gecko-dev/servo/etc/cert_generator.js

76 строки
2.9 KiB
JavaScript
Исходник Обычный вид История

// XPCShell script for generating a single file containing all certificates in PEM
// format. You may run this in the browser toolbox's console
// (Firefox -> devtools -> settings -> enable remote/chrome debugging,
// followed by settings -> devtools menu -> browser toolbox) or the
// xpcshell runner that comes with a built Firefox (./run-mozilla.sh ./xpcshell).
// The variable `certstring` contains the final pem file. You can use `save(path)` to
// save it to a file. `certlist` contains an array with the PEM certs as well as their names if you
// want to filter them.
// http://mxr.mozilla.org/mozilla-central/source/security/manager/pki/resources/content/pippki.js
function getDERString(cert)
{
var length = {};
var derArray = cert.getRawDER(length);
var derString = '';
for (var i = 0; i < derArray.length; i++) {
derString += String.fromCharCode(derArray[i]);
}
return derString;
}
// http://mxr.mozilla.org/mozilla-central/source/security/manager/pki/resources/content/pippki.js
function getPEMString(cert)
{
var derb64 = btoa(getDERString(cert));
// Wrap the Base64 string into lines of 64 characters,
// with CRLF line breaks (as specified in RFC 1421).
var wrapped = derb64.replace(/(\S{64}(?!$))/g, "$1\r\n");
return "-----BEGIN CERTIFICATE-----\r\n"
+ wrapped
+ "\r\n-----END CERTIFICATE-----\r\n";
}
let certdb = Components.classes["@mozilla.org/security/x509certdb;1"].createInstance(Ci.nsIX509CertDB);
let enumerator = certdb.getCerts().getEnumerator();
let certlist = [];
let certstring="";
while(enumerator.hasMoreElements()){
let cert = enumerator.getNext().QueryInterface(Ci.nsIX509Cert);
let pem = getPEMString(cert);
let trusted = certdb.isCertTrusted(cert, Ci.nsIX509Cert.CA_CERT, Ci.nsIX509CertDB.TRUSTED_SSL);
certlist.push({name: cert.commonName, pem: pem, trusted: trusted});
if (trusted) {
certstring+=pem;
}
}
function save(path) {
// https://developer.mozilla.org/en-US/Add-ons/Code_snippets/File_I_O
Components.utils.import("resource://gre/modules/FileUtils.jsm");
var file = new FileUtils.File(path);
Components.utils.import("resource://gre/modules/NetUtil.jsm");
// file is nsIFile, data is a string
// You can also optionally pass a flags parameter here. It defaults to
// FileUtils.MODE_WRONLY | FileUtils.MODE_CREATE | FileUtils.MODE_TRUNCATE;
var ostream = FileUtils.openSafeFileOutputStream(file);
var converter = Components.classes["@mozilla.org/intl/scriptableunicodeconverter"].
createInstance(Components.interfaces.nsIScriptableUnicodeConverter);
converter.charset = "UTF-8";
var istream = converter.convertToInputStream(certstring);
// The last argument (the callback) is optional.
NetUtil.asyncCopy(istream, ostream, function(status) {
if (!Components.isSuccessCode(status)) {
// Handle error!
return;
}
// Data has been written to the file.
});
}