UNPKG

selfsigned/index.js

Version:

1.9 kBJavaScriptView Raw

1var forge = require('node-forge')
2var fs = require('fs')
3
4exports.generate = function generate(attrs, options) {
5
var keys = forge.pki.rsa.generateKeyPair(1024)
var cert = forge.pki.createCertificate()
8
cert.serialNumber = '01'
cert.validity.notBefore = new Date()
cert.validity.notAfter = new Date()
cert.validity.notAfter.setFullYear(cert.validity.notBefore.getFullYear() + 1)

attrs = attrs || [{
  name: 'commonName',
  value: 'example.org'
}, {
  name: 'countryName',
  value: 'US'
}, {
  shortName: 'ST',
  value: 'Virginia'
}, {
  name: 'localityName',
  value: 'Blacksburg'
}, {
  name: 'organizationName',
  value: 'Test'
}, {
  shortName: 'OU',
  value: 'Test'
}]
33
cert.setSubject(attrs)
cert.setIssuer(attrs)

cert.setExtensions([{
  name: 'basicConstraints',
  cA: true
}, {
  name: 'keyUsage',
  keyCertSign: true,
  digitalSignature: true,
  nonRepudiation: true,
  keyEncipherment: true,
  dataEncipherment: true
}, {
  name: 'subjectAltName',
  altNames: [{
    type: 6, // URI
    value: 'http://example.org/webid#me'
  }]
}])

cert.publicKey = keys.publicKey
56
cert.sign(keys.privateKey)
58
var pem = {
  private: forge.pki.privateKeyToPem(keys.privateKey),
  public: forge.pki.publicKeyToPem(keys.publicKey),
  cert: forge.pki.certificateToPem(cert)
}

if (options && options.pkcs7) {
  var p7 = forge.pkcs7.createSignedData()
  p7.addCertificate(cert)
  pem.pkcs7 = forge.pkcs7.messageToPem(p7)
}
70
var caStore = forge.pki.createCaStore()
caStore.addCertificate(cert)
73
try {
  forge.pki.verifyCertificateChain(caStore, [cert],
    function(vfd, depth, chain) {
      if(vfd !== true) {
        throw new Error('Certificate could not be verified.')
      }
      return true
  })
}
catch(ex) {
  throw new Error(ex)
}
86
return pem
88}

1	`var forge = require('node-forge')`
2	`var fs = require('fs')`
3
4	`exports.generate = function generate(attrs, options) {`
5
6	`var keys = forge.pki.rsa.generateKeyPair(1024)`
7	`var cert = forge.pki.createCertificate()`
8
9	`cert.serialNumber = '01'`
10	`cert.validity.notBefore = new Date()`
11	`cert.validity.notAfter = new Date()`
12	`cert.validity.notAfter.setFullYear(cert.validity.notBefore.getFullYear() + 1)`
13
14	`attrs = attrs \|\| [{`
15	`name: 'commonName',`
16	`value: 'example.org'`
17	`}, {`
18	`name: 'countryName',`
19	`value: 'US'`
20	`}, {`
21	`shortName: 'ST',`
22	`value: 'Virginia'`
23	`}, {`
24	`name: 'localityName',`
25	`value: 'Blacksburg'`
26	`}, {`
27	`name: 'organizationName',`
28	`value: 'Test'`
29	`}, {`
30	`shortName: 'OU',`
31	`value: 'Test'`
32	`}]`
33
34	`cert.setSubject(attrs)`
35	`cert.setIssuer(attrs)`
36
37	`cert.setExtensions([{`
38	`name: 'basicConstraints',`
39	`cA: true`
40	`}, {`
41	`name: 'keyUsage',`
42	`keyCertSign: true,`
43	`digitalSignature: true,`
44	`nonRepudiation: true,`
45	`keyEncipherment: true,`
46	`dataEncipherment: true`
47	`}, {`
48	`name: 'subjectAltName',`
49	`altNames: [{`
50	`type: 6, // URI`
51	`value: 'http://example.org/webid#me'`
52	`}]`
53	`}])`
54
55	`cert.publicKey = keys.publicKey`
56
57	`cert.sign(keys.privateKey)`
58
59	`var pem = {`
60	`private: forge.pki.privateKeyToPem(keys.privateKey),`
61	`public: forge.pki.publicKeyToPem(keys.publicKey),`
62	`cert: forge.pki.certificateToPem(cert)`
63	`}`
64
65	`if (options && options.pkcs7) {`
66	`var p7 = forge.pkcs7.createSignedData()`
67	`p7.addCertificate(cert)`
68	`pem.pkcs7 = forge.pkcs7.messageToPem(p7)`
69	`}`
70
71	`var caStore = forge.pki.createCaStore()`
72	`caStore.addCertificate(cert)`
73
74	`try {`
75	`forge.pki.verifyCertificateChain(caStore, [cert],`
76	`function(vfd, depth, chain) {`
77	`if(vfd !== true) {`
78	`throw new Error('Certificate could not be verified.')`
79	`}`
80	`return true`
81	`})`
82	`}`
83	`catch(ex) {`
84	`throw new Error(ex)`
85	`}`
86
87	`return pem`
88	`}`