问题
I'm using crypto module to validate a certificate, but both, my certificate and my public key are in DER format. It seems that crypto module does not accept this format.
Is there a way (or module) to convert DER to PEM format using NodeJS? I couldn't find any and cannot use command line to call openssl via shell.
UPDATE: It's not about HTTPS certificates. It's about general X.509 certificates. And if you mark the question as negative, please leave a comment to justify it. Don't be a stupid if you are not able to help.
回答1:
I think the PEM format is just the DER binary data that has been base64 encoded, split into 64 character lines, and wrapped between '-----BEGIN CERTIFICATE-----' and '-----END CERTIFICATE-----'.
So you could do this:
var prefix = '-----BEGIN CERTIFICATE-----\n';
var postfix = '-----END CERTIFICATE-----';
var pemText = prefix + derBuffer.toString('base64').match(/.{0,64}/g).join('\n') + postfix;
You will not need to put a '\n' before the postfix because the last match of the der buffer should be an empty string '', so there will be a '\n' at the end of derBuffer.toString('base64').match(/.{0,64}/g).join('\n')
回答2:
Here's one way of doing it:
function derToPem(der) {
var forge = require("node-forge");
var derKey = forge.util.decode64(der);
var asnObj = forge.asn1.fromDer(derKey);
var asn1Cert = forge.pki.certificateFromAsn1(asnObj);
return forge.pki.certificateToPem(asn1Cert);
};回答3:
Dominykas' answer was good, but in my case, I have a certificate that uses ECC and node-forge does not support it.
So I've found a module called node-openssl-wrapper, which worked perfectly well because it encapsulates the openssl commands in a simple function call, like this:
co(function*() {
var ossl = require('openssl-wrapper');
var derCert = new Buffer('...'); // binary DER certificate
var pemCert = yield ossl.qExec('x509', derCert, { inform: 'der', outform: 'pem' });
});
来源:https://stackoverflow.com/questions/31992865/nodejs-validate-certificate-in-der-format