{"version":3,"file":"extensions.mjs","names":[],"sources":["../../../../src/modules/x509/utils/extensions.ts"],"sourcesContent":["import {\n  AuthorityKeyIdentifierExtension,\n  BasicConstraintsExtension,\n  CRLDistributionPointsExtension,\n  ExtendedKeyUsageExtension,\n  IssuerAlternativeNameExtension,\n  KeyUsagesExtension,\n  SubjectAlternativeNameExtension,\n  SubjectKeyIdentifierExtension,\n} from '@peculiar/x509'\nimport { Hasher } from '../../../crypto/hashes/Hasher'\nimport { publicJwkToSpki } from '../../../crypto/webcrypto/utils'\nimport { TypedArrayEncoder } from '../../../utils'\nimport { PublicJwk } from '../../kms'\nimport type { X509CertificateExtensionsOptions } from '../X509ServiceOptions'\n\nexport const createSubjectKeyIdentifierExtension = (\n  options: X509CertificateExtensionsOptions['subjectKeyIdentifier'],\n  additionalOptions: { publicJwk: PublicJwk }\n) => {\n  if (!options || !options.include) return\n\n  const spki = publicJwkToSpki(additionalOptions.publicJwk)\n  const hash = Hasher.hash(new Uint8Array(spki.subjectPublicKey), 'SHA-1')\n\n  return new SubjectKeyIdentifierExtension(TypedArrayEncoder.toHex(hash))\n}\n\nexport const createKeyUsagesExtension = (options: X509CertificateExtensionsOptions['keyUsage']) => {\n  if (!options) return\n\n  const flags = options.usages.reduce((prev, curr) => prev | curr, 0)\n\n  return new KeyUsagesExtension(flags, options.markAsCritical)\n}\n\nexport const createExtendedKeyUsagesExtension = (options: X509CertificateExtensionsOptions['extendedKeyUsage']) => {\n  if (!options) return\n\n  return new ExtendedKeyUsageExtension(options.usages, options.markAsCritical)\n}\n\nexport const createAuthorityKeyIdentifierExtension = (\n  options: X509CertificateExtensionsOptions['authorityKeyIdentifier'],\n  additionalOptions: { publicJwk: PublicJwk }\n) => {\n  if (!options) return\n\n  const spki = publicJwkToSpki(additionalOptions.publicJwk)\n  const hash = Hasher.hash(new Uint8Array(spki.subjectPublicKey), 'SHA-1')\n\n  return new AuthorityKeyIdentifierExtension(TypedArrayEncoder.toHex(hash), options.markAsCritical)\n}\n\nexport const createIssuerAlternativeNameExtension = (\n  options: X509CertificateExtensionsOptions['issuerAlternativeName']\n) => {\n  if (!options) return\n\n  return new IssuerAlternativeNameExtension(options.name, options.markAsCritical)\n}\n\nexport const createSubjectAlternativeNameExtension = (\n  options: X509CertificateExtensionsOptions['subjectAlternativeName']\n) => {\n  if (!options) return\n\n  return new SubjectAlternativeNameExtension(options.name, options.markAsCritical)\n}\n\nexport const createBasicConstraintsExtension = (options: X509CertificateExtensionsOptions['basicConstraints']) => {\n  if (!options) return\n\n  return new BasicConstraintsExtension(options.ca, options.pathLenConstraint, options.markAsCritical)\n}\n\nexport const createCrlDistributionPointsExtension = (\n  options: X509CertificateExtensionsOptions['crlDistributionPoints']\n) => {\n  if (!options) return\n\n  return new CRLDistributionPointsExtension(options.urls, options.markAsCritical)\n}\n"],"mappings":";;;;;;;;;;;AAgBA,MAAa,uCACX,SACA,sBACG;AACH,KAAI,CAAC,WAAW,CAAC,QAAQ,QAAS;CAElC,MAAM,OAAO,gBAAgB,kBAAkB,UAAU;CACzD,MAAM,OAAO,OAAO,KAAK,IAAI,WAAW,KAAK,iBAAiB,EAAE,QAAQ;AAExE,QAAO,IAAI,8BAA8B,kBAAkB,MAAM,KAAK,CAAC;;AAGzE,MAAa,4BAA4B,YAA0D;AACjG,KAAI,CAAC,QAAS;AAId,QAAO,IAAI,mBAFG,QAAQ,OAAO,QAAQ,MAAM,SAAS,OAAO,MAAM,EAAE,EAE9B,QAAQ,eAAe;;AAG9D,MAAa,oCAAoC,YAAkE;AACjH,KAAI,CAAC,QAAS;AAEd,QAAO,IAAI,0BAA0B,QAAQ,QAAQ,QAAQ,eAAe;;AAG9E,MAAa,yCACX,SACA,sBACG;AACH,KAAI,CAAC,QAAS;CAEd,MAAM,OAAO,gBAAgB,kBAAkB,UAAU;CACzD,MAAM,OAAO,OAAO,KAAK,IAAI,WAAW,KAAK,iBAAiB,EAAE,QAAQ;AAExE,QAAO,IAAI,gCAAgC,kBAAkB,MAAM,KAAK,EAAE,QAAQ,eAAe;;AAGnG,MAAa,wCACX,YACG;AACH,KAAI,CAAC,QAAS;AAEd,QAAO,IAAI,+BAA+B,QAAQ,MAAM,QAAQ,eAAe;;AAGjF,MAAa,yCACX,YACG;AACH,KAAI,CAAC,QAAS;AAEd,QAAO,IAAI,gCAAgC,QAAQ,MAAM,QAAQ,eAAe;;AAGlF,MAAa,mCAAmC,YAAkE;AAChH,KAAI,CAAC,QAAS;AAEd,QAAO,IAAI,0BAA0B,QAAQ,IAAI,QAAQ,mBAAmB,QAAQ,eAAe;;AAGrG,MAAa,wCACX,YACG;AACH,KAAI,CAAC,QAAS;AAEd,QAAO,IAAI,+BAA+B,QAAQ,MAAM,QAAQ,eAAe"}