pem - Documentation

pem module

Source:

pem.js, line 3

Namespaces

promisified

Members

(static) convert :module:convert

Source:

pem.js, line 36

quick access the convert module

Type:

module:convert

Methods

(static) checkCertificate(certificate, passphraseopt, callback)

Source:

pem.js, line 965

Check a certificate

Parameters:

Name	Type	Attributes	Description
`certificate`	String		PEM encoded certificate
`passphrase`	String	<optional>	password for the certificate
`callback`	function		Callback function with an error object and a boolean valid

(static) checkPkcs12(bufferOrPath, passphraseopt, callback)

Source:

pem.js, line 1025

check a PKCS#12 file (.pfx or.p12)

Parameters:

Name	Type	Attributes	Description
`bufferOrPath`	Buffer \| String		PKCS#12 certificate
`passphrase`	String	<optional>	optional passphrase which will be used to open the keystore
`callback`	function		Callback function with an error object and a boolean valid

(static) config(options)

Source:

pem.js, line 739

config the pem module

Parameters:

Name	Type	Description
`options`	Object

(static) createCertificate(optionsopt, callback)

Source:

pem.js, line 351

Creates a certificate based on a CSR. If CSR is not defined, a new one
will be generated automatically. For CSR generation all the options values
can be used as with createCSR.

Parameters:

Name Type Attributes Description

options

Object

Optional options object

Properties

Name	Type	Attributes	Description
`serviceCertificate`	String	<optional>	PEM encoded certificate
`serviceKey`	String	<optional>	Private key for signing the certificate, if not defined a new one is generated
`serviceKeyPassword`	String	<optional>	Password of the service key
`selfSigned`	Boolean	<optional>	If set to true and serviceKey is not defined, use clientKey for signing
`serial`	String \| Number	<optional>	Set a serial max. 20 octets - only together with options.serviceCertificate
`serialFile`	String	<optional>	Set the name of the serial file, without extension. - only together with options.serviceCertificate and never in tandem with options.serial
`hash`	String	<optional>	Hash function to use (either md5 sha1 or sha256, defaults to sha256)
`csr`	String	<optional>	CSR for the certificate, if not defined a new one is generated
`days`	Number	<optional>	Certificate expire time in days
`clientKeyPassword`	String	<optional>	Password of the client key
`extFile`	String	<optional>	extension config file - without '-extensions v3_req'
`config`	String	<optional>	extension config file - with '-extensions v3_req'
`csrConfigFile`	String	<optional>	CSR config file - only used if no options.csr is provided
`altNames`	Array	<optional>	is a list of subjectAltNames in the subjectAltName field - only used if no options.csr is provided

callback

function

Callback function with an error object and {certificate, csr, clientKey, serviceKey}

(static) createCSR(optionsopt, callback)

Source:

pem.js, line 215

Creates a Certificate Signing Request
If client key is undefined, a new key is created automatically. The used key is included
in the callback return as clientKey

Parameters:

Name Type Attributes Description

options

Object

Optional options object

Properties

Name	Type	Attributes	Default	Description
`clientKey`	String	<optional>		Optional client key to use
`keyBitsize`	Number	<optional>		If clientKey is undefined, bit size to use for generating a new key (defaults to 2048)
`hash`	String	<optional>		Hash function to use (either md5 sha1 or sha256, defaults to sha256)
`country`	String	<optional>		CSR country field
`state`	String	<optional>		CSR state field
`locality`	String	<optional>		CSR locality field
`organization`	String	<optional>		CSR organization field
`organizationUnit`	String	<optional>		CSR organizational unit field
`commonName`	String	<optional>	`'localhost'`	CSR common name field
`emailAddress`	String	<optional>		CSR email address field
`csrConfigFile`	String	<optional>		CSR config file
`altNames`	Array	<optional>		is a list of subjectAltNames in the subjectAltName field

callback

function

Callback function with an error object and {csr, clientKey}

(static) createDhparam(keyBitsizeopt, callback)

Source:

pem.js, line 123

Creates a dhparam key

Parameters:

Name	Type	Attributes	Default	Description
`keyBitsize`	Number	<optional>	`512`	Size of the key, defaults to 512bit
`callback`	function			Callback function with an error object and {dhparam}

(static) createEcparam(keyNameopt, paramEncopt, noOutopt, callback)

Source:

pem.js, line 155

Creates a ecparam key

Parameters:

Name	Type	Attributes	Default	Description
`keyName`	String	<optional>	`secp256k1`	Name of the key, defaults to secp256k1
`paramEnc`	String	<optional>	`explicit`	Encoding of the elliptic curve parameters, defaults to explicit
`noOut`	Boolean	<optional>	`false`	This option inhibits the output of the encoded version of the parameters.
`callback`	function			Callback function with an error object and {ecparam}

(static) createPkcs12(key, certificate, password, optionsopt, callback)

Source:

pem.js, line 794

Export private key and certificate to a PKCS12 keystore

Parameters:

Name	Type	Attributes	Description
`key`	String		PEM encoded private key
`certificate`	String		PEM encoded certificate
`password`	String		Password of the result PKCS12 file
`options`	Object	<optional>	object of cipher and optional client key password {cipher:'aes128', clientKeyPassword: 'xxxx', certFiles: ['file1','file2']}
`callback`	function		Callback function with an error object and {pkcs12}

(static) createPrivateKey(keyBitsizeopt, optionsopt, callback)

Source:

pem.js, line 57

Creates a private key

Parameters:

Name Type Attributes Default Description

keyBitsize

Number

2048

Size of the key, defaults to 2048bit

options

Object

object of cipher and password {cipher:'aes128',password:'xxx'}, defaults empty object

Properties

Name	Type	Attributes	Description
`cipher`	String	<optional>	string of the cipher for the encryption - needed with password
`password`	String	<optional>	string of the cipher password for the encryption needed with cipher

callback

function

Callback function with an error object and {key}

(static) getDhparamInfo(dh, callback)

Source:

pem.js, line 691

get the size and prime of DH parameters

Parameters:

Name	Type	Description
`dh`	String	parameters PEM encoded
`callback`	function	Callback function with an error object and {size, prime}

(static) getFingerprint(certificate, hashopt, callback)

Source:

pem.js, line 752

Gets the fingerprint for a certificate

Parameters:

Name	Type	Attributes	Description
`certificate`	String		PEM encoded certificate
`hash`	String	<optional>	hash function to use (either `md5`, `sha1` or `sha256`, defaults to `sha1`)
`callback`	function		Callback function with an error object and {fingerprint}

(static) getModulus(certificate, passwordopt, hashopt, callback)

Source:

pem.js, line 617

get the modulus from a certificate, a CSR or a private key

Parameters:

Name	Type	Attributes	Description
`certificate`	String		PEM encoded, CSR PEM encoded, or private key
`password`	String	<optional>	password for the certificate
`hash`	String	<optional>	hash function to use (up to now `md5` supported) (default: none)
`callback`	function		Callback function with an error object and {modulus}

(static) getPublicKey(certificate, callback)

Source:

pem.js, line 534

Exports a public key from a private key, CSR or certificate

Parameters:

Name	Type	Description
`certificate`	String	PEM encoded private key, CSR or certificate
`callback`	function	Callback function with an error object and {publicKey}

(static) readCertificateInfo(certificate, callback)

Source:

pem.js, line 582

Reads subject data from a certificate or a CSR

Parameters:

Name	Type	Description
`certificate`	String	PEM encoded CSR or certificate
`callback`	function	Callback function with an error object and {country, state, locality, organization, organizationUnit, commonName, emailAddress}

(static) readPkcs12(bufferOrPath, optionsopt, callback)

Source:

pem.js, line 853

read sslcert data from Pkcs12 file. Results are provided in callback response in object notation ({cert: .., ca:..., key:...})

Parameters:

Name	Type	Attributes	Description
`bufferOrPath`	Buffer \| String		Buffer or path to file
`options`	Object	<optional>	openssl options
`callback`	function		Called with error object and sslcert bundle object

(static) verifySigningChain(certificate, ca, callback)

Source:

pem.js, line 1085

Verifies the signing chain of the passed certificate

Parameters:

Name	Type	Description
`certificate`	String \| Array	PEM encoded certificate include intermediate certificates The correct order of trust chain must be preserved and should start with Leaf certificate. Example array: [Leaf, Int CA 1, ... , Int CA N, Root CA].
`ca`	String \| Array	[List] of CA certificates
`callback`	function	Callback function with an error object and a boolean valid