Class Index | File Index

Classes


Class X509CRL


Version 1.0.0 (2020-Aug-26).
hexadecimal X.509 CRL ASN.1 parser class
Defined in: x509crl.js.

Class Summary
Constructor Attributes Constructor Name and Description
 
X509CRL(params)
hexadecimal X.509 CRL ASN.1 parser class.
Field Summary
Field Attributes Field Name and Description
 
hex
hexadecimal string of X.509 CRL ASN.1 data
 
index of revokedCertificates field in TBSCertList depends on CRL version and nextUpdate field
 
index of SignatureAlgorithm field in TBSCertList position depends on CRL version field
Method Summary
Method Attributes Method Name and Description
 
get JSON object of issuer field
This method returns parsed issuer field value as JSON object.
 
get JSON object of nextUpdate field
This method returns parsed nextUpdate field value as string.
 
get JSON object for CRL parameters
This method returns a JSON object of the CRL parameters.
 
get revokedCertificate JSON parameter
This method returns parsed revokedCertificate parameter as JSON object.
 
get array for revokedCertificates field
This method returns parsed revokedCertificates field value as array of revokedCertificate parameter.
 
get signature algorithm name in basic field This method will get a name of signature algorithm in CRL.
 
get signature value as hexadecimal string
This method will get signature value of CRL.
 
get JSON object of thisUpdate field
This method returns parsed thisUpdate field value as string.
 
get X.509 CRL format version
This method returns a version field value TBSCertList.
 
verifies signature value by public key
This method verifies signature value of hexadecimal string of X.509 CRL by specified public key.
Class Detail
X509CRL(params)
hexadecimal X.509 CRL ASN.1 parser class.
This class parses X.509 CRL. Following methods are provided to get field value:
BASIC FIELD
UTILITIES

Author: Kenji Urushima.
Parameters:
{String} params
X.509 CRL PEM string or hexadecimal string
See:
X509
jsrsasign home page https://kjur.github.io/jsrsasign/
Field Detail
{String} hex
hexadecimal string of X.509 CRL ASN.1 data

{Integer} posRevCert
index of revokedCertificates field in TBSCertList depends on CRL version and nextUpdate field

{Integer} posSigAlg
index of SignatureAlgorithm field in TBSCertList position depends on CRL version field
Method Detail
{Array} getIssuer()
get JSON object of issuer field
This method returns parsed issuer field value as JSON object.
crl = new X509CRL("-----BEGIN X509 CRL...");
x.getIssuer() →
{ array: [[{type:'C',value:'JP',ds:'prn'}],...],
  str: "/C=JP/..." }
Returns:
{Array} JSON object of issuer field
See:
X509#getIssuer
X509#getX500Name
KJUR.asn1.x509.X500Name

{String} getNextUpdate()
get JSON object of nextUpdate field
This method returns parsed nextUpdate field value as string. "nextUpdate" is OPTIONAL field so when nextUpdate field doesn't exists, this returns null.
crl = new X509CRL("-----BEGIN X509 CRL...");
crl.getNextUpdate() → "200825235959Z"
Returns:
{String} string of nextUpdate field or null
See:
X509#getNotBefore
X509CRL#getThisUpdate
KJUR.asn1.x509.Time

{Array} getParam()
get JSON object for CRL parameters
This method returns a JSON object of the CRL parameters. Return value can be passed to KJUR.asn1.x509.CRL constructor.
crl = new X509CRL("-----BEGIN X509 CRL...");
crl.getParam() →
{version: 2,
 sigalg: "SHA256withRSA",
 issuer: {array:
   [[{type:"C",value:"JP",ds:"prn"}],[{type:"O",value:"T1",ds:"prn"}]]},
 thisupdate: "200820212434Z",
 nextupdate: "200910212434Z",
 revcert: [
  {sn:{hex:"123d..."},
   date:"061110000000Z",
   ext:[{extname:"cRLReason",code:4}]}],
 ext: [
  {extname:"authorityKeyIdentifier",kid:{hex: "03de..."}},
  {extname:"cRLNumber",num:{hex:"0211"}}],
 sighex: "3c5e..."}
Returns:
{Array} JSON object for CRL parameters
See:
KJUR.asn1.x509.CRL

{Array} getRevCert()
get revokedCertificate JSON parameter
This method returns parsed revokedCertificate parameter as JSON object.
crl = new X509CRL();
crl.getRevCertArray("30...") →
{sn:"123a", date:"208025235959Z", ext: [{extname:"cRLReason",code:3}]}
Returns:
{Array} JSON object for revokedCertificate parameter
See:
X509CRL#getRevCertArray

{Array} getRevCertArray()
get array for revokedCertificates field
This method returns parsed revokedCertificates field value as array of revokedCertificate parameter. If the field doesn't exists, it returns null.
crl = new X509CRL("-----BEGIN X509 CRL...");
crl.getRevCertArray() →
[{sn:"123a", date:"208025235959Z", ext: [{extname:"cRLReason",code:3}]},
 {sn:"123b", date:"208026235959Z", ext: [{extname:"cRLReason",code:0}]}]
Returns:
{Array} array of revokedCertificate parameter or null
See:
X509CRL#getRevCert

{String} getSignatureAlgorithmField()
get signature algorithm name in basic field This method will get a name of signature algorithm in CRL.
crl = new X509CRL("-----BEGIN X509 CRL...");
crl.getSignatureAlgorithmField() → "SHA256withRSAandMGF1"
Returns:
{String} signature algorithm name (ex. SHA1withRSA, SHA256withECDSA, SHA512withRSAandMGF1)
See:
X509#getSignatureAlgorithmField
KJUR.asn1.x509.AlgirithmIdentifier

{String} getSignatureValueHex()
get signature value as hexadecimal string
This method will get signature value of CRL.
crl = new X509CRL("-----BEGIN X509 CRL...");
crl.getSignatureValueHex() &rarr "8a4c47913..."
Returns:
{String} signature value hexadecimal string without BitString unused bits

{String} getThisUpdate()
get JSON object of thisUpdate field
This method returns parsed thisUpdate field value as string.
crl = new X509CRL("-----BEGIN X509 CRL...");
x.getThisUpdate() → "200825235959Z"
Returns:
{String} string of thisUpdate field (ex. "YYMMDDHHmmSSZ")
See:
X509#getNotBefore
X509CRL#getNextUpdate
KJUR.asn1.x509.Time

{Number} getVersion()
get X.509 CRL format version
This method returns a version field value TBSCertList. This returns null if there is no such field.
crl = new X509CRL("-----BEGIN X509 CRL...");
crl.getVersion() → 2
Returns:
{Number} version field value (generally 2) or null

{Boolean} verifySignature(pubKey)
verifies signature value by public key
This method verifies signature value of hexadecimal string of X.509 CRL by specified public key. The signature algorithm used to verify will refer signatureAlgorithm field. (See X509CRL#getSignatureAlgorithmField)
crl = new X509CRL("-----BEGIN X509 CRL...");
x.verifySignature(pubKey) → true, false or raising exception
Parameters:
{Object} pubKey
public key object, pubkey PEM or PEM issuer cert
Returns:
{Boolean} true if signature value is valid otherwise false
See:
X509#verifySignature
KJUR.crypto.Signature

© 2012-2020 Kenji Urushima, All rights reserved
Documentation generated by JsDoc Toolkit 2.4.0