Class PKCS10Generator
Class implementing a PKCS#10 certificate request
Defined in: PKCS10Generator.js.
Constructor Attributes | Constructor Name and Description |
---|---|
PKCS10Generator(crypto)
Create a PKCS#10 certificate request
|
Method Attributes | Method Name and Description |
---|---|
addBasicConstraintsExtension(cA, pathLenConstraint)
Adds the BasicConstraints extension.
|
|
Adds extended key usages
|
|
addExtension(extnID, the)
Adds an extension to the certificate
The structure is defined as: Extension ::= SEQUENCE { extnID OBJECT IDENTIFIER, extnValue OCTET STRING -- contains the DER encoding of an ASN.1 value -- corresponding to the extension type identified -- by extnID } |
|
addKeyUsageExtension(the)
Adds the key usage extension.
|
|
generateCertificationRequest(privateKey)
Generates the certificate.
|
|
Gets the attributes as TLV object
|
|
Gets the extension attribute as TLV object
|
|
Gets the subject name as TLV object
|
|
Gets the subject's public key as TLV object
|
|
Gets the part of the request that will be signed
|
|
reset()
Resets all internal state variables.
|
|
setPublicKey(publicKey)
Sets the subjects public key
The methods accepts ECC and RSA Public Keys. |
|
Sets the signature algorithm.
|
|
setSubject(subject)
Sets the subject name.
|
Class Detail
PKCS10Generator(crypto)
Create a PKCS#10 certificate request
- Parameters:
- {Crypto} crypto
- the crypto provider to use for signing operations
Method Detail
addBasicConstraintsExtension(cA, pathLenConstraint)
Adds the BasicConstraints extension.
- Parameters:
- {Boolean} cA
- the certificate belongs to a CA
- {Number} pathLenConstraint
- the maximum number of subordinate CA certificates
addExtendedKeyUsageExtension(the)
Adds extended key usages
- Parameters:
- {String[]} the
- list of extended key usage object identifier
addExtension(extnID, the)
Adds an extension to the certificate
The structure is defined as:
Extension ::= SEQUENCE { extnID OBJECT IDENTIFIER, extnValue OCTET STRING -- contains the DER encoding of an ASN.1 value -- corresponding to the extension type identified -- by extnID }
- Parameters:
- {String} extnID
- the extensions object identifier
- {ByteString} the
- extension value as ByteString
addKeyUsageExtension(the)
Adds the key usage extension.
The following flags are defined:
PKCS10Generator.digitalSignature = 0x0080; PKCS10Generator.nonRepudiation = 0x0040; PKCS10Generator.keyEncipherment = 0x0020; PKCS10Generator.dataEncipherment = 0x0010; PKCS10Generator.keyAgreement = 0x0008; PKCS10Generator.keyCertSign = 0x0004; PKCS10Generator.cRLSign = 0x0002; PKCS10Generator.encipherOnly = 0x0001; PKCS10Generator.decipherOnly = 0x8000;
- Parameters:
- {Number} the
- key usage flags as combination of the flags defined above.
{ASN1}
generateCertificationRequest(privateKey)
Generates the certificate.
- Parameters:
- privateKey
- Returns:
- the generated certificate
{ASN1}
getAttributes()
Gets the attributes as TLV object
- Returns:
- the request attributes
{ASN1}
getExtensions()
Gets the extension attribute as TLV object
- Returns:
- the certificate extensions
{ASN1}
getSubject()
Gets the subject name as TLV object
- Returns:
- the issuer RDNSequence
{ASN1}
getSubjectPublicKeyInfo()
Gets the subject's public key as TLV object
- Returns:
- the subject's public key info
{ASN1}
getTbsRequest()
Gets the part of the request that will be signed
- Returns:
- the TBSCertificate part
reset()
Resets all internal state variables.
setPublicKey(publicKey)
Sets the subjects public key
The methods accepts ECC and RSA Public Keys.
- Parameters:
- {Key} publicKey
- the subjects public key
setSignatureAlgorithm(alg)
Sets the signature algorithm. Currently only Crypto.RSA is supported
- Parameters:
- {Number} alg
- the signature algorithm, only Crypto.RSA supported
setSubject(subject)
Sets the subject name.
The subject name must be a JavaScript object containing the properties:
- C - the country
- O - the organization
- OU - the organization unit
- CN - the common name
Example:
var subject = { C:"UT", O:"ACME Corporation", CN:"Joe Doe" };
- Parameters:
- {Object} subject
- the subject name
- See:
- PKIXCommon.encodeName() The subject can also be passed an already encoded ASN.1 structure