chore: wip

Author: chrisbbreuer

src/config.ts

@@ -1,28 +1,29 @@
 import { resolve } from 'node:path'
 import { loadConfig } from 'c12'
-import type { CertOptions } from './types'
+import type { TlsOptions } from './types'
 
-// Get loaded config
 const { config } = await loadConfig({
   name: 'tls',
 })
 
-export async function resolveConfig(options?: CertOptions): Promise<CertOptions> {
-  const def: CertOptions = {
-    hostCertCN: 'Stacks tlsx RootCA',
-    domain: 'stacks.localhost',
-    rootCAObject: {
-      certificate: '',
-      privateKey: '',
+export async function resolveConfig(options?: TlsOptions): Promise<TlsOptions> {
+  const def: TlsOptions = {
+    ssl: {
+      hostCertCN: 'Stacks tlsx RootCA',
+      domain: 'stacks.localhost',
+      rootCAObject: {
+        certificate: '',
+        privateKey: '',
+      },
+      altNameIPs: ['127.0.0.1'],
+      altNameURIs: ['localhost'],
+      validityDays: 1,
+      organizationName: 'Stacks.js',
+      countryName: 'US',
+      stateName: 'California',
+      localityName: 'Playa Vista',
+      commonName: 'stacks.localhost',
     },
-    altNameIPs: ['127.0.0.1'],
-    altNameURIs: ['localhost'],
-    validityDays: 1,
-    organizationName: 'Stacks.js',
-    countryName: 'US',
-    stateName: 'California',
-    localityName: 'Playa Vista',
-    commonName: 'stacks.localhost',
   }
 
   let { config } = await loadConfig({

src/keys.ts

@@ -4,7 +4,7 @@ import path from 'node:path'
 import { log, runCommand } from '@stacksjs/cli'
 import forge, { pki, tls } from 'node-forge'
 import { config, resolveConfig } from './config'
-import type { AddCertOptions, CertOptions } from './types'
+import type { AddCertOptions, CertOptions, GenerateCertReturn } from './types'
 
 /**
  * Generate a random serial number for the Certificate
@@ -107,13 +107,6 @@ export async function createRootCA(): Promise<GenerateCertReturn> {
   }
 }
 
-type GenerateCertReturn = {
-  certificate: string
-  privateKey: string
-  notBefore: Date
-  notAfter: Date
-}
-
 /**
  * Generate a new Host Certificate
  * @param options - The options for generating the certificate

src/types.ts

@@ -4,6 +4,9 @@ export type DeepPartial<T> = {
 
 export interface TlsOptions {
   ssl: {
+    hostCertCN: string
+    domain: string
+    rootCAObject: { certificate: string; privateKey: string }
     altNameIPs: string[]
     altNameURIs: string[]
     commonName: string
@@ -29,7 +32,7 @@ export interface CertOptions {
   commonName?: string
 }
 
-export type CertDetails = {
+export interface CertDetails {
   subject: any
   issuer: any
   validFrom: Date
@@ -41,4 +44,11 @@ export interface AddCertOptions {
   customCertPath?: string
 }
 
+export interface GenerateCertReturn {
+  certificate: string
+  privateKey: string
+  notBefore: Date
+  notAfter: Date
+}
+
 export type TlsConfig = DeepPartial<TlsOptions>

test/tlsx.test.ts

@@ -1,7 +1,61 @@
 import { describe, expect, it } from 'bun:test'
+import { createRootCA, generateCert, isCertExpired, isCertValidForDomain, parseCertDetails } from '../src'
+import type { CertOptions } from '../src/types'
 
-describe('should', () => {
-  it('exported', () => {
-    expect(1).toEqual(1)
+describe('@stacksjs/tlsx', () => {
+  it('should create a Root CA certificate', async () => {
+    const rootCA = await createRootCA()
+    expect(rootCA).toHaveProperty('certificate')
+    expect(rootCA).toHaveProperty('privateKey')
+    expect(rootCA).toHaveProperty('notBefore')
+    expect(rootCA).toHaveProperty('notAfter')
+  })
+
+  it('should generate a host certificate', async () => {
+    const rootCA = await createRootCA()
+    const options: CertOptions = {
+      hostCertCN: 'localhost',
+      domain: 'localhost',
+      rootCAObject: {
+        certificate: rootCA.certificate,
+        privateKey: rootCA.privateKey,
+      },
+    }
+    const hostCert = await generateCert(options)
+    expect(hostCert).toHaveProperty('certificate')
+    expect(hostCert).toHaveProperty('privateKey')
+    expect(hostCert).toHaveProperty('notBefore')
+    expect(hostCert).toHaveProperty('notAfter')
+  })
+
+  it('should validate a certificate for a domain', async () => {
+    const rootCA = await createRootCA()
+    const options: CertOptions = {
+      hostCertCN: 'localhost',
+      domain: 'localhost',
+      rootCAObject: {
+        certificate: rootCA.certificate,
+        privateKey: rootCA.privateKey,
+      },
+    }
+    const hostCert = await generateCert(options)
+    const isValid = isCertValidForDomain(hostCert.certificate, 'localhost')
+    expect(isValid).toBe(true)
+  })
+
+  it('should parse certificate details', async () => {
+    const rootCA = await createRootCA()
+    const certDetails = parseCertDetails(rootCA.certificate)
+    expect(certDetails).toHaveProperty('subject')
+    expect(certDetails).toHaveProperty('issuer')
+    expect(certDetails).toHaveProperty('validFrom')
+    expect(certDetails).toHaveProperty('validTo')
+    expect(certDetails).toHaveProperty('serialNumber')
+  })
+
+  it('should check if a certificate is expired', async () => {
+    const rootCA = await createRootCA()
+    const isExpired = isCertExpired(rootCA.certificate)
+    expect(isExpired).toBe(false)
   })
 })