CertificateChainValidationEngine
Represents a chain-building engine for Certificate certificates.
Example
const rootCa = pkijs.Certificate.fromBER(certRaw1);
const intermediateCa = pkijs.Certificate.fromBER(certRaw2);
const leafCert = pkijs.Certificate.fromBER(certRaw3);
const crl1 = pkijs.CertificateRevocationList.fromBER(crlRaw1);
const ocsp1 = pkijs.BasicOCSPResponse.fromBER(ocspRaw1);
const chainEngine = new pkijs.CertificateChainValidationEngine({
certs: [rootCa, intermediateCa, leafCert],
crls: [crl1],
ocsps: [ocsp1],
checkDate: new Date("2015-07-13"), // optional
trustedCerts: [rootCa],
});
const chain = await chainEngine.verify();
Constructors
new CertificateChainValidationEngine()
new CertificateChainValidationEngine(
parameters):CertificateChainValidationEngine
Constructor for CertificateChainValidationEngine class
Parameters
parameters
CertificateChainValidationEngineParameters = {}
Returns
CertificateChainValidationEngine
Properties
certs
certs:
Certificate[]
Array with certificate chain. Could be only one end-user certificate in there!
checkDate
checkDate:
Date
The date at which the check would be
crls
crls:
CertificateRevocationList[]
Array of all CRLs for all certificates from certificate chain
findIssuer
findIssuer:
FindIssuerCallback
The date at which the check would be
findOrigin
findOrigin:
FindOriginCallback
The date at which the check would be
ocsps
ocsps:
BasicOCSPResponse[]
Array of all OCSP responses
trustedCerts
trustedCerts:
Certificate[]
Array of pre-defined trusted (by user) certificates
Methods
defaultFindIssuer()
defaultFindIssuer(
certificate,validationEngine,crypto):Promise<Certificate[]>
Parameters
certificate
validationEngine
CertificateChainValidationEngine
crypto
ICryptoEngine = ...
Returns
Promise<Certificate[]>
defaultValues()
Call Signature
defaultValues(
memberName):Certificate[]
Returns default values for all class members
Parameters
memberName
"trustedCerts"
String name for a class member
Returns
Default value
Call Signature
defaultValues(
memberName):Certificate[]
Returns default values for all class members
Parameters
memberName
"certs"
String name for a class member
Returns
Default value
Call Signature
defaultValues(
memberName):CertificateRevocationList[]
Returns default values for all class members
Parameters
memberName
"crls"
String name for a class member
Returns
Default value
Call Signature
defaultValues(
memberName):BasicOCSPResponse[]
Returns default values for all class members
Parameters
memberName
"ocsps"
String name for a class member
Returns
Default value
Call Signature
defaultValues(
memberName):Date
Returns default values for all class members
Parameters
memberName
"checkDate"
String name for a class member
Returns
Date
Default value
Call Signature
defaultValues(
memberName):FindOriginCallback
Returns default values for all class members
Parameters
memberName
"findOrigin"
String name for a class member
Returns
Default value
Call Signature
defaultValues(
memberName):FindIssuerCallback
Returns default values for all class members
Parameters
memberName
"findIssuer"
String name for a class member
Returns
Default value
sort()
sort(
passedWhenNotRevValues,crypto):Promise<Certificate[]>
Parameters
passedWhenNotRevValues
boolean = false
crypto
ICryptoEngine = ...
Returns
Promise<Certificate[]>
verify()
verify(
parameters,crypto):Promise<CertificateChainValidationEngineVerifyResult>
Major verification function for certificate chain.
Parameters
parameters
CertificateChainValidationEngineVerifyParams = {}
crypto
ICryptoEngine = ...
Crypto engine
Returns
Promise<CertificateChainValidationEngineVerifyResult>
defaultFindOrigin()
staticdefaultFindOrigin(certificate,validationEngine):string
Parameters
certificate
validationEngine
CertificateChainValidationEngine
Returns
string