forked from kjur/jsrsasign
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathx509crl.html
executable file
·254 lines (232 loc) · 10.9 KB
/
x509crl.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>QUnit for X509CRL parser class 'x509crl.js'</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
<script type="text/javascript" src="jquery-1.4.2.min.js"></script>
<script type="text/javascript" src="qunit.js"></script>
<link rel="stylesheet" href="qunit.css" type="text/css" media="screen" />
<script src="../ext/cj/cryptojs-312-core-fix.js"></script>
<script src="../ext/cj/x64-core.js"></script>
<script src="../ext/cj/cipher-core_min.js"></script>
<script src="../ext/cj/aes_min.js"></script>
<script src="../ext/cj/tripledes_min.js"></script>
<script src="../ext/cj/enc-base64_min.js"></script>
<script src="../ext/cj/md5_min.js"></script>
<script src="../ext/cj/sha1_min.js"></script>
<script src="../ext/cj/sha256_min.js"></script>
<script src="../ext/cj/sha224_min.js"></script>
<script src="../ext/cj/sha512_min.js"></script>
<script src="../ext/cj/sha384_min.js"></script>
<script src="../ext/cj/ripemd160_min.js"></script>
<script src="../ext/cj/hmac_min.js"></script>
<script src="../ext/cj/pbkdf2_min.js"></script>
<script src="../ext/jsbn.js"></script>
<script src="../ext/jsbn2.js"></script>
<script src="../ext/prng4.js"></script>
<script src="../ext/rng.js"></script>
<script src="../ext/rsa.js"></script>
<script src="../ext/rsa2.js"></script>
<script src="../ext/base64.js"></script>
<script src="../ext/ec.js"></script>
<script src="../ext/ec-patch.js"></script>
<script src="../src/crypto-1.1.js"></script>
<script src="../src/asn1hex-1.1.js"></script>
<script src="../src/rsapem-1.1.js"></script>
<script src="../src/rsasign-1.2.js"></script>
<script src="../src/x509-1.1.js"></script>
<script src="../src/base64x-1.1.js"></script>
<script src="../src/asn1-1.0.js"></script>
<script src="../src/asn1x509-1.0.js"></script>
<script src="../src/keyutil-1.0.js"></script>
<script src="../src/dsa-2.0.js"></script>
<script src="../src/ecdsa-modified-1.0.js"></script>
<script src="../src/ecparam-1.0.js"></script>
<script src="../src/x509crl.js"></script>
<script type="text/javascript">
$(document).ready(function(){
// **** TEST **********
// Let's Encrypt www.letsencrypt.org chain (pemLetsROOT,pemLetsR3,pemLetsROOTCRL)
var pemLetsR3 = (function() {/*
-----BEGIN CERTIFICATE-----
MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw
WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP
R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx
sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm
NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg
Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG
/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC
AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB
Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA
FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw
AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw
Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB
gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W
PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl
ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz
CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm
lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4
avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2
yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O
yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids
hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+
HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv
MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX
nLRbwHOoq7hHwg==
-----END CERTIFICATE-----
*/}).toString().match(/\/\*([^]*)\*\//)[1];
var pemLetsROOTCRL = (function() {/*
-----BEGIN X509 CRL-----
MIICyTCBsgIBATANBgkqhkiG9w0BAQsFADBPMQswCQYDVQQGEwJVUzEpMCcGA1UE
ChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElT
UkcgUm9vdCBYMRcNMjEwNzE1MDAwMDAwWhcNMjIwNjE0MjM1OTU5WqAvMC0wHwYD
VR0jBBgwFoAUebRZ5nu25eQBc4AIiMgaWPbpm24wCgYDVR0UBAMCAWUwDQYJKoZI
hvcNAQELBQADggIBACU9kbml56oTQS8hdgSBnKkOFfzSwonn1f8rDkF1S6i12pJo
fR6IKmICE/NLStXratE3cFepDINBl2g5f4eQF129l8GnvRXkjTxq7xl9scBe5Ji7
cxLCwhooZoagErPv+Ze9gAB8f5wk4HlG1J6EWixgxdOgk/4ERtzuyHkBSIhiPP3Y
+u326OaSAZL413P5jLzBUT8zgeLXQLnqaSA9cugtsVyDv959/8to0wrFPBckQhzT
huy3o0mee4O2T/hB07XaJj0V07a6GpEdG6VJHt5VQBjAz6lrFXorAFeuThIAUKks
ivHsuPwU2fxGp3TWkUK1fMfE8mwgTzzlLcO0wY3YMfz0mgu4C+36IsjMs5kR82dj
Mx9IdR201DXCEM18kWiTPESAiN5EGXJ6QyiW1z98j96cmNE9XI05XnC0BJGviKnm
v4mPRVdAKg4RXJWGMwdT6XXSukE4uWBb0vArNjjVDiCGC2XHseopEJ7K3QgBOKAv
IDyekT2aSWS4DFeAktP1W2QM4BLXWgCsjeNkCf7QqPDXlfmghNFR8BlUXrMnNFGa
wB9MfnGP/+hgftI3BCWRftHgnBsMrRVsFr8/ImvTHymd801Gsgfu21/dpAYPGEDB
BRAckZg2VhAWXOm7SPGS+LAcI6c02dO+Xi9dG/8ZClRNLnbJgu1N1PAd1hq6
-----END X509 CRL-----
*/}).toString().match(/\/\*([^]*)\*\//)[1];
// DigiCert Global Root CRL
// 0cert_sites/digicertglobalrootca.crl.529 2020.08.20
var pemCRLDigiCert = (function() {/*
-----BEGIN X509 CRL-----
MIICczCCAVsCAQEwDQYJKoZIhvcNAQELBQAwYTELMAkGA1UEBhMCVVMxFTATBgNV
BAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTEgMB4G
A1UEAxMXRGlnaUNlcnQgR2xvYmFsIFJvb3QgQ0EXDTIwMDgyMDIxMjQzNFoXDTIw
MDkxMDIxMjQzNFowgZMwLwIQEj3PhK5IQbSvpzHmKQQqyBcNMDYxMTEwMDAwMDAw
WjAMMAoGA1UdFQQDCgEEMC8CECqEb7Dqwkryl1QKwOpjTggXDTA2MTExMDAwMDAw
MFowDDAKBgNVHRUEAwoBBDAvAhAPFoNPgpGR4yr/eyk5t5pSFw0yMDA2MTIwNTMw
MDBaMAwwCgYDVR0VBAMKAQCgMDAuMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsb
w5eyPdFVMAsGA1UdFAQEAgICETANBgkqhkiG9w0BAQsFAAOCAQEAPF7ozoGa3a0a
4lvKs4s8krI3kHhlUt8SPs0agnd7QJXcaooorLo4gynl5pZKVrFq7qknFAq6Hp5C
XynUxvbaIxXNtDPO1R29R2Ec6jQHFTQb6HyAxXjhS8nomkUQ4ls2mYaPuUldb6my
evr/uYi8JN0kc771j6NWLWI/KHshQqYPmVPA2AMTr483bUj84w9j3qIKmoH9LfY/
YXcRRUzSYF2siy/atyZIc7ZHhWsUOTP8kHQ5jXIK+4XPWfsOqJUA4B4UWkn2kjhF
J8Djii8M/GJL6ExABeBy8XFZho/ldPJv5JhQZj5wg7ql2bL9OklCvkMDDWXOVhFj
ednzx9cEdg==
-----END X509 CRL-----
*/}).toString().match(/\/\*([^]*)\*\//)[1];
// 0cert_sites/digicertglobalrootca.cer > pubkey
var pemPubDigiCert = (function() {/*
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKP
C3eQyaKl7hLOllsBCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtx
RuLWZscFs3YnFo97nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmF
aG5cIzJLv07A6Fpt43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvU
X7Q6hL+hqkpMfT7PT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrT
C0LUq7dBMtoM1O/4gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOv
JwIDAQAB
-----END PUBLIC KEY-----
*/}).toString().match(/\/\*([^]*)\*\//)[1];
// 0cert_sites/github.com.cer > pubkey
var pemPubGitHub = (function() {/*
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdTcPK/9807twWet5ssi
6Lfiqyjy99xicAjRDK/WFmohsDZLFw02YwSuv+ogUZVlZvK/uU2kDCnr9RWx6DWz
cBCU1RtZtCYP1oNXWZ3hfAnd4BPKTW9Dm83PhzoVp4XdZoPtkwz+K204HHmIkM+t
WBgtUdHCo/JHjG84Cbm470yTC8uDlIfq4KO12Xubaw9D+crugA0op3bxJfTBNTz2
dK3eajOCe9z9S3anwu7yar+pJKZf5y58DtvDdHP6fsbYz2DrNlYhtsGKuCSCTXgk
uukdoYqnh75mJWm/vjtybk/g5IUlCLGRibjWdGV2myxPYh+h+jq+nCS/n8qwxcBn
jQIDAQAB
-----END PUBLIC KEY-----
*/}).toString().match(/\/\*([^]*)\*\//)[1];
test("getParam test (digicert global root)", function() {
var hExpect = {
version: 2,
sigalg: "SHA256withRSA",
issuer: {
array: [
[{type:"C",value:"US",ds:"prn"}],
[{type:"O",value:"DigiCert Inc",ds:"prn"}],
[{type:"OU",value:"www.digicert.com",ds:"prn"}],
[{type:"CN",value:"DigiCert Global Root CA",ds:"prn"}]
],
str: "/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA"
},
thisupdate: "200820212434Z",
nextupdate: "200910212434Z",
revcert: [
{sn:{hex:"123dcf84ae4841b4afa731e629042ac8"},
date:"061110000000Z",
ext:[{extname:"cRLReason",code:4}]},
{sn:{hex:"2a846fb0eac24af297540ac0ea634e08"},
date:"061110000000Z",
ext:[{extname:"cRLReason",code:4}]},
{sn:{hex:"0f16834f829191e32aff7b2939b79a52"},
date:"200612053000Z",
ext:[{extname:"cRLReason",code:0}]}
],
ext: [
{extname: "authorityKeyIdentifier",
kid: {hex: "03de503556d14cbb66f0a3e21b1bc397b23dd155"}},
{extname: "cRLNumber", num: {hex: "0211"}}
],
sighex: "3c5ee8ce819addad1ae25bcab38b3c92b23790786552df123ecd1a82777b4095dc6a8a28acba388329e5e6964a56b16aeea927140aba1e9e425f29d4c6f6da2315cdb433ced51dbd47611cea340715341be87c80c578e14bc9e89a4510e25b3699868fb9495d6fa9b27afaffb988bc24dd2473bef58fa3562d623f287b2142a60f9953c0d80313af8f376d48fce30f63dea20a9a81fd2df63f617711454cd2605dac8b2fdab7264873b647856b143933fc9074398d720afb85cf59fb0ea89500e01e145a49f692384527c0e38a2f0cfc624be84c4005e072f17159868fe574f26fe49850663e7083baa5d9b2fd3a4942be43030d65ce56116379d9f3c7d70476"
};
var crl = new X509CRL(pemCRLDigiCert);
equal(crl.posSigAlg, 1, "posSigAlg=1");
equal(crl.posRevCert, 5, "posRevCert=5");
deepEqual(crl.getParam(), hExpect, "param");
});
test("getIssuerHex test (digicert global root crl)", function() {
var crl = new X509CRL(pemCRLDigiCert);
equal(crl.getIssuerHex(), "3061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f74204341", "hex");
});
test("findRevCertBySN test (digicert global root crl)", function() {
var crl = new X509CRL(pemCRLDigiCert);
var sn = "2a846fb0eac24af297540ac0ea634e08";
var pExpect = {
sn:{hex:"2a846fb0eac24af297540ac0ea634e08"},
date:"061110000000Z",
ext:[{extname:"cRLReason",code:4}]
};
deepEqual(crl.findRevCertBySN(sn), pExpect, "2a84...");
deepEqual(crl.findRevCertBySN("0000"), null, "0000 > null(not found)");
});
test("findRevCert test LetsEncryt Root", function() {
var crl = new X509CRL(pemLetsROOTCRL);
var pExpect = {};
deepEqual(crl.findRevCert(pemLetsR3), null, "0000 > null(LetsR3 not found)");
});
test("findRevCertBySN test LetsEncrypt Root", function() {
var crl = new X509CRL(pemLetsROOTCRL);
var pExpect = {};
deepEqual(crl.findRevCertBySN("0000"), null, "0000 > null(not found)");
});
test("verifySignature test (digicert global root crl)", function() {
var crl = new X509CRL(pemCRLDigiCert);
equal(crl.verifySignature(pemPubDigiCert), true, "verify=true digicert");
equal(crl.verifySignature(pemPubGitHub), false, "verify=false github");
});
});
</script>
</head>
<body>
<div id="qunit"></div>
<div id="qunit-fixture">test markup</div>
<p>
<a href="../">TOP</a> |
<a href="index.html">TEST INDEX</a> |
<a href="qunit-do-x509.html">x509</a> |
<a href="qunit-do-x509-ext.html">x509-ext</a> |
<a href="qunit-do-x509-param.html">x509-param</a> |
<a href="qunit-do-x509-key.html">x509-key</a> |
<a href="qunit-do-x509-kid.html">x509-kid</a> |
<a href="qunit-do-x509-getinfo.html">x509-getinfo</a> |
<a href="qunit-do-x509-v1.html">x509-v1</a> |
</p>
</body>
</html>