本文整理汇总了TypeScript中node-opcua-pki.CertificateManager类的典型用法代码示例。如果您正苦于以下问题:TypeScript CertificateManager类的具体用法?TypeScript CertificateManager怎么用?TypeScript CertificateManager使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了CertificateManager类的7个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的TypeScript代码示例。
示例1: it
it("updateCertificate should return BadSecurityChecksFailed if certificate doesn't match private key ", async () => {
// Given a certificate created for a different Private keuy
const wrongCertificateManager = new CertificateManager({
location: path.join(_tempFolder, "wrong")
});
await wrongCertificateManager.initialize();
const filename = await wrongCertificateManager.createCertificateRequest({
startDate: new Date(),
validity: 365
});
const certificateSigningRequestPEM = await promisify(fs.readFile)(filename, "ascii");
const certificateSigningRequest = convertPEMtoDER(certificateSigningRequestPEM);
const wrongCertificate = await produceCertificate(certificateSigningRequest);
// When I call updateCertificate with a certificate that do not match the private key
const certificateChain = split_der(wrongCertificate);
const certificate = certificateChain[0];
const issuerCertificates = certificateChain.slice(1);
const result: UpdateCertificateResult = await pushManager.updateCertificate(
"DefaultApplicationGroup",
"",
certificate,
issuerCertificates
);
// Then I should receive BadSecurityChecksFailed
result.statusCode.should.eql(StatusCodes.BadSecurityChecksFailed);
});
示例2: createSomeCertificate
export async function createSomeCertificate(certName: string): Promise<Buffer> {
if (!tmpGroup) {
tmpGroup = new CertificateManager({
location: path.join(_tempFolder, "tmp")
});
await tmpGroup.initialize();
}
const certFile = path.join(_tempFolder, certName);
const fileExists: boolean = await promisify(fs.exists)(certFile);
if (!fileExists) {
await tmpGroup.createSelfSignedCertificate({
applicationUri: "applicationUri",
subject: "CN=TOTO",
dns: [],
startDate: new Date(),
validity: 365,
outputFile: certFile
});
}
const content = await promisify(fs.readFile)(certFile, "ascii");
const certificate = convertPEMtoDER(content);
return certificate;
}
示例3: main
async function main() {
const tmpFolder = path.join(__dirname, "../certificates/myApp");
const applicationGroup = new CertificateManager({
location: tmpFolder
});
await applicationGroup.initialize();
const server = new OPCUAServer(server_options);
console.log(" Configuration rootdir = ", server.serverCertificateManager.rootDir);
console.log(chalk.yellow(" server PID :"), process.pid);
server.on("post_initialize", () => {
const addressSpace = server.engine.addressSpace!;
// to do: expose new nodeid here
const ns = addressSpace.getNamespaceIndex("http://yourorganisation.org/my_data_type/");
installPushCertificateManagement(addressSpace, {
applicationGroup: server.serverCertificateManager,
userTokenGroup: server.userCertificateManager
});
console.log("Certificate rejected folder ", server.serverCertificateManager.rejectedFolder);
});
try {
await server.start();
} catch (err) {
console.log(" Server failed to start ... exiting");
process.exit(-3);
}
const endpointUrl = server.endpoints[0].endpointDescriptions()[0].endpointUrl!;
console.log(chalk.yellow(" server on port :"), chalk.cyan(server.endpoints[0].port.toString()));
console.log(chalk.yellow(" endpointUrl :"), chalk.cyan(endpointUrl));
console.log(chalk.yellow("\n server now waiting for connections. CTRL+C to stop"));
process.on("SIGINT", async () => {
// only work on linux apparently
await server.shutdown(1000);
console.log(chalk.red.bold(" shutting down completed "));
process.exit(-1);
});
}
示例4: produceCertificateAndPrivateKey
export async function produceCertificateAndPrivateKey()
: Promise<{ certificate: Certificate, privateKey: PrivateKey }> {
// Given a Certificate Authority
const certificateManager = new CertificateManager({
keySize: 2048,
location: path.join(_tempFolder, "tmpPKI")
});
await certificateManager.initialize();
const certFile = path.join(_tempFolder, "tmpPKI/certificate.pem");
const fileExists: boolean = await promisify(fs.exists)(certFile);
await certificateManager.createSelfSignedCertificate({
applicationUri: "applicationUri",
subject: "CN=TOTO",
dns: [
getFullyQualifiedDomainName()
],
startDate: new Date(),
validity: 365,
outputFile: certFile
});
const content = await promisify(fs.readFile)(certFile, "ascii");
const certificate = convertPEMtoDER(content);
const privateKeyFile = certificateManager.privateKey;
const privateKeyPEM = await promisify(fs.readFile)(privateKeyFile, "ascii");
const privateKey = convertPEMtoDER(privateKeyPEM);
return { certificate, privateKey };
}
示例5: getCertificateDER
async function getCertificateDER(manager: CertificateManager): Promise<Certificate> {
const certificateFilename = path.join(manager.rootDir, "own/certs/certificate.pem");
const exists = await promisify(fs.exists)(certificateFilename);
if (!exists) {
await manager.createSelfSignedCertificate({
applicationUri: "SomeText",
dns: ["localhost"],
outputFile: certificateFilename,
startDate: new Date(),
subject: "/CN=fake",
validity: 100
});
}
const certificatePEM = await promisify(fs.readFile)(certificateFilename, "utf8");
const certificate = convertPEMtoDER(certificatePEM);
return certificate;
}
示例6: describe
describe("ServerConfiguration", () => {
let addressSpace: AddressSpace;
const opcuaServer: IServerBase = {
userManager: {
getUserRole(userName: string): string {
return "SecurityAdmin";
}
}
};
const session: ISessionBase = {
userIdentityToken: new UserNameIdentityToken({
userName: "joedoe"
})
};
const _tempFolder = path.join(__dirname, "../temp");
const applicationGroup = new CertificateManager({
location: path.join(_tempFolder, "application")
});
const userTokenGroup = new CertificateManager({
location: path.join(_tempFolder, "user")
});
const xmlFiles = [
nodesets.standard
];
before(async () => {
await initializeHelpers();
await applicationGroup.initialize();
await userTokenGroup.initialize();
addressSpace = AddressSpace.create();
await generateAddressSpace(addressSpace, xmlFiles);
addressSpace.registerNamespace("Private");
});
after(() => {
addressSpace.dispose();
});
it("should expose a server configuration object", async () => {
const server = addressSpace.rootFolder.objects.server;
server.should.have.ownProperty("serverConfiguration");
});
it("should expose a server configuration object - Certificate Management", async () => {
const server = addressSpace.rootFolder.objects.server;
// folders
server.serverConfiguration.should.have.ownProperty("certificateGroups");
// properties
server.serverConfiguration.should.have.ownProperty("maxTrustListSize");
server.serverConfiguration.should.have.ownProperty("multicastDnsEnabled");
server.serverConfiguration.should.have.ownProperty("serverCapabilities");
server.serverConfiguration.should.have.ownProperty("supportedPrivateKeyFormats");
// methods
server.serverConfiguration.should.have.ownProperty("applyChanges");
server.serverConfiguration.should.have.ownProperty("createSigningRequest");
server.serverConfiguration.should.have.ownProperty("getRejectedList");
server.serverConfiguration.should.have.ownProperty("updateCertificate");
});
it("server configuration should make its first level object visible", () => {
// ServerConfiguration Object and its immediate children shall be visible (i.e. browse access is available) to
// users who can access the Server Object.
// todo
});
it("server configuration should hide children of certificate groups to non admin user", () => {
// The children of the CertificateGroups Object should
// only be visible to authorized administrators.
// todo
});
it("should expose a server configuration object - KeyCredential Management", async () => {
const server = addressSpace.rootFolder.objects.server;
server.serverConfiguration.should.have.ownProperty("keyCredentialConfiguration");
});
it("should expose a server configuration object - Authorization Management", async () => {
const server = addressSpace.rootFolder.objects.server;
server.serverConfiguration.should.have.ownProperty("authorizationServices");
});
describe("Push Certificate Management model", () => {
//
// from OpcUA Specification part#12 7.3:
// Push management is targeted at Server applications to
// get a Certificate Request which can be passed onto the CertificateManager.
// After the CertificateManager signs the Certificate the new Certificate
// is pushed to the Server with the UpdateCertificate Method
// The Administration Component may be part of the CertificateManager or a standalone utility
// that uses OPC UA to communicate with the CertificateManager.
// The Configuration Database is used by the Server to persist its configuration information.
//.........这里部分代码省略.........
示例7: initializeHelpers
before(async () => {
await initializeHelpers();
await applicationGroup.initialize();
await userTokenGroup.initialize();
addressSpace = AddressSpace.create();
await generateAddressSpace(addressSpace, xmlFiles);
addressSpace.registerNamespace("Private");
});