jan
/
browser_csr_generation
Archived
1
0
Fork 1
Code Issues Pull Requests Releases Wiki Activity
Proof of Concept to generate certificate signing requests in a web browser using node-forge.
This repository has been archived on 2022-07-28. You can view files and clone it, but cannot push or open issues or pull requests.
10 Commits 1 Branch 0 Tags 178 KiB
Go 54.9%
HTML 38.5%
JavaScript 3.5%
Shell 3%
Go to file
Jan Dittberner a960a60ecd Improve example CA setup 
The example CA now has more realistic 2 levels with a root CA and a sub CA.

Setup script and ca.cnf has been changed to create a root CA and a sub CA
that is signed by the root CA. The sub CA is used for signing the end entity
certificates. Example CA directory has been changed to example_ca for better
readability.
 		2020-12-05 19:48:34 +01:00
src Implement CSRF protection 2020-12-05 19:46:15 +01:00
templates Implement CSRF protection 2020-12-05 19:46:15 +01:00
.gitignore Improve example CA setup 2020-12-05 19:48:34 +01:00
COPYING Add GPL-2 license text 2020-11-22 11:47:19 +01:00
README.md Implement i18n support 2020-12-05 00:21:18 +01:00
active.de-DE.toml Implement i18n support 2020-12-05 00:21:18 +01:00
active.en-US.toml Implement i18n support 2020-12-05 00:21:18 +01:00
active.en.toml Implement i18n support 2020-12-05 00:21:18 +01:00
ca.cnf Improve example CA setup 2020-12-05 19:48:34 +01:00
go.mod Implement CSRF protection 2020-12-05 19:46:15 +01:00
go.sum Implement CSRF protection 2020-12-05 19:46:15 +01:00
gulpfile.js Implement i18n support 2020-12-05 00:21:18 +01:00
main.go Implement CSRF protection 2020-12-05 19:46:15 +01:00
package-lock.json Implement CSRF protection 2020-12-05 19:46:15 +01:00
package.json Implement i18n support 2020-12-05 00:21:18 +01:00
setup_example_ca.sh Improve example CA setup 2020-12-05 19:48:34 +01:00

README.md

Browser PKCS#10 CSR generation PoC

This repository contains a small proof of concept implementation of browser based PKCS#10 certificate signing request and PKCS#12 key store generation using node-forge.

The backend is implemented in Go and utilizes openssl for the signing operations.

Running

  1. Clone the repository

    git clone https://git.dittberner.info/jan/browser_csr_generation.git

  2. Get dependencies and build assets

    cd browser_csr_generation
npm install --global gulp-cli
npm install
gulp

  3. Setup the example CA and a server certificate and key

    ./setup_example_ca.sh
openssl req -new -x509 -days 365 -subj "/CN=localhost" -addext subjectAltName=DNS:localhost -newkey rsa:3072 \
  -nodes -out server.crt.pem -keyout server.key.pem

  4. Run the Go based backend

    go run main.go

    Open https://localhost:8000/ in your browser.

  5. Run gulp watch

    You can run a gulp watch in a second terminal window to automatically publish changes to the files in the src directory:

    gulp watch

Translations

This PoC uses go-i18n for internationalization (i18n) support.

The translation workflow needs the go18n binary which can be installed via

go get -u  github.com/nicksnyder/go-i18n/v2/goi18n

To extract new messages from the code run

goi18n extract

Then use

goi18n merge active.*.toml

to create TOML files for translation as translate.<locale>.toml. After translating the messages run

goi18n merge active.*.toml translate.*.toml

to merge the messages back into the active translation files. To add a new language you need to add the language code to main.go's i18n bundle loading code

for _, lang := range []string{"en-US", "de-DE"} {
    if _, err := bundle.LoadMessageFile(fmt.Sprintf("active.%s.toml", lang)); err != nil {
        log.Panic(err)
    }
}