How to use @wireapp/certificate-check - 2 common examples

To help you get started, we’ve selected a few @wireapp/certificate-check examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github wireapp / wire-desktop / electron / src / lib / CertificateVerifyProcManager.ts View on Github external
logger.error(
      `Internal Chrome TLS verification failed. Hostname: ${hostname}. Verification result: ${verificationResult}. Error code: ${errorCode}`,
    );

    const isCommonCertificateError =
      errorCode === CertificateVerifyProcManager.CHROMIUM_ERRORS.CERT_COMMON_NAME_INVALID ||
      errorCode === CertificateVerifyProcManager.CHROMIUM_ERRORS.CERT_AUTHORITY_INVALID;
    if (isCommonCertificateError) {
      await CertificateVerifyProcManager.displayCertificateChromiumError(hostname, certificate);
    }

    return cb(-2);
  }

  // Check certificate pinning
  if (certificateUtils.hostnameShouldBePinned(hostname) && CertificateVerifyProcManager.isCertificatePinningEnabled()) {
    const pinningResults = certificateUtils.verifyPinning(hostname, certificate);
    const falsyValue = Object.values(pinningResults).some(val => val === false);

    if (falsyValue || pinningResults.errorMessage) {
      logger.error(`Certificate verification failed for "${hostname}".`);
      logger.error(`Error: "${pinningResults.errorMessage}". Displaying certificate pinning error dialog.`);
      await CertificateVerifyProcManager.displayCertificateError(hostname, certificate);
      return cb(-2);
    }
  }

  return cb(-3);
};
github wireapp / wire-desktop / electron / src / lib / CertificateVerifyProcManager.ts View on Github external
`Internal Chrome TLS verification failed. Hostname: ${hostname}. Verification result: ${verificationResult}. Error code: ${errorCode}`,
    );

    const isCommonCertificateError =
      errorCode === CertificateVerifyProcManager.CHROMIUM_ERRORS.CERT_COMMON_NAME_INVALID ||
      errorCode === CertificateVerifyProcManager.CHROMIUM_ERRORS.CERT_AUTHORITY_INVALID;
    if (isCommonCertificateError) {
      await CertificateVerifyProcManager.displayCertificateChromiumError(hostname, certificate);
    }

    return cb(-2);
  }

  // Check certificate pinning
  if (certificateUtils.hostnameShouldBePinned(hostname) && CertificateVerifyProcManager.isCertificatePinningEnabled()) {
    const pinningResults = certificateUtils.verifyPinning(hostname, certificate);
    const falsyValue = Object.values(pinningResults).some(val => val === false);

    if (falsyValue || pinningResults.errorMessage) {
      logger.error(`Certificate verification failed for "${hostname}".`);
      logger.error(`Error: "${pinningResults.errorMessage}". Displaying certificate pinning error dialog.`);
      await CertificateVerifyProcManager.displayCertificateError(hostname, certificate);
      return cb(-2);
    }
  }

  return cb(-3);
};

@wireapp/certificate-check

Utilities to check that Wire's domains use the expected certificate.

GPL-3.0
Latest version published 20 days ago

Package Health Score

63 / 100
Full package analysis

Similar packages