CertificateChainValidationEngine

Represents a chain-building engine for Certificate certificates.

example

const rootCa = pkijs.Certificate.fromBER(certRaw1);
const intermediateCa = pkijs.Certificate.fromBER(certRaw2);
const leafCert = pkijs.Certificate.fromBER(certRaw3);
const crl1 = pkijs.CertificateRevocationList.fromBER(crlRaw1);
const ocsp1 = pkijs.BasicOCSPResponse.fromBER(ocspRaw1);

const chainEngine = new pkijs.CertificateChainValidationEngine({
  certs: [rootCa, intermediateCa, leafCert],
  crls: [crl1],
  ocsps: [ocsp1],
  checkDate: new Date("2015-07-13"), // optional
  trustedCerts: [rootCa],
});

const chain = await chainEngine.verify();

Hierarchy

CertificateChainValidationEngine

Index

Constructors

constructor

Properties

Methods

Constructors

constructor

new CertificateChainValidationEngine(parameters?: CertificateChainValidationEngineParameters): CertificateChainValidationEngine

- Defined in src/CertificateChainValidationEngine.ts:126
Constructor for CertificateChainValidationEngine class

Parameters
- parameters: CertificateChainValidationEngineParameters = {}
Returns CertificateChainValidationEngine

Properties

certs

certs: Certificate[]

Array with certificate chain. Could be only one end-user certificate in there!

checkDate

checkDate: Date

The date at which the check would be

crls

crls: CertificateRevocationList[]

Array of all CRLs for all certificates from certificate chain

findIssuer

findIssuer: FindIssuerCallback

The date at which the check would be

findOrigin

findOrigin: FindOriginCallback

The date at which the check would be

ocsps

ocsps: BasicOCSPResponse[]

Array of all OCSP responses

trustedCerts

trustedCerts: Certificate[]

Array of pre-defined trusted (by user) certificates

Methods

defaultFindIssuer

defaultFindIssuer(certificate: Certificate, validationEngine: CertificateChainValidationEngine, crypto?: ICryptoEngine): Promise<Certificate[]>

- Defined in src/CertificateChainValidationEngine.ts:173
Parameters
- certificate: Certificate
- validationEngine: CertificateChainValidationEngine
- crypto: ICryptoEngine = ...
Returns Promise<Certificate[]>

defaultValues

defaultValues(memberName: "trustedCerts"): Certificate[]
defaultValues(memberName: "certs"): Certificate[]
defaultValues(memberName: "crls"): CertificateRevocationList[]
defaultValues(memberName: "ocsps"): BasicOCSPResponse[]
defaultValues(memberName: "checkDate"): Date
defaultValues(memberName: "findOrigin"): FindOriginCallback
defaultValues(memberName: "findIssuer"): FindIssuerCallback

- Defined in src/CertificateChainValidationEngine.ts:294
Returns default values for all class members

Parameters
- memberName: "trustedCerts"
  
  String name for a class member
Returns Certificate[]
Default value
- Defined in src/CertificateChainValidationEngine.ts:295
Parameters
- memberName: "certs"
Returns Certificate[]
- Defined in src/CertificateChainValidationEngine.ts:296
Parameters
- memberName: "crls"
Returns CertificateRevocationList[]
- Defined in src/CertificateChainValidationEngine.ts:297
Parameters
- memberName: "ocsps"
Returns BasicOCSPResponse[]
- Defined in src/CertificateChainValidationEngine.ts:298
Parameters
- memberName: "checkDate"
Returns Date
- Defined in src/CertificateChainValidationEngine.ts:299
Parameters
- memberName: "findOrigin"
Returns FindOriginCallback
- Defined in src/CertificateChainValidationEngine.ts:300
Parameters
- memberName: "findIssuer"
Returns FindIssuerCallback

sort

sort(passedWhenNotRevValues?: boolean, crypto?: ICryptoEngine): Promise<Certificate[]>

- Defined in src/CertificateChainValidationEngine.ts:322
Parameters
- passedWhenNotRevValues: boolean = false
- crypto: ICryptoEngine = ...
Returns Promise<Certificate[]>

verify

verify(parameters?: CertificateChainValidationEngineVerifyParams, crypto?: ICryptoEngine): Promise<CertificateChainValidationEngineVerifyResult>

- Defined in src/CertificateChainValidationEngine.ts:847
Major verification function for certificate chain.

Parameters
- parameters: CertificateChainValidationEngineVerifyParams = {}
- crypto: ICryptoEngine = ...
  
  Crypto engine
Returns Promise<CertificateChainValidationEngineVerifyResult>

Static defaultFindOrigin

defaultFindOrigin(certificate: Certificate, validationEngine: CertificateChainValidationEngine): string

- Defined in src/CertificateChainValidationEngine.ts:138
Parameters
- certificate: Certificate
- validationEngine: CertificateChainValidationEngine
Returns string

Hierarchy

Index

Constructors

Properties

Methods

Constructors

constructor

Parameters

parameters: CertificateChainValidationEngineParameters = {}

Returns CertificateChainValidationEngine

Properties

certs

checkDate

crls

findIssuer

findOrigin

ocsps

trustedCerts

Methods

defaultFindIssuer

Parameters

certificate: Certificate

validationEngine: CertificateChainValidationEngine

crypto: ICryptoEngine = ...

Returns Promise<Certificate[]>

defaultValues

Parameters

memberName: "trustedCerts"

Returns Certificate[]

Parameters

memberName: "certs"

Returns Certificate[]

Parameters

memberName: "crls"

Returns CertificateRevocationList[]

Parameters

memberName: "ocsps"

Returns BasicOCSPResponse[]

Parameters

memberName: "checkDate"

Returns Date

Parameters

memberName: "findOrigin"

Returns FindOriginCallback

Parameters

memberName: "findIssuer"

Returns FindIssuerCallback

sort

Parameters

passedWhenNotRevValues: boolean = false

crypto: ICryptoEngine = ...

Returns Promise<Certificate[]>

verify

Parameters

parameters: CertificateChainValidationEngineVerifyParams = {}

crypto: ICryptoEngine = ...

Returns Promise<CertificateChainValidationEngineVerifyResult>

Static defaultFindOrigin

Parameters

certificate: Certificate

validationEngine: CertificateChainValidationEngine

Returns string