From b29d50f0c79347e391322912d73f5fe28410d55d Mon Sep 17 00:00:00 2001 From: Meisam Seyed Aliroteh Date: Fri, 31 May 2024 09:53:57 -0700 Subject: [PATCH] feat: update to produce DER cert as well --- src/common/CryptoUtils.ts | 61 +++++++++++++++------------- test/unit/common/CryptoUtils.test.ts | 6 ++- 2 files changed, 37 insertions(+), 30 deletions(-) diff --git a/src/common/CryptoUtils.ts b/src/common/CryptoUtils.ts index 3c33e85..dd54b3d 100644 --- a/src/common/CryptoUtils.ts +++ b/src/common/CryptoUtils.ts @@ -12,8 +12,10 @@ Messages.importMessagesDirectoryFromMetaUrl(import.meta.url); const messages = Messages.loadMessages('@salesforce/lwc-dev-mobile-core', 'crypto-utils'); export type PEMCertificate = { - certificate: string; - key: string; + derCertificate: string; + pemCertificate: string; + pemPrivateKey: string; + pemPublicKey: string; }; export class CryptoUtils { @@ -66,30 +68,12 @@ export class CryptoUtils { cert.validity.notAfter = endDate; const attrs = [ - { - name: 'commonName', - value: hostname - }, - { - name: 'countryName', - value: 'US' - }, - { - shortName: 'ST', - value: 'California' - }, - { - name: 'localityName', - value: 'San Francisco' - }, - { - name: 'organizationName', - value: 'Example Inc.' - }, - { - shortName: 'OU', - value: 'Test' - } + { name: 'commonName', value: hostname }, + { name: 'countryName', value: 'US' }, + { shortName: 'ST', value: 'California' }, + { name: 'localityName', value: 'San Francisco' }, + { name: 'organizationName', value: 'Salesforce Inc.' }, + { shortName: 'OU', value: 'LocalDevPreview' } ]; cert.setSubject(attrs); @@ -117,6 +101,16 @@ export class CryptoUtils { emailProtection: true, timeStamping: true }, + { + name: 'nsCertType', + client: true, + server: true, + email: true, + objsign: true, + sslCA: true, + emailCA: true, + objCA: true + }, { name: 'subjectAltName', altNames: [ @@ -137,14 +131,25 @@ export class CryptoUtils { value: '::1' } ] + }, + { + name: 'subjectKeyIdentifier' } ]); cert.sign(keys.privateKey, forge.md.sha256.create()); const pemCert = forge.pki.certificateToPem(cert); - const pemKey = forge.pki.privateKeyToPem(keys.privateKey); + const privateKey = forge.pki.privateKeyToPem(keys.privateKey); + const publicKey = forge.pki.publicKeyToPem(keys.publicKey); + + const derCert = forge.asn1.toDer(forge.pki.certificateToAsn1(cert)).getBytes(); - return { certificate: pemCert, key: pemKey }; + return { + derCertificate: derCert, + pemCertificate: pemCert, + pemPrivateKey: privateKey, + pemPublicKey: publicKey + }; } } diff --git a/test/unit/common/CryptoUtils.test.ts b/test/unit/common/CryptoUtils.test.ts index b40cfc9..2fe3a9f 100644 --- a/test/unit/common/CryptoUtils.test.ts +++ b/test/unit/common/CryptoUtils.test.ts @@ -67,7 +67,9 @@ describe('CryptoUtils tests', () => { it('generateSelfSignedCert succeeds to generate a certificate and key for localhost', async () => { const cert = CryptoUtils.generateSelfSignedCert(); - expect(cert.certificate.startsWith('-----BEGIN CERTIFICATE-----')).to.be.true; - expect(cert.key.startsWith('-----BEGIN RSA PRIVATE KEY-----')).to.be.true; + expect(cert.derCertificate).not.to.be.null; + expect(cert.pemCertificate.startsWith('-----BEGIN CERTIFICATE-----')).to.be.true; + expect(cert.pemPublicKey.startsWith('-----BEGIN PUBLIC KEY-----')).to.be.true; + expect(cert.pemPrivateKey.startsWith('-----BEGIN RSA PRIVATE KEY-----')).to.be.true; }).timeout(10000); // increase timeout for this test });