createCRL static method
Uint8List
createCRL({
- required AsymmetricKeyPair<
PublicKey, PrivateKey> issuerKeyPair, - required String issuerDn,
- required List<
RevokedCertificate> revokedCertificates, - required DateTime thisUpdate,
- required DateTime nextUpdate,
- required int crlNumber,
Implementation
static Uint8List createCRL({
required AsymmetricKeyPair<PublicKey, PrivateKey> issuerKeyPair,
required String issuerDn,
required List<RevokedCertificate> revokedCertificates,
required DateTime thisUpdate,
required DateTime nextUpdate,
required int crlNumber,
}) {
final tbs = ASN1Sequence();
tbs.add(ASN1Integer(BigInt.from(1))); // Version 2
tbs.add(createAlgorithmIdentifier(sha256WithRSAEncryption));
tbs.add(createName(issuerDn));
tbs.add(ASN1UtcTime(thisUpdate));
tbs.add(ASN1UtcTime(nextUpdate));
if (revokedCertificates.isNotEmpty) {
final revSeq = ASN1Sequence();
for (final rev in revokedCertificates) {
final entry = ASN1Sequence();
entry.add(ASN1Integer(rev.serialNumber));
entry.add(ASN1UtcTime(rev.revocationDate));
if (rev.reasonCode != null) {
final extSeq = ASN1Sequence();
final reasonExt = ASN1Sequence();
reasonExt.add(ASN1ObjectIdentifier.fromComponentString('2.5.29.21'));
final enumVal = ASN1Integer(BigInt.from(rev.reasonCode!), tag: 0x0A);
reasonExt.add(ASN1OctetString(enumVal.encodedBytes));
extSeq.add(reasonExt);
entry.add(extSeq);
}
revSeq.add(entry);
}
tbs.add(revSeq);
}
final extCrl = ASN1Sequence();
final crlNumExt = ASN1Sequence();
crlNumExt.add(ASN1ObjectIdentifier.fromComponentString('2.5.29.20'));
final numInt = ASN1Integer(BigInt.from(crlNumber));
crlNumExt.add(ASN1OctetString(numInt.encodedBytes));
extCrl.add(crlNumExt);
final extWrapper = ASN1Sequence(tag: 0xA0);
extWrapper.add(extCrl);
tbs.add(extWrapper);
final signature =
signData(tbs.encodedBytes, issuerKeyPair.privateKey as RSAPrivateKey);
final crl = ASN1Sequence();
crl.add(tbs);
crl.add(createAlgorithmIdentifier(sha256WithRSAEncryption));
crl.add(ASN1BitString(signature));
return crl.encodedBytes;
}