forked from svrjs/svrjs
146 lines
4.3 KiB
JavaScript
146 lines
4.3 KiB
JavaScript
|
var asn1 = require('asn1.js');
|
||
|
|
var rfc5280 = require('asn1.js-rfc5280');
|
||
|
|
|
||
|
|
var OCSPRequest = asn1.define('OCSPRequest', function() {
|
||
|
|
this.seq().obj(
|
||
|
|
this.key('tbsRequest').use(TBSRequest),
|
||
|
|
this.key('optionalSignature').optional().explicit(0).use(Signature)
|
||
|
|
);
|
||
|
|
});
|
||
|
|
exports.OCSPRequest = OCSPRequest;
|
||
|
|
|
||
|
|
var TBSRequest = asn1.define('TBSRequest', function() {
|
||
|
|
this.seq().obj(
|
||
|
|
this.key('version').def('v1').explicit(0).use(rfc5280.Version),
|
||
|
|
this.key('requestorName').optional().explicit(1).use(rfc5280.GeneralName),
|
||
|
|
this.key('requestList').seqof(Request),
|
||
|
|
this.key('requestExtensions').optional().explicit(2)
|
||
|
|
.seqof(rfc5280.Extension)
|
||
|
|
);
|
||
|
|
});
|
||
|
|
exports.TBSRequest = TBSRequest;
|
||
|
|
|
||
|
|
var Signature = asn1.define('Signature', function() {
|
||
|
|
this.seq().obj(
|
||
|
|
this.key('signatureAlgorithm').use(rfc5280.AlgorithmIdentifier),
|
||
|
|
this.key('signature').bitstr(),
|
||
|
|
this.key('certs').optional().explicit(0).seqof(rfc5280.Certificate)
|
||
|
|
);
|
||
|
|
});
|
||
|
|
exports.Signature = Signature;
|
||
|
|
|
||
|
|
var Request = asn1.define('Request', function() {
|
||
|
|
this.seq().obj(
|
||
|
|
this.key('reqCert').use(CertID),
|
||
|
|
this.key('singleRequestExtensions').optional().explicit(0).seqof(
|
||
|
|
rfc5280.Extension)
|
||
|
|
);
|
||
|
|
});
|
||
|
|
exports.Request = Request;
|
||
|
|
|
||
|
|
var OCSPResponse = asn1.define('OCSPResponse', function() {
|
||
|
|
this.seq().obj(
|
||
|
|
this.key('responseStatus').use(ResponseStatus),
|
||
|
|
this.key('responseBytes').optional().explicit(0).seq().obj(
|
||
|
|
this.key('responseType').objid({
|
||
|
|
'1 3 6 1 5 5 7 48 1 1': 'id-pkix-ocsp-basic'
|
||
|
|
}),
|
||
|
|
this.key('response').octstr()
|
||
|
|
)
|
||
|
|
);
|
||
|
|
});
|
||
|
|
exports.OCSPResponse = OCSPResponse;
|
||
|
|
|
||
|
|
var ResponseStatus = asn1.define('ResponseStatus', function() {
|
||
|
|
this.enum({
|
||
|
|
0: 'successful',
|
||
|
|
1: 'malformed_request',
|
||
|
|
2: 'internal_error',
|
||
|
|
3: 'try_later',
|
||
|
|
5: 'sig_required',
|
||
|
|
6: 'unauthorized'
|
||
|
|
});
|
||
|
|
});
|
||
|
|
exports.ResponseStatus = ResponseStatus;
|
||
|
|
|
||
|
|
var BasicOCSPResponse = asn1.define('BasicOCSPResponse', function() {
|
||
|
|
this.seq().obj(
|
||
|
|
this.key('tbsResponseData').use(ResponseData),
|
||
|
|
this.key('signatureAlgorithm').use(rfc5280.AlgorithmIdentifier),
|
||
|
|
this.key('signature').bitstr(),
|
||
|
|
this.key('certs').optional().explicit(0).seqof(rfc5280.Certificate)
|
||
|
|
);
|
||
|
|
});
|
||
|
|
exports.BasicOCSPResponse = BasicOCSPResponse;
|
||
|
|
|
||
|
|
var ResponseData = asn1.define('ResponseData', function() {
|
||
|
|
this.seq().obj(
|
||
|
|
this.key('version').def('v1').explicit(0).use(rfc5280.Version),
|
||
|
|
this.key('responderID').use(ResponderID),
|
||
|
|
this.key('producedAt').gentime(),
|
||
|
|
this.key('responses').seqof(SingleResponse),
|
||
|
|
this.key('responseExtensions').optional().explicit(0)
|
||
|
|
.seqof(rfc5280.Extension)
|
||
|
|
);
|
||
|
|
});
|
||
|
|
exports.ResponseData = ResponseData;
|
||
|
|
|
||
|
|
var ResponderID = asn1.define('ResponderId', function() {
|
||
|
|
this.choice({
|
||
|
|
byName: this.explicit(1).use(rfc5280.Name),
|
||
|
|
byKey: this.explicit(2).use(KeyHash)
|
||
|
|
});
|
||
|
|
});
|
||
|
|
exports.ResponderID = ResponderID;
|
||
|
|
|
||
|
|
var KeyHash = asn1.define('KeyHash', function() {
|
||
|
|
this.octstr();
|
||
|
|
});
|
||
|
|
exports.KeyHash = KeyHash;
|
||
|
|
|
||
|
|
var SingleResponse = asn1.define('SingleResponse', function() {
|
||
|
|
this.seq().obj(
|
||
|
|
this.key('certId').use(CertID),
|
||
|
|
this.key('certStatus').use(CertStatus),
|
||
|
|
this.key('thisUpdate').gentime(),
|
||
|
|
this.key('nextUpdate').optional().explicit(0).gentime(),
|
||
|
|
this.key('singleExtensions').optional().explicit(1).seqof(rfc5280.Extension)
|
||
|
|
);
|
||
|
|
});
|
||
|
|
exports.SingleResponse = SingleResponse;
|
||
|
|
|
||
|
|
var CertStatus = asn1.define('CertStatus', function() {
|
||
|
|
this.choice({
|
||
|
|
good: this.implicit(0).null_(),
|
||
|
|
revoked: this.implicit(1).use(RevokedInfo),
|
||
|
|
unknown: this.implicit(2).null_()
|
||
|
|
});
|
||
|
|
});
|
||
|
|
exports.CertStatus = CertStatus;
|
||
|
|
|
||
|
|
var RevokedInfo = asn1.define('RevokedInfo', function() {
|
||
|
|
this.seq().obj(
|
||
|
|
this.key('revocationTime').gentime(),
|
||
|
|
this.key('revocationReason').optional().explicit(0).use(rfc5280.ReasonCode)
|
||
|
|
);
|
||
|
|
});
|
||
|
|
exports.RevokedInfo = RevokedInfo;
|
||
|
|
|
||
|
|
var CertID = asn1.define('CertID', function() {
|
||
|
|
this.seq().obj(
|
||
|
|
this.key('hashAlgorithm').use(rfc5280.AlgorithmIdentifier),
|
||
|
|
this.key('issuerNameHash').octstr(),
|
||
|
|
this.key('issuerKeyHash').octstr(),
|
||
|
|
this.key('serialNumber').use(rfc5280.CertificateSerialNumber)
|
||
|
|
);
|
||
|
|
});
|
||
|
|
exports.CertID = CertID;
|
||
|
|
|
||
|
|
var Nonce = asn1.define('Nonce', function() {
|
||
|
|
this.octstr();
|
||
|
|
});
|
||
|
|
exports.Nonce = Nonce;
|
||
|
|
|
||
|
|
exports['id-pkix-ocsp'] = [ 1, 3, 6, 1, 5, 5, 7, 48, 1 ];
|
||
|
|
exports['id-pkix-ocsp-nonce'] = [ 1, 3, 6, 1, 5, 5, 7, 48, 1, 2 ];
|