@techteamer/cert-utils v2.0.0

Cert Utils

Cert utils implements the CertService, Certinfo and CertvalidationError classes for the timestamps.

• Cert Utils
  • Install
    • Usage
      • Params
    • Default config
    • Public methods

Install

$ yarn add @techteamer/cert-utils

Usage

const { CertService } = require('@techteamer/cert-utils')
...
this.certService = new CertService('latin1')

Params

1. encode type(optional): config.get('certService.encoding', 'latin1')

Default config

  "certService": {
    "encoding": 'latin1'
  }

Public methods

• parseCert: get cert info from certBuffer

/**
 * @param {Buffer} certBuf Buffer of a P12 cert, Buffer of a utf-8 encoded PEM string
 * @param {String} [password] Used for decrypting P12 containers, not required for PEM certs
 * @param {String} [certType='P12']
 * @returns {Promise<null|CertInfo>}
 */
async parseCert(certBuf, password, certType = CertService.CertType.P12)

• parseCertFromFile: get cert info from file

  /**
   * get cert info from file
    @param {String} certPath
    @param {String} password
    @returns {CertInfo}
   */
  async parseCertFromFile (certPath, password)

• verifyCert: Verifies that the provided certificate is valid

/**
   * Verifies that the provided certificate ("pemCert") is valid
   * If the verification fails, a {CertValidationError} is thrown.
   * @param {string | Buffer} pemCert String or a Buffer containing the utf-8 encoded PEM string. Individual cert in PEM format
   * @param {string | Buffer | null} [pemCaCert=null] String or a Buffer containing the utf-8 encoded PEM string. Individual CA cert in PEM format or a CA cert chain (multiple CA certs separated by \n)
   * @param {boolean} [verifyOcsp=false] Sends an ocsp request and verifies that the provided cert is not revoked. Requires a defined CA cert ("pemCaCert")
   * @returns {Promise<void>}
   * @throws {CertValidationError}
   */
  async verifyCert (pemCert, pemCaCert, verifyOcsp = false)

• getPemCertBody: Parses the provided certificate's body and return it as a buffer

  /**
   * Parses the provided certificate's body and return it as a buffer.
   * If pemCert is a certificate chain, returns the first PEM certificate's body from the chain.
   * @param {string | Buffer} pemCert String or a Buffer containing the utf-8 encoded PEM string. Individual PEM cert.
   * @returns {Promise<Buffer>}
   * @throws {CertValidationError}
   */
  async getPemCertBody (pemCert)

• CertInfo: return cert info

Example:

    CertInfo {
      subject: {
        C: 'HU',
        L: 'Budapest',
        O: 'Test Kft.',
        organizationIdentifier: '00000000-20-00',
        CN: 'Teszt',
        GN: 'Teszt',
        SN: 'Teszt',
        emailAddress: 'teszt@localhost',
        serialNumber: '1.3.6.1.4.1.00000.2.2.99.00000'
      },
      issuer: {
        C: 'HU',
        L: 'Budapest',
        O: 'Microsec Ltd.',
        OU: 'e-Szigno CA',
        CN: 'e-Szigno Test CA3'
      },
      notBefore: 2019-11-26T11:54:00.000Z,
      notAfter: 2020-02-27T11:54:00.000Z,
      decrypted: true
    }

• certinfo.validator: get cert validation info

Example

{
  ok: false,
  info: { info: { isEffective: true, isExpired: true } },
  message: 'Cert validation error, cert is expired'
}

• CertType: return cert types

{ P12: 'P12', PEM: 'PEM' }