Issue #27 - Support extension OID 1.3.6.1.4.1.311.21.2

[MauAraujo]

Hey @april, I finally implemented the support for the extension. However, I am having a hard time finding a page that uses this certificate extension, I used Censys to search for one but had no results. So, I still haven't tested it completely. Any advice and feedback would be greatly appreciated.

[april]

I can't seem to find any myself, so it may be blocked by the ability to upload a cert. Alternatively, you can just set asn1 manually and have it parse things that way.

[april]

Right at the top of der.js, you can set asn1 to the value of a decoded cert that does have this value. You should be able to grab the certs off of Censys or the like.

[MauAraujo]

Hi, I tried setting asn1 manually as suggested but ran into some issues. I tried to manually read a certificate that I downloaded from Censys, but when creating asn1:

  const asn1 = asn1js.fromBER(testCert.buffer);

I keep getting the error:

"Too big integer"

testCert is an Uint8Array and testCert.buffer is an ArrayBuffer that contains the certificate I want to decode. I would really appreciate any insight into this problem. Thanks.

[MauAraujo]

Nevermind, I was able to decode it using another approach. I decoded this certificate https://censys.io/certificates/c11d158f29a7d8c8eff057550fddd3a4a6b97119bc62e60bb8680680b05397e7 that contains the extension, and it displays correctly: The changes I submitted previously are shown here: However, upon further examination, the extension does not contain a parsedValueso the value cannot be displayed. This is the structure of the extension:

Object { extnID: "1.3.6.1.4.1.311.21.2", extnValue: {…} }

Do I have to decode the value manually or is there anything I'm missing? Thanks for the support and feedback.

[april]

Yes, if PKI.js can't parse it you can either open up an Issue/PR there (in their GitHub) or try to parse it inside the extension. :)

[MauAraujo]

I used the new version of PKI.js that supports the Microsoft extensions and was able to get parsedValue and display the previous hash id like shown here:

parsedValue has this structure:

parsedValue: {…}
​​
blockLength: 22
​​
blockName: "OctetString"
​​
error: ""
​​
idBlock: Object { blockName: "identificationBlock", blockLength: 1, isHexOnly: false, … }
​​
lenBlock: Object { blockName: "lengthBlock", blockLength: 1, isIndefiniteForm: false, … }
​​
valueBeforeDecode: "041430E37E3720456C38C8874F382D07CE23AA2303C1"
​​
valueBlock: Object { blockName: "OctetStringValueBlock", blockLength: 20, isIndefiniteForm: false, … }
​​
warnings: Array []
​​
<prototype>: Object { … }

Is this correct? Or is there another field that I need to consider?

[MauAraujo]

This was changed and included in #54.