WebCrypto GOST: Request and certificate issue

The tool is intended for experimentation with data processing

Generate PKCS#10 certificate request

Certificate Request contents PKCS#10 format

                    
                    
                    
                    
                    Private key contents PKCS#8 format
                    

                    
                    
                    
                    
                    Generate request method
                    
// Create certificate request with parameters from this page 
var req = new gostCrypto.cert.Request({
    subject: {
        countryName: countryName.value,
        stateOrProvinceName: stateOrProvinceName.value,
        organizationalUnitName: organizationalUnitName.value,
        organizationName: organizationName.value,
        title: title.value,
        commonName: commonName.value
    }
});
req.generate(provider.value).then(function(key) {

    // Output ready certification request
    request.textContent = req.encode('PEM');

    // Output ready private key
    privateKey.textContent = key.encode('PEM');
}).catch(function(reason) {
    alert(reason.message);
});

Issue certificate

CA Certificate & Private key from previous PKI example

                    
X.509 Certificate contents

                    
                    
                    
                    
                    Issue certificate method
                    
try {
    // Import root CA private key
    var cakey = new gostCrypto.asn1.PrivateKeyInfo(certAndKeyCA.textContent);
    // Import root CA certificate
    var cacert = new gostCrypto.cert.X509(certAndKeyCA.textContent);

    // Import the request
    var req = new gostCrypto.cert.Request(request.textContent), cert;
    // Verify the request
    req.verify().then(function() {

        // Create the new certificate
        cert = new gostCrypto.cert.X509(req);

        var notBefore = new Date();
        notBefore.setHours(0, 0, 0, 0);
        var notAfter = new Date(notBefore);
        notAfter.setDate(notAfter.getDate() + parseInt(days.value || '365'));
        cert.notBefore = notBefore;
        cert.notAfter = notAfter;

        // Sign the new certificate
        return cert.sign(cakey, cacert);
    }).then(function() {

        // Output ready certificate
        certificate.textContent = cert.encode('PEM') + '\r\n\r\n' + privateKey.textContent;

        // Verify the issued certificate
        return cert.verify(cacert);
    }).catch(function(reason) {
        alert(reason.message);
    });
} catch(e) {
    alert(e.message);
}