Skip to content

htools-org/stateless-dane

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

stateless-dane

A library/utility for Stateless DANE certificates (HIP-0017).

Warning Not ready for production use. This project (and spec) is in early stages and subject to breaking changes.

Installation / Usage

In any case, a connection to a hsd node is required. Connection settings are read just like hs-client from hsd.conf, env and args.

As a CLI

Install it globally: npm i -g stateless-dane

The CLI can generate new and inspect existing certificates:

❯ stateless-dane

stateless-dane v0.0.1

Usage:
    stateless-dane inspect-cert <filepath>
    stateless-dane generate <name> [--sign <true|false>] [--public-key <hex>]
    stateless-dane get-ext-data <name> [--parsed <true|false>]


Options:
    --sign <bool>         whether to sign the certificate (default: true)
    --public-key <hex>    create a certificate with this public key (default: generated keypair)
    --parsed <bool>       whether to return parsed extension data (default: true)

    [all hsd client options like http-host, api-key, etc.]


Examples:
    * Inspect an existing certificate:
        $ stateless-dane inspect-cert /tmp/cert.pem

    * Generate a new certificate for letsdane:
        $ stateless-dane generate letsdane

    * Only get raw extension data to be used by other cert issuers:
        $ stateless-dane get-ext-data letsdane --parsed false

As a library

Add as dependency with npm i stateless-dane and use it like:

// A hs-client node client
const nodeClient = new NodeClient({
  port: network.rpcPort,
});

const name = 'some.domain';

// Init a new certificate
const cert = new StatelessDANECertificate(nodeClient, name);

// Optionally, set keypair (else, will be generated)
cert.publicKey = Buffer...
cert.privateKey = Buffer...

// Create and sign the certificate
await cert.create();
cert.sign();

// Export as PEM
console.log(cert.cert.toPEM());

Contributing

Contributions are always welcome! However, please create an issue before starting any work so there won't be any repeated/wasted effort.

Credits

Thanks to:

About

A library/utility for Stateless DANE certificates

Resources

License

Stars

Watchers

Forks

Packages

No packages published