bseddon

Subtle is the modern way to perform cryptographic task in JavaScript. However, examples provided in the Mozilla documentation or in their GitHub pages only show how to use the subtle functions to sign text and verify signatures using a key pair generated by subtle.

In my use case the key pair MUST be generated a recognised authority so how can the CryptoKey required by the subtle Sign and Verify functions be created from an external source. On this the documentation and examples are not very helpful so this gist provides a worked example showing how to do it.

Use case

In my case a signature is to be added to a document in the manner specified by XAdES which is defined by ETSI on behalf of the EU commission. The public key of the key pair used MUST be pa

bseddon

Protocols such as https://www.w3.org/TR/xmldsig-core/ or https://www.w3.org/TR/xmldsig-core2/ define how to sign an XML document using a PKI certificate (gist XML Digital Signature describes how such a certificate can be generated using OpenSSL).

An XML document cannot be signed by manually adding information even with a certificate. Instead an application is needed to apply the certificate and sign the document using the private key associated with a certificate. However, when a suitable application is used then the XML document:

<?xml version="1.0" encoding="UTF-8"?>
<root>
	<someElement>Ipso facto...</someElement>
</root> 

bseddon

When wanting to sign XML documents using a protocol such as https://www.w3.org/TR/xmldsig-core/ or https://www.w3.org/TR/xmldsig-core2/ its necessary to have a certificate and its corresponding private key. Sure, you can buy a certificate and key from a certificate authority (CA) but if the purpose of the certificate is only to generate certificates for internal consumption, for testing or when verifiers will trust a CA you provide, then creating your own certificates and keys is free.

Here's how to do it using a tool like OpenSSL. Another tool could be used as this example uses only standard public key infrastructure (PKI) techniques. Throughtout I'm using a domain in the file names. This hints that the certificate will be available online so others will be able to access it to verify any certificates it is used to sign.

Create certificate authority

A certificate authority is just the owner of a certificate and public key where the [subject](https://en.wikipedia.org/wi

bseddon

With the Intl object JavaScript is awash with functions to format dates so why is another one needed? The functions in Intl are generic and address uses cases where it's important that dates are formatted in a way that is commonly recognized by users within a locale. But there are many cases where date formatting is needed that has nothing to do with locales. My specific case is to be able to output date information that is consistent with the XML date types:

QName	Format
xs:time	HH-MM-SS
xs:gYearMonth	YYYY-MM
xs:gYear	YYYY
xs:gMonthDay	--MM-DD
xs:gDay	---DD
xs:gMonth	--MM

bseddon

Lyquidity Contributor License Agreement

Thank you for your interest in contributing to open source software projects (“Projects”) made available by Lyquidity Solutions Limited or its affiliates (“Lyquidity”). This Contributor License Agreement (“Agreement”) sets out the terms governing any source code, object code, bug fixes, configuration changes, tools, specifications, documentation, data, materials, feedback, information or other works of authorship that you submit or have submitted, in any form and in any manner, to Lyquidity in respect of any of the Projects (collectively “Contributions”). If you have any questions respecting this Agreement, please contact github@lyquidity. com. You agree that the following terms apply to all of your past, present and future Contributions. Except for the licenses granted in this Agreement, you retain all of your right, title and interest in and to your Contributions.

Why is a CLA necessary?

It depends on the jurisdiction but in many countries contributions are o