UNPKG

@cto.af/ca

Version:

Testing-only Certificate Authority (CA) for your local development environment ONLY. This is in no way suitable for production of any kind.

github.com/cto-af/ca

cto-af/ca

101 lines (100 loc) 3.65 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
import type { AnyKey, CertOptions, CommonCertLogOptions, CommonCertOptions, CtoCertOptions, RequiredCertOptions, RequiredCommonCertOptions } from './types.js'; import { KEYCHAIN_SERVICE, KeyCert, SELF_SIGNED, type SecretEntry } from './cert.js'; import { type LogOptions, type Logger } from '@cto.af/log'; export type { AnyKey, CertOptions, CommonCertLogOptions, CommonCertOptions, CtoCertOptions, RequiredCertOptions as RequiredCtoCertOptions, RequiredCommonCertOptions, SecretEntry, }; export { KEYCHAIN_SERVICE, KeyCert, SELF_SIGNED, }; export declare const DEFAULT_CA_OPTIONS: RequiredCommonCertOptions; export declare const DEFAULT_COMMON_CERT_OPTIONS: RequiredCommonCertOptions; export declare const COMMON_CERT_OPTIONS_NAMES: Set<keyof CommonCertOptions>; export declare const DEFAULT_CERT_OPTIONS: RequiredCertOptions; /** * Extract CA options from mixed options. * * @param options Original options. * @returns Extracted CA options. */ export declare function getCAoptions(options?: CertOptions): CommonCertLogOptions; /** * Extract leaf certificate options from mixed options. * * @param options Original options. * @returns Extracted options. */ export declare function getIssueOptions(options?: CertOptions): CommonCertLogOptions; /** * Certificate Authority that does local storage, intended for testing on the * local machine. * * WARNING: Not intended for scale or actual security. DO NOT deploy on the * Internet in the current form. */ export declare class CertificateAuthority { #private; constructor(options?: CommonCertLogOptions); /** * Create a child logger for the CA's use. * * @param logOpts Options for logging. * @returns Child logger. */ static logger(logOpts?: LogOptions): Logger; /** * List all of the CA certs. * * @param options Options, of which dir is the most important. * @yields Instantiated instances of CA KeyCert's. */ static list(options: CommonCertLogOptions): AsyncGenerator<KeyCert>; /** * Mostly-internal, for initialization. Must be called before any substantive * work is done. * * @returns CA KeyCert. */ init(): Promise<KeyCert>; /** * Issue a certificate for use in an HTTPS server. May read from existing * on-disk cert and in-keychain key. Will generate a new cert if the old * one is no longer valid. * * @param options Options. * @returns Initialized KeyCert. */ issue(options?: CommonCertOptions): Promise<KeyCert>; issueNew(options?: CommonCertOptions, now?: Date): KeyCert; /** * Delete the CA certificate and key. */ delete(): Promise<void>; /** * Delete the given certificate and key. */ delete(cert: KeyCert): Promise<void>; /** * Delete the certificate pointed to by the options dir and host. * * @param options Options. */ delete(options: CommonCertOptions): Promise<void>; /** * List the certs in the local directory. * * @param options Options, of which dir is the most important. * @yields Already-read KeyCert instances. */ list(options: CommonCertLogOptions): AsyncGenerator<KeyCert>; } /** * Read a valid CA cert, or create a new one, writing it. * * @param options Cert options. * @returns Private Key / Certificate for CA. */ export declare function createCA(options?: CertOptions): Promise<KeyCert>; /** * Create a CA-signed localhost certificate. * * @param options Certificate options. * @returns Cert and private key. */ export declare function createCert(options?: CertOptions): Promise<KeyCert>;