Server IP : 108.163.255.210 / Your IP : 3.139.104.140 Web Server : Apache System : Linux blossom.urlnameserver.com 3.10.0-1160.80.1.el7.x86_64 #1 SMP Tue Nov 8 15:48:59 UTC 2022 x86_64 User : ( 1172) PHP Version : 7.2.34 Disable Function : eval,escapeshellarg,proc_close,proc_get_status,proc_nice,proc_open,symlink,system,pcntl_exec,getrusage,chown,chgp,closelog,openlog,syslog,define_syslog_variables,php_ini_loaded_file,getservbyname,getservbyport,posix_getgid,posix_getgrgid,proc_terminate,pfsockopen,apache_child_terminate,posix_mkfifo,posix_setpgid,posix_setuid,hypot,pg_host,pos,posix_access,posix_getcwd,posix_getservbyname,myshellexec,getpid,posix_getsid,posix_isatty,posix_kill,posix_mknod,posix_setgid,posix_setsid,posix_setuid,posix_times,posix_uname,ps_fill,posix_getpwuid,global,ini_restore,zip_open,zip_read,rar_open,bzopen,bzread,bzwrite,apache_get_modules,apache_get_version,phpversionphpinfo,php_ini_scanned_files,get_current_user,disk_total_space,diskfreespace,leak,imap_list,hypo,filedump,safe_mode,getmygid,apache_getenv,apache_setenv,bzread,bzwrite,bzopen,phpini,higlight_file,dos_conv,get_cwd,er_log,cmd,e_name,vdir,get_dir,only_read,ftok,ftpexec,posix_getpwnam,mysql_list_dbs,disk_free_space,session_save_path,confirm_phpdoc_compiled,zip_entry_rea,php_u,psockopen,crack_opendict,crack_getlastmessage,crack_closedict,crack_check,fpassthru,posix_get_last_error,posix_getlogin,posix_getgroups,posix_strerror,posix_getrlimit,posix_getpgrp,posix_getgrnam,pos,dl MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /home/unilinki/public_html/indijourneys.com/node_modules/selfsigned/ |
Upload File : |
var forge = require('node-forge'); // a hexString is considered negative if it's most significant bit is 1 // because serial numbers use ones' complement notation // this RFC in section 4.1.2.2 requires serial numbers to be positive // http://www.ietf.org/rfc/rfc5280.txt function toPositiveHex(hexString){ var mostSiginficativeHexAsInt = parseInt(hexString[0], 16); if (mostSiginficativeHexAsInt < 8){ return hexString; } mostSiginficativeHexAsInt -= 8; return mostSiginficativeHexAsInt.toString() + hexString.substring(1); } function getAlgorithm(key) { switch (key) { case 'sha256': return forge.md.sha256.create(); default: return forge.md.sha1.create(); } } exports.generate = function generate(attrs, options, done) { if (typeof attrs === 'function') { done = attrs; attrs = undefined; } else if (typeof options === 'function') { done = options; options = {}; } options = options || {}; var generatePem = function (keyPair) { var cert = forge.pki.createCertificate(); cert.serialNumber = toPositiveHex(forge.util.bytesToHex(forge.random.getBytesSync(9))); // the serial number can be decimal or hex (if preceded by 0x) cert.validity.notBefore = new Date(); cert.validity.notAfter = new Date(); cert.validity.notAfter.setDate(cert.validity.notBefore.getDate() + (options.days || 365)); attrs = attrs || [{ name: 'commonName', value: 'example.org' }, { name: 'countryName', value: 'US' }, { shortName: 'ST', value: 'Virginia' }, { name: 'localityName', value: 'Blacksburg' }, { name: 'organizationName', value: 'Test' }, { shortName: 'OU', value: 'Test' }]; cert.setSubject(attrs); cert.setIssuer(attrs); cert.publicKey = keyPair.publicKey; cert.setExtensions(options.extensions || [{ name: 'basicConstraints', cA: true }, { name: 'keyUsage', keyCertSign: true, digitalSignature: true, nonRepudiation: true, keyEncipherment: true, dataEncipherment: true }, { name: 'subjectAltName', altNames: [{ type: 6, // URI value: 'http://example.org/webid#me' }] }]); cert.sign(keyPair.privateKey, getAlgorithm(options && options.algorithm)); const fingerprint = forge.md.sha1 .create() .update(forge.asn1.toDer(forge.pki.certificateToAsn1(cert)).getBytes()) .digest() .toHex() .match(/.{2}/g) .join(':'); var pem = { private: forge.pki.privateKeyToPem(keyPair.privateKey), public: forge.pki.publicKeyToPem(keyPair.publicKey), cert: forge.pki.certificateToPem(cert), fingerprint: fingerprint, }; if (options && options.pkcs7) { var p7 = forge.pkcs7.createSignedData(); p7.addCertificate(cert); pem.pkcs7 = forge.pkcs7.messageToPem(p7); } if (options && options.clientCertificate) { var clientkeys = forge.pki.rsa.generateKeyPair(1024); var clientcert = forge.pki.createCertificate(); clientcert.serialNumber = toPositiveHex(forge.util.bytesToHex(forge.random.getBytesSync(9))); clientcert.validity.notBefore = new Date(); clientcert.validity.notAfter = new Date(); clientcert.validity.notAfter.setFullYear(clientcert.validity.notBefore.getFullYear() + 1); var clientAttrs = JSON.parse(JSON.stringify(attrs)); for(var i = 0; i < clientAttrs.length; i++) { if(clientAttrs[i].name === 'commonName') { if( options.clientCertificateCN ) clientAttrs[i] = { name: 'commonName', value: options.clientCertificateCN }; else clientAttrs[i] = { name: 'commonName', value: 'John Doe jdoe123' }; } } clientcert.setSubject(clientAttrs); // Set the issuer to the parent key clientcert.setIssuer(attrs); clientcert.publicKey = clientkeys.publicKey; // Sign client cert with root cert clientcert.sign(keyPair.privateKey); pem.clientprivate = forge.pki.privateKeyToPem(clientkeys.privateKey); pem.clientpublic = forge.pki.publicKeyToPem(clientkeys.publicKey); pem.clientcert = forge.pki.certificateToPem(clientcert); if (options.pkcs7) { var clientp7 = forge.pkcs7.createSignedData(); clientp7.addCertificate(clientcert); pem.clientpkcs7 = forge.pkcs7.messageToPem(clientp7); } } var caStore = forge.pki.createCaStore(); caStore.addCertificate(cert); try { forge.pki.verifyCertificateChain(caStore, [cert], function (vfd, depth, chain) { if (vfd !== true) { throw new Error('Certificate could not be verified.'); } return true; }); } catch(ex) { throw new Error(ex); } return pem; }; var keySize = options.keySize || 1024; if (done) { // async scenario return forge.pki.rsa.generateKeyPair({ bits: keySize }, function (err, keyPair) { if (err) { return done(err); } try { return done(null, generatePem(keyPair)); } catch (ex) { return done(err); } }); } var keyPair = options.keyPair ? { privateKey: forge.pki.privateKeyFromPem(options.keyPair.privateKey), publicKey: forge.pki.publicKeyFromPem(options.keyPair.publicKey) } : forge.pki.rsa.generateKeyPair(keySize); return generatePem(keyPair); };