Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
// endregion
// region Get a "crypto" extension
const crypto = getCrypto();
if (typeof crypto === "undefined") {
alert("No WebCrypto extension found");
return;
}
// endregion
// region Put a static values
certSimpl.version = 2;
certSimpl.serialNumber = new asn1js.Integer({ value: 1 });
certSimpl.issuer.typesAndValues.push(new AttributeTypeAndValue({
type: "2.5.4.6", // Country name
value: new asn1js.PrintableString({ value: "RU" })
}));
certSimpl.issuer.typesAndValues.push(new AttributeTypeAndValue({
type: "2.5.4.3", // Common name
value: new asn1js.BmpString({ value: "Test" })
}));
certSimpl.subject.typesAndValues.push(new AttributeTypeAndValue({
type: "2.5.4.6", // Country name
value: new asn1js.PrintableString({ value: "RU" })
}));
certSimpl.subject.typesAndValues.push(new AttributeTypeAndValue({
type: "2.5.4.3", // Common name
value: new asn1js.BmpString({ value: "Test" })
}));
certSimpl.notBefore.value = new Date(2016, 1, 1);
certSimpl.notAfter.value = new Date(2019, 1, 1);
let publicKey;
let privateKey;
//endregion
//region Get a "crypto" extension
const crypto = getCrypto();
if(typeof crypto === "undefined")
return Promise.reject("No WebCrypto extension found");
//endregion
//region Put a static values
certSimpl.version = 2;
certSimpl.serialNumber = new asn1js.Integer({ value: 1 });
certSimpl.issuer.typesAndValues.push(new AttributeTypeAndValue({
type: "2.5.4.6", // Country name
value: new asn1js.PrintableString({ value: "RU" })
}));
certSimpl.issuer.typesAndValues.push(new AttributeTypeAndValue({
type: "2.5.4.3", // Common name
value: new asn1js.BmpString({ value: "Test" })
}));
certSimpl.subject.typesAndValues.push(new AttributeTypeAndValue({
type: "2.5.4.6", // Country name
value: new asn1js.PrintableString({ value: "RU" })
}));
certSimpl.subject.typesAndValues.push(new AttributeTypeAndValue({
type: "2.5.4.3", // Common name
value: new asn1js.BmpString({ value: "Test" })
}));
certSimpl.notBefore.value = new Date(2019, 1, 1);
certSimpl.notAfter.value = new Date(2022, 1, 1);
// region Put a static values
certificate.version = 2;
const serialNumber = crypto.getRandomValues(new Uint8Array(10));
certificate.serialNumber = new asn1js.Integer();
certificate.serialNumber.valueBlock.valueHex = serialNumber.buffer;
const commonName = new pkijs.AttributeTypeAndValue({
type: "2.5.4.3", // Common name
value: new asn1js.PrintableString({ value: process.env.FORTIFY_SSL_CN || "127.0.0.1" }),
});
certificate.subject.typesAndValues.push(commonName);
certificate.issuer.typesAndValues.push(new pkijs.AttributeTypeAndValue({
type: "2.5.4.3", // Common name
value: new asn1js.PrintableString({ value: "Fortify Local CA" }),
}));
// Valid period is 1 year
certificate.notBefore.value = new Date(); // current date
const notAfter = new Date();
notAfter.setFullYear(notAfter.getFullYear() + 1);
certificate.notAfter.value = notAfter;
certificate.extensions = []; // Extensions are not a part of certificate by default, it's an optional array
// Extended key usage
const extKeyUsage = new pkijs.ExtKeyUsage({
keyPurposes: ["1.3.6.1.5.5.7.3.1"],
});
certificate.extensions.push(new pkijs.Extension({
extnID: "2.5.29.37",
toSchema()
{
//region Create array for output sequence
let result;
switch(this.type)
{
case 0: // TELETEXSTRING
result = new asn1js.TeletexString({ value: this.value });
break;
case 1: // PRINTABLESTRING
result = new asn1js.PrintableString({ value: this.value });
break;
case 2: // UNIVERSALSTRING
result = new asn1js.UniversalString({ value: this.value });
break;
case 3: // UTF8STRING
result = new asn1js.Utf8String({ value: this.value });
break;
case 4: // BMPSTRING
result = new asn1js.BmpString({ value: this.value });
break;
default:
throw new Error("Incorrectly initialized data for \"DirectoryString\" class");
}
//endregion
//region Construct and return new ASN.1 schema for this object
//endregion
//region Put a static values
certificate.version = 2;
certificate.serialNumber = new asn1js.Integer({ value: 1 });
certificate.issuer.typesAndValues.push(new AttributeTypeAndValue({
type: "2.5.4.6", // Country name
value: new asn1js.PrintableString({ value: "RU" })
}));
certificate.issuer.typesAndValues.push(new AttributeTypeAndValue({
type: "2.5.4.3", // Common name
value: new asn1js.BmpString({ value: "Test" })
}));
certificate.subject.typesAndValues.push(new AttributeTypeAndValue({
type: "2.5.4.6", // Country name
value: new asn1js.PrintableString({ value: "RU" })
}));
certificate.subject.typesAndValues.push(new AttributeTypeAndValue({
type: "2.5.4.3", // Common name
value: new asn1js.BmpString({ value: "Test" })
}));
certificate.notBefore.value = new Date(2019, 1, 1);
certificate.notAfter.value = new Date(2022, 1, 1);
certificate.extensions = []; // Extensions are not a part of certificate by default, it's an optional array
//region "BasicConstraints" extension
const basicConstr = new BasicConstraints({
cA: true,
pathLenConstraint: 3
});
]
})
]
}),
new asn1js.Constructed({
name: (names.localityName || ""),
optional: true,
idBlock: {
tagClass: 3, // CONTEXT-SPECIFIC
tagNumber: 1 // [1]
},
value: [
new asn1js.Choice({
value: [
new asn1js.TeletexString({ name: (names.localityName || "") }),
new asn1js.PrintableString({ name: (names.localityName || "") }),
new asn1js.UniversalString({ name: (names.localityName || "") }),
new asn1js.Utf8String({ name: (names.localityName || "") }),
new asn1js.BmpString({ name: (names.localityName || "") })
]
})
]
}),
new asn1js.Constructed({
optional: true,
idBlock: {
tagClass: 3, // CONTEXT-SPECIFIC
tagNumber: 2 // [2]
},
value: [
new asn1js.Repeated({
name: (names.postalAdddress || ""),
trustedCertificates = [];
//endregion
//region Get a "crypto" extension
const crypto = getCrypto();
if(typeof crypto === "undefined")
return Promise.reject("No WebCrypto extension found");
//endregion
//region Put a static values
certificate.version = 2;
certificate.serialNumber = new asn1js.Integer({ value: 1 });
certificate.issuer.typesAndValues.push(new AttributeTypeAndValue({
type: "2.5.4.6", // Country name
value: new asn1js.PrintableString({ value: "RU" })
}));
certificate.issuer.typesAndValues.push(new AttributeTypeAndValue({
type: "2.5.4.3", // Common name
value: new asn1js.BmpString({ value: "Test" })
}));
certificate.subject.typesAndValues.push(new AttributeTypeAndValue({
type: "2.5.4.6", // Country name
value: new asn1js.PrintableString({ value: "RU" })
}));
certificate.subject.typesAndValues.push(new AttributeTypeAndValue({
type: "2.5.4.3", // Common name
value: new asn1js.BmpString({ value: "Test" })
}));
certificate.notBefore.value = new Date(2016, 1, 1);
certificate.notAfter.value = new Date(2019, 1, 1);
let publicKey;
let privateKey;
//endregion
//region Get a "crypto" extension
const crypto = getCrypto();
if(typeof crypto === "undefined")
return Promise.reject("No WebCrypto extension found");
//endregion
//region Put a static values
certSimpl.version = 2;
certSimpl.serialNumber = new asn1js.Integer({ value: 1 });
certSimpl.issuer.typesAndValues.push(new AttributeTypeAndValue({
type: "2.5.4.6", // Country name
value: new asn1js.PrintableString({ value: "RU" })
}));
certSimpl.issuer.typesAndValues.push(new AttributeTypeAndValue({
type: "2.5.4.3", // Common name
value: new asn1js.BmpString({ value: "Test" })
}));
certSimpl.subject.typesAndValues.push(new AttributeTypeAndValue({
type: "2.5.4.6", // Country name
value: new asn1js.PrintableString({ value: "RU" })
}));
certSimpl.subject.typesAndValues.push(new AttributeTypeAndValue({
type: "2.5.4.3", // Common name
value: new asn1js.BmpString({ value: "Test" })
}));
certSimpl.notBefore.value = new Date(2016, 1, 1);
certSimpl.notAfter.value = new Date(2019, 1, 1);
async function GenerateCertificate(keyPair: CryptoKeyPair, caKey: CryptoKey) {
const certificate = new pkijs.Certificate();
// region Put a static values
certificate.version = 2;
const serialNumber = crypto.getRandomValues(new Uint8Array(10));
certificate.serialNumber = new asn1js.Integer();
certificate.serialNumber.valueBlock.valueHex = serialNumber.buffer;
const commonName = new pkijs.AttributeTypeAndValue({
type: "2.5.4.3", // Common name
value: new asn1js.PrintableString({ value: process.env.FORTIFY_SSL_CN || "127.0.0.1" }),
});
certificate.subject.typesAndValues.push(commonName);
certificate.issuer.typesAndValues.push(new pkijs.AttributeTypeAndValue({
type: "2.5.4.3", // Common name
value: new asn1js.PrintableString({ value: "Fortify Local CA" }),
}));
// Valid period is 1 year
certificate.notBefore.value = new Date(); // current date
const notAfter = new Date();
notAfter.setFullYear(notAfter.getFullYear() + 1);
certificate.notAfter.value = notAfter;
certificate.extensions = []; // Extensions are not a part of certificate by default, it's an optional array