当前位置: 首页>>代码示例>>TypeScript>>正文


TypeScript node-opcua-crypto.makeSHA1Thumbprint函数代码示例

本文整理汇总了TypeScript中node-opcua-crypto.makeSHA1Thumbprint函数的典型用法代码示例。如果您正苦于以下问题:TypeScript makeSHA1Thumbprint函数的具体用法?TypeScript makeSHA1Thumbprint怎么用?TypeScript makeSHA1Thumbprint使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。


在下文中一共展示了makeSHA1Thumbprint函数的10个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的TypeScript代码示例。

示例1: it

    it("should provide rejected list", async () => {

        // Given 2 rejected certificates , in two different groups
        // at 2 different time
        await pushManager.applicationGroup!.rejectCertificate(cert1);
        await new Promise((resolve) => setTimeout(resolve, 150));
        await pushManager.userTokenGroup!.rejectCertificate(cert2);

        // When I call getRejectedList
        const result = await pushManager.getRejectedList();

        // Then I should retrieve those 2 certificates
        result.statusCode.should.eql(StatusCodes.Good);
        result.certificates!.should.be.instanceOf(Array);
        result.certificates!.length.should.eql(2);

        // And their thumbprint should match the expected one
        const thumbprint1 = makeSHA1Thumbprint(result.certificates![0]).toString("hex");
        const thumbprint2 = makeSHA1Thumbprint(result.certificates![1]).toString("hex");
        const thumbprints = [thumbprint1, thumbprint2 ].sort();
        const certs  = [
          makeSHA1Thumbprint(cert1).toString("hex"),
            makeSHA1Thumbprint(cert2).toString("hex") ].sort();
        // And the most recent certificate should come first
        thumbprints[0].should.eql(certs[0]);
        thumbprints[1].should.eql(certs[1]);

    });
开发者ID:node-opcua,项目名称:node-opcua,代码行数:28,代码来源:test_push_certificate_manager_server_impl.ts

示例2: verifyServer

    function verifyServer(server: OPCUAServer) {

        debugLog("---------------------------------------------------------------");
        const certificateChain1 = server.getCertificateChain();
        debugLog("server.getCertificateChain() =",
          makeSHA1Thumbprint(certificateChain1).toString("hex") + " l=" + certificateChain1.length);
        const privateKey1 = convertPEMtoDER(server.getPrivateKey());
        debugLog("server.getPrivateKey()       =",
          makeSHA1Thumbprint(privateKey1).toString("hex"));

        const match = certificateMatchesPrivateKey(certificateChain1, privateKey1);
        debugLog("math                         =", match);

        for (const endpoint of server.endpoints) {
            debugLog("endpoint ", endpoint.toString());

            for (const e of endpoint.endpointDescriptions()) {
                const certificateChain3 = e.serverCertificate;
                debugLog("endpoint certificate =",
                  makeSHA1Thumbprint(certificateChain3).toString("hex") + " l=" + certificateChain3.length);
                // xx console.log(e.toString());
            }

        }
        debugLog("---------------------------------------------------------------");

    }
开发者ID:node-opcua,项目名称:node-opcua,代码行数:27,代码来源:test_server_with_push_certificate_management.ts

示例3: beforeEach

    beforeEach(async () => {

        const pkiFolder = path.join(temporaryFolder1, "pki");
        if (!fs.existsSync(pkiFolder)) {
            await rimraf.sync(pkiFolder);
        }
        if (fs.existsSync(temporaryFolder1)) {
            await rimraf.sync(temporaryFolder1);
            await fs.mkdirSync(temporaryFolder1);
        }
        if (fs.existsSync(temporaryFolder2)) {
            await rimraf.sync(temporaryFolder2);
            await fs.mkdirSync(temporaryFolder2);
        }

        acceptingCertificateMgr = new OPCUACertificateManager({
            automaticallyAcceptUnknownCertificate: true,
            rootFolder: temporaryFolder1
        });

        rejectingCertificateMgr = new OPCUACertificateManager({
            automaticallyAcceptUnknownCertificate: false,
            rootFolder: temporaryFolder2
        });

        certificate = await readCertificate(certificate1File);

        certificateThumbprint = makeSHA1Thumbprint(certificate).toString("hex");

        await acceptingCertificateMgr.initialize();
        await rejectingCertificateMgr.initialize();

    });
开发者ID:node-opcua,项目名称:node-opcua,代码行数:33,代码来源:test_certificate_manager.ts

示例4: _verify_serverCertificate

/**
 * check if certificate is trusted or untrusted
 */
function _verify_serverCertificate(serverCertificate: Certificate, callback: ErrorCallback) {

    // todo:
    //  - use Certificate manager to deal with trusted/ untrusted certificate
    //  - add certificate verification and validity check

    const pkiFolder = process.cwd() + "/pki";

    // istanbul ignore next
    if (!fs.existsSync(pkiFolder)) {
        fs.mkdirSync(pkiFolder);
    }
    const pkiRejectedCertificateFolder = path.join(pkiFolder, "rejected");

    // istanbul ignore next
    if (!fs.existsSync(pkiRejectedCertificateFolder)) {
        fs.mkdirSync(pkiRejectedCertificateFolder);
    }
    const thumbprint = makeSHA1Thumbprint(serverCertificate);

    const certificateFilename = path.join(pkiRejectedCertificateFolder, thumbprint.toString("hex") + ".pem");
    fs.writeFile(certificateFilename, toPem(serverCertificate, "CERTIFICATE"), () => {
        setImmediate(callback);
    });
}
开发者ID:node-opcua,项目名称:node-opcua,代码行数:28,代码来源:client_base_impl.ts

示例5: getCertificateChainEP

function getCertificateChainEP(this: OPCUAServerEndPoint): Certificate {

    const certificateFile = path.join(this.certificateManager.rootDir, "own/certs/certificate.pem");
    const certificatePEM = fs.readFileSync(certificateFile, "utf8");
    const $$certificateChain = convertPEMtoDER(certificatePEM);
    const thumbprint = makeSHA1Thumbprint($$certificateChain);

    return $$certificateChain;
}
开发者ID:node-opcua,项目名称:node-opcua,代码行数:9,代码来源:install_push_certitifate_management.ts

示例6: stopOnGoingConnection

    async function stopOnGoingConnection() {

        debugLog("stopping");
        await new Promise((resolve) => setTimeout(resolve, 5000));
        debugLog("stopOnGoingConnection - Server certificate is now ",
          makeSHA1Thumbprint(onGoingClient.serverCertificate!).toString("base64"));
        await onGoingSession.close();
        await onGoingClient.disconnect();
    }
开发者ID:node-opcua,项目名称:node-opcua,代码行数:9,代码来源:test_server_with_push_certificate_management.ts

示例7: _prepare_security_header

    /**
     * @method _prepare_security_header
     * @param request
     * @param message
     * @return {AsymmetricAlgorithmSecurityHeader}
     * @private
     */
    private _prepare_security_header(request: OpenSecureChannelRequest, message: Message): AsymmetricAlgorithmSecurityHeader {
        let securityHeader = null;
        // senderCertificate:
        //    The X509v3 certificate assigned to the sending application instance.
        //    This is a DER encoded blob.
        //    This indicates what private key was used to sign the MessageChunk.
        //    This field shall be null if the message is not signed.
        // receiverCertificateThumbprint:
        //    The thumbprint of the X509v3 certificate assigned to the receiving application
        //    The thumbprint is the SHA1 digest of the DER encoded form of the certificate.
        //    This indicates what public key was used to encrypt the MessageChunk
        //   This field shall be null if the message is not encrypted.
        switch (request.securityMode) {

            case MessageSecurityMode.None:
                securityHeader = new AsymmetricAlgorithmSecurityHeader({
                    receiverCertificateThumbprint: null, // message not encrypted
                    securityPolicyUri: "http://opcfoundation.org/UA/SecurityPolicy#None",
                    senderCertificate: null // message not signed
                });

                break;
            case MessageSecurityMode.Sign:
            case MessageSecurityMode.SignAndEncrypt:
            default: {
                // get the thumbprint of the client certificate
                const thumbprint = this.receiverCertificate
                  ? makeSHA1Thumbprint(this.receiverCertificate)
                  : null;

                if (!this.clientSecurityHeader) {
                    throw new Error("Internal");
                }
                const asymmClientSecurityHeader = this.clientSecurityHeader as AsymmetricAlgorithmSecurityHeader;

                securityHeader = new AsymmetricAlgorithmSecurityHeader({
                    receiverCertificateThumbprint: thumbprint, // message not encrypted (????)
                    securityPolicyUri: asymmClientSecurityHeader.securityPolicyUri,
                    senderCertificate: this.getCertificateChain() // certificate of the private key used to sign the message
                });
            }
        }
        return securityHeader;
    }
开发者ID:node-opcua,项目名称:node-opcua,代码行数:51,代码来源:server_secure_channel_layer.ts

示例8: makeSHA1Thumbprint

         this._getCertificateStatus(certificate, (err: Error|null, status0?: "unknown" | "trusted" |  "rejected") => {

            if (err) { return callback!(err); }

            if (status0 === "unknown") {
                const thumbprint = makeSHA1Thumbprint(certificate).toString("hex");
                // certificate has not bee seen before
                errorLog("Certificate with thumbprint " + thumbprint + "has not been seen before");
                if (this.automaticallyAcceptUnknownCertificate) {
                    errorLog("automaticallyAcceptUnknownCertificate = true");
                    errorLog("certificate with thumbprint " + thumbprint + " is now trusted");
                    this.trustCertificate(certificate, checkCertificateStep2);
                } else {
                    errorLog("automaticallyAcceptUnknownCertificate = false");
                    errorLog("certificate with thumbprint " + thumbprint + " is now rejected");
                    this.rejectCertificate(certificate, checkCertificateStep2);
                }
            } else {
                checkCertificateStep2(null);
            }
        });
开发者ID:node-opcua,项目名称:node-opcua,代码行数:21,代码来源:certificate_manager.ts

示例9: _check_receiverCertificateThumbprint

    /**
     * @method _check_receiverCertificateThumbprint
     * verify that the receiverCertificateThumbprint send by the client
     * matching the CertificateThumbPrint of the server
     * @param clientSecurityHeader
     * @return true if the receiver certificate thumbprint matches the server certificate
     * @private
     */
    private _check_receiverCertificateThumbprint(clientSecurityHeader: SecurityHeader): boolean {

        if (clientSecurityHeader instanceof SymmetricAlgorithmSecurityHeader) {
            return false;
        }

        if (clientSecurityHeader.receiverCertificateThumbprint) {
            // check if the receiverCertificateThumbprint is my certificate thumbprint
            const serverCertificateChain = this.getCertificateChain();
            const myCertificateThumbPrint = makeSHA1Thumbprint(serverCertificateChain);
            const thisIsMyCertificate =
              myCertificateThumbPrint.toString("hex") ===
              clientSecurityHeader.receiverCertificateThumbprint.toString("hex");
            if (doDebug && !thisIsMyCertificate) {
                debugLog("receiverCertificateThumbprint do not match server certificate",
                  myCertificateThumbPrint.toString("hex") + " <> "
                  +  clientSecurityHeader.receiverCertificateThumbprint.toString("hex"));
            }
            return thisIsMyCertificate;
        }
        return true;
    }
开发者ID:node-opcua,项目名称:node-opcua,代码行数:30,代码来源:server_secure_channel_layer.ts

示例10: _decrypt_OPN

    private _decrypt_OPN(binaryStream: BinaryStream): boolean {

        assert(this.securityPolicy !== SecurityPolicy.None);
        assert(this.securityPolicy !== SecurityPolicy.Invalid);
        assert(this.securityMode !== MessageSecurityMode.None);
        assert(this.securityHeader instanceof AsymmetricAlgorithmSecurityHeader);

        const asymmetricAlgorithmSecurityHeader = this.securityHeader! as AsymmetricAlgorithmSecurityHeader;

        /* istanbul ignore next */
        if (doDebug) {
            debugLog("securityHeader = {");
            debugLog("             securityPolicyId: ", asymmetricAlgorithmSecurityHeader.securityPolicyUri);
            debugLog("             senderCertificate: ",
              makeSHA1Thumbprint(asymmetricAlgorithmSecurityHeader.senderCertificate).toString("hex"));

            debugLog("};");
        }

        // OpcUA part 2 V 1.02 page 15
        // 4.11 OPC UA Security Related Services
        // [...]
        // The OPC UA Client sends its Public Key in a Digital Certificate and secret information with the
        // OpenSecureChannel service Message to the Server. This Message is secured by applying
        // Asymmetric Encryption with the Server's Public Key and by generating Asymmetric Signatures with
        // the Client's Private Key. However the Digital Certificate is sent unencrypted so that the receiver can
        // use it to verify the Asymmetric Signature.
        // [...]
        //

        /* istanbul ignore next */
        if (doDebug) {
            debugLog(chalk.cyan("EN------------------------------"));
            // xx debugLog(hexDump(binaryStream.buffer, 32, 0xFFFFFFFF));
            debugLog("---------------------- SENDER CERTIFICATE");
            debugLog("thumbprint ", makeSHA1Thumbprint(asymmetricAlgorithmSecurityHeader.senderCertificate).toString("hex"));
        }

        if (!this.cryptoFactory) {
            this._report_error(" Security Policy " + this.securityPolicy + " is not implemented yet");
            return false;
        }

        // The message has been signed  with sender private key and has been encrypted with receiver public key.
        // We shall decrypt it with the receiver private key.
        const buf = binaryStream.buffer.slice(binaryStream.length);

        if (asymmetricAlgorithmSecurityHeader.receiverCertificateThumbprint) {
            // this mean that the message has been encrypted ....

            assert(this.privateKey !== invalidPrivateKey, "expecting a valid private key");

            const decryptedBuffer = this.cryptoFactory.asymmetricDecrypt(buf, this.privateKey);

            // replace decrypted buffer in initial buffer
            decryptedBuffer.copy(binaryStream.buffer, binaryStream.length);

            // adjust length
            binaryStream.buffer = binaryStream.buffer.slice(0, binaryStream.length + decryptedBuffer.length);

            /* istanbul ignore next */
            if (doDebug) {
                debugLog(chalk.cyan("DE-----------------------------"));
                // debugLog(hexDump(binaryStream.buffer));
                debugLog(chalk.cyan("-------------------------------"));
                const thumbprint = makeSHA1Thumbprint(asymmetricAlgorithmSecurityHeader.senderCertificate);
                debugLog("Certificate thumbprint:", thumbprint.toString("hex"));
            }
        }

        const cert = exploreCertificateInfo(asymmetricAlgorithmSecurityHeader.senderCertificate);
        // then verify the signature
        const signatureLength = cert.publicKeyLength; // 1024 bits = 128Bytes or 2048=256Bytes or 3072 or 4096
        assert(signatureLength === 128 ||
          signatureLength === 256 ||
          signatureLength === 384 ||
          signatureLength === 512);

        const chunk = binaryStream.buffer;

        const signatureIsOK = asymmetricVerifyChunk(this.cryptoFactory, chunk, asymmetricAlgorithmSecurityHeader.senderCertificate);

        if (!signatureIsOK) {
            /* istanbul ignore next */
            if (doDebug) {
                debugLog(hexDump(binaryStream.buffer));
            }
            this._report_error("Sign and Encrypt asymmetricVerify : Invalid packet signature");
            return false;
        }

        // remove signature
        binaryStream.buffer = reduceLength(binaryStream.buffer, signatureLength);

        // remove padding
        if (asymmetricAlgorithmSecurityHeader.receiverCertificateThumbprint) {
            binaryStream.buffer = removePadding(binaryStream.buffer);
        }

        return true; // success
//.........这里部分代码省略.........
开发者ID:node-opcua,项目名称:node-opcua,代码行数:101,代码来源:message_builder.ts


注:本文中的node-opcua-crypto.makeSHA1Thumbprint函数示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。