csrFromPem static method

CertificateSigningRequestData csrFromPem(
  1. String pem
)

Parses the given CSR pem to CertificateSigningRequestData object

Implementation

static CertificateSigningRequestData csrFromPem(String pem) {
  var bytes = CryptoUtils.getBytesFromPEMString(pem);
  var asn1Parser = ASN1Parser(bytes);
  var topLevelSeq = asn1Parser.nextObject() as ASN1Sequence;

  var infoSeq = topLevelSeq.elements!.elementAt(0) as ASN1Sequence;
  var sigSeq = topLevelSeq.elements!.elementAt(1) as ASN1Sequence;
  var sig = topLevelSeq.elements!.elementAt(2) as ASN1BitString;

  // CertificationRequestInfo
  var certificationRequestInfo =
      _getCertificateSigningRequestDataFromSeq(infoSeq);

  // Signature Algorithm
  var pubKeyOid = sigSeq.elements!.elementAt(0) as ASN1ObjectIdentifier;
  int? saltLength;
  String? pssDigest;
  if (pubKeyOid.objectIdentifierAsString == '1.2.840.113549.1.1.10' &&
      sigSeq.elements!.length == 2) {
    pubKeyOid.readableName = 'rsaPSS';
    // We have RSA PSS, check for salt length
    var parameterSeq = sigSeq.elements!.elementAt(1) as ASN1Sequence;
    if (parameterSeq.elements!.length == 3) {
      // Get Digest
      var digestWrapper = parameterSeq.elements!.elementAt(0);
      var digestSeq = ASN1Sequence.fromBytes(digestWrapper.valueBytes!);
      var digestOi = digestSeq.elements!.elementAt(0) as ASN1ObjectIdentifier;
      digestOi.readableName = 'SHA-256'; // TODO REMOVE LATER
      pssDigest = digestOi.readableName;
      // Get Salt
      var el = parameterSeq.elements!.elementAt(2);
      var aInteger = ASN1Integer.fromBytes(el.valueBytes!);
      saltLength = aInteger.integer!.toInt();
    }
  }

  // Signature
  var sigAsString = _bytesAsString(sig.valueBytes!);

  return CertificateSigningRequestData(
    version: certificationRequestInfo.version,
    subject: certificationRequestInfo.subject,
    signatureAlgorithm: pubKeyOid.objectIdentifierAsString,
    signatureAlgorithmReadableName: pubKeyOid.readableName,
    signature: sigAsString,
    publicKeyInfo: certificationRequestInfo.publicKeyInfo,
    saltLength: saltLength,
    pssDigest: pssDigest,
    plain: pem,
    extensions: certificationRequestInfo.extensions,
    certificationRequestInfo: certificationRequestInfo,
    certificationRequestInfoSeq: base64.encode(infoSeq.encode()),
  );
}