Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
node-opcua-crypto
Advanced tools
NodeOPCUA Crypto is a powerful JavaScript module for handling security and cryptography for OPCUA. It's written in TypeScript and runs smoothly on Node.js and in the browser.
To use NodeOPCUA Crypto in your project, follow these steps:
npm install nodeopcua-crypto
import { generatePrivateKey, privateKeyToPEM, CertificatePurpose, createSelfSignedCertificate } from "node-opcua-crypto";
async function demonstratePrivateKeyAndSelfSignedCertificateCreation() {
// create the Private Key
const privateKey = await generatePrivateKey();
// convert the private key to a PEM format
const { privPem } = await privateKeyToPEM(privateKey);
console.log(privPem);
// create a self-sign certificate
const { cert } = await createSelfSignedCertificate({
privateKey,
notAfter: new Date(2025, 1, 1),
notBefore: new Date(2019, 1, 1),
subject: "CN=Test",
dns: ["DNS1", "DNS2"],
ip: ["192.168.1.1"],
applicationUri: "urn:HOSTNAME:ServerDescription",
purpose: CertificatePurpose.ForApplication,
});
console.log(cert);
}
demonstratePrivateKeyAndSelfSignedCertificateCreation();
Please refer to the examples directory for more specific use cases and comprehensive samples.
For any inquiries or issues related to NodeOPCUA Crypto, you can contact us at contact@sterfive.com. Please note that priority support is available to NodeOPCUA Support Subscription members.
NodeOPCUA PKI is developed and maintained by sterfive.com.
To get professional support, consider subscribing to the node-opcua membership community:
or contact sterfive for dedicated consulting and more advanced support.
We appreciate contributions from the community. To contribute:
For more detailed instructions, refer to the CONTRIBUTING.md file.
NodeOPCUA Crypto is MIT licensed. See the LICENSE file for full license details.
Copyright © 2023 Sterfive.com.
NodeOPCUA Crypto is provided as-is, and while we strive to ensure its quality and security, Sterfive.com cannot be held liable for any damage caused directly or indirectly by the usage of this module.
Please report any issues or vulnerabilities you find via the issue tracker.
Thank you for considering NodeOPCUA Crypto for your OPCUA cryptography needs. We look forward to seeing what you build with i
If you like node-opcua-pki and if you are relying on it in one of your projects, please consider becoming a backer and sponsoring us, this will help us to maintain a high-quality stack and constant evolution of this module.
If your company would like to participate and influence the development of future versions of node-opcua please contact sterfive.
FAQs
Crypto tools for Node-OPCUA
The npm package node-opcua-crypto receives a total of 20,510 weekly downloads. As such, node-opcua-crypto popularity was classified as popular.
We found that node-opcua-crypto demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.