2020-05-12 14:09:31 +02:00
|
|
|
'use strict'
|
|
|
|
|
|
|
|
|
|
require('node-forge/lib/x509')
|
|
|
|
|
const forge = require('node-forge/lib/forge')
|
|
|
|
|
const pki = forge.pki
|
|
|
|
|
exports = module.exports
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Gets a self-signed X.509 certificate for the key.
|
|
|
|
|
*
|
2020-08-24 11:58:02 +01:00
|
|
|
* The output Uint8Array contains the PKCS #7 message in DER.
|
2020-05-12 14:09:31 +02:00
|
|
|
*
|
|
|
|
|
* TODO: move to libp2p-crypto package
|
|
|
|
|
*
|
|
|
|
|
* @param {KeyInfo} key - The id and name of the key
|
|
|
|
|
* @param {RsaPrivateKey} privateKey - The naked key
|
2020-08-24 11:58:02 +01:00
|
|
|
* @returns {Uint8Array}
|
2020-05-12 14:09:31 +02:00
|
|
|
*/
|
|
|
|
|
exports.certificateForKey = (key, privateKey) => {
|
|
|
|
|
const publicKey = pki.setRsaPublicKey(privateKey.n, privateKey.e)
|
|
|
|
|
const cert = pki.createCertificate()
|
|
|
|
|
cert.publicKey = publicKey
|
|
|
|
|
cert.serialNumber = '01'
|
|
|
|
|
cert.validity.notBefore = new Date()
|
|
|
|
|
cert.validity.notAfter = new Date()
|
|
|
|
|
cert.validity.notAfter.setFullYear(cert.validity.notBefore.getFullYear() + 10)
|
|
|
|
|
const attrs = [{
|
|
|
|
|
name: 'organizationName',
|
|
|
|
|
value: 'ipfs'
|
|
|
|
|
}, {
|
|
|
|
|
shortName: 'OU',
|
|
|
|
|
value: 'keystore'
|
|
|
|
|
}, {
|
|
|
|
|
name: 'commonName',
|
|
|
|
|
value: key.id
|
|
|
|
|
}]
|
|
|
|
|
cert.setSubject(attrs)
|
|
|
|
|
cert.setIssuer(attrs)
|
|
|
|
|
cert.setExtensions([{
|
|
|
|
|
name: 'basicConstraints',
|
|
|
|
|
cA: true
|
|
|
|
|
}, {
|
|
|
|
|
name: 'keyUsage',
|
|
|
|
|
keyCertSign: true,
|
|
|
|
|
digitalSignature: true,
|
|
|
|
|
nonRepudiation: true,
|
|
|
|
|
keyEncipherment: true,
|
|
|
|
|
dataEncipherment: true
|
|
|
|
|
}, {
|
|
|
|
|
name: 'extKeyUsage',
|
|
|
|
|
serverAuth: true,
|
|
|
|
|
clientAuth: true,
|
|
|
|
|
codeSigning: true,
|
|
|
|
|
emailProtection: true,
|
|
|
|
|
timeStamping: true
|
|
|
|
|
}, {
|
|
|
|
|
name: 'nsCertType',
|
|
|
|
|
client: true,
|
|
|
|
|
server: true,
|
|
|
|
|
email: true,
|
|
|
|
|
objsign: true,
|
|
|
|
|
sslCA: true,
|
|
|
|
|
emailCA: true,
|
|
|
|
|
objCA: true
|
|
|
|
|
}])
|
|
|
|
|
// self-sign certificate
|
|
|
|
|
cert.sign(privateKey)
|
|
|
|
|
|
|
|
|
|
return cert
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Finds the first item in a collection that is matched in the
|
|
|
|
|
* `asyncCompare` function.
|
|
|
|
|
*
|
|
|
|
|
* `asyncCompare` is an async function that must
|
|
|
|
|
* resolve to either `true` or `false`.
|
|
|
|
|
*
|
|
|
|
|
* @param {Array} array
|
2020-10-06 14:59:43 +02:00
|
|
|
* @param {function(*)} asyncCompare - An async function that returns a boolean
|
2020-05-12 14:09:31 +02:00
|
|
|
*/
|
|
|
|
|
async function findAsync (array, asyncCompare) {
|
|
|
|
|
const promises = array.map(asyncCompare)
|
|
|
|
|
const results = await Promise.all(promises)
|
|
|
|
|
const index = results.findIndex(result => result)
|
|
|
|
|
return array[index]
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
module.exports.findAsync = findAsync
|
