UNPKG

9.55 kBTypeScriptView Raw
1// Type definitions for PEM 1.9
2// Project: https://github.com/dexus/pem
3// Definitions by: Anthony Trinh <https://github.com/tony19>, Ruslan Arkhipau <https://github.com/DethAriel>
4// Definitions: https://github.com/DefinitelyTyped/DefinitelyTyped
5/// <reference types="node" />
6
7export interface ModuleConfiguration {
8 /**
9 * Path to OpenSSL binaries
10 */
11 pathOpenSSL: string;
12}
13
14export type PrivateKeyCipher = "aes128" | "aes192" | "aes256" | "camellia128" | "camellia192" | "camellia256" | "des" | "des3" | "idea" | string; // allow for additions in future
15
16export interface PrivateKeyCreationOptions {
17 cipher: PrivateKeyCipher;
18 password: string;
19}
20
21export interface Pkcs12CreationOptions {
22 cipher?: PrivateKeyCipher | undefined;
23 clientKeyPassword?: string | undefined;
24 certFiles?: string[] | undefined;
25}
26
27export interface Pkcs12ReadOptions {
28 p12Password?: string | undefined;
29 clientKeyPassword?: string | undefined;
30}
31
32export type HashFunction = 'md5' | 'sha1' | 'sha256' | string;
33export interface CSRCreationOptions {
34 /**
35 * Optional client key to use
36 */
37 clientKey?: string | undefined;
38 clientKeyPassword?: string | undefined;
39 /**
40 * If clientKey is undefined, bit size to use for generating a new key (defaults to 2048)
41 */
42 keyBitsize?: number | undefined;
43 /**
44 * Hash function to use, defaults to sha256
45 */
46 hash?: HashFunction | undefined;
47 /**
48 * CSR country field
49 */
50 country?: string | undefined;
51 /**
52 * CSR state field
53 */
54 state?: string | undefined;
55 /**
56 * CSR locality field
57 */
58 locality?: string | undefined;
59 /**
60 * CSR organization field
61 */
62 organization?: string | undefined;
63 /**
64 * CSR organizational unit field
65 */
66 organizationUnit?: string | undefined;
67 /**
68 * CSR common name field, defaults to 'localhost'
69 */
70 commonName?: string | undefined;
71 /**
72 * CSR email address field
73 */
74 emailAddress?: string | undefined;
75 /**
76 * CSR config file
77 */
78 csrConfigFile?: string | undefined;
79 /**
80 * A list of subjectAltNames in the subjectAltName field
81 */
82 altNames?: string[] | undefined;
83}
84
85export interface CertificateCreationOptions extends CSRCreationOptions {
86 /**
87 * Private key for signing the certificate, if not defined a new one is generated
88 */
89 serviceKey?: string | undefined;
90 /**
91 * Password of the service key
92 */
93 serviceKeyPassword?: string | undefined;
94 serviceCertificate?: any;
95 serial?: any;
96 /**
97 * If set to true and serviceKey is not defined, use clientKey for signing
98 */
99 selfSigned?: boolean | undefined;
100 /**
101 * CSR for the certificate, if not defined a new one is generated from the provided parameters
102 */
103 csr?: string | undefined;
104 /**
105 * Certificate expire time in days, defaults to 365
106 */
107 days?: number | undefined;
108 /**
109 * Password of the client key
110 */
111 clientKeyPassword?: string | undefined;
112 /**
113 * extension config file - without '-extensions v3_req'
114 */
115 extFile?: string | undefined;
116 /**
117 * extension config file - with '-extensions v3_req'
118 */
119 config?: string | undefined;
120}
121
122export interface CertificateCreationResult {
123 certificate: any;
124 csr: string;
125 clientKey: string;
126 serviceKey: string;
127}
128
129export interface CertificateSubjectReadResult {
130 country: string;
131 state: string;
132 locality: string;
133 organization: string;
134 organizationUnit: string;
135 commonName: string;
136 emailAddress: string;
137}
138
139export interface Pkcs12ReadResult {
140 key: string;
141 cert: string;
142 ca: string[];
143}
144
145export type Callback<T> = (error: any, result: T) => any;
146
147/**
148 * Creates a private key
149 *
150 * @param [keyBitsize=2048] Size of the key, defaults to 2048bit (can also be a function)
151 * @param [options] private key encryption settings, defaults to empty object (no enryption)
152 * @param callback Callback function with an error object and {key}
153 */
154export function createPrivateKey(keyBitsize: number, options: PrivateKeyCreationOptions, callback: Callback<{ key: string }>): void;
155export function createPrivateKey(optionsOrKeyBitsize: number | PrivateKeyCreationOptions, callback: Callback<{ key: string }>): void;
156export function createPrivateKey(callback: Callback<{ key: string }>): void;
157
158/**
159 * Creates a dhparam key
160 *
161 * @param [keyBitsize=512] Size of the key, defaults to 512bit
162 * @param callback Callback function with an error object and {dhparam}
163 */
164export function createDhparam(keyBitsize: number, callback: Callback<{ dhparam: any }>): void;
165export function createDhparam(callback: Callback<{ dhparam: any }>): void;
166
167/**
168 * Creates a Certificate Signing Request
169 *
170 * If options.clientKey is undefined, a new key is created automatically. The used key is included
171 * in the callback return as clientKey
172 *
173 * @param [options] Optional options object
174 * @param callback Callback function with an error object and {csr, clientKey}
175 */
176export function createCSR(options: CSRCreationOptions, callback: Callback<{ csr: string, clientKey: string }>): void;
177export function createCSR(callback: Callback<{ csr: string, clientKey: string }>): void;
178
179/**
180 * Creates a certificate based on a CSR. If CSR is not defined, a new one
181 * will be generated automatically. For CSR generation all the options values
182 * can be used as with createCSR.
183 *
184 * @param [CertificateCreationOptions] Optional options object
185 * @param callback Callback function with an error object and {certificate, csr, clientKey, serviceKey}
186 */
187export function createCertificate(options: CertificateCreationOptions, callback: Callback<CertificateCreationResult>): void;
188export function createCertificate(callback: Callback<CertificateCreationResult>): void;
189
190/**
191 * Reads subject data from a certificate or a CSR
192 *
193 * @param certificate PEM encoded CSR or certificate
194 * @param callback Callback function with an error object and {country, state, locality, organization, organizationUnit, commonName, emailAddress}
195 */
196export function readCertificateInfo(certificate: string, callback: Callback<CertificateSubjectReadResult>): void;
197export function readCertificateInfo(callback: Callback<CertificateSubjectReadResult>): void;
198
199/**
200 * Exports a public key from a private key, CSR or certificate
201 *
202 * @param certificate PEM encoded private key, CSR or certificate
203 * @param callback Callback function with an error object and {publicKey}
204 */
205export function getPublicKey(certificate: string, callback: Callback<{ publicKey: string }>): void;
206export function getPublicKey(callback: Callback<{ publicKey: string }>): void;
207
208/**
209 * Gets the fingerprint for a certificate
210 *
211 * @param certificate PEM encoded certificate
212 * @param hash Hash function to use (either md5 sha1 or sha256, defaults to sha256)
213 * @param callback Callback function with an error object and {fingerprint}
214 */
215export function getFingerprint(certificate: string, hash: HashFunction, callback: Callback<{ fingerprint: string }>): void;
216export function getFingerprint(certificate: string, callback: Callback<{ fingerprint: string }>): void;
217export function getFingerprint(callback: Callback<{ fingerprint: string }>): void;
218
219/**
220 * Gets the modulus from a certificate, a CSR or a private key
221 *
222 * @param certificate PEM encoded, CSR PEM encoded, or private key
223 * @param password password for the certificate
224 * @param callback Callback function with an error object and {modulus}
225 */
226export function getModulus(certificate: string, password: string, callback: Callback<{ modulus: any }>): void;
227export function getModulus(certificate: string, callback: Callback<{ modulus: any }>): void;
228
229/**
230 * Gets the size and prime of DH parameters
231 *
232 * @param dh DH parameters PEM encoded
233 * @param callback Callback function with an error object and {size, prime}
234 */
235export function getDhparamInfo(dh: string, callback: Callback<{ size: any, prime: any }>): void;
236
237/**
238 * Exports private key and certificate to a PKCS12 keystore
239 *
240 * @param key PEM encoded private key
241 * @param certificate PEM encoded certificate
242 * @param password Password of the result PKCS12 file
243 * @param [options] object of cipher and optional client key password {cipher:'aes128', clientKeyPassword: 'xxx'}
244 * @param callback Callback function with an error object and {pkcs12}
245 */
246export function createPkcs12(key: string, certificate: string, password: string, options: Pkcs12CreationOptions, callback: Callback<{ pkcs12: any }>): void;
247export function createPkcs12(key: string, certificate: string, password: string, callback: Callback<{ pkcs12: any }>): void;
248
249/**
250 * Reads private key and certificate from a PKCS12 keystore
251 * @param callback Callback function with an error object and {pkcs12}
252 * @returns the result of the callback
253 */
254export function readPkcs12(bufferOrPath: Buffer | string, options: Pkcs12ReadOptions, callback: Callback<Pkcs12ReadResult>): any;
255export function readPkcs12(bufferOrPath: Buffer | string, callback: Callback<Pkcs12ReadResult>): any;
256
257/**
258 * Verifies the signing chain of the passed certificate
259 *
260 * @param certificate PEM encoded certificate
261 * @param ca List of CA certificates
262 * @param callback Callback function with an error object and a boolean valid
263 */
264export function verifySigningChain(certificate: string, ca: string[], callback: Callback<boolean>): void;
265
266/**
267 * config the pem module
268 */
269export function config(options: ModuleConfiguration): void;