Pen Settings



CSS Base

Vendor Prefixing

Add External Stylesheets/Pens

Any URLs added here will be added as <link>s in order, and before the CSS in the editor. You can use the CSS from another Pen by using its URL and the proper URL extension.

+ add another resource


Babel includes JSX processing.

Add External Scripts/Pens

Any URL's added here will be added as <script>s in order, and run before the JavaScript in the editor. You can use the URL of any other Pen and it will include the JavaScript from that Pen.

+ add another resource


Add Packages

Search for and use JavaScript packages from npm here. By selecting a package, an import statement will be added to the top of the JavaScript editor for this package.


Auto Save

If active, Pens will autosave every 30 seconds after being saved once.

Auto-Updating Preview

If enabled, the preview panel updates automatically as you code. If disabled, use the "Run" button to update.

Format on Save

If enabled, your code will be formatted when you actively save your Pen. Note: your code becomes un-folded during formatting.

Editor Settings

Code Indentation

Want to change your Syntax Highlighting theme, Fonts and more?

Visit your global Editor Settings.


                <link href=";600&display=swap" rel="stylesheet">

<!-- Components -->
<script type="module" src=""></script>
<link rel="stylesheet" href="">

<!-- Crypto -->
<script src=""></script>
<script src=""></script>
<script src=""></script>

  body {
    height: 100vh;
    background: #6D7D87;

  section {
    max-width: 660px;
    width: calc(100% - 20px);
    margin: 20px auto;

  <pre><code id="output"></code></pre>

  function formatPEM (raw, tag) {
    var pemString = pvtsutils.Convert.ToBase64(raw);
    var stringLength = pemString.length;
    var resultString = "";

    for (var i = 0, count = 0; i < stringLength; i++, count++) {
      if (count > 63) {
        resultString = resultString + '\n';
        count = 0;

      resultString = resultString + pemString[i];

    return '-----BEGIN ' + tag.toUpperCase() + '-----\n' + resultString + '\n-----END ' + tag.toUpperCase() + '-----\n';

  async function continueHandler(event) {
    try {
      var demoData = pvtsutils.Convert.FromUtf8String("Test message");
      var provider = await event.detail.socketProvider.getCrypto(event.detail.providerId);

      provider.sign = provider.subtle.sign.bind(provider.subtle);

        new pkijs.CryptoEngine({
          name: "",
          crypto: provider,
          subtle: provider.subtle,

      var cert = await provider.certStorage.getItem(event.detail.certificateId);
      var privateKey = await provider.keyStorage.getItem(event.detail.privateKeyId);
      var certRawData = await provider.certStorage.exportCert('raw', cert);

      var pkiCert = new pkijs.Certificate({
        schema: asn1js.fromBER(certRawData).result,

      var signedData = new pkijs.SignedData({
        version: 1,
        encapContentInfo: new pkijs.EncapsulatedContentInfo({
          eContentType: "1.2.840.113549.1.7.1", // "data" content type
        signerInfos: [
          new pkijs.SignerInfo({
            version: 1,
            sid: new pkijs.IssuerAndSerialNumber({
              issuer: pkiCert.issuer,
              serialNumber: pkiCert.serialNumber,
        certificates: [pkiCert],

      var contentInfo = new pkijs.EncapsulatedContentInfo({
        eContent: new asn1js.OctetString({
          valueHex: demoData,

      signedData.encapContentInfo.eContent = contentInfo.eContent;

      await signedData.sign(privateKey, 0, "sha-256");

      var cms = new pkijs.ContentInfo({
        contentType: "1.2.840.113549.1.7.2",
        content: signedData.toSchema(true),
      var result = cms.toSchema().toBER(false);
      var pem = formatPEM(result, "CMS");

      output.innerHTML = pem;
    } catch (error) {
      alert('Failed to sign CMS');
  var fortifyCertificates = document.createElement('peculiar-fortify-certificates');
  // All possible propertiest you can find on the documentation page
  fortifyCertificates.debug = true;
  fortifyCertificates.filters = {
    //   onlySmartcards: false,
    //   expired: false,
    onlyWithPrivateKey: true,
    //   subjectDNMatch: 'apple',
    //   subjectDNMatch: new RegExp(/apple/),
    //   issuerDNMatch: 'demo',
    //   issuerDNMatch: new RegExp(/demo/),
    //   providerNameMatch: 'MacOS',
    //   providerNameMatch: new RegExp(/MacOS/),
    //   keyUsage: ['digitalSignature'],
    //   certificateIdMatch: 'test',

  fortifyCertificates.addEventListener('selectionCancel', function() {

  fortifyCertificates.addEventListener('selectionSuccess', continueHandler);