PKIjs provides a Typescript implementation of the most common formats and algorithms needed to build PKI-enabled applications
- The creation and validation of X.509 certificates (RFC 5280) is used by all certificate-enabled applications.
- PKCS#10 (RFC 2986) is the most commonly used enrollment data structure used by X.509 applications. It enables the requestor to prove control of a given public key.
- Cryptographic Message Syntax (RFC 5652) is the most commonly used data structure for signing data in X.509 applications. CMS makes it easy to both sign and represent all of the data needed to verify a signature.
- Cryptographic Message Syntax (RFC 5652) is also the most commonly used data structure for encrypting data in X.509 applications. CMS makes it easy to provide interoperable data encryption.
- Time-Stamp Protocol (RFC 3161) is the most commonly used protocol for proving that data existed before a particular time. It is commonly used in signing applications to ensure signatures are verifiable long into the future.
- Typescript and object-oriented implementation
- Contains no cryptographic implementations and instead leverages Web Crypto API
- Work uniformly both in browser and in Node/Dino
To install the stable version:
npm install --save pkijs
This assumes you are using npm as your package manager.
Certificates and Revocation
- Create and validate an X.509 certificate
- Working with certificate requests
- Creating and parsing CRLs
- Working with OCSP requests
- Working with OCSP responses
Signing and Encryption with CMS
- Working with CMS Signing
- Working with CMS Certificate-based Encryption
- Working with CMS password-based Encryption
- Working with PKCS#7 Certificate bags (P7B)
- How to verify a signature in a PDF file
- S/MIME signature verification
- S/MIME signature encryption
- Working with PKCS#12 files
You can find the PKI.js documentation on the website.
Want to help?
Want to file a bug, contribute some code, or improve documentation? Excellent! Read up on our guidelines for contribution.