什么是 @fidm/x509?
@fidm/x509 是一个 JavaScript 库,用于解析和操作 x509 证书。它提供了一组 API,可以方便地获取证书信息、验证证书、生成证书以及操作证书链。它是一个专业级的工具,特别适用于需要在 Web 应用中进行证书验证和身份认证的场景。
如何安装 @fidm/x509?
要使用 @fidm/x509,需要先安装它,并引入到你的项目中。你可以使用 npm 安装它:
npm install @fidm/x509
安装完成后,你需要在你的代码中引入它:
const { Certificate } = require('@fidm/x509');如何使用 @fidm/x509?
@fidm/x509 提供了一些 API,可以方便地操作证书。下面我们来逐一介绍它的 API。
解析证书
要解析证书,首先需要将证书转换成一个字符串,然后使用 Certificate.fromPEM() 方法将其解析:
-- -------------------- ---- ------- ----- - ----------- - - ---------------------- ----- ------- - ----------- ---------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------------------------------------------------------------------------------------- ---------------------------------------------------------------- -------- ------------------ ----- ---- - -----------------------------
获取证书信息
解析完成后,就可以方便地获取证书的各种信息了。例如,获取证书的主体和颁发者信息:
-- -------------------- ---- ------- ----- - ----------- - - ---------------------- ----- ------- - ----------- ---------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------------------------------------------------------------------------------------- ---------------------------------------------------------------- -------- ------------------ ----- ---- - ----------------------------- ----------------------- -------------- ---------------------- -------------
输出的结果类似:
Subject: {
CN: 'www.example.com'
}
Issuer: {
CN: 'www.example.com'
}验证证书
@fidm/x509 除了可以解析证书外,还可以验证证书。例如,验证证书是否过期:
-- -------------------- ---- ------- ----- - ----------- - - ---------------------- ----- ------- - ----------- ---------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------------------------------------------------------------------------------------- ---------------------------------------------------------------- -------- ------------------ ----- ---- - ----------------------------- ------------------ ------- ------------------------------- --------------- -------- ------------
输出的结果类似:
Valid until: 2022/6/27 下午8:04:34 Is valid? true
生成证书
除了解析和验证证书外,@fidm/x509 也可以生成证书。例如,生成一个自签名的证书:
-- -------------------- ---- -------
----- - --------------------- ----------- - - ----------------------
----- -- - --- -----------------------
----- - ----------- --------- - - ----------
----- ---- - -----------------------------
-
----- ---------------------
---- ----------
----------- -----------
--
-
----- ----
--
--
--------------------------
----------------------------------------------输出的结果类似:
-- -------------------- ---- ------- ---------- ---------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------------------------------------------------------------------------------------- ---------------------------------------------------------------- -------- ---------------- ----
操作证书链
@fidm/x509 还可以方便地操作证书链。例如,验证一个证书链是否合法:
-- -------------------- ---- ------- ----- - ------------ ---------------- - - ---------------------- ----- ----------- - ----------- ---------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------- -------- ------------------ ----- ------------- - ----------- ---------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ------------------------------------------------------ -------- ------------------ ----- ----------- - ----------- ---------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ------------------------------------ -------- ------------------ ----- -------- - --------------------------------- ----- ---------- - ----------------------------------- ----- -------- - --------------------------------- ----- ----- - --- --------------------------- ----------- ----------- ---------------------------- -- ----
输出结果为 true,说明证书链是合法的。
示例代码
以上是 @fidm/x509 的主要使用方法和 API。下面是一个完整的示例代码,供参考:
-- -------------------- ---- ------- ----- - --------------------- ------------ ---------------- - - ---------------------- ----- ----------- - ----------- ---------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------- -------- ------------------ ----- ------------- - ----------- ---------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ------------------------------------------------------ -------- ------------------ ----- ----------- - ----------- ---------------- ---------------------------------------------------------------- ---------------------------------------------------------------- ------------------------------------------- - ------------------------------------------------------------------------------ -------- ------------------------------------------------------------------------------------------------------------------------