1# 证书集合及证书吊销列表集合对象的创建和获取 2 3从输入的证书集合和证书吊销列表集合中选择满足条件的证书或者证书吊销列表。 4 5## 开发步骤 6 71. 导入[证书算法库框架模块](../../reference/apis-device-certificate-kit/js-apis-cert.md)。 8 9 ```ts 10 import { cert } from '@kit.DeviceCertificateKit'; 11 ``` 12 132. 基于已有的证书数据,调用[cert.createX509Cert](../../reference/apis-device-certificate-kit/js-apis-cert.md#certcreatex509cert-1)创建X509证书的对象。 14 153. 基于已有的CRL数据,调用[cert.createX509CRL](../../reference/apis-device-certificate-kit/js-apis-cert.md#certcreatex509crl11-1)创建X509证书吊销列表的对象。 16 174. 调用[cert.createCertCRLCollection](../../reference/apis-device-certificate-kit/js-apis-cert.md#certcreatecertcrlcollection11)创建[CertCRLCollection](../../reference/apis-device-certificate-kit/js-apis-cert.md#certcrlcollection11)的对象,并返回相应的结果。 18 195. 调用[CertCRLCollection.selectCerts](../../reference/apis-device-certificate-kit/js-apis-cert.md#selectcerts11)查找所有与[X509CertMatchParameters](../../reference/apis-device-certificate-kit/js-apis-cert.md#x509certmatchparameters11)匹配的证书对象数组,并返回结果。 20 216. 调用[CertCRLCollection.selectCRLs](../../reference/apis-device-certificate-kit/js-apis-cert.md#selectcrls11)查找所有与[X509CRLMatchParameters](../../reference/apis-device-certificate-kit/js-apis-cert.md#x509crlmatchparameters11)匹配的证书吊销列表数组,并返回结果。 22 23```ts 24import { cert } from '@kit.DeviceCertificateKit'; 25import { BusinessError } from '@kit.BasicServicesKit'; 26import { util } from '@kit.ArkTS'; 27 28async function createX509CRL(): Promise<cert.X509CRL> { 29 let crlData = '-----BEGIN X509 CRL-----\n' + 30 'MIHzMF4CAQMwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ1JMIGlzc3VlchcN\n' + 31 'MTcwODA3MTExOTU1WhcNMzIxMjE0MDA1MzIwWjAVMBMCAgPoFw0zMjEyMTQwMDUz\n' + 32 'MjBaMA0GCSqGSIb3DQEBBAUAA4GBACEPHhlaCTWA42ykeaOyR0SGQIHIOUR3gcDH\n' + 33 'J1LaNwiL+gDxI9rMQmlhsUGJmPIPdRs9uYyI+f854lsWYisD2PUEpn3DbEvzwYeQ\n' + 34 '5SqQoPDoM+YfZZa23hoTLsu52toXobP74sf/9K501p/+8hm4ROMLBoRT86GQKY6g\n' + 35 'eavsH0Q3\n' + 36 '-----END X509 CRL-----\n'; 37 38 // 证书吊销列表二进制数据,需业务自行赋值 39 let textEncoder = new util.TextEncoder(); 40 let encodingBlob: cert.EncodingBlob = { 41 data: textEncoder.encodeInto(crlData), 42 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 43 encodingFormat: cert.EncodingFormat.FORMAT_PEM 44 }; 45 let x509CRL: cert.X509CRL = {} as cert.X509CRL; 46 try { 47 x509CRL = await cert.createX509CRL(encodingBlob); 48 } catch (err) { 49 let e: BusinessError = err as BusinessError; 50 console.error(`createX509CRL failed, errCode: ${e.code}, errMsg: ${e.message}`); 51 } 52 return x509CRL; 53} 54 55async function createX509Cert(): Promise<cert.X509Cert> { 56 let certData = '-----BEGIN CERTIFICATE-----\n' + 57 'MIIBHTCBwwICA+gwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRXhhbXBsZSBSb290\n' + 58 'IENBMB4XDTIzMDkwNTAyNDgyMloXDTI2MDUzMTAyNDgyMlowGjEYMBYGA1UEAwwP\n' + 59 'RXhhbXBsZSBSb290IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHjG74yMI\n' + 60 'ueO7z3T+dyuEIrhxTg2fqgeNB3SGfsIXlsiUfLTatUsU0i/sePnrKglj2H8Abbx9\n' + 61 'PK0tsW/VgqwDIDAKBggqhkjOPQQDAgNJADBGAiEApVZno/Z7WyDc/muRN1y57uaY\n' + 62 'Mjrgnvp/AMdE8qmFiDwCIQCrIYdHVO1awaPgcdALZY+uLQi6mEs/oMJLUcmaag3E\n' + 63 'Qw==\n' + 64 '-----END CERTIFICATE-----\n'; 65 66 let textEncoder = new util.TextEncoder(); 67 let encodingBlob: cert.EncodingBlob = { 68 data: textEncoder.encodeInto(certData), 69 // 根据encodingData的格式进行赋值,支持FORMAT_PEM和FORMAT_DER 70 encodingFormat: cert.EncodingFormat.FORMAT_PEM 71 }; 72 73 let x509Cert: cert.X509Cert = {} as cert.X509Cert; 74 try { 75 x509Cert = await cert.createX509Cert(encodingBlob); 76 } catch (err) { 77 let e: BusinessError = err as BusinessError; 78 console.error(`createX509Cert failed, errCode: ${e.code}, errMsg: ${e.message}`); 79 } 80 return x509Cert; 81} 82 83async function sample() { 84 const x509Cert = await createX509Cert(); 85 const x509CRL = await createX509CRL(); 86 let collection: cert.CertCRLCollection = {} as cert.CertCRLCollection; 87 try { 88 collection = cert.createCertCRLCollection([x509Cert], [x509CRL]); 89 console.log('createCertCRLCollection success'); 90 } catch (err) { 91 console.error('createCertCRLCollection failed'); 92 } 93 94 const certParam: cert.X509CertMatchParameters = { 95 validDate: '231128000000Z' 96 } 97 try { 98 let certs: cert.X509Cert[] = await collection.selectCerts(certParam); 99 } catch (err) { 100 console.error('selectCerts failed'); 101 } 102 103 const crlParam: cert.X509CRLMatchParameters = { 104 x509Cert: x509Cert 105 } 106 try { 107 let crls: cert.X509CRL[] = await collection.selectCRLs(crlParam); 108 console.error('selectCRLs success'); 109 } catch (err) { 110 console.error('selectCRLs failed'); 111 } 112} 113``` 114 115##