getCertificateInfo static method

Implementation

static CertificateInfo getCertificateInfo(String pem) {
  /// Generate hash of the cleaned PEM content
  final pemContent = cleanCertificatePem(pem);
  final hash = sha256.convert(utf8.encode(pemContent)).toString();
  final hashBase64Encoded = base64.encode(utf8.encode(hash));

  /// Decode the PEM content into bytes
  final bytes = _decodePem(pem);
  final asn1Parser = ASN1Parser(bytes);
  final topLevelSeq = asn1Parser.nextObject() as ASN1Sequence;

  /// Extract tbsCertificate (to-be-signed certificate) from the sequence
  final tbsCertificate = topLevelSeq.elements[0] as ASN1Sequence;

  /// Extract serial number from tbsCertificate
  final serialNumberASN1 = tbsCertificate.elements[1] as ASN1Integer;
  final serialNumber = serialNumberASN1.valueAsBigInteger;

  /// Extract issuer information from tbsCertificate
  final issuerSeq = tbsCertificate.elements[3] as ASN1Sequence;
  final issuer = _parseName(issuerSeq);

  /// Extract signature from the top-level sequence
  final signature = topLevelSeq.elements[2] as ASN1BitString;
  final signatureBytes = signature.valueBytes().sublist(1);

  /// Construct the public key in DER format
  final publicKeyDER = [
    ...[0x30, 0x56], // SEQUENCE header
    ...[0x30, 0x10], // OID for EC public key
    ...[0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01],
    ...[0x06, 0x05, 0x2B, 0x81, 0x04, 0x00, 0x0A],
    ...[0x03, 0x42, 0x00],
    ..._extractPublicKey(tbsCertificate),
  ];

  /// Return the parsed certificate information
  return CertificateInfo(
    hash: hashBase64Encoded,
    issuer: issuer,
    serialNumber: serialNumber.toString(),
    publicKey: base64.encode(publicKeyDER),
    signature: base64.encode(signatureBytes),
  );
}