node-forge 0.6.34 → 0.6.39

package/.travis.yml

@@ -2,7 +2,11 @@ language: node_js
 node_js:
   - "0.10"
   - "0.12"
-  - iojs
+  - "4.0"
+  - "4.2"
+  - "node"
+  - "iojs"
+sudo: false
 install: (cd nodejs && npm install)
 script: 
   - (cd nodejs && npm test)

package/README.md

@@ -1,8 +1,8 @@
 # Forge
 
-[![Build Status][travis-ci-png]][travis-ci-site]
-[travis-ci-png]: https://travis-ci.org/digitalbazaar/forge.png?branch=master
-[travis-ci-site]: https://travis-ci.org/digitalbazaar/forge
+[![npm package](https://nodei.co/npm/node-forge.png?downloads=true&downloadRank=true&stars=true)](https://nodei.co/npm/node-forge/)
+
+[![Build status](https://img.shields.io/travis/digitalbazaar/forge.svg?branch=master)](https://travis-ci.org/digitalbazaar/forge)
 
 A native implementation of [TLS][] (and various other cryptographic tools) in
 [JavaScript][].

package/bower.json

@@ -1,6 +1,6 @@
 {
   "name": "forge",
-  "version": "0.6.34",
+  "version": "0.6.39",
   "description": "JavaScript implementations of network transports, cryptography, ciphers, PKI, message digests, and various utilities.",
   "moduleType": ["amd"],
   "authors": [

package/js/md5.js

@@ -41,8 +41,10 @@ md5.create = function() {
     digestLength: 16,
     // 56-bit length of message so far (does not including padding)
     messageLength: 0,
-    // true 64-bit message length as two 32-bit ints
-    messageLength64: [0, 0]
+    // true message length
+    fullMessageLength: null,
+    // size of message length in bytes
+    messageLengthSize: 8
   };
 
   /**
@@ -51,8 +53,15 @@ md5.create = function() {
    * @return this digest object.
    */
   md.start = function() {
+    // up to 56-bit message length for convenience
     md.messageLength = 0;
-    md.messageLength64 = [0, 0];
+
+    // full message length (set md.messageLength64 for backwards-compatibility)
+    md.fullMessageLength = md.messageLength64 = [];
+    var int32s = md.messageLengthSize / 4;
+    for(var i = 0; i < int32s; ++i) {
+      md.fullMessageLength.push(0);
+    }
     _input = forge.util.createBuffer();
     _state = {
       h0: 0x67452301,
@@ -81,9 +90,15 @@ md5.create = function() {
     }
 
     // update message length
-    md.messageLength += msg.length;
-    md.messageLength64[0] += (msg.length / 0x100000000) >>> 0;
-    md.messageLength64[1] += msg.length >>> 0;
+    var len = msg.length;
+    md.messageLength += len;
+    len = [(len / 0x100000000) >>> 0, len >>> 0];
+    for(var i = md.fullMessageLength.length - 1; i >= 0; --i) {
+      md.fullMessageLength[i] += len[1];
+      len[1] = len[0] + ((md.fullMessageLength[i] / 0x100000000) >>> 0);
+      md.fullMessageLength[i] = md.fullMessageLength[i] >>> 0;
+      len[0] = ((len[1] / 0x100000000) >>> 0);
+    }
 
     // add bytes to input buffer
     _input.putBytes(msg);
@@ -125,28 +140,36 @@ md5.create = function() {
     must *always* be present, so if the message length is already
     congruent to 448 mod 512, then 512 padding bits must be added. */
 
-    // 512 bits == 64 bytes, 448 bits == 56 bytes, 64 bits = 8 bytes
-    // _padding starts with 1 byte with first bit is set in it which
-    // is byte value 128, then there may be up to 63 other pad bytes
-    var padBytes = forge.util.createBuffer();
-    padBytes.putBytes(_input.bytes());
-    // 64 - (remaining msg + 8 bytes msg length) mod 64
-    padBytes.putBytes(
-      _padding.substr(0, 64 - ((md.messageLength64[1] + 8) & 0x3F)));
-
-    /* Now append length of the message. The length is appended in bits
-    as a 64-bit number in little-endian order. Since we store the length in
-    bytes, we must multiply the 64-bit length by 8 (or left shift by 3). */
-    padBytes.putInt32Le(md.messageLength64[1] << 3);
-    padBytes.putInt32Le(
-      (md.messageLength64[0] << 3) | (md.messageLength64[0] >>> 28));
+    var finalBlock = forge.util.createBuffer();
+    finalBlock.putBytes(_input.bytes());
+
+    // compute remaining size to be digested (include message length size)
+    var remaining = (
+      md.fullMessageLength[md.fullMessageLength.length - 1] +
+      md.messageLengthSize);
+
+    // add padding for overflow blockSize - overflow
+    // _padding starts with 1 byte with first bit is set (byte value 128), then
+    // there may be up to (blockSize - 1) other pad bytes
+    var overflow = remaining & (md.blockLength - 1);
+    finalBlock.putBytes(_padding.substr(0, md.blockLength - overflow));
+
+    // serialize message length in bits in little-endian order; since length
+    // is stored in bytes we multiply by 8 and add carry
+    var bits, carry = 0;
+    for(var i = md.fullMessageLength.length - 1; i >= 0; --i) {
+      bits = md.fullMessageLength[i] * 8 + carry;
+      carry = (bits / 0x100000000) >>> 0;
+      finalBlock.putInt32Le(bits >>> 0);
+    }
+
     var s2 = {
       h0: _state.h0,
       h1: _state.h1,
       h2: _state.h2,
       h3: _state.h3
     };
-    _update(s2, _w, padBytes);
+    _update(s2, _w, finalBlock);
     var rval = forge.util.createBuffer();
     rval.putInt32Le(s2.h0);
     rval.putInt32Le(s2.h1);

package/js/oids.js

@@ -196,6 +196,7 @@ oids['2.5.29.32'] = 'certificatePolicies';
 oids['2.5.29.33'] = 'policyMappings';
 oids['2.5.29.34'] = 'policyConstraints'; // deprecated use .36
 oids['2.5.29.35'] = 'authorityKeyIdentifier';
+oids['authorityKeyIdentifier'] = '2.5.29.35';
 oids['2.5.29.36'] = 'policyConstraints';
 oids['2.5.29.37'] = 'extKeyUsage';
 oids['extKeyUsage'] = '2.5.29.37';

package/js/rsa.js

@@ -407,9 +407,11 @@ var _modPow = function(x, key, pub) {
     so we add p until this is true (since we will be mod'ing with
     p anyway). Then, there is a known timing attack on algorithms
     using the CRT. To mitigate this risk, "cryptographic blinding"
-    should be used. This requires simply generating a random number r between
-    0 and n-1 and its inverse and multiplying x by r^e before calculating y
-    and then multiplying y by r^-1 afterwards.
+    should be used. This requires simply generating a random number r
+    between 0 and n-1 and its inverse and multiplying x by r^e before
+    calculating y and then multiplying y by r^-1 afterwards. Note that
+    r must be coprime with n (gcd(r, n) === 1) in order to have an
+    inverse.
   */
 
   // cryptographic blinding
@@ -417,8 +419,8 @@ var _modPow = function(x, key, pub) {
   do {
     r = new BigInteger(
       forge.util.bytesToHex(forge.random.getBytes(key.n.bitLength() / 8)),
-      16).mod(key.n);
-  } while(r.equals(BigInteger.ZERO));
+      16);
+  } while(r.compareTo(key.n) >= 0 || !r.gcd(key.n).equals(BigInteger.ONE));
   x = x.multiply(r.modPow(key.e, key.n)).mod(key.n);
 
   // calculate xp and xq

package/js/sha1.js

@@ -3,7 +3,7 @@
  *
  * @author Dave Longley
  *
- * Copyright (c) 2010-2014 Digital Bazaar, Inc.
+ * Copyright (c) 2010-2015 Digital Bazaar, Inc.
  */
 (function() {
 /* ########## Begin module implementation ########## */
@@ -41,8 +41,10 @@ sha1.create = function() {
     digestLength: 20,
     // 56-bit length of message so far (does not including padding)
     messageLength: 0,
-    // true 64-bit message length as two 32-bit ints
-    messageLength64: [0, 0]
+    // true message length
+    fullMessageLength: null,
+    // size of message length in bytes
+    messageLengthSize: 8
   };
 
   /**
@@ -51,8 +53,15 @@ sha1.create = function() {
    * @return this digest object.
    */
   md.start = function() {
+    // up to 56-bit message length for convenience
     md.messageLength = 0;
-    md.messageLength64 = [0, 0];
+
+    // full message length (set md.messageLength64 for backwards-compatibility)
+    md.fullMessageLength = md.messageLength64 = [];
+    var int32s = md.messageLengthSize / 4;
+    for(var i = 0; i < int32s; ++i) {
+      md.fullMessageLength.push(0);
+    }
     _input = forge.util.createBuffer();
     _state = {
       h0: 0x67452301,
@@ -82,9 +91,15 @@ sha1.create = function() {
     }
 
     // update message length
-    md.messageLength += msg.length;
-    md.messageLength64[0] += (msg.length / 0x100000000) >>> 0;
-    md.messageLength64[1] += msg.length >>> 0;
+    var len = msg.length;
+    md.messageLength += len;
+    len = [(len / 0x100000000) >>> 0, len >>> 0];
+    for(var i = md.fullMessageLength.length - 1; i >= 0; --i) {
+      md.fullMessageLength[i] += len[1];
+      len[1] = len[0] + ((md.fullMessageLength[i] / 0x100000000) >>> 0);
+      md.fullMessageLength[i] = md.fullMessageLength[i] >>> 0;
+      len[0] = ((len[1] / 0x100000000) >>> 0);
+    }
 
     // add bytes to input buffer
     _input.putBytes(msg);
@@ -126,21 +141,33 @@ sha1.create = function() {
     must *always* be present, so if the message length is already
     congruent to 448 mod 512, then 512 padding bits must be added. */
 
-    // 512 bits == 64 bytes, 448 bits == 56 bytes, 64 bits = 8 bytes
-    // _padding starts with 1 byte with first bit is set in it which
-    // is byte value 128, then there may be up to 63 other pad bytes
-    var padBytes = forge.util.createBuffer();
-    padBytes.putBytes(_input.bytes());
-    // 64 - (remaining msg + 8 bytes msg length) mod 64
-    padBytes.putBytes(
-      _padding.substr(0, 64 - ((md.messageLength64[1] + 8) & 0x3F)));
-
-    /* Now append length of the message. The length is appended in bits
-    as a 64-bit number in big-endian order. Since we store the length in
-    bytes, we must multiply the 64-bit length by 8 (or left shift by 3). */
-    padBytes.putInt32(
-      (md.messageLength64[0] << 3) | (md.messageLength64[0] >>> 28));
-    padBytes.putInt32(md.messageLength64[1] << 3);
+    var finalBlock = forge.util.createBuffer();
+    finalBlock.putBytes(_input.bytes());
+
+    // compute remaining size to be digested (include message length size)
+    var remaining = (
+      md.fullMessageLength[md.fullMessageLength.length - 1] +
+      md.messageLengthSize);
+
+    // add padding for overflow blockSize - overflow
+    // _padding starts with 1 byte with first bit is set (byte value 128), then
+    // there may be up to (blockSize - 1) other pad bytes
+    var overflow = remaining & (md.blockLength - 1);
+    finalBlock.putBytes(_padding.substr(0, md.blockLength - overflow));
+
+    // serialize message length in bits in big-endian order; since length
+    // is stored in bytes we multiply by 8 and add carry from next int
+    var messageLength = forge.util.createBuffer();
+    var next, carry;
+    var bits = md.fullMessageLength[0] * 8;
+    for(var i = 0; i < md.fullMessageLength.length; ++i) {
+      next = md.fullMessageLength[i + 1] * 8;
+      carry = (next / 0x100000000) >>> 0;
+      bits += carry;
+      finalBlock.putInt32(bits >>> 0);
+      bits = next;
+    }
+
     var s2 = {
       h0: _state.h0,
       h1: _state.h1,
@@ -148,7 +175,7 @@ sha1.create = function() {
       h3: _state.h3,
       h4: _state.h4
     };
-    _update(s2, _w, padBytes);
+    _update(s2, _w, finalBlock);
     var rval = forge.util.createBuffer();
     rval.putInt32(s2.h0);
     rval.putInt32(s2.h1);

package/js/sha256.js

@@ -5,7 +5,7 @@
  *
  * @author Dave Longley
  *
- * Copyright (c) 2010-2014 Digital Bazaar, Inc.
+ * Copyright (c) 2010-2015 Digital Bazaar, Inc.
  */
 (function() {
 /* ########## Begin module implementation ########## */
@@ -43,8 +43,10 @@ sha256.create = function() {
     digestLength: 32,
     // 56-bit length of message so far (does not including padding)
     messageLength: 0,
-    // true 64-bit message length as two 32-bit ints
-    messageLength64: [0, 0]
+    // true message length
+    fullMessageLength: null,
+    // size of message length in bytes
+    messageLengthSize: 8
   };
 
   /**
@@ -53,8 +55,15 @@ sha256.create = function() {
    * @return this digest object.
    */
   md.start = function() {
+    // up to 56-bit message length for convenience
     md.messageLength = 0;
-    md.messageLength64 = [0, 0];
+
+    // full message length (set md.messageLength64 for backwards-compatibility)
+    md.fullMessageLength = md.messageLength64 = [];
+    var int32s = md.messageLengthSize / 4;
+    for(var i = 0; i < int32s; ++i) {
+      md.fullMessageLength.push(0);
+    }
     _input = forge.util.createBuffer();
     _state = {
       h0: 0x6A09E667,
@@ -87,9 +96,15 @@ sha256.create = function() {
     }
 
     // update message length
-    md.messageLength += msg.length;
-    md.messageLength64[0] += (msg.length / 0x100000000) >>> 0;
-    md.messageLength64[1] += msg.length >>> 0;
+    var len = msg.length;
+    md.messageLength += len;
+    len = [(len / 0x100000000) >>> 0, len >>> 0];
+    for(var i = md.fullMessageLength.length - 1; i >= 0; --i) {
+      md.fullMessageLength[i] += len[1];
+      len[1] = len[0] + ((md.fullMessageLength[i] / 0x100000000) >>> 0);
+      md.fullMessageLength[i] = md.fullMessageLength[i] >>> 0;
+      len[0] = ((len[1] / 0x100000000) >>> 0);
+    }
 
     // add bytes to input buffer
     _input.putBytes(msg);
@@ -131,21 +146,33 @@ sha256.create = function() {
     must *always* be present, so if the message length is already
     congruent to 448 mod 512, then 512 padding bits must be added. */
 
-    // 512 bits == 64 bytes, 448 bits == 56 bytes, 64 bits = 8 bytes
-    // _padding starts with 1 byte with first bit is set in it which
-    // is byte value 128, then there may be up to 63 other pad bytes
-    var padBytes = forge.util.createBuffer();
-    padBytes.putBytes(_input.bytes());
-    // 64 - (remaining msg + 8 bytes msg length) mod 64
-    padBytes.putBytes(
-      _padding.substr(0, 64 - ((md.messageLength64[1] + 8) & 0x3F)));
-
-    /* Now append length of the message. The length is appended in bits
-    as a 64-bit number in big-endian order. Since we store the length in
-    bytes, we must multiply the 64-bit length by 8 (or left shift by 3). */
-    padBytes.putInt32(
-      (md.messageLength64[0] << 3) | (md.messageLength64[0] >>> 28));
-    padBytes.putInt32(md.messageLength64[1] << 3);
+    var finalBlock = forge.util.createBuffer();
+    finalBlock.putBytes(_input.bytes());
+
+    // compute remaining size to be digested (include message length size)
+    var remaining = (
+      md.fullMessageLength[md.fullMessageLength.length - 1] +
+      md.messageLengthSize);
+
+    // add padding for overflow blockSize - overflow
+    // _padding starts with 1 byte with first bit is set (byte value 128), then
+    // there may be up to (blockSize - 1) other pad bytes
+    var overflow = remaining & (md.blockLength - 1);
+    finalBlock.putBytes(_padding.substr(0, md.blockLength - overflow));
+
+    // serialize message length in bits in big-endian order; since length
+    // is stored in bytes we multiply by 8 and add carry from next int
+    var messageLength = forge.util.createBuffer();
+    var next, carry;
+    var bits = md.fullMessageLength[0] * 8;
+    for(var i = 0; i < md.fullMessageLength.length; ++i) {
+      next = md.fullMessageLength[i + 1] * 8;
+      carry = (next / 0x100000000) >>> 0;
+      bits += carry;
+      finalBlock.putInt32(bits >>> 0);
+      bits = next;
+    }
+
     var s2 = {
       h0: _state.h0,
       h1: _state.h1,
@@ -156,7 +183,7 @@ sha256.create = function() {
       h6: _state.h6,
       h7: _state.h7
     };
-    _update(s2, _w, padBytes);
+    _update(s2, _w, finalBlock);
     var rval = forge.util.createBuffer();
     rval.putInt32(s2.h0);
     rval.putInt32(s2.h1);

package/js/sha512.js

@@ -8,7 +8,7 @@
  *
  * @author Dave Longley
  *
- * Copyright (c) 2014 Digital Bazaar, Inc.
+ * Copyright (c) 2014-2015 Digital Bazaar, Inc.
  */
 (function() {
 /* ########## Begin module implementation ########## */
@@ -89,8 +89,10 @@ sha512.create = function(algorithm) {
     digestLength: 64,
     // 56-bit length of message so far (does not including padding)
     messageLength: 0,
-    // true 128-bit message length as four 32-bit ints
-    messageLength128: [0, 0, 0, 0]
+    // true message length
+    fullMessageLength: null,
+    // size of message length in bytes
+    messageLengthSize: 16
   };
 
   /**
@@ -99,8 +101,15 @@ sha512.create = function(algorithm) {
    * @return this digest object.
    */
   md.start = function() {
+    // up to 56-bit message length for convenience
     md.messageLength = 0;
-    md.messageLength128 = [0, 0, 0, 0];
+
+    // full message length (set md.messageLength128 for backwards-compatibility)
+    md.fullMessageLength = md.messageLength128 = [];
+    var int32s = md.messageLengthSize / 4;
+    for(var i = 0; i < int32s; ++i) {
+      md.fullMessageLength.push(0);
+    }
     _input = forge.util.createBuffer();
     _h = new Array(_state.length);
     for(var i = 0; i < _state.length; ++i) {
@@ -127,13 +136,13 @@ sha512.create = function(algorithm) {
     }
 
     // update message length
-    md.messageLength += msg.length;
     var len = msg.length;
+    md.messageLength += len;
     len = [(len / 0x100000000) >>> 0, len >>> 0];
-    for(var i = 3; i >= 0; --i) {
-      md.messageLength128[i] += len[1];
-      len[1] = len[0] + ((md.messageLength128[i] / 0x100000000) >>> 0);
-      md.messageLength128[i] = md.messageLength128[i] >>> 0;
+    for(var i = md.fullMessageLength.length - 1; i >= 0; --i) {
+      md.fullMessageLength[i] += len[1];
+      len[1] = len[0] + ((md.fullMessageLength[i] / 0x100000000) >>> 0);
+      md.fullMessageLength[i] = md.fullMessageLength[i] >>> 0;
       len[0] = ((len[1] / 0x100000000) >>> 0);
     }
 
@@ -177,34 +186,38 @@ sha512.create = function(algorithm) {
     must *always* be present, so if the message length is already
     congruent to 896 mod 1024, then 1024 padding bits must be added. */
 
-    // 1024 bits == 128 bytes, 896 bits == 112 bytes, 128 bits = 16 bytes
-    // _padding starts with 1 byte with first bit is set in it which
-    // is byte value 128, then there may be up to 127 other pad bytes
-    var padBytes = forge.util.createBuffer();
-    padBytes.putBytes(_input.bytes());
-    // 128 - (remaining msg + 16 bytes msg length) mod 128
-    padBytes.putBytes(
-      _padding.substr(0, 128 - ((md.messageLength128[3] + 16) & 0x7F)));
-
-    /* Now append length of the message. The length is appended in bits
-    as a 128-bit number in big-endian order. Since we store the length in
-    bytes, we must multiply the 128-bit length by 8 (or left shift by 3). */
-    var bitLength = [];
-    for(var i = 0; i < 3; ++i) {
-      bitLength[i] = ((md.messageLength128[i] << 3) |
-        (md.messageLength128[i - 1] >>> 28));
+    var finalBlock = forge.util.createBuffer();
+    finalBlock.putBytes(_input.bytes());
+
+    // compute remaining size to be digested (include message length size)
+    var remaining = (
+      md.fullMessageLength[md.fullMessageLength.length - 1] +
+      md.messageLengthSize);
+
+    // add padding for overflow blockSize - overflow
+    // _padding starts with 1 byte with first bit is set (byte value 128), then
+    // there may be up to (blockSize - 1) other pad bytes
+    var overflow = remaining & (md.blockLength - 1);
+    finalBlock.putBytes(_padding.substr(0, md.blockLength - overflow));
+
+    // serialize message length in bits in big-endian order; since length
+    // is stored in bytes we multiply by 8 and add carry from next int
+    var messageLength = forge.util.createBuffer();
+    var next, carry;
+    var bits = md.fullMessageLength[0] * 8;
+    for(var i = 0; i < md.fullMessageLength.length; ++i) {
+      next = md.fullMessageLength[i + 1] * 8;
+      carry = (next / 0x100000000) >>> 0;
+      bits += carry;
+      finalBlock.putInt32(bits >>> 0);
+      bits = next;
     }
-    // shift the last integer normally
-    bitLength[3] = md.messageLength128[3] << 3;
-    padBytes.putInt32(bitLength[0]);
-    padBytes.putInt32(bitLength[1]);
-    padBytes.putInt32(bitLength[2]);
-    padBytes.putInt32(bitLength[3]);
+
     var h = new Array(_h.length);
     for(var i = 0; i < _h.length; ++i) {
       h[i] = _h[i].slice(0);
     }
-    _update(h, _w, padBytes);
+    _update(h, _w, finalBlock);
     var rval = forge.util.createBuffer();
     var hlen;
     if(algorithm === 'SHA-512') {

package/js/util.js

@@ -1838,9 +1838,9 @@ util.text.utf8.decode = function(bytes) {
 util.text.utf16.encode = function(str, output, offset) {
   var out = output;
   if(!out) {
-    out = new Uint8Array(str.length);
+    out = new Uint8Array(str.length * 2);
   }
-  var view = new Uint16Array(out);
+  var view = new Uint16Array(out.buffer);
   offset = offset || 0;
   var j = offset;
   var k = offset;
@@ -1859,7 +1859,7 @@ util.text.utf16.encode = function(str, output, offset) {
  * @return the resulting string.
  */
 util.text.utf16.decode = function(bytes) {
-  return String.fromCharCode.apply(null, new Uint16Array(bytes));
+  return String.fromCharCode.apply(null, new Uint16Array(bytes.buffer));
 };
 
 /**

package/js/x509.js

@@ -1073,6 +1073,9 @@ pki.createCertificate = function() {
         case 'sha256WithRSAEncryption':
           md = forge.md.sha256.create();
           break;
+        case 'sha512WithRSAEncryption':
+          md = forge.md.sha512.create();
+          break;
         case 'RSASSA-PSS':
           md = forge.md.sha256.create();
           break;
@@ -1337,6 +1340,9 @@ pki.certificateFromAsn1 = function(obj, computeHash) {
       case 'sha256WithRSAEncryption':
         cert.md = forge.md.sha256.create();
         break;
+      case 'sha512WithRSAEncryption':
+        cert.md = forge.md.sha512.create();
+        break;
       case 'RSASSA-PSS':
         cert.md = forge.md.sha256.create();
         break;
@@ -1687,6 +1693,9 @@ pki.certificationRequestFromAsn1 = function(obj, computeHash) {
       case 'sha256WithRSAEncryption':
         csr.md = forge.md.sha256.create();
         break;
+      case 'sha512WithRSAEncryption':
+        csr.md = forge.md.sha512.create();
+        break;
       case 'RSASSA-PSS':
         csr.md = forge.md.sha256.create();
         break;
@@ -1839,6 +1848,7 @@ pki.createCertificationRequest = function() {
     if(md === null) {
       // check signature OID for supported signature types
       if(csr.signatureOid in oids) {
+        // TODO: create DRY `OID to md` function
         var oid = oids[csr.signatureOid];
         switch(oid) {
         case 'sha1WithRSAEncryption':
@@ -1850,6 +1860,9 @@ pki.createCertificationRequest = function() {
         case 'sha256WithRSAEncryption':
           md = forge.md.sha256.create();
           break;
+        case 'sha512WithRSAEncryption':
+          md = forge.md.sha512.create();
+          break;
         case 'RSASSA-PSS':
           md = forge.md.sha256.create();
           break;
@@ -2265,6 +2278,36 @@ function _fillMissingExtensionFields(e, options) {
     // OCTETSTRING w/digest
     e.value = asn1.create(
       asn1.Class.UNIVERSAL, asn1.Type.OCTETSTRING, false, ski.getBytes());
+  } else if(e.name === 'authorityKeyIdentifier' && options.cert) {
+    // SYNTAX SEQUENCE
+    e.value = asn1.create(asn1.Class.UNIVERSAL, asn1.Type.SEQUENCE, true, []);
+    var seq = e.value.value;
+
+    if(e.keyIdentifier) {
+      var keyIdentifier = (e.keyIdentifier === true ?
+        options.cert.generateSubjectKeyIdentifier().getBytes() :
+        e.keyIdentifier);
+      seq.push(
+        asn1.create(asn1.Class.CONTEXT_SPECIFIC, 0, false, keyIdentifier));
+    }
+
+    if(e.authorityCertIssuer) {
+      var authorityCertIssuer = [
+        asn1.create(asn1.Class.CONTEXT_SPECIFIC, 4, true, [
+          _dnToAsn1(e.authorityCertIssuer === true ?
+            options.cert.issuer : e.authorityCertIssuer)
+        ])
+      ];
+      seq.push(
+        asn1.create(asn1.Class.CONTEXT_SPECIFIC, 1, true, authorityCertIssuer));
+    }
+
+    if(e.serialNumber) {
+      var serialNumber = forge.util.hexToBytes(e.serialNumber === true ?
+        options.cert.serialNumber : e.serialNumber);
+      seq.push(
+        asn1.create(asn1.Class.CONTEXT_SPECIFIC, 2, false, serialNumber));
+    }
   }
 
   // ensure value has been defined by now

package/nodejs/test/util.js

@@ -382,6 +382,115 @@ function Tests(ASSERT, UTIL) {
       var addr = UTIL.bytesToIP(bytes);
       ASSERT.equal(addr, '2001:db8:0:1:1:1:1:1');
     });
+
+    it('should convert "foo" to its UTF-8 representation', function() {
+      if(typeof Uint8Array === 'undefined') {
+        return;
+      }
+      var result = UTIL.text.utf8.encode('foo');
+      ASSERT.equal(result.byteLength, 3);
+      ASSERT.equal(result[0], 102);
+      ASSERT.equal(result[1], 111);
+      ASSERT.equal(result[2], 111);
+    });
+
+    it('should convert "foo" from its UTF-8 representation', function() {
+      if(typeof Uint8Array === 'undefined') {
+        return;
+      }
+      var bytes = new Uint8Array([102, 111, 111]);
+      // FIXME: remove try/catch once phantomjs supports apply(TypedArray)
+      // or a fallback is implemented
+      try {
+        var result = UTIL.text.utf8.decode(bytes);
+        ASSERT.equal(result, 'foo');
+      } catch(e) {
+        ASSERT.isTrue(e instanceof TypeError);
+      }
+    });
+
+    it('should convert "\ud83c\udc00" to its UTF-8 representation', function() {
+      if(typeof Uint8Array === 'undefined') {
+        return;
+      }
+      var result = UTIL.text.utf8.encode('\ud83c\udc00');
+      ASSERT.equal(result.byteLength, 4);
+      ASSERT.equal(result[0], 240);
+      ASSERT.equal(result[1], 159);
+      ASSERT.equal(result[2], 128);
+      ASSERT.equal(result[3], 128);
+    });
+
+    it('should convert "\ud83c\udc00" from its UTF-8 representation', function() {
+      if(typeof Uint8Array === 'undefined') {
+        return;
+      }
+      var bytes = new Uint8Array([240, 159, 128, 128]);
+      // FIXME: remove try/catch once phantomjs supports apply(TypedArray)
+      // or a fallback is implemented
+      try {
+        var result = UTIL.text.utf8.decode(bytes);
+        ASSERT.equal(result, '\ud83c\udc00');
+      } catch(e) {
+        ASSERT.isTrue(e instanceof TypeError);
+      }
+    });
+
+    it('should convert "foo" to its UTF-16 representation', function() {
+      if(typeof Uint8Array === 'undefined') {
+        return;
+      }
+      var result = UTIL.text.utf16.encode('foo');
+      ASSERT.equal(result.byteLength, 6);
+      ASSERT.equal(result[0], 102);
+      ASSERT.equal(result[1], 0);
+      ASSERT.equal(result[2], 111);
+      ASSERT.equal(result[3], 0);
+      ASSERT.equal(result[4], 111);
+      ASSERT.equal(result[5], 0);
+    });
+
+    it('should convert "foo" from its UTF-16 representation', function() {
+      if(typeof Uint8Array === 'undefined') {
+        return;
+      }
+      var bytes = new Uint8Array([102, 0, 111, 0, 111, 0]);
+      // FIXME: remove try/catch once phantomjs supports apply(TypedArray)
+      // or a fallback is implemented
+      try {
+        var result = UTIL.text.utf16.decode(bytes);
+        ASSERT.equal(result, 'foo');
+      } catch(e) {
+        ASSERT.isTrue(e instanceof TypeError);
+      }
+    });
+
+    it('should convert "\ud83c\udc00" to its UTF-16 representation', function() {
+      if(typeof Uint8Array === 'undefined') {
+        return;
+      }
+      var result = UTIL.text.utf16.encode('\ud83c\udc00');
+      ASSERT.equal(result.byteLength, 4);
+      ASSERT.equal(result[0], 60);
+      ASSERT.equal(result[1], 216);
+      ASSERT.equal(result[2], 0);
+      ASSERT.equal(result[3], 220);
+    });
+
+    it('should convert "\ud83c\udc00" from its UTF-16 representation', function() {
+      if(typeof Uint8Array === 'undefined') {
+        return;
+      }
+      var bytes = new Uint8Array([60, 216, 0, 220]);
+      // FIXME: remove try/catch once phantomjs supports apply(TypedArray)
+      // or a fallback is implemented
+      try {
+        var result = UTIL.text.utf16.decode(bytes);
+        ASSERT.equal(result, '\ud83c\udc00');
+      } catch(e) {
+        ASSERT.isTrue(e instanceof TypeError);
+      }
+    });
   });
 }
 

package/nodejs/test/x509.js

@@ -44,17 +44,229 @@ function Tests(ASSERT, PKI, MD, UTIL) {
       '-----END CERTIFICATE-----\r\n'
   };
 
+  var _pem_sha256 = {
+    privateKey: '-----BEGIN RSA PRIVATE KEY-----\r\n' +
+      'MIIEpAIBAAKCAQEAgqu7/2ntXa9rzqiUvDD2swStK8w7MFtha/OiwzEDJng7mZUs\r\n' +
+      'uy7Neqh5S1Z+nWq7NP51ol//tnNCrWM6VozrJKTAEC2qj3k+bMWnjuTU7sTJHpoZ\r\n' +
+      '9wdCqS9q7oOJhqwBxS7M9l8LNA+6I4Qj1bY1g2XeZsxEjJfCvILa3yBzztL3CxSF\r\n' +
+      'R36FoOo9IpzYlVcE9mqTdJgTwR43ZsFNCRAkfSqJjLKy1A2+aDxUcrom2OrLSITI\r\n' +
+      'CWqz5R1hFIIIB0aprjpz5F2MunciUAhTjUqrQPCtw17wmwmaeXZsu0zoq9P/VtKE\r\n' +
+      'AxtQkS4tqgnodBzmmgM8YemjkJAVHQzkH8jiGQIDAQABAoIBAQAMuYiPMNOKogCP\r\n' +
+      'mV8SjHoZqMTsVPEWnm94QbuB4o35+w9iv2IhwEcGQM2/BmdCERi16mmuLEcMj2DY\r\n' +
+      '3abastJbOSfy61+GpTntAbp1cddCgStMrZkFs1FMhG+XVnvX/3wUpaAUBeFjanyn\r\n' +
+      '5MBQmXPQneTwgcfTIRw3m06RF+nvI/ssIz6oHTDTTwRanTa64KYCww/fcX0XCLGw\r\n' +
+      'D4GYaRrBLvglp27omQCLuCBp1Dedwx5+JRnybyQm1ZYVJ0kirD/qVDRJqQN6z2N/\r\n' +
+      '3XmvOc6yNnzNQwKDlFFs6VxLG/i/sv+TekiPIP2LIQ1V/0ojUJriRdPAe/dhER5E\r\n' +
+      'ku2n+k75AoGBAPDUZNyqPqFTUaLj6mdTEIvLbG0Dx0/EZTalUohFUBpJSxSUuNIS\r\n' +
+      '6z+2dohTO5qj6Mv1JpXqXEWmRQisBl8ibizD5KJkgQW0EptmJf5BU9bnqYllgjZj\r\n' +
+      'jJsBixFFcwbFUwD4vg7NjYrxEv2Wjv8II0rVNbEh61F35vMNdmgMsu0TAoGBAIrm\r\n' +
+      '7NbFDDBWREyFZKZdVhTo2AR8JyWuWdOO7EFbv+mzHy7TkgscwYlV4yeU/+TG6KLG\r\n' +
+      'WPo5AX2mWL/zI2Zjd2Quw002e6Y9ZIO8CUK8iocrvhNy+Bfli2XyjYZxRIILQeKX\r\n' +
+      'ID/h+gyzViKOXFclbUkubnm/kEGwWO8hRQvh/TWjAoGAUwbGZxUCVpfk8yVkMI8A\r\n' +
+      'i1FsZgEBe8yXoElKtNRAk29lRQko1rPTCrobD1CyodOUdIxl6xVLDnAOKLk10SKL\r\n' +
+      'nT9D2YCQwqicKZsDyi43e0WOu2GVjK6xUNctXJz21QS+Yv1eeLgA7j/Cbk6zqdTi\r\n' +
+      'ZfAvfIvXFtUhd/XSNnj6TqUCgYBKGrE4U6ARGbUObgwohZsrRJ4apnHsNHxP1exN\r\n' +
+      'Yjmc4Kc+QDmmHA1Uy7GIqIFs+IGcdd16gXc+JcUrgvfb5C0KEbi4NNz67730WhlG\r\n' +
+      'tXfibX/WuHuLpDceiKzgkQVPq9nWnXHjIxhYNkU54mF5TMplRJRD9+NqaD7KNSG1\r\n' +
+      'GTgRqQKBgQCSJ2W29p2uOrl+OcogFMSfZYkwJsKR25S/c7BAvsH7dVdtqSdBsRg2\r\n' +
+      'zWEwWAGyd7BJsZd0gVCea9CHfZYwDoCC4nA7sRFVLAqWfRsmrALORIiXHBYD6SrL\r\n' +
+      'H1G4nr6HK6/Ur0WTQQmwyz1Yw+ZhyShVRo+9NN2a3gA1n25wP3n6gQ==\r\n' +
+      '-----END RSA PRIVATE KEY-----\r\n',
+    publicKey: '-----BEGIN PUBLIC KEY-----\r\n' +
+      'MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqu7/2ntXa9rzqiUvDD2\r\n' +
+      'swStK8w7MFtha/OiwzEDJng7mZUsuy7Neqh5S1Z+nWq7NP51ol//tnNCrWM6Vozr\r\n' +
+      'JKTAEC2qj3k+bMWnjuTU7sTJHpoZ9wdCqS9q7oOJhqwBxS7M9l8LNA+6I4Qj1bY1\r\n' +
+      'g2XeZsxEjJfCvILa3yBzztL3CxSFR36FoOo9IpzYlVcE9mqTdJgTwR43ZsFNCRAk\r\n' +
+      'fSqJjLKy1A2+aDxUcrom2OrLSITICWqz5R1hFIIIB0aprjpz5F2MunciUAhTjUqr\r\n' +
+      'QPCtw17wmwmaeXZsu0zoq9P/VtKEAxtQkS4tqgnodBzmmgM8YemjkJAVHQzkH8ji\r\n' +
+      'GQIDAQAB\r\n' +
+      '-----END PUBLIC KEY-----\r\n',
+    certificate: '-----BEGIN CERTIFICATE-----\r\n' +
+      'MIIECTCCAvGgAwIBAgIBATANBgkqhkiG9w0BAQsFADBpMRQwEgYDVQQDEwtleGFt\r\n' +
+      'cGxlLm9yZzELMAkGA1UEBhMCVVMxETAPBgNVBAgTCFZpcmdpbmlhMRMwEQYDVQQH\r\n' +
+      'EwpCbGFja3NidXJnMQ0wCwYDVQQKEwRUZXN0MQ0wCwYDVQQLEwRUZXN0MB4XDTE1\r\n' +
+      'MTAwOTE3NTc1NloXDTE2MTAwOTE3NTc1NlowaTEUMBIGA1UEAxMLZXhhbXBsZS5v\r\n' +
+      'cmcxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhWaXJnaW5pYTETMBEGA1UEBxMKQmxh\r\n' +
+      'Y2tzYnVyZzENMAsGA1UEChMEVGVzdDENMAsGA1UECxMEVGVzdDCCASIwDQYJKoZI\r\n' +
+      'hvcNAQEBBQADggEPADCCAQoCggEBAIKru/9p7V2va86olLww9rMErSvMOzBbYWvz\r\n' +
+      'osMxAyZ4O5mVLLsuzXqoeUtWfp1quzT+daJf/7ZzQq1jOlaM6ySkwBAtqo95PmzF\r\n' +
+      'p47k1O7EyR6aGfcHQqkvau6DiYasAcUuzPZfCzQPuiOEI9W2NYNl3mbMRIyXwryC\r\n' +
+      '2t8gc87S9wsUhUd+haDqPSKc2JVXBPZqk3SYE8EeN2bBTQkQJH0qiYyystQNvmg8\r\n' +
+      'VHK6Jtjqy0iEyAlqs+UdYRSCCAdGqa46c+RdjLp3IlAIU41Kq0DwrcNe8JsJmnl2\r\n' +
+      'bLtM6KvT/1bShAMbUJEuLaoJ6HQc5poDPGHpo5CQFR0M5B/I4hkCAwEAAaOBuzCB\r\n' +
+      'uDAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIC9DA7BgNVHSUENDAyBggrBgEFBQcD\r\n' +
+      'AQYIKwYBBQUHAwIGCCsGAQUFBwMDBggrBgEFBQcDBAYIKwYBBQUHAwgwEQYJYIZI\r\n' +
+      'AYb4QgEBBAQDAgD3MCwGA1UdEQQlMCOGG2h0dHA6Ly9leGFtcGxlLm9yZy93ZWJp\r\n' +
+      'ZCNtZYcEfwAAATAdBgNVHQ4EFgQUyX839dHHD+pAfU9F5t/rpQaq3LQwDQYJKoZI\r\n' +
+      'hvcNAQELBQADggEBAGfr9yMwTXoHbZAj/8bRCfKUUg/xIbQY0RtuDwGKBnzVcz7r\r\n' +
+      'NpocyEBUFvlbsXK4Dwpql41nYPwEpmm486gpWDqSBB0p0jF3HNHihKhCcR0LDQLt\r\n' +
+      'hBP7SbX76uL4cHoJkbAVbc4FGARCkE7eVZ0sBWUPmLqVh2JmzlC3geq7Obs7HCvq\r\n' +
+      'eStorsBlDZt27/N+xhvxdUTGJgiTBxk6BrRLGxUeor9TLRpZ2wsoMSnkIcQyooZ4\r\n' +
+      'iGAZsqUyanWODz0o6R02kSpTA3zx6LssLuLdnxfi1EmHMSM27Lxuw308XzirTxM2\r\n' +
+      '/N0H5AwUc057+HoygLPfddxOfxHGXz4VmEKMcJ8=\r\n' +
+      '-----END CERTIFICATE-----\r\n'
+  };
+
+  var _pem_sha512 = {
+    privateKey: '-----BEGIN RSA PRIVATE KEY-----\r\n' +
+      'MIIEowIBAAKCAQEAmy+xwQpZMYkMWHhw+kh2TDGbG+AF1w6BFVQ6CduEjUzD5d/j\r\n' +
+      'URtkaeb0RO/uba+J92DMgJJLWlcTe5FpQMb2lxOrNoYP+suWnNxU7QD5vQ4OiJ+i\r\n' +
+      '3nTMly9LMB3BEEea2ZJRpVboJxRBeGl6pKz4obFfoFxqtSww38Cw8h5Nplt+LXR/\r\n' +
+      'wq8yCpmN9hTE4CSw8iioIqxOZem3sz4//jcMHJ5/aiTjXwseE8eWjaVfvpDESuwQ\r\n' +
+      'MNjfJYYP0onzEZmTtztyAspsyf0GZBjd1ew2nVCY0cCkQ1+tqYk7H9rjlj1PxduC\r\n' +
+      'a4aGVKZjIBFnZXhCE23znOgVt9PxFMPUrmHwqwIDAQABAoIBAC68UWMak7wIUxB9\r\n' +
+      'zUCC/CV8NwNRF1EqDBP5VrVLSAMp4EFliNcPUdFW/a+ZNowP9pPqsgvygwEFAlgP\r\n' +
+      'dcxNX0wmX0S/YSadk5FQBb+OsKeQCS56LRmjwU2yr4khHNijR+5IU5BguO+z+Pej\r\n' +
+      'hIz9jq9bdLoduwEu+tUX+fIg0C/OGfxKQrOXIW3hiJDilx2Bt+eyUYrtIxBhwNC9\r\n' +
+      'jwwMCUFlcbvQSwq+Vx50v2LVjqalJMdMLQiULsF9nPw7EdUJz+aoM4STv7l4miXi\r\n' +
+      'utkF4xlAl8lnJKOycsFPbqBBaypZoY3O3mKkWtSFRjD4oNW/juBGHTimPWRYgW3V\r\n' +
+      'Q+IVHpkCgYEA75+vMp2Expq+iCa+UoV48HIVdiCaCk4vRedVe4IHyWxEkaliCHga\r\n' +
+      'e9wAsxWipDxROv3yoLxlbddnZSD2YaYaIALH/xpSWlcBHZupyq6jNF7R+14Yx155\r\n' +
+      '88iGyoYKNE2VrcVlL164LIqaEB4lxYanhotwqcC5O6IOhpZZ7jSC/H8CgYEApcq9\r\n' +
+      '/G5po1BgYVZ2hdxTqdx8wniWaQNd7EVpogBhJ4KLC+tN42+vBHJT6BQp/PFRWjY5\r\n' +
+      'fiC1zwI8ufL12F4T8+ZcQVZkHpLjKporYolYmQm/T8wNDwOziYB67Jp9M2EHdei/\r\n' +
+      'HNo2FUsXRm+Tb1utiQn7AyJ6PHwwJAU1LbtYpdUCgYEAg4R/YiZ2c5MHNC8fkqdT\r\n' +
+      'Q5U6FkW6hiF3bMSVdF5f67uSvufauI9C6exMLf6X79BzPQ+YlYQRn4H0a9r1n47N\r\n' +
+      'E/iy0F8gCBlssVV4kZfcV6gbU/3HV9WQ1a6f3JRJEX/rwR5wdNll+HxyJpqFXK6V\r\n' +
+      'UBFEWsc+Y26EznXDEiycH/0CgYBxwfMqSfhh/ryjDVi18L/XRVq1dVh/JbhEbjxU\r\n' +
+      '1D3VhlUyEHqZHADS5D9+dpd433wakipQyND3AWn5jSPzGlpGeEHE8yovcEo+6Rnr\r\n' +
+      'uqH4ICAM+M3dB4UhS+8MedR+dI1R8ilv+qoxYhzOT7CyMA2agiaht/53kh7WGFys\r\n' +
+      'zGe/IQKBgALJnE5CVQLaJgFcWGH2rnD6hWVh1DdV8ockzLg7ulUW0U5gueHWnaWv\r\n' +
+      'PhP/P0YWF250IWmEm73LCZi3Cv3gBIwvn5pV3GHjMUexTQ3iODsGC8SdL0svnUTc\r\n' +
+      '5/VlSjAKS4Mn9gwutcXX9/Y2AJa4O6S/QfAQeU5aqkk/Fs+31ose\r\n' +
+      '-----END RSA PRIVATE KEY-----\r\n',
+    publicKey: '-----BEGIN PUBLIC KEY-----\r\n' +
+      'MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmy+xwQpZMYkMWHhw+kh2\r\n' +
+      'TDGbG+AF1w6BFVQ6CduEjUzD5d/jURtkaeb0RO/uba+J92DMgJJLWlcTe5FpQMb2\r\n' +
+      'lxOrNoYP+suWnNxU7QD5vQ4OiJ+i3nTMly9LMB3BEEea2ZJRpVboJxRBeGl6pKz4\r\n' +
+      'obFfoFxqtSww38Cw8h5Nplt+LXR/wq8yCpmN9hTE4CSw8iioIqxOZem3sz4//jcM\r\n' +
+      'HJ5/aiTjXwseE8eWjaVfvpDESuwQMNjfJYYP0onzEZmTtztyAspsyf0GZBjd1ew2\r\n' +
+      'nVCY0cCkQ1+tqYk7H9rjlj1PxduCa4aGVKZjIBFnZXhCE23znOgVt9PxFMPUrmHw\r\n' +
+      'qwIDAQAB\r\n' +
+      '-----END PUBLIC KEY-----\r\n',
+    certificate: '-----BEGIN CERTIFICATE-----\r\n' +
+      'MIIECTCCAvGgAwIBAgIBATANBgkqhkiG9w0BAQ0FADBpMRQwEgYDVQQDEwtleGFt\r\n' +
+      'cGxlLm9yZzELMAkGA1UEBhMCVVMxETAPBgNVBAgTCFZpcmdpbmlhMRMwEQYDVQQH\r\n' +
+      'EwpCbGFja3NidXJnMQ0wCwYDVQQKEwRUZXN0MQ0wCwYDVQQLEwRUZXN0MB4XDTE1\r\n' +
+      'MTAwOTE4MDEwOVoXDTE2MTAwOTE4MDEwOVowaTEUMBIGA1UEAxMLZXhhbXBsZS5v\r\n' +
+      'cmcxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhWaXJnaW5pYTETMBEGA1UEBxMKQmxh\r\n' +
+      'Y2tzYnVyZzENMAsGA1UEChMEVGVzdDENMAsGA1UECxMEVGVzdDCCASIwDQYJKoZI\r\n' +
+      'hvcNAQEBBQADggEPADCCAQoCggEBAJsvscEKWTGJDFh4cPpIdkwxmxvgBdcOgRVU\r\n' +
+      'OgnbhI1Mw+Xf41EbZGnm9ETv7m2vifdgzICSS1pXE3uRaUDG9pcTqzaGD/rLlpzc\r\n' +
+      'VO0A+b0ODoifot50zJcvSzAdwRBHmtmSUaVW6CcUQXhpeqSs+KGxX6BcarUsMN/A\r\n' +
+      'sPIeTaZbfi10f8KvMgqZjfYUxOAksPIoqCKsTmXpt7M+P/43DByef2ok418LHhPH\r\n' +
+      'lo2lX76QxErsEDDY3yWGD9KJ8xGZk7c7cgLKbMn9BmQY3dXsNp1QmNHApENframJ\r\n' +
+      'Ox/a45Y9T8XbgmuGhlSmYyARZ2V4QhNt85zoFbfT8RTD1K5h8KsCAwEAAaOBuzCB\r\n' +
+      'uDAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIC9DA7BgNVHSUENDAyBggrBgEFBQcD\r\n' +
+      'AQYIKwYBBQUHAwIGCCsGAQUFBwMDBggrBgEFBQcDBAYIKwYBBQUHAwgwEQYJYIZI\r\n' +
+      'AYb4QgEBBAQDAgD3MCwGA1UdEQQlMCOGG2h0dHA6Ly9leGFtcGxlLm9yZy93ZWJp\r\n' +
+      'ZCNtZYcEfwAAATAdBgNVHQ4EFgQUaC1StQewfZ4bMUDUsnpzy/4+CZ8wDQYJKoZI\r\n' +
+      'hvcNAQENBQADggEBAGy58GzpSG3KAv0DILJPWhtxTRvbnd02AWO6fhCdx+siyQ02\r\n' +
+      'aKgkf1sAS0MGDDMGiwMKvBTz8+8HnfFx6cA7NG7xtuw9m8yb1LeNLbOc3/TCrG/U\r\n' +
+      'A27ZediP+hCqElB9MtNHyOx/vv+gdKXTFDG4PlykNFmFsGjrA+sA0OtwKRLPQCxp\r\n' +
+      'rUtGw+cw+xy3O68/unCl86wc8PA5r4uAaQBXdWThpAL0KJI1ky7auUwpsR+aWILJ\r\n' +
+      '0x6a9LOUnCMbbOTN31vRweFxD0qS2J8QMDkfNflvEWmpIZHF4UEoietXk+suP9tc\r\n' +
+      '87rtT63BEY6KcZJJ+oDnKiZuAujmf1iezC+YORs=\r\n' +
+      '-----END CERTIFICATE-----\r\n'
+  };
+
+
   describe('x509', function() {
-    it('should convert certificate to/from PEM', function() {
+    it('should convert SHA-1 based certificate to/from PEM', function() {
       var certificate = PKI.certificateFromPem(_pem.certificate);
       ASSERT.equal(PKI.certificateToPem(certificate), _pem.certificate);
     });
 
-    it('should verify self-signed certificate', function() {
+    it('should convert SHA-256 based certificate to/from PEM', function() {
+      var certificate = PKI.certificateFromPem(_pem_sha256.certificate);
+      ASSERT.equal(PKI.certificateToPem(certificate), _pem_sha256.certificate);
+    });
+
+    it('should convert SHA-512 based certificate to/from PEM', function() {
+      var certificate = PKI.certificateFromPem(_pem_sha512.certificate);
+      ASSERT.equal(PKI.certificateToPem(certificate), _pem_sha512.certificate);
+    });
+
+    it('should verify SHA-1 based self-signed certificate', function() {
       var certificate = PKI.certificateFromPem(_pem.certificate);
       ASSERT.ok(certificate.verify(certificate));
     });
 
+    it('should verify SHA-256 based self-signed certificate', function() {
+      var certificate = PKI.certificateFromPem(_pem_sha256.certificate);
+      ASSERT.ok(certificate.verify(certificate));
+    });
+
+    it('should verify SHA-512 based self-signed certificate', function() {
+      var certificate = PKI.certificateFromPem(_pem_sha512.certificate);
+      ASSERT.ok(certificate.verify(certificate));
+    });
+
+    it('should generate a certificate with authorityKeyIdentifier extension', function() {
+      var keys = {
+        privateKey: PKI.privateKeyFromPem(_pem.privateKey),
+        publicKey: PKI.publicKeyFromPem(_pem.publicKey)
+      };
+      var attrs = [{
+        name: 'commonName',
+        value: 'example.org'
+      }, {
+        name: 'countryName',
+        value: 'US'
+      }, {
+        shortName: 'ST',
+        value: 'Virginia'
+      }, {
+        name: 'localityName',
+        value: 'Blacksburg'
+      }, {
+        name: 'organizationName',
+        value: 'Test'
+      }, {
+        shortName: 'OU',
+        value: 'Test'
+      }];
+      var cert = createCertificate({
+        publicKey: keys.publicKey,
+        signingKey: keys.privateKey,
+        extensions: [{
+          name: 'authorityKeyIdentifier',
+          keyIdentifier: true,
+          authorityCertIssuer: true,
+          serialNumber: true
+        }],
+        serialNumber: '01',
+        subject: attrs,
+        issuer: attrs,
+        isCA: true
+      });
+
+      // verify certificate encoding/parsing
+      var pem = PKI.certificateToPem(cert);
+      cert = PKI.certificateFromPem(pem);
+
+      // verify authorityKeyIdentifier extension
+      var index = findIndex(cert.extensions, {id: '2.5.29.35'});
+      ASSERT.ok(index !== -1);
+      var ext = cert.extensions[index];
+      ASSERT.equal(ext.name, 'authorityKeyIdentifier');
+      ASSERT.equal(ext.value, UTIL.hexToBytes(
+        '3081888014f57563e0c75d6e9b03fafdb2fd72349f23030300a16da46b30693114' +
+        '30120603550403130b6578616d706c652e6f7267310b3009060355040613025553' +
+        '3111300f0603550408130856697267696e6961311330110603550407130a426c61' +
+        '636b7362757267310d300b060355040a130454657374310d300b060355040b1304' +
+        '54657374820101'));
+
+      // verify certificate chain
+      var caStore = PKI.createCaStore();
+      caStore.addCertificate(cert);
+      PKI.verifyCertificateChain(caStore, [cert], function(vfd, depth, chain) {
+        ASSERT.equal(vfd, true);
+        ASSERT.ok(cert.verifySubjectKeyIdentifier());
+        return true;
+      });
+    });
+
     it('should generate and verify a self-signed certificate', function() {
       var keys = {
         privateKey: PKI.privateKeyFromPem(_pem.privateKey),
@@ -554,6 +766,8 @@ function Tests(ASSERT, PKI, MD, UTIL) {
     });
   });
 
+  // TODO: add sha-512 and sha-256 fingerprint tests
+
   describe('public key fingerprints', function() {
     it('should get a SHA-1 RSAPublicKey fingerprint', function() {
       var publicKey = PKI.publicKeyFromPem(_pem.publicKey);
@@ -642,6 +856,19 @@ function Tests(ASSERT, PKI, MD, UTIL) {
     });
   });
 
+  function findIndex(array, predicateObj) {
+    var result = -1;
+    array.forEach(function(el, index) {
+      var match = Object.keys(predicateObj).reduce(function(soFar, key) {
+        return soFar && el[key] === predicateObj[key];
+      }, true);
+      if(match) {
+        result = index;
+      }
+    });
+    return result;
+  }
+
   function createCertificate(options) {
     var publicKey = options.publicKey;
     var signingKey = options.signingKey;
@@ -659,7 +886,7 @@ function Tests(ASSERT, PKI, MD, UTIL) {
       cert.validity.notBefore.getFullYear() + 1);
     cert.setSubject(subject);
     cert.setIssuer(issuer);
-    var extensions = [];
+    var extensions = options.extensions || [];
     if(isCA) {
       extensions.push({
         name: 'basicConstraints',

package/package.json

@@ -1,8 +1,8 @@
 {
   "name": "node-forge",
-  "version": "0.6.34",
+  "version": "0.6.39",
   "description": "JavaScript implementations of network transports, cryptography, ciphers, PKI, message digests, and various utilities.",
-  "homepage": "http://github.com/digitalbazaar/forge",
+  "homepage": "https://github.com/digitalbazaar/forge",
   "author": {
     "name": "Digital Bazaar, Inc.",
     "email": "support@digitalbazaar.com",
@@ -29,7 +29,7 @@
   },
   "repository": {
     "type": "git",
-    "url": "http://github.com/digitalbazaar/forge"
+    "url": "https://github.com/digitalbazaar/forge"
   },
   "bugs": {
     "url": "https://github.com/digitalbazaar/forge/issues",