Initial commit.

Author: azasypkin

.gitignore

@@ -0,0 +1,21 @@
+# Dependencies
+/node_modules
+
+# Production
+/build
+
+# Generated files
+.docusaurus
+.cache-loader
+
+# Misc
+.DS_Store
+.env.local
+.env.development.local
+.env.test.local
+.env.production.local
+.idea
+
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*

README.md

@@ -0,0 +1,41 @@
+# Website
+
+This website is built using [Docusaurus 2](https://docusaurus.io/), a modern static website generator.
+
+### Installation
+
+```
+$ yarn
+```
+
+### Local Development
+
+```
+$ yarn start
+```
+
+This command starts a local development server and opens up a browser window. Most changes are reflected live without having to restart the server.
+
+### Build
+
+```
+$ yarn build
+```
+
+This command generates static content into the `build` directory and can be served using any static contents hosting service.
+
+### Deployment
+
+Using SSH:
+
+```
+$ USE_SSH=true yarn deploy
+```
+
+Not using SSH:
+
+```
+$ GIT_USER=<Your GitHub username> yarn deploy
+```
+
+If you are using GitHub pages for hosting, this command is a convenient way to build the website and push to the `gh-pages` branch.

babel.config.js

@@ -0,0 +1,3 @@
+module.exports = {
+  presets: [require.resolve('@docusaurus/core/lib/babel/preset')],
+};

docs/guides/_category_.json

@@ -0,0 +1,10 @@
+{
+  "label": "Guides",
+  "collapsed": false,
+  "collapsible": false,
+  "position": 3,
+  "link": {
+    "type": "generated-index",
+    "description": "Learn the most important Secutils.dev functionality."
+  }
+}

docs/guides/digital_certificates.md

@@ -0,0 +1,213 @@
+---
+sidebar_position: 2
+sidebar_label: Digital Certificates
+---
+
+# What is a digital certificate?
+
+A digital certificate, also known as an SSL/TLS certificate or public key certificate, is a digital document that verifies the identity of a website, server, or other digital entity, and allows secure communication between two parties by encrypting data sent over the internet. It contains information about the identity of the certificate holder, such as their name and public key, and is issued by a trusted third-party Certificate Authority (CA).
+
+There are different types of digital certificates that can be generated with various parameters. Certificates can be password-protected, can be bundled with the keys, can rely on different cryptographic algorithms, and eventually expire. Considering these factors, it can be challenging to develop and test web applications that rely on digital certificates.
+
+On this page, you can find guides on creating digital certificate templates with parameters that match your specific needs.
+
+## Generate a key pair for a HTTPS server
+
+In this guide you'll create a template for generating a private key and self-signed certificate for a Node.js HTTPS server:
+
+1. Navigate to [Digital Certificates → Self-signed certificates](https://secutils.dev/ws/certificates__self_signed_certificates) and click **Create certificate template** button
+2. Configure a new certificate template with the following values:
+
+<table class="su-table">
+<tbody>
+<tr><td><b>Name</b></td><td><pre>https-server</pre></td></tr>
+<tr><td><b>Key algorithm</b></td><td><pre>RSA</pre></td></tr>
+<tr><td><b>Signature algorithm</b></td><td><pre>SHA-256</pre></td></tr>
+<tr><td><b>Certificate type</b></td><td><pre>End Entity</pre></td></tr>
+<tr><td><b>Key usage</b></td><td><pre>Key encipherment, Digital signature</pre></td></tr>
+<tr><td><b>Extended key usage</b></td><td><pre>TLS Web server authentication</pre></td></tr>
+<tr><td><b>Common name (CN)</b></td><td><pre>localhost</pre></td></tr>
+</tbody>
+</table>
+
+3. Click on the **Save** button to save the certificate template
+4. Once the template is set up, it will appear in the templates grid
+5. Click on the template's **Generate** button and use the following values for generation:
+
+<table class="su-table">
+<tbody>
+<tr><td><b>Format</b></td><td><pre>PKCS#12</pre></td></tr>
+<tr><td><b>Passphrase</b></td><td><pre>pass</pre></td></tr>
+</tbody>
+</table>
+
+6. Click on the **Generate** button to generate and download the certificate bundle
+7. Use the downloaded `https-server.pfx` file to configure Node.js HTTPS server:
+
+```js title="index.js"
+(async function main() {
+    const https = await import('node:https');
+    const fs = await import('node:fs');
+    
+    const httpsOptions = {
+        // highlight-start
+        // The name of the certificate bundle and the passphrase that was set in the generation dialog
+        pfx: fs.readFileSync('https-server.pfx'),
+        passphrase: 'pass'
+        // highlight-end
+    };
+    
+    https.createServer(httpsOptions, (req, res) => {
+        res.writeHead(200);
+        res.end('Hello World\n');
+    }).listen(8000);
+    
+    console.log(`Listening on https://localhost:8000`);
+})();
+```
+
+8. Run the server with and query it with the **cURL** or similar HTTP client:
+
+```bash title="Example commands"
+// Start server
+$ node index.js 
+Listening on https://localhost:8000
+
+// Query the server with cURL
+$ curl -kv https://localhost:8000
+*   Trying 127.0.0.1:8000...
+...
+* Server certificate:
+*  subject: CN=localhost; C=US; ST=California; L=San Francisco; O=CA Issuer, Inc
+*  ...
+*  issuer: CN=localhost; C=US; ST=California; L=San Francisco; O=CA Issuer, Inc
+*  SSL certificate verify result: self-signed certificate (18), continuing anyway.
+...
+> GET / HTTP/1.1
+> Host: localhost:8000
+> User-Agent: curl/7.88.1
+> ...
+< HTTP/1.1 200 OK
+< ....
+< 
+Hello World
+```
+
+Watch the video demo below to see all the steps mentioned earlier in action:
+
+<video controls preload="metadata" width="100%">
+  <source src="../video/guides/certificates_https_server.webm" type="video/webm" />
+  <source src="../video/guides/certificates_https_server.mp4" type="video/mp4" />
+</video>
+
+## Export a private key as a JSON Web Key (JWK)
+
+In this guide, you will generate a private key in PKCS#8 format and then export it to a JSON Web Key (JWK) using a custom responder and the browser's built-in Web Crypto API:
+
+1. Navigate to [Digital Certificates → Self-signed certificates](https://secutils.dev/ws/certificates__self_signed_certificates) and click **Create certificate template** button
+2. Configure a new certificate template with the following values:
+
+<table class="su-table">
+<tbody>
+<tr><td><b>Name</b></td><td><pre>jwk</pre></td></tr>
+<tr><td><b>Key algorithm</b></td><td><pre>ECDSA</pre></td></tr>
+<tr><td><b>Signature algorithm</b></td><td><pre>SHA-256</pre></td></tr>
+<tr><td><b>Certificate type</b></td><td><pre>End Entity</pre></td></tr>
+</tbody>
+</table>
+
+3. Click on the **Save** button to save the certificate template
+4. Once the template is set up, it will appear in the templates grid
+5. Now, navigate to [Webhooks → Responders](https://secutils.dev/ws/webhooks__responders) and click **Create responder** button
+6. Configure a new responder with the following values:
+
+<table class="su-table">
+<tbody>
+<tr><td><b>Name</b></td><td><pre>subtle-crypto</pre></td></tr>
+<tr><td><b>Method</b></td><td><pre>GET</pre></td></tr>
+<tr>
+    <td><b>Headers</b></td>
+<td>
+
+```http
+Content-Type: text/html; charset=utf-8
+```
+</td>
+</tr>
+<tr>
+    <td><b>Body</b></td>
+<td>
+
+```html
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Subtle Crypto</title>
+  <style>
+    h1 { text-align: center }
+    pre {
+      outline: 1px solid #ccc;
+      padding: 5px;
+      margin: auto;
+      width: 30%;
+      overflow: hidden;
+      text-overflow: ellipsis;
+    }
+  </style>
+  <script type="text/javascript">
+    (async function main() {
+      // Call certificate/key pair "Generate" API.
+      const response = await fetch("/api/utils/action", {
+        method: "POST",
+        credentials: "same-origin",
+        headers: {"Content-Type": "application/json"},
+        body: JSON.stringify({
+          action: {
+            type: "certificates",
+            value: {
+              type: "generateSelfSignedCertificate",
+              value: { templateName: "jwk", format: "pkcs8" }
+            }
+          }
+        })
+      });
+
+      // Import generated PKCS#8 key as SubtleCrypto's CryptoKey.
+      const cryptoKey = await window.crypto.subtle.importKey(
+          "pkcs8",
+          new Uint8Array((await response.json()).value.value.certificate),
+          { name: "ECDSA", namedCurve: "P-384" },
+          true,
+          ["sign"]
+      )
+
+      // Export CryptoKey as JWK and render it.
+      document.getElementById("jwk").textContent = JSON.stringify(
+          await window.crypto.subtle.exportKey('jwk', cryptoKey),
+          null,
+          2
+      );
+    })();
+  </script>
+</head>
+<body>
+<h1>PKCS#8 ➡ JSON Web Key (JWK)</h1>
+<pre id="jwk">Loading...</pre>
+</body>
+</html>
+```
+</td>
+</tr>
+</tbody>
+</table>
+
+7. Click on the **Save** button to save the responder
+8. Once the responder is set up, it will appear in the responders grid along with its unique URL
+9. Click on the responder's URL and observe that it renders a JSON Web Key (JWK) derived from your ECDSA key template
+
+Watch the video demo below to see all the steps mentioned earlier in action:
+
+<video controls preload="metadata" width="100%">
+  <source src="../video/guides/certificates_jwk_export.webm" type="video/webm" />
+  <source src="../video/guides/certificates_jwk_export.mp4" type="video/mp4" />
+</video>

docs/guides/web_security/_category_.json

@@ -0,0 +1,10 @@
+{
+  "label": "Web Security",
+  "collapsed": false,
+  "collapsible": false,
+  "position": 4,
+  "link": {
+    "type": "generated-index",
+    "description": "Learn more about Secutils.dev tools for dealing with web security."
+  }
+}