PKIjs provides a Typescript implementation of the most common formats and algorithms needed to build PKI-enabled applications.
We created PKIjs to make it easy to build modern web applications that can interoperate with existing X.509 solutions. It is built on top of Web Crypto so that these applications get to rely on the quality cryptographic implementations provided by browsers and Node.js.
Features
Certificates
The creation and validation of X.509 certificates (RFC 5280) is used by all certificate-enabled applications.
Enrollment
PKCS#10 (RFC 2986) is the most commonly used enrollment data structure used by X.509 applications. It enables the requestor to prove control of a given public key.
Signing
Cryptographic Message Syntax (RFC 5652) is the most commonly used data structure for signing data in X.509 applications. CMS makes it easy to both sign and represent all of the data needed to verify a signature.
Encryption
Cryptographic Message Syntax (RFC 5652) is also the most commonly used data structure for encrypting data in X.509 applications. CMS makes it easy to provide interoperable data encryption.
Timestamping
Time-Stamp Protocol (RFC 3161) is the most commonly used protocol for proving that data existed before a particular time. It is commonly used in signing applications to ensure signatures are verifiable long into the future.