Skip to main content

pkijs

DESCRIPTION OF THE PROJECT

PKIjs designed to be a helper for everyone making any PKI-related applications. Currently PKI defined by a set of documents, and usually these documents have form in RFC (Requst For Comments) managed by IETF. PKIjs respects this situation and provide to user a flexible environment based on existing set of RFCs, related to PKI.

RFC numberRFC name
RFC5280Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
RFC3161Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP)
RFC5652Cryptographic Message Syntax (CMS)
RFC3447Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.1
RFC5753Use of Elliptic Curve Cryptography (ECC) Algorithms in Cryptographic Message Syntax (CMS)
RFC2898PKCS #5: Password-Based Cryptography Specification
RFC6960X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP
RFC2986PKCS #10: Certification Request Syntax Specification Version 1.7
RFC7292PKCS #12: Personal Information Exchange Syntax v1.1
RFC6318Suite B in Secure/Multipurpose Internet Mail Extensions (S/MIME)
RFC5915Elliptic Curve Private Key Structure
RFC5480Elliptic Curve Cryptography Subject Public Key Information
RFC5208Public-Key Cryptography Standards (PKCS) #8: Private-Key Information Syntax Specification Version 1.2
RFC4055Additional Algorithms and Identifiers for RSA Cryptography for use in the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile

PKI.js made of many specialized classes, each of them is responsible for handling one structure from specific RFC. For example, in order to handle X.509 certificate, described in RFC5280, PKI.js has class "Certificate". Each class inside PKI.js is inside separate file. Name of each class equals to name from RFC document. Here is a table with PKI.js class names and related RFCs:

Class NameRFC number
AccessDescriptionRFC5280
AccuracyRFC3161
AlgorithmIdentifierRFC5280
AltNameRFC5280
AttributeRFC2986
AttributeTypeAndValueRFC5280
AuthenticatedSafeRFC7292
AuthorityKeyIdentifierRFC5280
BasicConstraintsRFC5280
BasicOCSPResponseRFC6960
CRLBagRFC7292
CRLDistributionPointsRFC5280
CertBagRFC7292
CertIDRFC6960
CertificateRFC5280
CertificatePoliciesRFC5280
CertificateRevocationListRFC5280
CertificateSetRFC5652
CertificationRequestRFC2986
ContentInfoRFC5652
DigestInfoRFC3447
DistributionPointRFC5280
ECCCMSSharedInfoRFC6318
ECPrivateKeyRFC5915
ECPublicKeyRFC5480
EncapsulatedContentInfoRFC5652
EncryptedContentInfoRFC5652
EncryptedDataRFC5652
EnvelopedDataRFC5652
ExtKeyUsageRFC5280
ExtensionRFC5280
ExtensionsRFC5280
GeneralNameRFC5280
GeneralNamesRFC5280
GeneralSubtreeRFC5280
InfoAccessRFC5280
IssuerAndSerialNumberRFC5652
IssuingDistributionPointRFC5280
KEKIdentifierRFC5652
KEKRecipientInfoRFC5652
KeyAgreeRecipientIdentifierRFC5652
KeyAgreeRecipientInfoRFC5652
KeyBagRFC5208
KeyTransRecipientInfoRFC5652
MacDataRFC7292
MessageImprintRFC3161
NameConstraintsRFC5280
OCSPRequestRFC6960
OCSPResponseRFC6960
OriginatorIdentifierOrKeyRFC5652
OriginatorInfoRFC5652
OriginatorPublicKeyRFC5652
OtherCertificateFormatRFC5652
OtherKeyAttributeRFC5652
OtherPrimeInfoRFC3447
OtherRecipientInfoRFC5652
OtherRevocationInfoFormatRFC5652
PBES2ParamsRFC2898
PBKDF2ParamsRFC2898
PFXRFC7292
PKCS8ShroudedKeyBagRFC7292
PKIStatusInfoRFC3161
PasswordRecipientinfoRFC5652
PolicyConstraintsRFC5280
PolicyInformationRFC5280
PolicyMappingRFC5280
PolicyMappingsRFC5280
PolicyQualifierInfoRFC5280
PrivateKeyInfoRFC5208
PrivateKeyUsagePeriodRFC5280
PublicKeyInfoRFC5280
RSAESOAEPParamsRFC3447
RSAPrivateKeyRFC3447
RSAPublicKeyRFC3447
RSASSAPSSParamsRFC4055
RecipientEncryptedKeyRFC5652
RecipientEncryptedKeysRFC5652
RecipientIdentifierRFC5652
RecipientInfoRFC5652
RecipientKeyIdentifierRFC5652
RelativeDistinguishedNamesRFC5280
RequestRFC6960
ResponseBytesRFC6960
ResponseDataRFC6960
RevocationInfoChoicesRFC5652
RevokedCertificateRFC5280
SafeBagRFC7292
SafeContentsRFC7292
SecretBagRFC7292
SignatureRFC6960
SignedAndUnsignedAttributesRFC5652
SignedDataRFC5652
SignerInfoRFC5652
SingleResponseRFC6960
SubjectDirectoryAttributesRFC5280
TBSRequestRFC6960
TSTInfoRFC3161
TimeRFC5280
TimeStampReqRFC3161
TimeStampRespRFC3161

PKI.js library could be extended very easily to handle additional types from any RFC. If you have a special need for any RFC's new types please create issue on GitHub.