UNPKG

catproxy

Version:

a node proxy or host change tools

github.com/jianxcao/catproxy

jianxcao/catproxy

112 lines (104 loc) 2.73 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
import forge, {pki, md, pkcs12} from 'node-forge'; let attrs = [{ name: 'countryName', value: 'CN' }, { shortName: 'ST', value: 'CP' }, { name: 'localityName', value: 'BJ' }, { name: 'organizationName', value: 'catproxy' }, { shortName: 'OU', value: 'CP' }]; let rootAttrs = attrs.slice(0); rootAttrs.push({ name: 'commonName', value: 'catproxy' }); let createKeyandCert = ()=> { // generate a keypair and create an X.509v3 certificate let keys = pki.rsa.generateKeyPair(1024); let cert = pki.createCertificate(); let today = new Date().getTime(); let tenYearMin = 10 * 365 * 24 * 60 * 60 * 1000; cert.publicKey = keys.publicKey; cert.serialNumber = '' + new Date().getTime(); cert.validity.notBefore = new Date(today - tenYearMin); cert.validity.notAfter = new Date(today + tenYearMin); return {cert, keys}; }; let createRootCert = () => { let {cert, keys} = createKeyandCert(); cert.setSubject(rootAttrs); // alternatively set subject from a csr // cert.setSubject(csr.subject.attributes); cert.setIssuer(rootAttrs); cert.setExtensions([{ name: 'basicConstraints', cA: true }]); cert.sign(keys.privateKey, md.sha256.create()); // base64-encode p12 let p12Asn1 = pkcs12.toPkcs12Asn1(keys.privateKey, cert, '123456', {algorithm: '3des'}); let p12Der = new Buffer(forge.asn1.toDer(p12Asn1).toHex(), 'hex') return { cert: pki.certificateToPem(cert), pfx: p12Der, privateKey: pki.privateKeyToPem(keys.privateKey), publicKey: pki.publicKeyToPem(keys.publicKey), }; }; let createSelfCert = (domains, rootOpt) => { if (!domains) { return {}; } if (typeof domains === 'string') { domains = [domains]; } let rootKey = pki.privateKeyFromPem(rootOpt.privateKey); let {cert, keys} = createKeyandCert(); // rootCert.subject.attributes cert.setIssuer(rootAttrs); // ,{ // name: 'subjectAltName', // altNames: domains.map(function(host) { // if (host.match(/^[\d\.]+$/)) { // return {type: 7, ip: host}; // } // return {type: 2, value: host}; // }) // } cert.setExtensions([ // 某些电脑加这个 会爆出 证书乱码问题 // { // name: 'basicConstraints', // cA: true // }, { name: 'subjectAltName', altNames: domains.map(function(host) { if (host.match(/^[\d\.]+$/)) { return {type: 7, ip: host}; } return {type: 2, value: host}; }) }]); cert.setSubject(attrs.concat([{ name: 'commonName', value: domains[0] }])); // console.log(111111); // console.log(cert.getExtensions()); cert.sign(rootKey, md.sha256.create()); return { cert: pki.certificateToPem(cert), privateKey: pki.privateKeyToPem(keys.privateKey), publicKey: pki.publicKeyToPem(keys.publicKey), }; }; export {createRootCert, createSelfCert};