Merge pull request #272 from PeculiarVentures:update

Update

.github/workflows/test.yml

@@ -23,17 +23,15 @@ jobs:
         with:
           node-version: ${{ matrix.node-version }}
 
-      - name: Cache node modules
-        uses: actions/cache@v2
-        env:
-          cache-name: cache-node-modules
+      - name: Get yarn cache directory path
+        id: yarn-cache-dir-path
+        run: echo "::set-output name=dir::$(yarn cache dir)"
+
+      - uses: actions/cache@v3
+        id: yarn-cache
         with:
-          path: ~/.npm
-          key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/yarn.lock') }}
-          restore-keys: |
-            ${{ runner.os }}-build-${{ env.cache-name }}-
-            ${{ runner.os }}-build-
-            ${{ runner.os }}-
+          path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
+          key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
 
       - name: Install dependencies
         run: yarn
@@ -44,6 +42,12 @@ jobs:
       - name: Run test with coverage
         run: npm run coverage
 
+      # Fixes problem with incorrect SF paths. See https://github.com/coverallsapp/github-action/issues/125
+      - name: Update lcov.info
+        run: |
+          sed -E "s/SF:(.+file:(.+))/SF:\2/g" ./coverage/lcov.info > coverage/lcov.new.info
+          mv ./coverage/lcov.new.info ./coverage/lcov.info
+
       - name: Coveralls
         uses: coverallsapp/github-action@master
         with:

package.json

@@ -44,41 +44,41 @@
   "homepage": "https://github.com/PeculiarVentures/webcrypto-local#readme",
   "devDependencies": {
     "2key-ratchet": "^1.0.18",
-    "@babel/core": "^7.17.12",
+    "@babel/core": "^7.18.5",
     "@babel/plugin-proposal-class-properties": "^7.17.12",
-    "@babel/plugin-proposal-object-rest-spread": "^7.17.12",
-    "@babel/preset-env": "^7.17.12",
+    "@babel/plugin-proposal-object-rest-spread": "^7.18.0",
+    "@babel/preset-env": "^7.18.2",
     "@peculiar/webcrypto": "1.0.22",
     "@rollup/plugin-babel": "^5.3.1",
     "@rollup/plugin-node-resolve": "^13.3.0",
     "@types/long": "^4.0.2",
     "@types/mocha": "^9.1.1",
-    "@types/node": "^17.0.34",
+    "@types/node": "^17.0.44",
     "@types/node-fetch": "^2.6.1",
     "@types/request": "^2.48.8",
     "@types/ws": "^8.5.3",
     "colors": "^1.4.0",
     "coveralls": "^3.1.1",
     "extract-zip": "^2.0.1",
     "gh-pages": "^4.0.0",
-    "lerna": "^4.0.0",
+    "lerna": "^5.1.4",
     "mocha": "^10.0.0",
     "nyc": "^15.1.0",
     "request": "^2.88.2",
     "request-progress": "^3.0.0",
     "rimraf": "^3.0.2",
-    "rollup": "^2.73.0",
+    "rollup": "^2.75.6",
     "rollup-plugin-cleanup": "^3.2.1",
     "rollup-plugin-commonjs": "^10.1.0",
     "rollup-plugin-node-builtins": "^2.1.2",
     "rollup-plugin-terser": "^7.0.2",
-    "rollup-plugin-typescript2": "^0.31.2",
-    "ts-node": "^10.7.0",
+    "rollup-plugin-typescript2": "^0.32.1",
+    "ts-node": "^10.8.1",
     "tsconfig-paths": "^4.0.0",
     "tslint": "^6.1.3",
-    "typedoc": "^0.22.15",
+    "typedoc": "^0.22.17",
     "typedoc-plugin-lerna-packages": "^0.3.1",
-    "typescript": "^4.6.4"
+    "typescript": "^4.7.3"
   },
   "resolutions": {
     "**/**/trim-newlines": "^4.0.2",

packages/cards/lib/card.json

@@ -52,12 +52,6 @@
       "readOnly": true,
       "driver": "c4e60449442848c48af7b3fcf6a6f4a1"
     },
-    {
-      "atr": "3BF81300008131FE454A434F5076323431B7",
-      "name": "National Identity Document: Nigerian eID",
-      "readOnly": true,
-      "driver": "c4e60449442848c48af7b3fcf6a6f4a1"
-    },
     {
       "atr": "3BFE9400FF80B1FA451F0345737445494420",
       "name": "National Identity Document: Broken Estonian eID 1.1 warm",
@@ -136,12 +130,6 @@
       "readOnly": true,
       "driver": "993988460d8f49a2ac519a2935f11533"
     },
-    {
-      "atr": "3BDF960081B1FE451F838073CC91CBF9A0000003080000100079",
-      "name": "USG:State Department",
-      "readOnly": true,
-      "driver": "993988460d8f49a2ac519a2935f11533"
-    },
     {
       "atr": "3BFE1800008131FE458031815448534D31738021408107FA",
       "name": "Nitrokey Nitrokey HSM",
@@ -702,4 +690,4 @@
       }
     }
   ]
-}
+}

packages/cards/src/config.ts

@@ -83,6 +83,6 @@ export class Config {
   public token?: keyof typeof ConfigTokenEnum;
 
   @JsonProp({ type: TemplateConfig, optional: true })
-  public template?: Record<keyof TemplateConfig, TemplateTypeConfig | undefined>;
+  public template?: Partial<Record<keyof TemplateConfig, TemplateTypeConfig>>;
 
 }

packages/client/package.json

@@ -52,6 +52,6 @@
     "pvtsutils": "^1.3.2",
     "tslib": "^2.4.0",
     "webcrypto-core": "^1.7.5",
-    "ws": "^8.6.0"
+    "ws": "^8.8.0"
   }
 }

packages/server/package.json

@@ -42,21 +42,21 @@
     "2key-ratchet": "^1.0.18",
     "@peculiar/json-schema": "^1.1.12",
     "@peculiar/webcrypto": "1.0.22",
-    "@peculiar/x509": "^1.6.1",
+    "@peculiar/x509": "^1.7.0",
     "@types/pvutils": "^1.0.1",
     "@webcrypto-local/cards": "^1.7.0",
     "@webcrypto-local/core": "^1.7.0",
     "@webcrypto-local/proto": "^1.7.0",
-    "asn1js": "^3.0.3",
+    "asn1js": "^3.0.5",
     "graphene-pk11": "^2.3.0",
-    "node-webcrypto-p11": "^2.4.2",
+    "node-webcrypto-p11": "^2.5.0",
     "pcsclite": "^1.0.0",
-    "pkijs": "^2.3.1",
+    "pkijs": "^3.0.5",
     "pvtsutils": "^1.3.2",
     "pvutils": "^1.1.3",
     "request": "^2.88.0",
     "tslib": "^2.4.0",
     "webcrypto-core": "^1.7.5",
-    "ws": "^8.6.0"
+    "ws": "^8.8.0"
   }
 }

packages/server/src/crypto/openssl/cert_storage.ts

@@ -1,4 +1,5 @@
 import * as fs from "fs";
+import * as core from "webcrypto-core";
 import * as wcp11 from "node-webcrypto-p11";
 import { Convert } from "pvtsutils";
 import {
@@ -26,7 +27,7 @@ interface IJsonOpenSSLCertificate {
   label: string;
 }
 
-export class OpenSSLCertificateStorage implements wcp11.CertificateStorage {
+export class OpenSSLCertificateStorage implements core.CryptoCertificateStorage {
 
   public file: string;
   public crypto: OpenSSLCrypto;
@@ -60,9 +61,9 @@ export class OpenSSLCertificateStorage implements wcp11.CertificateStorage {
     }
   }
 
-  public importCert(format: "raw", data: BufferSource, algorithm: wcp11.Pkcs11ImportAlgorithms, keyUsages: KeyUsage[]): Promise<wcp11.CryptoCertificate>;
-  public importCert(format: "pem", data: string, algorithm: wcp11.Pkcs11ImportAlgorithms, keyUsages: KeyUsage[]): Promise<wcp11.CryptoCertificate>;
-  public async importCert(format: any, data: string | BufferSource, algorithm: wcp11.Pkcs11ImportAlgorithms, keyUsages: KeyUsage[]): Promise<wcp11.CryptoCertificate> {
+  public importCert(format: "raw", data: BufferSource, algorithm: wcp11.Pkcs11ImportAlgorithms, keyUsages: KeyUsage[]): Promise<CryptoCertificate>;
+  public importCert(format: "pem", data: string, algorithm: wcp11.Pkcs11ImportAlgorithms, keyUsages: KeyUsage[]): Promise<CryptoCertificate>;
+  public async importCert(format: any, data: string | BufferSource, algorithm: wcp11.Pkcs11ImportAlgorithms, keyUsages: KeyUsage[]): Promise<CryptoCertificate> {
     let rawData: ArrayBuffer;
     let rawType: CryptoCertificateType | null = null;
 
@@ -134,11 +135,11 @@ export class OpenSSLCertificateStorage implements wcp11.CertificateStorage {
     return Object.keys(items);
   }
 
-  public async hasItem(item: wcp11.CryptoCertificate) {
+  public async hasItem(item: CryptoCertificate) {
     return !!this.indexOf(item);
   }
 
-  public async setItem(item: wcp11.CryptoCertificate) {
+  public async setItem(item: CryptoCertificate) {
     if (!(item instanceof Certificate)) {
       throw new TypeError("item is not OpenSSL Certificate");
     }
@@ -149,7 +150,7 @@ export class OpenSSLCertificateStorage implements wcp11.CertificateStorage {
     return item.id;
   }
 
-  public async indexOf(item: wcp11.CryptoCertificate) {
+  public async indexOf(item: CryptoCertificate) {
     if (item instanceof Certificate) {
       const certs = this.readFile();
       for (const index in certs) {
@@ -190,7 +191,7 @@ export class OpenSSLCertificateStorage implements wcp11.CertificateStorage {
     this.writeFile({});
   }
 
-  protected async certToJson(cert: wcp11.CryptoCertificate) {
+  protected async certToJson(cert: CryptoCertificate) {
     if (!(cert instanceof Certificate)) {
       throw new TypeError("cert is not OpenSSL Certificate");
     }

packages/server/src/crypto/openssl/crypto.ts

@@ -7,7 +7,7 @@ import { OpenSSLCertificateStorage } from "./cert_storage";
 import { OpenSSLKeyStorage } from "./key_storage";
 import { OpenSSLSubtleCrypto } from "./subtle";
 
-export class OpenSSLCrypto extends core.Crypto implements wcp11.Crypto {
+export class OpenSSLCrypto extends core.Crypto {
 
   public isReadWrite = true;
   public isLoginRequired = false;

packages/server/src/crypto/openssl/key_storage.ts

@@ -10,16 +10,16 @@ interface IJsonOpenSSLKeyStorage {
   [key: string]: IJsonOpenSSLKey;
 }
 
-interface IJsonOpenSSLKey extends CryptoKey {
+interface IJsonOpenSSLKey extends wcp11.CryptoKeyJson {
   raw: string;
   createdAt: string;
   lastUsed: string;
 }
 
-export class OpenSSLKeyStorage implements wcp11.KeyStorage {
+export class OpenSSLKeyStorage implements core.CryptoKeyStorage {
 
   public file: string;
-  public crypto: wcp11.Crypto;
+  public crypto: Crypto;
 
   constructor(file: string, crypto: OpenSSLCrypto) {
     this.file = file;
@@ -109,7 +109,7 @@ export class OpenSSLKeyStorage implements wcp11.KeyStorage {
     let id: Uint8Array;
     switch (key.type) {
       case "secret": {
-        id = await this.crypto.getRandomValues(new Uint8Array(20)) as Uint8Array;
+        id = await this.crypto.getRandomValues(new Uint8Array(20));
         break;
       }
       case "private":

packages/server/src/crypto/openssl/pki/cert.ts

@@ -1,14 +1,14 @@
 import { getEngine } from "2key-ratchet";
 import { CryptoCertificate, CryptoKey } from "node-webcrypto-p11";
 import { Convert } from "pvtsutils";
-import { CryptoCertificateType } from "webcrypto-core";
+import * as core from "webcrypto-core";
 
 export interface CertificateConstructor<T> {
   // tslint:disable-next-line:callable-types
   new(): T;
 }
 
-export abstract class Certificate implements CryptoCertificate {
+export abstract class Certificate implements core.CryptoCertificate {
   public static importCert<T extends Certificate>(this: CertificateConstructor<T>, provider: Crypto, rawData: BufferSource): Promise<T>;
   public static importCert<T extends Certificate>(this: CertificateConstructor<T>, provider: Crypto, rawData: BufferSource, algorithm: Algorithm, keyUsages: KeyUsage[]): Promise<T>;
   public static importCert<T extends Certificate>(this: CertificateConstructor<T>, provider: Crypto, rawData: BufferSource, algorithm?: Algorithm, keyUsages?: KeyUsage[]): Promise<T>;
@@ -18,7 +18,7 @@ export abstract class Certificate implements CryptoCertificate {
     return res;
   }
 
-  public type!: CryptoCertificateType;
+  public type!: core.CryptoCertificateType;
   public publicKey!: CryptoKey;
   public id!: string;
   public crypto = getEngine().crypto;

packages/server/src/crypto/openssl/pki/request.ts

@@ -1,11 +1,12 @@
 import * as Asn1Js from "asn1js";
-import { Crypto, CryptoKey, CryptoX509CertificateRequest } from "node-webcrypto-p11";
+import { Crypto, CryptoKey } from "node-webcrypto-p11";
+import * as core from "webcrypto-core";
 import { Certificate } from "./cert";
 import { nameToString } from "./x500_name";
+import { CertificationRequest, setEngine, CryptoEngine } from "pkijs";
 
-const { CertificationRequest, setEngine, CryptoEngine } = require("pkijs");
 
-export class X509CertificateRequest extends Certificate implements CryptoX509CertificateRequest {
+export class X509CertificateRequest extends Certificate implements core.CryptoX509CertificateRequest {
 
   public type: "request" = "request";
 

packages/server/src/crypto/openssl/pki/x509.ts

@@ -1,14 +1,15 @@
 import * as Asn1Js from "asn1js";
-import { Crypto, CryptoKey, CryptoX509Certificate } from "node-webcrypto-p11";
+import { Crypto, CryptoKey } from "node-webcrypto-p11";
 import { Convert } from "pvtsutils";
+import * as pkijs from "pkijs";
+import * as core from "webcrypto-core";
 import { Certificate } from "./cert";
 import { nameToString } from "./x500_name";
 
-const pkijs = require("pkijs");
 const { setEngine, CryptoEngine } = pkijs;
 const PKICertificate = pkijs.Certificate;
 
-export class X509Certificate extends Certificate implements CryptoX509Certificate {
+export class X509Certificate extends Certificate implements core.CryptoX509Certificate {
 
   public readonly type = "x509";
 

packages/server/src/crypto/openssl/subtle.ts

@@ -2,7 +2,7 @@ import * as wcp11 from "node-webcrypto-p11";
 import { SubtleCrypto } from "webcrypto-core";
 import { OpenSSLCrypto } from "./crypto";
 
-export class OpenSSLSubtleCrypto extends SubtleCrypto implements wcp11.SubtleCrypto {
+export class OpenSSLSubtleCrypto extends SubtleCrypto {
 
   private crypto: OpenSSLCrypto;
 
@@ -40,10 +40,10 @@ export class OpenSSLSubtleCrypto extends SubtleCrypto implements wcp11.SubtleCry
     return this.crypto.crypto.subtle.exportKey(format, key);
   }
 
-  public async generateKey(algorithm: RsaHashedKeyGenParams | EcKeyGenParams, extractable: boolean, keyUsages: KeyUsage[], ...args: any[]): Promise<wcp11.CryptoKeyPair>;
-  public async generateKey(algorithm: AesKeyGenParams | HmacKeyGenParams | Pbkdf2Params, extractable: boolean, keyUsages: KeyUsage[], ...args: any[]): Promise<wcp11.CryptoKey>;
-  public async generateKey(algorithm: AlgorithmIdentifier, extractable: boolean, keyUsages: Iterable<KeyUsage>, ...args: any[]): Promise<wcp11.CryptoKeyPair | wcp11.CryptoKey>;
-  public async generateKey(algorithm: any, extractable: any, keyUsages: any): Promise<wcp11.CryptoKey | wcp11.CryptoKeyPair> {
+  public async generateKey(algorithm: RsaHashedKeyGenParams | EcKeyGenParams, extractable: boolean, keyUsages: KeyUsage[], ...args: any[]): Promise<CryptoKeyPair>;
+  public async generateKey(algorithm: AesKeyGenParams | HmacKeyGenParams | Pbkdf2Params, extractable: boolean, keyUsages: KeyUsage[], ...args: any[]): Promise<CryptoKey>;
+  public async generateKey(algorithm: AlgorithmIdentifier, extractable: boolean, keyUsages: Iterable<KeyUsage>, ...args: any[]): Promise<CryptoKeyPair | CryptoKey>;
+  public async generateKey(algorithm: any, extractable: any, keyUsages: any): Promise<CryptoKey | CryptoKeyPair> {
     const keys = await this.crypto.crypto.subtle.generateKey(algorithm, extractable, keyUsages) as CryptoKeyPair | CryptoKey;
     if ("publicKey" in keys) {
       return {