@techteamer/cert-utils
v2.0.0
Published
This package contains a CertUtils which can parsing certs
Downloads
2,603
Readme
Cert Utils
Cert utils implements the CertService, Certinfo and CertvalidationError classes for the timestamps.
Install
$ yarn add @techteamer/cert-utils
Usage
const { CertService } = require('@techteamer/cert-utils')
...
this.certService = new CertService('latin1')
Params
- encode type(optional): config.get('certService.encoding', 'latin1')
Default config
"certService": {
"encoding": 'latin1'
}
Public methods
parseCert
: get cert info from certBuffer
/**
* @param {Buffer} certBuf Buffer of a P12 cert, Buffer of a utf-8 encoded PEM string
* @param {String} [password] Used for decrypting P12 containers, not required for PEM certs
* @param {String} [certType='P12']
* @returns {Promise<null|CertInfo>}
*/
async parseCert(certBuf, password, certType = CertService.CertType.P12)
parseCertFromFile
: get cert info from file
/**
* get cert info from file
@param {String} certPath
@param {String} password
@returns {CertInfo}
*/
async parseCertFromFile (certPath, password)
verifyCert
: Verifies that the provided certificate is valid
/**
* Verifies that the provided certificate ("pemCert") is valid
* If the verification fails, a {CertValidationError} is thrown.
* @param {string | Buffer} pemCert String or a Buffer containing the utf-8 encoded PEM string. Individual cert in PEM format
* @param {string | Buffer | null} [pemCaCert=null] String or a Buffer containing the utf-8 encoded PEM string. Individual CA cert in PEM format or a CA cert chain (multiple CA certs separated by \n)
* @param {boolean} [verifyOcsp=false] Sends an ocsp request and verifies that the provided cert is not revoked. Requires a defined CA cert ("pemCaCert")
* @returns {Promise<void>}
* @throws {CertValidationError}
*/
async verifyCert (pemCert, pemCaCert, verifyOcsp = false)
getPemCertBody
: Parses the provided certificate's body and return it as a buffer
/**
* Parses the provided certificate's body and return it as a buffer.
* If pemCert is a certificate chain, returns the first PEM certificate's body from the chain.
* @param {string | Buffer} pemCert String or a Buffer containing the utf-8 encoded PEM string. Individual PEM cert.
* @returns {Promise<Buffer>}
* @throws {CertValidationError}
*/
async getPemCertBody (pemCert)
CertInfo
: return cert info
Example:
CertInfo {
subject: {
C: 'HU',
L: 'Budapest',
O: 'Test Kft.',
organizationIdentifier: '00000000-20-00',
CN: 'Teszt',
GN: 'Teszt',
SN: 'Teszt',
emailAddress: 'teszt@localhost',
serialNumber: '1.3.6.1.4.1.00000.2.2.99.00000'
},
issuer: {
C: 'HU',
L: 'Budapest',
O: 'Microsec Ltd.',
OU: 'e-Szigno CA',
CN: 'e-Szigno Test CA3'
},
notBefore: 2019-11-26T11:54:00.000Z,
notAfter: 2020-02-27T11:54:00.000Z,
decrypted: true
}
certinfo.validator
: get cert validation info
Example
{
ok: false,
info: { info: { isEffective: true, isExpired: true } },
message: 'Cert validation error, cert is expired'
}
CertType
: return cert types
{ P12: 'P12', PEM: 'PEM' }