Merge pull request #311 from PeculiarVentures:update-deps

Dependency Updates and Code Improvements

lerna.json

@@ -3,6 +3,5 @@
   "packages": [
     "packages/*"
   ],
-  "version": "1.10.5",
-  "useWorkspaces": true
-}
+  "version": "1.10.5"
+}

package.json

@@ -51,18 +51,18 @@
     "@rollup/plugin-babel": "^6.0.4",
     "@rollup/plugin-node-resolve": "^15.2.3",
     "@types/long": "^5.0.0",
-    "@types/mocha": "^10.0.6",
+    "@types/mocha": "^10.0.8",
     "@types/node": "^20.14.2",
     "@types/ws": "^8.5.10",
     "colors": "^1.4.0",
     "coveralls": "^3.1.1",
     "extract-zip": "^2.0.1",
     "gh-pages": "^5.0.0",
-    "lerna": "^6.6.2",
-    "mocha": "^10.4.0",
-    "node-gyp": "^10.1.0",
+    "lerna": "^8.1.8",
+    "mocha": "^10.7.3",
+    "node-gyp": "^10.2.0",
     "nyc": "^15.1.0",
-    "rimraf": "^5.0.7",
+    "rimraf": "^6.0.1",
     "rollup": "^3.20.2",
     "rollup-plugin-cleanup": "^3.2.1",
     "rollup-plugin-commonjs": "^10.1.0",
@@ -73,23 +73,11 @@
     "ts-node": "^10.9.2",
     "tsconfig-paths": "^4.2.0",
     "tslint": "^6.1.3",
-    "typedoc": "^0.25.13",
+    "typedoc": "^0.26.7",
     "typedoc-plugin-lerna-packages": "^0.3.1",
-    "typescript": "^5.4.5"
+    "typescript": "^5.6.2"
   },
   "resolutions": {
-    "**/**/trim-newlines": "^4.0.2",
-    "**/**/bl": "^5.0.0",
-    "**/**/hosted-git-info": "^4.0.2",
-    "**/**/semver": "^7.3.5",
-    "asn1js": "^3.0.5",
-    "async": "^3.2.3",
-    "ansi-regex": "^5.0.0",
-    "path-parse": "^1.0.7",
-    "json-schema": "^0.4.0",
-    "tar": "^6.1.11",
-    "trim-off-newlines": "^1.0.3",
-    "shelljs": "^0.8.5",
     "pkcs11js": "2.1.6",
     "@peculiar/asn1-schema": "^2.1.7",
     "tsprotobuf": "^1.0.19"

packages/client/src/connection/client.ts

@@ -161,8 +161,6 @@ export class Client extends EventEmitter {
    * Return PIN for current session
    *
    * @returns
-   *
-   * @memberOf Client
    */
   public async challenge() {
     if (!this.cipher) {
@@ -173,9 +171,6 @@ export class Client extends EventEmitter {
 
   /**
    * Returns true if session is authorized
-   *
-   *
-   * @memberOf Client
    */
   public async isLoggedIn() {
     const action = new proto.ServerIsLoggedInActionProto();
@@ -186,9 +181,6 @@ export class Client extends EventEmitter {
 
   /**
    * Request session authentication
-   *
-   *
-   * @memberOf Client
    */
   public async login() {
     const action = new proto.ServerLoginActionProto();

packages/core/src/connection/challenge.ts

@@ -4,9 +4,8 @@ import { Convert } from "pvtsutils";
 /**
  * Generates 6 digit string from server's identity and client's identity keys.
  *
- * @export
- * @param {ECPublicKey} serverIdentity Server's identity public key
- * @param {ECPublicKey} clientIdentity Client's identity public key
+ * @param serverIdentity Server's identity public key
+ * @param clientIdentity Client's identity public key
  * @returns
  */
 export async function challenge(serverIdentity: ECPublicKey, clientIdentity: ECPublicKey) {

packages/server/src/connection/server.ts

@@ -63,10 +63,6 @@ export interface Session {
  * - generates Identity
  * - store makes PreKey bundle
  * - Stores secure sessions
- *
- * @export
- * @class Server
- * @extends {EventEmitter}
  */
 export class Server extends core.EventLogEmitter {
 

packages/server/src/connection/storages/file.ts

@@ -36,9 +36,6 @@ export interface IdentityList {
 
 /**
  * Identity key storage base on @peculiar/webcrypto
- *
- * @export
- * @class OpenSSLStorage
  */
 export class FileStorage extends RatchetStorage {
 
@@ -51,8 +48,8 @@ export class FileStorage extends RatchetStorage {
   /**
    * Associative array of remote identities
    */
-  public remoteIdentities: { [key: string]: RemoteIdentity } = {};
-  public sessions: { [key: string]: ratchet.AsymmetricRatchet } = {};
+  public remoteIdentities: { [key: string]: RemoteIdentity; } = {};
+  public sessions: { [key: string]: ratchet.AsymmetricRatchet; } = {};
 
   public async loadIdentities(): Promise<void> {
     const identityPath = FileStorage.STORAGE_NAME + "/identity.json";
@@ -146,7 +143,7 @@ export class FileStorage extends RatchetStorage {
     return identity;
   }
 
-  public async loadRemoteIdentity(key: string): Promise<RemoteIdentity| null> {
+  public async loadRemoteIdentity(key: string): Promise<RemoteIdentity | null> {
     await this.loadRemote();
     return this.remoteIdentities[key] || null;
   }
@@ -180,7 +177,7 @@ export class FileStorage extends RatchetStorage {
     return null;
   }
 
-  protected async  ecKeyToBase64(key: CryptoKey) {
+  protected async ecKeyToBase64(key: CryptoKey) {
     const oldValue = key.extractable;
     try {
       (key as any).extractable = true;

packages/server/src/crypto/openssl/key_storage.ts

@@ -98,11 +98,8 @@ export class OpenSSLKeyStorage implements core.CryptoKeyStorage {
    * - public/private key's hex = SHA-256(spki)
    * - secret key's hex = SHA-256(RND(32))
    *
-   * @protected
-   * @param {CryptoKey} key
+   * @param key
    * @returns
-   *
-   * @memberOf OpenSSLKeyStorage
    */
   protected async getID(key: CryptoKey) {
     const nativeKey = (key as any).native;

packages/server/src/server.ts

@@ -17,10 +17,6 @@ export interface IServerOptions extends ServerOptions {
 
 /**
  * Local server
- *
- * @export
- * @class LocalServer
- * @extends {EventEmitter}
  */
 export class LocalServer extends core.EventLogEmitter {
 
@@ -30,7 +26,6 @@ export class LocalServer extends core.EventLogEmitter {
    * Server
    *
    * @type {Server}
-   * @memberof LocalServer
    */
   public server: Server;
   public sessions: Session[] = [];
@@ -44,16 +39,16 @@ export class LocalServer extends core.EventLogEmitter {
     this.server = new Server(options);
 
     if (!options.disablePCSC) {
-        // The CardReaderService is disabled because it is not used on the client side,
-        // but it duplicates log entries for PCSCWatcher.
-
-        // this.cardReader = new CardReaderService(this.server)
-        //   .on("info", (level, source, message, data) => {
-        //     this.emit("info", level, source, message, data);
-        //   })
-        //   .on("error", (e) => {
-        //     this.emit("error", e);
-        //   });
+      // The CardReaderService is disabled because it is not used on the client side,
+      // but it duplicates log entries for PCSCWatcher.
+
+      // this.cardReader = new CardReaderService(this.server)
+      //   .on("info", (level, source, message, data) => {
+      //     this.emit("info", level, source, message, data);
+      //   })
+      //   .on("error", (e) => {
+      //     this.emit("error", e);
+      //   });
     } else {
       // Disable PCSC for provider too
       options.config.disablePCSC = true;

packages/server/src/services/cert_storage.ts

@@ -344,8 +344,8 @@ export class CertificateStorageService extends Service<CryptoService> {
                 continue;
               }
               try {
-                const x509Cert = new X509Certificate(certRaw);
-                certs.push(x509Cert);
+                const x509Cert2 = new X509Certificate(certRaw);
+                certs.push(x509Cert2);
               } catch {
                 continue;
               }

test/client/cert_storage.ts

@@ -40,7 +40,7 @@ context("WebCrypto Socket: Certificate Storage", () => {
       await ws.login();
     }
     const info = await ws.info();
-    const providers = info.providers.filter((provider) => provider.name === PROVIDER_NAME);
+    const providers = info.providers.filter((o) => o.name === PROVIDER_NAME);
     assert.strictEqual(providers.length, 1, `Cannot get provider by name '${PROVIDER_NAME}'`);
     provider = await ws.getCrypto(providers[0].id);
     if (!(await provider.isLoggedIn())) {
@@ -110,12 +110,44 @@ context("WebCrypto Socket: Certificate Storage", () => {
         assert.equal(pem2, pem);
       });
 
-      it("request", async () => {
-        const item = await provider.certStorage.importCert("request", REQ_RAW, { name: "RSASSA-PKCS1-v1_5", hash: "SHA-256" } as RsaHashedImportParams, ["verify"]) as CryptoX509CertificateRequest;
-        assert.equal(item.type, "request");
-
-        const raw = await provider.certStorage.exportCert("raw", item);
-        assert.equal(Convert.ToHex(raw), Convert.ToHex(REQ_RAW));
+      context("request", () => {
+        const hashAlgorithms = "SHA-256";
+
+        const vectors: {
+          name: string;
+          algorithm: Algorithm;
+        }[] = [
+            { name: "RSASSA-PKCS1-v1_5", algorithm: { name: "RSASSA-PKCS1-v1_5", hash: hashAlgorithms, publicExponent: new Uint8Array([0x01, 0x00, 0x01]), modulusLength: 2048 } as Algorithm },
+            { name: "RSA-PSS", algorithm: { name: "RSA-PSS", hash: hashAlgorithms, publicExponent: new Uint8Array([0x01, 0x00, 0x01]), modulusLength: 2048, saltLength: 32 } as Algorithm },
+            { name: "ECDSA P-256", algorithm: { name: "ECDSA", namedCurve: "P-256" } as Algorithm },
+            { name: "ECDSA P-384", algorithm: { name: "ECDSA", namedCurve: "P-384" } as Algorithm },
+            { name: "ECDSA P-521", algorithm: { name: "ECDSA", namedCurve: "P-521" } as Algorithm },
+          ];
+
+        for (const vector of vectors) {
+          it(vector.name, async () => {
+            const keys = await crypto.subtle.generateKey(vector.algorithm, false, ["sign", "verify"]) as CryptoKeyPair;
+            const request = await x509.Pkcs10CertificateRequestGenerator.create({
+              name: "CN=example.com",
+              signingAlgorithm: { hash: hashAlgorithms, ...vector.algorithm },
+              keys,
+            }, crypto);
+            const raw = request.rawData;
+            // console.log(request.toString('pem'));
+
+            const { modulusLength, publicExponent, saltLength, ...filteredAlg } = vector.algorithm as any;
+
+            console.log(vector.name);
+            console.log("  Params", JSON.stringify(filteredAlg), JSON.stringify(["verify"]));
+            // console.log(request.toString("pem"));
+
+            const item1 = await provider.certStorage.importCert("request", raw, filteredAlg, ["verify"]) as CryptoX509CertificateRequest;
+            assert.equal(item1.type, "request");
+
+            const item2 = await provider.certStorage.importCert("raw", raw, filteredAlg, ["verify"]) as CryptoX509CertificateRequest;
+            assert.equal(item2.type, "request");
+          });
+        }
       });
 
       it("throw error if imported item doesn't match to `request` format", async () => {
@@ -228,23 +260,23 @@ context("WebCrypto Socket: Certificate Storage", () => {
     async function createCert(params: ChainItemParams, issuer?: x509.X509Certificate, algorithm?: Algorithm): Promise<x509.X509Certificate> {
       const keys = await crypto.subtle.generateKey(params.algorithm, false, ["sign", "verify"]) as CryptoKeyPair;
       if (issuer && algorithm) {
-        const cert = await x509.X509CertificateGenerator.create({
+        const certificate = await x509.X509CertificateGenerator.create({
           subject: params.subject,
           issuer: issuer.subject,
           publicKey: keys.publicKey,
           signingKey: issuer.privateKey!,
           signingAlgorithm: algorithm,
         });
-        cert.privateKey = keys.privateKey;
-        return cert;
+        certificate.privateKey = keys.privateKey;
+        return certificate;
       }
-      const cert = await x509.X509CertificateGenerator.createSelfSigned({
+      const selfSignedCertificate = await x509.X509CertificateGenerator.createSelfSigned({
         name: params.subject,
         keys,
         signingAlgorithm: params.algorithm,
       });
-      cert.privateKey = keys.privateKey;
-      return cert;
+      selfSignedCertificate.privateKey = keys.privateKey;
+      return selfSignedCertificate;
     }
     /**
      * Creates a chain of X.509 certificates based on the given parameters.

tsconfig.compile.json

@@ -4,6 +4,7 @@
     "target": "ES2019",
     "module": "CommonJS",
     "moduleResolution": "node",
+    "removeComments": true,
     "importHelpers": true,
     "strict": true,
     "skipLibCheck": true,