[Pkg-javascript-commits] [node-asn1.js] 02/21: 5280: fix revoked certificate decoding

Bastien Roucariès rouca at moszumanska.debian.org
Thu Nov 9 10:57:38 UTC 2017


This is an automated email from the git hooks/post-receive script.

rouca pushed a commit to branch upstream
in repository node-asn1.js.

commit 68be63f9e65eb9fea2f154438f2e3fafa794d569
Author: Rui Quelhas <rfpquelhas at gmail.com>
Date:   Fri Jan 27 21:08:39 2017 +0000

    5280: fix revoked certificate decoding
    
    PR-URL: https://github.com/indutny/asn1.js/pull/84
    Reviewed-By: Fedor Indutny <fedor at indutny.com>
---
 rfc/5280/index.js                |  16 +++++++++-------
 rfc/5280/test/basic-test.js      |  21 +++++++++++++++++++++
 rfc/5280/test/fixtures/cert1.crl | Bin 0 -> 541 bytes
 rfc/5280/test/fixtures/cert4.crl | Bin 0 -> 462 bytes
 4 files changed, 30 insertions(+), 7 deletions(-)

diff --git a/rfc/5280/index.js b/rfc/5280/index.js
index 41527c8..0aefdd2 100644
--- a/rfc/5280/index.js
+++ b/rfc/5280/index.js
@@ -163,18 +163,20 @@ var TBSCertList = asn1.define('TBSCertList', function() {
     this.key('issuer').use(Name),
     this.key('thisUpdate').use(Time),
     this.key('nextUpdate').use(Time),
-    this.key('revokedCertificates').optional().seq().obj(
-      this.seq().obj(
-        this.key('userCertificate').int(),
-        this.key('revocationDate').use(Time),
-        this.key('crlEntryExtensions').optional().seqof(Extension)
-      )
-    ),
+    this.key('revokedCertificates').optional().seqof(RevokedCertificate),
     this.key('crlExtensions').explicit(0).optional().seqof(Extension)
   );
 });
 rfc5280.TBSCertList = TBSCertList;
 
+var RevokedCertificate = asn1.define('RevokedCertificate', function() {
+  this.seq().obj(
+    this.key('userCertificate').use(CertificateSerialNumber),
+    this.key('revocationDate').use(Time),
+    this.key('crlEntryExtensions').optional().seqof(Extension)
+  )
+});
+
 // Extension  ::=  SEQUENCE  {
 //      extnID      OBJECT IDENTIFIER,
 //      critical    BOOLEAN DEFAULT FALSE,
diff --git a/rfc/5280/test/basic-test.js b/rfc/5280/test/basic-test.js
index 26f6349..3e6ca53 100644
--- a/rfc/5280/test/basic-test.js
+++ b/rfc/5280/test/basic-test.js
@@ -129,4 +129,25 @@ describe('asn1.js RFC5280', function() {
     var decoded = rfc5280.IssuingDistributionPoint.decode(data);
     assert.deepEqual(decoded, input);
   });
+
+  it('should decode Revoked Certificates', function() {
+    var data;
+    var crl;
+
+    // Downloadable CRL (containing two certificates) from distribution point available on cert1.crt
+    data = fs.readFileSync(__dirname + '/fixtures/cert1.crl');
+
+    crl = rfc5280.CertificateList.decode(data, 'der');
+    assert.equal(crl.tbsCertList.revokedCertificates.length, 2)
+    assert.deepEqual(crl.tbsCertList.revokedCertificates[0].userCertificate,
+                     new asn1.bignum('764bedd38afd51f7', 16));
+    assert.deepEqual(crl.tbsCertList.revokedCertificates[1].userCertificate,
+                     new asn1.bignum('31da3380182af9b2', 16));
+
+    // Downloadable CRL (empty) from distribution point available on cert4.crt
+    data = fs.readFileSync(__dirname + '/fixtures/cert4.crl');
+
+    crl = rfc5280.CertificateList.decode(data, 'der');
+    assert.equal(crl.tbsCertList.revokedCertificates, undefined);
+  });
 });
diff --git a/rfc/5280/test/fixtures/cert1.crl b/rfc/5280/test/fixtures/cert1.crl
new file mode 100644
index 0000000..9801ec6
Binary files /dev/null and b/rfc/5280/test/fixtures/cert1.crl differ
diff --git a/rfc/5280/test/fixtures/cert4.crl b/rfc/5280/test/fixtures/cert4.crl
new file mode 100644
index 0000000..7af4c16
Binary files /dev/null and b/rfc/5280/test/fixtures/cert4.crl differ

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-javascript/node-asn1.js.git



More information about the Pkg-javascript-commits mailing list