indutny
commented
10 years ago Nice!
Closed chjj closed 8 years ago
indutny
commented
10 years ago Nice!
chjj
commented
10 years ago @indutny, what do you make of the parse errors (minus the lines of code below the "XXX" comments). The RFC is implemented correctly, but I will still get errors on certain certs (including the test cert included).
indutny
commented
10 years ago @chjj could you please try to reduce the problem to a minimal test case?
chjj
commented
10 years ago Fixed style concerns and implemented the rest of the CRL extensions.
chjj
commented
10 years ago And yeah, I will try to isolate the issue more.
chjj
commented
10 years ago Added a cert chain to test with.
chjj
commented
9 years ago Everything is working except for the lines below the "XXX Workaround for parse error" comments. Not sure why. may be a problem with the cert, or something internal within asn1.js. One thing is for sure: this schema abides by the specification correctly.
indutny
commented
9 years ago @chjj also, the patch does not seem to apply to master branch anymore :( Could you please squash it and rebase?
indutny
commented
9 years ago @chjj ? ;)
indutny
commented
9 years ago @chjj ping?
indutny
commented
9 years ago @chjj pang? :)
felix
commented
8 years ago chjj's extension parsing has been used in #47
felix
commented
8 years ago Most of this functionality has been merged into master now.
NOTE: This is a work in progress.
This implements 17 TBSCertificate Extensions as laid out in rfc5280: http://www.ietf.org/rfc/rfc5280.txt
This also adds all string types to the DER encoder/decoder aside from a few which I couldn't find much documentation on.
It ultimately adds an `rfc5280.decodeExtensions(cert, ...)' function which can parse all extensions of a TBSCert and returns an object potentially containing all 17 standardized extensions, decoded.
I'm still receiving parse errors on certain certificates. You may see my old debugging code in past commits. I receive a parse error on the test cert itself, so I'll have to do some more debugging. I hope there is not a problem with the core DER decoder (I tried to obey the specification perfectly, but on the cert chain I was testing on, I was receiving parse errors. You will see some "XXX" comments noting workarounds for the parse errors I was receiving. The lines of code below those comments did not exist prior trying to workaround parse errors, and the cert chain I was testing on is completely valid).
I still have to work on tests.