Class X509

Version 1.0.1 (08 May 2012).
X.509 certificate class
Defined in: x509-1.1.js.

Class Summary
Constructor Attributes	Constructor Name and Description
	X509() X.509 certificate class.

Field Summary
Field Attributes	Field Name and Description
	hex hexacedimal string for X.509 certificate.
	subjectPublicKeyRSA Tom Wu's RSAKey object
	subjectPublicKeyRSA_hE hexadecimal string for public exponent of RSA public key
	subjectPublicKeyRSA_hN hexadecimal string for modulus of RSA public key

Method Summary
Method Attributes	Method Name and Description
<static>	X509.getExtAIAInfo(hCert) get AuthorityInfoAccess extension value in the certificate as associative array This method will get authority info access value as associate array which has following properties: ocsp - array of string for OCSP responder URL caissuer - array of string for caIssuer value (i.e.
<static>	X509.getExtKeyUsageBin(hCert) get KeyUsage extension value as binary string in the certificate This method will get key usage extension value as binary string such like '101'.
<static>	X509.getExtKeyUsageString(hCert) get KeyUsage extension value as names in the certificate This method will get key usage extension value as comma separated string of usage names.
<static>	X509.getHexOfTLV_V3ExtValue(hCert, oidOrName) get X.509 V3 extension value ASN.1 TLV for specified oid or name This method will get X.509v3 extension value of ASN.1 TLV which is specifyed by extension name or oid.
<static>	X509.getHexOfV_V3ExtValue(hCert, oidOrName) get X.509 V3 extension value ASN.1 V for specified oid or name This method will get X.509v3 extension value of ASN.1 value which is specifyed by extension name or oid.
	getIssuerHex() get hexadecimal string of issuer field TLV of certificate.
	getIssuerString() get string of issuer field of certificate.
	getNotAfter() get notAfter field string of certificate.
	getNotBefore() get notBefore field string of certificate.
<static>	X509.getPosOfTLV_V3ExtValue(hCert, oidOrName) get index in the certificate hexa string for specified oid or name specified extension This method will get X.509v3 extension value of ASN.1 V(value) which is specifyed by extension name or oid.
<static>	X509.getPublicKeyFromCertPEM(sCertPEM) get RSAKey/ECDSA public key object from PEM certificate string NOTE: DSA is also supported since x509 1.1.2.
<static>	X509.getPublicKeyInfoPosOfCertHEX(hCert) get position of subjectPublicKeyInfo field from HEX certificate get position for SubjectPublicKeyInfo field in the hexadecimal string of certificate.
<static>	X509.getPublicKeyInfoPropOfCertPEM(sCertPEM) get public key information from PEM certificate Resulted associative array has following properties: algoid - hexadecimal string of OID of asymmetric key algorithm algparam - hexadecimal string of OID of ECC curve name or null keyhex - hexadecimal string of key in the certificate
	getSerialNumberHex() get hexadecimal string of serialNumber field of certificate.
	getSubjectHex() get hexadecimal string of subject field of certificate.
	getSubjectString() get string of subject field of certificate.
<static>	X509.getV3ExtInfoListOfCertHex(hCert) get array of X.509 V3 extension value information in hex string of certificate This method will get all extension information of a X.509 certificate.
<static>	X509.getV3ExtItemInfo_AtObj(hCert, pos) get X.509 V3 extension value information at the specified position This method will get some information of a X.509 V extension which is referred by an index of hexadecimal string of X.509 certificate.
	readCertPEM(sCertPEM) read PEM formatted X.509 certificate from string.

Class Detail

X509()

X.509 certificate class.

Author: Kenji Urushima.

See:: 'jwrsasign'(RSA Sign JavaScript Library) home page http://kjur.github.com/jsrsasign/

Field Detail

{String} hex

hexacedimal string for X.509 certificate.

{RSAKey} subjectPublicKeyRSA

Tom Wu's RSAKey object

{String} subjectPublicKeyRSA_hE

hexadecimal string for public exponent of RSA public key

{String} subjectPublicKeyRSA_hN

hexadecimal string for modulus of RSA public key

Method Detail

<static> {Object} X509.getExtAIAInfo(hCert)

get AuthorityInfoAccess extension value in the certificate as associative array This method will get authority info access value as associate array which has following properties:

ocsp - array of string for OCSP responder URL
caissuer - array of string for caIssuer value (i.e. CA certificates URL)

If there is no key usage extension in the certificate, it returns null;

oAIA = X509.getExtAIAInfo(hCert);
// result will be such like:
// oAIA.ocsp = ["http://ocsp.foo.com"];
// oAIA.caissuer = ["http://rep.foo.com/aaa.p8m"];

Parameters:
{String} hCert: hexadecimal string of X.509 certificate binary

Since:: x509 1.1.6

Returns:: {Object} associative array of AIA extension properties

<static> {String} X509.getExtKeyUsageBin(hCert)

get KeyUsage extension value as binary string in the certificate This method will get key usage extension value as binary string such like '101'. Key usage bits definition is in the RFC 5280. If there is no key usage extension in the certificate, it returns empty string (i.e. '').

bKeyUsage = X509.getExtKeyUsageBin(hCert);
// bKeyUsage will be such like '101'.
// 1 - digitalSignature 
// 0 - nonRepudiation
// 1 - keyEncipherment

Parameters:
{String} hCert: hexadecimal string of X.509 certificate binary

Since:: x509 1.1.6

Returns:: {String} binary string of key usage bits (ex. '101')

<static> {String} X509.getExtKeyUsageString(hCert)

get KeyUsage extension value as names in the certificate This method will get key usage extension value as comma separated string of usage names. If there is no key usage extension in the certificate, it returns empty string (i.e. '').

sKeyUsage = X509.getExtKeyUsageString(hCert);
// sKeyUsage will be such like 'digitalSignature,keyEncipherment'.

Parameters:
{String} hCert: hexadecimal string of X.509 certificate binary

Since:: x509 1.1.6

Returns:: {String} comma separated string of key usage

<static> {String} X509.getHexOfTLV_V3ExtValue(hCert, oidOrName)

get X.509 V3 extension value ASN.1 TLV for specified oid or name This method will get X.509v3 extension value of ASN.1 TLV which is specifyed by extension name or oid.

hExtValue = X509.getHexOfTLV_V3ExtValue(hCert, "keyUsage");
// hExtValue will be such like '030205a0'.

Parameters:
{String} hCert: hexadecimal string of X.509 certificate binary
{String} oidOrName: oid or name for extension (ex. 'keyUsage' or '2.5.29.15')

Since:: x509 1.1.6

Returns:: {String} hexadecimal string of extension ASN.1 TLV

<static> {String} X509.getHexOfV_V3ExtValue(hCert, oidOrName)

get X.509 V3 extension value ASN.1 V for specified oid or name This method will get X.509v3 extension value of ASN.1 value which is specifyed by extension name or oid. If there is no such extension in the certificate, it returns empty string (i.e. ''). Available extension names and oids are defined in the KJUR.asn1.x509.OID class.

hExtValue = X509.getHexOfV_V3ExtValue(hCert, "keyUsage");
// hExtValue will be such like '05a0'.

Parameters:
{String} hCert: hexadecimal string of X.509 certificate binary
{String} oidOrName: oid or name for extension (ex. 'keyUsage' or '2.5.29.15')

Since:: x509 1.1.6

Returns:: {String} hexadecimal string of extension ASN.1 TLV

getIssuerHex()

get hexadecimal string of issuer field TLV of certificate.

getIssuerString()

get string of issuer field of certificate.

getNotAfter()

get notAfter field string of certificate.

getNotBefore()

get notBefore field string of certificate.

<static> {Integer} X509.getPosOfTLV_V3ExtValue(hCert, oidOrName)

get index in the certificate hexa string for specified oid or name specified extension This method will get X.509v3 extension value of ASN.1 V(value) which is specifyed by extension name or oid. If there is no such extension in the certificate, it returns empty string (i.e. ''). Available extension names and oids are defined in the KJUR.asn1.x509.OID class.

idx = X509.getPosOfV_V3ExtValue(hCert, "keyUsage");
// The 'idx' will be index in the string for keyUsage value ASN.1 TLV.

Parameters:
{String} hCert: hexadecimal string of X.509 certificate binary
{String} oidOrName: oid or name for extension (ex. 'keyUsage' or '2.5.29.15')

Since:: x509 1.1.6

Returns:: {Integer} index in the hexadecimal string of certficate for specified extension

<static> X509.getPublicKeyFromCertPEM(sCertPEM)

get RSAKey/ECDSA public key object from PEM certificate string NOTE: DSA is also supported since x509 1.1.2.

Parameters:
{String} sCertPEM: PEM formatted RSA/ECDSA/DSA X.509 certificate

Since:: x509 1.1.1

Returns:: returns RSAKey/KJUR.crypto.{ECDSA,DSA} object of public key

<static> {Integer} X509.getPublicKeyInfoPosOfCertHEX(hCert)

get position of subjectPublicKeyInfo field from HEX certificate get position for SubjectPublicKeyInfo field in the hexadecimal string of certificate.

Parameters:
{String} hCert: hexadecimal string of certificate

Since:: x509 1.1.4

Returns:: {Integer} position in hexadecimal string

<static> {Hash} X509.getPublicKeyInfoPropOfCertPEM(sCertPEM)

get public key information from PEM certificate Resulted associative array has following properties:

algoid - hexadecimal string of OID of asymmetric key algorithm
algparam - hexadecimal string of OID of ECC curve name or null
keyhex - hexadecimal string of key in the certificate

Parameters:
{String} sCertPEM: string of PEM formatted certificate

Since:: x509 1.1.1, x509 1.1.1

Returns:: {Hash} hash of information for public key

getSerialNumberHex()

get hexadecimal string of serialNumber field of certificate.

getSubjectHex()

get hexadecimal string of subject field of certificate.

getSubjectString()

get string of subject field of certificate.

<static> {Array} X509.getV3ExtInfoListOfCertHex(hCert)

get array of X.509 V3 extension value information in hex string of certificate This method will get all extension information of a X.509 certificate. Items of resulting array has following properties:

posTLV - index of ASN.1 TLV for the extension. same as 'pos' argument.
oid - dot noted string of extension oid (ex. 2.5.29.14)
critical - critical flag value for this extension
posV - index of ASN.1 TLV for the extension value. This is a position of a content of ENCAPSULATED OCTET STRING.

hCert = X509.pemToHex(certGithubPEM);
a = X509.getV3ExtInfoListOfCertHex(hCert);
// Then a will be an array of like following:
[{posTLV: 1952, oid: "2.5.29.35", critical: false, posV: 1968},
 {posTLV: 1974, oid: "2.5.29.19", critical: true, posV: 1986}, ...]

Parameters:
{String} hCert: hexadecimal string of X.509 certificate binary

Since:: x509 1.1.5

Returns:: {Array} array of result object by X509.getV3ExtInfoListOfCertHex

<static> {Object} X509.getV3ExtItemInfo_AtObj(hCert, pos)

get X.509 V3 extension value information at the specified position This method will get some information of a X.509 V extension which is referred by an index of hexadecimal string of X.509 certificate. Resulting object has following properties:

posTLV - index of ASN.1 TLV for the extension. same as 'pos' argument.
oid - dot noted string of extension oid (ex. 2.5.29.14)
critical - critical flag value for this extension
posV - index of ASN.1 TLV for the extension value. This is a position of a content of ENCAPSULATED OCTET STRING.

This method is used by X509.getV3ExtInfoListOfCertHex internally.

Parameters:
{String} hCert: hexadecimal string of X.509 certificate binary
{Integer} pos: index of hexadecimal string for the extension

Since:: x509 1.1.5

Returns:: {Object} properties for the extension

readCertPEM(sCertPEM)

read PEM formatted X.509 certificate from string.

Parameters:
{String} sCertPEM: string for PEM formatted X.509 certificate

Classes

Class X509