Son CV dans un terminal web en Javascript!
https://terminal-cv.gregandev.fr
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
140 lines
2.8 KiB
140 lines
2.8 KiB
// @flow
|
|
import type {FileSystem} from '@parcel/fs';
|
|
import forge from 'node-forge';
|
|
import path from 'path';
|
|
import logger from '@parcel/logger';
|
|
|
|
export default async function generateCertificate(
|
|
fs: FileSystem,
|
|
cacheDir: string,
|
|
host: ?string,
|
|
): Promise<{|cert: Buffer, key: Buffer|}> {
|
|
let certDirectory = cacheDir;
|
|
|
|
const privateKeyPath = path.join(certDirectory, 'private.pem');
|
|
const certPath = path.join(certDirectory, 'primary.crt');
|
|
const cachedKey =
|
|
(await fs.exists(privateKeyPath)) && (await fs.readFile(privateKeyPath));
|
|
const cachedCert =
|
|
(await fs.exists(certPath)) && (await fs.readFile(certPath));
|
|
|
|
if (cachedKey && cachedCert) {
|
|
return {
|
|
key: cachedKey,
|
|
cert: cachedCert,
|
|
};
|
|
}
|
|
|
|
logger.progress('Generating SSL Certificate...');
|
|
|
|
const pki = forge.pki;
|
|
const keys = pki.rsa.generateKeyPair(2048);
|
|
const cert = pki.createCertificate();
|
|
|
|
cert.publicKey = keys.publicKey;
|
|
cert.serialNumber = Date.now().toString();
|
|
cert.validity.notBefore = new Date();
|
|
cert.validity.notAfter = new Date();
|
|
cert.validity.notAfter.setFullYear(cert.validity.notBefore.getFullYear() + 1);
|
|
|
|
const attrs = [
|
|
{
|
|
name: 'commonName',
|
|
value: 'parceljs.org',
|
|
},
|
|
{
|
|
name: 'countryName',
|
|
value: 'US',
|
|
},
|
|
{
|
|
shortName: 'ST',
|
|
value: 'Virginia',
|
|
},
|
|
{
|
|
name: 'localityName',
|
|
value: 'Blacksburg',
|
|
},
|
|
{
|
|
name: 'organizationName',
|
|
value: 'parcelBundler',
|
|
},
|
|
{
|
|
shortName: 'OU',
|
|
value: 'Test',
|
|
},
|
|
];
|
|
|
|
let altNames = [
|
|
{
|
|
type: 2, // DNS
|
|
value: 'localhost',
|
|
},
|
|
{
|
|
type: 7, // IP
|
|
ip: '127.0.0.1',
|
|
},
|
|
];
|
|
|
|
if (host) {
|
|
altNames.push({
|
|
type: 2, // DNS
|
|
value: host,
|
|
});
|
|
}
|
|
|
|
cert.setSubject(attrs);
|
|
cert.setIssuer(attrs);
|
|
cert.setExtensions([
|
|
{
|
|
name: 'basicConstraints',
|
|
cA: false,
|
|
},
|
|
{
|
|
name: 'keyUsage',
|
|
keyCertSign: true,
|
|
digitalSignature: true,
|
|
nonRepudiation: true,
|
|
keyEncipherment: true,
|
|
dataEncipherment: true,
|
|
},
|
|
{
|
|
name: 'extKeyUsage',
|
|
serverAuth: true,
|
|
clientAuth: true,
|
|
codeSigning: true,
|
|
emailProtection: true,
|
|
timeStamping: true,
|
|
},
|
|
{
|
|
name: 'nsCertType',
|
|
client: true,
|
|
server: true,
|
|
email: true,
|
|
objsign: true,
|
|
sslCA: true,
|
|
emailCA: true,
|
|
objCA: true,
|
|
},
|
|
{
|
|
name: 'subjectAltName',
|
|
altNames,
|
|
},
|
|
{
|
|
name: 'subjectKeyIdentifier',
|
|
},
|
|
]);
|
|
|
|
cert.sign(keys.privateKey, forge.md.sha256.create());
|
|
|
|
const privPem = pki.privateKeyToPem(keys.privateKey);
|
|
const certPem = pki.certificateToPem(cert);
|
|
|
|
await fs.mkdirp(certDirectory);
|
|
await fs.writeFile(privateKeyPath, privPem);
|
|
await fs.writeFile(certPath, certPem);
|
|
|
|
return {
|
|
key: privPem,
|
|
cert: certPem,
|
|
};
|
|
}
|
|
|