feat: update to produce DER cert as well

src/common/CryptoUtils.ts

@@ -12,8 +12,10 @@ Messages.importMessagesDirectoryFromMetaUrl(import.meta.url);
 const messages = Messages.loadMessages('@salesforce/lwc-dev-mobile-core', 'crypto-utils');
 
 export type PEMCertificate = {
-    certificate: string;
-    key: string;
+    derCertificate: string;
+    pemCertificate: string;
+    pemPrivateKey: string;
+    pemPublicKey: string;
 };
 
 export class CryptoUtils {
@@ -66,30 +68,12 @@ export class CryptoUtils {
         cert.validity.notAfter = endDate;
 
         const attrs = [
-            {
-                name: 'commonName',
-                value: hostname
-            },
-            {
-                name: 'countryName',
-                value: 'US'
-            },
-            {
-                shortName: 'ST',
-                value: 'California'
-            },
-            {
-                name: 'localityName',
-                value: 'San Francisco'
-            },
-            {
-                name: 'organizationName',
-                value: 'Example Inc.'
-            },
-            {
-                shortName: 'OU',
-                value: 'Test'
-            }
+            { name: 'commonName', value: hostname },
+            { name: 'countryName', value: 'US' },
+            { shortName: 'ST', value: 'California' },
+            { name: 'localityName', value: 'San Francisco' },
+            { name: 'organizationName', value: 'Salesforce Inc.' },
+            { shortName: 'OU', value: 'LocalDevPreview' }
         ];
 
         cert.setSubject(attrs);
@@ -117,6 +101,16 @@ export class CryptoUtils {
                 emailProtection: true,
                 timeStamping: true
             },
+            {
+                name: 'nsCertType',
+                client: true,
+                server: true,
+                email: true,
+                objsign: true,
+                sslCA: true,
+                emailCA: true,
+                objCA: true
+            },
             {
                 name: 'subjectAltName',
                 altNames: [
@@ -137,14 +131,25 @@ export class CryptoUtils {
                         value: '::1'
                     }
                 ]
+            },
+            {
+                name: 'subjectKeyIdentifier'
             }
         ]);
 
         cert.sign(keys.privateKey, forge.md.sha256.create());
 
         const pemCert = forge.pki.certificateToPem(cert);
-        const pemKey = forge.pki.privateKeyToPem(keys.privateKey);
+        const privateKey = forge.pki.privateKeyToPem(keys.privateKey);
+        const publicKey = forge.pki.publicKeyToPem(keys.publicKey);
+
+        const derCert = forge.asn1.toDer(forge.pki.certificateToAsn1(cert)).getBytes();
 
-        return { certificate: pemCert, key: pemKey };
+        return {
+            derCertificate: derCert,
+            pemCertificate: pemCert,
+            pemPrivateKey: privateKey,
+            pemPublicKey: publicKey
+        };
     }
 }

test/unit/common/CryptoUtils.test.ts

@@ -67,7 +67,9 @@ describe('CryptoUtils tests', () => {
 
     it('generateSelfSignedCert succeeds to generate a certificate and key for localhost', async () => {
         const cert = CryptoUtils.generateSelfSignedCert();
-        expect(cert.certificate.startsWith('-----BEGIN CERTIFICATE-----')).to.be.true;
-        expect(cert.key.startsWith('-----BEGIN RSA PRIVATE KEY-----')).to.be.true;
+        expect(cert.derCertificate).not.to.be.null;
+        expect(cert.pemCertificate.startsWith('-----BEGIN CERTIFICATE-----')).to.be.true;
+        expect(cert.pemPublicKey.startsWith('-----BEGIN PUBLIC KEY-----')).to.be.true;
+        expect(cert.pemPrivateKey.startsWith('-----BEGIN RSA PRIVATE KEY-----')).to.be.true;
     }).timeout(10000); // increase timeout for this test
 });