Class KJUR.asn1.ocsp.CertID
Extends
KJUR.asn1.ASN1Object.
ASN.1 CertID class for OCSP
Defined in: asn1ocsp-1.0.js.
| Constructor Attributes | Constructor Name and Description |
|---|---|
|
KJUR.asn1.ocsp.CertID(params)
ASN.1 CertID class for OCSP
CertID ASN.1 class is defined in RFC 6960 4.1.1. |
- Fields borrowed from class KJUR.asn1.ASN1Object:
- hL, hT, hTLV, hV, isModified, params
| Method Attributes | Method Name and Description |
|---|---|
|
getParamByCerts(issuerCert, subjectCert, algName, associative)
calculate CertID parameter by certificates.
|
|
|
setByCert(issuerCert, subjectCert, algName)
set CertID ASN.1 object by PEM certificates.
|
|
|
setByValue(issuerNameHashHex, issuerKeyHashHex, serialNumberHex, algName)
set CertID ASN.1 object by values.
|
- Methods borrowed from class KJUR.asn1.ASN1Object:
- getEncodedHex, getLengthHexFromValue, getValueHex, tohex
Class Detail
KJUR.asn1.ocsp.CertID(params)
ASN.1 CertID class for OCSP
CertID ASN.1 class is defined in RFC 6960 4.1.1.
NOTE: Properties "namehash", "keyhash" and "serial" are changed to "issname", "isskey", and "sbjsn" respectively since jsrsasign 9.1.6 asn1ocsp 1.1.0.
CertID ASN.1 class is defined in RFC 6960 4.1.1.
CertID ::= SEQUENCE {
hashAlgorithm AlgorithmIdentifier,
issuerNameHash OCTET STRING, -- Hash of issuer's DN
issuerKeyHash OCTET STRING, -- Hash of issuer's public key
serialNumber CertificateSerialNumber }
Following properties are available in "params" of the constructor:
- {String}alg (OPTION) - hash algorithm name. Default is "sha1" (ex, "sha1")
- {String}issname (OPTION) - hexadecimal string of issuerNameHash
- {String}isskey (OPTION) - hexadecimal string of issuerKeyHash
- {String}sbjsn (OPTION) - hexadecimal string of serial number of subject certificate
- {String}issuerCert (OPTION) - PEM string of issuer certificate. Property "issname" and "isskey" will be set by "issuerCert".
- {String}subjectCert (OPTION) - PEM string of issuer certificate. Property "sbjsn" will be set by "subjectCert".
NOTE: Properties "namehash", "keyhash" and "serial" are changed to "issname", "isskey", and "sbjsn" respectively since jsrsasign 9.1.6 asn1ocsp 1.1.0.
// constructor with explicit values (changed since jsrsasign 9.1.6)
new KJUR.asn1.ocsp.CertID({issname: "1a...", isskey: "ad...", sbjsn: "1234", alg: "sha256"});
// constructor with certs (sha1 is used by default)
o = new KJUR.asn1.ocsp.CertID({issuerCert: "-----BEGIN...", subjectCert: "-----BEGIN..."});
// constructor with certs and sha256
o = new KJUR.asn1.ocsp.CertID({issuerCert: "-----BEGIN...", subjectCert: "-----BEGIN...", alg: "sha256"});
- Parameters:
- {Array} params
- JSON object of parameters
- Since:
- jsrsasign 6.1.0 asn1ocsp 1.0.0
Method Detail
getParamByCerts(issuerCert, subjectCert, algName, associative)
calculate CertID parameter by certificates.
This method calculates issuer name hash, issuer key hash and subject serial number then returns an associative array with alg, issname, isskey and sbjsn members.
This method calculates issuer name hash, issuer key hash and subject serial number then returns an associative array with alg, issname, isskey and sbjsn members.
o = new KJUR.asn1.ocsp.CertID();
o.getParamByCerts("-----BEGIN...", "-----BEGIN...", "sha256") →
{
alg: "sha256",
issname: "12abcd...",
isskey: "23cdef...",
sbjsn: "57b3..."
}
- Parameters:
- {string} issuerCert
- string of PEM issuer certificate
- {string} subjectCert
- string of PEM subject certificate to be verified by OCSP
- {string} algName
- hash algorithm name used for above arguments (ex. "sha1") DEFAULT: sha1
- {object} associative
- array with alg, issname, isskey and sbjsn members
- Since:
- jsrsasign 10.5.7 asn1ocsp 1.1.6
setByCert(issuerCert, subjectCert, algName)
set CertID ASN.1 object by PEM certificates.
o = new KJUR.asn1.ocsp.CertID();
o.setByCert("-----BEGIN...", "-----BEGIN..."); // sha1 is used by default
o.setByCert("-----BEGIN...", "-----BEGIN...", "sha256");
- Parameters:
- {String} issuerCert
- string of PEM issuer certificate
- {String} subjectCert
- string of PEM subject certificate to be verified by OCSP
- {String} algName
- hash algorithm name used for above arguments (ex. "sha1") DEFAULT: sha1
- Deprecated:
- since jsrsasign 10.5.7 asn1ocsp 1.1.6. Please use setByParam instead.
- Since:
- jsrsasign 6.1.0 asn1ocsp 1.0.0
setByValue(issuerNameHashHex, issuerKeyHashHex, serialNumberHex, algName)
set CertID ASN.1 object by values.
o = new KJUR.asn1.ocsp.CertID();
o.setByValue("1fac...", "fd3a...", "1234"); // sha1 is used by default
o.setByValue("1fac...", "fd3a...", "1234", "sha256");
- Parameters:
- {String} issuerNameHashHex
- hexadecimal string of hash value of issuer name
- {String} issuerKeyHashHex
- hexadecimal string of hash value of issuer public key
- {String} serialNumberHex
- hexadecimal string of certificate serial number to be verified
- {String} algName
- hash algorithm name used for above arguments (ex. "sha1") DEFAULT: sha1
- Since:
- jsrsasign 6.1.0 asn1ocsp 1.0.0