParametersValue(parameters, ACINFO$1, AttributeCertificateV1.defaultValues(ACINFO$1)); this.signatureAlgorithm = pvutils__namespace.getParametersValue(parameters, SIGNATURE_ALGORITHM$7, AttributeCertificateV1.defaultValues(SIGNATURE_ALGORITHM$7)); this.signatureValue = pvutils__namespace.getParametersValue(parameters, SIGNATURE_VALUE$4, AttributeCertificateV1.defaultValues(SIGNATURE_VALUE$4)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case ACINFO$1: return new AttributeCertificateInfoV1(); case SIGNATURE_ALGORITHM$7: return new AlgorithmIdentifier(); case SIGNATURE_VALUE$4: return new asn1js__namespace.BitString(); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ AttributeCertificateInfoV1.schema(names.acinfo || {}), AlgorithmIdentifier.schema(names.signatureAlgorithm || {}), new asn1js__namespace.BitString({ name: (names.signatureValue || EMPTY_STRING) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$Y); const asn1 = asn1js__namespace.compareSchema(schema, schema, AttributeCertificateV1.schema({ names: { acinfo: { names: { blockName: ACINFO$1 } }, signatureAlgorithm: { names: { blockName: SIGNATURE_ALGORITHM$7 } }, signatureValue: SIGNATURE_VALUE$4 } })); AsnError.assertSchema(asn1, this.className); this.acinfo = new AttributeCertificateInfoV1({ schema: asn1.result.acinfo }); this.signatureAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.signatureAlgorithm }); this.signatureValue = asn1.result.signatureValue; } toSchema() { return (new asn1js__namespace.Sequence({ value: [ this.acinfo.toSchema(), this.signatureAlgorithm.toSchema(), this.signatureValue ] })); } toJSON() { return { acinfo: this.acinfo.toJSON(), signatureAlgorithm: this.signatureAlgorithm.toJSON(), signatureValue: this.signatureValue.toJSON(), }; } } AttributeCertificateV1.CLASS_NAME = "AttributeCertificateV1"; const DIGESTED_OBJECT_TYPE = "digestedObjectType"; const OTHER_OBJECT_TYPE_ID = "otherObjectTypeID"; const DIGEST_ALGORITHM$2 = "digestAlgorithm"; const OBJECT_DIGEST = "objectDigest"; const CLEAR_PROPS$X = [ DIGESTED_OBJECT_TYPE, OTHER_OBJECT_TYPE_ID, DIGEST_ALGORITHM$2, OBJECT_DIGEST, ]; class ObjectDigestInfo extends PkiObject { constructor(parameters = {}) { super(); this.digestedObjectType = pvutils__namespace.getParametersValue(parameters, DIGESTED_OBJECT_TYPE, ObjectDigestInfo.defaultValues(DIGESTED_OBJECT_TYPE)); if (OTHER_OBJECT_TYPE_ID in parameters) { this.otherObjectTypeID = pvutils__namespace.getParametersValue(parameters, OTHER_OBJECT_TYPE_ID, ObjectDigestInfo.defaultValues(OTHER_OBJECT_TYPE_ID)); } this.digestAlgorithm = pvutils__namespace.getParametersValue(parameters, DIGEST_ALGORITHM$2, ObjectDigestInfo.defaultValues(DIGEST_ALGORITHM$2)); this.objectDigest = pvutils__namespace.getParametersValue(parameters, OBJECT_DIGEST, ObjectDigestInfo.defaultValues(OBJECT_DIGEST)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case DIGESTED_OBJECT_TYPE: return new asn1js__namespace.Enumerated(); case OTHER_OBJECT_TYPE_ID: return new asn1js__namespace.ObjectIdentifier(); case DIGEST_ALGORITHM$2: return new AlgorithmIdentifier(); case OBJECT_DIGEST: return new asn1js__namespace.BitString(); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Enumerated({ name: (names.digestedObjectType || EMPTY_STRING) }), new asn1js__namespace.ObjectIdentifier({ optional: true, name: (names.otherObjectTypeID || EMPTY_STRING) }), AlgorithmIdentifier.schema(names.digestAlgorithm || {}), new asn1js__namespace.BitString({ name: (names.objectDigest || EMPTY_STRING) }), ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$X); const asn1 = asn1js__namespace.compareSchema(schema, schema, ObjectDigestInfo.schema({ names: { digestedObjectType: DIGESTED_OBJECT_TYPE, otherObjectTypeID: OTHER_OBJECT_TYPE_ID, digestAlgorithm: { names: { blockName: DIGEST_ALGORITHM$2 } }, objectDigest: OBJECT_DIGEST } })); AsnError.assertSchema(asn1, this.className); this.digestedObjectType = asn1.result.digestedObjectType; if (OTHER_OBJECT_TYPE_ID in asn1.result) { this.otherObjectTypeID = asn1.result.otherObjectTypeID; } this.digestAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.digestAlgorithm }); this.objectDigest = asn1.result.objectDigest; } toSchema() { const result = new asn1js__namespace.Sequence({ value: [this.digestedObjectType] }); if (this.otherObjectTypeID) { result.valueBlock.value.push(this.otherObjectTypeID); } result.valueBlock.value.push(this.digestAlgorithm.toSchema()); result.valueBlock.value.push(this.objectDigest); return result; } toJSON() { const result = { digestedObjectType: this.digestedObjectType.toJSON(), digestAlgorithm: this.digestAlgorithm.toJSON(), objectDigest: this.objectDigest.toJSON(), }; if (this.otherObjectTypeID) { result.otherObjectTypeID = this.otherObjectTypeID.toJSON(); } return result; } } ObjectDigestInfo.CLASS_NAME = "ObjectDigestInfo"; const ISSUER_NAME = "issuerName"; const BASE_CERTIFICATE_ID$1 = "baseCertificateID"; const OBJECT_DIGEST_INFO$1 = "objectDigestInfo"; const CLEAR_PROPS$W = [ ISSUER_NAME, BASE_CERTIFICATE_ID$1, OBJECT_DIGEST_INFO$1 ]; class V2Form extends PkiObject { constructor(parameters = {}) { super(); if (ISSUER_NAME in parameters) { this.issuerName = pvutils__namespace.getParametersValue(parameters, ISSUER_NAME, V2Form.defaultValues(ISSUER_NAME)); } if (BASE_CERTIFICATE_ID$1 in parameters) { this.baseCertificateID = pvutils__namespace.getParametersValue(parameters, BASE_CERTIFICATE_ID$1, V2Form.defaultValues(BASE_CERTIFICATE_ID$1)); } if (OBJECT_DIGEST_INFO$1 in parameters) { this.objectDigestInfo = pvutils__namespace.getParametersValue(parameters, OBJECT_DIGEST_INFO$1, V2Form.defaultValues(OBJECT_DIGEST_INFO$1)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case ISSUER_NAME: return new GeneralNames(); case BASE_CERTIFICATE_ID$1: return new IssuerSerial(); case OBJECT_DIGEST_INFO$1: return new ObjectDigestInfo(); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ GeneralNames.schema({ names: { blockName: names.issuerName } }, true), new asn1js__namespace.Constructed({ optional: true, name: (names.baseCertificateID || EMPTY_STRING), idBlock: { tagClass: 3, tagNumber: 0 }, value: IssuerSerial.schema().valueBlock.value }), new asn1js__namespace.Constructed({ optional: true, name: (names.objectDigestInfo || EMPTY_STRING), idBlock: { tagClass: 3, tagNumber: 1 }, value: ObjectDigestInfo.schema().valueBlock.value }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$W); const asn1 = asn1js__namespace.compareSchema(schema, schema, V2Form.schema({ names: { issuerName: ISSUER_NAME, baseCertificateID: BASE_CERTIFICATE_ID$1, objectDigestInfo: OBJECT_DIGEST_INFO$1 } })); AsnError.assertSchema(asn1, this.className); if (ISSUER_NAME in asn1.result) this.issuerName = new GeneralNames({ schema: asn1.result.issuerName }); if (BASE_CERTIFICATE_ID$1 in asn1.result) { this.baseCertificateID = new IssuerSerial({ schema: new asn1js__namespace.Sequence({ value: asn1.result.baseCertificateID.valueBlock.value }) }); } if (OBJECT_DIGEST_INFO$1 in asn1.result) { this.objectDigestInfo = new ObjectDigestInfo({ schema: new asn1js__namespace.Sequence({ value: asn1.result.objectDigestInfo.valueBlock.value }) }); } } toSchema() { const result = new asn1js__namespace.Sequence(); if (this.issuerName) result.valueBlock.value.push(this.issuerName.toSchema()); if (this.baseCertificateID) { result.valueBlock.value.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: this.baseCertificateID.toSchema().valueBlock.value })); } if (this.objectDigestInfo) { result.valueBlock.value.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 1 }, value: this.objectDigestInfo.toSchema().valueBlock.value })); } return result; } toJSON() { const result = {}; if (this.issuerName) { result.issuerName = this.issuerName.toJSON(); } if (this.baseCertificateID) { result.baseCertificateID = this.baseCertificateID.toJSON(); } if (this.objectDigestInfo) { result.objectDigestInfo = this.objectDigestInfo.toJSON(); } return result; } } V2Form.CLASS_NAME = "V2Form"; const BASE_CERTIFICATE_ID = "baseCertificateID"; const ENTITY_NAME = "entityName"; const OBJECT_DIGEST_INFO = "objectDigestInfo"; const CLEAR_PROPS$V = [ BASE_CERTIFICATE_ID, ENTITY_NAME, OBJECT_DIGEST_INFO ]; class Holder extends PkiObject { constructor(parameters = {}) { super(); if (BASE_CERTIFICATE_ID in parameters) { this.baseCertificateID = pvutils__namespace.getParametersValue(parameters, BASE_CERTIFICATE_ID, Holder.defaultValues(BASE_CERTIFICATE_ID)); } if (ENTITY_NAME in parameters) { this.entityName = pvutils__namespace.getParametersValue(parameters, ENTITY_NAME, Holder.defaultValues(ENTITY_NAME)); } if (OBJECT_DIGEST_INFO in parameters) { this.objectDigestInfo = pvutils__namespace.getParametersValue(parameters, OBJECT_DIGEST_INFO, Holder.defaultValues(OBJECT_DIGEST_INFO)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case BASE_CERTIFICATE_ID: return new IssuerSerial(); case ENTITY_NAME: return new GeneralNames(); case OBJECT_DIGEST_INFO: return new ObjectDigestInfo(); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Constructed({ optional: true, name: (names.baseCertificateID || EMPTY_STRING), idBlock: { tagClass: 3, tagNumber: 0 }, value: IssuerSerial.schema().valueBlock.value }), new asn1js__namespace.Constructed({ optional: true, name: (names.entityName || EMPTY_STRING), idBlock: { tagClass: 3, tagNumber: 1 }, value: GeneralNames.schema().valueBlock.value }), new asn1js__namespace.Constructed({ optional: true, name: (names.objectDigestInfo || EMPTY_STRING), idBlock: { tagClass: 3, tagNumber: 2 }, value: ObjectDigestInfo.schema().valueBlock.value }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$V); const asn1 = asn1js__namespace.compareSchema(schema, schema, Holder.schema({ names: { baseCertificateID: BASE_CERTIFICATE_ID, entityName: ENTITY_NAME, objectDigestInfo: OBJECT_DIGEST_INFO } })); AsnError.assertSchema(asn1, this.className); if (BASE_CERTIFICATE_ID in asn1.result) { this.baseCertificateID = new IssuerSerial({ schema: new asn1js__namespace.Sequence({ value: asn1.result.baseCertificateID.valueBlock.value }) }); } if (ENTITY_NAME in asn1.result) { this.entityName = new GeneralNames({ schema: new asn1js__namespace.Sequence({ value: asn1.result.entityName.valueBlock.value }) }); } if (OBJECT_DIGEST_INFO in asn1.result) { this.objectDigestInfo = new ObjectDigestInfo({ schema: new asn1js__namespace.Sequence({ value: asn1.result.objectDigestInfo.valueBlock.value }) }); } } toSchema() { const result = new asn1js__namespace.Sequence(); if (this.baseCertificateID) { result.valueBlock.value.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: this.baseCertificateID.toSchema().valueBlock.value })); } if (this.entityName) { result.valueBlock.value.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 1 }, value: this.entityName.toSchema().valueBlock.value })); } if (this.objectDigestInfo) { result.valueBlock.value.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 2 }, value: this.objectDigestInfo.toSchema().valueBlock.value })); } return result; } toJSON() { const result = {}; if (this.baseCertificateID) { result.baseCertificateID = this.baseCertificateID.toJSON(); } if (this.entityName) { result.entityName = this.entityName.toJSON(); } if (this.objectDigestInfo) { result.objectDigestInfo = this.objectDigestInfo.toJSON(); } return result; } } Holder.CLASS_NAME = "Holder"; const VERSION$g = "version"; const HOLDER = "holder"; const ISSUER$3 = "issuer"; const SIGNATURE$5 = "signature"; const SERIAL_NUMBER$4 = "serialNumber"; const ATTR_CERT_VALIDITY_PERIOD = "attrCertValidityPeriod"; const ATTRIBUTES$2 = "attributes"; const ISSUER_UNIQUE_ID$1 = "issuerUniqueID"; const EXTENSIONS$3 = "extensions"; const CLEAR_PROPS$U = [ VERSION$g, HOLDER, ISSUER$3, SIGNATURE$5, SERIAL_NUMBER$4, ATTR_CERT_VALIDITY_PERIOD, ATTRIBUTES$2, ISSUER_UNIQUE_ID$1, EXTENSIONS$3 ]; class AttributeCertificateInfoV2 extends PkiObject { constructor(parameters = {}) { super(); this.version = pvutils__namespace.getParametersValue(parameters, VERSION$g, AttributeCertificateInfoV2.defaultValues(VERSION$g)); this.holder = pvutils__namespace.getParametersValue(parameters, HOLDER, AttributeCertificateInfoV2.defaultValues(HOLDER)); this.issuer = pvutils__namespace.getParametersValue(parameters, ISSUER$3, AttributeCertificateInfoV2.defaultValues(ISSUER$3)); this.signature = pvutils__namespace.getParametersValue(parameters, SIGNATURE$5, AttributeCertificateInfoV2.defaultValues(SIGNATURE$5)); this.serialNumber = pvutils__namespace.getParametersValue(parameters, SERIAL_NUMBER$4, AttributeCertificateInfoV2.defaultValues(SERIAL_NUMBER$4)); this.attrCertValidityPeriod = pvutils__namespace.getParametersValue(parameters, ATTR_CERT_VALIDITY_PERIOD, AttributeCertificateInfoV2.defaultValues(ATTR_CERT_VALIDITY_PERIOD)); this.attributes = pvutils__namespace.getParametersValue(parameters, ATTRIBUTES$2, AttributeCertificateInfoV2.defaultValues(ATTRIBUTES$2)); if (ISSUER_UNIQUE_ID$1 in parameters) { this.issuerUniqueID = pvutils__namespace.getParametersValue(parameters, ISSUER_UNIQUE_ID$1, AttributeCertificateInfoV2.defaultValues(ISSUER_UNIQUE_ID$1)); } if (EXTENSIONS$3 in parameters) { this.extensions = pvutils__namespace.getParametersValue(parameters, EXTENSIONS$3, AttributeCertificateInfoV2.defaultValues(EXTENSIONS$3)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case VERSION$g: return 1; case HOLDER: return new Holder(); case ISSUER$3: return {}; case SIGNATURE$5: return new AlgorithmIdentifier(); case SERIAL_NUMBER$4: return new asn1js__namespace.Integer(); case ATTR_CERT_VALIDITY_PERIOD: return new AttCertValidityPeriod(); case ATTRIBUTES$2: return []; case ISSUER_UNIQUE_ID$1: return new asn1js__namespace.BitString(); case EXTENSIONS$3: return new Extensions(); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Integer({ name: (names.version || EMPTY_STRING) }), Holder.schema(names.holder || {}), new asn1js__namespace.Choice({ value: [ GeneralNames.schema({ names: { blockName: (names.issuer || EMPTY_STRING) } }), new asn1js__namespace.Constructed({ name: (names.issuer || EMPTY_STRING), idBlock: { tagClass: 3, tagNumber: 0 }, value: V2Form.schema().valueBlock.value }) ] }), AlgorithmIdentifier.schema(names.signature || {}), new asn1js__namespace.Integer({ name: (names.serialNumber || EMPTY_STRING) }), AttCertValidityPeriod.schema(names.attrCertValidityPeriod || {}), new asn1js__namespace.Sequence({ name: (names.attributes || EMPTY_STRING), value: [ new asn1js__namespace.Repeated({ value: Attribute.schema() }) ] }), new asn1js__namespace.BitString({ optional: true, name: (names.issuerUniqueID || EMPTY_STRING) }), Extensions.schema(names.extensions || {}, true) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$U); const asn1 = asn1js__namespace.compareSchema(schema, schema, AttributeCertificateInfoV2.schema({ names: { version: VERSION$g, holder: { names: { blockName: HOLDER } }, issuer: ISSUER$3, signature: { names: { blockName: SIGNATURE$5 } }, serialNumber: SERIAL_NUMBER$4, attrCertValidityPeriod: { names: { blockName: ATTR_CERT_VALIDITY_PERIOD } }, attributes: ATTRIBUTES$2, issuerUniqueID: ISSUER_UNIQUE_ID$1, extensions: { names: { blockName: EXTENSIONS$3 } } } })); AsnError.assertSchema(asn1, this.className); this.version = asn1.result.version.valueBlock.valueDec; this.holder = new Holder({ schema: asn1.result.holder }); switch (asn1.result.issuer.idBlock.tagClass) { case 3: this.issuer = new V2Form({ schema: new asn1js__namespace.Sequence({ value: asn1.result.issuer.valueBlock.value }) }); break; case 1: default: throw new Error("Incorrect value for 'issuer' in AttributeCertificateInfoV2"); } this.signature = new AlgorithmIdentifier({ schema: asn1.result.signature }); this.serialNumber = asn1.result.serialNumber; this.attrCertValidityPeriod = new AttCertValidityPeriod({ schema: asn1.result.attrCertValidityPeriod }); this.attributes = Array.from(asn1.result.attributes.valueBlock.value, element => new Attribute({ schema: element })); if (ISSUER_UNIQUE_ID$1 in asn1.result) { this.issuerUniqueID = asn1.result.issuerUniqueID; } if (EXTENSIONS$3 in asn1.result) { this.extensions = new Extensions({ schema: asn1.result.extensions }); } } toSchema() { const result = new asn1js__namespace.Sequence({ value: [ new asn1js__namespace.Integer({ value: this.version }), this.holder.toSchema(), new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: this.issuer.toSchema().valueBlock.value }), this.signature.toSchema(), this.serialNumber, this.attrCertValidityPeriod.toSchema(), new asn1js__namespace.Sequence({ value: Array.from(this.attributes, o => o.toSchema()) }) ] }); if (this.issuerUniqueID) { result.valueBlock.value.push(this.issuerUniqueID); } if (this.extensions) { result.valueBlock.value.push(this.extensions.toSchema()); } return result; } toJSON() { const result = { version: this.version, holder: this.holder.toJSON(), issuer: this.issuer.toJSON(), signature: this.signature.toJSON(), serialNumber: this.serialNumber.toJSON(), attrCertValidityPeriod: this.attrCertValidityPeriod.toJSON(), attributes: Array.from(this.attributes, o => o.toJSON()) }; if (this.issuerUniqueID) { result.issuerUniqueID = this.issuerUniqueID.toJSON(); } if (this.extensions) { result.extensions = this.extensions.toJSON(); } return result; } } AttributeCertificateInfoV2.CLASS_NAME = "AttributeCertificateInfoV2"; const ACINFO = "acinfo"; const SIGNATURE_ALGORITHM$6 = "signatureAlgorithm"; const SIGNATURE_VALUE$3 = "signatureValue"; const CLEAR_PROPS$T = [ ACINFO, SIGNATURE_ALGORITHM$6, SIGNATURE_VALUE$3, ]; class AttributeCertificateV2 extends PkiObject { constructor(parameters = {}) { super(); this.acinfo = pvutils__namespace.getParametersValue(parameters, ACINFO, AttributeCertificateV2.defaultValues(ACINFO)); this.signatureAlgorithm = pvutils__namespace.getParametersValue(parameters, SIGNATURE_ALGORITHM$6, AttributeCertificateV2.defaultValues(SIGNATURE_ALGORITHM$6)); this.signatureValue = pvutils__namespace.getParametersValue(parameters, SIGNATURE_VALUE$3, AttributeCertificateV2.defaultValues(SIGNATURE_VALUE$3)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case ACINFO: return new AttributeCertificateInfoV2(); case SIGNATURE_ALGORITHM$6: return new AlgorithmIdentifier(); case SIGNATURE_VALUE$3: return new asn1js__namespace.BitString(); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ AttributeCertificateInfoV2.schema(names.acinfo || {}), AlgorithmIdentifier.schema(names.signatureAlgorithm || {}), new asn1js__namespace.BitString({ name: (names.signatureValue || EMPTY_STRING) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$T); const asn1 = asn1js__namespace.compareSchema(schema, schema, AttributeCertificateV2.schema({ names: { acinfo: { names: { blockName: ACINFO } }, signatureAlgorithm: { names: { blockName: SIGNATURE_ALGORITHM$6 } }, signatureValue: SIGNATURE_VALUE$3 } })); AsnError.assertSchema(asn1, this.className); this.acinfo = new AttributeCertificateInfoV2({ schema: asn1.result.acinfo }); this.signatureAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.signatureAlgorithm }); this.signatureValue = asn1.result.signatureValue; } toSchema() { return (new asn1js__namespace.Sequence({ value: [ this.acinfo.toSchema(), this.signatureAlgorithm.toSchema(), this.signatureValue ] })); } toJSON() { return { acinfo: this.acinfo.toJSON(), signatureAlgorithm: this.signatureAlgorithm.toJSON(), signatureValue: this.signatureValue.toJSON(), }; } } AttributeCertificateV2.CLASS_NAME = "AttributeCertificateV2"; const CONTENT_TYPE = "contentType"; const CONTENT = "content"; const CLEAR_PROPS$S = [CONTENT_TYPE, CONTENT]; class ContentInfo extends PkiObject { constructor(parameters = {}) { super(); this.contentType = pvutils__namespace.getParametersValue(parameters, CONTENT_TYPE, ContentInfo.defaultValues(CONTENT_TYPE)); this.content = pvutils__namespace.getParametersValue(parameters, CONTENT, ContentInfo.defaultValues(CONTENT)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case CONTENT_TYPE: return EMPTY_STRING; case CONTENT: return new asn1js__namespace.Any(); default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case CONTENT_TYPE: return (typeof memberValue === "string" && memberValue === this.defaultValues(CONTENT_TYPE)); case CONTENT: return (memberValue instanceof asn1js__namespace.Any); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); if (("optional" in names) === false) { names.optional = false; } return (new asn1js__namespace.Sequence({ name: (names.blockName || "ContentInfo"), optional: names.optional, value: [ new asn1js__namespace.ObjectIdentifier({ name: (names.contentType || CONTENT_TYPE) }), new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: [new asn1js__namespace.Any({ name: (names.content || CONTENT) })] }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$S); const asn1 = asn1js__namespace.compareSchema(schema, schema, ContentInfo.schema()); AsnError.assertSchema(asn1, this.className); this.contentType = asn1.result.contentType.valueBlock.toString(); this.content = asn1.result.content; } toSchema() { return (new asn1js__namespace.Sequence({ value: [ new asn1js__namespace.ObjectIdentifier({ value: this.contentType }), new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: [this.content] }) ] })); } toJSON() { const object = { contentType: this.contentType }; if (!(this.content instanceof asn1js__namespace.Any)) { object.content = this.content.toJSON(); } return object; } } ContentInfo.CLASS_NAME = "ContentInfo"; ContentInfo.DATA = id_ContentType_Data; ContentInfo.SIGNED_DATA = id_ContentType_SignedData; ContentInfo.ENVELOPED_DATA = id_ContentType_EnvelopedData; ContentInfo.ENCRYPTED_DATA = id_ContentType_EncryptedData; const TYPE$1 = "type"; const VALUE$4 = "value"; const UTC_TIME_NAME = "utcTimeName"; const GENERAL_TIME_NAME = "generalTimeName"; const CLEAR_PROPS$R = [UTC_TIME_NAME, GENERAL_TIME_NAME]; exports.TimeType = void 0; (function (TimeType) { TimeType[TimeType["UTCTime"] = 0] = "UTCTime"; TimeType[TimeType["GeneralizedTime"] = 1] = "GeneralizedTime"; TimeType[TimeType["empty"] = 2] = "empty"; })(exports.TimeType || (exports.TimeType = {})); class Time extends PkiObject { constructor(parameters = {}) { super(); this.type = pvutils__namespace.getParametersValue(parameters, TYPE$1, Time.defaultValues(TYPE$1)); this.value = pvutils__namespace.getParametersValue(parameters, VALUE$4, Time.defaultValues(VALUE$4)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case TYPE$1: return 0; case VALUE$4: return new Date(0, 0, 0); default: return super.defaultValues(memberName); } } static schema(parameters = {}, optional = false) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Choice({ optional, value: [ new asn1js__namespace.UTCTime({ name: (names.utcTimeName || EMPTY_STRING) }), new asn1js__namespace.GeneralizedTime({ name: (names.generalTimeName || EMPTY_STRING) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$R); const asn1 = asn1js__namespace.compareSchema(schema, schema, Time.schema({ names: { utcTimeName: UTC_TIME_NAME, generalTimeName: GENERAL_TIME_NAME } })); AsnError.assertSchema(asn1, this.className); if (UTC_TIME_NAME in asn1.result) { this.type = 0; this.value = asn1.result.utcTimeName.toDate(); } if (GENERAL_TIME_NAME in asn1.result) { this.type = 1; this.value = asn1.result.generalTimeName.toDate(); } } toSchema() { if (this.type === 0) { return new asn1js__namespace.UTCTime({ valueDate: this.value }); } else if (this.type === 1) { return new asn1js__namespace.GeneralizedTime({ valueDate: this.value }); } return {}; } toJSON() { return { type: this.type, value: this.value }; } } Time.CLASS_NAME = "Time"; const TBS$4 = "tbs"; const VERSION$f = "version"; const SERIAL_NUMBER$3 = "serialNumber"; const SIGNATURE$4 = "signature"; const ISSUER$2 = "issuer"; const NOT_BEFORE = "notBefore"; const NOT_AFTER = "notAfter"; const SUBJECT$1 = "subject"; const SUBJECT_PUBLIC_KEY_INFO = "subjectPublicKeyInfo"; const ISSUER_UNIQUE_ID = "issuerUniqueID"; const SUBJECT_UNIQUE_ID = "subjectUniqueID"; const EXTENSIONS$2 = "extensions"; const SIGNATURE_ALGORITHM$5 = "signatureAlgorithm"; const SIGNATURE_VALUE$2 = "signatureValue"; const TBS_CERTIFICATE = "tbsCertificate"; const TBS_CERTIFICATE_VERSION = `${TBS_CERTIFICATE}.${VERSION$f}`; const TBS_CERTIFICATE_SERIAL_NUMBER = `${TBS_CERTIFICATE}.${SERIAL_NUMBER$3}`; const TBS_CERTIFICATE_SIGNATURE = `${TBS_CERTIFICATE}.${SIGNATURE$4}`; const TBS_CERTIFICATE_ISSUER = `${TBS_CERTIFICATE}.${ISSUER$2}`; const TBS_CERTIFICATE_NOT_BEFORE = `${TBS_CERTIFICATE}.${NOT_BEFORE}`; const TBS_CERTIFICATE_NOT_AFTER = `${TBS_CERTIFICATE}.${NOT_AFTER}`; const TBS_CERTIFICATE_SUBJECT = `${TBS_CERTIFICATE}.${SUBJECT$1}`; const TBS_CERTIFICATE_SUBJECT_PUBLIC_KEY = `${TBS_CERTIFICATE}.${SUBJECT_PUBLIC_KEY_INFO}`; const TBS_CERTIFICATE_ISSUER_UNIQUE_ID = `${TBS_CERTIFICATE}.${ISSUER_UNIQUE_ID}`; const TBS_CERTIFICATE_SUBJECT_UNIQUE_ID = `${TBS_CERTIFICATE}.${SUBJECT_UNIQUE_ID}`; const TBS_CERTIFICATE_EXTENSIONS = `${TBS_CERTIFICATE}.${EXTENSIONS$2}`; const CLEAR_PROPS$Q = [ TBS_CERTIFICATE, TBS_CERTIFICATE_VERSION, TBS_CERTIFICATE_SERIAL_NUMBER, TBS_CERTIFICATE_SIGNATURE, TBS_CERTIFICATE_ISSUER, TBS_CERTIFICATE_NOT_BEFORE, TBS_CERTIFICATE_NOT_AFTER, TBS_CERTIFICATE_SUBJECT, TBS_CERTIFICATE_SUBJECT_PUBLIC_KEY, TBS_CERTIFICATE_ISSUER_UNIQUE_ID, TBS_CERTIFICATE_SUBJECT_UNIQUE_ID, TBS_CERTIFICATE_EXTENSIONS, SIGNATURE_ALGORITHM$5, SIGNATURE_VALUE$2 ]; function tbsCertificate(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || TBS_CERTIFICATE), value: [ new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: [ new asn1js__namespace.Integer({ name: (names.tbsCertificateVersion || TBS_CERTIFICATE_VERSION) }) ] }), new asn1js__namespace.Integer({ name: (names.tbsCertificateSerialNumber || TBS_CERTIFICATE_SERIAL_NUMBER) }), AlgorithmIdentifier.schema(names.signature || { names: { blockName: TBS_CERTIFICATE_SIGNATURE } }), RelativeDistinguishedNames.schema(names.issuer || { names: { blockName: TBS_CERTIFICATE_ISSUER } }), new asn1js__namespace.Sequence({ name: (names.tbsCertificateValidity || "tbsCertificate.validity"), value: [ Time.schema(names.notBefore || { names: { utcTimeName: TBS_CERTIFICATE_NOT_BEFORE, generalTimeName: TBS_CERTIFICATE_NOT_BEFORE } }), Time.schema(names.notAfter || { names: { utcTimeName: TBS_CERTIFICATE_NOT_AFTER, generalTimeName: TBS_CERTIFICATE_NOT_AFTER } }) ] }), RelativeDistinguishedNames.schema(names.subject || { names: { blockName: TBS_CERTIFICATE_SUBJECT } }), PublicKeyInfo.schema(names.subjectPublicKeyInfo || { names: { blockName: TBS_CERTIFICATE_SUBJECT_PUBLIC_KEY } }), new asn1js__namespace.Primitive({ name: (names.tbsCertificateIssuerUniqueID || TBS_CERTIFICATE_ISSUER_UNIQUE_ID), optional: true, idBlock: { tagClass: 3, tagNumber: 1 } }), new asn1js__namespace.Primitive({ name: (names.tbsCertificateSubjectUniqueID || TBS_CERTIFICATE_SUBJECT_UNIQUE_ID), optional: true, idBlock: { tagClass: 3, tagNumber: 2 } }), new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 3 }, value: [Extensions.schema(names.extensions || { names: { blockName: TBS_CERTIFICATE_EXTENSIONS } })] }) ] })); } class Certificate extends PkiObject { get tbs() { return pvtsutils__namespace.BufferSourceConverter.toArrayBuffer(this.tbsView); } set tbs(value) { this.tbsView = new Uint8Array(value); } constructor(parameters = {}) { super(); this.tbsView = new Uint8Array(pvutils__namespace.getParametersValue(parameters, TBS$4, Certificate.defaultValues(TBS$4))); this.version = pvutils__namespace.getParametersValue(parameters, VERSION$f, Certificate.defaultValues(VERSION$f)); this.serialNumber = pvutils__namespace.getParametersValue(parameters, SERIAL_NUMBER$3, Certificate.defaultValues(SERIAL_NUMBER$3)); this.signature = pvutils__namespace.getParametersValue(parameters, SIGNATURE$4, Certificate.defaultValues(SIGNATURE$4)); this.issuer = pvutils__namespace.getParametersValue(parameters, ISSUER$2, Certificate.defaultValues(ISSUER$2)); this.notBefore = pvutils__namespace.getParametersValue(parameters, NOT_BEFORE, Certificate.defaultValues(NOT_BEFORE)); this.notAfter = pvutils__namespace.getParametersValue(parameters, NOT_AFTER, Certificate.defaultValues(NOT_AFTER)); this.subject = pvutils__namespace.getParametersValue(parameters, SUBJECT$1, Certificate.defaultValues(SUBJECT$1)); this.subjectPublicKeyInfo = pvutils__namespace.getParametersValue(parameters, SUBJECT_PUBLIC_KEY_INFO, Certificate.defaultValues(SUBJECT_PUBLIC_KEY_INFO)); if (ISSUER_UNIQUE_ID in parameters) { this.issuerUniqueID = pvutils__namespace.getParametersValue(parameters, ISSUER_UNIQUE_ID, Certificate.defaultValues(ISSUER_UNIQUE_ID)); } if (SUBJECT_UNIQUE_ID in parameters) { this.subjectUniqueID = pvutils__namespace.getParametersValue(parameters, SUBJECT_UNIQUE_ID, Certificate.defaultValues(SUBJECT_UNIQUE_ID)); } if (EXTENSIONS$2 in parameters) { this.extensions = pvutils__namespace.getParametersValue(parameters, EXTENSIONS$2, Certificate.defaultValues(EXTENSIONS$2)); } this.signatureAlgorithm = pvutils__namespace.getParametersValue(parameters, SIGNATURE_ALGORITHM$5, Certificate.defaultValues(SIGNATURE_ALGORITHM$5)); this.signatureValue = pvutils__namespace.getParametersValue(parameters, SIGNATURE_VALUE$2, Certificate.defaultValues(SIGNATURE_VALUE$2)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case TBS$4: return EMPTY_BUFFER; case VERSION$f: return 0; case SERIAL_NUMBER$3: return new asn1js__namespace.Integer(); case SIGNATURE$4: return new AlgorithmIdentifier(); case ISSUER$2: return new RelativeDistinguishedNames(); case NOT_BEFORE: return new Time(); case NOT_AFTER: return new Time(); case SUBJECT$1: return new RelativeDistinguishedNames(); case SUBJECT_PUBLIC_KEY_INFO: return new PublicKeyInfo(); case ISSUER_UNIQUE_ID: return EMPTY_BUFFER; case SUBJECT_UNIQUE_ID: return EMPTY_BUFFER; case EXTENSIONS$2: return []; case SIGNATURE_ALGORITHM$5: return new AlgorithmIdentifier(); case SIGNATURE_VALUE$2: return new asn1js__namespace.BitString(); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ tbsCertificate(names.tbsCertificate), AlgorithmIdentifier.schema(names.signatureAlgorithm || { names: { blockName: SIGNATURE_ALGORITHM$5 } }), new asn1js__namespace.BitString({ name: (names.signatureValue || SIGNATURE_VALUE$2) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$Q); const asn1 = asn1js__namespace.compareSchema(schema, schema, Certificate.schema({ names: { tbsCertificate: { names: { extensions: { names: { extensions: TBS_CERTIFICATE_EXTENSIONS } } } } } })); AsnError.assertSchema(asn1, this.className); this.tbsView = asn1.result.tbsCertificate.valueBeforeDecodeView; if (TBS_CERTIFICATE_VERSION in asn1.result) this.version = asn1.result[TBS_CERTIFICATE_VERSION].valueBlock.valueDec; this.serialNumber = asn1.result[TBS_CERTIFICATE_SERIAL_NUMBER]; this.signature = new AlgorithmIdentifier({ schema: asn1.result[TBS_CERTIFICATE_SIGNATURE] }); this.issuer = new RelativeDistinguishedNames({ schema: asn1.result[TBS_CERTIFICATE_ISSUER] }); this.notBefore = new Time({ schema: asn1.result[TBS_CERTIFICATE_NOT_BEFORE] }); this.notAfter = new Time({ schema: asn1.result[TBS_CERTIFICATE_NOT_AFTER] }); this.subject = new RelativeDistinguishedNames({ schema: asn1.result[TBS_CERTIFICATE_SUBJECT] }); this.subjectPublicKeyInfo = new PublicKeyInfo({ schema: asn1.result[TBS_CERTIFICATE_SUBJECT_PUBLIC_KEY] }); if (TBS_CERTIFICATE_ISSUER_UNIQUE_ID in asn1.result) this.issuerUniqueID = asn1.result[TBS_CERTIFICATE_ISSUER_UNIQUE_ID].valueBlock.valueHex; if (TBS_CERTIFICATE_SUBJECT_UNIQUE_ID in asn1.result) this.subjectUniqueID = asn1.result[TBS_CERTIFICATE_SUBJECT_UNIQUE_ID].valueBlock.valueHex; if (TBS_CERTIFICATE_EXTENSIONS in asn1.result) this.extensions = Array.from(asn1.result[TBS_CERTIFICATE_EXTENSIONS], element => new Extension({ schema: element })); this.signatureAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.signatureAlgorithm }); this.signatureValue = asn1.result.signatureValue; } encodeTBS() { const outputArray = []; if ((VERSION$f in this) && (this.version !== Certificate.defaultValues(VERSION$f))) { outputArray.push(new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: [ new asn1js__namespace.Integer({ value: this.version }) ] })); } outputArray.push(this.serialNumber); outputArray.push(this.signature.toSchema()); outputArray.push(this.issuer.toSchema()); outputArray.push(new asn1js__namespace.Sequence({ value: [ this.notBefore.toSchema(), this.notAfter.toSchema() ] })); outputArray.push(this.subject.toSchema()); outputArray.push(this.subjectPublicKeyInfo.toSchema()); if (this.issuerUniqueID) { outputArray.push(new asn1js__namespace.Primitive({ optional: true, idBlock: { tagClass: 3, tagNumber: 1 }, valueHex: this.issuerUniqueID })); } if (this.subjectUniqueID) { outputArray.push(new asn1js__namespace.Primitive({ optional: true, idBlock: { tagClass: 3, tagNumber: 2 }, valueHex: this.subjectUniqueID })); } if (this.extensions) { outputArray.push(new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 3 }, value: [new asn1js__namespace.Sequence({ value: Array.from(this.extensions, o => o.toSchema()) })] })); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toSchema(encodeFlag = false) { let tbsSchema; if (encodeFlag === false) { if (!this.tbsView.byteLength) { return Certificate.schema().value[0]; } const asn1 = asn1js__namespace.fromBER(this.tbsView); AsnError.assert(asn1, "TBS Certificate"); tbsSchema = asn1.result; } else { tbsSchema = this.encodeTBS(); } return (new asn1js__namespace.Sequence({ value: [ tbsSchema, this.signatureAlgorithm.toSchema(), this.signatureValue ] })); } toJSON() { const res = { tbs: pvtsutils__namespace.Convert.ToHex(this.tbsView), version: this.version, serialNumber: this.serialNumber.toJSON(), signature: this.signature.toJSON(), issuer: this.issuer.toJSON(), notBefore: this.notBefore.toJSON(), notAfter: this.notAfter.toJSON(), subject: this.subject.toJSON(), subjectPublicKeyInfo: this.subjectPublicKeyInfo.toJSON(), signatureAlgorithm: this.signatureAlgorithm.toJSON(), signatureValue: this.signatureValue.toJSON(), }; if ((VERSION$f in this) && (this.version !== Certificate.defaultValues(VERSION$f))) { res.version = this.version; } if (this.issuerUniqueID) { res.issuerUniqueID = pvtsutils__namespace.Convert.ToHex(this.issuerUniqueID); } if (this.subjectUniqueID) { res.subjectUniqueID = pvtsutils__namespace.Convert.ToHex(this.subjectUniqueID); } if (this.extensions) { res.extensions = Array.from(this.extensions, o => o.toJSON()); } return res; } async getPublicKey(parameters, crypto = getCrypto(true)) { return crypto.getPublicKey(this.subjectPublicKeyInfo, this.signatureAlgorithm, parameters); } async getKeyHash(hashAlgorithm = "SHA-1", crypto = getCrypto(true)) { return crypto.digest({ name: hashAlgorithm }, this.subjectPublicKeyInfo.subjectPublicKey.valueBlock.valueHexView); } async sign(privateKey, hashAlgorithm = "SHA-1", crypto = getCrypto(true)) { if (!privateKey) { throw new Error("Need to provide a private key for signing"); } const signatureParameters = await crypto.getSignatureParameters(privateKey, hashAlgorithm); const parameters = signatureParameters.parameters; this.signature = signatureParameters.signatureAlgorithm; this.signatureAlgorithm = signatureParameters.signatureAlgorithm; this.tbsView = new Uint8Array(this.encodeTBS().toBER()); const signature = await crypto.signWithPrivateKey(this.tbsView, privateKey, parameters); this.signatureValue = new asn1js__namespace.BitString({ valueHex: signature }); } async verify(issuerCertificate, crypto = getCrypto(true)) { let subjectPublicKeyInfo; if (issuerCertificate) { subjectPublicKeyInfo = issuerCertificate.subjectPublicKeyInfo; } else if (this.issuer.isEqual(this.subject)) { subjectPublicKeyInfo = this.subjectPublicKeyInfo; } if (!(subjectPublicKeyInfo instanceof PublicKeyInfo)) { throw new Error("Please provide issuer certificate as a parameter"); } return crypto.verifyWithPublicKey(this.tbsView, this.signatureValue, subjectPublicKeyInfo, this.signatureAlgorithm); } } Certificate.CLASS_NAME = "Certificate"; function checkCA(cert, signerCert = null) { if (signerCert && cert.issuer.isEqual(signerCert.issuer) && cert.serialNumber.isEqual(signerCert.serialNumber)) { return null; } let isCA = false; if (cert.extensions) { for (const extension of cert.extensions) { if (extension.extnID === id_BasicConstraints && extension.parsedValue instanceof BasicConstraints) { if (extension.parsedValue.cA) { isCA = true; break; } } } } if (isCA) { return cert; } return null; } const CERT_ID$1 = "certId"; const CERT_VALUE = "certValue"; const PARSED_VALUE$4 = "parsedValue"; const CLEAR_PROPS$P = [ CERT_ID$1, CERT_VALUE ]; class CertBag extends PkiObject { constructor(parameters = {}) { super(); this.certId = pvutils__namespace.getParametersValue(parameters, CERT_ID$1, CertBag.defaultValues(CERT_ID$1)); this.certValue = pvutils__namespace.getParametersValue(parameters, CERT_VALUE, CertBag.defaultValues(CERT_VALUE)); if (PARSED_VALUE$4 in parameters) { this.parsedValue = pvutils__namespace.getParametersValue(parameters, PARSED_VALUE$4, CertBag.defaultValues(PARSED_VALUE$4)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case CERT_ID$1: return EMPTY_STRING; case CERT_VALUE: return (new asn1js__namespace.Any()); case PARSED_VALUE$4: return {}; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case CERT_ID$1: return (memberValue === EMPTY_STRING); case CERT_VALUE: return (memberValue instanceof asn1js__namespace.Any); case PARSED_VALUE$4: return ((memberValue instanceof Object) && (Object.keys(memberValue).length === 0)); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.ObjectIdentifier({ name: (names.id || "id") }), new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: [new asn1js__namespace.Any({ name: (names.value || "value") })] }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$P); const asn1 = asn1js__namespace.compareSchema(schema, schema, CertBag.schema({ names: { id: CERT_ID$1, value: CERT_VALUE } })); AsnError.assertSchema(asn1, this.className); this.certId = asn1.result.certId.valueBlock.toString(); this.certValue = asn1.result.certValue; const certValueHex = this.certValue.valueBlock.valueHexView; switch (this.certId) { case id_CertBag_X509Certificate: { try { this.parsedValue = Certificate.fromBER(certValueHex); } catch { AttributeCertificateV2.fromBER(certValueHex); } } break; case id_CertBag_AttributeCertificate: { this.parsedValue = AttributeCertificateV2.fromBER(certValueHex); } break; case id_CertBag_SDSICertificate: default: throw new Error(`Incorrect CERT_ID value in CertBag: ${this.certId}`); } } toSchema() { if (PARSED_VALUE$4 in this) { if ("acinfo" in this.parsedValue) { this.certId = id_CertBag_AttributeCertificate; } else { this.certId = id_CertBag_X509Certificate; } this.certValue = new asn1js__namespace.OctetString({ valueHex: this.parsedValue.toSchema().toBER(false) }); } return (new asn1js__namespace.Sequence({ value: [ new asn1js__namespace.ObjectIdentifier({ value: this.certId }), new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: [(("toSchema" in this.certValue) ? this.certValue.toSchema() : this.certValue)] }) ] })); } toJSON() { return { certId: this.certId, certValue: this.certValue.toJSON() }; } } CertBag.CLASS_NAME = "CertBag"; const USER_CERTIFICATE = "userCertificate"; const REVOCATION_DATE = "revocationDate"; const CRL_ENTRY_EXTENSIONS = "crlEntryExtensions"; const CLEAR_PROPS$O = [ USER_CERTIFICATE, REVOCATION_DATE, CRL_ENTRY_EXTENSIONS ]; class RevokedCertificate extends PkiObject { constructor(parameters = {}) { super(); this.userCertificate = pvutils__namespace.getParametersValue(parameters, USER_CERTIFICATE, RevokedCertificate.defaultValues(USER_CERTIFICATE)); this.revocationDate = pvutils__namespace.getParametersValue(parameters, REVOCATION_DATE, RevokedCertificate.defaultValues(REVOCATION_DATE)); if (CRL_ENTRY_EXTENSIONS in parameters) { this.crlEntryExtensions = pvutils__namespace.getParametersValue(parameters, CRL_ENTRY_EXTENSIONS, RevokedCertificate.defaultValues(CRL_ENTRY_EXTENSIONS)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case USER_CERTIFICATE: return new asn1js__namespace.Integer(); case REVOCATION_DATE: return new Time(); case CRL_ENTRY_EXTENSIONS: return new Extensions(); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Integer({ name: (names.userCertificate || USER_CERTIFICATE) }), Time.schema({ names: { utcTimeName: (names.revocationDate || REVOCATION_DATE), generalTimeName: (names.revocationDate || REVOCATION_DATE) } }), Extensions.schema({ names: { blockName: (names.crlEntryExtensions || CRL_ENTRY_EXTENSIONS) } }, true) ] }); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$O); const asn1 = asn1js__namespace.compareSchema(schema, schema, RevokedCertificate.schema()); AsnError.assertSchema(asn1, this.className); this.userCertificate = asn1.result.userCertificate; this.revocationDate = new Time({ schema: asn1.result.revocationDate }); if (CRL_ENTRY_EXTENSIONS in asn1.result) { this.crlEntryExtensions = new Extensions({ schema: asn1.result.crlEntryExtensions }); } } toSchema() { const outputArray = [ this.userCertificate, this.revocationDate.toSchema() ]; if (this.crlEntryExtensions) { outputArray.push(this.crlEntryExtensions.toSchema()); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const res = { userCertificate: this.userCertificate.toJSON(), revocationDate: this.revocationDate.toJSON(), }; if (this.crlEntryExtensions) { res.crlEntryExtensions = this.crlEntryExtensions.toJSON(); } return res; } } RevokedCertificate.CLASS_NAME = "RevokedCertificate"; const TBS$3 = "tbs"; const VERSION$e = "version"; const SIGNATURE$3 = "signature"; const ISSUER$1 = "issuer"; const THIS_UPDATE$1 = "thisUpdate"; const NEXT_UPDATE$1 = "nextUpdate"; const REVOKED_CERTIFICATES = "revokedCertificates"; const CRL_EXTENSIONS = "crlExtensions"; const SIGNATURE_ALGORITHM$4 = "signatureAlgorithm"; const SIGNATURE_VALUE$1 = "signatureValue"; const TBS_CERT_LIST = "tbsCertList"; const TBS_CERT_LIST_VERSION = `${TBS_CERT_LIST}.version`; const TBS_CERT_LIST_SIGNATURE = `${TBS_CERT_LIST}.signature`; const TBS_CERT_LIST_ISSUER = `${TBS_CERT_LIST}.issuer`; const TBS_CERT_LIST_THIS_UPDATE = `${TBS_CERT_LIST}.thisUpdate`; const TBS_CERT_LIST_NEXT_UPDATE = `${TBS_CERT_LIST}.nextUpdate`; const TBS_CERT_LIST_REVOKED_CERTIFICATES = `${TBS_CERT_LIST}.revokedCertificates`; const TBS_CERT_LIST_EXTENSIONS = `${TBS_CERT_LIST}.extensions`; const CLEAR_PROPS$N = [ TBS_CERT_LIST, TBS_CERT_LIST_VERSION, TBS_CERT_LIST_SIGNATURE, TBS_CERT_LIST_ISSUER, TBS_CERT_LIST_THIS_UPDATE, TBS_CERT_LIST_NEXT_UPDATE, TBS_CERT_LIST_REVOKED_CERTIFICATES, TBS_CERT_LIST_EXTENSIONS, SIGNATURE_ALGORITHM$4, SIGNATURE_VALUE$1 ]; function tbsCertList(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || TBS_CERT_LIST), value: [ new asn1js__namespace.Integer({ optional: true, name: (names.tbsCertListVersion || TBS_CERT_LIST_VERSION), value: 2 }), AlgorithmIdentifier.schema(names.signature || { names: { blockName: TBS_CERT_LIST_SIGNATURE } }), RelativeDistinguishedNames.schema(names.issuer || { names: { blockName: TBS_CERT_LIST_ISSUER } }), Time.schema(names.tbsCertListThisUpdate || { names: { utcTimeName: TBS_CERT_LIST_THIS_UPDATE, generalTimeName: TBS_CERT_LIST_THIS_UPDATE } }), Time.schema(names.tbsCertListNextUpdate || { names: { utcTimeName: TBS_CERT_LIST_NEXT_UPDATE, generalTimeName: TBS_CERT_LIST_NEXT_UPDATE } }, true), new asn1js__namespace.Sequence({ optional: true, value: [ new asn1js__namespace.Repeated({ name: (names.tbsCertListRevokedCertificates || TBS_CERT_LIST_REVOKED_CERTIFICATES), value: new asn1js__namespace.Sequence({ value: [ new asn1js__namespace.Integer(), Time.schema(), Extensions.schema({}, true) ] }) }) ] }), new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: [Extensions.schema(names.crlExtensions || { names: { blockName: TBS_CERT_LIST_EXTENSIONS } })] }) ] })); } const WELL_KNOWN_EXTENSIONS = [ id_AuthorityKeyIdentifier, id_IssuerAltName, id_CRLNumber, id_BaseCRLNumber, id_IssuingDistributionPoint, id_FreshestCRL, id_AuthorityInfoAccess, id_CRLReason, id_InvalidityDate, id_CertificateIssuer, ]; class CertificateRevocationList extends PkiObject { get tbs() { return pvtsutils__namespace.BufferSourceConverter.toArrayBuffer(this.tbsView); } set tbs(value) { this.tbsView = new Uint8Array(value); } constructor(parameters = {}) { super(); this.tbsView = new Uint8Array(pvutils__namespace.getParametersValue(parameters, TBS$3, CertificateRevocationList.defaultValues(TBS$3))); this.version = pvutils__namespace.getParametersValue(parameters, VERSION$e, CertificateRevocationList.defaultValues(VERSION$e)); this.signature = pvutils__namespace.getParametersValue(parameters, SIGNATURE$3, CertificateRevocationList.defaultValues(SIGNATURE$3)); this.issuer = pvutils__namespace.getParametersValue(parameters, ISSUER$1, CertificateRevocationList.defaultValues(ISSUER$1)); this.thisUpdate = pvutils__namespace.getParametersValue(parameters, THIS_UPDATE$1, CertificateRevocationList.defaultValues(THIS_UPDATE$1)); if (NEXT_UPDATE$1 in parameters) { this.nextUpdate = pvutils__namespace.getParametersValue(parameters, NEXT_UPDATE$1, CertificateRevocationList.defaultValues(NEXT_UPDATE$1)); } if (REVOKED_CERTIFICATES in parameters) { this.revokedCertificates = pvutils__namespace.getParametersValue(parameters, REVOKED_CERTIFICATES, CertificateRevocationList.defaultValues(REVOKED_CERTIFICATES)); } if (CRL_EXTENSIONS in parameters) { this.crlExtensions = pvutils__namespace.getParametersValue(parameters, CRL_EXTENSIONS, CertificateRevocationList.defaultValues(CRL_EXTENSIONS)); } this.signatureAlgorithm = pvutils__namespace.getParametersValue(parameters, SIGNATURE_ALGORITHM$4, CertificateRevocationList.defaultValues(SIGNATURE_ALGORITHM$4)); this.signatureValue = pvutils__namespace.getParametersValue(parameters, SIGNATURE_VALUE$1, CertificateRevocationList.defaultValues(SIGNATURE_VALUE$1)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case TBS$3: return EMPTY_BUFFER; case VERSION$e: return 0; case SIGNATURE$3: return new AlgorithmIdentifier(); case ISSUER$1: return new RelativeDistinguishedNames(); case THIS_UPDATE$1: return new Time(); case NEXT_UPDATE$1: return new Time(); case REVOKED_CERTIFICATES: return []; case CRL_EXTENSIONS: return new Extensions(); case SIGNATURE_ALGORITHM$4: return new AlgorithmIdentifier(); case SIGNATURE_VALUE$1: return new asn1js__namespace.BitString(); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || "CertificateList"), value: [ tbsCertList(parameters), AlgorithmIdentifier.schema(names.signatureAlgorithm || { names: { blockName: SIGNATURE_ALGORITHM$4 } }), new asn1js__namespace.BitString({ name: (names.signatureValue || SIGNATURE_VALUE$1) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$N); const asn1 = asn1js__namespace.compareSchema(schema, schema, CertificateRevocationList.schema()); AsnError.assertSchema(asn1, this.className); this.tbsView = asn1.result.tbsCertList.valueBeforeDecodeView; if (TBS_CERT_LIST_VERSION in asn1.result) { this.version = asn1.result[TBS_CERT_LIST_VERSION].valueBlock.valueDec; } this.signature = new AlgorithmIdentifier({ schema: asn1.result[TBS_CERT_LIST_SIGNATURE] }); this.issuer = new RelativeDistinguishedNames({ schema: asn1.result[TBS_CERT_LIST_ISSUER] }); this.thisUpdate = new Time({ schema: asn1.result[TBS_CERT_LIST_THIS_UPDATE] }); if (TBS_CERT_LIST_NEXT_UPDATE in asn1.result) { this.nextUpdate = new Time({ schema: asn1.result[TBS_CERT_LIST_NEXT_UPDATE] }); } if (TBS_CERT_LIST_REVOKED_CERTIFICATES in asn1.result) { this.revokedCertificates = Array.from(asn1.result[TBS_CERT_LIST_REVOKED_CERTIFICATES], element => new RevokedCertificate({ schema: element })); } if (TBS_CERT_LIST_EXTENSIONS in asn1.result) { this.crlExtensions = new Extensions({ schema: asn1.result[TBS_CERT_LIST_EXTENSIONS] }); } this.signatureAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.signatureAlgorithm }); this.signatureValue = asn1.result.signatureValue; } encodeTBS() { const outputArray = []; if (this.version !== CertificateRevocationList.defaultValues(VERSION$e)) { outputArray.push(new asn1js__namespace.Integer({ value: this.version })); } outputArray.push(this.signature.toSchema()); outputArray.push(this.issuer.toSchema()); outputArray.push(this.thisUpdate.toSchema()); if (this.nextUpdate) { outputArray.push(this.nextUpdate.toSchema()); } if (this.revokedCertificates) { outputArray.push(new asn1js__namespace.Sequence({ value: Array.from(this.revokedCertificates, o => o.toSchema()) })); } if (this.crlExtensions) { outputArray.push(new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: [ this.crlExtensions.toSchema() ] })); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toSchema(encodeFlag = false) { let tbsSchema; if (!encodeFlag) { if (!this.tbsView.byteLength) { return CertificateRevocationList.schema(); } const asn1 = asn1js__namespace.fromBER(this.tbsView); AsnError.assert(asn1, "TBS Certificate Revocation List"); tbsSchema = asn1.result; } else { tbsSchema = this.encodeTBS(); } return (new asn1js__namespace.Sequence({ value: [ tbsSchema, this.signatureAlgorithm.toSchema(), this.signatureValue ] })); } toJSON() { const res = { tbs: pvtsutils__namespace.Convert.ToHex(this.tbsView), version: this.version, signature: this.signature.toJSON(), issuer: this.issuer.toJSON(), thisUpdate: this.thisUpdate.toJSON(), signatureAlgorithm: this.signatureAlgorithm.toJSON(), signatureValue: this.signatureValue.toJSON() }; if (this.version !== CertificateRevocationList.defaultValues(VERSION$e)) res.version = this.version; if (this.nextUpdate) { res.nextUpdate = this.nextUpdate.toJSON(); } if (this.revokedCertificates) { res.revokedCertificates = Array.from(this.revokedCertificates, o => o.toJSON()); } if (this.crlExtensions) { res.crlExtensions = this.crlExtensions.toJSON(); } return res; } isCertificateRevoked(certificate) { if (!this.issuer.isEqual(certificate.issuer)) { return false; } if (!this.revokedCertificates) { return false; } for (const revokedCertificate of this.revokedCertificates) { if (revokedCertificate.userCertificate.isEqual(certificate.serialNumber)) { return true; } } return false; } async sign(privateKey, hashAlgorithm = "SHA-1", crypto = getCrypto(true)) { if (!privateKey) { throw new Error("Need to provide a private key for signing"); } const signatureParameters = await crypto.getSignatureParameters(privateKey, hashAlgorithm); const { parameters } = signatureParameters; this.signature = signatureParameters.signatureAlgorithm; this.signatureAlgorithm = signatureParameters.signatureAlgorithm; this.tbsView = new Uint8Array(this.encodeTBS().toBER()); const signature = await crypto.signWithPrivateKey(this.tbsView, privateKey, parameters); this.signatureValue = new asn1js__namespace.BitString({ valueHex: signature }); } async verify(parameters = {}, crypto = getCrypto(true)) { let subjectPublicKeyInfo; if (parameters.issuerCertificate) { subjectPublicKeyInfo = parameters.issuerCertificate.subjectPublicKeyInfo; if (!this.issuer.isEqual(parameters.issuerCertificate.subject)) { return false; } } if (parameters.publicKeyInfo) { subjectPublicKeyInfo = parameters.publicKeyInfo; } if (!subjectPublicKeyInfo) { throw new Error("Issuer's certificate must be provided as an input parameter"); } if (this.crlExtensions) { for (const extension of this.crlExtensions.extensions) { if (extension.critical) { if (!WELL_KNOWN_EXTENSIONS.includes(extension.extnID)) return false; } } } return crypto.verifyWithPublicKey(this.tbsView, this.signatureValue, subjectPublicKeyInfo, this.signatureAlgorithm); } } CertificateRevocationList.CLASS_NAME = "CertificateRevocationList"; const CRL_ID = "crlId"; const CRL_VALUE = "crlValue"; const PARSED_VALUE$3 = "parsedValue"; const CLEAR_PROPS$M = [ CRL_ID, CRL_VALUE, ]; class CRLBag extends PkiObject { constructor(parameters = {}) { super(); this.crlId = pvutils__namespace.getParametersValue(parameters, CRL_ID, CRLBag.defaultValues(CRL_ID)); this.crlValue = pvutils__namespace.getParametersValue(parameters, CRL_VALUE, CRLBag.defaultValues(CRL_VALUE)); if (PARSED_VALUE$3 in parameters) { this.parsedValue = pvutils__namespace.getParametersValue(parameters, PARSED_VALUE$3, CRLBag.defaultValues(PARSED_VALUE$3)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case CRL_ID: return EMPTY_STRING; case CRL_VALUE: return (new asn1js__namespace.Any()); case PARSED_VALUE$3: return {}; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case CRL_ID: return (memberValue === EMPTY_STRING); case CRL_VALUE: return (memberValue instanceof asn1js__namespace.Any); case PARSED_VALUE$3: return ((memberValue instanceof Object) && (Object.keys(memberValue).length === 0)); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.ObjectIdentifier({ name: (names.id || "id") }), new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: [new asn1js__namespace.Any({ name: (names.value || "value") })] }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$M); const asn1 = asn1js__namespace.compareSchema(schema, schema, CRLBag.schema({ names: { id: CRL_ID, value: CRL_VALUE } })); AsnError.assertSchema(asn1, this.className); this.crlId = asn1.result.crlId.valueBlock.toString(); this.crlValue = asn1.result.crlValue; switch (this.crlId) { case id_CRLBag_X509CRL: { this.parsedValue = CertificateRevocationList.fromBER(this.certValue.valueBlock.valueHex); } break; default: throw new Error(`Incorrect CRL_ID value in CRLBag: ${this.crlId}`); } } toSchema() { if (this.parsedValue) { this.crlId = id_CRLBag_X509CRL; this.crlValue = new asn1js__namespace.OctetString({ valueHex: this.parsedValue.toSchema().toBER(false) }); } return (new asn1js__namespace.Sequence({ value: [ new asn1js__namespace.ObjectIdentifier({ value: this.crlId }), new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: [this.crlValue.toSchema()] }) ] })); } toJSON() { return { crlId: this.crlId, crlValue: this.crlValue.toJSON() }; } } CRLBag.CLASS_NAME = "CRLBag"; const VERSION$d = "version"; const ENCRYPTED_CONTENT_INFO$1 = "encryptedContentInfo"; const UNPROTECTED_ATTRS$1 = "unprotectedAttrs"; const CLEAR_PROPS$L = [ VERSION$d, ENCRYPTED_CONTENT_INFO$1, UNPROTECTED_ATTRS$1, ]; class EncryptedData extends PkiObject { constructor(parameters = {}) { super(); this.version = pvutils__namespace.getParametersValue(parameters, VERSION$d, EncryptedData.defaultValues(VERSION$d)); this.encryptedContentInfo = pvutils__namespace.getParametersValue(parameters, ENCRYPTED_CONTENT_INFO$1, EncryptedData.defaultValues(ENCRYPTED_CONTENT_INFO$1)); if (UNPROTECTED_ATTRS$1 in parameters) { this.unprotectedAttrs = pvutils__namespace.getParametersValue(parameters, UNPROTECTED_ATTRS$1, EncryptedData.defaultValues(UNPROTECTED_ATTRS$1)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case VERSION$d: return 0; case ENCRYPTED_CONTENT_INFO$1: return new EncryptedContentInfo(); case UNPROTECTED_ATTRS$1: return []; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case VERSION$d: return (memberValue === 0); case ENCRYPTED_CONTENT_INFO$1: return ((EncryptedContentInfo.compareWithDefault("contentType", memberValue.contentType)) && (EncryptedContentInfo.compareWithDefault("contentEncryptionAlgorithm", memberValue.contentEncryptionAlgorithm)) && (EncryptedContentInfo.compareWithDefault("encryptedContent", memberValue.encryptedContent))); case UNPROTECTED_ATTRS$1: return (memberValue.length === 0); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Integer({ name: (names.version || EMPTY_STRING) }), EncryptedContentInfo.schema(names.encryptedContentInfo || {}), new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 1 }, value: [ new asn1js__namespace.Repeated({ name: (names.unprotectedAttrs || EMPTY_STRING), value: Attribute.schema() }) ] }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$L); const asn1 = asn1js__namespace.compareSchema(schema, schema, EncryptedData.schema({ names: { version: VERSION$d, encryptedContentInfo: { names: { blockName: ENCRYPTED_CONTENT_INFO$1 } }, unprotectedAttrs: UNPROTECTED_ATTRS$1 } })); AsnError.assertSchema(asn1, this.className); this.version = asn1.result.version.valueBlock.valueDec; this.encryptedContentInfo = new EncryptedContentInfo({ schema: asn1.result.encryptedContentInfo }); if (UNPROTECTED_ATTRS$1 in asn1.result) this.unprotectedAttrs = Array.from(asn1.result.unprotectedAttrs, element => new Attribute({ schema: element })); } toSchema() { const outputArray = []; outputArray.push(new asn1js__namespace.Integer({ value: this.version })); outputArray.push(this.encryptedContentInfo.toSchema()); if (this.unprotectedAttrs) { outputArray.push(new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 1 }, value: Array.from(this.unprotectedAttrs, o => o.toSchema()) })); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const res = { version: this.version, encryptedContentInfo: this.encryptedContentInfo.toJSON() }; if (this.unprotectedAttrs) res.unprotectedAttrs = Array.from(this.unprotectedAttrs, o => o.toJSON()); return res; } async encrypt(parameters, crypto = getCrypto(true)) { ArgumentError.assert(parameters, "parameters", "object"); const encryptParams = { ...parameters, contentType: "1.2.840.113549.1.7.1", }; this.encryptedContentInfo = await crypto.encryptEncryptedContentInfo(encryptParams); } async decrypt(parameters, crypto = getCrypto(true)) { ArgumentError.assert(parameters, "parameters", "object"); const decryptParams = { ...parameters, encryptedContentInfo: this.encryptedContentInfo, }; return crypto.decryptEncryptedContentInfo(decryptParams); } } EncryptedData.CLASS_NAME = "EncryptedData"; const ENCRYPTION_ALGORITHM = "encryptionAlgorithm"; const ENCRYPTED_DATA = "encryptedData"; const PARSED_VALUE$2 = "parsedValue"; const CLEAR_PROPS$K = [ ENCRYPTION_ALGORITHM, ENCRYPTED_DATA, ]; class PKCS8ShroudedKeyBag extends PkiObject { constructor(parameters = {}) { super(); this.encryptionAlgorithm = pvutils__namespace.getParametersValue(parameters, ENCRYPTION_ALGORITHM, PKCS8ShroudedKeyBag.defaultValues(ENCRYPTION_ALGORITHM)); this.encryptedData = pvutils__namespace.getParametersValue(parameters, ENCRYPTED_DATA, PKCS8ShroudedKeyBag.defaultValues(ENCRYPTED_DATA)); if (PARSED_VALUE$2 in parameters) { this.parsedValue = pvutils__namespace.getParametersValue(parameters, PARSED_VALUE$2, PKCS8ShroudedKeyBag.defaultValues(PARSED_VALUE$2)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case ENCRYPTION_ALGORITHM: return (new AlgorithmIdentifier()); case ENCRYPTED_DATA: return (new asn1js__namespace.OctetString()); case PARSED_VALUE$2: return {}; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case ENCRYPTION_ALGORITHM: return ((AlgorithmIdentifier.compareWithDefault("algorithmId", memberValue.algorithmId)) && (("algorithmParams" in memberValue) === false)); case ENCRYPTED_DATA: return (memberValue.isEqual(PKCS8ShroudedKeyBag.defaultValues(memberName))); case PARSED_VALUE$2: return ((memberValue instanceof Object) && (Object.keys(memberValue).length === 0)); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ AlgorithmIdentifier.schema(names.encryptionAlgorithm || { names: { blockName: ENCRYPTION_ALGORITHM } }), new asn1js__namespace.Choice({ value: [ new asn1js__namespace.OctetString({ name: (names.encryptedData || ENCRYPTED_DATA) }), new asn1js__namespace.OctetString({ idBlock: { isConstructed: true }, name: (names.encryptedData || ENCRYPTED_DATA) }) ] }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$K); const asn1 = asn1js__namespace.compareSchema(schema, schema, PKCS8ShroudedKeyBag.schema({ names: { encryptionAlgorithm: { names: { blockName: ENCRYPTION_ALGORITHM } }, encryptedData: ENCRYPTED_DATA } })); AsnError.assertSchema(asn1, this.className); this.encryptionAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.encryptionAlgorithm }); this.encryptedData = asn1.result.encryptedData; } toSchema() { return (new asn1js__namespace.Sequence({ value: [ this.encryptionAlgorithm.toSchema(), this.encryptedData ] })); } toJSON() { return { encryptionAlgorithm: this.encryptionAlgorithm.toJSON(), encryptedData: this.encryptedData.toJSON(), }; } async parseInternalValues(parameters, crypto = getCrypto(true)) { const cmsEncrypted = new EncryptedData({ encryptedContentInfo: new EncryptedContentInfo({ contentEncryptionAlgorithm: this.encryptionAlgorithm, encryptedContent: this.encryptedData }) }); const decryptedData = await cmsEncrypted.decrypt(parameters, crypto); this.parsedValue = PrivateKeyInfo.fromBER(decryptedData); } async makeInternalValues(parameters, crypto = getCrypto(true)) { if (!this.parsedValue) { throw new Error("Please initialize \"parsedValue\" first"); } const cmsEncrypted = new EncryptedData(); const encryptParams = { ...parameters, contentToEncrypt: this.parsedValue.toSchema().toBER(false), }; await cmsEncrypted.encrypt(encryptParams, crypto); if (!cmsEncrypted.encryptedContentInfo.encryptedContent) { throw new Error("The filed `encryptedContent` in EncryptedContentInfo is empty"); } this.encryptionAlgorithm = cmsEncrypted.encryptedContentInfo.contentEncryptionAlgorithm; this.encryptedData = cmsEncrypted.encryptedContentInfo.encryptedContent; } } PKCS8ShroudedKeyBag.CLASS_NAME = "PKCS8ShroudedKeyBag"; const SECRET_TYPE_ID = "secretTypeId"; const SECRET_VALUE = "secretValue"; const CLEAR_PROPS$J = [ SECRET_TYPE_ID, SECRET_VALUE, ]; class SecretBag extends PkiObject { constructor(parameters = {}) { super(); this.secretTypeId = pvutils__namespace.getParametersValue(parameters, SECRET_TYPE_ID, SecretBag.defaultValues(SECRET_TYPE_ID)); this.secretValue = pvutils__namespace.getParametersValue(parameters, SECRET_VALUE, SecretBag.defaultValues(SECRET_VALUE)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case SECRET_TYPE_ID: return EMPTY_STRING; case SECRET_VALUE: return (new asn1js__namespace.Any()); default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case SECRET_TYPE_ID: return (memberValue === EMPTY_STRING); case SECRET_VALUE: return (memberValue instanceof asn1js__namespace.Any); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.ObjectIdentifier({ name: (names.id || "id") }), new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: [new asn1js__namespace.Any({ name: (names.value || "value") })] }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$J); const asn1 = asn1js__namespace.compareSchema(schema, schema, SecretBag.schema({ names: { id: SECRET_TYPE_ID, value: SECRET_VALUE } })); AsnError.assertSchema(asn1, this.className); this.secretTypeId = asn1.result.secretTypeId.valueBlock.toString(); this.secretValue = asn1.result.secretValue; } toSchema() { return (new asn1js__namespace.Sequence({ value: [ new asn1js__namespace.ObjectIdentifier({ value: this.secretTypeId }), new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: [this.secretValue.toSchema()] }) ] })); } toJSON() { return { secretTypeId: this.secretTypeId, secretValue: this.secretValue.toJSON() }; } } SecretBag.CLASS_NAME = "SecretBag"; class SafeBagValueFactory { static getItems() { if (!this.items) { this.items = {}; SafeBagValueFactory.register("1.2.840.113549.1.12.10.1.1", PrivateKeyInfo); SafeBagValueFactory.register("1.2.840.113549.1.12.10.1.2", PKCS8ShroudedKeyBag); SafeBagValueFactory.register("1.2.840.113549.1.12.10.1.3", CertBag); SafeBagValueFactory.register("1.2.840.113549.1.12.10.1.4", CRLBag); SafeBagValueFactory.register("1.2.840.113549.1.12.10.1.5", SecretBag); SafeBagValueFactory.register("1.2.840.113549.1.12.10.1.6", SafeContents); } return this.items; } static register(id, type) { this.getItems()[id] = type; } static find(id) { return this.getItems()[id] || null; } } const BAG_ID = "bagId"; const BAG_VALUE = "bagValue"; const BAG_ATTRIBUTES = "bagAttributes"; const CLEAR_PROPS$I = [ BAG_ID, BAG_VALUE, BAG_ATTRIBUTES ]; class SafeBag extends PkiObject { constructor(parameters = {}) { super(); this.bagId = pvutils__namespace.getParametersValue(parameters, BAG_ID, SafeBag.defaultValues(BAG_ID)); this.bagValue = pvutils__namespace.getParametersValue(parameters, BAG_VALUE, SafeBag.defaultValues(BAG_VALUE)); if (BAG_ATTRIBUTES in parameters) { this.bagAttributes = pvutils__namespace.getParametersValue(parameters, BAG_ATTRIBUTES, SafeBag.defaultValues(BAG_ATTRIBUTES)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case BAG_ID: return EMPTY_STRING; case BAG_VALUE: return (new asn1js__namespace.Any()); case BAG_ATTRIBUTES: return []; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case BAG_ID: return (memberValue === EMPTY_STRING); case BAG_VALUE: return (memberValue instanceof asn1js__namespace.Any); case BAG_ATTRIBUTES: return (memberValue.length === 0); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.ObjectIdentifier({ name: (names.bagId || BAG_ID) }), new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: [new asn1js__namespace.Any({ name: (names.bagValue || BAG_VALUE) })] }), new asn1js__namespace.Set({ optional: true, value: [ new asn1js__namespace.Repeated({ name: (names.bagAttributes || BAG_ATTRIBUTES), value: Attribute.schema() }) ] }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$I); const asn1 = asn1js__namespace.compareSchema(schema, schema, SafeBag.schema({ names: { bagId: BAG_ID, bagValue: BAG_VALUE, bagAttributes: BAG_ATTRIBUTES } })); AsnError.assertSchema(asn1, this.className); this.bagId = asn1.result.bagId.valueBlock.toString(); const bagType = SafeBagValueFactory.find(this.bagId); if (!bagType) { throw new Error(`Invalid BAG_ID for SafeBag: ${this.bagId}`); } this.bagValue = new bagType({ schema: asn1.result.bagValue }); if (BAG_ATTRIBUTES in asn1.result) { this.bagAttributes = Array.from(asn1.result.bagAttributes, element => new Attribute({ schema: element })); } } toSchema() { const outputArray = [ new asn1js__namespace.ObjectIdentifier({ value: this.bagId }), new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: [this.bagValue.toSchema()] }) ]; if (this.bagAttributes) { outputArray.push(new asn1js__namespace.Set({ value: Array.from(this.bagAttributes, o => o.toSchema()) })); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const output = { bagId: this.bagId, bagValue: this.bagValue.toJSON() }; if (this.bagAttributes) { output.bagAttributes = Array.from(this.bagAttributes, o => o.toJSON()); } return output; } } SafeBag.CLASS_NAME = "SafeBag"; const SAFE_BUGS = "safeBags"; class SafeContents extends PkiObject { constructor(parameters = {}) { super(); this.safeBags = pvutils__namespace.getParametersValue(parameters, SAFE_BUGS, SafeContents.defaultValues(SAFE_BUGS)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case SAFE_BUGS: return []; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case SAFE_BUGS: return (memberValue.length === 0); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Repeated({ name: (names.safeBags || EMPTY_STRING), value: SafeBag.schema() }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, [ SAFE_BUGS ]); const asn1 = asn1js__namespace.compareSchema(schema, schema, SafeContents.schema({ names: { safeBags: SAFE_BUGS } })); AsnError.assertSchema(asn1, this.className); this.safeBags = Array.from(asn1.result.safeBags, element => new SafeBag({ schema: element })); } toSchema() { return (new asn1js__namespace.Sequence({ value: Array.from(this.safeBags, o => o.toSchema()) })); } toJSON() { return { safeBags: Array.from(this.safeBags, o => o.toJSON()) }; } } SafeContents.CLASS_NAME = "SafeContents"; const OTHER_CERT_FORMAT = "otherCertFormat"; const OTHER_CERT = "otherCert"; const CLEAR_PROPS$H = [ OTHER_CERT_FORMAT, OTHER_CERT ]; class OtherCertificateFormat extends PkiObject { constructor(parameters = {}) { super(); this.otherCertFormat = pvutils__namespace.getParametersValue(parameters, OTHER_CERT_FORMAT, OtherCertificateFormat.defaultValues(OTHER_CERT_FORMAT)); this.otherCert = pvutils__namespace.getParametersValue(parameters, OTHER_CERT, OtherCertificateFormat.defaultValues(OTHER_CERT)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case OTHER_CERT_FORMAT: return EMPTY_STRING; case OTHER_CERT: return new asn1js__namespace.Any(); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.ObjectIdentifier({ name: (names.otherCertFormat || OTHER_CERT_FORMAT) }), new asn1js__namespace.Any({ name: (names.otherCert || OTHER_CERT) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$H); const asn1 = asn1js__namespace.compareSchema(schema, schema, OtherCertificateFormat.schema()); AsnError.assertSchema(asn1, this.className); this.otherCertFormat = asn1.result.otherCertFormat.valueBlock.toString(); this.otherCert = asn1.result.otherCert; } toSchema() { return (new asn1js__namespace.Sequence({ value: [ new asn1js__namespace.ObjectIdentifier({ value: this.otherCertFormat }), this.otherCert ] })); } toJSON() { const res = { otherCertFormat: this.otherCertFormat }; if (!(this.otherCert instanceof asn1js__namespace.Any)) { res.otherCert = this.otherCert.toJSON(); } return res; } } const CERTIFICATES$1 = "certificates"; const CLEAR_PROPS$G = [ CERTIFICATES$1, ]; class CertificateSet extends PkiObject { constructor(parameters = {}) { super(); this.certificates = pvutils__namespace.getParametersValue(parameters, CERTIFICATES$1, CertificateSet.defaultValues(CERTIFICATES$1)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case CERTIFICATES$1: return []; default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Set({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Repeated({ name: (names.certificates || CERTIFICATES$1), value: new asn1js__namespace.Choice({ value: [ Certificate.schema(), new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: [ new asn1js__namespace.Any() ] }), new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 1 }, value: [ new asn1js__namespace.Sequence ] }), new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 2 }, value: AttributeCertificateV2.schema().valueBlock.value }), new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 3 }, value: OtherCertificateFormat.schema().valueBlock.value }) ] }) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$G); const asn1 = asn1js__namespace.compareSchema(schema, schema, CertificateSet.schema()); AsnError.assertSchema(asn1, this.className); this.certificates = Array.from(asn1.result.certificates || [], (element) => { const initialTagNumber = element.idBlock.tagNumber; if (element.idBlock.tagClass === 1) return new Certificate({ schema: element }); const elementSequence = new asn1js__namespace.Sequence({ value: element.valueBlock.value }); switch (initialTagNumber) { case 1: if (elementSequence.valueBlock.value[0].valueBlock.value[0].valueBlock.valueDec === 1) { return new AttributeCertificateV2({ schema: elementSequence }); } else { return new AttributeCertificateV1({ schema: elementSequence }); } case 2: return new AttributeCertificateV2({ schema: elementSequence }); case 3: return new OtherCertificateFormat({ schema: elementSequence }); } return element; }); } toSchema() { return (new asn1js__namespace.Set({ value: Array.from(this.certificates, element => { switch (true) { case (element instanceof Certificate): return element.toSchema(); case (element instanceof AttributeCertificateV1): return new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 1 }, value: element.toSchema().valueBlock.value }); case (element instanceof AttributeCertificateV2): return new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 2 }, value: element.toSchema().valueBlock.value }); case (element instanceof OtherCertificateFormat): return new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 3 }, value: element.toSchema().valueBlock.value }); } return element.toSchema(); }) })); } toJSON() { return { certificates: Array.from(this.certificates, o => o.toJSON()) }; } } CertificateSet.CLASS_NAME = "CertificateSet"; const OTHER_REV_INFO_FORMAT = "otherRevInfoFormat"; const OTHER_REV_INFO = "otherRevInfo"; const CLEAR_PROPS$F = [ OTHER_REV_INFO_FORMAT, OTHER_REV_INFO ]; class OtherRevocationInfoFormat extends PkiObject { constructor(parameters = {}) { super(); this.otherRevInfoFormat = pvutils__namespace.getParametersValue(parameters, OTHER_REV_INFO_FORMAT, OtherRevocationInfoFormat.defaultValues(OTHER_REV_INFO_FORMAT)); this.otherRevInfo = pvutils__namespace.getParametersValue(parameters, OTHER_REV_INFO, OtherRevocationInfoFormat.defaultValues(OTHER_REV_INFO)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case OTHER_REV_INFO_FORMAT: return EMPTY_STRING; case OTHER_REV_INFO: return new asn1js__namespace.Any(); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.ObjectIdentifier({ name: (names.otherRevInfoFormat || OTHER_REV_INFO_FORMAT) }), new asn1js__namespace.Any({ name: (names.otherRevInfo || OTHER_REV_INFO) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$F); const asn1 = asn1js__namespace.compareSchema(schema, schema, OtherRevocationInfoFormat.schema()); AsnError.assertSchema(asn1, this.className); this.otherRevInfoFormat = asn1.result.otherRevInfoFormat.valueBlock.toString(); this.otherRevInfo = asn1.result.otherRevInfo; } toSchema() { return (new asn1js__namespace.Sequence({ value: [ new asn1js__namespace.ObjectIdentifier({ value: this.otherRevInfoFormat }), this.otherRevInfo ] })); } toJSON() { const res = { otherRevInfoFormat: this.otherRevInfoFormat }; if (!(this.otherRevInfo instanceof asn1js__namespace.Any)) { res.otherRevInfo = this.otherRevInfo.toJSON(); } return res; } } OtherRevocationInfoFormat.CLASS_NAME = "OtherRevocationInfoFormat"; const CRLS$3 = "crls"; const OTHER_REVOCATION_INFOS = "otherRevocationInfos"; const CLEAR_PROPS$E = [ CRLS$3 ]; class RevocationInfoChoices extends PkiObject { constructor(parameters = {}) { super(); this.crls = pvutils__namespace.getParametersValue(parameters, CRLS$3, RevocationInfoChoices.defaultValues(CRLS$3)); this.otherRevocationInfos = pvutils__namespace.getParametersValue(parameters, OTHER_REVOCATION_INFOS, RevocationInfoChoices.defaultValues(OTHER_REVOCATION_INFOS)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case CRLS$3: return []; case OTHER_REVOCATION_INFOS: return []; default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Set({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Repeated({ name: (names.crls || EMPTY_STRING), value: new asn1js__namespace.Choice({ value: [ CertificateRevocationList.schema(), new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 1 }, value: [ new asn1js__namespace.ObjectIdentifier(), new asn1js__namespace.Any() ] }) ] }) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$E); const asn1 = asn1js__namespace.compareSchema(schema, schema, RevocationInfoChoices.schema({ names: { crls: CRLS$3 } })); AsnError.assertSchema(asn1, this.className); if (asn1.result.crls) { for (const element of asn1.result.crls) { if (element.idBlock.tagClass === 1) this.crls.push(new CertificateRevocationList({ schema: element })); else this.otherRevocationInfos.push(new OtherRevocationInfoFormat({ schema: element })); } } } toSchema() { const outputArray = []; outputArray.push(...Array.from(this.crls, o => o.toSchema())); outputArray.push(...Array.from(this.otherRevocationInfos, element => { const schema = element.toSchema(); schema.idBlock.tagClass = 3; schema.idBlock.tagNumber = 1; return schema; })); return (new asn1js__namespace.Set({ value: outputArray })); } toJSON() { return { crls: Array.from(this.crls, o => o.toJSON()), otherRevocationInfos: Array.from(this.otherRevocationInfos, o => o.toJSON()) }; } } RevocationInfoChoices.CLASS_NAME = "RevocationInfoChoices"; const CERTS$3 = "certs"; const CRLS$2 = "crls"; const CLEAR_PROPS$D = [ CERTS$3, CRLS$2, ]; class OriginatorInfo extends PkiObject { constructor(parameters = {}) { super(); this.crls = pvutils__namespace.getParametersValue(parameters, CRLS$2, OriginatorInfo.defaultValues(CRLS$2)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case CERTS$3: return new CertificateSet(); case CRLS$2: return new RevocationInfoChoices(); default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case CERTS$3: return (memberValue.certificates.length === 0); case CRLS$2: return ((memberValue.crls.length === 0) && (memberValue.otherRevocationInfos.length === 0)); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Constructed({ name: (names.certs || EMPTY_STRING), optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: CertificateSet.schema().valueBlock.value }), new asn1js__namespace.Constructed({ name: (names.crls || EMPTY_STRING), optional: true, idBlock: { tagClass: 3, tagNumber: 1 }, value: RevocationInfoChoices.schema().valueBlock.value }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$D); const asn1 = asn1js__namespace.compareSchema(schema, schema, OriginatorInfo.schema({ names: { certs: CERTS$3, crls: CRLS$2 } })); AsnError.assertSchema(asn1, this.className); if (CERTS$3 in asn1.result) { this.certs = new CertificateSet({ schema: new asn1js__namespace.Set({ value: asn1.result.certs.valueBlock.value }) }); } if (CRLS$2 in asn1.result) { this.crls = new RevocationInfoChoices({ schema: new asn1js__namespace.Set({ value: asn1.result.crls.valueBlock.value }) }); } } toSchema() { const sequenceValue = []; if (this.certs) { sequenceValue.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: this.certs.toSchema().valueBlock.value })); } if (this.crls) { sequenceValue.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 1 }, value: this.crls.toSchema().valueBlock.value })); } return (new asn1js__namespace.Sequence({ value: sequenceValue })); } toJSON() { const res = {}; if (this.certs) { res.certs = this.certs.toJSON(); } if (this.crls) { res.crls = this.crls.toJSON(); } return res; } } OriginatorInfo.CLASS_NAME = "OriginatorInfo"; const ISSUER = "issuer"; const SERIAL_NUMBER$2 = "serialNumber"; const CLEAR_PROPS$C = [ ISSUER, SERIAL_NUMBER$2, ]; class IssuerAndSerialNumber extends PkiObject { constructor(parameters = {}) { super(); this.issuer = pvutils__namespace.getParametersValue(parameters, ISSUER, IssuerAndSerialNumber.defaultValues(ISSUER)); this.serialNumber = pvutils__namespace.getParametersValue(parameters, SERIAL_NUMBER$2, IssuerAndSerialNumber.defaultValues(SERIAL_NUMBER$2)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case ISSUER: return new RelativeDistinguishedNames(); case SERIAL_NUMBER$2: return new asn1js__namespace.Integer(); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ RelativeDistinguishedNames.schema(names.issuer || {}), new asn1js__namespace.Integer({ name: (names.serialNumber || EMPTY_STRING) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$C); const asn1 = asn1js__namespace.compareSchema(schema, schema, IssuerAndSerialNumber.schema({ names: { issuer: { names: { blockName: ISSUER } }, serialNumber: SERIAL_NUMBER$2 } })); AsnError.assertSchema(asn1, this.className); this.issuer = new RelativeDistinguishedNames({ schema: asn1.result.issuer }); this.serialNumber = asn1.result.serialNumber; } toSchema() { return (new asn1js__namespace.Sequence({ value: [ this.issuer.toSchema(), this.serialNumber ] })); } toJSON() { return { issuer: this.issuer.toJSON(), serialNumber: this.serialNumber.toJSON(), }; } } IssuerAndSerialNumber.CLASS_NAME = "IssuerAndSerialNumber"; const VARIANT$3 = "variant"; const VALUE$3 = "value"; const CLEAR_PROPS$B = [ "blockName" ]; class RecipientIdentifier extends PkiObject { constructor(parameters = {}) { super(); this.variant = pvutils__namespace.getParametersValue(parameters, VARIANT$3, RecipientIdentifier.defaultValues(VARIANT$3)); if (VALUE$3 in parameters) { this.value = pvutils__namespace.getParametersValue(parameters, VALUE$3, RecipientIdentifier.defaultValues(VALUE$3)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case VARIANT$3: return (-1); case VALUE$3: return {}; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case VARIANT$3: return (memberValue === (-1)); case VALUE$3: return (Object.keys(memberValue).length === 0); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Choice({ value: [ IssuerAndSerialNumber.schema({ names: { blockName: (names.blockName || EMPTY_STRING) } }), new asn1js__namespace.Primitive({ name: (names.blockName || EMPTY_STRING), idBlock: { tagClass: 3, tagNumber: 0 } }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$B); const asn1 = asn1js__namespace.compareSchema(schema, schema, RecipientIdentifier.schema({ names: { blockName: "blockName" } })); AsnError.assertSchema(asn1, this.className); if (asn1.result.blockName.idBlock.tagClass === 1) { this.variant = 1; this.value = new IssuerAndSerialNumber({ schema: asn1.result.blockName }); } else { this.variant = 2; this.value = new asn1js__namespace.OctetString({ valueHex: asn1.result.blockName.valueBlock.valueHex }); } } toSchema() { switch (this.variant) { case 1: if (!(this.value instanceof IssuerAndSerialNumber)) { throw new Error("Incorrect type of RecipientIdentifier.value. It should be IssuerAndSerialNumber."); } return this.value.toSchema(); case 2: if (!(this.value instanceof asn1js__namespace.OctetString)) { throw new Error("Incorrect type of RecipientIdentifier.value. It should be ASN.1 OctetString."); } return new asn1js__namespace.Primitive({ idBlock: { tagClass: 3, tagNumber: 0 }, valueHex: this.value.valueBlock.valueHexView }); default: return new asn1js__namespace.Any(); } } toJSON() { const res = { variant: this.variant }; if ((this.variant === 1 || this.variant === 2) && this.value) { res.value = this.value.toJSON(); } return res; } } RecipientIdentifier.CLASS_NAME = "RecipientIdentifier"; const VERSION$c = "version"; const RID$1 = "rid"; const KEY_ENCRYPTION_ALGORITHM$3 = "keyEncryptionAlgorithm"; const ENCRYPTED_KEY$3 = "encryptedKey"; const RECIPIENT_CERTIFICATE$1 = "recipientCertificate"; const CLEAR_PROPS$A = [ VERSION$c, RID$1, KEY_ENCRYPTION_ALGORITHM$3, ENCRYPTED_KEY$3, ]; class KeyTransRecipientInfo extends PkiObject { constructor(parameters = {}) { super(); this.version = pvutils__namespace.getParametersValue(parameters, VERSION$c, KeyTransRecipientInfo.defaultValues(VERSION$c)); this.rid = pvutils__namespace.getParametersValue(parameters, RID$1, KeyTransRecipientInfo.defaultValues(RID$1)); this.keyEncryptionAlgorithm = pvutils__namespace.getParametersValue(parameters, KEY_ENCRYPTION_ALGORITHM$3, KeyTransRecipientInfo.defaultValues(KEY_ENCRYPTION_ALGORITHM$3)); this.encryptedKey = pvutils__namespace.getParametersValue(parameters, ENCRYPTED_KEY$3, KeyTransRecipientInfo.defaultValues(ENCRYPTED_KEY$3)); this.recipientCertificate = pvutils__namespace.getParametersValue(parameters, RECIPIENT_CERTIFICATE$1, KeyTransRecipientInfo.defaultValues(RECIPIENT_CERTIFICATE$1)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case VERSION$c: return (-1); case RID$1: return {}; case KEY_ENCRYPTION_ALGORITHM$3: return new AlgorithmIdentifier(); case ENCRYPTED_KEY$3: return new asn1js__namespace.OctetString(); case RECIPIENT_CERTIFICATE$1: return new Certificate(); default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case VERSION$c: return (memberValue === KeyTransRecipientInfo.defaultValues(VERSION$c)); case RID$1: return (Object.keys(memberValue).length === 0); case KEY_ENCRYPTION_ALGORITHM$3: case ENCRYPTED_KEY$3: return memberValue.isEqual(KeyTransRecipientInfo.defaultValues(memberName)); case RECIPIENT_CERTIFICATE$1: return false; default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Integer({ name: (names.version || EMPTY_STRING) }), RecipientIdentifier.schema(names.rid || {}), AlgorithmIdentifier.schema(names.keyEncryptionAlgorithm || {}), new asn1js__namespace.OctetString({ name: (names.encryptedKey || EMPTY_STRING) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$A); const asn1 = asn1js__namespace.compareSchema(schema, schema, KeyTransRecipientInfo.schema({ names: { version: VERSION$c, rid: { names: { blockName: RID$1 } }, keyEncryptionAlgorithm: { names: { blockName: KEY_ENCRYPTION_ALGORITHM$3 } }, encryptedKey: ENCRYPTED_KEY$3 } })); AsnError.assertSchema(asn1, this.className); this.version = asn1.result.version.valueBlock.valueDec; if (asn1.result.rid.idBlock.tagClass === 3) { this.rid = new asn1js__namespace.OctetString({ valueHex: asn1.result.rid.valueBlock.valueHex }); } else { this.rid = new IssuerAndSerialNumber({ schema: asn1.result.rid }); } this.keyEncryptionAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.keyEncryptionAlgorithm }); this.encryptedKey = asn1.result.encryptedKey; } toSchema() { const outputArray = []; if (this.rid instanceof IssuerAndSerialNumber) { this.version = 0; outputArray.push(new asn1js__namespace.Integer({ value: this.version })); outputArray.push(this.rid.toSchema()); } else { this.version = 2; outputArray.push(new asn1js__namespace.Integer({ value: this.version })); outputArray.push(new asn1js__namespace.Primitive({ idBlock: { tagClass: 3, tagNumber: 0 }, valueHex: this.rid.valueBlock.valueHexView })); } outputArray.push(this.keyEncryptionAlgorithm.toSchema()); outputArray.push(this.encryptedKey); return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { return { version: this.version, rid: this.rid.toJSON(), keyEncryptionAlgorithm: this.keyEncryptionAlgorithm.toJSON(), encryptedKey: this.encryptedKey.toJSON(), }; } } KeyTransRecipientInfo.CLASS_NAME = "KeyTransRecipientInfo"; const ALGORITHM = "algorithm"; const PUBLIC_KEY = "publicKey"; const CLEAR_PROPS$z = [ ALGORITHM, PUBLIC_KEY ]; class OriginatorPublicKey extends PkiObject { constructor(parameters = {}) { super(); this.algorithm = pvutils__namespace.getParametersValue(parameters, ALGORITHM, OriginatorPublicKey.defaultValues(ALGORITHM)); this.publicKey = pvutils__namespace.getParametersValue(parameters, PUBLIC_KEY, OriginatorPublicKey.defaultValues(PUBLIC_KEY)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case ALGORITHM: return new AlgorithmIdentifier(); case PUBLIC_KEY: return new asn1js__namespace.BitString(); default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case ALGORITHM: case PUBLIC_KEY: return (memberValue.isEqual(OriginatorPublicKey.defaultValues(memberName))); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ AlgorithmIdentifier.schema(names.algorithm || {}), new asn1js__namespace.BitString({ name: (names.publicKey || EMPTY_STRING) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$z); const asn1 = asn1js__namespace.compareSchema(schema, schema, OriginatorPublicKey.schema({ names: { algorithm: { names: { blockName: ALGORITHM } }, publicKey: PUBLIC_KEY } })); AsnError.assertSchema(asn1, this.className); this.algorithm = new AlgorithmIdentifier({ schema: asn1.result.algorithm }); this.publicKey = asn1.result.publicKey; } toSchema() { return (new asn1js__namespace.Sequence({ value: [ this.algorithm.toSchema(), this.publicKey ] })); } toJSON() { return { algorithm: this.algorithm.toJSON(), publicKey: this.publicKey.toJSON(), }; } } OriginatorPublicKey.CLASS_NAME = "OriginatorPublicKey"; const VARIANT$2 = "variant"; const VALUE$2 = "value"; const CLEAR_PROPS$y = [ "blockName", ]; class OriginatorIdentifierOrKey extends PkiObject { constructor(parameters = {}) { super(); this.variant = pvutils__namespace.getParametersValue(parameters, VARIANT$2, OriginatorIdentifierOrKey.defaultValues(VARIANT$2)); if (VALUE$2 in parameters) { this.value = pvutils__namespace.getParametersValue(parameters, VALUE$2, OriginatorIdentifierOrKey.defaultValues(VALUE$2)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case VARIANT$2: return (-1); case VALUE$2: return {}; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case VARIANT$2: return (memberValue === (-1)); case VALUE$2: return (Object.keys(memberValue).length === 0); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Choice({ value: [ IssuerAndSerialNumber.schema({ names: { blockName: (names.blockName || EMPTY_STRING) } }), new asn1js__namespace.Primitive({ idBlock: { tagClass: 3, tagNumber: 0 }, name: (names.blockName || EMPTY_STRING) }), new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 1 }, name: (names.blockName || EMPTY_STRING), value: OriginatorPublicKey.schema().valueBlock.value }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$y); const asn1 = asn1js__namespace.compareSchema(schema, schema, OriginatorIdentifierOrKey.schema({ names: { blockName: "blockName" } })); AsnError.assertSchema(asn1, this.className); if (asn1.result.blockName.idBlock.tagClass === 1) { this.variant = 1; this.value = new IssuerAndSerialNumber({ schema: asn1.result.blockName }); } else { if (asn1.result.blockName.idBlock.tagNumber === 0) { asn1.result.blockName.idBlock.tagClass = 1; asn1.result.blockName.idBlock.tagNumber = 4; this.variant = 2; this.value = asn1.result.blockName; } else { this.variant = 3; this.value = new OriginatorPublicKey({ schema: new asn1js__namespace.Sequence({ value: asn1.result.blockName.valueBlock.value }) }); } } } toSchema() { switch (this.variant) { case 1: return this.value.toSchema(); case 2: this.value.idBlock.tagClass = 3; this.value.idBlock.tagNumber = 0; return this.value; case 3: { const _schema = this.value.toSchema(); _schema.idBlock.tagClass = 3; _schema.idBlock.tagNumber = 1; return _schema; } default: return new asn1js__namespace.Any(); } } toJSON() { const res = { variant: this.variant }; if ((this.variant === 1) || (this.variant === 2) || (this.variant === 3)) { res.value = this.value.toJSON(); } return res; } } OriginatorIdentifierOrKey.CLASS_NAME = "OriginatorIdentifierOrKey"; const KEY_ATTR_ID = "keyAttrId"; const KEY_ATTR = "keyAttr"; const CLEAR_PROPS$x = [ KEY_ATTR_ID, KEY_ATTR, ]; class OtherKeyAttribute extends PkiObject { constructor(parameters = {}) { super(); this.keyAttrId = pvutils__namespace.getParametersValue(parameters, KEY_ATTR_ID, OtherKeyAttribute.defaultValues(KEY_ATTR_ID)); if (KEY_ATTR in parameters) { this.keyAttr = pvutils__namespace.getParametersValue(parameters, KEY_ATTR, OtherKeyAttribute.defaultValues(KEY_ATTR)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case KEY_ATTR_ID: return EMPTY_STRING; case KEY_ATTR: return {}; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case KEY_ATTR_ID: return (typeof memberValue === "string" && memberValue === EMPTY_STRING); case KEY_ATTR: return (Object.keys(memberValue).length === 0); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ optional: (names.optional || true), name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.ObjectIdentifier({ name: (names.keyAttrId || EMPTY_STRING) }), new asn1js__namespace.Any({ optional: true, name: (names.keyAttr || EMPTY_STRING) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$x); const asn1 = asn1js__namespace.compareSchema(schema, schema, OtherKeyAttribute.schema({ names: { keyAttrId: KEY_ATTR_ID, keyAttr: KEY_ATTR } })); AsnError.assertSchema(asn1, this.className); this.keyAttrId = asn1.result.keyAttrId.valueBlock.toString(); if (KEY_ATTR in asn1.result) { this.keyAttr = asn1.result.keyAttr; } } toSchema() { const outputArray = []; outputArray.push(new asn1js__namespace.ObjectIdentifier({ value: this.keyAttrId })); if (KEY_ATTR in this) { outputArray.push(this.keyAttr); } return (new asn1js__namespace.Sequence({ value: outputArray, })); } toJSON() { const res = { keyAttrId: this.keyAttrId }; if (KEY_ATTR in this) { res.keyAttr = this.keyAttr.toJSON(); } return res; } } OtherKeyAttribute.CLASS_NAME = "OtherKeyAttribute"; const SUBJECT_KEY_IDENTIFIER = "subjectKeyIdentifier"; const DATE$1 = "date"; const OTHER$1 = "other"; const CLEAR_PROPS$w = [ SUBJECT_KEY_IDENTIFIER, DATE$1, OTHER$1, ]; class RecipientKeyIdentifier extends PkiObject { constructor(parameters = {}) { super(); this.subjectKeyIdentifier = pvutils__namespace.getParametersValue(parameters, SUBJECT_KEY_IDENTIFIER, RecipientKeyIdentifier.defaultValues(SUBJECT_KEY_IDENTIFIER)); if (DATE$1 in parameters) { this.date = pvutils__namespace.getParametersValue(parameters, DATE$1, RecipientKeyIdentifier.defaultValues(DATE$1)); } if (OTHER$1 in parameters) { this.other = pvutils__namespace.getParametersValue(parameters, OTHER$1, RecipientKeyIdentifier.defaultValues(OTHER$1)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case SUBJECT_KEY_IDENTIFIER: return new asn1js__namespace.OctetString(); case DATE$1: return new asn1js__namespace.GeneralizedTime(); case OTHER$1: return new OtherKeyAttribute(); default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case SUBJECT_KEY_IDENTIFIER: return (memberValue.isEqual(RecipientKeyIdentifier.defaultValues(SUBJECT_KEY_IDENTIFIER))); case DATE$1: return ((memberValue.year === 0) && (memberValue.month === 0) && (memberValue.day === 0) && (memberValue.hour === 0) && (memberValue.minute === 0) && (memberValue.second === 0) && (memberValue.millisecond === 0)); case OTHER$1: return ((memberValue.keyAttrId === EMPTY_STRING) && (("keyAttr" in memberValue) === false)); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.OctetString({ name: (names.subjectKeyIdentifier || EMPTY_STRING) }), new asn1js__namespace.GeneralizedTime({ optional: true, name: (names.date || EMPTY_STRING) }), OtherKeyAttribute.schema(names.other || {}) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$w); const asn1 = asn1js__namespace.compareSchema(schema, schema, RecipientKeyIdentifier.schema({ names: { subjectKeyIdentifier: SUBJECT_KEY_IDENTIFIER, date: DATE$1, other: { names: { blockName: OTHER$1 } } } })); AsnError.assertSchema(asn1, this.className); this.subjectKeyIdentifier = asn1.result.subjectKeyIdentifier; if (DATE$1 in asn1.result) this.date = asn1.result.date; if (OTHER$1 in asn1.result) this.other = new OtherKeyAttribute({ schema: asn1.result.other }); } toSchema() { const outputArray = []; outputArray.push(this.subjectKeyIdentifier); if (this.date) { outputArray.push(this.date); } if (this.other) { outputArray.push(this.other.toSchema()); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const res = { subjectKeyIdentifier: this.subjectKeyIdentifier.toJSON() }; if (this.date) { res.date = this.date.toJSON(); } if (this.other) { res.other = this.other.toJSON(); } return res; } } RecipientKeyIdentifier.CLASS_NAME = "RecipientKeyIdentifier"; const VARIANT$1 = "variant"; const VALUE$1 = "value"; const CLEAR_PROPS$v = [ "blockName", ]; class KeyAgreeRecipientIdentifier extends PkiObject { constructor(parameters = {}) { super(); this.variant = pvutils__namespace.getParametersValue(parameters, VARIANT$1, KeyAgreeRecipientIdentifier.defaultValues(VARIANT$1)); this.value = pvutils__namespace.getParametersValue(parameters, VALUE$1, KeyAgreeRecipientIdentifier.defaultValues(VALUE$1)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case VARIANT$1: return (-1); case VALUE$1: return {}; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case VARIANT$1: return (memberValue === (-1)); case VALUE$1: return (Object.keys(memberValue).length === 0); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Choice({ value: [ IssuerAndSerialNumber.schema(names.issuerAndSerialNumber || { names: { blockName: (names.blockName || EMPTY_STRING) } }), new asn1js__namespace.Constructed({ name: (names.blockName || EMPTY_STRING), idBlock: { tagClass: 3, tagNumber: 0 }, value: RecipientKeyIdentifier.schema(names.rKeyId || { names: { blockName: (names.blockName || EMPTY_STRING) } }).valueBlock.value }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$v); const asn1 = asn1js__namespace.compareSchema(schema, schema, KeyAgreeRecipientIdentifier.schema({ names: { blockName: "blockName" } })); AsnError.assertSchema(asn1, this.className); if (asn1.result.blockName.idBlock.tagClass === 1) { this.variant = 1; this.value = new IssuerAndSerialNumber({ schema: asn1.result.blockName }); } else { this.variant = 2; this.value = new RecipientKeyIdentifier({ schema: new asn1js__namespace.Sequence({ value: asn1.result.blockName.valueBlock.value }) }); } } toSchema() { switch (this.variant) { case 1: return this.value.toSchema(); case 2: return new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: this.value.toSchema().valueBlock.value }); default: return new asn1js__namespace.Any(); } } toJSON() { const res = { variant: this.variant, }; if ((this.variant === 1) || (this.variant === 2)) { res.value = this.value.toJSON(); } return res; } } KeyAgreeRecipientIdentifier.CLASS_NAME = "KeyAgreeRecipientIdentifier"; const RID = "rid"; const ENCRYPTED_KEY$2 = "encryptedKey"; const CLEAR_PROPS$u = [ RID, ENCRYPTED_KEY$2, ]; class RecipientEncryptedKey extends PkiObject { constructor(parameters = {}) { super(); this.rid = pvutils__namespace.getParametersValue(parameters, RID, RecipientEncryptedKey.defaultValues(RID)); this.encryptedKey = pvutils__namespace.getParametersValue(parameters, ENCRYPTED_KEY$2, RecipientEncryptedKey.defaultValues(ENCRYPTED_KEY$2)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case RID: return new KeyAgreeRecipientIdentifier(); case ENCRYPTED_KEY$2: return new asn1js__namespace.OctetString(); default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case RID: return ((memberValue.variant === (-1)) && (("value" in memberValue) === false)); case ENCRYPTED_KEY$2: return (memberValue.isEqual(RecipientEncryptedKey.defaultValues(ENCRYPTED_KEY$2))); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ KeyAgreeRecipientIdentifier.schema(names.rid || {}), new asn1js__namespace.OctetString({ name: (names.encryptedKey || EMPTY_STRING) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$u); const asn1 = asn1js__namespace.compareSchema(schema, schema, RecipientEncryptedKey.schema({ names: { rid: { names: { blockName: RID } }, encryptedKey: ENCRYPTED_KEY$2 } })); AsnError.assertSchema(asn1, this.className); this.rid = new KeyAgreeRecipientIdentifier({ schema: asn1.result.rid }); this.encryptedKey = asn1.result.encryptedKey; } toSchema() { return (new asn1js__namespace.Sequence({ value: [ this.rid.toSchema(), this.encryptedKey ] })); } toJSON() { return { rid: this.rid.toJSON(), encryptedKey: this.encryptedKey.toJSON(), }; } } RecipientEncryptedKey.CLASS_NAME = "RecipientEncryptedKey"; const ENCRYPTED_KEYS = "encryptedKeys"; const RECIPIENT_ENCRYPTED_KEYS = "RecipientEncryptedKeys"; const CLEAR_PROPS$t = [ RECIPIENT_ENCRYPTED_KEYS, ]; class RecipientEncryptedKeys extends PkiObject { constructor(parameters = {}) { super(); this.encryptedKeys = pvutils__namespace.getParametersValue(parameters, ENCRYPTED_KEYS, RecipientEncryptedKeys.defaultValues(ENCRYPTED_KEYS)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case ENCRYPTED_KEYS: return []; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case ENCRYPTED_KEYS: return (memberValue.length === 0); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Repeated({ name: (names.RecipientEncryptedKeys || EMPTY_STRING), value: RecipientEncryptedKey.schema() }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$t); const asn1 = asn1js__namespace.compareSchema(schema, schema, RecipientEncryptedKeys.schema({ names: { RecipientEncryptedKeys: RECIPIENT_ENCRYPTED_KEYS } })); AsnError.assertSchema(asn1, this.className); this.encryptedKeys = Array.from(asn1.result.RecipientEncryptedKeys, element => new RecipientEncryptedKey({ schema: element })); } toSchema() { return (new asn1js__namespace.Sequence({ value: Array.from(this.encryptedKeys, o => o.toSchema()) })); } toJSON() { return { encryptedKeys: Array.from(this.encryptedKeys, o => o.toJSON()) }; } } RecipientEncryptedKeys.CLASS_NAME = "RecipientEncryptedKeys"; const VERSION$b = "version"; const ORIGINATOR = "originator"; const UKM = "ukm"; const KEY_ENCRYPTION_ALGORITHM$2 = "keyEncryptionAlgorithm"; const RECIPIENT_ENCRYPTED_KEY = "recipientEncryptedKeys"; const RECIPIENT_CERTIFICATE = "recipientCertificate"; const RECIPIENT_PUBLIC_KEY = "recipientPublicKey"; const CLEAR_PROPS$s = [ VERSION$b, ORIGINATOR, UKM, KEY_ENCRYPTION_ALGORITHM$2, RECIPIENT_ENCRYPTED_KEY, ]; class KeyAgreeRecipientInfo extends PkiObject { constructor(parameters = {}) { super(); this.version = pvutils__namespace.getParametersValue(parameters, VERSION$b, KeyAgreeRecipientInfo.defaultValues(VERSION$b)); this.originator = pvutils__namespace.getParametersValue(parameters, ORIGINATOR, KeyAgreeRecipientInfo.defaultValues(ORIGINATOR)); if (UKM in parameters) { this.ukm = pvutils__namespace.getParametersValue(parameters, UKM, KeyAgreeRecipientInfo.defaultValues(UKM)); } this.keyEncryptionAlgorithm = pvutils__namespace.getParametersValue(parameters, KEY_ENCRYPTION_ALGORITHM$2, KeyAgreeRecipientInfo.defaultValues(KEY_ENCRYPTION_ALGORITHM$2)); this.recipientEncryptedKeys = pvutils__namespace.getParametersValue(parameters, RECIPIENT_ENCRYPTED_KEY, KeyAgreeRecipientInfo.defaultValues(RECIPIENT_ENCRYPTED_KEY)); this.recipientCertificate = pvutils__namespace.getParametersValue(parameters, RECIPIENT_CERTIFICATE, KeyAgreeRecipientInfo.defaultValues(RECIPIENT_CERTIFICATE)); this.recipientPublicKey = pvutils__namespace.getParametersValue(parameters, RECIPIENT_PUBLIC_KEY, KeyAgreeRecipientInfo.defaultValues(RECIPIENT_PUBLIC_KEY)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case VERSION$b: return 0; case ORIGINATOR: return new OriginatorIdentifierOrKey(); case UKM: return new asn1js__namespace.OctetString(); case KEY_ENCRYPTION_ALGORITHM$2: return new AlgorithmIdentifier(); case RECIPIENT_ENCRYPTED_KEY: return new RecipientEncryptedKeys(); case RECIPIENT_CERTIFICATE: return new Certificate(); case RECIPIENT_PUBLIC_KEY: return null; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case VERSION$b: return (memberValue === 0); case ORIGINATOR: return ((memberValue.variant === (-1)) && (("value" in memberValue) === false)); case UKM: return (memberValue.isEqual(KeyAgreeRecipientInfo.defaultValues(UKM))); case KEY_ENCRYPTION_ALGORITHM$2: return ((memberValue.algorithmId === EMPTY_STRING) && (("algorithmParams" in memberValue) === false)); case RECIPIENT_ENCRYPTED_KEY: return (memberValue.encryptedKeys.length === 0); case RECIPIENT_CERTIFICATE: return false; case RECIPIENT_PUBLIC_KEY: return false; default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: names.blockName || EMPTY_STRING, value: [ new asn1js__namespace.Integer({ name: names.version || EMPTY_STRING }), new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: [ OriginatorIdentifierOrKey.schema(names.originator || {}) ] }), new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 1 }, value: [new asn1js__namespace.OctetString({ name: names.ukm || EMPTY_STRING })] }), AlgorithmIdentifier.schema(names.keyEncryptionAlgorithm || {}), RecipientEncryptedKeys.schema(names.recipientEncryptedKeys || {}) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$s); const asn1 = asn1js__namespace.compareSchema(schema, schema, KeyAgreeRecipientInfo.schema({ names: { version: VERSION$b, originator: { names: { blockName: ORIGINATOR } }, ukm: UKM, keyEncryptionAlgorithm: { names: { blockName: KEY_ENCRYPTION_ALGORITHM$2 } }, recipientEncryptedKeys: { names: { blockName: RECIPIENT_ENCRYPTED_KEY } } } })); AsnError.assertSchema(asn1, this.className); this.version = asn1.result.version.valueBlock.valueDec; this.originator = new OriginatorIdentifierOrKey({ schema: asn1.result.originator }); if (UKM in asn1.result) this.ukm = asn1.result.ukm; this.keyEncryptionAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.keyEncryptionAlgorithm }); this.recipientEncryptedKeys = new RecipientEncryptedKeys({ schema: asn1.result.recipientEncryptedKeys }); } toSchema() { const outputArray = []; outputArray.push(new asn1js__namespace.Integer({ value: this.version })); outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: [this.originator.toSchema()] })); if (this.ukm) { outputArray.push(new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 1 }, value: [this.ukm] })); } outputArray.push(this.keyEncryptionAlgorithm.toSchema()); outputArray.push(this.recipientEncryptedKeys.toSchema()); return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const res = { version: this.version, originator: this.originator.toJSON(), keyEncryptionAlgorithm: this.keyEncryptionAlgorithm.toJSON(), recipientEncryptedKeys: this.recipientEncryptedKeys.toJSON(), }; if (this.ukm) { res.ukm = this.ukm.toJSON(); } return res; } } KeyAgreeRecipientInfo.CLASS_NAME = "KeyAgreeRecipientInfo"; const KEY_IDENTIFIER = "keyIdentifier"; const DATE = "date"; const OTHER = "other"; const CLEAR_PROPS$r = [ KEY_IDENTIFIER, DATE, OTHER, ]; class KEKIdentifier extends PkiObject { constructor(parameters = {}) { super(); this.keyIdentifier = pvutils__namespace.getParametersValue(parameters, KEY_IDENTIFIER, KEKIdentifier.defaultValues(KEY_IDENTIFIER)); if (DATE in parameters) { this.date = pvutils__namespace.getParametersValue(parameters, DATE, KEKIdentifier.defaultValues(DATE)); } if (OTHER in parameters) { this.other = pvutils__namespace.getParametersValue(parameters, OTHER, KEKIdentifier.defaultValues(OTHER)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case KEY_IDENTIFIER: return new asn1js__namespace.OctetString(); case DATE: return new asn1js__namespace.GeneralizedTime(); case OTHER: return new OtherKeyAttribute(); default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case KEY_IDENTIFIER: return (memberValue.isEqual(KEKIdentifier.defaultValues(KEY_IDENTIFIER))); case DATE: return ((memberValue.year === 0) && (memberValue.month === 0) && (memberValue.day === 0) && (memberValue.hour === 0) && (memberValue.minute === 0) && (memberValue.second === 0) && (memberValue.millisecond === 0)); case OTHER: return ((memberValue.compareWithDefault("keyAttrId", memberValue.keyAttrId)) && (("keyAttr" in memberValue) === false)); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.OctetString({ name: (names.keyIdentifier || EMPTY_STRING) }), new asn1js__namespace.GeneralizedTime({ optional: true, name: (names.date || EMPTY_STRING) }), OtherKeyAttribute.schema(names.other || {}) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$r); const asn1 = asn1js__namespace.compareSchema(schema, schema, KEKIdentifier.schema({ names: { keyIdentifier: KEY_IDENTIFIER, date: DATE, other: { names: { blockName: OTHER } } } })); AsnError.assertSchema(asn1, this.className); this.keyIdentifier = asn1.result.keyIdentifier; if (DATE in asn1.result) this.date = asn1.result.date; if (OTHER in asn1.result) this.other = new OtherKeyAttribute({ schema: asn1.result.other }); } toSchema() { const outputArray = []; outputArray.push(this.keyIdentifier); if (this.date) { outputArray.push(this.date); } if (this.other) { outputArray.push(this.other.toSchema()); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const res = { keyIdentifier: this.keyIdentifier.toJSON() }; if (this.date) { res.date = this.date; } if (this.other) { res.other = this.other.toJSON(); } return res; } } KEKIdentifier.CLASS_NAME = "KEKIdentifier"; const VERSION$a = "version"; const KEK_ID = "kekid"; const KEY_ENCRYPTION_ALGORITHM$1 = "keyEncryptionAlgorithm"; const ENCRYPTED_KEY$1 = "encryptedKey"; const PER_DEFINED_KEK = "preDefinedKEK"; const CLEAR_PROPS$q = [ VERSION$a, KEK_ID, KEY_ENCRYPTION_ALGORITHM$1, ENCRYPTED_KEY$1, ]; class KEKRecipientInfo extends PkiObject { constructor(parameters = {}) { super(); this.version = pvutils__namespace.getParametersValue(parameters, VERSION$a, KEKRecipientInfo.defaultValues(VERSION$a)); this.kekid = pvutils__namespace.getParametersValue(parameters, KEK_ID, KEKRecipientInfo.defaultValues(KEK_ID)); this.keyEncryptionAlgorithm = pvutils__namespace.getParametersValue(parameters, KEY_ENCRYPTION_ALGORITHM$1, KEKRecipientInfo.defaultValues(KEY_ENCRYPTION_ALGORITHM$1)); this.encryptedKey = pvutils__namespace.getParametersValue(parameters, ENCRYPTED_KEY$1, KEKRecipientInfo.defaultValues(ENCRYPTED_KEY$1)); this.preDefinedKEK = pvutils__namespace.getParametersValue(parameters, PER_DEFINED_KEK, KEKRecipientInfo.defaultValues(PER_DEFINED_KEK)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case VERSION$a: return 0; case KEK_ID: return new KEKIdentifier(); case KEY_ENCRYPTION_ALGORITHM$1: return new AlgorithmIdentifier(); case ENCRYPTED_KEY$1: return new asn1js__namespace.OctetString(); case PER_DEFINED_KEK: return EMPTY_BUFFER; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case "KEKRecipientInfo": return (memberValue === KEKRecipientInfo.defaultValues(VERSION$a)); case KEK_ID: return ((memberValue.compareWithDefault("keyIdentifier", memberValue.keyIdentifier)) && (("date" in memberValue) === false) && (("other" in memberValue) === false)); case KEY_ENCRYPTION_ALGORITHM$1: return ((memberValue.algorithmId === EMPTY_STRING) && (("algorithmParams" in memberValue) === false)); case ENCRYPTED_KEY$1: return (memberValue.isEqual(KEKRecipientInfo.defaultValues(ENCRYPTED_KEY$1))); case PER_DEFINED_KEK: return (memberValue.byteLength === 0); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Integer({ name: (names.version || EMPTY_STRING) }), KEKIdentifier.schema(names.kekid || {}), AlgorithmIdentifier.schema(names.keyEncryptionAlgorithm || {}), new asn1js__namespace.OctetString({ name: (names.encryptedKey || EMPTY_STRING) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$q); const asn1 = asn1js__namespace.compareSchema(schema, schema, KEKRecipientInfo.schema({ names: { version: VERSION$a, kekid: { names: { blockName: KEK_ID } }, keyEncryptionAlgorithm: { names: { blockName: KEY_ENCRYPTION_ALGORITHM$1 } }, encryptedKey: ENCRYPTED_KEY$1 } })); AsnError.assertSchema(asn1, this.className); this.version = asn1.result.version.valueBlock.valueDec; this.kekid = new KEKIdentifier({ schema: asn1.result.kekid }); this.keyEncryptionAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.keyEncryptionAlgorithm }); this.encryptedKey = asn1.result.encryptedKey; } toSchema() { return (new asn1js__namespace.Sequence({ value: [ new asn1js__namespace.Integer({ value: this.version }), this.kekid.toSchema(), this.keyEncryptionAlgorithm.toSchema(), this.encryptedKey ] })); } toJSON() { return { version: this.version, kekid: this.kekid.toJSON(), keyEncryptionAlgorithm: this.keyEncryptionAlgorithm.toJSON(), encryptedKey: this.encryptedKey.toJSON(), }; } } KEKRecipientInfo.CLASS_NAME = "KEKRecipientInfo"; const VERSION$9 = "version"; const KEY_DERIVATION_ALGORITHM = "keyDerivationAlgorithm"; const KEY_ENCRYPTION_ALGORITHM = "keyEncryptionAlgorithm"; const ENCRYPTED_KEY = "encryptedKey"; const PASSWORD = "password"; const CLEAR_PROPS$p = [ VERSION$9, KEY_DERIVATION_ALGORITHM, KEY_ENCRYPTION_ALGORITHM, ENCRYPTED_KEY ]; class PasswordRecipientinfo extends PkiObject { constructor(parameters = {}) { super(); this.version = pvutils__namespace.getParametersValue(parameters, VERSION$9, PasswordRecipientinfo.defaultValues(VERSION$9)); if (KEY_DERIVATION_ALGORITHM in parameters) { this.keyDerivationAlgorithm = pvutils__namespace.getParametersValue(parameters, KEY_DERIVATION_ALGORITHM, PasswordRecipientinfo.defaultValues(KEY_DERIVATION_ALGORITHM)); } this.keyEncryptionAlgorithm = pvutils__namespace.getParametersValue(parameters, KEY_ENCRYPTION_ALGORITHM, PasswordRecipientinfo.defaultValues(KEY_ENCRYPTION_ALGORITHM)); this.encryptedKey = pvutils__namespace.getParametersValue(parameters, ENCRYPTED_KEY, PasswordRecipientinfo.defaultValues(ENCRYPTED_KEY)); this.password = pvutils__namespace.getParametersValue(parameters, PASSWORD, PasswordRecipientinfo.defaultValues(PASSWORD)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case VERSION$9: return (-1); case KEY_DERIVATION_ALGORITHM: return new AlgorithmIdentifier(); case KEY_ENCRYPTION_ALGORITHM: return new AlgorithmIdentifier(); case ENCRYPTED_KEY: return new asn1js__namespace.OctetString(); case PASSWORD: return EMPTY_BUFFER; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case VERSION$9: return (memberValue === (-1)); case KEY_DERIVATION_ALGORITHM: case KEY_ENCRYPTION_ALGORITHM: return ((memberValue.algorithmId === EMPTY_STRING) && (("algorithmParams" in memberValue) === false)); case ENCRYPTED_KEY: return (memberValue.isEqual(PasswordRecipientinfo.defaultValues(ENCRYPTED_KEY))); case PASSWORD: return (memberValue.byteLength === 0); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Integer({ name: (names.version || EMPTY_STRING) }), new asn1js__namespace.Constructed({ name: (names.keyDerivationAlgorithm || EMPTY_STRING), optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: AlgorithmIdentifier.schema().valueBlock.value }), AlgorithmIdentifier.schema(names.keyEncryptionAlgorithm || {}), new asn1js__namespace.OctetString({ name: (names.encryptedKey || EMPTY_STRING) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$p); const asn1 = asn1js__namespace.compareSchema(schema, schema, PasswordRecipientinfo.schema({ names: { version: VERSION$9, keyDerivationAlgorithm: KEY_DERIVATION_ALGORITHM, keyEncryptionAlgorithm: { names: { blockName: KEY_ENCRYPTION_ALGORITHM } }, encryptedKey: ENCRYPTED_KEY } })); AsnError.assertSchema(asn1, this.className); this.version = asn1.result.version.valueBlock.valueDec; if (KEY_DERIVATION_ALGORITHM in asn1.result) { this.keyDerivationAlgorithm = new AlgorithmIdentifier({ schema: new asn1js__namespace.Sequence({ value: asn1.result.keyDerivationAlgorithm.valueBlock.value }) }); } this.keyEncryptionAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.keyEncryptionAlgorithm }); this.encryptedKey = asn1.result.encryptedKey; } toSchema() { const outputArray = []; outputArray.push(new asn1js__namespace.Integer({ value: this.version })); if (this.keyDerivationAlgorithm) { outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: this.keyDerivationAlgorithm.toSchema().valueBlock.value })); } outputArray.push(this.keyEncryptionAlgorithm.toSchema()); outputArray.push(this.encryptedKey); return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const res = { version: this.version, keyEncryptionAlgorithm: this.keyEncryptionAlgorithm.toJSON(), encryptedKey: this.encryptedKey.toJSON(), }; if (this.keyDerivationAlgorithm) { res.keyDerivationAlgorithm = this.keyDerivationAlgorithm.toJSON(); } return res; } } PasswordRecipientinfo.CLASS_NAME = "PasswordRecipientInfo"; const ORI_TYPE = "oriType"; const ORI_VALUE = "oriValue"; const CLEAR_PROPS$o = [ ORI_TYPE, ORI_VALUE ]; class OtherRecipientInfo extends PkiObject { constructor(parameters = {}) { super(); this.oriType = pvutils__namespace.getParametersValue(parameters, ORI_TYPE, OtherRecipientInfo.defaultValues(ORI_TYPE)); this.oriValue = pvutils__namespace.getParametersValue(parameters, ORI_VALUE, OtherRecipientInfo.defaultValues(ORI_VALUE)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case ORI_TYPE: return EMPTY_STRING; case ORI_VALUE: return {}; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case ORI_TYPE: return (memberValue === EMPTY_STRING); case ORI_VALUE: return (Object.keys(memberValue).length === 0); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.ObjectIdentifier({ name: (names.oriType || EMPTY_STRING) }), new asn1js__namespace.Any({ name: (names.oriValue || EMPTY_STRING) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$o); const asn1 = asn1js__namespace.compareSchema(schema, schema, OtherRecipientInfo.schema({ names: { oriType: ORI_TYPE, oriValue: ORI_VALUE } })); AsnError.assertSchema(asn1, this.className); this.oriType = asn1.result.oriType.valueBlock.toString(); this.oriValue = asn1.result.oriValue; } toSchema() { return (new asn1js__namespace.Sequence({ value: [ new asn1js__namespace.ObjectIdentifier({ value: this.oriType }), this.oriValue ] })); } toJSON() { const res = { oriType: this.oriType }; if (!OtherRecipientInfo.compareWithDefault(ORI_VALUE, this.oriValue)) { res.oriValue = this.oriValue.toJSON(); } return res; } } OtherRecipientInfo.CLASS_NAME = "OtherRecipientInfo"; const VARIANT = "variant"; const VALUE = "value"; const CLEAR_PROPS$n = [ "blockName" ]; class RecipientInfo extends PkiObject { constructor(parameters = {}) { super(); this.variant = pvutils__namespace.getParametersValue(parameters, VARIANT, RecipientInfo.defaultValues(VARIANT)); if (VALUE in parameters) { this.value = pvutils__namespace.getParametersValue(parameters, VALUE, RecipientInfo.defaultValues(VALUE)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case VARIANT: return (-1); case VALUE: return {}; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case VARIANT: return (memberValue === RecipientInfo.defaultValues(memberName)); case VALUE: return (Object.keys(memberValue).length === 0); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Choice({ value: [ KeyTransRecipientInfo.schema({ names: { blockName: (names.blockName || EMPTY_STRING) } }), new asn1js__namespace.Constructed({ name: (names.blockName || EMPTY_STRING), idBlock: { tagClass: 3, tagNumber: 1 }, value: KeyAgreeRecipientInfo.schema().valueBlock.value }), new asn1js__namespace.Constructed({ name: (names.blockName || EMPTY_STRING), idBlock: { tagClass: 3, tagNumber: 2 }, value: KEKRecipientInfo.schema().valueBlock.value }), new asn1js__namespace.Constructed({ name: (names.blockName || EMPTY_STRING), idBlock: { tagClass: 3, tagNumber: 3 }, value: PasswordRecipientinfo.schema().valueBlock.value }), new asn1js__namespace.Constructed({ name: (names.blockName || EMPTY_STRING), idBlock: { tagClass: 3, tagNumber: 4 }, value: OtherRecipientInfo.schema().valueBlock.value }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$n); const asn1 = asn1js__namespace.compareSchema(schema, schema, RecipientInfo.schema({ names: { blockName: "blockName" } })); AsnError.assertSchema(asn1, this.className); if (asn1.result.blockName.idBlock.tagClass === 1) { this.variant = 1; this.value = new KeyTransRecipientInfo({ schema: asn1.result.blockName }); } else { const blockSequence = new asn1js__namespace.Sequence({ value: asn1.result.blockName.valueBlock.value }); switch (asn1.result.blockName.idBlock.tagNumber) { case 1: this.variant = 2; this.value = new KeyAgreeRecipientInfo({ schema: blockSequence }); break; case 2: this.variant = 3; this.value = new KEKRecipientInfo({ schema: blockSequence }); break; case 3: this.variant = 4; this.value = new PasswordRecipientinfo({ schema: blockSequence }); break; case 4: this.variant = 5; this.value = new OtherRecipientInfo({ schema: blockSequence }); break; default: throw new Error("Incorrect structure of RecipientInfo block"); } } } toSchema() { ParameterError.assertEmpty(this.value, "value", "RecipientInfo"); const _schema = this.value.toSchema(); switch (this.variant) { case 1: return _schema; case 2: case 3: case 4: _schema.idBlock.tagClass = 3; _schema.idBlock.tagNumber = (this.variant - 1); return _schema; default: return new asn1js__namespace.Any(); } } toJSON() { const res = { variant: this.variant }; if (this.value && (this.variant >= 1) && (this.variant <= 4)) { res.value = this.value.toJSON(); } return res; } } RecipientInfo.CLASS_NAME = "RecipientInfo"; const HASH_ALGORITHM$2 = "hashAlgorithm"; const MASK_GEN_ALGORITHM = "maskGenAlgorithm"; const P_SOURCE_ALGORITHM = "pSourceAlgorithm"; const CLEAR_PROPS$m = [ HASH_ALGORITHM$2, MASK_GEN_ALGORITHM, P_SOURCE_ALGORITHM ]; class RSAESOAEPParams extends PkiObject { constructor(parameters = {}) { super(); this.hashAlgorithm = pvutils__namespace.getParametersValue(parameters, HASH_ALGORITHM$2, RSAESOAEPParams.defaultValues(HASH_ALGORITHM$2)); this.maskGenAlgorithm = pvutils__namespace.getParametersValue(parameters, MASK_GEN_ALGORITHM, RSAESOAEPParams.defaultValues(MASK_GEN_ALGORITHM)); this.pSourceAlgorithm = pvutils__namespace.getParametersValue(parameters, P_SOURCE_ALGORITHM, RSAESOAEPParams.defaultValues(P_SOURCE_ALGORITHM)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case HASH_ALGORITHM$2: return new AlgorithmIdentifier({ algorithmId: "1.3.14.3.2.26", algorithmParams: new asn1js__namespace.Null() }); case MASK_GEN_ALGORITHM: return new AlgorithmIdentifier({ algorithmId: "1.2.840.113549.1.1.8", algorithmParams: (new AlgorithmIdentifier({ algorithmId: "1.3.14.3.2.26", algorithmParams: new asn1js__namespace.Null() })).toSchema() }); case P_SOURCE_ALGORITHM: return new AlgorithmIdentifier({ algorithmId: "1.2.840.113549.1.1.9", algorithmParams: new asn1js__namespace.OctetString({ valueHex: (new Uint8Array([0xda, 0x39, 0xa3, 0xee, 0x5e, 0x6b, 0x4b, 0x0d, 0x32, 0x55, 0xbf, 0xef, 0x95, 0x60, 0x18, 0x90, 0xaf, 0xd8, 0x07, 0x09])).buffer }) }); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, optional: true, value: [AlgorithmIdentifier.schema(names.hashAlgorithm || {})] }), new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 1 }, optional: true, value: [AlgorithmIdentifier.schema(names.maskGenAlgorithm || {})] }), new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 2 }, optional: true, value: [AlgorithmIdentifier.schema(names.pSourceAlgorithm || {})] }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$m); const asn1 = asn1js__namespace.compareSchema(schema, schema, RSAESOAEPParams.schema({ names: { hashAlgorithm: { names: { blockName: HASH_ALGORITHM$2 } }, maskGenAlgorithm: { names: { blockName: MASK_GEN_ALGORITHM } }, pSourceAlgorithm: { names: { blockName: P_SOURCE_ALGORITHM } } } })); AsnError.assertSchema(asn1, this.className); if (HASH_ALGORITHM$2 in asn1.result) this.hashAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.hashAlgorithm }); if (MASK_GEN_ALGORITHM in asn1.result) this.maskGenAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.maskGenAlgorithm }); if (P_SOURCE_ALGORITHM in asn1.result) this.pSourceAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.pSourceAlgorithm }); } toSchema() { const outputArray = []; if (!this.hashAlgorithm.isEqual(RSAESOAEPParams.defaultValues(HASH_ALGORITHM$2))) { outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: [this.hashAlgorithm.toSchema()] })); } if (!this.maskGenAlgorithm.isEqual(RSAESOAEPParams.defaultValues(MASK_GEN_ALGORITHM))) { outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 1 }, value: [this.maskGenAlgorithm.toSchema()] })); } if (!this.pSourceAlgorithm.isEqual(RSAESOAEPParams.defaultValues(P_SOURCE_ALGORITHM))) { outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 2 }, value: [this.pSourceAlgorithm.toSchema()] })); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const res = {}; if (!this.hashAlgorithm.isEqual(RSAESOAEPParams.defaultValues(HASH_ALGORITHM$2))) { res.hashAlgorithm = this.hashAlgorithm.toJSON(); } if (!this.maskGenAlgorithm.isEqual(RSAESOAEPParams.defaultValues(MASK_GEN_ALGORITHM))) { res.maskGenAlgorithm = this.maskGenAlgorithm.toJSON(); } if (!this.pSourceAlgorithm.isEqual(RSAESOAEPParams.defaultValues(P_SOURCE_ALGORITHM))) { res.pSourceAlgorithm = this.pSourceAlgorithm.toJSON(); } return res; } } RSAESOAEPParams.CLASS_NAME = "RSAESOAEPParams"; const KEY_INFO = "keyInfo"; const ENTITY_U_INFO = "entityUInfo"; const SUPP_PUB_INFO = "suppPubInfo"; const CLEAR_PROPS$l = [ KEY_INFO, ENTITY_U_INFO, SUPP_PUB_INFO ]; class ECCCMSSharedInfo extends PkiObject { constructor(parameters = {}) { super(); this.keyInfo = pvutils__namespace.getParametersValue(parameters, KEY_INFO, ECCCMSSharedInfo.defaultValues(KEY_INFO)); if (ENTITY_U_INFO in parameters) { this.entityUInfo = pvutils__namespace.getParametersValue(parameters, ENTITY_U_INFO, ECCCMSSharedInfo.defaultValues(ENTITY_U_INFO)); } this.suppPubInfo = pvutils__namespace.getParametersValue(parameters, SUPP_PUB_INFO, ECCCMSSharedInfo.defaultValues(SUPP_PUB_INFO)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case KEY_INFO: return new AlgorithmIdentifier(); case ENTITY_U_INFO: return new asn1js__namespace.OctetString(); case SUPP_PUB_INFO: return new asn1js__namespace.OctetString(); default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case KEY_INFO: case ENTITY_U_INFO: case SUPP_PUB_INFO: return (memberValue.isEqual(ECCCMSSharedInfo.defaultValues(memberName))); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ AlgorithmIdentifier.schema(names.keyInfo || {}), new asn1js__namespace.Constructed({ name: (names.entityUInfo || EMPTY_STRING), idBlock: { tagClass: 3, tagNumber: 0 }, optional: true, value: [new asn1js__namespace.OctetString()] }), new asn1js__namespace.Constructed({ name: (names.suppPubInfo || EMPTY_STRING), idBlock: { tagClass: 3, tagNumber: 2 }, value: [new asn1js__namespace.OctetString()] }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$l); const asn1 = asn1js__namespace.compareSchema(schema, schema, ECCCMSSharedInfo.schema({ names: { keyInfo: { names: { blockName: KEY_INFO } }, entityUInfo: ENTITY_U_INFO, suppPubInfo: SUPP_PUB_INFO } })); AsnError.assertSchema(asn1, this.className); this.keyInfo = new AlgorithmIdentifier({ schema: asn1.result.keyInfo }); if (ENTITY_U_INFO in asn1.result) this.entityUInfo = asn1.result.entityUInfo.valueBlock.value[0]; this.suppPubInfo = asn1.result.suppPubInfo.valueBlock.value[0]; } toSchema() { const outputArray = []; outputArray.push(this.keyInfo.toSchema()); if (this.entityUInfo) { outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: [this.entityUInfo] })); } outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 2 }, value: [this.suppPubInfo] })); return new asn1js__namespace.Sequence({ value: outputArray }); } toJSON() { const res = { keyInfo: this.keyInfo.toJSON(), suppPubInfo: this.suppPubInfo.toJSON(), }; if (this.entityUInfo) { res.entityUInfo = this.entityUInfo.toJSON(); } return res; } } ECCCMSSharedInfo.CLASS_NAME = "ECCCMSSharedInfo"; const VERSION$8 = "version"; const ORIGINATOR_INFO = "originatorInfo"; const RECIPIENT_INFOS = "recipientInfos"; const ENCRYPTED_CONTENT_INFO = "encryptedContentInfo"; const UNPROTECTED_ATTRS = "unprotectedAttrs"; const CLEAR_PROPS$k = [ VERSION$8, ORIGINATOR_INFO, RECIPIENT_INFOS, ENCRYPTED_CONTENT_INFO, UNPROTECTED_ATTRS ]; const defaultEncryptionParams = { kdfAlgorithm: "SHA-512", kekEncryptionLength: 256 }; const curveLengthByName = { "P-256": 256, "P-384": 384, "P-521": 528 }; class EnvelopedData extends PkiObject { constructor(parameters = {}) { super(); this.version = pvutils__namespace.getParametersValue(parameters, VERSION$8, EnvelopedData.defaultValues(VERSION$8)); if (ORIGINATOR_INFO in parameters) { this.originatorInfo = pvutils__namespace.getParametersValue(parameters, ORIGINATOR_INFO, EnvelopedData.defaultValues(ORIGINATOR_INFO)); } this.recipientInfos = pvutils__namespace.getParametersValue(parameters, RECIPIENT_INFOS, EnvelopedData.defaultValues(RECIPIENT_INFOS)); this.encryptedContentInfo = pvutils__namespace.getParametersValue(parameters, ENCRYPTED_CONTENT_INFO, EnvelopedData.defaultValues(ENCRYPTED_CONTENT_INFO)); if (UNPROTECTED_ATTRS in parameters) { this.unprotectedAttrs = pvutils__namespace.getParametersValue(parameters, UNPROTECTED_ATTRS, EnvelopedData.defaultValues(UNPROTECTED_ATTRS)); } this.policy = { disableSplit: !!parameters.disableSplit, }; if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case VERSION$8: return 0; case ORIGINATOR_INFO: return new OriginatorInfo(); case RECIPIENT_INFOS: return []; case ENCRYPTED_CONTENT_INFO: return new EncryptedContentInfo(); case UNPROTECTED_ATTRS: return []; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case VERSION$8: return (memberValue === EnvelopedData.defaultValues(memberName)); case ORIGINATOR_INFO: return ((memberValue.certs.certificates.length === 0) && (memberValue.crls.crls.length === 0)); case RECIPIENT_INFOS: case UNPROTECTED_ATTRS: return (memberValue.length === 0); case ENCRYPTED_CONTENT_INFO: return ((EncryptedContentInfo.compareWithDefault("contentType", memberValue.contentType)) && (EncryptedContentInfo.compareWithDefault("contentEncryptionAlgorithm", memberValue.contentEncryptionAlgorithm) && (EncryptedContentInfo.compareWithDefault("encryptedContent", memberValue.encryptedContent)))); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Integer({ name: (names.version || EMPTY_STRING) }), new asn1js__namespace.Constructed({ name: (names.originatorInfo || EMPTY_STRING), optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: OriginatorInfo.schema().valueBlock.value }), new asn1js__namespace.Set({ value: [ new asn1js__namespace.Repeated({ name: (names.recipientInfos || EMPTY_STRING), value: RecipientInfo.schema() }) ] }), EncryptedContentInfo.schema(names.encryptedContentInfo || {}), new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 1 }, value: [ new asn1js__namespace.Repeated({ name: (names.unprotectedAttrs || EMPTY_STRING), value: Attribute.schema() }) ] }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$k); const asn1 = asn1js__namespace.compareSchema(schema, schema, EnvelopedData.schema({ names: { version: VERSION$8, originatorInfo: ORIGINATOR_INFO, recipientInfos: RECIPIENT_INFOS, encryptedContentInfo: { names: { blockName: ENCRYPTED_CONTENT_INFO } }, unprotectedAttrs: UNPROTECTED_ATTRS } })); AsnError.assertSchema(asn1, this.className); this.version = asn1.result.version.valueBlock.valueDec; if (ORIGINATOR_INFO in asn1.result) { this.originatorInfo = new OriginatorInfo({ schema: new asn1js__namespace.Sequence({ value: asn1.result.originatorInfo.valueBlock.value }) }); } this.recipientInfos = Array.from(asn1.result.recipientInfos, o => new RecipientInfo({ schema: o })); this.encryptedContentInfo = new EncryptedContentInfo({ schema: asn1.result.encryptedContentInfo }); if (UNPROTECTED_ATTRS in asn1.result) this.unprotectedAttrs = Array.from(asn1.result.unprotectedAttrs, o => new Attribute({ schema: o })); } toSchema() { const outputArray = []; outputArray.push(new asn1js__namespace.Integer({ value: this.version })); if (this.originatorInfo) { outputArray.push(new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: this.originatorInfo.toSchema().valueBlock.value })); } outputArray.push(new asn1js__namespace.Set({ value: Array.from(this.recipientInfos, o => o.toSchema()) })); outputArray.push(this.encryptedContentInfo.toSchema()); if (this.unprotectedAttrs) { outputArray.push(new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 1 }, value: Array.from(this.unprotectedAttrs, o => o.toSchema()) })); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const res = { version: this.version, recipientInfos: Array.from(this.recipientInfos, o => o.toJSON()), encryptedContentInfo: this.encryptedContentInfo.toJSON(), }; if (this.originatorInfo) res.originatorInfo = this.originatorInfo.toJSON(); if (this.unprotectedAttrs) res.unprotectedAttrs = Array.from(this.unprotectedAttrs, o => o.toJSON()); return res; } addRecipientByCertificate(certificate, parameters, variant, crypto = getCrypto(true)) { const encryptionParameters = Object.assign({ useOAEP: true, oaepHashAlgorithm: "SHA-512" }, defaultEncryptionParams, parameters || {}); if (certificate.subjectPublicKeyInfo.algorithm.algorithmId.indexOf("1.2.840.113549") !== (-1)) variant = 1; else { if (certificate.subjectPublicKeyInfo.algorithm.algorithmId.indexOf("1.2.840.10045") !== (-1)) variant = 2; else throw new Error(`Unknown type of certificate's public key: ${certificate.subjectPublicKeyInfo.algorithm.algorithmId}`); } switch (variant) { case 1: { let algorithmId; let algorithmParams; if (encryptionParameters.useOAEP === true) { algorithmId = crypto.getOIDByAlgorithm({ name: "RSA-OAEP" }, true, "keyEncryptionAlgorithm"); const hashOID = crypto.getOIDByAlgorithm({ name: encryptionParameters.oaepHashAlgorithm }, true, "RSAES-OAEP-params"); const hashAlgorithm = new AlgorithmIdentifier({ algorithmId: hashOID, algorithmParams: new asn1js__namespace.Null() }); const rsaOAEPParams = new RSAESOAEPParams({ hashAlgorithm, maskGenAlgorithm: new AlgorithmIdentifier({ algorithmId: "1.2.840.113549.1.1.8", algorithmParams: hashAlgorithm.toSchema() }) }); algorithmParams = rsaOAEPParams.toSchema(); } else { algorithmId = crypto.getOIDByAlgorithm({ name: "RSAES-PKCS1-v1_5" }); if (algorithmId === EMPTY_STRING) throw new Error("Can not find OID for RSAES-PKCS1-v1_5"); algorithmParams = new asn1js__namespace.Null(); } const keyInfo = new KeyTransRecipientInfo({ version: 0, rid: new IssuerAndSerialNumber({ issuer: certificate.issuer, serialNumber: certificate.serialNumber }), keyEncryptionAlgorithm: new AlgorithmIdentifier({ algorithmId, algorithmParams }), recipientCertificate: certificate, }); this.recipientInfos.push(new RecipientInfo({ variant: 1, value: keyInfo })); } break; case 2: { const recipientIdentifier = new KeyAgreeRecipientIdentifier({ variant: 1, value: new IssuerAndSerialNumber({ issuer: certificate.issuer, serialNumber: certificate.serialNumber }) }); this._addKeyAgreeRecipientInfo(recipientIdentifier, encryptionParameters, { recipientCertificate: certificate }, crypto); } break; default: throw new Error(`Unknown "variant" value: ${variant}`); } return true; } addRecipientByPreDefinedData(preDefinedData, parameters = {}, variant, crypto = getCrypto(true)) { ArgumentError.assert(preDefinedData, "preDefinedData", "ArrayBuffer"); if (!preDefinedData.byteLength) { throw new Error("Pre-defined data could have zero length"); } if (!parameters.keyIdentifier) { const keyIdentifierBuffer = new ArrayBuffer(16); const keyIdentifierView = new Uint8Array(keyIdentifierBuffer); crypto.getRandomValues(keyIdentifierView); parameters.keyIdentifier = keyIdentifierBuffer; } if (!parameters.hmacHashAlgorithm) parameters.hmacHashAlgorithm = "SHA-512"; if (parameters.iterationCount === undefined) { parameters.iterationCount = 2048; } if (!parameters.keyEncryptionAlgorithm) { parameters.keyEncryptionAlgorithm = { name: "AES-KW", length: 256 }; } if (!parameters.keyEncryptionAlgorithmParams) parameters.keyEncryptionAlgorithmParams = new asn1js__namespace.Null(); switch (variant) { case 1: { const kekOID = crypto.getOIDByAlgorithm(parameters.keyEncryptionAlgorithm, true, "keyEncryptionAlgorithm"); const keyInfo = new KEKRecipientInfo({ version: 4, kekid: new KEKIdentifier({ keyIdentifier: new asn1js__namespace.OctetString({ valueHex: parameters.keyIdentifier }) }), keyEncryptionAlgorithm: new AlgorithmIdentifier({ algorithmId: kekOID, algorithmParams: parameters.keyEncryptionAlgorithmParams }), preDefinedKEK: preDefinedData }); this.recipientInfos.push(new RecipientInfo({ variant: 3, value: keyInfo })); } break; case 2: { const pbkdf2OID = crypto.getOIDByAlgorithm({ name: "PBKDF2" }, true, "keyDerivationAlgorithm"); const saltBuffer = new ArrayBuffer(64); const saltView = new Uint8Array(saltBuffer); crypto.getRandomValues(saltView); const hmacOID = crypto.getOIDByAlgorithm({ name: "HMAC", hash: { name: parameters.hmacHashAlgorithm } }, true, "hmacHashAlgorithm"); const pbkdf2Params = new PBKDF2Params({ salt: new asn1js__namespace.OctetString({ valueHex: saltBuffer }), iterationCount: parameters.iterationCount, prf: new AlgorithmIdentifier({ algorithmId: hmacOID, algorithmParams: new asn1js__namespace.Null() }) }); const kekOID = crypto.getOIDByAlgorithm(parameters.keyEncryptionAlgorithm, true, "keyEncryptionAlgorithm"); const keyInfo = new PasswordRecipientinfo({ version: 0, keyDerivationAlgorithm: new AlgorithmIdentifier({ algorithmId: pbkdf2OID, algorithmParams: pbkdf2Params.toSchema() }), keyEncryptionAlgorithm: new AlgorithmIdentifier({ algorithmId: kekOID, algorithmParams: parameters.keyEncryptionAlgorithmParams }), password: preDefinedData }); this.recipientInfos.push(new RecipientInfo({ variant: 4, value: keyInfo })); } break; default: throw new Error(`Unknown value for "variant": ${variant}`); } } addRecipientByKeyIdentifier(key, keyId, parameters, crypto = getCrypto(true)) { const encryptionParameters = Object.assign({}, defaultEncryptionParams, parameters || {}); const recipientIdentifier = new KeyAgreeRecipientIdentifier({ variant: 2, value: new RecipientKeyIdentifier({ subjectKeyIdentifier: new asn1js__namespace.OctetString({ valueHex: keyId }), }) }); this._addKeyAgreeRecipientInfo(recipientIdentifier, encryptionParameters, { recipientPublicKey: key }, crypto); } _addKeyAgreeRecipientInfo(recipientIdentifier, encryptionParameters, extraRecipientInfoParams, crypto = getCrypto(true)) { const encryptedKey = new RecipientEncryptedKey({ rid: recipientIdentifier }); const aesKWoid = crypto.getOIDByAlgorithm({ name: "AES-KW", length: encryptionParameters.kekEncryptionLength }, true, "keyEncryptionAlgorithm"); const aesKW = new AlgorithmIdentifier({ algorithmId: aesKWoid, }); const ecdhOID = crypto.getOIDByAlgorithm({ name: "ECDH", kdf: encryptionParameters.kdfAlgorithm }, true, "KeyAgreeRecipientInfo"); const ukmBuffer = new ArrayBuffer(64); const ukmView = new Uint8Array(ukmBuffer); crypto.getRandomValues(ukmView); const recipientInfoParams = { version: 3, ukm: new asn1js__namespace.OctetString({ valueHex: ukmBuffer }), keyEncryptionAlgorithm: new AlgorithmIdentifier({ algorithmId: ecdhOID, algorithmParams: aesKW.toSchema() }), recipientEncryptedKeys: new RecipientEncryptedKeys({ encryptedKeys: [encryptedKey] }) }; const keyInfo = new KeyAgreeRecipientInfo(Object.assign(recipientInfoParams, extraRecipientInfoParams)); this.recipientInfos.push(new RecipientInfo({ variant: 2, value: keyInfo })); } async encrypt(contentEncryptionAlgorithm, contentToEncrypt, crypto = getCrypto(true)) { const ivBuffer = new ArrayBuffer(16); const ivView = new Uint8Array(ivBuffer); crypto.getRandomValues(ivView); const contentView = new Uint8Array(contentToEncrypt); const contentEncryptionOID = crypto.getOIDByAlgorithm(contentEncryptionAlgorithm, true, "contentEncryptionAlgorithm"); const sessionKey = await crypto.generateKey(contentEncryptionAlgorithm, true, ["encrypt"]); const encryptedContent = await crypto.encrypt({ name: contentEncryptionAlgorithm.name, iv: ivView }, sessionKey, contentView); const exportedSessionKey = await crypto.exportKey("raw", sessionKey); this.version = 2; this.encryptedContentInfo = new EncryptedContentInfo({ disableSplit: this.policy.disableSplit, contentType: "1.2.840.113549.1.7.1", contentEncryptionAlgorithm: new AlgorithmIdentifier({ algorithmId: contentEncryptionOID, algorithmParams: new asn1js__namespace.OctetString({ valueHex: ivBuffer }) }), encryptedContent: new asn1js__namespace.OctetString({ valueHex: encryptedContent }) }); const SubKeyAgreeRecipientInfo = async (index) => { const recipientInfo = this.recipientInfos[index].value; let recipientCurve; let recipientPublicKey; if (recipientInfo.recipientPublicKey) { recipientCurve = recipientInfo.recipientPublicKey.algorithm.namedCurve; recipientPublicKey = recipientInfo.recipientPublicKey; } else if (recipientInfo.recipientCertificate) { const curveObject = recipientInfo.recipientCertificate.subjectPublicKeyInfo.algorithm.algorithmParams; if (curveObject.constructor.blockName() !== asn1js__namespace.ObjectIdentifier.blockName()) throw new Error(`Incorrect "recipientCertificate" for index ${index}`); const curveOID = curveObject.valueBlock.toString(); switch (curveOID) { case "1.2.840.10045.3.1.7": recipientCurve = "P-256"; break; case "1.3.132.0.34": recipientCurve = "P-384"; break; case "1.3.132.0.35": recipientCurve = "P-521"; break; default: throw new Error(`Incorrect curve OID for index ${index}`); } recipientPublicKey = await recipientInfo.recipientCertificate.getPublicKey({ algorithm: { algorithm: { name: "ECDH", namedCurve: recipientCurve }, usages: [] } }, crypto); } else { throw new Error("Unsupported RecipientInfo"); } const recipientCurveLength = curveLengthByName[recipientCurve]; const ecdhKeys = await crypto.generateKey({ name: "ECDH", namedCurve: recipientCurve }, true, ["deriveBits"]); const exportedECDHPublicKey = await crypto.exportKey("spki", ecdhKeys.publicKey); const derivedBits = await crypto.deriveBits({ name: "ECDH", public: recipientPublicKey }, ecdhKeys.privateKey, recipientCurveLength); const aesKWAlgorithm = new AlgorithmIdentifier({ schema: recipientInfo.keyEncryptionAlgorithm.algorithmParams }); const kwAlgorithm = crypto.getAlgorithmByOID(aesKWAlgorithm.algorithmId, true, "aesKWAlgorithm"); let kwLength = kwAlgorithm.length; const kwLengthBuffer = new ArrayBuffer(4); const kwLengthView = new Uint8Array(kwLengthBuffer); for (let j = 3; j >= 0; j--) { kwLengthView[j] = kwLength; kwLength >>= 8; } const eccInfo = new ECCCMSSharedInfo({ keyInfo: new AlgorithmIdentifier({ algorithmId: aesKWAlgorithm.algorithmId }), entityUInfo: recipientInfo.ukm, suppPubInfo: new asn1js__namespace.OctetString({ valueHex: kwLengthBuffer }) }); const encodedInfo = eccInfo.toSchema().toBER(false); const ecdhAlgorithm = crypto.getAlgorithmByOID(recipientInfo.keyEncryptionAlgorithm.algorithmId, true, "ecdhAlgorithm"); const derivedKeyRaw = await kdf(ecdhAlgorithm.kdf, derivedBits, kwAlgorithm.length, encodedInfo, crypto); const awsKW = await crypto.importKey("raw", derivedKeyRaw, { name: "AES-KW" }, true, ["wrapKey"]); const wrappedKey = await crypto.wrapKey("raw", sessionKey, awsKW, { name: "AES-KW" }); const originator = new OriginatorIdentifierOrKey(); originator.variant = 3; originator.value = OriginatorPublicKey.fromBER(exportedECDHPublicKey); recipientInfo.originator = originator; recipientInfo.recipientEncryptedKeys.encryptedKeys[0].encryptedKey = new asn1js__namespace.OctetString({ valueHex: wrappedKey }); return { ecdhPrivateKey: ecdhKeys.privateKey }; }; const SubKeyTransRecipientInfo = async (index) => { const recipientInfo = this.recipientInfos[index].value; const algorithmParameters = crypto.getAlgorithmByOID(recipientInfo.keyEncryptionAlgorithm.algorithmId, true, "keyEncryptionAlgorithm"); if (algorithmParameters.name === "RSA-OAEP") { const schema = recipientInfo.keyEncryptionAlgorithm.algorithmParams; const rsaOAEPParams = new RSAESOAEPParams({ schema }); algorithmParameters.hash = crypto.getAlgorithmByOID(rsaOAEPParams.hashAlgorithm.algorithmId); if (("name" in algorithmParameters.hash) === false) throw new Error(`Incorrect OID for hash algorithm: ${rsaOAEPParams.hashAlgorithm.algorithmId}`); } try { const publicKey = await recipientInfo.recipientCertificate.getPublicKey({ algorithm: { algorithm: algorithmParameters, usages: ["encrypt", "wrapKey"] } }, crypto); const encryptedKey = await crypto.encrypt(publicKey.algorithm, publicKey, exportedSessionKey); recipientInfo.encryptedKey = new asn1js__namespace.OctetString({ valueHex: encryptedKey }); } catch { } }; const SubKEKRecipientInfo = async (index) => { const recipientInfo = this.recipientInfos[index].value; const kekAlgorithm = crypto.getAlgorithmByOID(recipientInfo.keyEncryptionAlgorithm.algorithmId, true, "kekAlgorithm"); const kekKey = await crypto.importKey("raw", new Uint8Array(recipientInfo.preDefinedKEK), kekAlgorithm, true, ["wrapKey"]); const wrappedKey = await crypto.wrapKey("raw", sessionKey, kekKey, kekAlgorithm); recipientInfo.encryptedKey = new asn1js__namespace.OctetString({ valueHex: wrappedKey }); }; const SubPasswordRecipientinfo = async (index) => { const recipientInfo = this.recipientInfos[index].value; let pbkdf2Params; if (!recipientInfo.keyDerivationAlgorithm) throw new Error("Please append encoded \"keyDerivationAlgorithm\""); if (!recipientInfo.keyDerivationAlgorithm.algorithmParams) throw new Error("Incorrectly encoded \"keyDerivationAlgorithm\""); try { pbkdf2Params = new PBKDF2Params({ schema: recipientInfo.keyDerivationAlgorithm.algorithmParams }); } catch { throw new Error("Incorrectly encoded \"keyDerivationAlgorithm\""); } const passwordView = new Uint8Array(recipientInfo.password); const derivationKey = await crypto.importKey("raw", passwordView, "PBKDF2", false, ["deriveKey"]); const kekAlgorithm = crypto.getAlgorithmByOID(recipientInfo.keyEncryptionAlgorithm.algorithmId, true, "kekAlgorithm"); let hmacHashAlgorithm = "SHA-1"; if (pbkdf2Params.prf) { const prfAlgorithm = crypto.getAlgorithmByOID(pbkdf2Params.prf.algorithmId, true, "prfAlgorithm"); hmacHashAlgorithm = prfAlgorithm.hash.name; } const saltView = new Uint8Array(pbkdf2Params.salt.valueBlock.valueHex); const iterations = pbkdf2Params.iterationCount; const derivedKey = await crypto.deriveKey({ name: "PBKDF2", hash: { name: hmacHashAlgorithm }, salt: saltView, iterations }, derivationKey, kekAlgorithm, true, ["wrapKey"]); const wrappedKey = await crypto.wrapKey("raw", sessionKey, derivedKey, kekAlgorithm); recipientInfo.encryptedKey = new asn1js__namespace.OctetString({ valueHex: wrappedKey }); }; const res = []; for (let i = 0; i < this.recipientInfos.length; i++) { switch (this.recipientInfos[i].variant) { case 1: res.push(await SubKeyTransRecipientInfo(i)); break; case 2: res.push(await SubKeyAgreeRecipientInfo(i)); break; case 3: res.push(await SubKEKRecipientInfo(i)); break; case 4: res.push(await SubPasswordRecipientinfo(i)); break; default: throw new Error(`Unknown recipient type in array with index ${i}`); } } return res; } async decrypt(recipientIndex, parameters, crypto = getCrypto(true)) { const decryptionParameters = parameters || {}; if ((recipientIndex + 1) > this.recipientInfos.length) { throw new Error(`Maximum value for "index" is: ${this.recipientInfos.length - 1}`); } const SubKeyAgreeRecipientInfo = async (index) => { const recipientInfo = this.recipientInfos[index].value; let curveOID; let recipientCurve; let recipientCurveLength; const originator = recipientInfo.originator; if (decryptionParameters.recipientCertificate) { const curveObject = decryptionParameters.recipientCertificate.subjectPublicKeyInfo.algorithm.algorithmParams; if (curveObject.constructor.blockName() !== asn1js__namespace.ObjectIdentifier.blockName()) { throw new Error(`Incorrect "recipientCertificate" for index ${index}`); } curveOID = curveObject.valueBlock.toString(); } else if (originator.value.algorithm.algorithmParams) { const curveObject = originator.value.algorithm.algorithmParams; if (curveObject.constructor.blockName() !== asn1js__namespace.ObjectIdentifier.blockName()) { throw new Error(`Incorrect originator for index ${index}`); } curveOID = curveObject.valueBlock.toString(); } else { throw new Error("Parameter \"recipientCertificate\" is mandatory for \"KeyAgreeRecipientInfo\" if algorithm params are missing from originator"); } if (!decryptionParameters.recipientPrivateKey) throw new Error("Parameter \"recipientPrivateKey\" is mandatory for \"KeyAgreeRecipientInfo\""); switch (curveOID) { case "1.2.840.10045.3.1.7": recipientCurve = "P-256"; recipientCurveLength = 256; break; case "1.3.132.0.34": recipientCurve = "P-384"; recipientCurveLength = 384; break; case "1.3.132.0.35": recipientCurve = "P-521"; recipientCurveLength = 528; break; default: throw new Error(`Incorrect curve OID for index ${index}`); } let ecdhPrivateKey; let keyCrypto = crypto; if (pvtsutils.BufferSourceConverter.isBufferSource(decryptionParameters.recipientPrivateKey)) { ecdhPrivateKey = await crypto.importKey("pkcs8", decryptionParameters.recipientPrivateKey, { name: "ECDH", namedCurve: recipientCurve }, true, ["deriveBits"]); } else { ecdhPrivateKey = decryptionParameters.recipientPrivateKey; if ("crypto" in decryptionParameters && decryptionParameters.crypto) { keyCrypto = decryptionParameters.crypto.subtle; } } if (("algorithmParams" in originator.value.algorithm) === false) originator.value.algorithm.algorithmParams = new asn1js__namespace.ObjectIdentifier({ value: curveOID }); const buffer = originator.value.toSchema().toBER(false); const ecdhPublicKey = await crypto.importKey("spki", buffer, { name: "ECDH", namedCurve: recipientCurve }, true, []); const sharedSecret = await keyCrypto.deriveBits({ name: "ECDH", public: ecdhPublicKey }, ecdhPrivateKey, recipientCurveLength); async function applyKDF(includeAlgorithmParams) { includeAlgorithmParams = includeAlgorithmParams || false; const aesKWAlgorithm = new AlgorithmIdentifier({ schema: recipientInfo.keyEncryptionAlgorithm.algorithmParams }); const kwAlgorithm = crypto.getAlgorithmByOID(aesKWAlgorithm.algorithmId, true, "kwAlgorithm"); let kwLength = kwAlgorithm.length; const kwLengthBuffer = new ArrayBuffer(4); const kwLengthView = new Uint8Array(kwLengthBuffer); for (let j = 3; j >= 0; j--) { kwLengthView[j] = kwLength; kwLength >>= 8; } const keyInfoAlgorithm = { algorithmId: aesKWAlgorithm.algorithmId }; if (includeAlgorithmParams) { keyInfoAlgorithm.algorithmParams = new asn1js__namespace.Null(); } const eccInfo = new ECCCMSSharedInfo({ keyInfo: new AlgorithmIdentifier(keyInfoAlgorithm), entityUInfo: recipientInfo.ukm, suppPubInfo: new asn1js__namespace.OctetString({ valueHex: kwLengthBuffer }) }); const encodedInfo = eccInfo.toSchema().toBER(false); const ecdhAlgorithm = crypto.getAlgorithmByOID(recipientInfo.keyEncryptionAlgorithm.algorithmId, true, "ecdhAlgorithm"); if (!ecdhAlgorithm.name) { throw new Error(`Incorrect OID for key encryption algorithm: ${recipientInfo.keyEncryptionAlgorithm.algorithmId}`); } return kdf(ecdhAlgorithm.kdf, sharedSecret, kwAlgorithm.length, encodedInfo, crypto); } const kdfResult = await applyKDF(); const importAesKwKey = async (kdfResult) => { return crypto.importKey("raw", kdfResult, { name: "AES-KW" }, true, ["unwrapKey"]); }; const aesKwKey = await importAesKwKey(kdfResult); const unwrapSessionKey = async (aesKwKey) => { const algorithmId = this.encryptedContentInfo.contentEncryptionAlgorithm.algorithmId; const contentEncryptionAlgorithm = crypto.getAlgorithmByOID(algorithmId, true, "contentEncryptionAlgorithm"); return crypto.unwrapKey("raw", recipientInfo.recipientEncryptedKeys.encryptedKeys[0].encryptedKey.valueBlock.valueHexView, aesKwKey, { name: "AES-KW" }, contentEncryptionAlgorithm, true, ["decrypt"]); }; try { return await unwrapSessionKey(aesKwKey); } catch { const kdfResult = await applyKDF(true); const aesKwKey = await importAesKwKey(kdfResult); return unwrapSessionKey(aesKwKey); } }; const SubKeyTransRecipientInfo = async (index) => { const recipientInfo = this.recipientInfos[index].value; if (!decryptionParameters.recipientPrivateKey) { throw new Error("Parameter \"recipientPrivateKey\" is mandatory for \"KeyTransRecipientInfo\""); } const algorithmParameters = crypto.getAlgorithmByOID(recipientInfo.keyEncryptionAlgorithm.algorithmId, true, "keyEncryptionAlgorithm"); if (algorithmParameters.name === "RSA-OAEP") { const schema = recipientInfo.keyEncryptionAlgorithm.algorithmParams; const rsaOAEPParams = new RSAESOAEPParams({ schema }); algorithmParameters.hash = crypto.getAlgorithmByOID(rsaOAEPParams.hashAlgorithm.algorithmId); if (("name" in algorithmParameters.hash) === false) throw new Error(`Incorrect OID for hash algorithm: ${rsaOAEPParams.hashAlgorithm.algorithmId}`); } let privateKey; let keyCrypto = crypto; if (pvtsutils.BufferSourceConverter.isBufferSource(decryptionParameters.recipientPrivateKey)) { privateKey = await crypto.importKey("pkcs8", decryptionParameters.recipientPrivateKey, algorithmParameters, true, ["decrypt"]); } else { privateKey = decryptionParameters.recipientPrivateKey; if ("crypto" in decryptionParameters && decryptionParameters.crypto) { keyCrypto = decryptionParameters.crypto.subtle; } } const sessionKey = await keyCrypto.decrypt(privateKey.algorithm, privateKey, recipientInfo.encryptedKey.valueBlock.valueHexView); const algorithmId = this.encryptedContentInfo.contentEncryptionAlgorithm.algorithmId; const contentEncryptionAlgorithm = crypto.getAlgorithmByOID(algorithmId, true, "contentEncryptionAlgorithm"); if (("name" in contentEncryptionAlgorithm) === false) throw new Error(`Incorrect "contentEncryptionAlgorithm": ${algorithmId}`); return crypto.importKey("raw", sessionKey, contentEncryptionAlgorithm, true, ["decrypt"]); }; const SubKEKRecipientInfo = async (index) => { const recipientInfo = this.recipientInfos[index].value; if (!decryptionParameters.preDefinedData) throw new Error("Parameter \"preDefinedData\" is mandatory for \"KEKRecipientInfo\""); const kekAlgorithm = crypto.getAlgorithmByOID(recipientInfo.keyEncryptionAlgorithm.algorithmId, true, "kekAlgorithm"); const importedKey = await crypto.importKey("raw", decryptionParameters.preDefinedData, kekAlgorithm, true, ["unwrapKey"]); const algorithmId = this.encryptedContentInfo.contentEncryptionAlgorithm.algorithmId; const contentEncryptionAlgorithm = crypto.getAlgorithmByOID(algorithmId, true, "contentEncryptionAlgorithm"); if (!contentEncryptionAlgorithm.name) { throw new Error(`Incorrect "contentEncryptionAlgorithm": ${algorithmId}`); } return crypto.unwrapKey("raw", recipientInfo.encryptedKey.valueBlock.valueHexView, importedKey, kekAlgorithm, contentEncryptionAlgorithm, true, ["decrypt"]); }; const SubPasswordRecipientinfo = async (index) => { const recipientInfo = this.recipientInfos[index].value; let pbkdf2Params; if (!decryptionParameters.preDefinedData) { throw new Error("Parameter \"preDefinedData\" is mandatory for \"KEKRecipientInfo\""); } if (!recipientInfo.keyDerivationAlgorithm) { throw new Error("Please append encoded \"keyDerivationAlgorithm\""); } if (!recipientInfo.keyDerivationAlgorithm.algorithmParams) { throw new Error("Incorrectly encoded \"keyDerivationAlgorithm\""); } try { pbkdf2Params = new PBKDF2Params({ schema: recipientInfo.keyDerivationAlgorithm.algorithmParams }); } catch { throw new Error("Incorrectly encoded \"keyDerivationAlgorithm\""); } const pbkdf2Key = await crypto.importKey("raw", decryptionParameters.preDefinedData, "PBKDF2", false, ["deriveKey"]); const kekAlgorithm = crypto.getAlgorithmByOID(recipientInfo.keyEncryptionAlgorithm.algorithmId, true, "keyEncryptionAlgorithm"); const hmacHashAlgorithm = pbkdf2Params.prf ? crypto.getAlgorithmByOID(pbkdf2Params.prf.algorithmId, true, "prfAlgorithm").hash.name : "SHA-1"; const saltView = new Uint8Array(pbkdf2Params.salt.valueBlock.valueHex); const iterations = pbkdf2Params.iterationCount; const kekKey = await crypto.deriveKey({ name: "PBKDF2", hash: { name: hmacHashAlgorithm }, salt: saltView, iterations }, pbkdf2Key, kekAlgorithm, true, ["unwrapKey"]); const algorithmId = this.encryptedContentInfo.contentEncryptionAlgorithm.algorithmId; const contentEncryptionAlgorithm = crypto.getAlgorithmByOID(algorithmId, true, "contentEncryptionAlgorithm"); return crypto.unwrapKey("raw", recipientInfo.encryptedKey.valueBlock.valueHexView, kekKey, kekAlgorithm, contentEncryptionAlgorithm, true, ["decrypt"]); }; let unwrappedKey; switch (this.recipientInfos[recipientIndex].variant) { case 1: unwrappedKey = await SubKeyTransRecipientInfo(recipientIndex); break; case 2: unwrappedKey = await SubKeyAgreeRecipientInfo(recipientIndex); break; case 3: unwrappedKey = await SubKEKRecipientInfo(recipientIndex); break; case 4: unwrappedKey = await SubPasswordRecipientinfo(recipientIndex); break; default: throw new Error(`Unknown recipient type in array with index ${recipientIndex}`); } const algorithmId = this.encryptedContentInfo.contentEncryptionAlgorithm.algorithmId; const contentEncryptionAlgorithm = crypto.getAlgorithmByOID(algorithmId, true, "contentEncryptionAlgorithm"); const ivBuffer = this.encryptedContentInfo.contentEncryptionAlgorithm.algorithmParams.valueBlock.valueHex; const ivView = new Uint8Array(ivBuffer); if (!this.encryptedContentInfo.encryptedContent) { throw new Error("Required property `encryptedContent` is empty"); } const dataBuffer = this.encryptedContentInfo.getEncryptedContent(); return crypto.decrypt({ name: contentEncryptionAlgorithm.name, iv: ivView }, unwrappedKey, dataBuffer); } } EnvelopedData.CLASS_NAME = "EnvelopedData"; const SAFE_CONTENTS = "safeContents"; const PARSED_VALUE$1 = "parsedValue"; const CONTENT_INFOS = "contentInfos"; class AuthenticatedSafe extends PkiObject { constructor(parameters = {}) { super(); this.safeContents = pvutils__namespace.getParametersValue(parameters, SAFE_CONTENTS, AuthenticatedSafe.defaultValues(SAFE_CONTENTS)); if (PARSED_VALUE$1 in parameters) { this.parsedValue = pvutils__namespace.getParametersValue(parameters, PARSED_VALUE$1, AuthenticatedSafe.defaultValues(PARSED_VALUE$1)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case SAFE_CONTENTS: return []; case PARSED_VALUE$1: return {}; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case SAFE_CONTENTS: return (memberValue.length === 0); case PARSED_VALUE$1: return ((memberValue instanceof Object) && (Object.keys(memberValue).length === 0)); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Repeated({ name: (names.contentInfos || EMPTY_STRING), value: ContentInfo.schema() }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, [ CONTENT_INFOS ]); const asn1 = asn1js__namespace.compareSchema(schema, schema, AuthenticatedSafe.schema({ names: { contentInfos: CONTENT_INFOS } })); AsnError.assertSchema(asn1, this.className); this.safeContents = Array.from(asn1.result.contentInfos, element => new ContentInfo({ schema: element })); } toSchema() { return (new asn1js__namespace.Sequence({ value: Array.from(this.safeContents, o => o.toSchema()) })); } toJSON() { return { safeContents: Array.from(this.safeContents, o => o.toJSON()) }; } async parseInternalValues(parameters, crypto = getCrypto(true)) { ParameterError.assert(parameters, SAFE_CONTENTS); ArgumentError.assert(parameters.safeContents, SAFE_CONTENTS, "Array"); if (parameters.safeContents.length !== this.safeContents.length) { throw new ArgumentError("Length of \"parameters.safeContents\" must be equal to \"this.safeContents.length\""); } this.parsedValue = { safeContents: [], }; for (const [index, content] of this.safeContents.entries()) { const safeContent = parameters.safeContents[index]; const errorTarget = `parameters.safeContents[${index}]`; switch (content.contentType) { case id_ContentType_Data: { ArgumentError.assert(content.content, "this.safeContents[j].content", asn1js__namespace.OctetString); const authSafeContent = content.content.getValue(); this.parsedValue.safeContents.push({ privacyMode: 0, value: SafeContents.fromBER(authSafeContent) }); } break; case id_ContentType_EnvelopedData: { const cmsEnveloped = new EnvelopedData({ schema: content.content }); ParameterError.assert(errorTarget, safeContent, "recipientCertificate", "recipientKey"); const envelopedData = safeContent; const recipientCertificate = envelopedData.recipientCertificate; const recipientKey = envelopedData.recipientKey; const decrypted = await cmsEnveloped.decrypt(0, { recipientCertificate, recipientPrivateKey: recipientKey }, crypto); this.parsedValue.safeContents.push({ privacyMode: 2, value: SafeContents.fromBER(decrypted), }); } break; case id_ContentType_EncryptedData: { const cmsEncrypted = new EncryptedData({ schema: content.content }); ParameterError.assert(errorTarget, safeContent, "password"); const password = safeContent.password; const decrypted = await cmsEncrypted.decrypt({ password }, crypto); this.parsedValue.safeContents.push({ privacyMode: 1, value: SafeContents.fromBER(decrypted), }); } break; default: throw new Error(`Unknown "contentType" for AuthenticatedSafe: " ${content.contentType}`); } } } async makeInternalValues(parameters, crypto = getCrypto(true)) { if (!(this.parsedValue)) { throw new Error("Please run \"parseValues\" first or add \"parsedValue\" manually"); } ArgumentError.assert(this.parsedValue, "this.parsedValue", "object"); ArgumentError.assert(this.parsedValue.safeContents, "this.parsedValue.safeContents", "Array"); ArgumentError.assert(parameters, "parameters", "object"); ParameterError.assert(parameters, "safeContents"); ArgumentError.assert(parameters.safeContents, "parameters.safeContents", "Array"); if (parameters.safeContents.length !== this.parsedValue.safeContents.length) { throw new ArgumentError("Length of \"parameters.safeContents\" must be equal to \"this.parsedValue.safeContents\""); } this.safeContents = []; for (const [index, content] of this.parsedValue.safeContents.entries()) { ParameterError.assert("content", content, "privacyMode", "value"); ArgumentError.assert(content.value, "content.value", SafeContents); switch (content.privacyMode) { case 0: { const contentBuffer = content.value.toSchema().toBER(false); this.safeContents.push(new ContentInfo({ contentType: "1.2.840.113549.1.7.1", content: new asn1js__namespace.OctetString({ valueHex: contentBuffer }) })); } break; case 1: { const cmsEncrypted = new EncryptedData(); const currentParameters = parameters.safeContents[index]; currentParameters.contentToEncrypt = content.value.toSchema().toBER(false); await cmsEncrypted.encrypt(currentParameters, crypto); this.safeContents.push(new ContentInfo({ contentType: "1.2.840.113549.1.7.6", content: cmsEncrypted.toSchema() })); } break; case 2: { const cmsEnveloped = new EnvelopedData(); const contentToEncrypt = content.value.toSchema().toBER(false); const safeContent = parameters.safeContents[index]; ParameterError.assert(`parameters.safeContents[${index}]`, safeContent, "encryptingCertificate", "encryptionAlgorithm"); switch (true) { case (safeContent.encryptionAlgorithm.name.toLowerCase() === "aes-cbc"): case (safeContent.encryptionAlgorithm.name.toLowerCase() === "aes-gcm"): break; default: throw new Error(`Incorrect parameter "encryptionAlgorithm" in "parameters.safeContents[i]": ${safeContent.encryptionAlgorithm}`); } switch (true) { case (safeContent.encryptionAlgorithm.length === 128): case (safeContent.encryptionAlgorithm.length === 192): case (safeContent.encryptionAlgorithm.length === 256): break; default: throw new Error(`Incorrect parameter "encryptionAlgorithm.length" in "parameters.safeContents[i]": ${safeContent.encryptionAlgorithm.length}`); } const encryptionAlgorithm = safeContent.encryptionAlgorithm; cmsEnveloped.addRecipientByCertificate(safeContent.encryptingCertificate, {}, undefined, crypto); await cmsEnveloped.encrypt(encryptionAlgorithm, contentToEncrypt, crypto); this.safeContents.push(new ContentInfo({ contentType: "1.2.840.113549.1.7.3", content: cmsEnveloped.toSchema() })); } break; default: throw new Error(`Incorrect value for "content.privacyMode": ${content.privacyMode}`); } } return this; } } AuthenticatedSafe.CLASS_NAME = "AuthenticatedSafe"; const HASH_ALGORITHM$1 = "hashAlgorithm"; const ISSUER_NAME_HASH = "issuerNameHash"; const ISSUER_KEY_HASH = "issuerKeyHash"; const SERIAL_NUMBER$1 = "serialNumber"; const CLEAR_PROPS$j = [ HASH_ALGORITHM$1, ISSUER_NAME_HASH, ISSUER_KEY_HASH, SERIAL_NUMBER$1, ]; class CertID extends PkiObject { static async create(certificate, parameters, crypto = getCrypto(true)) { const certID = new CertID(); await certID.createForCertificate(certificate, parameters, crypto); return certID; } constructor(parameters = {}) { super(); this.hashAlgorithm = pvutils__namespace.getParametersValue(parameters, HASH_ALGORITHM$1, CertID.defaultValues(HASH_ALGORITHM$1)); this.issuerNameHash = pvutils__namespace.getParametersValue(parameters, ISSUER_NAME_HASH, CertID.defaultValues(ISSUER_NAME_HASH)); this.issuerKeyHash = pvutils__namespace.getParametersValue(parameters, ISSUER_KEY_HASH, CertID.defaultValues(ISSUER_KEY_HASH)); this.serialNumber = pvutils__namespace.getParametersValue(parameters, SERIAL_NUMBER$1, CertID.defaultValues(SERIAL_NUMBER$1)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case HASH_ALGORITHM$1: return new AlgorithmIdentifier(); case ISSUER_NAME_HASH: case ISSUER_KEY_HASH: return new asn1js__namespace.OctetString(); case SERIAL_NUMBER$1: return new asn1js__namespace.Integer(); default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case HASH_ALGORITHM$1: return ((memberValue.algorithmId === EMPTY_STRING) && (("algorithmParams" in memberValue) === false)); case ISSUER_NAME_HASH: case ISSUER_KEY_HASH: case SERIAL_NUMBER$1: return (memberValue.isEqual(CertID.defaultValues(SERIAL_NUMBER$1))); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ AlgorithmIdentifier.schema(names.hashAlgorithmObject || { names: { blockName: (names.hashAlgorithm || EMPTY_STRING) } }), new asn1js__namespace.OctetString({ name: (names.issuerNameHash || EMPTY_STRING) }), new asn1js__namespace.OctetString({ name: (names.issuerKeyHash || EMPTY_STRING) }), new asn1js__namespace.Integer({ name: (names.serialNumber || EMPTY_STRING) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$j); const asn1 = asn1js__namespace.compareSchema(schema, schema, CertID.schema({ names: { hashAlgorithm: HASH_ALGORITHM$1, issuerNameHash: ISSUER_NAME_HASH, issuerKeyHash: ISSUER_KEY_HASH, serialNumber: SERIAL_NUMBER$1 } })); AsnError.assertSchema(asn1, this.className); this.hashAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.hashAlgorithm }); this.issuerNameHash = asn1.result.issuerNameHash; this.issuerKeyHash = asn1.result.issuerKeyHash; this.serialNumber = asn1.result.serialNumber; } toSchema() { return (new asn1js__namespace.Sequence({ value: [ this.hashAlgorithm.toSchema(), this.issuerNameHash, this.issuerKeyHash, this.serialNumber ] })); } toJSON() { return { hashAlgorithm: this.hashAlgorithm.toJSON(), issuerNameHash: this.issuerNameHash.toJSON(), issuerKeyHash: this.issuerKeyHash.toJSON(), serialNumber: this.serialNumber.toJSON(), }; } isEqual(certificateID) { if (this.hashAlgorithm.algorithmId !== certificateID.hashAlgorithm.algorithmId) { return false; } if (!pvtsutils__namespace.BufferSourceConverter.isEqual(this.issuerNameHash.valueBlock.valueHexView, certificateID.issuerNameHash.valueBlock.valueHexView)) { return false; } if (!pvtsutils__namespace.BufferSourceConverter.isEqual(this.issuerKeyHash.valueBlock.valueHexView, certificateID.issuerKeyHash.valueBlock.valueHexView)) { return false; } if (!this.serialNumber.isEqual(certificateID.serialNumber)) { return false; } return true; } async createForCertificate(certificate, parameters, crypto = getCrypto(true)) { ParameterError.assert(parameters, HASH_ALGORITHM$1, "issuerCertificate"); const hashOID = crypto.getOIDByAlgorithm({ name: parameters.hashAlgorithm }, true, "hashAlgorithm"); this.hashAlgorithm = new AlgorithmIdentifier({ algorithmId: hashOID, algorithmParams: new asn1js__namespace.Null() }); const issuerCertificate = parameters.issuerCertificate; this.serialNumber = certificate.serialNumber; const hashIssuerName = await crypto.digest({ name: parameters.hashAlgorithm }, issuerCertificate.subject.toSchema().toBER(false)); this.issuerNameHash = new asn1js__namespace.OctetString({ valueHex: hashIssuerName }); const issuerKeyBuffer = issuerCertificate.subjectPublicKeyInfo.subjectPublicKey.valueBlock.valueHexView; const hashIssuerKey = await crypto.digest({ name: parameters.hashAlgorithm }, issuerKeyBuffer); this.issuerKeyHash = new asn1js__namespace.OctetString({ valueHex: hashIssuerKey }); } } CertID.CLASS_NAME = "CertID"; const CERT_ID = "certID"; const CERT_STATUS = "certStatus"; const THIS_UPDATE = "thisUpdate"; const NEXT_UPDATE = "nextUpdate"; const SINGLE_EXTENSIONS = "singleExtensions"; const CLEAR_PROPS$i = [ CERT_ID, CERT_STATUS, THIS_UPDATE, NEXT_UPDATE, SINGLE_EXTENSIONS, ]; class SingleResponse extends PkiObject { constructor(parameters = {}) { super(); this.certID = pvutils__namespace.getParametersValue(parameters, CERT_ID, SingleResponse.defaultValues(CERT_ID)); this.certStatus = pvutils__namespace.getParametersValue(parameters, CERT_STATUS, SingleResponse.defaultValues(CERT_STATUS)); this.thisUpdate = pvutils__namespace.getParametersValue(parameters, THIS_UPDATE, SingleResponse.defaultValues(THIS_UPDATE)); if (NEXT_UPDATE in parameters) { this.nextUpdate = pvutils__namespace.getParametersValue(parameters, NEXT_UPDATE, SingleResponse.defaultValues(NEXT_UPDATE)); } if (SINGLE_EXTENSIONS in parameters) { this.singleExtensions = pvutils__namespace.getParametersValue(parameters, SINGLE_EXTENSIONS, SingleResponse.defaultValues(SINGLE_EXTENSIONS)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case CERT_ID: return new CertID(); case CERT_STATUS: return {}; case THIS_UPDATE: case NEXT_UPDATE: return new Date(0, 0, 0); case SINGLE_EXTENSIONS: return []; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case CERT_ID: return ((CertID.compareWithDefault("hashAlgorithm", memberValue.hashAlgorithm)) && (CertID.compareWithDefault("issuerNameHash", memberValue.issuerNameHash)) && (CertID.compareWithDefault("issuerKeyHash", memberValue.issuerKeyHash)) && (CertID.compareWithDefault("serialNumber", memberValue.serialNumber))); case CERT_STATUS: return (Object.keys(memberValue).length === 0); case THIS_UPDATE: case NEXT_UPDATE: return (memberValue === SingleResponse.defaultValues(memberName)); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ CertID.schema(names.certID || {}), new asn1js__namespace.Choice({ value: [ new asn1js__namespace.Primitive({ name: (names.certStatus || EMPTY_STRING), idBlock: { tagClass: 3, tagNumber: 0 }, }), new asn1js__namespace.Constructed({ name: (names.certStatus || EMPTY_STRING), idBlock: { tagClass: 3, tagNumber: 1 }, value: [ new asn1js__namespace.GeneralizedTime(), new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: [new asn1js__namespace.Enumerated()] }) ] }), new asn1js__namespace.Primitive({ name: (names.certStatus || EMPTY_STRING), idBlock: { tagClass: 3, tagNumber: 2 }, lenBlock: { length: 1 } }) ] }), new asn1js__namespace.GeneralizedTime({ name: (names.thisUpdate || EMPTY_STRING) }), new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: [new asn1js__namespace.GeneralizedTime({ name: (names.nextUpdate || EMPTY_STRING) })] }), new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 1 }, value: [Extensions.schema(names.singleExtensions || {})] }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$i); const asn1 = asn1js__namespace.compareSchema(schema, schema, SingleResponse.schema({ names: { certID: { names: { blockName: CERT_ID } }, certStatus: CERT_STATUS, thisUpdate: THIS_UPDATE, nextUpdate: NEXT_UPDATE, singleExtensions: { names: { blockName: SINGLE_EXTENSIONS } } } })); AsnError.assertSchema(asn1, this.className); this.certID = new CertID({ schema: asn1.result.certID }); this.certStatus = asn1.result.certStatus; this.thisUpdate = asn1.result.thisUpdate.toDate(); if (NEXT_UPDATE in asn1.result) this.nextUpdate = asn1.result.nextUpdate.toDate(); if (SINGLE_EXTENSIONS in asn1.result) this.singleExtensions = Array.from(asn1.result.singleExtensions.valueBlock.value, element => new Extension({ schema: element })); } toSchema() { const outputArray = []; outputArray.push(this.certID.toSchema()); outputArray.push(this.certStatus); outputArray.push(new asn1js__namespace.GeneralizedTime({ valueDate: this.thisUpdate })); if (this.nextUpdate) { outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: [new asn1js__namespace.GeneralizedTime({ valueDate: this.nextUpdate })] })); } if (this.singleExtensions) { outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 1 }, value: [new asn1js__namespace.Sequence({ value: Array.from(this.singleExtensions, o => o.toSchema()) })] })); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const res = { certID: this.certID.toJSON(), certStatus: this.certStatus.toJSON(), thisUpdate: this.thisUpdate }; if (this.nextUpdate) { res.nextUpdate = this.nextUpdate; } if (this.singleExtensions) { res.singleExtensions = Array.from(this.singleExtensions, o => o.toJSON()); } return res; } } SingleResponse.CLASS_NAME = "SingleResponse"; const TBS$2 = "tbs"; const VERSION$7 = "version"; const RESPONDER_ID = "responderID"; const PRODUCED_AT = "producedAt"; const RESPONSES = "responses"; const RESPONSE_EXTENSIONS = "responseExtensions"; const RESPONSE_DATA = "ResponseData"; const RESPONSE_DATA_VERSION = `${RESPONSE_DATA}.${VERSION$7}`; const RESPONSE_DATA_RESPONDER_ID = `${RESPONSE_DATA}.${RESPONDER_ID}`; const RESPONSE_DATA_PRODUCED_AT = `${RESPONSE_DATA}.${PRODUCED_AT}`; const RESPONSE_DATA_RESPONSES = `${RESPONSE_DATA}.${RESPONSES}`; const RESPONSE_DATA_RESPONSE_EXTENSIONS = `${RESPONSE_DATA}.${RESPONSE_EXTENSIONS}`; const CLEAR_PROPS$h = [ RESPONSE_DATA, RESPONSE_DATA_VERSION, RESPONSE_DATA_RESPONDER_ID, RESPONSE_DATA_PRODUCED_AT, RESPONSE_DATA_RESPONSES, RESPONSE_DATA_RESPONSE_EXTENSIONS ]; class ResponseData extends PkiObject { get tbs() { return pvtsutils__namespace.BufferSourceConverter.toArrayBuffer(this.tbsView); } set tbs(value) { this.tbsView = new Uint8Array(value); } constructor(parameters = {}) { super(); this.tbsView = new Uint8Array(pvutils__namespace.getParametersValue(parameters, TBS$2, ResponseData.defaultValues(TBS$2))); if (VERSION$7 in parameters) { this.version = pvutils__namespace.getParametersValue(parameters, VERSION$7, ResponseData.defaultValues(VERSION$7)); } this.responderID = pvutils__namespace.getParametersValue(parameters, RESPONDER_ID, ResponseData.defaultValues(RESPONDER_ID)); this.producedAt = pvutils__namespace.getParametersValue(parameters, PRODUCED_AT, ResponseData.defaultValues(PRODUCED_AT)); this.responses = pvutils__namespace.getParametersValue(parameters, RESPONSES, ResponseData.defaultValues(RESPONSES)); if (RESPONSE_EXTENSIONS in parameters) { this.responseExtensions = pvutils__namespace.getParametersValue(parameters, RESPONSE_EXTENSIONS, ResponseData.defaultValues(RESPONSE_EXTENSIONS)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case VERSION$7: return 0; case TBS$2: return EMPTY_BUFFER; case RESPONDER_ID: return {}; case PRODUCED_AT: return new Date(0, 0, 0); case RESPONSES: case RESPONSE_EXTENSIONS: return []; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case TBS$2: return (memberValue.byteLength === 0); case RESPONDER_ID: return (Object.keys(memberValue).length === 0); case PRODUCED_AT: return (memberValue === ResponseData.defaultValues(memberName)); case RESPONSES: case RESPONSE_EXTENSIONS: return (memberValue.length === 0); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || RESPONSE_DATA), value: [ new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: [new asn1js__namespace.Integer({ name: (names.version || RESPONSE_DATA_VERSION) })] }), new asn1js__namespace.Choice({ value: [ new asn1js__namespace.Constructed({ name: (names.responderID || RESPONSE_DATA_RESPONDER_ID), idBlock: { tagClass: 3, tagNumber: 1 }, value: [RelativeDistinguishedNames.schema(names.ResponseDataByName || { names: { blockName: "ResponseData.byName" } })] }), new asn1js__namespace.Constructed({ name: (names.responderID || RESPONSE_DATA_RESPONDER_ID), idBlock: { tagClass: 3, tagNumber: 2 }, value: [new asn1js__namespace.OctetString({ name: (names.ResponseDataByKey || "ResponseData.byKey") })] }) ] }), new asn1js__namespace.GeneralizedTime({ name: (names.producedAt || RESPONSE_DATA_PRODUCED_AT) }), new asn1js__namespace.Sequence({ value: [ new asn1js__namespace.Repeated({ name: RESPONSE_DATA_RESPONSES, value: SingleResponse.schema(names.response || {}) }) ] }), new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 1 }, value: [Extensions.schema(names.extensions || { names: { blockName: RESPONSE_DATA_RESPONSE_EXTENSIONS } })] }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$h); const asn1 = asn1js__namespace.compareSchema(schema, schema, ResponseData.schema()); AsnError.assertSchema(asn1, this.className); this.tbsView = asn1.result.ResponseData.valueBeforeDecodeView; if (RESPONSE_DATA_VERSION in asn1.result) this.version = asn1.result[RESPONSE_DATA_VERSION].valueBlock.valueDec; if (asn1.result[RESPONSE_DATA_RESPONDER_ID].idBlock.tagNumber === 1) this.responderID = new RelativeDistinguishedNames({ schema: asn1.result[RESPONSE_DATA_RESPONDER_ID].valueBlock.value[0] }); else this.responderID = asn1.result[RESPONSE_DATA_RESPONDER_ID].valueBlock.value[0]; this.producedAt = asn1.result[RESPONSE_DATA_PRODUCED_AT].toDate(); this.responses = Array.from(asn1.result[RESPONSE_DATA_RESPONSES], element => new SingleResponse({ schema: element })); if (RESPONSE_DATA_RESPONSE_EXTENSIONS in asn1.result) this.responseExtensions = Array.from(asn1.result[RESPONSE_DATA_RESPONSE_EXTENSIONS].valueBlock.value, element => new Extension({ schema: element })); } toSchema(encodeFlag = false) { let tbsSchema; if (encodeFlag === false) { if (!this.tbsView.byteLength) { return ResponseData.schema(); } const asn1 = asn1js__namespace.fromBER(this.tbsView); AsnError.assert(asn1, "TBS Response Data"); tbsSchema = asn1.result; } else { const outputArray = []; if (VERSION$7 in this) { outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: [new asn1js__namespace.Integer({ value: this.version })] })); } if (this.responderID instanceof RelativeDistinguishedNames) { outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 1 }, value: [this.responderID.toSchema()] })); } else { outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 2 }, value: [this.responderID] })); } outputArray.push(new asn1js__namespace.GeneralizedTime({ valueDate: this.producedAt })); outputArray.push(new asn1js__namespace.Sequence({ value: Array.from(this.responses, o => o.toSchema()) })); if (this.responseExtensions) { outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 1 }, value: [new asn1js__namespace.Sequence({ value: Array.from(this.responseExtensions, o => o.toSchema()) })] })); } tbsSchema = new asn1js__namespace.Sequence({ value: outputArray }); } return tbsSchema; } toJSON() { const res = {}; if (VERSION$7 in this) { res.version = this.version; } if (this.responderID) { res.responderID = this.responderID; } if (this.producedAt) { res.producedAt = this.producedAt; } if (this.responses) { res.responses = Array.from(this.responses, o => o.toJSON()); } if (this.responseExtensions) { res.responseExtensions = Array.from(this.responseExtensions, o => o.toJSON()); } return res; } } ResponseData.CLASS_NAME = "ResponseData"; const TRUSTED_CERTS = "trustedCerts"; const CERTS$2 = "certs"; const CRLS$1 = "crls"; const OCSPS$1 = "ocsps"; const CHECK_DATE = "checkDate"; const FIND_ORIGIN = "findOrigin"; const FIND_ISSUER = "findIssuer"; exports.ChainValidationCode = void 0; (function (ChainValidationCode) { ChainValidationCode[ChainValidationCode["unknown"] = -1] = "unknown"; ChainValidationCode[ChainValidationCode["success"] = 0] = "success"; ChainValidationCode[ChainValidationCode["noRevocation"] = 11] = "noRevocation"; ChainValidationCode[ChainValidationCode["noPath"] = 60] = "noPath"; ChainValidationCode[ChainValidationCode["noValidPath"] = 97] = "noValidPath"; })(exports.ChainValidationCode || (exports.ChainValidationCode = {})); class ChainValidationError extends Error { constructor(code, message) { super(message); this.name = ChainValidationError.NAME; this.code = code; this.message = message; } } ChainValidationError.NAME = "ChainValidationError"; function isTrusted(cert, trustedList) { for (let i = 0; i < trustedList.length; i++) { if (pvtsutils__namespace.BufferSourceConverter.isEqual(cert.tbsView, trustedList[i].tbsView)) { return true; } } return false; } class CertificateChainValidationEngine { constructor(parameters = {}) { this.trustedCerts = pvutils__namespace.getParametersValue(parameters, TRUSTED_CERTS, this.defaultValues(TRUSTED_CERTS)); this.certs = pvutils__namespace.getParametersValue(parameters, CERTS$2, this.defaultValues(CERTS$2)); this.crls = pvutils__namespace.getParametersValue(parameters, CRLS$1, this.defaultValues(CRLS$1)); this.ocsps = pvutils__namespace.getParametersValue(parameters, OCSPS$1, this.defaultValues(OCSPS$1)); this.checkDate = pvutils__namespace.getParametersValue(parameters, CHECK_DATE, this.defaultValues(CHECK_DATE)); this.findOrigin = pvutils__namespace.getParametersValue(parameters, FIND_ORIGIN, this.defaultValues(FIND_ORIGIN)); this.findIssuer = pvutils__namespace.getParametersValue(parameters, FIND_ISSUER, this.defaultValues(FIND_ISSUER)); } static defaultFindOrigin(certificate, validationEngine) { if (certificate.tbsView.byteLength === 0) { certificate.tbsView = new Uint8Array(certificate.encodeTBS().toBER()); } for (const localCert of validationEngine.certs) { if (localCert.tbsView.byteLength === 0) { localCert.tbsView = new Uint8Array(localCert.encodeTBS().toBER()); } if (pvtsutils__namespace.BufferSourceConverter.isEqual(certificate.tbsView, localCert.tbsView)) return "Intermediate Certificates"; } for (const trustedCert of validationEngine.trustedCerts) { if (trustedCert.tbsView.byteLength === 0) trustedCert.tbsView = new Uint8Array(trustedCert.encodeTBS().toBER()); if (pvtsutils__namespace.BufferSourceConverter.isEqual(certificate.tbsView, trustedCert.tbsView)) return "Trusted Certificates"; } return "Unknown"; } async defaultFindIssuer(certificate, validationEngine, crypto = getCrypto(true)) { const result = []; let keyIdentifier = null; let authorityCertIssuer = null; let authorityCertSerialNumber = null; if (certificate.subject.isEqual(certificate.issuer)) { try { const verificationResult = await certificate.verify(undefined, crypto); if (verificationResult) { return [certificate]; } } catch { } } if (certificate.extensions) { for (const extension of certificate.extensions) { if (extension.extnID === id_AuthorityKeyIdentifier && extension.parsedValue instanceof AuthorityKeyIdentifier) { if (extension.parsedValue.keyIdentifier) { keyIdentifier = extension.parsedValue.keyIdentifier; } else { if (extension.parsedValue.authorityCertIssuer) { authorityCertIssuer = extension.parsedValue.authorityCertIssuer; } if (extension.parsedValue.authorityCertSerialNumber) { authorityCertSerialNumber = extension.parsedValue.authorityCertSerialNumber; } } break; } } } function checkCertificate(possibleIssuer) { if (keyIdentifier !== null) { if (possibleIssuer.extensions) { let extensionFound = false; for (const extension of possibleIssuer.extensions) { if (extension.extnID === id_SubjectKeyIdentifier && extension.parsedValue) { extensionFound = true; if (pvtsutils__namespace.BufferSourceConverter.isEqual(extension.parsedValue.valueBlock.valueHex, keyIdentifier.valueBlock.valueHexView)) { result.push(possibleIssuer); } break; } } if (extensionFound) { return; } } } let authorityCertSerialNumberEqual = false; if (authorityCertSerialNumber !== null) authorityCertSerialNumberEqual = possibleIssuer.serialNumber.isEqual(authorityCertSerialNumber); if (authorityCertIssuer !== null) { if (possibleIssuer.subject.isEqual(authorityCertIssuer)) { if (authorityCertSerialNumberEqual) result.push(possibleIssuer); } } else { if (certificate.issuer.isEqual(possibleIssuer.subject)) result.push(possibleIssuer); } } for (const trustedCert of validationEngine.trustedCerts) { checkCertificate(trustedCert); } for (const intermediateCert of validationEngine.certs) { checkCertificate(intermediateCert); } for (let i = result.length - 1; i >= 0; i--) { try { const verificationResult = await certificate.verify(result[i], crypto); if (verificationResult === false) result.splice(i, 1); } catch { result.splice(i, 1); } } return result; } defaultValues(memberName) { switch (memberName) { case TRUSTED_CERTS: return []; case CERTS$2: return []; case CRLS$1: return []; case OCSPS$1: return []; case CHECK_DATE: return new Date(); case FIND_ORIGIN: return CertificateChainValidationEngine.defaultFindOrigin; case FIND_ISSUER: return this.defaultFindIssuer; default: throw new Error(`Invalid member name for CertificateChainValidationEngine class: ${memberName}`); } } async sort(passedWhenNotRevValues = false, crypto = getCrypto(true)) { const localCerts = []; const buildPath = async (certificate, crypto) => { const result = []; function checkUnique(array) { let unique = true; for (let i = 0; i < array.length; i++) { for (let j = 0; j < array.length; j++) { if (j === i) continue; if (array[i] === array[j]) { unique = false; break; } } if (!unique) break; } return unique; } if (isTrusted(certificate, this.trustedCerts)) { return [[certificate]]; } const findIssuerResult = await this.findIssuer(certificate, this, crypto); if (findIssuerResult.length === 0) { throw new Error("No valid certificate paths found"); } for (let i = 0; i < findIssuerResult.length; i++) { if (pvtsutils__namespace.BufferSourceConverter.isEqual(findIssuerResult[i].tbsView, certificate.tbsView)) { result.push([findIssuerResult[i]]); continue; } const buildPathResult = await buildPath(findIssuerResult[i], crypto); for (let j = 0; j < buildPathResult.length; j++) { const copy = buildPathResult[j].slice(); copy.splice(0, 0, findIssuerResult[i]); if (checkUnique(copy)) result.push(copy); else result.push(buildPathResult[j]); } } return result; }; const findCRL = async (certificate) => { const issuerCertificates = []; const crls = []; const crlsAndCertificates = []; issuerCertificates.push(...localCerts.filter(element => certificate.issuer.isEqual(element.subject))); if (issuerCertificates.length === 0) { return { status: 1, statusMessage: "No certificate's issuers" }; } crls.push(...this.crls.filter(o => o.issuer.isEqual(certificate.issuer))); if (crls.length === 0) { return { status: 2, statusMessage: "No CRLs for specific certificate issuer" }; } for (let i = 0; i < crls.length; i++) { const crl = crls[i]; if (crl.nextUpdate && crl.nextUpdate.value < this.checkDate) { continue; } for (let j = 0; j < issuerCertificates.length; j++) { try { const result = await crls[i].verify({ issuerCertificate: issuerCertificates[j] }, crypto); if (result) { crlsAndCertificates.push({ crl: crls[i], certificate: issuerCertificates[j] }); break; } } catch { } } } if (crlsAndCertificates.length) { return { status: 0, statusMessage: EMPTY_STRING, result: crlsAndCertificates }; } return { status: 3, statusMessage: "No valid CRLs found" }; }; const findOCSP = async (certificate, issuerCertificate) => { const hashAlgorithm = crypto.getAlgorithmByOID(certificate.signatureAlgorithm.algorithmId); if (!hashAlgorithm.name) { return 1; } if (!hashAlgorithm.hash) { return 1; } for (let i = 0; i < this.ocsps.length; i++) { const ocsp = this.ocsps[i]; const result = await ocsp.getCertificateStatus(certificate, issuerCertificate, crypto); if (result.isForCertificate) { if (result.status === 0) return 0; return 1; } } return 2; }; async function checkForCA(certificate, needToCheckCRL = false) { let isCA = false; let mustBeCA = false; let keyUsagePresent = false; let cRLSign = false; if (certificate.extensions) { for (let j = 0; j < certificate.extensions.length; j++) { const extension = certificate.extensions[j]; if (extension.critical && !extension.parsedValue) { return { result: false, resultCode: 6, resultMessage: `Unable to parse critical certificate extension: ${extension.extnID}` }; } if (extension.extnID === id_KeyUsage) { keyUsagePresent = true; const view = new Uint8Array(extension.parsedValue.valueBlock.valueHex); if ((view[0] & 0x04) === 0x04) mustBeCA = true; if ((view[0] & 0x02) === 0x02) cRLSign = true; } if (extension.extnID === id_BasicConstraints) { if ("cA" in extension.parsedValue) { if (extension.parsedValue.cA === true) isCA = true; } } } if ((mustBeCA === true) && (isCA === false)) { return { result: false, resultCode: 3, resultMessage: "Unable to build certificate chain - using \"keyCertSign\" flag set without BasicConstraints" }; } if ((keyUsagePresent === true) && (isCA === true) && (mustBeCA === false)) { return { result: false, resultCode: 4, resultMessage: "Unable to build certificate chain - \"keyCertSign\" flag was not set" }; } if ((isCA === true) && (keyUsagePresent === true) && ((needToCheckCRL) && (cRLSign === false))) { return { result: false, resultCode: 5, resultMessage: "Unable to build certificate chain - intermediate certificate must have \"cRLSign\" key usage flag" }; } } if (isCA === false) { return { result: false, resultCode: 7, resultMessage: "Unable to build certificate chain - more than one possible end-user certificate" }; } return { result: true, resultCode: 0, resultMessage: EMPTY_STRING }; } const basicCheck = async (path, checkDate) => { for (let i = 0; i < path.length; i++) { if ((path[i].notBefore.value > checkDate) || (path[i].notAfter.value < checkDate)) { return { result: false, resultCode: 8, resultMessage: "The certificate is either not yet valid or expired" }; } } if (path.length < 2) { return { result: false, resultCode: 9, resultMessage: "Too short certificate path" }; } for (let i = (path.length - 2); i >= 0; i--) { if (path[i].issuer.isEqual(path[i].subject) === false) { if (path[i].issuer.isEqual(path[i + 1].subject) === false) { return { result: false, resultCode: 10, resultMessage: "Incorrect name chaining" }; } } } if ((this.crls.length !== 0) || (this.ocsps.length !== 0)) { for (let i = 0; i < (path.length - 1); i++) { let ocspResult = 2; let crlResult = { status: 0, statusMessage: EMPTY_STRING }; if (this.ocsps.length !== 0) { ocspResult = await findOCSP(path[i], path[i + 1]); switch (ocspResult) { case 0: continue; case 1: return { result: false, resultCode: 12, resultMessage: "One of certificates was revoked via OCSP response" }; } } if (this.crls.length !== 0) { crlResult = await findCRL(path[i]); if (crlResult.status === 0 && crlResult.result) { for (let j = 0; j < crlResult.result.length; j++) { const isCertificateRevoked = crlResult.result[j].crl.isCertificateRevoked(path[i]); if (isCertificateRevoked) { return { result: false, resultCode: 12, resultMessage: "One of certificates had been revoked" }; } const isCertificateCA = await checkForCA(crlResult.result[j].certificate, true); if (isCertificateCA.result === false) { return { result: false, resultCode: 13, resultMessage: "CRL issuer certificate is not a CA certificate or does not have crlSign flag" }; } } } else { if (passedWhenNotRevValues === false) { throw new ChainValidationError(exports.ChainValidationCode.noRevocation, `No revocation values found for one of certificates: ${crlResult.statusMessage}`); } } } else { if (ocspResult === 2) { return { result: false, resultCode: 11, resultMessage: "No revocation values found for one of certificates" }; } } if ((ocspResult === 2) && (crlResult.status === 2) && passedWhenNotRevValues) { const issuerCertificate = path[i + 1]; let extensionFound = false; if (issuerCertificate.extensions) { for (const extension of issuerCertificate.extensions) { switch (extension.extnID) { case id_CRLDistributionPoints: case id_FreshestCRL: case id_AuthorityInfoAccess: extensionFound = true; break; } } } if (extensionFound) { throw new ChainValidationError(exports.ChainValidationCode.noRevocation, `No revocation values found for one of certificates: ${crlResult.statusMessage}`); } } } } for (const [i, cert] of path.entries()) { if (!i) { continue; } const result = await checkForCA(cert); if (!result.result) { return { result: false, resultCode: 14, resultMessage: "One of intermediate certificates is not a CA certificate" }; } } return { result: true }; }; localCerts.push(...this.trustedCerts); localCerts.push(...this.certs); for (let i = 0; i < localCerts.length; i++) { for (let j = 0; j < localCerts.length; j++) { if (i === j) continue; if (pvtsutils__namespace.BufferSourceConverter.isEqual(localCerts[i].tbsView, localCerts[j].tbsView)) { localCerts.splice(j, 1); i = 0; break; } } } const leafCert = localCerts[localCerts.length - 1]; let result; const certificatePath = [leafCert]; result = await buildPath(leafCert, crypto); if (result.length === 0) { throw new ChainValidationError(exports.ChainValidationCode.noPath, "Unable to find certificate path"); } for (let i = result.length - 1; i >= 0; i--) { let found = false; for (let j = 0; j < (result[i]).length; j++) { const certificate = (result[i])[j]; for (let k = 0; k < this.trustedCerts.length; k++) { if (pvtsutils__namespace.BufferSourceConverter.isEqual(certificate.tbsView, this.trustedCerts[k].tbsView)) { found = true; break; } } if (found) break; } if (!found) { result.splice(i, 1); } } if (result.length === 0) { throw new ChainValidationError(exports.ChainValidationCode.noValidPath, "No valid certificate paths found"); } let shortestLength = result[0].length; let shortestIndex = 0; for (let i = 0; i < result.length; i++) { if (result[i].length < shortestLength) { shortestLength = result[i].length; shortestIndex = i; } } for (let i = 0; i < result[shortestIndex].length; i++) certificatePath.push((result[shortestIndex])[i]); result = await basicCheck(certificatePath, this.checkDate); if (result.result === false) throw result; return certificatePath; } async verify(parameters = {}, crypto = getCrypto(true)) { function compareDNSName(name, constraint) { const namePrepared = stringPrep(name); const constraintPrepared = stringPrep(constraint); const nameSplitted = namePrepared.split("."); const constraintSplitted = constraintPrepared.split("."); const nameLen = nameSplitted.length; const constrLen = constraintSplitted.length; if ((nameLen === 0) || (constrLen === 0) || (nameLen < constrLen)) { return false; } for (let i = 0; i < nameLen; i++) { if (nameSplitted[i].length === 0) { return false; } } for (let i = 0; i < constrLen; i++) { if (constraintSplitted[i].length === 0) { if (i === 0) { if (constrLen === 1) { return false; } continue; } return false; } } for (let i = 0; i < constrLen; i++) { if (constraintSplitted[constrLen - 1 - i].length === 0) { continue; } if (nameSplitted[nameLen - 1 - i].localeCompare(constraintSplitted[constrLen - 1 - i]) !== 0) { return false; } } return true; } function compareRFC822Name(name, constraint) { const namePrepared = stringPrep(name); const constraintPrepared = stringPrep(constraint); const nameSplitted = namePrepared.split("@"); const constraintSplitted = constraintPrepared.split("@"); if ((nameSplitted.length === 0) || (constraintSplitted.length === 0) || (nameSplitted.length < constraintSplitted.length)) return false; if (constraintSplitted.length === 1) { const result = compareDNSName(nameSplitted[1], constraintSplitted[0]); if (result) { const ns = nameSplitted[1].split("."); const cs = constraintSplitted[0].split("."); if (cs[0].length === 0) return true; return ns.length === cs.length; } return false; } return (namePrepared.localeCompare(constraintPrepared) === 0); } function compareUniformResourceIdentifier(name, constraint) { let namePrepared = stringPrep(name); const constraintPrepared = stringPrep(constraint); const ns = namePrepared.split("/"); const cs = constraintPrepared.split("/"); if (cs.length > 1) return false; if (ns.length > 1) { for (let i = 0; i < ns.length; i++) { if ((ns[i].length > 0) && (ns[i].charAt(ns[i].length - 1) !== ":")) { const nsPort = ns[i].split(":"); namePrepared = nsPort[0]; break; } } } const result = compareDNSName(namePrepared, constraintPrepared); if (result) { const nameSplitted = namePrepared.split("."); const constraintSplitted = constraintPrepared.split("."); if (constraintSplitted[0].length === 0) return true; return nameSplitted.length === constraintSplitted.length; } return false; } function compareIPAddress(name, constraint) { const nameView = name.valueBlock.valueHexView; const constraintView = constraint.valueBlock.valueHexView; if ((nameView.length === 4) && (constraintView.length === 8)) { for (let i = 0; i < 4; i++) { if ((nameView[i] ^ constraintView[i]) & constraintView[i + 4]) return false; } return true; } if ((nameView.length === 16) && (constraintView.length === 32)) { for (let i = 0; i < 16; i++) { if ((nameView[i] ^ constraintView[i]) & constraintView[i + 16]) return false; } return true; } return false; } function compareDirectoryName(name, constraint) { if ((name.typesAndValues.length === 0) || (constraint.typesAndValues.length === 0)) return true; if (name.typesAndValues.length < constraint.typesAndValues.length) return false; let result = true; let nameStart = 0; for (let i = 0; i < constraint.typesAndValues.length; i++) { let localResult = false; for (let j = nameStart; j < name.typesAndValues.length; j++) { localResult = name.typesAndValues[j].isEqual(constraint.typesAndValues[i]); if (name.typesAndValues[j].type === constraint.typesAndValues[i].type) result = result && localResult; if (localResult === true) { if ((nameStart === 0) || (nameStart === j)) { nameStart = j + 1; break; } else return false; } } if (localResult === false) return false; } return (nameStart === 0) ? false : result; } try { if (this.certs.length === 0) throw new Error("Empty certificate array"); const passedWhenNotRevValues = parameters.passedWhenNotRevValues || false; const initialPolicySet = parameters.initialPolicySet || [id_AnyPolicy]; const initialExplicitPolicy = parameters.initialExplicitPolicy || false; const initialPolicyMappingInhibit = parameters.initialPolicyMappingInhibit || false; const initialInhibitPolicy = parameters.initialInhibitPolicy || false; const initialPermittedSubtreesSet = parameters.initialPermittedSubtreesSet || []; const initialExcludedSubtreesSet = parameters.initialExcludedSubtreesSet || []; const initialRequiredNameForms = parameters.initialRequiredNameForms || []; let explicitPolicyIndicator = initialExplicitPolicy; let policyMappingInhibitIndicator = initialPolicyMappingInhibit; let inhibitAnyPolicyIndicator = initialInhibitPolicy; const pendingConstraints = [ false, false, false, ]; let explicitPolicyPending = 0; let policyMappingInhibitPending = 0; let inhibitAnyPolicyPending = 0; let permittedSubtrees = initialPermittedSubtreesSet; let excludedSubtrees = initialExcludedSubtreesSet; const requiredNameForms = initialRequiredNameForms; let pathDepth = 1; this.certs = await this.sort(passedWhenNotRevValues, crypto); const allPolicies = []; allPolicies.push(id_AnyPolicy); const policiesAndCerts = []; const anyPolicyArray = new Array(this.certs.length - 1); for (let ii = 0; ii < (this.certs.length - 1); ii++) anyPolicyArray[ii] = true; policiesAndCerts.push(anyPolicyArray); const policyMappings = new Array(this.certs.length - 1); const certPolicies = new Array(this.certs.length - 1); let explicitPolicyStart = (explicitPolicyIndicator) ? (this.certs.length - 1) : (-1); for (let i = (this.certs.length - 2); i >= 0; i--, pathDepth++) { const cert = this.certs[i]; if (cert.extensions) { for (let j = 0; j < cert.extensions.length; j++) { const extension = cert.extensions[j]; if (extension.extnID === id_CertificatePolicies) { certPolicies[i] = extension.parsedValue; for (let s = 0; s < allPolicies.length; s++) { if (allPolicies[s] === id_AnyPolicy) { delete (policiesAndCerts[s])[i]; break; } } for (let k = 0; k < extension.parsedValue.certificatePolicies.length; k++) { let policyIndex = (-1); const policyId = extension.parsedValue.certificatePolicies[k].policyIdentifier; for (let s = 0; s < allPolicies.length; s++) { if (policyId === allPolicies[s]) { policyIndex = s; break; } } if (policyIndex === (-1)) { allPolicies.push(policyId); const certArray = new Array(this.certs.length - 1); certArray[i] = true; policiesAndCerts.push(certArray); } else (policiesAndCerts[policyIndex])[i] = true; } } if (extension.extnID === id_PolicyMappings) { if (policyMappingInhibitIndicator) { return { result: false, resultCode: 98, resultMessage: "Policy mapping prohibited" }; } policyMappings[i] = extension.parsedValue; } if (extension.extnID === id_PolicyConstraints) { if (explicitPolicyIndicator === false) { if (extension.parsedValue.requireExplicitPolicy === 0) { explicitPolicyIndicator = true; explicitPolicyStart = i; } else { if (pendingConstraints[0] === false) { pendingConstraints[0] = true; explicitPolicyPending = extension.parsedValue.requireExplicitPolicy; } else explicitPolicyPending = (explicitPolicyPending > extension.parsedValue.requireExplicitPolicy) ? extension.parsedValue.requireExplicitPolicy : explicitPolicyPending; } if (extension.parsedValue.inhibitPolicyMapping === 0) policyMappingInhibitIndicator = true; else { if (pendingConstraints[1] === false) { pendingConstraints[1] = true; policyMappingInhibitPending = extension.parsedValue.inhibitPolicyMapping + 1; } else policyMappingInhibitPending = (policyMappingInhibitPending > (extension.parsedValue.inhibitPolicyMapping + 1)) ? (extension.parsedValue.inhibitPolicyMapping + 1) : policyMappingInhibitPending; } } } if (extension.extnID === id_InhibitAnyPolicy) { if (inhibitAnyPolicyIndicator === false) { if (extension.parsedValue.valueBlock.valueDec === 0) inhibitAnyPolicyIndicator = true; else { if (pendingConstraints[2] === false) { pendingConstraints[2] = true; inhibitAnyPolicyPending = extension.parsedValue.valueBlock.valueDec; } else inhibitAnyPolicyPending = (inhibitAnyPolicyPending > extension.parsedValue.valueBlock.valueDec) ? extension.parsedValue.valueBlock.valueDec : inhibitAnyPolicyPending; } } } } if (inhibitAnyPolicyIndicator === true) { let policyIndex = (-1); for (let searchAnyPolicy = 0; searchAnyPolicy < allPolicies.length; searchAnyPolicy++) { if (allPolicies[searchAnyPolicy] === id_AnyPolicy) { policyIndex = searchAnyPolicy; break; } } if (policyIndex !== (-1)) delete (policiesAndCerts[0])[i]; } if (explicitPolicyIndicator === false) { if (pendingConstraints[0] === true) { explicitPolicyPending--; if (explicitPolicyPending === 0) { explicitPolicyIndicator = true; explicitPolicyStart = i; pendingConstraints[0] = false; } } } if (policyMappingInhibitIndicator === false) { if (pendingConstraints[1] === true) { policyMappingInhibitPending--; if (policyMappingInhibitPending === 0) { policyMappingInhibitIndicator = true; pendingConstraints[1] = false; } } } if (inhibitAnyPolicyIndicator === false) { if (pendingConstraints[2] === true) { inhibitAnyPolicyPending--; if (inhibitAnyPolicyPending === 0) { inhibitAnyPolicyIndicator = true; pendingConstraints[2] = false; } } } } } for (let i = 0; i < (this.certs.length - 1); i++) { if ((i < (this.certs.length - 2)) && (typeof policyMappings[i + 1] !== "undefined")) { for (let k = 0; k < policyMappings[i + 1].mappings.length; k++) { if ((policyMappings[i + 1].mappings[k].issuerDomainPolicy === id_AnyPolicy) || (policyMappings[i + 1].mappings[k].subjectDomainPolicy === id_AnyPolicy)) { return { result: false, resultCode: 99, resultMessage: "The \"anyPolicy\" should not be a part of policy mapping scheme" }; } let issuerDomainPolicyIndex = (-1); let subjectDomainPolicyIndex = (-1); for (let n = 0; n < allPolicies.length; n++) { if (allPolicies[n] === policyMappings[i + 1].mappings[k].issuerDomainPolicy) issuerDomainPolicyIndex = n; if (allPolicies[n] === policyMappings[i + 1].mappings[k].subjectDomainPolicy) subjectDomainPolicyIndex = n; } if (typeof (policiesAndCerts[issuerDomainPolicyIndex])[i] !== "undefined") delete (policiesAndCerts[issuerDomainPolicyIndex])[i]; for (let j = 0; j < certPolicies[i].certificatePolicies.length; j++) { if (policyMappings[i + 1].mappings[k].subjectDomainPolicy === certPolicies[i].certificatePolicies[j].policyIdentifier) { if ((issuerDomainPolicyIndex !== (-1)) && (subjectDomainPolicyIndex !== (-1))) { for (let m = 0; m <= i; m++) { if (typeof (policiesAndCerts[subjectDomainPolicyIndex])[m] !== "undefined") { (policiesAndCerts[issuerDomainPolicyIndex])[m] = true; delete (policiesAndCerts[subjectDomainPolicyIndex])[m]; } } } } } } } } for (let i = 0; i < allPolicies.length; i++) { if (allPolicies[i] === id_AnyPolicy) { for (let j = 0; j < explicitPolicyStart; j++) delete (policiesAndCerts[i])[j]; } } const authConstrPolicies = []; for (let i = 0; i < policiesAndCerts.length; i++) { let found = true; for (let j = 0; j < (this.certs.length - 1); j++) { let anyPolicyFound = false; if ((j < explicitPolicyStart) && (allPolicies[i] === id_AnyPolicy) && (allPolicies.length > 1)) { found = false; break; } if (typeof (policiesAndCerts[i])[j] === "undefined") { if (j >= explicitPolicyStart) { for (let k = 0; k < allPolicies.length; k++) { if (allPolicies[k] === id_AnyPolicy) { if ((policiesAndCerts[k])[j] === true) anyPolicyFound = true; break; } } } if (!anyPolicyFound) { found = false; break; } } } if (found === true) authConstrPolicies.push(allPolicies[i]); } let userConstrPolicies = []; if ((initialPolicySet.length === 1) && (initialPolicySet[0] === id_AnyPolicy) && (explicitPolicyIndicator === false)) userConstrPolicies = initialPolicySet; else { if ((authConstrPolicies.length === 1) && (authConstrPolicies[0] === id_AnyPolicy)) userConstrPolicies = initialPolicySet; else { for (let i = 0; i < authConstrPolicies.length; i++) { for (let j = 0; j < initialPolicySet.length; j++) { if ((initialPolicySet[j] === authConstrPolicies[i]) || (initialPolicySet[j] === id_AnyPolicy)) { userConstrPolicies.push(authConstrPolicies[i]); break; } } } } } const policyResult = { result: (userConstrPolicies.length > 0), resultCode: 0, resultMessage: (userConstrPolicies.length > 0) ? EMPTY_STRING : "Zero \"userConstrPolicies\" array, no intersections with \"authConstrPolicies\"", authConstrPolicies, userConstrPolicies, explicitPolicyIndicator, policyMappings, certificatePath: this.certs }; if (userConstrPolicies.length === 0) return policyResult; if (policyResult.result === false) return policyResult; pathDepth = 1; for (let i = (this.certs.length - 2); i >= 0; i--, pathDepth++) { const cert = this.certs[i]; let subjectAltNames = []; let certPermittedSubtrees = []; let certExcludedSubtrees = []; if (cert.extensions) { for (let j = 0; j < cert.extensions.length; j++) { const extension = cert.extensions[j]; if (extension.extnID === id_NameConstraints) { if ("permittedSubtrees" in extension.parsedValue) certPermittedSubtrees = certPermittedSubtrees.concat(extension.parsedValue.permittedSubtrees); if ("excludedSubtrees" in extension.parsedValue) certExcludedSubtrees = certExcludedSubtrees.concat(extension.parsedValue.excludedSubtrees); } if (extension.extnID === id_SubjectAltName) subjectAltNames = subjectAltNames.concat(extension.parsedValue.altNames); } } let formFound = (requiredNameForms.length <= 0); for (let j = 0; j < requiredNameForms.length; j++) { switch (requiredNameForms[j].base.type) { case 4: { if (requiredNameForms[j].base.value.typesAndValues.length !== cert.subject.typesAndValues.length) continue; formFound = true; for (let k = 0; k < cert.subject.typesAndValues.length; k++) { if (cert.subject.typesAndValues[k].type !== requiredNameForms[j].base.value.typesAndValues[k].type) { formFound = false; break; } } if (formFound === true) break; } break; default: } } if (formFound === false) { policyResult.result = false; policyResult.resultCode = 21; policyResult.resultMessage = "No necessary name form found"; throw policyResult; } const constrGroups = [ [], [], [], [], [], ]; for (let j = 0; j < permittedSubtrees.length; j++) { switch (permittedSubtrees[j].base.type) { case 1: constrGroups[0].push(permittedSubtrees[j]); break; case 2: constrGroups[1].push(permittedSubtrees[j]); break; case 4: constrGroups[2].push(permittedSubtrees[j]); break; case 6: constrGroups[3].push(permittedSubtrees[j]); break; case 7: constrGroups[4].push(permittedSubtrees[j]); break; default: } } for (let p = 0; p < 5; p++) { let groupPermitted = false; let valueExists = false; const group = constrGroups[p]; for (let j = 0; j < group.length; j++) { switch (p) { case 0: if (subjectAltNames.length > 0) { for (let k = 0; k < subjectAltNames.length; k++) { if (subjectAltNames[k].type === 1) { valueExists = true; groupPermitted = groupPermitted || compareRFC822Name(subjectAltNames[k].value, group[j].base.value); } } } else { for (let k = 0; k < cert.subject.typesAndValues.length; k++) { if ((cert.subject.typesAndValues[k].type === "1.2.840.113549.1.9.1") || (cert.subject.typesAndValues[k].type === "0.9.2342.19200300.100.1.3")) { valueExists = true; groupPermitted = groupPermitted || compareRFC822Name(cert.subject.typesAndValues[k].value.valueBlock.value, group[j].base.value); } } } break; case 1: if (subjectAltNames.length > 0) { for (let k = 0; k < subjectAltNames.length; k++) { if (subjectAltNames[k].type === 2) { valueExists = true; groupPermitted = groupPermitted || compareDNSName(subjectAltNames[k].value, group[j].base.value); } } } break; case 2: valueExists = true; groupPermitted = compareDirectoryName(cert.subject, group[j].base.value); break; case 3: if (subjectAltNames.length > 0) { for (let k = 0; k < subjectAltNames.length; k++) { if (subjectAltNames[k].type === 6) { valueExists = true; groupPermitted = groupPermitted || compareUniformResourceIdentifier(subjectAltNames[k].value, group[j].base.value); } } } break; case 4: if (subjectAltNames.length > 0) { for (let k = 0; k < subjectAltNames.length; k++) { if (subjectAltNames[k].type === 7) { valueExists = true; groupPermitted = groupPermitted || compareIPAddress(subjectAltNames[k].value, group[j].base.value); } } } break; default: } if (groupPermitted) break; } if ((groupPermitted === false) && (group.length > 0) && valueExists) { policyResult.result = false; policyResult.resultCode = 41; policyResult.resultMessage = "Failed to meet \"permitted sub-trees\" name constraint"; throw policyResult; } } let excluded = false; for (let j = 0; j < excludedSubtrees.length; j++) { switch (excludedSubtrees[j].base.type) { case 1: if (subjectAltNames.length >= 0) { for (let k = 0; k < subjectAltNames.length; k++) { if (subjectAltNames[k].type === 1) excluded = excluded || compareRFC822Name(subjectAltNames[k].value, excludedSubtrees[j].base.value); } } else { for (let k = 0; k < cert.subject.typesAndValues.length; k++) { if ((cert.subject.typesAndValues[k].type === "1.2.840.113549.1.9.1") || (cert.subject.typesAndValues[k].type === "0.9.2342.19200300.100.1.3")) excluded = excluded || compareRFC822Name(cert.subject.typesAndValues[k].value.valueBlock.value, excludedSubtrees[j].base.value); } } break; case 2: if (subjectAltNames.length > 0) { for (let k = 0; k < subjectAltNames.length; k++) { if (subjectAltNames[k].type === 2) excluded = excluded || compareDNSName(subjectAltNames[k].value, excludedSubtrees[j].base.value); } } break; case 4: excluded = excluded || compareDirectoryName(cert.subject, excludedSubtrees[j].base.value); break; case 6: if (subjectAltNames.length > 0) { for (let k = 0; k < subjectAltNames.length; k++) { if (subjectAltNames[k].type === 6) excluded = excluded || compareUniformResourceIdentifier(subjectAltNames[k].value, excludedSubtrees[j].base.value); } } break; case 7: if (subjectAltNames.length > 0) { for (let k = 0; k < subjectAltNames.length; k++) { if (subjectAltNames[k].type === 7) excluded = excluded || compareIPAddress(subjectAltNames[k].value, excludedSubtrees[j].base.value); } } break; default: } if (excluded) break; } if (excluded === true) { policyResult.result = false; policyResult.resultCode = 42; policyResult.resultMessage = "Failed to meet \"excluded sub-trees\" name constraint"; throw policyResult; } permittedSubtrees = permittedSubtrees.concat(certPermittedSubtrees); excludedSubtrees = excludedSubtrees.concat(certExcludedSubtrees); } return policyResult; } catch (error) { if (error instanceof Error) { if (error instanceof ChainValidationError) { return { result: false, resultCode: error.code, resultMessage: error.message, error: error, }; } return { result: false, resultCode: exports.ChainValidationCode.unknown, resultMessage: error.message, error: error, }; } if (error && typeof error === "object" && "resultMessage" in error) { return error; } return { result: false, resultCode: -1, resultMessage: `${error}`, }; } } } const TBS_RESPONSE_DATA = "tbsResponseData"; const SIGNATURE_ALGORITHM$3 = "signatureAlgorithm"; const SIGNATURE$2 = "signature"; const CERTS$1 = "certs"; const BASIC_OCSP_RESPONSE = "BasicOCSPResponse"; const BASIC_OCSP_RESPONSE_TBS_RESPONSE_DATA = `${BASIC_OCSP_RESPONSE}.${TBS_RESPONSE_DATA}`; const BASIC_OCSP_RESPONSE_SIGNATURE_ALGORITHM = `${BASIC_OCSP_RESPONSE}.${SIGNATURE_ALGORITHM$3}`; const BASIC_OCSP_RESPONSE_SIGNATURE = `${BASIC_OCSP_RESPONSE}.${SIGNATURE$2}`; const BASIC_OCSP_RESPONSE_CERTS = `${BASIC_OCSP_RESPONSE}.${CERTS$1}`; const CLEAR_PROPS$g = [ BASIC_OCSP_RESPONSE_TBS_RESPONSE_DATA, BASIC_OCSP_RESPONSE_SIGNATURE_ALGORITHM, BASIC_OCSP_RESPONSE_SIGNATURE, BASIC_OCSP_RESPONSE_CERTS ]; class BasicOCSPResponse extends PkiObject { constructor(parameters = {}) { super(); this.tbsResponseData = pvutils__namespace.getParametersValue(parameters, TBS_RESPONSE_DATA, BasicOCSPResponse.defaultValues(TBS_RESPONSE_DATA)); this.signatureAlgorithm = pvutils__namespace.getParametersValue(parameters, SIGNATURE_ALGORITHM$3, BasicOCSPResponse.defaultValues(SIGNATURE_ALGORITHM$3)); this.signature = pvutils__namespace.getParametersValue(parameters, SIGNATURE$2, BasicOCSPResponse.defaultValues(SIGNATURE$2)); if (CERTS$1 in parameters) { this.certs = pvutils__namespace.getParametersValue(parameters, CERTS$1, BasicOCSPResponse.defaultValues(CERTS$1)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case TBS_RESPONSE_DATA: return new ResponseData(); case SIGNATURE_ALGORITHM$3: return new AlgorithmIdentifier(); case SIGNATURE$2: return new asn1js__namespace.BitString(); case CERTS$1: return []; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case "type": { let comparisonResult = ((ResponseData.compareWithDefault("tbs", memberValue.tbs)) && (ResponseData.compareWithDefault("responderID", memberValue.responderID)) && (ResponseData.compareWithDefault("producedAt", memberValue.producedAt)) && (ResponseData.compareWithDefault("responses", memberValue.responses))); if ("responseExtensions" in memberValue) comparisonResult = comparisonResult && (ResponseData.compareWithDefault("responseExtensions", memberValue.responseExtensions)); return comparisonResult; } case SIGNATURE_ALGORITHM$3: return ((memberValue.algorithmId === EMPTY_STRING) && (("algorithmParams" in memberValue) === false)); case SIGNATURE$2: return (memberValue.isEqual(BasicOCSPResponse.defaultValues(memberName))); case CERTS$1: return (memberValue.length === 0); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || BASIC_OCSP_RESPONSE), value: [ ResponseData.schema(names.tbsResponseData || { names: { blockName: BASIC_OCSP_RESPONSE_TBS_RESPONSE_DATA } }), AlgorithmIdentifier.schema(names.signatureAlgorithm || { names: { blockName: BASIC_OCSP_RESPONSE_SIGNATURE_ALGORITHM } }), new asn1js__namespace.BitString({ name: (names.signature || BASIC_OCSP_RESPONSE_SIGNATURE) }), new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: [ new asn1js__namespace.Sequence({ value: [new asn1js__namespace.Repeated({ name: BASIC_OCSP_RESPONSE_CERTS, value: Certificate.schema(names.certs || {}) })] }) ] }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$g); const asn1 = asn1js__namespace.compareSchema(schema, schema, BasicOCSPResponse.schema()); AsnError.assertSchema(asn1, this.className); this.tbsResponseData = new ResponseData({ schema: asn1.result[BASIC_OCSP_RESPONSE_TBS_RESPONSE_DATA] }); this.signatureAlgorithm = new AlgorithmIdentifier({ schema: asn1.result[BASIC_OCSP_RESPONSE_SIGNATURE_ALGORITHM] }); this.signature = asn1.result[BASIC_OCSP_RESPONSE_SIGNATURE]; if (BASIC_OCSP_RESPONSE_CERTS in asn1.result) { this.certs = Array.from(asn1.result[BASIC_OCSP_RESPONSE_CERTS], element => new Certificate({ schema: element })); } } toSchema() { const outputArray = []; outputArray.push(this.tbsResponseData.toSchema()); outputArray.push(this.signatureAlgorithm.toSchema()); outputArray.push(this.signature); if (this.certs) { outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: [ new asn1js__namespace.Sequence({ value: Array.from(this.certs, o => o.toSchema()) }) ] })); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const res = { tbsResponseData: this.tbsResponseData.toJSON(), signatureAlgorithm: this.signatureAlgorithm.toJSON(), signature: this.signature.toJSON(), }; if (this.certs) { res.certs = Array.from(this.certs, o => o.toJSON()); } return res; } async getCertificateStatus(certificate, issuerCertificate, crypto = getCrypto(true)) { const result = { isForCertificate: false, status: 2 }; const hashesObject = {}; const certIDs = []; for (const response of this.tbsResponseData.responses) { const hashAlgorithm = crypto.getAlgorithmByOID(response.certID.hashAlgorithm.algorithmId, true, "CertID.hashAlgorithm"); if (!hashesObject[hashAlgorithm.name]) { hashesObject[hashAlgorithm.name] = 1; const certID = new CertID(); certIDs.push(certID); await certID.createForCertificate(certificate, { hashAlgorithm: hashAlgorithm.name, issuerCertificate }, crypto); } } for (const response of this.tbsResponseData.responses) { for (const id of certIDs) { if (response.certID.isEqual(id)) { result.isForCertificate = true; try { switch (response.certStatus.idBlock.isConstructed) { case true: if (response.certStatus.idBlock.tagNumber === 1) result.status = 1; break; case false: switch (response.certStatus.idBlock.tagNumber) { case 0: result.status = 0; break; case 2: result.status = 2; break; default: } break; default: } } catch { } return result; } } } return result; } async sign(privateKey, hashAlgorithm = "SHA-1", crypto = getCrypto(true)) { if (!privateKey) { throw new Error("Need to provide a private key for signing"); } const signatureParams = await crypto.getSignatureParameters(privateKey, hashAlgorithm); const algorithm = signatureParams.parameters.algorithm; if (!("name" in algorithm)) { throw new Error("Empty algorithm"); } this.signatureAlgorithm = signatureParams.signatureAlgorithm; this.tbsResponseData.tbsView = new Uint8Array(this.tbsResponseData.toSchema(true).toBER()); const signature = await crypto.signWithPrivateKey(this.tbsResponseData.tbsView, privateKey, { algorithm }); this.signature = new asn1js__namespace.BitString({ valueHex: signature }); } async verify(params = {}, crypto = getCrypto(true)) { let signerCert = null; let certIndex = -1; const trustedCerts = params.trustedCerts || []; if (!this.certs) { throw new Error("No certificates attached to the BasicOCSPResponse"); } switch (true) { case (this.tbsResponseData.responderID instanceof RelativeDistinguishedNames): for (const [index, certificate] of this.certs.entries()) { if (certificate.subject.isEqual(this.tbsResponseData.responderID)) { certIndex = index; break; } } break; case (this.tbsResponseData.responderID instanceof asn1js__namespace.OctetString): for (const [index, cert] of this.certs.entries()) { const hash = await crypto.digest({ name: "sha-1" }, cert.subjectPublicKeyInfo.subjectPublicKey.valueBlock.valueHexView); if (pvutils__namespace.isEqualBuffer(hash, this.tbsResponseData.responderID.valueBlock.valueHex)) { certIndex = index; break; } } break; default: throw new Error("Wrong value for responderID"); } if (certIndex === (-1)) throw new Error("Correct certificate was not found in OCSP response"); signerCert = this.certs[certIndex]; const additionalCerts = [signerCert]; for (const cert of this.certs) { const caCert = await checkCA(cert, signerCert); if (caCert) { additionalCerts.push(caCert); } } const certChain = new CertificateChainValidationEngine({ certs: additionalCerts, trustedCerts, }); const verificationResult = await certChain.verify({}, crypto); if (!verificationResult.result) { throw new Error("Validation of signer's certificate failed"); } return crypto.verifyWithPublicKey(this.tbsResponseData.tbsView, this.signature, this.certs[certIndex].subjectPublicKeyInfo, this.signatureAlgorithm); } } BasicOCSPResponse.CLASS_NAME = "BasicOCSPResponse"; const TBS$1 = "tbs"; const VERSION$6 = "version"; const SUBJECT = "subject"; const SPKI = "subjectPublicKeyInfo"; const ATTRIBUTES$1 = "attributes"; const SIGNATURE_ALGORITHM$2 = "signatureAlgorithm"; const SIGNATURE_VALUE = "signatureValue"; const CSR_INFO = "CertificationRequestInfo"; const CSR_INFO_VERSION = `${CSR_INFO}.version`; const CSR_INFO_SUBJECT = `${CSR_INFO}.subject`; const CSR_INFO_SPKI = `${CSR_INFO}.subjectPublicKeyInfo`; const CSR_INFO_ATTRS = `${CSR_INFO}.attributes`; const CLEAR_PROPS$f = [ CSR_INFO, CSR_INFO_VERSION, CSR_INFO_SUBJECT, CSR_INFO_SPKI, CSR_INFO_ATTRS, SIGNATURE_ALGORITHM$2, SIGNATURE_VALUE ]; function CertificationRequestInfo(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.CertificationRequestInfo || CSR_INFO), value: [ new asn1js__namespace.Integer({ name: (names.CertificationRequestInfoVersion || CSR_INFO_VERSION) }), RelativeDistinguishedNames.schema(names.subject || { names: { blockName: CSR_INFO_SUBJECT } }), PublicKeyInfo.schema({ names: { blockName: CSR_INFO_SPKI } }), new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: [ new asn1js__namespace.Repeated({ optional: true, name: (names.CertificationRequestInfoAttributes || CSR_INFO_ATTRS), value: Attribute.schema(names.attributes || {}) }) ] }) ] })); } class CertificationRequest extends PkiObject { get tbs() { return pvtsutils__namespace.BufferSourceConverter.toArrayBuffer(this.tbsView); } set tbs(value) { this.tbsView = new Uint8Array(value); } constructor(parameters = {}) { super(); this.tbsView = new Uint8Array(pvutils__namespace.getParametersValue(parameters, TBS$1, CertificationRequest.defaultValues(TBS$1))); this.version = pvutils__namespace.getParametersValue(parameters, VERSION$6, CertificationRequest.defaultValues(VERSION$6)); this.subject = pvutils__namespace.getParametersValue(parameters, SUBJECT, CertificationRequest.defaultValues(SUBJECT)); this.subjectPublicKeyInfo = pvutils__namespace.getParametersValue(parameters, SPKI, CertificationRequest.defaultValues(SPKI)); if (ATTRIBUTES$1 in parameters) { this.attributes = pvutils__namespace.getParametersValue(parameters, ATTRIBUTES$1, CertificationRequest.defaultValues(ATTRIBUTES$1)); } this.signatureAlgorithm = pvutils__namespace.getParametersValue(parameters, SIGNATURE_ALGORITHM$2, CertificationRequest.defaultValues(SIGNATURE_ALGORITHM$2)); this.signatureValue = pvutils__namespace.getParametersValue(parameters, SIGNATURE_VALUE, CertificationRequest.defaultValues(SIGNATURE_VALUE)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case TBS$1: return EMPTY_BUFFER; case VERSION$6: return 0; case SUBJECT: return new RelativeDistinguishedNames(); case SPKI: return new PublicKeyInfo(); case ATTRIBUTES$1: return []; case SIGNATURE_ALGORITHM$2: return new AlgorithmIdentifier(); case SIGNATURE_VALUE: return new asn1js__namespace.BitString(); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ value: [ CertificationRequestInfo(names.certificationRequestInfo || {}), new asn1js__namespace.Sequence({ name: (names.signatureAlgorithm || SIGNATURE_ALGORITHM$2), value: [ new asn1js__namespace.ObjectIdentifier(), new asn1js__namespace.Any({ optional: true }) ] }), new asn1js__namespace.BitString({ name: (names.signatureValue || SIGNATURE_VALUE) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$f); const asn1 = asn1js__namespace.compareSchema(schema, schema, CertificationRequest.schema()); AsnError.assertSchema(asn1, this.className); this.tbsView = asn1.result.CertificationRequestInfo.valueBeforeDecodeView; this.version = asn1.result[CSR_INFO_VERSION].valueBlock.valueDec; this.subject = new RelativeDistinguishedNames({ schema: asn1.result[CSR_INFO_SUBJECT] }); this.subjectPublicKeyInfo = new PublicKeyInfo({ schema: asn1.result[CSR_INFO_SPKI] }); if (CSR_INFO_ATTRS in asn1.result) { this.attributes = Array.from(asn1.result[CSR_INFO_ATTRS], element => new Attribute({ schema: element })); } this.signatureAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.signatureAlgorithm }); this.signatureValue = asn1.result.signatureValue; } encodeTBS() { const outputArray = [ new asn1js__namespace.Integer({ value: this.version }), this.subject.toSchema(), this.subjectPublicKeyInfo.toSchema() ]; if (ATTRIBUTES$1 in this) { outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: Array.from(this.attributes || [], o => o.toSchema()) })); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toSchema(encodeFlag = false) { let tbsSchema; if (encodeFlag === false) { if (this.tbsView.byteLength === 0) { return CertificationRequest.schema(); } const asn1 = asn1js__namespace.fromBER(this.tbsView); AsnError.assert(asn1, "PKCS#10 Certificate Request"); tbsSchema = asn1.result; } else { tbsSchema = this.encodeTBS(); } return (new asn1js__namespace.Sequence({ value: [ tbsSchema, this.signatureAlgorithm.toSchema(), this.signatureValue ] })); } toJSON() { const object = { tbs: pvtsutils__namespace.Convert.ToHex(this.tbsView), version: this.version, subject: this.subject.toJSON(), subjectPublicKeyInfo: this.subjectPublicKeyInfo.toJSON(), signatureAlgorithm: this.signatureAlgorithm.toJSON(), signatureValue: this.signatureValue.toJSON(), }; if (ATTRIBUTES$1 in this) { object.attributes = Array.from(this.attributes || [], o => o.toJSON()); } return object; } async sign(privateKey, hashAlgorithm = "SHA-1", crypto = getCrypto(true)) { if (!privateKey) { throw new Error("Need to provide a private key for signing"); } const signatureParams = await crypto.getSignatureParameters(privateKey, hashAlgorithm); const parameters = signatureParams.parameters; this.signatureAlgorithm = signatureParams.signatureAlgorithm; this.tbsView = new Uint8Array(this.encodeTBS().toBER()); const signature = await crypto.signWithPrivateKey(this.tbsView, privateKey, parameters); this.signatureValue = new asn1js__namespace.BitString({ valueHex: signature }); } async verify(crypto = getCrypto(true)) { return crypto.verifyWithPublicKey(this.tbsView, this.signatureValue, this.subjectPublicKeyInfo, this.signatureAlgorithm); } async getPublicKey(parameters, crypto = getCrypto(true)) { return crypto.getPublicKey(this.subjectPublicKeyInfo, this.signatureAlgorithm, parameters); } } CertificationRequest.CLASS_NAME = "CertificationRequest"; const DIGEST_ALGORITHM$1 = "digestAlgorithm"; const DIGEST = "digest"; const CLEAR_PROPS$e = [ DIGEST_ALGORITHM$1, DIGEST ]; class DigestInfo extends PkiObject { constructor(parameters = {}) { super(); this.digestAlgorithm = pvutils__namespace.getParametersValue(parameters, DIGEST_ALGORITHM$1, DigestInfo.defaultValues(DIGEST_ALGORITHM$1)); this.digest = pvutils__namespace.getParametersValue(parameters, DIGEST, DigestInfo.defaultValues(DIGEST)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case DIGEST_ALGORITHM$1: return new AlgorithmIdentifier(); case DIGEST: return new asn1js__namespace.OctetString(); default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case DIGEST_ALGORITHM$1: return ((AlgorithmIdentifier.compareWithDefault("algorithmId", memberValue.algorithmId)) && (("algorithmParams" in memberValue) === false)); case DIGEST: return (memberValue.isEqual(DigestInfo.defaultValues(memberName))); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ AlgorithmIdentifier.schema(names.digestAlgorithm || { names: { blockName: DIGEST_ALGORITHM$1 } }), new asn1js__namespace.OctetString({ name: (names.digest || DIGEST) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$e); const asn1 = asn1js__namespace.compareSchema(schema, schema, DigestInfo.schema({ names: { digestAlgorithm: { names: { blockName: DIGEST_ALGORITHM$1 } }, digest: DIGEST } })); AsnError.assertSchema(asn1, this.className); this.digestAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.digestAlgorithm }); this.digest = asn1.result.digest; } toSchema() { return (new asn1js__namespace.Sequence({ value: [ this.digestAlgorithm.toSchema(), this.digest ] })); } toJSON() { return { digestAlgorithm: this.digestAlgorithm.toJSON(), digest: this.digest.toJSON(), }; } } DigestInfo.CLASS_NAME = "DigestInfo"; const E_CONTENT_TYPE = "eContentType"; const E_CONTENT = "eContent"; const CLEAR_PROPS$d = [ E_CONTENT_TYPE, E_CONTENT, ]; class EncapsulatedContentInfo extends PkiObject { constructor(parameters = {}) { super(); this.eContentType = pvutils__namespace.getParametersValue(parameters, E_CONTENT_TYPE, EncapsulatedContentInfo.defaultValues(E_CONTENT_TYPE)); if (E_CONTENT in parameters) { this.eContent = pvutils__namespace.getParametersValue(parameters, E_CONTENT, EncapsulatedContentInfo.defaultValues(E_CONTENT)); if ((this.eContent.idBlock.tagClass === 1) && (this.eContent.idBlock.tagNumber === 4)) { if (this.eContent.idBlock.isConstructed === false) { const constrString = new asn1js__namespace.OctetString({ idBlock: { isConstructed: true }, isConstructed: true }); let offset = 0; const viewHex = this.eContent.valueBlock.valueHexView.slice().buffer; let length = viewHex.byteLength; while (length > 0) { const pieceView = new Uint8Array(viewHex, offset, ((offset + 65536) > viewHex.byteLength) ? (viewHex.byteLength - offset) : 65536); const _array = new ArrayBuffer(pieceView.length); const _view = new Uint8Array(_array); for (let i = 0; i < _view.length; i++) { _view[i] = pieceView[i]; } constrString.valueBlock.value.push(new asn1js__namespace.OctetString({ valueHex: _array })); length -= pieceView.length; offset += pieceView.length; } this.eContent = constrString; } } } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case E_CONTENT_TYPE: return EMPTY_STRING; case E_CONTENT: return new asn1js__namespace.OctetString(); default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case E_CONTENT_TYPE: return (memberValue === EMPTY_STRING); case E_CONTENT: { if ((memberValue.idBlock.tagClass === 1) && (memberValue.idBlock.tagNumber === 4)) return (memberValue.isEqual(EncapsulatedContentInfo.defaultValues(E_CONTENT))); return false; } default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.ObjectIdentifier({ name: (names.eContentType || EMPTY_STRING) }), new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: [ new asn1js__namespace.Any({ name: (names.eContent || EMPTY_STRING) }) ] }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$d); const asn1 = asn1js__namespace.compareSchema(schema, schema, EncapsulatedContentInfo.schema({ names: { eContentType: E_CONTENT_TYPE, eContent: E_CONTENT } })); AsnError.assertSchema(asn1, this.className); this.eContentType = asn1.result.eContentType.valueBlock.toString(); if (E_CONTENT in asn1.result) this.eContent = asn1.result.eContent; } toSchema() { const outputArray = []; outputArray.push(new asn1js__namespace.ObjectIdentifier({ value: this.eContentType })); if (this.eContent) { if (EncapsulatedContentInfo.compareWithDefault(E_CONTENT, this.eContent) === false) { outputArray.push(new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: [this.eContent] })); } } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const res = { eContentType: this.eContentType }; if (this.eContent && EncapsulatedContentInfo.compareWithDefault(E_CONTENT, this.eContent) === false) { res.eContent = this.eContent.toJSON(); } return res; } } EncapsulatedContentInfo.CLASS_NAME = "EncapsulatedContentInfo"; class KeyBag extends PrivateKeyInfo { constructor(parameters = {}) { super(parameters); } } const MAC = "mac"; const MAC_SALT = "macSalt"; const ITERATIONS = "iterations"; const CLEAR_PROPS$c = [ MAC, MAC_SALT, ITERATIONS ]; class MacData extends PkiObject { constructor(parameters = {}) { super(); this.mac = pvutils__namespace.getParametersValue(parameters, MAC, MacData.defaultValues(MAC)); this.macSalt = pvutils__namespace.getParametersValue(parameters, MAC_SALT, MacData.defaultValues(MAC_SALT)); if (ITERATIONS in parameters) { this.iterations = pvutils__namespace.getParametersValue(parameters, ITERATIONS, MacData.defaultValues(ITERATIONS)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case MAC: return new DigestInfo(); case MAC_SALT: return new asn1js__namespace.OctetString(); case ITERATIONS: return 1; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case MAC: return ((DigestInfo.compareWithDefault("digestAlgorithm", memberValue.digestAlgorithm)) && (DigestInfo.compareWithDefault("digest", memberValue.digest))); case MAC_SALT: return (memberValue.isEqual(MacData.defaultValues(memberName))); case ITERATIONS: return (memberValue === MacData.defaultValues(memberName)); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), optional: (names.optional || true), value: [ DigestInfo.schema(names.mac || { names: { blockName: MAC } }), new asn1js__namespace.OctetString({ name: (names.macSalt || MAC_SALT) }), new asn1js__namespace.Integer({ optional: true, name: (names.iterations || ITERATIONS) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$c); const asn1 = asn1js__namespace.compareSchema(schema, schema, MacData.schema({ names: { mac: { names: { blockName: MAC } }, macSalt: MAC_SALT, iterations: ITERATIONS } })); AsnError.assertSchema(asn1, this.className); this.mac = new DigestInfo({ schema: asn1.result.mac }); this.macSalt = asn1.result.macSalt; if (ITERATIONS in asn1.result) this.iterations = asn1.result.iterations.valueBlock.valueDec; } toSchema() { const outputArray = [ this.mac.toSchema(), this.macSalt ]; if (this.iterations !== undefined) { outputArray.push(new asn1js__namespace.Integer({ value: this.iterations })); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const res = { mac: this.mac.toJSON(), macSalt: this.macSalt.toJSON(), }; if (this.iterations !== undefined) { res.iterations = this.iterations; } return res; } } MacData.CLASS_NAME = "MacData"; const HASH_ALGORITHM = "hashAlgorithm"; const HASHED_MESSAGE = "hashedMessage"; const CLEAR_PROPS$b = [ HASH_ALGORITHM, HASHED_MESSAGE, ]; class MessageImprint extends PkiObject { static async create(hashAlgorithm, message, crypto = getCrypto(true)) { const hashAlgorithmOID = crypto.getOIDByAlgorithm({ name: hashAlgorithm }, true, "hashAlgorithm"); const hashedMessage = await crypto.digest(hashAlgorithm, message); const res = new MessageImprint({ hashAlgorithm: new AlgorithmIdentifier({ algorithmId: hashAlgorithmOID, algorithmParams: new asn1js__namespace.Null(), }), hashedMessage: new asn1js__namespace.OctetString({ valueHex: hashedMessage }) }); return res; } constructor(parameters = {}) { super(); this.hashAlgorithm = pvutils__namespace.getParametersValue(parameters, HASH_ALGORITHM, MessageImprint.defaultValues(HASH_ALGORITHM)); this.hashedMessage = pvutils__namespace.getParametersValue(parameters, HASHED_MESSAGE, MessageImprint.defaultValues(HASHED_MESSAGE)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case HASH_ALGORITHM: return new AlgorithmIdentifier(); case HASHED_MESSAGE: return new asn1js__namespace.OctetString(); default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case HASH_ALGORITHM: return ((memberValue.algorithmId === EMPTY_STRING) && (("algorithmParams" in memberValue) === false)); case HASHED_MESSAGE: return (memberValue.isEqual(MessageImprint.defaultValues(memberName)) === 0); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ AlgorithmIdentifier.schema(names.hashAlgorithm || {}), new asn1js__namespace.OctetString({ name: (names.hashedMessage || EMPTY_STRING) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$b); const asn1 = asn1js__namespace.compareSchema(schema, schema, MessageImprint.schema({ names: { hashAlgorithm: { names: { blockName: HASH_ALGORITHM } }, hashedMessage: HASHED_MESSAGE } })); AsnError.assertSchema(asn1, this.className); this.hashAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.hashAlgorithm }); this.hashedMessage = asn1.result.hashedMessage; } toSchema() { return (new asn1js__namespace.Sequence({ value: [ this.hashAlgorithm.toSchema(), this.hashedMessage ] })); } toJSON() { return { hashAlgorithm: this.hashAlgorithm.toJSON(), hashedMessage: this.hashedMessage.toJSON(), }; } } MessageImprint.CLASS_NAME = "MessageImprint"; const REQ_CERT = "reqCert"; const SINGLE_REQUEST_EXTENSIONS = "singleRequestExtensions"; const CLEAR_PROPS$a = [ REQ_CERT, SINGLE_REQUEST_EXTENSIONS, ]; class Request extends PkiObject { constructor(parameters = {}) { super(); this.reqCert = pvutils__namespace.getParametersValue(parameters, REQ_CERT, Request.defaultValues(REQ_CERT)); if (SINGLE_REQUEST_EXTENSIONS in parameters) { this.singleRequestExtensions = pvutils__namespace.getParametersValue(parameters, SINGLE_REQUEST_EXTENSIONS, Request.defaultValues(SINGLE_REQUEST_EXTENSIONS)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case REQ_CERT: return new CertID(); case SINGLE_REQUEST_EXTENSIONS: return []; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case REQ_CERT: return (memberValue.isEqual(Request.defaultValues(memberName))); case SINGLE_REQUEST_EXTENSIONS: return (memberValue.length === 0); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ CertID.schema(names.reqCert || {}), new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: [Extensions.schema(names.extensions || { names: { blockName: (names.singleRequestExtensions || EMPTY_STRING) } })] }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$a); const asn1 = asn1js__namespace.compareSchema(schema, schema, Request.schema({ names: { reqCert: { names: { blockName: REQ_CERT } }, extensions: { names: { blockName: SINGLE_REQUEST_EXTENSIONS } } } })); AsnError.assertSchema(asn1, this.className); this.reqCert = new CertID({ schema: asn1.result.reqCert }); if (SINGLE_REQUEST_EXTENSIONS in asn1.result) { this.singleRequestExtensions = Array.from(asn1.result.singleRequestExtensions.valueBlock.value, element => new Extension({ schema: element })); } } toSchema() { const outputArray = []; outputArray.push(this.reqCert.toSchema()); if (this.singleRequestExtensions) { outputArray.push(new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: [ new asn1js__namespace.Sequence({ value: Array.from(this.singleRequestExtensions, o => o.toSchema()) }) ] })); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const res = { reqCert: this.reqCert.toJSON() }; if (this.singleRequestExtensions) { res.singleRequestExtensions = Array.from(this.singleRequestExtensions, o => o.toJSON()); } return res; } } Request.CLASS_NAME = "Request"; const TBS = "tbs"; const VERSION$5 = "version"; const REQUESTOR_NAME = "requestorName"; const REQUEST_LIST = "requestList"; const REQUEST_EXTENSIONS = "requestExtensions"; const TBS_REQUEST$1 = "TBSRequest"; const TBS_REQUEST_VERSION = `${TBS_REQUEST$1}.${VERSION$5}`; const TBS_REQUEST_REQUESTOR_NAME = `${TBS_REQUEST$1}.${REQUESTOR_NAME}`; const TBS_REQUEST_REQUESTS = `${TBS_REQUEST$1}.requests`; const TBS_REQUEST_REQUEST_EXTENSIONS = `${TBS_REQUEST$1}.${REQUEST_EXTENSIONS}`; const CLEAR_PROPS$9 = [ TBS_REQUEST$1, TBS_REQUEST_VERSION, TBS_REQUEST_REQUESTOR_NAME, TBS_REQUEST_REQUESTS, TBS_REQUEST_REQUEST_EXTENSIONS ]; class TBSRequest extends PkiObject { get tbs() { return pvtsutils__namespace.BufferSourceConverter.toArrayBuffer(this.tbsView); } set tbs(value) { this.tbsView = new Uint8Array(value); } constructor(parameters = {}) { super(); this.tbsView = new Uint8Array(pvutils__namespace.getParametersValue(parameters, TBS, TBSRequest.defaultValues(TBS))); if (VERSION$5 in parameters) { this.version = pvutils__namespace.getParametersValue(parameters, VERSION$5, TBSRequest.defaultValues(VERSION$5)); } if (REQUESTOR_NAME in parameters) { this.requestorName = pvutils__namespace.getParametersValue(parameters, REQUESTOR_NAME, TBSRequest.defaultValues(REQUESTOR_NAME)); } this.requestList = pvutils__namespace.getParametersValue(parameters, REQUEST_LIST, TBSRequest.defaultValues(REQUEST_LIST)); if (REQUEST_EXTENSIONS in parameters) { this.requestExtensions = pvutils__namespace.getParametersValue(parameters, REQUEST_EXTENSIONS, TBSRequest.defaultValues(REQUEST_EXTENSIONS)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case TBS: return EMPTY_BUFFER; case VERSION$5: return 0; case REQUESTOR_NAME: return new GeneralName(); case REQUEST_LIST: case REQUEST_EXTENSIONS: return []; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case TBS: return (memberValue.byteLength === 0); case VERSION$5: return (memberValue === TBSRequest.defaultValues(memberName)); case REQUESTOR_NAME: return ((memberValue.type === GeneralName.defaultValues("type")) && (Object.keys(memberValue.value).length === 0)); case REQUEST_LIST: case REQUEST_EXTENSIONS: return (memberValue.length === 0); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || TBS_REQUEST$1), value: [ new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: [new asn1js__namespace.Integer({ name: (names.TBSRequestVersion || TBS_REQUEST_VERSION) })] }), new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 1 }, value: [GeneralName.schema(names.requestorName || { names: { blockName: TBS_REQUEST_REQUESTOR_NAME } })] }), new asn1js__namespace.Sequence({ name: (names.requestList || "TBSRequest.requestList"), value: [ new asn1js__namespace.Repeated({ name: (names.requests || TBS_REQUEST_REQUESTS), value: Request.schema(names.requestNames || {}) }) ] }), new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 2 }, value: [Extensions.schema(names.extensions || { names: { blockName: (names.requestExtensions || TBS_REQUEST_REQUEST_EXTENSIONS) } })] }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$9); const asn1 = asn1js__namespace.compareSchema(schema, schema, TBSRequest.schema()); AsnError.assertSchema(asn1, this.className); this.tbsView = asn1.result.TBSRequest.valueBeforeDecodeView; if (TBS_REQUEST_VERSION in asn1.result) this.version = asn1.result[TBS_REQUEST_VERSION].valueBlock.valueDec; if (TBS_REQUEST_REQUESTOR_NAME in asn1.result) this.requestorName = new GeneralName({ schema: asn1.result[TBS_REQUEST_REQUESTOR_NAME] }); this.requestList = Array.from(asn1.result[TBS_REQUEST_REQUESTS], element => new Request({ schema: element })); if (TBS_REQUEST_REQUEST_EXTENSIONS in asn1.result) this.requestExtensions = Array.from(asn1.result[TBS_REQUEST_REQUEST_EXTENSIONS].valueBlock.value, element => new Extension({ schema: element })); } toSchema(encodeFlag = false) { let tbsSchema; if (encodeFlag === false) { if (this.tbsView.byteLength === 0) return TBSRequest.schema(); const asn1 = asn1js__namespace.fromBER(this.tbsView); AsnError.assert(asn1, "TBS Request"); if (!(asn1.result instanceof asn1js__namespace.Sequence)) { throw new Error("ASN.1 result should be SEQUENCE"); } tbsSchema = asn1.result; } else { const outputArray = []; if (this.version !== undefined) { outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: [new asn1js__namespace.Integer({ value: this.version })] })); } if (this.requestorName) { outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 1 }, value: [this.requestorName.toSchema()] })); } outputArray.push(new asn1js__namespace.Sequence({ value: Array.from(this.requestList, o => o.toSchema()) })); if (this.requestExtensions) { outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 2 }, value: [ new asn1js__namespace.Sequence({ value: Array.from(this.requestExtensions, o => o.toSchema()) }) ] })); } tbsSchema = new asn1js__namespace.Sequence({ value: outputArray }); } return tbsSchema; } toJSON() { const res = {}; if (this.version != undefined) res.version = this.version; if (this.requestorName) { res.requestorName = this.requestorName.toJSON(); } res.requestList = Array.from(this.requestList, o => o.toJSON()); if (this.requestExtensions) { res.requestExtensions = Array.from(this.requestExtensions, o => o.toJSON()); } return res; } } TBSRequest.CLASS_NAME = "TBSRequest"; const SIGNATURE_ALGORITHM$1 = "signatureAlgorithm"; const SIGNATURE$1 = "signature"; const CERTS = "certs"; class Signature extends PkiObject { constructor(parameters = {}) { super(); this.signatureAlgorithm = pvutils__namespace.getParametersValue(parameters, SIGNATURE_ALGORITHM$1, Signature.defaultValues(SIGNATURE_ALGORITHM$1)); this.signature = pvutils__namespace.getParametersValue(parameters, SIGNATURE$1, Signature.defaultValues(SIGNATURE$1)); if (CERTS in parameters) { this.certs = pvutils__namespace.getParametersValue(parameters, CERTS, Signature.defaultValues(CERTS)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case SIGNATURE_ALGORITHM$1: return new AlgorithmIdentifier(); case SIGNATURE$1: return new asn1js__namespace.BitString(); case CERTS: return []; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case SIGNATURE_ALGORITHM$1: return ((memberValue.algorithmId === EMPTY_STRING) && (("algorithmParams" in memberValue) === false)); case SIGNATURE$1: return (memberValue.isEqual(Signature.defaultValues(memberName))); case CERTS: return (memberValue.length === 0); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ AlgorithmIdentifier.schema(names.signatureAlgorithm || {}), new asn1js__namespace.BitString({ name: (names.signature || EMPTY_STRING) }), new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: [ new asn1js__namespace.Sequence({ value: [new asn1js__namespace.Repeated({ name: (names.certs || EMPTY_STRING), value: Certificate.schema({}) })] }) ] }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, [ SIGNATURE_ALGORITHM$1, SIGNATURE$1, CERTS ]); const asn1 = asn1js__namespace.compareSchema(schema, schema, Signature.schema({ names: { signatureAlgorithm: { names: { blockName: SIGNATURE_ALGORITHM$1 } }, signature: SIGNATURE$1, certs: CERTS } })); AsnError.assertSchema(asn1, this.className); this.signatureAlgorithm = new AlgorithmIdentifier({ schema: asn1.result.signatureAlgorithm }); this.signature = asn1.result.signature; if (CERTS in asn1.result) this.certs = Array.from(asn1.result.certs, element => new Certificate({ schema: element })); } toSchema() { const outputArray = []; outputArray.push(this.signatureAlgorithm.toSchema()); outputArray.push(this.signature); if (this.certs) { outputArray.push(new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: [ new asn1js__namespace.Sequence({ value: Array.from(this.certs, o => o.toSchema()) }) ] })); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const res = { signatureAlgorithm: this.signatureAlgorithm.toJSON(), signature: this.signature.toJSON(), }; if (this.certs) { res.certs = Array.from(this.certs, o => o.toJSON()); } return res; } } Signature.CLASS_NAME = "Signature"; const TBS_REQUEST = "tbsRequest"; const OPTIONAL_SIGNATURE = "optionalSignature"; const CLEAR_PROPS$8 = [ TBS_REQUEST, OPTIONAL_SIGNATURE ]; class OCSPRequest extends PkiObject { constructor(parameters = {}) { super(); this.tbsRequest = pvutils__namespace.getParametersValue(parameters, TBS_REQUEST, OCSPRequest.defaultValues(TBS_REQUEST)); if (OPTIONAL_SIGNATURE in parameters) { this.optionalSignature = pvutils__namespace.getParametersValue(parameters, OPTIONAL_SIGNATURE, OCSPRequest.defaultValues(OPTIONAL_SIGNATURE)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case TBS_REQUEST: return new TBSRequest(); case OPTIONAL_SIGNATURE: return new Signature(); default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case TBS_REQUEST: return ((TBSRequest.compareWithDefault("tbs", memberValue.tbs)) && (TBSRequest.compareWithDefault("version", memberValue.version)) && (TBSRequest.compareWithDefault("requestorName", memberValue.requestorName)) && (TBSRequest.compareWithDefault("requestList", memberValue.requestList)) && (TBSRequest.compareWithDefault("requestExtensions", memberValue.requestExtensions))); case OPTIONAL_SIGNATURE: return ((Signature.compareWithDefault("signatureAlgorithm", memberValue.signatureAlgorithm)) && (Signature.compareWithDefault("signature", memberValue.signature)) && (Signature.compareWithDefault("certs", memberValue.certs))); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: names.blockName || "OCSPRequest", value: [ TBSRequest.schema(names.tbsRequest || { names: { blockName: TBS_REQUEST } }), new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: [ Signature.schema(names.optionalSignature || { names: { blockName: OPTIONAL_SIGNATURE } }) ] }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$8); const asn1 = asn1js__namespace.compareSchema(schema, schema, OCSPRequest.schema()); AsnError.assertSchema(asn1, this.className); this.tbsRequest = new TBSRequest({ schema: asn1.result.tbsRequest }); if (OPTIONAL_SIGNATURE in asn1.result) this.optionalSignature = new Signature({ schema: asn1.result.optionalSignature }); } toSchema(encodeFlag = false) { const outputArray = []; outputArray.push(this.tbsRequest.toSchema(encodeFlag)); if (this.optionalSignature) outputArray.push(new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: [ this.optionalSignature.toSchema() ] })); return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const res = { tbsRequest: this.tbsRequest.toJSON() }; if (this.optionalSignature) { res.optionalSignature = this.optionalSignature.toJSON(); } return res; } async createForCertificate(certificate, parameters, crypto = getCrypto(true)) { const certID = new CertID(); await certID.createForCertificate(certificate, parameters, crypto); this.tbsRequest.requestList.push(new Request({ reqCert: certID, })); } async sign(privateKey, hashAlgorithm = "SHA-1", crypto = getCrypto(true)) { ParameterError.assertEmpty(privateKey, "privateKey", "OCSPRequest.sign method"); if (!this.optionalSignature) { throw new Error("Need to create \"optionalSignature\" field before signing"); } const signatureParams = await crypto.getSignatureParameters(privateKey, hashAlgorithm); const parameters = signatureParams.parameters; this.optionalSignature.signatureAlgorithm = signatureParams.signatureAlgorithm; const tbs = this.tbsRequest.toSchema(true).toBER(false); const signature = await crypto.signWithPrivateKey(tbs, privateKey, parameters); this.optionalSignature.signature = new asn1js__namespace.BitString({ valueHex: signature }); } verify() { } } OCSPRequest.CLASS_NAME = "OCSPRequest"; const RESPONSE_TYPE = "responseType"; const RESPONSE = "response"; const CLEAR_PROPS$7 = [ RESPONSE_TYPE, RESPONSE ]; class ResponseBytes extends PkiObject { constructor(parameters = {}) { super(); this.responseType = pvutils__namespace.getParametersValue(parameters, RESPONSE_TYPE, ResponseBytes.defaultValues(RESPONSE_TYPE)); this.response = pvutils__namespace.getParametersValue(parameters, RESPONSE, ResponseBytes.defaultValues(RESPONSE)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case RESPONSE_TYPE: return EMPTY_STRING; case RESPONSE: return new asn1js__namespace.OctetString(); default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case RESPONSE_TYPE: return (memberValue === EMPTY_STRING); case RESPONSE: return (memberValue.isEqual(ResponseBytes.defaultValues(memberName))); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.ObjectIdentifier({ name: (names.responseType || EMPTY_STRING) }), new asn1js__namespace.OctetString({ name: (names.response || EMPTY_STRING) }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$7); const asn1 = asn1js__namespace.compareSchema(schema, schema, ResponseBytes.schema({ names: { responseType: RESPONSE_TYPE, response: RESPONSE } })); AsnError.assertSchema(asn1, this.className); this.responseType = asn1.result.responseType.valueBlock.toString(); this.response = asn1.result.response; } toSchema() { return (new asn1js__namespace.Sequence({ value: [ new asn1js__namespace.ObjectIdentifier({ value: this.responseType }), this.response ] })); } toJSON() { return { responseType: this.responseType, response: this.response.toJSON(), }; } } ResponseBytes.CLASS_NAME = "ResponseBytes"; const RESPONSE_STATUS = "responseStatus"; const RESPONSE_BYTES = "responseBytes"; class OCSPResponse extends PkiObject { constructor(parameters = {}) { super(); this.responseStatus = pvutils__namespace.getParametersValue(parameters, RESPONSE_STATUS, OCSPResponse.defaultValues(RESPONSE_STATUS)); if (RESPONSE_BYTES in parameters) { this.responseBytes = pvutils__namespace.getParametersValue(parameters, RESPONSE_BYTES, OCSPResponse.defaultValues(RESPONSE_BYTES)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case RESPONSE_STATUS: return new asn1js__namespace.Enumerated(); case RESPONSE_BYTES: return new ResponseBytes(); default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case RESPONSE_STATUS: return (memberValue.isEqual(OCSPResponse.defaultValues(memberName))); case RESPONSE_BYTES: return ((ResponseBytes.compareWithDefault("responseType", memberValue.responseType)) && (ResponseBytes.compareWithDefault("response", memberValue.response))); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || "OCSPResponse"), value: [ new asn1js__namespace.Enumerated({ name: (names.responseStatus || RESPONSE_STATUS) }), new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: [ ResponseBytes.schema(names.responseBytes || { names: { blockName: RESPONSE_BYTES } }) ] }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, [ RESPONSE_STATUS, RESPONSE_BYTES ]); const asn1 = asn1js__namespace.compareSchema(schema, schema, OCSPResponse.schema()); AsnError.assertSchema(asn1, this.className); this.responseStatus = asn1.result.responseStatus; if (RESPONSE_BYTES in asn1.result) this.responseBytes = new ResponseBytes({ schema: asn1.result.responseBytes }); } toSchema() { const outputArray = []; outputArray.push(this.responseStatus); if (this.responseBytes) { outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: [this.responseBytes.toSchema()] })); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const res = { responseStatus: this.responseStatus.toJSON() }; if (this.responseBytes) { res.responseBytes = this.responseBytes.toJSON(); } return res; } async getCertificateStatus(certificate, issuerCertificate, crypto = getCrypto(true)) { let basicResponse; const result = { isForCertificate: false, status: 2 }; if (!this.responseBytes) return result; if (this.responseBytes.responseType !== id_PKIX_OCSP_Basic) return result; try { const asn1Basic = asn1js__namespace.fromBER(this.responseBytes.response.valueBlock.valueHexView); AsnError.assert(asn1Basic, "Basic OCSP response"); basicResponse = new BasicOCSPResponse({ schema: asn1Basic.result }); } catch { return result; } return basicResponse.getCertificateStatus(certificate, issuerCertificate, crypto); } async sign(privateKey, hashAlgorithm, crypto = getCrypto(true)) { var _a; if (this.responseBytes && this.responseBytes.responseType === id_PKIX_OCSP_Basic) { const basicResponse = BasicOCSPResponse.fromBER(this.responseBytes.response.valueBlock.valueHexView); return basicResponse.sign(privateKey, hashAlgorithm, crypto); } throw new Error(`Unknown ResponseBytes type: ${((_a = this.responseBytes) === null || _a === void 0 ? void 0 : _a.responseType) || "Unknown"}`); } async verify(issuerCertificate = null, crypto = getCrypto(true)) { var _a; if ((RESPONSE_BYTES in this) === false) throw new Error("Empty ResponseBytes field"); if (this.responseBytes && this.responseBytes.responseType === id_PKIX_OCSP_Basic) { const basicResponse = BasicOCSPResponse.fromBER(this.responseBytes.response.valueBlock.valueHexView); if (issuerCertificate !== null) { if (!basicResponse.certs) { basicResponse.certs = []; } basicResponse.certs.push(issuerCertificate); } return basicResponse.verify({}, crypto); } throw new Error(`Unknown ResponseBytes type: ${((_a = this.responseBytes) === null || _a === void 0 ? void 0 : _a.responseType) || "Unknown"}`); } } OCSPResponse.CLASS_NAME = "OCSPResponse"; const TYPE = "type"; const ATTRIBUTES = "attributes"; const ENCODED_VALUE = "encodedValue"; const CLEAR_PROPS$6 = [ ATTRIBUTES ]; class SignedAndUnsignedAttributes extends PkiObject { constructor(parameters = {}) { super(); this.type = pvutils__namespace.getParametersValue(parameters, TYPE, SignedAndUnsignedAttributes.defaultValues(TYPE)); this.attributes = pvutils__namespace.getParametersValue(parameters, ATTRIBUTES, SignedAndUnsignedAttributes.defaultValues(ATTRIBUTES)); this.encodedValue = pvutils__namespace.getParametersValue(parameters, ENCODED_VALUE, SignedAndUnsignedAttributes.defaultValues(ENCODED_VALUE)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case TYPE: return (-1); case ATTRIBUTES: return []; case ENCODED_VALUE: return EMPTY_BUFFER; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case TYPE: return (memberValue === SignedAndUnsignedAttributes.defaultValues(TYPE)); case ATTRIBUTES: return (memberValue.length === 0); case ENCODED_VALUE: return (memberValue.byteLength === 0); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Constructed({ name: (names.blockName || EMPTY_STRING), optional: true, idBlock: { tagClass: 3, tagNumber: names.tagNumber || 0 }, value: [ new asn1js__namespace.Repeated({ name: (names.attributes || EMPTY_STRING), value: Attribute.schema() }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$6); const asn1 = asn1js__namespace.compareSchema(schema, schema, SignedAndUnsignedAttributes.schema({ names: { tagNumber: this.type, attributes: ATTRIBUTES } })); AsnError.assertSchema(asn1, this.className); this.type = asn1.result.idBlock.tagNumber; this.encodedValue = pvtsutils__namespace.BufferSourceConverter.toArrayBuffer(asn1.result.valueBeforeDecodeView); const encodedView = new Uint8Array(this.encodedValue); encodedView[0] = 0x31; if ((ATTRIBUTES in asn1.result) === false) { if (this.type === 0) throw new Error("Wrong structure of SignedUnsignedAttributes"); else return; } this.attributes = Array.from(asn1.result.attributes, element => new Attribute({ schema: element })); } toSchema() { if (SignedAndUnsignedAttributes.compareWithDefault(TYPE, this.type) || SignedAndUnsignedAttributes.compareWithDefault(ATTRIBUTES, this.attributes)) throw new Error("Incorrectly initialized \"SignedAndUnsignedAttributes\" class"); return (new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: this.type }, value: Array.from(this.attributes, o => o.toSchema()) })); } toJSON() { if (SignedAndUnsignedAttributes.compareWithDefault(TYPE, this.type) || SignedAndUnsignedAttributes.compareWithDefault(ATTRIBUTES, this.attributes)) throw new Error("Incorrectly initialized \"SignedAndUnsignedAttributes\" class"); return { type: this.type, attributes: Array.from(this.attributes, o => o.toJSON()) }; } } SignedAndUnsignedAttributes.CLASS_NAME = "SignedAndUnsignedAttributes"; const VERSION$4 = "version"; const SID = "sid"; const DIGEST_ALGORITHM = "digestAlgorithm"; const SIGNED_ATTRS = "signedAttrs"; const SIGNATURE_ALGORITHM = "signatureAlgorithm"; const SIGNATURE = "signature"; const UNSIGNED_ATTRS = "unsignedAttrs"; const SIGNER_INFO = "SignerInfo"; const SIGNER_INFO_VERSION = `${SIGNER_INFO}.${VERSION$4}`; const SIGNER_INFO_SID = `${SIGNER_INFO}.${SID}`; const SIGNER_INFO_DIGEST_ALGORITHM = `${SIGNER_INFO}.${DIGEST_ALGORITHM}`; const SIGNER_INFO_SIGNED_ATTRS = `${SIGNER_INFO}.${SIGNED_ATTRS}`; const SIGNER_INFO_SIGNATURE_ALGORITHM = `${SIGNER_INFO}.${SIGNATURE_ALGORITHM}`; const SIGNER_INFO_SIGNATURE = `${SIGNER_INFO}.${SIGNATURE}`; const SIGNER_INFO_UNSIGNED_ATTRS = `${SIGNER_INFO}.${UNSIGNED_ATTRS}`; const CLEAR_PROPS$5 = [ SIGNER_INFO_VERSION, SIGNER_INFO_SID, SIGNER_INFO_DIGEST_ALGORITHM, SIGNER_INFO_SIGNED_ATTRS, SIGNER_INFO_SIGNATURE_ALGORITHM, SIGNER_INFO_SIGNATURE, SIGNER_INFO_UNSIGNED_ATTRS ]; class SignerInfo extends PkiObject { constructor(parameters = {}) { super(); this.version = pvutils__namespace.getParametersValue(parameters, VERSION$4, SignerInfo.defaultValues(VERSION$4)); this.sid = pvutils__namespace.getParametersValue(parameters, SID, SignerInfo.defaultValues(SID)); this.digestAlgorithm = pvutils__namespace.getParametersValue(parameters, DIGEST_ALGORITHM, SignerInfo.defaultValues(DIGEST_ALGORITHM)); if (SIGNED_ATTRS in parameters) { this.signedAttrs = pvutils__namespace.getParametersValue(parameters, SIGNED_ATTRS, SignerInfo.defaultValues(SIGNED_ATTRS)); } this.signatureAlgorithm = pvutils__namespace.getParametersValue(parameters, SIGNATURE_ALGORITHM, SignerInfo.defaultValues(SIGNATURE_ALGORITHM)); this.signature = pvutils__namespace.getParametersValue(parameters, SIGNATURE, SignerInfo.defaultValues(SIGNATURE)); if (UNSIGNED_ATTRS in parameters) { this.unsignedAttrs = pvutils__namespace.getParametersValue(parameters, UNSIGNED_ATTRS, SignerInfo.defaultValues(UNSIGNED_ATTRS)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case VERSION$4: return 0; case SID: return new asn1js__namespace.Any(); case DIGEST_ALGORITHM: return new AlgorithmIdentifier(); case SIGNED_ATTRS: return new SignedAndUnsignedAttributes({ type: 0 }); case SIGNATURE_ALGORITHM: return new AlgorithmIdentifier(); case SIGNATURE: return new asn1js__namespace.OctetString(); case UNSIGNED_ATTRS: return new SignedAndUnsignedAttributes({ type: 1 }); default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case VERSION$4: return (SignerInfo.defaultValues(VERSION$4) === memberValue); case SID: return (memberValue instanceof asn1js__namespace.Any); case DIGEST_ALGORITHM: if ((memberValue instanceof AlgorithmIdentifier) === false) return false; return memberValue.isEqual(SignerInfo.defaultValues(DIGEST_ALGORITHM)); case SIGNED_ATTRS: return ((SignedAndUnsignedAttributes.compareWithDefault("type", memberValue.type)) && (SignedAndUnsignedAttributes.compareWithDefault("attributes", memberValue.attributes)) && (SignedAndUnsignedAttributes.compareWithDefault("encodedValue", memberValue.encodedValue))); case SIGNATURE_ALGORITHM: if ((memberValue instanceof AlgorithmIdentifier) === false) return false; return memberValue.isEqual(SignerInfo.defaultValues(SIGNATURE_ALGORITHM)); case SIGNATURE: case UNSIGNED_ATTRS: return ((SignedAndUnsignedAttributes.compareWithDefault("type", memberValue.type)) && (SignedAndUnsignedAttributes.compareWithDefault("attributes", memberValue.attributes)) && (SignedAndUnsignedAttributes.compareWithDefault("encodedValue", memberValue.encodedValue))); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: SIGNER_INFO, value: [ new asn1js__namespace.Integer({ name: (names.version || SIGNER_INFO_VERSION) }), new asn1js__namespace.Choice({ value: [ IssuerAndSerialNumber.schema(names.sidSchema || { names: { blockName: SIGNER_INFO_SID } }), new asn1js__namespace.Choice({ value: [ new asn1js__namespace.Constructed({ optional: true, name: (names.sid || SIGNER_INFO_SID), idBlock: { tagClass: 3, tagNumber: 0 }, value: [new asn1js__namespace.OctetString()] }), new asn1js__namespace.Primitive({ optional: true, name: (names.sid || SIGNER_INFO_SID), idBlock: { tagClass: 3, tagNumber: 0 } }), ] }), ] }), AlgorithmIdentifier.schema(names.digestAlgorithm || { names: { blockName: SIGNER_INFO_DIGEST_ALGORITHM } }), SignedAndUnsignedAttributes.schema(names.signedAttrs || { names: { blockName: SIGNER_INFO_SIGNED_ATTRS, tagNumber: 0 } }), AlgorithmIdentifier.schema(names.signatureAlgorithm || { names: { blockName: SIGNER_INFO_SIGNATURE_ALGORITHM } }), new asn1js__namespace.OctetString({ name: (names.signature || SIGNER_INFO_SIGNATURE) }), SignedAndUnsignedAttributes.schema(names.unsignedAttrs || { names: { blockName: SIGNER_INFO_UNSIGNED_ATTRS, tagNumber: 1 } }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$5); const asn1 = asn1js__namespace.compareSchema(schema, schema, SignerInfo.schema()); AsnError.assertSchema(asn1, this.className); this.version = asn1.result[SIGNER_INFO_VERSION].valueBlock.valueDec; const currentSid = asn1.result[SIGNER_INFO_SID]; if (currentSid.idBlock.tagClass === 1) this.sid = new IssuerAndSerialNumber({ schema: currentSid }); else this.sid = currentSid; this.digestAlgorithm = new AlgorithmIdentifier({ schema: asn1.result[SIGNER_INFO_DIGEST_ALGORITHM] }); if (SIGNER_INFO_SIGNED_ATTRS in asn1.result) this.signedAttrs = new SignedAndUnsignedAttributes({ type: 0, schema: asn1.result[SIGNER_INFO_SIGNED_ATTRS] }); this.signatureAlgorithm = new AlgorithmIdentifier({ schema: asn1.result[SIGNER_INFO_SIGNATURE_ALGORITHM] }); this.signature = asn1.result[SIGNER_INFO_SIGNATURE]; if (SIGNER_INFO_UNSIGNED_ATTRS in asn1.result) this.unsignedAttrs = new SignedAndUnsignedAttributes({ type: 1, schema: asn1.result[SIGNER_INFO_UNSIGNED_ATTRS] }); } toSchema() { if (SignerInfo.compareWithDefault(SID, this.sid)) throw new Error("Incorrectly initialized \"SignerInfo\" class"); const outputArray = []; outputArray.push(new asn1js__namespace.Integer({ value: this.version })); if (this.sid instanceof IssuerAndSerialNumber) outputArray.push(this.sid.toSchema()); else outputArray.push(this.sid); outputArray.push(this.digestAlgorithm.toSchema()); if (this.signedAttrs) { if (SignerInfo.compareWithDefault(SIGNED_ATTRS, this.signedAttrs) === false) outputArray.push(this.signedAttrs.toSchema()); } outputArray.push(this.signatureAlgorithm.toSchema()); outputArray.push(this.signature); if (this.unsignedAttrs) { if (SignerInfo.compareWithDefault(UNSIGNED_ATTRS, this.unsignedAttrs) === false) outputArray.push(this.unsignedAttrs.toSchema()); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { if (SignerInfo.compareWithDefault(SID, this.sid)) { throw new Error("Incorrectly initialized \"SignerInfo\" class"); } const res = { version: this.version, digestAlgorithm: this.digestAlgorithm.toJSON(), signatureAlgorithm: this.signatureAlgorithm.toJSON(), signature: this.signature.toJSON(), }; if (!(this.sid instanceof asn1js__namespace.Any)) res.sid = this.sid.toJSON(); if (this.signedAttrs && SignerInfo.compareWithDefault(SIGNED_ATTRS, this.signedAttrs) === false) { res.signedAttrs = this.signedAttrs.toJSON(); } if (this.unsignedAttrs && SignerInfo.compareWithDefault(UNSIGNED_ATTRS, this.unsignedAttrs) === false) { res.unsignedAttrs = this.unsignedAttrs.toJSON(); } return res; } } SignerInfo.CLASS_NAME = "SignerInfo"; const VERSION$3 = "version"; const POLICY = "policy"; const MESSAGE_IMPRINT$1 = "messageImprint"; const SERIAL_NUMBER = "serialNumber"; const GEN_TIME = "genTime"; const ORDERING = "ordering"; const NONCE$1 = "nonce"; const ACCURACY = "accuracy"; const TSA = "tsa"; const EXTENSIONS$1 = "extensions"; const TST_INFO = "TSTInfo"; const TST_INFO_VERSION = `${TST_INFO}.${VERSION$3}`; const TST_INFO_POLICY = `${TST_INFO}.${POLICY}`; const TST_INFO_MESSAGE_IMPRINT = `${TST_INFO}.${MESSAGE_IMPRINT$1}`; const TST_INFO_SERIAL_NUMBER = `${TST_INFO}.${SERIAL_NUMBER}`; const TST_INFO_GEN_TIME = `${TST_INFO}.${GEN_TIME}`; const TST_INFO_ACCURACY = `${TST_INFO}.${ACCURACY}`; const TST_INFO_ORDERING = `${TST_INFO}.${ORDERING}`; const TST_INFO_NONCE = `${TST_INFO}.${NONCE$1}`; const TST_INFO_TSA = `${TST_INFO}.${TSA}`; const TST_INFO_EXTENSIONS = `${TST_INFO}.${EXTENSIONS$1}`; const CLEAR_PROPS$4 = [ TST_INFO_VERSION, TST_INFO_POLICY, TST_INFO_MESSAGE_IMPRINT, TST_INFO_SERIAL_NUMBER, TST_INFO_GEN_TIME, TST_INFO_ACCURACY, TST_INFO_ORDERING, TST_INFO_NONCE, TST_INFO_TSA, TST_INFO_EXTENSIONS ]; class TSTInfo extends PkiObject { constructor(parameters = {}) { super(); this.version = pvutils__namespace.getParametersValue(parameters, VERSION$3, TSTInfo.defaultValues(VERSION$3)); this.policy = pvutils__namespace.getParametersValue(parameters, POLICY, TSTInfo.defaultValues(POLICY)); this.messageImprint = pvutils__namespace.getParametersValue(parameters, MESSAGE_IMPRINT$1, TSTInfo.defaultValues(MESSAGE_IMPRINT$1)); this.serialNumber = pvutils__namespace.getParametersValue(parameters, SERIAL_NUMBER, TSTInfo.defaultValues(SERIAL_NUMBER)); this.genTime = pvutils__namespace.getParametersValue(parameters, GEN_TIME, TSTInfo.defaultValues(GEN_TIME)); if (ACCURACY in parameters) { this.accuracy = pvutils__namespace.getParametersValue(parameters, ACCURACY, TSTInfo.defaultValues(ACCURACY)); } if (ORDERING in parameters) { this.ordering = pvutils__namespace.getParametersValue(parameters, ORDERING, TSTInfo.defaultValues(ORDERING)); } if (NONCE$1 in parameters) { this.nonce = pvutils__namespace.getParametersValue(parameters, NONCE$1, TSTInfo.defaultValues(NONCE$1)); } if (TSA in parameters) { this.tsa = pvutils__namespace.getParametersValue(parameters, TSA, TSTInfo.defaultValues(TSA)); } if (EXTENSIONS$1 in parameters) { this.extensions = pvutils__namespace.getParametersValue(parameters, EXTENSIONS$1, TSTInfo.defaultValues(EXTENSIONS$1)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case VERSION$3: return 0; case POLICY: return EMPTY_STRING; case MESSAGE_IMPRINT$1: return new MessageImprint(); case SERIAL_NUMBER: return new asn1js__namespace.Integer(); case GEN_TIME: return new Date(0, 0, 0); case ACCURACY: return new Accuracy(); case ORDERING: return false; case NONCE$1: return new asn1js__namespace.Integer(); case TSA: return new GeneralName(); case EXTENSIONS$1: return []; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case VERSION$3: case POLICY: case GEN_TIME: case ORDERING: return (memberValue === TSTInfo.defaultValues(ORDERING)); case MESSAGE_IMPRINT$1: return ((MessageImprint.compareWithDefault(HASH_ALGORITHM, memberValue.hashAlgorithm)) && (MessageImprint.compareWithDefault(HASHED_MESSAGE, memberValue.hashedMessage))); case SERIAL_NUMBER: case NONCE$1: return (memberValue.isEqual(TSTInfo.defaultValues(NONCE$1))); case ACCURACY: return ((Accuracy.compareWithDefault(SECONDS, memberValue.seconds)) && (Accuracy.compareWithDefault(MILLIS, memberValue.millis)) && (Accuracy.compareWithDefault(MICROS, memberValue.micros))); case TSA: return ((GeneralName.compareWithDefault(TYPE$4, memberValue.type)) && (GeneralName.compareWithDefault(VALUE$5, memberValue.value))); case EXTENSIONS$1: return (memberValue.length === 0); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || TST_INFO), value: [ new asn1js__namespace.Integer({ name: (names.version || TST_INFO_VERSION) }), new asn1js__namespace.ObjectIdentifier({ name: (names.policy || TST_INFO_POLICY) }), MessageImprint.schema(names.messageImprint || { names: { blockName: TST_INFO_MESSAGE_IMPRINT } }), new asn1js__namespace.Integer({ name: (names.serialNumber || TST_INFO_SERIAL_NUMBER) }), new asn1js__namespace.GeneralizedTime({ name: (names.genTime || TST_INFO_GEN_TIME) }), Accuracy.schema(names.accuracy || { names: { blockName: TST_INFO_ACCURACY } }), new asn1js__namespace.Boolean({ name: (names.ordering || TST_INFO_ORDERING), optional: true }), new asn1js__namespace.Integer({ name: (names.nonce || TST_INFO_NONCE), optional: true }), new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: [GeneralName.schema(names.tsa || { names: { blockName: TST_INFO_TSA } })] }), new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 1 }, value: [ new asn1js__namespace.Repeated({ name: (names.extensions || TST_INFO_EXTENSIONS), value: Extension.schema(names.extension || {}) }) ] }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$4); const asn1 = asn1js__namespace.compareSchema(schema, schema, TSTInfo.schema()); AsnError.assertSchema(asn1, this.className); this.version = asn1.result[TST_INFO_VERSION].valueBlock.valueDec; this.policy = asn1.result[TST_INFO_POLICY].valueBlock.toString(); this.messageImprint = new MessageImprint({ schema: asn1.result[TST_INFO_MESSAGE_IMPRINT] }); this.serialNumber = asn1.result[TST_INFO_SERIAL_NUMBER]; this.genTime = asn1.result[TST_INFO_GEN_TIME].toDate(); if (TST_INFO_ACCURACY in asn1.result) this.accuracy = new Accuracy({ schema: asn1.result[TST_INFO_ACCURACY] }); if (TST_INFO_ORDERING in asn1.result) this.ordering = asn1.result[TST_INFO_ORDERING].valueBlock.value; if (TST_INFO_NONCE in asn1.result) this.nonce = asn1.result[TST_INFO_NONCE]; if (TST_INFO_TSA in asn1.result) this.tsa = new GeneralName({ schema: asn1.result[TST_INFO_TSA] }); if (TST_INFO_EXTENSIONS in asn1.result) this.extensions = Array.from(asn1.result[TST_INFO_EXTENSIONS], element => new Extension({ schema: element })); } toSchema() { const outputArray = []; outputArray.push(new asn1js__namespace.Integer({ value: this.version })); outputArray.push(new asn1js__namespace.ObjectIdentifier({ value: this.policy })); outputArray.push(this.messageImprint.toSchema()); outputArray.push(this.serialNumber); outputArray.push(new asn1js__namespace.GeneralizedTime({ valueDate: this.genTime })); if (this.accuracy) outputArray.push(this.accuracy.toSchema()); if (this.ordering !== undefined) outputArray.push(new asn1js__namespace.Boolean({ value: this.ordering })); if (this.nonce) outputArray.push(this.nonce); if (this.tsa) { outputArray.push(new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: [this.tsa.toSchema()] })); } if (this.extensions) { outputArray.push(new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 1 }, value: Array.from(this.extensions, o => o.toSchema()) })); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const res = { version: this.version, policy: this.policy, messageImprint: this.messageImprint.toJSON(), serialNumber: this.serialNumber.toJSON(), genTime: this.genTime }; if (this.accuracy) res.accuracy = this.accuracy.toJSON(); if (this.ordering !== undefined) res.ordering = this.ordering; if (this.nonce) res.nonce = this.nonce.toJSON(); if (this.tsa) res.tsa = this.tsa.toJSON(); if (this.extensions) res.extensions = Array.from(this.extensions, o => o.toJSON()); return res; } async verify(params, crypto = getCrypto(true)) { if (!params.data) { throw new Error("\"data\" is a mandatory attribute for TST_INFO verification"); } const data = params.data; if (params.notBefore) { if (this.genTime < params.notBefore) throw new Error("Generation time for TSTInfo object is less than notBefore value"); } if (params.notAfter) { if (this.genTime > params.notAfter) throw new Error("Generation time for TSTInfo object is more than notAfter value"); } const shaAlgorithm = crypto.getAlgorithmByOID(this.messageImprint.hashAlgorithm.algorithmId, true, "MessageImprint.hashAlgorithm"); const hash = await crypto.digest(shaAlgorithm.name, new Uint8Array(data)); return pvtsutils__namespace.BufferSourceConverter.isEqual(hash, this.messageImprint.hashedMessage.valueBlock.valueHexView); } } TSTInfo.CLASS_NAME = "TSTInfo"; const VERSION$2 = "version"; const DIGEST_ALGORITHMS = "digestAlgorithms"; const ENCAP_CONTENT_INFO = "encapContentInfo"; const CERTIFICATES = "certificates"; const CRLS = "crls"; const SIGNER_INFOS = "signerInfos"; const OCSPS = "ocsps"; const SIGNED_DATA = "SignedData"; const SIGNED_DATA_VERSION = `${SIGNED_DATA}.${VERSION$2}`; const SIGNED_DATA_DIGEST_ALGORITHMS = `${SIGNED_DATA}.${DIGEST_ALGORITHMS}`; const SIGNED_DATA_ENCAP_CONTENT_INFO = `${SIGNED_DATA}.${ENCAP_CONTENT_INFO}`; const SIGNED_DATA_CERTIFICATES = `${SIGNED_DATA}.${CERTIFICATES}`; const SIGNED_DATA_CRLS = `${SIGNED_DATA}.${CRLS}`; const SIGNED_DATA_SIGNER_INFOS = `${SIGNED_DATA}.${SIGNER_INFOS}`; const CLEAR_PROPS$3 = [ SIGNED_DATA_VERSION, SIGNED_DATA_DIGEST_ALGORITHMS, SIGNED_DATA_ENCAP_CONTENT_INFO, SIGNED_DATA_CERTIFICATES, SIGNED_DATA_CRLS, SIGNED_DATA_SIGNER_INFOS ]; class SignedDataVerifyError extends Error { constructor({ message, code = 0, date = new Date(), signatureVerified = null, signerCertificate = null, signerCertificateVerified = null, timestampSerial = null, certificatePath = [], }) { super(message); this.name = "SignedDataVerifyError"; this.date = date; this.code = code; this.timestampSerial = timestampSerial; this.signatureVerified = signatureVerified; this.signerCertificate = signerCertificate; this.signerCertificateVerified = signerCertificateVerified; this.certificatePath = certificatePath; } } class SignedData extends PkiObject { constructor(parameters = {}) { super(); this.version = pvutils__namespace.getParametersValue(parameters, VERSION$2, SignedData.defaultValues(VERSION$2)); this.digestAlgorithms = pvutils__namespace.getParametersValue(parameters, DIGEST_ALGORITHMS, SignedData.defaultValues(DIGEST_ALGORITHMS)); this.encapContentInfo = pvutils__namespace.getParametersValue(parameters, ENCAP_CONTENT_INFO, SignedData.defaultValues(ENCAP_CONTENT_INFO)); if (CERTIFICATES in parameters) { this.certificates = pvutils__namespace.getParametersValue(parameters, CERTIFICATES, SignedData.defaultValues(CERTIFICATES)); } if (CRLS in parameters) { this.crls = pvutils__namespace.getParametersValue(parameters, CRLS, SignedData.defaultValues(CRLS)); } if (OCSPS in parameters) { this.ocsps = pvutils__namespace.getParametersValue(parameters, OCSPS, SignedData.defaultValues(OCSPS)); } this.signerInfos = pvutils__namespace.getParametersValue(parameters, SIGNER_INFOS, SignedData.defaultValues(SIGNER_INFOS)); if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case VERSION$2: return 0; case DIGEST_ALGORITHMS: return []; case ENCAP_CONTENT_INFO: return new EncapsulatedContentInfo(); case CERTIFICATES: return []; case CRLS: return []; case OCSPS: return []; case SIGNER_INFOS: return []; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case VERSION$2: return (memberValue === SignedData.defaultValues(VERSION$2)); case ENCAP_CONTENT_INFO: return EncapsulatedContentInfo.compareWithDefault("eContentType", memberValue.eContentType) && EncapsulatedContentInfo.compareWithDefault("eContent", memberValue.eContent); case DIGEST_ALGORITHMS: case CERTIFICATES: case CRLS: case OCSPS: case SIGNER_INFOS: return (memberValue.length === 0); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); if (names.optional === undefined) { names.optional = false; } return (new asn1js__namespace.Sequence({ name: (names.blockName || SIGNED_DATA), optional: names.optional, value: [ new asn1js__namespace.Integer({ name: (names.version || SIGNED_DATA_VERSION) }), new asn1js__namespace.Set({ value: [ new asn1js__namespace.Repeated({ name: (names.digestAlgorithms || SIGNED_DATA_DIGEST_ALGORITHMS), value: AlgorithmIdentifier.schema() }) ] }), EncapsulatedContentInfo.schema(names.encapContentInfo || { names: { blockName: SIGNED_DATA_ENCAP_CONTENT_INFO } }), new asn1js__namespace.Constructed({ name: (names.certificates || SIGNED_DATA_CERTIFICATES), optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: CertificateSet.schema().valueBlock.value }), new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 1 }, value: RevocationInfoChoices.schema(names.crls || { names: { crls: SIGNED_DATA_CRLS } }).valueBlock.value }), new asn1js__namespace.Set({ value: [ new asn1js__namespace.Repeated({ name: (names.signerInfos || SIGNED_DATA_SIGNER_INFOS), value: SignerInfo.schema() }) ] }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$3); const asn1 = asn1js__namespace.compareSchema(schema, schema, SignedData.schema()); AsnError.assertSchema(asn1, this.className); this.version = asn1.result[SIGNED_DATA_VERSION].valueBlock.valueDec; if (SIGNED_DATA_DIGEST_ALGORITHMS in asn1.result) this.digestAlgorithms = Array.from(asn1.result[SIGNED_DATA_DIGEST_ALGORITHMS], algorithm => new AlgorithmIdentifier({ schema: algorithm })); this.encapContentInfo = new EncapsulatedContentInfo({ schema: asn1.result[SIGNED_DATA_ENCAP_CONTENT_INFO] }); if (SIGNED_DATA_CERTIFICATES in asn1.result) { const certificateSet = new CertificateSet({ schema: new asn1js__namespace.Set({ value: asn1.result[SIGNED_DATA_CERTIFICATES].valueBlock.value }) }); this.certificates = certificateSet.certificates.slice(0); } if (SIGNED_DATA_CRLS in asn1.result) { this.crls = Array.from(asn1.result[SIGNED_DATA_CRLS], (crl) => { if (crl.idBlock.tagClass === 1) return new CertificateRevocationList({ schema: crl }); crl.idBlock.tagClass = 1; crl.idBlock.tagNumber = 16; return new OtherRevocationInfoFormat({ schema: crl }); }); } if (SIGNED_DATA_SIGNER_INFOS in asn1.result) this.signerInfos = Array.from(asn1.result[SIGNED_DATA_SIGNER_INFOS], signerInfoSchema => new SignerInfo({ schema: signerInfoSchema })); } toSchema(encodeFlag = false) { const outputArray = []; if ((this.certificates && this.certificates.length && this.certificates.some(o => o instanceof OtherCertificateFormat)) || (this.crls && this.crls.length && this.crls.some(o => o instanceof OtherRevocationInfoFormat))) { this.version = 5; } else if (this.certificates && this.certificates.length && this.certificates.some(o => o instanceof AttributeCertificateV2)) { this.version = 4; } else if ((this.certificates && this.certificates.length && this.certificates.some(o => o instanceof AttributeCertificateV1)) || this.signerInfos.some(o => o.version === 3) || this.encapContentInfo.eContentType !== SignedData.ID_DATA) { this.version = 3; } else { this.version = 1; } outputArray.push(new asn1js__namespace.Integer({ value: this.version })); outputArray.push(new asn1js__namespace.Set({ value: Array.from(this.digestAlgorithms, algorithm => algorithm.toSchema()) })); outputArray.push(this.encapContentInfo.toSchema()); if (this.certificates) { const certificateSet = new CertificateSet({ certificates: this.certificates }); const certificateSetSchema = certificateSet.toSchema(); outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: certificateSetSchema.valueBlock.value })); } if (this.crls) { outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 1 }, value: Array.from(this.crls, crl => { if (crl instanceof OtherRevocationInfoFormat) { const crlSchema = crl.toSchema(); crlSchema.idBlock.tagClass = 3; crlSchema.idBlock.tagNumber = 1; return crlSchema; } return crl.toSchema(encodeFlag); }) })); } outputArray.push(new asn1js__namespace.Set({ value: Array.from(this.signerInfos, signerInfo => signerInfo.toSchema()) })); return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const res = { version: this.version, digestAlgorithms: Array.from(this.digestAlgorithms, algorithm => algorithm.toJSON()), encapContentInfo: this.encapContentInfo.toJSON(), signerInfos: Array.from(this.signerInfos, signerInfo => signerInfo.toJSON()), }; if (this.certificates) { res.certificates = Array.from(this.certificates, certificate => certificate.toJSON()); } if (this.crls) { res.crls = Array.from(this.crls, crl => crl.toJSON()); } return res; } async verify({ signer = (-1), data = (EMPTY_BUFFER), trustedCerts = [], checkDate = (new Date()), checkChain = false, passedWhenNotRevValues = false, extendedMode = false, findOrigin = null, findIssuer = null } = {}, crypto = getCrypto(true)) { let signerCert = null; let timestampSerial = null; try { let messageDigestValue = EMPTY_BUFFER; let shaAlgorithm = EMPTY_STRING; let certificatePath = []; const signerInfo = this.signerInfos[signer]; if (!signerInfo) { throw new SignedDataVerifyError({ date: checkDate, code: 1, message: "Unable to get signer by supplied index", }); } if (!this.certificates) { throw new SignedDataVerifyError({ date: checkDate, code: 2, message: "No certificates attached to this signed data", }); } if (signerInfo.sid instanceof IssuerAndSerialNumber) { for (const certificate of this.certificates) { if (!(certificate instanceof Certificate)) continue; if ((certificate.issuer.isEqual(signerInfo.sid.issuer)) && (certificate.serialNumber.isEqual(signerInfo.sid.serialNumber))) { signerCert = certificate; break; } } } else { const sid = signerInfo.sid; const keyId = sid.idBlock.isConstructed ? sid.valueBlock.value[0].valueBlock.valueHex : sid.valueBlock.valueHex; for (const certificate of this.certificates) { if (!(certificate instanceof Certificate)) { continue; } const digest = await crypto.digest({ name: "sha-1" }, certificate.subjectPublicKeyInfo.subjectPublicKey.valueBlock.valueHexView); if (pvutils__namespace.isEqualBuffer(digest, keyId)) { signerCert = certificate; break; } } } if (!signerCert) { throw new SignedDataVerifyError({ date: checkDate, code: 3, message: "Unable to find signer certificate", }); } if (this.encapContentInfo.eContentType === id_eContentType_TSTInfo) { if (!this.encapContentInfo.eContent) { throw new SignedDataVerifyError({ date: checkDate, code: 15, message: "Error during verification: TSTInfo eContent is empty", signatureVerified: null, signerCertificate: signerCert, timestampSerial, signerCertificateVerified: true }); } let tstInfo; try { tstInfo = TSTInfo.fromBER(this.encapContentInfo.eContent.valueBlock.valueHexView); } catch { throw new SignedDataVerifyError({ date: checkDate, code: 15, message: "Error during verification: TSTInfo wrong ASN.1 schema ", signatureVerified: null, signerCertificate: signerCert, timestampSerial, signerCertificateVerified: true }); } checkDate = tstInfo.genTime; timestampSerial = tstInfo.serialNumber.valueBlock.valueHexView.slice().buffer; if (data.byteLength === 0) { throw new SignedDataVerifyError({ date: checkDate, code: 4, message: "Missed detached data input array", }); } if (!(await tstInfo.verify({ data }, crypto))) { throw new SignedDataVerifyError({ date: checkDate, code: 15, message: "Error during verification: TSTInfo verification is failed", signatureVerified: false, signerCertificate: signerCert, timestampSerial, signerCertificateVerified: true }); } } if (checkChain) { const certs = this.certificates.filter(certificate => (certificate instanceof Certificate && !!checkCA(certificate, signerCert))); const chainParams = { checkDate, certs, trustedCerts, }; if (findIssuer) { chainParams.findIssuer = findIssuer; } if (findOrigin) { chainParams.findOrigin = findOrigin; } const chainEngine = new CertificateChainValidationEngine(chainParams); chainEngine.certs.push(signerCert); if (this.crls) { for (const crl of this.crls) { if ("thisUpdate" in crl) chainEngine.crls.push(crl); else { if (crl.otherRevInfoFormat === id_PKIX_OCSP_Basic) chainEngine.ocsps.push(new BasicOCSPResponse({ schema: crl.otherRevInfo })); } } } if (this.ocsps) { chainEngine.ocsps.push(...(this.ocsps)); } const verificationResult = await chainEngine.verify({ passedWhenNotRevValues }, crypto) .catch(e => { throw new SignedDataVerifyError({ date: checkDate, code: 5, message: `Validation of signer's certificate failed with error: ${((e instanceof Object) ? e.resultMessage : e)}`, signerCertificate: signerCert, signerCertificateVerified: false }); }); if (verificationResult.certificatePath) { certificatePath = verificationResult.certificatePath; } if (!verificationResult.result) throw new SignedDataVerifyError({ date: checkDate, code: 5, message: `Validation of signer's certificate failed: ${verificationResult.resultMessage}`, signerCertificate: signerCert, signerCertificateVerified: false }); } const signerInfoHashAlgorithm = crypto.getAlgorithmByOID(signerInfo.digestAlgorithm.algorithmId); if (!("name" in signerInfoHashAlgorithm)) { throw new SignedDataVerifyError({ date: checkDate, code: 7, message: `Unsupported signature algorithm: ${signerInfo.digestAlgorithm.algorithmId}`, signerCertificate: signerCert, signerCertificateVerified: true }); } shaAlgorithm = signerInfoHashAlgorithm.name; const eContent = this.encapContentInfo.eContent; if (eContent) { if ((eContent.idBlock.tagClass === 1) && (eContent.idBlock.tagNumber === 4)) { data = eContent.getValue(); } else data = eContent.valueBlock.valueBeforeDecodeView.slice().buffer; } else { if (data.byteLength === 0) { throw new SignedDataVerifyError({ date: checkDate, code: 8, message: "Missed detached data input array", signerCertificate: signerCert, signerCertificateVerified: true }); } } if (signerInfo.signedAttrs) { let foundContentType = false; let foundMessageDigest = false; for (const attribute of signerInfo.signedAttrs.attributes) { if (attribute.type === "1.2.840.113549.1.9.3") foundContentType = true; if (attribute.type === "1.2.840.113549.1.9.4") { foundMessageDigest = true; messageDigestValue = attribute.values[0].valueBlock.valueHex; } if (foundContentType && foundMessageDigest) break; } if (foundContentType === false) { throw new SignedDataVerifyError({ date: checkDate, code: 9, message: "Attribute \"content-type\" is a mandatory attribute for \"signed attributes\"", signerCertificate: signerCert, signerCertificateVerified: true }); } if (foundMessageDigest === false) { throw new SignedDataVerifyError({ date: checkDate, code: 10, message: "Attribute \"message-digest\" is a mandatory attribute for \"signed attributes\"", signatureVerified: null, signerCertificate: signerCert, signerCertificateVerified: true }); } } if (signerInfo.signedAttrs) { const messageDigest = await crypto.digest(shaAlgorithm, new Uint8Array(data)); if (!pvutils__namespace.isEqualBuffer(messageDigest, messageDigestValue)) { throw new SignedDataVerifyError({ date: checkDate, code: 15, message: "Error during verification: Message digest doesn't match", signatureVerified: null, signerCertificate: signerCert, timestampSerial, signerCertificateVerified: true }); } data = signerInfo.signedAttrs.encodedValue; } const verifyResult = signerInfo.signatureAlgorithm.algorithmId === "1.2.840.113549.1.1.1" ? await crypto.verifyWithPublicKey(data, signerInfo.signature, signerCert.subjectPublicKeyInfo, signerInfo.signatureAlgorithm, shaAlgorithm) : await crypto.verifyWithPublicKey(data, signerInfo.signature, signerCert.subjectPublicKeyInfo, signerInfo.signatureAlgorithm); if (extendedMode) { return { date: checkDate, code: 14, message: EMPTY_STRING, signatureVerified: verifyResult, signerCertificate: signerCert, timestampSerial, signerCertificateVerified: true, certificatePath }; } else { return verifyResult; } } catch (e) { if (e instanceof SignedDataVerifyError) { throw e; } throw new SignedDataVerifyError({ date: checkDate, code: 15, message: `Error during verification: ${e instanceof Error ? e.message : e}`, signatureVerified: null, signerCertificate: signerCert, timestampSerial, signerCertificateVerified: true }); } } async sign(privateKey, signerIndex, hashAlgorithm = "SHA-1", data = (EMPTY_BUFFER), crypto = getCrypto(true)) { var _a; if (!privateKey) throw new Error("Need to provide a private key for signing"); const signerInfo = this.signerInfos[signerIndex]; if (!signerInfo) { throw new RangeError("SignerInfo index is out of range"); } if (!((_a = signerInfo.signedAttrs) === null || _a === void 0 ? void 0 : _a.attributes.length) && "hash" in privateKey.algorithm && "hash" in privateKey.algorithm && privateKey.algorithm.hash) { hashAlgorithm = privateKey.algorithm.hash.name; } const hashAlgorithmOID = crypto.getOIDByAlgorithm({ name: hashAlgorithm }, true, "hashAlgorithm"); if ((this.digestAlgorithms.filter(algorithm => algorithm.algorithmId === hashAlgorithmOID)).length === 0) { this.digestAlgorithms.push(new AlgorithmIdentifier({ algorithmId: hashAlgorithmOID, algorithmParams: new asn1js__namespace.Null() })); } signerInfo.digestAlgorithm = new AlgorithmIdentifier({ algorithmId: hashAlgorithmOID, algorithmParams: new asn1js__namespace.Null() }); const signatureParams = await crypto.getSignatureParameters(privateKey, hashAlgorithm); const parameters = signatureParams.parameters; signerInfo.signatureAlgorithm = signatureParams.signatureAlgorithm; if (signerInfo.signedAttrs) { if (signerInfo.signedAttrs.encodedValue.byteLength !== 0) data = signerInfo.signedAttrs.encodedValue; else { data = signerInfo.signedAttrs.toSchema().toBER(); const view = pvtsutils__namespace.BufferSourceConverter.toUint8Array(data); view[0] = 0x31; } } else { const eContent = this.encapContentInfo.eContent; if (eContent) { if ((eContent.idBlock.tagClass === 1) && (eContent.idBlock.tagNumber === 4)) { data = eContent.getValue(); } else data = eContent.valueBlock.valueBeforeDecodeView.slice().buffer; } else { if (data.byteLength === 0) throw new Error("Missed detached data input array"); } } const signature = await crypto.signWithPrivateKey(data, privateKey, parameters); signerInfo.signature = new asn1js__namespace.OctetString({ valueHex: signature }); } } SignedData.CLASS_NAME = "SignedData"; SignedData.ID_DATA = id_ContentType_Data; const VERSION$1 = "version"; const AUTH_SAFE = "authSafe"; const MAC_DATA = "macData"; const PARSED_VALUE = "parsedValue"; const CLERA_PROPS = [ VERSION$1, AUTH_SAFE, MAC_DATA ]; class PFX extends PkiObject { constructor(parameters = {}) { super(); this.version = pvutils__namespace.getParametersValue(parameters, VERSION$1, PFX.defaultValues(VERSION$1)); this.authSafe = pvutils__namespace.getParametersValue(parameters, AUTH_SAFE, PFX.defaultValues(AUTH_SAFE)); if (MAC_DATA in parameters) { this.macData = pvutils__namespace.getParametersValue(parameters, MAC_DATA, PFX.defaultValues(MAC_DATA)); } if (PARSED_VALUE in parameters) { this.parsedValue = pvutils__namespace.getParametersValue(parameters, PARSED_VALUE, PFX.defaultValues(PARSED_VALUE)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case VERSION$1: return 3; case AUTH_SAFE: return (new ContentInfo()); case MAC_DATA: return (new MacData()); case PARSED_VALUE: return {}; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case VERSION$1: return (memberValue === PFX.defaultValues(memberName)); case AUTH_SAFE: return ((ContentInfo.compareWithDefault("contentType", memberValue.contentType)) && (ContentInfo.compareWithDefault("content", memberValue.content))); case MAC_DATA: return ((MacData.compareWithDefault("mac", memberValue.mac)) && (MacData.compareWithDefault("macSalt", memberValue.macSalt)) && (MacData.compareWithDefault("iterations", memberValue.iterations))); case PARSED_VALUE: return ((memberValue instanceof Object) && (Object.keys(memberValue).length === 0)); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Integer({ name: (names.version || VERSION$1) }), ContentInfo.schema(names.authSafe || { names: { blockName: AUTH_SAFE } }), MacData.schema(names.macData || { names: { blockName: MAC_DATA, optional: true } }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLERA_PROPS); const asn1 = asn1js__namespace.compareSchema(schema, schema, PFX.schema({ names: { version: VERSION$1, authSafe: { names: { blockName: AUTH_SAFE } }, macData: { names: { blockName: MAC_DATA } } } })); AsnError.assertSchema(asn1, this.className); this.version = asn1.result.version.valueBlock.valueDec; this.authSafe = new ContentInfo({ schema: asn1.result.authSafe }); if (MAC_DATA in asn1.result) this.macData = new MacData({ schema: asn1.result.macData }); } toSchema() { const outputArray = [ new asn1js__namespace.Integer({ value: this.version }), this.authSafe.toSchema() ]; if (this.macData) { outputArray.push(this.macData.toSchema()); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const output = { version: this.version, authSafe: this.authSafe.toJSON() }; if (this.macData) { output.macData = this.macData.toJSON(); } return output; } async makeInternalValues(parameters = {}, crypto = getCrypto(true)) { ArgumentError.assert(parameters, "parameters", "object"); if (!this.parsedValue) { throw new Error("Please call \"parseValues\" function first in order to make \"parsedValue\" data"); } ParameterError.assertEmpty(this.parsedValue.integrityMode, "integrityMode", "parsedValue"); ParameterError.assertEmpty(this.parsedValue.authenticatedSafe, "authenticatedSafe", "parsedValue"); switch (this.parsedValue.integrityMode) { case 0: { if (!("iterations" in parameters)) throw new ParameterError("iterations"); ParameterError.assertEmpty(parameters.pbkdf2HashAlgorithm, "pbkdf2HashAlgorithm"); ParameterError.assertEmpty(parameters.hmacHashAlgorithm, "hmacHashAlgorithm"); ParameterError.assertEmpty(parameters.password, "password"); const saltBuffer = new ArrayBuffer(64); const saltView = new Uint8Array(saltBuffer); crypto.getRandomValues(saltView); const data = this.parsedValue.authenticatedSafe.toSchema().toBER(false); this.authSafe = new ContentInfo({ contentType: ContentInfo.DATA, content: new asn1js__namespace.OctetString({ valueHex: data }) }); const result = await crypto.stampDataWithPassword({ password: parameters.password, hashAlgorithm: parameters.hmacHashAlgorithm, salt: saltBuffer, iterationCount: parameters.iterations, contentToStamp: data }); this.macData = new MacData({ mac: new DigestInfo({ digestAlgorithm: new AlgorithmIdentifier({ algorithmId: crypto.getOIDByAlgorithm({ name: parameters.hmacHashAlgorithm }, true, "hmacHashAlgorithm"), }), digest: new asn1js__namespace.OctetString({ valueHex: result }) }), macSalt: new asn1js__namespace.OctetString({ valueHex: saltBuffer }), iterations: parameters.iterations }); } break; case 1: { if (!("signingCertificate" in parameters)) { throw new ParameterError("signingCertificate"); } ParameterError.assertEmpty(parameters.privateKey, "privateKey"); ParameterError.assertEmpty(parameters.hashAlgorithm, "hashAlgorithm"); const toBeSigned = this.parsedValue.authenticatedSafe.toSchema().toBER(false); const cmsSigned = new SignedData({ version: 1, encapContentInfo: new EncapsulatedContentInfo({ eContentType: "1.2.840.113549.1.7.1", eContent: new asn1js__namespace.OctetString({ valueHex: toBeSigned }) }), certificates: [parameters.signingCertificate] }); const result = await crypto.digest({ name: parameters.hashAlgorithm }, new Uint8Array(toBeSigned)); const signedAttr = []; signedAttr.push(new Attribute({ type: "1.2.840.113549.1.9.3", values: [ new asn1js__namespace.ObjectIdentifier({ value: "1.2.840.113549.1.7.1" }) ] })); signedAttr.push(new Attribute({ type: "1.2.840.113549.1.9.5", values: [ new asn1js__namespace.UTCTime({ valueDate: new Date() }) ] })); signedAttr.push(new Attribute({ type: "1.2.840.113549.1.9.4", values: [ new asn1js__namespace.OctetString({ valueHex: result }) ] })); cmsSigned.signerInfos.push(new SignerInfo({ version: 1, sid: new IssuerAndSerialNumber({ issuer: parameters.signingCertificate.issuer, serialNumber: parameters.signingCertificate.serialNumber }), signedAttrs: new SignedAndUnsignedAttributes({ type: 0, attributes: signedAttr }) })); await cmsSigned.sign(parameters.privateKey, 0, parameters.hashAlgorithm, undefined, crypto); this.authSafe = new ContentInfo({ contentType: "1.2.840.113549.1.7.2", content: cmsSigned.toSchema(true) }); } break; default: throw new Error(`Parameter "integrityMode" has unknown value: ${this.parsedValue.integrityMode}`); } } async parseInternalValues(parameters, crypto = getCrypto(true)) { ArgumentError.assert(parameters, "parameters", "object"); if (parameters.checkIntegrity === undefined) { parameters.checkIntegrity = true; } this.parsedValue = {}; switch (this.authSafe.contentType) { case ContentInfo.DATA: { ParameterError.assertEmpty(parameters.password, "password"); this.parsedValue.integrityMode = 0; ArgumentError.assert(this.authSafe.content, "authSafe.content", asn1js__namespace.OctetString); const authSafeContent = this.authSafe.content.getValue(); this.parsedValue.authenticatedSafe = AuthenticatedSafe.fromBER(authSafeContent); if (parameters.checkIntegrity) { if (!this.macData) { throw new Error("Absent \"macData\" value, can not check PKCS#12 data integrity"); } const hashAlgorithm = crypto.getAlgorithmByOID(this.macData.mac.digestAlgorithm.algorithmId, true, "digestAlgorithm"); const result = await crypto.verifyDataStampedWithPassword({ password: parameters.password, hashAlgorithm: hashAlgorithm.name, salt: pvtsutils.BufferSourceConverter.toArrayBuffer(this.macData.macSalt.valueBlock.valueHexView), iterationCount: this.macData.iterations || 1, contentToVerify: authSafeContent, signatureToVerify: pvtsutils.BufferSourceConverter.toArrayBuffer(this.macData.mac.digest.valueBlock.valueHexView), }); if (!result) { throw new Error("Integrity for the PKCS#12 data is broken!"); } } } break; case ContentInfo.SIGNED_DATA: { this.parsedValue.integrityMode = 1; const cmsSigned = new SignedData({ schema: this.authSafe.content }); const eContent = cmsSigned.encapContentInfo.eContent; ParameterError.assert(eContent, "eContent", "cmsSigned.encapContentInfo"); ArgumentError.assert(eContent, "eContent", asn1js__namespace.OctetString); const data = eContent.getValue(); this.parsedValue.authenticatedSafe = AuthenticatedSafe.fromBER(data); const ok = await cmsSigned.verify({ signer: 0, checkChain: false }, crypto); if (!ok) { throw new Error("Integrity for the PKCS#12 data is broken!"); } } break; default: throw new Error(`Incorrect value for "this.authSafe.contentType": ${this.authSafe.contentType}`); } } } PFX.CLASS_NAME = "PFX"; const STATUS$1 = "status"; const STATUS_STRINGS = "statusStrings"; const FAIL_INFO = "failInfo"; const CLEAR_PROPS$2 = [ STATUS$1, STATUS_STRINGS, FAIL_INFO ]; exports.PKIStatus = void 0; (function (PKIStatus) { PKIStatus[PKIStatus["granted"] = 0] = "granted"; PKIStatus[PKIStatus["grantedWithMods"] = 1] = "grantedWithMods"; PKIStatus[PKIStatus["rejection"] = 2] = "rejection"; PKIStatus[PKIStatus["waiting"] = 3] = "waiting"; PKIStatus[PKIStatus["revocationWarning"] = 4] = "revocationWarning"; PKIStatus[PKIStatus["revocationNotification"] = 5] = "revocationNotification"; })(exports.PKIStatus || (exports.PKIStatus = {})); class PKIStatusInfo extends PkiObject { constructor(parameters = {}) { super(); this.status = pvutils__namespace.getParametersValue(parameters, STATUS$1, PKIStatusInfo.defaultValues(STATUS$1)); if (STATUS_STRINGS in parameters) { this.statusStrings = pvutils__namespace.getParametersValue(parameters, STATUS_STRINGS, PKIStatusInfo.defaultValues(STATUS_STRINGS)); } if (FAIL_INFO in parameters) { this.failInfo = pvutils__namespace.getParametersValue(parameters, FAIL_INFO, PKIStatusInfo.defaultValues(FAIL_INFO)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case STATUS$1: return 2; case STATUS_STRINGS: return []; case FAIL_INFO: return new asn1js__namespace.BitString(); default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case STATUS$1: return (memberValue === PKIStatusInfo.defaultValues(memberName)); case STATUS_STRINGS: return (memberValue.length === 0); case FAIL_INFO: return (memberValue.isEqual(PKIStatusInfo.defaultValues(memberName))); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || EMPTY_STRING), value: [ new asn1js__namespace.Integer({ name: (names.status || EMPTY_STRING) }), new asn1js__namespace.Sequence({ optional: true, value: [ new asn1js__namespace.Repeated({ name: (names.statusStrings || EMPTY_STRING), value: new asn1js__namespace.Utf8String() }) ] }), new asn1js__namespace.BitString({ name: (names.failInfo || EMPTY_STRING), optional: true }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$2); const asn1 = asn1js__namespace.compareSchema(schema, schema, PKIStatusInfo.schema({ names: { status: STATUS$1, statusStrings: STATUS_STRINGS, failInfo: FAIL_INFO } })); AsnError.assertSchema(asn1, this.className); const _status = asn1.result.status; if ((_status.valueBlock.isHexOnly === true) || (_status.valueBlock.valueDec < 0) || (_status.valueBlock.valueDec > 5)) throw new Error("PKIStatusInfo \"status\" has invalid value"); this.status = _status.valueBlock.valueDec; if (STATUS_STRINGS in asn1.result) this.statusStrings = asn1.result.statusStrings; if (FAIL_INFO in asn1.result) this.failInfo = asn1.result.failInfo; } toSchema() { const outputArray = []; outputArray.push(new asn1js__namespace.Integer({ value: this.status })); if (this.statusStrings) { outputArray.push(new asn1js__namespace.Sequence({ optional: true, value: this.statusStrings })); } if (this.failInfo) { outputArray.push(this.failInfo); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const res = { status: this.status }; if (this.statusStrings) { res.statusStrings = Array.from(this.statusStrings, o => o.toJSON()); } if (this.failInfo) { res.failInfo = this.failInfo.toJSON(); } return res; } } PKIStatusInfo.CLASS_NAME = "PKIStatusInfo"; const VERSION = "version"; const MESSAGE_IMPRINT = "messageImprint"; const REQ_POLICY = "reqPolicy"; const NONCE = "nonce"; const CERT_REQ = "certReq"; const EXTENSIONS = "extensions"; const TIME_STAMP_REQ = "TimeStampReq"; const TIME_STAMP_REQ_VERSION = `${TIME_STAMP_REQ}.${VERSION}`; const TIME_STAMP_REQ_MESSAGE_IMPRINT = `${TIME_STAMP_REQ}.${MESSAGE_IMPRINT}`; const TIME_STAMP_REQ_POLICY = `${TIME_STAMP_REQ}.${REQ_POLICY}`; const TIME_STAMP_REQ_NONCE = `${TIME_STAMP_REQ}.${NONCE}`; const TIME_STAMP_REQ_CERT_REQ = `${TIME_STAMP_REQ}.${CERT_REQ}`; const TIME_STAMP_REQ_EXTENSIONS = `${TIME_STAMP_REQ}.${EXTENSIONS}`; const CLEAR_PROPS$1 = [ TIME_STAMP_REQ_VERSION, TIME_STAMP_REQ_MESSAGE_IMPRINT, TIME_STAMP_REQ_POLICY, TIME_STAMP_REQ_NONCE, TIME_STAMP_REQ_CERT_REQ, TIME_STAMP_REQ_EXTENSIONS, ]; class TimeStampReq extends PkiObject { constructor(parameters = {}) { super(); this.version = pvutils__namespace.getParametersValue(parameters, VERSION, TimeStampReq.defaultValues(VERSION)); this.messageImprint = pvutils__namespace.getParametersValue(parameters, MESSAGE_IMPRINT, TimeStampReq.defaultValues(MESSAGE_IMPRINT)); if (REQ_POLICY in parameters) { this.reqPolicy = pvutils__namespace.getParametersValue(parameters, REQ_POLICY, TimeStampReq.defaultValues(REQ_POLICY)); } if (NONCE in parameters) { this.nonce = pvutils__namespace.getParametersValue(parameters, NONCE, TimeStampReq.defaultValues(NONCE)); } if (CERT_REQ in parameters) { this.certReq = pvutils__namespace.getParametersValue(parameters, CERT_REQ, TimeStampReq.defaultValues(CERT_REQ)); } if (EXTENSIONS in parameters) { this.extensions = pvutils__namespace.getParametersValue(parameters, EXTENSIONS, TimeStampReq.defaultValues(EXTENSIONS)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case VERSION: return 0; case MESSAGE_IMPRINT: return new MessageImprint(); case REQ_POLICY: return EMPTY_STRING; case NONCE: return new asn1js__namespace.Integer(); case CERT_REQ: return false; case EXTENSIONS: return []; default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case VERSION: case REQ_POLICY: case CERT_REQ: return (memberValue === TimeStampReq.defaultValues(memberName)); case MESSAGE_IMPRINT: return ((MessageImprint.compareWithDefault("hashAlgorithm", memberValue.hashAlgorithm)) && (MessageImprint.compareWithDefault("hashedMessage", memberValue.hashedMessage))); case NONCE: return (memberValue.isEqual(TimeStampReq.defaultValues(memberName))); case EXTENSIONS: return (memberValue.length === 0); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || TIME_STAMP_REQ), value: [ new asn1js__namespace.Integer({ name: (names.version || TIME_STAMP_REQ_VERSION) }), MessageImprint.schema(names.messageImprint || { names: { blockName: TIME_STAMP_REQ_MESSAGE_IMPRINT } }), new asn1js__namespace.ObjectIdentifier({ name: (names.reqPolicy || TIME_STAMP_REQ_POLICY), optional: true }), new asn1js__namespace.Integer({ name: (names.nonce || TIME_STAMP_REQ_NONCE), optional: true }), new asn1js__namespace.Boolean({ name: (names.certReq || TIME_STAMP_REQ_CERT_REQ), optional: true }), new asn1js__namespace.Constructed({ optional: true, idBlock: { tagClass: 3, tagNumber: 0 }, value: [new asn1js__namespace.Repeated({ name: (names.extensions || TIME_STAMP_REQ_EXTENSIONS), value: Extension.schema() })] }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS$1); const asn1 = asn1js__namespace.compareSchema(schema, schema, TimeStampReq.schema()); AsnError.assertSchema(asn1, this.className); this.version = asn1.result[TIME_STAMP_REQ_VERSION].valueBlock.valueDec; this.messageImprint = new MessageImprint({ schema: asn1.result[TIME_STAMP_REQ_MESSAGE_IMPRINT] }); if (TIME_STAMP_REQ_POLICY in asn1.result) this.reqPolicy = asn1.result[TIME_STAMP_REQ_POLICY].valueBlock.toString(); if (TIME_STAMP_REQ_NONCE in asn1.result) this.nonce = asn1.result[TIME_STAMP_REQ_NONCE]; if (TIME_STAMP_REQ_CERT_REQ in asn1.result) this.certReq = asn1.result[TIME_STAMP_REQ_CERT_REQ].valueBlock.value; if (TIME_STAMP_REQ_EXTENSIONS in asn1.result) this.extensions = Array.from(asn1.result[TIME_STAMP_REQ_EXTENSIONS], element => new Extension({ schema: element })); } toSchema() { const outputArray = []; outputArray.push(new asn1js__namespace.Integer({ value: this.version })); outputArray.push(this.messageImprint.toSchema()); if (this.reqPolicy) outputArray.push(new asn1js__namespace.ObjectIdentifier({ value: this.reqPolicy })); if (this.nonce) outputArray.push(this.nonce); if ((CERT_REQ in this) && (TimeStampReq.compareWithDefault(CERT_REQ, this.certReq) === false)) outputArray.push(new asn1js__namespace.Boolean({ value: this.certReq })); if (this.extensions) { outputArray.push(new asn1js__namespace.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 }, value: Array.from(this.extensions, o => o.toSchema()) })); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const res = { version: this.version, messageImprint: this.messageImprint.toJSON() }; if (this.reqPolicy !== undefined) res.reqPolicy = this.reqPolicy; if (this.nonce !== undefined) res.nonce = this.nonce.toJSON(); if ((this.certReq !== undefined) && (TimeStampReq.compareWithDefault(CERT_REQ, this.certReq) === false)) res.certReq = this.certReq; if (this.extensions) { res.extensions = Array.from(this.extensions, o => o.toJSON()); } return res; } } TimeStampReq.CLASS_NAME = "TimeStampReq"; const STATUS = "status"; const TIME_STAMP_TOKEN = "timeStampToken"; const TIME_STAMP_RESP = "TimeStampResp"; const TIME_STAMP_RESP_STATUS = `${TIME_STAMP_RESP}.${STATUS}`; const TIME_STAMP_RESP_TOKEN = `${TIME_STAMP_RESP}.${TIME_STAMP_TOKEN}`; const CLEAR_PROPS = [ TIME_STAMP_RESP_STATUS, TIME_STAMP_RESP_TOKEN ]; class TimeStampResp extends PkiObject { constructor(parameters = {}) { super(); this.status = pvutils__namespace.getParametersValue(parameters, STATUS, TimeStampResp.defaultValues(STATUS)); if (TIME_STAMP_TOKEN in parameters) { this.timeStampToken = pvutils__namespace.getParametersValue(parameters, TIME_STAMP_TOKEN, TimeStampResp.defaultValues(TIME_STAMP_TOKEN)); } if (parameters.schema) { this.fromSchema(parameters.schema); } } static defaultValues(memberName) { switch (memberName) { case STATUS: return new PKIStatusInfo(); case TIME_STAMP_TOKEN: return new ContentInfo(); default: return super.defaultValues(memberName); } } static compareWithDefault(memberName, memberValue) { switch (memberName) { case STATUS: return ((PKIStatusInfo.compareWithDefault(STATUS, memberValue.status)) && (("statusStrings" in memberValue) === false) && (("failInfo" in memberValue) === false)); case TIME_STAMP_TOKEN: return ((memberValue.contentType === EMPTY_STRING) && (memberValue.content instanceof asn1js__namespace.Any)); default: return super.defaultValues(memberName); } } static schema(parameters = {}) { const names = pvutils__namespace.getParametersValue(parameters, "names", {}); return (new asn1js__namespace.Sequence({ name: (names.blockName || TIME_STAMP_RESP), value: [ PKIStatusInfo.schema(names.status || { names: { blockName: TIME_STAMP_RESP_STATUS } }), ContentInfo.schema(names.timeStampToken || { names: { blockName: TIME_STAMP_RESP_TOKEN, optional: true } }) ] })); } fromSchema(schema) { pvutils__namespace.clearProps(schema, CLEAR_PROPS); const asn1 = asn1js__namespace.compareSchema(schema, schema, TimeStampResp.schema()); AsnError.assertSchema(asn1, this.className); this.status = new PKIStatusInfo({ schema: asn1.result[TIME_STAMP_RESP_STATUS] }); if (TIME_STAMP_RESP_TOKEN in asn1.result) this.timeStampToken = new ContentInfo({ schema: asn1.result[TIME_STAMP_RESP_TOKEN] }); } toSchema() { const outputArray = []; outputArray.push(this.status.toSchema()); if (this.timeStampToken) { outputArray.push(this.timeStampToken.toSchema()); } return (new asn1js__namespace.Sequence({ value: outputArray })); } toJSON() { const res = { status: this.status.toJSON() }; if (this.timeStampToken) { res.timeStampToken = this.timeStampToken.toJSON(); } return res; } async sign(privateKey, hashAlgorithm, crypto = getCrypto(true)) { this.assertContentType(); const signed = new SignedData({ schema: this.timeStampToken.content }); return signed.sign(privateKey, 0, hashAlgorithm, undefined, crypto); } async verify(verificationParameters = { signer: 0, trustedCerts: [], data: EMPTY_BUFFER }, crypto = getCrypto(true)) { this.assertContentType(); const signed = new SignedData({ schema: this.timeStampToken.content }); return signed.verify(verificationParameters, crypto); } assertContentType() { if (!this.timeStampToken) { throw new Error("timeStampToken is absent in TSP response"); } if (this.timeStampToken.contentType !== id_ContentType_SignedData) { throw new Error(`Wrong format of timeStampToken: ${this.timeStampToken.contentType}`); } } } TimeStampResp.CLASS_NAME = "TimeStampResp"; function initCryptoEngine() { if (typeof globalThis !== "undefined" && "crypto" in globalThis) { let engineName = "webcrypto"; if ("webkitSubtle" in globalThis.crypto) { engineName = "safari"; } setEngine(engineName, new CryptoEngine({ name: engineName, crypto: globalThis.crypto })); } else if (typeof crypto !== "undefined" && "webcrypto" in crypto) { const name = "NodeJS ^15"; const nodeCrypto = crypto.webcrypto; setEngine(name, new CryptoEngine({ name, crypto: nodeCrypto })); } } initCryptoEngine(); exports.AbstractCryptoEngine = AbstractCryptoEngine; exports.AccessDescription = AccessDescription; exports.Accuracy = Accuracy; exports.AlgorithmIdentifier = AlgorithmIdentifier; exports.AltName = AltName; exports.ArgumentError = ArgumentError; exports.AsnError = AsnError; exports.AttCertValidityPeriod = AttCertValidityPeriod; exports.Attribute = Attribute; exports.AttributeCertificateInfoV1 = AttributeCertificateInfoV1; exports.AttributeCertificateInfoV2 = AttributeCertificateInfoV2; exports.AttributeCertificateV1 = AttributeCertificateV1; exports.AttributeCertificateV2 = AttributeCertificateV2; exports.AttributeTypeAndValue = AttributeTypeAndValue; exports.AuthenticatedSafe = AuthenticatedSafe; exports.AuthorityKeyIdentifier = AuthorityKeyIdentifier; exports.BasicConstraints = BasicConstraints; exports.BasicOCSPResponse = BasicOCSPResponse; exports.CAVersion = CAVersion; exports.CRLBag = CRLBag; exports.CRLDistributionPoints = CRLDistributionPoints; exports.CertBag = CertBag; exports.CertID = CertID; exports.Certificate = Certificate; exports.CertificateChainValidationEngine = CertificateChainValidationEngine; exports.CertificatePolicies = CertificatePolicies; exports.CertificateRevocationList = CertificateRevocationList; exports.CertificateSet = CertificateSet; exports.CertificateTemplate = CertificateTemplate; exports.CertificationRequest = CertificationRequest; exports.ChainValidationError = ChainValidationError; exports.ContentInfo = ContentInfo; exports.CryptoEngine = CryptoEngine; exports.DigestInfo = DigestInfo; exports.DistributionPoint = DistributionPoint; exports.ECCCMSSharedInfo = ECCCMSSharedInfo; exports.ECNamedCurves = ECNamedCurves; exports.ECPrivateKey = ECPrivateKey; exports.ECPublicKey = ECPublicKey; exports.EncapsulatedContentInfo = EncapsulatedContentInfo; exports.EncryptedContentInfo = EncryptedContentInfo; exports.EncryptedData = EncryptedData; exports.EnvelopedData = EnvelopedData; exports.ExtKeyUsage = ExtKeyUsage; exports.Extension = Extension; exports.ExtensionValueFactory = ExtensionValueFactory; exports.Extensions = Extensions; exports.GeneralName = GeneralName; exports.GeneralNames = GeneralNames; exports.GeneralSubtree = GeneralSubtree; exports.HASHED_MESSAGE = HASHED_MESSAGE; exports.HASH_ALGORITHM = HASH_ALGORITHM; exports.Holder = Holder; exports.InfoAccess = InfoAccess; exports.IssuerAndSerialNumber = IssuerAndSerialNumber; exports.IssuerSerial = IssuerSerial; exports.IssuingDistributionPoint = IssuingDistributionPoint; exports.KEKIdentifier = KEKIdentifier; exports.KEKRecipientInfo = KEKRecipientInfo; exports.KeyAgreeRecipientIdentifier = KeyAgreeRecipientIdentifier; exports.KeyAgreeRecipientInfo = KeyAgreeRecipientInfo; exports.KeyBag = KeyBag; exports.KeyTransRecipientInfo = KeyTransRecipientInfo; exports.MICROS = MICROS; exports.MILLIS = MILLIS; exports.MacData = MacData; exports.MessageImprint = MessageImprint; exports.NameConstraints = NameConstraints; exports.OCSPRequest = OCSPRequest; exports.OCSPResponse = OCSPResponse; exports.ObjectDigestInfo = ObjectDigestInfo; exports.OriginatorIdentifierOrKey = OriginatorIdentifierOrKey; exports.OriginatorInfo = OriginatorInfo; exports.OriginatorPublicKey = OriginatorPublicKey; exports.OtherCertificateFormat = OtherCertificateFormat; exports.OtherKeyAttribute = OtherKeyAttribute; exports.OtherPrimeInfo = OtherPrimeInfo; exports.OtherRecipientInfo = OtherRecipientInfo; exports.OtherRevocationInfoFormat = OtherRevocationInfoFormat; exports.PBES2Params = PBES2Params; exports.PBKDF2Params = PBKDF2Params; exports.PFX = PFX; exports.PKCS8ShroudedKeyBag = PKCS8ShroudedKeyBag; exports.PKIStatusInfo = PKIStatusInfo; exports.POLICY_IDENTIFIER = POLICY_IDENTIFIER; exports.POLICY_QUALIFIERS = POLICY_QUALIFIERS; exports.ParameterError = ParameterError; exports.PasswordRecipientinfo = PasswordRecipientinfo; exports.PkiObject = PkiObject; exports.PolicyConstraints = PolicyConstraints; exports.PolicyInformation = PolicyInformation; exports.PolicyMapping = PolicyMapping; exports.PolicyMappings = PolicyMappings; exports.PolicyQualifierInfo = PolicyQualifierInfo; exports.PrivateKeyInfo = PrivateKeyInfo; exports.PrivateKeyUsagePeriod = PrivateKeyUsagePeriod; exports.PublicKeyInfo = PublicKeyInfo; exports.QCStatement = QCStatement; exports.QCStatements = QCStatements; exports.RDN = RDN; exports.RSAESOAEPParams = RSAESOAEPParams; exports.RSAPrivateKey = RSAPrivateKey; exports.RSAPublicKey = RSAPublicKey; exports.RSASSAPSSParams = RSASSAPSSParams; exports.RecipientEncryptedKey = RecipientEncryptedKey; exports.RecipientEncryptedKeys = RecipientEncryptedKeys; exports.RecipientIdentifier = RecipientIdentifier; exports.RecipientInfo = RecipientInfo; exports.RecipientKeyIdentifier = RecipientKeyIdentifier; exports.RelativeDistinguishedNames = RelativeDistinguishedNames; exports.Request = Request; exports.ResponseBytes = ResponseBytes; exports.ResponseData = ResponseData; exports.RevocationInfoChoices = RevocationInfoChoices; exports.RevokedCertificate = RevokedCertificate; exports.SECONDS = SECONDS; exports.SafeBag = SafeBag; exports.SafeBagValueFactory = SafeBagValueFactory; exports.SafeContents = SafeContents; exports.SecretBag = SecretBag; exports.Signature = Signature; exports.SignedAndUnsignedAttributes = SignedAndUnsignedAttributes; exports.SignedCertificateTimestamp = SignedCertificateTimestamp; exports.SignedCertificateTimestampList = SignedCertificateTimestampList; exports.SignedData = SignedData; exports.SignedDataVerifyError = SignedDataVerifyError; exports.SignerInfo = SignerInfo; exports.SingleResponse = SingleResponse; exports.SubjectDirectoryAttributes = SubjectDirectoryAttributes; exports.TBSRequest = TBSRequest; exports.TSTInfo = TSTInfo; exports.TYPE = TYPE$4; exports.TYPE_AND_VALUES = TYPE_AND_VALUES; exports.Time = Time; exports.TimeStampReq = TimeStampReq; exports.TimeStampResp = TimeStampResp; exports.V2Form = V2Form; exports.VALUE = VALUE$5; exports.VALUE_BEFORE_DECODE = VALUE_BEFORE_DECODE; exports.checkCA = checkCA; exports.createCMSECDSASignature = createCMSECDSASignature; exports.createECDSASignatureFromCMS = createECDSASignatureFromCMS; exports.getAlgorithmByOID = getAlgorithmByOID; exports.getAlgorithmParameters = getAlgorithmParameters; exports.getCrypto = getCrypto; exports.getEngine = getEngine; exports.getHashAlgorithm = getHashAlgorithm; exports.getOIDByAlgorithm = getOIDByAlgorithm; exports.getRandomValues = getRandomValues; exports.id_AnyPolicy = id_AnyPolicy; exports.id_AuthorityInfoAccess = id_AuthorityInfoAccess; exports.id_AuthorityKeyIdentifier = id_AuthorityKeyIdentifier; exports.id_BaseCRLNumber = id_BaseCRLNumber; exports.id_BasicConstraints = id_BasicConstraints; exports.id_CRLBag_X509CRL = id_CRLBag_X509CRL; exports.id_CRLDistributionPoints = id_CRLDistributionPoints; exports.id_CRLNumber = id_CRLNumber; exports.id_CRLReason = id_CRLReason; exports.id_CertBag_AttributeCertificate = id_CertBag_AttributeCertificate; exports.id_CertBag_SDSICertificate = id_CertBag_SDSICertificate; exports.id_CertBag_X509Certificate = id_CertBag_X509Certificate; exports.id_CertificateIssuer = id_CertificateIssuer; exports.id_CertificatePolicies = id_CertificatePolicies; exports.id_ContentType_Data = id_ContentType_Data; exports.id_ContentType_EncryptedData = id_ContentType_EncryptedData; exports.id_ContentType_EnvelopedData = id_ContentType_EnvelopedData; exports.id_ContentType_SignedData = id_ContentType_SignedData; exports.id_ExtKeyUsage = id_ExtKeyUsage; exports.id_FreshestCRL = id_FreshestCRL; exports.id_InhibitAnyPolicy = id_InhibitAnyPolicy; exports.id_InvalidityDate = id_InvalidityDate; exports.id_IssuerAltName = id_IssuerAltName; exports.id_IssuingDistributionPoint = id_IssuingDistributionPoint; exports.id_KeyUsage = id_KeyUsage; exports.id_MicrosoftAppPolicies = id_MicrosoftAppPolicies; exports.id_MicrosoftCaVersion = id_MicrosoftCaVersion; exports.id_MicrosoftCertTemplateV1 = id_MicrosoftCertTemplateV1; exports.id_MicrosoftCertTemplateV2 = id_MicrosoftCertTemplateV2; exports.id_MicrosoftPrevCaCertHash = id_MicrosoftPrevCaCertHash; exports.id_NameConstraints = id_NameConstraints; exports.id_PKIX_OCSP_Basic = id_PKIX_OCSP_Basic; exports.id_PolicyConstraints = id_PolicyConstraints; exports.id_PolicyMappings = id_PolicyMappings; exports.id_PrivateKeyUsagePeriod = id_PrivateKeyUsagePeriod; exports.id_QCStatements = id_QCStatements; exports.id_SignedCertificateTimestampList = id_SignedCertificateTimestampList; exports.id_SubjectAltName = id_SubjectAltName; exports.id_SubjectDirectoryAttributes = id_SubjectDirectoryAttributes; exports.id_SubjectInfoAccess = id_SubjectInfoAccess; exports.id_SubjectKeyIdentifier = id_SubjectKeyIdentifier; exports.id_ad = id_ad; exports.id_ad_caIssuers = id_ad_caIssuers; exports.id_ad_ocsp = id_ad_ocsp; exports.id_eContentType_TSTInfo = id_eContentType_TSTInfo; exports.id_pkix = id_pkix; exports.id_sha1 = id_sha1; exports.id_sha256 = id_sha256; exports.id_sha384 = id_sha384; exports.id_sha512 = id_sha512; exports.kdf = kdf; exports.setEngine = setEngine; exports.stringPrep = stringPrep; exports.verifySCTsForCertificate = verifySCTsForCertificate;