feat: persist and reuse generated https certificates

Author: Mastercuber

src/_cert.ts

@@ -2,12 +2,16 @@
 import { promisify } from "node:util";
 import nodeOS from "node:os";
 import { promises as fs } from "node:fs";
+import { mkdir, writeFile } from "node:fs/promises";
 import type nodeForge from "node-forge";
 import forge from "node-forge";
 import ipRegex from "ip-regex";
 import { defu } from "defu";
+import { resolve } from "pathe";
 import type { Certificate, HTTPSOptions } from "./types";
 
+const certificateDirectory = "node_modules/.listhen/certs/";
+
 export interface CertificateOptions {
   validityDays: number;
   subject: nodeForge.pki.CertificateField[];
@@ -40,10 +44,34 @@ export interface TLSCertOptions
   passphrase?: string;
 }
 
+function pathExists(path: string) {
+  return new Promise((resolve) => {
+    fs.access(path, fs.constants.F_OK)
+      .then(() => resolve(true))
+      .catch(() => resolve(false));
+  });
+}
+
 export async function resolveCertificate(
   options: HTTPSOptions,
 ): Promise<Certificate> {
   let https: Certificate;
+
+  if (typeof options === "object" && options.reuse) {
+    // Reuse previously autogenerated certificates if exists
+    const certExists = await pathExists(certificateDirectory + "cert.pem");
+    const keyExists = await pathExists(certificateDirectory + "cert-key.pem");
+
+    if (certExists && keyExists) {
+      const cert = await fs.readFile(certificateDirectory + "cert.pem");
+      const key = await fs.readFile(certificateDirectory + "cert-key.pem");
+      return {
+        cert: cert.toString("utf8"),
+        key: key.toString("utf8"),
+      };
+    }
+  }
+
   if (typeof options === "object" && options.key && options.cert) {
     // Resolve actual certificate and cert
     https = await resolveCert(options);
@@ -95,6 +123,10 @@ async function generateCertificates(
   caOptions.passphrase = options.signingKeyPassphrase;
   const ca = await generateCACert(caOptions);
 
+  await mkdir(resolve(certificateDirectory), { recursive: true });
+  await writeFile(resolve(certificateDirectory + "ca.pem"), ca.cert);
+  await writeFile(resolve(certificateDirectory + "ca-key.pem"), ca.key);
+
   const domains = Array.isArray(options.domains)
     ? options.domains
     : ["localhost", "127.0.0.1", "::1"];
@@ -106,6 +138,10 @@ async function generateCertificates(
     signingKey: ca.key,
     domains,
   });
+
+  await writeFile(resolve(certificateDirectory + "cert.pem"), cert.cert);
+  await writeFile(resolve(certificateDirectory + "cert-key.pem"), cert.key);
+
   return { ca, cert };
 }
 

src/cli.ts

@@ -89,6 +89,11 @@ export function getArgs() {
       type: "boolean",
       description: "Enable HTTPS",
     },
+    "https.reuse": {
+      type: "boolean",
+      description: "Reuse previously autogenerated certificates",
+      default: false,
+    },
     "https.cert": {
       type: "string",
       description: "Path to TLS certificate used with HTTPS in PEM format",
@@ -155,6 +160,7 @@ export function parseArgs(args: ParsedListhenArgs): Partial<ListenOptions> {
     tunnel: args.tunnel,
     https: args.https
       ? <HTTPSOptions>{
+          reuse: args["https.reuse"],
           cert: args["https.cert"],
           key: args["https.key"],
           pfx: args["https.pfx"],

src/types.ts

@@ -10,6 +10,7 @@ export interface Certificate {
 }
 
 export interface HTTPSOptions {
+  reuse?: boolean;
   cert?: string;
   key?: string;
   pfx?: string;