我正在使用node-foge库在nodejs中尝试以下代码。
const cert = fs.readFileSync("test.cer")
const cCert = pki.certificateFromPem(cert)
const basicConstraints= cCert.extensions.find(item => item.name === 'basicConstraints')
console.log(basicConstraints.value);
输出为:
0z0$u0006b+u0006u0001u0005u0005u00070u0001u0018http://ocsp.digicert.com0Ru0006b+u0006u0001u0005u0005u00070u0002Fhttp://...digiCA.crt
如何转换为适当的值?
您可以使用asn1.fromDer解析扩展值,并遍历树来收集CRL分发点:
const pki = require('node-forge').pki;
const asn1 = require('node-forge').asn1;
const fs = require('fs');
const cert = fs.readFileSync("test.cer");
const cCert = pki.certificateFromPem(cert);
const distributionPoints = [];
const getDistributionPoints = (node) => {
if (typeof node === 'string') {
distributionPoints.push(node);
return;
}
if (Array.isArray(node)) {
node.forEach(getDistributionPoints);
return;
}
if (node && typeof node === 'object') {
getDistributionPoints(node.value)
}
}
const ext = cCert.getExtension('cRLDistributionPoints');
getDistributionPoints(asn1.fromDer(ext.value))
console.log(distributionPoints);