PKI.js is a pure JavaScript library implementing the formats that are used in PKI applications (signing, encryption, certificate requests, OCSP and TSP requests/responses). It is built on WebCrypto (Web Cryptography API) and requires no plug-ins.
Due to the structure change, this Pull Request can introduce breaking changes
Distinguished Name implementation
Add DistinguishedName class which contains a collection of RelativeDistinguishedName
according to RFC5280 and X.501.
Subject and Issuer properties in Certificate, CRL, OCSP, ... classes doesn't accept Array anymore but Array.
Instead of:
certificate.issuer.typesAndValues.push(new AttributeTypeAndValue({
type: "2.5.4.6", // Country name
value: new asn1js.PrintableString({ value: "RU" })
}));
certificate.issuer.typesAndValues.push(new AttributeTypeAndValue({
type: "2.5.4.3", // Common name
value: new asn1js.BmpString({ value: "Test" })
}));
You must declare these fields with:
certificate.issuer.relativeDistinguishedNames.push(new RelativeDistinguishedNames({
typesAndValues: [new AttributeTypeAndValue({
type: "2.5.4.6", // Country name
value: new asn1js.PrintableString({ value: "RU" })
})]
}));
certificate.issuer.relativeDistinguishedNames.push(new RelativeDistinguishedNames({
typesAndValues: [new AttributeTypeAndValue({
type: "2.5.4.3", // Common name
value: new asn1js.BmpString({ value: "Test" })
})]
}));
DN toString()
For debugging purpose or more, it could be useful to get a string representation of DNs.
DistinguishedName.toString() prodives a String representation of DN almost conformed to RFC4514
To achieve to this conversion, there is a new Map containing the most common OID used for DN, based on RFC4519(https://tools.ietf.org/html/rfc4519): AttributeTypeDictionnary
The 57 OID described in section #2 AttributeType and section #3 ObjectClass are retrieved.
certificate.issuer.relativeDistinguishedNames.push(new RelativeDistinguishedNames({
typesAndValues: [
new AttributeTypeAndValue({
type: "2.5.4.6", // Country name
value: new asn1js.PrintableString({ value: "RU" })
}),
new AttributeTypeAndValue({
type: "2.5.4.7", // Location
value: new asn1js.PrintableString({ value: "Moscow" })
}),
]
}));
certificate.issuer.relativeDistinguishedNames.push(new RelativeDistinguishedNames({
typesAndValues: [new AttributeTypeAndValue({
type: "2.5.4.3", // Common name
value: new asn1js.BmpString({ value: 'John "Jim" Smith, III' })
})]
}));
console.log(certificate.issuer.toString())
// EXPECTED: C=RU+L=Moscow,CN=John \"Jim\" Smith\, III
Due to the structure change, this Pull Request can introduce breaking changes
Distinguished Name implementation
Add DistinguishedName class which contains a collection of RelativeDistinguishedName according to RFC5280 and X.501.
Subject and Issuer properties in Certificate, CRL, OCSP, ... classes doesn't accept Array anymore but Array.
Instead of:
You must declare these fields with:
DN toString()
For debugging purpose or more, it could be useful to get a string representation of DNs.
DistinguishedName.toString()prodives a String representation of DN almost conformed to RFC4514To achieve to this conversion, there is a new Map containing the most common OID used for DN, based on RFC4519(https://tools.ietf.org/html/rfc4519):
AttributeTypeDictionnaryThe 57 OID described in section #2 AttributeType and section #3 ObjectClass are retrieved.