milliways-infosec/AikidoSec-safe-chain
7
0
Fork 0
mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 12:10:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add debug logs

Browse source
This commit is contained in:
Sander Declerck 2025-11-28 15:27:40 +01:00
parent 51616dda77
commit 8ab4d2955a
No known key found for this signature in database
1 changed files with 58 additions and 53 deletions
Download patch file Download diff file Expand all files Collapse all files

111
packages/safe-chain/src/registryProxy/certUtils.js
View file

@ -1,13 +1,14 @@
import forge from "node-forge"; import forge from "node-forge";
import path from "path"; import path from "path";
// import fs from "fs"; import fs from "fs";
import os from "os"; import os from "os";
import { ui } from "../environment/userInteraction.js";
// @ts-ignore // @ts-ignore
forge.options.usePureJavaScript = true; forge.options.usePureJavaScript = true;
const certFolder = path.join(os.homedir(), ".safe-chain", "certs"); const certFolder = path.join(os.homedir(), ".safe-chain", "certs");
// const ca = loadCa(); const ca = loadCa();
const certCache = new Map(); const certCache = new Map();
@ -35,7 +36,7 @@ export function generateCertForHost(hostname) {
const attrs = [{ name: "commonName", value: hostname }]; const attrs = [{ name: "commonName", value: hostname }];
cert.setSubject(attrs); cert.setSubject(attrs);
// cert.setIssuer(ca.certificate.subject.attributes); cert.setIssuer(ca.certificate.subject.attributes);
cert.setExtensions([ cert.setExtensions([
{ {
name: "subjectAltName", name: "subjectAltName",
@ -62,7 +63,7 @@ export function generateCertForHost(hostname) {
serverAuth: true, serverAuth: true,
}, },
]); ]);
// cert.sign(ca.privateKey, forge.md.sha256.create()); cert.sign(ca.privateKey, forge.md.sha256.create());
const result = { const result = {
privateKey: forge.pki.privateKeyToPem(keys.privateKey), privateKey: forge.pki.privateKeyToPem(keys.privateKey),
@ -74,58 +75,62 @@ export function generateCertForHost(hostname) {
return result; return result;
} }
// function loadCa() { function loadCa() {
// const keyPath = path.join(certFolder, "ca-key.pem"); const keyPath = path.join(certFolder, "ca-key.pem");
// const certPath = path.join(certFolder, "ca-cert.pem"); const certPath = path.join(certFolder, "ca-cert.pem");
// if (fs.existsSync(keyPath) && fs.existsSync(certPath)) { if (fs.existsSync(keyPath) && fs.existsSync(certPath)) {
// const privateKeyPem = fs.readFileSync(keyPath, "utf8"); const privateKeyPem = fs.readFileSync(keyPath, "utf8");
// const certPem = fs.readFileSync(certPath, "utf8"); const certPem = fs.readFileSync(certPath, "utf8");
// const privateKey = forge.pki.privateKeyFromPem(privateKeyPem); const privateKey = forge.pki.privateKeyFromPem(privateKeyPem);
// const certificate = forge.pki.certificateFromPem(certPem); const certificate = forge.pki.certificateFromPem(certPem);
// // Don't return a cert that is valid for less than 1 hour // Don't return a cert that is valid for less than 1 hour
// const oneHourFromNow = new Date(Date.now() + 60 * 60 * 1000); const oneHourFromNow = new Date(Date.now() + 60 * 60 * 1000);
// if (certificate.validity.notAfter > oneHourFromNow) { if (certificate.validity.notAfter > oneHourFromNow) {
// return { privateKey, certificate }; return { privateKey, certificate };
// } }
// } }
// const { privateKey, certificate } = generateCa(); const { privateKey, certificate } = generateCa();
// fs.mkdirSync(certFolder, { recursive: true }); fs.mkdirSync(certFolder, { recursive: true });
// fs.writeFileSync(keyPath, forge.pki.privateKeyToPem(privateKey)); fs.writeFileSync(keyPath, forge.pki.privateKeyToPem(privateKey));
// fs.writeFileSync(certPath, forge.pki.certificateToPem(certificate)); fs.writeFileSync(certPath, forge.pki.certificateToPem(certificate));
// return { privateKey, certificate }; return { privateKey, certificate };
// } }
// function generateCa() { function generateCa() {
// const keys = forge.pki.rsa.generateKeyPair(2048); ui.writeInformation("1");
// const cert = forge.pki.createCertificate(); const keys = forge.pki.rsa.generateKeyPair(2048);
// cert.publicKey = keys.publicKey; ui.writeInformation("2");
// cert.serialNumber = "01"; const cert = forge.pki.createCertificate();
// cert.validity.notBefore = new Date(); ui.writeInformation("3");
// cert.validity.notAfter = new Date(); cert.publicKey = keys.publicKey;
// cert.validity.notAfter.setDate(cert.validity.notBefore.getDate() + 1); cert.serialNumber = "01";
cert.validity.notBefore = new Date();
cert.validity.notAfter = new Date();
cert.validity.notAfter.setDate(cert.validity.notBefore.getDate() + 1);
// const attrs = [{ name: "commonName", value: "safe-chain proxy" }]; const attrs = [{ name: "commonName", value: "safe-chain proxy" }];
// cert.setSubject(attrs); cert.setSubject(attrs);
// cert.setIssuer(attrs); cert.setIssuer(attrs);
// cert.setExtensions([ cert.setExtensions([
// { {
// name: "basicConstraints", name: "basicConstraints",
// cA: true, cA: true,
// }, },
// { {
// name: "keyUsage", name: "keyUsage",
// keyCertSign: true, keyCertSign: true,
// digitalSignature: true, digitalSignature: true,
// keyEncipherment: true, keyEncipherment: true,
// }, },
// ]); ]);
// cert.sign(keys.privateKey, forge.md.sha256.create()); cert.sign(keys.privateKey, forge.md.sha256.create());
ui.writeInformation("4");
// return { return {
// privateKey: keys.privateKey, privateKey: keys.privateKey,
// certificate: cert, certificate: cert,
// }; };
// } }