Class Index | File Index

Classes


Class KJUR.asn1.x509.CRL


Extends KJUR.asn1.ASN1Object.
X.509 CRL class to sign and generate hex encoded certificate
Defined in: asn1x509-1.0.js.

Class Summary
Constructor Attributes Constructor Name and Description
 
X.509 CRL class to sign and generate hex encoded CRL
This class represents CertificateList ASN.1 structur of X.509 CRL defined in RFC 5280 5.1
CertificateList  ::=  SEQUENCE  {
    tbsCertList          TBSCertList,
    signatureAlgorithm   AlgorithmIdentifier,
    signatureValue       BIT STRING  }
NOTE: CRL class is updated without backward compatibility from jsrsasign 9.1.0 asn1x509 2.1.0.
Field Summary
Field Attributes Field Name and Description
 
JSON object of parameters
Fields borrowed from class KJUR.asn1.ASN1Object:
hL, hT, hTLV, hV, isModified
Method Summary
Method Attributes Method Name and Description
 
get PEM formatted CRL string after signed
This method returns a string of PEM formatted CRL.
 
sign()
sign CRL
This method signs TBSCertList with a specified private key and algorithm by this.params.cakey and this.params.sigalg parameter.
Methods borrowed from class KJUR.asn1.ASN1Object:
getEncodedHex, getLengthHexFromValue, getValueHex, tohex
Class Detail
KJUR.asn1.x509.CRL(params)
X.509 CRL class to sign and generate hex encoded CRL
This class represents CertificateList ASN.1 structur of X.509 CRL defined in RFC 5280 5.1
CertificateList  ::=  SEQUENCE  {
    tbsCertList          TBSCertList,
    signatureAlgorithm   AlgorithmIdentifier,
    signatureValue       BIT STRING  }
NOTE: CRL class is updated without backward compatibility from jsrsasign 9.1.0 asn1x509 2.1.0. Most of methods are removed and parameters can be set by JSON object.
Constructor of this class can accept all parameters of KJUR.asn1.x509.TBSCertList. It also accept following parameters additionally:
  • {TBSCertList}tbsobj (OPTION) - specifies KJUR.asn1.x509.TBSCertList object to be signed if needed. When this isn't specified, this will be set from other parametes of TBSCertList.
  • {Object}cakey (OPTION) - specifies CRL signing private key. Parameter "cakey" or "sighex" shall be specified. Following values can be specified:
    • PKCS#1/5 or PKCS#8 PEM string of private key
    • RSAKey/DSA/ECDSA key object. KEYUTIL.getKey is useful to generate a key object.
  • {String}sighex (OPTION) - hexadecimal string of signature value (i.e. ASN.1 value(V) of signatureValue BIT STRING without unused bits)
var crl = new KJUR.asn1.x509.CRL({
 sigalg: "SHA256withRSA",
 issuer: {str:'/C=JP/O=Test1'},
 thisupdate: "200821235959Z",
 nextupdate: "200828235959Z", // OPTION
 revcert: [{sn: {hex: "12ab"}, date: "200401235959Z"}],
 ext: [
  {extname: "cRLNumber", num: {'int': 8}},
  {extname: "authorityKeyIdentifier", "kid": {hex: "12ab"}}
 ],
 cakey: prvkey
});
crl.gettohex() → "30..."
crl.getPEM() → "-----BEGIN X509 CRL..."
Parameters:
{Array} params
JSON object of CRL parameters
Since:
1.0.3
See:
KJUR.asn1.x509.TBSCertList
Field Detail
{Array} params
JSON object of parameters
Method Detail
getPEM()
get PEM formatted CRL string after signed
This method returns a string of PEM formatted CRL.
crl = new KJUR.asn1.x509.CRL({...});
crl.getPEM() →
"-----BEGIN X509 CRL-----\r\n..."
Since:
jsrsasign 9.1.0 asn1hex 2.1.0
Returns:
PEM formatted string of CRL

sign()
sign CRL
This method signs TBSCertList with a specified private key and algorithm by this.params.cakey and this.params.sigalg parameter.
crl = new KJUR.asn1.x509.CRL({..., cakey:prvkey});
crl.sign()

© 2012-2023 Kenji Urushima, All rights reserved
Documentation generated by JsDoc Toolkit 2.4.0