Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

(feature) Return CA Certificate path/data #41

Merged
merged 10 commits into from
Nov 21, 2019
6 changes: 3 additions & 3 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@
"homepage": "https://github.com/davewasmer/devcert#readme",
"devDependencies": {
"standard-version": "^4.3.0",
"typescript": "^2.7.0"
"typescript": "^2.9.2"
},
"dependencies": {
"@types/configstore": "^2.1.1",
Expand All @@ -52,7 +52,7 @@
"rimraf": "^2.6.2",
"sudo-prompt": "^8.2.0",
"tmp": "^0.0.33",
"tslib": "^1.8.1"
"tslib": "^1.10.0"
},
"optionalDependencies": {}
}
}
17 changes: 5 additions & 12 deletions src/certificate-authority.ts
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,6 @@ export default async function installCertificateAuthority(options: Options = {})

debug(`Generating a root certificate authority`);
let rootKeyPath = mktmp();
let rootCertPath = mktmp();

debug(`Generating the OpenSSL configuration needed to setup the certificate authority`);
seedConfigFiles();
Expand All @@ -44,13 +43,13 @@ export default async function installCertificateAuthority(options: Options = {})
generateKey(rootKeyPath);

debug(`Generating a CA certificate`);
openssl(`req -new -x509 -config "${ caSelfSignConfig }" -key "${ rootKeyPath }" -out "${ rootCertPath }" -days 7000`);
openssl(`req -new -x509 -config "${ caSelfSignConfig }" -key "${ rootKeyPath }" -out "${ rootCACertPath }" -days 7000`);

debug('Saving certificate authority credentials');
await saveCertificateAuthorityCredentials(rootKeyPath, rootCertPath);
await saveCertificateAuthorityCredentials(rootKeyPath);

debug(`Adding the root certificate authority to trust stores`);
await currentPlatform.addToTrustStores(rootCertPath, options);
await currentPlatform.addToTrustStores(rootCACertPath, options);
}

/**
Expand Down Expand Up @@ -101,20 +100,14 @@ function seedConfigFiles() {
export async function withCertificateAuthorityCredentials(cb: ({ caKeyPath, caCertPath }: { caKeyPath: string, caCertPath: string }) => Promise<void> | void) {
debug(`Retrieving devcert's certificate authority credentials`);
let tmpCAKeyPath = mktmp();
let tmpCACertPath = mktmp();
let caKey = await currentPlatform.readProtectedFile(rootCAKeyPath);
let caCert = await currentPlatform.readProtectedFile(rootCACertPath);
writeFile(tmpCAKeyPath, caKey);
writeFile(tmpCACertPath, caCert);
await cb({ caKeyPath: tmpCAKeyPath, caCertPath: tmpCACertPath });
await cb({ caKeyPath: tmpCAKeyPath, caCertPath: rootCACertPath });
rm(tmpCAKeyPath);
rm(tmpCACertPath);
}

async function saveCertificateAuthorityCredentials(keypath: string, certpath: string) {
async function saveCertificateAuthorityCredentials(keypath: string) {
debug(`Saving devcert's certificate authority credentials`);
let key = readFile(keypath, 'utf-8');
let cert = readFile(certpath, 'utf-8');
await currentPlatform.writeProtectedFile(rootCAKeyPath, key);
await currentPlatform.writeProtectedFile(rootCACertPath, cert);
}
14 changes: 13 additions & 1 deletion src/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,8 @@ import {
isWindows,
pathForDomain,
domainsDir,
rootCAKeyPath
rootCAKeyPath,
rootCACertPath
} from './constants';
import currentPlatform from './platforms';
import installCertificateAuthority from './certificate-authority';
Expand All @@ -18,6 +19,7 @@ import UI, { UserInterface } from './user-interface';
const debug = createDebug('devcert');

export interface Options {
returnCa?: true | 'read',
Js-Brecht marked this conversation as resolved.
Show resolved Hide resolved
skipCertutilInstall?: true,
skipHostsFile?: true,
ui?: UserInterface
Expand All @@ -34,6 +36,9 @@ export interface Options {
* Returns a promise that resolves with { key, cert }, where `key` and `cert`
* are Buffers with the contents of the certificate private key and certificate
* file, respectively
*
* If `returnCa` is `true`, include path to CA cert as `ca` in return value.
* If `returnCa` is `read`, include Buffer with contents of CA cert in return value.
*/
export async function certificateFor(domain: string, options: Options = {}) {
debug(`Certificate requested for ${ domain }. Skipping certutil install: ${ Boolean(options.skipCertutilInstall) }. Skipping hosts file: ${ Boolean(options.skipHostsFile) }`);
Expand Down Expand Up @@ -68,6 +73,13 @@ export async function certificateFor(domain: string, options: Options = {}) {
}

debug(`Returning domain certificate`);
if (options.returnCa) {
return {
ca: options.returnCa === 'read' ? readFile(rootCACertPath) : rootCACertPath,
Js-Brecht marked this conversation as resolved.
Show resolved Hide resolved
key: readFile(domainKeyPath),
cert: readFile(domainCertPath)
}
}
return {
key: readFile(domainKeyPath),
cert: readFile(domainCertPath)
Expand Down
14 changes: 8 additions & 6 deletions yarn.lock
Original file line number Diff line number Diff line change
Expand Up @@ -1231,17 +1231,19 @@ trim-off-newlines@^1.0.0:
version "1.0.1"
resolved "https://registry.yarnpkg.com/trim-off-newlines/-/trim-off-newlines-1.0.1.tgz#9f9ba9d9efa8764c387698bcbfeb2c848f11adb3"

tslib@^1.8.1:
version "1.8.1"
resolved "https://registry.yarnpkg.com/tslib/-/tslib-1.8.1.tgz#6946af2d1d651a7b1863b531d6e5afa41aa44eac"
tslib@^1.10.0:
version "1.10.0"
resolved "https://registry.yarnpkg.com/tslib/-/tslib-1.10.0.tgz#c3c19f95973fb0a62973fb09d90d961ee43e5c8a"
integrity sha512-qOebF53frne81cf0S9B41ByenJ3/IuH8yJKngAX35CmiZySA0khhkovshKK+jGCaMnVomla7gVlIcc3EvKPbTQ==

typedarray@^0.0.6:
version "0.0.6"
resolved "https://registry.yarnpkg.com/typedarray/-/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777"

typescript@^2.7.0:
version "2.7.2"
resolved "https://registry.yarnpkg.com/typescript/-/typescript-2.7.2.tgz#2d615a1ef4aee4f574425cdff7026edf81919836"
typescript@^2.9.2:
version "2.9.2"
resolved "https://registry.yarnpkg.com/typescript/-/typescript-2.9.2.tgz#1cbf61d05d6b96269244eb6a3bce4bd914e0f00c"
integrity sha512-Gr4p6nFNaoufRIY4NMdpQRNmgxVIGMs4Fcu/ujdYk3nAZqk7supzBE9idmvfZIlH/Cuj//dvi+019qEue9lV0w==

uglify-js@^2.6:
version "2.8.18"
Expand Down