NodeJS - Get certificate Chain from P7B file

Question

I'm trying to take a CMS base64 encoded string, convert it into a pkcs7 file and extract the leaf and intermediate certificates using javascript/nodejs, similar to the following openssl command:

openssl pkcs7 -print_certs -in certificate.p7b -out certificate.cer

I've read almost every article and see solutions in other languages, but not for node. I understand you can achieve what I need using node-forge, but node-forge does not support ECC algorithms. Anyone know of any other solutions/npm packages that can help me accomplish this? Please help me. I'm very new to this.

Answer 1

Did you see PKI.js for Node.js? It is a pure JavaScript library implementing the formats that are used in PKI applications. It is based on the W3C Web Cryptography API with full support for all "Suite B" algorithms in CMS messages. Code snippet submitted by OP:

const cmsSignedBuffer = stringToArrayBuffer(fromBase64(token.signature)); 
const asn1 = asn1js.fromBER(cmsSignedBuffer); 
const cmsContentSimpl = new pkijs.ContentInfo({ schema: asn1.result }); 
const cmsSignedSimpl = new pkijs.SignedData({ schema: cmsContentSimpl.content })

Another approach is to use a wrapper for openssl like openssl-nodejs, for example. The wrapper simply spawns a child process to invoke openssl. Thus, openssl must be installed on system where the Node.js application is deployed.