Skip to content

DarkMaper/node-easyrsa-wrapper

BranchesTags

Repository files navigation

Publish Package to NPMNPM VersionNPM Downloads

MIT License

Wrapper Easy-RSA

An EasyRSA wrapper to maintain a private key infrastructure using Javascript

Installation

Install Easy-RSA Wrapper with npm

  npm install @darkmaper/easyrsa-wrapper

Usage/Examples

Start using easyrsa

With RSA

import EasyRSA from '@darkmaper/easyrsa-wrapper'

const easyrsaOpts = {
    pki: 'path/for/pki',
    days: 3650,
    certDays: 850,
    digest: 'sha256',
    algo: 'rsa',
    keySize: 2048,
}

const easyrsa = new EasyRSA(easyrsaOpts)

Or with EC

import EasyRSA from '@darkmaper/easyrsa-wrapper';

const easyrsaOpts = {
    pki: 'path/for/pki',
    days: 3650,
    certDays: 850,
    digest: 'sha256',
    algo: 'ec',
    curve: 'secp112r1'
}

const easyrsa = new EasyRSA(easyrsaOpts);

See more information about Elliptic Curves

Init PKI Infraestructure

For default, initPki overwrite PKI folder.

await easyrsa.initPki({ force: true })

Generate Certificate Authority

await easyrsa.buildCa({
    commonName: 'My CA',
})

If want encrypt the private key, you can pass a password for the CA private key

await easyrsa.buildCa({
    commonName: 'My CA',
    password: 'CAPassword'
})

Generate a Certificate

Create a server

await easyrsa.createServer({
    name: 'filename',
    commonName: 'My server',
    password: 'CertPassword',
    caPassword: 'CaPassword' 
})

Create a client

await easyrsa.createClient({
    name: 'filename',
    commonName: 'My Client',
    password: 'CertPassword',
    caPassword: 'CaPassword' 
})

Create a code signing

await easyrsa.createCodeSigning({
    name: 'filename',
    commonName: 'My Code Signing',
    password: 'CertPassword',
    caPassword: 'CaPassword' 
})

Revoke a Certificate

await easyrsa.revoke({
    name: 'filename',
    reason: 'unspecified',
    caPassword: 'CaPassword'
})

Renew a Certificate

await easyrsa.renew({
    name: 'filename',
    caPassword: 'CaPassword'
})

Generate a Certificate Revocation List

await easyrsa.genCrl('CaPassword')

ATENTION: If the CA is encrypted and not set caPassword or is a bad password easyrsa throws a error.

QA

How can I contribute to the project?

The project is based on Easy-RSA for Linux. I plan to add Windows support in the future. For project development, it's recommended to use Linux or WSL (Windows Subsystem for Linux), as the tests won't run on Windows when using the Linux version of Easy-RSA. To contribute, fork the project and create a branch with the format feature/<name-feature> or fix/<fix-name>. Don't create pull request to main branch.

Why include the binary of Easy-RSA in the package instead of being able to use external binaries?

Easy-RSA Wrapper is, as its name suggests, a JavaScript wrapper for using the Bash binary. Both the JavaScript code and the binary's commands must match. Easy-RSA can change how its commands work, deprecate them, or remove them. To prevent the package from breaking because the version of Easy-RSA being used modified how a command works, it was decided to include the binary in the package.

License

MIT

Authors

About

EasyRSA Wrapper for NodeJS

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

7 tags

Packages

No packages published

Languages