lkddi/certd
1
0
Fork 0
mirror of https://github.com/certd/certd.git synced 2026-04-24 12:27:25 +08:00
Code Issues Packages Projects Releases Wiki Activity

perf: 证书支持旧版RSA,pkcs1

Browse Source
This commit is contained in:
xiaojunnuo
2024-09-23 14:32:57 +08:00
parent f9ff9191a1
commit 3d9c3ecb3e
5 changed files with 29 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/core/acme-client/src/crypto/index.js
+7 -4
View File
@@ -67,11 +67,11 @@ function getKeyInfo(keyPem) {
* ```
*/
async function createPrivateRsaKey(modulusLength = 2048) {
async function createPrivateRsaKey(modulusLength = 2048, encodingType = 'pkcs8') {
const pair = await generateKeyPair('rsa', {
modulusLength,
privateKeyEncoding: {
type: 'pkcs8',
type: encodingType,
format: 'pem',
},
});
@@ -106,11 +106,11 @@ exports.createPrivateKey = createPrivateRsaKey;
* ```
*/
exports.createPrivateEcdsaKey = async (namedCurve = 'P-256') => {
exports.createPrivateEcdsaKey = async (namedCurve = 'P-256', encodingType = 'pkcs8') => {
const pair = await generateKeyPair('ec', {
namedCurve,
privateKeyEncoding: {
type: 'pkcs8',
type: encodingType,
format: 'pem',
},
});
@@ -201,6 +201,9 @@ async function getWebCryptoKeyPair(keyPem) {
}
/* Decode PEM and import into CryptoKeyPair */
if (encodingType === 'pkcs1') {
encodingType = 'pkcs8';
}
const privateKeyDec = x509.PemConverter.decodeFirst(keyPem.toString());
const privateKey = await crypto.webcrypto.subtle.importKey('pkcs8', privateKeyDec, sigalg, true, ['sign']);
const publicKey = await crypto.webcrypto.subtle.importKey('jwk', jwk, sigalg, true, ['verify']);
packages/core/acme-client/src/index.js
+1 -1
View File
@@ -32,7 +32,7 @@ exports.directory = {
*/
exports.crypto = require('./crypto');
// exports.forge = require('./crypto/forge');
exports.forge = require('./crypto/forge');
/**
* Axios
packages/core/acme-client/types/index.d.ts
Vendored
+4 -4
View File
@@ -155,16 +155,16 @@ export interface EcdsaPublicJwk {
}
export interface CryptoInterface {
createPrivateKey(keySize?: number): Promise<PrivateKeyBuffer>;
createPrivateRsaKey(keySize?: number): Promise<PrivateKeyBuffer>;
createPrivateEcdsaKey(namedCurve?: 'P-256' | 'P-384' | 'P-521'): Promise<PrivateKeyBuffer>;
createPrivateKey(keySize?: number,encodingType?:string): Promise<PrivateKeyBuffer>;
createPrivateRsaKey(keySize?: number,encodingType?:string): Promise<PrivateKeyBuffer>;
createPrivateEcdsaKey(namedCurve?: 'P-256' | 'P-384' | 'P-521',encodingType?:string): Promise<PrivateKeyBuffer>;
getPublicKey(keyPem: PrivateKeyBuffer | PrivateKeyString | PublicKeyBuffer | PublicKeyString): PublicKeyBuffer;
getJwk(keyPem: PrivateKeyBuffer | PrivateKeyString | PublicKeyBuffer | PublicKeyString): RsaPublicJwk | EcdsaPublicJwk;
splitPemChain(chainPem: CertificateBuffer | CertificateString): string[];
getPemBodyAsB64u(pem: CertificateBuffer | CertificateString): string;
readCsrDomains(csrPem: CsrBuffer | CsrString): CertificateDomains;
readCertificateInfo(certPem: CertificateBuffer | CertificateString): CertificateInfo;
createCsr(data: CsrOptions, keyPem?: PrivateKeyBuffer | PrivateKeyString): Promise<[PrivateKeyBuffer, CsrBuffer]>;
createCsr(data: CsrOptions, keyPem?: PrivateKeyBuffer | PrivateKeyString,encodingType?:string): Promise<[PrivateKeyBuffer, CsrBuffer]>;
createAlpnCertificate(authz: Authorization, keyAuthorization: string, keyPem?: PrivateKeyBuffer | PrivateKeyString): Promise<[PrivateKeyBuffer, CertificateBuffer]>;
isAlpnCertificateAuthorizationValid(certPem: CertificateBuffer | CertificateString, keyAuthorization: string): boolean;
}