0.2.0 • Published 6 years ago
pki-lib v0.2.0
pki-lib
The core library that provides support for generating X509Certificate and Certificate Signing Request.
The library requires you to pass an implementation of ICryptoEngine. Look at
- test-crytpo-engine.ts test script to see an implementation of a crypto engine.
- basic-pki.ts script for a full example
Generating a root CA certificate
const cryptoEngine = new TestCryptoEngine();
const notBefore = new Date();
const notAfter = new Date();
notAfter.setFullYear(notBefore.getFullYear() + 1);
const hashAlg = 'SHA1withRSA';
const signAlg = 'RSASSA-PKCS1-v1_5';
// generate the key pair
const keyPair: CryptoKeyPair =
await cryptoEngine.generateKey({
name: signAlg,
modulusLength: 1024,
publicExponent: new Uint8Array([1, 0, 1]),
hash: {
name: 'SHA-1'
}
}, true, ['sign', 'verify']) as CryptoKeyPair;
const x509CertInfo: X509CertificateInfo = {
isCA: true,
signAlg,
hashAlg,
serialNumber: '01',
subjectInfo: {
commonName: 'example.org',
country: 'US',
state: 'TX',
orgName: 'Test',
orgUnit: 'Test'
},
issuerInfo: {
commonName: 'example.org',
country: 'US',
state: 'TX',
orgName: 'Test',
orgUnit: 'Test'
},
validity: {
notBefore,
notAfter
},
publicKey: keyPair.publicKey,
issuerPrivateKey: keyPair.privateKey
};
const jsX509 =
await X509Util.buildCertificate(new TestCryptoEngine(), x509CertInfo);