How to use the node-forge.pki.certificateToPem function in node-forge
To help you get started, we’ve selected a few node-forge examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
mgcrea / node-easyrsa / test / spec / mdm.spec.js View on Github 
it('should have correct extensions', () => {
const {cert} = res.ca;
const certPem = pki.certificateToPem(cert);
const resultCert = pki.certificateFromPem(certPem);
const expectedCert = fixtures.ca;
// expect(getSubjectFromAttrs(cert.issuer.attributes.attributes)).toEqual(getCertificateSubject(res.ca.cert));
expect(getCertificateSubject(resultCert)).toEqual(getCertificateSubject(expectedCert));
expect(resultCert.serialNumber.length).toEqual(expectedCert.serialNumber.length);
expect(map(resultCert.extensions, 'name').sort()).toEqual(map(expectedCert.extensions, 'name').sort());
expect(map(resultCert.extensions, 'id').sort()).toEqual(map(expectedCert.extensions, 'id').sort());
});
it('should have correct basicConstraints and keyUsage', () => {it('should have correct extensions', () => {
const {cert} = res.cert;
const certPem = pki.certificateToPem(cert);
const resultCert = pki.certificateFromPem(certPem);
const expectedCert = fixtures.cert;
expect(getCertificateIssuer(resultCert)).toEqual(getCertificateSubject(res.ca.cert));
// expect(getCertificateIssuer(resultCert)).toEqual(getCertificateIssuer(expectedCert)); // @TODO chain
expect(getCertificateSubject(resultCert)).toEqual(getCertificateSubject(expectedCert));
expect(parseInt(resultCert.serialNumber, 16).length).toEqual(parseInt(expectedCert.serialNumber, 16).length);
// expect(map(resultCert.extensions, 'name').sort()).toEqual(map(expectedCert.extensions, 'name').sort());
// expect(map(resultCert.extensions, 'id').sort()).toEqual(map(expectedCert.extensions, 'id').sort());
});
it('should have correct basicConstraints and keyUsage', () => {name: 'subjectAltName',
altNames: [{
type: 6, // URI
value: 'http://example.org/webid#me'
}, {
type: 7, // IP
ip: '127.0.0.1'
}]
}, {
name: 'subjectKeyIdentifier'
}])
// self-sign certificate
cert.sign(keys.privateKey)
return pki.certificateToPem(cert)
}it('should properly return a cert and a serial', () => {
const {cert, serial} = res.cert;
const certPem = pki.certificateToPem(cert);
expect(typeof certPem).toBe('string');
expect(certPem).toMatch(/^-----BEGIN CERTIFICATE-----\r\n.+/);
expect(typeof serial).toBe('string');
expect(serial).toMatch(/[\da-f]/i);
expect(cert.serialNumber).toMatch(/[0-9a-f]{16}/);
});
it('should have correct extensions', () => {it('should properly return a privateKey and a cert', () => {
const {privateKey, cert} = res.ca;
const privateKeyPem = pki.privateKeyToPem(privateKey);
expect(typeof privateKeyPem).toBe('string');
expect(privateKeyPem).toMatch(/^-----BEGIN RSA PRIVATE KEY-----\r\n.+/);
const certPem = pki.certificateToPem(cert);
expect(typeof certPem).toBe('string');
expect(certPem).toMatch(/^-----BEGIN CERTIFICATE-----\r\n.+/);
expect(cert.serialNumber).toMatch(/[0-9a-f]{16}/);
expect(getCertificateSubject(cert)).toEqual({commonName, ...attributes});
});
it('should have correct extensions', () => {it('should properly return a cert and a serial', () => {
const {cert, serial} = res.cert;
const certPem = pki.certificateToPem(cert);
expect(typeof certPem).toBe('string');
expect(certPem).toMatch(/^-----BEGIN CERTIFICATE-----\r\n.+/);
expect(typeof serial).toBe('string');
expect(serial).toMatch(/[\da-f]/i);
expect(cert.serialNumber).toMatch(/[0-9a-f]{10}/);
expect(parseInt(cert.serialNumber, 16) > 0).toBeTruthy();
expect(getCertificateSubject(cert)).toEqual({commonName, ...attributes});
});
it('should have correct extensions', () => {const caCert = pki.certificateFromPem(caCertPem);
var certificate = pki.createCertificate();
certificate.serialNumber = getSerial();
certificate.validity.notBefore = new Date();
const expiration = moment(certificate.validity.notBefore);
expiration.add(config.certificateExpiration, 'days');
certificate.validity.notAfter = expiration.toDate();
certificate.setSubject(csr.subject.attributes);
certificate.setIssuer(caCert.subject.attributes);
certificate.publicKey = csr.publicKey;
certificate.sign(caKey, md.sha256.create());
const serverCertificate = pki.certificateToPem(certificate);
const serverKey = pki.privateKeyToPem(keys.privateKey);
yield Promise.all([
fs.writeFileAsync(certPath, serverCertificate),
fs.writeFileAsync(keyPath, serverKey)
]);
result = yield Promise.resolve({key: serverKey, certificate: serverCertificate});
}
domainCertificates[domain] = result;
return yield Promise.resolve(result);
});nonRepudiation: true,
keyEncipherment: true,
dataEncipherment: true
}, {
name: 'subjectAltName',
altNames: {
type: 2,
value: domain
}
}]);
cert.sign(this.caKey, md.sha256.create());
const generatedCertificate = {
key: pki.privateKeyToPem(KEYS.privateKey),
cert: pki.certificateToPem(cert)
};
this.certCache[domain] = generatedCertificate;
return generatedCertificate;
}
}},
{
name: 'organizationName',
value: 'do_not_trust_phoenixmatrix'
},
{
name: 'countryName',
value: 'US'
}
];
certificate.setSubjects(attributes);
certificate.setIssuer(attributes);
certificate.sign(keyPair.privateKey, md.sha256.create());
const ca = pki.certificateToPem(certificate);
const privateKey = pki.privateKeyToPem(keyPair.privateKey);
return {privateKey, certificate: ca};
}node-forge
JavaScript implementations of network transports, cryptography, ciphers, PKI, message digests, and various utilities.
Package Health Score
77 / 100Popular node-forge functions
- node-forge.asn1
- node-forge.cipher
- node-forge.jsbn
- node-forge.md
- node-forge.pem
- node-forge.pkcs12
- node-forge.pkcs5
- node-forge.pkcs7
- node-forge.pki
- node-forge.pki.certificateFromPem
- node-forge.pki.certificateToPem
- node-forge.pki.createCertificate
- node-forge.pki.privateKeyFromPem
- node-forge.pki.privateKeyToPem
- node-forge.pki.publicKeyFromPem
- node-forge.pki.publicKeyToPem
- node-forge.pki.rsa
- node-forge.random
- node-forge.rsa
- node-forge.util