1. Advisor
  2. node-opcua-crypto
  3. functions
  4. node-opcua-crypto.exploreCertificateInfo
View all node-opcua-crypto analysis

How to use the node-opcua-crypto.exploreCertificateInfo function in node-opcua-crypto

To help you get started, we’ve selected a few node-opcua-crypto examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github node-opcua / node-opcua / packages / node-opcua-secure-channel / src / server / server_secure_channel_layer.js View on Github external
function _check_certificate_validity(certificate) {
    // Is the  signature on the SoftwareCertificate valid .?
    if (!certificate) {
        // missing certificate
        return StatusCodes.BadSecurityChecksFailed;
    }

    //-- const split_der = require("node-opcua-crypto").crypto_explore_certificate.split_der;
    //-- const  chain = split_der(securityHeader.senderCertificate);
    //-- //xx console.log("xxx NB CERTIFICATE IN CHAIN = ".red,chain.length);

    // Has SoftwareCertificate passed its issue date and has it not expired ?
    // check dates
    const cert = crypto_utils.exploreCertificateInfo(certificate);

    const now = new Date();

    if (cert.notBefore.getTime() > now.getTime()) {
        // certificate is not active yet
        console.log(
            " Sender certificate is invalid : certificate is not active yet !".red +
                "  not before date =" +
                cert.notBefore
        );
        return StatusCodes.BadCertificateTimeInvalid;
    }
    if (cert.notAfter.getTime() <= now.getTime()) {
        // certificate is obsolete
        console.log(
            " Sender certificate is invalid : certificate has expired !".red + " not after date =" + cert.notAfter
github node-opcua / node-opcua / packages / node-opcua-secure-channel / source / message_builder.ts View on Github external
decryptedBuffer.copy(binaryStream.buffer, binaryStream.length);

            // adjust length
            binaryStream.buffer = binaryStream.buffer.slice(0, binaryStream.length + decryptedBuffer.length);

            /* istanbul ignore next */
            if (doDebug) {
                debugLog(chalk.cyan("DE-----------------------------"));
                // debugLog(hexDump(binaryStream.buffer));
                debugLog(chalk.cyan("-------------------------------"));
                const thumbprint = makeSHA1Thumbprint(asymmetricAlgorithmSecurityHeader.senderCertificate);
                debugLog("Certificate thumbprint:", thumbprint.toString("hex"));
            }
        }

        const cert = exploreCertificateInfo(asymmetricAlgorithmSecurityHeader.senderCertificate);
        // then verify the signature
        const signatureLength = cert.publicKeyLength; // 1024 bits = 128Bytes or 2048=256Bytes or 3072 or 4096
        assert(signatureLength === 128 ||
            signatureLength === 256 ||
            signatureLength === 384 ||
            signatureLength === 512);

        const chunk = binaryStream.buffer;

        const signatureIsOK = asymmetricVerifyChunk(this.cryptoFactory, chunk, asymmetricAlgorithmSecurityHeader.senderCertificate);

        if (!signatureIsOK) {
            /* istanbul ignore next */
            if (doDebug) {
                debugLog(hexDump(binaryStream.buffer));
            }
github node-opcua / node-opcua / packages / node-opcua-secure-channel / source / server / server_secure_channel_layer.ts View on Github external
public getSignatureLength(): PublicKeyLength {
        const chain = this.getCertificateChain();
        const firstCertificateInChain = split_der(chain)[0];
        const cert = exploreCertificateInfo(firstCertificateInChain);
        return cert.publicKeyLength; // 1024 bits = 128Bytes or 2048=256Bytes
    }
github node-opcua / node-opcua / packages / node-opcua-secure-channel / source / security_policy.ts View on Github external
export function asymmetricVerifyChunk(self: CryptoFactory, chunk: Buffer, certificate: Certificate): boolean {
    assert(chunk instanceof Buffer);
    assert(certificate instanceof Buffer);
    // let's get the signatureLength by checking the size
    // of the certificate's public key
    const cert = exploreCertificateInfo(certificate);
    const signatureLength = cert.publicKeyLength; // 1024 bits = 128Bytes or 2048=256Bytes

    const blockToVerify = chunk.slice(0, chunk.length - signatureLength);
    const signature = chunk.slice(chunk.length - signatureLength);
    return self.asymmetricVerify(blockToVerify, signature, certificate);
}
github node-opcua / node-opcua / packages / node-opcua-secure-channel / src / security_policy.js View on Github external
function asymmetricVerifyChunk(chunk, certificate) {

    const crypto_factory = this;
    assert(chunk instanceof Buffer);
    assert(certificate instanceof Buffer);
    // let's get the signatureLength by checking the size
    // of the certificate's public key
    const cert = crypto_utils.exploreCertificateInfo(certificate);

    const signatureLength = cert.publicKeyLength; // 1024 bits = 128Bytes or 2048=256Bytes
    const block_to_verify = chunk.slice(0, chunk.length - signatureLength);
    const signature = chunk.slice(chunk.length - signatureLength);
    return crypto_factory.asymmetricVerify(block_to_verify, signature, certificate);

}

node-opcua-crypto

Crypto tools for Node-OPCUA

GitHub
MIT
Latest version published 2 months ago

Package Health Score

73 / 100
Full package analysis

Popular node-opcua-crypto functions

Similar packages