How to use the pkijs.Extension function in pkijs
To help you get started, we’ve selected a few pkijs examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
PeculiarVentures / fortify / src / main / ssl.ts View on Github 
value: new asn1js.OctetString({ valueHex: new Uint8Array(Buffer.from("7F000001", "hex")).buffer }),
}),
],
});
certificate.extensions.push(new pkijs.Extension({
extnID: "2.5.29.17",
critical: false,
extnValue: subjectAlternativeName.toSchema().toBER(false),
parsedValue: subjectAlternativeName,
}));
// Basic constraints
const basicConstraints = new pkijs.BasicConstraints({
cA: false,
});
certificate.extensions.push(new pkijs.Extension({
extnID: "2.5.29.19",
critical: false,
extnValue: basicConstraints.toSchema().toBER(false),
parsedValue: basicConstraints,
}));
await certificate.subjectPublicKeyInfo.importKey(keyPair.publicKey);
await certificate.sign(caKey, hashAlg);
return certificate;
}certificate.subject.typesAndValues.push(commonName);
// Valid period is 1 year
certificate.notBefore.value = new Date(); // current date
const notAfter = new Date();
notAfter.setFullYear(notAfter.getFullYear() + 1);
certificate.notAfter.value = notAfter;
certificate.extensions = []; // Extensions are not a part of certificate by default, it's an optional array
// Basic constraints
const basicConstraints = new pkijs.BasicConstraints({
cA: true,
pathLenConstraint: 2,
});
certificate.extensions.push(new pkijs.Extension({
extnID: "2.5.29.19",
critical: false,
extnValue: basicConstraints.toSchema().toBER(false),
parsedValue: basicConstraints,
}));
await certificate.subjectPublicKeyInfo.importKey(keyPair.publicKey);
await certificate.sign(keyPair.privateKey, hashAlg);
return certificate;
}value: new asn1js.PrintableString({ value: "Fortify Local CA" }),
}));
// Valid period is 1 year
certificate.notBefore.value = new Date(); // current date
const notAfter = new Date();
notAfter.setFullYear(notAfter.getFullYear() + 1);
certificate.notAfter.value = notAfter;
certificate.extensions = []; // Extensions are not a part of certificate by default, it's an optional array
// Extended key usage
const extKeyUsage = new pkijs.ExtKeyUsage({
keyPurposes: ["1.3.6.1.5.5.7.3.1"],
});
certificate.extensions.push(new pkijs.Extension({
extnID: "2.5.29.37",
critical: true,
extnValue: extKeyUsage.toSchema().toBER(false),
parsedValue: extKeyUsage,
}));
// Subject alternative name
const subjectAlternativeName = new pkijs.AltName({
altNames: [
new pkijs.GeneralName({
type: 2,
value: "localhost",
}),
new pkijs.GeneralName({
type: 7,
value: new asn1js.OctetString({ valueHex: new Uint8Array(Buffer.from("7F000001", "hex")).buffer }),value: new asn1js.PrintableString({ value: "Fortify Local CA" }),
}));
// Valid period is 1 year
certificate.notBefore.value = new Date(); // current date
const notAfter = new Date();
notAfter.setFullYear(notAfter.getFullYear() + 1);
certificate.notAfter.value = notAfter;
certificate.extensions = []; // Extensions are not a part of certificate by default, it's an optional array
// Extended key usage
const extKeyUsage = new pkijs.ExtKeyUsage({
keyPurposes: ["1.3.6.1.5.5.7.3.1"],
});
certificate.extensions.push(new pkijs.Extension({
extnID: "2.5.29.37",
critical: true,
extnValue: extKeyUsage.toSchema().toBER(false),
parsedValue: extKeyUsage,
}));
// Subject alternative name
const subjectAlternativeName = new pkijs.AltName({
altNames: [
new pkijs.GeneralName({
type: 2,
value: "localhost",
}),
new pkijs.GeneralName({
type: 7,
value: new asn1js.OctetString({ valueHex: new Uint8Array(Buffer.from("7F000001", "hex")).buffer }),}));
// Subject alternative name
const subjectAlternativeName = new pkijs.AltName({
altNames: [
new pkijs.GeneralName({
type: 2,
value: "localhost",
}),
new pkijs.GeneralName({
type: 7,
value: new asn1js.OctetString({ valueHex: new Uint8Array(Buffer.from("7F000001", "hex")).buffer }),
}),
],
});
certificate.extensions.push(new pkijs.Extension({
extnID: "2.5.29.17",
critical: false,
extnValue: subjectAlternativeName.toSchema().toBER(false),
parsedValue: subjectAlternativeName,
}));
// Basic constraints
const basicConstraints = new pkijs.BasicConstraints({
cA: false,
});
certificate.extensions.push(new pkijs.Extension({
extnID: "2.5.29.19",
critical: false,
extnValue: basicConstraints.toSchema().toBER(false),
parsedValue: basicConstraints,
}));certificate.subject.typesAndValues.push(commonName);
// Valid period is 1 year
certificate.notBefore.value = new Date(); // current date
const notAfter = new Date();
notAfter.setFullYear(notAfter.getFullYear() + 1);
certificate.notAfter.value = notAfter;
certificate.extensions = []; // Extensions are not a part of certificate by default, it's an optional array
// Basic constraints
const basicConstraints = new pkijs.BasicConstraints({
cA: true,
pathLenConstraint: 2,
});
certificate.extensions.push(new pkijs.Extension({
extnID: "2.5.29.19",
critical: false,
extnValue: basicConstraints.toSchema().toBER(false),
parsedValue: basicConstraints,
}));
await certificate.subjectPublicKeyInfo.importKey(keyPair.publicKey);
await certificate.sign(keyPair.privateKey, hashAlg);
return certificate;
}pkijs
Public Key Infrastructure (PKI) is the basis of how identity and key management is performed on the web today. PKIjs is a pure JavaScript library implementing the formats that are used in PKI applications. It is built on WebCrypto and aspires to make it p
Package Health Score
81 / 100Popular pkijs functions
- pkijs.AlgorithmIdentifier
- pkijs.Attribute
- pkijs.AttributeTypeAndValue
- pkijs.BasicConstraints
- pkijs.BasicOCSPResponse
- pkijs.Certificate
- pkijs.ContentInfo
- pkijs.ECPrivateKey
- pkijs.ECPublicKey
- pkijs.Extension
- pkijs.GeneralName
- pkijs.GeneralNames
- pkijs.getCrypto
- pkijs.OCSPRequest
- pkijs.PrivateKeyInfo
- pkijs.PublicKeyInfo
- pkijs.setEngine
- pkijs.SignedData
- pkijs.TimeStampResp