{"id":23440672,"url":"https://github.com/simionrobert/cloud-signature-consortium","last_synced_at":"2025-04-13T09:12:52.245Z","repository":{"id":42321135,"uuid":"205670734","full_name":"simionrobert/cloud-signature-consortium","owner":"simionrobert","description":"Cloud Signature Consortium Remote Signature Service Provider in Node.js","archived":false,"fork":false,"pushed_at":"2022-12-11T06:11:18.000Z","size":26757,"stargazers_count":26,"open_issues_count":19,"forks_count":5,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-04-13T09:12:44.455Z","etag":null,"topics":["certificate","cloud-signature-consortium","csc","digital-signature","mongodb","nodejs","openssl","softhsm2","softhsmv2"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/simionrobert.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-09-01T12:05:49.000Z","updated_at":"2024-08-22T17:03:32.000Z","dependencies_parsed_at":"2023-01-26T17:02:30.476Z","dependency_job_id":null,"html_url":"https://github.com/simionrobert/cloud-signature-consortium","commit_stats":null,"previous_names":["simionrobert/csc-framework"],"tags_count":8,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simionrobert%2Fcloud-signature-consortium","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simionrobert%2Fcloud-signature-consortium/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simionrobert%2Fcloud-signature-consortium/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simionrobert%2Fcloud-signature-consortium/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/simionrobert","download_url":"https://codeload.github.com/simionrobert/cloud-signature-consortium/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248688565,"owners_count":21145766,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["certificate","cloud-signature-consortium","csc","digital-signature","mongodb","nodejs","openssl","softhsm2","softhsmv2"],"created_at":"2024-12-23T16:17:21.456Z","updated_at":"2025-04-13T09:12:52.221Z","avatar_url":"https://github.com/simionrobert.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# CSC - Cloud Signature Consortium\n\n![Build Status](https://github.com/simionrobert/cloud-signature-consortium/workflows/Node.js%20CI/badge.svg) [![Dependency Status](https://david-dm.org/simionrobert/CSC-Framework/status.svg)](https://david-dm.org/simionrobert/CSC-Framework)\n\nA CSC RSSP - Cloud Signature Consortium Remote Signature Service Provider -, written in Node.js using SoftHSMv2 as HSM.\nThis application follows the [CSC API V1.0.4.0](https://cloudsignatureconsortium.org/resources/download-api-specifications/) specification. It also includes an OAuth 2.0 server for your particular needs.\n\nAn ASP.NET Core variant is available at [cloud-signature-consortium-asp-net-core](https://github.com/simionrobert/cloud-signature-consortium-asp-net-core)\n\nInstalling globally via `npm`:\n\n```\nnpm install -g csc-server\n```\n\n## Prerequistes\n\n1. Install Mongodb from [mongodb.com](https://www.mongodb.com/download-center/community)\n2. Install [OpenSC](https://github.com/OpenSC/OpenSC/releases) that is needed for interacting with the SoftHSMv2 dll module. We will use `pkcs11-tool` exe.\n\n3. Install [SoftHSMv2](https://github.com/opendnssec/SoftHSMv2) or just copy it from the project's [release binaries](https://github.com/simionrobert/cloud-signature-consortium/releases) to the resources folder.\n\n- Set environment variabile `SOFTHSM2_CONF=%path_to_softhsm2\\lib\\softhsm2.conf%`\n- In the file path\\to\\softhsm2.conf, set `directories.tokendir=%path_to_softhsm2\\tokens_folder%`\n- Initialize a new softhsm2 token with `%path_to_softhsm2\\bin\\softhsm2-util.exe%`\n\n```\nsofthsm2-util --init-token --slot 0 --label \"mytoken\"\n```\n\n4. Install [OpenSSL](https://github.com/openssl/openssl) or just copy it from the project's [release binaries](https://github.com/simionrobert/cloud-signature-consortium/releases) to the resources folder.\n\n- Generate a new certificate and private key for your https/SSL/TLS service and put them in the resources folder of the application (the one provided in config.json. See point 5):\n\n```\nopenssl req -x509 -newkey rsa:4096 -keyout keySSL.pem -out certSSL.pem -days 365\n```\n\nIn the [release version](https://github.com/simionrobert/cloud-signature-consortium/releases) you will find the following binaries:\n\n- OpenSSL 1.1.1.d x86 (used by the app)\n- SoftHSMv2 (used by the app)\n- PKCS11Admin - 0.5.0 (Optional GUI to help you see the token objects)\n\n5. Configure the service settings. See [Configuration](#configuration).\n\nAfter you successfully installed and configured all the prerequistes, you can proceed to [Usage](#usage).\n\n## Usage\n\nCreate your own user:\n\n```\ncsc-server --createUser --user=\"username\" --pass=\"password\" --pin=\"pin\"\n\n```\n\nIf you plan to use OAuth 2.0, create your own client:\n\n```\ncsc-server --createClient --name=name --id=id --secret=secret --redirectUri=redirectUri\n```\n\nStart CSC Server:\n\n```\ncsc-server -l\n```\n\nNow you have a fully functional CSC server.\n\n## Example Usage\n\n```\nUsage:\n   csc-server [options]\n\nOptions:\n  --createUser    Create a user using the arguments below.\n       --user           Username of the user.\n       --pass           Password of the user.\n       --pin            PIN associated with the generated private key.\n\n  --createClient  Create an OAuth 2.0 client using the arguments below.\n       --name          Name of the client application.\n       --id            Client id.',\n       --secret        Client_secret.\n       --redirectUri   Redirect_uri.\n\n  --listen, -l     Start the server\n       --silent, -s     Suppress log messages from output.\n\n  --version, -v    Print the version and exit.\n  --help, -h       Print this list and exit.\nExamples\n   csc-server -l\n   csc-server --createUser --user=username --pass=password --pin=pin\n   csc-server --createClient --name=name --id=id --secret=secret --redirectUri=redirectUri\n```\n\n## Configuration\n\nThe configuration file is located at `%userprofile%/AppData/Roaming/npm/node_modules/csc-server/config/config.json`.\nFeel free to customize and provide the correct paths of the software you installed in the [Prerequistes](#prerequistes).\n\n```\n{\n    \"csc\": {\n        \"access_token_expiring_time\": 3600,\n        \"refresh_token_expiring_time\": 7200,\n        \"sad_expiring_time\": 1800,\n        \"code_expiring_time\": 600,\n        \"otp_expiring_time\": 1800,\n        \"max_results\": 10\n    },\n    \"https\": {\n        \"host\": \"0.0.0.0\",\n        \"port\": \"8080\",\n        \"certificate\": \"D:/Scoala/Dizertatie/CSC Framework/resources/certSSL.pem\",\n        \"private_key\": \"D:/Scoala/Dizertatie/CSC Framework/resources/keySSL.pem\",\n        \"private_key_password\": \"0000\"\n    },\n    \"database_url\": \"mongodb://localhost:27017/csc\",\n    \"resources_path\": \"D:/Scoala/Dizertatie/CSC Framework/resources\",\n    \"softhsm2_driver_path\": \"D:/Scoala/Dizertatie/CSC Framework/utils/SoftHSMv2/lib/softhsm2.dll\",\n    \"openSSL_path\": \"D:/Scoala/Dizertatie/CSC Framework/utils/openssl-1.1.1-x86/openssl.exe\",\n    \"openSC_path\": \"C:/Program Files (x86)/OpenSC Project/OpenSC/tools/pkcs11-tool.exe\",\n    \"token\": {\n        \"slot\": \"189467408\",\n        \"pin\": \"0000\"\n    }\n}\n```\n\nYou can also configure the endpoint `/csc/v1/info` results in the `%userprofile%/AppData/Roaming/npm/node_modules/csc-server/config/info.json` configuration file.\n\n```\n{\n    \"specs\": \"1.0.3.0\",\n    \"name\": \"CSC Provider\",\n    \"logo\": \"https://service.domain.org/images/logo.png\",\n    \"region\": \"RO\",\n    \"lang\": \"en-US\",\n    \"description\": \"An efficient remote signature service\",\n    \"authType\": [\n            \"basic\",\n            \"oauth2code\"\n    ],\n    \"oauth2\": \"https://www.domain.org/\",\n    \"methods\": [\n            \"auth/login\",\n            \"auth/revoke\",\n            \"credentials/list\",\n            \"credentials/info\",\n            \"credentials/authorize\",\n            \"credentials/sendOTP\",\n            \"signatures/signHash\",\n            \"oauth2/authorize\",\n            \"oauth2/token\"\n    ]\n}\n```\n## Supported PKCS#1 Signing Types\n\nCurrently, only CKM_RSA_PKCS is supported with SHA1, SHA256, SHA512.\nOnly no-padded base64 hashes needs to be provided at the service endpoints.\n\n\n## Testing\n\nA Postman request collection is provided in [docs](https://github.com/simionrobert/cloud-signature-consortium/tree/master/docs) folder. There is also a json collection containing the environment variabiles used in the requests based on the server responses through Tests. They can be imported in Postman using File \u003e Import.\n\nKeep in mind that you must open a browser an enter the links provided in the collection for the **oauth2/authorize service** and **oauth2/authorize credentials** to actually test them (We simulate an application client throught our browser). After login and user acceptance, the application client's redirect_uri will be called with an **authorization code** provided in the link as a query parameter. You should copy that code and paste it in the Postman request body of **/oauth2/token**.\n\nAlso you should set **SSL certificate verification** to **off** from File \u003e Settings \u003e General, because the service's certificate is not trusted by our computer.\n\nFeel free to test the application.\n\n## Authors\n\n- **Simion Robert George** - [simionrobert](https://github.com/simionrobert)\n\nSee also the list of [contributors](https://github.com/simionrobert/CSC-Framework/contributors) who participated in this project.\n\nI really appreciate all kinds of feedback and contributions.\n\n**Aditional notes:**\nIf you have some issues referring parts of code in the master branch add them in the issues section.\n\n## License\n\nThis project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsimionrobert%2Fcloud-signature-consortium","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsimionrobert%2Fcloud-signature-consortium","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsimionrobert%2Fcloud-signature-consortium/lists"}