Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

version 0.1.0

  • Loading branch information...
commit 44c08bc5c2cf142f42d06fa72bbf16df38190d33 1 parent bacb2ec
Andris Reinman authored
Showing with 165 additions and 1 deletion.
  1. +16 −0 LICENSE
  2. +93 −1 README.md
  3. +56 −0 lib/pem.js
View
16 LICENSE
@@ -0,0 +1,16 @@
+Copyright (c) 2012 Andris Reinman
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
View
94 README.md
@@ -3,4 +3,96 @@ pem
Create private keys and certificates with node.js
-[![Build Status](https://secure.travis-ci.org/andris9/pem.png)](http://travis-ci.org/andris9/pem)
+[![Build Status](https://secure.travis-ci.org/andris9/pem.png)](http://travis-ci.org/andris9/pem)
+
+**NB!** This module does not yet support node v0.7+/0.8 or Windows. Sorry.
+
+## Installation
+
+Install with npm
+
+ npm install pem
+
+## API
+
+### Create a private key
+
+Use `createPrivateKey` for creating private keys
+
+ pem.createPrivateKey(keyBitsize, callback)
+
+Where
+
+ * **keyBitsize** is an optional size of the key, defaults to 1024 (bit)
+ * **callback** is a callback function with an error object and `{key}`
+
+### Create a Certificate Signing Request
+
+Use `createCSR` for creating private keys
+
+ pem.createCSR(options, callback)
+
+Where
+
+ * **options** is an optional options object
+ * **callback** is a callback function with an error object and `{csr, clientKey}`
+
+Possible options are the following
+
+ * **clientKey** is an optional client key to use
+ * **keyBitsize** - if `clientKey` is undefined, bit size to use for generating a new key (defaults to 1024)
+ * **hash** is a hash function to use (either `md5` or `sha1`, defaults to `sha1`)
+ * **country** is a CSR country field
+ * **state** is a CSR state field
+ * **locality** is a CSR locality field
+ * **organization** is a CSR organization field
+ * **organizationUnit** is a CSR organizational unit field
+ * **commonName** is a CSR common name field (defaults to `localhost`)
+ * **emailAddress** is a CSR email address field
+
+### Create a certificate
+
+Use `createCertificate` for creating private keys
+
+ pem.createCertificate(options, callback)
+
+Where
+
+ * **options** is an optional options object
+ * **callback** is a callback function with an error object and `{certificate, csr, clientKey, serviceKey}`
+
+Possible options include all the options for `createCSR` - in case `csr` parameter is not defined and a new
+CSR needs to be generated.
+
+In addition, possible options are the following
+
+ * **serviceKey** is a private key for signing the certificate, if not defined a new one is generated
+ * **selfSigned** - if set to true and `serviceKey` is not defined, use `clientKey` for signing
+ * **csr** is a CSR for the certificate, if not defined a new one is generated
+ * **days** is the certificate expire time in days
+
+### Export a public key
+
+Use `getPublicKey` for exporting a public key from a private key, CSR or certificate
+
+ pem.getPublicKey(certificate, callback)
+
+Where
+
+ * **certificate** is a PEM encoded private key, CSR or certificate
+ * **callback** is a callback function with an error object and `{publicKey}`
+
+### Read certificate info
+
+Use `readCertificateInfo` for reading subject data from a certificate or a CSR
+
+ pem.readCertificateInfo(certificate, callback)
+
+Where
+
+ * **certificate** is a PEM encoded CSR or a certificate
+ * **callback** is a callback function with an error object and `{country, state, locality, organization, organizationUnit, commonName, emailAddress}`
+
+## License
+
+**MIT**
View
56 lib/pem.js
@@ -6,6 +6,14 @@ module.exports.createCertificate = createCertificate;
module.exports.readCertificateInfo = readCertificateInfo;
module.exports.getPublicKey = getPublicKey;
+// PUBLIC API
+
+/**
+ * Creates a private key
+ *
+ * @param {Number} [keyBitsize=1024] Size of the key, defaults to 1024bit
+ * @param {Function} callback Callback function with an error object and {key}
+ */
function createPrivateKey(keyBitsize, callback){
if(!callback && typeof keyBitsize == "function"){
callback = keyBitsize;
@@ -28,6 +36,25 @@ function createPrivateKey(keyBitsize, callback){
});
}
+/**
+ * Creates a Certificate Signing Request
+ *
+ * If client key is undefined, a new key is created automatically. The used key is included
+ * in the callback return as clientKey
+ *
+ * @param {Object} [options] Optional options object
+ * @param {String} [options.clientKey] Optional client key to use
+ * @param {Number} [options.keyBitsize] If clientKey is undefined, bit size to use for generating a new key (defaults to 1024)
+ * @param {String} [options.hash] Hash function to use (either md5 or sha1, defaults to sha1)
+ * @param {String} [options.country] CSR country field
+ * @param {String} [options.state] CSR state field
+ * @param {String} [options.locality] CSR locality field
+ * @param {String} [options.organization] CSR organization field
+ * @param {String} [options.organizationUnit] CSR organizational unit field
+ * @param {String} [options.commonName="localhost"] CSR common name field
+ * @param {String} [options.emailAddress] CSR email address field
+ * @param {Function} callback Callback function with an error object and {csr, clientKey}
+ */
function createCSR(options, callback){
if(!callback && typeof options == "function"){
callback = options;
@@ -69,6 +96,18 @@ function createCSR(options, callback){
});
}
+/**
+ * Creates a certificate based on a CSR. If CSR is not defined, a new one
+ * will be generated automatically. For CSR generation all the options values
+ * can be used as with createCSR.
+ *
+ * @param {Object} [options] Optional options object
+ * @param {String} [options.serviceKey] Private key for signing the certificate, if not defined a new one is generated
+ * @param {Boolean} [options.selfSigned] If set to true and serviceKey is not defined, use clientKey for signing
+ * @param {String} [options.csr] CSR for the certificate, if not defined a new one is generated
+ * @param {Number} [options.days] Certificate expire time in days
+ * @param {Function} callback Callback function with an error object and {certificate, csr, clientKey, serviceKey}
+ */
function createCertificate(options, callback){
if(!callback && typeof options == "function"){
callback = options;
@@ -129,6 +168,12 @@ function createCertificate(options, callback){
});
}
+/**
+ * Exports a public key from a private key, CSR or certificate
+ *
+ * @param {String} certificate PEM encoded private key, CSR or certificate
+ * @param {Function} callback Callback function with an error object and {publicKey}
+ */
function getPublicKey(certificate, callback){
if(!callback && typeof certificate == "function"){
callback = certificate;
@@ -166,6 +211,12 @@ function getPublicKey(certificate, callback){
});
}
+/**
+ * Reads subject data from a certificate or a CSR
+ *
+ * @param {String} certificate PEM encoded CSR or certificate
+ * @param {Function} callback Callback function with an error object and {country, state, locality, organization, organizationUnit, commonName, emailAddress}
+ */
function readCertificateInfo(certificate, callback){
if(!callback && typeof certificate == "function"){
callback = certificate;
@@ -208,6 +259,8 @@ function readCertificateInfo(certificate, callback){
});
}
+// HELPER FUNCTIONS
+
function fetchCertificateData(certData, callback){
certData = (certData || "").toString();
@@ -268,6 +321,9 @@ function generateCSRSubject(options){
return csrBuilder.join("");
}
+/**
+ * Spawn an openssl command
+ */
function execOpenSSL(params, searchStr, stdin, callback){
var openssl = spawn("openssl", params),
stdout = "",
Please sign in to comment.
Something went wrong with that request. Please try again.