UNPKG

catproxy

Version:

a node proxy or host change tools

github.com/jianxcao/catproxy

jianxcao/catproxy

126 lines (119 loc) 2.83 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
import forge, { pki, md, pkcs12 } from 'node-forge'; let attrs = [ { name: 'countryName', value: 'CN', }, { shortName: 'ST', value: 'CP', }, { name: 'localityName', value: 'BJ', }, { name: 'organizationName', value: 'catproxy', }, { shortName: 'OU', value: 'CP', }, ]; let rootAttrs = attrs.slice(0); rootAttrs.push({ name: 'commonName', value: 'catproxy', }); let createKeyandCert = () => { // generate a keypair and create an X.509v3 certificate let keys = pki.rsa.generateKeyPair(2048); let cert = pki.createCertificate(); let today = new Date().getTime(); let tenYearMin = 1 * 365 * 24 * 60 * 60 * 1000; cert.publicKey = keys.publicKey; cert.serialNumber = '' + new Date().getTime(); cert.validity.notBefore = new Date(today - tenYearMin); cert.validity.notAfter = new Date(today + tenYearMin); return { cert, keys }; }; let createRootCert = () => { let { cert, keys } = createKeyandCert(); cert.setSubject(rootAttrs); // alternatively set subject from a csr // cert.setSubject(csr.subject.attributes); cert.setIssuer(rootAttrs); cert.setExtensions([ { name: 'basicConstraints', cA: true, }, ]); cert.sign(keys.privateKey, md.sha256.create()); // base64-encode p12 let p12Asn1 = pkcs12.toPkcs12Asn1(keys.privateKey, cert, '123456', { algorithm: '3des', }); let p12Der = new Buffer(forge.asn1.toDer(p12Asn1).toHex(), 'hex'); return { cert: pki.certificateToPem(cert), pfx: p12Der, privateKey: pki.privateKeyToPem(keys.privateKey), publicKey: pki.publicKeyToPem(keys.publicKey), }; }; let createSelfCert = (domains, rootOpt) => { if (!domains) { return {}; } if (typeof domains === 'string') { domains = [domains]; } let rootKey = pki.privateKeyFromPem(rootOpt.privateKey); let { cert, keys } = createKeyandCert(); // rootCert.subject.attributes cert.setIssuer(rootAttrs); // ,{ // name: 'subjectAltName', // altNames: domains.map(function(host) { // if (host.match(/^[\d\.]+$/)) { // return {type: 7, ip: host}; // } // return {type: 2, value: host}; // }) // } cert.setExtensions([ // 某些电脑加这个 会爆出 证书乱码问题 // { // name: 'basicConstraints', // cA: true // }, { name: 'subjectAltName', altNames: domains.map(function(host) { if (host.match(/^[\d\.]+$/)) { return { type: 7, ip: host }; } return { type: 2, value: host }; }), }, ]); cert.setSubject( attrs.concat([ { name: 'commonName', value: domains[0], }, ]) ); // console.log(111111); // console.log(cert.getExtensions()); cert.sign(rootKey, md.sha256.create()); return { cert: pki.certificateToPem(cert), privateKey: pki.privateKeyToPem(keys.privateKey), publicKey: pki.publicKeyToPem(keys.publicKey), }; }; export { createRootCert, createSelfCert };