Node.js x509.verify()函数
x509.verify()是加密模块中 X509Certificate 类的内置应用程序编程接口,用于检查证书是否由给定的公钥签名。
句法:
const x509.verify(publicKey)参数:此函数将公钥对象作为参数。
返回值:当且仅当证书由给定的公钥签名时,此函数才返回布尔值 true。
如何生成公共证书?
公共证书:打开记事本并复制粘贴以下密钥并将文件另存为public-cert.pem
-----BEGIN CERTIFICATE-----
MIICfzCCAegCCQDxxeXw914Y2DANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMC
SU4xEzARBgNVBAgMCldlc3RiZW5nYWwxEDAOBgNVBAcMB0tvbGthdGExFDASBgNV
BAoMC1BhbmNvLCBJbmMuMRUwEwYDVQQDDAxSb2hpdCBQcmFzYWQxIDAeBgkqhkiG
9w0BCQEWEXJvZm9mb2ZAZ21haWwuY29tMB4XDTIwMDkwOTA1NTExN1oXDTIwMTAw
OTA1NTExN1owgYMxCzAJBgNVBAYTAklOMRMwEQYDVQQIDApXZXN0YmVuZ2FsMRAw
DgYDVQQHDAdLb2xrYXRhMRQwEgYDVQQKDAtQYW5jbywgSW5jLjEVMBMGA1UEAwwM
Um9oaXQgUHJhc2FkMSAwHgYJKoZIhvcNAQkBFhFyb2ZvZm9mQGdtYWlsLmNvbTCB
nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAt/EfcF3FG4TneOBWr4JhOUdyuCXm
Dhy5yO3VKtQfPxr+5d0joCSnn/5vYDNSr1MfedZmqVxrXFoMAdPCd71BNmDmeLVi
QK61WREtASP0ZhQMoUBT+R3Fpdy0jPS0YoT/fBd96CJCmgsQOS8Tq5IKVeB61MyC
kwAQ2Goe0T3sdVkCAwEAATANBgkqhkiG9w0BAQsFAAOBgQATe6ixdAjoV7BSHgRX
bXM2+IZLq8kq3s7ck0EZrRVhsivutcaZwDXRCCinB+OlPedbzXwNZGvVX0nwPYHG
BfiXwdiuZeVJ88ni6Fm6RhoPtu2QF1UExfBvSXuMBgR+evp+e3QadNpGx6Ppl1aC
hWF6W2H9+MAlU7yvtmCQQuZmfQ==
-----END CERTIFICATE-----示例 1:
文件名:index.js
Javascript
// Node.js program to demonstrate the
// x509.verify() function
// Importing crypto module
const {X509Certificate} = require('crypto')
// Importing fs module
const fs = require('fs')
// getting object of a PEM encoded X509 Certificate.
const x509 = new X509Certificate(fs.readFileSync('public-cert.pem'));
// checking if this certificate is signed by the given public key or not
// by using x509.verify() function
const value = x509.verify(x509.publicKey)
// display the result
if(value)
console.log("certificate is signed by the given public key")
else
console.log("certificate is not signed by the given public key")Javascript
// Node.js program to demonstrate the
// x509.verify() function
// Importing crypto module
const {X509Certificate} = require('crypto')
// Importing fs module
const fs = require('fs')
// display the result
if((new X509Certificate(fs.readFileSync('public-cert.pem')))
.verify((new X509Certificate(fs.readFileSync('public-cert.pem'))).publicKey))
console.log("certificate is signed by the given public key")
else
console.log("certificate is not signed by the given public key")使用以下命令运行 index.js 文件。
node index.js输出:
certificate is signed by the given public key示例 2:
文件名:index.js
Javascript
// Node.js program to demonstrate the
// x509.verify() function
// Importing crypto module
const {X509Certificate} = require('crypto')
// Importing fs module
const fs = require('fs')
// display the result
if((new X509Certificate(fs.readFileSync('public-cert.pem')))
.verify((new X509Certificate(fs.readFileSync('public-cert.pem'))).publicKey))
console.log("certificate is signed by the given public key")
else
console.log("certificate is not signed by the given public key")
使用以下命令运行 index.js 文件。
node index.js输出:
certificate is signed by the given public key参考:https://nodejs.org/dist/latest-v15.x/docs/api/crypto.html#crypto_x509_publickey