You have chosen to sponsor your bid up to a maximum amount of .
I have a web page here: csrhelp.x509labs.com that can be used to help people construct the command line to generate a certificate request.
I want this page updated so that you can feed it a certificate request and it can re-construct what command line would have produced that certificate request.
The decoding can be implemented on top of www.lapo.it/asn1js/.
The class would look something like:
.Extensions = (array of ID, Value)
.Attributes = (array of ID, Value)
It will be able to decode the following extensions:
Extended Key Usage
This will be useful resource: http://www.openscdp.org/scsh3/jsdoc/overview-summary-pkcs10.js.html as it does the leg work to define where the data elements are in the ASN.1.
To keep code re-usable, and readable constants and functions that this PKCS10 class uses from other standards will be in a dependency (PKIXCOMMON.js) like was done here: http://www.openscdp.org/scsh3/jsdoc/overview-summary-pkixcommon.js.html
I also want the website updated to support adding additional organization units (OUs) and various subject alternative names as was done in this website:
The addition of subject alternative names requires the creation of a configuration file as was done in one of the current examples on csrhelp.x509labs.com; this creation of a configuration file adds complexity so I only want it created when options are chosen by the user that require the creation configuration file.
I want an advanced option added to the page that is hidden under a UI affordance of some sort that allows the user to paste a Base64 CSR into it, that field will use parsely.js to validate the request has the appropriate PEM armor for a certificate request:
"^-----(BEGIN|END) (|NEW )CERTIFICATE REQUEST-----$")
It would be nice if it also used: http://www.html5rocks.com/en/tutorials/file/dndfiles/ for this.
A valid CSR being present will be all that is necessary to do the decode (aka no button).
Depending on your assessment of complexity after completion I also would like to add verifying the signature done based on web crypto using a polyfill (such as this one http://polycrypt.net/) as well as generating keys and signing the resulting keys using the same poly fill.
See: http://certlogik.com/decoder/ for an idea of what signature verification might look like in the UI (this is done server side)
And see http://demo.polycrypt.net/x509/ for example of key generation and signing might look like.
I have lots of future work for the right candidate.