Class KJUR.asn1.csr.CSRUtil
Certification Request (CSR/PKCS#10) utilities class
Defined in: asn1csr-1.0.js.
| Constructor Attributes | Constructor Name and Description |
|---|---|
|
Certification Request (CSR/PKCS#10) utilities class
This class provides utility static methods for CSR/PKCS#10. |
| Method Attributes | Method Name and Description |
|---|---|
| <static> |
KJUR.asn1.csr.CSRUtil.getParam(sPEM, flagTBS)
get field values from CSR/PKCS#10 PEM string
This method parses PEM CSR/PKCS#1 string and retrieves fields such as subject name and public key. |
| <static> |
KJUR.asn1.csr.CSRUtil.newCSRPEM(param)
generate a PEM format of CSR/PKCS#10 certificate signing request (DEPRECATED)
This method can generate a CSR certificate signing. |
| <static> |
KJUR.asn1.csr.CSRUtil.verifySignature(csr)
verify self-signed CSR/PKCS#10 signature
This method verifies self-signed signature of CSR/PKCS#10 with its public key which is concluded in the CSR. |
Class Detail
KJUR.asn1.csr.CSRUtil()
Certification Request (CSR/PKCS#10) utilities class
This class provides utility static methods for CSR/PKCS#10. Here is a list of methods:
This class provides utility static methods for CSR/PKCS#10. Here is a list of methods:
Method Detail
<static>
{Array}
KJUR.asn1.csr.CSRUtil.getParam(sPEM, flagTBS)
get field values from CSR/PKCS#10 PEM string
This method parses PEM CSR/PKCS#1 string and retrieves fields such as subject name and public key. Following parameters are available in the resulted JSON object.
CAUTION: Returned JSON value format have been changed without backward compatibility since jsrsasign 9.0.0 asn1csr 2.0.0.
NOTE: The "flagTBS" supported since jsrsasign 10.5.26.
This method parses PEM CSR/PKCS#1 string and retrieves fields such as subject name and public key. Following parameters are available in the resulted JSON object.
- {X500Name}subject - subject name parameters
- {String}sbjpubkey - PEM string of subject public key
- {Array}extreq - array of extensionRequest parameters
- {String}sigalg - name of signature algorithm field
- {String}sighex - hexadecimal string of signature value
- {String}tbs - a hexadecimal string of CertificationRequestInfo as to be signed(OPTION)
CAUTION: Returned JSON value format have been changed without backward compatibility since jsrsasign 9.0.0 asn1csr 2.0.0.
NOTE: The "flagTBS" supported since jsrsasign 10.5.26.
KJUR.asn1.csr.CSRUtil.getParam("-----BEGIN CERTIFICATE REQUEST...") →
{
subject: { array:[[{type:"C",value:"JP",ds:"prn"}],...],
str: "/C=JP/O=Test"},
sbjpubkey: "-----BEGIN PUBLIC KEY...",
extreq: [{extname:"subjectAltName",array:[{dns:"example.com"}]}]
sigalg: "SHA256withRSA",
sighex: "1ab3df.."
}
KJUR.asn1.csr.CSRUtil.getParam("-----BEGIN CERTIFICATE REQUEST...", true) →
result will also have a member "tbs" in the object.
- Parameters:
- {string} sPEM
- PEM string of CSR/PKCS#10
- {boolean} flagTBS
- result object also concludes CertificationRequestInfo (OPTION, DEFAULT=false)
- Since:
- jsrsasign 9.0.0 asn1csr 2.0.0
- Returns:
- {Array} JSON object with parsed parameters such as name or public key
- See:
- KJUR.asn1.csr.CertificationRequest
- KJUR.asn1.csr.CertificationRequestInfo
- KJUR.asn1.x509.X500Name
- X509#getExtParamArray
<static>
KJUR.asn1.csr.CSRUtil.newCSRPEM(param)
generate a PEM format of CSR/PKCS#10 certificate signing request (DEPRECATED)
This method can generate a CSR certificate signing.
This method can generate a CSR certificate signing.
// 1) by key object
pem = KJUR.asn1.csr.CSRUtil.newCSRPEM({
subject: {str: '/C=US/O=Test/CN=example.com'},
sbjpubkey: pubKeyObj,
sigalg: "SHA256withRSA",
sbjprvkey: prvKeyObj,
extreq: [{
extname: "subjectAltName",
array: [{dns:"example.com"}]
}]
});
// 2) by private/public key PEM
pem = KJUR.asn1.csr.CSRUtil.newCSRPEM({
subject: {str: '/C=US/O=Test/CN=example.com'},
sbjpubkey: pubKeyPEM,
sigalg: "SHA256withRSA",
sbjprvkey: prvKeyPEM
});
// 3) with generateKeypair
kp = KEYUTIL.generateKeypair("RSA", 2048);
pem = KJUR.asn1.csr.CSRUtil.newCSRPEM({
subject: {str: '/C=US/O=Test/CN=example.com'},
sbjpubkey: kp.pubKeyObj,
sigalg: "SHA256withRSA",
sbjprvkey: kp.prvKeyObj
});
// 4) by private/public key PEM with extension
pem = KJUR.asn1.csr.CSRUtil.newCSRPEM({
subject: {str: '/C=US/O=Test/CN=example.com'},
ext: [
{subjectAltName: {array: [{dns: 'example.net'}]}}
],
sbjpubkey: pubKeyPEM,
sigalg: "SHA256withRSA",
sbjprvkey: prvKeyPEM
});
- Parameters:
- {Array} param
- parameter to generate CSR
- Deprecated:
- since jsrsasign 9.0.0 asn1csr 2.0.0. please use KJUR.asn1.csr.CertificationRequest constructor.
- Since:
- jsrsasign 4.9.0 asn1csr 1.0.0
<static>
{boolean}
KJUR.asn1.csr.CSRUtil.verifySignature(csr)
verify self-signed CSR/PKCS#10 signature
This method verifies self-signed signature of CSR/PKCS#10 with its public key which is concluded in the CSR.
This method verifies self-signed signature of CSR/PKCS#10 with its public key which is concluded in the CSR.
KJUR.asn1.csr.CSRUtil.verifySignatrue("-----BEGIN CERTIFICATE REQUEST...") → true or false
p = KJUR.asn1.csr.CSRUtil.getParam("-----BEGIN CERTIFICATE REQUEST-----", true); // with tbs
KJUR.asn1.csr.CSRUtil.verifySignatrue(p) → true or false
- Parameters:
- {object} csr
- PEM CSR string or parsed JSON object of CSR
- Since:
- jsrsasign 10.5.26 asn1csr 2.0.6
- Returns:
- {boolean} true if self-signed signature is valid otherwise false
- See:
- KJUR.asn1.csr.CertificationRequest
- KJUR.asn1.csr.CertificationRequestInfo
- KJUR.asn1.csr.CSRUtil#getParam