Class X509CRL
Version
1.0.0 (2020-Aug-26).
hexadecimal X.509 CRL ASN.1 parser class
Defined in: x509crl.js.
| Constructor Attributes | Constructor Name and Description |
|---|---|
|
X509CRL(params)
hexadecimal X.509 CRL ASN.1 parser class.
|
| Field Attributes | Field Name and Description |
|---|---|
|
hexadecimal string of X.509 CRL ASN.1 data
|
|
|
index of revokedCertificates field in TBSCertList depends on CRL version and nextUpdate field
|
|
|
index of SignatureAlgorithm field in TBSCertList position depends on CRL version field
|
| Method Attributes | Method Name and Description |
|---|---|
|
get JSON object of issuer field
This method returns parsed issuer field value as JSON object. |
|
|
get JSON object of nextUpdate field
This method returns parsed nextUpdate field value as string. |
|
|
getParam()
get JSON object for CRL parameters
This method returns a JSON object of the CRL parameters. |
|
|
get revokedCertificate JSON parameter
This method returns parsed revokedCertificate parameter as JSON object. |
|
|
get array for revokedCertificates field
This method returns parsed revokedCertificates field value as array of revokedCertificate parameter. |
|
|
get signature algorithm name in basic field
This method will get a name of signature algorithm in CRL.
|
|
|
get signature value as hexadecimal string
This method will get signature value of CRL. |
|
|
get JSON object of thisUpdate field
This method returns parsed thisUpdate field value as string. |
|
|
get X.509 CRL format version
This method returns a version field value TBSCertList. |
|
|
verifySignature(pubKey)
verifies signature value by public key
This method verifies signature value of hexadecimal string of X.509 CRL by specified public key. |
Class Detail
X509CRL(params)
hexadecimal X.509 CRL ASN.1 parser class.
This class parses X.509 CRL. Following methods are provided to get field value:
BASIC FIELD
Author: Kenji Urushima.
This class parses X.509 CRL. Following methods are provided to get field value:
BASIC FIELD
- version - X509CRL#getVersion
- signatureAlgorithm - X509CRL#getSignatureAlgorithmField
- issuer - X509CRL#getIssuer
- thisUpdate - X509CRL#getThisUpdate
- nextUpdate - X509CRL#getNextUpdate
- revokedCertificates - X509CRL#getRevCertArray
- revokedCertificate - X509CRL#getRevCert
- signature - X509CRL#getSignatureValueHex
- X509CRL#getParam - get all parameters
Author: Kenji Urushima.
- Parameters:
- {String} params
- X.509 CRL PEM string or hexadecimal string
Field Detail
{String}
hex
hexadecimal string of X.509 CRL ASN.1 data
{Integer}
posRevCert
index of revokedCertificates field in TBSCertList depends on CRL version and nextUpdate field
{Integer}
posSigAlg
index of SignatureAlgorithm field in TBSCertList position depends on CRL version field
Method Detail
{Array}
getIssuer()
get JSON object of issuer field
This method returns parsed issuer field value as JSON object.
This method returns parsed issuer field value as JSON object.
crl = new X509CRL("-----BEGIN X509 CRL...");
x.getIssuer() →
{ array: [[{type:'C',value:'JP',ds:'prn'}],...] }
- Returns:
- {Array} JSON object of issuer field
{String}
getNextUpdate()
get JSON object of nextUpdate field
This method returns parsed nextUpdate field value as string. "nextUpdate" is OPTIONAL field so when nextUpdate field doesn't exists, this returns null.
This method returns parsed nextUpdate field value as string. "nextUpdate" is OPTIONAL field so when nextUpdate field doesn't exists, this returns null.
crl = new X509CRL("-----BEGIN X509 CRL...");
crl.getNextUpdate() → "200825235959Z"
- Returns:
- {String} string of nextUpdate field or null
{Array}
getParam()
get JSON object for CRL parameters
This method returns a JSON object of the CRL parameters. Return value can be passed to KJUR.asn1.x509.CRL constructor.
This method returns a JSON object of the CRL parameters. Return value can be passed to KJUR.asn1.x509.CRL constructor.
crl = new X509CRL("-----BEGIN X509 CRL...");
crl.getParam() →
{version: 2,
sigalg: "SHA256withRSA",
issuer: {array:
[[{type:"C",value:"JP",ds:"prn"}],[{type:"O",value:"T1",ds:"prn"}]]},
thisupdate: "200820212434Z",
nextupdate: "200910212434Z",
revcert: [
{sn:{hex:"123d..."},
date:"061110000000Z",
ext:[{extname:"cRLReason",code:4}]}],
ext: [
{extname:"authorityKeyIdentifier",kid:{hex: "03de..."}},
{extname:"cRLNumber",num:{hex:"0211"}}],
sighex: "3c5e..."}
- Returns:
- {Array} JSON object for CRL parameters
- See:
- KJUR.asn1.x509.CRL
{Array}
getRevCert()
get revokedCertificate JSON parameter
This method returns parsed revokedCertificate parameter as JSON object.
This method returns parsed revokedCertificate parameter as JSON object.
crl = new X509CRL();
crl.getRevCertArray("30...") →
{sn:"123a", date:"208025235959Z", ext: [{extname:"cRLReason",code:3}]}
- Returns:
- {Array} JSON object for revokedCertificate parameter
{Array}
getRevCertArray()
get array for revokedCertificates field
This method returns parsed revokedCertificates field value as array of revokedCertificate parameter. If the field doesn't exists, it returns null.
This method returns parsed revokedCertificates field value as array of revokedCertificate parameter. If the field doesn't exists, it returns null.
crl = new X509CRL("-----BEGIN X509 CRL...");
crl.getRevCertArray() →
[{sn:"123a", date:"208025235959Z", ext: [{extname:"cRLReason",code:3}]},
{sn:"123b", date:"208026235959Z", ext: [{extname:"cRLReason",code:0}]}]
- Returns:
- {Array} array of revokedCertificate parameter or null
- See:
- X509CRL#getRevCert
{String}
getSignatureAlgorithmField()
get signature algorithm name in basic field
This method will get a name of signature algorithm in CRL.
crl = new X509CRL("-----BEGIN X509 CRL...");
crl.getSignatureAlgorithmField() → "SHA256withRSAandMGF1"
- Returns:
- {String} signature algorithm name (ex. SHA1withRSA, SHA256withECDSA, SHA512withRSAandMGF1)
- See:
- X509#getSignatureAlgorithmField
- KJUR.asn1.x509.AlgirithmIdentifier
{String}
getSignatureValueHex()
get signature value as hexadecimal string
This method will get signature value of CRL.
This method will get signature value of CRL.
crl = new X509CRL("-----BEGIN X509 CRL...");
crl.getSignatureValueHex() &rarr "8a4c47913..."
- Returns:
- {String} signature value hexadecimal string without BitString unused bits
{String}
getThisUpdate()
get JSON object of thisUpdate field
This method returns parsed thisUpdate field value as string.
This method returns parsed thisUpdate field value as string.
crl = new X509CRL("-----BEGIN X509 CRL...");
x.getThisUpdate() → "200825235959Z"
- Returns:
- {String} string of thisUpdate field (ex. "YYMMDDHHmmSSZ")
{Number}
getVersion()
get X.509 CRL format version
This method returns a version field value TBSCertList. This returns null if there is no such field.
This method returns a version field value TBSCertList. This returns null if there is no such field.
crl = new X509CRL("-----BEGIN X509 CRL...");
crl.getVersion() → 2
- Returns:
- {Number} version field value (generally 2) or null
{Boolean}
verifySignature(pubKey)
verifies signature value by public key
This method verifies signature value of hexadecimal string of X.509 CRL by specified public key. The signature algorithm used to verify will refer signatureAlgorithm field. (See X509CRL#getSignatureAlgorithmField)
This method verifies signature value of hexadecimal string of X.509 CRL by specified public key. The signature algorithm used to verify will refer signatureAlgorithm field. (See X509CRL#getSignatureAlgorithmField)
crl = new X509CRL("-----BEGIN X509 CRL...");
x.verifySignature(pubKey) → true, false or raising exception
- Parameters:
- {Object} pubKey
- public key object, pubkey PEM or PEM issuer cert
- Returns:
- {Boolean} true if signature value is valid otherwise false