Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
openssl-nodejs-promise
Advanced tools
Fork of the most excellent [openssl-nodejs](https://github.com/codevibess/openssl-nodejs) # `openssl-node-js-promise` is a package which gives you a possibility to run every [OpenSSL](https://www.openssl.org/) command in [Node.js](https://nodejs.org/en/)
Fork of the most excellent openssl-nodejs
openssl-node-js-promise
is a package which gives you a possibility to run every OpenSSL command in Node.js in a handy way. Moreover, parameters like -in, -keyin, -config and etc can be replaced by a raw data (Buffer).
npm install openssl-nodejs-promise
Import openssl module:
const openssl = require('openssl-nodejs-promise')
openssl(cmd, options).then((res) => ...)
The only supported option is the directory openssl-nodejs-promise
will write to.
the default is openssl
in the current directory.
const options = { dir: '/tmp/openssl' }
Next, invoke openssl function and put command with parameters inside a function like presented in the example below.
openssl('openssl req -config csr.cnf -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout key.key -out certificate.crt')
.then((buffer) => buffer.toString())
.catch(e => console.error(e.stack))
To get access to the result of execution specify callback function as the last parameter of openssl function (with arguments err and buffer).
openssl function can be invoked with a single parameter like OpenSSL command (see example above) or within an array with command name and parameters itself.
openssl(['req', '-config', 'csr.conf', '-out', 'CSR.csr', '-new', '-newkey', 'rsa:2048', '-nodes', '-keyout', 'privateKey.key');
If you want to specify Buffer text instead of the file as an input/output or whatever you need, use the version with an array as a function parameter. And put an object with keys: name: (specify a name of file which will be created to handle this command), and buffer: (your buffer variable) Example of object:
{ name:'csr.conf', buffer: BufferVariable }
Command example:
openssl(['req', '-config', { name:'csr.conf', buffer: BufferVariable }, '-out', 'CSR.csr', '-new', '-newkey', 'rsa:2048', '-nodes', '-keyout', 'privateKey.key']);
When you used a command which generates additional output in file format this package will create a folder openssl/ in the directory where the command was invoked. All output files will appear in this folder (openssl).
Note:
If u want to use a command which needs additional interaction use parameter -config and specify pass to file with configuration.
That's all that you need to start using it.
For any information, improvements or bug fixes please contact me. If it's package was useful for you please give a star in GitHub. (really inspiring me to new ones)
FAQs
Promisified openssl library
The npm package openssl-nodejs-promise receives a total of 68 weekly downloads. As such, openssl-nodejs-promise popularity was classified as not popular.
We found that openssl-nodejs-promise demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.