codevibess / openssl-nodejs Goto Github PK

I try to convert a DER formatted certificate to PEM format. i used the command for that from sslshopper.
locally over the Console it worked, but when i try it in nodejs i get the following callback:
OpenSSL process ends with code 1
x509: Invalid format "openssl/der" for -inform
x509: Use -help for summary.

At first i thought its just a problem with the in cert, so i tried to give the command the local Dir of the cert. i also tried to give it the cert as object.

Am i too stupid or is it a real issue?

If you will try to run lib inside Firebase functions, or other function as a service platform it will fail.
It happens because usually you can't write to app folder, only to tmp dirrectory.
Correct approach presented here: #7

I'd like to be able to define the output directory to facilitate more predictable cleanup and keep my folder tree a bit tidier.

I tried to run the following openssl command:
openssl pkcs12 -in .p12 -clcerts -nokeys -out signerCert.pem -passin pass:

in Nodejs looks like this:
openssl(['pkcs12', '-config', { name:'cer.p12', buffer: buffervar }, '-clcerts', '-nokeys', '-out', 'Cer.pem', '-passin', 'pass:password'], function (err, buffer) {
console.log(err.toString(), buffer.toString());
});

I get always the errror
OpenSSL process ends with code 1
[💻] Usage: pkcs12 [options]
[💻] where options are
[💻] -export output PKCS12 file
[💻] -chain add certificate chain
[💻] -inkey file private key if not infile
[💻] -certfile f add all certs in f....

If I do it without password, then I get the same error. Where is my issue?
At the terminal it runs.
Thanks in advance.

I followed the directions in the readme for setting up.

1. const openssl = require('openssl-nodejs');

openssl('openssl s_client -showcerts -verify 5 -connect RemovedMyDomainOnPurpose.com:443 < /dev/null', (data) => {
        console.log(data);
    });

This returns the following error,

Error: spawn openssl ENOENT
at Process.ChildProcess._handle.onexit (node:internal/child_process:283:19)
at onErrorNT (node:internal/child_process:478:16)
at processTicksAndRejections (node:internal/process/task_queues:83:21)

The certs are there and they work, I just want to get them.

Here is my OpenSSL version:

EDIT:
I also tried installing the below version of OpenSSL and received the same problem.
OpenSSL 1.1.1t 7 Feb 2023

I tried to run the following script

openssl(openssl genrsa -des3 -out private.pem 2048), which requires a passphrase, but I can't send it. Can you provide an array of inputs parameter for cases like this?

I was unable to find documentation on how to actually encrypt and decrypt data. I'm sorry if I missed it.

I'm getting that error no matter what I write in function

openssl('openssl ca -config intermediate/openssl.cnf -extensions usr_cert -days 375 -notext -md sha256 -in intermediate/csr/Pakaya.csr.pem -out intermediate/certs/Pakaya.cert.pem', function (err, buffer) {
console.log(err.toString(), buffer.toString());
});

When I run it, it asks the passphrase and then it does not complete the process unless I press CTRL+C. It only creates a zero byte file in the specified location.
When I run the terminal ideally it should ask for the passphrase and then confirmation to sign the certificate.

openssl pkcs12 -in <filename.p12> -passin pass: -nodes | openssl x509 -noout -enddate

Hello, I get an error if I try to create a certificate in a path containing dashes (and I presume spaces too).

Is there a way to fix this or do I have to work only without spaces and dashes? Thank you 8)

The module do not work on my end, not sure what does it mean but i get this error.

events.js:174
throw er; // Unhandled 'error' event
^

Error: spawn openssl ENOENT
    at Process.ChildProcess._handle.onexit (internal/child_process.js:240:19)
    at onErrorNT (internal/child_process.js:415:16)
    at process._tickCallback (internal/process/next_tick.js:63:19)
    at Function.Module.runMain (internal/modules/cjs/loader.js:757:11)
    at startup (internal/bootstrap/node.js:283:19)
    at bootstrapNodeJSCore (internal/bootstrap/node.js:622:3)
Emitted 'error' event at:
    at Process.ChildProcess._handle.onexit (internal/child_process.js:246:12)
    at onErrorNT (internal/child_process.js:415:16)
    [... lines matching original stack trace ...]
    at bootstrapNodeJSCore (internal/bootstrap/node.js:622:3)

UnhandledPromiseRejectionWarning: Error: 'flags' option must be an array or string of openssl undefined command flags.

I am running this command:
openssl cms -sign -nodetach -binary -in receipt.json -text -outform der -out receipt.p7b -nocerts -signer MyCRT.crt -inkey MyKey.key

But got error: Bad output format for CMS file
However running this command manualy in command line works perfectly well.

Please help me with this issue! Thanks in advance!

The implementation here using fs.writeFileSync etc block the event loop & impact performance (any amount of parallelism with say, serving requests) would cause a significant issue.

No matter what I do, I am facing this issue while using this library.

Example of coding:

 openssl(['x509', '-noout', '-text', '-in', ca.pem, function (err, buffer) {
    console.log(err.toString(), buffer.toString());
  }]);

or

openssl(['x509', '-noout', '-text', '-in', { name:'ca.pem', buffer: BufferVariable }], (output) => console.log(output.toString()));

Error:

{
    "errorType": "Runtime.UnhandledPromiseRejection",
    "errorMessage": "TypeError: element.includes is not a function",
    "reason": {
        "errorType": "TypeError",
        "errorMessage": "element.includes is not a function",
        "stack": [
            "TypeError: element.includes is not a function",
            "    at checkCommandForIO (/var/task/node_modules/@amzn/interceptor-core/node_modules/openssl-nodejs/src/index.js:17:46)",
            "    at openssl (/var/task/node_modules/@amzn/interceptor-core/node_modules/openssl-nodejs/src/index.js:69:13)",
            "    at getKeyFromURL (/var/task/node_modules/@amzn/interceptor-core/src/token-validator.js:53:3)",
            "    at processTicksAndRejections (internal/process/task_queues.js:97:5)"
        ]
    },
    "promise": {},
    "stack": [
        "Runtime.UnhandledPromiseRejection: TypeError: element.includes is not a function",
        "    at process.<anonymous> (/var/runtime/index.js:35:15)",
        "    at process.emit (events.js:314:20)",
        "    at processPromiseRejections (internal/process/promises.js:209:33)",
        "    at processTicksAndRejections (internal/process/task_queues.js:98:32)"
    ]
}

I tried to use the -subj parameter and used "test-intern" as Common Name.
The module interprets the "-in" as new parameter and not as string.

Example throwing an error:

global.openssl(['req', '-config', {name: "csr.conf", buffer: csrConfigBuffer}, '-new', '-key', {name: "private.pem", buffer: privateKeyBuffer}, "-subj", "/C=Test/ST=Test/L=Test/O=Test/OU=Test/CN=test-intern"], function(errorOutput, bufferOuptut) {

Resolved by changing:

const checkCommandForIO = element => element.includes('-in') || element.includes('-out')
    || element.includes('-keyout') || element.includes('-signkey') || element.includes('-key')

to:

const checkCommandForIO = element => element == '-in' || element == '-out'
    || element == '-keyout' || element == '-signkey' || element == '-key'  || element == '-config'