GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → PeculiarVentures → tl-create

PeculiarVentures / tl-create

Licence: MIT license
tl-create is a cross-platform command line tool to create a X.509 trust list from various trust stores. (Keywords: CABFORUM, eIDAS, WebPKI)

Programming Languages

HTML
75241 projects
typescript
32286 projects
javascript
184084 projects - #8 most used programming language

Labels

microsoftapplecertificatesmozillaxadesxmldsigeutltrust-stores

Projects that are alternatives of or similar to tl-create

Daily Coding Problem
Series of the problem 💯 and solution ✅ asked by Daily Coding problem👨‍🎓 website.
Stars: ✭ 90 (+181.25%)
Mutual labels:  microsoft, apple
Ca Bundle
The Mozilla CA bundle extracted and converted to PEM. This repository functions as a backup to the automated service on the curl web site.
Stars: ✭ 177 (+453.13%)
Mutual labels:  certificates, mozilla
add-to-calendar-button
A convenient JavaScript snippet, which lets you create beautiful buttons, where people can add events to their calendars.
Stars: ✭ 697 (+2078.13%)
Mutual labels:  microsoft, apple
Ngx Auth Firebaseui
Angular Material UI component for firebase authentication
Stars: ✭ 518 (+1518.75%)
Mutual labels:  microsoft, apple
Microsoft Todo Mac
🐜 Microsoft-ToDo macOS App. 微软Todo mac客户端.
Stars: ✭ 138 (+331.25%)
Mutual labels:  microsoft, apple
browserslist-config-google
Google / Google Workspace Browserslist Shared Config
Stars: ✭ 27 (-15.62%)
Mutual labels:  microsoft, mozilla
libdigidocpp
Libdigidocpp library offers creating, signing and verification of digitally signed documents, according to XAdES and XML-DSIG standards. Documentation http://open-eid.github.io/libdigidocpp
Stars: ✭ 80 (+150%)
Mutual labels:  xades, xmldsig
BimlFlex-Community
Community-focused content to supplement working with BimlFlex.
Stars: ✭ 30 (-6.25%)
Mutual labels:  microsoft
brewfile
🍎 Brewfile to install softwares in macOS for engineers
Stars: ✭ 37 (+15.63%)
Mutual labels:  apple
albumArtCreator
A simple tool to make it easy to create good looking album art
Stars: ✭ 26 (-18.75%)
Mutual labels:  apple
MSession
A simple and sophisticated session and authentication solution written in Swift
Stars: ✭ 26 (-18.75%)
Mutual labels:  apple
dotnet-security-unit-tests
A web application that contains several unit tests for the purpose of .NET security
Stars: ✭ 25 (-21.87%)
Mutual labels:  microsoft
crossbow
Cross-Platform Rust Toolkit for Games 🏹
Stars: ✭ 80 (+150%)
Mutual labels:  apple
LPThumbnailView
A thumbnail view for iOS to give context to multiple images/videos using thumbnails and counter.
Stars: ✭ 54 (+68.75%)
Mutual labels:  apple
SwiftUIFormValidator
Declarative form validator for SwiftUI.
Stars: ✭ 34 (+6.25%)
Mutual labels:  apple
dotAPNS
dotAPNS is a library used to send push notifications to Apple devices using Apple Push Notification service via HTTP/2 API.
Stars: ✭ 80 (+150%)
Mutual labels:  apple
mozscreenshots
Take screenshots of Mozilla applications in various UI configurations
Stars: ✭ 17 (-46.87%)
Mutual labels:  mozilla
onepile
Playground for the future of private notes and document management
Stars: ✭ 41 (+28.13%)
Mutual labels:  apple
powerapps-specflow-bindings
A SpecFlow bindings library for model-driven Power Apps.
Stars: ✭ 19 (-40.62%)
Mutual labels:  microsoft
airplayreceiver
Open source implementation of AirPlay 2 Mirroring / Audio protocol.
Stars: ✭ 84 (+162.5%)
Mutual labels:  apple
View All Similar Projects ➔

tl-create

license Build Status NPM version

NPM

A cross platform command line tool to create a X.509 trust list from various trust stores.

There are various organizations that produce lists of certificates that they believe should be trusted for one thing or another. These include:

  • Mozilla list
  • Microsoft list,
  • Apple list
  • European Union "Trust Service Providers" list

Each of these lists have their own formats, this tool parses the lists provided by these other organizations and extracts the certificates that meet the specified criteria (for "email" as an example) and produces a PEM certificate bag these certificates.

For example to extract the roots that are trusted for email, code and web from both the EU Trust List and the Mozilla list the command would look like this:

node src/bin/tl-create.js --eutl --mozilla --for 'EMAIL_PROTECTION,CODE_SIGNING' --format pem roots.pem

This would produce a file that looked something like this:

 Country: UK
 Operator: European Commission
 Source: EUTL
 -----BEGIN CERTIFICATE-----
 ...
 ...
 -----END CERTIFICATE-----
 Operator: DigiCert, Inc
 For: email, www, code
 Source: Mozilla
 -----BEGIN CERTIFICATE-----
 ...
 ...
 -----END CERTIFICATE-----

Usage

Extract all Microsoft Roots

node src/bin/tl-create.js --microsoft --format pem roots.pem

Valid Microsoft trust purposes

  SERVER_AUTH
  CLIENT_AUTH
  CODE_SIGNING
  EMAIL_PROTECTION
  IPSEC_END_SYSTEM
  IPSEC_TUNNEL
  IPSEC_USER
  TIME_STAMPING
  OCSP_SIGNING
  IPSEC_PROTECTION
  DOCUMENT_SIGNING
  EFS_CRYPTO

Extract all Mozilla Roots

node src/bin/tl-create.js --mozilla --format pem roots.pem

Valid Mozilla trust purposes

  DIGITAL_SIGNATURE
  NON_REPUDIATION
  KEY_ENCIPHERMENT
  DATA_ENCIPHERMENT
  KEY_AGREEMENT
  KEY_CERT_SIGN
  CRL_SIGN
  SERVER_AUTH
  CLIENT_AUTH
  CODE_SIGNING
  EMAIL_PROTECTION
  IPSEC_END_SYSTEM
  IPSEC_TUNNEL
  IPSEC_USER
  TIME_STAMPING
  STEP_UP_APPROVED

Extract all Apple Roots

node src/bin/tl-create.js --apple --format pem roots.pem

Extract all EUTL Roots

node src/bin/tl-create.js --eutl --format pem roots.pem

Extract only SERVER_AUTH certificates from Mozilla and Microsoft

node src/bin/tl-create.js --mozilla --microsoft --for "SERVER_AUTH" --format pem roots.pem

NOTE: The default is ALL purposes

Available ouptut formats

js
pkijs
pem
files

The "files" format is intended to store all certificates in separate files under specific directory. For example if a certificate exists in Mozilla Trust List and has "SubjectKeyIdentifier" equal to "ABABABABABABABBB" the certificate content would be stored under "mozilla/ABABABABABABABBB". So, for Mozilla Trust List root directory would be "mozilla", for Microsoft - "microsoft", for Apple - "apple", for Cisco - "cisco".

NOTE: Default ouput format is 'js'

Install

git clone https://github.com/PeculiarVentures/tl-create.git
cd tl-create
npm install -g

Bug Reporting

Please report bugs either as pull requests or as issues in the issue tracker. tl-create has a full disclosure vulnerability policy. Please do NOT attempt to report any security vulnerability in this code privately to anybody.

TODO

Related

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].