@adobe/aio-cli-plugin-certificate 0.3.1 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +18 -3
- package/oclif.manifest.json +1 -1
- package/package.json +1 -1
- package/src/certificate.js +31 -0
- package/src/commands/certificate/fingerprint.js +52 -0
package/README.md
CHANGED
|
@@ -26,6 +26,7 @@ $ aio certificate --help
|
|
|
26
26
|
# Commands
|
|
27
27
|
<!-- commands -->
|
|
28
28
|
* [`aio certificate`](#aio-certificate)
|
|
29
|
+
* [`aio certificate:fingerprint FILE`](#aio-certificatefingerprint-file)
|
|
29
30
|
* [`aio certificate:generate`](#aio-certificategenerate)
|
|
30
31
|
* [`aio certificate:verify FILE`](#aio-certificateverify-file)
|
|
31
32
|
|
|
@@ -38,7 +39,21 @@ USAGE
|
|
|
38
39
|
$ aio certificate
|
|
39
40
|
```
|
|
40
41
|
|
|
41
|
-
_See code: [src/commands/certificate/index.js](https://github.com/adobe/aio-cli-plugin-certificate/blob/0.
|
|
42
|
+
_See code: [src/commands/certificate/index.js](https://github.com/adobe/aio-cli-plugin-certificate/blob/0.4.0/src/commands/certificate/index.js)_
|
|
43
|
+
|
|
44
|
+
## `aio certificate:fingerprint FILE`
|
|
45
|
+
|
|
46
|
+
Compute the fingerprint of a public key certificate for use with Adobe I/O
|
|
47
|
+
|
|
48
|
+
```
|
|
49
|
+
USAGE
|
|
50
|
+
$ aio certificate:fingerprint FILE
|
|
51
|
+
|
|
52
|
+
ARGUMENTS
|
|
53
|
+
FILE file path to certificate to fingerprint
|
|
54
|
+
```
|
|
55
|
+
|
|
56
|
+
_See code: [src/commands/certificate/fingerprint.js](https://github.com/adobe/aio-cli-plugin-certificate/blob/0.4.0/src/commands/certificate/fingerprint.js)_
|
|
42
57
|
|
|
43
58
|
## `aio certificate:generate`
|
|
44
59
|
|
|
@@ -72,7 +87,7 @@ DESCRIPTION
|
|
|
72
87
|
services.
|
|
73
88
|
```
|
|
74
89
|
|
|
75
|
-
_See code: [src/commands/certificate/generate.js](https://github.com/adobe/aio-cli-plugin-certificate/blob/0.
|
|
90
|
+
_See code: [src/commands/certificate/generate.js](https://github.com/adobe/aio-cli-plugin-certificate/blob/0.4.0/src/commands/certificate/generate.js)_
|
|
76
91
|
|
|
77
92
|
## `aio certificate:verify FILE`
|
|
78
93
|
|
|
@@ -92,7 +107,7 @@ DESCRIPTION
|
|
|
92
107
|
Verifies that the certificate is valid, and/or will not expire in [--days] days from now.
|
|
93
108
|
```
|
|
94
109
|
|
|
95
|
-
_See code: [src/commands/certificate/verify.js](https://github.com/adobe/aio-cli-plugin-certificate/blob/0.
|
|
110
|
+
_See code: [src/commands/certificate/verify.js](https://github.com/adobe/aio-cli-plugin-certificate/blob/0.4.0/src/commands/certificate/verify.js)_
|
|
96
111
|
<!-- commandsstop -->
|
|
97
112
|
|
|
98
113
|
## Contributing
|
package/oclif.manifest.json
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":"0.
|
|
1
|
+
{"version":"0.4.0","commands":{"certificate:fingerprint":{"id":"certificate:fingerprint","description":"Compute the fingerprint of a public key certificate for use with Adobe I/O","pluginName":"@adobe/aio-cli-plugin-certificate","pluginType":"core","aliases":[],"flags":{},"args":[{"name":"file","description":"file path to certificate to fingerprint","required":true}]},"certificate:generate":{"id":"certificate:generate","description":"Generate a new private/public key pair\nGenerate a self-signed certificate to enable https:// on localhost or signing jwt payloads for interacting with Adobe services.\n","pluginName":"@adobe/aio-cli-plugin-certificate","pluginType":"core","aliases":[],"flags":{"keyout":{"name":"keyout","type":"option","description":"file to send the key to","default":"private.key"},"out":{"name":"out","type":"option","description":"output file","default":"certificate_pub.crt"},"name":{"name":"name","type":"option","char":"n","description":"Common Name: typically a host domain name, like www.mysite.com","default":"selfsign.localhost"},"country":{"name":"country","type":"option","char":"c","description":"Country Name"},"state":{"name":"state","type":"option","char":"s","description":"State or Province"},"locality":{"name":"locality","type":"option","char":"l","description":"Locality, or city name"},"organization":{"name":"organization","type":"option","char":"o","description":"Organization name"},"unit":{"name":"unit","type":"option","char":"u","description":"Organizational unit or department"},"days":{"name":"days","type":"option","description":"Number of days the certificate should be valid for. (Max 365)","default":365}},"args":[]},"certificate":{"id":"certificate","description":"Generate or verify a certificate for use with Adobe I/O","pluginName":"@adobe/aio-cli-plugin-certificate","pluginType":"core","aliases":[],"flags":{},"args":[]},"certificate:verify":{"id":"certificate:verify","description":"Verify a certificate for use with Adobe I/O\nVerifies that the certificate is valid, and/or will not expire in [--days] days from now.\n","pluginName":"@adobe/aio-cli-plugin-certificate","pluginType":"core","aliases":[],"flags":{"days":{"name":"days","type":"option","description":"+- is certificate valid in --days"}},"args":[{"name":"file","description":"file path to certificate to verify","required":true}]}}}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@adobe/aio-cli-plugin-certificate",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.4.0",
|
|
4
4
|
"description": "Generate and validate private certs, and public key pairs for use with Adobe IO Console",
|
|
5
5
|
"repository": "adobe/aio-cli-plugin-certificate",
|
|
6
6
|
"homepage": "https://github.com/adobe/aio-cli-plugin-certificate",
|
package/src/certificate.js
CHANGED
|
@@ -1,6 +1,36 @@
|
|
|
1
|
+
/*
|
|
2
|
+
Copyright 2019 Adobe Inc. All rights reserved.
|
|
3
|
+
This file is licensed to you under the Apache License, Version 2.0 (the "License");
|
|
4
|
+
you may not use this file except in compliance with the License. You may obtain a copy
|
|
5
|
+
of the License at http://www.apache.org/licenses/LICENSE-2.0
|
|
6
|
+
Unless required by applicable law or agreed to in writing, software distributed under
|
|
7
|
+
the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR REPRESENTATIONS
|
|
8
|
+
OF ANY KIND, either express or implied. See the License for the specific language
|
|
9
|
+
governing permissions and limitations under the License.
|
|
10
|
+
*/
|
|
11
|
+
|
|
1
12
|
const debug = require('debug')('aio-cli-plugin-certificate:helpers')
|
|
2
13
|
const forge = require('node-forge')
|
|
3
14
|
const pki = forge.pki
|
|
15
|
+
const asn1 = forge.asn1
|
|
16
|
+
|
|
17
|
+
/**
|
|
18
|
+
* Computes the SHA-1 digest of the entire DER-encoded x.509 certificate
|
|
19
|
+
* contained in the provided PEM-encoded string, which gives the same result as
|
|
20
|
+
* using "openssl x509 -fingerprint", except without delimiters and in
|
|
21
|
+
* all lowercase.
|
|
22
|
+
*
|
|
23
|
+
* @param {string|Buffer} pemCert PEM-encoded sting containing x509 certificate
|
|
24
|
+
* @returns {{certificateFingerprint: string}} x509 fingerprint
|
|
25
|
+
*/
|
|
26
|
+
function fingerprint (pemCert) {
|
|
27
|
+
const cert = pki.certificateFromPem(pemCert)
|
|
28
|
+
const bytes = asn1.toDer(pki.certificateToAsn1(cert)).getBytes()
|
|
29
|
+
const md = forge.md.sha1.create()
|
|
30
|
+
md.start()
|
|
31
|
+
md.update(bytes)
|
|
32
|
+
return { certificateFingerprint: md.digest().toHex() }
|
|
33
|
+
}
|
|
4
34
|
|
|
5
35
|
/**
|
|
6
36
|
openssl req -x509 -sha256 -nodes -days 365 -subj "/C=US/" -newkey rsa:2048 -keyout private.key -out certificate_pub.crt
|
|
@@ -135,6 +165,7 @@ function verify (pemCert) {
|
|
|
135
165
|
}
|
|
136
166
|
|
|
137
167
|
module.exports = {
|
|
168
|
+
fingerprint,
|
|
138
169
|
generate,
|
|
139
170
|
verify
|
|
140
171
|
}
|
|
@@ -0,0 +1,52 @@
|
|
|
1
|
+
/*
|
|
2
|
+
Copyright 2019 Adobe. All rights reserved.
|
|
3
|
+
This file is licensed to you under the Apache License, Version 2.0 (the "License");
|
|
4
|
+
you may not use this file except in compliance with the License. You may obtain a copy
|
|
5
|
+
of the License at http://www.apache.org/licenses/LICENSE-2.0
|
|
6
|
+
|
|
7
|
+
Unless required by applicable law or agreed to in writing, software distributed under
|
|
8
|
+
the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR REPRESENTATIONS
|
|
9
|
+
OF ANY KIND, either express or implied. See the License for the specific language
|
|
10
|
+
governing permissions and limitations under the License.
|
|
11
|
+
*/
|
|
12
|
+
|
|
13
|
+
const { Command } = require('@oclif/command')
|
|
14
|
+
const fs = require('fs-extra')
|
|
15
|
+
const debug = require('debug')('aio-cli-plugin-certificate:fingerprint')
|
|
16
|
+
|
|
17
|
+
const cert = require('../../certificate')
|
|
18
|
+
|
|
19
|
+
class FingerprintCommand extends Command {
|
|
20
|
+
async run () {
|
|
21
|
+
const { args } = this.parse(FingerprintCommand)
|
|
22
|
+
|
|
23
|
+
if (!fs.existsSync(args.file)) {
|
|
24
|
+
this.error('input file does not exist: ' + args.file)
|
|
25
|
+
}
|
|
26
|
+
|
|
27
|
+
try {
|
|
28
|
+
const pemCert = fs.readFileSync(args.file).toString()
|
|
29
|
+
debug('fingerprinting cert from pem: ', pemCert)
|
|
30
|
+
// this will throw if file is not a valid pem content
|
|
31
|
+
const res = cert.fingerprint(pemCert)
|
|
32
|
+
|
|
33
|
+
this.log(res.certificateFingerprint)
|
|
34
|
+
return res.certificateFingerprint
|
|
35
|
+
} catch (err) {
|
|
36
|
+
debug('error fingerprinting certificate: ', err)
|
|
37
|
+
this.error(err.message)
|
|
38
|
+
}
|
|
39
|
+
}
|
|
40
|
+
}
|
|
41
|
+
|
|
42
|
+
FingerprintCommand.description = 'Compute the fingerprint of a public key certificate for use with Adobe I/O'
|
|
43
|
+
|
|
44
|
+
FingerprintCommand.args = [
|
|
45
|
+
{
|
|
46
|
+
name: 'file',
|
|
47
|
+
required: true,
|
|
48
|
+
description: 'file path to certificate to fingerprint'
|
|
49
|
+
}
|
|
50
|
+
]
|
|
51
|
+
|
|
52
|
+
module.exports = FingerprintCommand
|