Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
function createInvalidCert () {
var keys = pki.rsa.generateKeyPair(512)
var cert = pki.createCertificate()
cert.publicKey = keys.publicKey
// alternatively set public key from a csr
//cert.publicKey = csr.publicKey
cert.serialNumber = '01'
cert.validity.notBefore = new Date()
cert.validity.notAfter = new Date()
cert.validity.notAfter.setFullYear(cert.validity.notBefore.getFullYear() + 1)
var attrs = [{
name: 'commonName',
value: 'example.org'
}, {
name: 'countryName',
value: 'US'
}, {
shortName: 'ST',
import * as uuid from 'uuid/v4';
import { pki, md } from 'node-forge';
export type PEM = string | string[] | Buffer | Buffer[];
export type GeneratedCertificate = {
key: string,
cert: string
};
// This is slightly slow (~100ms), so do it once upfront, not for
// every separate CA or even cert.
const KEYS = pki.rsa.generateKeyPair(1024);
export class CA {
private caCert: { subject: any };
private caKey: {};
private certKeys: { publicKey: {}, privateKey: {} };
private certCache: { [domain: string]: GeneratedCertificate };
constructor(
caKey: PEM,
caCert: PEM
) {
this.caKey = pki.privateKeyFromPem(caKey);
this.caCert = pki.certificateFromPem(caCert);
this.certCache = {};
}
// import {FileSystemError} from 'core-error-predicates';
import {pick, isObject, defaults} from 'lodash';
import del from 'del';
import forge, {pki, md} from 'node-forge';
import fs from 'fs';
import moment from 'moment';
import path from 'path';
import Promise from 'bluebird';
import mkdirp from 'mkdirp';
import crypto from 'crypto';
import templates from './templates';
Promise.promisifyAll(fs);
Promise.promisifyAll(pki.rsa);
const mkdirpAsync = Promise.promisify(mkdirp);
const cwd = process.cwd();
const noop = () => {};
export {pki, md};
export default class EasyRSA {
static defaults = {
pkiDir: path.join(cwd, 'pki'),
template: 'vpn',
keysize: 2048,
nopass: false,
subca: false,
days: 3650
};
module.exports = () => new Promise((resolve, reject) => {
pki.rsa.generateKeyPair({ bits: 1024 }, (err, keyPair) => {
if (err !== null && err !== undefined) {
reject(err)
} else {
resolve(pki.privateKeyToPem(keyPair.privateKey))
}
})
})
.then(() => {
if (existingPrivateKey) {
const privateKey = pki.privateKeyFromPem(existingPrivateKey.toString());
return {
privateKey,
publicKey: pki.rsa.setPublicKey(privateKey.n, privateKey.e)
};
}
return generateFastKeyPair(cfg.keysize);
})
.then(({privateKey, publicKey}) => {
function getCertKeyPair() {
const pki = require('node-forge').pki;
var keys = pki.rsa.generateKeyPair(1024);
var cert = pki.createCertificate();
cert.publicKey = keys.publicKey;
cert.serialNumber = '01';
cert.validity.notBefore = new Date();
cert.validity.notAfter = new Date();
cert.validity.notAfter.setFullYear(cert.validity.notBefore.getFullYear() + 1);
var attrs = [{
name: 'commonName',
value: 'example.org'
}, {
name: 'countryName',
value: 'US'
}, {
shortName: 'ST',
value: 'Virginia'
}, {
'use strict';
var mongoose = require('mongoose');
var uuid = require('node-uuid');
var crypto = require('../lib/crypto');
var pki = require('node-forge').pki, rsa = pki.rsa;
var RSAKey = require('../lib/rsa');
var logger = require('pine')();
var keycache = [];
function fillKeys() {
rsa.generateKeyPair({bits: 2048, e: 0x10001, workers: -1}, function (err, keypair) {
if (err) {
logger.error('Failed to generate cached keypair: %s', err.message);
} else {
keycache.push(keypair);
if (keycache.length < 5) {
fillKeys();
}
}
});
getPublicKeyFromPrivateKey: pki.ed25519.publicKeyFromPrivateKey,
getPublicKeyStringFromPrivateKeyString: getED25519Base58PublicKeyFromBase58PrivateKey,
getSigningOptions: (privateKeyBase58: string): Ed25519SigningOptions => ({
privateKeyBase58,
algorithm: SigningAlgorithm.Ed25519Signature2018,
nonce: cuid(),
}),
publicKey: (id: string, publicKey: string): Ed25519PublicKey => ({
id,
type: AlgorithmPublicKeyType.Ed25519VerificationKey2018,
owner: id,
publicKeyBase58: publicKey,
}),
},
[SigningAlgorithm.RsaSignature2018]: {
engine: pki.rsa,
getPublicKeyFromPrivateKey: generateRsaPublicKeyFromPrivateKey,
getPublicKeyStringFromPrivateKeyString: getRsaPublicPemFromPrivatePem,
getSigningOptions: (privateKeyPem: string): RsaSigningOptions => ({
privateKeyPem,
algorithm: SigningAlgorithm.RsaSignature2018,
nonce: cuid(),
}),
publicKey: (id: string, publicKey): RsaPublicKey => ({
id,
type: AlgorithmPublicKeyType.RsaVerificationKey2018,
owner: id,
publicKeyPem: publicKey,
}),
},
}
const async = Promise.coroutine;
const fs = Promise.promisifyAll(fsOrig);
const mkdirp = Promise.promisify(mkdirpOrig);
const directory = './certificate/';
const caCertPath = directory + 'ca.crt';
const caKeyPath = directory + 'ca.key';
const domainCertificates = {};
let ca;
const getCA = () => ca;
const getSerial = () => crypto.randomBytes(Math.ceil(16 / 2)).toString('hex').slice(0, 16).toUpperCase();
const keys = pki.rsa.generateKeyPair(2048);
const createCertificateAuthority = async(function* () {
const certificate = pki.createCertificate();
certificate.publicKey = keys.publicKey;
certificate.serialNumber = getSerial();
certificate.validity.notBefore = new Date();
certificate.validity.notAfter = new Date();
certificate.validity.notAfter.setFullYear(certificate.validity.notBefore.getFullYear() + 1);
const attrs = [{
name: 'commonName',
value: 'phoenixmatrix_do_not_trust'
}, {
name: 'organizationName',
value: 'do_not_trust_phoenixmatrix'
}, {
name: 'countryName',