I'm trying to take a CMS base64 encoded string, convert it into a pkcs7 file and extract the leaf and intermediate certificates using javascript/nodejs, similar to the following openssl command:
openssl pkcs7 -print_certs -in certificate.p7b -out certificate.cer
I've read almost every article and see solutions in other languages, but not for node. I understand you can achieve what I need using node-forge, but node-forge does not support ECC algorithms. Anyone know of any other solutions/npm packages that can help me accomplish this? Please help me. I'm very new to this.
Did you see PKI.js for Node.js? It is a pure JavaScript library implementing the formats that are used in PKI applications. It is based on the W3C Web Cryptography API with full support for all "Suite B" algorithms in CMS messages. Code snippet submitted by OP:
const cmsSignedBuffer = stringToArrayBuffer(fromBase64(token.signature));
const asn1 = asn1js.fromBER(cmsSignedBuffer);
const cmsContentSimpl = new pkijs.ContentInfo({ schema: asn1.result });
const cmsSignedSimpl = new pkijs.SignedData({ schema: cmsContentSimpl.content })
Another approach is to use a wrapper for openssl like openssl-nodejs, for example. The wrapper simply spawns a child process to invoke openssl. Thus, openssl must be installed on system where the Node.js application is deployed.
I have a base64 string and I need decode it to an audio which I can reproduce with Media and MediaObject of ionic-cordova.
As I said, I am using Ionic3 and Angular5.
is there any way to auto-generate ServiceStack javascript (no typescript) client based on metadata/Swagger? It would be good to integrate that somehow with webpack.
I am not sure is it possible to do this with swagger-js-codegen (This package generates a nodejs or angularjs class from a swagger specification file).
Actually swagger plugin doesn't share service to access swagger.json to get complete schema (the schema is splited). Is there any workaround to use swagger codegen for javascript?
By accessing http://localhost:12116/resources you can get
{"swaggerVersion":"1.2","apis":[{"path":"/resource/assignroles"},{"path":"/resource/auth"},{"path":"/resource/authenticate"},{"path":"/resource/criteria"},{"path":"/resource/import"},{"path":"/resource/tenders"},{"path":"/resource/unassignroles"}],"apiVersion":"1.0","basePath":"http://localhost:12116","info":{"title":"App"}}
and using http://localhost:12116/resource/import
{"swaggerVersion":"1.2","apiVersion":"1.0","basePath":"http://localhost:12116","resourcePath":"/import","apis":[{"path":"/import/stats","operations":[{"method":"GET","nickname":"BrowseImportStats","parameters":[],"errorResponses":[]}]},{"path":"/import/tenders/changes/apply","operations":[{"method":"GET","nickname":"ApplyChanges","parameters":[],"errorResponses":[]},{"method":"POST","nickname":"ApplyChanges","parameters":[{"paramType":"body","name":"body","required":false,"allowMultiple":false,"type":"ApplyChanges"}],"errorResponses":[]},{"method":"PUT","nickname":"ApplyChanges","parameters":[{"paramType":"body","name":"body","required":false,"allowMultiple":false,"type":"ApplyChanges"}],"errorResponses":[]},{"method":"DELETE","nickname":"ApplyChanges","parameters":[],"errorResponses":[]}]},{"path":"/import/tenders/sync","description":"summary","operations":[{"method":"GET","summary":"summary","nickname":"ImportTenders","parameters":[],"errorResponses":[]}]}],"models":{"ImportTenders":{"id":"ImportTenders","properties":{}},"ApplyChanges":{"id":"ApplyChanges","properties":{}},"BrowseImportStats":{"id":"BrowseImportStats","description":"BrowseImportStats","properties":{}}}}
update 2016-11-26
I was able to generate documentation
C:\git\testapp>java -jar swagger-codegen-cli-2.2.1.jar generate -i http
://localhost:12116/resources -l javascript -o ./node_modules/testapp_api --additi
onal-properties emitJSDoc=false,usePromises=true
Given that you've the OpenAPI/Swagger spec, you can leverage Swagger Codegen to generate not only JS API clients but API clients in other langauges (C#, Ruby, PHP, Python, etc), server stubs (Spring, NodeJS, etc) and API documentation.
Here is a good starting point: https://github.com/swagger-api/swagger-codegen#getting-started
(If you do not want to install anything, you can also generate code online: https://github.com/swagger-api/swagger-codegen#online-generators)
I am part of a project written in TypeScipt and I am trying to add TypeScript Web Server which will be compatible with Swagger.
What is the most basic strategy to implement it, considering easy maintainability.
For Typescript I have notice that exists 'Typson' library for generating a JSON Model from TypeScript Interface.
For Swagger, I have tried using 'swagger-node-restify' library, since it supports adding JSON models to swagger.
However, I encounter some problems:
Typson doesn't support typeScript syntax of Import -
(import {Server} from "restify")
I tried to implement the 'swagger-node-restify' example (Pet Example), however the RESPONSE of the localhost:8080/api-docs.json GET Request is missing all the SPEC data of the API.
{"apiVersion":"0.1","swaggerVersion":"1.1","basePath":"http://localhost:8080","apis":[{"path":"/api-docs.{format}/pet","description":"none"}]}
I suggest to describe a Swagger compliant API using yaml or json and to generate the server from that.
swagger-server can build APIs on top of express in real time (no source code generation).
There are JavaScript code generators :
Call the swagger-codegen client with -l nodejs-server
swagger-node is a great alternative but seems hard to integrate with TypeScript
Yes, you can easily generate Swagger and OpenAPI documents from your TypeScript types by using tsoa. The readme contains all of the setup information that you would need to start using it. It's compatible with express, hapi, koa, and more (via the ability to add your own template for your preferred server type):
https://github.com/lukeautry/tsoa
The advantages that tsoa has over other libraries is:
it both generates the swagger/OpenAPI document and it also validates the types at runtime
(Full Transparency: I am one of the maintainers of tsoa. But I was first a consumer of tsoa and I find it to be a great product... that's why I asked to help maintain it! :) )
I'm building a nodejs app that talks to an API server. The API server requires that each request I make to it includes a X-Signature header using the prime256v1 ECDSA curve and sha256 hash on a particular set of data.
I looked through the crypto and tls documentation but didn't find anything suitable. I have successfully generated a private key with openssl ecparam -name prime256v1 -genkey but it is in PEM format. I have also generated a DER format key. Both of these include some extra metadata like the curve used and in the case of PEM, comments.
I can use these keys for signing operations on my side, but the server requires that I upload a public key using hex encoding (so the server can verify the signatures I make on my requests.)
Specifically the server wants something like the output of the following Python code:
from ecdsa import SigningKey
from binascii import hexlify
hexlify(SigningKey.from_pem(content).to_string())
Sample output for a pubkey (no newlines): c5bd76cd0cd948de17a31261567d219576e992d9066fe1a6bca97496dec634e2c8e06f8949773b300b9f73fabbbc7710d5d6691e96bcf3c9145e15daf6fe07b9
I would prefer not adding python as a dependency to my node app... anyone know of a way I can extract the binary data representing my private key from the PEM or DER files, so I can put it in a buffer and call buffer.toString('hex')? Or a way I can use the native crypto library to generate the ECDSA keypair? Or a library that would do the same?
openssl itself can print out the guts of things, in hex.
Doe the key change? sounds like you can just decode into hex one time, and use that? No need for dependencies - just paste the hex into your node source?