1

I am using the below code to read serial numbers of revoked crl from a crl list file with ext .crl downloaded.

import forge, { pki, asn1 } from 'node-forge';

const crlFil = asn1.fromDer(crlFile); // crlfile with a .crl extension

console.log(crlFileDer.value[0].value[5].value[0].value[0]);

I am following this guide, but when I try to read the serial no. of revoked certificates, it gives me values that appear to be junk. I am not sure what format it is and want to convert it into the correct value.

Example value received \u0003-\tÊ$v¥L

antonku
  • 7,377
  • 2
  • 15
  • 21
dhiraj kumar
  • 13
  • 3

1 Answers1

1

You can parse a CRL and get revoked certificates serial numbers with help of asn1js, pkijs and pvutils libraries. Here is an example that prints revoked certificate serial numbers to console:

const asn1 = require('asn1js');
const pkijs = require('pkijs');
const pvutils = require('pvutils');
const fs = require('fs');


fs.readFile('./yourCrlFile.crl', (err, crlData) => {
  if (err) {
    throw err;
  }
  const buffer = new Uint8Array(crlData).buffer;
  const asn1crl = asn1.fromBER(buffer);
  const crl = new pkijs.CertificateRevocationList({
    schema: asn1crl.result
  })

  for (const { userCertificate } of crl.revokedCertificates) {
    console.log(pvutils.bufferToHexCodes(userCertificate.valueBlock.valueHex))
  }
})
antonku
  • 7,377
  • 2
  • 15
  • 21
  • I'm having trouble implementing this (I literally had the same code in js) when converting my js project to a typescript project (see [this question](https://stackoverflow.com/questions/75070742/parsing-a-certificate-revocation-list-in-nodejs) ). – Alb Jan 11 '23 at 11:13