[Pkg-javascript-commits] [node-asn1.js] 02/21: 5280: fix revoked certificate decoding
Bastien Roucariès
rouca at moszumanska.debian.org
Thu Nov 9 10:57:38 UTC 2017
This is an automated email from the git hooks/post-receive script.
rouca pushed a commit to branch upstream
in repository node-asn1.js.
commit 68be63f9e65eb9fea2f154438f2e3fafa794d569
Author: Rui Quelhas <rfpquelhas at gmail.com>
Date: Fri Jan 27 21:08:39 2017 +0000
5280: fix revoked certificate decoding
PR-URL: https://github.com/indutny/asn1.js/pull/84
Reviewed-By: Fedor Indutny <fedor at indutny.com>
---
rfc/5280/index.js | 16 +++++++++-------
rfc/5280/test/basic-test.js | 21 +++++++++++++++++++++
rfc/5280/test/fixtures/cert1.crl | Bin 0 -> 541 bytes
rfc/5280/test/fixtures/cert4.crl | Bin 0 -> 462 bytes
4 files changed, 30 insertions(+), 7 deletions(-)
diff --git a/rfc/5280/index.js b/rfc/5280/index.js
index 41527c8..0aefdd2 100644
--- a/rfc/5280/index.js
+++ b/rfc/5280/index.js
@@ -163,18 +163,20 @@ var TBSCertList = asn1.define('TBSCertList', function() {
this.key('issuer').use(Name),
this.key('thisUpdate').use(Time),
this.key('nextUpdate').use(Time),
- this.key('revokedCertificates').optional().seq().obj(
- this.seq().obj(
- this.key('userCertificate').int(),
- this.key('revocationDate').use(Time),
- this.key('crlEntryExtensions').optional().seqof(Extension)
- )
- ),
+ this.key('revokedCertificates').optional().seqof(RevokedCertificate),
this.key('crlExtensions').explicit(0).optional().seqof(Extension)
);
});
rfc5280.TBSCertList = TBSCertList;
+var RevokedCertificate = asn1.define('RevokedCertificate', function() {
+ this.seq().obj(
+ this.key('userCertificate').use(CertificateSerialNumber),
+ this.key('revocationDate').use(Time),
+ this.key('crlEntryExtensions').optional().seqof(Extension)
+ )
+});
+
// Extension ::= SEQUENCE {
// extnID OBJECT IDENTIFIER,
// critical BOOLEAN DEFAULT FALSE,
diff --git a/rfc/5280/test/basic-test.js b/rfc/5280/test/basic-test.js
index 26f6349..3e6ca53 100644
--- a/rfc/5280/test/basic-test.js
+++ b/rfc/5280/test/basic-test.js
@@ -129,4 +129,25 @@ describe('asn1.js RFC5280', function() {
var decoded = rfc5280.IssuingDistributionPoint.decode(data);
assert.deepEqual(decoded, input);
});
+
+ it('should decode Revoked Certificates', function() {
+ var data;
+ var crl;
+
+ // Downloadable CRL (containing two certificates) from distribution point available on cert1.crt
+ data = fs.readFileSync(__dirname + '/fixtures/cert1.crl');
+
+ crl = rfc5280.CertificateList.decode(data, 'der');
+ assert.equal(crl.tbsCertList.revokedCertificates.length, 2)
+ assert.deepEqual(crl.tbsCertList.revokedCertificates[0].userCertificate,
+ new asn1.bignum('764bedd38afd51f7', 16));
+ assert.deepEqual(crl.tbsCertList.revokedCertificates[1].userCertificate,
+ new asn1.bignum('31da3380182af9b2', 16));
+
+ // Downloadable CRL (empty) from distribution point available on cert4.crt
+ data = fs.readFileSync(__dirname + '/fixtures/cert4.crl');
+
+ crl = rfc5280.CertificateList.decode(data, 'der');
+ assert.equal(crl.tbsCertList.revokedCertificates, undefined);
+ });
});
diff --git a/rfc/5280/test/fixtures/cert1.crl b/rfc/5280/test/fixtures/cert1.crl
new file mode 100644
index 0000000..9801ec6
Binary files /dev/null and b/rfc/5280/test/fixtures/cert1.crl differ
diff --git a/rfc/5280/test/fixtures/cert4.crl b/rfc/5280/test/fixtures/cert4.crl
new file mode 100644
index 0000000..7af4c16
Binary files /dev/null and b/rfc/5280/test/fixtures/cert4.crl differ
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-javascript/node-asn1.js.git
More information about the Pkg-javascript-commits
mailing list