
Product
Introducing Webhook Events for Pull Request Scans
Add real-time Socket webhook events to your workflows to automatically receive pull request scan results and security alerts in real time.
@techteamer/cert-utils
Advanced tools
Cert utils implements the CertService, Certinfo and CertvalidationError classes for the timestamps.
$ yarn add @techteamer/cert-utils
const { CertService } = require('@techteamer/cert-utils')
...
this.certService = new CertService('latin1')
"certService": {
"encoding": 'latin1'
}
parseCert
: get cert info from certBuffer/**
* @param {Buffer} certBuf Buffer of a P12 cert, Buffer of a utf-8 encoded PEM string
* @param {String} [password] Used for decrypting P12 containers, not required for PEM certs
* @param {String} [certType='P12']
* @returns {Promise<null|CertInfo>}
*/
async parseCert(certBuf, password, certType = CertService.CertType.P12)
parseCertFromFile
: get cert info from file /**
* get cert info from file
@param {String} certPath
@param {String} password
@returns {CertInfo}
*/
async parseCertFromFile (certPath, password)
verifyCert
: Verifies that the provided certificate is valid/**
* Verifies that the provided certificate ("pemCert") is valid
* If the verification fails, a {CertValidationError} is thrown.
* @param {string | Buffer} pemCert String or a Buffer containing the utf-8 encoded PEM string. Individual cert in PEM format
* @param {string | Buffer | null} [pemCaCert=null] String or a Buffer containing the utf-8 encoded PEM string. Individual CA cert in PEM format or a CA cert chain (multiple CA certs separated by \n)
* @param {boolean} [verifyOcsp=false] Sends an ocsp request and verifies that the provided cert is not revoked. Requires a defined CA cert ("pemCaCert")
* @returns {Promise<void>}
* @throws {CertValidationError}
*/
async verifyCert (pemCert, pemCaCert, verifyOcsp = false)
getPemCertBody
: Parses the provided certificate's body and return it as a buffer /**
* Parses the provided certificate's body and return it as a buffer.
* If pemCert is a certificate chain, returns the first PEM certificate's body from the chain.
* @param {string | Buffer} pemCert String or a Buffer containing the utf-8 encoded PEM string. Individual PEM cert.
* @returns {Promise<Buffer>}
* @throws {CertValidationError}
*/
async getPemCertBody (pemCert)
CertInfo
: return cert infoExample:
CertInfo {
subject: {
C: 'HU',
L: 'Budapest',
O: 'Test Kft.',
organizationIdentifier: '00000000-20-00',
CN: 'Teszt',
GN: 'Teszt',
SN: 'Teszt',
emailAddress: 'teszt@localhost',
serialNumber: '1.3.6.1.4.1.00000.2.2.99.00000'
},
issuer: {
C: 'HU',
L: 'Budapest',
O: 'Microsec Ltd.',
OU: 'e-Szigno CA',
CN: 'e-Szigno Test CA3'
},
notBefore: 2019-11-26T11:54:00.000Z,
notAfter: 2020-02-27T11:54:00.000Z,
decrypted: true
}
certinfo.validator
: get cert validation infoExample
{
ok: false,
info: { info: { isEffective: true, isExpired: true } },
message: 'Cert validation error, cert is expired'
}
CertType
: return cert types{ P12: 'P12', PEM: 'PEM' }
FAQs
This package contains a CertUtils which can parsing certs
We found that @techteamer/cert-utils demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Add real-time Socket webhook events to your workflows to automatically receive pull request scan results and security alerts in real time.
Research
The Socket Threat Research Team uncovered malicious NuGet packages typosquatting the popular Nethereum project to steal wallet keys.
Product
A single platform for static analysis, secrets detection, container scanning, and CVE checks—built on trusted open source tools, ready to run out of the box.