The core library that provides support for generating X509Certificate and Certificate Signing Request.
The library requires you to pass an implementation of ICryptoEngine. Look at
const cryptoEngine = new TestCryptoEngine();
const notBefore = new Date();
const notAfter = new Date();
notAfter.setFullYear(notBefore.getFullYear() + 1);
const hashAlg = 'SHA1withRSA';
const signAlg = 'RSASSA-PKCS1-v1_5';
// generate the key pair
const keyPair: CryptoKeyPair =
await cryptoEngine.generateKey({
name: signAlg,
modulusLength: 1024,
publicExponent: new Uint8Array([1, 0, 1]),
hash: {
name: 'SHA-1'
}
}, true, ['sign', 'verify']) as CryptoKeyPair;
const x509CertInfo: X509CertificateInfo = {
isCA: true,
signAlg,
hashAlg,
serialNumber: '01',
subjectInfo: {
commonName: 'example.org',
country: 'US',
state: 'TX',
orgName: 'Test',
orgUnit: 'Test'
},
issuerInfo: {
commonName: 'example.org',
country: 'US',
state: 'TX',
orgName: 'Test',
orgUnit: 'Test'
},
validity: {
notBefore,
notAfter
},
publicKey: keyPair.publicKey,
issuerPrivateKey: keyPair.privateKey
};
const jsX509 =
await X509Util.buildCertificate(new TestCryptoEngine(), x509CertInfo);
FAQs
The PKI Library
The npm package pki-lib receives a total of 0 weekly downloads. As such, pki-lib popularity was classified as not popular.
We found that pki-lib demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub Actions checkout now blocks risky pull_request_target checkouts by default to help prevent pwn request supply chain attacks.
Product
Socket now supports Custom Roles and Repository Access Permissions so organizations can control who can access specific repositories and actions.
Product
Socket MCP now lets AI assistants review org alerts, investigate threats using the Socket threat feed, and inspect package files in addition to dependency scoring.