Question about webRequest.CertificateInfo object

Add-ons Development
#1

I am working on an extension that extracts the certificate chain when I visit a website and send it to a node server where I can store it locally on the system. (This is for a study). I can get the DER encoding of the certificate through the rawDER key. This is represented as an array of numbers, is there a way (library,API,formatting) that I can convert this back to a DER certificate file or into a raw DER string?

For more information: https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/webRequest/CertificateInfo

#2

The array of numbers is probably the raw bytes? If so, you’re looking for a base64 encoded string?

#3

I did encode the array to base64 but I am not able to get the actual certificate.

#4

So I have a solution. This is based on https://github.com/april/certainly-something (Which itself is what Mozilla’s certificate viewer is based on)

You can create a downloadable link which contains the PEM file through the rawDER.

The steps below are to create a pem file for the certificate chain.

let chain = securityInfo.certificates; // securityInfo is the object returned by webRequest.getSecurityInfo
let builtChain = chain.map(cert => { return new Uint8Array(cert.rawDER).buffer });
let modifiedChain = builtChain.map(cert => parse(cert));

function parse(certificate)
{
  const certBTOA = window.btoa(String.fromCharCode.apply(null, new Uint8Array(certificate))).match(/.{1,64}/g).join('\r\n');
  const pURI = encodeURI(`-----BEGIN CERTIFICATE-----\r\n${certBTOA}\r\n-----END CERTIFICATE-----\r\n`);
  return pURI;
}

let dString = "data:,"

for(let p of modifiedChain)
{
   dString += p;
}

At this stage dString is the downloadable link. In order to utilize it you need to make an anchor (via html or document.createElement(‘a’)) with dString as the href. In browser you need to right click the link and choose “save link as file”. This is how the mozilla certificate viewer lets you download certificates as well.