Rewrite to TypeScript

.editorconfig

@@ -0,0 +1,17 @@
+# top-most EditorConfig file
+root = true
+
+# Unix-style newlines with a newline ending every file
+[*]
+charset = utf-8
+indent_style = space
+indent_size = 2
+end_of_line = lf
+trim_trailing_whitespace = true
+insert_final_newline = true
+
+[*.md]
+indent_size = 4
+# In Markdown a trailing double space is interpreted as <br>
+trim_trailing_whitespace = false
+max_line_length = off

.github/workflows/test.yml

@@ -10,19 +10,20 @@ on:
 
   pull_request:
     branches:
-      - main
+      - master
     paths-ignore:
       - '**/*.md'
       - '.gitignore'
 
 jobs:
-  build:
+  test:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-node@v3
-      - run: npm install
-      - run: node resources.js
-      - run: wget ${{ secrets.CERT_LINK }}
+      - uses: actions/checkout@v4
+      - uses: oven-sh/setup-bun@v1
+      - run: bun install
+      - run: bun type-check
+      - run: bun ca-downloader
+      - run: wget ${{ secrets.CERT_LINK }} -O cert.zip
       - run: unzip -P ${{ secrets.CERT_PASS }} cert.zip -d cert-files
-      - run: node index.js cert-files | grep 'Revoked'
+      - run: bun certcheck cert-files/cert.p12 --password ${{ secrets.CERT_PASS }} | grep -q "revoked"

.gitignore

@@ -1,9 +1,107 @@
-*.DS_Store
-CA-CER/
-CA-PEM/
-cert.p12
-pass.txt
-*.pem
+.envrc
+CA-PEM
+
+# Dependencies
 node_modules/
-cert-files
-pnpm-lock.yaml
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+
+# Build output
+dist/
+*.tsbuildinfo
+
+# Runtime data
+pids
+*.pid
+*.seed
+*.pid.lock
+
+# Coverage directory used by tools like istanbul
+coverage/
+*.lcov
+
+# nyc test coverage
+.nyc_output
+
+# Grunt intermediate storage
+.grunt
+
+# Bower dependency directory
+bower_components
+
+# node-waf configuration
+.lock-wscript
+
+# Compiled binary addons
+build/Release
+
+# Dependency directories
+jspm_packages/
+
+# TypeScript cache
+*.tsbuildinfo
+
+# Optional npm cache directory
+.npm
+
+# Optional eslint cache
+.eslintcache
+
+# Microbundle cache
+.rpt2_cache/
+.rts2_cache_cjs/
+.rts2_cache_es/
+.rts2_cache_umd/
+
+# Optional REPL history
+.node_repl_history
+
+# Output of 'npm pack'
+*.tgz
+
+# Yarn Integrity file
+.yarn-integrity
+
+# dotenv environment variables file
+.env
+.env.test
+
+# parcel-bundler cache
+.cache
+.parcel-cache
+
+# Next.js build output
+.next
+
+# Nuxt.js build / generate output
+.nuxt
+dist
+
+# Gatsby files
+.cache/
+public
+
+# Storybook build outputs
+.out
+.storybook-out
+
+# Temporary folders
+tmp/
+temp/
+
+# Editor directories and files
+.vscode/
+.idea/
+*.swp
+*.swo
+*~
+
+# OS generated files
+.DS_Store
+.DS_Store?
+._*
+.Spotlight-V100
+.Trashes
+ehthumbs.db
+Thumbs.db

README.md

@@ -1,11 +1,9 @@
 # CertCheck
-Node JS utility to check the signature of Apple P12 Certificates.
+Modern TypeScript utility to check the signature of Apple P12 Certificates using idiomatic TypeScript and modern APIs.
 
 *Confirmed to work on macOS, Windows, and Linux.*
 
-*Works with both enterprise and developer certificates.*
-
-Includes tool to convert CER files to PEM. (See [**cer-to-pem.js**](https://github.com/JailbreaksApp/CertCheck/blob/master/cer-to-pem.js))
+*Works with enterprise, developer, and distribution certificates.*
 
 ## Contact
  - [**Twitter** **(@iCrazeiOS)**](https://twitter.com/iCrazeiOS)
@@ -16,16 +14,141 @@ Includes tool to convert CER files to PEM. (See [**cer-to-pem.js**](https://gith
  - **BTC:** bc1q0ghuykcutljjyh3tcdjv88ek8zjzrtnk8zhuhy
 
 ## Requirements
- - Node JS (with `ocsp` & `node-forge` modules)
+ - [Bun](https://bun.sh) (v1.0.0 or higher)
+ - TypeScript (for development)
+
+## Installation
+```bash
+# Install Bun (if not already installed)
+curl -fsSL https://bun.sh/install | bash
+
+# Install dependencies (only if you want to develop, otherwise see the bunx command below)
+bun install
+```
 
 ## Usage
- **Standard usage:**
-  - Have cert.p12 and pass.txt in the same directory as the script.
-  - Run `node index.js`
 
- **Specify directory:**
-  - Have cert.p12 and pass.txt in a different directory than the script.
-  - Run `node index.js "/path/to/directory"`
+## Give me quick copy-paste command I’m impatient
+
+```bash
+bunx github:Olympta/CertCheck certcheck cert.p12 --password 123456
+```
+
+No need to clone the repo.
+
+### Using Package Scripts (Recommended)
+```bash
+# Main certificate checker
+bun certcheck cert.p12 --password yourpassword
+
+# With JSON output
+bun certcheck cert.p12 --password yourpassword --json
+
+# Short password flag
+bun certcheck cert.p12 -p yourpassword
+
+# Download Apple CA certificates (run this first)
+bun ca-downloader
+```
+
+### Direct Bun Execution
+```bash
+# Basic usage with P12 file and password
+bun certcheck cert.p12 --password yourpassword
+
+# With JSON output
+bun certcheck cert.p12 --password yourpassword --json
+
+# Short password flag
+bun certcheck cert.p12 -p yourpassword
+
+# Absolute paths work too
+bun certcheck /path/to/cert.p12 --password yourpassword
+```
+
+### Environment Variables
+```bash
+# Set environment variables
+export CERT_P12_PATH=cert.p12
+export CERT_P12_PASSWORD=yourpassword
+
+# Run without arguments
+bun certcheck
+
+# JSON output still works
+bun certcheck --json
+```
+
+### Mixed Usage (CLI overrides environment variables)
+```bash
+# Environment variables as fallback
+CERT_P12_PATH=cert.p12 bun certcheck --password yourpassword
+CERT_P12_PASSWORD=yourpassword bun certcheck cert.p12
+
+# CLI arguments always take priority
+CERT_P12_PATH=wrong.p12 CERT_P12_PASSWORD=wrongpass bun certcheck cert.p12 --password yourpassword
+```
+
+### Download Apple CA Certificates
+```bash
+# Download and convert Apple CA certificates (run this first)
+bun ca-downloader
+```
+
+## File Structure
+```
+src/
+├── index.ts              # OCSP certificate revoke checker
+├── caDownloader.ts       # Apple CA certificates downloader
+├── p12Utils.ts           # P12 to PEM conversion utilities
+├── cerUtils.ts           # CER to PEM converter class
+└── types/
+    └── ocsp.d.ts         # OCSP module type definitions
+```
+
+## Development
+```bash
+# Install dependencies
+bun install
+
+# Type check
+bun type-check
+
+# Run main application
+bun certcheck cert.p12 --password yourpassword
+
+# Download Apple CA certificates
+bun ca-downloader
+
+# Development mode
+bun dev cert.p12 --password yourpassword
+bun dev:ca-downloader
+```
+
+## Example Output
+
+### Good Certificate
+```bash
+$ bun certcheck cert.p12 --password 123456
+Certificate Name: John Doe
+Certificate Status: good
+Certificate Expiration Date: Sat, 22 Aug 2026 18:21:48 GMT
+```
+
+### Revoked Certificate
+```bash
+$ bun certcheck revoked.p12 --password 123456
+Certificate Name: Jane Smith
+Certificate Status: revoked
+Certificate Expiration Date: Thu, 23 Jul 2026 00:06:58 GMT
+Certificate Revocation Date: Mon, 25 Aug 2025 18:37:02 GMT
+```
+
+### JSON Output
+```bash
+$ bun certcheck cert.p12 --password 123456 --json
+{"name":"John Doe","expirationDate":"Sat, 22 Aug 2026 18:21:48 GMT","status":"good"}
+```
 
- **JSON output:**
-  - Follow steps for other examples, but add `--json` to the end of the command. (MUST be after custom directory, if you are using one)
+## License
+MIT