Class Index | File Index

Classes


Class KJUR.asn1.x509.AuthorityKeyIdentifier


Extends KJUR.asn1.x509.Extension.
AuthorityKeyIdentifier ASN.1 structure class
Defined in: asn1x509-1.0.js.

Class Summary
Constructor Attributes Constructor Name and Description
 
AuthorityKeyIdentifier ASN.1 structure class This class represents ASN.1 structure for AuthorityKeyIdentifier in RFC 5280.
Fields borrowed from class KJUR.asn1.ASN1Object:
hL, hT, hTLV, hV, isModified, params
Method Summary
Method Attributes Method Name and Description
 
set authorityCertIssuer value by X500Name parameter This method will set authorityCertIssuer name by param.
 
set authorityCertSerialNumber value This method will set authorityCertSerialNumber by param.
 
set keyIdentifier value by DEROctetString parameter, key object or PEM file This method will set keyIdentifier by param.
Methods borrowed from class KJUR.asn1.ASN1Object:
getEncodedHex, getLengthHexFromValue, getValueHex, tohex
Class Detail
KJUR.asn1.x509.AuthorityKeyIdentifier(params)
AuthorityKeyIdentifier ASN.1 structure class This class represents ASN.1 structure for AuthorityKeyIdentifier in RFC 5280. Constructor of this class may have following parameters.:
  • kid - When key object (RSA, KJUR.crypto.ECDSA/DSA) or PEM string of issuing authority public key or issuer certificate is specified, key identifier will be automatically calculated by the method specified in RFC 5280. When a hexadecimal string is specifed, kid will be set explicitly by it.
  • isscert - When PEM string of authority certificate is specified, both authorityCertIssuer and authorityCertSerialNumber will be set by the certificate.
  • issuer - KJUR.asn1.x509.X500Name parameter to specify issuer name explicitly.
  • sn - hexadecimal string to specify serial number explicitly.
  • critical - boolean to specify criticality of this extension however conforming CA must mark this extension as non-critical in RFC 5280.
d-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::=  { id-ce 35 }
AuthorityKeyIdentifier ::= SEQUENCE {
   keyIdentifier             [0] KeyIdentifier           OPTIONAL,
   authorityCertIssuer       [1] GeneralNames            OPTIONAL,
   authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL  }
KeyIdentifier ::= OCTET STRING
// 1. kid by key object
keyobj = KEYUTIL.getKey("-----BEGIN PUBLIC KEY...");
e1 = new KJUR.asn1.x509.AuthorityKeyIdentifier({kid: keyobj});
// 2. kid by PEM string of authority certificate or public key
e1 = new KJUR.asn1.x509.AuthorityKeyIdentifier({kid: "-----BEGIN..."});
// 3. specify kid explicitly
e1 = new KJUR.asn1.x509.AuthorityKeyIdentifier({kid: "8ab1d3..."});
});
// 4. issuer and serial number by auhtority PEM certificate
e1 = new KJUR.asn1.x509.AuthorityKeyIdentifier({isscert: "-----BEGIN..."});
// 5. issuer and serial number explicitly
e1 = new KJUR.asn1.x509.AuthorityKeyIdentifier({
  issuer: {ldapstr: "O=test,C=US"},
  sn: {hex: "1ac7..."}});
// 6. combination
e1 = new KJUR.asn1.x509.AuthorityKeyIdentifier({
  kid: "-----BEGIN CERTIFICATE...",
  isscert: "-----BEGIN CERTIFICATE..."});
Parameters:
{Array} params
associative array of parameters (ex. {kid: {hex: '89ab...'}, critical: true})
Since:
asn1x509 1.0.8
Method Detail
setCertIssuerByParam(param)
set authorityCertIssuer value by X500Name parameter This method will set authorityCertIssuer name by param. Issuer name can be set by following type of param argument: NOTE1: Automatic authorityCertIssuer setting by certificate is supported since jsrsasign 8.0.16.
var o = new KJUR.asn1.x509.AuthorityKeyIdentifier();
// 1. set it by string
o.setCertIssuerByParam({str: '/C=US/O=Test'});
// 2. set it by issuer PEM certificate
o.setCertIssuerByParam("-----BEGIN CERTIFICATE...");
Parameters:
{Array} param
parameter to set issuer name
Since:
asn1x509 1.0.8
See:
KJUR.asn1.x509.X500Name
KJUR.asn1.x509.GeneralNames
X509.getSubjectHex

setCertSerialNumberByParam(param)
set authorityCertSerialNumber value This method will set authorityCertSerialNumber by param. Serial number can be set by following type of param argument:
Parameters:
{Object} param
parameter to set serial number
Since:
asn1x509 1.0.8
See:
X509.getSerialNumberHex

setKIDByParam(param)
set keyIdentifier value by DEROctetString parameter, key object or PEM file This method will set keyIdentifier by param. Its key identifier value can be set by following type of param argument: NOTE1: Automatic key identifier calculation is supported since jsrsasign 8.0.16.
o = new KJUR.asn1.x509.AuthorityKeyIdentifier();
// set by hexadecimal string
o.setKIDByParam({hex: '1ad9...'});
// set by SubjectPublicKeyInfo of PEM certificate string
o.setKIDByParam("-----BEGIN CERTIFICATE...");
// set by PKCS#8 PEM public key string
o.setKIDByParam("-----BEGIN PUBLIC KEY...");
// set by public key object
pubkey = KEYUTIL.getKey("-----BEGIN CERTIFICATE...");
o.setKIDByParam(pubkey);
Parameters:
{Array} param
parameter to set key identifier
Since:
asn1x509 1.0.8
See:
KEYUTIL.getKeyID

© 2012-2023 Kenji Urushima, All rights reserved
Documentation generated by JsDoc Toolkit 2.4.0