@certd/plugin-cert 1.24.3 → 1.25.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +21 -0
- package/dist/access/eab-access.d.ts +4 -4
- package/dist/access/eab-access.js +48 -48
- package/dist/access/index.d.ts +1 -1
- package/dist/access/index.js +1 -1
- package/dist/dns-provider/api.d.ts +27 -27
- package/dist/dns-provider/api.js +1 -1
- package/dist/dns-provider/base.d.ts +8 -8
- package/dist/dns-provider/base.js +6 -6
- package/dist/dns-provider/decorator.d.ts +3 -3
- package/dist/dns-provider/decorator.js +25 -25
- package/dist/dns-provider/index.d.ts +4 -4
- package/dist/dns-provider/index.js +4 -4
- package/dist/dns-provider/registry.d.ts +2 -2
- package/dist/dns-provider/registry.js +2 -2
- package/dist/index.d.ts +3 -3
- package/dist/index.js +3 -3
- package/dist/plugin/cert-plugin/acme.d.ts +66 -65
- package/dist/plugin/cert-plugin/acme.js +280 -270
- package/dist/plugin/cert-plugin/base.d.ts +46 -46
- package/dist/plugin/cert-plugin/base.js +281 -284
- package/dist/plugin/cert-plugin/cert-reader.d.ts +34 -31
- package/dist/plugin/cert-plugin/cert-reader.js +112 -89
- package/dist/plugin/cert-plugin/convert.d.ts +21 -21
- package/dist/plugin/cert-plugin/convert.js +70 -70
- package/dist/plugin/cert-plugin/index.d.ts +18 -18
- package/dist/plugin/cert-plugin/index.js +208 -206
- package/dist/plugin/cert-plugin/lego/dns.d.ts +1 -1
- package/dist/plugin/cert-plugin/lego/dns.js +1 -1
- package/dist/plugin/cert-plugin/lego/index.d.ts +17 -17
- package/dist/plugin/cert-plugin/lego/index.js +172 -171
- package/dist/plugin/index.d.ts +2 -2
- package/dist/plugin/index.js +2 -2
- package/package.json +4 -4
- package/tsconfig.tsbuildinfo +1 -1
- package/dist/bundle.js +0 -1
- package/dist/d/access/eab-access.d.ts +0 -4
- package/dist/d/access/index.d.ts +0 -1
- package/dist/d/dns-provider/api.d.ts +0 -27
- package/dist/d/dns-provider/base.d.ts +0 -8
- package/dist/d/dns-provider/decorator.d.ts +0 -3
- package/dist/d/dns-provider/index.d.ts +0 -4
- package/dist/d/dns-provider/registry.d.ts +0 -2
- package/dist/d/index.d.ts +0 -3
- package/dist/d/plugin/cert-plugin/acme.d.ts +0 -52
- package/dist/d/plugin/cert-plugin/cert-reader.d.ts +0 -16
- package/dist/d/plugin/cert-plugin/index.d.ts +0 -51
- package/dist/d/plugin/index.d.ts +0 -1
- package/dist/plugin/cert-plugin/lego.d.ts +0 -16
- package/dist/plugin/cert-plugin/lego.js +0 -153
- package/dist/plugin-cert.mjs +0 -11786
- package/dist/plugin-cert.umd.js +0 -28
|
@@ -1,31 +1,34 @@
|
|
|
1
|
-
import { CertInfo } from "./acme.js";
|
|
2
|
-
import { ILogger } from "@certd/pipeline";
|
|
3
|
-
export type CertReaderHandleContext = {
|
|
4
|
-
reader: CertReader;
|
|
5
|
-
tmpCrtPath: string;
|
|
6
|
-
tmpKeyPath: string;
|
|
7
|
-
tmpPfxPath?: string;
|
|
8
|
-
tmpDerPath?: string;
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
export type
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
1
|
+
import { CertInfo } from "./acme.js";
|
|
2
|
+
import { ILogger } from "@certd/pipeline";
|
|
3
|
+
export type CertReaderHandleContext = {
|
|
4
|
+
reader: CertReader;
|
|
5
|
+
tmpCrtPath: string;
|
|
6
|
+
tmpKeyPath: string;
|
|
7
|
+
tmpPfxPath?: string;
|
|
8
|
+
tmpDerPath?: string;
|
|
9
|
+
tmpIcPath?: string;
|
|
10
|
+
};
|
|
11
|
+
export type CertReaderHandle = (ctx: CertReaderHandleContext) => Promise<void>;
|
|
12
|
+
export type HandleOpts = {
|
|
13
|
+
logger: ILogger;
|
|
14
|
+
handle: CertReaderHandle;
|
|
15
|
+
};
|
|
16
|
+
export declare class CertReader {
|
|
17
|
+
cert: CertInfo;
|
|
18
|
+
crt: string;
|
|
19
|
+
key: string;
|
|
20
|
+
csr: string;
|
|
21
|
+
ic: string;
|
|
22
|
+
detail: any;
|
|
23
|
+
expires: number;
|
|
24
|
+
constructor(certInfo: CertInfo);
|
|
25
|
+
getIc(): string;
|
|
26
|
+
toCertInfo(): CertInfo;
|
|
27
|
+
getCrtDetail(crt?: string): {
|
|
28
|
+
detail: import("@certd/acme-client").CertificateInfo;
|
|
29
|
+
expires: Date;
|
|
30
|
+
};
|
|
31
|
+
saveToFile(type: "crt" | "key" | "pfx" | "der" | "ic", filepath?: string): string;
|
|
32
|
+
readCertFile(opts: HandleOpts): Promise<void>;
|
|
33
|
+
buildCertFileName(suffix: string, applyTime: number, prefix?: string): string;
|
|
34
|
+
}
|
|
@@ -1,89 +1,112 @@
|
|
|
1
|
-
import fs from "fs";
|
|
2
|
-
import os from "os";
|
|
3
|
-
import path from "path";
|
|
4
|
-
import { crypto } from "@certd/acme-client";
|
|
5
|
-
import dayjs from "dayjs";
|
|
6
|
-
export class CertReader {
|
|
7
|
-
cert;
|
|
8
|
-
crt;
|
|
9
|
-
key;
|
|
10
|
-
csr;
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
this.
|
|
16
|
-
this.
|
|
17
|
-
this.
|
|
18
|
-
|
|
19
|
-
this.
|
|
20
|
-
this.
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
const
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
}
|
|
89
|
-
|
|
1
|
+
import fs from "fs";
|
|
2
|
+
import os from "os";
|
|
3
|
+
import path from "path";
|
|
4
|
+
import { crypto } from "@certd/acme-client";
|
|
5
|
+
import dayjs from "dayjs";
|
|
6
|
+
export class CertReader {
|
|
7
|
+
cert;
|
|
8
|
+
crt;
|
|
9
|
+
key;
|
|
10
|
+
csr;
|
|
11
|
+
ic; //中间证书
|
|
12
|
+
detail;
|
|
13
|
+
expires;
|
|
14
|
+
constructor(certInfo) {
|
|
15
|
+
this.cert = certInfo;
|
|
16
|
+
this.crt = certInfo.crt;
|
|
17
|
+
this.key = certInfo.key;
|
|
18
|
+
this.csr = certInfo.csr;
|
|
19
|
+
this.ic = certInfo.ic;
|
|
20
|
+
if (!this.ic) {
|
|
21
|
+
this.ic = this.getIc();
|
|
22
|
+
this.cert.ic = this.ic;
|
|
23
|
+
}
|
|
24
|
+
const { detail, expires } = this.getCrtDetail(this.cert.crt);
|
|
25
|
+
this.detail = detail;
|
|
26
|
+
this.expires = expires.getTime();
|
|
27
|
+
}
|
|
28
|
+
getIc() {
|
|
29
|
+
//中间证书ic, 就是crt的第一个 -----END CERTIFICATE----- 之后的内容
|
|
30
|
+
const endStr = "-----END CERTIFICATE-----";
|
|
31
|
+
const firstBlockEndIndex = this.crt.indexOf(endStr);
|
|
32
|
+
const start = firstBlockEndIndex + endStr.length + 1;
|
|
33
|
+
if (this.crt.length <= start) {
|
|
34
|
+
return "";
|
|
35
|
+
}
|
|
36
|
+
const ic = this.crt.substring(start);
|
|
37
|
+
return ic.trim();
|
|
38
|
+
}
|
|
39
|
+
toCertInfo() {
|
|
40
|
+
return this.cert;
|
|
41
|
+
}
|
|
42
|
+
getCrtDetail(crt = this.cert.crt) {
|
|
43
|
+
const detail = crypto.readCertificateInfo(crt.toString());
|
|
44
|
+
const expires = detail.notAfter;
|
|
45
|
+
return { detail, expires };
|
|
46
|
+
}
|
|
47
|
+
saveToFile(type, filepath) {
|
|
48
|
+
if (!this.cert[type]) {
|
|
49
|
+
return;
|
|
50
|
+
}
|
|
51
|
+
if (filepath == null) {
|
|
52
|
+
//写入临时目录
|
|
53
|
+
filepath = path.join(os.tmpdir(), "/certd/tmp/", Math.floor(Math.random() * 1000000) + "", `cert.${type}`);
|
|
54
|
+
}
|
|
55
|
+
const dir = path.dirname(filepath);
|
|
56
|
+
if (!fs.existsSync(dir)) {
|
|
57
|
+
fs.mkdirSync(dir, { recursive: true });
|
|
58
|
+
}
|
|
59
|
+
if (type === "crt" || type === "key" || type === "ic") {
|
|
60
|
+
fs.writeFileSync(filepath, this.cert[type]);
|
|
61
|
+
}
|
|
62
|
+
else {
|
|
63
|
+
fs.writeFileSync(filepath, Buffer.from(this.cert[type], "base64"));
|
|
64
|
+
}
|
|
65
|
+
return filepath;
|
|
66
|
+
}
|
|
67
|
+
async readCertFile(opts) {
|
|
68
|
+
const logger = opts.logger;
|
|
69
|
+
logger.info("将证书写入本地缓存文件");
|
|
70
|
+
const tmpCrtPath = this.saveToFile("crt");
|
|
71
|
+
const tmpKeyPath = this.saveToFile("key");
|
|
72
|
+
const tmpPfxPath = this.saveToFile("pfx");
|
|
73
|
+
const tmpIcPath = this.saveToFile("ic");
|
|
74
|
+
logger.info("本地文件写入成功");
|
|
75
|
+
const tmpDerPath = this.saveToFile("der");
|
|
76
|
+
try {
|
|
77
|
+
return await opts.handle({
|
|
78
|
+
reader: this,
|
|
79
|
+
tmpCrtPath: tmpCrtPath,
|
|
80
|
+
tmpKeyPath: tmpKeyPath,
|
|
81
|
+
tmpPfxPath: tmpPfxPath,
|
|
82
|
+
tmpDerPath: tmpDerPath,
|
|
83
|
+
tmpIcPath: tmpIcPath,
|
|
84
|
+
});
|
|
85
|
+
}
|
|
86
|
+
catch (err) {
|
|
87
|
+
throw err;
|
|
88
|
+
}
|
|
89
|
+
finally {
|
|
90
|
+
//删除临时文件
|
|
91
|
+
logger.info("删除临时文件");
|
|
92
|
+
function removeFile(filepath) {
|
|
93
|
+
if (filepath) {
|
|
94
|
+
fs.unlinkSync(filepath);
|
|
95
|
+
}
|
|
96
|
+
}
|
|
97
|
+
removeFile(tmpCrtPath);
|
|
98
|
+
removeFile(tmpKeyPath);
|
|
99
|
+
removeFile(tmpPfxPath);
|
|
100
|
+
removeFile(tmpDerPath);
|
|
101
|
+
removeFile(tmpIcPath);
|
|
102
|
+
}
|
|
103
|
+
}
|
|
104
|
+
buildCertFileName(suffix, applyTime, prefix = "cert") {
|
|
105
|
+
const detail = this.getCrtDetail();
|
|
106
|
+
let domain = detail.detail.domains.commonName;
|
|
107
|
+
domain = domain.replace(".", "_").replace("*", "_");
|
|
108
|
+
const timeStr = dayjs(applyTime).format("YYYYMMDDHHmmss");
|
|
109
|
+
return `${prefix}_${domain}_${timeStr}.${suffix}`;
|
|
110
|
+
}
|
|
111
|
+
}
|
|
112
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2VydC1yZWFkZXIuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvcGx1Z2luL2NlcnQtcGx1Z2luL2NlcnQtcmVhZGVyLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUNBLE9BQU8sRUFBRSxNQUFNLElBQUksQ0FBQztBQUNwQixPQUFPLEVBQUUsTUFBTSxJQUFJLENBQUM7QUFDcEIsT0FBTyxJQUFJLE1BQU0sTUFBTSxDQUFDO0FBQ3hCLE9BQU8sRUFBRSxNQUFNLEVBQUUsTUFBTSxvQkFBb0IsQ0FBQztBQUU1QyxPQUFPLEtBQUssTUFBTSxPQUFPLENBQUM7QUFZMUIsTUFBTSxPQUFPLFVBQVU7SUFDckIsSUFBSSxDQUFXO0lBQ2YsR0FBRyxDQUFTO0lBQ1osR0FBRyxDQUFTO0lBQ1osR0FBRyxDQUFTO0lBQ1osRUFBRSxDQUFTLENBQUMsTUFBTTtJQUVsQixNQUFNLENBQU07SUFDWixPQUFPLENBQVM7SUFDaEIsWUFBWSxRQUFrQjtRQUM1QixJQUFJLENBQUMsSUFBSSxHQUFHLFFBQVEsQ0FBQztRQUNyQixJQUFJLENBQUMsR0FBRyxHQUFHLFFBQVEsQ0FBQyxHQUFHLENBQUM7UUFDeEIsSUFBSSxDQUFDLEdBQUcsR0FBRyxRQUFRLENBQUMsR0FBRyxDQUFDO1FBQ3hCLElBQUksQ0FBQyxHQUFHLEdBQUcsUUFBUSxDQUFDLEdBQUcsQ0FBQztRQUV4QixJQUFJLENBQUMsRUFBRSxHQUFHLFFBQVEsQ0FBQyxFQUFFLENBQUM7UUFDdEIsSUFBSSxDQUFDLElBQUksQ0FBQyxFQUFFLEVBQUU7WUFDWixJQUFJLENBQUMsRUFBRSxHQUFHLElBQUksQ0FBQyxLQUFLLEVBQUUsQ0FBQztZQUN2QixJQUFJLENBQUMsSUFBSSxDQUFDLEVBQUUsR0FBRyxJQUFJLENBQUMsRUFBRSxDQUFDO1NBQ3hCO1FBRUQsTUFBTSxFQUFFLE1BQU0sRUFBRSxPQUFPLEVBQUUsR0FBRyxJQUFJLENBQUMsWUFBWSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFDLENBQUM7UUFDN0QsSUFBSSxDQUFDLE1BQU0sR0FBRyxNQUFNLENBQUM7UUFDckIsSUFBSSxDQUFDLE9BQU8sR0FBRyxPQUFPLENBQUMsT0FBTyxFQUFFLENBQUM7SUFDbkMsQ0FBQztJQUVELEtBQUs7UUFDSCxtREFBbUQ7UUFDbkQsTUFBTSxNQUFNLEdBQUcsMkJBQTJCLENBQUM7UUFDM0MsTUFBTSxrQkFBa0IsR0FBRyxJQUFJLENBQUMsR0FBRyxDQUFDLE9BQU8sQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUVwRCxNQUFNLEtBQUssR0FBRyxrQkFBa0IsR0FBRyxNQUFNLENBQUMsTUFBTSxHQUFHLENBQUMsQ0FBQztRQUNyRCxJQUFJLElBQUksQ0FBQyxHQUFHLENBQUMsTUFBTSxJQUFJLEtBQUssRUFBRTtZQUM1QixPQUFPLEVBQUUsQ0FBQztTQUNYO1FBQ0QsTUFBTSxFQUFFLEdBQUcsSUFBSSxDQUFDLEdBQUcsQ0FBQyxTQUFTLENBQUMsS0FBSyxDQUFDLENBQUM7UUFDckMsT0FBTyxFQUFFLENBQUMsSUFBSSxFQUFFLENBQUM7SUFDbkIsQ0FBQztJQUVELFVBQVU7UUFDUixPQUFPLElBQUksQ0FBQyxJQUFJLENBQUM7SUFDbkIsQ0FBQztJQUVELFlBQVksQ0FBQyxNQUFjLElBQUksQ0FBQyxJQUFJLENBQUMsR0FBRztRQUN0QyxNQUFNLE1BQU0sR0FBRyxNQUFNLENBQUMsbUJBQW1CLENBQUMsR0FBRyxDQUFDLFFBQVEsRUFBRSxDQUFDLENBQUM7UUFDMUQsTUFBTSxPQUFPLEdBQUcsTUFBTSxDQUFDLFFBQVEsQ0FBQztRQUNoQyxPQUFPLEVBQUUsTUFBTSxFQUFFLE9BQU8sRUFBRSxDQUFDO0lBQzdCLENBQUM7SUFFRCxVQUFVLENBQUMsSUFBMEMsRUFBRSxRQUFpQjtRQUN0RSxJQUFJLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsRUFBRTtZQUNwQixPQUFPO1NBQ1I7UUFFRCxJQUFJLFFBQVEsSUFBSSxJQUFJLEVBQUU7WUFDcEIsUUFBUTtZQUNSLFFBQVEsR0FBRyxJQUFJLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQyxNQUFNLEVBQUUsRUFBRSxhQUFhLEVBQUUsSUFBSSxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUMsTUFBTSxFQUFFLEdBQUcsT0FBTyxDQUFDLEdBQUcsRUFBRSxFQUFFLFFBQVEsSUFBSSxFQUFFLENBQUMsQ0FBQztTQUM1RztRQUVELE1BQU0sR0FBRyxHQUFHLElBQUksQ0FBQyxPQUFPLENBQUMsUUFBUSxDQUFDLENBQUM7UUFDbkMsSUFBSSxDQUFDLEVBQUUsQ0FBQyxVQUFVLENBQUMsR0FBRyxDQUFDLEVBQUU7WUFDdkIsRUFBRSxDQUFDLFNBQVMsQ0FBQyxHQUFHLEVBQUUsRUFBRSxTQUFTLEVBQUUsSUFBSSxFQUFFLENBQUMsQ0FBQztTQUN4QztRQUNELElBQUksSUFBSSxLQUFLLEtBQUssSUFBSSxJQUFJLEtBQUssS0FBSyxJQUFJLElBQUksS0FBSyxJQUFJLEVBQUU7WUFDckQsRUFBRSxDQUFDLGFBQWEsQ0FBQyxRQUFRLEVBQUUsSUFBSSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDO1NBQzdDO2FBQU07WUFDTCxFQUFFLENBQUMsYUFBYSxDQUFDLFFBQVEsRUFBRSxNQUFNLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEVBQUUsUUFBUSxDQUFDLENBQUMsQ0FBQztTQUNwRTtRQUNELE9BQU8sUUFBUSxDQUFDO0lBQ2xCLENBQUM7SUFFRCxLQUFLLENBQUMsWUFBWSxDQUFDLElBQWdCO1FBQ2pDLE1BQU0sTUFBTSxHQUFHLElBQUksQ0FBQyxNQUFNLENBQUM7UUFDM0IsTUFBTSxDQUFDLElBQUksQ0FBQyxhQUFhLENBQUMsQ0FBQztRQUMzQixNQUFNLFVBQVUsR0FBRyxJQUFJLENBQUMsVUFBVSxDQUFDLEtBQUssQ0FBQyxDQUFDO1FBQzFDLE1BQU0sVUFBVSxHQUFHLElBQUksQ0FBQyxVQUFVLENBQUMsS0FBSyxDQUFDLENBQUM7UUFDMUMsTUFBTSxVQUFVLEdBQUcsSUFBSSxDQUFDLFVBQVUsQ0FBQyxLQUFLLENBQUMsQ0FBQztRQUMxQyxNQUFNLFNBQVMsR0FBRyxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxDQUFDO1FBQ3hDLE1BQU0sQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLENBQUM7UUFDeEIsTUFBTSxVQUFVLEdBQUcsSUFBSSxDQUFDLFVBQVUsQ0FBQyxLQUFLLENBQUMsQ0FBQztRQUMxQyxJQUFJO1lBQ0YsT0FBTyxNQUFNLElBQUksQ0FBQyxNQUFNLENBQUM7Z0JBQ3ZCLE1BQU0sRUFBRSxJQUFJO2dCQUNaLFVBQVUsRUFBRSxVQUFVO2dCQUN0QixVQUFVLEVBQUUsVUFBVTtnQkFDdEIsVUFBVSxFQUFFLFVBQVU7Z0JBQ3RCLFVBQVUsRUFBRSxVQUFVO2dCQUN0QixTQUFTLEVBQUUsU0FBUzthQUNyQixDQUFDLENBQUM7U0FDSjtRQUFDLE9BQU8sR0FBRyxFQUFFO1lBQ1osTUFBTSxHQUFHLENBQUM7U0FDWDtnQkFBUztZQUNSLFFBQVE7WUFDUixNQUFNLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxDQUFDO1lBQ3RCLFNBQVMsVUFBVSxDQUFDLFFBQWlCO2dCQUNuQyxJQUFJLFFBQVEsRUFBRTtvQkFDWixFQUFFLENBQUMsVUFBVSxDQUFDLFFBQVEsQ0FBQyxDQUFDO2lCQUN6QjtZQUNILENBQUM7WUFDRCxVQUFVLENBQUMsVUFBVSxDQUFDLENBQUM7WUFDdkIsVUFBVSxDQUFDLFVBQVUsQ0FBQyxDQUFDO1lBQ3ZCLFVBQVUsQ0FBQyxVQUFVLENBQUMsQ0FBQztZQUN2QixVQUFVLENBQUMsVUFBVSxDQUFDLENBQUM7WUFDdkIsVUFBVSxDQUFDLFNBQVMsQ0FBQyxDQUFDO1NBQ3ZCO0lBQ0gsQ0FBQztJQUVELGlCQUFpQixDQUFDLE1BQWMsRUFBRSxTQUFpQixFQUFFLE1BQU0sR0FBRyxNQUFNO1FBQ2xFLE1BQU0sTUFBTSxHQUFHLElBQUksQ0FBQyxZQUFZLEVBQUUsQ0FBQztRQUNuQyxJQUFJLE1BQU0sR0FBRyxNQUFNLENBQUMsTUFBTSxDQUFDLE9BQU8sQ0FBQyxVQUFVLENBQUM7UUFDOUMsTUFBTSxHQUFHLE1BQU0sQ0FBQyxPQUFPLENBQUMsR0FBRyxFQUFFLEdBQUcsQ0FBQyxDQUFDLE9BQU8sQ0FBQyxHQUFHLEVBQUUsR0FBRyxDQUFDLENBQUM7UUFDcEQsTUFBTSxPQUFPLEdBQUcsS0FBSyxDQUFDLFNBQVMsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFDO1FBQzFELE9BQU8sR0FBRyxNQUFNLElBQUksTUFBTSxJQUFJLE9BQU8sSUFBSSxNQUFNLEVBQUUsQ0FBQztJQUNwRCxDQUFDO0NBQ0YifQ==
|
|
@@ -1,21 +1,21 @@
|
|
|
1
|
-
import { ILogger } from "@certd/pipeline";
|
|
2
|
-
import type { CertInfo } from "../cert-plugin/acme.js";
|
|
3
|
-
import { CertReader } from "../cert-plugin/cert-reader.js";
|
|
4
|
-
export { CertReader };
|
|
5
|
-
export type { CertInfo };
|
|
6
|
-
export declare class CertConverter {
|
|
7
|
-
logger: ILogger;
|
|
8
|
-
constructor(opts: {
|
|
9
|
-
logger: ILogger;
|
|
10
|
-
});
|
|
11
|
-
convert(opts: {
|
|
12
|
-
cert: CertInfo;
|
|
13
|
-
pfxPassword: string;
|
|
14
|
-
}): Promise<{
|
|
15
|
-
pfxPath: string;
|
|
16
|
-
derPath: string;
|
|
17
|
-
}>;
|
|
18
|
-
exec(cmd: string): Promise<void>;
|
|
19
|
-
private convertPfx;
|
|
20
|
-
private convertDer;
|
|
21
|
-
}
|
|
1
|
+
import { ILogger } from "@certd/pipeline";
|
|
2
|
+
import type { CertInfo } from "../cert-plugin/acme.js";
|
|
3
|
+
import { CertReader } from "../cert-plugin/cert-reader.js";
|
|
4
|
+
export { CertReader };
|
|
5
|
+
export type { CertInfo };
|
|
6
|
+
export declare class CertConverter {
|
|
7
|
+
logger: ILogger;
|
|
8
|
+
constructor(opts: {
|
|
9
|
+
logger: ILogger;
|
|
10
|
+
});
|
|
11
|
+
convert(opts: {
|
|
12
|
+
cert: CertInfo;
|
|
13
|
+
pfxPassword: string;
|
|
14
|
+
}): Promise<{
|
|
15
|
+
pfxPath: string;
|
|
16
|
+
derPath: string;
|
|
17
|
+
}>;
|
|
18
|
+
exec(cmd: string): Promise<void>;
|
|
19
|
+
private convertPfx;
|
|
20
|
+
private convertDer;
|
|
21
|
+
}
|
|
@@ -1,71 +1,71 @@
|
|
|
1
|
-
import { sp } from "@certd/pipeline";
|
|
2
|
-
import { CertReader } from "../cert-plugin/cert-reader.js";
|
|
3
|
-
import path from "path";
|
|
4
|
-
import os from "os";
|
|
5
|
-
import fs from "fs";
|
|
6
|
-
export { CertReader };
|
|
7
|
-
export class CertConverter {
|
|
8
|
-
logger;
|
|
9
|
-
constructor(opts) {
|
|
10
|
-
this.logger = opts.logger;
|
|
11
|
-
}
|
|
12
|
-
async convert(opts) {
|
|
13
|
-
const certReader = new CertReader(opts.cert);
|
|
14
|
-
let pfxPath;
|
|
15
|
-
let derPath;
|
|
16
|
-
const handle = async (opts) => {
|
|
17
|
-
// 调用openssl 转pfx
|
|
18
|
-
pfxPath = await this.convertPfx(opts);
|
|
19
|
-
// 转der
|
|
20
|
-
derPath = await this.convertDer(opts);
|
|
21
|
-
};
|
|
22
|
-
await certReader.readCertFile({ logger: this.logger, handle });
|
|
23
|
-
return {
|
|
24
|
-
pfxPath,
|
|
25
|
-
derPath,
|
|
26
|
-
};
|
|
27
|
-
}
|
|
28
|
-
async exec(cmd) {
|
|
29
|
-
await sp.spawn({
|
|
30
|
-
cmd: cmd,
|
|
31
|
-
logger: this.logger,
|
|
32
|
-
});
|
|
33
|
-
}
|
|
34
|
-
async convertPfx(opts, pfxPassword) {
|
|
35
|
-
const { tmpCrtPath, tmpKeyPath } = opts;
|
|
36
|
-
const pfxPath = path.join(os.tmpdir(), "/certd/tmp/", Math.floor(Math.random() * 1000000) + "", "cert.pfx");
|
|
37
|
-
const dir = path.dirname(pfxPath);
|
|
38
|
-
if (!fs.existsSync(dir)) {
|
|
39
|
-
fs.mkdirSync(dir, { recursive: true });
|
|
40
|
-
}
|
|
41
|
-
let passwordArg = "-passout pass:";
|
|
42
|
-
if (pfxPassword) {
|
|
43
|
-
passwordArg = `-password pass:${pfxPassword}`;
|
|
44
|
-
}
|
|
45
|
-
await this.exec(`openssl pkcs12 -export -out ${pfxPath} -inkey ${tmpKeyPath} -in ${tmpCrtPath} ${passwordArg}`);
|
|
46
|
-
return pfxPath;
|
|
47
|
-
// const fileBuffer = fs.readFileSync(pfxPath);
|
|
48
|
-
// this.pfxCert = fileBuffer.toString("base64");
|
|
49
|
-
//
|
|
50
|
-
// const applyTime = new Date().getTime();
|
|
51
|
-
// const filename = reader.buildCertFileName("pfx", applyTime);
|
|
52
|
-
// this.saveFile(filename, fileBuffer);
|
|
53
|
-
}
|
|
54
|
-
async convertDer(opts) {
|
|
55
|
-
const { tmpCrtPath } = opts;
|
|
56
|
-
const derPath = path.join(os.tmpdir(), "/certd/tmp/", Math.floor(Math.random() * 1000000) + "", `cert.der`);
|
|
57
|
-
const dir = path.dirname(derPath);
|
|
58
|
-
if (!fs.existsSync(dir)) {
|
|
59
|
-
fs.mkdirSync(dir, { recursive: true });
|
|
60
|
-
}
|
|
61
|
-
await this.exec(`openssl x509 -outform der -in ${tmpCrtPath} -out ${derPath}`);
|
|
62
|
-
return derPath;
|
|
63
|
-
// const fileBuffer = fs.readFileSync(derPath);
|
|
64
|
-
// this.derCert = fileBuffer.toString("base64");
|
|
65
|
-
//
|
|
66
|
-
// const applyTime = new Date().getTime();
|
|
67
|
-
// const filename = reader.buildCertFileName("der", applyTime);
|
|
68
|
-
// this.saveFile(filename, fileBuffer);
|
|
69
|
-
}
|
|
70
|
-
}
|
|
1
|
+
import { sp } from "@certd/pipeline";
|
|
2
|
+
import { CertReader } from "../cert-plugin/cert-reader.js";
|
|
3
|
+
import path from "path";
|
|
4
|
+
import os from "os";
|
|
5
|
+
import fs from "fs";
|
|
6
|
+
export { CertReader };
|
|
7
|
+
export class CertConverter {
|
|
8
|
+
logger;
|
|
9
|
+
constructor(opts) {
|
|
10
|
+
this.logger = opts.logger;
|
|
11
|
+
}
|
|
12
|
+
async convert(opts) {
|
|
13
|
+
const certReader = new CertReader(opts.cert);
|
|
14
|
+
let pfxPath;
|
|
15
|
+
let derPath;
|
|
16
|
+
const handle = async (opts) => {
|
|
17
|
+
// 调用openssl 转pfx
|
|
18
|
+
pfxPath = await this.convertPfx(opts);
|
|
19
|
+
// 转der
|
|
20
|
+
derPath = await this.convertDer(opts);
|
|
21
|
+
};
|
|
22
|
+
await certReader.readCertFile({ logger: this.logger, handle });
|
|
23
|
+
return {
|
|
24
|
+
pfxPath,
|
|
25
|
+
derPath,
|
|
26
|
+
};
|
|
27
|
+
}
|
|
28
|
+
async exec(cmd) {
|
|
29
|
+
await sp.spawn({
|
|
30
|
+
cmd: cmd,
|
|
31
|
+
logger: this.logger,
|
|
32
|
+
});
|
|
33
|
+
}
|
|
34
|
+
async convertPfx(opts, pfxPassword) {
|
|
35
|
+
const { tmpCrtPath, tmpKeyPath } = opts;
|
|
36
|
+
const pfxPath = path.join(os.tmpdir(), "/certd/tmp/", Math.floor(Math.random() * 1000000) + "", "cert.pfx");
|
|
37
|
+
const dir = path.dirname(pfxPath);
|
|
38
|
+
if (!fs.existsSync(dir)) {
|
|
39
|
+
fs.mkdirSync(dir, { recursive: true });
|
|
40
|
+
}
|
|
41
|
+
let passwordArg = "-passout pass:";
|
|
42
|
+
if (pfxPassword) {
|
|
43
|
+
passwordArg = `-password pass:${pfxPassword}`;
|
|
44
|
+
}
|
|
45
|
+
await this.exec(`openssl pkcs12 -export -out ${pfxPath} -inkey ${tmpKeyPath} -in ${tmpCrtPath} ${passwordArg}`);
|
|
46
|
+
return pfxPath;
|
|
47
|
+
// const fileBuffer = fs.readFileSync(pfxPath);
|
|
48
|
+
// this.pfxCert = fileBuffer.toString("base64");
|
|
49
|
+
//
|
|
50
|
+
// const applyTime = new Date().getTime();
|
|
51
|
+
// const filename = reader.buildCertFileName("pfx", applyTime);
|
|
52
|
+
// this.saveFile(filename, fileBuffer);
|
|
53
|
+
}
|
|
54
|
+
async convertDer(opts) {
|
|
55
|
+
const { tmpCrtPath } = opts;
|
|
56
|
+
const derPath = path.join(os.tmpdir(), "/certd/tmp/", Math.floor(Math.random() * 1000000) + "", `cert.der`);
|
|
57
|
+
const dir = path.dirname(derPath);
|
|
58
|
+
if (!fs.existsSync(dir)) {
|
|
59
|
+
fs.mkdirSync(dir, { recursive: true });
|
|
60
|
+
}
|
|
61
|
+
await this.exec(`openssl x509 -outform der -in ${tmpCrtPath} -out ${derPath}`);
|
|
62
|
+
return derPath;
|
|
63
|
+
// const fileBuffer = fs.readFileSync(derPath);
|
|
64
|
+
// this.derCert = fileBuffer.toString("base64");
|
|
65
|
+
//
|
|
66
|
+
// const applyTime = new Date().getTime();
|
|
67
|
+
// const filename = reader.buildCertFileName("der", applyTime);
|
|
68
|
+
// this.saveFile(filename, fileBuffer);
|
|
69
|
+
}
|
|
70
|
+
}
|
|
71
71
|
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29udmVydC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9wbHVnaW4vY2VydC1wbHVnaW4vY29udmVydC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEVBQVcsRUFBRSxFQUFFLE1BQU0saUJBQWlCLENBQUM7QUFFOUMsT0FBTyxFQUFFLFVBQVUsRUFBMkIsTUFBTSwrQkFBK0IsQ0FBQztBQUNwRixPQUFPLElBQUksTUFBTSxNQUFNLENBQUM7QUFDeEIsT0FBTyxFQUFFLE1BQU0sSUFBSSxDQUFDO0FBQ3BCLE9BQU8sRUFBRSxNQUFNLElBQUksQ0FBQztBQUVwQixPQUFPLEVBQUUsVUFBVSxFQUFFLENBQUM7QUFHdEIsTUFBTSxPQUFPLGFBQWE7SUFDeEIsTUFBTSxDQUFVO0lBRWhCLFlBQVksSUFBeUI7UUFDbkMsSUFBSSxDQUFDLE1BQU0sR0FBRyxJQUFJLENBQUMsTUFBTSxDQUFDO0lBQzVCLENBQUM7SUFDRCxLQUFLLENBQUMsT0FBTyxDQUFDLElBQTZDO1FBSXpELE1BQU0sVUFBVSxHQUFHLElBQUksVUFBVSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUM3QyxJQUFJLE9BQWUsQ0FBQztRQUNwQixJQUFJLE9BQWUsQ0FBQztRQUNwQixNQUFNLE1BQU0sR0FBRyxLQUFLLEVBQUUsSUFBNkIsRUFBRSxFQUFFO1lBQ3JELGlCQUFpQjtZQUNqQixPQUFPLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxDQUFDO1lBRXRDLE9BQU87WUFDUCxPQUFPLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxDQUFDO1FBQ3hDLENBQUMsQ0FBQztRQUVGLE1BQU0sVUFBVSxDQUFDLFlBQVksQ0FBQyxFQUFFLE1BQU0sRUFBRSxJQUFJLENBQUMsTUFBTSxFQUFFLE1BQU0sRUFBRSxDQUFDLENBQUM7UUFFL0QsT0FBTztZQUNMLE9BQU87WUFDUCxPQUFPO1NBQ1IsQ0FBQztJQUNKLENBQUM7SUFFRCxLQUFLLENBQUMsSUFBSSxDQUFDLEdBQVc7UUFDcEIsTUFBTSxFQUFFLENBQUMsS0FBSyxDQUFDO1lBQ2IsR0FBRyxFQUFFLEdBQUc7WUFDUixNQUFNLEVBQUUsSUFBSSxDQUFDLE1BQU07U0FDcEIsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVPLEtBQUssQ0FBQyxVQUFVLENBQUMsSUFBNkIsRUFBRSxXQUFvQjtRQUMxRSxNQUFNLEVBQUUsVUFBVSxFQUFFLFVBQVUsRUFBRSxHQUFHLElBQUksQ0FBQztRQUV4QyxNQUFNLE9BQU8sR0FBRyxJQUFJLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQyxNQUFNLEVBQUUsRUFBRSxhQUFhLEVBQUUsSUFBSSxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUMsTUFBTSxFQUFFLEdBQUcsT0FBTyxDQUFDLEdBQUcsRUFBRSxFQUFFLFVBQVUsQ0FBQyxDQUFDO1FBRTVHLE1BQU0sR0FBRyxHQUFHLElBQUksQ0FBQyxPQUFPLENBQUMsT0FBTyxDQUFDLENBQUM7UUFDbEMsSUFBSSxDQUFDLEVBQUUsQ0FBQyxVQUFVLENBQUMsR0FBRyxDQUFDLEVBQUU7WUFDdkIsRUFBRSxDQUFDLFNBQVMsQ0FBQyxHQUFHLEVBQUUsRUFBRSxTQUFTLEVBQUUsSUFBSSxFQUFFLENBQUMsQ0FBQztTQUN4QztRQUVELElBQUksV0FBVyxHQUFHLGdCQUFnQixDQUFDO1FBQ25DLElBQUksV0FBVyxFQUFFO1lBQ2YsV0FBVyxHQUFHLGtCQUFrQixXQUFXLEVBQUUsQ0FBQztTQUMvQztRQUNELE1BQU0sSUFBSSxDQUFDLElBQUksQ0FBQywrQkFBK0IsT0FBTyxXQUFXLFVBQVUsUUFBUSxVQUFVLElBQUksV0FBVyxFQUFFLENBQUMsQ0FBQztRQUNoSCxPQUFPLE9BQU8sQ0FBQztRQUNmLCtDQUErQztRQUMvQyxnREFBZ0Q7UUFDaEQsRUFBRTtRQUNGLDBDQUEwQztRQUMxQywrREFBK0Q7UUFDL0QsdUNBQXVDO0lBQ3pDLENBQUM7SUFFTyxLQUFLLENBQUMsVUFBVSxDQUFDLElBQTZCO1FBQ3BELE1BQU0sRUFBRSxVQUFVLEVBQUUsR0FBRyxJQUFJLENBQUM7UUFDNUIsTUFBTSxPQUFPLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQyxFQUFFLENBQUMsTUFBTSxFQUFFLEVBQUUsYUFBYSxFQUFFLElBQUksQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLE1BQU0sRUFBRSxHQUFHLE9BQU8sQ0FBQyxHQUFHLEVBQUUsRUFBRSxVQUFVLENBQUMsQ0FBQztRQUU1RyxNQUFNLEdBQUcsR0FBRyxJQUFJLENBQUMsT0FBTyxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBQ2xDLElBQUksQ0FBQyxFQUFFLENBQUMsVUFBVSxDQUFDLEdBQUcsQ0FBQyxFQUFFO1lBQ3ZCLEVBQUUsQ0FBQyxTQUFTLENBQUMsR0FBRyxFQUFFLEVBQUUsU0FBUyxFQUFFLElBQUksRUFBRSxDQUFDLENBQUM7U0FDeEM7UUFFRCxNQUFNLElBQUksQ0FBQyxJQUFJLENBQUMsaUNBQWlDLFVBQVUsU0FBUyxPQUFPLEVBQUUsQ0FBQyxDQUFDO1FBRS9FLE9BQU8sT0FBTyxDQUFDO1FBRWYsK0NBQStDO1FBQy9DLGdEQUFnRDtRQUNoRCxFQUFFO1FBQ0YsMENBQTBDO1FBQzFDLCtEQUErRDtRQUMvRCx1Q0FBdUM7SUFDekMsQ0FBQztDQUNGIn0=
|
|
@@ -1,18 +1,18 @@
|
|
|
1
|
-
import type { CertInfo, PrivateKeyType, SSLProvider } from "./acme.js";
|
|
2
|
-
import { AcmeService } from "./acme.js";
|
|
3
|
-
import { CertReader } from "./cert-reader.js";
|
|
4
|
-
import { CertApplyBasePlugin } from "./base.js";
|
|
5
|
-
export type { CertInfo };
|
|
6
|
-
export * from "./cert-reader.js";
|
|
7
|
-
export declare class CertApplyPlugin extends CertApplyBasePlugin {
|
|
8
|
-
sslProvider: SSLProvider;
|
|
9
|
-
eabAccessId: number;
|
|
10
|
-
privateKeyType: PrivateKeyType;
|
|
11
|
-
dnsProviderType: string;
|
|
12
|
-
dnsProviderAccess: string;
|
|
13
|
-
useProxy: boolean;
|
|
14
|
-
skipLocalVerify: boolean;
|
|
15
|
-
acme: AcmeService;
|
|
16
|
-
onInit(): Promise<void>;
|
|
17
|
-
doCertApply(): Promise<CertReader>;
|
|
18
|
-
}
|
|
1
|
+
import type { CertInfo, PrivateKeyType, SSLProvider } from "./acme.js";
|
|
2
|
+
import { AcmeService } from "./acme.js";
|
|
3
|
+
import { CertReader } from "./cert-reader.js";
|
|
4
|
+
import { CertApplyBasePlugin } from "./base.js";
|
|
5
|
+
export type { CertInfo };
|
|
6
|
+
export * from "./cert-reader.js";
|
|
7
|
+
export declare class CertApplyPlugin extends CertApplyBasePlugin {
|
|
8
|
+
sslProvider: SSLProvider;
|
|
9
|
+
eabAccessId: number;
|
|
10
|
+
privateKeyType: PrivateKeyType;
|
|
11
|
+
dnsProviderType: string;
|
|
12
|
+
dnsProviderAccess: string;
|
|
13
|
+
useProxy: boolean;
|
|
14
|
+
skipLocalVerify: boolean;
|
|
15
|
+
acme: AcmeService;
|
|
16
|
+
onInit(): Promise<void>;
|
|
17
|
+
doCertApply(): Promise<CertReader>;
|
|
18
|
+
}
|