|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Node.js) Generate a CSR with keyUsage, extKeyUsage, and other ExtensionsSee more CSR ExamplesDemonstrates how to generate a CSR containing a 1.2.840.113549.1.9.14 extensionRequest with the following extensions:
var os = require('os'); if (os.platform() == 'win32') { if (os.arch() == 'ia32') { var chilkat = require('@chilkat/ck-node21-win-ia32'); } else { var chilkat = require('@chilkat/ck-node21-win64'); } } else if (os.platform() == 'linux') { if (os.arch() == 'arm') { var chilkat = require('@chilkat/ck-node21-arm'); } else if (os.arch() == 'x86') { var chilkat = require('@chilkat/ck-node21-linux32'); } else { var chilkat = require('@chilkat/ck-node21-linux64'); } } else if (os.platform() == 'darwin') { if (os.arch() == 'arm64') { var chilkat = require('@chilkat/ck-node21-mac-m1'); } else { var chilkat = require('@chilkat/ck-node21-macosx'); } } function chilkatExample() { // This requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // This example will generate a secp256r1 ECDSA key for the CSR. var ecc = new chilkat.Ecc(); var prng = new chilkat.Prng(); // privKey: PrivateKey var privKey = ecc.GenEccKey("secp256r1",prng); if (ecc.LastMethodSuccess == false) { console.log("Failed to generate a new ECDSA private key."); return; } var csr = new chilkat.Csr(); // Add common CSR fields: csr.CommonName = "mysubdomain.mydomain.com"; csr.Country = "GB"; csr.State = "Yorks"; csr.Locality = "York"; csr.Company = "Internet Widgits Pty Ltd"; csr.EmailAddress = "support@mydomain.com"; // Add the following 1.2.840.113549.1.9.14 extensionRequest // Note: The easiest way to know the content and format of the XML to be added is to examine // a pre-existing CSR with the same desired extensionRequest. You can use Chilkat to // get the extensionRequest from an existing CSR. // // Here is a sample extension request: // <?xml version="1.0" encoding="utf-8"?> // <set> // <sequence> // <sequence> // <oid>1.3.6.1.4.1.311.20.2</oid> // <asnOctets> // <universal tag="30" constructed="0">AEUAbgBkAEUAbgB0AGkAdAB5AEMAbABpAGUAbgB0AEEAdQB0AGgAQwBlAHIAdABpAGYAaQBjAGEAdABl // AF8AQwBTAFIAUABhAHMAcwB0AGgAcgBvAHUAZwBoAC8AVgAx</universal> // </asnOctets> // </sequence> // <sequence> // <oid>2.5.29.15</oid> // <bool>1</bool> // <asnOctets> // <bits n="3">A0</bits> // </asnOctets> // </sequence> // <sequence> // <oid>2.5.29.37</oid> // <asnOctets> // <sequence> // <oid>1.3.6.1.5.5.7.3.3</oid> // </sequence> // </asnOctets> // </sequence> // <sequence> // <oid>2.5.29.14</oid> // <asnOctets> // <octets>MCzBMQAViXBz8IDt8LsgmJxJ4Xg=</octets> // </asnOctets> // </sequence> // </sequence> // </set> // Use this online tool to generate code from sample XML: // Generate Code to Create XML // A few notes: // The string "AEUAbgBkAEUAbgB0AGkAdAB5AEMAbABpAGUAbgB0AEEAdQB0AGgAQwBlAHIAdABpAGYAaQBjAGEAdABlAF8AQwBTAFIAUABhAHMAcwB0AGgAcgBvAHUAZwBoAC8AVgAx" // is the base64 encoding of the utf-16be byte representation of the string "EndEntityClientAuthCertificate_CSRPassthrough/V1" var s = "EndEntityClientAuthCertificate_CSRPassthrough/V1"; var bdTemp = new chilkat.BinData(); bdTemp.AppendString(s,"utf-16be"); var s_base64_utf16be = bdTemp.GetEncoded("base64"); // The string should be "AEUA....." console.log(s_base64_utf16be); // Here's the code to generate the above extension request. var xml = new chilkat.Xml(); xml.Tag = "set"; xml.UpdateChildContent("sequence|sequence|oid","1.3.6.1.4.1.311.20.2"); xml.UpdateAttrAt("sequence|sequence|asnOctets|universal",true,"tag","30"); xml.UpdateAttrAt("sequence|sequence|asnOctets|universal",true,"constructed","0"); xml.UpdateChildContent("sequence|sequence|asnOctets|universal",s_base64_utf16be); xml.UpdateChildContent("sequence|sequence[1]|oid","2.5.29.15"); xml.UpdateChildContent("sequence|sequence[1]|bool","1"); xml.UpdateAttrAt("sequence|sequence[1]|asnOctets|bits",true,"n","3"); // A0 is hex for decimal 160. xml.UpdateChildContent("sequence|sequence[1]|asnOctets|bits","A0"); xml.UpdateChildContent("sequence|sequence[2]|oid","2.5.29.37"); xml.UpdateChildContent("sequence|sequence[2]|asnOctets|sequence|oid","1.3.6.1.5.5.7.3.3"); // This is the subjectKeyIdentifier extension. // The string "MCzBMQAViXBz8IDt8LsgmJxJ4Xg=" is base64 that decodes to 20 bytes, which is a SHA1 hash. // This is simply a hash of the DER of the public key. // pubKey: PublicKey var pubKey = privKey.GetPublicKey(); var bdPubKeyDer = new chilkat.BinData(); bdPubKeyDer.AppendEncoded(pubKey.GetEncoded(true,"base64"),"base64"); var ski = bdPubKeyDer.GetHash("sha1","base64"); xml.UpdateChildContent("sequence|sequence[3]|oid","2.5.29.14"); xml.UpdateChildContent("sequence|sequence[3]|asnOctets|octets",ski); // Add the extension request to the CSR csr.SetExtensionRequest(xml); // Generate the CSR with the extension request var csrPem = csr.GenCsrPem(privKey); if (csr.LastMethodSuccess == false) { console.log(csr.LastErrorText); return; } console.log(csrPem); } chilkatExample(); |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.