Class Index | File Index

Classes


Class KJUR.asn1.x509.Certificate


Extends KJUR.asn1.ASN1Object.
X.509 Certificate class to sign and generate hex encoded certificate
Defined in: asn1x509-1.0.js.

Class Summary
Constructor Attributes Constructor Name and Description
 
X.509 Certificate class to sign and generate hex encoded certificate
This class provides Certificate ASN.1 class structure defined in RFC 5280 4.1.
Field Summary
Field Attributes Field Name and Description
 
JSON object of parameters
Fields borrowed from class KJUR.asn1.ASN1Object:
hL, hT, hTLV, hV, isModified
Method Summary
Method Attributes Method Name and Description
 
get PEM formatted certificate string after signed This method returns a string of PEM formatted certificate.
 
setByParam(params)
set parameter
This method will set parameter KJUR.asn1.x509.Certificate#params to this object.
 
sign()
sign certificate
This method signs TBSCertificate with a specified private key and algorithm by this.params.cakey and this.params.sigalg parameter.
Methods borrowed from class KJUR.asn1.ASN1Object:
getEncodedHex, getLengthHexFromValue, getValueHex, tohex
Class Detail
KJUR.asn1.x509.Certificate(params)
X.509 Certificate class to sign and generate hex encoded certificate
This class provides Certificate ASN.1 class structure defined in RFC 5280 4.1.
Certificate  ::=  SEQUENCE  {
     tbsCertificate       TBSCertificate,
     signatureAlgorithm   AlgorithmIdentifier,
     signatureValue       BIT STRING  }
Parameter "params" JSON object can be the same as KJUR.asn1.x509.TBSCertificate. Then they are used to generate TBSCertificate. Additionally just for Certificate, following parameters can be used:
  • {TBSCertfificate}tbsobj - specifies KJUR.asn1.x509.TBSCertificate object to be signed if needed. When this isn't specified, this will be set from other parametes of TBSCertificate.
  • {Object}cakey (OPTION) - specifies certificate signing private key. Parameter "cakey" or "sighex" shall be specified. Following values can be specified:
    • PKCS#1/5 or PKCS#8 PEM string of private key
    • RSAKey/DSA/ECDSA key object. KEYUTIL.getKey is useful to generate a key object.
  • {String}sighex (OPTION) - hexadecimal string of signature value (i.e. ASN.1 value(V) of signatureValue BIT STRING without unused bits)
CAUTION: APIs of this class have been totally updated without backward compatibility since jsrsasign 9.0.0.
NOTE1: 'params' can be omitted.
NOTE2: DSA/ECDSA is also supported for CA signging key from asn1x509 1.0.6.
var cert = new KJUR.asn1.x509.Certificate({
 version: 3,
 serial: {hex: "1234..."},
 sigalg: "SHA256withRSAandMGF1",
 ...
 sighex: "1d3f..." // sign() method won't be called
});

// sighex will by calculated by signing with cakey
var cert = new KJUR.asn1.x509.Certificate({
 version: 3,
 serial: {hex: "2345..."},
 sigalg: "SHA256withRSA",
 ...
 cakey: "-----BEGIN PRIVATE KEY..."
});

// use TBSCertificate object to sign
var cert = new KJUR.asn1.x509.Certificate({
 tbsobj: <>,
 sigalg: "SHA256withRSA",
 cakey: "-----BEGIN PRIVATE KEY..."
});
Parameters:
{Array} params
JSON object for Certificate parameters
Field Detail
{Array} params
JSON object of parameters
Method Detail
getPEM()
get PEM formatted certificate string after signed This method returns a string of PEM formatted certificate.
cert = new KJUR.asn1.x509.Certificate({...});
cert.getPEM() →
"-----BEGIN CERTIFICATE-----\r\n..."
Since:
jsrsasign 9.0.0 asn1hex 2.0.0
Returns:
PEM formatted string of certificate

setByParam(params)
set parameter
This method will set parameter KJUR.asn1.x509.Certificate#params to this object.
cert = new KJUR.asn1.x509.Certificate();
cert.setByParam({
  version: 3,
  serial: {hex: "1234..."},
  ...
});
Parameters:
params
{Array} JSON object of certificate parameters
Since:
jsrsasign 9.0.0 asn1hex 2.0.0

sign()
sign certificate
This method signs TBSCertificate with a specified private key and algorithm by this.params.cakey and this.params.sigalg parameter.
cert = new KJUR.asn1.x509.Certificate({...});
cert.sign()

© 2012-2023 Kenji Urushima, All rights reserved
Documentation generated by JsDoc Toolkit 2.4.0