Skip to main content

PKIjs provides a Typescript implementation of the most common formats and algorithms needed to build PKI-enabled applications.

We created PKIjs to make it easy to build modern web applications that can interoperate with existing X.509 solutions. It is built on top of Web Crypto so that these applications get to rely on the quality cryptographic implementations provided by browsers and Node.js.

Features

  • Certificates

    The creation and validation of X.509 certificates (RFC 5280) is used by all certificate-enabled applications.

  • Enrollment

    PKCS#10 (RFC 2986) is the most commonly used enrollment data structure used by X.509 applications. It enables the requestor to prove control of a given public key.

  • Signing

    Cryptographic Message Syntax (RFC 5652) is the most commonly used data structure for signing data in X.509 applications. CMS makes it easy to both sign and represent all of the data needed to verify a signature.

  • Encryption

    Cryptographic Message Syntax (RFC 5652) is also the most commonly used data structure for encrypting data in X.509 applications. CMS makes it easy to provide interoperable data encryption.

  • Timestamping

    Time-Stamp Protocol (RFC 3161) is the most commonly used protocol for proving that data existed before a particular time. It is commonly used in signing applications to ensure signatures are verifiable long into the future.