You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
211 lines
8.8 KiB
211 lines
8.8 KiB
<!DOCTYPE html> |
|
<html> |
|
|
|
<head> |
|
<meta charset='utf-8' /> |
|
<meta http-equiv="X-UA-Compatible" content="chrome=1" /> |
|
<meta name="description" content="jsrsasign : The 'jsrsasign' (RSA-Sign JavaScript Library) is a open source free pure JavaScript implementation of PKCS#1 v2.1 RSASSA-PKCS1-v1_5 RSA signing and validation algorithm." /> |
|
|
|
<link rel="stylesheet" type="text/css" media="screen" href="stylesheets/stylesheet.css"> |
|
<title>JS Certification Authority :)</title> |
|
<!-- for pkcs5pkey --> |
|
<script language="JavaScript" type="text/javascript" src="jsrsasign-latest-all-min.js"></script> |
|
<script language="JavaScript" type="text/javascript"> |
|
function doIssue() { |
|
var f1 = document.form1; |
|
|
|
f1.newcert1.value = "issuing ..."; |
|
|
|
// 1. generate TBSCertificate |
|
var tbsc = new KJUR.asn1.x509.TBSCertificate(); |
|
tbsc.setSerialNumberByParam({'int': parseInt(f1.serial1.value)}); |
|
tbsc.setSignatureAlgByParam({'name': 'SHA1withRSA'}); |
|
tbsc.setIssuerByParam({'str': f1.issuer1.value}); |
|
tbsc.setNotBeforeByParam({'str': f1.notbefore1.value}); |
|
tbsc.setNotAfterByParam({'str': f1.notafter1.value}); |
|
tbsc.setSubjectByParam({'str': f1.subject1.value}); |
|
tbsc.setSubjectPublicKeyByParam({'rsapem': f1.pubkey1.value}); |
|
|
|
if (f1.bc_exists.checked) { |
|
var param = {}; |
|
param['critical'] = (f1.bc_critical.checked)? true : false; |
|
param['cA'] = (f1.bc_ca.checked)? true : false; |
|
if (f1.bc_pathlen.value != '') { |
|
param['pathLen'] = parseInt(f1.bc_pathlen.value); |
|
} |
|
tbsc.appendExtension(new KJUR.asn1.x509.BasicConstraints(param)); |
|
} |
|
|
|
if (f1.ku_exists.checked) { |
|
var param = {}; |
|
param['critical'] = (f1.ku_critical.checked)? true : false; |
|
var sBin = ''; |
|
sBin += (f1.ku_0dsig.checked) ? "1" : "0"; |
|
sBin += (f1.ku_1nonrep.checked) ? "1" : "0"; |
|
sBin += (f1.ku_2keyenc.checked) ? "1" : "0"; |
|
sBin += (f1.ku_3datenc.checked) ? "1" : "0"; |
|
sBin += (f1.ku_4keyagree.checked) ? "1" : "0"; |
|
sBin += (f1.ku_5keycertsign.checked) ? "1" : "0"; |
|
sBin += (f1.ku_6crlsign.checked) ? "1" : "0"; |
|
sBin += (f1.ku_7enconly.checked) ? "1" : "0"; |
|
sBin += (f1.ku_8deconly.checked) ? "1" : "0"; |
|
param['bin'] = sBin; |
|
tbsc.appendExtension(new KJUR.asn1.x509.KeyUsage(param)); |
|
} |
|
|
|
if (f1.eku_exists.checked) { |
|
var param = {}; |
|
var a = []; |
|
param.critical = (f1.eku_critical.checked) ? true : false; |
|
if (f1.eku_srv.checked) a.push({name: 'serverAuth'}); |
|
if (f1.eku_cli.checked) a.push({name: 'clientAuth'}); |
|
if (f1.eku_code.checked) a.push({name: 'codeSigning'}); |
|
if (f1.eku_email.checked) a.push({name: 'emailProtection'}); |
|
if (f1.eku_time.checked) a.push({name: 'timeStamping'}); |
|
param.array = a; |
|
var ext = new KJUR.asn1.x509.ExtKeyUsage(param); |
|
tbsc.appendExtension(ext); |
|
} |
|
|
|
if (f1.cdp_exists.checked && f1.cdp_uri.value != '') { |
|
var param = {}; |
|
param['critical'] = (f1.cdp_critical.checked)? true : false; |
|
param['uri'] = f1.cdp_uri.value; |
|
tbsc.appendExtension(new KJUR.asn1.x509.CRLDistributionPoints(param)); |
|
} |
|
|
|
// generate and sign certificate |
|
var caKey = KEYUTIL.getKey.apply(null, [f1.cakey1.value, f1.cakeypass1.value]); |
|
var cert = new KJUR.asn1.x509.Certificate({tbscertobj: tbsc, |
|
prvkeyobj: caKey}); |
|
cert.sign(); |
|
f1.newcert1.value = cert.getPEMString(); |
|
} |
|
</script> |
|
</head> |
|
|
|
<body> |
|
|
|
<!-- HEADER --> |
|
<div id="header_wrap" class="outer"> |
|
<header class="inner"> |
|
<h1 id="project_title">JS Certification Authority</h1> |
|
<h2 id="project_tagline">This is the world's first test certification authority by pure JavaScript ;)</h2> |
|
|
|
<a href="http://kjur.github.io/jsrsasign/">TOP</a> | |
|
<a href="https://github.com/kjur/jsrsasign/tags/" target="_blank">DOWNLOADS</a> | |
|
<a href="https://github.com/kjur/jsrsasign/wiki#programming-tutorial">TUTORIALS</a> | |
|
<a href="http://kjur.github.io/jsrsasign/api/" target="_blank">API REFERENCE</a> | |
|
<a href="http://kjur.github.io/jsrsasign/index.html#demo" target="_blank">DEMOS</a> | |
|
</header> |
|
</div> |
|
|
|
<!-- MAIN CONTENT --> |
|
<div id="main_content_wrap" class="outer"> |
|
<section id="main_content" class="inner"> |
|
|
|
<!-- now editing --> |
|
<form name="form1"> |
|
<h4>(Step1) Fill CA private key (PEM formatted PKCS#5 RSA key) and passcode</h4> |
|
<textarea name="cakey1" cols="65" rows="6">-----BEGIN RSA PRIVATE KEY----- |
|
Proc-Type: 4,ENCRYPTED |
|
DEK-Info: DES-EDE3-CBC,4626F2E5853E783F |
|
|
|
3vFpkrnbantC8RSzng2+jBw/VX95oi0VGKP0G8whENHUOVQXB/YOUSj+n80Y0Wwc |
|
GpeQi8U0FQdWyYv8b9aioeFB06r9t9mJsYscJ/wcIvv5tTMkr89cwN3+4GQQuqNg |
|
TmI9ekeoZ3NP26hTM4XTuFqHx4dzNNwjDLc8txc77WE/o4J4p8k9Py5yPZjs9EKy |
|
wy/yxtqQYQuFj90OMEG1G89iHTZRcq4YTZYdqg6P/XEUvyjifN+7Nym8f2N9TDDn |
|
RJtApPQlrgXvUDQKz6Lu1ZYMwe94E9YdutDGQMbxixbiyxlcxrkb/oEHH5WP5qPG |
|
w/xzh08Ce2Ftba2Q860S8nznjyZFiv+lqSKBahbujgP/63ZL+JbAd4cYBqgm4g1C |
|
YwMhHJbaVCzwYduxdyK2JBYEosDZiDfnOP4DqPhJYpg= |
|
-----END RSA PRIVATE KEY-----</textarea> |
|
<br/> |
|
CA KEY PASSCODE(=hoge): <input type="password" name="cakeypass1" value="hoge" size="0"/> |
|
<br/> |
|
|
|
<!-- ============================================================== --> |
|
|
|
<h4>(Step2) Fill Issuing Certificate Fields</h4> |
|
<table> |
|
<tr><td>Serial:</td><td><input type="text" name="serial1" value="76" size="20"/></td></tr> |
|
<tr><td>Issuer DN:</td><td><input type="text" name="issuer1" value="/C=US/O=JS-TEST-CA" size="80"/></td></tr> |
|
<tr><td>Validity:</td><td> |
|
From <input type="text" name="notbefore1" value="130501235959Z" size="20"/> |
|
To <input type="text" name="notafter1" value="230501235959Z" size="20"/> |
|
</td></tr> |
|
<tr><td>Subjec DN:</td><td><input type="text" name="subject1" value="/C=US/CN=Test User1" size="80"/></td></tr> |
|
<tr><td>Subject<br/>Public Key</td><td> |
|
<textarea name="pubkey1" cols="65" rows="3">-----BEGIN PUBLIC KEY----- |
|
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAOtpGHibL8Ue+MXPPufkcrNES40rCT5L |
|
RIU9MjTZ8/7owG5bAsiFA9Xxh3uZK1T5QA64jNJVbp2ojHAtNyWPuwsCAwEAAQ== |
|
-----END PUBLIC KEY-----</textarea><br/> |
|
NOTE: This shall be 'BEGIN PUBLIC KEY', not 'BEGIN RSA PUBLIC KEY'.</td></tr> |
|
<tr><td colspan="2"> |
|
Basic Constraints: |
|
exists<input type="checkbox" name="bc_exists" value="1" checked/> |
|
critical<input type="checkbox" name="bc_critical" value="1" checked/> |
|
cAflag<input type="checkbox" name="bc_ca" value="1"/> |
|
pathLen<input type="text" name="bc_pathlen" size="3"/> |
|
</td></tr> |
|
<tr><td colspan="2"> |
|
Key Usage: |
|
exists<input type="checkbox" name="ku_exists" value="1" checked/> |
|
critical<input type="checkbox" name="ku_critical" value="1"/> |
|
<br/> |
|
<input type="checkbox" name="ku_0dsig" value="1" checked/> digitalSignature(0) |
|
<input type="checkbox" name="ku_1nonrep" value="1"/> nonRepudiation(1) |
|
<input type="checkbox" name="ku_2keyenc" value="1"/> keyEncipherment(2)<br/> |
|
<input type="checkbox" name="ku_3datenc" value="1"/> dataEncipherment(3) |
|
<input type="checkbox" name="ku_4keyagree" value="1"/> keyAgreement(4) |
|
<input type="checkbox" name="ku_5keycertsign" value="1"/> keyCertSign(5)<br/> |
|
<input type="checkbox" name="ku_6crlsign" value="1"/> keyEncipherment(6) |
|
<input type="checkbox" name="ku_7enconly" value="1"/> encipherOnly(7) |
|
<input type="checkbox" name="ku_8deconly" value="1"/> decipherOnly(8)<br/> |
|
</td></tr> |
|
<tr><td colspan="2"> |
|
Extended Key Usage: |
|
exists<input type="checkbox" name="eku_exists" value="1"/> |
|
critical<input type="checkbox" name="eku_critical" value="1"/> |
|
<br/> |
|
<input type="checkbox" name="eku_srv" value="1"/> serverAuth |
|
<input type="checkbox" name="eku_cli" value="1"/> clientAuth |
|
<input type="checkbox" name="eku_code" value="1"/> codeSigning |
|
<input type="checkbox" name="eku_email" value="1"/> emailProtection |
|
<input type="checkbox" name="eku_time" value="1"/> timeStamping |
|
</td></tr> |
|
<tr><td colspan="2"> |
|
CRL DistributionPoints: |
|
exists<input type="checkbox" name="cdp_exists" value="1" checked/> |
|
critical<input type="checkbox" name="cdp_critical" value="1"/> |
|
<br/> |
|
URL<input type="text" name="cdp_uri" value="http://test.com/jsca.crl" size="80"/> |
|
</td></tr> |
|
</table> |
|
|
|
<h4>(Step3) Press "Issue Certificate" button</h4> |
|
<input type="button" value="Issue Certificate" onClick="doIssue();"/> |
|
<input type="reset" name="reset" value="Reset"/> |
|
|
|
<h2>Issued Certificate</h2> |
|
<textarea name="newcert1" cols="65" rows="8"></textarea> |
|
|
|
</form> |
|
|
|
<!-- now editing --> |
|
|
|
</section> |
|
</div> |
|
|
|
<!-- FOOTER --> |
|
<div id="footer_wrap" class="outer"> |
|
<footer class="inner"> |
|
<p class="copyright">jsrsasign maintained by <a href="https://github.com/kjur">kjur</a></p> |
|
<p>Published with <a href="http://pages.github.com">GitHub Pages</a></p> |
|
<div align="center" style="color: white"> |
|
Copyright © 2010-2012 Kenji Urushima. All rights reserved. |
|
</div> |
|
</footer> |
|
</div> |
|
|
|
</body> |
|
</html>
|
|
|