milliways-infosec/AikidoSec-safe-chain
7
0
Fork 0
mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 12:10:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Try set pure javascript for node-forge

Browse source
This commit is contained in:
Sander Declerck 2025-11-28 15:32:52 +01:00
parent 8ab4d2955a
commit 20420f865e
No known key found for this signature in database
3 changed files with 16 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

12
build.js
View file

@ -26,6 +26,15 @@ async function clearOutputFolder() {
}
async function bundleSafeChain() {
// Read the forge.js file and modify it to use pure JavaScript
const forgeContent = await readFile("./node_modules/node-forge/lib/forge.js", "utf-8");
const modifiedForge = forgeContent.replace(
"usePureJavaScript: false",
"usePureJavaScript: true"
);
await mkdir("./build/temp", { recursive: true });
await writeFile("./build/temp/forge.js", modifiedForge);
await build({
entryPoints: ["./packages/safe-chain/bin/safe-chain.js"],
bundle: true,
@ -33,6 +42,9 @@ async function bundleSafeChain() {
target: "node24",
outfile: "./build/bin/safe-chain.cjs",
external: ["certifi"],
alias: {
"node-forge/lib/forge": "./build/temp/forge.js",
},
});
}

8
packages/safe-chain/src/registryProxy/certBundle.js
View file

@ -5,7 +5,7 @@ import path from "node:path";
import certifi from "certifi";
import tls from "node:tls";
import { X509Certificate } from "node:crypto";
// import { getCaCertPath } from "./certUtils.js";
import { getCaCertPath } from "./certUtils.js";
/**
* Check if a PEM string contains only parsable cert blocks.
@ -58,10 +58,10 @@ export function getCombinedCaBundlePath() {
const parts = [];
// 1) Safe Chain CA (for MITM'd registries)
// const safeChainPath = getCaCertPath();
const safeChainPath = getCaCertPath();
try {
// const safeChainPem = fs.readFileSync(safeChainPath, "utf8");
// if (isParsable(safeChainPem)) parts.push(safeChainPem.trim());
const safeChainPem = fs.readFileSync(safeChainPath, "utf8");
if (isParsable(safeChainPem)) parts.push(safeChainPem.trim());
} catch {
// Ignore if Safe Chain CA is not available
}

3
packages/safe-chain/src/registryProxy/certUtils.js
View file

@ -4,9 +4,6 @@ import fs from "fs";
import os from "os";
import { ui } from "../environment/userInteraction.js";
// @ts-ignore
forge.options.usePureJavaScript = true;
const certFolder = path.join(os.homedir(), ".safe-chain", "certs");
const ca = loadCa();