Skip to content
Browse files

4.2.0 release

  • Loading branch information...
1 parent 94a8113 commit 3309d7f0b54d18ae53ce7e8291ae557e41a2b259 @kjur committed Oct 6, 2013
Showing with 6,106 additions and 4,416 deletions.
  1. +19 −0 ChangeLog.txt
  2. +6 −6 api/files.html
  3. +22 −15 api/symbols/KEYUTIL.html
  4. +13 −10 api/symbols/KJUR.asn1.x509.Certificate.html
  5. +18 −9 api/symbols/KJUR.asn1.x509.SubjectPublicKeyInfo.html
  6. +138 −3 api/symbols/KJUR.asn1.x509.TBSCertificate.html
  7. +6 −6 api/symbols/KJUR.crypto.DSA.html
  8. +46 −22 api/symbols/KJUR.crypto.Signature.html
  9. +3 −3 api/symbols/KJUR.crypto.html
  10. +0 −61 api/symbols/RSAKey.html
  11. +60 −0 api/symbols/X509.html
  12. +1,681 −1,462 api/symbols/src/asn1x509-1.0.js.html
  13. +1,018 −1,040 api/symbols/src/crypto-1.1.js.html
  14. +323 −321 api/symbols/src/dsa-modified-1.0.js.html
  15. +507 −505 api/symbols/src/ecdsa-modified-1.0.js.html
  16. +482 −407 api/symbols/src/keyutil-1.0.js.html
  17. +347 −336 api/symbols/src/x509-1.1.js.html
  18. +249 −31 asn1x509-1.0.js
  19. +2 −2 asn1x509-1.0.min.js
  20. +59 −81 crypto-1.1.js
  21. +2 −2 crypto-1.1.min.js
  22. +12 −8 dsa-modified-1.0.js
  23. +2 −2 dsa-modified-1.0.min.js
  24. +8 −6 ecdsa-modified-1.0.js
  25. +2 −2 ecdsa-modified-1.0.min.js
  26. +1 −1 ext/rsa-min.js
  27. +2 −1 ext/rsa.js
  28. +1 −1 ext/rsa2-min.js
  29. +2 −1 ext/rsa2.js
  30. +12 −7 index.html
  31. +249 −0 jsrsasign-4.2.0-all-min.js
  32. +15 −15 jsrsasign-latest-all-min.js
  33. +93 −18 keyutil-1.0.js
  34. +2 −2 keyutil-1.0.min.js
  35. +240 −0 test/qunit-do-asn1x509-newcrt.html
  36. +18 −1 test/qunit-do-crypto-sigini.html
  37. +210 −0 test/qunit-do-crypto-siginidsa.html
  38. +7 −7 test/qunit-do-dsa.html
  39. +196 −0 test/qunit-do-keyutil-dsa.html
  40. +31 −20 x509-1.1.js
  41. +2 −2 x509-1.1.min.js
View
19 ChangeLog.txt
@@ -1,6 +1,25 @@
ChangeLog for jsrsasign
+* Changes between 4.1.6 to 4.2.0 (2013-Oct-06)
+ - DSA support added to most of classes.
+ - now RSAKey/KJUR.crypto.{ECDSA,DSA} class has new properties
+ isPrivate and isPublic
+ - asn1x509 1.0.5 to 1.0.6
+ - new X509Util.newCertPEM method is added to provate
+ easy certificate issuance by JSON object.
+ - DSA/ECDSA support added to Signature, TBSCertificate,
+ AlgorithmIdentifier and SubjectPublicKeyInfo classes
+ - keyutil 1.0.2 to 1.0.3
+ - provide support for DSA
+ - getKey
+ - getKeyFromPublicPKCS8Hex,parsePublicPKCS8Hex
+ - x509 1.1.1 to 1.1.2
+ - ECDSA,DSA support added in X509.getPublicKeyFromCertPEM
+ - dsa-modified 1.0.0 to 1.0.1
+ - method setPrivateKey, setPublicKey are changed to
+ setPrivate and setPublic respectively to align RSA/ECDSA class.
+
* Changes between 4.1.5 to 4.1.6 (2013-Oct-02)
- newly dsa-modified 1.0.0 added
- This is a DSA algorithm ported from github.com/openpgpjs
View
12 api/files.html
@@ -365,7 +365,7 @@ <h1 class="classTitle">File Index</h1>
<dt class="heading">Version:</dt>
- <dd>1.0.4 (2013-May-30)</dd>
+ <dd>1.0.6 (2013-Oct-06)</dd>
@@ -396,7 +396,7 @@ <h1 class="classTitle">File Index</h1>
<dt class="heading">Version:</dt>
- <dd>1.1.4 (2013-Sep-24)</dd>
+ <dd>1.1.5 (2013-Oct-06)</dd>
@@ -415,7 +415,7 @@ <h1 class="classTitle">File Index</h1>
<dt class="heading">Version:</dt>
- <dd>1.0.0 (2013-Oct-02)</dd>
+ <dd>1.0.1 (2013-Oct-06)</dd>
@@ -434,7 +434,7 @@ <h1 class="classTitle">File Index</h1>
<dt class="heading">Version:</dt>
- <dd>1.0.3 (2013-Aug-27)</dd>
+ <dd>1.0.4 (2013-Oct-06)</dd>
@@ -472,7 +472,7 @@ <h1 class="classTitle">File Index</h1>
<dt class="heading">Version:</dt>
- <dd>keyutil 1.0.2 (2013-Oct-02)</dd>
+ <dd>keyutil 1.0.3 (2013-Oct-06)</dd>
@@ -548,7 +548,7 @@ <h1 class="classTitle">File Index</h1>
<dt class="heading">Version:</dt>
- <dd>x509 1.1.1 (2013-Aug-22)</dd>
+ <dd>x509 1.1.2 (2013-Oct-06)</dd>
View
37 api/symbols/KEYUTIL.html
@@ -473,8 +473,9 @@ <h1 class="classTitle">
<td class="nameDescription">
<div class="fixedFont">KEYUTIL.<b><a href="../symbols/KEYUTIL.html#.getKey">getKey</a></b>(param, passcode, hextype)
</div>
- <div class="description">This method gets private or public key object(<a href="../symbols/RSAKey.html">RSAKey</a> or <a href="../symbols/KJUR.crypto.ECDSA.html">KJUR.crypto.ECDSA</a>)
-for RSA and ECC.</div>
+ <div class="description">get private or public key object from any arguments
+This method gets private or public key object(<a href="../symbols/RSAKey.html">RSAKey</a>, <a href="../symbols/KJUR.crypto.DSA.html">KJUR.crypto.DSA</a> or <a href="../symbols/KJUR.crypto.ECDSA.html">KJUR.crypto.ECDSA</a>)
+for RSA, DSA and ECC.</div>
</td>
</tr>
@@ -519,7 +520,7 @@ <h1 class="classTitle">
<td class="nameDescription">
<div class="fixedFont">KEYUTIL.<b><a href="../symbols/KEYUTIL.html#.getKeyFromPublicPKCS8Hex">getKeyFromPublicPKCS8Hex</a></b>(pkcsPub8Hex)
</div>
- <div class="description">get RSAKey/ECDSA public key object from hexadecimal string of PKCS#8 public key</div>
+ <div class="description">get RSAKey/DSA/ECDSA public key object from hexadecimal string of PKCS#8 public key</div>
</td>
</tr>
@@ -702,7 +703,7 @@ <h1 class="classTitle">
<td class="nameDescription">
<div class="fixedFont">KEYUTIL.<b><a href="../symbols/KEYUTIL.html#.parsePublicPKCS8Hex">parsePublicPKCS8Hex</a></b>(pkcs8PubHex)
</div>
- <div class="description">parse hexadecimal string of PKCS#8 public key
+ <div class="description">parse hexadecimal string of PKCS#8 RSA/EC/DSA public key
Resulted hash has following attributes.</div>
</td>
</tr>
@@ -1267,26 +1268,32 @@ <h1 class="classTitle">
</div>
<div class="description">
- This method gets private or public key object(<a href="../symbols/RSAKey.html">RSAKey</a> or <a href="../symbols/KJUR.crypto.ECDSA.html">KJUR.crypto.ECDSA</a>)
-for RSA and ECC.
+ get private or public key object from any arguments
+This method gets private or public key object(<a href="../symbols/RSAKey.html">RSAKey</a>, <a href="../symbols/KJUR.crypto.DSA.html">KJUR.crypto.DSA</a> or <a href="../symbols/KJUR.crypto.ECDSA.html">KJUR.crypto.ECDSA</a>)
+for RSA, DSA and ECC.
Arguments for this methods depends on a key format you specify.
Following key representations are supported.
<ul>
<li>ECC private/public key object(as is): param=KJUR.crypto.ECDSA</li>
+<li>DSA private/public key object(as is): param=KJUR.crypto.DSA</li>
<li>RSA private/public key object(as is): param=RSAKey </li>
<li>ECC private key parameters: param={d: d, curve: curveName}</li>
<li>RSA private key parameters: param={n: n, e: e, d: d, p: p, q: q, dp: dp, dq: dq, co: co}<br/>
NOTE: Each value shall be hexadecimal string of key spec.</li>
+<li>DSA private key parameters: param={p: p, q: q, g: g, y: y, x: x}<br/>
+NOTE: Each value shall be hexadecimal string of key spec.</li>
<li>ECC public key parameters: param={xy: xy, curve: curveName}<br/>
NOTE: ECC public key 'xy' shall be concatination of "04", x-bytes-hex and y-bytes-hex.</li>
+<li>DSA public key parameters: param={p: p, q: q, g: g, y: y}<br/>
+NOTE: Each value shall be hexadecimal string of key spec.</li>
<li>RSA public key parameters: param={n: n, e: e} </li>
-<li>X.509 PEM certificate (RSA/ECC): param=pemString</li>
+<li>X.509 PEM certificate (RSA/DSA/ECC): param=pemString</li>
<li>PKCS#8 hexadecimal RSA/ECC public key: param=pemString, null, "pkcs8pub"</li>
-<li>PKCS#8 PEM RSA/ECC public key: param=pemString</li>
+<li>PKCS#8 PEM RSA/DSA/ECC public key: param=pemString</li>
<li>PKCS#5 plain hexadecimal RSA private key: param=hexString, null, "pkcs5prv"</li>
-<li>PKCS#5 plain PEM RSA private key: param=pemString</li>
+<li>PKCS#5 plain PEM DSA/RSA private key: param=pemString</li>
<li>PKCS#8 plain PEM RSA/ECDSA private key: param=pemString</li>
-<li>PKCS#5 encrypted PEM RSA private key: param=pemString, passcode</li>
+<li>PKCS#5 encrypted PEM RSA/DSA private key: param=pemString, passcode</li>
<li>PKCS#8 encrypted PEM RSA/ECDSA private key: param=pemString, passcode</li>
</ul>
Please note following limitation on encrypted keys:
@@ -1337,7 +1344,7 @@ <h1 class="classTitle">
<dl class="detailList">
<dt class="heading">Returns:</dt>
- <dd><span class="light fixedFont">{Object}</span> <a href="../symbols/RSAKey.html">RSAKey</a> or <a href="../symbols/KJUR.crypto.ECDSA.html">KJUR.crypto.ECDSA</a> object</dd>
+ <dd><span class="light fixedFont">{Object}</span> <a href="../symbols/RSAKey.html">RSAKey</a>, <a href="../symbols/KJUR.crypto.ECDSA.html">KJUR.crypto.ECDSA</a> or <a href="../symbols/KJUR.crypto.ECDSA.html">KJUR.crypto.ECDSA</a> object</dd>
</dl>
@@ -1562,7 +1569,7 @@ <h1 class="classTitle">
</div>
<div class="description">
- get RSAKey/ECDSA public key object from hexadecimal string of PKCS#8 public key
+ get RSAKey/DSA/ECDSA public key object from hexadecimal string of PKCS#8 public key
</div>
@@ -1594,7 +1601,7 @@ <h1 class="classTitle">
<dl class="detailList">
<dt class="heading">Returns:</dt>
- <dd><span class="light fixedFont">{Object}</span> RSAKey or KJUR.crypto.ECDSA private key object</dd>
+ <dd><span class="light fixedFont">{Object}</span> RSAKey or KJUR.crypto.{ECDSA,DSA} private key object</dd>
</dl>
@@ -2473,11 +2480,11 @@ <h1 class="classTitle">
</div>
<div class="description">
- parse hexadecimal string of PKCS#8 public key
+ parse hexadecimal string of PKCS#8 RSA/EC/DSA public key
Resulted hash has following attributes.
<ul>
<li>algoid - hexadecimal string of OID of asymmetric key algorithm</li>
-<li>algparam - hexadecimal string of OID of ECC curve name or null</li>
+<li>algparam - hexadecimal string of OID of ECC curve name, parameter SEQUENCE of DSA or null</li>
<li>key - hexadecimal string of public key</li>
</ul>
View
23 api/symbols/KJUR.asn1.x509.Certificate.html
@@ -362,9 +362,11 @@ <h1 class="classTitle">
following properties:
<ul>
<li>tbscertobj - specify <a href="../symbols/KJUR.asn1.x509.TBSCertificate.html">KJUR.asn1.x509.TBSCertificate</a> object</li>
-<li>rsaprvkey - specify <a href="../symbols/RSAKey.html">RSAKey</a> object CA private key</li>
+<li>prvkeyobj - specify <a href="../symbols/RSAKey.html">RSAKey</a>, <a href="../symbols/KJUR.crypto.ECDSA.html">KJUR.crypto.ECDSA</a> or <a href="../symbols/KJUR.crypto.DSA.html">KJUR.crypto.DSA</a> object for CA private key to sign the certificate</li>
+<li>(DEPRECATED)rsaprvkey - specify <a href="../symbols/RSAKey.html">RSAKey</a> object CA private key</li>
+<li>(DEPRECATED)rsaprvpem - specify PEM string of RSA CA private key</li>
</ul>
-NOTE: 'params' can be omitted.</div>
+NOTE1: 'params' can be omitted.</div>
</td>
</tr>
</tbody>
@@ -459,20 +461,21 @@ <h1 class="classTitle">
following properties:
<ul>
<li>tbscertobj - specify <a href="../symbols/KJUR.asn1.x509.TBSCertificate.html">KJUR.asn1.x509.TBSCertificate</a> object</li>
-<li>rsaprvkey - specify <a href="../symbols/RSAKey.html">RSAKey</a> object CA private key</li>
+<li>prvkeyobj - specify <a href="../symbols/RSAKey.html">RSAKey</a>, <a href="../symbols/KJUR.crypto.ECDSA.html">KJUR.crypto.ECDSA</a> or <a href="../symbols/KJUR.crypto.DSA.html">KJUR.crypto.DSA</a> object for CA private key to sign the certificate</li>
+<li>(DEPRECATED)rsaprvkey - specify <a href="../symbols/RSAKey.html">RSAKey</a> object CA private key</li>
+<li>(DEPRECATED)rsaprvpem - specify PEM string of RSA CA private key</li>
</ul>
-NOTE: 'params' can be omitted.
-<h4>EXAMPLE</h4>
+NOTE1: 'params' can be omitted.<br/>
+NOTE2: DSA/ECDSA is also supported for CA signging key from asn1x509 1.0.6.
</div>
- <pre class="code">var prvKey = new RSAKey(); // CA's private key
-prvKey.readPrivateKeyFromASN1HexString("3080...");
-var cert = new KJUR.asn1x509.Certificate({'tbscertobj': tbs, 'rsaprvkey': prvKey});
+ <pre class="code">var caKey = KEYUTIL.getKey(caKeyPEM); // CA's private key
+var cert = new KJUR.asn1x509.Certificate({'tbscertobj': tbs, 'prvkeyobj': caKey});
cert.sign(); // issue certificate by CA's private key
-var hCert = cert.getEncodedHex();
+var certPEM = cert.getPEMString();
// Certificate ::= SEQUENCE {
// tbsCertificate TBSCertificate,
@@ -490,7 +493,7 @@ <h1 class="classTitle">
<span class="light fixedFont">{Array}</span> <b>params</b>
</dt>
- <dd>associative array of parameters (ex. {'tbscertobj': obj, 'rsaprvkey': key})</dd>
+ <dd>associative array of parameters (ex. {'tbscertobj': obj, 'prvkeyobj': key})</dd>
</dl>
View
27 api/symbols/KJUR.asn1.x509.SubjectPublicKeyInfo.html
@@ -361,10 +361,13 @@ <h1 class="classTitle">
As for argument 'params' for constructor, you can specify one of
following properties:
<ul>
-<li>rsakey - specify <a href="../symbols/RSAKey.html">RSAKey</a> object of subject public key</li>
-<li>rsapem - specify a string of PEM public key of RSA key</li>
+<li><a href="../symbols/RSAKey.html">RSAKey</a> object</li>
+<li><a href="../symbols/KJUR.crypto.ECDSA.html">KJUR.crypto.ECDSA</a> object</li>
+<li><a href="../symbols/KJUR.crypto.DSA.html">KJUR.crypto.DSA</a> object</li>
+<li>(DEPRECATED)rsakey - specify <a href="../symbols/RSAKey.html">RSAKey</a> object of subject public key</li>
+<li>(DEPRECATED)rsapem - specify a string of PEM public key of RSA key</li>
</ul>
-NOTE: 'params' can be omitted.</div>
+NOTE1: 'params' can be omitted.</div>
</td>
</tr>
</tbody>
@@ -447,17 +450,23 @@ <h1 class="classTitle">
As for argument 'params' for constructor, you can specify one of
following properties:
<ul>
-<li>rsakey - specify <a href="../symbols/RSAKey.html">RSAKey</a> object of subject public key</li>
-<li>rsapem - specify a string of PEM public key of RSA key</li>
+<li><a href="../symbols/RSAKey.html">RSAKey</a> object</li>
+<li><a href="../symbols/KJUR.crypto.ECDSA.html">KJUR.crypto.ECDSA</a> object</li>
+<li><a href="../symbols/KJUR.crypto.DSA.html">KJUR.crypto.DSA</a> object</li>
+<li>(DEPRECATED)rsakey - specify <a href="../symbols/RSAKey.html">RSAKey</a> object of subject public key</li>
+<li>(DEPRECATED)rsapem - specify a string of PEM public key of RSA key</li>
</ul>
-NOTE: 'params' can be omitted.
+NOTE1: 'params' can be omitted.<br/>
+NOTE2: DSA/ECDSA key object is also supported since asn1x509 1.0.6.<br/>
<h4>EXAMPLE</h4>
</div>
- <pre class="code"></pre>
+ <pre class="code">var spki = new KJUR.asn1.x509.SubjectPublicKeyInfo(RSAKey_object);
+var spki = new KJUR.asn1.x509.SubjectPublicKeyInfo(KJURcryptoECDSA_object);
+var spki = new KJUR.asn1.x509.SubjectPublicKeyInfo(KJURcryptoDSA_object);</pre>
@@ -467,10 +476,10 @@ <h1 class="classTitle">
<dt class="heading">Parameters:</dt>
<dt>
- <span class="light fixedFont">{Array}</span> <b>params</b>
+ <span class="light fixedFont">{Object}</span> <b>params</b>
</dt>
- <dd>associative array of parameters (ex. {'rsakey': key})</dd>
+ <dd>parameter for subject public key</dd>
</dl>
View
141 api/symbols/KJUR.asn1.x509.TBSCertificate.html
@@ -404,6 +404,16 @@ <h1 class="classTitle">
<tr>
<td class="attributes">&lt;static&gt; &nbsp;</td>
<td class="nameDescription">
+ <div class="fixedFont">KJUR.asn1.x509.TBSCertificate.<b><a href="../symbols/KJUR.asn1.x509.TBSCertificate.html#.appendExtensionByName">appendExtensionByName</a></b>(name, extParams)
+ </div>
+ <div class="description">append X.509v3 extension to this object by name and parameters
+</div>
+ </td>
+ </tr>
+
+ <tr>
+ <td class="attributes">&lt;static&gt; &nbsp;</td>
+ <td class="nameDescription">
<div class="fixedFont">KJUR.asn1.x509.TBSCertificate.<b><a href="../symbols/KJUR.asn1.x509.TBSCertificate.html#.setIssuerByParam">setIssuerByParam</a></b>(x500NameParam)
</div>
<div class="description">set issuer name field by parameter
@@ -464,9 +474,19 @@ <h1 class="classTitle">
<tr>
<td class="attributes">&lt;static&gt; &nbsp;</td>
<td class="nameDescription">
+ <div class="fixedFont">KJUR.asn1.x509.TBSCertificate.<b><a href="../symbols/KJUR.asn1.x509.TBSCertificate.html#.setSubjectPublicKeyByGetKey">setSubjectPublicKeyByGetKey</a></b>(keyParam)
+ </div>
+ <div class="description">set subject public key info by RSA/ECDSA/DSA key parameter
+</div>
+ </td>
+ </tr>
+
+ <tr>
+ <td class="attributes">&lt;static&gt; &nbsp;</td>
+ <td class="nameDescription">
<div class="fixedFont">KJUR.asn1.x509.TBSCertificate.<b><a href="../symbols/KJUR.asn1.x509.TBSCertificate.html#.setSubjectPublicKeyByParam">setSubjectPublicKeyByParam</a></b>(subjPKeyParam)
</div>
- <div class="description">set subject public key info field by parameter
+ <div class="description">(DEPRECATED) set subject public key info field by RSA key parameter
</div>
</td>
</tr>
@@ -598,6 +618,63 @@ <h1 class="classTitle">
<hr />
+ <a name=".appendExtensionByName"> </a>
+ <div class="fixedFont">&lt;static&gt;
+
+
+ <span class="light">KJUR.asn1.x509.TBSCertificate.</span><b>appendExtensionByName</b>(name, extParams)
+
+ </div>
+ <div class="description">
+ append X.509v3 extension to this object by name and parameters
+
+
+
+ </div>
+
+
+
+ <pre class="code">tbsc.appendExtensionByName('BasicConstraints', {'cA':true, 'critical': true});
+tbsc.appendExtensionByName('KeyUsage', {'bin':'11'});
+tbsc.appendExtensionByName('CRLDistributionPoints', {uri: 'http://aaa.com/a.crl'});
+tbsc.appendExtensionByName('ExtKeyUsage', {array: [{name: 'clientAuth'}]});</pre>
+
+
+
+
+ <dl class="detailList">
+ <dt class="heading">Parameters:</dt>
+
+ <dt>
+ <span class="light fixedFont">{name}</span> <b>name</b>
+
+ </dt>
+ <dd>name of X.509v3 Extension object</dd>
+
+ <dt>
+ <span class="light fixedFont">{Array}</span> <b>extParams</b>
+
+ </dt>
+ <dd>parameters as argument of Extension constructor.</dd>
+
+ </dl>
+
+
+
+
+
+
+
+ <dl class="detailList">
+ <dt class="heading">See:</dt>
+
+ <dd><a href="../symbols/KJUR.asn1.x509.Extension.html">KJUR.asn1.x509.Extension</a></dd>
+
+ </dl>
+
+
+ <hr />
+
<a name=".setIssuerByParam"> </a>
<div class="fixedFont">&lt;static&gt;
@@ -872,6 +949,64 @@ <h1 class="classTitle">
<hr />
+ <a name=".setSubjectPublicKeyByGetKey"> </a>
+ <div class="fixedFont">&lt;static&gt;
+
+
+ <span class="light">KJUR.asn1.x509.TBSCertificate.</span><b>setSubjectPublicKeyByGetKey</b>(keyParam)
+
+ </div>
+ <div class="description">
+ set subject public key info by RSA/ECDSA/DSA key parameter
+
+
+
+ </div>
+
+
+
+ <pre class="code">tbsc.setSubjectPublicKeyByGetKeyParam(certPEMString); // or
+tbsc.setSubjectPublicKeyByGetKeyParam(pkcs8PublicKeyPEMString); // or
+tbsc.setSubjectPublicKeyByGetKeyParam(kjurCryptoECDSAKeyObject); // et.al.</pre>
+
+
+
+
+ <dl class="detailList">
+ <dt class="heading">Parameters:</dt>
+
+ <dt>
+ <span class="light fixedFont">{Object}</span> <b>keyParam</b>
+
+ </dt>
+ <dd>public key parameter which passed to <a href="../symbols/KEYUTIL.html#.getKey">KEYUTIL.getKey</a> argument</dd>
+
+ </dl>
+
+
+
+ <dl class="detailList">
+ <dt class="heading">Since:</dt>
+ <dd>asn1x509 1.0.6</dd>
+ </dl>
+ </dl>
+
+
+
+
+
+ <dl class="detailList">
+ <dt class="heading">See:</dt>
+
+ <dd><a href="../symbols/KJUR.asn1.x509.SubjectPublicKeyInfo.html">KJUR.asn1.x509.SubjectPublicKeyInfo</a></dd>
+
+ <dd><a href="../symbols/KEYUTIL.html#.getKey">KEYUTIL.getKey</a></dd>
+
+ </dl>
+
+
+ <hr />
+
<a name=".setSubjectPublicKeyByParam"> </a>
<div class="fixedFont">&lt;static&gt;
@@ -880,7 +1015,7 @@ <h1 class="classTitle">
</div>
<div class="description">
- set subject public key info field by parameter
+ (DEPRECATED) set subject public key info field by RSA key parameter
@@ -900,7 +1035,7 @@ <h1 class="classTitle">
<span class="light fixedFont">{Array}</span> <b>subjPKeyParam</b>
</dt>
- <dd>SubjectPublicKeyInfo parameter</dd>
+ <dd>SubjectPublicKeyInfo parameter of RSA</dd>
</dl>
View
12 api/symbols/KJUR.crypto.DSA.html
@@ -391,7 +391,7 @@ <h1 class="classTitle">
<tr>
<td class="attributes">&lt;static&gt; &nbsp;</td>
- <td class="nameDescription">
+ <td class="nameDescription">
<div class="fixedFont">KJUR.crypto.DSA.<b><a href="../symbols/KJUR.crypto.DSA.html#.setPrivate">setPrivate</a></b>(p, q, g, y, x)
</div>
<div class="description">set DSA private key by key specs</div>
@@ -400,7 +400,7 @@ <h1 class="classTitle">
<tr>
<td class="attributes">&lt;static&gt; &nbsp;</td>
- <td class="nameDescription">
+ <td class="nameDescription">
<div class="fixedFont">KJUR.crypto.DSA.<b><a href="../symbols/KJUR.crypto.DSA.html#.setPublic">setPublic</a></b>(p, q, g, y)
</div>
<div class="description">set DSA public key by key specs</div>
@@ -522,11 +522,11 @@ <h1 class="classTitle">
<dt class="heading">Returns:</dt>
<dd><span class="light fixedFont">{Array}</span> array [s1, s2] of DSA signature value. Both s1 and s2 are BigInteger.</dd>
-
+
</dl>
-
+
<hr />
@@ -588,11 +588,11 @@ <h1 class="classTitle">
<dd>dsa-modified 1.0.0</dd>
</dl>
</dl>
-
+
-
+
<hr />
View
68 api/symbols/KJUR.crypto.Signature.html
@@ -417,7 +417,8 @@ <h1 class="classTitle">
</div>
<div class="description">Initialize this object for signing or verifying depends on key
This method is very useful initialize method for Signature class since
-you just specify key then this method will automatically initialize it.</div>
+you just specify key then this method will automatically initialize it
+using <a href="../symbols/KEYUTIL.html#.getKey">KEYUTIL.getKey</a> method.</div>
</td>
</tr>
@@ -555,9 +556,8 @@ <h1 class="classTitle">
<br/>
As for params of constructor's argument, it can be specify following attributes:
<ul>
-<li>alg - signature algorithm name (ex. {MD5,SHA1,SHA224,SHA256,SHA384,SHA512,RIPEMD160}withRSA)</li>
+<li>alg - signature algorithm name (ex. {MD5,SHA1,SHA224,SHA256,SHA384,SHA512,RIPEMD160}with{RSA,ECDSA,DSA})</li>
<li>provider - currently 'cryptojs/jsrsa' only</li>
-<li>prvkeypem - PEM string of signer's private key. If this specified, no need to call initSign(prvKey).</li>
</ul>
<h4>SUPPORTED ALGORITHMS AND PROVIDERS</h4>
This Signature class supports following signature algorithm and provider names:
@@ -583,44 +583,44 @@ <h1 class="classTitle">
<li>SHA384withRSAandMGF1 - cryptojs/jsrsa</li>
<li>SHA512withRSAandMGF1 - cryptojs/jsrsa</li>
<li>RIPEMD160withRSAandMGF1 - cryptojs/jsrsa</li>
+<li>SHA1withDSA - cryptojs/jsrsa</li>
+<li>SHA224withDSA - cryptojs/jsrsa</li>
+<li>SHA256withDSA - cryptojs/jsrsa</li>
</ul>
Here are supported elliptic cryptographic curve names and their aliases for ECDSA:
<ul>
<li>secp256k1</li>
<li>secp256r1, NIST P-256, P-256, prime256v1</li>
<li>secp384r1, NIST P-384, P-384</li>
</ul>
+NOTE1: DSA signing algorithm is also supported since crypto 1.1.5.
<h4>EXAMPLES</h4>
</div>
<pre class="code">// RSA signature generation
-var sig = new KJUR.crypto.Signature({"alg": "SHA1withRSA", "prov": "cryptojs/jsrsa"});
-sig.initSign(prvKey);
+var sig = new KJUR.crypto.Signature({"alg": "SHA1withRSA"});
+sig.init(prvKeyPEM);
sig.updateString('aaa');
var hSigVal = sig.sign();
-// RSA signature validation
-var sig2 = new KJUR.crypto.Signature({"alg": "SHA1withRSA", "prov": "cryptojs/jsrsa"});
-sig2.initVerifyByCertificatePEM(cert)
+// DSA signature validation
+var sig2 = new KJUR.crypto.Signature({"alg": "SHA1withDSA"});
+sig2.init(certPEM);
sig.updateString('aaa');
var isValid = sig2.verify(hSigVal);
-// EC key generation
-var ec = new KJUR.crypto.ECDSA({'curve': 'secp256r1'});
-var keypair = ec.generateKeyPairHex();
-
// ECDSA signing
-var sig = new KJUR.crypto.Signature({'alg':'SHA1withECDSA', 'prov':'cryptojs/jsrsa'});
-sig.initSign({'ecprvhex': keypair.ecprvhex, 'eccurvename': 'secp256r1'});
+var sig = new KJUR.crypto.Signature({'alg':'SHA1withECDSA'});
+sig.init(prvKeyPEM);
sig.updateString('aaa');
var sigValueHex = sig.sign();
// ECDSA verifying
-var sig2 = new KJUR.crypto.Signature({'alg':'SHA1withECDSA', 'prov':'cryptojs/jsrsa'});
-sig.initVerifyByPublicKey({'ecpubhex': keypair.ecpubhex, 'eccurvename': 'secp256r1'});
+var sig2 = new KJUR.crypto.Signature({'alg':'SHA1withECDSA'});
+sig.init(certPEM);
sig.updateString('aaa');
var isValid = sig.verify(sigValueHex);</pre>
@@ -695,24 +695,27 @@ <h1 class="classTitle">
<div class="description">
Initialize this object for signing or verifying depends on key
This method is very useful initialize method for Signature class since
-you just specify key then this method will automatically initialize it.
+you just specify key then this method will automatically initialize it
+using <a href="../symbols/KEYUTIL.html#.getKey">KEYUTIL.getKey</a> method.
As for 'key', following argument type are supported:
<h5>signing</h5>
<ul>
<li>PEM formatted PKCS#8 encrypted RSA/ECDSA private key concluding "BEGIN ENCRYPTED PRIVATE KEY"</li>
-<li>PEM formatted PKCS#5 encrypted RSA private key concluding "BEGIN RSA PRIVATE KEY" and ",ENCRYPTED"</li>
+<li>PEM formatted PKCS#5 encrypted RSA/DSA private key concluding "BEGIN RSA/DSA PRIVATE KEY" and ",ENCRYPTED"</li>
<li>PEM formatted PKCS#8 plain RSA/ECDSA private key concluding "BEGIN PRIVATE KEY"</li>
-<li>PEM formatted PKCS#5 plain RSA private key concluding "BEGIN RSA PRIVATE KEY" without ",ENCRYPTED"</li>
+<li>PEM formatted PKCS#5 plain RSA/DSA private key concluding "BEGIN RSA/DSA PRIVATE KEY" without ",ENCRYPTED"</li>
<li>RSAKey object of private key</li>
<li>KJUR.crypto.ECDSA object of private key</li>
+<li>KJUR.crypto.DSA object of private key</li>
</ul>
<h5>verification</h5>
<ul>
-<li>PEM formatted PKCS#8 RSA/ECDSA public key concluding "BEGIN PUBLIC KEY"</li>
-<li>PEM formatted X.509 certificate with RSA/ECC public key concluding
+<li>PEM formatted PKCS#8 RSA/EC/DSA public key concluding "BEGIN PUBLIC KEY"</li>
+<li>PEM formatted X.509 certificate with RSA/EC/DSA public key concluding
"BEGIN CERTIFICATE", "BEGIN X509 CERTIFICATE" or "BEGIN TRUSTED CERTIFICATE".</li>
<li>RSAKey object of public key</li>
<li>KJUR.crypto.ECDSA object of public key</li>
+<li>KJUR.crypto.DSA object of public key</li>
</ul>
@@ -732,7 +735,7 @@ <h1 class="classTitle">
<span class="light fixedFont">{Object}</span> <b>key</b>
</dt>
- <dd>specifying public or private key as plain/encrypted PKCS#5/8 PEM file, certificate PEM or {@ RSAKey} or <a href="../symbols/KJUR.crypto.ECDSA.html">KJUR.crypto.ECDSA</a> object</dd>
+ <dd>specifying public or private key as plain/encrypted PKCS#5/8 PEM file, certificate PEM or <a href="../symbols/RSAKey.html">RSAKey</a>, <a href="../symbols/KJUR.crypto.DSA.html">KJUR.crypto.DSA</a> or <a href="../symbols/KJUR.crypto.ECDSA.html">KJUR.crypto.ECDSA</a> object</dd>
<dt>
<span class="light fixedFont">{String}</span> <b>pass</b>
@@ -796,6 +799,13 @@ <h1 class="classTitle">
</dl>
+ <dl class="detailList">
+ <dt class="heading">Deprecated:</dt>
+ <dt>
+ from crypto 1.1.5. please use init() method instead.
+ </dt>
+ </dl>
+
@@ -837,6 +847,13 @@ <h1 class="classTitle">
</dl>
+ <dl class="detailList">
+ <dt class="heading">Deprecated:</dt>
+ <dt>
+ from crypto 1.1.5. please use init() method instead.
+ </dt>
+ </dl>
+
<dl class="detailList">
<dt class="heading">Since:</dt>
@@ -891,6 +908,13 @@ <h1 class="classTitle">
</dl>
+ <dl class="detailList">
+ <dt class="heading">Deprecated:</dt>
+ <dt>
+ from crypto 1.1.5. please use init() method instead.
+ </dt>
+ </dl>
+
<dl class="detailList">
<dt class="heading">Since:</dt>
View
6 api/symbols/KJUR.crypto.html
@@ -437,7 +437,7 @@ <h1 class="classTitle">
<tr>
<td class="attributes">&lt;static&gt; &nbsp;</td>
<td class="nameDescription">
- <div class="fixedFont">KJUR.crypto.<b>init</b>(key, pass)
+ <div class="fixedFont">KJUR.crypto.<b>init</b>(keyparam, pass)
</div>
<div class="description"></div>
</td>
@@ -806,7 +806,7 @@ <h1 class="classTitle">
<div class="fixedFont">&lt;static&gt;
- <span class="light">KJUR.crypto.</span><b>init</b>(key, pass)
+ <span class="light">KJUR.crypto.</span><b>init</b>(keyparam, pass)
</div>
<div class="description">
@@ -822,7 +822,7 @@ <h1 class="classTitle">
<dt class="heading">Parameters:</dt>
<dt>
- <b>key</b>
+ <b>keyparam</b>
</dt>
<dd></dd>
View
61 api/symbols/RSAKey.html
@@ -379,15 +379,6 @@ <h1 class="classTitle">
<tbody>
<tr>
- <td class="attributes">&lt;static&gt; &nbsp;</td>
- <td class="nameDescription">
- <div class="fixedFont">RSAKey.<b><a href="../symbols/RSAKey.html#.getPublicKeyFromCertPEM">getPublicKeyFromCertPEM</a></b>(sCertPEM)
- </div>
- <div class="description">get RSAKey/ECDSA public key object from PEM certificate string</div>
- </td>
- </tr>
-
- <tr>
<td class="attributes">&nbsp;</td>
<td class="nameDescription">
<div class="fixedFont"><b><a href="../symbols/RSAKey.html#readPrivateKeyFromASN1HexString">readPrivateKeyFromASN1HexString</a></b>(keyHex)
@@ -525,58 +516,6 @@ <h1 class="classTitle">
Method Detail
</div>
- <a name=".getPublicKeyFromCertPEM"> </a>
- <div class="fixedFont">&lt;static&gt;
-
-
- <span class="light">RSAKey.</span><b>getPublicKeyFromCertPEM</b>(sCertPEM)
-
- </div>
- <div class="description">
- get RSAKey/ECDSA public key object from PEM certificate string
-
- <br />
- <i>Defined in: </i> <a href="../symbols/src/x509-1.1.js.html">x509-1.1.js</a>.
-
-
- </div>
-
-
-
-
- <dl class="detailList">
- <dt class="heading">Parameters:</dt>
-
- <dt>
- <span class="light fixedFont">{String}</span> <b>sCertPEM</b>
-
- </dt>
- <dd>PEM formatted X.509 certificate</dd>
-
- </dl>
-
-
-
- <dl class="detailList">
- <dt class="heading">Since:</dt>
- <dd>x509 1.1.1</dd>
- </dl>
- </dl>
-
-
-
- <dl class="detailList">
- <dt class="heading">Returns:</dt>
-
- <dd>returns RSAKey/KJUR.crypto.ECDSA object of public key</dd>
-
- </dl>
-
-
-
-
- <hr />
-
<a name="readPrivateKeyFromASN1HexString"> </a>
<div class="fixedFont">
View
60 api/symbols/X509.html
@@ -477,6 +477,16 @@ <h1 class="classTitle">
<tr>
<td class="attributes">&lt;static&gt; &nbsp;</td>
<td class="nameDescription">
+ <div class="fixedFont">X509.<b><a href="../symbols/X509.html#.getPublicKeyFromCertPEM">getPublicKeyFromCertPEM</a></b>(sCertPEM)
+ </div>
+ <div class="description">get RSAKey/ECDSA public key object from PEM certificate string
+NOTE: DSA is also supported since x509 1.1.2.</div>
+ </td>
+ </tr>
+
+ <tr>
+ <td class="attributes">&lt;static&gt; &nbsp;</td>
+ <td class="nameDescription">
<div class="fixedFont">X509.<b><a href="../symbols/X509.html#.getPublicKeyInfoPropOfCertPEM">getPublicKeyInfoPropOfCertPEM</a></b>(sCertPEM)
</div>
<div class="description">get public key information from PEM certificate
@@ -773,6 +783,56 @@ <h1 class="classTitle">
<hr />
+ <a name=".getPublicKeyFromCertPEM"> </a>
+ <div class="fixedFont">&lt;static&gt;
+
+
+ <span class="light">X509.</span><b>getPublicKeyFromCertPEM</b>(sCertPEM)
+
+ </div>
+ <div class="description">
+ get RSAKey/ECDSA public key object from PEM certificate string
+NOTE: DSA is also supported since x509 1.1.2.
+
+
+ </div>
+
+
+
+
+ <dl class="detailList">
+ <dt class="heading">Parameters:</dt>
+
+ <dt>
+ <span class="light fixedFont">{String}</span> <b>sCertPEM</b>
+
+ </dt>
+ <dd>PEM formatted RSA/ECDSA/DSA X.509 certificate</dd>
+
+ </dl>
+
+
+
+ <dl class="detailList">
+ <dt class="heading">Since:</dt>
+ <dd>x509 1.1.1</dd>
+ </dl>
+ </dl>
+
+
+
+ <dl class="detailList">
+ <dt class="heading">Returns:</dt>
+
+ <dd>returns RSAKey/KJUR.crypto.{ECDSA,DSA} object of public key</dd>
+
+ </dl>
+
+
+
+
+ <hr />
+
<a name=".getPublicKeyInfoPropOfCertPEM"> </a>
<div class="fixedFont">&lt;static&gt;
View
3,143 api/symbols/src/asn1x509-1.0.js.html
1,681 additions, 1,462 deletions not shown because the diff is too large. Please use a local Git client to view these changes.
View
2,058 api/symbols/src/crypto-1.1.js.html
1,018 additions, 1,040 deletions not shown because the diff is too large. Please use a local Git client to view these changes.
View
644 api/symbols/src/dsa-modified-1.0.js.html
323 additions, 321 deletions not shown because the diff is too large. Please use a local Git client to view these changes.
View
1,012 api/symbols/src/ecdsa-modified-1.0.js.html
507 additions, 505 deletions not shown because the diff is too large. Please use a local Git client to view these changes.
View
889 api/symbols/src/keyutil-1.0.js.html
482 additions, 407 deletions not shown because the diff is too large. Please use a local Git client to view these changes.
View
683 api/symbols/src/x509-1.1.js.html
347 additions, 336 deletions not shown because the diff is too large. Please use a local Git client to view these changes.
View
280 asn1x509-1.0.js
@@ -1,4 +1,4 @@
-/*! asn1x509-1.0.5.js (c) 2013 Kenji Urushima | kjur.github.com/jsrsasign/license
+/*! asn1x509-1.0.6.js (c) 2013 Kenji Urushima | kjur.github.com/jsrsasign/license
*/
/*
* asn1x509.js - ASN.1 DER encoder classes for X.509 certificate
@@ -16,7 +16,7 @@
* @fileOverview
* @name asn1x509-1.0.js
* @author Kenji Urushima kenji.urushima@gmail.com
- * @version 1.0.5 (2013-Sep-12)
+ * @version 1.0.6 (2013-Oct-06)
* @since jsrsasign 2.1
* @license <a href="http://kjur.github.io/jsrsasign/license/">MIT License</a>
*/
@@ -84,24 +84,25 @@ if (typeof KJUR.asn1.x509 == "undefined" || !KJUR.asn1.x509) KJUR.asn1.x509 = {}
* X.509 Certificate class to sign and generate hex encoded certificate
* @name KJUR.asn1.x509.Certificate
* @class X.509 Certificate class to sign and generate hex encoded certificate
- * @param {Array} params associative array of parameters (ex. {'tbscertobj': obj, 'rsaprvkey': key})
+ * @param {Array} params associative array of parameters (ex. {'tbscertobj': obj, 'prvkeyobj': key})
* @extends KJUR.asn1.ASN1Object
* @description
* <br/>
* As for argument 'params' for constructor, you can specify one of
* following properties:
* <ul>
* <li>tbscertobj - specify {@link KJUR.asn1.x509.TBSCertificate} object</li>
- * <li>rsaprvkey - specify {@link RSAKey} object CA private key</li>
+ * <li>prvkeyobj - specify {@link RSAKey}, {@link KJUR.crypto.ECDSA} or {@link KJUR.crypto.DSA} object for CA private key to sign the certificate</li>
+ * <li>(DEPRECATED)rsaprvkey - specify {@link RSAKey} object CA private key</li>
+ * <li>(DEPRECATED)rsaprvpem - specify PEM string of RSA CA private key</li>
* </ul>
- * NOTE: 'params' can be omitted.
- * <h4>EXAMPLE</h4>
+ * NOTE1: 'params' can be omitted.<br/>
+ * NOTE2: DSA/ECDSA is also supported for CA signging key from asn1x509 1.0.6.
* @example
- * var prvKey = new RSAKey(); // CA's private key
- * prvKey.readPrivateKeyFromASN1HexString("3080...");
- * var cert = new KJUR.asn1x509.Certificate({'tbscertobj': tbs, 'rsaprvkey': prvKey});
+ * var caKey = KEYUTIL.getKey(caKeyPEM); // CA's private key
+ * var cert = new KJUR.asn1x509.Certificate({'tbscertobj': tbs, 'prvkeyobj': caKey});
* cert.sign(); // issue certificate by CA's private key
- * var hCert = cert.getEncodedHex();
+ * var certPEM = cert.getPEMString();
*
* // Certificate ::= SEQUENCE {
* // tbsCertificate TBSCertificate,
@@ -114,7 +115,8 @@ KJUR.asn1.x509.Certificate = function(params) {
var asn1SignatureAlg = null;
var asn1Sig = null;
var hexSig = null;
- var rsaPrvKey = null;
+ var prvKey = null;
+ var rsaPrvKey = null; // DEPRECATED
/**
@@ -136,7 +138,7 @@ KJUR.asn1.x509.Certificate = function(params) {
var caKeyHex = PKCS5PKEY.getDecryptedKeyHex(rsaPEM, passPEM);
var caKey = new RSAKey();
caKey.readPrivateKeyFromASN1HexString(caKeyHex);
- this.rsaPrvKey = caKey;
+ this.prvKey = caKey;
};
/**
@@ -152,8 +154,8 @@ KJUR.asn1.x509.Certificate = function(params) {
this.sign = function() {
this.asn1SignatureAlg = this.asn1TBSCert.asn1SignatureAlg;
- sig = new KJUR.crypto.Signature({'alg': 'SHA1withRSA', 'prov': 'cryptojs/jsrsa'});
- sig.initSign(this.rsaPrvKey);
+ sig = new KJUR.crypto.Signature({'alg': 'SHA1withRSA'});
+ sig.init(this.prvKey);
sig.updateHex(this.asn1TBSCert.getEncodedHex());
this.hexSig = sig.sign();
@@ -195,10 +197,11 @@ KJUR.asn1.x509.Certificate = function(params) {
if (typeof params['tbscertobj'] != "undefined") {
this.asn1TBSCert = params['tbscertobj'];
}
- if (typeof params['rsaprvkey'] != "undefined") {
- this.rsaPrvKey = params['rsaprvkey'];
- }
- if ((typeof params['rsaprvpem'] != "undefined") &&
+ if (typeof params['prvkeyobj'] != "undefined") {
+ this.prvKey = params['prvkeyobj'];
+ } else if (typeof params['rsaprvkey'] != "undefined") {
+ this.prvKey = params['rsaprvkey'];
+ } else if ((typeof params['rsaprvpem'] != "undefined") &&
(typeof params['rsaprvpas'] != "undefined")) {
this.setRsaPrvKeyByPEMandPass(params['rsaprvpem'], params['rsaprvpas']);
}
@@ -334,11 +337,12 @@ KJUR.asn1.x509.TBSCertificate = function(params) {
};
/**
- * set subject public key info field by parameter
+ * (DEPRECATED) set subject public key info field by RSA key parameter
* @name setSubjectPublicKeyByParam
* @memberOf KJUR.asn1.x509.TBSCertificate
* @function
- * @param {Array} subjPKeyParam SubjectPublicKeyInfo parameter
+ * @param {Array} subjPKeyParam SubjectPublicKeyInfo parameter of RSA
+ * @deprecated
* @description
* @example
* tbsc.setSubjectPublicKeyByParam({'rsakey': pubKey});
@@ -349,6 +353,26 @@ KJUR.asn1.x509.TBSCertificate = function(params) {
};
/**
+ * set subject public key info by RSA/ECDSA/DSA key parameter
+ * @name setSubjectPublicKeyByGetKey
+ * @memberOf KJUR.asn1.x509.TBSCertificate
+ * @function
+ * @param {Object} keyParam public key parameter which passed to {@link KEYUTIL.getKey} argument
+ * @description
+ * @example
+ * tbsc.setSubjectPublicKeyByGetKeyParam(certPEMString); // or
+ * tbsc.setSubjectPublicKeyByGetKeyParam(pkcs8PublicKeyPEMString); // or
+ * tbsc.setSubjectPublicKeyByGetKeyParam(kjurCryptoECDSAKeyObject); // et.al.
+ * @see KJUR.asn1.x509.SubjectPublicKeyInfo
+ * @see KEYUTIL.getKey
+ * @since asn1x509 1.0.6
+ */
+ this.setSubjectPublicKeyByGetKey = function(keyParam) {
+ var keyObj = KEYUTIL.getKey(keyParam);
+ this.asn1SubjPKey = new KJUR.asn1.x509.SubjectPublicKeyInfo(keyObj);
+ };
+
+ /**
* append X.509v3 extension to this object
* @name appendExtension
* @memberOf KJUR.asn1.x509.TBSCertificate
@@ -364,6 +388,39 @@ KJUR.asn1.x509.TBSCertificate = function(params) {
this.extensionsArray.push(extObj);
};
+ /**
+ * append X.509v3 extension to this object by name and parameters
+ * @name appendExtensionByName
+ * @memberOf KJUR.asn1.x509.TBSCertificate
+ * @function
+ * @param {name} name name of X.509v3 Extension object
+ * @param {Array} extParams parameters as argument of Extension constructor.
+ * @description
+ * @example
+ * tbsc.appendExtensionByName('BasicConstraints', {'cA':true, 'critical': true});
+ * tbsc.appendExtensionByName('KeyUsage', {'bin':'11'});
+ * tbsc.appendExtensionByName('CRLDistributionPoints', {uri: 'http://aaa.com/a.crl'});
+ * tbsc.appendExtensionByName('ExtKeyUsage', {array: [{name: 'clientAuth'}]});
+ * @see KJUR.asn1.x509.Extension
+ */
+ this.appendExtensionByName = function(name, extParams) {
+ if (name.toLowerCase() == "basicconstraints") {
+ var extObj = new KJUR.asn1.x509.BasicConstraints(extParams);
+ this.appendExtension(extObj);
+ } else if (name.toLowerCase() == "keyusage") {
+ var extObj = new KJUR.asn1.x509.KeyUsage(extParams);
+ this.appendExtension(extObj);
+ } else if (name.toLowerCase() == "crldistributionpoints") {
+ var extObj = new KJUR.asn1.x509.CRLDistributionPoints(extParams);
+ this.appendExtension(extObj);
+ } else if (name.toLowerCase() == "extkeyusage") {
+ var extObj = new KJUR.asn1.x509.ExtKeyUsage(extParams);
+ this.appendExtension(extObj);
+ } else {
+ throw "unsupported extension name: " + name;
+ }
+ };
+
this.getEncodedHex = function() {
if (this.asn1NotBefore == null || this.asn1NotAfter == null)
throw "notBefore and/or notAfter not set";
@@ -1060,19 +1117,26 @@ YAHOO.lang.extend(KJUR.asn1.x509.AttributeTypeAndValue, KJUR.asn1.ASN1Object);
* SubjectPublicKeyInfo ASN.1 structure class
* @name KJUR.asn1.x509.SubjectPublicKeyInfo
* @class SubjectPublicKeyInfo ASN.1 structure class
- * @param {Array} params associative array of parameters (ex. {'rsakey': key})
+ * @param {Object} params parameter for subject public key
* @extends KJUR.asn1.ASN1Object
* @description
* <br/>
* As for argument 'params' for constructor, you can specify one of
* following properties:
* <ul>
- * <li>rsakey - specify {@link RSAKey} object of subject public key</li>
- * <li>rsapem - specify a string of PEM public key of RSA key</li>
+ * <li>{@link RSAKey} object</li>
+ * <li>{@link KJUR.crypto.ECDSA} object</li>
+ * <li>{@link KJUR.crypto.DSA} object</li>
+ * <li>(DEPRECATED)rsakey - specify {@link RSAKey} object of subject public key</li>
+ * <li>(DEPRECATED)rsapem - specify a string of PEM public key of RSA key</li>
* </ul>
- * NOTE: 'params' can be omitted.
+ * NOTE1: 'params' can be omitted.<br/>
+ * NOTE2: DSA/ECDSA key object is also supported since asn1x509 1.0.6.<br/>
* <h4>EXAMPLE</h4>
* @example
+ * var spki = new KJUR.asn1.x509.SubjectPublicKeyInfo(RSAKey_object);
+ * var spki = new KJUR.asn1.x509.SubjectPublicKeyInfo(KJURcryptoECDSA_object);
+ * var spki = new KJUR.asn1.x509.SubjectPublicKeyInfo(KJURcryptoDSA_object);
*/
KJUR.asn1.x509.SubjectPublicKeyInfo = function(params) {
KJUR.asn1.x509.SubjectPublicKeyInfo.superclass.constructor.call(this);
@@ -1139,13 +1203,50 @@ KJUR.asn1.x509.SubjectPublicKeyInfo = function(params) {
[this.asn1AlgId, this.asn1SubjPKey]});
this.hTLV = o.getEncodedHex();
return this.hTLV;
- }
+ };
+
+ this._setRSAKey = function(key) {
+ var asn1RsaPub = KJUR.asn1.ASN1Util.newObject({
+ 'seq': [{'int': {'bigint': key.n}}, {'int': {'int': key.e}}]
+ });
+ var rsaKeyHex = asn1RsaPub.getEncodedHex();
+ this.asn1AlgId = new KJUR.asn1.x509.AlgorithmIdentifier({'name':'rsaEncryption'});
+ this.asn1SubjPKey = new KJUR.asn1.DERBitString({'hex':'00'+rsaKeyHex});
+ };
+
+ this._setEC = function(key) {
+ var asn1Params = new KJUR.asn1.DERObjectIdentifier({'name': key.curveName});
+ this.asn1AlgId =
+ new KJUR.asn1.x509.AlgorithmIdentifier({'name': 'ecPublicKey',
+ 'asn1params': asn1Params});
+ this.asn1SubjPKey = new KJUR.asn1.DERBitString({'hex': '00' + key.pubKeyHex});
+ };
+
+ this._setDSA = function(key) {
+ var asn1Params = new KJUR.asn1.ASN1Util.newObject({
+ 'seq': [{'int': {'bigint': key.p}},
+ {'int': {'bigint': key.q}},
+ {'int': {'bigint': key.g}}]
+ });
+ this.asn1AlgId =
+ new KJUR.asn1.x509.AlgorithmIdentifier({'name': 'dsa',
+ 'asn1params': asn1Params});
+ var pubhex = KJUR.asn1.ASN1Util.bigIntToMinTwosComplementsHex(key.y);
+ this.asn1SubjPKey = new KJUR.asn1.DERBitString({'hex': '00' + pubhex});
+ };
if (typeof params != "undefined") {
- if (typeof params['rsakey'] != "undefined") {
+ if (typeof RSAKey != 'undefined' && params instanceof RSAKey) {
+ this._setRSAKey(params);
+ } else if (typeof KJUR.crypto.ECDSA != 'undefined' &&
+ params instanceof KJUR.crypto.ECDSA) {
+ this._setEC(params);
+ } else if (typeof KJUR.crypto.DSA != 'undefined' &&
+ params instanceof KJUR.crypto.DSA) {
+ this._setDSA(params);
+ } else if (typeof params['rsakey'] != "undefined") {
this.setRSAKey(params['rsakey']);
- }
- if (typeof params['rsapem'] != "undefined") {
+ } else if (typeof params['rsapem'] != "undefined") {
this.setRSAPEM(params['rsapem']);
}
}
@@ -1212,6 +1313,7 @@ KJUR.asn1.x509.AlgorithmIdentifier = function(params) {
var nameAlg = null;
var asn1Alg = null;
var asn1Params = null;
+ var paramEmpty = false;
this.getEncodedHex = function() {
if (this.nameAlg == null && this.asn1Alg == null) {
@@ -1220,8 +1322,9 @@ KJUR.asn1.x509.AlgorithmIdentifier = function(params) {
if (this.nameAlg != null && this.asn1Alg == null) {
this.asn1Alg = KJUR.asn1.x509.OID.name2obj(this.nameAlg);
}
- var o = new KJUR.asn1.DERSequence({'array':[this.asn1Alg,
- this.asn1Params]});
+ var a = [this.asn1Alg];
+ if (! this.paramEmpty) a.push(this.asn1Params);
+ var o = new KJUR.asn1.DERSequence({'array': a});
this.hTLV = o.getEncodedHex();
return this.hTLV;
};
@@ -1233,6 +1336,9 @@ KJUR.asn1.x509.AlgorithmIdentifier = function(params) {
if (typeof params['asn1params'] != "undefined") {
this.asn1Params = params['asn1params'];
}
+ if (typeof params['paramempty'] != "undefined") {
+ this.paramEmpty = params['paramempty'];
+ }
}
if (this.asn1Params == null) {
this.asn1Params = new KJUR.asn1.DERNull();
@@ -1453,7 +1559,27 @@ KJUR.asn1.x509.OID = new function(params) {
this.name2oidList = {
'sha384': '2.16.840.1.101.3.4.2.2',
'sha224': '2.16.840.1.101.3.4.2.4',
+
+ 'MD2withRSA': '1.2.840.113549.1.1.2',
+ 'MD4withRSA': '1.2.840.113549.1.1.3',
+ 'MD5withRSA': '1.2.840.113549.1.1.4',
'SHA1withRSA': '1.2.840.113549.1.1.5',
+ 'SHA224withRSA': '1.2.840.113549.1.1.14',
+ 'SHA256withRSA': '1.2.840.113549.1.1.11',
+ 'SHA384withRSA': '1.2.840.113549.1.1.12',
+ 'SHA512withRSA': '1.2.840.113549.1.1.13',
+
+ 'SHA1withECDSA': '1.2.840.10045.4.1',
+ 'SHA224withECDSA': '1.2.840.10045.4.3.1',
+ 'SHA256withECDSA': '1.2.840.10045.4.3.2',
+ 'SHA384withECDSA': '1.2.840.10045.4.3.3',
+ 'SHA512withECDSA': '1.2.840.10045.4.3.4',
+
+ 'dsa': '1.2.840.10040.4.1',
+ 'SHA1withDSA': '1.2.840.10040.4.3',
+ 'SHA224withDSA': '2.16.840.1.101.3.4.3.1',
+ 'SHA256withDSA': '2.16.840.1.101.3.4.3.2',
+
'rsaEncryption': '1.2.840.113549.1.1.1',
'subjectKeyIdentifier': '2.5.29.14',
@@ -1478,6 +1604,11 @@ KJUR.asn1.x509.OID = new function(params) {
'emailProtection': '1.3.6.1.5.5.7.3.4',
'timeStamping': '1.3.6.1.5.5.7.3.8',
'ocspSigning': '1.3.6.1.5.5.7.3.9',
+
+ 'ecPublicKey': '1.2.840.10045.2.1',
+ 'secp256r1': '1.2.840.10045.3.1.7',
+ 'secp256k1': '1.3.132.0.10',
+ 'secp384r1': '1.3.132.0.34',
};
this.objCache = {};
@@ -1557,6 +1688,93 @@ KJUR.asn1.x509.X509Util = new function() {
return pem;
};
};
+/**
+ * issue a certificate in PEM format
+ * @name newCertPEM
+ * @memberOf KJUR.asn1.x509.X509Util
+ * @function
+ * @param {Array} param parameter to issue a certificate
+ * @since asn1x509 1.0.6
+ * @description
+ * This method can issue a certificate by a simple
+ * JSON object.
+ * NOTE: When using DSA or ECDSA CA signing key,
+ * use 'paramempty' in 'sigalg' to ommit parameter field
+ * of AlgorithmIdentifer. In case of RSA, parameter
+ * NULL will be specified by default.
+ * @example
+ * var certPEM = KJUR.asn1.x509.X509Util.newCertPEM(
+ * { serial: {int: 4},
+ * sigalg: {name: 'SHA1withECDSA', paramempty: true},
+ * issuer: {str: '/C=US/O=a'},
+ * notbefore: {'str': '130504235959Z'},
+ * notafter: {'str': '140504235959Z'},
+ * subject: {str: '/C=US/O=b'},
+ * sbjpubkey: pubKeyPEM,
+ * ext: [
+ * {basicConstraints: {cA: true, critical: true}},
+ * {keyUsage: {bin: '11'}},
+ * ],
+ * cakey: [prvkey, pass]}
+ * );
+ */
+KJUR.asn1.x509.X509Util.newCertPEM = function(param) {
+ var ns1 = KJUR.asn1.x509;
+ var o = new ns1.TBSCertificate();
+
+ if (param.serial !== undefined)
+ o.setSerialNumberByParam(param.serial);
+ else
+ throw "serial number undefined.";
+
+ if (typeof param.sigalg.name == 'string')
+ o.setSignatureAlgByParam(param.sigalg);
+ else
+ throw "unproper signature algorithm name";
+
+ if (param.issuer !== undefined)
+ o.setIssuerByParam(param.issuer);
+ else
+ throw "issuer name undefined.";
+
+ if (param.notbefore !== undefined)
+ o.setNotBeforeByParam(param.notbefore);
+ else
+ throw "notbefore undefined.";
+
+ if (param.notafter !== undefined)
+ o.setNotAfterByParam(param.notafter);
+ else
+ throw "notafter undefined.";
+
+ if (param.subject !== undefined)
+ o.setSubjectByParam(param.subject);
+ else
+ throw "subject name undefined.";
+
+ if (param.sbjpubkey !== undefined)
+ o.setSubjectPublicKeyByGetKey(param.sbjpubkey);
+ else
+ throw "subject public key undefined.";
+
+ if (param.ext.length !== undefined) {
+ for (var i = 0; i < param.ext.length; i++) {
+ for (key in param.ext[i]) {
+ o.appendExtensionByName(key, param.ext[i][key]);
+ }
+ }
+ }
+
+ var caKey = null;
+ if (param.cakey)
+ caKey = KEYUTIL.getKey.apply(null, param.cakey);
+ else
+ throw "ca key undefined";
+
+ var cert = new ns1.Certificate({'tbscertobj': o, 'prvkeyobj': caKey});
+ cert.sign();
+ return cert.getPEMString();
+};
/*
org.bouncycastle.asn1.x500
@@ -1568,4 +1786,4 @@ X500NameBuilder
org.bouncycastleasn1.x509
TBSCertificate
- */
+ */
View
4 asn1x509-1.0.min.js
@@ -1,3 +1,3 @@
-/*! asn1x509-1.0.4.js (c) 2013 Kenji Urushima | kjur.github.com/jsrsasign/license
+/*! asn1x509-1.0.6.js (c) 2013 Kenji Urushima | kjur.github.com/jsrsasign/license
*/
-if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}if(typeof KJUR.asn1.x509=="undefined"||!KJUR.asn1.x509){KJUR.asn1.x509={}}KJUR.asn1.x509.Certificate=function(f){KJUR.asn1.x509.Certificate.superclass.constructor.call(this);var a=null;var c=null;var e=null;var b=null;var d=null;this.setRsaPrvKeyByPEMandPass=function(h,j){var g=PKCS5PKEY.getDecryptedKeyHex(h,j);var i=new RSAKey();i.readPrivateKeyFromASN1HexString(g);this.rsaPrvKey=i};this.sign=function(){this.asn1SignatureAlg=this.asn1TBSCert.asn1SignatureAlg;sig=new KJUR.crypto.Signature({alg:"SHA1withRSA",prov:"cryptojs/jsrsa"});sig.initSign(this.rsaPrvKey);sig.updateHex(this.asn1TBSCert.getEncodedHex());this.hexSig=sig.sign();this.asn1Sig=new KJUR.asn1.DERBitString({hex:"00"+this.hexSig});var g=new KJUR.asn1.DERSequence({array:[this.asn1TBSCert,this.asn1SignatureAlg,this.asn1Sig]});this.hTLV=g.getEncodedHex();this.isModified=false};this.getEncodedHex=function(){if(this.isModified==false&&this.hTLV!=null){return this.hTLV}throw"not signed yet"};this.getPEMString=function(){var i=this.getEncodedHex();var g=CryptoJS.enc.Hex.parse(i);var h=CryptoJS.enc.Base64.stringify(g);var j=h.replace(/(.{64})/g,"$1\r\n");return"-----BEGIN CERTIFICATE-----\r\n"+j+"\r\n-----END CERTIFICATE-----\r\n"};if(typeof f!="undefined"){if(typeof f.tbscertobj!="undefined"){this.asn1TBSCert=f.tbscertobj}if(typeof f.rsaprvkey!="undefined"){this.rsaPrvKey=f.rsaprvkey}if((typeof f.rsaprvpem!="undefined")&&(typeof f.rsaprvpas!="undefined")){this.setRsaPrvKeyByPEMandPass(f.rsaprvpem,f.rsaprvpas)}}};YAHOO.lang.extend(KJUR.asn1.x509.Certificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.TBSCertificate=function(a){KJUR.asn1.x509.TBSCertificate.superclass.constructor.call(this);this._initialize=function(){this.asn1Array=new Array();this.asn1Version=new KJUR.asn1.DERTaggedObject({obj:new KJUR.asn1.DERInteger({"int":2})});this.asn1SerialNumber=null;this.asn1SignatureAlg=null;this.asn1Issuer=null;this.asn1NotBefore=null;this.asn1NotAfter=null;this.asn1Subject=null;this.asn1SubjPKey=null;this.extensionsArray=new Array()};this.setSerialNumberByParam=function(b){this.asn1SerialNumber=new KJUR.asn1.DERInteger(b)};this.setSignatureAlgByParam=function(b){this.asn1SignatureAlg=new KJUR.asn1.x509.AlgorithmIdentifier(b)};this.setIssuerByParam=function(b){this.asn1Issuer=new KJUR.asn1.x509.X500Name(b)};this.setNotBeforeByParam=function(b){this.asn1NotBefore=new KJUR.asn1.x509.Time(b)};this.setNotAfterByParam=function(b){this.asn1NotAfter=new KJUR.asn1.x509.Time(b)};this.setSubjectByParam=function(b){this.asn1Subject=new KJUR.asn1.x509.X500Name(b)};this.setSubjectPublicKeyByParam=function(b){this.asn1SubjPKey=new KJUR.asn1.x509.SubjectPublicKeyInfo(b)};this.appendExtension=function(b){this.extensionsArray.push(b)};this.getEncodedHex=function(){if(this.asn1NotBefore==null||this.asn1NotAfter==null){throw"notBefore and/or notAfter not set"}var c=new KJUR.asn1.DERSequence({array:[this.asn1NotBefore,this.asn1NotAfter]});this.asn1Array=new Array();this.asn1Array.push(this.asn1Version);this.asn1Array.push(this.asn1SerialNumber);this.asn1Array.push(this.asn1SignatureAlg);this.asn1Array.push(this.asn1Issuer);this.asn1Array.push(c);this.asn1Array.push(this.asn1Subject);this.asn1Array.push(this.asn1SubjPKey);if(this.extensionsArray.length>0){var d=new KJUR.asn1.DERSequence({array:this.extensionsArray});var b=new KJUR.asn1.DERTaggedObject({explicit:true,tag:"a3",obj:d});this.asn1Array.push(b)}var e=new KJUR.asn1.DERSequence({array:this.asn1Array});this.hTLV=e.getEncodedHex();this.isModified=false;return this.hTLV};this._initialize()};YAHOO.lang.extend(KJUR.asn1.x509.TBSCertificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Extension=function(b){KJUR.asn1.x509.Extension.superclass.constructor.call(this);var a=null;this.getEncodedHex=function(){var f=new KJUR.asn1.DERObjectIdentifier({oid:this.oid});var e=new KJUR.asn1.DEROctetString({hex:this.getExtnValueHex()});var d=new Array();d.push(f);if(this.critical){d.push(new KJUR.asn1.DERBoolean())}d.push(e);var c=new KJUR.asn1.DERSequence({array:d});return c.getEncodedHex()};this.critical=false;if(typeof b!="undefined"){if(typeof b.critical!="undefined"){this.critical=b.critical}}};YAHOO.lang.extend(KJUR.asn1.x509.Extension,KJUR.asn1.ASN1Object);KJUR.asn1.x509.KeyUsage=function(a){KJUR.asn1.x509.KeyUsage.superclass.constructor.call(this,a);this.getExtnValueHex=function(){return this.asn1ExtnValue.getEncodedHex()};this.oid="2.5.29.15";if(typeof a!="undefined"){if(typeof a.bin!="undefined"){this.asn1ExtnValue=new KJUR.asn1.DERBitString(a)}}};YAHOO.lang.extend(KJUR.asn1.x509.KeyUsage,KJUR.asn1.x509.Extension);KJUR.asn1.x509.BasicConstraints=function(c){KJUR.asn1.x509.BasicConstraints.superclass.constructor.call(this,c);var a=false;var b=-1;this.getExtnValueHex=function(){var e=new Array();if(this.cA){e.push(new KJUR.asn1.DERBoolean())}if(this.pathLen>-1){e.push(new KJUR.asn1.DERInteger({"int":this.pathLen}))}var d=new KJUR.asn1.DERSequence({array:e});this.asn1ExtnValue=d;return this.asn1ExtnValue.getEncodedHex()};this.oid="2.5.29.19";this.cA=false;this.pathLen=-1;if(typeof c!="undefined"){if(typeof c.cA!="undefined"){this.cA=c.cA}if(typeof c.pathLen!="undefined"){this.pathLen=c.pathLen}}};YAHOO.lang.extend(KJUR.asn1.x509.BasicConstraints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRLDistributionPoints=function(a){KJUR.asn1.x509.CRLDistributionPoints.superclass.constructor.call(this,a);this.getExtnValueHex=function(){return this.asn1ExtnValue.getEncodedHex()};this.setByDPArray=function(b){this.asn1ExtnValue=new KJUR.asn1.DERSequence({array:b})};this.setByOneURI=function(e){var b=new KJUR.asn1.x509.GeneralNames([{uri:e}]);var d=new KJUR.asn1.x509.DistributionPointName(b);var c=new KJUR.asn1.x509.DistributionPoint({dpobj:d});this.setByDPArray([c])};this.oid="2.5.29.31";if(typeof a!="undefined"){if(typeof a.array!="undefined"){this.setByDPArray(a.array)}else{if(typeof a.uri!="undefined"){this.setByOneURI(a.uri)}}}};YAHOO.lang.extend(KJUR.asn1.x509.CRLDistributionPoints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.ExtKeyUsage=function(a){KJUR.asn1.x509.ExtKeyUsage.superclass.constructor.call(this,a);this.setPurposeArray=function(b){this.asn1ExtnValue=new KJUR.asn1.DERSequence();for(var c=0;c<b.length;c++){var d=new KJUR.asn1.DERObjectIdentifier(b[c]);this.asn1ExtnValue.appendASN1Object(d)}};this.getExtnValueHex=function(){return this.asn1ExtnValue.getEncodedHex()};this.oid="2.5.29.37";if(typeof a!="undefined"){if(typeof a.array!="undefined"){this.setPurposeArray(a.array)}}};YAHOO.lang.extend(KJUR.asn1.x509.ExtKeyUsage,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRL=function(f){KJUR.asn1.x509.CRL.superclass.constructor.call(this);var a=null;var c=null;var e=null;var b=null;var d=null;this.setRsaPrvKeyByPEMandPass=function(h,j){var g=PKCS5PKEY.getDecryptedKeyHex(h,j);var i=new RSAKey();i.readPrivateKeyFromASN1HexString(g);this.rsaPrvKey=i};this.sign=function(){this.asn1SignatureAlg=this.asn1TBSCertList.asn1SignatureAlg;sig=new KJUR.crypto.Signature({alg:"SHA1withRSA",prov:"cryptojs/jsrsa"});sig.initSign(this.rsaPrvKey);sig.updateHex(this.asn1TBSCertList.getEncodedHex());this.hexSig=sig.sign();this.asn1Sig=new KJUR.asn1.DERBitString({hex:"00"+this.hexSig});var g=new KJUR.asn1.DERSequence({array:[this.asn1TBSCertList,this.asn1SignatureAlg,this.asn1Sig]});this.hTLV=g.getEncodedHex();this.isModified=false};this.getEncodedHex=function(){if(this.isModified==false&&this.hTLV!=null){return this.hTLV}throw"not signed yet"};this.getPEMString=function(){var i=this.getEncodedHex();var g=CryptoJS.enc.Hex.parse(i);var h=CryptoJS.enc.Base64.stringify(g);var j=h.replace(/(.{64})/g,"$1\r\n");return"-----BEGIN X509 CRL-----\r\n"+j+"\r\n-----END X509 CRL-----\r\n"};if(typeof f!="undefined"){if(typeof f.tbsobj!="undefined"){this.asn1TBSCertList=f.tbsobj}if(typeof f.rsaprvkey!="undefined"){this.rsaPrvKey=f.rsaprvkey}if((typeof f.rsaprvpem!="undefined")&&(typeof f.rsaprvpas!="undefined")){this.setRsaPrvKeyByPEMandPass(f.rsaprvpem,f.rsaprvpas)}}};YAHOO.lang.extend(KJUR.asn1.x509.CRL,KJUR.asn1.ASN1Object);KJUR.asn1.x509.TBSCertList=function(b){KJUR.asn1.x509.TBSCertList.superclass.constructor.call(this);var a=null;this.setSignatureAlgByParam=function(c){this.asn1SignatureAlg=new KJUR.asn1.x509.AlgorithmIdentifier(c)};this.setIssuerByParam=function(c){this.asn1Issuer=new KJUR.asn1.x509.X500Name(c)};this.setThisUpdateByParam=function(c){this.asn1ThisUpdate=new KJUR.asn1.x509.Time(c)};this.setNextUpdateByParam=function(c){this.asn1NextUpdate=new KJUR.asn1.x509.Time(c)};this.addRevokedCert=function(c,d){var f={};if(c!=undefined&&c!=null){f.sn=c}if(d!=undefined&&d!=null){f.time=d}var e=new KJUR.asn1.x509.CRLEntry(f);this.aRevokedCert.push(e)};this.getEncodedHex=function(){this.asn1Array=new Array();if(this.asn1Version!=null){this.asn1Array.push(this.asn1Version)}this.asn1Array.push(this.asn1SignatureAlg);this.asn1Array.push(this.asn1Issuer);this.asn1Array.push(this.asn1ThisUpdate);if(this.asn1NextUpdate!=null){this.asn1Array.push(this.asn1NextUpdate)}if(this.aRevokedCert.length>0){var c=new KJUR.asn1.DERSequence({array:this.aRevokedCert});this.asn1Array.push(c)}var d=new KJUR.asn1.DERSequence({array:this.asn1Array});this.hTLV=d.getEncodedHex();this.isModified=false;return this.hTLV};this._initialize=function(){this.asn1Version=null;this.asn1SignatureAlg=null;this.asn1Issuer=null;this.asn1ThisUpdate=null;this.asn1NextUpdate=null;this.aRevokedCert=new Array()};this._initialize()};YAHOO.lang.extend(KJUR.asn1.x509.TBSCertList,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CRLEntry=function(c){KJUR.asn1.x509.CRLEntry.superclass.constructor.call(this);var b=null;var a=null;this.setCertSerial=function(d){this.sn=new KJUR.asn1.DERInteger(d)};this.setRevocationDate=function(d){this.time=new KJUR.asn1.x509.Time(d)};this.getEncodedHex=function(){var d=new KJUR.asn1.DERSequence({array:[this.sn,this.time]});this.TLV=d.getEncodedHex();return this.TLV};if(typeof c!="undefined"){if(typeof c.time!="undefined"){this.setRevocationDate(c.time)}if(typeof c.sn!="undefined"){this.setCertSerial(c.sn)}}};YAHOO.lang.extend(KJUR.asn1.x509.CRLEntry,KJUR.asn1.ASN1Object);KJUR.asn1.x509.X500Name=function(a){KJUR.asn1.x509.X500Name.superclass.constructor.call(this);this.asn1Array=new Array();this.setByString=function(b){var c=b.split("/");c.shift();for(var d=0;d<c.length;d++){this.asn1Array.push(new KJUR.asn1.x509.RDN({str:c[d]}))}};this.getEncodedHex=function(){var b=new KJUR.asn1.DERSequence({array:this.asn1Array});this.TLV=b.getEncodedHex();return this.TLV};if(typeof a!="undefined"){if(typeof a.str!="undefined"){this.setByString(a.str)}}};YAHOO.lang.extend(KJUR.asn1.x509.X500Name,KJUR.asn1.ASN1Object);KJUR.asn1.x509.RDN=function(a){KJUR.asn1.x509.RDN.superclass.constructor.call(this);this.asn1Array=new Array();this.addByString=function(b){this.asn1Array.push(new KJUR.asn1.x509.AttributeTypeAndValue({str:b}))};this.getEncodedHex=function(){var b=new KJUR.asn1.DERSet({array:this.asn1Array});this.TLV=b.getEncodedHex();return this.TLV};if(typeof a!="undefined"){if(typeof a.str!="undefined"){this.addByString(a.str)}}};YAHOO.lang.extend(KJUR.asn1.x509.RDN,KJUR.asn1.ASN1Object);KJUR.asn1.x509.AttributeTypeAndValue=function(b){KJUR.asn1.x509.AttributeTypeAndValue.superclass.constructor.call(this);var d=null;var c=null;var a="utf8";this.setByString=function(e){if(e.match(/^([^=]+)=(.+)$/)){this.setByAttrTypeAndValueStr(RegExp.$1,RegExp.$2)}else{throw"malformed attrTypeAndValueStr: "+e}};this.setByAttrTypeAndValueStr=function(g,f){this.typeObj=KJUR.asn1.x509.OID.atype2obj(g);var e=a;if(g=="C"){e="prn"}this.valueObj=this.getValueObj(e,f)};this.getValueObj=function(f,e){if(f=="utf8"){return new KJUR.asn1.DERUTF8String({str:e})}if(f=="prn"){return new KJUR.asn1.DERPrintableString({str:e})}if(f=="tel"){return new KJUR.asn1.DERTeletexString({str:e})}if(f=="ia5"){return new KJUR.asn1.DERIA5String({str:e})}throw"unsupported directory string type: type="+f+" value="+e};this.getEncodedHex=function(){var e=new KJUR.asn1.DERSequence({array:[this.typeObj,this.valueObj]});this.TLV=e.getEncodedHex();return this.TLV};if(typeof b!="undefined"){if(typeof b.str!="undefined"){this.setByString(b.str)}}};YAHOO.lang.extend(KJUR.asn1.x509.AttributeTypeAndValue,KJUR.asn1.ASN1Object);KJUR.asn1.x509.SubjectPublicKeyInfo=function(d){KJUR.asn1.x509.SubjectPublicKeyInfo.superclass.constructor.call(this);var b=null;var c=null;var a=null;this.setRSAKey=function(e){if(!RSAKey.prototype.isPrototypeOf(e)){throw"argument is not RSAKey instance"}this.rsaKey=e;var g=new KJUR.asn1.DERInteger({bigint:e.n});var f=new KJUR.asn1.DERInteger({"int":e.e});var i=new KJUR.asn1.DERSequence({array:[g,f]});var h=i.getEncodedHex();this.asn1AlgId=new KJUR.asn1.x509.AlgorithmIdentifier({name:"rsaEncryption"});this.asn1SubjPKey=new KJUR.asn1.DERBitString({hex:"00"+h})};this.setRSAPEM=function(g){if(g.match(/-----BEGIN PUBLIC KEY-----/)){var n=g;n=n.replace(/^-----[^-]+-----/,"");n=n.replace(/-----[^-]+-----\s*$/,"");var m=n.replace(/\s+/g,"");var f=CryptoJS.enc.Base64.parse(m);var i=CryptoJS.enc.Hex.stringify(f);var k=_rsapem_getHexValueArrayOfChildrenFromHex(i);var h=k[1];var l=h.substr(2);var e=_rsapem_getHexValueArrayOfChildrenFromHex(l);var j=new RSAKey();j.setPublic(e[0],e[1]);this.setRSAKey(j)}else{throw"key not supported"}};this.getEncodedHex=function(){if(this.asn1AlgId==null||this.asn1SubjPKey==null){throw"algId and/or subjPubKey not set"}var e=new KJUR.asn1.DERSequence({array:[this.asn1AlgId,this.asn1SubjPKey]});this.hTLV=e.getEncodedHex();return this.hTLV};if(typeof d!="undefined"){if(typeof d.rsakey!="undefined"){this.setRSAKey(d.rsakey)}if(typeof d.rsapem!="undefined"){this.setRSAPEM(d.rsapem)}}};YAHOO.lang.extend(KJUR.asn1.x509.SubjectPublicKeyInfo,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Time=function(c){KJUR.asn1.x509.Time.superclass.constructor.call(this);var b=null;var a=null;this.setTimeParams=function(d){this.timeParams=d};this.getEncodedHex=function(){if(this.timeParams==null){throw"timeParams shall be specified. ({'str':'130403235959Z'}}"}var d=null;if(this.type=="utc"){d=new KJUR.asn1.DERUTCTime(this.timeParams)}else{d=new KJUR.asn1.DERGeneralizedTime(this.timeParams)}this.TLV=d.getEncodedHex();return this.TLV};this.type="utc";if(typeof c!="undefined"){if(typeof c.type!="undefined"){this.type=c.type}this.timeParams=c}};YAHOO.lang.extend(KJUR.asn1.x509.Time,KJUR.asn1.ASN1Object);KJUR.asn1.x509.AlgorithmIdentifier=function(d){KJUR.asn1.x509.AlgorithmIdentifier.superclass.constructor.call(this);var a=null;var c=null;var b=null;this.getEncodedHex=function(){if(this.nameAlg==null&&this.asn1Alg==null){throw"algorithm not specified"}if(this.nameAlg!=null&&this.asn1Alg==null){this.asn1Alg=KJUR.asn1.x509.OID.name2obj(this.nameAlg)}var e=new KJUR.asn1.DERSequence({array:[this.asn1Alg,this.asn1Params]});this.hTLV=e.getEncodedHex();return this.hTLV};if(typeof d!="undefined"){if(typeof d.name!="undefined"){this.nameAlg=d.name}if(typeof d.asn1params!="undefined"){this.asn1Params=d.asn1params}}if(this.asn1Params==null){this.asn1Params=new KJUR.asn1.DERNull()}};YAHOO.lang.extend(KJUR.asn1.x509.AlgorithmIdentifier,KJUR.asn1.ASN1Object);KJUR.asn1.x509.GeneralName=function(d){KJUR.asn1.x509.GeneralName.superclass.constructor.call(this);var c=null;var b=null;var a={rfc822:"81",dns:"82",uri:"86"};this.setByParam=function(g){var f=null;var e=null;if(typeof g.rfc822!="undefined"){this.type="rfc822";e=new KJUR.asn1.DERIA5String({str:g[this.type]})}if(typeof g.dns!="undefined"){this.type="dns";e=new KJUR.asn1.DERIA5String({str:g[this.type]})}if(typeof g.uri!="undefined"){this.type="uri";e=new KJUR.asn1.DERIA5String({str:g[this.type]})}if(this.type==null){throw"unsupported type in params="+g}this.asn1Obj=new KJUR.asn1.DERTaggedObject({explicit:false,tag:a[this.type],obj:e})};this.getEncodedHex=function(){return this.asn1Obj.getEncodedHex()};if(typeof d!="undefined"){this.setByParam(d)}};YAHOO.lang.extend(KJUR.asn1.x509.GeneralName,KJUR.asn1.ASN1Object);KJUR.asn1.x509.GeneralNames=function(b){KJUR.asn1.x509.GeneralNames.superclass.constructor.call(this);var a=null;this.setByParamArray=function(e){for(var c=0;c<e.length;c++){var d=new KJUR.asn1.x509.GeneralName(e[c]);this.asn1Array.push(d)}};this.getEncodedHex=function(){var c=new KJUR.asn1.DERSequence({array:this.asn1Array});return c.getEncodedHex()};this.asn1Array=new Array();if(typeof b!="undefined"){this.setByParamArray(b)}};YAHOO.lang.extend(KJUR.asn1.x509.GeneralNames,KJUR.asn1.ASN1Object);KJUR.asn1.x509.DistributionPointName=function(b){KJUR.asn1.x509.DistributionPointName.superclass.constructor.call(this);var e=null;var c=null;var a=null;var d=null;this.getEncodedHex=function(){if(this.type!="full"){throw"currently type shall be 'full': "+this.type}this.asn1Obj=new KJUR.asn1.DERTaggedObject({explicit:false,tag:this.tag,obj:this.asn1V});this.hTLV=this.asn1Obj.getEncodedHex();return this.hTLV};if(typeof b!="undefined"){if(KJUR.asn1.x509.GeneralNames.prototype.isPrototypeOf(b)){this.type="full";this.tag="a0";this.asn1V=b}else{throw"This class supports GeneralNames only as argument"}}};YAHOO.lang.extend(KJUR.asn1.x509.DistributionPointName,KJUR.asn1.ASN1Object);KJUR.asn1.x509.DistributionPoint=function(b){KJUR.asn1.x509.DistributionPoint.superclass.constructor.call(this);var a=null;this.getEncodedHex=function(){var c=new KJUR.asn1.DERSequence();if(this.asn1DP!=null){var d=new KJUR.asn1.DERTaggedObject({explicit:true,tag:"a0",obj:this.asn1DP});c.appendASN1Object(d)}this.hTLV=c.getEncodedHex();return this.hTLV};if(typeof b!="undefined"){if(typeof b.dpobj!="undefined"){this.asn1DP=b.dpobj}}};YAHOO.lang.extend(KJUR.asn1.x509.DistributionPoint,KJUR.asn1.ASN1Object);KJUR.asn1.x509.OID=new function(a){this.atype2oidList={C:"2.5.4.6",O:"2.5.4.10",OU:"2.5.4.11",ST:"2.5.4.8",L:"2.5.4.7",CN:"2.5.4.3",};this.name2oidList={sha384:"2.16.840.1.101.3.4.2.2",sha224:"2.16.840.1.101.3.4.2.4",SHA1withRSA:"1.2.840.113549.1.1.5",rsaEncryption:"1.2.840.113549.1.1.1",subjectKeyIdentifier:"2.5.29.14",countryName:"2.5.4.6",organization:"2.5.4.10",organizationalUnit:"2.5.4.11",stateOrProvinceName:"2.5.4.8",locality:"2.5.4.7",commonName:"2.5.4.3",keyUsage:"2.5.29.15",basicConstraints:"2.5.29.19",cRLDistributionPoints:"2.5.29.31",certificatePolicies:"2.5.29.32",authorityKeyIdentifier:"2.5.29.35",extKeyUsage:"2.5.29.37",anyExtendedKeyUsage:"2.5.29.37.0",serverAuth:"1.3.6.1.5.5.7.3.1",clientAuth:"1.3.6.1.5.5.7.3.2",codeSigning:"1.3.6.1.5.5.7.3.3",emailProtection:"1.3.6.1.5.5.7.3.4",timeStamping:"1.3.6.1.5.5.7.3.8",ocspSigning:"1.3.6.1.5.5.7.3.9",};this.objCache={};this.name2obj=function(b){if(typeof this.objCache[b]!="undefined"){return this.objCache[b]}if(typeof this.name2oidList[b]=="undefined"){throw"Name of ObjectIdentifier not defined: "+b}var c=this.name2oidList[b];var d=new KJUR.asn1.DERObjectIdentifier({oid:c});this.objCache[b]=d;return d};this.atype2obj=function(b){if(typeof this.objCache[b]!="undefined"){return this.objCache[b]}if(typeof this.atype2oidList[b]=="undefined"){throw"AttributeType name undefined: "+b}var c=this.atype2oidList[b];var d=new KJUR.asn1.DERObjectIdentifier({oid:c});this.objCache[b]=d;return d}};KJUR.asn1.x509.X509Util=new function(){this.getPKCS8PubKeyPEMfromRSAKey=function(i){var h=null;var f=KJUR.asn1.ASN1Util.bigIntToMinTwosComplementsHex(i.n);var j=KJUR.asn1.ASN1Util.integerToByteHex(i.e);var a=new KJUR.asn1.DERInteger({hex:f});var g=new KJUR.asn1.DERInteger({hex:j});var l=new KJUR.asn1.DERSequence({array:[a,g]});var c=l.getEncodedHex();var d=new KJUR.asn1.x509.AlgorithmIdentifier({name:"rsaEncryption"});var b=new KJUR.asn1.DERBitString({hex:"00"+c});var k=new KJUR.asn1.DERSequence({array:[d,b]});var e=k.getEncodedHex();var h=KJUR.asn1.ASN1Util.getPEMStringFromHex(e,"PUBLIC KEY");return h}};
+if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}if(typeof KJUR.asn1.x509=="undefined"||!KJUR.asn1.x509){KJUR.asn1.x509={}}KJUR.asn1.x509.Certificate=function(g){KJUR.asn1.x509.Certificate.superclass.constructor.call(this);var b=null;var d=null;var f=null;var c=null;var a=null;var e=null;this.setRsaPrvKeyByPEMandPass=function(i,k){var h=PKCS5PKEY.getDecryptedKeyHex(i,k);var j=new RSAKey();j.readPrivateKeyFromASN1HexString(h);this.prvKey=j};this.sign=function(){this.asn1SignatureAlg=this.asn1TBSCert.asn1SignatureAlg;sig=new KJUR.crypto.Signature({alg:"SHA1withRSA"});sig.init(this.prvKey);sig.updateHex(this.asn1TBSCert.getEncodedHex());this.hexSig=sig.sign();this.asn1Sig=new KJUR.asn1.DERBitString({hex:"00"+this.hexSig});var h=new KJUR.asn1.DERSequence({array:[this.asn1TBSCert,this.asn1SignatureAlg,this.asn1Sig]});this.hTLV=h.getEncodedHex();this.isModified=false};this.getEncodedHex=function(){if(this.isModified==false&&this.hTLV!=null){return this.hTLV}throw"not signed yet"};this.getPEMString=function(){var j=this.getEncodedHex();var h=CryptoJS.enc.Hex.parse(j);var i=CryptoJS.enc.Base64.stringify(h);var k=i.replace(/(.{64})/g,"$1\r\n");return"-----BEGIN CERTIFICATE-----\r\n"+k+"\r\n-----END CERTIFICATE-----\r\n"};if(typeof g!="undefined"){if(typeof g.tbscertobj!="undefined"){this.asn1TBSCert=g.tbscertobj}if(typeof g.prvkeyobj!="undefined"){this.prvKey=g.prvkeyobj}else{if(typeof g.rsaprvkey!="undefined"){this.prvKey=g.rsaprvkey}else{if((typeof g.rsaprvpem!="undefined")&&(typeof g.rsaprvpas!="undefined")){this.setRsaPrvKeyByPEMandPass(g.rsaprvpem,g.rsaprvpas)}}}}};YAHOO.lang.extend(KJUR.asn1.x509.Certificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.TBSCertificate=function(a){KJUR.asn1.x509.TBSCertificate.superclass.constructor.call(this);this._initialize=function(){this.asn1Array=new Array();this.asn1Version=new KJUR.asn1.DERTaggedObject({obj:new KJUR.asn1.DERInteger({"int":2})});this.asn1SerialNumber=null;this.asn1SignatureAlg=null;this.asn1Issuer=null;this.asn1NotBefore=null;this.asn1NotAfter=null;this.asn1Subject=null;this.asn1SubjPKey=null;this.extensionsArray=new Array()};this.setSerialNumberByParam=function(b){this.asn1SerialNumber=new KJUR.asn1.DERInteger(b)};this.setSignatureAlgByParam=function(b){this.asn1SignatureAlg=new KJUR.asn1.x509.AlgorithmIdentifier(b)};this.setIssuerByParam=function(b){this.asn1Issuer=new KJUR.asn1.x509.X500Name(b)};this.setNotBeforeByParam=function(b){this.asn1NotBefore=new KJUR.asn1.x509.Time(b)};this.setNotAfterByParam=function(b){this.asn1NotAfter=new KJUR.asn1.x509.Time(b)};this.setSubjectByParam=function(b){this.asn1Subject=new KJUR.asn1.x509.X500Name(b)};this.setSubjectPublicKeyByParam=function(b){this.asn1SubjPKey=new KJUR.asn1.x509.SubjectPublicKeyInfo(b)};this.setSubjectPublicKeyByGetKey=function(c){var b=KEYUTIL.getKey(c);this.asn1SubjPKey=new KJUR.asn1.x509.SubjectPublicKeyInfo(b)};this.appendExtension=function(b){this.extensionsArray.push(b)};this.appendExtensionByName=function(d,b){if(d.toLowerCase()=="basicconstraints"){var c=new KJUR.asn1.x509.BasicConstraints(b);this.appendExtension(c)}else{if(d.toLowerCase()=="keyusage"){var c=new KJUR.asn1.x509.KeyUsage(b);this.appendExtension(c)}else{if(d.toLowerCase()=="crldistributionpoints"){var c=new KJUR.asn1.x509.CRLDistributionPoints(b);this.appendExtension(c)}else{if(d.toLowerCase()=="extkeyusage"){var c=new KJUR.asn1.x509.ExtKeyUsage(b);this.appendExtension(c)}else{throw"unsupported extension name: "+d}}}}};this.getEncodedHex=function(){if(this.asn1NotBefore==null||this.asn1NotAfter==null){throw"notBefore and/or notAfter not set"}var c=new KJUR.asn1.DERSequence({array:[this.asn1NotBefore,this.asn1NotAfter]});this.asn1Array=new Array();this.asn1Array.push(this.asn1Version);this.asn1Array.push(this.asn1SerialNumber);this.asn1Array.push(this.asn1SignatureAlg);this.asn1Array.push(this.asn1Issuer);this.asn1Array.push(c);this.asn1Array.push(this.asn1Subject);this.asn1Array.push(this.asn1SubjPKey);if(this.extensionsArray.length>0){var d=new KJUR.asn1.DERSequence({array:this.extensionsArray});var b=new KJUR.asn1.DERTaggedObject({explicit:true,tag:"a3",obj:d});this.asn1Array.push(b)}var e=new KJUR.asn1.DERSequence({array:this.asn1Array});this.hTLV=e.getEncodedHex();this.isModified=false;return this.hTLV};this._initialize()};YAHOO.lang.extend(KJUR.asn1.x509.TBSCertificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Extension=function(b){KJUR.asn1.x509.Extension.superclass.constructor.call(this);var a=null;this.getEncodedHex=function(){var f=new KJUR.asn1.DERObjectIdentifier({oid:this.oid});var e=new KJUR.asn1.DEROctetString({hex:this.getExtnValueHex()});var d=new Array();d.push(f);if(this.critical){d.push(new KJUR.asn1.DERBoolean())}d.push(e);var c=new KJUR.asn1.DERSequence({array:d});return c.getEncodedHex()};this.critical=false;if(typeof b!="undefined"){if(typeof b.critical!="undefined"){this.critical=b.critical}}};YAHOO.lang.extend(KJUR.asn1.x509.Extension,KJUR.asn1.ASN1Object);KJUR.asn1.x509.KeyUsage=function(a){KJUR.asn1.x509.KeyUsage.superclass.constructor.call(this,a);this.getExtnValueHex=function(){return this.asn1ExtnValue.getEncodedHex()};this.oid="2.5.29.15";if(typeof a!="undefined"){if(typeof a.bin!="undefined"){this.asn1ExtnValue=new KJUR.asn1.DERBitString(a)}}};YAHOO.lang.extend(KJUR.asn1.x509.KeyUsage,KJUR.asn1.x509.Extension);KJUR.asn1.x509.BasicConstraints=function(c){KJUR.asn1.x509.BasicConstraints.superclass.constructor.call(this,c);var a=false;var b=-1;this.getExtnValueHex=function(){var e=new Array();if(this.cA){e.push(new KJUR.asn1.DERBoolean())}if(this.pathLen>-1){e.push(new KJUR.asn1.DERInteger({"int":this.pathLen}))}var d=new KJUR.asn1.DERSequence({array:e});this.asn1ExtnValue=d;return this.asn1ExtnValue.getEncodedHex()};this.oid="2.5.29.19";this.cA=false;this.pathLen=-1;if(typeof c!="undefined"){if(typeof c.cA!="undefined"){this.cA=c.cA}if(typeof c.pathLen!="undefined"){this.pathLen=c.pathLen}}};YAHOO.lang.extend(KJUR.asn1.x509.BasicConstraints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRLDistributionPoints=function(a){KJUR.asn1.x509.CRLDistributionPoints.superclass.constructor.call(this,a);this.getExtnValueHex=function(){return this.asn1ExtnValue.getEncodedHex()};this.setByDPArray=function(b){this.asn1ExtnValue=new KJUR.asn1.DERSequence({array:b})};this.setByOneURI=function(e){var b=new KJUR.asn1.x509.GeneralNames([{uri:e}]);var d=new KJUR.asn1.x509.DistributionPointName(b);var c=new KJUR.asn1.x509.DistributionPoint({dpobj:d});this.setByDPArray([c])};this.oid="2.5.29.31";if(typeof a!="undefined"){if(typeof a.array!="undefined"){this.setByDPArray(a.array)}else{if(typeof a.uri!="undefined"){this.setByOneURI(a.uri)}}}};YAHOO.lang.extend(KJUR.asn1.x509.CRLDistributionPoints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.ExtKeyUsage=function(a){KJUR.asn1.x509.ExtKeyUsage.superclass.constructor.call(this,a);this.setPurposeArray=function(b){this.asn1ExtnValue=new KJUR.asn1.DERSequence();for(var c=0;c<b.length;c++){var d=new KJUR.asn1.DERObjectIdentifier(b[c]);this.asn1ExtnValue.appendASN1Object(d)}};this.getExtnValueHex=function(){return this.asn1ExtnValue.getEncodedHex()};this.oid="2.5.29.37";if(typeof a!="undefined"){if(typeof a.array!="undefined"){this.setPurposeArray(a.array)}}};YAHOO.lang.extend(KJUR.asn1.x509.ExtKeyUsage,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRL=function(f){KJUR.asn1.x509.CRL.superclass.constructor.call(this);var a=null;var c=null;var e=null;var b=null;var d=null;this.setRsaPrvKeyByPEMandPass=function(h,j){var g=PKCS5PKEY.getDecryptedKeyHex(h,j);var i=new RSAKey();i.readPrivateKeyFromASN1HexString(g);this.rsaPrvKey=i};this.sign=function(){this.asn1SignatureAlg=this.asn1TBSCertList.asn1SignatureAlg;sig=new KJUR.crypto.Signature({alg:"SHA1withRSA",prov:"cryptojs/jsrsa"});sig.initSign(this.rsaPrvKey);sig.updateHex(this.asn1TBSCertList.getEncodedHex());this.hexSig=sig.sign();this.asn1Sig=new KJUR.asn1.DERBitString({hex:"00"+this.hexSig});var g=new KJUR.asn1.DERSequence({array:[this.asn1TBSCertList,this.asn1SignatureAlg,this.asn1Sig]});this.hTLV=g.getEncodedHex();this.isModified=false};this.getEncodedHex=function(){if(this.isModified==false&&this.hTLV!=null){return this.hTLV}throw"not signed yet"};this.getPEMString=function(){var i=this.getEncodedHex();var g=CryptoJS.enc.Hex.parse(i);var h=CryptoJS.enc.Base64.stringify(g);var j=h.replace(/(.{64})/g,"$1\r\n");return"-----BEGIN X509 CRL-----\r\n"+j+"\r\n-----END X509 CRL-----\r\n"};if(typeof f!="undefined"){if(typeof f.tbsobj!="undefined"){this.asn1TBSCertList=f.tbsobj}if(typeof f.rsaprvkey!="undefined"){this.rsaPrvKey=f.rsaprvkey}if((typeof f.rsaprvpem!="undefined")&&(typeof f.rsaprvpas!="undefined")){this.setRsaPrvKeyByPEMandPass(f.rsaprvpem,f.rsaprvpas)}}};YAHOO.lang.extend(KJUR.asn1.x509.CRL,KJUR.asn1.ASN1Object);KJUR.asn1.x509.TBSCertList=function(b){KJUR.asn1.x509.TBSCertList.superclass.constructor.call(this);var a=null;this.setSignatureAlgByParam=function(c){this.asn1SignatureAlg=new KJUR.asn1.x509.AlgorithmIdentifier(c)};this.setIssuerByParam=function(c){this.asn1Issuer=new KJUR.asn1.x509.X500Name(c)};this.setThisUpdateByParam=function(c){this.asn1ThisUpdate=new KJUR.asn1.x509.Time(c)};this.setNextUpdateByParam=function(c){this.asn1NextUpdate=new KJUR.asn1.x509.Time(c)};this.addRevokedCert=function(c,d){var f={};if(c!=undefined&&c!=null){f.sn=c}if(d!=undefined&&d!=null){f.time=d}var e=new KJUR.asn1.x509.CRLEntry(f);this.aRevokedCert.push(e)};this.getEncodedHex=function(){this.asn1Array=new Array();if(this.asn1Version!=null){this.asn1Array.push(this.asn1Version)}this.asn1Array.push(this.asn1SignatureAlg);this.asn1Array.push(this.asn1Issuer);this.asn1Array.push(this.asn1ThisUpdate);if(this.asn1NextUpdate!=null){this.asn1Array.push(this.asn1NextUpdate)}if(this.aRevokedCert.length>0){var c=new KJUR.asn1.DERSequence({array:this.aRevokedCert});this.asn1Array.push(c)}var d=new KJUR.asn1.DERSequence({array:this.asn1Array});this.hTLV=d.getEncodedHex();this.isModified=false;return this.hTLV};this._initialize=function(){this.asn1Version=null;this.asn1SignatureAlg=null;this.asn1Issuer=null;this.asn1ThisUpdate=null;this.asn1NextUpdate=null;this.aRevokedCert=new Array()};this._initialize()};YAHOO.lang.extend(KJUR.asn1.x509.TBSCertList,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CRLEntry=function(c){KJUR.asn1.x509.CRLEntry.superclass.constructor.call(this);var b=null;var a=null;this.setCertSerial=function(d){this.sn=new KJUR.asn1.DERInteger(d)};this.setRevocationDate=function(d){this.time=new KJUR.asn1.x509.Time(d)};this.getEncodedHex=function(){var d=new KJUR.asn1.DERSequence({array:[this.sn,this.time]});this.TLV=d.getEncodedHex();return this.TLV};if(typeof c!="undefined"){if(typeof c.time!="undefined"){this.setRevocationDate(c.time)}if(typeof c.sn!="undefined"){this.setCertSerial(c.sn)}}};YAHOO.lang.extend(KJUR.asn1.x509.CRLEntry,KJUR.asn1.ASN1Object);KJUR.asn1.x509.X500Name=function(a){KJUR.asn1.x509.X500Name.superclass.constructor.call(this);this.asn1Array=new Array();this.setByString=function(b){var c=b.split("/");c.shift();for(var d=0;d<c.length;d++){this.asn1Array.push(new KJUR.asn1.x509.RDN({str:c[d]}))}};this.getEncodedHex=function(){var b=new KJUR.asn1.DERSequence({array:this.asn1Array});this.TLV=b.getEncodedHex();return this.TLV};if(typeof a!="undefined"){if(typeof a.str!="undefined"){this.setByString(a.str)}}};YAHOO.lang.extend(KJUR.asn1.x509.X500Name,KJUR.asn1.ASN1Object);KJUR.asn1.x509.RDN=function(a){KJUR.asn1.x509.RDN.superclass.constructor.call(this);this.asn1Array=new Array();this.addByString=function(b){this.asn1Array.push(new KJUR.asn1.x509.AttributeTypeAndValue({str:b}))};this.getEncodedHex=function(){var b=new KJUR.asn1.DERSet({array:this.asn1Array});this.TLV=b.getEncodedHex();return this.TLV};if(typeof a!="undefined"){if(typeof a.str!="undefined"){this.addByString(a.str)}}};YAHOO.lang.extend(KJUR.asn1.x509.RDN,KJUR.asn1.ASN1Object);KJUR.asn1.x509.AttributeTypeAndValue=function(b){KJUR.asn1.x509.AttributeTypeAndValue.superclass.constructor.call(this);var d=null;var c=null;var a="utf8";this.setByString=function(e){if(e.match(/^([^=]+)=(.+)$/)){this.setByAttrTypeAndValueStr(RegExp.$1,RegExp.$2)}else{throw"malformed attrTypeAndValueStr: "+e}};this.setByAttrTypeAndValueStr=function(g,f){this.typeObj=KJUR.asn1.x509.OID.atype2obj(g);var e=a;if(g=="C"){e="prn"}this.valueObj=this.getValueObj(e,f)};this.getValueObj=function(f,e){if(f=="utf8"){return new KJUR.asn1.DERUTF8String({str:e})}if(f=="prn"){return new KJUR.asn1.DERPrintableString({str:e})}if(f=="tel"){return new KJUR.asn1.DERTeletexString({str:e})}if(f=="ia5"){return new KJUR.asn1.DERIA5String({str:e})}throw"unsupported directory string type: type="+f+" value="+e};this.getEncodedHex=function(){var e=new KJUR.asn1.DERSequence({array:[this.typeObj,this.valueObj]});this.TLV=e.getEncodedHex();return this.TLV};if(typeof b!="undefined"){if(typeof b.str!="undefined"){this.setByString(b.str)}}};YAHOO.lang.extend(KJUR.asn1.x509.AttributeTypeAndValue,KJUR.asn1.ASN1Object);KJUR.asn1.x509.SubjectPublicKeyInfo=function(d){KJUR.asn1.x509.SubjectPublicKeyInfo.superclass.constructor.call(this);var b=null;var c=null;var a=null;this.setRSAKey=function(e){if(!RSAKey.prototype.isPrototypeOf(e)){throw"argument is not RSAKey instance"}this.rsaKey=e;var g=new KJUR.asn1.DERInteger({bigint:e.n});var f=new KJUR.asn1.DERInteger({"int":e.e});var i=new KJUR.asn1.DERSequence({array:[g,f]});var h=i.getEncodedHex();this.asn1AlgId=new KJUR.asn1.x509.AlgorithmIdentifier({name:"rsaEncryption"});this.asn1SubjPKey=new KJUR.asn1.DERBitString({hex:"00"+h})};this.setRSAPEM=function(g){if(g.match(/-----BEGIN PUBLIC KEY-----/)){var n=g;n=n.replace(/^-----[^-]+-----/,"");n=n.replace(/-----[^-]+-----\s*$/,"");var m=n.replace(/\s+/g,"");var f=CryptoJS.enc.Base64.parse(m);var i=CryptoJS.enc.Hex.stringify(f);var k=_rsapem_getHexValueArrayOfChildrenFromHex(i);var h=k[1];var l=h.substr(2);var e=_rsapem_getHexValueArrayOfChildrenFromHex(l);var j=new RSAKey();j.setPublic(e[0],e[1]);this.setRSAKey(j)}else{throw"key not supported"}};this.getEncodedHex=function(){if(this.asn1AlgId==null||this.asn1SubjPKey==null){throw"algId and/or subjPubKey not set"}var e=new KJUR.asn1.DERSequence({array:[this.asn1AlgId,this.asn1SubjPKey]});this.hTLV=e.getEncodedHex();return this.hTLV};this._setRSAKey=function(e){var g=KJUR.asn1.ASN1Util.newObject({seq:[{"int":{bigint:e.n}},{"int":{"int":e.e}}]});var f=g.getEncodedHex();this.asn1AlgId=new KJUR.asn1.x509.AlgorithmIdentifier({name:"rsaEncryption"});this.asn1SubjPKey=new KJUR.asn1.DERBitString({hex:"00"+f})};this._setEC=function(e){var f=new KJUR.asn1.DERObjectIdentifier({name:e.curveName});this.asn1AlgId=new KJUR.asn1.x509.AlgorithmIdentifier({name:"ecPublicKey",asn1params:f});this.asn1SubjPKey=new KJUR.asn1.DERBitString({hex:"00"+e.pubKeyHex})};this._setDSA=function(e){var f=new KJUR.asn1.ASN1Util.newObject({seq:[{"int":{bigint:e.p}},{"int":{bigint:e.q}},{"int":{bigint:e.g}}]});this.asn1AlgId=new KJUR.asn1.x509.AlgorithmIdentifier({name:"dsa",asn1params:f});var g=KJUR.asn1.ASN1Util.bigIntToMinTwosComplementsHex(e.y);this.asn1SubjPKey=new KJUR.asn1.DERBitString({hex:"00"+g})};if(typeof d!="undefined"){if(typeof RSAKey!="undefined"&&d instanceof RSAKey){this._setRSAKey(d)}else{if(typeof KJUR.crypto.ECDSA!="undefined"&&d instanceof KJUR.crypto.ECDSA){this._setEC(d)}else{if(typeof KJUR.crypto.DSA!="undefined"&&d instanceof KJUR.crypto.DSA){this._setDSA(d)}else{if(typeof d.rsakey!="undefined"){this.setRSAKey(d.rsakey)}else{if(typeof d.rsapem!="undefined"){this.setRSAPEM(d.rsapem)}}}}}}};YAHOO.lang.extend(KJUR.asn1.x509.SubjectPublicKeyInfo,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Time=function(c){KJUR.asn1.x509.Time.superclass.constructor.call(this);var b=null;var a=null;this.setTimeParams=function(d){this.timeParams=d};this.getEncodedHex=function(){if(this.timeParams==null){throw"timeParams shall be specified. ({'str':'130403235959Z'}}"}var d=null;if(this.type=="utc"){d=new KJUR.asn1.DERUTCTime(this.timeParams)}else{d=new KJUR.asn1.DERGeneralizedTime(this.timeParams)}this.TLV=d.getEncodedHex();return this.TLV};this.type="utc";if(typeof c!="undefined"){if(typeof c.type!="undefined"){this.type=c.type}this.timeParams=c}};YAHOO.lang.extend(KJUR.asn1.x509.Time,KJUR.asn1.ASN1Object);KJUR.asn1.x509.AlgorithmIdentifier=function(e){KJUR.asn1.x509.AlgorithmIdentifier.superclass.constructor.call(this);var a=null;var d=null;var b=null;var c=false;this.getEncodedHex=function(){if(this.nameAlg==null&&this.asn1Alg==null){throw"algorithm not specified"}if(this.nameAlg!=null&&this.asn1Alg==null){this.asn1Alg=KJUR.asn1.x509.OID.name2obj(this.nameAlg)}var f=[this.asn1Alg];if(!this.paramEmpty){f.push(this.asn1Params)}var g=new KJUR.asn1.DERSequence({array:f});this.hTLV=g.getEncodedHex();return this.hTLV};if(typeof e!="undefined"){if(typeof e.name!="undefined"){this.nameAlg=e.name}if(typeof e.asn1params!="undefined"){this.asn1Params=e.asn1params}if(typeof e.paramempty!="undefined"){this.paramEmpty=e.paramempty}}if(this.asn1Params==null){this.asn1Params=new KJUR.asn1.DERNull()}};YAHOO.lang.extend(KJUR.asn1.x509.AlgorithmIdentifier,KJUR.asn1.ASN1Object);KJUR.asn1.x509.GeneralName=function(d){KJUR.asn1.x509.GeneralName.superclass.constructor.call(this);var c=null;var b=null;var a={rfc822:"81",dns:"82",uri:"86"};this.setByParam=function(g){var f=null;var e=null;if(typeof g.rfc822!="undefined"){this.type="rfc822";e=new KJUR.asn1.DERIA5String({str:g[this.type]})}if(typeof g.dns!="undefined"){this.type="dns";e=new KJUR.asn1.DERIA5String({str:g[this.type]})}if(typeof g.uri!="undefined"){this.type="uri";e=new KJUR.asn1.DERIA5String({str:g[this.type]})}if(this.type==null){throw"unsupported type in params="+g}this.asn1Obj=new KJUR.asn1.DERTaggedObject({explicit:false,tag:a[this.type],obj:e})};this.getEncodedHex=function(){return this.asn1Obj.getEncodedHex()};if(typeof d!="undefined"){this.setByParam(d)}};YAHOO.lang.extend(KJUR.asn1.x509.GeneralName,KJUR.asn1.ASN1Object);KJUR.asn1.x509.GeneralNames=function(b){KJUR.asn1.x509.GeneralNames.superclass.constructor.call(this);var a=null;this.setByParamArray=function(e){for(var c=0;c<e.length;c++){var d=new KJUR.asn1.x509.GeneralName(e[c]);this.asn1Array.push(d)}};this.getEncodedHex=function(){var c=new KJUR.asn1.DERSequence({array:this.asn1Array});return c.getEncodedHex()};this.asn1Array=new Array();if(typeof b!="undefined"){this.setByParamArray(b)}};YAHOO.lang.extend(KJUR.asn1.x509.GeneralNames,KJUR.asn1.ASN1Object);KJUR.asn1.x509.DistributionPointName=function(b){KJUR.asn1.x509.DistributionPointName.superclass.constructor.call(this);var e=null;var c=null;var a=null;var d=null;this.getEncodedHex=function(){if(this.type!="full"){throw"currently type shall be 'full': "+this.type}this.asn1Obj=new KJUR.asn1.DERTaggedObject({explicit:false,tag:this.tag,obj:this.asn1V});this.hTLV=this.asn1Obj.getEncodedHex();return this.hTLV};if(typeof b!="undefined"){if(KJUR.asn1.x509.GeneralNames.prototype.isPrototypeOf(b)){this.type="full";this.tag="a0";this.asn1V=b}else{throw"This class supports GeneralNames only as argument"}}};YAHOO.lang.extend(KJUR.asn1.x509.DistributionPointName,KJUR.asn1.ASN1Object);KJUR.asn1.x509.DistributionPoint=function(b){KJUR.asn1.x509.DistributionPoint.superclass.constructor.call(this);var a=null;this.getEncodedHex=function(){var c=new KJUR.asn1.DERSequence();if(this.asn1DP!=null){var d=new KJUR.asn1.DERTaggedObject({explicit:true,tag:"a0",obj:this.asn1DP});c.appendASN1Object(d)}this.hTLV=c.getEncodedHex();return this.hTLV};if(typeof b!="undefined"){if(typeof b.dpobj!="undefined"){this.asn1DP=b.dpobj}}};YAHOO.lang.extend(KJUR.asn1.x509.DistributionPoint,KJUR.asn1.ASN1Object);KJUR.asn1.x509.OID=new function(a){this.atype2oidList={C:"2.5.4.6",O:"2.5.4.10",OU:"2.5.4.11",ST:"2.5.4.8",L:"2.5.4.7",CN:"2.5.4.3",};this.name2oidList={sha384:"2.16.840.1.101.3.4.2.2",sha224:"2.16.840.1.101.3.4.2.4",MD2withRSA:"1.2.840.113549.1.1.2",MD4withRSA:"1.2.840.113549.1.1.3",MD5withRSA:"1.2.840.113549.1.1.4",SHA1withRSA:"1.2.840.113549.1.1.5",SHA224withRSA:"1.2.840.113549.1.1.14",SHA256withRSA:"1.2.840.113549.1.1.11",SHA384withRSA:"1.2.840.113549.1.1.12",SHA512withRSA:"1.2.840.113549.1.1.13",SHA1withECDSA:"1.2.840.10045.4.1",SHA224withECDSA:"1.2.840.10045.4.3.1",SHA256withECDSA:"1.2.840.10045.4.3.2",SHA384withECDSA:"1.2.840.10045.4.3.3",SHA512withECDSA:"1.2.840.10045.4.3.4",dsa:"1.2.840.10040.4.1",SHA1withDSA:"1.2.840.10040.4.3",SHA224withDSA:"2.16.840.1.101.3.4.3.1",SHA256withDSA:"2.16.840.1.101.3.4.3.2",rsaEncryption:"1.2.840.113549.1.1.1",subjectKeyIdentifier:"2.5.29.14",countryName:"2.5.4.6",organization:"2.5.4.10",organizationalUnit:"2.5.4.11",stateOrProvinceName:"2.5.4.8",locality:"2.5.4.7",commonName:"2.5.4.3",keyUsage:"2.5.29.15",basicConstraints:"2.5.29.19",cRLDistributionPoints:"2.5.29.31",certificatePolicies:"2.5.29.32",authorityKeyIdentifier:"2.5.29.35",extKeyUsage:"2.5.29.37",anyExtendedKeyUsage:"2.5.29.37.0",serverAuth:"1.3.6.1.5.5.7.3.1",clientAuth:"1.3.6.1.5.5.7.3.2",codeSigning:"1.3.6.1.5.5.7.3.3",emailProtection:"1.3.6.1.5.5.7.3.4",timeStamping:"1.3.6.1.5.5.7.3.8",ocspSigning:"1.3.6.1.5.5.7.3.9",ecPublicKey:"1.2.840.10045.2.1",secp256r1:"1.2.840.10045.3.1.7",secp256k1:"1.3.132.0.10",secp384r1:"1.3.132.0.34",};this.objCache={};this.name2obj=function(b){if(typeof this.objCache[b]!="undefined"){return this.objCache[b]}if(typeof this.name2oidList[b]=="undefined"){throw"Name of ObjectIdentifier not defined: "+b}var c=this.name2oidList[b];var d=new KJUR.asn1.DERObjectIdentifier({oid:c});this.objCache[b]=d;return d};this.atype2obj=function(b){if(typeof this.objCache[b]!="undefined"){return this.objCache[b]}if(typeof this.atype2oidList[b]=="undefined"){throw"AttributeType name undefined: "+b}var c=this.atype2oidList[b];var d=new KJUR.asn1.DERObjectIdentifier({oid:c});this.objCache[b]=d;return d}};KJUR.asn1.x509.X509Util=new function(){this.getPKCS8PubKeyPEMfromRSAKey=function(i){var h=null;var f=KJUR.asn1.ASN1Util.bigIntToMinTwosComplementsHex(i.n);var j=KJUR.asn1.ASN1Util.integerToByteHex(i.e);var a=new KJUR.asn1.DERInteger({hex:f});var g=new KJUR.asn1.DERInteger({hex:j});var l=new KJUR.asn1.DERSequence({array:[a,g]});var c=l.getEncodedHex();var d=new KJUR.asn1.x509.AlgorithmIdentifier({name:"rsaEncryption"});var b=new KJUR.asn1.DERBitString({hex:"00"+c});var k=new KJUR.asn1.DERSequence({array:[d,b]});var e=k.getEncodedHex();var h=KJUR.asn1.ASN1Util.getPEMStringFromHex(e,"PUBLIC KEY");return h}};KJUR.asn1.x509.X509Util.newCertPEM=function(f){var c=KJUR.asn1.x509;var e=new c.TBSCertificate();if(f.serial!==undefined){e.setSerialNumberByParam(f.serial)}else{throw"serial number undefined."}if(typeof f.sigalg.name=="string"){e.setSignatureAlgByParam(f.sigalg)}else{throw"unproper signature algorithm name"}if(f.issuer!==undefined){e.setIssuerByParam(f.issuer)}else{throw"issuer name undefined."}if(f.notbefore!==undefined){e.setNotBeforeByParam(f.notbefore)}else{throw"notbefore undefined."}if(f.notafter!==undefined){e.setNotAfterByParam(f.notafter)}else{throw"notafter undefined."}if(f.subject!==undefined){e.setSubjectByParam(f.subject)}else{throw"subject name undefined."}if(f.sbjpubkey!==undefined){e.setSubjectPublicKeyByGetKey(f.sbjpubkey)}else{throw"subject public key undefined."}if(f.ext.length!==undefined){for(var b=0;b<f.ext.length;b++){for(key in f.ext[b]){e.appendExtensionByName(key,f.ext[b][key])}}}var d=null;if(f.cakey){d=KEYUTIL.getKey.apply(null,f.cakey)}else{throw"ca key undefined"}var a=new c.Certificate({tbscertobj:e,prvkeyobj:d});a.sign();return a.getPEMString()};
View
140 crypto-1.1.js
@@ -1,4 +1,4 @@
-/*! crypto-1.1.4.js (c) 2013 Kenji Urushima | kjur.github.com/jsrsasign/license
+/*! crypto-1.1.5.js (c) 2013 Kenji Urushima | kjur.github.com/jsrsasign/license
*/
/*
* crypto.js - Cryptographic Algorithm Provider class
@@ -16,7 +16,7 @@
* @fileOverview
* @name crypto-1.1.js
* @author Kenji Urushima kenji.urushima@gmail.com
- * @version 1.1.4 (2013-Sep-24)
+ * @version 1.1.5 (2013-Oct-06)
* @since jsrsasign 2.2
* @license <a href="http://kjur.github.io/jsrsasign/license/">MIT License</a>
*/
@@ -98,6 +98,10 @@ KJUR.crypto.Util = new function() {
'SHA512withECDSA': 'cryptojs/jsrsa',
'RIPEMD160withECDSA': 'cryptojs/jsrsa',
+ 'SHA1withDSA': 'cryptojs/jsrsa',
+ 'SHA224withDSA': 'cryptojs/jsrsa',
+ 'SHA256withDSA': 'cryptojs/jsrsa',
+
'MD5withRSAandMGF1': 'cryptojs/jsrsa',
'SHA1withRSAandMGF1': 'cryptojs/jsrsa',
'SHA224withRSAandMGF1': 'cryptojs/jsrsa',
@@ -641,9 +645,8 @@ KJUR.crypto.Mac = function(params) {
* <br/>
* As for params of constructor's argument, it can be specify following attributes:
* <ul>
- * <li>alg - signature algorithm name (ex. {MD5,SHA1,SHA224,SHA256,SHA384,SHA512,RIPEMD160}withRSA)</li>
+ * <li>alg - signature algorithm name (ex. {MD5,SHA1,SHA224,SHA256,SHA384,SHA512,RIPEMD160}with{RSA,ECDSA,DSA})</li>
* <li>provider - currently 'cryptojs/jsrsa' only</li>
- * <li>prvkeypem - PEM string of signer's private key. If this specified, no need to call initSign(prvKey).</li>
* </ul>
* <h4>SUPPORTED ALGORITHMS AND PROVIDERS</h4>
* This Signature class supports following signature algorithm and provider names:
@@ -669,46 +672,46 @@ KJUR.crypto.Mac = function(params) {
* <li>SHA384withRSAandMGF1 - cryptojs/jsrsa</li>
* <li>SHA512withRSAandMGF1 - cryptojs/jsrsa</li>
* <li>RIPEMD160withRSAandMGF1 - cryptojs/jsrsa</li>
+ * <li>SHA1withDSA - cryptojs/jsrsa</li>
+ * <li>SHA224withDSA - cryptojs/jsrsa</li>
+ * <li>SHA256withDSA - cryptojs/jsrsa</li>
* </ul>
* Here are supported elliptic cryptographic curve names and their aliases for ECDSA:
* <ul>
* <li>secp256k1</li>
* <li>secp256r1, NIST P-256, P-256, prime256v1</li>
* <li>secp384r1, NIST P-384, P-384</li>
* </ul>
+ * NOTE1: DSA signing algorithm is also supported since crypto 1.1.5.
* <h4>EXAMPLES</h4>
* @example
* // RSA signature generation
- * var sig = new KJUR.crypto.Signature({"alg": "SHA1withRSA", "prov": "cryptojs/jsrsa"});
- * sig.initSign(prvKey);
+ * var sig = new KJUR.crypto.Signature({"alg": "SHA1withRSA"});
+ * sig.init(prvKeyPEM);
* sig.updateString('aaa');
* var hSigVal = sig.sign();
*
- * // RSA signature validation
- * var sig2 = new KJUR.crypto.Signature({"alg": "SHA1withRSA", "prov": "cryptojs/jsrsa"});
- * sig2.initVerifyByCertificatePEM(cert)
+ * // DSA signature validation
+ * var sig2 = new KJUR.crypto.Signature({"alg": "SHA1withDSA"});
+ * sig2.init(certPEM);
* sig.updateString('aaa');
* var isValid = sig2.verify(hSigVal);
*
- * // EC key generation
- * var ec = new KJUR.crypto.ECDSA({'curve': 'secp256r1'});
- * var keypair = ec.generateKeyPairHex();
- *
* // ECDSA signing
- * var sig = new KJUR.crypto.Signature({'alg':'SHA1withECDSA', 'prov':'cryptojs/jsrsa'});
- * sig.initSign({'ecprvhex': keypair.ecprvhex, 'eccurvename': 'secp256r1'});
+ * var sig = new KJUR.crypto.Signature({'alg':'SHA1withECDSA'});
+ * sig.init(prvKeyPEM);
* sig.updateString('aaa');
* var sigValueHex = sig.sign();
*
* // ECDSA verifying
- * var sig2 = new KJUR.crypto.Signature({'alg':'SHA1withECDSA', 'prov':'cryptojs/jsrsa'});
- * sig.initVerifyByPublicKey({'ecpubhex': keypair.ecpubhex, 'eccurvename': 'secp256r1'});
+ * var sig2 = new KJUR.crypto.Signature({'alg':'SHA1withECDSA'});
+ * sig.init(certPEM);
* sig.updateString('aaa');
* var isValid = sig.verify(sigValueHex);
*/
KJUR.crypto.Signature = function(params) {
- var prvKey = null; // RSAKey/KJUR.crypto.ECDSA object for signing
- var pubKey = null; // RSAKey/KJUR.crypto.ECDSA object for verifying
+ var prvKey = null; // RSAKey/KJUR.crypto.{ECDSA,DSA} object for signing
+ var pubKey = null; // RSAKey/KJUR.crypto.{ECDSA,DSA} object for verifying
var md = null; // KJUR.crypto.MessageDigest object
var sig = null;
@@ -766,62 +769,26 @@ KJUR.crypto.Signature = function(params) {
this.mdAlgName + "/" + ex;
}
- this.init = function(key, pass) {
- if (typeof key == "string") {
- if (key.indexOf("-END ENCRYPTED PRIVATE KEY-", 0) != -1 &&
- pass !== undefined) {
- this.prvKey = PKCS5PKEY.getKeyFromEncryptedPKCS8PEM(key, pass);
- this.state = "SIGN";
- } else if (key.indexOf("-END RSA PRIVATE KEY-", 0) != -1 &&
- key.indexOf(",ENCRYPTED", 0) != -1 &&
- pass !== undefined) {
- this.prvKey = PKCS5PKEY.getRSAKeyFromEncryptedPKCS5PEM(key, pass);
- this.state = "SIGN";
-
- } else if (key.indexOf("-END RSA PRIVATE KEY-", 0) != -1 &&
- key.indexOf(",ENCRYPTED", 0) == -1 &&
- pass === undefined) {
- this.prvKey = new RSAKey();
- this.prvKey.readPrivateKeyFromPEMString(key); // deprecated but,
- this.state = "SIGN";
- } else if (key.indexOf("-END PRIVATE KEY-", 0) != -1 &&
- pass === undefined) {
- this.prvKey = PKCS5PKEY.getKeyFromPlainPrivatePKCS8PEM(key);
- this.state = "SIGN";
- } else if (key.indexOf("-END PUBLIC KEY-", 0) != -1 &&
- pass === undefined) {
- this.pubKey = PKCS5PKEY.getKeyFromPublicPKCS8PEM(key);
- this.state = "VERIFY";
- } else if ((key.indexOf("-END CERTIFICATE-", 0) != -1 ||
- key.indexOf("-END X509 CERTIFICATE-", 0) != -1 ||
- key.indexOf("-END TRUSTED CERTIFICATE-", 0) != -1) &&
- pass === undefined) {
- this.pubKey = X509.getPublicKeyFromCertPEM(key);
- this.state = "VERIFY";
-
- } else {
- throw "unsupported arguments";
- }
- } else if (key instanceof RSAKey) {
- if (key.d != null) {
- this.prvKey = key;
- this.state = "SIGN";
- } else if (key.n != null) {
- this.pubKey = key;
- this.state = "VERIFY";
- } else {
- throw "RSAKey object is not private and public key";
- }
- } else if (key instanceof KJUR.crypto.ECDSA) {
- if (key.prvKeyHex != null) {
- this.prvKey = key;
- this.state = "SIGN";
- } else if (key.pubKeyHex != null) {
- this.pubKey = key;
- this.state = "VERIFY";
+ this.init = function(keyparam, pass) {
+ var keyObj = null;
+ try {
+ if (pass === undefined) {
+ keyObj = KEYUTIL.getKey(keyparam);
} else {
- throw "ECDSA object is not private and public key";
+ keyObj = KEYUTIL.getKey(keyparam, pass);
}
+ } catch (ex) {
+ throw "init failed:" + ex;
+ }
+
+ if (keyObj.isPrivate === true) {
+ this.prvKey = keyObj;
+ this.state = "SIGN";
+ } else if (keyObj.isPublic === true) {
+ this.pubKey = keyObj;
+ this.state = "VERIFY";
+ } else {
+ throw "init failed.:" + keyObj;
}
};
@@ -878,6 +845,8 @@ KJUR.crypto.Signature = function(params) {
this.mdAlgName);
} else if (this.prvKey instanceof KJUR.crypto.ECDSA) {
this.hSign = this.prvKey.signWithMessageHash(this.sHashHex);
+ } else if (this.prvKey instanceof KJUR.crypto.DSA) {
+ this.hSign = this.prvKey.signWithMessageHash(this.sHashHex);
} else {
throw "Signature: unsupported public key alg: " + this.pubkeyAlgName;
}
@@ -905,6 +874,8 @@ KJUR.crypto.Signature = function(params) {
return this.pubKey.verifyWithMessageHash(this.sHashHex, hSigVal);
} else if (this.pubKey instanceof KJUR.crypto.ECDSA) {
return this.pubKey.verifyWithMessageHash(this.sHashHex, hSigVal);
+ } else if (this.pubKey instanceof KJUR.crypto.DSA) {
+ return this.pubKey.verifyWithMessageHash(this.sHashHex, hSigVal);
} else {
throw "Signature: unsupported public key alg: " + this.pubkeyAlgName;
}
@@ -917,29 +888,32 @@ KJUR.crypto.Signature = function(params) {
* @name init
* @memberOf KJUR.crypto.Signature
* @function
- * @param {Object} key specifying public or private key as plain/encrypted PKCS#5/8 PEM file, certificate PEM or {@ RSAKey} or {@link KJUR.crypto.ECDSA} object
+ * @param {Object} key specifying public or private key as plain/encrypted PKCS#5/8 PEM file, certificate PEM or {@link RSAKey}, {@link KJUR.crypto.DSA} or {@link KJUR.crypto.ECDSA} object
* @param {String} pass (OPTION) passcode for encrypted private key
* @since crypto 1.1.3
* @description
* This method is very useful initialize method for Signature class since
- * you just specify key then this method will automatically initialize it.
+ * you just specify key then this method will automatically initialize it
+ * using {@link KEYUTIL.getKey} method.
* As for 'key', following argument type are supported:
* <h5>signing</h5>
* <ul>
* <li>PEM formatted PKCS#8 encrypted RSA/ECDSA private key concluding "BEGIN ENCRYPTED PRIVATE KEY"</li>
- * <li>PEM formatted PKCS#5 encrypted RSA private key concluding "BEGIN RSA PRIVATE KEY" and ",ENCRYPTED"</li>
+ * <li>PEM formatted PKCS#5 encrypted RSA/DSA private key concluding "BEGIN RSA/DSA PRIVATE KEY" and ",ENCRYPTED"</li>
* <li>PEM formatted PKCS#8 plain RSA/ECDSA private key concluding "BEGIN PRIVATE KEY"</li>
- * <li>PEM formatted PKCS#5 plain RSA private key concluding "BEGIN RSA PRIVATE KEY" without ",ENCRYPTED"</li>
+ * <li>PEM formatted PKCS#5 plain RSA/DSA private key concluding "BEGIN RSA/DSA PRIVATE KEY" without ",ENCRYPTED"</li>
* <li>RSAKey object of private key</li>
* <li>KJUR.crypto.ECDSA object of private key</li>
+ * <li>KJUR.crypto.DSA object of private key</li>
* </ul>
* <h5>verification</h5>
* <ul>
- * <li>PEM formatted PKCS#8 RSA/ECDSA public key concluding "BEGIN PUBLIC KEY"</li>
- * <li>PEM formatted X.509 certificate with RSA/ECC public key concluding
+ * <li>PEM formatted PKCS#8 RSA/EC/DSA public key concluding "BEGIN PUBLIC KEY"</li>
+ * <li>PEM formatted X.509 certificate with RSA/EC/DSA public key concluding
* "BEGIN CERTIFICATE", "BEGIN X509 CERTIFICATE" or "BEGIN TRUSTED CERTIFICATE".</li>
* <li>RSAKey object of public key</li>
* <li>KJUR.crypto.ECDSA object of public key</li>
+ * <li>KJUR.crypto.DSA object of public key</li>
* </ul>
* @example
* sig.init(sCertPEM)
@@ -956,6 +930,7 @@ KJUR.crypto.Signature = function(params) {
* @function
* @param {Object} param RSAKey object of public key or associative array for ECDSA
* @since 1.0.2
+ * @deprecated from crypto 1.1.5. please use init() method instead.
* @description
* Public key information will be provided as 'param' parameter and the value will be
* following:
@@ -980,6 +955,7 @@ KJUR.crypto.Signature = function(params) {
* @function
* @param {String} certPEM PEM formatted string of certificate
* @since 1.0.2
+ * @deprecated from crypto 1.1.5. please use init() method instead.
* @description
* @example
* sig.initVerifyByCertificatePEM(certPEM)
@@ -995,6 +971,7 @@ KJUR.crypto.Signature = function(params) {
* @memberOf KJUR.crypto.Signature
* @function
* @param {Object} param RSAKey object of public key or associative array for ECDSA
+ * @deprecated from crypto 1.1.5. please use init() method instead.
* @description
* Private key information will be provided as 'param' parameter and the value will be
* following:
@@ -1149,7 +1126,8 @@ KJUR.crypto.OID = new function() {
'2b8104000a': 'secp256k1',
'2b81040023': 'secp521r1',
'2b81040022': 'secp384r1',
+ '2a8648ce380403': 'SHA1withDSA', // 1.2.840.10040.4.3
+ '608648016503040301': 'SHA224withDSA', // 2.16.840.1.101.3.4.3.1
+ '608648016503040302': 'SHA256withDSA', // 2.16.840.1.101.3.4.3.2
};
};
-
-
View
4 crypto-1.1.min.js
@@ -1,3 +1,3 @@
-/*! crypto-1.1.4.js (c) 2013 Kenji Urushima | kjur.github.com/jsrsasign/license
+/*! crypto-1.1.5.js (c) 2013 Kenji Urushima | kjur.github.com/jsrsasign/license
*/
-if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.crypto=="undefined"||!KJUR.crypto){KJUR.crypto={}}KJUR.crypto.Util=new function(){this.DIGESTINFOHEAD={sha1:"3021300906052b0e03021a05000414",sha224:"302d300d06096086480165030402040500041c",sha256:"3031300d060960864801650304020105000420",sha384:"3041300d060960864801650304020205000430",sha512:"3051300d060960864801650304020305000440",md2:"3020300c06082a864886f70d020205000410",md5:"3020300c06082a864886f70d020505000410",ripemd160:"3021300906052b2403020105000414",};this.DEFAULTPROVIDER={md5:"cryptojs",sha1:"cryptojs",sha224:"cryptojs",sha256:"cryptojs",sha384:"cryptojs",sha512:"cryptojs",ripemd160:"cryptojs",hmacmd5:"cryptojs",hmacsha1:"cryptojs",hmacsha224:"cryptojs",hmacsha256:"cryptojs",hmacsha384:"cryptojs",hmacsha512:"cryptojs",hmacripemd160:"cryptojs",MD5withRSA:"cryptojs/jsrsa",SHA1withRSA:"cryptojs/jsrsa",SHA224withRSA:"cryptojs/jsrsa",SHA256withRSA:"cryptojs/jsrsa",SHA384withRSA:"cryptojs/jsrsa",SHA512withRSA:"cryptojs/jsrsa",RIPEMD160withRSA:"cryptojs/jsrsa",MD5withECDSA:"cryptojs/jsrsa",SHA1withECDSA:"cryptojs/jsrsa",SHA224withECDSA:"cryptojs/jsrsa",SHA256withECDSA:"cryptojs/jsrsa",SHA384withECDSA:"cryptojs/jsrsa",SHA512withECDSA:"cryptojs/jsrsa",RIPEMD160withECDSA:"cryptojs/jsrsa",MD5withRSAandMGF1:"cryptojs/jsrsa",SHA1withRSAandMGF1:"cryptojs/jsrsa",SHA224withRSAandMGF1:"cryptojs/jsrsa",SHA256withRSAandMGF1:"cryptojs/jsrsa",SHA384withRSAandMGF1:"cryptojs/jsrsa",SHA512withRSAandMGF1:"cryptojs/jsrsa",RIPEMD160withRSAandMGF1:"cryptojs/jsrsa",};this.CRYPTOJSMESSAGEDIGESTNAME={md5:"CryptoJS.algo.MD5",sha1:"CryptoJS.algo.SHA1",sha224:"CryptoJS.algo.SHA224",sha256:"CryptoJS.algo.SHA256",sha384:"CryptoJS.algo.SHA384",sha512:"CryptoJS.algo.SHA512",ripemd160:"CryptoJS.algo.RIPEMD160"};this.getDigestInfoHex=function(a,b){if(typeof this.DIGESTINFOHEAD[b]=="undefined"){throw"alg not supported in Util.DIGESTINFOHEAD: "+b}return this.DIGESTINFOHEAD[b]+a};this.getPaddedDigestInfoHex=function(h,a,j){var c=this.getDigestInfoHex(h,a);var d=j/4;if(c.length+22>d){throw"key is too short for SigAlg: keylen="+j+","+a}var b="0001";var k="00"+c;var g="";var l=d-b.length-k.length;for(var f=0;f<l;f+=2){g+="ff"}var e=b+g+k;return e};this.hashString=function(a,c){var b=new KJUR.crypto.MessageDigest({alg:c});return b.digestString(a)};this.hashHex=function(b,c){var a=new KJUR.crypto.MessageDigest({alg:c});return a.digestHex(b)};this.sha1=function(a){var b=new KJUR.crypto.MessageDigest({alg:"sha1",prov:"cryptojs"});return b.digestString(a)};this.sha256=function(a){var b=new KJUR.crypto.MessageDigest({alg:"sha256",prov:"cryptojs"});return b.digestString(a)};this.sha256Hex=function(a){var b=new KJUR.crypto.MessageDigest({alg:"sha256",prov:"cryptojs"});return b.digestHex(a)};this.sha512=function(a){var b=new KJUR.crypto.MessageDigest({alg:"sha512",prov:"cryptojs"});return b.digestString(a)};this.sha512Hex=function(a){var b=new KJUR.crypto.MessageDigest({alg:"sha512",prov:"cryptojs"});return b.digestHex(a)};this.md5=function(a){var b=new KJUR.crypto.MessageDigest({alg:"md5",prov:"cryptojs"});return b.digestString(a)};this.ripemd160=function(a){var b=new KJUR.crypto.MessageDigest({alg:"ripemd160",prov:"cryptojs"});return b.digestString(a)};this.getCryptoJSMDByName=function(a){}};KJUR.crypto.MessageDigest=function(params){var md=null;var algName=null;var provName=null;this.setAlgAndProvider=function(alg,prov){if(alg!=null&&prov===undefined){prov=KJUR.crypto.Util.DEFAULTPROVIDER[alg]}if(":md5:sha1:sha224:sha256:sha384:sha512:ripemd160:".indexOf(alg)!=-1&&prov=="cryptojs"){try{this.md=eval(KJUR.crypto.Util.CRYPTOJSMESSAGEDIGESTNAME[alg]).create()}catch(ex){throw"setAlgAndProvider hash alg set fail alg="+alg+"/"+ex}this.updateString=function(str){this.md.update(str)};this.updateHex=function(hex){var wHex=CryptoJS.enc.Hex.parse(hex);this.md.update(wHex)};this.digest=function(){var hash=this.md.finalize();return hash.toString(CryptoJS.enc.Hex)};this.digestString=function(str){this.updateString(str);return this.digest()};this.digestHex=function(hex){this.updateHex(hex);return this.digest()}}if(":sha256:".indexOf(alg)!=-1&&prov=="sjcl"){try{this.md=new sjcl.hash.sha256()}catch(ex){throw"setAlgAndProvider hash alg set fail alg="+alg+"/"+ex}this.updateString=function(str){this.md.update(str)};this.updateHex=function(hex){var baHex=sjcl.codec.hex.toBits(hex);this.md.update(baHex)};this.digest=function(){var hash=this.md.finalize();return sjcl.codec.hex.fromBits(hash)};this.digestString=function(str){this.updateString(str);return this.digest()};this.digestHex=function(hex){this.updateHex(hex);return this.digest()}}};this.updateString=function(str){throw"updateString(str) not supported for this alg/prov: "+this.algName+"/"+this.provName};this.updateHex=function(hex){throw"updateHex(hex) not supported for this alg/prov: "+this.algName+"/"+this.provName};this.digest=function(){throw"digest() not supported for this alg/prov: "+this.algName+"/"+this.provName};this.digestString=function(str){throw"digestString(str) not supported for this alg/prov: "+this.algName+"/"+this.provName};this.digestHex=function(hex){throw"digestHex(hex) not supported for this alg/prov: "+this.algName+"/"+this.provName};if(params!==undefined){if(params.alg!==undefined){this.algName=params.alg;if(params.prov===undefined){this.provName=KJUR.crypto.Util.DEFAULTPROVIDER[this.algName]}this.setAlgAndProvider(this.algName,this.provName)}}};KJUR.crypto.Mac=function(params){var mac=null;var pass=null;var algName=null;var provName=null;var algProv=null;this.setAlgAndProvider=function(alg,prov){if(alg==null){alg="hmacsha1"}alg=alg.toLowerCase();if(alg.substr(0,4)!="hmac"){throw"setAlgAndProvider unsupported HMAC alg: "+alg}if(prov===undefined){prov=KJUR.crypto.Util.DEFAULTPROVIDER[alg]}this.algProv=alg+"/"+prov;var hashAlg=alg.substr(4);if(":md5:sha1:sha224:sha256:sha384:sha512:ripemd160:".indexOf(hashAlg)!=-1&&prov=="cryptojs"){try{var mdObj=eval(KJUR.crypto.Util.CRYPTOJSMESSAGEDIGESTNAME[hashAlg]);this.mac=CryptoJS.algo.HMAC.create(mdObj,this.pass)}catch(ex){throw"setAlgAndProvider hash alg set fail hashAlg="+hashAlg+"/"+ex}this.updateString=function(str){this.mac.update(str)};this.updateHex=function(hex){var wHex=CryptoJS.enc.Hex.parse(hex);this.mac.update(wHex)};this.doFinal=function(){var hash=this.mac.finalize();return hash.toString(CryptoJS.enc.Hex)};this.doFinalString=function(str){this.updateString(str);return this.doFinal()};this.doFinalHex=function(hex){this.updateHex(hex);return this.doFinal()}}};this.updateString=function(str){throw"updateString(str) not supported for this alg/prov: "+this.algProv};this.updateHex=function(hex){throw"updateHex(hex) not supported for this alg/prov: "+this.algProv};this.doFinal=function(){throw"digest() not supported for this alg/prov: "+this.algProv};this.doFinalString=function(str){throw"digestString(str) not supported for this alg/prov: "+this.algProv};this.doFinalHex=function(hex){throw"digestHex(hex) not supported for this alg/prov: "+this.algProv};if(params!==undefined){if(params.pass!==undefined){this.pass=params.pass}if(params.alg!==undefined){this.algName=params.alg;if(params.prov===undefined){this.provName=KJUR.crypto.Util.DEFAULTPROVIDER[this.algName]}this.setAlgAndProvider(this.algName,this.provName)}}};KJUR.crypto.Signature=function(o){var q=null;var n=null;var r=null;var c=null;var l=null;var d=null;var k=null;var h=null;var p=null;var e=null;var b=-1;var g=null;var j=null;var a=null;var i=null;var f=null;this._setAlgNames=function(){if(this.algName.match(/^(.+)with(.+)$/)){this.mdAlgName=RegExp.$1.toLowerCase();this.pubkeyAlgName=RegExp.$2.toLowerCase()}};this._zeroPaddingOfSignature=function(x,w){var v="";var t=w/4-x.length;for(var u=0;u<t;u++){v=v+"0"}return v+x};this.setAlgAndProvider=function(u,t){this._setAlgNames();if(t!="cryptojs/jsrsa"){throw"provider not supported: "+t}if(":md5:sha1:sha224:sha256:sha384:sha512:ripemd160:".indexOf(this.mdAlgName)!=-1){try{this.md=new KJUR.crypto.MessageDigest({alg:this.mdAlgName})}catch(s){throw"setAlgAndProvider hash alg set fail alg="+this.mdAlgName+"/"+s}this.init=function(v,w){if(typeof v=="string"){if(v.indexOf("-END ENCRYPTED PRIVATE KEY-",0)!=-1&&w!==undefined){this.prvKey=PKCS5PKEY.getKeyFromEncryptedPKCS8PEM(v,w);this.state="SIGN"}else{if(v.indexOf("-END RSA PRIVATE KEY-",0)!=-1&&v.indexOf(",ENCRYPTED",0)!=-1&&w!==undefined){this.prvKey=PKCS5PKEY.getRSAKeyFromEncryptedPKCS5PEM(v,w);this.state="SIGN"}else{if(v.indexOf("-END RSA PRIVATE KEY-",0)!=-1&&v.indexOf(",ENCRYPTED",0)==-1&&w===undefined){this.prvKey=new RSAKey();this.prvKey.readPrivateKeyFromPEMString(v);this.state="SIGN"}else{if(v.indexOf("-END PRIVATE KEY-",0)!=-1&&w===undefined){this.prvKey=PKCS5PKEY.getKeyFromPlainPrivatePKCS8PEM(v);this.state="SIGN"}else{if(v.indexOf("-END PUBLIC KEY-",0)!=-1&&w===undefined){this.pubKey=PKCS5PKEY.getKeyFromPublicPKCS8PEM(v);this.state="VERIFY"}else{if((v.indexOf("-END CERTIFICATE-",0)!=-1||v.indexOf("-END X509 CERTIFICATE-",0)!=-1||v.indexOf("-END TRUSTED CERTIFICATE-",0)!=-1)&&w===undefined){this.pubKey=X509.getPublicKeyFromCertPEM(v);this.state="VERIFY"}else{throw"unsupported arguments"}}}}}}}else{if(v instanceof RSAKey){if(v.d!=null){this.prvKey=v;this.state="SIGN"}else{if(v.n!=null){this.pubKey=v;this.state="VERIFY"}else{throw"RSAKey object is not private and public key"}}}else{if(v instanceof KJUR.crypto.ECDSA){if(v.prvKeyHex!=null){this.prvKey=v;this.state="SIGN"}else{if(v.pubKeyHex!=null){this.pubKey=v;this.state="VERIFY"}else{throw"ECDSA object is not private and public key"}}}}}};this.initSign=function(v){if(typeof v.ecprvhex=="string"&&typeof v.eccurvename=="string"){this.ecprvhex=v.ecprvhex;this.eccurvename=v.eccurvename}else{this.prvKey=v}this.state="SIGN"};this.initVerifyByPublicKey=function(v){if(typeof v.ecpubhex=="string"&&typeof v.eccurvename=="string"){this.ecpubhex=v.ecpubhex;this.eccurvename=v.eccurvename}else{if(v instanceof KJUR.crypto.ECDSA){this.pubKey=v}else{if(v instanceof RSAKey){this.pubKey=v}}}this.state="VERIFY"};this.initVerifyByCertificatePEM=function(v){var w=new X509();w.readCertPEM(v);this.pubKey=w.subjectPublicKeyRSA;this.state="VERIFY"};this.updateString=function(v){this.md.updateString(v)};this.updateHex=function(v){this.md.updateHex(v)};this.sign=function(){this.sHashHex=this.md.digest();if(typeof this.ecprvhex!="undefined"&&typeof this.eccurvename!="undefined"){var v=new KJUR.crypto.ECDSA({curve:this.eccurvename});this.hSign=v.signHex(this.sHashHex,this.ecprvhex)}else{if(this.pubkeyAlgName=="rsaandmgf1"){this.hSign=this.prvKey.signWithMessageHashPSS(this.sHashHex,this.mdAlgName,this.pssSaltLen)}else{if(this.pubkeyAlgName=="rsa"){this.hSign=this.prvKey.signWithMessageHash(this.sHashHex,this.mdAlgName)}else{if(this.prvKey instanceof KJUR.crypto.ECDSA){this.hSign=this.prvKey.signWithMessageHash(this.sHashHex)}else{throw"Signature: unsupported public key alg: "+this.pubkeyAlgName}}}}return this.hSign};this.signString=function(v){this.updateString(v);this.sign()};this.signHex=function(v){this.updateHex(v);this.sign()};this.verify=function(v){this.sHashHex=this.md.digest();if(typeof this.ecpubhex!="undefined"&&typeof this.eccurvename!="undefined"){var w=new KJUR.crypto.ECDSA({curve:this.eccurvename});return w.verifyHex(this.sHashHex,v,this.ecpubhex)}else{if(this.pubkeyAlgName=="rsaandmgf1"){return this.pubKey.verifyWithMessageHashPSS(this.sHashHex,v,this.mdAlgName,this.pssSaltLen)}else{if(this.pubkeyAlgName=="rsa"){return this.pubKey.verifyWithMessageHash(this.sHashHex,v)}else{if(this.pubKey instanceof KJUR.crypto.ECDSA){return this.pubKey.verifyWithMessageHash(this.sHashHex,v)}else{throw"Signature: unsupported public key alg: "+this.pubkeyAlgName}}}}}}};this.init=function(s,t){throw"init(key, pass) not supported for this alg:prov="+this.algProvName};this.initVerifyByPublicKey=function(s){throw"initVerifyByPublicKey(rsaPubKeyy) not supported for this alg:prov="+this.algProvName};this.initVerifyByCertificatePEM=function(s){throw"initVerifyByCertificatePEM(certPEM) not supported for this alg:prov="+this.algProvName};this.initSign=function(s){throw"initSign(prvKey) not supported for this alg:prov="+this.algProvName};this.updateString=function(s){throw"updateString(str) not supported for this alg:prov="+this.algProvName};this.updateHex=function(s){throw"updateHex(hex) not supported for this alg:prov="+this.algProvName};this.sign=function(){throw"sign() not supported for this alg:prov="+this.algProvName};this.signString=function(s){throw"digestString(str) not supported for this alg:prov="+this.algProvName};this.signHex=function(s){throw"digestHex(hex) not supported for this alg:prov="+this.algProvName};this.verify=function(s){throw"verify(hSigVal) not supported for this alg:prov="+this.algProvName};this.initParams=o;if(o!==undefined){if(o.alg!==undefined){this.algName=o.alg;if(o.prov===undefined){this.provName=KJUR.crypto.Util.DEFAULTPROVIDER[this.algName]}else{this.provName=o.prov}this.algProvName=this.algName+":"+this.provName;this.setAlgAndProvider(this.algName,this.provName);this._setAlgNames()}if(o.psssaltlen!==undefined){this.pssSaltLen=o.psssaltlen}if(o.prvkeypem!==undefined){if(o.prvkeypas!==undefined){throw"both prvkeypem and prvkeypas parameters not supported"}else{try{var q=new RSAKey();q.readPrivateKeyFromPEMString(o.prvkeypem);this.initSign(q)}catch(m){throw"fatal error to load pem private key: "+m}}}}};KJUR.crypto.OID=new function(){this.oidhex2name={"2a864886f70d010101":"rsaEncryption","2a8648ce3d0201":"ecPublicKey","2a8648ce3d030107":"secp256r1","2b8104001f":"secp192k1","2b81040021":"secp224r1","2b8104000a":"secp256k1","2b81040023":"secp521r1","2b81040022":"secp384r1",}};
+if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.crypto=="undefined"||!KJUR.crypto){KJUR.crypto={}}KJUR.crypto.Util=new function(){this.DIGESTINFOHEAD={sha1:"3021300906052b0e03021a05000414",sha224:"302d300d06096086480165030402040500041c",sha256:"3031300d060960864801650304020105000420",sha384:"3041300d060960864801650304020205000430",sha512:"3051300d060960864801650304020305000440",md2:"3020300c06082a864886f70d020205000410",md5:"3020300c06082a864886f70d020505000410",ripemd160:"3021300906052b2403020105000414",};this.DEFAULTPROVIDER={md5:"cryptojs",sha1:"cryptojs",sha224:"cryptojs",sha256:"cryptojs",sha384:"cryptojs",sha512:"cryptojs",ripemd160:"cryptojs",hmacmd5:"cryptojs",hmacsha1:"cryptojs",hmacsha224:"cryptojs",hmacsha256:"cryptojs",hmacsha384:"cryptojs",hmacsha512:"cryptojs",hmacripemd160:"cryptojs",MD5withRSA:"cryptojs/jsrsa",SHA1withRSA:"cryptojs/jsrsa",SHA224withRSA:"cryptojs/jsrsa",SHA256withRSA:"cryptojs/jsrsa",SHA384withRSA:"cryptojs/jsrsa",SHA512withRSA:"cryptojs/jsrsa",RIPEMD160withRSA:"cryptojs/jsrsa",MD5withECDSA:"cryptojs/jsrsa",SHA1withECDSA:"cryptojs/jsrsa",SHA224withECDSA:"cryptojs/jsrsa",SHA256withECDSA:"cryptojs/jsrsa",SHA384withECDSA:"cryptojs/jsrsa",SHA512withECDSA:"cryptojs/jsrsa",RIPEMD160withECDSA:"cryptojs/jsrsa",SHA1withDSA:"cryptojs/jsrsa",SHA224withDSA:"cryptojs/jsrsa",SHA256withDSA:"cryptojs/jsrsa",MD5withRSAandMGF1:"cryptojs/jsrsa",SHA1withRSAandMGF1:"cryptojs/jsrsa",SHA224withRSAandMGF1:"cryptojs/jsrsa",SHA256withRSAandMGF1:"cryptojs/jsrsa",SHA384withRSAandMGF1:"cryptojs/jsrsa",SHA512withRSAandMGF1:"cryptojs/jsrsa",RIPEMD160withRSAandMGF1:"cryptojs/jsrsa",};this.CRYPTOJSMESSAGEDIGESTNAME={md5:"CryptoJS.algo.MD5",sha1:"CryptoJS.algo.SHA1",sha224:"CryptoJS.algo.SHA224",sha256:"CryptoJS.algo.SHA256",sha384:"CryptoJS.algo.SHA384",sha512:"CryptoJS.algo.SHA512",ripemd160:"CryptoJS.algo.RIPEMD160"};this.getDigestInfoHex=function(a,b){if(typeof this.DIGESTINFOHEAD[b]=="undefined"){throw"alg not supported in Util.DIGESTINFOHEAD: "+b}return this.DIGESTINFOHEAD[b]+a};this.getPaddedDigestInfoHex=function(h,a,j){var c=this.getDigestInfoHex(h,a);var d=j/4;if(c.length+22>d){throw"key is too short for SigAlg: keylen="+j+","+a}var b="0001";var k="00"+c;var g="";var l=d-b.length-k.length;for(var f=0;f<l;f+=2){g+="ff"}var e=b+g+k;return e};this.hashString=function(a,c){var b=new KJUR.crypto.MessageDigest({alg:c});return b.digestString(a)};this.hashHex=function(b,c){var a=new KJUR.crypto.MessageDigest({alg:c});return a.digestHex(b)};this.sha1=function(a){var b=new KJUR.crypto.MessageDigest({alg:"sha1",prov:"cryptojs"});return b.digestString(a)};this.sha256=function(a){var b=new KJUR.crypto.MessageDigest({alg:"sha256",prov:"cryptojs"});return b.digestString(a)};this.sha256Hex=function(a){var b=new KJUR.crypto.MessageDigest({alg:"sha256",prov:"cryptojs"});return b.digestHex(a)};this.sha512=function(a){var b=new KJUR.crypto.MessageDigest({alg:"sha512",prov:"cryptojs"});return b.digestString(a)};this.sha512Hex=function(a){var b=new KJUR.crypto.MessageDigest({alg:"sha512",prov:"cryptojs"});return b.digestHex(a)};this.md5=function(a){var b=new KJUR.crypto.MessageDigest({alg:"md5",prov:"cryptojs"});return b.digestString(a)};this.ripemd160=function(a){var b=new KJUR.crypto.MessageDigest({alg:"ripemd160",prov:"cryptojs"});return b.digestString(a)};this.getCryptoJSMDByName=function(a){}};KJUR.crypto.MessageDigest=function(params){var md=null;var algName=null;var provName=null;this.setAlgAndProvider=function(alg,prov){if(alg!=null&&prov===undefined){prov=KJUR.crypto.Util.DEFAULTPROVIDER[alg]}if(":md5:sha1:sha224:sha256:sha384:sha512:ripemd160:".indexOf(alg)!=-1&&prov=="cryptojs"){try{this.md=eval(KJUR.crypto.Util.CRYPTOJSMESSAGEDIGESTNAME[alg]).create()}catch(ex){throw"setAlgAndProvider hash alg set fail alg="+alg+"/"+ex}this.updateString=function(str){this.md.update(str)};this.updateHex=function(hex){var wHex=CryptoJS.enc.Hex.parse(hex);this.md.update(wHex)};this.digest=function(){var hash=this.md.finalize();return hash.toString(CryptoJS.enc.Hex)};this.digestString=function(str){this.updateString(str);return this.digest()};this.digestHex=function(hex){this.updateHex(hex);return this.digest()}}if(":sha256:".indexOf(alg)!=-1&&prov=="sjcl"){try{this.md=new sjcl.hash.sha256()}catch(ex){throw"setAlgAndProvider hash alg set fail alg="+alg+"/"+ex}this.updateString=function(str){this.md.update(str)};this.updateHex=function(hex){var baHex=sjcl.codec.hex.toBits(hex);this.md.update(baHex)};this.digest=function(){var hash=this.md.finalize();return sjcl.codec.hex.fromBits(hash)};this.digestString=function(str){this.updateString(str);return this.digest()};this.digestHex=function(hex){this.updateHex(hex);return this.digest()}}};this.updateString=function(str){throw"updateString(str) not supported for this alg/prov: "+this.algName+"/"+this.provName};this.updateHex=function(hex){throw"updateHex(hex) not supported for this alg/prov: "+this.algName+"/"+this.provName};this.digest=function(){throw"digest() not supported for this alg/prov: "+this.algName+"/"+this.provName};this.digestString=function(str){throw"digestString(str) not supported for this alg/prov: "+this.algName+"/"+this.provName};this.digestHex=function(hex){throw"digestHex(hex) not supported for this alg/prov: "+this.algName+"/"+this.provName};if(params!==undefined){if(params.alg!==undefined){this.algName=params.alg;if(params.prov===undefined){this.provName=KJUR.crypto.Util.DEFAULTPROVIDER[this.algName]}this.setAlgAndProvider(this.algName,this.provName)}}};KJUR.crypto.Mac=function(params){var mac=null;var pass=null;var algName=null;var provName=null;var algProv=null;this.setAlgAndProvider=function(alg,prov){if(alg==null){alg="hmacsha1"}alg=alg.toLowerCase();if(alg.substr(0,4)!="hmac"){throw"setAlgAndProvider unsupported HMAC alg: "+alg}if(prov===undefined){prov=KJUR.crypto.Util.DEFAULTPROVIDER[alg]}this.algProv=alg+"/"+prov;var hashAlg=alg.substr(4);if(":md5:sha1:sha224:sha256:sha384:sha512:ripemd160:".indexOf(hashAlg)!=-1&&prov=="cryptojs"){try{var mdObj=eval(KJUR.crypto.Util.CRYPTOJSMESSAGEDIGESTNAME[hashAlg]);this.mac=CryptoJS.algo.HMAC.create(mdObj,this.pass)}catch(ex){throw"setAlgAndProvider hash alg set fail hashAlg="+hashAlg+"/"+ex}this.updateString=function(str){this.mac.update(str)};this.updateHex=function(hex){var wHex=CryptoJS.enc.Hex.parse(hex);this.mac.update(wHex)};this.doFinal=function(){var hash=this.mac.finalize();return hash.toString(CryptoJS.enc.Hex)};this.doFinalString=function(str){this.updateString(str);return this.doFinal()};this.doFinalHex=function(hex){this.updateHex(hex);return this.doFinal()}}};this.updateString=function(str){throw"updateString(str) not supported for this alg/prov: "+this.algProv};this.updateHex=function(hex){throw"updateHex(hex) not supported for this alg/prov: "+this.algProv};this.doFinal=function(){throw"digest() not supported for this alg/prov: "+this.algProv};this.doFinalString=function(str){throw"digestString(str) not supported for this alg/prov: "+this.algProv};this.doFinalHex=function(hex){throw"digestHex(hex) not supported for this alg/prov: "+this.algProv};if(params!==undefined){if(params.pass!==undefined){this.pass=params.pass}if(params.alg!==undefined){this.algName=params.alg;if(params.prov===undefined){this.provName=KJUR.crypto.Util.DEFAULTPROVIDER[this.algName]}this.setAlgAndProvider(this.algName,this.provName)}}};KJUR.crypto.Signature=function(o){var q=null;var n=null;var r=null;var c=null;var l=null;var d=null;var k=null;var h=null;var p=null;var e=null;var b=-1;var g=null;var j=null;var a=null;var i=null;var f=null;this._setAlgNames=function(){if(this.algName.match(/^(.+)with(.+)$/)){this.mdAlgName=RegExp.$1.toLowerCase();this.pubkeyAlgName=RegExp.$2.toLowerCase()}};this._zeroPaddingOfSignature=function(x,w){var v="";var t=w/4-x.length;for(var u=0;u<t;u++){v=v+"0"}return v+x};this.setAlgAndProvider=function(u,t){this._setAlgNames();if(t!="cryptojs/jsrsa"){throw"provider not supported: "+t}if(":md5:sha1:sha224:sha256:sha384:sha512:ripemd160:".indexOf(this.mdAlgName)!=-1){try{this.md=new KJUR.crypto.MessageDigest({alg:this.mdAlgName})}catch(s){throw"setAlgAndProvider hash alg set fail alg="+this.mdAlgName+"/"+s}this.init=function(w,x){var y=null;try{if(x===undefined){y=KEYUTIL.getKey(w)}else{y=KEYUTIL.getKey(w,x)}}catch(v){throw"init failed:"+v}if(y.isPrivate===true){this.prvKey=y;this.state="SIGN"}else{if(y.isPublic===true){this.pubKey=y;this.state="VERIFY"}else{throw"init failed.:"+y}}};this.initSign=function(v){if(typeof v.ecprvhex=="string"&&typeof v.eccurvename=="string"){this.ecprvhex=v.ecprvhex;this.eccurvename=v.eccurvename}else{this.prvKey=v}this.state="SIGN"};this.initVerifyByPublicKey=function(v){if(typeof v.ecpubhex=="string"&&typeof v.eccurvename=="string"){this.ecpubhex=v.ecpubhex;this.eccurvename=v.eccurvename}else{if(v instanceof KJUR.crypto.ECDSA){this.pubKey=v}else{if(v instanceof RSAKey){this.pubKey=v}}}this.state="VERIFY"};this.initVerifyByCertificatePEM=function(v){var w=new X509();w.readCertPEM(v);this.pubKey=w.subjectPublicKeyRSA;this.state="VERIFY"};this.updateString=function(v){this.md.updateString(v)};this.updateHex=function(v){this.md.updateHex(v)};this.sign=function(){this.sHashHex=this.md.digest();if(typeof this.ecprvhex!="undefined"&&typeof this.eccurvename!="undefined"){var v=new KJUR.crypto.ECDSA({curve:this.eccurvename});this.hSign=v.signHex(this.sHashHex,this.ecprvhex)}else{if(this.pubkeyAlgName=="rsaandmgf1"){this.hSign=this.prvKey.signWithMessageHashPSS(this.sHashHex,this.mdAlgName,this.pssSaltLen)}else{if(this.pubkeyAlgName=="rsa"){this.hSign=this.prvKey.signWithMessageHash(this.sHashHex,this.mdAlgName)}else{if(this.prvKey instanceof KJUR.crypto.ECDSA){this.hSign=this.prvKey.signWithMessageHash(this.sHashHex)}else{if(this.prvKey instanceof KJUR.crypto.DSA){this.hSign=this.prvKey.signWithMessageHash(this.sHashHex)}else{throw"Signature: unsupported public key alg: "+this.pubkeyAlgName}}}}}return this.hSign};this.signString=function(v){this.updateString(v);this.sign()};this.signHex=function(v){this.updateHex(v);this.sign()};this.verify=function(v){this.sHashHex=this.md.digest();if(typeof this.ecpubhex!="undefined"&&typeof this.eccurvename!="undefined"){var w=new KJUR.crypto.ECDSA({curve:this.eccurvename});return w.verifyHex(this.sHashHex,v,this.ecpubhex)}else{if(this.pubkeyAlgName=="rsaandmgf1"){return this.pubKey.verifyWithMessageHashPSS(this.sHashHex,v,this.mdAlgName,this.pssSaltLen)}else{if(this.pubkeyAlgName=="rsa"){return this.pubKey.verifyWithMessageHash(this.sHashHex,v)}else{if(this.pubKey instanceof KJUR.crypto.ECDSA){return this.pubKey.verifyWithMessageHash(this.sHashHex,v)}else{if(this.pubKey instanceof KJUR.crypto.DSA){return this.pubKey.verifyWithMessageHash(this.sHashHex,v)}else{throw"Signature: unsupported public key alg: "+this.pubkeyAlgName}}}}}}}};this.init=function(s,t){throw"init(key, pass) not supported for this alg:prov="+this.algProvName};this.initVerifyByPublicKey=function(s){throw"initVerifyByPublicKey(rsaPubKeyy) not supported for this alg:prov="+this.algProvName};this.initVerifyByCertificatePEM=function(s){throw"initVerifyByCertificatePEM(certPEM) not supported for this alg:prov="+this.algProvName};this.initSign=function(s){throw"initSign(prvKey) not supported for this alg:prov="+this.algProvName};this.updateString=function(s){throw"updateString(str) not supported for this alg:prov="+this.algProvName};this.updateHex=function(s){throw"updateHex(hex) not supported for this alg:prov="+this.algProvName};this.sign=function(){throw"sign() not supported for this alg:prov="+this.algProvName};this.signString=function(s){throw"digestString(str) not supported for this alg:prov="+this.algProvName};this.signHex=function(s){throw"digestHex(hex) not supported for this alg:prov="+this.algProvName};this.verify=function(s){throw"verify(hSigVal) not supported for this alg:prov="+this.algProvName};this.initParams=o;if(o!==undefined){if(o.alg!==undefined){this.algName=o.alg;if(o.prov===undefined){this.provName=KJUR.crypto.Util.DEFAULTPROVIDER[this.algName]}else{this.provName=o.prov}this.algProvName=this.algName+":"+this.provName;this.setAlgAndProvider(this.algName,this.provName);this._setAlgNames()}if(o.psssaltlen!==undefined){this.pssSaltLen=o.psssaltlen}if(o.prvkeypem!==undefined){if(o.prvkeypas!==undefined){throw"both prvkeypem and prvkeypas parameters not supported"}else{try{var q=new RSAKey();q.readPrivateKeyFromPEMString(o.prvkeypem);this.initSign(q)}catch(m){throw"fatal error to load pem private key: "+m}}}}};KJUR.crypto.OID=new function(){this.oidhex2name={"2a864886f70d010101":"rsaEncryption","2a8648ce3d0201":"ecPublicKey","2a8648ce3d030107":"secp256r1","2b8104001f":"secp192k1","2b81040021":"secp224r1","2b8104000a":"secp256k1","2b81040023":"secp521r1","2b81040022":"secp384r1","2a8648ce380403":"SHA1withDSA","608648016503040301":"SHA224withDSA","608648016503040302":"SHA256withDSA",}};
View
20 dsa-modified-1.0.js
@@ -1,4 +1,4 @@
-/*! dsa-modified-1.0.0.js (c) Recurity Labs GmbH, Kenji Urushimma | github.com/openpgpjs/openpgpjs/blob/master/LICENSE
+/*! dsa-modified-1.0.1.js (c) Recurity Labs GmbH, Kenji Urushimma | github.com/openpgpjs/openpgpjs/blob/master/LICENSE
*/
/*
* dsa-modified.js - modified DSA class of OpenPGP-JS
@@ -13,7 +13,7 @@
* @fileOverview
* @name dsa-modified-1.0.js
* @author Recurity Labs GmbH (github.com/openpgpjs) and Kenji Urushima (kenji.urushima@gmail.com)
- * @version 1.0.0 (2013-Oct-02)
+ * @version 1.0.1 (2013-Oct-06)
* @since jsrsasign 4.1.6
* @license <a href="https://github.com/openpgpjs/openpgpjs/blob/master/LICENSE">LGPL License</a>
*/
@@ -50,7 +50,7 @@ KJUR.crypto.DSA = function() {
/**
* set DSA private key by key specs
- * @name setPrivateKey
+ * @name setPrivate
* @memberOf KJUR.crypto.DSA
* @function
* @param {BigInteger} p prime P
@@ -60,7 +60,8 @@ KJUR.crypto.DSA = function() {
* @param {BigInteger} x private key X
* @since dsa-modified 1.0.0
*/
- this.setPrivateKey = function(p, q, g, y, x) {
+ this.setPrivate = function(p, q, g, y, x) {
+ this.isPrivate = true;
this.p = p;
this.q = q;
this.g = g;
@@ -70,7 +71,7 @@ KJUR.crypto.DSA = function() {
/**
* set DSA public key by key specs
- * @name setPublicKey
+ * @name setPublic
* @memberOf KJUR.crypto.DSA
* @function
* @param {BigInteger} p prime P
@@ -79,7 +80,8 @@ KJUR.crypto.DSA = function() {
* @param {BigInteger} y public key Y
* @since dsa-modified 1.0.0
*/
- this.setPublicKey = function(p, q, g, y) {
+ this.setPublic = function(p, q, g, y) {
+ this.isPublic = true;
this.p = p;
this.q = q;
this.g = g;
@@ -113,7 +115,7 @@ KJUR.crypto.DSA = function() {
var s2 = (k.modInverse(q).multiply(hash.add(x.multiply(s1)))).mod(q);
var result = KJUR.asn1.ASN1Util.jsonToASN1HEX({
- seq: [{int: {bigint: s1}}, {int: {bigint: s2}}]
+ 'seq': [{'int': {'bigint': s1}}, {'int': {'bigint': s2}}]
});
return result;
};
@@ -135,7 +137,9 @@ KJUR.crypto.DSA = function() {
var y = this.y;
// 1. parse ASN.1 signature
- var [s1, s2] = this.parseASN1Signature(hSigVal);
+ var s1s2 = this.parseASN1Signature(hSigVal);
+ var s1 = s1s2[0];
+ var s2 = s1s2[1];
// 2. trim message hash
var sHashHex = sHashHex.substr(0, q.bitLength() / 4);
View
4 dsa-modified-1.0.min.js
@@ -1,3 +1,3 @@
-/*! dsa-modified-1.0.0.js (c) Recurity Labs GmbH, Kenji Urushimma | github.com/openpgpjs/openpgpjs/blob/master/LICENSE
+/*! dsa-modified-1.0.1.js (c) Recurity Labs GmbH, Kenji Urushimma | github.com/openpgpjs/openpgpjs/blob/master/LICENSE
*/