pkijs
Version:
Public Key Infrastructure (PKI) is the basis of how identity and key management is performed on the web today. PKIjs is a pure JavaScript library implementing the formats that are used in PKI applications. It is built on WebCrypto and aspires to make it p
1,075 lines (1,030 loc) • 84 kB
JavaScript
/*
* Copyright (c) 2014, GMO GlobalSign
* All rights reserved.
*
* Author 2014, Yury Strozhevsky <www.strozhevsky.com>.
*
* Redistribution and use in source and binary forms, with or without modification,
* are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
*
* 3. Neither the name of the copyright holder nor the names of its contributors
* may be used to endorse or promote products derived from this software without
* specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
* OF SUCH DAMAGE.
*
*/
(
function(in_window)
{
//**************************************************************************************
// #region Declaration of global variables
//**************************************************************************************
// #region "org" namespace
if(typeof in_window.org === "undefined")
in_window.org = {};
else
{
if(typeof in_window.org !== "object")
throw new Error("Name org already exists and it's not an object");
}
// #endregion
// #region "org.pkijs" namespace
if(typeof in_window.org.pkijs === "undefined")
in_window.org.pkijs = {};
else
{
if(typeof in_window.org.pkijs !== "object")
throw new Error("Name org.pkijs already exists and it's not an object" + " but " + (typeof in_window.org.pkijs));
}
// #endregion
// #region "org.pkijs.schema" namespace
if(typeof in_window.org.pkijs.schema === "undefined")
in_window.org.pkijs.schema = {};
else
{
if(typeof in_window.org.pkijs.schema !== "object")
throw new Error("Name org.pkijs.schema already exists and it's not an object" + " but " + (typeof in_window.org.pkijs.schema));
}
// #endregion
// #region "org.pkijs.schema.x509" namespace
if(typeof in_window.org.pkijs.schema.x509 === "undefined")
in_window.org.pkijs.schema.x509 = {};
else
{
if(typeof in_window.org.pkijs.schema.x509 !== "object")
throw new Error("Name org.pkijs.schema.x509 already exists and it's not an object" + " but " + (typeof in_window.org.pkijs.schema.x509));
}
// #endregion
// #region "local" namespace
var local = {};
// #endregion
//**************************************************************************************
// #endregion
//**************************************************************************************
// #region ASN.1 schema definition for "Time" type
//**************************************************************************************
in_window.org.pkijs.schema.TIME =
function(input_names, input_optional)
{
var names = in_window.org.pkijs.getNames(arguments[0]);
var optional = (input_optional || false);
return (new in_window.org.pkijs.asn1.CHOICE({
optional: optional,
value: [
new in_window.org.pkijs.asn1.UTCTIME({ name: (names.utcTimeName || "") }),
new in_window.org.pkijs.asn1.GENERALIZEDTIME({ name: (names.generalTimeName || "") })
]
}));
}
//**************************************************************************************
// #endregion
//**************************************************************************************
// #region ASN.1 schema definition for X.509 v3 certificate (RFC5280)
//**************************************************************************************
local.tbsCertificate =
function()
{
//TBSCertificate ::= SEQUENCE {
// version [0] EXPLICIT Version DEFAULT v1,
// serialNumber CertificateSerialNumber,
// signature AlgorithmIdentifier,
// issuer Name,
// validity Validity,
// subject Name,
// subjectPublicKeyInfo SubjectPublicKeyInfo,
// issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
// -- If present, version MUST be v2 or v3
// subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,
// -- If present, version MUST be v2 or v3
// extensions [3] EXPLICIT Extensions OPTIONAL
// -- If present, version MUST be v3
//}
var names = in_window.org.pkijs.getNames(arguments[0]);
return (new in_window.org.pkijs.asn1.SEQUENCE({
name: (names.block_name || "tbsCertificate"),
value: [
new in_window.org.pkijs.asn1.ASN1_CONSTRUCTED({
optional: true,
id_block: {
tag_class: 3, // CONTEXT-SPECIFIC
tag_number: 0 // [0]
},
value: [
new in_window.org.pkijs.asn1.INTEGER({ name: (names.tbsCertificate_version || "tbsCertificate.version") }) // EXPLICIT integer value
]
}),
new in_window.org.pkijs.asn1.INTEGER({ name: (names.tbsCertificate_serialNumber || "tbsCertificate.serialNumber") }),
in_window.org.pkijs.schema.ALGORITHM_IDENTIFIER(names.signature || {
names: {
block_name: "tbsCertificate.signature"
}
}),
in_window.org.pkijs.schema.RDN(names.issuer || {
names: {
block_name: "tbsCertificate.issuer"
}
}),
new in_window.org.pkijs.asn1.SEQUENCE({
name: (names.tbsCertificate_validity || "tbsCertificate.validity"),
value: [
in_window.org.pkijs.schema.TIME(names.not_before || {
names: {
utcTimeName: "tbsCertificate.notBefore",
generalTimeName: "tbsCertificate.notBefore"
}
}),
in_window.org.pkijs.schema.TIME(names.not_after || {
names: {
utcTimeName: "tbsCertificate.notAfter",
generalTimeName: "tbsCertificate.notAfter"
}
})
]
}),
in_window.org.pkijs.schema.RDN(names.subject || {
names: {
block_name: "tbsCertificate.subject"
}
}),
in_window.org.pkijs.schema.PUBLIC_KEY_INFO(names.subjectPublicKeyInfo || {
names: {
block_name: "tbsCertificate.subjectPublicKeyInfo"
}
}),
new in_window.org.pkijs.asn1.ASN1_PRIMITIVE({
name: (names.tbsCertificate_issuerUniqueID ||"tbsCertificate.issuerUniqueID"),
optional: true,
id_block: {
tag_class: 3, // CONTEXT-SPECIFIC
tag_number: 1 // [1]
},
}), // IMPLICIT bistring value
new in_window.org.pkijs.asn1.ASN1_PRIMITIVE({
name: (names.tbsCertificate_subjectUniqueID ||"tbsCertificate.subjectUniqueID"),
optional: true,
id_block: {
tag_class: 3, // CONTEXT-SPECIFIC
tag_number: 2 // [2]
},
}), // IMPLICIT bistring value
new in_window.org.pkijs.asn1.ASN1_CONSTRUCTED({
optional: true,
id_block: {
tag_class: 3, // CONTEXT-SPECIFIC
tag_number: 3 // [3]
},
value: [in_window.org.pkijs.schema.EXTENSIONS(names.extensions || {
names: {
block_name: "tbsCertificate.extensions"
}
})]
}) // EXPLICIT SEQUENCE value
]
}));
}
//**************************************************************************************
in_window.org.pkijs.schema.CERT =
function()
{
//Certificate ::= SEQUENCE {
// tbsCertificate TBSCertificate,
// signatureAlgorithm AlgorithmIdentifier,
// signatureValue BIT STRING }
var names = in_window.org.pkijs.getNames(arguments[0]);
return (new in_window.org.pkijs.asn1.SEQUENCE({
name: (names.block_name || ""),
value: [
local.tbsCertificate(names.tbsCertificate),
in_window.org.pkijs.schema.ALGORITHM_IDENTIFIER(names.signatureAlgorithm || {
names: {
block_name: "signatureAlgorithm"
}
}),
new in_window.org.pkijs.asn1.BITSTRING({ name: (names.signatureValue || "signatureValue") })
]
}));
}
//**************************************************************************************
// #endregion
//**************************************************************************************
// #region ASN.1 schema definition for X.509 CRL (Certificate Revocation List)(RFC5280)
//**************************************************************************************
local.tbsCertList =
function()
{
//TBSCertList ::= SEQUENCE {
// version Version OPTIONAL,
// -- if present, MUST be v2
// signature AlgorithmIdentifier,
// issuer Name,
// thisUpdate Time,
// nextUpdate Time OPTIONAL,
// revokedCertificates SEQUENCE OF SEQUENCE {
// userCertificate CertificateSerialNumber,
// revocationDate Time,
// crlEntryExtensions Extensions OPTIONAL
// -- if present, version MUST be v2
// } OPTIONAL,
// crlExtensions [0] EXPLICIT Extensions OPTIONAL
// -- if present, version MUST be v2
//}
var names = in_window.org.pkijs.getNames(arguments[0]);
return (new in_window.org.pkijs.asn1.SEQUENCE({
name: (names.block_name || "tbsCertList"),
value: [
new in_window.org.pkijs.asn1.INTEGER({
optional: true,
name: (names.tbsCertList_version || "tbsCertList.version"),
value: 2
}), // EXPLICIT integer value (v2)
in_window.org.pkijs.schema.ALGORITHM_IDENTIFIER(names.signature || {
names: {
block_name: "tbsCertList.signature"
}
}),
in_window.org.pkijs.schema.RDN(names.issuer || {
names: {
block_name: "tbsCertList.issuer"
}
}),
in_window.org.pkijs.schema.TIME(names.tbsCertList_thisUpdate || {
names: {
utcTimeName: "tbsCertList.thisUpdate",
generalTimeName: "tbsCertList.thisUpdate"
}
}),
in_window.org.pkijs.schema.TIME(names.tbsCertList_thisUpdate || {
names: {
utcTimeName: "tbsCertList.nextUpdate",
generalTimeName: "tbsCertList.nextUpdate"
}
}, true),
new in_window.org.pkijs.asn1.SEQUENCE({
optional: true,
value: [
new in_window.org.pkijs.asn1.REPEATED({
name: (names.tbsCertList_revokedCertificates || "tbsCertList.revokedCertificates"),
value: new in_window.org.pkijs.asn1.SEQUENCE({
value: [
new in_window.org.pkijs.asn1.INTEGER(),
in_window.org.pkijs.schema.TIME(),
in_window.org.pkijs.schema.EXTENSIONS({}, true),
]
})
})
]
}),
new in_window.org.pkijs.asn1.ASN1_CONSTRUCTED({
optional: true,
id_block: {
tag_class: 3, // CONTEXT-SPECIFIC
tag_number: 0 // [0]
},
value: [in_window.org.pkijs.schema.EXTENSIONS(names.crlExtensions || {
names: {
block_name: "tbsCertList.extensions"
}
})]
}) // EXPLICIT SEQUENCE value
]
}));
}
//**************************************************************************************
in_window.org.pkijs.schema.CRL =
function()
{
//CertificateList ::= SEQUENCE {
// tbsCertList TBSCertList,
// signatureAlgorithm AlgorithmIdentifier,
// signatureValue BIT STRING }
var names = in_window.org.pkijs.getNames(arguments[0]);
return (new in_window.org.pkijs.asn1.SEQUENCE({
name: (names.block_name || "CertificateList"),
value: [
local.tbsCertList(arguments[0]),
in_window.org.pkijs.schema.ALGORITHM_IDENTIFIER(names.signatureAlgorithm || {
names: {
block_name: "signatureAlgorithm"
}
}),
new in_window.org.pkijs.asn1.BITSTRING({ name: (names.signatureValue || "signatureValue") })
]
}));
}
//**************************************************************************************
// #endregion
//**************************************************************************************
// #region ASN.1 schema definition for PKCS#10 certificate request
//**************************************************************************************
local.CertificationRequestInfo =
function()
{
//CertificationRequestInfo ::= SEQUENCE {
// version INTEGER { v1(0) } (v1,...),
// subject Name,
// subjectPKInfo SubjectPublicKeyInfo{{ PKInfoAlgorithms }},
// attributes [0] Attributes{{ CRIAttributes }}
//}
var names = in_window.org.pkijs.getNames(arguments[0]);
return (new in_window.org.pkijs.asn1.SEQUENCE({
name: (names.CertificationRequestInfo || "CertificationRequestInfo"),
value: [
new in_window.org.pkijs.asn1.INTEGER({ name: (names.CertificationRequestInfo_version || "CertificationRequestInfo.version") }),
new in_window.org.pkijs.schema.RDN(names.subject || {
names: {
block_name: "CertificationRequestInfo.subject"
}
}),
new in_window.org.pkijs.schema.PUBLIC_KEY_INFO({
names: {
block_name: "CertificationRequestInfo.subjectPublicKeyInfo"
}
}),
new in_window.org.pkijs.asn1.ASN1_CONSTRUCTED({
optional: true,
id_block: {
tag_class: 3, // CONTEXT-SPECIFIC
tag_number: 0 // [0]
},
value: [
new in_window.org.pkijs.asn1.REPEATED({
optional: true, // Because OpenSSL makes wrong "attributes" field
name: (names.CertificationRequestInfo_attributes || "CertificationRequestInfo.attributes"),
value: in_window.org.pkijs.schema.ATTRIBUTE(names.attributes || {})
})
]
})
]
}));
}
//**************************************************************************************
in_window.org.pkijs.schema.PKCS10 =
function()
{
//CertificationRequest ::= SEQUENCE {
// certificationRequestInfo CertificationRequestInfo,
// signatureAlgorithm AlgorithmIdentifier{{ SignatureAlgorithms }},
// signature BIT STRING
//}
var names = in_window.org.pkijs.getNames(arguments[0]);
return (new in_window.org.pkijs.asn1.SEQUENCE({
value: [
local.CertificationRequestInfo(names.certificationRequestInfo || {}),
new in_window.org.pkijs.asn1.SEQUENCE({
name: (names.signatureAlgorithm || "signatureAlgorithm"),
value: [
new in_window.org.pkijs.asn1.OID(),
new in_window.org.pkijs.asn1.ANY({ optional: true })
]
}),
new in_window.org.pkijs.asn1.BITSTRING({ name: (names.signatureValue || "signatureValue") })
]
}));
}
//**************************************************************************************
// #endregion
//**************************************************************************************
// #region ASN.1 schema definition for PKCS#8 private key bag
//**************************************************************************************
in_window.org.pkijs.schema.PKCS8 =
function()
{
//PrivateKeyInfo ::= SEQUENCE {
// version Version,
// privateKeyAlgorithm AlgorithmIdentifier {{PrivateKeyAlgorithms}},
// privateKey PrivateKey,
// attributes [0] Attributes OPTIONAL }
//
//Version ::= INTEGER {v1(0)} (v1,...)
//
//PrivateKey ::= OCTET STRING
//
//Attributes ::= SET OF Attribute
var names = in_window.org.pkijs.getNames(arguments[0]);
return (new in_window.org.pkijs.asn1.SEQUENCE({
value: [
new in_window.org.pkijs.asn1.INTEGER({ name: (names.version || "") }),
in_window.org.pkijs.schema.ALGORITHM_IDENTIFIER(names.privateKeyAlgorithm || ""),
new in_window.org.pkijs.asn1.OCTETSTRING({ name: (names.privateKey || "") }),
new in_window.org.pkijs.asn1.ASN1_CONSTRUCTED({
optional: true,
id_block: {
tag_class: 3, // CONTEXT-SPECIFIC
tag_number: 0 // [0]
},
value: [
new in_window.org.pkijs.asn1.REPEATED({
name: (names.attributes || ""),
value: in_window.org.pkijs.schema.ATTRIBUTE()
})
]
})
]
}));
}
//**************************************************************************************
// #endregion
//**************************************************************************************
// #region ASN.1 schema definition for "GeneralName" type
//**************************************************************************************
local.BuiltInStandardAttributes =
function(optional_flag)
{
//BuiltInStandardAttributes ::= SEQUENCE {
// country-name CountryName OPTIONAL,
// administration-domain-name AdministrationDomainName OPTIONAL,
// network-address [0] IMPLICIT NetworkAddress OPTIONAL,
// terminal-identifier [1] IMPLICIT TerminalIdentifier OPTIONAL,
// private-domain-name [2] PrivateDomainName OPTIONAL,
// organization-name [3] IMPLICIT OrganizationName OPTIONAL,
// numeric-user-identifier [4] IMPLICIT NumericUserIdentifier OPTIONAL,
// personal-name [5] IMPLICIT PersonalName OPTIONAL,
// organizational-unit-names [6] IMPLICIT OrganizationalUnitNames OPTIONAL }
if(typeof optional_flag === "undefined")
otional_flag = false;
var names = in_window.org.pkijs.getNames(arguments[0]);
return (new in_window.org.pkijs.asn1.SEQUENCE({
optional: optional_flag,
value: [
new in_window.org.pkijs.asn1.ASN1_CONSTRUCTED({
optional: true,
id_block: {
tag_class: 2, // APPLICATION-SPECIFIC
tag_number: 1 // [1]
},
name: (names.country_name || ""),
value: [
new in_window.org.pkijs.asn1.CHOICE({
value: [
new in_window.org.pkijs.asn1.NUMERICSTRING(),
new in_window.org.pkijs.asn1.PRINTABLESTRING()
]
})
]
}),
new in_window.org.pkijs.asn1.ASN1_CONSTRUCTED({
optional: true,
id_block: {
tag_class: 2, // APPLICATION-SPECIFIC
tag_number: 2 // [2]
},
name: (names.administration_domain_name || ""),
value: [
new in_window.org.pkijs.asn1.CHOICE({
value: [
new in_window.org.pkijs.asn1.NUMERICSTRING(),
new in_window.org.pkijs.asn1.PRINTABLESTRING()
]
})
]
}),
new in_window.org.pkijs.asn1.ASN1_PRIMITIVE({
optional: true,
id_block: {
tag_class: 3, // CONTEXT-SPECIFIC
tag_number: 0 // [0]
},
name: (names.network_address || ""),
is_hex_only: true
}),
new in_window.org.pkijs.asn1.ASN1_PRIMITIVE({
optional: true,
id_block: {
tag_class: 3, // CONTEXT-SPECIFIC
tag_number: 1 // [1]
},
name: (names.terminal_identifier || ""),
is_hex_only: true
}),
new in_window.org.pkijs.asn1.ASN1_CONSTRUCTED({
optional: true,
id_block: {
tag_class: 3, // CONTEXT-SPECIFIC
tag_number: 2 // [2]
},
name: (names.private_domain_name || ""),
value: [
new in_window.org.pkijs.asn1.CHOICE({
value: [
new in_window.org.pkijs.asn1.NUMERICSTRING(),
new in_window.org.pkijs.asn1.PRINTABLESTRING()
]
})
]
}),
new in_window.org.pkijs.asn1.ASN1_PRIMITIVE({
optional: true,
id_block: {
tag_class: 3, // CONTEXT-SPECIFIC
tag_number: 3 // [3]
},
name: (names.organization_name || ""),
is_hex_only: true
}),
new in_window.org.pkijs.asn1.ASN1_PRIMITIVE({
optional: true,
name: (names.numeric_user_identifier || ""),
id_block: {
tag_class: 3, // CONTEXT-SPECIFIC
tag_number: 4 // [4]
},
is_hex_only: true
}),
new in_window.org.pkijs.asn1.ASN1_CONSTRUCTED({
optional: true,
name: (names.personal_name || ""),
id_block: {
tag_class: 3, // CONTEXT-SPECIFIC
tag_number: 5 // [5]
},
value: [
new in_window.org.pkijs.asn1.ASN1_PRIMITIVE({
id_block: {
tag_class: 3, // CONTEXT-SPECIFIC
tag_number: 0 // [0]
},
is_hex_only: true
}),
new in_window.org.pkijs.asn1.ASN1_PRIMITIVE({
optional: true,
id_block: {
tag_class: 3, // CONTEXT-SPECIFIC
tag_number: 1 // [1]
},
is_hex_only: true
}),
new in_window.org.pkijs.asn1.ASN1_PRIMITIVE({
optional: true,
id_block: {
tag_class: 3, // CONTEXT-SPECIFIC
tag_number: 2 // [2]
},
is_hex_only: true
}),
new in_window.org.pkijs.asn1.ASN1_PRIMITIVE({
optional: true,
id_block: {
tag_class: 3, // CONTEXT-SPECIFIC
tag_number: 3 // [3]
},
is_hex_only: true
})
]
}),
new in_window.org.pkijs.asn1.ASN1_CONSTRUCTED({
optional: true,
name: (names.organizational_unit_names || ""),
id_block: {
tag_class: 3, // CONTEXT-SPECIFIC
tag_number: 6 // [6]
},
value: [
new in_window.org.pkijs.asn1.REPEATED({
value: new in_window.org.pkijs.asn1.PRINTABLESTRING()
})
]
}),
]
}));
}
//**************************************************************************************
local.BuiltInDomainDefinedAttributes =
function(optional_flag)
{
if(typeof optional_flag === "undefined")
otional_flag = false;
return (new in_window.org.pkijs.asn1.SEQUENCE({
optional: optional_flag,
value: [
new in_window.org.pkijs.asn1.PRINTABLESTRING(),
new in_window.org.pkijs.asn1.PRINTABLESTRING(),
]
}));
}
//**************************************************************************************
local.ExtensionAttributes =
function(optional_flag)
{
if(typeof optional_flag === "undefined")
otional_flag = false;
return (new in_window.org.pkijs.asn1.SET({
optional: optional_flag,
value: [
new in_window.org.pkijs.asn1.ASN1_PRIMITIVE({
optional: true,
id_block: {
tag_class: 3, // CONTEXT-SPECIFIC
tag_number: 0 // [0]
},
is_hex_only: true
}),
new in_window.org.pkijs.asn1.ASN1_CONSTRUCTED({
optional: true,
id_block: {
tag_class: 3, // CONTEXT-SPECIFIC
tag_number: 1 // [1]
},
value: [new in_window.org.pkijs.asn1.ANY()]
}),
]
}));
}
//**************************************************************************************
in_window.org.pkijs.schema.GENERAL_NAME =
function()
{
/// <remarks>By passing "names" array as an argument you can name each element of "GENERAL NAME" choice</remarks>
//GeneralName ::= CHOICE {
// otherName [0] OtherName,
// rfc822Name [1] IA5String,
// dNSName [2] IA5String,
// x400Address [3] ORAddress,
// directoryName [4] Name,
// ediPartyName [5] EDIPartyName,
// uniformResourceIdentifier [6] IA5String,
// iPAddress [7] OCTET STRING,
// registeredID [8] OBJECT IDENTIFIER }
var names = in_window.org.pkijs.getNames(arguments[0]);
return (new in_window.org.pkijs.asn1.CHOICE({
value: [
new in_window.org.pkijs.asn1.ASN1_CONSTRUCTED({
id_block: {
tag_class: 3, // CONTEXT-SPECIFIC
tag_number: 0 // [0]
},
name: (names.block_name || ""),
value: [
new in_window.org.pkijs.asn1.OID(),
new in_window.org.pkijs.asn1.ASN1_CONSTRUCTED({
id_block: {
tag_class: 3, // CONTEXT-SPECIFIC
tag_number: 0 // [0]
},
value: [new in_window.org.pkijs.asn1.ANY()]
})
]
}),
new in_window.org.pkijs.asn1.ASN1_PRIMITIVE({
name: (names.block_name || ""),
id_block: {
tag_class: 3, // CONTEXT-SPECIFIC
tag_number: 1 // [1]
},
}),
new in_window.org.pkijs.asn1.ASN1_PRIMITIVE({
name: (names.block_name || ""),
id_block: {
tag_class: 3, // CONTEXT-SPECIFIC
tag_number: 2 // [2]
},
}),
new in_window.org.pkijs.asn1.ASN1_CONSTRUCTED({
id_block: {
tag_class: 3, // CONTEXT-SPECIFIC
tag_number: 3 // [3]
},
name: (names.block_name || ""),
value: [
local.BuiltInStandardAttributes(false),
local.BuiltInDomainDefinedAttributes(true),
local.ExtensionAttributes(true),
]
}),
new in_window.org.pkijs.asn1.ASN1_CONSTRUCTED({
id_block: {
tag_class: 3, // CONTEXT-SPECIFIC
tag_number: 4 // [4]
},
name: (names.block_name || ""),
value: [in_window.org.pkijs.schema.RDN(names.directoryName || {})]
}),
new in_window.org.pkijs.asn1.ASN1_CONSTRUCTED({
id_block: {
tag_class: 3, // CONTEXT-SPECIFIC
tag_number: 5 // [5]
},
name: (names.block_name || ""),
value: [
new in_window.org.pkijs.asn1.ASN1_CONSTRUCTED({
optional: true,
id_block: {
tag_class: 3, // CONTEXT-SPECIFIC
tag_number: 0 // [0]
},
value: [
new in_window.org.pkijs.asn1.CHOICE({
value: [
new in_window.org.pkijs.asn1.TELETEXSTRING(),
new in_window.org.pkijs.asn1.PRINTABLESTRING(),
new in_window.org.pkijs.asn1.UNIVERSALSTRING(),
new in_window.org.pkijs.asn1.UTF8STRING(),
new in_window.org.pkijs.asn1.BMPSTRING()
]
})
]
}),
new in_window.org.pkijs.asn1.ASN1_CONSTRUCTED({
id_block: {
tag_class: 3, // CONTEXT-SPECIFIC
tag_number: 1 // [1]
},
value: [
new in_window.org.pkijs.asn1.CHOICE({
value: [
new in_window.org.pkijs.asn1.TELETEXSTRING(),
new in_window.org.pkijs.asn1.PRINTABLESTRING(),
new in_window.org.pkijs.asn1.UNIVERSALSTRING(),
new in_window.org.pkijs.asn1.UTF8STRING(),
new in_window.org.pkijs.asn1.BMPSTRING()
]
})
]
}),
]
}),
new in_window.org.pkijs.asn1.ASN1_PRIMITIVE({
name: (names.block_name || ""),
id_block: {
tag_class: 3, // CONTEXT-SPECIFIC
tag_number: 6 // [6]
},
}),
new in_window.org.pkijs.asn1.ASN1_PRIMITIVE({
name: (names.block_name || ""),
id_block: {
tag_class: 3, // CONTEXT-SPECIFIC
tag_number: 7 // [7]
},
}),
new in_window.org.pkijs.asn1.ASN1_PRIMITIVE({
name: (names.block_name || ""),
id_block: {
tag_class: 3, // CONTEXT-SPECIFIC
tag_number: 8 // [8]
},
}),
]
}));
}
//**************************************************************************************
// #endregion
//**************************************************************************************
// #region ASN.1 schema definition for "AlgorithmIdentifier" type
//**************************************************************************************
in_window.org.pkijs.schema.ALGORITHM_IDENTIFIER =
function()
{
//AlgorithmIdentifier ::= SEQUENCE {
// algorithm OBJECT IDENTIFIER,
// parameters ANY DEFINED BY algorithm OPTIONAL }
var names = in_window.org.pkijs.getNames(arguments[0]);
return (new in_window.org.pkijs.asn1.SEQUENCE({
name: (names.block_name || ""),
value: [
new in_window.org.pkijs.asn1.OID({ name: (names.algorithmIdentifier || "") }),
new in_window.org.pkijs.asn1.ANY({ name: (names.algorithmParams || ""), optional: true })
]
}));
}
//**************************************************************************************
// #endregion
//**************************************************************************************
// #region ASN.1 schema definition for "RSAPublicKey" type (RFC3447)
//**************************************************************************************
in_window.org.pkijs.schema.x509.RSAPublicKey =
function()
{
//RSAPublicKey ::= SEQUENCE {
// modulus INTEGER, -- n
// publicExponent INTEGER -- e
//}
var names = in_window.org.pkijs.getNames(arguments[0]);
return (new in_window.org.pkijs.asn1.SEQUENCE({
name: (names.block_name || ""),
value: [
new in_window.org.pkijs.asn1.INTEGER({ name: (names.modulus || "") }),
new in_window.org.pkijs.asn1.INTEGER({ name: (names.publicExponent || "") })
]
}));
}
//**************************************************************************************
// #endregion
//**************************************************************************************
// #region ASN.1 schema definition for "OtherPrimeInfo" type (RFC3447)
//**************************************************************************************
in_window.org.pkijs.schema.x509.OtherPrimeInfo =
function()
{
//OtherPrimeInfo ::= SEQUENCE {
// prime INTEGER, -- ri
// exponent INTEGER, -- di
// coefficient INTEGER -- ti
//}
var names = in_window.org.pkijs.getNames(arguments[0]);
return (new in_window.org.pkijs.asn1.SEQUENCE({
name: (names.block_name || ""),
value: [
new in_window.org.pkijs.asn1.INTEGER({ name: (names.prime || "") }),
new in_window.org.pkijs.asn1.INTEGER({ name: (names.exponent || "") }),
new in_window.org.pkijs.asn1.INTEGER({ name: (names.coefficient || "") })
]
}));
}
//**************************************************************************************
// #endregion
//**************************************************************************************
// #region ASN.1 schema definition for "RSAPrivateKey" type (RFC3447)
//**************************************************************************************
in_window.org.pkijs.schema.x509.RSAPrivateKey =
function()
{
//RSAPrivateKey ::= SEQUENCE {
// version Version,
// modulus INTEGER, -- n
// publicExponent INTEGER, -- e
// privateExponent INTEGER, -- d
// prime1 INTEGER, -- p
// prime2 INTEGER, -- q
// exponent1 INTEGER, -- d mod (p-1)
// exponent2 INTEGER, -- d mod (q-1)
// coefficient INTEGER, -- (inverse of q) mod p
// otherPrimeInfos OtherPrimeInfos OPTIONAL
//}
//
//OtherPrimeInfos ::= SEQUENCE SIZE(1..MAX) OF OtherPrimeInfo
var names = in_window.org.pkijs.getNames(arguments[0]);
return (new in_window.org.pkijs.asn1.SEQUENCE({
name: (names.block_name || ""),
value: [
new in_window.org.pkijs.asn1.INTEGER({ name: (names.version || "") }),
new in_window.org.pkijs.asn1.INTEGER({ name: (names.modulus || "") }),
new in_window.org.pkijs.asn1.INTEGER({ name: (names.publicExponent || "") }),
new in_window.org.pkijs.asn1.INTEGER({ name: (names.privateExponent || "") }),
new in_window.org.pkijs.asn1.INTEGER({ name: (names.prime1 || "") }),
new in_window.org.pkijs.asn1.INTEGER({ name: (names.prime2 || "") }),
new in_window.org.pkijs.asn1.INTEGER({ name: (names.exponent1 || "") }),
new in_window.org.pkijs.asn1.INTEGER({ name: (names.exponent2 || "") }),
new in_window.org.pkijs.asn1.INTEGER({ name: (names.coefficient || "") }),
new in_window.org.pkijs.asn1.SEQUENCE({
optional: true,
value: [
new in_window.org.pkijs.asn1.REPEATED({
name: (names.otherPrimeInfos || ""),
value: in_window.org.pkijs.schema.x509.OtherPrimeInfo(names.otherPrimeInfo || {})
})
]
})
]
}));
}
//**************************************************************************************
// #endregion
//**************************************************************************************
// #region ASN.1 schema definition for "SubjectPublicKeyInfo" type
//**************************************************************************************
in_window.org.pkijs.schema.PUBLIC_KEY_INFO =
function()
{
//SubjectPublicKeyInfo ::= SEQUENCE {
// algorithm AlgorithmIdentifier,
// subjectPublicKey BIT STRING }
var names = in_window.org.pkijs.getNames(arguments[0]);
return (new in_window.org.pkijs.asn1.SEQUENCE({
name: (names.block_name || ""),
value: [
in_window.org.pkijs.schema.ALGORITHM_IDENTIFIER(names.algorithm || {}),
new in_window.org.pkijs.asn1.BITSTRING({ name: (names.subjectPublicKey || "") })
]
}));
}
//**************************************************************************************
// #endregion
//**************************************************************************************
// #region ASN.1 schema definition for "Attribute" type
//**************************************************************************************
in_window.org.pkijs.schema.ATTRIBUTE =
function()
{
// Attribute { ATTRIBUTE:IOSet } ::= SEQUENCE {
// type ATTRIBUTE.&id({IOSet}),
// values SET SIZE(1..MAX) OF ATTRIBUTE.&Type({IOSet}{@type})
//}
var names = in_window.org.pkijs.getNames(arguments[0]);
return (new in_window.org.pkijs.asn1.SEQUENCE({
name: (names.block_name || ""),
value: [
new in_window.org.pkijs.asn1.OID({ name: (names.type || "") }),
new in_window.org.pkijs.asn1.SET({
name: (names.set_name || ""),
value: [
new in_window.org.pkijs.asn1.REPEATED({
name: (names.values || ""),
value: new in_window.org.pkijs.asn1.ANY()
})
]
})
]
}));
}
//**************************************************************************************
// #endregion
//**************************************************************************************
// #region ASN.1 schema definition for "AttributeTypeAndValue" type
//**************************************************************************************
in_window.org.pkijs.schema.ATTR_TYPE_AND_VALUE =
function()
{
//AttributeTypeAndValue ::= SEQUENCE {
// type AttributeType,
// value AttributeValue }
//
//AttributeType ::= OBJECT IDENTIFIER
//
//AttributeValue ::= ANY -- DEFINED BY AttributeType
var names = in_window.org.pkijs.getNames(arguments[0]);
return (new in_window.org.pkijs.asn1.SEQUENCE({
name: (names.block_name || ""),
value: [
new in_window.org.pkijs.asn1.OID({ name: (names.type || "") }),
new in_window.org.pkijs.asn1.ANY({ name: (names.value || "") })
]
}));
}
//**************************************************************************************
// #endregion
//**************************************************************************************
// #region ASN.1 schema definition for "RelativeDistinguishedName" type
//**************************************************************************************
in_window.org.pkijs.schema.RDN =
function()
{
//RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
//
//RelativeDistinguishedName ::=
//SET SIZE (1..MAX) OF AttributeTypeAndValue
var names = in_window.org.pkijs.getNames(arguments[0]);
return (new in_window.org.pkijs.asn1.SEQUENCE({
name: (names.block_name || ""),
value: [
new in_window.org.pkijs.asn1.REPEATED({
name: (names.repeated_sequence || ""),
value: new in_window.org.pkijs.asn1.SET({
value: [
new in_window.org.pkijs.asn1.REPEATED({
name: (names.repeated_set || ""),
value: in_window.org.pkijs.schema.ATTR_TYPE_AND_VALUE(names.attr_type_and_value || {})
})
]
})
})
]
}));
}
//**************************************************************************************
// #endregion
//**************************************************************************************
// #region ASN.1 schema definition for "Extension" type
//**************************************************************************************
in_window.org.pkijs.schema.EXTENSION =
function()
{
//Extension ::= SEQUENCE {
// extnID OBJECT IDENTIFIER,
// critical BOOLEAN DEFAULT FALSE,
// extnValue OCTET STRING
//}
var names = in_window.org.pkijs.getNames(arguments[0]);
return (new in_window.org.pkijs.asn1.SEQUENCE({
name: (names.block_name || ""),
value: [
new in_window.org.pkijs.asn1.OID({ name: (names.extnID || "") }),
new in_window.org.pkijs.asn1.BOOLEAN({ name: (names.critical || ""), optional: true }),
new in_window.org.pkijs.asn1.OCTETSTRING({ name: (names.extnValue || "") })
]
}));
}
//**************************************************************************************
// #endregion
//**************************************************************************************
// #region ASN.1 schema definition for "Extensions" type (sequence of many Extension)
//**************************************************************************************
in_window.org.pkijs.schema.EXTENSIONS =
function(input_names, input_optional)
{