crlDataFromPem static method
Implementation
static CertificateRevokeListeData crlDataFromPem(String pem) {
var bytes = CryptoUtils.getBytesFromPEMString(pem);
var asn1Parser = ASN1Parser(bytes);
// TOP LEVEL DATA
var topLevelSeq = asn1Parser.nextObject() as ASN1Sequence;
var tbsCertList = topLevelSeq.elements!.elementAt(0) as ASN1Sequence;
var sigSeq = topLevelSeq.elements!.elementAt(1) as ASN1Sequence;
var sig = topLevelSeq.elements!.elementAt(2) as ASN1BitString;
var certificateList = CertificateListData();
// GET VERSION
var asn1Version = tbsCertList.elements!.elementAt(0) as ASN1Integer;
certificateList.version = asn1Version.integer!.toInt();
// GET SIGNATURE
var sigSequence = tbsCertList.elements!.elementAt(1) as ASN1Sequence;
var oid = sigSequence.elements!.elementAt(0) as ASN1ObjectIdentifier;
certificateList.signatureAlgorithm = oid.objectIdentifierAsString;
certificateList.signatureAlgorithmReadableName = oid.readableName;
// GET ISSUER
var issuerSequence = tbsCertList.elements!.elementAt(2) as ASN1Sequence;
var issuer = _getDnFromSeq(issuerSequence);
certificateList.issuer = issuer;
// GET THIS UPDATE
var thisUpdate = tbsCertList.elements!.elementAt(3) as ASN1UtcTime;
certificateList.thisUpdate = thisUpdate.time;
// GET NEXT UPDATE
var nextUpdate = tbsCertList.elements!.elementAt(4) as ASN1UtcTime;
certificateList.nextUpdate = nextUpdate.time;
// GET REVOKED CERTIFICATES
var rCertificates = <RevokedCertificate>[];
if (tbsCertList.elements!.elementAt(5) is ASN1Sequence) {
var revokedCertificates =
tbsCertList.elements!.elementAt(5) as ASN1Sequence;
for (var e in revokedCertificates.elements!) {
var revoked = RevokedCertificate();
var data = e as ASN1Sequence;
var asn1Int = data.elements!.elementAt(0) as ASN1Integer;
revoked.serialNumber = asn1Int.integer!;
var revokeDate = data.elements!.elementAt(1) as ASN1UtcTime;
revoked.revocationDate = revokeDate.time;
if (data.elements!.length > 2) {
var extensions = CrlEntryExtensionsData();
var ext = data.elements!.elementAt(2) as ASN1Sequence;
if (ext.elements!.isNotEmpty) {
var crlReason = ext.elements!.elementAt(0) as ASN1Sequence;
var octedString =
crlReason.elements!.elementAt(1) as ASN1OctetString;
var parser = ASN1Parser(octedString.octets);
var enumerated = parser.nextObject() as ASN1Integer;
var int = enumerated.integer;
var crlReasonValue = _crlReasonFromInt(int!);
extensions.reason = crlReasonValue;
}
revoked.extensions = extensions;
}
rCertificates.add(revoked);
}
} else {
// MISSING SEQUENCE THAT CONTAINS REVOKED CERTIFICATES
}
certificateList.revokedCertificates = rCertificates;
// GET EXTENSIONS
// TODO PARSE
// GET SIGNATURE ALGORITHM
var pubKeyOid = sigSeq.elements!.elementAt(0) as ASN1ObjectIdentifier;
// GET SIGNATURE
var sigAsString = _bytesAsString(sig.valueBytes!);
return CertificateRevokeListeData(
tbsCertList: certificateList,
signatureAlgorithm: pubKeyOid.objectIdentifierAsString,
signatureAlgorithmReadableName: pubKeyOid.readableName,
signature: sigAsString,
);
}