peculiarventures / asn1-schema Goto Github PK

View Code? Open in Web Editor NEW

31.0 31.0 11.0 1.71 MB

asn1-schema is a collection of TypeScript schemas that make working with common ASN.1 objects easy

TypeScript 100.00%

asn1-schema's People

Stargazers

Watchers

Forkers

bartzjegr eugenehp jstewmon dhensby zhouyu0615 passcod isabella232 privacyportal tgivslife kazuemon

asn1-schema's Issues

Microsoft CertificateTemplate id

Please add export id 1.3.6.1.4.1.311.21.7 to the certificate template extension

Add ecc schema

Schema name: ecc
RFC 5915

npm run create ecc

IpConverter toString error

Error:

Solution:

Change import declaration in https://github.com/PeculiarVentures/asn1-schema/blob/master/packages/x509/src/ip_converter.ts#L1
import * as ip from "ipaddr.js"; -> import ip from "ipaddr.js";

Add rsa schema

Schema name: rsa
RFC 8017

npm run create rsa

Error trying to parse IssuingDistributionPoint

Code example:

AsnParser.parse(Convert.FromHex('3034a02fa02d862b687474703a2f2f63726c732e706b692e676f6f672f6774733170352f37554375585a754c5549672e63726c8101ff'), IssuingDistributionPoint);

Error text:

Data does not match to IssuingDistributionPoint ASN1 schema. undefined

Data reference - example

SubjectDirectoryAttributes extension question

Example

import { AsnConvert } from "@peculiar/asn1-schema";
import { SubjectDirectoryAttributes } from '@peculiar/asn1-x509';

const hex = "30640603551d09045d305b301006082b06010505070904310413024445300f06082b060105050709033103130146301d06082b060105050709013111180f31393731313031343132303030305a301706082b06010505070902310b0c094461726d7374616474";

const sda= AsnConvert.parse(Buffer.from(hex, "hex"), SubjectDirectoryAttributes);

After decode Attribute values using Convert.ToString I see space before each value:

Do we need to fix it using mechanism after Convert.ToString or make changes to the package?

So I have been using this library to serialize and deserialize ASN1 structures and wanted writes tests for the code.
I've been having trouble getting the frameworks running. I would really appreciate if you could give me some pointers.

I'm writing it in TypeScript and wanted to test out Jest, but I run into the following error when running Jest:

From what i understand the type for data in AsnParse.parse is BufferSource that is either ArrayBuffer or ArrayBufferView, Base64.decode returns ArrayBuffer, so everything should be fine, but I can't get past this error.

TypeScript itself compiles and I can use the built library and the same method without any errors.

Any suggestions?

Extension Request attribute

Could we add a class for the attribute?

extensionRequest ATTRIBUTE ::= {
  WITH SYNTAX ExtensionRequest
  SINGLE VALUE TRUE
  ID pkcs-9-at-extensionRequest
}

ExtensionRequest ::= Extensions

Example:

303a06092a864886f70d01090e312d302b30290603551d0e04220420da80914ab1c14b4113d5939781fbdc4632793f7794f5a1c96bacf261040f1654

tsc: Could not find a declaration file for module 'asn1js'.

package.json of @peculiar/asn1-schema package is missing @types/asn1js as a production dependency, resulting in TypeScript build errors for @peculiar/asn1-schema and @peculiar/webcrypto packages.

node_modules/@peculiar/asn1-schema/build/types/types.d.ts:4:23 - error TS7016: Could not find a declaration file for module 'asn1js'. 'C:/Users/sunny/Documents/code/wcbug/node_modules/asn1js/build/asn1.js' implicitly has an 'any' type.
  Try `npm install @types/asn1js` if it exists or add a new declaration (.d.ts) file containing `declare module 'asn1js';`
4 import * as asn1 from "asn1js";
                        ~~~~~~~~

node_modules/@peculiar/asn1-schema/build/types/types/bit_string.d.ts:1:43 - error TS7016: Could not find a declaration file for module 'asn1js'. 'C:/Users/sunny/Documents/code/wcbug/node_modules/asn1js/build/asn1.js' implicitly has an 'any' type.
  Try `npm install @types/asn1js` if it exists or add a new declaration (.d.ts) file containing `declare module 'asn1js';`
1 import { BitString as AsnBitString } from "asn1js";
                                            ~~~~~~~~

node_modules/@peculiar/asn1-schema/build/types/types/octet_string.d.ts:1:47 - error TS7016: Could not find a declaration file for module 'asn1js'. 'C:/Users/sunny/Documents/code/wcbug/node_modules/asn1js/build/asn1.js' implicitly has an 'any' type.
  Try `npm install @types/asn1js` if it exists or add a new declaration (.d.ts) file containing `declare module 'asn1js';`
1 import { OctetString as AsnOctetString } from "asn1js";
                                                ~~~~~~~~


Found 3 errors.

To fix this error, either add @types/asn1js as a production dependency (not devDependency), or avoid importing "asn1js" in .d.ts files.

Files to reproduce the error:
package.json

{
  "private": true,
  "scripts": {
    "build": "tsc"
  },
  "dependencies": {
    "@peculiar/asn1-schema": "^2.0.1",
    "typescript": "^3.8.3"
  }
}

tsconfig.json

{
  "compilerOptions": {
    "module": "ESNext",
    "moduleResolution": "node",
    "noEmit": true,
    "strict": true,
    "target": "ESNext"
  }
}

x.ts

import "@peculiar/asn1-schema";

EnrollCertType parse error

AsnParser.parse(Convert.FromHex('1e0a00530075006200430041'), EnrollCertType);

Adobe Time-stamp extension

Time-stamp X509 extension format:

adbe- OBJECT IDENTIFIER ::=  { adbe(1.2.840.113583) acrobat(1) security(1) x509Ext(9) 1 }

 ::= SEQUENCE {
    version INTEGER  { v1(1) }, -- extension version
    location GeneralName (In v1 GeneralName can be only uniformResourceIdentifier)
    requiresAuth        boolean (default false), OPTIONAL
}

Example:

304c0201018644687474703a2f2f6161746c2d74696d657374616d702e676c6f62616c7369676e2e636f6d2f7473612f616f68666577617432333839353335666e6173676e6c67356d3233010100

Links:

https://www.adobe.com/devnet-docs/acrobatetk/tools/DigSigDC/oids.html

NetscapeCertificateType extension

Please add the extension Netscape Certificate Type (2.16.840.1.113730.1.1) to the package.

Example:

AsnParser.parse(Convert.FromHex('03020007'), NetscapeCertificateType);

Output:

Code for help:

    /**
     * bit-0 SSL client - this cert is certified for SSL client authentication use
     * bit-1 SSL server - this cert is certified for SSL server authentication use
     * bit-2 S/MIME - this cert is certified for use by clients (New in PR3)
     * bit-3 Object Signing - this cert is certified for signing objects such as Java
     * applets and plugins(New in PR3)
     * bit-4 Reserved - this bit is reserved for future use
     * bit-5 SSL CA - this cert is certified for issuing certs for SSL use
     * bit-6 S/MIME CA - this cert is certified for issuing certs for S/MIME use (New in PR3)
     * bit-7 Object Signing CA - this cert is certified for issuing
     * certs for Object Signing (New in PR3)
     */
    if (byte & 0x80) {
      usages.push('SSL client');
    }
    if (byte & 0x40) {
      usages.push('SSL server');
    }
    if (byte & 0x20) {
      usages.push('S/MIME');
    }
    if (byte & 0x10) {
      usages.push('Object Signing');
    }
    if (byte & 0x08) {
      usages.push('Reserved');
    }
    if (byte & 0x04) {
      usages.push('SSL CA');
    }
    if (byte & 0x02) {
      usages.push('S/MIME CA');
    }
    if (byte & 0x01) {
      usages.push('Object Signing CA');
    }

Documentation:
http://javadoc.iaik.tugraz.at/iaik_jce/old/iaik/x509/extensions/netscape/NetscapeCertType.html

Wrong TBSCertificate serialization

Parsed certificate on serialization returns another raw. Incoming message contains an empty list of extensions, but after serialization, there is no set of Extensions

Test

const hex = "308202963082017e020101300d06092a864886f70d01010b0500300f310d300b0603550403130454657374301e170d3139313233313231303030305a170d3230303130313231303030305a300f310d300b060355040313045465737430820122300d06092a864886f70d01010105000382010f003082010a0282010100c12f5ed353a4ed77c5bae6df726bf68c2cb0659778eeb8bde3edfb62c3ef38169f5f35678d4ccd21bc45e1e0c6442dfc066e8565a5dea29b08502c4002c6e50746dec1f479b8379fbabd380bcb91a7cef524b413dc0f7e2ff77d8dbcdf6c55a5c8a1493333c9662f2a05801a19419fcc2c58dba55506440a2b5239035937b4265afb931a87cffbae0a690385ae9aa7e768660c1dcd6974bff85fe44aebb2fe9e8edb4648a5ec2d9f6797c1481041354413851d26d389b43c91c96f4ca9e481dca5b2f7d3d82858f159bbc6e6f21704aa15fce83a1e789ac1f3d2245455afb9b8d68b147632630e8ad2ce4d4bb39e83e9c0597d6a5a745061f4b08a5e2b8795b30203010001a3023000300d06092a864886f70d01010b05000382010100837a986d86594fc12ef06c748beece637fc81bbecda4d420e8db643d91a449a0c463735e55951cdaba86ebe23c17496b3938e0923335458f8cc0ae89a28dea69b8e9bcaf708e9f8623f42378fad1fe27073c20085817e2253cfb5f1d59f6f62d81a58d7f816b34bd8c4e5d586384a6f1b849f3a5881425013c11f71b764af5bde8469175b37d64ebf4007f279dd3570fff22e3bcda6b6ac6a7c88034e0a8b441466fb0b46eb329258bd4597eea8212929228ac1170d3825845701a6bbe9a844de117684e0eaa630e491e99f33b2e84802e43de0d91f8a678b8a268da882a49b71f96ea0791712ea71426e81b48b0cbda296f0b14249736a90bcbcafcb269a2cc";
const certRaw = Buffer.from(hex, "hex");
const cert = AsnConvert.parse(certRaw, Certificate);
const certRaw2 = AsnConvert.serialize(cert);

assert.strictEqual(hex, Buffer.from(certRaw2).toString("hex"));

Error: Cannot get schema for 'ObjectIdentifier' target

/node_modules/@peculiar/asn1-schema/build/cjs/schema.js:1
Error: Cannot get schema for 'ObjectIdentifier' target

  at AsnSchemaStorage.get (node_modules/@peculiar/asn1-schema/build/cjs/schema.js:17:19)
  at Function.toASN (node_modules/@peculiar/asn1-schema/build/cjs/serializer.js:24:48)
  at Function.serialize (node_modules/@peculiar/asn1-schema/build/cjs/serializer.js:14:21)
  at Function.serialize (node_modules/@peculiar/asn1-schema/build/cjs/convert.js:10:43)
  at Function.register (node_modules/webcrypto-core/build/webcrypto-core.js:1144:43)
  at Object.<anonymous> (node_modules/webcrypto-core/build/webcrypto-core.js:1170:10)
  at Object.<anonymous> (node_modules/@peculiar/webcrypto/build/webcrypto.js:7:12)
      at Object.<anonymous> (/node_modules/isomorphic-webcrypto/src/index.js:1)
      at Object.<anonymous> (/node_modules/isomorphic-webcrypto/src/main.js:1)
      at Object.<anonymous> (/node_modules/@pathcheck/dcc-sdk/lib/cose-js/sign.js:1)
      at Object.<anonymous> (/node_modules/@pathcheck/dcc-sdk/lib/dcc.js:1)
      at Object.<anonymous> (/node_modules/@pathcheck/dcc-sdk/lib/main.js:1)

Cannot get schema for 'DigestInfo' target

When trying to parse an ASN.1 value into a DigestInfo object I get the following error:

Error: Cannot get schema for 'DigestInfo' target
    at AsnSchemaStorage.get (.\node_modules\@peculiar\asn1-schema\build\cjs\schema.js:18:19)
    at Function.fromASN (.\node_modules\@peculiar\asn1-schema\build\cjs\parser.js:39:52)
    at Function.parse (.\node_modules\@peculiar\asn1-schema\build\cjs\parser.js:29:26)
    at Function.parse (.\node_modules\@peculiar\asn1-schema\build\cjs\convert.js:11:35)

Code to reproduce:

const { AsnConvert } = require('@peculiar/asn1-schema');
const { DigestInfo } = require('@peculiar/asn1-rsa');

AsnConvert.parse(Buffer.from(...), DigestInfo);

Sorry for such a basic question, but is there something I'm missing here?

ExtendedKeyUsage extension parse errror

AsnParser.parse(Convert.FromHex('301406082b0601050507030206082b06010505070304'), ExtendedKeyUsage)

Add x509-qualified schema

Schema name: x509-qualified
RFC 3739

npm run create x509-qualified

Incorrect Validity encoding for Date in 2050 or later

See more details PeculiarVentures/x509#36

const validity = new src.Validity({
  notBefore: new Date("2049-12-31T23:59:59Z"),
  notAfter: new Date("2050-01-01T00:00:00Z"),
});
const hex = Buffer.from(AsnConvert.serialize(validity)).toString("hex");
assert.strictEqual(hex, "3020170d3439313233313233353935395a180f32303530303130313030303030305a");

Current implementation uses utcTime always. It's wrong.

RFC5280 Validity 4.1.2.5

CAs conforming to this profile MUST always encode certificate
validity dates through the year 2049 as UTCTime; certificate validity
dates in 2050 or later MUST be encoded as GeneralizedTime.
Conforming applications MUST be able to process validity dates that
are encoded in either UTCTime or GeneralizedTime.

Add pkcs8 schema

Schema name: pkcs8
RFC 5280

npm run create pkcs8

Decode Integer 4 bytes value to zero

Hi.
I found out an issue when 4 bytes Integer always decodes to 0.
Problem because of inconsistency of asn1js and asn1-schama

asn1js: https://github.com/PeculiarVentures/ASN1.js/blob/master/src/internals/LocalIntegerValueBlock.ts#L135

export class LocalIntegerValueBlock extends HexBlock(ValueBlock) implements IDerConvertible {
  protected setValueHex(): void {
    if (this.valueHexView.length >= 4) {
      this.warnings.push("Too big Integer for decoding, hex only");
      this.isHexOnly = true;
      this._valueDec = 0;
    }

but asn1-schama: https://github.com/PeculiarVentures/asn1-schema/blob/master/packages/schema/src/converters.ts#L31

export const AsnIntegerConverter: IAsnConverter<IntegerConverterType> = {
  fromASN: (value: any) => value.valueBlock.valueHex.byteLength > 4
    ? value.valueBlock.toString() // Convert number to string
    : value.valueBlock.valueDec, // use number format
  toASN: (value: IntegerConverterType) => new asn1.Integer({ value: value as any }),
};

please replace value.valueBlock.valueHex.byteLength > 4 with value.valueBlock.valueHex.byteLength >= 4 , it will solve the problem. @microshine

Add csr schema

Schema name: csr
RFC 2986

npm run create csr

Error trying to parse OtherName

Code example:

AsnParser.parse(Convert.FromHex('30090c0739333439343838'), DisplayText);

Error text:

Data does not match to DisplayText ASN1 schema. Wrong values for Choice type

SAN extension reference - https://lapo.it/asn1js/#MCIGA1UdEQQbMBmgFwYIKwYBBQUHCAOgCzAJDAc5MzQ5NDg4

MicrosoftCAVersion extension

Please add extension MicrosoftCAVersion (1.3.6.1.4.1.311.21.1) to the package

Example:

AsnParser.parse(Convert.FromHex('020100'), MicrosoftCAVersion);

Output:

Creating PKCS8 `PrivateKeyInfo` seems to be missing `0x04 0x20`

I'm trying to use asn1-pkcs8 to construct a PrivateKeyInfo for Ed25519 private key.

I noticed that during construction the serialized buffer looks different from the one that is produced by @peculiar/webcrypto. It turns out that it's missing 0x04 0x20 prefix on the key.

import * as asn1 from '@peculiar/asn1-schema';
import * as asn1Pkcs8 from '@peculiar/asn1-pkcs8';
import * as asn1X509 from '@peculiar/asn1-x509';
import * as x509 from '@peculiar/x509';

  const algorithm = new asn1X509.AlgorithmIdentifier({
    algorithm: x509.idEd25519
  });

  // Notice I had to put `0x04 0x20` here manually
  const key = new asn1Pkcs8.PrivateKey(
    Buffer.concat([
      Buffer.from([0x04, 0x20]),
      privateKey
    ])
  );

  const pkcs8 = new asn1Pkcs8.PrivateKeyInfo({
    privateKeyAlgorithm: algorithm,
    privateKey: key,
  });

  // This should be 48 bytes, if I don't add `0x04 0x20` above, it ends up being 46 bytes
  const data = utils.bufferWrap(asn1.AsnSerializer.serialize(pkcs8));

If I don't concatenate 0x04 0x20, the resulting key size is 46 bytes.

But if I use webcrypto, I get 48 bytes.

The interface for PrivateKeyInfo requires PrivateKey which extends OctetString.

I'm trying to reconcile the difference here, it seems webcrypto is more correct here. So I'm wondering if something was missing about how PrivateKeyInfo should be constructed.

I noticed that PrivateKeyInfo in webcrypto-core is not the same as the one in asn1-pkcs8.

Android KeyStore extension

I'm starting work on defining a schema for Android's Keystore extension as detailed here:

https://source.android.com/security/keystore/attestation#schema

Might there be interest in this extension being added to this library? I'm prepared to PR it in if that's the case.

id_ct_tstInfo is not passed testing, + expected - actual -1.2.840.113549.1.7.2 +1.2.840.113549.1.9.16.1.4

I have faced this problem for days I could not find any solution.
Any ideas?
Thanks

GitHub repo

actual - expected
'1.2.840.113549.1.7.2'

'1.2.840.113549.1.9.16.1.4'
^
+ expected - actual

-1.2.840.113549.1.7.2
+1.2.840.113549.1.9.16.1.4

at C:\projects\tsr\src\test\index.ts:30:12
at Generator.next (<anonymous>)
at fulfilled (src\test\index.ts:28:58)

error Command failed with exit code 1.
info Visit https://yarnpkg.com/en/docs/cli/run for documentation about this command.

If I comment assert.strictEqual(contentInfo.contentType, id_ct_tstInfo); out.
It is giving me a new error:

`TSP
1) parse TSTInfo

0 passing (870ms)
1 failing

TSP
parse TSTInfo:
TypeError: Argument 'asn' is not instance of ASN.1 OctetString
at OctetString.fromASN (node_modules@peculiar\asn1-schema\build\cjs\types\octet_string.js:31:19)
at Function.fromASN (node_modules@peculiar\asn1-schema\build\cjs\parser.js:24:30)
at Function.parse (node_modules@peculiar\asn1-schema\build\cjs\parser.js:16:26)
at Function.parse (node_modules@peculiar\asn1-schema\build\cjs\convert.js:13:35)
at C:\projects\tsr\src\test\index.ts:36:32
at Generator.next ()
at fulfilled (src\test\index.ts:28:58)

error Command failed with exit code 1.
info Visit https://yarnpkg.com/en/docs/cli/run for documentation about this command.`

Add support SubjectInfoAccess extension

SubjectInfoAccess extension test reference:
https://lapo.it/asn1js/#MEcwRQYIKwYBBQUHMAWGOWh0dHA6Ly9pcGtpLnVzcHRvLmdvdi9JUEtJL0NlcnRzL0NBY2VydHNJc3N1ZWRCeVVTUFRPLnA3Yw

Schema:

id-pe-subjectInfoAccess OBJECT IDENTIFIER ::= { id-pe 11 }

   SubjectInfoAccessSyntax  ::=
           SEQUENCE SIZE (1..MAX) OF AccessDescription

   AccessDescription  ::=  SEQUENCE {
           accessMethod          OBJECT IDENTIFIER,
           accessLocation        GeneralName  }

@microshine What do you think about supporting this extension?

AsnParser.parse() fails to recognise some `ArrayBuffer`s

The problem

Upgrading @peculiar/webcrypto from 1.3.3 to 1.4.0 causes the following error:

TypeError: Wrong type of 'data' argument

    at Function.parse (/home/gus/repos/awala-keystore-gcp-js/node_modules/@peculiar/asn1-schema/build/cjs/parser.js:23:19)
    at EcPrivateKey.getKey (/home/gus/repos/awala-keystore-gcp-js/node_modules/@peculiar/webcrypto/build/webcrypto.js:1404:37)
    at EcPrivateKey.toJSON (/home/gus/repos/awala-keystore-gcp-js/node_modules/@peculiar/webcrypto/build/webcrypto.js:1407:26)
    at Function.toJSON (/home/gus/repos/awala-keystore-gcp-js/node_modules/@peculiar/json-schema/build/index.js:254:24)
    at Function.exportKey (/home/gus/repos/awala-keystore-gcp-js/node_modules/@peculiar/webcrypto/build/webcrypto.js:1616:50)
    at EcdhProvider.onExportKey (/home/gus/repos/awala-keystore-gcp-js/node_modules/@peculiar/webcrypto/build/webcrypto.js:1777:25)
    at EcdhProvider.exportKey (/home/gus/repos/awala-keystore-gcp-js/node_modules/webcrypto-core/build/webcrypto-core.js:223:33)
    at SubtleCrypto.exportKey (/home/gus/repos/awala-keystore-gcp-js/node_modules/webcrypto-core/build/webcrypto-core.js:1465:39)
    at CryptoEngine.exportKey (/home/gus/repos/awala-keystore-gcp-js/node_modules/pkijs/build/CryptoEngine.js:650:32)
    at derSerializePrivateKey (/home/gus/repos/awala-keystore-gcp-js/node_modules/@relaycorp/relaynet-core/src/lib/crypto_wrappers/keys.ts:97:38)

The root cause

The following check fails sometimes even though data is indeed an ArrayBuffer:

asn1-schema/packages/schema/src/parser.ts

Line 23 in 988241d

if (data instanceof ArrayBuffer) {

Here's what the WebStorm debugger shows (which I've double-checked with console.log()):

This behaviour is valid according to:

is-array-buffer: https://github.com/fengyuanchen/is-array-buffer/blob/9ea7fb638e79f8938161b3b7370cb965d8e93a8b/index.ts#L15
Lots of resources covering the equivalent issue with typed arrays. For example:

So the culprit seems to be JS realms, which I'm guessing in the case of Node.js can only happen when asn1-schema is used by multiple libraries in the same process, along with some of the recent changes to @peculiar/webcrypto.

How to reproduce

Unfortunately, it's quite hard to reproduce this as you need a relatively complex dependency tree to reproduce it. But if you want to reliably reproduce this locally, you can run npm test in relaycorp/awala-keystore-cloud-js#13 and check the broken tests.

This is the relevant dependency sub-tree for the repo above:

@relaycorp/relaynet-core.
- @peculiar/webcrypto
  - asn1-schema
- webcrypto-core
- PKI.js v2
webcrypto-core.

Potential solution

Check .toString() if instanceof returns false: https://github.com/fengyuanchen/is-array-buffer/blob/9ea7fb638e79f8938161b3b7370cb965d8e93a8b/index.ts#L15

Create schema for RFC9399

The @peculiar/asn1-x509-logotype module currently implements the specifications outlined in RFC3709. However, RFC9399 has been published, which obsoletes RFC3709 and introduces changes to the standard. It is essential to review the changes and update the @peculiar/asn1-x509-logotype module accordingly to ensure compliance with the latest standards.

Add x509-trustanchor schema

Schema name: x509-trustanchor
RFC 5914

npm run create x509-trustanchor

Question about parsing x509 extensions within a parsed Certificate

I'm trying to migrate more of my code over to asn1-schema but I'm stumped about how to take an extension out of an x.509 Certificate instance and then parse it through an extension schema.

After running my leaf cert through AsnParser.parse(leafCertBuffer, Certificate), I'm able to view the expected extensions:

Extensions(2) [
  Extension {
    extnID: '1.3.6.1.4.1.45724.2.1.1',
    critical: false,
    extnValue: OctetString {
      buffer: ArrayBuffer { [Uint8Contents]: <03 02 05 20>, byteLength: 4 }
    }
  },
  Extension {
    extnID: '2.5.29.19',
    critical: true,
    extnValue: OctetString {
      buffer: ArrayBuffer { [Uint8Contents]: <30 03 01 01 00>, byteLength: 5 }
    }
  }
]

What I want to do is then take that '2.5.29.19' (BasicConstraints) extension and parse it so I can more easily access its cA attribute. I tried this but of course the types didn't match:

if (ext.extnID === id_ce_basicConstraints) {
  console.log(AsnParser.fromASN(ext, BasicConstraints)); // No good, ext isn't a Buffer
}

Is there a clean way to further parse something that's within a parsed asn.1 schema? Thank you in advance for shining a light on this more advanced use case 😄

CaVersion export missed

Missed export CaVersion from the package

AsnConvert.serialize & primitive values

For example if I want to serialize a BasicOCSPResponse which in turn has a ResponseData that has the attribute producedAt: Date

This snippet fails with Error: Cannot get schema for 'Object' target

AsnConvert.serialize(
  new OCSPResponse({
    responseStatus: OCSPResponseStatus.successful,
    responseBytes: new ResponseBytes({
      response: new OctetString(
        AsnConvert.serialize(
          new BasicOCSPResponse({
            tbsResponseData: {
              producedAt: new Date(),
              responses: [],
              responderID: new ResponderID(),
              version: Version.v1,
              responseExtensions: [
                {
                  critical: false,
                  extnID: id_pkix_ocsp_nonce,
                  extnValue: new OctetString(Convert.FromHex("FFF")),
                },
              ],
            },
          })
        )
      ),
    }),
  })
);

Is there a workaround for this?

ReadableStream support for BufferSource?

Would it be possible to have things like AsnParser.parse(...) support ReadableStream as the data BufferSource?

e.g.

import { AsnParser } from "@peculiar/asn1-schema";
import { Certificate } from "@peculiar/asn1-x509";

fetch("https://raw.githubusercontent.com/google/clusterfuzz/master/docs/setting-up-fuzzing/heartbleed/server.pem").then(async current_response => {
    const cert = AsnParser.parse(current_response.body, Certificate);
    console.log(cert);
})

instead of:

import { AsnParser } from "@peculiar/asn1-schema";
import { Certificate } from "@peculiar/asn1-x509";

fetch("https://raw.githubusercontent.com/google/clusterfuzz/master/docs/setting-up-fuzzing/heartbleed/server.pem").then(async current_response => {
    const cert = AsnParser.parse(await current_response.arrayBuffer(), Certificate);
    console.log(cert);
})

While this simplified example only has a tiny certificate, I think ReadableStream would help reduce memory and decoding times for very large BER buffers.

PreferredSignatureAlgorithms usage (getting: Cannot get schema for 'Object' target)

Hi, what is the proper way to set PreferredSignatureAlgorithms to an OCSP request?

I tried the following snippet but it fails with Cannot get schema for 'Object' target

requestExtensions: [
  new Extension({ extnID: id_pkix_ocsp_nonce, extnValue: new Nonce(nonce) }),
  new Extension({
    extnID: id_pkix_ocsp_pref_sig_algs,
    extnValue: new OctetString(AsnConvert.serialize(new PreferredSignatureAlgorithms([{ algorithm: "1.2.840.10045.4.3.2" }]))),
  }),
],

Error trying to parse PolicyMappings extension

Code example:

AsnParser.parse(Convert.FromHex('304e3018060a60864801650302010302060a608648016503020102073018060a60864801650302010303060a608648016503020102083018060a6086480165030201030c060a60864801650302010209'), PolicyMappings);

Error text:

Data does not match to PolicyMappings ASN1 schema.

PolicyMappings extension reference - https://lapo.it/asn1js/#ME4wGAYKYIZIAWUDAgEDAgYKYIZIAWUDAgECBzAYBgpghkgBZQMCAQMDBgpghkgBZQMCAQIIMBgGCmCGSAFlAwIBAwwGCmCGSAFlAwIBAgk

Add x509-microsoft schema

Schema name: x509-microsoft
MS-WCCE

npm run create x509-microsoft

NameConstraints IP V6 implement

AsnParser.parse(Convert.FromHex('308228d6a08228d2300e820c6162656e73626572672e64653010820e616266616c6c2d726f74682e6465301282106167656e646132312d726f74682e6465300d820b61686f6c66696e672e6465300d820b61686f6c66696e672e6575300e820c6169676c73626163682e6465301a82186169736368677275656e6465722d6b61727066656e2e6465300f820d6169746572686f66656e2e6465300f820d616c6c657273626572672e6465300f820d616c6c657273626572672e6575300f820d616c74656e7468616e6e2e64653011820f616c746f6d75656e737465722e6465300c820a616e73626163682e646530168214616e73626163682d6c616e646b726569732e646530168214616e73626163682d6c616e646b726569732e65753012821061736368616666656e627572672e6465301f821d61736368616666656e6275726765722d6b756c747572746167652e6465301f821d61736368616666656e6275726765722d706f6d70656a616e65722e64653020821e61736368616666656e627572672d73746f6c706572737465696e652e6465300f820d617474656e686f66656e2e6465300b8209617474696e672e6465300b8209617474696e672e6575300e820c61756668617573656e2e6575300d820b61756773627572672e6465300f820d626163682d646f6e61752e6465300f820d6261642d6162626163682e6465301482126261642d67726f656e656e626163682e64653011820f6261642d6e657573746164742e6465300c820a62617262696e672e646530128210626175616b74656f6e6c696e652e6465300b820962617965726e2e64653011820f62657261747a68617573656e2e64653010820e626572676b69726368656e2e6465300e820c6265726773746f72662e6575301282106265726e686172647377616c642e6465300d820b6265726e726965642e64653018821662657a69726b2d6e696564657262617965726e2e6465301c821a62696c64756e676c616e646b72656973616e73626163682e6465301e821c62696c64756e672d6c616e646b726569732d616e73626163682e64653022822062696c64756e6773627565726f2d61736368616666656e627572672e696e666f301c821a62696c64756e6773627565726f2d756e7465726d61696e2e64653018821662696c64756e6773726567696f6e2d726f74682e64653017821562697363686f66736865696d2d72686f656e2e64653011820f626f636b686f726e2d6f62622e6465300e820c626f65686d77696e642e6465300e820c6272656e6e626572672e6465300e820c627275636b626572672e6465300c820a62732d726f74682e6465300d820b62737a2d726f74682e6465301682146275656368657265692d6865696465636b2e6465301782156275656368657265692d737465696e6163682e6465301e821c62756572676572696e666f2d73636877616e7374657474656e2e646530178215627565726765722d6f7374616c6c676165752e64653017821562756572676572706f7274616c2d726f74682e646530128210627572672d6162656e626572672e6575300982076279626e2e6465300982076368616d2e64653014821263687269737469616e2d73636861642e6465301b821963687269737469616e2d73636861642d6d757365756d2e6465301d821b63687269737469616e2d73636861642d7374696674756e672e6465300c820a6461636861752e636f6d300b82096461636861752e6465300f820d64656767656e646f72662e6465300f820d64656e6b656e646f72662e6575300e820c64696c6c696e67656e2e6465300e820c64696c6c696e67656e2e6575300f820d64696e676f6c66696e672e6465301a8218646972656b747665726d61726b7465722d726f74682e646530168214646973636f6275732d62617972657574682e6465300f820d646f6e61752d726965732e6465300f820d646f6e617573746175662e6465300b8209646f7266656e2e6465300e820c647565726e686172742e65753010820e647565727277616e67656e2e6465300f820d64756767656e646f72662e646530128210656265726d616e6e73746164742e6465300f820d656368696e672d6e64622e6465301f821d652d676f7665726e6d656e742d61736368616666656e627572672e646530178215656872656e616d74736b617274652d6761702e6465300d820b65696368656e61752e6465300f820d656963687374616574742e6465301b821965696e7361747a6e6163686265617262656974756e672e6465301e821c656973656e68616d6d65722d65636b6572736d7565686c656e2e6465300e820c656c73656e646f72662e6465300e820c657262656e646f72662e6465300b8209657264696e672e6465300b82096572647765672e64653018821665726c616e67656e2d686f65636873746164742e64653016821465726c6562656e7377656c742d726f74682e64653016821466616d696c69656e6c616e646b726569732e6465301b821966657269656e726567696f6e2d73746966746c616e642e6465300a820866666761702e6465300c820a66696e73696e672e6465300e820c666c6164756e67656e2e646530138211666c75766975732d6d757365756d2e6465300d820b666f72737465726e2e646530198217667261656e6b6973636865737365656e6c616e642e6465300e820c667261756e626572672e646530198217667265697a6569746275732d62617972657574682e646530128210667265697a6569742d706173732e646530128210667265697a6569742d726f74682e6465300c820a66726579756e672e64653013821166726f6e74656e68617573656e2e636f6d3012821066726f6e74656e68617573656e2e646530258223667565727374656e66656c64627275636b65722d70666c656765626f657273652e6465300e820c66756e6472656963682e6465301b821966756e6472656963682d7468616c6d61657373696e672e646530098207676170612e636330098207676170612e6465301482126764652d66656c646b69726368656e2e64653012821067656973656c686f6572696e672e64653014821267656d65696e64652d617474696e672e64653013821167656d65696e64652d6272756e6e2e64653017821567656d65696e64652d64657565726c696e672e64653014821267656d65696e64652d68617573656e2e64653014821267656d65696e64652d6d65656465722e64653013821167656d65696e64652d706165686c2e64653019821767656d65696e64652d7061726b7374657474656e2e64653012821067656d65696e64652d7261696e2e64653012821067656d65696e64652d726f68722e64653016821467656d65696e64652d737465696e6163682e64653016821467656d65696e64652d737465696e6163682e65753016821467656d65696e64652d776573736c696e672e6465302c822a676573636861656674737374656c6c656e7a7765636b76657262616e642d737472617562696e672e646530188216676573756e646865697473616d742d726f74682e64653019821767657765726265666c61656368656e2d726f74682e646530158213676577657262656765626965742d61362e6465301f821d676577657262656765626965742d6c69636874656e61752d61362e64653011820f677265646c2d7261647765672e6465301982176772756e64736368756c652d737465696e6163682e64653012821067732d77616c6473617373656e2e6465300d820b6777692d696e666f2e6465301b821967796d6e617369756d2d68696c706f6c74737465696e2e6465301a821867796d6e617369756d2d77656e64656c737465696e2e6465300f820d686167656c73746164742e6465301282106865626572747368617573656e2e6465300c820a6865696465636b2e6465300c820a6865696465636b2e6575301e821c6865696d706c61747a73756368652d726567656e73627572672e6465300a820868656d61752e646530138211686572726e6769657273646f72662e6465300d820b68657573747265752e646530198217686973746f726973636865732d6865696465636b2e6465300f820d686f65726c6b6f66656e2e646530088206686f662e6465300f820d68756e646572646f72662e64653010820e6968726c6572737465696e2e6465300f820d696e64657273646f72662e6465300c820a69726c626163682e6465300982076973656e2e6465300d820b69736d616e696e672e6465300a82086a617265672e6465301b82196a656465722d627565726765722d65696e2d6575726f2e6465301382116a7567656e64616d742d726f74682e6465300e820c6b616c6c6d75656e7a2e64653010820e6b616d6d6572737465696e2e6465300e820c6b61726c7366656c642e6465301b82196b61727066656e7363686d65636b6572776f6368656e2e6465300c820a6b62692d7061662e6465300c820a6b656c6865696d2e6465300c820a6b656d7074656e2e6465301282106b6967612d7265697373696e672e6465300e820c6b69726368726f74682e6465301582136b6974612d6b616d6d6572737465696e2e6465301882166b6974612d6f6265727363686e656964696e672e6465300d820b6b6a722d726f74682e6465301c821a6b6c6f657070656c736368756c652d6162656e626572672e6465300e820c6b6f65666572696e672e6465300e820c6b6f65736368696e672e6465301f821d6b6f6d626e2d6c616e646b726569732d726567656e73627572672e6465300e820c6b6f6d626e2d7374612e6465300c820a6b6f6e7a656c6c2e6465300d820b6b726569732d616e2e6465300d820b6b726569732d616e2e6575301c821a6b726569736269626c696f7468656b2d6b726f6e6163682e6465301982176b7265697362696c647374656c6c652d726f74682e6465300d820b6b726569732d62742e6465300e820c6b726569732d646c672e6465300d820b6b726569732d65692e6465300e820c6b726569732d6666622e6465300e820c6b726569732d6666622e6575301982176b726569736a7567656e6472696e672d726f74682e6465300c820a6b726569732d6d2e6465300e820c6b726569732d6e65612e6465300e820c6b726569732d7061662e6465300d820b6b726569732d72682e65753011820f6b726569737461672d6666622e64653011820f6b726569737461672d6d696c2e6465300e820c6b726569732d7469722e64653010820e6b72756d6d656e6e6161622e6465300c820a6b756c6d61696e2e6465301982176b756c7475722d61736368616666656e627572672e6465301e821c6b756c74757273746164742d61736368616666656e627572672e6465301582136b756e7374756e64636172696c6c6f6e2e6465300c820a6c616c6c696e672e6465301a82186c616e646b726569732d616e73626163682e62617965726e301582136c616e646b72656973616e73626163682e6465301682146c616e646b726569732d616e73626163682e6465301582136c616e646b72656973616e73626163682e6575301682146c616e646b726569732d616e73626163682e6575301782156c616e646b726569732d61756773627572672e6465301782156c616e646b726569732d62617972657574682e6465301382116c616e646b726569732d6368616d2e6465301582136c616e646b726569732d636f627572672e6465301582136c616e646b726569732d6461636861752e6465301982176c616e646b726569732d64656767656e646f72662e6465301882166c616e646b726569732d64696c6c696e67656e2e6465301882166c616e646b726569732d64696c6c696e67656e2e65753020821e6c616e646b726569732d64696e676f6c66696e672d6c616e6461752e6465301982176c616e646b726569732d656963687374616574742e6465301282106c616e646b726569732d6672672e6465301582136c616e646b726569732d6675657274682e6465301282106c616e646b726569732d6761702e6465301282106c616e646b726569732d686f662e6465301682146c616e646b726569732d6b656c6865696d2e6465301682146c616e646b726569732d6b726f6e6163682e6465301782156c616e646b726569732d6b756c6d626163682e6465301782156c616e646b726569732d6d75656e6368656e2e6465301982176c616e646b726569732d6f7374616c6c676165752e6465301b82196c616e646b726569732d7066616666656e686f66656e2e6465301482126c616e646b726569732d726567656e2e6465301982176c616e646b726569732d726567656e73627572672e6465301882166c616e646b726569732d726f73656e6865696d2e6465301282106c616e646b72656973726f74682e6465301382116c616e646b726569732d726f74682e6465301282106c616e646b72656973726f74682e6575301382116c616e646b726569732d726f74682e6575301e821c6c616e646b726569732d737472617562696e672d626f67656e2e6465301882166c616e646b726569732d777565727a627572672e6465301882166c616e646b726569732d77756e73696564656c2e6465301c821a6c616e6472617473616d742d616e73626163682e62617965726e301882166c616e6472617473616d742d616e73626163682e6465301982176c616e6472617473616d742d62617972657574682e6465301782156c616e6472617473616d742d6461636861752e6465301782156c616e6472617473616d742d657264696e672e6465301482126c616e6472617473616d742d6761702e6465301482126c616e6472617473616d742d7061662e6465301b82196c616e6472617473616d742d726567656e73627572672e6465301682146c616e6472617473616d742d726f74682e636f6d301482126c616e6472617473616d74726f74682e6465301582136c616e6472617473616d742d726f74682e6465301482126c616e6472617473616d74726f74682e6575301582136c616e6472617473616d742d726f74682e6575300d820b6c616e64736875742e6465301282106c616e6766757274682e62617965726e300e820c6c616e6766757274682e6575300e820c6c616e6771756169642e64653010820e6c617070657273646f72662e6465300e820c6c6569626c66696e672e6465300d820b6c656e67646f72662e6465300c820a6c656e74696e672e6465301282106c69636874656e61752e62617965726e300c820a6c6b722d62676c2e6465300c820a6c6b722d6e65742e6465300c820a6c6b722d7469722e64653011820f6c6b2d737461726e626572672e6465300b82096c72612d61622e64653010820e6c72612d6169632d6664622e6465301482126c72612d616e73626163682e62617965726e3010820e6c72612d616e73626163682e6465300c820a6c72612d616f652e6465300c820a6c72612d62676c2e6465301382116c72612d646f6e61752d726965732e6465300b82096c72612d65642e6465300c820a6c72612d6572682e6465300c820a6c72612d6666622e6465300c820a6c72612d6666622e6575300c820a6c72612d6761702e6465300c820a6c72612d6d75652e6465300b82096c72612d6f612e6465301482126c72612d6f7374616c6c676165752e6f7267300c820a6c72612d7061662e6465300c820a6c7261726f74682e6465300d820b6c72612d726f74682e6465301282106c72612d737461726e626572672e6465300a82086c726173772e6465300e820c6c72612d746f656c7a2e6465300b82096c72612d776d2e6465300d820b6d61656872696e672e6465300d820b6d61696e627572672e64653010820e6d616c6c657273646f72662e6465300c820a6d616d6d696e672e6465301882166d61726b742d66726f6e74656e68617573656e2e6465300d820b6d61726b746761702e6465300e820c6d61726b746761702e6e6574301582136d61726b742d696e64657273646f72662e64653011820f6d61726b742d6c61616265722e6465301782156d61726b746c69636874656e61752e62617965726e301482126d61726b742d6c69636874656e61752e64653011820f6d61726b742d6d657474656e2e6465300f820d6d61726b742d726f68722e6465301582136d61726b742d7363686f70666c6f63682e64653010820e6d61726b7477696e7a65722e6465301482126d61782d72656765722d68616c6c652e64653011820f6d61787265676572746167652e6465302482226d656469656e7a656e7472756d2d726567656e736275726765722d6c616e642e6465300e820c6d656d6d696e67656e2e64653010820e6d696e7472616368696e672e6465301c821a6d697474656c736368756c652d77616c6473617373656e2e6465300f820d6d697474657266656c732e64653010820e6d697474657274656963682e6465301682146d6f62696c2d7061726b7374657474656e2e6465300f820d6d6f65726e736865696d2e6465300f820d6d6f6f73696e6e696e672e64653011820f6d6f6f737468656e6e696e672e6465301482126d757365656e2d6162656e626572672e6465301982176d757365656e2d61736368616666656e627572672e64653010820e6d757365656e2d726f74682e6465301b82196d757365756d736c616e647363686166742d726f74682e6465302282206d757365756d7371756172746965722d746972736368656e72657574682e6465300a82086d7a2d6c612e6465300c820a6d7a726567656e2e6465301c821a6e617475726261642d6f6265727363686e656964696e672e6465301282106e6575616c62656e72657574682e6465300e820c6e65756269626572672e6465301b82196e6575627572672d736368726f62656e68617573656e2e6465300d820b6e657573746164742e6465301382116e657573746164742d646f6e61752e64653011820f6e657574726175626c696e672e6465301282106e6965646572616c74656963682e6465301282106e69656465726d6f747a696e672e6575300f820d6e697474656e646f72662e6465300e820c6e7565726e626572672e6465301582136e7565726e6265726765722d6c616e642e6465300d820b6f62657264696e672e64653010820e6f626572656c73626163682e64653010820e6f6265726d6f747a696e672e6575301382116f6265727363686e656964696e672e6465301282106f62657274726175626c696e672e6465300f820d6f7374616c6c676165752e6465300f820d6f73746572686f66656e2e6465300c820a6f73746865696d2e6465301582136f77612d67726f73736d656872696e672e6465300c820a7061696e74656e2e6465301682147061726b656e2d726f7468656e627572672e64653010820e7061726b7374657474656e2e6465300e820c70617374657474656e2e6465300c820a70656974696e672e6465300d820b70656e7a626572672e6465300b82097065726b616d2e6465300b82097065726b616d2e6575301282107065746572736175726163682e636f6d3011820f7065746572736175726163682e64653011820f7065746572736175726163682e6575301382117065746572736175726163682e696e666f301282107065746572736175726163682e6f72673011820f70657465727368617573656e2e6465300f820d70657474656e646f72662e6465300d820b7066616b6f66656e2e6465300c820a706661747465722e64653015821370666c656765626f657273652d6666622e6465301b821970666c65676573747565747a70756e6b742d726f74682e64653010820e7069656c656e686f66656e2e6465300c820a70696c6c696e672e6575300e820c706c6174746c696e672e6465300f820d706c6f657373626572672e6465300d820b707563686865696d2e6465300d820b7261646c646f72662e6575300982077261696e2e6575300d820b7261697374696e672e6465301b821972617473696e666f2d73636877616e7374657474656e2e6465300c820a7265616c7267622e6465301c821a7265616c736368756c652d68696c706f6c74737465696e2e6465301e821c7265616c736368756c652d6e657573746164742d61697363682e6465300f820d726567656e73627572672e6465300f820d726567656e73746175662e646530148212726567696f6e2d62617972657574682e6465301382117265696368656e73636877616e642e64653012821072656963687373746164742e696e666f3016821472656963687373746164746d757365756d2e64653018821672656963687373746164746d757365756d2e696e666f301582137265696368737374616474746167652e636f6d300d820b7265697373696e672e6465301482127265697465726c65736d61726b742e636f6d301582137265697465726c65736d61726b742e696e666f3010820e72657574682d622d6572622e64653013821172686f656e2d6772616266656c642e6465300f820d72696564656e627572672e6465300b820972696e6b616d2e6575300e820c726f6568726d6f6f732e64653010820e726f657474656e626163682e646530098207726f68722e6575300d820b726f68722d6d66722e6465300e820c726f73656e6865696d2e646530138211726f7468656e627572672e62617965726e300f820d726f7468656e627572672e6465300f820d726f7468656e627572672e65753021821f726f7468656e6275726765722d6d6165726368656e7a61756265722e636f6d300c820a726f74687365652e6465300c820a726f74687365652e6575300f820d726f7474616c2d696e6e2e6465300d820b727565676c616e642e6465300b8209727a6c72612e6e6574300f820d7361616c2d646f6e61752e6465300c820a7361696c6175662e64653013821173616e64626572672d72686f656e2e64653010820e7363686e656c6c646f72662e6465301d821b7363686f70666c6f63682d6d697474656c6672616e6b656e2e6465301a821873636875656c6572776f686e6865696d2d726f74682e6465300f820d736368756c652d686f662e6465301a8218736368756c652d6f6265727363686e656964696e672e6465301a8218736368756c6b696e6f776f6368652d62617965726e2e64653021821f73636877616e6765722d696d2d6c616e646b726569732d726567656e2e64653019821773636877616e6765722d696e2d616e73626163682e64653015821373636877616e6765722d696e2d6666622e64653023822173636877616e6765722d696e2d667565727374656e66656c64627275636b2e64653016821473636877616e6765722d696e2d726f74682e6465301b821973636877616e6765722d696e2d7363687761626163682e64653012821073636877616e7374657474656e2e64653010820e7363687765696e667572742e64653009820773656c622e64653015821373656c62737468696c66652d726f74682e64653012821073656e696f72656e2d726f74682e6465300c820a73696e7a696e672e6465300e820c736f6e74686f66656e2e64653014821273706572726d75656c6c2d726f74682e64653014821273746164742d6162656e73626572672e64653022822073746164746269626c696f7468656b2d61736368616666656e627572672e6465300e820c73746164742d686f662e6465300e820c7374616474686f662e6f7267300f820d73746164742d686f662e6f7267301f821d7374616474746865617465722d61736368616666656e627572672e64653018821673746164742d746972736368656e72657574682e6465301b821973746164742d7761737365727472756564696e67656e2e6465300d820b737465696e6163682e6575301a8218737465696e6163682d6e696564657262617965726e2e6465301a8218737465696e6163682d6e696564657262617965726e2e6575301282107374726173736b69726368656e2e646530148212737472617562696e672d626f67656e2e64653013821173742d776f6c6667616e672d6f622e6465300e820c7375656e6368696e672e6465300d820b73756c7a626572672e64653015821373796e632d747261756e737465696e2e636f6d300b82097461696e65742e64653010820e746175666b69726368656e2e6465300f820d74656765726e6865696d2e6465300a8208746575676e2e64653010820e7468616c6d617373696e672e64653010820e747261756e737465696e2e636f6d3010820e75726c6175622d726f74682e64653021821f76657277616c74756e677367656d65696e7363686166742d7261696e2e64653021821f76657277616c74756e677367656d65696e7363686166742d7261696e2e6575300e820c7667656d2d7261696e2e6465300e820c7667656d2d7261696e2e6575301582137667656d2d7363686f656c6c6e6163682e6465301482127667656d2d7363687761727a6163682e64653015821376672d6d656c6c7269636873746164742e64653013821176672d6d657370656c6272756e6e2e64653014821276672d6f6265726e65756368696e672e6465300c820a76672d7261696e2e65753014821276672d737465696e6b69726368656e2e64653015821376672d7374726173736b69726368656e2e64653012821076672d77656968656e7a656c6c2e6465300e820c7668672d626f67656e2e6465301482127668732d6c6b722d616e73626163682e646530128210766f6c6b656e73636877616e642e6465300f820d76732d6865696465636b2e64653010820e7761686c656e2d726f74682e64653011820f77616c646b726169627572672e6465300f820d77616c6473617373656e2e64653011820f77616c6473617373656e2e696e666f300f820d77617274656e626572672e6465301982177761737365727175616c69746165742d726f74682e6465301982177761737365727472756564696e67656e2e62617965726e301582137761737365727472756564696e67656e2e6465301782157761737365727472756564696e67656e2e696e666f301682147761737365727472756564696e67656e2e6e6574302882267761737365727a7765636b76657262616e642d6169747261636874616c6772757070652e6465302682247761737365727a7765636b76657262616e642d62756368626572676772757070652e6465302282207761737365727a7765636b76657262616e642d68756e646572646f72662e6465302582237761737365727a7765636b76657262616e642d69726c626163686772757070652e6465302782257761737365727a7765636b76657262616e642d737069747a626572676772757070652e64653011820f776569626572736272756e6e2e6465300b82097765696368732e6465300b820977656964656e2e64653017821577656964656e2d746f757269736d75732e696e666f300f820d77656968656e7a656c6c2e6465300d820b7765696c6865696d2e6465301682147765696c6865696d2d7363686f6e6761752e64653011820f7765697373656e73746164742e6465300f820d77656e7a656e626163682e6465300f820d7769656c656e626163682e6465300f820d77696573656e646f72662e65753011820f77696573656e66656c64656e2e6465300c820a77696573656e742e6465301f821d7769727473636861667473666f6572646572756e672d726f74682e6465301e821c7769727473636861667473736368756c652d67726564696e672e64653011820f776f657274682d646f6e61752e646530238221776f686c667565686c726567696f6e2d6669636874656c676562697267652e6465300d820b776f6c66736567672e6465300e820c777565727a627572672e6465300d820b7a6569746c61726e2e6465300a87083e996cd8fffffff8300a8708c11cf000ffffff00300a8708c11cf100ffffff00300a8708c11cf200ffffff00300a8708c11cf300ffffff00300a8708c11cf400ffffff00300a8708c11cf500ffffff00300a8708c11cf600ffffff00300a8708c11cf700ffffff00300a8708c11cf800ffffff00300a8708c11cf900ffffff00300a87083e9abdc0fffffff8300a87085095a4d0fffffff8300a8708c3f3c3f8fffffff8300a8708c3f3e008fffffff8300a8708d4b96480fffffff8300a8708509c0b50fffffff8300a8708d9f3eec0fffffff8300a870850968be0ffffffe0300a8708511ba933ffffffff300a87083e9cb873ffffffff300a87083e9dd633ffffffff300a87083e9f801effffffff300a87085096d4ebffffffff300a87085096f558fffffff8300a8708d5b39bfbffffffff303da43b3039310b3009060355040613024445310f300d0603550408130642617965726e31193017060355040a13104672656973746161742042617965726e'), NameConstraints);

AsnConvert an array to a Set

I need to convert an array of Attributes to an encoded Set, however passing a raw array to AsnConvert results in Error: Cannot get schema for 'Array' target (unsurprisingly).

example code:

const { AsnConvert } = require('@peculiar/asn1-schema');
const { Attribtue } = require('@peculiar/asn1-cms');
const { id_pkcs9_at_messageDigest } = require('@peculiar/asn1-pkcs9');

const attributes = [new Attribute({
  attrType: id_pkcs9_at_messageDigest,
  attrValues: [Buffer.from(...)],
});

const encoded = AsnConvert.serialize(attributes); // errors

Internet Attribute Certificate RFC change

Package: @peculiar/asn1-x509-attr

Check and create a report about use new rfc5755 instead of rfc3281.

Add pfx schema

Schema name: pfx
RFC 7292

npm run create pfx

Add x509-logotype schema

Schema name: x509-logotype
RFC 3709

npm run create x509-logotype

Problem with Security Officer Adding into System Group

There seems to be an issue with adding members to the system group within the current implementation. Presently, only the administrator and owner are being added to the system group. The system group is automatically associated with all keys and grants members the ability to view all organization keys. However, the newly added Security Officer role is not being included in the system group. Additionally, comprehensive testing should be implemented to ensure proper functionality.

Avoid `proto` usage

See

asn1-schema/packages/schema/src/schema.ts

Line 197 in 28d0b6e

const parent = (target as any).__proto__;

This throw when running node with --disable-proto=throw

SubjectKeyIdentifier value in Certificate extension is prefixed with 0414

This is probably related to/a follow-up from PeculiarVentures/PKI.js#324

When parsing an RPKI manifest, the sid in the signerInfo does not match the SubjectKeyIdentifier in the signedData's certificate its SubjectKeyIdentifier extension.

value from the sid: cd7291544e735cc5006f097b8ab41fd18752757e
value from the certificates extension: 0414cd7291544e735cc5006f097b8ab41fd18752757e

When debugging it appears that SubjectKeyIdentifier values always have a 0414 prefix.

Expected behaviour

When parsing the certificate (ripe-ncc-ta.cer) in ripe-ncc-ta.zip, the SubjectKeyIdentifier is as follows:

$ openssl x509 -in ripe-ncc-ta.cer -inform DER -noout -text | grep "Subject Key" --before=1 --after=3
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                E8:55:2B:1F:D6:D1:A4:F7:E4:04:C6:D8:E5:68:0D:1E:BC:16:3F:C3
            X509v3 Basic Constraints: critical
                CA:TRUE

Actual behaviour

The value of the extension read is

SubjectKeyIdentifier: 0414e8552b1fd6d1a4f7e404c6d8e5680d1ebc163fc3

Steps to reproduce

import { AsnConvert, AsnParser } from "@peculiar/asn1-schema";
import { Certificate, id_ce_subjectKeyIdentifier } from "@peculiar/asn1-x509";

const rpkiCertB64 = "MIIECjCCAvKgAwIBAgICAMkwDQYJKoZIhvcNAQELBQAwFjEUMBIGA1UEAxMLcmlwZS1uY2MtdGEwIBcNMTcxMTI4MTQzOTU1WhgPMjExNzExMjgxNDM5NTVaMBYxFDASBgNVBAMTC3JpcGUtbmNjLXRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0URYSGqUz2myBsOzeW1jQ6NsxNvlLMyhWknvnl8NiBCs/T/S2XuNKQNZ+wBZxIgPPV2pFBFeQAvoH/WK83HwA26V2siwm/MY2nKZ+Olw+wlpzlZ1p3Ipj2eNcKrmit8BwBC8xImzuCGaV0jkRB0GZ0hoH6Ml03umLprRsn6v0xOP0+l6Qc1ZHMFVFb385IQ7FQQTcVIxrdeMsoyJq9eMkE6DoclHhF/NlSllXubASQ9KUWqJ0+Ot3QCXr4LXECMfkpkVR2TZT+v5v658bHVs6ZxRD1b6Uk1uQKAyHUbn/tXvP8lrjAibGzVsXDT2L0x4Edx+QdixPgOji3gBMyL2VwIDAQABo4IBXjCCAVowHQYDVR0OBBYEFOhVKx/W0aT35ATG2OVoDR68Fj/DMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMIGxBggrBgEFBQcBCwSBpDCBoTA8BggrBgEFBQcwCoYwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvcmlwZS1uY2MtdGEubWZ0MDIGCCsGAQUFBzANhiZodHRwczovL3JyZHAucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDAtBggrBgEFBQcwBYYhcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwJwYIKwYBBQUHAQcBAf8EGDAWMAkEAgABMAMDAQAwCQQCAAIwAwMBADAhBggrBgEFBQcBCAEB/wQSMBCgDjAMMAoCAQACBQD/////MA0GCSqGSIb3DQEBCwUAA4IBAQAVgJjrZ3wFppC8Yk8D2xgzwSeWVT2vtYq96CQQsjaKb8nbeVz3DwcS3a7RIsevrNVGo43k3AGymg1ki+AWJjvHvJ+tSzCbn5+X6Z7AfYTf2g37xINVDHru0PTQUargSMBAz/MBNpFG8KThtT7WbJrK4+f/lvx0m8QOlYm2a17iXS3AGQJ6RHcq9ADscqGdumxmMMDjwED26bGaYdmru1hNIpwF//jVM/eRjBFoPHKFlx0kLd/yoCQNmx1kW+xANx4uyWxi/DYgSV7Oynq+C60OucW+d8tIhkblh8+YfrmukJdsV+vo2L72yerdbsP9xjqvhZrLKfsLZjYK4SdYYthi";

const rpkiCertBuffer = Buffer.from(rpkiCertB64, "base64");

const rpkiCert = AsnConvert.parse(rpkiCertBuffer, Certificate);
const certSKI = rpkiCert.tbsCertificate.extensions?.find(ext => ext.extnID === id_ce_subjectKeyIdentifier);

console.log(`SKI: ${Buffer.from(certSKI?.extnValue.buffer || "").toString("hex")}`);

Certificate Transparency extension

Please add extension CertificateTransparency (1.3.6.1.4.1.11129.2.4.2) to the package

Example:

AsnParser.parse(Convert.FromHex('0481f200f0007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed18500000170ac4b55f8000004030047304502206f7acb0532ea7ebf8ac7bc6db361e9b945d99406ad995c0d50ddd1b0326c5781022100deef6adaa4c33ca25b8a09dbdc028f13faeaa18a5fada7bf065037afa4f8cfb90076005614069a2fd7c2ecd3f5e1bd44b23ec74676b9bc99115cc0ef949855d689d0dd00000170ac4b564a0000040300473045022100963c275d34cf37ab3fc249a25b1197b4a3968359a5baea1bbb2ef1c1d9f06bb102204a58c43591b68d3f20bdbd6b87c62ce186421af4a6c4039451d07280b7b25573'), CertificateTransparency);

Output example:

https://tools.ietf.org/html/rfc6962

Add LEI package

Microsoft CertificateTemplate templateMinorVersion type

templateMinorVersion type must be INTEGER (using description from https://github.com/PeculiarVentures/asn1-schema/blob/master/packages/x509-microsoft/src/attributes/extensions/certificate_template.ts#L8), but I see string after parse:

Ambiguity around intended runtime environment of these packages

I'm using several of your excellent schemas in a Typescript-authored node library, which to date have seemingly worked fine. Here's how I declare them in my library's package.json list of "dependencies":

"@peculiar/asn1-android": "^2.0.38",
"@peculiar/asn1-schema": "^2.0.38",
"@peculiar/asn1-x509": "^2.0.38",

Unfortunately recently my builds are failing in CI with the following type errors:

node_modules/asn1js/build/index.d.ts:117:25 - error TS2304: Cannot find name 'BufferSource'.

117     valueBeforeDecode?: BufferSource;
                            ~~~~~~~~~~~~

node_modules/asn1js/build/index.d.ts:167:15 - error TS2304: Cannot find name 'BufferSource'.

167     valueHex: BufferSource;
                  ~~~~~~~~~~~~

node_modules/asn1js/build/index.d.ts:1323:39 - error TS2304: Cannot find name 'BufferSource'.

1323 declare function fromBER(inputBuffer: BufferSource): FromBerResult;
                                           ~~~~~~~~~~~~

node_modules/asn1js/build/index.d.ts:1354:44 - error TS2304: Cannot find name 'BufferSource'.

1354 declare function verifySchema(inputBuffer: BufferSource, inputSchema: AsnSchemaType): CompareSchemaResult;
                                                ~~~~~~~~~~~~

Doing some digging, at some point since v2.0.38 of the three schema libs above, asn1js started referencing types which are only defined in TypeScript's "DOM" lib. And indeed, adding the following to my Node library's tsconfig.json fixed these errors:

"lib": [
  "DOM",
],

I no longer reference "DOM" in my library's tsconfig.json because my library is only intended to work in Node; and in fact referencing "DOM" like this can lead to typing issues with things like (for sake of example) setTimeout() because its return types between Node and browser environments are slightly different.

So that brings me to my question: are these libraries only intended to be used in a browser? I ask because asn1js underpins the functionality of these schema libraries, and states the following:

ASN1js is the first library for BER encoding/decoding in Javascript designed for browser use.

Does that mean these schema libraries should never have been used in my Node library in the first place? I've not yet had any issues using them like this, but if asn1js's types are going to assume the code is running in a DOM then it's making me wonder if I should reconsider and find an alternative.

If these schema libraries are also intended for use in Node, then the type definitions in asn1js need further consideration to help ensure Node-based TypeScript projects can reference the proper types without needing to reference the likely irrelevant TypeScript "DOM" lib.

If these schema libraries are only intended for use in browsers then I think asn1-schema could benefit from clearer messaging specifying this expected runtime environment restriction.