• Public
  • Public/Protected
  • All

Module ndncert


This package is part of NDNts, Named Data Networking libraries for the modern web.

This package partially implements NDN Certificate Management protocol v0.3 and challenges. This implementation is validated against the reference implementation using ndncert-interop.


  • CA profile (segmentation not supported)
  • PROBE command
  • PROBE extension for redirection
  • PROBE extension for privacy
  • certificate issuance: NEW and CHALLENGE commands
  • certificate renewal
  • certificate revocation
  • CA publishes issued certificates to @ndn/repo


  • PIN
  • email, with name assignment policy
  • proof of possession, with name assignment policy
  • "nop" (not in NDNCERT spec)

@ndn/keychain-cli package offers ndnts-keychain ndncert03-make-profile, ndnts-keychain ndncert03-show-profile, ndnts-keychain ndncert03-ca, and ndnts-keychain ndncert03-client commands that use this implementation.


Type aliases

ParameterKV: Record<string, Uint8Array>

Parameter key-value pair.


C: { CA: Component; CHALLENGE: Component; INFO: Component; NEW: Component; PROBE: Component } = ...

Type declaration

  • CA: Component
  • CHALLENGE: Component
  • INFO: Component
  • NEW: Component
  • PROBE: Component
TT: { AuthenticationTag: number; CaCertificate: number; CaInfo: number; CaPrefix: number; CertRequest: number; CertToRevoke: number; Challenge: number; ChallengeStatus: number; EcdhPub: number; EncryptedPayload: number; ErrorCode: number; ErrorInfo: number; InitializationVector: number; IssuedCertName: number; MaxSuffixLength: number; MaxValidityPeriod: number; ParameterKey: number; ParameterValue: number; ProbeRedirect: number; ProbeResponse: number; RemainingTime: number; RemainingTries: number; RequestId: number; Salt: number; SelectedChallenge: number; Status: number } = ...

Type declaration

  • AuthenticationTag: number
  • CaCertificate: number
  • CaInfo: number
  • CaPrefix: number
  • CertRequest: number
  • CertToRevoke: number
  • Challenge: number
  • ChallengeStatus: number
  • EcdhPub: number
  • EncryptedPayload: number
  • ErrorCode: number
  • ErrorInfo: number
  • InitializationVector: number
  • IssuedCertName: number
  • MaxSuffixLength: number
  • MaxValidityPeriod: number
  • ParameterKey: number
  • ParameterValue: number
  • ProbeRedirect: number
  • ProbeResponse: number
  • RemainingTime: number
  • RemainingTries: number
  • RequestId: number
  • Salt: number
  • SelectedChallenge: number
  • Status: number


  • Determine if a subject name is acceptable according to probe response.


    • probeResponse: ProbeResponse.Fields

      probe response from CA.

    • name: Name

      subject name, key name, or certificate name. Only the subject name portion is considered.

    Returns boolean

  • requestCertificate(__namedParameters: ClientOptions): Promise<Certificate>

Generated using TypeDoc