diff --git a/dist/index.js b/dist/index.js index cb08490..30c53e9 100644 --- a/dist/index.js +++ b/dist/index.js @@ -1175,6 +1175,7 @@ module.exports.deleteTempFiles = function (files, callback) { var helper = __nccwpck_require__(649) var {debug} = __nccwpck_require__(762) var cpspawn = (__nccwpck_require__(81).spawn) +var spawnSync = (__nccwpck_require__(81).spawnSync) var pathlib = __nccwpck_require__(17) var fs = __nccwpck_require__(147) var osTmpdir = __nccwpck_require__(284) @@ -1435,8 +1436,10 @@ function testOpenSSLPath(pathBin, callback) { } /* Once PEM is imported, the openSslVersion is set with this function. */ -spawn(['version'], false, function (err, code, stdout, stderr) { - var text = String(stdout) + '\n' + String(stderr) + '\n' + String(err) +function setVersion() { + var pathBin = get('pathOpenSSL') || process.env.OPENSSL_BIN || 'openssl' + var output = spawnSync(pathBin, ['version']) + var text = String(output.stdout) + '\n' + String(output.stderr) + '\n' + String(output.error) let version = versionRegEx.exec(text) if (version === null || version.length <= 7) return set('openSslVersion', (version[1]).toUpperCase()) @@ -1447,7 +1450,9 @@ spawn(['version'], false, function (err, code, stdout, stderr) { set('VendorVersionMinor', version[5]) set('VendorVersionPatch', version[6]) set('VendorVersionBuildChar', typeof version[7] === 'undefined' ? '' : version[7]) -}) +}; + +setVersion(); module.exports = { exec: exec, diff --git a/dist/index.js.map b/dist/index.js.map index af44425..ef9233d 100644 --- a/dist/index.js.map +++ b/dist/index.js.map @@ -1 +1 @@ -{"version":3,"file":"index.js","mappings":";;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AChCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC/FA;;;;;;;;ACAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACpBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACxDA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACxCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACzCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC/JA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACxBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC5HA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACzRA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACVA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC1IA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC7RA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;AC9+CA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;AC7BA;AACA;;;;AEDA;AACA;AACA;AACA","sources":["../webpack://pem/./node_modules/charenc/charenc.js","../webpack://pem/./node_modules/crypt/crypt.js","../webpack://pem/./node_modules/es6-promisify/dist/promisify.js","../webpack://pem/./node_modules/is-buffer/index.js","../webpack://pem/./node_modules/isexe/index.js","../webpack://pem/./node_modules/isexe/mode.js","../webpack://pem/./node_modules/isexe/windows.js","../webpack://pem/./node_modules/md5/md5.js","../webpack://pem/./node_modules/os-tmpdir/index.js","../webpack://pem/./node_modules/which/which.js","../webpack://pem/external node-commonjs \"child_process\"","../webpack://pem/external node-commonjs \"crypto\"","../webpack://pem/external node-commonjs \"fs\"","../webpack://pem/external node-commonjs \"net\"","../webpack://pem/external node-commonjs \"path\"","../webpack://pem/./lib/convert.js","../webpack://pem/./lib/debug.js","../webpack://pem/./lib/helper.js","../webpack://pem/./lib/openssl.js","../webpack://pem/./lib/pem.js","../webpack://pem/webpack/bootstrap","../webpack://pem/webpack/runtime/compat","../webpack://pem/webpack/before-startup","../webpack://pem/webpack/startup","../webpack://pem/webpack/after-startup"],"sourcesContent":["var charenc = {\n // UTF-8 encoding\n utf8: {\n // Convert a string to a byte array\n stringToBytes: function(str) {\n return charenc.bin.stringToBytes(unescape(encodeURIComponent(str)));\n },\n\n // Convert a byte array to a string\n bytesToString: function(bytes) {\n return decodeURIComponent(escape(charenc.bin.bytesToString(bytes)));\n }\n },\n\n // Binary encoding\n bin: {\n // Convert a string to a byte array\n stringToBytes: function(str) {\n for (var bytes = [], i = 0; i < str.length; i++)\n bytes.push(str.charCodeAt(i) & 0xFF);\n return bytes;\n },\n\n // Convert a byte array to a string\n bytesToString: function(bytes) {\n for (var str = [], i = 0; i < bytes.length; i++)\n str.push(String.fromCharCode(bytes[i]));\n return str.join('');\n }\n }\n};\n\nmodule.exports = charenc;\n","(function() {\n var base64map\n = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/',\n\n crypt = {\n // Bit-wise rotation left\n rotl: function(n, b) {\n return (n << b) | (n >>> (32 - b));\n },\n\n // Bit-wise rotation right\n rotr: function(n, b) {\n return (n << (32 - b)) | (n >>> b);\n },\n\n // Swap big-endian to little-endian and vice versa\n endian: function(n) {\n // If number given, swap endian\n if (n.constructor == Number) {\n return crypt.rotl(n, 8) & 0x00FF00FF | crypt.rotl(n, 24) & 0xFF00FF00;\n }\n\n // Else, assume array and swap all items\n for (var i = 0; i < n.length; i++)\n n[i] = crypt.endian(n[i]);\n return n;\n },\n\n // Generate an array of any length of random bytes\n randomBytes: function(n) {\n for (var bytes = []; n > 0; n--)\n bytes.push(Math.floor(Math.random() * 256));\n return bytes;\n },\n\n // Convert a byte array to big-endian 32-bit words\n bytesToWords: function(bytes) {\n for (var words = [], i = 0, b = 0; i < bytes.length; i++, b += 8)\n words[b >>> 5] |= bytes[i] << (24 - b % 32);\n return words;\n },\n\n // Convert big-endian 32-bit words to a byte array\n wordsToBytes: function(words) {\n for (var bytes = [], b = 0; b < words.length * 32; b += 8)\n bytes.push((words[b >>> 5] >>> (24 - b % 32)) & 0xFF);\n return bytes;\n },\n\n // Convert a byte array to a hex string\n bytesToHex: function(bytes) {\n for (var hex = [], i = 0; i < bytes.length; i++) {\n hex.push((bytes[i] >>> 4).toString(16));\n hex.push((bytes[i] & 0xF).toString(16));\n }\n return hex.join('');\n },\n\n // Convert a hex string to a byte array\n hexToBytes: function(hex) {\n for (var bytes = [], c = 0; c < hex.length; c += 2)\n bytes.push(parseInt(hex.substr(c, 2), 16));\n return bytes;\n },\n\n // Convert a byte array to a base-64 string\n bytesToBase64: function(bytes) {\n for (var base64 = [], i = 0; i < bytes.length; i += 3) {\n var triplet = (bytes[i] << 16) | (bytes[i + 1] << 8) | bytes[i + 2];\n for (var j = 0; j < 4; j++)\n if (i * 8 + j * 6 <= bytes.length * 8)\n base64.push(base64map.charAt((triplet >>> 6 * (3 - j)) & 0x3F));\n else\n base64.push('=');\n }\n return base64.join('');\n },\n\n // Convert a base-64 string to a byte array\n base64ToBytes: function(base64) {\n // Remove non-base-64 characters\n base64 = base64.replace(/[^A-Z0-9+\\/]/ig, '');\n\n for (var bytes = [], i = 0, imod4 = 0; i < base64.length;\n imod4 = ++i % 4) {\n if (imod4 == 0) continue;\n bytes.push(((base64map.indexOf(base64.charAt(i - 1))\n & (Math.pow(2, -2 * imod4 + 8) - 1)) << (imod4 * 2))\n | (base64map.indexOf(base64.charAt(i)) >>> (6 - imod4 * 2)));\n }\n return bytes;\n }\n };\n\n module.exports = crypt;\n})();\n","\"use strict\";Object.defineProperty(exports,\"__esModule\",{value:!0}),exports.promisify=promisify;var customArgumentsToken=\"__ES6-PROMISIFY--CUSTOM-ARGUMENTS__\";function promisify(a){if(\"function\"!=typeof a)throw new TypeError(\"Argument to promisify must be a function\");var b=a[customArgumentsToken],c=promisify.Promise||Promise;if(\"function\"!=typeof c)throw new Error(\"No Promise implementation found; do you need a polyfill?\");return function(){for(var d=this,e=arguments.length,f=Array(e),g=0;g\n * @license MIT\n */\n\n// The _isBuffer check is for Safari 5-7 support, because it's missing\n// Object.prototype.constructor. Remove this eventually\nmodule.exports = function (obj) {\n return obj != null && (isBuffer(obj) || isSlowBuffer(obj) || !!obj._isBuffer)\n}\n\nfunction isBuffer (obj) {\n return !!obj.constructor && typeof obj.constructor.isBuffer === 'function' && obj.constructor.isBuffer(obj)\n}\n\n// For Node v0.10 support. Remove this eventually.\nfunction isSlowBuffer (obj) {\n return typeof obj.readFloatLE === 'function' && typeof obj.slice === 'function' && isBuffer(obj.slice(0, 0))\n}\n","var fs = require('fs')\nvar core\nif (process.platform === 'win32' || global.TESTING_WINDOWS) {\n core = require('./windows.js')\n} else {\n core = require('./mode.js')\n}\n\nmodule.exports = isexe\nisexe.sync = sync\n\nfunction isexe (path, options, cb) {\n if (typeof options === 'function') {\n cb = options\n options = {}\n }\n\n if (!cb) {\n if (typeof Promise !== 'function') {\n throw new TypeError('callback not provided')\n }\n\n return new Promise(function (resolve, reject) {\n isexe(path, options || {}, function (er, is) {\n if (er) {\n reject(er)\n } else {\n resolve(is)\n }\n })\n })\n }\n\n core(path, options || {}, function (er, is) {\n // ignore EACCES because that just means we aren't allowed to run it\n if (er) {\n if (er.code === 'EACCES' || options && options.ignoreErrors) {\n er = null\n is = false\n }\n }\n cb(er, is)\n })\n}\n\nfunction sync (path, options) {\n // my kingdom for a filtered catch\n try {\n return core.sync(path, options || {})\n } catch (er) {\n if (options && options.ignoreErrors || er.code === 'EACCES') {\n return false\n } else {\n throw er\n }\n }\n}\n","module.exports = isexe\nisexe.sync = sync\n\nvar fs = require('fs')\n\nfunction isexe (path, options, cb) {\n fs.stat(path, function (er, stat) {\n cb(er, er ? false : checkStat(stat, options))\n })\n}\n\nfunction sync (path, options) {\n return checkStat(fs.statSync(path), options)\n}\n\nfunction checkStat (stat, options) {\n return stat.isFile() && checkMode(stat, options)\n}\n\nfunction checkMode (stat, options) {\n var mod = stat.mode\n var uid = stat.uid\n var gid = stat.gid\n\n var myUid = options.uid !== undefined ?\n options.uid : process.getuid && process.getuid()\n var myGid = options.gid !== undefined ?\n options.gid : process.getgid && process.getgid()\n\n var u = parseInt('100', 8)\n var g = parseInt('010', 8)\n var o = parseInt('001', 8)\n var ug = u | g\n\n var ret = (mod & o) ||\n (mod & g) && gid === myGid ||\n (mod & u) && uid === myUid ||\n (mod & ug) && myUid === 0\n\n return ret\n}\n","module.exports = isexe\nisexe.sync = sync\n\nvar fs = require('fs')\n\nfunction checkPathExt (path, options) {\n var pathext = options.pathExt !== undefined ?\n options.pathExt : process.env.PATHEXT\n\n if (!pathext) {\n return true\n }\n\n pathext = pathext.split(';')\n if (pathext.indexOf('') !== -1) {\n return true\n }\n for (var i = 0; i < pathext.length; i++) {\n var p = pathext[i].toLowerCase()\n if (p && path.substr(-p.length).toLowerCase() === p) {\n return true\n }\n }\n return false\n}\n\nfunction checkStat (stat, path, options) {\n if (!stat.isSymbolicLink() && !stat.isFile()) {\n return false\n }\n return checkPathExt(path, options)\n}\n\nfunction isexe (path, options, cb) {\n fs.stat(path, function (er, stat) {\n cb(er, er ? false : checkStat(stat, path, options))\n })\n}\n\nfunction sync (path, options) {\n return checkStat(fs.statSync(path), path, options)\n}\n","(function(){\r\n var crypt = require('crypt'),\r\n utf8 = require('charenc').utf8,\r\n isBuffer = require('is-buffer'),\r\n bin = require('charenc').bin,\r\n\r\n // The core\r\n md5 = function (message, options) {\r\n // Convert to byte array\r\n if (message.constructor == String)\r\n if (options && options.encoding === 'binary')\r\n message = bin.stringToBytes(message);\r\n else\r\n message = utf8.stringToBytes(message);\r\n else if (isBuffer(message))\r\n message = Array.prototype.slice.call(message, 0);\r\n else if (!Array.isArray(message) && message.constructor !== Uint8Array)\r\n message = message.toString();\r\n // else, assume byte array already\r\n\r\n var m = crypt.bytesToWords(message),\r\n l = message.length * 8,\r\n a = 1732584193,\r\n b = -271733879,\r\n c = -1732584194,\r\n d = 271733878;\r\n\r\n // Swap endian\r\n for (var i = 0; i < m.length; i++) {\r\n m[i] = ((m[i] << 8) | (m[i] >>> 24)) & 0x00FF00FF |\r\n ((m[i] << 24) | (m[i] >>> 8)) & 0xFF00FF00;\r\n }\r\n\r\n // Padding\r\n m[l >>> 5] |= 0x80 << (l % 32);\r\n m[(((l + 64) >>> 9) << 4) + 14] = l;\r\n\r\n // Method shortcuts\r\n var FF = md5._ff,\r\n GG = md5._gg,\r\n HH = md5._hh,\r\n II = md5._ii;\r\n\r\n for (var i = 0; i < m.length; i += 16) {\r\n\r\n var aa = a,\r\n bb = b,\r\n cc = c,\r\n dd = d;\r\n\r\n a = FF(a, b, c, d, m[i+ 0], 7, -680876936);\r\n d = FF(d, a, b, c, m[i+ 1], 12, -389564586);\r\n c = FF(c, d, a, b, m[i+ 2], 17, 606105819);\r\n b = FF(b, c, d, a, m[i+ 3], 22, -1044525330);\r\n a = FF(a, b, c, d, m[i+ 4], 7, -176418897);\r\n d = FF(d, a, b, c, m[i+ 5], 12, 1200080426);\r\n c = FF(c, d, a, b, m[i+ 6], 17, -1473231341);\r\n b = FF(b, c, d, a, m[i+ 7], 22, -45705983);\r\n a = FF(a, b, c, d, m[i+ 8], 7, 1770035416);\r\n d = FF(d, a, b, c, m[i+ 9], 12, -1958414417);\r\n c = FF(c, d, a, b, m[i+10], 17, -42063);\r\n b = FF(b, c, d, a, m[i+11], 22, -1990404162);\r\n a = FF(a, b, c, d, m[i+12], 7, 1804603682);\r\n d = FF(d, a, b, c, m[i+13], 12, -40341101);\r\n c = FF(c, d, a, b, m[i+14], 17, -1502002290);\r\n b = FF(b, c, d, a, m[i+15], 22, 1236535329);\r\n\r\n a = GG(a, b, c, d, m[i+ 1], 5, -165796510);\r\n d = GG(d, a, b, c, m[i+ 6], 9, -1069501632);\r\n c = GG(c, d, a, b, m[i+11], 14, 643717713);\r\n b = GG(b, c, d, a, m[i+ 0], 20, -373897302);\r\n a = GG(a, b, c, d, m[i+ 5], 5, -701558691);\r\n d = GG(d, a, b, c, m[i+10], 9, 38016083);\r\n c = GG(c, d, a, b, m[i+15], 14, -660478335);\r\n b = GG(b, c, d, a, m[i+ 4], 20, -405537848);\r\n a = GG(a, b, c, d, m[i+ 9], 5, 568446438);\r\n d = GG(d, a, b, c, m[i+14], 9, -1019803690);\r\n c = GG(c, d, a, b, m[i+ 3], 14, -187363961);\r\n b = GG(b, c, d, a, m[i+ 8], 20, 1163531501);\r\n a = GG(a, b, c, d, m[i+13], 5, -1444681467);\r\n d = GG(d, a, b, c, m[i+ 2], 9, -51403784);\r\n c = GG(c, d, a, b, m[i+ 7], 14, 1735328473);\r\n b = GG(b, c, d, a, m[i+12], 20, -1926607734);\r\n\r\n a = HH(a, b, c, d, m[i+ 5], 4, -378558);\r\n d = HH(d, a, b, c, m[i+ 8], 11, -2022574463);\r\n c = HH(c, d, a, b, m[i+11], 16, 1839030562);\r\n b = HH(b, c, d, a, m[i+14], 23, -35309556);\r\n a = HH(a, b, c, d, m[i+ 1], 4, -1530992060);\r\n d = HH(d, a, b, c, m[i+ 4], 11, 1272893353);\r\n c = HH(c, d, a, b, m[i+ 7], 16, -155497632);\r\n b = HH(b, c, d, a, m[i+10], 23, -1094730640);\r\n a = HH(a, b, c, d, m[i+13], 4, 681279174);\r\n d = HH(d, a, b, c, m[i+ 0], 11, -358537222);\r\n c = HH(c, d, a, b, m[i+ 3], 16, -722521979);\r\n b = HH(b, c, d, a, m[i+ 6], 23, 76029189);\r\n a = HH(a, b, c, d, m[i+ 9], 4, -640364487);\r\n d = HH(d, a, b, c, m[i+12], 11, -421815835);\r\n c = HH(c, d, a, b, m[i+15], 16, 530742520);\r\n b = HH(b, c, d, a, m[i+ 2], 23, -995338651);\r\n\r\n a = II(a, b, c, d, m[i+ 0], 6, -198630844);\r\n d = II(d, a, b, c, m[i+ 7], 10, 1126891415);\r\n c = II(c, d, a, b, m[i+14], 15, -1416354905);\r\n b = II(b, c, d, a, m[i+ 5], 21, -57434055);\r\n a = II(a, b, c, d, m[i+12], 6, 1700485571);\r\n d = II(d, a, b, c, m[i+ 3], 10, -1894986606);\r\n c = II(c, d, a, b, m[i+10], 15, -1051523);\r\n b = II(b, c, d, a, m[i+ 1], 21, -2054922799);\r\n a = II(a, b, c, d, m[i+ 8], 6, 1873313359);\r\n d = II(d, a, b, c, m[i+15], 10, -30611744);\r\n c = II(c, d, a, b, m[i+ 6], 15, -1560198380);\r\n b = II(b, c, d, a, m[i+13], 21, 1309151649);\r\n a = II(a, b, c, d, m[i+ 4], 6, -145523070);\r\n d = II(d, a, b, c, m[i+11], 10, -1120210379);\r\n c = II(c, d, a, b, m[i+ 2], 15, 718787259);\r\n b = II(b, c, d, a, m[i+ 9], 21, -343485551);\r\n\r\n a = (a + aa) >>> 0;\r\n b = (b + bb) >>> 0;\r\n c = (c + cc) >>> 0;\r\n d = (d + dd) >>> 0;\r\n }\r\n\r\n return crypt.endian([a, b, c, d]);\r\n };\r\n\r\n // Auxiliary functions\r\n md5._ff = function (a, b, c, d, x, s, t) {\r\n var n = a + (b & c | ~b & d) + (x >>> 0) + t;\r\n return ((n << s) | (n >>> (32 - s))) + b;\r\n };\r\n md5._gg = function (a, b, c, d, x, s, t) {\r\n var n = a + (b & d | c & ~d) + (x >>> 0) + t;\r\n return ((n << s) | (n >>> (32 - s))) + b;\r\n };\r\n md5._hh = function (a, b, c, d, x, s, t) {\r\n var n = a + (b ^ c ^ d) + (x >>> 0) + t;\r\n return ((n << s) | (n >>> (32 - s))) + b;\r\n };\r\n md5._ii = function (a, b, c, d, x, s, t) {\r\n var n = a + (c ^ (b | ~d)) + (x >>> 0) + t;\r\n return ((n << s) | (n >>> (32 - s))) + b;\r\n };\r\n\r\n // Package private blocksize\r\n md5._blocksize = 16;\r\n md5._digestsize = 16;\r\n\r\n module.exports = function (message, options) {\r\n if (message === undefined || message === null)\r\n throw new Error('Illegal argument ' + message);\r\n\r\n var digestbytes = crypt.wordsToBytes(md5(message, options));\r\n return options && options.asBytes ? digestbytes :\r\n options && options.asString ? bin.bytesToString(digestbytes) :\r\n crypt.bytesToHex(digestbytes);\r\n };\r\n\r\n})();\r\n","'use strict';\nvar isWindows = process.platform === 'win32';\nvar trailingSlashRe = isWindows ? /[^:]\\\\$/ : /.\\/$/;\n\n// https://github.com/nodejs/node/blob/3e7a14381497a3b73dda68d05b5130563cdab420/lib/os.js#L25-L43\nmodule.exports = function () {\n\tvar path;\n\n\tif (isWindows) {\n\t\tpath = process.env.TEMP ||\n\t\t\tprocess.env.TMP ||\n\t\t\t(process.env.SystemRoot || process.env.windir) + '\\\\temp';\n\t} else {\n\t\tpath = process.env.TMPDIR ||\n\t\t\tprocess.env.TMP ||\n\t\t\tprocess.env.TEMP ||\n\t\t\t'/tmp';\n\t}\n\n\tif (trailingSlashRe.test(path)) {\n\t\tpath = path.slice(0, -1);\n\t}\n\n\treturn path;\n};\n","const isWindows = process.platform === 'win32' ||\n process.env.OSTYPE === 'cygwin' ||\n process.env.OSTYPE === 'msys'\n\nconst path = require('path')\nconst COLON = isWindows ? ';' : ':'\nconst isexe = require('isexe')\n\nconst getNotFoundError = (cmd) =>\n Object.assign(new Error(`not found: ${cmd}`), { code: 'ENOENT' })\n\nconst getPathInfo = (cmd, opt) => {\n const colon = opt.colon || COLON\n\n // If it has a slash, then we don't bother searching the pathenv.\n // just check the file itself, and that's it.\n const pathEnv = cmd.match(/\\//) || isWindows && cmd.match(/\\\\/) ? ['']\n : (\n [\n // windows always checks the cwd first\n ...(isWindows ? [process.cwd()] : []),\n ...(opt.path || process.env.PATH ||\n /* istanbul ignore next: very unusual */ '').split(colon),\n ]\n )\n const pathExtExe = isWindows\n ? opt.pathExt || process.env.PATHEXT || '.EXE;.CMD;.BAT;.COM'\n : ''\n const pathExt = isWindows ? pathExtExe.split(colon) : ['']\n\n if (isWindows) {\n if (cmd.indexOf('.') !== -1 && pathExt[0] !== '')\n pathExt.unshift('')\n }\n\n return {\n pathEnv,\n pathExt,\n pathExtExe,\n }\n}\n\nconst which = (cmd, opt, cb) => {\n if (typeof opt === 'function') {\n cb = opt\n opt = {}\n }\n if (!opt)\n opt = {}\n\n const { pathEnv, pathExt, pathExtExe } = getPathInfo(cmd, opt)\n const found = []\n\n const step = i => new Promise((resolve, reject) => {\n if (i === pathEnv.length)\n return opt.all && found.length ? resolve(found)\n : reject(getNotFoundError(cmd))\n\n const ppRaw = pathEnv[i]\n const pathPart = /^\".*\"$/.test(ppRaw) ? ppRaw.slice(1, -1) : ppRaw\n\n const pCmd = path.join(pathPart, cmd)\n const p = !pathPart && /^\\.[\\\\\\/]/.test(cmd) ? cmd.slice(0, 2) + pCmd\n : pCmd\n\n resolve(subStep(p, i, 0))\n })\n\n const subStep = (p, i, ii) => new Promise((resolve, reject) => {\n if (ii === pathExt.length)\n return resolve(step(i + 1))\n const ext = pathExt[ii]\n isexe(p + ext, { pathExt: pathExtExe }, (er, is) => {\n if (!er && is) {\n if (opt.all)\n found.push(p + ext)\n else\n return resolve(p + ext)\n }\n return resolve(subStep(p, i, ii + 1))\n })\n })\n\n return cb ? step(0).then(res => cb(null, res), cb) : step(0)\n}\n\nconst whichSync = (cmd, opt) => {\n opt = opt || {}\n\n const { pathEnv, pathExt, pathExtExe } = getPathInfo(cmd, opt)\n const found = []\n\n for (let i = 0; i < pathEnv.length; i ++) {\n const ppRaw = pathEnv[i]\n const pathPart = /^\".*\"$/.test(ppRaw) ? ppRaw.slice(1, -1) : ppRaw\n\n const pCmd = path.join(pathPart, cmd)\n const p = !pathPart && /^\\.[\\\\\\/]/.test(cmd) ? cmd.slice(0, 2) + pCmd\n : pCmd\n\n for (let j = 0; j < pathExt.length; j ++) {\n const cur = p + pathExt[j]\n try {\n const is = isexe.sync(cur, { pathExt: pathExtExe })\n if (is) {\n if (opt.all)\n found.push(cur)\n else\n return cur\n }\n } catch (ex) {}\n }\n }\n\n if (opt.all && found.length)\n return found\n\n if (opt.nothrow)\n return null\n\n throw getNotFoundError(cmd)\n}\n\nmodule.exports = which\nwhich.sync = whichSync\n","module.exports = require(\"child_process\");","module.exports = require(\"crypto\");","module.exports = require(\"fs\");","module.exports = require(\"net\");","module.exports = require(\"path\");","'use strict'\n\nvar openssl = require('./openssl.js')\nvar helper = require('./helper.js')\nvar {debug} = require('./debug.js')\n\n// PEM format: .pem, .crt, .cer (!bin), .key\n// base64 encoded; the cert file might also include the private key; so key file is optional\n\n// DER format: .der, .cer (bin)\n// binary encoded format; cannot include key file\n\n// PKCS#7 / P7B format: .p7b, .p7c\n// contains cert and ca chain cert files, but not the key file\n// A PKCS7 certificate is serialized using either PEM or DER format.\n\n// PKCS#12 / PFX format: .pfx, .p12\n// contains all files: key file, cert and ca chain cert files\n\n/**\n * pem convert module\n *\n * @module convert\n */\n\n/**\n * conversion from PEM to DER format\n * if private key is included in PEM encoded file, it won't be included in DER file\n * use this method with type 'rsa' to export private key in that case\n * @param {String} pathIN path of the PEM encoded certificate file\n * @param {String} pathOUT path of the DER encoded certificate file to generate\n * @param {String} [type] type of file, use 'rsa' for key file, 'x509' otherwise or leave this parameter out\n * @param {Function} callback callback method called with error, boolean result\n */\nmodule.exports.PEM2DER = function (pathIN, pathOUT, type, callback) {\n if (!callback && typeof type === 'function') {\n callback = type\n type = 'x509'\n }\n var params = [\n type,\n '-outform',\n 'der',\n '-in',\n pathIN,\n '-out',\n pathOUT\n ]\n openssl.spawnWrapper(params, false, function (error, code) {\n if (error) {\n callback(error)\n } else {\n callback(null, code === 0)\n }\n })\n}\n\n/**\n * conversion from DER to PEM format\n * @param {String} pathIN path of the DER encoded certificate file\n * @param {String} pathOUT path of the PEM encoded certificate file to generate\n * @param {String} [type] type of file, use 'rsa' for key file, 'x509' otherwise or leave this parameter out\n * @param {Function} callback callback method called with error, boolean result\n */\nmodule.exports.DER2PEM = function (pathIN, pathOUT, type, callback) {\n if (!callback && typeof type === 'function') {\n callback = type\n type = 'x509'\n }\n var params = [\n type,\n '-inform',\n 'der',\n '-in',\n pathIN,\n '-out',\n pathOUT\n ]\n openssl.spawnWrapper(params, false, function (error, code) {\n if (error) {\n callback(error)\n } else {\n callback(null, code === 0)\n }\n })\n}\n\n/**\n * conversion from PEM to P7B format\n * @param {Object} pathBundleIN paths of the PEM encoded certificate files ({cert: '...', ca: '...' or ['...', ...]})\n * @param {String} pathOUT path of the P7B encoded certificate file to generate\n * @param {Function} callback callback method called with error, boolean result\n */\nmodule.exports.PEM2P7B = function (pathBundleIN, pathOUT, callback) {\n var params = [\n 'crl2pkcs7',\n '-nocrl',\n '-certfile',\n pathBundleIN.cert,\n '-out',\n pathOUT\n ]\n if (pathBundleIN.ca) {\n if (!Array.isArray(pathBundleIN.ca)) {\n pathBundleIN.ca = [pathBundleIN.ca]\n }\n pathBundleIN.ca.forEach(function (ca) {\n params.push('-certfile')\n params.push(ca)\n })\n }\n openssl.spawnWrapper(params, false, function (error, code) {\n if (error) {\n callback(error)\n } else {\n callback(null, code === 0)\n }\n })\n}\n\n/**\n * conversion from P7B to PEM format\n * @param {String} pathIN path of the P7B encoded certificate file\n * @param {String} pathOUT path of the PEM encoded certificate file to generate\n * @param {Function} callback callback method called with error, boolean result\n */\nmodule.exports.P7B2PEM = function (pathIN, pathOUT, callback) {\n var params = [\n 'pkcs7',\n '-print_certs',\n '-in',\n pathIN,\n '-out',\n pathOUT\n ]\n openssl.spawnWrapper(params, false, function (error, code) {\n if (error) {\n callback(error)\n } else {\n callback(null, code === 0)\n }\n })\n}// TODO: CA also included?\n\n/**\n * conversion from PEM to PFX\n * @param {Object} pathBundleIN paths of the PEM encoded certificate files ({cert: '...', key: '...', ca: '...' or ['...', ...]})\n * @param {String} pathOUT path of the PFX encoded certificate file to generate\n * @param {String} password password to set for accessing the PFX file\n * @param {Function} callback callback method called with error, boolean result\n */\nmodule.exports.PEM2PFX = function (pathBundleIN, pathOUT, password, callback) {\n var params = [\n 'pkcs12',\n '-export',\n '-out',\n pathOUT,\n '-inkey',\n pathBundleIN.key,\n '-in',\n pathBundleIN.cert\n ]\n if (pathBundleIN.ca) {\n if (!Array.isArray(pathBundleIN.ca)) {\n pathBundleIN.ca = [pathBundleIN.ca]\n }\n pathBundleIN.ca.forEach(function (ca) {\n params.push('-certfile')\n params.push(ca)\n })\n }\n var delTempPWFiles = []\n helper.createPasswordFile({ cipher: '', password: password, passType: 'in' }, params, delTempPWFiles)\n helper.createPasswordFile({ cipher: '', password: password, passType: 'out' }, params, delTempPWFiles)\n openssl.spawnWrapper(params, false, function (error, code) {\n function done (error) {\n if (error) {\n callback(error)\n } else {\n callback(null, code === 0)\n }\n }\n helper.deleteTempFiles(delTempPWFiles, function (fsErr) {\n done(error || fsErr)\n })\n })\n}\n\n/**\n * conversion from PFX to PEM\n * @param {Object} pathIN path of the PFX encoded certificate file\n * @param {String} pathOUT path of the PEM encoded certificate file to generate\n * @param {String} password password to set for accessing the PFX file\n * @param {Function} callback callback method called with error, boolean result\n */\nmodule.exports.PFX2PEM = function (pathIN, pathOUT, password, callback) {\n var params = [\n 'pkcs12',\n '-in',\n pathIN,\n '-out',\n pathOUT,\n '-nodes'\n ]\n var delTempPWFiles = []\n helper.createPasswordFile({ cipher: '', password: password, passType: 'in' }, params, delTempPWFiles)\n helper.createPasswordFile({ cipher: '', password: password, passType: 'out' }, params, delTempPWFiles)\n openssl.spawnWrapper(params, false, function (error, code) {\n function done (error) {\n if (error) {\n callback(error)\n } else {\n callback(null, code === 0)\n }\n }\n helper.deleteTempFiles(delTempPWFiles, function (fsErr) {\n done(error || fsErr)\n })\n })\n}\n\n/**\n * conversion from P7B to PFX/PKCS#12\n * @param {Object} pathBundleIN paths of the PEM encoded certificate files ({cert: '...', key: '...', ca: '...' or ['...', ...]})\n * @param {String} pathOUT path of the PFX certificate file to generate\n * @param {String} password password to be set for the PFX file and to be used to access the key file\n * @param {Function} callback callback method called with error, boolean result\n */\nmodule.exports.P7B2PFX = function (pathBundleIN, pathOUT, password, callback) {\n var tmpfile = pathBundleIN.cert.replace(/\\.[^.]+$/, '.cer')\n var params = [\n 'pkcs7',\n '-print_certs',\n '-in',\n pathBundleIN.cert,\n '-out',\n tmpfile\n ]\n openssl.spawnWrapper(params, false, function (error, code) {\n debug(\"P7B2PFX\", {\n error, code\n })\n if (error) {\n callback(error)\n } else {\n var params = [\n 'pkcs12',\n '-export',\n '-in',\n tmpfile,\n '-inkey',\n pathBundleIN.key,\n '-out',\n pathOUT\n ]\n if (pathBundleIN.ca) {\n if (!Array.isArray(pathBundleIN.ca)) {\n pathBundleIN.ca = [pathBundleIN.ca]\n }\n pathBundleIN.ca.forEach(function (ca) {\n params.push('-certfile')\n params.push(ca)\n })\n }\n var delTempPWFiles = [tmpfile]\n helper.createPasswordFile({ cipher: '', password: password, passType: 'in' }, params, delTempPWFiles)\n helper.createPasswordFile({ cipher: '', password: password, passType: 'out' }, params, delTempPWFiles)\n openssl.spawnWrapper(params, false, function (error, code) {\n function done (error) {\n if (error) {\n callback(error)\n } else {\n callback(null, code === 0)\n }\n }\n helper.deleteTempFiles(delTempPWFiles, function (fsErr) {\n done(error || fsErr)\n })\n })\n }\n })\n}\n","function debug (title, content) {\n if (process.env.CI === 'true') {\n console.log(`::group::${title}`)\n console.log(JSON.stringify(content, null, 3))\n console.log('::endgroup::')\n }\n}\n\nmodule.exports = {\n debug: debug\n}\n","'use strict'\r\n\r\nvar pathlib = require('path')\r\nvar fs = require('fs')\r\nvar crypto = require('crypto')\r\nvar osTmpdir = require('os-tmpdir')\r\nvar tempDir = process.env.PEMJS_TMPDIR || osTmpdir()\r\n\r\n/**\r\n * pem helper module\r\n *\r\n * @module helper\r\n */\r\n\r\n/**\r\n * helper function to check is the string a number or not\r\n * @param {String} str String that should be checked to be a number\r\n */\r\nmodule.exports.isNumber = function (str) {\r\n if (Array.isArray(str)) {\r\n return false\r\n }\r\n /*\r\n var bstr = str && str.toString()\r\n str = str + ''\r\n\r\n return bstr - parseFloat(bstr) + 1 >= 0 &&\r\n !/^\\s+|\\s+$/g.test(str) && /^\\d+$/g.test(str) &&\r\n !isNaN(str) && !isNaN(parseFloat(str))\r\n */\r\n return /^\\d+$/g.test(str)\r\n}\r\n\r\n/**\r\n * helper function to check is the string a hexaceximal value\r\n * @param {String} hex String that should be checked to be a hexaceximal\r\n */\r\nmodule.exports.isHex = function isHex (hex) {\r\n return /^(0x){0,1}([0-9A-F]{1,40}|[0-9A-F]{1,40})$/gi.test(hex)\r\n}\r\n\r\n/**\r\n * helper function to convert a string to a hexaceximal value\r\n * @param {String} str String that should be converted to a hexaceximal\r\n */\r\nmodule.exports.toHex = function toHex (str) {\r\n var hex = ''\r\n for (var i = 0; i < str.length; i++) {\r\n hex += '' + str.charCodeAt(i).toString(16)\r\n }\r\n return hex\r\n}\r\n\r\n// cipherPassword returns an array of supported ciphers.\r\n/**\r\n * list of supported ciphers\r\n * @type {Array}\r\n */\r\nmodule.exports.ciphers = ['aes128', 'aes192', 'aes256', 'camellia128', 'camellia192', 'camellia256', 'des', 'des3', 'idea']\r\nvar ciphers = module.exports.ciphers\r\n\r\n/**\r\n * Creates a PasswordFile to hide the password form process infos via `ps auxf` etc.\r\n * @param {Object} options object of cipher, password and passType, mustPass, {cipher:'aes128', password:'xxxx', passType:\"in/out/word\"}, if the object empty we do nothing\r\n * @param {String} options.cipher cipher like 'aes128', 'aes192', 'aes256', 'camellia128', 'camellia192', 'camellia256', 'des', 'des3', 'idea'\r\n * @param {String} options.password password can be empty or at last 4 to 1023 chars\r\n * @param {String} options.passType passType: can be in/out/word for passIN/passOUT/passWORD\r\n * @param {Boolean} options.mustPass mustPass is used when you need to set the pass like as \"-password pass:\" most needed when empty password\r\n * @param {Object} params params will be extended with the data that need for the openssl command. IS USED AS POINTER!\r\n * @param {String} PasswordFileArray PasswordFileArray is an array of filePaths that later need to deleted ,after the openssl command. IS USED AS POINTER!\r\n * @return {Boolean} result\r\n */\r\nmodule.exports.createPasswordFile = function (options, params, PasswordFileArray) {\r\n if (!options || !Object.prototype.hasOwnProperty.call(options, 'password') || !Object.prototype.hasOwnProperty.call(options, 'passType') || !/^(word|in|out)$/.test(options.passType)) {\r\n return false\r\n }\r\n var PasswordFile = pathlib.join(tempDir, crypto.randomBytes(20).toString('hex'))\r\n PasswordFileArray.push(PasswordFile)\r\n options.password = options.password.trim()\r\n if (options.password === '') {\r\n options.mustPass = true\r\n }\r\n if (options.cipher && (ciphers.indexOf(options.cipher) !== -1)) {\r\n params.push('-' + options.cipher)\r\n }\r\n params.push('-pass' + options.passType)\r\n if (options.mustPass) {\r\n params.push('pass:' + options.password)\r\n } else {\r\n fs.writeFileSync(PasswordFile, options.password)\r\n params.push('file:' + PasswordFile)\r\n }\r\n return true\r\n}\r\n\r\n/**\r\n * Deletes a file or an array of files\r\n * @param {Array} files array of files that shoudld be deleted\r\n * @param {errorCallback} callback Callback function with an error object\r\n */\r\nmodule.exports.deleteTempFiles = function (files, callback) {\r\n var rmFiles = []\r\n if (typeof files === 'string') {\r\n rmFiles.push(files)\r\n } else if (Array.isArray(files)) {\r\n rmFiles = files\r\n } else {\r\n return callback(new Error('Unexcepted files parameter type; only string or array supported'))\r\n }\r\n var deleteSeries = function (list, finalCallback) {\r\n if (list.length) {\r\n var file = list.shift()\r\n var myCallback = function (err) {\r\n if (err && err.code === 'ENOENT') {\r\n // file doens't exist\r\n return deleteSeries(list, finalCallback)\r\n } else if (err) {\r\n // other errors, e.g. maybe we don't have enough permission\r\n return finalCallback(err)\r\n } else {\r\n return deleteSeries(list, finalCallback)\r\n }\r\n }\r\n if (file && typeof file === 'string') {\r\n fs.unlink(file, myCallback)\r\n } else {\r\n return deleteSeries(list, finalCallback)\r\n }\r\n } else {\r\n return finalCallback(null) // no errors\r\n }\r\n }\r\n deleteSeries(rmFiles, callback)\r\n}\r\n/**\r\n * Callback for return an error object.\r\n * @callback errorCallback\r\n * @param {Error} err - An Error Object or null\r\n */\n","var helper = require('./helper.js')\nvar {debug} = require('./debug.js')\nvar cpspawn = require('child_process').spawn\nvar pathlib = require('path')\nvar fs = require('fs')\nvar osTmpdir = require('os-tmpdir')\nvar crypto = require('crypto')\nvar which = require('which')\nvar settings = {}\nvar tempDir = process.env.PEMJS_TMPDIR || osTmpdir()\n\nconst versionRegEx = new RegExp('^(OpenSSL|LibreSSL) (((\\\\d+).(\\\\d+)).(\\\\d+))([a-z]+)?')\n\nif (\"CI\" in process.env && process.env.CI === 'true') {\n if (\"LIBRARY\" in process.env && \"VERSION\" in process.env && process.env.LIBRARY != \"\" && process.env.VERSION != \"\") {\n const filePathOpenSSL=`./openssl/${process.env.LIBRARY}_v${process.env.VERSION}/bin/openssl`\n if (fs.existsSync(filePathOpenSSL)) {\n process.env.OPENSSL_BIN = filePathOpenSSL\n }\n }\n}\n\n/**\n * pem openssl module\n *\n * @module openssl\n */\n\n/**\n * configue this openssl module\n *\n * @static\n * @param {String} option name e.g. pathOpenSSL, openSslVersion; TODO rethink nomenclature\n * @param {*} value value\n */\nfunction set(option, value) {\n settings[option] = value\n}\n\n/**\n * get configuration setting value\n *\n * @static\n * @param {String} option name\n */\nfunction get(option) {\n return settings[option] || null\n}\n\n/**\n * Spawn an openssl command\n *\n * @static\n * @param {Array} params Array of openssl command line parameters\n * @param {String} searchStr String to use to find data\n * @param {Array} [tmpfiles] list of temporary files\n * @param {Function} callback Called with (error, stdout-substring)\n */\nfunction exec(params, searchStr, tmpfiles, callback) {\n if (!callback && typeof tmpfiles === 'function') {\n callback = tmpfiles\n tmpfiles = false\n }\n\n spawnWrapper(params, tmpfiles, function (err, code, stdout, stderr) {\n var start, end\n\n if (err) {\n return callback(err)\n }\n\n if ((start = stdout.match(new RegExp('-+BEGIN ' + searchStr + '-+$', 'mu')))) {\n start = start.index\n } else {\n start = -1\n }\n\n // To get the full EC key with parameters and private key\n if (searchStr === 'EC PARAMETERS') {\n searchStr = 'EC PRIVATE KEY'\n }\n\n if ((end = stdout.match(new RegExp('^\\\\-+END ' + searchStr + '\\\\-+', 'm')))) {\n end = end.index + end[0].length\n } else {\n end = -1\n }\n\n if (start >= 0 && end >= 0) {\n return callback(null, stdout.substring(start, end))\n } else {\n return callback(new Error(searchStr + ' not found from openssl output:\\n---stdout---\\n' + stdout + '\\n---stderr---\\n' + stderr + '\\ncode: ' + code))\n }\n })\n}\n\n/**\n * Spawn an openssl command and get binary output\n *\n * @static\n * @param {Array} params Array of openssl command line parameters\n * @param {Array} [tmpfiles] list of temporary files\n * @param {Function} callback Called with (error, stdout)\n */\nfunction execBinary(params, tmpfiles, callback) {\n if (!callback && typeof tmpfiles === 'function') {\n callback = tmpfiles\n tmpfiles = false\n }\n spawnWrapper(params, tmpfiles, true, function (err, code, stdout, stderr) {\n debug(\"execBinary\", {err, code, stdout, stderr})\n if (err) {\n return callback(err)\n }\n return callback(null, stdout)\n })\n}\n\n/**\n * Generically spawn openSSL, without processing the result\n *\n * @static\n * @param {Array} params The parameters to pass to openssl\n * @param {Boolean} binary Output of openssl is binary or text\n * @param {Function} callback Called with (error, exitCode, stdout, stderr)\n */\nfunction spawn(params, binary, callback) {\n var pathBin = get('pathOpenSSL') || process.env.OPENSSL_BIN || 'openssl'\n\n testOpenSSLPath(pathBin, function (err) {\n if (err) {\n return callback(err)\n }\n var openssl = cpspawn(pathBin, params)\n var stderr = ''\n\n var stdout = (binary ? Buffer.alloc(0) : '')\n openssl.stdout.on('data', function (data) {\n if (!binary) {\n stdout += data.toString('binary')\n } else {\n stdout = Buffer.concat([stdout, data])\n }\n })\n\n openssl.stderr.on('data', function (data) {\n stderr += data.toString('binary')\n })\n // We need both the return code and access to all of stdout. Stdout isn't\n // *really* available until the close event fires; the timing nuance was\n // making this fail periodically.\n var needed = 2 // wait for both exit and close.\n var code = -1\n var finished = false\n var done = function (err) {\n if (finished) {\n return\n }\n\n if (err) {\n finished = true\n return callback(err)\n }\n\n if (--needed < 1) {\n finished = true\n if (code !== 0) {\n if (code === 2 && (stderr === '' || /depth lookup: unable to/.test(stderr) || /depth lookup: self(-|\\s)signed certificate/.test(stderr))) {\n return callback(null, code, stdout, stderr)\n }\n return callback(new Error('Invalid openssl exit code: ' + code + '\\n% openssl ' + params.join(' ') + '\\n' + stderr), code)\n } else {\n return callback(null, code, stdout, stderr)\n }\n }\n }\n\n openssl.on('error', done)\n\n openssl.on('exit', function (ret) {\n code = ret\n done()\n })\n\n openssl.on('close', function () {\n stdout = (binary ? stdout : Buffer.from(stdout, 'binary').toString('utf-8'))\n stderr = Buffer.from(stderr, 'binary').toString('utf-8')\n done()\n })\n })\n}\n\n/**\n * Wrapper for spawn method\n *\n * @static\n * @param {Array} params The parameters to pass to openssl\n * @param {Array} [tmpfiles] list of temporary files\n * @param {Boolean} [binary] Output of openssl is binary or text\n * @param {Function} callback Called with (error, exitCode, stdout, stderr)\n */\nfunction spawnWrapper(params, tmpfiles, binary, callback) {\n if (!callback && typeof binary === 'function') {\n callback = binary\n binary = false\n }\n\n var files = []\n var delTempPWFiles = []\n\n if (tmpfiles) {\n tmpfiles = [].concat(tmpfiles)\n var fpath, i\n for (i = 0; i < params.length; i++) {\n if (params[i] === '--TMPFILE--') {\n fpath = pathlib.join(tempDir, crypto.randomBytes(20).toString('hex'))\n files.push({\n path: fpath,\n contents: tmpfiles.shift()\n })\n params[i] = fpath\n delTempPWFiles.push(fpath)\n }\n }\n }\n\n var file\n for (i = 0; i < files.length; i++) {\n file = files[i]\n fs.writeFileSync(file.path, file.contents)\n }\n\n spawn(params, binary, function (err, code, stdout, stderr) {\n helper.deleteTempFiles(delTempPWFiles, function (fsErr) {\n debug(params[0], {\n err: err,\n fsErr: fsErr,\n code: code,\n stdout: stdout,\n stderr: stderr\n })\n callback(err || fsErr, code, stdout, stderr)\n })\n })\n}\n\n/**\n * Validates the pathBin for the openssl command\n *\n * @private\n * @param {String} pathBin The path to OpenSSL Bin\n * @param {Function} callback Callback function with an error object\n */\nfunction testOpenSSLPath(pathBin, callback) {\n which(pathBin, function (error) {\n if (error) {\n return callback(new Error('Could not find openssl on your system on this path: ' + pathBin))\n }\n callback()\n })\n}\n\n/* Once PEM is imported, the openSslVersion is set with this function. */\nspawn(['version'], false, function (err, code, stdout, stderr) {\n var text = String(stdout) + '\\n' + String(stderr) + '\\n' + String(err)\n let version = versionRegEx.exec(text)\n if (version === null || version.length <= 7) return\n set('openSslVersion', (version[1]).toUpperCase())\n set('Vendor', (version[1]).toUpperCase())\n set('VendorVersion', version[2])\n set('VendorVersionMajorMinor', version[3])\n set('VendorVersionMajor', version[4])\n set('VendorVersionMinor', version[5])\n set('VendorVersionPatch', version[6])\n set('VendorVersionBuildChar', typeof version[7] === 'undefined' ? '' : version[7])\n})\n\nmodule.exports = {\n exec: exec,\n execBinary: execBinary,\n spawn: spawn,\n spawnWrapper: spawnWrapper,\n settings: settings,\n set: set,\n get: get\n}\n","'use strict'\n\n/**\n * pem module\n *\n * @module pem\n */\nconst {debug} = require('./debug.js')\nconst {promisify} = require('es6-promisify')\nvar net = require('net')\nvar helper = require('./helper.js')\nvar openssl = require('./openssl.js')\nconst hash_md5 = require(\"md5\")\n\nmodule.exports.createPrivateKey = createPrivateKey\nmodule.exports.createDhparam = createDhparam\nmodule.exports.createEcparam = createEcparam\nmodule.exports.createCSR = createCSR\nmodule.exports.createCertificate = createCertificate\nmodule.exports.readCertificateInfo = readCertificateInfo\nmodule.exports.getPublicKey = getPublicKey\nmodule.exports.getFingerprint = getFingerprint\nmodule.exports.getModulus = getModulus\nmodule.exports.getDhparamInfo = getDhparamInfo\nmodule.exports.createPkcs12 = createPkcs12\nmodule.exports.readPkcs12 = readPkcs12\nmodule.exports.verifySigningChain = verifySigningChain\nmodule.exports.checkCertificate = checkCertificate\nmodule.exports.checkPkcs12 = checkPkcs12\nmodule.exports.config = config\n\n/**\n * quick access the convert module\n * @type {module:convert}\n */\nmodule.exports.convert = require('./convert.js')\n\nvar KEY_START = '-----BEGIN PRIVATE KEY-----'\nvar KEY_END = '-----END PRIVATE KEY-----'\nvar RSA_KEY_START = '-----BEGIN RSA PRIVATE KEY-----'\nvar RSA_KEY_END = '-----END RSA PRIVATE KEY-----'\nvar ENCRYPTED_KEY_START = '-----BEGIN ENCRYPTED PRIVATE KEY-----'\nvar ENCRYPTED_KEY_END = '-----END ENCRYPTED PRIVATE KEY-----'\nvar CERT_START = '-----BEGIN CERTIFICATE-----'\nvar CERT_END = '-----END CERTIFICATE-----'\n\n/**\n * Creates a private key\n *\n * @static\n * @param {Number} [keyBitsize=2048] Size of the key, defaults to 2048bit\n * @param {Object} [options] object of cipher and password {cipher:'aes128',password:'xxx'}, defaults empty object\n * @param {String} [options.cipher] string of the cipher for the encryption - needed with password\n * @param {String} [options.password] string of the cipher password for the encryption needed with cipher\n * @param {Function} callback Callback function with an error object and {key}\n */\nfunction createPrivateKey(keyBitsize, options, callback) {\n if (!callback && !options && typeof keyBitsize === 'function') {\n callback = keyBitsize\n keyBitsize = undefined\n options = {}\n } else if (!callback && keyBitsize && typeof options === 'function') {\n callback = options\n options = {}\n }\n\n keyBitsize = Number(keyBitsize) || 2048\n\n var params = ['genrsa']\n\n if (openssl.get('Vendor') === 'OPENSSL' && openssl.get('VendorVersionMajor') >= 3) {\n params.push('-traditional')\n }\n\n var delTempPWFiles = []\n\n if (options && options.cipher && (Number(helper.ciphers.indexOf(options.cipher)) !== -1) && options.password) {\n debug('helper.createPasswordFile', {\n cipher: options.cipher,\n password: options.password,\n passType: 'out'\n })\n helper.createPasswordFile({\n cipher: options.cipher,\n password: options.password,\n passType: 'out'\n }, params, delTempPWFiles)\n }\n\n params.push(keyBitsize)\n\n debug('version', openssl.get('openSslVersion'))\n\n openssl.exec(params, '(RSA |ENCRYPTED |)PRIVATE KEY', function (sslErr, key) {\n function done(err) {\n if (err) {\n return callback(err)\n }\n return callback(null, {\n key: key\n })\n }\n\n helper.deleteTempFiles(delTempPWFiles, function (fsErr) {\n debug('createPrivateKey', {\n sslErr: sslErr,\n fsErr: fsErr,\n key: key,\n keyLength: key && key.length\n })\n done(sslErr || fsErr)\n })\n })\n}\n\n/**\n * Creates a dhparam key\n *\n * @static\n * @param {Number} [keyBitsize=512] Size of the key, defaults to 512bit\n * @param {Function} callback Callback function with an error object and {dhparam}\n */\nfunction createDhparam(keyBitsize, callback) {\n if (!callback && typeof keyBitsize === 'function') {\n callback = keyBitsize\n keyBitsize = undefined\n }\n\n keyBitsize = Number(keyBitsize) || 512\n\n var params = ['dhparam',\n '-outform',\n 'PEM',\n keyBitsize\n ]\n\n openssl.exec(params, 'DH PARAMETERS', function (error, dhparam) {\n if (error) {\n return callback(error)\n }\n return callback(null, {\n dhparam: dhparam\n })\n })\n}\n\n/**\n * Creates a ecparam key\n * @static\n * @param {String} [keyName=secp256k1] Name of the key, defaults to secp256k1\n * @param {String} [paramEnc=explicit] Encoding of the elliptic curve parameters, defaults to explicit\n * @param {Boolean} [noOut=false] This option inhibits the output of the encoded version of the parameters.\n * @param {Function} callback Callback function with an error object and {ecparam}\n */\nfunction createEcparam(keyName, paramEnc, noOut, callback) {\n if (!callback && typeof noOut === 'undefined' && !paramEnc && typeof keyName === 'function') {\n callback = keyName\n keyName = undefined\n } else if (!callback && typeof noOut === 'undefined' && keyName && typeof paramEnc === 'function') {\n callback = paramEnc\n paramEnc = undefined\n } else if (!callback && typeof noOut === 'function' && keyName && paramEnc) {\n callback = noOut\n noOut = undefined\n }\n\n keyName = keyName || 'secp256k1'\n paramEnc = paramEnc || 'explicit'\n noOut = noOut || false\n\n var params = ['ecparam',\n '-name',\n keyName,\n '-genkey',\n '-param_enc',\n paramEnc\n ]\n\n var searchString = 'EC PARAMETERS'\n if (noOut) {\n params.push('-noout')\n searchString = 'EC PRIVATE KEY'\n }\n\n openssl.exec(params, searchString, function (error, ecparam) {\n if (error) {\n return callback(error)\n }\n return callback(null, {\n ecparam: ecparam\n })\n })\n}\n\n/**\n * Creates a Certificate Signing Request\n * If client key is undefined, a new key is created automatically. The used key is included\n * in the callback return as clientKey\n * @static\n * @param {Object} [options] Optional options object\n * @param {String} [options.clientKey] Optional client key to use\n * @param {Number} [options.keyBitsize] If clientKey is undefined, bit size to use for generating a new key (defaults to 2048)\n * @param {String} [options.hash] Hash function to use (either md5 sha1 or sha256, defaults to sha256)\n * @param {String} [options.country] CSR country field\n * @param {String} [options.state] CSR state field\n * @param {String} [options.locality] CSR locality field\n * @param {String} [options.organization] CSR organization field\n * @param {String} [options.organizationUnit] CSR organizational unit field\n * @param {String} [options.commonName='localhost'] CSR common name field\n * @param {String} [options.emailAddress] CSR email address field\n * @param {String} [options.csrConfigFile] CSR config file\n * @param {Array} [options.altNames] is a list of subjectAltNames in the subjectAltName field\n * @param {Function} callback Callback function with an error object and {csr, clientKey}\n */\nfunction createCSR(options, callback) {\n if (!callback && typeof options === 'function') {\n callback = options\n options = undefined\n }\n\n let delTempPWFiles = []\n\n options = options || {}\n\n // http://stackoverflow.com/questions/14089872/why-does-node-js-accept-ip-addresses-in-certificates-only-for-san-not-for-cn\n if (options.commonName && (net.isIPv4(options.commonName) || net.isIPv6(options.commonName))) {\n if (!options.altNames) {\n options.altNames = [options.commonName]\n } else if (options.altNames.indexOf(options.commonName) === -1) {\n options.altNames = options.altNames.concat([options.commonName])\n }\n }\n\n if (!options.clientKey) {\n if (options && (options.password || options.clientKeyPassword)) {\n options.password = options.password || options.clientKeyPassword || ''\n }\n createPrivateKey(options.keyBitsize || 2048, options, function (error, keyData) {\n if (error) {\n return callback(error)\n }\n options.clientKey = keyData.key\n\n createCSR(options, callback)\n })\n return\n }\n\n var params = ['req',\n '-new',\n '-' + (options.hash || 'sha256')\n ]\n\n if (options.csrConfigFile) {\n params.push('-config')\n params.push(options.csrConfigFile)\n } else {\n params.push('-subj')\n params.push(generateCSRSubject(options))\n }\n\n params.push('-key')\n params.push('--TMPFILE--')\n\n var tmpfiles = [options.clientKey]\n var config = null\n\n if (options && (options.password || options.clientKeyPassword)) {\n helper.createPasswordFile({\n cipher: '',\n password: options.password || options.clientKeyPassword,\n passType: 'in'\n }, params, delTempPWFiles)\n }\n\n if (options.altNames && Array.isArray(options.altNames) && options.altNames.length) {\n params.push('-extensions')\n params.push('v3_req')\n params.push('-config')\n params.push('--TMPFILE--')\n var altNamesRep = []\n for (var i = 0; i < options.altNames.length; i++) {\n altNamesRep.push((net.isIP(options.altNames[i]) ? 'IP' : 'DNS') + '.' + (i + 1) + ' = ' + options.altNames[i])\n }\n\n tmpfiles.push(config = [\n '[req]',\n 'req_extensions = v3_req',\n 'distinguished_name = req_distinguished_name',\n '[v3_req]',\n 'subjectAltName = @alt_names',\n '[alt_names]',\n altNamesRep.join('\\n'),\n '[req_distinguished_name]',\n 'commonName = Common Name',\n 'commonName_max = 64'\n ].join('\\n'))\n } else if (options.config) {\n config = options.config\n }\n\n\n if (options.clientKeyPassword) {\n helper.createPasswordFile({\n cipher: '',\n password: options.clientKeyPassword,\n passType: 'in'\n }, params, delTempPWFiles)\n }\n\n openssl.exec(params, 'CERTIFICATE REQUEST', tmpfiles, function (sslErr, data) {\n function done(err) {\n if (err) {\n return callback(err)\n }\n callback(null, {\n csr: data,\n config: config,\n clientKey: options.clientKey\n })\n }\n\n helper.deleteTempFiles(delTempPWFiles, function (fsErr) {\n done(sslErr || fsErr)\n })\n })\n}\n\n/**\n * Creates a certificate based on a CSR. If CSR is not defined, a new one\n * will be generated automatically. For CSR generation all the options values\n * can be used as with createCSR.\n * @static\n * @param {Object} [options] Optional options object\n * @param {String} [options.serviceCertificate] PEM encoded certificate\n * @param {String} [options.serviceKey] Private key for signing the certificate, if not defined a new one is generated\n * @param {String} [options.serviceKeyPassword] Password of the service key\n * @param {Boolean} [options.selfSigned] If set to true and serviceKey is not defined, use clientKey for signing\n * @param {String|Number} [options.serial] Set a serial max. 20 octets - only together with options.serviceCertificate\n * @param {String} [options.serialFile] Set the name of the serial file, without extension. - only together with options.serviceCertificate and never in tandem with options.serial\n * @param {String} [options.hash] Hash function to use (either md5 sha1 or sha256, defaults to sha256)\n * @param {String} [options.csr] CSR for the certificate, if not defined a new one is generated\n * @param {Number} [options.days] Certificate expire time in days\n * @param {String} [options.clientKeyPassword] Password of the client key\n * @param {String} [options.extFile] extension config file - without '-extensions v3_req'\n * @param {String} [options.config] extension config file - with '-extensions v3_req'\n * @param {String} [options.csrConfigFile] CSR config file - only used if no options.csr is provided\n * @param {Array} [options.altNames] is a list of subjectAltNames in the subjectAltName field - only used if no options.csr is provided\n * @param {Function} callback Callback function with an error object and {certificate, csr, clientKey, serviceKey}\n */\nfunction createCertificate(options, callback) {\n if (!callback && typeof options === 'function') {\n callback = options\n options = undefined\n }\n\n options = options || {}\n\n if (!options.csr) {\n createCSR(options, function (error, keyData) {\n if (error) {\n return callback(error)\n }\n options.csr = keyData.csr\n options.config = keyData.config\n options.clientKey = keyData.clientKey\n createCertificate(options, callback)\n })\n return\n }\n\n if (!options.clientKey) {\n options.clientKey = ''\n }\n\n if (!options.serviceKey) {\n if (options.selfSigned) {\n options.serviceKey = options.clientKey\n } else {\n createPrivateKey(options.keyBitsize || 2048, {\n cipher: options.cipher,\n password: options.clientKeyPassword || ''\n }, function (error, keyData) {\n if (error) {\n return callback(error)\n }\n options.serviceKey = keyData.key\n createCertificate(options, callback)\n })\n return\n }\n }\n\n readCertificateInfo(options.csr, function (error2, data2) {\n if (error2) {\n return callback(error2)\n }\n\n var params = ['x509',\n '-req',\n '-' + (options.hash || 'sha256'),\n '-days',\n Number(options.days) || '365',\n '-in',\n '--TMPFILE--'\n ]\n var tmpfiles = [options.csr]\n var delTempPWFiles = []\n\n if (options.serviceCertificate) {\n params.push('-CA')\n params.push('--TMPFILE--')\n params.push('-CAkey')\n params.push('--TMPFILE--')\n if (options.serial) {\n params.push('-set_serial')\n if (helper.isNumber(options.serial)) {\n // set the serial to the max lenth of 20 octets ()\n // A certificate serial number is not decimal conforming. That is the\n // bytes in a serial number do not necessarily map to a printable ASCII\n // character.\n // eg: 0x00 is a valid serial number and can not be represented in a\n // human readable format (atleast one that can be directly mapped to\n // the ACSII table).\n params.push('0x' + ('0000000000000000000000000000000000000000' + options.serial.toString(16)).slice(-40))\n } else {\n if (helper.isHex(options.serial)) {\n if (options.serial.startsWith('0x')) {\n options.serial = options.serial.substring(2, options.serial.length)\n }\n params.push('0x' + ('0000000000000000000000000000000000000000' + options.serial).slice(-40))\n } else {\n params.push('0x' + ('0000000000000000000000000000000000000000' + helper.toHex(options.serial)).slice(-40))\n }\n }\n } else {\n params.push('-CAcreateserial')\n if (options.serialFile) {\n params.push('-CAserial')\n params.push(options.serialFile + '.srl')\n }\n }\n if (options.serviceKeyPassword) {\n helper.createPasswordFile({\n cipher: '',\n password: options.serviceKeyPassword,\n passType: 'in'\n }, params, delTempPWFiles)\n }\n tmpfiles.push(options.serviceCertificate)\n tmpfiles.push(options.serviceKey)\n } else {\n params.push('-signkey')\n params.push('--TMPFILE--')\n if (options.serviceKeyPassword) {\n helper.createPasswordFile({\n cipher: '',\n password: options.serviceKeyPassword,\n passType: 'in'\n }, params, delTempPWFiles)\n }\n tmpfiles.push(options.serviceKey)\n }\n\n if (options.config) {\n params.push('-extensions')\n params.push('v3_req')\n params.push('-extfile')\n params.push('--TMPFILE--')\n tmpfiles.push(options.config)\n } else if (options.extFile) {\n params.push('-extfile')\n params.push(options.extFile)\n } else {\n var altNamesRep = []\n if (data2 && data2.san) {\n for (var i = 0; i < data2.san.dns.length; i++) {\n altNamesRep.push('DNS' + '.' + (i + 1) + ' = ' + data2.san.dns[i])\n }\n for (var i2 = 0; i2 < data2.san.ip.length; i2++) {\n altNamesRep.push('IP' + '.' + (i2 + 1) + ' = ' + data2.san.ip[i2])\n }\n for (var i3 = 0; i3 < data2.san.email.length; i3++) {\n altNamesRep.push('email' + '.' + (i3 + 1) + ' = ' + data2.san.email[i3])\n }\n params.push('-extensions')\n params.push('v3_req')\n params.push('-extfile')\n params.push('--TMPFILE--')\n tmpfiles.push([\n '[v3_req]',\n 'subjectAltName = @alt_names',\n '[alt_names]',\n altNamesRep.join('\\n')\n ].join('\\n'))\n }\n }\n\n if (options.clientKeyPassword) {\n helper.createPasswordFile({\n cipher: '',\n password: options.clientKeyPassword,\n passType: 'in'\n }, params, delTempPWFiles)\n }\n\n openssl.exec(params, 'CERTIFICATE', tmpfiles, function (sslErr, data) {\n function done(err) {\n if (err) {\n return callback(err)\n }\n var response = {\n csr: options.csr,\n clientKey: options.clientKey,\n certificate: data,\n serviceKey: options.serviceKey\n }\n return callback(null, response)\n }\n\n helper.deleteTempFiles(delTempPWFiles, function (fsErr) {\n done(sslErr || fsErr)\n })\n })\n })\n}\n\n/**\n * Exports a public key from a private key, CSR or certificate\n * @static\n * @param {String} certificate PEM encoded private key, CSR or certificate\n * @param {Function} callback Callback function with an error object and {publicKey}\n */\nfunction getPublicKey(certificate, callback) {\n if (!callback && typeof certificate === 'function') {\n callback = certificate\n certificate = undefined\n }\n\n certificate = (certificate || '').toString()\n\n var params\n\n if (certificate.match(/BEGIN(\\sNEW)? CERTIFICATE REQUEST/)) {\n params = ['req',\n '-in',\n '--TMPFILE--',\n '-pubkey',\n '-noout'\n ]\n } else if (certificate.match(/BEGIN RSA PRIVATE KEY/) || certificate.match(/BEGIN PRIVATE KEY/)) {\n params = ['rsa',\n '-in',\n '--TMPFILE--',\n '-pubout'\n ]\n } else {\n params = ['x509',\n '-in',\n '--TMPFILE--',\n '-pubkey',\n '-noout'\n ]\n }\n\n openssl.exec(params, 'PUBLIC KEY', certificate, function (error, key) {\n if (error) {\n return callback(error)\n }\n return callback(null, {\n publicKey: key\n })\n })\n}\n\n/**\n * Reads subject data from a certificate or a CSR\n * @static\n * @param {String} certificate PEM encoded CSR or certificate\n * @param {Function} callback Callback function with an error object and {country, state, locality, organization, organizationUnit, commonName, emailAddress}\n */\nfunction readCertificateInfo(certificate, callback) {\n if (!callback && typeof certificate === 'function') {\n callback = certificate\n certificate = undefined\n }\n\n certificate = (certificate || '').toString()\n var isMatch = certificate.match(/BEGIN(\\sNEW)? CERTIFICATE REQUEST/)\n var type = isMatch ? 'req' : 'x509'\n var params = [type,\n '-noout',\n '-nameopt',\n 'RFC2253,sep_multiline,space_eq,-esc_msb,utf8',\n '-text',\n '-in',\n '--TMPFILE--'\n ]\n openssl.spawnWrapper(params, certificate, function (err, code, stdout, stderr) {\n if (err) {\n return callback(err)\n } else if (stderr) {\n return callback(stderr)\n }\n return fetchCertificateData(stdout, callback)\n })\n}\n\n/**\n * get the modulus from a certificate, a CSR or a private key\n * @static\n * @param {String} certificate PEM encoded, CSR PEM encoded, or private key\n * @param {String} [password] password for the certificate\n * @param {String} [hash] hash function to use (up to now `md5` supported) (default: none)\n * @param {Function} callback Callback function with an error object and {modulus}\n */\nfunction getModulus(certificate, password, hash, callback) {\n if (!callback && !hash && typeof password === 'function') {\n callback = password\n password = undefined\n hash = false\n } else if (!callback && hash && typeof hash === 'function') {\n callback = hash\n hash = false\n // password will be falsy if not provided\n }\n // adding hash function to params, is not supported by openssl.\n // process piping would be the right way (... | openssl md5)\n // No idea how this can be achieved in easy with the current build in methods\n // of pem.\n if (hash && hash !== 'md5') {\n hash = false\n }\n\n certificate = (Buffer.isBuffer(certificate) && certificate.toString()) || certificate\n\n let type\n if (certificate.match(/BEGIN(\\sNEW)? CERTIFICATE REQUEST/)) {\n type = 'req'\n } else if (certificate.match(/BEGIN RSA PRIVATE KEY/) || certificate.match(/BEGIN PRIVATE KEY/)) {\n type = 'rsa'\n } else {\n type = 'x509'\n }\n let params = [\n type,\n '-noout',\n '-modulus',\n '-in',\n '--TMPFILE--'\n ]\n let delTempPWFiles = []\n if (password) {\n helper.createPasswordFile({cipher: '', password: password, passType: 'in'}, params, delTempPWFiles)\n }\n\n openssl.spawnWrapper(params, certificate, function (sslErr, code, stdout, stderr) {\n function done(err) {\n if (err) {\n return callback(err)\n }\n var match = stdout.match(/Modulus=([0-9a-fA-F]+)$/m)\n if (match) {\n if (hash === 'md5') {\n return callback(null, {\n modulus: hash_md5(match[1])\n })\n }\n\n return callback(null, {\n modulus: match[1]\n })\n\n } else {\n return callback(new Error('No modulus'))\n }\n }\n\n helper.deleteTempFiles(delTempPWFiles, function (fsErr) {\n done(sslErr || fsErr || stderr)\n })\n })\n}\n\n/**\n * get the size and prime of DH parameters\n * @static\n * @param {String} dh parameters PEM encoded\n * @param {Function} callback Callback function with an error object and {size, prime}\n */\nfunction getDhparamInfo(dh, callback) {\n dh = (Buffer.isBuffer(dh) && dh.toString()) || dh\n\n var params = [\n 'dhparam',\n '-text',\n '-in',\n '--TMPFILE--'\n ]\n\n openssl.spawnWrapper(params, dh, function (err, code, stdout, stderr) {\n if (err) {\n return callback(err)\n } else if (stderr) {\n return callback(stderr)\n }\n\n var result = {}\n var match = stdout.match(/Parameters: \\((\\d+) bit\\)/)\n\n if (match) {\n result.size = Number(match[1])\n }\n\n var prime = ''\n stdout.split('\\n').forEach(function (line) {\n if (/\\s+([0-9a-f][0-9a-f]:)+[0-9a-f]?[0-9a-f]?/g.test(line)) {\n prime += line.trim()\n }\n })\n\n if (prime) {\n result.prime = prime\n }\n\n if (!match && !prime) {\n return callback(new Error('No DH info found'))\n }\n\n return callback(null, result)\n })\n}\n\n/**\n * config the pem module\n * @static\n * @param {Object} options\n */\nfunction config(options) {\n Object.keys(options).forEach(function (k) {\n openssl.set(k, options[k])\n })\n}\n\n/**\n * Gets the fingerprint for a certificate\n * @static\n * @param {String} certificate PEM encoded certificate\n * @param {String} [hash] hash function to use (either `md5`, `sha1` or `sha256`, defaults to `sha1`)\n * @param {Function} callback Callback function with an error object and {fingerprint}\n */\nfunction getFingerprint(certificate, hash, callback) {\n if (!callback && typeof hash === 'function') {\n callback = hash\n hash = undefined\n }\n\n hash = hash || 'sha1'\n\n var params = ['x509',\n '-in',\n '--TMPFILE--',\n '-fingerprint',\n '-noout',\n '-' + hash\n ]\n\n openssl.spawnWrapper(params, certificate, function (err, code, stdout, stderr) {\n if (err) {\n return callback(err)\n } else if (stderr) {\n return callback(stderr)\n }\n var match = stdout.match(/Fingerprint=([0-9a-fA-F:]+)$/m)\n if (match) {\n return callback(null, {\n fingerprint: match[1]\n })\n } else {\n return callback(new Error('No fingerprint'))\n }\n })\n}\n\n/**\n * Export private key and certificate to a PKCS12 keystore\n * @static\n * @param {String} key PEM encoded private key\n * @param {String} certificate PEM encoded certificate\n * @param {String} password Password of the result PKCS12 file\n * @param {Object} [options] object of cipher and optional client key password {cipher:'aes128', clientKeyPassword: 'xxxx', certFiles: ['file1','file2']}\n * @param {Function} callback Callback function with an error object and {pkcs12}\n */\nfunction createPkcs12(key, certificate, password, options, callback) {\n if (!callback && typeof options === 'function') {\n callback = options\n options = {}\n }\n\n var params = ['pkcs12', '-export']\n var delTempPWFiles = []\n\n if (options.cipher && options.clientKeyPassword) {\n // NOTICE: The password field is needed! self if it is empty.\n // create password file for the import \"-passin\"\n helper.createPasswordFile({\n cipher: options.cipher,\n password: options.clientKeyPassword,\n passType: 'in'\n }, params, delTempPWFiles)\n }\n // NOTICE: The password field is needed! self if it is empty.\n // create password file for the password \"-password\"\n helper.createPasswordFile({cipher: '', password: password, passType: 'word'}, params, delTempPWFiles)\n\n params.push('-in')\n params.push('--TMPFILE--')\n params.push('-inkey')\n params.push('--TMPFILE--')\n\n var tmpfiles = [certificate, key]\n\n if (options.certFiles) {\n tmpfiles.push(options.certFiles.join(''))\n\n params.push('-certfile')\n params.push('--TMPFILE--')\n }\n\n openssl.execBinary(params, tmpfiles, function (sslErr, pkcs12) {\n function done(err) {\n if (err) {\n return callback(err)\n }\n return callback(null, {\n pkcs12: pkcs12\n })\n }\n\n helper.deleteTempFiles(delTempPWFiles, function (fsErr) {\n done(sslErr || fsErr)\n })\n })\n}\n\n/**\n * read sslcert data from Pkcs12 file. Results are provided in callback response in object notation ({cert: .., ca:..., key:...})\n * @static\n * @param {Buffer|String} bufferOrPath Buffer or path to file\n * @param {Object} [options] openssl options\n * @param {Function} callback Called with error object and sslcert bundle object\n */\nfunction readPkcs12(bufferOrPath, options, callback) {\n if (!callback && typeof options === 'function') {\n callback = options\n options = {}\n }\n\n options.p12Password = options.p12Password || ''\n\n var tmpfiles = []\n var delTempPWFiles = []\n var args = ['pkcs12', '-in', bufferOrPath]\n\n helper.createPasswordFile({cipher: '', password: options.p12Password, passType: 'in'}, args, delTempPWFiles)\n\n if (Buffer.isBuffer(bufferOrPath)) {\n tmpfiles = [bufferOrPath]\n args[2] = '--TMPFILE--'\n }\n\n if (openssl.get('Vendor') === \"OPENSSL\" && openssl.get('VendorVersionMajor') >= 3) {\n args.push('-legacy')\n args.push('-traditional')\n }\n\n if (options.clientKeyPassword) {\n helper.createPasswordFile({\n cipher: '',\n password: options.clientKeyPassword,\n passType: 'out'\n }, args, delTempPWFiles)\n } else {\n args.push('-nodes')\n }\n\n openssl.execBinary(args, tmpfiles, function (sslErr, stdout) {\n function done(err) {\n var keybundle = {}\n\n if (err && err.message.indexOf('No such file or directory') !== -1) {\n err.code = 'ENOENT'\n }\n\n if (!err) {\n var certs = readFromString(stdout, CERT_START, CERT_END)\n keybundle.cert = certs.shift()\n keybundle.ca = certs\n keybundle.key = readFromString(stdout, KEY_START, KEY_END).pop()\n\n debug(\"readPkcs12.execBinary - PRIVATE KEY - ?: \", keybundle.key)\n if (keybundle.key) {\n var args = ['rsa'];\n if (openssl.get('Vendor') === \"OPENSSL\" && openssl.get('VendorVersionMajor') >= 3) {\n args.push('-traditional')\n }\n args.push('-in');\n args.push('--TMPFILE--');\n\n // convert to RSA key\n return openssl.exec(args, '(RSA |)PRIVATE KEY', [keybundle.key], function (err, key) {\n if (err) {\n debug(\"readPkcs12.execBinary - PRIVATE KEY convert - error: \", err)\n }\n //debug(\"readPkcs12.execBinary - PRIVATE KEY\", key)\n keybundle.key = key\n\n return callback(err, keybundle)\n })\n }\n\n if (options.clientKeyPassword) {\n keybundle.key = readFromString(stdout, ENCRYPTED_KEY_START, ENCRYPTED_KEY_END).pop()\n debug(\"readPkcs12.execBinary - ENCRYPTED PRIVATE KEY - ?: \", keybundle.key)\n /*return openssl.exec(['rsa', '-in', '--TMPFILE--'], 'RSA PRIVATE KEY', [keybundle.key], function (err, key) {\n if (err) {\n debug(\"readPkcs12.execBinary - ENCRYPTED PRIVATE KEY - error: \", err)\n }\n debug(\"readPkcs12.execBinary - ENCRYPTED PRIVATE KEY\", key)\n keybundle.key = key\n\n return callback(err, keybundle)\n })*/\n } else {\n keybundle.key = readFromString(stdout, RSA_KEY_START, RSA_KEY_END).pop()\n debug(\"readPkcs12.execBinary - RSA PRIVATE KEY - ?: \", keybundle.key)\n /*return openssl.exec(['rsa', '-in', '--TMPFILE--'], 'RSA PRIVATE KEY', [keybundle.key], function (err, key) {\n if (err) {\n debug(\"readPkcs12.execBinary - RSA PRIVATE KEY - error: \", err)\n }\n debug(\"readPkcs12.execBinary - RSA PRIVATE KEY\", key)\n keybundle.key = key\n\n return callback(err, keybundle)\n })*/\n }\n }\n\n return callback(err, keybundle)\n }\n\n helper.deleteTempFiles(delTempPWFiles, function (fsErr) {\n done(sslErr || fsErr)\n })\n })\n}\n\n/**\n * Check a certificate\n * @static\n * @param {String} certificate PEM encoded certificate\n * @param {String} [passphrase] password for the certificate\n * @param {Function} callback Callback function with an error object and a boolean valid\n */\nfunction checkCertificate(certificate, passphrase, callback) {\n var params\n var delTempPWFiles = []\n\n if (!callback && typeof passphrase === 'function') {\n callback = passphrase\n passphrase = undefined\n }\n certificate = (certificate || '').toString()\n\n if (certificate.match(/BEGIN(\\sNEW)? CERTIFICATE REQUEST/)) {\n params = ['req', '-text', '-noout', '-verify', '-in', '--TMPFILE--']\n } else if (certificate.match(/BEGIN RSA PRIVATE KEY/) || certificate.match(/BEGIN PRIVATE KEY/)) {\n params = ['rsa', '-noout', '-check', '-in', '--TMPFILE--']\n } else {\n params = ['x509', '-text', '-noout', '-in', '--TMPFILE--']\n }\n if (passphrase) {\n helper.createPasswordFile({cipher: '', password: passphrase, passType: 'in'}, params, delTempPWFiles)\n }\n\n openssl.spawnWrapper(params, certificate, function (sslErr, code, stdout, stderr) {\n function done(err) {\n\n stdout = stdout && stdout.trim()\n var result\n switch (params[0]) {\n case 'rsa':\n result = /^Rsa key ok$/i.test(stdout)\n break\n default:\n result = /Signature Algorithm/im.test(stdout)\n break\n }\n if (!result) {\n if (openssl.get('Vendor') === \"OPENSSL\" && openssl.get('VendorVersionMajor') >= 3) {\n if (!(stderr && stderr.toString().trim().endsWith('verify OK'))) {\n return callback(new Error(stderr.toString()))\n }\n }\n if (err && err.toString().trim() !== 'verify OK') {\n return callback(err)\n }\n }\n callback(null, result)\n }\n\n helper.deleteTempFiles(delTempPWFiles, function (fsErr) {\n done(sslErr || fsErr || stderr)\n })\n })\n}\n\n/**\n * check a PKCS#12 file (.pfx or.p12)\n * @static\n * @param {Buffer|String} bufferOrPath PKCS#12 certificate\n * @param {String} [passphrase] optional passphrase which will be used to open the keystore\n * @param {Function} callback Callback function with an error object and a boolean valid\n */\nfunction checkPkcs12(bufferOrPath, passphrase, callback) {\n if (!callback && typeof passphrase === 'function') {\n callback = passphrase\n passphrase = ''\n }\n\n var tmpfiles = []\n var delTempPWFiles = []\n var args = ['pkcs12', '-info', '-in', bufferOrPath, '-noout', '-maciter', '-nodes']\n\n helper.createPasswordFile({cipher: '', password: passphrase, passType: 'in'}, args, delTempPWFiles)\n\n if (Buffer.isBuffer(bufferOrPath)) {\n tmpfiles = [bufferOrPath]\n args[3] = '--TMPFILE--'\n }\n\n if (openssl.get('Vendor') === \"OPENSSL\" && openssl.get('VendorVersionMajor') >= 3) {\n args.splice(2, 0, '-legacy');\n }\n\n openssl.spawnWrapper(args, tmpfiles, function (sslErr, code, stdout, stderr) {\n debug('checkPkcs12 error', {\n err: sslErr,\n code: code,\n stdout: stdout,\n stdoutResult: (/MAC verified OK/im.test(stderr) || (!(/MAC verified OK/im.test(stderr)) && !(/Mac verify error/im.test(stderr)))),\n stderr: stderr\n })\n\n function done(err) {\n if (err) {\n return callback(err)\n }\n callback(null, (/MAC verified OK/im.test(stderr) || (!(/MAC verified OK/im.test(stderr)) && !(/Mac verify error/im.test(stderr)))))\n }\n\n helper.deleteTempFiles(delTempPWFiles, function (fsErr) {\n debug('checkPkcs12 clean-up error', {\n sslErr: sslErr,\n fsErr: fsErr,\n code: code,\n stdout: stdout,\n stdoutResult: (/MAC verified OK/im.test(stderr) || (!(/MAC verified OK/im.test(stderr)) && !(/Mac verify error/im.test(stderr)))),\n stderr: stderr\n })\n done(sslErr || fsErr)\n })\n })\n}\n\n/**\n * Verifies the signing chain of the passed certificate\n * @static\n * @param {String|Array} certificate PEM encoded certificate include intermediate certificates\n * The correct order of trust chain must be preserved and should start with Leaf\n * certificate. Example array: [Leaf, Int CA 1, ... , Int CA N, Root CA].\n * @param {String|Array} ca [List] of CA certificates\n * @param {Function} callback Callback function with an error object and a boolean valid\n */\nfunction verifySigningChain(certificate, ca, callback) {\n if (!callback && typeof ca === 'function') {\n callback = ca\n ca = undefined\n }\n if (!Array.isArray(certificate)) {\n certificate = readFromString(certificate, CERT_START, CERT_END)\n }\n if (!Array.isArray(ca) && ca !== undefined) {\n if (ca !== '') {\n ca = [ca]\n }\n }\n\n var params = ['verify']\n var files = []\n\n if (ca !== undefined) {\n // ca certificates\n params.push('-CAfile')\n params.push('--TMPFILE--')\n files.push(ca.join('\\n'))\n }\n // extracting the very first - leaf - cert in chain\n var leaf = certificate.shift()\n\n if (certificate.length > 0) {\n params.push('-untrusted')\n params.push('--TMPFILE--')\n files.push(certificate.join('\\n'))\n }\n\n params.push('--TMPFILE--')\n files.push(leaf)\n\n openssl.spawnWrapper(params, files, function (err, code, stdout, stderr) {\n // OPENSSL 3.x don't use stdout to print the error\n debug('Vendor', openssl.get('Vendor'))\n debug('VendorVersionMajor', openssl.get('VendorVersionMajor'))\n debug('openssl.get(\\'VendorVersionMajor\\') >= 3', openssl.get('VendorVersionMajor') >= 3)\n\n if (openssl.get('Vendor') === \"OPENSSL\" && openssl.get('VendorVersionMajor') >= 3) {\n let openssl30Check = !!(stdout && stdout.trim().includes(\": OK\"));\n\n if (err) {\n debug('verifySigningChain error', {\n err: err,\n code: code,\n stdout: stdout,\n stdoutResult: openssl30Check,\n stderr: stderr\n })\n return callback(err)\n }\n\n debug('verifySigningChain error - use stderr', {\n err: err,\n code: code,\n stdout: stdout.trim(),\n stdoutResult: openssl30Check,\n stderr: stderr.trim()\n })\n return callback(null, openssl30Check)\n }\n // END: OPENSSL 3.x don't use stdout to print the error\n if (err) {\n debug('verifySigningChain error', {\n err: err,\n code: code,\n stdout: stdout,\n stdoutResult: stdout && stdout.trim().slice(-4) === ': OK',\n stderr: stderr\n })\n return callback(err)\n }\n debug('verifySigningChain', {\n err: err,\n code: code,\n stdout: stdout,\n stdoutResult: stdout && stdout.trim().slice(-4) === ': OK',\n stderr: stderr\n })\n callback(null, stdout && stdout.trim().slice(-4) === ': OK')\n })\n}\n\n// HELPER FUNCTIONS\nfunction fetchCertificateData(certData, callback) {\n // try catch : if something will fail in parsing it won't crash the calling code\n try {\n certData = (certData || '').toString()\n\n var serial, subject, tmp, issuer\n var certValues = {\n issuer: {}\n }\n var validity = {}\n var san\n\n var ky, i\n\n // serial\n if ((serial = certData.match(/\\s*Serial Number:\\r?\\n?\\s*([^\\r\\n]*)\\r?\\n\\s*\\b/)) && serial.length > 1) {\n certValues.serial = serial[1]\n }\n\n if ((subject = certData.match(/\\s*Subject:\\r?\\n(\\s*(([a-zA-Z0-9.]+)\\s=\\s[^\\r\\n]+\\r?\\n))*\\s*\\b/)) && subject.length > 1) {\n subject = subject[0]\n tmp = matchAll(subject, /\\s([a-zA-Z0-9.]+)\\s=\\s([^\\r\\n].*)/g)\n if (tmp) {\n for (i = 0; i < tmp.length; i++) {\n ky = tmp[i][1].trim()\n if (ky.match('(C|ST|L|O|OU|CN|emailAddress|DC)') || ky === '') {\n continue\n }\n certValues[ky] = tmp[i][2].trim()\n }\n }\n\n // country\n tmp = subject.match(/\\sC\\s=\\s([^\\r\\n].*?)[\\r\\n]/)\n certValues.country = (tmp && tmp[1]) || ''\n\n // state\n tmp = subject.match(/\\sST\\s=\\s([^\\r\\n].*?)[\\r\\n]/)\n certValues.state = (tmp && tmp[1]) || ''\n\n // locality\n tmp = subject.match(/\\sL\\s=\\s([^\\r\\n].*?)[\\r\\n]/)\n certValues.locality = (tmp && tmp[1]) || ''\n\n // organization\n tmp = matchAll(subject, /\\sO\\s=\\s([^\\r\\n].*)/g)\n certValues.organization = tmp ? (tmp.length > 1 ? tmp.sort(function (t, n) {\n var e = t[1].toUpperCase()\n var r = n[1].toUpperCase()\n return r > e ? -1 : e > r ? 1 : 0\n }).sort(function (t, n) {\n return t[1].length - n[1].length\n }).map(function (t) {\n return t[1]\n }) : tmp[0][1]) : ''\n\n // unit\n tmp = matchAll(subject, /\\sOU\\s=\\s([^\\r\\n].*)/g)\n certValues.organizationUnit = tmp ? (tmp.length > 1 ? tmp.sort(function (t, n) {\n var e = t[1].toUpperCase()\n var r = n[1].toUpperCase()\n return r > e ? -1 : e > r ? 1 : 0\n }).sort(function (t, n) {\n return t[1].length - n[1].length\n }).map(function (t) {\n return t[1]\n }) : tmp[0][1]) : ''\n\n // common name\n tmp = matchAll(subject, /\\sCN\\s=\\s([^\\r\\n].*)/g)\n certValues.commonName = tmp ? (tmp.length > 1 ? tmp.sort(function (t, n) {\n var e = t[1].toUpperCase()\n var r = n[1].toUpperCase()\n return r > e ? -1 : e > r ? 1 : 0\n }).sort(function (t, n) {\n return t[1].length - n[1].length\n }).map(function (t) {\n return t[1]\n }) : tmp[0][1]) : ''\n\n // email\n tmp = matchAll(subject, /emailAddress\\s=\\s([^\\r\\n].*)/g)\n certValues.emailAddress = tmp ? (tmp.length > 1 ? tmp.sort(function (t, n) {\n var e = t[1].toUpperCase()\n var r = n[1].toUpperCase()\n return r > e ? -1 : e > r ? 1 : 0\n }).sort(function (t, n) {\n return t[1].length - n[1].length\n }).map(function (t) {\n return t[1]\n }) : tmp[0][1]) : ''\n\n // DC name\n tmp = matchAll(subject, /\\sDC\\s=\\s([^\\r\\n].*)/g)\n certValues.dc = tmp ? (tmp.length > 1 ? tmp.sort(function (t, n) {\n var e = t[1].toUpperCase()\n var r = n[1].toUpperCase()\n return r > e ? -1 : e > r ? 1 : 0\n }).sort(function (t, n) {\n return t[1].length - n[1].length\n }).map(function (t) {\n return t[1]\n }) : tmp[0][1]) : ''\n }\n\n if ((issuer = certData.match(/\\s*Issuer:\\r?\\n(\\s*([a-zA-Z0-9.]+)\\s=\\s[^\\r\\n].*\\r?\\n)*\\s*\\b/)) && issuer.length > 1) {\n issuer = issuer[0]\n tmp = matchAll(issuer, /\\s([a-zA-Z0-9.]+)\\s=\\s([^\\r\\n].*)/g)\n for (i = 0; i < tmp.length; i++) {\n ky = tmp[i][1].toString()\n if (ky.match('(C|ST|L|O|OU|CN|emailAddress|DC)')) {\n continue\n }\n certValues.issuer[ky] = tmp[i][2].toString()\n }\n\n // country\n tmp = issuer.match(/\\sC\\s=\\s([^\\r\\n].*?)[\\r\\n]/)\n certValues.issuer.country = (tmp && tmp[1]) || ''\n\n // state\n tmp = issuer.match(/\\sST\\s=\\s([^\\r\\n].*?)[\\r\\n]/)\n certValues.issuer.state = (tmp && tmp[1]) || ''\n\n // locality\n tmp = issuer.match(/\\sL\\s=\\s([^\\r\\n].*?)[\\r\\n]/)\n certValues.issuer.locality = (tmp && tmp[1]) || ''\n\n // organization\n tmp = matchAll(issuer, /\\sO\\s=\\s([^\\r\\n].*)/g)\n certValues.issuer.organization = tmp ? (tmp.length > 1 ? tmp.sort(function (t, n) {\n var e = t[1].toUpperCase()\n var r = n[1].toUpperCase()\n return r > e ? -1 : e > r ? 1 : 0\n }).sort(function (t, n) {\n return t[1].length - n[1].length\n }).map(function (t) {\n return t[1]\n }) : tmp[0][1]) : ''\n\n // unit\n tmp = matchAll(issuer, /\\sOU\\s=\\s([^\\r\\n].*)/g)\n certValues.issuer.organizationUnit = tmp ? (tmp.length > 1 ? tmp.sort(function (t, n) {\n var e = t[1].toUpperCase()\n var\n r = n[1].toUpperCase()\n return r > e ? -1 : e > r ? 1 : 0\n }).sort(function (t, n) {\n return t[1].length - n[1].length\n }).map(function (t) {\n return t[1]\n }) : tmp[0][1]) : ''\n\n // common name\n tmp = matchAll(issuer, /\\sCN\\s=\\s([^\\r\\n].*)/g)\n certValues.issuer.commonName = tmp ? (tmp.length > 1 ? tmp.sort(function (t, n) {\n var e = t[1].toUpperCase()\n var\n r = n[1].toUpperCase()\n return r > e ? -1 : e > r ? 1 : 0\n }).sort(function (t, n) {\n return t[1].length - n[1].length\n }).map(function (t) {\n return t[1]\n }) : tmp[0][1]) : ''\n\n // DC name\n tmp = matchAll(issuer, /\\sDC\\s=\\s([^\\r\\n].*)/g)\n certValues.issuer.dc = tmp ? (tmp.length > 1 ? tmp.sort(function (t, n) {\n var e = t[1].toUpperCase()\n var\n r = n[1].toUpperCase()\n return r > e ? -1 : e > r ? 1 : 0\n }).sort(function (t, n) {\n return t[1].length - n[1].length\n }).map(function (t) {\n return t[1]\n }) : tmp[0][1]) : ''\n }\n\n // SAN\n if ((san = certData.match(/X509v3 Subject Alternative Name: \\r?\\n([^\\r\\n]*)\\r?\\n/)) && san.length > 1) {\n san = san[1].trim() + '\\n'\n certValues.san = {}\n\n // hostnames\n tmp = pregMatchAll('DNS:([^,\\\\r\\\\n].*?)[,\\\\r\\\\n\\\\s]', san)\n certValues.san.dns = tmp || ''\n\n // IP-Addresses IPv4 & IPv6\n tmp = pregMatchAll('IP Address:([^,\\\\r\\\\n].*?)[,\\\\r\\\\n\\\\s]', san)\n certValues.san.ip = tmp || ''\n\n // Email Addresses\n tmp = pregMatchAll('email:([^,\\\\r\\\\n].*?)[,\\\\r\\\\n\\\\s]', san)\n certValues.san.email = tmp || ''\n }\n\n // Validity\n if ((tmp = certData.match(/Not Before\\s?:\\s?([^\\r\\n]*)\\r?\\n/)) && tmp.length > 1) {\n validity.start = Date.parse((tmp && tmp[1]) || '')\n }\n\n if ((tmp = certData.match(/Not After\\s?:\\s?([^\\r\\n]*)\\r?\\n/)) && tmp.length > 1) {\n validity.end = Date.parse((tmp && tmp[1]) || '')\n }\n\n if (validity.start && validity.end) {\n certValues.validity = validity\n }\n // Validity end\n\n // Signature Algorithm\n if ((tmp = certData.match(/Signature Algorithm: ([^\\r\\n]*)\\r?\\n/)) && tmp.length > 1) {\n certValues.signatureAlgorithm = (tmp && tmp[1]) || ''\n }\n\n // Public Key\n if ((tmp = certData.match(/Public[ -]Key: ([^\\r\\n]*)\\r?\\n/)) && tmp.length > 1) {\n certValues.publicKeySize = ((tmp && tmp[1]) || '').replace(/[()]/g, '')\n }\n\n // Public Key Algorithm\n if ((tmp = certData.match(/Public Key Algorithm: ([^\\r\\n]*)\\r?\\n/)) && tmp.length > 1) {\n certValues.publicKeyAlgorithm = (tmp && tmp[1]) || ''\n }\n\n callback(null, certValues)\n } catch (err) {\n callback(err)\n }\n}\n\nfunction matchAll(str, regexp) {\n var matches = []\n str.replace(regexp, function () {\n var arr = ([]).slice.call(arguments, 0)\n var extras = arr.splice(-2)\n arr.index = extras[0]\n arr.input = extras[1]\n matches.push(arr)\n })\n return matches.length ? matches : null\n}\n\nfunction pregMatchAll(regex, haystack) {\n var globalRegex = new RegExp(regex, 'g')\n var globalMatch = haystack.match(globalRegex) || []\n var matchArray = []\n var nonGlobalRegex, nonGlobalMatch\n for (var i = 0; i < globalMatch.length; i++) {\n nonGlobalRegex = new RegExp(regex)\n nonGlobalMatch = globalMatch[i].match(nonGlobalRegex)\n matchArray.push(nonGlobalMatch[1])\n }\n return matchArray\n}\n\nfunction generateCSRSubject(options) {\n options = options || {}\n\n var csrData = {\n C: options.country || options.C,\n ST: options.state || options.ST,\n L: options.locality || options.L,\n O: options.organization || options.O,\n OU: options.organizationUnit || options.OU,\n CN: options.commonName || options.CN || 'localhost',\n DC: options.dc || options.DC || '',\n emailAddress: options.emailAddress\n }\n\n var csrBuilder = Object.keys(csrData).map(function (key) {\n if (csrData[key]) {\n if (typeof csrData[key] === 'object' && csrData[key].length >= 1) {\n var tmpStr = ''\n csrData[key].map(function (o) {\n tmpStr += '/' + key + '=' + o.replace(/[^\\w\\s-!$%^&*()_+|~=`{}[\\]:/;<>?,.@#]+/g, ' ').replace('/', '\\\\/').replace('+', '\\\\+').trim()\n })\n return tmpStr\n } else {\n return '/' + key + '=' + csrData[key].replace(/[^\\w\\s-!$%^&*()_+|~=`{}[\\]:/;<>?,.@#]+/g, ' ').replace('/', '\\\\/').replace('+', '\\\\+').trim()\n }\n }\n })\n\n return csrBuilder.join('')\n}\n\nfunction readFromString(string, start, end) {\n if (Buffer.isBuffer(string)) {\n string = string.toString('utf8')\n }\n\n var output = []\n\n if (!string) {\n return output\n }\n\n var offset = string.indexOf(start)\n\n while (offset !== -1) {\n string = string.substring(offset)\n\n var endOffset = string.indexOf(end)\n\n if (endOffset === -1) {\n break\n }\n\n endOffset += end.length\n\n output.push(string.substring(0, endOffset))\n offset = string.indexOf(start, endOffset)\n }\n\n return output\n}\n\n// promisify not tested yet\n/**\n * Verifies the signing chain of the passed certificate\n * @namespace\n * @name promisified\n * @property {function} createPrivateKey @see createPrivateKey\n * @property {function} createDhparam - The default number of players.\n * @property {function} createEcparam - The default level for the party.\n * @property {function} createCSR - The default treasure.\n * @property {function} createCertificate - How much gold the party starts with.\n */\nmodule.exports.promisified = {\n createPrivateKey: promisify(createPrivateKey),\n createDhparam: promisify(createDhparam),\n createEcparam: promisify(createEcparam),\n createCSR: promisify(createCSR),\n createCertificate: promisify(createCertificate),\n readCertificateInfo: promisify(readCertificateInfo),\n getPublicKey: promisify(getPublicKey),\n getFingerprint: promisify(getFingerprint),\n getModulus: promisify(getModulus),\n getDhparamInfo: promisify(getDhparamInfo),\n createPkcs12: promisify(createPkcs12),\n readPkcs12: promisify(readPkcs12),\n verifySigningChain: promisify(verifySigningChain),\n checkCertificate: promisify(checkCertificate),\n checkPkcs12: promisify(checkPkcs12)\n}\n","// The module cache\nvar __webpack_module_cache__ = {};\n\n// The require function\nfunction __webpack_require__(moduleId) {\n\t// Check if module is in cache\n\tvar cachedModule = __webpack_module_cache__[moduleId];\n\tif (cachedModule !== undefined) {\n\t\treturn cachedModule.exports;\n\t}\n\t// Create a new module (and put it into the cache)\n\tvar module = __webpack_module_cache__[moduleId] = {\n\t\t// no module.id needed\n\t\t// no module.loaded needed\n\t\texports: {}\n\t};\n\n\t// Execute the module function\n\tvar threw = true;\n\ttry {\n\t\t__webpack_modules__[moduleId](module, module.exports, __webpack_require__);\n\t\tthrew = false;\n\t} finally {\n\t\tif(threw) delete __webpack_module_cache__[moduleId];\n\t}\n\n\t// Return the exports of the module\n\treturn module.exports;\n}\n\n","\nif (typeof __webpack_require__ !== 'undefined') __webpack_require__.ab = __dirname + \"/\";","","// startup\n// Load entry module and return exports\n// This entry module used 'module' so it can't be inlined\nvar __webpack_exports__ = __webpack_require__(214);\n",""],"names":[],"sourceRoot":""} \ No newline at end of file +{"version":3,"file":"index.js","mappings":";;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AChCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC/FA;;;;;;;;ACAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACpBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACxDA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACxCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACzCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC/JA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACxBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AC5HA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;;;;;;;;ACAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;ACzRA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;ACVA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;AC1IA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;AClSA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;AC9+CA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;AC7BA;AACA;;;;AEDA;AACA;AACA;AACA","sources":["../webpack://pem/./node_modules/charenc/charenc.js","../webpack://pem/./node_modules/crypt/crypt.js","../webpack://pem/./node_modules/es6-promisify/dist/promisify.js","../webpack://pem/./node_modules/is-buffer/index.js","../webpack://pem/./node_modules/isexe/index.js","../webpack://pem/./node_modules/isexe/mode.js","../webpack://pem/./node_modules/isexe/windows.js","../webpack://pem/./node_modules/md5/md5.js","../webpack://pem/./node_modules/os-tmpdir/index.js","../webpack://pem/./node_modules/which/which.js","../webpack://pem/external node-commonjs \"child_process\"","../webpack://pem/external node-commonjs \"crypto\"","../webpack://pem/external node-commonjs \"fs\"","../webpack://pem/external node-commonjs \"net\"","../webpack://pem/external node-commonjs \"path\"","../webpack://pem/./lib/convert.js","../webpack://pem/./lib/debug.js","../webpack://pem/./lib/helper.js","../webpack://pem/./lib/openssl.js","../webpack://pem/./lib/pem.js","../webpack://pem/webpack/bootstrap","../webpack://pem/webpack/runtime/compat","../webpack://pem/webpack/before-startup","../webpack://pem/webpack/startup","../webpack://pem/webpack/after-startup"],"sourcesContent":["var charenc = {\n // UTF-8 encoding\n utf8: {\n // Convert a string to a byte array\n stringToBytes: function(str) {\n return charenc.bin.stringToBytes(unescape(encodeURIComponent(str)));\n },\n\n // Convert a byte array to a string\n bytesToString: function(bytes) {\n return decodeURIComponent(escape(charenc.bin.bytesToString(bytes)));\n }\n },\n\n // Binary encoding\n bin: {\n // Convert a string to a byte array\n stringToBytes: function(str) {\n for (var bytes = [], i = 0; i < str.length; i++)\n bytes.push(str.charCodeAt(i) & 0xFF);\n return bytes;\n },\n\n // Convert a byte array to a string\n bytesToString: function(bytes) {\n for (var str = [], i = 0; i < bytes.length; i++)\n str.push(String.fromCharCode(bytes[i]));\n return str.join('');\n }\n }\n};\n\nmodule.exports = charenc;\n","(function() {\n var base64map\n = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/',\n\n crypt = {\n // Bit-wise rotation left\n rotl: function(n, b) {\n return (n << b) | (n >>> (32 - b));\n },\n\n // Bit-wise rotation right\n rotr: function(n, b) {\n return (n << (32 - b)) | (n >>> b);\n },\n\n // Swap big-endian to little-endian and vice versa\n endian: function(n) {\n // If number given, swap endian\n if (n.constructor == Number) {\n return crypt.rotl(n, 8) & 0x00FF00FF | crypt.rotl(n, 24) & 0xFF00FF00;\n }\n\n // Else, assume array and swap all items\n for (var i = 0; i < n.length; i++)\n n[i] = crypt.endian(n[i]);\n return n;\n },\n\n // Generate an array of any length of random bytes\n randomBytes: function(n) {\n for (var bytes = []; n > 0; n--)\n bytes.push(Math.floor(Math.random() * 256));\n return bytes;\n },\n\n // Convert a byte array to big-endian 32-bit words\n bytesToWords: function(bytes) {\n for (var words = [], i = 0, b = 0; i < bytes.length; i++, b += 8)\n words[b >>> 5] |= bytes[i] << (24 - b % 32);\n return words;\n },\n\n // Convert big-endian 32-bit words to a byte array\n wordsToBytes: function(words) {\n for (var bytes = [], b = 0; b < words.length * 32; b += 8)\n bytes.push((words[b >>> 5] >>> (24 - b % 32)) & 0xFF);\n return bytes;\n },\n\n // Convert a byte array to a hex string\n bytesToHex: function(bytes) {\n for (var hex = [], i = 0; i < bytes.length; i++) {\n hex.push((bytes[i] >>> 4).toString(16));\n hex.push((bytes[i] & 0xF).toString(16));\n }\n return hex.join('');\n },\n\n // Convert a hex string to a byte array\n hexToBytes: function(hex) {\n for (var bytes = [], c = 0; c < hex.length; c += 2)\n bytes.push(parseInt(hex.substr(c, 2), 16));\n return bytes;\n },\n\n // Convert a byte array to a base-64 string\n bytesToBase64: function(bytes) {\n for (var base64 = [], i = 0; i < bytes.length; i += 3) {\n var triplet = (bytes[i] << 16) | (bytes[i + 1] << 8) | bytes[i + 2];\n for (var j = 0; j < 4; j++)\n if (i * 8 + j * 6 <= bytes.length * 8)\n base64.push(base64map.charAt((triplet >>> 6 * (3 - j)) & 0x3F));\n else\n base64.push('=');\n }\n return base64.join('');\n },\n\n // Convert a base-64 string to a byte array\n base64ToBytes: function(base64) {\n // Remove non-base-64 characters\n base64 = base64.replace(/[^A-Z0-9+\\/]/ig, '');\n\n for (var bytes = [], i = 0, imod4 = 0; i < base64.length;\n imod4 = ++i % 4) {\n if (imod4 == 0) continue;\n bytes.push(((base64map.indexOf(base64.charAt(i - 1))\n & (Math.pow(2, -2 * imod4 + 8) - 1)) << (imod4 * 2))\n | (base64map.indexOf(base64.charAt(i)) >>> (6 - imod4 * 2)));\n }\n return bytes;\n }\n };\n\n module.exports = crypt;\n})();\n","\"use strict\";Object.defineProperty(exports,\"__esModule\",{value:!0}),exports.promisify=promisify;var customArgumentsToken=\"__ES6-PROMISIFY--CUSTOM-ARGUMENTS__\";function promisify(a){if(\"function\"!=typeof a)throw new TypeError(\"Argument to promisify must be a function\");var b=a[customArgumentsToken],c=promisify.Promise||Promise;if(\"function\"!=typeof c)throw new Error(\"No Promise implementation found; do you need a polyfill?\");return function(){for(var d=this,e=arguments.length,f=Array(e),g=0;g\n * @license MIT\n */\n\n// The _isBuffer check is for Safari 5-7 support, because it's missing\n// Object.prototype.constructor. Remove this eventually\nmodule.exports = function (obj) {\n return obj != null && (isBuffer(obj) || isSlowBuffer(obj) || !!obj._isBuffer)\n}\n\nfunction isBuffer (obj) {\n return !!obj.constructor && typeof obj.constructor.isBuffer === 'function' && obj.constructor.isBuffer(obj)\n}\n\n// For Node v0.10 support. Remove this eventually.\nfunction isSlowBuffer (obj) {\n return typeof obj.readFloatLE === 'function' && typeof obj.slice === 'function' && isBuffer(obj.slice(0, 0))\n}\n","var fs = require('fs')\nvar core\nif (process.platform === 'win32' || global.TESTING_WINDOWS) {\n core = require('./windows.js')\n} else {\n core = require('./mode.js')\n}\n\nmodule.exports = isexe\nisexe.sync = sync\n\nfunction isexe (path, options, cb) {\n if (typeof options === 'function') {\n cb = options\n options = {}\n }\n\n if (!cb) {\n if (typeof Promise !== 'function') {\n throw new TypeError('callback not provided')\n }\n\n return new Promise(function (resolve, reject) {\n isexe(path, options || {}, function (er, is) {\n if (er) {\n reject(er)\n } else {\n resolve(is)\n }\n })\n })\n }\n\n core(path, options || {}, function (er, is) {\n // ignore EACCES because that just means we aren't allowed to run it\n if (er) {\n if (er.code === 'EACCES' || options && options.ignoreErrors) {\n er = null\n is = false\n }\n }\n cb(er, is)\n })\n}\n\nfunction sync (path, options) {\n // my kingdom for a filtered catch\n try {\n return core.sync(path, options || {})\n } catch (er) {\n if (options && options.ignoreErrors || er.code === 'EACCES') {\n return false\n } else {\n throw er\n }\n }\n}\n","module.exports = isexe\nisexe.sync = sync\n\nvar fs = require('fs')\n\nfunction isexe (path, options, cb) {\n fs.stat(path, function (er, stat) {\n cb(er, er ? false : checkStat(stat, options))\n })\n}\n\nfunction sync (path, options) {\n return checkStat(fs.statSync(path), options)\n}\n\nfunction checkStat (stat, options) {\n return stat.isFile() && checkMode(stat, options)\n}\n\nfunction checkMode (stat, options) {\n var mod = stat.mode\n var uid = stat.uid\n var gid = stat.gid\n\n var myUid = options.uid !== undefined ?\n options.uid : process.getuid && process.getuid()\n var myGid = options.gid !== undefined ?\n options.gid : process.getgid && process.getgid()\n\n var u = parseInt('100', 8)\n var g = parseInt('010', 8)\n var o = parseInt('001', 8)\n var ug = u | g\n\n var ret = (mod & o) ||\n (mod & g) && gid === myGid ||\n (mod & u) && uid === myUid ||\n (mod & ug) && myUid === 0\n\n return ret\n}\n","module.exports = isexe\nisexe.sync = sync\n\nvar fs = require('fs')\n\nfunction checkPathExt (path, options) {\n var pathext = options.pathExt !== undefined ?\n options.pathExt : process.env.PATHEXT\n\n if (!pathext) {\n return true\n }\n\n pathext = pathext.split(';')\n if (pathext.indexOf('') !== -1) {\n return true\n }\n for (var i = 0; i < pathext.length; i++) {\n var p = pathext[i].toLowerCase()\n if (p && path.substr(-p.length).toLowerCase() === p) {\n return true\n }\n }\n return false\n}\n\nfunction checkStat (stat, path, options) {\n if (!stat.isSymbolicLink() && !stat.isFile()) {\n return false\n }\n return checkPathExt(path, options)\n}\n\nfunction isexe (path, options, cb) {\n fs.stat(path, function (er, stat) {\n cb(er, er ? false : checkStat(stat, path, options))\n })\n}\n\nfunction sync (path, options) {\n return checkStat(fs.statSync(path), path, options)\n}\n","(function(){\r\n var crypt = require('crypt'),\r\n utf8 = require('charenc').utf8,\r\n isBuffer = require('is-buffer'),\r\n bin = require('charenc').bin,\r\n\r\n // The core\r\n md5 = function (message, options) {\r\n // Convert to byte array\r\n if (message.constructor == String)\r\n if (options && options.encoding === 'binary')\r\n message = bin.stringToBytes(message);\r\n else\r\n message = utf8.stringToBytes(message);\r\n else if (isBuffer(message))\r\n message = Array.prototype.slice.call(message, 0);\r\n else if (!Array.isArray(message) && message.constructor !== Uint8Array)\r\n message = message.toString();\r\n // else, assume byte array already\r\n\r\n var m = crypt.bytesToWords(message),\r\n l = message.length * 8,\r\n a = 1732584193,\r\n b = -271733879,\r\n c = -1732584194,\r\n d = 271733878;\r\n\r\n // Swap endian\r\n for (var i = 0; i < m.length; i++) {\r\n m[i] = ((m[i] << 8) | (m[i] >>> 24)) & 0x00FF00FF |\r\n ((m[i] << 24) | (m[i] >>> 8)) & 0xFF00FF00;\r\n }\r\n\r\n // Padding\r\n m[l >>> 5] |= 0x80 << (l % 32);\r\n m[(((l + 64) >>> 9) << 4) + 14] = l;\r\n\r\n // Method shortcuts\r\n var FF = md5._ff,\r\n GG = md5._gg,\r\n HH = md5._hh,\r\n II = md5._ii;\r\n\r\n for (var i = 0; i < m.length; i += 16) {\r\n\r\n var aa = a,\r\n bb = b,\r\n cc = c,\r\n dd = d;\r\n\r\n a = FF(a, b, c, d, m[i+ 0], 7, -680876936);\r\n d = FF(d, a, b, c, m[i+ 1], 12, -389564586);\r\n c = FF(c, d, a, b, m[i+ 2], 17, 606105819);\r\n b = FF(b, c, d, a, m[i+ 3], 22, -1044525330);\r\n a = FF(a, b, c, d, m[i+ 4], 7, -176418897);\r\n d = FF(d, a, b, c, m[i+ 5], 12, 1200080426);\r\n c = FF(c, d, a, b, m[i+ 6], 17, -1473231341);\r\n b = FF(b, c, d, a, m[i+ 7], 22, -45705983);\r\n a = FF(a, b, c, d, m[i+ 8], 7, 1770035416);\r\n d = FF(d, a, b, c, m[i+ 9], 12, -1958414417);\r\n c = FF(c, d, a, b, m[i+10], 17, -42063);\r\n b = FF(b, c, d, a, m[i+11], 22, -1990404162);\r\n a = FF(a, b, c, d, m[i+12], 7, 1804603682);\r\n d = FF(d, a, b, c, m[i+13], 12, -40341101);\r\n c = FF(c, d, a, b, m[i+14], 17, -1502002290);\r\n b = FF(b, c, d, a, m[i+15], 22, 1236535329);\r\n\r\n a = GG(a, b, c, d, m[i+ 1], 5, -165796510);\r\n d = GG(d, a, b, c, m[i+ 6], 9, -1069501632);\r\n c = GG(c, d, a, b, m[i+11], 14, 643717713);\r\n b = GG(b, c, d, a, m[i+ 0], 20, -373897302);\r\n a = GG(a, b, c, d, m[i+ 5], 5, -701558691);\r\n d = GG(d, a, b, c, m[i+10], 9, 38016083);\r\n c = GG(c, d, a, b, m[i+15], 14, -660478335);\r\n b = GG(b, c, d, a, m[i+ 4], 20, -405537848);\r\n a = GG(a, b, c, d, m[i+ 9], 5, 568446438);\r\n d = GG(d, a, b, c, m[i+14], 9, -1019803690);\r\n c = GG(c, d, a, b, m[i+ 3], 14, -187363961);\r\n b = GG(b, c, d, a, m[i+ 8], 20, 1163531501);\r\n a = GG(a, b, c, d, m[i+13], 5, -1444681467);\r\n d = GG(d, a, b, c, m[i+ 2], 9, -51403784);\r\n c = GG(c, d, a, b, m[i+ 7], 14, 1735328473);\r\n b = GG(b, c, d, a, m[i+12], 20, -1926607734);\r\n\r\n a = HH(a, b, c, d, m[i+ 5], 4, -378558);\r\n d = HH(d, a, b, c, m[i+ 8], 11, -2022574463);\r\n c = HH(c, d, a, b, m[i+11], 16, 1839030562);\r\n b = HH(b, c, d, a, m[i+14], 23, -35309556);\r\n a = HH(a, b, c, d, m[i+ 1], 4, -1530992060);\r\n d = HH(d, a, b, c, m[i+ 4], 11, 1272893353);\r\n c = HH(c, d, a, b, m[i+ 7], 16, -155497632);\r\n b = HH(b, c, d, a, m[i+10], 23, -1094730640);\r\n a = HH(a, b, c, d, m[i+13], 4, 681279174);\r\n d = HH(d, a, b, c, m[i+ 0], 11, -358537222);\r\n c = HH(c, d, a, b, m[i+ 3], 16, -722521979);\r\n b = HH(b, c, d, a, m[i+ 6], 23, 76029189);\r\n a = HH(a, b, c, d, m[i+ 9], 4, -640364487);\r\n d = HH(d, a, b, c, m[i+12], 11, -421815835);\r\n c = HH(c, d, a, b, m[i+15], 16, 530742520);\r\n b = HH(b, c, d, a, m[i+ 2], 23, -995338651);\r\n\r\n a = II(a, b, c, d, m[i+ 0], 6, -198630844);\r\n d = II(d, a, b, c, m[i+ 7], 10, 1126891415);\r\n c = II(c, d, a, b, m[i+14], 15, -1416354905);\r\n b = II(b, c, d, a, m[i+ 5], 21, -57434055);\r\n a = II(a, b, c, d, m[i+12], 6, 1700485571);\r\n d = II(d, a, b, c, m[i+ 3], 10, -1894986606);\r\n c = II(c, d, a, b, m[i+10], 15, -1051523);\r\n b = II(b, c, d, a, m[i+ 1], 21, -2054922799);\r\n a = II(a, b, c, d, m[i+ 8], 6, 1873313359);\r\n d = II(d, a, b, c, m[i+15], 10, -30611744);\r\n c = II(c, d, a, b, m[i+ 6], 15, -1560198380);\r\n b = II(b, c, d, a, m[i+13], 21, 1309151649);\r\n a = II(a, b, c, d, m[i+ 4], 6, -145523070);\r\n d = II(d, a, b, c, m[i+11], 10, -1120210379);\r\n c = II(c, d, a, b, m[i+ 2], 15, 718787259);\r\n b = II(b, c, d, a, m[i+ 9], 21, -343485551);\r\n\r\n a = (a + aa) >>> 0;\r\n b = (b + bb) >>> 0;\r\n c = (c + cc) >>> 0;\r\n d = (d + dd) >>> 0;\r\n }\r\n\r\n return crypt.endian([a, b, c, d]);\r\n };\r\n\r\n // Auxiliary functions\r\n md5._ff = function (a, b, c, d, x, s, t) {\r\n var n = a + (b & c | ~b & d) + (x >>> 0) + t;\r\n return ((n << s) | (n >>> (32 - s))) + b;\r\n };\r\n md5._gg = function (a, b, c, d, x, s, t) {\r\n var n = a + (b & d | c & ~d) + (x >>> 0) + t;\r\n return ((n << s) | (n >>> (32 - s))) + b;\r\n };\r\n md5._hh = function (a, b, c, d, x, s, t) {\r\n var n = a + (b ^ c ^ d) + (x >>> 0) + t;\r\n return ((n << s) | (n >>> (32 - s))) + b;\r\n };\r\n md5._ii = function (a, b, c, d, x, s, t) {\r\n var n = a + (c ^ (b | ~d)) + (x >>> 0) + t;\r\n return ((n << s) | (n >>> (32 - s))) + b;\r\n };\r\n\r\n // Package private blocksize\r\n md5._blocksize = 16;\r\n md5._digestsize = 16;\r\n\r\n module.exports = function (message, options) {\r\n if (message === undefined || message === null)\r\n throw new Error('Illegal argument ' + message);\r\n\r\n var digestbytes = crypt.wordsToBytes(md5(message, options));\r\n return options && options.asBytes ? digestbytes :\r\n options && options.asString ? bin.bytesToString(digestbytes) :\r\n crypt.bytesToHex(digestbytes);\r\n };\r\n\r\n})();\r\n","'use strict';\nvar isWindows = process.platform === 'win32';\nvar trailingSlashRe = isWindows ? /[^:]\\\\$/ : /.\\/$/;\n\n// https://github.com/nodejs/node/blob/3e7a14381497a3b73dda68d05b5130563cdab420/lib/os.js#L25-L43\nmodule.exports = function () {\n\tvar path;\n\n\tif (isWindows) {\n\t\tpath = process.env.TEMP ||\n\t\t\tprocess.env.TMP ||\n\t\t\t(process.env.SystemRoot || process.env.windir) + '\\\\temp';\n\t} else {\n\t\tpath = process.env.TMPDIR ||\n\t\t\tprocess.env.TMP ||\n\t\t\tprocess.env.TEMP ||\n\t\t\t'/tmp';\n\t}\n\n\tif (trailingSlashRe.test(path)) {\n\t\tpath = path.slice(0, -1);\n\t}\n\n\treturn path;\n};\n","const isWindows = process.platform === 'win32' ||\n process.env.OSTYPE === 'cygwin' ||\n process.env.OSTYPE === 'msys'\n\nconst path = require('path')\nconst COLON = isWindows ? ';' : ':'\nconst isexe = require('isexe')\n\nconst getNotFoundError = (cmd) =>\n Object.assign(new Error(`not found: ${cmd}`), { code: 'ENOENT' })\n\nconst getPathInfo = (cmd, opt) => {\n const colon = opt.colon || COLON\n\n // If it has a slash, then we don't bother searching the pathenv.\n // just check the file itself, and that's it.\n const pathEnv = cmd.match(/\\//) || isWindows && cmd.match(/\\\\/) ? ['']\n : (\n [\n // windows always checks the cwd first\n ...(isWindows ? [process.cwd()] : []),\n ...(opt.path || process.env.PATH ||\n /* istanbul ignore next: very unusual */ '').split(colon),\n ]\n )\n const pathExtExe = isWindows\n ? opt.pathExt || process.env.PATHEXT || '.EXE;.CMD;.BAT;.COM'\n : ''\n const pathExt = isWindows ? pathExtExe.split(colon) : ['']\n\n if (isWindows) {\n if (cmd.indexOf('.') !== -1 && pathExt[0] !== '')\n pathExt.unshift('')\n }\n\n return {\n pathEnv,\n pathExt,\n pathExtExe,\n }\n}\n\nconst which = (cmd, opt, cb) => {\n if (typeof opt === 'function') {\n cb = opt\n opt = {}\n }\n if (!opt)\n opt = {}\n\n const { pathEnv, pathExt, pathExtExe } = getPathInfo(cmd, opt)\n const found = []\n\n const step = i => new Promise((resolve, reject) => {\n if (i === pathEnv.length)\n return opt.all && found.length ? resolve(found)\n : reject(getNotFoundError(cmd))\n\n const ppRaw = pathEnv[i]\n const pathPart = /^\".*\"$/.test(ppRaw) ? ppRaw.slice(1, -1) : ppRaw\n\n const pCmd = path.join(pathPart, cmd)\n const p = !pathPart && /^\\.[\\\\\\/]/.test(cmd) ? cmd.slice(0, 2) + pCmd\n : pCmd\n\n resolve(subStep(p, i, 0))\n })\n\n const subStep = (p, i, ii) => new Promise((resolve, reject) => {\n if (ii === pathExt.length)\n return resolve(step(i + 1))\n const ext = pathExt[ii]\n isexe(p + ext, { pathExt: pathExtExe }, (er, is) => {\n if (!er && is) {\n if (opt.all)\n found.push(p + ext)\n else\n return resolve(p + ext)\n }\n return resolve(subStep(p, i, ii + 1))\n })\n })\n\n return cb ? step(0).then(res => cb(null, res), cb) : step(0)\n}\n\nconst whichSync = (cmd, opt) => {\n opt = opt || {}\n\n const { pathEnv, pathExt, pathExtExe } = getPathInfo(cmd, opt)\n const found = []\n\n for (let i = 0; i < pathEnv.length; i ++) {\n const ppRaw = pathEnv[i]\n const pathPart = /^\".*\"$/.test(ppRaw) ? ppRaw.slice(1, -1) : ppRaw\n\n const pCmd = path.join(pathPart, cmd)\n const p = !pathPart && /^\\.[\\\\\\/]/.test(cmd) ? cmd.slice(0, 2) + pCmd\n : pCmd\n\n for (let j = 0; j < pathExt.length; j ++) {\n const cur = p + pathExt[j]\n try {\n const is = isexe.sync(cur, { pathExt: pathExtExe })\n if (is) {\n if (opt.all)\n found.push(cur)\n else\n return cur\n }\n } catch (ex) {}\n }\n }\n\n if (opt.all && found.length)\n return found\n\n if (opt.nothrow)\n return null\n\n throw getNotFoundError(cmd)\n}\n\nmodule.exports = which\nwhich.sync = whichSync\n","module.exports = require(\"child_process\");","module.exports = require(\"crypto\");","module.exports = require(\"fs\");","module.exports = require(\"net\");","module.exports = require(\"path\");","'use strict'\n\nvar openssl = require('./openssl.js')\nvar helper = require('./helper.js')\nvar {debug} = require('./debug.js')\n\n// PEM format: .pem, .crt, .cer (!bin), .key\n// base64 encoded; the cert file might also include the private key; so key file is optional\n\n// DER format: .der, .cer (bin)\n// binary encoded format; cannot include key file\n\n// PKCS#7 / P7B format: .p7b, .p7c\n// contains cert and ca chain cert files, but not the key file\n// A PKCS7 certificate is serialized using either PEM or DER format.\n\n// PKCS#12 / PFX format: .pfx, .p12\n// contains all files: key file, cert and ca chain cert files\n\n/**\n * pem convert module\n *\n * @module convert\n */\n\n/**\n * conversion from PEM to DER format\n * if private key is included in PEM encoded file, it won't be included in DER file\n * use this method with type 'rsa' to export private key in that case\n * @param {String} pathIN path of the PEM encoded certificate file\n * @param {String} pathOUT path of the DER encoded certificate file to generate\n * @param {String} [type] type of file, use 'rsa' for key file, 'x509' otherwise or leave this parameter out\n * @param {Function} callback callback method called with error, boolean result\n */\nmodule.exports.PEM2DER = function (pathIN, pathOUT, type, callback) {\n if (!callback && typeof type === 'function') {\n callback = type\n type = 'x509'\n }\n var params = [\n type,\n '-outform',\n 'der',\n '-in',\n pathIN,\n '-out',\n pathOUT\n ]\n openssl.spawnWrapper(params, false, function (error, code) {\n if (error) {\n callback(error)\n } else {\n callback(null, code === 0)\n }\n })\n}\n\n/**\n * conversion from DER to PEM format\n * @param {String} pathIN path of the DER encoded certificate file\n * @param {String} pathOUT path of the PEM encoded certificate file to generate\n * @param {String} [type] type of file, use 'rsa' for key file, 'x509' otherwise or leave this parameter out\n * @param {Function} callback callback method called with error, boolean result\n */\nmodule.exports.DER2PEM = function (pathIN, pathOUT, type, callback) {\n if (!callback && typeof type === 'function') {\n callback = type\n type = 'x509'\n }\n var params = [\n type,\n '-inform',\n 'der',\n '-in',\n pathIN,\n '-out',\n pathOUT\n ]\n openssl.spawnWrapper(params, false, function (error, code) {\n if (error) {\n callback(error)\n } else {\n callback(null, code === 0)\n }\n })\n}\n\n/**\n * conversion from PEM to P7B format\n * @param {Object} pathBundleIN paths of the PEM encoded certificate files ({cert: '...', ca: '...' or ['...', ...]})\n * @param {String} pathOUT path of the P7B encoded certificate file to generate\n * @param {Function} callback callback method called with error, boolean result\n */\nmodule.exports.PEM2P7B = function (pathBundleIN, pathOUT, callback) {\n var params = [\n 'crl2pkcs7',\n '-nocrl',\n '-certfile',\n pathBundleIN.cert,\n '-out',\n pathOUT\n ]\n if (pathBundleIN.ca) {\n if (!Array.isArray(pathBundleIN.ca)) {\n pathBundleIN.ca = [pathBundleIN.ca]\n }\n pathBundleIN.ca.forEach(function (ca) {\n params.push('-certfile')\n params.push(ca)\n })\n }\n openssl.spawnWrapper(params, false, function (error, code) {\n if (error) {\n callback(error)\n } else {\n callback(null, code === 0)\n }\n })\n}\n\n/**\n * conversion from P7B to PEM format\n * @param {String} pathIN path of the P7B encoded certificate file\n * @param {String} pathOUT path of the PEM encoded certificate file to generate\n * @param {Function} callback callback method called with error, boolean result\n */\nmodule.exports.P7B2PEM = function (pathIN, pathOUT, callback) {\n var params = [\n 'pkcs7',\n '-print_certs',\n '-in',\n pathIN,\n '-out',\n pathOUT\n ]\n openssl.spawnWrapper(params, false, function (error, code) {\n if (error) {\n callback(error)\n } else {\n callback(null, code === 0)\n }\n })\n}// TODO: CA also included?\n\n/**\n * conversion from PEM to PFX\n * @param {Object} pathBundleIN paths of the PEM encoded certificate files ({cert: '...', key: '...', ca: '...' or ['...', ...]})\n * @param {String} pathOUT path of the PFX encoded certificate file to generate\n * @param {String} password password to set for accessing the PFX file\n * @param {Function} callback callback method called with error, boolean result\n */\nmodule.exports.PEM2PFX = function (pathBundleIN, pathOUT, password, callback) {\n var params = [\n 'pkcs12',\n '-export',\n '-out',\n pathOUT,\n '-inkey',\n pathBundleIN.key,\n '-in',\n pathBundleIN.cert\n ]\n if (pathBundleIN.ca) {\n if (!Array.isArray(pathBundleIN.ca)) {\n pathBundleIN.ca = [pathBundleIN.ca]\n }\n pathBundleIN.ca.forEach(function (ca) {\n params.push('-certfile')\n params.push(ca)\n })\n }\n var delTempPWFiles = []\n helper.createPasswordFile({ cipher: '', password: password, passType: 'in' }, params, delTempPWFiles)\n helper.createPasswordFile({ cipher: '', password: password, passType: 'out' }, params, delTempPWFiles)\n openssl.spawnWrapper(params, false, function (error, code) {\n function done (error) {\n if (error) {\n callback(error)\n } else {\n callback(null, code === 0)\n }\n }\n helper.deleteTempFiles(delTempPWFiles, function (fsErr) {\n done(error || fsErr)\n })\n })\n}\n\n/**\n * conversion from PFX to PEM\n * @param {Object} pathIN path of the PFX encoded certificate file\n * @param {String} pathOUT path of the PEM encoded certificate file to generate\n * @param {String} password password to set for accessing the PFX file\n * @param {Function} callback callback method called with error, boolean result\n */\nmodule.exports.PFX2PEM = function (pathIN, pathOUT, password, callback) {\n var params = [\n 'pkcs12',\n '-in',\n pathIN,\n '-out',\n pathOUT,\n '-nodes'\n ]\n var delTempPWFiles = []\n helper.createPasswordFile({ cipher: '', password: password, passType: 'in' }, params, delTempPWFiles)\n helper.createPasswordFile({ cipher: '', password: password, passType: 'out' }, params, delTempPWFiles)\n openssl.spawnWrapper(params, false, function (error, code) {\n function done (error) {\n if (error) {\n callback(error)\n } else {\n callback(null, code === 0)\n }\n }\n helper.deleteTempFiles(delTempPWFiles, function (fsErr) {\n done(error || fsErr)\n })\n })\n}\n\n/**\n * conversion from P7B to PFX/PKCS#12\n * @param {Object} pathBundleIN paths of the PEM encoded certificate files ({cert: '...', key: '...', ca: '...' or ['...', ...]})\n * @param {String} pathOUT path of the PFX certificate file to generate\n * @param {String} password password to be set for the PFX file and to be used to access the key file\n * @param {Function} callback callback method called with error, boolean result\n */\nmodule.exports.P7B2PFX = function (pathBundleIN, pathOUT, password, callback) {\n var tmpfile = pathBundleIN.cert.replace(/\\.[^.]+$/, '.cer')\n var params = [\n 'pkcs7',\n '-print_certs',\n '-in',\n pathBundleIN.cert,\n '-out',\n tmpfile\n ]\n openssl.spawnWrapper(params, false, function (error, code) {\n debug(\"P7B2PFX\", {\n error, code\n })\n if (error) {\n callback(error)\n } else {\n var params = [\n 'pkcs12',\n '-export',\n '-in',\n tmpfile,\n '-inkey',\n pathBundleIN.key,\n '-out',\n pathOUT\n ]\n if (pathBundleIN.ca) {\n if (!Array.isArray(pathBundleIN.ca)) {\n pathBundleIN.ca = [pathBundleIN.ca]\n }\n pathBundleIN.ca.forEach(function (ca) {\n params.push('-certfile')\n params.push(ca)\n })\n }\n var delTempPWFiles = [tmpfile]\n helper.createPasswordFile({ cipher: '', password: password, passType: 'in' }, params, delTempPWFiles)\n helper.createPasswordFile({ cipher: '', password: password, passType: 'out' }, params, delTempPWFiles)\n openssl.spawnWrapper(params, false, function (error, code) {\n function done (error) {\n if (error) {\n callback(error)\n } else {\n callback(null, code === 0)\n }\n }\n helper.deleteTempFiles(delTempPWFiles, function (fsErr) {\n done(error || fsErr)\n })\n })\n }\n })\n}\n","function debug (title, content) {\n if (process.env.CI === 'true') {\n console.log(`::group::${title}`)\n console.log(JSON.stringify(content, null, 3))\n console.log('::endgroup::')\n }\n}\n\nmodule.exports = {\n debug: debug\n}\n","'use strict'\r\n\r\nvar pathlib = require('path')\r\nvar fs = require('fs')\r\nvar crypto = require('crypto')\r\nvar osTmpdir = require('os-tmpdir')\r\nvar tempDir = process.env.PEMJS_TMPDIR || osTmpdir()\r\n\r\n/**\r\n * pem helper module\r\n *\r\n * @module helper\r\n */\r\n\r\n/**\r\n * helper function to check is the string a number or not\r\n * @param {String} str String that should be checked to be a number\r\n */\r\nmodule.exports.isNumber = function (str) {\r\n if (Array.isArray(str)) {\r\n return false\r\n }\r\n /*\r\n var bstr = str && str.toString()\r\n str = str + ''\r\n\r\n return bstr - parseFloat(bstr) + 1 >= 0 &&\r\n !/^\\s+|\\s+$/g.test(str) && /^\\d+$/g.test(str) &&\r\n !isNaN(str) && !isNaN(parseFloat(str))\r\n */\r\n return /^\\d+$/g.test(str)\r\n}\r\n\r\n/**\r\n * helper function to check is the string a hexaceximal value\r\n * @param {String} hex String that should be checked to be a hexaceximal\r\n */\r\nmodule.exports.isHex = function isHex (hex) {\r\n return /^(0x){0,1}([0-9A-F]{1,40}|[0-9A-F]{1,40})$/gi.test(hex)\r\n}\r\n\r\n/**\r\n * helper function to convert a string to a hexaceximal value\r\n * @param {String} str String that should be converted to a hexaceximal\r\n */\r\nmodule.exports.toHex = function toHex (str) {\r\n var hex = ''\r\n for (var i = 0; i < str.length; i++) {\r\n hex += '' + str.charCodeAt(i).toString(16)\r\n }\r\n return hex\r\n}\r\n\r\n// cipherPassword returns an array of supported ciphers.\r\n/**\r\n * list of supported ciphers\r\n * @type {Array}\r\n */\r\nmodule.exports.ciphers = ['aes128', 'aes192', 'aes256', 'camellia128', 'camellia192', 'camellia256', 'des', 'des3', 'idea']\r\nvar ciphers = module.exports.ciphers\r\n\r\n/**\r\n * Creates a PasswordFile to hide the password form process infos via `ps auxf` etc.\r\n * @param {Object} options object of cipher, password and passType, mustPass, {cipher:'aes128', password:'xxxx', passType:\"in/out/word\"}, if the object empty we do nothing\r\n * @param {String} options.cipher cipher like 'aes128', 'aes192', 'aes256', 'camellia128', 'camellia192', 'camellia256', 'des', 'des3', 'idea'\r\n * @param {String} options.password password can be empty or at last 4 to 1023 chars\r\n * @param {String} options.passType passType: can be in/out/word for passIN/passOUT/passWORD\r\n * @param {Boolean} options.mustPass mustPass is used when you need to set the pass like as \"-password pass:\" most needed when empty password\r\n * @param {Object} params params will be extended with the data that need for the openssl command. IS USED AS POINTER!\r\n * @param {String} PasswordFileArray PasswordFileArray is an array of filePaths that later need to deleted ,after the openssl command. IS USED AS POINTER!\r\n * @return {Boolean} result\r\n */\r\nmodule.exports.createPasswordFile = function (options, params, PasswordFileArray) {\r\n if (!options || !Object.prototype.hasOwnProperty.call(options, 'password') || !Object.prototype.hasOwnProperty.call(options, 'passType') || !/^(word|in|out)$/.test(options.passType)) {\r\n return false\r\n }\r\n var PasswordFile = pathlib.join(tempDir, crypto.randomBytes(20).toString('hex'))\r\n PasswordFileArray.push(PasswordFile)\r\n options.password = options.password.trim()\r\n if (options.password === '') {\r\n options.mustPass = true\r\n }\r\n if (options.cipher && (ciphers.indexOf(options.cipher) !== -1)) {\r\n params.push('-' + options.cipher)\r\n }\r\n params.push('-pass' + options.passType)\r\n if (options.mustPass) {\r\n params.push('pass:' + options.password)\r\n } else {\r\n fs.writeFileSync(PasswordFile, options.password)\r\n params.push('file:' + PasswordFile)\r\n }\r\n return true\r\n}\r\n\r\n/**\r\n * Deletes a file or an array of files\r\n * @param {Array} files array of files that shoudld be deleted\r\n * @param {errorCallback} callback Callback function with an error object\r\n */\r\nmodule.exports.deleteTempFiles = function (files, callback) {\r\n var rmFiles = []\r\n if (typeof files === 'string') {\r\n rmFiles.push(files)\r\n } else if (Array.isArray(files)) {\r\n rmFiles = files\r\n } else {\r\n return callback(new Error('Unexcepted files parameter type; only string or array supported'))\r\n }\r\n var deleteSeries = function (list, finalCallback) {\r\n if (list.length) {\r\n var file = list.shift()\r\n var myCallback = function (err) {\r\n if (err && err.code === 'ENOENT') {\r\n // file doens't exist\r\n return deleteSeries(list, finalCallback)\r\n } else if (err) {\r\n // other errors, e.g. maybe we don't have enough permission\r\n return finalCallback(err)\r\n } else {\r\n return deleteSeries(list, finalCallback)\r\n }\r\n }\r\n if (file && typeof file === 'string') {\r\n fs.unlink(file, myCallback)\r\n } else {\r\n return deleteSeries(list, finalCallback)\r\n }\r\n } else {\r\n return finalCallback(null) // no errors\r\n }\r\n }\r\n deleteSeries(rmFiles, callback)\r\n}\r\n/**\r\n * Callback for return an error object.\r\n * @callback errorCallback\r\n * @param {Error} err - An Error Object or null\r\n */\n","var helper = require('./helper.js')\nvar {debug} = require('./debug.js')\nvar cpspawn = require('child_process').spawn\nvar spawnSync = require('child_process').spawnSync\nvar pathlib = require('path')\nvar fs = require('fs')\nvar osTmpdir = require('os-tmpdir')\nvar crypto = require('crypto')\nvar which = require('which')\nvar settings = {}\nvar tempDir = process.env.PEMJS_TMPDIR || osTmpdir()\n\nconst versionRegEx = new RegExp('^(OpenSSL|LibreSSL) (((\\\\d+).(\\\\d+)).(\\\\d+))([a-z]+)?')\n\nif (\"CI\" in process.env && process.env.CI === 'true') {\n if (\"LIBRARY\" in process.env && \"VERSION\" in process.env && process.env.LIBRARY != \"\" && process.env.VERSION != \"\") {\n const filePathOpenSSL=`./openssl/${process.env.LIBRARY}_v${process.env.VERSION}/bin/openssl`\n if (fs.existsSync(filePathOpenSSL)) {\n process.env.OPENSSL_BIN = filePathOpenSSL\n }\n }\n}\n\n/**\n * pem openssl module\n *\n * @module openssl\n */\n\n/**\n * configue this openssl module\n *\n * @static\n * @param {String} option name e.g. pathOpenSSL, openSslVersion; TODO rethink nomenclature\n * @param {*} value value\n */\nfunction set(option, value) {\n settings[option] = value\n}\n\n/**\n * get configuration setting value\n *\n * @static\n * @param {String} option name\n */\nfunction get(option) {\n return settings[option] || null\n}\n\n/**\n * Spawn an openssl command\n *\n * @static\n * @param {Array} params Array of openssl command line parameters\n * @param {String} searchStr String to use to find data\n * @param {Array} [tmpfiles] list of temporary files\n * @param {Function} callback Called with (error, stdout-substring)\n */\nfunction exec(params, searchStr, tmpfiles, callback) {\n if (!callback && typeof tmpfiles === 'function') {\n callback = tmpfiles\n tmpfiles = false\n }\n\n spawnWrapper(params, tmpfiles, function (err, code, stdout, stderr) {\n var start, end\n\n if (err) {\n return callback(err)\n }\n\n if ((start = stdout.match(new RegExp('-+BEGIN ' + searchStr + '-+$', 'mu')))) {\n start = start.index\n } else {\n start = -1\n }\n\n // To get the full EC key with parameters and private key\n if (searchStr === 'EC PARAMETERS') {\n searchStr = 'EC PRIVATE KEY'\n }\n\n if ((end = stdout.match(new RegExp('^\\\\-+END ' + searchStr + '\\\\-+', 'm')))) {\n end = end.index + end[0].length\n } else {\n end = -1\n }\n\n if (start >= 0 && end >= 0) {\n return callback(null, stdout.substring(start, end))\n } else {\n return callback(new Error(searchStr + ' not found from openssl output:\\n---stdout---\\n' + stdout + '\\n---stderr---\\n' + stderr + '\\ncode: ' + code))\n }\n })\n}\n\n/**\n * Spawn an openssl command and get binary output\n *\n * @static\n * @param {Array} params Array of openssl command line parameters\n * @param {Array} [tmpfiles] list of temporary files\n * @param {Function} callback Called with (error, stdout)\n */\nfunction execBinary(params, tmpfiles, callback) {\n if (!callback && typeof tmpfiles === 'function') {\n callback = tmpfiles\n tmpfiles = false\n }\n spawnWrapper(params, tmpfiles, true, function (err, code, stdout, stderr) {\n debug(\"execBinary\", {err, code, stdout, stderr})\n if (err) {\n return callback(err)\n }\n return callback(null, stdout)\n })\n}\n\n/**\n * Generically spawn openSSL, without processing the result\n *\n * @static\n * @param {Array} params The parameters to pass to openssl\n * @param {Boolean} binary Output of openssl is binary or text\n * @param {Function} callback Called with (error, exitCode, stdout, stderr)\n */\nfunction spawn(params, binary, callback) {\n var pathBin = get('pathOpenSSL') || process.env.OPENSSL_BIN || 'openssl'\n\n testOpenSSLPath(pathBin, function (err) {\n if (err) {\n return callback(err)\n }\n var openssl = cpspawn(pathBin, params)\n var stderr = ''\n\n var stdout = (binary ? Buffer.alloc(0) : '')\n openssl.stdout.on('data', function (data) {\n if (!binary) {\n stdout += data.toString('binary')\n } else {\n stdout = Buffer.concat([stdout, data])\n }\n })\n\n openssl.stderr.on('data', function (data) {\n stderr += data.toString('binary')\n })\n // We need both the return code and access to all of stdout. Stdout isn't\n // *really* available until the close event fires; the timing nuance was\n // making this fail periodically.\n var needed = 2 // wait for both exit and close.\n var code = -1\n var finished = false\n var done = function (err) {\n if (finished) {\n return\n }\n\n if (err) {\n finished = true\n return callback(err)\n }\n\n if (--needed < 1) {\n finished = true\n if (code !== 0) {\n if (code === 2 && (stderr === '' || /depth lookup: unable to/.test(stderr) || /depth lookup: self(-|\\s)signed certificate/.test(stderr))) {\n return callback(null, code, stdout, stderr)\n }\n return callback(new Error('Invalid openssl exit code: ' + code + '\\n% openssl ' + params.join(' ') + '\\n' + stderr), code)\n } else {\n return callback(null, code, stdout, stderr)\n }\n }\n }\n\n openssl.on('error', done)\n\n openssl.on('exit', function (ret) {\n code = ret\n done()\n })\n\n openssl.on('close', function () {\n stdout = (binary ? stdout : Buffer.from(stdout, 'binary').toString('utf-8'))\n stderr = Buffer.from(stderr, 'binary').toString('utf-8')\n done()\n })\n })\n}\n\n/**\n * Wrapper for spawn method\n *\n * @static\n * @param {Array} params The parameters to pass to openssl\n * @param {Array} [tmpfiles] list of temporary files\n * @param {Boolean} [binary] Output of openssl is binary or text\n * @param {Function} callback Called with (error, exitCode, stdout, stderr)\n */\nfunction spawnWrapper(params, tmpfiles, binary, callback) {\n if (!callback && typeof binary === 'function') {\n callback = binary\n binary = false\n }\n\n var files = []\n var delTempPWFiles = []\n\n if (tmpfiles) {\n tmpfiles = [].concat(tmpfiles)\n var fpath, i\n for (i = 0; i < params.length; i++) {\n if (params[i] === '--TMPFILE--') {\n fpath = pathlib.join(tempDir, crypto.randomBytes(20).toString('hex'))\n files.push({\n path: fpath,\n contents: tmpfiles.shift()\n })\n params[i] = fpath\n delTempPWFiles.push(fpath)\n }\n }\n }\n\n var file\n for (i = 0; i < files.length; i++) {\n file = files[i]\n fs.writeFileSync(file.path, file.contents)\n }\n\n spawn(params, binary, function (err, code, stdout, stderr) {\n helper.deleteTempFiles(delTempPWFiles, function (fsErr) {\n debug(params[0], {\n err: err,\n fsErr: fsErr,\n code: code,\n stdout: stdout,\n stderr: stderr\n })\n callback(err || fsErr, code, stdout, stderr)\n })\n })\n}\n\n/**\n * Validates the pathBin for the openssl command\n *\n * @private\n * @param {String} pathBin The path to OpenSSL Bin\n * @param {Function} callback Callback function with an error object\n */\nfunction testOpenSSLPath(pathBin, callback) {\n which(pathBin, function (error) {\n if (error) {\n return callback(new Error('Could not find openssl on your system on this path: ' + pathBin))\n }\n callback()\n })\n}\n\n/* Once PEM is imported, the openSslVersion is set with this function. */\nfunction setVersion() {\n var pathBin = get('pathOpenSSL') || process.env.OPENSSL_BIN || 'openssl'\n var output = spawnSync(pathBin, ['version'])\n var text = String(output.stdout) + '\\n' + String(output.stderr) + '\\n' + String(output.error)\n let version = versionRegEx.exec(text)\n if (version === null || version.length <= 7) return\n set('openSslVersion', (version[1]).toUpperCase())\n set('Vendor', (version[1]).toUpperCase())\n set('VendorVersion', version[2])\n set('VendorVersionMajorMinor', version[3])\n set('VendorVersionMajor', version[4])\n set('VendorVersionMinor', version[5])\n set('VendorVersionPatch', version[6])\n set('VendorVersionBuildChar', typeof version[7] === 'undefined' ? '' : version[7])\n};\n\nsetVersion();\n\nmodule.exports = {\n exec: exec,\n execBinary: execBinary,\n spawn: spawn,\n spawnWrapper: spawnWrapper,\n settings: settings,\n set: set,\n get: get\n}\n","'use strict'\n\n/**\n * pem module\n *\n * @module pem\n */\nconst {debug} = require('./debug.js')\nconst {promisify} = require('es6-promisify')\nvar net = require('net')\nvar helper = require('./helper.js')\nvar openssl = require('./openssl.js')\nconst hash_md5 = require(\"md5\")\n\nmodule.exports.createPrivateKey = createPrivateKey\nmodule.exports.createDhparam = createDhparam\nmodule.exports.createEcparam = createEcparam\nmodule.exports.createCSR = createCSR\nmodule.exports.createCertificate = createCertificate\nmodule.exports.readCertificateInfo = readCertificateInfo\nmodule.exports.getPublicKey = getPublicKey\nmodule.exports.getFingerprint = getFingerprint\nmodule.exports.getModulus = getModulus\nmodule.exports.getDhparamInfo = getDhparamInfo\nmodule.exports.createPkcs12 = createPkcs12\nmodule.exports.readPkcs12 = readPkcs12\nmodule.exports.verifySigningChain = verifySigningChain\nmodule.exports.checkCertificate = checkCertificate\nmodule.exports.checkPkcs12 = checkPkcs12\nmodule.exports.config = config\n\n/**\n * quick access the convert module\n * @type {module:convert}\n */\nmodule.exports.convert = require('./convert.js')\n\nvar KEY_START = '-----BEGIN PRIVATE KEY-----'\nvar KEY_END = '-----END PRIVATE KEY-----'\nvar RSA_KEY_START = '-----BEGIN RSA PRIVATE KEY-----'\nvar RSA_KEY_END = '-----END RSA PRIVATE KEY-----'\nvar ENCRYPTED_KEY_START = '-----BEGIN ENCRYPTED PRIVATE KEY-----'\nvar ENCRYPTED_KEY_END = '-----END ENCRYPTED PRIVATE KEY-----'\nvar CERT_START = '-----BEGIN CERTIFICATE-----'\nvar CERT_END = '-----END CERTIFICATE-----'\n\n/**\n * Creates a private key\n *\n * @static\n * @param {Number} [keyBitsize=2048] Size of the key, defaults to 2048bit\n * @param {Object} [options] object of cipher and password {cipher:'aes128',password:'xxx'}, defaults empty object\n * @param {String} [options.cipher] string of the cipher for the encryption - needed with password\n * @param {String} [options.password] string of the cipher password for the encryption needed with cipher\n * @param {Function} callback Callback function with an error object and {key}\n */\nfunction createPrivateKey(keyBitsize, options, callback) {\n if (!callback && !options && typeof keyBitsize === 'function') {\n callback = keyBitsize\n keyBitsize = undefined\n options = {}\n } else if (!callback && keyBitsize && typeof options === 'function') {\n callback = options\n options = {}\n }\n\n keyBitsize = Number(keyBitsize) || 2048\n\n var params = ['genrsa']\n\n if (openssl.get('Vendor') === 'OPENSSL' && openssl.get('VendorVersionMajor') >= 3) {\n params.push('-traditional')\n }\n\n var delTempPWFiles = []\n\n if (options && options.cipher && (Number(helper.ciphers.indexOf(options.cipher)) !== -1) && options.password) {\n debug('helper.createPasswordFile', {\n cipher: options.cipher,\n password: options.password,\n passType: 'out'\n })\n helper.createPasswordFile({\n cipher: options.cipher,\n password: options.password,\n passType: 'out'\n }, params, delTempPWFiles)\n }\n\n params.push(keyBitsize)\n\n debug('version', openssl.get('openSslVersion'))\n\n openssl.exec(params, '(RSA |ENCRYPTED |)PRIVATE KEY', function (sslErr, key) {\n function done(err) {\n if (err) {\n return callback(err)\n }\n return callback(null, {\n key: key\n })\n }\n\n helper.deleteTempFiles(delTempPWFiles, function (fsErr) {\n debug('createPrivateKey', {\n sslErr: sslErr,\n fsErr: fsErr,\n key: key,\n keyLength: key && key.length\n })\n done(sslErr || fsErr)\n })\n })\n}\n\n/**\n * Creates a dhparam key\n *\n * @static\n * @param {Number} [keyBitsize=512] Size of the key, defaults to 512bit\n * @param {Function} callback Callback function with an error object and {dhparam}\n */\nfunction createDhparam(keyBitsize, callback) {\n if (!callback && typeof keyBitsize === 'function') {\n callback = keyBitsize\n keyBitsize = undefined\n }\n\n keyBitsize = Number(keyBitsize) || 512\n\n var params = ['dhparam',\n '-outform',\n 'PEM',\n keyBitsize\n ]\n\n openssl.exec(params, 'DH PARAMETERS', function (error, dhparam) {\n if (error) {\n return callback(error)\n }\n return callback(null, {\n dhparam: dhparam\n })\n })\n}\n\n/**\n * Creates a ecparam key\n * @static\n * @param {String} [keyName=secp256k1] Name of the key, defaults to secp256k1\n * @param {String} [paramEnc=explicit] Encoding of the elliptic curve parameters, defaults to explicit\n * @param {Boolean} [noOut=false] This option inhibits the output of the encoded version of the parameters.\n * @param {Function} callback Callback function with an error object and {ecparam}\n */\nfunction createEcparam(keyName, paramEnc, noOut, callback) {\n if (!callback && typeof noOut === 'undefined' && !paramEnc && typeof keyName === 'function') {\n callback = keyName\n keyName = undefined\n } else if (!callback && typeof noOut === 'undefined' && keyName && typeof paramEnc === 'function') {\n callback = paramEnc\n paramEnc = undefined\n } else if (!callback && typeof noOut === 'function' && keyName && paramEnc) {\n callback = noOut\n noOut = undefined\n }\n\n keyName = keyName || 'secp256k1'\n paramEnc = paramEnc || 'explicit'\n noOut = noOut || false\n\n var params = ['ecparam',\n '-name',\n keyName,\n '-genkey',\n '-param_enc',\n paramEnc\n ]\n\n var searchString = 'EC PARAMETERS'\n if (noOut) {\n params.push('-noout')\n searchString = 'EC PRIVATE KEY'\n }\n\n openssl.exec(params, searchString, function (error, ecparam) {\n if (error) {\n return callback(error)\n }\n return callback(null, {\n ecparam: ecparam\n })\n })\n}\n\n/**\n * Creates a Certificate Signing Request\n * If client key is undefined, a new key is created automatically. The used key is included\n * in the callback return as clientKey\n * @static\n * @param {Object} [options] Optional options object\n * @param {String} [options.clientKey] Optional client key to use\n * @param {Number} [options.keyBitsize] If clientKey is undefined, bit size to use for generating a new key (defaults to 2048)\n * @param {String} [options.hash] Hash function to use (either md5 sha1 or sha256, defaults to sha256)\n * @param {String} [options.country] CSR country field\n * @param {String} [options.state] CSR state field\n * @param {String} [options.locality] CSR locality field\n * @param {String} [options.organization] CSR organization field\n * @param {String} [options.organizationUnit] CSR organizational unit field\n * @param {String} [options.commonName='localhost'] CSR common name field\n * @param {String} [options.emailAddress] CSR email address field\n * @param {String} [options.csrConfigFile] CSR config file\n * @param {Array} [options.altNames] is a list of subjectAltNames in the subjectAltName field\n * @param {Function} callback Callback function with an error object and {csr, clientKey}\n */\nfunction createCSR(options, callback) {\n if (!callback && typeof options === 'function') {\n callback = options\n options = undefined\n }\n\n let delTempPWFiles = []\n\n options = options || {}\n\n // http://stackoverflow.com/questions/14089872/why-does-node-js-accept-ip-addresses-in-certificates-only-for-san-not-for-cn\n if (options.commonName && (net.isIPv4(options.commonName) || net.isIPv6(options.commonName))) {\n if (!options.altNames) {\n options.altNames = [options.commonName]\n } else if (options.altNames.indexOf(options.commonName) === -1) {\n options.altNames = options.altNames.concat([options.commonName])\n }\n }\n\n if (!options.clientKey) {\n if (options && (options.password || options.clientKeyPassword)) {\n options.password = options.password || options.clientKeyPassword || ''\n }\n createPrivateKey(options.keyBitsize || 2048, options, function (error, keyData) {\n if (error) {\n return callback(error)\n }\n options.clientKey = keyData.key\n\n createCSR(options, callback)\n })\n return\n }\n\n var params = ['req',\n '-new',\n '-' + (options.hash || 'sha256')\n ]\n\n if (options.csrConfigFile) {\n params.push('-config')\n params.push(options.csrConfigFile)\n } else {\n params.push('-subj')\n params.push(generateCSRSubject(options))\n }\n\n params.push('-key')\n params.push('--TMPFILE--')\n\n var tmpfiles = [options.clientKey]\n var config = null\n\n if (options && (options.password || options.clientKeyPassword)) {\n helper.createPasswordFile({\n cipher: '',\n password: options.password || options.clientKeyPassword,\n passType: 'in'\n }, params, delTempPWFiles)\n }\n\n if (options.altNames && Array.isArray(options.altNames) && options.altNames.length) {\n params.push('-extensions')\n params.push('v3_req')\n params.push('-config')\n params.push('--TMPFILE--')\n var altNamesRep = []\n for (var i = 0; i < options.altNames.length; i++) {\n altNamesRep.push((net.isIP(options.altNames[i]) ? 'IP' : 'DNS') + '.' + (i + 1) + ' = ' + options.altNames[i])\n }\n\n tmpfiles.push(config = [\n '[req]',\n 'req_extensions = v3_req',\n 'distinguished_name = req_distinguished_name',\n '[v3_req]',\n 'subjectAltName = @alt_names',\n '[alt_names]',\n altNamesRep.join('\\n'),\n '[req_distinguished_name]',\n 'commonName = Common Name',\n 'commonName_max = 64'\n ].join('\\n'))\n } else if (options.config) {\n config = options.config\n }\n\n\n if (options.clientKeyPassword) {\n helper.createPasswordFile({\n cipher: '',\n password: options.clientKeyPassword,\n passType: 'in'\n }, params, delTempPWFiles)\n }\n\n openssl.exec(params, 'CERTIFICATE REQUEST', tmpfiles, function (sslErr, data) {\n function done(err) {\n if (err) {\n return callback(err)\n }\n callback(null, {\n csr: data,\n config: config,\n clientKey: options.clientKey\n })\n }\n\n helper.deleteTempFiles(delTempPWFiles, function (fsErr) {\n done(sslErr || fsErr)\n })\n })\n}\n\n/**\n * Creates a certificate based on a CSR. If CSR is not defined, a new one\n * will be generated automatically. For CSR generation all the options values\n * can be used as with createCSR.\n * @static\n * @param {Object} [options] Optional options object\n * @param {String} [options.serviceCertificate] PEM encoded certificate\n * @param {String} [options.serviceKey] Private key for signing the certificate, if not defined a new one is generated\n * @param {String} [options.serviceKeyPassword] Password of the service key\n * @param {Boolean} [options.selfSigned] If set to true and serviceKey is not defined, use clientKey for signing\n * @param {String|Number} [options.serial] Set a serial max. 20 octets - only together with options.serviceCertificate\n * @param {String} [options.serialFile] Set the name of the serial file, without extension. - only together with options.serviceCertificate and never in tandem with options.serial\n * @param {String} [options.hash] Hash function to use (either md5 sha1 or sha256, defaults to sha256)\n * @param {String} [options.csr] CSR for the certificate, if not defined a new one is generated\n * @param {Number} [options.days] Certificate expire time in days\n * @param {String} [options.clientKeyPassword] Password of the client key\n * @param {String} [options.extFile] extension config file - without '-extensions v3_req'\n * @param {String} [options.config] extension config file - with '-extensions v3_req'\n * @param {String} [options.csrConfigFile] CSR config file - only used if no options.csr is provided\n * @param {Array} [options.altNames] is a list of subjectAltNames in the subjectAltName field - only used if no options.csr is provided\n * @param {Function} callback Callback function with an error object and {certificate, csr, clientKey, serviceKey}\n */\nfunction createCertificate(options, callback) {\n if (!callback && typeof options === 'function') {\n callback = options\n options = undefined\n }\n\n options = options || {}\n\n if (!options.csr) {\n createCSR(options, function (error, keyData) {\n if (error) {\n return callback(error)\n }\n options.csr = keyData.csr\n options.config = keyData.config\n options.clientKey = keyData.clientKey\n createCertificate(options, callback)\n })\n return\n }\n\n if (!options.clientKey) {\n options.clientKey = ''\n }\n\n if (!options.serviceKey) {\n if (options.selfSigned) {\n options.serviceKey = options.clientKey\n } else {\n createPrivateKey(options.keyBitsize || 2048, {\n cipher: options.cipher,\n password: options.clientKeyPassword || ''\n }, function (error, keyData) {\n if (error) {\n return callback(error)\n }\n options.serviceKey = keyData.key\n createCertificate(options, callback)\n })\n return\n }\n }\n\n readCertificateInfo(options.csr, function (error2, data2) {\n if (error2) {\n return callback(error2)\n }\n\n var params = ['x509',\n '-req',\n '-' + (options.hash || 'sha256'),\n '-days',\n Number(options.days) || '365',\n '-in',\n '--TMPFILE--'\n ]\n var tmpfiles = [options.csr]\n var delTempPWFiles = []\n\n if (options.serviceCertificate) {\n params.push('-CA')\n params.push('--TMPFILE--')\n params.push('-CAkey')\n params.push('--TMPFILE--')\n if (options.serial) {\n params.push('-set_serial')\n if (helper.isNumber(options.serial)) {\n // set the serial to the max lenth of 20 octets ()\n // A certificate serial number is not decimal conforming. That is the\n // bytes in a serial number do not necessarily map to a printable ASCII\n // character.\n // eg: 0x00 is a valid serial number and can not be represented in a\n // human readable format (atleast one that can be directly mapped to\n // the ACSII table).\n params.push('0x' + ('0000000000000000000000000000000000000000' + options.serial.toString(16)).slice(-40))\n } else {\n if (helper.isHex(options.serial)) {\n if (options.serial.startsWith('0x')) {\n options.serial = options.serial.substring(2, options.serial.length)\n }\n params.push('0x' + ('0000000000000000000000000000000000000000' + options.serial).slice(-40))\n } else {\n params.push('0x' + ('0000000000000000000000000000000000000000' + helper.toHex(options.serial)).slice(-40))\n }\n }\n } else {\n params.push('-CAcreateserial')\n if (options.serialFile) {\n params.push('-CAserial')\n params.push(options.serialFile + '.srl')\n }\n }\n if (options.serviceKeyPassword) {\n helper.createPasswordFile({\n cipher: '',\n password: options.serviceKeyPassword,\n passType: 'in'\n }, params, delTempPWFiles)\n }\n tmpfiles.push(options.serviceCertificate)\n tmpfiles.push(options.serviceKey)\n } else {\n params.push('-signkey')\n params.push('--TMPFILE--')\n if (options.serviceKeyPassword) {\n helper.createPasswordFile({\n cipher: '',\n password: options.serviceKeyPassword,\n passType: 'in'\n }, params, delTempPWFiles)\n }\n tmpfiles.push(options.serviceKey)\n }\n\n if (options.config) {\n params.push('-extensions')\n params.push('v3_req')\n params.push('-extfile')\n params.push('--TMPFILE--')\n tmpfiles.push(options.config)\n } else if (options.extFile) {\n params.push('-extfile')\n params.push(options.extFile)\n } else {\n var altNamesRep = []\n if (data2 && data2.san) {\n for (var i = 0; i < data2.san.dns.length; i++) {\n altNamesRep.push('DNS' + '.' + (i + 1) + ' = ' + data2.san.dns[i])\n }\n for (var i2 = 0; i2 < data2.san.ip.length; i2++) {\n altNamesRep.push('IP' + '.' + (i2 + 1) + ' = ' + data2.san.ip[i2])\n }\n for (var i3 = 0; i3 < data2.san.email.length; i3++) {\n altNamesRep.push('email' + '.' + (i3 + 1) + ' = ' + data2.san.email[i3])\n }\n params.push('-extensions')\n params.push('v3_req')\n params.push('-extfile')\n params.push('--TMPFILE--')\n tmpfiles.push([\n '[v3_req]',\n 'subjectAltName = @alt_names',\n '[alt_names]',\n altNamesRep.join('\\n')\n ].join('\\n'))\n }\n }\n\n if (options.clientKeyPassword) {\n helper.createPasswordFile({\n cipher: '',\n password: options.clientKeyPassword,\n passType: 'in'\n }, params, delTempPWFiles)\n }\n\n openssl.exec(params, 'CERTIFICATE', tmpfiles, function (sslErr, data) {\n function done(err) {\n if (err) {\n return callback(err)\n }\n var response = {\n csr: options.csr,\n clientKey: options.clientKey,\n certificate: data,\n serviceKey: options.serviceKey\n }\n return callback(null, response)\n }\n\n helper.deleteTempFiles(delTempPWFiles, function (fsErr) {\n done(sslErr || fsErr)\n })\n })\n })\n}\n\n/**\n * Exports a public key from a private key, CSR or certificate\n * @static\n * @param {String} certificate PEM encoded private key, CSR or certificate\n * @param {Function} callback Callback function with an error object and {publicKey}\n */\nfunction getPublicKey(certificate, callback) {\n if (!callback && typeof certificate === 'function') {\n callback = certificate\n certificate = undefined\n }\n\n certificate = (certificate || '').toString()\n\n var params\n\n if (certificate.match(/BEGIN(\\sNEW)? CERTIFICATE REQUEST/)) {\n params = ['req',\n '-in',\n '--TMPFILE--',\n '-pubkey',\n '-noout'\n ]\n } else if (certificate.match(/BEGIN RSA PRIVATE KEY/) || certificate.match(/BEGIN PRIVATE KEY/)) {\n params = ['rsa',\n '-in',\n '--TMPFILE--',\n '-pubout'\n ]\n } else {\n params = ['x509',\n '-in',\n '--TMPFILE--',\n '-pubkey',\n '-noout'\n ]\n }\n\n openssl.exec(params, 'PUBLIC KEY', certificate, function (error, key) {\n if (error) {\n return callback(error)\n }\n return callback(null, {\n publicKey: key\n })\n })\n}\n\n/**\n * Reads subject data from a certificate or a CSR\n * @static\n * @param {String} certificate PEM encoded CSR or certificate\n * @param {Function} callback Callback function with an error object and {country, state, locality, organization, organizationUnit, commonName, emailAddress}\n */\nfunction readCertificateInfo(certificate, callback) {\n if (!callback && typeof certificate === 'function') {\n callback = certificate\n certificate = undefined\n }\n\n certificate = (certificate || '').toString()\n var isMatch = certificate.match(/BEGIN(\\sNEW)? CERTIFICATE REQUEST/)\n var type = isMatch ? 'req' : 'x509'\n var params = [type,\n '-noout',\n '-nameopt',\n 'RFC2253,sep_multiline,space_eq,-esc_msb,utf8',\n '-text',\n '-in',\n '--TMPFILE--'\n ]\n openssl.spawnWrapper(params, certificate, function (err, code, stdout, stderr) {\n if (err) {\n return callback(err)\n } else if (stderr) {\n return callback(stderr)\n }\n return fetchCertificateData(stdout, callback)\n })\n}\n\n/**\n * get the modulus from a certificate, a CSR or a private key\n * @static\n * @param {String} certificate PEM encoded, CSR PEM encoded, or private key\n * @param {String} [password] password for the certificate\n * @param {String} [hash] hash function to use (up to now `md5` supported) (default: none)\n * @param {Function} callback Callback function with an error object and {modulus}\n */\nfunction getModulus(certificate, password, hash, callback) {\n if (!callback && !hash && typeof password === 'function') {\n callback = password\n password = undefined\n hash = false\n } else if (!callback && hash && typeof hash === 'function') {\n callback = hash\n hash = false\n // password will be falsy if not provided\n }\n // adding hash function to params, is not supported by openssl.\n // process piping would be the right way (... | openssl md5)\n // No idea how this can be achieved in easy with the current build in methods\n // of pem.\n if (hash && hash !== 'md5') {\n hash = false\n }\n\n certificate = (Buffer.isBuffer(certificate) && certificate.toString()) || certificate\n\n let type\n if (certificate.match(/BEGIN(\\sNEW)? CERTIFICATE REQUEST/)) {\n type = 'req'\n } else if (certificate.match(/BEGIN RSA PRIVATE KEY/) || certificate.match(/BEGIN PRIVATE KEY/)) {\n type = 'rsa'\n } else {\n type = 'x509'\n }\n let params = [\n type,\n '-noout',\n '-modulus',\n '-in',\n '--TMPFILE--'\n ]\n let delTempPWFiles = []\n if (password) {\n helper.createPasswordFile({cipher: '', password: password, passType: 'in'}, params, delTempPWFiles)\n }\n\n openssl.spawnWrapper(params, certificate, function (sslErr, code, stdout, stderr) {\n function done(err) {\n if (err) {\n return callback(err)\n }\n var match = stdout.match(/Modulus=([0-9a-fA-F]+)$/m)\n if (match) {\n if (hash === 'md5') {\n return callback(null, {\n modulus: hash_md5(match[1])\n })\n }\n\n return callback(null, {\n modulus: match[1]\n })\n\n } else {\n return callback(new Error('No modulus'))\n }\n }\n\n helper.deleteTempFiles(delTempPWFiles, function (fsErr) {\n done(sslErr || fsErr || stderr)\n })\n })\n}\n\n/**\n * get the size and prime of DH parameters\n * @static\n * @param {String} dh parameters PEM encoded\n * @param {Function} callback Callback function with an error object and {size, prime}\n */\nfunction getDhparamInfo(dh, callback) {\n dh = (Buffer.isBuffer(dh) && dh.toString()) || dh\n\n var params = [\n 'dhparam',\n '-text',\n '-in',\n '--TMPFILE--'\n ]\n\n openssl.spawnWrapper(params, dh, function (err, code, stdout, stderr) {\n if (err) {\n return callback(err)\n } else if (stderr) {\n return callback(stderr)\n }\n\n var result = {}\n var match = stdout.match(/Parameters: \\((\\d+) bit\\)/)\n\n if (match) {\n result.size = Number(match[1])\n }\n\n var prime = ''\n stdout.split('\\n').forEach(function (line) {\n if (/\\s+([0-9a-f][0-9a-f]:)+[0-9a-f]?[0-9a-f]?/g.test(line)) {\n prime += line.trim()\n }\n })\n\n if (prime) {\n result.prime = prime\n }\n\n if (!match && !prime) {\n return callback(new Error('No DH info found'))\n }\n\n return callback(null, result)\n })\n}\n\n/**\n * config the pem module\n * @static\n * @param {Object} options\n */\nfunction config(options) {\n Object.keys(options).forEach(function (k) {\n openssl.set(k, options[k])\n })\n}\n\n/**\n * Gets the fingerprint for a certificate\n * @static\n * @param {String} certificate PEM encoded certificate\n * @param {String} [hash] hash function to use (either `md5`, `sha1` or `sha256`, defaults to `sha1`)\n * @param {Function} callback Callback function with an error object and {fingerprint}\n */\nfunction getFingerprint(certificate, hash, callback) {\n if (!callback && typeof hash === 'function') {\n callback = hash\n hash = undefined\n }\n\n hash = hash || 'sha1'\n\n var params = ['x509',\n '-in',\n '--TMPFILE--',\n '-fingerprint',\n '-noout',\n '-' + hash\n ]\n\n openssl.spawnWrapper(params, certificate, function (err, code, stdout, stderr) {\n if (err) {\n return callback(err)\n } else if (stderr) {\n return callback(stderr)\n }\n var match = stdout.match(/Fingerprint=([0-9a-fA-F:]+)$/m)\n if (match) {\n return callback(null, {\n fingerprint: match[1]\n })\n } else {\n return callback(new Error('No fingerprint'))\n }\n })\n}\n\n/**\n * Export private key and certificate to a PKCS12 keystore\n * @static\n * @param {String} key PEM encoded private key\n * @param {String} certificate PEM encoded certificate\n * @param {String} password Password of the result PKCS12 file\n * @param {Object} [options] object of cipher and optional client key password {cipher:'aes128', clientKeyPassword: 'xxxx', certFiles: ['file1','file2']}\n * @param {Function} callback Callback function with an error object and {pkcs12}\n */\nfunction createPkcs12(key, certificate, password, options, callback) {\n if (!callback && typeof options === 'function') {\n callback = options\n options = {}\n }\n\n var params = ['pkcs12', '-export']\n var delTempPWFiles = []\n\n if (options.cipher && options.clientKeyPassword) {\n // NOTICE: The password field is needed! self if it is empty.\n // create password file for the import \"-passin\"\n helper.createPasswordFile({\n cipher: options.cipher,\n password: options.clientKeyPassword,\n passType: 'in'\n }, params, delTempPWFiles)\n }\n // NOTICE: The password field is needed! self if it is empty.\n // create password file for the password \"-password\"\n helper.createPasswordFile({cipher: '', password: password, passType: 'word'}, params, delTempPWFiles)\n\n params.push('-in')\n params.push('--TMPFILE--')\n params.push('-inkey')\n params.push('--TMPFILE--')\n\n var tmpfiles = [certificate, key]\n\n if (options.certFiles) {\n tmpfiles.push(options.certFiles.join(''))\n\n params.push('-certfile')\n params.push('--TMPFILE--')\n }\n\n openssl.execBinary(params, tmpfiles, function (sslErr, pkcs12) {\n function done(err) {\n if (err) {\n return callback(err)\n }\n return callback(null, {\n pkcs12: pkcs12\n })\n }\n\n helper.deleteTempFiles(delTempPWFiles, function (fsErr) {\n done(sslErr || fsErr)\n })\n })\n}\n\n/**\n * read sslcert data from Pkcs12 file. Results are provided in callback response in object notation ({cert: .., ca:..., key:...})\n * @static\n * @param {Buffer|String} bufferOrPath Buffer or path to file\n * @param {Object} [options] openssl options\n * @param {Function} callback Called with error object and sslcert bundle object\n */\nfunction readPkcs12(bufferOrPath, options, callback) {\n if (!callback && typeof options === 'function') {\n callback = options\n options = {}\n }\n\n options.p12Password = options.p12Password || ''\n\n var tmpfiles = []\n var delTempPWFiles = []\n var args = ['pkcs12', '-in', bufferOrPath]\n\n helper.createPasswordFile({cipher: '', password: options.p12Password, passType: 'in'}, args, delTempPWFiles)\n\n if (Buffer.isBuffer(bufferOrPath)) {\n tmpfiles = [bufferOrPath]\n args[2] = '--TMPFILE--'\n }\n\n if (openssl.get('Vendor') === \"OPENSSL\" && openssl.get('VendorVersionMajor') >= 3) {\n args.push('-legacy')\n args.push('-traditional')\n }\n\n if (options.clientKeyPassword) {\n helper.createPasswordFile({\n cipher: '',\n password: options.clientKeyPassword,\n passType: 'out'\n }, args, delTempPWFiles)\n } else {\n args.push('-nodes')\n }\n\n openssl.execBinary(args, tmpfiles, function (sslErr, stdout) {\n function done(err) {\n var keybundle = {}\n\n if (err && err.message.indexOf('No such file or directory') !== -1) {\n err.code = 'ENOENT'\n }\n\n if (!err) {\n var certs = readFromString(stdout, CERT_START, CERT_END)\n keybundle.cert = certs.shift()\n keybundle.ca = certs\n keybundle.key = readFromString(stdout, KEY_START, KEY_END).pop()\n\n debug(\"readPkcs12.execBinary - PRIVATE KEY - ?: \", keybundle.key)\n if (keybundle.key) {\n var args = ['rsa'];\n if (openssl.get('Vendor') === \"OPENSSL\" && openssl.get('VendorVersionMajor') >= 3) {\n args.push('-traditional')\n }\n args.push('-in');\n args.push('--TMPFILE--');\n\n // convert to RSA key\n return openssl.exec(args, '(RSA |)PRIVATE KEY', [keybundle.key], function (err, key) {\n if (err) {\n debug(\"readPkcs12.execBinary - PRIVATE KEY convert - error: \", err)\n }\n //debug(\"readPkcs12.execBinary - PRIVATE KEY\", key)\n keybundle.key = key\n\n return callback(err, keybundle)\n })\n }\n\n if (options.clientKeyPassword) {\n keybundle.key = readFromString(stdout, ENCRYPTED_KEY_START, ENCRYPTED_KEY_END).pop()\n debug(\"readPkcs12.execBinary - ENCRYPTED PRIVATE KEY - ?: \", keybundle.key)\n /*return openssl.exec(['rsa', '-in', '--TMPFILE--'], 'RSA PRIVATE KEY', [keybundle.key], function (err, key) {\n if (err) {\n debug(\"readPkcs12.execBinary - ENCRYPTED PRIVATE KEY - error: \", err)\n }\n debug(\"readPkcs12.execBinary - ENCRYPTED PRIVATE KEY\", key)\n keybundle.key = key\n\n return callback(err, keybundle)\n })*/\n } else {\n keybundle.key = readFromString(stdout, RSA_KEY_START, RSA_KEY_END).pop()\n debug(\"readPkcs12.execBinary - RSA PRIVATE KEY - ?: \", keybundle.key)\n /*return openssl.exec(['rsa', '-in', '--TMPFILE--'], 'RSA PRIVATE KEY', [keybundle.key], function (err, key) {\n if (err) {\n debug(\"readPkcs12.execBinary - RSA PRIVATE KEY - error: \", err)\n }\n debug(\"readPkcs12.execBinary - RSA PRIVATE KEY\", key)\n keybundle.key = key\n\n return callback(err, keybundle)\n })*/\n }\n }\n\n return callback(err, keybundle)\n }\n\n helper.deleteTempFiles(delTempPWFiles, function (fsErr) {\n done(sslErr || fsErr)\n })\n })\n}\n\n/**\n * Check a certificate\n * @static\n * @param {String} certificate PEM encoded certificate\n * @param {String} [passphrase] password for the certificate\n * @param {Function} callback Callback function with an error object and a boolean valid\n */\nfunction checkCertificate(certificate, passphrase, callback) {\n var params\n var delTempPWFiles = []\n\n if (!callback && typeof passphrase === 'function') {\n callback = passphrase\n passphrase = undefined\n }\n certificate = (certificate || '').toString()\n\n if (certificate.match(/BEGIN(\\sNEW)? CERTIFICATE REQUEST/)) {\n params = ['req', '-text', '-noout', '-verify', '-in', '--TMPFILE--']\n } else if (certificate.match(/BEGIN RSA PRIVATE KEY/) || certificate.match(/BEGIN PRIVATE KEY/)) {\n params = ['rsa', '-noout', '-check', '-in', '--TMPFILE--']\n } else {\n params = ['x509', '-text', '-noout', '-in', '--TMPFILE--']\n }\n if (passphrase) {\n helper.createPasswordFile({cipher: '', password: passphrase, passType: 'in'}, params, delTempPWFiles)\n }\n\n openssl.spawnWrapper(params, certificate, function (sslErr, code, stdout, stderr) {\n function done(err) {\n\n stdout = stdout && stdout.trim()\n var result\n switch (params[0]) {\n case 'rsa':\n result = /^Rsa key ok$/i.test(stdout)\n break\n default:\n result = /Signature Algorithm/im.test(stdout)\n break\n }\n if (!result) {\n if (openssl.get('Vendor') === \"OPENSSL\" && openssl.get('VendorVersionMajor') >= 3) {\n if (!(stderr && stderr.toString().trim().endsWith('verify OK'))) {\n return callback(new Error(stderr.toString()))\n }\n }\n if (err && err.toString().trim() !== 'verify OK') {\n return callback(err)\n }\n }\n callback(null, result)\n }\n\n helper.deleteTempFiles(delTempPWFiles, function (fsErr) {\n done(sslErr || fsErr || stderr)\n })\n })\n}\n\n/**\n * check a PKCS#12 file (.pfx or.p12)\n * @static\n * @param {Buffer|String} bufferOrPath PKCS#12 certificate\n * @param {String} [passphrase] optional passphrase which will be used to open the keystore\n * @param {Function} callback Callback function with an error object and a boolean valid\n */\nfunction checkPkcs12(bufferOrPath, passphrase, callback) {\n if (!callback && typeof passphrase === 'function') {\n callback = passphrase\n passphrase = ''\n }\n\n var tmpfiles = []\n var delTempPWFiles = []\n var args = ['pkcs12', '-info', '-in', bufferOrPath, '-noout', '-maciter', '-nodes']\n\n helper.createPasswordFile({cipher: '', password: passphrase, passType: 'in'}, args, delTempPWFiles)\n\n if (Buffer.isBuffer(bufferOrPath)) {\n tmpfiles = [bufferOrPath]\n args[3] = '--TMPFILE--'\n }\n\n if (openssl.get('Vendor') === \"OPENSSL\" && openssl.get('VendorVersionMajor') >= 3) {\n args.splice(2, 0, '-legacy');\n }\n\n openssl.spawnWrapper(args, tmpfiles, function (sslErr, code, stdout, stderr) {\n debug('checkPkcs12 error', {\n err: sslErr,\n code: code,\n stdout: stdout,\n stdoutResult: (/MAC verified OK/im.test(stderr) || (!(/MAC verified OK/im.test(stderr)) && !(/Mac verify error/im.test(stderr)))),\n stderr: stderr\n })\n\n function done(err) {\n if (err) {\n return callback(err)\n }\n callback(null, (/MAC verified OK/im.test(stderr) || (!(/MAC verified OK/im.test(stderr)) && !(/Mac verify error/im.test(stderr)))))\n }\n\n helper.deleteTempFiles(delTempPWFiles, function (fsErr) {\n debug('checkPkcs12 clean-up error', {\n sslErr: sslErr,\n fsErr: fsErr,\n code: code,\n stdout: stdout,\n stdoutResult: (/MAC verified OK/im.test(stderr) || (!(/MAC verified OK/im.test(stderr)) && !(/Mac verify error/im.test(stderr)))),\n stderr: stderr\n })\n done(sslErr || fsErr)\n })\n })\n}\n\n/**\n * Verifies the signing chain of the passed certificate\n * @static\n * @param {String|Array} certificate PEM encoded certificate include intermediate certificates\n * The correct order of trust chain must be preserved and should start with Leaf\n * certificate. Example array: [Leaf, Int CA 1, ... , Int CA N, Root CA].\n * @param {String|Array} ca [List] of CA certificates\n * @param {Function} callback Callback function with an error object and a boolean valid\n */\nfunction verifySigningChain(certificate, ca, callback) {\n if (!callback && typeof ca === 'function') {\n callback = ca\n ca = undefined\n }\n if (!Array.isArray(certificate)) {\n certificate = readFromString(certificate, CERT_START, CERT_END)\n }\n if (!Array.isArray(ca) && ca !== undefined) {\n if (ca !== '') {\n ca = [ca]\n }\n }\n\n var params = ['verify']\n var files = []\n\n if (ca !== undefined) {\n // ca certificates\n params.push('-CAfile')\n params.push('--TMPFILE--')\n files.push(ca.join('\\n'))\n }\n // extracting the very first - leaf - cert in chain\n var leaf = certificate.shift()\n\n if (certificate.length > 0) {\n params.push('-untrusted')\n params.push('--TMPFILE--')\n files.push(certificate.join('\\n'))\n }\n\n params.push('--TMPFILE--')\n files.push(leaf)\n\n openssl.spawnWrapper(params, files, function (err, code, stdout, stderr) {\n // OPENSSL 3.x don't use stdout to print the error\n debug('Vendor', openssl.get('Vendor'))\n debug('VendorVersionMajor', openssl.get('VendorVersionMajor'))\n debug('openssl.get(\\'VendorVersionMajor\\') >= 3', openssl.get('VendorVersionMajor') >= 3)\n\n if (openssl.get('Vendor') === \"OPENSSL\" && openssl.get('VendorVersionMajor') >= 3) {\n let openssl30Check = !!(stdout && stdout.trim().includes(\": OK\"));\n\n if (err) {\n debug('verifySigningChain error', {\n err: err,\n code: code,\n stdout: stdout,\n stdoutResult: openssl30Check,\n stderr: stderr\n })\n return callback(err)\n }\n\n debug('verifySigningChain error - use stderr', {\n err: err,\n code: code,\n stdout: stdout.trim(),\n stdoutResult: openssl30Check,\n stderr: stderr.trim()\n })\n return callback(null, openssl30Check)\n }\n // END: OPENSSL 3.x don't use stdout to print the error\n if (err) {\n debug('verifySigningChain error', {\n err: err,\n code: code,\n stdout: stdout,\n stdoutResult: stdout && stdout.trim().slice(-4) === ': OK',\n stderr: stderr\n })\n return callback(err)\n }\n debug('verifySigningChain', {\n err: err,\n code: code,\n stdout: stdout,\n stdoutResult: stdout && stdout.trim().slice(-4) === ': OK',\n stderr: stderr\n })\n callback(null, stdout && stdout.trim().slice(-4) === ': OK')\n })\n}\n\n// HELPER FUNCTIONS\nfunction fetchCertificateData(certData, callback) {\n // try catch : if something will fail in parsing it won't crash the calling code\n try {\n certData = (certData || '').toString()\n\n var serial, subject, tmp, issuer\n var certValues = {\n issuer: {}\n }\n var validity = {}\n var san\n\n var ky, i\n\n // serial\n if ((serial = certData.match(/\\s*Serial Number:\\r?\\n?\\s*([^\\r\\n]*)\\r?\\n\\s*\\b/)) && serial.length > 1) {\n certValues.serial = serial[1]\n }\n\n if ((subject = certData.match(/\\s*Subject:\\r?\\n(\\s*(([a-zA-Z0-9.]+)\\s=\\s[^\\r\\n]+\\r?\\n))*\\s*\\b/)) && subject.length > 1) {\n subject = subject[0]\n tmp = matchAll(subject, /\\s([a-zA-Z0-9.]+)\\s=\\s([^\\r\\n].*)/g)\n if (tmp) {\n for (i = 0; i < tmp.length; i++) {\n ky = tmp[i][1].trim()\n if (ky.match('(C|ST|L|O|OU|CN|emailAddress|DC)') || ky === '') {\n continue\n }\n certValues[ky] = tmp[i][2].trim()\n }\n }\n\n // country\n tmp = subject.match(/\\sC\\s=\\s([^\\r\\n].*?)[\\r\\n]/)\n certValues.country = (tmp && tmp[1]) || ''\n\n // state\n tmp = subject.match(/\\sST\\s=\\s([^\\r\\n].*?)[\\r\\n]/)\n certValues.state = (tmp && tmp[1]) || ''\n\n // locality\n tmp = subject.match(/\\sL\\s=\\s([^\\r\\n].*?)[\\r\\n]/)\n certValues.locality = (tmp && tmp[1]) || ''\n\n // organization\n tmp = matchAll(subject, /\\sO\\s=\\s([^\\r\\n].*)/g)\n certValues.organization = tmp ? (tmp.length > 1 ? tmp.sort(function (t, n) {\n var e = t[1].toUpperCase()\n var r = n[1].toUpperCase()\n return r > e ? -1 : e > r ? 1 : 0\n }).sort(function (t, n) {\n return t[1].length - n[1].length\n }).map(function (t) {\n return t[1]\n }) : tmp[0][1]) : ''\n\n // unit\n tmp = matchAll(subject, /\\sOU\\s=\\s([^\\r\\n].*)/g)\n certValues.organizationUnit = tmp ? (tmp.length > 1 ? tmp.sort(function (t, n) {\n var e = t[1].toUpperCase()\n var r = n[1].toUpperCase()\n return r > e ? -1 : e > r ? 1 : 0\n }).sort(function (t, n) {\n return t[1].length - n[1].length\n }).map(function (t) {\n return t[1]\n }) : tmp[0][1]) : ''\n\n // common name\n tmp = matchAll(subject, /\\sCN\\s=\\s([^\\r\\n].*)/g)\n certValues.commonName = tmp ? (tmp.length > 1 ? tmp.sort(function (t, n) {\n var e = t[1].toUpperCase()\n var r = n[1].toUpperCase()\n return r > e ? -1 : e > r ? 1 : 0\n }).sort(function (t, n) {\n return t[1].length - n[1].length\n }).map(function (t) {\n return t[1]\n }) : tmp[0][1]) : ''\n\n // email\n tmp = matchAll(subject, /emailAddress\\s=\\s([^\\r\\n].*)/g)\n certValues.emailAddress = tmp ? (tmp.length > 1 ? tmp.sort(function (t, n) {\n var e = t[1].toUpperCase()\n var r = n[1].toUpperCase()\n return r > e ? -1 : e > r ? 1 : 0\n }).sort(function (t, n) {\n return t[1].length - n[1].length\n }).map(function (t) {\n return t[1]\n }) : tmp[0][1]) : ''\n\n // DC name\n tmp = matchAll(subject, /\\sDC\\s=\\s([^\\r\\n].*)/g)\n certValues.dc = tmp ? (tmp.length > 1 ? tmp.sort(function (t, n) {\n var e = t[1].toUpperCase()\n var r = n[1].toUpperCase()\n return r > e ? -1 : e > r ? 1 : 0\n }).sort(function (t, n) {\n return t[1].length - n[1].length\n }).map(function (t) {\n return t[1]\n }) : tmp[0][1]) : ''\n }\n\n if ((issuer = certData.match(/\\s*Issuer:\\r?\\n(\\s*([a-zA-Z0-9.]+)\\s=\\s[^\\r\\n].*\\r?\\n)*\\s*\\b/)) && issuer.length > 1) {\n issuer = issuer[0]\n tmp = matchAll(issuer, /\\s([a-zA-Z0-9.]+)\\s=\\s([^\\r\\n].*)/g)\n for (i = 0; i < tmp.length; i++) {\n ky = tmp[i][1].toString()\n if (ky.match('(C|ST|L|O|OU|CN|emailAddress|DC)')) {\n continue\n }\n certValues.issuer[ky] = tmp[i][2].toString()\n }\n\n // country\n tmp = issuer.match(/\\sC\\s=\\s([^\\r\\n].*?)[\\r\\n]/)\n certValues.issuer.country = (tmp && tmp[1]) || ''\n\n // state\n tmp = issuer.match(/\\sST\\s=\\s([^\\r\\n].*?)[\\r\\n]/)\n certValues.issuer.state = (tmp && tmp[1]) || ''\n\n // locality\n tmp = issuer.match(/\\sL\\s=\\s([^\\r\\n].*?)[\\r\\n]/)\n certValues.issuer.locality = (tmp && tmp[1]) || ''\n\n // organization\n tmp = matchAll(issuer, /\\sO\\s=\\s([^\\r\\n].*)/g)\n certValues.issuer.organization = tmp ? (tmp.length > 1 ? tmp.sort(function (t, n) {\n var e = t[1].toUpperCase()\n var r = n[1].toUpperCase()\n return r > e ? -1 : e > r ? 1 : 0\n }).sort(function (t, n) {\n return t[1].length - n[1].length\n }).map(function (t) {\n return t[1]\n }) : tmp[0][1]) : ''\n\n // unit\n tmp = matchAll(issuer, /\\sOU\\s=\\s([^\\r\\n].*)/g)\n certValues.issuer.organizationUnit = tmp ? (tmp.length > 1 ? tmp.sort(function (t, n) {\n var e = t[1].toUpperCase()\n var\n r = n[1].toUpperCase()\n return r > e ? -1 : e > r ? 1 : 0\n }).sort(function (t, n) {\n return t[1].length - n[1].length\n }).map(function (t) {\n return t[1]\n }) : tmp[0][1]) : ''\n\n // common name\n tmp = matchAll(issuer, /\\sCN\\s=\\s([^\\r\\n].*)/g)\n certValues.issuer.commonName = tmp ? (tmp.length > 1 ? tmp.sort(function (t, n) {\n var e = t[1].toUpperCase()\n var\n r = n[1].toUpperCase()\n return r > e ? -1 : e > r ? 1 : 0\n }).sort(function (t, n) {\n return t[1].length - n[1].length\n }).map(function (t) {\n return t[1]\n }) : tmp[0][1]) : ''\n\n // DC name\n tmp = matchAll(issuer, /\\sDC\\s=\\s([^\\r\\n].*)/g)\n certValues.issuer.dc = tmp ? (tmp.length > 1 ? tmp.sort(function (t, n) {\n var e = t[1].toUpperCase()\n var\n r = n[1].toUpperCase()\n return r > e ? -1 : e > r ? 1 : 0\n }).sort(function (t, n) {\n return t[1].length - n[1].length\n }).map(function (t) {\n return t[1]\n }) : tmp[0][1]) : ''\n }\n\n // SAN\n if ((san = certData.match(/X509v3 Subject Alternative Name: \\r?\\n([^\\r\\n]*)\\r?\\n/)) && san.length > 1) {\n san = san[1].trim() + '\\n'\n certValues.san = {}\n\n // hostnames\n tmp = pregMatchAll('DNS:([^,\\\\r\\\\n].*?)[,\\\\r\\\\n\\\\s]', san)\n certValues.san.dns = tmp || ''\n\n // IP-Addresses IPv4 & IPv6\n tmp = pregMatchAll('IP Address:([^,\\\\r\\\\n].*?)[,\\\\r\\\\n\\\\s]', san)\n certValues.san.ip = tmp || ''\n\n // Email Addresses\n tmp = pregMatchAll('email:([^,\\\\r\\\\n].*?)[,\\\\r\\\\n\\\\s]', san)\n certValues.san.email = tmp || ''\n }\n\n // Validity\n if ((tmp = certData.match(/Not Before\\s?:\\s?([^\\r\\n]*)\\r?\\n/)) && tmp.length > 1) {\n validity.start = Date.parse((tmp && tmp[1]) || '')\n }\n\n if ((tmp = certData.match(/Not After\\s?:\\s?([^\\r\\n]*)\\r?\\n/)) && tmp.length > 1) {\n validity.end = Date.parse((tmp && tmp[1]) || '')\n }\n\n if (validity.start && validity.end) {\n certValues.validity = validity\n }\n // Validity end\n\n // Signature Algorithm\n if ((tmp = certData.match(/Signature Algorithm: ([^\\r\\n]*)\\r?\\n/)) && tmp.length > 1) {\n certValues.signatureAlgorithm = (tmp && tmp[1]) || ''\n }\n\n // Public Key\n if ((tmp = certData.match(/Public[ -]Key: ([^\\r\\n]*)\\r?\\n/)) && tmp.length > 1) {\n certValues.publicKeySize = ((tmp && tmp[1]) || '').replace(/[()]/g, '')\n }\n\n // Public Key Algorithm\n if ((tmp = certData.match(/Public Key Algorithm: ([^\\r\\n]*)\\r?\\n/)) && tmp.length > 1) {\n certValues.publicKeyAlgorithm = (tmp && tmp[1]) || ''\n }\n\n callback(null, certValues)\n } catch (err) {\n callback(err)\n }\n}\n\nfunction matchAll(str, regexp) {\n var matches = []\n str.replace(regexp, function () {\n var arr = ([]).slice.call(arguments, 0)\n var extras = arr.splice(-2)\n arr.index = extras[0]\n arr.input = extras[1]\n matches.push(arr)\n })\n return matches.length ? matches : null\n}\n\nfunction pregMatchAll(regex, haystack) {\n var globalRegex = new RegExp(regex, 'g')\n var globalMatch = haystack.match(globalRegex) || []\n var matchArray = []\n var nonGlobalRegex, nonGlobalMatch\n for (var i = 0; i < globalMatch.length; i++) {\n nonGlobalRegex = new RegExp(regex)\n nonGlobalMatch = globalMatch[i].match(nonGlobalRegex)\n matchArray.push(nonGlobalMatch[1])\n }\n return matchArray\n}\n\nfunction generateCSRSubject(options) {\n options = options || {}\n\n var csrData = {\n C: options.country || options.C,\n ST: options.state || options.ST,\n L: options.locality || options.L,\n O: options.organization || options.O,\n OU: options.organizationUnit || options.OU,\n CN: options.commonName || options.CN || 'localhost',\n DC: options.dc || options.DC || '',\n emailAddress: options.emailAddress\n }\n\n var csrBuilder = Object.keys(csrData).map(function (key) {\n if (csrData[key]) {\n if (typeof csrData[key] === 'object' && csrData[key].length >= 1) {\n var tmpStr = ''\n csrData[key].map(function (o) {\n tmpStr += '/' + key + '=' + o.replace(/[^\\w\\s-!$%^&*()_+|~=`{}[\\]:/;<>?,.@#]+/g, ' ').replace('/', '\\\\/').replace('+', '\\\\+').trim()\n })\n return tmpStr\n } else {\n return '/' + key + '=' + csrData[key].replace(/[^\\w\\s-!$%^&*()_+|~=`{}[\\]:/;<>?,.@#]+/g, ' ').replace('/', '\\\\/').replace('+', '\\\\+').trim()\n }\n }\n })\n\n return csrBuilder.join('')\n}\n\nfunction readFromString(string, start, end) {\n if (Buffer.isBuffer(string)) {\n string = string.toString('utf8')\n }\n\n var output = []\n\n if (!string) {\n return output\n }\n\n var offset = string.indexOf(start)\n\n while (offset !== -1) {\n string = string.substring(offset)\n\n var endOffset = string.indexOf(end)\n\n if (endOffset === -1) {\n break\n }\n\n endOffset += end.length\n\n output.push(string.substring(0, endOffset))\n offset = string.indexOf(start, endOffset)\n }\n\n return output\n}\n\n// promisify not tested yet\n/**\n * Verifies the signing chain of the passed certificate\n * @namespace\n * @name promisified\n * @property {function} createPrivateKey @see createPrivateKey\n * @property {function} createDhparam - The default number of players.\n * @property {function} createEcparam - The default level for the party.\n * @property {function} createCSR - The default treasure.\n * @property {function} createCertificate - How much gold the party starts with.\n */\nmodule.exports.promisified = {\n createPrivateKey: promisify(createPrivateKey),\n createDhparam: promisify(createDhparam),\n createEcparam: promisify(createEcparam),\n createCSR: promisify(createCSR),\n createCertificate: promisify(createCertificate),\n readCertificateInfo: promisify(readCertificateInfo),\n getPublicKey: promisify(getPublicKey),\n getFingerprint: promisify(getFingerprint),\n getModulus: promisify(getModulus),\n getDhparamInfo: promisify(getDhparamInfo),\n createPkcs12: promisify(createPkcs12),\n readPkcs12: promisify(readPkcs12),\n verifySigningChain: promisify(verifySigningChain),\n checkCertificate: promisify(checkCertificate),\n checkPkcs12: promisify(checkPkcs12)\n}\n","// The module cache\nvar __webpack_module_cache__ = {};\n\n// The require function\nfunction __webpack_require__(moduleId) {\n\t// Check if module is in cache\n\tvar cachedModule = __webpack_module_cache__[moduleId];\n\tif (cachedModule !== undefined) {\n\t\treturn cachedModule.exports;\n\t}\n\t// Create a new module (and put it into the cache)\n\tvar module = __webpack_module_cache__[moduleId] = {\n\t\t// no module.id needed\n\t\t// no module.loaded needed\n\t\texports: {}\n\t};\n\n\t// Execute the module function\n\tvar threw = true;\n\ttry {\n\t\t__webpack_modules__[moduleId](module, module.exports, __webpack_require__);\n\t\tthrew = false;\n\t} finally {\n\t\tif(threw) delete __webpack_module_cache__[moduleId];\n\t}\n\n\t// Return the exports of the module\n\treturn module.exports;\n}\n\n","\nif (typeof __webpack_require__ !== 'undefined') __webpack_require__.ab = __dirname + \"/\";","","// startup\n// Load entry module and return exports\n// This entry module used 'module' so it can't be inlined\nvar __webpack_exports__ = __webpack_require__(214);\n",""],"names":[],"sourceRoot":""} \ No newline at end of file diff --git a/lib/openssl.js b/lib/openssl.js index 97f451b..0ca8b5d 100644 --- a/lib/openssl.js +++ b/lib/openssl.js @@ -1,6 +1,7 @@ var helper = require('./helper.js') var {debug} = require('./debug.js') var cpspawn = require('child_process').spawn +var spawnSync = require('child_process').spawnSync var pathlib = require('path') var fs = require('fs') var osTmpdir = require('os-tmpdir') @@ -261,8 +262,10 @@ function testOpenSSLPath(pathBin, callback) { } /* Once PEM is imported, the openSslVersion is set with this function. */ -spawn(['version'], false, function (err, code, stdout, stderr) { - var text = String(stdout) + '\n' + String(stderr) + '\n' + String(err) +function setVersion() { + var pathBin = get('pathOpenSSL') || process.env.OPENSSL_BIN || 'openssl' + var output = spawnSync(pathBin, ['version']) + var text = String(output.stdout) + '\n' + String(output.stderr) + '\n' + String(output.error) let version = versionRegEx.exec(text) if (version === null || version.length <= 7) return set('openSslVersion', (version[1]).toUpperCase()) @@ -273,7 +276,9 @@ spawn(['version'], false, function (err, code, stdout, stderr) { set('VendorVersionMinor', version[5]) set('VendorVersionPatch', version[6]) set('VendorVersionBuildChar', typeof version[7] === 'undefined' ? '' : version[7]) -}) +}; + +setVersion(); module.exports = { exec: exec,