npmpackage.info

node-opcua-crypto

node-opcua certificate tools & encryption/signature support

4.12.0

MIT

TypeScript

Installations

npm install node-opcua-crypto

Score

86.5

Supply Chain

95.9

Quality

84.5

Maintenance

100

Vulnerability

97.6

License

Pull Requests

Open

6

Total

52

Closed

22

Merged

24

Issues

Open

2

Total

9

Closed

7

Releases

v4.11.0

Published on 05 Oct 2024

v4.10.0

Published on 24 Sept 2024

v4.7.0

Published on 21 Jan 2024

v4.5.0

Published on 07 Sept 2023

4.2.0

Published on 17 Aug 2023

v3.0.0

3.0.0

Published on 23 May 2023

View all 10 releases

Developer

node-opcua

Developer Guide

BETA

Module System

CommonJS, ESM

Min. Node Version

Typescript Support

Yes

Node Version

20.15.0

NPM Version

lerna/8.1.8/node@v20.15.0+x64 (linux)

Statistics

5 Stars

348 Commits

10 Forks

4 Watching

22 Branches

6 Contributors

Updated on 13 Oct 2024

Languages

TypeScript (96.65%)

JavaScript (2.07%)

HTML (1.17%)

Makefile (0.11%)

Total Downloads

Cumulative downloads

Total Downloads

3,844,577

Last day

-34.8%

3,056

Compared to previous day

Last week

2.5%

25,622

Compared to previous week

Last month

-20.6%

109,883

Compared to previous month

Last year

8.9%

1,309,403

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

@peculiar/webcrypto @peculiar/x509 @types/jsrsasign @types/sshpk assert chalk hexy jsrsasign sshpk

Dev Dependencies

@types/node lorem-ipsum

Versions

node-opcua-crypto

NodeOPCUA Crypto is a powerful JavaScript module for handling security and cryptography for OPCUA. It's written in TypeScript and runs smoothly on Node.js and in the browser.

Features

a comprehensive set of cryptographic functionalities.
supports both Node.js and browser environments.
compatible with TypeScript for robust, type-safe coding.
implements advanced security standards for OPCUA.

Getting Started

To use NodeOPCUA Crypto in your project, follow these steps:

Installation

1npm install nodeopcua-crypto

Usage

1
2import { generatePrivateKey, privateKeyToPEM, CertificatePurpose, createSelfSignedCertificate } from "./node-opcua-crypto.js";
3
4async function demonstratePrivateKeyAndSelfSignedCertificateCreation() {
5
6    // create the Private Key
7    const privateKey = await generatePrivateKey();
8
9    // convert the private key to a PEM format
10    const { privPem } = await privateKeyToPEM(privateKey);
11
12    console.log(privPem);
13
14    // create a self-sign certificate
15    const { cert } = await createSelfSignedCertificate({
16        privateKey,
17        notAfter: new Date(2025, 1, 1),
18        notBefore: new Date(2019, 1, 1),
19        subject: "CN=Test",
20        dns: ["DNS1", "DNS2"],
21        ip: ["192.168.1.1"],
22        applicationUri: "urn:HOSTNAME:ServerDescription",
23        purpose: CertificatePurpose.ForApplication,
24    });
25    console.log(cert);
26}
27demonstratePrivateKeyAndSelfSignedCertificateCreation();
28
29

Please refer to the examples directory for more specific use cases and comprehensive samples.

Support

Sterfive provides this module free of charge, "as is," with the hope that it will be useful to you. However, any support requests, bug fixes, or enhancements are handled exclusively through our paid services. We believe strongly that independent open-source companies should be fairly compensated for their contributions to the community.

We highly recommend subscribing to our support program to ensure your requests are addressed and resolved. Please note that we only consider requests from members of our support program or sponsors.

Getting professional support

NodeOPCUA Crypto is developed and maintained by sterfive.com.

To get professional support, consider subscribing to the node-opcua membership community:

or contact sterfive for dedicated consulting and more advanced support.

Contributing

We appreciate contributions from the community. To contribute:

Fork the repository.
Create a new branch.
Commit your changes.
Submit a pull request.
Sign the CLA (Contributor Licence Agreement) form

For more detailed instructions, refer to the CONTRIBUTING.md file.

License

NodeOPCUA Crypto is MIT licensed. See the LICENSE file for full license details.

Disclaimer

NodeOPCUA Crypto is provided as-is, and while we strive to ensure its quality and security, Sterfive.com cannot be held liable for any damage caused directly or indirectly by the usage of this module.

Please report any issues or vulnerabilities you find via the issue tracker.

Thank you for considering NodeOPCUA Crypto for your OPCUA cryptography needs. We look forward to seeing what you build with i

Supporting the development effort - Sponsors & Backers

If you like node-opcua-crypto and if you are relying on it in one of your projects, please consider becoming a backer and sponsoring us, this will help us to maintain a high-quality stack and constant evolution of this module.

If your company would like to participate and influence the development of future versions of node-opcua and its components, please contact sterfive.

No vulnerabilities found.

10

Maintained

Determines if the project is "actively maintained".

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

License

Determines if the project has defined a license.

8

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

0

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 0

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/node-opcua/node-opcua-crypto/main.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/node-opcua/node-opcua-crypto/main.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/node-opcua/node-opcua-crypto/main.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/node-opcua/node-opcua-crypto/main.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/node-opcua/node-opcua-crypto/main.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/node-opcua/node-opcua-crypto/main.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/node-opcua/node-opcua-crypto/main.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/node-opcua/node-opcua-crypto/main.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/node-opcua/node-opcua-crypto/main.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:84: update your workflow using https://app.stepsecurity.io/secureworkflow/node-opcua/node-opcua-crypto/main.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/node-opcua/node-opcua-crypto/main.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/node-opcua/node-opcua-crypto/main.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:113: update your workflow using https://app.stepsecurity.io/secureworkflow/node-opcua/node-opcua-crypto/main.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:121: update your workflow using https://app.stepsecurity.io/secureworkflow/node-opcua/node-opcua-crypto/main.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:127: update your workflow using https://app.stepsecurity.io/secureworkflow/node-opcua/node-opcua-crypto/main.yml/master?enable=pin
Warn: npmCommand not pinned by hash: .github/workflows/main.yml:32
Warn: npmCommand not pinned by hash: .github/workflows/main.yml:56
Info: 0 out of 15 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 2 npmCommand dependencies pinned

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Security-Policy

Determines if the project has published a security policy.

0

Fuzzing

Determines if the project uses fuzzing.

0

SAST

Determines if the project uses static code analysis.

Score

4.6

/10

Last Scanned on 2024-11-25

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More