* Gets the ASN.1 TBSCertificate part of an X.509v3 certificate. * * @param {any} cert the certificate. * * @return the asn1 TBSCertificate.
(cert)
| 169 | * @return the asn1 TBSCertificate. |
| 170 | */ |
| 171 | function getTBSCertificate(cert) { |
| 172 | // TBSCertificate |
| 173 | const notBefore = _dateToAsn1(cert.validity.notBefore) |
| 174 | const notAfter = _dateToAsn1(cert.validity.notAfter) |
| 175 | |
| 176 | const tbs = asn1.create(asn1.Class.UNIVERSAL, asn1.Type.SEQUENCE, true, [ |
| 177 | // version |
| 178 | asn1.create(asn1.Class.CONTEXT_SPECIFIC, 0, true, [ |
| 179 | // integer |
| 180 | asn1.create( |
| 181 | asn1.Class.UNIVERSAL, |
| 182 | asn1.Type.INTEGER, |
| 183 | false, |
| 184 | asn1.integerToDer(cert.version).getBytes() |
| 185 | ) |
| 186 | ]), |
| 187 | // serialNumber |
| 188 | asn1.create( |
| 189 | asn1.Class.UNIVERSAL, |
| 190 | asn1.Type.INTEGER, |
| 191 | false, |
| 192 | forge.util.hexToBytes(cert.serialNumber) |
| 193 | ), |
| 194 | // signature |
| 195 | asn1.create(asn1.Class.UNIVERSAL, asn1.Type.SEQUENCE, true, [ |
| 196 | // algorithm |
| 197 | asn1.create( |
| 198 | asn1.Class.UNIVERSAL, |
| 199 | asn1.Type.OID, |
| 200 | false, |
| 201 | asn1.oidToDer(cert.siginfo.algorithmOid).getBytes() |
| 202 | ), |
| 203 | // parameters |
| 204 | _signatureParametersToAsn1( |
| 205 | cert.siginfo.algorithmOid, |
| 206 | cert.siginfo.parameters |
| 207 | ) |
| 208 | ]), |
| 209 | // issuer |
| 210 | _dnToAsn1(cert.issuer), |
| 211 | // validity |
| 212 | asn1.create(asn1.Class.UNIVERSAL, asn1.Type.SEQUENCE, true, [ |
| 213 | notBefore, |
| 214 | notAfter |
| 215 | ]), |
| 216 | // subject |
| 217 | _dnToAsn1(cert.subject), |
| 218 | // SubjectPublicKeyInfo |
| 219 | // here comes our modification, we are other objects here |
| 220 | asn1.fromDer( |
| 221 | new forge.util.ByteBuffer( |
| 222 | cert.publicKey |
| 223 | ) /* is in already SPKI format but in DER encoding */ |
| 224 | ) |
| 225 | ]) |
| 226 | |
| 227 | if (cert.issuer.uniqueId) { |
| 228 | // issuerUniqueID (optional) |
no test coverage detected