Class KJUR.asn1.x509.CRL
Extends
KJUR.asn1.ASN1Object.
X.509 CRL class to sign and generate hex encoded certificate
Defined in: asn1x509-1.0.js.
| Constructor Attributes | Constructor Name and Description |
|---|---|
|
KJUR.asn1.x509.CRL(params)
X.509 CRL class to sign and generate hex encoded CRL
This class represents CertificateList ASN.1 structur of X.509 CRL defined in RFC 5280 5.1
CertificateList ::= SEQUENCE {
tbsCertList TBSCertList,
signatureAlgorithm AlgorithmIdentifier,
signatureValue BIT STRING }
NOTE: CRL class is updated without backward
compatibility from jsrsasign 9.1.0 asn1x509 2.1.0. |
| Field Attributes | Field Name and Description |
|---|---|
|
JSON object of parameters
|
- Fields borrowed from class KJUR.asn1.ASN1Object:
- hL, hT, hTLV, hV, isModified
| Method Attributes | Method Name and Description |
|---|---|
|
getPEM()
get PEM formatted CRL string after signed
This method returns a string of PEM formatted CRL. |
|
|
sign()
sign CRL
This method signs TBSCertList with a specified private key and algorithm by this.params.cakey and this.params.sigalg parameter. |
- Methods borrowed from class KJUR.asn1.ASN1Object:
- getEncodedHex, getLengthHexFromValue, getValueHex, tohex
Class Detail
KJUR.asn1.x509.CRL(params)
X.509 CRL class to sign and generate hex encoded CRL
This class represents CertificateList ASN.1 structur of X.509 CRL defined in RFC 5280 5.1
Constructor of this class can accept all parameters of KJUR.asn1.x509.TBSCertList. It also accept following parameters additionally:
This class represents CertificateList ASN.1 structur of X.509 CRL defined in RFC 5280 5.1
CertificateList ::= SEQUENCE {
tbsCertList TBSCertList,
signatureAlgorithm AlgorithmIdentifier,
signatureValue BIT STRING }
NOTE: CRL class is updated without backward
compatibility from jsrsasign 9.1.0 asn1x509 2.1.0.
Most of methods are removed and parameters can be set
by JSON object.
Constructor of this class can accept all parameters of KJUR.asn1.x509.TBSCertList. It also accept following parameters additionally:
- {TBSCertList}tbsobj (OPTION) - specifies KJUR.asn1.x509.TBSCertList object to be signed if needed. When this isn't specified, this will be set from other parametes of TBSCertList.
- {Object}cakey (OPTION) - specifies CRL signing private key.
Parameter "cakey" or "sighex" shall be specified. Following
values can be specified:
- PKCS#1/5 or PKCS#8 PEM string of private key
- RSAKey/DSA/ECDSA key object. KEYUTIL.getKey is useful to generate a key object.
- {String}sighex (OPTION) - hexadecimal string of signature value (i.e. ASN.1 value(V) of signatureValue BIT STRING without unused bits)
var crl = new KJUR.asn1.x509.CRL({
sigalg: "SHA256withRSA",
issuer: {str:'/C=JP/O=Test1'},
thisupdate: "200821235959Z",
nextupdate: "200828235959Z", // OPTION
revcert: [{sn: {hex: "12ab"}, date: "200401235959Z"}],
ext: [
{extname: "cRLNumber", num: {'int': 8}},
{extname: "authorityKeyIdentifier", "kid": {hex: "12ab"}}
],
cakey: prvkey
});
crl.gettohex() → "30..."
crl.getPEM() → "-----BEGIN X509 CRL..."
- Parameters:
- {Array} params
- JSON object of CRL parameters
- Since:
- 1.0.3
Field Detail
{Array}
params
JSON object of parameters
Method Detail
getPEM()
get PEM formatted CRL string after signed
This method returns a string of PEM formatted CRL.
This method returns a string of PEM formatted CRL.
crl = new KJUR.asn1.x509.CRL({...});
crl.getPEM() →
"-----BEGIN X509 CRL-----\r\n..."
- Since:
- jsrsasign 9.1.0 asn1hex 2.1.0
- Returns:
- PEM formatted string of CRL
sign()
sign CRL
This method signs TBSCertList with a specified private key and algorithm by this.params.cakey and this.params.sigalg parameter.
This method signs TBSCertList with a specified private key and algorithm by this.params.cakey and this.params.sigalg parameter.
crl = new KJUR.asn1.x509.CRL({..., cakey:prvkey});
crl.sign()