1 | 'use strict';
|
2 |
|
3 | Object.defineProperty(exports, "__esModule", {
|
4 | value: true
|
5 | });
|
6 | exports.createSelfCert = exports.createRootCert = undefined;
|
7 |
|
8 | var _nodeForge = require('node-forge');
|
9 |
|
10 | var attrs = [{
|
11 | name: 'countryName',
|
12 | value: 'CN'
|
13 | }, {
|
14 | shortName: 'ST',
|
15 | value: 'CP'
|
16 | }, {
|
17 | name: 'localityName',
|
18 | value: 'BJ'
|
19 | }, {
|
20 | name: 'organizationName',
|
21 | value: 'catproxy'
|
22 | }, {
|
23 | shortName: 'OU',
|
24 | value: 'CP'
|
25 | }];
|
26 | var rootAttrs = attrs.slice(0);
|
27 | rootAttrs.push({
|
28 | name: 'commonName',
|
29 | value: 'catproxy'
|
30 | });
|
31 |
|
32 | var createKeyandCert = function createKeyandCert() {
|
33 |
|
34 | var keys = _nodeForge.pki.rsa.generateKeyPair(1024);
|
35 | var cert = _nodeForge.pki.createCertificate();
|
36 | var today = new Date().getTime();
|
37 | var tenYearMin = 10 * 365 * 24 * 60 * 60 * 1000;
|
38 | cert.publicKey = keys.publicKey;
|
39 | cert.serialNumber = "" + new Date().getTime();
|
40 | cert.validity.notBefore = new Date(today - tenYearMin);
|
41 | cert.validity.notAfter = new Date(today + tenYearMin);
|
42 | return { cert: cert, keys: keys };
|
43 | };
|
44 |
|
45 | var createRootCert = function createRootCert() {
|
46 | var _createKeyandCert = createKeyandCert();
|
47 |
|
48 | var cert = _createKeyandCert.cert;
|
49 | var keys = _createKeyandCert.keys;
|
50 |
|
51 | cert.setSubject(rootAttrs);
|
52 |
|
53 |
|
54 | cert.setIssuer(rootAttrs);
|
55 | cert.setExtensions([{
|
56 | name: 'basicConstraints',
|
57 | cA: true
|
58 | }]);
|
59 | cert.sign(keys.privateKey, _nodeForge.md.sha256.create());
|
60 |
|
61 | return {
|
62 | cert: _nodeForge.pki.certificateToPem(cert),
|
63 | privateKey: _nodeForge.pki.privateKeyToPem(keys.privateKey),
|
64 | publicKey: _nodeForge.pki.publicKeyToPem(keys.publicKey)
|
65 | };
|
66 | };
|
67 |
|
68 | var createSelfCert = function createSelfCert(domain, rootOpt) {
|
69 | if (!domain) {
|
70 | return {};
|
71 | }
|
72 | var rootKey = _nodeForge.pki.privateKeyFromPem(rootOpt.privateKey);
|
73 |
|
74 | var _createKeyandCert2 = createKeyandCert();
|
75 |
|
76 | var cert = _createKeyandCert2.cert;
|
77 | var keys = _createKeyandCert2.keys;
|
78 |
|
79 |
|
80 | cert.setIssuer(rootAttrs);
|
81 | cert.setSubject(attrs.concat([{
|
82 | name: 'commonName',
|
83 | value: domain
|
84 | }]));
|
85 | cert.sign(rootKey, _nodeForge.md.sha256.create());
|
86 | return {
|
87 | cert: _nodeForge.pki.certificateToPem(cert),
|
88 | privateKey: _nodeForge.pki.privateKeyToPem(keys.privateKey),
|
89 | publicKey: _nodeForge.pki.publicKeyToPem(keys.publicKey)
|
90 | };
|
91 | };
|
92 |
|
93 | exports.createRootCert = createRootCert;
|
94 | exports.createSelfCert = createSelfCert; |
\ | No newline at end of file |