Class CertificateChainValidationEngine

Represents a chain-building engine for Certificate certificates.

Example

const rootCa = pkijs.Certificate.fromBER(certRaw1);
const intermediateCa = pkijs.Certificate.fromBER(certRaw2);
const leafCert = pkijs.Certificate.fromBER(certRaw3);
const crl1 = pkijs.CertificateRevocationList.fromBER(crlRaw1);
const ocsp1 = pkijs.BasicOCSPResponse.fromBER(ocspRaw1);

const chainEngine = new pkijs.CertificateChainValidationEngine({
  certs: [rootCa, intermediateCa, leafCert],
  crls: [crl1],
  ocsps: [ocsp1],
  checkDate: new Date("2015-07-13"), // optional
  trustedCerts: [rootCa],
});

const chain = await chainEngine.verify();

Hierarchy

CertificateChainValidationEngine

Index

Constructors

constructor

new CertificateChainValidationEngine(parameters?: CertificateChainValidationEngineParameters): CertificateChainValidationEngine
Constructor for CertificateChainValidationEngine class
Parameters
- parameters: CertificateChainValidationEngineParameters = {}
Returns CertificateChainValidationEngine
- Defined in src/CertificateChainValidationEngine.ts:168

Properties

certs

certs: Certificate[]

Array with certificate chain. Could be only one end-user certificate in there!

checkDate

checkDate: Date

The date at which the check would be

crls

crls: CertificateRevocationList[]

Array of all CRLs for all certificates from certificate chain

findIssuer

findIssuer: FindIssuerCallback

The date at which the check would be

findOrigin

findOrigin: FindOriginCallback

The date at which the check would be

ocsps

ocsps: BasicOCSPResponse[]

Array of all OCSP responses

trustedCerts

trustedCerts: Certificate[]

Array of pre-defined trusted (by user) certificates

Methods

defaultFindIssuer

defaultFindIssuer(certificate: Certificate, validationEngine: CertificateChainValidationEngine, crypto?: ICryptoEngine): Promise<Certificate[]>
Parameters
- certificate: Certificate
- validationEngine: CertificateChainValidationEngine
- crypto: ICryptoEngine = ...
Returns Promise<Certificate[]>
- Defined in src/CertificateChainValidationEngine.ts:215

defaultValues

defaultValues(memberName: "trustedCerts"): Certificate[]
Returns default values for all class members

Returns
Default value
Parameters
- memberName: "trustedCerts"
  
  String name for a class member
Returns Certificate[]
- Defined in src/CertificateChainValidationEngine.ts:336
defaultValues(memberName: "certs"): Certificate[]
Parameters
- memberName: "certs"
Returns Certificate[]
- Defined in src/CertificateChainValidationEngine.ts:337
defaultValues(memberName: "crls"): CertificateRevocationList[]
Parameters
- memberName: "crls"
Returns CertificateRevocationList[]
- Defined in src/CertificateChainValidationEngine.ts:338
defaultValues(memberName: "ocsps"): BasicOCSPResponse[]
Parameters
- memberName: "ocsps"
Returns BasicOCSPResponse[]
- Defined in src/CertificateChainValidationEngine.ts:339
defaultValues(memberName: "checkDate"): Date
Parameters
- memberName: "checkDate"
Returns Date
- Defined in src/CertificateChainValidationEngine.ts:340
defaultValues(memberName: "findOrigin"): FindOriginCallback
Parameters
- memberName: "findOrigin"
Returns FindOriginCallback
- Defined in src/CertificateChainValidationEngine.ts:341
defaultValues(memberName: "findIssuer"): FindIssuerCallback
Parameters
- memberName: "findIssuer"
Returns FindIssuerCallback
- Defined in src/CertificateChainValidationEngine.ts:342

sort

sort(passedWhenNotRevValues?: boolean, crypto?: ICryptoEngine): Promise<Certificate[]>
Parameters
- passedWhenNotRevValues: boolean = false
- crypto: ICryptoEngine = ...
Returns Promise<Certificate[]>
- Defined in src/CertificateChainValidationEngine.ts:364

verify

verify(parameters?: CertificateChainValidationEngineVerifyParams, crypto?: ICryptoEngine): Promise<CertificateChainValidationEngineVerifyResult>
Major verification function for certificate chain.

Returns
Parameters
- parameters: CertificateChainValidationEngineVerifyParams = {}
- crypto: ICryptoEngine = ...
  
  Crypto engine
Returns Promise<CertificateChainValidationEngineVerifyResult>
- Defined in src/CertificateChainValidationEngine.ts:877

`Static` defaultFindOrigin

defaultFindOrigin(certificate: Certificate, validationEngine: CertificateChainValidationEngine): string
Parameters
- certificate: Certificate
- validationEngine: CertificateChainValidationEngine
Returns string
- Defined in src/CertificateChainValidationEngine.ts:180

Class CertificateChainValidationEngine

Example

Hierarchy

Index

Constructors

Properties

Methods

Constructors

constructor

Parameters

parameters: CertificateChainValidationEngineParameters = {}

Returns CertificateChainValidationEngine

Properties

certs

checkDate

crls

findIssuer

findOrigin

ocsps

trustedCerts

Methods

defaultFindIssuer

Parameters

certificate: Certificate

validationEngine: CertificateChainValidationEngine

crypto: ICryptoEngine = ...

Returns Promise<Certificate[]>

defaultValues

Returns

Parameters

memberName: "trustedCerts"

Returns Certificate[]

Parameters

memberName: "certs"

Returns Certificate[]

Parameters

memberName: "crls"

Returns CertificateRevocationList[]

Parameters

memberName: "ocsps"

Returns BasicOCSPResponse[]

Parameters

memberName: "checkDate"

Returns Date

Parameters

memberName: "findOrigin"

Returns FindOriginCallback

Parameters

memberName: "findIssuer"

Returns FindIssuerCallback

sort

Parameters

passedWhenNotRevValues: boolean = false

crypto: ICryptoEngine = ...

Returns Promise<Certificate[]>

verify

Returns

Parameters

parameters: CertificateChainValidationEngineVerifyParams = {}

crypto: ICryptoEngine = ...

Returns Promise<CertificateChainValidationEngineVerifyResult>

Static defaultFindOrigin

Parameters

certificate: Certificate

validationEngine: CertificateChainValidationEngine

Returns string

Settings

Member Visibility

Theme

`Static` defaultFindOrigin