1 | "use strict";
|
2 |
|
3 | Object.defineProperty(exports, "__esModule", {
|
4 | value: true
|
5 | });
|
6 | exports.default = generateCertificate;
|
7 |
|
8 | var _nodeForge = _interopRequireDefault(require("node-forge"));
|
9 |
|
10 | var _path = _interopRequireDefault(require("path"));
|
11 |
|
12 | var _logger = _interopRequireDefault(require("@parcel/logger"));
|
13 |
|
14 | function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
|
15 |
|
16 | async function generateCertificate(fs, cacheDir, host) {
|
17 | let certDirectory = cacheDir;
|
18 |
|
19 | const privateKeyPath = _path.default.join(certDirectory, 'private.pem');
|
20 |
|
21 | const certPath = _path.default.join(certDirectory, 'primary.crt');
|
22 |
|
23 | const cachedKey = (await fs.exists(privateKeyPath)) && (await fs.readFile(privateKeyPath));
|
24 | const cachedCert = (await fs.exists(certPath)) && (await fs.readFile(certPath));
|
25 |
|
26 | if (cachedKey && cachedCert) {
|
27 | return {
|
28 | key: cachedKey,
|
29 | cert: cachedCert
|
30 | };
|
31 | }
|
32 |
|
33 | _logger.default.progress('Generating SSL Certificate...');
|
34 |
|
35 | const pki = _nodeForge.default.pki;
|
36 | const keys = pki.rsa.generateKeyPair(2048);
|
37 | const cert = pki.createCertificate();
|
38 | cert.publicKey = keys.publicKey;
|
39 | cert.serialNumber = Date.now().toString();
|
40 | cert.validity.notBefore = new Date();
|
41 | cert.validity.notAfter = new Date();
|
42 | cert.validity.notAfter.setFullYear(cert.validity.notBefore.getFullYear() + 1);
|
43 | const attrs = [{
|
44 | name: 'commonName',
|
45 | value: 'parceljs.org'
|
46 | }, {
|
47 | name: 'countryName',
|
48 | value: 'US'
|
49 | }, {
|
50 | shortName: 'ST',
|
51 | value: 'Virginia'
|
52 | }, {
|
53 | name: 'localityName',
|
54 | value: 'Blacksburg'
|
55 | }, {
|
56 | name: 'organizationName',
|
57 | value: 'parcelBundler'
|
58 | }, {
|
59 | shortName: 'OU',
|
60 | value: 'Test'
|
61 | }];
|
62 | let altNames = [{
|
63 | type: 2,
|
64 |
|
65 | value: 'localhost'
|
66 | }, {
|
67 | type: 7,
|
68 |
|
69 | ip: '127.0.0.1'
|
70 | }];
|
71 |
|
72 | if (host) {
|
73 | altNames.push({
|
74 | type: 2,
|
75 |
|
76 | value: host
|
77 | });
|
78 | }
|
79 |
|
80 | cert.setSubject(attrs);
|
81 | cert.setIssuer(attrs);
|
82 | cert.setExtensions([{
|
83 | name: 'basicConstraints',
|
84 | cA: false
|
85 | }, {
|
86 | name: 'keyUsage',
|
87 | keyCertSign: true,
|
88 | digitalSignature: true,
|
89 | nonRepudiation: true,
|
90 | keyEncipherment: true,
|
91 | dataEncipherment: true
|
92 | }, {
|
93 | name: 'extKeyUsage',
|
94 | serverAuth: true,
|
95 | clientAuth: true,
|
96 | codeSigning: true,
|
97 | emailProtection: true,
|
98 | timeStamping: true
|
99 | }, {
|
100 | name: 'nsCertType',
|
101 | client: true,
|
102 | server: true,
|
103 | email: true,
|
104 | objsign: true,
|
105 | sslCA: true,
|
106 | emailCA: true,
|
107 | objCA: true
|
108 | }, {
|
109 | name: 'subjectAltName',
|
110 | altNames
|
111 | }, {
|
112 | name: 'subjectKeyIdentifier'
|
113 | }]);
|
114 | cert.sign(keys.privateKey, _nodeForge.default.md.sha256.create());
|
115 | const privPem = pki.privateKeyToPem(keys.privateKey);
|
116 | const certPem = pki.certificateToPem(cert);
|
117 | await fs.mkdirp(certDirectory);
|
118 | await fs.writeFile(privateKeyPath, privPem);
|
119 | await fs.writeFile(certPath, certPem);
|
120 | return {
|
121 | key: privPem,
|
122 | cert: certPem
|
123 | };
|
124 | } |
\ | No newline at end of file |