diff --git a/ChangeLog.txt b/ChangeLog.txt
index 76b27532..e927b560 100755
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,13 +1,31 @@
 
 ChangeLog for jsrsasign
 
-extend CertificationRequestInfo class for challengePassword and unstructuredName
-* Changes from 10.5.26 to 10.5.27 (2022-Aug-19)
-  - src/asn1csr.js
-    - CertificationRequestInfo class
-      - add support for challengePassword and unstructuredName (#522)
-      - "attrs" member support in constructure argument
-  - test/qunit-do-asn1csr.html
+StringPrep DN canonicalization support and some fix
+* Changes from 10.5.27 to 10.6.0 (2022-Nov-04)
+  - x509.js
+    - X509.getParam
+      - add support for optional parameter "dncanon" and "dnhex"
+    - X509.getInfo
+      - update representation for AltName
+    - X509.{getIssuer,getSubect}
+      - add support for optional argument flagCanon, flagHex
+    - X509.c14RDNArray added to convert from RDN array to canonicalized 
+      DN name (a.k.a. StringPrep).
+    - X509.getX500Name 
+      - API document updated
+    - X509.getOtherName
+      - member name changed from "other" to "value" for
+        consistency with KJUR.asn1.x509.OtherName class constructor.
+      - Also oid member value in return object will be an oid name if defined.
+    - X509.setCanonicalizedDN added to set "canon" member value
+  - asn1x509.js
+    - smtpUTF8Mailbox oid added to OID class
+    - API document fix
+  - asn1.js
+    - DERTaggedObject API document update
+  - test/qunit-do-{asn1x509,x509-ext,x509-getinfo,x509-param,x509}.html
+    - update some test cases for above
 
 CSRUtil class enhancement
 * Changes from 10.5.25 to 10.5.26 (2022-Jul-14)
diff --git a/api/files.html b/api/files.html
index 4cf8c7c5..938d4037 100644
--- a/api/files.html
+++ b/api/files.html
@@ -662,7 +662,7 @@ <h2><a href="symbols/src/asn1x509-1.0.js.html">asn1x509-1.0.js</a></h2>
 					
 					
 						<dt class="heading">Version:</dt>
-							<dd>jsrsasign 10.5.22 asn1x509 2.1.16 (2022-May-24)</dd>
+							<dd>jsrsasign 10.6.0 asn1x509 2.1.17 (2022-Nov-04)</dd>
 					
 					
 					
@@ -890,7 +890,7 @@ <h2><a href="symbols/src/x509-1.1.js.html">x509-1.1.js</a></h2>
 					
 					
 						<dt class="heading">Version:</dt>
-							<dd>jsrsasign 10.5.24 x509 2.0.17 (2022-Jun-04)</dd>
+							<dd>jsrsasign 10.6.0 x509 2.1.0 (2022-Nov-04)</dd>
 					
 					
 					
diff --git a/api/symbols/KJUR.asn1.DERTaggedObject.html b/api/symbols/KJUR.asn1.DERTaggedObject.html
index b8046599..0d4c4538 100644
--- a/api/symbols/KJUR.asn1.DERTaggedObject.html
+++ b/api/symbols/KJUR.asn1.DERTaggedObject.html
@@ -639,16 +639,24 @@ <h1 class="classTitle">
 <li>tag - specify tag (default is 'a0' which means [0])</li>
 <li>explicit - specify true if this is explicit tag otherwise false 
     (default is 'true').</li>
-<li>obj - specify ASN1Object which is tagged</li>
+<li>obj - specify ASN1Object or JSON object which will be tagged</li>
 <li>tage - specify tag with explicit</li>
 <li>tagi - specify tag with implicit</li>
 </ul>
+As for the member "obj" value of JSON object, 
+KJUR_asn1.ASN1Util.newObject is used to generate.
 					
 				</div>
 				
 				
 				
-				<pre class="code">new KJUR.asn1.DERTaggedObject({
+				<pre class="code">// by JSON
+new KJUR.asn1.DERTaggedObject({
+ tag:'a0', explicit: true, obj: { "prnstr": { "str": "aaa" } }
+}).tohex()
+
+// by ASN1Object object
+new KJUR.asn1.DERTaggedObject({
  tage:'a0', obj: new KJUR.asn1.DERInteger({int: 3}) // explicit
 }) 
 new KJUR.asn1.DERTaggedObject({
@@ -673,6 +681,13 @@ <h1 class="classTitle">
 					
 					
 					
+						<dl class="detailList">
+						<dt class="heading">See:</dt>
+						
+							<dd>KJUR_asn1.ASN1Util.newObject</dd>
+						
+						</dl>
+					
 
 			</div>
 			
diff --git a/api/symbols/KJUR.asn1.x509.GeneralName.html b/api/symbols/KJUR.asn1.x509.GeneralName.html
index fd9c71ba..be0d1140 100644
--- a/api/symbols/KJUR.asn1.x509.GeneralName.html
+++ b/api/symbols/KJUR.asn1.x509.GeneralName.html
@@ -648,7 +648,7 @@ <h1 class="classTitle">
 gn = new KJUR.asn1.x509.GeneralName({uri:    'http://aaa.com/'});
 gn = new KJUR.asn1.x509.GeneralName({other: {
   oid: "1.2.3.4",
-  value: {utf8: "example"} // any ASN.1 which passed to ASN1Util.newObject
+  value: {utf8str: "example"} // any ASN.1 which passed to ASN1Util.newObject
 }});
 
 gn = new KJUR.asn1.x509.GeneralName({ldapdn:     'O=Test,C=US'}); // DEPRECATED
diff --git a/api/symbols/KJUR.asn1.x509.OtherName.html b/api/symbols/KJUR.asn1.x509.OtherName.html
index 6a81c8d8..bc7c91cf 100644
--- a/api/symbols/KJUR.asn1.x509.OtherName.html
+++ b/api/symbols/KJUR.asn1.x509.OtherName.html
@@ -589,7 +589,7 @@ <h1 class="classTitle">
 Constructor has two members:
 <ul>
 <li>oid - oid string (ex. "1.2.3.4")</li>
-<li>value - associative array passed to ASN1Util.newObject</li>
+<li>value - JSON object passed to ASN1Util.newObject or ASN1Object object</li>
 </ul>
 
 <pre>
diff --git a/api/symbols/X509.html b/api/symbols/X509.html
index 69d8fcac..8377152f 100644
--- a/api/symbols/X509.html
+++ b/api/symbols/X509.html
@@ -643,6 +643,23 @@ <h1 class="classTitle">
 					</thead>
 					<tbody>
 					
+						<tr>
+							<td class="attributes">&nbsp;</td>
+							<td class="nameDescription">
+								<div class="fixedFont"><b><a href="../symbols/X509.html#c14nRDNArray">c14nRDNArray</a></b>(aRDN)
+								</div>
+								<div class="description">simple canonicalization(c14n) for RDN array<br/>
+This method canonicalizes a DN string according to
+<a href="https://datatracker.ietf.org/doc/html/rfc4518#appendix-B">
+"RFC 4518 StringPrep Appendix B Substring Matching"</a> as following:
+<ul>
+<li>convert to lower case</li>
+<li>convert from all sequence of spaces to a space</li>
+<li>remove leading and trailing spaces</li>
+</ul></div>
+							</td>
+						</tr>
+					
 						<tr>
 							<td class="attributes">&nbsp;</td>
 							<td class="nameDescription">
@@ -1053,10 +1070,10 @@ <h1 class="classTitle">
 						<tr>
 							<td class="attributes">&nbsp;</td>
 							<td class="nameDescription">
-								<div class="fixedFont"><b><a href="../symbols/X509.html#getIssuer">getIssuer</a></b>()
+								<div class="fixedFont"><b><a href="../symbols/X509.html#getIssuer">getIssuer</a></b>(flagCanon, flagHex)
 								</div>
 								<div class="description">get JSON object of issuer field<br/>
-</div>
+Get a JSON object of an issuer field.</div>
 							</td>
 						</tr>
 					
@@ -1275,10 +1292,10 @@ <h1 class="classTitle">
 						<tr>
 							<td class="attributes">&nbsp;</td>
 							<td class="nameDescription">
-								<div class="fixedFont"><b><a href="../symbols/X509.html#getSubject">getSubject</a></b>()
+								<div class="fixedFont"><b><a href="../symbols/X509.html#getSubject">getSubject</a></b>(flagCanon, flagHex)
 								</div>
 								<div class="description">get JSON object of subject field<br/>
-</div>
+Get a JSON object of a subject field.</div>
 							</td>
 						</tr>
 					
@@ -1325,7 +1342,7 @@ <h1 class="classTitle">
 						<tr>
 							<td class="attributes">&nbsp;</td>
 							<td class="nameDescription">
-								<div class="fixedFont"><b><a href="../symbols/X509.html#getX500Name">getX500Name</a></b>(h)
+								<div class="fixedFont"><b><a href="../symbols/X509.html#getX500Name">getX500Name</a></b>(h, flagCanon, flagHex)
 								</div>
 								<div class="description">get Name ASN.1 structure parameter array<br/>
 This method will get Name parameter defined in
@@ -1409,6 +1426,20 @@ <h1 class="classTitle">
 							</td>
 						</tr>
 					
+						<tr>
+							<td class="attributes">&nbsp;</td>
+							<td class="nameDescription">
+								<div class="fixedFont"><b><a href="../symbols/X509.html#setCanonicalizedDN">setCanonicalizedDN</a></b>(pDN)
+								</div>
+								<div class="description">set canonicalized DN to a DN parameter<br/>
+This method canonicalizes a DN string as following:
+<ul>
+<li>convert to lower case</li>
+<li>convert from all multiple spaces to a space</li>
+</ul></div>
+							</td>
+						</tr>
+					
 						<tr>
 							<td class="attributes">&nbsp;</td>
 							<td class="nameDescription">
@@ -1632,7 +1663,7 @@ <h1 class="classTitle">
 					<pre class="code">x = new X509();
 x.getOtherName("30...") &rarr;
 { oid: "1.2.3.4",
-  other: {utf8str: {str: "aaa"}} }</pre>
+  value: {utf8str: {str: "aaa"}} }</pre>
 					
 					
 
@@ -1715,6 +1746,72 @@ <h1 class="classTitle">
 					Method Detail
 				</div>
 				
+					<a name="c14nRDNArray"> </a>
+					<div class="fixedFont">
+					
+					<span class="light">{string}</span>
+					<b>c14nRDNArray</b>(aRDN)
+					
+					</div>
+					<div class="description">
+						simple canonicalization(c14n) for RDN array<br/>
+This method canonicalizes a DN string according to
+<a href="https://datatracker.ietf.org/doc/html/rfc4518#appendix-B">
+"RFC 4518 StringPrep Appendix B Substring Matching"</a> as following:
+<ul>
+<li>convert to lower case</li>
+<li>convert from all sequence of spaces to a space</li>
+<li>remove leading and trailing spaces</li>
+</ul>
+						
+						
+					</div>
+					
+					
+					
+					<pre class="code">var x = new X509();
+x.c14nRDNArray([
+  [{type:"C", value:"JP", ds: "prn"}],
+  [{type:"O", value:"    Test    1234     ", ds: "utf8"}],
+  [{type:"OU", value:"HR   45", ds: "utf8"}]
+]) &rarr; "/c=jp/o=test 1234/ou=hr 45"</pre>
+					
+					
+					
+						
+							<dl class="detailList">
+							<dt class="heading">Parameters:</dt>
+							
+								<dt>
+									<span class="light fixedFont">{array}</span> <b>aRDN</b>
+									
+								</dt>
+								<dd>array of RDN parameters</dd>
+							
+							</dl>
+						
+						
+						
+							<dl class="detailList">
+							<dt class="heading">Since:</dt>
+								<dd>jsrsasign 10.6.0 x509 2.1.0</dd>
+							</dl>
+							</dl>
+						
+						
+						
+							<dl class="detailList">
+							<dt class="heading">Returns:</dt>
+							
+								<dd><span class="light fixedFont">{string}</span> canonicalized distinguish name (ex. "/c=jp/o=test ca")</dd>
+							
+							</dl>
+						
+						
+						
+
+					<hr />
+				
 					<a name="dnarraytostr"> </a>
 					<div class="fixedFont">
 					
@@ -4534,12 +4631,17 @@ <h1 class="classTitle">
 					<div class="fixedFont">
 					
 					<span class="light">{Array}</span>
-					<b>getIssuer</b>()
+					<b>getIssuer</b>(flagCanon, flagHex)
 					
 					</div>
 					<div class="description">
 						get JSON object of issuer field<br/>
-
+Get a JSON object of an issuer field.
+<br>
+NOTE: From jsrsasign 10.6.0, flagHex and flagCanon has been 
+supported to conclude a canonicalized name for caseIgnoreMatch
+desribed in <a href="https://tools.ietf.org/html/rfc4518">
+RFC 4518</a>.
 						
 						
 					</div>
@@ -4549,11 +4651,35 @@ <h1 class="classTitle">
 					<pre class="code">var x = new X509(sCertPEM);
 x.getIssuer() &rarr;
 { array: [[{type:'C',value:'JP',ds:'prn'}],...],
-  str: "/C=JP/..." }</pre>
+  str: "/C=JP/..." }
+
+// with flags
+x.getIssuer(true, true) &rarr;
+{ array: ...,
+  str: "/C=JP/O=   Test    123   ",
+  canon: "/c=jp/o=test 123",
+  hex: "30..." }</pre>
 					
 					
 					
 						
+							<dl class="detailList">
+							<dt class="heading">Parameters:</dt>
+							
+								<dt>
+									<span class="light fixedFont">{boolean}</span> <b>flagCanon</b>
+									
+								</dt>
+								<dd>flag to conclude canonicalized name (DEFAULT false)</dd>
+							
+								<dt>
+									<span class="light fixedFont">{boolean}</span> <b>flagHex</b>
+									
+								</dt>
+								<dd>flag to conclude hexadecimal string (DEFAULT false)</dd>
+							
+							</dl>
+						
 						
 						
 							<dl class="detailList">
@@ -4755,15 +4881,20 @@ <h1 class="classTitle">
 This method returns a JSON object of the certificate
 parameters. Return value can be passed to
 <a href="../symbols/KJUR.asn1.x509.X509Util.html#.newCertPEM">KJUR.asn1.x509.X509Util.newCertPEM</a>.
-<br>
+<br/>
 NOTE1: From jsrsasign 10.5.16, optional argument can be applied.
 It can have following members:
 <ul>
-<li>tbshex - if this is true, tbshex member with hex value of
-tbsCertificate will be added</li>
-<li>nodnarray - if this is true, array member for subject and
-issuer will be deleted to simplify it<li>
+<li>tbshex - (boolean) tbshex member with hex value of 
+tbsCertificate will be added if true (DEFAULT undefined)</li>
+<li>nodnarray - (boolean) array member for subject and
+issuer will be deleted to simplify it if true (DEFAULT undefined)<li>
+<li>dncanon - (boolean) add canon member to subject and issuer for DN StringPrep if true(DEFAULT undefined)</li>
+<li>dnhex - (boolean) add hex member to subject and issuer if true(DEFAULT undefined)</li>
 </ul>
+<br/>
+NOTE2: From jsrsasign 10.6.0, member "dncanon" and "dnhex" supported
+in the "option" argument.
 						
 						
 					</div>
@@ -4793,7 +4924,9 @@ <h1 class="classTitle">
 };
 
 x.getParam({tbshex: true}) &rarr; { ... , tbshex: "30..." }
-x.getParam({nodnarray: true}) &rarr; {issuer: {str: "/C=JP"}, ...}</pre>
+x.getParam({nodnarray: true}) &rarr; {issuer: {str: "/C=JP"}, ...}
+x.getParam({dncanon: true}) &rarr; {... {issuer: {canon: "/c=jp/o=..."} ...} ...}
+x.getParam({dnhex: true}) &rarr; {... {issuer: {hex: "30..."} ...} ...}</pre>
 					
 					
 					
@@ -5716,13 +5849,18 @@ <h1 class="classTitle">
 					<a name="getSubject"> </a>
 					<div class="fixedFont">
 					
-					<span class="light">{Array}</span>
-					<b>getSubject</b>()
+					<span class="light">{object}</span>
+					<b>getSubject</b>(flagCanon, flagHex)
 					
 					</div>
 					<div class="description">
 						get JSON object of subject field<br/>
-
+Get a JSON object of a subject field.
+<br>
+NOTE: From jsrsasign 10.6.0, flagHex and flagCanon has been 
+supported to conclude a canonicalized name for caseIgnoreMatch
+desribed in <a href="https://tools.ietf.org/html/rfc4518">
+RFC 4518</a>.
 						
 						
 					</div>
@@ -5732,11 +5870,35 @@ <h1 class="classTitle">
 					<pre class="code">var x = new X509(sCertPEM);
 x.getSubject() &rarr;
 { array: [[{type:'C',value:'JP',ds:'prn'}],...],
-  str: "/C=JP/..." }</pre>
+  str: "/C=JP/..." }
+
+// with flags
+x.getSubject(true, true) &rarr;
+{ array: ...,
+  str: "/C=JP/O=   Test    123   ",
+  canon: "/c=jp/o=test 123",
+  hex: "30..." }</pre>
 					
 					
 					
 						
+							<dl class="detailList">
+							<dt class="heading">Parameters:</dt>
+							
+								<dt>
+									<span class="light fixedFont">{boolean}</span> <b>flagCanon</b>
+									
+								</dt>
+								<dd>flag to conclude canonicalized name (DEFAULT false)</dd>
+							
+								<dt>
+									<span class="light fixedFont">{boolean}</span> <b>flagHex</b>
+									
+								</dt>
+								<dd>flag to conclude hexadecimal string (DEFAULT false)</dd>
+							
+							</dl>
+						
 						
 						
 							<dl class="detailList">
@@ -5750,7 +5912,7 @@ <h1 class="classTitle">
 							<dl class="detailList">
 							<dt class="heading">Returns:</dt>
 							
-								<dd><span class="light fixedFont">{Array}</span> JSON object of subject field</dd>
+								<dd><span class="light fixedFont">{object}</span> JSON object of subject field</dd>
 							
 							</dl>
 						
@@ -5983,7 +6145,7 @@ <h1 class="classTitle">
 					<div class="fixedFont">
 					
 					<span class="light">{Array}</span>
-					<b>getX500Name</b>(h)
+					<b>getX500Name</b>(h, flagCanon, flagHex)
 					
 					</div>
 					<div class="description">
@@ -5996,6 +6158,11 @@ <h1 class="classTitle">
   rdnSequence  RDNSequence }
 RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
 </pre>
+<br>
+NOTE: From jsrsasign 10.6.0, flagHex and flagCanon has been 
+supported to conclude a canonicalized name for caseIgnoreMatch
+desribed in <a href="https://tools.ietf.org/html/rfc4518">
+RFC 4518</a>.
 						
 						
 					</div>
@@ -6010,8 +6177,16 @@ <h1 class="classTitle">
     [{type:"CN",value:"john.smith@example.com",ds:"ia5"}]
   ],
   str: "/C=US/O=Sample Corp./CN=john.smith@example.com",
-  hex: "30..."
-}</pre>
+  hex: "30..." }
+
+x.getX500Name("30...", true) &rarr;
+{ array: [
+    [{type:"C",value:"US",ds:"prn"}],
+    [{type:"O",value:"Sample    Corp.",ds:"utf8"}]
+  ],
+  str: "/C=US/O=Sample    Corp.",
+  canon: "/c=us/o=sample corp.",
+  hex: "30..." }</pre>
 					
 					
 					
@@ -6025,6 +6200,18 @@ <h1 class="classTitle">
 								</dt>
 								<dd>hexadecimal string of Name</dd>
 							
+								<dt>
+									<span class="light fixedFont">{boolean}</span> <b>flagCanon</b>
+									
+								</dt>
+								<dd>flag to conclude canonicalized name (DEFAULT false)</dd>
+							
+								<dt>
+									<span class="light fixedFont">{boolean}</span> <b>flagHex</b>
+									
+								</dt>
+								<dd>flag to conclude hexadecimal string (DEFAULT false)</dd>
+							
 							</dl>
 						
 						
@@ -6055,6 +6242,8 @@ <h1 class="classTitle">
 							
 								<dd><a href="../symbols/X509.html#getAttrTypeAndValue">X509#getAttrTypeAndValue</a></dd>
 							
+								<dd><a href="../symbols/X509.html#c14nRDNArray">X509#c14nRDNArray</a></dd>
+							
 								<dd><a href="../symbols/KJUR.asn1.x509.X500Name.html">KJUR.asn1.x509.X500Name</a></dd>
 							
 								<dd><a href="../symbols/KJUR.asn1.x509.GeneralName.html">KJUR.asn1.x509.GeneralName</a></dd>
@@ -6479,6 +6668,70 @@ <h1 class="classTitle">
 						
 						
 
+					<hr />
+				
+					<a name="setCanonicalizedDN"> </a>
+					<div class="fixedFont">
+					
+					
+					<b>setCanonicalizedDN</b>(pDN)
+					
+					</div>
+					<div class="description">
+						set canonicalized DN to a DN parameter<br/>
+This method canonicalizes a DN string as following:
+<ul>
+<li>convert to lower case</li>
+<li>convert from all multiple spaces to a space</li>
+</ul>
+						
+						
+					</div>
+					
+					
+					
+					<pre class="code">var x = new X509();
+var pDN = {
+  array: [
+    [{type:'C',value:'JP',ds:'prn'}],
+    [{type:'O',value:'Test    1',ds:'prn'}] ],
+  str: "/C=JP/O=Test    1" };
+x.setCanonicalizedDN(pDN);
+// pDN will become following
+pDN = {
+  array: [
+    [{type:'C',value:'JP',ds:'prn'}],
+    [{type:'O',value:'Test    1',ds:'prn'}] ],
+  str: "/C=JP/O=Test    1",
+  canon: "/c=jp/o=test 1" };</pre>
+					
+					
+					
+						
+							<dl class="detailList">
+							<dt class="heading">Parameters:</dt>
+							
+								<dt>
+									<span class="light fixedFont">{object}</span> <b>pDN</b>
+									
+								</dt>
+								<dd>DN parameter associative array</dd>
+							
+							</dl>
+						
+						
+						
+							<dl class="detailList">
+							<dt class="heading">Since:</dt>
+								<dd>jsrsasign 10.6.0 x509 2.1.0</dd>
+							</dl>
+							</dl>
+						
+						
+						
+						
+						
+
 					<hr />
 				
 					<a name="updateAIACAIssuer"> </a>
diff --git a/api/symbols/src/asn1-1.0.js.html b/api/symbols/src/asn1-1.0.js.html
index b3a9cb62..edbab84f 100644
--- a/api/symbols/src/asn1-1.0.js.html
+++ b/api/symbols/src/asn1-1.0.js.html
@@ -1731,118 +1731,127 @@
 <span class='line'>1724</span>  * @name KJUR.asn1.DERTaggedObject
 <span class='line'>1725</span>  * @class class for ASN.1 DER TaggedObject
 <span class='line'>1726</span>  * @extends KJUR.asn1.ASN1Object
-<span class='line'>1727</span>  *
-<span class='line'>1728</span>  * @description
-<span class='line'>1729</span>  * &lt;br/>
-<span class='line'>1730</span>  * Parameter 'tagNoNex' is ASN.1 tag(T) value for this object.
-<span class='line'>1731</span>  * For example, if you find '[1]' tag in a ASN.1 dump, 
-<span class='line'>1732</span>  * 'tagNoHex' will be 'a1'.
-<span class='line'>1733</span>  * &lt;br/>
-<span class='line'>1734</span>  * As for optional argument 'params' for constructor, you can specify *ANY* of
-<span class='line'>1735</span>  * following properties:
-<span class='line'>1736</span>  * &lt;ul>
-<span class='line'>1737</span>  * &lt;li>tag - specify tag (default is 'a0' which means [0])&lt;/li>
-<span class='line'>1738</span>  * &lt;li>explicit - specify true if this is explicit tag otherwise false 
-<span class='line'>1739</span>  *     (default is 'true').&lt;/li>
-<span class='line'>1740</span>  * &lt;li>obj - specify ASN1Object which is tagged&lt;/li>
-<span class='line'>1741</span>  * &lt;li>tage - specify tag with explicit&lt;/li>
-<span class='line'>1742</span>  * &lt;li>tagi - specify tag with implicit&lt;/li>
-<span class='line'>1743</span>  * &lt;/ul>
-<span class='line'>1744</span>  *
-<span class='line'>1745</span>  * @example
-<span class='line'>1746</span>  * new KJUR.asn1.DERTaggedObject({
-<span class='line'>1747</span>  *  tage:'a0', obj: new KJUR.asn1.DERInteger({int: 3}) // explicit
-<span class='line'>1748</span>  * }) 
-<span class='line'>1749</span>  * new KJUR.asn1.DERTaggedObject({
-<span class='line'>1750</span>  *  tagi:'a0', obj: new KJUR.asn1.DERInteger({int: 3}) // implicit
-<span class='line'>1751</span>  * }) 
-<span class='line'>1752</span>  * new KJUR.asn1.DERTaggedObject({
-<span class='line'>1753</span>  *  tag:'a0', explicit: true, obj: new KJUR.asn1.DERInteger({int: 3}) // explicit
-<span class='line'>1754</span>  * }) 
-<span class='line'>1755</span>  *
-<span class='line'>1756</span>  * // to hexadecimal
-<span class='line'>1757</span>  * d1 = new KJUR.asn1.DERUTF8String({str':'a'})
-<span class='line'>1758</span>  * d2 = new KJUR.asn1.DERTaggedObject({'obj': d1});
-<span class='line'>1759</span>  * hex = d2.tohex();
-<span class='line'>1760</span>  */</span><span class="WHIT">
-<span class='line'>1761</span> </span><span class="NAME">KJUR.asn1.DERTaggedObject</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">params</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1762</span> </span><span class="WHIT">    </span><span class="NAME">KJUR.asn1.DERTaggedObject.superclass.constructor.call</span><span class="PUNC">(</span><span class="KEYW">this</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1763</span> 
-<span class='line'>1764</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">_KJUR_asn1</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">KJUR.asn1</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>1765</span> </span><span class="WHIT">	</span><span class="NAME">_ASN1HEX</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">ASN1HEX</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>1766</span> </span><span class="WHIT">	</span><span class="NAME">_getV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_ASN1HEX.getV</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>1767</span> </span><span class="WHIT">	</span><span class="NAME">_isASN1HEX</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_ASN1HEX.isASN1HEX</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>1768</span> </span><span class="WHIT">	</span><span class="NAME">_newObject</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_KJUR_asn1.ASN1Util.newObject</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1769</span> 
-<span class='line'>1770</span> </span><span class="WHIT">    </span><span class="NAME">this.hT</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"a0"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1771</span> </span><span class="WHIT">    </span><span class="NAME">this.hV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">''</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1772</span> </span><span class="WHIT">    </span><span class="NAME">this.isExplicit</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1773</span> </span><span class="WHIT">    </span><span class="NAME">this.asn1Object</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">null</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1774</span> </span><span class="WHIT">    </span><span class="NAME">this.params</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">tag</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="STRN">"a0"</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">explicit</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="COMM">//"tag": "a0, "explicit": true};</span><span class="WHIT">
-<span class='line'>1775</span> 
-<span class='line'>1776</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>1777</span>      * set value by an ASN1Object
-<span class='line'>1778</span>      * @name setString
-<span class='line'>1779</span>      * @memberOf KJUR.asn1.DERTaggedObject#
-<span class='line'>1780</span>      * @function
-<span class='line'>1781</span>      * @param {Boolean} isExplicitFlag flag for explicit/implicit tag
-<span class='line'>1782</span>      * @param {Integer} tagNoHex hexadecimal string of ASN.1 tag
-<span class='line'>1783</span>      * @param {ASN1Object} asn1Object ASN.1 to encapsulate
-<span class='line'>1784</span>      * @deprecated since jsrsasign 10.5.4 please use setByParam instead
-<span class='line'>1785</span>      */</span><span class="WHIT">
-<span class='line'>1786</span> </span><span class="WHIT">    </span><span class="NAME">this.setASN1Object</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">isExplicitFlag</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">tagNoHex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">asn1Object</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1787</span> </span><span class="WHIT">	</span><span class="NAME">this.params</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">tag</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">tagNoHex</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>1788</span> </span><span class="WHIT">		       </span><span class="NAME">explicit</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">isExplicitFlag</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>1789</span> </span><span class="WHIT">		       </span><span class="NAME">obj</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">asn1Object</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1790</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1791</span> 
-<span class='line'>1792</span> </span><span class="WHIT">    </span><span class="NAME">this.getFreshValueHex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1793</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">params</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.params</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1794</span> 
-<span class='line'>1795</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">params.explicit</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">params.explicit</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1796</span> 
-<span class='line'>1797</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">params.tage</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1798</span> </span><span class="WHIT">	    </span><span class="NAME">params.tag</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">params.tage</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1799</span> </span><span class="WHIT">	    </span><span class="NAME">params.explicit</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1800</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1801</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">params.tagi</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1802</span> </span><span class="WHIT">	    </span><span class="NAME">params.tag</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">params.tagi</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1803</span> </span><span class="WHIT">	    </span><span class="NAME">params.explicit</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">false</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1804</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1727</span>  * @see KJUR_asn1.ASN1Util.newObject
+<span class='line'>1728</span>  *
+<span class='line'>1729</span>  * @description
+<span class='line'>1730</span>  * &lt;br/>
+<span class='line'>1731</span>  * Parameter 'tagNoNex' is ASN.1 tag(T) value for this object.
+<span class='line'>1732</span>  * For example, if you find '[1]' tag in a ASN.1 dump, 
+<span class='line'>1733</span>  * 'tagNoHex' will be 'a1'.
+<span class='line'>1734</span>  * &lt;br/>
+<span class='line'>1735</span>  * As for optional argument 'params' for constructor, you can specify *ANY* of
+<span class='line'>1736</span>  * following properties:
+<span class='line'>1737</span>  * &lt;ul>
+<span class='line'>1738</span>  * &lt;li>tag - specify tag (default is 'a0' which means [0])&lt;/li>
+<span class='line'>1739</span>  * &lt;li>explicit - specify true if this is explicit tag otherwise false 
+<span class='line'>1740</span>  *     (default is 'true').&lt;/li>
+<span class='line'>1741</span>  * &lt;li>obj - specify ASN1Object or JSON object which will be tagged&lt;/li>
+<span class='line'>1742</span>  * &lt;li>tage - specify tag with explicit&lt;/li>
+<span class='line'>1743</span>  * &lt;li>tagi - specify tag with implicit&lt;/li>
+<span class='line'>1744</span>  * &lt;/ul>
+<span class='line'>1745</span>  * As for the member "obj" value of JSON object, 
+<span class='line'>1746</span>  * {@link KJUR_asn1.ASN1Util.newObject} is used to generate.
+<span class='line'>1747</span>  *
+<span class='line'>1748</span>  * @example
+<span class='line'>1749</span>  * // by JSON
+<span class='line'>1750</span>  * new KJUR.asn1.DERTaggedObject({
+<span class='line'>1751</span>  *  tag:'a0', explicit: true, obj: { "prnstr": { "str": "aaa" } }
+<span class='line'>1752</span>  * }).tohex()
+<span class='line'>1753</span>  *
+<span class='line'>1754</span>  * // by ASN1Object object
+<span class='line'>1755</span>  * new KJUR.asn1.DERTaggedObject({
+<span class='line'>1756</span>  *  tage:'a0', obj: new KJUR.asn1.DERInteger({int: 3}) // explicit
+<span class='line'>1757</span>  * }) 
+<span class='line'>1758</span>  * new KJUR.asn1.DERTaggedObject({
+<span class='line'>1759</span>  *  tagi:'a0', obj: new KJUR.asn1.DERInteger({int: 3}) // implicit
+<span class='line'>1760</span>  * }) 
+<span class='line'>1761</span>  * new KJUR.asn1.DERTaggedObject({
+<span class='line'>1762</span>  *  tag:'a0', explicit: true, obj: new KJUR.asn1.DERInteger({int: 3}) // explicit
+<span class='line'>1763</span>  * }) 
+<span class='line'>1764</span>  *
+<span class='line'>1765</span>  * // to hexadecimal
+<span class='line'>1766</span>  * d1 = new KJUR.asn1.DERUTF8String({str':'a'})
+<span class='line'>1767</span>  * d2 = new KJUR.asn1.DERTaggedObject({'obj': d1});
+<span class='line'>1768</span>  * hex = d2.tohex();
+<span class='line'>1769</span>  */</span><span class="WHIT">
+<span class='line'>1770</span> </span><span class="NAME">KJUR.asn1.DERTaggedObject</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">params</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1771</span> </span><span class="WHIT">    </span><span class="NAME">KJUR.asn1.DERTaggedObject.superclass.constructor.call</span><span class="PUNC">(</span><span class="KEYW">this</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1772</span> 
+<span class='line'>1773</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">_KJUR_asn1</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">KJUR.asn1</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>1774</span> </span><span class="WHIT">	</span><span class="NAME">_ASN1HEX</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">ASN1HEX</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>1775</span> </span><span class="WHIT">	</span><span class="NAME">_getV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_ASN1HEX.getV</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>1776</span> </span><span class="WHIT">	</span><span class="NAME">_isASN1HEX</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_ASN1HEX.isASN1HEX</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>1777</span> </span><span class="WHIT">	</span><span class="NAME">_newObject</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_KJUR_asn1.ASN1Util.newObject</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1778</span> 
+<span class='line'>1779</span> </span><span class="WHIT">    </span><span class="NAME">this.hT</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"a0"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1780</span> </span><span class="WHIT">    </span><span class="NAME">this.hV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">''</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1781</span> </span><span class="WHIT">    </span><span class="NAME">this.isExplicit</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1782</span> </span><span class="WHIT">    </span><span class="NAME">this.asn1Object</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">null</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1783</span> </span><span class="WHIT">    </span><span class="NAME">this.params</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">tag</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="STRN">"a0"</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">explicit</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="COMM">//"tag": "a0, "explicit": true};</span><span class="WHIT">
+<span class='line'>1784</span> 
+<span class='line'>1785</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>1786</span>      * set value by an ASN1Object
+<span class='line'>1787</span>      * @name setString
+<span class='line'>1788</span>      * @memberOf KJUR.asn1.DERTaggedObject#
+<span class='line'>1789</span>      * @function
+<span class='line'>1790</span>      * @param {Boolean} isExplicitFlag flag for explicit/implicit tag
+<span class='line'>1791</span>      * @param {Integer} tagNoHex hexadecimal string of ASN.1 tag
+<span class='line'>1792</span>      * @param {ASN1Object} asn1Object ASN.1 to encapsulate
+<span class='line'>1793</span>      * @deprecated since jsrsasign 10.5.4 please use setByParam instead
+<span class='line'>1794</span>      */</span><span class="WHIT">
+<span class='line'>1795</span> </span><span class="WHIT">    </span><span class="NAME">this.setASN1Object</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">isExplicitFlag</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">tagNoHex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">asn1Object</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1796</span> </span><span class="WHIT">	</span><span class="NAME">this.params</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">tag</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">tagNoHex</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>1797</span> </span><span class="WHIT">		       </span><span class="NAME">explicit</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">isExplicitFlag</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>1798</span> </span><span class="WHIT">		       </span><span class="NAME">obj</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">asn1Object</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1799</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1800</span> 
+<span class='line'>1801</span> </span><span class="WHIT">    </span><span class="NAME">this.getFreshValueHex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1802</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">params</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.params</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1803</span> 
+<span class='line'>1804</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">params.explicit</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">params.explicit</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
 <span class='line'>1805</span> 
-<span class='line'>1806</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">params.str</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1807</span> </span><span class="WHIT">	    </span><span class="NAME">this.hV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">utf8tohex</span><span class="PUNC">(</span><span class="NAME">params.str</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1808</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">params.hex</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1809</span> </span><span class="WHIT">	    </span><span class="NAME">this.hV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">params.hex</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1810</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">params.obj</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1811</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hV1</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1812</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">params.obj</span><span class="WHIT"> </span><span class="KEYW">instanceof</span><span class="WHIT"> </span><span class="NAME">_KJUR_asn1.ASN1Object</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1813</span> </span><span class="WHIT">		</span><span class="NAME">hV1</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">params.obj.tohex</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1814</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">typeof</span><span class="WHIT"> </span><span class="NAME">params.obj</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"object"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1815</span> </span><span class="WHIT">		</span><span class="NAME">hV1</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_newObject</span><span class="PUNC">(</span><span class="NAME">params.obj</span><span class="PUNC">)</span><span class="PUNC">.</span><span class="NAME">tohex</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1816</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1817</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">params.explicit</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1818</span> </span><span class="WHIT">		</span><span class="NAME">this.hV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">hV1</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1819</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1820</span> </span><span class="WHIT">		</span><span class="NAME">this.hV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">hV1</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1821</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1822</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1823</span> </span><span class="WHIT">	    </span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Error</span><span class="PUNC">(</span><span class="STRN">"str, hex nor obj not specified"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1824</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1825</span> 
-<span class='line'>1826</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">params.tag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">params.tag</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"a0"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1827</span> </span><span class="WHIT">	</span><span class="NAME">this.hT</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">params.tag</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1828</span> </span><span class="WHIT">        </span><span class="NAME">this.hTLV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">null</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1829</span> </span><span class="WHIT">        </span><span class="NAME">this.isModified</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1830</span> 
-<span class='line'>1831</span> </span><span class="WHIT">        </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">this.hV</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1832</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1833</span> 
-<span class='line'>1834</span> </span><span class="WHIT">    </span><span class="NAME">this.setByParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">params</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1835</span> </span><span class="WHIT">	</span><span class="NAME">this.params</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">params</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1836</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1837</span> 
-<span class='line'>1838</span> </span><span class="WHIT">    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">params</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">this.setByParam</span><span class="PUNC">(</span><span class="NAME">params</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1839</span> </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1840</span> </span><span class="NAME">extendClass</span><span class="PUNC">(</span><span class="NAME">KJUR.asn1.DERTaggedObject</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">KJUR.asn1.ASN1Object</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1841</span> </span></pre></body></html>
\ No newline at end of file
+<span class='line'>1806</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">params.tage</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1807</span> </span><span class="WHIT">	    </span><span class="NAME">params.tag</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">params.tage</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1808</span> </span><span class="WHIT">	    </span><span class="NAME">params.explicit</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1809</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1810</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">params.tagi</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1811</span> </span><span class="WHIT">	    </span><span class="NAME">params.tag</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">params.tagi</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1812</span> </span><span class="WHIT">	    </span><span class="NAME">params.explicit</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">false</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1813</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1814</span> 
+<span class='line'>1815</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">params.str</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1816</span> </span><span class="WHIT">	    </span><span class="NAME">this.hV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">utf8tohex</span><span class="PUNC">(</span><span class="NAME">params.str</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1817</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">params.hex</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1818</span> </span><span class="WHIT">	    </span><span class="NAME">this.hV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">params.hex</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1819</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">params.obj</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1820</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hV1</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1821</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">params.obj</span><span class="WHIT"> </span><span class="KEYW">instanceof</span><span class="WHIT"> </span><span class="NAME">_KJUR_asn1.ASN1Object</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1822</span> </span><span class="WHIT">		</span><span class="NAME">hV1</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">params.obj.tohex</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1823</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">typeof</span><span class="WHIT"> </span><span class="NAME">params.obj</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"object"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1824</span> </span><span class="WHIT">		</span><span class="NAME">hV1</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_newObject</span><span class="PUNC">(</span><span class="NAME">params.obj</span><span class="PUNC">)</span><span class="PUNC">.</span><span class="NAME">tohex</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1825</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1826</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">params.explicit</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1827</span> </span><span class="WHIT">		</span><span class="NAME">this.hV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">hV1</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1828</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1829</span> </span><span class="WHIT">		</span><span class="NAME">this.hV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">hV1</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1830</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1831</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1832</span> </span><span class="WHIT">	    </span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Error</span><span class="PUNC">(</span><span class="STRN">"str, hex nor obj not specified"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1833</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1834</span> 
+<span class='line'>1835</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">params.tag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">params.tag</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"a0"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1836</span> </span><span class="WHIT">	</span><span class="NAME">this.hT</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">params.tag</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1837</span> </span><span class="WHIT">        </span><span class="NAME">this.hTLV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">null</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1838</span> </span><span class="WHIT">        </span><span class="NAME">this.isModified</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1839</span> 
+<span class='line'>1840</span> </span><span class="WHIT">        </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">this.hV</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1841</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1842</span> 
+<span class='line'>1843</span> </span><span class="WHIT">    </span><span class="NAME">this.setByParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">params</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1844</span> </span><span class="WHIT">	</span><span class="NAME">this.params</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">params</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1845</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1846</span> 
+<span class='line'>1847</span> </span><span class="WHIT">    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">params</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">this.setByParam</span><span class="PUNC">(</span><span class="NAME">params</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1848</span> </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1849</span> </span><span class="NAME">extendClass</span><span class="PUNC">(</span><span class="NAME">KJUR.asn1.DERTaggedObject</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">KJUR.asn1.ASN1Object</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1850</span> </span></pre></body></html>
\ No newline at end of file
diff --git a/api/symbols/src/asn1x509-1.0.js.html b/api/symbols/src/asn1x509-1.0.js.html
index a18ad3d2..b8e6c2c0 100644
--- a/api/symbols/src/asn1x509-1.0.js.html
+++ b/api/symbols/src/asn1x509-1.0.js.html
@@ -5,7 +5,7 @@
 	.STRN {color: #393;}
 	.REGX {color: #339;}
 	.line {border-right: 1px dotted #666; color: #666; font-style: normal;}
-	</style></head><body><pre><span class='line'>  1</span> <span class="COMM">/* asn1x509-2.1.16.js (c) 2013-2022 Kenji Urushima | kjur.github.io/jsrsasign/license
+	</style></head><body><pre><span class='line'>  1</span> <span class="COMM">/* asn1x509-2.1.17.js (c) 2013-2022 Kenji Urushima | kjur.github.io/jsrsasign/license
 <span class='line'>  2</span>  */</span><span class="WHIT">
 <span class='line'>  3</span> </span><span class="COMM">/*
 <span class='line'>  4</span>  * asn1x509.js - ASN.1 DER encoder classes for X.509 certificate
@@ -23,7 +23,7 @@
 <span class='line'> 16</span>  * @fileOverview
 <span class='line'> 17</span>  * @name asn1x509-1.0.js
 <span class='line'> 18</span>  * @author Kenji Urushima kenji.urushima@gmail.com
-<span class='line'> 19</span>  * @version jsrsasign 10.5.22 asn1x509 2.1.16 (2022-May-24)
+<span class='line'> 19</span>  * @version jsrsasign 10.6.0 asn1x509 2.1.17 (2022-Nov-04)
 <span class='line'> 20</span>  * @since jsrsasign 2.1
 <span class='line'> 21</span>  * @license &lt;a href="https://kjur.github.io/jsrsasign/license/">MIT License&lt;/a>
 <span class='line'> 22</span>  */</span><span class="WHIT">
@@ -4015,7 +4015,7 @@
 <span class='line'>4008</span>  * gn = new KJUR.asn1.x509.GeneralName({uri:    'http://aaa.com/'});
 <span class='line'>4009</span>  * gn = new KJUR.asn1.x509.GeneralName({other: {
 <span class='line'>4010</span>  *   oid: "1.2.3.4",
-<span class='line'>4011</span>  *   value: {utf8: "example"} // any ASN.1 which passed to ASN1Util.newObject
+<span class='line'>4011</span>  *   value: {utf8str: "example"} // any ASN.1 which passed to ASN1Util.newObject
 <span class='line'>4012</span>  * }});
 <span class='line'>4013</span>  *
 <span class='line'>4014</span>  * gn = new KJUR.asn1.x509.GeneralName({ldapdn:     'O=Test,C=US'}); // DEPRECATED
@@ -4207,7 +4207,7 @@
 <span class='line'>4200</span>  * Constructor has two members:
 <span class='line'>4201</span>  * &lt;ul>
 <span class='line'>4202</span>  * &lt;li>oid - oid string (ex. "1.2.3.4")&lt;/li>
-<span class='line'>4203</span>  * &lt;li>value - associative array passed to ASN1Util.newObject&lt;/li>
+<span class='line'>4203</span>  * &lt;li>value - JSON object passed to ASN1Util.newObject or ASN1Object object&lt;/li>
 <span class='line'>4204</span>  * &lt;/ul>
 <span class='line'>4205</span>  *
 <span class='line'>4206</span>  * &lt;pre>
@@ -4386,379 +4386,382 @@
 <span class='line'>4379</span> </span><span class="WHIT">        </span><span class="STRN">'timeStamping'</span><span class="PUNC">:</span><span class="WHIT">         </span><span class="STRN">'1.3.6.1.5.5.7.3.8'</span><span class="PUNC">,</span><span class="WHIT">
 <span class='line'>4380</span> </span><span class="WHIT">        </span><span class="STRN">'ocspSigning'</span><span class="PUNC">:</span><span class="WHIT">          </span><span class="STRN">'1.3.6.1.5.5.7.3.9'</span><span class="PUNC">,</span><span class="WHIT">
 <span class='line'>4381</span> 
-<span class='line'>4382</span> </span><span class="WHIT">        </span><span class="STRN">'dateOfBirth'</span><span class="PUNC">:</span><span class="WHIT">          </span><span class="STRN">'1.3.6.1.5.5.7.9.1'</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>4383</span> </span><span class="WHIT">        </span><span class="STRN">'placeOfBirth'</span><span class="PUNC">:</span><span class="WHIT">         </span><span class="STRN">'1.3.6.1.5.5.7.9.2'</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>4384</span> </span><span class="WHIT">        </span><span class="STRN">'gender'</span><span class="PUNC">:</span><span class="WHIT">               </span><span class="STRN">'1.3.6.1.5.5.7.9.3'</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>4385</span> </span><span class="WHIT">        </span><span class="STRN">'countryOfCitizenship'</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="STRN">'1.3.6.1.5.5.7.9.4'</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>4386</span> </span><span class="WHIT">        </span><span class="STRN">'countryOfResidence'</span><span class="PUNC">:</span><span class="WHIT">   </span><span class="STRN">'1.3.6.1.5.5.7.9.5'</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>4387</span> 
-<span class='line'>4388</span> </span><span class="WHIT">        </span><span class="STRN">'ecPublicKey'</span><span class="PUNC">:</span><span class="WHIT">          </span><span class="STRN">'1.2.840.10045.2.1'</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>4389</span> </span><span class="WHIT">        </span><span class="STRN">'P-256'</span><span class="PUNC">:</span><span class="WHIT">                </span><span class="STRN">'1.2.840.10045.3.1.7'</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>4390</span> </span><span class="WHIT">        </span><span class="STRN">'secp256r1'</span><span class="PUNC">:</span><span class="WHIT">            </span><span class="STRN">'1.2.840.10045.3.1.7'</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>4391</span> </span><span class="WHIT">        </span><span class="STRN">'secp256k1'</span><span class="PUNC">:</span><span class="WHIT">            </span><span class="STRN">'1.3.132.0.10'</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>4392</span> </span><span class="WHIT">        </span><span class="STRN">'secp384r1'</span><span class="PUNC">:</span><span class="WHIT">            </span><span class="STRN">'1.3.132.0.34'</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>4393</span> </span><span class="WHIT">        </span><span class="STRN">'secp521r1'</span><span class="PUNC">:</span><span class="WHIT">            </span><span class="STRN">'1.3.132.0.35'</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>4394</span> 
-<span class='line'>4395</span> </span><span class="WHIT">        </span><span class="STRN">'pkcs5PBES2'</span><span class="PUNC">:</span><span class="WHIT">           </span><span class="STRN">'1.2.840.113549.1.5.13'</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>4396</span> </span><span class="WHIT">        </span><span class="STRN">'pkcs5PBKDF2'</span><span class="PUNC">:</span><span class="WHIT">          </span><span class="STRN">'1.2.840.113549.1.5.12'</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4382</span> </span><span class="WHIT">	</span><span class="COMM">// 'otherNameForms':	'1.3.6.1.5.5.7.8',</span><span class="WHIT">
+<span class='line'>4383</span> </span><span class="WHIT">	</span><span class="STRN">'smtpUTF8Mailbox'</span><span class="PUNC">:</span><span class="WHIT">	</span><span class="STRN">'1.3.6.1.5.5.7.8.9'</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4384</span> 
+<span class='line'>4385</span> </span><span class="WHIT">        </span><span class="STRN">'dateOfBirth'</span><span class="PUNC">:</span><span class="WHIT">          </span><span class="STRN">'1.3.6.1.5.5.7.9.1'</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4386</span> </span><span class="WHIT">        </span><span class="STRN">'placeOfBirth'</span><span class="PUNC">:</span><span class="WHIT">         </span><span class="STRN">'1.3.6.1.5.5.7.9.2'</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4387</span> </span><span class="WHIT">        </span><span class="STRN">'gender'</span><span class="PUNC">:</span><span class="WHIT">               </span><span class="STRN">'1.3.6.1.5.5.7.9.3'</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4388</span> </span><span class="WHIT">        </span><span class="STRN">'countryOfCitizenship'</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="STRN">'1.3.6.1.5.5.7.9.4'</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4389</span> </span><span class="WHIT">        </span><span class="STRN">'countryOfResidence'</span><span class="PUNC">:</span><span class="WHIT">   </span><span class="STRN">'1.3.6.1.5.5.7.9.5'</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4390</span> 
+<span class='line'>4391</span> </span><span class="WHIT">        </span><span class="STRN">'ecPublicKey'</span><span class="PUNC">:</span><span class="WHIT">          </span><span class="STRN">'1.2.840.10045.2.1'</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4392</span> </span><span class="WHIT">        </span><span class="STRN">'P-256'</span><span class="PUNC">:</span><span class="WHIT">                </span><span class="STRN">'1.2.840.10045.3.1.7'</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4393</span> </span><span class="WHIT">        </span><span class="STRN">'secp256r1'</span><span class="PUNC">:</span><span class="WHIT">            </span><span class="STRN">'1.2.840.10045.3.1.7'</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4394</span> </span><span class="WHIT">        </span><span class="STRN">'secp256k1'</span><span class="PUNC">:</span><span class="WHIT">            </span><span class="STRN">'1.3.132.0.10'</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4395</span> </span><span class="WHIT">        </span><span class="STRN">'secp384r1'</span><span class="PUNC">:</span><span class="WHIT">            </span><span class="STRN">'1.3.132.0.34'</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4396</span> </span><span class="WHIT">        </span><span class="STRN">'secp521r1'</span><span class="PUNC">:</span><span class="WHIT">            </span><span class="STRN">'1.3.132.0.35'</span><span class="PUNC">,</span><span class="WHIT">
 <span class='line'>4397</span> 
-<span class='line'>4398</span> </span><span class="WHIT">        </span><span class="STRN">'des-EDE3-CBC'</span><span class="PUNC">:</span><span class="WHIT">         </span><span class="STRN">'1.2.840.113549.3.7'</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>4399</span> 
-<span class='line'>4400</span> </span><span class="WHIT">        </span><span class="STRN">'data'</span><span class="PUNC">:</span><span class="WHIT">                 </span><span class="STRN">'1.2.840.113549.1.7.1'</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="COMM">// CMS data</span><span class="WHIT">
-<span class='line'>4401</span> </span><span class="WHIT">        </span><span class="STRN">'signed-data'</span><span class="PUNC">:</span><span class="WHIT">          </span><span class="STRN">'1.2.840.113549.1.7.2'</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="COMM">// CMS signed-data</span><span class="WHIT">
-<span class='line'>4402</span> </span><span class="WHIT">        </span><span class="STRN">'enveloped-data'</span><span class="PUNC">:</span><span class="WHIT">       </span><span class="STRN">'1.2.840.113549.1.7.3'</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="COMM">// CMS enveloped-data</span><span class="WHIT">
-<span class='line'>4403</span> </span><span class="WHIT">        </span><span class="STRN">'digested-data'</span><span class="PUNC">:</span><span class="WHIT">        </span><span class="STRN">'1.2.840.113549.1.7.5'</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="COMM">// CMS digested-data</span><span class="WHIT">
-<span class='line'>4404</span> </span><span class="WHIT">        </span><span class="STRN">'encrypted-data'</span><span class="PUNC">:</span><span class="WHIT">       </span><span class="STRN">'1.2.840.113549.1.7.6'</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="COMM">// CMS encrypted-data</span><span class="WHIT">
-<span class='line'>4405</span> </span><span class="WHIT">        </span><span class="STRN">'authenticated-data'</span><span class="PUNC">:</span><span class="WHIT">   </span><span class="STRN">'1.2.840.113549.1.9.16.1.2'</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="COMM">// CMS authenticated-data</span><span class="WHIT">
-<span class='line'>4406</span> </span><span class="WHIT">        </span><span class="STRN">'tstinfo'</span><span class="PUNC">:</span><span class="WHIT">              </span><span class="STRN">'1.2.840.113549.1.9.16.1.4'</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="COMM">// RFC3161 TSTInfo</span><span class="WHIT">
-<span class='line'>4407</span> </span><span class="WHIT">	</span><span class="STRN">'signingCertificate'</span><span class="PUNC">:</span><span class="WHIT">	</span><span class="STRN">'1.2.840.113549.1.9.16.2.12'</span><span class="PUNC">,</span><span class="COMM">// SMIME</span><span class="WHIT">
-<span class='line'>4408</span> </span><span class="WHIT">	</span><span class="STRN">'timeStampToken'</span><span class="PUNC">:</span><span class="WHIT">	</span><span class="STRN">'1.2.840.113549.1.9.16.2.14'</span><span class="PUNC">,</span><span class="COMM">// sigTS</span><span class="WHIT">
-<span class='line'>4409</span> </span><span class="WHIT">	</span><span class="STRN">'signaturePolicyIdentifier'</span><span class="PUNC">:</span><span class="WHIT">	</span><span class="STRN">'1.2.840.113549.1.9.16.2.15'</span><span class="PUNC">,</span><span class="COMM">// cades</span><span class="WHIT">
-<span class='line'>4410</span> </span><span class="WHIT">	</span><span class="STRN">'etsArchiveTimeStamp'</span><span class="PUNC">:</span><span class="WHIT">	</span><span class="STRN">'1.2.840.113549.1.9.16.2.27'</span><span class="PUNC">,</span><span class="COMM">// SMIME</span><span class="WHIT">
-<span class='line'>4411</span> </span><span class="WHIT">	</span><span class="STRN">'signingCertificateV2'</span><span class="PUNC">:</span><span class="WHIT">	</span><span class="STRN">'1.2.840.113549.1.9.16.2.47'</span><span class="PUNC">,</span><span class="COMM">// SMIME</span><span class="WHIT">
-<span class='line'>4412</span> </span><span class="WHIT">	</span><span class="STRN">'etsArchiveTimeStampV2'</span><span class="PUNC">:</span><span class="STRN">'1.2.840.113549.1.9.16.2.48'</span><span class="PUNC">,</span><span class="COMM">// SMIME</span><span class="WHIT">
-<span class='line'>4413</span> </span><span class="WHIT">        </span><span class="STRN">'extensionRequest'</span><span class="PUNC">:</span><span class="WHIT">     </span><span class="STRN">'1.2.840.113549.1.9.14'</span><span class="PUNC">,</span><span class="COMM">// CSR extensionRequest</span><span class="WHIT">
-<span class='line'>4414</span> </span><span class="WHIT">	</span><span class="STRN">'contentType'</span><span class="PUNC">:</span><span class="WHIT">		</span><span class="STRN">'1.2.840.113549.1.9.3'</span><span class="PUNC">,</span><span class="COMM">//PKCS#9</span><span class="WHIT">
-<span class='line'>4415</span> </span><span class="WHIT">	</span><span class="STRN">'messageDigest'</span><span class="PUNC">:</span><span class="WHIT">	</span><span class="STRN">'1.2.840.113549.1.9.4'</span><span class="PUNC">,</span><span class="COMM">//PKCS#9</span><span class="WHIT">
-<span class='line'>4416</span> </span><span class="WHIT">	</span><span class="STRN">'signingTime'</span><span class="PUNC">:</span><span class="WHIT">		</span><span class="STRN">'1.2.840.113549.1.9.5'</span><span class="PUNC">,</span><span class="COMM">//PKCS#9</span><span class="WHIT">
-<span class='line'>4417</span> </span><span class="WHIT">	</span><span class="STRN">'counterSignature'</span><span class="PUNC">:</span><span class="WHIT">	</span><span class="STRN">'1.2.840.113549.1.9.6'</span><span class="PUNC">,</span><span class="COMM">//PKCS#9</span><span class="WHIT">
-<span class='line'>4418</span> </span><span class="WHIT">	</span><span class="STRN">'archiveTimeStampV3'</span><span class="PUNC">:</span><span class="WHIT">	</span><span class="STRN">'0.4.0.1733.2.4'</span><span class="PUNC">,</span><span class="COMM">//ETSI EN29319122/TS101733</span><span class="WHIT">
-<span class='line'>4419</span> </span><span class="WHIT">	</span><span class="STRN">'pdfRevocationInfoArchival'</span><span class="PUNC">:</span><span class="STRN">'1.2.840.113583.1.1.8'</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="COMM">//Adobe</span><span class="WHIT">
-<span class='line'>4420</span> </span><span class="WHIT">	</span><span class="STRN">'adobeTimeStamp'</span><span class="PUNC">:</span><span class="WHIT">	</span><span class="STRN">'1.2.840.113583.1.1.9.1'</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="COMM">// Adobe</span><span class="WHIT">
-<span class='line'>4421</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4422</span> 
-<span class='line'>4423</span> </span><span class="WHIT">    </span><span class="NAME">this.atype2oidList</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>4424</span> </span><span class="WHIT">	</span><span class="COMM">// RFC 4514 AttributeType name string (MUST recognized)</span><span class="WHIT">
-<span class='line'>4425</span> </span><span class="WHIT">        </span><span class="STRN">'CN'</span><span class="PUNC">:</span><span class="WHIT">		</span><span class="STRN">'2.5.4.3'</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>4426</span> </span><span class="WHIT">        </span><span class="STRN">'L'</span><span class="PUNC">:</span><span class="WHIT">		</span><span class="STRN">'2.5.4.7'</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>4427</span> </span><span class="WHIT">        </span><span class="STRN">'ST'</span><span class="PUNC">:</span><span class="WHIT">		</span><span class="STRN">'2.5.4.8'</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>4428</span> </span><span class="WHIT">        </span><span class="STRN">'O'</span><span class="PUNC">:</span><span class="WHIT">		</span><span class="STRN">'2.5.4.10'</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>4429</span> </span><span class="WHIT">        </span><span class="STRN">'OU'</span><span class="PUNC">:</span><span class="WHIT">		</span><span class="STRN">'2.5.4.11'</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>4430</span> </span><span class="WHIT">        </span><span class="STRN">'C'</span><span class="PUNC">:</span><span class="WHIT">		</span><span class="STRN">'2.5.4.6'</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>4431</span> </span><span class="WHIT">        </span><span class="STRN">'STREET'</span><span class="PUNC">:</span><span class="WHIT">	</span><span class="STRN">'2.5.4.9'</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>4432</span> </span><span class="WHIT">        </span><span class="STRN">'DC'</span><span class="PUNC">:</span><span class="WHIT">		</span><span class="STRN">'0.9.2342.19200300.100.1.25'</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>4433</span> </span><span class="WHIT">        </span><span class="STRN">'UID'</span><span class="PUNC">:</span><span class="WHIT">		</span><span class="STRN">'0.9.2342.19200300.100.1.1'</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>4434</span> </span><span class="WHIT">	</span><span class="COMM">// other AttributeType name string</span><span class="WHIT">
-<span class='line'>4435</span> </span><span class="WHIT">	</span><span class="COMM">// http://blog.livedoor.jp/k_urushima/archives/656114.html</span><span class="WHIT">
-<span class='line'>4436</span> </span><span class="WHIT">        </span><span class="STRN">'SN'</span><span class="PUNC">:</span><span class="WHIT">		</span><span class="STRN">'2.5.4.4'</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="COMM">// surname</span><span class="WHIT">
-<span class='line'>4437</span> </span><span class="WHIT">        </span><span class="STRN">'T'</span><span class="PUNC">:</span><span class="WHIT">		</span><span class="STRN">'2.5.4.12'</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="COMM">// title</span><span class="WHIT">
-<span class='line'>4438</span> </span><span class="WHIT">        </span><span class="STRN">'DN'</span><span class="PUNC">:</span><span class="WHIT">		</span><span class="STRN">'2.5.4.49'</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="COMM">// distinguishedName</span><span class="WHIT">
-<span class='line'>4439</span> </span><span class="WHIT">        </span><span class="STRN">'E'</span><span class="PUNC">:</span><span class="WHIT">		</span><span class="STRN">'1.2.840.113549.1.9.1'</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="COMM">// emailAddress in MS.NET or Bouncy</span><span class="WHIT">
-<span class='line'>4440</span> </span><span class="WHIT">	</span><span class="COMM">// other AttributeType name string (no short name)</span><span class="WHIT">
-<span class='line'>4441</span> </span><span class="WHIT">	</span><span class="STRN">'description'</span><span class="PUNC">:</span><span class="WHIT">			</span><span class="STRN">'2.5.4.13'</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>4442</span> </span><span class="WHIT">	</span><span class="STRN">'businessCategory'</span><span class="PUNC">:</span><span class="WHIT">		</span><span class="STRN">'2.5.4.15'</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>4443</span> </span><span class="WHIT">	</span><span class="STRN">'postalCode'</span><span class="PUNC">:</span><span class="WHIT">			</span><span class="STRN">'2.5.4.17'</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>4444</span> </span><span class="WHIT">	</span><span class="STRN">'serialNumber'</span><span class="PUNC">:</span><span class="WHIT">			</span><span class="STRN">'2.5.4.5'</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>4445</span> </span><span class="WHIT">	</span><span class="STRN">'uniqueIdentifier'</span><span class="PUNC">:</span><span class="WHIT">		</span><span class="STRN">'2.5.4.45'</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>4446</span> </span><span class="WHIT">	</span><span class="STRN">'organizationIdentifier'</span><span class="PUNC">:</span><span class="WHIT">	</span><span class="STRN">'2.5.4.97'</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>4447</span> </span><span class="WHIT">	</span><span class="STRN">'jurisdictionOfIncorporationL'</span><span class="PUNC">:</span><span class="WHIT">	</span><span class="STRN">'1.3.6.1.4.1.311.60.2.1.1'</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>4448</span> </span><span class="WHIT">	</span><span class="STRN">'jurisdictionOfIncorporationSP'</span><span class="PUNC">:</span><span class="STRN">'1.3.6.1.4.1.311.60.2.1.2'</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>4449</span> </span><span class="WHIT">	</span><span class="STRN">'jurisdictionOfIncorporationC'</span><span class="PUNC">:</span><span class="WHIT">	</span><span class="STRN">'1.3.6.1.4.1.311.60.2.1.3'</span><span class="WHIT">
-<span class='line'>4450</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4451</span> </span><span class="WHIT">    
-<span class='line'>4452</span>     </span><span class="NAME">this.objCache</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4453</span> 
-<span class='line'>4454</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>4455</span>      * get DERObjectIdentifier by registered OID name
-<span class='line'>4456</span>      * @name name2obj
-<span class='line'>4457</span>      * @memberOf KJUR.asn1.x509.OID
-<span class='line'>4458</span>      * @function
-<span class='line'>4459</span>      * @param {String} name OID
-<span class='line'>4460</span>      * @return {Object} DERObjectIdentifier instance
-<span class='line'>4461</span>      * @see KJUR.asn1.DERObjectIdentifier
-<span class='line'>4462</span>      *
-<span class='line'>4463</span>      * @description
-<span class='line'>4464</span>      * This static method returns DERObjectIdentifier object
-<span class='line'>4465</span>      * for the specified OID.
-<span class='line'>4466</span>      *
-<span class='line'>4467</span>      * @example
-<span class='line'>4468</span>      * var asn1ObjOID = KJUR.asn1.x509.OID.name2obj('SHA1withRSA');
-<span class='line'>4469</span>      */</span><span class="WHIT">
-<span class='line'>4470</span> </span><span class="WHIT">    </span><span class="NAME">this.name2obj</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">name</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>4471</span> </span><span class="WHIT">        </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">typeof</span><span class="WHIT"> </span><span class="NAME">this.objCache</span><span class="PUNC">[</span><span class="NAME">name</span><span class="PUNC">]</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="STRN">"undefined"</span><span class="PUNC">)</span><span class="WHIT">
-<span class='line'>4472</span> </span><span class="WHIT">            </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">this.objCache</span><span class="PUNC">[</span><span class="NAME">name</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4473</span> </span><span class="WHIT">        </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">typeof</span><span class="WHIT"> </span><span class="NAME">this.name2oidList</span><span class="PUNC">[</span><span class="NAME">name</span><span class="PUNC">]</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"undefined"</span><span class="PUNC">)</span><span class="WHIT">
-<span class='line'>4474</span> </span><span class="WHIT">            </span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="STRN">"Name of ObjectIdentifier not defined: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">name</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4475</span> </span><span class="WHIT">        </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.name2oidList</span><span class="PUNC">[</span><span class="NAME">name</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4476</span> </span><span class="WHIT">        </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">obj</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">_DERObjectIdentifier</span><span class="PUNC">(</span><span class="PUNC">{</span><span class="STRN">'oid'</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">oid</span><span class="PUNC">}</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4477</span> </span><span class="WHIT">        </span><span class="NAME">this.objCache</span><span class="PUNC">[</span><span class="NAME">name</span><span class="PUNC">]</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">obj</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4478</span> </span><span class="WHIT">        </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">obj</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4479</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4480</span> 
-<span class='line'>4481</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>4482</span>      * get DERObjectIdentifier by registered attribute type name such like 'C' or 'CN'&lt;br/>
-<span class='line'>4483</span>      * @name atype2obj
-<span class='line'>4484</span>      * @memberOf KJUR.asn1.x509.OID
-<span class='line'>4485</span>      * @function
-<span class='line'>4486</span>      * @param {String} atype short attribute type name such like 'C', 'CN' or OID
-<span class='line'>4487</span>      * @return KJUR.asn1.DERObjectIdentifier instance
-<span class='line'>4488</span>      * @description
-<span class='line'>4489</span>      * @example
-<span class='line'>4490</span>      * KJUR.asn1.x509.OID.atype2obj('CN') &rarr; DERObjectIdentifier of 2.5.4.3
-<span class='line'>4491</span>      * KJUR.asn1.x509.OID.atype2obj('OU') &rarr; DERObjectIdentifier of 2.5.4.11
-<span class='line'>4492</span>      * KJUR.asn1.x509.OID.atype2obj('streetAddress') &rarr; DERObjectIdentifier of 2.5.4.9
-<span class='line'>4493</span>      * KJUR.asn1.x509.OID.atype2obj('2.5.4.9') &rarr; DERObjectIdentifier of 2.5.4.9
-<span class='line'>4494</span>      */</span><span class="WHIT">
-<span class='line'>4495</span> </span><span class="WHIT">    </span><span class="NAME">this.atype2obj</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">atype</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>4496</span> </span><span class="WHIT">        </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">this.objCache</span><span class="PUNC">[</span><span class="NAME">atype</span><span class="PUNC">]</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT">
-<span class='line'>4497</span> </span><span class="WHIT">            </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">this.objCache</span><span class="PUNC">[</span><span class="NAME">atype</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4498</span> 
-<span class='line'>4499</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">oid</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4500</span> 
-<span class='line'>4501</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">atype.match</span><span class="PUNC">(</span><span class="REGX">/^\d+\.\d+\.[0-9.]+$/</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>4502</span> </span><span class="WHIT">	    </span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">atype</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4503</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">this.atype2oidList</span><span class="PUNC">[</span><span class="NAME">atype</span><span class="PUNC">]</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>4504</span> </span><span class="WHIT">	    </span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.atype2oidList</span><span class="PUNC">[</span><span class="NAME">atype</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4505</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">this.name2oidList</span><span class="PUNC">[</span><span class="NAME">atype</span><span class="PUNC">]</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>4506</span> </span><span class="WHIT">	    </span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.name2oidList</span><span class="PUNC">[</span><span class="NAME">atype</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4507</span> </span><span class="WHIT">    	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>4508</span> </span><span class="WHIT">            </span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Error</span><span class="PUNC">(</span><span class="STRN">"AttributeType name undefined: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">atype</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4509</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>4510</span> </span><span class="WHIT">        </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">obj</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">_DERObjectIdentifier</span><span class="PUNC">(</span><span class="PUNC">{</span><span class="STRN">'oid'</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">oid</span><span class="PUNC">}</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4511</span> </span><span class="WHIT">        </span><span class="NAME">this.objCache</span><span class="PUNC">[</span><span class="NAME">atype</span><span class="PUNC">]</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">obj</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4512</span> </span><span class="WHIT">        </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">obj</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4513</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4514</span> 
-<span class='line'>4515</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>4516</span>      * register OID list&lt;br/>
-<span class='line'>4517</span>      * @name registerOIDs
-<span class='line'>4518</span>      * @memberOf KJUR.asn1.x509.OID
-<span class='line'>4519</span>      * @function
-<span class='line'>4520</span>      * @param {object} oids associative array of names and oids
-<span class='line'>4521</span>      * @since jsrsasign 10.5.2 asn1x509 2.1.11
-<span class='line'>4522</span>      * @see KJUR.asn1.x509.OID.checkOIDs
-<span class='line'>4523</span>      * 
-<span class='line'>4524</span>      * @description
-<span class='line'>4525</span>      * This static method to register an oids to existing list
-<span class='line'>4526</span>      * additionally.
-<span class='line'>4527</span>      *
-<span class='line'>4528</span>      * @example
-<span class='line'>4529</span>      * KJUR.asn1.x509.OID.checkOIDs({
-<span class='line'>4530</span>      *   "test1": "4.5.7.8"
-<span class='line'>4531</span>      * }) // do nothing for invalid list
-<span class='line'>4532</span>      *
-<span class='line'>4533</span>      * KJUR.asn1.x509.OID.registerOIDs({
-<span class='line'>4534</span>      *   "test1": "1.2.3",
-<span class='line'>4535</span>      *   "test2": "0.2.3.4.23",
-<span class='line'>4536</span>      * }) // successfully registered
-<span class='line'>4537</span>      *
-<span class='line'>4538</span>      * KJUR.asn1.x509.OID.name2oid("test1") &rarr; "1.2.3"
-<span class='line'>4539</span>      */</span><span class="WHIT">
-<span class='line'>4540</span> </span><span class="WHIT">    </span><span class="NAME">this.registerOIDs</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">oids</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>4541</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="PUNC">!</span><span class="WHIT"> </span><span class="NAME">this.checkOIDs</span><span class="PUNC">(</span><span class="NAME">oids</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4542</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">name</span><span class="WHIT"> </span><span class="KEYW">in</span><span class="WHIT"> </span><span class="NAME">oids</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>4543</span> </span><span class="WHIT">	    </span><span class="NAME">this.name2oidList</span><span class="PUNC">[</span><span class="NAME">name</span><span class="PUNC">]</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">oids</span><span class="PUNC">[</span><span class="NAME">name</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4544</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>4545</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4546</span> 
-<span class='line'>4547</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>4548</span>      * check validity for OID list&lt;br/>
-<span class='line'>4549</span>      * @name checkOIDs
-<span class='line'>4550</span>      * @memberOf KJUR.asn1.x509.OID
-<span class='line'>4551</span>      * @function
-<span class='line'>4552</span>      * @param {object} oids associative array of names and oids
-<span class='line'>4553</span>      * @return {boolean} return true when valid OID list otherwise false
-<span class='line'>4554</span>      * @since jsrsasign 10.5.2 asn1x509 2.1.11
-<span class='line'>4555</span>      * @see KJUR.asn1.x509.OID.registOIDs
-<span class='line'>4556</span>      * 
-<span class='line'>4557</span>      * @description
-<span class='line'>4558</span>      * This static method validates an associative array
-<span class='line'>4559</span>      * as oid list.
-<span class='line'>4560</span>      *
-<span class='line'>4561</span>      * @example
-<span class='line'>4562</span>      * KJUR.asn1.x509.OID.checkOIDs(*non-assoc-array*) &rarr; false
-<span class='line'>4563</span>      * KJUR.asn1.x509.OID.checkOIDs({}) &rarr; false
-<span class='line'>4564</span>      * KJUR.asn1.x509.OID.checkOIDs({"test1": "apple"}) &rarr; false
-<span class='line'>4565</span>      * KJUR.asn1.x509.OID.checkOIDs({
-<span class='line'>4566</span>      *   "test1": "1.2.3",
-<span class='line'>4567</span>      *   "test2": "0.2.3.4.23",
-<span class='line'>4568</span>      * }) &rarr; true // valid oids
-<span class='line'>4569</span>      * KJUR.asn1.x509.OID.checkOIDs({
-<span class='line'>4570</span>      *   "test1": "4.5.7.8"
-<span class='line'>4571</span>      * }) &rarr; false // invalid oid
-<span class='line'>4572</span>      */</span><span class="WHIT">
-<span class='line'>4573</span> </span><span class="WHIT">    </span><span class="NAME">this.checkOIDs</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">oids</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>4574</span> </span><span class="WHIT">	</span><span class="KEYW">try</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>4575</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">nameList</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">Object.keys</span><span class="PUNC">(</span><span class="NAME">oids</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4576</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">nameList.length</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="WHIT">
-<span class='line'>4577</span> </span><span class="WHIT">		</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="KEYW">false</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4578</span> </span><span class="WHIT">	    </span><span class="NAME">nameList.map</span><span class="PUNC">(</span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">value</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">index</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">array</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>4579</span> </span><span class="WHIT">		</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">this</span><span class="PUNC">[</span><span class="NAME">value</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4580</span> </span><span class="WHIT">		</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="PUNC">!</span><span class="WHIT"> </span><span class="NAME">oid.match</span><span class="PUNC">(</span><span class="REGX">/^[0-2]\.[0-9.]+$/</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="WHIT">
-<span class='line'>4581</span> </span><span class="WHIT">		    </span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Error</span><span class="PUNC">(</span><span class="STRN">"value is not OID"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4582</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">oids</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4583</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4584</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">catch</span><span class="PUNC">(</span><span class="NAME">ex</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>4585</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="KEYW">false</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4586</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>4587</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4588</span> 
-<span class='line'>4589</span> 
-<span class='line'>4590</span> </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4398</span> </span><span class="WHIT">        </span><span class="STRN">'pkcs5PBES2'</span><span class="PUNC">:</span><span class="WHIT">           </span><span class="STRN">'1.2.840.113549.1.5.13'</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4399</span> </span><span class="WHIT">        </span><span class="STRN">'pkcs5PBKDF2'</span><span class="PUNC">:</span><span class="WHIT">          </span><span class="STRN">'1.2.840.113549.1.5.12'</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4400</span> 
+<span class='line'>4401</span> </span><span class="WHIT">        </span><span class="STRN">'des-EDE3-CBC'</span><span class="PUNC">:</span><span class="WHIT">         </span><span class="STRN">'1.2.840.113549.3.7'</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4402</span> 
+<span class='line'>4403</span> </span><span class="WHIT">        </span><span class="STRN">'data'</span><span class="PUNC">:</span><span class="WHIT">                 </span><span class="STRN">'1.2.840.113549.1.7.1'</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="COMM">// CMS data</span><span class="WHIT">
+<span class='line'>4404</span> </span><span class="WHIT">        </span><span class="STRN">'signed-data'</span><span class="PUNC">:</span><span class="WHIT">          </span><span class="STRN">'1.2.840.113549.1.7.2'</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="COMM">// CMS signed-data</span><span class="WHIT">
+<span class='line'>4405</span> </span><span class="WHIT">        </span><span class="STRN">'enveloped-data'</span><span class="PUNC">:</span><span class="WHIT">       </span><span class="STRN">'1.2.840.113549.1.7.3'</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="COMM">// CMS enveloped-data</span><span class="WHIT">
+<span class='line'>4406</span> </span><span class="WHIT">        </span><span class="STRN">'digested-data'</span><span class="PUNC">:</span><span class="WHIT">        </span><span class="STRN">'1.2.840.113549.1.7.5'</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="COMM">// CMS digested-data</span><span class="WHIT">
+<span class='line'>4407</span> </span><span class="WHIT">        </span><span class="STRN">'encrypted-data'</span><span class="PUNC">:</span><span class="WHIT">       </span><span class="STRN">'1.2.840.113549.1.7.6'</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="COMM">// CMS encrypted-data</span><span class="WHIT">
+<span class='line'>4408</span> </span><span class="WHIT">        </span><span class="STRN">'authenticated-data'</span><span class="PUNC">:</span><span class="WHIT">   </span><span class="STRN">'1.2.840.113549.1.9.16.1.2'</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="COMM">// CMS authenticated-data</span><span class="WHIT">
+<span class='line'>4409</span> </span><span class="WHIT">        </span><span class="STRN">'tstinfo'</span><span class="PUNC">:</span><span class="WHIT">              </span><span class="STRN">'1.2.840.113549.1.9.16.1.4'</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="COMM">// RFC3161 TSTInfo</span><span class="WHIT">
+<span class='line'>4410</span> </span><span class="WHIT">	</span><span class="STRN">'signingCertificate'</span><span class="PUNC">:</span><span class="WHIT">	</span><span class="STRN">'1.2.840.113549.1.9.16.2.12'</span><span class="PUNC">,</span><span class="COMM">// SMIME</span><span class="WHIT">
+<span class='line'>4411</span> </span><span class="WHIT">	</span><span class="STRN">'timeStampToken'</span><span class="PUNC">:</span><span class="WHIT">	</span><span class="STRN">'1.2.840.113549.1.9.16.2.14'</span><span class="PUNC">,</span><span class="COMM">// sigTS</span><span class="WHIT">
+<span class='line'>4412</span> </span><span class="WHIT">	</span><span class="STRN">'signaturePolicyIdentifier'</span><span class="PUNC">:</span><span class="WHIT">	</span><span class="STRN">'1.2.840.113549.1.9.16.2.15'</span><span class="PUNC">,</span><span class="COMM">// cades</span><span class="WHIT">
+<span class='line'>4413</span> </span><span class="WHIT">	</span><span class="STRN">'etsArchiveTimeStamp'</span><span class="PUNC">:</span><span class="WHIT">	</span><span class="STRN">'1.2.840.113549.1.9.16.2.27'</span><span class="PUNC">,</span><span class="COMM">// SMIME</span><span class="WHIT">
+<span class='line'>4414</span> </span><span class="WHIT">	</span><span class="STRN">'signingCertificateV2'</span><span class="PUNC">:</span><span class="WHIT">	</span><span class="STRN">'1.2.840.113549.1.9.16.2.47'</span><span class="PUNC">,</span><span class="COMM">// SMIME</span><span class="WHIT">
+<span class='line'>4415</span> </span><span class="WHIT">	</span><span class="STRN">'etsArchiveTimeStampV2'</span><span class="PUNC">:</span><span class="STRN">'1.2.840.113549.1.9.16.2.48'</span><span class="PUNC">,</span><span class="COMM">// SMIME</span><span class="WHIT">
+<span class='line'>4416</span> </span><span class="WHIT">        </span><span class="STRN">'extensionRequest'</span><span class="PUNC">:</span><span class="WHIT">     </span><span class="STRN">'1.2.840.113549.1.9.14'</span><span class="PUNC">,</span><span class="COMM">// CSR extensionRequest</span><span class="WHIT">
+<span class='line'>4417</span> </span><span class="WHIT">	</span><span class="STRN">'contentType'</span><span class="PUNC">:</span><span class="WHIT">		</span><span class="STRN">'1.2.840.113549.1.9.3'</span><span class="PUNC">,</span><span class="COMM">//PKCS#9</span><span class="WHIT">
+<span class='line'>4418</span> </span><span class="WHIT">	</span><span class="STRN">'messageDigest'</span><span class="PUNC">:</span><span class="WHIT">	</span><span class="STRN">'1.2.840.113549.1.9.4'</span><span class="PUNC">,</span><span class="COMM">//PKCS#9</span><span class="WHIT">
+<span class='line'>4419</span> </span><span class="WHIT">	</span><span class="STRN">'signingTime'</span><span class="PUNC">:</span><span class="WHIT">		</span><span class="STRN">'1.2.840.113549.1.9.5'</span><span class="PUNC">,</span><span class="COMM">//PKCS#9</span><span class="WHIT">
+<span class='line'>4420</span> </span><span class="WHIT">	</span><span class="STRN">'counterSignature'</span><span class="PUNC">:</span><span class="WHIT">	</span><span class="STRN">'1.2.840.113549.1.9.6'</span><span class="PUNC">,</span><span class="COMM">//PKCS#9</span><span class="WHIT">
+<span class='line'>4421</span> </span><span class="WHIT">	</span><span class="STRN">'archiveTimeStampV3'</span><span class="PUNC">:</span><span class="WHIT">	</span><span class="STRN">'0.4.0.1733.2.4'</span><span class="PUNC">,</span><span class="COMM">//ETSI EN29319122/TS101733</span><span class="WHIT">
+<span class='line'>4422</span> </span><span class="WHIT">	</span><span class="STRN">'pdfRevocationInfoArchival'</span><span class="PUNC">:</span><span class="STRN">'1.2.840.113583.1.1.8'</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="COMM">//Adobe</span><span class="WHIT">
+<span class='line'>4423</span> </span><span class="WHIT">	</span><span class="STRN">'adobeTimeStamp'</span><span class="PUNC">:</span><span class="WHIT">	</span><span class="STRN">'1.2.840.113583.1.1.9.1'</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="COMM">// Adobe</span><span class="WHIT">
+<span class='line'>4424</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4425</span> 
+<span class='line'>4426</span> </span><span class="WHIT">    </span><span class="NAME">this.atype2oidList</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>4427</span> </span><span class="WHIT">	</span><span class="COMM">// RFC 4514 AttributeType name string (MUST recognized)</span><span class="WHIT">
+<span class='line'>4428</span> </span><span class="WHIT">        </span><span class="STRN">'CN'</span><span class="PUNC">:</span><span class="WHIT">		</span><span class="STRN">'2.5.4.3'</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4429</span> </span><span class="WHIT">        </span><span class="STRN">'L'</span><span class="PUNC">:</span><span class="WHIT">		</span><span class="STRN">'2.5.4.7'</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4430</span> </span><span class="WHIT">        </span><span class="STRN">'ST'</span><span class="PUNC">:</span><span class="WHIT">		</span><span class="STRN">'2.5.4.8'</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4431</span> </span><span class="WHIT">        </span><span class="STRN">'O'</span><span class="PUNC">:</span><span class="WHIT">		</span><span class="STRN">'2.5.4.10'</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4432</span> </span><span class="WHIT">        </span><span class="STRN">'OU'</span><span class="PUNC">:</span><span class="WHIT">		</span><span class="STRN">'2.5.4.11'</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4433</span> </span><span class="WHIT">        </span><span class="STRN">'C'</span><span class="PUNC">:</span><span class="WHIT">		</span><span class="STRN">'2.5.4.6'</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4434</span> </span><span class="WHIT">        </span><span class="STRN">'STREET'</span><span class="PUNC">:</span><span class="WHIT">	</span><span class="STRN">'2.5.4.9'</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4435</span> </span><span class="WHIT">        </span><span class="STRN">'DC'</span><span class="PUNC">:</span><span class="WHIT">		</span><span class="STRN">'0.9.2342.19200300.100.1.25'</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4436</span> </span><span class="WHIT">        </span><span class="STRN">'UID'</span><span class="PUNC">:</span><span class="WHIT">		</span><span class="STRN">'0.9.2342.19200300.100.1.1'</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4437</span> </span><span class="WHIT">	</span><span class="COMM">// other AttributeType name string</span><span class="WHIT">
+<span class='line'>4438</span> </span><span class="WHIT">	</span><span class="COMM">// http://blog.livedoor.jp/k_urushima/archives/656114.html</span><span class="WHIT">
+<span class='line'>4439</span> </span><span class="WHIT">        </span><span class="STRN">'SN'</span><span class="PUNC">:</span><span class="WHIT">		</span><span class="STRN">'2.5.4.4'</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="COMM">// surname</span><span class="WHIT">
+<span class='line'>4440</span> </span><span class="WHIT">        </span><span class="STRN">'T'</span><span class="PUNC">:</span><span class="WHIT">		</span><span class="STRN">'2.5.4.12'</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="COMM">// title</span><span class="WHIT">
+<span class='line'>4441</span> </span><span class="WHIT">        </span><span class="STRN">'DN'</span><span class="PUNC">:</span><span class="WHIT">		</span><span class="STRN">'2.5.4.49'</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="COMM">// distinguishedName</span><span class="WHIT">
+<span class='line'>4442</span> </span><span class="WHIT">        </span><span class="STRN">'E'</span><span class="PUNC">:</span><span class="WHIT">		</span><span class="STRN">'1.2.840.113549.1.9.1'</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="COMM">// emailAddress in MS.NET or Bouncy</span><span class="WHIT">
+<span class='line'>4443</span> </span><span class="WHIT">	</span><span class="COMM">// other AttributeType name string (no short name)</span><span class="WHIT">
+<span class='line'>4444</span> </span><span class="WHIT">	</span><span class="STRN">'description'</span><span class="PUNC">:</span><span class="WHIT">			</span><span class="STRN">'2.5.4.13'</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4445</span> </span><span class="WHIT">	</span><span class="STRN">'businessCategory'</span><span class="PUNC">:</span><span class="WHIT">		</span><span class="STRN">'2.5.4.15'</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4446</span> </span><span class="WHIT">	</span><span class="STRN">'postalCode'</span><span class="PUNC">:</span><span class="WHIT">			</span><span class="STRN">'2.5.4.17'</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4447</span> </span><span class="WHIT">	</span><span class="STRN">'serialNumber'</span><span class="PUNC">:</span><span class="WHIT">			</span><span class="STRN">'2.5.4.5'</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4448</span> </span><span class="WHIT">	</span><span class="STRN">'uniqueIdentifier'</span><span class="PUNC">:</span><span class="WHIT">		</span><span class="STRN">'2.5.4.45'</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4449</span> </span><span class="WHIT">	</span><span class="STRN">'organizationIdentifier'</span><span class="PUNC">:</span><span class="WHIT">	</span><span class="STRN">'2.5.4.97'</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4450</span> </span><span class="WHIT">	</span><span class="STRN">'jurisdictionOfIncorporationL'</span><span class="PUNC">:</span><span class="WHIT">	</span><span class="STRN">'1.3.6.1.4.1.311.60.2.1.1'</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4451</span> </span><span class="WHIT">	</span><span class="STRN">'jurisdictionOfIncorporationSP'</span><span class="PUNC">:</span><span class="STRN">'1.3.6.1.4.1.311.60.2.1.2'</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4452</span> </span><span class="WHIT">	</span><span class="STRN">'jurisdictionOfIncorporationC'</span><span class="PUNC">:</span><span class="WHIT">	</span><span class="STRN">'1.3.6.1.4.1.311.60.2.1.3'</span><span class="WHIT">
+<span class='line'>4453</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4454</span> </span><span class="WHIT">    
+<span class='line'>4455</span>     </span><span class="NAME">this.objCache</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4456</span> 
+<span class='line'>4457</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>4458</span>      * get DERObjectIdentifier by registered OID name
+<span class='line'>4459</span>      * @name name2obj
+<span class='line'>4460</span>      * @memberOf KJUR.asn1.x509.OID
+<span class='line'>4461</span>      * @function
+<span class='line'>4462</span>      * @param {String} name OID
+<span class='line'>4463</span>      * @return {Object} DERObjectIdentifier instance
+<span class='line'>4464</span>      * @see KJUR.asn1.DERObjectIdentifier
+<span class='line'>4465</span>      *
+<span class='line'>4466</span>      * @description
+<span class='line'>4467</span>      * This static method returns DERObjectIdentifier object
+<span class='line'>4468</span>      * for the specified OID.
+<span class='line'>4469</span>      *
+<span class='line'>4470</span>      * @example
+<span class='line'>4471</span>      * var asn1ObjOID = KJUR.asn1.x509.OID.name2obj('SHA1withRSA');
+<span class='line'>4472</span>      */</span><span class="WHIT">
+<span class='line'>4473</span> </span><span class="WHIT">    </span><span class="NAME">this.name2obj</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">name</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>4474</span> </span><span class="WHIT">        </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">typeof</span><span class="WHIT"> </span><span class="NAME">this.objCache</span><span class="PUNC">[</span><span class="NAME">name</span><span class="PUNC">]</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="STRN">"undefined"</span><span class="PUNC">)</span><span class="WHIT">
+<span class='line'>4475</span> </span><span class="WHIT">            </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">this.objCache</span><span class="PUNC">[</span><span class="NAME">name</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4476</span> </span><span class="WHIT">        </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">typeof</span><span class="WHIT"> </span><span class="NAME">this.name2oidList</span><span class="PUNC">[</span><span class="NAME">name</span><span class="PUNC">]</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"undefined"</span><span class="PUNC">)</span><span class="WHIT">
+<span class='line'>4477</span> </span><span class="WHIT">            </span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="STRN">"Name of ObjectIdentifier not defined: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">name</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4478</span> </span><span class="WHIT">        </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.name2oidList</span><span class="PUNC">[</span><span class="NAME">name</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4479</span> </span><span class="WHIT">        </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">obj</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">_DERObjectIdentifier</span><span class="PUNC">(</span><span class="PUNC">{</span><span class="STRN">'oid'</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">oid</span><span class="PUNC">}</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4480</span> </span><span class="WHIT">        </span><span class="NAME">this.objCache</span><span class="PUNC">[</span><span class="NAME">name</span><span class="PUNC">]</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">obj</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4481</span> </span><span class="WHIT">        </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">obj</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4482</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4483</span> 
+<span class='line'>4484</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>4485</span>      * get DERObjectIdentifier by registered attribute type name such like 'C' or 'CN'&lt;br/>
+<span class='line'>4486</span>      * @name atype2obj
+<span class='line'>4487</span>      * @memberOf KJUR.asn1.x509.OID
+<span class='line'>4488</span>      * @function
+<span class='line'>4489</span>      * @param {String} atype short attribute type name such like 'C', 'CN' or OID
+<span class='line'>4490</span>      * @return KJUR.asn1.DERObjectIdentifier instance
+<span class='line'>4491</span>      * @description
+<span class='line'>4492</span>      * @example
+<span class='line'>4493</span>      * KJUR.asn1.x509.OID.atype2obj('CN') &rarr; DERObjectIdentifier of 2.5.4.3
+<span class='line'>4494</span>      * KJUR.asn1.x509.OID.atype2obj('OU') &rarr; DERObjectIdentifier of 2.5.4.11
+<span class='line'>4495</span>      * KJUR.asn1.x509.OID.atype2obj('streetAddress') &rarr; DERObjectIdentifier of 2.5.4.9
+<span class='line'>4496</span>      * KJUR.asn1.x509.OID.atype2obj('2.5.4.9') &rarr; DERObjectIdentifier of 2.5.4.9
+<span class='line'>4497</span>      */</span><span class="WHIT">
+<span class='line'>4498</span> </span><span class="WHIT">    </span><span class="NAME">this.atype2obj</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">atype</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>4499</span> </span><span class="WHIT">        </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">this.objCache</span><span class="PUNC">[</span><span class="NAME">atype</span><span class="PUNC">]</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT">
+<span class='line'>4500</span> </span><span class="WHIT">            </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">this.objCache</span><span class="PUNC">[</span><span class="NAME">atype</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4501</span> 
+<span class='line'>4502</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">oid</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4503</span> 
+<span class='line'>4504</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">atype.match</span><span class="PUNC">(</span><span class="REGX">/^\d+\.\d+\.[0-9.]+$/</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>4505</span> </span><span class="WHIT">	    </span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">atype</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4506</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">this.atype2oidList</span><span class="PUNC">[</span><span class="NAME">atype</span><span class="PUNC">]</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>4507</span> </span><span class="WHIT">	    </span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.atype2oidList</span><span class="PUNC">[</span><span class="NAME">atype</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4508</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">this.name2oidList</span><span class="PUNC">[</span><span class="NAME">atype</span><span class="PUNC">]</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>4509</span> </span><span class="WHIT">	    </span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.name2oidList</span><span class="PUNC">[</span><span class="NAME">atype</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4510</span> </span><span class="WHIT">    	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>4511</span> </span><span class="WHIT">            </span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Error</span><span class="PUNC">(</span><span class="STRN">"AttributeType name undefined: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">atype</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4512</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>4513</span> </span><span class="WHIT">        </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">obj</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">_DERObjectIdentifier</span><span class="PUNC">(</span><span class="PUNC">{</span><span class="STRN">'oid'</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">oid</span><span class="PUNC">}</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4514</span> </span><span class="WHIT">        </span><span class="NAME">this.objCache</span><span class="PUNC">[</span><span class="NAME">atype</span><span class="PUNC">]</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">obj</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4515</span> </span><span class="WHIT">        </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">obj</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4516</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4517</span> 
+<span class='line'>4518</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>4519</span>      * register OID list&lt;br/>
+<span class='line'>4520</span>      * @name registerOIDs
+<span class='line'>4521</span>      * @memberOf KJUR.asn1.x509.OID
+<span class='line'>4522</span>      * @function
+<span class='line'>4523</span>      * @param {object} oids associative array of names and oids
+<span class='line'>4524</span>      * @since jsrsasign 10.5.2 asn1x509 2.1.11
+<span class='line'>4525</span>      * @see KJUR.asn1.x509.OID.checkOIDs
+<span class='line'>4526</span>      * 
+<span class='line'>4527</span>      * @description
+<span class='line'>4528</span>      * This static method to register an oids to existing list
+<span class='line'>4529</span>      * additionally.
+<span class='line'>4530</span>      *
+<span class='line'>4531</span>      * @example
+<span class='line'>4532</span>      * KJUR.asn1.x509.OID.checkOIDs({
+<span class='line'>4533</span>      *   "test1": "4.5.7.8"
+<span class='line'>4534</span>      * }) // do nothing for invalid list
+<span class='line'>4535</span>      *
+<span class='line'>4536</span>      * KJUR.asn1.x509.OID.registerOIDs({
+<span class='line'>4537</span>      *   "test1": "1.2.3",
+<span class='line'>4538</span>      *   "test2": "0.2.3.4.23",
+<span class='line'>4539</span>      * }) // successfully registered
+<span class='line'>4540</span>      *
+<span class='line'>4541</span>      * KJUR.asn1.x509.OID.name2oid("test1") &rarr; "1.2.3"
+<span class='line'>4542</span>      */</span><span class="WHIT">
+<span class='line'>4543</span> </span><span class="WHIT">    </span><span class="NAME">this.registerOIDs</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">oids</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>4544</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="PUNC">!</span><span class="WHIT"> </span><span class="NAME">this.checkOIDs</span><span class="PUNC">(</span><span class="NAME">oids</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4545</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">name</span><span class="WHIT"> </span><span class="KEYW">in</span><span class="WHIT"> </span><span class="NAME">oids</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>4546</span> </span><span class="WHIT">	    </span><span class="NAME">this.name2oidList</span><span class="PUNC">[</span><span class="NAME">name</span><span class="PUNC">]</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">oids</span><span class="PUNC">[</span><span class="NAME">name</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4547</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>4548</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4549</span> 
+<span class='line'>4550</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>4551</span>      * check validity for OID list&lt;br/>
+<span class='line'>4552</span>      * @name checkOIDs
+<span class='line'>4553</span>      * @memberOf KJUR.asn1.x509.OID
+<span class='line'>4554</span>      * @function
+<span class='line'>4555</span>      * @param {object} oids associative array of names and oids
+<span class='line'>4556</span>      * @return {boolean} return true when valid OID list otherwise false
+<span class='line'>4557</span>      * @since jsrsasign 10.5.2 asn1x509 2.1.11
+<span class='line'>4558</span>      * @see KJUR.asn1.x509.OID.registOIDs
+<span class='line'>4559</span>      * 
+<span class='line'>4560</span>      * @description
+<span class='line'>4561</span>      * This static method validates an associative array
+<span class='line'>4562</span>      * as oid list.
+<span class='line'>4563</span>      *
+<span class='line'>4564</span>      * @example
+<span class='line'>4565</span>      * KJUR.asn1.x509.OID.checkOIDs(*non-assoc-array*) &rarr; false
+<span class='line'>4566</span>      * KJUR.asn1.x509.OID.checkOIDs({}) &rarr; false
+<span class='line'>4567</span>      * KJUR.asn1.x509.OID.checkOIDs({"test1": "apple"}) &rarr; false
+<span class='line'>4568</span>      * KJUR.asn1.x509.OID.checkOIDs({
+<span class='line'>4569</span>      *   "test1": "1.2.3",
+<span class='line'>4570</span>      *   "test2": "0.2.3.4.23",
+<span class='line'>4571</span>      * }) &rarr; true // valid oids
+<span class='line'>4572</span>      * KJUR.asn1.x509.OID.checkOIDs({
+<span class='line'>4573</span>      *   "test1": "4.5.7.8"
+<span class='line'>4574</span>      * }) &rarr; false // invalid oid
+<span class='line'>4575</span>      */</span><span class="WHIT">
+<span class='line'>4576</span> </span><span class="WHIT">    </span><span class="NAME">this.checkOIDs</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">oids</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>4577</span> </span><span class="WHIT">	</span><span class="KEYW">try</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>4578</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">nameList</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">Object.keys</span><span class="PUNC">(</span><span class="NAME">oids</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4579</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">nameList.length</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="WHIT">
+<span class='line'>4580</span> </span><span class="WHIT">		</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="KEYW">false</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4581</span> </span><span class="WHIT">	    </span><span class="NAME">nameList.map</span><span class="PUNC">(</span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">value</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">index</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">array</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>4582</span> </span><span class="WHIT">		</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">this</span><span class="PUNC">[</span><span class="NAME">value</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4583</span> </span><span class="WHIT">		</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="PUNC">!</span><span class="WHIT"> </span><span class="NAME">oid.match</span><span class="PUNC">(</span><span class="REGX">/^[0-2]\.[0-9.]+$/</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="WHIT">
+<span class='line'>4584</span> </span><span class="WHIT">		    </span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Error</span><span class="PUNC">(</span><span class="STRN">"value is not OID"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4585</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">oids</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4586</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4587</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">catch</span><span class="PUNC">(</span><span class="NAME">ex</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>4588</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="KEYW">false</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4589</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>4590</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
 <span class='line'>4591</span> 
-<span class='line'>4592</span> </span><span class="COMM">/**
-<span class='line'>4593</span>  * convert OID to name&lt;br/>
-<span class='line'>4594</span>  * @name oid2name
-<span class='line'>4595</span>  * @memberOf KJUR.asn1.x509.OID
-<span class='line'>4596</span>  * @function
-<span class='line'>4597</span>  * @param {String} oid dot noted Object Identifer string (ex. 1.2.3.4)
-<span class='line'>4598</span>  * @return {String} OID name if registered otherwise empty string
-<span class='line'>4599</span>  * @since asn1x509 1.0.9
-<span class='line'>4600</span>  * @description
-<span class='line'>4601</span>  * This static method converts OID string to its name.
-<span class='line'>4602</span>  * If OID is undefined then it returns empty string (i.e. '').
-<span class='line'>4603</span>  * @example
-<span class='line'>4604</span>  * KJUR.asn1.x509.OID.oid2name("1.3.6.1.5.5.7.1.1") &rarr; 'authorityInfoAccess'
-<span class='line'>4605</span>  */</span><span class="WHIT">
-<span class='line'>4606</span> </span><span class="NAME">KJUR.asn1.x509.OID.oid2name</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">oid</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>4607</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">list</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">KJUR.asn1.x509.OID.name2oidList</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4608</span> </span><span class="WHIT">    </span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">name</span><span class="WHIT"> </span><span class="KEYW">in</span><span class="WHIT"> </span><span class="NAME">list</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>4609</span> </span><span class="WHIT">        </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">list</span><span class="PUNC">[</span><span class="NAME">name</span><span class="PUNC">]</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NAME">oid</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">name</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4610</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>4611</span> </span><span class="WHIT">    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="STRN">''</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4612</span> </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4613</span> 
-<span class='line'>4614</span> </span><span class="COMM">/**
-<span class='line'>4615</span>  * convert OID to AttributeType name&lt;br/>
-<span class='line'>4616</span>  * @name oid2atype
-<span class='line'>4617</span>  * @memberOf KJUR.asn1.x509.OID
-<span class='line'>4618</span>  * @function
-<span class='line'>4619</span>  * @param {String} oid dot noted Object Identifer string (ex. 1.2.3.4)
-<span class='line'>4620</span>  * @return {String} OID AttributeType name if registered otherwise oid
-<span class='line'>4621</span>  * @since jsrsasign 6.2.2 asn1x509 1.0.18
-<span class='line'>4622</span>  * @description
-<span class='line'>4623</span>  * This static method converts OID string to its AttributeType name.
-<span class='line'>4624</span>  * If OID is not defined in OID.atype2oidList associative array then it returns OID
-<span class='line'>4625</span>  * specified as argument.
-<span class='line'>4626</span>  * @example
-<span class='line'>4627</span>  * KJUR.asn1.x509.OID.oid2atype("2.5.4.3") &rarr; CN
-<span class='line'>4628</span>  * KJUR.asn1.x509.OID.oid2atype("1.3.6.1.4.1.311.60.2.1.3") &rarr; jurisdictionOfIncorporationC
-<span class='line'>4629</span>  * KJUR.asn1.x509.OID.oid2atype("0.1.2.3.4") &rarr; 0.1.2.3.4 // unregistered OID
-<span class='line'>4630</span>  */</span><span class="WHIT">
-<span class='line'>4631</span> </span><span class="NAME">KJUR.asn1.x509.OID.oid2atype</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">oid</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>4632</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">list</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">KJUR.asn1.x509.OID.atype2oidList</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4633</span> </span><span class="WHIT">    </span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">atype</span><span class="WHIT"> </span><span class="KEYW">in</span><span class="WHIT"> </span><span class="NAME">list</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>4634</span> </span><span class="WHIT">        </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">list</span><span class="PUNC">[</span><span class="NAME">atype</span><span class="PUNC">]</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NAME">oid</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">atype</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4635</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>4636</span> </span><span class="WHIT">    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">oid</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4637</span> </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4638</span> 
-<span class='line'>4639</span> </span><span class="COMM">/**
-<span class='line'>4640</span>  * convert OID name to OID value&lt;br/>
-<span class='line'>4641</span>  * @name name2oid
-<span class='line'>4642</span>  * @memberOf KJUR.asn1.x509.OID
-<span class='line'>4643</span>  * @function
-<span class='line'>4644</span>  * @param {String} name OID name or OID (ex. "sha1" or "1.2.3.4")
-<span class='line'>4645</span>  * @return {String} dot noted Object Identifer string (ex. 1.2.3.4)
-<span class='line'>4646</span>  * @since asn1x509 1.0.11
-<span class='line'>4647</span>  * @description
-<span class='line'>4648</span>  * This static method converts from OID name to OID string.
-<span class='line'>4649</span>  * If OID is undefined then it returns empty string (i.e. '').
-<span class='line'>4650</span>  * @example
-<span class='line'>4651</span>  * KJUR.asn1.x509.OID.name2oid("authorityInfoAccess") &rarr; "1.3.6.1.5.5.7.1.1"
-<span class='line'>4652</span>  * KJUR.asn1.x509.OID.name2oid("1.2.3.4") &rarr; "1.2.3.4"
-<span class='line'>4653</span>  * KJUR.asn1.x509.OID.name2oid("UNKNOWN NAME") &rarr; ""
-<span class='line'>4654</span>  */</span><span class="WHIT">
-<span class='line'>4655</span> </span><span class="NAME">KJUR.asn1.x509.OID.name2oid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">name</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>4656</span> </span><span class="WHIT">    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">name.match</span><span class="PUNC">(</span><span class="REGX">/^[0-9.]+$/</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">name</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4657</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">list</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">KJUR.asn1.x509.OID.name2oidList</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4658</span> </span><span class="WHIT">    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">list</span><span class="PUNC">[</span><span class="NAME">name</span><span class="PUNC">]</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="STRN">''</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4659</span> </span><span class="WHIT">    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">list</span><span class="PUNC">[</span><span class="NAME">name</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4660</span> </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4661</span> 
-<span class='line'>4662</span> </span><span class="COMM">/**
-<span class='line'>4663</span>  * X.509 certificate and CRL utilities class&lt;br/>
-<span class='line'>4664</span>  * @name KJUR.asn1.x509.X509Util
-<span class='line'>4665</span>  * @class X.509 certificate and CRL utilities class
-<span class='line'>4666</span>  */</span><span class="WHIT">
-<span class='line'>4667</span> </span><span class="NAME">KJUR.asn1.x509.X509Util</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4668</span> 
-<span class='line'>4669</span> </span><span class="COMM">/**
-<span class='line'>4670</span>  * issue a certificate in PEM format (DEPRECATED)
-<span class='line'>4671</span>  * @name newCertPEM
-<span class='line'>4672</span>  * @memberOf KJUR.asn1.x509.X509Util
-<span class='line'>4673</span>  * @function
-<span class='line'>4674</span>  * @param {Array} param JSON object of parameter to issue a certificate
-<span class='line'>4675</span>  * @since asn1x509 1.0.6
-<span class='line'>4676</span>  * @deprecated since jsrsasign 9.0.0 asn1x509 2.0.0. please move to {@link KJUR.asn1.x509.Certificate} constructor
-<span class='line'>4677</span>  * @description
-<span class='line'>4678</span>  * This method can issue a certificate by a simple
-<span class='line'>4679</span>  * JSON object.
-<span class='line'>4680</span>  * Signature value will be provided by signing with
-<span class='line'>4681</span>  * private key using 'cakey' parameter or
-<span class='line'>4682</span>  * hexadecimal signature value by 'sighex' parameter.
-<span class='line'>4683</span>  * &lt;br/>
-<span class='line'>4684</span>  * NOTE: Algorithm parameter of AlgorithmIdentifier will
-<span class='line'>4685</span>  * be set automatically by default. 
-<span class='line'>4686</span>  * (see {@link KJUR.asn1.x509.AlgorithmIdentifier})
-<span class='line'>4687</span>  * from jsrsasign 7.1.1 asn1x509 1.0.20.
-<span class='line'>4688</span>  * &lt;br/>
-<span class='line'>4689</span>  * NOTE2: 
-<span class='line'>4690</span>  * RSA-PSS algorithm has been supported from jsrsasign 8.0.21.
-<span class='line'>4691</span>  * As for RSA-PSS signature algorithm names and signing parameters 
-<span class='line'>4692</span>  * such as MGF function and salt length, please see
-<span class='line'>4693</span>  * {@link KJUR.asn1.x509.AlgorithmIdentifier} class.
-<span class='line'>4694</span>  *
-<span class='line'>4695</span>  * @example
-<span class='line'>4696</span>  * var certPEM = KJUR.asn1.x509.X509Util.newCertPEM({
-<span class='line'>4697</span>  *   serial: {int: 4},
-<span class='line'>4698</span>  *   sigalg: {name: 'SHA1withECDSA'},
-<span class='line'>4699</span>  *   issuer: {str: '/C=US/O=a'},
-<span class='line'>4700</span>  *   notbefore: {'str': '130504235959Z'},
-<span class='line'>4701</span>  *   notafter: {'str': '140504235959Z'},
-<span class='line'>4702</span>  *   subject: {str: '/C=US/O=b'},
-<span class='line'>4703</span>  *   sbjpubkey: pubKeyObj,
-<span class='line'>4704</span>  *   ext: [
-<span class='line'>4705</span>  *     {basicConstraints: {cA: true, critical: true}},
-<span class='line'>4706</span>  *     {keyUsage: {bin: '11'}},
-<span class='line'>4707</span>  *   ],
-<span class='line'>4708</span>  *   cakey: prvKeyObj
-<span class='line'>4709</span>  * });
-<span class='line'>4710</span>  * // -- or --
-<span class='line'>4711</span>  * var certPEM = KJUR.asn1.x509.X509Util.newCertPEM({
-<span class='line'>4712</span>  *   serial: {int: 4},
-<span class='line'>4713</span>  *   sigalg: {name: 'SHA1withECDSA'},
-<span class='line'>4714</span>  *   issuer: {str: '/C=US/O=a'},
-<span class='line'>4715</span>  *   notbefore: {'str': '130504235959Z'},
-<span class='line'>4716</span>  *   notafter: {'str': '140504235959Z'},
-<span class='line'>4717</span>  *   subject: {str: '/C=US/O=b'},
-<span class='line'>4718</span>  *   sbjpubkey: pubKeyPEM,
-<span class='line'>4719</span>  *   ext: [
-<span class='line'>4720</span>  *     {basicConstraints: {cA: true, critical: true}},
-<span class='line'>4721</span>  *     {keyUsage: {bin: '11'}},
-<span class='line'>4722</span>  *   ],
-<span class='line'>4723</span>  *   cakey: [prvkey, pass]}
-<span class='line'>4724</span>  * );
-<span class='line'>4725</span>  * // -- or --
-<span class='line'>4726</span>  * var certPEM = KJUR.asn1.x509.X509Util.newCertPEM({
-<span class='line'>4727</span>  *   serial: {int: 1},
-<span class='line'>4728</span>  *   sigalg: {name: 'SHA1withRSA'},
-<span class='line'>4729</span>  *   issuer: {str: '/C=US/O=T1'},
-<span class='line'>4730</span>  *   notbefore: {'str': '130504235959Z'},
-<span class='line'>4731</span>  *   notafter: {'str': '140504235959Z'},
-<span class='line'>4732</span>  *   subject: {str: '/C=US/O=T1'},
-<span class='line'>4733</span>  *   sbjpubkey: pubKeyObj,
-<span class='line'>4734</span>  *   sighex: '0102030405..'
-<span class='line'>4735</span>  * });
-<span class='line'>4736</span>  * // for the issuer and subject field, another
-<span class='line'>4737</span>  * // representation is also available
-<span class='line'>4738</span>  * var certPEM = KJUR.asn1.x509.X509Util.newCertPEM({
-<span class='line'>4739</span>  *   serial: {int: 1},
-<span class='line'>4740</span>  *   sigalg: {name: 'SHA256withRSA'},
-<span class='line'>4741</span>  *   issuer: {C: "US", O: "T1"},
-<span class='line'>4742</span>  *   notbefore: {'str': '130504235959Z'},
-<span class='line'>4743</span>  *   notafter: {'str': '140504235959Z'},
-<span class='line'>4744</span>  *   subject: {C: "US", O: "T1", CN: "http://example.com/"},
-<span class='line'>4745</span>  *   sbjpubkey: pubKeyObj,
-<span class='line'>4746</span>  *   sighex: '0102030405..'
-<span class='line'>4747</span>  * });
-<span class='line'>4748</span>  */</span><span class="WHIT">
-<span class='line'>4749</span> </span><span class="NAME">KJUR.asn1.x509.X509Util.newCertPEM</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">param</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>4750</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">_KJUR_asn1_x509</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">KJUR.asn1.x509</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>4751</span> </span><span class="WHIT">	</span><span class="NAME">_TBSCertificate</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_KJUR_asn1_x509.TBSCertificate</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>4752</span> </span><span class="WHIT">	</span><span class="NAME">_Certificate</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_KJUR_asn1_x509.Certificate</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4753</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">cert</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">_Certificate</span><span class="PUNC">(</span><span class="NAME">param</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4754</span> </span><span class="WHIT">    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">cert.getPEM</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4755</span> </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>4756</span> 
-<span class='line'>4757</span> </span></pre></body></html>
\ No newline at end of file
+<span class='line'>4592</span> 
+<span class='line'>4593</span> </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4594</span> 
+<span class='line'>4595</span> </span><span class="COMM">/**
+<span class='line'>4596</span>  * convert OID to name&lt;br/>
+<span class='line'>4597</span>  * @name oid2name
+<span class='line'>4598</span>  * @memberOf KJUR.asn1.x509.OID
+<span class='line'>4599</span>  * @function
+<span class='line'>4600</span>  * @param {String} oid dot noted Object Identifer string (ex. 1.2.3.4)
+<span class='line'>4601</span>  * @return {String} OID name if registered otherwise empty string
+<span class='line'>4602</span>  * @since asn1x509 1.0.9
+<span class='line'>4603</span>  * @description
+<span class='line'>4604</span>  * This static method converts OID string to its name.
+<span class='line'>4605</span>  * If OID is undefined then it returns empty string (i.e. '').
+<span class='line'>4606</span>  * @example
+<span class='line'>4607</span>  * KJUR.asn1.x509.OID.oid2name("1.3.6.1.5.5.7.1.1") &rarr; 'authorityInfoAccess'
+<span class='line'>4608</span>  */</span><span class="WHIT">
+<span class='line'>4609</span> </span><span class="NAME">KJUR.asn1.x509.OID.oid2name</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">oid</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>4610</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">list</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">KJUR.asn1.x509.OID.name2oidList</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4611</span> </span><span class="WHIT">    </span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">name</span><span class="WHIT"> </span><span class="KEYW">in</span><span class="WHIT"> </span><span class="NAME">list</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>4612</span> </span><span class="WHIT">        </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">list</span><span class="PUNC">[</span><span class="NAME">name</span><span class="PUNC">]</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NAME">oid</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">name</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4613</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>4614</span> </span><span class="WHIT">    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="STRN">''</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4615</span> </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4616</span> 
+<span class='line'>4617</span> </span><span class="COMM">/**
+<span class='line'>4618</span>  * convert OID to AttributeType name&lt;br/>
+<span class='line'>4619</span>  * @name oid2atype
+<span class='line'>4620</span>  * @memberOf KJUR.asn1.x509.OID
+<span class='line'>4621</span>  * @function
+<span class='line'>4622</span>  * @param {String} oid dot noted Object Identifer string (ex. 1.2.3.4)
+<span class='line'>4623</span>  * @return {String} OID AttributeType name if registered otherwise oid
+<span class='line'>4624</span>  * @since jsrsasign 6.2.2 asn1x509 1.0.18
+<span class='line'>4625</span>  * @description
+<span class='line'>4626</span>  * This static method converts OID string to its AttributeType name.
+<span class='line'>4627</span>  * If OID is not defined in OID.atype2oidList associative array then it returns OID
+<span class='line'>4628</span>  * specified as argument.
+<span class='line'>4629</span>  * @example
+<span class='line'>4630</span>  * KJUR.asn1.x509.OID.oid2atype("2.5.4.3") &rarr; CN
+<span class='line'>4631</span>  * KJUR.asn1.x509.OID.oid2atype("1.3.6.1.4.1.311.60.2.1.3") &rarr; jurisdictionOfIncorporationC
+<span class='line'>4632</span>  * KJUR.asn1.x509.OID.oid2atype("0.1.2.3.4") &rarr; 0.1.2.3.4 // unregistered OID
+<span class='line'>4633</span>  */</span><span class="WHIT">
+<span class='line'>4634</span> </span><span class="NAME">KJUR.asn1.x509.OID.oid2atype</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">oid</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>4635</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">list</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">KJUR.asn1.x509.OID.atype2oidList</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4636</span> </span><span class="WHIT">    </span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">atype</span><span class="WHIT"> </span><span class="KEYW">in</span><span class="WHIT"> </span><span class="NAME">list</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>4637</span> </span><span class="WHIT">        </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">list</span><span class="PUNC">[</span><span class="NAME">atype</span><span class="PUNC">]</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NAME">oid</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">atype</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4638</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>4639</span> </span><span class="WHIT">    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">oid</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4640</span> </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4641</span> 
+<span class='line'>4642</span> </span><span class="COMM">/**
+<span class='line'>4643</span>  * convert OID name to OID value&lt;br/>
+<span class='line'>4644</span>  * @name name2oid
+<span class='line'>4645</span>  * @memberOf KJUR.asn1.x509.OID
+<span class='line'>4646</span>  * @function
+<span class='line'>4647</span>  * @param {String} name OID name or OID (ex. "sha1" or "1.2.3.4")
+<span class='line'>4648</span>  * @return {String} dot noted Object Identifer string (ex. 1.2.3.4)
+<span class='line'>4649</span>  * @since asn1x509 1.0.11
+<span class='line'>4650</span>  * @description
+<span class='line'>4651</span>  * This static method converts from OID name to OID string.
+<span class='line'>4652</span>  * If OID is undefined then it returns empty string (i.e. '').
+<span class='line'>4653</span>  * @example
+<span class='line'>4654</span>  * KJUR.asn1.x509.OID.name2oid("authorityInfoAccess") &rarr; "1.3.6.1.5.5.7.1.1"
+<span class='line'>4655</span>  * KJUR.asn1.x509.OID.name2oid("1.2.3.4") &rarr; "1.2.3.4"
+<span class='line'>4656</span>  * KJUR.asn1.x509.OID.name2oid("UNKNOWN NAME") &rarr; ""
+<span class='line'>4657</span>  */</span><span class="WHIT">
+<span class='line'>4658</span> </span><span class="NAME">KJUR.asn1.x509.OID.name2oid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">name</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>4659</span> </span><span class="WHIT">    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">name.match</span><span class="PUNC">(</span><span class="REGX">/^[0-9.]+$/</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">name</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4660</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">list</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">KJUR.asn1.x509.OID.name2oidList</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4661</span> </span><span class="WHIT">    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">list</span><span class="PUNC">[</span><span class="NAME">name</span><span class="PUNC">]</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="STRN">''</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4662</span> </span><span class="WHIT">    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">list</span><span class="PUNC">[</span><span class="NAME">name</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4663</span> </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4664</span> 
+<span class='line'>4665</span> </span><span class="COMM">/**
+<span class='line'>4666</span>  * X.509 certificate and CRL utilities class&lt;br/>
+<span class='line'>4667</span>  * @name KJUR.asn1.x509.X509Util
+<span class='line'>4668</span>  * @class X.509 certificate and CRL utilities class
+<span class='line'>4669</span>  */</span><span class="WHIT">
+<span class='line'>4670</span> </span><span class="NAME">KJUR.asn1.x509.X509Util</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4671</span> 
+<span class='line'>4672</span> </span><span class="COMM">/**
+<span class='line'>4673</span>  * issue a certificate in PEM format (DEPRECATED)
+<span class='line'>4674</span>  * @name newCertPEM
+<span class='line'>4675</span>  * @memberOf KJUR.asn1.x509.X509Util
+<span class='line'>4676</span>  * @function
+<span class='line'>4677</span>  * @param {Array} param JSON object of parameter to issue a certificate
+<span class='line'>4678</span>  * @since asn1x509 1.0.6
+<span class='line'>4679</span>  * @deprecated since jsrsasign 9.0.0 asn1x509 2.0.0. please move to {@link KJUR.asn1.x509.Certificate} constructor
+<span class='line'>4680</span>  * @description
+<span class='line'>4681</span>  * This method can issue a certificate by a simple
+<span class='line'>4682</span>  * JSON object.
+<span class='line'>4683</span>  * Signature value will be provided by signing with
+<span class='line'>4684</span>  * private key using 'cakey' parameter or
+<span class='line'>4685</span>  * hexadecimal signature value by 'sighex' parameter.
+<span class='line'>4686</span>  * &lt;br/>
+<span class='line'>4687</span>  * NOTE: Algorithm parameter of AlgorithmIdentifier will
+<span class='line'>4688</span>  * be set automatically by default. 
+<span class='line'>4689</span>  * (see {@link KJUR.asn1.x509.AlgorithmIdentifier})
+<span class='line'>4690</span>  * from jsrsasign 7.1.1 asn1x509 1.0.20.
+<span class='line'>4691</span>  * &lt;br/>
+<span class='line'>4692</span>  * NOTE2: 
+<span class='line'>4693</span>  * RSA-PSS algorithm has been supported from jsrsasign 8.0.21.
+<span class='line'>4694</span>  * As for RSA-PSS signature algorithm names and signing parameters 
+<span class='line'>4695</span>  * such as MGF function and salt length, please see
+<span class='line'>4696</span>  * {@link KJUR.asn1.x509.AlgorithmIdentifier} class.
+<span class='line'>4697</span>  *
+<span class='line'>4698</span>  * @example
+<span class='line'>4699</span>  * var certPEM = KJUR.asn1.x509.X509Util.newCertPEM({
+<span class='line'>4700</span>  *   serial: {int: 4},
+<span class='line'>4701</span>  *   sigalg: {name: 'SHA1withECDSA'},
+<span class='line'>4702</span>  *   issuer: {str: '/C=US/O=a'},
+<span class='line'>4703</span>  *   notbefore: {'str': '130504235959Z'},
+<span class='line'>4704</span>  *   notafter: {'str': '140504235959Z'},
+<span class='line'>4705</span>  *   subject: {str: '/C=US/O=b'},
+<span class='line'>4706</span>  *   sbjpubkey: pubKeyObj,
+<span class='line'>4707</span>  *   ext: [
+<span class='line'>4708</span>  *     {basicConstraints: {cA: true, critical: true}},
+<span class='line'>4709</span>  *     {keyUsage: {bin: '11'}},
+<span class='line'>4710</span>  *   ],
+<span class='line'>4711</span>  *   cakey: prvKeyObj
+<span class='line'>4712</span>  * });
+<span class='line'>4713</span>  * // -- or --
+<span class='line'>4714</span>  * var certPEM = KJUR.asn1.x509.X509Util.newCertPEM({
+<span class='line'>4715</span>  *   serial: {int: 4},
+<span class='line'>4716</span>  *   sigalg: {name: 'SHA1withECDSA'},
+<span class='line'>4717</span>  *   issuer: {str: '/C=US/O=a'},
+<span class='line'>4718</span>  *   notbefore: {'str': '130504235959Z'},
+<span class='line'>4719</span>  *   notafter: {'str': '140504235959Z'},
+<span class='line'>4720</span>  *   subject: {str: '/C=US/O=b'},
+<span class='line'>4721</span>  *   sbjpubkey: pubKeyPEM,
+<span class='line'>4722</span>  *   ext: [
+<span class='line'>4723</span>  *     {basicConstraints: {cA: true, critical: true}},
+<span class='line'>4724</span>  *     {keyUsage: {bin: '11'}},
+<span class='line'>4725</span>  *   ],
+<span class='line'>4726</span>  *   cakey: [prvkey, pass]}
+<span class='line'>4727</span>  * );
+<span class='line'>4728</span>  * // -- or --
+<span class='line'>4729</span>  * var certPEM = KJUR.asn1.x509.X509Util.newCertPEM({
+<span class='line'>4730</span>  *   serial: {int: 1},
+<span class='line'>4731</span>  *   sigalg: {name: 'SHA1withRSA'},
+<span class='line'>4732</span>  *   issuer: {str: '/C=US/O=T1'},
+<span class='line'>4733</span>  *   notbefore: {'str': '130504235959Z'},
+<span class='line'>4734</span>  *   notafter: {'str': '140504235959Z'},
+<span class='line'>4735</span>  *   subject: {str: '/C=US/O=T1'},
+<span class='line'>4736</span>  *   sbjpubkey: pubKeyObj,
+<span class='line'>4737</span>  *   sighex: '0102030405..'
+<span class='line'>4738</span>  * });
+<span class='line'>4739</span>  * // for the issuer and subject field, another
+<span class='line'>4740</span>  * // representation is also available
+<span class='line'>4741</span>  * var certPEM = KJUR.asn1.x509.X509Util.newCertPEM({
+<span class='line'>4742</span>  *   serial: {int: 1},
+<span class='line'>4743</span>  *   sigalg: {name: 'SHA256withRSA'},
+<span class='line'>4744</span>  *   issuer: {C: "US", O: "T1"},
+<span class='line'>4745</span>  *   notbefore: {'str': '130504235959Z'},
+<span class='line'>4746</span>  *   notafter: {'str': '140504235959Z'},
+<span class='line'>4747</span>  *   subject: {C: "US", O: "T1", CN: "http://example.com/"},
+<span class='line'>4748</span>  *   sbjpubkey: pubKeyObj,
+<span class='line'>4749</span>  *   sighex: '0102030405..'
+<span class='line'>4750</span>  * });
+<span class='line'>4751</span>  */</span><span class="WHIT">
+<span class='line'>4752</span> </span><span class="NAME">KJUR.asn1.x509.X509Util.newCertPEM</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">param</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>4753</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">_KJUR_asn1_x509</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">KJUR.asn1.x509</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4754</span> </span><span class="WHIT">	</span><span class="NAME">_TBSCertificate</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_KJUR_asn1_x509.TBSCertificate</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>4755</span> </span><span class="WHIT">	</span><span class="NAME">_Certificate</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_KJUR_asn1_x509.Certificate</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4756</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">cert</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">_Certificate</span><span class="PUNC">(</span><span class="NAME">param</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4757</span> </span><span class="WHIT">    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">cert.getPEM</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4758</span> </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>4759</span> 
+<span class='line'>4760</span> </span></pre></body></html>
\ No newline at end of file
diff --git a/api/symbols/src/x509-1.1.js.html b/api/symbols/src/x509-1.1.js.html
index d99aa134..34d4c25d 100644
--- a/api/symbols/src/x509-1.1.js.html
+++ b/api/symbols/src/x509-1.1.js.html
@@ -5,7 +5,7 @@
 	.STRN {color: #393;}
 	.REGX {color: #339;}
 	.line {border-right: 1px dotted #666; color: #666; font-style: normal;}
-	</style></head><body><pre><span class='line'>  1</span> <span class="COMM">/* x509-2.0.17.js (c) 2012-2022 Kenji Urushima | kjur.github.io/jsrsasign/license
+	</style></head><body><pre><span class='line'>  1</span> <span class="COMM">/* x509-2.1.0.js (c) 2012-2022 Kenji Urushima | kjur.github.io/jsrsasign/license
 <span class='line'>  2</span>  */</span><span class="WHIT">
 <span class='line'>  3</span> </span><span class="COMM">/*
 <span class='line'>  4</span>  * x509.js - X509 class to read subject public key from certificate.
@@ -23,7 +23,7 @@
 <span class='line'> 16</span>  * @fileOverview
 <span class='line'> 17</span>  * @name x509-1.1.js
 <span class='line'> 18</span>  * @author Kenji Urushima kenji.urushima@gmail.com
-<span class='line'> 19</span>  * @version jsrsasign 10.5.24 x509 2.0.17 (2022-Jun-04)
+<span class='line'> 19</span>  * @version jsrsasign 10.6.0 x509 2.1.0 (2022-Nov-04)
 <span class='line'> 20</span>  * @since jsrsasign 1.x.x
 <span class='line'> 21</span>  * @license &lt;a href="https://kjur.github.io/jsrsasign/license/">MIT License&lt;/a>
 <span class='line'> 22</span>  */</span><span class="WHIT">
@@ -246,3104 +246,3277 @@
 <span class='line'>239</span>      * @name getIssuer
 <span class='line'>240</span>      * @memberOf X509#
 <span class='line'>241</span>      * @function
-<span class='line'>242</span>      * @return {Array} JSON object of issuer field
-<span class='line'>243</span>      * @since jsrsasign 9.0.0 x509 2.0.0
-<span class='line'>244</span>      * @see X509#getX500Name
-<span class='line'>245</span>      * @description
-<span class='line'>246</span>      * @example
-<span class='line'>247</span>      * var x = new X509(sCertPEM);
-<span class='line'>248</span>      * x.getIssuer() &rarr;
-<span class='line'>249</span>      * { array: [[{type:'C',value:'JP',ds:'prn'}],...],
-<span class='line'>250</span>      *   str: "/C=JP/..." }
-<span class='line'>251</span>      */</span><span class="WHIT">
-<span class='line'>252</span> </span><span class="WHIT">    </span><span class="NAME">this.getIssuer</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>253</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">this.getX500Name</span><span class="PUNC">(</span><span class="NAME">this.getIssuerHex</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="WHIT">
-<span class='line'>254</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>255</span> 
-<span class='line'>256</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>257</span>      * get hexadecimal string of issuer field TLV of certificate.&lt;br/>
-<span class='line'>258</span>      * @name getIssuerHex
-<span class='line'>259</span>      * @memberOf X509#
-<span class='line'>260</span>      * @function
-<span class='line'>261</span>      * @return {String} hexadecial string of issuer DN ASN.1
-<span class='line'>262</span>      * @example
-<span class='line'>263</span>      * var x = new X509();
-<span class='line'>264</span>      * x.readCertPEM(sCertPEM);
-<span class='line'>265</span>      * var issuer = x.getIssuerHex(); // return string like "3013..."
-<span class='line'>266</span>      */</span><span class="WHIT">
-<span class='line'>267</span> </span><span class="WHIT">    </span><span class="NAME">this.getIssuerHex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>268</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">_getTLVbyList</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">3</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">this.foffset</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"30"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>269</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>270</span> 
-<span class='line'>271</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>272</span>      * get string of issuer field of certificate.&lt;br/>
-<span class='line'>273</span>      * @name getIssuerString
-<span class='line'>274</span>      * @memberOf X509#
-<span class='line'>275</span>      * @function
-<span class='line'>276</span>      * @return {String} issuer DN string
-<span class='line'>277</span>      * @see X509#getIssuer
-<span class='line'>278</span>      * @example
-<span class='line'>279</span>      * var x = new X509();
-<span class='line'>280</span>      * x.readCertPEM(sCertPEM);
-<span class='line'>281</span>      * var dn1 = x.getIssuerString(); // return string like "/C=US/O=TEST"
-<span class='line'>282</span>      * var dn2 = KJUR.asn1.x509.X500Name.compatToLDAP(dn1); // returns "O=TEST, C=US"
+<span class='line'>242</span>      * @param {boolean} flagCanon flag to conclude canonicalized name (DEFAULT false)
+<span class='line'>243</span>      * @param {boolean} flagHex flag to conclude hexadecimal string (DEFAULT false)
+<span class='line'>244</span>      * @return {Array} JSON object of issuer field
+<span class='line'>245</span>      * @since jsrsasign 9.0.0 x509 2.0.0
+<span class='line'>246</span>      * @see X509#getX500Name
+<span class='line'>247</span>      *
+<span class='line'>248</span>      * @description
+<span class='line'>249</span>      * Get a JSON object of an issuer field.
+<span class='line'>250</span>      * &lt;br>
+<span class='line'>251</span>      * NOTE: From jsrsasign 10.6.0, flagHex and flagCanon has been 
+<span class='line'>252</span>      * supported to conclude a canonicalized name for caseIgnoreMatch
+<span class='line'>253</span>      * desribed in &lt;a href="https://tools.ietf.org/html/rfc4518">
+<span class='line'>254</span>      * RFC 4518&lt;/a>.
+<span class='line'>255</span>      *
+<span class='line'>256</span>      * @example
+<span class='line'>257</span>      * var x = new X509(sCertPEM);
+<span class='line'>258</span>      * x.getIssuer() &rarr;
+<span class='line'>259</span>      * { array: [[{type:'C',value:'JP',ds:'prn'}],...],
+<span class='line'>260</span>      *   str: "/C=JP/..." }
+<span class='line'>261</span>      *
+<span class='line'>262</span>      * // with flags
+<span class='line'>263</span>      * x.getIssuer(true, true) &rarr;
+<span class='line'>264</span>      * { array: ...,
+<span class='line'>265</span>      *   str: "/C=JP/O=   Test    123   ",
+<span class='line'>266</span>      *   canon: "/c=jp/o=test 123",
+<span class='line'>267</span>      *   hex: "30..." }
+<span class='line'>268</span>      */</span><span class="WHIT">
+<span class='line'>269</span> </span><span class="WHIT">    </span><span class="NAME">this.getIssuer</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">flagCanon</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">flagHex</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>270</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">this.getX500Name</span><span class="PUNC">(</span><span class="NAME">this.getIssuerHex</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">flagCanon</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">flagHex</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>271</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>272</span> 
+<span class='line'>273</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>274</span>      * get hexadecimal string of issuer field TLV of certificate.&lt;br/>
+<span class='line'>275</span>      * @name getIssuerHex
+<span class='line'>276</span>      * @memberOf X509#
+<span class='line'>277</span>      * @function
+<span class='line'>278</span>      * @return {String} hexadecial string of issuer DN ASN.1
+<span class='line'>279</span>      * @example
+<span class='line'>280</span>      * var x = new X509();
+<span class='line'>281</span>      * x.readCertPEM(sCertPEM);
+<span class='line'>282</span>      * var issuer = x.getIssuerHex(); // return string like "3013..."
 <span class='line'>283</span>      */</span><span class="WHIT">
-<span class='line'>284</span> </span><span class="WHIT">    </span><span class="NAME">this.getIssuerString</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>285</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">pIssuer</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getIssuer</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>286</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">pIssuer.str</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>287</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>288</span> 
-<span class='line'>289</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>290</span>      * get JSON object of subject field&lt;br/>
-<span class='line'>291</span>      * @name getSubject
-<span class='line'>292</span>      * @memberOf X509#
-<span class='line'>293</span>      * @function
-<span class='line'>294</span>      * @return {Array} JSON object of subject field
-<span class='line'>295</span>      * @since jsrsasign 9.0.0 x509 2.0.0
-<span class='line'>296</span>      * @see X509#getX500Name
-<span class='line'>297</span>      * @description
-<span class='line'>298</span>      * @example
-<span class='line'>299</span>      * var x = new X509(sCertPEM);
-<span class='line'>300</span>      * x.getSubject() &rarr;
-<span class='line'>301</span>      * { array: [[{type:'C',value:'JP',ds:'prn'}],...],
-<span class='line'>302</span>      *   str: "/C=JP/..." }
-<span class='line'>303</span>      */</span><span class="WHIT">
-<span class='line'>304</span> </span><span class="WHIT">    </span><span class="NAME">this.getSubject</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>305</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">this.getX500Name</span><span class="PUNC">(</span><span class="NAME">this.getSubjectHex</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>306</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>307</span> 
-<span class='line'>308</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>309</span>      * get hexadecimal string of subject field of certificate.&lt;br/>
-<span class='line'>310</span>      * @name getSubjectHex
-<span class='line'>311</span>      * @memberOf X509#
-<span class='line'>312</span>      * @function
-<span class='line'>313</span>      * @return {String} hexadecial string of subject DN ASN.1
-<span class='line'>314</span>      * @example
-<span class='line'>315</span>      * var x = new X509();
-<span class='line'>316</span>      * x.readCertPEM(sCertPEM);
-<span class='line'>317</span>      * var subject = x.getSubjectHex(); // return string like "3013..."
-<span class='line'>318</span>      */</span><span class="WHIT">
-<span class='line'>319</span> </span><span class="WHIT">    </span><span class="NAME">this.getSubjectHex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>320</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">_getTLVbyList</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">5</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">this.foffset</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"30"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>321</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>322</span> 
-<span class='line'>323</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>324</span>      * get string of subject field of certificate.&lt;br/>
-<span class='line'>325</span>      * @name getSubjectString
-<span class='line'>326</span>      * @memberOf X509#
-<span class='line'>327</span>      * @function
-<span class='line'>328</span>      * @return {String} subject DN string
-<span class='line'>329</span>      * @see X509#getSubject
-<span class='line'>330</span>      * @example
-<span class='line'>331</span>      * var x = new X509();
-<span class='line'>332</span>      * x.readCertPEM(sCertPEM);
-<span class='line'>333</span>      * var dn1 = x.getSubjectString(); // return string like "/C=US/O=TEST"
-<span class='line'>334</span>      * var dn2 = KJUR.asn1.x509.X500Name.compatToLDAP(dn1); // returns "O=TEST, C=US"
-<span class='line'>335</span>      */</span><span class="WHIT">
-<span class='line'>336</span> </span><span class="WHIT">    </span><span class="NAME">this.getSubjectString</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>337</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">pSubject</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getSubject</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>338</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">pSubject.str</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>339</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>340</span> 
-<span class='line'>341</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>342</span>      * get notBefore field string of certificate.&lt;br/>
-<span class='line'>343</span>      * @name getNotBefore
-<span class='line'>344</span>      * @memberOf X509#
-<span class='line'>345</span>      * @function
-<span class='line'>346</span>      * @return {String} not before time value (ex. "151231235959Z")
-<span class='line'>347</span>      * @example
-<span class='line'>348</span>      * var x = new X509();
-<span class='line'>349</span>      * x.readCertPEM(sCertPEM);
-<span class='line'>350</span>      * var notBefore = x.getNotBefore(); // return string like "151231235959Z"
-<span class='line'>351</span>      */</span><span class="WHIT">
-<span class='line'>352</span> </span><span class="WHIT">    </span><span class="NAME">this.getNotBefore</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>353</span> </span><span class="WHIT">        </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getVbyList</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">4</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">this.foffset</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>354</span> </span><span class="WHIT">        </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">s.replace</span><span class="PUNC">(</span><span class="REGX">/(..)/g</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"%$1"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>355</span> </span><span class="WHIT">        </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">decodeURIComponent</span><span class="PUNC">(</span><span class="NAME">s</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>356</span> </span><span class="WHIT">        </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">s</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>357</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>358</span> 
-<span class='line'>359</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>360</span>      * get notAfter field string of certificate.&lt;br/>
-<span class='line'>361</span>      * @name getNotAfter
-<span class='line'>362</span>      * @memberOf X509#
-<span class='line'>363</span>      * @function
-<span class='line'>364</span>      * @return {String} not after time value (ex. "151231235959Z")
-<span class='line'>365</span>      * @example
-<span class='line'>366</span>      * var x = new X509();
-<span class='line'>367</span>      * x.readCertPEM(sCertPEM);
-<span class='line'>368</span>      * var notAfter = x.getNotAfter(); // return string like "151231235959Z"
+<span class='line'>284</span> </span><span class="WHIT">    </span><span class="NAME">this.getIssuerHex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>285</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">_getTLVbyList</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">3</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">this.foffset</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"30"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>286</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>287</span> 
+<span class='line'>288</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>289</span>      * get string of issuer field of certificate.&lt;br/>
+<span class='line'>290</span>      * @name getIssuerString
+<span class='line'>291</span>      * @memberOf X509#
+<span class='line'>292</span>      * @function
+<span class='line'>293</span>      * @return {String} issuer DN string
+<span class='line'>294</span>      * @see X509#getIssuer
+<span class='line'>295</span>      * @example
+<span class='line'>296</span>      * var x = new X509();
+<span class='line'>297</span>      * x.readCertPEM(sCertPEM);
+<span class='line'>298</span>      * var dn1 = x.getIssuerString(); // return string like "/C=US/O=TEST"
+<span class='line'>299</span>      * var dn2 = KJUR.asn1.x509.X500Name.compatToLDAP(dn1); // returns "O=TEST, C=US"
+<span class='line'>300</span>      */</span><span class="WHIT">
+<span class='line'>301</span> </span><span class="WHIT">    </span><span class="NAME">this.getIssuerString</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>302</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">pIssuer</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getIssuer</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>303</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">pIssuer.str</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>304</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>305</span> 
+<span class='line'>306</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>307</span>      * get JSON object of subject field&lt;br/>
+<span class='line'>308</span>      * @name getSubject
+<span class='line'>309</span>      * @memberOf X509#
+<span class='line'>310</span>      * @function
+<span class='line'>311</span>      * @param {boolean} flagCanon flag to conclude canonicalized name (DEFAULT false)
+<span class='line'>312</span>      * @param {boolean} flagHex flag to conclude hexadecimal string (DEFAULT false)
+<span class='line'>313</span>      * @return {object} JSON object of subject field
+<span class='line'>314</span>      * @since jsrsasign 9.0.0 x509 2.0.0
+<span class='line'>315</span>      * @see X509#getX500Name
+<span class='line'>316</span>      *
+<span class='line'>317</span>      * @description
+<span class='line'>318</span>      * Get a JSON object of a subject field.
+<span class='line'>319</span>      * &lt;br>
+<span class='line'>320</span>      * NOTE: From jsrsasign 10.6.0, flagHex and flagCanon has been 
+<span class='line'>321</span>      * supported to conclude a canonicalized name for caseIgnoreMatch
+<span class='line'>322</span>      * desribed in &lt;a href="https://tools.ietf.org/html/rfc4518">
+<span class='line'>323</span>      * RFC 4518&lt;/a>.
+<span class='line'>324</span>      *
+<span class='line'>325</span>      * @example
+<span class='line'>326</span>      * var x = new X509(sCertPEM);
+<span class='line'>327</span>      * x.getSubject() &rarr;
+<span class='line'>328</span>      * { array: [[{type:'C',value:'JP',ds:'prn'}],...],
+<span class='line'>329</span>      *   str: "/C=JP/..." }
+<span class='line'>330</span>      *
+<span class='line'>331</span>      * // with flags
+<span class='line'>332</span>      * x.getSubject(true, true) &rarr;
+<span class='line'>333</span>      * { array: ...,
+<span class='line'>334</span>      *   str: "/C=JP/O=   Test    123   ",
+<span class='line'>335</span>      *   canon: "/c=jp/o=test 123",
+<span class='line'>336</span>      *   hex: "30..." }
+<span class='line'>337</span>      */</span><span class="WHIT">
+<span class='line'>338</span> </span><span class="WHIT">    </span><span class="NAME">this.getSubject</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">flagCanon</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">flagHex</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>339</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">this.getX500Name</span><span class="PUNC">(</span><span class="NAME">this.getSubjectHex</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">flagCanon</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">flagHex</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>340</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>341</span> 
+<span class='line'>342</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>343</span>      * get hexadecimal string of subject field of certificate.&lt;br/>
+<span class='line'>344</span>      * @name getSubjectHex
+<span class='line'>345</span>      * @memberOf X509#
+<span class='line'>346</span>      * @function
+<span class='line'>347</span>      * @return {String} hexadecial string of subject DN ASN.1
+<span class='line'>348</span>      * @example
+<span class='line'>349</span>      * var x = new X509();
+<span class='line'>350</span>      * x.readCertPEM(sCertPEM);
+<span class='line'>351</span>      * var subject = x.getSubjectHex(); // return string like "3013..."
+<span class='line'>352</span>      */</span><span class="WHIT">
+<span class='line'>353</span> </span><span class="WHIT">    </span><span class="NAME">this.getSubjectHex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>354</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">_getTLVbyList</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">5</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">this.foffset</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"30"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>355</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>356</span> 
+<span class='line'>357</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>358</span>      * get string of subject field of certificate.&lt;br/>
+<span class='line'>359</span>      * @name getSubjectString
+<span class='line'>360</span>      * @memberOf X509#
+<span class='line'>361</span>      * @function
+<span class='line'>362</span>      * @return {String} subject DN string
+<span class='line'>363</span>      * @see X509#getSubject
+<span class='line'>364</span>      * @example
+<span class='line'>365</span>      * var x = new X509();
+<span class='line'>366</span>      * x.readCertPEM(sCertPEM);
+<span class='line'>367</span>      * var dn1 = x.getSubjectString(); // return string like "/C=US/O=TEST"
+<span class='line'>368</span>      * var dn2 = KJUR.asn1.x509.X500Name.compatToLDAP(dn1); // returns "O=TEST, C=US"
 <span class='line'>369</span>      */</span><span class="WHIT">
-<span class='line'>370</span> </span><span class="WHIT">    </span><span class="NAME">this.getNotAfter</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>371</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getVbyList</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">4</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">this.foffset</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">1</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>372</span> </span><span class="WHIT">        </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">s.replace</span><span class="PUNC">(</span><span class="REGX">/(..)/g</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"%$1"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>373</span> </span><span class="WHIT">        </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">decodeURIComponent</span><span class="PUNC">(</span><span class="NAME">s</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>374</span> </span><span class="WHIT">        </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">s</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>375</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>376</span> 
-<span class='line'>377</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>378</span>      * get a hexadecimal string of subjectPublicKeyInfo field.&lt;br/>
-<span class='line'>379</span>      * @name getPublicKeyHex
-<span class='line'>380</span>      * @memberOf X509#
-<span class='line'>381</span>      * @function
-<span class='line'>382</span>      * @return {String} ASN.1 SEQUENCE hexadecimal string of subjectPublicKeyInfo field
-<span class='line'>383</span>      * @since jsrsasign 7.1.4 x509 1.1.13
-<span class='line'>384</span>      * @deprecated since jsrsasign 10.5.7 x509 2.0.13. Please use {@link X509#getSPKI} instead.
-<span class='line'>385</span>      *
-<span class='line'>386</span>      * @example
-<span class='line'>387</span>      * x = new X509(sCertPEM);
-<span class='line'>388</span>      * hSPKI = x.getPublicKeyHex(); // return string like "30820122..."
-<span class='line'>389</span>      */</span><span class="WHIT">
-<span class='line'>390</span> </span><span class="WHIT">    </span><span class="NAME">this.getPublicKeyHex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>391</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">this.getSPKI</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>392</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>393</span> 
-<span class='line'>394</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>395</span>      * get ASN.1 TLV hexadecimal string of subjectPublicKeyInfo field.&lt;br/>
-<span class='line'>396</span>      * @name getSPKI
-<span class='line'>397</span>      * @memberOf X509#
-<span class='line'>398</span>      * @function
-<span class='line'>399</span>      * @return {string} ASN.1 SEQUENCE hexadecimal string of subjectPublicKeyInfo field
-<span class='line'>400</span>      * @since jsrsasign 10.5.8 x509 2.0.13
-<span class='line'>401</span>      * @see X509#getPublicKeyHex
-<span class='line'>402</span>      * @see X509#getSPKIValue
-<span class='line'>403</span>      *
-<span class='line'>404</span>      * @description
-<span class='line'>405</span>      * Get a hexadecimal string of SubjectPublicKeyInfo ASN.1 TLV of the certificate.&lt;br/>
-<span class='line'>406</span>      * &lt;pre>
-<span class='line'>407</span>      * SubjectPublicKeyInfo  ::=  SEQUENCE  {
-<span class='line'>408</span>      *    algorithm         AlgorithmIdentifier,
-<span class='line'>409</span>      *    subjectPublicKey  BIT STRING  }
-<span class='line'>410</span>      * &lt;/pre>
-<span class='line'>411</span>      *
-<span class='line'>412</span>      * @example
-<span class='line'>413</span>      * x = new X509(sCertPEM);
-<span class='line'>414</span>      * hSPKI = x.getSPKI(); // return string like "30820122..."
-<span class='line'>415</span>      */</span><span class="WHIT">
-<span class='line'>416</span> </span><span class="WHIT">    </span><span class="NAME">this.getSPKI</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>417</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">_getTLVbyList</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">6</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">this.foffset</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"30"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>418</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>419</span> 
-<span class='line'>420</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>421</span>      * get hexadecimal string of subjectPublicKey of subjectPublicKeyInfo field.&lt;br/>
-<span class='line'>422</span>      * @name getSPKIValue
-<span class='line'>423</span>      * @memberOf X509#
-<span class='line'>424</span>      * @function
-<span class='line'>425</span>      * @return {string} ASN.1 hexadecimal string of subjectPublicKey
-<span class='line'>426</span>      * @since jsrsasign 10.5.8 x509 2.0.13
-<span class='line'>427</span>      * @see X509#getSPKI
-<span class='line'>428</span>      *
-<span class='line'>429</span>      * @description
-<span class='line'>430</span>      * Get a hexadecimal string of subjectPublicKey ASN.1 value of SubjectPublicKeyInfo 
-<span class='line'>431</span>      * of the certificate without unusedbit "00".
-<span class='line'>432</span>      * The "subjectPublicKey" is encapsulated by BIT STRING.
-<span class='line'>433</span>      * This method returns BIT STRING value without unusedbits.
-<span class='line'>434</span>      * &lt;br/>
-<span class='line'>435</span>      * &lt;pre>
-<span class='line'>436</span>      * SubjectPublicKeyInfo  ::=  SEQUENCE  {
-<span class='line'>437</span>      *    algorithm         AlgorithmIdentifier,
-<span class='line'>438</span>      *    subjectPublicKey  BIT STRING  }
-<span class='line'>439</span>      * &lt;/pre>
-<span class='line'>440</span>      *
-<span class='line'>441</span>      * @example
-<span class='line'>442</span>      * x = new X509(sCertPEM);
-<span class='line'>443</span>      * hSPKIValue = x.getSPKIValue(); // without BIT STRING Encapusulation.
-<span class='line'>444</span>      */</span><span class="WHIT">
-<span class='line'>445</span> </span><span class="WHIT">    </span><span class="NAME">this.getSPKIValue</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>446</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hSPKI</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getSPKI</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>447</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hSPKI</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="KEYW">null</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="KEYW">null</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>448</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">_getVbyList</span><span class="PUNC">(</span><span class="NAME">hSPKI</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">1</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"03"</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="COMM">// true: remove unused bit</span><span class="WHIT">
-<span class='line'>449</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>450</span> 
-<span class='line'>451</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>452</span>      * get a string index of subjectPublicKeyInfo field for hexadecimal string certificate.&lt;br/>
-<span class='line'>453</span>      * @name getPublicKeyIdx
-<span class='line'>454</span>      * @memberOf X509#
-<span class='line'>455</span>      * @function
-<span class='line'>456</span>      * @return {Number} string index of subjectPublicKeyInfo field for hexadecimal string certificate.
-<span class='line'>457</span>      * @since jsrsasign 7.1.4 x509 1.1.13
-<span class='line'>458</span>      * @example
-<span class='line'>459</span>      * x = new X509();
-<span class='line'>460</span>      * x.readCertPEM(sCertPEM);
-<span class='line'>461</span>      * idx = x.getPublicKeyIdx(); // return string index in x.hex parameter
-<span class='line'>462</span>      */</span><span class="WHIT">
-<span class='line'>463</span> </span><span class="WHIT">    </span><span class="NAME">this.getPublicKeyIdx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>464</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">_getIdxbyList</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">6</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">this.foffset</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"30"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>465</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>466</span> 
-<span class='line'>467</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>468</span>      * get a string index of contents of subjectPublicKeyInfo BITSTRING value from hexadecimal certificate&lt;br/>
-<span class='line'>469</span>      * @name getPublicKeyContentIdx
-<span class='line'>470</span>      * @memberOf X509#
-<span class='line'>471</span>      * @function
-<span class='line'>472</span>      * @return {Integer} string index of key contents
-<span class='line'>473</span>      * @since jsrsasign 8.0.0 x509 1.2.0
-<span class='line'>474</span>      * @example
-<span class='line'>475</span>      * x = new X509();
-<span class='line'>476</span>      * x.readCertPEM(sCertPEM);
-<span class='line'>477</span>      * idx = x.getPublicKeyContentIdx(); // return string index in x.hex parameter
+<span class='line'>370</span> </span><span class="WHIT">    </span><span class="NAME">this.getSubjectString</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>371</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">pSubject</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getSubject</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>372</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">pSubject.str</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>373</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>374</span> 
+<span class='line'>375</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>376</span>      * get notBefore field string of certificate.&lt;br/>
+<span class='line'>377</span>      * @name getNotBefore
+<span class='line'>378</span>      * @memberOf X509#
+<span class='line'>379</span>      * @function
+<span class='line'>380</span>      * @return {String} not before time value (ex. "151231235959Z")
+<span class='line'>381</span>      * @example
+<span class='line'>382</span>      * var x = new X509();
+<span class='line'>383</span>      * x.readCertPEM(sCertPEM);
+<span class='line'>384</span>      * var notBefore = x.getNotBefore(); // return string like "151231235959Z"
+<span class='line'>385</span>      */</span><span class="WHIT">
+<span class='line'>386</span> </span><span class="WHIT">    </span><span class="NAME">this.getNotBefore</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>387</span> </span><span class="WHIT">        </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getVbyList</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">4</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">this.foffset</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>388</span> </span><span class="WHIT">        </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">s.replace</span><span class="PUNC">(</span><span class="REGX">/(..)/g</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"%$1"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>389</span> </span><span class="WHIT">        </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">decodeURIComponent</span><span class="PUNC">(</span><span class="NAME">s</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>390</span> </span><span class="WHIT">        </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">s</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>391</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>392</span> 
+<span class='line'>393</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>394</span>      * get notAfter field string of certificate.&lt;br/>
+<span class='line'>395</span>      * @name getNotAfter
+<span class='line'>396</span>      * @memberOf X509#
+<span class='line'>397</span>      * @function
+<span class='line'>398</span>      * @return {String} not after time value (ex. "151231235959Z")
+<span class='line'>399</span>      * @example
+<span class='line'>400</span>      * var x = new X509();
+<span class='line'>401</span>      * x.readCertPEM(sCertPEM);
+<span class='line'>402</span>      * var notAfter = x.getNotAfter(); // return string like "151231235959Z"
+<span class='line'>403</span>      */</span><span class="WHIT">
+<span class='line'>404</span> </span><span class="WHIT">    </span><span class="NAME">this.getNotAfter</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>405</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getVbyList</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">4</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">this.foffset</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">1</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>406</span> </span><span class="WHIT">        </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">s.replace</span><span class="PUNC">(</span><span class="REGX">/(..)/g</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"%$1"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>407</span> </span><span class="WHIT">        </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">decodeURIComponent</span><span class="PUNC">(</span><span class="NAME">s</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>408</span> </span><span class="WHIT">        </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">s</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>409</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>410</span> 
+<span class='line'>411</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>412</span>      * get a hexadecimal string of subjectPublicKeyInfo field.&lt;br/>
+<span class='line'>413</span>      * @name getPublicKeyHex
+<span class='line'>414</span>      * @memberOf X509#
+<span class='line'>415</span>      * @function
+<span class='line'>416</span>      * @return {String} ASN.1 SEQUENCE hexadecimal string of subjectPublicKeyInfo field
+<span class='line'>417</span>      * @since jsrsasign 7.1.4 x509 1.1.13
+<span class='line'>418</span>      * @deprecated since jsrsasign 10.5.7 x509 2.0.13. Please use {@link X509#getSPKI} instead.
+<span class='line'>419</span>      *
+<span class='line'>420</span>      * @example
+<span class='line'>421</span>      * x = new X509(sCertPEM);
+<span class='line'>422</span>      * hSPKI = x.getPublicKeyHex(); // return string like "30820122..."
+<span class='line'>423</span>      */</span><span class="WHIT">
+<span class='line'>424</span> </span><span class="WHIT">    </span><span class="NAME">this.getPublicKeyHex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>425</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">this.getSPKI</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>426</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>427</span> 
+<span class='line'>428</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>429</span>      * get ASN.1 TLV hexadecimal string of subjectPublicKeyInfo field.&lt;br/>
+<span class='line'>430</span>      * @name getSPKI
+<span class='line'>431</span>      * @memberOf X509#
+<span class='line'>432</span>      * @function
+<span class='line'>433</span>      * @return {string} ASN.1 SEQUENCE hexadecimal string of subjectPublicKeyInfo field
+<span class='line'>434</span>      * @since jsrsasign 10.5.8 x509 2.0.13
+<span class='line'>435</span>      * @see X509#getPublicKeyHex
+<span class='line'>436</span>      * @see X509#getSPKIValue
+<span class='line'>437</span>      *
+<span class='line'>438</span>      * @description
+<span class='line'>439</span>      * Get a hexadecimal string of SubjectPublicKeyInfo ASN.1 TLV of the certificate.&lt;br/>
+<span class='line'>440</span>      * &lt;pre>
+<span class='line'>441</span>      * SubjectPublicKeyInfo  ::=  SEQUENCE  {
+<span class='line'>442</span>      *    algorithm         AlgorithmIdentifier,
+<span class='line'>443</span>      *    subjectPublicKey  BIT STRING  }
+<span class='line'>444</span>      * &lt;/pre>
+<span class='line'>445</span>      *
+<span class='line'>446</span>      * @example
+<span class='line'>447</span>      * x = new X509(sCertPEM);
+<span class='line'>448</span>      * hSPKI = x.getSPKI(); // return string like "30820122..."
+<span class='line'>449</span>      */</span><span class="WHIT">
+<span class='line'>450</span> </span><span class="WHIT">    </span><span class="NAME">this.getSPKI</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>451</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">_getTLVbyList</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">6</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">this.foffset</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"30"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>452</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>453</span> 
+<span class='line'>454</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>455</span>      * get hexadecimal string of subjectPublicKey of subjectPublicKeyInfo field.&lt;br/>
+<span class='line'>456</span>      * @name getSPKIValue
+<span class='line'>457</span>      * @memberOf X509#
+<span class='line'>458</span>      * @function
+<span class='line'>459</span>      * @return {string} ASN.1 hexadecimal string of subjectPublicKey
+<span class='line'>460</span>      * @since jsrsasign 10.5.8 x509 2.0.13
+<span class='line'>461</span>      * @see X509#getSPKI
+<span class='line'>462</span>      *
+<span class='line'>463</span>      * @description
+<span class='line'>464</span>      * Get a hexadecimal string of subjectPublicKey ASN.1 value of SubjectPublicKeyInfo 
+<span class='line'>465</span>      * of the certificate without unusedbit "00".
+<span class='line'>466</span>      * The "subjectPublicKey" is encapsulated by BIT STRING.
+<span class='line'>467</span>      * This method returns BIT STRING value without unusedbits.
+<span class='line'>468</span>      * &lt;br/>
+<span class='line'>469</span>      * &lt;pre>
+<span class='line'>470</span>      * SubjectPublicKeyInfo  ::=  SEQUENCE  {
+<span class='line'>471</span>      *    algorithm         AlgorithmIdentifier,
+<span class='line'>472</span>      *    subjectPublicKey  BIT STRING  }
+<span class='line'>473</span>      * &lt;/pre>
+<span class='line'>474</span>      *
+<span class='line'>475</span>      * @example
+<span class='line'>476</span>      * x = new X509(sCertPEM);
+<span class='line'>477</span>      * hSPKIValue = x.getSPKIValue(); // without BIT STRING Encapusulation.
 <span class='line'>478</span>      */</span><span class="WHIT">
-<span class='line'>479</span> </span><span class="WHIT">    </span><span class="COMM">// NOTE: Without BITSTRING encapsulation.</span><span class="WHIT">
-<span class='line'>480</span> </span><span class="WHIT">    </span><span class="NAME">this.getPublicKeyContentIdx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>481</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">idx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getPublicKeyIdx</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>482</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">_getIdxbyList</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">idx</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">1</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"30"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>479</span> </span><span class="WHIT">    </span><span class="NAME">this.getSPKIValue</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>480</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hSPKI</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getSPKI</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>481</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hSPKI</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="KEYW">null</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="KEYW">null</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>482</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">_getVbyList</span><span class="PUNC">(</span><span class="NAME">hSPKI</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">1</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"03"</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="COMM">// true: remove unused bit</span><span class="WHIT">
 <span class='line'>483</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
 <span class='line'>484</span> 
 <span class='line'>485</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>486</span>      * get a RSAKey/ECDSA/DSA public key object of subjectPublicKeyInfo field.&lt;br/>
-<span class='line'>487</span>      * @name getPublicKey
+<span class='line'>486</span>      * get a string index of subjectPublicKeyInfo field for hexadecimal string certificate.&lt;br/>
+<span class='line'>487</span>      * @name getPublicKeyIdx
 <span class='line'>488</span>      * @memberOf X509#
 <span class='line'>489</span>      * @function
-<span class='line'>490</span>      * @return {Object} RSAKey/ECDSA/DSA public key object of subjectPublicKeyInfo field
+<span class='line'>490</span>      * @return {Number} string index of subjectPublicKeyInfo field for hexadecimal string certificate.
 <span class='line'>491</span>      * @since jsrsasign 7.1.4 x509 1.1.13
 <span class='line'>492</span>      * @example
 <span class='line'>493</span>      * x = new X509();
 <span class='line'>494</span>      * x.readCertPEM(sCertPEM);
-<span class='line'>495</span>      * pubkey= x.getPublicKey();
+<span class='line'>495</span>      * idx = x.getPublicKeyIdx(); // return string index in x.hex parameter
 <span class='line'>496</span>      */</span><span class="WHIT">
-<span class='line'>497</span> </span><span class="WHIT">    </span><span class="NAME">this.getPublicKey</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>498</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">KEYUTIL.getKey</span><span class="PUNC">(</span><span class="NAME">this.getPublicKeyHex</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="KEYW">null</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"pkcs8pub"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>497</span> </span><span class="WHIT">    </span><span class="NAME">this.getPublicKeyIdx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>498</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">_getIdxbyList</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">6</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">this.foffset</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"30"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
 <span class='line'>499</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
 <span class='line'>500</span> 
 <span class='line'>501</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>502</span>      * get signature algorithm name from hexadecimal certificate data
-<span class='line'>503</span>      * @name getSignatureAlgorithmName
+<span class='line'>502</span>      * get a string index of contents of subjectPublicKeyInfo BITSTRING value from hexadecimal certificate&lt;br/>
+<span class='line'>503</span>      * @name getPublicKeyContentIdx
 <span class='line'>504</span>      * @memberOf X509#
 <span class='line'>505</span>      * @function
-<span class='line'>506</span>      * @return {String} signature algorithm name (ex. SHA1withRSA, SHA256withECDSA)
-<span class='line'>507</span>      * @since jsrsasign 7.2.0 x509 1.1.14
-<span class='line'>508</span>      * @see X509#getAlgorithmIdentifierName
-<span class='line'>509</span>      * @description
-<span class='line'>510</span>      * This method will get signature algorithm name of certificate:
-<span class='line'>511</span>      * @example
-<span class='line'>512</span>      * var x = new X509();
-<span class='line'>513</span>      * x.readCertPEM(sCertPEM);
-<span class='line'>514</span>      * x.getSignatureAlgorithmName() &rarr; "SHA256withRSA"
-<span class='line'>515</span>      */</span><span class="WHIT">
-<span class='line'>516</span> </span><span class="WHIT">    </span><span class="NAME">this.getSignatureAlgorithmName</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>517</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hTLV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLVbyList</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">1</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"30"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>518</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">this.getAlgorithmIdentifierName</span><span class="PUNC">(</span><span class="NAME">hTLV</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>519</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>520</span> 
-<span class='line'>521</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>522</span>      * get signature value as hexadecimal string&lt;br/>
-<span class='line'>523</span>      * @name getSignatureValueHex
-<span class='line'>524</span>      * @memberOf X509#
-<span class='line'>525</span>      * @function
-<span class='line'>526</span>      * @return {String} signature value hexadecimal string without BitString unused bits
-<span class='line'>527</span>      * @since jsrsasign 7.2.0 x509 1.1.14
-<span class='line'>528</span>      *
-<span class='line'>529</span>      * @description
-<span class='line'>530</span>      * This method will get signature value of certificate:
-<span class='line'>531</span>      *
-<span class='line'>532</span>      * @example
-<span class='line'>533</span>      * var x = new X509();
-<span class='line'>534</span>      * x.readCertPEM(sCertPEM);
-<span class='line'>535</span>      * x.getSignatureValueHex() &rarr "8a4c47913..."
-<span class='line'>536</span>      */</span><span class="WHIT">
-<span class='line'>537</span> </span><span class="WHIT">    </span><span class="NAME">this.getSignatureValueHex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>538</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">_getVbyList</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">2</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"03"</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>539</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>540</span> 
-<span class='line'>541</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>542</span>      * verifies signature value by public key&lt;br/>
-<span class='line'>543</span>      * @name verifySignature
-<span class='line'>544</span>      * @memberOf X509#
-<span class='line'>545</span>      * @function
-<span class='line'>546</span>      * @param {Object} pubKey public key object
-<span class='line'>547</span>      * @return {Boolean} true if signature value is valid otherwise false
-<span class='line'>548</span>      * @since jsrsasign 7.2.0 x509 1.1.14
-<span class='line'>549</span>      *
-<span class='line'>550</span>      * @description
-<span class='line'>551</span>      * This method verifies signature value of hexadecimal string of 
-<span class='line'>552</span>      * X.509 certificate by specified public key object.
-<span class='line'>553</span>      * The signature algorithm used to verify will refer
-<span class='line'>554</span>      * signatureAlgorithm field. (See {@link X509#getSignatureAlgorithmField})
-<span class='line'>555</span>      * RSA-PSS signature algorithms (SHA{,256,384,512}withRSAandMGF1)
-<span class='line'>556</span>      * are available.
-<span class='line'>557</span>      *
-<span class='line'>558</span>      * @example
-<span class='line'>559</span>      * pubKey = KEYUTIL.getKey(pemPublicKey); // or certificate
-<span class='line'>560</span>      * x = new X509();
-<span class='line'>561</span>      * x.readCertPEM(pemCert);
-<span class='line'>562</span>      * x.verifySignature(pubKey) &rarr; true, false or raising exception
-<span class='line'>563</span>      */</span><span class="WHIT">
-<span class='line'>564</span> </span><span class="WHIT">    </span><span class="NAME">this.verifySignature</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">pubKey</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>565</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">algName</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getSignatureAlgorithmField</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>566</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hSigVal</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getSignatureValueHex</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>567</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hTbsCert</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLVbyList</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"30"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>568</span> </span><span class="WHIT">	
-<span class='line'>569</span> 	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">sig</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">KJUR.crypto.Signature</span><span class="PUNC">(</span><span class="PUNC">{</span><span class="NAME">alg</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">algName</span><span class="PUNC">}</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>570</span> </span><span class="WHIT">	</span><span class="NAME">sig.init</span><span class="PUNC">(</span><span class="NAME">pubKey</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>571</span> </span><span class="WHIT">	</span><span class="NAME">sig.updateHex</span><span class="PUNC">(</span><span class="NAME">hTbsCert</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>572</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">sig.verify</span><span class="PUNC">(</span><span class="NAME">hSigVal</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>506</span>      * @return {Integer} string index of key contents
+<span class='line'>507</span>      * @since jsrsasign 8.0.0 x509 1.2.0
+<span class='line'>508</span>      * @example
+<span class='line'>509</span>      * x = new X509();
+<span class='line'>510</span>      * x.readCertPEM(sCertPEM);
+<span class='line'>511</span>      * idx = x.getPublicKeyContentIdx(); // return string index in x.hex parameter
+<span class='line'>512</span>      */</span><span class="WHIT">
+<span class='line'>513</span> </span><span class="WHIT">    </span><span class="COMM">// NOTE: Without BITSTRING encapsulation.</span><span class="WHIT">
+<span class='line'>514</span> </span><span class="WHIT">    </span><span class="NAME">this.getPublicKeyContentIdx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>515</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">idx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getPublicKeyIdx</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>516</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">_getIdxbyList</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">idx</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">1</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"30"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>517</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>518</span> 
+<span class='line'>519</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>520</span>      * get a RSAKey/ECDSA/DSA public key object of subjectPublicKeyInfo field.&lt;br/>
+<span class='line'>521</span>      * @name getPublicKey
+<span class='line'>522</span>      * @memberOf X509#
+<span class='line'>523</span>      * @function
+<span class='line'>524</span>      * @return {Object} RSAKey/ECDSA/DSA public key object of subjectPublicKeyInfo field
+<span class='line'>525</span>      * @since jsrsasign 7.1.4 x509 1.1.13
+<span class='line'>526</span>      * @example
+<span class='line'>527</span>      * x = new X509();
+<span class='line'>528</span>      * x.readCertPEM(sCertPEM);
+<span class='line'>529</span>      * pubkey= x.getPublicKey();
+<span class='line'>530</span>      */</span><span class="WHIT">
+<span class='line'>531</span> </span><span class="WHIT">    </span><span class="NAME">this.getPublicKey</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>532</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">KEYUTIL.getKey</span><span class="PUNC">(</span><span class="NAME">this.getPublicKeyHex</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="KEYW">null</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"pkcs8pub"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>533</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>534</span> 
+<span class='line'>535</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>536</span>      * get signature algorithm name from hexadecimal certificate data
+<span class='line'>537</span>      * @name getSignatureAlgorithmName
+<span class='line'>538</span>      * @memberOf X509#
+<span class='line'>539</span>      * @function
+<span class='line'>540</span>      * @return {String} signature algorithm name (ex. SHA1withRSA, SHA256withECDSA)
+<span class='line'>541</span>      * @since jsrsasign 7.2.0 x509 1.1.14
+<span class='line'>542</span>      * @see X509#getAlgorithmIdentifierName
+<span class='line'>543</span>      * @description
+<span class='line'>544</span>      * This method will get signature algorithm name of certificate:
+<span class='line'>545</span>      * @example
+<span class='line'>546</span>      * var x = new X509();
+<span class='line'>547</span>      * x.readCertPEM(sCertPEM);
+<span class='line'>548</span>      * x.getSignatureAlgorithmName() &rarr; "SHA256withRSA"
+<span class='line'>549</span>      */</span><span class="WHIT">
+<span class='line'>550</span> </span><span class="WHIT">    </span><span class="NAME">this.getSignatureAlgorithmName</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>551</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hTLV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLVbyList</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">1</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"30"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>552</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">this.getAlgorithmIdentifierName</span><span class="PUNC">(</span><span class="NAME">hTLV</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>553</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>554</span> 
+<span class='line'>555</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>556</span>      * get signature value as hexadecimal string&lt;br/>
+<span class='line'>557</span>      * @name getSignatureValueHex
+<span class='line'>558</span>      * @memberOf X509#
+<span class='line'>559</span>      * @function
+<span class='line'>560</span>      * @return {String} signature value hexadecimal string without BitString unused bits
+<span class='line'>561</span>      * @since jsrsasign 7.2.0 x509 1.1.14
+<span class='line'>562</span>      *
+<span class='line'>563</span>      * @description
+<span class='line'>564</span>      * This method will get signature value of certificate:
+<span class='line'>565</span>      *
+<span class='line'>566</span>      * @example
+<span class='line'>567</span>      * var x = new X509();
+<span class='line'>568</span>      * x.readCertPEM(sCertPEM);
+<span class='line'>569</span>      * x.getSignatureValueHex() &rarr "8a4c47913..."
+<span class='line'>570</span>      */</span><span class="WHIT">
+<span class='line'>571</span> </span><span class="WHIT">    </span><span class="NAME">this.getSignatureValueHex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>572</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">_getVbyList</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">2</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"03"</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
 <span class='line'>573</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
 <span class='line'>574</span> 
-<span class='line'>575</span> </span><span class="WHIT">    </span><span class="COMM">// ===== parse extension ======================================</span><span class="WHIT">
-<span class='line'>576</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>577</span>      * set array of X.509v3 and CSR extesion information such as extension OID, criticality and value index. (DEPRECATED)&lt;br/>
-<span class='line'>578</span>      * @name parseExt
-<span class='line'>579</span>      * @memberOf X509#
-<span class='line'>580</span>      * @function
-<span class='line'>581</span>      * @param {String} hCSR - PEM string of certificate signing requrest(CSR) (OPTION)
+<span class='line'>575</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>576</span>      * verifies signature value by public key&lt;br/>
+<span class='line'>577</span>      * @name verifySignature
+<span class='line'>578</span>      * @memberOf X509#
+<span class='line'>579</span>      * @function
+<span class='line'>580</span>      * @param {Object} pubKey public key object
+<span class='line'>581</span>      * @return {Boolean} true if signature value is valid otherwise false
 <span class='line'>582</span>      * @since jsrsasign 7.2.0 x509 1.1.14
-<span class='line'>583</span>      * @deprecated jsrsasign 9.1.1 x509 2.0.1
-<span class='line'>584</span>      *
-<span class='line'>585</span>      * @description
-<span class='line'>586</span>      * This method will set an array of X.509v3 extension information having 
-<span class='line'>587</span>      * following parameters:
-<span class='line'>588</span>      * &lt;ul>
-<span class='line'>589</span>      * &lt;li>oid - extension OID (ex. 2.5.29.19)&lt;/li>
-<span class='line'>590</span>      * &lt;li>critical - true or false&lt;/li>
-<span class='line'>591</span>      * &lt;li>vidx - string index for extension value&lt;/li>
-<span class='line'>592</span>      * &lt;br/>
-<span class='line'>593</span>      * When you want to parse extensionRequest of CSR,
-<span class='line'>594</span>      * argument 'hCSR' shall be specified.
-<span class='line'>595</span>      * &lt;br/>
-<span class='line'>596</span>      * NOTE: CSR is supported from jsrsasign 8.0.20 x509 1.1.22.
-<span class='line'>597</span>      * &lt;br/>
-<span class='line'>598</span>      * This method and X509.aExtInfo property
-<span class='line'>599</span>      * have been *deprecated* since jsrsasign 9.1.1.
-<span class='line'>600</span>      * All extension parser method such as X509.getExt* shall be
-<span class='line'>601</span>      * call with argument "hExtV" and "critical" explicitly.
-<span class='line'>602</span>      *
-<span class='line'>603</span>      * @example
-<span class='line'>604</span>      * x = new X509();
-<span class='line'>605</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
-<span class='line'>606</span>      *
-<span class='line'>607</span>      * x.aExtInfo &rarr;
-<span class='line'>608</span>      * [ { oid: "2.5.29,19", critical: true, vidx: 2504 }, ... ]
-<span class='line'>609</span>      *
-<span class='line'>610</span>      * // to parse CSR
-<span class='line'>611</span>      * X = new X509()
-<span class='line'>612</span>      * x.parseExt("-----BEGIN CERTIFICATE REQUEST-----...");
-<span class='line'>613</span>      * x.aExtInfo &rarr;
-<span class='line'>614</span>      * [ { oid: "2.5.29,19", critical: true, vidx: 2504 }, ... ]
-<span class='line'>615</span>      */</span><span class="WHIT">
-<span class='line'>616</span> </span><span class="WHIT">    </span><span class="NAME">this.parseExt</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hCSR</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>617</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">iExtSeq</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">aExtIdx</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">h</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>618</span> 
-<span class='line'>619</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hCSR</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>620</span> </span><span class="WHIT">	    </span><span class="NAME">h</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.hex</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>621</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">this.version</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="NUMB">3</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="PUNC">-</span><span class="NUMB">1</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>622</span> </span><span class="WHIT">	    </span><span class="NAME">iExtSeq</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getIdxbyList</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">7</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"30"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>623</span> </span><span class="WHIT">	    </span><span class="NAME">aExtIdx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">iExtSeq</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>624</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>625</span> </span><span class="WHIT">	    </span><span class="NAME">h</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">pemtohex</span><span class="PUNC">(</span><span class="NAME">hCSR</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>626</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">idx1</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getIdxbyList</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">3</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"06"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>627</span> 
-<span class='line'>628</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">idx1</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="STRN">"2a864886f70d01090e"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>629</span> </span><span class="WHIT">		</span><span class="NAME">this.aExtInfo</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Array</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>630</span> </span><span class="WHIT">		</span><span class="KEYW">return</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>631</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>632</span> 
-<span class='line'>633</span> </span><span class="WHIT">	    </span><span class="NAME">iExtSeq</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getIdxbyList</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">3</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">1</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"30"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>634</span> </span><span class="WHIT">	    </span><span class="NAME">aExtIdx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">iExtSeq</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>635</span> 
-<span class='line'>636</span> </span><span class="WHIT">	    </span><span class="NAME">this.hex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">h</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>637</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>638</span> </span><span class="WHIT">	    
-<span class='line'>639</span> 	</span><span class="NAME">this.aExtInfo</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Array</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>640</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">aExtIdx.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>641</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">item</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>642</span> </span><span class="WHIT">	    </span><span class="NAME">item.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">false</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>643</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">aExtIdx</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>644</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">offset</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>645</span> 
-<span class='line'>646</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">a.length</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NUMB">3</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>647</span> </span><span class="WHIT">		</span><span class="NAME">item.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>648</span> </span><span class="WHIT">		</span><span class="NAME">offset</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">1</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>649</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>650</span> 
-<span class='line'>651</span> </span><span class="WHIT">	    </span><span class="NAME">item.oid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_ASN1HEX.hextooidstr</span><span class="PUNC">(</span><span class="NAME">_getVbyList</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">aExtIdx</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"06"</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>652</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">octidx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getIdxbyList</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">aExtIdx</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">1</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">offset</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>653</span> </span><span class="WHIT">	    </span><span class="NAME">item.vidx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getVidx</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">octidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>654</span> </span><span class="WHIT">	    </span><span class="NAME">this.aExtInfo.push</span><span class="PUNC">(</span><span class="NAME">item</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>655</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>656</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>657</span> 
-<span class='line'>658</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>659</span>      * get a X.509v3 extesion information such as extension OID, criticality and value index for specified oid or name.&lt;br/>
-<span class='line'>660</span>      * @name getExtInfo
-<span class='line'>661</span>      * @memberOf X509#
-<span class='line'>662</span>      * @function
-<span class='line'>663</span>      * @param {String} oidOrName X.509 extension oid or name (ex. keyUsage or 2.5.29.19)
-<span class='line'>664</span>      * @return X.509 extension information such as extension OID or value indx (see {@link X509#parseExt})
-<span class='line'>665</span>      * @since jsrsasign 7.2.0 x509 1.1.14
-<span class='line'>666</span>      * @description
-<span class='line'>667</span>      * This method will get an X.509v3 extension information JSON object
-<span class='line'>668</span>      * having extension OID, criticality and value idx for specified
-<span class='line'>669</span>      * extension OID or name.
-<span class='line'>670</span>      * If there is no such extension, this returns undefined.
-<span class='line'>671</span>      * @example
-<span class='line'>672</span>      * x = new X509();
-<span class='line'>673</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
-<span class='line'>674</span>      *
-<span class='line'>675</span>      * x.getExtInfo("keyUsage") &rarr; { oid: "2.5.29.15", critical: true, vidx: 1714 }
-<span class='line'>676</span>      * x.getExtInfo("unknownExt") &rarr; undefined
-<span class='line'>677</span>      */</span><span class="WHIT">
-<span class='line'>678</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtInfo</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">oidOrName</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>679</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.aExtInfo</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>680</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">oidOrName</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>681</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="PUNC">!</span><span class="WHIT"> </span><span class="NAME">oidOrName.match</span><span class="PUNC">(</span><span class="REGX">/^[0-9.]+$/</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>682</span> </span><span class="WHIT">	    </span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">KJUR.asn1.x509.OID.name2oid</span><span class="PUNC">(</span><span class="NAME">oidOrName</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>683</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>684</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">''</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>685</span> 
-<span class='line'>686</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>687</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">oid</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>688</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>689</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>583</span>      *
+<span class='line'>584</span>      * @description
+<span class='line'>585</span>      * This method verifies signature value of hexadecimal string of 
+<span class='line'>586</span>      * X.509 certificate by specified public key object.
+<span class='line'>587</span>      * The signature algorithm used to verify will refer
+<span class='line'>588</span>      * signatureAlgorithm field. (See {@link X509#getSignatureAlgorithmField})
+<span class='line'>589</span>      * RSA-PSS signature algorithms (SHA{,256,384,512}withRSAandMGF1)
+<span class='line'>590</span>      * are available.
+<span class='line'>591</span>      *
+<span class='line'>592</span>      * @example
+<span class='line'>593</span>      * pubKey = KEYUTIL.getKey(pemPublicKey); // or certificate
+<span class='line'>594</span>      * x = new X509();
+<span class='line'>595</span>      * x.readCertPEM(pemCert);
+<span class='line'>596</span>      * x.verifySignature(pubKey) &rarr; true, false or raising exception
+<span class='line'>597</span>      */</span><span class="WHIT">
+<span class='line'>598</span> </span><span class="WHIT">    </span><span class="NAME">this.verifySignature</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">pubKey</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>599</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">algName</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getSignatureAlgorithmField</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>600</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hSigVal</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getSignatureValueHex</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>601</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hTbsCert</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLVbyList</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"30"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>602</span> </span><span class="WHIT">	
+<span class='line'>603</span> 	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">sig</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">KJUR.crypto.Signature</span><span class="PUNC">(</span><span class="PUNC">{</span><span class="NAME">alg</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">algName</span><span class="PUNC">}</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>604</span> </span><span class="WHIT">	</span><span class="NAME">sig.init</span><span class="PUNC">(</span><span class="NAME">pubKey</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>605</span> </span><span class="WHIT">	</span><span class="NAME">sig.updateHex</span><span class="PUNC">(</span><span class="NAME">hTbsCert</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>606</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">sig.verify</span><span class="PUNC">(</span><span class="NAME">hSigVal</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>607</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>608</span> 
+<span class='line'>609</span> </span><span class="WHIT">    </span><span class="COMM">// ===== parse extension ======================================</span><span class="WHIT">
+<span class='line'>610</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>611</span>      * set array of X.509v3 and CSR extesion information such as extension OID, criticality and value index. (DEPRECATED)&lt;br/>
+<span class='line'>612</span>      * @name parseExt
+<span class='line'>613</span>      * @memberOf X509#
+<span class='line'>614</span>      * @function
+<span class='line'>615</span>      * @param {String} hCSR - PEM string of certificate signing requrest(CSR) (OPTION)
+<span class='line'>616</span>      * @since jsrsasign 7.2.0 x509 1.1.14
+<span class='line'>617</span>      * @deprecated jsrsasign 9.1.1 x509 2.0.1
+<span class='line'>618</span>      *
+<span class='line'>619</span>      * @description
+<span class='line'>620</span>      * This method will set an array of X.509v3 extension information having 
+<span class='line'>621</span>      * following parameters:
+<span class='line'>622</span>      * &lt;ul>
+<span class='line'>623</span>      * &lt;li>oid - extension OID (ex. 2.5.29.19)&lt;/li>
+<span class='line'>624</span>      * &lt;li>critical - true or false&lt;/li>
+<span class='line'>625</span>      * &lt;li>vidx - string index for extension value&lt;/li>
+<span class='line'>626</span>      * &lt;br/>
+<span class='line'>627</span>      * When you want to parse extensionRequest of CSR,
+<span class='line'>628</span>      * argument 'hCSR' shall be specified.
+<span class='line'>629</span>      * &lt;br/>
+<span class='line'>630</span>      * NOTE: CSR is supported from jsrsasign 8.0.20 x509 1.1.22.
+<span class='line'>631</span>      * &lt;br/>
+<span class='line'>632</span>      * This method and X509.aExtInfo property
+<span class='line'>633</span>      * have been *deprecated* since jsrsasign 9.1.1.
+<span class='line'>634</span>      * All extension parser method such as X509.getExt* shall be
+<span class='line'>635</span>      * call with argument "hExtV" and "critical" explicitly.
+<span class='line'>636</span>      *
+<span class='line'>637</span>      * @example
+<span class='line'>638</span>      * x = new X509();
+<span class='line'>639</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
+<span class='line'>640</span>      *
+<span class='line'>641</span>      * x.aExtInfo &rarr;
+<span class='line'>642</span>      * [ { oid: "2.5.29,19", critical: true, vidx: 2504 }, ... ]
+<span class='line'>643</span>      *
+<span class='line'>644</span>      * // to parse CSR
+<span class='line'>645</span>      * X = new X509()
+<span class='line'>646</span>      * x.parseExt("-----BEGIN CERTIFICATE REQUEST-----...");
+<span class='line'>647</span>      * x.aExtInfo &rarr;
+<span class='line'>648</span>      * [ { oid: "2.5.29,19", critical: true, vidx: 2504 }, ... ]
+<span class='line'>649</span>      */</span><span class="WHIT">
+<span class='line'>650</span> </span><span class="WHIT">    </span><span class="NAME">this.parseExt</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hCSR</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>651</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">iExtSeq</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">aExtIdx</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">h</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>652</span> 
+<span class='line'>653</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hCSR</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>654</span> </span><span class="WHIT">	    </span><span class="NAME">h</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.hex</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>655</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">this.version</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="NUMB">3</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="PUNC">-</span><span class="NUMB">1</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>656</span> </span><span class="WHIT">	    </span><span class="NAME">iExtSeq</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getIdxbyList</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">7</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"30"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>657</span> </span><span class="WHIT">	    </span><span class="NAME">aExtIdx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">iExtSeq</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>658</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>659</span> </span><span class="WHIT">	    </span><span class="NAME">h</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">pemtohex</span><span class="PUNC">(</span><span class="NAME">hCSR</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>660</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">idx1</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getIdxbyList</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">3</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"06"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>661</span> 
+<span class='line'>662</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">idx1</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="STRN">"2a864886f70d01090e"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>663</span> </span><span class="WHIT">		</span><span class="NAME">this.aExtInfo</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Array</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>664</span> </span><span class="WHIT">		</span><span class="KEYW">return</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>665</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>666</span> 
+<span class='line'>667</span> </span><span class="WHIT">	    </span><span class="NAME">iExtSeq</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getIdxbyList</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">3</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">1</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"30"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>668</span> </span><span class="WHIT">	    </span><span class="NAME">aExtIdx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">iExtSeq</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>669</span> 
+<span class='line'>670</span> </span><span class="WHIT">	    </span><span class="NAME">this.hex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">h</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>671</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>672</span> </span><span class="WHIT">	    
+<span class='line'>673</span> 	</span><span class="NAME">this.aExtInfo</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Array</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>674</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">aExtIdx.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>675</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">item</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>676</span> </span><span class="WHIT">	    </span><span class="NAME">item.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">false</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>677</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">aExtIdx</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>678</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">offset</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>679</span> 
+<span class='line'>680</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">a.length</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NUMB">3</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>681</span> </span><span class="WHIT">		</span><span class="NAME">item.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>682</span> </span><span class="WHIT">		</span><span class="NAME">offset</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">1</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>683</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>684</span> 
+<span class='line'>685</span> </span><span class="WHIT">	    </span><span class="NAME">item.oid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_ASN1HEX.hextooidstr</span><span class="PUNC">(</span><span class="NAME">_getVbyList</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">aExtIdx</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"06"</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>686</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">octidx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getIdxbyList</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">aExtIdx</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">1</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">offset</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>687</span> </span><span class="WHIT">	    </span><span class="NAME">item.vidx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getVidx</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">octidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>688</span> </span><span class="WHIT">	    </span><span class="NAME">this.aExtInfo.push</span><span class="PUNC">(</span><span class="NAME">item</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>689</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
 <span class='line'>690</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
 <span class='line'>691</span> 
 <span class='line'>692</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>693</span>      * get BasicConstraints extension value as object in the certificate
-<span class='line'>694</span>      * @name getExtBasicConstraints
+<span class='line'>693</span>      * get a X.509v3 extesion information such as extension OID, criticality and value index for specified oid or name.&lt;br/>
+<span class='line'>694</span>      * @name getExtInfo
 <span class='line'>695</span>      * @memberOf X509#
 <span class='line'>696</span>      * @function
-<span class='line'>697</span>      * @param {String} hExtV hexadecimal string of extension value (OPTIONAL)
-<span class='line'>698</span>      * @param {Boolean} critical flag (OPTIONAL)
-<span class='line'>699</span>      * @return {Array} JSON object of BasicConstraints parameter or undefined
-<span class='line'>700</span>      * @since jsrsasign 7.2.0 x509 1.1.14
-<span class='line'>701</span>      * @see KJUR.asn1.x509.BasicConstraints
-<span class='line'>702</span>      * @description
-<span class='line'>703</span>      * This method will get basic constraints extension value as object with following paramters.
-<span class='line'>704</span>      * &lt;ul>
-<span class='line'>705</span>      * &lt;li>{Boolean}cA - CA flag whether CA or not&lt;/li>
-<span class='line'>706</span>      * &lt;li>{Integer}pathLen - maximum intermediate certificate length&lt;/li>
-<span class='line'>707</span>      * &lt;li>{Boolean}critical - critical flag&lt;/li>
-<span class='line'>708</span>      * &lt;/ul>
-<span class='line'>709</span>      * There are use cases for return values:
-<span class='line'>710</span>      * &lt;ul>
-<span class='line'>711</span>      * &lt;li>{cA:true,pathLen:3,critical:true} - cA flag is true and pathLen is 3&lt;/li>
-<span class='line'>712</span>      * &lt;li>{cA:true,critical:true} - cA flag is true and no pathLen&lt;/li>
-<span class='line'>713</span>      * &lt;li>{} - basic constraints has no value in case of end entity certificate&lt;/li>
-<span class='line'>714</span>      * &lt;li>undefined - there is no basic constraints extension&lt;/li>
-<span class='line'>715</span>      * &lt;/ul>
-<span class='line'>716</span>      * @example
-<span class='line'>717</span>      * x = new X509();
-<span class='line'>718</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
-<span class='line'>719</span>      * x.getExtBasicConstraints() &rarr; {cA:true,pathLen:3,critical:true}
-<span class='line'>720</span>      */</span><span class="WHIT">
-<span class='line'>721</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtBasicConstraints</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>722</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>723</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtInfo</span><span class="PUNC">(</span><span class="STRN">"basicConstraints"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>724</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>725</span> </span><span class="WHIT">	    </span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">info.vidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>726</span> </span><span class="WHIT">	    </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">info.critical</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>727</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>728</span> 
-<span class='line'>729</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">extname</span><span class="PUNC">:</span><span class="STRN">"basicConstraints"</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>730</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>731</span> 
-<span class='line'>732</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">'3000'</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>733</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">'30030101ff'</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>734</span> </span><span class="WHIT">	    </span><span class="NAME">result.cA</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>735</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>736</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>737</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV.substr</span><span class="PUNC">(</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">12</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">'30060101ff02'</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>738</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">pathLexHex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">10</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>739</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">pathLen</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">parseInt</span><span class="PUNC">(</span><span class="NAME">pathLexHex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">16</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>740</span> </span><span class="WHIT">	    </span><span class="NAME">result.cA</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>741</span> </span><span class="WHIT">	    </span><span class="NAME">result.pathLen</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">pathLen</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>742</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>743</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>744</span> </span><span class="WHIT">	</span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Error</span><span class="PUNC">(</span><span class="STRN">"hExtV parse error: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">hExtV</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>745</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>746</span> 
-<span class='line'>747</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>748</span>      * get NameConstraints extension value as object in the certificate&lt;br/>
-<span class='line'>749</span>      * @name getExtNameConstraints
-<span class='line'>750</span>      * @memberOf X509#
-<span class='line'>751</span>      * @function
-<span class='line'>752</span>      * @param {String} hExtV hexadecimal string of extension value (OPTIONAL)
-<span class='line'>753</span>      * @param {Boolean} critical flag (OPTIONAL)
-<span class='line'>754</span>      * @return {Object} JSON object of NamConstraints parameter or undefined
-<span class='line'>755</span>      * @since jsrsasign 10.5.16 x509 2.0.16
-<span class='line'>756</span>      * @see KJUR.asn1.x509.NameConstraints
-<span class='line'>757</span>      * @see KJUR.asn1.x509.GeneralSubtree
-<span class='line'>758</span>      * @see KJUR.asn1.x509.GeneralName
-<span class='line'>759</span>      * @see X509#getGeneralSubtree
-<span class='line'>760</span>      * @see X509#getGeneralName
-<span class='line'>761</span>      *
-<span class='line'>762</span>      * @description
-<span class='line'>763</span>      * This method will get name constraints extension value as object with following paramters.
-<span class='line'>764</span>      * &lt;ul>
-<span class='line'>765</span>      * &lt;li>{Array}permit - array of {@link KJUR.asn1.x509.GeneralSubtree} parameter&lt;/li>
-<span class='line'>766</span>      * &lt;li>{Array}exclude - array of {@link KJUR.asn1.x509.GeneralSubtree} parameter&lt;/li>
-<span class='line'>767</span>      * &lt;li>{Boolean}critical - critical flag&lt;/li>
-<span class='line'>768</span>      * &lt;/ul>
-<span class='line'>769</span>      *
-<span class='line'>770</span>      * @example
-<span class='line'>771</span>      * x = new X509(sCertPEM);
-<span class='line'>772</span>      * x.getExtNameConstraints() &rarr; {
-<span class='line'>773</span>      *   critical: true,
-<span class='line'>774</span>      *   permit: [{dns: 'example.com'},{rfc822: 'john@example.com'}],
-<span class='line'>775</span>      *   exclude: [{dn: {...X500Name parameter...}}]
-<span class='line'>776</span>      * }
-<span class='line'>777</span>      */</span><span class="WHIT">
-<span class='line'>778</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtNameConstraints</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>779</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>780</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtInfo</span><span class="PUNC">(</span><span class="STRN">"nameConstraints"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>781</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>782</span> </span><span class="WHIT">	    </span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">info.vidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>783</span> </span><span class="WHIT">	    </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">info.critical</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>784</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>785</span> 
-<span class='line'>786</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">extname</span><span class="PUNC">:</span><span class="STRN">"nameConstraints"</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>787</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>788</span> 
-<span class='line'>789</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>790</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">aIdx.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>791</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aList</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>792</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aIdx2</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>793</span> </span><span class="WHIT">	    </span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">j</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">j</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">aIdx2.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">j</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>794</span> </span><span class="WHIT">		</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hSub</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">aIdx2</span><span class="PUNC">[</span><span class="NAME">j</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>795</span> </span><span class="WHIT">		</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">p</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getGeneralSubtree</span><span class="PUNC">(</span><span class="NAME">hSub</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>796</span> </span><span class="WHIT">		</span><span class="NAME">aList.push</span><span class="PUNC">(</span><span class="NAME">p</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>797</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>798</span> 
-<span class='line'>799</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">hExtV.substr</span><span class="PUNC">(</span><span class="NAME">aIdx</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT"> 
-<span class='line'>800</span> 	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"a0"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>801</span> </span><span class="WHIT">		</span><span class="NAME">result.permit</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">aList</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>802</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"a1"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>803</span> </span><span class="WHIT">		</span><span class="NAME">result.exclude</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">aList</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>804</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>805</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>806</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>807</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>808</span> 
-<span class='line'>809</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>810</span>      * get GeneralSubtree ASN.1 structure parameter as JSON object&lt;br/>
-<span class='line'>811</span>      * @name getGeneralSubtree
-<span class='line'>812</span>      * @memberOf X509#
-<span class='line'>813</span>      * @function
-<span class='line'>814</span>      * @param {String} h hexadecimal string of GeneralSubtree
-<span class='line'>815</span>      * @return {Object} JSON object of GeneralSubtree parameters or undefined
-<span class='line'>816</span>      * @since jsrsasign 10.5.16 x509 2.0.16
-<span class='line'>817</span>      * @see KJUR.asn1.x509.GeneralSubtree
-<span class='line'>818</span>      * @see KJUR.asn1.x509.GeneralName
-<span class='line'>819</span>      * @see X509#getExtNameConstraints
-<span class='line'>820</span>      * @see X509#getGeneralName
-<span class='line'>821</span>      *
-<span class='line'>822</span>      * @description
-<span class='line'>823</span>      * This method will get GeneralSubtree parameters defined in
-<span class='line'>824</span>      * &lt;a href="https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.10">
-<span class='line'>825</span>      * RFC 5280 4.2.1.10&lt;/a>.
-<span class='line'>826</span>      * &lt;pre>
-<span class='line'>827</span>      * GeneralSubtree ::= SEQUENCE {
-<span class='line'>828</span>      *      base                    GeneralName,
-<span class='line'>829</span>      *      minimum         [0]     BaseDistance DEFAULT 0,
-<span class='line'>830</span>      *      maximum         [1]     BaseDistance OPTIONAL }
-<span class='line'>831</span>      * BaseDistance ::= INTEGER (0..MAX)
-<span class='line'>832</span>      * &lt;/pre>
-<span class='line'>833</span>      * Result of this method can be passed to
-<span class='line'>834</span>      * {@link KJUR.asn1.x509.GeneralSubtree} constructor.
-<span class='line'>835</span>      * 
-<span class='line'>836</span>      * @example
-<span class='line'>837</span>      * x = new X509(sPEM);
-<span class='line'>838</span>      * x.getGeneralSubtree("30...") &rarr; { dn: ...X500NameObject..., min: 1, max: 3 }
-<span class='line'>839</span>      * x.getGeneralSubtree("30...") &rarr; { dns: ".example.com" }
-<span class='line'>840</span>      */</span><span class="WHIT">
-<span class='line'>841</span> </span><span class="WHIT">    </span><span class="NAME">this.getGeneralSubtree</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>842</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>843</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">len</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">aIdx.length</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>844</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">len</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NUMB">1</span><span class="WHIT"> </span><span class="PUNC">||</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">len</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Error</span><span class="PUNC">(</span><span class="STRN">"wrong num elements"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>845</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getGeneralName</span><span class="PUNC">(</span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>846</span> 
-<span class='line'>847</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">1</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">len</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>848</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">h.substr</span><span class="PUNC">(</span><span class="NAME">aIdx</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>849</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>850</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">minmaxValue</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">parseInt</span><span class="PUNC">(</span><span class="NAME">hV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">16</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>851</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"80"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.min</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">minmaxValue</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>852</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"81"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.max</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">minmaxValue</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>853</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>854</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>855</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>856</span> 
-<span class='line'>857</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>858</span>      * get KeyUsage extension value as JSON object
-<span class='line'>859</span>      * @memberOf X509#
-<span class='line'>860</span>      * @function
-<span class='line'>861</span>      * @name getExtKeyUsage
-<span class='line'>862</span>      * @param {String} hExtV hexadecimal string of extension value (OPTIONAL)
-<span class='line'>863</span>      * @param {Boolean} critical flag (OPTIONAL)
-<span class='line'>864</span>      * @return {Array} JSON object of KeyUsage parameter or undefined
-<span class='line'>865</span>      * @since jsrsasign 9.0.0 x509 2.0.0
-<span class='line'>866</span>      * @see KJUR.asn1.x509.KeyUsage
-<span class='line'>867</span>      * @see X509#getExtKeyUsageString
-<span class='line'>868</span>      * @description
-<span class='line'>869</span>      * This method parse keyUsage extension. When arguments are
-<span class='line'>870</span>      * not specified, its extension in X509 object will be parsed.
-<span class='line'>871</span>      * Result of this method can be passed to 
-<span class='line'>872</span>      * {@link KJUR.asn1.x509.KeyUsage} constructor.
-<span class='line'>873</span>      * &lt;br>
-<span class='line'>874</span>      * When hExtV and critical specified as arguments, return value
-<span class='line'>875</span>      * will be generated from them.
-<span class='line'>876</span>      * &lt;pre>
-<span class='line'>877</span>      * id-ce-keyUsage OBJECT IDENTIFIER ::=  { id-ce 15 }
-<span class='line'>878</span>      * KeyUsage ::= BIT STRING {
-<span class='line'>879</span>      *      digitalSignature        (0),
-<span class='line'>880</span>      *      nonRepudiation          (1),
-<span class='line'>881</span>      *      keyEncipherment         (2),
-<span class='line'>882</span>      *      dataEncipherment        (3),
-<span class='line'>883</span>      *      keyAgreement            (4),
-<span class='line'>884</span>      *      keyCertSign             (5),
-<span class='line'>885</span>      *      cRLSign                 (6),
-<span class='line'>886</span>      *      encipherOnly            (7),
-<span class='line'>887</span>      *      decipherOnly            (8) }     
-<span class='line'>888</span>      * &lt;/pre>
-<span class='line'>889</span>      * @example
-<span class='line'>890</span>      * x = new X509();
-<span class='line'>891</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
-<span class='line'>892</span>      * x.getExtKeyUsage() &rarr;
-<span class='line'>893</span>      * {
-<span class='line'>894</span>      *   critial: true,
-<span class='line'>895</span>      *   names: ["digitalSignature", "decipherOnly"]
-<span class='line'>896</span>      * }
-<span class='line'>897</span>      *
-<span class='line'>898</span>      * x = new X509();
-<span class='line'>899</span>      * x.getExtKeyUsage("306230...") 
-<span class='line'>900</span>      * x.getExtKeyUsage("306230...", true) 
-<span class='line'>901</span>      */</span><span class="WHIT">
-<span class='line'>902</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtKeyUsage</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>903</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>904</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtInfo</span><span class="PUNC">(</span><span class="STRN">"keyUsage"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>905</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>906</span> </span><span class="WHIT">	    </span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">info.vidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>907</span> </span><span class="WHIT">	    </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">info.critical</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>908</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>909</span> 
-<span class='line'>910</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">extname</span><span class="PUNC">:</span><span class="STRN">"keyUsage"</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>911</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>912</span> 
-<span class='line'>913</span> </span><span class="WHIT">	</span><span class="NAME">result.names</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtKeyUsageString</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">)</span><span class="PUNC">.</span><span class="NAME">split</span><span class="PUNC">(</span><span class="STRN">","</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>914</span> 
-<span class='line'>915</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>916</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>917</span> 
-<span class='line'>918</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>919</span>      * get KeyUsage extension value as binary string in the certificate&lt;br/>
-<span class='line'>920</span>      * @name getExtKeyUsageBin
-<span class='line'>921</span>      * @memberOf X509#
-<span class='line'>922</span>      * @function
-<span class='line'>923</span>      * @param {String} hExtV hexadecimal string of extension value (OPTIONAL)
-<span class='line'>924</span>      * @return {String} binary string of key usage bits (ex. '101')
-<span class='line'>925</span>      * @since jsrsasign 7.2.0 x509 1.1.14
-<span class='line'>926</span>      * @see X509#getExtKeyUsage
-<span class='line'>927</span>      * @description
-<span class='line'>928</span>      * This method will get key usage extension value
-<span class='line'>929</span>      * as binary string such like '101'.
-<span class='line'>930</span>      * Key usage bits definition is in the RFC 5280.
-<span class='line'>931</span>      * If there is no key usage extension in the certificate,
-<span class='line'>932</span>      * it returns empty string (i.e. '').
-<span class='line'>933</span>      * &lt;br/>
-<span class='line'>934</span>      * NOTE: argument 'hExtV' supported since jsrsasign 9.0.0 x509 2.0.0.
-<span class='line'>935</span>      * @example
-<span class='line'>936</span>      * x = new X509();
-<span class='line'>937</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
-<span class='line'>938</span>      * x.getExtKeyUsageBin() &rarr; '101'
-<span class='line'>939</span>      * // 1 - digitalSignature
-<span class='line'>940</span>      * // 0 - nonRepudiation
-<span class='line'>941</span>      * // 1 - keyEncipherment
-<span class='line'>942</span>      */</span><span class="WHIT">
-<span class='line'>943</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtKeyUsageBin</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>944</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>945</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtInfo</span><span class="PUNC">(</span><span class="STRN">"keyUsage"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>946</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="STRN">''</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>947</span> </span><span class="WHIT">	    </span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">info.vidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>948</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>949</span> </span><span class="WHIT">	
-<span class='line'>950</span> 	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV.length</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NUMB">8</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">hExtV.length</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NUMB">10</span><span class="PUNC">)</span><span class="WHIT">
-<span class='line'>951</span> </span><span class="WHIT">	    </span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Error</span><span class="PUNC">(</span><span class="STRN">"malformed key usage value: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">hExtV</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>952</span> 
-<span class='line'>953</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"000000000000000"</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">parseInt</span><span class="PUNC">(</span><span class="NAME">hExtV.substr</span><span class="PUNC">(</span><span class="NUMB">6</span><span class="PUNC">)</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">16</span><span class="PUNC">)</span><span class="PUNC">.</span><span class="NAME">toString</span><span class="PUNC">(</span><span class="NUMB">2</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>954</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV.length</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NUMB">8</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">s.slice</span><span class="PUNC">(</span><span class="PUNC">-</span><span class="NUMB">8</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>955</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV.length</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NUMB">10</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">s.slice</span><span class="PUNC">(</span><span class="PUNC">-</span><span class="NUMB">16</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>956</span> </span><span class="WHIT">	</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">s.replace</span><span class="PUNC">(</span><span class="REGX">/0+$/</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">''</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>957</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">''</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">'0'</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>958</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">s</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>959</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>960</span> 
-<span class='line'>961</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>962</span>      * get KeyUsage extension value as names in the certificate&lt;br/>
-<span class='line'>963</span>      * @name getExtKeyUsageString
-<span class='line'>964</span>      * @memberOf X509#
-<span class='line'>965</span>      * @function
-<span class='line'>966</span>      * @param {String} hExtV hexadecimal string of extension value (OPTIONAL)
-<span class='line'>967</span>      * @return {String} comma separated string of key usage
-<span class='line'>968</span>      * @since jsrsasign 7.2.0 x509 1.1.14
-<span class='line'>969</span>      * @see X509#getExtKeyUsage
-<span class='line'>970</span>      * @description
-<span class='line'>971</span>      * This method will get key usage extension value
-<span class='line'>972</span>      * as comma separated string of usage names.
-<span class='line'>973</span>      * If there is no key usage extension in the certificate,
-<span class='line'>974</span>      * it returns empty string (i.e. '').
-<span class='line'>975</span>      * &lt;br/>
-<span class='line'>976</span>      * NOTE: argument 'hExtV' supported since jsrsasign 9.0.0 x509 2.0.0.
-<span class='line'>977</span>      * @example
-<span class='line'>978</span>      * x = new X509();
-<span class='line'>979</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
-<span class='line'>980</span>      * x.getExtKeyUsageString() &rarr; "digitalSignature,keyEncipherment"
-<span class='line'>981</span>      */</span><span class="WHIT">
-<span class='line'>982</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtKeyUsageString</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>983</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">bKeyUsage</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtKeyUsageBin</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>984</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Array</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>985</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">bKeyUsage.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>986</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">bKeyUsage.substr</span><span class="PUNC">(</span><span class="NAME">i</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">1</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"1"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">a.push</span><span class="PUNC">(</span><span class="NAME">X509.KEYUSAGE_NAME</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>987</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>988</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">a.join</span><span class="PUNC">(</span><span class="STRN">","</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>989</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>990</span> 
-<span class='line'>991</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>992</span>      * get subjectKeyIdentifier value as hexadecimal string in the certificate&lt;br/>
-<span class='line'>993</span>      * @name getExtSubjectKeyIdentifier
-<span class='line'>994</span>      * @memberOf X509#
-<span class='line'>995</span>      * @function
-<span class='line'>996</span>      * @param {String} hExtV hexadecimal string of extension value (OPTIONAL)
-<span class='line'>997</span>      * @param {Boolean} critical flag (OPTIONAL)
-<span class='line'>998</span>      * @return {Array} JSON object of SubjectKeyIdentifier parameter or undefined
-<span class='line'>999</span>      * @since jsrsasign 7.2.0 x509 1.1.14
-<span class='line'>1000</span>      * @description
-<span class='line'>1001</span>      * This method will get 
-<span class='line'>1002</span>      * &lt;a href="https://tools.ietf.org/html/rfc5280#section-4.2.1.2">
-<span class='line'>1003</span>      * SubjectKeyIdentifier extension&lt;/a> value as JSON object.
-<span class='line'>1004</span>      * &lt;br>
-<span class='line'>1005</span>      * When hExtV and critical specified as arguments, return value
-<span class='line'>1006</span>      * will be generated from them.
-<span class='line'>1007</span>      * If there is no such extension in the certificate, it returns undefined.
-<span class='line'>1008</span>      * &lt;br>
-<span class='line'>1009</span>      * Result of this method can be passed to 
-<span class='line'>1010</span>      * {@link KJUR.asn1.x509.SubjectKeyIdentifier} constructor.
-<span class='line'>1011</span>      * &lt;pre>
-<span class='line'>1012</span>      * id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::=  { id-ce 14 }
-<span class='line'>1013</span>      * SubjectKeyIdentifier ::= KeyIdentifier
-<span class='line'>1014</span>      * &lt;/pre>
-<span class='line'>1015</span>      * &lt;br>
-<span class='line'>1016</span>      * CAUTION:
-<span class='line'>1017</span>      * Returned JSON value format have been changed without 
-<span class='line'>1018</span>      * backward compatibility since jsrsasign 9.0.0 x509 2.0.0.
-<span class='line'>1019</span>      *
-<span class='line'>1020</span>      * @example
-<span class='line'>1021</span>      * x = new X509();
-<span class='line'>1022</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
-<span class='line'>1023</span>      * x.getExtSubjectKeyIdentifier() &rarr; 
-<span class='line'>1024</span>      * { kid: {hex: "1b3347ab..."}, critical: true };
-<span class='line'>1025</span>      */</span><span class="WHIT">
-<span class='line'>1026</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtSubjectKeyIdentifier</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1027</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1028</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtInfo</span><span class="PUNC">(</span><span class="STRN">"subjectKeyIdentifier"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1029</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1030</span> </span><span class="WHIT">	    </span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">info.vidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1031</span> </span><span class="WHIT">	    </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">info.critical</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1032</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1033</span> 
-<span class='line'>1034</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">extname</span><span class="PUNC">:</span><span class="STRN">"subjectKeyIdentifier"</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1035</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1036</span> 
-<span class='line'>1037</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hKID</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1038</span> </span><span class="WHIT">	</span><span class="NAME">result.kid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">hex</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">hKID</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1039</span> 
-<span class='line'>1040</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1041</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1042</span> 
-<span class='line'>1043</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>1044</span>      * get authorityKeyIdentifier value as JSON object in the certificate&lt;br/>
-<span class='line'>1045</span>      * @name getExtAuthorityKeyIdentifier
-<span class='line'>1046</span>      * @memberOf X509#
-<span class='line'>1047</span>      * @function
-<span class='line'>1048</span>      * @param {String} hExtV hexadecimal string of extension value (OPTIONAL)
-<span class='line'>1049</span>      * @param {Boolean} critical flag (OPTIONAL)
-<span class='line'>1050</span>      * @return {Array} JSON object of AuthorityKeyIdentifier parameter or undefined
-<span class='line'>1051</span>      * @since jsrsasign 7.2.0 x509 1.1.14
-<span class='line'>1052</span>      * @see KJUR.asn1.x509.AuthorityKeyIdentifier
-<span class='line'>1053</span>      * @description
-<span class='line'>1054</span>      * This method will get 
-<span class='line'>1055</span>      * &lt;a href="https://tools.ietf.org/html/rfc5280#section-4.2.1.1">
-<span class='line'>1056</span>      * AuthorityKeyIdentifier extension&lt;/a> value as JSON object.
-<span class='line'>1057</span>      * &lt;br>
-<span class='line'>1058</span>      * When hExtV and critical specified as arguments, return value
-<span class='line'>1059</span>      * will be generated from them.
-<span class='line'>1060</span>      * If there is no such extension in the certificate, it returns undefined.
-<span class='line'>1061</span>      * &lt;br/>
-<span class='line'>1062</span>      * Result of this method can be passed to 
-<span class='line'>1063</span>      * {@link KJUR.asn1.x509.AuthorityKeyIdentifier} constructor.
-<span class='line'>1064</span>      * &lt;pre>
-<span class='line'>1065</span>      *    id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::=  { id-ce 35 }
-<span class='line'>1066</span>      *    AuthorityKeyIdentifier ::= SEQUENCE {
-<span class='line'>1067</span>      *       keyIdentifier             [0] KeyIdentifier           OPTIONAL,
-<span class='line'>1068</span>      *       authorityCertIssuer       [1] GeneralNames            OPTIONAL,
-<span class='line'>1069</span>      *       authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL  }
-<span class='line'>1070</span>      *    KeyIdentifier ::= OCTET STRING
-<span class='line'>1071</span>      * &lt;/pre>
-<span class='line'>1072</span>      * Constructor may have following parameters:
-<span class='line'>1073</span>      * &lt;ul>
-<span class='line'>1074</span>      * &lt;li>{Array}kid - JSON object of {@link KJUR.asn1.DEROctetString} parameters&lt;/li>
-<span class='line'>1075</span>      * &lt;li>{Array}issuer - JSON object of {@link KJUR.asn1.x509.X500Name} parameters&lt;/li>
-<span class='line'>1076</span>      * &lt;li>{Array}sn - JSON object of {@link KJUR.asn1.DERInteger} parameters&lt;/li>
-<span class='line'>1077</span>      * &lt;li>{Boolean}critical - critical flag&lt;/li>
-<span class='line'>1078</span>      * &lt;/ul>
-<span class='line'>1079</span>      * &lt;br>
-<span class='line'>1080</span>      * NOTE: The 'authorityCertIssuer' and 'authorityCertSerialNumber'
-<span class='line'>1081</span>      * supported since jsrsasign 9.0.0 x509 2.0.0.
-<span class='line'>1082</span>      * @example
-<span class='line'>1083</span>      * x = new X509();
-<span class='line'>1084</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
-<span class='line'>1085</span>      * x.getExtAuthorityKeyIdentifier() &rarr; 
-<span class='line'>1086</span>      * { kid: {hex: "1234abcd..."},
-<span class='line'>1087</span>      *   issuer: {hex: "30..."},
-<span class='line'>1088</span>      *   sn: {hex: "1234..."},
-<span class='line'>1089</span>      *   critical: true}
-<span class='line'>1090</span>      */</span><span class="WHIT">
-<span class='line'>1091</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtAuthorityKeyIdentifier</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1092</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1093</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtInfo</span><span class="PUNC">(</span><span class="STRN">"authorityKeyIdentifier"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1094</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1095</span> </span><span class="WHIT">	    </span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">info.vidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1096</span> </span><span class="WHIT">	    </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">info.critical</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1097</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1098</span> 
-<span class='line'>1099</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">extname</span><span class="PUNC">:</span><span class="STRN">"authorityKeyIdentifier"</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1100</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1101</span> 
-<span class='line'>1102</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1103</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1104</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">hExtV.substr</span><span class="PUNC">(</span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1105</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"80"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1106</span> </span><span class="WHIT">		</span><span class="NAME">result.kid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">hex</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1107</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1108</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"a1"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1109</span> </span><span class="WHIT">		</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hGNS</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1110</span> </span><span class="WHIT">		</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">gnsParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getGeneralNames</span><span class="PUNC">(</span><span class="NAME">hGNS</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1111</span> </span><span class="WHIT">		</span><span class="NAME">result.issuer</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">gnsParam</span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">[</span><span class="STRN">"dn"</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1112</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1113</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"82"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1114</span> </span><span class="WHIT">		</span><span class="NAME">result.sn</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">hex</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1115</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1116</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1117</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1118</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1119</span> 
-<span class='line'>1120</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>1121</span>      * get extKeyUsage value as JSON object
-<span class='line'>1122</span>      * @name getExtExtKeyUsage
-<span class='line'>1123</span>      * @memberOf X509#
-<span class='line'>1124</span>      * @function
-<span class='line'>1125</span>      * @param {String} hExtV hexadecimal string of extension value (OPTIONAL)
-<span class='line'>1126</span>      * @param {Boolean} critical flag (OPTIONAL)
-<span class='line'>1127</span>      * @return {Array} JSON object of ExtKeyUsage parameter or undefined
-<span class='line'>1128</span>      * @return {Object} JSONarray of extended key usage ID name or oid
-<span class='line'>1129</span>      * @since jsrsasign 9.0.0 x509 2.0.0
-<span class='line'>1130</span>      * @see KJUR.asn1.x509.ExtKeyUsage
-<span class='line'>1131</span>      * @description
-<span class='line'>1132</span>      * This method parse extKeyUsage extension. When arguments are
-<span class='line'>1133</span>      * not specified, its extension in X509 object will be parsed.
-<span class='line'>1134</span>      * Result of this method can be passed to 
-<span class='line'>1135</span>      * {@link KJUR.asn1.x509.ExtKeyUsage} constructor.
-<span class='line'>1136</span>      * &lt;br>
-<span class='line'>1137</span>      * When hExtV and critical specified as arguments, return value
-<span class='line'>1138</span>      * will be generated from them.
-<span class='line'>1139</span>      * @example
-<span class='line'>1140</span>      * x = new X509();
-<span class='line'>1141</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
-<span class='line'>1142</span>      * x.getExtExtKeyUsage() &rarr;
-<span class='line'>1143</span>      * { array: ["clientAuth", "emailProtection", "1.3.6.1.4.1.311.10.3.4"], 
-<span class='line'>1144</span>      *   critical: true},
-<span class='line'>1145</span>      */</span><span class="WHIT">
-<span class='line'>1146</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtExtKeyUsage</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1147</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1148</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtInfo</span><span class="PUNC">(</span><span class="STRN">"extKeyUsage"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1149</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1150</span> </span><span class="WHIT">	    </span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">info.vidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1151</span> </span><span class="WHIT">	    </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">info.critical</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1152</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>697</span>      * @param {String} oidOrName X.509 extension oid or name (ex. keyUsage or 2.5.29.19)
+<span class='line'>698</span>      * @return X.509 extension information such as extension OID or value indx (see {@link X509#parseExt})
+<span class='line'>699</span>      * @since jsrsasign 7.2.0 x509 1.1.14
+<span class='line'>700</span>      * @description
+<span class='line'>701</span>      * This method will get an X.509v3 extension information JSON object
+<span class='line'>702</span>      * having extension OID, criticality and value idx for specified
+<span class='line'>703</span>      * extension OID or name.
+<span class='line'>704</span>      * If there is no such extension, this returns undefined.
+<span class='line'>705</span>      * @example
+<span class='line'>706</span>      * x = new X509();
+<span class='line'>707</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
+<span class='line'>708</span>      *
+<span class='line'>709</span>      * x.getExtInfo("keyUsage") &rarr; { oid: "2.5.29.15", critical: true, vidx: 1714 }
+<span class='line'>710</span>      * x.getExtInfo("unknownExt") &rarr; undefined
+<span class='line'>711</span>      */</span><span class="WHIT">
+<span class='line'>712</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtInfo</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">oidOrName</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>713</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.aExtInfo</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>714</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">oidOrName</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>715</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="PUNC">!</span><span class="WHIT"> </span><span class="NAME">oidOrName.match</span><span class="PUNC">(</span><span class="REGX">/^[0-9.]+$/</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>716</span> </span><span class="WHIT">	    </span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">KJUR.asn1.x509.OID.name2oid</span><span class="PUNC">(</span><span class="NAME">oidOrName</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>717</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>718</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">''</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>719</span> 
+<span class='line'>720</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>721</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">oid</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>722</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>723</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>724</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>725</span> 
+<span class='line'>726</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>727</span>      * get BasicConstraints extension value as object in the certificate
+<span class='line'>728</span>      * @name getExtBasicConstraints
+<span class='line'>729</span>      * @memberOf X509#
+<span class='line'>730</span>      * @function
+<span class='line'>731</span>      * @param {String} hExtV hexadecimal string of extension value (OPTIONAL)
+<span class='line'>732</span>      * @param {Boolean} critical flag (OPTIONAL)
+<span class='line'>733</span>      * @return {Array} JSON object of BasicConstraints parameter or undefined
+<span class='line'>734</span>      * @since jsrsasign 7.2.0 x509 1.1.14
+<span class='line'>735</span>      * @see KJUR.asn1.x509.BasicConstraints
+<span class='line'>736</span>      * @description
+<span class='line'>737</span>      * This method will get basic constraints extension value as object with following paramters.
+<span class='line'>738</span>      * &lt;ul>
+<span class='line'>739</span>      * &lt;li>{Boolean}cA - CA flag whether CA or not&lt;/li>
+<span class='line'>740</span>      * &lt;li>{Integer}pathLen - maximum intermediate certificate length&lt;/li>
+<span class='line'>741</span>      * &lt;li>{Boolean}critical - critical flag&lt;/li>
+<span class='line'>742</span>      * &lt;/ul>
+<span class='line'>743</span>      * There are use cases for return values:
+<span class='line'>744</span>      * &lt;ul>
+<span class='line'>745</span>      * &lt;li>{cA:true,pathLen:3,critical:true} - cA flag is true and pathLen is 3&lt;/li>
+<span class='line'>746</span>      * &lt;li>{cA:true,critical:true} - cA flag is true and no pathLen&lt;/li>
+<span class='line'>747</span>      * &lt;li>{} - basic constraints has no value in case of end entity certificate&lt;/li>
+<span class='line'>748</span>      * &lt;li>undefined - there is no basic constraints extension&lt;/li>
+<span class='line'>749</span>      * &lt;/ul>
+<span class='line'>750</span>      * @example
+<span class='line'>751</span>      * x = new X509();
+<span class='line'>752</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
+<span class='line'>753</span>      * x.getExtBasicConstraints() &rarr; {cA:true,pathLen:3,critical:true}
+<span class='line'>754</span>      */</span><span class="WHIT">
+<span class='line'>755</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtBasicConstraints</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>756</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>757</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtInfo</span><span class="PUNC">(</span><span class="STRN">"basicConstraints"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>758</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>759</span> </span><span class="WHIT">	    </span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">info.vidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>760</span> </span><span class="WHIT">	    </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">info.critical</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>761</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>762</span> 
+<span class='line'>763</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">extname</span><span class="PUNC">:</span><span class="STRN">"basicConstraints"</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>764</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>765</span> 
+<span class='line'>766</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">'3000'</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>767</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">'30030101ff'</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>768</span> </span><span class="WHIT">	    </span><span class="NAME">result.cA</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>769</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>770</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>771</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV.substr</span><span class="PUNC">(</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">12</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">'30060101ff02'</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>772</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">pathLexHex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">10</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>773</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">pathLen</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">parseInt</span><span class="PUNC">(</span><span class="NAME">pathLexHex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">16</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>774</span> </span><span class="WHIT">	    </span><span class="NAME">result.cA</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>775</span> </span><span class="WHIT">	    </span><span class="NAME">result.pathLen</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">pathLen</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>776</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>777</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>778</span> </span><span class="WHIT">	</span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Error</span><span class="PUNC">(</span><span class="STRN">"hExtV parse error: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">hExtV</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>779</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>780</span> 
+<span class='line'>781</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>782</span>      * get NameConstraints extension value as object in the certificate&lt;br/>
+<span class='line'>783</span>      * @name getExtNameConstraints
+<span class='line'>784</span>      * @memberOf X509#
+<span class='line'>785</span>      * @function
+<span class='line'>786</span>      * @param {String} hExtV hexadecimal string of extension value (OPTIONAL)
+<span class='line'>787</span>      * @param {Boolean} critical flag (OPTIONAL)
+<span class='line'>788</span>      * @return {Object} JSON object of NamConstraints parameter or undefined
+<span class='line'>789</span>      * @since jsrsasign 10.5.16 x509 2.0.16
+<span class='line'>790</span>      * @see KJUR.asn1.x509.NameConstraints
+<span class='line'>791</span>      * @see KJUR.asn1.x509.GeneralSubtree
+<span class='line'>792</span>      * @see KJUR.asn1.x509.GeneralName
+<span class='line'>793</span>      * @see X509#getGeneralSubtree
+<span class='line'>794</span>      * @see X509#getGeneralName
+<span class='line'>795</span>      *
+<span class='line'>796</span>      * @description
+<span class='line'>797</span>      * This method will get name constraints extension value as object with following paramters.
+<span class='line'>798</span>      * &lt;ul>
+<span class='line'>799</span>      * &lt;li>{Array}permit - array of {@link KJUR.asn1.x509.GeneralSubtree} parameter&lt;/li>
+<span class='line'>800</span>      * &lt;li>{Array}exclude - array of {@link KJUR.asn1.x509.GeneralSubtree} parameter&lt;/li>
+<span class='line'>801</span>      * &lt;li>{Boolean}critical - critical flag&lt;/li>
+<span class='line'>802</span>      * &lt;/ul>
+<span class='line'>803</span>      *
+<span class='line'>804</span>      * @example
+<span class='line'>805</span>      * x = new X509(sCertPEM);
+<span class='line'>806</span>      * x.getExtNameConstraints() &rarr; {
+<span class='line'>807</span>      *   critical: true,
+<span class='line'>808</span>      *   permit: [{dns: 'example.com'},{rfc822: 'john@example.com'}],
+<span class='line'>809</span>      *   exclude: [{dn: {...X500Name parameter...}}]
+<span class='line'>810</span>      * }
+<span class='line'>811</span>      */</span><span class="WHIT">
+<span class='line'>812</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtNameConstraints</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>813</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>814</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtInfo</span><span class="PUNC">(</span><span class="STRN">"nameConstraints"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>815</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>816</span> </span><span class="WHIT">	    </span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">info.vidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>817</span> </span><span class="WHIT">	    </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">info.critical</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>818</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>819</span> 
+<span class='line'>820</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">extname</span><span class="PUNC">:</span><span class="STRN">"nameConstraints"</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>821</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>822</span> 
+<span class='line'>823</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>824</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">aIdx.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>825</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aList</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>826</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aIdx2</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>827</span> </span><span class="WHIT">	    </span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">j</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">j</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">aIdx2.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">j</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>828</span> </span><span class="WHIT">		</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hSub</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">aIdx2</span><span class="PUNC">[</span><span class="NAME">j</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>829</span> </span><span class="WHIT">		</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">p</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getGeneralSubtree</span><span class="PUNC">(</span><span class="NAME">hSub</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>830</span> </span><span class="WHIT">		</span><span class="NAME">aList.push</span><span class="PUNC">(</span><span class="NAME">p</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>831</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>832</span> 
+<span class='line'>833</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">hExtV.substr</span><span class="PUNC">(</span><span class="NAME">aIdx</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT"> 
+<span class='line'>834</span> 	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"a0"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>835</span> </span><span class="WHIT">		</span><span class="NAME">result.permit</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">aList</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>836</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"a1"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>837</span> </span><span class="WHIT">		</span><span class="NAME">result.exclude</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">aList</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>838</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>839</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>840</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>841</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>842</span> 
+<span class='line'>843</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>844</span>      * get GeneralSubtree ASN.1 structure parameter as JSON object&lt;br/>
+<span class='line'>845</span>      * @name getGeneralSubtree
+<span class='line'>846</span>      * @memberOf X509#
+<span class='line'>847</span>      * @function
+<span class='line'>848</span>      * @param {String} h hexadecimal string of GeneralSubtree
+<span class='line'>849</span>      * @return {Object} JSON object of GeneralSubtree parameters or undefined
+<span class='line'>850</span>      * @since jsrsasign 10.5.16 x509 2.0.16
+<span class='line'>851</span>      * @see KJUR.asn1.x509.GeneralSubtree
+<span class='line'>852</span>      * @see KJUR.asn1.x509.GeneralName
+<span class='line'>853</span>      * @see X509#getExtNameConstraints
+<span class='line'>854</span>      * @see X509#getGeneralName
+<span class='line'>855</span>      *
+<span class='line'>856</span>      * @description
+<span class='line'>857</span>      * This method will get GeneralSubtree parameters defined in
+<span class='line'>858</span>      * &lt;a href="https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.10">
+<span class='line'>859</span>      * RFC 5280 4.2.1.10&lt;/a>.
+<span class='line'>860</span>      * &lt;pre>
+<span class='line'>861</span>      * GeneralSubtree ::= SEQUENCE {
+<span class='line'>862</span>      *      base                    GeneralName,
+<span class='line'>863</span>      *      minimum         [0]     BaseDistance DEFAULT 0,
+<span class='line'>864</span>      *      maximum         [1]     BaseDistance OPTIONAL }
+<span class='line'>865</span>      * BaseDistance ::= INTEGER (0..MAX)
+<span class='line'>866</span>      * &lt;/pre>
+<span class='line'>867</span>      * Result of this method can be passed to
+<span class='line'>868</span>      * {@link KJUR.asn1.x509.GeneralSubtree} constructor.
+<span class='line'>869</span>      * 
+<span class='line'>870</span>      * @example
+<span class='line'>871</span>      * x = new X509(sPEM);
+<span class='line'>872</span>      * x.getGeneralSubtree("30...") &rarr; { dn: ...X500NameObject..., min: 1, max: 3 }
+<span class='line'>873</span>      * x.getGeneralSubtree("30...") &rarr; { dns: ".example.com" }
+<span class='line'>874</span>      */</span><span class="WHIT">
+<span class='line'>875</span> </span><span class="WHIT">    </span><span class="NAME">this.getGeneralSubtree</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>876</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>877</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">len</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">aIdx.length</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>878</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">len</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NUMB">1</span><span class="WHIT"> </span><span class="PUNC">||</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">len</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Error</span><span class="PUNC">(</span><span class="STRN">"wrong num elements"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>879</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getGeneralName</span><span class="PUNC">(</span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>880</span> 
+<span class='line'>881</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">1</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">len</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>882</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">h.substr</span><span class="PUNC">(</span><span class="NAME">aIdx</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>883</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>884</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">minmaxValue</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">parseInt</span><span class="PUNC">(</span><span class="NAME">hV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">16</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>885</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"80"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.min</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">minmaxValue</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>886</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"81"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.max</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">minmaxValue</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>887</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>888</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>889</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>890</span> 
+<span class='line'>891</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>892</span>      * get KeyUsage extension value as JSON object
+<span class='line'>893</span>      * @memberOf X509#
+<span class='line'>894</span>      * @function
+<span class='line'>895</span>      * @name getExtKeyUsage
+<span class='line'>896</span>      * @param {String} hExtV hexadecimal string of extension value (OPTIONAL)
+<span class='line'>897</span>      * @param {Boolean} critical flag (OPTIONAL)
+<span class='line'>898</span>      * @return {Array} JSON object of KeyUsage parameter or undefined
+<span class='line'>899</span>      * @since jsrsasign 9.0.0 x509 2.0.0
+<span class='line'>900</span>      * @see KJUR.asn1.x509.KeyUsage
+<span class='line'>901</span>      * @see X509#getExtKeyUsageString
+<span class='line'>902</span>      * @description
+<span class='line'>903</span>      * This method parse keyUsage extension. When arguments are
+<span class='line'>904</span>      * not specified, its extension in X509 object will be parsed.
+<span class='line'>905</span>      * Result of this method can be passed to 
+<span class='line'>906</span>      * {@link KJUR.asn1.x509.KeyUsage} constructor.
+<span class='line'>907</span>      * &lt;br>
+<span class='line'>908</span>      * When hExtV and critical specified as arguments, return value
+<span class='line'>909</span>      * will be generated from them.
+<span class='line'>910</span>      * &lt;pre>
+<span class='line'>911</span>      * id-ce-keyUsage OBJECT IDENTIFIER ::=  { id-ce 15 }
+<span class='line'>912</span>      * KeyUsage ::= BIT STRING {
+<span class='line'>913</span>      *      digitalSignature        (0),
+<span class='line'>914</span>      *      nonRepudiation          (1),
+<span class='line'>915</span>      *      keyEncipherment         (2),
+<span class='line'>916</span>      *      dataEncipherment        (3),
+<span class='line'>917</span>      *      keyAgreement            (4),
+<span class='line'>918</span>      *      keyCertSign             (5),
+<span class='line'>919</span>      *      cRLSign                 (6),
+<span class='line'>920</span>      *      encipherOnly            (7),
+<span class='line'>921</span>      *      decipherOnly            (8) }     
+<span class='line'>922</span>      * &lt;/pre>
+<span class='line'>923</span>      * @example
+<span class='line'>924</span>      * x = new X509();
+<span class='line'>925</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
+<span class='line'>926</span>      * x.getExtKeyUsage() &rarr;
+<span class='line'>927</span>      * {
+<span class='line'>928</span>      *   critial: true,
+<span class='line'>929</span>      *   names: ["digitalSignature", "decipherOnly"]
+<span class='line'>930</span>      * }
+<span class='line'>931</span>      *
+<span class='line'>932</span>      * x = new X509();
+<span class='line'>933</span>      * x.getExtKeyUsage("306230...") 
+<span class='line'>934</span>      * x.getExtKeyUsage("306230...", true) 
+<span class='line'>935</span>      */</span><span class="WHIT">
+<span class='line'>936</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtKeyUsage</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>937</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>938</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtInfo</span><span class="PUNC">(</span><span class="STRN">"keyUsage"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>939</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>940</span> </span><span class="WHIT">	    </span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">info.vidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>941</span> </span><span class="WHIT">	    </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">info.critical</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>942</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>943</span> 
+<span class='line'>944</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">extname</span><span class="PUNC">:</span><span class="STRN">"keyUsage"</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>945</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>946</span> 
+<span class='line'>947</span> </span><span class="WHIT">	</span><span class="NAME">result.names</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtKeyUsageString</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">)</span><span class="PUNC">.</span><span class="NAME">split</span><span class="PUNC">(</span><span class="STRN">","</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>948</span> 
+<span class='line'>949</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>950</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>951</span> 
+<span class='line'>952</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>953</span>      * get KeyUsage extension value as binary string in the certificate&lt;br/>
+<span class='line'>954</span>      * @name getExtKeyUsageBin
+<span class='line'>955</span>      * @memberOf X509#
+<span class='line'>956</span>      * @function
+<span class='line'>957</span>      * @param {String} hExtV hexadecimal string of extension value (OPTIONAL)
+<span class='line'>958</span>      * @return {String} binary string of key usage bits (ex. '101')
+<span class='line'>959</span>      * @since jsrsasign 7.2.0 x509 1.1.14
+<span class='line'>960</span>      * @see X509#getExtKeyUsage
+<span class='line'>961</span>      * @description
+<span class='line'>962</span>      * This method will get key usage extension value
+<span class='line'>963</span>      * as binary string such like '101'.
+<span class='line'>964</span>      * Key usage bits definition is in the RFC 5280.
+<span class='line'>965</span>      * If there is no key usage extension in the certificate,
+<span class='line'>966</span>      * it returns empty string (i.e. '').
+<span class='line'>967</span>      * &lt;br/>
+<span class='line'>968</span>      * NOTE: argument 'hExtV' supported since jsrsasign 9.0.0 x509 2.0.0.
+<span class='line'>969</span>      * @example
+<span class='line'>970</span>      * x = new X509();
+<span class='line'>971</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
+<span class='line'>972</span>      * x.getExtKeyUsageBin() &rarr; '101'
+<span class='line'>973</span>      * // 1 - digitalSignature
+<span class='line'>974</span>      * // 0 - nonRepudiation
+<span class='line'>975</span>      * // 1 - keyEncipherment
+<span class='line'>976</span>      */</span><span class="WHIT">
+<span class='line'>977</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtKeyUsageBin</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>978</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>979</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtInfo</span><span class="PUNC">(</span><span class="STRN">"keyUsage"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>980</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="STRN">''</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>981</span> </span><span class="WHIT">	    </span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">info.vidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>982</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>983</span> </span><span class="WHIT">	
+<span class='line'>984</span> 	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV.length</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NUMB">8</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">hExtV.length</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NUMB">10</span><span class="PUNC">)</span><span class="WHIT">
+<span class='line'>985</span> </span><span class="WHIT">	    </span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Error</span><span class="PUNC">(</span><span class="STRN">"malformed key usage value: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">hExtV</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>986</span> 
+<span class='line'>987</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"000000000000000"</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">parseInt</span><span class="PUNC">(</span><span class="NAME">hExtV.substr</span><span class="PUNC">(</span><span class="NUMB">6</span><span class="PUNC">)</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">16</span><span class="PUNC">)</span><span class="PUNC">.</span><span class="NAME">toString</span><span class="PUNC">(</span><span class="NUMB">2</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>988</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV.length</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NUMB">8</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">s.slice</span><span class="PUNC">(</span><span class="PUNC">-</span><span class="NUMB">8</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>989</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV.length</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NUMB">10</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">s.slice</span><span class="PUNC">(</span><span class="PUNC">-</span><span class="NUMB">16</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>990</span> </span><span class="WHIT">	</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">s.replace</span><span class="PUNC">(</span><span class="REGX">/0+$/</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">''</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>991</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">''</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">'0'</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>992</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">s</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>993</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>994</span> 
+<span class='line'>995</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>996</span>      * get KeyUsage extension value as names in the certificate&lt;br/>
+<span class='line'>997</span>      * @name getExtKeyUsageString
+<span class='line'>998</span>      * @memberOf X509#
+<span class='line'>999</span>      * @function
+<span class='line'>1000</span>      * @param {String} hExtV hexadecimal string of extension value (OPTIONAL)
+<span class='line'>1001</span>      * @return {String} comma separated string of key usage
+<span class='line'>1002</span>      * @since jsrsasign 7.2.0 x509 1.1.14
+<span class='line'>1003</span>      * @see X509#getExtKeyUsage
+<span class='line'>1004</span>      * @description
+<span class='line'>1005</span>      * This method will get key usage extension value
+<span class='line'>1006</span>      * as comma separated string of usage names.
+<span class='line'>1007</span>      * If there is no key usage extension in the certificate,
+<span class='line'>1008</span>      * it returns empty string (i.e. '').
+<span class='line'>1009</span>      * &lt;br/>
+<span class='line'>1010</span>      * NOTE: argument 'hExtV' supported since jsrsasign 9.0.0 x509 2.0.0.
+<span class='line'>1011</span>      * @example
+<span class='line'>1012</span>      * x = new X509();
+<span class='line'>1013</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
+<span class='line'>1014</span>      * x.getExtKeyUsageString() &rarr; "digitalSignature,keyEncipherment"
+<span class='line'>1015</span>      */</span><span class="WHIT">
+<span class='line'>1016</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtKeyUsageString</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1017</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">bKeyUsage</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtKeyUsageBin</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1018</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Array</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1019</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">bKeyUsage.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1020</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">bKeyUsage.substr</span><span class="PUNC">(</span><span class="NAME">i</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">1</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"1"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">a.push</span><span class="PUNC">(</span><span class="NAME">X509.KEYUSAGE_NAME</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1021</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1022</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">a.join</span><span class="PUNC">(</span><span class="STRN">","</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1023</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1024</span> 
+<span class='line'>1025</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>1026</span>      * get subjectKeyIdentifier value as hexadecimal string in the certificate&lt;br/>
+<span class='line'>1027</span>      * @name getExtSubjectKeyIdentifier
+<span class='line'>1028</span>      * @memberOf X509#
+<span class='line'>1029</span>      * @function
+<span class='line'>1030</span>      * @param {String} hExtV hexadecimal string of extension value (OPTIONAL)
+<span class='line'>1031</span>      * @param {Boolean} critical flag (OPTIONAL)
+<span class='line'>1032</span>      * @return {Array} JSON object of SubjectKeyIdentifier parameter or undefined
+<span class='line'>1033</span>      * @since jsrsasign 7.2.0 x509 1.1.14
+<span class='line'>1034</span>      * @description
+<span class='line'>1035</span>      * This method will get 
+<span class='line'>1036</span>      * &lt;a href="https://tools.ietf.org/html/rfc5280#section-4.2.1.2">
+<span class='line'>1037</span>      * SubjectKeyIdentifier extension&lt;/a> value as JSON object.
+<span class='line'>1038</span>      * &lt;br>
+<span class='line'>1039</span>      * When hExtV and critical specified as arguments, return value
+<span class='line'>1040</span>      * will be generated from them.
+<span class='line'>1041</span>      * If there is no such extension in the certificate, it returns undefined.
+<span class='line'>1042</span>      * &lt;br>
+<span class='line'>1043</span>      * Result of this method can be passed to 
+<span class='line'>1044</span>      * {@link KJUR.asn1.x509.SubjectKeyIdentifier} constructor.
+<span class='line'>1045</span>      * &lt;pre>
+<span class='line'>1046</span>      * id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::=  { id-ce 14 }
+<span class='line'>1047</span>      * SubjectKeyIdentifier ::= KeyIdentifier
+<span class='line'>1048</span>      * &lt;/pre>
+<span class='line'>1049</span>      * &lt;br>
+<span class='line'>1050</span>      * CAUTION:
+<span class='line'>1051</span>      * Returned JSON value format have been changed without 
+<span class='line'>1052</span>      * backward compatibility since jsrsasign 9.0.0 x509 2.0.0.
+<span class='line'>1053</span>      *
+<span class='line'>1054</span>      * @example
+<span class='line'>1055</span>      * x = new X509();
+<span class='line'>1056</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
+<span class='line'>1057</span>      * x.getExtSubjectKeyIdentifier() &rarr; 
+<span class='line'>1058</span>      * { kid: {hex: "1b3347ab..."}, critical: true };
+<span class='line'>1059</span>      */</span><span class="WHIT">
+<span class='line'>1060</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtSubjectKeyIdentifier</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1061</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1062</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtInfo</span><span class="PUNC">(</span><span class="STRN">"subjectKeyIdentifier"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1063</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1064</span> </span><span class="WHIT">	    </span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">info.vidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1065</span> </span><span class="WHIT">	    </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">info.critical</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1066</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1067</span> 
+<span class='line'>1068</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">extname</span><span class="PUNC">:</span><span class="STRN">"subjectKeyIdentifier"</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1069</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1070</span> 
+<span class='line'>1071</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hKID</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1072</span> </span><span class="WHIT">	</span><span class="NAME">result.kid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">hex</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">hKID</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1073</span> 
+<span class='line'>1074</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1075</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1076</span> 
+<span class='line'>1077</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>1078</span>      * get authorityKeyIdentifier value as JSON object in the certificate&lt;br/>
+<span class='line'>1079</span>      * @name getExtAuthorityKeyIdentifier
+<span class='line'>1080</span>      * @memberOf X509#
+<span class='line'>1081</span>      * @function
+<span class='line'>1082</span>      * @param {String} hExtV hexadecimal string of extension value (OPTIONAL)
+<span class='line'>1083</span>      * @param {Boolean} critical flag (OPTIONAL)
+<span class='line'>1084</span>      * @return {Array} JSON object of AuthorityKeyIdentifier parameter or undefined
+<span class='line'>1085</span>      * @since jsrsasign 7.2.0 x509 1.1.14
+<span class='line'>1086</span>      * @see KJUR.asn1.x509.AuthorityKeyIdentifier
+<span class='line'>1087</span>      * @description
+<span class='line'>1088</span>      * This method will get 
+<span class='line'>1089</span>      * &lt;a href="https://tools.ietf.org/html/rfc5280#section-4.2.1.1">
+<span class='line'>1090</span>      * AuthorityKeyIdentifier extension&lt;/a> value as JSON object.
+<span class='line'>1091</span>      * &lt;br>
+<span class='line'>1092</span>      * When hExtV and critical specified as arguments, return value
+<span class='line'>1093</span>      * will be generated from them.
+<span class='line'>1094</span>      * If there is no such extension in the certificate, it returns undefined.
+<span class='line'>1095</span>      * &lt;br/>
+<span class='line'>1096</span>      * Result of this method can be passed to 
+<span class='line'>1097</span>      * {@link KJUR.asn1.x509.AuthorityKeyIdentifier} constructor.
+<span class='line'>1098</span>      * &lt;pre>
+<span class='line'>1099</span>      *    id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::=  { id-ce 35 }
+<span class='line'>1100</span>      *    AuthorityKeyIdentifier ::= SEQUENCE {
+<span class='line'>1101</span>      *       keyIdentifier             [0] KeyIdentifier           OPTIONAL,
+<span class='line'>1102</span>      *       authorityCertIssuer       [1] GeneralNames            OPTIONAL,
+<span class='line'>1103</span>      *       authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL  }
+<span class='line'>1104</span>      *    KeyIdentifier ::= OCTET STRING
+<span class='line'>1105</span>      * &lt;/pre>
+<span class='line'>1106</span>      * Constructor may have following parameters:
+<span class='line'>1107</span>      * &lt;ul>
+<span class='line'>1108</span>      * &lt;li>{Array}kid - JSON object of {@link KJUR.asn1.DEROctetString} parameters&lt;/li>
+<span class='line'>1109</span>      * &lt;li>{Array}issuer - JSON object of {@link KJUR.asn1.x509.X500Name} parameters&lt;/li>
+<span class='line'>1110</span>      * &lt;li>{Array}sn - JSON object of {@link KJUR.asn1.DERInteger} parameters&lt;/li>
+<span class='line'>1111</span>      * &lt;li>{Boolean}critical - critical flag&lt;/li>
+<span class='line'>1112</span>      * &lt;/ul>
+<span class='line'>1113</span>      * &lt;br>
+<span class='line'>1114</span>      * NOTE: The 'authorityCertIssuer' and 'authorityCertSerialNumber'
+<span class='line'>1115</span>      * supported since jsrsasign 9.0.0 x509 2.0.0.
+<span class='line'>1116</span>      * @example
+<span class='line'>1117</span>      * x = new X509();
+<span class='line'>1118</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
+<span class='line'>1119</span>      * x.getExtAuthorityKeyIdentifier() &rarr; 
+<span class='line'>1120</span>      * { kid: {hex: "1234abcd..."},
+<span class='line'>1121</span>      *   issuer: {hex: "30..."},
+<span class='line'>1122</span>      *   sn: {hex: "1234..."},
+<span class='line'>1123</span>      *   critical: true}
+<span class='line'>1124</span>      */</span><span class="WHIT">
+<span class='line'>1125</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtAuthorityKeyIdentifier</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1126</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1127</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtInfo</span><span class="PUNC">(</span><span class="STRN">"authorityKeyIdentifier"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1128</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1129</span> </span><span class="WHIT">	    </span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">info.vidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1130</span> </span><span class="WHIT">	    </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">info.critical</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1131</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1132</span> 
+<span class='line'>1133</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">extname</span><span class="PUNC">:</span><span class="STRN">"authorityKeyIdentifier"</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1134</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1135</span> 
+<span class='line'>1136</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1137</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1138</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">hExtV.substr</span><span class="PUNC">(</span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1139</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"80"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1140</span> </span><span class="WHIT">		</span><span class="NAME">result.kid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">hex</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1141</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1142</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"a1"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1143</span> </span><span class="WHIT">		</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hGNS</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1144</span> </span><span class="WHIT">		</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">gnsParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getGeneralNames</span><span class="PUNC">(</span><span class="NAME">hGNS</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1145</span> </span><span class="WHIT">		</span><span class="NAME">result.issuer</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">gnsParam</span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">[</span><span class="STRN">"dn"</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1146</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1147</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"82"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1148</span> </span><span class="WHIT">		</span><span class="NAME">result.sn</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">hex</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1149</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1150</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1151</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1152</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
 <span class='line'>1153</span> 
-<span class='line'>1154</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">extname</span><span class="PUNC">:</span><span class="STRN">"extKeyUsage"</span><span class="PUNC">,</span><span class="NAME">array</span><span class="PUNC">:</span><span class="PUNC">[</span><span class="PUNC">]</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1155</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1156</span> 
-<span class='line'>1157</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1158</span> 
-<span class='line'>1159</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1160</span> </span><span class="WHIT">	    </span><span class="NAME">result.array.push</span><span class="PUNC">(</span><span class="NAME">_oidname</span><span class="PUNC">(</span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1161</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1162</span> 
-<span class='line'>1163</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1164</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1165</span> 
-<span class='line'>1166</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>1167</span>      * get extKeyUsage value as array of name string in the certificate(DEPRECATED)&lt;br/>
-<span class='line'>1168</span>      * @name getExtExtKeyUsageName
-<span class='line'>1169</span>      * @memberOf X509#
-<span class='line'>1170</span>      * @function
-<span class='line'>1171</span>      * @return {Object} array of extended key usage ID name or oid
-<span class='line'>1172</span>      * @since jsrsasign 7.2.0 x509 1.1.14
-<span class='line'>1173</span>      * @deprecated since jsrsasign 9.0.0 x509 2.0.0
-<span class='line'>1174</span>      * @description
-<span class='line'>1175</span>      * This method will get extended key usage extension value
-<span class='line'>1176</span>      * as array of name or OID string.
-<span class='line'>1177</span>      * If there is this in the certificate, it returns undefined;
-<span class='line'>1178</span>      * &lt;br>
-<span class='line'>1179</span>      * NOTE: Supported extended key usage ID names are defined in
-<span class='line'>1180</span>      * name2oidList parameter in asn1x509.js file.
-<span class='line'>1181</span>      * @example
-<span class='line'>1182</span>      * x = new X509();
-<span class='line'>1183</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
-<span class='line'>1184</span>      * x.getExtExtKeyUsageName() &rarr; ["serverAuth", "clientAuth", "0.1.2.3.4.5"]
-<span class='line'>1185</span>      */</span><span class="WHIT">
-<span class='line'>1186</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtExtKeyUsageName</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1187</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtInfo</span><span class="PUNC">(</span><span class="STRN">"extKeyUsage"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1188</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">info</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1189</span> 
-<span class='line'>1190</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Array</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1191</span> </span><span class="WHIT">	
-<span class='line'>1192</span> 	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">h</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">info.vidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1193</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">h</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">''</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1194</span> 
-<span class='line'>1195</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1196</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1197</span> </span><span class="WHIT">	    </span><span class="NAME">result.push</span><span class="PUNC">(</span><span class="NAME">_oidname</span><span class="PUNC">(</span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1198</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1154</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>1155</span>      * get extKeyUsage value as JSON object
+<span class='line'>1156</span>      * @name getExtExtKeyUsage
+<span class='line'>1157</span>      * @memberOf X509#
+<span class='line'>1158</span>      * @function
+<span class='line'>1159</span>      * @param {String} hExtV hexadecimal string of extension value (OPTIONAL)
+<span class='line'>1160</span>      * @param {Boolean} critical flag (OPTIONAL)
+<span class='line'>1161</span>      * @return {Array} JSON object of ExtKeyUsage parameter or undefined
+<span class='line'>1162</span>      * @return {Object} JSONarray of extended key usage ID name or oid
+<span class='line'>1163</span>      * @since jsrsasign 9.0.0 x509 2.0.0
+<span class='line'>1164</span>      * @see KJUR.asn1.x509.ExtKeyUsage
+<span class='line'>1165</span>      * @description
+<span class='line'>1166</span>      * This method parse extKeyUsage extension. When arguments are
+<span class='line'>1167</span>      * not specified, its extension in X509 object will be parsed.
+<span class='line'>1168</span>      * Result of this method can be passed to 
+<span class='line'>1169</span>      * {@link KJUR.asn1.x509.ExtKeyUsage} constructor.
+<span class='line'>1170</span>      * &lt;br>
+<span class='line'>1171</span>      * When hExtV and critical specified as arguments, return value
+<span class='line'>1172</span>      * will be generated from them.
+<span class='line'>1173</span>      * @example
+<span class='line'>1174</span>      * x = new X509();
+<span class='line'>1175</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
+<span class='line'>1176</span>      * x.getExtExtKeyUsage() &rarr;
+<span class='line'>1177</span>      * { array: ["clientAuth", "emailProtection", "1.3.6.1.4.1.311.10.3.4"], 
+<span class='line'>1178</span>      *   critical: true},
+<span class='line'>1179</span>      */</span><span class="WHIT">
+<span class='line'>1180</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtExtKeyUsage</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1181</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1182</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtInfo</span><span class="PUNC">(</span><span class="STRN">"extKeyUsage"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1183</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1184</span> </span><span class="WHIT">	    </span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">info.vidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1185</span> </span><span class="WHIT">	    </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">info.critical</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1186</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1187</span> 
+<span class='line'>1188</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">extname</span><span class="PUNC">:</span><span class="STRN">"extKeyUsage"</span><span class="PUNC">,</span><span class="NAME">array</span><span class="PUNC">:</span><span class="PUNC">[</span><span class="PUNC">]</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1189</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1190</span> 
+<span class='line'>1191</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1192</span> 
+<span class='line'>1193</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1194</span> </span><span class="WHIT">	    </span><span class="NAME">result.array.push</span><span class="PUNC">(</span><span class="NAME">_oidname</span><span class="PUNC">(</span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1195</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1196</span> 
+<span class='line'>1197</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1198</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
 <span class='line'>1199</span> 
-<span class='line'>1200</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1201</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1202</span> 
-<span class='line'>1203</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>1204</span>      * get subjectAltName value as array of string in the certificate
-<span class='line'>1205</span>      * @name getExtSubjectAltName
-<span class='line'>1206</span>      * @memberOf X509#
-<span class='line'>1207</span>      * @function
-<span class='line'>1208</span>      * @param {String} hExtV hexadecimal string of extension value (OPTIONAL)
-<span class='line'>1209</span>      * @param {Boolean} critical flag (OPTIONAL)
-<span class='line'>1210</span>      * @return {Array} JSON object of SubjectAltName parameters or undefined
-<span class='line'>1211</span>      * @since jsrsasign 7.2.0 x509 1.1.14
-<span class='line'>1212</span>      * @see KJUR.asn1.x509.SubjectAltName
-<span class='line'>1213</span>      * @see X509#getExtIssuerAltName
-<span class='line'>1214</span>      * @description
-<span class='line'>1215</span>      * This method will get subjectAltName value
-<span class='line'>1216</span>      * as an array of JSON object which has properties defined
-<span class='line'>1217</span>      * in {@link KJUR.asn1.x509.SubjectAltName}.
-<span class='line'>1218</span>      * Result of this method can be passed to 
-<span class='line'>1219</span>      * {@link KJUR.asn1.x509.SubjectAltName} constructor.
-<span class='line'>1220</span>      * If there is no this extension in the certificate,
-<span class='line'>1221</span>      * it returns undefined.
-<span class='line'>1222</span>      * &lt;br>
-<span class='line'>1223</span>      * When hExtV and critical specified as arguments, return value
-<span class='line'>1224</span>      * will be generated from them.
-<span class='line'>1225</span>      * &lt;br>
-<span class='line'>1226</span>      * CAUTION: return value of JSON object format have been changed
-<span class='line'>1227</span>      * from jsrsasign 9.0.0 x509 2.0.0 without backword compatibility.
-<span class='line'>1228</span>      * @example
-<span class='line'>1229</span>      * x = new X509();
-<span class='line'>1230</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
-<span class='line'>1231</span>      * x.getExtSubjectAltName() &rarr; 
-<span class='line'>1232</span>      * { array: [
-<span class='line'>1233</span>      *     {uri: "http://example.com/"},
-<span class='line'>1234</span>      *     {rfc822: "user1@example.com"},
-<span class='line'>1235</span>      *     {dns: "example.com"}
-<span class='line'>1236</span>      *   ],
-<span class='line'>1237</span>      *   critical: true
-<span class='line'>1238</span>      * }
-<span class='line'>1239</span>      *
-<span class='line'>1240</span>      * x.getExtSubjectAltName("3026...") &rarr;
-<span class='line'>1241</span>      * { array: [{ip: "192.168.1.1"}] }
-<span class='line'>1242</span>      */</span><span class="WHIT">
-<span class='line'>1243</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtSubjectAltName</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1244</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1245</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtInfo</span><span class="PUNC">(</span><span class="STRN">"subjectAltName"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1246</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1247</span> </span><span class="WHIT">	    </span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">info.vidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1248</span> </span><span class="WHIT">	    </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">info.critical</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1249</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1250</span> 
-<span class='line'>1251</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">extname</span><span class="PUNC">:</span><span class="STRN">"subjectAltName"</span><span class="PUNC">,</span><span class="NAME">array</span><span class="PUNC">:</span><span class="PUNC">[</span><span class="PUNC">]</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1252</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1253</span> 
-<span class='line'>1254</span> </span><span class="WHIT">	</span><span class="NAME">result.array</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getGeneralNames</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1255</span> 
-<span class='line'>1256</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1257</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1258</span> 
-<span class='line'>1259</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>1260</span>      * get issuerAltName value as array of string in the certificate
-<span class='line'>1261</span>      * @name getExtIssuerAltName
-<span class='line'>1262</span>      * @memberOf X509#
-<span class='line'>1263</span>      * @function
-<span class='line'>1264</span>      * @param {String} hExtV hexadecimal string of extension value (OPTIONAL)
-<span class='line'>1265</span>      * @param {Boolean} critical flag (OPTIONAL)
-<span class='line'>1266</span>      * @return {Array} JSON object of IssuerAltName parameters
-<span class='line'>1267</span>      * @since jsrsasign 9.0.0 x509 2.0.0
-<span class='line'>1268</span>      * @see KJUR.asn1.x509.IssuerAltName
-<span class='line'>1269</span>      * @see X509#getExtSubjectAltName
-<span class='line'>1270</span>      * @description
-<span class='line'>1271</span>      * This method will get issuerAltName value
-<span class='line'>1272</span>      * as an array of JSON object which has properties defined
-<span class='line'>1273</span>      * in {@link KJUR.asn1.x509.IssuerAltName}.
-<span class='line'>1274</span>      * Result of this method can be passed to 
-<span class='line'>1275</span>      * {@link KJUR.asn1.x509.IssuerAltName} constructor.
-<span class='line'>1276</span>      * If there is no this extension in the certificate,
-<span class='line'>1277</span>      * it returns undefined.
-<span class='line'>1278</span>      * &lt;br>
-<span class='line'>1279</span>      * When hExtV and critical specified as arguments, return value
-<span class='line'>1280</span>      * will be generated from them.
-<span class='line'>1281</span>      * @example
-<span class='line'>1282</span>      * x = new X509();
-<span class='line'>1283</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
-<span class='line'>1284</span>      * x.getExtIssuerAltName() &rarr; 
-<span class='line'>1285</span>      * { array: [
-<span class='line'>1286</span>      *     {uri: "http://example.com/"},
-<span class='line'>1287</span>      *     {rfc822: "user1@example.com"},
-<span class='line'>1288</span>      *     {dns: "example.com"}
-<span class='line'>1289</span>      *   ],
-<span class='line'>1290</span>      *   critical: true
-<span class='line'>1291</span>      * }
-<span class='line'>1292</span>      *
-<span class='line'>1293</span>      * x.getExtIssuerAltName("3026...") &rarr;
-<span class='line'>1294</span>      * { array: [{ip: "192.168.1.1"}] }
-<span class='line'>1295</span>      */</span><span class="WHIT">
-<span class='line'>1296</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtIssuerAltName</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1297</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1298</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtInfo</span><span class="PUNC">(</span><span class="STRN">"issuerAltName"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1299</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1300</span> </span><span class="WHIT">	    </span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">info.vidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1301</span> </span><span class="WHIT">	    </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">info.critical</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1302</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1303</span> 
-<span class='line'>1304</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">extname</span><span class="PUNC">:</span><span class="STRN">"issuerAltName"</span><span class="PUNC">,</span><span class="NAME">array</span><span class="PUNC">:</span><span class="PUNC">[</span><span class="PUNC">]</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1305</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1306</span> 
-<span class='line'>1307</span> </span><span class="WHIT">	</span><span class="NAME">result.array</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getGeneralNames</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1308</span> 
-<span class='line'>1309</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1310</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1311</span> 
-<span class='line'>1312</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>1313</span>      * get GeneralNames ASN.1 structure parameter as JSON object
-<span class='line'>1314</span>      * @name getGeneralNames
-<span class='line'>1315</span>      * @memberOf X509#
-<span class='line'>1316</span>      * @function
-<span class='line'>1317</span>      * @param {String} h hexadecimal string of GeneralNames
-<span class='line'>1318</span>      * @return {Array} array of GeneralNames parameters
-<span class='line'>1319</span>      * @see KJUR.asn1.x509.GeneralNames
-<span class='line'>1320</span>      * @see KJUR.asn1.x509.GeneralName
-<span class='line'>1321</span>      * @see X509#getGeneralNames
-<span class='line'>1322</span>      * @since jsrsasign 9.0.0 x509 2.0.0
-<span class='line'>1323</span>      * @description
-<span class='line'>1324</span>      * This method will get GeneralNames parameters defined in
-<span class='line'>1325</span>      * &lt;a href="https://tools.ietf.org/html/rfc5280#section-4.2.1.6">
-<span class='line'>1326</span>      * RFC 5280 4.2.1.6&lt;/a>.
-<span class='line'>1327</span>      * &lt;pre>
-<span class='line'>1328</span>      * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
-<span class='line'>1329</span>      * &lt;/pre>
-<span class='line'>1330</span>      * Result of this method can be passed to
-<span class='line'>1331</span>      * {@link KJUR.asn1.x509.GeneralNames} constructor.
-<span class='line'>1332</span>      * @example
-<span class='line'>1333</span>      * x = new X509();
-<span class='line'>1334</span>      * x.getGeneralNames("3011860f687474703a2f2f6161612e636f6d2f")
-<span class='line'>1335</span>      * &rarr; [{uri: "http://aaa.com/"}]
-<span class='line'>1336</span>      *
-<span class='line'>1337</span>      * x.getGeneralNames("301ea41c30...") &rarr;
-<span class='line'>1338</span>      * [{ dn: {
-<span class='line'>1339</span>      *     array: [
-<span class='line'>1340</span>      *       [{type:"C", value:"JP", ds:"prn"}],
-<span class='line'>1341</span>      *       [{type:"O", value:"T1", ds:"utf8"}]
-<span class='line'>1342</span>      *     ],
-<span class='line'>1343</span>      *     str: "/C=JP/O=T1" } }]
-<span class='line'>1344</span>      */</span><span class="WHIT">
-<span class='line'>1345</span> </span><span class="WHIT">    </span><span class="NAME">this.getGeneralNames</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1346</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1347</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1348</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">aIdx.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1349</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">gnParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getGeneralName</span><span class="PUNC">(</span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1350</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">gnParam</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.push</span><span class="PUNC">(</span><span class="NAME">gnParam</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1351</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1352</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1353</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1354</span> 
-<span class='line'>1355</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>1356</span>      * get GeneralName ASN.1 structure parameter as JSON object&lt;br/>
-<span class='line'>1357</span>      * @name getGeneralName
-<span class='line'>1358</span>      * @memberOf X509#
-<span class='line'>1359</span>      * @function
-<span class='line'>1360</span>      * @param {String} h hexadecimal string of GeneralName
-<span class='line'>1361</span>      * @return {Array} JSON object of GeneralName parameters or undefined
-<span class='line'>1362</span>      * @since jsrsasign 9.0.0 x509 2.0.0
-<span class='line'>1363</span>      * @see KJUR.asn1.x509.GeneralNames
-<span class='line'>1364</span>      * @see KJUR.asn1.x509.GeneralName
-<span class='line'>1365</span>      * @see KJUR.asn1.x509.OtherName
-<span class='line'>1366</span>      * @see X509#getGeneralName
-<span class='line'>1367</span>      * @see X509#getOtherName
-<span class='line'>1368</span>      *
-<span class='line'>1369</span>      * @description
-<span class='line'>1370</span>      * This method will get GeneralName parameters defined in
-<span class='line'>1371</span>      * &lt;a href="https://tools.ietf.org/html/rfc5280#section-4.2.1.6">
-<span class='line'>1372</span>      * RFC 5280 4.2.1.6&lt;/a>.
-<span class='line'>1373</span>      * &lt;pre>
-<span class='line'>1374</span>      * GeneralName ::= CHOICE {
-<span class='line'>1375</span>      *      otherName                       [0]     OtherName,
-<span class='line'>1376</span>      *      rfc822Name                      [1]     IA5String,
-<span class='line'>1377</span>      *      dNSName                         [2]     IA5String,
-<span class='line'>1378</span>      *      x400Address                     [3]     ORAddress,
-<span class='line'>1379</span>      *      directoryName                   [4]     Name,
-<span class='line'>1380</span>      *      ediPartyName                    [5]     EDIPartyName,
-<span class='line'>1381</span>      *      uniformResourceIdentifier       [6]     IA5String,
-<span class='line'>1382</span>      *      iPAddress                       [7]     OCTET STRING,
-<span class='line'>1383</span>      *      registeredID                    [8]     OBJECT IDENTIFIER }
-<span class='line'>1384</span>      * &lt;/pre>
-<span class='line'>1385</span>      * Result of this method can be passed to
-<span class='line'>1386</span>      * {@link KJUR.asn1.x509.GeneralName} constructor.
-<span class='line'>1387</span>      * @example
-<span class='line'>1388</span>      * x = new X509();
-<span class='line'>1389</span>      * x.getGeneralName("860f687474703a2f2f6161612e636f6d2f") 
-<span class='line'>1390</span>      * &rarr; {uri: "http://aaa.com/"}
-<span class='line'>1391</span>      * x.getGeneralName("a41c30...") &rarr;
-<span class='line'>1392</span>      * { dn: {
-<span class='line'>1393</span>      *     array: [
-<span class='line'>1394</span>      *       [{type:"C", value:"JP", ds:"prn"}],
-<span class='line'>1395</span>      *       [{type:"O", value:"T1", ds:"utf8"}]
-<span class='line'>1396</span>      *     ],
-<span class='line'>1397</span>      *     str: "/C=JP/O=T1" } }
-<span class='line'>1398</span>      */</span><span class="WHIT">
-<span class='line'>1399</span> </span><span class="WHIT">    </span><span class="NAME">this.getGeneralName</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1400</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">h.substr</span><span class="PUNC">(</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1401</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hValue</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1402</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">sValue</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">hextorstr</span><span class="PUNC">(</span><span class="NAME">hValue</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1403</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"81"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">rfc822</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">sValue</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1404</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"82"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">dns</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">sValue</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1405</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"86"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">uri</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">sValue</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1406</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"87"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">ip</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">hextoip</span><span class="PUNC">(</span><span class="NAME">hValue</span><span class="PUNC">)</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1407</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"a4"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">dn</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">this.getX500Name</span><span class="PUNC">(</span><span class="NAME">hValue</span><span class="PUNC">)</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1408</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"a0"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">other</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">this.getOtherName</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1409</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1410</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1411</span> 
-<span class='line'>1412</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>1413</span>      * get subjectAltName value as array of string in the certificate (DEPRECATED)
-<span class='line'>1414</span>      * @name getExtSubjectAltName2
-<span class='line'>1415</span>      * @memberOf X509#
-<span class='line'>1416</span>      * @function
-<span class='line'>1417</span>      * @return {Object} array of alt name array
-<span class='line'>1418</span>      * @since jsrsasign 8.0.1 x509 1.1.17
-<span class='line'>1419</span>      * @deprecated jsrsasign 9.0.0 x509 2.0.0
-<span class='line'>1420</span>      * @description
-<span class='line'>1421</span>      * This method will get subject alt name extension value
-<span class='line'>1422</span>      * as array of type and name.
-<span class='line'>1423</span>      * If there is this in the certificate, it returns undefined;
-<span class='line'>1424</span>      * Type of GeneralName will be shown as following:
-<span class='line'>1425</span>      * &lt;ul>
-<span class='line'>1426</span>      * &lt;li>"MAIL" - [1]rfc822Name&lt;/li>
-<span class='line'>1427</span>      * &lt;li>"DNS"  - [2]dNSName&lt;/li>
-<span class='line'>1428</span>      * &lt;li>"DN"   - [4]directoryName&lt;/li>
-<span class='line'>1429</span>      * &lt;li>"URI"  - [6]uniformResourceIdentifier&lt;/li>
-<span class='line'>1430</span>      * &lt;li>"IP"   - [7]iPAddress&lt;/li>
-<span class='line'>1431</span>      * &lt;/ul>
-<span class='line'>1432</span>      * @example
-<span class='line'>1433</span>      * x = new X509();
-<span class='line'>1434</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
-<span class='line'>1435</span>      * x.getExtSubjectAltName2() &rarr;
-<span class='line'>1436</span>      * [["DNS",  "example.com"],
-<span class='line'>1437</span>      *  ["DNS",  "example.org"],
-<span class='line'>1438</span>      *  ["MAIL", "foo@example.com"],
-<span class='line'>1439</span>      *  ["IP",   "192.168.1.1"],
-<span class='line'>1440</span>      *  ["IP",   "2001:db8::2:1"],
-<span class='line'>1441</span>      *  ["DN",   "/C=US/O=TEST1"]]
-<span class='line'>1442</span>      */</span><span class="WHIT">
-<span class='line'>1443</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtSubjectAltName2</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1444</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">gnValueHex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">gnValueStr</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">gnTag</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1445</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtInfo</span><span class="PUNC">(</span><span class="STRN">"subjectAltName"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1446</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">info</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1447</span> 
-<span class='line'>1448</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Array</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1449</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">h</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">info.vidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1450</span> 
-<span class='line'>1451</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1452</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1453</span> </span><span class="WHIT">	    </span><span class="NAME">gnTag</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">h.substr</span><span class="PUNC">(</span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1454</span> </span><span class="WHIT">	    </span><span class="NAME">gnValueHex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1455</span> </span><span class="WHIT">	    
-<span class='line'>1456</span> 	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">gnTag</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"81"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT"> </span><span class="COMM">// rfc822Name [1]</span><span class="WHIT">
-<span class='line'>1457</span> </span><span class="WHIT">		</span><span class="NAME">gnValueStr</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">hextoutf8</span><span class="PUNC">(</span><span class="NAME">gnValueHex</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1458</span> </span><span class="WHIT">		</span><span class="NAME">result.push</span><span class="PUNC">(</span><span class="PUNC">[</span><span class="STRN">"MAIL"</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">gnValueStr</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1459</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1460</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">gnTag</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"82"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT"> </span><span class="COMM">// dNSName [2]</span><span class="WHIT">
-<span class='line'>1461</span> </span><span class="WHIT">		</span><span class="NAME">gnValueStr</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">hextoutf8</span><span class="PUNC">(</span><span class="NAME">gnValueHex</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1462</span> </span><span class="WHIT">		</span><span class="NAME">result.push</span><span class="PUNC">(</span><span class="PUNC">[</span><span class="STRN">"DNS"</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">gnValueStr</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1463</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1464</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">gnTag</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"84"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT"> </span><span class="COMM">// directoryName [4]</span><span class="WHIT">
-<span class='line'>1465</span> </span><span class="WHIT">		</span><span class="NAME">gnValueStr</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">X509.hex2dn</span><span class="PUNC">(</span><span class="NAME">gnValueHex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1466</span> </span><span class="WHIT">		</span><span class="NAME">result.push</span><span class="PUNC">(</span><span class="PUNC">[</span><span class="STRN">"DN"</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">gnValueStr</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1467</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1468</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">gnTag</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"86"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT"> </span><span class="COMM">// uniformResourceIdentifier [6]</span><span class="WHIT">
-<span class='line'>1469</span> </span><span class="WHIT">		</span><span class="NAME">gnValueStr</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">hextoutf8</span><span class="PUNC">(</span><span class="NAME">gnValueHex</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1470</span> </span><span class="WHIT">		</span><span class="NAME">result.push</span><span class="PUNC">(</span><span class="PUNC">[</span><span class="STRN">"URI"</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">gnValueStr</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1471</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1472</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">gnTag</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"87"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT"> </span><span class="COMM">// iPAddress [7]</span><span class="WHIT">
-<span class='line'>1473</span> </span><span class="WHIT">		</span><span class="NAME">gnValueStr</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">hextoip</span><span class="PUNC">(</span><span class="NAME">gnValueHex</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1474</span> </span><span class="WHIT">		</span><span class="NAME">result.push</span><span class="PUNC">(</span><span class="PUNC">[</span><span class="STRN">"IP"</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">gnValueStr</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1475</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1476</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1477</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1478</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1479</span> 
-<span class='line'>1480</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>1481</span>      * get CRLDistributionPoints extension value as JSON object
-<span class='line'>1482</span>      * @name getExtCRLDistributionPoints
-<span class='line'>1483</span>      * @memberOf X509#
-<span class='line'>1484</span>      * @function
-<span class='line'>1485</span>      * @param {String} hExtV hexadecimal string of extension value (OPTIONAL)
-<span class='line'>1486</span>      * @param {Boolean} critical flag (OPTIONAL)
-<span class='line'>1487</span>      * @return {Object} JSON object of CRLDistributionPoints parameters or undefined
-<span class='line'>1488</span>      * @since jsrsasign 9.0.0 x509 2.0.0
-<span class='line'>1489</span>      * @see KJUR.asn1.x509.CRLDistributionPoints
-<span class='line'>1490</span>      * @see X509#getDistributionPoint
-<span class='line'>1491</span>      * @see X509#getDistributionPointName
-<span class='line'>1492</span>      * @see X509#getGeneralNames
-<span class='line'>1493</span>      * @see X509#getGeneralName
-<span class='line'>1494</span>      * @description
-<span class='line'>1495</span>      * This method will get certificate policies value
-<span class='line'>1496</span>      * as an array of JSON object which has properties defined
-<span class='line'>1497</span>      * in {@link KJUR.asn1.x509.CRLDistributionPoints}.
-<span class='line'>1498</span>      * Result of this method can be passed to 
-<span class='line'>1499</span>      * {@link KJUR.asn1.x509.CRLDistributionPoints} constructor.
-<span class='line'>1500</span>      * If there is no this extension in the certificate,
-<span class='line'>1501</span>      * it returns undefined.
-<span class='line'>1502</span>      * @example
-<span class='line'>1503</span>      * x = new X509();
-<span class='line'>1504</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
-<span class='line'>1505</span>      * x.getExtCRLDistributionPoints() &rarr; 
-<span class='line'>1506</span>      * {array: [
-<span class='line'>1507</span>      *   {dpname: {full: [{uri: "http://example.com/"}]}},
-<span class='line'>1508</span>      *   {dpname: {full: [{uri: "ldap://example.com/"}]}}
-<span class='line'>1509</span>      *  ],
-<span class='line'>1510</span>      *  critical: true}
-<span class='line'>1511</span>      */</span><span class="WHIT">
-<span class='line'>1512</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtCRLDistributionPoints</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1513</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1514</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtInfo</span><span class="PUNC">(</span><span class="STRN">"cRLDistributionPoints"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1515</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1516</span> </span><span class="WHIT">	    </span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">info.vidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1517</span> </span><span class="WHIT">	    </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">info.critical</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1518</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1519</span> 
-<span class='line'>1520</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">extname</span><span class="PUNC">:</span><span class="STRN">"cRLDistributionPoints"</span><span class="PUNC">,</span><span class="NAME">array</span><span class="PUNC">:</span><span class="PUNC">[</span><span class="PUNC">]</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1521</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1522</span> 
-<span class='line'>1523</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1524</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1525</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hTLV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1526</span> </span><span class="WHIT">	    </span><span class="NAME">result.array.push</span><span class="PUNC">(</span><span class="NAME">this.getDistributionPoint</span><span class="PUNC">(</span><span class="NAME">hTLV</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1527</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1528</span> 
-<span class='line'>1529</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1530</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1531</span> 
-<span class='line'>1532</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>1533</span>      * get DistributionPoint ASN.1 structure parameter as JSON object
-<span class='line'>1534</span>      * @name getDistributionPoint
-<span class='line'>1535</span>      * @memberOf X509#
-<span class='line'>1536</span>      * @function
-<span class='line'>1537</span>      * @param {String} h hexadecimal string of DistributionPoint
-<span class='line'>1538</span>      * @return {Object} JSON object of DistributionPoint parameters
-<span class='line'>1539</span>      * @since jsrsasign 9.0.0 x509 2.0.0
-<span class='line'>1540</span>      * @see X509#getExtCRLDistributionPoints
-<span class='line'>1541</span>      * @see X509#getDistributionPointName
-<span class='line'>1542</span>      * @see X509#getGeneralNames
-<span class='line'>1543</span>      * @see X509#getGeneralName
-<span class='line'>1544</span>      * @description
-<span class='line'>1545</span>      * This method will get DistributionPoint parameters.
-<span class='line'>1546</span>      * Result of this method can be passed to
-<span class='line'>1547</span>      * {@link KJUR.asn1.x509.DistributionPoint} constructor.
-<span class='line'>1548</span>      * &lt;br/>
-<span class='line'>1549</span>      * NOTE: reasons[1] and CRLIssuer[2] field not supported
-<span class='line'>1550</span>      * @example
-<span class='line'>1551</span>      * x = new X509();
-<span class='line'>1552</span>      * x.getDistributionPoint("30...") &rarr;
-<span class='line'>1553</span>      * {dpname: {full: [{uri: "http://aaa.com/"}]}}
-<span class='line'>1554</span>      */</span><span class="WHIT">
-<span class='line'>1555</span> </span><span class="WHIT">    </span><span class="NAME">this.getDistributionPoint</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1556</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1557</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1200</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>1201</span>      * get extKeyUsage value as array of name string in the certificate(DEPRECATED)&lt;br/>
+<span class='line'>1202</span>      * @name getExtExtKeyUsageName
+<span class='line'>1203</span>      * @memberOf X509#
+<span class='line'>1204</span>      * @function
+<span class='line'>1205</span>      * @return {Object} array of extended key usage ID name or oid
+<span class='line'>1206</span>      * @since jsrsasign 7.2.0 x509 1.1.14
+<span class='line'>1207</span>      * @deprecated since jsrsasign 9.0.0 x509 2.0.0
+<span class='line'>1208</span>      * @description
+<span class='line'>1209</span>      * This method will get extended key usage extension value
+<span class='line'>1210</span>      * as array of name or OID string.
+<span class='line'>1211</span>      * If there is this in the certificate, it returns undefined;
+<span class='line'>1212</span>      * &lt;br>
+<span class='line'>1213</span>      * NOTE: Supported extended key usage ID names are defined in
+<span class='line'>1214</span>      * name2oidList parameter in asn1x509.js file.
+<span class='line'>1215</span>      * @example
+<span class='line'>1216</span>      * x = new X509();
+<span class='line'>1217</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
+<span class='line'>1218</span>      * x.getExtExtKeyUsageName() &rarr; ["serverAuth", "clientAuth", "0.1.2.3.4.5"]
+<span class='line'>1219</span>      */</span><span class="WHIT">
+<span class='line'>1220</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtExtKeyUsageName</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1221</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtInfo</span><span class="PUNC">(</span><span class="STRN">"extKeyUsage"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1222</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">info</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1223</span> 
+<span class='line'>1224</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Array</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1225</span> </span><span class="WHIT">	
+<span class='line'>1226</span> 	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">h</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">info.vidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1227</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">h</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">''</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1228</span> 
+<span class='line'>1229</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1230</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1231</span> </span><span class="WHIT">	    </span><span class="NAME">result.push</span><span class="PUNC">(</span><span class="NAME">_oidname</span><span class="PUNC">(</span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1232</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1233</span> 
+<span class='line'>1234</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1235</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1236</span> 
+<span class='line'>1237</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>1238</span>      * get subjectAltName value as array of string in the certificate
+<span class='line'>1239</span>      * @name getExtSubjectAltName
+<span class='line'>1240</span>      * @memberOf X509#
+<span class='line'>1241</span>      * @function
+<span class='line'>1242</span>      * @param {String} hExtV hexadecimal string of extension value (OPTIONAL)
+<span class='line'>1243</span>      * @param {Boolean} critical flag (OPTIONAL)
+<span class='line'>1244</span>      * @return {Array} JSON object of SubjectAltName parameters or undefined
+<span class='line'>1245</span>      * @since jsrsasign 7.2.0 x509 1.1.14
+<span class='line'>1246</span>      * @see KJUR.asn1.x509.SubjectAltName
+<span class='line'>1247</span>      * @see X509#getExtIssuerAltName
+<span class='line'>1248</span>      * @description
+<span class='line'>1249</span>      * This method will get subjectAltName value
+<span class='line'>1250</span>      * as an array of JSON object which has properties defined
+<span class='line'>1251</span>      * in {@link KJUR.asn1.x509.SubjectAltName}.
+<span class='line'>1252</span>      * Result of this method can be passed to 
+<span class='line'>1253</span>      * {@link KJUR.asn1.x509.SubjectAltName} constructor.
+<span class='line'>1254</span>      * If there is no this extension in the certificate,
+<span class='line'>1255</span>      * it returns undefined.
+<span class='line'>1256</span>      * &lt;br>
+<span class='line'>1257</span>      * When hExtV and critical specified as arguments, return value
+<span class='line'>1258</span>      * will be generated from them.
+<span class='line'>1259</span>      * &lt;br>
+<span class='line'>1260</span>      * CAUTION: return value of JSON object format have been changed
+<span class='line'>1261</span>      * from jsrsasign 9.0.0 x509 2.0.0 without backword compatibility.
+<span class='line'>1262</span>      * @example
+<span class='line'>1263</span>      * x = new X509();
+<span class='line'>1264</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
+<span class='line'>1265</span>      * x.getExtSubjectAltName() &rarr; 
+<span class='line'>1266</span>      * { array: [
+<span class='line'>1267</span>      *     {uri: "http://example.com/"},
+<span class='line'>1268</span>      *     {rfc822: "user1@example.com"},
+<span class='line'>1269</span>      *     {dns: "example.com"}
+<span class='line'>1270</span>      *   ],
+<span class='line'>1271</span>      *   critical: true
+<span class='line'>1272</span>      * }
+<span class='line'>1273</span>      *
+<span class='line'>1274</span>      * x.getExtSubjectAltName("3026...") &rarr;
+<span class='line'>1275</span>      * { array: [{ip: "192.168.1.1"}] }
+<span class='line'>1276</span>      */</span><span class="WHIT">
+<span class='line'>1277</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtSubjectAltName</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1278</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1279</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtInfo</span><span class="PUNC">(</span><span class="STRN">"subjectAltName"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1280</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1281</span> </span><span class="WHIT">	    </span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">info.vidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1282</span> </span><span class="WHIT">	    </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">info.critical</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1283</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1284</span> 
+<span class='line'>1285</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">extname</span><span class="PUNC">:</span><span class="STRN">"subjectAltName"</span><span class="PUNC">,</span><span class="NAME">array</span><span class="PUNC">:</span><span class="PUNC">[</span><span class="PUNC">]</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1286</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1287</span> 
+<span class='line'>1288</span> </span><span class="WHIT">	</span><span class="NAME">result.array</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getGeneralNames</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1289</span> 
+<span class='line'>1290</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1291</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1292</span> 
+<span class='line'>1293</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>1294</span>      * get issuerAltName value as array of string in the certificate
+<span class='line'>1295</span>      * @name getExtIssuerAltName
+<span class='line'>1296</span>      * @memberOf X509#
+<span class='line'>1297</span>      * @function
+<span class='line'>1298</span>      * @param {String} hExtV hexadecimal string of extension value (OPTIONAL)
+<span class='line'>1299</span>      * @param {Boolean} critical flag (OPTIONAL)
+<span class='line'>1300</span>      * @return {Array} JSON object of IssuerAltName parameters
+<span class='line'>1301</span>      * @since jsrsasign 9.0.0 x509 2.0.0
+<span class='line'>1302</span>      * @see KJUR.asn1.x509.IssuerAltName
+<span class='line'>1303</span>      * @see X509#getExtSubjectAltName
+<span class='line'>1304</span>      * @description
+<span class='line'>1305</span>      * This method will get issuerAltName value
+<span class='line'>1306</span>      * as an array of JSON object which has properties defined
+<span class='line'>1307</span>      * in {@link KJUR.asn1.x509.IssuerAltName}.
+<span class='line'>1308</span>      * Result of this method can be passed to 
+<span class='line'>1309</span>      * {@link KJUR.asn1.x509.IssuerAltName} constructor.
+<span class='line'>1310</span>      * If there is no this extension in the certificate,
+<span class='line'>1311</span>      * it returns undefined.
+<span class='line'>1312</span>      * &lt;br>
+<span class='line'>1313</span>      * When hExtV and critical specified as arguments, return value
+<span class='line'>1314</span>      * will be generated from them.
+<span class='line'>1315</span>      * @example
+<span class='line'>1316</span>      * x = new X509();
+<span class='line'>1317</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
+<span class='line'>1318</span>      * x.getExtIssuerAltName() &rarr; 
+<span class='line'>1319</span>      * { array: [
+<span class='line'>1320</span>      *     {uri: "http://example.com/"},
+<span class='line'>1321</span>      *     {rfc822: "user1@example.com"},
+<span class='line'>1322</span>      *     {dns: "example.com"}
+<span class='line'>1323</span>      *   ],
+<span class='line'>1324</span>      *   critical: true
+<span class='line'>1325</span>      * }
+<span class='line'>1326</span>      *
+<span class='line'>1327</span>      * x.getExtIssuerAltName("3026...") &rarr;
+<span class='line'>1328</span>      * { array: [{ip: "192.168.1.1"}] }
+<span class='line'>1329</span>      */</span><span class="WHIT">
+<span class='line'>1330</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtIssuerAltName</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1331</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1332</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtInfo</span><span class="PUNC">(</span><span class="STRN">"issuerAltName"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1333</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1334</span> </span><span class="WHIT">	    </span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">info.vidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1335</span> </span><span class="WHIT">	    </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">info.critical</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1336</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1337</span> 
+<span class='line'>1338</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">extname</span><span class="PUNC">:</span><span class="STRN">"issuerAltName"</span><span class="PUNC">,</span><span class="NAME">array</span><span class="PUNC">:</span><span class="PUNC">[</span><span class="PUNC">]</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1339</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1340</span> 
+<span class='line'>1341</span> </span><span class="WHIT">	</span><span class="NAME">result.array</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getGeneralNames</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1342</span> 
+<span class='line'>1343</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1344</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1345</span> 
+<span class='line'>1346</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>1347</span>      * get GeneralNames ASN.1 structure parameter as JSON object
+<span class='line'>1348</span>      * @name getGeneralNames
+<span class='line'>1349</span>      * @memberOf X509#
+<span class='line'>1350</span>      * @function
+<span class='line'>1351</span>      * @param {String} h hexadecimal string of GeneralNames
+<span class='line'>1352</span>      * @return {Array} array of GeneralNames parameters
+<span class='line'>1353</span>      * @see KJUR.asn1.x509.GeneralNames
+<span class='line'>1354</span>      * @see KJUR.asn1.x509.GeneralName
+<span class='line'>1355</span>      * @see X509#getGeneralNames
+<span class='line'>1356</span>      * @since jsrsasign 9.0.0 x509 2.0.0
+<span class='line'>1357</span>      * @description
+<span class='line'>1358</span>      * This method will get GeneralNames parameters defined in
+<span class='line'>1359</span>      * &lt;a href="https://tools.ietf.org/html/rfc5280#section-4.2.1.6">
+<span class='line'>1360</span>      * RFC 5280 4.2.1.6&lt;/a>.
+<span class='line'>1361</span>      * &lt;pre>
+<span class='line'>1362</span>      * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
+<span class='line'>1363</span>      * &lt;/pre>
+<span class='line'>1364</span>      * Result of this method can be passed to
+<span class='line'>1365</span>      * {@link KJUR.asn1.x509.GeneralNames} constructor.
+<span class='line'>1366</span>      * @example
+<span class='line'>1367</span>      * x = new X509();
+<span class='line'>1368</span>      * x.getGeneralNames("3011860f687474703a2f2f6161612e636f6d2f")
+<span class='line'>1369</span>      * &rarr; [{uri: "http://aaa.com/"}]
+<span class='line'>1370</span>      *
+<span class='line'>1371</span>      * x.getGeneralNames("301ea41c30...") &rarr;
+<span class='line'>1372</span>      * [{ dn: {
+<span class='line'>1373</span>      *     array: [
+<span class='line'>1374</span>      *       [{type:"C", value:"JP", ds:"prn"}],
+<span class='line'>1375</span>      *       [{type:"O", value:"T1", ds:"utf8"}]
+<span class='line'>1376</span>      *     ],
+<span class='line'>1377</span>      *     str: "/C=JP/O=T1" } }]
+<span class='line'>1378</span>      */</span><span class="WHIT">
+<span class='line'>1379</span> </span><span class="WHIT">    </span><span class="NAME">this.getGeneralNames</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1380</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1381</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1382</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">aIdx.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1383</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">gnParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getGeneralName</span><span class="PUNC">(</span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1384</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">gnParam</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.push</span><span class="PUNC">(</span><span class="NAME">gnParam</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1385</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1386</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1387</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1388</span> 
+<span class='line'>1389</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>1390</span>      * get GeneralName ASN.1 structure parameter as JSON object&lt;br/>
+<span class='line'>1391</span>      * @name getGeneralName
+<span class='line'>1392</span>      * @memberOf X509#
+<span class='line'>1393</span>      * @function
+<span class='line'>1394</span>      * @param {String} h hexadecimal string of GeneralName
+<span class='line'>1395</span>      * @return {Array} JSON object of GeneralName parameters or undefined
+<span class='line'>1396</span>      * @since jsrsasign 9.0.0 x509 2.0.0
+<span class='line'>1397</span>      * @see KJUR.asn1.x509.GeneralNames
+<span class='line'>1398</span>      * @see KJUR.asn1.x509.GeneralName
+<span class='line'>1399</span>      * @see KJUR.asn1.x509.OtherName
+<span class='line'>1400</span>      * @see X509#getGeneralName
+<span class='line'>1401</span>      * @see X509#getOtherName
+<span class='line'>1402</span>      *
+<span class='line'>1403</span>      * @description
+<span class='line'>1404</span>      * This method will get GeneralName parameters defined in
+<span class='line'>1405</span>      * &lt;a href="https://tools.ietf.org/html/rfc5280#section-4.2.1.6">
+<span class='line'>1406</span>      * RFC 5280 4.2.1.6&lt;/a>.
+<span class='line'>1407</span>      * &lt;pre>
+<span class='line'>1408</span>      * GeneralName ::= CHOICE {
+<span class='line'>1409</span>      *      otherName                       [0]     OtherName,
+<span class='line'>1410</span>      *      rfc822Name                      [1]     IA5String,
+<span class='line'>1411</span>      *      dNSName                         [2]     IA5String,
+<span class='line'>1412</span>      *      x400Address                     [3]     ORAddress,
+<span class='line'>1413</span>      *      directoryName                   [4]     Name,
+<span class='line'>1414</span>      *      ediPartyName                    [5]     EDIPartyName,
+<span class='line'>1415</span>      *      uniformResourceIdentifier       [6]     IA5String,
+<span class='line'>1416</span>      *      iPAddress                       [7]     OCTET STRING,
+<span class='line'>1417</span>      *      registeredID                    [8]     OBJECT IDENTIFIER }
+<span class='line'>1418</span>      * &lt;/pre>
+<span class='line'>1419</span>      * Result of this method can be passed to
+<span class='line'>1420</span>      * {@link KJUR.asn1.x509.GeneralName} constructor.
+<span class='line'>1421</span>      * @example
+<span class='line'>1422</span>      * x = new X509();
+<span class='line'>1423</span>      * x.getGeneralName("860f687474703a2f2f6161612e636f6d2f") 
+<span class='line'>1424</span>      * &rarr; {uri: "http://aaa.com/"}
+<span class='line'>1425</span>      * x.getGeneralName("a41c30...") &rarr;
+<span class='line'>1426</span>      * { dn: {
+<span class='line'>1427</span>      *     array: [
+<span class='line'>1428</span>      *       [{type:"C", value:"JP", ds:"prn"}],
+<span class='line'>1429</span>      *       [{type:"O", value:"T1", ds:"utf8"}]
+<span class='line'>1430</span>      *     ],
+<span class='line'>1431</span>      *     str: "/C=JP/O=T1" } }
+<span class='line'>1432</span>      */</span><span class="WHIT">
+<span class='line'>1433</span> </span><span class="WHIT">    </span><span class="NAME">this.getGeneralName</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1434</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">h.substr</span><span class="PUNC">(</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1435</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hValue</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1436</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">sValue</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">hextorstr</span><span class="PUNC">(</span><span class="NAME">hValue</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1437</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"81"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">rfc822</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">sValue</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1438</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"82"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">dns</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">sValue</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1439</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"86"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">uri</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">sValue</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1440</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"87"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">ip</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">hextoip</span><span class="PUNC">(</span><span class="NAME">hValue</span><span class="PUNC">)</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1441</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"a4"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">dn</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">this.getX500Name</span><span class="PUNC">(</span><span class="NAME">hValue</span><span class="PUNC">)</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1442</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"a0"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">other</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">this.getOtherName</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1443</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1444</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1445</span> 
+<span class='line'>1446</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>1447</span>      * get subjectAltName value as array of string in the certificate (DEPRECATED)
+<span class='line'>1448</span>      * @name getExtSubjectAltName2
+<span class='line'>1449</span>      * @memberOf X509#
+<span class='line'>1450</span>      * @function
+<span class='line'>1451</span>      * @return {Object} array of alt name array
+<span class='line'>1452</span>      * @since jsrsasign 8.0.1 x509 1.1.17
+<span class='line'>1453</span>      * @deprecated jsrsasign 9.0.0 x509 2.0.0
+<span class='line'>1454</span>      * @description
+<span class='line'>1455</span>      * This method will get subject alt name extension value
+<span class='line'>1456</span>      * as array of type and name.
+<span class='line'>1457</span>      * If there is this in the certificate, it returns undefined;
+<span class='line'>1458</span>      * Type of GeneralName will be shown as following:
+<span class='line'>1459</span>      * &lt;ul>
+<span class='line'>1460</span>      * &lt;li>"MAIL" - [1]rfc822Name&lt;/li>
+<span class='line'>1461</span>      * &lt;li>"DNS"  - [2]dNSName&lt;/li>
+<span class='line'>1462</span>      * &lt;li>"DN"   - [4]directoryName&lt;/li>
+<span class='line'>1463</span>      * &lt;li>"URI"  - [6]uniformResourceIdentifier&lt;/li>
+<span class='line'>1464</span>      * &lt;li>"IP"   - [7]iPAddress&lt;/li>
+<span class='line'>1465</span>      * &lt;/ul>
+<span class='line'>1466</span>      * @example
+<span class='line'>1467</span>      * x = new X509();
+<span class='line'>1468</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
+<span class='line'>1469</span>      * x.getExtSubjectAltName2() &rarr;
+<span class='line'>1470</span>      * [["DNS",  "example.com"],
+<span class='line'>1471</span>      *  ["DNS",  "example.org"],
+<span class='line'>1472</span>      *  ["MAIL", "foo@example.com"],
+<span class='line'>1473</span>      *  ["IP",   "192.168.1.1"],
+<span class='line'>1474</span>      *  ["IP",   "2001:db8::2:1"],
+<span class='line'>1475</span>      *  ["DN",   "/C=US/O=TEST1"]]
+<span class='line'>1476</span>      */</span><span class="WHIT">
+<span class='line'>1477</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtSubjectAltName2</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1478</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">gnValueHex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">gnValueStr</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">gnTag</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1479</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtInfo</span><span class="PUNC">(</span><span class="STRN">"subjectAltName"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1480</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">info</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1481</span> 
+<span class='line'>1482</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Array</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1483</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">h</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">info.vidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1484</span> 
+<span class='line'>1485</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1486</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1487</span> </span><span class="WHIT">	    </span><span class="NAME">gnTag</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">h.substr</span><span class="PUNC">(</span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1488</span> </span><span class="WHIT">	    </span><span class="NAME">gnValueHex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1489</span> </span><span class="WHIT">	    
+<span class='line'>1490</span> 	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">gnTag</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"81"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT"> </span><span class="COMM">// rfc822Name [1]</span><span class="WHIT">
+<span class='line'>1491</span> </span><span class="WHIT">		</span><span class="NAME">gnValueStr</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">hextoutf8</span><span class="PUNC">(</span><span class="NAME">gnValueHex</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1492</span> </span><span class="WHIT">		</span><span class="NAME">result.push</span><span class="PUNC">(</span><span class="PUNC">[</span><span class="STRN">"MAIL"</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">gnValueStr</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1493</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1494</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">gnTag</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"82"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT"> </span><span class="COMM">// dNSName [2]</span><span class="WHIT">
+<span class='line'>1495</span> </span><span class="WHIT">		</span><span class="NAME">gnValueStr</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">hextoutf8</span><span class="PUNC">(</span><span class="NAME">gnValueHex</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1496</span> </span><span class="WHIT">		</span><span class="NAME">result.push</span><span class="PUNC">(</span><span class="PUNC">[</span><span class="STRN">"DNS"</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">gnValueStr</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1497</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1498</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">gnTag</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"84"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT"> </span><span class="COMM">// directoryName [4]</span><span class="WHIT">
+<span class='line'>1499</span> </span><span class="WHIT">		</span><span class="NAME">gnValueStr</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">X509.hex2dn</span><span class="PUNC">(</span><span class="NAME">gnValueHex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1500</span> </span><span class="WHIT">		</span><span class="NAME">result.push</span><span class="PUNC">(</span><span class="PUNC">[</span><span class="STRN">"DN"</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">gnValueStr</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1501</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1502</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">gnTag</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"86"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT"> </span><span class="COMM">// uniformResourceIdentifier [6]</span><span class="WHIT">
+<span class='line'>1503</span> </span><span class="WHIT">		</span><span class="NAME">gnValueStr</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">hextoutf8</span><span class="PUNC">(</span><span class="NAME">gnValueHex</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1504</span> </span><span class="WHIT">		</span><span class="NAME">result.push</span><span class="PUNC">(</span><span class="PUNC">[</span><span class="STRN">"URI"</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">gnValueStr</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1505</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1506</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">gnTag</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"87"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT"> </span><span class="COMM">// iPAddress [7]</span><span class="WHIT">
+<span class='line'>1507</span> </span><span class="WHIT">		</span><span class="NAME">gnValueStr</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">hextoip</span><span class="PUNC">(</span><span class="NAME">gnValueHex</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1508</span> </span><span class="WHIT">		</span><span class="NAME">result.push</span><span class="PUNC">(</span><span class="PUNC">[</span><span class="STRN">"IP"</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">gnValueStr</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1509</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1510</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1511</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1512</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1513</span> 
+<span class='line'>1514</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>1515</span>      * get CRLDistributionPoints extension value as JSON object
+<span class='line'>1516</span>      * @name getExtCRLDistributionPoints
+<span class='line'>1517</span>      * @memberOf X509#
+<span class='line'>1518</span>      * @function
+<span class='line'>1519</span>      * @param {String} hExtV hexadecimal string of extension value (OPTIONAL)
+<span class='line'>1520</span>      * @param {Boolean} critical flag (OPTIONAL)
+<span class='line'>1521</span>      * @return {Object} JSON object of CRLDistributionPoints parameters or undefined
+<span class='line'>1522</span>      * @since jsrsasign 9.0.0 x509 2.0.0
+<span class='line'>1523</span>      * @see KJUR.asn1.x509.CRLDistributionPoints
+<span class='line'>1524</span>      * @see X509#getDistributionPoint
+<span class='line'>1525</span>      * @see X509#getDistributionPointName
+<span class='line'>1526</span>      * @see X509#getGeneralNames
+<span class='line'>1527</span>      * @see X509#getGeneralName
+<span class='line'>1528</span>      * @description
+<span class='line'>1529</span>      * This method will get certificate policies value
+<span class='line'>1530</span>      * as an array of JSON object which has properties defined
+<span class='line'>1531</span>      * in {@link KJUR.asn1.x509.CRLDistributionPoints}.
+<span class='line'>1532</span>      * Result of this method can be passed to 
+<span class='line'>1533</span>      * {@link KJUR.asn1.x509.CRLDistributionPoints} constructor.
+<span class='line'>1534</span>      * If there is no this extension in the certificate,
+<span class='line'>1535</span>      * it returns undefined.
+<span class='line'>1536</span>      * @example
+<span class='line'>1537</span>      * x = new X509();
+<span class='line'>1538</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
+<span class='line'>1539</span>      * x.getExtCRLDistributionPoints() &rarr; 
+<span class='line'>1540</span>      * {array: [
+<span class='line'>1541</span>      *   {dpname: {full: [{uri: "http://example.com/"}]}},
+<span class='line'>1542</span>      *   {dpname: {full: [{uri: "ldap://example.com/"}]}}
+<span class='line'>1543</span>      *  ],
+<span class='line'>1544</span>      *  critical: true}
+<span class='line'>1545</span>      */</span><span class="WHIT">
+<span class='line'>1546</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtCRLDistributionPoints</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1547</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1548</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtInfo</span><span class="PUNC">(</span><span class="STRN">"cRLDistributionPoints"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1549</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1550</span> </span><span class="WHIT">	    </span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">info.vidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1551</span> </span><span class="WHIT">	    </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">info.critical</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1552</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1553</span> 
+<span class='line'>1554</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">extname</span><span class="PUNC">:</span><span class="STRN">"cRLDistributionPoints"</span><span class="PUNC">,</span><span class="NAME">array</span><span class="PUNC">:</span><span class="PUNC">[</span><span class="PUNC">]</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1555</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1556</span> 
+<span class='line'>1557</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
 <span class='line'>1558</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1559</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">h.substr</span><span class="PUNC">(</span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1560</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hTLV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1561</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"a0"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1562</span> </span><span class="WHIT">		</span><span class="NAME">result.dpname</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getDistributionPointName</span><span class="PUNC">(</span><span class="NAME">hTLV</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1563</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1564</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1565</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1566</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1567</span> 
-<span class='line'>1568</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>1569</span>      * get DistributionPointName ASN.1 structure parameter as JSON object
-<span class='line'>1570</span>      * @name getDistributionPointName
-<span class='line'>1571</span>      * @memberOf X509#
-<span class='line'>1572</span>      * @function
-<span class='line'>1573</span>      * @param {String} h hexadecimal string of DistributionPointName
-<span class='line'>1574</span>      * @return {Object} JSON object of DistributionPointName parameters
-<span class='line'>1575</span>      * @since jsrsasign 9.0.0 x509 2.0.0
-<span class='line'>1576</span>      * @see X509#getExtCRLDistributionPoints
-<span class='line'>1577</span>      * @see X509#getDistributionPoint
-<span class='line'>1578</span>      * @see X509#getGeneralNames
-<span class='line'>1579</span>      * @see X509#getGeneralName
-<span class='line'>1580</span>      * @description
-<span class='line'>1581</span>      * This method will get DistributionPointName parameters.
-<span class='line'>1582</span>      * Result of this method can be passed to
-<span class='line'>1583</span>      * {@link KJUR.asn1.x509.DistributionPointName} constructor.
-<span class='line'>1584</span>      * &lt;br/>
-<span class='line'>1585</span>      * NOTE: nameRelativeToCRLIssuer[1] not supported
-<span class='line'>1586</span>      * @example
-<span class='line'>1587</span>      * x = new X509();
-<span class='line'>1588</span>      * x.getDistributionPointName("a0...") &rarr;
-<span class='line'>1589</span>      * {full: [{uri: "http://aaa.com/"}]}
-<span class='line'>1590</span>      */</span><span class="WHIT">
-<span class='line'>1591</span> </span><span class="WHIT">    </span><span class="NAME">this.getDistributionPointName</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1592</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1593</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1594</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1595</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">h.substr</span><span class="PUNC">(</span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1596</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hTLV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1597</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"a0"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1598</span> </span><span class="WHIT">		</span><span class="NAME">result.full</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getGeneralNames</span><span class="PUNC">(</span><span class="NAME">hTLV</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1599</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1600</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1601</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1602</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1603</span> 
-<span class='line'>1604</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>1605</span>      * get array of string for fullName URIs in cRLDistributionPoints(CDP) in the certificate (DEPRECATED)
-<span class='line'>1606</span>      * @name getExtCRLDistributionPointsURI
-<span class='line'>1607</span>      * @memberOf X509#
-<span class='line'>1608</span>      * @function
-<span class='line'>1609</span>      * @return {Object} array of fullName URIs of CDP of the certificate
-<span class='line'>1610</span>      * @since jsrsasign 7.2.0 x509 1.1.14
-<span class='line'>1611</span>      * @description
-<span class='line'>1612</span>      * This method will get all fullName URIs of cRLDistributionPoints extension
-<span class='line'>1613</span>      * in the certificate as array of URI string.
-<span class='line'>1614</span>      * If there is this in the certificate, it returns undefined;
-<span class='line'>1615</span>      * &lt;br>
-<span class='line'>1616</span>      * NOTE: Currently this method supports only fullName URI so that
-<span class='line'>1617</span>      * other parameters will not be returned.
-<span class='line'>1618</span>      * @example
-<span class='line'>1619</span>      * x = new X509();
-<span class='line'>1620</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
-<span class='line'>1621</span>      * x.getExtCRLDistributionPointsURI() &rarr;
-<span class='line'>1622</span>      * ["http://example.com/aaa.crl", "http://example.org/aaa.crl"]
-<span class='line'>1623</span>      */</span><span class="WHIT">
-<span class='line'>1624</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtCRLDistributionPointsURI</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1625</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">p</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtCRLDistributionPoints</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1626</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">p</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">p</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1627</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">p.array</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1628</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1629</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1630</span> </span><span class="WHIT">	    </span><span class="KEYW">try</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1631</span> </span><span class="WHIT">		</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">dpname.full</span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">uri</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1632</span> </span><span class="WHIT">		    </span><span class="NAME">result.push</span><span class="PUNC">(</span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">dpname.full</span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">uri</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1633</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1634</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">catch</span><span class="PUNC">(</span><span class="NAME">ex</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1635</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1636</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1637</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1638</span> 
-<span class='line'>1639</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>1640</span>      * get AuthorityInfoAccess extension value in the certificate as associative array
-<span class='line'>1641</span>      * @name getExtAIAInfo
-<span class='line'>1642</span>      * @memberOf X509#
-<span class='line'>1643</span>      * @function
-<span class='line'>1644</span>      * @return {Object} associative array of AIA extension properties
-<span class='line'>1645</span>      * @since jsrsasign 7.2.0 x509 1.1.14
-<span class='line'>1646</span>      * @description
-<span class='line'>1647</span>      * This method will get authority info access value
-<span class='line'>1648</span>      * as associate array which has following properties:
-<span class='line'>1649</span>      * &lt;ul>
-<span class='line'>1650</span>      * &lt;li>ocsp - array of string for OCSP responder URL&lt;/li>
-<span class='line'>1651</span>      * &lt;li>caissuer - array of string for caIssuer value (i.e. CA certificates URL)&lt;/li>
-<span class='line'>1652</span>      * &lt;/ul>
-<span class='line'>1653</span>      * If there is this in the certificate, it returns undefined;
-<span class='line'>1654</span>      * @example
-<span class='line'>1655</span>      * x = new X509();
-<span class='line'>1656</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
-<span class='line'>1657</span>      * x.getExtAIAInfo(hCert) &rarr; 
-<span class='line'>1658</span>      * { ocsp:     ["http://ocsp.foo.com"],
-<span class='line'>1659</span>      *   caissuer: ["http://rep.foo.com/aaa.p8m"] }
-<span class='line'>1660</span>      */</span><span class="WHIT">
-<span class='line'>1661</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtAIAInfo</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1662</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtInfo</span><span class="PUNC">(</span><span class="STRN">"authorityInfoAccess"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1663</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">info</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1664</span> 
-<span class='line'>1665</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT"> </span><span class="NAME">ocsp</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">caissuer</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="PUNC">]</span><span class="WHIT"> </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1666</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">info.vidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1667</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1668</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hOID</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getVbyList</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"06"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1669</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hName</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getVbyList</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">1</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"86"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1670</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hOID</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"2b06010505073001"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1671</span> </span><span class="WHIT">		</span><span class="NAME">result.ocsp.push</span><span class="PUNC">(</span><span class="NAME">hextoutf8</span><span class="PUNC">(</span><span class="NAME">hName</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1672</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1673</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hOID</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"2b06010505073002"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1674</span> </span><span class="WHIT">		</span><span class="NAME">result.caissuer.push</span><span class="PUNC">(</span><span class="NAME">hextoutf8</span><span class="PUNC">(</span><span class="NAME">hName</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1675</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1676</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1677</span> 
-<span class='line'>1678</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1679</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1680</span> 
-<span class='line'>1681</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>1682</span>      * get AuthorityInfoAccess extension value as JSON object
-<span class='line'>1683</span>      * @name getExtAuthorityInfoAccess
-<span class='line'>1684</span>      * @memberOf X509#
-<span class='line'>1685</span>      * @function
-<span class='line'>1686</span>      * @param {String} hExtV hexadecimal string of extension value (OPTIONAL)
-<span class='line'>1687</span>      * @param {Boolean} critical flag (OPTIONAL)
-<span class='line'>1688</span>      * @return {Array} JSON object of AuthorityInfoAccess parameters or undefined
-<span class='line'>1689</span>      * @since jsrsasign 9.0.0 x509 2.0.0
-<span class='line'>1690</span>      * @see KJUR.asn1.x509.AuthorityInfoAccess
-<span class='line'>1691</span>      * @description
-<span class='line'>1692</span>      * This method parse authorityInfoAccess extension. When arguments are
-<span class='line'>1693</span>      * not specified, its extension in X509 object will be parsed.
-<span class='line'>1694</span>      * Result of this method can be passed to 
-<span class='line'>1695</span>      * {@link KJUR.asn1.x509.AuthorityInfoAccess} constructor.
-<span class='line'>1696</span>      * &lt;br>
-<span class='line'>1697</span>      * When hExtV and critical specified as arguments, return value
-<span class='line'>1698</span>      * will be generated from them.
-<span class='line'>1699</span>      * @example
-<span class='line'>1700</span>      * x = new X509();
-<span class='line'>1701</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
-<span class='line'>1702</span>      * x.getExtAuthorityInfoAccess() &rarr;
-<span class='line'>1703</span>      * {
-<span class='line'>1704</span>      *   critial: true, // 
-<span class='line'>1705</span>      *   array: [{ocsp: http://ocsp.example.com/},
-<span class='line'>1706</span>      *           {caissuer: https://repository.example.com/}]
-<span class='line'>1707</span>      * }
-<span class='line'>1708</span>      *
-<span class='line'>1709</span>      * x = new X509();
-<span class='line'>1710</span>      * x.getExtAuthorityInfoAccesss("306230...") 
-<span class='line'>1711</span>      * x.getExtAuthorityInfoAccesss("306230...", true) 
-<span class='line'>1712</span>      */</span><span class="WHIT">
-<span class='line'>1713</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtAuthorityInfoAccess</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1714</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1715</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtInfo</span><span class="PUNC">(</span><span class="STRN">"authorityInfoAccess"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1716</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1717</span> </span><span class="WHIT">	    </span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">info.vidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1718</span> </span><span class="WHIT">	    </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">info.critical</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1719</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1720</span> 
-<span class='line'>1721</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">extname</span><span class="PUNC">:</span><span class="STRN">"authorityInfoAccess"</span><span class="PUNC">,</span><span class="NAME">array</span><span class="PUNC">:</span><span class="PUNC">[</span><span class="PUNC">]</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1722</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1723</span> 
-<span class='line'>1724</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1725</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1726</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hMethod</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getVbyListEx</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"06"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1727</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hLoc</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getVbyList</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">1</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"86"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1728</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">sLoc</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">hextoutf8</span><span class="PUNC">(</span><span class="NAME">hLoc</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1729</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hMethod</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"2b06010505073001"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1730</span> </span><span class="WHIT">		</span><span class="NAME">result.array.push</span><span class="PUNC">(</span><span class="PUNC">{</span><span class="NAME">ocsp</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">sLoc</span><span class="PUNC">}</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1731</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hMethod</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"2b06010505073002"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1732</span> </span><span class="WHIT">		</span><span class="NAME">result.array.push</span><span class="PUNC">(</span><span class="PUNC">{</span><span class="NAME">caissuer</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">sLoc</span><span class="PUNC">}</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1733</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1734</span> </span><span class="WHIT">		</span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Error</span><span class="PUNC">(</span><span class="STRN">"unknown method: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">hMethod</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1735</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1736</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1737</span> 
-<span class='line'>1738</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1739</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1740</span> 
-<span class='line'>1741</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>1742</span>      * get CertificatePolicies extension value as JSON object
-<span class='line'>1743</span>      * @name getExtCertificatePolicies
-<span class='line'>1744</span>      * @memberOf X509#
-<span class='line'>1745</span>      * @function
-<span class='line'>1746</span>      * @param {String} hExtV hexadecimal string of extension value (OPTIONAL)
-<span class='line'>1747</span>      * @param {Boolean} critical flag (OPTIONAL)
-<span class='line'>1748</span>      * @return {Object} JSON object of CertificatePolicies parameters or undefined
-<span class='line'>1749</span>      * @since jsrsasign 7.2.0 x509 1.1.14
-<span class='line'>1750</span>      * @description
-<span class='line'>1751</span>      * This method will get certificate policies value
-<span class='line'>1752</span>      * as an array of JSON object which has properties defined
-<span class='line'>1753</span>      * in {@link KJUR.asn1.x509.CertificatePolicies}.
-<span class='line'>1754</span>      * Result of this method can be passed to 
-<span class='line'>1755</span>      * {@link KJUR.asn1.x509.CertificatePolicies} constructor.
-<span class='line'>1756</span>      * If there is no this extension in the certificate,
-<span class='line'>1757</span>      * it returns undefined.
-<span class='line'>1758</span>      * &lt;br>
-<span class='line'>1759</span>      * CAUTION: return value of JSON object format have been changed
-<span class='line'>1760</span>      * from jsrsasign 9.0.0 without backword compatibility.
-<span class='line'>1761</span>      * &lt;br>
-<span class='line'>1762</span>      * When hExtV and critical specified as arguments, return value
-<span class='line'>1763</span>      * will be generated from them.
-<span class='line'>1764</span>      * @example
-<span class='line'>1765</span>      * x = new X509();
-<span class='line'>1766</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
-<span class='line'>1767</span>      * x.getExtCertificatePolicies() &rarr; 
-<span class='line'>1768</span>      * { array: [
-<span class='line'>1769</span>      *   { policyoid: "1.2.3.4" }
-<span class='line'>1770</span>      *   { policyoid: "1.2.3.5",
-<span class='line'>1771</span>      *     array: [
-<span class='line'>1772</span>      *       { cps: "https://example.com/" },
-<span class='line'>1773</span>      *       { unotice: { exptext: { type: "bmp", str: "sample text" } } }
-<span class='line'>1774</span>      *     ] 
-<span class='line'>1775</span>      *   }
-<span class='line'>1776</span>      * ]}
-<span class='line'>1777</span>      */</span><span class="WHIT">
-<span class='line'>1778</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtCertificatePolicies</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1779</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1780</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtInfo</span><span class="PUNC">(</span><span class="STRN">"certificatePolicies"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1781</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1782</span> </span><span class="WHIT">	    </span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">info.vidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1783</span> </span><span class="WHIT">	    </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">info.critical</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1784</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1785</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">extname</span><span class="PUNC">:</span><span class="STRN">"certificatePolicies"</span><span class="PUNC">,</span><span class="NAME">array</span><span class="PUNC">:</span><span class="PUNC">[</span><span class="PUNC">]</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1786</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1787</span> 
-<span class='line'>1788</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aIdxPI</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="COMM">// PolicyInformation list index</span><span class="WHIT">
-<span class='line'>1789</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">aIdxPI.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1790</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hPolicyInformation</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">aIdxPI</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1791</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">polinfo</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getPolicyInformation</span><span class="PUNC">(</span><span class="NAME">hPolicyInformation</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1792</span> </span><span class="WHIT">	    </span><span class="NAME">result.array.push</span><span class="PUNC">(</span><span class="NAME">polinfo</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1793</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1794</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1795</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1796</span> 
-<span class='line'>1797</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>1798</span>      * get PolicyInformation ASN.1 structure parameter as JSON object
-<span class='line'>1799</span>      * @name getPolicyInformation
-<span class='line'>1800</span>      * @memberOf X509#
-<span class='line'>1801</span>      * @function
-<span class='line'>1802</span>      * @param {String} h hexadecimal string of PolicyInformation
-<span class='line'>1803</span>      * @return {Object} JSON object of PolicyInformation parameters
-<span class='line'>1804</span>      * @since jsrsasign 9.0.0 x509 2.0.0
-<span class='line'>1805</span>      * @description
-<span class='line'>1806</span>      * This method will get PolicyInformation parameters defined in
-<span class='line'>1807</span>      * &lt;a href="https://tools.ietf.org/html/rfc5280#section-4.2.1.4">
-<span class='line'>1808</span>      * RFC 5280 4.2.1.4&lt;/a>.
-<span class='line'>1809</span>      * &lt;pre>
-<span class='line'>1810</span>      * PolicyInformation ::= SEQUENCE {
-<span class='line'>1811</span>      *      policyIdentifier   CertPolicyId,
-<span class='line'>1812</span>      *      policyQualifiers   SEQUENCE SIZE (1..MAX) OF
-<span class='line'>1813</span>      *                              PolicyQualifierInfo OPTIONAL }
-<span class='line'>1814</span>      * &lt;/pre>
-<span class='line'>1815</span>      * Result of this method can be passed to
-<span class='line'>1816</span>      * {@link KJUR.asn1.x509.PolicyInformation} constructor.
-<span class='line'>1817</span>      * @example
-<span class='line'>1818</span>      * x = new X509();
-<span class='line'>1819</span>      * x.getPolicyInformation("30...") &rarr;
-<span class='line'>1820</span>      * {
-<span class='line'>1821</span>      *     policyoid: "2.16.840.1.114412.2.1",
-<span class='line'>1822</span>      *     array: [{cps: "https://www.digicert.com/CPS"}]
-<span class='line'>1823</span>      * }
-<span class='line'>1824</span>      */</span><span class="WHIT">
-<span class='line'>1825</span> </span><span class="WHIT">    </span><span class="NAME">this.getPolicyInformation</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1826</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1827</span> 
-<span class='line'>1828</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hPOLICYOID</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getVbyList</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"06"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1829</span> </span><span class="WHIT">	</span><span class="NAME">result.policyoid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_oidname</span><span class="PUNC">(</span><span class="NAME">hPOLICYOID</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1830</span> </span><span class="WHIT">	
-<span class='line'>1831</span> 	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">idxPQSEQ</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getIdxbyListEx</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">1</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"30"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1832</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">idxPQSEQ</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="PUNC">-</span><span class="NUMB">1</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1833</span> </span><span class="WHIT">	    </span><span class="NAME">result.array</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1834</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">idxPQSEQ</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1835</span> </span><span class="WHIT">	    </span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">j</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">j</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">aIdx.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">j</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1836</span> </span><span class="WHIT">		</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hPQI</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="PUNC">[</span><span class="NAME">j</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1837</span> </span><span class="WHIT">		</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">pqinfo</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getPolicyQualifierInfo</span><span class="PUNC">(</span><span class="NAME">hPQI</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1838</span> </span><span class="WHIT">		</span><span class="NAME">result.array.push</span><span class="PUNC">(</span><span class="NAME">pqinfo</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1839</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1840</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1841</span> 
-<span class='line'>1842</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1843</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1844</span> 
-<span class='line'>1845</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>1846</span>      * getOtherName ASN.1 structure parameter as JSON object&lt;br/>
-<span class='line'>1847</span>      * @name getOtherName
-<span class='line'>1848</span>      * @memberOf X509#
-<span class='line'>1849</span>      * @param {String} h hexadecimal string of GeneralName
-<span class='line'>1850</span>      * @return {Array} associative array of OtherName
-<span class='line'>1851</span>      * @since jsrsasign 10.5.3 x509 2.0.12
-<span class='line'>1852</span>      * @see KJUR.asn1.x509.GeneralNames
-<span class='line'>1853</span>      * @see KJUR.asn1.x509.GeneralName
-<span class='line'>1854</span>      * @see KJUR.asn1.x509.OtherName
-<span class='line'>1855</span>      * @see X509#getGeneralName
-<span class='line'>1856</span>      * @see ASN1HEX#parse
-<span class='line'>1857</span>      *
-<span class='line'>1858</span>      * @description
-<span class='line'>1859</span>      * This method will get OtherName parameters defined in
-<span class='line'>1860</span>      * &lt;a href="https://tools.ietf.org/html/rfc5280#section-4.2.1.6">
-<span class='line'>1861</span>      * RFC 5280 4.2.1.6&lt;/a>.
-<span class='line'>1862</span>      * &lt;pre>
-<span class='line'>1863</span>      * OtherName ::= SEQUENCE {
-<span class='line'>1864</span>      *    type-id    OBJECT IDENTIFIER,
-<span class='line'>1865</span>      *    value      [0] EXPLICIT ANY DEFINED BY type-id }
-<span class='line'>1866</span>      * &lt;/pre>
-<span class='line'>1867</span>      * The value of member "other" is converted by 
-<span class='line'>1868</span>      * {@link ASN1HEX#parse}.
-<span class='line'>1869</span>      *
-<span class='line'>1870</span>      * @example
-<span class='line'>1871</span>      * x = new X509();
-<span class='line'>1872</span>      * x.getOtherName("30...") &rarr;
-<span class='line'>1873</span>      * { oid: "1.2.3.4",
-<span class='line'>1874</span>      *   other: {utf8str: {str: "aaa"}} }
-<span class='line'>1875</span>      */</span><span class="WHIT">
-<span class='line'>1876</span> </span><span class="WHIT">    </span><span class="NAME">this.getOtherName</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1877</span> </span><span class="WHIT">        </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1559</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hTLV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1560</span> </span><span class="WHIT">	    </span><span class="NAME">result.array.push</span><span class="PUNC">(</span><span class="NAME">this.getDistributionPoint</span><span class="PUNC">(</span><span class="NAME">hTLV</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1561</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1562</span> 
+<span class='line'>1563</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1564</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1565</span> 
+<span class='line'>1566</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>1567</span>      * get DistributionPoint ASN.1 structure parameter as JSON object
+<span class='line'>1568</span>      * @name getDistributionPoint
+<span class='line'>1569</span>      * @memberOf X509#
+<span class='line'>1570</span>      * @function
+<span class='line'>1571</span>      * @param {String} h hexadecimal string of DistributionPoint
+<span class='line'>1572</span>      * @return {Object} JSON object of DistributionPoint parameters
+<span class='line'>1573</span>      * @since jsrsasign 9.0.0 x509 2.0.0
+<span class='line'>1574</span>      * @see X509#getExtCRLDistributionPoints
+<span class='line'>1575</span>      * @see X509#getDistributionPointName
+<span class='line'>1576</span>      * @see X509#getGeneralNames
+<span class='line'>1577</span>      * @see X509#getGeneralName
+<span class='line'>1578</span>      * @description
+<span class='line'>1579</span>      * This method will get DistributionPoint parameters.
+<span class='line'>1580</span>      * Result of this method can be passed to
+<span class='line'>1581</span>      * {@link KJUR.asn1.x509.DistributionPoint} constructor.
+<span class='line'>1582</span>      * &lt;br/>
+<span class='line'>1583</span>      * NOTE: reasons[1] and CRLIssuer[2] field not supported
+<span class='line'>1584</span>      * @example
+<span class='line'>1585</span>      * x = new X509();
+<span class='line'>1586</span>      * x.getDistributionPoint("30...") &rarr;
+<span class='line'>1587</span>      * {dpname: {full: [{uri: "http://aaa.com/"}]}}
+<span class='line'>1588</span>      */</span><span class="WHIT">
+<span class='line'>1589</span> </span><span class="WHIT">    </span><span class="NAME">this.getDistributionPoint</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1590</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1591</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1592</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1593</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">h.substr</span><span class="PUNC">(</span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1594</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hTLV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1595</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"a0"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1596</span> </span><span class="WHIT">		</span><span class="NAME">result.dpname</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getDistributionPointName</span><span class="PUNC">(</span><span class="NAME">hTLV</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1597</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1598</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1599</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1600</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1601</span> 
+<span class='line'>1602</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>1603</span>      * get DistributionPointName ASN.1 structure parameter as JSON object
+<span class='line'>1604</span>      * @name getDistributionPointName
+<span class='line'>1605</span>      * @memberOf X509#
+<span class='line'>1606</span>      * @function
+<span class='line'>1607</span>      * @param {String} h hexadecimal string of DistributionPointName
+<span class='line'>1608</span>      * @return {Object} JSON object of DistributionPointName parameters
+<span class='line'>1609</span>      * @since jsrsasign 9.0.0 x509 2.0.0
+<span class='line'>1610</span>      * @see X509#getExtCRLDistributionPoints
+<span class='line'>1611</span>      * @see X509#getDistributionPoint
+<span class='line'>1612</span>      * @see X509#getGeneralNames
+<span class='line'>1613</span>      * @see X509#getGeneralName
+<span class='line'>1614</span>      * @description
+<span class='line'>1615</span>      * This method will get DistributionPointName parameters.
+<span class='line'>1616</span>      * Result of this method can be passed to
+<span class='line'>1617</span>      * {@link KJUR.asn1.x509.DistributionPointName} constructor.
+<span class='line'>1618</span>      * &lt;br/>
+<span class='line'>1619</span>      * NOTE: nameRelativeToCRLIssuer[1] not supported
+<span class='line'>1620</span>      * @example
+<span class='line'>1621</span>      * x = new X509();
+<span class='line'>1622</span>      * x.getDistributionPointName("a0...") &rarr;
+<span class='line'>1623</span>      * {full: [{uri: "http://aaa.com/"}]}
+<span class='line'>1624</span>      */</span><span class="WHIT">
+<span class='line'>1625</span> </span><span class="WHIT">    </span><span class="NAME">this.getDistributionPointName</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1626</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1627</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1628</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1629</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">h.substr</span><span class="PUNC">(</span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1630</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hTLV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1631</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"a0"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1632</span> </span><span class="WHIT">		</span><span class="NAME">result.full</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getGeneralNames</span><span class="PUNC">(</span><span class="NAME">hTLV</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1633</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1634</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1635</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1636</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1637</span> 
+<span class='line'>1638</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>1639</span>      * get array of string for fullName URIs in cRLDistributionPoints(CDP) in the certificate (DEPRECATED)
+<span class='line'>1640</span>      * @name getExtCRLDistributionPointsURI
+<span class='line'>1641</span>      * @memberOf X509#
+<span class='line'>1642</span>      * @function
+<span class='line'>1643</span>      * @return {Object} array of fullName URIs of CDP of the certificate
+<span class='line'>1644</span>      * @since jsrsasign 7.2.0 x509 1.1.14
+<span class='line'>1645</span>      * @description
+<span class='line'>1646</span>      * This method will get all fullName URIs of cRLDistributionPoints extension
+<span class='line'>1647</span>      * in the certificate as array of URI string.
+<span class='line'>1648</span>      * If there is this in the certificate, it returns undefined;
+<span class='line'>1649</span>      * &lt;br>
+<span class='line'>1650</span>      * NOTE: Currently this method supports only fullName URI so that
+<span class='line'>1651</span>      * other parameters will not be returned.
+<span class='line'>1652</span>      * @example
+<span class='line'>1653</span>      * x = new X509();
+<span class='line'>1654</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
+<span class='line'>1655</span>      * x.getExtCRLDistributionPointsURI() &rarr;
+<span class='line'>1656</span>      * ["http://example.com/aaa.crl", "http://example.org/aaa.crl"]
+<span class='line'>1657</span>      */</span><span class="WHIT">
+<span class='line'>1658</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtCRLDistributionPointsURI</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1659</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">p</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtCRLDistributionPoints</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1660</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">p</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">p</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1661</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">p.array</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1662</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1663</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1664</span> </span><span class="WHIT">	    </span><span class="KEYW">try</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1665</span> </span><span class="WHIT">		</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">dpname.full</span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">uri</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1666</span> </span><span class="WHIT">		    </span><span class="NAME">result.push</span><span class="PUNC">(</span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">dpname.full</span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">uri</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1667</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1668</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">catch</span><span class="PUNC">(</span><span class="NAME">ex</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1669</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1670</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1671</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1672</span> 
+<span class='line'>1673</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>1674</span>      * get AuthorityInfoAccess extension value in the certificate as associative array
+<span class='line'>1675</span>      * @name getExtAIAInfo
+<span class='line'>1676</span>      * @memberOf X509#
+<span class='line'>1677</span>      * @function
+<span class='line'>1678</span>      * @return {Object} associative array of AIA extension properties
+<span class='line'>1679</span>      * @since jsrsasign 7.2.0 x509 1.1.14
+<span class='line'>1680</span>      * @description
+<span class='line'>1681</span>      * This method will get authority info access value
+<span class='line'>1682</span>      * as associate array which has following properties:
+<span class='line'>1683</span>      * &lt;ul>
+<span class='line'>1684</span>      * &lt;li>ocsp - array of string for OCSP responder URL&lt;/li>
+<span class='line'>1685</span>      * &lt;li>caissuer - array of string for caIssuer value (i.e. CA certificates URL)&lt;/li>
+<span class='line'>1686</span>      * &lt;/ul>
+<span class='line'>1687</span>      * If there is this in the certificate, it returns undefined;
+<span class='line'>1688</span>      * @example
+<span class='line'>1689</span>      * x = new X509();
+<span class='line'>1690</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
+<span class='line'>1691</span>      * x.getExtAIAInfo(hCert) &rarr; 
+<span class='line'>1692</span>      * { ocsp:     ["http://ocsp.foo.com"],
+<span class='line'>1693</span>      *   caissuer: ["http://rep.foo.com/aaa.p8m"] }
+<span class='line'>1694</span>      */</span><span class="WHIT">
+<span class='line'>1695</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtAIAInfo</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1696</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtInfo</span><span class="PUNC">(</span><span class="STRN">"authorityInfoAccess"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1697</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">info</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1698</span> 
+<span class='line'>1699</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT"> </span><span class="NAME">ocsp</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">caissuer</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="PUNC">]</span><span class="WHIT"> </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1700</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">info.vidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1701</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1702</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hOID</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getVbyList</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"06"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1703</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hName</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getVbyList</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">1</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"86"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1704</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hOID</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"2b06010505073001"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1705</span> </span><span class="WHIT">		</span><span class="NAME">result.ocsp.push</span><span class="PUNC">(</span><span class="NAME">hextoutf8</span><span class="PUNC">(</span><span class="NAME">hName</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1706</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1707</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hOID</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"2b06010505073002"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1708</span> </span><span class="WHIT">		</span><span class="NAME">result.caissuer.push</span><span class="PUNC">(</span><span class="NAME">hextoutf8</span><span class="PUNC">(</span><span class="NAME">hName</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1709</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1710</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1711</span> 
+<span class='line'>1712</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1713</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1714</span> 
+<span class='line'>1715</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>1716</span>      * get AuthorityInfoAccess extension value as JSON object
+<span class='line'>1717</span>      * @name getExtAuthorityInfoAccess
+<span class='line'>1718</span>      * @memberOf X509#
+<span class='line'>1719</span>      * @function
+<span class='line'>1720</span>      * @param {String} hExtV hexadecimal string of extension value (OPTIONAL)
+<span class='line'>1721</span>      * @param {Boolean} critical flag (OPTIONAL)
+<span class='line'>1722</span>      * @return {Array} JSON object of AuthorityInfoAccess parameters or undefined
+<span class='line'>1723</span>      * @since jsrsasign 9.0.0 x509 2.0.0
+<span class='line'>1724</span>      * @see KJUR.asn1.x509.AuthorityInfoAccess
+<span class='line'>1725</span>      * @description
+<span class='line'>1726</span>      * This method parse authorityInfoAccess extension. When arguments are
+<span class='line'>1727</span>      * not specified, its extension in X509 object will be parsed.
+<span class='line'>1728</span>      * Result of this method can be passed to 
+<span class='line'>1729</span>      * {@link KJUR.asn1.x509.AuthorityInfoAccess} constructor.
+<span class='line'>1730</span>      * &lt;br>
+<span class='line'>1731</span>      * When hExtV and critical specified as arguments, return value
+<span class='line'>1732</span>      * will be generated from them.
+<span class='line'>1733</span>      * @example
+<span class='line'>1734</span>      * x = new X509();
+<span class='line'>1735</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
+<span class='line'>1736</span>      * x.getExtAuthorityInfoAccess() &rarr;
+<span class='line'>1737</span>      * {
+<span class='line'>1738</span>      *   critial: true, // 
+<span class='line'>1739</span>      *   array: [{ocsp: http://ocsp.example.com/},
+<span class='line'>1740</span>      *           {caissuer: https://repository.example.com/}]
+<span class='line'>1741</span>      * }
+<span class='line'>1742</span>      *
+<span class='line'>1743</span>      * x = new X509();
+<span class='line'>1744</span>      * x.getExtAuthorityInfoAccesss("306230...") 
+<span class='line'>1745</span>      * x.getExtAuthorityInfoAccesss("306230...", true) 
+<span class='line'>1746</span>      */</span><span class="WHIT">
+<span class='line'>1747</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtAuthorityInfoAccess</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1748</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1749</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtInfo</span><span class="PUNC">(</span><span class="STRN">"authorityInfoAccess"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1750</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1751</span> </span><span class="WHIT">	    </span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">info.vidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1752</span> </span><span class="WHIT">	    </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">info.critical</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1753</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1754</span> 
+<span class='line'>1755</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">extname</span><span class="PUNC">:</span><span class="STRN">"authorityInfoAccess"</span><span class="PUNC">,</span><span class="NAME">array</span><span class="PUNC">:</span><span class="PUNC">[</span><span class="PUNC">]</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1756</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1757</span> 
+<span class='line'>1758</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1759</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1760</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hMethod</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getVbyListEx</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"06"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1761</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hLoc</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getVbyList</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">1</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"86"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1762</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">sLoc</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">hextoutf8</span><span class="PUNC">(</span><span class="NAME">hLoc</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1763</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hMethod</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"2b06010505073001"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1764</span> </span><span class="WHIT">		</span><span class="NAME">result.array.push</span><span class="PUNC">(</span><span class="PUNC">{</span><span class="NAME">ocsp</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">sLoc</span><span class="PUNC">}</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1765</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hMethod</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"2b06010505073002"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1766</span> </span><span class="WHIT">		</span><span class="NAME">result.array.push</span><span class="PUNC">(</span><span class="PUNC">{</span><span class="NAME">caissuer</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">sLoc</span><span class="PUNC">}</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1767</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1768</span> </span><span class="WHIT">		</span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Error</span><span class="PUNC">(</span><span class="STRN">"unknown method: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">hMethod</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1769</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1770</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1771</span> 
+<span class='line'>1772</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1773</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1774</span> 
+<span class='line'>1775</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>1776</span>      * get CertificatePolicies extension value as JSON object
+<span class='line'>1777</span>      * @name getExtCertificatePolicies
+<span class='line'>1778</span>      * @memberOf X509#
+<span class='line'>1779</span>      * @function
+<span class='line'>1780</span>      * @param {String} hExtV hexadecimal string of extension value (OPTIONAL)
+<span class='line'>1781</span>      * @param {Boolean} critical flag (OPTIONAL)
+<span class='line'>1782</span>      * @return {Object} JSON object of CertificatePolicies parameters or undefined
+<span class='line'>1783</span>      * @since jsrsasign 7.2.0 x509 1.1.14
+<span class='line'>1784</span>      * @description
+<span class='line'>1785</span>      * This method will get certificate policies value
+<span class='line'>1786</span>      * as an array of JSON object which has properties defined
+<span class='line'>1787</span>      * in {@link KJUR.asn1.x509.CertificatePolicies}.
+<span class='line'>1788</span>      * Result of this method can be passed to 
+<span class='line'>1789</span>      * {@link KJUR.asn1.x509.CertificatePolicies} constructor.
+<span class='line'>1790</span>      * If there is no this extension in the certificate,
+<span class='line'>1791</span>      * it returns undefined.
+<span class='line'>1792</span>      * &lt;br>
+<span class='line'>1793</span>      * CAUTION: return value of JSON object format have been changed
+<span class='line'>1794</span>      * from jsrsasign 9.0.0 without backword compatibility.
+<span class='line'>1795</span>      * &lt;br>
+<span class='line'>1796</span>      * When hExtV and critical specified as arguments, return value
+<span class='line'>1797</span>      * will be generated from them.
+<span class='line'>1798</span>      * @example
+<span class='line'>1799</span>      * x = new X509();
+<span class='line'>1800</span>      * x.readCertPEM(sCertPEM); // parseExt() will also be called internally.
+<span class='line'>1801</span>      * x.getExtCertificatePolicies() &rarr; 
+<span class='line'>1802</span>      * { array: [
+<span class='line'>1803</span>      *   { policyoid: "1.2.3.4" }
+<span class='line'>1804</span>      *   { policyoid: "1.2.3.5",
+<span class='line'>1805</span>      *     array: [
+<span class='line'>1806</span>      *       { cps: "https://example.com/" },
+<span class='line'>1807</span>      *       { unotice: { exptext: { type: "bmp", str: "sample text" } } }
+<span class='line'>1808</span>      *     ] 
+<span class='line'>1809</span>      *   }
+<span class='line'>1810</span>      * ]}
+<span class='line'>1811</span>      */</span><span class="WHIT">
+<span class='line'>1812</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtCertificatePolicies</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1813</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1814</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtInfo</span><span class="PUNC">(</span><span class="STRN">"certificatePolicies"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1815</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1816</span> </span><span class="WHIT">	    </span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">info.vidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1817</span> </span><span class="WHIT">	    </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">info.critical</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1818</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1819</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">extname</span><span class="PUNC">:</span><span class="STRN">"certificatePolicies"</span><span class="PUNC">,</span><span class="NAME">array</span><span class="PUNC">:</span><span class="PUNC">[</span><span class="PUNC">]</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1820</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1821</span> 
+<span class='line'>1822</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aIdxPI</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="COMM">// PolicyInformation list index</span><span class="WHIT">
+<span class='line'>1823</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">aIdxPI.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1824</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hPolicyInformation</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">aIdxPI</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1825</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">polinfo</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getPolicyInformation</span><span class="PUNC">(</span><span class="NAME">hPolicyInformation</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1826</span> </span><span class="WHIT">	    </span><span class="NAME">result.array.push</span><span class="PUNC">(</span><span class="NAME">polinfo</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1827</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1828</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1829</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1830</span> 
+<span class='line'>1831</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>1832</span>      * get PolicyInformation ASN.1 structure parameter as JSON object
+<span class='line'>1833</span>      * @name getPolicyInformation
+<span class='line'>1834</span>      * @memberOf X509#
+<span class='line'>1835</span>      * @function
+<span class='line'>1836</span>      * @param {String} h hexadecimal string of PolicyInformation
+<span class='line'>1837</span>      * @return {Object} JSON object of PolicyInformation parameters
+<span class='line'>1838</span>      * @since jsrsasign 9.0.0 x509 2.0.0
+<span class='line'>1839</span>      * @description
+<span class='line'>1840</span>      * This method will get PolicyInformation parameters defined in
+<span class='line'>1841</span>      * &lt;a href="https://tools.ietf.org/html/rfc5280#section-4.2.1.4">
+<span class='line'>1842</span>      * RFC 5280 4.2.1.4&lt;/a>.
+<span class='line'>1843</span>      * &lt;pre>
+<span class='line'>1844</span>      * PolicyInformation ::= SEQUENCE {
+<span class='line'>1845</span>      *      policyIdentifier   CertPolicyId,
+<span class='line'>1846</span>      *      policyQualifiers   SEQUENCE SIZE (1..MAX) OF
+<span class='line'>1847</span>      *                              PolicyQualifierInfo OPTIONAL }
+<span class='line'>1848</span>      * &lt;/pre>
+<span class='line'>1849</span>      * Result of this method can be passed to
+<span class='line'>1850</span>      * {@link KJUR.asn1.x509.PolicyInformation} constructor.
+<span class='line'>1851</span>      * @example
+<span class='line'>1852</span>      * x = new X509();
+<span class='line'>1853</span>      * x.getPolicyInformation("30...") &rarr;
+<span class='line'>1854</span>      * {
+<span class='line'>1855</span>      *     policyoid: "2.16.840.1.114412.2.1",
+<span class='line'>1856</span>      *     array: [{cps: "https://www.digicert.com/CPS"}]
+<span class='line'>1857</span>      * }
+<span class='line'>1858</span>      */</span><span class="WHIT">
+<span class='line'>1859</span> </span><span class="WHIT">    </span><span class="NAME">this.getPolicyInformation</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1860</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1861</span> 
+<span class='line'>1862</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hPOLICYOID</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getVbyList</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"06"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1863</span> </span><span class="WHIT">	</span><span class="NAME">result.policyoid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_oidname</span><span class="PUNC">(</span><span class="NAME">hPOLICYOID</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1864</span> </span><span class="WHIT">	
+<span class='line'>1865</span> 	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">idxPQSEQ</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getIdxbyListEx</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">1</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"30"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1866</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">idxPQSEQ</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="PUNC">-</span><span class="NUMB">1</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1867</span> </span><span class="WHIT">	    </span><span class="NAME">result.array</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1868</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">idxPQSEQ</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1869</span> </span><span class="WHIT">	    </span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">j</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">j</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">aIdx.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">j</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1870</span> </span><span class="WHIT">		</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hPQI</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="PUNC">[</span><span class="NAME">j</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1871</span> </span><span class="WHIT">		</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">pqinfo</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getPolicyQualifierInfo</span><span class="PUNC">(</span><span class="NAME">hPQI</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1872</span> </span><span class="WHIT">		</span><span class="NAME">result.array.push</span><span class="PUNC">(</span><span class="NAME">pqinfo</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1873</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1874</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1875</span> 
+<span class='line'>1876</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1877</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
 <span class='line'>1878</span> 
-<span class='line'>1879</span> </span><span class="WHIT">        </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1880</span> </span><span class="WHIT">        </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hOID</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getVbyList</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"06"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1881</span> </span><span class="WHIT">        </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hValue</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getVbyList</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NUMB">1</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1882</span> </span><span class="WHIT">        </span><span class="NAME">result.oid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">KJUR.asn1.ASN1Util.oidHexToInt</span><span class="PUNC">(</span><span class="NAME">hOID</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1883</span> </span><span class="WHIT">        </span><span class="NAME">result.obj</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_ASN1HEX_parse</span><span class="PUNC">(</span><span class="NAME">hValue</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1884</span> </span><span class="WHIT">        </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1885</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1886</span> 
-<span class='line'>1887</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>1888</span>      * get PolicyQualifierInfo ASN.1 structure parameter as JSON object
-<span class='line'>1889</span>      * @name getPolicyQualifierInfo
-<span class='line'>1890</span>      * @memberOf X509#
-<span class='line'>1891</span>      * @function
-<span class='line'>1892</span>      * @param {String} h hexadecimal string of PolicyQualifierInfo
-<span class='line'>1893</span>      * @return {Object} JSON object of PolicyQualifierInfo parameters
-<span class='line'>1894</span>      * @since jsrsasign 9.0.0 x509 2.0.0
-<span class='line'>1895</span>      * @see X509#getExtCertificatePolicies
-<span class='line'>1896</span>      * @see X509#getPolicyInformation
-<span class='line'>1897</span>      * @description
-<span class='line'>1898</span>      * This method will get 
-<span class='line'>1899</span>      * &lt;a href="https://tools.ietf.org/html/rfc5280#section-4.2.1.4">
-<span class='line'>1900</span>      * PolicyQualifierInfo&lt;/a> parameters.
-<span class='line'>1901</span>      * &lt;pre>
-<span class='line'>1902</span>      * PolicyQualifierInfo ::= SEQUENCE {
-<span class='line'>1903</span>      *      policyQualifierId  PolicyQualifierId,
-<span class='line'>1904</span>      *      qualifier          ANY DEFINED BY policyQualifierId }
-<span class='line'>1905</span>      * id-qt          OBJECT IDENTIFIER ::=  { id-pkix 2 }
-<span class='line'>1906</span>      * id-qt-cps      OBJECT IDENTIFIER ::=  { id-qt 1 }
-<span class='line'>1907</span>      * id-qt-unotice  OBJECT IDENTIFIER ::=  { id-qt 2 }
-<span class='line'>1908</span>      * PolicyQualifierId ::= OBJECT IDENTIFIER ( id-qt-cps | id-qt-unotice )
-<span class='line'>1909</span>      * Qualifier ::= CHOICE {
-<span class='line'>1910</span>      *      cPSuri           CPSuri,
-<span class='line'>1911</span>      *      userNotice       UserNotice }
-<span class='line'>1912</span>      * CPSuri ::= IA5String
-<span class='line'>1913</span>      * &lt;/pre>
-<span class='line'>1914</span>      * Result of this method can be passed to 
-<span class='line'>1915</span>      * {@link KJUR.asn1.x509.PolicyQualifierInfo} constructor.
-<span class='line'>1916</span>      * @example
-<span class='line'>1917</span>      * x = new X509();
-<span class='line'>1918</span>      * x.getPolicyQualifierInfo("30...") 
-<span class='line'>1919</span>      * &rarr; {unotice: {exptext: {type: 'utf8', str: 'aaa'}}}
-<span class='line'>1920</span>      * x.getPolicyQualifierInfo("30...") 
-<span class='line'>1921</span>      * &rarr; {cps: "https://repository.example.com/"}
-<span class='line'>1922</span>      */</span><span class="WHIT">
-<span class='line'>1923</span> </span><span class="WHIT">    </span><span class="NAME">this.getPolicyQualifierInfo</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1924</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1925</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hPQOID</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getVbyList</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"06"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1926</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hPQOID</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"2b06010505070201"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT"> </span><span class="COMM">// cps</span><span class="WHIT">
-<span class='line'>1927</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hCPSURI</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getVbyListEx</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">1</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"16"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1928</span> </span><span class="WHIT">	    </span><span class="NAME">result.cps</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">hextorstr</span><span class="PUNC">(</span><span class="NAME">hCPSURI</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1929</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hPQOID</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"2b06010505070202"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT"> </span><span class="COMM">// unotice</span><span class="WHIT">
-<span class='line'>1930</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hUserNotice</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLVbyList</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">1</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"30"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1931</span> </span><span class="WHIT">	    </span><span class="NAME">result.unotice</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getUserNotice</span><span class="PUNC">(</span><span class="NAME">hUserNotice</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1932</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1933</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1934</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1935</span> 
-<span class='line'>1936</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>1937</span>      * get UserNotice ASN.1 structure parameter as JSON object
-<span class='line'>1938</span>      * @name getUserNotice
-<span class='line'>1939</span>      * @memberOf X509#
-<span class='line'>1940</span>      * @function
-<span class='line'>1941</span>      * @param {String} h hexadecimal string of UserNotice
-<span class='line'>1942</span>      * @return {Object} JSON object of UserNotice parameters
-<span class='line'>1943</span>      * @since jsrsasign 9.0.0 x509 2.0.0
-<span class='line'>1944</span>      * @see X509#getExtCertificatePolicies
-<span class='line'>1945</span>      * @see X509#getPolicyInformation
-<span class='line'>1946</span>      * @see X509#getPolicyQualifierInfo
-<span class='line'>1947</span>      * @description
-<span class='line'>1948</span>      * This method will get 
-<span class='line'>1949</span>      * &lt;a href="https://tools.ietf.org/html/rfc5280#section-4.2.1.4">
-<span class='line'>1950</span>      * UserNotice&lt;/a> parameters.
-<span class='line'>1951</span>      * &lt;pre>
-<span class='line'>1952</span>      * UserNotice ::= SEQUENCE {
-<span class='line'>1953</span>      *      noticeRef        NoticeReference OPTIONAL,
-<span class='line'>1954</span>      *      explicitText     DisplayText OPTIONAL }
-<span class='line'>1955</span>      * &lt;/pre>
-<span class='line'>1956</span>      * Result of this method can be passed to 
-<span class='line'>1957</span>      * {@link KJUR.asn1.x509.NoticeReference} constructor.
-<span class='line'>1958</span>      * &lt;br/>
-<span class='line'>1959</span>      * NOTE: NoticeReference parsing is currently not supported and
-<span class='line'>1960</span>      * it will be ignored.
-<span class='line'>1961</span>      * @example
-<span class='line'>1962</span>      * x = new X509();
-<span class='line'>1963</span>      * x.getUserNotice("30...") &rarr; {exptext: {type: 'utf8', str: 'aaa'}}
-<span class='line'>1964</span>      */</span><span class="WHIT">
-<span class='line'>1965</span> </span><span class="WHIT">    </span><span class="NAME">this.getUserNotice</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1966</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1967</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1968</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1969</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hItem</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1970</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hItem.substr</span><span class="PUNC">(</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="STRN">"30"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>1971</span> </span><span class="WHIT">		</span><span class="NAME">result.exptext</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getDisplayText</span><span class="PUNC">(</span><span class="NAME">hItem</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1972</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1973</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>1974</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1975</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>1976</span> 
-<span class='line'>1977</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>1978</span>      * get DisplayText ASN.1 structure parameter as JSON object
-<span class='line'>1979</span>      * @name getDisplayText
-<span class='line'>1980</span>      * @memberOf X509#
-<span class='line'>1981</span>      * @function
-<span class='line'>1982</span>      * @param {String} h hexadecimal string of DisplayText
-<span class='line'>1983</span>      * @return {Object} JSON object of DisplayText parameters
-<span class='line'>1984</span>      * @since jsrsasign 9.0.0 x509 2.0.0
-<span class='line'>1985</span>      * @see X509#getExtCertificatePolicies
-<span class='line'>1986</span>      * @see X509#getPolicyInformation
-<span class='line'>1987</span>      * @description
-<span class='line'>1988</span>      * This method will get 
-<span class='line'>1989</span>      * &lt;a href="https://tools.ietf.org/html/rfc5280#section-4.2.1.4">
-<span class='line'>1990</span>      * DisplayText&lt;/a> parameters.
-<span class='line'>1991</span>      * &lt;pre>
-<span class='line'>1992</span>      * DisplayText ::= CHOICE {
-<span class='line'>1993</span>      *      ia5String        IA5String      (SIZE (1..200)),
-<span class='line'>1994</span>      *      visibleString    VisibleString  (SIZE (1..200)),
-<span class='line'>1995</span>      *      bmpString        BMPString      (SIZE (1..200)),
-<span class='line'>1996</span>      *      utf8String       UTF8String     (SIZE (1..200)) }     
-<span class='line'>1997</span>      * &lt;/pre>
-<span class='line'>1998</span>      * Result of this method can be passed to 
-<span class='line'>1999</span>      * {@link KJUR.asn1.x509.DisplayText} constructor.
-<span class='line'>2000</span>      * @example
-<span class='line'>2001</span>      * x = new X509();
-<span class='line'>2002</span>      * x.getDisplayText("0c03616161") &rarr {type: 'utf8', str: 'aaa'}
-<span class='line'>2003</span>      * x.getDisplayText("1e03616161") &rarr {type: 'bmp',  str: 'aaa'}
-<span class='line'>2004</span>      */</span><span class="WHIT">
-<span class='line'>2005</span> </span><span class="WHIT">    </span><span class="NAME">this.getDisplayText</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2006</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">_DISPLAYTEXTTAG</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="STRN">"0c"</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="STRN">"utf8"</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"16"</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="STRN">"ia5"</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"1a"</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="STRN">"vis"</span><span class="WHIT"> </span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"1e"</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="STRN">"bmp"</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2007</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2008</span> </span><span class="WHIT">	</span><span class="NAME">result.type</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_DISPLAYTEXTTAG</span><span class="PUNC">[</span><span class="NAME">h.substr</span><span class="PUNC">(</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="PUNC">)</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2009</span> </span><span class="WHIT">	</span><span class="NAME">result.str</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">hextorstr</span><span class="PUNC">(</span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2010</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2011</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2012</span> 
-<span class='line'>2013</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>2014</span>      * parse cRLNumber CRL extension as JSON object&lt;br/>
-<span class='line'>2015</span>      * @name getExtCRLNumber
-<span class='line'>2016</span>      * @memberOf X509#
-<span class='line'>2017</span>      * @function
-<span class='line'>2018</span>      * @param {String} hExtV hexadecimal string of extension value
-<span class='line'>2019</span>      * @param {Boolean} critical flag
-<span class='line'>2020</span>      * @since jsrsasign 9.1.1 x509 2.0.1
-<span class='line'>2021</span>      * @see KJUR.asn1.x509.CRLNumber
-<span class='line'>2022</span>      * @see X509#getExtParamArray
-<span class='line'>2023</span>      * @description
-<span class='line'>2024</span>      * This method parses
-<span class='line'>2025</span>      * CRLNumber CRL extension value defined in
-<span class='line'>2026</span>      * &lt;a href="https://tools.ietf.org/html/rfc5280#section-5.2.3">
-<span class='line'>2027</span>      * RFC 5280 5.2.3&lt;/a> as JSON object.
-<span class='line'>2028</span>      * &lt;pre>
-<span class='line'>2029</span>      * id-ce-cRLNumber OBJECT IDENTIFIER ::= { id-ce 20 }
-<span class='line'>2030</span>      * CRLNumber ::= INTEGER (0..MAX)
-<span class='line'>2031</span>      * &lt;/pre>
-<span class='line'>2032</span>      * &lt;br/>
-<span class='line'>2033</span>      * Result of this method can be passed to 
-<span class='line'>2034</span>      * {@link KJUR.asn1.x509.CRLNumber} constructor.
-<span class='line'>2035</span>      * @example
-<span class='line'>2036</span>      * crl = X509CRL("-----BEGIN X509 CRL...");
-<span class='line'>2037</span>      * ... get hExtV and critical flag ...
-<span class='line'>2038</span>      * crl.getExtCRLNumber("02...", false) &rarr;
-<span class='line'>2039</span>      * {extname: "cRLNumber", num: {hex: "12af"}}
-<span class='line'>2040</span>      */</span><span class="WHIT">
-<span class='line'>2041</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtCRLNumber</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2042</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">extname</span><span class="PUNC">:</span><span class="STRN">"cRLNumber"</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2043</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2044</span> 
-<span class='line'>2045</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV.substr</span><span class="PUNC">(</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"02"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2046</span> </span><span class="WHIT">	    </span><span class="NAME">result.num</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">hex</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2047</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2048</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2049</span> </span><span class="WHIT">	</span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Error</span><span class="PUNC">(</span><span class="STRN">"hExtV parse error: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">hExtV</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2050</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2051</span> 
-<span class='line'>2052</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>2053</span>      * parse cRLReason CRL entry extension as JSON object&lt;br/>
-<span class='line'>2054</span>      * @name getExtCRLReason
-<span class='line'>2055</span>      * @memberOf X509#
-<span class='line'>2056</span>      * @function
-<span class='line'>2057</span>      * @param {String} hExtV hexadecimal string of extension value
-<span class='line'>2058</span>      * @param {Boolean} critical flag
-<span class='line'>2059</span>      * @since jsrsasign 9.1.1 x509 2.0.1
-<span class='line'>2060</span>      * @see KJUR.asn1.x509.CRLReason
-<span class='line'>2061</span>      * @see X509#getExtParamArray
-<span class='line'>2062</span>      * @description
-<span class='line'>2063</span>      * This method parses
-<span class='line'>2064</span>      * CRLReason CRL entry extension value defined in
-<span class='line'>2065</span>      * &lt;a href="https://tools.ietf.org/html/rfc5280#section-5.3.1">
-<span class='line'>2066</span>      * RFC 5280 5.3.1&lt;/a> as JSON object.
-<span class='line'>2067</span>      * &lt;pre>
-<span class='line'>2068</span>      * id-ce-cRLReasons OBJECT IDENTIFIER ::= { id-ce 21 }
-<span class='line'>2069</span>      * -- reasonCode ::= { CRLReason }
-<span class='line'>2070</span>      * CRLReason ::= ENUMERATED {
-<span class='line'>2071</span>      *      unspecified             (0),
-<span class='line'>2072</span>      *      keyCompromise           (1),
-<span class='line'>2073</span>      *      cACompromise            (2),
-<span class='line'>2074</span>      *      affiliationChanged      (3),
-<span class='line'>2075</span>      *      superseded              (4),
-<span class='line'>2076</span>      *      cessationOfOperation    (5),
-<span class='line'>2077</span>      *      certificateHold         (6),
-<span class='line'>2078</span>      *      removeFromCRL           (8),
-<span class='line'>2079</span>      *      privilegeWithdrawn      (9),
-<span class='line'>2080</span>      *      aACompromise           (10) }
-<span class='line'>2081</span>      * &lt;/pre>
-<span class='line'>2082</span>      * &lt;br/>
-<span class='line'>2083</span>      * Result of this method can be passed to 
-<span class='line'>2084</span>      * {@link KJUR.asn1.x509.CRLReason} constructor.
-<span class='line'>2085</span>      * @example
-<span class='line'>2086</span>      * crl = X509CRL("-----BEGIN X509 CRL...");
-<span class='line'>2087</span>      * ... get hExtV and critical flag ...
-<span class='line'>2088</span>      * crl.getExtCRLReason("02...", false) &rarr;
-<span class='line'>2089</span>      * {extname: "cRLReason", code: 3}
-<span class='line'>2090</span>      */</span><span class="WHIT">
-<span class='line'>2091</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtCRLReason</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2092</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">extname</span><span class="PUNC">:</span><span class="STRN">"cRLReason"</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2093</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2094</span> 
-<span class='line'>2095</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV.substr</span><span class="PUNC">(</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"0a"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2096</span> </span><span class="WHIT">	    </span><span class="NAME">result.code</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">parseInt</span><span class="PUNC">(</span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">16</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2097</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2098</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2099</span> </span><span class="WHIT">	</span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Error</span><span class="PUNC">(</span><span class="STRN">"hExtV parse error: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">hExtV</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2100</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2101</span> 
-<span class='line'>2102</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>2103</span>      * parse OCSPNonce OCSP extension as JSON object&lt;br/>
-<span class='line'>2104</span>      * @name getExtOcspNonce
-<span class='line'>2105</span>      * @memberOf X509#
-<span class='line'>2106</span>      * @function
-<span class='line'>2107</span>      * @param {String} hExtV hexadecimal string of extension value
-<span class='line'>2108</span>      * @param {Boolean} critical flag
-<span class='line'>2109</span>      * @return {Array} JSON object of parsed OCSPNonce extension
-<span class='line'>2110</span>      * @since jsrsasign 9.1.6 x509 2.0.3
-<span class='line'>2111</span>      * @see KJUR.asn1.x509.OCSPNonce
-<span class='line'>2112</span>      * @see X509#getExtParamArray
-<span class='line'>2113</span>      * @see X509#getExtParam
-<span class='line'>2114</span>      * @description
-<span class='line'>2115</span>      * This method parses
-<span class='line'>2116</span>      * Nonce OCSP extension value defined in
-<span class='line'>2117</span>      * &lt;a href="https://tools.ietf.org/html/rfc6960#section-4.4.1">
-<span class='line'>2118</span>      * RFC 6960 4.4.1&lt;/a> as JSON object.
-<span class='line'>2119</span>      * &lt;pre>
-<span class='line'>2120</span>      * id-pkix-ocsp           OBJECT IDENTIFIER ::= { id-ad-ocsp }
-<span class='line'>2121</span>      * id-pkix-ocsp-nonce     OBJECT IDENTIFIER ::= { id-pkix-ocsp 2 }
-<span class='line'>2122</span>      * Nonce ::= OCTET STRING
-<span class='line'>2123</span>      * &lt;/pre>
-<span class='line'>2124</span>      * &lt;br/>
-<span class='line'>2125</span>      * Result of this method can be passed to 
-<span class='line'>2126</span>      * {@link KJUR.asn1.x509.OCSPNonce} constructor.
-<span class='line'>2127</span>      * @example
-<span class='line'>2128</span>      * x = new X509();
-<span class='line'>2129</span>      * x.getExtOcspNonce(&lt;&lt;extn hex value >>) &rarr;
-<span class='line'>2130</span>      * { extname: "ocspNonce", hex: "1a2b..." }
-<span class='line'>2131</span>      */</span><span class="WHIT">
-<span class='line'>2132</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtOcspNonce</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2133</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">extname</span><span class="PUNC">:</span><span class="STRN">"ocspNonce"</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2134</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2135</span> 
-<span class='line'>2136</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hNonce</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2137</span> </span><span class="WHIT">	</span><span class="NAME">result.hex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">hNonce</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2138</span> 
-<span class='line'>2139</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2140</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2141</span> 
-<span class='line'>2142</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>2143</span>      * parse OCSPNoCheck OCSP extension as JSON object&lt;br/>
-<span class='line'>2144</span>      * @name getExtOcspNoCheck
-<span class='line'>2145</span>      * @memberOf X509#
-<span class='line'>2146</span>      * @function
-<span class='line'>2147</span>      * @param {String} hExtV hexadecimal string of extension value
-<span class='line'>2148</span>      * @param {Boolean} critical flag
-<span class='line'>2149</span>      * @return {Array} JSON object of parsed OCSPNoCheck extension
-<span class='line'>2150</span>      * @since jsrsasign 9.1.6 x509 2.0.3
-<span class='line'>2151</span>      * @see KJUR.asn1.x509.OCSPNoCheck
-<span class='line'>2152</span>      * @see X509#getExtParamArray
-<span class='line'>2153</span>      * @see X509#getExtParam
-<span class='line'>2154</span>      * @description
-<span class='line'>2155</span>      * This method parses
-<span class='line'>2156</span>      * OCSPNoCheck extension value defined in
-<span class='line'>2157</span>      * &lt;a href="https://tools.ietf.org/html/rfc6960#section-4.2.2.2.1">
-<span class='line'>2158</span>      * RFC 6960 4.2.2.2.1&lt;/a> as JSON object.
-<span class='line'>2159</span>      * &lt;pre>
-<span class='line'>2160</span>      * id-pkix-ocsp-nocheck OBJECT IDENTIFIER ::= { id-pkix-ocsp 5 }
-<span class='line'>2161</span>      * &lt;/pre>
-<span class='line'>2162</span>      * &lt;br/>
-<span class='line'>2163</span>      * Result of this method can be passed to 
-<span class='line'>2164</span>      * {@link KJUR.asn1.x509.OCSPNoCheck} constructor.
-<span class='line'>2165</span>      * @example
-<span class='line'>2166</span>      * x = new X509();
-<span class='line'>2167</span>      * x.getExtOcspNoCheck(&lt;&lt;extn hex value >>) &rarr;
-<span class='line'>2168</span>      * { extname: "ocspNoCheck" }
-<span class='line'>2169</span>      */</span><span class="WHIT">
-<span class='line'>2170</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtOcspNoCheck</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2171</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">extname</span><span class="PUNC">:</span><span class="STRN">"ocspNoCheck"</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2172</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2173</span> 
-<span class='line'>2174</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2175</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2176</span> 
-<span class='line'>2177</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>2178</span>      * parse AdobeTimeStamp extension as JSON object&lt;br/>
-<span class='line'>2179</span>      * @name getExtAdobeTimeStamp
-<span class='line'>2180</span>      * @memberOf X509#
-<span class='line'>2181</span>      * @function
-<span class='line'>2182</span>      * @param {String} hExtV hexadecimal string of extension value
-<span class='line'>2183</span>      * @param {Boolean} critical flag
-<span class='line'>2184</span>      * @return {Array} JSON object of parsed AdobeTimeStamp extension
-<span class='line'>2185</span>      * @since jsrsasign 10.0.1 x509 2.0.5
-<span class='line'>2186</span>      * @see KJUR.asn1.x509.AdobeTimeStamp
-<span class='line'>2187</span>      * @see X509#getExtParamArray
-<span class='line'>2188</span>      * @see X509#getExtParam
-<span class='line'>2189</span>      * @description
-<span class='line'>2190</span>      * This method parses
-<span class='line'>2191</span>      * X.509v3 AdobeTimeStamp private extension value defined in the
-<span class='line'>2192</span>      * &lt;a href="https://www.adobe.com/devnet-docs/acrobatetk/tools/DigSigDC/oids.html">
-<span class='line'>2193</span>      * Adobe site&lt;/a> as JSON object.
-<span class='line'>2194</span>      * This extension provides the URL location for time stamp service.
-<span class='line'>2195</span>      * &lt;pre>
-<span class='line'>2196</span>      * adbe- OBJECT IDENTIFIER ::=  { adbe(1.2.840.113583) acrobat(1) security(1) x509Ext(9) 1 }
-<span class='line'>2197</span>      *  ::= SEQUENCE {
-<span class='line'>2198</span>      *     version INTEGER  { v1(1) }, -- extension version
-<span class='line'>2199</span>      *     location GeneralName (In v1 GeneralName can be only uniformResourceIdentifier)
-<span class='line'>2200</span>      *     requiresAuth        boolean (default false), OPTIONAL }
-<span class='line'>2201</span>      * &lt;/pre>
-<span class='line'>2202</span>      * &lt;br/>
-<span class='line'>2203</span>      * Result of this method can be passed to 
-<span class='line'>2204</span>      * {@link KJUR.asn1.x509.AdobeTimeStamp} constructor.
-<span class='line'>2205</span>      * &lt;br/>
-<span class='line'>2206</span>      * NOTE: This extesion doesn't seem to have official name. This may be called as "pdfTimeStamp".
-<span class='line'>2207</span>      * @example
-<span class='line'>2208</span>      * x.getExtAdobeTimeStamp(&lt;&lt;extn hex value >>) &rarr;
-<span class='line'>2209</span>      * { extname: "adobeTimeStamp", uri: "http://tsa.example.com/" reqauth: true }
-<span class='line'>2210</span>      */</span><span class="WHIT">
-<span class='line'>2211</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtAdobeTimeStamp</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2212</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2213</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtInfo</span><span class="PUNC">(</span><span class="STRN">"adobeTimeStamp"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2214</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2215</span> </span><span class="WHIT">	    </span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">info.vidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2216</span> </span><span class="WHIT">	    </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">info.critical</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2217</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2218</span> 
-<span class='line'>2219</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">extname</span><span class="PUNC">:</span><span class="STRN">"adobeTimeStamp"</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2220</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2221</span> 
-<span class='line'>2222</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2223</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">a.length</span><span class="WHIT"> </span><span class="PUNC">></span><span class="WHIT"> </span><span class="NUMB">1</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2224</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hGN</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NUMB">1</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="WHIT">
-<span class='line'>2225</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">gnParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getGeneralName</span><span class="PUNC">(</span><span class="NAME">hGN</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2226</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">gnParam.uri</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2227</span> </span><span class="WHIT">		</span><span class="NAME">result.uri</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">gnParam.uri</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2228</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2229</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2230</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">a.length</span><span class="WHIT"> </span><span class="PUNC">></span><span class="WHIT"> </span><span class="NUMB">2</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2231</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hBool</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NUMB">2</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2232</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hBool</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"0101ff"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.reqauth</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2233</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hBool</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"010100"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.reqauth</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">false</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2234</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2235</span> 
-<span class='line'>2236</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2237</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2238</span> 
-<span class='line'>2239</span> </span><span class="WHIT">    </span><span class="COMM">// ===== BEGIN X500Name related =====================================</span><span class="WHIT">
-<span class='line'>2240</span> </span><span class="WHIT">    </span><span class="COMM">/*
-<span class='line'>2241</span>      * convert ASN.1 parsed object to attrTypeAndValue assoc array&lt;br/>
-<span class='line'>2242</span>      * @name _convATV
-<span class='line'>2243</span>      * @param p associative array of parsed attrTypeAndValue object
-<span class='line'>2244</span>      * @return attrTypeAndValue associative array
-<span class='line'>2245</span>      * @since jsrsasign 10.5.12 x509 2.0.14
-<span class='line'>2246</span>      * @example
-<span class='line'>2247</span>      * _convATV({seq: [...]} &rarr: {type:"C",value:"JP",ds:"prn"}
-<span class='line'>2248</span>      */</span><span class="WHIT">
-<span class='line'>2249</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">_convATV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">p</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2250</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2251</span> </span><span class="WHIT">	</span><span class="KEYW">try</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2252</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">name</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">p.seq</span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">oid</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2253</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">KJUR.asn1.x509.OID.name2oid</span><span class="PUNC">(</span><span class="NAME">name</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2254</span> </span><span class="WHIT">	    </span><span class="NAME">result.type</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">KJUR.asn1.x509.OID.oid2atype</span><span class="PUNC">(</span><span class="NAME">oid</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2255</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">item1</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">p.seq</span><span class="PUNC">[</span><span class="NUMB">1</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2256</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">item1.utf8str</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2257</span> </span><span class="WHIT">		</span><span class="NAME">result.ds</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"utf8"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2258</span> </span><span class="WHIT">		</span><span class="NAME">result.value</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">item1.utf8str.str</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2259</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">item1.numstr</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2260</span> </span><span class="WHIT">		</span><span class="NAME">result.ds</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"num"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2261</span> </span><span class="WHIT">		</span><span class="NAME">result.value</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">item1.numstr.str</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2262</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">item1.telstr</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2263</span> </span><span class="WHIT">		</span><span class="NAME">result.ds</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"tel"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2264</span> </span><span class="WHIT">		</span><span class="NAME">result.value</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">item1.telstr.str</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2265</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">item1.prnstr</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2266</span> </span><span class="WHIT">		</span><span class="NAME">result.ds</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"prn"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2267</span> </span><span class="WHIT">		</span><span class="NAME">result.value</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">item1.prnstr.str</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2268</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">item1.ia5str</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2269</span> </span><span class="WHIT">		</span><span class="NAME">result.ds</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"ia5"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2270</span> </span><span class="WHIT">		</span><span class="NAME">result.value</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">item1.ia5str.str</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2271</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">item1.visstr</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2272</span> </span><span class="WHIT">		</span><span class="NAME">result.ds</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"vis"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2273</span> </span><span class="WHIT">		</span><span class="NAME">result.value</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">item1.visstr.str</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2274</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">item1.bmpstr</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2275</span> </span><span class="WHIT">		</span><span class="NAME">result.ds</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"bmp"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2276</span> </span><span class="WHIT">		</span><span class="NAME">result.value</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">item1.bmpstr.str</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2277</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2278</span> </span><span class="WHIT">		</span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="STRN">"error"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2279</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2280</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2281</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">catch</span><span class="PUNC">(</span><span class="NAME">ex</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2282</span> </span><span class="WHIT">	    </span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Erorr</span><span class="PUNC">(</span><span class="STRN">"improper ASN.1 parsed AttrTypeAndValue"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2283</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2284</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2285</span> 
-<span class='line'>2286</span> </span><span class="WHIT">    </span><span class="COMM">/*
-<span class='line'>2287</span>      * convert ASN.1 parsed object to RDN array&lt;br/>
-<span class='line'>2288</span>      * @name _convRDN
-<span class='line'>2289</span>      * @param p associative array of parsed RDN object
-<span class='line'>2290</span>      * @return RDN array
-<span class='line'>2291</span>      * @since jsrsasign 10.5.12 x509 2.0.14
-<span class='line'>2292</span>      * @example
-<span class='line'>2293</span>      * _convRDN({set: [...]} &rarr: [{type:"C",value:"JP",ds:"prn"}]
-<span class='line'>2294</span>      */</span><span class="WHIT">
-<span class='line'>2295</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">_convRDN</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">p</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2296</span> </span><span class="WHIT">	</span><span class="KEYW">try</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2297</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">p.set.map</span><span class="PUNC">(</span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">pATV</span><span class="PUNC">)</span><span class="PUNC">{</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">_convATV</span><span class="PUNC">(</span><span class="NAME">pATV</span><span class="PUNC">)</span><span class="PUNC">}</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2298</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">catch</span><span class="PUNC">(</span><span class="NAME">ex</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2299</span> </span><span class="WHIT">	    </span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Error</span><span class="PUNC">(</span><span class="STRN">"improper ASN.1 parsed RDN: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">ex</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2300</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2301</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2302</span> 
-<span class='line'>2303</span> </span><span class="WHIT">    </span><span class="COMM">/*
-<span class='line'>2304</span>      * convert ASN.1 parsed object to X500Name array&lt;br/>
-<span class='line'>2305</span>      * @name _convX500Name
-<span class='line'>2306</span>      * @param p associative array of parsed X500Name array object
-<span class='line'>2307</span>      * @return RDN array
-<span class='line'>2308</span>      * @since jsrsasign 10.5.12 x509 2.0.14
-<span class='line'>2309</span>      * @example
-<span class='line'>2310</span>      * _convX500Name({seq: [...]} &rarr: [[{type:"C",value:"JP",ds:"prn"}]]
-<span class='line'>2311</span>      */</span><span class="WHIT">
-<span class='line'>2312</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">_convX500Name</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">p</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2313</span> </span><span class="WHIT">	</span><span class="KEYW">try</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2314</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">p.seq.map</span><span class="PUNC">(</span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">pRDN</span><span class="PUNC">)</span><span class="PUNC">{</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">_convRDN</span><span class="PUNC">(</span><span class="NAME">pRDN</span><span class="PUNC">)</span><span class="PUNC">}</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2315</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">catch</span><span class="PUNC">(</span><span class="NAME">ex</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2316</span> </span><span class="WHIT">	    </span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Error</span><span class="PUNC">(</span><span class="STRN">"improper ASN.1 parsed X500Name: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">ex</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2317</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2318</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2319</span> 
-<span class='line'>2320</span> </span><span class="WHIT">    </span><span class="NAME">this.getX500NameRule</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">aDN</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2321</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">isPRNRule</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2322</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">isUTF8Rule</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2323</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">isMixedRule</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">false</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2324</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">logfull</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">""</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2325</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">logcheck</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">""</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2326</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">lasttag</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">null</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2327</span> 
-<span class='line'>2328</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2329</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">aDN.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2330</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aRDN</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">aDN</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2331</span> </span><span class="WHIT">	    </span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">j</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">j</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">aRDN.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">j</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2332</span> </span><span class="WHIT">		</span><span class="NAME">a.push</span><span class="PUNC">(</span><span class="NAME">aRDN</span><span class="PUNC">[</span><span class="NAME">j</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2333</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2334</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1879</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>1880</span>      * getOtherName ASN.1 structure parameter as JSON object&lt;br/>
+<span class='line'>1881</span>      * @name getOtherName
+<span class='line'>1882</span>      * @memberOf X509#
+<span class='line'>1883</span>      * @param {String} h hexadecimal string of GeneralName
+<span class='line'>1884</span>      * @return {Array} associative array of OtherName
+<span class='line'>1885</span>      * @since jsrsasign 10.5.3 x509 2.0.12
+<span class='line'>1886</span>      * @see KJUR.asn1.x509.GeneralNames
+<span class='line'>1887</span>      * @see KJUR.asn1.x509.GeneralName
+<span class='line'>1888</span>      * @see KJUR.asn1.x509.OtherName
+<span class='line'>1889</span>      * @see X509#getGeneralName
+<span class='line'>1890</span>      * @see ASN1HEX#parse
+<span class='line'>1891</span>      *
+<span class='line'>1892</span>      * @description
+<span class='line'>1893</span>      * This method will get OtherName parameters defined in
+<span class='line'>1894</span>      * &lt;a href="https://tools.ietf.org/html/rfc5280#section-4.2.1.6">
+<span class='line'>1895</span>      * RFC 5280 4.2.1.6&lt;/a>.
+<span class='line'>1896</span>      * &lt;pre>
+<span class='line'>1897</span>      * OtherName ::= SEQUENCE {
+<span class='line'>1898</span>      *    type-id    OBJECT IDENTIFIER,
+<span class='line'>1899</span>      *    value      [0] EXPLICIT ANY DEFINED BY type-id }
+<span class='line'>1900</span>      * &lt;/pre>
+<span class='line'>1901</span>      * The value of member "other" is converted by 
+<span class='line'>1902</span>      * {@link ASN1HEX#parse}.
+<span class='line'>1903</span>      *
+<span class='line'>1904</span>      * @example
+<span class='line'>1905</span>      * x = new X509();
+<span class='line'>1906</span>      * x.getOtherName("30...") &rarr;
+<span class='line'>1907</span>      * { oid: "1.2.3.4",
+<span class='line'>1908</span>      *   value: {utf8str: {str: "aaa"}} }
+<span class='line'>1909</span>      */</span><span class="WHIT">
+<span class='line'>1910</span> </span><span class="WHIT">    </span><span class="NAME">this.getOtherName</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1911</span> </span><span class="WHIT">        </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1912</span> </span><span class="WHIT">        </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1913</span> </span><span class="WHIT">        </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hOID</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getVbyList</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"06"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1914</span> </span><span class="WHIT">        </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hValue</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getVbyList</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NUMB">1</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1915</span> </span><span class="WHIT">	</span><span class="NAME">result.oid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_oidname</span><span class="PUNC">(</span><span class="NAME">hOID</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1916</span> </span><span class="WHIT">	</span><span class="NAME">result.value</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_ASN1HEX_parse</span><span class="PUNC">(</span><span class="NAME">hValue</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1917</span> </span><span class="WHIT">        </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1918</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1919</span> 
+<span class='line'>1920</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>1921</span>      * get PolicyQualifierInfo ASN.1 structure parameter as JSON object
+<span class='line'>1922</span>      * @name getPolicyQualifierInfo
+<span class='line'>1923</span>      * @memberOf X509#
+<span class='line'>1924</span>      * @function
+<span class='line'>1925</span>      * @param {String} h hexadecimal string of PolicyQualifierInfo
+<span class='line'>1926</span>      * @return {Object} JSON object of PolicyQualifierInfo parameters
+<span class='line'>1927</span>      * @since jsrsasign 9.0.0 x509 2.0.0
+<span class='line'>1928</span>      * @see X509#getExtCertificatePolicies
+<span class='line'>1929</span>      * @see X509#getPolicyInformation
+<span class='line'>1930</span>      * @description
+<span class='line'>1931</span>      * This method will get 
+<span class='line'>1932</span>      * &lt;a href="https://tools.ietf.org/html/rfc5280#section-4.2.1.4">
+<span class='line'>1933</span>      * PolicyQualifierInfo&lt;/a> parameters.
+<span class='line'>1934</span>      * &lt;pre>
+<span class='line'>1935</span>      * PolicyQualifierInfo ::= SEQUENCE {
+<span class='line'>1936</span>      *      policyQualifierId  PolicyQualifierId,
+<span class='line'>1937</span>      *      qualifier          ANY DEFINED BY policyQualifierId }
+<span class='line'>1938</span>      * id-qt          OBJECT IDENTIFIER ::=  { id-pkix 2 }
+<span class='line'>1939</span>      * id-qt-cps      OBJECT IDENTIFIER ::=  { id-qt 1 }
+<span class='line'>1940</span>      * id-qt-unotice  OBJECT IDENTIFIER ::=  { id-qt 2 }
+<span class='line'>1941</span>      * PolicyQualifierId ::= OBJECT IDENTIFIER ( id-qt-cps | id-qt-unotice )
+<span class='line'>1942</span>      * Qualifier ::= CHOICE {
+<span class='line'>1943</span>      *      cPSuri           CPSuri,
+<span class='line'>1944</span>      *      userNotice       UserNotice }
+<span class='line'>1945</span>      * CPSuri ::= IA5String
+<span class='line'>1946</span>      * &lt;/pre>
+<span class='line'>1947</span>      * Result of this method can be passed to 
+<span class='line'>1948</span>      * {@link KJUR.asn1.x509.PolicyQualifierInfo} constructor.
+<span class='line'>1949</span>      * @example
+<span class='line'>1950</span>      * x = new X509();
+<span class='line'>1951</span>      * x.getPolicyQualifierInfo("30...") 
+<span class='line'>1952</span>      * &rarr; {unotice: {exptext: {type: 'utf8', str: 'aaa'}}}
+<span class='line'>1953</span>      * x.getPolicyQualifierInfo("30...") 
+<span class='line'>1954</span>      * &rarr; {cps: "https://repository.example.com/"}
+<span class='line'>1955</span>      */</span><span class="WHIT">
+<span class='line'>1956</span> </span><span class="WHIT">    </span><span class="NAME">this.getPolicyQualifierInfo</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1957</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1958</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hPQOID</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getVbyList</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"06"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1959</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hPQOID</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"2b06010505070201"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT"> </span><span class="COMM">// cps</span><span class="WHIT">
+<span class='line'>1960</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hCPSURI</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getVbyListEx</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">1</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"16"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1961</span> </span><span class="WHIT">	    </span><span class="NAME">result.cps</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">hextorstr</span><span class="PUNC">(</span><span class="NAME">hCPSURI</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1962</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hPQOID</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"2b06010505070202"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT"> </span><span class="COMM">// unotice</span><span class="WHIT">
+<span class='line'>1963</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hUserNotice</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLVbyList</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">1</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"30"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1964</span> </span><span class="WHIT">	    </span><span class="NAME">result.unotice</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getUserNotice</span><span class="PUNC">(</span><span class="NAME">hUserNotice</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1965</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>1966</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1967</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>1968</span> 
+<span class='line'>1969</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>1970</span>      * get UserNotice ASN.1 structure parameter as JSON object
+<span class='line'>1971</span>      * @name getUserNotice
+<span class='line'>1972</span>      * @memberOf X509#
+<span class='line'>1973</span>      * @function
+<span class='line'>1974</span>      * @param {String} h hexadecimal string of UserNotice
+<span class='line'>1975</span>      * @return {Object} JSON object of UserNotice parameters
+<span class='line'>1976</span>      * @since jsrsasign 9.0.0 x509 2.0.0
+<span class='line'>1977</span>      * @see X509#getExtCertificatePolicies
+<span class='line'>1978</span>      * @see X509#getPolicyInformation
+<span class='line'>1979</span>      * @see X509#getPolicyQualifierInfo
+<span class='line'>1980</span>      * @description
+<span class='line'>1981</span>      * This method will get 
+<span class='line'>1982</span>      * &lt;a href="https://tools.ietf.org/html/rfc5280#section-4.2.1.4">
+<span class='line'>1983</span>      * UserNotice&lt;/a> parameters.
+<span class='line'>1984</span>      * &lt;pre>
+<span class='line'>1985</span>      * UserNotice ::= SEQUENCE {
+<span class='line'>1986</span>      *      noticeRef        NoticeReference OPTIONAL,
+<span class='line'>1987</span>      *      explicitText     DisplayText OPTIONAL }
+<span class='line'>1988</span>      * &lt;/pre>
+<span class='line'>1989</span>      * Result of this method can be passed to 
+<span class='line'>1990</span>      * {@link KJUR.asn1.x509.NoticeReference} constructor.
+<span class='line'>1991</span>      * &lt;br/>
+<span class='line'>1992</span>      * NOTE: NoticeReference parsing is currently not supported and
+<span class='line'>1993</span>      * it will be ignored.
+<span class='line'>1994</span>      * @example
+<span class='line'>1995</span>      * x = new X509();
+<span class='line'>1996</span>      * x.getUserNotice("30...") &rarr; {exptext: {type: 'utf8', str: 'aaa'}}
+<span class='line'>1997</span>      */</span><span class="WHIT">
+<span class='line'>1998</span> </span><span class="WHIT">    </span><span class="NAME">this.getUserNotice</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>1999</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2000</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2001</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2002</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hItem</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2003</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hItem.substr</span><span class="PUNC">(</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="STRN">"30"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2004</span> </span><span class="WHIT">		</span><span class="NAME">result.exptext</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getDisplayText</span><span class="PUNC">(</span><span class="NAME">hItem</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2005</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2006</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2007</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2008</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2009</span> 
+<span class='line'>2010</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>2011</span>      * get DisplayText ASN.1 structure parameter as JSON object
+<span class='line'>2012</span>      * @name getDisplayText
+<span class='line'>2013</span>      * @memberOf X509#
+<span class='line'>2014</span>      * @function
+<span class='line'>2015</span>      * @param {String} h hexadecimal string of DisplayText
+<span class='line'>2016</span>      * @return {Object} JSON object of DisplayText parameters
+<span class='line'>2017</span>      * @since jsrsasign 9.0.0 x509 2.0.0
+<span class='line'>2018</span>      * @see X509#getExtCertificatePolicies
+<span class='line'>2019</span>      * @see X509#getPolicyInformation
+<span class='line'>2020</span>      * @description
+<span class='line'>2021</span>      * This method will get 
+<span class='line'>2022</span>      * &lt;a href="https://tools.ietf.org/html/rfc5280#section-4.2.1.4">
+<span class='line'>2023</span>      * DisplayText&lt;/a> parameters.
+<span class='line'>2024</span>      * &lt;pre>
+<span class='line'>2025</span>      * DisplayText ::= CHOICE {
+<span class='line'>2026</span>      *      ia5String        IA5String      (SIZE (1..200)),
+<span class='line'>2027</span>      *      visibleString    VisibleString  (SIZE (1..200)),
+<span class='line'>2028</span>      *      bmpString        BMPString      (SIZE (1..200)),
+<span class='line'>2029</span>      *      utf8String       UTF8String     (SIZE (1..200)) }     
+<span class='line'>2030</span>      * &lt;/pre>
+<span class='line'>2031</span>      * Result of this method can be passed to 
+<span class='line'>2032</span>      * {@link KJUR.asn1.x509.DisplayText} constructor.
+<span class='line'>2033</span>      * @example
+<span class='line'>2034</span>      * x = new X509();
+<span class='line'>2035</span>      * x.getDisplayText("0c03616161") &rarr {type: 'utf8', str: 'aaa'}
+<span class='line'>2036</span>      * x.getDisplayText("1e03616161") &rarr {type: 'bmp',  str: 'aaa'}
+<span class='line'>2037</span>      */</span><span class="WHIT">
+<span class='line'>2038</span> </span><span class="WHIT">    </span><span class="NAME">this.getDisplayText</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2039</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">_DISPLAYTEXTTAG</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="STRN">"0c"</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="STRN">"utf8"</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"16"</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="STRN">"ia5"</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"1a"</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="STRN">"vis"</span><span class="WHIT"> </span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"1e"</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="STRN">"bmp"</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2040</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2041</span> </span><span class="WHIT">	</span><span class="NAME">result.type</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_DISPLAYTEXTTAG</span><span class="PUNC">[</span><span class="NAME">h.substr</span><span class="PUNC">(</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="PUNC">)</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2042</span> </span><span class="WHIT">	</span><span class="NAME">result.str</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">hextorstr</span><span class="PUNC">(</span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2043</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2044</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2045</span> 
+<span class='line'>2046</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>2047</span>      * parse cRLNumber CRL extension as JSON object&lt;br/>
+<span class='line'>2048</span>      * @name getExtCRLNumber
+<span class='line'>2049</span>      * @memberOf X509#
+<span class='line'>2050</span>      * @function
+<span class='line'>2051</span>      * @param {String} hExtV hexadecimal string of extension value
+<span class='line'>2052</span>      * @param {Boolean} critical flag
+<span class='line'>2053</span>      * @since jsrsasign 9.1.1 x509 2.0.1
+<span class='line'>2054</span>      * @see KJUR.asn1.x509.CRLNumber
+<span class='line'>2055</span>      * @see X509#getExtParamArray
+<span class='line'>2056</span>      * @description
+<span class='line'>2057</span>      * This method parses
+<span class='line'>2058</span>      * CRLNumber CRL extension value defined in
+<span class='line'>2059</span>      * &lt;a href="https://tools.ietf.org/html/rfc5280#section-5.2.3">
+<span class='line'>2060</span>      * RFC 5280 5.2.3&lt;/a> as JSON object.
+<span class='line'>2061</span>      * &lt;pre>
+<span class='line'>2062</span>      * id-ce-cRLNumber OBJECT IDENTIFIER ::= { id-ce 20 }
+<span class='line'>2063</span>      * CRLNumber ::= INTEGER (0..MAX)
+<span class='line'>2064</span>      * &lt;/pre>
+<span class='line'>2065</span>      * &lt;br/>
+<span class='line'>2066</span>      * Result of this method can be passed to 
+<span class='line'>2067</span>      * {@link KJUR.asn1.x509.CRLNumber} constructor.
+<span class='line'>2068</span>      * @example
+<span class='line'>2069</span>      * crl = X509CRL("-----BEGIN X509 CRL...");
+<span class='line'>2070</span>      * ... get hExtV and critical flag ...
+<span class='line'>2071</span>      * crl.getExtCRLNumber("02...", false) &rarr;
+<span class='line'>2072</span>      * {extname: "cRLNumber", num: {hex: "12af"}}
+<span class='line'>2073</span>      */</span><span class="WHIT">
+<span class='line'>2074</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtCRLNumber</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2075</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">extname</span><span class="PUNC">:</span><span class="STRN">"cRLNumber"</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2076</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2077</span> 
+<span class='line'>2078</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV.substr</span><span class="PUNC">(</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"02"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2079</span> </span><span class="WHIT">	    </span><span class="NAME">result.num</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">hex</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2080</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2081</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2082</span> </span><span class="WHIT">	</span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Error</span><span class="PUNC">(</span><span class="STRN">"hExtV parse error: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">hExtV</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2083</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2084</span> 
+<span class='line'>2085</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>2086</span>      * parse cRLReason CRL entry extension as JSON object&lt;br/>
+<span class='line'>2087</span>      * @name getExtCRLReason
+<span class='line'>2088</span>      * @memberOf X509#
+<span class='line'>2089</span>      * @function
+<span class='line'>2090</span>      * @param {String} hExtV hexadecimal string of extension value
+<span class='line'>2091</span>      * @param {Boolean} critical flag
+<span class='line'>2092</span>      * @since jsrsasign 9.1.1 x509 2.0.1
+<span class='line'>2093</span>      * @see KJUR.asn1.x509.CRLReason
+<span class='line'>2094</span>      * @see X509#getExtParamArray
+<span class='line'>2095</span>      * @description
+<span class='line'>2096</span>      * This method parses
+<span class='line'>2097</span>      * CRLReason CRL entry extension value defined in
+<span class='line'>2098</span>      * &lt;a href="https://tools.ietf.org/html/rfc5280#section-5.3.1">
+<span class='line'>2099</span>      * RFC 5280 5.3.1&lt;/a> as JSON object.
+<span class='line'>2100</span>      * &lt;pre>
+<span class='line'>2101</span>      * id-ce-cRLReasons OBJECT IDENTIFIER ::= { id-ce 21 }
+<span class='line'>2102</span>      * -- reasonCode ::= { CRLReason }
+<span class='line'>2103</span>      * CRLReason ::= ENUMERATED {
+<span class='line'>2104</span>      *      unspecified             (0),
+<span class='line'>2105</span>      *      keyCompromise           (1),
+<span class='line'>2106</span>      *      cACompromise            (2),
+<span class='line'>2107</span>      *      affiliationChanged      (3),
+<span class='line'>2108</span>      *      superseded              (4),
+<span class='line'>2109</span>      *      cessationOfOperation    (5),
+<span class='line'>2110</span>      *      certificateHold         (6),
+<span class='line'>2111</span>      *      removeFromCRL           (8),
+<span class='line'>2112</span>      *      privilegeWithdrawn      (9),
+<span class='line'>2113</span>      *      aACompromise           (10) }
+<span class='line'>2114</span>      * &lt;/pre>
+<span class='line'>2115</span>      * &lt;br/>
+<span class='line'>2116</span>      * Result of this method can be passed to 
+<span class='line'>2117</span>      * {@link KJUR.asn1.x509.CRLReason} constructor.
+<span class='line'>2118</span>      * @example
+<span class='line'>2119</span>      * crl = X509CRL("-----BEGIN X509 CRL...");
+<span class='line'>2120</span>      * ... get hExtV and critical flag ...
+<span class='line'>2121</span>      * crl.getExtCRLReason("02...", false) &rarr;
+<span class='line'>2122</span>      * {extname: "cRLReason", code: 3}
+<span class='line'>2123</span>      */</span><span class="WHIT">
+<span class='line'>2124</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtCRLReason</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2125</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">extname</span><span class="PUNC">:</span><span class="STRN">"cRLReason"</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2126</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2127</span> 
+<span class='line'>2128</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV.substr</span><span class="PUNC">(</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"0a"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2129</span> </span><span class="WHIT">	    </span><span class="NAME">result.code</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">parseInt</span><span class="PUNC">(</span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">16</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2130</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2131</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2132</span> </span><span class="WHIT">	</span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Error</span><span class="PUNC">(</span><span class="STRN">"hExtV parse error: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">hExtV</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2133</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2134</span> 
+<span class='line'>2135</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>2136</span>      * parse OCSPNonce OCSP extension as JSON object&lt;br/>
+<span class='line'>2137</span>      * @name getExtOcspNonce
+<span class='line'>2138</span>      * @memberOf X509#
+<span class='line'>2139</span>      * @function
+<span class='line'>2140</span>      * @param {String} hExtV hexadecimal string of extension value
+<span class='line'>2141</span>      * @param {Boolean} critical flag
+<span class='line'>2142</span>      * @return {Array} JSON object of parsed OCSPNonce extension
+<span class='line'>2143</span>      * @since jsrsasign 9.1.6 x509 2.0.3
+<span class='line'>2144</span>      * @see KJUR.asn1.x509.OCSPNonce
+<span class='line'>2145</span>      * @see X509#getExtParamArray
+<span class='line'>2146</span>      * @see X509#getExtParam
+<span class='line'>2147</span>      * @description
+<span class='line'>2148</span>      * This method parses
+<span class='line'>2149</span>      * Nonce OCSP extension value defined in
+<span class='line'>2150</span>      * &lt;a href="https://tools.ietf.org/html/rfc6960#section-4.4.1">
+<span class='line'>2151</span>      * RFC 6960 4.4.1&lt;/a> as JSON object.
+<span class='line'>2152</span>      * &lt;pre>
+<span class='line'>2153</span>      * id-pkix-ocsp           OBJECT IDENTIFIER ::= { id-ad-ocsp }
+<span class='line'>2154</span>      * id-pkix-ocsp-nonce     OBJECT IDENTIFIER ::= { id-pkix-ocsp 2 }
+<span class='line'>2155</span>      * Nonce ::= OCTET STRING
+<span class='line'>2156</span>      * &lt;/pre>
+<span class='line'>2157</span>      * &lt;br/>
+<span class='line'>2158</span>      * Result of this method can be passed to 
+<span class='line'>2159</span>      * {@link KJUR.asn1.x509.OCSPNonce} constructor.
+<span class='line'>2160</span>      * @example
+<span class='line'>2161</span>      * x = new X509();
+<span class='line'>2162</span>      * x.getExtOcspNonce(&lt;&lt;extn hex value >>) &rarr;
+<span class='line'>2163</span>      * { extname: "ocspNonce", hex: "1a2b..." }
+<span class='line'>2164</span>      */</span><span class="WHIT">
+<span class='line'>2165</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtOcspNonce</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2166</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">extname</span><span class="PUNC">:</span><span class="STRN">"ocspNonce"</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2167</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2168</span> 
+<span class='line'>2169</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hNonce</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2170</span> </span><span class="WHIT">	</span><span class="NAME">result.hex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">hNonce</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2171</span> 
+<span class='line'>2172</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2173</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2174</span> 
+<span class='line'>2175</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>2176</span>      * parse OCSPNoCheck OCSP extension as JSON object&lt;br/>
+<span class='line'>2177</span>      * @name getExtOcspNoCheck
+<span class='line'>2178</span>      * @memberOf X509#
+<span class='line'>2179</span>      * @function
+<span class='line'>2180</span>      * @param {String} hExtV hexadecimal string of extension value
+<span class='line'>2181</span>      * @param {Boolean} critical flag
+<span class='line'>2182</span>      * @return {Array} JSON object of parsed OCSPNoCheck extension
+<span class='line'>2183</span>      * @since jsrsasign 9.1.6 x509 2.0.3
+<span class='line'>2184</span>      * @see KJUR.asn1.x509.OCSPNoCheck
+<span class='line'>2185</span>      * @see X509#getExtParamArray
+<span class='line'>2186</span>      * @see X509#getExtParam
+<span class='line'>2187</span>      * @description
+<span class='line'>2188</span>      * This method parses
+<span class='line'>2189</span>      * OCSPNoCheck extension value defined in
+<span class='line'>2190</span>      * &lt;a href="https://tools.ietf.org/html/rfc6960#section-4.2.2.2.1">
+<span class='line'>2191</span>      * RFC 6960 4.2.2.2.1&lt;/a> as JSON object.
+<span class='line'>2192</span>      * &lt;pre>
+<span class='line'>2193</span>      * id-pkix-ocsp-nocheck OBJECT IDENTIFIER ::= { id-pkix-ocsp 5 }
+<span class='line'>2194</span>      * &lt;/pre>
+<span class='line'>2195</span>      * &lt;br/>
+<span class='line'>2196</span>      * Result of this method can be passed to 
+<span class='line'>2197</span>      * {@link KJUR.asn1.x509.OCSPNoCheck} constructor.
+<span class='line'>2198</span>      * @example
+<span class='line'>2199</span>      * x = new X509();
+<span class='line'>2200</span>      * x.getExtOcspNoCheck(&lt;&lt;extn hex value >>) &rarr;
+<span class='line'>2201</span>      * { extname: "ocspNoCheck" }
+<span class='line'>2202</span>      */</span><span class="WHIT">
+<span class='line'>2203</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtOcspNoCheck</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2204</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">extname</span><span class="PUNC">:</span><span class="STRN">"ocspNoCheck"</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2205</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2206</span> 
+<span class='line'>2207</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2208</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2209</span> 
+<span class='line'>2210</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>2211</span>      * parse AdobeTimeStamp extension as JSON object&lt;br/>
+<span class='line'>2212</span>      * @name getExtAdobeTimeStamp
+<span class='line'>2213</span>      * @memberOf X509#
+<span class='line'>2214</span>      * @function
+<span class='line'>2215</span>      * @param {String} hExtV hexadecimal string of extension value
+<span class='line'>2216</span>      * @param {Boolean} critical flag
+<span class='line'>2217</span>      * @return {Array} JSON object of parsed AdobeTimeStamp extension
+<span class='line'>2218</span>      * @since jsrsasign 10.0.1 x509 2.0.5
+<span class='line'>2219</span>      * @see KJUR.asn1.x509.AdobeTimeStamp
+<span class='line'>2220</span>      * @see X509#getExtParamArray
+<span class='line'>2221</span>      * @see X509#getExtParam
+<span class='line'>2222</span>      * @description
+<span class='line'>2223</span>      * This method parses
+<span class='line'>2224</span>      * X.509v3 AdobeTimeStamp private extension value defined in the
+<span class='line'>2225</span>      * &lt;a href="https://www.adobe.com/devnet-docs/acrobatetk/tools/DigSigDC/oids.html">
+<span class='line'>2226</span>      * Adobe site&lt;/a> as JSON object.
+<span class='line'>2227</span>      * This extension provides the URL location for time stamp service.
+<span class='line'>2228</span>      * &lt;pre>
+<span class='line'>2229</span>      * adbe- OBJECT IDENTIFIER ::=  { adbe(1.2.840.113583) acrobat(1) security(1) x509Ext(9) 1 }
+<span class='line'>2230</span>      *  ::= SEQUENCE {
+<span class='line'>2231</span>      *     version INTEGER  { v1(1) }, -- extension version
+<span class='line'>2232</span>      *     location GeneralName (In v1 GeneralName can be only uniformResourceIdentifier)
+<span class='line'>2233</span>      *     requiresAuth        boolean (default false), OPTIONAL }
+<span class='line'>2234</span>      * &lt;/pre>
+<span class='line'>2235</span>      * &lt;br/>
+<span class='line'>2236</span>      * Result of this method can be passed to 
+<span class='line'>2237</span>      * {@link KJUR.asn1.x509.AdobeTimeStamp} constructor.
+<span class='line'>2238</span>      * &lt;br/>
+<span class='line'>2239</span>      * NOTE: This extesion doesn't seem to have official name. This may be called as "pdfTimeStamp".
+<span class='line'>2240</span>      * @example
+<span class='line'>2241</span>      * x.getExtAdobeTimeStamp(&lt;&lt;extn hex value >>) &rarr;
+<span class='line'>2242</span>      * { extname: "adobeTimeStamp", uri: "http://tsa.example.com/" reqauth: true }
+<span class='line'>2243</span>      */</span><span class="WHIT">
+<span class='line'>2244</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtAdobeTimeStamp</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2245</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2246</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtInfo</span><span class="PUNC">(</span><span class="STRN">"adobeTimeStamp"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2247</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2248</span> </span><span class="WHIT">	    </span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">info.vidx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2249</span> </span><span class="WHIT">	    </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">info.critical</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2250</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2251</span> 
+<span class='line'>2252</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">extname</span><span class="PUNC">:</span><span class="STRN">"adobeTimeStamp"</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2253</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2254</span> 
+<span class='line'>2255</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2256</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">a.length</span><span class="WHIT"> </span><span class="PUNC">></span><span class="WHIT"> </span><span class="NUMB">1</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2257</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hGN</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NUMB">1</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="WHIT">
+<span class='line'>2258</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">gnParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getGeneralName</span><span class="PUNC">(</span><span class="NAME">hGN</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2259</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">gnParam.uri</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2260</span> </span><span class="WHIT">		</span><span class="NAME">result.uri</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">gnParam.uri</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2261</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2262</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2263</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">a.length</span><span class="WHIT"> </span><span class="PUNC">></span><span class="WHIT"> </span><span class="NUMB">2</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2264</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hBool</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NUMB">2</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2265</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hBool</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"0101ff"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.reqauth</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2266</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hBool</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"010100"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.reqauth</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">false</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2267</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2268</span> 
+<span class='line'>2269</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2270</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2271</span> 
+<span class='line'>2272</span> </span><span class="WHIT">    </span><span class="COMM">// ===== BEGIN X500Name related =====================================</span><span class="WHIT">
+<span class='line'>2273</span> </span><span class="WHIT">    </span><span class="COMM">/*
+<span class='line'>2274</span>      * convert ASN.1 parsed object to attrTypeAndValue assoc array&lt;br/>
+<span class='line'>2275</span>      * @name _convATV
+<span class='line'>2276</span>      * @param p associative array of parsed attrTypeAndValue object
+<span class='line'>2277</span>      * @return attrTypeAndValue associative array
+<span class='line'>2278</span>      * @since jsrsasign 10.5.12 x509 2.0.14
+<span class='line'>2279</span>      * @example
+<span class='line'>2280</span>      * _convATV({seq: [...]} &rarr: {type:"C",value:"JP",ds:"prn"}
+<span class='line'>2281</span>      */</span><span class="WHIT">
+<span class='line'>2282</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">_convATV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">p</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2283</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2284</span> </span><span class="WHIT">	</span><span class="KEYW">try</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2285</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">name</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">p.seq</span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">oid</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2286</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">KJUR.asn1.x509.OID.name2oid</span><span class="PUNC">(</span><span class="NAME">name</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2287</span> </span><span class="WHIT">	    </span><span class="NAME">result.type</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">KJUR.asn1.x509.OID.oid2atype</span><span class="PUNC">(</span><span class="NAME">oid</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2288</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">item1</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">p.seq</span><span class="PUNC">[</span><span class="NUMB">1</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2289</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">item1.utf8str</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2290</span> </span><span class="WHIT">		</span><span class="NAME">result.ds</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"utf8"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2291</span> </span><span class="WHIT">		</span><span class="NAME">result.value</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">item1.utf8str.str</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2292</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">item1.numstr</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2293</span> </span><span class="WHIT">		</span><span class="NAME">result.ds</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"num"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2294</span> </span><span class="WHIT">		</span><span class="NAME">result.value</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">item1.numstr.str</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2295</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">item1.telstr</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2296</span> </span><span class="WHIT">		</span><span class="NAME">result.ds</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"tel"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2297</span> </span><span class="WHIT">		</span><span class="NAME">result.value</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">item1.telstr.str</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2298</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">item1.prnstr</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2299</span> </span><span class="WHIT">		</span><span class="NAME">result.ds</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"prn"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2300</span> </span><span class="WHIT">		</span><span class="NAME">result.value</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">item1.prnstr.str</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2301</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">item1.ia5str</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2302</span> </span><span class="WHIT">		</span><span class="NAME">result.ds</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"ia5"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2303</span> </span><span class="WHIT">		</span><span class="NAME">result.value</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">item1.ia5str.str</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2304</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">item1.visstr</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2305</span> </span><span class="WHIT">		</span><span class="NAME">result.ds</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"vis"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2306</span> </span><span class="WHIT">		</span><span class="NAME">result.value</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">item1.visstr.str</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2307</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">item1.bmpstr</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2308</span> </span><span class="WHIT">		</span><span class="NAME">result.ds</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"bmp"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2309</span> </span><span class="WHIT">		</span><span class="NAME">result.value</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">item1.bmpstr.str</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2310</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2311</span> </span><span class="WHIT">		</span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="STRN">"error"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2312</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2313</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2314</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">catch</span><span class="PUNC">(</span><span class="NAME">ex</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2315</span> </span><span class="WHIT">	    </span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Erorr</span><span class="PUNC">(</span><span class="STRN">"improper ASN.1 parsed AttrTypeAndValue"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2316</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2317</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2318</span> 
+<span class='line'>2319</span> </span><span class="WHIT">    </span><span class="COMM">/*
+<span class='line'>2320</span>      * convert ASN.1 parsed object to RDN array&lt;br/>
+<span class='line'>2321</span>      * @name _convRDN
+<span class='line'>2322</span>      * @param p associative array of parsed RDN object
+<span class='line'>2323</span>      * @return RDN array
+<span class='line'>2324</span>      * @since jsrsasign 10.5.12 x509 2.0.14
+<span class='line'>2325</span>      * @example
+<span class='line'>2326</span>      * _convRDN({set: [...]} &rarr: [{type:"C",value:"JP",ds:"prn"}]
+<span class='line'>2327</span>      */</span><span class="WHIT">
+<span class='line'>2328</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">_convRDN</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">p</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2329</span> </span><span class="WHIT">	</span><span class="KEYW">try</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2330</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">p.set.map</span><span class="PUNC">(</span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">pATV</span><span class="PUNC">)</span><span class="PUNC">{</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">_convATV</span><span class="PUNC">(</span><span class="NAME">pATV</span><span class="PUNC">)</span><span class="PUNC">}</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2331</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">catch</span><span class="PUNC">(</span><span class="NAME">ex</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2332</span> </span><span class="WHIT">	    </span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Error</span><span class="PUNC">(</span><span class="STRN">"improper ASN.1 parsed RDN: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">ex</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2333</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2334</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
 <span class='line'>2335</span> 
-<span class='line'>2336</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2337</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">item</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2338</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">item.ds</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2339</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">value</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">item.value</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2340</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">type</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">item.type</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2341</span> </span><span class="WHIT">	    </span><span class="NAME">logfull</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">":"</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">tag</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2342</span> </span><span class="WHIT">	    
-<span class='line'>2343</span> 	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="STRN">"prn"</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="STRN">"utf8"</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="STRN">"ia5"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2344</span> </span><span class="WHIT">		</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="STRN">"mixed"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2345</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2346</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"ia5"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2347</span> </span><span class="WHIT">		</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">type</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="STRN">"CN"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2348</span> </span><span class="WHIT">		    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="STRN">"mixed"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2349</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2350</span> </span><span class="WHIT">		    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="PUNC">!</span><span class="WHIT"> </span><span class="NAME">KJUR.lang.String.isMail</span><span class="PUNC">(</span><span class="NAME">value</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2351</span> </span><span class="WHIT">			</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="STRN">"mixed"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2352</span> </span><span class="WHIT">		    </span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2353</span> </span><span class="WHIT">			</span><span class="KEYW">continue</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2354</span> </span><span class="WHIT">		    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2355</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2356</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2357</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">type</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"C"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2358</span> </span><span class="WHIT">		</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"prn"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2359</span> </span><span class="WHIT">		    </span><span class="KEYW">continue</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2360</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2361</span> </span><span class="WHIT">		    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="STRN">"mixed"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2362</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2363</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2364</span> </span><span class="WHIT">	    </span><span class="NAME">logcheck</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">":"</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">tag</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2365</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">lasttag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="KEYW">null</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2366</span> </span><span class="WHIT">		</span><span class="NAME">lasttag</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">tag</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2367</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2368</span> </span><span class="WHIT">		</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">lasttag</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="NAME">tag</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="STRN">"mixed"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2369</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2370</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2371</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">lasttag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="KEYW">null</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2372</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="STRN">"prn"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2373</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2374</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">lasttag</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2375</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2376</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2377</span> 
-<span class='line'>2378</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>2379</span>      * get AttributeTypeAndValue ASN.1 structure parameter as JSON object&lt;br/>
-<span class='line'>2380</span>      * @name getAttrTypeAndValue
-<span class='line'>2381</span>      * @memberOf X509#
-<span class='line'>2382</span>      * @function
-<span class='line'>2383</span>      * @param {String} h hexadecimal string of AttributeTypeAndValue
-<span class='line'>2384</span>      * @return {Object} JSON object of AttributeTypeAndValue parameters
-<span class='line'>2385</span>      * @since jsrsasign 9.0.0 x509 2.0.0
-<span class='line'>2386</span>      * @see X509#getX500Name
-<span class='line'>2387</span>      * @see X509#getRDN
-<span class='line'>2388</span>      * @description
-<span class='line'>2389</span>      * This method will get AttributeTypeAndValue parameters defined in
-<span class='line'>2390</span>      * &lt;a href="https://tools.ietf.org/html/rfc5280#section-4.1.2.4">
-<span class='line'>2391</span>      * RFC 5280 4.1.2.4&lt;/a>.
-<span class='line'>2392</span>      * &lt;pre>
-<span class='line'>2393</span>      * AttributeTypeAndValue ::= SEQUENCE {
-<span class='line'>2394</span>      *   type     AttributeType,
-<span class='line'>2395</span>      *   value    AttributeValue }
-<span class='line'>2396</span>      * AttributeType ::= OBJECT IDENTIFIER
-<span class='line'>2397</span>      * AttributeValue ::= ANY -- DEFINED BY AttributeType
-<span class='line'>2398</span>      * &lt;/pre>
-<span class='line'>2399</span>      * &lt;ul>
-<span class='line'>2400</span>      * &lt;li>{String}type - AttributeType name or OID(ex. C,O,CN)&lt;/li>
-<span class='line'>2401</span>      * &lt;li>{String}value - raw string of ASN.1 value of AttributeValue&lt;/li>
-<span class='line'>2402</span>      * &lt;li>{String}ds - DirectoryString type of AttributeValue&lt;/li>
-<span class='line'>2403</span>      * &lt;/ul>
-<span class='line'>2404</span>      * "ds" has one of following value:
-<span class='line'>2405</span>      * &lt;ul>
-<span class='line'>2406</span>      * &lt;li>utf8 - (0x0c) UTF8String&lt;/li>
-<span class='line'>2407</span>      * &lt;li>num  - (0x12) NumericString&lt;/li>
-<span class='line'>2408</span>      * &lt;li>prn  - (0x13) PrintableString&lt;/li>
-<span class='line'>2409</span>      * &lt;li>tel  - (0x14) TeletexString&lt;/li>
-<span class='line'>2410</span>      * &lt;li>ia5  - (0x16) IA5String&lt;/li>
-<span class='line'>2411</span>      * &lt;li>vis  - (0x1a) VisibleString&lt;/li>
-<span class='line'>2412</span>      * &lt;li>bmp  - (0x1e) BMPString&lt;/li>
-<span class='line'>2413</span>      * &lt;/ul>
-<span class='line'>2414</span>      * @example
-<span class='line'>2415</span>      * x = new X509();
-<span class='line'>2416</span>      * x.getAttrTypeAndValue("30...") &rarr;
-<span class='line'>2417</span>      * {type:"CN",value:"john.smith@example.com",ds:"ia5"} or
-<span class='line'>2418</span>      * {type:"O",value:"Sample Corp.",ds:"prn"}
-<span class='line'>2419</span>      */</span><span class="WHIT">
-<span class='line'>2420</span> </span><span class="WHIT">    </span><span class="COMM">// unv  - (0x1c??) UniversalString ... for future</span><span class="WHIT">
-<span class='line'>2421</span> </span><span class="WHIT">    </span><span class="NAME">this.getAttrTypeAndValue</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2422</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">p</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_ASN1HEX_parse</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2423</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">_convATV</span><span class="PUNC">(</span><span class="NAME">p</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2424</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2425</span> 
-<span class='line'>2426</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>2427</span>      * get RelativeDistinguishedName ASN.1 structure parameter array&lt;br/>
-<span class='line'>2428</span>      * @name getRDN
-<span class='line'>2429</span>      * @memberOf X509#
-<span class='line'>2430</span>      * @function
-<span class='line'>2431</span>      * @param {String} h hexadecimal string of RDN
-<span class='line'>2432</span>      * @return {Array} array of AttrTypeAndValue parameters
-<span class='line'>2433</span>      * @since jsrsasign 9.0.0 x509 2.0.0
-<span class='line'>2434</span>      * @see X509#getX500Name
-<span class='line'>2435</span>      * @see X509#getRDN
-<span class='line'>2436</span>      * @see X509#getAttrTypeAndValue
-<span class='line'>2437</span>      * @description
-<span class='line'>2438</span>      * This method will get RelativeDistinguishedName parameters defined in
-<span class='line'>2439</span>      * &lt;a href="https://tools.ietf.org/html/rfc5280#section-4.1.2.4">
-<span class='line'>2440</span>      * RFC 5280 4.1.2.4&lt;/a>.
-<span class='line'>2441</span>      * &lt;pre>
-<span class='line'>2442</span>      * RelativeDistinguishedName ::=
-<span class='line'>2443</span>      *   SET SIZE (1..MAX) OF AttributeTypeAndValue
-<span class='line'>2444</span>      * &lt;/pre>
-<span class='line'>2445</span>      * @example
-<span class='line'>2446</span>      * x = new X509();
-<span class='line'>2447</span>      * x.getRDN("31...") &rarr;
-<span class='line'>2448</span>      * [{type:"C",value:"US",ds:"prn"}] or
-<span class='line'>2449</span>      * [{type:"O",value:"Sample Corp.",ds:"prn"}] or
-<span class='line'>2450</span>      * [{type:"CN",value:"john.smith@example.com",ds:"ia5"}]
-<span class='line'>2451</span>      */</span><span class="WHIT">
-<span class='line'>2452</span> </span><span class="WHIT">    </span><span class="NAME">this.getRDN</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2453</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">p</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_ASN1HEX_parse</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2454</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">_convRDN</span><span class="PUNC">(</span><span class="NAME">p</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2455</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2456</span> 
-<span class='line'>2457</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>2458</span>      * get X.500 Name ASN.1 structure parameter array&lt;br/>
-<span class='line'>2459</span>      * @name getX500NameArray
-<span class='line'>2460</span>      * @memberOf X509#
-<span class='line'>2461</span>      * @function
-<span class='line'>2462</span>      * @param {String} h hexadecimal string of Name
-<span class='line'>2463</span>      * @return {Array} array of RDN parameter array
-<span class='line'>2464</span>      * @since jsrsasign 10.0.6 x509 2.0.9
-<span class='line'>2465</span>      * @see X509#getX500Name
-<span class='line'>2466</span>      * @see X509#getRDN
-<span class='line'>2467</span>      * @see X509#getAttrTypeAndValue
-<span class='line'>2468</span>      * @description
-<span class='line'>2469</span>      * This method will get Name parameter defined in
-<span class='line'>2470</span>      * &lt;a href="https://tools.ietf.org/html/rfc5280#section-4.1.2.4">
-<span class='line'>2471</span>      * RFC 5280 4.1.2.4&lt;/a>.
-<span class='line'>2472</span>      * &lt;pre>
-<span class='line'>2473</span>      * Name ::= CHOICE { -- only one possibility for now --
-<span class='line'>2474</span>      *   rdnSequence  RDNSequence }
-<span class='line'>2475</span>      * RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
-<span class='line'>2476</span>      * &lt;/pre>
-<span class='line'>2477</span>      * @example
-<span class='line'>2478</span>      * x = new X509();
-<span class='line'>2479</span>      * x.getX500NameArray("30...") &rarr;
-<span class='line'>2480</span>      * [[{type:"C",value:"US",ds:"prn"}],
-<span class='line'>2481</span>      *  [{type:"O",value:"Sample Corp.",ds:"utf8"}],
-<span class='line'>2482</span>      *  [{type:"CN",value:"john.smith@example.com",ds:"ia5"}]]
-<span class='line'>2483</span>      */</span><span class="WHIT">
-<span class='line'>2484</span> </span><span class="WHIT">    </span><span class="NAME">this.getX500NameArray</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2485</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">p</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_ASN1HEX_parse</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2486</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">_convX500Name</span><span class="PUNC">(</span><span class="NAME">p</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2487</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2488</span> 
-<span class='line'>2489</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>2490</span>      * get Name ASN.1 structure parameter array&lt;br/>
-<span class='line'>2491</span>      * @name getX500Name
-<span class='line'>2492</span>      * @memberOf X509#
-<span class='line'>2493</span>      * @function
-<span class='line'>2494</span>      * @param {String} h hexadecimal string of Name
-<span class='line'>2495</span>      * @return {Array} array of RDN parameter array
-<span class='line'>2496</span>      * @since jsrsasign 9.0.0 x509 2.0.0
-<span class='line'>2497</span>      * @see X509#getX500NameArray
-<span class='line'>2498</span>      * @see X509#getRDN
-<span class='line'>2499</span>      * @see X509#getAttrTypeAndValue
-<span class='line'>2500</span>      * @see KJUR.asn1.x509.X500Name
-<span class='line'>2501</span>      * @see KJUR.asn1.x509.GeneralName
-<span class='line'>2502</span>      * @see KJUR.asn1.x509.GeneralNames
-<span class='line'>2503</span>      * @description
-<span class='line'>2504</span>      * This method will get Name parameter defined in
-<span class='line'>2505</span>      * &lt;a href="https://tools.ietf.org/html/rfc5280#section-4.1.2.4">
-<span class='line'>2506</span>      * RFC 5280 4.1.2.4&lt;/a>.
-<span class='line'>2507</span>      * &lt;pre>
-<span class='line'>2508</span>      * Name ::= CHOICE { -- only one possibility for now --
-<span class='line'>2509</span>      *   rdnSequence  RDNSequence }
-<span class='line'>2510</span>      * RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
-<span class='line'>2511</span>      * &lt;/pre>
-<span class='line'>2512</span>      * @example
-<span class='line'>2513</span>      * x = new X509();
-<span class='line'>2514</span>      * x.getX500Name("30...") &rarr;
-<span class='line'>2515</span>      * { array: [
-<span class='line'>2516</span>      *     [{type:"C",value:"US",ds:"prn"}],
-<span class='line'>2517</span>      *     [{type:"O",value:"Sample Corp.",ds:"utf8"}],
-<span class='line'>2518</span>      *     [{type:"CN",value:"john.smith@example.com",ds:"ia5"}]
-<span class='line'>2519</span>      *   ],
-<span class='line'>2520</span>      *   str: "/C=US/O=Sample Corp./CN=john.smith@example.com",
-<span class='line'>2521</span>      *   hex: "30..."
-<span class='line'>2522</span>      * }
-<span class='line'>2523</span>      */</span><span class="WHIT">
-<span class='line'>2524</span> </span><span class="WHIT">    </span><span class="NAME">this.getX500Name</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2525</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getX500NameArray</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2526</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.dnarraytostr</span><span class="PUNC">(</span><span class="NAME">a</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2527</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT"> </span><span class="NAME">array</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">str</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2528</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2529</span> 
-<span class='line'>2530</span> </span><span class="WHIT">    </span><span class="COMM">// ===== END X500Name related =====================================</span><span class="WHIT">
-<span class='line'>2531</span> 
-<span class='line'>2532</span> </span><span class="WHIT">    </span><span class="COMM">// ===== BEGIN read certificate =====================================</span><span class="WHIT">
-<span class='line'>2533</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>2534</span>      * read PEM formatted X.509 certificate from string.&lt;br/>
-<span class='line'>2535</span>      * @name readCertPEM
-<span class='line'>2536</span>      * @memberOf X509#
-<span class='line'>2537</span>      * @function
-<span class='line'>2538</span>      * @param {String} sCertPEM string for PEM formatted X.509 certificate
-<span class='line'>2539</span>      * @example
-<span class='line'>2540</span>      * x = new X509();
-<span class='line'>2541</span>      * x.readCertPEM(sCertPEM); // read certificate
-<span class='line'>2542</span>      */</span><span class="WHIT">
-<span class='line'>2543</span> </span><span class="WHIT">    </span><span class="NAME">this.readCertPEM</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">sCertPEM</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2544</span> </span><span class="WHIT">        </span><span class="NAME">this.readCertHex</span><span class="PUNC">(</span><span class="NAME">_pemtohex</span><span class="PUNC">(</span><span class="NAME">sCertPEM</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2545</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2546</span> 
-<span class='line'>2547</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>2548</span>      * read a hexadecimal string of X.509 certificate&lt;br/>
-<span class='line'>2549</span>      * @name readCertHex
-<span class='line'>2550</span>      * @memberOf X509#
-<span class='line'>2551</span>      * @function
-<span class='line'>2552</span>      * @param {String} sCertHex hexadecimal string of X.509 certificate
-<span class='line'>2553</span>      * @since jsrsasign 7.1.4 x509 1.1.13
-<span class='line'>2554</span>      * @description
-<span class='line'>2555</span>      * NOTE: {@link X509#parseExt} will called internally since jsrsasign 7.2.0.
-<span class='line'>2556</span>      * @example
-<span class='line'>2557</span>      * x = new X509();
-<span class='line'>2558</span>      * x.readCertHex("3082..."); // read certificate
-<span class='line'>2559</span>      */</span><span class="WHIT">
-<span class='line'>2560</span> </span><span class="WHIT">    </span><span class="NAME">this.readCertHex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">sCertHex</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2561</span> </span><span class="WHIT">        </span><span class="NAME">this.hex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">sCertHex</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2562</span> </span><span class="WHIT">	</span><span class="NAME">this.getVersion</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="COMM">// set version parameter</span><span class="WHIT">
-<span class='line'>2563</span> 
-<span class='line'>2564</span> </span><span class="WHIT">	</span><span class="KEYW">try</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2565</span> </span><span class="WHIT">	    </span><span class="NAME">_getIdxbyList</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">7</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"a3"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="COMM">// has [3] v3ext</span><span class="WHIT">
-<span class='line'>2566</span> </span><span class="WHIT">	    </span><span class="NAME">this.parseExt</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2567</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">catch</span><span class="PUNC">(</span><span class="NAME">ex</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2568</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2569</span> 
-<span class='line'>2570</span> </span><span class="WHIT">    </span><span class="COMM">// ===== END read certificate =====================================</span><span class="WHIT">
-<span class='line'>2571</span> 
-<span class='line'>2572</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>2573</span>      * get JSON object of certificate parameters&lt;br/>
-<span class='line'>2574</span>      * @name getParam
-<span class='line'>2575</span>      * @memberOf X509#
-<span class='line'>2576</span>      * @function
-<span class='line'>2577</span>      * @param {Object} option optional setting for return object
-<span class='line'>2578</span>      * @return {Object} JSON object of certificate parameters
-<span class='line'>2579</span>      * @since jsrsasign 9.0.0 x509 2.0.0
-<span class='line'>2580</span>      * @see KJUR.asn1.x509.X509Util.newCertPEM
-<span class='line'>2581</span>      *
-<span class='line'>2582</span>      * @description
-<span class='line'>2583</span>      * This method returns a JSON object of the certificate
-<span class='line'>2584</span>      * parameters. Return value can be passed to
-<span class='line'>2585</span>      * {@link KJUR.asn1.x509.X509Util.newCertPEM}.
-<span class='line'>2586</span>      * &lt;br>
-<span class='line'>2587</span>      * NOTE1: From jsrsasign 10.5.16, optional argument can be applied.
-<span class='line'>2588</span>      * It can have following members:
-<span class='line'>2589</span>      * &lt;ul>
-<span class='line'>2590</span>      * &lt;li>tbshex - if this is true, tbshex member with hex value of
-<span class='line'>2591</span>      * tbsCertificate will be added&lt;/li>
-<span class='line'>2592</span>      * &lt;li>nodnarray - if this is true, array member for subject and
-<span class='line'>2593</span>      * issuer will be deleted to simplify it&lt;li>
-<span class='line'>2594</span>      * &lt;/ul>
-<span class='line'>2595</span>      *
-<span class='line'>2596</span>      * @example
-<span class='line'>2597</span>      * x = new X509();
-<span class='line'>2598</span>      * x.readCertPEM("-----BEGIN CERTIFICATE...");
-<span class='line'>2599</span>      * x.getParam() &rarr;
-<span class='line'>2600</span>      * {version:3,
-<span class='line'>2601</span>      *  serial:{hex:"12ab"},
-<span class='line'>2602</span>      *  sigalg:"SHA256withRSA",
-<span class='line'>2603</span>      *  issuer: {array:[[{type:'CN',value:'CA1',ds:'prn'}]],str:"/O=CA1"},
-<span class='line'>2604</span>      *  notbefore:"160403023700Z",
-<span class='line'>2605</span>      *  notafter:"160702023700Z",
-<span class='line'>2606</span>      *  subject: {array:[[{type:'CN',value:'Test1',ds:'prn'}]],str:"/CN=Test1"},
-<span class='line'>2607</span>      *  sbjpubkey:"-----BEGIN PUBLIC KEY...",
-<span class='line'>2608</span>      *  ext:[
-<span class='line'>2609</span>      *   {extname:"keyUsage",critical:true,names:["digitalSignature"]},
-<span class='line'>2610</span>      *   {extname:"basicConstraints",critical:true},
-<span class='line'>2611</span>      *   {extname:"subjectKeyIdentifier",kid:{hex:"f2eb..."}},
-<span class='line'>2612</span>      *   {extname:"authorityKeyIdentifier",kid:{hex:"12ab..."}},
-<span class='line'>2613</span>      *   {extname:"authorityInfoAccess",array:[{ocsp:"http://ocsp.example.com/"}]},
-<span class='line'>2614</span>      *   {extname:"certificatePolicies",array:[{policyoid:"2.23.140.1.2.1"}]}
-<span class='line'>2615</span>      *  ],
-<span class='line'>2616</span>      *  sighex:"0b76...8"
-<span class='line'>2617</span>      * };
-<span class='line'>2618</span>      *
-<span class='line'>2619</span>      * x.getParam({tbshex: true}) &rarr; { ... , tbshex: "30..." }
-<span class='line'>2620</span>      * x.getParam({nodnarray: true}) &rarr; {issuer: {str: "/C=JP"}, ...}
-<span class='line'>2621</span>      */</span><span class="WHIT">
-<span class='line'>2622</span> </span><span class="WHIT">    </span><span class="NAME">this.getParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">option</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2623</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2624</span> </span><span class="WHIT">	</span><span class="NAME">result.version</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getVersion</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2625</span> </span><span class="WHIT">	</span><span class="NAME">result.serial</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">hex</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">this.getSerialNumberHex</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2626</span> </span><span class="WHIT">	</span><span class="NAME">result.sigalg</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getSignatureAlgorithmField</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2627</span> </span><span class="WHIT">	</span><span class="NAME">result.issuer</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getIssuer</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2628</span> </span><span class="WHIT">	</span><span class="NAME">result.notbefore</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getNotBefore</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2629</span> </span><span class="WHIT">	</span><span class="NAME">result.notafter</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getNotAfter</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2630</span> </span><span class="WHIT">	</span><span class="NAME">result.subject</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getSubject</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2631</span> </span><span class="WHIT">	</span><span class="NAME">result.sbjpubkey</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">hextopem</span><span class="PUNC">(</span><span class="NAME">this.getPublicKeyHex</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"PUBLIC KEY"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2632</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">this.aExtInfo</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT">
-<span class='line'>2633</span> </span><span class="WHIT">	    </span><span class="NAME">this.aExtInfo.length</span><span class="WHIT"> </span><span class="PUNC">></span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2634</span> </span><span class="WHIT">	    </span><span class="NAME">result.ext</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtParamArray</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2635</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2636</span> </span><span class="WHIT">	</span><span class="NAME">result.sighex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getSignatureValueHex</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2637</span> 
-<span class='line'>2638</span> </span><span class="WHIT">	</span><span class="COMM">// for options</span><span class="WHIT">
-<span class='line'>2639</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">typeof</span><span class="WHIT"> </span><span class="NAME">option</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"object"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2640</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">option.tbshex</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2641</span> </span><span class="WHIT">		</span><span class="NAME">result.tbshex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLVbyList</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2642</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2643</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">option.nodnarray</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2644</span> </span><span class="WHIT">		</span><span class="KEYW">delete</span><span class="WHIT"> </span><span class="NAME">result.issuer.array</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2645</span> </span><span class="WHIT">		</span><span class="KEYW">delete</span><span class="WHIT"> </span><span class="NAME">result.subject.array</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2646</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2647</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2648</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2649</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2650</span> 
-<span class='line'>2651</span> </span><span class="WHIT">    </span><span class="COMM">/** 
-<span class='line'>2652</span>      * get array of certificate extension parameter JSON object&lt;br/>
-<span class='line'>2653</span>      * @name getExtParamArray
-<span class='line'>2654</span>      * @memberOf X509#
-<span class='line'>2655</span>      * @function
-<span class='line'>2656</span>      * @param {String} hExtSeq hexadecimal string of SEQUENCE of Extension
-<span class='line'>2657</span>      * @return {Array} array of certificate extension parameter JSON object
-<span class='line'>2658</span>      * @since jsrsasign 9.0.0 x509 2.0.0
-<span class='line'>2659</span>      * @see KJUR.asn1.x509.X509Util.newCertPEM
-<span class='line'>2660</span>      * @see X509#getParam
-<span class='line'>2661</span>      * @see X509#getExtParam
-<span class='line'>2662</span>      * @see X509CRL#getParam
-<span class='line'>2663</span>      * @see KJUR.asn1.csr.CSRUtil.getParam
-<span class='line'>2664</span>      *
-<span class='line'>2665</span>      * @description
-<span class='line'>2666</span>      * This method returns an array of certificate extension
-<span class='line'>2667</span>      * parameters. 
-<span class='line'>2668</span>      * &lt;br/>
-<span class='line'>2669</span>      * NOTE: Argument "hExtSeq" have been supported since jsrsasign 9.1.1.
-<span class='line'>2670</span>      *
-<span class='line'>2671</span>      * @example
-<span class='line'>2672</span>      * x = new X509();
-<span class='line'>2673</span>      * x.readCertPEM("-----BEGIN CERTIFICATE...");
-<span class='line'>2674</span>      * x.getExtParamArray() &rarr;
-<span class='line'>2675</span>      * [ {extname:"keyUsage",critical:true,names:["digitalSignature"]},
-<span class='line'>2676</span>      *   {extname:"basicConstraints",critical:true},
-<span class='line'>2677</span>      *   {extname:"subjectKeyIdentifier",kid:{hex:"f2eb..."}},
-<span class='line'>2678</span>      *   {extname:"authorityKeyIdentifier",kid:{hex:"12ab..."}},
-<span class='line'>2679</span>      *   {extname:"authorityInfoAccess",array:[{ocsp:"http://ocsp.example.com/"}]},
-<span class='line'>2680</span>      *   {extname:"certificatePolicies",array:[{policyoid:"2.23.140.1.2.1"}]}]
-<span class='line'>2681</span>      */</span><span class="WHIT">
-<span class='line'>2682</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtParamArray</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtSeq</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2683</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtSeq</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2684</span> </span><span class="WHIT">	    </span><span class="COMM">// for X.509v3 certificate</span><span class="WHIT">
-<span class='line'>2685</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">idx1</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getIdxbyListEx</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"[3]"</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2686</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">idx1</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="PUNC">-</span><span class="NUMB">1</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2687</span> </span><span class="WHIT">		</span><span class="NAME">hExtSeq</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLVbyListEx</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"[3]"</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"30"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2688</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2689</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2690</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2691</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">hExtSeq</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2692</span> 
-<span class='line'>2693</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">aIdx.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2694</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hExt</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">hExtSeq</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2695</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtParam</span><span class="PUNC">(</span><span class="NAME">hExt</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2696</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="KEYW">null</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.push</span><span class="PUNC">(</span><span class="NAME">extParam</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2697</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2698</span> 
-<span class='line'>2699</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2700</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2701</span> 
-<span class='line'>2702</span> </span><span class="WHIT">    </span><span class="COMM">/** 
-<span class='line'>2703</span>      * get a extension parameter JSON object&lt;br/>
-<span class='line'>2704</span>      * @name getExtParam
-<span class='line'>2705</span>      * @memberOf X509#
-<span class='line'>2706</span>      * @function
-<span class='line'>2707</span>      * @param {String} hExt hexadecimal string of Extension
-<span class='line'>2708</span>      * @return {Array} Extension parameter JSON object
-<span class='line'>2709</span>      * @since jsrsasign 9.1.1 x509 2.0.1
-<span class='line'>2710</span>      * @see KJUR.asn1.x509.X509Util.newCertPEM
-<span class='line'>2711</span>      * @see X509#getParam
-<span class='line'>2712</span>      * @see X509#getExtParamArray
-<span class='line'>2713</span>      * @see X509CRL#getParam
-<span class='line'>2714</span>      * @see KJUR.asn1.csr.CSRUtil.getParam
-<span class='line'>2715</span>      *
-<span class='line'>2716</span>      * @description
-<span class='line'>2717</span>      * This method returns a extension parameters as JSON object. 
-<span class='line'>2718</span>      *
-<span class='line'>2719</span>      * @example
-<span class='line'>2720</span>      * x = new X509();
-<span class='line'>2721</span>      * ...
-<span class='line'>2722</span>      * x.getExtParam("30...") &rarr;
-<span class='line'>2723</span>      * {extname:"keyUsage",critical:true,names:["digitalSignature"]}
-<span class='line'>2724</span>      */</span><span class="WHIT">
-<span class='line'>2725</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExt</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2726</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2727</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">hExt</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2728</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aIdxLen</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">aIdx.length</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2729</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">aIdxLen</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">aIdxLen</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NUMB">3</span><span class="PUNC">)</span><span class="WHIT">
-<span class='line'>2730</span> </span><span class="WHIT">	    </span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Error</span><span class="PUNC">(</span><span class="STRN">"wrong number elements in Extension: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> 
-<span class='line'>2731</span> 			    </span><span class="NAME">aIdxLen</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">" "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">hExt</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2732</span> 
-<span class='line'>2733</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_hextooidstr</span><span class="PUNC">(</span><span class="NAME">_getVbyList</span><span class="PUNC">(</span><span class="NAME">hExt</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"06"</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2734</span> 
-<span class='line'>2735</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">false</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2736</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">aIdxLen</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NUMB">3</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">_getTLVbyList</span><span class="PUNC">(</span><span class="NAME">hExt</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">1</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"0101ff"</span><span class="PUNC">)</span><span class="WHIT">
-<span class='line'>2737</span> </span><span class="WHIT">	    </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2738</span> 
-<span class='line'>2739</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLVbyList</span><span class="PUNC">(</span><span class="NAME">hExt</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NAME">aIdxLen</span><span class="WHIT"> </span><span class="PUNC">-</span><span class="WHIT"> </span><span class="NUMB">1</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2740</span> 
-<span class='line'>2741</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2742</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"2.5.29.14"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2743</span> </span><span class="WHIT">	    </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtSubjectKeyIdentifier</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2744</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"2.5.29.15"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2745</span> </span><span class="WHIT">	    </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtKeyUsage</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2746</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"2.5.29.17"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2747</span> </span><span class="WHIT">	    </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtSubjectAltName</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2748</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"2.5.29.18"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2749</span> </span><span class="WHIT">	    </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtIssuerAltName</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2750</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"2.5.29.19"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2751</span> </span><span class="WHIT">	    </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtBasicConstraints</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2752</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"2.5.29.30"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2753</span> </span><span class="WHIT">	    </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtNameConstraints</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2754</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"2.5.29.31"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2755</span> </span><span class="WHIT">	    </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtCRLDistributionPoints</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2756</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"2.5.29.32"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2757</span> </span><span class="WHIT">	    </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtCertificatePolicies</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2758</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"2.5.29.35"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2759</span> </span><span class="WHIT">	    </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtAuthorityKeyIdentifier</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2760</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"2.5.29.37"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2761</span> </span><span class="WHIT">	    </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtExtKeyUsage</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2762</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"1.3.6.1.5.5.7.1.1"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2763</span> </span><span class="WHIT">	    </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtAuthorityInfoAccess</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2764</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"2.5.29.20"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2765</span> </span><span class="WHIT">	    </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtCRLNumber</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2766</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"2.5.29.21"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2767</span> </span><span class="WHIT">	    </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtCRLReason</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2768</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"1.3.6.1.5.5.7.48.1.2"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2769</span> </span><span class="WHIT">	    </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtOcspNonce</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2770</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"1.3.6.1.5.5.7.48.1.5"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2771</span> </span><span class="WHIT">	    </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtOcspNoCheck</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2772</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"1.2.840.113583.1.1.9.1"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2773</span> </span><span class="WHIT">	    </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtAdobeTimeStamp</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2774</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2775</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">extParam</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2776</span> 
-<span class='line'>2777</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">privateParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT"> </span><span class="NAME">extname</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">oid</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">extn</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2778</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">privateParam.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2779</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">privateParam</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2780</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2781</span> 
-<span class='line'>2782</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>2783</span>      * find extension parameter in array&lt;br/>
-<span class='line'>2784</span>      * @name findExt
-<span class='line'>2785</span>      * @memberOf X509#
-<span class='line'>2786</span>      * @function
-<span class='line'>2787</span>      * @param {Array} aExt array of extension parameters
-<span class='line'>2788</span>      * @param {String} extname extension name
-<span class='line'>2789</span>      * @return {Array} extension parameter in the array or null
-<span class='line'>2790</span>      * @since jsrsasign 10.0.3 x509 2.0.7
-<span class='line'>2791</span>      * @see X509#getParam
-<span class='line'>2792</span>      *
-<span class='line'>2793</span>      * @description
-<span class='line'>2794</span>      * This method returns an extension parameter for
-<span class='line'>2795</span>      * specified extension name in the array.
-<span class='line'>2796</span>      * This method is useful to update extension parameter value.
-<span class='line'>2797</span>      * When there is no such extension with the extname,
-<span class='line'>2798</span>      * this returns "null".
-<span class='line'>2799</span>      *
-<span class='line'>2800</span>      * @example
-<span class='line'>2801</span>      * // (1) 
-<span class='line'>2802</span>      * x = new X509(CERTPEM);
-<span class='line'>2803</span>      * params = x.getParam();
-<span class='line'>2804</span>      * pSKID = x.findExt(params.ext, "subjectKeyIdentifier");
-<span class='line'>2805</span>      * pSKID.kid = "1234abced..."; // skid in the params is updated.
-<span class='line'>2806</span>      *   // then params was updated
-<span class='line'>2807</span>      *
-<span class='line'>2808</span>      * // (2) another example
-<span class='line'>2809</span>      * aExt = [
-<span class='line'>2810</span>      *   {extname:"keyUsage",critical:true,names:["digitalSignature"]},
-<span class='line'>2811</span>      *   {extname:"basicConstraints",critical:true},
-<span class='line'>2812</span>      *   {extname:"subjectKeyIdentifier",kid:{hex:"f2eb..."}},
-<span class='line'>2813</span>      *   {extname:"authorityKeyIdentifier",kid:{hex:"12ab..."}},
-<span class='line'>2814</span>      *   {extname:"authorityInfoAccess",array:[{ocsp:"http://ocsp.example.com/"}]},
-<span class='line'>2815</span>      *   {extname:"certificatePolicies",array:[{policyoid:"2.23.140.1.2.1"}]}
-<span class='line'>2816</span>      * ];
-<span class='line'>2817</span>      * var x = new X509();
-<span class='line'>2818</span>      * x.findExt(aExt, "authorityKeyInfoAccess").array[0].ocsp = "http://aaa.com";
-<span class='line'>2819</span>      * pKU = x.findExt(aExt, "keyUsage");
-<span class='line'>2820</span>      * delete pKU["critical"]; // clear criticla flag
-<span class='line'>2821</span>      * pKU.names = ["keyCertSign", "cRLSign"];
-<span class='line'>2822</span>      *   // then aExt was updated
-<span class='line'>2823</span>      */</span><span class="WHIT">
-<span class='line'>2824</span> </span><span class="WHIT">    </span><span class="NAME">this.findExt</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">aExt</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">extname</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2825</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">aExt.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2826</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">aExt</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">extname</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NAME">extname</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">aExt</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2827</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2828</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="KEYW">null</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2829</span> 
-<span class='line'>2830</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2831</span> 
-<span class='line'>2832</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>2833</span>      * update CRLDistributionPoints Full URI in parameter&lt;br/>
-<span class='line'>2834</span>      * @name updateCDPFullURI
-<span class='line'>2835</span>      * @memberOf X509#
-<span class='line'>2836</span>      * @function
-<span class='line'>2837</span>      * @param {Array} aExt array of extension parameters
-<span class='line'>2838</span>      * @param {String} newURI string of new uri
-<span class='line'>2839</span>      * @since jsrsasign 10.0.4 x509 2.0.8
-<span class='line'>2840</span>      * @see X509#findExt
-<span class='line'>2841</span>      * @see KJUR.asn1.x509.CRLDistributionPoints
-<span class='line'>2842</span>      *
-<span class='line'>2843</span>      * @description
-<span class='line'>2844</span>      * This method updates Full URI of CRLDistributionPoints extension
-<span class='line'>2845</span>      * in the extension parameter array if it exists.
-<span class='line'>2846</span>      *
-<span class='line'>2847</span>      * @example
-<span class='line'>2848</span>      * aExt = [
-<span class='line'>2849</span>      *   {extname:"authorityKeyIdentifier",kid:{hex:"12ab..."}},
-<span class='line'>2850</span>      *   {extname:"cRLDistributionPoints",
-<span class='line'>2851</span>      *    array:[{dpname:{full:[{uri:"http://example.com/a.crl"}]}}]},
-<span class='line'>2852</span>      * ];
-<span class='line'>2853</span>      * x = new X509();
-<span class='line'>2854</span>      * x.updateCDPFullURI(aExt, "http://crl2.example.new/b.crl");
-<span class='line'>2855</span>      */</span><span class="WHIT">
-<span class='line'>2856</span> </span><span class="WHIT">    </span><span class="NAME">this.updateExtCDPFullURI</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">aExt</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">newURI</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2857</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">pExt</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.findExt</span><span class="PUNC">(</span><span class="NAME">aExt</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"cRLDistributionPoints"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2858</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">pExt</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="KEYW">null</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2859</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">pExt.array</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2860</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aDP</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">pExt.array</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2861</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">aDP.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2862</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">aDP</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">dpname</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">continue</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2863</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">aDP</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">dpname.full</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">continue</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2864</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aURI</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">aDP</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">dpname.full</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2865</span> </span><span class="WHIT">	    </span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">j</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">j</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">aURI.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">j</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2866</span> </span><span class="WHIT">		</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">pURI</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">aURI</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2867</span> </span><span class="WHIT">		</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">pURI.uri</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">continue</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2868</span> </span><span class="WHIT">		</span><span class="NAME">pURI.uri</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">newURI</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2869</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2870</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2871</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2872</span> 
-<span class='line'>2873</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>2874</span>      * update authorityInfoAccess ocsp in parameter&lt;br/>
-<span class='line'>2875</span>      * @name updateAIAOCSP
-<span class='line'>2876</span>      * @memberOf X509#
-<span class='line'>2877</span>      * @function
-<span class='line'>2878</span>      * @param {Array} aExt array of extension parameters
-<span class='line'>2879</span>      * @param {String} newURI string of new uri
-<span class='line'>2880</span>      * @since jsrsasign 10.0.4 x509 2.0.8
-<span class='line'>2881</span>      * @see X509#findExt
-<span class='line'>2882</span>      * @see KJUR.asn1.x509.AuthorityInfoAccess
-<span class='line'>2883</span>      *
-<span class='line'>2884</span>      * @description
-<span class='line'>2885</span>      * This method updates "ocsp" accessMethod URI of 
-<span class='line'>2886</span>      * AuthorityInfoAccess extension
-<span class='line'>2887</span>      * in the extension parameter array if it exists.
-<span class='line'>2888</span>      *
-<span class='line'>2889</span>      * @example
-<span class='line'>2890</span>      * aExt = [
-<span class='line'>2891</span>      *   {extname:"authorityKeyIdentifier",kid:{hex:"12ab..."}},
-<span class='line'>2892</span>      *   {extname:"authoriyInfoAccess",
-<span class='line'>2893</span>      *    array:[
-<span class='line'>2894</span>      *      {ocsp: "http://ocsp1.example.com"},
-<span class='line'>2895</span>      *      {caissuer: "http://example.com/a.crt"}
-<span class='line'>2896</span>      *    ]}
-<span class='line'>2897</span>      * ];
-<span class='line'>2898</span>      * x = new X509();
-<span class='line'>2899</span>      * x.updateAIAOCSP(aExt, "http://ocsp2.example.net");
-<span class='line'>2900</span>      */</span><span class="WHIT">
-<span class='line'>2901</span> </span><span class="WHIT">    </span><span class="NAME">this.updateExtAIAOCSP</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">aExt</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">newURI</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2902</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">pExt</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.findExt</span><span class="PUNC">(</span><span class="NAME">aExt</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"authorityInfoAccess"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2903</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">pExt</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="KEYW">null</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2904</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">pExt.array</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2905</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">pExt.array</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2906</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2907</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">ocsp</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">ocsp</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">newURI</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2908</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2909</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2910</span> 
-<span class='line'>2911</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>2912</span>      * update authorityInfoAccess caIssuer in parameter&lt;br/>
-<span class='line'>2913</span>      * @name updateAIACAIssuer
-<span class='line'>2914</span>      * @memberOf X509#
-<span class='line'>2915</span>      * @function
-<span class='line'>2916</span>      * @param {Array} aExt array of extension parameters
-<span class='line'>2917</span>      * @param {String} newURI string of new uri
-<span class='line'>2918</span>      * @since jsrsasign 10.0.4 x509 2.0.8
-<span class='line'>2919</span>      * @see X509#findExt
-<span class='line'>2920</span>      * @see KJUR.asn1.x509.AuthorityInfoAccess
-<span class='line'>2921</span>      *
-<span class='line'>2922</span>      * @description
-<span class='line'>2923</span>      * This method updates "caIssuer" accessMethod URI of 
-<span class='line'>2924</span>      * AuthorityInfoAccess extension
-<span class='line'>2925</span>      * in the extension parameter array if it exists.
-<span class='line'>2926</span>      *
-<span class='line'>2927</span>      * @example
-<span class='line'>2928</span>      * aExt = [
-<span class='line'>2929</span>      *   {extname:"authorityKeyIdentifier",kid:{hex:"12ab..."}},
-<span class='line'>2930</span>      *   {extname:"authoriyInfoAccess",
-<span class='line'>2931</span>      *    array:[
-<span class='line'>2932</span>      *      {ocsp: "http://ocsp1.example.com"},
-<span class='line'>2933</span>      *      {caissuer: "http://example.com/a.crt"}
-<span class='line'>2934</span>      *    ]}
-<span class='line'>2935</span>      * ];
-<span class='line'>2936</span>      * x = new X509();
-<span class='line'>2937</span>      * x.updateAIACAIssuer(aExt, "http://example.net/b.crt");
-<span class='line'>2938</span>      */</span><span class="WHIT">
-<span class='line'>2939</span> </span><span class="WHIT">    </span><span class="NAME">this.updateExtAIACAIssuer</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">aExt</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">newURI</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2940</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">pExt</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.findExt</span><span class="PUNC">(</span><span class="NAME">aExt</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"authorityInfoAccess"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2941</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">pExt</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="KEYW">null</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2942</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">pExt.array</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2943</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">pExt.array</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2944</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2945</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">caissuer</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">caissuer</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">newURI</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2946</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>2947</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2948</span> 
-<span class='line'>2949</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>2950</span>      * convert array for X500 distinguish name to distinguish name string&lt;br/>
-<span class='line'>2951</span>      * @name dnarraytostr
-<span class='line'>2952</span>      * @memberOf X509#
-<span class='line'>2953</span>      * @function
-<span class='line'>2954</span>      * @param {Array} aDN array for X500 distinguish name
-<span class='line'>2955</span>      * @return {String} distinguish name
-<span class='line'>2956</span>      * @since jsrsasign 10.0.6 x509 2.0.8
-<span class='line'>2957</span>      * @see X509#getX500Name
-<span class='line'>2958</span>      * @see X509#getX500NameArray
-<span class='line'>2959</span>      * @see KJUR.asn1.x509.X500Name
-<span class='line'>2960</span>      *
-<span class='line'>2961</span>      * @description
-<span class='line'>2962</span>      * This method converts from an array representation of 
-<span class='line'>2963</span>      * X.500 distinguished name to X.500 name string.
-<span class='line'>2964</span>      * This supports multi-valued RDN.
-<span class='line'>2965</span>      * 
-<span class='line'>2966</span>      * @example
-<span class='line'>2967</span>      * var x = new X509();
-<span class='line'>2968</span>      * x.dnarraytostr(
-<span class='line'>2969</span>      *   [[{type:"C",value:"JP",ds:"prn"}],
-<span class='line'>2970</span>      *   [{type:"O",value:"T1",ds:"prn"}]]) &rarr; "/C=JP/O=T1"
-<span class='line'>2971</span>      * x.dnarraytostr(
-<span class='line'>2972</span>      *   [[{type:"C",value:"JP",ds:"prn"}],
-<span class='line'>2973</span>      *   [{type:"O",value:"T1",ds:"prn"}
-<span class='line'>2974</span>      *    {type:"CN",value:"Bob",ds:"prn"}]]) &rarr; "/C=JP/O=T1+CN=Bob"
-<span class='line'>2975</span>      */</span><span class="WHIT">
-<span class='line'>2976</span> </span><span class="WHIT">    </span><span class="NAME">this.dnarraytostr</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">aDN</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2977</span> </span><span class="WHIT">	</span><span class="KEYW">function</span><span class="WHIT"> </span><span class="NAME">rdnarraytostr</span><span class="PUNC">(</span><span class="NAME">aRDN</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2978</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">aRDN.map</span><span class="PUNC">(</span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">x</span><span class="PUNC">)</span><span class="PUNC">{</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">atvtostr</span><span class="PUNC">(</span><span class="NAME">x</span><span class="PUNC">)</span><span class="PUNC">.</span><span class="NAME">replace</span><span class="PUNC">(</span><span class="REGX">/\+/</span><span class="PUNC">,</span><span class="STRN">"\\+"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="PUNC">}</span><span class="PUNC">)</span><span class="PUNC">.</span><span class="NAME">join</span><span class="PUNC">(</span><span class="STRN">"+"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2979</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2980</span> 
-<span class='line'>2981</span> </span><span class="WHIT">	</span><span class="KEYW">function</span><span class="WHIT"> </span><span class="NAME">atvtostr</span><span class="PUNC">(</span><span class="NAME">pATV</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>2982</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">pATV.type</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"="</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">pATV.value</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2983</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2984</span> 
-<span class='line'>2985</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="STRN">"/"</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">aDN.map</span><span class="PUNC">(</span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">x</span><span class="PUNC">)</span><span class="PUNC">{</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">rdnarraytostr</span><span class="PUNC">(</span><span class="NAME">x</span><span class="PUNC">)</span><span class="PUNC">.</span><span class="NAME">replace</span><span class="PUNC">(</span><span class="REGX">/\//</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"\\/"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="PUNC">}</span><span class="PUNC">)</span><span class="PUNC">.</span><span class="NAME">join</span><span class="PUNC">(</span><span class="STRN">"/"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2986</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>2987</span> 
-<span class='line'>2988</span> </span><span class="WHIT">    </span><span class="COMM">/**
-<span class='line'>2989</span>      * get certificate information as string.&lt;br/>
-<span class='line'>2990</span>      * @name getInfo
-<span class='line'>2991</span>      * @memberOf X509#
-<span class='line'>2992</span>      * @function
-<span class='line'>2993</span>      * @return {String} certificate information string
-<span class='line'>2994</span>      * @since jsrsasign 5.0.10 x509 1.1.8
-<span class='line'>2995</span>      * @example
-<span class='line'>2996</span>      * x = new X509();
-<span class='line'>2997</span>      * x.readCertPEM(certPEM);
-<span class='line'>2998</span>      * console.log(x.getInfo());
-<span class='line'>2999</span>      * // this shows as following
-<span class='line'>3000</span>      * Basic Fields
-<span class='line'>3001</span>      *   serial number: 02ac5c266a0b409b8f0b79f2ae462577
-<span class='line'>3002</span>      *   signature algorithm: SHA1withRSA
-<span class='line'>3003</span>      *   issuer: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA
-<span class='line'>3004</span>      *   notBefore: 061110000000Z
-<span class='line'>3005</span>      *   notAfter: 311110000000Z
-<span class='line'>3006</span>      *   subject: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA
-<span class='line'>3007</span>      *   subject public key info:
-<span class='line'>3008</span>      *     key algorithm: RSA
-<span class='line'>3009</span>      *     n=c6cce573e6fbd4bb...
-<span class='line'>3010</span>      *     e=10001
-<span class='line'>3011</span>      * X509v3 Extensions:
-<span class='line'>3012</span>      *   keyUsage CRITICAL:
-<span class='line'>3013</span>      *     digitalSignature,keyCertSign,cRLSign
-<span class='line'>3014</span>      *   basicConstraints CRITICAL:
-<span class='line'>3015</span>      *     cA=true
-<span class='line'>3016</span>      *   subjectKeyIdentifier :
-<span class='line'>3017</span>      *     b13ec36903f8bf4701d498261a0802ef63642bc3
-<span class='line'>3018</span>      *   authorityKeyIdentifier :
-<span class='line'>3019</span>      *     kid=b13ec36903f8bf4701d498261a0802ef63642bc3
-<span class='line'>3020</span>      * signature algorithm: SHA1withRSA
-<span class='line'>3021</span>      * signature: 1c1a0697dcd79c9f...
-<span class='line'>3022</span>      */</span><span class="WHIT">
-<span class='line'>3023</span> </span><span class="WHIT">    </span><span class="NAME">this.getInfo</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3024</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">_getSubjectAltNameStr</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">params</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3025</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">JSON.stringify</span><span class="PUNC">(</span><span class="NAME">params.array</span><span class="PUNC">)</span><span class="PUNC">.</span><span class="NAME">replace</span><span class="PUNC">(</span><span class="REGX">/[\[\]\{\}\"]/g</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">''</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3026</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">s</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3027</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3028</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">_getCertificatePoliciesStr</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">params</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3029</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">""</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3030</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">params.array</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3031</span> </span><span class="WHIT">	    </span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3032</span> </span><span class="WHIT">		</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">pi</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3033</span> </span><span class="WHIT">		</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"    policy oid: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">pi.policyoid</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3034</span> </span><span class="WHIT">		</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">pi.array</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">continue</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3035</span> </span><span class="WHIT">		</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">j</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">j</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">pi.array.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">j</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3036</span> </span><span class="WHIT">		    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">pqi</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">pi.array</span><span class="PUNC">[</span><span class="NAME">j</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3037</span> </span><span class="WHIT">		    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">pqi.cps</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3038</span> </span><span class="WHIT">			</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"    cps: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">pqi.cps</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3039</span> </span><span class="WHIT">		    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>3040</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>3041</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>3042</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">s</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2336</span> </span><span class="WHIT">    </span><span class="COMM">/*
+<span class='line'>2337</span>      * convert ASN.1 parsed object to X500Name array&lt;br/>
+<span class='line'>2338</span>      * @name _convX500Name
+<span class='line'>2339</span>      * @param p associative array of parsed X500Name array object
+<span class='line'>2340</span>      * @return RDN array
+<span class='line'>2341</span>      * @since jsrsasign 10.5.12 x509 2.0.14
+<span class='line'>2342</span>      * @example
+<span class='line'>2343</span>      * _convX500Name({seq: [...]} &rarr: [[{type:"C",value:"JP",ds:"prn"}]]
+<span class='line'>2344</span>      */</span><span class="WHIT">
+<span class='line'>2345</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">_convX500Name</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">p</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2346</span> </span><span class="WHIT">	</span><span class="KEYW">try</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2347</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">p.seq.map</span><span class="PUNC">(</span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">pRDN</span><span class="PUNC">)</span><span class="PUNC">{</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">_convRDN</span><span class="PUNC">(</span><span class="NAME">pRDN</span><span class="PUNC">)</span><span class="PUNC">}</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2348</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">catch</span><span class="PUNC">(</span><span class="NAME">ex</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2349</span> </span><span class="WHIT">	    </span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Error</span><span class="PUNC">(</span><span class="STRN">"improper ASN.1 parsed X500Name: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">ex</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2350</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2351</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2352</span> 
+<span class='line'>2353</span> </span><span class="WHIT">    </span><span class="NAME">this.getX500NameRule</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">aDN</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2354</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">isPRNRule</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2355</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">isUTF8Rule</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2356</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">isMixedRule</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">false</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2357</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">logfull</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">""</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2358</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">logcheck</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">""</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2359</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">lasttag</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">null</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2360</span> 
+<span class='line'>2361</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2362</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">aDN.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2363</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aRDN</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">aDN</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2364</span> </span><span class="WHIT">	    </span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">j</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">j</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">aRDN.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">j</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2365</span> </span><span class="WHIT">		</span><span class="NAME">a.push</span><span class="PUNC">(</span><span class="NAME">aRDN</span><span class="PUNC">[</span><span class="NAME">j</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2366</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2367</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2368</span> 
+<span class='line'>2369</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2370</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">item</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2371</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">item.ds</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2372</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">value</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">item.value</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2373</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">type</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">item.type</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2374</span> </span><span class="WHIT">	    </span><span class="NAME">logfull</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">":"</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">tag</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2375</span> </span><span class="WHIT">	    
+<span class='line'>2376</span> 	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="STRN">"prn"</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="STRN">"utf8"</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="STRN">"ia5"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2377</span> </span><span class="WHIT">		</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="STRN">"mixed"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2378</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2379</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"ia5"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2380</span> </span><span class="WHIT">		</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">type</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="STRN">"CN"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2381</span> </span><span class="WHIT">		    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="STRN">"mixed"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2382</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2383</span> </span><span class="WHIT">		    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="PUNC">!</span><span class="WHIT"> </span><span class="NAME">KJUR.lang.String.isMail</span><span class="PUNC">(</span><span class="NAME">value</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2384</span> </span><span class="WHIT">			</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="STRN">"mixed"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2385</span> </span><span class="WHIT">		    </span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2386</span> </span><span class="WHIT">			</span><span class="KEYW">continue</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2387</span> </span><span class="WHIT">		    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2388</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2389</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2390</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">type</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"C"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2391</span> </span><span class="WHIT">		</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">tag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"prn"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2392</span> </span><span class="WHIT">		    </span><span class="KEYW">continue</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2393</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2394</span> </span><span class="WHIT">		    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="STRN">"mixed"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2395</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2396</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2397</span> </span><span class="WHIT">	    </span><span class="NAME">logcheck</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">":"</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">tag</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2398</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">lasttag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="KEYW">null</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2399</span> </span><span class="WHIT">		</span><span class="NAME">lasttag</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">tag</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2400</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2401</span> </span><span class="WHIT">		</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">lasttag</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="NAME">tag</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="STRN">"mixed"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2402</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2403</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2404</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">lasttag</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="KEYW">null</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2405</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="STRN">"prn"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2406</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2407</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">lasttag</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2408</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2409</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2410</span> 
+<span class='line'>2411</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>2412</span>      * get AttributeTypeAndValue ASN.1 structure parameter as JSON object&lt;br/>
+<span class='line'>2413</span>      * @name getAttrTypeAndValue
+<span class='line'>2414</span>      * @memberOf X509#
+<span class='line'>2415</span>      * @function
+<span class='line'>2416</span>      * @param {String} h hexadecimal string of AttributeTypeAndValue
+<span class='line'>2417</span>      * @return {Object} JSON object of AttributeTypeAndValue parameters
+<span class='line'>2418</span>      * @since jsrsasign 9.0.0 x509 2.0.0
+<span class='line'>2419</span>      * @see X509#getX500Name
+<span class='line'>2420</span>      * @see X509#getRDN
+<span class='line'>2421</span>      * @description
+<span class='line'>2422</span>      * This method will get AttributeTypeAndValue parameters defined in
+<span class='line'>2423</span>      * &lt;a href="https://tools.ietf.org/html/rfc5280#section-4.1.2.4">
+<span class='line'>2424</span>      * RFC 5280 4.1.2.4&lt;/a>.
+<span class='line'>2425</span>      * &lt;pre>
+<span class='line'>2426</span>      * AttributeTypeAndValue ::= SEQUENCE {
+<span class='line'>2427</span>      *   type     AttributeType,
+<span class='line'>2428</span>      *   value    AttributeValue }
+<span class='line'>2429</span>      * AttributeType ::= OBJECT IDENTIFIER
+<span class='line'>2430</span>      * AttributeValue ::= ANY -- DEFINED BY AttributeType
+<span class='line'>2431</span>      * &lt;/pre>
+<span class='line'>2432</span>      * &lt;ul>
+<span class='line'>2433</span>      * &lt;li>{String}type - AttributeType name or OID(ex. C,O,CN)&lt;/li>
+<span class='line'>2434</span>      * &lt;li>{String}value - raw string of ASN.1 value of AttributeValue&lt;/li>
+<span class='line'>2435</span>      * &lt;li>{String}ds - DirectoryString type of AttributeValue&lt;/li>
+<span class='line'>2436</span>      * &lt;/ul>
+<span class='line'>2437</span>      * "ds" has one of following value:
+<span class='line'>2438</span>      * &lt;ul>
+<span class='line'>2439</span>      * &lt;li>utf8 - (0x0c) UTF8String&lt;/li>
+<span class='line'>2440</span>      * &lt;li>num  - (0x12) NumericString&lt;/li>
+<span class='line'>2441</span>      * &lt;li>prn  - (0x13) PrintableString&lt;/li>
+<span class='line'>2442</span>      * &lt;li>tel  - (0x14) TeletexString&lt;/li>
+<span class='line'>2443</span>      * &lt;li>ia5  - (0x16) IA5String&lt;/li>
+<span class='line'>2444</span>      * &lt;li>vis  - (0x1a) VisibleString&lt;/li>
+<span class='line'>2445</span>      * &lt;li>bmp  - (0x1e) BMPString&lt;/li>
+<span class='line'>2446</span>      * &lt;/ul>
+<span class='line'>2447</span>      * @example
+<span class='line'>2448</span>      * x = new X509();
+<span class='line'>2449</span>      * x.getAttrTypeAndValue("30...") &rarr;
+<span class='line'>2450</span>      * {type:"CN",value:"john.smith@example.com",ds:"ia5"} or
+<span class='line'>2451</span>      * {type:"O",value:"Sample Corp.",ds:"prn"}
+<span class='line'>2452</span>      */</span><span class="WHIT">
+<span class='line'>2453</span> </span><span class="WHIT">    </span><span class="COMM">// unv  - (0x1c??) UniversalString ... for future</span><span class="WHIT">
+<span class='line'>2454</span> </span><span class="WHIT">    </span><span class="NAME">this.getAttrTypeAndValue</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2455</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">p</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_ASN1HEX_parse</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2456</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">_convATV</span><span class="PUNC">(</span><span class="NAME">p</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2457</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2458</span> 
+<span class='line'>2459</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>2460</span>      * get RelativeDistinguishedName ASN.1 structure parameter array&lt;br/>
+<span class='line'>2461</span>      * @name getRDN
+<span class='line'>2462</span>      * @memberOf X509#
+<span class='line'>2463</span>      * @function
+<span class='line'>2464</span>      * @param {String} h hexadecimal string of RDN
+<span class='line'>2465</span>      * @return {Array} array of AttrTypeAndValue parameters
+<span class='line'>2466</span>      * @since jsrsasign 9.0.0 x509 2.0.0
+<span class='line'>2467</span>      * @see X509#getX500Name
+<span class='line'>2468</span>      * @see X509#getRDN
+<span class='line'>2469</span>      * @see X509#getAttrTypeAndValue
+<span class='line'>2470</span>      * @description
+<span class='line'>2471</span>      * This method will get RelativeDistinguishedName parameters defined in
+<span class='line'>2472</span>      * &lt;a href="https://tools.ietf.org/html/rfc5280#section-4.1.2.4">
+<span class='line'>2473</span>      * RFC 5280 4.1.2.4&lt;/a>.
+<span class='line'>2474</span>      * &lt;pre>
+<span class='line'>2475</span>      * RelativeDistinguishedName ::=
+<span class='line'>2476</span>      *   SET SIZE (1..MAX) OF AttributeTypeAndValue
+<span class='line'>2477</span>      * &lt;/pre>
+<span class='line'>2478</span>      * @example
+<span class='line'>2479</span>      * x = new X509();
+<span class='line'>2480</span>      * x.getRDN("31...") &rarr;
+<span class='line'>2481</span>      * [{type:"C",value:"US",ds:"prn"}] or
+<span class='line'>2482</span>      * [{type:"O",value:"Sample Corp.",ds:"prn"}] or
+<span class='line'>2483</span>      * [{type:"CN",value:"john.smith@example.com",ds:"ia5"}]
+<span class='line'>2484</span>      */</span><span class="WHIT">
+<span class='line'>2485</span> </span><span class="WHIT">    </span><span class="NAME">this.getRDN</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2486</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">p</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_ASN1HEX_parse</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2487</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">_convRDN</span><span class="PUNC">(</span><span class="NAME">p</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2488</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2489</span> 
+<span class='line'>2490</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>2491</span>      * get X.500 Name ASN.1 structure parameter array&lt;br/>
+<span class='line'>2492</span>      * @name getX500NameArray
+<span class='line'>2493</span>      * @memberOf X509#
+<span class='line'>2494</span>      * @function
+<span class='line'>2495</span>      * @param {String} h hexadecimal string of Name
+<span class='line'>2496</span>      * @return {Array} array of RDN parameter array
+<span class='line'>2497</span>      * @since jsrsasign 10.0.6 x509 2.0.9
+<span class='line'>2498</span>      * @see X509#getX500Name
+<span class='line'>2499</span>      * @see X509#getRDN
+<span class='line'>2500</span>      * @see X509#getAttrTypeAndValue
+<span class='line'>2501</span>      * @description
+<span class='line'>2502</span>      * This method will get Name parameter defined in
+<span class='line'>2503</span>      * &lt;a href="https://tools.ietf.org/html/rfc5280#section-4.1.2.4">
+<span class='line'>2504</span>      * RFC 5280 4.1.2.4&lt;/a>.
+<span class='line'>2505</span>      * &lt;pre>
+<span class='line'>2506</span>      * Name ::= CHOICE { -- only one possibility for now --
+<span class='line'>2507</span>      *   rdnSequence  RDNSequence }
+<span class='line'>2508</span>      * RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
+<span class='line'>2509</span>      * &lt;/pre>
+<span class='line'>2510</span>      * @example
+<span class='line'>2511</span>      * x = new X509();
+<span class='line'>2512</span>      * x.getX500NameArray("30...") &rarr;
+<span class='line'>2513</span>      * [[{type:"C",value:"US",ds:"prn"}],
+<span class='line'>2514</span>      *  [{type:"O",value:"Sample Corp.",ds:"utf8"}],
+<span class='line'>2515</span>      *  [{type:"CN",value:"john.smith@example.com",ds:"ia5"}]]
+<span class='line'>2516</span>      */</span><span class="WHIT">
+<span class='line'>2517</span> </span><span class="WHIT">    </span><span class="NAME">this.getX500NameArray</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2518</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">p</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_ASN1HEX_parse</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2519</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">_convX500Name</span><span class="PUNC">(</span><span class="NAME">p</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2520</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2521</span> 
+<span class='line'>2522</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>2523</span>      * get Name ASN.1 structure parameter array&lt;br/>
+<span class='line'>2524</span>      * @name getX500Name
+<span class='line'>2525</span>      * @memberOf X509#
+<span class='line'>2526</span>      * @function
+<span class='line'>2527</span>      * @param {String} h hexadecimal string of Name
+<span class='line'>2528</span>      * @param {boolean} flagCanon flag to conclude canonicalized name (DEFAULT false)
+<span class='line'>2529</span>      * @param {boolean} flagHex flag to conclude hexadecimal string (DEFAULT false)
+<span class='line'>2530</span>      * @return {Array} array of RDN parameter array
+<span class='line'>2531</span>      * @since jsrsasign 9.0.0 x509 2.0.0
+<span class='line'>2532</span>      * @see X509#getX500NameArray
+<span class='line'>2533</span>      * @see X509#getRDN
+<span class='line'>2534</span>      * @see X509#getAttrTypeAndValue
+<span class='line'>2535</span>      * @see X509#c14nRDNArray
+<span class='line'>2536</span>      * @see KJUR.asn1.x509.X500Name
+<span class='line'>2537</span>      * @see KJUR.asn1.x509.GeneralName
+<span class='line'>2538</span>      * @see KJUR.asn1.x509.GeneralNames
+<span class='line'>2539</span>      *
+<span class='line'>2540</span>      * @description
+<span class='line'>2541</span>      * This method will get Name parameter defined in
+<span class='line'>2542</span>      * &lt;a href="https://tools.ietf.org/html/rfc5280#section-4.1.2.4">
+<span class='line'>2543</span>      * RFC 5280 4.1.2.4&lt;/a>.
+<span class='line'>2544</span>      * &lt;pre>
+<span class='line'>2545</span>      * Name ::= CHOICE { -- only one possibility for now --
+<span class='line'>2546</span>      *   rdnSequence  RDNSequence }
+<span class='line'>2547</span>      * RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
+<span class='line'>2548</span>      * &lt;/pre>
+<span class='line'>2549</span>      * &lt;br>
+<span class='line'>2550</span>      * NOTE: From jsrsasign 10.6.0, flagHex and flagCanon has been 
+<span class='line'>2551</span>      * supported to conclude a canonicalized name for caseIgnoreMatch
+<span class='line'>2552</span>      * desribed in &lt;a href="https://tools.ietf.org/html/rfc4518">
+<span class='line'>2553</span>      * RFC 4518&lt;/a>.
+<span class='line'>2554</span>      *
+<span class='line'>2555</span>      * @example
+<span class='line'>2556</span>      * x = new X509();
+<span class='line'>2557</span>      * x.getX500Name("30...") &rarr;
+<span class='line'>2558</span>      * { array: [
+<span class='line'>2559</span>      *     [{type:"C",value:"US",ds:"prn"}],
+<span class='line'>2560</span>      *     [{type:"O",value:"Sample Corp.",ds:"utf8"}],
+<span class='line'>2561</span>      *     [{type:"CN",value:"john.smith@example.com",ds:"ia5"}]
+<span class='line'>2562</span>      *   ],
+<span class='line'>2563</span>      *   str: "/C=US/O=Sample Corp./CN=john.smith@example.com",
+<span class='line'>2564</span>      *   hex: "30..." }
+<span class='line'>2565</span>      *
+<span class='line'>2566</span>      * x.getX500Name("30...", true) &rarr;
+<span class='line'>2567</span>      * { array: [
+<span class='line'>2568</span>      *     [{type:"C",value:"US",ds:"prn"}],
+<span class='line'>2569</span>      *     [{type:"O",value:"Sample    Corp.",ds:"utf8"}]
+<span class='line'>2570</span>      *   ],
+<span class='line'>2571</span>      *   str: "/C=US/O=Sample    Corp.",
+<span class='line'>2572</span>      *   canon: "/c=us/o=sample corp.",
+<span class='line'>2573</span>      *   hex: "30..." }
+<span class='line'>2574</span>      */</span><span class="WHIT">
+<span class='line'>2575</span> </span><span class="WHIT">    </span><span class="NAME">this.getX500Name</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">flagCanon</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">flagHex</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2576</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getX500NameArray</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2577</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.dnarraytostr</span><span class="PUNC">(</span><span class="NAME">a</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2578</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT"> </span><span class="NAME">str</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2579</span> 
+<span class='line'>2580</span> </span><span class="WHIT">	</span><span class="NAME">result.array</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2581</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">flagHex</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.hex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">h</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2582</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">flagCanon</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.canon</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.c14nRDNArray</span><span class="PUNC">(</span><span class="NAME">a</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2583</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2584</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2585</span> 
+<span class='line'>2586</span> </span><span class="WHIT">    </span><span class="COMM">// ===== END X500Name related =====================================</span><span class="WHIT">
+<span class='line'>2587</span> 
+<span class='line'>2588</span> </span><span class="WHIT">    </span><span class="COMM">// ===== BEGIN read certificate =====================================</span><span class="WHIT">
+<span class='line'>2589</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>2590</span>      * read PEM formatted X.509 certificate from string.&lt;br/>
+<span class='line'>2591</span>      * @name readCertPEM
+<span class='line'>2592</span>      * @memberOf X509#
+<span class='line'>2593</span>      * @function
+<span class='line'>2594</span>      * @param {String} sCertPEM string for PEM formatted X.509 certificate
+<span class='line'>2595</span>      * @example
+<span class='line'>2596</span>      * x = new X509();
+<span class='line'>2597</span>      * x.readCertPEM(sCertPEM); // read certificate
+<span class='line'>2598</span>      */</span><span class="WHIT">
+<span class='line'>2599</span> </span><span class="WHIT">    </span><span class="NAME">this.readCertPEM</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">sCertPEM</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2600</span> </span><span class="WHIT">        </span><span class="NAME">this.readCertHex</span><span class="PUNC">(</span><span class="NAME">_pemtohex</span><span class="PUNC">(</span><span class="NAME">sCertPEM</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2601</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2602</span> 
+<span class='line'>2603</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>2604</span>      * read a hexadecimal string of X.509 certificate&lt;br/>
+<span class='line'>2605</span>      * @name readCertHex
+<span class='line'>2606</span>      * @memberOf X509#
+<span class='line'>2607</span>      * @function
+<span class='line'>2608</span>      * @param {String} sCertHex hexadecimal string of X.509 certificate
+<span class='line'>2609</span>      * @since jsrsasign 7.1.4 x509 1.1.13
+<span class='line'>2610</span>      * @description
+<span class='line'>2611</span>      * NOTE: {@link X509#parseExt} will called internally since jsrsasign 7.2.0.
+<span class='line'>2612</span>      * @example
+<span class='line'>2613</span>      * x = new X509();
+<span class='line'>2614</span>      * x.readCertHex("3082..."); // read certificate
+<span class='line'>2615</span>      */</span><span class="WHIT">
+<span class='line'>2616</span> </span><span class="WHIT">    </span><span class="NAME">this.readCertHex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">sCertHex</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2617</span> </span><span class="WHIT">        </span><span class="NAME">this.hex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">sCertHex</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2618</span> </span><span class="WHIT">	</span><span class="NAME">this.getVersion</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="COMM">// set version parameter</span><span class="WHIT">
+<span class='line'>2619</span> 
+<span class='line'>2620</span> </span><span class="WHIT">	</span><span class="KEYW">try</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2621</span> </span><span class="WHIT">	    </span><span class="NAME">_getIdxbyList</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">7</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"a3"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="COMM">// has [3] v3ext</span><span class="WHIT">
+<span class='line'>2622</span> </span><span class="WHIT">	    </span><span class="NAME">this.parseExt</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2623</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">catch</span><span class="PUNC">(</span><span class="NAME">ex</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2624</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2625</span> 
+<span class='line'>2626</span> </span><span class="WHIT">    </span><span class="COMM">// ===== END read certificate =====================================</span><span class="WHIT">
+<span class='line'>2627</span> 
+<span class='line'>2628</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>2629</span>      * get JSON object of certificate parameters&lt;br/>
+<span class='line'>2630</span>      * @name getParam
+<span class='line'>2631</span>      * @memberOf X509#
+<span class='line'>2632</span>      * @function
+<span class='line'>2633</span>      * @param {Object} option optional setting for return object
+<span class='line'>2634</span>      * @return {Object} JSON object of certificate parameters
+<span class='line'>2635</span>      * @since jsrsasign 9.0.0 x509 2.0.0
+<span class='line'>2636</span>      * @see KJUR.asn1.x509.X509Util.newCertPEM
+<span class='line'>2637</span>      *
+<span class='line'>2638</span>      * @description
+<span class='line'>2639</span>      * This method returns a JSON object of the certificate
+<span class='line'>2640</span>      * parameters. Return value can be passed to
+<span class='line'>2641</span>      * {@link KJUR.asn1.x509.X509Util.newCertPEM}.
+<span class='line'>2642</span>      * &lt;br/>
+<span class='line'>2643</span>      * NOTE1: From jsrsasign 10.5.16, optional argument can be applied.
+<span class='line'>2644</span>      * It can have following members:
+<span class='line'>2645</span>      * &lt;ul>
+<span class='line'>2646</span>      * &lt;li>tbshex - (boolean) tbshex member with hex value of 
+<span class='line'>2647</span>      * tbsCertificate will be added if true (DEFAULT undefined)&lt;/li>
+<span class='line'>2648</span>      * &lt;li>nodnarray - (boolean) array member for subject and
+<span class='line'>2649</span>      * issuer will be deleted to simplify it if true (DEFAULT undefined)&lt;li>
+<span class='line'>2650</span>      * &lt;li>dncanon - (boolean) add canon member to subject and issuer for DN StringPrep if true(DEFAULT undefined)&lt;/li>
+<span class='line'>2651</span>      * &lt;li>dnhex - (boolean) add hex member to subject and issuer if true(DEFAULT undefined)&lt;/li>
+<span class='line'>2652</span>      * &lt;/ul>
+<span class='line'>2653</span>      * &lt;br/>
+<span class='line'>2654</span>      * NOTE2: From jsrsasign 10.6.0, member "dncanon" and "dnhex" supported
+<span class='line'>2655</span>      * in the "option" argument.
+<span class='line'>2656</span>      *
+<span class='line'>2657</span>      * @example
+<span class='line'>2658</span>      * x = new X509();
+<span class='line'>2659</span>      * x.readCertPEM("-----BEGIN CERTIFICATE...");
+<span class='line'>2660</span>      * x.getParam() &rarr;
+<span class='line'>2661</span>      * {version:3,
+<span class='line'>2662</span>      *  serial:{hex:"12ab"},
+<span class='line'>2663</span>      *  sigalg:"SHA256withRSA",
+<span class='line'>2664</span>      *  issuer: {array:[[{type:'CN',value:'CA1',ds:'prn'}]],str:"/O=CA1"},
+<span class='line'>2665</span>      *  notbefore:"160403023700Z",
+<span class='line'>2666</span>      *  notafter:"160702023700Z",
+<span class='line'>2667</span>      *  subject: {array:[[{type:'CN',value:'Test1',ds:'prn'}]],str:"/CN=Test1"},
+<span class='line'>2668</span>      *  sbjpubkey:"-----BEGIN PUBLIC KEY...",
+<span class='line'>2669</span>      *  ext:[
+<span class='line'>2670</span>      *   {extname:"keyUsage",critical:true,names:["digitalSignature"]},
+<span class='line'>2671</span>      *   {extname:"basicConstraints",critical:true},
+<span class='line'>2672</span>      *   {extname:"subjectKeyIdentifier",kid:{hex:"f2eb..."}},
+<span class='line'>2673</span>      *   {extname:"authorityKeyIdentifier",kid:{hex:"12ab..."}},
+<span class='line'>2674</span>      *   {extname:"authorityInfoAccess",array:[{ocsp:"http://ocsp.example.com/"}]},
+<span class='line'>2675</span>      *   {extname:"certificatePolicies",array:[{policyoid:"2.23.140.1.2.1"}]}
+<span class='line'>2676</span>      *  ],
+<span class='line'>2677</span>      *  sighex:"0b76...8"
+<span class='line'>2678</span>      * };
+<span class='line'>2679</span>      *
+<span class='line'>2680</span>      * x.getParam({tbshex: true}) &rarr; { ... , tbshex: "30..." }
+<span class='line'>2681</span>      * x.getParam({nodnarray: true}) &rarr; {issuer: {str: "/C=JP"}, ...}
+<span class='line'>2682</span>      * x.getParam({dncanon: true}) &rarr; {... {issuer: {canon: "/c=jp/o=..."} ...} ...}
+<span class='line'>2683</span>      * x.getParam({dnhex: true}) &rarr; {... {issuer: {hex: "30..."} ...} ...}
+<span class='line'>2684</span>      */</span><span class="WHIT">
+<span class='line'>2685</span> </span><span class="WHIT">    </span><span class="NAME">this.getParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">option</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2686</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2687</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">option</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">option</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2688</span> 
+<span class='line'>2689</span> </span><span class="WHIT">	</span><span class="NAME">result.version</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getVersion</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2690</span> </span><span class="WHIT">	</span><span class="NAME">result.serial</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="NAME">hex</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">this.getSerialNumberHex</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2691</span> </span><span class="WHIT">	</span><span class="NAME">result.sigalg</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getSignatureAlgorithmField</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2692</span> </span><span class="WHIT">	</span><span class="NAME">result.issuer</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getIssuer</span><span class="PUNC">(</span><span class="NAME">option.dncanon</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">option.dnhex</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2693</span> </span><span class="WHIT">	</span><span class="NAME">result.notbefore</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getNotBefore</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2694</span> </span><span class="WHIT">	</span><span class="NAME">result.notafter</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getNotAfter</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2695</span> </span><span class="WHIT">	</span><span class="NAME">result.subject</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getSubject</span><span class="PUNC">(</span><span class="NAME">option.dncanon</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">option.dnhex</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2696</span> </span><span class="WHIT">	</span><span class="NAME">result.sbjpubkey</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">hextopem</span><span class="PUNC">(</span><span class="NAME">this.getPublicKeyHex</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"PUBLIC KEY"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2697</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">this.aExtInfo</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT">
+<span class='line'>2698</span> </span><span class="WHIT">	    </span><span class="NAME">this.aExtInfo.length</span><span class="WHIT"> </span><span class="PUNC">></span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2699</span> </span><span class="WHIT">	    </span><span class="NAME">result.ext</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtParamArray</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2700</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2701</span> </span><span class="WHIT">	</span><span class="NAME">result.sighex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getSignatureValueHex</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2702</span> 
+<span class='line'>2703</span> </span><span class="WHIT">	</span><span class="COMM">// for options</span><span class="WHIT">
+<span class='line'>2704</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">option.tbshex</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2705</span> </span><span class="WHIT">	    </span><span class="NAME">result.tbshex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLVbyList</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2706</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2707</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">option.nodnarray</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2708</span> </span><span class="WHIT">	    </span><span class="KEYW">delete</span><span class="WHIT"> </span><span class="NAME">result.issuer.array</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2709</span> </span><span class="WHIT">	    </span><span class="KEYW">delete</span><span class="WHIT"> </span><span class="NAME">result.subject.array</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2710</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2711</span> 
+<span class='line'>2712</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2713</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2714</span> 
+<span class='line'>2715</span> </span><span class="WHIT">    </span><span class="COMM">/** 
+<span class='line'>2716</span>      * get array of certificate extension parameter JSON object&lt;br/>
+<span class='line'>2717</span>      * @name getExtParamArray
+<span class='line'>2718</span>      * @memberOf X509#
+<span class='line'>2719</span>      * @function
+<span class='line'>2720</span>      * @param {String} hExtSeq hexadecimal string of SEQUENCE of Extension
+<span class='line'>2721</span>      * @return {Array} array of certificate extension parameter JSON object
+<span class='line'>2722</span>      * @since jsrsasign 9.0.0 x509 2.0.0
+<span class='line'>2723</span>      * @see KJUR.asn1.x509.X509Util.newCertPEM
+<span class='line'>2724</span>      * @see X509#getParam
+<span class='line'>2725</span>      * @see X509#getExtParam
+<span class='line'>2726</span>      * @see X509CRL#getParam
+<span class='line'>2727</span>      * @see KJUR.asn1.csr.CSRUtil.getParam
+<span class='line'>2728</span>      *
+<span class='line'>2729</span>      * @description
+<span class='line'>2730</span>      * This method returns an array of certificate extension
+<span class='line'>2731</span>      * parameters. 
+<span class='line'>2732</span>      * &lt;br/>
+<span class='line'>2733</span>      * NOTE: Argument "hExtSeq" have been supported since jsrsasign 9.1.1.
+<span class='line'>2734</span>      *
+<span class='line'>2735</span>      * @example
+<span class='line'>2736</span>      * x = new X509();
+<span class='line'>2737</span>      * x.readCertPEM("-----BEGIN CERTIFICATE...");
+<span class='line'>2738</span>      * x.getExtParamArray() &rarr;
+<span class='line'>2739</span>      * [ {extname:"keyUsage",critical:true,names:["digitalSignature"]},
+<span class='line'>2740</span>      *   {extname:"basicConstraints",critical:true},
+<span class='line'>2741</span>      *   {extname:"subjectKeyIdentifier",kid:{hex:"f2eb..."}},
+<span class='line'>2742</span>      *   {extname:"authorityKeyIdentifier",kid:{hex:"12ab..."}},
+<span class='line'>2743</span>      *   {extname:"authorityInfoAccess",array:[{ocsp:"http://ocsp.example.com/"}]},
+<span class='line'>2744</span>      *   {extname:"certificatePolicies",array:[{policyoid:"2.23.140.1.2.1"}]}]
+<span class='line'>2745</span>      */</span><span class="WHIT">
+<span class='line'>2746</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtParamArray</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExtSeq</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2747</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hExtSeq</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2748</span> </span><span class="WHIT">	    </span><span class="COMM">// for X.509v3 certificate</span><span class="WHIT">
+<span class='line'>2749</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">idx1</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getIdxbyListEx</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"[3]"</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2750</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">idx1</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="PUNC">-</span><span class="NUMB">1</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2751</span> </span><span class="WHIT">		</span><span class="NAME">hExtSeq</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLVbyListEx</span><span class="PUNC">(</span><span class="NAME">this.hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"[3]"</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"30"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2752</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2753</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2754</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2755</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">hExtSeq</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2756</span> 
+<span class='line'>2757</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">aIdx.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2758</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hExt</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLV</span><span class="PUNC">(</span><span class="NAME">hExtSeq</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2759</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtParam</span><span class="PUNC">(</span><span class="NAME">hExt</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2760</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="KEYW">null</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">result.push</span><span class="PUNC">(</span><span class="NAME">extParam</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2761</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2762</span> 
+<span class='line'>2763</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2764</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2765</span> 
+<span class='line'>2766</span> </span><span class="WHIT">    </span><span class="COMM">/** 
+<span class='line'>2767</span>      * get a extension parameter JSON object&lt;br/>
+<span class='line'>2768</span>      * @name getExtParam
+<span class='line'>2769</span>      * @memberOf X509#
+<span class='line'>2770</span>      * @function
+<span class='line'>2771</span>      * @param {String} hExt hexadecimal string of Extension
+<span class='line'>2772</span>      * @return {Array} Extension parameter JSON object
+<span class='line'>2773</span>      * @since jsrsasign 9.1.1 x509 2.0.1
+<span class='line'>2774</span>      * @see KJUR.asn1.x509.X509Util.newCertPEM
+<span class='line'>2775</span>      * @see X509#getParam
+<span class='line'>2776</span>      * @see X509#getExtParamArray
+<span class='line'>2777</span>      * @see X509CRL#getParam
+<span class='line'>2778</span>      * @see KJUR.asn1.csr.CSRUtil.getParam
+<span class='line'>2779</span>      *
+<span class='line'>2780</span>      * @description
+<span class='line'>2781</span>      * This method returns a extension parameters as JSON object. 
+<span class='line'>2782</span>      *
+<span class='line'>2783</span>      * @example
+<span class='line'>2784</span>      * x = new X509();
+<span class='line'>2785</span>      * ...
+<span class='line'>2786</span>      * x.getExtParam("30...") &rarr;
+<span class='line'>2787</span>      * {extname:"keyUsage",critical:true,names:["digitalSignature"]}
+<span class='line'>2788</span>      */</span><span class="WHIT">
+<span class='line'>2789</span> </span><span class="WHIT">    </span><span class="NAME">this.getExtParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hExt</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2790</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2791</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getChildIdx</span><span class="PUNC">(</span><span class="NAME">hExt</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2792</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aIdxLen</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">aIdx.length</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2793</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">aIdxLen</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">aIdxLen</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NUMB">3</span><span class="PUNC">)</span><span class="WHIT">
+<span class='line'>2794</span> </span><span class="WHIT">	    </span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Error</span><span class="PUNC">(</span><span class="STRN">"wrong number elements in Extension: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> 
+<span class='line'>2795</span> 			    </span><span class="NAME">aIdxLen</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">" "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">hExt</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2796</span> 
+<span class='line'>2797</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_hextooidstr</span><span class="PUNC">(</span><span class="NAME">_getVbyList</span><span class="PUNC">(</span><span class="NAME">hExt</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"06"</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2798</span> 
+<span class='line'>2799</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">false</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2800</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">aIdxLen</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NUMB">3</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">_getTLVbyList</span><span class="PUNC">(</span><span class="NAME">hExt</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">1</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"0101ff"</span><span class="PUNC">)</span><span class="WHIT">
+<span class='line'>2801</span> </span><span class="WHIT">	    </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2802</span> 
+<span class='line'>2803</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getTLVbyList</span><span class="PUNC">(</span><span class="NAME">hExt</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NAME">aIdxLen</span><span class="WHIT"> </span><span class="PUNC">-</span><span class="WHIT"> </span><span class="NUMB">1</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2804</span> 
+<span class='line'>2805</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2806</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"2.5.29.14"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2807</span> </span><span class="WHIT">	    </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtSubjectKeyIdentifier</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2808</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"2.5.29.15"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2809</span> </span><span class="WHIT">	    </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtKeyUsage</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2810</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"2.5.29.17"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2811</span> </span><span class="WHIT">	    </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtSubjectAltName</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2812</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"2.5.29.18"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2813</span> </span><span class="WHIT">	    </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtIssuerAltName</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2814</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"2.5.29.19"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2815</span> </span><span class="WHIT">	    </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtBasicConstraints</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2816</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"2.5.29.30"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2817</span> </span><span class="WHIT">	    </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtNameConstraints</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2818</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"2.5.29.31"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2819</span> </span><span class="WHIT">	    </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtCRLDistributionPoints</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2820</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"2.5.29.32"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2821</span> </span><span class="WHIT">	    </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtCertificatePolicies</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2822</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"2.5.29.35"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2823</span> </span><span class="WHIT">	    </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtAuthorityKeyIdentifier</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2824</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"2.5.29.37"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2825</span> </span><span class="WHIT">	    </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtExtKeyUsage</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2826</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"1.3.6.1.5.5.7.1.1"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2827</span> </span><span class="WHIT">	    </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtAuthorityInfoAccess</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2828</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"2.5.29.20"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2829</span> </span><span class="WHIT">	    </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtCRLNumber</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2830</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"2.5.29.21"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2831</span> </span><span class="WHIT">	    </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtCRLReason</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2832</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"1.3.6.1.5.5.7.48.1.2"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2833</span> </span><span class="WHIT">	    </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtOcspNonce</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2834</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"1.3.6.1.5.5.7.48.1.5"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2835</span> </span><span class="WHIT">	    </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtOcspNoCheck</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2836</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">oid</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"1.2.840.113583.1.1.9.1"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2837</span> </span><span class="WHIT">	    </span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtAdobeTimeStamp</span><span class="PUNC">(</span><span class="NAME">hExtV</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2838</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2839</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">extParam</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">extParam</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2840</span> 
+<span class='line'>2841</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">privateParam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT"> </span><span class="NAME">extname</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">oid</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">extn</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">hExtV</span><span class="WHIT"> </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2842</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">critical</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">privateParam.critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2843</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">privateParam</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2844</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2845</span> 
+<span class='line'>2846</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>2847</span>      * find extension parameter in array&lt;br/>
+<span class='line'>2848</span>      * @name findExt
+<span class='line'>2849</span>      * @memberOf X509#
+<span class='line'>2850</span>      * @function
+<span class='line'>2851</span>      * @param {Array} aExt array of extension parameters
+<span class='line'>2852</span>      * @param {String} extname extension name
+<span class='line'>2853</span>      * @return {Array} extension parameter in the array or null
+<span class='line'>2854</span>      * @since jsrsasign 10.0.3 x509 2.0.7
+<span class='line'>2855</span>      * @see X509#getParam
+<span class='line'>2856</span>      *
+<span class='line'>2857</span>      * @description
+<span class='line'>2858</span>      * This method returns an extension parameter for
+<span class='line'>2859</span>      * specified extension name in the array.
+<span class='line'>2860</span>      * This method is useful to update extension parameter value.
+<span class='line'>2861</span>      * When there is no such extension with the extname,
+<span class='line'>2862</span>      * this returns "null".
+<span class='line'>2863</span>      *
+<span class='line'>2864</span>      * @example
+<span class='line'>2865</span>      * // (1) 
+<span class='line'>2866</span>      * x = new X509(CERTPEM);
+<span class='line'>2867</span>      * params = x.getParam();
+<span class='line'>2868</span>      * pSKID = x.findExt(params.ext, "subjectKeyIdentifier");
+<span class='line'>2869</span>      * pSKID.kid = "1234abced..."; // skid in the params is updated.
+<span class='line'>2870</span>      *   // then params was updated
+<span class='line'>2871</span>      *
+<span class='line'>2872</span>      * // (2) another example
+<span class='line'>2873</span>      * aExt = [
+<span class='line'>2874</span>      *   {extname:"keyUsage",critical:true,names:["digitalSignature"]},
+<span class='line'>2875</span>      *   {extname:"basicConstraints",critical:true},
+<span class='line'>2876</span>      *   {extname:"subjectKeyIdentifier",kid:{hex:"f2eb..."}},
+<span class='line'>2877</span>      *   {extname:"authorityKeyIdentifier",kid:{hex:"12ab..."}},
+<span class='line'>2878</span>      *   {extname:"authorityInfoAccess",array:[{ocsp:"http://ocsp.example.com/"}]},
+<span class='line'>2879</span>      *   {extname:"certificatePolicies",array:[{policyoid:"2.23.140.1.2.1"}]}
+<span class='line'>2880</span>      * ];
+<span class='line'>2881</span>      * var x = new X509();
+<span class='line'>2882</span>      * x.findExt(aExt, "authorityKeyInfoAccess").array[0].ocsp = "http://aaa.com";
+<span class='line'>2883</span>      * pKU = x.findExt(aExt, "keyUsage");
+<span class='line'>2884</span>      * delete pKU["critical"]; // clear criticla flag
+<span class='line'>2885</span>      * pKU.names = ["keyCertSign", "cRLSign"];
+<span class='line'>2886</span>      *   // then aExt was updated
+<span class='line'>2887</span>      */</span><span class="WHIT">
+<span class='line'>2888</span> </span><span class="WHIT">    </span><span class="NAME">this.findExt</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">aExt</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">extname</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2889</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">aExt.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2890</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">aExt</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">extname</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NAME">extname</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">aExt</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2891</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2892</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="KEYW">null</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2893</span> 
+<span class='line'>2894</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2895</span> 
+<span class='line'>2896</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>2897</span>      * update CRLDistributionPoints Full URI in parameter&lt;br/>
+<span class='line'>2898</span>      * @name updateCDPFullURI
+<span class='line'>2899</span>      * @memberOf X509#
+<span class='line'>2900</span>      * @function
+<span class='line'>2901</span>      * @param {Array} aExt array of extension parameters
+<span class='line'>2902</span>      * @param {String} newURI string of new uri
+<span class='line'>2903</span>      * @since jsrsasign 10.0.4 x509 2.0.8
+<span class='line'>2904</span>      * @see X509#findExt
+<span class='line'>2905</span>      * @see KJUR.asn1.x509.CRLDistributionPoints
+<span class='line'>2906</span>      *
+<span class='line'>2907</span>      * @description
+<span class='line'>2908</span>      * This method updates Full URI of CRLDistributionPoints extension
+<span class='line'>2909</span>      * in the extension parameter array if it exists.
+<span class='line'>2910</span>      *
+<span class='line'>2911</span>      * @example
+<span class='line'>2912</span>      * aExt = [
+<span class='line'>2913</span>      *   {extname:"authorityKeyIdentifier",kid:{hex:"12ab..."}},
+<span class='line'>2914</span>      *   {extname:"cRLDistributionPoints",
+<span class='line'>2915</span>      *    array:[{dpname:{full:[{uri:"http://example.com/a.crl"}]}}]},
+<span class='line'>2916</span>      * ];
+<span class='line'>2917</span>      * x = new X509();
+<span class='line'>2918</span>      * x.updateCDPFullURI(aExt, "http://crl2.example.new/b.crl");
+<span class='line'>2919</span>      */</span><span class="WHIT">
+<span class='line'>2920</span> </span><span class="WHIT">    </span><span class="NAME">this.updateExtCDPFullURI</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">aExt</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">newURI</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2921</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">pExt</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.findExt</span><span class="PUNC">(</span><span class="NAME">aExt</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"cRLDistributionPoints"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2922</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">pExt</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="KEYW">null</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2923</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">pExt.array</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2924</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aDP</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">pExt.array</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2925</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">aDP.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2926</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">aDP</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">dpname</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">continue</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2927</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">aDP</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">dpname.full</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">continue</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2928</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aURI</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">aDP</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">dpname.full</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2929</span> </span><span class="WHIT">	    </span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">j</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">j</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">aURI.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">j</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2930</span> </span><span class="WHIT">		</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">pURI</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">aURI</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2931</span> </span><span class="WHIT">		</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">pURI.uri</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">continue</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2932</span> </span><span class="WHIT">		</span><span class="NAME">pURI.uri</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">newURI</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2933</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2934</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2935</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2936</span> 
+<span class='line'>2937</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>2938</span>      * update authorityInfoAccess ocsp in parameter&lt;br/>
+<span class='line'>2939</span>      * @name updateAIAOCSP
+<span class='line'>2940</span>      * @memberOf X509#
+<span class='line'>2941</span>      * @function
+<span class='line'>2942</span>      * @param {Array} aExt array of extension parameters
+<span class='line'>2943</span>      * @param {String} newURI string of new uri
+<span class='line'>2944</span>      * @since jsrsasign 10.0.4 x509 2.0.8
+<span class='line'>2945</span>      * @see X509#findExt
+<span class='line'>2946</span>      * @see KJUR.asn1.x509.AuthorityInfoAccess
+<span class='line'>2947</span>      *
+<span class='line'>2948</span>      * @description
+<span class='line'>2949</span>      * This method updates "ocsp" accessMethod URI of 
+<span class='line'>2950</span>      * AuthorityInfoAccess extension
+<span class='line'>2951</span>      * in the extension parameter array if it exists.
+<span class='line'>2952</span>      *
+<span class='line'>2953</span>      * @example
+<span class='line'>2954</span>      * aExt = [
+<span class='line'>2955</span>      *   {extname:"authorityKeyIdentifier",kid:{hex:"12ab..."}},
+<span class='line'>2956</span>      *   {extname:"authoriyInfoAccess",
+<span class='line'>2957</span>      *    array:[
+<span class='line'>2958</span>      *      {ocsp: "http://ocsp1.example.com"},
+<span class='line'>2959</span>      *      {caissuer: "http://example.com/a.crt"}
+<span class='line'>2960</span>      *    ]}
+<span class='line'>2961</span>      * ];
+<span class='line'>2962</span>      * x = new X509();
+<span class='line'>2963</span>      * x.updateAIAOCSP(aExt, "http://ocsp2.example.net");
+<span class='line'>2964</span>      */</span><span class="WHIT">
+<span class='line'>2965</span> </span><span class="WHIT">    </span><span class="NAME">this.updateExtAIAOCSP</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">aExt</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">newURI</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2966</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">pExt</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.findExt</span><span class="PUNC">(</span><span class="NAME">aExt</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"authorityInfoAccess"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2967</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">pExt</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="KEYW">null</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2968</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">pExt.array</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2969</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">pExt.array</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2970</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>2971</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">ocsp</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">ocsp</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">newURI</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2972</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>2973</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>2974</span> 
+<span class='line'>2975</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>2976</span>      * update authorityInfoAccess caIssuer in parameter&lt;br/>
+<span class='line'>2977</span>      * @name updateAIACAIssuer
+<span class='line'>2978</span>      * @memberOf X509#
+<span class='line'>2979</span>      * @function
+<span class='line'>2980</span>      * @param {Array} aExt array of extension parameters
+<span class='line'>2981</span>      * @param {String} newURI string of new uri
+<span class='line'>2982</span>      * @since jsrsasign 10.0.4 x509 2.0.8
+<span class='line'>2983</span>      * @see X509#findExt
+<span class='line'>2984</span>      * @see KJUR.asn1.x509.AuthorityInfoAccess
+<span class='line'>2985</span>      *
+<span class='line'>2986</span>      * @description
+<span class='line'>2987</span>      * This method updates "caIssuer" accessMethod URI of 
+<span class='line'>2988</span>      * AuthorityInfoAccess extension
+<span class='line'>2989</span>      * in the extension parameter array if it exists.
+<span class='line'>2990</span>      *
+<span class='line'>2991</span>      * @example
+<span class='line'>2992</span>      * aExt = [
+<span class='line'>2993</span>      *   {extname:"authorityKeyIdentifier",kid:{hex:"12ab..."}},
+<span class='line'>2994</span>      *   {extname:"authoriyInfoAccess",
+<span class='line'>2995</span>      *    array:[
+<span class='line'>2996</span>      *      {ocsp: "http://ocsp1.example.com"},
+<span class='line'>2997</span>      *      {caissuer: "http://example.com/a.crt"}
+<span class='line'>2998</span>      *    ]}
+<span class='line'>2999</span>      * ];
+<span class='line'>3000</span>      * x = new X509();
+<span class='line'>3001</span>      * x.updateAIACAIssuer(aExt, "http://example.net/b.crt");
+<span class='line'>3002</span>      */</span><span class="WHIT">
+<span class='line'>3003</span> </span><span class="WHIT">    </span><span class="NAME">this.updateExtAIACAIssuer</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">aExt</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">newURI</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3004</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">pExt</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.findExt</span><span class="PUNC">(</span><span class="NAME">aExt</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"authorityInfoAccess"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3005</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">pExt</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="KEYW">null</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3006</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">pExt.array</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3007</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">pExt.array</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3008</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3009</span> </span><span class="WHIT">	    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">caissuer</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">caissuer</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">newURI</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3010</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>3011</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3012</span> 
+<span class='line'>3013</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>3014</span>      * convert array for X500 distinguish name to distinguish name string&lt;br/>
+<span class='line'>3015</span>      * @name dnarraytostr
+<span class='line'>3016</span>      * @memberOf X509#
+<span class='line'>3017</span>      * @function
+<span class='line'>3018</span>      * @param {Array} aDN array for X500 distinguish name
+<span class='line'>3019</span>      * @return {String} distinguish name
+<span class='line'>3020</span>      * @since jsrsasign 10.0.6 x509 2.0.8
+<span class='line'>3021</span>      * @see X509#getX500Name
+<span class='line'>3022</span>      * @see X509#getX500NameArray
+<span class='line'>3023</span>      * @see KJUR.asn1.x509.X500Name
+<span class='line'>3024</span>      *
+<span class='line'>3025</span>      * @description
+<span class='line'>3026</span>      * This method converts from an array representation of 
+<span class='line'>3027</span>      * X.500 distinguished name to X.500 name string.
+<span class='line'>3028</span>      * This supports multi-valued RDN.
+<span class='line'>3029</span>      * 
+<span class='line'>3030</span>      * @example
+<span class='line'>3031</span>      * var x = new X509();
+<span class='line'>3032</span>      * x.dnarraytostr(
+<span class='line'>3033</span>      *   [[{type:"C",value:"JP",ds:"prn"}],
+<span class='line'>3034</span>      *   [{type:"O",value:"T1",ds:"prn"}]]) &rarr; "/C=JP/O=T1"
+<span class='line'>3035</span>      * x.dnarraytostr(
+<span class='line'>3036</span>      *   [[{type:"C",value:"JP",ds:"prn"}],
+<span class='line'>3037</span>      *   [{type:"O",value:"T1",ds:"prn"}
+<span class='line'>3038</span>      *    {type:"CN",value:"Bob",ds:"prn"}]]) &rarr; "/C=JP/O=T1+CN=Bob"
+<span class='line'>3039</span>      */</span><span class="WHIT">
+<span class='line'>3040</span> </span><span class="WHIT">    </span><span class="NAME">this.dnarraytostr</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">aDN</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3041</span> </span><span class="WHIT">	</span><span class="KEYW">function</span><span class="WHIT"> </span><span class="NAME">rdnarraytostr</span><span class="PUNC">(</span><span class="NAME">aRDN</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3042</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">aRDN.map</span><span class="PUNC">(</span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">x</span><span class="PUNC">)</span><span class="PUNC">{</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">atvtostr</span><span class="PUNC">(</span><span class="NAME">x</span><span class="PUNC">)</span><span class="PUNC">.</span><span class="NAME">replace</span><span class="PUNC">(</span><span class="REGX">/\+/</span><span class="PUNC">,</span><span class="STRN">"\\+"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="PUNC">}</span><span class="PUNC">)</span><span class="PUNC">.</span><span class="NAME">join</span><span class="PUNC">(</span><span class="STRN">"+"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
 <span class='line'>3043</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3044</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">_getCRLDistributionPointsStr</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">params</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3045</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">""</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3046</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">params.array</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3047</span> </span><span class="WHIT">	    </span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3048</span> </span><span class="WHIT">		</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">dp</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3049</span> </span><span class="WHIT">		</span><span class="KEYW">try</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3050</span> </span><span class="WHIT">		    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">dp.dpname.full</span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">uri</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT">
-<span class='line'>3051</span> </span><span class="WHIT">			</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"    "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">dp.dpname.full</span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">uri</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3052</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">catch</span><span class="PUNC">(</span><span class="NAME">ex</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3053</span> </span><span class="WHIT">		</span><span class="KEYW">try</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3054</span> </span><span class="WHIT">		    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">dp.dname.full</span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">dn.hex</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT">
-<span class='line'>3055</span> </span><span class="WHIT">			</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"    "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">X509.hex2dn</span><span class="PUNC">(</span><span class="NAME">dp.dpname.full</span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">dn.hex</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3056</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">catch</span><span class="PUNC">(</span><span class="NAME">ex</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3057</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>3058</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">s</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3059</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>3060</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">_getAuthorityInfoAccessStr</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">params</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3061</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">""</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3062</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">params.array</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3063</span> </span><span class="WHIT">	    </span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3064</span> </span><span class="WHIT">		</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">ad</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3065</span> 
-<span class='line'>3066</span> </span><span class="WHIT">		</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">ad.caissuer</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT">
-<span class='line'>3067</span> </span><span class="WHIT">		    </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"    caissuer: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">ad.caissuer</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3068</span> </span><span class="WHIT">		</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">ad.ocsp</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT">
-<span class='line'>3069</span> </span><span class="WHIT">		    </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"    ocsp: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">ad.ocsp</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3070</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>3071</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">s</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3072</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3073</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">_X509</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">X509</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3074</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">s</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">pubkey</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">aExt</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3075</span> </span><span class="WHIT">	</span><span class="NAME">s</span><span class="WHIT">  </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"Basic Fields\n"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3076</span> </span><span class="WHIT">        </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"  serial number: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">this.getSerialNumberHex</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3077</span> </span><span class="WHIT">	</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"  signature algorithm: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">this.getSignatureAlgorithmField</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3078</span> </span><span class="WHIT">	</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"  issuer: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">this.getIssuerString</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3079</span> </span><span class="WHIT">	</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"  notBefore: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">this.getNotBefore</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3080</span> </span><span class="WHIT">	</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"  notAfter: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">this.getNotAfter</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3081</span> </span><span class="WHIT">	</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"  subject: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">this.getSubjectString</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3082</span> </span><span class="WHIT">	</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"  subject public key info: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3083</span> 
-<span class='line'>3084</span> </span><span class="WHIT">	</span><span class="COMM">// subject public key info</span><span class="WHIT">
-<span class='line'>3085</span> </span><span class="WHIT">	</span><span class="NAME">pubkey</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getPublicKey</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3086</span> </span><span class="WHIT">	</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"    key algorithm: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">pubkey.type</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3087</span> 
-<span class='line'>3088</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">pubkey.type</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"RSA"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3089</span> </span><span class="WHIT">	    </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"    n="</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">hextoposhex</span><span class="PUNC">(</span><span class="NAME">pubkey.n.toString</span><span class="PUNC">(</span><span class="NUMB">16</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">.</span><span class="NAME">substr</span><span class="PUNC">(</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">16</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"...\n"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3090</span> </span><span class="WHIT">	    </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"    e="</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">hextoposhex</span><span class="PUNC">(</span><span class="NAME">pubkey.e.toString</span><span class="PUNC">(</span><span class="NUMB">16</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3091</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>3092</span> 
-<span class='line'>3093</span> </span><span class="WHIT">	</span><span class="COMM">// X.509v3 Extensions</span><span class="WHIT">
-<span class='line'>3094</span> </span><span class="WHIT">        </span><span class="NAME">aExt</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.aExtInfo</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3095</span> 
-<span class='line'>3096</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">aExt</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">aExt</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="KEYW">null</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3097</span> </span><span class="WHIT">            </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"X509v3 Extensions:\n"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3098</span> </span><span class="WHIT">	    
-<span class='line'>3099</span>             </span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">aExt.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3100</span> </span><span class="WHIT">		</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">aExt</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3101</span> 
-<span class='line'>3102</span> </span><span class="WHIT">		</span><span class="COMM">// show extension name and critical flag</span><span class="WHIT">
-<span class='line'>3103</span> </span><span class="WHIT">		</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">extName</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">KJUR.asn1.x509.OID.oid2name</span><span class="PUNC">(</span><span class="NAME">info</span><span class="PUNC">[</span><span class="STRN">"oid"</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3104</span> </span><span class="WHIT">		</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">extName</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">''</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">extName</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">info</span><span class="PUNC">[</span><span class="STRN">"oid"</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3105</span> 
-<span class='line'>3106</span> </span><span class="WHIT">		</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">''</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3107</span> </span><span class="WHIT">		</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="PUNC">[</span><span class="STRN">"critical"</span><span class="PUNC">]</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"CRITICAL"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3108</span> 
-<span class='line'>3109</span> </span><span class="WHIT">		</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"  "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">extName</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">" "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">":\n"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3110</span> 
-<span class='line'>3111</span> </span><span class="WHIT">		</span><span class="COMM">// show extension value if supported</span><span class="WHIT">
-<span class='line'>3112</span> </span><span class="WHIT">		</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">extName</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"basicConstraints"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3113</span> </span><span class="WHIT">		    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">bc</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtBasicConstraints</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3114</span> </span><span class="WHIT">		    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">bc.cA</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3115</span> </span><span class="WHIT">			</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"    {}\n"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3116</span> </span><span class="WHIT">		    </span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3117</span> </span><span class="WHIT">			</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"    cA=true"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3118</span> </span><span class="WHIT">			</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">bc.pathLen</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT">
-<span class='line'>3119</span> </span><span class="WHIT">			    </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">", pathLen="</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">bc.pathLen</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3120</span> </span><span class="WHIT">			</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3121</span> </span><span class="WHIT">		    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>3122</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">extName</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"keyUsage"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3123</span> </span><span class="WHIT">		    </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"    "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">this.getExtKeyUsageString</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3124</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">extName</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"subjectKeyIdentifier"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3125</span> </span><span class="WHIT">		    </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"    "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">this.getExtSubjectKeyIdentifier</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">.</span><span class="NAME">kid.hex</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3126</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">extName</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"authorityKeyIdentifier"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3127</span> </span><span class="WHIT">		    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">akid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtAuthorityKeyIdentifier</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3128</span> </span><span class="WHIT">		    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">akid.kid</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT">
-<span class='line'>3129</span> </span><span class="WHIT">			</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"    kid="</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">akid.kid.hex</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3130</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">extName</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"extKeyUsage"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3131</span> </span><span class="WHIT">		    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">eku</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtExtKeyUsage</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">.</span><span class="NAME">array</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3132</span> </span><span class="WHIT">		    </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"    "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">eku.join</span><span class="PUNC">(</span><span class="STRN">", "</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3133</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">extName</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"subjectAltName"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3134</span> </span><span class="WHIT">		    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">san</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getSubjectAltNameStr</span><span class="PUNC">(</span><span class="NAME">this.getExtSubjectAltName</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3135</span> </span><span class="WHIT">		    </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"    "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">san</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3136</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">extName</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"cRLDistributionPoints"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3137</span> </span><span class="WHIT">		    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">cdp</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtCRLDistributionPoints</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3138</span> </span><span class="WHIT">		    </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getCRLDistributionPointsStr</span><span class="PUNC">(</span><span class="NAME">cdp</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3139</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">extName</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"authorityInfoAccess"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3140</span> </span><span class="WHIT">		    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aia</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtAuthorityInfoAccess</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3141</span> </span><span class="WHIT">		    </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getAuthorityInfoAccessStr</span><span class="PUNC">(</span><span class="NAME">aia</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3142</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">extName</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"certificatePolicies"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3143</span> </span><span class="WHIT">		    </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getCertificatePoliciesStr</span><span class="PUNC">(</span><span class="NAME">this.getExtCertificatePolicies</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3144</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>3145</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>3146</span> </span><span class="WHIT">        </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>3147</span> 
-<span class='line'>3148</span> </span><span class="WHIT">	</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"signature algorithm: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">this.getSignatureAlgorithmName</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3149</span> </span><span class="WHIT">	</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"signature: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">this.getSignatureValueHex</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">.</span><span class="NAME">substr</span><span class="PUNC">(</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">16</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"...\n"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3150</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">s</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3151</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3152</span> 
-<span class='line'>3153</span> </span><span class="WHIT">    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">typeof</span><span class="WHIT"> </span><span class="NAME">params</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"string"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3154</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">params.indexOf</span><span class="PUNC">(</span><span class="STRN">"-----BEGIN"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="PUNC">-</span><span class="NUMB">1</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3155</span> </span><span class="WHIT">	    </span><span class="NAME">this.readCertPEM</span><span class="PUNC">(</span><span class="NAME">params</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3156</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">KJUR.lang.String.isHex</span><span class="PUNC">(</span><span class="NAME">params</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3157</span> </span><span class="WHIT">	    </span><span class="NAME">this.readCertHex</span><span class="PUNC">(</span><span class="NAME">params</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3158</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>3159</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>3160</span> </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3161</span> </span><span class="COMM">// ----- END of X509 class -----</span><span class="WHIT">
-<span class='line'>3162</span> 
-<span class='line'>3163</span> </span><span class="COMM">/**
-<span class='line'>3164</span>  * get distinguished name string in OpenSSL online format from hexadecimal string of ASN.1 DER X.500 name&lt;br/>
-<span class='line'>3165</span>  * @name hex2dn
-<span class='line'>3166</span>  * @memberOf X509
-<span class='line'>3167</span>  * @function
-<span class='line'>3168</span>  * @param {String} hex hexadecimal string of ASN.1 DER distinguished name
-<span class='line'>3169</span>  * @param {Integer} idx index of hexadecimal string (DEFAULT=0)
-<span class='line'>3170</span>  * @return {String} OpenSSL online format distinguished name
-<span class='line'>3171</span>  * @description
-<span class='line'>3172</span>  * This static method converts from a hexadecimal string of 
-<span class='line'>3173</span>  * distinguished name (DN)
-<span class='line'>3174</span>  * specified by 'hex' and 'idx' to OpenSSL oneline string representation (ex. /C=US/O=a).
-<span class='line'>3175</span>  * @example
-<span class='line'>3176</span>  * X509.hex2dn("3031310b3...") &rarr; /C=US/O=a/CN=b2+OU=b1
-<span class='line'>3177</span>  */</span><span class="WHIT">
-<span class='line'>3178</span> </span><span class="NAME">X509.hex2dn</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">idx</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3179</span> </span><span class="WHIT">    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">idx</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">idx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3180</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">x</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">X509</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3181</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hDN</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">ASN1HEX.getTLV</span><span class="PUNC">(</span><span class="NAME">hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">idx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3182</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">pDN</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">x.getX500Name</span><span class="PUNC">(</span><span class="NAME">hex</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3183</span> </span><span class="WHIT">    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">pDN.str</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3184</span> </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3185</span> 
-<span class='line'>3186</span> </span><span class="COMM">/**
-<span class='line'>3187</span>  * get relative distinguished name string in OpenSSL online format from hexadecimal string of ASN.1 DER RDN&lt;br/>
-<span class='line'>3188</span>  * @name hex2rdn
-<span class='line'>3189</span>  * @memberOf X509
-<span class='line'>3190</span>  * @function
-<span class='line'>3191</span>  * @param {String} hex hexadecimal string of ASN.1 DER concludes relative distinguished name
-<span class='line'>3192</span>  * @param {Integer} idx index of hexadecimal string (DEFAULT=0)
-<span class='line'>3193</span>  * @return {String} OpenSSL online format relative distinguished name
-<span class='line'>3194</span>  * @description
-<span class='line'>3195</span>  * This static method converts from a hexadecimal string of 
-<span class='line'>3196</span>  * relative distinguished name (RDN)
-<span class='line'>3197</span>  * specified by 'hex' and 'idx' to LDAP string representation (ex. O=test+CN=test).&lt;br/>
-<span class='line'>3198</span>  * NOTE: Multi-valued RDN is supported since jsnrsasign 6.2.2 x509 1.1.10.
-<span class='line'>3199</span>  * @example
-<span class='line'>3200</span>  * X509.hex2rdn("310a3008060355040a0c0161") &rarr; O=a
-<span class='line'>3201</span>  * X509.hex2rdn("31143008060355040a0c01613008060355040a0c0162") &rarr; O=a+O=b
-<span class='line'>3202</span>  */</span><span class="WHIT">
-<span class='line'>3203</span> </span><span class="NAME">X509.hex2rdn</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">idx</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3204</span> </span><span class="WHIT">    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">idx</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">idx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3205</span> </span><span class="WHIT">    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hex.substr</span><span class="PUNC">(</span><span class="NAME">idx</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="STRN">"31"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Error</span><span class="PUNC">(</span><span class="STRN">"malformed RDN"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3206</span> 
-<span class='line'>3207</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Array</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3208</span> 
-<span class='line'>3209</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">ASN1HEX.getChildIdx</span><span class="PUNC">(</span><span class="NAME">hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">idx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3210</span> </span><span class="WHIT">    </span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">aIdx.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3211</span> </span><span class="WHIT">	</span><span class="NAME">a.push</span><span class="PUNC">(</span><span class="NAME">X509.hex2attrTypeValue</span><span class="PUNC">(</span><span class="NAME">hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3212</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="WHIT">
-<span class='line'>3213</span> 
-<span class='line'>3214</span> </span><span class="WHIT">    </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">a.map</span><span class="PUNC">(</span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">s</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">s.replace</span><span class="PUNC">(</span><span class="STRN">"+"</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"\\+"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="PUNC">}</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3215</span> </span><span class="WHIT">    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">a.join</span><span class="PUNC">(</span><span class="STRN">"+"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3216</span> </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3217</span> 
-<span class='line'>3218</span> </span><span class="COMM">/**
-<span class='line'>3219</span>  * get string from hexadecimal string of ASN.1 DER AttributeTypeAndValue&lt;br/>
-<span class='line'>3220</span>  * @name hex2attrTypeValue
-<span class='line'>3221</span>  * @memberOf X509
-<span class='line'>3222</span>  * @function
-<span class='line'>3223</span>  * @param {String} hex hexadecimal string of ASN.1 DER concludes AttributeTypeAndValue
-<span class='line'>3224</span>  * @param {Integer} idx index of hexadecimal string (DEFAULT=0)
-<span class='line'>3225</span>  * @return {String} string representation of AttributeTypeAndValue (ex. C=US)
-<span class='line'>3226</span>  * @description
-<span class='line'>3227</span>  * This static method converts from a hexadecimal string of AttributeTypeAndValue
-<span class='line'>3228</span>  * specified by 'hex' and 'idx' to LDAP string representation (ex. C=US).
-<span class='line'>3229</span>  * @example
-<span class='line'>3230</span>  * X509.hex2attrTypeValue("3008060355040a0c0161") &rarr; O=a
-<span class='line'>3231</span>  * X509.hex2attrTypeValue("300806035504060c0161") &rarr; C=a
-<span class='line'>3232</span>  * X509.hex2attrTypeValue("...3008060355040a0c0161...", 128) &rarr; O=a
-<span class='line'>3233</span>  */</span><span class="WHIT">
-<span class='line'>3234</span> </span><span class="NAME">X509.hex2attrTypeValue</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">idx</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3235</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">_ASN1HEX</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">ASN1HEX</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3236</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">_getV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_ASN1HEX.getV</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3237</span> 
-<span class='line'>3238</span> </span><span class="WHIT">    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">idx</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">idx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3239</span> </span><span class="WHIT">    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hex.substr</span><span class="PUNC">(</span><span class="NAME">idx</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="STRN">"30"</span><span class="PUNC">)</span><span class="WHIT"> 
-<span class='line'>3240</span> 	</span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Error</span><span class="PUNC">(</span><span class="STRN">"malformed attribute type and value"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3241</span> 
-<span class='line'>3242</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_ASN1HEX.getChildIdx</span><span class="PUNC">(</span><span class="NAME">hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">idx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3243</span> </span><span class="WHIT">    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">aIdx.length</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="WHIT"> </span><span class="PUNC">||</span><span class="WHIT"> </span><span class="NAME">hex.substr</span><span class="PUNC">(</span><span class="NAME">aIdx</span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="STRN">"06"</span><span class="PUNC">)</span><span class="WHIT">
-<span class='line'>3244</span> </span><span class="WHIT">	</span><span class="STRN">"malformed attribute type and value"</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3245</span> 
-<span class='line'>3246</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">oidHex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3247</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">oidInt</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">KJUR.asn1.ASN1Util.oidHexToInt</span><span class="PUNC">(</span><span class="NAME">oidHex</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3248</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">atype</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">KJUR.asn1.x509.OID.oid2atype</span><span class="PUNC">(</span><span class="NAME">oidInt</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3249</span> 
-<span class='line'>3250</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="PUNC">[</span><span class="NUMB">1</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3251</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">rawV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">hextorstr</span><span class="PUNC">(</span><span class="NAME">hV</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3252</span> 
-<span class='line'>3253</span> </span><span class="WHIT">    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">atype</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"="</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">rawV</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3254</span> </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3255</span> 
-<span class='line'>3256</span> </span><span class="COMM">/**
-<span class='line'>3257</span>  * get RSA/DSA/ECDSA public key object from X.509 certificate hexadecimal string&lt;br/>
-<span class='line'>3258</span>  * @name getPublicKeyFromCertHex
-<span class='line'>3259</span>  * @memberOf X509
-<span class='line'>3260</span>  * @function
-<span class='line'>3261</span>  * @param {String} h hexadecimal string of X.509 certificate for RSA/ECDSA/DSA public key
-<span class='line'>3262</span>  * @return returns RSAKey/KJUR.crypto.{ECDSA,DSA} object of public key
-<span class='line'>3263</span>  * @since jsrasign 7.1.0 x509 1.1.11
-<span class='line'>3264</span>  */</span><span class="WHIT">
-<span class='line'>3265</span> </span><span class="NAME">X509.getPublicKeyFromCertHex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3266</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">x</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">X509</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3267</span> </span><span class="WHIT">    </span><span class="NAME">x.readCertHex</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3268</span> </span><span class="WHIT">    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">x.getPublicKey</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3269</span> </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3270</span> 
-<span class='line'>3271</span> </span><span class="COMM">/**
-<span class='line'>3272</span>  * get RSA/DSA/ECDSA public key object from PEM certificate string
-<span class='line'>3273</span>  * @name getPublicKeyFromCertPEM
-<span class='line'>3274</span>  * @memberOf X509
-<span class='line'>3275</span>  * @function
-<span class='line'>3276</span>  * @param {String} sCertPEM PEM formatted RSA/ECDSA/DSA X.509 certificate
-<span class='line'>3277</span>  * @return returns RSAKey/KJUR.crypto.{ECDSA,DSA} object of public key
-<span class='line'>3278</span>  * @since x509 1.1.1
-<span class='line'>3279</span>  * @description
-<span class='line'>3280</span>  * NOTE: DSA is also supported since x509 1.1.2.
-<span class='line'>3281</span>  */</span><span class="WHIT">
-<span class='line'>3282</span> </span><span class="NAME">X509.getPublicKeyFromCertPEM</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">sCertPEM</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3283</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">x</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">X509</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3284</span> </span><span class="WHIT">    </span><span class="NAME">x.readCertPEM</span><span class="PUNC">(</span><span class="NAME">sCertPEM</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3285</span> </span><span class="WHIT">    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">x.getPublicKey</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3286</span> </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3287</span> 
-<span class='line'>3288</span> </span><span class="COMM">/**
-<span class='line'>3289</span>  * get public key information from PEM certificate
-<span class='line'>3290</span>  * @name getPublicKeyInfoPropOfCertPEM
-<span class='line'>3291</span>  * @memberOf X509
-<span class='line'>3292</span>  * @function
-<span class='line'>3293</span>  * @param {String} sCertPEM string of PEM formatted certificate
-<span class='line'>3294</span>  * @return {Hash} hash of information for public key
-<span class='line'>3295</span>  * @since x509 1.1.1
-<span class='line'>3296</span>  * @description
-<span class='line'>3297</span>  * Resulted associative array has following properties:&lt;br/>
-<span class='line'>3298</span>  * &lt;ul>
-<span class='line'>3299</span>  * &lt;li>algoid - hexadecimal string of OID of asymmetric key algorithm&lt;/li>
-<span class='line'>3300</span>  * &lt;li>algparam - hexadecimal string of OID of ECC curve name or null&lt;/li>
-<span class='line'>3301</span>  * &lt;li>keyhex - hexadecimal string of key in the certificate&lt;/li>
-<span class='line'>3302</span>  * &lt;/ul>
-<span class='line'>3303</span>  * NOTE: X509v1 certificate is also supported since x509.js 1.1.9.
-<span class='line'>3304</span>  */</span><span class="WHIT">
-<span class='line'>3305</span> </span><span class="NAME">X509.getPublicKeyInfoPropOfCertPEM</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">sCertPEM</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
-<span class='line'>3306</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">_ASN1HEX</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">ASN1HEX</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3307</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">_getVbyList</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_ASN1HEX.getVbyList</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3308</span> 
-<span class='line'>3309</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3310</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">x</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">hSPKI</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">pubkey</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3311</span> </span><span class="WHIT">    </span><span class="NAME">result.algparam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">null</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3312</span> 
-<span class='line'>3313</span> </span><span class="WHIT">    </span><span class="NAME">x</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">X509</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3314</span> </span><span class="WHIT">    </span><span class="NAME">x.readCertPEM</span><span class="PUNC">(</span><span class="NAME">sCertPEM</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3315</span> 
-<span class='line'>3316</span> </span><span class="WHIT">    </span><span class="NAME">hSPKI</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">x.getPublicKeyHex</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3317</span> </span><span class="WHIT">    </span><span class="NAME">result.keyhex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getVbyList</span><span class="PUNC">(</span><span class="NAME">hSPKI</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">1</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"03"</span><span class="PUNC">)</span><span class="PUNC">.</span><span class="NAME">substr</span><span class="PUNC">(</span><span class="NUMB">2</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3318</span> </span><span class="WHIT">    </span><span class="NAME">result.algoid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getVbyList</span><span class="PUNC">(</span><span class="NAME">hSPKI</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"06"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3319</span> 
-<span class='line'>3320</span> </span><span class="WHIT">    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">result.algoid</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"2a8648ce3d0201"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT"> </span><span class="COMM">// ecPublicKey</span><span class="WHIT">
-<span class='line'>3321</span> </span><span class="WHIT">	</span><span class="NAME">result.algparam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getVbyList</span><span class="PUNC">(</span><span class="NAME">hSPKI</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">1</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"06"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3322</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3323</span> 
-<span class='line'>3324</span> </span><span class="WHIT">    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3325</span> </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3326</span> 
-<span class='line'>3327</span> </span><span class="COMM">/* ======================================================================
-<span class='line'>3328</span>  *   Specific V3 Extensions
-<span class='line'>3329</span>  * ====================================================================== */</span><span class="WHIT">
-<span class='line'>3330</span> 
-<span class='line'>3331</span> </span><span class="NAME">X509.KEYUSAGE_NAME</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="WHIT">
-<span class='line'>3332</span> </span><span class="WHIT">    </span><span class="STRN">"digitalSignature"</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>3333</span> </span><span class="WHIT">    </span><span class="STRN">"nonRepudiation"</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>3334</span> </span><span class="WHIT">    </span><span class="STRN">"keyEncipherment"</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>3335</span> </span><span class="WHIT">    </span><span class="STRN">"dataEncipherment"</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>3336</span> </span><span class="WHIT">    </span><span class="STRN">"keyAgreement"</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>3337</span> </span><span class="WHIT">    </span><span class="STRN">"keyCertSign"</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>3338</span> </span><span class="WHIT">    </span><span class="STRN">"cRLSign"</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>3339</span> </span><span class="WHIT">    </span><span class="STRN">"encipherOnly"</span><span class="PUNC">,</span><span class="WHIT">
-<span class='line'>3340</span> </span><span class="WHIT">    </span><span class="STRN">"decipherOnly"</span><span class="WHIT">
-<span class='line'>3341</span> </span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
-<span class='line'>3342</span> </span></pre></body></html>
\ No newline at end of file
+<span class='line'>3044</span> 
+<span class='line'>3045</span> </span><span class="WHIT">	</span><span class="KEYW">function</span><span class="WHIT"> </span><span class="NAME">atvtostr</span><span class="PUNC">(</span><span class="NAME">pATV</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3046</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">pATV.type</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"="</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">pATV.value</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3047</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3048</span> 
+<span class='line'>3049</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="STRN">"/"</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">aDN.map</span><span class="PUNC">(</span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">x</span><span class="PUNC">)</span><span class="PUNC">{</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">rdnarraytostr</span><span class="PUNC">(</span><span class="NAME">x</span><span class="PUNC">)</span><span class="PUNC">.</span><span class="NAME">replace</span><span class="PUNC">(</span><span class="REGX">/\//</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"\\/"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="PUNC">}</span><span class="PUNC">)</span><span class="PUNC">.</span><span class="NAME">join</span><span class="PUNC">(</span><span class="STRN">"/"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3050</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3051</span> 
+<span class='line'>3052</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>3053</span>      * set canonicalized DN to a DN parameter&lt;br/>
+<span class='line'>3054</span>      * @name setCanonicalizedDN
+<span class='line'>3055</span>      * @memberOf X509#
+<span class='line'>3056</span>      * @function
+<span class='line'>3057</span>      * @param {object} pDN DN parameter associative array
+<span class='line'>3058</span>      * @since jsrsasign 10.6.0 x509 2.1.0
+<span class='line'>3059</span>      * 
+<span class='line'>3060</span>      * @description
+<span class='line'>3061</span>      * This method canonicalizes a DN string as following:
+<span class='line'>3062</span>      * &lt;ul>
+<span class='line'>3063</span>      * &lt;li>convert to lower case&lt;/li>
+<span class='line'>3064</span>      * &lt;li>convert from all multiple spaces to a space&lt;/li>
+<span class='line'>3065</span>      * &lt;/ul>
+<span class='line'>3066</span>      * 
+<span class='line'>3067</span>      * @example
+<span class='line'>3068</span>      * var x = new X509();
+<span class='line'>3069</span>      * var pDN = {
+<span class='line'>3070</span>      *   array: [
+<span class='line'>3071</span>      *     [{type:'C',value:'JP',ds:'prn'}],
+<span class='line'>3072</span>      *     [{type:'O',value:'Test    1',ds:'prn'}] ],
+<span class='line'>3073</span>      *   str: "/C=JP/O=Test    1" };
+<span class='line'>3074</span>      * x.setCanonicalizedDN(pDN);
+<span class='line'>3075</span> 
+<span class='line'>3076</span>      * // pDN will become following
+<span class='line'>3077</span>      * pDN = {
+<span class='line'>3078</span>      *   array: [
+<span class='line'>3079</span>      *     [{type:'C',value:'JP',ds:'prn'}],
+<span class='line'>3080</span>      *     [{type:'O',value:'Test    1',ds:'prn'}] ],
+<span class='line'>3081</span>      *   str: "/C=JP/O=Test    1",
+<span class='line'>3082</span>      *   canon: "/c=jp/o=test 1" };
+<span class='line'>3083</span>      */</span><span class="WHIT">
+<span class='line'>3084</span> </span><span class="WHIT">    </span><span class="NAME">this.setCanonicalizedDN</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">pDN</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3085</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aRDN</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3086</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">pDN.str</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">pDN.array</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3087</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">dDN</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">KJUR.asn1.x509.X500Name</span><span class="PUNC">(</span><span class="PUNC">{</span><span class="NAME">str</span><span class="PUNC">:</span><span class="WHIT"> </span><span class="NAME">pDN.str</span><span class="PUNC">}</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3088</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hDN</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">dDN.tohex</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3089</span> </span><span class="WHIT">	    </span><span class="NAME">aRDN</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getX500NameArray</span><span class="PUNC">(</span><span class="NAME">hDN</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3090</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3091</span> </span><span class="WHIT">	    </span><span class="NAME">aRDN</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">pDN.array</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3092</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>3093</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">pDN.canon</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3094</span> </span><span class="WHIT">	    </span><span class="NAME">pDN.canon</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.c14nRDNArray</span><span class="PUNC">(</span><span class="NAME">aRDN</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3095</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>3096</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3097</span> 
+<span class='line'>3098</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>3099</span>      * simple canonicalization(c14n) for RDN array&lt;br/>
+<span class='line'>3100</span>      * @name c14nRDNArray
+<span class='line'>3101</span>      * @memberOf X509#
+<span class='line'>3102</span>      * @function
+<span class='line'>3103</span>      * @param {array} aRDN array of RDN parameters
+<span class='line'>3104</span>      * @return {string} canonicalized distinguish name (ex. "/c=jp/o=test ca")
+<span class='line'>3105</span>      * @since jsrsasign 10.6.0 x509 2.1.0
+<span class='line'>3106</span>      * 
+<span class='line'>3107</span>      * @description
+<span class='line'>3108</span>      * This method canonicalizes a DN string according to
+<span class='line'>3109</span>      * &lt;a href="https://datatracker.ietf.org/doc/html/rfc4518#appendix-B">
+<span class='line'>3110</span>      * "RFC 4518 StringPrep Appendix B Substring Matching"&lt;/a> as following:
+<span class='line'>3111</span>      * &lt;ul>
+<span class='line'>3112</span>      * &lt;li>convert to lower case&lt;/li>
+<span class='line'>3113</span>      * &lt;li>convert from all sequence of spaces to a space&lt;/li>
+<span class='line'>3114</span>      * &lt;li>remove leading and trailing spaces&lt;/li>
+<span class='line'>3115</span>      * &lt;/ul>
+<span class='line'>3116</span>      * 
+<span class='line'>3117</span>      * @example
+<span class='line'>3118</span>      * var x = new X509();
+<span class='line'>3119</span>      * x.c14nRDNArray([
+<span class='line'>3120</span>      *   [{type:"C", value:"JP", ds: "prn"}],
+<span class='line'>3121</span>      *   [{type:"O", value:"    Test    1234     ", ds: "utf8"}],
+<span class='line'>3122</span>      *   [{type:"OU", value:"HR   45", ds: "utf8"}]
+<span class='line'>3123</span>      * ]) &rarr; "/c=jp/o=test 1234/ou=hr 45"
+<span class='line'>3124</span>      */</span><span class="WHIT">
+<span class='line'>3125</span> </span><span class="WHIT">    </span><span class="NAME">this.c14nRDNArray</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">aRDN</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3126</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3127</span> </span><span class="WHIT">	</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">aRDN.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3128</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aAVA</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">aRDN</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3129</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a2</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3130</span> </span><span class="WHIT">	    </span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">j</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">j</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">aAVA.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">j</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3131</span> </span><span class="WHIT">		</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">pAVA</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">aAVA</span><span class="PUNC">[</span><span class="NAME">j</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3132</span> </span><span class="WHIT">		</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">value</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">pAVA.value</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3133</span> </span><span class="WHIT">		</span><span class="NAME">value</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">value.replace</span><span class="PUNC">(</span><span class="REGX">/^\s*/</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">''</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3134</span> </span><span class="WHIT">		</span><span class="NAME">value</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">value.replace</span><span class="PUNC">(</span><span class="REGX">/\s*$/</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">''</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3135</span> </span><span class="WHIT">		</span><span class="NAME">value</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">value.replace</span><span class="PUNC">(</span><span class="REGX">/\s+/g</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">' '</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3136</span> </span><span class="WHIT">		</span><span class="NAME">value</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">value.toLowerCase</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3137</span> </span><span class="WHIT">		</span><span class="NAME">a2.push</span><span class="PUNC">(</span><span class="NAME">pAVA.type.toLowerCase</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"="</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">value</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3138</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>3139</span> </span><span class="WHIT">	    </span><span class="NAME">a.push</span><span class="PUNC">(</span><span class="NAME">a2.join</span><span class="PUNC">(</span><span class="STRN">"+"</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3140</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>3141</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="STRN">"/"</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">a.join</span><span class="PUNC">(</span><span class="STRN">"/"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3142</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3143</span> 
+<span class='line'>3144</span> </span><span class="WHIT">    </span><span class="COMM">/**
+<span class='line'>3145</span>      * get certificate information as string.&lt;br/>
+<span class='line'>3146</span>      * @name getInfo
+<span class='line'>3147</span>      * @memberOf X509#
+<span class='line'>3148</span>      * @function
+<span class='line'>3149</span>      * @return {String} certificate information string
+<span class='line'>3150</span>      * @since jsrsasign 5.0.10 x509 1.1.8
+<span class='line'>3151</span>      * @example
+<span class='line'>3152</span>      * x = new X509();
+<span class='line'>3153</span>      * x.readCertPEM(certPEM);
+<span class='line'>3154</span>      * console.log(x.getInfo());
+<span class='line'>3155</span>      * // this shows as following
+<span class='line'>3156</span>      * Basic Fields
+<span class='line'>3157</span>      *   serial number: 02ac5c266a0b409b8f0b79f2ae462577
+<span class='line'>3158</span>      *   signature algorithm: SHA1withRSA
+<span class='line'>3159</span>      *   issuer: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA
+<span class='line'>3160</span>      *   notBefore: 061110000000Z
+<span class='line'>3161</span>      *   notAfter: 311110000000Z
+<span class='line'>3162</span>      *   subject: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA
+<span class='line'>3163</span>      *   subject public key info:
+<span class='line'>3164</span>      *     key algorithm: RSA
+<span class='line'>3165</span>      *     n=c6cce573e6fbd4bb...
+<span class='line'>3166</span>      *     e=10001
+<span class='line'>3167</span>      * X509v3 Extensions:
+<span class='line'>3168</span>      *   keyUsage CRITICAL:
+<span class='line'>3169</span>      *     digitalSignature,keyCertSign,cRLSign
+<span class='line'>3170</span>      *   basicConstraints CRITICAL:
+<span class='line'>3171</span>      *     cA=true
+<span class='line'>3172</span>      *   subjectKeyIdentifier :
+<span class='line'>3173</span>      *     b13ec36903f8bf4701d498261a0802ef63642bc3
+<span class='line'>3174</span>      *   authorityKeyIdentifier :
+<span class='line'>3175</span>      *     kid=b13ec36903f8bf4701d498261a0802ef63642bc3
+<span class='line'>3176</span>      * signature algorithm: SHA1withRSA
+<span class='line'>3177</span>      * signature: 1c1a0697dcd79c9f...
+<span class='line'>3178</span>      */</span><span class="WHIT">
+<span class='line'>3179</span> </span><span class="WHIT">    </span><span class="NAME">this.getInfo</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3180</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">_getSubjectAltNameStr</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">params</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3181</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">""</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3182</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">indent</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"    "</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3183</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">NL</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3184</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">params.array</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3185</span> </span><span class="WHIT">	    </span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3186</span> </span><span class="WHIT">		</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">pGN</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3187</span> </span><span class="WHIT">		</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">pGN.dn</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT">	</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">indent</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"dn: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">pGN.dn.str</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">NL</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3188</span> </span><span class="WHIT">		</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">pGN.ip</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT">	</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">indent</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"ip: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">pGN.ip</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">NL</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3189</span> </span><span class="WHIT">		</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">pGN.rfc822</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT">	</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">indent</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"rfc822: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">pGN.rfc822</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">NL</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3190</span> </span><span class="WHIT">		</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">pGN.dns</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT">	</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">indent</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"dns: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">pGN.dns</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">NL</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3191</span> </span><span class="WHIT">		</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">pGN.uri</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT">	</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">indent</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"uri: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">pGN.uri</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">NL</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3192</span> </span><span class="WHIT">		</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">pGN.other</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3193</span> </span><span class="WHIT">		    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">oidname</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">pGN.other.oid</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3194</span> </span><span class="WHIT">		    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">value</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">JSON.stringify</span><span class="PUNC">(</span><span class="NAME">pGN.other.value</span><span class="PUNC">)</span><span class="PUNC">.</span><span class="NAME">replace</span><span class="PUNC">(</span><span class="REGX">/\"/g</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">''</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3195</span> </span><span class="WHIT">		    </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">indent</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"other: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">oidname</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"="</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">value</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">NL</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3196</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>3197</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>3198</span> </span><span class="WHIT">	    </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">s.replace</span><span class="PUNC">(</span><span class="REGX">/\n$/</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">''</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3199</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">s</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3200</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3201</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">_getCertificatePoliciesStr</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">params</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3202</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">""</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3203</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">params.array</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3204</span> </span><span class="WHIT">	    </span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3205</span> </span><span class="WHIT">		</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">pi</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3206</span> </span><span class="WHIT">		</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"    policy oid: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">pi.policyoid</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3207</span> </span><span class="WHIT">		</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">pi.array</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">continue</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3208</span> </span><span class="WHIT">		</span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">j</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">j</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">pi.array.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">j</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3209</span> </span><span class="WHIT">		    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">pqi</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">pi.array</span><span class="PUNC">[</span><span class="NAME">j</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3210</span> </span><span class="WHIT">		    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">pqi.cps</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3211</span> </span><span class="WHIT">			</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"    cps: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">pqi.cps</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3212</span> </span><span class="WHIT">		    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>3213</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>3214</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>3215</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">s</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3216</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3217</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">_getCRLDistributionPointsStr</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">params</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3218</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">""</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3219</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">params.array</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3220</span> </span><span class="WHIT">	    </span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3221</span> </span><span class="WHIT">		</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">dp</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3222</span> </span><span class="WHIT">		</span><span class="KEYW">try</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3223</span> </span><span class="WHIT">		    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">dp.dpname.full</span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">uri</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT">
+<span class='line'>3224</span> </span><span class="WHIT">			</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"    "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">dp.dpname.full</span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">uri</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3225</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">catch</span><span class="PUNC">(</span><span class="NAME">ex</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3226</span> </span><span class="WHIT">		</span><span class="KEYW">try</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3227</span> </span><span class="WHIT">		    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">dp.dname.full</span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">dn.hex</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT">
+<span class='line'>3228</span> </span><span class="WHIT">			</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"    "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">X509.hex2dn</span><span class="PUNC">(</span><span class="NAME">dp.dpname.full</span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">.</span><span class="NAME">dn.hex</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3229</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">catch</span><span class="PUNC">(</span><span class="NAME">ex</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3230</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>3231</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">s</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3232</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>3233</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">_getAuthorityInfoAccessStr</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">params</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3234</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">""</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3235</span> </span><span class="WHIT">	    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">params.array</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3236</span> </span><span class="WHIT">	    </span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">a.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3237</span> </span><span class="WHIT">		</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">ad</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">a</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3238</span> 
+<span class='line'>3239</span> </span><span class="WHIT">		</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">ad.caissuer</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT">
+<span class='line'>3240</span> </span><span class="WHIT">		    </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"    caissuer: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">ad.caissuer</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3241</span> </span><span class="WHIT">		</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">ad.ocsp</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT">
+<span class='line'>3242</span> </span><span class="WHIT">		    </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"    ocsp: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">ad.ocsp</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3243</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>3244</span> </span><span class="WHIT">	    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">s</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3245</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3246</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">_X509</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">X509</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3247</span> </span><span class="WHIT">	</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">s</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">pubkey</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">aExt</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3248</span> </span><span class="WHIT">	</span><span class="NAME">s</span><span class="WHIT">  </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"Basic Fields\n"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3249</span> </span><span class="WHIT">        </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"  serial number: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">this.getSerialNumberHex</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3250</span> </span><span class="WHIT">	</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"  signature algorithm: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">this.getSignatureAlgorithmField</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3251</span> </span><span class="WHIT">	</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"  issuer: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">this.getIssuerString</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3252</span> </span><span class="WHIT">	</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"  notBefore: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">this.getNotBefore</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3253</span> </span><span class="WHIT">	</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"  notAfter: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">this.getNotAfter</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3254</span> </span><span class="WHIT">	</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"  subject: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">this.getSubjectString</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3255</span> </span><span class="WHIT">	</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"  subject public key info: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3256</span> 
+<span class='line'>3257</span> </span><span class="WHIT">	</span><span class="COMM">// subject public key info</span><span class="WHIT">
+<span class='line'>3258</span> </span><span class="WHIT">	</span><span class="NAME">pubkey</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getPublicKey</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3259</span> </span><span class="WHIT">	</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"    key algorithm: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">pubkey.type</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3260</span> 
+<span class='line'>3261</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">pubkey.type</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"RSA"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3262</span> </span><span class="WHIT">	    </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"    n="</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">hextoposhex</span><span class="PUNC">(</span><span class="NAME">pubkey.n.toString</span><span class="PUNC">(</span><span class="NUMB">16</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">.</span><span class="NAME">substr</span><span class="PUNC">(</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">16</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"...\n"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3263</span> </span><span class="WHIT">	    </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"    e="</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">hextoposhex</span><span class="PUNC">(</span><span class="NAME">pubkey.e.toString</span><span class="PUNC">(</span><span class="NUMB">16</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3264</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>3265</span> 
+<span class='line'>3266</span> </span><span class="WHIT">	</span><span class="COMM">// X.509v3 Extensions</span><span class="WHIT">
+<span class='line'>3267</span> </span><span class="WHIT">        </span><span class="NAME">aExt</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.aExtInfo</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3268</span> 
+<span class='line'>3269</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">aExt</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="WHIT"> </span><span class="PUNC">&&</span><span class="WHIT"> </span><span class="NAME">aExt</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="KEYW">null</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3270</span> </span><span class="WHIT">            </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"X509v3 Extensions:\n"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3271</span> </span><span class="WHIT">	    
+<span class='line'>3272</span>             </span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">aExt.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3273</span> </span><span class="WHIT">		</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">info</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">aExt</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3274</span> 
+<span class='line'>3275</span> </span><span class="WHIT">		</span><span class="COMM">// show extension name and critical flag</span><span class="WHIT">
+<span class='line'>3276</span> </span><span class="WHIT">		</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">extName</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">KJUR.asn1.x509.OID.oid2name</span><span class="PUNC">(</span><span class="NAME">info</span><span class="PUNC">[</span><span class="STRN">"oid"</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3277</span> </span><span class="WHIT">		</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">extName</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">''</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">extName</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">info</span><span class="PUNC">[</span><span class="STRN">"oid"</span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3278</span> 
+<span class='line'>3279</span> </span><span class="WHIT">		</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">''</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3280</span> </span><span class="WHIT">		</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">info</span><span class="PUNC">[</span><span class="STRN">"critical"</span><span class="PUNC">]</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="KEYW">true</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"CRITICAL"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3281</span> 
+<span class='line'>3282</span> </span><span class="WHIT">		</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"  "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">extName</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">" "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">critical</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">":\n"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3283</span> 
+<span class='line'>3284</span> </span><span class="WHIT">		</span><span class="COMM">// show extension value if supported</span><span class="WHIT">
+<span class='line'>3285</span> </span><span class="WHIT">		</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">extName</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"basicConstraints"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3286</span> </span><span class="WHIT">		    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">bc</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtBasicConstraints</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3287</span> </span><span class="WHIT">		    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">bc.cA</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3288</span> </span><span class="WHIT">			</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"    {}\n"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3289</span> </span><span class="WHIT">		    </span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3290</span> </span><span class="WHIT">			</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"    cA=true"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3291</span> </span><span class="WHIT">			</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">bc.pathLen</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT">
+<span class='line'>3292</span> </span><span class="WHIT">			    </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">", pathLen="</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">bc.pathLen</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3293</span> </span><span class="WHIT">			</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3294</span> </span><span class="WHIT">		    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>3295</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">extName</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"keyUsage"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3296</span> </span><span class="WHIT">		    </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"    "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">this.getExtKeyUsageString</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3297</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">extName</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"subjectKeyIdentifier"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3298</span> </span><span class="WHIT">		    </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"    "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">this.getExtSubjectKeyIdentifier</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">.</span><span class="NAME">kid.hex</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3299</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">extName</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"authorityKeyIdentifier"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3300</span> </span><span class="WHIT">		    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">akid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtAuthorityKeyIdentifier</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3301</span> </span><span class="WHIT">		    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">akid.kid</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT">
+<span class='line'>3302</span> </span><span class="WHIT">			</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"    kid="</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">akid.kid.hex</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3303</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">extName</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"extKeyUsage"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3304</span> </span><span class="WHIT">		    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">eku</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtExtKeyUsage</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">.</span><span class="NAME">array</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3305</span> </span><span class="WHIT">		    </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"    "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">eku.join</span><span class="PUNC">(</span><span class="STRN">", "</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3306</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">extName</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"subjectAltName"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3307</span> </span><span class="WHIT">		    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">san</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getSubjectAltNameStr</span><span class="PUNC">(</span><span class="NAME">this.getExtSubjectAltName</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3308</span> </span><span class="WHIT">		    </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">san</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3309</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">extName</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"cRLDistributionPoints"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3310</span> </span><span class="WHIT">		    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">cdp</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtCRLDistributionPoints</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3311</span> </span><span class="WHIT">		    </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getCRLDistributionPointsStr</span><span class="PUNC">(</span><span class="NAME">cdp</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3312</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">extName</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"authorityInfoAccess"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3313</span> </span><span class="WHIT">		    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aia</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">this.getExtAuthorityInfoAccess</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3314</span> </span><span class="WHIT">		    </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getAuthorityInfoAccessStr</span><span class="PUNC">(</span><span class="NAME">aia</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3315</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">extName</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"certificatePolicies"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3316</span> </span><span class="WHIT">		    </span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getCertificatePoliciesStr</span><span class="PUNC">(</span><span class="NAME">this.getExtCertificatePolicies</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3317</span> </span><span class="WHIT">		</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>3318</span> </span><span class="WHIT">	    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>3319</span> </span><span class="WHIT">        </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>3320</span> 
+<span class='line'>3321</span> </span><span class="WHIT">	</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"signature algorithm: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">this.getSignatureAlgorithmName</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"\n"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3322</span> </span><span class="WHIT">	</span><span class="NAME">s</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="PUNC">=</span><span class="WHIT"> </span><span class="STRN">"signature: "</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">this.getSignatureValueHex</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">.</span><span class="NAME">substr</span><span class="PUNC">(</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">16</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"...\n"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3323</span> </span><span class="WHIT">	</span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">s</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3324</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3325</span> 
+<span class='line'>3326</span> </span><span class="WHIT">    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">typeof</span><span class="WHIT"> </span><span class="NAME">params</span><span class="WHIT"> </span><span class="PUNC">==</span><span class="WHIT"> </span><span class="STRN">"string"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3327</span> </span><span class="WHIT">	</span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">params.indexOf</span><span class="PUNC">(</span><span class="STRN">"-----BEGIN"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">!=</span><span class="WHIT"> </span><span class="PUNC">-</span><span class="NUMB">1</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3328</span> </span><span class="WHIT">	    </span><span class="NAME">this.readCertPEM</span><span class="PUNC">(</span><span class="NAME">params</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3329</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT"> </span><span class="KEYW">else</span><span class="WHIT"> </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">KJUR.lang.String.isHex</span><span class="PUNC">(</span><span class="NAME">params</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3330</span> </span><span class="WHIT">	    </span><span class="NAME">this.readCertHex</span><span class="PUNC">(</span><span class="NAME">params</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3331</span> </span><span class="WHIT">	</span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>3332</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>3333</span> </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3334</span> </span><span class="COMM">// ----- END of X509 class -----</span><span class="WHIT">
+<span class='line'>3335</span> 
+<span class='line'>3336</span> </span><span class="COMM">/**
+<span class='line'>3337</span>  * get distinguished name string in OpenSSL online format from hexadecimal string of ASN.1 DER X.500 name&lt;br/>
+<span class='line'>3338</span>  * @name hex2dn
+<span class='line'>3339</span>  * @memberOf X509
+<span class='line'>3340</span>  * @function
+<span class='line'>3341</span>  * @param {String} hex hexadecimal string of ASN.1 DER distinguished name
+<span class='line'>3342</span>  * @param {Integer} idx index of hexadecimal string (DEFAULT=0)
+<span class='line'>3343</span>  * @return {String} OpenSSL online format distinguished name
+<span class='line'>3344</span>  * @description
+<span class='line'>3345</span>  * This static method converts from a hexadecimal string of 
+<span class='line'>3346</span>  * distinguished name (DN)
+<span class='line'>3347</span>  * specified by 'hex' and 'idx' to OpenSSL oneline string representation (ex. /C=US/O=a).
+<span class='line'>3348</span>  * @example
+<span class='line'>3349</span>  * X509.hex2dn("3031310b3...") &rarr; /C=US/O=a/CN=b2+OU=b1
+<span class='line'>3350</span>  */</span><span class="WHIT">
+<span class='line'>3351</span> </span><span class="NAME">X509.hex2dn</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">idx</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3352</span> </span><span class="WHIT">    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">idx</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">idx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3353</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">x</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">X509</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3354</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hDN</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">ASN1HEX.getTLV</span><span class="PUNC">(</span><span class="NAME">hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">idx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3355</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">pDN</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">x.getX500Name</span><span class="PUNC">(</span><span class="NAME">hex</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3356</span> </span><span class="WHIT">    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">pDN.str</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3357</span> </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3358</span> 
+<span class='line'>3359</span> </span><span class="COMM">/**
+<span class='line'>3360</span>  * get relative distinguished name string in OpenSSL online format from hexadecimal string of ASN.1 DER RDN&lt;br/>
+<span class='line'>3361</span>  * @name hex2rdn
+<span class='line'>3362</span>  * @memberOf X509
+<span class='line'>3363</span>  * @function
+<span class='line'>3364</span>  * @param {String} hex hexadecimal string of ASN.1 DER concludes relative distinguished name
+<span class='line'>3365</span>  * @param {Integer} idx index of hexadecimal string (DEFAULT=0)
+<span class='line'>3366</span>  * @return {String} OpenSSL online format relative distinguished name
+<span class='line'>3367</span>  * @description
+<span class='line'>3368</span>  * This static method converts from a hexadecimal string of 
+<span class='line'>3369</span>  * relative distinguished name (RDN)
+<span class='line'>3370</span>  * specified by 'hex' and 'idx' to LDAP string representation (ex. O=test+CN=test).&lt;br/>
+<span class='line'>3371</span>  * NOTE: Multi-valued RDN is supported since jsnrsasign 6.2.2 x509 1.1.10.
+<span class='line'>3372</span>  * @example
+<span class='line'>3373</span>  * X509.hex2rdn("310a3008060355040a0c0161") &rarr; O=a
+<span class='line'>3374</span>  * X509.hex2rdn("31143008060355040a0c01613008060355040a0c0162") &rarr; O=a+O=b
+<span class='line'>3375</span>  */</span><span class="WHIT">
+<span class='line'>3376</span> </span><span class="NAME">X509.hex2rdn</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">idx</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3377</span> </span><span class="WHIT">    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">idx</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">idx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3378</span> </span><span class="WHIT">    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hex.substr</span><span class="PUNC">(</span><span class="NAME">idx</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="STRN">"31"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Error</span><span class="PUNC">(</span><span class="STRN">"malformed RDN"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3379</span> 
+<span class='line'>3380</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Array</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3381</span> 
+<span class='line'>3382</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">ASN1HEX.getChildIdx</span><span class="PUNC">(</span><span class="NAME">hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">idx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3383</span> </span><span class="WHIT">    </span><span class="KEYW">for</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="WHIT"> </span><span class="PUNC">&lt;</span><span class="WHIT"> </span><span class="NAME">aIdx.length</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="NAME">i</span><span class="PUNC">++</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3384</span> </span><span class="WHIT">	</span><span class="NAME">a.push</span><span class="PUNC">(</span><span class="NAME">X509.hex2attrTypeValue</span><span class="PUNC">(</span><span class="NAME">hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="PUNC">[</span><span class="NAME">i</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3385</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="WHIT">
+<span class='line'>3386</span> 
+<span class='line'>3387</span> </span><span class="WHIT">    </span><span class="NAME">a</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">a.map</span><span class="PUNC">(</span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">s</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT"> </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">s.replace</span><span class="PUNC">(</span><span class="STRN">"+"</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"\\+"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT"> </span><span class="PUNC">}</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3388</span> </span><span class="WHIT">    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">a.join</span><span class="PUNC">(</span><span class="STRN">"+"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3389</span> </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3390</span> 
+<span class='line'>3391</span> </span><span class="COMM">/**
+<span class='line'>3392</span>  * get string from hexadecimal string of ASN.1 DER AttributeTypeAndValue&lt;br/>
+<span class='line'>3393</span>  * @name hex2attrTypeValue
+<span class='line'>3394</span>  * @memberOf X509
+<span class='line'>3395</span>  * @function
+<span class='line'>3396</span>  * @param {String} hex hexadecimal string of ASN.1 DER concludes AttributeTypeAndValue
+<span class='line'>3397</span>  * @param {Integer} idx index of hexadecimal string (DEFAULT=0)
+<span class='line'>3398</span>  * @return {String} string representation of AttributeTypeAndValue (ex. C=US)
+<span class='line'>3399</span>  * @description
+<span class='line'>3400</span>  * This static method converts from a hexadecimal string of AttributeTypeAndValue
+<span class='line'>3401</span>  * specified by 'hex' and 'idx' to LDAP string representation (ex. C=US).
+<span class='line'>3402</span>  * @example
+<span class='line'>3403</span>  * X509.hex2attrTypeValue("3008060355040a0c0161") &rarr; O=a
+<span class='line'>3404</span>  * X509.hex2attrTypeValue("300806035504060c0161") &rarr; C=a
+<span class='line'>3405</span>  * X509.hex2attrTypeValue("...3008060355040a0c0161...", 128) &rarr; O=a
+<span class='line'>3406</span>  */</span><span class="WHIT">
+<span class='line'>3407</span> </span><span class="NAME">X509.hex2attrTypeValue</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">idx</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3408</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">_ASN1HEX</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">ASN1HEX</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3409</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">_getV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_ASN1HEX.getV</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3410</span> 
+<span class='line'>3411</span> </span><span class="WHIT">    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">idx</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="NAME">undefined</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="NAME">idx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3412</span> </span><span class="WHIT">    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">hex.substr</span><span class="PUNC">(</span><span class="NAME">idx</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="STRN">"30"</span><span class="PUNC">)</span><span class="WHIT"> 
+<span class='line'>3413</span> 	</span><span class="KEYW">throw</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">Error</span><span class="PUNC">(</span><span class="STRN">"malformed attribute type and value"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3414</span> 
+<span class='line'>3415</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_ASN1HEX.getChildIdx</span><span class="PUNC">(</span><span class="NAME">hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">idx</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3416</span> </span><span class="WHIT">    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">aIdx.length</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="WHIT"> </span><span class="PUNC">||</span><span class="WHIT"> </span><span class="NAME">hex.substr</span><span class="PUNC">(</span><span class="NAME">aIdx</span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">2</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">!==</span><span class="WHIT"> </span><span class="STRN">"06"</span><span class="PUNC">)</span><span class="WHIT">
+<span class='line'>3417</span> </span><span class="WHIT">	</span><span class="STRN">"malformed attribute type and value"</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3418</span> 
+<span class='line'>3419</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">oidHex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3420</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">oidInt</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">KJUR.asn1.ASN1Util.oidHexToInt</span><span class="PUNC">(</span><span class="NAME">oidHex</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3421</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">atype</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">KJUR.asn1.x509.OID.oid2atype</span><span class="PUNC">(</span><span class="NAME">oidInt</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3422</span> 
+<span class='line'>3423</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">hV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getV</span><span class="PUNC">(</span><span class="NAME">hex</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">aIdx</span><span class="PUNC">[</span><span class="NUMB">1</span><span class="PUNC">]</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3424</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">rawV</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">hextorstr</span><span class="PUNC">(</span><span class="NAME">hV</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3425</span> 
+<span class='line'>3426</span> </span><span class="WHIT">    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">atype</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="STRN">"="</span><span class="WHIT"> </span><span class="PUNC">+</span><span class="WHIT"> </span><span class="NAME">rawV</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3427</span> </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3428</span> 
+<span class='line'>3429</span> </span><span class="COMM">/**
+<span class='line'>3430</span>  * get RSA/DSA/ECDSA public key object from X.509 certificate hexadecimal string&lt;br/>
+<span class='line'>3431</span>  * @name getPublicKeyFromCertHex
+<span class='line'>3432</span>  * @memberOf X509
+<span class='line'>3433</span>  * @function
+<span class='line'>3434</span>  * @param {String} h hexadecimal string of X.509 certificate for RSA/ECDSA/DSA public key
+<span class='line'>3435</span>  * @return returns RSAKey/KJUR.crypto.{ECDSA,DSA} object of public key
+<span class='line'>3436</span>  * @since jsrasign 7.1.0 x509 1.1.11
+<span class='line'>3437</span>  */</span><span class="WHIT">
+<span class='line'>3438</span> </span><span class="NAME">X509.getPublicKeyFromCertHex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3439</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">x</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">X509</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3440</span> </span><span class="WHIT">    </span><span class="NAME">x.readCertHex</span><span class="PUNC">(</span><span class="NAME">h</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3441</span> </span><span class="WHIT">    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">x.getPublicKey</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3442</span> </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3443</span> 
+<span class='line'>3444</span> </span><span class="COMM">/**
+<span class='line'>3445</span>  * get RSA/DSA/ECDSA public key object from PEM certificate string
+<span class='line'>3446</span>  * @name getPublicKeyFromCertPEM
+<span class='line'>3447</span>  * @memberOf X509
+<span class='line'>3448</span>  * @function
+<span class='line'>3449</span>  * @param {String} sCertPEM PEM formatted RSA/ECDSA/DSA X.509 certificate
+<span class='line'>3450</span>  * @return returns RSAKey/KJUR.crypto.{ECDSA,DSA} object of public key
+<span class='line'>3451</span>  * @since x509 1.1.1
+<span class='line'>3452</span>  * @description
+<span class='line'>3453</span>  * NOTE: DSA is also supported since x509 1.1.2.
+<span class='line'>3454</span>  */</span><span class="WHIT">
+<span class='line'>3455</span> </span><span class="NAME">X509.getPublicKeyFromCertPEM</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">sCertPEM</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3456</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">x</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">X509</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3457</span> </span><span class="WHIT">    </span><span class="NAME">x.readCertPEM</span><span class="PUNC">(</span><span class="NAME">sCertPEM</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3458</span> </span><span class="WHIT">    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">x.getPublicKey</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3459</span> </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3460</span> 
+<span class='line'>3461</span> </span><span class="COMM">/**
+<span class='line'>3462</span>  * get public key information from PEM certificate
+<span class='line'>3463</span>  * @name getPublicKeyInfoPropOfCertPEM
+<span class='line'>3464</span>  * @memberOf X509
+<span class='line'>3465</span>  * @function
+<span class='line'>3466</span>  * @param {String} sCertPEM string of PEM formatted certificate
+<span class='line'>3467</span>  * @return {Hash} hash of information for public key
+<span class='line'>3468</span>  * @since x509 1.1.1
+<span class='line'>3469</span>  * @description
+<span class='line'>3470</span>  * Resulted associative array has following properties:&lt;br/>
+<span class='line'>3471</span>  * &lt;ul>
+<span class='line'>3472</span>  * &lt;li>algoid - hexadecimal string of OID of asymmetric key algorithm&lt;/li>
+<span class='line'>3473</span>  * &lt;li>algparam - hexadecimal string of OID of ECC curve name or null&lt;/li>
+<span class='line'>3474</span>  * &lt;li>keyhex - hexadecimal string of key in the certificate&lt;/li>
+<span class='line'>3475</span>  * &lt;/ul>
+<span class='line'>3476</span>  * NOTE: X509v1 certificate is also supported since x509.js 1.1.9.
+<span class='line'>3477</span>  */</span><span class="WHIT">
+<span class='line'>3478</span> </span><span class="NAME">X509.getPublicKeyInfoPropOfCertPEM</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">function</span><span class="PUNC">(</span><span class="NAME">sCertPEM</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT">
+<span class='line'>3479</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">_ASN1HEX</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">ASN1HEX</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3480</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">_getVbyList</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_ASN1HEX.getVbyList</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3481</span> 
+<span class='line'>3482</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">result</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3483</span> </span><span class="WHIT">    </span><span class="KEYW">var</span><span class="WHIT"> </span><span class="NAME">x</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">hSPKI</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NAME">pubkey</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3484</span> </span><span class="WHIT">    </span><span class="NAME">result.algparam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">null</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3485</span> 
+<span class='line'>3486</span> </span><span class="WHIT">    </span><span class="NAME">x</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="KEYW">new</span><span class="WHIT"> </span><span class="NAME">X509</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3487</span> </span><span class="WHIT">    </span><span class="NAME">x.readCertPEM</span><span class="PUNC">(</span><span class="NAME">sCertPEM</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3488</span> 
+<span class='line'>3489</span> </span><span class="WHIT">    </span><span class="NAME">hSPKI</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">x.getPublicKeyHex</span><span class="PUNC">(</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3490</span> </span><span class="WHIT">    </span><span class="NAME">result.keyhex</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getVbyList</span><span class="PUNC">(</span><span class="NAME">hSPKI</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">1</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"03"</span><span class="PUNC">)</span><span class="PUNC">.</span><span class="NAME">substr</span><span class="PUNC">(</span><span class="NUMB">2</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3491</span> </span><span class="WHIT">    </span><span class="NAME">result.algoid</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getVbyList</span><span class="PUNC">(</span><span class="NAME">hSPKI</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"06"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3492</span> 
+<span class='line'>3493</span> </span><span class="WHIT">    </span><span class="KEYW">if</span><span class="WHIT"> </span><span class="PUNC">(</span><span class="NAME">result.algoid</span><span class="WHIT"> </span><span class="PUNC">===</span><span class="WHIT"> </span><span class="STRN">"2a8648ce3d0201"</span><span class="PUNC">)</span><span class="WHIT"> </span><span class="PUNC">{</span><span class="WHIT"> </span><span class="COMM">// ecPublicKey</span><span class="WHIT">
+<span class='line'>3494</span> </span><span class="WHIT">	</span><span class="NAME">result.algparam</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="NAME">_getVbyList</span><span class="PUNC">(</span><span class="NAME">hSPKI</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="NUMB">0</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="NUMB">1</span><span class="PUNC">]</span><span class="PUNC">,</span><span class="WHIT"> </span><span class="STRN">"06"</span><span class="PUNC">)</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3495</span> </span><span class="WHIT">    </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3496</span> 
+<span class='line'>3497</span> </span><span class="WHIT">    </span><span class="KEYW">return</span><span class="WHIT"> </span><span class="NAME">result</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3498</span> </span><span class="PUNC">}</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3499</span> 
+<span class='line'>3500</span> </span><span class="COMM">/* ======================================================================
+<span class='line'>3501</span>  *   Specific V3 Extensions
+<span class='line'>3502</span>  * ====================================================================== */</span><span class="WHIT">
+<span class='line'>3503</span> 
+<span class='line'>3504</span> </span><span class="NAME">X509.KEYUSAGE_NAME</span><span class="WHIT"> </span><span class="PUNC">=</span><span class="WHIT"> </span><span class="PUNC">[</span><span class="WHIT">
+<span class='line'>3505</span> </span><span class="WHIT">    </span><span class="STRN">"digitalSignature"</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>3506</span> </span><span class="WHIT">    </span><span class="STRN">"nonRepudiation"</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>3507</span> </span><span class="WHIT">    </span><span class="STRN">"keyEncipherment"</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>3508</span> </span><span class="WHIT">    </span><span class="STRN">"dataEncipherment"</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>3509</span> </span><span class="WHIT">    </span><span class="STRN">"keyAgreement"</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>3510</span> </span><span class="WHIT">    </span><span class="STRN">"keyCertSign"</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>3511</span> </span><span class="WHIT">    </span><span class="STRN">"cRLSign"</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>3512</span> </span><span class="WHIT">    </span><span class="STRN">"encipherOnly"</span><span class="PUNC">,</span><span class="WHIT">
+<span class='line'>3513</span> </span><span class="WHIT">    </span><span class="STRN">"decipherOnly"</span><span class="WHIT">
+<span class='line'>3514</span> </span><span class="PUNC">]</span><span class="PUNC">;</span><span class="WHIT">
+<span class='line'>3515</span> </span></pre></body></html>
\ No newline at end of file
diff --git a/bower.json b/bower.json
index 08132934..6499ff09 100644
--- a/bower.json
+++ b/bower.json
@@ -1,6 +1,6 @@
 {
   "name": "kjur-jsrsasign",
-  "version": "10.5.27",
+  "version": "10.6.0",
   "main": "jsrsasign-all-min.js",
   "description": "The 'jsrsasign' (RSA-Sign JavaScript Library) is an opensource free cryptography library supporting RSA/RSAPSS/ECDSA/DSA signing/validation, ASN.1, PKCS#1/5/8 private/public key, X.509 certificate, CRL, OCSP, CMS SignedData, TimeStamp, CAdES, JWS and JWT in pure JavaScript.",
   "license": "MIT",
diff --git a/jsrsasign-all-min.js b/jsrsasign-all-min.js
index 004b6276..28e4e525 100644
--- a/jsrsasign-all-min.js
+++ b/jsrsasign-all-min.js
@@ -1,5 +1,5 @@
 /*
- * jsrsasign(all) 10.5.27 (2022-08-19) (c) 2010-2022 Kenji Urushima | kjur.github.io/jsrsasign/license
+ * jsrsasign(all) 10.6.0 (2022-11-04) (c) 2010-2022 Kenji Urushima | kjur.github.io/jsrsasign/license
  */
 
 /*! CryptoJS v3.1.2 core-fix.js
@@ -219,7 +219,7 @@ ECFieldElementFp.prototype.getByteLength=function(){return Math.floor((this.toBi
 var jsonParse=(function(){var e="(?:-?\\b(?:0|[1-9][0-9]*)(?:\\.[0-9]+)?(?:[eE][+-]?[0-9]+)?\\b)";var j='(?:[^\\0-\\x08\\x0a-\\x1f"\\\\]|\\\\(?:["/\\\\bfnrt]|u[0-9A-Fa-f]{4}))';var i='(?:"'+j+'*")';var d=new RegExp("(?:false|true|null|[\\{\\}\\[\\]]|"+e+"|"+i+")","g");var k=new RegExp("\\\\(?:([^u])|u(.{4}))","g");var g={'"':'"',"/":"/","\\":"\\",b:"\b",f:"\f",n:"\n",r:"\r",t:"\t"};function h(l,m,n){return m?g[m]:String.fromCharCode(parseInt(n,16))}var c=new String("");var a="\\";var f={"{":Object,"[":Array};var b=Object.hasOwnProperty;return function(u,q){var p=u.match(d);var x;var v=p[0];var l=false;if("{"===v){x={}}else{if("["===v){x=[]}else{x=[];l=true}}var t;var r=[x];for(var o=1-l,m=p.length;o<m;++o){v=p[o];var w;switch(v.charCodeAt(0)){default:w=r[0];w[t||w.length]=+(v);t=void 0;break;case 34:v=v.substring(1,v.length-1);if(v.indexOf(a)!==-1){v=v.replace(k,h)}w=r[0];if(!t){if(w instanceof Array){t=w.length}else{t=v||c;break}}w[t]=v;t=void 0;break;case 91:w=r[0];r.unshift(w[t||w.length]=[]);t=void 0;break;case 93:r.shift();break;case 102:w=r[0];w[t||w.length]=false;t=void 0;break;case 110:w=r[0];w[t||w.length]=null;t=void 0;break;case 116:w=r[0];w[t||w.length]=true;t=void 0;break;case 123:w=r[0];r.unshift(w[t||w.length]={});t=void 0;break;case 125:r.shift();break}}if(l){if(r.length!==1){throw new Error()}x=x[0]}else{if(r.length){throw new Error()}}if(q){var s=function(C,B){var D=C[B];if(D&&typeof D==="object"){var n=null;for(var z in D){if(b.call(D,z)&&D!==C){var y=s(D,z);if(y!==void 0){D[z]=y}else{if(!n){n=[]}n.push(z)}}}if(n){for(var A=n.length;--A>=0;){delete D[n[A]]}}}return q.call(C,B,D)};x=s({"":x},"")}return x}})();
 if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}KJUR.asn1.ASN1Util=new function(){this.integerToByteHex=function(a){var b=a.toString(16);if((b.length%2)==1){b="0"+b}return b};this.bigIntToMinTwosComplementsHex=function(j){var f=j.toString(16);if(f.substr(0,1)!="-"){if(f.length%2==1){f="0"+f}else{if(!f.match(/^[0-7]/)){f="00"+f}}}else{var a=f.substr(1);var e=a.length;if(e%2==1){e+=1}else{if(!f.match(/^[0-7]/)){e+=2}}var g="";for(var d=0;d<e;d++){g+="f"}var c=new BigInteger(g,16);var b=c.xor(j).add(BigInteger.ONE);f=b.toString(16).replace(/^-/,"")}return f};this.getPEMStringFromHex=function(a,b){return hextopem(a,b)};this.newObject=function(k){var F=KJUR,o=F.asn1,v=o.ASN1Object,B=o.DERBoolean,e=o.DERInteger,t=o.DERBitString,h=o.DEROctetString,x=o.DERNull,y=o.DERObjectIdentifier,m=o.DEREnumerated,g=o.DERUTF8String,f=o.DERNumericString,A=o.DERPrintableString,w=o.DERTeletexString,q=o.DERIA5String,E=o.DERUTCTime,j=o.DERGeneralizedTime,b=o.DERVisibleString,l=o.DERBMPString,n=o.DERSequence,c=o.DERSet,s=o.DERTaggedObject,p=o.ASN1Util.newObject;if(k instanceof o.ASN1Object){return k}var u=Object.keys(k);if(u.length!=1){throw new Error("key of param shall be only one.")}var H=u[0];if(":asn1:bool:int:bitstr:octstr:null:oid:enum:utf8str:numstr:prnstr:telstr:ia5str:utctime:gentime:visstr:bmpstr:seq:set:tag:".indexOf(":"+H+":")==-1){throw new Error("undefined key: "+H)}if(H=="bool"){return new B(k[H])}if(H=="int"){return new e(k[H])}if(H=="bitstr"){return new t(k[H])}if(H=="octstr"){return new h(k[H])}if(H=="null"){return new x(k[H])}if(H=="oid"){return new y(k[H])}if(H=="enum"){return new m(k[H])}if(H=="utf8str"){return new g(k[H])}if(H=="numstr"){return new f(k[H])}if(H=="prnstr"){return new A(k[H])}if(H=="telstr"){return new w(k[H])}if(H=="ia5str"){return new q(k[H])}if(H=="utctime"){return new E(k[H])}if(H=="gentime"){return new j(k[H])}if(H=="visstr"){return new b(k[H])}if(H=="bmpstr"){return new l(k[H])}if(H=="asn1"){return new v(k[H])}if(H=="seq"){var d=k[H];var G=[];for(var z=0;z<d.length;z++){var D=p(d[z]);G.push(D)}return new n({array:G})}if(H=="set"){var d=k[H];var G=[];for(var z=0;z<d.length;z++){var D=p(d[z]);G.push(D)}return new c({array:G})}if(H=="tag"){var C=k[H];if(Object.prototype.toString.call(C)==="[object Array]"&&C.length==3){var r=p(C[2]);return new s({tag:C[0],explicit:C[1],obj:r})}else{return new s(C)}}};this.jsonToASN1HEX=function(b){var a=this.newObject(b);return a.tohex()}};KJUR.asn1.ASN1Util.oidHexToInt=function(a){var j="";var k=parseInt(a.substr(0,2),16);var d=Math.floor(k/40);var c=k%40;var j=d+"."+c;var e="";for(var f=2;f<a.length;f+=2){var g=parseInt(a.substr(f,2),16);var h=("00000000"+g.toString(2)).slice(-8);e=e+h.substr(1,7);if(h.substr(0,1)=="0"){var b=new BigInteger(e,2);j=j+"."+b.toString(10);e=""}}return j};KJUR.asn1.ASN1Util.oidIntToHex=function(f){var e=function(a){var k=a.toString(16);if(k.length==1){k="0"+k}return k};var d=function(o){var n="";var k=new BigInteger(o,10);var a=k.toString(2);var l=7-a.length%7;if(l==7){l=0}var q="";for(var m=0;m<l;m++){q+="0"}a=q+a;for(var m=0;m<a.length-1;m+=7){var p=a.substr(m,7);if(m!=a.length-7){p="1"+p}n+=e(parseInt(p,2))}return n};if(!f.match(/^[0-9.]+$/)){throw"malformed oid string: "+f}var g="";var b=f.split(".");var j=parseInt(b[0])*40+parseInt(b[1]);g+=e(j);b.splice(0,2);for(var c=0;c<b.length;c++){g+=d(b[c])}return g};KJUR.asn1.ASN1Object=function(e){var c=true;var b=null;var d="00";var f="00";var a="";this.params=null;this.getLengthHexFromValue=function(){if(typeof this.hV=="undefined"||this.hV==null){throw new Error("this.hV is null or undefined")}if(this.hV.length%2==1){throw new Error("value hex must be even length: n="+a.length+",v="+this.hV)}var j=this.hV.length/2;var i=j.toString(16);if(i.length%2==1){i="0"+i}if(j<128){return i}else{var h=i.length/2;if(h>15){throw new Error("ASN.1 length too long to represent by 8x: n = "+j.toString(16))}var g=128+h;return g.toString(16)+i}};this.tohex=function(){if(this.hTLV==null||this.isModified){this.hV=this.getFreshValueHex();this.hL=this.getLengthHexFromValue();this.hTLV=this.hT+this.hL+this.hV;this.isModified=false}return this.hTLV};this.getEncodedHex=function(){return this.tohex()};this.getValueHex=function(){this.tohex();return this.hV};this.getFreshValueHex=function(){return""};this.setByParam=function(g){this.params=g};if(e!=undefined){if(e.tlv!=undefined){this.hTLV=e.tlv;this.isModified=false}}};KJUR.asn1.DERAbstractString=function(c){KJUR.asn1.DERAbstractString.superclass.constructor.call(this);var b=null;var a=null;this.getString=function(){return this.s};this.setString=function(d){this.hTLV=null;this.isModified=true;this.s=d;this.hV=utf8tohex(this.s).toLowerCase()};this.setStringHex=function(d){this.hTLV=null;this.isModified=true;this.s=null;this.hV=d};this.getFreshValueHex=function(){return this.hV};if(typeof c!="undefined"){if(typeof c=="string"){this.setString(c)}else{if(typeof c.str!="undefined"){this.setString(c.str)}else{if(typeof c.hex!="undefined"){this.setStringHex(c.hex)}}}}};extendClass(KJUR.asn1.DERAbstractString,KJUR.asn1.ASN1Object);KJUR.asn1.DERAbstractTime=function(c){KJUR.asn1.DERAbstractTime.superclass.constructor.call(this);var b=null;var a=null;this.localDateToUTC=function(g){var e=g.getTime()+(g.getTimezoneOffset()*60000);var f=new Date(e);return f};this.formatDate=function(m,o,e){var g=this.zeroPadding;var n=this.localDateToUTC(m);var p=String(n.getFullYear());if(o=="utc"){p=p.substr(2,2)}var l=g(String(n.getMonth()+1),2);var q=g(String(n.getDate()),2);var h=g(String(n.getHours()),2);var i=g(String(n.getMinutes()),2);var j=g(String(n.getSeconds()),2);var r=p+l+q+h+i+j;if(e===true){var f=n.getMilliseconds();if(f!=0){var k=g(String(f),3);k=k.replace(/[0]+$/,"");r=r+"."+k}}return r+"Z"};this.zeroPadding=function(e,d){if(e.length>=d){return e}return new Array(d-e.length+1).join("0")+e};this.setByParam=function(d){this.hV=null;this.hTLV=null;this.params=d};this.getString=function(){return undefined};this.setString=function(d){this.hTLV=null;this.isModified=true;if(this.params==undefined){this.params={}}this.params.str=d};this.setByDate=function(d){this.hTLV=null;this.isModified=true;if(this.params==undefined){this.params={}}this.params.date=d};this.setByDateValue=function(h,j,e,d,f,g){var i=new Date(Date.UTC(h,j-1,e,d,f,g,0));this.setByDate(i)};this.getFreshValueHex=function(){return this.hV}};extendClass(KJUR.asn1.DERAbstractTime,KJUR.asn1.ASN1Object);KJUR.asn1.DERAbstractStructured=function(b){KJUR.asn1.DERAbstractString.superclass.constructor.call(this);var a=null;this.setByASN1ObjectArray=function(c){this.hTLV=null;this.isModified=true;this.asn1Array=c};this.appendASN1Object=function(c){this.hTLV=null;this.isModified=true;this.asn1Array.push(c)};this.asn1Array=new Array();if(typeof b!="undefined"){if(typeof b.array!="undefined"){this.asn1Array=b.array}}};extendClass(KJUR.asn1.DERAbstractStructured,KJUR.asn1.ASN1Object);KJUR.asn1.DERBoolean=function(a){KJUR.asn1.DERBoolean.superclass.constructor.call(this);this.hT="01";if(a==false){this.hTLV="010100"}else{this.hTLV="0101ff"}};extendClass(KJUR.asn1.DERBoolean,KJUR.asn1.ASN1Object);KJUR.asn1.DERInteger=function(a){KJUR.asn1.DERInteger.superclass.constructor.call(this);this.hT="02";this.setByBigInteger=function(b){this.hTLV=null;this.isModified=true;this.hV=KJUR.asn1.ASN1Util.bigIntToMinTwosComplementsHex(b)};this.setByInteger=function(c){var b=new BigInteger(String(c),10);this.setByBigInteger(b)};this.setValueHex=function(b){this.hV=b};this.getFreshValueHex=function(){return this.hV};if(typeof a!="undefined"){if(typeof a.bigint!="undefined"){this.setByBigInteger(a.bigint)}else{if(typeof a["int"]!="undefined"){this.setByInteger(a["int"])}else{if(typeof a=="number"){this.setByInteger(a)}else{if(typeof a.hex!="undefined"){this.setValueHex(a.hex)}}}}}};extendClass(KJUR.asn1.DERInteger,KJUR.asn1.ASN1Object);KJUR.asn1.DERBitString=function(b){if(b!==undefined&&typeof b.obj!=="undefined"){var a=KJUR.asn1.ASN1Util.newObject(b.obj);b.hex="00"+a.tohex()}KJUR.asn1.DERBitString.superclass.constructor.call(this);this.hT="03";this.setHexValueIncludingUnusedBits=function(c){this.hTLV=null;this.isModified=true;this.hV=c};this.setUnusedBitsAndHexValue=function(c,e){if(c<0||7<c){throw"unused bits shall be from 0 to 7: u = "+c}var d="0"+c;this.hTLV=null;this.isModified=true;this.hV=d+e};this.setByBinaryString=function(e){e=e.replace(/0+$/,"");var f=8-e.length%8;if(f==8){f=0}e+="0000000".substr(0,f);var j="";for(var g=0;g<e.length-1;g+=8){var d=e.substr(g,8);var c=parseInt(d,2).toString(16);if(c.length==1){c="0"+c}j+=c}this.hTLV=null;this.isModified=true;this.hV="0"+f+j};this.setByBooleanArray=function(e){var d="";for(var c=0;c<e.length;c++){if(e[c]==true){d+="1"}else{d+="0"}}this.setByBinaryString(d)};this.newFalseArray=function(e){var c=new Array(e);for(var d=0;d<e;d++){c[d]=false}return c};this.getFreshValueHex=function(){return this.hV};if(typeof b!="undefined"){if(typeof b=="string"&&b.toLowerCase().match(/^[0-9a-f]+$/)){this.setHexValueIncludingUnusedBits(b)}else{if(typeof b.hex!="undefined"){this.setHexValueIncludingUnusedBits(b.hex)}else{if(typeof b.bin!="undefined"){this.setByBinaryString(b.bin)}else{if(typeof b.array!="undefined"){this.setByBooleanArray(b.array)}}}}}};extendClass(KJUR.asn1.DERBitString,KJUR.asn1.ASN1Object);KJUR.asn1.DEROctetString=function(b){if(b!==undefined&&typeof b.obj!=="undefined"){var a=KJUR.asn1.ASN1Util.newObject(b.obj);b.hex=a.tohex()}KJUR.asn1.DEROctetString.superclass.constructor.call(this,b);this.hT="04"};extendClass(KJUR.asn1.DEROctetString,KJUR.asn1.DERAbstractString);KJUR.asn1.DERNull=function(){KJUR.asn1.DERNull.superclass.constructor.call(this);this.hT="05";this.hTLV="0500"};extendClass(KJUR.asn1.DERNull,KJUR.asn1.ASN1Object);KJUR.asn1.DERObjectIdentifier=function(a){KJUR.asn1.DERObjectIdentifier.superclass.constructor.call(this);this.hT="06";this.setValueHex=function(b){this.hTLV=null;this.isModified=true;this.s=null;this.hV=b};this.setValueOidString=function(b){var c=oidtohex(b);if(c==null){throw new Error("malformed oid string: "+b)}this.hTLV=null;this.isModified=true;this.s=null;this.hV=c};this.setValueName=function(c){var b=KJUR.asn1.x509.OID.name2oid(c);if(b!==""){this.setValueOidString(b)}else{throw new Error("DERObjectIdentifier oidName undefined: "+c)}};this.setValueNameOrOid=function(b){if(b.match(/^[0-2].[0-9.]+$/)){this.setValueOidString(b)}else{this.setValueName(b)}};this.getFreshValueHex=function(){return this.hV};this.setByParam=function(b){if(typeof b==="string"){this.setValueNameOrOid(b)}else{if(b.oid!==undefined){this.setValueNameOrOid(b.oid)}else{if(b.name!==undefined){this.setValueNameOrOid(b.name)}else{if(b.hex!==undefined){this.setValueHex(b.hex)}}}}};if(a!==undefined){this.setByParam(a)}};extendClass(KJUR.asn1.DERObjectIdentifier,KJUR.asn1.ASN1Object);KJUR.asn1.DEREnumerated=function(a){KJUR.asn1.DEREnumerated.superclass.constructor.call(this);this.hT="0a";this.setByBigInteger=function(b){this.hTLV=null;this.isModified=true;this.hV=KJUR.asn1.ASN1Util.bigIntToMinTwosComplementsHex(b)};this.setByInteger=function(c){var b=new BigInteger(String(c),10);this.setByBigInteger(b)};this.setValueHex=function(b){this.hV=b};this.getFreshValueHex=function(){return this.hV};if(typeof a!="undefined"){if(typeof a["int"]!="undefined"){this.setByInteger(a["int"])}else{if(typeof a=="number"){this.setByInteger(a)}else{if(typeof a.hex!="undefined"){this.setValueHex(a.hex)}}}}};extendClass(KJUR.asn1.DEREnumerated,KJUR.asn1.ASN1Object);KJUR.asn1.DERUTF8String=function(a){KJUR.asn1.DERUTF8String.superclass.constructor.call(this,a);this.hT="0c"};extendClass(KJUR.asn1.DERUTF8String,KJUR.asn1.DERAbstractString);KJUR.asn1.DERNumericString=function(a){KJUR.asn1.DERNumericString.superclass.constructor.call(this,a);this.hT="12"};extendClass(KJUR.asn1.DERNumericString,KJUR.asn1.DERAbstractString);KJUR.asn1.DERPrintableString=function(a){KJUR.asn1.DERPrintableString.superclass.constructor.call(this,a);this.hT="13"};extendClass(KJUR.asn1.DERPrintableString,KJUR.asn1.DERAbstractString);KJUR.asn1.DERTeletexString=function(a){KJUR.asn1.DERTeletexString.superclass.constructor.call(this,a);this.hT="14"};extendClass(KJUR.asn1.DERTeletexString,KJUR.asn1.DERAbstractString);KJUR.asn1.DERIA5String=function(a){KJUR.asn1.DERIA5String.superclass.constructor.call(this,a);this.hT="16"};extendClass(KJUR.asn1.DERIA5String,KJUR.asn1.DERAbstractString);KJUR.asn1.DERVisibleString=function(a){KJUR.asn1.DERIA5String.superclass.constructor.call(this,a);this.hT="1a"};extendClass(KJUR.asn1.DERVisibleString,KJUR.asn1.DERAbstractString);KJUR.asn1.DERBMPString=function(a){KJUR.asn1.DERBMPString.superclass.constructor.call(this,a);this.hT="1e"};extendClass(KJUR.asn1.DERBMPString,KJUR.asn1.DERAbstractString);KJUR.asn1.DERUTCTime=function(a){KJUR.asn1.DERUTCTime.superclass.constructor.call(this,a);this.hT="17";this.params=undefined;this.getFreshValueHex=function(){var d=this.params;if(this.params==undefined){d={date:new Date()}}if(typeof d=="string"){if(d.match(/^[0-9]{12}Z$/)||d.match(/^[0-9]{12}\.[0-9]+Z$/)){this.hV=stohex(d)}else{throw new Error("malformed string for UTCTime: "+d)}}else{if(d.str!=undefined){this.hV=stohex(d.str)}else{if(d.date==undefined&&d.millis==true){var c=new Date();this.hV=stohex(this.formatDate(c,"utc",true))}else{if(d.date!=undefined&&d.date instanceof Date){var b=(d.millis===true);this.hV=stohex(this.formatDate(d.date,"utc",b))}else{if(d instanceof Date){this.hV=stohex(this.formatDate(d,"utc"))}}}}}if(this.hV==undefined){throw new Error("parameter not specified properly for UTCTime")}return this.hV};if(a!=undefined){this.setByParam(a)}};extendClass(KJUR.asn1.DERUTCTime,KJUR.asn1.DERAbstractTime);KJUR.asn1.DERGeneralizedTime=function(a){KJUR.asn1.DERGeneralizedTime.superclass.constructor.call(this,a);this.hT="18";this.params=a;this.getFreshValueHex=function(){var d=this.params;if(this.params==undefined){d={date:new Date()}}if(typeof d=="string"){if(d.match(/^[0-9]{14}Z$/)||d.match(/^[0-9]{14}\.[0-9]+Z$/)){this.hV=stohex(d)}else{throw new Error("malformed string for GeneralizedTime: "+d)}}else{if(d.str!=undefined){this.hV=stohex(d.str)}else{if(d.date==undefined&&d.millis==true){var c=new Date();this.hV=stohex(this.formatDate(c,"gen",true))}else{if(d.date!=undefined&&d.date instanceof Date){var b=(d.millis===true);this.hV=stohex(this.formatDate(d.date,"gen",b))}else{if(d instanceof Date){this.hV=stohex(this.formatDate(d,"gen"))}}}}}if(this.hV==undefined){throw new Error("parameter not specified properly for GeneralizedTime")}return this.hV};if(a!=undefined){this.setByParam(a)}};extendClass(KJUR.asn1.DERGeneralizedTime,KJUR.asn1.DERAbstractTime);KJUR.asn1.DERSequence=function(a){KJUR.asn1.DERSequence.superclass.constructor.call(this,a);this.hT="30";this.getFreshValueHex=function(){var c="";for(var b=0;b<this.asn1Array.length;b++){var d=this.asn1Array[b];c+=d.tohex()}this.hV=c;return this.hV}};extendClass(KJUR.asn1.DERSequence,KJUR.asn1.DERAbstractStructured);KJUR.asn1.DERSet=function(a){KJUR.asn1.DERSet.superclass.constructor.call(this,a);this.hT="31";this.sortFlag=true;this.getFreshValueHex=function(){var b=new Array();for(var c=0;c<this.asn1Array.length;c++){var d=this.asn1Array[c];b.push(d.tohex())}if(this.sortFlag==true){b.sort()}this.hV=b.join("");return this.hV};if(typeof a!="undefined"){if(typeof a.sortflag!="undefined"&&a.sortflag==false){this.sortFlag=false}}};extendClass(KJUR.asn1.DERSet,KJUR.asn1.DERAbstractStructured);KJUR.asn1.DERTaggedObject=function(f){KJUR.asn1.DERTaggedObject.superclass.constructor.call(this);var d=KJUR.asn1,e=ASN1HEX,a=e.getV,c=e.isASN1HEX,b=d.ASN1Util.newObject;this.hT="a0";this.hV="";this.isExplicit=true;this.asn1Object=null;this.params={tag:"a0",explicit:true};this.setASN1Object=function(g,h,i){this.params={tag:h,explicit:g,obj:i}};this.getFreshValueHex=function(){var h=this.params;if(h.explicit==undefined){h.explicit=true}if(h.tage!=undefined){h.tag=h.tage;h.explicit=true}if(h.tagi!=undefined){h.tag=h.tagi;h.explicit=false}if(h.str!=undefined){this.hV=utf8tohex(h.str)}else{if(h.hex!=undefined){this.hV=h.hex}else{if(h.obj!=undefined){var g;if(h.obj instanceof d.ASN1Object){g=h.obj.tohex()}else{if(typeof h.obj=="object"){g=b(h.obj).tohex()}}if(h.explicit){this.hV=g}else{this.hV=a(g,0)}}else{throw new Error("str, hex nor obj not specified")}}}if(h.tag==undefined){h.tag="a0"}this.hT=h.tag;this.hTLV=null;this.isModified=true;return this.hV};this.setByParam=function(g){this.params=g};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.DERTaggedObject,KJUR.asn1.ASN1Object);
 var ASN1HEX=new function(){};ASN1HEX.getLblen=function(c,a){if(c.substr(a+2,1)!="8"){return 1}var b=parseInt(c.substr(a+3,1));if(b==0){return -1}if(0<b&&b<10){return b+1}return -2};ASN1HEX.getL=function(c,b){var a=ASN1HEX.getLblen(c,b);if(a<1){return""}return c.substr(b+2,a*2)};ASN1HEX.getVblen=function(d,a){var c,b;c=ASN1HEX.getL(d,a);if(c==""){return -1}if(c.substr(0,1)==="8"){b=new BigInteger(c.substr(2),16)}else{b=new BigInteger(c,16)}return b.intValue()};ASN1HEX.getVidx=function(c,b){var a=ASN1HEX.getLblen(c,b);if(a<0){return a}return b+(a+1)*2};ASN1HEX.getV=function(d,a){var c=ASN1HEX.getVidx(d,a);var b=ASN1HEX.getVblen(d,a);return d.substr(c,b*2)};ASN1HEX.getTLV=function(b,a){return b.substr(a,2)+ASN1HEX.getL(b,a)+ASN1HEX.getV(b,a)};ASN1HEX.getTLVblen=function(b,a){return 2+ASN1HEX.getLblen(b,a)*2+ASN1HEX.getVblen(b,a)*2};ASN1HEX.getNextSiblingIdx=function(d,a){var c=ASN1HEX.getVidx(d,a);var b=ASN1HEX.getVblen(d,a);return c+b*2};ASN1HEX.getChildIdx=function(e,k){var l=ASN1HEX;var j=[];var c,f,g;c=l.getVidx(e,k);f=l.getVblen(e,k)*2;if(e.substr(k,2)=="03"){c+=2;f-=2}g=0;var d=c;while(g<=f){var b=l.getTLVblen(e,d);g+=b;if(g<=f){j.push(d)}d+=b;if(g>=f){break}}return j};ASN1HEX.getNthChildIdx=function(d,b,e){var c=ASN1HEX.getChildIdx(d,b);return c[e]};ASN1HEX.getIdxbyList=function(e,d,c,i){var g=ASN1HEX;var f,b;if(c.length==0){if(i!==undefined){if(e.substr(d,2)!==i){return -1}}return d}f=c.shift();b=g.getChildIdx(e,d);if(f>=b.length){return -1}return g.getIdxbyList(e,b[f],c,i)};ASN1HEX.getIdxbyListEx=function(f,k,b,g){var m=ASN1HEX;var d,l;if(b.length==0){if(g!==undefined){if(f.substr(k,2)!==g){return -1}}return k}d=b.shift();l=m.getChildIdx(f,k);var j=0;for(var e=0;e<l.length;e++){var c=f.substr(l[e],2);if((typeof d=="number"&&(!m.isContextTag(c))&&j==d)||(typeof d=="string"&&m.isContextTag(c,d))){return m.getIdxbyListEx(f,l[e],b,g)}if(!m.isContextTag(c)){j++}}return -1};ASN1HEX.getTLVbyList=function(d,c,b,f){var e=ASN1HEX;var a=e.getIdxbyList(d,c,b,f);if(a==-1){return null}if(a>=d.length){return null}return e.getTLV(d,a)};ASN1HEX.getTLVbyListEx=function(d,c,b,f){var e=ASN1HEX;var a=e.getIdxbyListEx(d,c,b,f);if(a==-1){return null}return e.getTLV(d,a)};ASN1HEX.getVbyList=function(e,c,b,g,i){var f=ASN1HEX;var a,d;a=f.getIdxbyList(e,c,b,g);if(a==-1){return null}if(a>=e.length){return null}d=f.getV(e,a);if(i===true){d=d.substr(2)}return d};ASN1HEX.getVbyListEx=function(b,e,a,d,f){var j=ASN1HEX;var g,c,i;g=j.getIdxbyListEx(b,e,a,d);if(g==-1){return null}i=j.getV(b,g);if(b.substr(g,2)=="03"&&f!==false){i=i.substr(2)}return i};ASN1HEX.getInt=function(e,b,f){if(f==undefined){f=-1}try{var c=e.substr(b,2);if(c!="02"&&c!="03"){return f}var a=ASN1HEX.getV(e,b);if(c=="02"){return parseInt(a,16)}else{return bitstrtoint(a)}}catch(d){return f}};ASN1HEX.getOID=function(c,a,d){if(d==undefined){d=null}try{if(c.substr(a,2)!="06"){return d}var e=ASN1HEX.getV(c,a);return hextooid(e)}catch(b){return d}};ASN1HEX.getOIDName=function(d,a,f){if(f==undefined){f=null}try{var e=ASN1HEX.getOID(d,a,f);if(e==f){return f}var b=KJUR.asn1.x509.OID.oid2name(e);if(b==""){return e}return b}catch(c){return f}};ASN1HEX.getString=function(d,b,e){if(e==undefined){e=null}try{var a=ASN1HEX.getV(d,b);return hextorstr(a)}catch(c){return e}};ASN1HEX.hextooidstr=function(e){var h=function(b,a){if(b.length>=a){return b}return new Array(a-b.length+1).join("0")+b};var l=[];var o=e.substr(0,2);var f=parseInt(o,16);l[0]=new String(Math.floor(f/40));l[1]=new String(f%40);var m=e.substr(2);var k=[];for(var g=0;g<m.length/2;g++){k.push(parseInt(m.substr(g*2,2),16))}var j=[];var d="";for(var g=0;g<k.length;g++){if(k[g]&128){d=d+h((k[g]&127).toString(2),7)}else{d=d+h((k[g]&127).toString(2),7);j.push(new String(parseInt(d,2)));d=""}}var n=l.join(".");if(j.length>0){n=n+"."+j.join(".")}return n};ASN1HEX.dump=function(t,c,l,g){var p=ASN1HEX;var j=p.getV;var y=p.dump;var w=p.getChildIdx;var e=t;if(t instanceof KJUR.asn1.ASN1Object){e=t.tohex()}var q=function(A,i){if(A.length<=i*2){return A}else{var v=A.substr(0,i)+"..(total "+A.length/2+"bytes).."+A.substr(A.length-i,i);return v}};if(c===undefined){c={ommit_long_octet:32}}if(l===undefined){l=0}if(g===undefined){g=""}var x=c.ommit_long_octet;var z=e.substr(l,2);if(z=="01"){var h=j(e,l);if(h=="00"){return g+"BOOLEAN FALSE\n"}else{return g+"BOOLEAN TRUE\n"}}if(z=="02"){var h=j(e,l);return g+"INTEGER "+q(h,x)+"\n"}if(z=="03"){var h=j(e,l);if(p.isASN1HEX(h.substr(2))){var k=g+"BITSTRING, encapsulates\n";k=k+y(h.substr(2),c,0,g+"  ");return k}else{return g+"BITSTRING "+q(h,x)+"\n"}}if(z=="04"){var h=j(e,l);if(p.isASN1HEX(h)){var k=g+"OCTETSTRING, encapsulates\n";k=k+y(h,c,0,g+"  ");return k}else{return g+"OCTETSTRING "+q(h,x)+"\n"}}if(z=="05"){return g+"NULL\n"}if(z=="06"){var m=j(e,l);var b=KJUR.asn1.ASN1Util.oidHexToInt(m);var o=KJUR.asn1.x509.OID.oid2name(b);var a=b.replace(/\./g," ");if(o!=""){return g+"ObjectIdentifier "+o+" ("+a+")\n"}else{return g+"ObjectIdentifier ("+a+")\n"}}if(z=="0a"){return g+"ENUMERATED "+parseInt(j(e,l))+"\n"}if(z=="0c"){return g+"UTF8String '"+hextoutf8(j(e,l))+"'\n"}if(z=="13"){return g+"PrintableString '"+hextoutf8(j(e,l))+"'\n"}if(z=="14"){return g+"TeletexString '"+hextoutf8(j(e,l))+"'\n"}if(z=="16"){return g+"IA5String '"+hextoutf8(j(e,l))+"'\n"}if(z=="17"){return g+"UTCTime "+hextoutf8(j(e,l))+"\n"}if(z=="18"){return g+"GeneralizedTime "+hextoutf8(j(e,l))+"\n"}if(z=="1a"){return g+"VisualString '"+hextoutf8(j(e,l))+"'\n"}if(z=="1e"){return g+"BMPString '"+ucs2hextoutf8(j(e,l))+"'\n"}if(z=="30"){if(e.substr(l,4)=="3000"){return g+"SEQUENCE {}\n"}var k=g+"SEQUENCE\n";var d=w(e,l);var f=c;if((d.length==2||d.length==3)&&e.substr(d[0],2)=="06"&&e.substr(d[d.length-1],2)=="04"){var o=p.oidname(j(e,d[0]));var r=JSON.parse(JSON.stringify(c));r.x509ExtName=o;f=r}for(var u=0;u<d.length;u++){k=k+y(e,f,d[u],g+"  ")}return k}if(z=="31"){var k=g+"SET\n";var d=w(e,l);for(var u=0;u<d.length;u++){k=k+y(e,c,d[u],g+"  ")}return k}var z=parseInt(z,16);if((z&128)!=0){var n=z&31;if((z&32)!=0){var k=g+"["+n+"]\n";var d=w(e,l);for(var u=0;u<d.length;u++){k=k+y(e,c,d[u],g+"  ")}return k}else{var h=j(e,l);if(ASN1HEX.isASN1HEX(h)){var k=g+"["+n+"]\n";k=k+y(h,c,0,g+"  ");return k}else{if(h.substr(0,8)=="68747470"){h=hextoutf8(h)}else{if(c.x509ExtName==="subjectAltName"&&n==2){h=hextoutf8(h)}}}var k=g+"["+n+"] "+h+"\n";return k}}return g+"UNKNOWN("+z+") "+j(e,l)+"\n"};ASN1HEX.parse=function(x){var t=ASN1HEX,f=t.parse,a=t.isASN1HEX,l=t.getV,b=t.getTLV,y=t.getChildIdx,i=KJUR.asn1,e=i.ASN1Util.oidHexToInt,B=i.x509.OID.oid2name,k=hextoutf8,n=ucs2hextoutf8,q=iso88591hextoutf8;var c={"0c":"utf8str","12":"numstr","13":"prnstr","14":"telstr","16":"ia5str","17":"utctime","18":"gentime","1a":"visstr","1e":"bmpstr","30":"seq","31":"set"};var u=function(H){var D=[];var E=y(H,0);for(var G=0;G<E.length;G++){var s=E[G];var d=b(H,s);var F=f(d);D.push(F)}return D};var C=x.substr(0,2);var j={};var p=l(x,0);if(C=="01"){if(x=="0101ff"){return{bool:true}}return{bool:false}}else{if(C=="02"){return{"int":{hex:p}}}else{if(C=="03"){try{if(p.substr(0,2)!="00"){throw"not encap"}var v=p.substr(2);if(!a(v)){throw"not encap"}return{bitstr:{obj:f(v)}}}catch(z){var m=null;if(p.length<=10){m=bitstrtobinstr(p)}if(m==null){return{bitstr:{hex:p}}}else{return{bitstr:{bin:m}}}}}else{if(C=="04"){try{if(!a(p)){throw"not encap"}return{octstr:{obj:f(p)}}}catch(z){return{octstr:{hex:p}}}}else{if(C=="05"){return{"null":""}}else{if(C=="06"){var g=e(p);var r=B(g);if(r==""){return{oid:g}}else{return{oid:r}}}else{if(C=="0a"){if(p.length>4){return{"enum":{hex:p}}}else{return{"enum":parseInt(p,16)}}}else{if(C=="30"||C=="31"){j[c[C]]=u(x);return j}else{if(C=="14"){var o=q(p);j[c[C]]={str:o};return j}else{if(C=="1e"){var o=n(p);j[c[C]]={str:o};return j}else{if(":0c:12:13:16:17:18:1a:".indexOf(C)!=-1){var o=k(p);j[c[C]]={str:o};return j}else{if(C.match(/^8[0-9]$/)){var o=k(p);if(o==null|o==""){return{tag:{tag:C,explicit:false,hex:p}}}else{if(o.match(/[\x00-\x1F\x7F-\x9F]/)!=null||o.match(/[\u0000-\u001F\u0080–\u009F]/)!=null){return{tag:{tag:C,explicit:false,hex:p}}}else{return{tag:{tag:C,explicit:false,str:o}}}}}else{if(C.match(/^a[0-9]$/)){try{if(!a(p)){throw new Error("not encap")}return{tag:{tag:C,explicit:true,obj:f(p)}}}catch(z){return{tag:{tag:C,explicit:true,hex:p}}}}else{var A=new KJUR.asn1.ASN1Object();A.hV=p;var w=A.getLengthHexFromValue();return{asn1:{tlv:C+w+p}}}}}}}}}}}}}}}};ASN1HEX.isContextTag=function(c,b){c=c.toLowerCase();var f,e;try{f=parseInt(c,16)}catch(d){return -1}if(b===undefined){if((f&192)==128){return true}else{return false}}try{var a=b.match(/^\[[0-9]+\]$/);if(a==null){return false}e=parseInt(b.substr(1,b.length-1),10);if(e>31){return false}if(((f&192)==128)&&((f&31)==e)){return true}return false}catch(d){return false}};ASN1HEX.isASN1HEX=function(e){var d=ASN1HEX;if(e.length%2==1){return false}var c=d.getVblen(e,0);var b=e.substr(0,2);var f=d.getL(e,0);var a=e.length-b.length-f.length;if(a==c*2){return true}return false};ASN1HEX.checkStrictDER=function(g,o,d,c,r){var s=ASN1HEX;if(d===undefined){if(typeof g!="string"){throw new Error("not hex string")}g=g.toLowerCase();if(!KJUR.lang.String.isHex(g)){throw new Error("not hex string")}d=g.length;c=g.length/2;if(c<128){r=1}else{r=Math.ceil(c.toString(16))+1}}var k=s.getL(g,o);if(k.length>r*2){throw new Error("L of TLV too long: idx="+o)}var n=s.getVblen(g,o);if(n>c){throw new Error("value of L too long than hex: idx="+o)}var q=s.getTLV(g,o);var f=q.length-2-s.getL(g,o).length;if(f!==(n*2)){throw new Error("V string length and L's value not the same:"+f+"/"+(n*2))}if(o===0){if(g.length!=q.length){throw new Error("total length and TLV length unmatch:"+g.length+"!="+q.length)}}var b=g.substr(o,2);if(b==="02"){var a=s.getVidx(g,o);if(g.substr(a,2)=="00"&&g.charCodeAt(a+2)<56){throw new Error("not least zeros for DER INTEGER")}}if(parseInt(b,16)&32){var p=s.getVblen(g,o);var m=0;var l=s.getChildIdx(g,o);for(var e=0;e<l.length;e++){var j=s.getTLV(g,l[e]);m+=j.length;s.checkStrictDER(g,l[e],d,c,r)}if((p*2)!=m){throw new Error("sum of children's TLV length and L unmatch: "+(p*2)+"!="+m)}}};ASN1HEX.oidname=function(a){var c=KJUR.asn1;if(KJUR.lang.String.isHex(a)){a=c.ASN1Util.oidHexToInt(a)}var b=c.x509.OID.oid2name(a);if(b===""){b=a}return b};
-if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}if(typeof KJUR.asn1.x509=="undefined"||!KJUR.asn1.x509){KJUR.asn1.x509={}}KJUR.asn1.x509.Certificate=function(h){KJUR.asn1.x509.Certificate.superclass.constructor.call(this);var d=KJUR,c=d.asn1,f=c.DERBitString,b=c.DERSequence,g=c.x509,a=g.TBSCertificate,e=g.AlgorithmIdentifier;this.params=undefined;this.setByParam=function(i){this.params=i};this.sign=function(){var l=this.params;var k=l.sigalg;if(l.sigalg.name!=undefined){k=l.sigalg.name}var i=l.tbsobj.tohex();var j=new KJUR.crypto.Signature({alg:k});j.init(l.cakey);j.updateHex(i);l.sighex=j.sign()};this.getPEM=function(){return hextopem(this.tohex(),"CERTIFICATE")};this.tohex=function(){var k=this.params;if(k.tbsobj==undefined||k.tbsobj==null){k.tbsobj=new a(k)}if(k.sighex==undefined&&k.cakey!=undefined){this.sign()}if(k.sighex==undefined){throw new Error("sighex or cakey parameter not defined")}var i=[];i.push(k.tbsobj);i.push(new e({name:k.sigalg}));i.push(new f({hex:"00"+k.sighex}));var j=new b({array:i});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};if(h!=undefined){this.params=h}};extendClass(KJUR.asn1.x509.Certificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.TBSCertificate=function(f){KJUR.asn1.x509.TBSCertificate.superclass.constructor.call(this);var b=KJUR,i=b.asn1,d=i.x509,c=i.DERTaggedObject,h=i.DERInteger,g=i.DERSequence,l=d.AlgorithmIdentifier,e=d.Time,a=d.X500Name,j=d.Extensions,k=d.SubjectPublicKeyInfo;this.params=null;this.setByParam=function(m){this.params=m};this.tohex=function(){var n=[];var q=this.params;if(q.version!=undefined||q.version!=1){var m=2;if(q.version!=undefined){m=q.version-1}var p=new c({obj:new h({"int":m})});n.push(p)}n.push(new h(q.serial));n.push(new l({name:q.sigalg}));n.push(new a(q.issuer));n.push(new g({array:[new e(q.notbefore),new e(q.notafter)]}));n.push(new a(q.subject));n.push(new k(KEYUTIL.getKey(q.sbjpubkey)));if(q.ext!==undefined&&q.ext.length>0){n.push(new c({tag:"a3",obj:new j(q.ext)}))}var o=new KJUR.asn1.DERSequence({array:n});return o.tohex()};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.TBSCertificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Extensions=function(d){KJUR.asn1.x509.Extensions.superclass.constructor.call(this);var c=KJUR,b=c.asn1,a=b.DERSequence,e=b.x509;this.aParam=[];this.setByParam=function(f){this.aParam=f};this.tohex=function(){var f=[];for(var h=0;h<this.aParam.length;h++){var l=this.aParam[h];var k=l.extname;var j=null;if(l.extn!=undefined){j=new e.PrivateExtension(l)}else{if(k=="subjectKeyIdentifier"){j=new e.SubjectKeyIdentifier(l)}else{if(k=="keyUsage"){j=new e.KeyUsage(l)}else{if(k=="subjectAltName"){j=new e.SubjectAltName(l)}else{if(k=="issuerAltName"){j=new e.IssuerAltName(l)}else{if(k=="basicConstraints"){j=new e.BasicConstraints(l)}else{if(k=="nameConstraints"){j=new e.NameConstraints(l)}else{if(k=="cRLDistributionPoints"){j=new e.CRLDistributionPoints(l)}else{if(k=="certificatePolicies"){j=new e.CertificatePolicies(l)}else{if(k=="authorityKeyIdentifier"){j=new e.AuthorityKeyIdentifier(l)}else{if(k=="extKeyUsage"){j=new e.ExtKeyUsage(l)}else{if(k=="authorityInfoAccess"){j=new e.AuthorityInfoAccess(l)}else{if(k=="cRLNumber"){j=new e.CRLNumber(l)}else{if(k=="cRLReason"){j=new e.CRLReason(l)}else{if(k=="ocspNonce"){j=new e.OCSPNonce(l)}else{if(k=="ocspNoCheck"){j=new e.OCSPNoCheck(l)}else{if(k=="adobeTimeStamp"){j=new e.AdobeTimeStamp(l)}else{if(k=="subjectDirectoryAttributes"){j=new e.SubjectDirectoryAttributes(l)}else{throw new Error("extension not supported:"+JSON.stringify(l))}}}}}}}}}}}}}}}}}}if(j!=null){f.push(j)}}var g=new a({array:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(d!=undefined){this.setByParam(d)}};extendClass(KJUR.asn1.x509.Extensions,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Extension=function(d){KJUR.asn1.x509.Extension.superclass.constructor.call(this);var f=null,a=KJUR,e=a.asn1,h=e.DERObjectIdentifier,i=e.DEROctetString,b=e.DERBitString,g=e.DERBoolean,c=e.DERSequence;this.tohex=function(){var m=new h({oid:this.oid});var l=new i({hex:this.getExtnValueHex()});var k=new Array();k.push(m);if(this.critical){k.push(new g())}k.push(l);var j=new c({array:k});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};this.critical=false;if(d!==undefined){if(d.critical!==undefined){this.critical=d.critical}}};extendClass(KJUR.asn1.x509.Extension,KJUR.asn1.ASN1Object);KJUR.asn1.x509.KeyUsage=function(c){KJUR.asn1.x509.KeyUsage.superclass.constructor.call(this,c);var b=Error;var a={digitalSignature:0,nonRepudiation:1,keyEncipherment:2,dataEncipherment:3,keyAgreement:4,keyCertSign:5,cRLSign:6,encipherOnly:7,decipherOnly:8};this.getExtnValueHex=function(){var d=this.getBinValue();this.asn1ExtnValue=new KJUR.asn1.DERBitString({bin:d});return this.asn1ExtnValue.tohex()};this.getBinValue=function(){var d=this.params;if(typeof d!="object"||(typeof d.names!="object"&&typeof d.bin!="string")){throw new b("parameter not yet set")}if(d.names!=undefined){return namearraytobinstr(d.names,a)}else{if(d.bin!=undefined){return d.bin}else{throw new b("parameter not set properly")}}};this.oid="2.5.29.15";if(c!==undefined){this.params=c}};extendClass(KJUR.asn1.x509.KeyUsage,KJUR.asn1.x509.Extension);KJUR.asn1.x509.BasicConstraints=function(g){KJUR.asn1.x509.BasicConstraints.superclass.constructor.call(this,g);var c=KJUR.asn1,e=c.DERBoolean,f=c.DERInteger,b=c.DERSequence;var a=false;var d=-1;this.getExtnValueHex=function(){var i=new Array();if(this.cA){i.push(new e())}if(this.pathLen>-1){i.push(new f({"int":this.pathLen}))}var h=new b({array:i});this.asn1ExtnValue=h;return this.asn1ExtnValue.tohex()};this.oid="2.5.29.19";this.cA=false;this.pathLen=-1;if(g!==undefined){if(g.cA!==undefined){this.cA=g.cA}if(g.pathLen!==undefined){this.pathLen=g.pathLen}}};extendClass(KJUR.asn1.x509.BasicConstraints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRLDistributionPoints=function(d){KJUR.asn1.x509.CRLDistributionPoints.superclass.constructor.call(this,d);var b=KJUR,a=b.asn1,c=a.x509;this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.setByDPArray=function(e){var f=[];for(var g=0;g<e.length;g++){if(e[g] instanceof KJUR.asn1.ASN1Object){f.push(e[g])}else{var h=new c.DistributionPoint(e[g]);f.push(h)}}this.asn1ExtnValue=new a.DERSequence({array:f})};this.setByOneURI=function(f){var e=new c.DistributionPoint({fulluri:f});this.setByDPArray([e])};this.oid="2.5.29.31";if(d!==undefined){if(d.array!==undefined){this.setByDPArray(d.array)}else{if(d.uri!==undefined){this.setByOneURI(d.uri)}}}};extendClass(KJUR.asn1.x509.CRLDistributionPoints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.DistributionPoint=function(e){KJUR.asn1.x509.DistributionPoint.superclass.constructor.call(this);var a=null,c=KJUR,b=c.asn1,d=b.x509.DistributionPointName;this.tohex=function(){var f=new b.DERSequence();if(this.asn1DP!=null){var g=new b.DERTaggedObject({explicit:true,tag:"a0",obj:this.asn1DP});f.appendASN1Object(g)}this.hTLV=f.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){if(e.dpobj!==undefined){this.asn1DP=e.dpobj}else{if(e.dpname!==undefined){this.asn1DP=new d(e.dpname)}else{if(e.fulluri!==undefined){this.asn1DP=new d({full:[{uri:e.fulluri}]})}}}}};extendClass(KJUR.asn1.x509.DistributionPoint,KJUR.asn1.ASN1Object);KJUR.asn1.x509.DistributionPointName=function(h){KJUR.asn1.x509.DistributionPointName.superclass.constructor.call(this);var g=null,d=null,a=null,f=null,c=KJUR,b=c.asn1,e=b.DERTaggedObject;this.tohex=function(){if(this.type!="full"){throw new Error("currently type shall be 'full': "+this.type)}this.asn1Obj=new e({explicit:false,tag:this.tag,obj:this.asn1V});this.hTLV=this.asn1Obj.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(h!==undefined){if(b.x509.GeneralNames.prototype.isPrototypeOf(h)){this.type="full";this.tag="a0";this.asn1V=h}else{if(h.full!==undefined){this.type="full";this.tag="a0";this.asn1V=new b.x509.GeneralNames(h.full)}else{throw new Error("This class supports GeneralNames only as argument")}}}};extendClass(KJUR.asn1.x509.DistributionPointName,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CertificatePolicies=function(f){KJUR.asn1.x509.CertificatePolicies.superclass.constructor.call(this,f);var c=KJUR,b=c.asn1,e=b.x509,a=b.DERSequence,d=e.PolicyInformation;this.params=null;this.getExtnValueHex=function(){var j=[];for(var h=0;h<this.params.array.length;h++){j.push(new d(this.params.array[h]))}var g=new a({array:j});this.asn1ExtnValue=g;return this.asn1ExtnValue.tohex()};this.oid="2.5.29.32";if(f!==undefined){this.params=f}};extendClass(KJUR.asn1.x509.CertificatePolicies,KJUR.asn1.x509.Extension);KJUR.asn1.x509.PolicyInformation=function(d){KJUR.asn1.x509.PolicyInformation.superclass.constructor.call(this,d);var c=KJUR.asn1,b=c.DERSequence,e=c.DERObjectIdentifier,a=c.x509.PolicyQualifierInfo;this.params=null;this.tohex=function(){if(this.params.policyoid===undefined&&this.params.array===undefined){throw new Error("parameter oid and array missing")}var f=[new e(this.params.policyoid)];if(this.params.array!==undefined){var j=[];for(var h=0;h<this.params.array.length;h++){j.push(new a(this.params.array[h]))}if(j.length>0){f.push(new b({array:j}))}}var g=new b({array:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(d!==undefined){this.params=d}};extendClass(KJUR.asn1.x509.PolicyInformation,KJUR.asn1.ASN1Object);KJUR.asn1.x509.PolicyQualifierInfo=function(e){KJUR.asn1.x509.PolicyQualifierInfo.superclass.constructor.call(this,e);var c=KJUR.asn1,b=c.DERSequence,d=c.DERIA5String,f=c.DERObjectIdentifier,a=c.x509.UserNotice;this.params=null;this.tohex=function(){if(this.params.cps!==undefined){var g=new b({array:[new f({oid:"1.3.6.1.5.5.7.2.1"}),new d({str:this.params.cps})]});return g.tohex()}if(this.params.unotice!=undefined){var g=new b({array:[new f({oid:"1.3.6.1.5.5.7.2.2"}),new a(this.params.unotice)]});return g.tohex()}};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){this.params=e}};extendClass(KJUR.asn1.x509.PolicyQualifierInfo,KJUR.asn1.ASN1Object);KJUR.asn1.x509.UserNotice=function(e){KJUR.asn1.x509.UserNotice.superclass.constructor.call(this,e);var a=KJUR.asn1.DERSequence,d=KJUR.asn1.DERInteger,c=KJUR.asn1.x509.DisplayText,b=KJUR.asn1.x509.NoticeReference;this.params=null;this.tohex=function(){var f=[];if(this.params.noticeref!==undefined){f.push(new b(this.params.noticeref))}if(this.params.exptext!==undefined){f.push(new c(this.params.exptext))}var g=new a({array:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){this.params=e}};extendClass(KJUR.asn1.x509.UserNotice,KJUR.asn1.ASN1Object);KJUR.asn1.x509.NoticeReference=function(d){KJUR.asn1.x509.NoticeReference.superclass.constructor.call(this,d);var a=KJUR.asn1.DERSequence,c=KJUR.asn1.DERInteger,b=KJUR.asn1.x509.DisplayText;this.params=null;this.tohex=function(){var f=[];if(this.params.org!==undefined){f.push(new b(this.params.org))}if(this.params.noticenum!==undefined){var h=[];var e=this.params.noticenum;for(var j=0;j<e.length;j++){h.push(new c(e[j]))}f.push(new a({array:h}))}if(f.length==0){throw new Error("parameter is empty")}var g=new a({array:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(d!==undefined){this.params=d}};extendClass(KJUR.asn1.x509.NoticeReference,KJUR.asn1.ASN1Object);KJUR.asn1.x509.DisplayText=function(a){KJUR.asn1.x509.DisplayText.superclass.constructor.call(this,a);this.hT="0c";if(a!==undefined){if(a.type==="ia5"){this.hT="16"}else{if(a.type==="vis"){this.hT="1a"}else{if(a.type==="bmp"){this.hT="1e"}}}}};extendClass(KJUR.asn1.x509.DisplayText,KJUR.asn1.DERAbstractString);KJUR.asn1.x509.NameConstraints=function(f){KJUR.asn1.x509.NameConstraints.superclass.constructor.call(this,f);var c=KJUR,b=c.asn1,e=b.x509,a=b.ASN1Util.newObject,d=e.GeneralSubtree;this.params=null;this.getExtnValueHex=function(){var l=this.params;var g=[];if(l.permit!=undefined&&l.permit.length!=undefined){var k=[];for(var h=0;h<l.permit.length;h++){k.push(new d(l.permit[h]))}g.push({tag:{tagi:"a0",obj:{seq:k}}})}if(l.exclude!=undefined&&l.exclude.length!=undefined){var j=[];for(var h=0;h<l.exclude.length;h++){j.push(new d(l.exclude[h]))}g.push({tag:{tagi:"a1",obj:{seq:j}}})}this.asn1ExtnValue=a({seq:g});return this.asn1ExtnValue.tohex()};this.oid="2.5.29.30";if(f!==undefined){this.params=f}};extendClass(KJUR.asn1.x509.NameConstraints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.GeneralSubtree=function(e){KJUR.asn1.x509.GeneralSubtree.superclass.constructor.call(this);var b=KJUR.asn1,d=b.x509,c=d.GeneralName,a=b.ASN1Util.newObject;this.params=null;this.setByParam=function(f){this.params=f};this.tohex=function(){var h=this.params;var f=[new c(h)];if(h.min!=undefined){f.push({tag:{tagi:"80",obj:{"int":h.min}}})}if(h.max!=undefined){f.push({tag:{tagi:"81",obj:{"int":h.max}}})}var g=a({seq:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){this.setByParam(e)}};extendClass(KJUR.asn1.x509.GeneralSubtree,KJUR.asn1.ASN1Object);KJUR.asn1.x509.ExtKeyUsage=function(c){KJUR.asn1.x509.ExtKeyUsage.superclass.constructor.call(this,c);var b=KJUR,a=b.asn1;this.setPurposeArray=function(d){this.asn1ExtnValue=new a.DERSequence();for(var e=0;e<d.length;e++){var f=new a.DERObjectIdentifier(d[e]);this.asn1ExtnValue.appendASN1Object(f)}};this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.oid="2.5.29.37";if(c!==undefined){if(c.array!==undefined){this.setPurposeArray(c.array)}}};extendClass(KJUR.asn1.x509.ExtKeyUsage,KJUR.asn1.x509.Extension);KJUR.asn1.x509.AuthorityKeyIdentifier=function(f){KJUR.asn1.x509.AuthorityKeyIdentifier.superclass.constructor.call(this,f);var b=KJUR,a=b.asn1,d=a.DERTaggedObject,e=a.x509.GeneralNames,c=b.crypto.Util.isKey;this.asn1KID=null;this.asn1CertIssuer=null;this.asn1CertSN=null;this.getExtnValueHex=function(){var h=new Array();if(this.asn1KID){h.push(new d({explicit:false,tag:"80",obj:this.asn1KID}))}if(this.asn1CertIssuer){h.push(new d({explicit:false,tag:"a1",obj:new e([{dn:this.asn1CertIssuer}])}))}if(this.asn1CertSN){h.push(new d({explicit:false,tag:"82",obj:this.asn1CertSN}))}var g=new a.DERSequence({array:h});this.asn1ExtnValue=g;return this.asn1ExtnValue.tohex()};this.setKIDByParam=function(i){if(i.str!==undefined||i.hex!==undefined){this.asn1KID=new KJUR.asn1.DEROctetString(i)}else{if((typeof i==="object"&&KJUR.crypto.Util.isKey(i))||(typeof i==="string"&&i.indexOf("BEGIN ")!=-1)){var h=i;if(typeof i==="string"){h=KEYUTIL.getKey(i)}var g=KEYUTIL.getKeyID(h);this.asn1KID=new KJUR.asn1.DEROctetString({hex:g})}}};this.setCertIssuerByParam=function(g){if(g.str!==undefined||g.ldapstr!==undefined||g.hex!==undefined||g.certsubject!==undefined||g.certissuer!==undefined){this.asn1CertIssuer=new KJUR.asn1.x509.X500Name(g)}else{if(typeof g==="string"&&g.indexOf("BEGIN ")!=-1&&g.indexOf("CERTIFICATE")!=-1){this.asn1CertIssuer=new KJUR.asn1.x509.X500Name({certissuer:g})}}};this.setCertSNByParam=function(i){if(i.str!==undefined||i.bigint!==undefined||i.hex!==undefined){this.asn1CertSN=new KJUR.asn1.DERInteger(i)}else{if(typeof i==="string"&&i.indexOf("BEGIN ")!=-1&&i.indexOf("CERTIFICATE")){var g=new X509();g.readCertPEM(i);var h=g.getSerialNumberHex();this.asn1CertSN=new KJUR.asn1.DERInteger({hex:h})}}};this.oid="2.5.29.35";if(f!==undefined){if(f.kid!==undefined){this.setKIDByParam(f.kid)}if(f.issuer!==undefined){this.setCertIssuerByParam(f.issuer)}if(f.sn!==undefined){this.setCertSNByParam(f.sn)}if(f.issuersn!==undefined&&typeof f.issuersn==="string"&&f.issuersn.indexOf("BEGIN ")!=-1&&f.issuersn.indexOf("CERTIFICATE")){this.setCertSNByParam(f.issuersn);this.setCertIssuerByParam(f.issuersn)}}};extendClass(KJUR.asn1.x509.AuthorityKeyIdentifier,KJUR.asn1.x509.Extension);KJUR.asn1.x509.SubjectKeyIdentifier=function(d){KJUR.asn1.x509.SubjectKeyIdentifier.superclass.constructor.call(this,d);var b=KJUR,a=b.asn1,c=a.DEROctetString;this.asn1KID=null;this.getExtnValueHex=function(){this.asn1ExtnValue=this.asn1KID;return this.asn1ExtnValue.tohex()};this.setKIDByParam=function(g){if(g.str!==undefined||g.hex!==undefined){this.asn1KID=new c(g)}else{if((typeof g==="object"&&KJUR.crypto.Util.isKey(g))||(typeof g==="string"&&g.indexOf("BEGIN")!=-1)){var f=g;if(typeof g==="string"){f=KEYUTIL.getKey(g)}var e=KEYUTIL.getKeyID(f);this.asn1KID=new KJUR.asn1.DEROctetString({hex:e})}}};this.oid="2.5.29.14";if(d!==undefined){if(d.kid!==undefined){this.setKIDByParam(d.kid)}}};extendClass(KJUR.asn1.x509.SubjectKeyIdentifier,KJUR.asn1.x509.Extension);KJUR.asn1.x509.AuthorityInfoAccess=function(a){KJUR.asn1.x509.AuthorityInfoAccess.superclass.constructor.call(this,a);this.setAccessDescriptionArray=function(k){var d=new Array(),b=KJUR,g=b.asn1,c=g.DERSequence,j=g.DERObjectIdentifier,l=g.x509.GeneralName;for(var f=0;f<k.length;f++){var e;var h=k[f];if(h.ocsp!==undefined){e=new c({array:[new j({oid:"1.3.6.1.5.5.7.48.1"}),new l({uri:h.ocsp})]})}else{if(h.caissuer!==undefined){e=new c({array:[new j({oid:"1.3.6.1.5.5.7.48.2"}),new l({uri:h.caissuer})]})}else{throw new Error("unknown AccessMethod parameter: "+JSON.stringify(h))}}d.push(e)}this.asn1ExtnValue=new c({array:d})};this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.oid="1.3.6.1.5.5.7.1.1";if(a!==undefined){if(a.array!==undefined){this.setAccessDescriptionArray(a.array)}}};extendClass(KJUR.asn1.x509.AuthorityInfoAccess,KJUR.asn1.x509.Extension);KJUR.asn1.x509.SubjectAltName=function(a){KJUR.asn1.x509.SubjectAltName.superclass.constructor.call(this,a);this.setNameArray=function(b){this.asn1ExtnValue=new KJUR.asn1.x509.GeneralNames(b)};this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.oid="2.5.29.17";if(a!==undefined){if(a.array!==undefined){this.setNameArray(a.array)}}};extendClass(KJUR.asn1.x509.SubjectAltName,KJUR.asn1.x509.Extension);KJUR.asn1.x509.IssuerAltName=function(a){KJUR.asn1.x509.IssuerAltName.superclass.constructor.call(this,a);this.setNameArray=function(b){this.asn1ExtnValue=new KJUR.asn1.x509.GeneralNames(b)};this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.oid="2.5.29.18";if(a!==undefined){if(a.array!==undefined){this.setNameArray(a.array)}}};extendClass(KJUR.asn1.x509.IssuerAltName,KJUR.asn1.x509.Extension);KJUR.asn1.x509.SubjectDirectoryAttributes=function(e){KJUR.asn1.x509.SubjectDirectoryAttributes.superclass.constructor.call(this,e);var c=KJUR.asn1,a=c.DERSequence,b=c.ASN1Util.newObject,d=c.x509.OID.name2oid;this.params=null;this.getExtnValueHex=function(){var f=[];for(var j=0;j<this.params.array.length;j++){var k=this.params.array[j];var h={seq:[{oid:"1.2.3.4"},{set:[{utf8str:"DE"}]}]};if(k.attr=="dateOfBirth"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={gentime:k.str}}else{if(k.attr=="placeOfBirth"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={utf8str:k.str}}else{if(k.attr=="gender"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={prnstr:k.str}}else{if(k.attr=="countryOfCitizenship"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={prnstr:k.str}}else{if(k.attr=="countryOfResidence"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={prnstr:k.str}}else{throw new Error("unsupported attribute: "+k.attr)}}}}}f.push(new b(h))}var g=new a({array:f});this.asn1ExtnValue=g;return this.asn1ExtnValue.tohex()};this.oid="2.5.29.9";if(e!==undefined){this.params=e}};extendClass(KJUR.asn1.x509.SubjectDirectoryAttributes,KJUR.asn1.x509.Extension);KJUR.asn1.x509.PrivateExtension=function(f){KJUR.asn1.x509.PrivateExtension.superclass.constructor.call(this,f);var c=KJUR,e=c.lang.String.isHex,b=c.asn1,d=b.x509.OID.name2oid,a=b.ASN1Util.newObject;this.params=null;this.setByParam=function(g){this.oid=d(g.extname);this.params=g};this.getExtnValueHex=function(){if(this.params.extname==undefined||this.params.extn==undefined){throw new Error("extname or extnhex not specified")}var h=this.params.extn;if(typeof h=="string"&&e(h)){return h}else{if(typeof h=="object"){try{return a(h).tohex()}catch(g){}}}throw new Error("unsupported extn value")};if(f!=undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.PrivateExtension,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRL=function(g){KJUR.asn1.x509.CRL.superclass.constructor.call(this);var c=KJUR,b=c.asn1,a=b.DERSequence,e=b.DERBitString,f=b.x509,d=f.AlgorithmIdentifier,h=f.TBSCertList;this.params=undefined;this.setByParam=function(i){this.params=i};this.sign=function(){var j=(new h(this.params)).tohex();var k=new KJUR.crypto.Signature({alg:this.params.sigalg});k.init(this.params.cakey);k.updateHex(j);var i=k.sign();this.params.sighex=i};this.getPEM=function(){return hextopem(this.tohex(),"X509 CRL")};this.tohex=function(){var k=this.params;if(k.tbsobj==undefined){k.tbsobj=new h(k)}if(k.sighex==undefined&&k.cakey!=undefined){this.sign()}if(k.sighex==undefined){throw new Error("sighex or cakey parameter not defined")}var i=[];i.push(k.tbsobj);i.push(new d({name:k.sigalg}));i.push(new e({hex:"00"+k.sighex}));var j=new a({array:i});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!=undefined){this.params=g}};extendClass(KJUR.asn1.x509.CRL,KJUR.asn1.ASN1Object);KJUR.asn1.x509.TBSCertList=function(f){KJUR.asn1.x509.TBSCertList.superclass.constructor.call(this);var b=KJUR,i=b.asn1,h=i.DERInteger,g=i.DERSequence,c=i.DERTaggedObject,k=i.DERObjectIdentifier,d=i.x509,l=d.AlgorithmIdentifier,e=d.Time,j=d.Extensions,a=d.X500Name;this.params=null;this.setByParam=function(m){this.params=m};this.getRevCertSequence=function(){var m=[];var n=this.params.revcert;for(var o=0;o<n.length;o++){var p=[new h(n[o].sn),new e(n[o].date)];if(n[o].ext!=undefined){p.push(new j(n[o].ext))}m.push(new g({array:p}))}return new g({array:m})};this.tohex=function(){var n=[];var r=this.params;if(r.version!=undefined){var m=r.version-1;var p=new h({"int":m});n.push(p)}n.push(new l({name:r.sigalg}));n.push(new a(r.issuer));n.push(new e(r.thisupdate));if(r.nextupdate!=undefined){n.push(new e(r.nextupdate))}if(r.revcert!=undefined){n.push(this.getRevCertSequence())}if(r.ext!=undefined){var q=new j(r.ext);n.push(new c({tag:"a0",explicit:true,obj:q}))}var o=new g({array:n});return o.tohex()};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.TBSCertList,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CRLEntry=function(e){KJUR.asn1.x509.CRLEntry.superclass.constructor.call(this);var d=null,c=null,b=KJUR,a=b.asn1;this.setCertSerial=function(f){this.sn=new a.DERInteger(f)};this.setRevocationDate=function(f){this.time=new a.x509.Time(f)};this.tohex=function(){var f=new a.DERSequence({array:[this.sn,this.time]});this.TLV=f.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){if(e.time!==undefined){this.setRevocationDate(e.time)}if(e.sn!==undefined){this.setCertSerial(e.sn)}}};extendClass(KJUR.asn1.x509.CRLEntry,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CRLNumber=function(a){KJUR.asn1.x509.CRLNumber.superclass.constructor.call(this,a);this.params=undefined;this.getExtnValueHex=function(){this.asn1ExtnValue=new KJUR.asn1.DERInteger(this.params.num);return this.asn1ExtnValue.tohex()};this.oid="2.5.29.20";if(a!=undefined){this.params=a}};extendClass(KJUR.asn1.x509.CRLNumber,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRLReason=function(a){KJUR.asn1.x509.CRLReason.superclass.constructor.call(this,a);this.params=undefined;this.getExtnValueHex=function(){this.asn1ExtnValue=new KJUR.asn1.DEREnumerated(this.params.code);return this.asn1ExtnValue.tohex()};this.oid="2.5.29.21";if(a!=undefined){this.params=a}};extendClass(KJUR.asn1.x509.CRLReason,KJUR.asn1.x509.Extension);KJUR.asn1.x509.OCSPNonce=function(a){KJUR.asn1.x509.OCSPNonce.superclass.constructor.call(this,a);this.params=undefined;this.getExtnValueHex=function(){this.asn1ExtnValue=new KJUR.asn1.DEROctetString(this.params);return this.asn1ExtnValue.tohex()};this.oid="1.3.6.1.5.5.7.48.1.2";if(a!=undefined){this.params=a}};extendClass(KJUR.asn1.x509.OCSPNonce,KJUR.asn1.x509.Extension);KJUR.asn1.x509.OCSPNoCheck=function(a){KJUR.asn1.x509.OCSPNoCheck.superclass.constructor.call(this,a);this.params=undefined;this.getExtnValueHex=function(){this.asn1ExtnValue=new KJUR.asn1.DERNull();return this.asn1ExtnValue.tohex()};this.oid="1.3.6.1.5.5.7.48.1.5";if(a!=undefined){this.params=a}};extendClass(KJUR.asn1.x509.OCSPNoCheck,KJUR.asn1.x509.Extension);KJUR.asn1.x509.AdobeTimeStamp=function(g){KJUR.asn1.x509.AdobeTimeStamp.superclass.constructor.call(this,g);var c=KJUR,b=c.asn1,f=b.DERInteger,d=b.DERBoolean,a=b.DERSequence,e=b.x509.GeneralName;this.params=null;this.getExtnValueHex=function(){var i=this.params;var h=[new f(1)];h.push(new e({uri:i.uri}));if(i.reqauth!=undefined){h.push(new d(i.reqauth))}this.asn1ExtnValue=new a({array:h});return this.asn1ExtnValue.tohex()};this.oid="1.2.840.113583.1.1.9.1";if(g!==undefined){this.setByParam(g)}};extendClass(KJUR.asn1.x509.AdobeTimeStamp,KJUR.asn1.x509.Extension);KJUR.asn1.x509.X500Name=function(f){KJUR.asn1.x509.X500Name.superclass.constructor.call(this);this.asn1Array=[];this.paramArray=[];this.sRule="utf8";var c=KJUR,b=c.asn1,e=b.x509,d=e.RDN,a=pemtohex;this.setByString=function(g,l){if(l!==undefined){this.sRule=l}var k=g.split("/");k.shift();var j=[];for(var m=0;m<k.length;m++){if(k[m].match(/^[^=]+=.+$/)){j.push(k[m])}else{var h=j.length-1;j[h]=j[h]+"/"+k[m]}}for(var m=0;m<j.length;m++){this.asn1Array.push(new d({str:j[m],rule:this.sRule}))}};this.setByLdapString=function(g,h){if(h!==undefined){this.sRule=h}var i=e.X500Name.ldapToCompat(g);this.setByString(i,h)};this.setByObject=function(j,i){if(i!==undefined){this.sRule=i}for(var g in j){if(j.hasOwnProperty(g)){var h=new d({str:g+"="+j[g],rule:this.sRule});this.asn1Array?this.asn1Array.push(h):this.asn1Array=[h]}}};this.setByParam=function(h){if(h.rule!==undefined){this.sRule=h.rule}if(h.array!==undefined){this.paramArray=h.array}else{if(h.str!==undefined){this.setByString(h.str)}else{if(h.ldapstr!==undefined){this.setByLdapString(h.ldapstr)}else{if(h.hex!==undefined){this.hTLV=h.hex}else{if(h.certissuer!==undefined){var g=new X509();g.readCertPEM(h.certissuer);this.hTLV=g.getIssuerHex()}else{if(h.certsubject!==undefined){var g=new X509();g.readCertPEM(h.certsubject);this.hTLV=g.getSubjectHex()}else{if(typeof h==="object"&&h.certsubject===undefined&&h.certissuer===undefined){this.setByObject(h)}}}}}}}};this.tohex=function(){if(typeof this.hTLV=="string"){return this.hTLV}if(this.asn1Array.length==0&&this.paramArray.length>0){for(var g=0;g<this.paramArray.length;g++){var k={array:this.paramArray[g]};if(this.sRule!="utf8"){k.rule=this.sRule}var h=new d(k);this.asn1Array.push(h)}}var j=new b.DERSequence({array:this.asn1Array});this.hTLV=j.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.X500Name,KJUR.asn1.ASN1Object);KJUR.asn1.x509.X500Name.compatToLDAP=function(d){if(d.substr(0,1)!=="/"){throw"malformed input"}var b="";d=d.substr(1);var c=d.split("/");c.reverse();c=c.map(function(a){return a.replace(/,/,"\\,")});return c.join(",")};KJUR.asn1.x509.X500Name.onelineToLDAP=function(a){return KJUR.asn1.x509.X500Name.compatToLDAP(a)};KJUR.asn1.x509.X500Name.ldapToCompat=function(g){var c=g.split(",");var e=false;var b=[];for(var f=0;c.length>0;f++){var h=c.shift();if(e===true){var d=b.pop();var j=(d+","+h).replace(/\\,/g,",");b.push(j);e=false}else{b.push(h)}if(h.substr(-1,1)==="\\"){e=true}}b=b.map(function(a){return a.replace("/","\\/")});b.reverse();return"/"+b.join("/")};KJUR.asn1.x509.X500Name.ldapToOneline=function(a){return KJUR.asn1.x509.X500Name.ldapToCompat(a)};KJUR.asn1.x509.RDN=function(b){KJUR.asn1.x509.RDN.superclass.constructor.call(this);this.asn1Array=[];this.paramArray=[];this.sRule="utf8";var a=KJUR.asn1.x509.AttributeTypeAndValue;this.setByParam=function(c){if(c.rule!==undefined){this.sRule=c.rule}if(c.str!==undefined){this.addByMultiValuedString(c.str)}if(c.array!==undefined){this.paramArray=c.array}};this.addByString=function(c){this.asn1Array.push(new KJUR.asn1.x509.AttributeTypeAndValue({str:c,rule:this.sRule}))};this.addByMultiValuedString=function(e){var c=KJUR.asn1.x509.RDN.parseString(e);for(var d=0;d<c.length;d++){this.addByString(c[d])}};this.tohex=function(){if(this.asn1Array.length==0&&this.paramArray.length>0){for(var d=0;d<this.paramArray.length;d++){var f=this.paramArray[d];if(f.rule!==undefined&&this.sRule!="utf8"){f.rule=this.sRule}var c=new a(f);this.asn1Array.push(c)}}var e=new KJUR.asn1.DERSet({array:this.asn1Array});this.TLV=e.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};if(b!==undefined){this.setByParam(b)}};extendClass(KJUR.asn1.x509.RDN,KJUR.asn1.ASN1Object);KJUR.asn1.x509.RDN.parseString=function(m){var j=m.split(/\+/);var h=false;var c=[];for(var g=0;j.length>0;g++){var k=j.shift();if(h===true){var f=c.pop();var d=(f+"+"+k).replace(/\\\+/g,"+");c.push(d);h=false}else{c.push(k)}if(k.substr(-1,1)==="\\"){h=true}}var l=false;var b=[];for(var g=0;c.length>0;g++){var k=c.shift();if(l===true){var e=b.pop();if(k.match(/"$/)){var d=(e+"+"+k).replace(/^([^=]+)="(.*)"$/,"$1=$2");b.push(d);l=false}else{b.push(e+"+"+k)}}else{b.push(k)}if(k.match(/^[^=]+="/)){l=true}}return b};KJUR.asn1.x509.AttributeTypeAndValue=function(c){KJUR.asn1.x509.AttributeTypeAndValue.superclass.constructor.call(this);this.sRule="utf8";this.sType=null;this.sValue=null;this.dsType=null;var a=KJUR,g=a.asn1,d=g.DERSequence,l=g.DERUTF8String,i=g.DERPrintableString,h=g.DERTeletexString,b=g.DERIA5String,e=g.DERVisibleString,k=g.DERBMPString,f=a.lang.String.isMail,j=a.lang.String.isPrintable;this.setByParam=function(o){if(o.rule!==undefined){this.sRule=o.rule}if(o.ds!==undefined){this.dsType=o.ds}if(o.value===undefined&&o.str!==undefined){var n=o.str;var m=n.match(/^([^=]+)=(.+)$/);if(m){this.sType=m[1];this.sValue=m[2]}else{throw new Error("malformed attrTypeAndValueStr: "+attrTypeAndValueStr)}}else{this.sType=o.type;this.sValue=o.value}};this.setByString=function(n,o){if(o!==undefined){this.sRule=o}var m=n.match(/^([^=]+)=(.+)$/);if(m){this.setByAttrTypeAndValueStr(m[1],m[2])}else{throw new Error("malformed attrTypeAndValueStr: "+attrTypeAndValueStr)}};this._getDsType=function(){var o=this.sType;var n=this.sValue;var m=this.sRule;if(m==="prn"){if(o=="CN"&&f(n)){return"ia5"}if(j(n)){return"prn"}return"utf8"}else{if(m==="utf8"){if(o=="CN"&&f(n)){return"ia5"}if(o=="C"){return"prn"}return"utf8"}}return"utf8"};this.setByAttrTypeAndValueStr=function(o,n,m){if(m!==undefined){this.sRule=m}this.sType=o;this.sValue=n};this.getValueObj=function(n,m){if(n=="utf8"){return new l({str:m})}if(n=="prn"){return new i({str:m})}if(n=="tel"){return new h({str:m})}if(n=="ia5"){return new b({str:m})}if(n=="vis"){return new e({str:m})}if(n=="bmp"){return new k({str:m})}throw new Error("unsupported directory string type: type="+n+" value="+m)};this.tohex=function(){if(this.dsType==null){this.dsType=this._getDsType()}var n=KJUR.asn1.x509.OID.atype2obj(this.sType);var m=this.getValueObj(this.dsType,this.sValue);var p=new d({array:[n,m]});this.TLV=p.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};if(c!==undefined){this.setByParam(c)}};extendClass(KJUR.asn1.x509.AttributeTypeAndValue,KJUR.asn1.ASN1Object);KJUR.asn1.x509.SubjectPublicKeyInfo=function(f){KJUR.asn1.x509.SubjectPublicKeyInfo.superclass.constructor.call(this);var l=null,k=null,a=KJUR,j=a.asn1,i=j.DERInteger,b=j.DERBitString,m=j.DERObjectIdentifier,e=j.DERSequence,h=j.ASN1Util.newObject,d=j.x509,o=d.AlgorithmIdentifier,g=a.crypto,n=g.ECDSA,c=g.DSA;this.getASN1Object=function(){if(this.asn1AlgId==null||this.asn1SubjPKey==null){throw"algId and/or subjPubKey not set"}var p=new e({array:[this.asn1AlgId,this.asn1SubjPKey]});return p};this.tohex=function(){var p=this.getASN1Object();this.hTLV=p.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};this.setPubKey=function(q){try{if(q instanceof RSAKey){var u=h({seq:[{"int":{bigint:q.n}},{"int":{"int":q.e}}]});var s=u.tohex();this.asn1AlgId=new o({name:"rsaEncryption"});this.asn1SubjPKey=new b({hex:"00"+s})}}catch(p){}try{if(q instanceof KJUR.crypto.ECDSA){var r=new m({name:q.curveName});this.asn1AlgId=new o({name:"ecPublicKey",asn1params:r});this.asn1SubjPKey=new b({hex:"00"+q.pubKeyHex})}}catch(p){}try{if(q instanceof KJUR.crypto.DSA){var r=new h({seq:[{"int":{bigint:q.p}},{"int":{bigint:q.q}},{"int":{bigint:q.g}}]});this.asn1AlgId=new o({name:"dsa",asn1params:r});var t=new i({bigint:q.y});this.asn1SubjPKey=new b({hex:"00"+t.tohex()})}}catch(p){}};if(f!==undefined){this.setPubKey(f)}};extendClass(KJUR.asn1.x509.SubjectPublicKeyInfo,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Time=function(f){KJUR.asn1.x509.Time.superclass.constructor.call(this);var e=null,a=null,d=KJUR,c=d.asn1,b=c.DERUTCTime,g=c.DERGeneralizedTime;this.params=null;this.type=null;this.setTimeParams=function(h){this.timeParams=h};this.setByParam=function(h){this.params=h};this.getType=function(h){if(h.match(/^[0-9]{12}Z$/)){return"utc"}if(h.match(/^[0-9]{14}Z$/)){return"gen"}if(h.match(/^[0-9]{12}\.[0-9]+Z$/)){return"utc"}if(h.match(/^[0-9]{14}\.[0-9]+Z$/)){return"gen"}return null};this.tohex=function(){var i=this.params;var h=null;if(typeof i=="string"){i={str:i}}if(i!=null&&i.str&&(i.type==null||i.type==undefined)){i.type=this.getType(i.str)}if(i!=null&&i.str){if(i.type=="utc"){h=new b(i.str)}if(i.type=="gen"){h=new g(i.str)}}else{if(this.type=="gen"){h=new g()}else{h=new b()}}if(h==null){throw new Error("wrong setting for Time")}this.TLV=h.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};if(f!=undefined){this.setByParam(f)}};KJUR.asn1.x509.Time_bak=function(f){KJUR.asn1.x509.Time_bak.superclass.constructor.call(this);var e=null,a=null,d=KJUR,c=d.asn1,b=c.DERUTCTime,g=c.DERGeneralizedTime;this.setTimeParams=function(h){this.timeParams=h};this.tohex=function(){var h=null;if(this.timeParams!=null){if(this.type=="utc"){h=new b(this.timeParams)}else{h=new g(this.timeParams)}}else{if(this.type=="utc"){h=new b()}else{h=new g()}}this.TLV=h.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};this.type="utc";if(f!==undefined){if(f.type!==undefined){this.type=f.type}else{if(f.str!==undefined){if(f.str.match(/^[0-9]{12}Z$/)){this.type="utc"}if(f.str.match(/^[0-9]{14}Z$/)){this.type="gen"}}}this.timeParams=f}};extendClass(KJUR.asn1.x509.Time,KJUR.asn1.ASN1Object);KJUR.asn1.x509.AlgorithmIdentifier=function(e){KJUR.asn1.x509.AlgorithmIdentifier.superclass.constructor.call(this);this.nameAlg=null;this.asn1Alg=null;this.asn1Params=null;this.paramEmpty=false;var b=KJUR,a=b.asn1,c=a.x509.AlgorithmIdentifier.PSSNAME2ASN1TLV;this.tohex=function(){if(this.nameAlg===null&&this.asn1Alg===null){throw new Error("algorithm not specified")}if(this.nameAlg!==null){var f=null;for(var h in c){if(h===this.nameAlg){f=c[h]}}if(f!==null){this.hTLV=f;return this.hTLV}}if(this.nameAlg!==null&&this.asn1Alg===null){this.asn1Alg=a.x509.OID.name2obj(this.nameAlg)}var g=[this.asn1Alg];if(this.asn1Params!==null){g.push(this.asn1Params)}var i=new a.DERSequence({array:g});this.hTLV=i.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){if(e.name!==undefined){this.nameAlg=e.name}if(e.asn1params!==undefined){this.asn1Params=e.asn1params}if(e.paramempty!==undefined){this.paramEmpty=e.paramempty}}if(this.asn1Params===null&&this.paramEmpty===false&&this.nameAlg!==null){if(this.nameAlg.name!==undefined){this.nameAlg=this.nameAlg.name}var d=this.nameAlg.toLowerCase();if(d.substr(-7,7)!=="withdsa"&&d.substr(-9,9)!=="withecdsa"){this.asn1Params=new a.DERNull()}}};extendClass(KJUR.asn1.x509.AlgorithmIdentifier,KJUR.asn1.ASN1Object);KJUR.asn1.x509.AlgorithmIdentifier.PSSNAME2ASN1TLV={SHAwithRSAandMGF1:"300d06092a864886f70d01010a3000",SHA256withRSAandMGF1:"303d06092a864886f70d01010a3030a00d300b0609608648016503040201a11a301806092a864886f70d010108300b0609608648016503040201a203020120",SHA384withRSAandMGF1:"303d06092a864886f70d01010a3030a00d300b0609608648016503040202a11a301806092a864886f70d010108300b0609608648016503040202a203020130",SHA512withRSAandMGF1:"303d06092a864886f70d01010a3030a00d300b0609608648016503040203a11a301806092a864886f70d010108300b0609608648016503040203a203020140"};KJUR.asn1.x509.GeneralName=function(f){KJUR.asn1.x509.GeneralName.superclass.constructor.call(this);var l={rfc822:"81",dns:"82",dn:"a4",uri:"86",ip:"87",otherName:"a0"},b=KJUR,h=b.asn1,d=h.x509,a=d.X500Name,g=d.OtherName,e=h.DERIA5String,i=h.DERPrintableString,k=h.DEROctetString,c=h.DERTaggedObject,m=h.ASN1Object,j=Error;this.params=null;this.setByParam=function(n){this.params=n};this.tohex=function(){var p=this.params;var A,y,q;var y=false;if(p.other!==undefined){A="a0",q=new g(p.other)}else{if(p.rfc822!==undefined){A="81";q=new e({str:p.rfc822})}else{if(p.dns!==undefined){A="82";q=new e({str:p.dns})}else{if(p.dn!==undefined){A="a4";y=true;if(typeof p.dn==="string"){q=new a({str:p.dn})}else{if(p.dn instanceof KJUR.asn1.x509.X500Name){q=p.dn}else{q=new a(p.dn)}}}else{if(p.ldapdn!==undefined){A="a4";y=true;q=new a({ldapstr:p.ldapdn})}else{if(p.certissuer!==undefined||p.certsubj!==undefined){A="a4";y=true;var n,o;var z=null;if(p.certsubj!==undefined){n=false;o=p.certsubj}else{n=true;o=p.certissuer}if(o.match(/^[0-9A-Fa-f]+$/)){z==o}if(o.indexOf("-----BEGIN ")!=-1){z=pemtohex(o)}if(z==null){throw new Error("certsubj/certissuer not cert")}var w=new X509();w.hex=z;var s;if(n){s=w.getIssuerHex()}else{s=w.getSubjectHex()}q=new m();q.hTLV=s}else{if(p.uri!==undefined){A="86";q=new e({str:p.uri})}else{if(p.ip!==undefined){A="87";var v;var t=p.ip;try{if(t.match(/^[0-9a-f]+$/)){var r=t.length;if(r==8||r==16||r==32||r==64){v=t}else{throw"err"}}else{v=iptohex(t)}}catch(u){throw new j("malformed IP address: "+p.ip+":"+u.message)}q=new k({hex:v})}else{throw new j("improper params")}}}}}}}}var B=new c({tag:A,explicit:y,obj:q});return B.tohex()};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.GeneralName,KJUR.asn1.ASN1Object);KJUR.asn1.x509.GeneralNames=function(d){KJUR.asn1.x509.GeneralNames.superclass.constructor.call(this);var a=null,c=KJUR,b=c.asn1;this.setByParamArray=function(g){for(var e=0;e<g.length;e++){var f=new b.x509.GeneralName(g[e]);this.asn1Array.push(f)}};this.tohex=function(){var e=new b.DERSequence({array:this.asn1Array});return e.tohex()};this.getEncodedHex=function(){return this.tohex()};this.asn1Array=new Array();if(typeof d!="undefined"){this.setByParamArray(d)}};extendClass(KJUR.asn1.x509.GeneralNames,KJUR.asn1.ASN1Object);KJUR.asn1.x509.OtherName=function(g){KJUR.asn1.x509.OtherName.superclass.constructor.call(this);var f=null,e=null,d=KJUR,c=d.asn1,h=c.DERObjectIdentifier,a=c.DERSequence,b=c.ASN1Util.newObject;this.params=null;this.setByParam=function(i){this.params=i};this.tohex=function(){var k=this.params;if(k.oid==undefined||k.value==undefined){throw new Error("oid or value not specified")}var l=new h({oid:k.oid});var i=b({tag:{tag:"a0",explicit:true,obj:k.value}});var j=new a({array:[l,i]});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!==undefined){this.setByParam(g)}};extendClass(KJUR.asn1.x509.OtherName,KJUR.asn1.ASN1Object);KJUR.asn1.x509.OID=new function(){var a=KJUR.asn1.DERObjectIdentifier;this.name2oidList={sha1:"1.3.14.3.2.26",sha256:"2.16.840.1.101.3.4.2.1",sha384:"2.16.840.1.101.3.4.2.2",sha512:"2.16.840.1.101.3.4.2.3",sha224:"2.16.840.1.101.3.4.2.4",md5:"1.2.840.113549.2.5",md2:"1.3.14.7.2.2.1",ripemd160:"1.3.36.3.2.1",MD2withRSA:"1.2.840.113549.1.1.2",MD4withRSA:"1.2.840.113549.1.1.3",MD5withRSA:"1.2.840.113549.1.1.4",SHA1withRSA:"1.2.840.113549.1.1.5","pkcs1-MGF":"1.2.840.113549.1.1.8",rsaPSS:"1.2.840.113549.1.1.10",SHA224withRSA:"1.2.840.113549.1.1.14",SHA256withRSA:"1.2.840.113549.1.1.11",SHA384withRSA:"1.2.840.113549.1.1.12",SHA512withRSA:"1.2.840.113549.1.1.13",SHA1withECDSA:"1.2.840.10045.4.1",SHA224withECDSA:"1.2.840.10045.4.3.1",SHA256withECDSA:"1.2.840.10045.4.3.2",SHA384withECDSA:"1.2.840.10045.4.3.3",SHA512withECDSA:"1.2.840.10045.4.3.4",dsa:"1.2.840.10040.4.1",SHA1withDSA:"1.2.840.10040.4.3",SHA224withDSA:"2.16.840.1.101.3.4.3.1",SHA256withDSA:"2.16.840.1.101.3.4.3.2",rsaEncryption:"1.2.840.113549.1.1.1",commonName:"2.5.4.3",countryName:"2.5.4.6",localityName:"2.5.4.7",stateOrProvinceName:"2.5.4.8",streetAddress:"2.5.4.9",organizationName:"2.5.4.10",organizationalUnitName:"2.5.4.11",domainComponent:"0.9.2342.19200300.100.1.25",userId:"0.9.2342.19200300.100.1.1",surname:"2.5.4.4",givenName:"2.5.4.42",title:"2.5.4.12",distinguishedName:"2.5.4.49",emailAddress:"1.2.840.113549.1.9.1",description:"2.5.4.13",businessCategory:"2.5.4.15",postalCode:"2.5.4.17",uniqueIdentifier:"2.5.4.45",organizationIdentifier:"2.5.4.97",jurisdictionOfIncorporationL:"1.3.6.1.4.1.311.60.2.1.1",jurisdictionOfIncorporationSP:"1.3.6.1.4.1.311.60.2.1.2",jurisdictionOfIncorporationC:"1.3.6.1.4.1.311.60.2.1.3",subjectDirectoryAttributes:"2.5.29.9",subjectKeyIdentifier:"2.5.29.14",keyUsage:"2.5.29.15",subjectAltName:"2.5.29.17",issuerAltName:"2.5.29.18",basicConstraints:"2.5.29.19",cRLNumber:"2.5.29.20",cRLReason:"2.5.29.21",nameConstraints:"2.5.29.30",cRLDistributionPoints:"2.5.29.31",certificatePolicies:"2.5.29.32",anyPolicy:"2.5.29.32.0",authorityKeyIdentifier:"2.5.29.35",policyConstraints:"2.5.29.36",extKeyUsage:"2.5.29.37",authorityInfoAccess:"1.3.6.1.5.5.7.1.1",ocsp:"1.3.6.1.5.5.7.48.1",ocspBasic:"1.3.6.1.5.5.7.48.1.1",ocspNonce:"1.3.6.1.5.5.7.48.1.2",ocspNoCheck:"1.3.6.1.5.5.7.48.1.5",caIssuers:"1.3.6.1.5.5.7.48.2",anyExtendedKeyUsage:"2.5.29.37.0",serverAuth:"1.3.6.1.5.5.7.3.1",clientAuth:"1.3.6.1.5.5.7.3.2",codeSigning:"1.3.6.1.5.5.7.3.3",emailProtection:"1.3.6.1.5.5.7.3.4",timeStamping:"1.3.6.1.5.5.7.3.8",ocspSigning:"1.3.6.1.5.5.7.3.9",dateOfBirth:"1.3.6.1.5.5.7.9.1",placeOfBirth:"1.3.6.1.5.5.7.9.2",gender:"1.3.6.1.5.5.7.9.3",countryOfCitizenship:"1.3.6.1.5.5.7.9.4",countryOfResidence:"1.3.6.1.5.5.7.9.5",ecPublicKey:"1.2.840.10045.2.1","P-256":"1.2.840.10045.3.1.7",secp256r1:"1.2.840.10045.3.1.7",secp256k1:"1.3.132.0.10",secp384r1:"1.3.132.0.34",secp521r1:"1.3.132.0.35",pkcs5PBES2:"1.2.840.113549.1.5.13",pkcs5PBKDF2:"1.2.840.113549.1.5.12","des-EDE3-CBC":"1.2.840.113549.3.7",data:"1.2.840.113549.1.7.1","signed-data":"1.2.840.113549.1.7.2","enveloped-data":"1.2.840.113549.1.7.3","digested-data":"1.2.840.113549.1.7.5","encrypted-data":"1.2.840.113549.1.7.6","authenticated-data":"1.2.840.113549.1.9.16.1.2",tstinfo:"1.2.840.113549.1.9.16.1.4",signingCertificate:"1.2.840.113549.1.9.16.2.12",timeStampToken:"1.2.840.113549.1.9.16.2.14",signaturePolicyIdentifier:"1.2.840.113549.1.9.16.2.15",etsArchiveTimeStamp:"1.2.840.113549.1.9.16.2.27",signingCertificateV2:"1.2.840.113549.1.9.16.2.47",etsArchiveTimeStampV2:"1.2.840.113549.1.9.16.2.48",extensionRequest:"1.2.840.113549.1.9.14",contentType:"1.2.840.113549.1.9.3",messageDigest:"1.2.840.113549.1.9.4",signingTime:"1.2.840.113549.1.9.5",counterSignature:"1.2.840.113549.1.9.6",archiveTimeStampV3:"0.4.0.1733.2.4",pdfRevocationInfoArchival:"1.2.840.113583.1.1.8",adobeTimeStamp:"1.2.840.113583.1.1.9.1",};this.atype2oidList={CN:"2.5.4.3",L:"2.5.4.7",ST:"2.5.4.8",O:"2.5.4.10",OU:"2.5.4.11",C:"2.5.4.6",STREET:"2.5.4.9",DC:"0.9.2342.19200300.100.1.25",UID:"0.9.2342.19200300.100.1.1",SN:"2.5.4.4",T:"2.5.4.12",DN:"2.5.4.49",E:"1.2.840.113549.1.9.1",description:"2.5.4.13",businessCategory:"2.5.4.15",postalCode:"2.5.4.17",serialNumber:"2.5.4.5",uniqueIdentifier:"2.5.4.45",organizationIdentifier:"2.5.4.97",jurisdictionOfIncorporationL:"1.3.6.1.4.1.311.60.2.1.1",jurisdictionOfIncorporationSP:"1.3.6.1.4.1.311.60.2.1.2",jurisdictionOfIncorporationC:"1.3.6.1.4.1.311.60.2.1.3"};this.objCache={};this.name2obj=function(b){if(typeof this.objCache[b]!="undefined"){return this.objCache[b]}if(typeof this.name2oidList[b]=="undefined"){throw"Name of ObjectIdentifier not defined: "+b}var c=this.name2oidList[b];var d=new a({oid:c});this.objCache[b]=d;return d};this.atype2obj=function(b){if(this.objCache[b]!==undefined){return this.objCache[b]}var c;if(b.match(/^\d+\.\d+\.[0-9.]+$/)){c=b}else{if(this.atype2oidList[b]!==undefined){c=this.atype2oidList[b]}else{if(this.name2oidList[b]!==undefined){c=this.name2oidList[b]}else{throw new Error("AttributeType name undefined: "+b)}}}var d=new a({oid:c});this.objCache[b]=d;return d};this.registerOIDs=function(b){if(!this.checkOIDs(b)){return}for(var c in b){this.name2oidList[c]=b[c]}};this.checkOIDs=function(b){try{var d=Object.keys(b);if(d.length==0){return false}d.map(function(g,e,h){var f=this[g];if(!f.match(/^[0-2]\.[0-9.]+$/)){throw new Error("value is not OID")}},b);return true}catch(c){return false}}};KJUR.asn1.x509.OID.oid2name=function(b){var c=KJUR.asn1.x509.OID.name2oidList;for(var a in c){if(c[a]==b){return a}}return""};KJUR.asn1.x509.OID.oid2atype=function(b){var c=KJUR.asn1.x509.OID.atype2oidList;for(var a in c){if(c[a]==b){return a}}return b};KJUR.asn1.x509.OID.name2oid=function(a){if(a.match(/^[0-9.]+$/)){return a}var b=KJUR.asn1.x509.OID.name2oidList;if(b[a]===undefined){return""}return b[a]};KJUR.asn1.x509.X509Util={};KJUR.asn1.x509.X509Util.newCertPEM=function(e){var d=KJUR.asn1.x509,b=d.TBSCertificate,a=d.Certificate;var c=new a(e);return c.getPEM()};
+if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}if(typeof KJUR.asn1.x509=="undefined"||!KJUR.asn1.x509){KJUR.asn1.x509={}}KJUR.asn1.x509.Certificate=function(h){KJUR.asn1.x509.Certificate.superclass.constructor.call(this);var d=KJUR,c=d.asn1,f=c.DERBitString,b=c.DERSequence,g=c.x509,a=g.TBSCertificate,e=g.AlgorithmIdentifier;this.params=undefined;this.setByParam=function(i){this.params=i};this.sign=function(){var l=this.params;var k=l.sigalg;if(l.sigalg.name!=undefined){k=l.sigalg.name}var i=l.tbsobj.tohex();var j=new KJUR.crypto.Signature({alg:k});j.init(l.cakey);j.updateHex(i);l.sighex=j.sign()};this.getPEM=function(){return hextopem(this.tohex(),"CERTIFICATE")};this.tohex=function(){var k=this.params;if(k.tbsobj==undefined||k.tbsobj==null){k.tbsobj=new a(k)}if(k.sighex==undefined&&k.cakey!=undefined){this.sign()}if(k.sighex==undefined){throw new Error("sighex or cakey parameter not defined")}var i=[];i.push(k.tbsobj);i.push(new e({name:k.sigalg}));i.push(new f({hex:"00"+k.sighex}));var j=new b({array:i});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};if(h!=undefined){this.params=h}};extendClass(KJUR.asn1.x509.Certificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.TBSCertificate=function(f){KJUR.asn1.x509.TBSCertificate.superclass.constructor.call(this);var b=KJUR,i=b.asn1,d=i.x509,c=i.DERTaggedObject,h=i.DERInteger,g=i.DERSequence,l=d.AlgorithmIdentifier,e=d.Time,a=d.X500Name,j=d.Extensions,k=d.SubjectPublicKeyInfo;this.params=null;this.setByParam=function(m){this.params=m};this.tohex=function(){var n=[];var q=this.params;if(q.version!=undefined||q.version!=1){var m=2;if(q.version!=undefined){m=q.version-1}var p=new c({obj:new h({"int":m})});n.push(p)}n.push(new h(q.serial));n.push(new l({name:q.sigalg}));n.push(new a(q.issuer));n.push(new g({array:[new e(q.notbefore),new e(q.notafter)]}));n.push(new a(q.subject));n.push(new k(KEYUTIL.getKey(q.sbjpubkey)));if(q.ext!==undefined&&q.ext.length>0){n.push(new c({tag:"a3",obj:new j(q.ext)}))}var o=new KJUR.asn1.DERSequence({array:n});return o.tohex()};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.TBSCertificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Extensions=function(d){KJUR.asn1.x509.Extensions.superclass.constructor.call(this);var c=KJUR,b=c.asn1,a=b.DERSequence,e=b.x509;this.aParam=[];this.setByParam=function(f){this.aParam=f};this.tohex=function(){var f=[];for(var h=0;h<this.aParam.length;h++){var l=this.aParam[h];var k=l.extname;var j=null;if(l.extn!=undefined){j=new e.PrivateExtension(l)}else{if(k=="subjectKeyIdentifier"){j=new e.SubjectKeyIdentifier(l)}else{if(k=="keyUsage"){j=new e.KeyUsage(l)}else{if(k=="subjectAltName"){j=new e.SubjectAltName(l)}else{if(k=="issuerAltName"){j=new e.IssuerAltName(l)}else{if(k=="basicConstraints"){j=new e.BasicConstraints(l)}else{if(k=="nameConstraints"){j=new e.NameConstraints(l)}else{if(k=="cRLDistributionPoints"){j=new e.CRLDistributionPoints(l)}else{if(k=="certificatePolicies"){j=new e.CertificatePolicies(l)}else{if(k=="authorityKeyIdentifier"){j=new e.AuthorityKeyIdentifier(l)}else{if(k=="extKeyUsage"){j=new e.ExtKeyUsage(l)}else{if(k=="authorityInfoAccess"){j=new e.AuthorityInfoAccess(l)}else{if(k=="cRLNumber"){j=new e.CRLNumber(l)}else{if(k=="cRLReason"){j=new e.CRLReason(l)}else{if(k=="ocspNonce"){j=new e.OCSPNonce(l)}else{if(k=="ocspNoCheck"){j=new e.OCSPNoCheck(l)}else{if(k=="adobeTimeStamp"){j=new e.AdobeTimeStamp(l)}else{if(k=="subjectDirectoryAttributes"){j=new e.SubjectDirectoryAttributes(l)}else{throw new Error("extension not supported:"+JSON.stringify(l))}}}}}}}}}}}}}}}}}}if(j!=null){f.push(j)}}var g=new a({array:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(d!=undefined){this.setByParam(d)}};extendClass(KJUR.asn1.x509.Extensions,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Extension=function(d){KJUR.asn1.x509.Extension.superclass.constructor.call(this);var f=null,a=KJUR,e=a.asn1,h=e.DERObjectIdentifier,i=e.DEROctetString,b=e.DERBitString,g=e.DERBoolean,c=e.DERSequence;this.tohex=function(){var m=new h({oid:this.oid});var l=new i({hex:this.getExtnValueHex()});var k=new Array();k.push(m);if(this.critical){k.push(new g())}k.push(l);var j=new c({array:k});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};this.critical=false;if(d!==undefined){if(d.critical!==undefined){this.critical=d.critical}}};extendClass(KJUR.asn1.x509.Extension,KJUR.asn1.ASN1Object);KJUR.asn1.x509.KeyUsage=function(c){KJUR.asn1.x509.KeyUsage.superclass.constructor.call(this,c);var b=Error;var a={digitalSignature:0,nonRepudiation:1,keyEncipherment:2,dataEncipherment:3,keyAgreement:4,keyCertSign:5,cRLSign:6,encipherOnly:7,decipherOnly:8};this.getExtnValueHex=function(){var d=this.getBinValue();this.asn1ExtnValue=new KJUR.asn1.DERBitString({bin:d});return this.asn1ExtnValue.tohex()};this.getBinValue=function(){var d=this.params;if(typeof d!="object"||(typeof d.names!="object"&&typeof d.bin!="string")){throw new b("parameter not yet set")}if(d.names!=undefined){return namearraytobinstr(d.names,a)}else{if(d.bin!=undefined){return d.bin}else{throw new b("parameter not set properly")}}};this.oid="2.5.29.15";if(c!==undefined){this.params=c}};extendClass(KJUR.asn1.x509.KeyUsage,KJUR.asn1.x509.Extension);KJUR.asn1.x509.BasicConstraints=function(g){KJUR.asn1.x509.BasicConstraints.superclass.constructor.call(this,g);var c=KJUR.asn1,e=c.DERBoolean,f=c.DERInteger,b=c.DERSequence;var a=false;var d=-1;this.getExtnValueHex=function(){var i=new Array();if(this.cA){i.push(new e())}if(this.pathLen>-1){i.push(new f({"int":this.pathLen}))}var h=new b({array:i});this.asn1ExtnValue=h;return this.asn1ExtnValue.tohex()};this.oid="2.5.29.19";this.cA=false;this.pathLen=-1;if(g!==undefined){if(g.cA!==undefined){this.cA=g.cA}if(g.pathLen!==undefined){this.pathLen=g.pathLen}}};extendClass(KJUR.asn1.x509.BasicConstraints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRLDistributionPoints=function(d){KJUR.asn1.x509.CRLDistributionPoints.superclass.constructor.call(this,d);var b=KJUR,a=b.asn1,c=a.x509;this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.setByDPArray=function(e){var f=[];for(var g=0;g<e.length;g++){if(e[g] instanceof KJUR.asn1.ASN1Object){f.push(e[g])}else{var h=new c.DistributionPoint(e[g]);f.push(h)}}this.asn1ExtnValue=new a.DERSequence({array:f})};this.setByOneURI=function(f){var e=new c.DistributionPoint({fulluri:f});this.setByDPArray([e])};this.oid="2.5.29.31";if(d!==undefined){if(d.array!==undefined){this.setByDPArray(d.array)}else{if(d.uri!==undefined){this.setByOneURI(d.uri)}}}};extendClass(KJUR.asn1.x509.CRLDistributionPoints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.DistributionPoint=function(e){KJUR.asn1.x509.DistributionPoint.superclass.constructor.call(this);var a=null,c=KJUR,b=c.asn1,d=b.x509.DistributionPointName;this.tohex=function(){var f=new b.DERSequence();if(this.asn1DP!=null){var g=new b.DERTaggedObject({explicit:true,tag:"a0",obj:this.asn1DP});f.appendASN1Object(g)}this.hTLV=f.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){if(e.dpobj!==undefined){this.asn1DP=e.dpobj}else{if(e.dpname!==undefined){this.asn1DP=new d(e.dpname)}else{if(e.fulluri!==undefined){this.asn1DP=new d({full:[{uri:e.fulluri}]})}}}}};extendClass(KJUR.asn1.x509.DistributionPoint,KJUR.asn1.ASN1Object);KJUR.asn1.x509.DistributionPointName=function(h){KJUR.asn1.x509.DistributionPointName.superclass.constructor.call(this);var g=null,d=null,a=null,f=null,c=KJUR,b=c.asn1,e=b.DERTaggedObject;this.tohex=function(){if(this.type!="full"){throw new Error("currently type shall be 'full': "+this.type)}this.asn1Obj=new e({explicit:false,tag:this.tag,obj:this.asn1V});this.hTLV=this.asn1Obj.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(h!==undefined){if(b.x509.GeneralNames.prototype.isPrototypeOf(h)){this.type="full";this.tag="a0";this.asn1V=h}else{if(h.full!==undefined){this.type="full";this.tag="a0";this.asn1V=new b.x509.GeneralNames(h.full)}else{throw new Error("This class supports GeneralNames only as argument")}}}};extendClass(KJUR.asn1.x509.DistributionPointName,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CertificatePolicies=function(f){KJUR.asn1.x509.CertificatePolicies.superclass.constructor.call(this,f);var c=KJUR,b=c.asn1,e=b.x509,a=b.DERSequence,d=e.PolicyInformation;this.params=null;this.getExtnValueHex=function(){var j=[];for(var h=0;h<this.params.array.length;h++){j.push(new d(this.params.array[h]))}var g=new a({array:j});this.asn1ExtnValue=g;return this.asn1ExtnValue.tohex()};this.oid="2.5.29.32";if(f!==undefined){this.params=f}};extendClass(KJUR.asn1.x509.CertificatePolicies,KJUR.asn1.x509.Extension);KJUR.asn1.x509.PolicyInformation=function(d){KJUR.asn1.x509.PolicyInformation.superclass.constructor.call(this,d);var c=KJUR.asn1,b=c.DERSequence,e=c.DERObjectIdentifier,a=c.x509.PolicyQualifierInfo;this.params=null;this.tohex=function(){if(this.params.policyoid===undefined&&this.params.array===undefined){throw new Error("parameter oid and array missing")}var f=[new e(this.params.policyoid)];if(this.params.array!==undefined){var j=[];for(var h=0;h<this.params.array.length;h++){j.push(new a(this.params.array[h]))}if(j.length>0){f.push(new b({array:j}))}}var g=new b({array:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(d!==undefined){this.params=d}};extendClass(KJUR.asn1.x509.PolicyInformation,KJUR.asn1.ASN1Object);KJUR.asn1.x509.PolicyQualifierInfo=function(e){KJUR.asn1.x509.PolicyQualifierInfo.superclass.constructor.call(this,e);var c=KJUR.asn1,b=c.DERSequence,d=c.DERIA5String,f=c.DERObjectIdentifier,a=c.x509.UserNotice;this.params=null;this.tohex=function(){if(this.params.cps!==undefined){var g=new b({array:[new f({oid:"1.3.6.1.5.5.7.2.1"}),new d({str:this.params.cps})]});return g.tohex()}if(this.params.unotice!=undefined){var g=new b({array:[new f({oid:"1.3.6.1.5.5.7.2.2"}),new a(this.params.unotice)]});return g.tohex()}};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){this.params=e}};extendClass(KJUR.asn1.x509.PolicyQualifierInfo,KJUR.asn1.ASN1Object);KJUR.asn1.x509.UserNotice=function(e){KJUR.asn1.x509.UserNotice.superclass.constructor.call(this,e);var a=KJUR.asn1.DERSequence,d=KJUR.asn1.DERInteger,c=KJUR.asn1.x509.DisplayText,b=KJUR.asn1.x509.NoticeReference;this.params=null;this.tohex=function(){var f=[];if(this.params.noticeref!==undefined){f.push(new b(this.params.noticeref))}if(this.params.exptext!==undefined){f.push(new c(this.params.exptext))}var g=new a({array:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){this.params=e}};extendClass(KJUR.asn1.x509.UserNotice,KJUR.asn1.ASN1Object);KJUR.asn1.x509.NoticeReference=function(d){KJUR.asn1.x509.NoticeReference.superclass.constructor.call(this,d);var a=KJUR.asn1.DERSequence,c=KJUR.asn1.DERInteger,b=KJUR.asn1.x509.DisplayText;this.params=null;this.tohex=function(){var f=[];if(this.params.org!==undefined){f.push(new b(this.params.org))}if(this.params.noticenum!==undefined){var h=[];var e=this.params.noticenum;for(var j=0;j<e.length;j++){h.push(new c(e[j]))}f.push(new a({array:h}))}if(f.length==0){throw new Error("parameter is empty")}var g=new a({array:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(d!==undefined){this.params=d}};extendClass(KJUR.asn1.x509.NoticeReference,KJUR.asn1.ASN1Object);KJUR.asn1.x509.DisplayText=function(a){KJUR.asn1.x509.DisplayText.superclass.constructor.call(this,a);this.hT="0c";if(a!==undefined){if(a.type==="ia5"){this.hT="16"}else{if(a.type==="vis"){this.hT="1a"}else{if(a.type==="bmp"){this.hT="1e"}}}}};extendClass(KJUR.asn1.x509.DisplayText,KJUR.asn1.DERAbstractString);KJUR.asn1.x509.NameConstraints=function(f){KJUR.asn1.x509.NameConstraints.superclass.constructor.call(this,f);var c=KJUR,b=c.asn1,e=b.x509,a=b.ASN1Util.newObject,d=e.GeneralSubtree;this.params=null;this.getExtnValueHex=function(){var l=this.params;var g=[];if(l.permit!=undefined&&l.permit.length!=undefined){var k=[];for(var h=0;h<l.permit.length;h++){k.push(new d(l.permit[h]))}g.push({tag:{tagi:"a0",obj:{seq:k}}})}if(l.exclude!=undefined&&l.exclude.length!=undefined){var j=[];for(var h=0;h<l.exclude.length;h++){j.push(new d(l.exclude[h]))}g.push({tag:{tagi:"a1",obj:{seq:j}}})}this.asn1ExtnValue=a({seq:g});return this.asn1ExtnValue.tohex()};this.oid="2.5.29.30";if(f!==undefined){this.params=f}};extendClass(KJUR.asn1.x509.NameConstraints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.GeneralSubtree=function(e){KJUR.asn1.x509.GeneralSubtree.superclass.constructor.call(this);var b=KJUR.asn1,d=b.x509,c=d.GeneralName,a=b.ASN1Util.newObject;this.params=null;this.setByParam=function(f){this.params=f};this.tohex=function(){var h=this.params;var f=[new c(h)];if(h.min!=undefined){f.push({tag:{tagi:"80",obj:{"int":h.min}}})}if(h.max!=undefined){f.push({tag:{tagi:"81",obj:{"int":h.max}}})}var g=a({seq:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){this.setByParam(e)}};extendClass(KJUR.asn1.x509.GeneralSubtree,KJUR.asn1.ASN1Object);KJUR.asn1.x509.ExtKeyUsage=function(c){KJUR.asn1.x509.ExtKeyUsage.superclass.constructor.call(this,c);var b=KJUR,a=b.asn1;this.setPurposeArray=function(d){this.asn1ExtnValue=new a.DERSequence();for(var e=0;e<d.length;e++){var f=new a.DERObjectIdentifier(d[e]);this.asn1ExtnValue.appendASN1Object(f)}};this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.oid="2.5.29.37";if(c!==undefined){if(c.array!==undefined){this.setPurposeArray(c.array)}}};extendClass(KJUR.asn1.x509.ExtKeyUsage,KJUR.asn1.x509.Extension);KJUR.asn1.x509.AuthorityKeyIdentifier=function(f){KJUR.asn1.x509.AuthorityKeyIdentifier.superclass.constructor.call(this,f);var b=KJUR,a=b.asn1,d=a.DERTaggedObject,e=a.x509.GeneralNames,c=b.crypto.Util.isKey;this.asn1KID=null;this.asn1CertIssuer=null;this.asn1CertSN=null;this.getExtnValueHex=function(){var h=new Array();if(this.asn1KID){h.push(new d({explicit:false,tag:"80",obj:this.asn1KID}))}if(this.asn1CertIssuer){h.push(new d({explicit:false,tag:"a1",obj:new e([{dn:this.asn1CertIssuer}])}))}if(this.asn1CertSN){h.push(new d({explicit:false,tag:"82",obj:this.asn1CertSN}))}var g=new a.DERSequence({array:h});this.asn1ExtnValue=g;return this.asn1ExtnValue.tohex()};this.setKIDByParam=function(i){if(i.str!==undefined||i.hex!==undefined){this.asn1KID=new KJUR.asn1.DEROctetString(i)}else{if((typeof i==="object"&&KJUR.crypto.Util.isKey(i))||(typeof i==="string"&&i.indexOf("BEGIN ")!=-1)){var h=i;if(typeof i==="string"){h=KEYUTIL.getKey(i)}var g=KEYUTIL.getKeyID(h);this.asn1KID=new KJUR.asn1.DEROctetString({hex:g})}}};this.setCertIssuerByParam=function(g){if(g.str!==undefined||g.ldapstr!==undefined||g.hex!==undefined||g.certsubject!==undefined||g.certissuer!==undefined){this.asn1CertIssuer=new KJUR.asn1.x509.X500Name(g)}else{if(typeof g==="string"&&g.indexOf("BEGIN ")!=-1&&g.indexOf("CERTIFICATE")!=-1){this.asn1CertIssuer=new KJUR.asn1.x509.X500Name({certissuer:g})}}};this.setCertSNByParam=function(i){if(i.str!==undefined||i.bigint!==undefined||i.hex!==undefined){this.asn1CertSN=new KJUR.asn1.DERInteger(i)}else{if(typeof i==="string"&&i.indexOf("BEGIN ")!=-1&&i.indexOf("CERTIFICATE")){var g=new X509();g.readCertPEM(i);var h=g.getSerialNumberHex();this.asn1CertSN=new KJUR.asn1.DERInteger({hex:h})}}};this.oid="2.5.29.35";if(f!==undefined){if(f.kid!==undefined){this.setKIDByParam(f.kid)}if(f.issuer!==undefined){this.setCertIssuerByParam(f.issuer)}if(f.sn!==undefined){this.setCertSNByParam(f.sn)}if(f.issuersn!==undefined&&typeof f.issuersn==="string"&&f.issuersn.indexOf("BEGIN ")!=-1&&f.issuersn.indexOf("CERTIFICATE")){this.setCertSNByParam(f.issuersn);this.setCertIssuerByParam(f.issuersn)}}};extendClass(KJUR.asn1.x509.AuthorityKeyIdentifier,KJUR.asn1.x509.Extension);KJUR.asn1.x509.SubjectKeyIdentifier=function(d){KJUR.asn1.x509.SubjectKeyIdentifier.superclass.constructor.call(this,d);var b=KJUR,a=b.asn1,c=a.DEROctetString;this.asn1KID=null;this.getExtnValueHex=function(){this.asn1ExtnValue=this.asn1KID;return this.asn1ExtnValue.tohex()};this.setKIDByParam=function(g){if(g.str!==undefined||g.hex!==undefined){this.asn1KID=new c(g)}else{if((typeof g==="object"&&KJUR.crypto.Util.isKey(g))||(typeof g==="string"&&g.indexOf("BEGIN")!=-1)){var f=g;if(typeof g==="string"){f=KEYUTIL.getKey(g)}var e=KEYUTIL.getKeyID(f);this.asn1KID=new KJUR.asn1.DEROctetString({hex:e})}}};this.oid="2.5.29.14";if(d!==undefined){if(d.kid!==undefined){this.setKIDByParam(d.kid)}}};extendClass(KJUR.asn1.x509.SubjectKeyIdentifier,KJUR.asn1.x509.Extension);KJUR.asn1.x509.AuthorityInfoAccess=function(a){KJUR.asn1.x509.AuthorityInfoAccess.superclass.constructor.call(this,a);this.setAccessDescriptionArray=function(k){var d=new Array(),b=KJUR,g=b.asn1,c=g.DERSequence,j=g.DERObjectIdentifier,l=g.x509.GeneralName;for(var f=0;f<k.length;f++){var e;var h=k[f];if(h.ocsp!==undefined){e=new c({array:[new j({oid:"1.3.6.1.5.5.7.48.1"}),new l({uri:h.ocsp})]})}else{if(h.caissuer!==undefined){e=new c({array:[new j({oid:"1.3.6.1.5.5.7.48.2"}),new l({uri:h.caissuer})]})}else{throw new Error("unknown AccessMethod parameter: "+JSON.stringify(h))}}d.push(e)}this.asn1ExtnValue=new c({array:d})};this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.oid="1.3.6.1.5.5.7.1.1";if(a!==undefined){if(a.array!==undefined){this.setAccessDescriptionArray(a.array)}}};extendClass(KJUR.asn1.x509.AuthorityInfoAccess,KJUR.asn1.x509.Extension);KJUR.asn1.x509.SubjectAltName=function(a){KJUR.asn1.x509.SubjectAltName.superclass.constructor.call(this,a);this.setNameArray=function(b){this.asn1ExtnValue=new KJUR.asn1.x509.GeneralNames(b)};this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.oid="2.5.29.17";if(a!==undefined){if(a.array!==undefined){this.setNameArray(a.array)}}};extendClass(KJUR.asn1.x509.SubjectAltName,KJUR.asn1.x509.Extension);KJUR.asn1.x509.IssuerAltName=function(a){KJUR.asn1.x509.IssuerAltName.superclass.constructor.call(this,a);this.setNameArray=function(b){this.asn1ExtnValue=new KJUR.asn1.x509.GeneralNames(b)};this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.oid="2.5.29.18";if(a!==undefined){if(a.array!==undefined){this.setNameArray(a.array)}}};extendClass(KJUR.asn1.x509.IssuerAltName,KJUR.asn1.x509.Extension);KJUR.asn1.x509.SubjectDirectoryAttributes=function(e){KJUR.asn1.x509.SubjectDirectoryAttributes.superclass.constructor.call(this,e);var c=KJUR.asn1,a=c.DERSequence,b=c.ASN1Util.newObject,d=c.x509.OID.name2oid;this.params=null;this.getExtnValueHex=function(){var f=[];for(var j=0;j<this.params.array.length;j++){var k=this.params.array[j];var h={seq:[{oid:"1.2.3.4"},{set:[{utf8str:"DE"}]}]};if(k.attr=="dateOfBirth"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={gentime:k.str}}else{if(k.attr=="placeOfBirth"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={utf8str:k.str}}else{if(k.attr=="gender"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={prnstr:k.str}}else{if(k.attr=="countryOfCitizenship"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={prnstr:k.str}}else{if(k.attr=="countryOfResidence"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={prnstr:k.str}}else{throw new Error("unsupported attribute: "+k.attr)}}}}}f.push(new b(h))}var g=new a({array:f});this.asn1ExtnValue=g;return this.asn1ExtnValue.tohex()};this.oid="2.5.29.9";if(e!==undefined){this.params=e}};extendClass(KJUR.asn1.x509.SubjectDirectoryAttributes,KJUR.asn1.x509.Extension);KJUR.asn1.x509.PrivateExtension=function(f){KJUR.asn1.x509.PrivateExtension.superclass.constructor.call(this,f);var c=KJUR,e=c.lang.String.isHex,b=c.asn1,d=b.x509.OID.name2oid,a=b.ASN1Util.newObject;this.params=null;this.setByParam=function(g){this.oid=d(g.extname);this.params=g};this.getExtnValueHex=function(){if(this.params.extname==undefined||this.params.extn==undefined){throw new Error("extname or extnhex not specified")}var h=this.params.extn;if(typeof h=="string"&&e(h)){return h}else{if(typeof h=="object"){try{return a(h).tohex()}catch(g){}}}throw new Error("unsupported extn value")};if(f!=undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.PrivateExtension,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRL=function(g){KJUR.asn1.x509.CRL.superclass.constructor.call(this);var c=KJUR,b=c.asn1,a=b.DERSequence,e=b.DERBitString,f=b.x509,d=f.AlgorithmIdentifier,h=f.TBSCertList;this.params=undefined;this.setByParam=function(i){this.params=i};this.sign=function(){var j=(new h(this.params)).tohex();var k=new KJUR.crypto.Signature({alg:this.params.sigalg});k.init(this.params.cakey);k.updateHex(j);var i=k.sign();this.params.sighex=i};this.getPEM=function(){return hextopem(this.tohex(),"X509 CRL")};this.tohex=function(){var k=this.params;if(k.tbsobj==undefined){k.tbsobj=new h(k)}if(k.sighex==undefined&&k.cakey!=undefined){this.sign()}if(k.sighex==undefined){throw new Error("sighex or cakey parameter not defined")}var i=[];i.push(k.tbsobj);i.push(new d({name:k.sigalg}));i.push(new e({hex:"00"+k.sighex}));var j=new a({array:i});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!=undefined){this.params=g}};extendClass(KJUR.asn1.x509.CRL,KJUR.asn1.ASN1Object);KJUR.asn1.x509.TBSCertList=function(f){KJUR.asn1.x509.TBSCertList.superclass.constructor.call(this);var b=KJUR,i=b.asn1,h=i.DERInteger,g=i.DERSequence,c=i.DERTaggedObject,k=i.DERObjectIdentifier,d=i.x509,l=d.AlgorithmIdentifier,e=d.Time,j=d.Extensions,a=d.X500Name;this.params=null;this.setByParam=function(m){this.params=m};this.getRevCertSequence=function(){var m=[];var n=this.params.revcert;for(var o=0;o<n.length;o++){var p=[new h(n[o].sn),new e(n[o].date)];if(n[o].ext!=undefined){p.push(new j(n[o].ext))}m.push(new g({array:p}))}return new g({array:m})};this.tohex=function(){var n=[];var r=this.params;if(r.version!=undefined){var m=r.version-1;var p=new h({"int":m});n.push(p)}n.push(new l({name:r.sigalg}));n.push(new a(r.issuer));n.push(new e(r.thisupdate));if(r.nextupdate!=undefined){n.push(new e(r.nextupdate))}if(r.revcert!=undefined){n.push(this.getRevCertSequence())}if(r.ext!=undefined){var q=new j(r.ext);n.push(new c({tag:"a0",explicit:true,obj:q}))}var o=new g({array:n});return o.tohex()};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.TBSCertList,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CRLEntry=function(e){KJUR.asn1.x509.CRLEntry.superclass.constructor.call(this);var d=null,c=null,b=KJUR,a=b.asn1;this.setCertSerial=function(f){this.sn=new a.DERInteger(f)};this.setRevocationDate=function(f){this.time=new a.x509.Time(f)};this.tohex=function(){var f=new a.DERSequence({array:[this.sn,this.time]});this.TLV=f.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){if(e.time!==undefined){this.setRevocationDate(e.time)}if(e.sn!==undefined){this.setCertSerial(e.sn)}}};extendClass(KJUR.asn1.x509.CRLEntry,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CRLNumber=function(a){KJUR.asn1.x509.CRLNumber.superclass.constructor.call(this,a);this.params=undefined;this.getExtnValueHex=function(){this.asn1ExtnValue=new KJUR.asn1.DERInteger(this.params.num);return this.asn1ExtnValue.tohex()};this.oid="2.5.29.20";if(a!=undefined){this.params=a}};extendClass(KJUR.asn1.x509.CRLNumber,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRLReason=function(a){KJUR.asn1.x509.CRLReason.superclass.constructor.call(this,a);this.params=undefined;this.getExtnValueHex=function(){this.asn1ExtnValue=new KJUR.asn1.DEREnumerated(this.params.code);return this.asn1ExtnValue.tohex()};this.oid="2.5.29.21";if(a!=undefined){this.params=a}};extendClass(KJUR.asn1.x509.CRLReason,KJUR.asn1.x509.Extension);KJUR.asn1.x509.OCSPNonce=function(a){KJUR.asn1.x509.OCSPNonce.superclass.constructor.call(this,a);this.params=undefined;this.getExtnValueHex=function(){this.asn1ExtnValue=new KJUR.asn1.DEROctetString(this.params);return this.asn1ExtnValue.tohex()};this.oid="1.3.6.1.5.5.7.48.1.2";if(a!=undefined){this.params=a}};extendClass(KJUR.asn1.x509.OCSPNonce,KJUR.asn1.x509.Extension);KJUR.asn1.x509.OCSPNoCheck=function(a){KJUR.asn1.x509.OCSPNoCheck.superclass.constructor.call(this,a);this.params=undefined;this.getExtnValueHex=function(){this.asn1ExtnValue=new KJUR.asn1.DERNull();return this.asn1ExtnValue.tohex()};this.oid="1.3.6.1.5.5.7.48.1.5";if(a!=undefined){this.params=a}};extendClass(KJUR.asn1.x509.OCSPNoCheck,KJUR.asn1.x509.Extension);KJUR.asn1.x509.AdobeTimeStamp=function(g){KJUR.asn1.x509.AdobeTimeStamp.superclass.constructor.call(this,g);var c=KJUR,b=c.asn1,f=b.DERInteger,d=b.DERBoolean,a=b.DERSequence,e=b.x509.GeneralName;this.params=null;this.getExtnValueHex=function(){var i=this.params;var h=[new f(1)];h.push(new e({uri:i.uri}));if(i.reqauth!=undefined){h.push(new d(i.reqauth))}this.asn1ExtnValue=new a({array:h});return this.asn1ExtnValue.tohex()};this.oid="1.2.840.113583.1.1.9.1";if(g!==undefined){this.setByParam(g)}};extendClass(KJUR.asn1.x509.AdobeTimeStamp,KJUR.asn1.x509.Extension);KJUR.asn1.x509.X500Name=function(f){KJUR.asn1.x509.X500Name.superclass.constructor.call(this);this.asn1Array=[];this.paramArray=[];this.sRule="utf8";var c=KJUR,b=c.asn1,e=b.x509,d=e.RDN,a=pemtohex;this.setByString=function(g,l){if(l!==undefined){this.sRule=l}var k=g.split("/");k.shift();var j=[];for(var m=0;m<k.length;m++){if(k[m].match(/^[^=]+=.+$/)){j.push(k[m])}else{var h=j.length-1;j[h]=j[h]+"/"+k[m]}}for(var m=0;m<j.length;m++){this.asn1Array.push(new d({str:j[m],rule:this.sRule}))}};this.setByLdapString=function(g,h){if(h!==undefined){this.sRule=h}var i=e.X500Name.ldapToCompat(g);this.setByString(i,h)};this.setByObject=function(j,i){if(i!==undefined){this.sRule=i}for(var g in j){if(j.hasOwnProperty(g)){var h=new d({str:g+"="+j[g],rule:this.sRule});this.asn1Array?this.asn1Array.push(h):this.asn1Array=[h]}}};this.setByParam=function(h){if(h.rule!==undefined){this.sRule=h.rule}if(h.array!==undefined){this.paramArray=h.array}else{if(h.str!==undefined){this.setByString(h.str)}else{if(h.ldapstr!==undefined){this.setByLdapString(h.ldapstr)}else{if(h.hex!==undefined){this.hTLV=h.hex}else{if(h.certissuer!==undefined){var g=new X509();g.readCertPEM(h.certissuer);this.hTLV=g.getIssuerHex()}else{if(h.certsubject!==undefined){var g=new X509();g.readCertPEM(h.certsubject);this.hTLV=g.getSubjectHex()}else{if(typeof h==="object"&&h.certsubject===undefined&&h.certissuer===undefined){this.setByObject(h)}}}}}}}};this.tohex=function(){if(typeof this.hTLV=="string"){return this.hTLV}if(this.asn1Array.length==0&&this.paramArray.length>0){for(var g=0;g<this.paramArray.length;g++){var k={array:this.paramArray[g]};if(this.sRule!="utf8"){k.rule=this.sRule}var h=new d(k);this.asn1Array.push(h)}}var j=new b.DERSequence({array:this.asn1Array});this.hTLV=j.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.X500Name,KJUR.asn1.ASN1Object);KJUR.asn1.x509.X500Name.compatToLDAP=function(d){if(d.substr(0,1)!=="/"){throw"malformed input"}var b="";d=d.substr(1);var c=d.split("/");c.reverse();c=c.map(function(a){return a.replace(/,/,"\\,")});return c.join(",")};KJUR.asn1.x509.X500Name.onelineToLDAP=function(a){return KJUR.asn1.x509.X500Name.compatToLDAP(a)};KJUR.asn1.x509.X500Name.ldapToCompat=function(g){var c=g.split(",");var e=false;var b=[];for(var f=0;c.length>0;f++){var h=c.shift();if(e===true){var d=b.pop();var j=(d+","+h).replace(/\\,/g,",");b.push(j);e=false}else{b.push(h)}if(h.substr(-1,1)==="\\"){e=true}}b=b.map(function(a){return a.replace("/","\\/")});b.reverse();return"/"+b.join("/")};KJUR.asn1.x509.X500Name.ldapToOneline=function(a){return KJUR.asn1.x509.X500Name.ldapToCompat(a)};KJUR.asn1.x509.RDN=function(b){KJUR.asn1.x509.RDN.superclass.constructor.call(this);this.asn1Array=[];this.paramArray=[];this.sRule="utf8";var a=KJUR.asn1.x509.AttributeTypeAndValue;this.setByParam=function(c){if(c.rule!==undefined){this.sRule=c.rule}if(c.str!==undefined){this.addByMultiValuedString(c.str)}if(c.array!==undefined){this.paramArray=c.array}};this.addByString=function(c){this.asn1Array.push(new KJUR.asn1.x509.AttributeTypeAndValue({str:c,rule:this.sRule}))};this.addByMultiValuedString=function(e){var c=KJUR.asn1.x509.RDN.parseString(e);for(var d=0;d<c.length;d++){this.addByString(c[d])}};this.tohex=function(){if(this.asn1Array.length==0&&this.paramArray.length>0){for(var d=0;d<this.paramArray.length;d++){var f=this.paramArray[d];if(f.rule!==undefined&&this.sRule!="utf8"){f.rule=this.sRule}var c=new a(f);this.asn1Array.push(c)}}var e=new KJUR.asn1.DERSet({array:this.asn1Array});this.TLV=e.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};if(b!==undefined){this.setByParam(b)}};extendClass(KJUR.asn1.x509.RDN,KJUR.asn1.ASN1Object);KJUR.asn1.x509.RDN.parseString=function(m){var j=m.split(/\+/);var h=false;var c=[];for(var g=0;j.length>0;g++){var k=j.shift();if(h===true){var f=c.pop();var d=(f+"+"+k).replace(/\\\+/g,"+");c.push(d);h=false}else{c.push(k)}if(k.substr(-1,1)==="\\"){h=true}}var l=false;var b=[];for(var g=0;c.length>0;g++){var k=c.shift();if(l===true){var e=b.pop();if(k.match(/"$/)){var d=(e+"+"+k).replace(/^([^=]+)="(.*)"$/,"$1=$2");b.push(d);l=false}else{b.push(e+"+"+k)}}else{b.push(k)}if(k.match(/^[^=]+="/)){l=true}}return b};KJUR.asn1.x509.AttributeTypeAndValue=function(c){KJUR.asn1.x509.AttributeTypeAndValue.superclass.constructor.call(this);this.sRule="utf8";this.sType=null;this.sValue=null;this.dsType=null;var a=KJUR,g=a.asn1,d=g.DERSequence,l=g.DERUTF8String,i=g.DERPrintableString,h=g.DERTeletexString,b=g.DERIA5String,e=g.DERVisibleString,k=g.DERBMPString,f=a.lang.String.isMail,j=a.lang.String.isPrintable;this.setByParam=function(o){if(o.rule!==undefined){this.sRule=o.rule}if(o.ds!==undefined){this.dsType=o.ds}if(o.value===undefined&&o.str!==undefined){var n=o.str;var m=n.match(/^([^=]+)=(.+)$/);if(m){this.sType=m[1];this.sValue=m[2]}else{throw new Error("malformed attrTypeAndValueStr: "+attrTypeAndValueStr)}}else{this.sType=o.type;this.sValue=o.value}};this.setByString=function(n,o){if(o!==undefined){this.sRule=o}var m=n.match(/^([^=]+)=(.+)$/);if(m){this.setByAttrTypeAndValueStr(m[1],m[2])}else{throw new Error("malformed attrTypeAndValueStr: "+attrTypeAndValueStr)}};this._getDsType=function(){var o=this.sType;var n=this.sValue;var m=this.sRule;if(m==="prn"){if(o=="CN"&&f(n)){return"ia5"}if(j(n)){return"prn"}return"utf8"}else{if(m==="utf8"){if(o=="CN"&&f(n)){return"ia5"}if(o=="C"){return"prn"}return"utf8"}}return"utf8"};this.setByAttrTypeAndValueStr=function(o,n,m){if(m!==undefined){this.sRule=m}this.sType=o;this.sValue=n};this.getValueObj=function(n,m){if(n=="utf8"){return new l({str:m})}if(n=="prn"){return new i({str:m})}if(n=="tel"){return new h({str:m})}if(n=="ia5"){return new b({str:m})}if(n=="vis"){return new e({str:m})}if(n=="bmp"){return new k({str:m})}throw new Error("unsupported directory string type: type="+n+" value="+m)};this.tohex=function(){if(this.dsType==null){this.dsType=this._getDsType()}var n=KJUR.asn1.x509.OID.atype2obj(this.sType);var m=this.getValueObj(this.dsType,this.sValue);var p=new d({array:[n,m]});this.TLV=p.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};if(c!==undefined){this.setByParam(c)}};extendClass(KJUR.asn1.x509.AttributeTypeAndValue,KJUR.asn1.ASN1Object);KJUR.asn1.x509.SubjectPublicKeyInfo=function(f){KJUR.asn1.x509.SubjectPublicKeyInfo.superclass.constructor.call(this);var l=null,k=null,a=KJUR,j=a.asn1,i=j.DERInteger,b=j.DERBitString,m=j.DERObjectIdentifier,e=j.DERSequence,h=j.ASN1Util.newObject,d=j.x509,o=d.AlgorithmIdentifier,g=a.crypto,n=g.ECDSA,c=g.DSA;this.getASN1Object=function(){if(this.asn1AlgId==null||this.asn1SubjPKey==null){throw"algId and/or subjPubKey not set"}var p=new e({array:[this.asn1AlgId,this.asn1SubjPKey]});return p};this.tohex=function(){var p=this.getASN1Object();this.hTLV=p.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};this.setPubKey=function(q){try{if(q instanceof RSAKey){var u=h({seq:[{"int":{bigint:q.n}},{"int":{"int":q.e}}]});var s=u.tohex();this.asn1AlgId=new o({name:"rsaEncryption"});this.asn1SubjPKey=new b({hex:"00"+s})}}catch(p){}try{if(q instanceof KJUR.crypto.ECDSA){var r=new m({name:q.curveName});this.asn1AlgId=new o({name:"ecPublicKey",asn1params:r});this.asn1SubjPKey=new b({hex:"00"+q.pubKeyHex})}}catch(p){}try{if(q instanceof KJUR.crypto.DSA){var r=new h({seq:[{"int":{bigint:q.p}},{"int":{bigint:q.q}},{"int":{bigint:q.g}}]});this.asn1AlgId=new o({name:"dsa",asn1params:r});var t=new i({bigint:q.y});this.asn1SubjPKey=new b({hex:"00"+t.tohex()})}}catch(p){}};if(f!==undefined){this.setPubKey(f)}};extendClass(KJUR.asn1.x509.SubjectPublicKeyInfo,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Time=function(f){KJUR.asn1.x509.Time.superclass.constructor.call(this);var e=null,a=null,d=KJUR,c=d.asn1,b=c.DERUTCTime,g=c.DERGeneralizedTime;this.params=null;this.type=null;this.setTimeParams=function(h){this.timeParams=h};this.setByParam=function(h){this.params=h};this.getType=function(h){if(h.match(/^[0-9]{12}Z$/)){return"utc"}if(h.match(/^[0-9]{14}Z$/)){return"gen"}if(h.match(/^[0-9]{12}\.[0-9]+Z$/)){return"utc"}if(h.match(/^[0-9]{14}\.[0-9]+Z$/)){return"gen"}return null};this.tohex=function(){var i=this.params;var h=null;if(typeof i=="string"){i={str:i}}if(i!=null&&i.str&&(i.type==null||i.type==undefined)){i.type=this.getType(i.str)}if(i!=null&&i.str){if(i.type=="utc"){h=new b(i.str)}if(i.type=="gen"){h=new g(i.str)}}else{if(this.type=="gen"){h=new g()}else{h=new b()}}if(h==null){throw new Error("wrong setting for Time")}this.TLV=h.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};if(f!=undefined){this.setByParam(f)}};KJUR.asn1.x509.Time_bak=function(f){KJUR.asn1.x509.Time_bak.superclass.constructor.call(this);var e=null,a=null,d=KJUR,c=d.asn1,b=c.DERUTCTime,g=c.DERGeneralizedTime;this.setTimeParams=function(h){this.timeParams=h};this.tohex=function(){var h=null;if(this.timeParams!=null){if(this.type=="utc"){h=new b(this.timeParams)}else{h=new g(this.timeParams)}}else{if(this.type=="utc"){h=new b()}else{h=new g()}}this.TLV=h.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};this.type="utc";if(f!==undefined){if(f.type!==undefined){this.type=f.type}else{if(f.str!==undefined){if(f.str.match(/^[0-9]{12}Z$/)){this.type="utc"}if(f.str.match(/^[0-9]{14}Z$/)){this.type="gen"}}}this.timeParams=f}};extendClass(KJUR.asn1.x509.Time,KJUR.asn1.ASN1Object);KJUR.asn1.x509.AlgorithmIdentifier=function(e){KJUR.asn1.x509.AlgorithmIdentifier.superclass.constructor.call(this);this.nameAlg=null;this.asn1Alg=null;this.asn1Params=null;this.paramEmpty=false;var b=KJUR,a=b.asn1,c=a.x509.AlgorithmIdentifier.PSSNAME2ASN1TLV;this.tohex=function(){if(this.nameAlg===null&&this.asn1Alg===null){throw new Error("algorithm not specified")}if(this.nameAlg!==null){var f=null;for(var h in c){if(h===this.nameAlg){f=c[h]}}if(f!==null){this.hTLV=f;return this.hTLV}}if(this.nameAlg!==null&&this.asn1Alg===null){this.asn1Alg=a.x509.OID.name2obj(this.nameAlg)}var g=[this.asn1Alg];if(this.asn1Params!==null){g.push(this.asn1Params)}var i=new a.DERSequence({array:g});this.hTLV=i.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){if(e.name!==undefined){this.nameAlg=e.name}if(e.asn1params!==undefined){this.asn1Params=e.asn1params}if(e.paramempty!==undefined){this.paramEmpty=e.paramempty}}if(this.asn1Params===null&&this.paramEmpty===false&&this.nameAlg!==null){if(this.nameAlg.name!==undefined){this.nameAlg=this.nameAlg.name}var d=this.nameAlg.toLowerCase();if(d.substr(-7,7)!=="withdsa"&&d.substr(-9,9)!=="withecdsa"){this.asn1Params=new a.DERNull()}}};extendClass(KJUR.asn1.x509.AlgorithmIdentifier,KJUR.asn1.ASN1Object);KJUR.asn1.x509.AlgorithmIdentifier.PSSNAME2ASN1TLV={SHAwithRSAandMGF1:"300d06092a864886f70d01010a3000",SHA256withRSAandMGF1:"303d06092a864886f70d01010a3030a00d300b0609608648016503040201a11a301806092a864886f70d010108300b0609608648016503040201a203020120",SHA384withRSAandMGF1:"303d06092a864886f70d01010a3030a00d300b0609608648016503040202a11a301806092a864886f70d010108300b0609608648016503040202a203020130",SHA512withRSAandMGF1:"303d06092a864886f70d01010a3030a00d300b0609608648016503040203a11a301806092a864886f70d010108300b0609608648016503040203a203020140"};KJUR.asn1.x509.GeneralName=function(f){KJUR.asn1.x509.GeneralName.superclass.constructor.call(this);var l={rfc822:"81",dns:"82",dn:"a4",uri:"86",ip:"87",otherName:"a0"},b=KJUR,h=b.asn1,d=h.x509,a=d.X500Name,g=d.OtherName,e=h.DERIA5String,i=h.DERPrintableString,k=h.DEROctetString,c=h.DERTaggedObject,m=h.ASN1Object,j=Error;this.params=null;this.setByParam=function(n){this.params=n};this.tohex=function(){var p=this.params;var A,y,q;var y=false;if(p.other!==undefined){A="a0",q=new g(p.other)}else{if(p.rfc822!==undefined){A="81";q=new e({str:p.rfc822})}else{if(p.dns!==undefined){A="82";q=new e({str:p.dns})}else{if(p.dn!==undefined){A="a4";y=true;if(typeof p.dn==="string"){q=new a({str:p.dn})}else{if(p.dn instanceof KJUR.asn1.x509.X500Name){q=p.dn}else{q=new a(p.dn)}}}else{if(p.ldapdn!==undefined){A="a4";y=true;q=new a({ldapstr:p.ldapdn})}else{if(p.certissuer!==undefined||p.certsubj!==undefined){A="a4";y=true;var n,o;var z=null;if(p.certsubj!==undefined){n=false;o=p.certsubj}else{n=true;o=p.certissuer}if(o.match(/^[0-9A-Fa-f]+$/)){z==o}if(o.indexOf("-----BEGIN ")!=-1){z=pemtohex(o)}if(z==null){throw new Error("certsubj/certissuer not cert")}var w=new X509();w.hex=z;var s;if(n){s=w.getIssuerHex()}else{s=w.getSubjectHex()}q=new m();q.hTLV=s}else{if(p.uri!==undefined){A="86";q=new e({str:p.uri})}else{if(p.ip!==undefined){A="87";var v;var t=p.ip;try{if(t.match(/^[0-9a-f]+$/)){var r=t.length;if(r==8||r==16||r==32||r==64){v=t}else{throw"err"}}else{v=iptohex(t)}}catch(u){throw new j("malformed IP address: "+p.ip+":"+u.message)}q=new k({hex:v})}else{throw new j("improper params")}}}}}}}}var B=new c({tag:A,explicit:y,obj:q});return B.tohex()};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.GeneralName,KJUR.asn1.ASN1Object);KJUR.asn1.x509.GeneralNames=function(d){KJUR.asn1.x509.GeneralNames.superclass.constructor.call(this);var a=null,c=KJUR,b=c.asn1;this.setByParamArray=function(g){for(var e=0;e<g.length;e++){var f=new b.x509.GeneralName(g[e]);this.asn1Array.push(f)}};this.tohex=function(){var e=new b.DERSequence({array:this.asn1Array});return e.tohex()};this.getEncodedHex=function(){return this.tohex()};this.asn1Array=new Array();if(typeof d!="undefined"){this.setByParamArray(d)}};extendClass(KJUR.asn1.x509.GeneralNames,KJUR.asn1.ASN1Object);KJUR.asn1.x509.OtherName=function(g){KJUR.asn1.x509.OtherName.superclass.constructor.call(this);var f=null,e=null,d=KJUR,c=d.asn1,h=c.DERObjectIdentifier,a=c.DERSequence,b=c.ASN1Util.newObject;this.params=null;this.setByParam=function(i){this.params=i};this.tohex=function(){var k=this.params;if(k.oid==undefined||k.value==undefined){throw new Error("oid or value not specified")}var l=new h({oid:k.oid});var i=b({tag:{tag:"a0",explicit:true,obj:k.value}});var j=new a({array:[l,i]});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!==undefined){this.setByParam(g)}};extendClass(KJUR.asn1.x509.OtherName,KJUR.asn1.ASN1Object);KJUR.asn1.x509.OID=new function(){var a=KJUR.asn1.DERObjectIdentifier;this.name2oidList={sha1:"1.3.14.3.2.26",sha256:"2.16.840.1.101.3.4.2.1",sha384:"2.16.840.1.101.3.4.2.2",sha512:"2.16.840.1.101.3.4.2.3",sha224:"2.16.840.1.101.3.4.2.4",md5:"1.2.840.113549.2.5",md2:"1.3.14.7.2.2.1",ripemd160:"1.3.36.3.2.1",MD2withRSA:"1.2.840.113549.1.1.2",MD4withRSA:"1.2.840.113549.1.1.3",MD5withRSA:"1.2.840.113549.1.1.4",SHA1withRSA:"1.2.840.113549.1.1.5","pkcs1-MGF":"1.2.840.113549.1.1.8",rsaPSS:"1.2.840.113549.1.1.10",SHA224withRSA:"1.2.840.113549.1.1.14",SHA256withRSA:"1.2.840.113549.1.1.11",SHA384withRSA:"1.2.840.113549.1.1.12",SHA512withRSA:"1.2.840.113549.1.1.13",SHA1withECDSA:"1.2.840.10045.4.1",SHA224withECDSA:"1.2.840.10045.4.3.1",SHA256withECDSA:"1.2.840.10045.4.3.2",SHA384withECDSA:"1.2.840.10045.4.3.3",SHA512withECDSA:"1.2.840.10045.4.3.4",dsa:"1.2.840.10040.4.1",SHA1withDSA:"1.2.840.10040.4.3",SHA224withDSA:"2.16.840.1.101.3.4.3.1",SHA256withDSA:"2.16.840.1.101.3.4.3.2",rsaEncryption:"1.2.840.113549.1.1.1",commonName:"2.5.4.3",countryName:"2.5.4.6",localityName:"2.5.4.7",stateOrProvinceName:"2.5.4.8",streetAddress:"2.5.4.9",organizationName:"2.5.4.10",organizationalUnitName:"2.5.4.11",domainComponent:"0.9.2342.19200300.100.1.25",userId:"0.9.2342.19200300.100.1.1",surname:"2.5.4.4",givenName:"2.5.4.42",title:"2.5.4.12",distinguishedName:"2.5.4.49",emailAddress:"1.2.840.113549.1.9.1",description:"2.5.4.13",businessCategory:"2.5.4.15",postalCode:"2.5.4.17",uniqueIdentifier:"2.5.4.45",organizationIdentifier:"2.5.4.97",jurisdictionOfIncorporationL:"1.3.6.1.4.1.311.60.2.1.1",jurisdictionOfIncorporationSP:"1.3.6.1.4.1.311.60.2.1.2",jurisdictionOfIncorporationC:"1.3.6.1.4.1.311.60.2.1.3",subjectDirectoryAttributes:"2.5.29.9",subjectKeyIdentifier:"2.5.29.14",keyUsage:"2.5.29.15",subjectAltName:"2.5.29.17",issuerAltName:"2.5.29.18",basicConstraints:"2.5.29.19",cRLNumber:"2.5.29.20",cRLReason:"2.5.29.21",nameConstraints:"2.5.29.30",cRLDistributionPoints:"2.5.29.31",certificatePolicies:"2.5.29.32",anyPolicy:"2.5.29.32.0",authorityKeyIdentifier:"2.5.29.35",policyConstraints:"2.5.29.36",extKeyUsage:"2.5.29.37",authorityInfoAccess:"1.3.6.1.5.5.7.1.1",ocsp:"1.3.6.1.5.5.7.48.1",ocspBasic:"1.3.6.1.5.5.7.48.1.1",ocspNonce:"1.3.6.1.5.5.7.48.1.2",ocspNoCheck:"1.3.6.1.5.5.7.48.1.5",caIssuers:"1.3.6.1.5.5.7.48.2",anyExtendedKeyUsage:"2.5.29.37.0",serverAuth:"1.3.6.1.5.5.7.3.1",clientAuth:"1.3.6.1.5.5.7.3.2",codeSigning:"1.3.6.1.5.5.7.3.3",emailProtection:"1.3.6.1.5.5.7.3.4",timeStamping:"1.3.6.1.5.5.7.3.8",ocspSigning:"1.3.6.1.5.5.7.3.9",smtpUTF8Mailbox:"1.3.6.1.5.5.7.8.9",dateOfBirth:"1.3.6.1.5.5.7.9.1",placeOfBirth:"1.3.6.1.5.5.7.9.2",gender:"1.3.6.1.5.5.7.9.3",countryOfCitizenship:"1.3.6.1.5.5.7.9.4",countryOfResidence:"1.3.6.1.5.5.7.9.5",ecPublicKey:"1.2.840.10045.2.1","P-256":"1.2.840.10045.3.1.7",secp256r1:"1.2.840.10045.3.1.7",secp256k1:"1.3.132.0.10",secp384r1:"1.3.132.0.34",secp521r1:"1.3.132.0.35",pkcs5PBES2:"1.2.840.113549.1.5.13",pkcs5PBKDF2:"1.2.840.113549.1.5.12","des-EDE3-CBC":"1.2.840.113549.3.7",data:"1.2.840.113549.1.7.1","signed-data":"1.2.840.113549.1.7.2","enveloped-data":"1.2.840.113549.1.7.3","digested-data":"1.2.840.113549.1.7.5","encrypted-data":"1.2.840.113549.1.7.6","authenticated-data":"1.2.840.113549.1.9.16.1.2",tstinfo:"1.2.840.113549.1.9.16.1.4",signingCertificate:"1.2.840.113549.1.9.16.2.12",timeStampToken:"1.2.840.113549.1.9.16.2.14",signaturePolicyIdentifier:"1.2.840.113549.1.9.16.2.15",etsArchiveTimeStamp:"1.2.840.113549.1.9.16.2.27",signingCertificateV2:"1.2.840.113549.1.9.16.2.47",etsArchiveTimeStampV2:"1.2.840.113549.1.9.16.2.48",extensionRequest:"1.2.840.113549.1.9.14",contentType:"1.2.840.113549.1.9.3",messageDigest:"1.2.840.113549.1.9.4",signingTime:"1.2.840.113549.1.9.5",counterSignature:"1.2.840.113549.1.9.6",archiveTimeStampV3:"0.4.0.1733.2.4",pdfRevocationInfoArchival:"1.2.840.113583.1.1.8",adobeTimeStamp:"1.2.840.113583.1.1.9.1",};this.atype2oidList={CN:"2.5.4.3",L:"2.5.4.7",ST:"2.5.4.8",O:"2.5.4.10",OU:"2.5.4.11",C:"2.5.4.6",STREET:"2.5.4.9",DC:"0.9.2342.19200300.100.1.25",UID:"0.9.2342.19200300.100.1.1",SN:"2.5.4.4",T:"2.5.4.12",DN:"2.5.4.49",E:"1.2.840.113549.1.9.1",description:"2.5.4.13",businessCategory:"2.5.4.15",postalCode:"2.5.4.17",serialNumber:"2.5.4.5",uniqueIdentifier:"2.5.4.45",organizationIdentifier:"2.5.4.97",jurisdictionOfIncorporationL:"1.3.6.1.4.1.311.60.2.1.1",jurisdictionOfIncorporationSP:"1.3.6.1.4.1.311.60.2.1.2",jurisdictionOfIncorporationC:"1.3.6.1.4.1.311.60.2.1.3"};this.objCache={};this.name2obj=function(b){if(typeof this.objCache[b]!="undefined"){return this.objCache[b]}if(typeof this.name2oidList[b]=="undefined"){throw"Name of ObjectIdentifier not defined: "+b}var c=this.name2oidList[b];var d=new a({oid:c});this.objCache[b]=d;return d};this.atype2obj=function(b){if(this.objCache[b]!==undefined){return this.objCache[b]}var c;if(b.match(/^\d+\.\d+\.[0-9.]+$/)){c=b}else{if(this.atype2oidList[b]!==undefined){c=this.atype2oidList[b]}else{if(this.name2oidList[b]!==undefined){c=this.name2oidList[b]}else{throw new Error("AttributeType name undefined: "+b)}}}var d=new a({oid:c});this.objCache[b]=d;return d};this.registerOIDs=function(b){if(!this.checkOIDs(b)){return}for(var c in b){this.name2oidList[c]=b[c]}};this.checkOIDs=function(b){try{var d=Object.keys(b);if(d.length==0){return false}d.map(function(g,e,h){var f=this[g];if(!f.match(/^[0-2]\.[0-9.]+$/)){throw new Error("value is not OID")}},b);return true}catch(c){return false}}};KJUR.asn1.x509.OID.oid2name=function(b){var c=KJUR.asn1.x509.OID.name2oidList;for(var a in c){if(c[a]==b){return a}}return""};KJUR.asn1.x509.OID.oid2atype=function(b){var c=KJUR.asn1.x509.OID.atype2oidList;for(var a in c){if(c[a]==b){return a}}return b};KJUR.asn1.x509.OID.name2oid=function(a){if(a.match(/^[0-9.]+$/)){return a}var b=KJUR.asn1.x509.OID.name2oidList;if(b[a]===undefined){return""}return b[a]};KJUR.asn1.x509.X509Util={};KJUR.asn1.x509.X509Util.newCertPEM=function(e){var d=KJUR.asn1.x509,b=d.TBSCertificate,a=d.Certificate;var c=new a(e);return c.getPEM()};
 if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}if(typeof KJUR.asn1.cms=="undefined"||!KJUR.asn1.cms){KJUR.asn1.cms={}}KJUR.asn1.cms.Attribute=function(f){var e=Error,d=KJUR,c=d.asn1,b=c.DERSequence,a=c.DERSet,g=c.DERObjectIdentifier;this.params=null;this.typeOid=null;this.setByParam=function(h){this.params=h};this.getValueArray=function(){throw new e("not yet implemented abstract")};this.tohex=function(){var j=new g({oid:this.typeOid});var h=new a({array:this.getValueArray()});var i=new b({array:[j,h]});return i.tohex()};this.getEncodedHex=function(){return this.tohex()}};extendClass(KJUR.asn1.cms.Attribute,KJUR.asn1.ASN1Object);KJUR.asn1.cms.ContentType=function(c){var b=KJUR,a=b.asn1;a.cms.ContentType.superclass.constructor.call(this);this.typeOid="1.2.840.113549.1.9.3";this.getValueArray=function(){var d=new a.DERObjectIdentifier(this.params.type);return[d]};if(c!=undefined){this.setByParam(c)}};extendClass(KJUR.asn1.cms.ContentType,KJUR.asn1.cms.Attribute);KJUR.asn1.cms.MessageDigest=function(e){var b=KJUR,a=b.asn1,c=a.DEROctetString,d=a.cms;d.MessageDigest.superclass.constructor.call(this);this.typeOid="1.2.840.113549.1.9.4";this.getValueArray=function(){var f=new c(this.params);return[f]};if(e!=undefined){this.setByParam(e)}};extendClass(KJUR.asn1.cms.MessageDigest,KJUR.asn1.cms.Attribute);KJUR.asn1.cms.SigningTime=function(c){var b=KJUR,a=b.asn1;a.cms.SigningTime.superclass.constructor.call(this);this.typeOid="1.2.840.113549.1.9.5";this.getValueArray=function(){var d=new a.x509.Time(this.params);return[d]};if(c!=undefined){this.setByParam(c)}};extendClass(KJUR.asn1.cms.SigningTime,KJUR.asn1.cms.Attribute);KJUR.asn1.cms.SigningCertificate=function(h){var e=Error,d=KJUR,c=d.asn1,b=c.DERSequence,g=c.cms,a=g.ESSCertID,f=d.crypto;g.SigningCertificate.superclass.constructor.call(this);this.typeOid="1.2.840.113549.1.9.16.2.12";this.getValueArray=function(){if(this.params==null||this.params==undefined||this.params.array==undefined){throw new e("parameter 'array' not specified")}var o=this.params.array;var k=[];for(var l=0;l<o.length;l++){var n=o[l];if(h.hasis==false&&(typeof n=="string"&&(n.indexOf("-----BEGIN")!=-1||ASN1HEX.isASN1HEX(n)))){n={cert:n}}if(n.hasis!=false&&h.hasis==false){n.hasis=false}k.push(new a(n))}var j=new b({array:k});var m=new b({array:[j]});return[m]};if(h!=undefined){this.setByParam(h)}};extendClass(KJUR.asn1.cms.SigningCertificate,KJUR.asn1.cms.Attribute);KJUR.asn1.cms.ESSCertID=function(g){KJUR.asn1.cms.ESSCertID.superclass.constructor.call(this);var d=Error,c=KJUR,b=c.asn1,f=b.DEROctetString,a=b.DERSequence,e=b.cms.IssuerSerial;this.params=null;this.getCertHash=function(k,h){if(k.hash!=undefined){return k.hash}if(typeof k=="string"&&k.indexOf("-----BEGIN")==-1&&!ASN1HEX.isASN1HEX(k)){return k}var i;if(typeof k=="string"){i=k}else{if(k.cert!=undefined){i=k.cert}else{throw new d("hash nor cert unspecified")}}var j;if(i.indexOf("-----BEGIN")!=-1){j=pemtohex(i)}else{j=i}if(typeof k=="string"){if(k.indexOf("-----BEGIN")!=-1){j=pemtohex(k)}else{if(ASN1HEX.isASN1HEX(k)){j=k}}}var l;if(k.alg!=undefined){l=k.alg}else{if(h!=undefined){l=h}else{throw new d("hash alg unspecified")}}return c.crypto.Util.hashHex(j,l)};this.tohex=function(){var k=this.params;var j=this.getCertHash(k,"sha1");var h=[];h.push(new f({hex:j}));if((typeof k=="string"&&k.indexOf("-----BEGIN")!=-1)||(k.cert!=undefined&&k.hasis!=false)||(k.issuer!=undefined&&k.serial!=undefined)){h.push(new e(k))}var i=new a({array:h});return i.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!=undefined){this.setByParam(g)}};extendClass(KJUR.asn1.cms.ESSCertID,KJUR.asn1.ASN1Object);KJUR.asn1.cms.SigningCertificateV2=function(d){var h=Error,a=KJUR,g=a.asn1,e=g.DERSequence,b=g.x509,i=g.cms,c=i.ESSCertIDv2,f=a.crypto;i.SigningCertificateV2.superclass.constructor.call(this);this.typeOid="1.2.840.113549.1.9.16.2.47";this.getValueArray=function(){if(this.params==null||this.params==undefined||this.params.array==undefined){throw new h("parameter 'array' not specified")}var o=this.params.array;var l=[];for(var m=0;m<o.length;m++){var n=o[m];if((d.alg!=undefined||d.hasis==false)&&(typeof n=="string"&&(n.indexOf("-----BEGIN")!=-1||ASN1HEX.isASN1HEX(n)))){n={cert:n}}if(n.alg==undefined&&d.alg!=undefined){n.alg=d.alg}if(n.hasis!=false&&d.hasis==false){n.hasis=false}l.push(new c(n))}var k=new e({array:l});var j=new e({array:[k]});return[j]};if(d!=undefined){this.setByParam(d)}};extendClass(KJUR.asn1.cms.SigningCertificateV2,KJUR.asn1.cms.Attribute);KJUR.asn1.cms.ESSCertIDv2=function(h){KJUR.asn1.cms.ESSCertIDv2.superclass.constructor.call(this);var d=Error,c=KJUR,b=c.asn1,f=b.DEROctetString,a=b.DERSequence,e=b.cms.IssuerSerial,g=b.x509.AlgorithmIdentifier;this.params=null;this.tohex=function(){var l=this.params;var k=this.getCertHash(l,"sha256");var i=[];if(l.alg!=undefined&&l.alg!="sha256"){i.push(new g({name:l.alg}))}i.push(new f({hex:k}));if((typeof l=="string"&&l.indexOf("-----BEGIN")!=-1)||(l.cert!=undefined&&l.hasis!=false)||(l.issuer!=undefined&&l.serial!=undefined)){i.push(new e(l))}var j=new a({array:i});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};if(h!=undefined){this.setByParam(h)}};extendClass(KJUR.asn1.cms.ESSCertIDv2,KJUR.asn1.cms.ESSCertID);KJUR.asn1.cms.IssuerSerial=function(e){var i=Error,c=KJUR,h=c.asn1,g=h.DERInteger,f=h.DERSequence,j=h.cms,d=h.x509,a=d.GeneralNames,b=X509;j.IssuerSerial.superclass.constructor.call(this);this.setByParam=function(k){this.params=k};this.tohex=function(){var p=this.params;var l,r;if((typeof p=="string"&&p.indexOf("-----BEGIN")!=-1)||p.cert!=undefined){var n;if(p.cert!=undefined){n=p.cert}else{n=p}var k=new b();k.readCertPEM(n);l=k.getIssuer();r={hex:k.getSerialNumberHex()}}else{if(p.issuer!=undefined&&p.serial){l=p.issuer;r=p.serial}else{throw new i("cert or issuer and serial parameter not specified")}}var q=new a([{dn:l}]);var o=new g(r);var m=new f({array:[q,o]});return m.tohex()};this.getEncodedHex=function(){return this.tohex()};if(e!=undefined){this.setByParam(e)}};extendClass(KJUR.asn1.cms.IssuerSerial,KJUR.asn1.ASN1Object);KJUR.asn1.cms.SignerIdentifier=function(f){var c=KJUR,i=c.asn1,h=i.DERInteger,g=i.DERSequence,l=i.cms,k=l.IssuerAndSerialNumber,d=l.SubjectKeyIdentifier,e=i.x509,a=e.X500Name,b=X509,j=Error;l.SignerIdentifier.superclass.constructor.call(this);this.params=null;this.tohex=function(){var o=this.params;if(o.type=="isssn"){var m=new k(o);return m.tohex()}else{if(o.type=="skid"){var n=new d(o);return n.tohex()}else{throw new Error("wrong property for isssn or skid")}}};this.getEncodedHex=function(){return this.tohex()};if(f!=undefined){this.setByParam(f)}};extendClass(KJUR.asn1.cms.SignerIdentifier,KJUR.asn1.ASN1Object);KJUR.asn1.cms.IssuerAndSerialNumber=function(e){var c=KJUR,h=c.asn1,g=h.DERInteger,f=h.DERSequence,j=h.cms,d=h.x509,a=d.X500Name,b=X509,i=Error;j.IssuerAndSerialNumber.superclass.constructor.call(this);this.params=null;this.tohex=function(){var p=this.params;var l,r;if((typeof p=="string"&&p.indexOf("-----BEGIN")!=-1)||p.cert!=undefined){var n;if(p.cert!=undefined){n=p.cert}else{n=p}var k=new b();k.readCertPEM(n);l=k.getIssuer();r={hex:k.getSerialNumberHex()}}else{if(p.issuer!=undefined&&p.serial){l=p.issuer;r=p.serial}else{throw new i("cert or issuer and serial parameter not specified")}}var q=new a(l);var o=new g(r);var m=new f({array:[q,o]});return m.tohex()};this.getEncodedHex=function(){return this.tohex()};this.setByParam=function(k){this.params=k};if(e!=undefined){this.setByParam(e)}};extendClass(KJUR.asn1.cms.IssuerAndSerialNumber,KJUR.asn1.ASN1Object);KJUR.asn1.cms.SubjectKeyIdentifier=function(g){var d=KJUR,k=d.asn1,i=k.DERInteger,h=k.DERSequence,j=k.ASN1Util.newObject,m=k.cms,f=m.IssuerAndSerialName,c=m.SubjectKeyIdentifier,e=k.x509,a=e.X500Name,b=X509,l=Error;m.SubjectKeyIdentifier.superclass.constructor.call(this);this.tohex=function(){var r=this.params;if(r.cert==undefined&&r.skid==undefined){throw new l("property cert nor skid undefined")}var q;if(r.cert!=undefined){var n=new b(r.cert);var o=n.getExtSubjectKeyIdentifier();q=o.kid.hex}else{if(r.skid!=undefined){q=r.skid}}var p=j({tag:{tage:"a0",obj:{octstr:{hex:q}}}});return p.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!=undefined){this.setByParam(g)}};extendClass(KJUR.asn1.cms.SubjectKeyIdentifier,KJUR.asn1.ASN1Object);KJUR.asn1.cms.AttributeList=function(f){var d=Error,c=KJUR,b=c.asn1,a=b.DERSet,e=b.cms;e.AttributeList.superclass.constructor.call(this);this.params=null;this.hTLV=null;this.setByParam=function(g){this.params=g};this.tohex=function(){var o=this.params;if(this.hTLV!=null){return this.hTLV}var m=true;if(o.sortflag!=undefined){m=o.sortflag}var j=o.array;var g=[];for(var l=0;l<j.length;l++){var n=j[l];var k=n.attr;if(k=="contentType"){g.push(new e.ContentType(n))}else{if(k=="messageDigest"){g.push(new e.MessageDigest(n))}else{if(k=="signingTime"){g.push(new e.SigningTime(n))}else{if(k=="signingCertificate"){g.push(new e.SigningCertificate(n))}else{if(k=="signingCertificateV2"){g.push(new e.SigningCertificateV2(n))}else{if(k=="signaturePolicyIdentifier"){g.push(new KJUR.asn1.cades.SignaturePolicyIdentifier(n))}else{if(k=="signatureTimeStamp"||k=="timeStampToken"){g.push(new KJUR.asn1.cades.SignatureTimeStamp(n))}else{throw new d("unknown attr: "+k)}}}}}}}}var h=new a({array:g,sortflag:m});this.hTLV=h.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(f!=undefined){this.setByParam(f)}};extendClass(KJUR.asn1.cms.AttributeList,KJUR.asn1.ASN1Object);KJUR.asn1.cms.SignerInfo=function(q){var n=Error,r=KJUR,i=r.asn1,c=i.DERInteger,f=i.DEROctetString,h=i.DERSequence,m=i.DERTaggedObject,k=i.cms,p=k.SignerIdentifier,l=k.AttributeList,g=k.ContentType,e=k.EncapsulatedContentInfo,d=k.MessageDigest,j=k.SignedData,a=i.x509,s=a.AlgorithmIdentifier,b=r.crypto,o=KEYUTIL;k.SignerInfo.superclass.constructor.call(this);this.params=null;this.sign=function(){var y=this.params;var x=y.sigalg;var u=(new l(y.sattrs)).tohex();var v=o.getKey(y.signkey);var w=new b.Signature({alg:x});w.init(v);w.updateHex(u);var t=w.sign();y.sighex=t};this.tohex=function(){var w=this.params;var t=[];t.push(new c({"int":w.version}));t.push(new p(w.id));t.push(new s({name:w.hashalg}));if(w.sattrs!=undefined){var x=new l(w.sattrs);try{t.push(new m({tag:"a0",explicit:false,obj:x}))}catch(v){throw new n("si sattr error: "+v)}}if(w.sigalgfield!=undefined){t.push(new s({name:w.sigalgfield}))}else{t.push(new s({name:w.sigalg}))}if(w.sighex==undefined&&w.signkey!=undefined){this.sign()}t.push(new f({hex:w.sighex}));if(w.uattrs!=undefined){var x=new l(w.uattrs);try{t.push(new m({tag:"a1",explicit:false,obj:x}))}catch(v){throw new n("si uattr error: "+v)}}var u=new h({array:t});return u.tohex()};this.getEncodedHex=function(){return this.tohex()};if(q!=undefined){this.setByParam(q)}};extendClass(KJUR.asn1.cms.SignerInfo,KJUR.asn1.ASN1Object);KJUR.asn1.cms.EncapsulatedContentInfo=function(g){var c=KJUR,b=c.asn1,e=b.DERTaggedObject,a=b.DERSequence,h=b.DERObjectIdentifier,d=b.DEROctetString,f=b.cms;f.EncapsulatedContentInfo.superclass.constructor.call(this);this.params=null;this.tohex=function(){var m=this.params;var i=[];i.push(new h(m.type));if(m.content!=undefined&&(m.content.hex!=undefined||m.content.str!=undefined)&&m.isDetached!=true){var k=new d(m.content);var l=new e({tag:"a0",explicit:true,obj:k});i.push(l)}var j=new a({array:i});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};this.setByParam=function(i){this.params=i};if(g!=undefined){this.setByParam(g)}};extendClass(KJUR.asn1.cms.EncapsulatedContentInfo,KJUR.asn1.ASN1Object);KJUR.asn1.cms.ContentInfo=function(g){var c=KJUR,b=c.asn1,d=b.DERTaggedObject,a=b.DERSequence,h=b.DERObjectIdentifier,f=b.x509,e=f.OID.name2obj;KJUR.asn1.cms.ContentInfo.superclass.constructor.call(this);this.params=null;this.tohex=function(){var l=this.params;var i=[];i.push(new h(l.type));var k=new d({tag:"a0",explicit:true,obj:l.obj});i.push(k);var j=new a({array:i});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};this.setByParam=function(i){this.params=i};if(g!=undefined){this.setByParam(g)}};extendClass(KJUR.asn1.cms.ContentInfo,KJUR.asn1.ASN1Object);KJUR.asn1.cms.SignedData=function(e){var j=Error,a=KJUR,h=a.asn1,m=h.ASN1Object,g=h.DERInteger,p=h.DERSet,f=h.DERSequence,b=h.DERTaggedObject,o=h.cms,l=o.EncapsulatedContentInfo,d=o.SignerInfo,q=o.ContentInfo,k=o.CertificateSet,i=o.RevocationInfoChoices,c=h.x509,n=c.AlgorithmIdentifier;KJUR.asn1.cms.SignedData.superclass.constructor.call(this);this.params=null;this.checkAndFixParam=function(){var r=this.params;this._setDigestAlgs(r);this._setContentTypeByEContent(r);this._setMessageDigestByEContent(r);this._setSignerInfoVersion(r);this._setSignedDataVersion(r)};this._setDigestAlgs=function(v){var u={};var t=v.sinfos;for(var r=0;r<t.length;r++){var s=t[r];u[s.hashalg]=1}v.hashalgs=Object.keys(u).sort()};this._setContentTypeByEContent=function(w){var u=w.econtent.type;var v=w.sinfos;for(var r=0;r<v.length;r++){var t=v[r];var s=this._getAttrParamByName(t,"contentType");s.type=u}};this._setMessageDigestByEContent=function(r){var v=r.econtent;var y=r.econtent.type;var x=v.content.hex;if(x==undefined&&v.type=="data"&&v.content.str!=undefined){x=rstrtohex(v.content.str)}var A=r.sinfos;for(var u=0;u<A.length;u++){var t=A[u];var s=t.hashalg;var z=this._getAttrParamByName(t,"messageDigest");var w=KJUR.crypto.Util.hashHex(x,s);z.hex=w}};this._getAttrParamByName=function(t,s){var u=t.sattrs.array;for(var r=0;r<u.length;r++){if(u[r].attr==s){return u[r]}}};this._setSignerInfoVersion=function(v){var t=v.sinfos;for(var r=0;r<t.length;r++){var s=t[r];var u=1;if(s.id.type=="skid"){u=3}s.version=u}};this._setSignedDataVersion=function(s){var r=this._getSignedDataVersion(s);s.version=r};this._getSignedDataVersion=function(w){if(w.revinfos!=undefined){var r=w.revinfos;for(var t=0;t<r.length;t++){var s=r[t];if(s.ocsp!=undefined){return 5}}}var v=w.sinfos;for(var t=0;t<v.length;t++){var u=w.sinfos[t];if(u.version==3){return 3}}if(w.econtent.type!="data"){return 3}return 1};this.tohex=function(){var y=this.params;if(this.getEncodedHexPrepare!=undefined){this.getEncodedHexPrepare()}if(y.fixed!=true){this.checkAndFixParam()}var r=[];r.push(new g({"int":y.version}));var w=[];for(var v=0;v<y.hashalgs.length;v++){var t=y.hashalgs[v];w.push(new n({name:t}))}r.push(new p({array:w}));r.push(new l(y.econtent));if(y.certs!=undefined){r.push(new k(y.certs))}if(y.revinfos!=undefined){r.push(new i(y.revinfos))}var u=[];for(var v=0;v<y.sinfos.length;v++){var x=y.sinfos[v];u.push(new d(x))}r.push(new p({array:u}));var s=new f({array:r});return s.tohex()};this.getEncodedHex=function(){return this.tohex()};this.getContentInfo=function(){var r=new q({type:"signed-data",obj:this});return r};this.getContentInfoEncodedHex=function(){return this.getContentInfo().tohex()};if(e!=undefined){this.setByParam(e)}};extendClass(KJUR.asn1.cms.SignedData,KJUR.asn1.ASN1Object);KJUR.asn1.cms.CertificateSet=function(f){KJUR.asn1.cms.CertificateSet.superclass.constructor.call(this);var c=Error,b=KJUR.asn1,e=b.DERTaggedObject,a=b.DERSet,d=b.ASN1Object;this.params=null;this.tohex=function(){var j=this.params;var p=[];var q;if(j instanceof Array){q=j}else{if(j.array!=undefined){q=j.array}else{throw new c("cert array not specified")}}for(var k=0;k<q.length;k++){var l=q[k];var n=pemtohex(l);var g=new d();g.hTLV=n;p.push(g)}var m={array:p};if(j.sortflag==false){m.sortflag=false}var o=new a(m);var h=new e({tag:"a0",explicit:false,obj:o});return h.tohex()};this.getEncodedHex=function(){return this.tohex()};if(f!=undefined){this.setByParam(f)}};extendClass(KJUR.asn1.cms.CertificateSet,KJUR.asn1.ASN1Object);KJUR.asn1.cms.RevocationInfoChoices=function(a){KJUR.asn1.cms.RevocationInfoChoices.superclass.constructor.call(this);this.params=null;this.tohex=function(){var e=this.params;if(!e instanceof Array){throw new Error("params is not array")}var b=[];for(var c=0;c<e.length;c++){b.push(new KJUR.asn1.cms.RevocationInfoChoice(e[c]))}var d=KJUR.asn1.ASN1Util.newObject({tag:{tagi:"a1",obj:{set:b}}});return d.tohex()};this.getEncodedHex=function(){return this.tohex()};if(a!=undefined){this.setByParam(a)}};extendClass(KJUR.asn1.cms.RevocationInfoChoices,KJUR.asn1.ASN1Object);KJUR.asn1.cms.RevocationInfoChoice=function(a){KJUR.asn1.cms.RevocationInfoChoice.superclass.constructor.call(this);this.params=null;this.tohex=function(){var d=this.params;if(d.crl!=undefined&&typeof d.crl=="string"){var b=d.crl;if(d.crl.indexOf("-----BEGIN")!=-1){b=pemtohex(d.crl)}return b}else{if(d.ocsp!=undefined){var c=KJUR.asn1.ASN1Util.newObject({tag:{tagi:"a1",obj:new KJUR.asn1.cms.OtherRevocationFormat(d)}});return c.tohex()}else{throw new Error("property crl or ocsp undefined")}}};this.getEncodedHex=function(){return this.tohex()};if(a!=undefined){this.setByParam(a)}};extendClass(KJUR.asn1.cms.RevocationInfoChoice,KJUR.asn1.ASN1Object);KJUR.asn1.cms.OtherRevocationFormat=function(f){KJUR.asn1.cms.OtherRevocationFormat.superclass.constructor.call(this);var d=Error,c=KJUR,b=c.asn1,a=b.ASN1Util.newObject,e=c.lang.String.isHex;this.params=null;this.tohex=function(){var h=this.params;if(h.ocsp==undefined){throw new d("property ocsp not specified")}if(!e(h.ocsp)||!ASN1HEX.isASN1HEX(h.ocsp)){throw new d("ocsp value not ASN.1 hex string")}var g=a({seq:[{oid:"1.3.6.1.5.5.7.16.2"},{asn1:{tlv:h.ocsp}}]});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(f!=undefined){this.setByParam(f)}};extendClass(KJUR.asn1.cms.OtherRevocationFormat,KJUR.asn1.ASN1Object);KJUR.asn1.cms.CMSUtil=new function(){};KJUR.asn1.cms.CMSUtil.newSignedData=function(a){return new KJUR.asn1.cms.SignedData(a)};KJUR.asn1.cms.CMSUtil.verifySignedData=function(n){var C=KJUR,p=C.asn1,s=p.cms,D=s.SignerInfo,q=s.SignedData,y=s.SigningTime,b=s.SigningCertificate,d=s.SigningCertificateV2,A=p.cades,u=A.SignaturePolicyIdentifier,i=C.lang.String.isHex,v=ASN1HEX,h=v.getVbyList,a=v.getTLVbyList,t=v.getIdxbyList,z=v.getChildIdx,c=v.getTLV,B=v.oidname,j=C.crypto.Util.hashHex;if(n.cms===undefined&&!i(n.cms)){}var E=n.cms;var g=function(J,H){var G;for(var I=3;I<6;I++){G=t(J,0,[1,0,I]);if(G!==undefined){var F=J.substr(G,2);if(F==="a0"){H.certsIdx=G}if(F==="a1"){H.revinfosIdx=G}if(F==="31"){H.signerinfosIdx=G}}}};var l=function(I,F){var H=F.signerinfosIdx;if(H===undefined){return}var L=z(I,H);F.signerInfoIdxList=L;for(var G=0;G<L.length;G++){var K=L[G];var J={idx:K};k(I,J);F.signerInfos.push(J)}};var k=function(I,J){var F=J.idx;J.signerid_issuer1=a(I,F,[1,0],"30");J.signerid_serial1=h(I,F,[1,1],"02");J.hashalg=B(h(I,F,[2,0],"06"));var H=t(I,F,[3],"a0");J.idxSignedAttrs=H;f(I,J,H);var G=z(I,F);var K=G.length;if(K<6){throw"malformed SignerInfo"}J.sigalg=B(h(I,F,[K-2,0],"06"));J.sigval=h(I,F,[K-1],"04")};var f=function(L,M,F){var J=z(L,F);M.signedAttrIdxList=J;for(var K=0;K<J.length;K++){var I=J[K];var G=h(L,I,[0],"06");var H;if(G==="2a864886f70d010905"){H=hextoutf8(h(L,I,[1,0]));M.saSigningTime=H}else{if(G==="2a864886f70d010904"){H=h(L,I,[1,0],"04");M.saMessageDigest=H}}}};var w=function(G,F){if(h(G,0,[0],"06")!=="2a864886f70d010702"){return F}F.cmsType="signedData";F.econtent=h(G,0,[1,0,2,1,0]);g(G,F);F.signerInfos=[];l(G,F)};var o=function(J,F){var G=F.parse.signerInfos;var L=G.length;var K=true;for(var I=0;I<L;I++){var H=G[I];e(J,F,H,I);if(!H.isValid){K=false}}F.isValid=K};var x=function(F,Q,J,P){var N=Q.parse.certsIdx;var H;if(Q.certs===undefined){H=[];Q.certkeys=[];var K=z(F,N);for(var I=0;I<K.length;I++){var M=c(F,K[I]);var O=new X509();O.readCertHex(M);H[I]=O;Q.certkeys[I]=O.getPublicKey()}Q.certs=H}else{H=Q.certs}Q.cccc=H.length;Q.cccci=K.length;for(var I=0;I<H.length;I++){var L=O.getIssuerHex();var G=O.getSerialNumberHex();if(J.signerid_issuer1===L&&J.signerid_serial1===G){J.certkey_idx=I}}};var e=function(F,R,I,N){I.verifyDetail={};var Q=I.verifyDetail;var K=R.parse.econtent;var G=I.hashalg;var L=I.saMessageDigest;Q.validMessageDigest=false;if(j(K,G)===L){Q.validMessageDigest=true}x(F,R,I,N);Q.validSignatureValue=false;var H=I.sigalg;var M="31"+c(F,I.idxSignedAttrs).substr(2);I.signedattrshex=M;var J=R.certs[I.certkey_idx].getPublicKey();var P=new KJUR.crypto.Signature({alg:H});P.init(J);P.updateHex(M);var O=P.verify(I.sigval);Q.validSignatureValue_isValid=O;if(O===true){Q.validSignatureValue=true}I.isValid=false;if(Q.validMessageDigest&&Q.validSignatureValue){I.isValid=true}};var m=function(){};var r={isValid:false,parse:{}};w(E,r.parse);o(E,r);return r};KJUR.asn1.cms.CMSParser=function(){var g=Error,a=X509,h=new a(),l=ASN1HEX,i=l.getV,b=l.getTLV,f=l.getIdxbyList,c=l.getTLVbyList,d=l.getTLVbyListEx,e=l.getVbyList,k=l.getVbyListEx,j=l.getChildIdx;this.getCMSSignedData=function(m){var o=c(m,0,[1,0]);var n=this.getSignedData(o);return n};this.getSignedData=function(o){var q=j(o,0);var v={};var p=i(o,q[0]);var n=parseInt(p,16);v.version=n;var r=b(o,q[1]);v.hashalgs=this.getHashAlgArray(r);var t=b(o,q[2]);v.econtent=this.getEContent(t);var m=d(o,0,["[0]"]);if(m!=null){v.certs=this.getCertificateSet(m)}var u=d(o,0,["[1]"]);if(u!=null){}var s=d(o,0,[3]);v.sinfos=this.getSignerInfos(s);return v};this.getHashAlgArray=function(s){var q=j(s,0);var m=new a();var n=[];for(var r=0;r<q.length;r++){var p=b(s,q[r]);var o=m.getAlgorithmIdentifierName(p);n.push(o)}return n};this.getEContent=function(m){var n={};var p=e(m,0,[0]);var o=e(m,0,[1,0]);n.type=KJUR.asn1.x509.OID.oid2name(ASN1HEX.hextooidstr(p));n.content={hex:o};return n};this.getSignerInfos=function(p){var r=[];var m=j(p,0);for(var n=0;n<m.length;n++){var o=b(p,m[n]);var q=this.getSignerInfo(o);r.push(q)}return r};this.getSignerInfo=function(s){var y={};var u=j(s,0);var q=l.getInt(s,u[0],-1);if(q!=-1){y.version=q}var t=b(s,u[1]);var p=this.getIssuerAndSerialNumber(t);y.id=p;var z=b(s,u[2]);var n=h.getAlgorithmIdentifierName(z);y.hashalg=n;var w=d(s,0,["[0]"]);if(w!=null){var A=this.getAttributeList(w);y.sattrs=A}var m=d(s,0,[3]);var x=h.getAlgorithmIdentifierName(m);y.sigalg=x;var o=k(s,0,[4]);y.sighex=o;var r=d(s,0,["[1]"]);if(r!=null){var v=this.getAttributeList(r);y.uattrs=v}return y};this.getSignerIdentifier=function(m){if(m.substr(0,2)=="30"){return this.getIssuerAndSerialNumber(m)}else{throw new Error("SKID of signerIdentifier not supported")}};this.getIssuerAndSerialNumber=function(n){var o={type:"isssn"};var m=j(n,0);var p=b(n,m[0]);o.issuer=h.getX500Name(p);var q=i(n,m[1]);o.serial={hex:q};return o};this.getAttributeList=function(q){var m=[];var n=j(q,0);for(var o=0;o<n.length;o++){var p=b(q,n[o]);var r=this.getAttribute(p);m.push(r)}return{array:m}};this.getAttribute=function(p){var t={};var q=j(p,0);var o=l.getOID(p,q[0]);var m=KJUR.asn1.x509.OID.oid2name(o);t.attr=m;var r=b(p,q[1]);var u=j(r,0);if(u.length==1){t.valhex=b(r,u[0])}else{var s=[];for(var n=0;n<u.length;n++){s.push(b(r,u[n]))}t.valhex=s}if(m=="contentType"){this.setContentType(t)}else{if(m=="messageDigest"){this.setMessageDigest(t)}else{if(m=="signingTime"){this.setSigningTime(t)}else{if(m=="signingCertificate"){this.setSigningCertificate(t)}else{if(m=="signingCertificateV2"){this.setSigningCertificateV2(t)}else{if(m=="signaturePolicyIdentifier"){this.setSignaturePolicyIdentifier(t)}}}}}}return t};this.setContentType=function(m){var n=l.getOIDName(m.valhex,0,null);if(n!=null){m.type=n;delete m.valhex}};this.setSigningTime=function(o){var n=i(o.valhex,0);var m=hextoutf8(n);o.str=m;delete o.valhex};this.setMessageDigest=function(m){var n=i(m.valhex,0);m.hex=n;delete m.valhex};this.setSigningCertificate=function(n){var q=j(n.valhex,0);if(q.length>0){var m=b(n.valhex,q[0]);var p=j(m,0);var t=[];for(var o=0;o<p.length;o++){var s=b(m,p[o]);var u=this.getESSCertID(s);t.push(u)}n.array=t}if(q.length>1){var r=b(n.valhex,q[1]);n.polhex=r}delete n.valhex};this.setSignaturePolicyIdentifier=function(s){var q=j(s.valhex,0);if(q.length>0){var r=l.getOID(s.valhex,q[0]);s.oid=r}if(q.length>1){var m=new a();var t=j(s.valhex,q[1]);var p=b(s.valhex,t[0]);var o=m.getAlgorithmIdentifierName(p);s.alg=o;var n=i(s.valhex,t[1]);s.hash=n}delete s.valhex};this.setSigningCertificateV2=function(o){var s=j(o.valhex,0);if(s.length>0){var n=b(o.valhex,s[0]);var r=j(n,0);var u=[];for(var q=0;q<r.length;q++){var m=b(n,r[q]);var p=this.getESSCertIDv2(m);u.push(p)}o.array=u}if(s.length>1){var t=b(o.valhex,s[1]);o.polhex=t}delete o.valhex};this.getESSCertID=function(o){var p={};var n=j(o,0);if(n.length>0){var q=i(o,n[0]);p.hash=q}if(n.length>1){var m=b(o,n[1]);var r=this.getIssuerSerial(m);if(r.serial!=undefined){p.serial=r.serial}if(r.issuer!=undefined){p.issuer=r.issuer}}return p};this.getESSCertIDv2=function(q){var s={};var p=j(q,0);if(p.length<1||3<p.length){throw new g("wrong number of elements")}var r=0;if(q.substr(p[0],2)=="30"){var o=b(q,p[0]);s.alg=h.getAlgorithmIdentifierName(o);r++}else{s.alg="sha256"}var n=i(q,p[r]);s.hash=n;if(p.length>r+1){var m=b(q,p[r+1]);var t=this.getIssuerSerial(m);s.issuer=t.issuer;s.serial=t.serial}return s};this.getIssuerSerial=function(q){var r={};var n=j(q,0);var m=b(q,n[0]);var p=h.getGeneralNames(m);var o=p[0].dn;r.issuer=o;var s=i(q,n[1]);r.serial={hex:s};return r};this.getCertificateSet=function(p){var n=j(p,0);var m=[];for(var o=0;o<n.length;o++){var r=b(p,n[o]);if(r.substr(0,2)=="30"){var q=hextopem(r,"CERTIFICATE");m.push(q)}}return{array:m,sortflag:false}}};
 if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}if(typeof KJUR.asn1.tsp=="undefined"||!KJUR.asn1.tsp){KJUR.asn1.tsp={}}KJUR.asn1.tsp.TimeStampToken=function(d){var c=KJUR,b=c.asn1,a=b.tsp;a.TimeStampToken.superclass.constructor.call(this);this.params=null;this.getEncodedHexPrepare=function(){var e=new a.TSTInfo(this.params.econtent.content);this.params.econtent.content.hex=e.tohex()};if(d!=undefined){this.setByParam(d)}};extendClass(KJUR.asn1.tsp.TimeStampToken,KJUR.asn1.cms.SignedData);KJUR.asn1.tsp.TSTInfo=function(f){var m=Error,c=KJUR,j=c.asn1,g=j.DERSequence,i=j.DERInteger,l=j.DERBoolean,h=j.DERGeneralizedTime,n=j.DERObjectIdentifier,e=j.DERTaggedObject,k=j.tsp,d=k.MessageImprint,b=k.Accuracy,a=j.x509.X500Name,o=j.x509.GeneralName;k.TSTInfo.superclass.constructor.call(this);this.dVersion=new i({"int":1});this.dPolicy=null;this.dMessageImprint=null;this.dSerial=null;this.dGenTime=null;this.dAccuracy=null;this.dOrdering=null;this.dNonce=null;this.dTsa=null;this.tohex=function(){var p=[this.dVersion];if(this.dPolicy==null){throw new Error("policy shall be specified.")}p.push(this.dPolicy);if(this.dMessageImprint==null){throw new Error("messageImprint shall be specified.")}p.push(this.dMessageImprint);if(this.dSerial==null){throw new Error("serialNumber shall be specified.")}p.push(this.dSerial);if(this.dGenTime==null){throw new Error("genTime shall be specified.")}p.push(this.dGenTime);if(this.dAccuracy!=null){p.push(this.dAccuracy)}if(this.dOrdering!=null){p.push(this.dOrdering)}if(this.dNonce!=null){p.push(this.dNonce)}if(this.dTsa!=null){p.push(this.dTsa)}var q=new g({array:p});this.hTLV=q.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){if(typeof f.policy=="string"){if(!f.policy.match(/^[0-9.]+$/)){throw"policy shall be oid like 0.1.4.134"}this.dPolicy=new n({oid:f.policy})}if(f.messageImprint!==undefined){this.dMessageImprint=new d(f.messageImprint)}if(f.serial!==undefined){this.dSerial=new i(f.serial)}if(f.genTime!==undefined){this.dGenTime=new h(f.genTime)}if(f.accuracy!==undefined){this.dAccuracy=new b(f.accuracy)}if(f.ordering!==undefined&&f.ordering==true){this.dOrdering=new l()}if(f.nonce!==undefined){this.dNonce=new i(f.nonce)}if(f.tsa!==undefined){this.dTsa=new e({tag:"a0",explicit:true,obj:new o({dn:f.tsa})})}}};extendClass(KJUR.asn1.tsp.TSTInfo,KJUR.asn1.ASN1Object);KJUR.asn1.tsp.Accuracy=function(d){var c=KJUR,b=c.asn1,a=b.ASN1Util.newObject;b.tsp.Accuracy.superclass.constructor.call(this);this.params=null;this.tohex=function(){var f=this.params;var e=[];if(f.seconds!=undefined&&typeof f.seconds=="number"){e.push({"int":f.seconds})}if(f.millis!=undefined&&typeof f.millis=="number"){e.push({tag:{tagi:"80",obj:{"int":f.millis}}})}if(f.micros!=undefined&&typeof f.micros=="number"){e.push({tag:{tagi:"81",obj:{"int":f.micros}}})}return a({seq:e}).tohex()};this.getEncodedHex=function(){return this.tohex()};if(d!=undefined){this.setByParam(d)}};extendClass(KJUR.asn1.tsp.Accuracy,KJUR.asn1.ASN1Object);KJUR.asn1.tsp.MessageImprint=function(g){var c=KJUR,b=c.asn1,a=b.DERSequence,d=b.DEROctetString,f=b.x509,e=f.AlgorithmIdentifier;b.tsp.MessageImprint.superclass.constructor.call(this);this.params=null;this.tohex=function(){var k=this.params;var j=new e({name:k.alg});var h=new d({hex:k.hash});var i=new a({array:[j,h]});return i.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!==undefined){this.setByParam(g)}};extendClass(KJUR.asn1.tsp.MessageImprint,KJUR.asn1.ASN1Object);KJUR.asn1.tsp.TimeStampReq=function(c){var a=KJUR,f=a.asn1,d=f.DERSequence,e=f.DERInteger,h=f.DERBoolean,j=f.ASN1Object,i=f.DERObjectIdentifier,g=f.tsp,b=g.MessageImprint;g.TimeStampReq.superclass.constructor.call(this);this.params=null;this.tohex=function(){var m=this.params;var k=[];k.push(new e({"int":1}));if(m.messageImprint instanceof KJUR.asn1.ASN1Object){k.push(m.messageImprint)}else{k.push(new b(m.messageImprint))}if(m.policy!=undefined){k.push(new i(m.policy))}if(m.nonce!=undefined){k.push(new e(m.nonce))}if(m.certreq==true){k.push(new h())}var l=new d({array:k});return l.tohex()};this.getEncodedHex=function(){return this.tohex()};if(c!=undefined){this.setByParam(c)}};extendClass(KJUR.asn1.tsp.TimeStampReq,KJUR.asn1.ASN1Object);KJUR.asn1.tsp.TimeStampResp=function(g){var e=KJUR,d=e.asn1,c=d.DERSequence,f=d.ASN1Object,a=d.tsp,b=a.PKIStatusInfo;a.TimeStampResp.superclass.constructor.call(this);this.params=null;this.tohex=function(){var j=this.params;var h=[];if(j.econtent!=undefined||j.tst!=undefined){if(j.statusinfo!=undefined){h.push(new b(j.statusinfo))}else{h.push(new b("granted"))}if(j.econtent!=undefined){h.push((new a.TimeStampToken(j)).getContentInfo())}else{if(j.tst instanceof d.ASN1Object){h.push(j.tst)}else{throw new Error("improper member tst value")}}}else{if(j.statusinfo!=undefined){h.push(new b(j.statusinfo))}else{throw new Error("parameter for token nor statusinfo not specified")}}var i=new c({array:h});return i.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!=undefined){this.setByParam(g)}};extendClass(KJUR.asn1.tsp.TimeStampResp,KJUR.asn1.ASN1Object);KJUR.asn1.tsp.PKIStatusInfo=function(d){var h=Error,a=KJUR,g=a.asn1,e=g.DERSequence,i=g.tsp,f=i.PKIStatus,c=i.PKIFreeText,b=i.PKIFailureInfo;i.PKIStatusInfo.superclass.constructor.call(this);this.params=null;this.tohex=function(){var l=this.params;var j=[];if(typeof l=="string"){j.push(new f(l))}else{if(l.status==undefined){throw new h("property 'status' unspecified")}j.push(new f(l.status));if(l.statusstr!=undefined){j.push(new c(l.statusstr))}if(l.failinfo!=undefined){j.push(new b(l.failinfo))}}var k=new e({array:j});return k.tohex()};this.getEncodedHex=function(){return this.tohex()};if(d!=undefined){this.setByParam(d)}};extendClass(KJUR.asn1.tsp.PKIStatusInfo,KJUR.asn1.ASN1Object);KJUR.asn1.tsp.PKIStatus=function(g){var e=Error,d=KJUR,c=d.asn1,f=c.DERInteger,b=c.tsp;b.PKIStatus.superclass.constructor.call(this);var a={granted:0,grantedWithMods:1,rejection:2,waiting:3,revocationWarning:4,revocationNotification:5};this.params=null;this.tohex=function(){var k=this.params;var h,j;if(typeof k=="string"){try{j=a[k]}catch(i){throw new e("undefined name: "+k)}}else{if(typeof k=="number"){j=k}else{throw new e("unsupported params")}}return(new f({"int":j})).tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!=undefined){this.setByParam(g)}};extendClass(KJUR.asn1.tsp.PKIStatus,KJUR.asn1.ASN1Object);KJUR.asn1.tsp.PKIFreeText=function(g){var f=Error,e=KJUR,d=e.asn1,b=d.DERSequence,c=d.DERUTF8String,a=d.tsp;a.PKIFreeText.superclass.constructor.call(this);this.params=null;this.tohex=function(){var l=this.params;if(!l instanceof Array){throw new f("wrong params: not array")}var h=[];for(var k=0;k<l.length;k++){h.push(new c({str:l[k]}))}var j=new b({array:h});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!=undefined){this.setByParam(g)}};extendClass(KJUR.asn1.tsp.PKIFreeText,KJUR.asn1.ASN1Object);KJUR.asn1.tsp.PKIFailureInfo=function(h){var f=Error,e=KJUR,d=e.asn1,g=d.DERBitString,b=d.tsp,c=b.PKIFailureInfo;var a={badAlg:0,badRequest:2,badDataFormat:5,timeNotAvailable:14,unacceptedPolicy:15,unacceptedExtension:16,addInfoNotAvailable:17,systemFailure:25};c.superclass.constructor.call(this);this.params=null;this.getBinValue=function(){var n=this.params;var m=0;if(typeof n=="number"&&0<=n&&n<=25){m|=1<<n;var k=m.toString(2);var l="";for(var j=k.length-1;j>=0;j--){l+=k[j]}return l}else{if(typeof n=="string"&&a[n]!=undefined){return namearraytobinstr([n],a)}else{if(typeof n=="object"&&n.length!=undefined){return namearraytobinstr(n,a)}else{throw new f("wrong params")}}}return};this.tohex=function(){var j=this.params;var i=this.getBinValue();return(new g({bin:i})).tohex()};this.getEncodedHex=function(){return this.tohex()};if(h!=undefined){this.setByParam(h)}};extendClass(KJUR.asn1.tsp.PKIFailureInfo,KJUR.asn1.ASN1Object);KJUR.asn1.tsp.AbstractTSAAdapter=function(a){this.getTSTHex=function(c,b){throw"not implemented yet"}};KJUR.asn1.tsp.SimpleTSAAdapter=function(e){var d=KJUR,c=d.asn1,a=c.tsp,b=d.crypto.Util.hashHex;a.SimpleTSAAdapter.superclass.constructor.call(this);this.params=null;this.serial=0;this.getTSTHex=function(g,f){var i=b(g,f);this.params.econtent.content.messageImprint={alg:f,hash:i};this.params.econtent.content.serial={"int":this.serial++};var h=Math.floor(Math.random()*1000000000);this.params.econtent.content.nonce={"int":h};var j=new a.TimeStampToken(this.params);return j.getContentInfoEncodedHex()};if(e!==undefined){this.params=e}};extendClass(KJUR.asn1.tsp.SimpleTSAAdapter,KJUR.asn1.tsp.AbstractTSAAdapter);KJUR.asn1.tsp.FixedTSAAdapter=function(e){var d=KJUR,c=d.asn1,a=c.tsp,b=d.crypto.Util.hashHex;a.FixedTSAAdapter.superclass.constructor.call(this);this.params=null;this.getTSTHex=function(g,f){var h=b(g,f);this.params.econtent.content.messageImprint={alg:f,hash:h};var i=new a.TimeStampToken(this.params);return i.getContentInfoEncodedHex()};if(e!==undefined){this.params=e}};extendClass(KJUR.asn1.tsp.FixedTSAAdapter,KJUR.asn1.tsp.AbstractTSAAdapter);KJUR.asn1.tsp.TSPUtil=new function(){};KJUR.asn1.tsp.TSPUtil.newTimeStampToken=function(a){return new KJUR.asn1.tsp.TimeStampToken(a)};KJUR.asn1.tsp.TSPUtil.parseTimeStampReq=function(a){var b=new KJUR.asn1.tsp.TSPParser();return b.getTimeStampReq(a)};KJUR.asn1.tsp.TSPUtil.parseMessageImprint=function(a){var b=new KJUR.asn1.tsp.TSPParser();return b.getMessageImprint(a)};KJUR.asn1.tsp.TSPParser=function(){var e=Error,a=X509,f=new a(),k=ASN1HEX,g=k.getV,b=k.getTLV,d=k.getIdxbyList,c=k.getTLVbyListEx,i=k.getChildIdx;var j=["granted","grantedWithMods","rejection","waiting","revocationWarning","revocationNotification"];var h={0:"badAlg",2:"badRequest",5:"badDataFormat",14:"timeNotAvailable",15:"unacceptedPolicy",16:"unacceptedExtension",17:"addInfoNotAvailable",25:"systemFailure"};this.getResponse=function(n){var l=i(n,0);if(l.length==1){return this.getPKIStatusInfo(b(n,l[0]))}else{if(l.length>1){var o=this.getPKIStatusInfo(b(n,l[0]));var m=b(n,l[1]);var p=this.getToken(m);p.statusinfo=o;return p}}};this.getToken=function(m){var l=new KJUR.asn1.cms.CMSParser;var n=l.getCMSSignedData(m);this.setTSTInfo(n);return n};this.setTSTInfo=function(l){var o=l.econtent;if(o.type=="tstinfo"){var n=o.content.hex;var m=this.getTSTInfo(n);o.content=m}};this.getTSTInfo=function(r){var x={};var s=i(r,0);var p=g(r,s[1]);x.policy=hextooid(p);var o=b(r,s[2]);x.messageImprint=this.getMessageImprint(o);var u=g(r,s[3]);x.serial={hex:u};var y=g(r,s[4]);x.genTime={str:hextoutf8(y)};var q=0;if(s.length>5&&r.substr(s[5],2)=="30"){var v=b(r,s[5]);x.accuracy=this.getAccuracy(v);q++}if(s.length>5+q&&r.substr(s[5+q],2)=="01"){var z=g(r,s[5+q]);if(z=="ff"){x.ordering=true}q++}if(s.length>5+q&&r.substr(s[5+q],2)=="02"){var n=g(r,s[5+q]);x.nonce={hex:n};q++}if(s.length>5+q&&r.substr(s[5+q],2)=="a0"){var m=b(r,s[5+q]);m="30"+m.substr(2);pGeneralNames=f.getGeneralNames(m);var t=pGeneralNames[0].dn;x.tsa=t;q++}if(s.length>5+q&&r.substr(s[5+q],2)=="a1"){var l=b(r,s[5+q]);l="30"+l.substr(2);var w=f.getExtParamArray(l);x.ext=w;q++}return x};this.getAccuracy=function(q){var r={};var o=i(q,0);for(var p=0;p<o.length;p++){var m=q.substr(o[p],2);var l=g(q,o[p]);var n=parseInt(l,16);if(m=="02"){r.seconds=n}else{if(m=="80"){r.millis=n}else{if(m=="81"){r.micros=n}}}}return r};this.getMessageImprint=function(n){if(n.substr(0,2)!="30"){throw new Error("head of messageImprint hex shall be x30")}var s={};var l=i(n,0);var t=d(n,0,[0,0]);var o=g(n,t);var p=k.hextooidstr(o);var r=KJUR.asn1.x509.OID.oid2name(p);if(r==""){throw new Error("hashAlg name undefined: "+p)}var m=r;var q=d(n,0,[1]);s.alg=m;s.hash=g(n,q);return s};this.getPKIStatusInfo=function(o){var t={};var r=i(o,0);var n=0;try{var l=g(o,r[0]);var p=parseInt(l,16);t.status=j[p]}catch(s){}if(r.length>1&&o.substr(r[1],2)=="30"){var m=b(o,r[1]);t.statusstr=this.getPKIFreeText(m);n++}if(r.length>n&&o.substr(r[1+n],2)=="03"){var q=b(o,r[1+n]);t.failinfo=this.getPKIFailureInfo(q)}return t};this.getPKIFreeText=function(n){var o=[];var l=i(n,0);for(var m=0;m<l.length;m++){o.push(k.getString(n,l[m]))}return o};this.getPKIFailureInfo=function(l){var m=k.getInt(l,0);if(h[m]!=undefined){return h[m]}else{return m}};this.getTimeStampReq=function(q){var p={};p.certreq=false;var s=i(q,0);if(s.length<2){throw new Error("TimeStampReq must have at least 2 items")}var n=b(q,s[1]);p.messageImprint=KJUR.asn1.tsp.TSPUtil.parseMessageImprint(n);for(var o=2;o<s.length;o++){var m=s[o];var l=q.substr(m,2);if(l=="06"){var r=g(q,m);p.policy=k.hextooidstr(r)}if(l=="02"){p.nonce=g(q,m)}if(l=="01"){p.certreq=true}}return p}};
 if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}if(typeof KJUR.asn1.cades=="undefined"||!KJUR.asn1.cades){KJUR.asn1.cades={}}KJUR.asn1.cades.SignaturePolicyIdentifier=function(e){var c=KJUR,b=c.asn1,a=b.cades,d=a.SignaturePolicyId;a.SignaturePolicyIdentifier.superclass.constructor.call(this);this.typeOid="1.2.840.113549.1.9.16.2.15";this.params=null;this.getValueArray=function(){return[new d(this.params)]};this.setByParam=function(f){this.params=f};if(e!=undefined){this.setByParam(e)}};extendClass(KJUR.asn1.cades.SignaturePolicyIdentifier,KJUR.asn1.cms.Attribute);KJUR.asn1.cades.SignaturePolicyId=function(e){var a=KJUR,g=a.asn1,f=g.DERSequence,i=g.DERObjectIdentifier,d=g.x509,j=d.AlgorithmIdentifier,c=g.cades,h=c.SignaturePolicyId,b=c.OtherHashAlgAndValue;h.superclass.constructor.call(this);this.params=null;this.tohex=function(){var m=this.params;var k=[];k.push(new i(m.oid));k.push(new b(m));var l=new f({array:k});return l.tohex()};this.getEncodedHex=function(){return this.tohex()};this.setByParam=function(k){this.params=k};if(e!=undefined){this.setByParam(e)}};extendClass(KJUR.asn1.cades.SignaturePolicyId,KJUR.asn1.ASN1Object);KJUR.asn1.cades.OtherHashAlgAndValue=function(e){var h=Error,a=KJUR,g=a.asn1,f=g.DERSequence,i=g.DEROctetString,d=g.x509,j=d.AlgorithmIdentifier,c=g.cades,b=c.OtherHashAlgAndValue;b.superclass.constructor.call(this);this.params=null;this.tohex=function(){var o=this.params;if(o.alg==undefined){throw new h("property 'alg' not specified")}if(o.hash==undefined&&o.cert==undefined){throw new h("property 'hash' nor 'cert' not specified")}var m=null;if(o.hash!=undefined){m=o.hash}else{if(o.cert!=undefined){if(typeof o.cert!="string"){throw new h("cert not string")}var n=o.cert;if(o.cert.indexOf("-----BEGIN")!=-1){n=pemtohex(o.cert)}m=KJUR.crypto.Util.hashHex(n,o.alg)}}var k=[];k.push(new j({name:o.alg}));k.push(new i({hex:m}));var l=new f({array:k});return l.tohex()};this.getEncodedHex=function(){return this.tohex()};if(e!=undefined){this.setByParam(e)}};extendClass(KJUR.asn1.cades.OtherHashAlgAndValue,KJUR.asn1.ASN1Object);KJUR.asn1.cades.OtherHashValue=function(g){KJUR.asn1.cades.OtherHashValue.superclass.constructor.call(this);var d=Error,c=KJUR,f=c.lang.String.isHex,b=c.asn1,e=b.DEROctetString,a=c.crypto.Util.hashHex;this.params=null;this.tohex=function(){var j=this.params;if(j.hash==undefined&&j.cert==undefined){throw new d("hash or cert not specified")}var h=null;if(j.hash!=undefined){h=j.hash}else{if(j.cert!=undefined){if(typeof j.cert!="string"){throw new d("cert not string")}var i=j.cert;if(j.cert.indexOf("-----BEGIN")!=-1){i=pemtohex(j.cert)}h=KJUR.crypto.Util.hashHex(i,"sha1")}}return(new e({hex:h})).tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!=undefined){this.setByParam(g)}};extendClass(KJUR.asn1.cades.OtherHashValue,KJUR.asn1.ASN1Object);KJUR.asn1.cades.SignatureTimeStamp=function(h){var d=Error,c=KJUR,f=c.lang.String.isHex,b=c.asn1,e=b.ASN1Object,g=b.x509,a=b.cades;a.SignatureTimeStamp.superclass.constructor.call(this);this.typeOid="1.2.840.113549.1.9.16.2.14";this.params=null;this.getValueArray=function(){var l=this.params;if(l.tst!=undefined){if(f(l.tst)){var j=new e();j.hTLV=l.tst;return[j]}else{if(l.tst instanceof e){return[l.tst]}else{throw new d("params.tst has wrong value")}}}else{if(l.res!=undefined){var k=l.res;if(k instanceof e){k=k.tohex()}if(typeof k!="string"||(!f(k))){throw new d("params.res has wrong value")}var i=ASN1HEX.getTLVbyList(k,0,[1]);var j=new e();j.hTLV=l.tst;return[j]}}};if(h!=null){this.setByParam(h)}};extendClass(KJUR.asn1.cades.SignatureTimeStamp,KJUR.asn1.cms.Attribute);KJUR.asn1.cades.CompleteCertificateRefs=function(h){var f=Error,e=KJUR,d=e.asn1,b=d.DERSequence,c=d.cades,a=c.OtherCertID,g=e.lang.String.isHex;c.CompleteCertificateRefs.superclass.constructor.call(this);this.typeOid="1.2.840.113549.1.9.16.2.21";this.params=null;this.getValueArray=function(){var o=this.params;var k=[];for(var m=0;m<o.array.length;m++){var n=o.array[m];if(typeof n=="string"){if(n.indexOf("-----BEGIN")!=-1){n={cert:n}}else{if(g(n)){n={hash:n}}else{throw new f("unsupported value: "+n)}}}if(o.alg!=undefined&&n.alg==undefined){n.alg=o.alg}if(o.hasis!=undefined&&n.hasis==undefined){n.hasis=o.hasis}var j=new a(n);k.push(j)}var l=new b({array:k});return[l]};if(h!=undefined){this.setByParam(h)}};extendClass(KJUR.asn1.cades.CompleteCertificateRefs,KJUR.asn1.cms.Attribute);KJUR.asn1.cades.OtherCertID=function(e){var a=KJUR,h=a.asn1,f=h.DERSequence,i=h.cms,g=i.IssuerSerial,c=h.cades,d=c.OtherHashValue,b=c.OtherHashAlgAndValue;c.OtherCertID.superclass.constructor.call(this);this.params=e;this.tohex=function(){var n=this.params;if(typeof n=="string"){if(n.indexOf("-----BEGIN")!=-1){n={cert:n}}else{if(_isHex(n)){n={hash:n}}}}var j=[];var m=null;if(n.alg!=undefined){m=new b(n)}else{m=new d(n)}j.push(m);if((n.cert!=undefined&&n.hasis==true)||(n.issuer!=undefined&&n.serial!=undefined)){var l=new g(n);j.push(l)}var k=new f({array:j});return k.tohex()};this.getEncodedHex=function(){return this.tohex()};if(e!=undefined){this.setByParam(e)}};extendClass(KJUR.asn1.cades.OtherCertID,KJUR.asn1.ASN1Object);KJUR.asn1.cades.OtherHash=function(g){var i=Error,a=KJUR,h=a.asn1,j=h.cms,c=h.cades,b=c.OtherHashAlgAndValue,e=c.OtherHashValue,d=a.crypto.Util.hashHex,f=a.lang.String.isHex;c.OtherHash.superclass.constructor.call(this);this.params=null;this.tohex=function(){var l=this.params;if(typeof l=="string"){if(l.indexOf("-----BEGIN")!=-1){l={cert:l}}else{if(f(l)){l={hash:l}}}}var k=null;if(l.alg!=undefined){k=new b(l)}else{k=new e(l)}return k.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!=undefined){this.setByParam(g)}};extendClass(KJUR.asn1.cades.OtherHash,KJUR.asn1.ASN1Object);KJUR.asn1.cades.CAdESUtil=new function(){};KJUR.asn1.cades.CAdESUtil.parseSignedDataForAddingUnsigned=function(a){var c=new KJUR.asn1.cms.CMSParser();var b=c.getCMSSignedData(a);return b};KJUR.asn1.cades.CAdESUtil.parseSignerInfoForAddingUnsigned=function(g,q,c){var p=ASN1HEX,s=p.getChildIdx,a=p.getTLV,l=p.getV,v=KJUR,h=v.asn1,n=h.ASN1Object,j=h.cms,k=j.AttributeList,w=j.SignerInfo;var o={};var t=s(g,q);if(t.length!=6){throw"not supported items for SignerInfo (!=6)"}var d=t.shift();o.version=a(g,d);var e=t.shift();o.si=a(g,e);var m=t.shift();o.digalg=a(g,m);var f=t.shift();o.sattrs=a(g,f);var i=t.shift();o.sigalg=a(g,i);var b=t.shift();o.sig=a(g,b);o.sigval=l(g,b);var u=null;o.obj=new w();u=new n();u.hTLV=o.version;o.obj.dCMSVersion=u;u=new n();u.hTLV=o.si;o.obj.dSignerIdentifier=u;u=new n();u.hTLV=o.digalg;o.obj.dDigestAlgorithm=u;u=new n();u.hTLV=o.sattrs;o.obj.dSignedAttrs=u;u=new n();u.hTLV=o.sigalg;o.obj.dSigAlg=u;u=new n();u.hTLV=o.sig;o.obj.dSig=u;o.obj.dUnsignedAttrs=new k();return o};
@@ -233,7 +233,7 @@ if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.crypto=="undefined"||
 var KEYUTIL=function(){var d=function(p,r,q){return k(CryptoJS.AES,p,r,q)};var e=function(p,r,q){return k(CryptoJS.TripleDES,p,r,q)};var a=function(p,r,q){return k(CryptoJS.DES,p,r,q)};var k=function(s,x,u,q){var r=CryptoJS.enc.Hex.parse(x);var w=CryptoJS.enc.Hex.parse(u);var p=CryptoJS.enc.Hex.parse(q);var t={};t.key=w;t.iv=p;t.ciphertext=r;var v=s.decrypt(t,w,{iv:p});return CryptoJS.enc.Hex.stringify(v)};var l=function(p,r,q){return g(CryptoJS.AES,p,r,q)};var o=function(p,r,q){return g(CryptoJS.TripleDES,p,r,q)};var f=function(p,r,q){return g(CryptoJS.DES,p,r,q)};var g=function(t,y,v,q){var s=CryptoJS.enc.Hex.parse(y);var x=CryptoJS.enc.Hex.parse(v);var p=CryptoJS.enc.Hex.parse(q);var w=t.encrypt(s,x,{iv:p});var r=CryptoJS.enc.Hex.parse(w.toString());var u=CryptoJS.enc.Base64.stringify(r);return u};var i={"AES-256-CBC":{proc:d,eproc:l,keylen:32,ivlen:16},"AES-192-CBC":{proc:d,eproc:l,keylen:24,ivlen:16},"AES-128-CBC":{proc:d,eproc:l,keylen:16,ivlen:16},"DES-EDE3-CBC":{proc:e,eproc:o,keylen:24,ivlen:8},"DES-CBC":{proc:a,eproc:f,keylen:8,ivlen:8}};var c=function(p){return i[p]["proc"]};var m=function(p){var r=CryptoJS.lib.WordArray.random(p);var q=CryptoJS.enc.Hex.stringify(r);return q};var n=function(v){var w={};var q=v.match(new RegExp("DEK-Info: ([^,]+),([0-9A-Fa-f]+)","m"));if(q){w.cipher=q[1];w.ivsalt=q[2]}var p=v.match(new RegExp("-----BEGIN ([A-Z]+) PRIVATE KEY-----"));if(p){w.type=p[1]}var u=-1;var x=0;if(v.indexOf("\r\n\r\n")!=-1){u=v.indexOf("\r\n\r\n");x=2}if(v.indexOf("\n\n")!=-1){u=v.indexOf("\n\n");x=1}var t=v.indexOf("-----END");if(u!=-1&&t!=-1){var r=v.substring(u+x*2,t-x);r=r.replace(/\s+/g,"");w.data=r}return w};var j=function(q,y,p){var v=p.substring(0,16);var t=CryptoJS.enc.Hex.parse(v);var r=CryptoJS.enc.Utf8.parse(y);var u=i[q]["keylen"]+i[q]["ivlen"];var x="";var w=null;for(;;){var s=CryptoJS.algo.MD5.create();if(w!=null){s.update(w)}s.update(r);s.update(t);w=s.finalize();x=x+CryptoJS.enc.Hex.stringify(w);if(x.length>=u*2){break}}var z={};z.keyhex=x.substr(0,i[q]["keylen"]*2);z.ivhex=x.substr(i[q]["keylen"]*2,i[q]["ivlen"]*2);return z};var b=function(p,v,r,w){var s=CryptoJS.enc.Base64.parse(p);var q=CryptoJS.enc.Hex.stringify(s);var u=i[v]["proc"];var t=u(q,r,w);return t};var h=function(p,s,q,u){var r=i[s]["eproc"];var t=r(p,q,u);return t};return{version:"1.0.0",parsePKCS5PEM:function(p){return n(p)},getKeyAndUnusedIvByPasscodeAndIvsalt:function(q,p,r){return j(q,p,r)},decryptKeyB64:function(p,r,q,s){return b(p,r,q,s)},getDecryptedKeyHex:function(y,x){var q=n(y);var t=q.type;var r=q.cipher;var p=q.ivsalt;var s=q.data;var w=j(r,x,p);var v=w.keyhex;var u=b(s,r,v,p);return u},getEncryptedPKCS5PEMFromPrvKeyHex:function(x,s,A,t,r){var p="";if(typeof t=="undefined"||t==null){t="AES-256-CBC"}if(typeof i[t]=="undefined"){throw new Error("KEYUTIL unsupported algorithm: "+t)}if(typeof r=="undefined"||r==null){var v=i[t]["ivlen"];var u=m(v);r=u.toUpperCase()}var z=j(t,A,r);var y=z.keyhex;var w=h(s,t,y,r);var q=w.replace(/(.{64})/g,"$1\r\n");var p="-----BEGIN "+x+" PRIVATE KEY-----\r\n";p+="Proc-Type: 4,ENCRYPTED\r\n";p+="DEK-Info: "+t+","+r+"\r\n";p+="\r\n";p+=q;p+="\r\n-----END "+x+" PRIVATE KEY-----\r\n";return p},parseHexOfEncryptedPKCS8:function(y){var B=ASN1HEX;var z=B.getChildIdx;var w=B.getV;var t={};var r=z(y,0);if(r.length!=2){throw new Error("malformed format: SEQUENCE(0).items != 2: "+r.length)}t.ciphertext=w(y,r[1]);var A=z(y,r[0]);if(A.length!=2){throw new Error("malformed format: SEQUENCE(0.0).items != 2: "+A.length)}if(w(y,A[0])!="2a864886f70d01050d"){throw new Error("this only supports pkcs5PBES2")}var p=z(y,A[1]);if(A.length!=2){throw new Error("malformed format: SEQUENCE(0.0.1).items != 2: "+p.length)}var q=z(y,p[1]);if(q.length!=2){throw new Error("malformed format: SEQUENCE(0.0.1.1).items != 2: "+q.length)}if(w(y,q[0])!="2a864886f70d0307"){throw"this only supports TripleDES"}t.encryptionSchemeAlg="TripleDES";t.encryptionSchemeIV=w(y,q[1]);var s=z(y,p[0]);if(s.length!=2){throw new Error("malformed format: SEQUENCE(0.0.1.0).items != 2: "+s.length)}if(w(y,s[0])!="2a864886f70d01050c"){throw new Error("this only supports pkcs5PBKDF2")}var x=z(y,s[1]);if(x.length<2){throw new Error("malformed format: SEQUENCE(0.0.1.0.1).items < 2: "+x.length)}t.pbkdf2Salt=w(y,x[0]);var u=w(y,x[1]);try{t.pbkdf2Iter=parseInt(u,16)}catch(v){throw new Error("malformed format pbkdf2Iter: "+u)}return t},getPBKDF2KeyHexFromParam:function(u,p){var t=CryptoJS.enc.Hex.parse(u.pbkdf2Salt);var q=u.pbkdf2Iter;var s=CryptoJS.PBKDF2(p,t,{keySize:192/32,iterations:q});var r=CryptoJS.enc.Hex.stringify(s);return r},_getPlainPKCS8HexFromEncryptedPKCS8PEM:function(x,y){var r=pemtohex(x,"ENCRYPTED PRIVATE KEY");var p=this.parseHexOfEncryptedPKCS8(r);var u=KEYUTIL.getPBKDF2KeyHexFromParam(p,y);var v={};v.ciphertext=CryptoJS.enc.Hex.parse(p.ciphertext);var t=CryptoJS.enc.Hex.parse(u);var s=CryptoJS.enc.Hex.parse(p.encryptionSchemeIV);var w=CryptoJS.TripleDES.decrypt(v,t,{iv:s});var q=CryptoJS.enc.Hex.stringify(w);return q},getKeyFromEncryptedPKCS8PEM:function(s,q){var p=this._getPlainPKCS8HexFromEncryptedPKCS8PEM(s,q);var r=this.getKeyFromPlainPrivatePKCS8Hex(p);return r},parsePlainPrivatePKCS8Hex:function(s){var v=ASN1HEX;var u=v.getChildIdx;var t=v.getV;var q={};q.algparam=null;if(s.substr(0,2)!="30"){throw new Error("malformed plain PKCS8 private key(code:001)")}var r=u(s,0);if(r.length<3){throw new Error("malformed plain PKCS8 private key(code:002)")}if(s.substr(r[1],2)!="30"){throw new Error("malformed PKCS8 private key(code:003)")}var p=u(s,r[1]);if(p.length!=2){throw new Error("malformed PKCS8 private key(code:004)")}if(s.substr(p[0],2)!="06"){throw new Error("malformed PKCS8 private key(code:005)")}q.algoid=t(s,p[0]);if(s.substr(p[1],2)=="06"){q.algparam=t(s,p[1])}if(s.substr(r[2],2)!="04"){throw new Error("malformed PKCS8 private key(code:006)")}q.keyidx=v.getVidx(s,r[2]);return q},getKeyFromPlainPrivatePKCS8PEM:function(q){var p=pemtohex(q,"PRIVATE KEY");var r=this.getKeyFromPlainPrivatePKCS8Hex(p);return r},getKeyFromPlainPrivatePKCS8Hex:function(p){var q=this.parsePlainPrivatePKCS8Hex(p);var r;if(q.algoid=="2a864886f70d010101"){r=new RSAKey()}else{if(q.algoid=="2a8648ce380401"){r=new KJUR.crypto.DSA()}else{if(q.algoid=="2a8648ce3d0201"){r=new KJUR.crypto.ECDSA()}else{throw new Error("unsupported private key algorithm")}}}r.readPKCS8PrvKeyHex(p);return r},_getKeyFromPublicPKCS8Hex:function(q){var p;var r=ASN1HEX.getVbyList(q,0,[0,0],"06");if(r==="2a864886f70d010101"){p=new RSAKey()}else{if(r==="2a8648ce380401"){p=new KJUR.crypto.DSA()}else{if(r==="2a8648ce3d0201"){p=new KJUR.crypto.ECDSA()}else{throw new Error("unsupported PKCS#8 public key hex")}}}p.readPKCS8PubKeyHex(q);return p},parsePublicRawRSAKeyHex:function(r){var u=ASN1HEX;var t=u.getChildIdx;var s=u.getV;var p={};if(r.substr(0,2)!="30"){throw new Error("malformed RSA key(code:001)")}var q=t(r,0);if(q.length!=2){throw new Error("malformed RSA key(code:002)")}if(r.substr(q[0],2)!="02"){throw new Error("malformed RSA key(code:003)")}p.n=s(r,q[0]);if(r.substr(q[1],2)!="02"){throw new Error("malformed RSA key(code:004)")}p.e=s(r,q[1]);return p},parsePublicPKCS8Hex:function(t){var v=ASN1HEX;var u=v.getChildIdx;var s=v.getV;var q={};q.algparam=null;var r=u(t,0);if(r.length!=2){throw new Error("outer DERSequence shall have 2 elements: "+r.length)}var w=r[0];if(t.substr(w,2)!="30"){throw new Error("malformed PKCS8 public key(code:001)")}var p=u(t,w);if(p.length!=2){throw new Error("malformed PKCS8 public key(code:002)")}if(t.substr(p[0],2)!="06"){throw new Error("malformed PKCS8 public key(code:003)")}q.algoid=s(t,p[0]);if(t.substr(p[1],2)=="06"){q.algparam=s(t,p[1])}else{if(t.substr(p[1],2)=="30"){q.algparam={};q.algparam.p=v.getVbyList(t,p[1],[0],"02");q.algparam.q=v.getVbyList(t,p[1],[1],"02");q.algparam.g=v.getVbyList(t,p[1],[2],"02")}}if(t.substr(r[1],2)!="03"){throw new Error("malformed PKCS8 public key(code:004)")}q.key=s(t,r[1]).substr(2);return q},}}();KEYUTIL.getKey=function(l,k,n){var G=ASN1HEX,L=G.getChildIdx,v=G.getV,d=G.getVbyList,c=KJUR.crypto,i=c.ECDSA,C=c.DSA,w=RSAKey,M=pemtohex,F=KEYUTIL;if(typeof w!="undefined"&&l instanceof w){return l}if(typeof i!="undefined"&&l instanceof i){return l}if(typeof C!="undefined"&&l instanceof C){return l}if(l.curve!==undefined&&l.xy!==undefined&&l.d===undefined){return new i({pub:l.xy,curve:l.curve})}if(l.curve!==undefined&&l.d!==undefined){return new i({prv:l.d,curve:l.curve})}if(l.kty===undefined&&l.n!==undefined&&l.e!==undefined&&l.d===undefined){var P=new w();P.setPublic(l.n,l.e);return P}if(l.kty===undefined&&l.n!==undefined&&l.e!==undefined&&l.d!==undefined&&l.p!==undefined&&l.q!==undefined&&l.dp!==undefined&&l.dq!==undefined&&l.co!==undefined&&l.qi===undefined){var P=new w();P.setPrivateEx(l.n,l.e,l.d,l.p,l.q,l.dp,l.dq,l.co);return P}if(l.kty===undefined&&l.n!==undefined&&l.e!==undefined&&l.d!==undefined&&l.p===undefined){var P=new w();P.setPrivate(l.n,l.e,l.d);return P}if(l.p!==undefined&&l.q!==undefined&&l.g!==undefined&&l.y!==undefined&&l.x===undefined){var P=new C();P.setPublic(l.p,l.q,l.g,l.y);return P}if(l.p!==undefined&&l.q!==undefined&&l.g!==undefined&&l.y!==undefined&&l.x!==undefined){var P=new C();P.setPrivate(l.p,l.q,l.g,l.y,l.x);return P}if(l.kty==="RSA"&&l.n!==undefined&&l.e!==undefined&&l.d===undefined){var P=new w();P.setPublic(b64utohex(l.n),b64utohex(l.e));return P}if(l.kty==="RSA"&&l.n!==undefined&&l.e!==undefined&&l.d!==undefined&&l.p!==undefined&&l.q!==undefined&&l.dp!==undefined&&l.dq!==undefined&&l.qi!==undefined){var P=new w();P.setPrivateEx(b64utohex(l.n),b64utohex(l.e),b64utohex(l.d),b64utohex(l.p),b64utohex(l.q),b64utohex(l.dp),b64utohex(l.dq),b64utohex(l.qi));return P}if(l.kty==="RSA"&&l.n!==undefined&&l.e!==undefined&&l.d!==undefined){var P=new w();P.setPrivate(b64utohex(l.n),b64utohex(l.e),b64utohex(l.d));return P}if(l.kty==="EC"&&l.crv!==undefined&&l.x!==undefined&&l.y!==undefined&&l.d===undefined){var j=new i({curve:l.crv});var t=j.ecparams.keycharlen;var B=("0000000000"+b64utohex(l.x)).slice(-t);var z=("0000000000"+b64utohex(l.y)).slice(-t);var u="04"+B+z;j.setPublicKeyHex(u);return j}if(l.kty==="EC"&&l.crv!==undefined&&l.x!==undefined&&l.y!==undefined&&l.d!==undefined){var j=new i({curve:l.crv});var t=j.ecparams.keycharlen;var B=("0000000000"+b64utohex(l.x)).slice(-t);var z=("0000000000"+b64utohex(l.y)).slice(-t);var u="04"+B+z;var b=("0000000000"+b64utohex(l.d)).slice(-t);j.setPublicKeyHex(u);j.setPrivateKeyHex(b);return j}if(n==="pkcs5prv"){var J=l,G=ASN1HEX,N,P;N=L(J,0);if(N.length===9){P=new w();P.readPKCS5PrvKeyHex(J)}else{if(N.length===6){P=new C();P.readPKCS5PrvKeyHex(J)}else{if(N.length>2&&J.substr(N[1],2)==="04"){P=new i();P.readPKCS5PrvKeyHex(J)}else{throw new Error("unsupported PKCS#1/5 hexadecimal key")}}}return P}if(n==="pkcs8prv"){var P=F.getKeyFromPlainPrivatePKCS8Hex(l);return P}if(n==="pkcs8pub"){return F._getKeyFromPublicPKCS8Hex(l)}if(n==="x509pub"){return X509.getPublicKeyFromCertHex(l)}if(l.indexOf("-END CERTIFICATE-",0)!=-1||l.indexOf("-END X509 CERTIFICATE-",0)!=-1||l.indexOf("-END TRUSTED CERTIFICATE-",0)!=-1){return X509.getPublicKeyFromCertPEM(l)}if(l.indexOf("-END PUBLIC KEY-")!=-1){var O=pemtohex(l,"PUBLIC KEY");return F._getKeyFromPublicPKCS8Hex(O)}if(l.indexOf("-END RSA PRIVATE KEY-")!=-1&&l.indexOf("4,ENCRYPTED")==-1){var m=M(l,"RSA PRIVATE KEY");return F.getKey(m,null,"pkcs5prv")}if(l.indexOf("-END DSA PRIVATE KEY-")!=-1&&l.indexOf("4,ENCRYPTED")==-1){var I=M(l,"DSA PRIVATE KEY");var E=d(I,0,[1],"02");var D=d(I,0,[2],"02");var K=d(I,0,[3],"02");var r=d(I,0,[4],"02");var s=d(I,0,[5],"02");var P=new C();P.setPrivate(new BigInteger(E,16),new BigInteger(D,16),new BigInteger(K,16),new BigInteger(r,16),new BigInteger(s,16));return P}if(l.indexOf("-END EC PRIVATE KEY-")!=-1&&l.indexOf("4,ENCRYPTED")==-1){var m=M(l,"EC PRIVATE KEY");return F.getKey(m,null,"pkcs5prv")}if(l.indexOf("-END PRIVATE KEY-")!=-1){return F.getKeyFromPlainPrivatePKCS8PEM(l)}if(l.indexOf("-END RSA PRIVATE KEY-")!=-1&&l.indexOf("4,ENCRYPTED")!=-1){var o=F.getDecryptedKeyHex(l,k);var H=new RSAKey();H.readPKCS5PrvKeyHex(o);return H}if(l.indexOf("-END EC PRIVATE KEY-")!=-1&&l.indexOf("4,ENCRYPTED")!=-1){var I=F.getDecryptedKeyHex(l,k);var P=d(I,0,[1],"04");var f=d(I,0,[2,0],"06");var A=d(I,0,[3,0],"03").substr(2);var e="";if(KJUR.crypto.OID.oidhex2name[f]!==undefined){e=KJUR.crypto.OID.oidhex2name[f]}else{throw new Error("undefined OID(hex) in KJUR.crypto.OID: "+f)}var j=new i({curve:e});j.setPublicKeyHex(A);j.setPrivateKeyHex(P);j.isPublic=false;return j}if(l.indexOf("-END DSA PRIVATE KEY-")!=-1&&l.indexOf("4,ENCRYPTED")!=-1){var I=F.getDecryptedKeyHex(l,k);var E=d(I,0,[1],"02");var D=d(I,0,[2],"02");var K=d(I,0,[3],"02");var r=d(I,0,[4],"02");var s=d(I,0,[5],"02");var P=new C();P.setPrivate(new BigInteger(E,16),new BigInteger(D,16),new BigInteger(K,16),new BigInteger(r,16),new BigInteger(s,16));return P}if(l.indexOf("-END ENCRYPTED PRIVATE KEY-")!=-1){return F.getKeyFromEncryptedPKCS8PEM(l,k)}throw new Error("not supported argument")};KEYUTIL.generateKeypair=function(a,c){if(a=="RSA"){var b=c;var h=new RSAKey();h.generate(b,"10001");h.isPrivate=true;h.isPublic=true;var f=new RSAKey();var e=h.n.toString(16);var i=h.e.toString(16);f.setPublic(e,i);f.isPrivate=false;f.isPublic=true;var k={};k.prvKeyObj=h;k.pubKeyObj=f;return k}else{if(a=="EC"){var d=c;var g=new KJUR.crypto.ECDSA({curve:d});var j=g.generateKeyPairHex();var h=new KJUR.crypto.ECDSA({curve:d});h.setPublicKeyHex(j.ecpubhex);h.setPrivateKeyHex(j.ecprvhex);h.isPrivate=true;h.isPublic=false;var f=new KJUR.crypto.ECDSA({curve:d});f.setPublicKeyHex(j.ecpubhex);f.isPrivate=false;f.isPublic=true;var k={};k.prvKeyObj=h;k.pubKeyObj=f;return k}else{throw new Error("unknown algorithm: "+a)}}};KEYUTIL.getPEM=function(b,D,y,m,q,j){var F=KJUR,k=F.asn1,z=k.DERObjectIdentifier,f=k.DERInteger,l=k.ASN1Util.newObject,a=k.x509,C=a.SubjectPublicKeyInfo,e=F.crypto,u=e.DSA,r=e.ECDSA,n=RSAKey;function A(s){var H=l({seq:[{"int":0},{"int":{bigint:s.n}},{"int":s.e},{"int":{bigint:s.d}},{"int":{bigint:s.p}},{"int":{bigint:s.q}},{"int":{bigint:s.dmp1}},{"int":{bigint:s.dmq1}},{"int":{bigint:s.coeff}}]});return H}function B(H){var s=l({seq:[{"int":1},{octstr:{hex:H.prvKeyHex}},{tag:["a0",true,{oid:{name:H.curveName}}]},{tag:["a1",true,{bitstr:{hex:"00"+H.pubKeyHex}}]}]});return s}function x(s){var H=l({seq:[{"int":0},{"int":{bigint:s.p}},{"int":{bigint:s.q}},{"int":{bigint:s.g}},{"int":{bigint:s.y}},{"int":{bigint:s.x}}]});return H}if(((n!==undefined&&b instanceof n)||(u!==undefined&&b instanceof u)||(r!==undefined&&b instanceof r))&&b.isPublic==true&&(D===undefined||D=="PKCS8PUB")){var E=new C(b);var w=E.tohex();return hextopem(w,"PUBLIC KEY")}if(D=="PKCS1PRV"&&n!==undefined&&b instanceof n&&(y===undefined||y==null)&&b.isPrivate==true){var E=A(b);var w=E.tohex();return hextopem(w,"RSA PRIVATE KEY")}if(D=="PKCS1PRV"&&r!==undefined&&b instanceof r&&(y===undefined||y==null)&&b.isPrivate==true){var i=new z({name:b.curveName});var v=i.tohex();var h=B(b);var t=h.tohex();var p="";p+=hextopem(v,"EC PARAMETERS");p+=hextopem(t,"EC PRIVATE KEY");return p}if(D=="PKCS1PRV"&&u!==undefined&&b instanceof u&&(y===undefined||y==null)&&b.isPrivate==true){var E=x(b);var w=E.tohex();return hextopem(w,"DSA PRIVATE KEY")}if(D=="PKCS5PRV"&&n!==undefined&&b instanceof n&&(y!==undefined&&y!=null)&&b.isPrivate==true){var E=A(b);var w=E.tohex();if(m===undefined){m="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA",w,y,m,j)}if(D=="PKCS5PRV"&&r!==undefined&&b instanceof r&&(y!==undefined&&y!=null)&&b.isPrivate==true){var E=B(b);var w=E.tohex();if(m===undefined){m="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("EC",w,y,m,j)}if(D=="PKCS5PRV"&&u!==undefined&&b instanceof u&&(y!==undefined&&y!=null)&&b.isPrivate==true){var E=x(b);var w=E.tohex();if(m===undefined){m="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("DSA",w,y,m,j)}var o=function(H,s){var J=c(H,s);var I=new l({seq:[{seq:[{oid:{name:"pkcs5PBES2"}},{seq:[{seq:[{oid:{name:"pkcs5PBKDF2"}},{seq:[{octstr:{hex:J.pbkdf2Salt}},{"int":J.pbkdf2Iter}]}]},{seq:[{oid:{name:"des-EDE3-CBC"}},{octstr:{hex:J.encryptionSchemeIV}}]}]}]},{octstr:{hex:J.ciphertext}}]});return I.tohex()};var c=function(O,P){var I=100;var N=CryptoJS.lib.WordArray.random(8);var M="DES-EDE3-CBC";var s=CryptoJS.lib.WordArray.random(8);var J=CryptoJS.PBKDF2(P,N,{keySize:192/32,iterations:I});var K=CryptoJS.enc.Hex.parse(O);var L=CryptoJS.TripleDES.encrypt(K,J,{iv:s})+"";var H={};H.ciphertext=L;H.pbkdf2Salt=CryptoJS.enc.Hex.stringify(N);H.pbkdf2Iter=I;H.encryptionSchemeAlg=M;H.encryptionSchemeIV=CryptoJS.enc.Hex.stringify(s);return H};if(D=="PKCS8PRV"&&n!=undefined&&b instanceof n&&b.isPrivate==true){var g=A(b);var d=g.tohex();var E=l({seq:[{"int":0},{seq:[{oid:{name:"rsaEncryption"}},{"null":true}]},{octstr:{hex:d}}]});var w=E.tohex();if(y===undefined||y==null){return hextopem(w,"PRIVATE KEY")}else{var t=o(w,y);return hextopem(t,"ENCRYPTED PRIVATE KEY")}}if(D=="PKCS8PRV"&&r!==undefined&&b instanceof r&&b.isPrivate==true){var G={seq:[{"int":1},{octstr:{hex:b.prvKeyHex}}]};if(typeof b.pubKeyHex=="string"){G.seq.push({tag:["a1",true,{bitstr:{hex:"00"+b.pubKeyHex}}]})}var g=new l(G);var d=g.tohex();var E=l({seq:[{"int":0},{seq:[{oid:{name:"ecPublicKey"}},{oid:{name:b.curveName}}]},{octstr:{hex:d}}]});var w=E.tohex();if(y===undefined||y==null){return hextopem(w,"PRIVATE KEY")}else{var t=o(w,y);return hextopem(t,"ENCRYPTED PRIVATE KEY")}}if(D=="PKCS8PRV"&&u!==undefined&&b instanceof u&&b.isPrivate==true){var g=new f({bigint:b.x});var d=g.tohex();var E=l({seq:[{"int":0},{seq:[{oid:{name:"dsa"}},{seq:[{"int":{bigint:b.p}},{"int":{bigint:b.q}},{"int":{bigint:b.g}}]}]},{octstr:{hex:d}}]});var w=E.tohex();if(y===undefined||y==null){return hextopem(w,"PRIVATE KEY")}else{var t=o(w,y);return hextopem(t,"ENCRYPTED PRIVATE KEY")}}throw new Error("unsupported object nor format")};KEYUTIL.getKeyFromCSRPEM=function(b){var a=pemtohex(b,"CERTIFICATE REQUEST");var c=KEYUTIL.getKeyFromCSRHex(a);return c};KEYUTIL.getKeyFromCSRHex=function(a){var c=KEYUTIL.parseCSRHex(a);var b=KEYUTIL.getKey(c.p8pubkeyhex,null,"pkcs8pub");return b};KEYUTIL.parseCSRHex=function(d){var i=ASN1HEX;var f=i.getChildIdx;var c=i.getTLV;var b={};var g=d;if(g.substr(0,2)!="30"){throw new Error("malformed CSR(code:001)")}var e=f(g,0);if(e.length<1){throw new Error("malformed CSR(code:002)")}if(g.substr(e[0],2)!="30"){throw new Error("malformed CSR(code:003)")}var a=f(g,e[0]);if(a.length<3){throw new Error("malformed CSR(code:004)")}b.p8pubkeyhex=c(g,a[2]);return b};KEYUTIL.getKeyID=function(f){var c=KEYUTIL;var e=ASN1HEX;if(typeof f==="string"&&f.indexOf("BEGIN ")!=-1){f=c.getKey(f)}var d=pemtohex(c.getPEM(f));var b=e.getIdxbyList(d,0,[1]);var a=e.getV(d,b).substring(2);return KJUR.crypto.Util.hashHex(a,"sha1")};KEYUTIL.getJWK=function(d,h,g,b,f){var i;var k={};var e;var c=KJUR.crypto.Util.hashHex;if(typeof d=="string"){i=KEYUTIL.getKey(d);if(d.indexOf("CERTIFICATE")!=-1){e=pemtohex(d)}}else{if(typeof d=="object"){if(d instanceof X509){i=d.getPublicKey();e=d.hex}else{i=d}}else{throw new Error("unsupported keyinfo type")}}if(i instanceof RSAKey&&i.isPrivate){k.kty="RSA";k.n=hextob64u(i.n.toString(16));k.e=hextob64u(i.e.toString(16));k.d=hextob64u(i.d.toString(16));k.p=hextob64u(i.p.toString(16));k.q=hextob64u(i.q.toString(16));k.dp=hextob64u(i.dmp1.toString(16));k.dq=hextob64u(i.dmq1.toString(16));k.qi=hextob64u(i.coeff.toString(16))}else{if(i instanceof RSAKey&&i.isPublic){k.kty="RSA";k.n=hextob64u(i.n.toString(16));k.e=hextob64u(i.e.toString(16))}else{if(i instanceof KJUR.crypto.ECDSA&&i.isPrivate){var a=i.getShortNISTPCurveName();if(a!=="P-256"&&a!=="P-384"&&a!=="P-521"){throw new Error("unsupported curve name for JWT: "+a)}var j=i.getPublicKeyXYHex();k.kty="EC";k.crv=a;k.x=hextob64u(j.x);k.y=hextob64u(j.y);k.d=hextob64u(i.prvKeyHex)}else{if(i instanceof KJUR.crypto.ECDSA&&i.isPublic){var a=i.getShortNISTPCurveName();if(a!=="P-256"&&a!=="P-384"&&a!=="P-521"){throw new Error("unsupported curve name for JWT: "+a)}var j=i.getPublicKeyXYHex();k.kty="EC";k.crv=a;k.x=hextob64u(j.x);k.y=hextob64u(j.y)}}}}if(k.kty==undefined){throw new Error("unsupported keyinfo")}if((!i.isPrivate)&&h!=true){k.kid=KJUR.jws.JWS.getJWKthumbprint(k)}if(e!=undefined&&g!=true){k.x5c=[hex2b64(e)]}if(e!=undefined&&b!=true){k.x5t=b64tob64u(hex2b64(c(e,"sha1")))}if(e!=undefined&&f!=true){k["x5t#S256"]=b64tob64u(hex2b64(c(e,"sha256")))}return k};KEYUTIL.getJWKFromKey=function(a){return KEYUTIL.getJWK(a,true,true,true,true)};
 RSAKey.getPosArrayOfChildrenFromHex=function(a){return ASN1HEX.getChildIdx(a,0)};RSAKey.getHexValueArrayOfChildrenFromHex=function(f){var n=ASN1HEX;var i=n.getV;var k=RSAKey.getPosArrayOfChildrenFromHex(f);var e=i(f,k[0]);var j=i(f,k[1]);var b=i(f,k[2]);var c=i(f,k[3]);var h=i(f,k[4]);var g=i(f,k[5]);var m=i(f,k[6]);var l=i(f,k[7]);var d=i(f,k[8]);var k=new Array();k.push(e,j,b,c,h,g,m,l,d);return k};RSAKey.prototype.readPrivateKeyFromPEMString=function(d){var c=pemtohex(d);var b=RSAKey.getHexValueArrayOfChildrenFromHex(c);this.setPrivateEx(b[1],b[2],b[3],b[4],b[5],b[6],b[7],b[8])};RSAKey.prototype.readPKCS5PrvKeyHex=function(c){var b=RSAKey.getHexValueArrayOfChildrenFromHex(c);this.setPrivateEx(b[1],b[2],b[3],b[4],b[5],b[6],b[7],b[8])};RSAKey.prototype.readPKCS8PrvKeyHex=function(e){var c,i,k,b,a,f,d,j;var m=ASN1HEX;var l=m.getVbyListEx;if(m.isASN1HEX(e)===false){throw new Error("not ASN.1 hex string")}try{c=l(e,0,[2,0,1],"02");i=l(e,0,[2,0,2],"02");k=l(e,0,[2,0,3],"02");b=l(e,0,[2,0,4],"02");a=l(e,0,[2,0,5],"02");f=l(e,0,[2,0,6],"02");d=l(e,0,[2,0,7],"02");j=l(e,0,[2,0,8],"02")}catch(g){throw new Error("malformed PKCS#8 plain RSA private key")}this.setPrivateEx(c,i,k,b,a,f,d,j)};RSAKey.prototype.readPKCS5PubKeyHex=function(c){var e=ASN1HEX;var b=e.getV;if(e.isASN1HEX(c)===false){throw new Error("keyHex is not ASN.1 hex string")}var a=e.getChildIdx(c,0);if(a.length!==2||c.substr(a[0],2)!=="02"||c.substr(a[1],2)!=="02"){throw new Error("wrong hex for PKCS#5 public key")}var f=b(c,a[0]);var d=b(c,a[1]);this.setPublic(f,d)};RSAKey.prototype.readPKCS8PubKeyHex=function(b){var c=ASN1HEX;if(c.isASN1HEX(b)===false){throw new Error("not ASN.1 hex string")}if(c.getTLVbyListEx(b,0,[0,0])!=="06092a864886f70d010101"){throw new Error("not PKCS8 RSA public key")}var a=c.getTLVbyListEx(b,0,[1,0]);this.readPKCS5PubKeyHex(a)};RSAKey.prototype.readCertPubKeyHex=function(b,d){var a,c;a=new X509();a.readCertHex(b);c=a.getPublicKeyHex();this.readPKCS8PubKeyHex(c)};
 var _RE_HEXDECONLY=new RegExp("[^0-9a-f]","gi");function _rsasign_getHexPaddedDigestInfoForString(d,e,a){var b=function(f){return KJUR.crypto.Util.hashString(f,a)};var c=b(d);return KJUR.crypto.Util.getPaddedDigestInfoHex(c,a,e)}function _zeroPaddingOfSignature(e,d){var c="";var a=d/4-e.length;for(var b=0;b<a;b++){c=c+"0"}return c+e}RSAKey.prototype.sign=function(d,a){var b=function(e){return KJUR.crypto.Util.hashString(e,a)};var c=b(d);return this.signWithMessageHash(c,a)};RSAKey.prototype.signWithMessageHash=function(e,c){var f=KJUR.crypto.Util.getPaddedDigestInfoHex(e,c,this.n.bitLength());var b=parseBigInt(f,16);var d=this.doPrivate(b);var a=d.toString(16);return _zeroPaddingOfSignature(a,this.n.bitLength())};function pss_mgf1_str(c,a,e){var b="",d=0;while(b.length<a){b+=hextorstr(e(rstrtohex(c+String.fromCharCode.apply(String,[(d&4278190080)>>24,(d&16711680)>>16,(d&65280)>>8,d&255]))));d+=1}return b}RSAKey.prototype.signPSS=function(e,a,d){var c=function(f){return KJUR.crypto.Util.hashHex(f,a)};var b=c(rstrtohex(e));if(d===undefined){d=-1}return this.signWithMessageHashPSS(b,a,d)};RSAKey.prototype.signWithMessageHashPSS=function(l,a,k){var b=hextorstr(l);var g=b.length;var m=this.n.bitLength()-1;var c=Math.ceil(m/8);var d;var o=function(i){return KJUR.crypto.Util.hashHex(i,a)};if(k===-1||k===undefined){k=g}else{if(k===-2){k=c-g-2}else{if(k<-2){throw new Error("invalid salt length")}}}if(c<(g+k+2)){throw new Error("data too long")}var f="";if(k>0){f=new Array(k);new SecureRandom().nextBytes(f);f=String.fromCharCode.apply(String,f)}var n=hextorstr(o(rstrtohex("\x00\x00\x00\x00\x00\x00\x00\x00"+b+f)));var j=[];for(d=0;d<c-k-g-2;d+=1){j[d]=0}var e=String.fromCharCode.apply(String,j)+"\x01"+f;var h=pss_mgf1_str(n,e.length,o);var q=[];for(d=0;d<e.length;d+=1){q[d]=e.charCodeAt(d)^h.charCodeAt(d)}var p=(65280>>(8*c-m))&255;q[0]&=~p;for(d=0;d<g;d++){q.push(n.charCodeAt(d))}q.push(188);return _zeroPaddingOfSignature(this.doPrivate(new BigInteger(q)).toString(16),this.n.bitLength())};function _rsasign_getDecryptSignatureBI(a,d,c){var b=new RSAKey();b.setPublic(d,c);var e=b.doPublic(a);return e}function _rsasign_getHexDigestInfoFromSig(a,c,b){var e=_rsasign_getDecryptSignatureBI(a,c,b);var d=e.toString(16).replace(/^1f+00/,"");return d}function _rsasign_getAlgNameAndHashFromHexDisgestInfo(f){for(var e in KJUR.crypto.Util.DIGESTINFOHEAD){var d=KJUR.crypto.Util.DIGESTINFOHEAD[e];var b=d.length;if(f.substring(0,b)==d){var c=[e,f.substring(b)];return c}}return[]}RSAKey.prototype.verify=function(f,l){l=l.toLowerCase();if(l.match(/^[0-9a-f]+$/)==null){return false}var b=parseBigInt(l,16);var k=this.n.bitLength();if(b.bitLength()>k){return false}var j=this.doPublic(b);var i=j.toString(16);if(i.length+3!=k/4){return false}var e=i.replace(/^1f+00/,"");var g=_rsasign_getAlgNameAndHashFromHexDisgestInfo(e);if(g.length==0){return false}var d=g[0];var h=g[1];var a=function(m){return KJUR.crypto.Util.hashString(m,d)};var c=a(f);return(h==c)};RSAKey.prototype.verifyWithMessageHash=function(e,a){if(a.length!=Math.ceil(this.n.bitLength()/4)){return false}var b=parseBigInt(a,16);if(b.bitLength()>this.n.bitLength()){return 0}var h=this.doPublic(b);var g=h.toString(16).replace(/^1f+00/,"");var c=_rsasign_getAlgNameAndHashFromHexDisgestInfo(g);if(c.length==0){return false}var d=c[0];var f=c[1];return(f==e)};RSAKey.prototype.verifyPSS=function(c,b,a,f){var e=function(g){return KJUR.crypto.Util.hashHex(g,a)};var d=e(rstrtohex(c));if(f===undefined){f=-1}return this.verifyWithMessageHashPSS(d,b,a,f)};RSAKey.prototype.verifyWithMessageHashPSS=function(f,s,l,c){if(s.length!=Math.ceil(this.n.bitLength()/4)){return false}var k=new BigInteger(s,16);var r=function(i){return KJUR.crypto.Util.hashHex(i,l)};var j=hextorstr(f);var h=j.length;var g=this.n.bitLength()-1;var m=Math.ceil(g/8);var q;if(c===-1||c===undefined){c=h}else{if(c===-2){c=m-h-2}else{if(c<-2){throw new Error("invalid salt length")}}}if(m<(h+c+2)){throw new Error("data too long")}var a=this.doPublic(k).toByteArray();for(q=0;q<a.length;q+=1){a[q]&=255}while(a.length<m){a.unshift(0)}if(a[m-1]!==188){throw new Error("encoded message does not end in 0xbc")}a=String.fromCharCode.apply(String,a);var d=a.substr(0,m-h-1);var e=a.substr(d.length,h);var p=(65280>>(8*m-g))&255;if((d.charCodeAt(0)&p)!==0){throw new Error("bits beyond keysize not zero")}var n=pss_mgf1_str(e,d.length,r);var o=[];for(q=0;q<d.length;q+=1){o[q]=d.charCodeAt(q)^n.charCodeAt(q)}o[0]&=~p;var b=m-h-c-2;for(q=0;q<b;q+=1){if(o[q]!==0){throw new Error("leftmost octets not zero")}}if(o[b]!==1){throw new Error("0x01 marker not found")}return e===hextorstr(r(rstrtohex("\x00\x00\x00\x00\x00\x00\x00\x00"+j+String.fromCharCode.apply(String,o.slice(-c)))))};RSAKey.SALT_LEN_HLEN=-1;RSAKey.SALT_LEN_MAX=-2;RSAKey.SALT_LEN_RECOVER=-2;
-function X509(u){var n=ASN1HEX,r=n.getChildIdx,k=n.getV,x=n.dump,j=n.parse,b=n.getTLV,c=n.getVbyList,o=n.getVbyListEx,a=n.getTLVbyList,p=n.getTLVbyListEx,l=n.getIdxbyList,f=n.getIdxbyListEx,m=n.getVidx,w=n.getInt,t=n.oidname,q=n.hextooidstr,d=X509,v=pemtohex,g;try{g=KJUR.asn1.x509.AlgorithmIdentifier.PSSNAME2ASN1TLV}catch(s){}this.HEX2STAG={"0c":"utf8","13":"prn","16":"ia5","1a":"vis","1e":"bmp"};this.hex=null;this.version=0;this.foffset=0;this.aExtInfo=null;this.getVersion=function(){if(this.hex===null||this.version!==0){return this.version}var z=a(this.hex,0,[0,0]);if(z.substr(0,2)=="a0"){var A=a(z,0,[0]);var y=w(A,0);if(y<0||2<y){throw new Error("malformed version field")}this.version=y+1;return this.version}else{this.version=1;this.foffset=-1;return 1}};this.getSerialNumberHex=function(){return o(this.hex,0,[0,0],"02")};this.getSignatureAlgorithmField=function(){var y=p(this.hex,0,[0,1]);return this.getAlgorithmIdentifierName(y)};this.getAlgorithmIdentifierName=function(y){for(var z in g){if(y===g[z]){return z}}return t(o(y,0,[0],"06"))};this.getIssuer=function(){return this.getX500Name(this.getIssuerHex())};this.getIssuerHex=function(){return a(this.hex,0,[0,3+this.foffset],"30")};this.getIssuerString=function(){var y=this.getIssuer();return y.str};this.getSubject=function(){return this.getX500Name(this.getSubjectHex())};this.getSubjectHex=function(){return a(this.hex,0,[0,5+this.foffset],"30")};this.getSubjectString=function(){var y=this.getSubject();return y.str};this.getNotBefore=function(){var y=c(this.hex,0,[0,4+this.foffset,0]);y=y.replace(/(..)/g,"%$1");y=decodeURIComponent(y);return y};this.getNotAfter=function(){var y=c(this.hex,0,[0,4+this.foffset,1]);y=y.replace(/(..)/g,"%$1");y=decodeURIComponent(y);return y};this.getPublicKeyHex=function(){return this.getSPKI()};this.getSPKI=function(){return a(this.hex,0,[0,6+this.foffset],"30")};this.getSPKIValue=function(){var y=this.getSPKI();if(y==null){return null}return c(y,0,[1],"03",true)};this.getPublicKeyIdx=function(){return l(this.hex,0,[0,6+this.foffset],"30")};this.getPublicKeyContentIdx=function(){var y=this.getPublicKeyIdx();return l(this.hex,y,[1,0],"30")};this.getPublicKey=function(){return KEYUTIL.getKey(this.getPublicKeyHex(),null,"pkcs8pub")};this.getSignatureAlgorithmName=function(){var y=a(this.hex,0,[1],"30");return this.getAlgorithmIdentifierName(y)};this.getSignatureValueHex=function(){return c(this.hex,0,[2],"03",true)};this.verifySignature=function(A){var B=this.getSignatureAlgorithmField();var y=this.getSignatureValueHex();var z=a(this.hex,0,[0],"30");var C=new KJUR.crypto.Signature({alg:B});C.init(A);C.updateHex(z);return C.verify(y)};this.parseExt=function(H){var A,y,C;if(H===undefined){C=this.hex;if(this.version!==3){return -1}A=l(C,0,[0,7,0],"30");y=r(C,A)}else{C=pemtohex(H);var D=l(C,0,[0,3,0,0],"06");if(k(C,D)!="2a864886f70d01090e"){this.aExtInfo=new Array();return}A=l(C,0,[0,3,0,1,0],"30");y=r(C,A);this.hex=C}this.aExtInfo=new Array();for(var B=0;B<y.length;B++){var F={};F.critical=false;var E=r(C,y[B]);var z=0;if(E.length===3){F.critical=true;z=1}F.oid=n.hextooidstr(c(C,y[B],[0],"06"));var G=l(C,y[B],[1+z]);F.vidx=m(C,G);this.aExtInfo.push(F)}};this.getExtInfo=function(A){var y=this.aExtInfo;var B=A;if(!A.match(/^[0-9.]+$/)){B=KJUR.asn1.x509.OID.name2oid(A)}if(B===""){return undefined}for(var z=0;z<y.length;z++){if(y[z].oid===B){return y[z]}}return undefined};this.getExtBasicConstraints=function(z,D){if(z===undefined&&D===undefined){var B=this.getExtInfo("basicConstraints");if(B===undefined){return undefined}z=b(this.hex,B.vidx);D=B.critical}var y={extname:"basicConstraints"};if(D){y.critical=true}if(z==="3000"){return y}if(z==="30030101ff"){y.cA=true;return y}if(z.substr(0,12)==="30060101ff02"){var C=k(z,10);var A=parseInt(C,16);y.cA=true;y.pathLen=A;return y}throw new Error("hExtV parse error: "+z)};this.getExtNameConstraints=function(H,F){if(H===undefined&&F===undefined){var z=this.getExtInfo("nameConstraints");if(z===undefined){return undefined}H=b(this.hex,z.vidx);F=z.critical}var J={extname:"nameConstraints"};if(F){J.critical=true}var E=r(H,0);for(var C=0;C<E.length;C++){var D=[];var A=r(H,E[C]);for(var B=0;B<A.length;B++){var G=b(H,A[B]);var y=this.getGeneralSubtree(G);D.push(y)}var I=H.substr(E[C],2);if(I=="a0"){J.permit=D}else{if(I=="a1"){J.exclude=D}}}return J};this.getGeneralSubtree=function(E){var C=r(E,0);var B=C.length;if(B<1||2<B){throw new Error("wrong num elements")}var A=this.getGeneralName(b(E,C[0]));for(var D=1;D<B;D++){var z=E.substr(C[D],2);var y=k(E,C[D]);var F=parseInt(y,16);if(z=="80"){A.min=F}if(z=="81"){A.max=F}}return A};this.getExtKeyUsage=function(z,B){if(z===undefined&&B===undefined){var A=this.getExtInfo("keyUsage");if(A===undefined){return undefined}z=b(this.hex,A.vidx);B=A.critical}var y={extname:"keyUsage"};if(B){y.critical=true}y.names=this.getExtKeyUsageString(z).split(",");return y};this.getExtKeyUsageBin=function(z){if(z===undefined){var A=this.getExtInfo("keyUsage");if(A===undefined){return""}z=b(this.hex,A.vidx)}if(z.length!=8&&z.length!=10){throw new Error("malformed key usage value: "+z)}var y="000000000000000"+parseInt(z.substr(6),16).toString(2);if(z.length==8){y=y.slice(-8)}if(z.length==10){y=y.slice(-16)}y=y.replace(/0+$/,"");if(y==""){y="0"}return y};this.getExtKeyUsageString=function(A){var B=this.getExtKeyUsageBin(A);var y=new Array();for(var z=0;z<B.length;z++){if(B.substr(z,1)=="1"){y.push(X509.KEYUSAGE_NAME[z])}}return y.join(",")};this.getExtSubjectKeyIdentifier=function(A,C){if(A===undefined&&C===undefined){var B=this.getExtInfo("subjectKeyIdentifier");if(B===undefined){return undefined}A=b(this.hex,B.vidx);C=B.critical}var y={extname:"subjectKeyIdentifier"};if(C){y.critical=true}var z=k(A,0);y.kid={hex:z};return y};this.getExtAuthorityKeyIdentifier=function(E,C){if(E===undefined&&C===undefined){var y=this.getExtInfo("authorityKeyIdentifier");if(y===undefined){return undefined}E=b(this.hex,y.vidx);C=y.critical}var F={extname:"authorityKeyIdentifier"};if(C){F.critical=true}var D=r(E,0);for(var z=0;z<D.length;z++){var G=E.substr(D[z],2);if(G==="80"){F.kid={hex:k(E,D[z])}}if(G==="a1"){var B=b(E,D[z]);var A=this.getGeneralNames(B);F.issuer=A[0]["dn"]}if(G==="82"){F.sn={hex:k(E,D[z])}}}return F};this.getExtExtKeyUsage=function(B,D){if(B===undefined&&D===undefined){var C=this.getExtInfo("extKeyUsage");if(C===undefined){return undefined}B=b(this.hex,C.vidx);D=C.critical}var y={extname:"extKeyUsage",array:[]};if(D){y.critical=true}var z=r(B,0);for(var A=0;A<z.length;A++){y.array.push(t(k(B,z[A])))}return y};this.getExtExtKeyUsageName=function(){var C=this.getExtInfo("extKeyUsage");if(C===undefined){return C}var y=new Array();var B=b(this.hex,C.vidx);if(B===""){return y}var z=r(B,0);for(var A=0;A<z.length;A++){y.push(t(k(B,z[A])))}return y};this.getExtSubjectAltName=function(z,B){if(z===undefined&&B===undefined){var A=this.getExtInfo("subjectAltName");if(A===undefined){return undefined}z=b(this.hex,A.vidx);B=A.critical}var y={extname:"subjectAltName",array:[]};if(B){y.critical=true}y.array=this.getGeneralNames(z);return y};this.getExtIssuerAltName=function(z,B){if(z===undefined&&B===undefined){var A=this.getExtInfo("issuerAltName");if(A===undefined){return undefined}z=b(this.hex,A.vidx);B=A.critical}var y={extname:"issuerAltName",array:[]};if(B){y.critical=true}y.array=this.getGeneralNames(z);return y};this.getGeneralNames=function(C){var A=r(C,0);var y=[];for(var B=0;B<A.length;B++){var z=this.getGeneralName(b(C,A[B]));if(z!==undefined){y.push(z)}}return y};this.getGeneralName=function(z){var y=z.substr(0,2);var B=k(z,0);var A=hextorstr(B);if(y=="81"){return{rfc822:A}}if(y=="82"){return{dns:A}}if(y=="86"){return{uri:A}}if(y=="87"){return{ip:hextoip(B)}}if(y=="a4"){return{dn:this.getX500Name(B)}}if(y=="a0"){return{other:this.getOtherName(z)}}return undefined};this.getExtSubjectAltName2=function(){var C,F,E;var D=this.getExtInfo("subjectAltName");if(D===undefined){return D}var y=new Array();var B=b(this.hex,D.vidx);var z=r(B,0);for(var A=0;A<z.length;A++){E=B.substr(z[A],2);C=k(B,z[A]);if(E==="81"){F=hextoutf8(C);y.push(["MAIL",F])}if(E==="82"){F=hextoutf8(C);y.push(["DNS",F])}if(E==="84"){F=X509.hex2dn(C,0);y.push(["DN",F])}if(E==="86"){F=hextoutf8(C);y.push(["URI",F])}if(E==="87"){F=hextoip(C);y.push(["IP",F])}}return y};this.getExtCRLDistributionPoints=function(C,E){if(C===undefined&&E===undefined){var D=this.getExtInfo("cRLDistributionPoints");if(D===undefined){return undefined}C=b(this.hex,D.vidx);E=D.critical}var z={extname:"cRLDistributionPoints",array:[]};if(E){z.critical=true}var A=r(C,0);for(var B=0;B<A.length;B++){var y=b(C,A[B]);z.array.push(this.getDistributionPoint(y))}return z};this.getDistributionPoint=function(D){var A={};var B=r(D,0);for(var C=0;C<B.length;C++){var z=D.substr(B[C],2);var y=b(D,B[C]);if(z=="a0"){A.dpname=this.getDistributionPointName(y)}}return A};this.getDistributionPointName=function(D){var A={};var B=r(D,0);for(var C=0;C<B.length;C++){var z=D.substr(B[C],2);var y=b(D,B[C]);if(z=="a0"){A.full=this.getGeneralNames(y)}}return A};this.getExtCRLDistributionPointsURI=function(){var C=this.getExtCRLDistributionPoints();if(C==undefined){return C}var z=C.array;var y=[];for(var B=0;B<z.length;B++){try{if(z[B].dpname.full[0].uri!=undefined){y.push(z[B].dpname.full[0].uri)}}catch(A){}}return y};this.getExtAIAInfo=function(){var C=this.getExtInfo("authorityInfoAccess");if(C===undefined){return C}var y={ocsp:[],caissuer:[]};var z=r(this.hex,C.vidx);for(var A=0;A<z.length;A++){var D=c(this.hex,z[A],[0],"06");var B=c(this.hex,z[A],[1],"86");if(D==="2b06010505073001"){y.ocsp.push(hextoutf8(B))}if(D==="2b06010505073002"){y.caissuer.push(hextoutf8(B))}}return y};this.getExtAuthorityInfoAccess=function(F,D){if(F===undefined&&D===undefined){var y=this.getExtInfo("authorityInfoAccess");if(y===undefined){return undefined}F=b(this.hex,y.vidx);D=y.critical}var G={extname:"authorityInfoAccess",array:[]};if(D){G.critical=true}var E=r(F,0);for(var z=0;z<E.length;z++){var C=o(F,E[z],[0],"06");var A=c(F,E[z],[1],"86");var B=hextoutf8(A);if(C=="2b06010505073001"){G.array.push({ocsp:B})}else{if(C=="2b06010505073002"){G.array.push({caissuer:B})}else{throw new Error("unknown method: "+C)}}}return G};this.getExtCertificatePolicies=function(C,F){if(C===undefined&&F===undefined){var E=this.getExtInfo("certificatePolicies");if(E===undefined){return undefined}C=b(this.hex,E.vidx);F=E.critical}var y={extname:"certificatePolicies",array:[]};if(F){y.critical=true}var z=r(C,0);for(var A=0;A<z.length;A++){var D=b(C,z[A]);var B=this.getPolicyInformation(D);y.array.push(B)}return y};this.getPolicyInformation=function(C){var y={};var E=c(C,0,[0],"06");y.policyoid=t(E);var F=f(C,0,[1],"30");if(F!=-1){y.array=[];var z=r(C,F);for(var A=0;A<z.length;A++){var D=b(C,z[A]);var B=this.getPolicyQualifierInfo(D);y.array.push(B)}}return y};this.getOtherName=function(A){var y={};var z=r(A,0);var C=c(A,z[0],[],"06");var B=c(A,z[1],[]);y.oid=KJUR.asn1.ASN1Util.oidHexToInt(C);y.obj=j(B);return y};this.getPolicyQualifierInfo=function(z){var y={};var A=c(z,0,[0],"06");if(A==="2b06010505070201"){var C=o(z,0,[1],"16");y.cps=hextorstr(C)}else{if(A==="2b06010505070202"){var B=a(z,0,[1],"30");y.unotice=this.getUserNotice(B)}}return y};this.getUserNotice=function(C){var z={};var A=r(C,0);for(var B=0;B<A.length;B++){var y=b(C,A[B]);if(y.substr(0,2)!="30"){z.exptext=this.getDisplayText(y)}}return z};this.getDisplayText=function(z){var A={"0c":"utf8","16":"ia5","1a":"vis","1e":"bmp"};var y={};y.type=A[z.substr(0,2)];y.str=hextorstr(k(z,0));return y};this.getExtCRLNumber=function(z,A){var y={extname:"cRLNumber"};if(A){y.critical=true}if(z.substr(0,2)=="02"){y.num={hex:k(z,0)};return y}throw new Error("hExtV parse error: "+z)};this.getExtCRLReason=function(z,A){var y={extname:"cRLReason"};if(A){y.critical=true}if(z.substr(0,2)=="0a"){y.code=parseInt(k(z,0),16);return y}throw new Error("hExtV parse error: "+z)};this.getExtOcspNonce=function(z,B){var y={extname:"ocspNonce"};if(B){y.critical=true}var A=k(z,0);y.hex=A;return y};this.getExtOcspNoCheck=function(z,A){var y={extname:"ocspNoCheck"};if(A){y.critical=true}return y};this.getExtAdobeTimeStamp=function(B,E){if(B===undefined&&E===undefined){var D=this.getExtInfo("adobeTimeStamp");if(D===undefined){return undefined}B=b(this.hex,D.vidx);E=D.critical}var y={extname:"adobeTimeStamp"};if(E){y.critical=true}var A=r(B,0);if(A.length>1){var F=b(B,A[1]);var z=this.getGeneralName(F);if(z.uri!=undefined){y.uri=z.uri}}if(A.length>2){var C=b(B,A[2]);if(C=="0101ff"){y.reqauth=true}if(C=="010100"){y.reqauth=false}}return y};var e=function(D){var y={};try{var A=D.seq[0].oid;var C=KJUR.asn1.x509.OID.name2oid(A);y.type=KJUR.asn1.x509.OID.oid2atype(C);var z=D.seq[1];if(z.utf8str!=undefined){y.ds="utf8";y.value=z.utf8str.str}else{if(z.numstr!=undefined){y.ds="num";y.value=z.numstr.str}else{if(z.telstr!=undefined){y.ds="tel";y.value=z.telstr.str}else{if(z.prnstr!=undefined){y.ds="prn";y.value=z.prnstr.str}else{if(z.ia5str!=undefined){y.ds="ia5";y.value=z.ia5str.str}else{if(z.visstr!=undefined){y.ds="vis";y.value=z.visstr.str}else{if(z.bmpstr!=undefined){y.ds="bmp";y.value=z.bmpstr.str}else{throw"error"}}}}}}}return y}catch(B){throw new Erorr("improper ASN.1 parsed AttrTypeAndValue")}};var i=function(z){try{return z.set.map(function(A){return e(A)})}catch(y){throw new Error("improper ASN.1 parsed RDN: "+y)}};var h=function(z){try{return z.seq.map(function(A){return i(A)})}catch(y){throw new Error("improper ASN.1 parsed X500Name: "+y)}};this.getX500NameRule=function(y){var F=true;var J=true;var I=false;var z="";var C="";var L=null;var G=[];for(var B=0;B<y.length;B++){var D=y[B];for(var A=0;A<D.length;A++){G.push(D[A])}}for(var B=0;B<G.length;B++){var K=G[B];var M=K.ds;var H=K.value;var E=K.type;z+=":"+M;if(M!="prn"&&M!="utf8"&&M!="ia5"){return"mixed"}if(M=="ia5"){if(E!="CN"){return"mixed"}else{if(!KJUR.lang.String.isMail(H)){return"mixed"}else{continue}}}if(E=="C"){if(M=="prn"){continue}else{return"mixed"}}C+=":"+M;if(L==null){L=M}else{if(L!==M){return"mixed"}}}if(L==null){return"prn"}else{return L}};this.getAttrTypeAndValue=function(y){var z=j(y);return e(z)};this.getRDN=function(y){var z=j(y);return i(z)};this.getX500NameArray=function(y){var z=j(y);return h(z)};this.getX500Name=function(A){var y=this.getX500NameArray(A);var z=this.dnarraytostr(y);return{array:y,str:z}};this.readCertPEM=function(y){this.readCertHex(v(y))};this.readCertHex=function(y){this.hex=y;this.getVersion();try{l(this.hex,0,[0,7],"a3");this.parseExt()}catch(z){}};this.getParam=function(z){var y={};y.version=this.getVersion();y.serial={hex:this.getSerialNumberHex()};y.sigalg=this.getSignatureAlgorithmField();y.issuer=this.getIssuer();y.notbefore=this.getNotBefore();y.notafter=this.getNotAfter();y.subject=this.getSubject();y.sbjpubkey=hextopem(this.getPublicKeyHex(),"PUBLIC KEY");if(this.aExtInfo!=undefined&&this.aExtInfo.length>0){y.ext=this.getExtParamArray()}y.sighex=this.getSignatureValueHex();if(typeof z=="object"){if(z.tbshex==true){y.tbshex=a(this.hex,0,[0])}if(z.nodnarray==true){delete y.issuer.array;delete y.subject.array}}return y};this.getExtParamArray=function(z){if(z==undefined){var B=f(this.hex,0,[0,"[3]"]);if(B!=-1){z=p(this.hex,0,[0,"[3]",0],"30")}}var y=[];var A=r(z,0);for(var C=0;C<A.length;C++){var E=b(z,A[C]);var D=this.getExtParam(E);if(D!=null){y.push(D)}}return y};this.getExtParam=function(z){var G={};var B=r(z,0);var C=B.length;if(C!=2&&C!=3){throw new Error("wrong number elements in Extension: "+C+" "+z)}var A=q(c(z,0,[0],"06"));var E=false;if(C==3&&a(z,0,[1])=="0101ff"){E=true}var F=a(z,0,[C-1,0]);var D=undefined;if(A=="2.5.29.14"){D=this.getExtSubjectKeyIdentifier(F,E)}else{if(A=="2.5.29.15"){D=this.getExtKeyUsage(F,E)}else{if(A=="2.5.29.17"){D=this.getExtSubjectAltName(F,E)}else{if(A=="2.5.29.18"){D=this.getExtIssuerAltName(F,E)}else{if(A=="2.5.29.19"){D=this.getExtBasicConstraints(F,E)}else{if(A=="2.5.29.30"){D=this.getExtNameConstraints(F,E)}else{if(A=="2.5.29.31"){D=this.getExtCRLDistributionPoints(F,E)}else{if(A=="2.5.29.32"){D=this.getExtCertificatePolicies(F,E)}else{if(A=="2.5.29.35"){D=this.getExtAuthorityKeyIdentifier(F,E)}else{if(A=="2.5.29.37"){D=this.getExtExtKeyUsage(F,E)}else{if(A=="1.3.6.1.5.5.7.1.1"){D=this.getExtAuthorityInfoAccess(F,E)}else{if(A=="2.5.29.20"){D=this.getExtCRLNumber(F,E)}else{if(A=="2.5.29.21"){D=this.getExtCRLReason(F,E)}else{if(A=="1.3.6.1.5.5.7.48.1.2"){D=this.getExtOcspNonce(F,E)}else{if(A=="1.3.6.1.5.5.7.48.1.5"){D=this.getExtOcspNoCheck(F,E)}else{if(A=="1.2.840.113583.1.1.9.1"){D=this.getExtAdobeTimeStamp(F,E)}}}}}}}}}}}}}}}}if(D!=undefined){return D}var y={extname:A,extn:F};if(E){y.critical=true}return y};this.findExt=function(z,A){for(var y=0;y<z.length;y++){if(z[y].extname==A){return z[y]}}return null};this.updateExtCDPFullURI=function(C,y){var B=this.findExt(C,"cRLDistributionPoints");if(B==null){return}if(B.array==undefined){return}var E=B.array;for(var A=0;A<E.length;A++){if(E[A].dpname==undefined){continue}if(E[A].dpname.full==undefined){continue}var F=E[A].dpname.full;for(var z=0;z<F.length;z++){var D=F[A];if(D.uri==undefined){continue}D.uri=y}}};this.updateExtAIAOCSP=function(C,z){var B=this.findExt(C,"authorityInfoAccess");if(B==null){return}if(B.array==undefined){return}var y=B.array;for(var A=0;A<y.length;A++){if(y[A].ocsp!=undefined){y[A].ocsp=z}}};this.updateExtAIACAIssuer=function(C,z){var B=this.findExt(C,"authorityInfoAccess");if(B==null){return}if(B.array==undefined){return}var y=B.array;for(var A=0;A<y.length;A++){if(y[A].caissuer!=undefined){y[A].caissuer=z}}};this.dnarraytostr=function(A){function y(B){return B.map(function(C){return z(C).replace(/\+/,"\\+")}).join("+")}function z(B){return B.type+"="+B.value}return"/"+A.map(function(B){return y(B).replace(/\//,"\\/")}).join("/")};this.getInfo=function(){var z=function(R){var Q=JSON.stringify(R.array).replace(/[\[\]\{\}\"]/g,"");return Q};var F=function(W){var U="";var Q=W.array;for(var T=0;T<Q.length;T++){var V=Q[T];U+="    policy oid: "+V.policyoid+"\n";if(V.array===undefined){continue}for(var S=0;S<V.array.length;S++){var R=V.array[S];if(R.cps!==undefined){U+="    cps: "+R.cps+"\n"}}}return U};var I=function(U){var T="";var Q=U.array;for(var S=0;S<Q.length;S++){var V=Q[S];try{if(V.dpname.full[0].uri!==undefined){T+="    "+V.dpname.full[0].uri+"\n"}}catch(R){}try{if(V.dname.full[0].dn.hex!==undefined){T+="    "+X509.hex2dn(V.dpname.full[0].dn.hex)+"\n"}}catch(R){}}return T};var G=function(U){var T="";var Q=U.array;for(var R=0;R<Q.length;R++){var S=Q[R];if(S.caissuer!==undefined){T+="    caissuer: "+S.caissuer+"\n"}if(S.ocsp!==undefined){T+="    ocsp: "+S.ocsp+"\n"}}return T};var A=X509;var K,J,P;K="Basic Fields\n";K+="  serial number: "+this.getSerialNumberHex()+"\n";K+="  signature algorithm: "+this.getSignatureAlgorithmField()+"\n";K+="  issuer: "+this.getIssuerString()+"\n";K+="  notBefore: "+this.getNotBefore()+"\n";K+="  notAfter: "+this.getNotAfter()+"\n";K+="  subject: "+this.getSubjectString()+"\n";K+="  subject public key info: \n";J=this.getPublicKey();K+="    key algorithm: "+J.type+"\n";if(J.type==="RSA"){K+="    n="+hextoposhex(J.n.toString(16)).substr(0,16)+"...\n";K+="    e="+hextoposhex(J.e.toString(16))+"\n"}P=this.aExtInfo;if(P!==undefined&&P!==null){K+="X509v3 Extensions:\n";for(var M=0;M<P.length;M++){var O=P[M];var y=KJUR.asn1.x509.OID.oid2name(O.oid);if(y===""){y=O.oid}var L="";if(O.critical===true){L="CRITICAL"}K+="  "+y+" "+L+":\n";if(y==="basicConstraints"){var B=this.getExtBasicConstraints();if(B.cA===undefined){K+="    {}\n"}else{K+="    cA=true";if(B.pathLen!==undefined){K+=", pathLen="+B.pathLen}K+="\n"}}else{if(y==="keyUsage"){K+="    "+this.getExtKeyUsageString()+"\n"}else{if(y==="subjectKeyIdentifier"){K+="    "+this.getExtSubjectKeyIdentifier().kid.hex+"\n"}else{if(y==="authorityKeyIdentifier"){var C=this.getExtAuthorityKeyIdentifier();if(C.kid!==undefined){K+="    kid="+C.kid.hex+"\n"}}else{if(y==="extKeyUsage"){var N=this.getExtExtKeyUsage().array;K+="    "+N.join(", ")+"\n"}else{if(y==="subjectAltName"){var D=z(this.getExtSubjectAltName());K+="    "+D+"\n"}else{if(y==="cRLDistributionPoints"){var H=this.getExtCRLDistributionPoints();K+=I(H)}else{if(y==="authorityInfoAccess"){var E=this.getExtAuthorityInfoAccess();K+=G(E)}else{if(y==="certificatePolicies"){K+=F(this.getExtCertificatePolicies())}}}}}}}}}}}K+="signature algorithm: "+this.getSignatureAlgorithmName()+"\n";K+="signature: "+this.getSignatureValueHex().substr(0,16)+"...\n";return K};if(typeof u=="string"){if(u.indexOf("-----BEGIN")!=-1){this.readCertPEM(u)}else{if(KJUR.lang.String.isHex(u)){this.readCertHex(u)}}}}X509.hex2dn=function(e,b){if(b===undefined){b=0}var a=new X509();var c=ASN1HEX.getTLV(e,b);var d=a.getX500Name(e);return d.str};X509.hex2rdn=function(f,b){if(b===undefined){b=0}if(f.substr(b,2)!=="31"){throw new Error("malformed RDN")}var c=new Array();var d=ASN1HEX.getChildIdx(f,b);for(var e=0;e<d.length;e++){c.push(X509.hex2attrTypeValue(f,d[e]))}c=c.map(function(a){return a.replace("+","\\+")});return c.join("+")};X509.hex2attrTypeValue=function(d,i){var j=ASN1HEX;var h=j.getV;if(i===undefined){i=0}if(d.substr(i,2)!=="30"){throw new Error("malformed attribute type and value")}var g=j.getChildIdx(d,i);if(g.length!==2||d.substr(g[0],2)!=="06"){"malformed attribute type and value"}var b=h(d,g[0]);var f=KJUR.asn1.ASN1Util.oidHexToInt(b);var e=KJUR.asn1.x509.OID.oid2atype(f);var a=h(d,g[1]);var c=hextorstr(a);return e+"="+c};X509.getPublicKeyFromCertHex=function(b){var a=new X509();a.readCertHex(b);return a.getPublicKey()};X509.getPublicKeyFromCertPEM=function(b){var a=new X509();a.readCertPEM(b);return a.getPublicKey()};X509.getPublicKeyInfoPropOfCertPEM=function(c){var e=ASN1HEX;var g=e.getVbyList;var b={};var a,f,d;b.algparam=null;a=new X509();a.readCertPEM(c);f=a.getPublicKeyHex();b.keyhex=g(f,0,[1],"03").substr(2);b.algoid=g(f,0,[0,0],"06");if(b.algoid==="2a8648ce3d0201"){b.algparam=g(f,0,[0,1],"06")}return b};X509.KEYUSAGE_NAME=["digitalSignature","nonRepudiation","keyEncipherment","dataEncipherment","keyAgreement","keyCertSign","cRLSign","encipherOnly","decipherOnly"];
+function X509(u){var n=ASN1HEX,r=n.getChildIdx,k=n.getV,x=n.dump,j=n.parse,b=n.getTLV,c=n.getVbyList,o=n.getVbyListEx,a=n.getTLVbyList,p=n.getTLVbyListEx,l=n.getIdxbyList,f=n.getIdxbyListEx,m=n.getVidx,w=n.getInt,t=n.oidname,q=n.hextooidstr,d=X509,v=pemtohex,g;try{g=KJUR.asn1.x509.AlgorithmIdentifier.PSSNAME2ASN1TLV}catch(s){}this.HEX2STAG={"0c":"utf8","13":"prn","16":"ia5","1a":"vis","1e":"bmp"};this.hex=null;this.version=0;this.foffset=0;this.aExtInfo=null;this.getVersion=function(){if(this.hex===null||this.version!==0){return this.version}var z=a(this.hex,0,[0,0]);if(z.substr(0,2)=="a0"){var A=a(z,0,[0]);var y=w(A,0);if(y<0||2<y){throw new Error("malformed version field")}this.version=y+1;return this.version}else{this.version=1;this.foffset=-1;return 1}};this.getSerialNumberHex=function(){return o(this.hex,0,[0,0],"02")};this.getSignatureAlgorithmField=function(){var y=p(this.hex,0,[0,1]);return this.getAlgorithmIdentifierName(y)};this.getAlgorithmIdentifierName=function(y){for(var z in g){if(y===g[z]){return z}}return t(o(y,0,[0],"06"))};this.getIssuer=function(z,y){return this.getX500Name(this.getIssuerHex(),z,y)};this.getIssuerHex=function(){return a(this.hex,0,[0,3+this.foffset],"30")};this.getIssuerString=function(){var y=this.getIssuer();return y.str};this.getSubject=function(z,y){return this.getX500Name(this.getSubjectHex(),z,y)};this.getSubjectHex=function(){return a(this.hex,0,[0,5+this.foffset],"30")};this.getSubjectString=function(){var y=this.getSubject();return y.str};this.getNotBefore=function(){var y=c(this.hex,0,[0,4+this.foffset,0]);y=y.replace(/(..)/g,"%$1");y=decodeURIComponent(y);return y};this.getNotAfter=function(){var y=c(this.hex,0,[0,4+this.foffset,1]);y=y.replace(/(..)/g,"%$1");y=decodeURIComponent(y);return y};this.getPublicKeyHex=function(){return this.getSPKI()};this.getSPKI=function(){return a(this.hex,0,[0,6+this.foffset],"30")};this.getSPKIValue=function(){var y=this.getSPKI();if(y==null){return null}return c(y,0,[1],"03",true)};this.getPublicKeyIdx=function(){return l(this.hex,0,[0,6+this.foffset],"30")};this.getPublicKeyContentIdx=function(){var y=this.getPublicKeyIdx();return l(this.hex,y,[1,0],"30")};this.getPublicKey=function(){return KEYUTIL.getKey(this.getPublicKeyHex(),null,"pkcs8pub")};this.getSignatureAlgorithmName=function(){var y=a(this.hex,0,[1],"30");return this.getAlgorithmIdentifierName(y)};this.getSignatureValueHex=function(){return c(this.hex,0,[2],"03",true)};this.verifySignature=function(A){var B=this.getSignatureAlgorithmField();var y=this.getSignatureValueHex();var z=a(this.hex,0,[0],"30");var C=new KJUR.crypto.Signature({alg:B});C.init(A);C.updateHex(z);return C.verify(y)};this.parseExt=function(H){var A,y,C;if(H===undefined){C=this.hex;if(this.version!==3){return -1}A=l(C,0,[0,7,0],"30");y=r(C,A)}else{C=pemtohex(H);var D=l(C,0,[0,3,0,0],"06");if(k(C,D)!="2a864886f70d01090e"){this.aExtInfo=new Array();return}A=l(C,0,[0,3,0,1,0],"30");y=r(C,A);this.hex=C}this.aExtInfo=new Array();for(var B=0;B<y.length;B++){var F={};F.critical=false;var E=r(C,y[B]);var z=0;if(E.length===3){F.critical=true;z=1}F.oid=n.hextooidstr(c(C,y[B],[0],"06"));var G=l(C,y[B],[1+z]);F.vidx=m(C,G);this.aExtInfo.push(F)}};this.getExtInfo=function(A){var y=this.aExtInfo;var B=A;if(!A.match(/^[0-9.]+$/)){B=KJUR.asn1.x509.OID.name2oid(A)}if(B===""){return undefined}for(var z=0;z<y.length;z++){if(y[z].oid===B){return y[z]}}return undefined};this.getExtBasicConstraints=function(z,D){if(z===undefined&&D===undefined){var B=this.getExtInfo("basicConstraints");if(B===undefined){return undefined}z=b(this.hex,B.vidx);D=B.critical}var y={extname:"basicConstraints"};if(D){y.critical=true}if(z==="3000"){return y}if(z==="30030101ff"){y.cA=true;return y}if(z.substr(0,12)==="30060101ff02"){var C=k(z,10);var A=parseInt(C,16);y.cA=true;y.pathLen=A;return y}throw new Error("hExtV parse error: "+z)};this.getExtNameConstraints=function(H,F){if(H===undefined&&F===undefined){var z=this.getExtInfo("nameConstraints");if(z===undefined){return undefined}H=b(this.hex,z.vidx);F=z.critical}var J={extname:"nameConstraints"};if(F){J.critical=true}var E=r(H,0);for(var C=0;C<E.length;C++){var D=[];var A=r(H,E[C]);for(var B=0;B<A.length;B++){var G=b(H,A[B]);var y=this.getGeneralSubtree(G);D.push(y)}var I=H.substr(E[C],2);if(I=="a0"){J.permit=D}else{if(I=="a1"){J.exclude=D}}}return J};this.getGeneralSubtree=function(E){var C=r(E,0);var B=C.length;if(B<1||2<B){throw new Error("wrong num elements")}var A=this.getGeneralName(b(E,C[0]));for(var D=1;D<B;D++){var z=E.substr(C[D],2);var y=k(E,C[D]);var F=parseInt(y,16);if(z=="80"){A.min=F}if(z=="81"){A.max=F}}return A};this.getExtKeyUsage=function(z,B){if(z===undefined&&B===undefined){var A=this.getExtInfo("keyUsage");if(A===undefined){return undefined}z=b(this.hex,A.vidx);B=A.critical}var y={extname:"keyUsage"};if(B){y.critical=true}y.names=this.getExtKeyUsageString(z).split(",");return y};this.getExtKeyUsageBin=function(z){if(z===undefined){var A=this.getExtInfo("keyUsage");if(A===undefined){return""}z=b(this.hex,A.vidx)}if(z.length!=8&&z.length!=10){throw new Error("malformed key usage value: "+z)}var y="000000000000000"+parseInt(z.substr(6),16).toString(2);if(z.length==8){y=y.slice(-8)}if(z.length==10){y=y.slice(-16)}y=y.replace(/0+$/,"");if(y==""){y="0"}return y};this.getExtKeyUsageString=function(A){var B=this.getExtKeyUsageBin(A);var y=new Array();for(var z=0;z<B.length;z++){if(B.substr(z,1)=="1"){y.push(X509.KEYUSAGE_NAME[z])}}return y.join(",")};this.getExtSubjectKeyIdentifier=function(A,C){if(A===undefined&&C===undefined){var B=this.getExtInfo("subjectKeyIdentifier");if(B===undefined){return undefined}A=b(this.hex,B.vidx);C=B.critical}var y={extname:"subjectKeyIdentifier"};if(C){y.critical=true}var z=k(A,0);y.kid={hex:z};return y};this.getExtAuthorityKeyIdentifier=function(E,C){if(E===undefined&&C===undefined){var y=this.getExtInfo("authorityKeyIdentifier");if(y===undefined){return undefined}E=b(this.hex,y.vidx);C=y.critical}var F={extname:"authorityKeyIdentifier"};if(C){F.critical=true}var D=r(E,0);for(var z=0;z<D.length;z++){var G=E.substr(D[z],2);if(G==="80"){F.kid={hex:k(E,D[z])}}if(G==="a1"){var B=b(E,D[z]);var A=this.getGeneralNames(B);F.issuer=A[0]["dn"]}if(G==="82"){F.sn={hex:k(E,D[z])}}}return F};this.getExtExtKeyUsage=function(B,D){if(B===undefined&&D===undefined){var C=this.getExtInfo("extKeyUsage");if(C===undefined){return undefined}B=b(this.hex,C.vidx);D=C.critical}var y={extname:"extKeyUsage",array:[]};if(D){y.critical=true}var z=r(B,0);for(var A=0;A<z.length;A++){y.array.push(t(k(B,z[A])))}return y};this.getExtExtKeyUsageName=function(){var C=this.getExtInfo("extKeyUsage");if(C===undefined){return C}var y=new Array();var B=b(this.hex,C.vidx);if(B===""){return y}var z=r(B,0);for(var A=0;A<z.length;A++){y.push(t(k(B,z[A])))}return y};this.getExtSubjectAltName=function(z,B){if(z===undefined&&B===undefined){var A=this.getExtInfo("subjectAltName");if(A===undefined){return undefined}z=b(this.hex,A.vidx);B=A.critical}var y={extname:"subjectAltName",array:[]};if(B){y.critical=true}y.array=this.getGeneralNames(z);return y};this.getExtIssuerAltName=function(z,B){if(z===undefined&&B===undefined){var A=this.getExtInfo("issuerAltName");if(A===undefined){return undefined}z=b(this.hex,A.vidx);B=A.critical}var y={extname:"issuerAltName",array:[]};if(B){y.critical=true}y.array=this.getGeneralNames(z);return y};this.getGeneralNames=function(C){var A=r(C,0);var y=[];for(var B=0;B<A.length;B++){var z=this.getGeneralName(b(C,A[B]));if(z!==undefined){y.push(z)}}return y};this.getGeneralName=function(z){var y=z.substr(0,2);var B=k(z,0);var A=hextorstr(B);if(y=="81"){return{rfc822:A}}if(y=="82"){return{dns:A}}if(y=="86"){return{uri:A}}if(y=="87"){return{ip:hextoip(B)}}if(y=="a4"){return{dn:this.getX500Name(B)}}if(y=="a0"){return{other:this.getOtherName(z)}}return undefined};this.getExtSubjectAltName2=function(){var C,F,E;var D=this.getExtInfo("subjectAltName");if(D===undefined){return D}var y=new Array();var B=b(this.hex,D.vidx);var z=r(B,0);for(var A=0;A<z.length;A++){E=B.substr(z[A],2);C=k(B,z[A]);if(E==="81"){F=hextoutf8(C);y.push(["MAIL",F])}if(E==="82"){F=hextoutf8(C);y.push(["DNS",F])}if(E==="84"){F=X509.hex2dn(C,0);y.push(["DN",F])}if(E==="86"){F=hextoutf8(C);y.push(["URI",F])}if(E==="87"){F=hextoip(C);y.push(["IP",F])}}return y};this.getExtCRLDistributionPoints=function(C,E){if(C===undefined&&E===undefined){var D=this.getExtInfo("cRLDistributionPoints");if(D===undefined){return undefined}C=b(this.hex,D.vidx);E=D.critical}var z={extname:"cRLDistributionPoints",array:[]};if(E){z.critical=true}var A=r(C,0);for(var B=0;B<A.length;B++){var y=b(C,A[B]);z.array.push(this.getDistributionPoint(y))}return z};this.getDistributionPoint=function(D){var A={};var B=r(D,0);for(var C=0;C<B.length;C++){var z=D.substr(B[C],2);var y=b(D,B[C]);if(z=="a0"){A.dpname=this.getDistributionPointName(y)}}return A};this.getDistributionPointName=function(D){var A={};var B=r(D,0);for(var C=0;C<B.length;C++){var z=D.substr(B[C],2);var y=b(D,B[C]);if(z=="a0"){A.full=this.getGeneralNames(y)}}return A};this.getExtCRLDistributionPointsURI=function(){var C=this.getExtCRLDistributionPoints();if(C==undefined){return C}var z=C.array;var y=[];for(var B=0;B<z.length;B++){try{if(z[B].dpname.full[0].uri!=undefined){y.push(z[B].dpname.full[0].uri)}}catch(A){}}return y};this.getExtAIAInfo=function(){var C=this.getExtInfo("authorityInfoAccess");if(C===undefined){return C}var y={ocsp:[],caissuer:[]};var z=r(this.hex,C.vidx);for(var A=0;A<z.length;A++){var D=c(this.hex,z[A],[0],"06");var B=c(this.hex,z[A],[1],"86");if(D==="2b06010505073001"){y.ocsp.push(hextoutf8(B))}if(D==="2b06010505073002"){y.caissuer.push(hextoutf8(B))}}return y};this.getExtAuthorityInfoAccess=function(F,D){if(F===undefined&&D===undefined){var y=this.getExtInfo("authorityInfoAccess");if(y===undefined){return undefined}F=b(this.hex,y.vidx);D=y.critical}var G={extname:"authorityInfoAccess",array:[]};if(D){G.critical=true}var E=r(F,0);for(var z=0;z<E.length;z++){var C=o(F,E[z],[0],"06");var A=c(F,E[z],[1],"86");var B=hextoutf8(A);if(C=="2b06010505073001"){G.array.push({ocsp:B})}else{if(C=="2b06010505073002"){G.array.push({caissuer:B})}else{throw new Error("unknown method: "+C)}}}return G};this.getExtCertificatePolicies=function(C,F){if(C===undefined&&F===undefined){var E=this.getExtInfo("certificatePolicies");if(E===undefined){return undefined}C=b(this.hex,E.vidx);F=E.critical}var y={extname:"certificatePolicies",array:[]};if(F){y.critical=true}var z=r(C,0);for(var A=0;A<z.length;A++){var D=b(C,z[A]);var B=this.getPolicyInformation(D);y.array.push(B)}return y};this.getPolicyInformation=function(C){var y={};var E=c(C,0,[0],"06");y.policyoid=t(E);var F=f(C,0,[1],"30");if(F!=-1){y.array=[];var z=r(C,F);for(var A=0;A<z.length;A++){var D=b(C,z[A]);var B=this.getPolicyQualifierInfo(D);y.array.push(B)}}return y};this.getOtherName=function(A){var y={};var z=r(A,0);var C=c(A,z[0],[],"06");var B=c(A,z[1],[]);y.oid=t(C);y.value=j(B);return y};this.getPolicyQualifierInfo=function(z){var y={};var A=c(z,0,[0],"06");if(A==="2b06010505070201"){var C=o(z,0,[1],"16");y.cps=hextorstr(C)}else{if(A==="2b06010505070202"){var B=a(z,0,[1],"30");y.unotice=this.getUserNotice(B)}}return y};this.getUserNotice=function(C){var z={};var A=r(C,0);for(var B=0;B<A.length;B++){var y=b(C,A[B]);if(y.substr(0,2)!="30"){z.exptext=this.getDisplayText(y)}}return z};this.getDisplayText=function(z){var A={"0c":"utf8","16":"ia5","1a":"vis","1e":"bmp"};var y={};y.type=A[z.substr(0,2)];y.str=hextorstr(k(z,0));return y};this.getExtCRLNumber=function(z,A){var y={extname:"cRLNumber"};if(A){y.critical=true}if(z.substr(0,2)=="02"){y.num={hex:k(z,0)};return y}throw new Error("hExtV parse error: "+z)};this.getExtCRLReason=function(z,A){var y={extname:"cRLReason"};if(A){y.critical=true}if(z.substr(0,2)=="0a"){y.code=parseInt(k(z,0),16);return y}throw new Error("hExtV parse error: "+z)};this.getExtOcspNonce=function(z,B){var y={extname:"ocspNonce"};if(B){y.critical=true}var A=k(z,0);y.hex=A;return y};this.getExtOcspNoCheck=function(z,A){var y={extname:"ocspNoCheck"};if(A){y.critical=true}return y};this.getExtAdobeTimeStamp=function(B,E){if(B===undefined&&E===undefined){var D=this.getExtInfo("adobeTimeStamp");if(D===undefined){return undefined}B=b(this.hex,D.vidx);E=D.critical}var y={extname:"adobeTimeStamp"};if(E){y.critical=true}var A=r(B,0);if(A.length>1){var F=b(B,A[1]);var z=this.getGeneralName(F);if(z.uri!=undefined){y.uri=z.uri}}if(A.length>2){var C=b(B,A[2]);if(C=="0101ff"){y.reqauth=true}if(C=="010100"){y.reqauth=false}}return y};var e=function(D){var y={};try{var A=D.seq[0].oid;var C=KJUR.asn1.x509.OID.name2oid(A);y.type=KJUR.asn1.x509.OID.oid2atype(C);var z=D.seq[1];if(z.utf8str!=undefined){y.ds="utf8";y.value=z.utf8str.str}else{if(z.numstr!=undefined){y.ds="num";y.value=z.numstr.str}else{if(z.telstr!=undefined){y.ds="tel";y.value=z.telstr.str}else{if(z.prnstr!=undefined){y.ds="prn";y.value=z.prnstr.str}else{if(z.ia5str!=undefined){y.ds="ia5";y.value=z.ia5str.str}else{if(z.visstr!=undefined){y.ds="vis";y.value=z.visstr.str}else{if(z.bmpstr!=undefined){y.ds="bmp";y.value=z.bmpstr.str}else{throw"error"}}}}}}}return y}catch(B){throw new Erorr("improper ASN.1 parsed AttrTypeAndValue")}};var i=function(z){try{return z.set.map(function(A){return e(A)})}catch(y){throw new Error("improper ASN.1 parsed RDN: "+y)}};var h=function(z){try{return z.seq.map(function(A){return i(A)})}catch(y){throw new Error("improper ASN.1 parsed X500Name: "+y)}};this.getX500NameRule=function(y){var F=true;var J=true;var I=false;var z="";var C="";var L=null;var G=[];for(var B=0;B<y.length;B++){var D=y[B];for(var A=0;A<D.length;A++){G.push(D[A])}}for(var B=0;B<G.length;B++){var K=G[B];var M=K.ds;var H=K.value;var E=K.type;z+=":"+M;if(M!="prn"&&M!="utf8"&&M!="ia5"){return"mixed"}if(M=="ia5"){if(E!="CN"){return"mixed"}else{if(!KJUR.lang.String.isMail(H)){return"mixed"}else{continue}}}if(E=="C"){if(M=="prn"){continue}else{return"mixed"}}C+=":"+M;if(L==null){L=M}else{if(L!==M){return"mixed"}}}if(L==null){return"prn"}else{return L}};this.getAttrTypeAndValue=function(y){var z=j(y);return e(z)};this.getRDN=function(y){var z=j(y);return i(z)};this.getX500NameArray=function(y){var z=j(y);return h(z)};this.getX500Name=function(B,D,C){var z=this.getX500NameArray(B);var A=this.dnarraytostr(z);var y={str:A};y.array=z;if(C==true){y.hex=B}if(D==true){y.canon=this.c14nRDNArray(z)}return y};this.readCertPEM=function(y){this.readCertHex(v(y))};this.readCertHex=function(y){this.hex=y;this.getVersion();try{l(this.hex,0,[0,7],"a3");this.parseExt()}catch(z){}};this.getParam=function(z){var y={};if(z==undefined){z={}}y.version=this.getVersion();y.serial={hex:this.getSerialNumberHex()};y.sigalg=this.getSignatureAlgorithmField();y.issuer=this.getIssuer(z.dncanon,z.dnhex);y.notbefore=this.getNotBefore();y.notafter=this.getNotAfter();y.subject=this.getSubject(z.dncanon,z.dnhex);y.sbjpubkey=hextopem(this.getPublicKeyHex(),"PUBLIC KEY");if(this.aExtInfo!=undefined&&this.aExtInfo.length>0){y.ext=this.getExtParamArray()}y.sighex=this.getSignatureValueHex();if(z.tbshex==true){y.tbshex=a(this.hex,0,[0])}if(z.nodnarray==true){delete y.issuer.array;delete y.subject.array}return y};this.getExtParamArray=function(z){if(z==undefined){var B=f(this.hex,0,[0,"[3]"]);if(B!=-1){z=p(this.hex,0,[0,"[3]",0],"30")}}var y=[];var A=r(z,0);for(var C=0;C<A.length;C++){var E=b(z,A[C]);var D=this.getExtParam(E);if(D!=null){y.push(D)}}return y};this.getExtParam=function(z){var G={};var B=r(z,0);var C=B.length;if(C!=2&&C!=3){throw new Error("wrong number elements in Extension: "+C+" "+z)}var A=q(c(z,0,[0],"06"));var E=false;if(C==3&&a(z,0,[1])=="0101ff"){E=true}var F=a(z,0,[C-1,0]);var D=undefined;if(A=="2.5.29.14"){D=this.getExtSubjectKeyIdentifier(F,E)}else{if(A=="2.5.29.15"){D=this.getExtKeyUsage(F,E)}else{if(A=="2.5.29.17"){D=this.getExtSubjectAltName(F,E)}else{if(A=="2.5.29.18"){D=this.getExtIssuerAltName(F,E)}else{if(A=="2.5.29.19"){D=this.getExtBasicConstraints(F,E)}else{if(A=="2.5.29.30"){D=this.getExtNameConstraints(F,E)}else{if(A=="2.5.29.31"){D=this.getExtCRLDistributionPoints(F,E)}else{if(A=="2.5.29.32"){D=this.getExtCertificatePolicies(F,E)}else{if(A=="2.5.29.35"){D=this.getExtAuthorityKeyIdentifier(F,E)}else{if(A=="2.5.29.37"){D=this.getExtExtKeyUsage(F,E)}else{if(A=="1.3.6.1.5.5.7.1.1"){D=this.getExtAuthorityInfoAccess(F,E)}else{if(A=="2.5.29.20"){D=this.getExtCRLNumber(F,E)}else{if(A=="2.5.29.21"){D=this.getExtCRLReason(F,E)}else{if(A=="1.3.6.1.5.5.7.48.1.2"){D=this.getExtOcspNonce(F,E)}else{if(A=="1.3.6.1.5.5.7.48.1.5"){D=this.getExtOcspNoCheck(F,E)}else{if(A=="1.2.840.113583.1.1.9.1"){D=this.getExtAdobeTimeStamp(F,E)}}}}}}}}}}}}}}}}if(D!=undefined){return D}var y={extname:A,extn:F};if(E){y.critical=true}return y};this.findExt=function(z,A){for(var y=0;y<z.length;y++){if(z[y].extname==A){return z[y]}}return null};this.updateExtCDPFullURI=function(C,y){var B=this.findExt(C,"cRLDistributionPoints");if(B==null){return}if(B.array==undefined){return}var E=B.array;for(var A=0;A<E.length;A++){if(E[A].dpname==undefined){continue}if(E[A].dpname.full==undefined){continue}var F=E[A].dpname.full;for(var z=0;z<F.length;z++){var D=F[A];if(D.uri==undefined){continue}D.uri=y}}};this.updateExtAIAOCSP=function(C,z){var B=this.findExt(C,"authorityInfoAccess");if(B==null){return}if(B.array==undefined){return}var y=B.array;for(var A=0;A<y.length;A++){if(y[A].ocsp!=undefined){y[A].ocsp=z}}};this.updateExtAIACAIssuer=function(C,z){var B=this.findExt(C,"authorityInfoAccess");if(B==null){return}if(B.array==undefined){return}var y=B.array;for(var A=0;A<y.length;A++){if(y[A].caissuer!=undefined){y[A].caissuer=z}}};this.dnarraytostr=function(A){function y(B){return B.map(function(C){return z(C).replace(/\+/,"\\+")}).join("+")}function z(B){return B.type+"="+B.value}return"/"+A.map(function(B){return y(B).replace(/\//,"\\/")}).join("/")};this.setCanonicalizedDN=function(z){var B;if(z.str!=undefined&&z.array==undefined){var A=new KJUR.asn1.x509.X500Name({str:z.str});var y=A.tohex();B=this.getX500NameArray(y)}else{B=z.array}if(z.canon==undefined){z.canon=this.c14nRDNArray(B)}};this.c14nRDNArray=function(F){var z=[];for(var B=0;B<F.length;B++){var D=F[B];var y=[];for(var A=0;A<D.length;A++){var C=D[A];var E=C.value;E=E.replace(/^\s*/,"");E=E.replace(/\s*$/,"");E=E.replace(/\s+/g," ");E=E.toLowerCase();y.push(C.type.toLowerCase()+"="+E)}z.push(y.join("+"))}return"/"+z.join("/")};this.getInfo=function(){var z=function(S){var Y="";var Q="    ";var U="\n";var V=S.array;for(var T=0;T<V.length;T++){var R=V[T];if(R.dn!=undefined){Y+=Q+"dn: "+R.dn.str+U}if(R.ip!=undefined){Y+=Q+"ip: "+R.ip+U}if(R.rfc822!=undefined){Y+=Q+"rfc822: "+R.rfc822+U}if(R.dns!=undefined){Y+=Q+"dns: "+R.dns+U}if(R.uri!=undefined){Y+=Q+"uri: "+R.uri+U}if(R.other!=undefined){var X=R.other.oid;var W=JSON.stringify(R.other.value).replace(/\"/g,"");Y+=Q+"other: "+X+"="+W+U}}Y=Y.replace(/\n$/,"");return Y};var F=function(W){var U="";var Q=W.array;for(var T=0;T<Q.length;T++){var V=Q[T];U+="    policy oid: "+V.policyoid+"\n";if(V.array===undefined){continue}for(var S=0;S<V.array.length;S++){var R=V.array[S];if(R.cps!==undefined){U+="    cps: "+R.cps+"\n"}}}return U};var I=function(U){var T="";var Q=U.array;for(var S=0;S<Q.length;S++){var V=Q[S];try{if(V.dpname.full[0].uri!==undefined){T+="    "+V.dpname.full[0].uri+"\n"}}catch(R){}try{if(V.dname.full[0].dn.hex!==undefined){T+="    "+X509.hex2dn(V.dpname.full[0].dn.hex)+"\n"}}catch(R){}}return T};var G=function(U){var T="";var Q=U.array;for(var R=0;R<Q.length;R++){var S=Q[R];if(S.caissuer!==undefined){T+="    caissuer: "+S.caissuer+"\n"}if(S.ocsp!==undefined){T+="    ocsp: "+S.ocsp+"\n"}}return T};var A=X509;var K,J,P;K="Basic Fields\n";K+="  serial number: "+this.getSerialNumberHex()+"\n";K+="  signature algorithm: "+this.getSignatureAlgorithmField()+"\n";K+="  issuer: "+this.getIssuerString()+"\n";K+="  notBefore: "+this.getNotBefore()+"\n";K+="  notAfter: "+this.getNotAfter()+"\n";K+="  subject: "+this.getSubjectString()+"\n";K+="  subject public key info: \n";J=this.getPublicKey();K+="    key algorithm: "+J.type+"\n";if(J.type==="RSA"){K+="    n="+hextoposhex(J.n.toString(16)).substr(0,16)+"...\n";K+="    e="+hextoposhex(J.e.toString(16))+"\n"}P=this.aExtInfo;if(P!==undefined&&P!==null){K+="X509v3 Extensions:\n";for(var M=0;M<P.length;M++){var O=P[M];var y=KJUR.asn1.x509.OID.oid2name(O.oid);if(y===""){y=O.oid}var L="";if(O.critical===true){L="CRITICAL"}K+="  "+y+" "+L+":\n";if(y==="basicConstraints"){var B=this.getExtBasicConstraints();if(B.cA===undefined){K+="    {}\n"}else{K+="    cA=true";if(B.pathLen!==undefined){K+=", pathLen="+B.pathLen}K+="\n"}}else{if(y==="keyUsage"){K+="    "+this.getExtKeyUsageString()+"\n"}else{if(y==="subjectKeyIdentifier"){K+="    "+this.getExtSubjectKeyIdentifier().kid.hex+"\n"}else{if(y==="authorityKeyIdentifier"){var C=this.getExtAuthorityKeyIdentifier();if(C.kid!==undefined){K+="    kid="+C.kid.hex+"\n"}}else{if(y==="extKeyUsage"){var N=this.getExtExtKeyUsage().array;K+="    "+N.join(", ")+"\n"}else{if(y==="subjectAltName"){var D=z(this.getExtSubjectAltName());K+=D+"\n"}else{if(y==="cRLDistributionPoints"){var H=this.getExtCRLDistributionPoints();K+=I(H)}else{if(y==="authorityInfoAccess"){var E=this.getExtAuthorityInfoAccess();K+=G(E)}else{if(y==="certificatePolicies"){K+=F(this.getExtCertificatePolicies())}}}}}}}}}}}K+="signature algorithm: "+this.getSignatureAlgorithmName()+"\n";K+="signature: "+this.getSignatureValueHex().substr(0,16)+"...\n";return K};if(typeof u=="string"){if(u.indexOf("-----BEGIN")!=-1){this.readCertPEM(u)}else{if(KJUR.lang.String.isHex(u)){this.readCertHex(u)}}}}X509.hex2dn=function(e,b){if(b===undefined){b=0}var a=new X509();var c=ASN1HEX.getTLV(e,b);var d=a.getX500Name(e);return d.str};X509.hex2rdn=function(f,b){if(b===undefined){b=0}if(f.substr(b,2)!=="31"){throw new Error("malformed RDN")}var c=new Array();var d=ASN1HEX.getChildIdx(f,b);for(var e=0;e<d.length;e++){c.push(X509.hex2attrTypeValue(f,d[e]))}c=c.map(function(a){return a.replace("+","\\+")});return c.join("+")};X509.hex2attrTypeValue=function(d,i){var j=ASN1HEX;var h=j.getV;if(i===undefined){i=0}if(d.substr(i,2)!=="30"){throw new Error("malformed attribute type and value")}var g=j.getChildIdx(d,i);if(g.length!==2||d.substr(g[0],2)!=="06"){"malformed attribute type and value"}var b=h(d,g[0]);var f=KJUR.asn1.ASN1Util.oidHexToInt(b);var e=KJUR.asn1.x509.OID.oid2atype(f);var a=h(d,g[1]);var c=hextorstr(a);return e+"="+c};X509.getPublicKeyFromCertHex=function(b){var a=new X509();a.readCertHex(b);return a.getPublicKey()};X509.getPublicKeyFromCertPEM=function(b){var a=new X509();a.readCertPEM(b);return a.getPublicKey()};X509.getPublicKeyInfoPropOfCertPEM=function(c){var e=ASN1HEX;var g=e.getVbyList;var b={};var a,f,d;b.algparam=null;a=new X509();a.readCertPEM(c);f=a.getPublicKeyHex();b.keyhex=g(f,0,[1],"03").substr(2);b.algoid=g(f,0,[0,0],"06");if(b.algoid==="2a8648ce3d0201"){b.algparam=g(f,0,[0,1],"06")}return b};X509.KEYUSAGE_NAME=["digitalSignature","nonRepudiation","keyEncipherment","dataEncipherment","keyAgreement","keyCertSign","cRLSign","encipherOnly","decipherOnly"];
 var X509CRL=function(e){var a=KJUR,f=a.lang.String.isHex,m=ASN1HEX,k=m.getV,b=m.getTLV,h=m.getVbyList,c=m.getTLVbyList,d=m.getTLVbyListEx,i=m.getIdxbyList,g=m.getIdxbyListEx,l=m.getChildIdx,j=new X509();this.hex=null;this.posSigAlg=null;this.posRevCert=null;this.parsed=null;this._setPos=function(){var o=i(this.hex,0,[0,0]);var n=this.hex.substr(o,2);if(n=="02"){this.posSigAlg=1}else{if(n=="30"){this.posSigAlg=0}else{throw new Error("malformed 1st item of TBSCertList: "+n)}}var s=i(this.hex,0,[0,this.posSigAlg+3]);var r=this.hex.substr(s,2);if(r=="17"||r=="18"){var q,p;q=i(this.hex,0,[0,this.posSigAlg+4]);this.posRevCert=null;if(q!=-1){p=this.hex.substr(q,2);if(p=="30"){this.posRevCert=this.posSigAlg+4}}}else{if(r=="30"){this.posRevCert=this.posSigAlg+3}else{if(r=="a0"){this.posRevCert=null}else{throw new Error("malformed nextUpdate or revCert tag: "+r)}}}};this.getVersion=function(){if(this.posSigAlg==0){return null}return parseInt(h(this.hex,0,[0,0],"02"),16)+1};this.getSignatureAlgorithmField=function(){var n=c(this.hex,0,[0,this.posSigAlg],"30");return j.getAlgorithmIdentifierName(n)};this.getIssuer=function(){return j.getX500Name(this.getIssuerHex())};this.getIssuerHex=function(){return c(this.hex,0,[0,this.posSigAlg+1],"30")};this.getThisUpdate=function(){var n=h(this.hex,0,[0,this.posSigAlg+2]);return result=hextorstr(n)};this.getNextUpdate=function(){var o=i(this.hex,0,[0,this.posSigAlg+3]);var n=this.hex.substr(o,2);if(n!="17"&&n!="18"){return null}return hextorstr(k(this.hex,o))};this.getRevCertArray=function(){if(this.posRevCert==null){return null}var o=[];var n=i(this.hex,0,[0,this.posRevCert]);var p=l(this.hex,n);for(var q=0;q<p.length;q++){var r=b(this.hex,p[q]);o.push(this.getRevCert(r))}return o};this.getRevCert=function(p){var o={};var n=l(p,0);o.sn={hex:h(p,0,[0],"02")};o.date=hextorstr(h(p,0,[1]));if(n.length==3){o.ext=j.getExtParamArray(c(p,0,[2]))}return o};this.findRevCert=function(p){var n=new X509(p);var o=n.getSerialNumberHex();return this.findRevCertBySN(o)};this.findRevCertBySN=function(o){if(this.parsed==null){this.getParam()}if(this.parsed.revcert==null){return null}var n=this.parsed.revcert;for(var p=0;p<n.length;p++){if(o==n[p].sn.hex){return n[p]}}return null};this.getSignatureValueHex=function(){return h(this.hex,0,[2],"03",true)};this.verifySignature=function(o){var p=this.getSignatureAlgorithmField();var n=this.getSignatureValueHex();var q=c(this.hex,0,[0],"30");var r=new KJUR.crypto.Signature({alg:p});r.init(o);r.updateHex(q);return r.verify(n)};this.getParam=function(r){var n={};var p=this.getVersion();if(p!=null){n.version=p}n.sigalg=this.getSignatureAlgorithmField();n.issuer=this.getIssuer();n.thisupdate=this.getThisUpdate();var q=this.getNextUpdate();if(q!=null){n.nextupdate=q}var t=this.getRevCertArray();if(t!=null){n.revcert=t}var s=g(this.hex,0,[0,"[0]"]);if(s!=-1){var o=d(this.hex,0,[0,"[0]",0]);n.ext=j.getExtParamArray(o)}n.sighex=this.getSignatureValueHex();this.parsed=n;if(typeof r=="object"){if(r.tbshex==true){n.tbshex=c(this.hex,0,[0])}if(r.nodnarray==true){delete n.issuer.array}}return n};if(typeof e=="string"){if(f(e)){this.hex=e}else{if(e.match(/-----BEGIN X509 CRL/)){this.hex=pemtohex(e)}}this._setPos()}};
 if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.jws=="undefined"||!KJUR.jws){KJUR.jws={}}KJUR.jws.JWS=function(){var b=KJUR,a=b.jws.JWS,c=a.isSafeJSONString;this.parseJWS=function(g,j){if((this.parsedJWS!==undefined)&&(j||(this.parsedJWS.sigvalH!==undefined))){return}var i=g.match(/^([^.]+)\.([^.]+)\.([^.]+)$/);if(i==null){throw"JWS signature is not a form of 'Head.Payload.SigValue'."}var k=i[1];var e=i[2];var l=i[3];var n=k+"."+e;this.parsedJWS={};this.parsedJWS.headB64U=k;this.parsedJWS.payloadB64U=e;this.parsedJWS.sigvalB64U=l;this.parsedJWS.si=n;if(!j){var h=b64utohex(l);var f=parseBigInt(h,16);this.parsedJWS.sigvalH=h;this.parsedJWS.sigvalBI=f}var d=b64utoutf8(k);var m=b64utoutf8(e);this.parsedJWS.headS=d;this.parsedJWS.payloadS=m;if(!c(d,this.parsedJWS,"headP")){throw"malformed JSON string for JWS Head: "+d}}};KJUR.jws.JWS.sign=function(j,w,z,A,a){var x=KJUR,n=x.jws,r=n.JWS,h=r.readSafeJSONString,q=r.isSafeJSONString,d=x.crypto,l=d.ECDSA,p=d.Mac,c=d.Signature,u=JSON;var t,k,o;if(typeof w!="string"&&typeof w!="object"){throw"spHeader must be JSON string or object: "+w}if(typeof w=="object"){k=w;t=u.stringify(k)}if(typeof w=="string"){t=w;if(!q(t)){throw"JWS Head is not safe JSON string: "+t}k=h(t)}o=z;if(typeof z=="object"){o=u.stringify(z)}if((j==""||j==null)&&k.alg!==undefined){j=k.alg}if((j!=""&&j!=null)&&k.alg===undefined){k.alg=j;t=u.stringify(k)}if(j!==k.alg){throw"alg and sHeader.alg doesn't match: "+j+"!="+k.alg}var s=null;if(r.jwsalg2sigalg[j]===undefined){throw"unsupported alg name: "+j}else{s=r.jwsalg2sigalg[j]}var e=utf8tob64u(t);var m=utf8tob64u(o);var b=e+"."+m;var y="";if(s.substr(0,4)=="Hmac"){if(A===undefined){throw"mac key shall be specified for HS* alg"}var i=new p({alg:s,prov:"cryptojs",pass:A});i.updateString(b);y=i.doFinal()}else{if(s.indexOf("withECDSA")!=-1){var f=new c({alg:s});f.init(A,a);f.updateString(b);var g=f.sign();y=KJUR.crypto.ECDSA.asn1SigToConcatSig(g)}else{if(s!="none"){var f=new c({alg:s});f.init(A,a);f.updateString(b);y=f.sign()}}}var v=hextob64u(y);return b+"."+v};KJUR.jws.JWS.verify=function(w,B,n){var x=KJUR,q=x.jws,t=q.JWS,i=t.readSafeJSONString,e=x.crypto,p=e.ECDSA,s=e.Mac,d=e.Signature,m;if(typeof RSAKey!==undefined){m=RSAKey}if(!isBase64URLDot(w)){return false}var y=w.split(".");if(y.length!==3){return false}var f=y[0];var r=y[1];var c=f+"."+r;var A=b64utohex(y[2]);var l=i(b64utoutf8(y[0]));var k=null;var z=null;if(l.alg===undefined){throw"algorithm not specified in header"}else{k=l.alg;z=k.substr(0,2)}if(n!=null&&Object.prototype.toString.call(n)==="[object Array]"&&n.length>0){var b=":"+n.join(":")+":";if(b.indexOf(":"+k+":")==-1){throw"algorithm '"+k+"' not accepted in the list"}}if(k!="none"&&B===null){throw"key shall be specified to verify."}if(typeof B=="string"&&B.indexOf("-----BEGIN ")!=-1){B=KEYUTIL.getKey(B)}if(z=="RS"||z=="PS"){if(!(B instanceof m)){throw"key shall be a RSAKey obj for RS* and PS* algs"}}if(z=="ES"){if(!(B instanceof p)){throw"key shall be a ECDSA obj for ES* algs"}}if(k=="none"){}var u=null;if(t.jwsalg2sigalg[l.alg]===undefined){throw"unsupported alg name: "+k}else{u=t.jwsalg2sigalg[k]}if(u=="none"){throw"not supported"}else{if(u.substr(0,4)=="Hmac"){var o=null;if(B===undefined){throw"hexadecimal key shall be specified for HMAC"}var j=new s({alg:u,pass:B});j.updateString(c);o=j.doFinal();return A==o}else{if(u.indexOf("withECDSA")!=-1){var h=null;try{h=p.concatSigToASN1Sig(A)}catch(v){return false}var g=new d({alg:u});g.init(B);g.updateString(c);return g.verify(h)}else{var g=new d({alg:u});g.init(B);g.updateString(c);return g.verify(A)}}}};KJUR.jws.JWS.parse=function(g){var c=g.split(".");var b={};var f,e,d;if(c.length!=2&&c.length!=3){throw"malformed sJWS: wrong number of '.' splitted elements"}f=c[0];e=c[1];if(c.length==3){d=c[2]}b.headerObj=KJUR.jws.JWS.readSafeJSONString(b64utoutf8(f));b.payloadObj=KJUR.jws.JWS.readSafeJSONString(b64utoutf8(e));b.headerPP=JSON.stringify(b.headerObj,null,"  ");if(b.payloadObj==null){b.payloadPP=b64utoutf8(e)}else{b.payloadPP=JSON.stringify(b.payloadObj,null,"  ")}if(d!==undefined){b.sigHex=b64utohex(d)}return b};KJUR.jws.JWS.verifyJWT=function(e,l,r){var d=KJUR,j=d.jws,o=j.JWS,n=o.readSafeJSONString,p=o.inArray,f=o.includedArray;if(!isBase64URLDot(e)){return false}var k=e.split(".");if(k.length!=3){return false}var c=k[0];var i=k[1];var q=c+"."+i;var m=b64utohex(k[2]);var h=n(b64utoutf8(c));var g=n(b64utoutf8(i));if(h.alg===undefined){return false}if(r.alg===undefined){throw"acceptField.alg shall be specified"}if(!p(h.alg,r.alg)){return false}if(g.iss!==undefined&&typeof r.iss==="object"){if(!p(g.iss,r.iss)){return false}}if(g.sub!==undefined&&typeof r.sub==="object"){if(!p(g.sub,r.sub)){return false}}if(g.aud!==undefined&&typeof r.aud==="object"){if(typeof g.aud=="string"){if(!p(g.aud,r.aud)){return false}}else{if(typeof g.aud=="object"){if(!f(g.aud,r.aud)){return false}}}}var b=j.IntDate.getNow();if(r.verifyAt!==undefined&&typeof r.verifyAt==="number"){b=r.verifyAt}if(r.gracePeriod===undefined||typeof r.gracePeriod!=="number"){r.gracePeriod=0}if(g.exp!==undefined&&typeof g.exp=="number"){if(g.exp+r.gracePeriod<b){return false}}if(g.nbf!==undefined&&typeof g.nbf=="number"){if(b<g.nbf-r.gracePeriod){return false}}if(g.iat!==undefined&&typeof g.iat=="number"){if(b<g.iat-r.gracePeriod){return false}}if(g.jti!==undefined&&r.jti!==undefined){if(g.jti!==r.jti){return false}}if(!o.verify(e,l,r.alg)){return false}return true};KJUR.jws.JWS.includedArray=function(b,a){var c=KJUR.jws.JWS.inArray;if(b===null){return false}if(typeof b!=="object"){return false}if(typeof b.length!=="number"){return false}for(var d=0;d<b.length;d++){if(!c(b[d],a)){return false}}return true};KJUR.jws.JWS.inArray=function(d,b){if(b===null){return false}if(typeof b!=="object"){return false}if(typeof b.length!=="number"){return false}for(var c=0;c<b.length;c++){if(b[c]==d){return true}}return false};KJUR.jws.JWS.jwsalg2sigalg={HS256:"HmacSHA256",HS384:"HmacSHA384",HS512:"HmacSHA512",RS256:"SHA256withRSA",RS384:"SHA384withRSA",RS512:"SHA512withRSA",ES256:"SHA256withECDSA",ES384:"SHA384withECDSA",ES512:"SHA512withECDSA",PS256:"SHA256withRSAandMGF1",PS384:"SHA384withRSAandMGF1",PS512:"SHA512withRSAandMGF1",none:"none",};KJUR.jws.JWS.isSafeJSONString=function(c,b,d){var e=null;try{e=jsonParse(c);if(typeof e!="object"){return 0}if(e.constructor===Array){return 0}if(b){b[d]=e}return 1}catch(a){return 0}};KJUR.jws.JWS.readSafeJSONString=function(b){var c=null;try{c=jsonParse(b);if(typeof c!="object"){return null}if(c.constructor===Array){return null}return c}catch(a){return null}};KJUR.jws.JWS.getEncodedSignatureValueFromJWS=function(b){var a=b.match(/^[^.]+\.[^.]+\.([^.]+)$/);if(a==null){throw"JWS signature is not a form of 'Head.Payload.SigValue'."}return a[1]};KJUR.jws.JWS.getJWKthumbprint=function(d){if(d.kty!=="RSA"&&d.kty!=="EC"&&d.kty!=="oct"){throw"unsupported algorithm for JWK Thumprint"}var a="{";if(d.kty==="RSA"){if(typeof d.n!="string"||typeof d.e!="string"){throw"wrong n and e value for RSA key"}a+='"e":"'+d.e+'",';a+='"kty":"'+d.kty+'",';a+='"n":"'+d.n+'"}'}else{if(d.kty==="EC"){if(typeof d.crv!="string"||typeof d.x!="string"||typeof d.y!="string"){throw"wrong crv, x and y value for EC key"}a+='"crv":"'+d.crv+'",';a+='"kty":"'+d.kty+'",';a+='"x":"'+d.x+'",';a+='"y":"'+d.y+'"}'}else{if(d.kty==="oct"){if(typeof d.k!="string"){throw"wrong k value for oct(symmetric) key"}a+='"kty":"'+d.kty+'",';a+='"k":"'+d.k+'"}'}}}var b=rstrtohex(a);var c=KJUR.crypto.Util.hashHex(b,"sha256");var e=hextob64u(c);return e};KJUR.jws.IntDate={};KJUR.jws.IntDate.get=function(c){var b=KJUR.jws.IntDate,d=b.getNow,a=b.getZulu;if(c=="now"){return d()}else{if(c=="now + 1hour"){return d()+60*60}else{if(c=="now + 1day"){return d()+60*60*24}else{if(c=="now + 1month"){return d()+60*60*24*30}else{if(c=="now + 1year"){return d()+60*60*24*365}else{if(c.match(/Z$/)){return a(c)}else{if(c.match(/^[0-9]+$/)){return parseInt(c)}}}}}}}throw"unsupported format: "+c};KJUR.jws.IntDate.getZulu=function(a){return zulutosec(a)};KJUR.jws.IntDate.getNow=function(){var a=~~(new Date()/1000);return a};KJUR.jws.IntDate.intDate2UTCString=function(a){var b=new Date(a*1000);return b.toUTCString()};KJUR.jws.IntDate.intDate2Zulu=function(e){var i=new Date(e*1000),h=("0000"+i.getUTCFullYear()).slice(-4),g=("00"+(i.getUTCMonth()+1)).slice(-2),b=("00"+i.getUTCDate()).slice(-2),a=("00"+i.getUTCHours()).slice(-2),c=("00"+i.getUTCMinutes()).slice(-2),f=("00"+i.getUTCSeconds()).slice(-2);return h+g+b+a+c+f+"Z"};
 if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.jws=="undefined"||!KJUR.jws){KJUR.jws={}}KJUR.jws.JWSJS=function(){var c=KJUR,b=c.jws,a=b.JWS,d=a.readSafeJSONString;this.aHeader=[];this.sPayload="";this.aSignature=[];this.init=function(){this.aHeader=[];this.sPayload=undefined;this.aSignature=[]};this.initWithJWS=function(f){this.init();var e=f.split(".");if(e.length!=3){throw"malformed input JWS"}this.aHeader.push(e[0]);this.sPayload=e[1];this.aSignature.push(e[2])};this.addSignature=function(e,h,m,k){if(this.sPayload===undefined||this.sPayload===null){throw"there's no JSON-JS signature to add."}var l=this.aHeader.length;if(this.aHeader.length!=this.aSignature.length){throw"aHeader.length != aSignature.length"}try{var f=KJUR.jws.JWS.sign(e,h,this.sPayload,m,k);var j=f.split(".");var n=j[0];var g=j[2];this.aHeader.push(j[0]);this.aSignature.push(j[2])}catch(i){if(this.aHeader.length>l){this.aHeader.pop()}if(this.aSignature.length>l){this.aSignature.pop()}throw"addSignature failed: "+i}};this.verifyAll=function(h){if(this.aHeader.length!==h.length||this.aSignature.length!==h.length){return false}for(var g=0;g<h.length;g++){var f=h[g];if(f.length!==2){return false}var e=this.verifyNth(g,f[0],f[1]);if(e===false){return false}}return true};this.verifyNth=function(f,j,g){if(this.aHeader.length<=f||this.aSignature.length<=f){return false}var h=this.aHeader[f];var k=this.aSignature[f];var l=h+"."+this.sPayload+"."+k;var e=false;try{e=a.verify(l,j,g)}catch(i){return false}return e};this.readJWSJS=function(g){if(typeof g==="string"){var f=d(g);if(f==null){throw"argument is not safe JSON object string"}this.aHeader=f.headers;this.sPayload=f.payload;this.aSignature=f.signatures}else{try{if(g.headers.length>0){this.aHeader=g.headers}else{throw"malformed header"}if(typeof g.payload==="string"){this.sPayload=g.payload}else{throw"malformed signatures"}if(g.signatures.length>0){this.aSignature=g.signatures}else{throw"malformed signatures"}}catch(e){throw"malformed JWS-JS JSON object: "+e}}};this.getJSON=function(){return{headers:this.aHeader,payload:this.sPayload,signatures:this.aSignature}};this.isEmpty=function(){if(this.aHeader.length==0){return 1}return 0}};
diff --git a/jsrsasign-jwths-min.js b/jsrsasign-jwths-min.js
index 819cf98c..6fff29fe 100644
--- a/jsrsasign-jwths-min.js
+++ b/jsrsasign-jwths-min.js
@@ -1,5 +1,5 @@
 /*
- * jsrsasign(jwths) 10.5.27 (2022-08-19) (c) 2010-2022 Kenji Urushima | kjur.github.io/jsrsasign/license
+ * jsrsasign(jwths) 10.6.0 (2022-11-04) (c) 2010-2022 Kenji Urushima | kjur.github.io/jsrsasign/license
  */
 
 /*! CryptoJS v3.1.2 core-fix.js
diff --git a/jsrsasign-rsa-min.js b/jsrsasign-rsa-min.js
index 409fef33..871ae541 100644
--- a/jsrsasign-rsa-min.js
+++ b/jsrsasign-rsa-min.js
@@ -1,5 +1,5 @@
 /*
- * jsrsasign(rsa) 10.5.27 (2022-08-19) (c) 2010-2022 Kenji Urushima | kjur.github.io/jsrsasign/license
+ * jsrsasign(rsa) 10.6.0 (2022-11-04) (c) 2010-2022 Kenji Urushima | kjur.github.io/jsrsasign/license
  */
 
 /*! CryptoJS v3.1.2 core-fix.js
diff --git a/min/asn1x509-1.0.min.js b/min/asn1x509-1.0.min.js
index 99019337..84f2dde1 100644
--- a/min/asn1x509-1.0.min.js
+++ b/min/asn1x509-1.0.min.js
@@ -1 +1 @@
-if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}if(typeof KJUR.asn1.x509=="undefined"||!KJUR.asn1.x509){KJUR.asn1.x509={}}KJUR.asn1.x509.Certificate=function(h){KJUR.asn1.x509.Certificate.superclass.constructor.call(this);var d=KJUR,c=d.asn1,f=c.DERBitString,b=c.DERSequence,g=c.x509,a=g.TBSCertificate,e=g.AlgorithmIdentifier;this.params=undefined;this.setByParam=function(i){this.params=i};this.sign=function(){var l=this.params;var k=l.sigalg;if(l.sigalg.name!=undefined){k=l.sigalg.name}var i=l.tbsobj.tohex();var j=new KJUR.crypto.Signature({alg:k});j.init(l.cakey);j.updateHex(i);l.sighex=j.sign()};this.getPEM=function(){return hextopem(this.tohex(),"CERTIFICATE")};this.tohex=function(){var k=this.params;if(k.tbsobj==undefined||k.tbsobj==null){k.tbsobj=new a(k)}if(k.sighex==undefined&&k.cakey!=undefined){this.sign()}if(k.sighex==undefined){throw new Error("sighex or cakey parameter not defined")}var i=[];i.push(k.tbsobj);i.push(new e({name:k.sigalg}));i.push(new f({hex:"00"+k.sighex}));var j=new b({array:i});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};if(h!=undefined){this.params=h}};extendClass(KJUR.asn1.x509.Certificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.TBSCertificate=function(f){KJUR.asn1.x509.TBSCertificate.superclass.constructor.call(this);var b=KJUR,i=b.asn1,d=i.x509,c=i.DERTaggedObject,h=i.DERInteger,g=i.DERSequence,l=d.AlgorithmIdentifier,e=d.Time,a=d.X500Name,j=d.Extensions,k=d.SubjectPublicKeyInfo;this.params=null;this.setByParam=function(m){this.params=m};this.tohex=function(){var n=[];var q=this.params;if(q.version!=undefined||q.version!=1){var m=2;if(q.version!=undefined){m=q.version-1}var p=new c({obj:new h({"int":m})});n.push(p)}n.push(new h(q.serial));n.push(new l({name:q.sigalg}));n.push(new a(q.issuer));n.push(new g({array:[new e(q.notbefore),new e(q.notafter)]}));n.push(new a(q.subject));n.push(new k(KEYUTIL.getKey(q.sbjpubkey)));if(q.ext!==undefined&&q.ext.length>0){n.push(new c({tag:"a3",obj:new j(q.ext)}))}var o=new KJUR.asn1.DERSequence({array:n});return o.tohex()};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.TBSCertificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Extensions=function(d){KJUR.asn1.x509.Extensions.superclass.constructor.call(this);var c=KJUR,b=c.asn1,a=b.DERSequence,e=b.x509;this.aParam=[];this.setByParam=function(f){this.aParam=f};this.tohex=function(){var f=[];for(var h=0;h<this.aParam.length;h++){var l=this.aParam[h];var k=l.extname;var j=null;if(l.extn!=undefined){j=new e.PrivateExtension(l)}else{if(k=="subjectKeyIdentifier"){j=new e.SubjectKeyIdentifier(l)}else{if(k=="keyUsage"){j=new e.KeyUsage(l)}else{if(k=="subjectAltName"){j=new e.SubjectAltName(l)}else{if(k=="issuerAltName"){j=new e.IssuerAltName(l)}else{if(k=="basicConstraints"){j=new e.BasicConstraints(l)}else{if(k=="nameConstraints"){j=new e.NameConstraints(l)}else{if(k=="cRLDistributionPoints"){j=new e.CRLDistributionPoints(l)}else{if(k=="certificatePolicies"){j=new e.CertificatePolicies(l)}else{if(k=="authorityKeyIdentifier"){j=new e.AuthorityKeyIdentifier(l)}else{if(k=="extKeyUsage"){j=new e.ExtKeyUsage(l)}else{if(k=="authorityInfoAccess"){j=new e.AuthorityInfoAccess(l)}else{if(k=="cRLNumber"){j=new e.CRLNumber(l)}else{if(k=="cRLReason"){j=new e.CRLReason(l)}else{if(k=="ocspNonce"){j=new e.OCSPNonce(l)}else{if(k=="ocspNoCheck"){j=new e.OCSPNoCheck(l)}else{if(k=="adobeTimeStamp"){j=new e.AdobeTimeStamp(l)}else{if(k=="subjectDirectoryAttributes"){j=new e.SubjectDirectoryAttributes(l)}else{throw new Error("extension not supported:"+JSON.stringify(l))}}}}}}}}}}}}}}}}}}if(j!=null){f.push(j)}}var g=new a({array:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(d!=undefined){this.setByParam(d)}};extendClass(KJUR.asn1.x509.Extensions,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Extension=function(d){KJUR.asn1.x509.Extension.superclass.constructor.call(this);var f=null,a=KJUR,e=a.asn1,h=e.DERObjectIdentifier,i=e.DEROctetString,b=e.DERBitString,g=e.DERBoolean,c=e.DERSequence;this.tohex=function(){var m=new h({oid:this.oid});var l=new i({hex:this.getExtnValueHex()});var k=new Array();k.push(m);if(this.critical){k.push(new g())}k.push(l);var j=new c({array:k});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};this.critical=false;if(d!==undefined){if(d.critical!==undefined){this.critical=d.critical}}};extendClass(KJUR.asn1.x509.Extension,KJUR.asn1.ASN1Object);KJUR.asn1.x509.KeyUsage=function(c){KJUR.asn1.x509.KeyUsage.superclass.constructor.call(this,c);var b=Error;var a={digitalSignature:0,nonRepudiation:1,keyEncipherment:2,dataEncipherment:3,keyAgreement:4,keyCertSign:5,cRLSign:6,encipherOnly:7,decipherOnly:8};this.getExtnValueHex=function(){var d=this.getBinValue();this.asn1ExtnValue=new KJUR.asn1.DERBitString({bin:d});return this.asn1ExtnValue.tohex()};this.getBinValue=function(){var d=this.params;if(typeof d!="object"||(typeof d.names!="object"&&typeof d.bin!="string")){throw new b("parameter not yet set")}if(d.names!=undefined){return namearraytobinstr(d.names,a)}else{if(d.bin!=undefined){return d.bin}else{throw new b("parameter not set properly")}}};this.oid="2.5.29.15";if(c!==undefined){this.params=c}};extendClass(KJUR.asn1.x509.KeyUsage,KJUR.asn1.x509.Extension);KJUR.asn1.x509.BasicConstraints=function(g){KJUR.asn1.x509.BasicConstraints.superclass.constructor.call(this,g);var c=KJUR.asn1,e=c.DERBoolean,f=c.DERInteger,b=c.DERSequence;var a=false;var d=-1;this.getExtnValueHex=function(){var i=new Array();if(this.cA){i.push(new e())}if(this.pathLen>-1){i.push(new f({"int":this.pathLen}))}var h=new b({array:i});this.asn1ExtnValue=h;return this.asn1ExtnValue.tohex()};this.oid="2.5.29.19";this.cA=false;this.pathLen=-1;if(g!==undefined){if(g.cA!==undefined){this.cA=g.cA}if(g.pathLen!==undefined){this.pathLen=g.pathLen}}};extendClass(KJUR.asn1.x509.BasicConstraints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRLDistributionPoints=function(d){KJUR.asn1.x509.CRLDistributionPoints.superclass.constructor.call(this,d);var b=KJUR,a=b.asn1,c=a.x509;this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.setByDPArray=function(e){var f=[];for(var g=0;g<e.length;g++){if(e[g] instanceof KJUR.asn1.ASN1Object){f.push(e[g])}else{var h=new c.DistributionPoint(e[g]);f.push(h)}}this.asn1ExtnValue=new a.DERSequence({array:f})};this.setByOneURI=function(f){var e=new c.DistributionPoint({fulluri:f});this.setByDPArray([e])};this.oid="2.5.29.31";if(d!==undefined){if(d.array!==undefined){this.setByDPArray(d.array)}else{if(d.uri!==undefined){this.setByOneURI(d.uri)}}}};extendClass(KJUR.asn1.x509.CRLDistributionPoints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.DistributionPoint=function(e){KJUR.asn1.x509.DistributionPoint.superclass.constructor.call(this);var a=null,c=KJUR,b=c.asn1,d=b.x509.DistributionPointName;this.tohex=function(){var f=new b.DERSequence();if(this.asn1DP!=null){var g=new b.DERTaggedObject({explicit:true,tag:"a0",obj:this.asn1DP});f.appendASN1Object(g)}this.hTLV=f.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){if(e.dpobj!==undefined){this.asn1DP=e.dpobj}else{if(e.dpname!==undefined){this.asn1DP=new d(e.dpname)}else{if(e.fulluri!==undefined){this.asn1DP=new d({full:[{uri:e.fulluri}]})}}}}};extendClass(KJUR.asn1.x509.DistributionPoint,KJUR.asn1.ASN1Object);KJUR.asn1.x509.DistributionPointName=function(h){KJUR.asn1.x509.DistributionPointName.superclass.constructor.call(this);var g=null,d=null,a=null,f=null,c=KJUR,b=c.asn1,e=b.DERTaggedObject;this.tohex=function(){if(this.type!="full"){throw new Error("currently type shall be 'full': "+this.type)}this.asn1Obj=new e({explicit:false,tag:this.tag,obj:this.asn1V});this.hTLV=this.asn1Obj.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(h!==undefined){if(b.x509.GeneralNames.prototype.isPrototypeOf(h)){this.type="full";this.tag="a0";this.asn1V=h}else{if(h.full!==undefined){this.type="full";this.tag="a0";this.asn1V=new b.x509.GeneralNames(h.full)}else{throw new Error("This class supports GeneralNames only as argument")}}}};extendClass(KJUR.asn1.x509.DistributionPointName,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CertificatePolicies=function(f){KJUR.asn1.x509.CertificatePolicies.superclass.constructor.call(this,f);var c=KJUR,b=c.asn1,e=b.x509,a=b.DERSequence,d=e.PolicyInformation;this.params=null;this.getExtnValueHex=function(){var j=[];for(var h=0;h<this.params.array.length;h++){j.push(new d(this.params.array[h]))}var g=new a({array:j});this.asn1ExtnValue=g;return this.asn1ExtnValue.tohex()};this.oid="2.5.29.32";if(f!==undefined){this.params=f}};extendClass(KJUR.asn1.x509.CertificatePolicies,KJUR.asn1.x509.Extension);KJUR.asn1.x509.PolicyInformation=function(d){KJUR.asn1.x509.PolicyInformation.superclass.constructor.call(this,d);var c=KJUR.asn1,b=c.DERSequence,e=c.DERObjectIdentifier,a=c.x509.PolicyQualifierInfo;this.params=null;this.tohex=function(){if(this.params.policyoid===undefined&&this.params.array===undefined){throw new Error("parameter oid and array missing")}var f=[new e(this.params.policyoid)];if(this.params.array!==undefined){var j=[];for(var h=0;h<this.params.array.length;h++){j.push(new a(this.params.array[h]))}if(j.length>0){f.push(new b({array:j}))}}var g=new b({array:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(d!==undefined){this.params=d}};extendClass(KJUR.asn1.x509.PolicyInformation,KJUR.asn1.ASN1Object);KJUR.asn1.x509.PolicyQualifierInfo=function(e){KJUR.asn1.x509.PolicyQualifierInfo.superclass.constructor.call(this,e);var c=KJUR.asn1,b=c.DERSequence,d=c.DERIA5String,f=c.DERObjectIdentifier,a=c.x509.UserNotice;this.params=null;this.tohex=function(){if(this.params.cps!==undefined){var g=new b({array:[new f({oid:"1.3.6.1.5.5.7.2.1"}),new d({str:this.params.cps})]});return g.tohex()}if(this.params.unotice!=undefined){var g=new b({array:[new f({oid:"1.3.6.1.5.5.7.2.2"}),new a(this.params.unotice)]});return g.tohex()}};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){this.params=e}};extendClass(KJUR.asn1.x509.PolicyQualifierInfo,KJUR.asn1.ASN1Object);KJUR.asn1.x509.UserNotice=function(e){KJUR.asn1.x509.UserNotice.superclass.constructor.call(this,e);var a=KJUR.asn1.DERSequence,d=KJUR.asn1.DERInteger,c=KJUR.asn1.x509.DisplayText,b=KJUR.asn1.x509.NoticeReference;this.params=null;this.tohex=function(){var f=[];if(this.params.noticeref!==undefined){f.push(new b(this.params.noticeref))}if(this.params.exptext!==undefined){f.push(new c(this.params.exptext))}var g=new a({array:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){this.params=e}};extendClass(KJUR.asn1.x509.UserNotice,KJUR.asn1.ASN1Object);KJUR.asn1.x509.NoticeReference=function(d){KJUR.asn1.x509.NoticeReference.superclass.constructor.call(this,d);var a=KJUR.asn1.DERSequence,c=KJUR.asn1.DERInteger,b=KJUR.asn1.x509.DisplayText;this.params=null;this.tohex=function(){var f=[];if(this.params.org!==undefined){f.push(new b(this.params.org))}if(this.params.noticenum!==undefined){var h=[];var e=this.params.noticenum;for(var j=0;j<e.length;j++){h.push(new c(e[j]))}f.push(new a({array:h}))}if(f.length==0){throw new Error("parameter is empty")}var g=new a({array:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(d!==undefined){this.params=d}};extendClass(KJUR.asn1.x509.NoticeReference,KJUR.asn1.ASN1Object);KJUR.asn1.x509.DisplayText=function(a){KJUR.asn1.x509.DisplayText.superclass.constructor.call(this,a);this.hT="0c";if(a!==undefined){if(a.type==="ia5"){this.hT="16"}else{if(a.type==="vis"){this.hT="1a"}else{if(a.type==="bmp"){this.hT="1e"}}}}};extendClass(KJUR.asn1.x509.DisplayText,KJUR.asn1.DERAbstractString);KJUR.asn1.x509.NameConstraints=function(f){KJUR.asn1.x509.NameConstraints.superclass.constructor.call(this,f);var c=KJUR,b=c.asn1,e=b.x509,a=b.ASN1Util.newObject,d=e.GeneralSubtree;this.params=null;this.getExtnValueHex=function(){var l=this.params;var g=[];if(l.permit!=undefined&&l.permit.length!=undefined){var k=[];for(var h=0;h<l.permit.length;h++){k.push(new d(l.permit[h]))}g.push({tag:{tagi:"a0",obj:{seq:k}}})}if(l.exclude!=undefined&&l.exclude.length!=undefined){var j=[];for(var h=0;h<l.exclude.length;h++){j.push(new d(l.exclude[h]))}g.push({tag:{tagi:"a1",obj:{seq:j}}})}this.asn1ExtnValue=a({seq:g});return this.asn1ExtnValue.tohex()};this.oid="2.5.29.30";if(f!==undefined){this.params=f}};extendClass(KJUR.asn1.x509.NameConstraints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.GeneralSubtree=function(e){KJUR.asn1.x509.GeneralSubtree.superclass.constructor.call(this);var b=KJUR.asn1,d=b.x509,c=d.GeneralName,a=b.ASN1Util.newObject;this.params=null;this.setByParam=function(f){this.params=f};this.tohex=function(){var h=this.params;var f=[new c(h)];if(h.min!=undefined){f.push({tag:{tagi:"80",obj:{"int":h.min}}})}if(h.max!=undefined){f.push({tag:{tagi:"81",obj:{"int":h.max}}})}var g=a({seq:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){this.setByParam(e)}};extendClass(KJUR.asn1.x509.GeneralSubtree,KJUR.asn1.ASN1Object);KJUR.asn1.x509.ExtKeyUsage=function(c){KJUR.asn1.x509.ExtKeyUsage.superclass.constructor.call(this,c);var b=KJUR,a=b.asn1;this.setPurposeArray=function(d){this.asn1ExtnValue=new a.DERSequence();for(var e=0;e<d.length;e++){var f=new a.DERObjectIdentifier(d[e]);this.asn1ExtnValue.appendASN1Object(f)}};this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.oid="2.5.29.37";if(c!==undefined){if(c.array!==undefined){this.setPurposeArray(c.array)}}};extendClass(KJUR.asn1.x509.ExtKeyUsage,KJUR.asn1.x509.Extension);KJUR.asn1.x509.AuthorityKeyIdentifier=function(f){KJUR.asn1.x509.AuthorityKeyIdentifier.superclass.constructor.call(this,f);var b=KJUR,a=b.asn1,d=a.DERTaggedObject,e=a.x509.GeneralNames,c=b.crypto.Util.isKey;this.asn1KID=null;this.asn1CertIssuer=null;this.asn1CertSN=null;this.getExtnValueHex=function(){var h=new Array();if(this.asn1KID){h.push(new d({explicit:false,tag:"80",obj:this.asn1KID}))}if(this.asn1CertIssuer){h.push(new d({explicit:false,tag:"a1",obj:new e([{dn:this.asn1CertIssuer}])}))}if(this.asn1CertSN){h.push(new d({explicit:false,tag:"82",obj:this.asn1CertSN}))}var g=new a.DERSequence({array:h});this.asn1ExtnValue=g;return this.asn1ExtnValue.tohex()};this.setKIDByParam=function(i){if(i.str!==undefined||i.hex!==undefined){this.asn1KID=new KJUR.asn1.DEROctetString(i)}else{if((typeof i==="object"&&KJUR.crypto.Util.isKey(i))||(typeof i==="string"&&i.indexOf("BEGIN ")!=-1)){var h=i;if(typeof i==="string"){h=KEYUTIL.getKey(i)}var g=KEYUTIL.getKeyID(h);this.asn1KID=new KJUR.asn1.DEROctetString({hex:g})}}};this.setCertIssuerByParam=function(g){if(g.str!==undefined||g.ldapstr!==undefined||g.hex!==undefined||g.certsubject!==undefined||g.certissuer!==undefined){this.asn1CertIssuer=new KJUR.asn1.x509.X500Name(g)}else{if(typeof g==="string"&&g.indexOf("BEGIN ")!=-1&&g.indexOf("CERTIFICATE")!=-1){this.asn1CertIssuer=new KJUR.asn1.x509.X500Name({certissuer:g})}}};this.setCertSNByParam=function(i){if(i.str!==undefined||i.bigint!==undefined||i.hex!==undefined){this.asn1CertSN=new KJUR.asn1.DERInteger(i)}else{if(typeof i==="string"&&i.indexOf("BEGIN ")!=-1&&i.indexOf("CERTIFICATE")){var g=new X509();g.readCertPEM(i);var h=g.getSerialNumberHex();this.asn1CertSN=new KJUR.asn1.DERInteger({hex:h})}}};this.oid="2.5.29.35";if(f!==undefined){if(f.kid!==undefined){this.setKIDByParam(f.kid)}if(f.issuer!==undefined){this.setCertIssuerByParam(f.issuer)}if(f.sn!==undefined){this.setCertSNByParam(f.sn)}if(f.issuersn!==undefined&&typeof f.issuersn==="string"&&f.issuersn.indexOf("BEGIN ")!=-1&&f.issuersn.indexOf("CERTIFICATE")){this.setCertSNByParam(f.issuersn);this.setCertIssuerByParam(f.issuersn)}}};extendClass(KJUR.asn1.x509.AuthorityKeyIdentifier,KJUR.asn1.x509.Extension);KJUR.asn1.x509.SubjectKeyIdentifier=function(d){KJUR.asn1.x509.SubjectKeyIdentifier.superclass.constructor.call(this,d);var b=KJUR,a=b.asn1,c=a.DEROctetString;this.asn1KID=null;this.getExtnValueHex=function(){this.asn1ExtnValue=this.asn1KID;return this.asn1ExtnValue.tohex()};this.setKIDByParam=function(g){if(g.str!==undefined||g.hex!==undefined){this.asn1KID=new c(g)}else{if((typeof g==="object"&&KJUR.crypto.Util.isKey(g))||(typeof g==="string"&&g.indexOf("BEGIN")!=-1)){var f=g;if(typeof g==="string"){f=KEYUTIL.getKey(g)}var e=KEYUTIL.getKeyID(f);this.asn1KID=new KJUR.asn1.DEROctetString({hex:e})}}};this.oid="2.5.29.14";if(d!==undefined){if(d.kid!==undefined){this.setKIDByParam(d.kid)}}};extendClass(KJUR.asn1.x509.SubjectKeyIdentifier,KJUR.asn1.x509.Extension);KJUR.asn1.x509.AuthorityInfoAccess=function(a){KJUR.asn1.x509.AuthorityInfoAccess.superclass.constructor.call(this,a);this.setAccessDescriptionArray=function(k){var d=new Array(),b=KJUR,g=b.asn1,c=g.DERSequence,j=g.DERObjectIdentifier,l=g.x509.GeneralName;for(var f=0;f<k.length;f++){var e;var h=k[f];if(h.ocsp!==undefined){e=new c({array:[new j({oid:"1.3.6.1.5.5.7.48.1"}),new l({uri:h.ocsp})]})}else{if(h.caissuer!==undefined){e=new c({array:[new j({oid:"1.3.6.1.5.5.7.48.2"}),new l({uri:h.caissuer})]})}else{throw new Error("unknown AccessMethod parameter: "+JSON.stringify(h))}}d.push(e)}this.asn1ExtnValue=new c({array:d})};this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.oid="1.3.6.1.5.5.7.1.1";if(a!==undefined){if(a.array!==undefined){this.setAccessDescriptionArray(a.array)}}};extendClass(KJUR.asn1.x509.AuthorityInfoAccess,KJUR.asn1.x509.Extension);KJUR.asn1.x509.SubjectAltName=function(a){KJUR.asn1.x509.SubjectAltName.superclass.constructor.call(this,a);this.setNameArray=function(b){this.asn1ExtnValue=new KJUR.asn1.x509.GeneralNames(b)};this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.oid="2.5.29.17";if(a!==undefined){if(a.array!==undefined){this.setNameArray(a.array)}}};extendClass(KJUR.asn1.x509.SubjectAltName,KJUR.asn1.x509.Extension);KJUR.asn1.x509.IssuerAltName=function(a){KJUR.asn1.x509.IssuerAltName.superclass.constructor.call(this,a);this.setNameArray=function(b){this.asn1ExtnValue=new KJUR.asn1.x509.GeneralNames(b)};this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.oid="2.5.29.18";if(a!==undefined){if(a.array!==undefined){this.setNameArray(a.array)}}};extendClass(KJUR.asn1.x509.IssuerAltName,KJUR.asn1.x509.Extension);KJUR.asn1.x509.SubjectDirectoryAttributes=function(e){KJUR.asn1.x509.SubjectDirectoryAttributes.superclass.constructor.call(this,e);var c=KJUR.asn1,a=c.DERSequence,b=c.ASN1Util.newObject,d=c.x509.OID.name2oid;this.params=null;this.getExtnValueHex=function(){var f=[];for(var j=0;j<this.params.array.length;j++){var k=this.params.array[j];var h={seq:[{oid:"1.2.3.4"},{set:[{utf8str:"DE"}]}]};if(k.attr=="dateOfBirth"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={gentime:k.str}}else{if(k.attr=="placeOfBirth"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={utf8str:k.str}}else{if(k.attr=="gender"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={prnstr:k.str}}else{if(k.attr=="countryOfCitizenship"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={prnstr:k.str}}else{if(k.attr=="countryOfResidence"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={prnstr:k.str}}else{throw new Error("unsupported attribute: "+k.attr)}}}}}f.push(new b(h))}var g=new a({array:f});this.asn1ExtnValue=g;return this.asn1ExtnValue.tohex()};this.oid="2.5.29.9";if(e!==undefined){this.params=e}};extendClass(KJUR.asn1.x509.SubjectDirectoryAttributes,KJUR.asn1.x509.Extension);KJUR.asn1.x509.PrivateExtension=function(f){KJUR.asn1.x509.PrivateExtension.superclass.constructor.call(this,f);var c=KJUR,e=c.lang.String.isHex,b=c.asn1,d=b.x509.OID.name2oid,a=b.ASN1Util.newObject;this.params=null;this.setByParam=function(g){this.oid=d(g.extname);this.params=g};this.getExtnValueHex=function(){if(this.params.extname==undefined||this.params.extn==undefined){throw new Error("extname or extnhex not specified")}var h=this.params.extn;if(typeof h=="string"&&e(h)){return h}else{if(typeof h=="object"){try{return a(h).tohex()}catch(g){}}}throw new Error("unsupported extn value")};if(f!=undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.PrivateExtension,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRL=function(g){KJUR.asn1.x509.CRL.superclass.constructor.call(this);var c=KJUR,b=c.asn1,a=b.DERSequence,e=b.DERBitString,f=b.x509,d=f.AlgorithmIdentifier,h=f.TBSCertList;this.params=undefined;this.setByParam=function(i){this.params=i};this.sign=function(){var j=(new h(this.params)).tohex();var k=new KJUR.crypto.Signature({alg:this.params.sigalg});k.init(this.params.cakey);k.updateHex(j);var i=k.sign();this.params.sighex=i};this.getPEM=function(){return hextopem(this.tohex(),"X509 CRL")};this.tohex=function(){var k=this.params;if(k.tbsobj==undefined){k.tbsobj=new h(k)}if(k.sighex==undefined&&k.cakey!=undefined){this.sign()}if(k.sighex==undefined){throw new Error("sighex or cakey parameter not defined")}var i=[];i.push(k.tbsobj);i.push(new d({name:k.sigalg}));i.push(new e({hex:"00"+k.sighex}));var j=new a({array:i});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!=undefined){this.params=g}};extendClass(KJUR.asn1.x509.CRL,KJUR.asn1.ASN1Object);KJUR.asn1.x509.TBSCertList=function(f){KJUR.asn1.x509.TBSCertList.superclass.constructor.call(this);var b=KJUR,i=b.asn1,h=i.DERInteger,g=i.DERSequence,c=i.DERTaggedObject,k=i.DERObjectIdentifier,d=i.x509,l=d.AlgorithmIdentifier,e=d.Time,j=d.Extensions,a=d.X500Name;this.params=null;this.setByParam=function(m){this.params=m};this.getRevCertSequence=function(){var m=[];var n=this.params.revcert;for(var o=0;o<n.length;o++){var p=[new h(n[o].sn),new e(n[o].date)];if(n[o].ext!=undefined){p.push(new j(n[o].ext))}m.push(new g({array:p}))}return new g({array:m})};this.tohex=function(){var n=[];var r=this.params;if(r.version!=undefined){var m=r.version-1;var p=new h({"int":m});n.push(p)}n.push(new l({name:r.sigalg}));n.push(new a(r.issuer));n.push(new e(r.thisupdate));if(r.nextupdate!=undefined){n.push(new e(r.nextupdate))}if(r.revcert!=undefined){n.push(this.getRevCertSequence())}if(r.ext!=undefined){var q=new j(r.ext);n.push(new c({tag:"a0",explicit:true,obj:q}))}var o=new g({array:n});return o.tohex()};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.TBSCertList,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CRLEntry=function(e){KJUR.asn1.x509.CRLEntry.superclass.constructor.call(this);var d=null,c=null,b=KJUR,a=b.asn1;this.setCertSerial=function(f){this.sn=new a.DERInteger(f)};this.setRevocationDate=function(f){this.time=new a.x509.Time(f)};this.tohex=function(){var f=new a.DERSequence({array:[this.sn,this.time]});this.TLV=f.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){if(e.time!==undefined){this.setRevocationDate(e.time)}if(e.sn!==undefined){this.setCertSerial(e.sn)}}};extendClass(KJUR.asn1.x509.CRLEntry,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CRLNumber=function(a){KJUR.asn1.x509.CRLNumber.superclass.constructor.call(this,a);this.params=undefined;this.getExtnValueHex=function(){this.asn1ExtnValue=new KJUR.asn1.DERInteger(this.params.num);return this.asn1ExtnValue.tohex()};this.oid="2.5.29.20";if(a!=undefined){this.params=a}};extendClass(KJUR.asn1.x509.CRLNumber,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRLReason=function(a){KJUR.asn1.x509.CRLReason.superclass.constructor.call(this,a);this.params=undefined;this.getExtnValueHex=function(){this.asn1ExtnValue=new KJUR.asn1.DEREnumerated(this.params.code);return this.asn1ExtnValue.tohex()};this.oid="2.5.29.21";if(a!=undefined){this.params=a}};extendClass(KJUR.asn1.x509.CRLReason,KJUR.asn1.x509.Extension);KJUR.asn1.x509.OCSPNonce=function(a){KJUR.asn1.x509.OCSPNonce.superclass.constructor.call(this,a);this.params=undefined;this.getExtnValueHex=function(){this.asn1ExtnValue=new KJUR.asn1.DEROctetString(this.params);return this.asn1ExtnValue.tohex()};this.oid="1.3.6.1.5.5.7.48.1.2";if(a!=undefined){this.params=a}};extendClass(KJUR.asn1.x509.OCSPNonce,KJUR.asn1.x509.Extension);KJUR.asn1.x509.OCSPNoCheck=function(a){KJUR.asn1.x509.OCSPNoCheck.superclass.constructor.call(this,a);this.params=undefined;this.getExtnValueHex=function(){this.asn1ExtnValue=new KJUR.asn1.DERNull();return this.asn1ExtnValue.tohex()};this.oid="1.3.6.1.5.5.7.48.1.5";if(a!=undefined){this.params=a}};extendClass(KJUR.asn1.x509.OCSPNoCheck,KJUR.asn1.x509.Extension);KJUR.asn1.x509.AdobeTimeStamp=function(g){KJUR.asn1.x509.AdobeTimeStamp.superclass.constructor.call(this,g);var c=KJUR,b=c.asn1,f=b.DERInteger,d=b.DERBoolean,a=b.DERSequence,e=b.x509.GeneralName;this.params=null;this.getExtnValueHex=function(){var i=this.params;var h=[new f(1)];h.push(new e({uri:i.uri}));if(i.reqauth!=undefined){h.push(new d(i.reqauth))}this.asn1ExtnValue=new a({array:h});return this.asn1ExtnValue.tohex()};this.oid="1.2.840.113583.1.1.9.1";if(g!==undefined){this.setByParam(g)}};extendClass(KJUR.asn1.x509.AdobeTimeStamp,KJUR.asn1.x509.Extension);KJUR.asn1.x509.X500Name=function(f){KJUR.asn1.x509.X500Name.superclass.constructor.call(this);this.asn1Array=[];this.paramArray=[];this.sRule="utf8";var c=KJUR,b=c.asn1,e=b.x509,d=e.RDN,a=pemtohex;this.setByString=function(g,l){if(l!==undefined){this.sRule=l}var k=g.split("/");k.shift();var j=[];for(var m=0;m<k.length;m++){if(k[m].match(/^[^=]+=.+$/)){j.push(k[m])}else{var h=j.length-1;j[h]=j[h]+"/"+k[m]}}for(var m=0;m<j.length;m++){this.asn1Array.push(new d({str:j[m],rule:this.sRule}))}};this.setByLdapString=function(g,h){if(h!==undefined){this.sRule=h}var i=e.X500Name.ldapToCompat(g);this.setByString(i,h)};this.setByObject=function(j,i){if(i!==undefined){this.sRule=i}for(var g in j){if(j.hasOwnProperty(g)){var h=new d({str:g+"="+j[g],rule:this.sRule});this.asn1Array?this.asn1Array.push(h):this.asn1Array=[h]}}};this.setByParam=function(h){if(h.rule!==undefined){this.sRule=h.rule}if(h.array!==undefined){this.paramArray=h.array}else{if(h.str!==undefined){this.setByString(h.str)}else{if(h.ldapstr!==undefined){this.setByLdapString(h.ldapstr)}else{if(h.hex!==undefined){this.hTLV=h.hex}else{if(h.certissuer!==undefined){var g=new X509();g.readCertPEM(h.certissuer);this.hTLV=g.getIssuerHex()}else{if(h.certsubject!==undefined){var g=new X509();g.readCertPEM(h.certsubject);this.hTLV=g.getSubjectHex()}else{if(typeof h==="object"&&h.certsubject===undefined&&h.certissuer===undefined){this.setByObject(h)}}}}}}}};this.tohex=function(){if(typeof this.hTLV=="string"){return this.hTLV}if(this.asn1Array.length==0&&this.paramArray.length>0){for(var g=0;g<this.paramArray.length;g++){var k={array:this.paramArray[g]};if(this.sRule!="utf8"){k.rule=this.sRule}var h=new d(k);this.asn1Array.push(h)}}var j=new b.DERSequence({array:this.asn1Array});this.hTLV=j.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.X500Name,KJUR.asn1.ASN1Object);KJUR.asn1.x509.X500Name.compatToLDAP=function(d){if(d.substr(0,1)!=="/"){throw"malformed input"}var b="";d=d.substr(1);var c=d.split("/");c.reverse();c=c.map(function(a){return a.replace(/,/,"\\,")});return c.join(",")};KJUR.asn1.x509.X500Name.onelineToLDAP=function(a){return KJUR.asn1.x509.X500Name.compatToLDAP(a)};KJUR.asn1.x509.X500Name.ldapToCompat=function(g){var c=g.split(",");var e=false;var b=[];for(var f=0;c.length>0;f++){var h=c.shift();if(e===true){var d=b.pop();var j=(d+","+h).replace(/\\,/g,",");b.push(j);e=false}else{b.push(h)}if(h.substr(-1,1)==="\\"){e=true}}b=b.map(function(a){return a.replace("/","\\/")});b.reverse();return"/"+b.join("/")};KJUR.asn1.x509.X500Name.ldapToOneline=function(a){return KJUR.asn1.x509.X500Name.ldapToCompat(a)};KJUR.asn1.x509.RDN=function(b){KJUR.asn1.x509.RDN.superclass.constructor.call(this);this.asn1Array=[];this.paramArray=[];this.sRule="utf8";var a=KJUR.asn1.x509.AttributeTypeAndValue;this.setByParam=function(c){if(c.rule!==undefined){this.sRule=c.rule}if(c.str!==undefined){this.addByMultiValuedString(c.str)}if(c.array!==undefined){this.paramArray=c.array}};this.addByString=function(c){this.asn1Array.push(new KJUR.asn1.x509.AttributeTypeAndValue({str:c,rule:this.sRule}))};this.addByMultiValuedString=function(e){var c=KJUR.asn1.x509.RDN.parseString(e);for(var d=0;d<c.length;d++){this.addByString(c[d])}};this.tohex=function(){if(this.asn1Array.length==0&&this.paramArray.length>0){for(var d=0;d<this.paramArray.length;d++){var f=this.paramArray[d];if(f.rule!==undefined&&this.sRule!="utf8"){f.rule=this.sRule}var c=new a(f);this.asn1Array.push(c)}}var e=new KJUR.asn1.DERSet({array:this.asn1Array});this.TLV=e.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};if(b!==undefined){this.setByParam(b)}};extendClass(KJUR.asn1.x509.RDN,KJUR.asn1.ASN1Object);KJUR.asn1.x509.RDN.parseString=function(m){var j=m.split(/\+/);var h=false;var c=[];for(var g=0;j.length>0;g++){var k=j.shift();if(h===true){var f=c.pop();var d=(f+"+"+k).replace(/\\\+/g,"+");c.push(d);h=false}else{c.push(k)}if(k.substr(-1,1)==="\\"){h=true}}var l=false;var b=[];for(var g=0;c.length>0;g++){var k=c.shift();if(l===true){var e=b.pop();if(k.match(/"$/)){var d=(e+"+"+k).replace(/^([^=]+)="(.*)"$/,"$1=$2");b.push(d);l=false}else{b.push(e+"+"+k)}}else{b.push(k)}if(k.match(/^[^=]+="/)){l=true}}return b};KJUR.asn1.x509.AttributeTypeAndValue=function(c){KJUR.asn1.x509.AttributeTypeAndValue.superclass.constructor.call(this);this.sRule="utf8";this.sType=null;this.sValue=null;this.dsType=null;var a=KJUR,g=a.asn1,d=g.DERSequence,l=g.DERUTF8String,i=g.DERPrintableString,h=g.DERTeletexString,b=g.DERIA5String,e=g.DERVisibleString,k=g.DERBMPString,f=a.lang.String.isMail,j=a.lang.String.isPrintable;this.setByParam=function(o){if(o.rule!==undefined){this.sRule=o.rule}if(o.ds!==undefined){this.dsType=o.ds}if(o.value===undefined&&o.str!==undefined){var n=o.str;var m=n.match(/^([^=]+)=(.+)$/);if(m){this.sType=m[1];this.sValue=m[2]}else{throw new Error("malformed attrTypeAndValueStr: "+attrTypeAndValueStr)}}else{this.sType=o.type;this.sValue=o.value}};this.setByString=function(n,o){if(o!==undefined){this.sRule=o}var m=n.match(/^([^=]+)=(.+)$/);if(m){this.setByAttrTypeAndValueStr(m[1],m[2])}else{throw new Error("malformed attrTypeAndValueStr: "+attrTypeAndValueStr)}};this._getDsType=function(){var o=this.sType;var n=this.sValue;var m=this.sRule;if(m==="prn"){if(o=="CN"&&f(n)){return"ia5"}if(j(n)){return"prn"}return"utf8"}else{if(m==="utf8"){if(o=="CN"&&f(n)){return"ia5"}if(o=="C"){return"prn"}return"utf8"}}return"utf8"};this.setByAttrTypeAndValueStr=function(o,n,m){if(m!==undefined){this.sRule=m}this.sType=o;this.sValue=n};this.getValueObj=function(n,m){if(n=="utf8"){return new l({str:m})}if(n=="prn"){return new i({str:m})}if(n=="tel"){return new h({str:m})}if(n=="ia5"){return new b({str:m})}if(n=="vis"){return new e({str:m})}if(n=="bmp"){return new k({str:m})}throw new Error("unsupported directory string type: type="+n+" value="+m)};this.tohex=function(){if(this.dsType==null){this.dsType=this._getDsType()}var n=KJUR.asn1.x509.OID.atype2obj(this.sType);var m=this.getValueObj(this.dsType,this.sValue);var p=new d({array:[n,m]});this.TLV=p.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};if(c!==undefined){this.setByParam(c)}};extendClass(KJUR.asn1.x509.AttributeTypeAndValue,KJUR.asn1.ASN1Object);KJUR.asn1.x509.SubjectPublicKeyInfo=function(f){KJUR.asn1.x509.SubjectPublicKeyInfo.superclass.constructor.call(this);var l=null,k=null,a=KJUR,j=a.asn1,i=j.DERInteger,b=j.DERBitString,m=j.DERObjectIdentifier,e=j.DERSequence,h=j.ASN1Util.newObject,d=j.x509,o=d.AlgorithmIdentifier,g=a.crypto,n=g.ECDSA,c=g.DSA;this.getASN1Object=function(){if(this.asn1AlgId==null||this.asn1SubjPKey==null){throw"algId and/or subjPubKey not set"}var p=new e({array:[this.asn1AlgId,this.asn1SubjPKey]});return p};this.tohex=function(){var p=this.getASN1Object();this.hTLV=p.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};this.setPubKey=function(q){try{if(q instanceof RSAKey){var u=h({seq:[{"int":{bigint:q.n}},{"int":{"int":q.e}}]});var s=u.tohex();this.asn1AlgId=new o({name:"rsaEncryption"});this.asn1SubjPKey=new b({hex:"00"+s})}}catch(p){}try{if(q instanceof KJUR.crypto.ECDSA){var r=new m({name:q.curveName});this.asn1AlgId=new o({name:"ecPublicKey",asn1params:r});this.asn1SubjPKey=new b({hex:"00"+q.pubKeyHex})}}catch(p){}try{if(q instanceof KJUR.crypto.DSA){var r=new h({seq:[{"int":{bigint:q.p}},{"int":{bigint:q.q}},{"int":{bigint:q.g}}]});this.asn1AlgId=new o({name:"dsa",asn1params:r});var t=new i({bigint:q.y});this.asn1SubjPKey=new b({hex:"00"+t.tohex()})}}catch(p){}};if(f!==undefined){this.setPubKey(f)}};extendClass(KJUR.asn1.x509.SubjectPublicKeyInfo,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Time=function(f){KJUR.asn1.x509.Time.superclass.constructor.call(this);var e=null,a=null,d=KJUR,c=d.asn1,b=c.DERUTCTime,g=c.DERGeneralizedTime;this.params=null;this.type=null;this.setTimeParams=function(h){this.timeParams=h};this.setByParam=function(h){this.params=h};this.getType=function(h){if(h.match(/^[0-9]{12}Z$/)){return"utc"}if(h.match(/^[0-9]{14}Z$/)){return"gen"}if(h.match(/^[0-9]{12}\.[0-9]+Z$/)){return"utc"}if(h.match(/^[0-9]{14}\.[0-9]+Z$/)){return"gen"}return null};this.tohex=function(){var i=this.params;var h=null;if(typeof i=="string"){i={str:i}}if(i!=null&&i.str&&(i.type==null||i.type==undefined)){i.type=this.getType(i.str)}if(i!=null&&i.str){if(i.type=="utc"){h=new b(i.str)}if(i.type=="gen"){h=new g(i.str)}}else{if(this.type=="gen"){h=new g()}else{h=new b()}}if(h==null){throw new Error("wrong setting for Time")}this.TLV=h.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};if(f!=undefined){this.setByParam(f)}};KJUR.asn1.x509.Time_bak=function(f){KJUR.asn1.x509.Time_bak.superclass.constructor.call(this);var e=null,a=null,d=KJUR,c=d.asn1,b=c.DERUTCTime,g=c.DERGeneralizedTime;this.setTimeParams=function(h){this.timeParams=h};this.tohex=function(){var h=null;if(this.timeParams!=null){if(this.type=="utc"){h=new b(this.timeParams)}else{h=new g(this.timeParams)}}else{if(this.type=="utc"){h=new b()}else{h=new g()}}this.TLV=h.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};this.type="utc";if(f!==undefined){if(f.type!==undefined){this.type=f.type}else{if(f.str!==undefined){if(f.str.match(/^[0-9]{12}Z$/)){this.type="utc"}if(f.str.match(/^[0-9]{14}Z$/)){this.type="gen"}}}this.timeParams=f}};extendClass(KJUR.asn1.x509.Time,KJUR.asn1.ASN1Object);KJUR.asn1.x509.AlgorithmIdentifier=function(e){KJUR.asn1.x509.AlgorithmIdentifier.superclass.constructor.call(this);this.nameAlg=null;this.asn1Alg=null;this.asn1Params=null;this.paramEmpty=false;var b=KJUR,a=b.asn1,c=a.x509.AlgorithmIdentifier.PSSNAME2ASN1TLV;this.tohex=function(){if(this.nameAlg===null&&this.asn1Alg===null){throw new Error("algorithm not specified")}if(this.nameAlg!==null){var f=null;for(var h in c){if(h===this.nameAlg){f=c[h]}}if(f!==null){this.hTLV=f;return this.hTLV}}if(this.nameAlg!==null&&this.asn1Alg===null){this.asn1Alg=a.x509.OID.name2obj(this.nameAlg)}var g=[this.asn1Alg];if(this.asn1Params!==null){g.push(this.asn1Params)}var i=new a.DERSequence({array:g});this.hTLV=i.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){if(e.name!==undefined){this.nameAlg=e.name}if(e.asn1params!==undefined){this.asn1Params=e.asn1params}if(e.paramempty!==undefined){this.paramEmpty=e.paramempty}}if(this.asn1Params===null&&this.paramEmpty===false&&this.nameAlg!==null){if(this.nameAlg.name!==undefined){this.nameAlg=this.nameAlg.name}var d=this.nameAlg.toLowerCase();if(d.substr(-7,7)!=="withdsa"&&d.substr(-9,9)!=="withecdsa"){this.asn1Params=new a.DERNull()}}};extendClass(KJUR.asn1.x509.AlgorithmIdentifier,KJUR.asn1.ASN1Object);KJUR.asn1.x509.AlgorithmIdentifier.PSSNAME2ASN1TLV={SHAwithRSAandMGF1:"300d06092a864886f70d01010a3000",SHA256withRSAandMGF1:"303d06092a864886f70d01010a3030a00d300b0609608648016503040201a11a301806092a864886f70d010108300b0609608648016503040201a203020120",SHA384withRSAandMGF1:"303d06092a864886f70d01010a3030a00d300b0609608648016503040202a11a301806092a864886f70d010108300b0609608648016503040202a203020130",SHA512withRSAandMGF1:"303d06092a864886f70d01010a3030a00d300b0609608648016503040203a11a301806092a864886f70d010108300b0609608648016503040203a203020140"};KJUR.asn1.x509.GeneralName=function(f){KJUR.asn1.x509.GeneralName.superclass.constructor.call(this);var l={rfc822:"81",dns:"82",dn:"a4",uri:"86",ip:"87",otherName:"a0"},b=KJUR,h=b.asn1,d=h.x509,a=d.X500Name,g=d.OtherName,e=h.DERIA5String,i=h.DERPrintableString,k=h.DEROctetString,c=h.DERTaggedObject,m=h.ASN1Object,j=Error;this.params=null;this.setByParam=function(n){this.params=n};this.tohex=function(){var p=this.params;var A,y,q;var y=false;if(p.other!==undefined){A="a0",q=new g(p.other)}else{if(p.rfc822!==undefined){A="81";q=new e({str:p.rfc822})}else{if(p.dns!==undefined){A="82";q=new e({str:p.dns})}else{if(p.dn!==undefined){A="a4";y=true;if(typeof p.dn==="string"){q=new a({str:p.dn})}else{if(p.dn instanceof KJUR.asn1.x509.X500Name){q=p.dn}else{q=new a(p.dn)}}}else{if(p.ldapdn!==undefined){A="a4";y=true;q=new a({ldapstr:p.ldapdn})}else{if(p.certissuer!==undefined||p.certsubj!==undefined){A="a4";y=true;var n,o;var z=null;if(p.certsubj!==undefined){n=false;o=p.certsubj}else{n=true;o=p.certissuer}if(o.match(/^[0-9A-Fa-f]+$/)){z==o}if(o.indexOf("-----BEGIN ")!=-1){z=pemtohex(o)}if(z==null){throw new Error("certsubj/certissuer not cert")}var w=new X509();w.hex=z;var s;if(n){s=w.getIssuerHex()}else{s=w.getSubjectHex()}q=new m();q.hTLV=s}else{if(p.uri!==undefined){A="86";q=new e({str:p.uri})}else{if(p.ip!==undefined){A="87";var v;var t=p.ip;try{if(t.match(/^[0-9a-f]+$/)){var r=t.length;if(r==8||r==16||r==32||r==64){v=t}else{throw"err"}}else{v=iptohex(t)}}catch(u){throw new j("malformed IP address: "+p.ip+":"+u.message)}q=new k({hex:v})}else{throw new j("improper params")}}}}}}}}var B=new c({tag:A,explicit:y,obj:q});return B.tohex()};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.GeneralName,KJUR.asn1.ASN1Object);KJUR.asn1.x509.GeneralNames=function(d){KJUR.asn1.x509.GeneralNames.superclass.constructor.call(this);var a=null,c=KJUR,b=c.asn1;this.setByParamArray=function(g){for(var e=0;e<g.length;e++){var f=new b.x509.GeneralName(g[e]);this.asn1Array.push(f)}};this.tohex=function(){var e=new b.DERSequence({array:this.asn1Array});return e.tohex()};this.getEncodedHex=function(){return this.tohex()};this.asn1Array=new Array();if(typeof d!="undefined"){this.setByParamArray(d)}};extendClass(KJUR.asn1.x509.GeneralNames,KJUR.asn1.ASN1Object);KJUR.asn1.x509.OtherName=function(g){KJUR.asn1.x509.OtherName.superclass.constructor.call(this);var f=null,e=null,d=KJUR,c=d.asn1,h=c.DERObjectIdentifier,a=c.DERSequence,b=c.ASN1Util.newObject;this.params=null;this.setByParam=function(i){this.params=i};this.tohex=function(){var k=this.params;if(k.oid==undefined||k.value==undefined){throw new Error("oid or value not specified")}var l=new h({oid:k.oid});var i=b({tag:{tag:"a0",explicit:true,obj:k.value}});var j=new a({array:[l,i]});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!==undefined){this.setByParam(g)}};extendClass(KJUR.asn1.x509.OtherName,KJUR.asn1.ASN1Object);KJUR.asn1.x509.OID=new function(){var a=KJUR.asn1.DERObjectIdentifier;this.name2oidList={sha1:"1.3.14.3.2.26",sha256:"2.16.840.1.101.3.4.2.1",sha384:"2.16.840.1.101.3.4.2.2",sha512:"2.16.840.1.101.3.4.2.3",sha224:"2.16.840.1.101.3.4.2.4",md5:"1.2.840.113549.2.5",md2:"1.3.14.7.2.2.1",ripemd160:"1.3.36.3.2.1",MD2withRSA:"1.2.840.113549.1.1.2",MD4withRSA:"1.2.840.113549.1.1.3",MD5withRSA:"1.2.840.113549.1.1.4",SHA1withRSA:"1.2.840.113549.1.1.5","pkcs1-MGF":"1.2.840.113549.1.1.8",rsaPSS:"1.2.840.113549.1.1.10",SHA224withRSA:"1.2.840.113549.1.1.14",SHA256withRSA:"1.2.840.113549.1.1.11",SHA384withRSA:"1.2.840.113549.1.1.12",SHA512withRSA:"1.2.840.113549.1.1.13",SHA1withECDSA:"1.2.840.10045.4.1",SHA224withECDSA:"1.2.840.10045.4.3.1",SHA256withECDSA:"1.2.840.10045.4.3.2",SHA384withECDSA:"1.2.840.10045.4.3.3",SHA512withECDSA:"1.2.840.10045.4.3.4",dsa:"1.2.840.10040.4.1",SHA1withDSA:"1.2.840.10040.4.3",SHA224withDSA:"2.16.840.1.101.3.4.3.1",SHA256withDSA:"2.16.840.1.101.3.4.3.2",rsaEncryption:"1.2.840.113549.1.1.1",commonName:"2.5.4.3",countryName:"2.5.4.6",localityName:"2.5.4.7",stateOrProvinceName:"2.5.4.8",streetAddress:"2.5.4.9",organizationName:"2.5.4.10",organizationalUnitName:"2.5.4.11",domainComponent:"0.9.2342.19200300.100.1.25",userId:"0.9.2342.19200300.100.1.1",surname:"2.5.4.4",givenName:"2.5.4.42",title:"2.5.4.12",distinguishedName:"2.5.4.49",emailAddress:"1.2.840.113549.1.9.1",description:"2.5.4.13",businessCategory:"2.5.4.15",postalCode:"2.5.4.17",uniqueIdentifier:"2.5.4.45",organizationIdentifier:"2.5.4.97",jurisdictionOfIncorporationL:"1.3.6.1.4.1.311.60.2.1.1",jurisdictionOfIncorporationSP:"1.3.6.1.4.1.311.60.2.1.2",jurisdictionOfIncorporationC:"1.3.6.1.4.1.311.60.2.1.3",subjectDirectoryAttributes:"2.5.29.9",subjectKeyIdentifier:"2.5.29.14",keyUsage:"2.5.29.15",subjectAltName:"2.5.29.17",issuerAltName:"2.5.29.18",basicConstraints:"2.5.29.19",cRLNumber:"2.5.29.20",cRLReason:"2.5.29.21",nameConstraints:"2.5.29.30",cRLDistributionPoints:"2.5.29.31",certificatePolicies:"2.5.29.32",anyPolicy:"2.5.29.32.0",authorityKeyIdentifier:"2.5.29.35",policyConstraints:"2.5.29.36",extKeyUsage:"2.5.29.37",authorityInfoAccess:"1.3.6.1.5.5.7.1.1",ocsp:"1.3.6.1.5.5.7.48.1",ocspBasic:"1.3.6.1.5.5.7.48.1.1",ocspNonce:"1.3.6.1.5.5.7.48.1.2",ocspNoCheck:"1.3.6.1.5.5.7.48.1.5",caIssuers:"1.3.6.1.5.5.7.48.2",anyExtendedKeyUsage:"2.5.29.37.0",serverAuth:"1.3.6.1.5.5.7.3.1",clientAuth:"1.3.6.1.5.5.7.3.2",codeSigning:"1.3.6.1.5.5.7.3.3",emailProtection:"1.3.6.1.5.5.7.3.4",timeStamping:"1.3.6.1.5.5.7.3.8",ocspSigning:"1.3.6.1.5.5.7.3.9",dateOfBirth:"1.3.6.1.5.5.7.9.1",placeOfBirth:"1.3.6.1.5.5.7.9.2",gender:"1.3.6.1.5.5.7.9.3",countryOfCitizenship:"1.3.6.1.5.5.7.9.4",countryOfResidence:"1.3.6.1.5.5.7.9.5",ecPublicKey:"1.2.840.10045.2.1","P-256":"1.2.840.10045.3.1.7",secp256r1:"1.2.840.10045.3.1.7",secp256k1:"1.3.132.0.10",secp384r1:"1.3.132.0.34",secp521r1:"1.3.132.0.35",pkcs5PBES2:"1.2.840.113549.1.5.13",pkcs5PBKDF2:"1.2.840.113549.1.5.12","des-EDE3-CBC":"1.2.840.113549.3.7",data:"1.2.840.113549.1.7.1","signed-data":"1.2.840.113549.1.7.2","enveloped-data":"1.2.840.113549.1.7.3","digested-data":"1.2.840.113549.1.7.5","encrypted-data":"1.2.840.113549.1.7.6","authenticated-data":"1.2.840.113549.1.9.16.1.2",tstinfo:"1.2.840.113549.1.9.16.1.4",signingCertificate:"1.2.840.113549.1.9.16.2.12",timeStampToken:"1.2.840.113549.1.9.16.2.14",signaturePolicyIdentifier:"1.2.840.113549.1.9.16.2.15",etsArchiveTimeStamp:"1.2.840.113549.1.9.16.2.27",signingCertificateV2:"1.2.840.113549.1.9.16.2.47",etsArchiveTimeStampV2:"1.2.840.113549.1.9.16.2.48",extensionRequest:"1.2.840.113549.1.9.14",contentType:"1.2.840.113549.1.9.3",messageDigest:"1.2.840.113549.1.9.4",signingTime:"1.2.840.113549.1.9.5",counterSignature:"1.2.840.113549.1.9.6",archiveTimeStampV3:"0.4.0.1733.2.4",pdfRevocationInfoArchival:"1.2.840.113583.1.1.8",adobeTimeStamp:"1.2.840.113583.1.1.9.1",};this.atype2oidList={CN:"2.5.4.3",L:"2.5.4.7",ST:"2.5.4.8",O:"2.5.4.10",OU:"2.5.4.11",C:"2.5.4.6",STREET:"2.5.4.9",DC:"0.9.2342.19200300.100.1.25",UID:"0.9.2342.19200300.100.1.1",SN:"2.5.4.4",T:"2.5.4.12",DN:"2.5.4.49",E:"1.2.840.113549.1.9.1",description:"2.5.4.13",businessCategory:"2.5.4.15",postalCode:"2.5.4.17",serialNumber:"2.5.4.5",uniqueIdentifier:"2.5.4.45",organizationIdentifier:"2.5.4.97",jurisdictionOfIncorporationL:"1.3.6.1.4.1.311.60.2.1.1",jurisdictionOfIncorporationSP:"1.3.6.1.4.1.311.60.2.1.2",jurisdictionOfIncorporationC:"1.3.6.1.4.1.311.60.2.1.3"};this.objCache={};this.name2obj=function(b){if(typeof this.objCache[b]!="undefined"){return this.objCache[b]}if(typeof this.name2oidList[b]=="undefined"){throw"Name of ObjectIdentifier not defined: "+b}var c=this.name2oidList[b];var d=new a({oid:c});this.objCache[b]=d;return d};this.atype2obj=function(b){if(this.objCache[b]!==undefined){return this.objCache[b]}var c;if(b.match(/^\d+\.\d+\.[0-9.]+$/)){c=b}else{if(this.atype2oidList[b]!==undefined){c=this.atype2oidList[b]}else{if(this.name2oidList[b]!==undefined){c=this.name2oidList[b]}else{throw new Error("AttributeType name undefined: "+b)}}}var d=new a({oid:c});this.objCache[b]=d;return d};this.registerOIDs=function(b){if(!this.checkOIDs(b)){return}for(var c in b){this.name2oidList[c]=b[c]}};this.checkOIDs=function(b){try{var d=Object.keys(b);if(d.length==0){return false}d.map(function(g,e,h){var f=this[g];if(!f.match(/^[0-2]\.[0-9.]+$/)){throw new Error("value is not OID")}},b);return true}catch(c){return false}}};KJUR.asn1.x509.OID.oid2name=function(b){var c=KJUR.asn1.x509.OID.name2oidList;for(var a in c){if(c[a]==b){return a}}return""};KJUR.asn1.x509.OID.oid2atype=function(b){var c=KJUR.asn1.x509.OID.atype2oidList;for(var a in c){if(c[a]==b){return a}}return b};KJUR.asn1.x509.OID.name2oid=function(a){if(a.match(/^[0-9.]+$/)){return a}var b=KJUR.asn1.x509.OID.name2oidList;if(b[a]===undefined){return""}return b[a]};KJUR.asn1.x509.X509Util={};KJUR.asn1.x509.X509Util.newCertPEM=function(e){var d=KJUR.asn1.x509,b=d.TBSCertificate,a=d.Certificate;var c=new a(e);return c.getPEM()};
\ No newline at end of file
+if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}if(typeof KJUR.asn1.x509=="undefined"||!KJUR.asn1.x509){KJUR.asn1.x509={}}KJUR.asn1.x509.Certificate=function(h){KJUR.asn1.x509.Certificate.superclass.constructor.call(this);var d=KJUR,c=d.asn1,f=c.DERBitString,b=c.DERSequence,g=c.x509,a=g.TBSCertificate,e=g.AlgorithmIdentifier;this.params=undefined;this.setByParam=function(i){this.params=i};this.sign=function(){var l=this.params;var k=l.sigalg;if(l.sigalg.name!=undefined){k=l.sigalg.name}var i=l.tbsobj.tohex();var j=new KJUR.crypto.Signature({alg:k});j.init(l.cakey);j.updateHex(i);l.sighex=j.sign()};this.getPEM=function(){return hextopem(this.tohex(),"CERTIFICATE")};this.tohex=function(){var k=this.params;if(k.tbsobj==undefined||k.tbsobj==null){k.tbsobj=new a(k)}if(k.sighex==undefined&&k.cakey!=undefined){this.sign()}if(k.sighex==undefined){throw new Error("sighex or cakey parameter not defined")}var i=[];i.push(k.tbsobj);i.push(new e({name:k.sigalg}));i.push(new f({hex:"00"+k.sighex}));var j=new b({array:i});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};if(h!=undefined){this.params=h}};extendClass(KJUR.asn1.x509.Certificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.TBSCertificate=function(f){KJUR.asn1.x509.TBSCertificate.superclass.constructor.call(this);var b=KJUR,i=b.asn1,d=i.x509,c=i.DERTaggedObject,h=i.DERInteger,g=i.DERSequence,l=d.AlgorithmIdentifier,e=d.Time,a=d.X500Name,j=d.Extensions,k=d.SubjectPublicKeyInfo;this.params=null;this.setByParam=function(m){this.params=m};this.tohex=function(){var n=[];var q=this.params;if(q.version!=undefined||q.version!=1){var m=2;if(q.version!=undefined){m=q.version-1}var p=new c({obj:new h({"int":m})});n.push(p)}n.push(new h(q.serial));n.push(new l({name:q.sigalg}));n.push(new a(q.issuer));n.push(new g({array:[new e(q.notbefore),new e(q.notafter)]}));n.push(new a(q.subject));n.push(new k(KEYUTIL.getKey(q.sbjpubkey)));if(q.ext!==undefined&&q.ext.length>0){n.push(new c({tag:"a3",obj:new j(q.ext)}))}var o=new KJUR.asn1.DERSequence({array:n});return o.tohex()};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.TBSCertificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Extensions=function(d){KJUR.asn1.x509.Extensions.superclass.constructor.call(this);var c=KJUR,b=c.asn1,a=b.DERSequence,e=b.x509;this.aParam=[];this.setByParam=function(f){this.aParam=f};this.tohex=function(){var f=[];for(var h=0;h<this.aParam.length;h++){var l=this.aParam[h];var k=l.extname;var j=null;if(l.extn!=undefined){j=new e.PrivateExtension(l)}else{if(k=="subjectKeyIdentifier"){j=new e.SubjectKeyIdentifier(l)}else{if(k=="keyUsage"){j=new e.KeyUsage(l)}else{if(k=="subjectAltName"){j=new e.SubjectAltName(l)}else{if(k=="issuerAltName"){j=new e.IssuerAltName(l)}else{if(k=="basicConstraints"){j=new e.BasicConstraints(l)}else{if(k=="nameConstraints"){j=new e.NameConstraints(l)}else{if(k=="cRLDistributionPoints"){j=new e.CRLDistributionPoints(l)}else{if(k=="certificatePolicies"){j=new e.CertificatePolicies(l)}else{if(k=="authorityKeyIdentifier"){j=new e.AuthorityKeyIdentifier(l)}else{if(k=="extKeyUsage"){j=new e.ExtKeyUsage(l)}else{if(k=="authorityInfoAccess"){j=new e.AuthorityInfoAccess(l)}else{if(k=="cRLNumber"){j=new e.CRLNumber(l)}else{if(k=="cRLReason"){j=new e.CRLReason(l)}else{if(k=="ocspNonce"){j=new e.OCSPNonce(l)}else{if(k=="ocspNoCheck"){j=new e.OCSPNoCheck(l)}else{if(k=="adobeTimeStamp"){j=new e.AdobeTimeStamp(l)}else{if(k=="subjectDirectoryAttributes"){j=new e.SubjectDirectoryAttributes(l)}else{throw new Error("extension not supported:"+JSON.stringify(l))}}}}}}}}}}}}}}}}}}if(j!=null){f.push(j)}}var g=new a({array:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(d!=undefined){this.setByParam(d)}};extendClass(KJUR.asn1.x509.Extensions,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Extension=function(d){KJUR.asn1.x509.Extension.superclass.constructor.call(this);var f=null,a=KJUR,e=a.asn1,h=e.DERObjectIdentifier,i=e.DEROctetString,b=e.DERBitString,g=e.DERBoolean,c=e.DERSequence;this.tohex=function(){var m=new h({oid:this.oid});var l=new i({hex:this.getExtnValueHex()});var k=new Array();k.push(m);if(this.critical){k.push(new g())}k.push(l);var j=new c({array:k});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};this.critical=false;if(d!==undefined){if(d.critical!==undefined){this.critical=d.critical}}};extendClass(KJUR.asn1.x509.Extension,KJUR.asn1.ASN1Object);KJUR.asn1.x509.KeyUsage=function(c){KJUR.asn1.x509.KeyUsage.superclass.constructor.call(this,c);var b=Error;var a={digitalSignature:0,nonRepudiation:1,keyEncipherment:2,dataEncipherment:3,keyAgreement:4,keyCertSign:5,cRLSign:6,encipherOnly:7,decipherOnly:8};this.getExtnValueHex=function(){var d=this.getBinValue();this.asn1ExtnValue=new KJUR.asn1.DERBitString({bin:d});return this.asn1ExtnValue.tohex()};this.getBinValue=function(){var d=this.params;if(typeof d!="object"||(typeof d.names!="object"&&typeof d.bin!="string")){throw new b("parameter not yet set")}if(d.names!=undefined){return namearraytobinstr(d.names,a)}else{if(d.bin!=undefined){return d.bin}else{throw new b("parameter not set properly")}}};this.oid="2.5.29.15";if(c!==undefined){this.params=c}};extendClass(KJUR.asn1.x509.KeyUsage,KJUR.asn1.x509.Extension);KJUR.asn1.x509.BasicConstraints=function(g){KJUR.asn1.x509.BasicConstraints.superclass.constructor.call(this,g);var c=KJUR.asn1,e=c.DERBoolean,f=c.DERInteger,b=c.DERSequence;var a=false;var d=-1;this.getExtnValueHex=function(){var i=new Array();if(this.cA){i.push(new e())}if(this.pathLen>-1){i.push(new f({"int":this.pathLen}))}var h=new b({array:i});this.asn1ExtnValue=h;return this.asn1ExtnValue.tohex()};this.oid="2.5.29.19";this.cA=false;this.pathLen=-1;if(g!==undefined){if(g.cA!==undefined){this.cA=g.cA}if(g.pathLen!==undefined){this.pathLen=g.pathLen}}};extendClass(KJUR.asn1.x509.BasicConstraints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRLDistributionPoints=function(d){KJUR.asn1.x509.CRLDistributionPoints.superclass.constructor.call(this,d);var b=KJUR,a=b.asn1,c=a.x509;this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.setByDPArray=function(e){var f=[];for(var g=0;g<e.length;g++){if(e[g] instanceof KJUR.asn1.ASN1Object){f.push(e[g])}else{var h=new c.DistributionPoint(e[g]);f.push(h)}}this.asn1ExtnValue=new a.DERSequence({array:f})};this.setByOneURI=function(f){var e=new c.DistributionPoint({fulluri:f});this.setByDPArray([e])};this.oid="2.5.29.31";if(d!==undefined){if(d.array!==undefined){this.setByDPArray(d.array)}else{if(d.uri!==undefined){this.setByOneURI(d.uri)}}}};extendClass(KJUR.asn1.x509.CRLDistributionPoints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.DistributionPoint=function(e){KJUR.asn1.x509.DistributionPoint.superclass.constructor.call(this);var a=null,c=KJUR,b=c.asn1,d=b.x509.DistributionPointName;this.tohex=function(){var f=new b.DERSequence();if(this.asn1DP!=null){var g=new b.DERTaggedObject({explicit:true,tag:"a0",obj:this.asn1DP});f.appendASN1Object(g)}this.hTLV=f.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){if(e.dpobj!==undefined){this.asn1DP=e.dpobj}else{if(e.dpname!==undefined){this.asn1DP=new d(e.dpname)}else{if(e.fulluri!==undefined){this.asn1DP=new d({full:[{uri:e.fulluri}]})}}}}};extendClass(KJUR.asn1.x509.DistributionPoint,KJUR.asn1.ASN1Object);KJUR.asn1.x509.DistributionPointName=function(h){KJUR.asn1.x509.DistributionPointName.superclass.constructor.call(this);var g=null,d=null,a=null,f=null,c=KJUR,b=c.asn1,e=b.DERTaggedObject;this.tohex=function(){if(this.type!="full"){throw new Error("currently type shall be 'full': "+this.type)}this.asn1Obj=new e({explicit:false,tag:this.tag,obj:this.asn1V});this.hTLV=this.asn1Obj.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(h!==undefined){if(b.x509.GeneralNames.prototype.isPrototypeOf(h)){this.type="full";this.tag="a0";this.asn1V=h}else{if(h.full!==undefined){this.type="full";this.tag="a0";this.asn1V=new b.x509.GeneralNames(h.full)}else{throw new Error("This class supports GeneralNames only as argument")}}}};extendClass(KJUR.asn1.x509.DistributionPointName,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CertificatePolicies=function(f){KJUR.asn1.x509.CertificatePolicies.superclass.constructor.call(this,f);var c=KJUR,b=c.asn1,e=b.x509,a=b.DERSequence,d=e.PolicyInformation;this.params=null;this.getExtnValueHex=function(){var j=[];for(var h=0;h<this.params.array.length;h++){j.push(new d(this.params.array[h]))}var g=new a({array:j});this.asn1ExtnValue=g;return this.asn1ExtnValue.tohex()};this.oid="2.5.29.32";if(f!==undefined){this.params=f}};extendClass(KJUR.asn1.x509.CertificatePolicies,KJUR.asn1.x509.Extension);KJUR.asn1.x509.PolicyInformation=function(d){KJUR.asn1.x509.PolicyInformation.superclass.constructor.call(this,d);var c=KJUR.asn1,b=c.DERSequence,e=c.DERObjectIdentifier,a=c.x509.PolicyQualifierInfo;this.params=null;this.tohex=function(){if(this.params.policyoid===undefined&&this.params.array===undefined){throw new Error("parameter oid and array missing")}var f=[new e(this.params.policyoid)];if(this.params.array!==undefined){var j=[];for(var h=0;h<this.params.array.length;h++){j.push(new a(this.params.array[h]))}if(j.length>0){f.push(new b({array:j}))}}var g=new b({array:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(d!==undefined){this.params=d}};extendClass(KJUR.asn1.x509.PolicyInformation,KJUR.asn1.ASN1Object);KJUR.asn1.x509.PolicyQualifierInfo=function(e){KJUR.asn1.x509.PolicyQualifierInfo.superclass.constructor.call(this,e);var c=KJUR.asn1,b=c.DERSequence,d=c.DERIA5String,f=c.DERObjectIdentifier,a=c.x509.UserNotice;this.params=null;this.tohex=function(){if(this.params.cps!==undefined){var g=new b({array:[new f({oid:"1.3.6.1.5.5.7.2.1"}),new d({str:this.params.cps})]});return g.tohex()}if(this.params.unotice!=undefined){var g=new b({array:[new f({oid:"1.3.6.1.5.5.7.2.2"}),new a(this.params.unotice)]});return g.tohex()}};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){this.params=e}};extendClass(KJUR.asn1.x509.PolicyQualifierInfo,KJUR.asn1.ASN1Object);KJUR.asn1.x509.UserNotice=function(e){KJUR.asn1.x509.UserNotice.superclass.constructor.call(this,e);var a=KJUR.asn1.DERSequence,d=KJUR.asn1.DERInteger,c=KJUR.asn1.x509.DisplayText,b=KJUR.asn1.x509.NoticeReference;this.params=null;this.tohex=function(){var f=[];if(this.params.noticeref!==undefined){f.push(new b(this.params.noticeref))}if(this.params.exptext!==undefined){f.push(new c(this.params.exptext))}var g=new a({array:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){this.params=e}};extendClass(KJUR.asn1.x509.UserNotice,KJUR.asn1.ASN1Object);KJUR.asn1.x509.NoticeReference=function(d){KJUR.asn1.x509.NoticeReference.superclass.constructor.call(this,d);var a=KJUR.asn1.DERSequence,c=KJUR.asn1.DERInteger,b=KJUR.asn1.x509.DisplayText;this.params=null;this.tohex=function(){var f=[];if(this.params.org!==undefined){f.push(new b(this.params.org))}if(this.params.noticenum!==undefined){var h=[];var e=this.params.noticenum;for(var j=0;j<e.length;j++){h.push(new c(e[j]))}f.push(new a({array:h}))}if(f.length==0){throw new Error("parameter is empty")}var g=new a({array:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(d!==undefined){this.params=d}};extendClass(KJUR.asn1.x509.NoticeReference,KJUR.asn1.ASN1Object);KJUR.asn1.x509.DisplayText=function(a){KJUR.asn1.x509.DisplayText.superclass.constructor.call(this,a);this.hT="0c";if(a!==undefined){if(a.type==="ia5"){this.hT="16"}else{if(a.type==="vis"){this.hT="1a"}else{if(a.type==="bmp"){this.hT="1e"}}}}};extendClass(KJUR.asn1.x509.DisplayText,KJUR.asn1.DERAbstractString);KJUR.asn1.x509.NameConstraints=function(f){KJUR.asn1.x509.NameConstraints.superclass.constructor.call(this,f);var c=KJUR,b=c.asn1,e=b.x509,a=b.ASN1Util.newObject,d=e.GeneralSubtree;this.params=null;this.getExtnValueHex=function(){var l=this.params;var g=[];if(l.permit!=undefined&&l.permit.length!=undefined){var k=[];for(var h=0;h<l.permit.length;h++){k.push(new d(l.permit[h]))}g.push({tag:{tagi:"a0",obj:{seq:k}}})}if(l.exclude!=undefined&&l.exclude.length!=undefined){var j=[];for(var h=0;h<l.exclude.length;h++){j.push(new d(l.exclude[h]))}g.push({tag:{tagi:"a1",obj:{seq:j}}})}this.asn1ExtnValue=a({seq:g});return this.asn1ExtnValue.tohex()};this.oid="2.5.29.30";if(f!==undefined){this.params=f}};extendClass(KJUR.asn1.x509.NameConstraints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.GeneralSubtree=function(e){KJUR.asn1.x509.GeneralSubtree.superclass.constructor.call(this);var b=KJUR.asn1,d=b.x509,c=d.GeneralName,a=b.ASN1Util.newObject;this.params=null;this.setByParam=function(f){this.params=f};this.tohex=function(){var h=this.params;var f=[new c(h)];if(h.min!=undefined){f.push({tag:{tagi:"80",obj:{"int":h.min}}})}if(h.max!=undefined){f.push({tag:{tagi:"81",obj:{"int":h.max}}})}var g=a({seq:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){this.setByParam(e)}};extendClass(KJUR.asn1.x509.GeneralSubtree,KJUR.asn1.ASN1Object);KJUR.asn1.x509.ExtKeyUsage=function(c){KJUR.asn1.x509.ExtKeyUsage.superclass.constructor.call(this,c);var b=KJUR,a=b.asn1;this.setPurposeArray=function(d){this.asn1ExtnValue=new a.DERSequence();for(var e=0;e<d.length;e++){var f=new a.DERObjectIdentifier(d[e]);this.asn1ExtnValue.appendASN1Object(f)}};this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.oid="2.5.29.37";if(c!==undefined){if(c.array!==undefined){this.setPurposeArray(c.array)}}};extendClass(KJUR.asn1.x509.ExtKeyUsage,KJUR.asn1.x509.Extension);KJUR.asn1.x509.AuthorityKeyIdentifier=function(f){KJUR.asn1.x509.AuthorityKeyIdentifier.superclass.constructor.call(this,f);var b=KJUR,a=b.asn1,d=a.DERTaggedObject,e=a.x509.GeneralNames,c=b.crypto.Util.isKey;this.asn1KID=null;this.asn1CertIssuer=null;this.asn1CertSN=null;this.getExtnValueHex=function(){var h=new Array();if(this.asn1KID){h.push(new d({explicit:false,tag:"80",obj:this.asn1KID}))}if(this.asn1CertIssuer){h.push(new d({explicit:false,tag:"a1",obj:new e([{dn:this.asn1CertIssuer}])}))}if(this.asn1CertSN){h.push(new d({explicit:false,tag:"82",obj:this.asn1CertSN}))}var g=new a.DERSequence({array:h});this.asn1ExtnValue=g;return this.asn1ExtnValue.tohex()};this.setKIDByParam=function(i){if(i.str!==undefined||i.hex!==undefined){this.asn1KID=new KJUR.asn1.DEROctetString(i)}else{if((typeof i==="object"&&KJUR.crypto.Util.isKey(i))||(typeof i==="string"&&i.indexOf("BEGIN ")!=-1)){var h=i;if(typeof i==="string"){h=KEYUTIL.getKey(i)}var g=KEYUTIL.getKeyID(h);this.asn1KID=new KJUR.asn1.DEROctetString({hex:g})}}};this.setCertIssuerByParam=function(g){if(g.str!==undefined||g.ldapstr!==undefined||g.hex!==undefined||g.certsubject!==undefined||g.certissuer!==undefined){this.asn1CertIssuer=new KJUR.asn1.x509.X500Name(g)}else{if(typeof g==="string"&&g.indexOf("BEGIN ")!=-1&&g.indexOf("CERTIFICATE")!=-1){this.asn1CertIssuer=new KJUR.asn1.x509.X500Name({certissuer:g})}}};this.setCertSNByParam=function(i){if(i.str!==undefined||i.bigint!==undefined||i.hex!==undefined){this.asn1CertSN=new KJUR.asn1.DERInteger(i)}else{if(typeof i==="string"&&i.indexOf("BEGIN ")!=-1&&i.indexOf("CERTIFICATE")){var g=new X509();g.readCertPEM(i);var h=g.getSerialNumberHex();this.asn1CertSN=new KJUR.asn1.DERInteger({hex:h})}}};this.oid="2.5.29.35";if(f!==undefined){if(f.kid!==undefined){this.setKIDByParam(f.kid)}if(f.issuer!==undefined){this.setCertIssuerByParam(f.issuer)}if(f.sn!==undefined){this.setCertSNByParam(f.sn)}if(f.issuersn!==undefined&&typeof f.issuersn==="string"&&f.issuersn.indexOf("BEGIN ")!=-1&&f.issuersn.indexOf("CERTIFICATE")){this.setCertSNByParam(f.issuersn);this.setCertIssuerByParam(f.issuersn)}}};extendClass(KJUR.asn1.x509.AuthorityKeyIdentifier,KJUR.asn1.x509.Extension);KJUR.asn1.x509.SubjectKeyIdentifier=function(d){KJUR.asn1.x509.SubjectKeyIdentifier.superclass.constructor.call(this,d);var b=KJUR,a=b.asn1,c=a.DEROctetString;this.asn1KID=null;this.getExtnValueHex=function(){this.asn1ExtnValue=this.asn1KID;return this.asn1ExtnValue.tohex()};this.setKIDByParam=function(g){if(g.str!==undefined||g.hex!==undefined){this.asn1KID=new c(g)}else{if((typeof g==="object"&&KJUR.crypto.Util.isKey(g))||(typeof g==="string"&&g.indexOf("BEGIN")!=-1)){var f=g;if(typeof g==="string"){f=KEYUTIL.getKey(g)}var e=KEYUTIL.getKeyID(f);this.asn1KID=new KJUR.asn1.DEROctetString({hex:e})}}};this.oid="2.5.29.14";if(d!==undefined){if(d.kid!==undefined){this.setKIDByParam(d.kid)}}};extendClass(KJUR.asn1.x509.SubjectKeyIdentifier,KJUR.asn1.x509.Extension);KJUR.asn1.x509.AuthorityInfoAccess=function(a){KJUR.asn1.x509.AuthorityInfoAccess.superclass.constructor.call(this,a);this.setAccessDescriptionArray=function(k){var d=new Array(),b=KJUR,g=b.asn1,c=g.DERSequence,j=g.DERObjectIdentifier,l=g.x509.GeneralName;for(var f=0;f<k.length;f++){var e;var h=k[f];if(h.ocsp!==undefined){e=new c({array:[new j({oid:"1.3.6.1.5.5.7.48.1"}),new l({uri:h.ocsp})]})}else{if(h.caissuer!==undefined){e=new c({array:[new j({oid:"1.3.6.1.5.5.7.48.2"}),new l({uri:h.caissuer})]})}else{throw new Error("unknown AccessMethod parameter: "+JSON.stringify(h))}}d.push(e)}this.asn1ExtnValue=new c({array:d})};this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.oid="1.3.6.1.5.5.7.1.1";if(a!==undefined){if(a.array!==undefined){this.setAccessDescriptionArray(a.array)}}};extendClass(KJUR.asn1.x509.AuthorityInfoAccess,KJUR.asn1.x509.Extension);KJUR.asn1.x509.SubjectAltName=function(a){KJUR.asn1.x509.SubjectAltName.superclass.constructor.call(this,a);this.setNameArray=function(b){this.asn1ExtnValue=new KJUR.asn1.x509.GeneralNames(b)};this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.oid="2.5.29.17";if(a!==undefined){if(a.array!==undefined){this.setNameArray(a.array)}}};extendClass(KJUR.asn1.x509.SubjectAltName,KJUR.asn1.x509.Extension);KJUR.asn1.x509.IssuerAltName=function(a){KJUR.asn1.x509.IssuerAltName.superclass.constructor.call(this,a);this.setNameArray=function(b){this.asn1ExtnValue=new KJUR.asn1.x509.GeneralNames(b)};this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.oid="2.5.29.18";if(a!==undefined){if(a.array!==undefined){this.setNameArray(a.array)}}};extendClass(KJUR.asn1.x509.IssuerAltName,KJUR.asn1.x509.Extension);KJUR.asn1.x509.SubjectDirectoryAttributes=function(e){KJUR.asn1.x509.SubjectDirectoryAttributes.superclass.constructor.call(this,e);var c=KJUR.asn1,a=c.DERSequence,b=c.ASN1Util.newObject,d=c.x509.OID.name2oid;this.params=null;this.getExtnValueHex=function(){var f=[];for(var j=0;j<this.params.array.length;j++){var k=this.params.array[j];var h={seq:[{oid:"1.2.3.4"},{set:[{utf8str:"DE"}]}]};if(k.attr=="dateOfBirth"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={gentime:k.str}}else{if(k.attr=="placeOfBirth"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={utf8str:k.str}}else{if(k.attr=="gender"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={prnstr:k.str}}else{if(k.attr=="countryOfCitizenship"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={prnstr:k.str}}else{if(k.attr=="countryOfResidence"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={prnstr:k.str}}else{throw new Error("unsupported attribute: "+k.attr)}}}}}f.push(new b(h))}var g=new a({array:f});this.asn1ExtnValue=g;return this.asn1ExtnValue.tohex()};this.oid="2.5.29.9";if(e!==undefined){this.params=e}};extendClass(KJUR.asn1.x509.SubjectDirectoryAttributes,KJUR.asn1.x509.Extension);KJUR.asn1.x509.PrivateExtension=function(f){KJUR.asn1.x509.PrivateExtension.superclass.constructor.call(this,f);var c=KJUR,e=c.lang.String.isHex,b=c.asn1,d=b.x509.OID.name2oid,a=b.ASN1Util.newObject;this.params=null;this.setByParam=function(g){this.oid=d(g.extname);this.params=g};this.getExtnValueHex=function(){if(this.params.extname==undefined||this.params.extn==undefined){throw new Error("extname or extnhex not specified")}var h=this.params.extn;if(typeof h=="string"&&e(h)){return h}else{if(typeof h=="object"){try{return a(h).tohex()}catch(g){}}}throw new Error("unsupported extn value")};if(f!=undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.PrivateExtension,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRL=function(g){KJUR.asn1.x509.CRL.superclass.constructor.call(this);var c=KJUR,b=c.asn1,a=b.DERSequence,e=b.DERBitString,f=b.x509,d=f.AlgorithmIdentifier,h=f.TBSCertList;this.params=undefined;this.setByParam=function(i){this.params=i};this.sign=function(){var j=(new h(this.params)).tohex();var k=new KJUR.crypto.Signature({alg:this.params.sigalg});k.init(this.params.cakey);k.updateHex(j);var i=k.sign();this.params.sighex=i};this.getPEM=function(){return hextopem(this.tohex(),"X509 CRL")};this.tohex=function(){var k=this.params;if(k.tbsobj==undefined){k.tbsobj=new h(k)}if(k.sighex==undefined&&k.cakey!=undefined){this.sign()}if(k.sighex==undefined){throw new Error("sighex or cakey parameter not defined")}var i=[];i.push(k.tbsobj);i.push(new d({name:k.sigalg}));i.push(new e({hex:"00"+k.sighex}));var j=new a({array:i});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!=undefined){this.params=g}};extendClass(KJUR.asn1.x509.CRL,KJUR.asn1.ASN1Object);KJUR.asn1.x509.TBSCertList=function(f){KJUR.asn1.x509.TBSCertList.superclass.constructor.call(this);var b=KJUR,i=b.asn1,h=i.DERInteger,g=i.DERSequence,c=i.DERTaggedObject,k=i.DERObjectIdentifier,d=i.x509,l=d.AlgorithmIdentifier,e=d.Time,j=d.Extensions,a=d.X500Name;this.params=null;this.setByParam=function(m){this.params=m};this.getRevCertSequence=function(){var m=[];var n=this.params.revcert;for(var o=0;o<n.length;o++){var p=[new h(n[o].sn),new e(n[o].date)];if(n[o].ext!=undefined){p.push(new j(n[o].ext))}m.push(new g({array:p}))}return new g({array:m})};this.tohex=function(){var n=[];var r=this.params;if(r.version!=undefined){var m=r.version-1;var p=new h({"int":m});n.push(p)}n.push(new l({name:r.sigalg}));n.push(new a(r.issuer));n.push(new e(r.thisupdate));if(r.nextupdate!=undefined){n.push(new e(r.nextupdate))}if(r.revcert!=undefined){n.push(this.getRevCertSequence())}if(r.ext!=undefined){var q=new j(r.ext);n.push(new c({tag:"a0",explicit:true,obj:q}))}var o=new g({array:n});return o.tohex()};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.TBSCertList,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CRLEntry=function(e){KJUR.asn1.x509.CRLEntry.superclass.constructor.call(this);var d=null,c=null,b=KJUR,a=b.asn1;this.setCertSerial=function(f){this.sn=new a.DERInteger(f)};this.setRevocationDate=function(f){this.time=new a.x509.Time(f)};this.tohex=function(){var f=new a.DERSequence({array:[this.sn,this.time]});this.TLV=f.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){if(e.time!==undefined){this.setRevocationDate(e.time)}if(e.sn!==undefined){this.setCertSerial(e.sn)}}};extendClass(KJUR.asn1.x509.CRLEntry,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CRLNumber=function(a){KJUR.asn1.x509.CRLNumber.superclass.constructor.call(this,a);this.params=undefined;this.getExtnValueHex=function(){this.asn1ExtnValue=new KJUR.asn1.DERInteger(this.params.num);return this.asn1ExtnValue.tohex()};this.oid="2.5.29.20";if(a!=undefined){this.params=a}};extendClass(KJUR.asn1.x509.CRLNumber,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRLReason=function(a){KJUR.asn1.x509.CRLReason.superclass.constructor.call(this,a);this.params=undefined;this.getExtnValueHex=function(){this.asn1ExtnValue=new KJUR.asn1.DEREnumerated(this.params.code);return this.asn1ExtnValue.tohex()};this.oid="2.5.29.21";if(a!=undefined){this.params=a}};extendClass(KJUR.asn1.x509.CRLReason,KJUR.asn1.x509.Extension);KJUR.asn1.x509.OCSPNonce=function(a){KJUR.asn1.x509.OCSPNonce.superclass.constructor.call(this,a);this.params=undefined;this.getExtnValueHex=function(){this.asn1ExtnValue=new KJUR.asn1.DEROctetString(this.params);return this.asn1ExtnValue.tohex()};this.oid="1.3.6.1.5.5.7.48.1.2";if(a!=undefined){this.params=a}};extendClass(KJUR.asn1.x509.OCSPNonce,KJUR.asn1.x509.Extension);KJUR.asn1.x509.OCSPNoCheck=function(a){KJUR.asn1.x509.OCSPNoCheck.superclass.constructor.call(this,a);this.params=undefined;this.getExtnValueHex=function(){this.asn1ExtnValue=new KJUR.asn1.DERNull();return this.asn1ExtnValue.tohex()};this.oid="1.3.6.1.5.5.7.48.1.5";if(a!=undefined){this.params=a}};extendClass(KJUR.asn1.x509.OCSPNoCheck,KJUR.asn1.x509.Extension);KJUR.asn1.x509.AdobeTimeStamp=function(g){KJUR.asn1.x509.AdobeTimeStamp.superclass.constructor.call(this,g);var c=KJUR,b=c.asn1,f=b.DERInteger,d=b.DERBoolean,a=b.DERSequence,e=b.x509.GeneralName;this.params=null;this.getExtnValueHex=function(){var i=this.params;var h=[new f(1)];h.push(new e({uri:i.uri}));if(i.reqauth!=undefined){h.push(new d(i.reqauth))}this.asn1ExtnValue=new a({array:h});return this.asn1ExtnValue.tohex()};this.oid="1.2.840.113583.1.1.9.1";if(g!==undefined){this.setByParam(g)}};extendClass(KJUR.asn1.x509.AdobeTimeStamp,KJUR.asn1.x509.Extension);KJUR.asn1.x509.X500Name=function(f){KJUR.asn1.x509.X500Name.superclass.constructor.call(this);this.asn1Array=[];this.paramArray=[];this.sRule="utf8";var c=KJUR,b=c.asn1,e=b.x509,d=e.RDN,a=pemtohex;this.setByString=function(g,l){if(l!==undefined){this.sRule=l}var k=g.split("/");k.shift();var j=[];for(var m=0;m<k.length;m++){if(k[m].match(/^[^=]+=.+$/)){j.push(k[m])}else{var h=j.length-1;j[h]=j[h]+"/"+k[m]}}for(var m=0;m<j.length;m++){this.asn1Array.push(new d({str:j[m],rule:this.sRule}))}};this.setByLdapString=function(g,h){if(h!==undefined){this.sRule=h}var i=e.X500Name.ldapToCompat(g);this.setByString(i,h)};this.setByObject=function(j,i){if(i!==undefined){this.sRule=i}for(var g in j){if(j.hasOwnProperty(g)){var h=new d({str:g+"="+j[g],rule:this.sRule});this.asn1Array?this.asn1Array.push(h):this.asn1Array=[h]}}};this.setByParam=function(h){if(h.rule!==undefined){this.sRule=h.rule}if(h.array!==undefined){this.paramArray=h.array}else{if(h.str!==undefined){this.setByString(h.str)}else{if(h.ldapstr!==undefined){this.setByLdapString(h.ldapstr)}else{if(h.hex!==undefined){this.hTLV=h.hex}else{if(h.certissuer!==undefined){var g=new X509();g.readCertPEM(h.certissuer);this.hTLV=g.getIssuerHex()}else{if(h.certsubject!==undefined){var g=new X509();g.readCertPEM(h.certsubject);this.hTLV=g.getSubjectHex()}else{if(typeof h==="object"&&h.certsubject===undefined&&h.certissuer===undefined){this.setByObject(h)}}}}}}}};this.tohex=function(){if(typeof this.hTLV=="string"){return this.hTLV}if(this.asn1Array.length==0&&this.paramArray.length>0){for(var g=0;g<this.paramArray.length;g++){var k={array:this.paramArray[g]};if(this.sRule!="utf8"){k.rule=this.sRule}var h=new d(k);this.asn1Array.push(h)}}var j=new b.DERSequence({array:this.asn1Array});this.hTLV=j.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.X500Name,KJUR.asn1.ASN1Object);KJUR.asn1.x509.X500Name.compatToLDAP=function(d){if(d.substr(0,1)!=="/"){throw"malformed input"}var b="";d=d.substr(1);var c=d.split("/");c.reverse();c=c.map(function(a){return a.replace(/,/,"\\,")});return c.join(",")};KJUR.asn1.x509.X500Name.onelineToLDAP=function(a){return KJUR.asn1.x509.X500Name.compatToLDAP(a)};KJUR.asn1.x509.X500Name.ldapToCompat=function(g){var c=g.split(",");var e=false;var b=[];for(var f=0;c.length>0;f++){var h=c.shift();if(e===true){var d=b.pop();var j=(d+","+h).replace(/\\,/g,",");b.push(j);e=false}else{b.push(h)}if(h.substr(-1,1)==="\\"){e=true}}b=b.map(function(a){return a.replace("/","\\/")});b.reverse();return"/"+b.join("/")};KJUR.asn1.x509.X500Name.ldapToOneline=function(a){return KJUR.asn1.x509.X500Name.ldapToCompat(a)};KJUR.asn1.x509.RDN=function(b){KJUR.asn1.x509.RDN.superclass.constructor.call(this);this.asn1Array=[];this.paramArray=[];this.sRule="utf8";var a=KJUR.asn1.x509.AttributeTypeAndValue;this.setByParam=function(c){if(c.rule!==undefined){this.sRule=c.rule}if(c.str!==undefined){this.addByMultiValuedString(c.str)}if(c.array!==undefined){this.paramArray=c.array}};this.addByString=function(c){this.asn1Array.push(new KJUR.asn1.x509.AttributeTypeAndValue({str:c,rule:this.sRule}))};this.addByMultiValuedString=function(e){var c=KJUR.asn1.x509.RDN.parseString(e);for(var d=0;d<c.length;d++){this.addByString(c[d])}};this.tohex=function(){if(this.asn1Array.length==0&&this.paramArray.length>0){for(var d=0;d<this.paramArray.length;d++){var f=this.paramArray[d];if(f.rule!==undefined&&this.sRule!="utf8"){f.rule=this.sRule}var c=new a(f);this.asn1Array.push(c)}}var e=new KJUR.asn1.DERSet({array:this.asn1Array});this.TLV=e.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};if(b!==undefined){this.setByParam(b)}};extendClass(KJUR.asn1.x509.RDN,KJUR.asn1.ASN1Object);KJUR.asn1.x509.RDN.parseString=function(m){var j=m.split(/\+/);var h=false;var c=[];for(var g=0;j.length>0;g++){var k=j.shift();if(h===true){var f=c.pop();var d=(f+"+"+k).replace(/\\\+/g,"+");c.push(d);h=false}else{c.push(k)}if(k.substr(-1,1)==="\\"){h=true}}var l=false;var b=[];for(var g=0;c.length>0;g++){var k=c.shift();if(l===true){var e=b.pop();if(k.match(/"$/)){var d=(e+"+"+k).replace(/^([^=]+)="(.*)"$/,"$1=$2");b.push(d);l=false}else{b.push(e+"+"+k)}}else{b.push(k)}if(k.match(/^[^=]+="/)){l=true}}return b};KJUR.asn1.x509.AttributeTypeAndValue=function(c){KJUR.asn1.x509.AttributeTypeAndValue.superclass.constructor.call(this);this.sRule="utf8";this.sType=null;this.sValue=null;this.dsType=null;var a=KJUR,g=a.asn1,d=g.DERSequence,l=g.DERUTF8String,i=g.DERPrintableString,h=g.DERTeletexString,b=g.DERIA5String,e=g.DERVisibleString,k=g.DERBMPString,f=a.lang.String.isMail,j=a.lang.String.isPrintable;this.setByParam=function(o){if(o.rule!==undefined){this.sRule=o.rule}if(o.ds!==undefined){this.dsType=o.ds}if(o.value===undefined&&o.str!==undefined){var n=o.str;var m=n.match(/^([^=]+)=(.+)$/);if(m){this.sType=m[1];this.sValue=m[2]}else{throw new Error("malformed attrTypeAndValueStr: "+attrTypeAndValueStr)}}else{this.sType=o.type;this.sValue=o.value}};this.setByString=function(n,o){if(o!==undefined){this.sRule=o}var m=n.match(/^([^=]+)=(.+)$/);if(m){this.setByAttrTypeAndValueStr(m[1],m[2])}else{throw new Error("malformed attrTypeAndValueStr: "+attrTypeAndValueStr)}};this._getDsType=function(){var o=this.sType;var n=this.sValue;var m=this.sRule;if(m==="prn"){if(o=="CN"&&f(n)){return"ia5"}if(j(n)){return"prn"}return"utf8"}else{if(m==="utf8"){if(o=="CN"&&f(n)){return"ia5"}if(o=="C"){return"prn"}return"utf8"}}return"utf8"};this.setByAttrTypeAndValueStr=function(o,n,m){if(m!==undefined){this.sRule=m}this.sType=o;this.sValue=n};this.getValueObj=function(n,m){if(n=="utf8"){return new l({str:m})}if(n=="prn"){return new i({str:m})}if(n=="tel"){return new h({str:m})}if(n=="ia5"){return new b({str:m})}if(n=="vis"){return new e({str:m})}if(n=="bmp"){return new k({str:m})}throw new Error("unsupported directory string type: type="+n+" value="+m)};this.tohex=function(){if(this.dsType==null){this.dsType=this._getDsType()}var n=KJUR.asn1.x509.OID.atype2obj(this.sType);var m=this.getValueObj(this.dsType,this.sValue);var p=new d({array:[n,m]});this.TLV=p.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};if(c!==undefined){this.setByParam(c)}};extendClass(KJUR.asn1.x509.AttributeTypeAndValue,KJUR.asn1.ASN1Object);KJUR.asn1.x509.SubjectPublicKeyInfo=function(f){KJUR.asn1.x509.SubjectPublicKeyInfo.superclass.constructor.call(this);var l=null,k=null,a=KJUR,j=a.asn1,i=j.DERInteger,b=j.DERBitString,m=j.DERObjectIdentifier,e=j.DERSequence,h=j.ASN1Util.newObject,d=j.x509,o=d.AlgorithmIdentifier,g=a.crypto,n=g.ECDSA,c=g.DSA;this.getASN1Object=function(){if(this.asn1AlgId==null||this.asn1SubjPKey==null){throw"algId and/or subjPubKey not set"}var p=new e({array:[this.asn1AlgId,this.asn1SubjPKey]});return p};this.tohex=function(){var p=this.getASN1Object();this.hTLV=p.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};this.setPubKey=function(q){try{if(q instanceof RSAKey){var u=h({seq:[{"int":{bigint:q.n}},{"int":{"int":q.e}}]});var s=u.tohex();this.asn1AlgId=new o({name:"rsaEncryption"});this.asn1SubjPKey=new b({hex:"00"+s})}}catch(p){}try{if(q instanceof KJUR.crypto.ECDSA){var r=new m({name:q.curveName});this.asn1AlgId=new o({name:"ecPublicKey",asn1params:r});this.asn1SubjPKey=new b({hex:"00"+q.pubKeyHex})}}catch(p){}try{if(q instanceof KJUR.crypto.DSA){var r=new h({seq:[{"int":{bigint:q.p}},{"int":{bigint:q.q}},{"int":{bigint:q.g}}]});this.asn1AlgId=new o({name:"dsa",asn1params:r});var t=new i({bigint:q.y});this.asn1SubjPKey=new b({hex:"00"+t.tohex()})}}catch(p){}};if(f!==undefined){this.setPubKey(f)}};extendClass(KJUR.asn1.x509.SubjectPublicKeyInfo,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Time=function(f){KJUR.asn1.x509.Time.superclass.constructor.call(this);var e=null,a=null,d=KJUR,c=d.asn1,b=c.DERUTCTime,g=c.DERGeneralizedTime;this.params=null;this.type=null;this.setTimeParams=function(h){this.timeParams=h};this.setByParam=function(h){this.params=h};this.getType=function(h){if(h.match(/^[0-9]{12}Z$/)){return"utc"}if(h.match(/^[0-9]{14}Z$/)){return"gen"}if(h.match(/^[0-9]{12}\.[0-9]+Z$/)){return"utc"}if(h.match(/^[0-9]{14}\.[0-9]+Z$/)){return"gen"}return null};this.tohex=function(){var i=this.params;var h=null;if(typeof i=="string"){i={str:i}}if(i!=null&&i.str&&(i.type==null||i.type==undefined)){i.type=this.getType(i.str)}if(i!=null&&i.str){if(i.type=="utc"){h=new b(i.str)}if(i.type=="gen"){h=new g(i.str)}}else{if(this.type=="gen"){h=new g()}else{h=new b()}}if(h==null){throw new Error("wrong setting for Time")}this.TLV=h.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};if(f!=undefined){this.setByParam(f)}};KJUR.asn1.x509.Time_bak=function(f){KJUR.asn1.x509.Time_bak.superclass.constructor.call(this);var e=null,a=null,d=KJUR,c=d.asn1,b=c.DERUTCTime,g=c.DERGeneralizedTime;this.setTimeParams=function(h){this.timeParams=h};this.tohex=function(){var h=null;if(this.timeParams!=null){if(this.type=="utc"){h=new b(this.timeParams)}else{h=new g(this.timeParams)}}else{if(this.type=="utc"){h=new b()}else{h=new g()}}this.TLV=h.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};this.type="utc";if(f!==undefined){if(f.type!==undefined){this.type=f.type}else{if(f.str!==undefined){if(f.str.match(/^[0-9]{12}Z$/)){this.type="utc"}if(f.str.match(/^[0-9]{14}Z$/)){this.type="gen"}}}this.timeParams=f}};extendClass(KJUR.asn1.x509.Time,KJUR.asn1.ASN1Object);KJUR.asn1.x509.AlgorithmIdentifier=function(e){KJUR.asn1.x509.AlgorithmIdentifier.superclass.constructor.call(this);this.nameAlg=null;this.asn1Alg=null;this.asn1Params=null;this.paramEmpty=false;var b=KJUR,a=b.asn1,c=a.x509.AlgorithmIdentifier.PSSNAME2ASN1TLV;this.tohex=function(){if(this.nameAlg===null&&this.asn1Alg===null){throw new Error("algorithm not specified")}if(this.nameAlg!==null){var f=null;for(var h in c){if(h===this.nameAlg){f=c[h]}}if(f!==null){this.hTLV=f;return this.hTLV}}if(this.nameAlg!==null&&this.asn1Alg===null){this.asn1Alg=a.x509.OID.name2obj(this.nameAlg)}var g=[this.asn1Alg];if(this.asn1Params!==null){g.push(this.asn1Params)}var i=new a.DERSequence({array:g});this.hTLV=i.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){if(e.name!==undefined){this.nameAlg=e.name}if(e.asn1params!==undefined){this.asn1Params=e.asn1params}if(e.paramempty!==undefined){this.paramEmpty=e.paramempty}}if(this.asn1Params===null&&this.paramEmpty===false&&this.nameAlg!==null){if(this.nameAlg.name!==undefined){this.nameAlg=this.nameAlg.name}var d=this.nameAlg.toLowerCase();if(d.substr(-7,7)!=="withdsa"&&d.substr(-9,9)!=="withecdsa"){this.asn1Params=new a.DERNull()}}};extendClass(KJUR.asn1.x509.AlgorithmIdentifier,KJUR.asn1.ASN1Object);KJUR.asn1.x509.AlgorithmIdentifier.PSSNAME2ASN1TLV={SHAwithRSAandMGF1:"300d06092a864886f70d01010a3000",SHA256withRSAandMGF1:"303d06092a864886f70d01010a3030a00d300b0609608648016503040201a11a301806092a864886f70d010108300b0609608648016503040201a203020120",SHA384withRSAandMGF1:"303d06092a864886f70d01010a3030a00d300b0609608648016503040202a11a301806092a864886f70d010108300b0609608648016503040202a203020130",SHA512withRSAandMGF1:"303d06092a864886f70d01010a3030a00d300b0609608648016503040203a11a301806092a864886f70d010108300b0609608648016503040203a203020140"};KJUR.asn1.x509.GeneralName=function(f){KJUR.asn1.x509.GeneralName.superclass.constructor.call(this);var l={rfc822:"81",dns:"82",dn:"a4",uri:"86",ip:"87",otherName:"a0"},b=KJUR,h=b.asn1,d=h.x509,a=d.X500Name,g=d.OtherName,e=h.DERIA5String,i=h.DERPrintableString,k=h.DEROctetString,c=h.DERTaggedObject,m=h.ASN1Object,j=Error;this.params=null;this.setByParam=function(n){this.params=n};this.tohex=function(){var p=this.params;var A,y,q;var y=false;if(p.other!==undefined){A="a0",q=new g(p.other)}else{if(p.rfc822!==undefined){A="81";q=new e({str:p.rfc822})}else{if(p.dns!==undefined){A="82";q=new e({str:p.dns})}else{if(p.dn!==undefined){A="a4";y=true;if(typeof p.dn==="string"){q=new a({str:p.dn})}else{if(p.dn instanceof KJUR.asn1.x509.X500Name){q=p.dn}else{q=new a(p.dn)}}}else{if(p.ldapdn!==undefined){A="a4";y=true;q=new a({ldapstr:p.ldapdn})}else{if(p.certissuer!==undefined||p.certsubj!==undefined){A="a4";y=true;var n,o;var z=null;if(p.certsubj!==undefined){n=false;o=p.certsubj}else{n=true;o=p.certissuer}if(o.match(/^[0-9A-Fa-f]+$/)){z==o}if(o.indexOf("-----BEGIN ")!=-1){z=pemtohex(o)}if(z==null){throw new Error("certsubj/certissuer not cert")}var w=new X509();w.hex=z;var s;if(n){s=w.getIssuerHex()}else{s=w.getSubjectHex()}q=new m();q.hTLV=s}else{if(p.uri!==undefined){A="86";q=new e({str:p.uri})}else{if(p.ip!==undefined){A="87";var v;var t=p.ip;try{if(t.match(/^[0-9a-f]+$/)){var r=t.length;if(r==8||r==16||r==32||r==64){v=t}else{throw"err"}}else{v=iptohex(t)}}catch(u){throw new j("malformed IP address: "+p.ip+":"+u.message)}q=new k({hex:v})}else{throw new j("improper params")}}}}}}}}var B=new c({tag:A,explicit:y,obj:q});return B.tohex()};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.GeneralName,KJUR.asn1.ASN1Object);KJUR.asn1.x509.GeneralNames=function(d){KJUR.asn1.x509.GeneralNames.superclass.constructor.call(this);var a=null,c=KJUR,b=c.asn1;this.setByParamArray=function(g){for(var e=0;e<g.length;e++){var f=new b.x509.GeneralName(g[e]);this.asn1Array.push(f)}};this.tohex=function(){var e=new b.DERSequence({array:this.asn1Array});return e.tohex()};this.getEncodedHex=function(){return this.tohex()};this.asn1Array=new Array();if(typeof d!="undefined"){this.setByParamArray(d)}};extendClass(KJUR.asn1.x509.GeneralNames,KJUR.asn1.ASN1Object);KJUR.asn1.x509.OtherName=function(g){KJUR.asn1.x509.OtherName.superclass.constructor.call(this);var f=null,e=null,d=KJUR,c=d.asn1,h=c.DERObjectIdentifier,a=c.DERSequence,b=c.ASN1Util.newObject;this.params=null;this.setByParam=function(i){this.params=i};this.tohex=function(){var k=this.params;if(k.oid==undefined||k.value==undefined){throw new Error("oid or value not specified")}var l=new h({oid:k.oid});var i=b({tag:{tag:"a0",explicit:true,obj:k.value}});var j=new a({array:[l,i]});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!==undefined){this.setByParam(g)}};extendClass(KJUR.asn1.x509.OtherName,KJUR.asn1.ASN1Object);KJUR.asn1.x509.OID=new function(){var a=KJUR.asn1.DERObjectIdentifier;this.name2oidList={sha1:"1.3.14.3.2.26",sha256:"2.16.840.1.101.3.4.2.1",sha384:"2.16.840.1.101.3.4.2.2",sha512:"2.16.840.1.101.3.4.2.3",sha224:"2.16.840.1.101.3.4.2.4",md5:"1.2.840.113549.2.5",md2:"1.3.14.7.2.2.1",ripemd160:"1.3.36.3.2.1",MD2withRSA:"1.2.840.113549.1.1.2",MD4withRSA:"1.2.840.113549.1.1.3",MD5withRSA:"1.2.840.113549.1.1.4",SHA1withRSA:"1.2.840.113549.1.1.5","pkcs1-MGF":"1.2.840.113549.1.1.8",rsaPSS:"1.2.840.113549.1.1.10",SHA224withRSA:"1.2.840.113549.1.1.14",SHA256withRSA:"1.2.840.113549.1.1.11",SHA384withRSA:"1.2.840.113549.1.1.12",SHA512withRSA:"1.2.840.113549.1.1.13",SHA1withECDSA:"1.2.840.10045.4.1",SHA224withECDSA:"1.2.840.10045.4.3.1",SHA256withECDSA:"1.2.840.10045.4.3.2",SHA384withECDSA:"1.2.840.10045.4.3.3",SHA512withECDSA:"1.2.840.10045.4.3.4",dsa:"1.2.840.10040.4.1",SHA1withDSA:"1.2.840.10040.4.3",SHA224withDSA:"2.16.840.1.101.3.4.3.1",SHA256withDSA:"2.16.840.1.101.3.4.3.2",rsaEncryption:"1.2.840.113549.1.1.1",commonName:"2.5.4.3",countryName:"2.5.4.6",localityName:"2.5.4.7",stateOrProvinceName:"2.5.4.8",streetAddress:"2.5.4.9",organizationName:"2.5.4.10",organizationalUnitName:"2.5.4.11",domainComponent:"0.9.2342.19200300.100.1.25",userId:"0.9.2342.19200300.100.1.1",surname:"2.5.4.4",givenName:"2.5.4.42",title:"2.5.4.12",distinguishedName:"2.5.4.49",emailAddress:"1.2.840.113549.1.9.1",description:"2.5.4.13",businessCategory:"2.5.4.15",postalCode:"2.5.4.17",uniqueIdentifier:"2.5.4.45",organizationIdentifier:"2.5.4.97",jurisdictionOfIncorporationL:"1.3.6.1.4.1.311.60.2.1.1",jurisdictionOfIncorporationSP:"1.3.6.1.4.1.311.60.2.1.2",jurisdictionOfIncorporationC:"1.3.6.1.4.1.311.60.2.1.3",subjectDirectoryAttributes:"2.5.29.9",subjectKeyIdentifier:"2.5.29.14",keyUsage:"2.5.29.15",subjectAltName:"2.5.29.17",issuerAltName:"2.5.29.18",basicConstraints:"2.5.29.19",cRLNumber:"2.5.29.20",cRLReason:"2.5.29.21",nameConstraints:"2.5.29.30",cRLDistributionPoints:"2.5.29.31",certificatePolicies:"2.5.29.32",anyPolicy:"2.5.29.32.0",authorityKeyIdentifier:"2.5.29.35",policyConstraints:"2.5.29.36",extKeyUsage:"2.5.29.37",authorityInfoAccess:"1.3.6.1.5.5.7.1.1",ocsp:"1.3.6.1.5.5.7.48.1",ocspBasic:"1.3.6.1.5.5.7.48.1.1",ocspNonce:"1.3.6.1.5.5.7.48.1.2",ocspNoCheck:"1.3.6.1.5.5.7.48.1.5",caIssuers:"1.3.6.1.5.5.7.48.2",anyExtendedKeyUsage:"2.5.29.37.0",serverAuth:"1.3.6.1.5.5.7.3.1",clientAuth:"1.3.6.1.5.5.7.3.2",codeSigning:"1.3.6.1.5.5.7.3.3",emailProtection:"1.3.6.1.5.5.7.3.4",timeStamping:"1.3.6.1.5.5.7.3.8",ocspSigning:"1.3.6.1.5.5.7.3.9",smtpUTF8Mailbox:"1.3.6.1.5.5.7.8.9",dateOfBirth:"1.3.6.1.5.5.7.9.1",placeOfBirth:"1.3.6.1.5.5.7.9.2",gender:"1.3.6.1.5.5.7.9.3",countryOfCitizenship:"1.3.6.1.5.5.7.9.4",countryOfResidence:"1.3.6.1.5.5.7.9.5",ecPublicKey:"1.2.840.10045.2.1","P-256":"1.2.840.10045.3.1.7",secp256r1:"1.2.840.10045.3.1.7",secp256k1:"1.3.132.0.10",secp384r1:"1.3.132.0.34",secp521r1:"1.3.132.0.35",pkcs5PBES2:"1.2.840.113549.1.5.13",pkcs5PBKDF2:"1.2.840.113549.1.5.12","des-EDE3-CBC":"1.2.840.113549.3.7",data:"1.2.840.113549.1.7.1","signed-data":"1.2.840.113549.1.7.2","enveloped-data":"1.2.840.113549.1.7.3","digested-data":"1.2.840.113549.1.7.5","encrypted-data":"1.2.840.113549.1.7.6","authenticated-data":"1.2.840.113549.1.9.16.1.2",tstinfo:"1.2.840.113549.1.9.16.1.4",signingCertificate:"1.2.840.113549.1.9.16.2.12",timeStampToken:"1.2.840.113549.1.9.16.2.14",signaturePolicyIdentifier:"1.2.840.113549.1.9.16.2.15",etsArchiveTimeStamp:"1.2.840.113549.1.9.16.2.27",signingCertificateV2:"1.2.840.113549.1.9.16.2.47",etsArchiveTimeStampV2:"1.2.840.113549.1.9.16.2.48",extensionRequest:"1.2.840.113549.1.9.14",contentType:"1.2.840.113549.1.9.3",messageDigest:"1.2.840.113549.1.9.4",signingTime:"1.2.840.113549.1.9.5",counterSignature:"1.2.840.113549.1.9.6",archiveTimeStampV3:"0.4.0.1733.2.4",pdfRevocationInfoArchival:"1.2.840.113583.1.1.8",adobeTimeStamp:"1.2.840.113583.1.1.9.1",};this.atype2oidList={CN:"2.5.4.3",L:"2.5.4.7",ST:"2.5.4.8",O:"2.5.4.10",OU:"2.5.4.11",C:"2.5.4.6",STREET:"2.5.4.9",DC:"0.9.2342.19200300.100.1.25",UID:"0.9.2342.19200300.100.1.1",SN:"2.5.4.4",T:"2.5.4.12",DN:"2.5.4.49",E:"1.2.840.113549.1.9.1",description:"2.5.4.13",businessCategory:"2.5.4.15",postalCode:"2.5.4.17",serialNumber:"2.5.4.5",uniqueIdentifier:"2.5.4.45",organizationIdentifier:"2.5.4.97",jurisdictionOfIncorporationL:"1.3.6.1.4.1.311.60.2.1.1",jurisdictionOfIncorporationSP:"1.3.6.1.4.1.311.60.2.1.2",jurisdictionOfIncorporationC:"1.3.6.1.4.1.311.60.2.1.3"};this.objCache={};this.name2obj=function(b){if(typeof this.objCache[b]!="undefined"){return this.objCache[b]}if(typeof this.name2oidList[b]=="undefined"){throw"Name of ObjectIdentifier not defined: "+b}var c=this.name2oidList[b];var d=new a({oid:c});this.objCache[b]=d;return d};this.atype2obj=function(b){if(this.objCache[b]!==undefined){return this.objCache[b]}var c;if(b.match(/^\d+\.\d+\.[0-9.]+$/)){c=b}else{if(this.atype2oidList[b]!==undefined){c=this.atype2oidList[b]}else{if(this.name2oidList[b]!==undefined){c=this.name2oidList[b]}else{throw new Error("AttributeType name undefined: "+b)}}}var d=new a({oid:c});this.objCache[b]=d;return d};this.registerOIDs=function(b){if(!this.checkOIDs(b)){return}for(var c in b){this.name2oidList[c]=b[c]}};this.checkOIDs=function(b){try{var d=Object.keys(b);if(d.length==0){return false}d.map(function(g,e,h){var f=this[g];if(!f.match(/^[0-2]\.[0-9.]+$/)){throw new Error("value is not OID")}},b);return true}catch(c){return false}}};KJUR.asn1.x509.OID.oid2name=function(b){var c=KJUR.asn1.x509.OID.name2oidList;for(var a in c){if(c[a]==b){return a}}return""};KJUR.asn1.x509.OID.oid2atype=function(b){var c=KJUR.asn1.x509.OID.atype2oidList;for(var a in c){if(c[a]==b){return a}}return b};KJUR.asn1.x509.OID.name2oid=function(a){if(a.match(/^[0-9.]+$/)){return a}var b=KJUR.asn1.x509.OID.name2oidList;if(b[a]===undefined){return""}return b[a]};KJUR.asn1.x509.X509Util={};KJUR.asn1.x509.X509Util.newCertPEM=function(e){var d=KJUR.asn1.x509,b=d.TBSCertificate,a=d.Certificate;var c=new a(e);return c.getPEM()};
\ No newline at end of file
diff --git a/min/x509-1.1.min.js b/min/x509-1.1.min.js
index 1da8df25..587d80e0 100644
--- a/min/x509-1.1.min.js
+++ b/min/x509-1.1.min.js
@@ -1 +1 @@
-function X509(u){var n=ASN1HEX,r=n.getChildIdx,k=n.getV,x=n.dump,j=n.parse,b=n.getTLV,c=n.getVbyList,o=n.getVbyListEx,a=n.getTLVbyList,p=n.getTLVbyListEx,l=n.getIdxbyList,f=n.getIdxbyListEx,m=n.getVidx,w=n.getInt,t=n.oidname,q=n.hextooidstr,d=X509,v=pemtohex,g;try{g=KJUR.asn1.x509.AlgorithmIdentifier.PSSNAME2ASN1TLV}catch(s){}this.HEX2STAG={"0c":"utf8","13":"prn","16":"ia5","1a":"vis","1e":"bmp"};this.hex=null;this.version=0;this.foffset=0;this.aExtInfo=null;this.getVersion=function(){if(this.hex===null||this.version!==0){return this.version}var z=a(this.hex,0,[0,0]);if(z.substr(0,2)=="a0"){var A=a(z,0,[0]);var y=w(A,0);if(y<0||2<y){throw new Error("malformed version field")}this.version=y+1;return this.version}else{this.version=1;this.foffset=-1;return 1}};this.getSerialNumberHex=function(){return o(this.hex,0,[0,0],"02")};this.getSignatureAlgorithmField=function(){var y=p(this.hex,0,[0,1]);return this.getAlgorithmIdentifierName(y)};this.getAlgorithmIdentifierName=function(y){for(var z in g){if(y===g[z]){return z}}return t(o(y,0,[0],"06"))};this.getIssuer=function(){return this.getX500Name(this.getIssuerHex())};this.getIssuerHex=function(){return a(this.hex,0,[0,3+this.foffset],"30")};this.getIssuerString=function(){var y=this.getIssuer();return y.str};this.getSubject=function(){return this.getX500Name(this.getSubjectHex())};this.getSubjectHex=function(){return a(this.hex,0,[0,5+this.foffset],"30")};this.getSubjectString=function(){var y=this.getSubject();return y.str};this.getNotBefore=function(){var y=c(this.hex,0,[0,4+this.foffset,0]);y=y.replace(/(..)/g,"%$1");y=decodeURIComponent(y);return y};this.getNotAfter=function(){var y=c(this.hex,0,[0,4+this.foffset,1]);y=y.replace(/(..)/g,"%$1");y=decodeURIComponent(y);return y};this.getPublicKeyHex=function(){return this.getSPKI()};this.getSPKI=function(){return a(this.hex,0,[0,6+this.foffset],"30")};this.getSPKIValue=function(){var y=this.getSPKI();if(y==null){return null}return c(y,0,[1],"03",true)};this.getPublicKeyIdx=function(){return l(this.hex,0,[0,6+this.foffset],"30")};this.getPublicKeyContentIdx=function(){var y=this.getPublicKeyIdx();return l(this.hex,y,[1,0],"30")};this.getPublicKey=function(){return KEYUTIL.getKey(this.getPublicKeyHex(),null,"pkcs8pub")};this.getSignatureAlgorithmName=function(){var y=a(this.hex,0,[1],"30");return this.getAlgorithmIdentifierName(y)};this.getSignatureValueHex=function(){return c(this.hex,0,[2],"03",true)};this.verifySignature=function(A){var B=this.getSignatureAlgorithmField();var y=this.getSignatureValueHex();var z=a(this.hex,0,[0],"30");var C=new KJUR.crypto.Signature({alg:B});C.init(A);C.updateHex(z);return C.verify(y)};this.parseExt=function(H){var A,y,C;if(H===undefined){C=this.hex;if(this.version!==3){return -1}A=l(C,0,[0,7,0],"30");y=r(C,A)}else{C=pemtohex(H);var D=l(C,0,[0,3,0,0],"06");if(k(C,D)!="2a864886f70d01090e"){this.aExtInfo=new Array();return}A=l(C,0,[0,3,0,1,0],"30");y=r(C,A);this.hex=C}this.aExtInfo=new Array();for(var B=0;B<y.length;B++){var F={};F.critical=false;var E=r(C,y[B]);var z=0;if(E.length===3){F.critical=true;z=1}F.oid=n.hextooidstr(c(C,y[B],[0],"06"));var G=l(C,y[B],[1+z]);F.vidx=m(C,G);this.aExtInfo.push(F)}};this.getExtInfo=function(A){var y=this.aExtInfo;var B=A;if(!A.match(/^[0-9.]+$/)){B=KJUR.asn1.x509.OID.name2oid(A)}if(B===""){return undefined}for(var z=0;z<y.length;z++){if(y[z].oid===B){return y[z]}}return undefined};this.getExtBasicConstraints=function(z,D){if(z===undefined&&D===undefined){var B=this.getExtInfo("basicConstraints");if(B===undefined){return undefined}z=b(this.hex,B.vidx);D=B.critical}var y={extname:"basicConstraints"};if(D){y.critical=true}if(z==="3000"){return y}if(z==="30030101ff"){y.cA=true;return y}if(z.substr(0,12)==="30060101ff02"){var C=k(z,10);var A=parseInt(C,16);y.cA=true;y.pathLen=A;return y}throw new Error("hExtV parse error: "+z)};this.getExtNameConstraints=function(H,F){if(H===undefined&&F===undefined){var z=this.getExtInfo("nameConstraints");if(z===undefined){return undefined}H=b(this.hex,z.vidx);F=z.critical}var J={extname:"nameConstraints"};if(F){J.critical=true}var E=r(H,0);for(var C=0;C<E.length;C++){var D=[];var A=r(H,E[C]);for(var B=0;B<A.length;B++){var G=b(H,A[B]);var y=this.getGeneralSubtree(G);D.push(y)}var I=H.substr(E[C],2);if(I=="a0"){J.permit=D}else{if(I=="a1"){J.exclude=D}}}return J};this.getGeneralSubtree=function(E){var C=r(E,0);var B=C.length;if(B<1||2<B){throw new Error("wrong num elements")}var A=this.getGeneralName(b(E,C[0]));for(var D=1;D<B;D++){var z=E.substr(C[D],2);var y=k(E,C[D]);var F=parseInt(y,16);if(z=="80"){A.min=F}if(z=="81"){A.max=F}}return A};this.getExtKeyUsage=function(z,B){if(z===undefined&&B===undefined){var A=this.getExtInfo("keyUsage");if(A===undefined){return undefined}z=b(this.hex,A.vidx);B=A.critical}var y={extname:"keyUsage"};if(B){y.critical=true}y.names=this.getExtKeyUsageString(z).split(",");return y};this.getExtKeyUsageBin=function(z){if(z===undefined){var A=this.getExtInfo("keyUsage");if(A===undefined){return""}z=b(this.hex,A.vidx)}if(z.length!=8&&z.length!=10){throw new Error("malformed key usage value: "+z)}var y="000000000000000"+parseInt(z.substr(6),16).toString(2);if(z.length==8){y=y.slice(-8)}if(z.length==10){y=y.slice(-16)}y=y.replace(/0+$/,"");if(y==""){y="0"}return y};this.getExtKeyUsageString=function(A){var B=this.getExtKeyUsageBin(A);var y=new Array();for(var z=0;z<B.length;z++){if(B.substr(z,1)=="1"){y.push(X509.KEYUSAGE_NAME[z])}}return y.join(",")};this.getExtSubjectKeyIdentifier=function(A,C){if(A===undefined&&C===undefined){var B=this.getExtInfo("subjectKeyIdentifier");if(B===undefined){return undefined}A=b(this.hex,B.vidx);C=B.critical}var y={extname:"subjectKeyIdentifier"};if(C){y.critical=true}var z=k(A,0);y.kid={hex:z};return y};this.getExtAuthorityKeyIdentifier=function(E,C){if(E===undefined&&C===undefined){var y=this.getExtInfo("authorityKeyIdentifier");if(y===undefined){return undefined}E=b(this.hex,y.vidx);C=y.critical}var F={extname:"authorityKeyIdentifier"};if(C){F.critical=true}var D=r(E,0);for(var z=0;z<D.length;z++){var G=E.substr(D[z],2);if(G==="80"){F.kid={hex:k(E,D[z])}}if(G==="a1"){var B=b(E,D[z]);var A=this.getGeneralNames(B);F.issuer=A[0]["dn"]}if(G==="82"){F.sn={hex:k(E,D[z])}}}return F};this.getExtExtKeyUsage=function(B,D){if(B===undefined&&D===undefined){var C=this.getExtInfo("extKeyUsage");if(C===undefined){return undefined}B=b(this.hex,C.vidx);D=C.critical}var y={extname:"extKeyUsage",array:[]};if(D){y.critical=true}var z=r(B,0);for(var A=0;A<z.length;A++){y.array.push(t(k(B,z[A])))}return y};this.getExtExtKeyUsageName=function(){var C=this.getExtInfo("extKeyUsage");if(C===undefined){return C}var y=new Array();var B=b(this.hex,C.vidx);if(B===""){return y}var z=r(B,0);for(var A=0;A<z.length;A++){y.push(t(k(B,z[A])))}return y};this.getExtSubjectAltName=function(z,B){if(z===undefined&&B===undefined){var A=this.getExtInfo("subjectAltName");if(A===undefined){return undefined}z=b(this.hex,A.vidx);B=A.critical}var y={extname:"subjectAltName",array:[]};if(B){y.critical=true}y.array=this.getGeneralNames(z);return y};this.getExtIssuerAltName=function(z,B){if(z===undefined&&B===undefined){var A=this.getExtInfo("issuerAltName");if(A===undefined){return undefined}z=b(this.hex,A.vidx);B=A.critical}var y={extname:"issuerAltName",array:[]};if(B){y.critical=true}y.array=this.getGeneralNames(z);return y};this.getGeneralNames=function(C){var A=r(C,0);var y=[];for(var B=0;B<A.length;B++){var z=this.getGeneralName(b(C,A[B]));if(z!==undefined){y.push(z)}}return y};this.getGeneralName=function(z){var y=z.substr(0,2);var B=k(z,0);var A=hextorstr(B);if(y=="81"){return{rfc822:A}}if(y=="82"){return{dns:A}}if(y=="86"){return{uri:A}}if(y=="87"){return{ip:hextoip(B)}}if(y=="a4"){return{dn:this.getX500Name(B)}}if(y=="a0"){return{other:this.getOtherName(z)}}return undefined};this.getExtSubjectAltName2=function(){var C,F,E;var D=this.getExtInfo("subjectAltName");if(D===undefined){return D}var y=new Array();var B=b(this.hex,D.vidx);var z=r(B,0);for(var A=0;A<z.length;A++){E=B.substr(z[A],2);C=k(B,z[A]);if(E==="81"){F=hextoutf8(C);y.push(["MAIL",F])}if(E==="82"){F=hextoutf8(C);y.push(["DNS",F])}if(E==="84"){F=X509.hex2dn(C,0);y.push(["DN",F])}if(E==="86"){F=hextoutf8(C);y.push(["URI",F])}if(E==="87"){F=hextoip(C);y.push(["IP",F])}}return y};this.getExtCRLDistributionPoints=function(C,E){if(C===undefined&&E===undefined){var D=this.getExtInfo("cRLDistributionPoints");if(D===undefined){return undefined}C=b(this.hex,D.vidx);E=D.critical}var z={extname:"cRLDistributionPoints",array:[]};if(E){z.critical=true}var A=r(C,0);for(var B=0;B<A.length;B++){var y=b(C,A[B]);z.array.push(this.getDistributionPoint(y))}return z};this.getDistributionPoint=function(D){var A={};var B=r(D,0);for(var C=0;C<B.length;C++){var z=D.substr(B[C],2);var y=b(D,B[C]);if(z=="a0"){A.dpname=this.getDistributionPointName(y)}}return A};this.getDistributionPointName=function(D){var A={};var B=r(D,0);for(var C=0;C<B.length;C++){var z=D.substr(B[C],2);var y=b(D,B[C]);if(z=="a0"){A.full=this.getGeneralNames(y)}}return A};this.getExtCRLDistributionPointsURI=function(){var C=this.getExtCRLDistributionPoints();if(C==undefined){return C}var z=C.array;var y=[];for(var B=0;B<z.length;B++){try{if(z[B].dpname.full[0].uri!=undefined){y.push(z[B].dpname.full[0].uri)}}catch(A){}}return y};this.getExtAIAInfo=function(){var C=this.getExtInfo("authorityInfoAccess");if(C===undefined){return C}var y={ocsp:[],caissuer:[]};var z=r(this.hex,C.vidx);for(var A=0;A<z.length;A++){var D=c(this.hex,z[A],[0],"06");var B=c(this.hex,z[A],[1],"86");if(D==="2b06010505073001"){y.ocsp.push(hextoutf8(B))}if(D==="2b06010505073002"){y.caissuer.push(hextoutf8(B))}}return y};this.getExtAuthorityInfoAccess=function(F,D){if(F===undefined&&D===undefined){var y=this.getExtInfo("authorityInfoAccess");if(y===undefined){return undefined}F=b(this.hex,y.vidx);D=y.critical}var G={extname:"authorityInfoAccess",array:[]};if(D){G.critical=true}var E=r(F,0);for(var z=0;z<E.length;z++){var C=o(F,E[z],[0],"06");var A=c(F,E[z],[1],"86");var B=hextoutf8(A);if(C=="2b06010505073001"){G.array.push({ocsp:B})}else{if(C=="2b06010505073002"){G.array.push({caissuer:B})}else{throw new Error("unknown method: "+C)}}}return G};this.getExtCertificatePolicies=function(C,F){if(C===undefined&&F===undefined){var E=this.getExtInfo("certificatePolicies");if(E===undefined){return undefined}C=b(this.hex,E.vidx);F=E.critical}var y={extname:"certificatePolicies",array:[]};if(F){y.critical=true}var z=r(C,0);for(var A=0;A<z.length;A++){var D=b(C,z[A]);var B=this.getPolicyInformation(D);y.array.push(B)}return y};this.getPolicyInformation=function(C){var y={};var E=c(C,0,[0],"06");y.policyoid=t(E);var F=f(C,0,[1],"30");if(F!=-1){y.array=[];var z=r(C,F);for(var A=0;A<z.length;A++){var D=b(C,z[A]);var B=this.getPolicyQualifierInfo(D);y.array.push(B)}}return y};this.getOtherName=function(A){var y={};var z=r(A,0);var C=c(A,z[0],[],"06");var B=c(A,z[1],[]);y.oid=KJUR.asn1.ASN1Util.oidHexToInt(C);y.obj=j(B);return y};this.getPolicyQualifierInfo=function(z){var y={};var A=c(z,0,[0],"06");if(A==="2b06010505070201"){var C=o(z,0,[1],"16");y.cps=hextorstr(C)}else{if(A==="2b06010505070202"){var B=a(z,0,[1],"30");y.unotice=this.getUserNotice(B)}}return y};this.getUserNotice=function(C){var z={};var A=r(C,0);for(var B=0;B<A.length;B++){var y=b(C,A[B]);if(y.substr(0,2)!="30"){z.exptext=this.getDisplayText(y)}}return z};this.getDisplayText=function(z){var A={"0c":"utf8","16":"ia5","1a":"vis","1e":"bmp"};var y={};y.type=A[z.substr(0,2)];y.str=hextorstr(k(z,0));return y};this.getExtCRLNumber=function(z,A){var y={extname:"cRLNumber"};if(A){y.critical=true}if(z.substr(0,2)=="02"){y.num={hex:k(z,0)};return y}throw new Error("hExtV parse error: "+z)};this.getExtCRLReason=function(z,A){var y={extname:"cRLReason"};if(A){y.critical=true}if(z.substr(0,2)=="0a"){y.code=parseInt(k(z,0),16);return y}throw new Error("hExtV parse error: "+z)};this.getExtOcspNonce=function(z,B){var y={extname:"ocspNonce"};if(B){y.critical=true}var A=k(z,0);y.hex=A;return y};this.getExtOcspNoCheck=function(z,A){var y={extname:"ocspNoCheck"};if(A){y.critical=true}return y};this.getExtAdobeTimeStamp=function(B,E){if(B===undefined&&E===undefined){var D=this.getExtInfo("adobeTimeStamp");if(D===undefined){return undefined}B=b(this.hex,D.vidx);E=D.critical}var y={extname:"adobeTimeStamp"};if(E){y.critical=true}var A=r(B,0);if(A.length>1){var F=b(B,A[1]);var z=this.getGeneralName(F);if(z.uri!=undefined){y.uri=z.uri}}if(A.length>2){var C=b(B,A[2]);if(C=="0101ff"){y.reqauth=true}if(C=="010100"){y.reqauth=false}}return y};var e=function(D){var y={};try{var A=D.seq[0].oid;var C=KJUR.asn1.x509.OID.name2oid(A);y.type=KJUR.asn1.x509.OID.oid2atype(C);var z=D.seq[1];if(z.utf8str!=undefined){y.ds="utf8";y.value=z.utf8str.str}else{if(z.numstr!=undefined){y.ds="num";y.value=z.numstr.str}else{if(z.telstr!=undefined){y.ds="tel";y.value=z.telstr.str}else{if(z.prnstr!=undefined){y.ds="prn";y.value=z.prnstr.str}else{if(z.ia5str!=undefined){y.ds="ia5";y.value=z.ia5str.str}else{if(z.visstr!=undefined){y.ds="vis";y.value=z.visstr.str}else{if(z.bmpstr!=undefined){y.ds="bmp";y.value=z.bmpstr.str}else{throw"error"}}}}}}}return y}catch(B){throw new Erorr("improper ASN.1 parsed AttrTypeAndValue")}};var i=function(z){try{return z.set.map(function(A){return e(A)})}catch(y){throw new Error("improper ASN.1 parsed RDN: "+y)}};var h=function(z){try{return z.seq.map(function(A){return i(A)})}catch(y){throw new Error("improper ASN.1 parsed X500Name: "+y)}};this.getX500NameRule=function(y){var F=true;var J=true;var I=false;var z="";var C="";var L=null;var G=[];for(var B=0;B<y.length;B++){var D=y[B];for(var A=0;A<D.length;A++){G.push(D[A])}}for(var B=0;B<G.length;B++){var K=G[B];var M=K.ds;var H=K.value;var E=K.type;z+=":"+M;if(M!="prn"&&M!="utf8"&&M!="ia5"){return"mixed"}if(M=="ia5"){if(E!="CN"){return"mixed"}else{if(!KJUR.lang.String.isMail(H)){return"mixed"}else{continue}}}if(E=="C"){if(M=="prn"){continue}else{return"mixed"}}C+=":"+M;if(L==null){L=M}else{if(L!==M){return"mixed"}}}if(L==null){return"prn"}else{return L}};this.getAttrTypeAndValue=function(y){var z=j(y);return e(z)};this.getRDN=function(y){var z=j(y);return i(z)};this.getX500NameArray=function(y){var z=j(y);return h(z)};this.getX500Name=function(A){var y=this.getX500NameArray(A);var z=this.dnarraytostr(y);return{array:y,str:z}};this.readCertPEM=function(y){this.readCertHex(v(y))};this.readCertHex=function(y){this.hex=y;this.getVersion();try{l(this.hex,0,[0,7],"a3");this.parseExt()}catch(z){}};this.getParam=function(z){var y={};y.version=this.getVersion();y.serial={hex:this.getSerialNumberHex()};y.sigalg=this.getSignatureAlgorithmField();y.issuer=this.getIssuer();y.notbefore=this.getNotBefore();y.notafter=this.getNotAfter();y.subject=this.getSubject();y.sbjpubkey=hextopem(this.getPublicKeyHex(),"PUBLIC KEY");if(this.aExtInfo!=undefined&&this.aExtInfo.length>0){y.ext=this.getExtParamArray()}y.sighex=this.getSignatureValueHex();if(typeof z=="object"){if(z.tbshex==true){y.tbshex=a(this.hex,0,[0])}if(z.nodnarray==true){delete y.issuer.array;delete y.subject.array}}return y};this.getExtParamArray=function(z){if(z==undefined){var B=f(this.hex,0,[0,"[3]"]);if(B!=-1){z=p(this.hex,0,[0,"[3]",0],"30")}}var y=[];var A=r(z,0);for(var C=0;C<A.length;C++){var E=b(z,A[C]);var D=this.getExtParam(E);if(D!=null){y.push(D)}}return y};this.getExtParam=function(z){var G={};var B=r(z,0);var C=B.length;if(C!=2&&C!=3){throw new Error("wrong number elements in Extension: "+C+" "+z)}var A=q(c(z,0,[0],"06"));var E=false;if(C==3&&a(z,0,[1])=="0101ff"){E=true}var F=a(z,0,[C-1,0]);var D=undefined;if(A=="2.5.29.14"){D=this.getExtSubjectKeyIdentifier(F,E)}else{if(A=="2.5.29.15"){D=this.getExtKeyUsage(F,E)}else{if(A=="2.5.29.17"){D=this.getExtSubjectAltName(F,E)}else{if(A=="2.5.29.18"){D=this.getExtIssuerAltName(F,E)}else{if(A=="2.5.29.19"){D=this.getExtBasicConstraints(F,E)}else{if(A=="2.5.29.30"){D=this.getExtNameConstraints(F,E)}else{if(A=="2.5.29.31"){D=this.getExtCRLDistributionPoints(F,E)}else{if(A=="2.5.29.32"){D=this.getExtCertificatePolicies(F,E)}else{if(A=="2.5.29.35"){D=this.getExtAuthorityKeyIdentifier(F,E)}else{if(A=="2.5.29.37"){D=this.getExtExtKeyUsage(F,E)}else{if(A=="1.3.6.1.5.5.7.1.1"){D=this.getExtAuthorityInfoAccess(F,E)}else{if(A=="2.5.29.20"){D=this.getExtCRLNumber(F,E)}else{if(A=="2.5.29.21"){D=this.getExtCRLReason(F,E)}else{if(A=="1.3.6.1.5.5.7.48.1.2"){D=this.getExtOcspNonce(F,E)}else{if(A=="1.3.6.1.5.5.7.48.1.5"){D=this.getExtOcspNoCheck(F,E)}else{if(A=="1.2.840.113583.1.1.9.1"){D=this.getExtAdobeTimeStamp(F,E)}}}}}}}}}}}}}}}}if(D!=undefined){return D}var y={extname:A,extn:F};if(E){y.critical=true}return y};this.findExt=function(z,A){for(var y=0;y<z.length;y++){if(z[y].extname==A){return z[y]}}return null};this.updateExtCDPFullURI=function(C,y){var B=this.findExt(C,"cRLDistributionPoints");if(B==null){return}if(B.array==undefined){return}var E=B.array;for(var A=0;A<E.length;A++){if(E[A].dpname==undefined){continue}if(E[A].dpname.full==undefined){continue}var F=E[A].dpname.full;for(var z=0;z<F.length;z++){var D=F[A];if(D.uri==undefined){continue}D.uri=y}}};this.updateExtAIAOCSP=function(C,z){var B=this.findExt(C,"authorityInfoAccess");if(B==null){return}if(B.array==undefined){return}var y=B.array;for(var A=0;A<y.length;A++){if(y[A].ocsp!=undefined){y[A].ocsp=z}}};this.updateExtAIACAIssuer=function(C,z){var B=this.findExt(C,"authorityInfoAccess");if(B==null){return}if(B.array==undefined){return}var y=B.array;for(var A=0;A<y.length;A++){if(y[A].caissuer!=undefined){y[A].caissuer=z}}};this.dnarraytostr=function(A){function y(B){return B.map(function(C){return z(C).replace(/\+/,"\\+")}).join("+")}function z(B){return B.type+"="+B.value}return"/"+A.map(function(B){return y(B).replace(/\//,"\\/")}).join("/")};this.getInfo=function(){var z=function(R){var Q=JSON.stringify(R.array).replace(/[\[\]\{\}\"]/g,"");return Q};var F=function(W){var U="";var Q=W.array;for(var T=0;T<Q.length;T++){var V=Q[T];U+="    policy oid: "+V.policyoid+"\n";if(V.array===undefined){continue}for(var S=0;S<V.array.length;S++){var R=V.array[S];if(R.cps!==undefined){U+="    cps: "+R.cps+"\n"}}}return U};var I=function(U){var T="";var Q=U.array;for(var S=0;S<Q.length;S++){var V=Q[S];try{if(V.dpname.full[0].uri!==undefined){T+="    "+V.dpname.full[0].uri+"\n"}}catch(R){}try{if(V.dname.full[0].dn.hex!==undefined){T+="    "+X509.hex2dn(V.dpname.full[0].dn.hex)+"\n"}}catch(R){}}return T};var G=function(U){var T="";var Q=U.array;for(var R=0;R<Q.length;R++){var S=Q[R];if(S.caissuer!==undefined){T+="    caissuer: "+S.caissuer+"\n"}if(S.ocsp!==undefined){T+="    ocsp: "+S.ocsp+"\n"}}return T};var A=X509;var K,J,P;K="Basic Fields\n";K+="  serial number: "+this.getSerialNumberHex()+"\n";K+="  signature algorithm: "+this.getSignatureAlgorithmField()+"\n";K+="  issuer: "+this.getIssuerString()+"\n";K+="  notBefore: "+this.getNotBefore()+"\n";K+="  notAfter: "+this.getNotAfter()+"\n";K+="  subject: "+this.getSubjectString()+"\n";K+="  subject public key info: \n";J=this.getPublicKey();K+="    key algorithm: "+J.type+"\n";if(J.type==="RSA"){K+="    n="+hextoposhex(J.n.toString(16)).substr(0,16)+"...\n";K+="    e="+hextoposhex(J.e.toString(16))+"\n"}P=this.aExtInfo;if(P!==undefined&&P!==null){K+="X509v3 Extensions:\n";for(var M=0;M<P.length;M++){var O=P[M];var y=KJUR.asn1.x509.OID.oid2name(O.oid);if(y===""){y=O.oid}var L="";if(O.critical===true){L="CRITICAL"}K+="  "+y+" "+L+":\n";if(y==="basicConstraints"){var B=this.getExtBasicConstraints();if(B.cA===undefined){K+="    {}\n"}else{K+="    cA=true";if(B.pathLen!==undefined){K+=", pathLen="+B.pathLen}K+="\n"}}else{if(y==="keyUsage"){K+="    "+this.getExtKeyUsageString()+"\n"}else{if(y==="subjectKeyIdentifier"){K+="    "+this.getExtSubjectKeyIdentifier().kid.hex+"\n"}else{if(y==="authorityKeyIdentifier"){var C=this.getExtAuthorityKeyIdentifier();if(C.kid!==undefined){K+="    kid="+C.kid.hex+"\n"}}else{if(y==="extKeyUsage"){var N=this.getExtExtKeyUsage().array;K+="    "+N.join(", ")+"\n"}else{if(y==="subjectAltName"){var D=z(this.getExtSubjectAltName());K+="    "+D+"\n"}else{if(y==="cRLDistributionPoints"){var H=this.getExtCRLDistributionPoints();K+=I(H)}else{if(y==="authorityInfoAccess"){var E=this.getExtAuthorityInfoAccess();K+=G(E)}else{if(y==="certificatePolicies"){K+=F(this.getExtCertificatePolicies())}}}}}}}}}}}K+="signature algorithm: "+this.getSignatureAlgorithmName()+"\n";K+="signature: "+this.getSignatureValueHex().substr(0,16)+"...\n";return K};if(typeof u=="string"){if(u.indexOf("-----BEGIN")!=-1){this.readCertPEM(u)}else{if(KJUR.lang.String.isHex(u)){this.readCertHex(u)}}}}X509.hex2dn=function(e,b){if(b===undefined){b=0}var a=new X509();var c=ASN1HEX.getTLV(e,b);var d=a.getX500Name(e);return d.str};X509.hex2rdn=function(f,b){if(b===undefined){b=0}if(f.substr(b,2)!=="31"){throw new Error("malformed RDN")}var c=new Array();var d=ASN1HEX.getChildIdx(f,b);for(var e=0;e<d.length;e++){c.push(X509.hex2attrTypeValue(f,d[e]))}c=c.map(function(a){return a.replace("+","\\+")});return c.join("+")};X509.hex2attrTypeValue=function(d,i){var j=ASN1HEX;var h=j.getV;if(i===undefined){i=0}if(d.substr(i,2)!=="30"){throw new Error("malformed attribute type and value")}var g=j.getChildIdx(d,i);if(g.length!==2||d.substr(g[0],2)!=="06"){"malformed attribute type and value"}var b=h(d,g[0]);var f=KJUR.asn1.ASN1Util.oidHexToInt(b);var e=KJUR.asn1.x509.OID.oid2atype(f);var a=h(d,g[1]);var c=hextorstr(a);return e+"="+c};X509.getPublicKeyFromCertHex=function(b){var a=new X509();a.readCertHex(b);return a.getPublicKey()};X509.getPublicKeyFromCertPEM=function(b){var a=new X509();a.readCertPEM(b);return a.getPublicKey()};X509.getPublicKeyInfoPropOfCertPEM=function(c){var e=ASN1HEX;var g=e.getVbyList;var b={};var a,f,d;b.algparam=null;a=new X509();a.readCertPEM(c);f=a.getPublicKeyHex();b.keyhex=g(f,0,[1],"03").substr(2);b.algoid=g(f,0,[0,0],"06");if(b.algoid==="2a8648ce3d0201"){b.algparam=g(f,0,[0,1],"06")}return b};X509.KEYUSAGE_NAME=["digitalSignature","nonRepudiation","keyEncipherment","dataEncipherment","keyAgreement","keyCertSign","cRLSign","encipherOnly","decipherOnly"];
\ No newline at end of file
+function X509(u){var n=ASN1HEX,r=n.getChildIdx,k=n.getV,x=n.dump,j=n.parse,b=n.getTLV,c=n.getVbyList,o=n.getVbyListEx,a=n.getTLVbyList,p=n.getTLVbyListEx,l=n.getIdxbyList,f=n.getIdxbyListEx,m=n.getVidx,w=n.getInt,t=n.oidname,q=n.hextooidstr,d=X509,v=pemtohex,g;try{g=KJUR.asn1.x509.AlgorithmIdentifier.PSSNAME2ASN1TLV}catch(s){}this.HEX2STAG={"0c":"utf8","13":"prn","16":"ia5","1a":"vis","1e":"bmp"};this.hex=null;this.version=0;this.foffset=0;this.aExtInfo=null;this.getVersion=function(){if(this.hex===null||this.version!==0){return this.version}var z=a(this.hex,0,[0,0]);if(z.substr(0,2)=="a0"){var A=a(z,0,[0]);var y=w(A,0);if(y<0||2<y){throw new Error("malformed version field")}this.version=y+1;return this.version}else{this.version=1;this.foffset=-1;return 1}};this.getSerialNumberHex=function(){return o(this.hex,0,[0,0],"02")};this.getSignatureAlgorithmField=function(){var y=p(this.hex,0,[0,1]);return this.getAlgorithmIdentifierName(y)};this.getAlgorithmIdentifierName=function(y){for(var z in g){if(y===g[z]){return z}}return t(o(y,0,[0],"06"))};this.getIssuer=function(z,y){return this.getX500Name(this.getIssuerHex(),z,y)};this.getIssuerHex=function(){return a(this.hex,0,[0,3+this.foffset],"30")};this.getIssuerString=function(){var y=this.getIssuer();return y.str};this.getSubject=function(z,y){return this.getX500Name(this.getSubjectHex(),z,y)};this.getSubjectHex=function(){return a(this.hex,0,[0,5+this.foffset],"30")};this.getSubjectString=function(){var y=this.getSubject();return y.str};this.getNotBefore=function(){var y=c(this.hex,0,[0,4+this.foffset,0]);y=y.replace(/(..)/g,"%$1");y=decodeURIComponent(y);return y};this.getNotAfter=function(){var y=c(this.hex,0,[0,4+this.foffset,1]);y=y.replace(/(..)/g,"%$1");y=decodeURIComponent(y);return y};this.getPublicKeyHex=function(){return this.getSPKI()};this.getSPKI=function(){return a(this.hex,0,[0,6+this.foffset],"30")};this.getSPKIValue=function(){var y=this.getSPKI();if(y==null){return null}return c(y,0,[1],"03",true)};this.getPublicKeyIdx=function(){return l(this.hex,0,[0,6+this.foffset],"30")};this.getPublicKeyContentIdx=function(){var y=this.getPublicKeyIdx();return l(this.hex,y,[1,0],"30")};this.getPublicKey=function(){return KEYUTIL.getKey(this.getPublicKeyHex(),null,"pkcs8pub")};this.getSignatureAlgorithmName=function(){var y=a(this.hex,0,[1],"30");return this.getAlgorithmIdentifierName(y)};this.getSignatureValueHex=function(){return c(this.hex,0,[2],"03",true)};this.verifySignature=function(A){var B=this.getSignatureAlgorithmField();var y=this.getSignatureValueHex();var z=a(this.hex,0,[0],"30");var C=new KJUR.crypto.Signature({alg:B});C.init(A);C.updateHex(z);return C.verify(y)};this.parseExt=function(H){var A,y,C;if(H===undefined){C=this.hex;if(this.version!==3){return -1}A=l(C,0,[0,7,0],"30");y=r(C,A)}else{C=pemtohex(H);var D=l(C,0,[0,3,0,0],"06");if(k(C,D)!="2a864886f70d01090e"){this.aExtInfo=new Array();return}A=l(C,0,[0,3,0,1,0],"30");y=r(C,A);this.hex=C}this.aExtInfo=new Array();for(var B=0;B<y.length;B++){var F={};F.critical=false;var E=r(C,y[B]);var z=0;if(E.length===3){F.critical=true;z=1}F.oid=n.hextooidstr(c(C,y[B],[0],"06"));var G=l(C,y[B],[1+z]);F.vidx=m(C,G);this.aExtInfo.push(F)}};this.getExtInfo=function(A){var y=this.aExtInfo;var B=A;if(!A.match(/^[0-9.]+$/)){B=KJUR.asn1.x509.OID.name2oid(A)}if(B===""){return undefined}for(var z=0;z<y.length;z++){if(y[z].oid===B){return y[z]}}return undefined};this.getExtBasicConstraints=function(z,D){if(z===undefined&&D===undefined){var B=this.getExtInfo("basicConstraints");if(B===undefined){return undefined}z=b(this.hex,B.vidx);D=B.critical}var y={extname:"basicConstraints"};if(D){y.critical=true}if(z==="3000"){return y}if(z==="30030101ff"){y.cA=true;return y}if(z.substr(0,12)==="30060101ff02"){var C=k(z,10);var A=parseInt(C,16);y.cA=true;y.pathLen=A;return y}throw new Error("hExtV parse error: "+z)};this.getExtNameConstraints=function(H,F){if(H===undefined&&F===undefined){var z=this.getExtInfo("nameConstraints");if(z===undefined){return undefined}H=b(this.hex,z.vidx);F=z.critical}var J={extname:"nameConstraints"};if(F){J.critical=true}var E=r(H,0);for(var C=0;C<E.length;C++){var D=[];var A=r(H,E[C]);for(var B=0;B<A.length;B++){var G=b(H,A[B]);var y=this.getGeneralSubtree(G);D.push(y)}var I=H.substr(E[C],2);if(I=="a0"){J.permit=D}else{if(I=="a1"){J.exclude=D}}}return J};this.getGeneralSubtree=function(E){var C=r(E,0);var B=C.length;if(B<1||2<B){throw new Error("wrong num elements")}var A=this.getGeneralName(b(E,C[0]));for(var D=1;D<B;D++){var z=E.substr(C[D],2);var y=k(E,C[D]);var F=parseInt(y,16);if(z=="80"){A.min=F}if(z=="81"){A.max=F}}return A};this.getExtKeyUsage=function(z,B){if(z===undefined&&B===undefined){var A=this.getExtInfo("keyUsage");if(A===undefined){return undefined}z=b(this.hex,A.vidx);B=A.critical}var y={extname:"keyUsage"};if(B){y.critical=true}y.names=this.getExtKeyUsageString(z).split(",");return y};this.getExtKeyUsageBin=function(z){if(z===undefined){var A=this.getExtInfo("keyUsage");if(A===undefined){return""}z=b(this.hex,A.vidx)}if(z.length!=8&&z.length!=10){throw new Error("malformed key usage value: "+z)}var y="000000000000000"+parseInt(z.substr(6),16).toString(2);if(z.length==8){y=y.slice(-8)}if(z.length==10){y=y.slice(-16)}y=y.replace(/0+$/,"");if(y==""){y="0"}return y};this.getExtKeyUsageString=function(A){var B=this.getExtKeyUsageBin(A);var y=new Array();for(var z=0;z<B.length;z++){if(B.substr(z,1)=="1"){y.push(X509.KEYUSAGE_NAME[z])}}return y.join(",")};this.getExtSubjectKeyIdentifier=function(A,C){if(A===undefined&&C===undefined){var B=this.getExtInfo("subjectKeyIdentifier");if(B===undefined){return undefined}A=b(this.hex,B.vidx);C=B.critical}var y={extname:"subjectKeyIdentifier"};if(C){y.critical=true}var z=k(A,0);y.kid={hex:z};return y};this.getExtAuthorityKeyIdentifier=function(E,C){if(E===undefined&&C===undefined){var y=this.getExtInfo("authorityKeyIdentifier");if(y===undefined){return undefined}E=b(this.hex,y.vidx);C=y.critical}var F={extname:"authorityKeyIdentifier"};if(C){F.critical=true}var D=r(E,0);for(var z=0;z<D.length;z++){var G=E.substr(D[z],2);if(G==="80"){F.kid={hex:k(E,D[z])}}if(G==="a1"){var B=b(E,D[z]);var A=this.getGeneralNames(B);F.issuer=A[0]["dn"]}if(G==="82"){F.sn={hex:k(E,D[z])}}}return F};this.getExtExtKeyUsage=function(B,D){if(B===undefined&&D===undefined){var C=this.getExtInfo("extKeyUsage");if(C===undefined){return undefined}B=b(this.hex,C.vidx);D=C.critical}var y={extname:"extKeyUsage",array:[]};if(D){y.critical=true}var z=r(B,0);for(var A=0;A<z.length;A++){y.array.push(t(k(B,z[A])))}return y};this.getExtExtKeyUsageName=function(){var C=this.getExtInfo("extKeyUsage");if(C===undefined){return C}var y=new Array();var B=b(this.hex,C.vidx);if(B===""){return y}var z=r(B,0);for(var A=0;A<z.length;A++){y.push(t(k(B,z[A])))}return y};this.getExtSubjectAltName=function(z,B){if(z===undefined&&B===undefined){var A=this.getExtInfo("subjectAltName");if(A===undefined){return undefined}z=b(this.hex,A.vidx);B=A.critical}var y={extname:"subjectAltName",array:[]};if(B){y.critical=true}y.array=this.getGeneralNames(z);return y};this.getExtIssuerAltName=function(z,B){if(z===undefined&&B===undefined){var A=this.getExtInfo("issuerAltName");if(A===undefined){return undefined}z=b(this.hex,A.vidx);B=A.critical}var y={extname:"issuerAltName",array:[]};if(B){y.critical=true}y.array=this.getGeneralNames(z);return y};this.getGeneralNames=function(C){var A=r(C,0);var y=[];for(var B=0;B<A.length;B++){var z=this.getGeneralName(b(C,A[B]));if(z!==undefined){y.push(z)}}return y};this.getGeneralName=function(z){var y=z.substr(0,2);var B=k(z,0);var A=hextorstr(B);if(y=="81"){return{rfc822:A}}if(y=="82"){return{dns:A}}if(y=="86"){return{uri:A}}if(y=="87"){return{ip:hextoip(B)}}if(y=="a4"){return{dn:this.getX500Name(B)}}if(y=="a0"){return{other:this.getOtherName(z)}}return undefined};this.getExtSubjectAltName2=function(){var C,F,E;var D=this.getExtInfo("subjectAltName");if(D===undefined){return D}var y=new Array();var B=b(this.hex,D.vidx);var z=r(B,0);for(var A=0;A<z.length;A++){E=B.substr(z[A],2);C=k(B,z[A]);if(E==="81"){F=hextoutf8(C);y.push(["MAIL",F])}if(E==="82"){F=hextoutf8(C);y.push(["DNS",F])}if(E==="84"){F=X509.hex2dn(C,0);y.push(["DN",F])}if(E==="86"){F=hextoutf8(C);y.push(["URI",F])}if(E==="87"){F=hextoip(C);y.push(["IP",F])}}return y};this.getExtCRLDistributionPoints=function(C,E){if(C===undefined&&E===undefined){var D=this.getExtInfo("cRLDistributionPoints");if(D===undefined){return undefined}C=b(this.hex,D.vidx);E=D.critical}var z={extname:"cRLDistributionPoints",array:[]};if(E){z.critical=true}var A=r(C,0);for(var B=0;B<A.length;B++){var y=b(C,A[B]);z.array.push(this.getDistributionPoint(y))}return z};this.getDistributionPoint=function(D){var A={};var B=r(D,0);for(var C=0;C<B.length;C++){var z=D.substr(B[C],2);var y=b(D,B[C]);if(z=="a0"){A.dpname=this.getDistributionPointName(y)}}return A};this.getDistributionPointName=function(D){var A={};var B=r(D,0);for(var C=0;C<B.length;C++){var z=D.substr(B[C],2);var y=b(D,B[C]);if(z=="a0"){A.full=this.getGeneralNames(y)}}return A};this.getExtCRLDistributionPointsURI=function(){var C=this.getExtCRLDistributionPoints();if(C==undefined){return C}var z=C.array;var y=[];for(var B=0;B<z.length;B++){try{if(z[B].dpname.full[0].uri!=undefined){y.push(z[B].dpname.full[0].uri)}}catch(A){}}return y};this.getExtAIAInfo=function(){var C=this.getExtInfo("authorityInfoAccess");if(C===undefined){return C}var y={ocsp:[],caissuer:[]};var z=r(this.hex,C.vidx);for(var A=0;A<z.length;A++){var D=c(this.hex,z[A],[0],"06");var B=c(this.hex,z[A],[1],"86");if(D==="2b06010505073001"){y.ocsp.push(hextoutf8(B))}if(D==="2b06010505073002"){y.caissuer.push(hextoutf8(B))}}return y};this.getExtAuthorityInfoAccess=function(F,D){if(F===undefined&&D===undefined){var y=this.getExtInfo("authorityInfoAccess");if(y===undefined){return undefined}F=b(this.hex,y.vidx);D=y.critical}var G={extname:"authorityInfoAccess",array:[]};if(D){G.critical=true}var E=r(F,0);for(var z=0;z<E.length;z++){var C=o(F,E[z],[0],"06");var A=c(F,E[z],[1],"86");var B=hextoutf8(A);if(C=="2b06010505073001"){G.array.push({ocsp:B})}else{if(C=="2b06010505073002"){G.array.push({caissuer:B})}else{throw new Error("unknown method: "+C)}}}return G};this.getExtCertificatePolicies=function(C,F){if(C===undefined&&F===undefined){var E=this.getExtInfo("certificatePolicies");if(E===undefined){return undefined}C=b(this.hex,E.vidx);F=E.critical}var y={extname:"certificatePolicies",array:[]};if(F){y.critical=true}var z=r(C,0);for(var A=0;A<z.length;A++){var D=b(C,z[A]);var B=this.getPolicyInformation(D);y.array.push(B)}return y};this.getPolicyInformation=function(C){var y={};var E=c(C,0,[0],"06");y.policyoid=t(E);var F=f(C,0,[1],"30");if(F!=-1){y.array=[];var z=r(C,F);for(var A=0;A<z.length;A++){var D=b(C,z[A]);var B=this.getPolicyQualifierInfo(D);y.array.push(B)}}return y};this.getOtherName=function(A){var y={};var z=r(A,0);var C=c(A,z[0],[],"06");var B=c(A,z[1],[]);y.oid=t(C);y.value=j(B);return y};this.getPolicyQualifierInfo=function(z){var y={};var A=c(z,0,[0],"06");if(A==="2b06010505070201"){var C=o(z,0,[1],"16");y.cps=hextorstr(C)}else{if(A==="2b06010505070202"){var B=a(z,0,[1],"30");y.unotice=this.getUserNotice(B)}}return y};this.getUserNotice=function(C){var z={};var A=r(C,0);for(var B=0;B<A.length;B++){var y=b(C,A[B]);if(y.substr(0,2)!="30"){z.exptext=this.getDisplayText(y)}}return z};this.getDisplayText=function(z){var A={"0c":"utf8","16":"ia5","1a":"vis","1e":"bmp"};var y={};y.type=A[z.substr(0,2)];y.str=hextorstr(k(z,0));return y};this.getExtCRLNumber=function(z,A){var y={extname:"cRLNumber"};if(A){y.critical=true}if(z.substr(0,2)=="02"){y.num={hex:k(z,0)};return y}throw new Error("hExtV parse error: "+z)};this.getExtCRLReason=function(z,A){var y={extname:"cRLReason"};if(A){y.critical=true}if(z.substr(0,2)=="0a"){y.code=parseInt(k(z,0),16);return y}throw new Error("hExtV parse error: "+z)};this.getExtOcspNonce=function(z,B){var y={extname:"ocspNonce"};if(B){y.critical=true}var A=k(z,0);y.hex=A;return y};this.getExtOcspNoCheck=function(z,A){var y={extname:"ocspNoCheck"};if(A){y.critical=true}return y};this.getExtAdobeTimeStamp=function(B,E){if(B===undefined&&E===undefined){var D=this.getExtInfo("adobeTimeStamp");if(D===undefined){return undefined}B=b(this.hex,D.vidx);E=D.critical}var y={extname:"adobeTimeStamp"};if(E){y.critical=true}var A=r(B,0);if(A.length>1){var F=b(B,A[1]);var z=this.getGeneralName(F);if(z.uri!=undefined){y.uri=z.uri}}if(A.length>2){var C=b(B,A[2]);if(C=="0101ff"){y.reqauth=true}if(C=="010100"){y.reqauth=false}}return y};var e=function(D){var y={};try{var A=D.seq[0].oid;var C=KJUR.asn1.x509.OID.name2oid(A);y.type=KJUR.asn1.x509.OID.oid2atype(C);var z=D.seq[1];if(z.utf8str!=undefined){y.ds="utf8";y.value=z.utf8str.str}else{if(z.numstr!=undefined){y.ds="num";y.value=z.numstr.str}else{if(z.telstr!=undefined){y.ds="tel";y.value=z.telstr.str}else{if(z.prnstr!=undefined){y.ds="prn";y.value=z.prnstr.str}else{if(z.ia5str!=undefined){y.ds="ia5";y.value=z.ia5str.str}else{if(z.visstr!=undefined){y.ds="vis";y.value=z.visstr.str}else{if(z.bmpstr!=undefined){y.ds="bmp";y.value=z.bmpstr.str}else{throw"error"}}}}}}}return y}catch(B){throw new Erorr("improper ASN.1 parsed AttrTypeAndValue")}};var i=function(z){try{return z.set.map(function(A){return e(A)})}catch(y){throw new Error("improper ASN.1 parsed RDN: "+y)}};var h=function(z){try{return z.seq.map(function(A){return i(A)})}catch(y){throw new Error("improper ASN.1 parsed X500Name: "+y)}};this.getX500NameRule=function(y){var F=true;var J=true;var I=false;var z="";var C="";var L=null;var G=[];for(var B=0;B<y.length;B++){var D=y[B];for(var A=0;A<D.length;A++){G.push(D[A])}}for(var B=0;B<G.length;B++){var K=G[B];var M=K.ds;var H=K.value;var E=K.type;z+=":"+M;if(M!="prn"&&M!="utf8"&&M!="ia5"){return"mixed"}if(M=="ia5"){if(E!="CN"){return"mixed"}else{if(!KJUR.lang.String.isMail(H)){return"mixed"}else{continue}}}if(E=="C"){if(M=="prn"){continue}else{return"mixed"}}C+=":"+M;if(L==null){L=M}else{if(L!==M){return"mixed"}}}if(L==null){return"prn"}else{return L}};this.getAttrTypeAndValue=function(y){var z=j(y);return e(z)};this.getRDN=function(y){var z=j(y);return i(z)};this.getX500NameArray=function(y){var z=j(y);return h(z)};this.getX500Name=function(B,D,C){var z=this.getX500NameArray(B);var A=this.dnarraytostr(z);var y={str:A};y.array=z;if(C==true){y.hex=B}if(D==true){y.canon=this.c14nRDNArray(z)}return y};this.readCertPEM=function(y){this.readCertHex(v(y))};this.readCertHex=function(y){this.hex=y;this.getVersion();try{l(this.hex,0,[0,7],"a3");this.parseExt()}catch(z){}};this.getParam=function(z){var y={};if(z==undefined){z={}}y.version=this.getVersion();y.serial={hex:this.getSerialNumberHex()};y.sigalg=this.getSignatureAlgorithmField();y.issuer=this.getIssuer(z.dncanon,z.dnhex);y.notbefore=this.getNotBefore();y.notafter=this.getNotAfter();y.subject=this.getSubject(z.dncanon,z.dnhex);y.sbjpubkey=hextopem(this.getPublicKeyHex(),"PUBLIC KEY");if(this.aExtInfo!=undefined&&this.aExtInfo.length>0){y.ext=this.getExtParamArray()}y.sighex=this.getSignatureValueHex();if(z.tbshex==true){y.tbshex=a(this.hex,0,[0])}if(z.nodnarray==true){delete y.issuer.array;delete y.subject.array}return y};this.getExtParamArray=function(z){if(z==undefined){var B=f(this.hex,0,[0,"[3]"]);if(B!=-1){z=p(this.hex,0,[0,"[3]",0],"30")}}var y=[];var A=r(z,0);for(var C=0;C<A.length;C++){var E=b(z,A[C]);var D=this.getExtParam(E);if(D!=null){y.push(D)}}return y};this.getExtParam=function(z){var G={};var B=r(z,0);var C=B.length;if(C!=2&&C!=3){throw new Error("wrong number elements in Extension: "+C+" "+z)}var A=q(c(z,0,[0],"06"));var E=false;if(C==3&&a(z,0,[1])=="0101ff"){E=true}var F=a(z,0,[C-1,0]);var D=undefined;if(A=="2.5.29.14"){D=this.getExtSubjectKeyIdentifier(F,E)}else{if(A=="2.5.29.15"){D=this.getExtKeyUsage(F,E)}else{if(A=="2.5.29.17"){D=this.getExtSubjectAltName(F,E)}else{if(A=="2.5.29.18"){D=this.getExtIssuerAltName(F,E)}else{if(A=="2.5.29.19"){D=this.getExtBasicConstraints(F,E)}else{if(A=="2.5.29.30"){D=this.getExtNameConstraints(F,E)}else{if(A=="2.5.29.31"){D=this.getExtCRLDistributionPoints(F,E)}else{if(A=="2.5.29.32"){D=this.getExtCertificatePolicies(F,E)}else{if(A=="2.5.29.35"){D=this.getExtAuthorityKeyIdentifier(F,E)}else{if(A=="2.5.29.37"){D=this.getExtExtKeyUsage(F,E)}else{if(A=="1.3.6.1.5.5.7.1.1"){D=this.getExtAuthorityInfoAccess(F,E)}else{if(A=="2.5.29.20"){D=this.getExtCRLNumber(F,E)}else{if(A=="2.5.29.21"){D=this.getExtCRLReason(F,E)}else{if(A=="1.3.6.1.5.5.7.48.1.2"){D=this.getExtOcspNonce(F,E)}else{if(A=="1.3.6.1.5.5.7.48.1.5"){D=this.getExtOcspNoCheck(F,E)}else{if(A=="1.2.840.113583.1.1.9.1"){D=this.getExtAdobeTimeStamp(F,E)}}}}}}}}}}}}}}}}if(D!=undefined){return D}var y={extname:A,extn:F};if(E){y.critical=true}return y};this.findExt=function(z,A){for(var y=0;y<z.length;y++){if(z[y].extname==A){return z[y]}}return null};this.updateExtCDPFullURI=function(C,y){var B=this.findExt(C,"cRLDistributionPoints");if(B==null){return}if(B.array==undefined){return}var E=B.array;for(var A=0;A<E.length;A++){if(E[A].dpname==undefined){continue}if(E[A].dpname.full==undefined){continue}var F=E[A].dpname.full;for(var z=0;z<F.length;z++){var D=F[A];if(D.uri==undefined){continue}D.uri=y}}};this.updateExtAIAOCSP=function(C,z){var B=this.findExt(C,"authorityInfoAccess");if(B==null){return}if(B.array==undefined){return}var y=B.array;for(var A=0;A<y.length;A++){if(y[A].ocsp!=undefined){y[A].ocsp=z}}};this.updateExtAIACAIssuer=function(C,z){var B=this.findExt(C,"authorityInfoAccess");if(B==null){return}if(B.array==undefined){return}var y=B.array;for(var A=0;A<y.length;A++){if(y[A].caissuer!=undefined){y[A].caissuer=z}}};this.dnarraytostr=function(A){function y(B){return B.map(function(C){return z(C).replace(/\+/,"\\+")}).join("+")}function z(B){return B.type+"="+B.value}return"/"+A.map(function(B){return y(B).replace(/\//,"\\/")}).join("/")};this.setCanonicalizedDN=function(z){var B;if(z.str!=undefined&&z.array==undefined){var A=new KJUR.asn1.x509.X500Name({str:z.str});var y=A.tohex();B=this.getX500NameArray(y)}else{B=z.array}if(z.canon==undefined){z.canon=this.c14nRDNArray(B)}};this.c14nRDNArray=function(F){var z=[];for(var B=0;B<F.length;B++){var D=F[B];var y=[];for(var A=0;A<D.length;A++){var C=D[A];var E=C.value;E=E.replace(/^\s*/,"");E=E.replace(/\s*$/,"");E=E.replace(/\s+/g," ");E=E.toLowerCase();y.push(C.type.toLowerCase()+"="+E)}z.push(y.join("+"))}return"/"+z.join("/")};this.getInfo=function(){var z=function(S){var Y="";var Q="    ";var U="\n";var V=S.array;for(var T=0;T<V.length;T++){var R=V[T];if(R.dn!=undefined){Y+=Q+"dn: "+R.dn.str+U}if(R.ip!=undefined){Y+=Q+"ip: "+R.ip+U}if(R.rfc822!=undefined){Y+=Q+"rfc822: "+R.rfc822+U}if(R.dns!=undefined){Y+=Q+"dns: "+R.dns+U}if(R.uri!=undefined){Y+=Q+"uri: "+R.uri+U}if(R.other!=undefined){var X=R.other.oid;var W=JSON.stringify(R.other.value).replace(/\"/g,"");Y+=Q+"other: "+X+"="+W+U}}Y=Y.replace(/\n$/,"");return Y};var F=function(W){var U="";var Q=W.array;for(var T=0;T<Q.length;T++){var V=Q[T];U+="    policy oid: "+V.policyoid+"\n";if(V.array===undefined){continue}for(var S=0;S<V.array.length;S++){var R=V.array[S];if(R.cps!==undefined){U+="    cps: "+R.cps+"\n"}}}return U};var I=function(U){var T="";var Q=U.array;for(var S=0;S<Q.length;S++){var V=Q[S];try{if(V.dpname.full[0].uri!==undefined){T+="    "+V.dpname.full[0].uri+"\n"}}catch(R){}try{if(V.dname.full[0].dn.hex!==undefined){T+="    "+X509.hex2dn(V.dpname.full[0].dn.hex)+"\n"}}catch(R){}}return T};var G=function(U){var T="";var Q=U.array;for(var R=0;R<Q.length;R++){var S=Q[R];if(S.caissuer!==undefined){T+="    caissuer: "+S.caissuer+"\n"}if(S.ocsp!==undefined){T+="    ocsp: "+S.ocsp+"\n"}}return T};var A=X509;var K,J,P;K="Basic Fields\n";K+="  serial number: "+this.getSerialNumberHex()+"\n";K+="  signature algorithm: "+this.getSignatureAlgorithmField()+"\n";K+="  issuer: "+this.getIssuerString()+"\n";K+="  notBefore: "+this.getNotBefore()+"\n";K+="  notAfter: "+this.getNotAfter()+"\n";K+="  subject: "+this.getSubjectString()+"\n";K+="  subject public key info: \n";J=this.getPublicKey();K+="    key algorithm: "+J.type+"\n";if(J.type==="RSA"){K+="    n="+hextoposhex(J.n.toString(16)).substr(0,16)+"...\n";K+="    e="+hextoposhex(J.e.toString(16))+"\n"}P=this.aExtInfo;if(P!==undefined&&P!==null){K+="X509v3 Extensions:\n";for(var M=0;M<P.length;M++){var O=P[M];var y=KJUR.asn1.x509.OID.oid2name(O.oid);if(y===""){y=O.oid}var L="";if(O.critical===true){L="CRITICAL"}K+="  "+y+" "+L+":\n";if(y==="basicConstraints"){var B=this.getExtBasicConstraints();if(B.cA===undefined){K+="    {}\n"}else{K+="    cA=true";if(B.pathLen!==undefined){K+=", pathLen="+B.pathLen}K+="\n"}}else{if(y==="keyUsage"){K+="    "+this.getExtKeyUsageString()+"\n"}else{if(y==="subjectKeyIdentifier"){K+="    "+this.getExtSubjectKeyIdentifier().kid.hex+"\n"}else{if(y==="authorityKeyIdentifier"){var C=this.getExtAuthorityKeyIdentifier();if(C.kid!==undefined){K+="    kid="+C.kid.hex+"\n"}}else{if(y==="extKeyUsage"){var N=this.getExtExtKeyUsage().array;K+="    "+N.join(", ")+"\n"}else{if(y==="subjectAltName"){var D=z(this.getExtSubjectAltName());K+=D+"\n"}else{if(y==="cRLDistributionPoints"){var H=this.getExtCRLDistributionPoints();K+=I(H)}else{if(y==="authorityInfoAccess"){var E=this.getExtAuthorityInfoAccess();K+=G(E)}else{if(y==="certificatePolicies"){K+=F(this.getExtCertificatePolicies())}}}}}}}}}}}K+="signature algorithm: "+this.getSignatureAlgorithmName()+"\n";K+="signature: "+this.getSignatureValueHex().substr(0,16)+"...\n";return K};if(typeof u=="string"){if(u.indexOf("-----BEGIN")!=-1){this.readCertPEM(u)}else{if(KJUR.lang.String.isHex(u)){this.readCertHex(u)}}}}X509.hex2dn=function(e,b){if(b===undefined){b=0}var a=new X509();var c=ASN1HEX.getTLV(e,b);var d=a.getX500Name(e);return d.str};X509.hex2rdn=function(f,b){if(b===undefined){b=0}if(f.substr(b,2)!=="31"){throw new Error("malformed RDN")}var c=new Array();var d=ASN1HEX.getChildIdx(f,b);for(var e=0;e<d.length;e++){c.push(X509.hex2attrTypeValue(f,d[e]))}c=c.map(function(a){return a.replace("+","\\+")});return c.join("+")};X509.hex2attrTypeValue=function(d,i){var j=ASN1HEX;var h=j.getV;if(i===undefined){i=0}if(d.substr(i,2)!=="30"){throw new Error("malformed attribute type and value")}var g=j.getChildIdx(d,i);if(g.length!==2||d.substr(g[0],2)!=="06"){"malformed attribute type and value"}var b=h(d,g[0]);var f=KJUR.asn1.ASN1Util.oidHexToInt(b);var e=KJUR.asn1.x509.OID.oid2atype(f);var a=h(d,g[1]);var c=hextorstr(a);return e+"="+c};X509.getPublicKeyFromCertHex=function(b){var a=new X509();a.readCertHex(b);return a.getPublicKey()};X509.getPublicKeyFromCertPEM=function(b){var a=new X509();a.readCertPEM(b);return a.getPublicKey()};X509.getPublicKeyInfoPropOfCertPEM=function(c){var e=ASN1HEX;var g=e.getVbyList;var b={};var a,f,d;b.algparam=null;a=new X509();a.readCertPEM(c);f=a.getPublicKeyHex();b.keyhex=g(f,0,[1],"03").substr(2);b.algoid=g(f,0,[0,0],"06");if(b.algoid==="2a8648ce3d0201"){b.algparam=g(f,0,[0,1],"06")}return b};X509.KEYUSAGE_NAME=["digitalSignature","nonRepudiation","keyEncipherment","dataEncipherment","keyAgreement","keyCertSign","cRLSign","encipherOnly","decipherOnly"];
\ No newline at end of file
diff --git a/npm/lib/jsrsasign-all-min.js b/npm/lib/jsrsasign-all-min.js
index 004b6276..28e4e525 100644
--- a/npm/lib/jsrsasign-all-min.js
+++ b/npm/lib/jsrsasign-all-min.js
@@ -1,5 +1,5 @@
 /*
- * jsrsasign(all) 10.5.27 (2022-08-19) (c) 2010-2022 Kenji Urushima | kjur.github.io/jsrsasign/license
+ * jsrsasign(all) 10.6.0 (2022-11-04) (c) 2010-2022 Kenji Urushima | kjur.github.io/jsrsasign/license
  */
 
 /*! CryptoJS v3.1.2 core-fix.js
@@ -219,7 +219,7 @@ ECFieldElementFp.prototype.getByteLength=function(){return Math.floor((this.toBi
 var jsonParse=(function(){var e="(?:-?\\b(?:0|[1-9][0-9]*)(?:\\.[0-9]+)?(?:[eE][+-]?[0-9]+)?\\b)";var j='(?:[^\\0-\\x08\\x0a-\\x1f"\\\\]|\\\\(?:["/\\\\bfnrt]|u[0-9A-Fa-f]{4}))';var i='(?:"'+j+'*")';var d=new RegExp("(?:false|true|null|[\\{\\}\\[\\]]|"+e+"|"+i+")","g");var k=new RegExp("\\\\(?:([^u])|u(.{4}))","g");var g={'"':'"',"/":"/","\\":"\\",b:"\b",f:"\f",n:"\n",r:"\r",t:"\t"};function h(l,m,n){return m?g[m]:String.fromCharCode(parseInt(n,16))}var c=new String("");var a="\\";var f={"{":Object,"[":Array};var b=Object.hasOwnProperty;return function(u,q){var p=u.match(d);var x;var v=p[0];var l=false;if("{"===v){x={}}else{if("["===v){x=[]}else{x=[];l=true}}var t;var r=[x];for(var o=1-l,m=p.length;o<m;++o){v=p[o];var w;switch(v.charCodeAt(0)){default:w=r[0];w[t||w.length]=+(v);t=void 0;break;case 34:v=v.substring(1,v.length-1);if(v.indexOf(a)!==-1){v=v.replace(k,h)}w=r[0];if(!t){if(w instanceof Array){t=w.length}else{t=v||c;break}}w[t]=v;t=void 0;break;case 91:w=r[0];r.unshift(w[t||w.length]=[]);t=void 0;break;case 93:r.shift();break;case 102:w=r[0];w[t||w.length]=false;t=void 0;break;case 110:w=r[0];w[t||w.length]=null;t=void 0;break;case 116:w=r[0];w[t||w.length]=true;t=void 0;break;case 123:w=r[0];r.unshift(w[t||w.length]={});t=void 0;break;case 125:r.shift();break}}if(l){if(r.length!==1){throw new Error()}x=x[0]}else{if(r.length){throw new Error()}}if(q){var s=function(C,B){var D=C[B];if(D&&typeof D==="object"){var n=null;for(var z in D){if(b.call(D,z)&&D!==C){var y=s(D,z);if(y!==void 0){D[z]=y}else{if(!n){n=[]}n.push(z)}}}if(n){for(var A=n.length;--A>=0;){delete D[n[A]]}}}return q.call(C,B,D)};x=s({"":x},"")}return x}})();
 if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}KJUR.asn1.ASN1Util=new function(){this.integerToByteHex=function(a){var b=a.toString(16);if((b.length%2)==1){b="0"+b}return b};this.bigIntToMinTwosComplementsHex=function(j){var f=j.toString(16);if(f.substr(0,1)!="-"){if(f.length%2==1){f="0"+f}else{if(!f.match(/^[0-7]/)){f="00"+f}}}else{var a=f.substr(1);var e=a.length;if(e%2==1){e+=1}else{if(!f.match(/^[0-7]/)){e+=2}}var g="";for(var d=0;d<e;d++){g+="f"}var c=new BigInteger(g,16);var b=c.xor(j).add(BigInteger.ONE);f=b.toString(16).replace(/^-/,"")}return f};this.getPEMStringFromHex=function(a,b){return hextopem(a,b)};this.newObject=function(k){var F=KJUR,o=F.asn1,v=o.ASN1Object,B=o.DERBoolean,e=o.DERInteger,t=o.DERBitString,h=o.DEROctetString,x=o.DERNull,y=o.DERObjectIdentifier,m=o.DEREnumerated,g=o.DERUTF8String,f=o.DERNumericString,A=o.DERPrintableString,w=o.DERTeletexString,q=o.DERIA5String,E=o.DERUTCTime,j=o.DERGeneralizedTime,b=o.DERVisibleString,l=o.DERBMPString,n=o.DERSequence,c=o.DERSet,s=o.DERTaggedObject,p=o.ASN1Util.newObject;if(k instanceof o.ASN1Object){return k}var u=Object.keys(k);if(u.length!=1){throw new Error("key of param shall be only one.")}var H=u[0];if(":asn1:bool:int:bitstr:octstr:null:oid:enum:utf8str:numstr:prnstr:telstr:ia5str:utctime:gentime:visstr:bmpstr:seq:set:tag:".indexOf(":"+H+":")==-1){throw new Error("undefined key: "+H)}if(H=="bool"){return new B(k[H])}if(H=="int"){return new e(k[H])}if(H=="bitstr"){return new t(k[H])}if(H=="octstr"){return new h(k[H])}if(H=="null"){return new x(k[H])}if(H=="oid"){return new y(k[H])}if(H=="enum"){return new m(k[H])}if(H=="utf8str"){return new g(k[H])}if(H=="numstr"){return new f(k[H])}if(H=="prnstr"){return new A(k[H])}if(H=="telstr"){return new w(k[H])}if(H=="ia5str"){return new q(k[H])}if(H=="utctime"){return new E(k[H])}if(H=="gentime"){return new j(k[H])}if(H=="visstr"){return new b(k[H])}if(H=="bmpstr"){return new l(k[H])}if(H=="asn1"){return new v(k[H])}if(H=="seq"){var d=k[H];var G=[];for(var z=0;z<d.length;z++){var D=p(d[z]);G.push(D)}return new n({array:G})}if(H=="set"){var d=k[H];var G=[];for(var z=0;z<d.length;z++){var D=p(d[z]);G.push(D)}return new c({array:G})}if(H=="tag"){var C=k[H];if(Object.prototype.toString.call(C)==="[object Array]"&&C.length==3){var r=p(C[2]);return new s({tag:C[0],explicit:C[1],obj:r})}else{return new s(C)}}};this.jsonToASN1HEX=function(b){var a=this.newObject(b);return a.tohex()}};KJUR.asn1.ASN1Util.oidHexToInt=function(a){var j="";var k=parseInt(a.substr(0,2),16);var d=Math.floor(k/40);var c=k%40;var j=d+"."+c;var e="";for(var f=2;f<a.length;f+=2){var g=parseInt(a.substr(f,2),16);var h=("00000000"+g.toString(2)).slice(-8);e=e+h.substr(1,7);if(h.substr(0,1)=="0"){var b=new BigInteger(e,2);j=j+"."+b.toString(10);e=""}}return j};KJUR.asn1.ASN1Util.oidIntToHex=function(f){var e=function(a){var k=a.toString(16);if(k.length==1){k="0"+k}return k};var d=function(o){var n="";var k=new BigInteger(o,10);var a=k.toString(2);var l=7-a.length%7;if(l==7){l=0}var q="";for(var m=0;m<l;m++){q+="0"}a=q+a;for(var m=0;m<a.length-1;m+=7){var p=a.substr(m,7);if(m!=a.length-7){p="1"+p}n+=e(parseInt(p,2))}return n};if(!f.match(/^[0-9.]+$/)){throw"malformed oid string: "+f}var g="";var b=f.split(".");var j=parseInt(b[0])*40+parseInt(b[1]);g+=e(j);b.splice(0,2);for(var c=0;c<b.length;c++){g+=d(b[c])}return g};KJUR.asn1.ASN1Object=function(e){var c=true;var b=null;var d="00";var f="00";var a="";this.params=null;this.getLengthHexFromValue=function(){if(typeof this.hV=="undefined"||this.hV==null){throw new Error("this.hV is null or undefined")}if(this.hV.length%2==1){throw new Error("value hex must be even length: n="+a.length+",v="+this.hV)}var j=this.hV.length/2;var i=j.toString(16);if(i.length%2==1){i="0"+i}if(j<128){return i}else{var h=i.length/2;if(h>15){throw new Error("ASN.1 length too long to represent by 8x: n = "+j.toString(16))}var g=128+h;return g.toString(16)+i}};this.tohex=function(){if(this.hTLV==null||this.isModified){this.hV=this.getFreshValueHex();this.hL=this.getLengthHexFromValue();this.hTLV=this.hT+this.hL+this.hV;this.isModified=false}return this.hTLV};this.getEncodedHex=function(){return this.tohex()};this.getValueHex=function(){this.tohex();return this.hV};this.getFreshValueHex=function(){return""};this.setByParam=function(g){this.params=g};if(e!=undefined){if(e.tlv!=undefined){this.hTLV=e.tlv;this.isModified=false}}};KJUR.asn1.DERAbstractString=function(c){KJUR.asn1.DERAbstractString.superclass.constructor.call(this);var b=null;var a=null;this.getString=function(){return this.s};this.setString=function(d){this.hTLV=null;this.isModified=true;this.s=d;this.hV=utf8tohex(this.s).toLowerCase()};this.setStringHex=function(d){this.hTLV=null;this.isModified=true;this.s=null;this.hV=d};this.getFreshValueHex=function(){return this.hV};if(typeof c!="undefined"){if(typeof c=="string"){this.setString(c)}else{if(typeof c.str!="undefined"){this.setString(c.str)}else{if(typeof c.hex!="undefined"){this.setStringHex(c.hex)}}}}};extendClass(KJUR.asn1.DERAbstractString,KJUR.asn1.ASN1Object);KJUR.asn1.DERAbstractTime=function(c){KJUR.asn1.DERAbstractTime.superclass.constructor.call(this);var b=null;var a=null;this.localDateToUTC=function(g){var e=g.getTime()+(g.getTimezoneOffset()*60000);var f=new Date(e);return f};this.formatDate=function(m,o,e){var g=this.zeroPadding;var n=this.localDateToUTC(m);var p=String(n.getFullYear());if(o=="utc"){p=p.substr(2,2)}var l=g(String(n.getMonth()+1),2);var q=g(String(n.getDate()),2);var h=g(String(n.getHours()),2);var i=g(String(n.getMinutes()),2);var j=g(String(n.getSeconds()),2);var r=p+l+q+h+i+j;if(e===true){var f=n.getMilliseconds();if(f!=0){var k=g(String(f),3);k=k.replace(/[0]+$/,"");r=r+"."+k}}return r+"Z"};this.zeroPadding=function(e,d){if(e.length>=d){return e}return new Array(d-e.length+1).join("0")+e};this.setByParam=function(d){this.hV=null;this.hTLV=null;this.params=d};this.getString=function(){return undefined};this.setString=function(d){this.hTLV=null;this.isModified=true;if(this.params==undefined){this.params={}}this.params.str=d};this.setByDate=function(d){this.hTLV=null;this.isModified=true;if(this.params==undefined){this.params={}}this.params.date=d};this.setByDateValue=function(h,j,e,d,f,g){var i=new Date(Date.UTC(h,j-1,e,d,f,g,0));this.setByDate(i)};this.getFreshValueHex=function(){return this.hV}};extendClass(KJUR.asn1.DERAbstractTime,KJUR.asn1.ASN1Object);KJUR.asn1.DERAbstractStructured=function(b){KJUR.asn1.DERAbstractString.superclass.constructor.call(this);var a=null;this.setByASN1ObjectArray=function(c){this.hTLV=null;this.isModified=true;this.asn1Array=c};this.appendASN1Object=function(c){this.hTLV=null;this.isModified=true;this.asn1Array.push(c)};this.asn1Array=new Array();if(typeof b!="undefined"){if(typeof b.array!="undefined"){this.asn1Array=b.array}}};extendClass(KJUR.asn1.DERAbstractStructured,KJUR.asn1.ASN1Object);KJUR.asn1.DERBoolean=function(a){KJUR.asn1.DERBoolean.superclass.constructor.call(this);this.hT="01";if(a==false){this.hTLV="010100"}else{this.hTLV="0101ff"}};extendClass(KJUR.asn1.DERBoolean,KJUR.asn1.ASN1Object);KJUR.asn1.DERInteger=function(a){KJUR.asn1.DERInteger.superclass.constructor.call(this);this.hT="02";this.setByBigInteger=function(b){this.hTLV=null;this.isModified=true;this.hV=KJUR.asn1.ASN1Util.bigIntToMinTwosComplementsHex(b)};this.setByInteger=function(c){var b=new BigInteger(String(c),10);this.setByBigInteger(b)};this.setValueHex=function(b){this.hV=b};this.getFreshValueHex=function(){return this.hV};if(typeof a!="undefined"){if(typeof a.bigint!="undefined"){this.setByBigInteger(a.bigint)}else{if(typeof a["int"]!="undefined"){this.setByInteger(a["int"])}else{if(typeof a=="number"){this.setByInteger(a)}else{if(typeof a.hex!="undefined"){this.setValueHex(a.hex)}}}}}};extendClass(KJUR.asn1.DERInteger,KJUR.asn1.ASN1Object);KJUR.asn1.DERBitString=function(b){if(b!==undefined&&typeof b.obj!=="undefined"){var a=KJUR.asn1.ASN1Util.newObject(b.obj);b.hex="00"+a.tohex()}KJUR.asn1.DERBitString.superclass.constructor.call(this);this.hT="03";this.setHexValueIncludingUnusedBits=function(c){this.hTLV=null;this.isModified=true;this.hV=c};this.setUnusedBitsAndHexValue=function(c,e){if(c<0||7<c){throw"unused bits shall be from 0 to 7: u = "+c}var d="0"+c;this.hTLV=null;this.isModified=true;this.hV=d+e};this.setByBinaryString=function(e){e=e.replace(/0+$/,"");var f=8-e.length%8;if(f==8){f=0}e+="0000000".substr(0,f);var j="";for(var g=0;g<e.length-1;g+=8){var d=e.substr(g,8);var c=parseInt(d,2).toString(16);if(c.length==1){c="0"+c}j+=c}this.hTLV=null;this.isModified=true;this.hV="0"+f+j};this.setByBooleanArray=function(e){var d="";for(var c=0;c<e.length;c++){if(e[c]==true){d+="1"}else{d+="0"}}this.setByBinaryString(d)};this.newFalseArray=function(e){var c=new Array(e);for(var d=0;d<e;d++){c[d]=false}return c};this.getFreshValueHex=function(){return this.hV};if(typeof b!="undefined"){if(typeof b=="string"&&b.toLowerCase().match(/^[0-9a-f]+$/)){this.setHexValueIncludingUnusedBits(b)}else{if(typeof b.hex!="undefined"){this.setHexValueIncludingUnusedBits(b.hex)}else{if(typeof b.bin!="undefined"){this.setByBinaryString(b.bin)}else{if(typeof b.array!="undefined"){this.setByBooleanArray(b.array)}}}}}};extendClass(KJUR.asn1.DERBitString,KJUR.asn1.ASN1Object);KJUR.asn1.DEROctetString=function(b){if(b!==undefined&&typeof b.obj!=="undefined"){var a=KJUR.asn1.ASN1Util.newObject(b.obj);b.hex=a.tohex()}KJUR.asn1.DEROctetString.superclass.constructor.call(this,b);this.hT="04"};extendClass(KJUR.asn1.DEROctetString,KJUR.asn1.DERAbstractString);KJUR.asn1.DERNull=function(){KJUR.asn1.DERNull.superclass.constructor.call(this);this.hT="05";this.hTLV="0500"};extendClass(KJUR.asn1.DERNull,KJUR.asn1.ASN1Object);KJUR.asn1.DERObjectIdentifier=function(a){KJUR.asn1.DERObjectIdentifier.superclass.constructor.call(this);this.hT="06";this.setValueHex=function(b){this.hTLV=null;this.isModified=true;this.s=null;this.hV=b};this.setValueOidString=function(b){var c=oidtohex(b);if(c==null){throw new Error("malformed oid string: "+b)}this.hTLV=null;this.isModified=true;this.s=null;this.hV=c};this.setValueName=function(c){var b=KJUR.asn1.x509.OID.name2oid(c);if(b!==""){this.setValueOidString(b)}else{throw new Error("DERObjectIdentifier oidName undefined: "+c)}};this.setValueNameOrOid=function(b){if(b.match(/^[0-2].[0-9.]+$/)){this.setValueOidString(b)}else{this.setValueName(b)}};this.getFreshValueHex=function(){return this.hV};this.setByParam=function(b){if(typeof b==="string"){this.setValueNameOrOid(b)}else{if(b.oid!==undefined){this.setValueNameOrOid(b.oid)}else{if(b.name!==undefined){this.setValueNameOrOid(b.name)}else{if(b.hex!==undefined){this.setValueHex(b.hex)}}}}};if(a!==undefined){this.setByParam(a)}};extendClass(KJUR.asn1.DERObjectIdentifier,KJUR.asn1.ASN1Object);KJUR.asn1.DEREnumerated=function(a){KJUR.asn1.DEREnumerated.superclass.constructor.call(this);this.hT="0a";this.setByBigInteger=function(b){this.hTLV=null;this.isModified=true;this.hV=KJUR.asn1.ASN1Util.bigIntToMinTwosComplementsHex(b)};this.setByInteger=function(c){var b=new BigInteger(String(c),10);this.setByBigInteger(b)};this.setValueHex=function(b){this.hV=b};this.getFreshValueHex=function(){return this.hV};if(typeof a!="undefined"){if(typeof a["int"]!="undefined"){this.setByInteger(a["int"])}else{if(typeof a=="number"){this.setByInteger(a)}else{if(typeof a.hex!="undefined"){this.setValueHex(a.hex)}}}}};extendClass(KJUR.asn1.DEREnumerated,KJUR.asn1.ASN1Object);KJUR.asn1.DERUTF8String=function(a){KJUR.asn1.DERUTF8String.superclass.constructor.call(this,a);this.hT="0c"};extendClass(KJUR.asn1.DERUTF8String,KJUR.asn1.DERAbstractString);KJUR.asn1.DERNumericString=function(a){KJUR.asn1.DERNumericString.superclass.constructor.call(this,a);this.hT="12"};extendClass(KJUR.asn1.DERNumericString,KJUR.asn1.DERAbstractString);KJUR.asn1.DERPrintableString=function(a){KJUR.asn1.DERPrintableString.superclass.constructor.call(this,a);this.hT="13"};extendClass(KJUR.asn1.DERPrintableString,KJUR.asn1.DERAbstractString);KJUR.asn1.DERTeletexString=function(a){KJUR.asn1.DERTeletexString.superclass.constructor.call(this,a);this.hT="14"};extendClass(KJUR.asn1.DERTeletexString,KJUR.asn1.DERAbstractString);KJUR.asn1.DERIA5String=function(a){KJUR.asn1.DERIA5String.superclass.constructor.call(this,a);this.hT="16"};extendClass(KJUR.asn1.DERIA5String,KJUR.asn1.DERAbstractString);KJUR.asn1.DERVisibleString=function(a){KJUR.asn1.DERIA5String.superclass.constructor.call(this,a);this.hT="1a"};extendClass(KJUR.asn1.DERVisibleString,KJUR.asn1.DERAbstractString);KJUR.asn1.DERBMPString=function(a){KJUR.asn1.DERBMPString.superclass.constructor.call(this,a);this.hT="1e"};extendClass(KJUR.asn1.DERBMPString,KJUR.asn1.DERAbstractString);KJUR.asn1.DERUTCTime=function(a){KJUR.asn1.DERUTCTime.superclass.constructor.call(this,a);this.hT="17";this.params=undefined;this.getFreshValueHex=function(){var d=this.params;if(this.params==undefined){d={date:new Date()}}if(typeof d=="string"){if(d.match(/^[0-9]{12}Z$/)||d.match(/^[0-9]{12}\.[0-9]+Z$/)){this.hV=stohex(d)}else{throw new Error("malformed string for UTCTime: "+d)}}else{if(d.str!=undefined){this.hV=stohex(d.str)}else{if(d.date==undefined&&d.millis==true){var c=new Date();this.hV=stohex(this.formatDate(c,"utc",true))}else{if(d.date!=undefined&&d.date instanceof Date){var b=(d.millis===true);this.hV=stohex(this.formatDate(d.date,"utc",b))}else{if(d instanceof Date){this.hV=stohex(this.formatDate(d,"utc"))}}}}}if(this.hV==undefined){throw new Error("parameter not specified properly for UTCTime")}return this.hV};if(a!=undefined){this.setByParam(a)}};extendClass(KJUR.asn1.DERUTCTime,KJUR.asn1.DERAbstractTime);KJUR.asn1.DERGeneralizedTime=function(a){KJUR.asn1.DERGeneralizedTime.superclass.constructor.call(this,a);this.hT="18";this.params=a;this.getFreshValueHex=function(){var d=this.params;if(this.params==undefined){d={date:new Date()}}if(typeof d=="string"){if(d.match(/^[0-9]{14}Z$/)||d.match(/^[0-9]{14}\.[0-9]+Z$/)){this.hV=stohex(d)}else{throw new Error("malformed string for GeneralizedTime: "+d)}}else{if(d.str!=undefined){this.hV=stohex(d.str)}else{if(d.date==undefined&&d.millis==true){var c=new Date();this.hV=stohex(this.formatDate(c,"gen",true))}else{if(d.date!=undefined&&d.date instanceof Date){var b=(d.millis===true);this.hV=stohex(this.formatDate(d.date,"gen",b))}else{if(d instanceof Date){this.hV=stohex(this.formatDate(d,"gen"))}}}}}if(this.hV==undefined){throw new Error("parameter not specified properly for GeneralizedTime")}return this.hV};if(a!=undefined){this.setByParam(a)}};extendClass(KJUR.asn1.DERGeneralizedTime,KJUR.asn1.DERAbstractTime);KJUR.asn1.DERSequence=function(a){KJUR.asn1.DERSequence.superclass.constructor.call(this,a);this.hT="30";this.getFreshValueHex=function(){var c="";for(var b=0;b<this.asn1Array.length;b++){var d=this.asn1Array[b];c+=d.tohex()}this.hV=c;return this.hV}};extendClass(KJUR.asn1.DERSequence,KJUR.asn1.DERAbstractStructured);KJUR.asn1.DERSet=function(a){KJUR.asn1.DERSet.superclass.constructor.call(this,a);this.hT="31";this.sortFlag=true;this.getFreshValueHex=function(){var b=new Array();for(var c=0;c<this.asn1Array.length;c++){var d=this.asn1Array[c];b.push(d.tohex())}if(this.sortFlag==true){b.sort()}this.hV=b.join("");return this.hV};if(typeof a!="undefined"){if(typeof a.sortflag!="undefined"&&a.sortflag==false){this.sortFlag=false}}};extendClass(KJUR.asn1.DERSet,KJUR.asn1.DERAbstractStructured);KJUR.asn1.DERTaggedObject=function(f){KJUR.asn1.DERTaggedObject.superclass.constructor.call(this);var d=KJUR.asn1,e=ASN1HEX,a=e.getV,c=e.isASN1HEX,b=d.ASN1Util.newObject;this.hT="a0";this.hV="";this.isExplicit=true;this.asn1Object=null;this.params={tag:"a0",explicit:true};this.setASN1Object=function(g,h,i){this.params={tag:h,explicit:g,obj:i}};this.getFreshValueHex=function(){var h=this.params;if(h.explicit==undefined){h.explicit=true}if(h.tage!=undefined){h.tag=h.tage;h.explicit=true}if(h.tagi!=undefined){h.tag=h.tagi;h.explicit=false}if(h.str!=undefined){this.hV=utf8tohex(h.str)}else{if(h.hex!=undefined){this.hV=h.hex}else{if(h.obj!=undefined){var g;if(h.obj instanceof d.ASN1Object){g=h.obj.tohex()}else{if(typeof h.obj=="object"){g=b(h.obj).tohex()}}if(h.explicit){this.hV=g}else{this.hV=a(g,0)}}else{throw new Error("str, hex nor obj not specified")}}}if(h.tag==undefined){h.tag="a0"}this.hT=h.tag;this.hTLV=null;this.isModified=true;return this.hV};this.setByParam=function(g){this.params=g};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.DERTaggedObject,KJUR.asn1.ASN1Object);
 var ASN1HEX=new function(){};ASN1HEX.getLblen=function(c,a){if(c.substr(a+2,1)!="8"){return 1}var b=parseInt(c.substr(a+3,1));if(b==0){return -1}if(0<b&&b<10){return b+1}return -2};ASN1HEX.getL=function(c,b){var a=ASN1HEX.getLblen(c,b);if(a<1){return""}return c.substr(b+2,a*2)};ASN1HEX.getVblen=function(d,a){var c,b;c=ASN1HEX.getL(d,a);if(c==""){return -1}if(c.substr(0,1)==="8"){b=new BigInteger(c.substr(2),16)}else{b=new BigInteger(c,16)}return b.intValue()};ASN1HEX.getVidx=function(c,b){var a=ASN1HEX.getLblen(c,b);if(a<0){return a}return b+(a+1)*2};ASN1HEX.getV=function(d,a){var c=ASN1HEX.getVidx(d,a);var b=ASN1HEX.getVblen(d,a);return d.substr(c,b*2)};ASN1HEX.getTLV=function(b,a){return b.substr(a,2)+ASN1HEX.getL(b,a)+ASN1HEX.getV(b,a)};ASN1HEX.getTLVblen=function(b,a){return 2+ASN1HEX.getLblen(b,a)*2+ASN1HEX.getVblen(b,a)*2};ASN1HEX.getNextSiblingIdx=function(d,a){var c=ASN1HEX.getVidx(d,a);var b=ASN1HEX.getVblen(d,a);return c+b*2};ASN1HEX.getChildIdx=function(e,k){var l=ASN1HEX;var j=[];var c,f,g;c=l.getVidx(e,k);f=l.getVblen(e,k)*2;if(e.substr(k,2)=="03"){c+=2;f-=2}g=0;var d=c;while(g<=f){var b=l.getTLVblen(e,d);g+=b;if(g<=f){j.push(d)}d+=b;if(g>=f){break}}return j};ASN1HEX.getNthChildIdx=function(d,b,e){var c=ASN1HEX.getChildIdx(d,b);return c[e]};ASN1HEX.getIdxbyList=function(e,d,c,i){var g=ASN1HEX;var f,b;if(c.length==0){if(i!==undefined){if(e.substr(d,2)!==i){return -1}}return d}f=c.shift();b=g.getChildIdx(e,d);if(f>=b.length){return -1}return g.getIdxbyList(e,b[f],c,i)};ASN1HEX.getIdxbyListEx=function(f,k,b,g){var m=ASN1HEX;var d,l;if(b.length==0){if(g!==undefined){if(f.substr(k,2)!==g){return -1}}return k}d=b.shift();l=m.getChildIdx(f,k);var j=0;for(var e=0;e<l.length;e++){var c=f.substr(l[e],2);if((typeof d=="number"&&(!m.isContextTag(c))&&j==d)||(typeof d=="string"&&m.isContextTag(c,d))){return m.getIdxbyListEx(f,l[e],b,g)}if(!m.isContextTag(c)){j++}}return -1};ASN1HEX.getTLVbyList=function(d,c,b,f){var e=ASN1HEX;var a=e.getIdxbyList(d,c,b,f);if(a==-1){return null}if(a>=d.length){return null}return e.getTLV(d,a)};ASN1HEX.getTLVbyListEx=function(d,c,b,f){var e=ASN1HEX;var a=e.getIdxbyListEx(d,c,b,f);if(a==-1){return null}return e.getTLV(d,a)};ASN1HEX.getVbyList=function(e,c,b,g,i){var f=ASN1HEX;var a,d;a=f.getIdxbyList(e,c,b,g);if(a==-1){return null}if(a>=e.length){return null}d=f.getV(e,a);if(i===true){d=d.substr(2)}return d};ASN1HEX.getVbyListEx=function(b,e,a,d,f){var j=ASN1HEX;var g,c,i;g=j.getIdxbyListEx(b,e,a,d);if(g==-1){return null}i=j.getV(b,g);if(b.substr(g,2)=="03"&&f!==false){i=i.substr(2)}return i};ASN1HEX.getInt=function(e,b,f){if(f==undefined){f=-1}try{var c=e.substr(b,2);if(c!="02"&&c!="03"){return f}var a=ASN1HEX.getV(e,b);if(c=="02"){return parseInt(a,16)}else{return bitstrtoint(a)}}catch(d){return f}};ASN1HEX.getOID=function(c,a,d){if(d==undefined){d=null}try{if(c.substr(a,2)!="06"){return d}var e=ASN1HEX.getV(c,a);return hextooid(e)}catch(b){return d}};ASN1HEX.getOIDName=function(d,a,f){if(f==undefined){f=null}try{var e=ASN1HEX.getOID(d,a,f);if(e==f){return f}var b=KJUR.asn1.x509.OID.oid2name(e);if(b==""){return e}return b}catch(c){return f}};ASN1HEX.getString=function(d,b,e){if(e==undefined){e=null}try{var a=ASN1HEX.getV(d,b);return hextorstr(a)}catch(c){return e}};ASN1HEX.hextooidstr=function(e){var h=function(b,a){if(b.length>=a){return b}return new Array(a-b.length+1).join("0")+b};var l=[];var o=e.substr(0,2);var f=parseInt(o,16);l[0]=new String(Math.floor(f/40));l[1]=new String(f%40);var m=e.substr(2);var k=[];for(var g=0;g<m.length/2;g++){k.push(parseInt(m.substr(g*2,2),16))}var j=[];var d="";for(var g=0;g<k.length;g++){if(k[g]&128){d=d+h((k[g]&127).toString(2),7)}else{d=d+h((k[g]&127).toString(2),7);j.push(new String(parseInt(d,2)));d=""}}var n=l.join(".");if(j.length>0){n=n+"."+j.join(".")}return n};ASN1HEX.dump=function(t,c,l,g){var p=ASN1HEX;var j=p.getV;var y=p.dump;var w=p.getChildIdx;var e=t;if(t instanceof KJUR.asn1.ASN1Object){e=t.tohex()}var q=function(A,i){if(A.length<=i*2){return A}else{var v=A.substr(0,i)+"..(total "+A.length/2+"bytes).."+A.substr(A.length-i,i);return v}};if(c===undefined){c={ommit_long_octet:32}}if(l===undefined){l=0}if(g===undefined){g=""}var x=c.ommit_long_octet;var z=e.substr(l,2);if(z=="01"){var h=j(e,l);if(h=="00"){return g+"BOOLEAN FALSE\n"}else{return g+"BOOLEAN TRUE\n"}}if(z=="02"){var h=j(e,l);return g+"INTEGER "+q(h,x)+"\n"}if(z=="03"){var h=j(e,l);if(p.isASN1HEX(h.substr(2))){var k=g+"BITSTRING, encapsulates\n";k=k+y(h.substr(2),c,0,g+"  ");return k}else{return g+"BITSTRING "+q(h,x)+"\n"}}if(z=="04"){var h=j(e,l);if(p.isASN1HEX(h)){var k=g+"OCTETSTRING, encapsulates\n";k=k+y(h,c,0,g+"  ");return k}else{return g+"OCTETSTRING "+q(h,x)+"\n"}}if(z=="05"){return g+"NULL\n"}if(z=="06"){var m=j(e,l);var b=KJUR.asn1.ASN1Util.oidHexToInt(m);var o=KJUR.asn1.x509.OID.oid2name(b);var a=b.replace(/\./g," ");if(o!=""){return g+"ObjectIdentifier "+o+" ("+a+")\n"}else{return g+"ObjectIdentifier ("+a+")\n"}}if(z=="0a"){return g+"ENUMERATED "+parseInt(j(e,l))+"\n"}if(z=="0c"){return g+"UTF8String '"+hextoutf8(j(e,l))+"'\n"}if(z=="13"){return g+"PrintableString '"+hextoutf8(j(e,l))+"'\n"}if(z=="14"){return g+"TeletexString '"+hextoutf8(j(e,l))+"'\n"}if(z=="16"){return g+"IA5String '"+hextoutf8(j(e,l))+"'\n"}if(z=="17"){return g+"UTCTime "+hextoutf8(j(e,l))+"\n"}if(z=="18"){return g+"GeneralizedTime "+hextoutf8(j(e,l))+"\n"}if(z=="1a"){return g+"VisualString '"+hextoutf8(j(e,l))+"'\n"}if(z=="1e"){return g+"BMPString '"+ucs2hextoutf8(j(e,l))+"'\n"}if(z=="30"){if(e.substr(l,4)=="3000"){return g+"SEQUENCE {}\n"}var k=g+"SEQUENCE\n";var d=w(e,l);var f=c;if((d.length==2||d.length==3)&&e.substr(d[0],2)=="06"&&e.substr(d[d.length-1],2)=="04"){var o=p.oidname(j(e,d[0]));var r=JSON.parse(JSON.stringify(c));r.x509ExtName=o;f=r}for(var u=0;u<d.length;u++){k=k+y(e,f,d[u],g+"  ")}return k}if(z=="31"){var k=g+"SET\n";var d=w(e,l);for(var u=0;u<d.length;u++){k=k+y(e,c,d[u],g+"  ")}return k}var z=parseInt(z,16);if((z&128)!=0){var n=z&31;if((z&32)!=0){var k=g+"["+n+"]\n";var d=w(e,l);for(var u=0;u<d.length;u++){k=k+y(e,c,d[u],g+"  ")}return k}else{var h=j(e,l);if(ASN1HEX.isASN1HEX(h)){var k=g+"["+n+"]\n";k=k+y(h,c,0,g+"  ");return k}else{if(h.substr(0,8)=="68747470"){h=hextoutf8(h)}else{if(c.x509ExtName==="subjectAltName"&&n==2){h=hextoutf8(h)}}}var k=g+"["+n+"] "+h+"\n";return k}}return g+"UNKNOWN("+z+") "+j(e,l)+"\n"};ASN1HEX.parse=function(x){var t=ASN1HEX,f=t.parse,a=t.isASN1HEX,l=t.getV,b=t.getTLV,y=t.getChildIdx,i=KJUR.asn1,e=i.ASN1Util.oidHexToInt,B=i.x509.OID.oid2name,k=hextoutf8,n=ucs2hextoutf8,q=iso88591hextoutf8;var c={"0c":"utf8str","12":"numstr","13":"prnstr","14":"telstr","16":"ia5str","17":"utctime","18":"gentime","1a":"visstr","1e":"bmpstr","30":"seq","31":"set"};var u=function(H){var D=[];var E=y(H,0);for(var G=0;G<E.length;G++){var s=E[G];var d=b(H,s);var F=f(d);D.push(F)}return D};var C=x.substr(0,2);var j={};var p=l(x,0);if(C=="01"){if(x=="0101ff"){return{bool:true}}return{bool:false}}else{if(C=="02"){return{"int":{hex:p}}}else{if(C=="03"){try{if(p.substr(0,2)!="00"){throw"not encap"}var v=p.substr(2);if(!a(v)){throw"not encap"}return{bitstr:{obj:f(v)}}}catch(z){var m=null;if(p.length<=10){m=bitstrtobinstr(p)}if(m==null){return{bitstr:{hex:p}}}else{return{bitstr:{bin:m}}}}}else{if(C=="04"){try{if(!a(p)){throw"not encap"}return{octstr:{obj:f(p)}}}catch(z){return{octstr:{hex:p}}}}else{if(C=="05"){return{"null":""}}else{if(C=="06"){var g=e(p);var r=B(g);if(r==""){return{oid:g}}else{return{oid:r}}}else{if(C=="0a"){if(p.length>4){return{"enum":{hex:p}}}else{return{"enum":parseInt(p,16)}}}else{if(C=="30"||C=="31"){j[c[C]]=u(x);return j}else{if(C=="14"){var o=q(p);j[c[C]]={str:o};return j}else{if(C=="1e"){var o=n(p);j[c[C]]={str:o};return j}else{if(":0c:12:13:16:17:18:1a:".indexOf(C)!=-1){var o=k(p);j[c[C]]={str:o};return j}else{if(C.match(/^8[0-9]$/)){var o=k(p);if(o==null|o==""){return{tag:{tag:C,explicit:false,hex:p}}}else{if(o.match(/[\x00-\x1F\x7F-\x9F]/)!=null||o.match(/[\u0000-\u001F\u0080–\u009F]/)!=null){return{tag:{tag:C,explicit:false,hex:p}}}else{return{tag:{tag:C,explicit:false,str:o}}}}}else{if(C.match(/^a[0-9]$/)){try{if(!a(p)){throw new Error("not encap")}return{tag:{tag:C,explicit:true,obj:f(p)}}}catch(z){return{tag:{tag:C,explicit:true,hex:p}}}}else{var A=new KJUR.asn1.ASN1Object();A.hV=p;var w=A.getLengthHexFromValue();return{asn1:{tlv:C+w+p}}}}}}}}}}}}}}}};ASN1HEX.isContextTag=function(c,b){c=c.toLowerCase();var f,e;try{f=parseInt(c,16)}catch(d){return -1}if(b===undefined){if((f&192)==128){return true}else{return false}}try{var a=b.match(/^\[[0-9]+\]$/);if(a==null){return false}e=parseInt(b.substr(1,b.length-1),10);if(e>31){return false}if(((f&192)==128)&&((f&31)==e)){return true}return false}catch(d){return false}};ASN1HEX.isASN1HEX=function(e){var d=ASN1HEX;if(e.length%2==1){return false}var c=d.getVblen(e,0);var b=e.substr(0,2);var f=d.getL(e,0);var a=e.length-b.length-f.length;if(a==c*2){return true}return false};ASN1HEX.checkStrictDER=function(g,o,d,c,r){var s=ASN1HEX;if(d===undefined){if(typeof g!="string"){throw new Error("not hex string")}g=g.toLowerCase();if(!KJUR.lang.String.isHex(g)){throw new Error("not hex string")}d=g.length;c=g.length/2;if(c<128){r=1}else{r=Math.ceil(c.toString(16))+1}}var k=s.getL(g,o);if(k.length>r*2){throw new Error("L of TLV too long: idx="+o)}var n=s.getVblen(g,o);if(n>c){throw new Error("value of L too long than hex: idx="+o)}var q=s.getTLV(g,o);var f=q.length-2-s.getL(g,o).length;if(f!==(n*2)){throw new Error("V string length and L's value not the same:"+f+"/"+(n*2))}if(o===0){if(g.length!=q.length){throw new Error("total length and TLV length unmatch:"+g.length+"!="+q.length)}}var b=g.substr(o,2);if(b==="02"){var a=s.getVidx(g,o);if(g.substr(a,2)=="00"&&g.charCodeAt(a+2)<56){throw new Error("not least zeros for DER INTEGER")}}if(parseInt(b,16)&32){var p=s.getVblen(g,o);var m=0;var l=s.getChildIdx(g,o);for(var e=0;e<l.length;e++){var j=s.getTLV(g,l[e]);m+=j.length;s.checkStrictDER(g,l[e],d,c,r)}if((p*2)!=m){throw new Error("sum of children's TLV length and L unmatch: "+(p*2)+"!="+m)}}};ASN1HEX.oidname=function(a){var c=KJUR.asn1;if(KJUR.lang.String.isHex(a)){a=c.ASN1Util.oidHexToInt(a)}var b=c.x509.OID.oid2name(a);if(b===""){b=a}return b};
-if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}if(typeof KJUR.asn1.x509=="undefined"||!KJUR.asn1.x509){KJUR.asn1.x509={}}KJUR.asn1.x509.Certificate=function(h){KJUR.asn1.x509.Certificate.superclass.constructor.call(this);var d=KJUR,c=d.asn1,f=c.DERBitString,b=c.DERSequence,g=c.x509,a=g.TBSCertificate,e=g.AlgorithmIdentifier;this.params=undefined;this.setByParam=function(i){this.params=i};this.sign=function(){var l=this.params;var k=l.sigalg;if(l.sigalg.name!=undefined){k=l.sigalg.name}var i=l.tbsobj.tohex();var j=new KJUR.crypto.Signature({alg:k});j.init(l.cakey);j.updateHex(i);l.sighex=j.sign()};this.getPEM=function(){return hextopem(this.tohex(),"CERTIFICATE")};this.tohex=function(){var k=this.params;if(k.tbsobj==undefined||k.tbsobj==null){k.tbsobj=new a(k)}if(k.sighex==undefined&&k.cakey!=undefined){this.sign()}if(k.sighex==undefined){throw new Error("sighex or cakey parameter not defined")}var i=[];i.push(k.tbsobj);i.push(new e({name:k.sigalg}));i.push(new f({hex:"00"+k.sighex}));var j=new b({array:i});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};if(h!=undefined){this.params=h}};extendClass(KJUR.asn1.x509.Certificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.TBSCertificate=function(f){KJUR.asn1.x509.TBSCertificate.superclass.constructor.call(this);var b=KJUR,i=b.asn1,d=i.x509,c=i.DERTaggedObject,h=i.DERInteger,g=i.DERSequence,l=d.AlgorithmIdentifier,e=d.Time,a=d.X500Name,j=d.Extensions,k=d.SubjectPublicKeyInfo;this.params=null;this.setByParam=function(m){this.params=m};this.tohex=function(){var n=[];var q=this.params;if(q.version!=undefined||q.version!=1){var m=2;if(q.version!=undefined){m=q.version-1}var p=new c({obj:new h({"int":m})});n.push(p)}n.push(new h(q.serial));n.push(new l({name:q.sigalg}));n.push(new a(q.issuer));n.push(new g({array:[new e(q.notbefore),new e(q.notafter)]}));n.push(new a(q.subject));n.push(new k(KEYUTIL.getKey(q.sbjpubkey)));if(q.ext!==undefined&&q.ext.length>0){n.push(new c({tag:"a3",obj:new j(q.ext)}))}var o=new KJUR.asn1.DERSequence({array:n});return o.tohex()};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.TBSCertificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Extensions=function(d){KJUR.asn1.x509.Extensions.superclass.constructor.call(this);var c=KJUR,b=c.asn1,a=b.DERSequence,e=b.x509;this.aParam=[];this.setByParam=function(f){this.aParam=f};this.tohex=function(){var f=[];for(var h=0;h<this.aParam.length;h++){var l=this.aParam[h];var k=l.extname;var j=null;if(l.extn!=undefined){j=new e.PrivateExtension(l)}else{if(k=="subjectKeyIdentifier"){j=new e.SubjectKeyIdentifier(l)}else{if(k=="keyUsage"){j=new e.KeyUsage(l)}else{if(k=="subjectAltName"){j=new e.SubjectAltName(l)}else{if(k=="issuerAltName"){j=new e.IssuerAltName(l)}else{if(k=="basicConstraints"){j=new e.BasicConstraints(l)}else{if(k=="nameConstraints"){j=new e.NameConstraints(l)}else{if(k=="cRLDistributionPoints"){j=new e.CRLDistributionPoints(l)}else{if(k=="certificatePolicies"){j=new e.CertificatePolicies(l)}else{if(k=="authorityKeyIdentifier"){j=new e.AuthorityKeyIdentifier(l)}else{if(k=="extKeyUsage"){j=new e.ExtKeyUsage(l)}else{if(k=="authorityInfoAccess"){j=new e.AuthorityInfoAccess(l)}else{if(k=="cRLNumber"){j=new e.CRLNumber(l)}else{if(k=="cRLReason"){j=new e.CRLReason(l)}else{if(k=="ocspNonce"){j=new e.OCSPNonce(l)}else{if(k=="ocspNoCheck"){j=new e.OCSPNoCheck(l)}else{if(k=="adobeTimeStamp"){j=new e.AdobeTimeStamp(l)}else{if(k=="subjectDirectoryAttributes"){j=new e.SubjectDirectoryAttributes(l)}else{throw new Error("extension not supported:"+JSON.stringify(l))}}}}}}}}}}}}}}}}}}if(j!=null){f.push(j)}}var g=new a({array:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(d!=undefined){this.setByParam(d)}};extendClass(KJUR.asn1.x509.Extensions,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Extension=function(d){KJUR.asn1.x509.Extension.superclass.constructor.call(this);var f=null,a=KJUR,e=a.asn1,h=e.DERObjectIdentifier,i=e.DEROctetString,b=e.DERBitString,g=e.DERBoolean,c=e.DERSequence;this.tohex=function(){var m=new h({oid:this.oid});var l=new i({hex:this.getExtnValueHex()});var k=new Array();k.push(m);if(this.critical){k.push(new g())}k.push(l);var j=new c({array:k});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};this.critical=false;if(d!==undefined){if(d.critical!==undefined){this.critical=d.critical}}};extendClass(KJUR.asn1.x509.Extension,KJUR.asn1.ASN1Object);KJUR.asn1.x509.KeyUsage=function(c){KJUR.asn1.x509.KeyUsage.superclass.constructor.call(this,c);var b=Error;var a={digitalSignature:0,nonRepudiation:1,keyEncipherment:2,dataEncipherment:3,keyAgreement:4,keyCertSign:5,cRLSign:6,encipherOnly:7,decipherOnly:8};this.getExtnValueHex=function(){var d=this.getBinValue();this.asn1ExtnValue=new KJUR.asn1.DERBitString({bin:d});return this.asn1ExtnValue.tohex()};this.getBinValue=function(){var d=this.params;if(typeof d!="object"||(typeof d.names!="object"&&typeof d.bin!="string")){throw new b("parameter not yet set")}if(d.names!=undefined){return namearraytobinstr(d.names,a)}else{if(d.bin!=undefined){return d.bin}else{throw new b("parameter not set properly")}}};this.oid="2.5.29.15";if(c!==undefined){this.params=c}};extendClass(KJUR.asn1.x509.KeyUsage,KJUR.asn1.x509.Extension);KJUR.asn1.x509.BasicConstraints=function(g){KJUR.asn1.x509.BasicConstraints.superclass.constructor.call(this,g);var c=KJUR.asn1,e=c.DERBoolean,f=c.DERInteger,b=c.DERSequence;var a=false;var d=-1;this.getExtnValueHex=function(){var i=new Array();if(this.cA){i.push(new e())}if(this.pathLen>-1){i.push(new f({"int":this.pathLen}))}var h=new b({array:i});this.asn1ExtnValue=h;return this.asn1ExtnValue.tohex()};this.oid="2.5.29.19";this.cA=false;this.pathLen=-1;if(g!==undefined){if(g.cA!==undefined){this.cA=g.cA}if(g.pathLen!==undefined){this.pathLen=g.pathLen}}};extendClass(KJUR.asn1.x509.BasicConstraints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRLDistributionPoints=function(d){KJUR.asn1.x509.CRLDistributionPoints.superclass.constructor.call(this,d);var b=KJUR,a=b.asn1,c=a.x509;this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.setByDPArray=function(e){var f=[];for(var g=0;g<e.length;g++){if(e[g] instanceof KJUR.asn1.ASN1Object){f.push(e[g])}else{var h=new c.DistributionPoint(e[g]);f.push(h)}}this.asn1ExtnValue=new a.DERSequence({array:f})};this.setByOneURI=function(f){var e=new c.DistributionPoint({fulluri:f});this.setByDPArray([e])};this.oid="2.5.29.31";if(d!==undefined){if(d.array!==undefined){this.setByDPArray(d.array)}else{if(d.uri!==undefined){this.setByOneURI(d.uri)}}}};extendClass(KJUR.asn1.x509.CRLDistributionPoints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.DistributionPoint=function(e){KJUR.asn1.x509.DistributionPoint.superclass.constructor.call(this);var a=null,c=KJUR,b=c.asn1,d=b.x509.DistributionPointName;this.tohex=function(){var f=new b.DERSequence();if(this.asn1DP!=null){var g=new b.DERTaggedObject({explicit:true,tag:"a0",obj:this.asn1DP});f.appendASN1Object(g)}this.hTLV=f.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){if(e.dpobj!==undefined){this.asn1DP=e.dpobj}else{if(e.dpname!==undefined){this.asn1DP=new d(e.dpname)}else{if(e.fulluri!==undefined){this.asn1DP=new d({full:[{uri:e.fulluri}]})}}}}};extendClass(KJUR.asn1.x509.DistributionPoint,KJUR.asn1.ASN1Object);KJUR.asn1.x509.DistributionPointName=function(h){KJUR.asn1.x509.DistributionPointName.superclass.constructor.call(this);var g=null,d=null,a=null,f=null,c=KJUR,b=c.asn1,e=b.DERTaggedObject;this.tohex=function(){if(this.type!="full"){throw new Error("currently type shall be 'full': "+this.type)}this.asn1Obj=new e({explicit:false,tag:this.tag,obj:this.asn1V});this.hTLV=this.asn1Obj.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(h!==undefined){if(b.x509.GeneralNames.prototype.isPrototypeOf(h)){this.type="full";this.tag="a0";this.asn1V=h}else{if(h.full!==undefined){this.type="full";this.tag="a0";this.asn1V=new b.x509.GeneralNames(h.full)}else{throw new Error("This class supports GeneralNames only as argument")}}}};extendClass(KJUR.asn1.x509.DistributionPointName,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CertificatePolicies=function(f){KJUR.asn1.x509.CertificatePolicies.superclass.constructor.call(this,f);var c=KJUR,b=c.asn1,e=b.x509,a=b.DERSequence,d=e.PolicyInformation;this.params=null;this.getExtnValueHex=function(){var j=[];for(var h=0;h<this.params.array.length;h++){j.push(new d(this.params.array[h]))}var g=new a({array:j});this.asn1ExtnValue=g;return this.asn1ExtnValue.tohex()};this.oid="2.5.29.32";if(f!==undefined){this.params=f}};extendClass(KJUR.asn1.x509.CertificatePolicies,KJUR.asn1.x509.Extension);KJUR.asn1.x509.PolicyInformation=function(d){KJUR.asn1.x509.PolicyInformation.superclass.constructor.call(this,d);var c=KJUR.asn1,b=c.DERSequence,e=c.DERObjectIdentifier,a=c.x509.PolicyQualifierInfo;this.params=null;this.tohex=function(){if(this.params.policyoid===undefined&&this.params.array===undefined){throw new Error("parameter oid and array missing")}var f=[new e(this.params.policyoid)];if(this.params.array!==undefined){var j=[];for(var h=0;h<this.params.array.length;h++){j.push(new a(this.params.array[h]))}if(j.length>0){f.push(new b({array:j}))}}var g=new b({array:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(d!==undefined){this.params=d}};extendClass(KJUR.asn1.x509.PolicyInformation,KJUR.asn1.ASN1Object);KJUR.asn1.x509.PolicyQualifierInfo=function(e){KJUR.asn1.x509.PolicyQualifierInfo.superclass.constructor.call(this,e);var c=KJUR.asn1,b=c.DERSequence,d=c.DERIA5String,f=c.DERObjectIdentifier,a=c.x509.UserNotice;this.params=null;this.tohex=function(){if(this.params.cps!==undefined){var g=new b({array:[new f({oid:"1.3.6.1.5.5.7.2.1"}),new d({str:this.params.cps})]});return g.tohex()}if(this.params.unotice!=undefined){var g=new b({array:[new f({oid:"1.3.6.1.5.5.7.2.2"}),new a(this.params.unotice)]});return g.tohex()}};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){this.params=e}};extendClass(KJUR.asn1.x509.PolicyQualifierInfo,KJUR.asn1.ASN1Object);KJUR.asn1.x509.UserNotice=function(e){KJUR.asn1.x509.UserNotice.superclass.constructor.call(this,e);var a=KJUR.asn1.DERSequence,d=KJUR.asn1.DERInteger,c=KJUR.asn1.x509.DisplayText,b=KJUR.asn1.x509.NoticeReference;this.params=null;this.tohex=function(){var f=[];if(this.params.noticeref!==undefined){f.push(new b(this.params.noticeref))}if(this.params.exptext!==undefined){f.push(new c(this.params.exptext))}var g=new a({array:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){this.params=e}};extendClass(KJUR.asn1.x509.UserNotice,KJUR.asn1.ASN1Object);KJUR.asn1.x509.NoticeReference=function(d){KJUR.asn1.x509.NoticeReference.superclass.constructor.call(this,d);var a=KJUR.asn1.DERSequence,c=KJUR.asn1.DERInteger,b=KJUR.asn1.x509.DisplayText;this.params=null;this.tohex=function(){var f=[];if(this.params.org!==undefined){f.push(new b(this.params.org))}if(this.params.noticenum!==undefined){var h=[];var e=this.params.noticenum;for(var j=0;j<e.length;j++){h.push(new c(e[j]))}f.push(new a({array:h}))}if(f.length==0){throw new Error("parameter is empty")}var g=new a({array:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(d!==undefined){this.params=d}};extendClass(KJUR.asn1.x509.NoticeReference,KJUR.asn1.ASN1Object);KJUR.asn1.x509.DisplayText=function(a){KJUR.asn1.x509.DisplayText.superclass.constructor.call(this,a);this.hT="0c";if(a!==undefined){if(a.type==="ia5"){this.hT="16"}else{if(a.type==="vis"){this.hT="1a"}else{if(a.type==="bmp"){this.hT="1e"}}}}};extendClass(KJUR.asn1.x509.DisplayText,KJUR.asn1.DERAbstractString);KJUR.asn1.x509.NameConstraints=function(f){KJUR.asn1.x509.NameConstraints.superclass.constructor.call(this,f);var c=KJUR,b=c.asn1,e=b.x509,a=b.ASN1Util.newObject,d=e.GeneralSubtree;this.params=null;this.getExtnValueHex=function(){var l=this.params;var g=[];if(l.permit!=undefined&&l.permit.length!=undefined){var k=[];for(var h=0;h<l.permit.length;h++){k.push(new d(l.permit[h]))}g.push({tag:{tagi:"a0",obj:{seq:k}}})}if(l.exclude!=undefined&&l.exclude.length!=undefined){var j=[];for(var h=0;h<l.exclude.length;h++){j.push(new d(l.exclude[h]))}g.push({tag:{tagi:"a1",obj:{seq:j}}})}this.asn1ExtnValue=a({seq:g});return this.asn1ExtnValue.tohex()};this.oid="2.5.29.30";if(f!==undefined){this.params=f}};extendClass(KJUR.asn1.x509.NameConstraints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.GeneralSubtree=function(e){KJUR.asn1.x509.GeneralSubtree.superclass.constructor.call(this);var b=KJUR.asn1,d=b.x509,c=d.GeneralName,a=b.ASN1Util.newObject;this.params=null;this.setByParam=function(f){this.params=f};this.tohex=function(){var h=this.params;var f=[new c(h)];if(h.min!=undefined){f.push({tag:{tagi:"80",obj:{"int":h.min}}})}if(h.max!=undefined){f.push({tag:{tagi:"81",obj:{"int":h.max}}})}var g=a({seq:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){this.setByParam(e)}};extendClass(KJUR.asn1.x509.GeneralSubtree,KJUR.asn1.ASN1Object);KJUR.asn1.x509.ExtKeyUsage=function(c){KJUR.asn1.x509.ExtKeyUsage.superclass.constructor.call(this,c);var b=KJUR,a=b.asn1;this.setPurposeArray=function(d){this.asn1ExtnValue=new a.DERSequence();for(var e=0;e<d.length;e++){var f=new a.DERObjectIdentifier(d[e]);this.asn1ExtnValue.appendASN1Object(f)}};this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.oid="2.5.29.37";if(c!==undefined){if(c.array!==undefined){this.setPurposeArray(c.array)}}};extendClass(KJUR.asn1.x509.ExtKeyUsage,KJUR.asn1.x509.Extension);KJUR.asn1.x509.AuthorityKeyIdentifier=function(f){KJUR.asn1.x509.AuthorityKeyIdentifier.superclass.constructor.call(this,f);var b=KJUR,a=b.asn1,d=a.DERTaggedObject,e=a.x509.GeneralNames,c=b.crypto.Util.isKey;this.asn1KID=null;this.asn1CertIssuer=null;this.asn1CertSN=null;this.getExtnValueHex=function(){var h=new Array();if(this.asn1KID){h.push(new d({explicit:false,tag:"80",obj:this.asn1KID}))}if(this.asn1CertIssuer){h.push(new d({explicit:false,tag:"a1",obj:new e([{dn:this.asn1CertIssuer}])}))}if(this.asn1CertSN){h.push(new d({explicit:false,tag:"82",obj:this.asn1CertSN}))}var g=new a.DERSequence({array:h});this.asn1ExtnValue=g;return this.asn1ExtnValue.tohex()};this.setKIDByParam=function(i){if(i.str!==undefined||i.hex!==undefined){this.asn1KID=new KJUR.asn1.DEROctetString(i)}else{if((typeof i==="object"&&KJUR.crypto.Util.isKey(i))||(typeof i==="string"&&i.indexOf("BEGIN ")!=-1)){var h=i;if(typeof i==="string"){h=KEYUTIL.getKey(i)}var g=KEYUTIL.getKeyID(h);this.asn1KID=new KJUR.asn1.DEROctetString({hex:g})}}};this.setCertIssuerByParam=function(g){if(g.str!==undefined||g.ldapstr!==undefined||g.hex!==undefined||g.certsubject!==undefined||g.certissuer!==undefined){this.asn1CertIssuer=new KJUR.asn1.x509.X500Name(g)}else{if(typeof g==="string"&&g.indexOf("BEGIN ")!=-1&&g.indexOf("CERTIFICATE")!=-1){this.asn1CertIssuer=new KJUR.asn1.x509.X500Name({certissuer:g})}}};this.setCertSNByParam=function(i){if(i.str!==undefined||i.bigint!==undefined||i.hex!==undefined){this.asn1CertSN=new KJUR.asn1.DERInteger(i)}else{if(typeof i==="string"&&i.indexOf("BEGIN ")!=-1&&i.indexOf("CERTIFICATE")){var g=new X509();g.readCertPEM(i);var h=g.getSerialNumberHex();this.asn1CertSN=new KJUR.asn1.DERInteger({hex:h})}}};this.oid="2.5.29.35";if(f!==undefined){if(f.kid!==undefined){this.setKIDByParam(f.kid)}if(f.issuer!==undefined){this.setCertIssuerByParam(f.issuer)}if(f.sn!==undefined){this.setCertSNByParam(f.sn)}if(f.issuersn!==undefined&&typeof f.issuersn==="string"&&f.issuersn.indexOf("BEGIN ")!=-1&&f.issuersn.indexOf("CERTIFICATE")){this.setCertSNByParam(f.issuersn);this.setCertIssuerByParam(f.issuersn)}}};extendClass(KJUR.asn1.x509.AuthorityKeyIdentifier,KJUR.asn1.x509.Extension);KJUR.asn1.x509.SubjectKeyIdentifier=function(d){KJUR.asn1.x509.SubjectKeyIdentifier.superclass.constructor.call(this,d);var b=KJUR,a=b.asn1,c=a.DEROctetString;this.asn1KID=null;this.getExtnValueHex=function(){this.asn1ExtnValue=this.asn1KID;return this.asn1ExtnValue.tohex()};this.setKIDByParam=function(g){if(g.str!==undefined||g.hex!==undefined){this.asn1KID=new c(g)}else{if((typeof g==="object"&&KJUR.crypto.Util.isKey(g))||(typeof g==="string"&&g.indexOf("BEGIN")!=-1)){var f=g;if(typeof g==="string"){f=KEYUTIL.getKey(g)}var e=KEYUTIL.getKeyID(f);this.asn1KID=new KJUR.asn1.DEROctetString({hex:e})}}};this.oid="2.5.29.14";if(d!==undefined){if(d.kid!==undefined){this.setKIDByParam(d.kid)}}};extendClass(KJUR.asn1.x509.SubjectKeyIdentifier,KJUR.asn1.x509.Extension);KJUR.asn1.x509.AuthorityInfoAccess=function(a){KJUR.asn1.x509.AuthorityInfoAccess.superclass.constructor.call(this,a);this.setAccessDescriptionArray=function(k){var d=new Array(),b=KJUR,g=b.asn1,c=g.DERSequence,j=g.DERObjectIdentifier,l=g.x509.GeneralName;for(var f=0;f<k.length;f++){var e;var h=k[f];if(h.ocsp!==undefined){e=new c({array:[new j({oid:"1.3.6.1.5.5.7.48.1"}),new l({uri:h.ocsp})]})}else{if(h.caissuer!==undefined){e=new c({array:[new j({oid:"1.3.6.1.5.5.7.48.2"}),new l({uri:h.caissuer})]})}else{throw new Error("unknown AccessMethod parameter: "+JSON.stringify(h))}}d.push(e)}this.asn1ExtnValue=new c({array:d})};this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.oid="1.3.6.1.5.5.7.1.1";if(a!==undefined){if(a.array!==undefined){this.setAccessDescriptionArray(a.array)}}};extendClass(KJUR.asn1.x509.AuthorityInfoAccess,KJUR.asn1.x509.Extension);KJUR.asn1.x509.SubjectAltName=function(a){KJUR.asn1.x509.SubjectAltName.superclass.constructor.call(this,a);this.setNameArray=function(b){this.asn1ExtnValue=new KJUR.asn1.x509.GeneralNames(b)};this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.oid="2.5.29.17";if(a!==undefined){if(a.array!==undefined){this.setNameArray(a.array)}}};extendClass(KJUR.asn1.x509.SubjectAltName,KJUR.asn1.x509.Extension);KJUR.asn1.x509.IssuerAltName=function(a){KJUR.asn1.x509.IssuerAltName.superclass.constructor.call(this,a);this.setNameArray=function(b){this.asn1ExtnValue=new KJUR.asn1.x509.GeneralNames(b)};this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.oid="2.5.29.18";if(a!==undefined){if(a.array!==undefined){this.setNameArray(a.array)}}};extendClass(KJUR.asn1.x509.IssuerAltName,KJUR.asn1.x509.Extension);KJUR.asn1.x509.SubjectDirectoryAttributes=function(e){KJUR.asn1.x509.SubjectDirectoryAttributes.superclass.constructor.call(this,e);var c=KJUR.asn1,a=c.DERSequence,b=c.ASN1Util.newObject,d=c.x509.OID.name2oid;this.params=null;this.getExtnValueHex=function(){var f=[];for(var j=0;j<this.params.array.length;j++){var k=this.params.array[j];var h={seq:[{oid:"1.2.3.4"},{set:[{utf8str:"DE"}]}]};if(k.attr=="dateOfBirth"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={gentime:k.str}}else{if(k.attr=="placeOfBirth"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={utf8str:k.str}}else{if(k.attr=="gender"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={prnstr:k.str}}else{if(k.attr=="countryOfCitizenship"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={prnstr:k.str}}else{if(k.attr=="countryOfResidence"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={prnstr:k.str}}else{throw new Error("unsupported attribute: "+k.attr)}}}}}f.push(new b(h))}var g=new a({array:f});this.asn1ExtnValue=g;return this.asn1ExtnValue.tohex()};this.oid="2.5.29.9";if(e!==undefined){this.params=e}};extendClass(KJUR.asn1.x509.SubjectDirectoryAttributes,KJUR.asn1.x509.Extension);KJUR.asn1.x509.PrivateExtension=function(f){KJUR.asn1.x509.PrivateExtension.superclass.constructor.call(this,f);var c=KJUR,e=c.lang.String.isHex,b=c.asn1,d=b.x509.OID.name2oid,a=b.ASN1Util.newObject;this.params=null;this.setByParam=function(g){this.oid=d(g.extname);this.params=g};this.getExtnValueHex=function(){if(this.params.extname==undefined||this.params.extn==undefined){throw new Error("extname or extnhex not specified")}var h=this.params.extn;if(typeof h=="string"&&e(h)){return h}else{if(typeof h=="object"){try{return a(h).tohex()}catch(g){}}}throw new Error("unsupported extn value")};if(f!=undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.PrivateExtension,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRL=function(g){KJUR.asn1.x509.CRL.superclass.constructor.call(this);var c=KJUR,b=c.asn1,a=b.DERSequence,e=b.DERBitString,f=b.x509,d=f.AlgorithmIdentifier,h=f.TBSCertList;this.params=undefined;this.setByParam=function(i){this.params=i};this.sign=function(){var j=(new h(this.params)).tohex();var k=new KJUR.crypto.Signature({alg:this.params.sigalg});k.init(this.params.cakey);k.updateHex(j);var i=k.sign();this.params.sighex=i};this.getPEM=function(){return hextopem(this.tohex(),"X509 CRL")};this.tohex=function(){var k=this.params;if(k.tbsobj==undefined){k.tbsobj=new h(k)}if(k.sighex==undefined&&k.cakey!=undefined){this.sign()}if(k.sighex==undefined){throw new Error("sighex or cakey parameter not defined")}var i=[];i.push(k.tbsobj);i.push(new d({name:k.sigalg}));i.push(new e({hex:"00"+k.sighex}));var j=new a({array:i});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!=undefined){this.params=g}};extendClass(KJUR.asn1.x509.CRL,KJUR.asn1.ASN1Object);KJUR.asn1.x509.TBSCertList=function(f){KJUR.asn1.x509.TBSCertList.superclass.constructor.call(this);var b=KJUR,i=b.asn1,h=i.DERInteger,g=i.DERSequence,c=i.DERTaggedObject,k=i.DERObjectIdentifier,d=i.x509,l=d.AlgorithmIdentifier,e=d.Time,j=d.Extensions,a=d.X500Name;this.params=null;this.setByParam=function(m){this.params=m};this.getRevCertSequence=function(){var m=[];var n=this.params.revcert;for(var o=0;o<n.length;o++){var p=[new h(n[o].sn),new e(n[o].date)];if(n[o].ext!=undefined){p.push(new j(n[o].ext))}m.push(new g({array:p}))}return new g({array:m})};this.tohex=function(){var n=[];var r=this.params;if(r.version!=undefined){var m=r.version-1;var p=new h({"int":m});n.push(p)}n.push(new l({name:r.sigalg}));n.push(new a(r.issuer));n.push(new e(r.thisupdate));if(r.nextupdate!=undefined){n.push(new e(r.nextupdate))}if(r.revcert!=undefined){n.push(this.getRevCertSequence())}if(r.ext!=undefined){var q=new j(r.ext);n.push(new c({tag:"a0",explicit:true,obj:q}))}var o=new g({array:n});return o.tohex()};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.TBSCertList,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CRLEntry=function(e){KJUR.asn1.x509.CRLEntry.superclass.constructor.call(this);var d=null,c=null,b=KJUR,a=b.asn1;this.setCertSerial=function(f){this.sn=new a.DERInteger(f)};this.setRevocationDate=function(f){this.time=new a.x509.Time(f)};this.tohex=function(){var f=new a.DERSequence({array:[this.sn,this.time]});this.TLV=f.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){if(e.time!==undefined){this.setRevocationDate(e.time)}if(e.sn!==undefined){this.setCertSerial(e.sn)}}};extendClass(KJUR.asn1.x509.CRLEntry,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CRLNumber=function(a){KJUR.asn1.x509.CRLNumber.superclass.constructor.call(this,a);this.params=undefined;this.getExtnValueHex=function(){this.asn1ExtnValue=new KJUR.asn1.DERInteger(this.params.num);return this.asn1ExtnValue.tohex()};this.oid="2.5.29.20";if(a!=undefined){this.params=a}};extendClass(KJUR.asn1.x509.CRLNumber,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRLReason=function(a){KJUR.asn1.x509.CRLReason.superclass.constructor.call(this,a);this.params=undefined;this.getExtnValueHex=function(){this.asn1ExtnValue=new KJUR.asn1.DEREnumerated(this.params.code);return this.asn1ExtnValue.tohex()};this.oid="2.5.29.21";if(a!=undefined){this.params=a}};extendClass(KJUR.asn1.x509.CRLReason,KJUR.asn1.x509.Extension);KJUR.asn1.x509.OCSPNonce=function(a){KJUR.asn1.x509.OCSPNonce.superclass.constructor.call(this,a);this.params=undefined;this.getExtnValueHex=function(){this.asn1ExtnValue=new KJUR.asn1.DEROctetString(this.params);return this.asn1ExtnValue.tohex()};this.oid="1.3.6.1.5.5.7.48.1.2";if(a!=undefined){this.params=a}};extendClass(KJUR.asn1.x509.OCSPNonce,KJUR.asn1.x509.Extension);KJUR.asn1.x509.OCSPNoCheck=function(a){KJUR.asn1.x509.OCSPNoCheck.superclass.constructor.call(this,a);this.params=undefined;this.getExtnValueHex=function(){this.asn1ExtnValue=new KJUR.asn1.DERNull();return this.asn1ExtnValue.tohex()};this.oid="1.3.6.1.5.5.7.48.1.5";if(a!=undefined){this.params=a}};extendClass(KJUR.asn1.x509.OCSPNoCheck,KJUR.asn1.x509.Extension);KJUR.asn1.x509.AdobeTimeStamp=function(g){KJUR.asn1.x509.AdobeTimeStamp.superclass.constructor.call(this,g);var c=KJUR,b=c.asn1,f=b.DERInteger,d=b.DERBoolean,a=b.DERSequence,e=b.x509.GeneralName;this.params=null;this.getExtnValueHex=function(){var i=this.params;var h=[new f(1)];h.push(new e({uri:i.uri}));if(i.reqauth!=undefined){h.push(new d(i.reqauth))}this.asn1ExtnValue=new a({array:h});return this.asn1ExtnValue.tohex()};this.oid="1.2.840.113583.1.1.9.1";if(g!==undefined){this.setByParam(g)}};extendClass(KJUR.asn1.x509.AdobeTimeStamp,KJUR.asn1.x509.Extension);KJUR.asn1.x509.X500Name=function(f){KJUR.asn1.x509.X500Name.superclass.constructor.call(this);this.asn1Array=[];this.paramArray=[];this.sRule="utf8";var c=KJUR,b=c.asn1,e=b.x509,d=e.RDN,a=pemtohex;this.setByString=function(g,l){if(l!==undefined){this.sRule=l}var k=g.split("/");k.shift();var j=[];for(var m=0;m<k.length;m++){if(k[m].match(/^[^=]+=.+$/)){j.push(k[m])}else{var h=j.length-1;j[h]=j[h]+"/"+k[m]}}for(var m=0;m<j.length;m++){this.asn1Array.push(new d({str:j[m],rule:this.sRule}))}};this.setByLdapString=function(g,h){if(h!==undefined){this.sRule=h}var i=e.X500Name.ldapToCompat(g);this.setByString(i,h)};this.setByObject=function(j,i){if(i!==undefined){this.sRule=i}for(var g in j){if(j.hasOwnProperty(g)){var h=new d({str:g+"="+j[g],rule:this.sRule});this.asn1Array?this.asn1Array.push(h):this.asn1Array=[h]}}};this.setByParam=function(h){if(h.rule!==undefined){this.sRule=h.rule}if(h.array!==undefined){this.paramArray=h.array}else{if(h.str!==undefined){this.setByString(h.str)}else{if(h.ldapstr!==undefined){this.setByLdapString(h.ldapstr)}else{if(h.hex!==undefined){this.hTLV=h.hex}else{if(h.certissuer!==undefined){var g=new X509();g.readCertPEM(h.certissuer);this.hTLV=g.getIssuerHex()}else{if(h.certsubject!==undefined){var g=new X509();g.readCertPEM(h.certsubject);this.hTLV=g.getSubjectHex()}else{if(typeof h==="object"&&h.certsubject===undefined&&h.certissuer===undefined){this.setByObject(h)}}}}}}}};this.tohex=function(){if(typeof this.hTLV=="string"){return this.hTLV}if(this.asn1Array.length==0&&this.paramArray.length>0){for(var g=0;g<this.paramArray.length;g++){var k={array:this.paramArray[g]};if(this.sRule!="utf8"){k.rule=this.sRule}var h=new d(k);this.asn1Array.push(h)}}var j=new b.DERSequence({array:this.asn1Array});this.hTLV=j.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.X500Name,KJUR.asn1.ASN1Object);KJUR.asn1.x509.X500Name.compatToLDAP=function(d){if(d.substr(0,1)!=="/"){throw"malformed input"}var b="";d=d.substr(1);var c=d.split("/");c.reverse();c=c.map(function(a){return a.replace(/,/,"\\,")});return c.join(",")};KJUR.asn1.x509.X500Name.onelineToLDAP=function(a){return KJUR.asn1.x509.X500Name.compatToLDAP(a)};KJUR.asn1.x509.X500Name.ldapToCompat=function(g){var c=g.split(",");var e=false;var b=[];for(var f=0;c.length>0;f++){var h=c.shift();if(e===true){var d=b.pop();var j=(d+","+h).replace(/\\,/g,",");b.push(j);e=false}else{b.push(h)}if(h.substr(-1,1)==="\\"){e=true}}b=b.map(function(a){return a.replace("/","\\/")});b.reverse();return"/"+b.join("/")};KJUR.asn1.x509.X500Name.ldapToOneline=function(a){return KJUR.asn1.x509.X500Name.ldapToCompat(a)};KJUR.asn1.x509.RDN=function(b){KJUR.asn1.x509.RDN.superclass.constructor.call(this);this.asn1Array=[];this.paramArray=[];this.sRule="utf8";var a=KJUR.asn1.x509.AttributeTypeAndValue;this.setByParam=function(c){if(c.rule!==undefined){this.sRule=c.rule}if(c.str!==undefined){this.addByMultiValuedString(c.str)}if(c.array!==undefined){this.paramArray=c.array}};this.addByString=function(c){this.asn1Array.push(new KJUR.asn1.x509.AttributeTypeAndValue({str:c,rule:this.sRule}))};this.addByMultiValuedString=function(e){var c=KJUR.asn1.x509.RDN.parseString(e);for(var d=0;d<c.length;d++){this.addByString(c[d])}};this.tohex=function(){if(this.asn1Array.length==0&&this.paramArray.length>0){for(var d=0;d<this.paramArray.length;d++){var f=this.paramArray[d];if(f.rule!==undefined&&this.sRule!="utf8"){f.rule=this.sRule}var c=new a(f);this.asn1Array.push(c)}}var e=new KJUR.asn1.DERSet({array:this.asn1Array});this.TLV=e.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};if(b!==undefined){this.setByParam(b)}};extendClass(KJUR.asn1.x509.RDN,KJUR.asn1.ASN1Object);KJUR.asn1.x509.RDN.parseString=function(m){var j=m.split(/\+/);var h=false;var c=[];for(var g=0;j.length>0;g++){var k=j.shift();if(h===true){var f=c.pop();var d=(f+"+"+k).replace(/\\\+/g,"+");c.push(d);h=false}else{c.push(k)}if(k.substr(-1,1)==="\\"){h=true}}var l=false;var b=[];for(var g=0;c.length>0;g++){var k=c.shift();if(l===true){var e=b.pop();if(k.match(/"$/)){var d=(e+"+"+k).replace(/^([^=]+)="(.*)"$/,"$1=$2");b.push(d);l=false}else{b.push(e+"+"+k)}}else{b.push(k)}if(k.match(/^[^=]+="/)){l=true}}return b};KJUR.asn1.x509.AttributeTypeAndValue=function(c){KJUR.asn1.x509.AttributeTypeAndValue.superclass.constructor.call(this);this.sRule="utf8";this.sType=null;this.sValue=null;this.dsType=null;var a=KJUR,g=a.asn1,d=g.DERSequence,l=g.DERUTF8String,i=g.DERPrintableString,h=g.DERTeletexString,b=g.DERIA5String,e=g.DERVisibleString,k=g.DERBMPString,f=a.lang.String.isMail,j=a.lang.String.isPrintable;this.setByParam=function(o){if(o.rule!==undefined){this.sRule=o.rule}if(o.ds!==undefined){this.dsType=o.ds}if(o.value===undefined&&o.str!==undefined){var n=o.str;var m=n.match(/^([^=]+)=(.+)$/);if(m){this.sType=m[1];this.sValue=m[2]}else{throw new Error("malformed attrTypeAndValueStr: "+attrTypeAndValueStr)}}else{this.sType=o.type;this.sValue=o.value}};this.setByString=function(n,o){if(o!==undefined){this.sRule=o}var m=n.match(/^([^=]+)=(.+)$/);if(m){this.setByAttrTypeAndValueStr(m[1],m[2])}else{throw new Error("malformed attrTypeAndValueStr: "+attrTypeAndValueStr)}};this._getDsType=function(){var o=this.sType;var n=this.sValue;var m=this.sRule;if(m==="prn"){if(o=="CN"&&f(n)){return"ia5"}if(j(n)){return"prn"}return"utf8"}else{if(m==="utf8"){if(o=="CN"&&f(n)){return"ia5"}if(o=="C"){return"prn"}return"utf8"}}return"utf8"};this.setByAttrTypeAndValueStr=function(o,n,m){if(m!==undefined){this.sRule=m}this.sType=o;this.sValue=n};this.getValueObj=function(n,m){if(n=="utf8"){return new l({str:m})}if(n=="prn"){return new i({str:m})}if(n=="tel"){return new h({str:m})}if(n=="ia5"){return new b({str:m})}if(n=="vis"){return new e({str:m})}if(n=="bmp"){return new k({str:m})}throw new Error("unsupported directory string type: type="+n+" value="+m)};this.tohex=function(){if(this.dsType==null){this.dsType=this._getDsType()}var n=KJUR.asn1.x509.OID.atype2obj(this.sType);var m=this.getValueObj(this.dsType,this.sValue);var p=new d({array:[n,m]});this.TLV=p.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};if(c!==undefined){this.setByParam(c)}};extendClass(KJUR.asn1.x509.AttributeTypeAndValue,KJUR.asn1.ASN1Object);KJUR.asn1.x509.SubjectPublicKeyInfo=function(f){KJUR.asn1.x509.SubjectPublicKeyInfo.superclass.constructor.call(this);var l=null,k=null,a=KJUR,j=a.asn1,i=j.DERInteger,b=j.DERBitString,m=j.DERObjectIdentifier,e=j.DERSequence,h=j.ASN1Util.newObject,d=j.x509,o=d.AlgorithmIdentifier,g=a.crypto,n=g.ECDSA,c=g.DSA;this.getASN1Object=function(){if(this.asn1AlgId==null||this.asn1SubjPKey==null){throw"algId and/or subjPubKey not set"}var p=new e({array:[this.asn1AlgId,this.asn1SubjPKey]});return p};this.tohex=function(){var p=this.getASN1Object();this.hTLV=p.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};this.setPubKey=function(q){try{if(q instanceof RSAKey){var u=h({seq:[{"int":{bigint:q.n}},{"int":{"int":q.e}}]});var s=u.tohex();this.asn1AlgId=new o({name:"rsaEncryption"});this.asn1SubjPKey=new b({hex:"00"+s})}}catch(p){}try{if(q instanceof KJUR.crypto.ECDSA){var r=new m({name:q.curveName});this.asn1AlgId=new o({name:"ecPublicKey",asn1params:r});this.asn1SubjPKey=new b({hex:"00"+q.pubKeyHex})}}catch(p){}try{if(q instanceof KJUR.crypto.DSA){var r=new h({seq:[{"int":{bigint:q.p}},{"int":{bigint:q.q}},{"int":{bigint:q.g}}]});this.asn1AlgId=new o({name:"dsa",asn1params:r});var t=new i({bigint:q.y});this.asn1SubjPKey=new b({hex:"00"+t.tohex()})}}catch(p){}};if(f!==undefined){this.setPubKey(f)}};extendClass(KJUR.asn1.x509.SubjectPublicKeyInfo,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Time=function(f){KJUR.asn1.x509.Time.superclass.constructor.call(this);var e=null,a=null,d=KJUR,c=d.asn1,b=c.DERUTCTime,g=c.DERGeneralizedTime;this.params=null;this.type=null;this.setTimeParams=function(h){this.timeParams=h};this.setByParam=function(h){this.params=h};this.getType=function(h){if(h.match(/^[0-9]{12}Z$/)){return"utc"}if(h.match(/^[0-9]{14}Z$/)){return"gen"}if(h.match(/^[0-9]{12}\.[0-9]+Z$/)){return"utc"}if(h.match(/^[0-9]{14}\.[0-9]+Z$/)){return"gen"}return null};this.tohex=function(){var i=this.params;var h=null;if(typeof i=="string"){i={str:i}}if(i!=null&&i.str&&(i.type==null||i.type==undefined)){i.type=this.getType(i.str)}if(i!=null&&i.str){if(i.type=="utc"){h=new b(i.str)}if(i.type=="gen"){h=new g(i.str)}}else{if(this.type=="gen"){h=new g()}else{h=new b()}}if(h==null){throw new Error("wrong setting for Time")}this.TLV=h.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};if(f!=undefined){this.setByParam(f)}};KJUR.asn1.x509.Time_bak=function(f){KJUR.asn1.x509.Time_bak.superclass.constructor.call(this);var e=null,a=null,d=KJUR,c=d.asn1,b=c.DERUTCTime,g=c.DERGeneralizedTime;this.setTimeParams=function(h){this.timeParams=h};this.tohex=function(){var h=null;if(this.timeParams!=null){if(this.type=="utc"){h=new b(this.timeParams)}else{h=new g(this.timeParams)}}else{if(this.type=="utc"){h=new b()}else{h=new g()}}this.TLV=h.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};this.type="utc";if(f!==undefined){if(f.type!==undefined){this.type=f.type}else{if(f.str!==undefined){if(f.str.match(/^[0-9]{12}Z$/)){this.type="utc"}if(f.str.match(/^[0-9]{14}Z$/)){this.type="gen"}}}this.timeParams=f}};extendClass(KJUR.asn1.x509.Time,KJUR.asn1.ASN1Object);KJUR.asn1.x509.AlgorithmIdentifier=function(e){KJUR.asn1.x509.AlgorithmIdentifier.superclass.constructor.call(this);this.nameAlg=null;this.asn1Alg=null;this.asn1Params=null;this.paramEmpty=false;var b=KJUR,a=b.asn1,c=a.x509.AlgorithmIdentifier.PSSNAME2ASN1TLV;this.tohex=function(){if(this.nameAlg===null&&this.asn1Alg===null){throw new Error("algorithm not specified")}if(this.nameAlg!==null){var f=null;for(var h in c){if(h===this.nameAlg){f=c[h]}}if(f!==null){this.hTLV=f;return this.hTLV}}if(this.nameAlg!==null&&this.asn1Alg===null){this.asn1Alg=a.x509.OID.name2obj(this.nameAlg)}var g=[this.asn1Alg];if(this.asn1Params!==null){g.push(this.asn1Params)}var i=new a.DERSequence({array:g});this.hTLV=i.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){if(e.name!==undefined){this.nameAlg=e.name}if(e.asn1params!==undefined){this.asn1Params=e.asn1params}if(e.paramempty!==undefined){this.paramEmpty=e.paramempty}}if(this.asn1Params===null&&this.paramEmpty===false&&this.nameAlg!==null){if(this.nameAlg.name!==undefined){this.nameAlg=this.nameAlg.name}var d=this.nameAlg.toLowerCase();if(d.substr(-7,7)!=="withdsa"&&d.substr(-9,9)!=="withecdsa"){this.asn1Params=new a.DERNull()}}};extendClass(KJUR.asn1.x509.AlgorithmIdentifier,KJUR.asn1.ASN1Object);KJUR.asn1.x509.AlgorithmIdentifier.PSSNAME2ASN1TLV={SHAwithRSAandMGF1:"300d06092a864886f70d01010a3000",SHA256withRSAandMGF1:"303d06092a864886f70d01010a3030a00d300b0609608648016503040201a11a301806092a864886f70d010108300b0609608648016503040201a203020120",SHA384withRSAandMGF1:"303d06092a864886f70d01010a3030a00d300b0609608648016503040202a11a301806092a864886f70d010108300b0609608648016503040202a203020130",SHA512withRSAandMGF1:"303d06092a864886f70d01010a3030a00d300b0609608648016503040203a11a301806092a864886f70d010108300b0609608648016503040203a203020140"};KJUR.asn1.x509.GeneralName=function(f){KJUR.asn1.x509.GeneralName.superclass.constructor.call(this);var l={rfc822:"81",dns:"82",dn:"a4",uri:"86",ip:"87",otherName:"a0"},b=KJUR,h=b.asn1,d=h.x509,a=d.X500Name,g=d.OtherName,e=h.DERIA5String,i=h.DERPrintableString,k=h.DEROctetString,c=h.DERTaggedObject,m=h.ASN1Object,j=Error;this.params=null;this.setByParam=function(n){this.params=n};this.tohex=function(){var p=this.params;var A,y,q;var y=false;if(p.other!==undefined){A="a0",q=new g(p.other)}else{if(p.rfc822!==undefined){A="81";q=new e({str:p.rfc822})}else{if(p.dns!==undefined){A="82";q=new e({str:p.dns})}else{if(p.dn!==undefined){A="a4";y=true;if(typeof p.dn==="string"){q=new a({str:p.dn})}else{if(p.dn instanceof KJUR.asn1.x509.X500Name){q=p.dn}else{q=new a(p.dn)}}}else{if(p.ldapdn!==undefined){A="a4";y=true;q=new a({ldapstr:p.ldapdn})}else{if(p.certissuer!==undefined||p.certsubj!==undefined){A="a4";y=true;var n,o;var z=null;if(p.certsubj!==undefined){n=false;o=p.certsubj}else{n=true;o=p.certissuer}if(o.match(/^[0-9A-Fa-f]+$/)){z==o}if(o.indexOf("-----BEGIN ")!=-1){z=pemtohex(o)}if(z==null){throw new Error("certsubj/certissuer not cert")}var w=new X509();w.hex=z;var s;if(n){s=w.getIssuerHex()}else{s=w.getSubjectHex()}q=new m();q.hTLV=s}else{if(p.uri!==undefined){A="86";q=new e({str:p.uri})}else{if(p.ip!==undefined){A="87";var v;var t=p.ip;try{if(t.match(/^[0-9a-f]+$/)){var r=t.length;if(r==8||r==16||r==32||r==64){v=t}else{throw"err"}}else{v=iptohex(t)}}catch(u){throw new j("malformed IP address: "+p.ip+":"+u.message)}q=new k({hex:v})}else{throw new j("improper params")}}}}}}}}var B=new c({tag:A,explicit:y,obj:q});return B.tohex()};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.GeneralName,KJUR.asn1.ASN1Object);KJUR.asn1.x509.GeneralNames=function(d){KJUR.asn1.x509.GeneralNames.superclass.constructor.call(this);var a=null,c=KJUR,b=c.asn1;this.setByParamArray=function(g){for(var e=0;e<g.length;e++){var f=new b.x509.GeneralName(g[e]);this.asn1Array.push(f)}};this.tohex=function(){var e=new b.DERSequence({array:this.asn1Array});return e.tohex()};this.getEncodedHex=function(){return this.tohex()};this.asn1Array=new Array();if(typeof d!="undefined"){this.setByParamArray(d)}};extendClass(KJUR.asn1.x509.GeneralNames,KJUR.asn1.ASN1Object);KJUR.asn1.x509.OtherName=function(g){KJUR.asn1.x509.OtherName.superclass.constructor.call(this);var f=null,e=null,d=KJUR,c=d.asn1,h=c.DERObjectIdentifier,a=c.DERSequence,b=c.ASN1Util.newObject;this.params=null;this.setByParam=function(i){this.params=i};this.tohex=function(){var k=this.params;if(k.oid==undefined||k.value==undefined){throw new Error("oid or value not specified")}var l=new h({oid:k.oid});var i=b({tag:{tag:"a0",explicit:true,obj:k.value}});var j=new a({array:[l,i]});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!==undefined){this.setByParam(g)}};extendClass(KJUR.asn1.x509.OtherName,KJUR.asn1.ASN1Object);KJUR.asn1.x509.OID=new function(){var a=KJUR.asn1.DERObjectIdentifier;this.name2oidList={sha1:"1.3.14.3.2.26",sha256:"2.16.840.1.101.3.4.2.1",sha384:"2.16.840.1.101.3.4.2.2",sha512:"2.16.840.1.101.3.4.2.3",sha224:"2.16.840.1.101.3.4.2.4",md5:"1.2.840.113549.2.5",md2:"1.3.14.7.2.2.1",ripemd160:"1.3.36.3.2.1",MD2withRSA:"1.2.840.113549.1.1.2",MD4withRSA:"1.2.840.113549.1.1.3",MD5withRSA:"1.2.840.113549.1.1.4",SHA1withRSA:"1.2.840.113549.1.1.5","pkcs1-MGF":"1.2.840.113549.1.1.8",rsaPSS:"1.2.840.113549.1.1.10",SHA224withRSA:"1.2.840.113549.1.1.14",SHA256withRSA:"1.2.840.113549.1.1.11",SHA384withRSA:"1.2.840.113549.1.1.12",SHA512withRSA:"1.2.840.113549.1.1.13",SHA1withECDSA:"1.2.840.10045.4.1",SHA224withECDSA:"1.2.840.10045.4.3.1",SHA256withECDSA:"1.2.840.10045.4.3.2",SHA384withECDSA:"1.2.840.10045.4.3.3",SHA512withECDSA:"1.2.840.10045.4.3.4",dsa:"1.2.840.10040.4.1",SHA1withDSA:"1.2.840.10040.4.3",SHA224withDSA:"2.16.840.1.101.3.4.3.1",SHA256withDSA:"2.16.840.1.101.3.4.3.2",rsaEncryption:"1.2.840.113549.1.1.1",commonName:"2.5.4.3",countryName:"2.5.4.6",localityName:"2.5.4.7",stateOrProvinceName:"2.5.4.8",streetAddress:"2.5.4.9",organizationName:"2.5.4.10",organizationalUnitName:"2.5.4.11",domainComponent:"0.9.2342.19200300.100.1.25",userId:"0.9.2342.19200300.100.1.1",surname:"2.5.4.4",givenName:"2.5.4.42",title:"2.5.4.12",distinguishedName:"2.5.4.49",emailAddress:"1.2.840.113549.1.9.1",description:"2.5.4.13",businessCategory:"2.5.4.15",postalCode:"2.5.4.17",uniqueIdentifier:"2.5.4.45",organizationIdentifier:"2.5.4.97",jurisdictionOfIncorporationL:"1.3.6.1.4.1.311.60.2.1.1",jurisdictionOfIncorporationSP:"1.3.6.1.4.1.311.60.2.1.2",jurisdictionOfIncorporationC:"1.3.6.1.4.1.311.60.2.1.3",subjectDirectoryAttributes:"2.5.29.9",subjectKeyIdentifier:"2.5.29.14",keyUsage:"2.5.29.15",subjectAltName:"2.5.29.17",issuerAltName:"2.5.29.18",basicConstraints:"2.5.29.19",cRLNumber:"2.5.29.20",cRLReason:"2.5.29.21",nameConstraints:"2.5.29.30",cRLDistributionPoints:"2.5.29.31",certificatePolicies:"2.5.29.32",anyPolicy:"2.5.29.32.0",authorityKeyIdentifier:"2.5.29.35",policyConstraints:"2.5.29.36",extKeyUsage:"2.5.29.37",authorityInfoAccess:"1.3.6.1.5.5.7.1.1",ocsp:"1.3.6.1.5.5.7.48.1",ocspBasic:"1.3.6.1.5.5.7.48.1.1",ocspNonce:"1.3.6.1.5.5.7.48.1.2",ocspNoCheck:"1.3.6.1.5.5.7.48.1.5",caIssuers:"1.3.6.1.5.5.7.48.2",anyExtendedKeyUsage:"2.5.29.37.0",serverAuth:"1.3.6.1.5.5.7.3.1",clientAuth:"1.3.6.1.5.5.7.3.2",codeSigning:"1.3.6.1.5.5.7.3.3",emailProtection:"1.3.6.1.5.5.7.3.4",timeStamping:"1.3.6.1.5.5.7.3.8",ocspSigning:"1.3.6.1.5.5.7.3.9",dateOfBirth:"1.3.6.1.5.5.7.9.1",placeOfBirth:"1.3.6.1.5.5.7.9.2",gender:"1.3.6.1.5.5.7.9.3",countryOfCitizenship:"1.3.6.1.5.5.7.9.4",countryOfResidence:"1.3.6.1.5.5.7.9.5",ecPublicKey:"1.2.840.10045.2.1","P-256":"1.2.840.10045.3.1.7",secp256r1:"1.2.840.10045.3.1.7",secp256k1:"1.3.132.0.10",secp384r1:"1.3.132.0.34",secp521r1:"1.3.132.0.35",pkcs5PBES2:"1.2.840.113549.1.5.13",pkcs5PBKDF2:"1.2.840.113549.1.5.12","des-EDE3-CBC":"1.2.840.113549.3.7",data:"1.2.840.113549.1.7.1","signed-data":"1.2.840.113549.1.7.2","enveloped-data":"1.2.840.113549.1.7.3","digested-data":"1.2.840.113549.1.7.5","encrypted-data":"1.2.840.113549.1.7.6","authenticated-data":"1.2.840.113549.1.9.16.1.2",tstinfo:"1.2.840.113549.1.9.16.1.4",signingCertificate:"1.2.840.113549.1.9.16.2.12",timeStampToken:"1.2.840.113549.1.9.16.2.14",signaturePolicyIdentifier:"1.2.840.113549.1.9.16.2.15",etsArchiveTimeStamp:"1.2.840.113549.1.9.16.2.27",signingCertificateV2:"1.2.840.113549.1.9.16.2.47",etsArchiveTimeStampV2:"1.2.840.113549.1.9.16.2.48",extensionRequest:"1.2.840.113549.1.9.14",contentType:"1.2.840.113549.1.9.3",messageDigest:"1.2.840.113549.1.9.4",signingTime:"1.2.840.113549.1.9.5",counterSignature:"1.2.840.113549.1.9.6",archiveTimeStampV3:"0.4.0.1733.2.4",pdfRevocationInfoArchival:"1.2.840.113583.1.1.8",adobeTimeStamp:"1.2.840.113583.1.1.9.1",};this.atype2oidList={CN:"2.5.4.3",L:"2.5.4.7",ST:"2.5.4.8",O:"2.5.4.10",OU:"2.5.4.11",C:"2.5.4.6",STREET:"2.5.4.9",DC:"0.9.2342.19200300.100.1.25",UID:"0.9.2342.19200300.100.1.1",SN:"2.5.4.4",T:"2.5.4.12",DN:"2.5.4.49",E:"1.2.840.113549.1.9.1",description:"2.5.4.13",businessCategory:"2.5.4.15",postalCode:"2.5.4.17",serialNumber:"2.5.4.5",uniqueIdentifier:"2.5.4.45",organizationIdentifier:"2.5.4.97",jurisdictionOfIncorporationL:"1.3.6.1.4.1.311.60.2.1.1",jurisdictionOfIncorporationSP:"1.3.6.1.4.1.311.60.2.1.2",jurisdictionOfIncorporationC:"1.3.6.1.4.1.311.60.2.1.3"};this.objCache={};this.name2obj=function(b){if(typeof this.objCache[b]!="undefined"){return this.objCache[b]}if(typeof this.name2oidList[b]=="undefined"){throw"Name of ObjectIdentifier not defined: "+b}var c=this.name2oidList[b];var d=new a({oid:c});this.objCache[b]=d;return d};this.atype2obj=function(b){if(this.objCache[b]!==undefined){return this.objCache[b]}var c;if(b.match(/^\d+\.\d+\.[0-9.]+$/)){c=b}else{if(this.atype2oidList[b]!==undefined){c=this.atype2oidList[b]}else{if(this.name2oidList[b]!==undefined){c=this.name2oidList[b]}else{throw new Error("AttributeType name undefined: "+b)}}}var d=new a({oid:c});this.objCache[b]=d;return d};this.registerOIDs=function(b){if(!this.checkOIDs(b)){return}for(var c in b){this.name2oidList[c]=b[c]}};this.checkOIDs=function(b){try{var d=Object.keys(b);if(d.length==0){return false}d.map(function(g,e,h){var f=this[g];if(!f.match(/^[0-2]\.[0-9.]+$/)){throw new Error("value is not OID")}},b);return true}catch(c){return false}}};KJUR.asn1.x509.OID.oid2name=function(b){var c=KJUR.asn1.x509.OID.name2oidList;for(var a in c){if(c[a]==b){return a}}return""};KJUR.asn1.x509.OID.oid2atype=function(b){var c=KJUR.asn1.x509.OID.atype2oidList;for(var a in c){if(c[a]==b){return a}}return b};KJUR.asn1.x509.OID.name2oid=function(a){if(a.match(/^[0-9.]+$/)){return a}var b=KJUR.asn1.x509.OID.name2oidList;if(b[a]===undefined){return""}return b[a]};KJUR.asn1.x509.X509Util={};KJUR.asn1.x509.X509Util.newCertPEM=function(e){var d=KJUR.asn1.x509,b=d.TBSCertificate,a=d.Certificate;var c=new a(e);return c.getPEM()};
+if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}if(typeof KJUR.asn1.x509=="undefined"||!KJUR.asn1.x509){KJUR.asn1.x509={}}KJUR.asn1.x509.Certificate=function(h){KJUR.asn1.x509.Certificate.superclass.constructor.call(this);var d=KJUR,c=d.asn1,f=c.DERBitString,b=c.DERSequence,g=c.x509,a=g.TBSCertificate,e=g.AlgorithmIdentifier;this.params=undefined;this.setByParam=function(i){this.params=i};this.sign=function(){var l=this.params;var k=l.sigalg;if(l.sigalg.name!=undefined){k=l.sigalg.name}var i=l.tbsobj.tohex();var j=new KJUR.crypto.Signature({alg:k});j.init(l.cakey);j.updateHex(i);l.sighex=j.sign()};this.getPEM=function(){return hextopem(this.tohex(),"CERTIFICATE")};this.tohex=function(){var k=this.params;if(k.tbsobj==undefined||k.tbsobj==null){k.tbsobj=new a(k)}if(k.sighex==undefined&&k.cakey!=undefined){this.sign()}if(k.sighex==undefined){throw new Error("sighex or cakey parameter not defined")}var i=[];i.push(k.tbsobj);i.push(new e({name:k.sigalg}));i.push(new f({hex:"00"+k.sighex}));var j=new b({array:i});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};if(h!=undefined){this.params=h}};extendClass(KJUR.asn1.x509.Certificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.TBSCertificate=function(f){KJUR.asn1.x509.TBSCertificate.superclass.constructor.call(this);var b=KJUR,i=b.asn1,d=i.x509,c=i.DERTaggedObject,h=i.DERInteger,g=i.DERSequence,l=d.AlgorithmIdentifier,e=d.Time,a=d.X500Name,j=d.Extensions,k=d.SubjectPublicKeyInfo;this.params=null;this.setByParam=function(m){this.params=m};this.tohex=function(){var n=[];var q=this.params;if(q.version!=undefined||q.version!=1){var m=2;if(q.version!=undefined){m=q.version-1}var p=new c({obj:new h({"int":m})});n.push(p)}n.push(new h(q.serial));n.push(new l({name:q.sigalg}));n.push(new a(q.issuer));n.push(new g({array:[new e(q.notbefore),new e(q.notafter)]}));n.push(new a(q.subject));n.push(new k(KEYUTIL.getKey(q.sbjpubkey)));if(q.ext!==undefined&&q.ext.length>0){n.push(new c({tag:"a3",obj:new j(q.ext)}))}var o=new KJUR.asn1.DERSequence({array:n});return o.tohex()};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.TBSCertificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Extensions=function(d){KJUR.asn1.x509.Extensions.superclass.constructor.call(this);var c=KJUR,b=c.asn1,a=b.DERSequence,e=b.x509;this.aParam=[];this.setByParam=function(f){this.aParam=f};this.tohex=function(){var f=[];for(var h=0;h<this.aParam.length;h++){var l=this.aParam[h];var k=l.extname;var j=null;if(l.extn!=undefined){j=new e.PrivateExtension(l)}else{if(k=="subjectKeyIdentifier"){j=new e.SubjectKeyIdentifier(l)}else{if(k=="keyUsage"){j=new e.KeyUsage(l)}else{if(k=="subjectAltName"){j=new e.SubjectAltName(l)}else{if(k=="issuerAltName"){j=new e.IssuerAltName(l)}else{if(k=="basicConstraints"){j=new e.BasicConstraints(l)}else{if(k=="nameConstraints"){j=new e.NameConstraints(l)}else{if(k=="cRLDistributionPoints"){j=new e.CRLDistributionPoints(l)}else{if(k=="certificatePolicies"){j=new e.CertificatePolicies(l)}else{if(k=="authorityKeyIdentifier"){j=new e.AuthorityKeyIdentifier(l)}else{if(k=="extKeyUsage"){j=new e.ExtKeyUsage(l)}else{if(k=="authorityInfoAccess"){j=new e.AuthorityInfoAccess(l)}else{if(k=="cRLNumber"){j=new e.CRLNumber(l)}else{if(k=="cRLReason"){j=new e.CRLReason(l)}else{if(k=="ocspNonce"){j=new e.OCSPNonce(l)}else{if(k=="ocspNoCheck"){j=new e.OCSPNoCheck(l)}else{if(k=="adobeTimeStamp"){j=new e.AdobeTimeStamp(l)}else{if(k=="subjectDirectoryAttributes"){j=new e.SubjectDirectoryAttributes(l)}else{throw new Error("extension not supported:"+JSON.stringify(l))}}}}}}}}}}}}}}}}}}if(j!=null){f.push(j)}}var g=new a({array:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(d!=undefined){this.setByParam(d)}};extendClass(KJUR.asn1.x509.Extensions,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Extension=function(d){KJUR.asn1.x509.Extension.superclass.constructor.call(this);var f=null,a=KJUR,e=a.asn1,h=e.DERObjectIdentifier,i=e.DEROctetString,b=e.DERBitString,g=e.DERBoolean,c=e.DERSequence;this.tohex=function(){var m=new h({oid:this.oid});var l=new i({hex:this.getExtnValueHex()});var k=new Array();k.push(m);if(this.critical){k.push(new g())}k.push(l);var j=new c({array:k});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};this.critical=false;if(d!==undefined){if(d.critical!==undefined){this.critical=d.critical}}};extendClass(KJUR.asn1.x509.Extension,KJUR.asn1.ASN1Object);KJUR.asn1.x509.KeyUsage=function(c){KJUR.asn1.x509.KeyUsage.superclass.constructor.call(this,c);var b=Error;var a={digitalSignature:0,nonRepudiation:1,keyEncipherment:2,dataEncipherment:3,keyAgreement:4,keyCertSign:5,cRLSign:6,encipherOnly:7,decipherOnly:8};this.getExtnValueHex=function(){var d=this.getBinValue();this.asn1ExtnValue=new KJUR.asn1.DERBitString({bin:d});return this.asn1ExtnValue.tohex()};this.getBinValue=function(){var d=this.params;if(typeof d!="object"||(typeof d.names!="object"&&typeof d.bin!="string")){throw new b("parameter not yet set")}if(d.names!=undefined){return namearraytobinstr(d.names,a)}else{if(d.bin!=undefined){return d.bin}else{throw new b("parameter not set properly")}}};this.oid="2.5.29.15";if(c!==undefined){this.params=c}};extendClass(KJUR.asn1.x509.KeyUsage,KJUR.asn1.x509.Extension);KJUR.asn1.x509.BasicConstraints=function(g){KJUR.asn1.x509.BasicConstraints.superclass.constructor.call(this,g);var c=KJUR.asn1,e=c.DERBoolean,f=c.DERInteger,b=c.DERSequence;var a=false;var d=-1;this.getExtnValueHex=function(){var i=new Array();if(this.cA){i.push(new e())}if(this.pathLen>-1){i.push(new f({"int":this.pathLen}))}var h=new b({array:i});this.asn1ExtnValue=h;return this.asn1ExtnValue.tohex()};this.oid="2.5.29.19";this.cA=false;this.pathLen=-1;if(g!==undefined){if(g.cA!==undefined){this.cA=g.cA}if(g.pathLen!==undefined){this.pathLen=g.pathLen}}};extendClass(KJUR.asn1.x509.BasicConstraints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRLDistributionPoints=function(d){KJUR.asn1.x509.CRLDistributionPoints.superclass.constructor.call(this,d);var b=KJUR,a=b.asn1,c=a.x509;this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.setByDPArray=function(e){var f=[];for(var g=0;g<e.length;g++){if(e[g] instanceof KJUR.asn1.ASN1Object){f.push(e[g])}else{var h=new c.DistributionPoint(e[g]);f.push(h)}}this.asn1ExtnValue=new a.DERSequence({array:f})};this.setByOneURI=function(f){var e=new c.DistributionPoint({fulluri:f});this.setByDPArray([e])};this.oid="2.5.29.31";if(d!==undefined){if(d.array!==undefined){this.setByDPArray(d.array)}else{if(d.uri!==undefined){this.setByOneURI(d.uri)}}}};extendClass(KJUR.asn1.x509.CRLDistributionPoints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.DistributionPoint=function(e){KJUR.asn1.x509.DistributionPoint.superclass.constructor.call(this);var a=null,c=KJUR,b=c.asn1,d=b.x509.DistributionPointName;this.tohex=function(){var f=new b.DERSequence();if(this.asn1DP!=null){var g=new b.DERTaggedObject({explicit:true,tag:"a0",obj:this.asn1DP});f.appendASN1Object(g)}this.hTLV=f.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){if(e.dpobj!==undefined){this.asn1DP=e.dpobj}else{if(e.dpname!==undefined){this.asn1DP=new d(e.dpname)}else{if(e.fulluri!==undefined){this.asn1DP=new d({full:[{uri:e.fulluri}]})}}}}};extendClass(KJUR.asn1.x509.DistributionPoint,KJUR.asn1.ASN1Object);KJUR.asn1.x509.DistributionPointName=function(h){KJUR.asn1.x509.DistributionPointName.superclass.constructor.call(this);var g=null,d=null,a=null,f=null,c=KJUR,b=c.asn1,e=b.DERTaggedObject;this.tohex=function(){if(this.type!="full"){throw new Error("currently type shall be 'full': "+this.type)}this.asn1Obj=new e({explicit:false,tag:this.tag,obj:this.asn1V});this.hTLV=this.asn1Obj.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(h!==undefined){if(b.x509.GeneralNames.prototype.isPrototypeOf(h)){this.type="full";this.tag="a0";this.asn1V=h}else{if(h.full!==undefined){this.type="full";this.tag="a0";this.asn1V=new b.x509.GeneralNames(h.full)}else{throw new Error("This class supports GeneralNames only as argument")}}}};extendClass(KJUR.asn1.x509.DistributionPointName,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CertificatePolicies=function(f){KJUR.asn1.x509.CertificatePolicies.superclass.constructor.call(this,f);var c=KJUR,b=c.asn1,e=b.x509,a=b.DERSequence,d=e.PolicyInformation;this.params=null;this.getExtnValueHex=function(){var j=[];for(var h=0;h<this.params.array.length;h++){j.push(new d(this.params.array[h]))}var g=new a({array:j});this.asn1ExtnValue=g;return this.asn1ExtnValue.tohex()};this.oid="2.5.29.32";if(f!==undefined){this.params=f}};extendClass(KJUR.asn1.x509.CertificatePolicies,KJUR.asn1.x509.Extension);KJUR.asn1.x509.PolicyInformation=function(d){KJUR.asn1.x509.PolicyInformation.superclass.constructor.call(this,d);var c=KJUR.asn1,b=c.DERSequence,e=c.DERObjectIdentifier,a=c.x509.PolicyQualifierInfo;this.params=null;this.tohex=function(){if(this.params.policyoid===undefined&&this.params.array===undefined){throw new Error("parameter oid and array missing")}var f=[new e(this.params.policyoid)];if(this.params.array!==undefined){var j=[];for(var h=0;h<this.params.array.length;h++){j.push(new a(this.params.array[h]))}if(j.length>0){f.push(new b({array:j}))}}var g=new b({array:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(d!==undefined){this.params=d}};extendClass(KJUR.asn1.x509.PolicyInformation,KJUR.asn1.ASN1Object);KJUR.asn1.x509.PolicyQualifierInfo=function(e){KJUR.asn1.x509.PolicyQualifierInfo.superclass.constructor.call(this,e);var c=KJUR.asn1,b=c.DERSequence,d=c.DERIA5String,f=c.DERObjectIdentifier,a=c.x509.UserNotice;this.params=null;this.tohex=function(){if(this.params.cps!==undefined){var g=new b({array:[new f({oid:"1.3.6.1.5.5.7.2.1"}),new d({str:this.params.cps})]});return g.tohex()}if(this.params.unotice!=undefined){var g=new b({array:[new f({oid:"1.3.6.1.5.5.7.2.2"}),new a(this.params.unotice)]});return g.tohex()}};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){this.params=e}};extendClass(KJUR.asn1.x509.PolicyQualifierInfo,KJUR.asn1.ASN1Object);KJUR.asn1.x509.UserNotice=function(e){KJUR.asn1.x509.UserNotice.superclass.constructor.call(this,e);var a=KJUR.asn1.DERSequence,d=KJUR.asn1.DERInteger,c=KJUR.asn1.x509.DisplayText,b=KJUR.asn1.x509.NoticeReference;this.params=null;this.tohex=function(){var f=[];if(this.params.noticeref!==undefined){f.push(new b(this.params.noticeref))}if(this.params.exptext!==undefined){f.push(new c(this.params.exptext))}var g=new a({array:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){this.params=e}};extendClass(KJUR.asn1.x509.UserNotice,KJUR.asn1.ASN1Object);KJUR.asn1.x509.NoticeReference=function(d){KJUR.asn1.x509.NoticeReference.superclass.constructor.call(this,d);var a=KJUR.asn1.DERSequence,c=KJUR.asn1.DERInteger,b=KJUR.asn1.x509.DisplayText;this.params=null;this.tohex=function(){var f=[];if(this.params.org!==undefined){f.push(new b(this.params.org))}if(this.params.noticenum!==undefined){var h=[];var e=this.params.noticenum;for(var j=0;j<e.length;j++){h.push(new c(e[j]))}f.push(new a({array:h}))}if(f.length==0){throw new Error("parameter is empty")}var g=new a({array:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(d!==undefined){this.params=d}};extendClass(KJUR.asn1.x509.NoticeReference,KJUR.asn1.ASN1Object);KJUR.asn1.x509.DisplayText=function(a){KJUR.asn1.x509.DisplayText.superclass.constructor.call(this,a);this.hT="0c";if(a!==undefined){if(a.type==="ia5"){this.hT="16"}else{if(a.type==="vis"){this.hT="1a"}else{if(a.type==="bmp"){this.hT="1e"}}}}};extendClass(KJUR.asn1.x509.DisplayText,KJUR.asn1.DERAbstractString);KJUR.asn1.x509.NameConstraints=function(f){KJUR.asn1.x509.NameConstraints.superclass.constructor.call(this,f);var c=KJUR,b=c.asn1,e=b.x509,a=b.ASN1Util.newObject,d=e.GeneralSubtree;this.params=null;this.getExtnValueHex=function(){var l=this.params;var g=[];if(l.permit!=undefined&&l.permit.length!=undefined){var k=[];for(var h=0;h<l.permit.length;h++){k.push(new d(l.permit[h]))}g.push({tag:{tagi:"a0",obj:{seq:k}}})}if(l.exclude!=undefined&&l.exclude.length!=undefined){var j=[];for(var h=0;h<l.exclude.length;h++){j.push(new d(l.exclude[h]))}g.push({tag:{tagi:"a1",obj:{seq:j}}})}this.asn1ExtnValue=a({seq:g});return this.asn1ExtnValue.tohex()};this.oid="2.5.29.30";if(f!==undefined){this.params=f}};extendClass(KJUR.asn1.x509.NameConstraints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.GeneralSubtree=function(e){KJUR.asn1.x509.GeneralSubtree.superclass.constructor.call(this);var b=KJUR.asn1,d=b.x509,c=d.GeneralName,a=b.ASN1Util.newObject;this.params=null;this.setByParam=function(f){this.params=f};this.tohex=function(){var h=this.params;var f=[new c(h)];if(h.min!=undefined){f.push({tag:{tagi:"80",obj:{"int":h.min}}})}if(h.max!=undefined){f.push({tag:{tagi:"81",obj:{"int":h.max}}})}var g=a({seq:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){this.setByParam(e)}};extendClass(KJUR.asn1.x509.GeneralSubtree,KJUR.asn1.ASN1Object);KJUR.asn1.x509.ExtKeyUsage=function(c){KJUR.asn1.x509.ExtKeyUsage.superclass.constructor.call(this,c);var b=KJUR,a=b.asn1;this.setPurposeArray=function(d){this.asn1ExtnValue=new a.DERSequence();for(var e=0;e<d.length;e++){var f=new a.DERObjectIdentifier(d[e]);this.asn1ExtnValue.appendASN1Object(f)}};this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.oid="2.5.29.37";if(c!==undefined){if(c.array!==undefined){this.setPurposeArray(c.array)}}};extendClass(KJUR.asn1.x509.ExtKeyUsage,KJUR.asn1.x509.Extension);KJUR.asn1.x509.AuthorityKeyIdentifier=function(f){KJUR.asn1.x509.AuthorityKeyIdentifier.superclass.constructor.call(this,f);var b=KJUR,a=b.asn1,d=a.DERTaggedObject,e=a.x509.GeneralNames,c=b.crypto.Util.isKey;this.asn1KID=null;this.asn1CertIssuer=null;this.asn1CertSN=null;this.getExtnValueHex=function(){var h=new Array();if(this.asn1KID){h.push(new d({explicit:false,tag:"80",obj:this.asn1KID}))}if(this.asn1CertIssuer){h.push(new d({explicit:false,tag:"a1",obj:new e([{dn:this.asn1CertIssuer}])}))}if(this.asn1CertSN){h.push(new d({explicit:false,tag:"82",obj:this.asn1CertSN}))}var g=new a.DERSequence({array:h});this.asn1ExtnValue=g;return this.asn1ExtnValue.tohex()};this.setKIDByParam=function(i){if(i.str!==undefined||i.hex!==undefined){this.asn1KID=new KJUR.asn1.DEROctetString(i)}else{if((typeof i==="object"&&KJUR.crypto.Util.isKey(i))||(typeof i==="string"&&i.indexOf("BEGIN ")!=-1)){var h=i;if(typeof i==="string"){h=KEYUTIL.getKey(i)}var g=KEYUTIL.getKeyID(h);this.asn1KID=new KJUR.asn1.DEROctetString({hex:g})}}};this.setCertIssuerByParam=function(g){if(g.str!==undefined||g.ldapstr!==undefined||g.hex!==undefined||g.certsubject!==undefined||g.certissuer!==undefined){this.asn1CertIssuer=new KJUR.asn1.x509.X500Name(g)}else{if(typeof g==="string"&&g.indexOf("BEGIN ")!=-1&&g.indexOf("CERTIFICATE")!=-1){this.asn1CertIssuer=new KJUR.asn1.x509.X500Name({certissuer:g})}}};this.setCertSNByParam=function(i){if(i.str!==undefined||i.bigint!==undefined||i.hex!==undefined){this.asn1CertSN=new KJUR.asn1.DERInteger(i)}else{if(typeof i==="string"&&i.indexOf("BEGIN ")!=-1&&i.indexOf("CERTIFICATE")){var g=new X509();g.readCertPEM(i);var h=g.getSerialNumberHex();this.asn1CertSN=new KJUR.asn1.DERInteger({hex:h})}}};this.oid="2.5.29.35";if(f!==undefined){if(f.kid!==undefined){this.setKIDByParam(f.kid)}if(f.issuer!==undefined){this.setCertIssuerByParam(f.issuer)}if(f.sn!==undefined){this.setCertSNByParam(f.sn)}if(f.issuersn!==undefined&&typeof f.issuersn==="string"&&f.issuersn.indexOf("BEGIN ")!=-1&&f.issuersn.indexOf("CERTIFICATE")){this.setCertSNByParam(f.issuersn);this.setCertIssuerByParam(f.issuersn)}}};extendClass(KJUR.asn1.x509.AuthorityKeyIdentifier,KJUR.asn1.x509.Extension);KJUR.asn1.x509.SubjectKeyIdentifier=function(d){KJUR.asn1.x509.SubjectKeyIdentifier.superclass.constructor.call(this,d);var b=KJUR,a=b.asn1,c=a.DEROctetString;this.asn1KID=null;this.getExtnValueHex=function(){this.asn1ExtnValue=this.asn1KID;return this.asn1ExtnValue.tohex()};this.setKIDByParam=function(g){if(g.str!==undefined||g.hex!==undefined){this.asn1KID=new c(g)}else{if((typeof g==="object"&&KJUR.crypto.Util.isKey(g))||(typeof g==="string"&&g.indexOf("BEGIN")!=-1)){var f=g;if(typeof g==="string"){f=KEYUTIL.getKey(g)}var e=KEYUTIL.getKeyID(f);this.asn1KID=new KJUR.asn1.DEROctetString({hex:e})}}};this.oid="2.5.29.14";if(d!==undefined){if(d.kid!==undefined){this.setKIDByParam(d.kid)}}};extendClass(KJUR.asn1.x509.SubjectKeyIdentifier,KJUR.asn1.x509.Extension);KJUR.asn1.x509.AuthorityInfoAccess=function(a){KJUR.asn1.x509.AuthorityInfoAccess.superclass.constructor.call(this,a);this.setAccessDescriptionArray=function(k){var d=new Array(),b=KJUR,g=b.asn1,c=g.DERSequence,j=g.DERObjectIdentifier,l=g.x509.GeneralName;for(var f=0;f<k.length;f++){var e;var h=k[f];if(h.ocsp!==undefined){e=new c({array:[new j({oid:"1.3.6.1.5.5.7.48.1"}),new l({uri:h.ocsp})]})}else{if(h.caissuer!==undefined){e=new c({array:[new j({oid:"1.3.6.1.5.5.7.48.2"}),new l({uri:h.caissuer})]})}else{throw new Error("unknown AccessMethod parameter: "+JSON.stringify(h))}}d.push(e)}this.asn1ExtnValue=new c({array:d})};this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.oid="1.3.6.1.5.5.7.1.1";if(a!==undefined){if(a.array!==undefined){this.setAccessDescriptionArray(a.array)}}};extendClass(KJUR.asn1.x509.AuthorityInfoAccess,KJUR.asn1.x509.Extension);KJUR.asn1.x509.SubjectAltName=function(a){KJUR.asn1.x509.SubjectAltName.superclass.constructor.call(this,a);this.setNameArray=function(b){this.asn1ExtnValue=new KJUR.asn1.x509.GeneralNames(b)};this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.oid="2.5.29.17";if(a!==undefined){if(a.array!==undefined){this.setNameArray(a.array)}}};extendClass(KJUR.asn1.x509.SubjectAltName,KJUR.asn1.x509.Extension);KJUR.asn1.x509.IssuerAltName=function(a){KJUR.asn1.x509.IssuerAltName.superclass.constructor.call(this,a);this.setNameArray=function(b){this.asn1ExtnValue=new KJUR.asn1.x509.GeneralNames(b)};this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.oid="2.5.29.18";if(a!==undefined){if(a.array!==undefined){this.setNameArray(a.array)}}};extendClass(KJUR.asn1.x509.IssuerAltName,KJUR.asn1.x509.Extension);KJUR.asn1.x509.SubjectDirectoryAttributes=function(e){KJUR.asn1.x509.SubjectDirectoryAttributes.superclass.constructor.call(this,e);var c=KJUR.asn1,a=c.DERSequence,b=c.ASN1Util.newObject,d=c.x509.OID.name2oid;this.params=null;this.getExtnValueHex=function(){var f=[];for(var j=0;j<this.params.array.length;j++){var k=this.params.array[j];var h={seq:[{oid:"1.2.3.4"},{set:[{utf8str:"DE"}]}]};if(k.attr=="dateOfBirth"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={gentime:k.str}}else{if(k.attr=="placeOfBirth"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={utf8str:k.str}}else{if(k.attr=="gender"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={prnstr:k.str}}else{if(k.attr=="countryOfCitizenship"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={prnstr:k.str}}else{if(k.attr=="countryOfResidence"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={prnstr:k.str}}else{throw new Error("unsupported attribute: "+k.attr)}}}}}f.push(new b(h))}var g=new a({array:f});this.asn1ExtnValue=g;return this.asn1ExtnValue.tohex()};this.oid="2.5.29.9";if(e!==undefined){this.params=e}};extendClass(KJUR.asn1.x509.SubjectDirectoryAttributes,KJUR.asn1.x509.Extension);KJUR.asn1.x509.PrivateExtension=function(f){KJUR.asn1.x509.PrivateExtension.superclass.constructor.call(this,f);var c=KJUR,e=c.lang.String.isHex,b=c.asn1,d=b.x509.OID.name2oid,a=b.ASN1Util.newObject;this.params=null;this.setByParam=function(g){this.oid=d(g.extname);this.params=g};this.getExtnValueHex=function(){if(this.params.extname==undefined||this.params.extn==undefined){throw new Error("extname or extnhex not specified")}var h=this.params.extn;if(typeof h=="string"&&e(h)){return h}else{if(typeof h=="object"){try{return a(h).tohex()}catch(g){}}}throw new Error("unsupported extn value")};if(f!=undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.PrivateExtension,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRL=function(g){KJUR.asn1.x509.CRL.superclass.constructor.call(this);var c=KJUR,b=c.asn1,a=b.DERSequence,e=b.DERBitString,f=b.x509,d=f.AlgorithmIdentifier,h=f.TBSCertList;this.params=undefined;this.setByParam=function(i){this.params=i};this.sign=function(){var j=(new h(this.params)).tohex();var k=new KJUR.crypto.Signature({alg:this.params.sigalg});k.init(this.params.cakey);k.updateHex(j);var i=k.sign();this.params.sighex=i};this.getPEM=function(){return hextopem(this.tohex(),"X509 CRL")};this.tohex=function(){var k=this.params;if(k.tbsobj==undefined){k.tbsobj=new h(k)}if(k.sighex==undefined&&k.cakey!=undefined){this.sign()}if(k.sighex==undefined){throw new Error("sighex or cakey parameter not defined")}var i=[];i.push(k.tbsobj);i.push(new d({name:k.sigalg}));i.push(new e({hex:"00"+k.sighex}));var j=new a({array:i});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!=undefined){this.params=g}};extendClass(KJUR.asn1.x509.CRL,KJUR.asn1.ASN1Object);KJUR.asn1.x509.TBSCertList=function(f){KJUR.asn1.x509.TBSCertList.superclass.constructor.call(this);var b=KJUR,i=b.asn1,h=i.DERInteger,g=i.DERSequence,c=i.DERTaggedObject,k=i.DERObjectIdentifier,d=i.x509,l=d.AlgorithmIdentifier,e=d.Time,j=d.Extensions,a=d.X500Name;this.params=null;this.setByParam=function(m){this.params=m};this.getRevCertSequence=function(){var m=[];var n=this.params.revcert;for(var o=0;o<n.length;o++){var p=[new h(n[o].sn),new e(n[o].date)];if(n[o].ext!=undefined){p.push(new j(n[o].ext))}m.push(new g({array:p}))}return new g({array:m})};this.tohex=function(){var n=[];var r=this.params;if(r.version!=undefined){var m=r.version-1;var p=new h({"int":m});n.push(p)}n.push(new l({name:r.sigalg}));n.push(new a(r.issuer));n.push(new e(r.thisupdate));if(r.nextupdate!=undefined){n.push(new e(r.nextupdate))}if(r.revcert!=undefined){n.push(this.getRevCertSequence())}if(r.ext!=undefined){var q=new j(r.ext);n.push(new c({tag:"a0",explicit:true,obj:q}))}var o=new g({array:n});return o.tohex()};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.TBSCertList,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CRLEntry=function(e){KJUR.asn1.x509.CRLEntry.superclass.constructor.call(this);var d=null,c=null,b=KJUR,a=b.asn1;this.setCertSerial=function(f){this.sn=new a.DERInteger(f)};this.setRevocationDate=function(f){this.time=new a.x509.Time(f)};this.tohex=function(){var f=new a.DERSequence({array:[this.sn,this.time]});this.TLV=f.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){if(e.time!==undefined){this.setRevocationDate(e.time)}if(e.sn!==undefined){this.setCertSerial(e.sn)}}};extendClass(KJUR.asn1.x509.CRLEntry,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CRLNumber=function(a){KJUR.asn1.x509.CRLNumber.superclass.constructor.call(this,a);this.params=undefined;this.getExtnValueHex=function(){this.asn1ExtnValue=new KJUR.asn1.DERInteger(this.params.num);return this.asn1ExtnValue.tohex()};this.oid="2.5.29.20";if(a!=undefined){this.params=a}};extendClass(KJUR.asn1.x509.CRLNumber,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRLReason=function(a){KJUR.asn1.x509.CRLReason.superclass.constructor.call(this,a);this.params=undefined;this.getExtnValueHex=function(){this.asn1ExtnValue=new KJUR.asn1.DEREnumerated(this.params.code);return this.asn1ExtnValue.tohex()};this.oid="2.5.29.21";if(a!=undefined){this.params=a}};extendClass(KJUR.asn1.x509.CRLReason,KJUR.asn1.x509.Extension);KJUR.asn1.x509.OCSPNonce=function(a){KJUR.asn1.x509.OCSPNonce.superclass.constructor.call(this,a);this.params=undefined;this.getExtnValueHex=function(){this.asn1ExtnValue=new KJUR.asn1.DEROctetString(this.params);return this.asn1ExtnValue.tohex()};this.oid="1.3.6.1.5.5.7.48.1.2";if(a!=undefined){this.params=a}};extendClass(KJUR.asn1.x509.OCSPNonce,KJUR.asn1.x509.Extension);KJUR.asn1.x509.OCSPNoCheck=function(a){KJUR.asn1.x509.OCSPNoCheck.superclass.constructor.call(this,a);this.params=undefined;this.getExtnValueHex=function(){this.asn1ExtnValue=new KJUR.asn1.DERNull();return this.asn1ExtnValue.tohex()};this.oid="1.3.6.1.5.5.7.48.1.5";if(a!=undefined){this.params=a}};extendClass(KJUR.asn1.x509.OCSPNoCheck,KJUR.asn1.x509.Extension);KJUR.asn1.x509.AdobeTimeStamp=function(g){KJUR.asn1.x509.AdobeTimeStamp.superclass.constructor.call(this,g);var c=KJUR,b=c.asn1,f=b.DERInteger,d=b.DERBoolean,a=b.DERSequence,e=b.x509.GeneralName;this.params=null;this.getExtnValueHex=function(){var i=this.params;var h=[new f(1)];h.push(new e({uri:i.uri}));if(i.reqauth!=undefined){h.push(new d(i.reqauth))}this.asn1ExtnValue=new a({array:h});return this.asn1ExtnValue.tohex()};this.oid="1.2.840.113583.1.1.9.1";if(g!==undefined){this.setByParam(g)}};extendClass(KJUR.asn1.x509.AdobeTimeStamp,KJUR.asn1.x509.Extension);KJUR.asn1.x509.X500Name=function(f){KJUR.asn1.x509.X500Name.superclass.constructor.call(this);this.asn1Array=[];this.paramArray=[];this.sRule="utf8";var c=KJUR,b=c.asn1,e=b.x509,d=e.RDN,a=pemtohex;this.setByString=function(g,l){if(l!==undefined){this.sRule=l}var k=g.split("/");k.shift();var j=[];for(var m=0;m<k.length;m++){if(k[m].match(/^[^=]+=.+$/)){j.push(k[m])}else{var h=j.length-1;j[h]=j[h]+"/"+k[m]}}for(var m=0;m<j.length;m++){this.asn1Array.push(new d({str:j[m],rule:this.sRule}))}};this.setByLdapString=function(g,h){if(h!==undefined){this.sRule=h}var i=e.X500Name.ldapToCompat(g);this.setByString(i,h)};this.setByObject=function(j,i){if(i!==undefined){this.sRule=i}for(var g in j){if(j.hasOwnProperty(g)){var h=new d({str:g+"="+j[g],rule:this.sRule});this.asn1Array?this.asn1Array.push(h):this.asn1Array=[h]}}};this.setByParam=function(h){if(h.rule!==undefined){this.sRule=h.rule}if(h.array!==undefined){this.paramArray=h.array}else{if(h.str!==undefined){this.setByString(h.str)}else{if(h.ldapstr!==undefined){this.setByLdapString(h.ldapstr)}else{if(h.hex!==undefined){this.hTLV=h.hex}else{if(h.certissuer!==undefined){var g=new X509();g.readCertPEM(h.certissuer);this.hTLV=g.getIssuerHex()}else{if(h.certsubject!==undefined){var g=new X509();g.readCertPEM(h.certsubject);this.hTLV=g.getSubjectHex()}else{if(typeof h==="object"&&h.certsubject===undefined&&h.certissuer===undefined){this.setByObject(h)}}}}}}}};this.tohex=function(){if(typeof this.hTLV=="string"){return this.hTLV}if(this.asn1Array.length==0&&this.paramArray.length>0){for(var g=0;g<this.paramArray.length;g++){var k={array:this.paramArray[g]};if(this.sRule!="utf8"){k.rule=this.sRule}var h=new d(k);this.asn1Array.push(h)}}var j=new b.DERSequence({array:this.asn1Array});this.hTLV=j.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.X500Name,KJUR.asn1.ASN1Object);KJUR.asn1.x509.X500Name.compatToLDAP=function(d){if(d.substr(0,1)!=="/"){throw"malformed input"}var b="";d=d.substr(1);var c=d.split("/");c.reverse();c=c.map(function(a){return a.replace(/,/,"\\,")});return c.join(",")};KJUR.asn1.x509.X500Name.onelineToLDAP=function(a){return KJUR.asn1.x509.X500Name.compatToLDAP(a)};KJUR.asn1.x509.X500Name.ldapToCompat=function(g){var c=g.split(",");var e=false;var b=[];for(var f=0;c.length>0;f++){var h=c.shift();if(e===true){var d=b.pop();var j=(d+","+h).replace(/\\,/g,",");b.push(j);e=false}else{b.push(h)}if(h.substr(-1,1)==="\\"){e=true}}b=b.map(function(a){return a.replace("/","\\/")});b.reverse();return"/"+b.join("/")};KJUR.asn1.x509.X500Name.ldapToOneline=function(a){return KJUR.asn1.x509.X500Name.ldapToCompat(a)};KJUR.asn1.x509.RDN=function(b){KJUR.asn1.x509.RDN.superclass.constructor.call(this);this.asn1Array=[];this.paramArray=[];this.sRule="utf8";var a=KJUR.asn1.x509.AttributeTypeAndValue;this.setByParam=function(c){if(c.rule!==undefined){this.sRule=c.rule}if(c.str!==undefined){this.addByMultiValuedString(c.str)}if(c.array!==undefined){this.paramArray=c.array}};this.addByString=function(c){this.asn1Array.push(new KJUR.asn1.x509.AttributeTypeAndValue({str:c,rule:this.sRule}))};this.addByMultiValuedString=function(e){var c=KJUR.asn1.x509.RDN.parseString(e);for(var d=0;d<c.length;d++){this.addByString(c[d])}};this.tohex=function(){if(this.asn1Array.length==0&&this.paramArray.length>0){for(var d=0;d<this.paramArray.length;d++){var f=this.paramArray[d];if(f.rule!==undefined&&this.sRule!="utf8"){f.rule=this.sRule}var c=new a(f);this.asn1Array.push(c)}}var e=new KJUR.asn1.DERSet({array:this.asn1Array});this.TLV=e.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};if(b!==undefined){this.setByParam(b)}};extendClass(KJUR.asn1.x509.RDN,KJUR.asn1.ASN1Object);KJUR.asn1.x509.RDN.parseString=function(m){var j=m.split(/\+/);var h=false;var c=[];for(var g=0;j.length>0;g++){var k=j.shift();if(h===true){var f=c.pop();var d=(f+"+"+k).replace(/\\\+/g,"+");c.push(d);h=false}else{c.push(k)}if(k.substr(-1,1)==="\\"){h=true}}var l=false;var b=[];for(var g=0;c.length>0;g++){var k=c.shift();if(l===true){var e=b.pop();if(k.match(/"$/)){var d=(e+"+"+k).replace(/^([^=]+)="(.*)"$/,"$1=$2");b.push(d);l=false}else{b.push(e+"+"+k)}}else{b.push(k)}if(k.match(/^[^=]+="/)){l=true}}return b};KJUR.asn1.x509.AttributeTypeAndValue=function(c){KJUR.asn1.x509.AttributeTypeAndValue.superclass.constructor.call(this);this.sRule="utf8";this.sType=null;this.sValue=null;this.dsType=null;var a=KJUR,g=a.asn1,d=g.DERSequence,l=g.DERUTF8String,i=g.DERPrintableString,h=g.DERTeletexString,b=g.DERIA5String,e=g.DERVisibleString,k=g.DERBMPString,f=a.lang.String.isMail,j=a.lang.String.isPrintable;this.setByParam=function(o){if(o.rule!==undefined){this.sRule=o.rule}if(o.ds!==undefined){this.dsType=o.ds}if(o.value===undefined&&o.str!==undefined){var n=o.str;var m=n.match(/^([^=]+)=(.+)$/);if(m){this.sType=m[1];this.sValue=m[2]}else{throw new Error("malformed attrTypeAndValueStr: "+attrTypeAndValueStr)}}else{this.sType=o.type;this.sValue=o.value}};this.setByString=function(n,o){if(o!==undefined){this.sRule=o}var m=n.match(/^([^=]+)=(.+)$/);if(m){this.setByAttrTypeAndValueStr(m[1],m[2])}else{throw new Error("malformed attrTypeAndValueStr: "+attrTypeAndValueStr)}};this._getDsType=function(){var o=this.sType;var n=this.sValue;var m=this.sRule;if(m==="prn"){if(o=="CN"&&f(n)){return"ia5"}if(j(n)){return"prn"}return"utf8"}else{if(m==="utf8"){if(o=="CN"&&f(n)){return"ia5"}if(o=="C"){return"prn"}return"utf8"}}return"utf8"};this.setByAttrTypeAndValueStr=function(o,n,m){if(m!==undefined){this.sRule=m}this.sType=o;this.sValue=n};this.getValueObj=function(n,m){if(n=="utf8"){return new l({str:m})}if(n=="prn"){return new i({str:m})}if(n=="tel"){return new h({str:m})}if(n=="ia5"){return new b({str:m})}if(n=="vis"){return new e({str:m})}if(n=="bmp"){return new k({str:m})}throw new Error("unsupported directory string type: type="+n+" value="+m)};this.tohex=function(){if(this.dsType==null){this.dsType=this._getDsType()}var n=KJUR.asn1.x509.OID.atype2obj(this.sType);var m=this.getValueObj(this.dsType,this.sValue);var p=new d({array:[n,m]});this.TLV=p.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};if(c!==undefined){this.setByParam(c)}};extendClass(KJUR.asn1.x509.AttributeTypeAndValue,KJUR.asn1.ASN1Object);KJUR.asn1.x509.SubjectPublicKeyInfo=function(f){KJUR.asn1.x509.SubjectPublicKeyInfo.superclass.constructor.call(this);var l=null,k=null,a=KJUR,j=a.asn1,i=j.DERInteger,b=j.DERBitString,m=j.DERObjectIdentifier,e=j.DERSequence,h=j.ASN1Util.newObject,d=j.x509,o=d.AlgorithmIdentifier,g=a.crypto,n=g.ECDSA,c=g.DSA;this.getASN1Object=function(){if(this.asn1AlgId==null||this.asn1SubjPKey==null){throw"algId and/or subjPubKey not set"}var p=new e({array:[this.asn1AlgId,this.asn1SubjPKey]});return p};this.tohex=function(){var p=this.getASN1Object();this.hTLV=p.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};this.setPubKey=function(q){try{if(q instanceof RSAKey){var u=h({seq:[{"int":{bigint:q.n}},{"int":{"int":q.e}}]});var s=u.tohex();this.asn1AlgId=new o({name:"rsaEncryption"});this.asn1SubjPKey=new b({hex:"00"+s})}}catch(p){}try{if(q instanceof KJUR.crypto.ECDSA){var r=new m({name:q.curveName});this.asn1AlgId=new o({name:"ecPublicKey",asn1params:r});this.asn1SubjPKey=new b({hex:"00"+q.pubKeyHex})}}catch(p){}try{if(q instanceof KJUR.crypto.DSA){var r=new h({seq:[{"int":{bigint:q.p}},{"int":{bigint:q.q}},{"int":{bigint:q.g}}]});this.asn1AlgId=new o({name:"dsa",asn1params:r});var t=new i({bigint:q.y});this.asn1SubjPKey=new b({hex:"00"+t.tohex()})}}catch(p){}};if(f!==undefined){this.setPubKey(f)}};extendClass(KJUR.asn1.x509.SubjectPublicKeyInfo,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Time=function(f){KJUR.asn1.x509.Time.superclass.constructor.call(this);var e=null,a=null,d=KJUR,c=d.asn1,b=c.DERUTCTime,g=c.DERGeneralizedTime;this.params=null;this.type=null;this.setTimeParams=function(h){this.timeParams=h};this.setByParam=function(h){this.params=h};this.getType=function(h){if(h.match(/^[0-9]{12}Z$/)){return"utc"}if(h.match(/^[0-9]{14}Z$/)){return"gen"}if(h.match(/^[0-9]{12}\.[0-9]+Z$/)){return"utc"}if(h.match(/^[0-9]{14}\.[0-9]+Z$/)){return"gen"}return null};this.tohex=function(){var i=this.params;var h=null;if(typeof i=="string"){i={str:i}}if(i!=null&&i.str&&(i.type==null||i.type==undefined)){i.type=this.getType(i.str)}if(i!=null&&i.str){if(i.type=="utc"){h=new b(i.str)}if(i.type=="gen"){h=new g(i.str)}}else{if(this.type=="gen"){h=new g()}else{h=new b()}}if(h==null){throw new Error("wrong setting for Time")}this.TLV=h.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};if(f!=undefined){this.setByParam(f)}};KJUR.asn1.x509.Time_bak=function(f){KJUR.asn1.x509.Time_bak.superclass.constructor.call(this);var e=null,a=null,d=KJUR,c=d.asn1,b=c.DERUTCTime,g=c.DERGeneralizedTime;this.setTimeParams=function(h){this.timeParams=h};this.tohex=function(){var h=null;if(this.timeParams!=null){if(this.type=="utc"){h=new b(this.timeParams)}else{h=new g(this.timeParams)}}else{if(this.type=="utc"){h=new b()}else{h=new g()}}this.TLV=h.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};this.type="utc";if(f!==undefined){if(f.type!==undefined){this.type=f.type}else{if(f.str!==undefined){if(f.str.match(/^[0-9]{12}Z$/)){this.type="utc"}if(f.str.match(/^[0-9]{14}Z$/)){this.type="gen"}}}this.timeParams=f}};extendClass(KJUR.asn1.x509.Time,KJUR.asn1.ASN1Object);KJUR.asn1.x509.AlgorithmIdentifier=function(e){KJUR.asn1.x509.AlgorithmIdentifier.superclass.constructor.call(this);this.nameAlg=null;this.asn1Alg=null;this.asn1Params=null;this.paramEmpty=false;var b=KJUR,a=b.asn1,c=a.x509.AlgorithmIdentifier.PSSNAME2ASN1TLV;this.tohex=function(){if(this.nameAlg===null&&this.asn1Alg===null){throw new Error("algorithm not specified")}if(this.nameAlg!==null){var f=null;for(var h in c){if(h===this.nameAlg){f=c[h]}}if(f!==null){this.hTLV=f;return this.hTLV}}if(this.nameAlg!==null&&this.asn1Alg===null){this.asn1Alg=a.x509.OID.name2obj(this.nameAlg)}var g=[this.asn1Alg];if(this.asn1Params!==null){g.push(this.asn1Params)}var i=new a.DERSequence({array:g});this.hTLV=i.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){if(e.name!==undefined){this.nameAlg=e.name}if(e.asn1params!==undefined){this.asn1Params=e.asn1params}if(e.paramempty!==undefined){this.paramEmpty=e.paramempty}}if(this.asn1Params===null&&this.paramEmpty===false&&this.nameAlg!==null){if(this.nameAlg.name!==undefined){this.nameAlg=this.nameAlg.name}var d=this.nameAlg.toLowerCase();if(d.substr(-7,7)!=="withdsa"&&d.substr(-9,9)!=="withecdsa"){this.asn1Params=new a.DERNull()}}};extendClass(KJUR.asn1.x509.AlgorithmIdentifier,KJUR.asn1.ASN1Object);KJUR.asn1.x509.AlgorithmIdentifier.PSSNAME2ASN1TLV={SHAwithRSAandMGF1:"300d06092a864886f70d01010a3000",SHA256withRSAandMGF1:"303d06092a864886f70d01010a3030a00d300b0609608648016503040201a11a301806092a864886f70d010108300b0609608648016503040201a203020120",SHA384withRSAandMGF1:"303d06092a864886f70d01010a3030a00d300b0609608648016503040202a11a301806092a864886f70d010108300b0609608648016503040202a203020130",SHA512withRSAandMGF1:"303d06092a864886f70d01010a3030a00d300b0609608648016503040203a11a301806092a864886f70d010108300b0609608648016503040203a203020140"};KJUR.asn1.x509.GeneralName=function(f){KJUR.asn1.x509.GeneralName.superclass.constructor.call(this);var l={rfc822:"81",dns:"82",dn:"a4",uri:"86",ip:"87",otherName:"a0"},b=KJUR,h=b.asn1,d=h.x509,a=d.X500Name,g=d.OtherName,e=h.DERIA5String,i=h.DERPrintableString,k=h.DEROctetString,c=h.DERTaggedObject,m=h.ASN1Object,j=Error;this.params=null;this.setByParam=function(n){this.params=n};this.tohex=function(){var p=this.params;var A,y,q;var y=false;if(p.other!==undefined){A="a0",q=new g(p.other)}else{if(p.rfc822!==undefined){A="81";q=new e({str:p.rfc822})}else{if(p.dns!==undefined){A="82";q=new e({str:p.dns})}else{if(p.dn!==undefined){A="a4";y=true;if(typeof p.dn==="string"){q=new a({str:p.dn})}else{if(p.dn instanceof KJUR.asn1.x509.X500Name){q=p.dn}else{q=new a(p.dn)}}}else{if(p.ldapdn!==undefined){A="a4";y=true;q=new a({ldapstr:p.ldapdn})}else{if(p.certissuer!==undefined||p.certsubj!==undefined){A="a4";y=true;var n,o;var z=null;if(p.certsubj!==undefined){n=false;o=p.certsubj}else{n=true;o=p.certissuer}if(o.match(/^[0-9A-Fa-f]+$/)){z==o}if(o.indexOf("-----BEGIN ")!=-1){z=pemtohex(o)}if(z==null){throw new Error("certsubj/certissuer not cert")}var w=new X509();w.hex=z;var s;if(n){s=w.getIssuerHex()}else{s=w.getSubjectHex()}q=new m();q.hTLV=s}else{if(p.uri!==undefined){A="86";q=new e({str:p.uri})}else{if(p.ip!==undefined){A="87";var v;var t=p.ip;try{if(t.match(/^[0-9a-f]+$/)){var r=t.length;if(r==8||r==16||r==32||r==64){v=t}else{throw"err"}}else{v=iptohex(t)}}catch(u){throw new j("malformed IP address: "+p.ip+":"+u.message)}q=new k({hex:v})}else{throw new j("improper params")}}}}}}}}var B=new c({tag:A,explicit:y,obj:q});return B.tohex()};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.GeneralName,KJUR.asn1.ASN1Object);KJUR.asn1.x509.GeneralNames=function(d){KJUR.asn1.x509.GeneralNames.superclass.constructor.call(this);var a=null,c=KJUR,b=c.asn1;this.setByParamArray=function(g){for(var e=0;e<g.length;e++){var f=new b.x509.GeneralName(g[e]);this.asn1Array.push(f)}};this.tohex=function(){var e=new b.DERSequence({array:this.asn1Array});return e.tohex()};this.getEncodedHex=function(){return this.tohex()};this.asn1Array=new Array();if(typeof d!="undefined"){this.setByParamArray(d)}};extendClass(KJUR.asn1.x509.GeneralNames,KJUR.asn1.ASN1Object);KJUR.asn1.x509.OtherName=function(g){KJUR.asn1.x509.OtherName.superclass.constructor.call(this);var f=null,e=null,d=KJUR,c=d.asn1,h=c.DERObjectIdentifier,a=c.DERSequence,b=c.ASN1Util.newObject;this.params=null;this.setByParam=function(i){this.params=i};this.tohex=function(){var k=this.params;if(k.oid==undefined||k.value==undefined){throw new Error("oid or value not specified")}var l=new h({oid:k.oid});var i=b({tag:{tag:"a0",explicit:true,obj:k.value}});var j=new a({array:[l,i]});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!==undefined){this.setByParam(g)}};extendClass(KJUR.asn1.x509.OtherName,KJUR.asn1.ASN1Object);KJUR.asn1.x509.OID=new function(){var a=KJUR.asn1.DERObjectIdentifier;this.name2oidList={sha1:"1.3.14.3.2.26",sha256:"2.16.840.1.101.3.4.2.1",sha384:"2.16.840.1.101.3.4.2.2",sha512:"2.16.840.1.101.3.4.2.3",sha224:"2.16.840.1.101.3.4.2.4",md5:"1.2.840.113549.2.5",md2:"1.3.14.7.2.2.1",ripemd160:"1.3.36.3.2.1",MD2withRSA:"1.2.840.113549.1.1.2",MD4withRSA:"1.2.840.113549.1.1.3",MD5withRSA:"1.2.840.113549.1.1.4",SHA1withRSA:"1.2.840.113549.1.1.5","pkcs1-MGF":"1.2.840.113549.1.1.8",rsaPSS:"1.2.840.113549.1.1.10",SHA224withRSA:"1.2.840.113549.1.1.14",SHA256withRSA:"1.2.840.113549.1.1.11",SHA384withRSA:"1.2.840.113549.1.1.12",SHA512withRSA:"1.2.840.113549.1.1.13",SHA1withECDSA:"1.2.840.10045.4.1",SHA224withECDSA:"1.2.840.10045.4.3.1",SHA256withECDSA:"1.2.840.10045.4.3.2",SHA384withECDSA:"1.2.840.10045.4.3.3",SHA512withECDSA:"1.2.840.10045.4.3.4",dsa:"1.2.840.10040.4.1",SHA1withDSA:"1.2.840.10040.4.3",SHA224withDSA:"2.16.840.1.101.3.4.3.1",SHA256withDSA:"2.16.840.1.101.3.4.3.2",rsaEncryption:"1.2.840.113549.1.1.1",commonName:"2.5.4.3",countryName:"2.5.4.6",localityName:"2.5.4.7",stateOrProvinceName:"2.5.4.8",streetAddress:"2.5.4.9",organizationName:"2.5.4.10",organizationalUnitName:"2.5.4.11",domainComponent:"0.9.2342.19200300.100.1.25",userId:"0.9.2342.19200300.100.1.1",surname:"2.5.4.4",givenName:"2.5.4.42",title:"2.5.4.12",distinguishedName:"2.5.4.49",emailAddress:"1.2.840.113549.1.9.1",description:"2.5.4.13",businessCategory:"2.5.4.15",postalCode:"2.5.4.17",uniqueIdentifier:"2.5.4.45",organizationIdentifier:"2.5.4.97",jurisdictionOfIncorporationL:"1.3.6.1.4.1.311.60.2.1.1",jurisdictionOfIncorporationSP:"1.3.6.1.4.1.311.60.2.1.2",jurisdictionOfIncorporationC:"1.3.6.1.4.1.311.60.2.1.3",subjectDirectoryAttributes:"2.5.29.9",subjectKeyIdentifier:"2.5.29.14",keyUsage:"2.5.29.15",subjectAltName:"2.5.29.17",issuerAltName:"2.5.29.18",basicConstraints:"2.5.29.19",cRLNumber:"2.5.29.20",cRLReason:"2.5.29.21",nameConstraints:"2.5.29.30",cRLDistributionPoints:"2.5.29.31",certificatePolicies:"2.5.29.32",anyPolicy:"2.5.29.32.0",authorityKeyIdentifier:"2.5.29.35",policyConstraints:"2.5.29.36",extKeyUsage:"2.5.29.37",authorityInfoAccess:"1.3.6.1.5.5.7.1.1",ocsp:"1.3.6.1.5.5.7.48.1",ocspBasic:"1.3.6.1.5.5.7.48.1.1",ocspNonce:"1.3.6.1.5.5.7.48.1.2",ocspNoCheck:"1.3.6.1.5.5.7.48.1.5",caIssuers:"1.3.6.1.5.5.7.48.2",anyExtendedKeyUsage:"2.5.29.37.0",serverAuth:"1.3.6.1.5.5.7.3.1",clientAuth:"1.3.6.1.5.5.7.3.2",codeSigning:"1.3.6.1.5.5.7.3.3",emailProtection:"1.3.6.1.5.5.7.3.4",timeStamping:"1.3.6.1.5.5.7.3.8",ocspSigning:"1.3.6.1.5.5.7.3.9",smtpUTF8Mailbox:"1.3.6.1.5.5.7.8.9",dateOfBirth:"1.3.6.1.5.5.7.9.1",placeOfBirth:"1.3.6.1.5.5.7.9.2",gender:"1.3.6.1.5.5.7.9.3",countryOfCitizenship:"1.3.6.1.5.5.7.9.4",countryOfResidence:"1.3.6.1.5.5.7.9.5",ecPublicKey:"1.2.840.10045.2.1","P-256":"1.2.840.10045.3.1.7",secp256r1:"1.2.840.10045.3.1.7",secp256k1:"1.3.132.0.10",secp384r1:"1.3.132.0.34",secp521r1:"1.3.132.0.35",pkcs5PBES2:"1.2.840.113549.1.5.13",pkcs5PBKDF2:"1.2.840.113549.1.5.12","des-EDE3-CBC":"1.2.840.113549.3.7",data:"1.2.840.113549.1.7.1","signed-data":"1.2.840.113549.1.7.2","enveloped-data":"1.2.840.113549.1.7.3","digested-data":"1.2.840.113549.1.7.5","encrypted-data":"1.2.840.113549.1.7.6","authenticated-data":"1.2.840.113549.1.9.16.1.2",tstinfo:"1.2.840.113549.1.9.16.1.4",signingCertificate:"1.2.840.113549.1.9.16.2.12",timeStampToken:"1.2.840.113549.1.9.16.2.14",signaturePolicyIdentifier:"1.2.840.113549.1.9.16.2.15",etsArchiveTimeStamp:"1.2.840.113549.1.9.16.2.27",signingCertificateV2:"1.2.840.113549.1.9.16.2.47",etsArchiveTimeStampV2:"1.2.840.113549.1.9.16.2.48",extensionRequest:"1.2.840.113549.1.9.14",contentType:"1.2.840.113549.1.9.3",messageDigest:"1.2.840.113549.1.9.4",signingTime:"1.2.840.113549.1.9.5",counterSignature:"1.2.840.113549.1.9.6",archiveTimeStampV3:"0.4.0.1733.2.4",pdfRevocationInfoArchival:"1.2.840.113583.1.1.8",adobeTimeStamp:"1.2.840.113583.1.1.9.1",};this.atype2oidList={CN:"2.5.4.3",L:"2.5.4.7",ST:"2.5.4.8",O:"2.5.4.10",OU:"2.5.4.11",C:"2.5.4.6",STREET:"2.5.4.9",DC:"0.9.2342.19200300.100.1.25",UID:"0.9.2342.19200300.100.1.1",SN:"2.5.4.4",T:"2.5.4.12",DN:"2.5.4.49",E:"1.2.840.113549.1.9.1",description:"2.5.4.13",businessCategory:"2.5.4.15",postalCode:"2.5.4.17",serialNumber:"2.5.4.5",uniqueIdentifier:"2.5.4.45",organizationIdentifier:"2.5.4.97",jurisdictionOfIncorporationL:"1.3.6.1.4.1.311.60.2.1.1",jurisdictionOfIncorporationSP:"1.3.6.1.4.1.311.60.2.1.2",jurisdictionOfIncorporationC:"1.3.6.1.4.1.311.60.2.1.3"};this.objCache={};this.name2obj=function(b){if(typeof this.objCache[b]!="undefined"){return this.objCache[b]}if(typeof this.name2oidList[b]=="undefined"){throw"Name of ObjectIdentifier not defined: "+b}var c=this.name2oidList[b];var d=new a({oid:c});this.objCache[b]=d;return d};this.atype2obj=function(b){if(this.objCache[b]!==undefined){return this.objCache[b]}var c;if(b.match(/^\d+\.\d+\.[0-9.]+$/)){c=b}else{if(this.atype2oidList[b]!==undefined){c=this.atype2oidList[b]}else{if(this.name2oidList[b]!==undefined){c=this.name2oidList[b]}else{throw new Error("AttributeType name undefined: "+b)}}}var d=new a({oid:c});this.objCache[b]=d;return d};this.registerOIDs=function(b){if(!this.checkOIDs(b)){return}for(var c in b){this.name2oidList[c]=b[c]}};this.checkOIDs=function(b){try{var d=Object.keys(b);if(d.length==0){return false}d.map(function(g,e,h){var f=this[g];if(!f.match(/^[0-2]\.[0-9.]+$/)){throw new Error("value is not OID")}},b);return true}catch(c){return false}}};KJUR.asn1.x509.OID.oid2name=function(b){var c=KJUR.asn1.x509.OID.name2oidList;for(var a in c){if(c[a]==b){return a}}return""};KJUR.asn1.x509.OID.oid2atype=function(b){var c=KJUR.asn1.x509.OID.atype2oidList;for(var a in c){if(c[a]==b){return a}}return b};KJUR.asn1.x509.OID.name2oid=function(a){if(a.match(/^[0-9.]+$/)){return a}var b=KJUR.asn1.x509.OID.name2oidList;if(b[a]===undefined){return""}return b[a]};KJUR.asn1.x509.X509Util={};KJUR.asn1.x509.X509Util.newCertPEM=function(e){var d=KJUR.asn1.x509,b=d.TBSCertificate,a=d.Certificate;var c=new a(e);return c.getPEM()};
 if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}if(typeof KJUR.asn1.cms=="undefined"||!KJUR.asn1.cms){KJUR.asn1.cms={}}KJUR.asn1.cms.Attribute=function(f){var e=Error,d=KJUR,c=d.asn1,b=c.DERSequence,a=c.DERSet,g=c.DERObjectIdentifier;this.params=null;this.typeOid=null;this.setByParam=function(h){this.params=h};this.getValueArray=function(){throw new e("not yet implemented abstract")};this.tohex=function(){var j=new g({oid:this.typeOid});var h=new a({array:this.getValueArray()});var i=new b({array:[j,h]});return i.tohex()};this.getEncodedHex=function(){return this.tohex()}};extendClass(KJUR.asn1.cms.Attribute,KJUR.asn1.ASN1Object);KJUR.asn1.cms.ContentType=function(c){var b=KJUR,a=b.asn1;a.cms.ContentType.superclass.constructor.call(this);this.typeOid="1.2.840.113549.1.9.3";this.getValueArray=function(){var d=new a.DERObjectIdentifier(this.params.type);return[d]};if(c!=undefined){this.setByParam(c)}};extendClass(KJUR.asn1.cms.ContentType,KJUR.asn1.cms.Attribute);KJUR.asn1.cms.MessageDigest=function(e){var b=KJUR,a=b.asn1,c=a.DEROctetString,d=a.cms;d.MessageDigest.superclass.constructor.call(this);this.typeOid="1.2.840.113549.1.9.4";this.getValueArray=function(){var f=new c(this.params);return[f]};if(e!=undefined){this.setByParam(e)}};extendClass(KJUR.asn1.cms.MessageDigest,KJUR.asn1.cms.Attribute);KJUR.asn1.cms.SigningTime=function(c){var b=KJUR,a=b.asn1;a.cms.SigningTime.superclass.constructor.call(this);this.typeOid="1.2.840.113549.1.9.5";this.getValueArray=function(){var d=new a.x509.Time(this.params);return[d]};if(c!=undefined){this.setByParam(c)}};extendClass(KJUR.asn1.cms.SigningTime,KJUR.asn1.cms.Attribute);KJUR.asn1.cms.SigningCertificate=function(h){var e=Error,d=KJUR,c=d.asn1,b=c.DERSequence,g=c.cms,a=g.ESSCertID,f=d.crypto;g.SigningCertificate.superclass.constructor.call(this);this.typeOid="1.2.840.113549.1.9.16.2.12";this.getValueArray=function(){if(this.params==null||this.params==undefined||this.params.array==undefined){throw new e("parameter 'array' not specified")}var o=this.params.array;var k=[];for(var l=0;l<o.length;l++){var n=o[l];if(h.hasis==false&&(typeof n=="string"&&(n.indexOf("-----BEGIN")!=-1||ASN1HEX.isASN1HEX(n)))){n={cert:n}}if(n.hasis!=false&&h.hasis==false){n.hasis=false}k.push(new a(n))}var j=new b({array:k});var m=new b({array:[j]});return[m]};if(h!=undefined){this.setByParam(h)}};extendClass(KJUR.asn1.cms.SigningCertificate,KJUR.asn1.cms.Attribute);KJUR.asn1.cms.ESSCertID=function(g){KJUR.asn1.cms.ESSCertID.superclass.constructor.call(this);var d=Error,c=KJUR,b=c.asn1,f=b.DEROctetString,a=b.DERSequence,e=b.cms.IssuerSerial;this.params=null;this.getCertHash=function(k,h){if(k.hash!=undefined){return k.hash}if(typeof k=="string"&&k.indexOf("-----BEGIN")==-1&&!ASN1HEX.isASN1HEX(k)){return k}var i;if(typeof k=="string"){i=k}else{if(k.cert!=undefined){i=k.cert}else{throw new d("hash nor cert unspecified")}}var j;if(i.indexOf("-----BEGIN")!=-1){j=pemtohex(i)}else{j=i}if(typeof k=="string"){if(k.indexOf("-----BEGIN")!=-1){j=pemtohex(k)}else{if(ASN1HEX.isASN1HEX(k)){j=k}}}var l;if(k.alg!=undefined){l=k.alg}else{if(h!=undefined){l=h}else{throw new d("hash alg unspecified")}}return c.crypto.Util.hashHex(j,l)};this.tohex=function(){var k=this.params;var j=this.getCertHash(k,"sha1");var h=[];h.push(new f({hex:j}));if((typeof k=="string"&&k.indexOf("-----BEGIN")!=-1)||(k.cert!=undefined&&k.hasis!=false)||(k.issuer!=undefined&&k.serial!=undefined)){h.push(new e(k))}var i=new a({array:h});return i.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!=undefined){this.setByParam(g)}};extendClass(KJUR.asn1.cms.ESSCertID,KJUR.asn1.ASN1Object);KJUR.asn1.cms.SigningCertificateV2=function(d){var h=Error,a=KJUR,g=a.asn1,e=g.DERSequence,b=g.x509,i=g.cms,c=i.ESSCertIDv2,f=a.crypto;i.SigningCertificateV2.superclass.constructor.call(this);this.typeOid="1.2.840.113549.1.9.16.2.47";this.getValueArray=function(){if(this.params==null||this.params==undefined||this.params.array==undefined){throw new h("parameter 'array' not specified")}var o=this.params.array;var l=[];for(var m=0;m<o.length;m++){var n=o[m];if((d.alg!=undefined||d.hasis==false)&&(typeof n=="string"&&(n.indexOf("-----BEGIN")!=-1||ASN1HEX.isASN1HEX(n)))){n={cert:n}}if(n.alg==undefined&&d.alg!=undefined){n.alg=d.alg}if(n.hasis!=false&&d.hasis==false){n.hasis=false}l.push(new c(n))}var k=new e({array:l});var j=new e({array:[k]});return[j]};if(d!=undefined){this.setByParam(d)}};extendClass(KJUR.asn1.cms.SigningCertificateV2,KJUR.asn1.cms.Attribute);KJUR.asn1.cms.ESSCertIDv2=function(h){KJUR.asn1.cms.ESSCertIDv2.superclass.constructor.call(this);var d=Error,c=KJUR,b=c.asn1,f=b.DEROctetString,a=b.DERSequence,e=b.cms.IssuerSerial,g=b.x509.AlgorithmIdentifier;this.params=null;this.tohex=function(){var l=this.params;var k=this.getCertHash(l,"sha256");var i=[];if(l.alg!=undefined&&l.alg!="sha256"){i.push(new g({name:l.alg}))}i.push(new f({hex:k}));if((typeof l=="string"&&l.indexOf("-----BEGIN")!=-1)||(l.cert!=undefined&&l.hasis!=false)||(l.issuer!=undefined&&l.serial!=undefined)){i.push(new e(l))}var j=new a({array:i});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};if(h!=undefined){this.setByParam(h)}};extendClass(KJUR.asn1.cms.ESSCertIDv2,KJUR.asn1.cms.ESSCertID);KJUR.asn1.cms.IssuerSerial=function(e){var i=Error,c=KJUR,h=c.asn1,g=h.DERInteger,f=h.DERSequence,j=h.cms,d=h.x509,a=d.GeneralNames,b=X509;j.IssuerSerial.superclass.constructor.call(this);this.setByParam=function(k){this.params=k};this.tohex=function(){var p=this.params;var l,r;if((typeof p=="string"&&p.indexOf("-----BEGIN")!=-1)||p.cert!=undefined){var n;if(p.cert!=undefined){n=p.cert}else{n=p}var k=new b();k.readCertPEM(n);l=k.getIssuer();r={hex:k.getSerialNumberHex()}}else{if(p.issuer!=undefined&&p.serial){l=p.issuer;r=p.serial}else{throw new i("cert or issuer and serial parameter not specified")}}var q=new a([{dn:l}]);var o=new g(r);var m=new f({array:[q,o]});return m.tohex()};this.getEncodedHex=function(){return this.tohex()};if(e!=undefined){this.setByParam(e)}};extendClass(KJUR.asn1.cms.IssuerSerial,KJUR.asn1.ASN1Object);KJUR.asn1.cms.SignerIdentifier=function(f){var c=KJUR,i=c.asn1,h=i.DERInteger,g=i.DERSequence,l=i.cms,k=l.IssuerAndSerialNumber,d=l.SubjectKeyIdentifier,e=i.x509,a=e.X500Name,b=X509,j=Error;l.SignerIdentifier.superclass.constructor.call(this);this.params=null;this.tohex=function(){var o=this.params;if(o.type=="isssn"){var m=new k(o);return m.tohex()}else{if(o.type=="skid"){var n=new d(o);return n.tohex()}else{throw new Error("wrong property for isssn or skid")}}};this.getEncodedHex=function(){return this.tohex()};if(f!=undefined){this.setByParam(f)}};extendClass(KJUR.asn1.cms.SignerIdentifier,KJUR.asn1.ASN1Object);KJUR.asn1.cms.IssuerAndSerialNumber=function(e){var c=KJUR,h=c.asn1,g=h.DERInteger,f=h.DERSequence,j=h.cms,d=h.x509,a=d.X500Name,b=X509,i=Error;j.IssuerAndSerialNumber.superclass.constructor.call(this);this.params=null;this.tohex=function(){var p=this.params;var l,r;if((typeof p=="string"&&p.indexOf("-----BEGIN")!=-1)||p.cert!=undefined){var n;if(p.cert!=undefined){n=p.cert}else{n=p}var k=new b();k.readCertPEM(n);l=k.getIssuer();r={hex:k.getSerialNumberHex()}}else{if(p.issuer!=undefined&&p.serial){l=p.issuer;r=p.serial}else{throw new i("cert or issuer and serial parameter not specified")}}var q=new a(l);var o=new g(r);var m=new f({array:[q,o]});return m.tohex()};this.getEncodedHex=function(){return this.tohex()};this.setByParam=function(k){this.params=k};if(e!=undefined){this.setByParam(e)}};extendClass(KJUR.asn1.cms.IssuerAndSerialNumber,KJUR.asn1.ASN1Object);KJUR.asn1.cms.SubjectKeyIdentifier=function(g){var d=KJUR,k=d.asn1,i=k.DERInteger,h=k.DERSequence,j=k.ASN1Util.newObject,m=k.cms,f=m.IssuerAndSerialName,c=m.SubjectKeyIdentifier,e=k.x509,a=e.X500Name,b=X509,l=Error;m.SubjectKeyIdentifier.superclass.constructor.call(this);this.tohex=function(){var r=this.params;if(r.cert==undefined&&r.skid==undefined){throw new l("property cert nor skid undefined")}var q;if(r.cert!=undefined){var n=new b(r.cert);var o=n.getExtSubjectKeyIdentifier();q=o.kid.hex}else{if(r.skid!=undefined){q=r.skid}}var p=j({tag:{tage:"a0",obj:{octstr:{hex:q}}}});return p.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!=undefined){this.setByParam(g)}};extendClass(KJUR.asn1.cms.SubjectKeyIdentifier,KJUR.asn1.ASN1Object);KJUR.asn1.cms.AttributeList=function(f){var d=Error,c=KJUR,b=c.asn1,a=b.DERSet,e=b.cms;e.AttributeList.superclass.constructor.call(this);this.params=null;this.hTLV=null;this.setByParam=function(g){this.params=g};this.tohex=function(){var o=this.params;if(this.hTLV!=null){return this.hTLV}var m=true;if(o.sortflag!=undefined){m=o.sortflag}var j=o.array;var g=[];for(var l=0;l<j.length;l++){var n=j[l];var k=n.attr;if(k=="contentType"){g.push(new e.ContentType(n))}else{if(k=="messageDigest"){g.push(new e.MessageDigest(n))}else{if(k=="signingTime"){g.push(new e.SigningTime(n))}else{if(k=="signingCertificate"){g.push(new e.SigningCertificate(n))}else{if(k=="signingCertificateV2"){g.push(new e.SigningCertificateV2(n))}else{if(k=="signaturePolicyIdentifier"){g.push(new KJUR.asn1.cades.SignaturePolicyIdentifier(n))}else{if(k=="signatureTimeStamp"||k=="timeStampToken"){g.push(new KJUR.asn1.cades.SignatureTimeStamp(n))}else{throw new d("unknown attr: "+k)}}}}}}}}var h=new a({array:g,sortflag:m});this.hTLV=h.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(f!=undefined){this.setByParam(f)}};extendClass(KJUR.asn1.cms.AttributeList,KJUR.asn1.ASN1Object);KJUR.asn1.cms.SignerInfo=function(q){var n=Error,r=KJUR,i=r.asn1,c=i.DERInteger,f=i.DEROctetString,h=i.DERSequence,m=i.DERTaggedObject,k=i.cms,p=k.SignerIdentifier,l=k.AttributeList,g=k.ContentType,e=k.EncapsulatedContentInfo,d=k.MessageDigest,j=k.SignedData,a=i.x509,s=a.AlgorithmIdentifier,b=r.crypto,o=KEYUTIL;k.SignerInfo.superclass.constructor.call(this);this.params=null;this.sign=function(){var y=this.params;var x=y.sigalg;var u=(new l(y.sattrs)).tohex();var v=o.getKey(y.signkey);var w=new b.Signature({alg:x});w.init(v);w.updateHex(u);var t=w.sign();y.sighex=t};this.tohex=function(){var w=this.params;var t=[];t.push(new c({"int":w.version}));t.push(new p(w.id));t.push(new s({name:w.hashalg}));if(w.sattrs!=undefined){var x=new l(w.sattrs);try{t.push(new m({tag:"a0",explicit:false,obj:x}))}catch(v){throw new n("si sattr error: "+v)}}if(w.sigalgfield!=undefined){t.push(new s({name:w.sigalgfield}))}else{t.push(new s({name:w.sigalg}))}if(w.sighex==undefined&&w.signkey!=undefined){this.sign()}t.push(new f({hex:w.sighex}));if(w.uattrs!=undefined){var x=new l(w.uattrs);try{t.push(new m({tag:"a1",explicit:false,obj:x}))}catch(v){throw new n("si uattr error: "+v)}}var u=new h({array:t});return u.tohex()};this.getEncodedHex=function(){return this.tohex()};if(q!=undefined){this.setByParam(q)}};extendClass(KJUR.asn1.cms.SignerInfo,KJUR.asn1.ASN1Object);KJUR.asn1.cms.EncapsulatedContentInfo=function(g){var c=KJUR,b=c.asn1,e=b.DERTaggedObject,a=b.DERSequence,h=b.DERObjectIdentifier,d=b.DEROctetString,f=b.cms;f.EncapsulatedContentInfo.superclass.constructor.call(this);this.params=null;this.tohex=function(){var m=this.params;var i=[];i.push(new h(m.type));if(m.content!=undefined&&(m.content.hex!=undefined||m.content.str!=undefined)&&m.isDetached!=true){var k=new d(m.content);var l=new e({tag:"a0",explicit:true,obj:k});i.push(l)}var j=new a({array:i});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};this.setByParam=function(i){this.params=i};if(g!=undefined){this.setByParam(g)}};extendClass(KJUR.asn1.cms.EncapsulatedContentInfo,KJUR.asn1.ASN1Object);KJUR.asn1.cms.ContentInfo=function(g){var c=KJUR,b=c.asn1,d=b.DERTaggedObject,a=b.DERSequence,h=b.DERObjectIdentifier,f=b.x509,e=f.OID.name2obj;KJUR.asn1.cms.ContentInfo.superclass.constructor.call(this);this.params=null;this.tohex=function(){var l=this.params;var i=[];i.push(new h(l.type));var k=new d({tag:"a0",explicit:true,obj:l.obj});i.push(k);var j=new a({array:i});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};this.setByParam=function(i){this.params=i};if(g!=undefined){this.setByParam(g)}};extendClass(KJUR.asn1.cms.ContentInfo,KJUR.asn1.ASN1Object);KJUR.asn1.cms.SignedData=function(e){var j=Error,a=KJUR,h=a.asn1,m=h.ASN1Object,g=h.DERInteger,p=h.DERSet,f=h.DERSequence,b=h.DERTaggedObject,o=h.cms,l=o.EncapsulatedContentInfo,d=o.SignerInfo,q=o.ContentInfo,k=o.CertificateSet,i=o.RevocationInfoChoices,c=h.x509,n=c.AlgorithmIdentifier;KJUR.asn1.cms.SignedData.superclass.constructor.call(this);this.params=null;this.checkAndFixParam=function(){var r=this.params;this._setDigestAlgs(r);this._setContentTypeByEContent(r);this._setMessageDigestByEContent(r);this._setSignerInfoVersion(r);this._setSignedDataVersion(r)};this._setDigestAlgs=function(v){var u={};var t=v.sinfos;for(var r=0;r<t.length;r++){var s=t[r];u[s.hashalg]=1}v.hashalgs=Object.keys(u).sort()};this._setContentTypeByEContent=function(w){var u=w.econtent.type;var v=w.sinfos;for(var r=0;r<v.length;r++){var t=v[r];var s=this._getAttrParamByName(t,"contentType");s.type=u}};this._setMessageDigestByEContent=function(r){var v=r.econtent;var y=r.econtent.type;var x=v.content.hex;if(x==undefined&&v.type=="data"&&v.content.str!=undefined){x=rstrtohex(v.content.str)}var A=r.sinfos;for(var u=0;u<A.length;u++){var t=A[u];var s=t.hashalg;var z=this._getAttrParamByName(t,"messageDigest");var w=KJUR.crypto.Util.hashHex(x,s);z.hex=w}};this._getAttrParamByName=function(t,s){var u=t.sattrs.array;for(var r=0;r<u.length;r++){if(u[r].attr==s){return u[r]}}};this._setSignerInfoVersion=function(v){var t=v.sinfos;for(var r=0;r<t.length;r++){var s=t[r];var u=1;if(s.id.type=="skid"){u=3}s.version=u}};this._setSignedDataVersion=function(s){var r=this._getSignedDataVersion(s);s.version=r};this._getSignedDataVersion=function(w){if(w.revinfos!=undefined){var r=w.revinfos;for(var t=0;t<r.length;t++){var s=r[t];if(s.ocsp!=undefined){return 5}}}var v=w.sinfos;for(var t=0;t<v.length;t++){var u=w.sinfos[t];if(u.version==3){return 3}}if(w.econtent.type!="data"){return 3}return 1};this.tohex=function(){var y=this.params;if(this.getEncodedHexPrepare!=undefined){this.getEncodedHexPrepare()}if(y.fixed!=true){this.checkAndFixParam()}var r=[];r.push(new g({"int":y.version}));var w=[];for(var v=0;v<y.hashalgs.length;v++){var t=y.hashalgs[v];w.push(new n({name:t}))}r.push(new p({array:w}));r.push(new l(y.econtent));if(y.certs!=undefined){r.push(new k(y.certs))}if(y.revinfos!=undefined){r.push(new i(y.revinfos))}var u=[];for(var v=0;v<y.sinfos.length;v++){var x=y.sinfos[v];u.push(new d(x))}r.push(new p({array:u}));var s=new f({array:r});return s.tohex()};this.getEncodedHex=function(){return this.tohex()};this.getContentInfo=function(){var r=new q({type:"signed-data",obj:this});return r};this.getContentInfoEncodedHex=function(){return this.getContentInfo().tohex()};if(e!=undefined){this.setByParam(e)}};extendClass(KJUR.asn1.cms.SignedData,KJUR.asn1.ASN1Object);KJUR.asn1.cms.CertificateSet=function(f){KJUR.asn1.cms.CertificateSet.superclass.constructor.call(this);var c=Error,b=KJUR.asn1,e=b.DERTaggedObject,a=b.DERSet,d=b.ASN1Object;this.params=null;this.tohex=function(){var j=this.params;var p=[];var q;if(j instanceof Array){q=j}else{if(j.array!=undefined){q=j.array}else{throw new c("cert array not specified")}}for(var k=0;k<q.length;k++){var l=q[k];var n=pemtohex(l);var g=new d();g.hTLV=n;p.push(g)}var m={array:p};if(j.sortflag==false){m.sortflag=false}var o=new a(m);var h=new e({tag:"a0",explicit:false,obj:o});return h.tohex()};this.getEncodedHex=function(){return this.tohex()};if(f!=undefined){this.setByParam(f)}};extendClass(KJUR.asn1.cms.CertificateSet,KJUR.asn1.ASN1Object);KJUR.asn1.cms.RevocationInfoChoices=function(a){KJUR.asn1.cms.RevocationInfoChoices.superclass.constructor.call(this);this.params=null;this.tohex=function(){var e=this.params;if(!e instanceof Array){throw new Error("params is not array")}var b=[];for(var c=0;c<e.length;c++){b.push(new KJUR.asn1.cms.RevocationInfoChoice(e[c]))}var d=KJUR.asn1.ASN1Util.newObject({tag:{tagi:"a1",obj:{set:b}}});return d.tohex()};this.getEncodedHex=function(){return this.tohex()};if(a!=undefined){this.setByParam(a)}};extendClass(KJUR.asn1.cms.RevocationInfoChoices,KJUR.asn1.ASN1Object);KJUR.asn1.cms.RevocationInfoChoice=function(a){KJUR.asn1.cms.RevocationInfoChoice.superclass.constructor.call(this);this.params=null;this.tohex=function(){var d=this.params;if(d.crl!=undefined&&typeof d.crl=="string"){var b=d.crl;if(d.crl.indexOf("-----BEGIN")!=-1){b=pemtohex(d.crl)}return b}else{if(d.ocsp!=undefined){var c=KJUR.asn1.ASN1Util.newObject({tag:{tagi:"a1",obj:new KJUR.asn1.cms.OtherRevocationFormat(d)}});return c.tohex()}else{throw new Error("property crl or ocsp undefined")}}};this.getEncodedHex=function(){return this.tohex()};if(a!=undefined){this.setByParam(a)}};extendClass(KJUR.asn1.cms.RevocationInfoChoice,KJUR.asn1.ASN1Object);KJUR.asn1.cms.OtherRevocationFormat=function(f){KJUR.asn1.cms.OtherRevocationFormat.superclass.constructor.call(this);var d=Error,c=KJUR,b=c.asn1,a=b.ASN1Util.newObject,e=c.lang.String.isHex;this.params=null;this.tohex=function(){var h=this.params;if(h.ocsp==undefined){throw new d("property ocsp not specified")}if(!e(h.ocsp)||!ASN1HEX.isASN1HEX(h.ocsp)){throw new d("ocsp value not ASN.1 hex string")}var g=a({seq:[{oid:"1.3.6.1.5.5.7.16.2"},{asn1:{tlv:h.ocsp}}]});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(f!=undefined){this.setByParam(f)}};extendClass(KJUR.asn1.cms.OtherRevocationFormat,KJUR.asn1.ASN1Object);KJUR.asn1.cms.CMSUtil=new function(){};KJUR.asn1.cms.CMSUtil.newSignedData=function(a){return new KJUR.asn1.cms.SignedData(a)};KJUR.asn1.cms.CMSUtil.verifySignedData=function(n){var C=KJUR,p=C.asn1,s=p.cms,D=s.SignerInfo,q=s.SignedData,y=s.SigningTime,b=s.SigningCertificate,d=s.SigningCertificateV2,A=p.cades,u=A.SignaturePolicyIdentifier,i=C.lang.String.isHex,v=ASN1HEX,h=v.getVbyList,a=v.getTLVbyList,t=v.getIdxbyList,z=v.getChildIdx,c=v.getTLV,B=v.oidname,j=C.crypto.Util.hashHex;if(n.cms===undefined&&!i(n.cms)){}var E=n.cms;var g=function(J,H){var G;for(var I=3;I<6;I++){G=t(J,0,[1,0,I]);if(G!==undefined){var F=J.substr(G,2);if(F==="a0"){H.certsIdx=G}if(F==="a1"){H.revinfosIdx=G}if(F==="31"){H.signerinfosIdx=G}}}};var l=function(I,F){var H=F.signerinfosIdx;if(H===undefined){return}var L=z(I,H);F.signerInfoIdxList=L;for(var G=0;G<L.length;G++){var K=L[G];var J={idx:K};k(I,J);F.signerInfos.push(J)}};var k=function(I,J){var F=J.idx;J.signerid_issuer1=a(I,F,[1,0],"30");J.signerid_serial1=h(I,F,[1,1],"02");J.hashalg=B(h(I,F,[2,0],"06"));var H=t(I,F,[3],"a0");J.idxSignedAttrs=H;f(I,J,H);var G=z(I,F);var K=G.length;if(K<6){throw"malformed SignerInfo"}J.sigalg=B(h(I,F,[K-2,0],"06"));J.sigval=h(I,F,[K-1],"04")};var f=function(L,M,F){var J=z(L,F);M.signedAttrIdxList=J;for(var K=0;K<J.length;K++){var I=J[K];var G=h(L,I,[0],"06");var H;if(G==="2a864886f70d010905"){H=hextoutf8(h(L,I,[1,0]));M.saSigningTime=H}else{if(G==="2a864886f70d010904"){H=h(L,I,[1,0],"04");M.saMessageDigest=H}}}};var w=function(G,F){if(h(G,0,[0],"06")!=="2a864886f70d010702"){return F}F.cmsType="signedData";F.econtent=h(G,0,[1,0,2,1,0]);g(G,F);F.signerInfos=[];l(G,F)};var o=function(J,F){var G=F.parse.signerInfos;var L=G.length;var K=true;for(var I=0;I<L;I++){var H=G[I];e(J,F,H,I);if(!H.isValid){K=false}}F.isValid=K};var x=function(F,Q,J,P){var N=Q.parse.certsIdx;var H;if(Q.certs===undefined){H=[];Q.certkeys=[];var K=z(F,N);for(var I=0;I<K.length;I++){var M=c(F,K[I]);var O=new X509();O.readCertHex(M);H[I]=O;Q.certkeys[I]=O.getPublicKey()}Q.certs=H}else{H=Q.certs}Q.cccc=H.length;Q.cccci=K.length;for(var I=0;I<H.length;I++){var L=O.getIssuerHex();var G=O.getSerialNumberHex();if(J.signerid_issuer1===L&&J.signerid_serial1===G){J.certkey_idx=I}}};var e=function(F,R,I,N){I.verifyDetail={};var Q=I.verifyDetail;var K=R.parse.econtent;var G=I.hashalg;var L=I.saMessageDigest;Q.validMessageDigest=false;if(j(K,G)===L){Q.validMessageDigest=true}x(F,R,I,N);Q.validSignatureValue=false;var H=I.sigalg;var M="31"+c(F,I.idxSignedAttrs).substr(2);I.signedattrshex=M;var J=R.certs[I.certkey_idx].getPublicKey();var P=new KJUR.crypto.Signature({alg:H});P.init(J);P.updateHex(M);var O=P.verify(I.sigval);Q.validSignatureValue_isValid=O;if(O===true){Q.validSignatureValue=true}I.isValid=false;if(Q.validMessageDigest&&Q.validSignatureValue){I.isValid=true}};var m=function(){};var r={isValid:false,parse:{}};w(E,r.parse);o(E,r);return r};KJUR.asn1.cms.CMSParser=function(){var g=Error,a=X509,h=new a(),l=ASN1HEX,i=l.getV,b=l.getTLV,f=l.getIdxbyList,c=l.getTLVbyList,d=l.getTLVbyListEx,e=l.getVbyList,k=l.getVbyListEx,j=l.getChildIdx;this.getCMSSignedData=function(m){var o=c(m,0,[1,0]);var n=this.getSignedData(o);return n};this.getSignedData=function(o){var q=j(o,0);var v={};var p=i(o,q[0]);var n=parseInt(p,16);v.version=n;var r=b(o,q[1]);v.hashalgs=this.getHashAlgArray(r);var t=b(o,q[2]);v.econtent=this.getEContent(t);var m=d(o,0,["[0]"]);if(m!=null){v.certs=this.getCertificateSet(m)}var u=d(o,0,["[1]"]);if(u!=null){}var s=d(o,0,[3]);v.sinfos=this.getSignerInfos(s);return v};this.getHashAlgArray=function(s){var q=j(s,0);var m=new a();var n=[];for(var r=0;r<q.length;r++){var p=b(s,q[r]);var o=m.getAlgorithmIdentifierName(p);n.push(o)}return n};this.getEContent=function(m){var n={};var p=e(m,0,[0]);var o=e(m,0,[1,0]);n.type=KJUR.asn1.x509.OID.oid2name(ASN1HEX.hextooidstr(p));n.content={hex:o};return n};this.getSignerInfos=function(p){var r=[];var m=j(p,0);for(var n=0;n<m.length;n++){var o=b(p,m[n]);var q=this.getSignerInfo(o);r.push(q)}return r};this.getSignerInfo=function(s){var y={};var u=j(s,0);var q=l.getInt(s,u[0],-1);if(q!=-1){y.version=q}var t=b(s,u[1]);var p=this.getIssuerAndSerialNumber(t);y.id=p;var z=b(s,u[2]);var n=h.getAlgorithmIdentifierName(z);y.hashalg=n;var w=d(s,0,["[0]"]);if(w!=null){var A=this.getAttributeList(w);y.sattrs=A}var m=d(s,0,[3]);var x=h.getAlgorithmIdentifierName(m);y.sigalg=x;var o=k(s,0,[4]);y.sighex=o;var r=d(s,0,["[1]"]);if(r!=null){var v=this.getAttributeList(r);y.uattrs=v}return y};this.getSignerIdentifier=function(m){if(m.substr(0,2)=="30"){return this.getIssuerAndSerialNumber(m)}else{throw new Error("SKID of signerIdentifier not supported")}};this.getIssuerAndSerialNumber=function(n){var o={type:"isssn"};var m=j(n,0);var p=b(n,m[0]);o.issuer=h.getX500Name(p);var q=i(n,m[1]);o.serial={hex:q};return o};this.getAttributeList=function(q){var m=[];var n=j(q,0);for(var o=0;o<n.length;o++){var p=b(q,n[o]);var r=this.getAttribute(p);m.push(r)}return{array:m}};this.getAttribute=function(p){var t={};var q=j(p,0);var o=l.getOID(p,q[0]);var m=KJUR.asn1.x509.OID.oid2name(o);t.attr=m;var r=b(p,q[1]);var u=j(r,0);if(u.length==1){t.valhex=b(r,u[0])}else{var s=[];for(var n=0;n<u.length;n++){s.push(b(r,u[n]))}t.valhex=s}if(m=="contentType"){this.setContentType(t)}else{if(m=="messageDigest"){this.setMessageDigest(t)}else{if(m=="signingTime"){this.setSigningTime(t)}else{if(m=="signingCertificate"){this.setSigningCertificate(t)}else{if(m=="signingCertificateV2"){this.setSigningCertificateV2(t)}else{if(m=="signaturePolicyIdentifier"){this.setSignaturePolicyIdentifier(t)}}}}}}return t};this.setContentType=function(m){var n=l.getOIDName(m.valhex,0,null);if(n!=null){m.type=n;delete m.valhex}};this.setSigningTime=function(o){var n=i(o.valhex,0);var m=hextoutf8(n);o.str=m;delete o.valhex};this.setMessageDigest=function(m){var n=i(m.valhex,0);m.hex=n;delete m.valhex};this.setSigningCertificate=function(n){var q=j(n.valhex,0);if(q.length>0){var m=b(n.valhex,q[0]);var p=j(m,0);var t=[];for(var o=0;o<p.length;o++){var s=b(m,p[o]);var u=this.getESSCertID(s);t.push(u)}n.array=t}if(q.length>1){var r=b(n.valhex,q[1]);n.polhex=r}delete n.valhex};this.setSignaturePolicyIdentifier=function(s){var q=j(s.valhex,0);if(q.length>0){var r=l.getOID(s.valhex,q[0]);s.oid=r}if(q.length>1){var m=new a();var t=j(s.valhex,q[1]);var p=b(s.valhex,t[0]);var o=m.getAlgorithmIdentifierName(p);s.alg=o;var n=i(s.valhex,t[1]);s.hash=n}delete s.valhex};this.setSigningCertificateV2=function(o){var s=j(o.valhex,0);if(s.length>0){var n=b(o.valhex,s[0]);var r=j(n,0);var u=[];for(var q=0;q<r.length;q++){var m=b(n,r[q]);var p=this.getESSCertIDv2(m);u.push(p)}o.array=u}if(s.length>1){var t=b(o.valhex,s[1]);o.polhex=t}delete o.valhex};this.getESSCertID=function(o){var p={};var n=j(o,0);if(n.length>0){var q=i(o,n[0]);p.hash=q}if(n.length>1){var m=b(o,n[1]);var r=this.getIssuerSerial(m);if(r.serial!=undefined){p.serial=r.serial}if(r.issuer!=undefined){p.issuer=r.issuer}}return p};this.getESSCertIDv2=function(q){var s={};var p=j(q,0);if(p.length<1||3<p.length){throw new g("wrong number of elements")}var r=0;if(q.substr(p[0],2)=="30"){var o=b(q,p[0]);s.alg=h.getAlgorithmIdentifierName(o);r++}else{s.alg="sha256"}var n=i(q,p[r]);s.hash=n;if(p.length>r+1){var m=b(q,p[r+1]);var t=this.getIssuerSerial(m);s.issuer=t.issuer;s.serial=t.serial}return s};this.getIssuerSerial=function(q){var r={};var n=j(q,0);var m=b(q,n[0]);var p=h.getGeneralNames(m);var o=p[0].dn;r.issuer=o;var s=i(q,n[1]);r.serial={hex:s};return r};this.getCertificateSet=function(p){var n=j(p,0);var m=[];for(var o=0;o<n.length;o++){var r=b(p,n[o]);if(r.substr(0,2)=="30"){var q=hextopem(r,"CERTIFICATE");m.push(q)}}return{array:m,sortflag:false}}};
 if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}if(typeof KJUR.asn1.tsp=="undefined"||!KJUR.asn1.tsp){KJUR.asn1.tsp={}}KJUR.asn1.tsp.TimeStampToken=function(d){var c=KJUR,b=c.asn1,a=b.tsp;a.TimeStampToken.superclass.constructor.call(this);this.params=null;this.getEncodedHexPrepare=function(){var e=new a.TSTInfo(this.params.econtent.content);this.params.econtent.content.hex=e.tohex()};if(d!=undefined){this.setByParam(d)}};extendClass(KJUR.asn1.tsp.TimeStampToken,KJUR.asn1.cms.SignedData);KJUR.asn1.tsp.TSTInfo=function(f){var m=Error,c=KJUR,j=c.asn1,g=j.DERSequence,i=j.DERInteger,l=j.DERBoolean,h=j.DERGeneralizedTime,n=j.DERObjectIdentifier,e=j.DERTaggedObject,k=j.tsp,d=k.MessageImprint,b=k.Accuracy,a=j.x509.X500Name,o=j.x509.GeneralName;k.TSTInfo.superclass.constructor.call(this);this.dVersion=new i({"int":1});this.dPolicy=null;this.dMessageImprint=null;this.dSerial=null;this.dGenTime=null;this.dAccuracy=null;this.dOrdering=null;this.dNonce=null;this.dTsa=null;this.tohex=function(){var p=[this.dVersion];if(this.dPolicy==null){throw new Error("policy shall be specified.")}p.push(this.dPolicy);if(this.dMessageImprint==null){throw new Error("messageImprint shall be specified.")}p.push(this.dMessageImprint);if(this.dSerial==null){throw new Error("serialNumber shall be specified.")}p.push(this.dSerial);if(this.dGenTime==null){throw new Error("genTime shall be specified.")}p.push(this.dGenTime);if(this.dAccuracy!=null){p.push(this.dAccuracy)}if(this.dOrdering!=null){p.push(this.dOrdering)}if(this.dNonce!=null){p.push(this.dNonce)}if(this.dTsa!=null){p.push(this.dTsa)}var q=new g({array:p});this.hTLV=q.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){if(typeof f.policy=="string"){if(!f.policy.match(/^[0-9.]+$/)){throw"policy shall be oid like 0.1.4.134"}this.dPolicy=new n({oid:f.policy})}if(f.messageImprint!==undefined){this.dMessageImprint=new d(f.messageImprint)}if(f.serial!==undefined){this.dSerial=new i(f.serial)}if(f.genTime!==undefined){this.dGenTime=new h(f.genTime)}if(f.accuracy!==undefined){this.dAccuracy=new b(f.accuracy)}if(f.ordering!==undefined&&f.ordering==true){this.dOrdering=new l()}if(f.nonce!==undefined){this.dNonce=new i(f.nonce)}if(f.tsa!==undefined){this.dTsa=new e({tag:"a0",explicit:true,obj:new o({dn:f.tsa})})}}};extendClass(KJUR.asn1.tsp.TSTInfo,KJUR.asn1.ASN1Object);KJUR.asn1.tsp.Accuracy=function(d){var c=KJUR,b=c.asn1,a=b.ASN1Util.newObject;b.tsp.Accuracy.superclass.constructor.call(this);this.params=null;this.tohex=function(){var f=this.params;var e=[];if(f.seconds!=undefined&&typeof f.seconds=="number"){e.push({"int":f.seconds})}if(f.millis!=undefined&&typeof f.millis=="number"){e.push({tag:{tagi:"80",obj:{"int":f.millis}}})}if(f.micros!=undefined&&typeof f.micros=="number"){e.push({tag:{tagi:"81",obj:{"int":f.micros}}})}return a({seq:e}).tohex()};this.getEncodedHex=function(){return this.tohex()};if(d!=undefined){this.setByParam(d)}};extendClass(KJUR.asn1.tsp.Accuracy,KJUR.asn1.ASN1Object);KJUR.asn1.tsp.MessageImprint=function(g){var c=KJUR,b=c.asn1,a=b.DERSequence,d=b.DEROctetString,f=b.x509,e=f.AlgorithmIdentifier;b.tsp.MessageImprint.superclass.constructor.call(this);this.params=null;this.tohex=function(){var k=this.params;var j=new e({name:k.alg});var h=new d({hex:k.hash});var i=new a({array:[j,h]});return i.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!==undefined){this.setByParam(g)}};extendClass(KJUR.asn1.tsp.MessageImprint,KJUR.asn1.ASN1Object);KJUR.asn1.tsp.TimeStampReq=function(c){var a=KJUR,f=a.asn1,d=f.DERSequence,e=f.DERInteger,h=f.DERBoolean,j=f.ASN1Object,i=f.DERObjectIdentifier,g=f.tsp,b=g.MessageImprint;g.TimeStampReq.superclass.constructor.call(this);this.params=null;this.tohex=function(){var m=this.params;var k=[];k.push(new e({"int":1}));if(m.messageImprint instanceof KJUR.asn1.ASN1Object){k.push(m.messageImprint)}else{k.push(new b(m.messageImprint))}if(m.policy!=undefined){k.push(new i(m.policy))}if(m.nonce!=undefined){k.push(new e(m.nonce))}if(m.certreq==true){k.push(new h())}var l=new d({array:k});return l.tohex()};this.getEncodedHex=function(){return this.tohex()};if(c!=undefined){this.setByParam(c)}};extendClass(KJUR.asn1.tsp.TimeStampReq,KJUR.asn1.ASN1Object);KJUR.asn1.tsp.TimeStampResp=function(g){var e=KJUR,d=e.asn1,c=d.DERSequence,f=d.ASN1Object,a=d.tsp,b=a.PKIStatusInfo;a.TimeStampResp.superclass.constructor.call(this);this.params=null;this.tohex=function(){var j=this.params;var h=[];if(j.econtent!=undefined||j.tst!=undefined){if(j.statusinfo!=undefined){h.push(new b(j.statusinfo))}else{h.push(new b("granted"))}if(j.econtent!=undefined){h.push((new a.TimeStampToken(j)).getContentInfo())}else{if(j.tst instanceof d.ASN1Object){h.push(j.tst)}else{throw new Error("improper member tst value")}}}else{if(j.statusinfo!=undefined){h.push(new b(j.statusinfo))}else{throw new Error("parameter for token nor statusinfo not specified")}}var i=new c({array:h});return i.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!=undefined){this.setByParam(g)}};extendClass(KJUR.asn1.tsp.TimeStampResp,KJUR.asn1.ASN1Object);KJUR.asn1.tsp.PKIStatusInfo=function(d){var h=Error,a=KJUR,g=a.asn1,e=g.DERSequence,i=g.tsp,f=i.PKIStatus,c=i.PKIFreeText,b=i.PKIFailureInfo;i.PKIStatusInfo.superclass.constructor.call(this);this.params=null;this.tohex=function(){var l=this.params;var j=[];if(typeof l=="string"){j.push(new f(l))}else{if(l.status==undefined){throw new h("property 'status' unspecified")}j.push(new f(l.status));if(l.statusstr!=undefined){j.push(new c(l.statusstr))}if(l.failinfo!=undefined){j.push(new b(l.failinfo))}}var k=new e({array:j});return k.tohex()};this.getEncodedHex=function(){return this.tohex()};if(d!=undefined){this.setByParam(d)}};extendClass(KJUR.asn1.tsp.PKIStatusInfo,KJUR.asn1.ASN1Object);KJUR.asn1.tsp.PKIStatus=function(g){var e=Error,d=KJUR,c=d.asn1,f=c.DERInteger,b=c.tsp;b.PKIStatus.superclass.constructor.call(this);var a={granted:0,grantedWithMods:1,rejection:2,waiting:3,revocationWarning:4,revocationNotification:5};this.params=null;this.tohex=function(){var k=this.params;var h,j;if(typeof k=="string"){try{j=a[k]}catch(i){throw new e("undefined name: "+k)}}else{if(typeof k=="number"){j=k}else{throw new e("unsupported params")}}return(new f({"int":j})).tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!=undefined){this.setByParam(g)}};extendClass(KJUR.asn1.tsp.PKIStatus,KJUR.asn1.ASN1Object);KJUR.asn1.tsp.PKIFreeText=function(g){var f=Error,e=KJUR,d=e.asn1,b=d.DERSequence,c=d.DERUTF8String,a=d.tsp;a.PKIFreeText.superclass.constructor.call(this);this.params=null;this.tohex=function(){var l=this.params;if(!l instanceof Array){throw new f("wrong params: not array")}var h=[];for(var k=0;k<l.length;k++){h.push(new c({str:l[k]}))}var j=new b({array:h});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!=undefined){this.setByParam(g)}};extendClass(KJUR.asn1.tsp.PKIFreeText,KJUR.asn1.ASN1Object);KJUR.asn1.tsp.PKIFailureInfo=function(h){var f=Error,e=KJUR,d=e.asn1,g=d.DERBitString,b=d.tsp,c=b.PKIFailureInfo;var a={badAlg:0,badRequest:2,badDataFormat:5,timeNotAvailable:14,unacceptedPolicy:15,unacceptedExtension:16,addInfoNotAvailable:17,systemFailure:25};c.superclass.constructor.call(this);this.params=null;this.getBinValue=function(){var n=this.params;var m=0;if(typeof n=="number"&&0<=n&&n<=25){m|=1<<n;var k=m.toString(2);var l="";for(var j=k.length-1;j>=0;j--){l+=k[j]}return l}else{if(typeof n=="string"&&a[n]!=undefined){return namearraytobinstr([n],a)}else{if(typeof n=="object"&&n.length!=undefined){return namearraytobinstr(n,a)}else{throw new f("wrong params")}}}return};this.tohex=function(){var j=this.params;var i=this.getBinValue();return(new g({bin:i})).tohex()};this.getEncodedHex=function(){return this.tohex()};if(h!=undefined){this.setByParam(h)}};extendClass(KJUR.asn1.tsp.PKIFailureInfo,KJUR.asn1.ASN1Object);KJUR.asn1.tsp.AbstractTSAAdapter=function(a){this.getTSTHex=function(c,b){throw"not implemented yet"}};KJUR.asn1.tsp.SimpleTSAAdapter=function(e){var d=KJUR,c=d.asn1,a=c.tsp,b=d.crypto.Util.hashHex;a.SimpleTSAAdapter.superclass.constructor.call(this);this.params=null;this.serial=0;this.getTSTHex=function(g,f){var i=b(g,f);this.params.econtent.content.messageImprint={alg:f,hash:i};this.params.econtent.content.serial={"int":this.serial++};var h=Math.floor(Math.random()*1000000000);this.params.econtent.content.nonce={"int":h};var j=new a.TimeStampToken(this.params);return j.getContentInfoEncodedHex()};if(e!==undefined){this.params=e}};extendClass(KJUR.asn1.tsp.SimpleTSAAdapter,KJUR.asn1.tsp.AbstractTSAAdapter);KJUR.asn1.tsp.FixedTSAAdapter=function(e){var d=KJUR,c=d.asn1,a=c.tsp,b=d.crypto.Util.hashHex;a.FixedTSAAdapter.superclass.constructor.call(this);this.params=null;this.getTSTHex=function(g,f){var h=b(g,f);this.params.econtent.content.messageImprint={alg:f,hash:h};var i=new a.TimeStampToken(this.params);return i.getContentInfoEncodedHex()};if(e!==undefined){this.params=e}};extendClass(KJUR.asn1.tsp.FixedTSAAdapter,KJUR.asn1.tsp.AbstractTSAAdapter);KJUR.asn1.tsp.TSPUtil=new function(){};KJUR.asn1.tsp.TSPUtil.newTimeStampToken=function(a){return new KJUR.asn1.tsp.TimeStampToken(a)};KJUR.asn1.tsp.TSPUtil.parseTimeStampReq=function(a){var b=new KJUR.asn1.tsp.TSPParser();return b.getTimeStampReq(a)};KJUR.asn1.tsp.TSPUtil.parseMessageImprint=function(a){var b=new KJUR.asn1.tsp.TSPParser();return b.getMessageImprint(a)};KJUR.asn1.tsp.TSPParser=function(){var e=Error,a=X509,f=new a(),k=ASN1HEX,g=k.getV,b=k.getTLV,d=k.getIdxbyList,c=k.getTLVbyListEx,i=k.getChildIdx;var j=["granted","grantedWithMods","rejection","waiting","revocationWarning","revocationNotification"];var h={0:"badAlg",2:"badRequest",5:"badDataFormat",14:"timeNotAvailable",15:"unacceptedPolicy",16:"unacceptedExtension",17:"addInfoNotAvailable",25:"systemFailure"};this.getResponse=function(n){var l=i(n,0);if(l.length==1){return this.getPKIStatusInfo(b(n,l[0]))}else{if(l.length>1){var o=this.getPKIStatusInfo(b(n,l[0]));var m=b(n,l[1]);var p=this.getToken(m);p.statusinfo=o;return p}}};this.getToken=function(m){var l=new KJUR.asn1.cms.CMSParser;var n=l.getCMSSignedData(m);this.setTSTInfo(n);return n};this.setTSTInfo=function(l){var o=l.econtent;if(o.type=="tstinfo"){var n=o.content.hex;var m=this.getTSTInfo(n);o.content=m}};this.getTSTInfo=function(r){var x={};var s=i(r,0);var p=g(r,s[1]);x.policy=hextooid(p);var o=b(r,s[2]);x.messageImprint=this.getMessageImprint(o);var u=g(r,s[3]);x.serial={hex:u};var y=g(r,s[4]);x.genTime={str:hextoutf8(y)};var q=0;if(s.length>5&&r.substr(s[5],2)=="30"){var v=b(r,s[5]);x.accuracy=this.getAccuracy(v);q++}if(s.length>5+q&&r.substr(s[5+q],2)=="01"){var z=g(r,s[5+q]);if(z=="ff"){x.ordering=true}q++}if(s.length>5+q&&r.substr(s[5+q],2)=="02"){var n=g(r,s[5+q]);x.nonce={hex:n};q++}if(s.length>5+q&&r.substr(s[5+q],2)=="a0"){var m=b(r,s[5+q]);m="30"+m.substr(2);pGeneralNames=f.getGeneralNames(m);var t=pGeneralNames[0].dn;x.tsa=t;q++}if(s.length>5+q&&r.substr(s[5+q],2)=="a1"){var l=b(r,s[5+q]);l="30"+l.substr(2);var w=f.getExtParamArray(l);x.ext=w;q++}return x};this.getAccuracy=function(q){var r={};var o=i(q,0);for(var p=0;p<o.length;p++){var m=q.substr(o[p],2);var l=g(q,o[p]);var n=parseInt(l,16);if(m=="02"){r.seconds=n}else{if(m=="80"){r.millis=n}else{if(m=="81"){r.micros=n}}}}return r};this.getMessageImprint=function(n){if(n.substr(0,2)!="30"){throw new Error("head of messageImprint hex shall be x30")}var s={};var l=i(n,0);var t=d(n,0,[0,0]);var o=g(n,t);var p=k.hextooidstr(o);var r=KJUR.asn1.x509.OID.oid2name(p);if(r==""){throw new Error("hashAlg name undefined: "+p)}var m=r;var q=d(n,0,[1]);s.alg=m;s.hash=g(n,q);return s};this.getPKIStatusInfo=function(o){var t={};var r=i(o,0);var n=0;try{var l=g(o,r[0]);var p=parseInt(l,16);t.status=j[p]}catch(s){}if(r.length>1&&o.substr(r[1],2)=="30"){var m=b(o,r[1]);t.statusstr=this.getPKIFreeText(m);n++}if(r.length>n&&o.substr(r[1+n],2)=="03"){var q=b(o,r[1+n]);t.failinfo=this.getPKIFailureInfo(q)}return t};this.getPKIFreeText=function(n){var o=[];var l=i(n,0);for(var m=0;m<l.length;m++){o.push(k.getString(n,l[m]))}return o};this.getPKIFailureInfo=function(l){var m=k.getInt(l,0);if(h[m]!=undefined){return h[m]}else{return m}};this.getTimeStampReq=function(q){var p={};p.certreq=false;var s=i(q,0);if(s.length<2){throw new Error("TimeStampReq must have at least 2 items")}var n=b(q,s[1]);p.messageImprint=KJUR.asn1.tsp.TSPUtil.parseMessageImprint(n);for(var o=2;o<s.length;o++){var m=s[o];var l=q.substr(m,2);if(l=="06"){var r=g(q,m);p.policy=k.hextooidstr(r)}if(l=="02"){p.nonce=g(q,m)}if(l=="01"){p.certreq=true}}return p}};
 if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}if(typeof KJUR.asn1.cades=="undefined"||!KJUR.asn1.cades){KJUR.asn1.cades={}}KJUR.asn1.cades.SignaturePolicyIdentifier=function(e){var c=KJUR,b=c.asn1,a=b.cades,d=a.SignaturePolicyId;a.SignaturePolicyIdentifier.superclass.constructor.call(this);this.typeOid="1.2.840.113549.1.9.16.2.15";this.params=null;this.getValueArray=function(){return[new d(this.params)]};this.setByParam=function(f){this.params=f};if(e!=undefined){this.setByParam(e)}};extendClass(KJUR.asn1.cades.SignaturePolicyIdentifier,KJUR.asn1.cms.Attribute);KJUR.asn1.cades.SignaturePolicyId=function(e){var a=KJUR,g=a.asn1,f=g.DERSequence,i=g.DERObjectIdentifier,d=g.x509,j=d.AlgorithmIdentifier,c=g.cades,h=c.SignaturePolicyId,b=c.OtherHashAlgAndValue;h.superclass.constructor.call(this);this.params=null;this.tohex=function(){var m=this.params;var k=[];k.push(new i(m.oid));k.push(new b(m));var l=new f({array:k});return l.tohex()};this.getEncodedHex=function(){return this.tohex()};this.setByParam=function(k){this.params=k};if(e!=undefined){this.setByParam(e)}};extendClass(KJUR.asn1.cades.SignaturePolicyId,KJUR.asn1.ASN1Object);KJUR.asn1.cades.OtherHashAlgAndValue=function(e){var h=Error,a=KJUR,g=a.asn1,f=g.DERSequence,i=g.DEROctetString,d=g.x509,j=d.AlgorithmIdentifier,c=g.cades,b=c.OtherHashAlgAndValue;b.superclass.constructor.call(this);this.params=null;this.tohex=function(){var o=this.params;if(o.alg==undefined){throw new h("property 'alg' not specified")}if(o.hash==undefined&&o.cert==undefined){throw new h("property 'hash' nor 'cert' not specified")}var m=null;if(o.hash!=undefined){m=o.hash}else{if(o.cert!=undefined){if(typeof o.cert!="string"){throw new h("cert not string")}var n=o.cert;if(o.cert.indexOf("-----BEGIN")!=-1){n=pemtohex(o.cert)}m=KJUR.crypto.Util.hashHex(n,o.alg)}}var k=[];k.push(new j({name:o.alg}));k.push(new i({hex:m}));var l=new f({array:k});return l.tohex()};this.getEncodedHex=function(){return this.tohex()};if(e!=undefined){this.setByParam(e)}};extendClass(KJUR.asn1.cades.OtherHashAlgAndValue,KJUR.asn1.ASN1Object);KJUR.asn1.cades.OtherHashValue=function(g){KJUR.asn1.cades.OtherHashValue.superclass.constructor.call(this);var d=Error,c=KJUR,f=c.lang.String.isHex,b=c.asn1,e=b.DEROctetString,a=c.crypto.Util.hashHex;this.params=null;this.tohex=function(){var j=this.params;if(j.hash==undefined&&j.cert==undefined){throw new d("hash or cert not specified")}var h=null;if(j.hash!=undefined){h=j.hash}else{if(j.cert!=undefined){if(typeof j.cert!="string"){throw new d("cert not string")}var i=j.cert;if(j.cert.indexOf("-----BEGIN")!=-1){i=pemtohex(j.cert)}h=KJUR.crypto.Util.hashHex(i,"sha1")}}return(new e({hex:h})).tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!=undefined){this.setByParam(g)}};extendClass(KJUR.asn1.cades.OtherHashValue,KJUR.asn1.ASN1Object);KJUR.asn1.cades.SignatureTimeStamp=function(h){var d=Error,c=KJUR,f=c.lang.String.isHex,b=c.asn1,e=b.ASN1Object,g=b.x509,a=b.cades;a.SignatureTimeStamp.superclass.constructor.call(this);this.typeOid="1.2.840.113549.1.9.16.2.14";this.params=null;this.getValueArray=function(){var l=this.params;if(l.tst!=undefined){if(f(l.tst)){var j=new e();j.hTLV=l.tst;return[j]}else{if(l.tst instanceof e){return[l.tst]}else{throw new d("params.tst has wrong value")}}}else{if(l.res!=undefined){var k=l.res;if(k instanceof e){k=k.tohex()}if(typeof k!="string"||(!f(k))){throw new d("params.res has wrong value")}var i=ASN1HEX.getTLVbyList(k,0,[1]);var j=new e();j.hTLV=l.tst;return[j]}}};if(h!=null){this.setByParam(h)}};extendClass(KJUR.asn1.cades.SignatureTimeStamp,KJUR.asn1.cms.Attribute);KJUR.asn1.cades.CompleteCertificateRefs=function(h){var f=Error,e=KJUR,d=e.asn1,b=d.DERSequence,c=d.cades,a=c.OtherCertID,g=e.lang.String.isHex;c.CompleteCertificateRefs.superclass.constructor.call(this);this.typeOid="1.2.840.113549.1.9.16.2.21";this.params=null;this.getValueArray=function(){var o=this.params;var k=[];for(var m=0;m<o.array.length;m++){var n=o.array[m];if(typeof n=="string"){if(n.indexOf("-----BEGIN")!=-1){n={cert:n}}else{if(g(n)){n={hash:n}}else{throw new f("unsupported value: "+n)}}}if(o.alg!=undefined&&n.alg==undefined){n.alg=o.alg}if(o.hasis!=undefined&&n.hasis==undefined){n.hasis=o.hasis}var j=new a(n);k.push(j)}var l=new b({array:k});return[l]};if(h!=undefined){this.setByParam(h)}};extendClass(KJUR.asn1.cades.CompleteCertificateRefs,KJUR.asn1.cms.Attribute);KJUR.asn1.cades.OtherCertID=function(e){var a=KJUR,h=a.asn1,f=h.DERSequence,i=h.cms,g=i.IssuerSerial,c=h.cades,d=c.OtherHashValue,b=c.OtherHashAlgAndValue;c.OtherCertID.superclass.constructor.call(this);this.params=e;this.tohex=function(){var n=this.params;if(typeof n=="string"){if(n.indexOf("-----BEGIN")!=-1){n={cert:n}}else{if(_isHex(n)){n={hash:n}}}}var j=[];var m=null;if(n.alg!=undefined){m=new b(n)}else{m=new d(n)}j.push(m);if((n.cert!=undefined&&n.hasis==true)||(n.issuer!=undefined&&n.serial!=undefined)){var l=new g(n);j.push(l)}var k=new f({array:j});return k.tohex()};this.getEncodedHex=function(){return this.tohex()};if(e!=undefined){this.setByParam(e)}};extendClass(KJUR.asn1.cades.OtherCertID,KJUR.asn1.ASN1Object);KJUR.asn1.cades.OtherHash=function(g){var i=Error,a=KJUR,h=a.asn1,j=h.cms,c=h.cades,b=c.OtherHashAlgAndValue,e=c.OtherHashValue,d=a.crypto.Util.hashHex,f=a.lang.String.isHex;c.OtherHash.superclass.constructor.call(this);this.params=null;this.tohex=function(){var l=this.params;if(typeof l=="string"){if(l.indexOf("-----BEGIN")!=-1){l={cert:l}}else{if(f(l)){l={hash:l}}}}var k=null;if(l.alg!=undefined){k=new b(l)}else{k=new e(l)}return k.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!=undefined){this.setByParam(g)}};extendClass(KJUR.asn1.cades.OtherHash,KJUR.asn1.ASN1Object);KJUR.asn1.cades.CAdESUtil=new function(){};KJUR.asn1.cades.CAdESUtil.parseSignedDataForAddingUnsigned=function(a){var c=new KJUR.asn1.cms.CMSParser();var b=c.getCMSSignedData(a);return b};KJUR.asn1.cades.CAdESUtil.parseSignerInfoForAddingUnsigned=function(g,q,c){var p=ASN1HEX,s=p.getChildIdx,a=p.getTLV,l=p.getV,v=KJUR,h=v.asn1,n=h.ASN1Object,j=h.cms,k=j.AttributeList,w=j.SignerInfo;var o={};var t=s(g,q);if(t.length!=6){throw"not supported items for SignerInfo (!=6)"}var d=t.shift();o.version=a(g,d);var e=t.shift();o.si=a(g,e);var m=t.shift();o.digalg=a(g,m);var f=t.shift();o.sattrs=a(g,f);var i=t.shift();o.sigalg=a(g,i);var b=t.shift();o.sig=a(g,b);o.sigval=l(g,b);var u=null;o.obj=new w();u=new n();u.hTLV=o.version;o.obj.dCMSVersion=u;u=new n();u.hTLV=o.si;o.obj.dSignerIdentifier=u;u=new n();u.hTLV=o.digalg;o.obj.dDigestAlgorithm=u;u=new n();u.hTLV=o.sattrs;o.obj.dSignedAttrs=u;u=new n();u.hTLV=o.sigalg;o.obj.dSigAlg=u;u=new n();u.hTLV=o.sig;o.obj.dSig=u;o.obj.dUnsignedAttrs=new k();return o};
@@ -233,7 +233,7 @@ if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.crypto=="undefined"||
 var KEYUTIL=function(){var d=function(p,r,q){return k(CryptoJS.AES,p,r,q)};var e=function(p,r,q){return k(CryptoJS.TripleDES,p,r,q)};var a=function(p,r,q){return k(CryptoJS.DES,p,r,q)};var k=function(s,x,u,q){var r=CryptoJS.enc.Hex.parse(x);var w=CryptoJS.enc.Hex.parse(u);var p=CryptoJS.enc.Hex.parse(q);var t={};t.key=w;t.iv=p;t.ciphertext=r;var v=s.decrypt(t,w,{iv:p});return CryptoJS.enc.Hex.stringify(v)};var l=function(p,r,q){return g(CryptoJS.AES,p,r,q)};var o=function(p,r,q){return g(CryptoJS.TripleDES,p,r,q)};var f=function(p,r,q){return g(CryptoJS.DES,p,r,q)};var g=function(t,y,v,q){var s=CryptoJS.enc.Hex.parse(y);var x=CryptoJS.enc.Hex.parse(v);var p=CryptoJS.enc.Hex.parse(q);var w=t.encrypt(s,x,{iv:p});var r=CryptoJS.enc.Hex.parse(w.toString());var u=CryptoJS.enc.Base64.stringify(r);return u};var i={"AES-256-CBC":{proc:d,eproc:l,keylen:32,ivlen:16},"AES-192-CBC":{proc:d,eproc:l,keylen:24,ivlen:16},"AES-128-CBC":{proc:d,eproc:l,keylen:16,ivlen:16},"DES-EDE3-CBC":{proc:e,eproc:o,keylen:24,ivlen:8},"DES-CBC":{proc:a,eproc:f,keylen:8,ivlen:8}};var c=function(p){return i[p]["proc"]};var m=function(p){var r=CryptoJS.lib.WordArray.random(p);var q=CryptoJS.enc.Hex.stringify(r);return q};var n=function(v){var w={};var q=v.match(new RegExp("DEK-Info: ([^,]+),([0-9A-Fa-f]+)","m"));if(q){w.cipher=q[1];w.ivsalt=q[2]}var p=v.match(new RegExp("-----BEGIN ([A-Z]+) PRIVATE KEY-----"));if(p){w.type=p[1]}var u=-1;var x=0;if(v.indexOf("\r\n\r\n")!=-1){u=v.indexOf("\r\n\r\n");x=2}if(v.indexOf("\n\n")!=-1){u=v.indexOf("\n\n");x=1}var t=v.indexOf("-----END");if(u!=-1&&t!=-1){var r=v.substring(u+x*2,t-x);r=r.replace(/\s+/g,"");w.data=r}return w};var j=function(q,y,p){var v=p.substring(0,16);var t=CryptoJS.enc.Hex.parse(v);var r=CryptoJS.enc.Utf8.parse(y);var u=i[q]["keylen"]+i[q]["ivlen"];var x="";var w=null;for(;;){var s=CryptoJS.algo.MD5.create();if(w!=null){s.update(w)}s.update(r);s.update(t);w=s.finalize();x=x+CryptoJS.enc.Hex.stringify(w);if(x.length>=u*2){break}}var z={};z.keyhex=x.substr(0,i[q]["keylen"]*2);z.ivhex=x.substr(i[q]["keylen"]*2,i[q]["ivlen"]*2);return z};var b=function(p,v,r,w){var s=CryptoJS.enc.Base64.parse(p);var q=CryptoJS.enc.Hex.stringify(s);var u=i[v]["proc"];var t=u(q,r,w);return t};var h=function(p,s,q,u){var r=i[s]["eproc"];var t=r(p,q,u);return t};return{version:"1.0.0",parsePKCS5PEM:function(p){return n(p)},getKeyAndUnusedIvByPasscodeAndIvsalt:function(q,p,r){return j(q,p,r)},decryptKeyB64:function(p,r,q,s){return b(p,r,q,s)},getDecryptedKeyHex:function(y,x){var q=n(y);var t=q.type;var r=q.cipher;var p=q.ivsalt;var s=q.data;var w=j(r,x,p);var v=w.keyhex;var u=b(s,r,v,p);return u},getEncryptedPKCS5PEMFromPrvKeyHex:function(x,s,A,t,r){var p="";if(typeof t=="undefined"||t==null){t="AES-256-CBC"}if(typeof i[t]=="undefined"){throw new Error("KEYUTIL unsupported algorithm: "+t)}if(typeof r=="undefined"||r==null){var v=i[t]["ivlen"];var u=m(v);r=u.toUpperCase()}var z=j(t,A,r);var y=z.keyhex;var w=h(s,t,y,r);var q=w.replace(/(.{64})/g,"$1\r\n");var p="-----BEGIN "+x+" PRIVATE KEY-----\r\n";p+="Proc-Type: 4,ENCRYPTED\r\n";p+="DEK-Info: "+t+","+r+"\r\n";p+="\r\n";p+=q;p+="\r\n-----END "+x+" PRIVATE KEY-----\r\n";return p},parseHexOfEncryptedPKCS8:function(y){var B=ASN1HEX;var z=B.getChildIdx;var w=B.getV;var t={};var r=z(y,0);if(r.length!=2){throw new Error("malformed format: SEQUENCE(0).items != 2: "+r.length)}t.ciphertext=w(y,r[1]);var A=z(y,r[0]);if(A.length!=2){throw new Error("malformed format: SEQUENCE(0.0).items != 2: "+A.length)}if(w(y,A[0])!="2a864886f70d01050d"){throw new Error("this only supports pkcs5PBES2")}var p=z(y,A[1]);if(A.length!=2){throw new Error("malformed format: SEQUENCE(0.0.1).items != 2: "+p.length)}var q=z(y,p[1]);if(q.length!=2){throw new Error("malformed format: SEQUENCE(0.0.1.1).items != 2: "+q.length)}if(w(y,q[0])!="2a864886f70d0307"){throw"this only supports TripleDES"}t.encryptionSchemeAlg="TripleDES";t.encryptionSchemeIV=w(y,q[1]);var s=z(y,p[0]);if(s.length!=2){throw new Error("malformed format: SEQUENCE(0.0.1.0).items != 2: "+s.length)}if(w(y,s[0])!="2a864886f70d01050c"){throw new Error("this only supports pkcs5PBKDF2")}var x=z(y,s[1]);if(x.length<2){throw new Error("malformed format: SEQUENCE(0.0.1.0.1).items < 2: "+x.length)}t.pbkdf2Salt=w(y,x[0]);var u=w(y,x[1]);try{t.pbkdf2Iter=parseInt(u,16)}catch(v){throw new Error("malformed format pbkdf2Iter: "+u)}return t},getPBKDF2KeyHexFromParam:function(u,p){var t=CryptoJS.enc.Hex.parse(u.pbkdf2Salt);var q=u.pbkdf2Iter;var s=CryptoJS.PBKDF2(p,t,{keySize:192/32,iterations:q});var r=CryptoJS.enc.Hex.stringify(s);return r},_getPlainPKCS8HexFromEncryptedPKCS8PEM:function(x,y){var r=pemtohex(x,"ENCRYPTED PRIVATE KEY");var p=this.parseHexOfEncryptedPKCS8(r);var u=KEYUTIL.getPBKDF2KeyHexFromParam(p,y);var v={};v.ciphertext=CryptoJS.enc.Hex.parse(p.ciphertext);var t=CryptoJS.enc.Hex.parse(u);var s=CryptoJS.enc.Hex.parse(p.encryptionSchemeIV);var w=CryptoJS.TripleDES.decrypt(v,t,{iv:s});var q=CryptoJS.enc.Hex.stringify(w);return q},getKeyFromEncryptedPKCS8PEM:function(s,q){var p=this._getPlainPKCS8HexFromEncryptedPKCS8PEM(s,q);var r=this.getKeyFromPlainPrivatePKCS8Hex(p);return r},parsePlainPrivatePKCS8Hex:function(s){var v=ASN1HEX;var u=v.getChildIdx;var t=v.getV;var q={};q.algparam=null;if(s.substr(0,2)!="30"){throw new Error("malformed plain PKCS8 private key(code:001)")}var r=u(s,0);if(r.length<3){throw new Error("malformed plain PKCS8 private key(code:002)")}if(s.substr(r[1],2)!="30"){throw new Error("malformed PKCS8 private key(code:003)")}var p=u(s,r[1]);if(p.length!=2){throw new Error("malformed PKCS8 private key(code:004)")}if(s.substr(p[0],2)!="06"){throw new Error("malformed PKCS8 private key(code:005)")}q.algoid=t(s,p[0]);if(s.substr(p[1],2)=="06"){q.algparam=t(s,p[1])}if(s.substr(r[2],2)!="04"){throw new Error("malformed PKCS8 private key(code:006)")}q.keyidx=v.getVidx(s,r[2]);return q},getKeyFromPlainPrivatePKCS8PEM:function(q){var p=pemtohex(q,"PRIVATE KEY");var r=this.getKeyFromPlainPrivatePKCS8Hex(p);return r},getKeyFromPlainPrivatePKCS8Hex:function(p){var q=this.parsePlainPrivatePKCS8Hex(p);var r;if(q.algoid=="2a864886f70d010101"){r=new RSAKey()}else{if(q.algoid=="2a8648ce380401"){r=new KJUR.crypto.DSA()}else{if(q.algoid=="2a8648ce3d0201"){r=new KJUR.crypto.ECDSA()}else{throw new Error("unsupported private key algorithm")}}}r.readPKCS8PrvKeyHex(p);return r},_getKeyFromPublicPKCS8Hex:function(q){var p;var r=ASN1HEX.getVbyList(q,0,[0,0],"06");if(r==="2a864886f70d010101"){p=new RSAKey()}else{if(r==="2a8648ce380401"){p=new KJUR.crypto.DSA()}else{if(r==="2a8648ce3d0201"){p=new KJUR.crypto.ECDSA()}else{throw new Error("unsupported PKCS#8 public key hex")}}}p.readPKCS8PubKeyHex(q);return p},parsePublicRawRSAKeyHex:function(r){var u=ASN1HEX;var t=u.getChildIdx;var s=u.getV;var p={};if(r.substr(0,2)!="30"){throw new Error("malformed RSA key(code:001)")}var q=t(r,0);if(q.length!=2){throw new Error("malformed RSA key(code:002)")}if(r.substr(q[0],2)!="02"){throw new Error("malformed RSA key(code:003)")}p.n=s(r,q[0]);if(r.substr(q[1],2)!="02"){throw new Error("malformed RSA key(code:004)")}p.e=s(r,q[1]);return p},parsePublicPKCS8Hex:function(t){var v=ASN1HEX;var u=v.getChildIdx;var s=v.getV;var q={};q.algparam=null;var r=u(t,0);if(r.length!=2){throw new Error("outer DERSequence shall have 2 elements: "+r.length)}var w=r[0];if(t.substr(w,2)!="30"){throw new Error("malformed PKCS8 public key(code:001)")}var p=u(t,w);if(p.length!=2){throw new Error("malformed PKCS8 public key(code:002)")}if(t.substr(p[0],2)!="06"){throw new Error("malformed PKCS8 public key(code:003)")}q.algoid=s(t,p[0]);if(t.substr(p[1],2)=="06"){q.algparam=s(t,p[1])}else{if(t.substr(p[1],2)=="30"){q.algparam={};q.algparam.p=v.getVbyList(t,p[1],[0],"02");q.algparam.q=v.getVbyList(t,p[1],[1],"02");q.algparam.g=v.getVbyList(t,p[1],[2],"02")}}if(t.substr(r[1],2)!="03"){throw new Error("malformed PKCS8 public key(code:004)")}q.key=s(t,r[1]).substr(2);return q},}}();KEYUTIL.getKey=function(l,k,n){var G=ASN1HEX,L=G.getChildIdx,v=G.getV,d=G.getVbyList,c=KJUR.crypto,i=c.ECDSA,C=c.DSA,w=RSAKey,M=pemtohex,F=KEYUTIL;if(typeof w!="undefined"&&l instanceof w){return l}if(typeof i!="undefined"&&l instanceof i){return l}if(typeof C!="undefined"&&l instanceof C){return l}if(l.curve!==undefined&&l.xy!==undefined&&l.d===undefined){return new i({pub:l.xy,curve:l.curve})}if(l.curve!==undefined&&l.d!==undefined){return new i({prv:l.d,curve:l.curve})}if(l.kty===undefined&&l.n!==undefined&&l.e!==undefined&&l.d===undefined){var P=new w();P.setPublic(l.n,l.e);return P}if(l.kty===undefined&&l.n!==undefined&&l.e!==undefined&&l.d!==undefined&&l.p!==undefined&&l.q!==undefined&&l.dp!==undefined&&l.dq!==undefined&&l.co!==undefined&&l.qi===undefined){var P=new w();P.setPrivateEx(l.n,l.e,l.d,l.p,l.q,l.dp,l.dq,l.co);return P}if(l.kty===undefined&&l.n!==undefined&&l.e!==undefined&&l.d!==undefined&&l.p===undefined){var P=new w();P.setPrivate(l.n,l.e,l.d);return P}if(l.p!==undefined&&l.q!==undefined&&l.g!==undefined&&l.y!==undefined&&l.x===undefined){var P=new C();P.setPublic(l.p,l.q,l.g,l.y);return P}if(l.p!==undefined&&l.q!==undefined&&l.g!==undefined&&l.y!==undefined&&l.x!==undefined){var P=new C();P.setPrivate(l.p,l.q,l.g,l.y,l.x);return P}if(l.kty==="RSA"&&l.n!==undefined&&l.e!==undefined&&l.d===undefined){var P=new w();P.setPublic(b64utohex(l.n),b64utohex(l.e));return P}if(l.kty==="RSA"&&l.n!==undefined&&l.e!==undefined&&l.d!==undefined&&l.p!==undefined&&l.q!==undefined&&l.dp!==undefined&&l.dq!==undefined&&l.qi!==undefined){var P=new w();P.setPrivateEx(b64utohex(l.n),b64utohex(l.e),b64utohex(l.d),b64utohex(l.p),b64utohex(l.q),b64utohex(l.dp),b64utohex(l.dq),b64utohex(l.qi));return P}if(l.kty==="RSA"&&l.n!==undefined&&l.e!==undefined&&l.d!==undefined){var P=new w();P.setPrivate(b64utohex(l.n),b64utohex(l.e),b64utohex(l.d));return P}if(l.kty==="EC"&&l.crv!==undefined&&l.x!==undefined&&l.y!==undefined&&l.d===undefined){var j=new i({curve:l.crv});var t=j.ecparams.keycharlen;var B=("0000000000"+b64utohex(l.x)).slice(-t);var z=("0000000000"+b64utohex(l.y)).slice(-t);var u="04"+B+z;j.setPublicKeyHex(u);return j}if(l.kty==="EC"&&l.crv!==undefined&&l.x!==undefined&&l.y!==undefined&&l.d!==undefined){var j=new i({curve:l.crv});var t=j.ecparams.keycharlen;var B=("0000000000"+b64utohex(l.x)).slice(-t);var z=("0000000000"+b64utohex(l.y)).slice(-t);var u="04"+B+z;var b=("0000000000"+b64utohex(l.d)).slice(-t);j.setPublicKeyHex(u);j.setPrivateKeyHex(b);return j}if(n==="pkcs5prv"){var J=l,G=ASN1HEX,N,P;N=L(J,0);if(N.length===9){P=new w();P.readPKCS5PrvKeyHex(J)}else{if(N.length===6){P=new C();P.readPKCS5PrvKeyHex(J)}else{if(N.length>2&&J.substr(N[1],2)==="04"){P=new i();P.readPKCS5PrvKeyHex(J)}else{throw new Error("unsupported PKCS#1/5 hexadecimal key")}}}return P}if(n==="pkcs8prv"){var P=F.getKeyFromPlainPrivatePKCS8Hex(l);return P}if(n==="pkcs8pub"){return F._getKeyFromPublicPKCS8Hex(l)}if(n==="x509pub"){return X509.getPublicKeyFromCertHex(l)}if(l.indexOf("-END CERTIFICATE-",0)!=-1||l.indexOf("-END X509 CERTIFICATE-",0)!=-1||l.indexOf("-END TRUSTED CERTIFICATE-",0)!=-1){return X509.getPublicKeyFromCertPEM(l)}if(l.indexOf("-END PUBLIC KEY-")!=-1){var O=pemtohex(l,"PUBLIC KEY");return F._getKeyFromPublicPKCS8Hex(O)}if(l.indexOf("-END RSA PRIVATE KEY-")!=-1&&l.indexOf("4,ENCRYPTED")==-1){var m=M(l,"RSA PRIVATE KEY");return F.getKey(m,null,"pkcs5prv")}if(l.indexOf("-END DSA PRIVATE KEY-")!=-1&&l.indexOf("4,ENCRYPTED")==-1){var I=M(l,"DSA PRIVATE KEY");var E=d(I,0,[1],"02");var D=d(I,0,[2],"02");var K=d(I,0,[3],"02");var r=d(I,0,[4],"02");var s=d(I,0,[5],"02");var P=new C();P.setPrivate(new BigInteger(E,16),new BigInteger(D,16),new BigInteger(K,16),new BigInteger(r,16),new BigInteger(s,16));return P}if(l.indexOf("-END EC PRIVATE KEY-")!=-1&&l.indexOf("4,ENCRYPTED")==-1){var m=M(l,"EC PRIVATE KEY");return F.getKey(m,null,"pkcs5prv")}if(l.indexOf("-END PRIVATE KEY-")!=-1){return F.getKeyFromPlainPrivatePKCS8PEM(l)}if(l.indexOf("-END RSA PRIVATE KEY-")!=-1&&l.indexOf("4,ENCRYPTED")!=-1){var o=F.getDecryptedKeyHex(l,k);var H=new RSAKey();H.readPKCS5PrvKeyHex(o);return H}if(l.indexOf("-END EC PRIVATE KEY-")!=-1&&l.indexOf("4,ENCRYPTED")!=-1){var I=F.getDecryptedKeyHex(l,k);var P=d(I,0,[1],"04");var f=d(I,0,[2,0],"06");var A=d(I,0,[3,0],"03").substr(2);var e="";if(KJUR.crypto.OID.oidhex2name[f]!==undefined){e=KJUR.crypto.OID.oidhex2name[f]}else{throw new Error("undefined OID(hex) in KJUR.crypto.OID: "+f)}var j=new i({curve:e});j.setPublicKeyHex(A);j.setPrivateKeyHex(P);j.isPublic=false;return j}if(l.indexOf("-END DSA PRIVATE KEY-")!=-1&&l.indexOf("4,ENCRYPTED")!=-1){var I=F.getDecryptedKeyHex(l,k);var E=d(I,0,[1],"02");var D=d(I,0,[2],"02");var K=d(I,0,[3],"02");var r=d(I,0,[4],"02");var s=d(I,0,[5],"02");var P=new C();P.setPrivate(new BigInteger(E,16),new BigInteger(D,16),new BigInteger(K,16),new BigInteger(r,16),new BigInteger(s,16));return P}if(l.indexOf("-END ENCRYPTED PRIVATE KEY-")!=-1){return F.getKeyFromEncryptedPKCS8PEM(l,k)}throw new Error("not supported argument")};KEYUTIL.generateKeypair=function(a,c){if(a=="RSA"){var b=c;var h=new RSAKey();h.generate(b,"10001");h.isPrivate=true;h.isPublic=true;var f=new RSAKey();var e=h.n.toString(16);var i=h.e.toString(16);f.setPublic(e,i);f.isPrivate=false;f.isPublic=true;var k={};k.prvKeyObj=h;k.pubKeyObj=f;return k}else{if(a=="EC"){var d=c;var g=new KJUR.crypto.ECDSA({curve:d});var j=g.generateKeyPairHex();var h=new KJUR.crypto.ECDSA({curve:d});h.setPublicKeyHex(j.ecpubhex);h.setPrivateKeyHex(j.ecprvhex);h.isPrivate=true;h.isPublic=false;var f=new KJUR.crypto.ECDSA({curve:d});f.setPublicKeyHex(j.ecpubhex);f.isPrivate=false;f.isPublic=true;var k={};k.prvKeyObj=h;k.pubKeyObj=f;return k}else{throw new Error("unknown algorithm: "+a)}}};KEYUTIL.getPEM=function(b,D,y,m,q,j){var F=KJUR,k=F.asn1,z=k.DERObjectIdentifier,f=k.DERInteger,l=k.ASN1Util.newObject,a=k.x509,C=a.SubjectPublicKeyInfo,e=F.crypto,u=e.DSA,r=e.ECDSA,n=RSAKey;function A(s){var H=l({seq:[{"int":0},{"int":{bigint:s.n}},{"int":s.e},{"int":{bigint:s.d}},{"int":{bigint:s.p}},{"int":{bigint:s.q}},{"int":{bigint:s.dmp1}},{"int":{bigint:s.dmq1}},{"int":{bigint:s.coeff}}]});return H}function B(H){var s=l({seq:[{"int":1},{octstr:{hex:H.prvKeyHex}},{tag:["a0",true,{oid:{name:H.curveName}}]},{tag:["a1",true,{bitstr:{hex:"00"+H.pubKeyHex}}]}]});return s}function x(s){var H=l({seq:[{"int":0},{"int":{bigint:s.p}},{"int":{bigint:s.q}},{"int":{bigint:s.g}},{"int":{bigint:s.y}},{"int":{bigint:s.x}}]});return H}if(((n!==undefined&&b instanceof n)||(u!==undefined&&b instanceof u)||(r!==undefined&&b instanceof r))&&b.isPublic==true&&(D===undefined||D=="PKCS8PUB")){var E=new C(b);var w=E.tohex();return hextopem(w,"PUBLIC KEY")}if(D=="PKCS1PRV"&&n!==undefined&&b instanceof n&&(y===undefined||y==null)&&b.isPrivate==true){var E=A(b);var w=E.tohex();return hextopem(w,"RSA PRIVATE KEY")}if(D=="PKCS1PRV"&&r!==undefined&&b instanceof r&&(y===undefined||y==null)&&b.isPrivate==true){var i=new z({name:b.curveName});var v=i.tohex();var h=B(b);var t=h.tohex();var p="";p+=hextopem(v,"EC PARAMETERS");p+=hextopem(t,"EC PRIVATE KEY");return p}if(D=="PKCS1PRV"&&u!==undefined&&b instanceof u&&(y===undefined||y==null)&&b.isPrivate==true){var E=x(b);var w=E.tohex();return hextopem(w,"DSA PRIVATE KEY")}if(D=="PKCS5PRV"&&n!==undefined&&b instanceof n&&(y!==undefined&&y!=null)&&b.isPrivate==true){var E=A(b);var w=E.tohex();if(m===undefined){m="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA",w,y,m,j)}if(D=="PKCS5PRV"&&r!==undefined&&b instanceof r&&(y!==undefined&&y!=null)&&b.isPrivate==true){var E=B(b);var w=E.tohex();if(m===undefined){m="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("EC",w,y,m,j)}if(D=="PKCS5PRV"&&u!==undefined&&b instanceof u&&(y!==undefined&&y!=null)&&b.isPrivate==true){var E=x(b);var w=E.tohex();if(m===undefined){m="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("DSA",w,y,m,j)}var o=function(H,s){var J=c(H,s);var I=new l({seq:[{seq:[{oid:{name:"pkcs5PBES2"}},{seq:[{seq:[{oid:{name:"pkcs5PBKDF2"}},{seq:[{octstr:{hex:J.pbkdf2Salt}},{"int":J.pbkdf2Iter}]}]},{seq:[{oid:{name:"des-EDE3-CBC"}},{octstr:{hex:J.encryptionSchemeIV}}]}]}]},{octstr:{hex:J.ciphertext}}]});return I.tohex()};var c=function(O,P){var I=100;var N=CryptoJS.lib.WordArray.random(8);var M="DES-EDE3-CBC";var s=CryptoJS.lib.WordArray.random(8);var J=CryptoJS.PBKDF2(P,N,{keySize:192/32,iterations:I});var K=CryptoJS.enc.Hex.parse(O);var L=CryptoJS.TripleDES.encrypt(K,J,{iv:s})+"";var H={};H.ciphertext=L;H.pbkdf2Salt=CryptoJS.enc.Hex.stringify(N);H.pbkdf2Iter=I;H.encryptionSchemeAlg=M;H.encryptionSchemeIV=CryptoJS.enc.Hex.stringify(s);return H};if(D=="PKCS8PRV"&&n!=undefined&&b instanceof n&&b.isPrivate==true){var g=A(b);var d=g.tohex();var E=l({seq:[{"int":0},{seq:[{oid:{name:"rsaEncryption"}},{"null":true}]},{octstr:{hex:d}}]});var w=E.tohex();if(y===undefined||y==null){return hextopem(w,"PRIVATE KEY")}else{var t=o(w,y);return hextopem(t,"ENCRYPTED PRIVATE KEY")}}if(D=="PKCS8PRV"&&r!==undefined&&b instanceof r&&b.isPrivate==true){var G={seq:[{"int":1},{octstr:{hex:b.prvKeyHex}}]};if(typeof b.pubKeyHex=="string"){G.seq.push({tag:["a1",true,{bitstr:{hex:"00"+b.pubKeyHex}}]})}var g=new l(G);var d=g.tohex();var E=l({seq:[{"int":0},{seq:[{oid:{name:"ecPublicKey"}},{oid:{name:b.curveName}}]},{octstr:{hex:d}}]});var w=E.tohex();if(y===undefined||y==null){return hextopem(w,"PRIVATE KEY")}else{var t=o(w,y);return hextopem(t,"ENCRYPTED PRIVATE KEY")}}if(D=="PKCS8PRV"&&u!==undefined&&b instanceof u&&b.isPrivate==true){var g=new f({bigint:b.x});var d=g.tohex();var E=l({seq:[{"int":0},{seq:[{oid:{name:"dsa"}},{seq:[{"int":{bigint:b.p}},{"int":{bigint:b.q}},{"int":{bigint:b.g}}]}]},{octstr:{hex:d}}]});var w=E.tohex();if(y===undefined||y==null){return hextopem(w,"PRIVATE KEY")}else{var t=o(w,y);return hextopem(t,"ENCRYPTED PRIVATE KEY")}}throw new Error("unsupported object nor format")};KEYUTIL.getKeyFromCSRPEM=function(b){var a=pemtohex(b,"CERTIFICATE REQUEST");var c=KEYUTIL.getKeyFromCSRHex(a);return c};KEYUTIL.getKeyFromCSRHex=function(a){var c=KEYUTIL.parseCSRHex(a);var b=KEYUTIL.getKey(c.p8pubkeyhex,null,"pkcs8pub");return b};KEYUTIL.parseCSRHex=function(d){var i=ASN1HEX;var f=i.getChildIdx;var c=i.getTLV;var b={};var g=d;if(g.substr(0,2)!="30"){throw new Error("malformed CSR(code:001)")}var e=f(g,0);if(e.length<1){throw new Error("malformed CSR(code:002)")}if(g.substr(e[0],2)!="30"){throw new Error("malformed CSR(code:003)")}var a=f(g,e[0]);if(a.length<3){throw new Error("malformed CSR(code:004)")}b.p8pubkeyhex=c(g,a[2]);return b};KEYUTIL.getKeyID=function(f){var c=KEYUTIL;var e=ASN1HEX;if(typeof f==="string"&&f.indexOf("BEGIN ")!=-1){f=c.getKey(f)}var d=pemtohex(c.getPEM(f));var b=e.getIdxbyList(d,0,[1]);var a=e.getV(d,b).substring(2);return KJUR.crypto.Util.hashHex(a,"sha1")};KEYUTIL.getJWK=function(d,h,g,b,f){var i;var k={};var e;var c=KJUR.crypto.Util.hashHex;if(typeof d=="string"){i=KEYUTIL.getKey(d);if(d.indexOf("CERTIFICATE")!=-1){e=pemtohex(d)}}else{if(typeof d=="object"){if(d instanceof X509){i=d.getPublicKey();e=d.hex}else{i=d}}else{throw new Error("unsupported keyinfo type")}}if(i instanceof RSAKey&&i.isPrivate){k.kty="RSA";k.n=hextob64u(i.n.toString(16));k.e=hextob64u(i.e.toString(16));k.d=hextob64u(i.d.toString(16));k.p=hextob64u(i.p.toString(16));k.q=hextob64u(i.q.toString(16));k.dp=hextob64u(i.dmp1.toString(16));k.dq=hextob64u(i.dmq1.toString(16));k.qi=hextob64u(i.coeff.toString(16))}else{if(i instanceof RSAKey&&i.isPublic){k.kty="RSA";k.n=hextob64u(i.n.toString(16));k.e=hextob64u(i.e.toString(16))}else{if(i instanceof KJUR.crypto.ECDSA&&i.isPrivate){var a=i.getShortNISTPCurveName();if(a!=="P-256"&&a!=="P-384"&&a!=="P-521"){throw new Error("unsupported curve name for JWT: "+a)}var j=i.getPublicKeyXYHex();k.kty="EC";k.crv=a;k.x=hextob64u(j.x);k.y=hextob64u(j.y);k.d=hextob64u(i.prvKeyHex)}else{if(i instanceof KJUR.crypto.ECDSA&&i.isPublic){var a=i.getShortNISTPCurveName();if(a!=="P-256"&&a!=="P-384"&&a!=="P-521"){throw new Error("unsupported curve name for JWT: "+a)}var j=i.getPublicKeyXYHex();k.kty="EC";k.crv=a;k.x=hextob64u(j.x);k.y=hextob64u(j.y)}}}}if(k.kty==undefined){throw new Error("unsupported keyinfo")}if((!i.isPrivate)&&h!=true){k.kid=KJUR.jws.JWS.getJWKthumbprint(k)}if(e!=undefined&&g!=true){k.x5c=[hex2b64(e)]}if(e!=undefined&&b!=true){k.x5t=b64tob64u(hex2b64(c(e,"sha1")))}if(e!=undefined&&f!=true){k["x5t#S256"]=b64tob64u(hex2b64(c(e,"sha256")))}return k};KEYUTIL.getJWKFromKey=function(a){return KEYUTIL.getJWK(a,true,true,true,true)};
 RSAKey.getPosArrayOfChildrenFromHex=function(a){return ASN1HEX.getChildIdx(a,0)};RSAKey.getHexValueArrayOfChildrenFromHex=function(f){var n=ASN1HEX;var i=n.getV;var k=RSAKey.getPosArrayOfChildrenFromHex(f);var e=i(f,k[0]);var j=i(f,k[1]);var b=i(f,k[2]);var c=i(f,k[3]);var h=i(f,k[4]);var g=i(f,k[5]);var m=i(f,k[6]);var l=i(f,k[7]);var d=i(f,k[8]);var k=new Array();k.push(e,j,b,c,h,g,m,l,d);return k};RSAKey.prototype.readPrivateKeyFromPEMString=function(d){var c=pemtohex(d);var b=RSAKey.getHexValueArrayOfChildrenFromHex(c);this.setPrivateEx(b[1],b[2],b[3],b[4],b[5],b[6],b[7],b[8])};RSAKey.prototype.readPKCS5PrvKeyHex=function(c){var b=RSAKey.getHexValueArrayOfChildrenFromHex(c);this.setPrivateEx(b[1],b[2],b[3],b[4],b[5],b[6],b[7],b[8])};RSAKey.prototype.readPKCS8PrvKeyHex=function(e){var c,i,k,b,a,f,d,j;var m=ASN1HEX;var l=m.getVbyListEx;if(m.isASN1HEX(e)===false){throw new Error("not ASN.1 hex string")}try{c=l(e,0,[2,0,1],"02");i=l(e,0,[2,0,2],"02");k=l(e,0,[2,0,3],"02");b=l(e,0,[2,0,4],"02");a=l(e,0,[2,0,5],"02");f=l(e,0,[2,0,6],"02");d=l(e,0,[2,0,7],"02");j=l(e,0,[2,0,8],"02")}catch(g){throw new Error("malformed PKCS#8 plain RSA private key")}this.setPrivateEx(c,i,k,b,a,f,d,j)};RSAKey.prototype.readPKCS5PubKeyHex=function(c){var e=ASN1HEX;var b=e.getV;if(e.isASN1HEX(c)===false){throw new Error("keyHex is not ASN.1 hex string")}var a=e.getChildIdx(c,0);if(a.length!==2||c.substr(a[0],2)!=="02"||c.substr(a[1],2)!=="02"){throw new Error("wrong hex for PKCS#5 public key")}var f=b(c,a[0]);var d=b(c,a[1]);this.setPublic(f,d)};RSAKey.prototype.readPKCS8PubKeyHex=function(b){var c=ASN1HEX;if(c.isASN1HEX(b)===false){throw new Error("not ASN.1 hex string")}if(c.getTLVbyListEx(b,0,[0,0])!=="06092a864886f70d010101"){throw new Error("not PKCS8 RSA public key")}var a=c.getTLVbyListEx(b,0,[1,0]);this.readPKCS5PubKeyHex(a)};RSAKey.prototype.readCertPubKeyHex=function(b,d){var a,c;a=new X509();a.readCertHex(b);c=a.getPublicKeyHex();this.readPKCS8PubKeyHex(c)};
 var _RE_HEXDECONLY=new RegExp("[^0-9a-f]","gi");function _rsasign_getHexPaddedDigestInfoForString(d,e,a){var b=function(f){return KJUR.crypto.Util.hashString(f,a)};var c=b(d);return KJUR.crypto.Util.getPaddedDigestInfoHex(c,a,e)}function _zeroPaddingOfSignature(e,d){var c="";var a=d/4-e.length;for(var b=0;b<a;b++){c=c+"0"}return c+e}RSAKey.prototype.sign=function(d,a){var b=function(e){return KJUR.crypto.Util.hashString(e,a)};var c=b(d);return this.signWithMessageHash(c,a)};RSAKey.prototype.signWithMessageHash=function(e,c){var f=KJUR.crypto.Util.getPaddedDigestInfoHex(e,c,this.n.bitLength());var b=parseBigInt(f,16);var d=this.doPrivate(b);var a=d.toString(16);return _zeroPaddingOfSignature(a,this.n.bitLength())};function pss_mgf1_str(c,a,e){var b="",d=0;while(b.length<a){b+=hextorstr(e(rstrtohex(c+String.fromCharCode.apply(String,[(d&4278190080)>>24,(d&16711680)>>16,(d&65280)>>8,d&255]))));d+=1}return b}RSAKey.prototype.signPSS=function(e,a,d){var c=function(f){return KJUR.crypto.Util.hashHex(f,a)};var b=c(rstrtohex(e));if(d===undefined){d=-1}return this.signWithMessageHashPSS(b,a,d)};RSAKey.prototype.signWithMessageHashPSS=function(l,a,k){var b=hextorstr(l);var g=b.length;var m=this.n.bitLength()-1;var c=Math.ceil(m/8);var d;var o=function(i){return KJUR.crypto.Util.hashHex(i,a)};if(k===-1||k===undefined){k=g}else{if(k===-2){k=c-g-2}else{if(k<-2){throw new Error("invalid salt length")}}}if(c<(g+k+2)){throw new Error("data too long")}var f="";if(k>0){f=new Array(k);new SecureRandom().nextBytes(f);f=String.fromCharCode.apply(String,f)}var n=hextorstr(o(rstrtohex("\x00\x00\x00\x00\x00\x00\x00\x00"+b+f)));var j=[];for(d=0;d<c-k-g-2;d+=1){j[d]=0}var e=String.fromCharCode.apply(String,j)+"\x01"+f;var h=pss_mgf1_str(n,e.length,o);var q=[];for(d=0;d<e.length;d+=1){q[d]=e.charCodeAt(d)^h.charCodeAt(d)}var p=(65280>>(8*c-m))&255;q[0]&=~p;for(d=0;d<g;d++){q.push(n.charCodeAt(d))}q.push(188);return _zeroPaddingOfSignature(this.doPrivate(new BigInteger(q)).toString(16),this.n.bitLength())};function _rsasign_getDecryptSignatureBI(a,d,c){var b=new RSAKey();b.setPublic(d,c);var e=b.doPublic(a);return e}function _rsasign_getHexDigestInfoFromSig(a,c,b){var e=_rsasign_getDecryptSignatureBI(a,c,b);var d=e.toString(16).replace(/^1f+00/,"");return d}function _rsasign_getAlgNameAndHashFromHexDisgestInfo(f){for(var e in KJUR.crypto.Util.DIGESTINFOHEAD){var d=KJUR.crypto.Util.DIGESTINFOHEAD[e];var b=d.length;if(f.substring(0,b)==d){var c=[e,f.substring(b)];return c}}return[]}RSAKey.prototype.verify=function(f,l){l=l.toLowerCase();if(l.match(/^[0-9a-f]+$/)==null){return false}var b=parseBigInt(l,16);var k=this.n.bitLength();if(b.bitLength()>k){return false}var j=this.doPublic(b);var i=j.toString(16);if(i.length+3!=k/4){return false}var e=i.replace(/^1f+00/,"");var g=_rsasign_getAlgNameAndHashFromHexDisgestInfo(e);if(g.length==0){return false}var d=g[0];var h=g[1];var a=function(m){return KJUR.crypto.Util.hashString(m,d)};var c=a(f);return(h==c)};RSAKey.prototype.verifyWithMessageHash=function(e,a){if(a.length!=Math.ceil(this.n.bitLength()/4)){return false}var b=parseBigInt(a,16);if(b.bitLength()>this.n.bitLength()){return 0}var h=this.doPublic(b);var g=h.toString(16).replace(/^1f+00/,"");var c=_rsasign_getAlgNameAndHashFromHexDisgestInfo(g);if(c.length==0){return false}var d=c[0];var f=c[1];return(f==e)};RSAKey.prototype.verifyPSS=function(c,b,a,f){var e=function(g){return KJUR.crypto.Util.hashHex(g,a)};var d=e(rstrtohex(c));if(f===undefined){f=-1}return this.verifyWithMessageHashPSS(d,b,a,f)};RSAKey.prototype.verifyWithMessageHashPSS=function(f,s,l,c){if(s.length!=Math.ceil(this.n.bitLength()/4)){return false}var k=new BigInteger(s,16);var r=function(i){return KJUR.crypto.Util.hashHex(i,l)};var j=hextorstr(f);var h=j.length;var g=this.n.bitLength()-1;var m=Math.ceil(g/8);var q;if(c===-1||c===undefined){c=h}else{if(c===-2){c=m-h-2}else{if(c<-2){throw new Error("invalid salt length")}}}if(m<(h+c+2)){throw new Error("data too long")}var a=this.doPublic(k).toByteArray();for(q=0;q<a.length;q+=1){a[q]&=255}while(a.length<m){a.unshift(0)}if(a[m-1]!==188){throw new Error("encoded message does not end in 0xbc")}a=String.fromCharCode.apply(String,a);var d=a.substr(0,m-h-1);var e=a.substr(d.length,h);var p=(65280>>(8*m-g))&255;if((d.charCodeAt(0)&p)!==0){throw new Error("bits beyond keysize not zero")}var n=pss_mgf1_str(e,d.length,r);var o=[];for(q=0;q<d.length;q+=1){o[q]=d.charCodeAt(q)^n.charCodeAt(q)}o[0]&=~p;var b=m-h-c-2;for(q=0;q<b;q+=1){if(o[q]!==0){throw new Error("leftmost octets not zero")}}if(o[b]!==1){throw new Error("0x01 marker not found")}return e===hextorstr(r(rstrtohex("\x00\x00\x00\x00\x00\x00\x00\x00"+j+String.fromCharCode.apply(String,o.slice(-c)))))};RSAKey.SALT_LEN_HLEN=-1;RSAKey.SALT_LEN_MAX=-2;RSAKey.SALT_LEN_RECOVER=-2;
-function X509(u){var n=ASN1HEX,r=n.getChildIdx,k=n.getV,x=n.dump,j=n.parse,b=n.getTLV,c=n.getVbyList,o=n.getVbyListEx,a=n.getTLVbyList,p=n.getTLVbyListEx,l=n.getIdxbyList,f=n.getIdxbyListEx,m=n.getVidx,w=n.getInt,t=n.oidname,q=n.hextooidstr,d=X509,v=pemtohex,g;try{g=KJUR.asn1.x509.AlgorithmIdentifier.PSSNAME2ASN1TLV}catch(s){}this.HEX2STAG={"0c":"utf8","13":"prn","16":"ia5","1a":"vis","1e":"bmp"};this.hex=null;this.version=0;this.foffset=0;this.aExtInfo=null;this.getVersion=function(){if(this.hex===null||this.version!==0){return this.version}var z=a(this.hex,0,[0,0]);if(z.substr(0,2)=="a0"){var A=a(z,0,[0]);var y=w(A,0);if(y<0||2<y){throw new Error("malformed version field")}this.version=y+1;return this.version}else{this.version=1;this.foffset=-1;return 1}};this.getSerialNumberHex=function(){return o(this.hex,0,[0,0],"02")};this.getSignatureAlgorithmField=function(){var y=p(this.hex,0,[0,1]);return this.getAlgorithmIdentifierName(y)};this.getAlgorithmIdentifierName=function(y){for(var z in g){if(y===g[z]){return z}}return t(o(y,0,[0],"06"))};this.getIssuer=function(){return this.getX500Name(this.getIssuerHex())};this.getIssuerHex=function(){return a(this.hex,0,[0,3+this.foffset],"30")};this.getIssuerString=function(){var y=this.getIssuer();return y.str};this.getSubject=function(){return this.getX500Name(this.getSubjectHex())};this.getSubjectHex=function(){return a(this.hex,0,[0,5+this.foffset],"30")};this.getSubjectString=function(){var y=this.getSubject();return y.str};this.getNotBefore=function(){var y=c(this.hex,0,[0,4+this.foffset,0]);y=y.replace(/(..)/g,"%$1");y=decodeURIComponent(y);return y};this.getNotAfter=function(){var y=c(this.hex,0,[0,4+this.foffset,1]);y=y.replace(/(..)/g,"%$1");y=decodeURIComponent(y);return y};this.getPublicKeyHex=function(){return this.getSPKI()};this.getSPKI=function(){return a(this.hex,0,[0,6+this.foffset],"30")};this.getSPKIValue=function(){var y=this.getSPKI();if(y==null){return null}return c(y,0,[1],"03",true)};this.getPublicKeyIdx=function(){return l(this.hex,0,[0,6+this.foffset],"30")};this.getPublicKeyContentIdx=function(){var y=this.getPublicKeyIdx();return l(this.hex,y,[1,0],"30")};this.getPublicKey=function(){return KEYUTIL.getKey(this.getPublicKeyHex(),null,"pkcs8pub")};this.getSignatureAlgorithmName=function(){var y=a(this.hex,0,[1],"30");return this.getAlgorithmIdentifierName(y)};this.getSignatureValueHex=function(){return c(this.hex,0,[2],"03",true)};this.verifySignature=function(A){var B=this.getSignatureAlgorithmField();var y=this.getSignatureValueHex();var z=a(this.hex,0,[0],"30");var C=new KJUR.crypto.Signature({alg:B});C.init(A);C.updateHex(z);return C.verify(y)};this.parseExt=function(H){var A,y,C;if(H===undefined){C=this.hex;if(this.version!==3){return -1}A=l(C,0,[0,7,0],"30");y=r(C,A)}else{C=pemtohex(H);var D=l(C,0,[0,3,0,0],"06");if(k(C,D)!="2a864886f70d01090e"){this.aExtInfo=new Array();return}A=l(C,0,[0,3,0,1,0],"30");y=r(C,A);this.hex=C}this.aExtInfo=new Array();for(var B=0;B<y.length;B++){var F={};F.critical=false;var E=r(C,y[B]);var z=0;if(E.length===3){F.critical=true;z=1}F.oid=n.hextooidstr(c(C,y[B],[0],"06"));var G=l(C,y[B],[1+z]);F.vidx=m(C,G);this.aExtInfo.push(F)}};this.getExtInfo=function(A){var y=this.aExtInfo;var B=A;if(!A.match(/^[0-9.]+$/)){B=KJUR.asn1.x509.OID.name2oid(A)}if(B===""){return undefined}for(var z=0;z<y.length;z++){if(y[z].oid===B){return y[z]}}return undefined};this.getExtBasicConstraints=function(z,D){if(z===undefined&&D===undefined){var B=this.getExtInfo("basicConstraints");if(B===undefined){return undefined}z=b(this.hex,B.vidx);D=B.critical}var y={extname:"basicConstraints"};if(D){y.critical=true}if(z==="3000"){return y}if(z==="30030101ff"){y.cA=true;return y}if(z.substr(0,12)==="30060101ff02"){var C=k(z,10);var A=parseInt(C,16);y.cA=true;y.pathLen=A;return y}throw new Error("hExtV parse error: "+z)};this.getExtNameConstraints=function(H,F){if(H===undefined&&F===undefined){var z=this.getExtInfo("nameConstraints");if(z===undefined){return undefined}H=b(this.hex,z.vidx);F=z.critical}var J={extname:"nameConstraints"};if(F){J.critical=true}var E=r(H,0);for(var C=0;C<E.length;C++){var D=[];var A=r(H,E[C]);for(var B=0;B<A.length;B++){var G=b(H,A[B]);var y=this.getGeneralSubtree(G);D.push(y)}var I=H.substr(E[C],2);if(I=="a0"){J.permit=D}else{if(I=="a1"){J.exclude=D}}}return J};this.getGeneralSubtree=function(E){var C=r(E,0);var B=C.length;if(B<1||2<B){throw new Error("wrong num elements")}var A=this.getGeneralName(b(E,C[0]));for(var D=1;D<B;D++){var z=E.substr(C[D],2);var y=k(E,C[D]);var F=parseInt(y,16);if(z=="80"){A.min=F}if(z=="81"){A.max=F}}return A};this.getExtKeyUsage=function(z,B){if(z===undefined&&B===undefined){var A=this.getExtInfo("keyUsage");if(A===undefined){return undefined}z=b(this.hex,A.vidx);B=A.critical}var y={extname:"keyUsage"};if(B){y.critical=true}y.names=this.getExtKeyUsageString(z).split(",");return y};this.getExtKeyUsageBin=function(z){if(z===undefined){var A=this.getExtInfo("keyUsage");if(A===undefined){return""}z=b(this.hex,A.vidx)}if(z.length!=8&&z.length!=10){throw new Error("malformed key usage value: "+z)}var y="000000000000000"+parseInt(z.substr(6),16).toString(2);if(z.length==8){y=y.slice(-8)}if(z.length==10){y=y.slice(-16)}y=y.replace(/0+$/,"");if(y==""){y="0"}return y};this.getExtKeyUsageString=function(A){var B=this.getExtKeyUsageBin(A);var y=new Array();for(var z=0;z<B.length;z++){if(B.substr(z,1)=="1"){y.push(X509.KEYUSAGE_NAME[z])}}return y.join(",")};this.getExtSubjectKeyIdentifier=function(A,C){if(A===undefined&&C===undefined){var B=this.getExtInfo("subjectKeyIdentifier");if(B===undefined){return undefined}A=b(this.hex,B.vidx);C=B.critical}var y={extname:"subjectKeyIdentifier"};if(C){y.critical=true}var z=k(A,0);y.kid={hex:z};return y};this.getExtAuthorityKeyIdentifier=function(E,C){if(E===undefined&&C===undefined){var y=this.getExtInfo("authorityKeyIdentifier");if(y===undefined){return undefined}E=b(this.hex,y.vidx);C=y.critical}var F={extname:"authorityKeyIdentifier"};if(C){F.critical=true}var D=r(E,0);for(var z=0;z<D.length;z++){var G=E.substr(D[z],2);if(G==="80"){F.kid={hex:k(E,D[z])}}if(G==="a1"){var B=b(E,D[z]);var A=this.getGeneralNames(B);F.issuer=A[0]["dn"]}if(G==="82"){F.sn={hex:k(E,D[z])}}}return F};this.getExtExtKeyUsage=function(B,D){if(B===undefined&&D===undefined){var C=this.getExtInfo("extKeyUsage");if(C===undefined){return undefined}B=b(this.hex,C.vidx);D=C.critical}var y={extname:"extKeyUsage",array:[]};if(D){y.critical=true}var z=r(B,0);for(var A=0;A<z.length;A++){y.array.push(t(k(B,z[A])))}return y};this.getExtExtKeyUsageName=function(){var C=this.getExtInfo("extKeyUsage");if(C===undefined){return C}var y=new Array();var B=b(this.hex,C.vidx);if(B===""){return y}var z=r(B,0);for(var A=0;A<z.length;A++){y.push(t(k(B,z[A])))}return y};this.getExtSubjectAltName=function(z,B){if(z===undefined&&B===undefined){var A=this.getExtInfo("subjectAltName");if(A===undefined){return undefined}z=b(this.hex,A.vidx);B=A.critical}var y={extname:"subjectAltName",array:[]};if(B){y.critical=true}y.array=this.getGeneralNames(z);return y};this.getExtIssuerAltName=function(z,B){if(z===undefined&&B===undefined){var A=this.getExtInfo("issuerAltName");if(A===undefined){return undefined}z=b(this.hex,A.vidx);B=A.critical}var y={extname:"issuerAltName",array:[]};if(B){y.critical=true}y.array=this.getGeneralNames(z);return y};this.getGeneralNames=function(C){var A=r(C,0);var y=[];for(var B=0;B<A.length;B++){var z=this.getGeneralName(b(C,A[B]));if(z!==undefined){y.push(z)}}return y};this.getGeneralName=function(z){var y=z.substr(0,2);var B=k(z,0);var A=hextorstr(B);if(y=="81"){return{rfc822:A}}if(y=="82"){return{dns:A}}if(y=="86"){return{uri:A}}if(y=="87"){return{ip:hextoip(B)}}if(y=="a4"){return{dn:this.getX500Name(B)}}if(y=="a0"){return{other:this.getOtherName(z)}}return undefined};this.getExtSubjectAltName2=function(){var C,F,E;var D=this.getExtInfo("subjectAltName");if(D===undefined){return D}var y=new Array();var B=b(this.hex,D.vidx);var z=r(B,0);for(var A=0;A<z.length;A++){E=B.substr(z[A],2);C=k(B,z[A]);if(E==="81"){F=hextoutf8(C);y.push(["MAIL",F])}if(E==="82"){F=hextoutf8(C);y.push(["DNS",F])}if(E==="84"){F=X509.hex2dn(C,0);y.push(["DN",F])}if(E==="86"){F=hextoutf8(C);y.push(["URI",F])}if(E==="87"){F=hextoip(C);y.push(["IP",F])}}return y};this.getExtCRLDistributionPoints=function(C,E){if(C===undefined&&E===undefined){var D=this.getExtInfo("cRLDistributionPoints");if(D===undefined){return undefined}C=b(this.hex,D.vidx);E=D.critical}var z={extname:"cRLDistributionPoints",array:[]};if(E){z.critical=true}var A=r(C,0);for(var B=0;B<A.length;B++){var y=b(C,A[B]);z.array.push(this.getDistributionPoint(y))}return z};this.getDistributionPoint=function(D){var A={};var B=r(D,0);for(var C=0;C<B.length;C++){var z=D.substr(B[C],2);var y=b(D,B[C]);if(z=="a0"){A.dpname=this.getDistributionPointName(y)}}return A};this.getDistributionPointName=function(D){var A={};var B=r(D,0);for(var C=0;C<B.length;C++){var z=D.substr(B[C],2);var y=b(D,B[C]);if(z=="a0"){A.full=this.getGeneralNames(y)}}return A};this.getExtCRLDistributionPointsURI=function(){var C=this.getExtCRLDistributionPoints();if(C==undefined){return C}var z=C.array;var y=[];for(var B=0;B<z.length;B++){try{if(z[B].dpname.full[0].uri!=undefined){y.push(z[B].dpname.full[0].uri)}}catch(A){}}return y};this.getExtAIAInfo=function(){var C=this.getExtInfo("authorityInfoAccess");if(C===undefined){return C}var y={ocsp:[],caissuer:[]};var z=r(this.hex,C.vidx);for(var A=0;A<z.length;A++){var D=c(this.hex,z[A],[0],"06");var B=c(this.hex,z[A],[1],"86");if(D==="2b06010505073001"){y.ocsp.push(hextoutf8(B))}if(D==="2b06010505073002"){y.caissuer.push(hextoutf8(B))}}return y};this.getExtAuthorityInfoAccess=function(F,D){if(F===undefined&&D===undefined){var y=this.getExtInfo("authorityInfoAccess");if(y===undefined){return undefined}F=b(this.hex,y.vidx);D=y.critical}var G={extname:"authorityInfoAccess",array:[]};if(D){G.critical=true}var E=r(F,0);for(var z=0;z<E.length;z++){var C=o(F,E[z],[0],"06");var A=c(F,E[z],[1],"86");var B=hextoutf8(A);if(C=="2b06010505073001"){G.array.push({ocsp:B})}else{if(C=="2b06010505073002"){G.array.push({caissuer:B})}else{throw new Error("unknown method: "+C)}}}return G};this.getExtCertificatePolicies=function(C,F){if(C===undefined&&F===undefined){var E=this.getExtInfo("certificatePolicies");if(E===undefined){return undefined}C=b(this.hex,E.vidx);F=E.critical}var y={extname:"certificatePolicies",array:[]};if(F){y.critical=true}var z=r(C,0);for(var A=0;A<z.length;A++){var D=b(C,z[A]);var B=this.getPolicyInformation(D);y.array.push(B)}return y};this.getPolicyInformation=function(C){var y={};var E=c(C,0,[0],"06");y.policyoid=t(E);var F=f(C,0,[1],"30");if(F!=-1){y.array=[];var z=r(C,F);for(var A=0;A<z.length;A++){var D=b(C,z[A]);var B=this.getPolicyQualifierInfo(D);y.array.push(B)}}return y};this.getOtherName=function(A){var y={};var z=r(A,0);var C=c(A,z[0],[],"06");var B=c(A,z[1],[]);y.oid=KJUR.asn1.ASN1Util.oidHexToInt(C);y.obj=j(B);return y};this.getPolicyQualifierInfo=function(z){var y={};var A=c(z,0,[0],"06");if(A==="2b06010505070201"){var C=o(z,0,[1],"16");y.cps=hextorstr(C)}else{if(A==="2b06010505070202"){var B=a(z,0,[1],"30");y.unotice=this.getUserNotice(B)}}return y};this.getUserNotice=function(C){var z={};var A=r(C,0);for(var B=0;B<A.length;B++){var y=b(C,A[B]);if(y.substr(0,2)!="30"){z.exptext=this.getDisplayText(y)}}return z};this.getDisplayText=function(z){var A={"0c":"utf8","16":"ia5","1a":"vis","1e":"bmp"};var y={};y.type=A[z.substr(0,2)];y.str=hextorstr(k(z,0));return y};this.getExtCRLNumber=function(z,A){var y={extname:"cRLNumber"};if(A){y.critical=true}if(z.substr(0,2)=="02"){y.num={hex:k(z,0)};return y}throw new Error("hExtV parse error: "+z)};this.getExtCRLReason=function(z,A){var y={extname:"cRLReason"};if(A){y.critical=true}if(z.substr(0,2)=="0a"){y.code=parseInt(k(z,0),16);return y}throw new Error("hExtV parse error: "+z)};this.getExtOcspNonce=function(z,B){var y={extname:"ocspNonce"};if(B){y.critical=true}var A=k(z,0);y.hex=A;return y};this.getExtOcspNoCheck=function(z,A){var y={extname:"ocspNoCheck"};if(A){y.critical=true}return y};this.getExtAdobeTimeStamp=function(B,E){if(B===undefined&&E===undefined){var D=this.getExtInfo("adobeTimeStamp");if(D===undefined){return undefined}B=b(this.hex,D.vidx);E=D.critical}var y={extname:"adobeTimeStamp"};if(E){y.critical=true}var A=r(B,0);if(A.length>1){var F=b(B,A[1]);var z=this.getGeneralName(F);if(z.uri!=undefined){y.uri=z.uri}}if(A.length>2){var C=b(B,A[2]);if(C=="0101ff"){y.reqauth=true}if(C=="010100"){y.reqauth=false}}return y};var e=function(D){var y={};try{var A=D.seq[0].oid;var C=KJUR.asn1.x509.OID.name2oid(A);y.type=KJUR.asn1.x509.OID.oid2atype(C);var z=D.seq[1];if(z.utf8str!=undefined){y.ds="utf8";y.value=z.utf8str.str}else{if(z.numstr!=undefined){y.ds="num";y.value=z.numstr.str}else{if(z.telstr!=undefined){y.ds="tel";y.value=z.telstr.str}else{if(z.prnstr!=undefined){y.ds="prn";y.value=z.prnstr.str}else{if(z.ia5str!=undefined){y.ds="ia5";y.value=z.ia5str.str}else{if(z.visstr!=undefined){y.ds="vis";y.value=z.visstr.str}else{if(z.bmpstr!=undefined){y.ds="bmp";y.value=z.bmpstr.str}else{throw"error"}}}}}}}return y}catch(B){throw new Erorr("improper ASN.1 parsed AttrTypeAndValue")}};var i=function(z){try{return z.set.map(function(A){return e(A)})}catch(y){throw new Error("improper ASN.1 parsed RDN: "+y)}};var h=function(z){try{return z.seq.map(function(A){return i(A)})}catch(y){throw new Error("improper ASN.1 parsed X500Name: "+y)}};this.getX500NameRule=function(y){var F=true;var J=true;var I=false;var z="";var C="";var L=null;var G=[];for(var B=0;B<y.length;B++){var D=y[B];for(var A=0;A<D.length;A++){G.push(D[A])}}for(var B=0;B<G.length;B++){var K=G[B];var M=K.ds;var H=K.value;var E=K.type;z+=":"+M;if(M!="prn"&&M!="utf8"&&M!="ia5"){return"mixed"}if(M=="ia5"){if(E!="CN"){return"mixed"}else{if(!KJUR.lang.String.isMail(H)){return"mixed"}else{continue}}}if(E=="C"){if(M=="prn"){continue}else{return"mixed"}}C+=":"+M;if(L==null){L=M}else{if(L!==M){return"mixed"}}}if(L==null){return"prn"}else{return L}};this.getAttrTypeAndValue=function(y){var z=j(y);return e(z)};this.getRDN=function(y){var z=j(y);return i(z)};this.getX500NameArray=function(y){var z=j(y);return h(z)};this.getX500Name=function(A){var y=this.getX500NameArray(A);var z=this.dnarraytostr(y);return{array:y,str:z}};this.readCertPEM=function(y){this.readCertHex(v(y))};this.readCertHex=function(y){this.hex=y;this.getVersion();try{l(this.hex,0,[0,7],"a3");this.parseExt()}catch(z){}};this.getParam=function(z){var y={};y.version=this.getVersion();y.serial={hex:this.getSerialNumberHex()};y.sigalg=this.getSignatureAlgorithmField();y.issuer=this.getIssuer();y.notbefore=this.getNotBefore();y.notafter=this.getNotAfter();y.subject=this.getSubject();y.sbjpubkey=hextopem(this.getPublicKeyHex(),"PUBLIC KEY");if(this.aExtInfo!=undefined&&this.aExtInfo.length>0){y.ext=this.getExtParamArray()}y.sighex=this.getSignatureValueHex();if(typeof z=="object"){if(z.tbshex==true){y.tbshex=a(this.hex,0,[0])}if(z.nodnarray==true){delete y.issuer.array;delete y.subject.array}}return y};this.getExtParamArray=function(z){if(z==undefined){var B=f(this.hex,0,[0,"[3]"]);if(B!=-1){z=p(this.hex,0,[0,"[3]",0],"30")}}var y=[];var A=r(z,0);for(var C=0;C<A.length;C++){var E=b(z,A[C]);var D=this.getExtParam(E);if(D!=null){y.push(D)}}return y};this.getExtParam=function(z){var G={};var B=r(z,0);var C=B.length;if(C!=2&&C!=3){throw new Error("wrong number elements in Extension: "+C+" "+z)}var A=q(c(z,0,[0],"06"));var E=false;if(C==3&&a(z,0,[1])=="0101ff"){E=true}var F=a(z,0,[C-1,0]);var D=undefined;if(A=="2.5.29.14"){D=this.getExtSubjectKeyIdentifier(F,E)}else{if(A=="2.5.29.15"){D=this.getExtKeyUsage(F,E)}else{if(A=="2.5.29.17"){D=this.getExtSubjectAltName(F,E)}else{if(A=="2.5.29.18"){D=this.getExtIssuerAltName(F,E)}else{if(A=="2.5.29.19"){D=this.getExtBasicConstraints(F,E)}else{if(A=="2.5.29.30"){D=this.getExtNameConstraints(F,E)}else{if(A=="2.5.29.31"){D=this.getExtCRLDistributionPoints(F,E)}else{if(A=="2.5.29.32"){D=this.getExtCertificatePolicies(F,E)}else{if(A=="2.5.29.35"){D=this.getExtAuthorityKeyIdentifier(F,E)}else{if(A=="2.5.29.37"){D=this.getExtExtKeyUsage(F,E)}else{if(A=="1.3.6.1.5.5.7.1.1"){D=this.getExtAuthorityInfoAccess(F,E)}else{if(A=="2.5.29.20"){D=this.getExtCRLNumber(F,E)}else{if(A=="2.5.29.21"){D=this.getExtCRLReason(F,E)}else{if(A=="1.3.6.1.5.5.7.48.1.2"){D=this.getExtOcspNonce(F,E)}else{if(A=="1.3.6.1.5.5.7.48.1.5"){D=this.getExtOcspNoCheck(F,E)}else{if(A=="1.2.840.113583.1.1.9.1"){D=this.getExtAdobeTimeStamp(F,E)}}}}}}}}}}}}}}}}if(D!=undefined){return D}var y={extname:A,extn:F};if(E){y.critical=true}return y};this.findExt=function(z,A){for(var y=0;y<z.length;y++){if(z[y].extname==A){return z[y]}}return null};this.updateExtCDPFullURI=function(C,y){var B=this.findExt(C,"cRLDistributionPoints");if(B==null){return}if(B.array==undefined){return}var E=B.array;for(var A=0;A<E.length;A++){if(E[A].dpname==undefined){continue}if(E[A].dpname.full==undefined){continue}var F=E[A].dpname.full;for(var z=0;z<F.length;z++){var D=F[A];if(D.uri==undefined){continue}D.uri=y}}};this.updateExtAIAOCSP=function(C,z){var B=this.findExt(C,"authorityInfoAccess");if(B==null){return}if(B.array==undefined){return}var y=B.array;for(var A=0;A<y.length;A++){if(y[A].ocsp!=undefined){y[A].ocsp=z}}};this.updateExtAIACAIssuer=function(C,z){var B=this.findExt(C,"authorityInfoAccess");if(B==null){return}if(B.array==undefined){return}var y=B.array;for(var A=0;A<y.length;A++){if(y[A].caissuer!=undefined){y[A].caissuer=z}}};this.dnarraytostr=function(A){function y(B){return B.map(function(C){return z(C).replace(/\+/,"\\+")}).join("+")}function z(B){return B.type+"="+B.value}return"/"+A.map(function(B){return y(B).replace(/\//,"\\/")}).join("/")};this.getInfo=function(){var z=function(R){var Q=JSON.stringify(R.array).replace(/[\[\]\{\}\"]/g,"");return Q};var F=function(W){var U="";var Q=W.array;for(var T=0;T<Q.length;T++){var V=Q[T];U+="    policy oid: "+V.policyoid+"\n";if(V.array===undefined){continue}for(var S=0;S<V.array.length;S++){var R=V.array[S];if(R.cps!==undefined){U+="    cps: "+R.cps+"\n"}}}return U};var I=function(U){var T="";var Q=U.array;for(var S=0;S<Q.length;S++){var V=Q[S];try{if(V.dpname.full[0].uri!==undefined){T+="    "+V.dpname.full[0].uri+"\n"}}catch(R){}try{if(V.dname.full[0].dn.hex!==undefined){T+="    "+X509.hex2dn(V.dpname.full[0].dn.hex)+"\n"}}catch(R){}}return T};var G=function(U){var T="";var Q=U.array;for(var R=0;R<Q.length;R++){var S=Q[R];if(S.caissuer!==undefined){T+="    caissuer: "+S.caissuer+"\n"}if(S.ocsp!==undefined){T+="    ocsp: "+S.ocsp+"\n"}}return T};var A=X509;var K,J,P;K="Basic Fields\n";K+="  serial number: "+this.getSerialNumberHex()+"\n";K+="  signature algorithm: "+this.getSignatureAlgorithmField()+"\n";K+="  issuer: "+this.getIssuerString()+"\n";K+="  notBefore: "+this.getNotBefore()+"\n";K+="  notAfter: "+this.getNotAfter()+"\n";K+="  subject: "+this.getSubjectString()+"\n";K+="  subject public key info: \n";J=this.getPublicKey();K+="    key algorithm: "+J.type+"\n";if(J.type==="RSA"){K+="    n="+hextoposhex(J.n.toString(16)).substr(0,16)+"...\n";K+="    e="+hextoposhex(J.e.toString(16))+"\n"}P=this.aExtInfo;if(P!==undefined&&P!==null){K+="X509v3 Extensions:\n";for(var M=0;M<P.length;M++){var O=P[M];var y=KJUR.asn1.x509.OID.oid2name(O.oid);if(y===""){y=O.oid}var L="";if(O.critical===true){L="CRITICAL"}K+="  "+y+" "+L+":\n";if(y==="basicConstraints"){var B=this.getExtBasicConstraints();if(B.cA===undefined){K+="    {}\n"}else{K+="    cA=true";if(B.pathLen!==undefined){K+=", pathLen="+B.pathLen}K+="\n"}}else{if(y==="keyUsage"){K+="    "+this.getExtKeyUsageString()+"\n"}else{if(y==="subjectKeyIdentifier"){K+="    "+this.getExtSubjectKeyIdentifier().kid.hex+"\n"}else{if(y==="authorityKeyIdentifier"){var C=this.getExtAuthorityKeyIdentifier();if(C.kid!==undefined){K+="    kid="+C.kid.hex+"\n"}}else{if(y==="extKeyUsage"){var N=this.getExtExtKeyUsage().array;K+="    "+N.join(", ")+"\n"}else{if(y==="subjectAltName"){var D=z(this.getExtSubjectAltName());K+="    "+D+"\n"}else{if(y==="cRLDistributionPoints"){var H=this.getExtCRLDistributionPoints();K+=I(H)}else{if(y==="authorityInfoAccess"){var E=this.getExtAuthorityInfoAccess();K+=G(E)}else{if(y==="certificatePolicies"){K+=F(this.getExtCertificatePolicies())}}}}}}}}}}}K+="signature algorithm: "+this.getSignatureAlgorithmName()+"\n";K+="signature: "+this.getSignatureValueHex().substr(0,16)+"...\n";return K};if(typeof u=="string"){if(u.indexOf("-----BEGIN")!=-1){this.readCertPEM(u)}else{if(KJUR.lang.String.isHex(u)){this.readCertHex(u)}}}}X509.hex2dn=function(e,b){if(b===undefined){b=0}var a=new X509();var c=ASN1HEX.getTLV(e,b);var d=a.getX500Name(e);return d.str};X509.hex2rdn=function(f,b){if(b===undefined){b=0}if(f.substr(b,2)!=="31"){throw new Error("malformed RDN")}var c=new Array();var d=ASN1HEX.getChildIdx(f,b);for(var e=0;e<d.length;e++){c.push(X509.hex2attrTypeValue(f,d[e]))}c=c.map(function(a){return a.replace("+","\\+")});return c.join("+")};X509.hex2attrTypeValue=function(d,i){var j=ASN1HEX;var h=j.getV;if(i===undefined){i=0}if(d.substr(i,2)!=="30"){throw new Error("malformed attribute type and value")}var g=j.getChildIdx(d,i);if(g.length!==2||d.substr(g[0],2)!=="06"){"malformed attribute type and value"}var b=h(d,g[0]);var f=KJUR.asn1.ASN1Util.oidHexToInt(b);var e=KJUR.asn1.x509.OID.oid2atype(f);var a=h(d,g[1]);var c=hextorstr(a);return e+"="+c};X509.getPublicKeyFromCertHex=function(b){var a=new X509();a.readCertHex(b);return a.getPublicKey()};X509.getPublicKeyFromCertPEM=function(b){var a=new X509();a.readCertPEM(b);return a.getPublicKey()};X509.getPublicKeyInfoPropOfCertPEM=function(c){var e=ASN1HEX;var g=e.getVbyList;var b={};var a,f,d;b.algparam=null;a=new X509();a.readCertPEM(c);f=a.getPublicKeyHex();b.keyhex=g(f,0,[1],"03").substr(2);b.algoid=g(f,0,[0,0],"06");if(b.algoid==="2a8648ce3d0201"){b.algparam=g(f,0,[0,1],"06")}return b};X509.KEYUSAGE_NAME=["digitalSignature","nonRepudiation","keyEncipherment","dataEncipherment","keyAgreement","keyCertSign","cRLSign","encipherOnly","decipherOnly"];
+function X509(u){var n=ASN1HEX,r=n.getChildIdx,k=n.getV,x=n.dump,j=n.parse,b=n.getTLV,c=n.getVbyList,o=n.getVbyListEx,a=n.getTLVbyList,p=n.getTLVbyListEx,l=n.getIdxbyList,f=n.getIdxbyListEx,m=n.getVidx,w=n.getInt,t=n.oidname,q=n.hextooidstr,d=X509,v=pemtohex,g;try{g=KJUR.asn1.x509.AlgorithmIdentifier.PSSNAME2ASN1TLV}catch(s){}this.HEX2STAG={"0c":"utf8","13":"prn","16":"ia5","1a":"vis","1e":"bmp"};this.hex=null;this.version=0;this.foffset=0;this.aExtInfo=null;this.getVersion=function(){if(this.hex===null||this.version!==0){return this.version}var z=a(this.hex,0,[0,0]);if(z.substr(0,2)=="a0"){var A=a(z,0,[0]);var y=w(A,0);if(y<0||2<y){throw new Error("malformed version field")}this.version=y+1;return this.version}else{this.version=1;this.foffset=-1;return 1}};this.getSerialNumberHex=function(){return o(this.hex,0,[0,0],"02")};this.getSignatureAlgorithmField=function(){var y=p(this.hex,0,[0,1]);return this.getAlgorithmIdentifierName(y)};this.getAlgorithmIdentifierName=function(y){for(var z in g){if(y===g[z]){return z}}return t(o(y,0,[0],"06"))};this.getIssuer=function(z,y){return this.getX500Name(this.getIssuerHex(),z,y)};this.getIssuerHex=function(){return a(this.hex,0,[0,3+this.foffset],"30")};this.getIssuerString=function(){var y=this.getIssuer();return y.str};this.getSubject=function(z,y){return this.getX500Name(this.getSubjectHex(),z,y)};this.getSubjectHex=function(){return a(this.hex,0,[0,5+this.foffset],"30")};this.getSubjectString=function(){var y=this.getSubject();return y.str};this.getNotBefore=function(){var y=c(this.hex,0,[0,4+this.foffset,0]);y=y.replace(/(..)/g,"%$1");y=decodeURIComponent(y);return y};this.getNotAfter=function(){var y=c(this.hex,0,[0,4+this.foffset,1]);y=y.replace(/(..)/g,"%$1");y=decodeURIComponent(y);return y};this.getPublicKeyHex=function(){return this.getSPKI()};this.getSPKI=function(){return a(this.hex,0,[0,6+this.foffset],"30")};this.getSPKIValue=function(){var y=this.getSPKI();if(y==null){return null}return c(y,0,[1],"03",true)};this.getPublicKeyIdx=function(){return l(this.hex,0,[0,6+this.foffset],"30")};this.getPublicKeyContentIdx=function(){var y=this.getPublicKeyIdx();return l(this.hex,y,[1,0],"30")};this.getPublicKey=function(){return KEYUTIL.getKey(this.getPublicKeyHex(),null,"pkcs8pub")};this.getSignatureAlgorithmName=function(){var y=a(this.hex,0,[1],"30");return this.getAlgorithmIdentifierName(y)};this.getSignatureValueHex=function(){return c(this.hex,0,[2],"03",true)};this.verifySignature=function(A){var B=this.getSignatureAlgorithmField();var y=this.getSignatureValueHex();var z=a(this.hex,0,[0],"30");var C=new KJUR.crypto.Signature({alg:B});C.init(A);C.updateHex(z);return C.verify(y)};this.parseExt=function(H){var A,y,C;if(H===undefined){C=this.hex;if(this.version!==3){return -1}A=l(C,0,[0,7,0],"30");y=r(C,A)}else{C=pemtohex(H);var D=l(C,0,[0,3,0,0],"06");if(k(C,D)!="2a864886f70d01090e"){this.aExtInfo=new Array();return}A=l(C,0,[0,3,0,1,0],"30");y=r(C,A);this.hex=C}this.aExtInfo=new Array();for(var B=0;B<y.length;B++){var F={};F.critical=false;var E=r(C,y[B]);var z=0;if(E.length===3){F.critical=true;z=1}F.oid=n.hextooidstr(c(C,y[B],[0],"06"));var G=l(C,y[B],[1+z]);F.vidx=m(C,G);this.aExtInfo.push(F)}};this.getExtInfo=function(A){var y=this.aExtInfo;var B=A;if(!A.match(/^[0-9.]+$/)){B=KJUR.asn1.x509.OID.name2oid(A)}if(B===""){return undefined}for(var z=0;z<y.length;z++){if(y[z].oid===B){return y[z]}}return undefined};this.getExtBasicConstraints=function(z,D){if(z===undefined&&D===undefined){var B=this.getExtInfo("basicConstraints");if(B===undefined){return undefined}z=b(this.hex,B.vidx);D=B.critical}var y={extname:"basicConstraints"};if(D){y.critical=true}if(z==="3000"){return y}if(z==="30030101ff"){y.cA=true;return y}if(z.substr(0,12)==="30060101ff02"){var C=k(z,10);var A=parseInt(C,16);y.cA=true;y.pathLen=A;return y}throw new Error("hExtV parse error: "+z)};this.getExtNameConstraints=function(H,F){if(H===undefined&&F===undefined){var z=this.getExtInfo("nameConstraints");if(z===undefined){return undefined}H=b(this.hex,z.vidx);F=z.critical}var J={extname:"nameConstraints"};if(F){J.critical=true}var E=r(H,0);for(var C=0;C<E.length;C++){var D=[];var A=r(H,E[C]);for(var B=0;B<A.length;B++){var G=b(H,A[B]);var y=this.getGeneralSubtree(G);D.push(y)}var I=H.substr(E[C],2);if(I=="a0"){J.permit=D}else{if(I=="a1"){J.exclude=D}}}return J};this.getGeneralSubtree=function(E){var C=r(E,0);var B=C.length;if(B<1||2<B){throw new Error("wrong num elements")}var A=this.getGeneralName(b(E,C[0]));for(var D=1;D<B;D++){var z=E.substr(C[D],2);var y=k(E,C[D]);var F=parseInt(y,16);if(z=="80"){A.min=F}if(z=="81"){A.max=F}}return A};this.getExtKeyUsage=function(z,B){if(z===undefined&&B===undefined){var A=this.getExtInfo("keyUsage");if(A===undefined){return undefined}z=b(this.hex,A.vidx);B=A.critical}var y={extname:"keyUsage"};if(B){y.critical=true}y.names=this.getExtKeyUsageString(z).split(",");return y};this.getExtKeyUsageBin=function(z){if(z===undefined){var A=this.getExtInfo("keyUsage");if(A===undefined){return""}z=b(this.hex,A.vidx)}if(z.length!=8&&z.length!=10){throw new Error("malformed key usage value: "+z)}var y="000000000000000"+parseInt(z.substr(6),16).toString(2);if(z.length==8){y=y.slice(-8)}if(z.length==10){y=y.slice(-16)}y=y.replace(/0+$/,"");if(y==""){y="0"}return y};this.getExtKeyUsageString=function(A){var B=this.getExtKeyUsageBin(A);var y=new Array();for(var z=0;z<B.length;z++){if(B.substr(z,1)=="1"){y.push(X509.KEYUSAGE_NAME[z])}}return y.join(",")};this.getExtSubjectKeyIdentifier=function(A,C){if(A===undefined&&C===undefined){var B=this.getExtInfo("subjectKeyIdentifier");if(B===undefined){return undefined}A=b(this.hex,B.vidx);C=B.critical}var y={extname:"subjectKeyIdentifier"};if(C){y.critical=true}var z=k(A,0);y.kid={hex:z};return y};this.getExtAuthorityKeyIdentifier=function(E,C){if(E===undefined&&C===undefined){var y=this.getExtInfo("authorityKeyIdentifier");if(y===undefined){return undefined}E=b(this.hex,y.vidx);C=y.critical}var F={extname:"authorityKeyIdentifier"};if(C){F.critical=true}var D=r(E,0);for(var z=0;z<D.length;z++){var G=E.substr(D[z],2);if(G==="80"){F.kid={hex:k(E,D[z])}}if(G==="a1"){var B=b(E,D[z]);var A=this.getGeneralNames(B);F.issuer=A[0]["dn"]}if(G==="82"){F.sn={hex:k(E,D[z])}}}return F};this.getExtExtKeyUsage=function(B,D){if(B===undefined&&D===undefined){var C=this.getExtInfo("extKeyUsage");if(C===undefined){return undefined}B=b(this.hex,C.vidx);D=C.critical}var y={extname:"extKeyUsage",array:[]};if(D){y.critical=true}var z=r(B,0);for(var A=0;A<z.length;A++){y.array.push(t(k(B,z[A])))}return y};this.getExtExtKeyUsageName=function(){var C=this.getExtInfo("extKeyUsage");if(C===undefined){return C}var y=new Array();var B=b(this.hex,C.vidx);if(B===""){return y}var z=r(B,0);for(var A=0;A<z.length;A++){y.push(t(k(B,z[A])))}return y};this.getExtSubjectAltName=function(z,B){if(z===undefined&&B===undefined){var A=this.getExtInfo("subjectAltName");if(A===undefined){return undefined}z=b(this.hex,A.vidx);B=A.critical}var y={extname:"subjectAltName",array:[]};if(B){y.critical=true}y.array=this.getGeneralNames(z);return y};this.getExtIssuerAltName=function(z,B){if(z===undefined&&B===undefined){var A=this.getExtInfo("issuerAltName");if(A===undefined){return undefined}z=b(this.hex,A.vidx);B=A.critical}var y={extname:"issuerAltName",array:[]};if(B){y.critical=true}y.array=this.getGeneralNames(z);return y};this.getGeneralNames=function(C){var A=r(C,0);var y=[];for(var B=0;B<A.length;B++){var z=this.getGeneralName(b(C,A[B]));if(z!==undefined){y.push(z)}}return y};this.getGeneralName=function(z){var y=z.substr(0,2);var B=k(z,0);var A=hextorstr(B);if(y=="81"){return{rfc822:A}}if(y=="82"){return{dns:A}}if(y=="86"){return{uri:A}}if(y=="87"){return{ip:hextoip(B)}}if(y=="a4"){return{dn:this.getX500Name(B)}}if(y=="a0"){return{other:this.getOtherName(z)}}return undefined};this.getExtSubjectAltName2=function(){var C,F,E;var D=this.getExtInfo("subjectAltName");if(D===undefined){return D}var y=new Array();var B=b(this.hex,D.vidx);var z=r(B,0);for(var A=0;A<z.length;A++){E=B.substr(z[A],2);C=k(B,z[A]);if(E==="81"){F=hextoutf8(C);y.push(["MAIL",F])}if(E==="82"){F=hextoutf8(C);y.push(["DNS",F])}if(E==="84"){F=X509.hex2dn(C,0);y.push(["DN",F])}if(E==="86"){F=hextoutf8(C);y.push(["URI",F])}if(E==="87"){F=hextoip(C);y.push(["IP",F])}}return y};this.getExtCRLDistributionPoints=function(C,E){if(C===undefined&&E===undefined){var D=this.getExtInfo("cRLDistributionPoints");if(D===undefined){return undefined}C=b(this.hex,D.vidx);E=D.critical}var z={extname:"cRLDistributionPoints",array:[]};if(E){z.critical=true}var A=r(C,0);for(var B=0;B<A.length;B++){var y=b(C,A[B]);z.array.push(this.getDistributionPoint(y))}return z};this.getDistributionPoint=function(D){var A={};var B=r(D,0);for(var C=0;C<B.length;C++){var z=D.substr(B[C],2);var y=b(D,B[C]);if(z=="a0"){A.dpname=this.getDistributionPointName(y)}}return A};this.getDistributionPointName=function(D){var A={};var B=r(D,0);for(var C=0;C<B.length;C++){var z=D.substr(B[C],2);var y=b(D,B[C]);if(z=="a0"){A.full=this.getGeneralNames(y)}}return A};this.getExtCRLDistributionPointsURI=function(){var C=this.getExtCRLDistributionPoints();if(C==undefined){return C}var z=C.array;var y=[];for(var B=0;B<z.length;B++){try{if(z[B].dpname.full[0].uri!=undefined){y.push(z[B].dpname.full[0].uri)}}catch(A){}}return y};this.getExtAIAInfo=function(){var C=this.getExtInfo("authorityInfoAccess");if(C===undefined){return C}var y={ocsp:[],caissuer:[]};var z=r(this.hex,C.vidx);for(var A=0;A<z.length;A++){var D=c(this.hex,z[A],[0],"06");var B=c(this.hex,z[A],[1],"86");if(D==="2b06010505073001"){y.ocsp.push(hextoutf8(B))}if(D==="2b06010505073002"){y.caissuer.push(hextoutf8(B))}}return y};this.getExtAuthorityInfoAccess=function(F,D){if(F===undefined&&D===undefined){var y=this.getExtInfo("authorityInfoAccess");if(y===undefined){return undefined}F=b(this.hex,y.vidx);D=y.critical}var G={extname:"authorityInfoAccess",array:[]};if(D){G.critical=true}var E=r(F,0);for(var z=0;z<E.length;z++){var C=o(F,E[z],[0],"06");var A=c(F,E[z],[1],"86");var B=hextoutf8(A);if(C=="2b06010505073001"){G.array.push({ocsp:B})}else{if(C=="2b06010505073002"){G.array.push({caissuer:B})}else{throw new Error("unknown method: "+C)}}}return G};this.getExtCertificatePolicies=function(C,F){if(C===undefined&&F===undefined){var E=this.getExtInfo("certificatePolicies");if(E===undefined){return undefined}C=b(this.hex,E.vidx);F=E.critical}var y={extname:"certificatePolicies",array:[]};if(F){y.critical=true}var z=r(C,0);for(var A=0;A<z.length;A++){var D=b(C,z[A]);var B=this.getPolicyInformation(D);y.array.push(B)}return y};this.getPolicyInformation=function(C){var y={};var E=c(C,0,[0],"06");y.policyoid=t(E);var F=f(C,0,[1],"30");if(F!=-1){y.array=[];var z=r(C,F);for(var A=0;A<z.length;A++){var D=b(C,z[A]);var B=this.getPolicyQualifierInfo(D);y.array.push(B)}}return y};this.getOtherName=function(A){var y={};var z=r(A,0);var C=c(A,z[0],[],"06");var B=c(A,z[1],[]);y.oid=t(C);y.value=j(B);return y};this.getPolicyQualifierInfo=function(z){var y={};var A=c(z,0,[0],"06");if(A==="2b06010505070201"){var C=o(z,0,[1],"16");y.cps=hextorstr(C)}else{if(A==="2b06010505070202"){var B=a(z,0,[1],"30");y.unotice=this.getUserNotice(B)}}return y};this.getUserNotice=function(C){var z={};var A=r(C,0);for(var B=0;B<A.length;B++){var y=b(C,A[B]);if(y.substr(0,2)!="30"){z.exptext=this.getDisplayText(y)}}return z};this.getDisplayText=function(z){var A={"0c":"utf8","16":"ia5","1a":"vis","1e":"bmp"};var y={};y.type=A[z.substr(0,2)];y.str=hextorstr(k(z,0));return y};this.getExtCRLNumber=function(z,A){var y={extname:"cRLNumber"};if(A){y.critical=true}if(z.substr(0,2)=="02"){y.num={hex:k(z,0)};return y}throw new Error("hExtV parse error: "+z)};this.getExtCRLReason=function(z,A){var y={extname:"cRLReason"};if(A){y.critical=true}if(z.substr(0,2)=="0a"){y.code=parseInt(k(z,0),16);return y}throw new Error("hExtV parse error: "+z)};this.getExtOcspNonce=function(z,B){var y={extname:"ocspNonce"};if(B){y.critical=true}var A=k(z,0);y.hex=A;return y};this.getExtOcspNoCheck=function(z,A){var y={extname:"ocspNoCheck"};if(A){y.critical=true}return y};this.getExtAdobeTimeStamp=function(B,E){if(B===undefined&&E===undefined){var D=this.getExtInfo("adobeTimeStamp");if(D===undefined){return undefined}B=b(this.hex,D.vidx);E=D.critical}var y={extname:"adobeTimeStamp"};if(E){y.critical=true}var A=r(B,0);if(A.length>1){var F=b(B,A[1]);var z=this.getGeneralName(F);if(z.uri!=undefined){y.uri=z.uri}}if(A.length>2){var C=b(B,A[2]);if(C=="0101ff"){y.reqauth=true}if(C=="010100"){y.reqauth=false}}return y};var e=function(D){var y={};try{var A=D.seq[0].oid;var C=KJUR.asn1.x509.OID.name2oid(A);y.type=KJUR.asn1.x509.OID.oid2atype(C);var z=D.seq[1];if(z.utf8str!=undefined){y.ds="utf8";y.value=z.utf8str.str}else{if(z.numstr!=undefined){y.ds="num";y.value=z.numstr.str}else{if(z.telstr!=undefined){y.ds="tel";y.value=z.telstr.str}else{if(z.prnstr!=undefined){y.ds="prn";y.value=z.prnstr.str}else{if(z.ia5str!=undefined){y.ds="ia5";y.value=z.ia5str.str}else{if(z.visstr!=undefined){y.ds="vis";y.value=z.visstr.str}else{if(z.bmpstr!=undefined){y.ds="bmp";y.value=z.bmpstr.str}else{throw"error"}}}}}}}return y}catch(B){throw new Erorr("improper ASN.1 parsed AttrTypeAndValue")}};var i=function(z){try{return z.set.map(function(A){return e(A)})}catch(y){throw new Error("improper ASN.1 parsed RDN: "+y)}};var h=function(z){try{return z.seq.map(function(A){return i(A)})}catch(y){throw new Error("improper ASN.1 parsed X500Name: "+y)}};this.getX500NameRule=function(y){var F=true;var J=true;var I=false;var z="";var C="";var L=null;var G=[];for(var B=0;B<y.length;B++){var D=y[B];for(var A=0;A<D.length;A++){G.push(D[A])}}for(var B=0;B<G.length;B++){var K=G[B];var M=K.ds;var H=K.value;var E=K.type;z+=":"+M;if(M!="prn"&&M!="utf8"&&M!="ia5"){return"mixed"}if(M=="ia5"){if(E!="CN"){return"mixed"}else{if(!KJUR.lang.String.isMail(H)){return"mixed"}else{continue}}}if(E=="C"){if(M=="prn"){continue}else{return"mixed"}}C+=":"+M;if(L==null){L=M}else{if(L!==M){return"mixed"}}}if(L==null){return"prn"}else{return L}};this.getAttrTypeAndValue=function(y){var z=j(y);return e(z)};this.getRDN=function(y){var z=j(y);return i(z)};this.getX500NameArray=function(y){var z=j(y);return h(z)};this.getX500Name=function(B,D,C){var z=this.getX500NameArray(B);var A=this.dnarraytostr(z);var y={str:A};y.array=z;if(C==true){y.hex=B}if(D==true){y.canon=this.c14nRDNArray(z)}return y};this.readCertPEM=function(y){this.readCertHex(v(y))};this.readCertHex=function(y){this.hex=y;this.getVersion();try{l(this.hex,0,[0,7],"a3");this.parseExt()}catch(z){}};this.getParam=function(z){var y={};if(z==undefined){z={}}y.version=this.getVersion();y.serial={hex:this.getSerialNumberHex()};y.sigalg=this.getSignatureAlgorithmField();y.issuer=this.getIssuer(z.dncanon,z.dnhex);y.notbefore=this.getNotBefore();y.notafter=this.getNotAfter();y.subject=this.getSubject(z.dncanon,z.dnhex);y.sbjpubkey=hextopem(this.getPublicKeyHex(),"PUBLIC KEY");if(this.aExtInfo!=undefined&&this.aExtInfo.length>0){y.ext=this.getExtParamArray()}y.sighex=this.getSignatureValueHex();if(z.tbshex==true){y.tbshex=a(this.hex,0,[0])}if(z.nodnarray==true){delete y.issuer.array;delete y.subject.array}return y};this.getExtParamArray=function(z){if(z==undefined){var B=f(this.hex,0,[0,"[3]"]);if(B!=-1){z=p(this.hex,0,[0,"[3]",0],"30")}}var y=[];var A=r(z,0);for(var C=0;C<A.length;C++){var E=b(z,A[C]);var D=this.getExtParam(E);if(D!=null){y.push(D)}}return y};this.getExtParam=function(z){var G={};var B=r(z,0);var C=B.length;if(C!=2&&C!=3){throw new Error("wrong number elements in Extension: "+C+" "+z)}var A=q(c(z,0,[0],"06"));var E=false;if(C==3&&a(z,0,[1])=="0101ff"){E=true}var F=a(z,0,[C-1,0]);var D=undefined;if(A=="2.5.29.14"){D=this.getExtSubjectKeyIdentifier(F,E)}else{if(A=="2.5.29.15"){D=this.getExtKeyUsage(F,E)}else{if(A=="2.5.29.17"){D=this.getExtSubjectAltName(F,E)}else{if(A=="2.5.29.18"){D=this.getExtIssuerAltName(F,E)}else{if(A=="2.5.29.19"){D=this.getExtBasicConstraints(F,E)}else{if(A=="2.5.29.30"){D=this.getExtNameConstraints(F,E)}else{if(A=="2.5.29.31"){D=this.getExtCRLDistributionPoints(F,E)}else{if(A=="2.5.29.32"){D=this.getExtCertificatePolicies(F,E)}else{if(A=="2.5.29.35"){D=this.getExtAuthorityKeyIdentifier(F,E)}else{if(A=="2.5.29.37"){D=this.getExtExtKeyUsage(F,E)}else{if(A=="1.3.6.1.5.5.7.1.1"){D=this.getExtAuthorityInfoAccess(F,E)}else{if(A=="2.5.29.20"){D=this.getExtCRLNumber(F,E)}else{if(A=="2.5.29.21"){D=this.getExtCRLReason(F,E)}else{if(A=="1.3.6.1.5.5.7.48.1.2"){D=this.getExtOcspNonce(F,E)}else{if(A=="1.3.6.1.5.5.7.48.1.5"){D=this.getExtOcspNoCheck(F,E)}else{if(A=="1.2.840.113583.1.1.9.1"){D=this.getExtAdobeTimeStamp(F,E)}}}}}}}}}}}}}}}}if(D!=undefined){return D}var y={extname:A,extn:F};if(E){y.critical=true}return y};this.findExt=function(z,A){for(var y=0;y<z.length;y++){if(z[y].extname==A){return z[y]}}return null};this.updateExtCDPFullURI=function(C,y){var B=this.findExt(C,"cRLDistributionPoints");if(B==null){return}if(B.array==undefined){return}var E=B.array;for(var A=0;A<E.length;A++){if(E[A].dpname==undefined){continue}if(E[A].dpname.full==undefined){continue}var F=E[A].dpname.full;for(var z=0;z<F.length;z++){var D=F[A];if(D.uri==undefined){continue}D.uri=y}}};this.updateExtAIAOCSP=function(C,z){var B=this.findExt(C,"authorityInfoAccess");if(B==null){return}if(B.array==undefined){return}var y=B.array;for(var A=0;A<y.length;A++){if(y[A].ocsp!=undefined){y[A].ocsp=z}}};this.updateExtAIACAIssuer=function(C,z){var B=this.findExt(C,"authorityInfoAccess");if(B==null){return}if(B.array==undefined){return}var y=B.array;for(var A=0;A<y.length;A++){if(y[A].caissuer!=undefined){y[A].caissuer=z}}};this.dnarraytostr=function(A){function y(B){return B.map(function(C){return z(C).replace(/\+/,"\\+")}).join("+")}function z(B){return B.type+"="+B.value}return"/"+A.map(function(B){return y(B).replace(/\//,"\\/")}).join("/")};this.setCanonicalizedDN=function(z){var B;if(z.str!=undefined&&z.array==undefined){var A=new KJUR.asn1.x509.X500Name({str:z.str});var y=A.tohex();B=this.getX500NameArray(y)}else{B=z.array}if(z.canon==undefined){z.canon=this.c14nRDNArray(B)}};this.c14nRDNArray=function(F){var z=[];for(var B=0;B<F.length;B++){var D=F[B];var y=[];for(var A=0;A<D.length;A++){var C=D[A];var E=C.value;E=E.replace(/^\s*/,"");E=E.replace(/\s*$/,"");E=E.replace(/\s+/g," ");E=E.toLowerCase();y.push(C.type.toLowerCase()+"="+E)}z.push(y.join("+"))}return"/"+z.join("/")};this.getInfo=function(){var z=function(S){var Y="";var Q="    ";var U="\n";var V=S.array;for(var T=0;T<V.length;T++){var R=V[T];if(R.dn!=undefined){Y+=Q+"dn: "+R.dn.str+U}if(R.ip!=undefined){Y+=Q+"ip: "+R.ip+U}if(R.rfc822!=undefined){Y+=Q+"rfc822: "+R.rfc822+U}if(R.dns!=undefined){Y+=Q+"dns: "+R.dns+U}if(R.uri!=undefined){Y+=Q+"uri: "+R.uri+U}if(R.other!=undefined){var X=R.other.oid;var W=JSON.stringify(R.other.value).replace(/\"/g,"");Y+=Q+"other: "+X+"="+W+U}}Y=Y.replace(/\n$/,"");return Y};var F=function(W){var U="";var Q=W.array;for(var T=0;T<Q.length;T++){var V=Q[T];U+="    policy oid: "+V.policyoid+"\n";if(V.array===undefined){continue}for(var S=0;S<V.array.length;S++){var R=V.array[S];if(R.cps!==undefined){U+="    cps: "+R.cps+"\n"}}}return U};var I=function(U){var T="";var Q=U.array;for(var S=0;S<Q.length;S++){var V=Q[S];try{if(V.dpname.full[0].uri!==undefined){T+="    "+V.dpname.full[0].uri+"\n"}}catch(R){}try{if(V.dname.full[0].dn.hex!==undefined){T+="    "+X509.hex2dn(V.dpname.full[0].dn.hex)+"\n"}}catch(R){}}return T};var G=function(U){var T="";var Q=U.array;for(var R=0;R<Q.length;R++){var S=Q[R];if(S.caissuer!==undefined){T+="    caissuer: "+S.caissuer+"\n"}if(S.ocsp!==undefined){T+="    ocsp: "+S.ocsp+"\n"}}return T};var A=X509;var K,J,P;K="Basic Fields\n";K+="  serial number: "+this.getSerialNumberHex()+"\n";K+="  signature algorithm: "+this.getSignatureAlgorithmField()+"\n";K+="  issuer: "+this.getIssuerString()+"\n";K+="  notBefore: "+this.getNotBefore()+"\n";K+="  notAfter: "+this.getNotAfter()+"\n";K+="  subject: "+this.getSubjectString()+"\n";K+="  subject public key info: \n";J=this.getPublicKey();K+="    key algorithm: "+J.type+"\n";if(J.type==="RSA"){K+="    n="+hextoposhex(J.n.toString(16)).substr(0,16)+"...\n";K+="    e="+hextoposhex(J.e.toString(16))+"\n"}P=this.aExtInfo;if(P!==undefined&&P!==null){K+="X509v3 Extensions:\n";for(var M=0;M<P.length;M++){var O=P[M];var y=KJUR.asn1.x509.OID.oid2name(O.oid);if(y===""){y=O.oid}var L="";if(O.critical===true){L="CRITICAL"}K+="  "+y+" "+L+":\n";if(y==="basicConstraints"){var B=this.getExtBasicConstraints();if(B.cA===undefined){K+="    {}\n"}else{K+="    cA=true";if(B.pathLen!==undefined){K+=", pathLen="+B.pathLen}K+="\n"}}else{if(y==="keyUsage"){K+="    "+this.getExtKeyUsageString()+"\n"}else{if(y==="subjectKeyIdentifier"){K+="    "+this.getExtSubjectKeyIdentifier().kid.hex+"\n"}else{if(y==="authorityKeyIdentifier"){var C=this.getExtAuthorityKeyIdentifier();if(C.kid!==undefined){K+="    kid="+C.kid.hex+"\n"}}else{if(y==="extKeyUsage"){var N=this.getExtExtKeyUsage().array;K+="    "+N.join(", ")+"\n"}else{if(y==="subjectAltName"){var D=z(this.getExtSubjectAltName());K+=D+"\n"}else{if(y==="cRLDistributionPoints"){var H=this.getExtCRLDistributionPoints();K+=I(H)}else{if(y==="authorityInfoAccess"){var E=this.getExtAuthorityInfoAccess();K+=G(E)}else{if(y==="certificatePolicies"){K+=F(this.getExtCertificatePolicies())}}}}}}}}}}}K+="signature algorithm: "+this.getSignatureAlgorithmName()+"\n";K+="signature: "+this.getSignatureValueHex().substr(0,16)+"...\n";return K};if(typeof u=="string"){if(u.indexOf("-----BEGIN")!=-1){this.readCertPEM(u)}else{if(KJUR.lang.String.isHex(u)){this.readCertHex(u)}}}}X509.hex2dn=function(e,b){if(b===undefined){b=0}var a=new X509();var c=ASN1HEX.getTLV(e,b);var d=a.getX500Name(e);return d.str};X509.hex2rdn=function(f,b){if(b===undefined){b=0}if(f.substr(b,2)!=="31"){throw new Error("malformed RDN")}var c=new Array();var d=ASN1HEX.getChildIdx(f,b);for(var e=0;e<d.length;e++){c.push(X509.hex2attrTypeValue(f,d[e]))}c=c.map(function(a){return a.replace("+","\\+")});return c.join("+")};X509.hex2attrTypeValue=function(d,i){var j=ASN1HEX;var h=j.getV;if(i===undefined){i=0}if(d.substr(i,2)!=="30"){throw new Error("malformed attribute type and value")}var g=j.getChildIdx(d,i);if(g.length!==2||d.substr(g[0],2)!=="06"){"malformed attribute type and value"}var b=h(d,g[0]);var f=KJUR.asn1.ASN1Util.oidHexToInt(b);var e=KJUR.asn1.x509.OID.oid2atype(f);var a=h(d,g[1]);var c=hextorstr(a);return e+"="+c};X509.getPublicKeyFromCertHex=function(b){var a=new X509();a.readCertHex(b);return a.getPublicKey()};X509.getPublicKeyFromCertPEM=function(b){var a=new X509();a.readCertPEM(b);return a.getPublicKey()};X509.getPublicKeyInfoPropOfCertPEM=function(c){var e=ASN1HEX;var g=e.getVbyList;var b={};var a,f,d;b.algparam=null;a=new X509();a.readCertPEM(c);f=a.getPublicKeyHex();b.keyhex=g(f,0,[1],"03").substr(2);b.algoid=g(f,0,[0,0],"06");if(b.algoid==="2a8648ce3d0201"){b.algparam=g(f,0,[0,1],"06")}return b};X509.KEYUSAGE_NAME=["digitalSignature","nonRepudiation","keyEncipherment","dataEncipherment","keyAgreement","keyCertSign","cRLSign","encipherOnly","decipherOnly"];
 var X509CRL=function(e){var a=KJUR,f=a.lang.String.isHex,m=ASN1HEX,k=m.getV,b=m.getTLV,h=m.getVbyList,c=m.getTLVbyList,d=m.getTLVbyListEx,i=m.getIdxbyList,g=m.getIdxbyListEx,l=m.getChildIdx,j=new X509();this.hex=null;this.posSigAlg=null;this.posRevCert=null;this.parsed=null;this._setPos=function(){var o=i(this.hex,0,[0,0]);var n=this.hex.substr(o,2);if(n=="02"){this.posSigAlg=1}else{if(n=="30"){this.posSigAlg=0}else{throw new Error("malformed 1st item of TBSCertList: "+n)}}var s=i(this.hex,0,[0,this.posSigAlg+3]);var r=this.hex.substr(s,2);if(r=="17"||r=="18"){var q,p;q=i(this.hex,0,[0,this.posSigAlg+4]);this.posRevCert=null;if(q!=-1){p=this.hex.substr(q,2);if(p=="30"){this.posRevCert=this.posSigAlg+4}}}else{if(r=="30"){this.posRevCert=this.posSigAlg+3}else{if(r=="a0"){this.posRevCert=null}else{throw new Error("malformed nextUpdate or revCert tag: "+r)}}}};this.getVersion=function(){if(this.posSigAlg==0){return null}return parseInt(h(this.hex,0,[0,0],"02"),16)+1};this.getSignatureAlgorithmField=function(){var n=c(this.hex,0,[0,this.posSigAlg],"30");return j.getAlgorithmIdentifierName(n)};this.getIssuer=function(){return j.getX500Name(this.getIssuerHex())};this.getIssuerHex=function(){return c(this.hex,0,[0,this.posSigAlg+1],"30")};this.getThisUpdate=function(){var n=h(this.hex,0,[0,this.posSigAlg+2]);return result=hextorstr(n)};this.getNextUpdate=function(){var o=i(this.hex,0,[0,this.posSigAlg+3]);var n=this.hex.substr(o,2);if(n!="17"&&n!="18"){return null}return hextorstr(k(this.hex,o))};this.getRevCertArray=function(){if(this.posRevCert==null){return null}var o=[];var n=i(this.hex,0,[0,this.posRevCert]);var p=l(this.hex,n);for(var q=0;q<p.length;q++){var r=b(this.hex,p[q]);o.push(this.getRevCert(r))}return o};this.getRevCert=function(p){var o={};var n=l(p,0);o.sn={hex:h(p,0,[0],"02")};o.date=hextorstr(h(p,0,[1]));if(n.length==3){o.ext=j.getExtParamArray(c(p,0,[2]))}return o};this.findRevCert=function(p){var n=new X509(p);var o=n.getSerialNumberHex();return this.findRevCertBySN(o)};this.findRevCertBySN=function(o){if(this.parsed==null){this.getParam()}if(this.parsed.revcert==null){return null}var n=this.parsed.revcert;for(var p=0;p<n.length;p++){if(o==n[p].sn.hex){return n[p]}}return null};this.getSignatureValueHex=function(){return h(this.hex,0,[2],"03",true)};this.verifySignature=function(o){var p=this.getSignatureAlgorithmField();var n=this.getSignatureValueHex();var q=c(this.hex,0,[0],"30");var r=new KJUR.crypto.Signature({alg:p});r.init(o);r.updateHex(q);return r.verify(n)};this.getParam=function(r){var n={};var p=this.getVersion();if(p!=null){n.version=p}n.sigalg=this.getSignatureAlgorithmField();n.issuer=this.getIssuer();n.thisupdate=this.getThisUpdate();var q=this.getNextUpdate();if(q!=null){n.nextupdate=q}var t=this.getRevCertArray();if(t!=null){n.revcert=t}var s=g(this.hex,0,[0,"[0]"]);if(s!=-1){var o=d(this.hex,0,[0,"[0]",0]);n.ext=j.getExtParamArray(o)}n.sighex=this.getSignatureValueHex();this.parsed=n;if(typeof r=="object"){if(r.tbshex==true){n.tbshex=c(this.hex,0,[0])}if(r.nodnarray==true){delete n.issuer.array}}return n};if(typeof e=="string"){if(f(e)){this.hex=e}else{if(e.match(/-----BEGIN X509 CRL/)){this.hex=pemtohex(e)}}this._setPos()}};
 if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.jws=="undefined"||!KJUR.jws){KJUR.jws={}}KJUR.jws.JWS=function(){var b=KJUR,a=b.jws.JWS,c=a.isSafeJSONString;this.parseJWS=function(g,j){if((this.parsedJWS!==undefined)&&(j||(this.parsedJWS.sigvalH!==undefined))){return}var i=g.match(/^([^.]+)\.([^.]+)\.([^.]+)$/);if(i==null){throw"JWS signature is not a form of 'Head.Payload.SigValue'."}var k=i[1];var e=i[2];var l=i[3];var n=k+"."+e;this.parsedJWS={};this.parsedJWS.headB64U=k;this.parsedJWS.payloadB64U=e;this.parsedJWS.sigvalB64U=l;this.parsedJWS.si=n;if(!j){var h=b64utohex(l);var f=parseBigInt(h,16);this.parsedJWS.sigvalH=h;this.parsedJWS.sigvalBI=f}var d=b64utoutf8(k);var m=b64utoutf8(e);this.parsedJWS.headS=d;this.parsedJWS.payloadS=m;if(!c(d,this.parsedJWS,"headP")){throw"malformed JSON string for JWS Head: "+d}}};KJUR.jws.JWS.sign=function(j,w,z,A,a){var x=KJUR,n=x.jws,r=n.JWS,h=r.readSafeJSONString,q=r.isSafeJSONString,d=x.crypto,l=d.ECDSA,p=d.Mac,c=d.Signature,u=JSON;var t,k,o;if(typeof w!="string"&&typeof w!="object"){throw"spHeader must be JSON string or object: "+w}if(typeof w=="object"){k=w;t=u.stringify(k)}if(typeof w=="string"){t=w;if(!q(t)){throw"JWS Head is not safe JSON string: "+t}k=h(t)}o=z;if(typeof z=="object"){o=u.stringify(z)}if((j==""||j==null)&&k.alg!==undefined){j=k.alg}if((j!=""&&j!=null)&&k.alg===undefined){k.alg=j;t=u.stringify(k)}if(j!==k.alg){throw"alg and sHeader.alg doesn't match: "+j+"!="+k.alg}var s=null;if(r.jwsalg2sigalg[j]===undefined){throw"unsupported alg name: "+j}else{s=r.jwsalg2sigalg[j]}var e=utf8tob64u(t);var m=utf8tob64u(o);var b=e+"."+m;var y="";if(s.substr(0,4)=="Hmac"){if(A===undefined){throw"mac key shall be specified for HS* alg"}var i=new p({alg:s,prov:"cryptojs",pass:A});i.updateString(b);y=i.doFinal()}else{if(s.indexOf("withECDSA")!=-1){var f=new c({alg:s});f.init(A,a);f.updateString(b);var g=f.sign();y=KJUR.crypto.ECDSA.asn1SigToConcatSig(g)}else{if(s!="none"){var f=new c({alg:s});f.init(A,a);f.updateString(b);y=f.sign()}}}var v=hextob64u(y);return b+"."+v};KJUR.jws.JWS.verify=function(w,B,n){var x=KJUR,q=x.jws,t=q.JWS,i=t.readSafeJSONString,e=x.crypto,p=e.ECDSA,s=e.Mac,d=e.Signature,m;if(typeof RSAKey!==undefined){m=RSAKey}if(!isBase64URLDot(w)){return false}var y=w.split(".");if(y.length!==3){return false}var f=y[0];var r=y[1];var c=f+"."+r;var A=b64utohex(y[2]);var l=i(b64utoutf8(y[0]));var k=null;var z=null;if(l.alg===undefined){throw"algorithm not specified in header"}else{k=l.alg;z=k.substr(0,2)}if(n!=null&&Object.prototype.toString.call(n)==="[object Array]"&&n.length>0){var b=":"+n.join(":")+":";if(b.indexOf(":"+k+":")==-1){throw"algorithm '"+k+"' not accepted in the list"}}if(k!="none"&&B===null){throw"key shall be specified to verify."}if(typeof B=="string"&&B.indexOf("-----BEGIN ")!=-1){B=KEYUTIL.getKey(B)}if(z=="RS"||z=="PS"){if(!(B instanceof m)){throw"key shall be a RSAKey obj for RS* and PS* algs"}}if(z=="ES"){if(!(B instanceof p)){throw"key shall be a ECDSA obj for ES* algs"}}if(k=="none"){}var u=null;if(t.jwsalg2sigalg[l.alg]===undefined){throw"unsupported alg name: "+k}else{u=t.jwsalg2sigalg[k]}if(u=="none"){throw"not supported"}else{if(u.substr(0,4)=="Hmac"){var o=null;if(B===undefined){throw"hexadecimal key shall be specified for HMAC"}var j=new s({alg:u,pass:B});j.updateString(c);o=j.doFinal();return A==o}else{if(u.indexOf("withECDSA")!=-1){var h=null;try{h=p.concatSigToASN1Sig(A)}catch(v){return false}var g=new d({alg:u});g.init(B);g.updateString(c);return g.verify(h)}else{var g=new d({alg:u});g.init(B);g.updateString(c);return g.verify(A)}}}};KJUR.jws.JWS.parse=function(g){var c=g.split(".");var b={};var f,e,d;if(c.length!=2&&c.length!=3){throw"malformed sJWS: wrong number of '.' splitted elements"}f=c[0];e=c[1];if(c.length==3){d=c[2]}b.headerObj=KJUR.jws.JWS.readSafeJSONString(b64utoutf8(f));b.payloadObj=KJUR.jws.JWS.readSafeJSONString(b64utoutf8(e));b.headerPP=JSON.stringify(b.headerObj,null,"  ");if(b.payloadObj==null){b.payloadPP=b64utoutf8(e)}else{b.payloadPP=JSON.stringify(b.payloadObj,null,"  ")}if(d!==undefined){b.sigHex=b64utohex(d)}return b};KJUR.jws.JWS.verifyJWT=function(e,l,r){var d=KJUR,j=d.jws,o=j.JWS,n=o.readSafeJSONString,p=o.inArray,f=o.includedArray;if(!isBase64URLDot(e)){return false}var k=e.split(".");if(k.length!=3){return false}var c=k[0];var i=k[1];var q=c+"."+i;var m=b64utohex(k[2]);var h=n(b64utoutf8(c));var g=n(b64utoutf8(i));if(h.alg===undefined){return false}if(r.alg===undefined){throw"acceptField.alg shall be specified"}if(!p(h.alg,r.alg)){return false}if(g.iss!==undefined&&typeof r.iss==="object"){if(!p(g.iss,r.iss)){return false}}if(g.sub!==undefined&&typeof r.sub==="object"){if(!p(g.sub,r.sub)){return false}}if(g.aud!==undefined&&typeof r.aud==="object"){if(typeof g.aud=="string"){if(!p(g.aud,r.aud)){return false}}else{if(typeof g.aud=="object"){if(!f(g.aud,r.aud)){return false}}}}var b=j.IntDate.getNow();if(r.verifyAt!==undefined&&typeof r.verifyAt==="number"){b=r.verifyAt}if(r.gracePeriod===undefined||typeof r.gracePeriod!=="number"){r.gracePeriod=0}if(g.exp!==undefined&&typeof g.exp=="number"){if(g.exp+r.gracePeriod<b){return false}}if(g.nbf!==undefined&&typeof g.nbf=="number"){if(b<g.nbf-r.gracePeriod){return false}}if(g.iat!==undefined&&typeof g.iat=="number"){if(b<g.iat-r.gracePeriod){return false}}if(g.jti!==undefined&&r.jti!==undefined){if(g.jti!==r.jti){return false}}if(!o.verify(e,l,r.alg)){return false}return true};KJUR.jws.JWS.includedArray=function(b,a){var c=KJUR.jws.JWS.inArray;if(b===null){return false}if(typeof b!=="object"){return false}if(typeof b.length!=="number"){return false}for(var d=0;d<b.length;d++){if(!c(b[d],a)){return false}}return true};KJUR.jws.JWS.inArray=function(d,b){if(b===null){return false}if(typeof b!=="object"){return false}if(typeof b.length!=="number"){return false}for(var c=0;c<b.length;c++){if(b[c]==d){return true}}return false};KJUR.jws.JWS.jwsalg2sigalg={HS256:"HmacSHA256",HS384:"HmacSHA384",HS512:"HmacSHA512",RS256:"SHA256withRSA",RS384:"SHA384withRSA",RS512:"SHA512withRSA",ES256:"SHA256withECDSA",ES384:"SHA384withECDSA",ES512:"SHA512withECDSA",PS256:"SHA256withRSAandMGF1",PS384:"SHA384withRSAandMGF1",PS512:"SHA512withRSAandMGF1",none:"none",};KJUR.jws.JWS.isSafeJSONString=function(c,b,d){var e=null;try{e=jsonParse(c);if(typeof e!="object"){return 0}if(e.constructor===Array){return 0}if(b){b[d]=e}return 1}catch(a){return 0}};KJUR.jws.JWS.readSafeJSONString=function(b){var c=null;try{c=jsonParse(b);if(typeof c!="object"){return null}if(c.constructor===Array){return null}return c}catch(a){return null}};KJUR.jws.JWS.getEncodedSignatureValueFromJWS=function(b){var a=b.match(/^[^.]+\.[^.]+\.([^.]+)$/);if(a==null){throw"JWS signature is not a form of 'Head.Payload.SigValue'."}return a[1]};KJUR.jws.JWS.getJWKthumbprint=function(d){if(d.kty!=="RSA"&&d.kty!=="EC"&&d.kty!=="oct"){throw"unsupported algorithm for JWK Thumprint"}var a="{";if(d.kty==="RSA"){if(typeof d.n!="string"||typeof d.e!="string"){throw"wrong n and e value for RSA key"}a+='"e":"'+d.e+'",';a+='"kty":"'+d.kty+'",';a+='"n":"'+d.n+'"}'}else{if(d.kty==="EC"){if(typeof d.crv!="string"||typeof d.x!="string"||typeof d.y!="string"){throw"wrong crv, x and y value for EC key"}a+='"crv":"'+d.crv+'",';a+='"kty":"'+d.kty+'",';a+='"x":"'+d.x+'",';a+='"y":"'+d.y+'"}'}else{if(d.kty==="oct"){if(typeof d.k!="string"){throw"wrong k value for oct(symmetric) key"}a+='"kty":"'+d.kty+'",';a+='"k":"'+d.k+'"}'}}}var b=rstrtohex(a);var c=KJUR.crypto.Util.hashHex(b,"sha256");var e=hextob64u(c);return e};KJUR.jws.IntDate={};KJUR.jws.IntDate.get=function(c){var b=KJUR.jws.IntDate,d=b.getNow,a=b.getZulu;if(c=="now"){return d()}else{if(c=="now + 1hour"){return d()+60*60}else{if(c=="now + 1day"){return d()+60*60*24}else{if(c=="now + 1month"){return d()+60*60*24*30}else{if(c=="now + 1year"){return d()+60*60*24*365}else{if(c.match(/Z$/)){return a(c)}else{if(c.match(/^[0-9]+$/)){return parseInt(c)}}}}}}}throw"unsupported format: "+c};KJUR.jws.IntDate.getZulu=function(a){return zulutosec(a)};KJUR.jws.IntDate.getNow=function(){var a=~~(new Date()/1000);return a};KJUR.jws.IntDate.intDate2UTCString=function(a){var b=new Date(a*1000);return b.toUTCString()};KJUR.jws.IntDate.intDate2Zulu=function(e){var i=new Date(e*1000),h=("0000"+i.getUTCFullYear()).slice(-4),g=("00"+(i.getUTCMonth()+1)).slice(-2),b=("00"+i.getUTCDate()).slice(-2),a=("00"+i.getUTCHours()).slice(-2),c=("00"+i.getUTCMinutes()).slice(-2),f=("00"+i.getUTCSeconds()).slice(-2);return h+g+b+a+c+f+"Z"};
 if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.jws=="undefined"||!KJUR.jws){KJUR.jws={}}KJUR.jws.JWSJS=function(){var c=KJUR,b=c.jws,a=b.JWS,d=a.readSafeJSONString;this.aHeader=[];this.sPayload="";this.aSignature=[];this.init=function(){this.aHeader=[];this.sPayload=undefined;this.aSignature=[]};this.initWithJWS=function(f){this.init();var e=f.split(".");if(e.length!=3){throw"malformed input JWS"}this.aHeader.push(e[0]);this.sPayload=e[1];this.aSignature.push(e[2])};this.addSignature=function(e,h,m,k){if(this.sPayload===undefined||this.sPayload===null){throw"there's no JSON-JS signature to add."}var l=this.aHeader.length;if(this.aHeader.length!=this.aSignature.length){throw"aHeader.length != aSignature.length"}try{var f=KJUR.jws.JWS.sign(e,h,this.sPayload,m,k);var j=f.split(".");var n=j[0];var g=j[2];this.aHeader.push(j[0]);this.aSignature.push(j[2])}catch(i){if(this.aHeader.length>l){this.aHeader.pop()}if(this.aSignature.length>l){this.aSignature.pop()}throw"addSignature failed: "+i}};this.verifyAll=function(h){if(this.aHeader.length!==h.length||this.aSignature.length!==h.length){return false}for(var g=0;g<h.length;g++){var f=h[g];if(f.length!==2){return false}var e=this.verifyNth(g,f[0],f[1]);if(e===false){return false}}return true};this.verifyNth=function(f,j,g){if(this.aHeader.length<=f||this.aSignature.length<=f){return false}var h=this.aHeader[f];var k=this.aSignature[f];var l=h+"."+this.sPayload+"."+k;var e=false;try{e=a.verify(l,j,g)}catch(i){return false}return e};this.readJWSJS=function(g){if(typeof g==="string"){var f=d(g);if(f==null){throw"argument is not safe JSON object string"}this.aHeader=f.headers;this.sPayload=f.payload;this.aSignature=f.signatures}else{try{if(g.headers.length>0){this.aHeader=g.headers}else{throw"malformed header"}if(typeof g.payload==="string"){this.sPayload=g.payload}else{throw"malformed signatures"}if(g.signatures.length>0){this.aSignature=g.signatures}else{throw"malformed signatures"}}catch(e){throw"malformed JWS-JS JSON object: "+e}}};this.getJSON=function(){return{headers:this.aHeader,payload:this.sPayload,signatures:this.aSignature}};this.isEmpty=function(){if(this.aHeader.length==0){return 1}return 0}};
diff --git a/npm/lib/jsrsasign-jwths-min.js b/npm/lib/jsrsasign-jwths-min.js
index 819cf98c..6fff29fe 100644
--- a/npm/lib/jsrsasign-jwths-min.js
+++ b/npm/lib/jsrsasign-jwths-min.js
@@ -1,5 +1,5 @@
 /*
- * jsrsasign(jwths) 10.5.27 (2022-08-19) (c) 2010-2022 Kenji Urushima | kjur.github.io/jsrsasign/license
+ * jsrsasign(jwths) 10.6.0 (2022-11-04) (c) 2010-2022 Kenji Urushima | kjur.github.io/jsrsasign/license
  */
 
 /*! CryptoJS v3.1.2 core-fix.js
diff --git a/npm/lib/jsrsasign-rsa-min.js b/npm/lib/jsrsasign-rsa-min.js
index 409fef33..871ae541 100644
--- a/npm/lib/jsrsasign-rsa-min.js
+++ b/npm/lib/jsrsasign-rsa-min.js
@@ -1,5 +1,5 @@
 /*
- * jsrsasign(rsa) 10.5.27 (2022-08-19) (c) 2010-2022 Kenji Urushima | kjur.github.io/jsrsasign/license
+ * jsrsasign(rsa) 10.6.0 (2022-11-04) (c) 2010-2022 Kenji Urushima | kjur.github.io/jsrsasign/license
  */
 
 /*! CryptoJS v3.1.2 core-fix.js
diff --git a/npm/lib/jsrsasign.js b/npm/lib/jsrsasign.js
index 92d40eaa..e9c7e93f 100755
--- a/npm/lib/jsrsasign.js
+++ b/npm/lib/jsrsasign.js
@@ -4,7 +4,7 @@ navigator.userAgent = false;
 
 var window = {};
 /*
- * jsrsasign(all) 10.5.27 (2022-08-19) (c) 2010-2022 Kenji Urushima | kjur.github.io/jsrsasign/license
+ * jsrsasign(all) 10.6.0 (2022-11-04) (c) 2010-2022 Kenji Urushima | kjur.github.io/jsrsasign/license
  */
 
 /*! CryptoJS v3.1.2 core-fix.js
@@ -224,7 +224,7 @@ ECFieldElementFp.prototype.getByteLength=function(){return Math.floor((this.toBi
 var jsonParse=(function(){var e="(?:-?\\b(?:0|[1-9][0-9]*)(?:\\.[0-9]+)?(?:[eE][+-]?[0-9]+)?\\b)";var j='(?:[^\\0-\\x08\\x0a-\\x1f"\\\\]|\\\\(?:["/\\\\bfnrt]|u[0-9A-Fa-f]{4}))';var i='(?:"'+j+'*")';var d=new RegExp("(?:false|true|null|[\\{\\}\\[\\]]|"+e+"|"+i+")","g");var k=new RegExp("\\\\(?:([^u])|u(.{4}))","g");var g={'"':'"',"/":"/","\\":"\\",b:"\b",f:"\f",n:"\n",r:"\r",t:"\t"};function h(l,m,n){return m?g[m]:String.fromCharCode(parseInt(n,16))}var c=new String("");var a="\\";var f={"{":Object,"[":Array};var b=Object.hasOwnProperty;return function(u,q){var p=u.match(d);var x;var v=p[0];var l=false;if("{"===v){x={}}else{if("["===v){x=[]}else{x=[];l=true}}var t;var r=[x];for(var o=1-l,m=p.length;o<m;++o){v=p[o];var w;switch(v.charCodeAt(0)){default:w=r[0];w[t||w.length]=+(v);t=void 0;break;case 34:v=v.substring(1,v.length-1);if(v.indexOf(a)!==-1){v=v.replace(k,h)}w=r[0];if(!t){if(w instanceof Array){t=w.length}else{t=v||c;break}}w[t]=v;t=void 0;break;case 91:w=r[0];r.unshift(w[t||w.length]=[]);t=void 0;break;case 93:r.shift();break;case 102:w=r[0];w[t||w.length]=false;t=void 0;break;case 110:w=r[0];w[t||w.length]=null;t=void 0;break;case 116:w=r[0];w[t||w.length]=true;t=void 0;break;case 123:w=r[0];r.unshift(w[t||w.length]={});t=void 0;break;case 125:r.shift();break}}if(l){if(r.length!==1){throw new Error()}x=x[0]}else{if(r.length){throw new Error()}}if(q){var s=function(C,B){var D=C[B];if(D&&typeof D==="object"){var n=null;for(var z in D){if(b.call(D,z)&&D!==C){var y=s(D,z);if(y!==void 0){D[z]=y}else{if(!n){n=[]}n.push(z)}}}if(n){for(var A=n.length;--A>=0;){delete D[n[A]]}}}return q.call(C,B,D)};x=s({"":x},"")}return x}})();
 if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}KJUR.asn1.ASN1Util=new function(){this.integerToByteHex=function(a){var b=a.toString(16);if((b.length%2)==1){b="0"+b}return b};this.bigIntToMinTwosComplementsHex=function(j){var f=j.toString(16);if(f.substr(0,1)!="-"){if(f.length%2==1){f="0"+f}else{if(!f.match(/^[0-7]/)){f="00"+f}}}else{var a=f.substr(1);var e=a.length;if(e%2==1){e+=1}else{if(!f.match(/^[0-7]/)){e+=2}}var g="";for(var d=0;d<e;d++){g+="f"}var c=new BigInteger(g,16);var b=c.xor(j).add(BigInteger.ONE);f=b.toString(16).replace(/^-/,"")}return f};this.getPEMStringFromHex=function(a,b){return hextopem(a,b)};this.newObject=function(k){var F=KJUR,o=F.asn1,v=o.ASN1Object,B=o.DERBoolean,e=o.DERInteger,t=o.DERBitString,h=o.DEROctetString,x=o.DERNull,y=o.DERObjectIdentifier,m=o.DEREnumerated,g=o.DERUTF8String,f=o.DERNumericString,A=o.DERPrintableString,w=o.DERTeletexString,q=o.DERIA5String,E=o.DERUTCTime,j=o.DERGeneralizedTime,b=o.DERVisibleString,l=o.DERBMPString,n=o.DERSequence,c=o.DERSet,s=o.DERTaggedObject,p=o.ASN1Util.newObject;if(k instanceof o.ASN1Object){return k}var u=Object.keys(k);if(u.length!=1){throw new Error("key of param shall be only one.")}var H=u[0];if(":asn1:bool:int:bitstr:octstr:null:oid:enum:utf8str:numstr:prnstr:telstr:ia5str:utctime:gentime:visstr:bmpstr:seq:set:tag:".indexOf(":"+H+":")==-1){throw new Error("undefined key: "+H)}if(H=="bool"){return new B(k[H])}if(H=="int"){return new e(k[H])}if(H=="bitstr"){return new t(k[H])}if(H=="octstr"){return new h(k[H])}if(H=="null"){return new x(k[H])}if(H=="oid"){return new y(k[H])}if(H=="enum"){return new m(k[H])}if(H=="utf8str"){return new g(k[H])}if(H=="numstr"){return new f(k[H])}if(H=="prnstr"){return new A(k[H])}if(H=="telstr"){return new w(k[H])}if(H=="ia5str"){return new q(k[H])}if(H=="utctime"){return new E(k[H])}if(H=="gentime"){return new j(k[H])}if(H=="visstr"){return new b(k[H])}if(H=="bmpstr"){return new l(k[H])}if(H=="asn1"){return new v(k[H])}if(H=="seq"){var d=k[H];var G=[];for(var z=0;z<d.length;z++){var D=p(d[z]);G.push(D)}return new n({array:G})}if(H=="set"){var d=k[H];var G=[];for(var z=0;z<d.length;z++){var D=p(d[z]);G.push(D)}return new c({array:G})}if(H=="tag"){var C=k[H];if(Object.prototype.toString.call(C)==="[object Array]"&&C.length==3){var r=p(C[2]);return new s({tag:C[0],explicit:C[1],obj:r})}else{return new s(C)}}};this.jsonToASN1HEX=function(b){var a=this.newObject(b);return a.tohex()}};KJUR.asn1.ASN1Util.oidHexToInt=function(a){var j="";var k=parseInt(a.substr(0,2),16);var d=Math.floor(k/40);var c=k%40;var j=d+"."+c;var e="";for(var f=2;f<a.length;f+=2){var g=parseInt(a.substr(f,2),16);var h=("00000000"+g.toString(2)).slice(-8);e=e+h.substr(1,7);if(h.substr(0,1)=="0"){var b=new BigInteger(e,2);j=j+"."+b.toString(10);e=""}}return j};KJUR.asn1.ASN1Util.oidIntToHex=function(f){var e=function(a){var k=a.toString(16);if(k.length==1){k="0"+k}return k};var d=function(o){var n="";var k=new BigInteger(o,10);var a=k.toString(2);var l=7-a.length%7;if(l==7){l=0}var q="";for(var m=0;m<l;m++){q+="0"}a=q+a;for(var m=0;m<a.length-1;m+=7){var p=a.substr(m,7);if(m!=a.length-7){p="1"+p}n+=e(parseInt(p,2))}return n};if(!f.match(/^[0-9.]+$/)){throw"malformed oid string: "+f}var g="";var b=f.split(".");var j=parseInt(b[0])*40+parseInt(b[1]);g+=e(j);b.splice(0,2);for(var c=0;c<b.length;c++){g+=d(b[c])}return g};KJUR.asn1.ASN1Object=function(e){var c=true;var b=null;var d="00";var f="00";var a="";this.params=null;this.getLengthHexFromValue=function(){if(typeof this.hV=="undefined"||this.hV==null){throw new Error("this.hV is null or undefined")}if(this.hV.length%2==1){throw new Error("value hex must be even length: n="+a.length+",v="+this.hV)}var j=this.hV.length/2;var i=j.toString(16);if(i.length%2==1){i="0"+i}if(j<128){return i}else{var h=i.length/2;if(h>15){throw new Error("ASN.1 length too long to represent by 8x: n = "+j.toString(16))}var g=128+h;return g.toString(16)+i}};this.tohex=function(){if(this.hTLV==null||this.isModified){this.hV=this.getFreshValueHex();this.hL=this.getLengthHexFromValue();this.hTLV=this.hT+this.hL+this.hV;this.isModified=false}return this.hTLV};this.getEncodedHex=function(){return this.tohex()};this.getValueHex=function(){this.tohex();return this.hV};this.getFreshValueHex=function(){return""};this.setByParam=function(g){this.params=g};if(e!=undefined){if(e.tlv!=undefined){this.hTLV=e.tlv;this.isModified=false}}};KJUR.asn1.DERAbstractString=function(c){KJUR.asn1.DERAbstractString.superclass.constructor.call(this);var b=null;var a=null;this.getString=function(){return this.s};this.setString=function(d){this.hTLV=null;this.isModified=true;this.s=d;this.hV=utf8tohex(this.s).toLowerCase()};this.setStringHex=function(d){this.hTLV=null;this.isModified=true;this.s=null;this.hV=d};this.getFreshValueHex=function(){return this.hV};if(typeof c!="undefined"){if(typeof c=="string"){this.setString(c)}else{if(typeof c.str!="undefined"){this.setString(c.str)}else{if(typeof c.hex!="undefined"){this.setStringHex(c.hex)}}}}};extendClass(KJUR.asn1.DERAbstractString,KJUR.asn1.ASN1Object);KJUR.asn1.DERAbstractTime=function(c){KJUR.asn1.DERAbstractTime.superclass.constructor.call(this);var b=null;var a=null;this.localDateToUTC=function(g){var e=g.getTime()+(g.getTimezoneOffset()*60000);var f=new Date(e);return f};this.formatDate=function(m,o,e){var g=this.zeroPadding;var n=this.localDateToUTC(m);var p=String(n.getFullYear());if(o=="utc"){p=p.substr(2,2)}var l=g(String(n.getMonth()+1),2);var q=g(String(n.getDate()),2);var h=g(String(n.getHours()),2);var i=g(String(n.getMinutes()),2);var j=g(String(n.getSeconds()),2);var r=p+l+q+h+i+j;if(e===true){var f=n.getMilliseconds();if(f!=0){var k=g(String(f),3);k=k.replace(/[0]+$/,"");r=r+"."+k}}return r+"Z"};this.zeroPadding=function(e,d){if(e.length>=d){return e}return new Array(d-e.length+1).join("0")+e};this.setByParam=function(d){this.hV=null;this.hTLV=null;this.params=d};this.getString=function(){return undefined};this.setString=function(d){this.hTLV=null;this.isModified=true;if(this.params==undefined){this.params={}}this.params.str=d};this.setByDate=function(d){this.hTLV=null;this.isModified=true;if(this.params==undefined){this.params={}}this.params.date=d};this.setByDateValue=function(h,j,e,d,f,g){var i=new Date(Date.UTC(h,j-1,e,d,f,g,0));this.setByDate(i)};this.getFreshValueHex=function(){return this.hV}};extendClass(KJUR.asn1.DERAbstractTime,KJUR.asn1.ASN1Object);KJUR.asn1.DERAbstractStructured=function(b){KJUR.asn1.DERAbstractString.superclass.constructor.call(this);var a=null;this.setByASN1ObjectArray=function(c){this.hTLV=null;this.isModified=true;this.asn1Array=c};this.appendASN1Object=function(c){this.hTLV=null;this.isModified=true;this.asn1Array.push(c)};this.asn1Array=new Array();if(typeof b!="undefined"){if(typeof b.array!="undefined"){this.asn1Array=b.array}}};extendClass(KJUR.asn1.DERAbstractStructured,KJUR.asn1.ASN1Object);KJUR.asn1.DERBoolean=function(a){KJUR.asn1.DERBoolean.superclass.constructor.call(this);this.hT="01";if(a==false){this.hTLV="010100"}else{this.hTLV="0101ff"}};extendClass(KJUR.asn1.DERBoolean,KJUR.asn1.ASN1Object);KJUR.asn1.DERInteger=function(a){KJUR.asn1.DERInteger.superclass.constructor.call(this);this.hT="02";this.setByBigInteger=function(b){this.hTLV=null;this.isModified=true;this.hV=KJUR.asn1.ASN1Util.bigIntToMinTwosComplementsHex(b)};this.setByInteger=function(c){var b=new BigInteger(String(c),10);this.setByBigInteger(b)};this.setValueHex=function(b){this.hV=b};this.getFreshValueHex=function(){return this.hV};if(typeof a!="undefined"){if(typeof a.bigint!="undefined"){this.setByBigInteger(a.bigint)}else{if(typeof a["int"]!="undefined"){this.setByInteger(a["int"])}else{if(typeof a=="number"){this.setByInteger(a)}else{if(typeof a.hex!="undefined"){this.setValueHex(a.hex)}}}}}};extendClass(KJUR.asn1.DERInteger,KJUR.asn1.ASN1Object);KJUR.asn1.DERBitString=function(b){if(b!==undefined&&typeof b.obj!=="undefined"){var a=KJUR.asn1.ASN1Util.newObject(b.obj);b.hex="00"+a.tohex()}KJUR.asn1.DERBitString.superclass.constructor.call(this);this.hT="03";this.setHexValueIncludingUnusedBits=function(c){this.hTLV=null;this.isModified=true;this.hV=c};this.setUnusedBitsAndHexValue=function(c,e){if(c<0||7<c){throw"unused bits shall be from 0 to 7: u = "+c}var d="0"+c;this.hTLV=null;this.isModified=true;this.hV=d+e};this.setByBinaryString=function(e){e=e.replace(/0+$/,"");var f=8-e.length%8;if(f==8){f=0}e+="0000000".substr(0,f);var j="";for(var g=0;g<e.length-1;g+=8){var d=e.substr(g,8);var c=parseInt(d,2).toString(16);if(c.length==1){c="0"+c}j+=c}this.hTLV=null;this.isModified=true;this.hV="0"+f+j};this.setByBooleanArray=function(e){var d="";for(var c=0;c<e.length;c++){if(e[c]==true){d+="1"}else{d+="0"}}this.setByBinaryString(d)};this.newFalseArray=function(e){var c=new Array(e);for(var d=0;d<e;d++){c[d]=false}return c};this.getFreshValueHex=function(){return this.hV};if(typeof b!="undefined"){if(typeof b=="string"&&b.toLowerCase().match(/^[0-9a-f]+$/)){this.setHexValueIncludingUnusedBits(b)}else{if(typeof b.hex!="undefined"){this.setHexValueIncludingUnusedBits(b.hex)}else{if(typeof b.bin!="undefined"){this.setByBinaryString(b.bin)}else{if(typeof b.array!="undefined"){this.setByBooleanArray(b.array)}}}}}};extendClass(KJUR.asn1.DERBitString,KJUR.asn1.ASN1Object);KJUR.asn1.DEROctetString=function(b){if(b!==undefined&&typeof b.obj!=="undefined"){var a=KJUR.asn1.ASN1Util.newObject(b.obj);b.hex=a.tohex()}KJUR.asn1.DEROctetString.superclass.constructor.call(this,b);this.hT="04"};extendClass(KJUR.asn1.DEROctetString,KJUR.asn1.DERAbstractString);KJUR.asn1.DERNull=function(){KJUR.asn1.DERNull.superclass.constructor.call(this);this.hT="05";this.hTLV="0500"};extendClass(KJUR.asn1.DERNull,KJUR.asn1.ASN1Object);KJUR.asn1.DERObjectIdentifier=function(a){KJUR.asn1.DERObjectIdentifier.superclass.constructor.call(this);this.hT="06";this.setValueHex=function(b){this.hTLV=null;this.isModified=true;this.s=null;this.hV=b};this.setValueOidString=function(b){var c=oidtohex(b);if(c==null){throw new Error("malformed oid string: "+b)}this.hTLV=null;this.isModified=true;this.s=null;this.hV=c};this.setValueName=function(c){var b=KJUR.asn1.x509.OID.name2oid(c);if(b!==""){this.setValueOidString(b)}else{throw new Error("DERObjectIdentifier oidName undefined: "+c)}};this.setValueNameOrOid=function(b){if(b.match(/^[0-2].[0-9.]+$/)){this.setValueOidString(b)}else{this.setValueName(b)}};this.getFreshValueHex=function(){return this.hV};this.setByParam=function(b){if(typeof b==="string"){this.setValueNameOrOid(b)}else{if(b.oid!==undefined){this.setValueNameOrOid(b.oid)}else{if(b.name!==undefined){this.setValueNameOrOid(b.name)}else{if(b.hex!==undefined){this.setValueHex(b.hex)}}}}};if(a!==undefined){this.setByParam(a)}};extendClass(KJUR.asn1.DERObjectIdentifier,KJUR.asn1.ASN1Object);KJUR.asn1.DEREnumerated=function(a){KJUR.asn1.DEREnumerated.superclass.constructor.call(this);this.hT="0a";this.setByBigInteger=function(b){this.hTLV=null;this.isModified=true;this.hV=KJUR.asn1.ASN1Util.bigIntToMinTwosComplementsHex(b)};this.setByInteger=function(c){var b=new BigInteger(String(c),10);this.setByBigInteger(b)};this.setValueHex=function(b){this.hV=b};this.getFreshValueHex=function(){return this.hV};if(typeof a!="undefined"){if(typeof a["int"]!="undefined"){this.setByInteger(a["int"])}else{if(typeof a=="number"){this.setByInteger(a)}else{if(typeof a.hex!="undefined"){this.setValueHex(a.hex)}}}}};extendClass(KJUR.asn1.DEREnumerated,KJUR.asn1.ASN1Object);KJUR.asn1.DERUTF8String=function(a){KJUR.asn1.DERUTF8String.superclass.constructor.call(this,a);this.hT="0c"};extendClass(KJUR.asn1.DERUTF8String,KJUR.asn1.DERAbstractString);KJUR.asn1.DERNumericString=function(a){KJUR.asn1.DERNumericString.superclass.constructor.call(this,a);this.hT="12"};extendClass(KJUR.asn1.DERNumericString,KJUR.asn1.DERAbstractString);KJUR.asn1.DERPrintableString=function(a){KJUR.asn1.DERPrintableString.superclass.constructor.call(this,a);this.hT="13"};extendClass(KJUR.asn1.DERPrintableString,KJUR.asn1.DERAbstractString);KJUR.asn1.DERTeletexString=function(a){KJUR.asn1.DERTeletexString.superclass.constructor.call(this,a);this.hT="14"};extendClass(KJUR.asn1.DERTeletexString,KJUR.asn1.DERAbstractString);KJUR.asn1.DERIA5String=function(a){KJUR.asn1.DERIA5String.superclass.constructor.call(this,a);this.hT="16"};extendClass(KJUR.asn1.DERIA5String,KJUR.asn1.DERAbstractString);KJUR.asn1.DERVisibleString=function(a){KJUR.asn1.DERIA5String.superclass.constructor.call(this,a);this.hT="1a"};extendClass(KJUR.asn1.DERVisibleString,KJUR.asn1.DERAbstractString);KJUR.asn1.DERBMPString=function(a){KJUR.asn1.DERBMPString.superclass.constructor.call(this,a);this.hT="1e"};extendClass(KJUR.asn1.DERBMPString,KJUR.asn1.DERAbstractString);KJUR.asn1.DERUTCTime=function(a){KJUR.asn1.DERUTCTime.superclass.constructor.call(this,a);this.hT="17";this.params=undefined;this.getFreshValueHex=function(){var d=this.params;if(this.params==undefined){d={date:new Date()}}if(typeof d=="string"){if(d.match(/^[0-9]{12}Z$/)||d.match(/^[0-9]{12}\.[0-9]+Z$/)){this.hV=stohex(d)}else{throw new Error("malformed string for UTCTime: "+d)}}else{if(d.str!=undefined){this.hV=stohex(d.str)}else{if(d.date==undefined&&d.millis==true){var c=new Date();this.hV=stohex(this.formatDate(c,"utc",true))}else{if(d.date!=undefined&&d.date instanceof Date){var b=(d.millis===true);this.hV=stohex(this.formatDate(d.date,"utc",b))}else{if(d instanceof Date){this.hV=stohex(this.formatDate(d,"utc"))}}}}}if(this.hV==undefined){throw new Error("parameter not specified properly for UTCTime")}return this.hV};if(a!=undefined){this.setByParam(a)}};extendClass(KJUR.asn1.DERUTCTime,KJUR.asn1.DERAbstractTime);KJUR.asn1.DERGeneralizedTime=function(a){KJUR.asn1.DERGeneralizedTime.superclass.constructor.call(this,a);this.hT="18";this.params=a;this.getFreshValueHex=function(){var d=this.params;if(this.params==undefined){d={date:new Date()}}if(typeof d=="string"){if(d.match(/^[0-9]{14}Z$/)||d.match(/^[0-9]{14}\.[0-9]+Z$/)){this.hV=stohex(d)}else{throw new Error("malformed string for GeneralizedTime: "+d)}}else{if(d.str!=undefined){this.hV=stohex(d.str)}else{if(d.date==undefined&&d.millis==true){var c=new Date();this.hV=stohex(this.formatDate(c,"gen",true))}else{if(d.date!=undefined&&d.date instanceof Date){var b=(d.millis===true);this.hV=stohex(this.formatDate(d.date,"gen",b))}else{if(d instanceof Date){this.hV=stohex(this.formatDate(d,"gen"))}}}}}if(this.hV==undefined){throw new Error("parameter not specified properly for GeneralizedTime")}return this.hV};if(a!=undefined){this.setByParam(a)}};extendClass(KJUR.asn1.DERGeneralizedTime,KJUR.asn1.DERAbstractTime);KJUR.asn1.DERSequence=function(a){KJUR.asn1.DERSequence.superclass.constructor.call(this,a);this.hT="30";this.getFreshValueHex=function(){var c="";for(var b=0;b<this.asn1Array.length;b++){var d=this.asn1Array[b];c+=d.tohex()}this.hV=c;return this.hV}};extendClass(KJUR.asn1.DERSequence,KJUR.asn1.DERAbstractStructured);KJUR.asn1.DERSet=function(a){KJUR.asn1.DERSet.superclass.constructor.call(this,a);this.hT="31";this.sortFlag=true;this.getFreshValueHex=function(){var b=new Array();for(var c=0;c<this.asn1Array.length;c++){var d=this.asn1Array[c];b.push(d.tohex())}if(this.sortFlag==true){b.sort()}this.hV=b.join("");return this.hV};if(typeof a!="undefined"){if(typeof a.sortflag!="undefined"&&a.sortflag==false){this.sortFlag=false}}};extendClass(KJUR.asn1.DERSet,KJUR.asn1.DERAbstractStructured);KJUR.asn1.DERTaggedObject=function(f){KJUR.asn1.DERTaggedObject.superclass.constructor.call(this);var d=KJUR.asn1,e=ASN1HEX,a=e.getV,c=e.isASN1HEX,b=d.ASN1Util.newObject;this.hT="a0";this.hV="";this.isExplicit=true;this.asn1Object=null;this.params={tag:"a0",explicit:true};this.setASN1Object=function(g,h,i){this.params={tag:h,explicit:g,obj:i}};this.getFreshValueHex=function(){var h=this.params;if(h.explicit==undefined){h.explicit=true}if(h.tage!=undefined){h.tag=h.tage;h.explicit=true}if(h.tagi!=undefined){h.tag=h.tagi;h.explicit=false}if(h.str!=undefined){this.hV=utf8tohex(h.str)}else{if(h.hex!=undefined){this.hV=h.hex}else{if(h.obj!=undefined){var g;if(h.obj instanceof d.ASN1Object){g=h.obj.tohex()}else{if(typeof h.obj=="object"){g=b(h.obj).tohex()}}if(h.explicit){this.hV=g}else{this.hV=a(g,0)}}else{throw new Error("str, hex nor obj not specified")}}}if(h.tag==undefined){h.tag="a0"}this.hT=h.tag;this.hTLV=null;this.isModified=true;return this.hV};this.setByParam=function(g){this.params=g};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.DERTaggedObject,KJUR.asn1.ASN1Object);
 var ASN1HEX=new function(){};ASN1HEX.getLblen=function(c,a){if(c.substr(a+2,1)!="8"){return 1}var b=parseInt(c.substr(a+3,1));if(b==0){return -1}if(0<b&&b<10){return b+1}return -2};ASN1HEX.getL=function(c,b){var a=ASN1HEX.getLblen(c,b);if(a<1){return""}return c.substr(b+2,a*2)};ASN1HEX.getVblen=function(d,a){var c,b;c=ASN1HEX.getL(d,a);if(c==""){return -1}if(c.substr(0,1)==="8"){b=new BigInteger(c.substr(2),16)}else{b=new BigInteger(c,16)}return b.intValue()};ASN1HEX.getVidx=function(c,b){var a=ASN1HEX.getLblen(c,b);if(a<0){return a}return b+(a+1)*2};ASN1HEX.getV=function(d,a){var c=ASN1HEX.getVidx(d,a);var b=ASN1HEX.getVblen(d,a);return d.substr(c,b*2)};ASN1HEX.getTLV=function(b,a){return b.substr(a,2)+ASN1HEX.getL(b,a)+ASN1HEX.getV(b,a)};ASN1HEX.getTLVblen=function(b,a){return 2+ASN1HEX.getLblen(b,a)*2+ASN1HEX.getVblen(b,a)*2};ASN1HEX.getNextSiblingIdx=function(d,a){var c=ASN1HEX.getVidx(d,a);var b=ASN1HEX.getVblen(d,a);return c+b*2};ASN1HEX.getChildIdx=function(e,k){var l=ASN1HEX;var j=[];var c,f,g;c=l.getVidx(e,k);f=l.getVblen(e,k)*2;if(e.substr(k,2)=="03"){c+=2;f-=2}g=0;var d=c;while(g<=f){var b=l.getTLVblen(e,d);g+=b;if(g<=f){j.push(d)}d+=b;if(g>=f){break}}return j};ASN1HEX.getNthChildIdx=function(d,b,e){var c=ASN1HEX.getChildIdx(d,b);return c[e]};ASN1HEX.getIdxbyList=function(e,d,c,i){var g=ASN1HEX;var f,b;if(c.length==0){if(i!==undefined){if(e.substr(d,2)!==i){return -1}}return d}f=c.shift();b=g.getChildIdx(e,d);if(f>=b.length){return -1}return g.getIdxbyList(e,b[f],c,i)};ASN1HEX.getIdxbyListEx=function(f,k,b,g){var m=ASN1HEX;var d,l;if(b.length==0){if(g!==undefined){if(f.substr(k,2)!==g){return -1}}return k}d=b.shift();l=m.getChildIdx(f,k);var j=0;for(var e=0;e<l.length;e++){var c=f.substr(l[e],2);if((typeof d=="number"&&(!m.isContextTag(c))&&j==d)||(typeof d=="string"&&m.isContextTag(c,d))){return m.getIdxbyListEx(f,l[e],b,g)}if(!m.isContextTag(c)){j++}}return -1};ASN1HEX.getTLVbyList=function(d,c,b,f){var e=ASN1HEX;var a=e.getIdxbyList(d,c,b,f);if(a==-1){return null}if(a>=d.length){return null}return e.getTLV(d,a)};ASN1HEX.getTLVbyListEx=function(d,c,b,f){var e=ASN1HEX;var a=e.getIdxbyListEx(d,c,b,f);if(a==-1){return null}return e.getTLV(d,a)};ASN1HEX.getVbyList=function(e,c,b,g,i){var f=ASN1HEX;var a,d;a=f.getIdxbyList(e,c,b,g);if(a==-1){return null}if(a>=e.length){return null}d=f.getV(e,a);if(i===true){d=d.substr(2)}return d};ASN1HEX.getVbyListEx=function(b,e,a,d,f){var j=ASN1HEX;var g,c,i;g=j.getIdxbyListEx(b,e,a,d);if(g==-1){return null}i=j.getV(b,g);if(b.substr(g,2)=="03"&&f!==false){i=i.substr(2)}return i};ASN1HEX.getInt=function(e,b,f){if(f==undefined){f=-1}try{var c=e.substr(b,2);if(c!="02"&&c!="03"){return f}var a=ASN1HEX.getV(e,b);if(c=="02"){return parseInt(a,16)}else{return bitstrtoint(a)}}catch(d){return f}};ASN1HEX.getOID=function(c,a,d){if(d==undefined){d=null}try{if(c.substr(a,2)!="06"){return d}var e=ASN1HEX.getV(c,a);return hextooid(e)}catch(b){return d}};ASN1HEX.getOIDName=function(d,a,f){if(f==undefined){f=null}try{var e=ASN1HEX.getOID(d,a,f);if(e==f){return f}var b=KJUR.asn1.x509.OID.oid2name(e);if(b==""){return e}return b}catch(c){return f}};ASN1HEX.getString=function(d,b,e){if(e==undefined){e=null}try{var a=ASN1HEX.getV(d,b);return hextorstr(a)}catch(c){return e}};ASN1HEX.hextooidstr=function(e){var h=function(b,a){if(b.length>=a){return b}return new Array(a-b.length+1).join("0")+b};var l=[];var o=e.substr(0,2);var f=parseInt(o,16);l[0]=new String(Math.floor(f/40));l[1]=new String(f%40);var m=e.substr(2);var k=[];for(var g=0;g<m.length/2;g++){k.push(parseInt(m.substr(g*2,2),16))}var j=[];var d="";for(var g=0;g<k.length;g++){if(k[g]&128){d=d+h((k[g]&127).toString(2),7)}else{d=d+h((k[g]&127).toString(2),7);j.push(new String(parseInt(d,2)));d=""}}var n=l.join(".");if(j.length>0){n=n+"."+j.join(".")}return n};ASN1HEX.dump=function(t,c,l,g){var p=ASN1HEX;var j=p.getV;var y=p.dump;var w=p.getChildIdx;var e=t;if(t instanceof KJUR.asn1.ASN1Object){e=t.tohex()}var q=function(A,i){if(A.length<=i*2){return A}else{var v=A.substr(0,i)+"..(total "+A.length/2+"bytes).."+A.substr(A.length-i,i);return v}};if(c===undefined){c={ommit_long_octet:32}}if(l===undefined){l=0}if(g===undefined){g=""}var x=c.ommit_long_octet;var z=e.substr(l,2);if(z=="01"){var h=j(e,l);if(h=="00"){return g+"BOOLEAN FALSE\n"}else{return g+"BOOLEAN TRUE\n"}}if(z=="02"){var h=j(e,l);return g+"INTEGER "+q(h,x)+"\n"}if(z=="03"){var h=j(e,l);if(p.isASN1HEX(h.substr(2))){var k=g+"BITSTRING, encapsulates\n";k=k+y(h.substr(2),c,0,g+"  ");return k}else{return g+"BITSTRING "+q(h,x)+"\n"}}if(z=="04"){var h=j(e,l);if(p.isASN1HEX(h)){var k=g+"OCTETSTRING, encapsulates\n";k=k+y(h,c,0,g+"  ");return k}else{return g+"OCTETSTRING "+q(h,x)+"\n"}}if(z=="05"){return g+"NULL\n"}if(z=="06"){var m=j(e,l);var b=KJUR.asn1.ASN1Util.oidHexToInt(m);var o=KJUR.asn1.x509.OID.oid2name(b);var a=b.replace(/\./g," ");if(o!=""){return g+"ObjectIdentifier "+o+" ("+a+")\n"}else{return g+"ObjectIdentifier ("+a+")\n"}}if(z=="0a"){return g+"ENUMERATED "+parseInt(j(e,l))+"\n"}if(z=="0c"){return g+"UTF8String '"+hextoutf8(j(e,l))+"'\n"}if(z=="13"){return g+"PrintableString '"+hextoutf8(j(e,l))+"'\n"}if(z=="14"){return g+"TeletexString '"+hextoutf8(j(e,l))+"'\n"}if(z=="16"){return g+"IA5String '"+hextoutf8(j(e,l))+"'\n"}if(z=="17"){return g+"UTCTime "+hextoutf8(j(e,l))+"\n"}if(z=="18"){return g+"GeneralizedTime "+hextoutf8(j(e,l))+"\n"}if(z=="1a"){return g+"VisualString '"+hextoutf8(j(e,l))+"'\n"}if(z=="1e"){return g+"BMPString '"+ucs2hextoutf8(j(e,l))+"'\n"}if(z=="30"){if(e.substr(l,4)=="3000"){return g+"SEQUENCE {}\n"}var k=g+"SEQUENCE\n";var d=w(e,l);var f=c;if((d.length==2||d.length==3)&&e.substr(d[0],2)=="06"&&e.substr(d[d.length-1],2)=="04"){var o=p.oidname(j(e,d[0]));var r=JSON.parse(JSON.stringify(c));r.x509ExtName=o;f=r}for(var u=0;u<d.length;u++){k=k+y(e,f,d[u],g+"  ")}return k}if(z=="31"){var k=g+"SET\n";var d=w(e,l);for(var u=0;u<d.length;u++){k=k+y(e,c,d[u],g+"  ")}return k}var z=parseInt(z,16);if((z&128)!=0){var n=z&31;if((z&32)!=0){var k=g+"["+n+"]\n";var d=w(e,l);for(var u=0;u<d.length;u++){k=k+y(e,c,d[u],g+"  ")}return k}else{var h=j(e,l);if(ASN1HEX.isASN1HEX(h)){var k=g+"["+n+"]\n";k=k+y(h,c,0,g+"  ");return k}else{if(h.substr(0,8)=="68747470"){h=hextoutf8(h)}else{if(c.x509ExtName==="subjectAltName"&&n==2){h=hextoutf8(h)}}}var k=g+"["+n+"] "+h+"\n";return k}}return g+"UNKNOWN("+z+") "+j(e,l)+"\n"};ASN1HEX.parse=function(x){var t=ASN1HEX,f=t.parse,a=t.isASN1HEX,l=t.getV,b=t.getTLV,y=t.getChildIdx,i=KJUR.asn1,e=i.ASN1Util.oidHexToInt,B=i.x509.OID.oid2name,k=hextoutf8,n=ucs2hextoutf8,q=iso88591hextoutf8;var c={"0c":"utf8str","12":"numstr","13":"prnstr","14":"telstr","16":"ia5str","17":"utctime","18":"gentime","1a":"visstr","1e":"bmpstr","30":"seq","31":"set"};var u=function(H){var D=[];var E=y(H,0);for(var G=0;G<E.length;G++){var s=E[G];var d=b(H,s);var F=f(d);D.push(F)}return D};var C=x.substr(0,2);var j={};var p=l(x,0);if(C=="01"){if(x=="0101ff"){return{bool:true}}return{bool:false}}else{if(C=="02"){return{"int":{hex:p}}}else{if(C=="03"){try{if(p.substr(0,2)!="00"){throw"not encap"}var v=p.substr(2);if(!a(v)){throw"not encap"}return{bitstr:{obj:f(v)}}}catch(z){var m=null;if(p.length<=10){m=bitstrtobinstr(p)}if(m==null){return{bitstr:{hex:p}}}else{return{bitstr:{bin:m}}}}}else{if(C=="04"){try{if(!a(p)){throw"not encap"}return{octstr:{obj:f(p)}}}catch(z){return{octstr:{hex:p}}}}else{if(C=="05"){return{"null":""}}else{if(C=="06"){var g=e(p);var r=B(g);if(r==""){return{oid:g}}else{return{oid:r}}}else{if(C=="0a"){if(p.length>4){return{"enum":{hex:p}}}else{return{"enum":parseInt(p,16)}}}else{if(C=="30"||C=="31"){j[c[C]]=u(x);return j}else{if(C=="14"){var o=q(p);j[c[C]]={str:o};return j}else{if(C=="1e"){var o=n(p);j[c[C]]={str:o};return j}else{if(":0c:12:13:16:17:18:1a:".indexOf(C)!=-1){var o=k(p);j[c[C]]={str:o};return j}else{if(C.match(/^8[0-9]$/)){var o=k(p);if(o==null|o==""){return{tag:{tag:C,explicit:false,hex:p}}}else{if(o.match(/[\x00-\x1F\x7F-\x9F]/)!=null||o.match(/[\u0000-\u001F\u0080–\u009F]/)!=null){return{tag:{tag:C,explicit:false,hex:p}}}else{return{tag:{tag:C,explicit:false,str:o}}}}}else{if(C.match(/^a[0-9]$/)){try{if(!a(p)){throw new Error("not encap")}return{tag:{tag:C,explicit:true,obj:f(p)}}}catch(z){return{tag:{tag:C,explicit:true,hex:p}}}}else{var A=new KJUR.asn1.ASN1Object();A.hV=p;var w=A.getLengthHexFromValue();return{asn1:{tlv:C+w+p}}}}}}}}}}}}}}}};ASN1HEX.isContextTag=function(c,b){c=c.toLowerCase();var f,e;try{f=parseInt(c,16)}catch(d){return -1}if(b===undefined){if((f&192)==128){return true}else{return false}}try{var a=b.match(/^\[[0-9]+\]$/);if(a==null){return false}e=parseInt(b.substr(1,b.length-1),10);if(e>31){return false}if(((f&192)==128)&&((f&31)==e)){return true}return false}catch(d){return false}};ASN1HEX.isASN1HEX=function(e){var d=ASN1HEX;if(e.length%2==1){return false}var c=d.getVblen(e,0);var b=e.substr(0,2);var f=d.getL(e,0);var a=e.length-b.length-f.length;if(a==c*2){return true}return false};ASN1HEX.checkStrictDER=function(g,o,d,c,r){var s=ASN1HEX;if(d===undefined){if(typeof g!="string"){throw new Error("not hex string")}g=g.toLowerCase();if(!KJUR.lang.String.isHex(g)){throw new Error("not hex string")}d=g.length;c=g.length/2;if(c<128){r=1}else{r=Math.ceil(c.toString(16))+1}}var k=s.getL(g,o);if(k.length>r*2){throw new Error("L of TLV too long: idx="+o)}var n=s.getVblen(g,o);if(n>c){throw new Error("value of L too long than hex: idx="+o)}var q=s.getTLV(g,o);var f=q.length-2-s.getL(g,o).length;if(f!==(n*2)){throw new Error("V string length and L's value not the same:"+f+"/"+(n*2))}if(o===0){if(g.length!=q.length){throw new Error("total length and TLV length unmatch:"+g.length+"!="+q.length)}}var b=g.substr(o,2);if(b==="02"){var a=s.getVidx(g,o);if(g.substr(a,2)=="00"&&g.charCodeAt(a+2)<56){throw new Error("not least zeros for DER INTEGER")}}if(parseInt(b,16)&32){var p=s.getVblen(g,o);var m=0;var l=s.getChildIdx(g,o);for(var e=0;e<l.length;e++){var j=s.getTLV(g,l[e]);m+=j.length;s.checkStrictDER(g,l[e],d,c,r)}if((p*2)!=m){throw new Error("sum of children's TLV length and L unmatch: "+(p*2)+"!="+m)}}};ASN1HEX.oidname=function(a){var c=KJUR.asn1;if(KJUR.lang.String.isHex(a)){a=c.ASN1Util.oidHexToInt(a)}var b=c.x509.OID.oid2name(a);if(b===""){b=a}return b};
-if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}if(typeof KJUR.asn1.x509=="undefined"||!KJUR.asn1.x509){KJUR.asn1.x509={}}KJUR.asn1.x509.Certificate=function(h){KJUR.asn1.x509.Certificate.superclass.constructor.call(this);var d=KJUR,c=d.asn1,f=c.DERBitString,b=c.DERSequence,g=c.x509,a=g.TBSCertificate,e=g.AlgorithmIdentifier;this.params=undefined;this.setByParam=function(i){this.params=i};this.sign=function(){var l=this.params;var k=l.sigalg;if(l.sigalg.name!=undefined){k=l.sigalg.name}var i=l.tbsobj.tohex();var j=new KJUR.crypto.Signature({alg:k});j.init(l.cakey);j.updateHex(i);l.sighex=j.sign()};this.getPEM=function(){return hextopem(this.tohex(),"CERTIFICATE")};this.tohex=function(){var k=this.params;if(k.tbsobj==undefined||k.tbsobj==null){k.tbsobj=new a(k)}if(k.sighex==undefined&&k.cakey!=undefined){this.sign()}if(k.sighex==undefined){throw new Error("sighex or cakey parameter not defined")}var i=[];i.push(k.tbsobj);i.push(new e({name:k.sigalg}));i.push(new f({hex:"00"+k.sighex}));var j=new b({array:i});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};if(h!=undefined){this.params=h}};extendClass(KJUR.asn1.x509.Certificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.TBSCertificate=function(f){KJUR.asn1.x509.TBSCertificate.superclass.constructor.call(this);var b=KJUR,i=b.asn1,d=i.x509,c=i.DERTaggedObject,h=i.DERInteger,g=i.DERSequence,l=d.AlgorithmIdentifier,e=d.Time,a=d.X500Name,j=d.Extensions,k=d.SubjectPublicKeyInfo;this.params=null;this.setByParam=function(m){this.params=m};this.tohex=function(){var n=[];var q=this.params;if(q.version!=undefined||q.version!=1){var m=2;if(q.version!=undefined){m=q.version-1}var p=new c({obj:new h({"int":m})});n.push(p)}n.push(new h(q.serial));n.push(new l({name:q.sigalg}));n.push(new a(q.issuer));n.push(new g({array:[new e(q.notbefore),new e(q.notafter)]}));n.push(new a(q.subject));n.push(new k(KEYUTIL.getKey(q.sbjpubkey)));if(q.ext!==undefined&&q.ext.length>0){n.push(new c({tag:"a3",obj:new j(q.ext)}))}var o=new KJUR.asn1.DERSequence({array:n});return o.tohex()};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.TBSCertificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Extensions=function(d){KJUR.asn1.x509.Extensions.superclass.constructor.call(this);var c=KJUR,b=c.asn1,a=b.DERSequence,e=b.x509;this.aParam=[];this.setByParam=function(f){this.aParam=f};this.tohex=function(){var f=[];for(var h=0;h<this.aParam.length;h++){var l=this.aParam[h];var k=l.extname;var j=null;if(l.extn!=undefined){j=new e.PrivateExtension(l)}else{if(k=="subjectKeyIdentifier"){j=new e.SubjectKeyIdentifier(l)}else{if(k=="keyUsage"){j=new e.KeyUsage(l)}else{if(k=="subjectAltName"){j=new e.SubjectAltName(l)}else{if(k=="issuerAltName"){j=new e.IssuerAltName(l)}else{if(k=="basicConstraints"){j=new e.BasicConstraints(l)}else{if(k=="nameConstraints"){j=new e.NameConstraints(l)}else{if(k=="cRLDistributionPoints"){j=new e.CRLDistributionPoints(l)}else{if(k=="certificatePolicies"){j=new e.CertificatePolicies(l)}else{if(k=="authorityKeyIdentifier"){j=new e.AuthorityKeyIdentifier(l)}else{if(k=="extKeyUsage"){j=new e.ExtKeyUsage(l)}else{if(k=="authorityInfoAccess"){j=new e.AuthorityInfoAccess(l)}else{if(k=="cRLNumber"){j=new e.CRLNumber(l)}else{if(k=="cRLReason"){j=new e.CRLReason(l)}else{if(k=="ocspNonce"){j=new e.OCSPNonce(l)}else{if(k=="ocspNoCheck"){j=new e.OCSPNoCheck(l)}else{if(k=="adobeTimeStamp"){j=new e.AdobeTimeStamp(l)}else{if(k=="subjectDirectoryAttributes"){j=new e.SubjectDirectoryAttributes(l)}else{throw new Error("extension not supported:"+JSON.stringify(l))}}}}}}}}}}}}}}}}}}if(j!=null){f.push(j)}}var g=new a({array:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(d!=undefined){this.setByParam(d)}};extendClass(KJUR.asn1.x509.Extensions,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Extension=function(d){KJUR.asn1.x509.Extension.superclass.constructor.call(this);var f=null,a=KJUR,e=a.asn1,h=e.DERObjectIdentifier,i=e.DEROctetString,b=e.DERBitString,g=e.DERBoolean,c=e.DERSequence;this.tohex=function(){var m=new h({oid:this.oid});var l=new i({hex:this.getExtnValueHex()});var k=new Array();k.push(m);if(this.critical){k.push(new g())}k.push(l);var j=new c({array:k});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};this.critical=false;if(d!==undefined){if(d.critical!==undefined){this.critical=d.critical}}};extendClass(KJUR.asn1.x509.Extension,KJUR.asn1.ASN1Object);KJUR.asn1.x509.KeyUsage=function(c){KJUR.asn1.x509.KeyUsage.superclass.constructor.call(this,c);var b=Error;var a={digitalSignature:0,nonRepudiation:1,keyEncipherment:2,dataEncipherment:3,keyAgreement:4,keyCertSign:5,cRLSign:6,encipherOnly:7,decipherOnly:8};this.getExtnValueHex=function(){var d=this.getBinValue();this.asn1ExtnValue=new KJUR.asn1.DERBitString({bin:d});return this.asn1ExtnValue.tohex()};this.getBinValue=function(){var d=this.params;if(typeof d!="object"||(typeof d.names!="object"&&typeof d.bin!="string")){throw new b("parameter not yet set")}if(d.names!=undefined){return namearraytobinstr(d.names,a)}else{if(d.bin!=undefined){return d.bin}else{throw new b("parameter not set properly")}}};this.oid="2.5.29.15";if(c!==undefined){this.params=c}};extendClass(KJUR.asn1.x509.KeyUsage,KJUR.asn1.x509.Extension);KJUR.asn1.x509.BasicConstraints=function(g){KJUR.asn1.x509.BasicConstraints.superclass.constructor.call(this,g);var c=KJUR.asn1,e=c.DERBoolean,f=c.DERInteger,b=c.DERSequence;var a=false;var d=-1;this.getExtnValueHex=function(){var i=new Array();if(this.cA){i.push(new e())}if(this.pathLen>-1){i.push(new f({"int":this.pathLen}))}var h=new b({array:i});this.asn1ExtnValue=h;return this.asn1ExtnValue.tohex()};this.oid="2.5.29.19";this.cA=false;this.pathLen=-1;if(g!==undefined){if(g.cA!==undefined){this.cA=g.cA}if(g.pathLen!==undefined){this.pathLen=g.pathLen}}};extendClass(KJUR.asn1.x509.BasicConstraints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRLDistributionPoints=function(d){KJUR.asn1.x509.CRLDistributionPoints.superclass.constructor.call(this,d);var b=KJUR,a=b.asn1,c=a.x509;this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.setByDPArray=function(e){var f=[];for(var g=0;g<e.length;g++){if(e[g] instanceof KJUR.asn1.ASN1Object){f.push(e[g])}else{var h=new c.DistributionPoint(e[g]);f.push(h)}}this.asn1ExtnValue=new a.DERSequence({array:f})};this.setByOneURI=function(f){var e=new c.DistributionPoint({fulluri:f});this.setByDPArray([e])};this.oid="2.5.29.31";if(d!==undefined){if(d.array!==undefined){this.setByDPArray(d.array)}else{if(d.uri!==undefined){this.setByOneURI(d.uri)}}}};extendClass(KJUR.asn1.x509.CRLDistributionPoints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.DistributionPoint=function(e){KJUR.asn1.x509.DistributionPoint.superclass.constructor.call(this);var a=null,c=KJUR,b=c.asn1,d=b.x509.DistributionPointName;this.tohex=function(){var f=new b.DERSequence();if(this.asn1DP!=null){var g=new b.DERTaggedObject({explicit:true,tag:"a0",obj:this.asn1DP});f.appendASN1Object(g)}this.hTLV=f.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){if(e.dpobj!==undefined){this.asn1DP=e.dpobj}else{if(e.dpname!==undefined){this.asn1DP=new d(e.dpname)}else{if(e.fulluri!==undefined){this.asn1DP=new d({full:[{uri:e.fulluri}]})}}}}};extendClass(KJUR.asn1.x509.DistributionPoint,KJUR.asn1.ASN1Object);KJUR.asn1.x509.DistributionPointName=function(h){KJUR.asn1.x509.DistributionPointName.superclass.constructor.call(this);var g=null,d=null,a=null,f=null,c=KJUR,b=c.asn1,e=b.DERTaggedObject;this.tohex=function(){if(this.type!="full"){throw new Error("currently type shall be 'full': "+this.type)}this.asn1Obj=new e({explicit:false,tag:this.tag,obj:this.asn1V});this.hTLV=this.asn1Obj.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(h!==undefined){if(b.x509.GeneralNames.prototype.isPrototypeOf(h)){this.type="full";this.tag="a0";this.asn1V=h}else{if(h.full!==undefined){this.type="full";this.tag="a0";this.asn1V=new b.x509.GeneralNames(h.full)}else{throw new Error("This class supports GeneralNames only as argument")}}}};extendClass(KJUR.asn1.x509.DistributionPointName,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CertificatePolicies=function(f){KJUR.asn1.x509.CertificatePolicies.superclass.constructor.call(this,f);var c=KJUR,b=c.asn1,e=b.x509,a=b.DERSequence,d=e.PolicyInformation;this.params=null;this.getExtnValueHex=function(){var j=[];for(var h=0;h<this.params.array.length;h++){j.push(new d(this.params.array[h]))}var g=new a({array:j});this.asn1ExtnValue=g;return this.asn1ExtnValue.tohex()};this.oid="2.5.29.32";if(f!==undefined){this.params=f}};extendClass(KJUR.asn1.x509.CertificatePolicies,KJUR.asn1.x509.Extension);KJUR.asn1.x509.PolicyInformation=function(d){KJUR.asn1.x509.PolicyInformation.superclass.constructor.call(this,d);var c=KJUR.asn1,b=c.DERSequence,e=c.DERObjectIdentifier,a=c.x509.PolicyQualifierInfo;this.params=null;this.tohex=function(){if(this.params.policyoid===undefined&&this.params.array===undefined){throw new Error("parameter oid and array missing")}var f=[new e(this.params.policyoid)];if(this.params.array!==undefined){var j=[];for(var h=0;h<this.params.array.length;h++){j.push(new a(this.params.array[h]))}if(j.length>0){f.push(new b({array:j}))}}var g=new b({array:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(d!==undefined){this.params=d}};extendClass(KJUR.asn1.x509.PolicyInformation,KJUR.asn1.ASN1Object);KJUR.asn1.x509.PolicyQualifierInfo=function(e){KJUR.asn1.x509.PolicyQualifierInfo.superclass.constructor.call(this,e);var c=KJUR.asn1,b=c.DERSequence,d=c.DERIA5String,f=c.DERObjectIdentifier,a=c.x509.UserNotice;this.params=null;this.tohex=function(){if(this.params.cps!==undefined){var g=new b({array:[new f({oid:"1.3.6.1.5.5.7.2.1"}),new d({str:this.params.cps})]});return g.tohex()}if(this.params.unotice!=undefined){var g=new b({array:[new f({oid:"1.3.6.1.5.5.7.2.2"}),new a(this.params.unotice)]});return g.tohex()}};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){this.params=e}};extendClass(KJUR.asn1.x509.PolicyQualifierInfo,KJUR.asn1.ASN1Object);KJUR.asn1.x509.UserNotice=function(e){KJUR.asn1.x509.UserNotice.superclass.constructor.call(this,e);var a=KJUR.asn1.DERSequence,d=KJUR.asn1.DERInteger,c=KJUR.asn1.x509.DisplayText,b=KJUR.asn1.x509.NoticeReference;this.params=null;this.tohex=function(){var f=[];if(this.params.noticeref!==undefined){f.push(new b(this.params.noticeref))}if(this.params.exptext!==undefined){f.push(new c(this.params.exptext))}var g=new a({array:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){this.params=e}};extendClass(KJUR.asn1.x509.UserNotice,KJUR.asn1.ASN1Object);KJUR.asn1.x509.NoticeReference=function(d){KJUR.asn1.x509.NoticeReference.superclass.constructor.call(this,d);var a=KJUR.asn1.DERSequence,c=KJUR.asn1.DERInteger,b=KJUR.asn1.x509.DisplayText;this.params=null;this.tohex=function(){var f=[];if(this.params.org!==undefined){f.push(new b(this.params.org))}if(this.params.noticenum!==undefined){var h=[];var e=this.params.noticenum;for(var j=0;j<e.length;j++){h.push(new c(e[j]))}f.push(new a({array:h}))}if(f.length==0){throw new Error("parameter is empty")}var g=new a({array:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(d!==undefined){this.params=d}};extendClass(KJUR.asn1.x509.NoticeReference,KJUR.asn1.ASN1Object);KJUR.asn1.x509.DisplayText=function(a){KJUR.asn1.x509.DisplayText.superclass.constructor.call(this,a);this.hT="0c";if(a!==undefined){if(a.type==="ia5"){this.hT="16"}else{if(a.type==="vis"){this.hT="1a"}else{if(a.type==="bmp"){this.hT="1e"}}}}};extendClass(KJUR.asn1.x509.DisplayText,KJUR.asn1.DERAbstractString);KJUR.asn1.x509.NameConstraints=function(f){KJUR.asn1.x509.NameConstraints.superclass.constructor.call(this,f);var c=KJUR,b=c.asn1,e=b.x509,a=b.ASN1Util.newObject,d=e.GeneralSubtree;this.params=null;this.getExtnValueHex=function(){var l=this.params;var g=[];if(l.permit!=undefined&&l.permit.length!=undefined){var k=[];for(var h=0;h<l.permit.length;h++){k.push(new d(l.permit[h]))}g.push({tag:{tagi:"a0",obj:{seq:k}}})}if(l.exclude!=undefined&&l.exclude.length!=undefined){var j=[];for(var h=0;h<l.exclude.length;h++){j.push(new d(l.exclude[h]))}g.push({tag:{tagi:"a1",obj:{seq:j}}})}this.asn1ExtnValue=a({seq:g});return this.asn1ExtnValue.tohex()};this.oid="2.5.29.30";if(f!==undefined){this.params=f}};extendClass(KJUR.asn1.x509.NameConstraints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.GeneralSubtree=function(e){KJUR.asn1.x509.GeneralSubtree.superclass.constructor.call(this);var b=KJUR.asn1,d=b.x509,c=d.GeneralName,a=b.ASN1Util.newObject;this.params=null;this.setByParam=function(f){this.params=f};this.tohex=function(){var h=this.params;var f=[new c(h)];if(h.min!=undefined){f.push({tag:{tagi:"80",obj:{"int":h.min}}})}if(h.max!=undefined){f.push({tag:{tagi:"81",obj:{"int":h.max}}})}var g=a({seq:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){this.setByParam(e)}};extendClass(KJUR.asn1.x509.GeneralSubtree,KJUR.asn1.ASN1Object);KJUR.asn1.x509.ExtKeyUsage=function(c){KJUR.asn1.x509.ExtKeyUsage.superclass.constructor.call(this,c);var b=KJUR,a=b.asn1;this.setPurposeArray=function(d){this.asn1ExtnValue=new a.DERSequence();for(var e=0;e<d.length;e++){var f=new a.DERObjectIdentifier(d[e]);this.asn1ExtnValue.appendASN1Object(f)}};this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.oid="2.5.29.37";if(c!==undefined){if(c.array!==undefined){this.setPurposeArray(c.array)}}};extendClass(KJUR.asn1.x509.ExtKeyUsage,KJUR.asn1.x509.Extension);KJUR.asn1.x509.AuthorityKeyIdentifier=function(f){KJUR.asn1.x509.AuthorityKeyIdentifier.superclass.constructor.call(this,f);var b=KJUR,a=b.asn1,d=a.DERTaggedObject,e=a.x509.GeneralNames,c=b.crypto.Util.isKey;this.asn1KID=null;this.asn1CertIssuer=null;this.asn1CertSN=null;this.getExtnValueHex=function(){var h=new Array();if(this.asn1KID){h.push(new d({explicit:false,tag:"80",obj:this.asn1KID}))}if(this.asn1CertIssuer){h.push(new d({explicit:false,tag:"a1",obj:new e([{dn:this.asn1CertIssuer}])}))}if(this.asn1CertSN){h.push(new d({explicit:false,tag:"82",obj:this.asn1CertSN}))}var g=new a.DERSequence({array:h});this.asn1ExtnValue=g;return this.asn1ExtnValue.tohex()};this.setKIDByParam=function(i){if(i.str!==undefined||i.hex!==undefined){this.asn1KID=new KJUR.asn1.DEROctetString(i)}else{if((typeof i==="object"&&KJUR.crypto.Util.isKey(i))||(typeof i==="string"&&i.indexOf("BEGIN ")!=-1)){var h=i;if(typeof i==="string"){h=KEYUTIL.getKey(i)}var g=KEYUTIL.getKeyID(h);this.asn1KID=new KJUR.asn1.DEROctetString({hex:g})}}};this.setCertIssuerByParam=function(g){if(g.str!==undefined||g.ldapstr!==undefined||g.hex!==undefined||g.certsubject!==undefined||g.certissuer!==undefined){this.asn1CertIssuer=new KJUR.asn1.x509.X500Name(g)}else{if(typeof g==="string"&&g.indexOf("BEGIN ")!=-1&&g.indexOf("CERTIFICATE")!=-1){this.asn1CertIssuer=new KJUR.asn1.x509.X500Name({certissuer:g})}}};this.setCertSNByParam=function(i){if(i.str!==undefined||i.bigint!==undefined||i.hex!==undefined){this.asn1CertSN=new KJUR.asn1.DERInteger(i)}else{if(typeof i==="string"&&i.indexOf("BEGIN ")!=-1&&i.indexOf("CERTIFICATE")){var g=new X509();g.readCertPEM(i);var h=g.getSerialNumberHex();this.asn1CertSN=new KJUR.asn1.DERInteger({hex:h})}}};this.oid="2.5.29.35";if(f!==undefined){if(f.kid!==undefined){this.setKIDByParam(f.kid)}if(f.issuer!==undefined){this.setCertIssuerByParam(f.issuer)}if(f.sn!==undefined){this.setCertSNByParam(f.sn)}if(f.issuersn!==undefined&&typeof f.issuersn==="string"&&f.issuersn.indexOf("BEGIN ")!=-1&&f.issuersn.indexOf("CERTIFICATE")){this.setCertSNByParam(f.issuersn);this.setCertIssuerByParam(f.issuersn)}}};extendClass(KJUR.asn1.x509.AuthorityKeyIdentifier,KJUR.asn1.x509.Extension);KJUR.asn1.x509.SubjectKeyIdentifier=function(d){KJUR.asn1.x509.SubjectKeyIdentifier.superclass.constructor.call(this,d);var b=KJUR,a=b.asn1,c=a.DEROctetString;this.asn1KID=null;this.getExtnValueHex=function(){this.asn1ExtnValue=this.asn1KID;return this.asn1ExtnValue.tohex()};this.setKIDByParam=function(g){if(g.str!==undefined||g.hex!==undefined){this.asn1KID=new c(g)}else{if((typeof g==="object"&&KJUR.crypto.Util.isKey(g))||(typeof g==="string"&&g.indexOf("BEGIN")!=-1)){var f=g;if(typeof g==="string"){f=KEYUTIL.getKey(g)}var e=KEYUTIL.getKeyID(f);this.asn1KID=new KJUR.asn1.DEROctetString({hex:e})}}};this.oid="2.5.29.14";if(d!==undefined){if(d.kid!==undefined){this.setKIDByParam(d.kid)}}};extendClass(KJUR.asn1.x509.SubjectKeyIdentifier,KJUR.asn1.x509.Extension);KJUR.asn1.x509.AuthorityInfoAccess=function(a){KJUR.asn1.x509.AuthorityInfoAccess.superclass.constructor.call(this,a);this.setAccessDescriptionArray=function(k){var d=new Array(),b=KJUR,g=b.asn1,c=g.DERSequence,j=g.DERObjectIdentifier,l=g.x509.GeneralName;for(var f=0;f<k.length;f++){var e;var h=k[f];if(h.ocsp!==undefined){e=new c({array:[new j({oid:"1.3.6.1.5.5.7.48.1"}),new l({uri:h.ocsp})]})}else{if(h.caissuer!==undefined){e=new c({array:[new j({oid:"1.3.6.1.5.5.7.48.2"}),new l({uri:h.caissuer})]})}else{throw new Error("unknown AccessMethod parameter: "+JSON.stringify(h))}}d.push(e)}this.asn1ExtnValue=new c({array:d})};this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.oid="1.3.6.1.5.5.7.1.1";if(a!==undefined){if(a.array!==undefined){this.setAccessDescriptionArray(a.array)}}};extendClass(KJUR.asn1.x509.AuthorityInfoAccess,KJUR.asn1.x509.Extension);KJUR.asn1.x509.SubjectAltName=function(a){KJUR.asn1.x509.SubjectAltName.superclass.constructor.call(this,a);this.setNameArray=function(b){this.asn1ExtnValue=new KJUR.asn1.x509.GeneralNames(b)};this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.oid="2.5.29.17";if(a!==undefined){if(a.array!==undefined){this.setNameArray(a.array)}}};extendClass(KJUR.asn1.x509.SubjectAltName,KJUR.asn1.x509.Extension);KJUR.asn1.x509.IssuerAltName=function(a){KJUR.asn1.x509.IssuerAltName.superclass.constructor.call(this,a);this.setNameArray=function(b){this.asn1ExtnValue=new KJUR.asn1.x509.GeneralNames(b)};this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.oid="2.5.29.18";if(a!==undefined){if(a.array!==undefined){this.setNameArray(a.array)}}};extendClass(KJUR.asn1.x509.IssuerAltName,KJUR.asn1.x509.Extension);KJUR.asn1.x509.SubjectDirectoryAttributes=function(e){KJUR.asn1.x509.SubjectDirectoryAttributes.superclass.constructor.call(this,e);var c=KJUR.asn1,a=c.DERSequence,b=c.ASN1Util.newObject,d=c.x509.OID.name2oid;this.params=null;this.getExtnValueHex=function(){var f=[];for(var j=0;j<this.params.array.length;j++){var k=this.params.array[j];var h={seq:[{oid:"1.2.3.4"},{set:[{utf8str:"DE"}]}]};if(k.attr=="dateOfBirth"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={gentime:k.str}}else{if(k.attr=="placeOfBirth"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={utf8str:k.str}}else{if(k.attr=="gender"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={prnstr:k.str}}else{if(k.attr=="countryOfCitizenship"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={prnstr:k.str}}else{if(k.attr=="countryOfResidence"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={prnstr:k.str}}else{throw new Error("unsupported attribute: "+k.attr)}}}}}f.push(new b(h))}var g=new a({array:f});this.asn1ExtnValue=g;return this.asn1ExtnValue.tohex()};this.oid="2.5.29.9";if(e!==undefined){this.params=e}};extendClass(KJUR.asn1.x509.SubjectDirectoryAttributes,KJUR.asn1.x509.Extension);KJUR.asn1.x509.PrivateExtension=function(f){KJUR.asn1.x509.PrivateExtension.superclass.constructor.call(this,f);var c=KJUR,e=c.lang.String.isHex,b=c.asn1,d=b.x509.OID.name2oid,a=b.ASN1Util.newObject;this.params=null;this.setByParam=function(g){this.oid=d(g.extname);this.params=g};this.getExtnValueHex=function(){if(this.params.extname==undefined||this.params.extn==undefined){throw new Error("extname or extnhex not specified")}var h=this.params.extn;if(typeof h=="string"&&e(h)){return h}else{if(typeof h=="object"){try{return a(h).tohex()}catch(g){}}}throw new Error("unsupported extn value")};if(f!=undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.PrivateExtension,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRL=function(g){KJUR.asn1.x509.CRL.superclass.constructor.call(this);var c=KJUR,b=c.asn1,a=b.DERSequence,e=b.DERBitString,f=b.x509,d=f.AlgorithmIdentifier,h=f.TBSCertList;this.params=undefined;this.setByParam=function(i){this.params=i};this.sign=function(){var j=(new h(this.params)).tohex();var k=new KJUR.crypto.Signature({alg:this.params.sigalg});k.init(this.params.cakey);k.updateHex(j);var i=k.sign();this.params.sighex=i};this.getPEM=function(){return hextopem(this.tohex(),"X509 CRL")};this.tohex=function(){var k=this.params;if(k.tbsobj==undefined){k.tbsobj=new h(k)}if(k.sighex==undefined&&k.cakey!=undefined){this.sign()}if(k.sighex==undefined){throw new Error("sighex or cakey parameter not defined")}var i=[];i.push(k.tbsobj);i.push(new d({name:k.sigalg}));i.push(new e({hex:"00"+k.sighex}));var j=new a({array:i});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!=undefined){this.params=g}};extendClass(KJUR.asn1.x509.CRL,KJUR.asn1.ASN1Object);KJUR.asn1.x509.TBSCertList=function(f){KJUR.asn1.x509.TBSCertList.superclass.constructor.call(this);var b=KJUR,i=b.asn1,h=i.DERInteger,g=i.DERSequence,c=i.DERTaggedObject,k=i.DERObjectIdentifier,d=i.x509,l=d.AlgorithmIdentifier,e=d.Time,j=d.Extensions,a=d.X500Name;this.params=null;this.setByParam=function(m){this.params=m};this.getRevCertSequence=function(){var m=[];var n=this.params.revcert;for(var o=0;o<n.length;o++){var p=[new h(n[o].sn),new e(n[o].date)];if(n[o].ext!=undefined){p.push(new j(n[o].ext))}m.push(new g({array:p}))}return new g({array:m})};this.tohex=function(){var n=[];var r=this.params;if(r.version!=undefined){var m=r.version-1;var p=new h({"int":m});n.push(p)}n.push(new l({name:r.sigalg}));n.push(new a(r.issuer));n.push(new e(r.thisupdate));if(r.nextupdate!=undefined){n.push(new e(r.nextupdate))}if(r.revcert!=undefined){n.push(this.getRevCertSequence())}if(r.ext!=undefined){var q=new j(r.ext);n.push(new c({tag:"a0",explicit:true,obj:q}))}var o=new g({array:n});return o.tohex()};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.TBSCertList,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CRLEntry=function(e){KJUR.asn1.x509.CRLEntry.superclass.constructor.call(this);var d=null,c=null,b=KJUR,a=b.asn1;this.setCertSerial=function(f){this.sn=new a.DERInteger(f)};this.setRevocationDate=function(f){this.time=new a.x509.Time(f)};this.tohex=function(){var f=new a.DERSequence({array:[this.sn,this.time]});this.TLV=f.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){if(e.time!==undefined){this.setRevocationDate(e.time)}if(e.sn!==undefined){this.setCertSerial(e.sn)}}};extendClass(KJUR.asn1.x509.CRLEntry,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CRLNumber=function(a){KJUR.asn1.x509.CRLNumber.superclass.constructor.call(this,a);this.params=undefined;this.getExtnValueHex=function(){this.asn1ExtnValue=new KJUR.asn1.DERInteger(this.params.num);return this.asn1ExtnValue.tohex()};this.oid="2.5.29.20";if(a!=undefined){this.params=a}};extendClass(KJUR.asn1.x509.CRLNumber,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRLReason=function(a){KJUR.asn1.x509.CRLReason.superclass.constructor.call(this,a);this.params=undefined;this.getExtnValueHex=function(){this.asn1ExtnValue=new KJUR.asn1.DEREnumerated(this.params.code);return this.asn1ExtnValue.tohex()};this.oid="2.5.29.21";if(a!=undefined){this.params=a}};extendClass(KJUR.asn1.x509.CRLReason,KJUR.asn1.x509.Extension);KJUR.asn1.x509.OCSPNonce=function(a){KJUR.asn1.x509.OCSPNonce.superclass.constructor.call(this,a);this.params=undefined;this.getExtnValueHex=function(){this.asn1ExtnValue=new KJUR.asn1.DEROctetString(this.params);return this.asn1ExtnValue.tohex()};this.oid="1.3.6.1.5.5.7.48.1.2";if(a!=undefined){this.params=a}};extendClass(KJUR.asn1.x509.OCSPNonce,KJUR.asn1.x509.Extension);KJUR.asn1.x509.OCSPNoCheck=function(a){KJUR.asn1.x509.OCSPNoCheck.superclass.constructor.call(this,a);this.params=undefined;this.getExtnValueHex=function(){this.asn1ExtnValue=new KJUR.asn1.DERNull();return this.asn1ExtnValue.tohex()};this.oid="1.3.6.1.5.5.7.48.1.5";if(a!=undefined){this.params=a}};extendClass(KJUR.asn1.x509.OCSPNoCheck,KJUR.asn1.x509.Extension);KJUR.asn1.x509.AdobeTimeStamp=function(g){KJUR.asn1.x509.AdobeTimeStamp.superclass.constructor.call(this,g);var c=KJUR,b=c.asn1,f=b.DERInteger,d=b.DERBoolean,a=b.DERSequence,e=b.x509.GeneralName;this.params=null;this.getExtnValueHex=function(){var i=this.params;var h=[new f(1)];h.push(new e({uri:i.uri}));if(i.reqauth!=undefined){h.push(new d(i.reqauth))}this.asn1ExtnValue=new a({array:h});return this.asn1ExtnValue.tohex()};this.oid="1.2.840.113583.1.1.9.1";if(g!==undefined){this.setByParam(g)}};extendClass(KJUR.asn1.x509.AdobeTimeStamp,KJUR.asn1.x509.Extension);KJUR.asn1.x509.X500Name=function(f){KJUR.asn1.x509.X500Name.superclass.constructor.call(this);this.asn1Array=[];this.paramArray=[];this.sRule="utf8";var c=KJUR,b=c.asn1,e=b.x509,d=e.RDN,a=pemtohex;this.setByString=function(g,l){if(l!==undefined){this.sRule=l}var k=g.split("/");k.shift();var j=[];for(var m=0;m<k.length;m++){if(k[m].match(/^[^=]+=.+$/)){j.push(k[m])}else{var h=j.length-1;j[h]=j[h]+"/"+k[m]}}for(var m=0;m<j.length;m++){this.asn1Array.push(new d({str:j[m],rule:this.sRule}))}};this.setByLdapString=function(g,h){if(h!==undefined){this.sRule=h}var i=e.X500Name.ldapToCompat(g);this.setByString(i,h)};this.setByObject=function(j,i){if(i!==undefined){this.sRule=i}for(var g in j){if(j.hasOwnProperty(g)){var h=new d({str:g+"="+j[g],rule:this.sRule});this.asn1Array?this.asn1Array.push(h):this.asn1Array=[h]}}};this.setByParam=function(h){if(h.rule!==undefined){this.sRule=h.rule}if(h.array!==undefined){this.paramArray=h.array}else{if(h.str!==undefined){this.setByString(h.str)}else{if(h.ldapstr!==undefined){this.setByLdapString(h.ldapstr)}else{if(h.hex!==undefined){this.hTLV=h.hex}else{if(h.certissuer!==undefined){var g=new X509();g.readCertPEM(h.certissuer);this.hTLV=g.getIssuerHex()}else{if(h.certsubject!==undefined){var g=new X509();g.readCertPEM(h.certsubject);this.hTLV=g.getSubjectHex()}else{if(typeof h==="object"&&h.certsubject===undefined&&h.certissuer===undefined){this.setByObject(h)}}}}}}}};this.tohex=function(){if(typeof this.hTLV=="string"){return this.hTLV}if(this.asn1Array.length==0&&this.paramArray.length>0){for(var g=0;g<this.paramArray.length;g++){var k={array:this.paramArray[g]};if(this.sRule!="utf8"){k.rule=this.sRule}var h=new d(k);this.asn1Array.push(h)}}var j=new b.DERSequence({array:this.asn1Array});this.hTLV=j.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.X500Name,KJUR.asn1.ASN1Object);KJUR.asn1.x509.X500Name.compatToLDAP=function(d){if(d.substr(0,1)!=="/"){throw"malformed input"}var b="";d=d.substr(1);var c=d.split("/");c.reverse();c=c.map(function(a){return a.replace(/,/,"\\,")});return c.join(",")};KJUR.asn1.x509.X500Name.onelineToLDAP=function(a){return KJUR.asn1.x509.X500Name.compatToLDAP(a)};KJUR.asn1.x509.X500Name.ldapToCompat=function(g){var c=g.split(",");var e=false;var b=[];for(var f=0;c.length>0;f++){var h=c.shift();if(e===true){var d=b.pop();var j=(d+","+h).replace(/\\,/g,",");b.push(j);e=false}else{b.push(h)}if(h.substr(-1,1)==="\\"){e=true}}b=b.map(function(a){return a.replace("/","\\/")});b.reverse();return"/"+b.join("/")};KJUR.asn1.x509.X500Name.ldapToOneline=function(a){return KJUR.asn1.x509.X500Name.ldapToCompat(a)};KJUR.asn1.x509.RDN=function(b){KJUR.asn1.x509.RDN.superclass.constructor.call(this);this.asn1Array=[];this.paramArray=[];this.sRule="utf8";var a=KJUR.asn1.x509.AttributeTypeAndValue;this.setByParam=function(c){if(c.rule!==undefined){this.sRule=c.rule}if(c.str!==undefined){this.addByMultiValuedString(c.str)}if(c.array!==undefined){this.paramArray=c.array}};this.addByString=function(c){this.asn1Array.push(new KJUR.asn1.x509.AttributeTypeAndValue({str:c,rule:this.sRule}))};this.addByMultiValuedString=function(e){var c=KJUR.asn1.x509.RDN.parseString(e);for(var d=0;d<c.length;d++){this.addByString(c[d])}};this.tohex=function(){if(this.asn1Array.length==0&&this.paramArray.length>0){for(var d=0;d<this.paramArray.length;d++){var f=this.paramArray[d];if(f.rule!==undefined&&this.sRule!="utf8"){f.rule=this.sRule}var c=new a(f);this.asn1Array.push(c)}}var e=new KJUR.asn1.DERSet({array:this.asn1Array});this.TLV=e.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};if(b!==undefined){this.setByParam(b)}};extendClass(KJUR.asn1.x509.RDN,KJUR.asn1.ASN1Object);KJUR.asn1.x509.RDN.parseString=function(m){var j=m.split(/\+/);var h=false;var c=[];for(var g=0;j.length>0;g++){var k=j.shift();if(h===true){var f=c.pop();var d=(f+"+"+k).replace(/\\\+/g,"+");c.push(d);h=false}else{c.push(k)}if(k.substr(-1,1)==="\\"){h=true}}var l=false;var b=[];for(var g=0;c.length>0;g++){var k=c.shift();if(l===true){var e=b.pop();if(k.match(/"$/)){var d=(e+"+"+k).replace(/^([^=]+)="(.*)"$/,"$1=$2");b.push(d);l=false}else{b.push(e+"+"+k)}}else{b.push(k)}if(k.match(/^[^=]+="/)){l=true}}return b};KJUR.asn1.x509.AttributeTypeAndValue=function(c){KJUR.asn1.x509.AttributeTypeAndValue.superclass.constructor.call(this);this.sRule="utf8";this.sType=null;this.sValue=null;this.dsType=null;var a=KJUR,g=a.asn1,d=g.DERSequence,l=g.DERUTF8String,i=g.DERPrintableString,h=g.DERTeletexString,b=g.DERIA5String,e=g.DERVisibleString,k=g.DERBMPString,f=a.lang.String.isMail,j=a.lang.String.isPrintable;this.setByParam=function(o){if(o.rule!==undefined){this.sRule=o.rule}if(o.ds!==undefined){this.dsType=o.ds}if(o.value===undefined&&o.str!==undefined){var n=o.str;var m=n.match(/^([^=]+)=(.+)$/);if(m){this.sType=m[1];this.sValue=m[2]}else{throw new Error("malformed attrTypeAndValueStr: "+attrTypeAndValueStr)}}else{this.sType=o.type;this.sValue=o.value}};this.setByString=function(n,o){if(o!==undefined){this.sRule=o}var m=n.match(/^([^=]+)=(.+)$/);if(m){this.setByAttrTypeAndValueStr(m[1],m[2])}else{throw new Error("malformed attrTypeAndValueStr: "+attrTypeAndValueStr)}};this._getDsType=function(){var o=this.sType;var n=this.sValue;var m=this.sRule;if(m==="prn"){if(o=="CN"&&f(n)){return"ia5"}if(j(n)){return"prn"}return"utf8"}else{if(m==="utf8"){if(o=="CN"&&f(n)){return"ia5"}if(o=="C"){return"prn"}return"utf8"}}return"utf8"};this.setByAttrTypeAndValueStr=function(o,n,m){if(m!==undefined){this.sRule=m}this.sType=o;this.sValue=n};this.getValueObj=function(n,m){if(n=="utf8"){return new l({str:m})}if(n=="prn"){return new i({str:m})}if(n=="tel"){return new h({str:m})}if(n=="ia5"){return new b({str:m})}if(n=="vis"){return new e({str:m})}if(n=="bmp"){return new k({str:m})}throw new Error("unsupported directory string type: type="+n+" value="+m)};this.tohex=function(){if(this.dsType==null){this.dsType=this._getDsType()}var n=KJUR.asn1.x509.OID.atype2obj(this.sType);var m=this.getValueObj(this.dsType,this.sValue);var p=new d({array:[n,m]});this.TLV=p.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};if(c!==undefined){this.setByParam(c)}};extendClass(KJUR.asn1.x509.AttributeTypeAndValue,KJUR.asn1.ASN1Object);KJUR.asn1.x509.SubjectPublicKeyInfo=function(f){KJUR.asn1.x509.SubjectPublicKeyInfo.superclass.constructor.call(this);var l=null,k=null,a=KJUR,j=a.asn1,i=j.DERInteger,b=j.DERBitString,m=j.DERObjectIdentifier,e=j.DERSequence,h=j.ASN1Util.newObject,d=j.x509,o=d.AlgorithmIdentifier,g=a.crypto,n=g.ECDSA,c=g.DSA;this.getASN1Object=function(){if(this.asn1AlgId==null||this.asn1SubjPKey==null){throw"algId and/or subjPubKey not set"}var p=new e({array:[this.asn1AlgId,this.asn1SubjPKey]});return p};this.tohex=function(){var p=this.getASN1Object();this.hTLV=p.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};this.setPubKey=function(q){try{if(q instanceof RSAKey){var u=h({seq:[{"int":{bigint:q.n}},{"int":{"int":q.e}}]});var s=u.tohex();this.asn1AlgId=new o({name:"rsaEncryption"});this.asn1SubjPKey=new b({hex:"00"+s})}}catch(p){}try{if(q instanceof KJUR.crypto.ECDSA){var r=new m({name:q.curveName});this.asn1AlgId=new o({name:"ecPublicKey",asn1params:r});this.asn1SubjPKey=new b({hex:"00"+q.pubKeyHex})}}catch(p){}try{if(q instanceof KJUR.crypto.DSA){var r=new h({seq:[{"int":{bigint:q.p}},{"int":{bigint:q.q}},{"int":{bigint:q.g}}]});this.asn1AlgId=new o({name:"dsa",asn1params:r});var t=new i({bigint:q.y});this.asn1SubjPKey=new b({hex:"00"+t.tohex()})}}catch(p){}};if(f!==undefined){this.setPubKey(f)}};extendClass(KJUR.asn1.x509.SubjectPublicKeyInfo,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Time=function(f){KJUR.asn1.x509.Time.superclass.constructor.call(this);var e=null,a=null,d=KJUR,c=d.asn1,b=c.DERUTCTime,g=c.DERGeneralizedTime;this.params=null;this.type=null;this.setTimeParams=function(h){this.timeParams=h};this.setByParam=function(h){this.params=h};this.getType=function(h){if(h.match(/^[0-9]{12}Z$/)){return"utc"}if(h.match(/^[0-9]{14}Z$/)){return"gen"}if(h.match(/^[0-9]{12}\.[0-9]+Z$/)){return"utc"}if(h.match(/^[0-9]{14}\.[0-9]+Z$/)){return"gen"}return null};this.tohex=function(){var i=this.params;var h=null;if(typeof i=="string"){i={str:i}}if(i!=null&&i.str&&(i.type==null||i.type==undefined)){i.type=this.getType(i.str)}if(i!=null&&i.str){if(i.type=="utc"){h=new b(i.str)}if(i.type=="gen"){h=new g(i.str)}}else{if(this.type=="gen"){h=new g()}else{h=new b()}}if(h==null){throw new Error("wrong setting for Time")}this.TLV=h.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};if(f!=undefined){this.setByParam(f)}};KJUR.asn1.x509.Time_bak=function(f){KJUR.asn1.x509.Time_bak.superclass.constructor.call(this);var e=null,a=null,d=KJUR,c=d.asn1,b=c.DERUTCTime,g=c.DERGeneralizedTime;this.setTimeParams=function(h){this.timeParams=h};this.tohex=function(){var h=null;if(this.timeParams!=null){if(this.type=="utc"){h=new b(this.timeParams)}else{h=new g(this.timeParams)}}else{if(this.type=="utc"){h=new b()}else{h=new g()}}this.TLV=h.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};this.type="utc";if(f!==undefined){if(f.type!==undefined){this.type=f.type}else{if(f.str!==undefined){if(f.str.match(/^[0-9]{12}Z$/)){this.type="utc"}if(f.str.match(/^[0-9]{14}Z$/)){this.type="gen"}}}this.timeParams=f}};extendClass(KJUR.asn1.x509.Time,KJUR.asn1.ASN1Object);KJUR.asn1.x509.AlgorithmIdentifier=function(e){KJUR.asn1.x509.AlgorithmIdentifier.superclass.constructor.call(this);this.nameAlg=null;this.asn1Alg=null;this.asn1Params=null;this.paramEmpty=false;var b=KJUR,a=b.asn1,c=a.x509.AlgorithmIdentifier.PSSNAME2ASN1TLV;this.tohex=function(){if(this.nameAlg===null&&this.asn1Alg===null){throw new Error("algorithm not specified")}if(this.nameAlg!==null){var f=null;for(var h in c){if(h===this.nameAlg){f=c[h]}}if(f!==null){this.hTLV=f;return this.hTLV}}if(this.nameAlg!==null&&this.asn1Alg===null){this.asn1Alg=a.x509.OID.name2obj(this.nameAlg)}var g=[this.asn1Alg];if(this.asn1Params!==null){g.push(this.asn1Params)}var i=new a.DERSequence({array:g});this.hTLV=i.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){if(e.name!==undefined){this.nameAlg=e.name}if(e.asn1params!==undefined){this.asn1Params=e.asn1params}if(e.paramempty!==undefined){this.paramEmpty=e.paramempty}}if(this.asn1Params===null&&this.paramEmpty===false&&this.nameAlg!==null){if(this.nameAlg.name!==undefined){this.nameAlg=this.nameAlg.name}var d=this.nameAlg.toLowerCase();if(d.substr(-7,7)!=="withdsa"&&d.substr(-9,9)!=="withecdsa"){this.asn1Params=new a.DERNull()}}};extendClass(KJUR.asn1.x509.AlgorithmIdentifier,KJUR.asn1.ASN1Object);KJUR.asn1.x509.AlgorithmIdentifier.PSSNAME2ASN1TLV={SHAwithRSAandMGF1:"300d06092a864886f70d01010a3000",SHA256withRSAandMGF1:"303d06092a864886f70d01010a3030a00d300b0609608648016503040201a11a301806092a864886f70d010108300b0609608648016503040201a203020120",SHA384withRSAandMGF1:"303d06092a864886f70d01010a3030a00d300b0609608648016503040202a11a301806092a864886f70d010108300b0609608648016503040202a203020130",SHA512withRSAandMGF1:"303d06092a864886f70d01010a3030a00d300b0609608648016503040203a11a301806092a864886f70d010108300b0609608648016503040203a203020140"};KJUR.asn1.x509.GeneralName=function(f){KJUR.asn1.x509.GeneralName.superclass.constructor.call(this);var l={rfc822:"81",dns:"82",dn:"a4",uri:"86",ip:"87",otherName:"a0"},b=KJUR,h=b.asn1,d=h.x509,a=d.X500Name,g=d.OtherName,e=h.DERIA5String,i=h.DERPrintableString,k=h.DEROctetString,c=h.DERTaggedObject,m=h.ASN1Object,j=Error;this.params=null;this.setByParam=function(n){this.params=n};this.tohex=function(){var p=this.params;var A,y,q;var y=false;if(p.other!==undefined){A="a0",q=new g(p.other)}else{if(p.rfc822!==undefined){A="81";q=new e({str:p.rfc822})}else{if(p.dns!==undefined){A="82";q=new e({str:p.dns})}else{if(p.dn!==undefined){A="a4";y=true;if(typeof p.dn==="string"){q=new a({str:p.dn})}else{if(p.dn instanceof KJUR.asn1.x509.X500Name){q=p.dn}else{q=new a(p.dn)}}}else{if(p.ldapdn!==undefined){A="a4";y=true;q=new a({ldapstr:p.ldapdn})}else{if(p.certissuer!==undefined||p.certsubj!==undefined){A="a4";y=true;var n,o;var z=null;if(p.certsubj!==undefined){n=false;o=p.certsubj}else{n=true;o=p.certissuer}if(o.match(/^[0-9A-Fa-f]+$/)){z==o}if(o.indexOf("-----BEGIN ")!=-1){z=pemtohex(o)}if(z==null){throw new Error("certsubj/certissuer not cert")}var w=new X509();w.hex=z;var s;if(n){s=w.getIssuerHex()}else{s=w.getSubjectHex()}q=new m();q.hTLV=s}else{if(p.uri!==undefined){A="86";q=new e({str:p.uri})}else{if(p.ip!==undefined){A="87";var v;var t=p.ip;try{if(t.match(/^[0-9a-f]+$/)){var r=t.length;if(r==8||r==16||r==32||r==64){v=t}else{throw"err"}}else{v=iptohex(t)}}catch(u){throw new j("malformed IP address: "+p.ip+":"+u.message)}q=new k({hex:v})}else{throw new j("improper params")}}}}}}}}var B=new c({tag:A,explicit:y,obj:q});return B.tohex()};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.GeneralName,KJUR.asn1.ASN1Object);KJUR.asn1.x509.GeneralNames=function(d){KJUR.asn1.x509.GeneralNames.superclass.constructor.call(this);var a=null,c=KJUR,b=c.asn1;this.setByParamArray=function(g){for(var e=0;e<g.length;e++){var f=new b.x509.GeneralName(g[e]);this.asn1Array.push(f)}};this.tohex=function(){var e=new b.DERSequence({array:this.asn1Array});return e.tohex()};this.getEncodedHex=function(){return this.tohex()};this.asn1Array=new Array();if(typeof d!="undefined"){this.setByParamArray(d)}};extendClass(KJUR.asn1.x509.GeneralNames,KJUR.asn1.ASN1Object);KJUR.asn1.x509.OtherName=function(g){KJUR.asn1.x509.OtherName.superclass.constructor.call(this);var f=null,e=null,d=KJUR,c=d.asn1,h=c.DERObjectIdentifier,a=c.DERSequence,b=c.ASN1Util.newObject;this.params=null;this.setByParam=function(i){this.params=i};this.tohex=function(){var k=this.params;if(k.oid==undefined||k.value==undefined){throw new Error("oid or value not specified")}var l=new h({oid:k.oid});var i=b({tag:{tag:"a0",explicit:true,obj:k.value}});var j=new a({array:[l,i]});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!==undefined){this.setByParam(g)}};extendClass(KJUR.asn1.x509.OtherName,KJUR.asn1.ASN1Object);KJUR.asn1.x509.OID=new function(){var a=KJUR.asn1.DERObjectIdentifier;this.name2oidList={sha1:"1.3.14.3.2.26",sha256:"2.16.840.1.101.3.4.2.1",sha384:"2.16.840.1.101.3.4.2.2",sha512:"2.16.840.1.101.3.4.2.3",sha224:"2.16.840.1.101.3.4.2.4",md5:"1.2.840.113549.2.5",md2:"1.3.14.7.2.2.1",ripemd160:"1.3.36.3.2.1",MD2withRSA:"1.2.840.113549.1.1.2",MD4withRSA:"1.2.840.113549.1.1.3",MD5withRSA:"1.2.840.113549.1.1.4",SHA1withRSA:"1.2.840.113549.1.1.5","pkcs1-MGF":"1.2.840.113549.1.1.8",rsaPSS:"1.2.840.113549.1.1.10",SHA224withRSA:"1.2.840.113549.1.1.14",SHA256withRSA:"1.2.840.113549.1.1.11",SHA384withRSA:"1.2.840.113549.1.1.12",SHA512withRSA:"1.2.840.113549.1.1.13",SHA1withECDSA:"1.2.840.10045.4.1",SHA224withECDSA:"1.2.840.10045.4.3.1",SHA256withECDSA:"1.2.840.10045.4.3.2",SHA384withECDSA:"1.2.840.10045.4.3.3",SHA512withECDSA:"1.2.840.10045.4.3.4",dsa:"1.2.840.10040.4.1",SHA1withDSA:"1.2.840.10040.4.3",SHA224withDSA:"2.16.840.1.101.3.4.3.1",SHA256withDSA:"2.16.840.1.101.3.4.3.2",rsaEncryption:"1.2.840.113549.1.1.1",commonName:"2.5.4.3",countryName:"2.5.4.6",localityName:"2.5.4.7",stateOrProvinceName:"2.5.4.8",streetAddress:"2.5.4.9",organizationName:"2.5.4.10",organizationalUnitName:"2.5.4.11",domainComponent:"0.9.2342.19200300.100.1.25",userId:"0.9.2342.19200300.100.1.1",surname:"2.5.4.4",givenName:"2.5.4.42",title:"2.5.4.12",distinguishedName:"2.5.4.49",emailAddress:"1.2.840.113549.1.9.1",description:"2.5.4.13",businessCategory:"2.5.4.15",postalCode:"2.5.4.17",uniqueIdentifier:"2.5.4.45",organizationIdentifier:"2.5.4.97",jurisdictionOfIncorporationL:"1.3.6.1.4.1.311.60.2.1.1",jurisdictionOfIncorporationSP:"1.3.6.1.4.1.311.60.2.1.2",jurisdictionOfIncorporationC:"1.3.6.1.4.1.311.60.2.1.3",subjectDirectoryAttributes:"2.5.29.9",subjectKeyIdentifier:"2.5.29.14",keyUsage:"2.5.29.15",subjectAltName:"2.5.29.17",issuerAltName:"2.5.29.18",basicConstraints:"2.5.29.19",cRLNumber:"2.5.29.20",cRLReason:"2.5.29.21",nameConstraints:"2.5.29.30",cRLDistributionPoints:"2.5.29.31",certificatePolicies:"2.5.29.32",anyPolicy:"2.5.29.32.0",authorityKeyIdentifier:"2.5.29.35",policyConstraints:"2.5.29.36",extKeyUsage:"2.5.29.37",authorityInfoAccess:"1.3.6.1.5.5.7.1.1",ocsp:"1.3.6.1.5.5.7.48.1",ocspBasic:"1.3.6.1.5.5.7.48.1.1",ocspNonce:"1.3.6.1.5.5.7.48.1.2",ocspNoCheck:"1.3.6.1.5.5.7.48.1.5",caIssuers:"1.3.6.1.5.5.7.48.2",anyExtendedKeyUsage:"2.5.29.37.0",serverAuth:"1.3.6.1.5.5.7.3.1",clientAuth:"1.3.6.1.5.5.7.3.2",codeSigning:"1.3.6.1.5.5.7.3.3",emailProtection:"1.3.6.1.5.5.7.3.4",timeStamping:"1.3.6.1.5.5.7.3.8",ocspSigning:"1.3.6.1.5.5.7.3.9",dateOfBirth:"1.3.6.1.5.5.7.9.1",placeOfBirth:"1.3.6.1.5.5.7.9.2",gender:"1.3.6.1.5.5.7.9.3",countryOfCitizenship:"1.3.6.1.5.5.7.9.4",countryOfResidence:"1.3.6.1.5.5.7.9.5",ecPublicKey:"1.2.840.10045.2.1","P-256":"1.2.840.10045.3.1.7",secp256r1:"1.2.840.10045.3.1.7",secp256k1:"1.3.132.0.10",secp384r1:"1.3.132.0.34",secp521r1:"1.3.132.0.35",pkcs5PBES2:"1.2.840.113549.1.5.13",pkcs5PBKDF2:"1.2.840.113549.1.5.12","des-EDE3-CBC":"1.2.840.113549.3.7",data:"1.2.840.113549.1.7.1","signed-data":"1.2.840.113549.1.7.2","enveloped-data":"1.2.840.113549.1.7.3","digested-data":"1.2.840.113549.1.7.5","encrypted-data":"1.2.840.113549.1.7.6","authenticated-data":"1.2.840.113549.1.9.16.1.2",tstinfo:"1.2.840.113549.1.9.16.1.4",signingCertificate:"1.2.840.113549.1.9.16.2.12",timeStampToken:"1.2.840.113549.1.9.16.2.14",signaturePolicyIdentifier:"1.2.840.113549.1.9.16.2.15",etsArchiveTimeStamp:"1.2.840.113549.1.9.16.2.27",signingCertificateV2:"1.2.840.113549.1.9.16.2.47",etsArchiveTimeStampV2:"1.2.840.113549.1.9.16.2.48",extensionRequest:"1.2.840.113549.1.9.14",contentType:"1.2.840.113549.1.9.3",messageDigest:"1.2.840.113549.1.9.4",signingTime:"1.2.840.113549.1.9.5",counterSignature:"1.2.840.113549.1.9.6",archiveTimeStampV3:"0.4.0.1733.2.4",pdfRevocationInfoArchival:"1.2.840.113583.1.1.8",adobeTimeStamp:"1.2.840.113583.1.1.9.1",};this.atype2oidList={CN:"2.5.4.3",L:"2.5.4.7",ST:"2.5.4.8",O:"2.5.4.10",OU:"2.5.4.11",C:"2.5.4.6",STREET:"2.5.4.9",DC:"0.9.2342.19200300.100.1.25",UID:"0.9.2342.19200300.100.1.1",SN:"2.5.4.4",T:"2.5.4.12",DN:"2.5.4.49",E:"1.2.840.113549.1.9.1",description:"2.5.4.13",businessCategory:"2.5.4.15",postalCode:"2.5.4.17",serialNumber:"2.5.4.5",uniqueIdentifier:"2.5.4.45",organizationIdentifier:"2.5.4.97",jurisdictionOfIncorporationL:"1.3.6.1.4.1.311.60.2.1.1",jurisdictionOfIncorporationSP:"1.3.6.1.4.1.311.60.2.1.2",jurisdictionOfIncorporationC:"1.3.6.1.4.1.311.60.2.1.3"};this.objCache={};this.name2obj=function(b){if(typeof this.objCache[b]!="undefined"){return this.objCache[b]}if(typeof this.name2oidList[b]=="undefined"){throw"Name of ObjectIdentifier not defined: "+b}var c=this.name2oidList[b];var d=new a({oid:c});this.objCache[b]=d;return d};this.atype2obj=function(b){if(this.objCache[b]!==undefined){return this.objCache[b]}var c;if(b.match(/^\d+\.\d+\.[0-9.]+$/)){c=b}else{if(this.atype2oidList[b]!==undefined){c=this.atype2oidList[b]}else{if(this.name2oidList[b]!==undefined){c=this.name2oidList[b]}else{throw new Error("AttributeType name undefined: "+b)}}}var d=new a({oid:c});this.objCache[b]=d;return d};this.registerOIDs=function(b){if(!this.checkOIDs(b)){return}for(var c in b){this.name2oidList[c]=b[c]}};this.checkOIDs=function(b){try{var d=Object.keys(b);if(d.length==0){return false}d.map(function(g,e,h){var f=this[g];if(!f.match(/^[0-2]\.[0-9.]+$/)){throw new Error("value is not OID")}},b);return true}catch(c){return false}}};KJUR.asn1.x509.OID.oid2name=function(b){var c=KJUR.asn1.x509.OID.name2oidList;for(var a in c){if(c[a]==b){return a}}return""};KJUR.asn1.x509.OID.oid2atype=function(b){var c=KJUR.asn1.x509.OID.atype2oidList;for(var a in c){if(c[a]==b){return a}}return b};KJUR.asn1.x509.OID.name2oid=function(a){if(a.match(/^[0-9.]+$/)){return a}var b=KJUR.asn1.x509.OID.name2oidList;if(b[a]===undefined){return""}return b[a]};KJUR.asn1.x509.X509Util={};KJUR.asn1.x509.X509Util.newCertPEM=function(e){var d=KJUR.asn1.x509,b=d.TBSCertificate,a=d.Certificate;var c=new a(e);return c.getPEM()};
+if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}if(typeof KJUR.asn1.x509=="undefined"||!KJUR.asn1.x509){KJUR.asn1.x509={}}KJUR.asn1.x509.Certificate=function(h){KJUR.asn1.x509.Certificate.superclass.constructor.call(this);var d=KJUR,c=d.asn1,f=c.DERBitString,b=c.DERSequence,g=c.x509,a=g.TBSCertificate,e=g.AlgorithmIdentifier;this.params=undefined;this.setByParam=function(i){this.params=i};this.sign=function(){var l=this.params;var k=l.sigalg;if(l.sigalg.name!=undefined){k=l.sigalg.name}var i=l.tbsobj.tohex();var j=new KJUR.crypto.Signature({alg:k});j.init(l.cakey);j.updateHex(i);l.sighex=j.sign()};this.getPEM=function(){return hextopem(this.tohex(),"CERTIFICATE")};this.tohex=function(){var k=this.params;if(k.tbsobj==undefined||k.tbsobj==null){k.tbsobj=new a(k)}if(k.sighex==undefined&&k.cakey!=undefined){this.sign()}if(k.sighex==undefined){throw new Error("sighex or cakey parameter not defined")}var i=[];i.push(k.tbsobj);i.push(new e({name:k.sigalg}));i.push(new f({hex:"00"+k.sighex}));var j=new b({array:i});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};if(h!=undefined){this.params=h}};extendClass(KJUR.asn1.x509.Certificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.TBSCertificate=function(f){KJUR.asn1.x509.TBSCertificate.superclass.constructor.call(this);var b=KJUR,i=b.asn1,d=i.x509,c=i.DERTaggedObject,h=i.DERInteger,g=i.DERSequence,l=d.AlgorithmIdentifier,e=d.Time,a=d.X500Name,j=d.Extensions,k=d.SubjectPublicKeyInfo;this.params=null;this.setByParam=function(m){this.params=m};this.tohex=function(){var n=[];var q=this.params;if(q.version!=undefined||q.version!=1){var m=2;if(q.version!=undefined){m=q.version-1}var p=new c({obj:new h({"int":m})});n.push(p)}n.push(new h(q.serial));n.push(new l({name:q.sigalg}));n.push(new a(q.issuer));n.push(new g({array:[new e(q.notbefore),new e(q.notafter)]}));n.push(new a(q.subject));n.push(new k(KEYUTIL.getKey(q.sbjpubkey)));if(q.ext!==undefined&&q.ext.length>0){n.push(new c({tag:"a3",obj:new j(q.ext)}))}var o=new KJUR.asn1.DERSequence({array:n});return o.tohex()};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.TBSCertificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Extensions=function(d){KJUR.asn1.x509.Extensions.superclass.constructor.call(this);var c=KJUR,b=c.asn1,a=b.DERSequence,e=b.x509;this.aParam=[];this.setByParam=function(f){this.aParam=f};this.tohex=function(){var f=[];for(var h=0;h<this.aParam.length;h++){var l=this.aParam[h];var k=l.extname;var j=null;if(l.extn!=undefined){j=new e.PrivateExtension(l)}else{if(k=="subjectKeyIdentifier"){j=new e.SubjectKeyIdentifier(l)}else{if(k=="keyUsage"){j=new e.KeyUsage(l)}else{if(k=="subjectAltName"){j=new e.SubjectAltName(l)}else{if(k=="issuerAltName"){j=new e.IssuerAltName(l)}else{if(k=="basicConstraints"){j=new e.BasicConstraints(l)}else{if(k=="nameConstraints"){j=new e.NameConstraints(l)}else{if(k=="cRLDistributionPoints"){j=new e.CRLDistributionPoints(l)}else{if(k=="certificatePolicies"){j=new e.CertificatePolicies(l)}else{if(k=="authorityKeyIdentifier"){j=new e.AuthorityKeyIdentifier(l)}else{if(k=="extKeyUsage"){j=new e.ExtKeyUsage(l)}else{if(k=="authorityInfoAccess"){j=new e.AuthorityInfoAccess(l)}else{if(k=="cRLNumber"){j=new e.CRLNumber(l)}else{if(k=="cRLReason"){j=new e.CRLReason(l)}else{if(k=="ocspNonce"){j=new e.OCSPNonce(l)}else{if(k=="ocspNoCheck"){j=new e.OCSPNoCheck(l)}else{if(k=="adobeTimeStamp"){j=new e.AdobeTimeStamp(l)}else{if(k=="subjectDirectoryAttributes"){j=new e.SubjectDirectoryAttributes(l)}else{throw new Error("extension not supported:"+JSON.stringify(l))}}}}}}}}}}}}}}}}}}if(j!=null){f.push(j)}}var g=new a({array:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(d!=undefined){this.setByParam(d)}};extendClass(KJUR.asn1.x509.Extensions,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Extension=function(d){KJUR.asn1.x509.Extension.superclass.constructor.call(this);var f=null,a=KJUR,e=a.asn1,h=e.DERObjectIdentifier,i=e.DEROctetString,b=e.DERBitString,g=e.DERBoolean,c=e.DERSequence;this.tohex=function(){var m=new h({oid:this.oid});var l=new i({hex:this.getExtnValueHex()});var k=new Array();k.push(m);if(this.critical){k.push(new g())}k.push(l);var j=new c({array:k});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};this.critical=false;if(d!==undefined){if(d.critical!==undefined){this.critical=d.critical}}};extendClass(KJUR.asn1.x509.Extension,KJUR.asn1.ASN1Object);KJUR.asn1.x509.KeyUsage=function(c){KJUR.asn1.x509.KeyUsage.superclass.constructor.call(this,c);var b=Error;var a={digitalSignature:0,nonRepudiation:1,keyEncipherment:2,dataEncipherment:3,keyAgreement:4,keyCertSign:5,cRLSign:6,encipherOnly:7,decipherOnly:8};this.getExtnValueHex=function(){var d=this.getBinValue();this.asn1ExtnValue=new KJUR.asn1.DERBitString({bin:d});return this.asn1ExtnValue.tohex()};this.getBinValue=function(){var d=this.params;if(typeof d!="object"||(typeof d.names!="object"&&typeof d.bin!="string")){throw new b("parameter not yet set")}if(d.names!=undefined){return namearraytobinstr(d.names,a)}else{if(d.bin!=undefined){return d.bin}else{throw new b("parameter not set properly")}}};this.oid="2.5.29.15";if(c!==undefined){this.params=c}};extendClass(KJUR.asn1.x509.KeyUsage,KJUR.asn1.x509.Extension);KJUR.asn1.x509.BasicConstraints=function(g){KJUR.asn1.x509.BasicConstraints.superclass.constructor.call(this,g);var c=KJUR.asn1,e=c.DERBoolean,f=c.DERInteger,b=c.DERSequence;var a=false;var d=-1;this.getExtnValueHex=function(){var i=new Array();if(this.cA){i.push(new e())}if(this.pathLen>-1){i.push(new f({"int":this.pathLen}))}var h=new b({array:i});this.asn1ExtnValue=h;return this.asn1ExtnValue.tohex()};this.oid="2.5.29.19";this.cA=false;this.pathLen=-1;if(g!==undefined){if(g.cA!==undefined){this.cA=g.cA}if(g.pathLen!==undefined){this.pathLen=g.pathLen}}};extendClass(KJUR.asn1.x509.BasicConstraints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRLDistributionPoints=function(d){KJUR.asn1.x509.CRLDistributionPoints.superclass.constructor.call(this,d);var b=KJUR,a=b.asn1,c=a.x509;this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.setByDPArray=function(e){var f=[];for(var g=0;g<e.length;g++){if(e[g] instanceof KJUR.asn1.ASN1Object){f.push(e[g])}else{var h=new c.DistributionPoint(e[g]);f.push(h)}}this.asn1ExtnValue=new a.DERSequence({array:f})};this.setByOneURI=function(f){var e=new c.DistributionPoint({fulluri:f});this.setByDPArray([e])};this.oid="2.5.29.31";if(d!==undefined){if(d.array!==undefined){this.setByDPArray(d.array)}else{if(d.uri!==undefined){this.setByOneURI(d.uri)}}}};extendClass(KJUR.asn1.x509.CRLDistributionPoints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.DistributionPoint=function(e){KJUR.asn1.x509.DistributionPoint.superclass.constructor.call(this);var a=null,c=KJUR,b=c.asn1,d=b.x509.DistributionPointName;this.tohex=function(){var f=new b.DERSequence();if(this.asn1DP!=null){var g=new b.DERTaggedObject({explicit:true,tag:"a0",obj:this.asn1DP});f.appendASN1Object(g)}this.hTLV=f.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){if(e.dpobj!==undefined){this.asn1DP=e.dpobj}else{if(e.dpname!==undefined){this.asn1DP=new d(e.dpname)}else{if(e.fulluri!==undefined){this.asn1DP=new d({full:[{uri:e.fulluri}]})}}}}};extendClass(KJUR.asn1.x509.DistributionPoint,KJUR.asn1.ASN1Object);KJUR.asn1.x509.DistributionPointName=function(h){KJUR.asn1.x509.DistributionPointName.superclass.constructor.call(this);var g=null,d=null,a=null,f=null,c=KJUR,b=c.asn1,e=b.DERTaggedObject;this.tohex=function(){if(this.type!="full"){throw new Error("currently type shall be 'full': "+this.type)}this.asn1Obj=new e({explicit:false,tag:this.tag,obj:this.asn1V});this.hTLV=this.asn1Obj.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(h!==undefined){if(b.x509.GeneralNames.prototype.isPrototypeOf(h)){this.type="full";this.tag="a0";this.asn1V=h}else{if(h.full!==undefined){this.type="full";this.tag="a0";this.asn1V=new b.x509.GeneralNames(h.full)}else{throw new Error("This class supports GeneralNames only as argument")}}}};extendClass(KJUR.asn1.x509.DistributionPointName,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CertificatePolicies=function(f){KJUR.asn1.x509.CertificatePolicies.superclass.constructor.call(this,f);var c=KJUR,b=c.asn1,e=b.x509,a=b.DERSequence,d=e.PolicyInformation;this.params=null;this.getExtnValueHex=function(){var j=[];for(var h=0;h<this.params.array.length;h++){j.push(new d(this.params.array[h]))}var g=new a({array:j});this.asn1ExtnValue=g;return this.asn1ExtnValue.tohex()};this.oid="2.5.29.32";if(f!==undefined){this.params=f}};extendClass(KJUR.asn1.x509.CertificatePolicies,KJUR.asn1.x509.Extension);KJUR.asn1.x509.PolicyInformation=function(d){KJUR.asn1.x509.PolicyInformation.superclass.constructor.call(this,d);var c=KJUR.asn1,b=c.DERSequence,e=c.DERObjectIdentifier,a=c.x509.PolicyQualifierInfo;this.params=null;this.tohex=function(){if(this.params.policyoid===undefined&&this.params.array===undefined){throw new Error("parameter oid and array missing")}var f=[new e(this.params.policyoid)];if(this.params.array!==undefined){var j=[];for(var h=0;h<this.params.array.length;h++){j.push(new a(this.params.array[h]))}if(j.length>0){f.push(new b({array:j}))}}var g=new b({array:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(d!==undefined){this.params=d}};extendClass(KJUR.asn1.x509.PolicyInformation,KJUR.asn1.ASN1Object);KJUR.asn1.x509.PolicyQualifierInfo=function(e){KJUR.asn1.x509.PolicyQualifierInfo.superclass.constructor.call(this,e);var c=KJUR.asn1,b=c.DERSequence,d=c.DERIA5String,f=c.DERObjectIdentifier,a=c.x509.UserNotice;this.params=null;this.tohex=function(){if(this.params.cps!==undefined){var g=new b({array:[new f({oid:"1.3.6.1.5.5.7.2.1"}),new d({str:this.params.cps})]});return g.tohex()}if(this.params.unotice!=undefined){var g=new b({array:[new f({oid:"1.3.6.1.5.5.7.2.2"}),new a(this.params.unotice)]});return g.tohex()}};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){this.params=e}};extendClass(KJUR.asn1.x509.PolicyQualifierInfo,KJUR.asn1.ASN1Object);KJUR.asn1.x509.UserNotice=function(e){KJUR.asn1.x509.UserNotice.superclass.constructor.call(this,e);var a=KJUR.asn1.DERSequence,d=KJUR.asn1.DERInteger,c=KJUR.asn1.x509.DisplayText,b=KJUR.asn1.x509.NoticeReference;this.params=null;this.tohex=function(){var f=[];if(this.params.noticeref!==undefined){f.push(new b(this.params.noticeref))}if(this.params.exptext!==undefined){f.push(new c(this.params.exptext))}var g=new a({array:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){this.params=e}};extendClass(KJUR.asn1.x509.UserNotice,KJUR.asn1.ASN1Object);KJUR.asn1.x509.NoticeReference=function(d){KJUR.asn1.x509.NoticeReference.superclass.constructor.call(this,d);var a=KJUR.asn1.DERSequence,c=KJUR.asn1.DERInteger,b=KJUR.asn1.x509.DisplayText;this.params=null;this.tohex=function(){var f=[];if(this.params.org!==undefined){f.push(new b(this.params.org))}if(this.params.noticenum!==undefined){var h=[];var e=this.params.noticenum;for(var j=0;j<e.length;j++){h.push(new c(e[j]))}f.push(new a({array:h}))}if(f.length==0){throw new Error("parameter is empty")}var g=new a({array:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(d!==undefined){this.params=d}};extendClass(KJUR.asn1.x509.NoticeReference,KJUR.asn1.ASN1Object);KJUR.asn1.x509.DisplayText=function(a){KJUR.asn1.x509.DisplayText.superclass.constructor.call(this,a);this.hT="0c";if(a!==undefined){if(a.type==="ia5"){this.hT="16"}else{if(a.type==="vis"){this.hT="1a"}else{if(a.type==="bmp"){this.hT="1e"}}}}};extendClass(KJUR.asn1.x509.DisplayText,KJUR.asn1.DERAbstractString);KJUR.asn1.x509.NameConstraints=function(f){KJUR.asn1.x509.NameConstraints.superclass.constructor.call(this,f);var c=KJUR,b=c.asn1,e=b.x509,a=b.ASN1Util.newObject,d=e.GeneralSubtree;this.params=null;this.getExtnValueHex=function(){var l=this.params;var g=[];if(l.permit!=undefined&&l.permit.length!=undefined){var k=[];for(var h=0;h<l.permit.length;h++){k.push(new d(l.permit[h]))}g.push({tag:{tagi:"a0",obj:{seq:k}}})}if(l.exclude!=undefined&&l.exclude.length!=undefined){var j=[];for(var h=0;h<l.exclude.length;h++){j.push(new d(l.exclude[h]))}g.push({tag:{tagi:"a1",obj:{seq:j}}})}this.asn1ExtnValue=a({seq:g});return this.asn1ExtnValue.tohex()};this.oid="2.5.29.30";if(f!==undefined){this.params=f}};extendClass(KJUR.asn1.x509.NameConstraints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.GeneralSubtree=function(e){KJUR.asn1.x509.GeneralSubtree.superclass.constructor.call(this);var b=KJUR.asn1,d=b.x509,c=d.GeneralName,a=b.ASN1Util.newObject;this.params=null;this.setByParam=function(f){this.params=f};this.tohex=function(){var h=this.params;var f=[new c(h)];if(h.min!=undefined){f.push({tag:{tagi:"80",obj:{"int":h.min}}})}if(h.max!=undefined){f.push({tag:{tagi:"81",obj:{"int":h.max}}})}var g=a({seq:f});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){this.setByParam(e)}};extendClass(KJUR.asn1.x509.GeneralSubtree,KJUR.asn1.ASN1Object);KJUR.asn1.x509.ExtKeyUsage=function(c){KJUR.asn1.x509.ExtKeyUsage.superclass.constructor.call(this,c);var b=KJUR,a=b.asn1;this.setPurposeArray=function(d){this.asn1ExtnValue=new a.DERSequence();for(var e=0;e<d.length;e++){var f=new a.DERObjectIdentifier(d[e]);this.asn1ExtnValue.appendASN1Object(f)}};this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.oid="2.5.29.37";if(c!==undefined){if(c.array!==undefined){this.setPurposeArray(c.array)}}};extendClass(KJUR.asn1.x509.ExtKeyUsage,KJUR.asn1.x509.Extension);KJUR.asn1.x509.AuthorityKeyIdentifier=function(f){KJUR.asn1.x509.AuthorityKeyIdentifier.superclass.constructor.call(this,f);var b=KJUR,a=b.asn1,d=a.DERTaggedObject,e=a.x509.GeneralNames,c=b.crypto.Util.isKey;this.asn1KID=null;this.asn1CertIssuer=null;this.asn1CertSN=null;this.getExtnValueHex=function(){var h=new Array();if(this.asn1KID){h.push(new d({explicit:false,tag:"80",obj:this.asn1KID}))}if(this.asn1CertIssuer){h.push(new d({explicit:false,tag:"a1",obj:new e([{dn:this.asn1CertIssuer}])}))}if(this.asn1CertSN){h.push(new d({explicit:false,tag:"82",obj:this.asn1CertSN}))}var g=new a.DERSequence({array:h});this.asn1ExtnValue=g;return this.asn1ExtnValue.tohex()};this.setKIDByParam=function(i){if(i.str!==undefined||i.hex!==undefined){this.asn1KID=new KJUR.asn1.DEROctetString(i)}else{if((typeof i==="object"&&KJUR.crypto.Util.isKey(i))||(typeof i==="string"&&i.indexOf("BEGIN ")!=-1)){var h=i;if(typeof i==="string"){h=KEYUTIL.getKey(i)}var g=KEYUTIL.getKeyID(h);this.asn1KID=new KJUR.asn1.DEROctetString({hex:g})}}};this.setCertIssuerByParam=function(g){if(g.str!==undefined||g.ldapstr!==undefined||g.hex!==undefined||g.certsubject!==undefined||g.certissuer!==undefined){this.asn1CertIssuer=new KJUR.asn1.x509.X500Name(g)}else{if(typeof g==="string"&&g.indexOf("BEGIN ")!=-1&&g.indexOf("CERTIFICATE")!=-1){this.asn1CertIssuer=new KJUR.asn1.x509.X500Name({certissuer:g})}}};this.setCertSNByParam=function(i){if(i.str!==undefined||i.bigint!==undefined||i.hex!==undefined){this.asn1CertSN=new KJUR.asn1.DERInteger(i)}else{if(typeof i==="string"&&i.indexOf("BEGIN ")!=-1&&i.indexOf("CERTIFICATE")){var g=new X509();g.readCertPEM(i);var h=g.getSerialNumberHex();this.asn1CertSN=new KJUR.asn1.DERInteger({hex:h})}}};this.oid="2.5.29.35";if(f!==undefined){if(f.kid!==undefined){this.setKIDByParam(f.kid)}if(f.issuer!==undefined){this.setCertIssuerByParam(f.issuer)}if(f.sn!==undefined){this.setCertSNByParam(f.sn)}if(f.issuersn!==undefined&&typeof f.issuersn==="string"&&f.issuersn.indexOf("BEGIN ")!=-1&&f.issuersn.indexOf("CERTIFICATE")){this.setCertSNByParam(f.issuersn);this.setCertIssuerByParam(f.issuersn)}}};extendClass(KJUR.asn1.x509.AuthorityKeyIdentifier,KJUR.asn1.x509.Extension);KJUR.asn1.x509.SubjectKeyIdentifier=function(d){KJUR.asn1.x509.SubjectKeyIdentifier.superclass.constructor.call(this,d);var b=KJUR,a=b.asn1,c=a.DEROctetString;this.asn1KID=null;this.getExtnValueHex=function(){this.asn1ExtnValue=this.asn1KID;return this.asn1ExtnValue.tohex()};this.setKIDByParam=function(g){if(g.str!==undefined||g.hex!==undefined){this.asn1KID=new c(g)}else{if((typeof g==="object"&&KJUR.crypto.Util.isKey(g))||(typeof g==="string"&&g.indexOf("BEGIN")!=-1)){var f=g;if(typeof g==="string"){f=KEYUTIL.getKey(g)}var e=KEYUTIL.getKeyID(f);this.asn1KID=new KJUR.asn1.DEROctetString({hex:e})}}};this.oid="2.5.29.14";if(d!==undefined){if(d.kid!==undefined){this.setKIDByParam(d.kid)}}};extendClass(KJUR.asn1.x509.SubjectKeyIdentifier,KJUR.asn1.x509.Extension);KJUR.asn1.x509.AuthorityInfoAccess=function(a){KJUR.asn1.x509.AuthorityInfoAccess.superclass.constructor.call(this,a);this.setAccessDescriptionArray=function(k){var d=new Array(),b=KJUR,g=b.asn1,c=g.DERSequence,j=g.DERObjectIdentifier,l=g.x509.GeneralName;for(var f=0;f<k.length;f++){var e;var h=k[f];if(h.ocsp!==undefined){e=new c({array:[new j({oid:"1.3.6.1.5.5.7.48.1"}),new l({uri:h.ocsp})]})}else{if(h.caissuer!==undefined){e=new c({array:[new j({oid:"1.3.6.1.5.5.7.48.2"}),new l({uri:h.caissuer})]})}else{throw new Error("unknown AccessMethod parameter: "+JSON.stringify(h))}}d.push(e)}this.asn1ExtnValue=new c({array:d})};this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.oid="1.3.6.1.5.5.7.1.1";if(a!==undefined){if(a.array!==undefined){this.setAccessDescriptionArray(a.array)}}};extendClass(KJUR.asn1.x509.AuthorityInfoAccess,KJUR.asn1.x509.Extension);KJUR.asn1.x509.SubjectAltName=function(a){KJUR.asn1.x509.SubjectAltName.superclass.constructor.call(this,a);this.setNameArray=function(b){this.asn1ExtnValue=new KJUR.asn1.x509.GeneralNames(b)};this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.oid="2.5.29.17";if(a!==undefined){if(a.array!==undefined){this.setNameArray(a.array)}}};extendClass(KJUR.asn1.x509.SubjectAltName,KJUR.asn1.x509.Extension);KJUR.asn1.x509.IssuerAltName=function(a){KJUR.asn1.x509.IssuerAltName.superclass.constructor.call(this,a);this.setNameArray=function(b){this.asn1ExtnValue=new KJUR.asn1.x509.GeneralNames(b)};this.getExtnValueHex=function(){return this.asn1ExtnValue.tohex()};this.oid="2.5.29.18";if(a!==undefined){if(a.array!==undefined){this.setNameArray(a.array)}}};extendClass(KJUR.asn1.x509.IssuerAltName,KJUR.asn1.x509.Extension);KJUR.asn1.x509.SubjectDirectoryAttributes=function(e){KJUR.asn1.x509.SubjectDirectoryAttributes.superclass.constructor.call(this,e);var c=KJUR.asn1,a=c.DERSequence,b=c.ASN1Util.newObject,d=c.x509.OID.name2oid;this.params=null;this.getExtnValueHex=function(){var f=[];for(var j=0;j<this.params.array.length;j++){var k=this.params.array[j];var h={seq:[{oid:"1.2.3.4"},{set:[{utf8str:"DE"}]}]};if(k.attr=="dateOfBirth"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={gentime:k.str}}else{if(k.attr=="placeOfBirth"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={utf8str:k.str}}else{if(k.attr=="gender"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={prnstr:k.str}}else{if(k.attr=="countryOfCitizenship"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={prnstr:k.str}}else{if(k.attr=="countryOfResidence"){h.seq[0].oid=d(k.attr);h.seq[1].set[0]={prnstr:k.str}}else{throw new Error("unsupported attribute: "+k.attr)}}}}}f.push(new b(h))}var g=new a({array:f});this.asn1ExtnValue=g;return this.asn1ExtnValue.tohex()};this.oid="2.5.29.9";if(e!==undefined){this.params=e}};extendClass(KJUR.asn1.x509.SubjectDirectoryAttributes,KJUR.asn1.x509.Extension);KJUR.asn1.x509.PrivateExtension=function(f){KJUR.asn1.x509.PrivateExtension.superclass.constructor.call(this,f);var c=KJUR,e=c.lang.String.isHex,b=c.asn1,d=b.x509.OID.name2oid,a=b.ASN1Util.newObject;this.params=null;this.setByParam=function(g){this.oid=d(g.extname);this.params=g};this.getExtnValueHex=function(){if(this.params.extname==undefined||this.params.extn==undefined){throw new Error("extname or extnhex not specified")}var h=this.params.extn;if(typeof h=="string"&&e(h)){return h}else{if(typeof h=="object"){try{return a(h).tohex()}catch(g){}}}throw new Error("unsupported extn value")};if(f!=undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.PrivateExtension,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRL=function(g){KJUR.asn1.x509.CRL.superclass.constructor.call(this);var c=KJUR,b=c.asn1,a=b.DERSequence,e=b.DERBitString,f=b.x509,d=f.AlgorithmIdentifier,h=f.TBSCertList;this.params=undefined;this.setByParam=function(i){this.params=i};this.sign=function(){var j=(new h(this.params)).tohex();var k=new KJUR.crypto.Signature({alg:this.params.sigalg});k.init(this.params.cakey);k.updateHex(j);var i=k.sign();this.params.sighex=i};this.getPEM=function(){return hextopem(this.tohex(),"X509 CRL")};this.tohex=function(){var k=this.params;if(k.tbsobj==undefined){k.tbsobj=new h(k)}if(k.sighex==undefined&&k.cakey!=undefined){this.sign()}if(k.sighex==undefined){throw new Error("sighex or cakey parameter not defined")}var i=[];i.push(k.tbsobj);i.push(new d({name:k.sigalg}));i.push(new e({hex:"00"+k.sighex}));var j=new a({array:i});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!=undefined){this.params=g}};extendClass(KJUR.asn1.x509.CRL,KJUR.asn1.ASN1Object);KJUR.asn1.x509.TBSCertList=function(f){KJUR.asn1.x509.TBSCertList.superclass.constructor.call(this);var b=KJUR,i=b.asn1,h=i.DERInteger,g=i.DERSequence,c=i.DERTaggedObject,k=i.DERObjectIdentifier,d=i.x509,l=d.AlgorithmIdentifier,e=d.Time,j=d.Extensions,a=d.X500Name;this.params=null;this.setByParam=function(m){this.params=m};this.getRevCertSequence=function(){var m=[];var n=this.params.revcert;for(var o=0;o<n.length;o++){var p=[new h(n[o].sn),new e(n[o].date)];if(n[o].ext!=undefined){p.push(new j(n[o].ext))}m.push(new g({array:p}))}return new g({array:m})};this.tohex=function(){var n=[];var r=this.params;if(r.version!=undefined){var m=r.version-1;var p=new h({"int":m});n.push(p)}n.push(new l({name:r.sigalg}));n.push(new a(r.issuer));n.push(new e(r.thisupdate));if(r.nextupdate!=undefined){n.push(new e(r.nextupdate))}if(r.revcert!=undefined){n.push(this.getRevCertSequence())}if(r.ext!=undefined){var q=new j(r.ext);n.push(new c({tag:"a0",explicit:true,obj:q}))}var o=new g({array:n});return o.tohex()};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.TBSCertList,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CRLEntry=function(e){KJUR.asn1.x509.CRLEntry.superclass.constructor.call(this);var d=null,c=null,b=KJUR,a=b.asn1;this.setCertSerial=function(f){this.sn=new a.DERInteger(f)};this.setRevocationDate=function(f){this.time=new a.x509.Time(f)};this.tohex=function(){var f=new a.DERSequence({array:[this.sn,this.time]});this.TLV=f.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){if(e.time!==undefined){this.setRevocationDate(e.time)}if(e.sn!==undefined){this.setCertSerial(e.sn)}}};extendClass(KJUR.asn1.x509.CRLEntry,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CRLNumber=function(a){KJUR.asn1.x509.CRLNumber.superclass.constructor.call(this,a);this.params=undefined;this.getExtnValueHex=function(){this.asn1ExtnValue=new KJUR.asn1.DERInteger(this.params.num);return this.asn1ExtnValue.tohex()};this.oid="2.5.29.20";if(a!=undefined){this.params=a}};extendClass(KJUR.asn1.x509.CRLNumber,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRLReason=function(a){KJUR.asn1.x509.CRLReason.superclass.constructor.call(this,a);this.params=undefined;this.getExtnValueHex=function(){this.asn1ExtnValue=new KJUR.asn1.DEREnumerated(this.params.code);return this.asn1ExtnValue.tohex()};this.oid="2.5.29.21";if(a!=undefined){this.params=a}};extendClass(KJUR.asn1.x509.CRLReason,KJUR.asn1.x509.Extension);KJUR.asn1.x509.OCSPNonce=function(a){KJUR.asn1.x509.OCSPNonce.superclass.constructor.call(this,a);this.params=undefined;this.getExtnValueHex=function(){this.asn1ExtnValue=new KJUR.asn1.DEROctetString(this.params);return this.asn1ExtnValue.tohex()};this.oid="1.3.6.1.5.5.7.48.1.2";if(a!=undefined){this.params=a}};extendClass(KJUR.asn1.x509.OCSPNonce,KJUR.asn1.x509.Extension);KJUR.asn1.x509.OCSPNoCheck=function(a){KJUR.asn1.x509.OCSPNoCheck.superclass.constructor.call(this,a);this.params=undefined;this.getExtnValueHex=function(){this.asn1ExtnValue=new KJUR.asn1.DERNull();return this.asn1ExtnValue.tohex()};this.oid="1.3.6.1.5.5.7.48.1.5";if(a!=undefined){this.params=a}};extendClass(KJUR.asn1.x509.OCSPNoCheck,KJUR.asn1.x509.Extension);KJUR.asn1.x509.AdobeTimeStamp=function(g){KJUR.asn1.x509.AdobeTimeStamp.superclass.constructor.call(this,g);var c=KJUR,b=c.asn1,f=b.DERInteger,d=b.DERBoolean,a=b.DERSequence,e=b.x509.GeneralName;this.params=null;this.getExtnValueHex=function(){var i=this.params;var h=[new f(1)];h.push(new e({uri:i.uri}));if(i.reqauth!=undefined){h.push(new d(i.reqauth))}this.asn1ExtnValue=new a({array:h});return this.asn1ExtnValue.tohex()};this.oid="1.2.840.113583.1.1.9.1";if(g!==undefined){this.setByParam(g)}};extendClass(KJUR.asn1.x509.AdobeTimeStamp,KJUR.asn1.x509.Extension);KJUR.asn1.x509.X500Name=function(f){KJUR.asn1.x509.X500Name.superclass.constructor.call(this);this.asn1Array=[];this.paramArray=[];this.sRule="utf8";var c=KJUR,b=c.asn1,e=b.x509,d=e.RDN,a=pemtohex;this.setByString=function(g,l){if(l!==undefined){this.sRule=l}var k=g.split("/");k.shift();var j=[];for(var m=0;m<k.length;m++){if(k[m].match(/^[^=]+=.+$/)){j.push(k[m])}else{var h=j.length-1;j[h]=j[h]+"/"+k[m]}}for(var m=0;m<j.length;m++){this.asn1Array.push(new d({str:j[m],rule:this.sRule}))}};this.setByLdapString=function(g,h){if(h!==undefined){this.sRule=h}var i=e.X500Name.ldapToCompat(g);this.setByString(i,h)};this.setByObject=function(j,i){if(i!==undefined){this.sRule=i}for(var g in j){if(j.hasOwnProperty(g)){var h=new d({str:g+"="+j[g],rule:this.sRule});this.asn1Array?this.asn1Array.push(h):this.asn1Array=[h]}}};this.setByParam=function(h){if(h.rule!==undefined){this.sRule=h.rule}if(h.array!==undefined){this.paramArray=h.array}else{if(h.str!==undefined){this.setByString(h.str)}else{if(h.ldapstr!==undefined){this.setByLdapString(h.ldapstr)}else{if(h.hex!==undefined){this.hTLV=h.hex}else{if(h.certissuer!==undefined){var g=new X509();g.readCertPEM(h.certissuer);this.hTLV=g.getIssuerHex()}else{if(h.certsubject!==undefined){var g=new X509();g.readCertPEM(h.certsubject);this.hTLV=g.getSubjectHex()}else{if(typeof h==="object"&&h.certsubject===undefined&&h.certissuer===undefined){this.setByObject(h)}}}}}}}};this.tohex=function(){if(typeof this.hTLV=="string"){return this.hTLV}if(this.asn1Array.length==0&&this.paramArray.length>0){for(var g=0;g<this.paramArray.length;g++){var k={array:this.paramArray[g]};if(this.sRule!="utf8"){k.rule=this.sRule}var h=new d(k);this.asn1Array.push(h)}}var j=new b.DERSequence({array:this.asn1Array});this.hTLV=j.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.X500Name,KJUR.asn1.ASN1Object);KJUR.asn1.x509.X500Name.compatToLDAP=function(d){if(d.substr(0,1)!=="/"){throw"malformed input"}var b="";d=d.substr(1);var c=d.split("/");c.reverse();c=c.map(function(a){return a.replace(/,/,"\\,")});return c.join(",")};KJUR.asn1.x509.X500Name.onelineToLDAP=function(a){return KJUR.asn1.x509.X500Name.compatToLDAP(a)};KJUR.asn1.x509.X500Name.ldapToCompat=function(g){var c=g.split(",");var e=false;var b=[];for(var f=0;c.length>0;f++){var h=c.shift();if(e===true){var d=b.pop();var j=(d+","+h).replace(/\\,/g,",");b.push(j);e=false}else{b.push(h)}if(h.substr(-1,1)==="\\"){e=true}}b=b.map(function(a){return a.replace("/","\\/")});b.reverse();return"/"+b.join("/")};KJUR.asn1.x509.X500Name.ldapToOneline=function(a){return KJUR.asn1.x509.X500Name.ldapToCompat(a)};KJUR.asn1.x509.RDN=function(b){KJUR.asn1.x509.RDN.superclass.constructor.call(this);this.asn1Array=[];this.paramArray=[];this.sRule="utf8";var a=KJUR.asn1.x509.AttributeTypeAndValue;this.setByParam=function(c){if(c.rule!==undefined){this.sRule=c.rule}if(c.str!==undefined){this.addByMultiValuedString(c.str)}if(c.array!==undefined){this.paramArray=c.array}};this.addByString=function(c){this.asn1Array.push(new KJUR.asn1.x509.AttributeTypeAndValue({str:c,rule:this.sRule}))};this.addByMultiValuedString=function(e){var c=KJUR.asn1.x509.RDN.parseString(e);for(var d=0;d<c.length;d++){this.addByString(c[d])}};this.tohex=function(){if(this.asn1Array.length==0&&this.paramArray.length>0){for(var d=0;d<this.paramArray.length;d++){var f=this.paramArray[d];if(f.rule!==undefined&&this.sRule!="utf8"){f.rule=this.sRule}var c=new a(f);this.asn1Array.push(c)}}var e=new KJUR.asn1.DERSet({array:this.asn1Array});this.TLV=e.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};if(b!==undefined){this.setByParam(b)}};extendClass(KJUR.asn1.x509.RDN,KJUR.asn1.ASN1Object);KJUR.asn1.x509.RDN.parseString=function(m){var j=m.split(/\+/);var h=false;var c=[];for(var g=0;j.length>0;g++){var k=j.shift();if(h===true){var f=c.pop();var d=(f+"+"+k).replace(/\\\+/g,"+");c.push(d);h=false}else{c.push(k)}if(k.substr(-1,1)==="\\"){h=true}}var l=false;var b=[];for(var g=0;c.length>0;g++){var k=c.shift();if(l===true){var e=b.pop();if(k.match(/"$/)){var d=(e+"+"+k).replace(/^([^=]+)="(.*)"$/,"$1=$2");b.push(d);l=false}else{b.push(e+"+"+k)}}else{b.push(k)}if(k.match(/^[^=]+="/)){l=true}}return b};KJUR.asn1.x509.AttributeTypeAndValue=function(c){KJUR.asn1.x509.AttributeTypeAndValue.superclass.constructor.call(this);this.sRule="utf8";this.sType=null;this.sValue=null;this.dsType=null;var a=KJUR,g=a.asn1,d=g.DERSequence,l=g.DERUTF8String,i=g.DERPrintableString,h=g.DERTeletexString,b=g.DERIA5String,e=g.DERVisibleString,k=g.DERBMPString,f=a.lang.String.isMail,j=a.lang.String.isPrintable;this.setByParam=function(o){if(o.rule!==undefined){this.sRule=o.rule}if(o.ds!==undefined){this.dsType=o.ds}if(o.value===undefined&&o.str!==undefined){var n=o.str;var m=n.match(/^([^=]+)=(.+)$/);if(m){this.sType=m[1];this.sValue=m[2]}else{throw new Error("malformed attrTypeAndValueStr: "+attrTypeAndValueStr)}}else{this.sType=o.type;this.sValue=o.value}};this.setByString=function(n,o){if(o!==undefined){this.sRule=o}var m=n.match(/^([^=]+)=(.+)$/);if(m){this.setByAttrTypeAndValueStr(m[1],m[2])}else{throw new Error("malformed attrTypeAndValueStr: "+attrTypeAndValueStr)}};this._getDsType=function(){var o=this.sType;var n=this.sValue;var m=this.sRule;if(m==="prn"){if(o=="CN"&&f(n)){return"ia5"}if(j(n)){return"prn"}return"utf8"}else{if(m==="utf8"){if(o=="CN"&&f(n)){return"ia5"}if(o=="C"){return"prn"}return"utf8"}}return"utf8"};this.setByAttrTypeAndValueStr=function(o,n,m){if(m!==undefined){this.sRule=m}this.sType=o;this.sValue=n};this.getValueObj=function(n,m){if(n=="utf8"){return new l({str:m})}if(n=="prn"){return new i({str:m})}if(n=="tel"){return new h({str:m})}if(n=="ia5"){return new b({str:m})}if(n=="vis"){return new e({str:m})}if(n=="bmp"){return new k({str:m})}throw new Error("unsupported directory string type: type="+n+" value="+m)};this.tohex=function(){if(this.dsType==null){this.dsType=this._getDsType()}var n=KJUR.asn1.x509.OID.atype2obj(this.sType);var m=this.getValueObj(this.dsType,this.sValue);var p=new d({array:[n,m]});this.TLV=p.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};if(c!==undefined){this.setByParam(c)}};extendClass(KJUR.asn1.x509.AttributeTypeAndValue,KJUR.asn1.ASN1Object);KJUR.asn1.x509.SubjectPublicKeyInfo=function(f){KJUR.asn1.x509.SubjectPublicKeyInfo.superclass.constructor.call(this);var l=null,k=null,a=KJUR,j=a.asn1,i=j.DERInteger,b=j.DERBitString,m=j.DERObjectIdentifier,e=j.DERSequence,h=j.ASN1Util.newObject,d=j.x509,o=d.AlgorithmIdentifier,g=a.crypto,n=g.ECDSA,c=g.DSA;this.getASN1Object=function(){if(this.asn1AlgId==null||this.asn1SubjPKey==null){throw"algId and/or subjPubKey not set"}var p=new e({array:[this.asn1AlgId,this.asn1SubjPKey]});return p};this.tohex=function(){var p=this.getASN1Object();this.hTLV=p.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};this.setPubKey=function(q){try{if(q instanceof RSAKey){var u=h({seq:[{"int":{bigint:q.n}},{"int":{"int":q.e}}]});var s=u.tohex();this.asn1AlgId=new o({name:"rsaEncryption"});this.asn1SubjPKey=new b({hex:"00"+s})}}catch(p){}try{if(q instanceof KJUR.crypto.ECDSA){var r=new m({name:q.curveName});this.asn1AlgId=new o({name:"ecPublicKey",asn1params:r});this.asn1SubjPKey=new b({hex:"00"+q.pubKeyHex})}}catch(p){}try{if(q instanceof KJUR.crypto.DSA){var r=new h({seq:[{"int":{bigint:q.p}},{"int":{bigint:q.q}},{"int":{bigint:q.g}}]});this.asn1AlgId=new o({name:"dsa",asn1params:r});var t=new i({bigint:q.y});this.asn1SubjPKey=new b({hex:"00"+t.tohex()})}}catch(p){}};if(f!==undefined){this.setPubKey(f)}};extendClass(KJUR.asn1.x509.SubjectPublicKeyInfo,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Time=function(f){KJUR.asn1.x509.Time.superclass.constructor.call(this);var e=null,a=null,d=KJUR,c=d.asn1,b=c.DERUTCTime,g=c.DERGeneralizedTime;this.params=null;this.type=null;this.setTimeParams=function(h){this.timeParams=h};this.setByParam=function(h){this.params=h};this.getType=function(h){if(h.match(/^[0-9]{12}Z$/)){return"utc"}if(h.match(/^[0-9]{14}Z$/)){return"gen"}if(h.match(/^[0-9]{12}\.[0-9]+Z$/)){return"utc"}if(h.match(/^[0-9]{14}\.[0-9]+Z$/)){return"gen"}return null};this.tohex=function(){var i=this.params;var h=null;if(typeof i=="string"){i={str:i}}if(i!=null&&i.str&&(i.type==null||i.type==undefined)){i.type=this.getType(i.str)}if(i!=null&&i.str){if(i.type=="utc"){h=new b(i.str)}if(i.type=="gen"){h=new g(i.str)}}else{if(this.type=="gen"){h=new g()}else{h=new b()}}if(h==null){throw new Error("wrong setting for Time")}this.TLV=h.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};if(f!=undefined){this.setByParam(f)}};KJUR.asn1.x509.Time_bak=function(f){KJUR.asn1.x509.Time_bak.superclass.constructor.call(this);var e=null,a=null,d=KJUR,c=d.asn1,b=c.DERUTCTime,g=c.DERGeneralizedTime;this.setTimeParams=function(h){this.timeParams=h};this.tohex=function(){var h=null;if(this.timeParams!=null){if(this.type=="utc"){h=new b(this.timeParams)}else{h=new g(this.timeParams)}}else{if(this.type=="utc"){h=new b()}else{h=new g()}}this.TLV=h.tohex();return this.TLV};this.getEncodedHex=function(){return this.tohex()};this.type="utc";if(f!==undefined){if(f.type!==undefined){this.type=f.type}else{if(f.str!==undefined){if(f.str.match(/^[0-9]{12}Z$/)){this.type="utc"}if(f.str.match(/^[0-9]{14}Z$/)){this.type="gen"}}}this.timeParams=f}};extendClass(KJUR.asn1.x509.Time,KJUR.asn1.ASN1Object);KJUR.asn1.x509.AlgorithmIdentifier=function(e){KJUR.asn1.x509.AlgorithmIdentifier.superclass.constructor.call(this);this.nameAlg=null;this.asn1Alg=null;this.asn1Params=null;this.paramEmpty=false;var b=KJUR,a=b.asn1,c=a.x509.AlgorithmIdentifier.PSSNAME2ASN1TLV;this.tohex=function(){if(this.nameAlg===null&&this.asn1Alg===null){throw new Error("algorithm not specified")}if(this.nameAlg!==null){var f=null;for(var h in c){if(h===this.nameAlg){f=c[h]}}if(f!==null){this.hTLV=f;return this.hTLV}}if(this.nameAlg!==null&&this.asn1Alg===null){this.asn1Alg=a.x509.OID.name2obj(this.nameAlg)}var g=[this.asn1Alg];if(this.asn1Params!==null){g.push(this.asn1Params)}var i=new a.DERSequence({array:g});this.hTLV=i.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(e!==undefined){if(e.name!==undefined){this.nameAlg=e.name}if(e.asn1params!==undefined){this.asn1Params=e.asn1params}if(e.paramempty!==undefined){this.paramEmpty=e.paramempty}}if(this.asn1Params===null&&this.paramEmpty===false&&this.nameAlg!==null){if(this.nameAlg.name!==undefined){this.nameAlg=this.nameAlg.name}var d=this.nameAlg.toLowerCase();if(d.substr(-7,7)!=="withdsa"&&d.substr(-9,9)!=="withecdsa"){this.asn1Params=new a.DERNull()}}};extendClass(KJUR.asn1.x509.AlgorithmIdentifier,KJUR.asn1.ASN1Object);KJUR.asn1.x509.AlgorithmIdentifier.PSSNAME2ASN1TLV={SHAwithRSAandMGF1:"300d06092a864886f70d01010a3000",SHA256withRSAandMGF1:"303d06092a864886f70d01010a3030a00d300b0609608648016503040201a11a301806092a864886f70d010108300b0609608648016503040201a203020120",SHA384withRSAandMGF1:"303d06092a864886f70d01010a3030a00d300b0609608648016503040202a11a301806092a864886f70d010108300b0609608648016503040202a203020130",SHA512withRSAandMGF1:"303d06092a864886f70d01010a3030a00d300b0609608648016503040203a11a301806092a864886f70d010108300b0609608648016503040203a203020140"};KJUR.asn1.x509.GeneralName=function(f){KJUR.asn1.x509.GeneralName.superclass.constructor.call(this);var l={rfc822:"81",dns:"82",dn:"a4",uri:"86",ip:"87",otherName:"a0"},b=KJUR,h=b.asn1,d=h.x509,a=d.X500Name,g=d.OtherName,e=h.DERIA5String,i=h.DERPrintableString,k=h.DEROctetString,c=h.DERTaggedObject,m=h.ASN1Object,j=Error;this.params=null;this.setByParam=function(n){this.params=n};this.tohex=function(){var p=this.params;var A,y,q;var y=false;if(p.other!==undefined){A="a0",q=new g(p.other)}else{if(p.rfc822!==undefined){A="81";q=new e({str:p.rfc822})}else{if(p.dns!==undefined){A="82";q=new e({str:p.dns})}else{if(p.dn!==undefined){A="a4";y=true;if(typeof p.dn==="string"){q=new a({str:p.dn})}else{if(p.dn instanceof KJUR.asn1.x509.X500Name){q=p.dn}else{q=new a(p.dn)}}}else{if(p.ldapdn!==undefined){A="a4";y=true;q=new a({ldapstr:p.ldapdn})}else{if(p.certissuer!==undefined||p.certsubj!==undefined){A="a4";y=true;var n,o;var z=null;if(p.certsubj!==undefined){n=false;o=p.certsubj}else{n=true;o=p.certissuer}if(o.match(/^[0-9A-Fa-f]+$/)){z==o}if(o.indexOf("-----BEGIN ")!=-1){z=pemtohex(o)}if(z==null){throw new Error("certsubj/certissuer not cert")}var w=new X509();w.hex=z;var s;if(n){s=w.getIssuerHex()}else{s=w.getSubjectHex()}q=new m();q.hTLV=s}else{if(p.uri!==undefined){A="86";q=new e({str:p.uri})}else{if(p.ip!==undefined){A="87";var v;var t=p.ip;try{if(t.match(/^[0-9a-f]+$/)){var r=t.length;if(r==8||r==16||r==32||r==64){v=t}else{throw"err"}}else{v=iptohex(t)}}catch(u){throw new j("malformed IP address: "+p.ip+":"+u.message)}q=new k({hex:v})}else{throw new j("improper params")}}}}}}}}var B=new c({tag:A,explicit:y,obj:q});return B.tohex()};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){this.setByParam(f)}};extendClass(KJUR.asn1.x509.GeneralName,KJUR.asn1.ASN1Object);KJUR.asn1.x509.GeneralNames=function(d){KJUR.asn1.x509.GeneralNames.superclass.constructor.call(this);var a=null,c=KJUR,b=c.asn1;this.setByParamArray=function(g){for(var e=0;e<g.length;e++){var f=new b.x509.GeneralName(g[e]);this.asn1Array.push(f)}};this.tohex=function(){var e=new b.DERSequence({array:this.asn1Array});return e.tohex()};this.getEncodedHex=function(){return this.tohex()};this.asn1Array=new Array();if(typeof d!="undefined"){this.setByParamArray(d)}};extendClass(KJUR.asn1.x509.GeneralNames,KJUR.asn1.ASN1Object);KJUR.asn1.x509.OtherName=function(g){KJUR.asn1.x509.OtherName.superclass.constructor.call(this);var f=null,e=null,d=KJUR,c=d.asn1,h=c.DERObjectIdentifier,a=c.DERSequence,b=c.ASN1Util.newObject;this.params=null;this.setByParam=function(i){this.params=i};this.tohex=function(){var k=this.params;if(k.oid==undefined||k.value==undefined){throw new Error("oid or value not specified")}var l=new h({oid:k.oid});var i=b({tag:{tag:"a0",explicit:true,obj:k.value}});var j=new a({array:[l,i]});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!==undefined){this.setByParam(g)}};extendClass(KJUR.asn1.x509.OtherName,KJUR.asn1.ASN1Object);KJUR.asn1.x509.OID=new function(){var a=KJUR.asn1.DERObjectIdentifier;this.name2oidList={sha1:"1.3.14.3.2.26",sha256:"2.16.840.1.101.3.4.2.1",sha384:"2.16.840.1.101.3.4.2.2",sha512:"2.16.840.1.101.3.4.2.3",sha224:"2.16.840.1.101.3.4.2.4",md5:"1.2.840.113549.2.5",md2:"1.3.14.7.2.2.1",ripemd160:"1.3.36.3.2.1",MD2withRSA:"1.2.840.113549.1.1.2",MD4withRSA:"1.2.840.113549.1.1.3",MD5withRSA:"1.2.840.113549.1.1.4",SHA1withRSA:"1.2.840.113549.1.1.5","pkcs1-MGF":"1.2.840.113549.1.1.8",rsaPSS:"1.2.840.113549.1.1.10",SHA224withRSA:"1.2.840.113549.1.1.14",SHA256withRSA:"1.2.840.113549.1.1.11",SHA384withRSA:"1.2.840.113549.1.1.12",SHA512withRSA:"1.2.840.113549.1.1.13",SHA1withECDSA:"1.2.840.10045.4.1",SHA224withECDSA:"1.2.840.10045.4.3.1",SHA256withECDSA:"1.2.840.10045.4.3.2",SHA384withECDSA:"1.2.840.10045.4.3.3",SHA512withECDSA:"1.2.840.10045.4.3.4",dsa:"1.2.840.10040.4.1",SHA1withDSA:"1.2.840.10040.4.3",SHA224withDSA:"2.16.840.1.101.3.4.3.1",SHA256withDSA:"2.16.840.1.101.3.4.3.2",rsaEncryption:"1.2.840.113549.1.1.1",commonName:"2.5.4.3",countryName:"2.5.4.6",localityName:"2.5.4.7",stateOrProvinceName:"2.5.4.8",streetAddress:"2.5.4.9",organizationName:"2.5.4.10",organizationalUnitName:"2.5.4.11",domainComponent:"0.9.2342.19200300.100.1.25",userId:"0.9.2342.19200300.100.1.1",surname:"2.5.4.4",givenName:"2.5.4.42",title:"2.5.4.12",distinguishedName:"2.5.4.49",emailAddress:"1.2.840.113549.1.9.1",description:"2.5.4.13",businessCategory:"2.5.4.15",postalCode:"2.5.4.17",uniqueIdentifier:"2.5.4.45",organizationIdentifier:"2.5.4.97",jurisdictionOfIncorporationL:"1.3.6.1.4.1.311.60.2.1.1",jurisdictionOfIncorporationSP:"1.3.6.1.4.1.311.60.2.1.2",jurisdictionOfIncorporationC:"1.3.6.1.4.1.311.60.2.1.3",subjectDirectoryAttributes:"2.5.29.9",subjectKeyIdentifier:"2.5.29.14",keyUsage:"2.5.29.15",subjectAltName:"2.5.29.17",issuerAltName:"2.5.29.18",basicConstraints:"2.5.29.19",cRLNumber:"2.5.29.20",cRLReason:"2.5.29.21",nameConstraints:"2.5.29.30",cRLDistributionPoints:"2.5.29.31",certificatePolicies:"2.5.29.32",anyPolicy:"2.5.29.32.0",authorityKeyIdentifier:"2.5.29.35",policyConstraints:"2.5.29.36",extKeyUsage:"2.5.29.37",authorityInfoAccess:"1.3.6.1.5.5.7.1.1",ocsp:"1.3.6.1.5.5.7.48.1",ocspBasic:"1.3.6.1.5.5.7.48.1.1",ocspNonce:"1.3.6.1.5.5.7.48.1.2",ocspNoCheck:"1.3.6.1.5.5.7.48.1.5",caIssuers:"1.3.6.1.5.5.7.48.2",anyExtendedKeyUsage:"2.5.29.37.0",serverAuth:"1.3.6.1.5.5.7.3.1",clientAuth:"1.3.6.1.5.5.7.3.2",codeSigning:"1.3.6.1.5.5.7.3.3",emailProtection:"1.3.6.1.5.5.7.3.4",timeStamping:"1.3.6.1.5.5.7.3.8",ocspSigning:"1.3.6.1.5.5.7.3.9",smtpUTF8Mailbox:"1.3.6.1.5.5.7.8.9",dateOfBirth:"1.3.6.1.5.5.7.9.1",placeOfBirth:"1.3.6.1.5.5.7.9.2",gender:"1.3.6.1.5.5.7.9.3",countryOfCitizenship:"1.3.6.1.5.5.7.9.4",countryOfResidence:"1.3.6.1.5.5.7.9.5",ecPublicKey:"1.2.840.10045.2.1","P-256":"1.2.840.10045.3.1.7",secp256r1:"1.2.840.10045.3.1.7",secp256k1:"1.3.132.0.10",secp384r1:"1.3.132.0.34",secp521r1:"1.3.132.0.35",pkcs5PBES2:"1.2.840.113549.1.5.13",pkcs5PBKDF2:"1.2.840.113549.1.5.12","des-EDE3-CBC":"1.2.840.113549.3.7",data:"1.2.840.113549.1.7.1","signed-data":"1.2.840.113549.1.7.2","enveloped-data":"1.2.840.113549.1.7.3","digested-data":"1.2.840.113549.1.7.5","encrypted-data":"1.2.840.113549.1.7.6","authenticated-data":"1.2.840.113549.1.9.16.1.2",tstinfo:"1.2.840.113549.1.9.16.1.4",signingCertificate:"1.2.840.113549.1.9.16.2.12",timeStampToken:"1.2.840.113549.1.9.16.2.14",signaturePolicyIdentifier:"1.2.840.113549.1.9.16.2.15",etsArchiveTimeStamp:"1.2.840.113549.1.9.16.2.27",signingCertificateV2:"1.2.840.113549.1.9.16.2.47",etsArchiveTimeStampV2:"1.2.840.113549.1.9.16.2.48",extensionRequest:"1.2.840.113549.1.9.14",contentType:"1.2.840.113549.1.9.3",messageDigest:"1.2.840.113549.1.9.4",signingTime:"1.2.840.113549.1.9.5",counterSignature:"1.2.840.113549.1.9.6",archiveTimeStampV3:"0.4.0.1733.2.4",pdfRevocationInfoArchival:"1.2.840.113583.1.1.8",adobeTimeStamp:"1.2.840.113583.1.1.9.1",};this.atype2oidList={CN:"2.5.4.3",L:"2.5.4.7",ST:"2.5.4.8",O:"2.5.4.10",OU:"2.5.4.11",C:"2.5.4.6",STREET:"2.5.4.9",DC:"0.9.2342.19200300.100.1.25",UID:"0.9.2342.19200300.100.1.1",SN:"2.5.4.4",T:"2.5.4.12",DN:"2.5.4.49",E:"1.2.840.113549.1.9.1",description:"2.5.4.13",businessCategory:"2.5.4.15",postalCode:"2.5.4.17",serialNumber:"2.5.4.5",uniqueIdentifier:"2.5.4.45",organizationIdentifier:"2.5.4.97",jurisdictionOfIncorporationL:"1.3.6.1.4.1.311.60.2.1.1",jurisdictionOfIncorporationSP:"1.3.6.1.4.1.311.60.2.1.2",jurisdictionOfIncorporationC:"1.3.6.1.4.1.311.60.2.1.3"};this.objCache={};this.name2obj=function(b){if(typeof this.objCache[b]!="undefined"){return this.objCache[b]}if(typeof this.name2oidList[b]=="undefined"){throw"Name of ObjectIdentifier not defined: "+b}var c=this.name2oidList[b];var d=new a({oid:c});this.objCache[b]=d;return d};this.atype2obj=function(b){if(this.objCache[b]!==undefined){return this.objCache[b]}var c;if(b.match(/^\d+\.\d+\.[0-9.]+$/)){c=b}else{if(this.atype2oidList[b]!==undefined){c=this.atype2oidList[b]}else{if(this.name2oidList[b]!==undefined){c=this.name2oidList[b]}else{throw new Error("AttributeType name undefined: "+b)}}}var d=new a({oid:c});this.objCache[b]=d;return d};this.registerOIDs=function(b){if(!this.checkOIDs(b)){return}for(var c in b){this.name2oidList[c]=b[c]}};this.checkOIDs=function(b){try{var d=Object.keys(b);if(d.length==0){return false}d.map(function(g,e,h){var f=this[g];if(!f.match(/^[0-2]\.[0-9.]+$/)){throw new Error("value is not OID")}},b);return true}catch(c){return false}}};KJUR.asn1.x509.OID.oid2name=function(b){var c=KJUR.asn1.x509.OID.name2oidList;for(var a in c){if(c[a]==b){return a}}return""};KJUR.asn1.x509.OID.oid2atype=function(b){var c=KJUR.asn1.x509.OID.atype2oidList;for(var a in c){if(c[a]==b){return a}}return b};KJUR.asn1.x509.OID.name2oid=function(a){if(a.match(/^[0-9.]+$/)){return a}var b=KJUR.asn1.x509.OID.name2oidList;if(b[a]===undefined){return""}return b[a]};KJUR.asn1.x509.X509Util={};KJUR.asn1.x509.X509Util.newCertPEM=function(e){var d=KJUR.asn1.x509,b=d.TBSCertificate,a=d.Certificate;var c=new a(e);return c.getPEM()};
 if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}if(typeof KJUR.asn1.cms=="undefined"||!KJUR.asn1.cms){KJUR.asn1.cms={}}KJUR.asn1.cms.Attribute=function(f){var e=Error,d=KJUR,c=d.asn1,b=c.DERSequence,a=c.DERSet,g=c.DERObjectIdentifier;this.params=null;this.typeOid=null;this.setByParam=function(h){this.params=h};this.getValueArray=function(){throw new e("not yet implemented abstract")};this.tohex=function(){var j=new g({oid:this.typeOid});var h=new a({array:this.getValueArray()});var i=new b({array:[j,h]});return i.tohex()};this.getEncodedHex=function(){return this.tohex()}};extendClass(KJUR.asn1.cms.Attribute,KJUR.asn1.ASN1Object);KJUR.asn1.cms.ContentType=function(c){var b=KJUR,a=b.asn1;a.cms.ContentType.superclass.constructor.call(this);this.typeOid="1.2.840.113549.1.9.3";this.getValueArray=function(){var d=new a.DERObjectIdentifier(this.params.type);return[d]};if(c!=undefined){this.setByParam(c)}};extendClass(KJUR.asn1.cms.ContentType,KJUR.asn1.cms.Attribute);KJUR.asn1.cms.MessageDigest=function(e){var b=KJUR,a=b.asn1,c=a.DEROctetString,d=a.cms;d.MessageDigest.superclass.constructor.call(this);this.typeOid="1.2.840.113549.1.9.4";this.getValueArray=function(){var f=new c(this.params);return[f]};if(e!=undefined){this.setByParam(e)}};extendClass(KJUR.asn1.cms.MessageDigest,KJUR.asn1.cms.Attribute);KJUR.asn1.cms.SigningTime=function(c){var b=KJUR,a=b.asn1;a.cms.SigningTime.superclass.constructor.call(this);this.typeOid="1.2.840.113549.1.9.5";this.getValueArray=function(){var d=new a.x509.Time(this.params);return[d]};if(c!=undefined){this.setByParam(c)}};extendClass(KJUR.asn1.cms.SigningTime,KJUR.asn1.cms.Attribute);KJUR.asn1.cms.SigningCertificate=function(h){var e=Error,d=KJUR,c=d.asn1,b=c.DERSequence,g=c.cms,a=g.ESSCertID,f=d.crypto;g.SigningCertificate.superclass.constructor.call(this);this.typeOid="1.2.840.113549.1.9.16.2.12";this.getValueArray=function(){if(this.params==null||this.params==undefined||this.params.array==undefined){throw new e("parameter 'array' not specified")}var o=this.params.array;var k=[];for(var l=0;l<o.length;l++){var n=o[l];if(h.hasis==false&&(typeof n=="string"&&(n.indexOf("-----BEGIN")!=-1||ASN1HEX.isASN1HEX(n)))){n={cert:n}}if(n.hasis!=false&&h.hasis==false){n.hasis=false}k.push(new a(n))}var j=new b({array:k});var m=new b({array:[j]});return[m]};if(h!=undefined){this.setByParam(h)}};extendClass(KJUR.asn1.cms.SigningCertificate,KJUR.asn1.cms.Attribute);KJUR.asn1.cms.ESSCertID=function(g){KJUR.asn1.cms.ESSCertID.superclass.constructor.call(this);var d=Error,c=KJUR,b=c.asn1,f=b.DEROctetString,a=b.DERSequence,e=b.cms.IssuerSerial;this.params=null;this.getCertHash=function(k,h){if(k.hash!=undefined){return k.hash}if(typeof k=="string"&&k.indexOf("-----BEGIN")==-1&&!ASN1HEX.isASN1HEX(k)){return k}var i;if(typeof k=="string"){i=k}else{if(k.cert!=undefined){i=k.cert}else{throw new d("hash nor cert unspecified")}}var j;if(i.indexOf("-----BEGIN")!=-1){j=pemtohex(i)}else{j=i}if(typeof k=="string"){if(k.indexOf("-----BEGIN")!=-1){j=pemtohex(k)}else{if(ASN1HEX.isASN1HEX(k)){j=k}}}var l;if(k.alg!=undefined){l=k.alg}else{if(h!=undefined){l=h}else{throw new d("hash alg unspecified")}}return c.crypto.Util.hashHex(j,l)};this.tohex=function(){var k=this.params;var j=this.getCertHash(k,"sha1");var h=[];h.push(new f({hex:j}));if((typeof k=="string"&&k.indexOf("-----BEGIN")!=-1)||(k.cert!=undefined&&k.hasis!=false)||(k.issuer!=undefined&&k.serial!=undefined)){h.push(new e(k))}var i=new a({array:h});return i.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!=undefined){this.setByParam(g)}};extendClass(KJUR.asn1.cms.ESSCertID,KJUR.asn1.ASN1Object);KJUR.asn1.cms.SigningCertificateV2=function(d){var h=Error,a=KJUR,g=a.asn1,e=g.DERSequence,b=g.x509,i=g.cms,c=i.ESSCertIDv2,f=a.crypto;i.SigningCertificateV2.superclass.constructor.call(this);this.typeOid="1.2.840.113549.1.9.16.2.47";this.getValueArray=function(){if(this.params==null||this.params==undefined||this.params.array==undefined){throw new h("parameter 'array' not specified")}var o=this.params.array;var l=[];for(var m=0;m<o.length;m++){var n=o[m];if((d.alg!=undefined||d.hasis==false)&&(typeof n=="string"&&(n.indexOf("-----BEGIN")!=-1||ASN1HEX.isASN1HEX(n)))){n={cert:n}}if(n.alg==undefined&&d.alg!=undefined){n.alg=d.alg}if(n.hasis!=false&&d.hasis==false){n.hasis=false}l.push(new c(n))}var k=new e({array:l});var j=new e({array:[k]});return[j]};if(d!=undefined){this.setByParam(d)}};extendClass(KJUR.asn1.cms.SigningCertificateV2,KJUR.asn1.cms.Attribute);KJUR.asn1.cms.ESSCertIDv2=function(h){KJUR.asn1.cms.ESSCertIDv2.superclass.constructor.call(this);var d=Error,c=KJUR,b=c.asn1,f=b.DEROctetString,a=b.DERSequence,e=b.cms.IssuerSerial,g=b.x509.AlgorithmIdentifier;this.params=null;this.tohex=function(){var l=this.params;var k=this.getCertHash(l,"sha256");var i=[];if(l.alg!=undefined&&l.alg!="sha256"){i.push(new g({name:l.alg}))}i.push(new f({hex:k}));if((typeof l=="string"&&l.indexOf("-----BEGIN")!=-1)||(l.cert!=undefined&&l.hasis!=false)||(l.issuer!=undefined&&l.serial!=undefined)){i.push(new e(l))}var j=new a({array:i});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};if(h!=undefined){this.setByParam(h)}};extendClass(KJUR.asn1.cms.ESSCertIDv2,KJUR.asn1.cms.ESSCertID);KJUR.asn1.cms.IssuerSerial=function(e){var i=Error,c=KJUR,h=c.asn1,g=h.DERInteger,f=h.DERSequence,j=h.cms,d=h.x509,a=d.GeneralNames,b=X509;j.IssuerSerial.superclass.constructor.call(this);this.setByParam=function(k){this.params=k};this.tohex=function(){var p=this.params;var l,r;if((typeof p=="string"&&p.indexOf("-----BEGIN")!=-1)||p.cert!=undefined){var n;if(p.cert!=undefined){n=p.cert}else{n=p}var k=new b();k.readCertPEM(n);l=k.getIssuer();r={hex:k.getSerialNumberHex()}}else{if(p.issuer!=undefined&&p.serial){l=p.issuer;r=p.serial}else{throw new i("cert or issuer and serial parameter not specified")}}var q=new a([{dn:l}]);var o=new g(r);var m=new f({array:[q,o]});return m.tohex()};this.getEncodedHex=function(){return this.tohex()};if(e!=undefined){this.setByParam(e)}};extendClass(KJUR.asn1.cms.IssuerSerial,KJUR.asn1.ASN1Object);KJUR.asn1.cms.SignerIdentifier=function(f){var c=KJUR,i=c.asn1,h=i.DERInteger,g=i.DERSequence,l=i.cms,k=l.IssuerAndSerialNumber,d=l.SubjectKeyIdentifier,e=i.x509,a=e.X500Name,b=X509,j=Error;l.SignerIdentifier.superclass.constructor.call(this);this.params=null;this.tohex=function(){var o=this.params;if(o.type=="isssn"){var m=new k(o);return m.tohex()}else{if(o.type=="skid"){var n=new d(o);return n.tohex()}else{throw new Error("wrong property for isssn or skid")}}};this.getEncodedHex=function(){return this.tohex()};if(f!=undefined){this.setByParam(f)}};extendClass(KJUR.asn1.cms.SignerIdentifier,KJUR.asn1.ASN1Object);KJUR.asn1.cms.IssuerAndSerialNumber=function(e){var c=KJUR,h=c.asn1,g=h.DERInteger,f=h.DERSequence,j=h.cms,d=h.x509,a=d.X500Name,b=X509,i=Error;j.IssuerAndSerialNumber.superclass.constructor.call(this);this.params=null;this.tohex=function(){var p=this.params;var l,r;if((typeof p=="string"&&p.indexOf("-----BEGIN")!=-1)||p.cert!=undefined){var n;if(p.cert!=undefined){n=p.cert}else{n=p}var k=new b();k.readCertPEM(n);l=k.getIssuer();r={hex:k.getSerialNumberHex()}}else{if(p.issuer!=undefined&&p.serial){l=p.issuer;r=p.serial}else{throw new i("cert or issuer and serial parameter not specified")}}var q=new a(l);var o=new g(r);var m=new f({array:[q,o]});return m.tohex()};this.getEncodedHex=function(){return this.tohex()};this.setByParam=function(k){this.params=k};if(e!=undefined){this.setByParam(e)}};extendClass(KJUR.asn1.cms.IssuerAndSerialNumber,KJUR.asn1.ASN1Object);KJUR.asn1.cms.SubjectKeyIdentifier=function(g){var d=KJUR,k=d.asn1,i=k.DERInteger,h=k.DERSequence,j=k.ASN1Util.newObject,m=k.cms,f=m.IssuerAndSerialName,c=m.SubjectKeyIdentifier,e=k.x509,a=e.X500Name,b=X509,l=Error;m.SubjectKeyIdentifier.superclass.constructor.call(this);this.tohex=function(){var r=this.params;if(r.cert==undefined&&r.skid==undefined){throw new l("property cert nor skid undefined")}var q;if(r.cert!=undefined){var n=new b(r.cert);var o=n.getExtSubjectKeyIdentifier();q=o.kid.hex}else{if(r.skid!=undefined){q=r.skid}}var p=j({tag:{tage:"a0",obj:{octstr:{hex:q}}}});return p.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!=undefined){this.setByParam(g)}};extendClass(KJUR.asn1.cms.SubjectKeyIdentifier,KJUR.asn1.ASN1Object);KJUR.asn1.cms.AttributeList=function(f){var d=Error,c=KJUR,b=c.asn1,a=b.DERSet,e=b.cms;e.AttributeList.superclass.constructor.call(this);this.params=null;this.hTLV=null;this.setByParam=function(g){this.params=g};this.tohex=function(){var o=this.params;if(this.hTLV!=null){return this.hTLV}var m=true;if(o.sortflag!=undefined){m=o.sortflag}var j=o.array;var g=[];for(var l=0;l<j.length;l++){var n=j[l];var k=n.attr;if(k=="contentType"){g.push(new e.ContentType(n))}else{if(k=="messageDigest"){g.push(new e.MessageDigest(n))}else{if(k=="signingTime"){g.push(new e.SigningTime(n))}else{if(k=="signingCertificate"){g.push(new e.SigningCertificate(n))}else{if(k=="signingCertificateV2"){g.push(new e.SigningCertificateV2(n))}else{if(k=="signaturePolicyIdentifier"){g.push(new KJUR.asn1.cades.SignaturePolicyIdentifier(n))}else{if(k=="signatureTimeStamp"||k=="timeStampToken"){g.push(new KJUR.asn1.cades.SignatureTimeStamp(n))}else{throw new d("unknown attr: "+k)}}}}}}}}var h=new a({array:g,sortflag:m});this.hTLV=h.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(f!=undefined){this.setByParam(f)}};extendClass(KJUR.asn1.cms.AttributeList,KJUR.asn1.ASN1Object);KJUR.asn1.cms.SignerInfo=function(q){var n=Error,r=KJUR,i=r.asn1,c=i.DERInteger,f=i.DEROctetString,h=i.DERSequence,m=i.DERTaggedObject,k=i.cms,p=k.SignerIdentifier,l=k.AttributeList,g=k.ContentType,e=k.EncapsulatedContentInfo,d=k.MessageDigest,j=k.SignedData,a=i.x509,s=a.AlgorithmIdentifier,b=r.crypto,o=KEYUTIL;k.SignerInfo.superclass.constructor.call(this);this.params=null;this.sign=function(){var y=this.params;var x=y.sigalg;var u=(new l(y.sattrs)).tohex();var v=o.getKey(y.signkey);var w=new b.Signature({alg:x});w.init(v);w.updateHex(u);var t=w.sign();y.sighex=t};this.tohex=function(){var w=this.params;var t=[];t.push(new c({"int":w.version}));t.push(new p(w.id));t.push(new s({name:w.hashalg}));if(w.sattrs!=undefined){var x=new l(w.sattrs);try{t.push(new m({tag:"a0",explicit:false,obj:x}))}catch(v){throw new n("si sattr error: "+v)}}if(w.sigalgfield!=undefined){t.push(new s({name:w.sigalgfield}))}else{t.push(new s({name:w.sigalg}))}if(w.sighex==undefined&&w.signkey!=undefined){this.sign()}t.push(new f({hex:w.sighex}));if(w.uattrs!=undefined){var x=new l(w.uattrs);try{t.push(new m({tag:"a1",explicit:false,obj:x}))}catch(v){throw new n("si uattr error: "+v)}}var u=new h({array:t});return u.tohex()};this.getEncodedHex=function(){return this.tohex()};if(q!=undefined){this.setByParam(q)}};extendClass(KJUR.asn1.cms.SignerInfo,KJUR.asn1.ASN1Object);KJUR.asn1.cms.EncapsulatedContentInfo=function(g){var c=KJUR,b=c.asn1,e=b.DERTaggedObject,a=b.DERSequence,h=b.DERObjectIdentifier,d=b.DEROctetString,f=b.cms;f.EncapsulatedContentInfo.superclass.constructor.call(this);this.params=null;this.tohex=function(){var m=this.params;var i=[];i.push(new h(m.type));if(m.content!=undefined&&(m.content.hex!=undefined||m.content.str!=undefined)&&m.isDetached!=true){var k=new d(m.content);var l=new e({tag:"a0",explicit:true,obj:k});i.push(l)}var j=new a({array:i});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};this.setByParam=function(i){this.params=i};if(g!=undefined){this.setByParam(g)}};extendClass(KJUR.asn1.cms.EncapsulatedContentInfo,KJUR.asn1.ASN1Object);KJUR.asn1.cms.ContentInfo=function(g){var c=KJUR,b=c.asn1,d=b.DERTaggedObject,a=b.DERSequence,h=b.DERObjectIdentifier,f=b.x509,e=f.OID.name2obj;KJUR.asn1.cms.ContentInfo.superclass.constructor.call(this);this.params=null;this.tohex=function(){var l=this.params;var i=[];i.push(new h(l.type));var k=new d({tag:"a0",explicit:true,obj:l.obj});i.push(k);var j=new a({array:i});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};this.setByParam=function(i){this.params=i};if(g!=undefined){this.setByParam(g)}};extendClass(KJUR.asn1.cms.ContentInfo,KJUR.asn1.ASN1Object);KJUR.asn1.cms.SignedData=function(e){var j=Error,a=KJUR,h=a.asn1,m=h.ASN1Object,g=h.DERInteger,p=h.DERSet,f=h.DERSequence,b=h.DERTaggedObject,o=h.cms,l=o.EncapsulatedContentInfo,d=o.SignerInfo,q=o.ContentInfo,k=o.CertificateSet,i=o.RevocationInfoChoices,c=h.x509,n=c.AlgorithmIdentifier;KJUR.asn1.cms.SignedData.superclass.constructor.call(this);this.params=null;this.checkAndFixParam=function(){var r=this.params;this._setDigestAlgs(r);this._setContentTypeByEContent(r);this._setMessageDigestByEContent(r);this._setSignerInfoVersion(r);this._setSignedDataVersion(r)};this._setDigestAlgs=function(v){var u={};var t=v.sinfos;for(var r=0;r<t.length;r++){var s=t[r];u[s.hashalg]=1}v.hashalgs=Object.keys(u).sort()};this._setContentTypeByEContent=function(w){var u=w.econtent.type;var v=w.sinfos;for(var r=0;r<v.length;r++){var t=v[r];var s=this._getAttrParamByName(t,"contentType");s.type=u}};this._setMessageDigestByEContent=function(r){var v=r.econtent;var y=r.econtent.type;var x=v.content.hex;if(x==undefined&&v.type=="data"&&v.content.str!=undefined){x=rstrtohex(v.content.str)}var A=r.sinfos;for(var u=0;u<A.length;u++){var t=A[u];var s=t.hashalg;var z=this._getAttrParamByName(t,"messageDigest");var w=KJUR.crypto.Util.hashHex(x,s);z.hex=w}};this._getAttrParamByName=function(t,s){var u=t.sattrs.array;for(var r=0;r<u.length;r++){if(u[r].attr==s){return u[r]}}};this._setSignerInfoVersion=function(v){var t=v.sinfos;for(var r=0;r<t.length;r++){var s=t[r];var u=1;if(s.id.type=="skid"){u=3}s.version=u}};this._setSignedDataVersion=function(s){var r=this._getSignedDataVersion(s);s.version=r};this._getSignedDataVersion=function(w){if(w.revinfos!=undefined){var r=w.revinfos;for(var t=0;t<r.length;t++){var s=r[t];if(s.ocsp!=undefined){return 5}}}var v=w.sinfos;for(var t=0;t<v.length;t++){var u=w.sinfos[t];if(u.version==3){return 3}}if(w.econtent.type!="data"){return 3}return 1};this.tohex=function(){var y=this.params;if(this.getEncodedHexPrepare!=undefined){this.getEncodedHexPrepare()}if(y.fixed!=true){this.checkAndFixParam()}var r=[];r.push(new g({"int":y.version}));var w=[];for(var v=0;v<y.hashalgs.length;v++){var t=y.hashalgs[v];w.push(new n({name:t}))}r.push(new p({array:w}));r.push(new l(y.econtent));if(y.certs!=undefined){r.push(new k(y.certs))}if(y.revinfos!=undefined){r.push(new i(y.revinfos))}var u=[];for(var v=0;v<y.sinfos.length;v++){var x=y.sinfos[v];u.push(new d(x))}r.push(new p({array:u}));var s=new f({array:r});return s.tohex()};this.getEncodedHex=function(){return this.tohex()};this.getContentInfo=function(){var r=new q({type:"signed-data",obj:this});return r};this.getContentInfoEncodedHex=function(){return this.getContentInfo().tohex()};if(e!=undefined){this.setByParam(e)}};extendClass(KJUR.asn1.cms.SignedData,KJUR.asn1.ASN1Object);KJUR.asn1.cms.CertificateSet=function(f){KJUR.asn1.cms.CertificateSet.superclass.constructor.call(this);var c=Error,b=KJUR.asn1,e=b.DERTaggedObject,a=b.DERSet,d=b.ASN1Object;this.params=null;this.tohex=function(){var j=this.params;var p=[];var q;if(j instanceof Array){q=j}else{if(j.array!=undefined){q=j.array}else{throw new c("cert array not specified")}}for(var k=0;k<q.length;k++){var l=q[k];var n=pemtohex(l);var g=new d();g.hTLV=n;p.push(g)}var m={array:p};if(j.sortflag==false){m.sortflag=false}var o=new a(m);var h=new e({tag:"a0",explicit:false,obj:o});return h.tohex()};this.getEncodedHex=function(){return this.tohex()};if(f!=undefined){this.setByParam(f)}};extendClass(KJUR.asn1.cms.CertificateSet,KJUR.asn1.ASN1Object);KJUR.asn1.cms.RevocationInfoChoices=function(a){KJUR.asn1.cms.RevocationInfoChoices.superclass.constructor.call(this);this.params=null;this.tohex=function(){var e=this.params;if(!e instanceof Array){throw new Error("params is not array")}var b=[];for(var c=0;c<e.length;c++){b.push(new KJUR.asn1.cms.RevocationInfoChoice(e[c]))}var d=KJUR.asn1.ASN1Util.newObject({tag:{tagi:"a1",obj:{set:b}}});return d.tohex()};this.getEncodedHex=function(){return this.tohex()};if(a!=undefined){this.setByParam(a)}};extendClass(KJUR.asn1.cms.RevocationInfoChoices,KJUR.asn1.ASN1Object);KJUR.asn1.cms.RevocationInfoChoice=function(a){KJUR.asn1.cms.RevocationInfoChoice.superclass.constructor.call(this);this.params=null;this.tohex=function(){var d=this.params;if(d.crl!=undefined&&typeof d.crl=="string"){var b=d.crl;if(d.crl.indexOf("-----BEGIN")!=-1){b=pemtohex(d.crl)}return b}else{if(d.ocsp!=undefined){var c=KJUR.asn1.ASN1Util.newObject({tag:{tagi:"a1",obj:new KJUR.asn1.cms.OtherRevocationFormat(d)}});return c.tohex()}else{throw new Error("property crl or ocsp undefined")}}};this.getEncodedHex=function(){return this.tohex()};if(a!=undefined){this.setByParam(a)}};extendClass(KJUR.asn1.cms.RevocationInfoChoice,KJUR.asn1.ASN1Object);KJUR.asn1.cms.OtherRevocationFormat=function(f){KJUR.asn1.cms.OtherRevocationFormat.superclass.constructor.call(this);var d=Error,c=KJUR,b=c.asn1,a=b.ASN1Util.newObject,e=c.lang.String.isHex;this.params=null;this.tohex=function(){var h=this.params;if(h.ocsp==undefined){throw new d("property ocsp not specified")}if(!e(h.ocsp)||!ASN1HEX.isASN1HEX(h.ocsp)){throw new d("ocsp value not ASN.1 hex string")}var g=a({seq:[{oid:"1.3.6.1.5.5.7.16.2"},{asn1:{tlv:h.ocsp}}]});return g.tohex()};this.getEncodedHex=function(){return this.tohex()};if(f!=undefined){this.setByParam(f)}};extendClass(KJUR.asn1.cms.OtherRevocationFormat,KJUR.asn1.ASN1Object);KJUR.asn1.cms.CMSUtil=new function(){};KJUR.asn1.cms.CMSUtil.newSignedData=function(a){return new KJUR.asn1.cms.SignedData(a)};KJUR.asn1.cms.CMSUtil.verifySignedData=function(n){var C=KJUR,p=C.asn1,s=p.cms,D=s.SignerInfo,q=s.SignedData,y=s.SigningTime,b=s.SigningCertificate,d=s.SigningCertificateV2,A=p.cades,u=A.SignaturePolicyIdentifier,i=C.lang.String.isHex,v=ASN1HEX,h=v.getVbyList,a=v.getTLVbyList,t=v.getIdxbyList,z=v.getChildIdx,c=v.getTLV,B=v.oidname,j=C.crypto.Util.hashHex;if(n.cms===undefined&&!i(n.cms)){}var E=n.cms;var g=function(J,H){var G;for(var I=3;I<6;I++){G=t(J,0,[1,0,I]);if(G!==undefined){var F=J.substr(G,2);if(F==="a0"){H.certsIdx=G}if(F==="a1"){H.revinfosIdx=G}if(F==="31"){H.signerinfosIdx=G}}}};var l=function(I,F){var H=F.signerinfosIdx;if(H===undefined){return}var L=z(I,H);F.signerInfoIdxList=L;for(var G=0;G<L.length;G++){var K=L[G];var J={idx:K};k(I,J);F.signerInfos.push(J)}};var k=function(I,J){var F=J.idx;J.signerid_issuer1=a(I,F,[1,0],"30");J.signerid_serial1=h(I,F,[1,1],"02");J.hashalg=B(h(I,F,[2,0],"06"));var H=t(I,F,[3],"a0");J.idxSignedAttrs=H;f(I,J,H);var G=z(I,F);var K=G.length;if(K<6){throw"malformed SignerInfo"}J.sigalg=B(h(I,F,[K-2,0],"06"));J.sigval=h(I,F,[K-1],"04")};var f=function(L,M,F){var J=z(L,F);M.signedAttrIdxList=J;for(var K=0;K<J.length;K++){var I=J[K];var G=h(L,I,[0],"06");var H;if(G==="2a864886f70d010905"){H=hextoutf8(h(L,I,[1,0]));M.saSigningTime=H}else{if(G==="2a864886f70d010904"){H=h(L,I,[1,0],"04");M.saMessageDigest=H}}}};var w=function(G,F){if(h(G,0,[0],"06")!=="2a864886f70d010702"){return F}F.cmsType="signedData";F.econtent=h(G,0,[1,0,2,1,0]);g(G,F);F.signerInfos=[];l(G,F)};var o=function(J,F){var G=F.parse.signerInfos;var L=G.length;var K=true;for(var I=0;I<L;I++){var H=G[I];e(J,F,H,I);if(!H.isValid){K=false}}F.isValid=K};var x=function(F,Q,J,P){var N=Q.parse.certsIdx;var H;if(Q.certs===undefined){H=[];Q.certkeys=[];var K=z(F,N);for(var I=0;I<K.length;I++){var M=c(F,K[I]);var O=new X509();O.readCertHex(M);H[I]=O;Q.certkeys[I]=O.getPublicKey()}Q.certs=H}else{H=Q.certs}Q.cccc=H.length;Q.cccci=K.length;for(var I=0;I<H.length;I++){var L=O.getIssuerHex();var G=O.getSerialNumberHex();if(J.signerid_issuer1===L&&J.signerid_serial1===G){J.certkey_idx=I}}};var e=function(F,R,I,N){I.verifyDetail={};var Q=I.verifyDetail;var K=R.parse.econtent;var G=I.hashalg;var L=I.saMessageDigest;Q.validMessageDigest=false;if(j(K,G)===L){Q.validMessageDigest=true}x(F,R,I,N);Q.validSignatureValue=false;var H=I.sigalg;var M="31"+c(F,I.idxSignedAttrs).substr(2);I.signedattrshex=M;var J=R.certs[I.certkey_idx].getPublicKey();var P=new KJUR.crypto.Signature({alg:H});P.init(J);P.updateHex(M);var O=P.verify(I.sigval);Q.validSignatureValue_isValid=O;if(O===true){Q.validSignatureValue=true}I.isValid=false;if(Q.validMessageDigest&&Q.validSignatureValue){I.isValid=true}};var m=function(){};var r={isValid:false,parse:{}};w(E,r.parse);o(E,r);return r};KJUR.asn1.cms.CMSParser=function(){var g=Error,a=X509,h=new a(),l=ASN1HEX,i=l.getV,b=l.getTLV,f=l.getIdxbyList,c=l.getTLVbyList,d=l.getTLVbyListEx,e=l.getVbyList,k=l.getVbyListEx,j=l.getChildIdx;this.getCMSSignedData=function(m){var o=c(m,0,[1,0]);var n=this.getSignedData(o);return n};this.getSignedData=function(o){var q=j(o,0);var v={};var p=i(o,q[0]);var n=parseInt(p,16);v.version=n;var r=b(o,q[1]);v.hashalgs=this.getHashAlgArray(r);var t=b(o,q[2]);v.econtent=this.getEContent(t);var m=d(o,0,["[0]"]);if(m!=null){v.certs=this.getCertificateSet(m)}var u=d(o,0,["[1]"]);if(u!=null){}var s=d(o,0,[3]);v.sinfos=this.getSignerInfos(s);return v};this.getHashAlgArray=function(s){var q=j(s,0);var m=new a();var n=[];for(var r=0;r<q.length;r++){var p=b(s,q[r]);var o=m.getAlgorithmIdentifierName(p);n.push(o)}return n};this.getEContent=function(m){var n={};var p=e(m,0,[0]);var o=e(m,0,[1,0]);n.type=KJUR.asn1.x509.OID.oid2name(ASN1HEX.hextooidstr(p));n.content={hex:o};return n};this.getSignerInfos=function(p){var r=[];var m=j(p,0);for(var n=0;n<m.length;n++){var o=b(p,m[n]);var q=this.getSignerInfo(o);r.push(q)}return r};this.getSignerInfo=function(s){var y={};var u=j(s,0);var q=l.getInt(s,u[0],-1);if(q!=-1){y.version=q}var t=b(s,u[1]);var p=this.getIssuerAndSerialNumber(t);y.id=p;var z=b(s,u[2]);var n=h.getAlgorithmIdentifierName(z);y.hashalg=n;var w=d(s,0,["[0]"]);if(w!=null){var A=this.getAttributeList(w);y.sattrs=A}var m=d(s,0,[3]);var x=h.getAlgorithmIdentifierName(m);y.sigalg=x;var o=k(s,0,[4]);y.sighex=o;var r=d(s,0,["[1]"]);if(r!=null){var v=this.getAttributeList(r);y.uattrs=v}return y};this.getSignerIdentifier=function(m){if(m.substr(0,2)=="30"){return this.getIssuerAndSerialNumber(m)}else{throw new Error("SKID of signerIdentifier not supported")}};this.getIssuerAndSerialNumber=function(n){var o={type:"isssn"};var m=j(n,0);var p=b(n,m[0]);o.issuer=h.getX500Name(p);var q=i(n,m[1]);o.serial={hex:q};return o};this.getAttributeList=function(q){var m=[];var n=j(q,0);for(var o=0;o<n.length;o++){var p=b(q,n[o]);var r=this.getAttribute(p);m.push(r)}return{array:m}};this.getAttribute=function(p){var t={};var q=j(p,0);var o=l.getOID(p,q[0]);var m=KJUR.asn1.x509.OID.oid2name(o);t.attr=m;var r=b(p,q[1]);var u=j(r,0);if(u.length==1){t.valhex=b(r,u[0])}else{var s=[];for(var n=0;n<u.length;n++){s.push(b(r,u[n]))}t.valhex=s}if(m=="contentType"){this.setContentType(t)}else{if(m=="messageDigest"){this.setMessageDigest(t)}else{if(m=="signingTime"){this.setSigningTime(t)}else{if(m=="signingCertificate"){this.setSigningCertificate(t)}else{if(m=="signingCertificateV2"){this.setSigningCertificateV2(t)}else{if(m=="signaturePolicyIdentifier"){this.setSignaturePolicyIdentifier(t)}}}}}}return t};this.setContentType=function(m){var n=l.getOIDName(m.valhex,0,null);if(n!=null){m.type=n;delete m.valhex}};this.setSigningTime=function(o){var n=i(o.valhex,0);var m=hextoutf8(n);o.str=m;delete o.valhex};this.setMessageDigest=function(m){var n=i(m.valhex,0);m.hex=n;delete m.valhex};this.setSigningCertificate=function(n){var q=j(n.valhex,0);if(q.length>0){var m=b(n.valhex,q[0]);var p=j(m,0);var t=[];for(var o=0;o<p.length;o++){var s=b(m,p[o]);var u=this.getESSCertID(s);t.push(u)}n.array=t}if(q.length>1){var r=b(n.valhex,q[1]);n.polhex=r}delete n.valhex};this.setSignaturePolicyIdentifier=function(s){var q=j(s.valhex,0);if(q.length>0){var r=l.getOID(s.valhex,q[0]);s.oid=r}if(q.length>1){var m=new a();var t=j(s.valhex,q[1]);var p=b(s.valhex,t[0]);var o=m.getAlgorithmIdentifierName(p);s.alg=o;var n=i(s.valhex,t[1]);s.hash=n}delete s.valhex};this.setSigningCertificateV2=function(o){var s=j(o.valhex,0);if(s.length>0){var n=b(o.valhex,s[0]);var r=j(n,0);var u=[];for(var q=0;q<r.length;q++){var m=b(n,r[q]);var p=this.getESSCertIDv2(m);u.push(p)}o.array=u}if(s.length>1){var t=b(o.valhex,s[1]);o.polhex=t}delete o.valhex};this.getESSCertID=function(o){var p={};var n=j(o,0);if(n.length>0){var q=i(o,n[0]);p.hash=q}if(n.length>1){var m=b(o,n[1]);var r=this.getIssuerSerial(m);if(r.serial!=undefined){p.serial=r.serial}if(r.issuer!=undefined){p.issuer=r.issuer}}return p};this.getESSCertIDv2=function(q){var s={};var p=j(q,0);if(p.length<1||3<p.length){throw new g("wrong number of elements")}var r=0;if(q.substr(p[0],2)=="30"){var o=b(q,p[0]);s.alg=h.getAlgorithmIdentifierName(o);r++}else{s.alg="sha256"}var n=i(q,p[r]);s.hash=n;if(p.length>r+1){var m=b(q,p[r+1]);var t=this.getIssuerSerial(m);s.issuer=t.issuer;s.serial=t.serial}return s};this.getIssuerSerial=function(q){var r={};var n=j(q,0);var m=b(q,n[0]);var p=h.getGeneralNames(m);var o=p[0].dn;r.issuer=o;var s=i(q,n[1]);r.serial={hex:s};return r};this.getCertificateSet=function(p){var n=j(p,0);var m=[];for(var o=0;o<n.length;o++){var r=b(p,n[o]);if(r.substr(0,2)=="30"){var q=hextopem(r,"CERTIFICATE");m.push(q)}}return{array:m,sortflag:false}}};
 if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}if(typeof KJUR.asn1.tsp=="undefined"||!KJUR.asn1.tsp){KJUR.asn1.tsp={}}KJUR.asn1.tsp.TimeStampToken=function(d){var c=KJUR,b=c.asn1,a=b.tsp;a.TimeStampToken.superclass.constructor.call(this);this.params=null;this.getEncodedHexPrepare=function(){var e=new a.TSTInfo(this.params.econtent.content);this.params.econtent.content.hex=e.tohex()};if(d!=undefined){this.setByParam(d)}};extendClass(KJUR.asn1.tsp.TimeStampToken,KJUR.asn1.cms.SignedData);KJUR.asn1.tsp.TSTInfo=function(f){var m=Error,c=KJUR,j=c.asn1,g=j.DERSequence,i=j.DERInteger,l=j.DERBoolean,h=j.DERGeneralizedTime,n=j.DERObjectIdentifier,e=j.DERTaggedObject,k=j.tsp,d=k.MessageImprint,b=k.Accuracy,a=j.x509.X500Name,o=j.x509.GeneralName;k.TSTInfo.superclass.constructor.call(this);this.dVersion=new i({"int":1});this.dPolicy=null;this.dMessageImprint=null;this.dSerial=null;this.dGenTime=null;this.dAccuracy=null;this.dOrdering=null;this.dNonce=null;this.dTsa=null;this.tohex=function(){var p=[this.dVersion];if(this.dPolicy==null){throw new Error("policy shall be specified.")}p.push(this.dPolicy);if(this.dMessageImprint==null){throw new Error("messageImprint shall be specified.")}p.push(this.dMessageImprint);if(this.dSerial==null){throw new Error("serialNumber shall be specified.")}p.push(this.dSerial);if(this.dGenTime==null){throw new Error("genTime shall be specified.")}p.push(this.dGenTime);if(this.dAccuracy!=null){p.push(this.dAccuracy)}if(this.dOrdering!=null){p.push(this.dOrdering)}if(this.dNonce!=null){p.push(this.dNonce)}if(this.dTsa!=null){p.push(this.dTsa)}var q=new g({array:p});this.hTLV=q.tohex();return this.hTLV};this.getEncodedHex=function(){return this.tohex()};if(f!==undefined){if(typeof f.policy=="string"){if(!f.policy.match(/^[0-9.]+$/)){throw"policy shall be oid like 0.1.4.134"}this.dPolicy=new n({oid:f.policy})}if(f.messageImprint!==undefined){this.dMessageImprint=new d(f.messageImprint)}if(f.serial!==undefined){this.dSerial=new i(f.serial)}if(f.genTime!==undefined){this.dGenTime=new h(f.genTime)}if(f.accuracy!==undefined){this.dAccuracy=new b(f.accuracy)}if(f.ordering!==undefined&&f.ordering==true){this.dOrdering=new l()}if(f.nonce!==undefined){this.dNonce=new i(f.nonce)}if(f.tsa!==undefined){this.dTsa=new e({tag:"a0",explicit:true,obj:new o({dn:f.tsa})})}}};extendClass(KJUR.asn1.tsp.TSTInfo,KJUR.asn1.ASN1Object);KJUR.asn1.tsp.Accuracy=function(d){var c=KJUR,b=c.asn1,a=b.ASN1Util.newObject;b.tsp.Accuracy.superclass.constructor.call(this);this.params=null;this.tohex=function(){var f=this.params;var e=[];if(f.seconds!=undefined&&typeof f.seconds=="number"){e.push({"int":f.seconds})}if(f.millis!=undefined&&typeof f.millis=="number"){e.push({tag:{tagi:"80",obj:{"int":f.millis}}})}if(f.micros!=undefined&&typeof f.micros=="number"){e.push({tag:{tagi:"81",obj:{"int":f.micros}}})}return a({seq:e}).tohex()};this.getEncodedHex=function(){return this.tohex()};if(d!=undefined){this.setByParam(d)}};extendClass(KJUR.asn1.tsp.Accuracy,KJUR.asn1.ASN1Object);KJUR.asn1.tsp.MessageImprint=function(g){var c=KJUR,b=c.asn1,a=b.DERSequence,d=b.DEROctetString,f=b.x509,e=f.AlgorithmIdentifier;b.tsp.MessageImprint.superclass.constructor.call(this);this.params=null;this.tohex=function(){var k=this.params;var j=new e({name:k.alg});var h=new d({hex:k.hash});var i=new a({array:[j,h]});return i.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!==undefined){this.setByParam(g)}};extendClass(KJUR.asn1.tsp.MessageImprint,KJUR.asn1.ASN1Object);KJUR.asn1.tsp.TimeStampReq=function(c){var a=KJUR,f=a.asn1,d=f.DERSequence,e=f.DERInteger,h=f.DERBoolean,j=f.ASN1Object,i=f.DERObjectIdentifier,g=f.tsp,b=g.MessageImprint;g.TimeStampReq.superclass.constructor.call(this);this.params=null;this.tohex=function(){var m=this.params;var k=[];k.push(new e({"int":1}));if(m.messageImprint instanceof KJUR.asn1.ASN1Object){k.push(m.messageImprint)}else{k.push(new b(m.messageImprint))}if(m.policy!=undefined){k.push(new i(m.policy))}if(m.nonce!=undefined){k.push(new e(m.nonce))}if(m.certreq==true){k.push(new h())}var l=new d({array:k});return l.tohex()};this.getEncodedHex=function(){return this.tohex()};if(c!=undefined){this.setByParam(c)}};extendClass(KJUR.asn1.tsp.TimeStampReq,KJUR.asn1.ASN1Object);KJUR.asn1.tsp.TimeStampResp=function(g){var e=KJUR,d=e.asn1,c=d.DERSequence,f=d.ASN1Object,a=d.tsp,b=a.PKIStatusInfo;a.TimeStampResp.superclass.constructor.call(this);this.params=null;this.tohex=function(){var j=this.params;var h=[];if(j.econtent!=undefined||j.tst!=undefined){if(j.statusinfo!=undefined){h.push(new b(j.statusinfo))}else{h.push(new b("granted"))}if(j.econtent!=undefined){h.push((new a.TimeStampToken(j)).getContentInfo())}else{if(j.tst instanceof d.ASN1Object){h.push(j.tst)}else{throw new Error("improper member tst value")}}}else{if(j.statusinfo!=undefined){h.push(new b(j.statusinfo))}else{throw new Error("parameter for token nor statusinfo not specified")}}var i=new c({array:h});return i.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!=undefined){this.setByParam(g)}};extendClass(KJUR.asn1.tsp.TimeStampResp,KJUR.asn1.ASN1Object);KJUR.asn1.tsp.PKIStatusInfo=function(d){var h=Error,a=KJUR,g=a.asn1,e=g.DERSequence,i=g.tsp,f=i.PKIStatus,c=i.PKIFreeText,b=i.PKIFailureInfo;i.PKIStatusInfo.superclass.constructor.call(this);this.params=null;this.tohex=function(){var l=this.params;var j=[];if(typeof l=="string"){j.push(new f(l))}else{if(l.status==undefined){throw new h("property 'status' unspecified")}j.push(new f(l.status));if(l.statusstr!=undefined){j.push(new c(l.statusstr))}if(l.failinfo!=undefined){j.push(new b(l.failinfo))}}var k=new e({array:j});return k.tohex()};this.getEncodedHex=function(){return this.tohex()};if(d!=undefined){this.setByParam(d)}};extendClass(KJUR.asn1.tsp.PKIStatusInfo,KJUR.asn1.ASN1Object);KJUR.asn1.tsp.PKIStatus=function(g){var e=Error,d=KJUR,c=d.asn1,f=c.DERInteger,b=c.tsp;b.PKIStatus.superclass.constructor.call(this);var a={granted:0,grantedWithMods:1,rejection:2,waiting:3,revocationWarning:4,revocationNotification:5};this.params=null;this.tohex=function(){var k=this.params;var h,j;if(typeof k=="string"){try{j=a[k]}catch(i){throw new e("undefined name: "+k)}}else{if(typeof k=="number"){j=k}else{throw new e("unsupported params")}}return(new f({"int":j})).tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!=undefined){this.setByParam(g)}};extendClass(KJUR.asn1.tsp.PKIStatus,KJUR.asn1.ASN1Object);KJUR.asn1.tsp.PKIFreeText=function(g){var f=Error,e=KJUR,d=e.asn1,b=d.DERSequence,c=d.DERUTF8String,a=d.tsp;a.PKIFreeText.superclass.constructor.call(this);this.params=null;this.tohex=function(){var l=this.params;if(!l instanceof Array){throw new f("wrong params: not array")}var h=[];for(var k=0;k<l.length;k++){h.push(new c({str:l[k]}))}var j=new b({array:h});return j.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!=undefined){this.setByParam(g)}};extendClass(KJUR.asn1.tsp.PKIFreeText,KJUR.asn1.ASN1Object);KJUR.asn1.tsp.PKIFailureInfo=function(h){var f=Error,e=KJUR,d=e.asn1,g=d.DERBitString,b=d.tsp,c=b.PKIFailureInfo;var a={badAlg:0,badRequest:2,badDataFormat:5,timeNotAvailable:14,unacceptedPolicy:15,unacceptedExtension:16,addInfoNotAvailable:17,systemFailure:25};c.superclass.constructor.call(this);this.params=null;this.getBinValue=function(){var n=this.params;var m=0;if(typeof n=="number"&&0<=n&&n<=25){m|=1<<n;var k=m.toString(2);var l="";for(var j=k.length-1;j>=0;j--){l+=k[j]}return l}else{if(typeof n=="string"&&a[n]!=undefined){return namearraytobinstr([n],a)}else{if(typeof n=="object"&&n.length!=undefined){return namearraytobinstr(n,a)}else{throw new f("wrong params")}}}return};this.tohex=function(){var j=this.params;var i=this.getBinValue();return(new g({bin:i})).tohex()};this.getEncodedHex=function(){return this.tohex()};if(h!=undefined){this.setByParam(h)}};extendClass(KJUR.asn1.tsp.PKIFailureInfo,KJUR.asn1.ASN1Object);KJUR.asn1.tsp.AbstractTSAAdapter=function(a){this.getTSTHex=function(c,b){throw"not implemented yet"}};KJUR.asn1.tsp.SimpleTSAAdapter=function(e){var d=KJUR,c=d.asn1,a=c.tsp,b=d.crypto.Util.hashHex;a.SimpleTSAAdapter.superclass.constructor.call(this);this.params=null;this.serial=0;this.getTSTHex=function(g,f){var i=b(g,f);this.params.econtent.content.messageImprint={alg:f,hash:i};this.params.econtent.content.serial={"int":this.serial++};var h=Math.floor(Math.random()*1000000000);this.params.econtent.content.nonce={"int":h};var j=new a.TimeStampToken(this.params);return j.getContentInfoEncodedHex()};if(e!==undefined){this.params=e}};extendClass(KJUR.asn1.tsp.SimpleTSAAdapter,KJUR.asn1.tsp.AbstractTSAAdapter);KJUR.asn1.tsp.FixedTSAAdapter=function(e){var d=KJUR,c=d.asn1,a=c.tsp,b=d.crypto.Util.hashHex;a.FixedTSAAdapter.superclass.constructor.call(this);this.params=null;this.getTSTHex=function(g,f){var h=b(g,f);this.params.econtent.content.messageImprint={alg:f,hash:h};var i=new a.TimeStampToken(this.params);return i.getContentInfoEncodedHex()};if(e!==undefined){this.params=e}};extendClass(KJUR.asn1.tsp.FixedTSAAdapter,KJUR.asn1.tsp.AbstractTSAAdapter);KJUR.asn1.tsp.TSPUtil=new function(){};KJUR.asn1.tsp.TSPUtil.newTimeStampToken=function(a){return new KJUR.asn1.tsp.TimeStampToken(a)};KJUR.asn1.tsp.TSPUtil.parseTimeStampReq=function(a){var b=new KJUR.asn1.tsp.TSPParser();return b.getTimeStampReq(a)};KJUR.asn1.tsp.TSPUtil.parseMessageImprint=function(a){var b=new KJUR.asn1.tsp.TSPParser();return b.getMessageImprint(a)};KJUR.asn1.tsp.TSPParser=function(){var e=Error,a=X509,f=new a(),k=ASN1HEX,g=k.getV,b=k.getTLV,d=k.getIdxbyList,c=k.getTLVbyListEx,i=k.getChildIdx;var j=["granted","grantedWithMods","rejection","waiting","revocationWarning","revocationNotification"];var h={0:"badAlg",2:"badRequest",5:"badDataFormat",14:"timeNotAvailable",15:"unacceptedPolicy",16:"unacceptedExtension",17:"addInfoNotAvailable",25:"systemFailure"};this.getResponse=function(n){var l=i(n,0);if(l.length==1){return this.getPKIStatusInfo(b(n,l[0]))}else{if(l.length>1){var o=this.getPKIStatusInfo(b(n,l[0]));var m=b(n,l[1]);var p=this.getToken(m);p.statusinfo=o;return p}}};this.getToken=function(m){var l=new KJUR.asn1.cms.CMSParser;var n=l.getCMSSignedData(m);this.setTSTInfo(n);return n};this.setTSTInfo=function(l){var o=l.econtent;if(o.type=="tstinfo"){var n=o.content.hex;var m=this.getTSTInfo(n);o.content=m}};this.getTSTInfo=function(r){var x={};var s=i(r,0);var p=g(r,s[1]);x.policy=hextooid(p);var o=b(r,s[2]);x.messageImprint=this.getMessageImprint(o);var u=g(r,s[3]);x.serial={hex:u};var y=g(r,s[4]);x.genTime={str:hextoutf8(y)};var q=0;if(s.length>5&&r.substr(s[5],2)=="30"){var v=b(r,s[5]);x.accuracy=this.getAccuracy(v);q++}if(s.length>5+q&&r.substr(s[5+q],2)=="01"){var z=g(r,s[5+q]);if(z=="ff"){x.ordering=true}q++}if(s.length>5+q&&r.substr(s[5+q],2)=="02"){var n=g(r,s[5+q]);x.nonce={hex:n};q++}if(s.length>5+q&&r.substr(s[5+q],2)=="a0"){var m=b(r,s[5+q]);m="30"+m.substr(2);pGeneralNames=f.getGeneralNames(m);var t=pGeneralNames[0].dn;x.tsa=t;q++}if(s.length>5+q&&r.substr(s[5+q],2)=="a1"){var l=b(r,s[5+q]);l="30"+l.substr(2);var w=f.getExtParamArray(l);x.ext=w;q++}return x};this.getAccuracy=function(q){var r={};var o=i(q,0);for(var p=0;p<o.length;p++){var m=q.substr(o[p],2);var l=g(q,o[p]);var n=parseInt(l,16);if(m=="02"){r.seconds=n}else{if(m=="80"){r.millis=n}else{if(m=="81"){r.micros=n}}}}return r};this.getMessageImprint=function(n){if(n.substr(0,2)!="30"){throw new Error("head of messageImprint hex shall be x30")}var s={};var l=i(n,0);var t=d(n,0,[0,0]);var o=g(n,t);var p=k.hextooidstr(o);var r=KJUR.asn1.x509.OID.oid2name(p);if(r==""){throw new Error("hashAlg name undefined: "+p)}var m=r;var q=d(n,0,[1]);s.alg=m;s.hash=g(n,q);return s};this.getPKIStatusInfo=function(o){var t={};var r=i(o,0);var n=0;try{var l=g(o,r[0]);var p=parseInt(l,16);t.status=j[p]}catch(s){}if(r.length>1&&o.substr(r[1],2)=="30"){var m=b(o,r[1]);t.statusstr=this.getPKIFreeText(m);n++}if(r.length>n&&o.substr(r[1+n],2)=="03"){var q=b(o,r[1+n]);t.failinfo=this.getPKIFailureInfo(q)}return t};this.getPKIFreeText=function(n){var o=[];var l=i(n,0);for(var m=0;m<l.length;m++){o.push(k.getString(n,l[m]))}return o};this.getPKIFailureInfo=function(l){var m=k.getInt(l,0);if(h[m]!=undefined){return h[m]}else{return m}};this.getTimeStampReq=function(q){var p={};p.certreq=false;var s=i(q,0);if(s.length<2){throw new Error("TimeStampReq must have at least 2 items")}var n=b(q,s[1]);p.messageImprint=KJUR.asn1.tsp.TSPUtil.parseMessageImprint(n);for(var o=2;o<s.length;o++){var m=s[o];var l=q.substr(m,2);if(l=="06"){var r=g(q,m);p.policy=k.hextooidstr(r)}if(l=="02"){p.nonce=g(q,m)}if(l=="01"){p.certreq=true}}return p}};
 if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}if(typeof KJUR.asn1.cades=="undefined"||!KJUR.asn1.cades){KJUR.asn1.cades={}}KJUR.asn1.cades.SignaturePolicyIdentifier=function(e){var c=KJUR,b=c.asn1,a=b.cades,d=a.SignaturePolicyId;a.SignaturePolicyIdentifier.superclass.constructor.call(this);this.typeOid="1.2.840.113549.1.9.16.2.15";this.params=null;this.getValueArray=function(){return[new d(this.params)]};this.setByParam=function(f){this.params=f};if(e!=undefined){this.setByParam(e)}};extendClass(KJUR.asn1.cades.SignaturePolicyIdentifier,KJUR.asn1.cms.Attribute);KJUR.asn1.cades.SignaturePolicyId=function(e){var a=KJUR,g=a.asn1,f=g.DERSequence,i=g.DERObjectIdentifier,d=g.x509,j=d.AlgorithmIdentifier,c=g.cades,h=c.SignaturePolicyId,b=c.OtherHashAlgAndValue;h.superclass.constructor.call(this);this.params=null;this.tohex=function(){var m=this.params;var k=[];k.push(new i(m.oid));k.push(new b(m));var l=new f({array:k});return l.tohex()};this.getEncodedHex=function(){return this.tohex()};this.setByParam=function(k){this.params=k};if(e!=undefined){this.setByParam(e)}};extendClass(KJUR.asn1.cades.SignaturePolicyId,KJUR.asn1.ASN1Object);KJUR.asn1.cades.OtherHashAlgAndValue=function(e){var h=Error,a=KJUR,g=a.asn1,f=g.DERSequence,i=g.DEROctetString,d=g.x509,j=d.AlgorithmIdentifier,c=g.cades,b=c.OtherHashAlgAndValue;b.superclass.constructor.call(this);this.params=null;this.tohex=function(){var o=this.params;if(o.alg==undefined){throw new h("property 'alg' not specified")}if(o.hash==undefined&&o.cert==undefined){throw new h("property 'hash' nor 'cert' not specified")}var m=null;if(o.hash!=undefined){m=o.hash}else{if(o.cert!=undefined){if(typeof o.cert!="string"){throw new h("cert not string")}var n=o.cert;if(o.cert.indexOf("-----BEGIN")!=-1){n=pemtohex(o.cert)}m=KJUR.crypto.Util.hashHex(n,o.alg)}}var k=[];k.push(new j({name:o.alg}));k.push(new i({hex:m}));var l=new f({array:k});return l.tohex()};this.getEncodedHex=function(){return this.tohex()};if(e!=undefined){this.setByParam(e)}};extendClass(KJUR.asn1.cades.OtherHashAlgAndValue,KJUR.asn1.ASN1Object);KJUR.asn1.cades.OtherHashValue=function(g){KJUR.asn1.cades.OtherHashValue.superclass.constructor.call(this);var d=Error,c=KJUR,f=c.lang.String.isHex,b=c.asn1,e=b.DEROctetString,a=c.crypto.Util.hashHex;this.params=null;this.tohex=function(){var j=this.params;if(j.hash==undefined&&j.cert==undefined){throw new d("hash or cert not specified")}var h=null;if(j.hash!=undefined){h=j.hash}else{if(j.cert!=undefined){if(typeof j.cert!="string"){throw new d("cert not string")}var i=j.cert;if(j.cert.indexOf("-----BEGIN")!=-1){i=pemtohex(j.cert)}h=KJUR.crypto.Util.hashHex(i,"sha1")}}return(new e({hex:h})).tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!=undefined){this.setByParam(g)}};extendClass(KJUR.asn1.cades.OtherHashValue,KJUR.asn1.ASN1Object);KJUR.asn1.cades.SignatureTimeStamp=function(h){var d=Error,c=KJUR,f=c.lang.String.isHex,b=c.asn1,e=b.ASN1Object,g=b.x509,a=b.cades;a.SignatureTimeStamp.superclass.constructor.call(this);this.typeOid="1.2.840.113549.1.9.16.2.14";this.params=null;this.getValueArray=function(){var l=this.params;if(l.tst!=undefined){if(f(l.tst)){var j=new e();j.hTLV=l.tst;return[j]}else{if(l.tst instanceof e){return[l.tst]}else{throw new d("params.tst has wrong value")}}}else{if(l.res!=undefined){var k=l.res;if(k instanceof e){k=k.tohex()}if(typeof k!="string"||(!f(k))){throw new d("params.res has wrong value")}var i=ASN1HEX.getTLVbyList(k,0,[1]);var j=new e();j.hTLV=l.tst;return[j]}}};if(h!=null){this.setByParam(h)}};extendClass(KJUR.asn1.cades.SignatureTimeStamp,KJUR.asn1.cms.Attribute);KJUR.asn1.cades.CompleteCertificateRefs=function(h){var f=Error,e=KJUR,d=e.asn1,b=d.DERSequence,c=d.cades,a=c.OtherCertID,g=e.lang.String.isHex;c.CompleteCertificateRefs.superclass.constructor.call(this);this.typeOid="1.2.840.113549.1.9.16.2.21";this.params=null;this.getValueArray=function(){var o=this.params;var k=[];for(var m=0;m<o.array.length;m++){var n=o.array[m];if(typeof n=="string"){if(n.indexOf("-----BEGIN")!=-1){n={cert:n}}else{if(g(n)){n={hash:n}}else{throw new f("unsupported value: "+n)}}}if(o.alg!=undefined&&n.alg==undefined){n.alg=o.alg}if(o.hasis!=undefined&&n.hasis==undefined){n.hasis=o.hasis}var j=new a(n);k.push(j)}var l=new b({array:k});return[l]};if(h!=undefined){this.setByParam(h)}};extendClass(KJUR.asn1.cades.CompleteCertificateRefs,KJUR.asn1.cms.Attribute);KJUR.asn1.cades.OtherCertID=function(e){var a=KJUR,h=a.asn1,f=h.DERSequence,i=h.cms,g=i.IssuerSerial,c=h.cades,d=c.OtherHashValue,b=c.OtherHashAlgAndValue;c.OtherCertID.superclass.constructor.call(this);this.params=e;this.tohex=function(){var n=this.params;if(typeof n=="string"){if(n.indexOf("-----BEGIN")!=-1){n={cert:n}}else{if(_isHex(n)){n={hash:n}}}}var j=[];var m=null;if(n.alg!=undefined){m=new b(n)}else{m=new d(n)}j.push(m);if((n.cert!=undefined&&n.hasis==true)||(n.issuer!=undefined&&n.serial!=undefined)){var l=new g(n);j.push(l)}var k=new f({array:j});return k.tohex()};this.getEncodedHex=function(){return this.tohex()};if(e!=undefined){this.setByParam(e)}};extendClass(KJUR.asn1.cades.OtherCertID,KJUR.asn1.ASN1Object);KJUR.asn1.cades.OtherHash=function(g){var i=Error,a=KJUR,h=a.asn1,j=h.cms,c=h.cades,b=c.OtherHashAlgAndValue,e=c.OtherHashValue,d=a.crypto.Util.hashHex,f=a.lang.String.isHex;c.OtherHash.superclass.constructor.call(this);this.params=null;this.tohex=function(){var l=this.params;if(typeof l=="string"){if(l.indexOf("-----BEGIN")!=-1){l={cert:l}}else{if(f(l)){l={hash:l}}}}var k=null;if(l.alg!=undefined){k=new b(l)}else{k=new e(l)}return k.tohex()};this.getEncodedHex=function(){return this.tohex()};if(g!=undefined){this.setByParam(g)}};extendClass(KJUR.asn1.cades.OtherHash,KJUR.asn1.ASN1Object);KJUR.asn1.cades.CAdESUtil=new function(){};KJUR.asn1.cades.CAdESUtil.parseSignedDataForAddingUnsigned=function(a){var c=new KJUR.asn1.cms.CMSParser();var b=c.getCMSSignedData(a);return b};KJUR.asn1.cades.CAdESUtil.parseSignerInfoForAddingUnsigned=function(g,q,c){var p=ASN1HEX,s=p.getChildIdx,a=p.getTLV,l=p.getV,v=KJUR,h=v.asn1,n=h.ASN1Object,j=h.cms,k=j.AttributeList,w=j.SignerInfo;var o={};var t=s(g,q);if(t.length!=6){throw"not supported items for SignerInfo (!=6)"}var d=t.shift();o.version=a(g,d);var e=t.shift();o.si=a(g,e);var m=t.shift();o.digalg=a(g,m);var f=t.shift();o.sattrs=a(g,f);var i=t.shift();o.sigalg=a(g,i);var b=t.shift();o.sig=a(g,b);o.sigval=l(g,b);var u=null;o.obj=new w();u=new n();u.hTLV=o.version;o.obj.dCMSVersion=u;u=new n();u.hTLV=o.si;o.obj.dSignerIdentifier=u;u=new n();u.hTLV=o.digalg;o.obj.dDigestAlgorithm=u;u=new n();u.hTLV=o.sattrs;o.obj.dSignedAttrs=u;u=new n();u.hTLV=o.sigalg;o.obj.dSigAlg=u;u=new n();u.hTLV=o.sig;o.obj.dSig=u;o.obj.dUnsignedAttrs=new k();return o};
@@ -238,7 +238,7 @@ if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.crypto=="undefined"||
 var KEYUTIL=function(){var d=function(p,r,q){return k(CryptoJS.AES,p,r,q)};var e=function(p,r,q){return k(CryptoJS.TripleDES,p,r,q)};var a=function(p,r,q){return k(CryptoJS.DES,p,r,q)};var k=function(s,x,u,q){var r=CryptoJS.enc.Hex.parse(x);var w=CryptoJS.enc.Hex.parse(u);var p=CryptoJS.enc.Hex.parse(q);var t={};t.key=w;t.iv=p;t.ciphertext=r;var v=s.decrypt(t,w,{iv:p});return CryptoJS.enc.Hex.stringify(v)};var l=function(p,r,q){return g(CryptoJS.AES,p,r,q)};var o=function(p,r,q){return g(CryptoJS.TripleDES,p,r,q)};var f=function(p,r,q){return g(CryptoJS.DES,p,r,q)};var g=function(t,y,v,q){var s=CryptoJS.enc.Hex.parse(y);var x=CryptoJS.enc.Hex.parse(v);var p=CryptoJS.enc.Hex.parse(q);var w=t.encrypt(s,x,{iv:p});var r=CryptoJS.enc.Hex.parse(w.toString());var u=CryptoJS.enc.Base64.stringify(r);return u};var i={"AES-256-CBC":{proc:d,eproc:l,keylen:32,ivlen:16},"AES-192-CBC":{proc:d,eproc:l,keylen:24,ivlen:16},"AES-128-CBC":{proc:d,eproc:l,keylen:16,ivlen:16},"DES-EDE3-CBC":{proc:e,eproc:o,keylen:24,ivlen:8},"DES-CBC":{proc:a,eproc:f,keylen:8,ivlen:8}};var c=function(p){return i[p]["proc"]};var m=function(p){var r=CryptoJS.lib.WordArray.random(p);var q=CryptoJS.enc.Hex.stringify(r);return q};var n=function(v){var w={};var q=v.match(new RegExp("DEK-Info: ([^,]+),([0-9A-Fa-f]+)","m"));if(q){w.cipher=q[1];w.ivsalt=q[2]}var p=v.match(new RegExp("-----BEGIN ([A-Z]+) PRIVATE KEY-----"));if(p){w.type=p[1]}var u=-1;var x=0;if(v.indexOf("\r\n\r\n")!=-1){u=v.indexOf("\r\n\r\n");x=2}if(v.indexOf("\n\n")!=-1){u=v.indexOf("\n\n");x=1}var t=v.indexOf("-----END");if(u!=-1&&t!=-1){var r=v.substring(u+x*2,t-x);r=r.replace(/\s+/g,"");w.data=r}return w};var j=function(q,y,p){var v=p.substring(0,16);var t=CryptoJS.enc.Hex.parse(v);var r=CryptoJS.enc.Utf8.parse(y);var u=i[q]["keylen"]+i[q]["ivlen"];var x="";var w=null;for(;;){var s=CryptoJS.algo.MD5.create();if(w!=null){s.update(w)}s.update(r);s.update(t);w=s.finalize();x=x+CryptoJS.enc.Hex.stringify(w);if(x.length>=u*2){break}}var z={};z.keyhex=x.substr(0,i[q]["keylen"]*2);z.ivhex=x.substr(i[q]["keylen"]*2,i[q]["ivlen"]*2);return z};var b=function(p,v,r,w){var s=CryptoJS.enc.Base64.parse(p);var q=CryptoJS.enc.Hex.stringify(s);var u=i[v]["proc"];var t=u(q,r,w);return t};var h=function(p,s,q,u){var r=i[s]["eproc"];var t=r(p,q,u);return t};return{version:"1.0.0",parsePKCS5PEM:function(p){return n(p)},getKeyAndUnusedIvByPasscodeAndIvsalt:function(q,p,r){return j(q,p,r)},decryptKeyB64:function(p,r,q,s){return b(p,r,q,s)},getDecryptedKeyHex:function(y,x){var q=n(y);var t=q.type;var r=q.cipher;var p=q.ivsalt;var s=q.data;var w=j(r,x,p);var v=w.keyhex;var u=b(s,r,v,p);return u},getEncryptedPKCS5PEMFromPrvKeyHex:function(x,s,A,t,r){var p="";if(typeof t=="undefined"||t==null){t="AES-256-CBC"}if(typeof i[t]=="undefined"){throw new Error("KEYUTIL unsupported algorithm: "+t)}if(typeof r=="undefined"||r==null){var v=i[t]["ivlen"];var u=m(v);r=u.toUpperCase()}var z=j(t,A,r);var y=z.keyhex;var w=h(s,t,y,r);var q=w.replace(/(.{64})/g,"$1\r\n");var p="-----BEGIN "+x+" PRIVATE KEY-----\r\n";p+="Proc-Type: 4,ENCRYPTED\r\n";p+="DEK-Info: "+t+","+r+"\r\n";p+="\r\n";p+=q;p+="\r\n-----END "+x+" PRIVATE KEY-----\r\n";return p},parseHexOfEncryptedPKCS8:function(y){var B=ASN1HEX;var z=B.getChildIdx;var w=B.getV;var t={};var r=z(y,0);if(r.length!=2){throw new Error("malformed format: SEQUENCE(0).items != 2: "+r.length)}t.ciphertext=w(y,r[1]);var A=z(y,r[0]);if(A.length!=2){throw new Error("malformed format: SEQUENCE(0.0).items != 2: "+A.length)}if(w(y,A[0])!="2a864886f70d01050d"){throw new Error("this only supports pkcs5PBES2")}var p=z(y,A[1]);if(A.length!=2){throw new Error("malformed format: SEQUENCE(0.0.1).items != 2: "+p.length)}var q=z(y,p[1]);if(q.length!=2){throw new Error("malformed format: SEQUENCE(0.0.1.1).items != 2: "+q.length)}if(w(y,q[0])!="2a864886f70d0307"){throw"this only supports TripleDES"}t.encryptionSchemeAlg="TripleDES";t.encryptionSchemeIV=w(y,q[1]);var s=z(y,p[0]);if(s.length!=2){throw new Error("malformed format: SEQUENCE(0.0.1.0).items != 2: "+s.length)}if(w(y,s[0])!="2a864886f70d01050c"){throw new Error("this only supports pkcs5PBKDF2")}var x=z(y,s[1]);if(x.length<2){throw new Error("malformed format: SEQUENCE(0.0.1.0.1).items < 2: "+x.length)}t.pbkdf2Salt=w(y,x[0]);var u=w(y,x[1]);try{t.pbkdf2Iter=parseInt(u,16)}catch(v){throw new Error("malformed format pbkdf2Iter: "+u)}return t},getPBKDF2KeyHexFromParam:function(u,p){var t=CryptoJS.enc.Hex.parse(u.pbkdf2Salt);var q=u.pbkdf2Iter;var s=CryptoJS.PBKDF2(p,t,{keySize:192/32,iterations:q});var r=CryptoJS.enc.Hex.stringify(s);return r},_getPlainPKCS8HexFromEncryptedPKCS8PEM:function(x,y){var r=pemtohex(x,"ENCRYPTED PRIVATE KEY");var p=this.parseHexOfEncryptedPKCS8(r);var u=KEYUTIL.getPBKDF2KeyHexFromParam(p,y);var v={};v.ciphertext=CryptoJS.enc.Hex.parse(p.ciphertext);var t=CryptoJS.enc.Hex.parse(u);var s=CryptoJS.enc.Hex.parse(p.encryptionSchemeIV);var w=CryptoJS.TripleDES.decrypt(v,t,{iv:s});var q=CryptoJS.enc.Hex.stringify(w);return q},getKeyFromEncryptedPKCS8PEM:function(s,q){var p=this._getPlainPKCS8HexFromEncryptedPKCS8PEM(s,q);var r=this.getKeyFromPlainPrivatePKCS8Hex(p);return r},parsePlainPrivatePKCS8Hex:function(s){var v=ASN1HEX;var u=v.getChildIdx;var t=v.getV;var q={};q.algparam=null;if(s.substr(0,2)!="30"){throw new Error("malformed plain PKCS8 private key(code:001)")}var r=u(s,0);if(r.length<3){throw new Error("malformed plain PKCS8 private key(code:002)")}if(s.substr(r[1],2)!="30"){throw new Error("malformed PKCS8 private key(code:003)")}var p=u(s,r[1]);if(p.length!=2){throw new Error("malformed PKCS8 private key(code:004)")}if(s.substr(p[0],2)!="06"){throw new Error("malformed PKCS8 private key(code:005)")}q.algoid=t(s,p[0]);if(s.substr(p[1],2)=="06"){q.algparam=t(s,p[1])}if(s.substr(r[2],2)!="04"){throw new Error("malformed PKCS8 private key(code:006)")}q.keyidx=v.getVidx(s,r[2]);return q},getKeyFromPlainPrivatePKCS8PEM:function(q){var p=pemtohex(q,"PRIVATE KEY");var r=this.getKeyFromPlainPrivatePKCS8Hex(p);return r},getKeyFromPlainPrivatePKCS8Hex:function(p){var q=this.parsePlainPrivatePKCS8Hex(p);var r;if(q.algoid=="2a864886f70d010101"){r=new RSAKey()}else{if(q.algoid=="2a8648ce380401"){r=new KJUR.crypto.DSA()}else{if(q.algoid=="2a8648ce3d0201"){r=new KJUR.crypto.ECDSA()}else{throw new Error("unsupported private key algorithm")}}}r.readPKCS8PrvKeyHex(p);return r},_getKeyFromPublicPKCS8Hex:function(q){var p;var r=ASN1HEX.getVbyList(q,0,[0,0],"06");if(r==="2a864886f70d010101"){p=new RSAKey()}else{if(r==="2a8648ce380401"){p=new KJUR.crypto.DSA()}else{if(r==="2a8648ce3d0201"){p=new KJUR.crypto.ECDSA()}else{throw new Error("unsupported PKCS#8 public key hex")}}}p.readPKCS8PubKeyHex(q);return p},parsePublicRawRSAKeyHex:function(r){var u=ASN1HEX;var t=u.getChildIdx;var s=u.getV;var p={};if(r.substr(0,2)!="30"){throw new Error("malformed RSA key(code:001)")}var q=t(r,0);if(q.length!=2){throw new Error("malformed RSA key(code:002)")}if(r.substr(q[0],2)!="02"){throw new Error("malformed RSA key(code:003)")}p.n=s(r,q[0]);if(r.substr(q[1],2)!="02"){throw new Error("malformed RSA key(code:004)")}p.e=s(r,q[1]);return p},parsePublicPKCS8Hex:function(t){var v=ASN1HEX;var u=v.getChildIdx;var s=v.getV;var q={};q.algparam=null;var r=u(t,0);if(r.length!=2){throw new Error("outer DERSequence shall have 2 elements: "+r.length)}var w=r[0];if(t.substr(w,2)!="30"){throw new Error("malformed PKCS8 public key(code:001)")}var p=u(t,w);if(p.length!=2){throw new Error("malformed PKCS8 public key(code:002)")}if(t.substr(p[0],2)!="06"){throw new Error("malformed PKCS8 public key(code:003)")}q.algoid=s(t,p[0]);if(t.substr(p[1],2)=="06"){q.algparam=s(t,p[1])}else{if(t.substr(p[1],2)=="30"){q.algparam={};q.algparam.p=v.getVbyList(t,p[1],[0],"02");q.algparam.q=v.getVbyList(t,p[1],[1],"02");q.algparam.g=v.getVbyList(t,p[1],[2],"02")}}if(t.substr(r[1],2)!="03"){throw new Error("malformed PKCS8 public key(code:004)")}q.key=s(t,r[1]).substr(2);return q},}}();KEYUTIL.getKey=function(l,k,n){var G=ASN1HEX,L=G.getChildIdx,v=G.getV,d=G.getVbyList,c=KJUR.crypto,i=c.ECDSA,C=c.DSA,w=RSAKey,M=pemtohex,F=KEYUTIL;if(typeof w!="undefined"&&l instanceof w){return l}if(typeof i!="undefined"&&l instanceof i){return l}if(typeof C!="undefined"&&l instanceof C){return l}if(l.curve!==undefined&&l.xy!==undefined&&l.d===undefined){return new i({pub:l.xy,curve:l.curve})}if(l.curve!==undefined&&l.d!==undefined){return new i({prv:l.d,curve:l.curve})}if(l.kty===undefined&&l.n!==undefined&&l.e!==undefined&&l.d===undefined){var P=new w();P.setPublic(l.n,l.e);return P}if(l.kty===undefined&&l.n!==undefined&&l.e!==undefined&&l.d!==undefined&&l.p!==undefined&&l.q!==undefined&&l.dp!==undefined&&l.dq!==undefined&&l.co!==undefined&&l.qi===undefined){var P=new w();P.setPrivateEx(l.n,l.e,l.d,l.p,l.q,l.dp,l.dq,l.co);return P}if(l.kty===undefined&&l.n!==undefined&&l.e!==undefined&&l.d!==undefined&&l.p===undefined){var P=new w();P.setPrivate(l.n,l.e,l.d);return P}if(l.p!==undefined&&l.q!==undefined&&l.g!==undefined&&l.y!==undefined&&l.x===undefined){var P=new C();P.setPublic(l.p,l.q,l.g,l.y);return P}if(l.p!==undefined&&l.q!==undefined&&l.g!==undefined&&l.y!==undefined&&l.x!==undefined){var P=new C();P.setPrivate(l.p,l.q,l.g,l.y,l.x);return P}if(l.kty==="RSA"&&l.n!==undefined&&l.e!==undefined&&l.d===undefined){var P=new w();P.setPublic(b64utohex(l.n),b64utohex(l.e));return P}if(l.kty==="RSA"&&l.n!==undefined&&l.e!==undefined&&l.d!==undefined&&l.p!==undefined&&l.q!==undefined&&l.dp!==undefined&&l.dq!==undefined&&l.qi!==undefined){var P=new w();P.setPrivateEx(b64utohex(l.n),b64utohex(l.e),b64utohex(l.d),b64utohex(l.p),b64utohex(l.q),b64utohex(l.dp),b64utohex(l.dq),b64utohex(l.qi));return P}if(l.kty==="RSA"&&l.n!==undefined&&l.e!==undefined&&l.d!==undefined){var P=new w();P.setPrivate(b64utohex(l.n),b64utohex(l.e),b64utohex(l.d));return P}if(l.kty==="EC"&&l.crv!==undefined&&l.x!==undefined&&l.y!==undefined&&l.d===undefined){var j=new i({curve:l.crv});var t=j.ecparams.keycharlen;var B=("0000000000"+b64utohex(l.x)).slice(-t);var z=("0000000000"+b64utohex(l.y)).slice(-t);var u="04"+B+z;j.setPublicKeyHex(u);return j}if(l.kty==="EC"&&l.crv!==undefined&&l.x!==undefined&&l.y!==undefined&&l.d!==undefined){var j=new i({curve:l.crv});var t=j.ecparams.keycharlen;var B=("0000000000"+b64utohex(l.x)).slice(-t);var z=("0000000000"+b64utohex(l.y)).slice(-t);var u="04"+B+z;var b=("0000000000"+b64utohex(l.d)).slice(-t);j.setPublicKeyHex(u);j.setPrivateKeyHex(b);return j}if(n==="pkcs5prv"){var J=l,G=ASN1HEX,N,P;N=L(J,0);if(N.length===9){P=new w();P.readPKCS5PrvKeyHex(J)}else{if(N.length===6){P=new C();P.readPKCS5PrvKeyHex(J)}else{if(N.length>2&&J.substr(N[1],2)==="04"){P=new i();P.readPKCS5PrvKeyHex(J)}else{throw new Error("unsupported PKCS#1/5 hexadecimal key")}}}return P}if(n==="pkcs8prv"){var P=F.getKeyFromPlainPrivatePKCS8Hex(l);return P}if(n==="pkcs8pub"){return F._getKeyFromPublicPKCS8Hex(l)}if(n==="x509pub"){return X509.getPublicKeyFromCertHex(l)}if(l.indexOf("-END CERTIFICATE-",0)!=-1||l.indexOf("-END X509 CERTIFICATE-",0)!=-1||l.indexOf("-END TRUSTED CERTIFICATE-",0)!=-1){return X509.getPublicKeyFromCertPEM(l)}if(l.indexOf("-END PUBLIC KEY-")!=-1){var O=pemtohex(l,"PUBLIC KEY");return F._getKeyFromPublicPKCS8Hex(O)}if(l.indexOf("-END RSA PRIVATE KEY-")!=-1&&l.indexOf("4,ENCRYPTED")==-1){var m=M(l,"RSA PRIVATE KEY");return F.getKey(m,null,"pkcs5prv")}if(l.indexOf("-END DSA PRIVATE KEY-")!=-1&&l.indexOf("4,ENCRYPTED")==-1){var I=M(l,"DSA PRIVATE KEY");var E=d(I,0,[1],"02");var D=d(I,0,[2],"02");var K=d(I,0,[3],"02");var r=d(I,0,[4],"02");var s=d(I,0,[5],"02");var P=new C();P.setPrivate(new BigInteger(E,16),new BigInteger(D,16),new BigInteger(K,16),new BigInteger(r,16),new BigInteger(s,16));return P}if(l.indexOf("-END EC PRIVATE KEY-")!=-1&&l.indexOf("4,ENCRYPTED")==-1){var m=M(l,"EC PRIVATE KEY");return F.getKey(m,null,"pkcs5prv")}if(l.indexOf("-END PRIVATE KEY-")!=-1){return F.getKeyFromPlainPrivatePKCS8PEM(l)}if(l.indexOf("-END RSA PRIVATE KEY-")!=-1&&l.indexOf("4,ENCRYPTED")!=-1){var o=F.getDecryptedKeyHex(l,k);var H=new RSAKey();H.readPKCS5PrvKeyHex(o);return H}if(l.indexOf("-END EC PRIVATE KEY-")!=-1&&l.indexOf("4,ENCRYPTED")!=-1){var I=F.getDecryptedKeyHex(l,k);var P=d(I,0,[1],"04");var f=d(I,0,[2,0],"06");var A=d(I,0,[3,0],"03").substr(2);var e="";if(KJUR.crypto.OID.oidhex2name[f]!==undefined){e=KJUR.crypto.OID.oidhex2name[f]}else{throw new Error("undefined OID(hex) in KJUR.crypto.OID: "+f)}var j=new i({curve:e});j.setPublicKeyHex(A);j.setPrivateKeyHex(P);j.isPublic=false;return j}if(l.indexOf("-END DSA PRIVATE KEY-")!=-1&&l.indexOf("4,ENCRYPTED")!=-1){var I=F.getDecryptedKeyHex(l,k);var E=d(I,0,[1],"02");var D=d(I,0,[2],"02");var K=d(I,0,[3],"02");var r=d(I,0,[4],"02");var s=d(I,0,[5],"02");var P=new C();P.setPrivate(new BigInteger(E,16),new BigInteger(D,16),new BigInteger(K,16),new BigInteger(r,16),new BigInteger(s,16));return P}if(l.indexOf("-END ENCRYPTED PRIVATE KEY-")!=-1){return F.getKeyFromEncryptedPKCS8PEM(l,k)}throw new Error("not supported argument")};KEYUTIL.generateKeypair=function(a,c){if(a=="RSA"){var b=c;var h=new RSAKey();h.generate(b,"10001");h.isPrivate=true;h.isPublic=true;var f=new RSAKey();var e=h.n.toString(16);var i=h.e.toString(16);f.setPublic(e,i);f.isPrivate=false;f.isPublic=true;var k={};k.prvKeyObj=h;k.pubKeyObj=f;return k}else{if(a=="EC"){var d=c;var g=new KJUR.crypto.ECDSA({curve:d});var j=g.generateKeyPairHex();var h=new KJUR.crypto.ECDSA({curve:d});h.setPublicKeyHex(j.ecpubhex);h.setPrivateKeyHex(j.ecprvhex);h.isPrivate=true;h.isPublic=false;var f=new KJUR.crypto.ECDSA({curve:d});f.setPublicKeyHex(j.ecpubhex);f.isPrivate=false;f.isPublic=true;var k={};k.prvKeyObj=h;k.pubKeyObj=f;return k}else{throw new Error("unknown algorithm: "+a)}}};KEYUTIL.getPEM=function(b,D,y,m,q,j){var F=KJUR,k=F.asn1,z=k.DERObjectIdentifier,f=k.DERInteger,l=k.ASN1Util.newObject,a=k.x509,C=a.SubjectPublicKeyInfo,e=F.crypto,u=e.DSA,r=e.ECDSA,n=RSAKey;function A(s){var H=l({seq:[{"int":0},{"int":{bigint:s.n}},{"int":s.e},{"int":{bigint:s.d}},{"int":{bigint:s.p}},{"int":{bigint:s.q}},{"int":{bigint:s.dmp1}},{"int":{bigint:s.dmq1}},{"int":{bigint:s.coeff}}]});return H}function B(H){var s=l({seq:[{"int":1},{octstr:{hex:H.prvKeyHex}},{tag:["a0",true,{oid:{name:H.curveName}}]},{tag:["a1",true,{bitstr:{hex:"00"+H.pubKeyHex}}]}]});return s}function x(s){var H=l({seq:[{"int":0},{"int":{bigint:s.p}},{"int":{bigint:s.q}},{"int":{bigint:s.g}},{"int":{bigint:s.y}},{"int":{bigint:s.x}}]});return H}if(((n!==undefined&&b instanceof n)||(u!==undefined&&b instanceof u)||(r!==undefined&&b instanceof r))&&b.isPublic==true&&(D===undefined||D=="PKCS8PUB")){var E=new C(b);var w=E.tohex();return hextopem(w,"PUBLIC KEY")}if(D=="PKCS1PRV"&&n!==undefined&&b instanceof n&&(y===undefined||y==null)&&b.isPrivate==true){var E=A(b);var w=E.tohex();return hextopem(w,"RSA PRIVATE KEY")}if(D=="PKCS1PRV"&&r!==undefined&&b instanceof r&&(y===undefined||y==null)&&b.isPrivate==true){var i=new z({name:b.curveName});var v=i.tohex();var h=B(b);var t=h.tohex();var p="";p+=hextopem(v,"EC PARAMETERS");p+=hextopem(t,"EC PRIVATE KEY");return p}if(D=="PKCS1PRV"&&u!==undefined&&b instanceof u&&(y===undefined||y==null)&&b.isPrivate==true){var E=x(b);var w=E.tohex();return hextopem(w,"DSA PRIVATE KEY")}if(D=="PKCS5PRV"&&n!==undefined&&b instanceof n&&(y!==undefined&&y!=null)&&b.isPrivate==true){var E=A(b);var w=E.tohex();if(m===undefined){m="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA",w,y,m,j)}if(D=="PKCS5PRV"&&r!==undefined&&b instanceof r&&(y!==undefined&&y!=null)&&b.isPrivate==true){var E=B(b);var w=E.tohex();if(m===undefined){m="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("EC",w,y,m,j)}if(D=="PKCS5PRV"&&u!==undefined&&b instanceof u&&(y!==undefined&&y!=null)&&b.isPrivate==true){var E=x(b);var w=E.tohex();if(m===undefined){m="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("DSA",w,y,m,j)}var o=function(H,s){var J=c(H,s);var I=new l({seq:[{seq:[{oid:{name:"pkcs5PBES2"}},{seq:[{seq:[{oid:{name:"pkcs5PBKDF2"}},{seq:[{octstr:{hex:J.pbkdf2Salt}},{"int":J.pbkdf2Iter}]}]},{seq:[{oid:{name:"des-EDE3-CBC"}},{octstr:{hex:J.encryptionSchemeIV}}]}]}]},{octstr:{hex:J.ciphertext}}]});return I.tohex()};var c=function(O,P){var I=100;var N=CryptoJS.lib.WordArray.random(8);var M="DES-EDE3-CBC";var s=CryptoJS.lib.WordArray.random(8);var J=CryptoJS.PBKDF2(P,N,{keySize:192/32,iterations:I});var K=CryptoJS.enc.Hex.parse(O);var L=CryptoJS.TripleDES.encrypt(K,J,{iv:s})+"";var H={};H.ciphertext=L;H.pbkdf2Salt=CryptoJS.enc.Hex.stringify(N);H.pbkdf2Iter=I;H.encryptionSchemeAlg=M;H.encryptionSchemeIV=CryptoJS.enc.Hex.stringify(s);return H};if(D=="PKCS8PRV"&&n!=undefined&&b instanceof n&&b.isPrivate==true){var g=A(b);var d=g.tohex();var E=l({seq:[{"int":0},{seq:[{oid:{name:"rsaEncryption"}},{"null":true}]},{octstr:{hex:d}}]});var w=E.tohex();if(y===undefined||y==null){return hextopem(w,"PRIVATE KEY")}else{var t=o(w,y);return hextopem(t,"ENCRYPTED PRIVATE KEY")}}if(D=="PKCS8PRV"&&r!==undefined&&b instanceof r&&b.isPrivate==true){var G={seq:[{"int":1},{octstr:{hex:b.prvKeyHex}}]};if(typeof b.pubKeyHex=="string"){G.seq.push({tag:["a1",true,{bitstr:{hex:"00"+b.pubKeyHex}}]})}var g=new l(G);var d=g.tohex();var E=l({seq:[{"int":0},{seq:[{oid:{name:"ecPublicKey"}},{oid:{name:b.curveName}}]},{octstr:{hex:d}}]});var w=E.tohex();if(y===undefined||y==null){return hextopem(w,"PRIVATE KEY")}else{var t=o(w,y);return hextopem(t,"ENCRYPTED PRIVATE KEY")}}if(D=="PKCS8PRV"&&u!==undefined&&b instanceof u&&b.isPrivate==true){var g=new f({bigint:b.x});var d=g.tohex();var E=l({seq:[{"int":0},{seq:[{oid:{name:"dsa"}},{seq:[{"int":{bigint:b.p}},{"int":{bigint:b.q}},{"int":{bigint:b.g}}]}]},{octstr:{hex:d}}]});var w=E.tohex();if(y===undefined||y==null){return hextopem(w,"PRIVATE KEY")}else{var t=o(w,y);return hextopem(t,"ENCRYPTED PRIVATE KEY")}}throw new Error("unsupported object nor format")};KEYUTIL.getKeyFromCSRPEM=function(b){var a=pemtohex(b,"CERTIFICATE REQUEST");var c=KEYUTIL.getKeyFromCSRHex(a);return c};KEYUTIL.getKeyFromCSRHex=function(a){var c=KEYUTIL.parseCSRHex(a);var b=KEYUTIL.getKey(c.p8pubkeyhex,null,"pkcs8pub");return b};KEYUTIL.parseCSRHex=function(d){var i=ASN1HEX;var f=i.getChildIdx;var c=i.getTLV;var b={};var g=d;if(g.substr(0,2)!="30"){throw new Error("malformed CSR(code:001)")}var e=f(g,0);if(e.length<1){throw new Error("malformed CSR(code:002)")}if(g.substr(e[0],2)!="30"){throw new Error("malformed CSR(code:003)")}var a=f(g,e[0]);if(a.length<3){throw new Error("malformed CSR(code:004)")}b.p8pubkeyhex=c(g,a[2]);return b};KEYUTIL.getKeyID=function(f){var c=KEYUTIL;var e=ASN1HEX;if(typeof f==="string"&&f.indexOf("BEGIN ")!=-1){f=c.getKey(f)}var d=pemtohex(c.getPEM(f));var b=e.getIdxbyList(d,0,[1]);var a=e.getV(d,b).substring(2);return KJUR.crypto.Util.hashHex(a,"sha1")};KEYUTIL.getJWK=function(d,h,g,b,f){var i;var k={};var e;var c=KJUR.crypto.Util.hashHex;if(typeof d=="string"){i=KEYUTIL.getKey(d);if(d.indexOf("CERTIFICATE")!=-1){e=pemtohex(d)}}else{if(typeof d=="object"){if(d instanceof X509){i=d.getPublicKey();e=d.hex}else{i=d}}else{throw new Error("unsupported keyinfo type")}}if(i instanceof RSAKey&&i.isPrivate){k.kty="RSA";k.n=hextob64u(i.n.toString(16));k.e=hextob64u(i.e.toString(16));k.d=hextob64u(i.d.toString(16));k.p=hextob64u(i.p.toString(16));k.q=hextob64u(i.q.toString(16));k.dp=hextob64u(i.dmp1.toString(16));k.dq=hextob64u(i.dmq1.toString(16));k.qi=hextob64u(i.coeff.toString(16))}else{if(i instanceof RSAKey&&i.isPublic){k.kty="RSA";k.n=hextob64u(i.n.toString(16));k.e=hextob64u(i.e.toString(16))}else{if(i instanceof KJUR.crypto.ECDSA&&i.isPrivate){var a=i.getShortNISTPCurveName();if(a!=="P-256"&&a!=="P-384"&&a!=="P-521"){throw new Error("unsupported curve name for JWT: "+a)}var j=i.getPublicKeyXYHex();k.kty="EC";k.crv=a;k.x=hextob64u(j.x);k.y=hextob64u(j.y);k.d=hextob64u(i.prvKeyHex)}else{if(i instanceof KJUR.crypto.ECDSA&&i.isPublic){var a=i.getShortNISTPCurveName();if(a!=="P-256"&&a!=="P-384"&&a!=="P-521"){throw new Error("unsupported curve name for JWT: "+a)}var j=i.getPublicKeyXYHex();k.kty="EC";k.crv=a;k.x=hextob64u(j.x);k.y=hextob64u(j.y)}}}}if(k.kty==undefined){throw new Error("unsupported keyinfo")}if((!i.isPrivate)&&h!=true){k.kid=KJUR.jws.JWS.getJWKthumbprint(k)}if(e!=undefined&&g!=true){k.x5c=[hex2b64(e)]}if(e!=undefined&&b!=true){k.x5t=b64tob64u(hex2b64(c(e,"sha1")))}if(e!=undefined&&f!=true){k["x5t#S256"]=b64tob64u(hex2b64(c(e,"sha256")))}return k};KEYUTIL.getJWKFromKey=function(a){return KEYUTIL.getJWK(a,true,true,true,true)};
 RSAKey.getPosArrayOfChildrenFromHex=function(a){return ASN1HEX.getChildIdx(a,0)};RSAKey.getHexValueArrayOfChildrenFromHex=function(f){var n=ASN1HEX;var i=n.getV;var k=RSAKey.getPosArrayOfChildrenFromHex(f);var e=i(f,k[0]);var j=i(f,k[1]);var b=i(f,k[2]);var c=i(f,k[3]);var h=i(f,k[4]);var g=i(f,k[5]);var m=i(f,k[6]);var l=i(f,k[7]);var d=i(f,k[8]);var k=new Array();k.push(e,j,b,c,h,g,m,l,d);return k};RSAKey.prototype.readPrivateKeyFromPEMString=function(d){var c=pemtohex(d);var b=RSAKey.getHexValueArrayOfChildrenFromHex(c);this.setPrivateEx(b[1],b[2],b[3],b[4],b[5],b[6],b[7],b[8])};RSAKey.prototype.readPKCS5PrvKeyHex=function(c){var b=RSAKey.getHexValueArrayOfChildrenFromHex(c);this.setPrivateEx(b[1],b[2],b[3],b[4],b[5],b[6],b[7],b[8])};RSAKey.prototype.readPKCS8PrvKeyHex=function(e){var c,i,k,b,a,f,d,j;var m=ASN1HEX;var l=m.getVbyListEx;if(m.isASN1HEX(e)===false){throw new Error("not ASN.1 hex string")}try{c=l(e,0,[2,0,1],"02");i=l(e,0,[2,0,2],"02");k=l(e,0,[2,0,3],"02");b=l(e,0,[2,0,4],"02");a=l(e,0,[2,0,5],"02");f=l(e,0,[2,0,6],"02");d=l(e,0,[2,0,7],"02");j=l(e,0,[2,0,8],"02")}catch(g){throw new Error("malformed PKCS#8 plain RSA private key")}this.setPrivateEx(c,i,k,b,a,f,d,j)};RSAKey.prototype.readPKCS5PubKeyHex=function(c){var e=ASN1HEX;var b=e.getV;if(e.isASN1HEX(c)===false){throw new Error("keyHex is not ASN.1 hex string")}var a=e.getChildIdx(c,0);if(a.length!==2||c.substr(a[0],2)!=="02"||c.substr(a[1],2)!=="02"){throw new Error("wrong hex for PKCS#5 public key")}var f=b(c,a[0]);var d=b(c,a[1]);this.setPublic(f,d)};RSAKey.prototype.readPKCS8PubKeyHex=function(b){var c=ASN1HEX;if(c.isASN1HEX(b)===false){throw new Error("not ASN.1 hex string")}if(c.getTLVbyListEx(b,0,[0,0])!=="06092a864886f70d010101"){throw new Error("not PKCS8 RSA public key")}var a=c.getTLVbyListEx(b,0,[1,0]);this.readPKCS5PubKeyHex(a)};RSAKey.prototype.readCertPubKeyHex=function(b,d){var a,c;a=new X509();a.readCertHex(b);c=a.getPublicKeyHex();this.readPKCS8PubKeyHex(c)};
 var _RE_HEXDECONLY=new RegExp("[^0-9a-f]","gi");function _rsasign_getHexPaddedDigestInfoForString(d,e,a){var b=function(f){return KJUR.crypto.Util.hashString(f,a)};var c=b(d);return KJUR.crypto.Util.getPaddedDigestInfoHex(c,a,e)}function _zeroPaddingOfSignature(e,d){var c="";var a=d/4-e.length;for(var b=0;b<a;b++){c=c+"0"}return c+e}RSAKey.prototype.sign=function(d,a){var b=function(e){return KJUR.crypto.Util.hashString(e,a)};var c=b(d);return this.signWithMessageHash(c,a)};RSAKey.prototype.signWithMessageHash=function(e,c){var f=KJUR.crypto.Util.getPaddedDigestInfoHex(e,c,this.n.bitLength());var b=parseBigInt(f,16);var d=this.doPrivate(b);var a=d.toString(16);return _zeroPaddingOfSignature(a,this.n.bitLength())};function pss_mgf1_str(c,a,e){var b="",d=0;while(b.length<a){b+=hextorstr(e(rstrtohex(c+String.fromCharCode.apply(String,[(d&4278190080)>>24,(d&16711680)>>16,(d&65280)>>8,d&255]))));d+=1}return b}RSAKey.prototype.signPSS=function(e,a,d){var c=function(f){return KJUR.crypto.Util.hashHex(f,a)};var b=c(rstrtohex(e));if(d===undefined){d=-1}return this.signWithMessageHashPSS(b,a,d)};RSAKey.prototype.signWithMessageHashPSS=function(l,a,k){var b=hextorstr(l);var g=b.length;var m=this.n.bitLength()-1;var c=Math.ceil(m/8);var d;var o=function(i){return KJUR.crypto.Util.hashHex(i,a)};if(k===-1||k===undefined){k=g}else{if(k===-2){k=c-g-2}else{if(k<-2){throw new Error("invalid salt length")}}}if(c<(g+k+2)){throw new Error("data too long")}var f="";if(k>0){f=new Array(k);new SecureRandom().nextBytes(f);f=String.fromCharCode.apply(String,f)}var n=hextorstr(o(rstrtohex("\x00\x00\x00\x00\x00\x00\x00\x00"+b+f)));var j=[];for(d=0;d<c-k-g-2;d+=1){j[d]=0}var e=String.fromCharCode.apply(String,j)+"\x01"+f;var h=pss_mgf1_str(n,e.length,o);var q=[];for(d=0;d<e.length;d+=1){q[d]=e.charCodeAt(d)^h.charCodeAt(d)}var p=(65280>>(8*c-m))&255;q[0]&=~p;for(d=0;d<g;d++){q.push(n.charCodeAt(d))}q.push(188);return _zeroPaddingOfSignature(this.doPrivate(new BigInteger(q)).toString(16),this.n.bitLength())};function _rsasign_getDecryptSignatureBI(a,d,c){var b=new RSAKey();b.setPublic(d,c);var e=b.doPublic(a);return e}function _rsasign_getHexDigestInfoFromSig(a,c,b){var e=_rsasign_getDecryptSignatureBI(a,c,b);var d=e.toString(16).replace(/^1f+00/,"");return d}function _rsasign_getAlgNameAndHashFromHexDisgestInfo(f){for(var e in KJUR.crypto.Util.DIGESTINFOHEAD){var d=KJUR.crypto.Util.DIGESTINFOHEAD[e];var b=d.length;if(f.substring(0,b)==d){var c=[e,f.substring(b)];return c}}return[]}RSAKey.prototype.verify=function(f,l){l=l.toLowerCase();if(l.match(/^[0-9a-f]+$/)==null){return false}var b=parseBigInt(l,16);var k=this.n.bitLength();if(b.bitLength()>k){return false}var j=this.doPublic(b);var i=j.toString(16);if(i.length+3!=k/4){return false}var e=i.replace(/^1f+00/,"");var g=_rsasign_getAlgNameAndHashFromHexDisgestInfo(e);if(g.length==0){return false}var d=g[0];var h=g[1];var a=function(m){return KJUR.crypto.Util.hashString(m,d)};var c=a(f);return(h==c)};RSAKey.prototype.verifyWithMessageHash=function(e,a){if(a.length!=Math.ceil(this.n.bitLength()/4)){return false}var b=parseBigInt(a,16);if(b.bitLength()>this.n.bitLength()){return 0}var h=this.doPublic(b);var g=h.toString(16).replace(/^1f+00/,"");var c=_rsasign_getAlgNameAndHashFromHexDisgestInfo(g);if(c.length==0){return false}var d=c[0];var f=c[1];return(f==e)};RSAKey.prototype.verifyPSS=function(c,b,a,f){var e=function(g){return KJUR.crypto.Util.hashHex(g,a)};var d=e(rstrtohex(c));if(f===undefined){f=-1}return this.verifyWithMessageHashPSS(d,b,a,f)};RSAKey.prototype.verifyWithMessageHashPSS=function(f,s,l,c){if(s.length!=Math.ceil(this.n.bitLength()/4)){return false}var k=new BigInteger(s,16);var r=function(i){return KJUR.crypto.Util.hashHex(i,l)};var j=hextorstr(f);var h=j.length;var g=this.n.bitLength()-1;var m=Math.ceil(g/8);var q;if(c===-1||c===undefined){c=h}else{if(c===-2){c=m-h-2}else{if(c<-2){throw new Error("invalid salt length")}}}if(m<(h+c+2)){throw new Error("data too long")}var a=this.doPublic(k).toByteArray();for(q=0;q<a.length;q+=1){a[q]&=255}while(a.length<m){a.unshift(0)}if(a[m-1]!==188){throw new Error("encoded message does not end in 0xbc")}a=String.fromCharCode.apply(String,a);var d=a.substr(0,m-h-1);var e=a.substr(d.length,h);var p=(65280>>(8*m-g))&255;if((d.charCodeAt(0)&p)!==0){throw new Error("bits beyond keysize not zero")}var n=pss_mgf1_str(e,d.length,r);var o=[];for(q=0;q<d.length;q+=1){o[q]=d.charCodeAt(q)^n.charCodeAt(q)}o[0]&=~p;var b=m-h-c-2;for(q=0;q<b;q+=1){if(o[q]!==0){throw new Error("leftmost octets not zero")}}if(o[b]!==1){throw new Error("0x01 marker not found")}return e===hextorstr(r(rstrtohex("\x00\x00\x00\x00\x00\x00\x00\x00"+j+String.fromCharCode.apply(String,o.slice(-c)))))};RSAKey.SALT_LEN_HLEN=-1;RSAKey.SALT_LEN_MAX=-2;RSAKey.SALT_LEN_RECOVER=-2;
-function X509(u){var n=ASN1HEX,r=n.getChildIdx,k=n.getV,x=n.dump,j=n.parse,b=n.getTLV,c=n.getVbyList,o=n.getVbyListEx,a=n.getTLVbyList,p=n.getTLVbyListEx,l=n.getIdxbyList,f=n.getIdxbyListEx,m=n.getVidx,w=n.getInt,t=n.oidname,q=n.hextooidstr,d=X509,v=pemtohex,g;try{g=KJUR.asn1.x509.AlgorithmIdentifier.PSSNAME2ASN1TLV}catch(s){}this.HEX2STAG={"0c":"utf8","13":"prn","16":"ia5","1a":"vis","1e":"bmp"};this.hex=null;this.version=0;this.foffset=0;this.aExtInfo=null;this.getVersion=function(){if(this.hex===null||this.version!==0){return this.version}var z=a(this.hex,0,[0,0]);if(z.substr(0,2)=="a0"){var A=a(z,0,[0]);var y=w(A,0);if(y<0||2<y){throw new Error("malformed version field")}this.version=y+1;return this.version}else{this.version=1;this.foffset=-1;return 1}};this.getSerialNumberHex=function(){return o(this.hex,0,[0,0],"02")};this.getSignatureAlgorithmField=function(){var y=p(this.hex,0,[0,1]);return this.getAlgorithmIdentifierName(y)};this.getAlgorithmIdentifierName=function(y){for(var z in g){if(y===g[z]){return z}}return t(o(y,0,[0],"06"))};this.getIssuer=function(){return this.getX500Name(this.getIssuerHex())};this.getIssuerHex=function(){return a(this.hex,0,[0,3+this.foffset],"30")};this.getIssuerString=function(){var y=this.getIssuer();return y.str};this.getSubject=function(){return this.getX500Name(this.getSubjectHex())};this.getSubjectHex=function(){return a(this.hex,0,[0,5+this.foffset],"30")};this.getSubjectString=function(){var y=this.getSubject();return y.str};this.getNotBefore=function(){var y=c(this.hex,0,[0,4+this.foffset,0]);y=y.replace(/(..)/g,"%$1");y=decodeURIComponent(y);return y};this.getNotAfter=function(){var y=c(this.hex,0,[0,4+this.foffset,1]);y=y.replace(/(..)/g,"%$1");y=decodeURIComponent(y);return y};this.getPublicKeyHex=function(){return this.getSPKI()};this.getSPKI=function(){return a(this.hex,0,[0,6+this.foffset],"30")};this.getSPKIValue=function(){var y=this.getSPKI();if(y==null){return null}return c(y,0,[1],"03",true)};this.getPublicKeyIdx=function(){return l(this.hex,0,[0,6+this.foffset],"30")};this.getPublicKeyContentIdx=function(){var y=this.getPublicKeyIdx();return l(this.hex,y,[1,0],"30")};this.getPublicKey=function(){return KEYUTIL.getKey(this.getPublicKeyHex(),null,"pkcs8pub")};this.getSignatureAlgorithmName=function(){var y=a(this.hex,0,[1],"30");return this.getAlgorithmIdentifierName(y)};this.getSignatureValueHex=function(){return c(this.hex,0,[2],"03",true)};this.verifySignature=function(A){var B=this.getSignatureAlgorithmField();var y=this.getSignatureValueHex();var z=a(this.hex,0,[0],"30");var C=new KJUR.crypto.Signature({alg:B});C.init(A);C.updateHex(z);return C.verify(y)};this.parseExt=function(H){var A,y,C;if(H===undefined){C=this.hex;if(this.version!==3){return -1}A=l(C,0,[0,7,0],"30");y=r(C,A)}else{C=pemtohex(H);var D=l(C,0,[0,3,0,0],"06");if(k(C,D)!="2a864886f70d01090e"){this.aExtInfo=new Array();return}A=l(C,0,[0,3,0,1,0],"30");y=r(C,A);this.hex=C}this.aExtInfo=new Array();for(var B=0;B<y.length;B++){var F={};F.critical=false;var E=r(C,y[B]);var z=0;if(E.length===3){F.critical=true;z=1}F.oid=n.hextooidstr(c(C,y[B],[0],"06"));var G=l(C,y[B],[1+z]);F.vidx=m(C,G);this.aExtInfo.push(F)}};this.getExtInfo=function(A){var y=this.aExtInfo;var B=A;if(!A.match(/^[0-9.]+$/)){B=KJUR.asn1.x509.OID.name2oid(A)}if(B===""){return undefined}for(var z=0;z<y.length;z++){if(y[z].oid===B){return y[z]}}return undefined};this.getExtBasicConstraints=function(z,D){if(z===undefined&&D===undefined){var B=this.getExtInfo("basicConstraints");if(B===undefined){return undefined}z=b(this.hex,B.vidx);D=B.critical}var y={extname:"basicConstraints"};if(D){y.critical=true}if(z==="3000"){return y}if(z==="30030101ff"){y.cA=true;return y}if(z.substr(0,12)==="30060101ff02"){var C=k(z,10);var A=parseInt(C,16);y.cA=true;y.pathLen=A;return y}throw new Error("hExtV parse error: "+z)};this.getExtNameConstraints=function(H,F){if(H===undefined&&F===undefined){var z=this.getExtInfo("nameConstraints");if(z===undefined){return undefined}H=b(this.hex,z.vidx);F=z.critical}var J={extname:"nameConstraints"};if(F){J.critical=true}var E=r(H,0);for(var C=0;C<E.length;C++){var D=[];var A=r(H,E[C]);for(var B=0;B<A.length;B++){var G=b(H,A[B]);var y=this.getGeneralSubtree(G);D.push(y)}var I=H.substr(E[C],2);if(I=="a0"){J.permit=D}else{if(I=="a1"){J.exclude=D}}}return J};this.getGeneralSubtree=function(E){var C=r(E,0);var B=C.length;if(B<1||2<B){throw new Error("wrong num elements")}var A=this.getGeneralName(b(E,C[0]));for(var D=1;D<B;D++){var z=E.substr(C[D],2);var y=k(E,C[D]);var F=parseInt(y,16);if(z=="80"){A.min=F}if(z=="81"){A.max=F}}return A};this.getExtKeyUsage=function(z,B){if(z===undefined&&B===undefined){var A=this.getExtInfo("keyUsage");if(A===undefined){return undefined}z=b(this.hex,A.vidx);B=A.critical}var y={extname:"keyUsage"};if(B){y.critical=true}y.names=this.getExtKeyUsageString(z).split(",");return y};this.getExtKeyUsageBin=function(z){if(z===undefined){var A=this.getExtInfo("keyUsage");if(A===undefined){return""}z=b(this.hex,A.vidx)}if(z.length!=8&&z.length!=10){throw new Error("malformed key usage value: "+z)}var y="000000000000000"+parseInt(z.substr(6),16).toString(2);if(z.length==8){y=y.slice(-8)}if(z.length==10){y=y.slice(-16)}y=y.replace(/0+$/,"");if(y==""){y="0"}return y};this.getExtKeyUsageString=function(A){var B=this.getExtKeyUsageBin(A);var y=new Array();for(var z=0;z<B.length;z++){if(B.substr(z,1)=="1"){y.push(X509.KEYUSAGE_NAME[z])}}return y.join(",")};this.getExtSubjectKeyIdentifier=function(A,C){if(A===undefined&&C===undefined){var B=this.getExtInfo("subjectKeyIdentifier");if(B===undefined){return undefined}A=b(this.hex,B.vidx);C=B.critical}var y={extname:"subjectKeyIdentifier"};if(C){y.critical=true}var z=k(A,0);y.kid={hex:z};return y};this.getExtAuthorityKeyIdentifier=function(E,C){if(E===undefined&&C===undefined){var y=this.getExtInfo("authorityKeyIdentifier");if(y===undefined){return undefined}E=b(this.hex,y.vidx);C=y.critical}var F={extname:"authorityKeyIdentifier"};if(C){F.critical=true}var D=r(E,0);for(var z=0;z<D.length;z++){var G=E.substr(D[z],2);if(G==="80"){F.kid={hex:k(E,D[z])}}if(G==="a1"){var B=b(E,D[z]);var A=this.getGeneralNames(B);F.issuer=A[0]["dn"]}if(G==="82"){F.sn={hex:k(E,D[z])}}}return F};this.getExtExtKeyUsage=function(B,D){if(B===undefined&&D===undefined){var C=this.getExtInfo("extKeyUsage");if(C===undefined){return undefined}B=b(this.hex,C.vidx);D=C.critical}var y={extname:"extKeyUsage",array:[]};if(D){y.critical=true}var z=r(B,0);for(var A=0;A<z.length;A++){y.array.push(t(k(B,z[A])))}return y};this.getExtExtKeyUsageName=function(){var C=this.getExtInfo("extKeyUsage");if(C===undefined){return C}var y=new Array();var B=b(this.hex,C.vidx);if(B===""){return y}var z=r(B,0);for(var A=0;A<z.length;A++){y.push(t(k(B,z[A])))}return y};this.getExtSubjectAltName=function(z,B){if(z===undefined&&B===undefined){var A=this.getExtInfo("subjectAltName");if(A===undefined){return undefined}z=b(this.hex,A.vidx);B=A.critical}var y={extname:"subjectAltName",array:[]};if(B){y.critical=true}y.array=this.getGeneralNames(z);return y};this.getExtIssuerAltName=function(z,B){if(z===undefined&&B===undefined){var A=this.getExtInfo("issuerAltName");if(A===undefined){return undefined}z=b(this.hex,A.vidx);B=A.critical}var y={extname:"issuerAltName",array:[]};if(B){y.critical=true}y.array=this.getGeneralNames(z);return y};this.getGeneralNames=function(C){var A=r(C,0);var y=[];for(var B=0;B<A.length;B++){var z=this.getGeneralName(b(C,A[B]));if(z!==undefined){y.push(z)}}return y};this.getGeneralName=function(z){var y=z.substr(0,2);var B=k(z,0);var A=hextorstr(B);if(y=="81"){return{rfc822:A}}if(y=="82"){return{dns:A}}if(y=="86"){return{uri:A}}if(y=="87"){return{ip:hextoip(B)}}if(y=="a4"){return{dn:this.getX500Name(B)}}if(y=="a0"){return{other:this.getOtherName(z)}}return undefined};this.getExtSubjectAltName2=function(){var C,F,E;var D=this.getExtInfo("subjectAltName");if(D===undefined){return D}var y=new Array();var B=b(this.hex,D.vidx);var z=r(B,0);for(var A=0;A<z.length;A++){E=B.substr(z[A],2);C=k(B,z[A]);if(E==="81"){F=hextoutf8(C);y.push(["MAIL",F])}if(E==="82"){F=hextoutf8(C);y.push(["DNS",F])}if(E==="84"){F=X509.hex2dn(C,0);y.push(["DN",F])}if(E==="86"){F=hextoutf8(C);y.push(["URI",F])}if(E==="87"){F=hextoip(C);y.push(["IP",F])}}return y};this.getExtCRLDistributionPoints=function(C,E){if(C===undefined&&E===undefined){var D=this.getExtInfo("cRLDistributionPoints");if(D===undefined){return undefined}C=b(this.hex,D.vidx);E=D.critical}var z={extname:"cRLDistributionPoints",array:[]};if(E){z.critical=true}var A=r(C,0);for(var B=0;B<A.length;B++){var y=b(C,A[B]);z.array.push(this.getDistributionPoint(y))}return z};this.getDistributionPoint=function(D){var A={};var B=r(D,0);for(var C=0;C<B.length;C++){var z=D.substr(B[C],2);var y=b(D,B[C]);if(z=="a0"){A.dpname=this.getDistributionPointName(y)}}return A};this.getDistributionPointName=function(D){var A={};var B=r(D,0);for(var C=0;C<B.length;C++){var z=D.substr(B[C],2);var y=b(D,B[C]);if(z=="a0"){A.full=this.getGeneralNames(y)}}return A};this.getExtCRLDistributionPointsURI=function(){var C=this.getExtCRLDistributionPoints();if(C==undefined){return C}var z=C.array;var y=[];for(var B=0;B<z.length;B++){try{if(z[B].dpname.full[0].uri!=undefined){y.push(z[B].dpname.full[0].uri)}}catch(A){}}return y};this.getExtAIAInfo=function(){var C=this.getExtInfo("authorityInfoAccess");if(C===undefined){return C}var y={ocsp:[],caissuer:[]};var z=r(this.hex,C.vidx);for(var A=0;A<z.length;A++){var D=c(this.hex,z[A],[0],"06");var B=c(this.hex,z[A],[1],"86");if(D==="2b06010505073001"){y.ocsp.push(hextoutf8(B))}if(D==="2b06010505073002"){y.caissuer.push(hextoutf8(B))}}return y};this.getExtAuthorityInfoAccess=function(F,D){if(F===undefined&&D===undefined){var y=this.getExtInfo("authorityInfoAccess");if(y===undefined){return undefined}F=b(this.hex,y.vidx);D=y.critical}var G={extname:"authorityInfoAccess",array:[]};if(D){G.critical=true}var E=r(F,0);for(var z=0;z<E.length;z++){var C=o(F,E[z],[0],"06");var A=c(F,E[z],[1],"86");var B=hextoutf8(A);if(C=="2b06010505073001"){G.array.push({ocsp:B})}else{if(C=="2b06010505073002"){G.array.push({caissuer:B})}else{throw new Error("unknown method: "+C)}}}return G};this.getExtCertificatePolicies=function(C,F){if(C===undefined&&F===undefined){var E=this.getExtInfo("certificatePolicies");if(E===undefined){return undefined}C=b(this.hex,E.vidx);F=E.critical}var y={extname:"certificatePolicies",array:[]};if(F){y.critical=true}var z=r(C,0);for(var A=0;A<z.length;A++){var D=b(C,z[A]);var B=this.getPolicyInformation(D);y.array.push(B)}return y};this.getPolicyInformation=function(C){var y={};var E=c(C,0,[0],"06");y.policyoid=t(E);var F=f(C,0,[1],"30");if(F!=-1){y.array=[];var z=r(C,F);for(var A=0;A<z.length;A++){var D=b(C,z[A]);var B=this.getPolicyQualifierInfo(D);y.array.push(B)}}return y};this.getOtherName=function(A){var y={};var z=r(A,0);var C=c(A,z[0],[],"06");var B=c(A,z[1],[]);y.oid=KJUR.asn1.ASN1Util.oidHexToInt(C);y.obj=j(B);return y};this.getPolicyQualifierInfo=function(z){var y={};var A=c(z,0,[0],"06");if(A==="2b06010505070201"){var C=o(z,0,[1],"16");y.cps=hextorstr(C)}else{if(A==="2b06010505070202"){var B=a(z,0,[1],"30");y.unotice=this.getUserNotice(B)}}return y};this.getUserNotice=function(C){var z={};var A=r(C,0);for(var B=0;B<A.length;B++){var y=b(C,A[B]);if(y.substr(0,2)!="30"){z.exptext=this.getDisplayText(y)}}return z};this.getDisplayText=function(z){var A={"0c":"utf8","16":"ia5","1a":"vis","1e":"bmp"};var y={};y.type=A[z.substr(0,2)];y.str=hextorstr(k(z,0));return y};this.getExtCRLNumber=function(z,A){var y={extname:"cRLNumber"};if(A){y.critical=true}if(z.substr(0,2)=="02"){y.num={hex:k(z,0)};return y}throw new Error("hExtV parse error: "+z)};this.getExtCRLReason=function(z,A){var y={extname:"cRLReason"};if(A){y.critical=true}if(z.substr(0,2)=="0a"){y.code=parseInt(k(z,0),16);return y}throw new Error("hExtV parse error: "+z)};this.getExtOcspNonce=function(z,B){var y={extname:"ocspNonce"};if(B){y.critical=true}var A=k(z,0);y.hex=A;return y};this.getExtOcspNoCheck=function(z,A){var y={extname:"ocspNoCheck"};if(A){y.critical=true}return y};this.getExtAdobeTimeStamp=function(B,E){if(B===undefined&&E===undefined){var D=this.getExtInfo("adobeTimeStamp");if(D===undefined){return undefined}B=b(this.hex,D.vidx);E=D.critical}var y={extname:"adobeTimeStamp"};if(E){y.critical=true}var A=r(B,0);if(A.length>1){var F=b(B,A[1]);var z=this.getGeneralName(F);if(z.uri!=undefined){y.uri=z.uri}}if(A.length>2){var C=b(B,A[2]);if(C=="0101ff"){y.reqauth=true}if(C=="010100"){y.reqauth=false}}return y};var e=function(D){var y={};try{var A=D.seq[0].oid;var C=KJUR.asn1.x509.OID.name2oid(A);y.type=KJUR.asn1.x509.OID.oid2atype(C);var z=D.seq[1];if(z.utf8str!=undefined){y.ds="utf8";y.value=z.utf8str.str}else{if(z.numstr!=undefined){y.ds="num";y.value=z.numstr.str}else{if(z.telstr!=undefined){y.ds="tel";y.value=z.telstr.str}else{if(z.prnstr!=undefined){y.ds="prn";y.value=z.prnstr.str}else{if(z.ia5str!=undefined){y.ds="ia5";y.value=z.ia5str.str}else{if(z.visstr!=undefined){y.ds="vis";y.value=z.visstr.str}else{if(z.bmpstr!=undefined){y.ds="bmp";y.value=z.bmpstr.str}else{throw"error"}}}}}}}return y}catch(B){throw new Erorr("improper ASN.1 parsed AttrTypeAndValue")}};var i=function(z){try{return z.set.map(function(A){return e(A)})}catch(y){throw new Error("improper ASN.1 parsed RDN: "+y)}};var h=function(z){try{return z.seq.map(function(A){return i(A)})}catch(y){throw new Error("improper ASN.1 parsed X500Name: "+y)}};this.getX500NameRule=function(y){var F=true;var J=true;var I=false;var z="";var C="";var L=null;var G=[];for(var B=0;B<y.length;B++){var D=y[B];for(var A=0;A<D.length;A++){G.push(D[A])}}for(var B=0;B<G.length;B++){var K=G[B];var M=K.ds;var H=K.value;var E=K.type;z+=":"+M;if(M!="prn"&&M!="utf8"&&M!="ia5"){return"mixed"}if(M=="ia5"){if(E!="CN"){return"mixed"}else{if(!KJUR.lang.String.isMail(H)){return"mixed"}else{continue}}}if(E=="C"){if(M=="prn"){continue}else{return"mixed"}}C+=":"+M;if(L==null){L=M}else{if(L!==M){return"mixed"}}}if(L==null){return"prn"}else{return L}};this.getAttrTypeAndValue=function(y){var z=j(y);return e(z)};this.getRDN=function(y){var z=j(y);return i(z)};this.getX500NameArray=function(y){var z=j(y);return h(z)};this.getX500Name=function(A){var y=this.getX500NameArray(A);var z=this.dnarraytostr(y);return{array:y,str:z}};this.readCertPEM=function(y){this.readCertHex(v(y))};this.readCertHex=function(y){this.hex=y;this.getVersion();try{l(this.hex,0,[0,7],"a3");this.parseExt()}catch(z){}};this.getParam=function(z){var y={};y.version=this.getVersion();y.serial={hex:this.getSerialNumberHex()};y.sigalg=this.getSignatureAlgorithmField();y.issuer=this.getIssuer();y.notbefore=this.getNotBefore();y.notafter=this.getNotAfter();y.subject=this.getSubject();y.sbjpubkey=hextopem(this.getPublicKeyHex(),"PUBLIC KEY");if(this.aExtInfo!=undefined&&this.aExtInfo.length>0){y.ext=this.getExtParamArray()}y.sighex=this.getSignatureValueHex();if(typeof z=="object"){if(z.tbshex==true){y.tbshex=a(this.hex,0,[0])}if(z.nodnarray==true){delete y.issuer.array;delete y.subject.array}}return y};this.getExtParamArray=function(z){if(z==undefined){var B=f(this.hex,0,[0,"[3]"]);if(B!=-1){z=p(this.hex,0,[0,"[3]",0],"30")}}var y=[];var A=r(z,0);for(var C=0;C<A.length;C++){var E=b(z,A[C]);var D=this.getExtParam(E);if(D!=null){y.push(D)}}return y};this.getExtParam=function(z){var G={};var B=r(z,0);var C=B.length;if(C!=2&&C!=3){throw new Error("wrong number elements in Extension: "+C+" "+z)}var A=q(c(z,0,[0],"06"));var E=false;if(C==3&&a(z,0,[1])=="0101ff"){E=true}var F=a(z,0,[C-1,0]);var D=undefined;if(A=="2.5.29.14"){D=this.getExtSubjectKeyIdentifier(F,E)}else{if(A=="2.5.29.15"){D=this.getExtKeyUsage(F,E)}else{if(A=="2.5.29.17"){D=this.getExtSubjectAltName(F,E)}else{if(A=="2.5.29.18"){D=this.getExtIssuerAltName(F,E)}else{if(A=="2.5.29.19"){D=this.getExtBasicConstraints(F,E)}else{if(A=="2.5.29.30"){D=this.getExtNameConstraints(F,E)}else{if(A=="2.5.29.31"){D=this.getExtCRLDistributionPoints(F,E)}else{if(A=="2.5.29.32"){D=this.getExtCertificatePolicies(F,E)}else{if(A=="2.5.29.35"){D=this.getExtAuthorityKeyIdentifier(F,E)}else{if(A=="2.5.29.37"){D=this.getExtExtKeyUsage(F,E)}else{if(A=="1.3.6.1.5.5.7.1.1"){D=this.getExtAuthorityInfoAccess(F,E)}else{if(A=="2.5.29.20"){D=this.getExtCRLNumber(F,E)}else{if(A=="2.5.29.21"){D=this.getExtCRLReason(F,E)}else{if(A=="1.3.6.1.5.5.7.48.1.2"){D=this.getExtOcspNonce(F,E)}else{if(A=="1.3.6.1.5.5.7.48.1.5"){D=this.getExtOcspNoCheck(F,E)}else{if(A=="1.2.840.113583.1.1.9.1"){D=this.getExtAdobeTimeStamp(F,E)}}}}}}}}}}}}}}}}if(D!=undefined){return D}var y={extname:A,extn:F};if(E){y.critical=true}return y};this.findExt=function(z,A){for(var y=0;y<z.length;y++){if(z[y].extname==A){return z[y]}}return null};this.updateExtCDPFullURI=function(C,y){var B=this.findExt(C,"cRLDistributionPoints");if(B==null){return}if(B.array==undefined){return}var E=B.array;for(var A=0;A<E.length;A++){if(E[A].dpname==undefined){continue}if(E[A].dpname.full==undefined){continue}var F=E[A].dpname.full;for(var z=0;z<F.length;z++){var D=F[A];if(D.uri==undefined){continue}D.uri=y}}};this.updateExtAIAOCSP=function(C,z){var B=this.findExt(C,"authorityInfoAccess");if(B==null){return}if(B.array==undefined){return}var y=B.array;for(var A=0;A<y.length;A++){if(y[A].ocsp!=undefined){y[A].ocsp=z}}};this.updateExtAIACAIssuer=function(C,z){var B=this.findExt(C,"authorityInfoAccess");if(B==null){return}if(B.array==undefined){return}var y=B.array;for(var A=0;A<y.length;A++){if(y[A].caissuer!=undefined){y[A].caissuer=z}}};this.dnarraytostr=function(A){function y(B){return B.map(function(C){return z(C).replace(/\+/,"\\+")}).join("+")}function z(B){return B.type+"="+B.value}return"/"+A.map(function(B){return y(B).replace(/\//,"\\/")}).join("/")};this.getInfo=function(){var z=function(R){var Q=JSON.stringify(R.array).replace(/[\[\]\{\}\"]/g,"");return Q};var F=function(W){var U="";var Q=W.array;for(var T=0;T<Q.length;T++){var V=Q[T];U+="    policy oid: "+V.policyoid+"\n";if(V.array===undefined){continue}for(var S=0;S<V.array.length;S++){var R=V.array[S];if(R.cps!==undefined){U+="    cps: "+R.cps+"\n"}}}return U};var I=function(U){var T="";var Q=U.array;for(var S=0;S<Q.length;S++){var V=Q[S];try{if(V.dpname.full[0].uri!==undefined){T+="    "+V.dpname.full[0].uri+"\n"}}catch(R){}try{if(V.dname.full[0].dn.hex!==undefined){T+="    "+X509.hex2dn(V.dpname.full[0].dn.hex)+"\n"}}catch(R){}}return T};var G=function(U){var T="";var Q=U.array;for(var R=0;R<Q.length;R++){var S=Q[R];if(S.caissuer!==undefined){T+="    caissuer: "+S.caissuer+"\n"}if(S.ocsp!==undefined){T+="    ocsp: "+S.ocsp+"\n"}}return T};var A=X509;var K,J,P;K="Basic Fields\n";K+="  serial number: "+this.getSerialNumberHex()+"\n";K+="  signature algorithm: "+this.getSignatureAlgorithmField()+"\n";K+="  issuer: "+this.getIssuerString()+"\n";K+="  notBefore: "+this.getNotBefore()+"\n";K+="  notAfter: "+this.getNotAfter()+"\n";K+="  subject: "+this.getSubjectString()+"\n";K+="  subject public key info: \n";J=this.getPublicKey();K+="    key algorithm: "+J.type+"\n";if(J.type==="RSA"){K+="    n="+hextoposhex(J.n.toString(16)).substr(0,16)+"...\n";K+="    e="+hextoposhex(J.e.toString(16))+"\n"}P=this.aExtInfo;if(P!==undefined&&P!==null){K+="X509v3 Extensions:\n";for(var M=0;M<P.length;M++){var O=P[M];var y=KJUR.asn1.x509.OID.oid2name(O.oid);if(y===""){y=O.oid}var L="";if(O.critical===true){L="CRITICAL"}K+="  "+y+" "+L+":\n";if(y==="basicConstraints"){var B=this.getExtBasicConstraints();if(B.cA===undefined){K+="    {}\n"}else{K+="    cA=true";if(B.pathLen!==undefined){K+=", pathLen="+B.pathLen}K+="\n"}}else{if(y==="keyUsage"){K+="    "+this.getExtKeyUsageString()+"\n"}else{if(y==="subjectKeyIdentifier"){K+="    "+this.getExtSubjectKeyIdentifier().kid.hex+"\n"}else{if(y==="authorityKeyIdentifier"){var C=this.getExtAuthorityKeyIdentifier();if(C.kid!==undefined){K+="    kid="+C.kid.hex+"\n"}}else{if(y==="extKeyUsage"){var N=this.getExtExtKeyUsage().array;K+="    "+N.join(", ")+"\n"}else{if(y==="subjectAltName"){var D=z(this.getExtSubjectAltName());K+="    "+D+"\n"}else{if(y==="cRLDistributionPoints"){var H=this.getExtCRLDistributionPoints();K+=I(H)}else{if(y==="authorityInfoAccess"){var E=this.getExtAuthorityInfoAccess();K+=G(E)}else{if(y==="certificatePolicies"){K+=F(this.getExtCertificatePolicies())}}}}}}}}}}}K+="signature algorithm: "+this.getSignatureAlgorithmName()+"\n";K+="signature: "+this.getSignatureValueHex().substr(0,16)+"...\n";return K};if(typeof u=="string"){if(u.indexOf("-----BEGIN")!=-1){this.readCertPEM(u)}else{if(KJUR.lang.String.isHex(u)){this.readCertHex(u)}}}}X509.hex2dn=function(e,b){if(b===undefined){b=0}var a=new X509();var c=ASN1HEX.getTLV(e,b);var d=a.getX500Name(e);return d.str};X509.hex2rdn=function(f,b){if(b===undefined){b=0}if(f.substr(b,2)!=="31"){throw new Error("malformed RDN")}var c=new Array();var d=ASN1HEX.getChildIdx(f,b);for(var e=0;e<d.length;e++){c.push(X509.hex2attrTypeValue(f,d[e]))}c=c.map(function(a){return a.replace("+","\\+")});return c.join("+")};X509.hex2attrTypeValue=function(d,i){var j=ASN1HEX;var h=j.getV;if(i===undefined){i=0}if(d.substr(i,2)!=="30"){throw new Error("malformed attribute type and value")}var g=j.getChildIdx(d,i);if(g.length!==2||d.substr(g[0],2)!=="06"){"malformed attribute type and value"}var b=h(d,g[0]);var f=KJUR.asn1.ASN1Util.oidHexToInt(b);var e=KJUR.asn1.x509.OID.oid2atype(f);var a=h(d,g[1]);var c=hextorstr(a);return e+"="+c};X509.getPublicKeyFromCertHex=function(b){var a=new X509();a.readCertHex(b);return a.getPublicKey()};X509.getPublicKeyFromCertPEM=function(b){var a=new X509();a.readCertPEM(b);return a.getPublicKey()};X509.getPublicKeyInfoPropOfCertPEM=function(c){var e=ASN1HEX;var g=e.getVbyList;var b={};var a,f,d;b.algparam=null;a=new X509();a.readCertPEM(c);f=a.getPublicKeyHex();b.keyhex=g(f,0,[1],"03").substr(2);b.algoid=g(f,0,[0,0],"06");if(b.algoid==="2a8648ce3d0201"){b.algparam=g(f,0,[0,1],"06")}return b};X509.KEYUSAGE_NAME=["digitalSignature","nonRepudiation","keyEncipherment","dataEncipherment","keyAgreement","keyCertSign","cRLSign","encipherOnly","decipherOnly"];
+function X509(u){var n=ASN1HEX,r=n.getChildIdx,k=n.getV,x=n.dump,j=n.parse,b=n.getTLV,c=n.getVbyList,o=n.getVbyListEx,a=n.getTLVbyList,p=n.getTLVbyListEx,l=n.getIdxbyList,f=n.getIdxbyListEx,m=n.getVidx,w=n.getInt,t=n.oidname,q=n.hextooidstr,d=X509,v=pemtohex,g;try{g=KJUR.asn1.x509.AlgorithmIdentifier.PSSNAME2ASN1TLV}catch(s){}this.HEX2STAG={"0c":"utf8","13":"prn","16":"ia5","1a":"vis","1e":"bmp"};this.hex=null;this.version=0;this.foffset=0;this.aExtInfo=null;this.getVersion=function(){if(this.hex===null||this.version!==0){return this.version}var z=a(this.hex,0,[0,0]);if(z.substr(0,2)=="a0"){var A=a(z,0,[0]);var y=w(A,0);if(y<0||2<y){throw new Error("malformed version field")}this.version=y+1;return this.version}else{this.version=1;this.foffset=-1;return 1}};this.getSerialNumberHex=function(){return o(this.hex,0,[0,0],"02")};this.getSignatureAlgorithmField=function(){var y=p(this.hex,0,[0,1]);return this.getAlgorithmIdentifierName(y)};this.getAlgorithmIdentifierName=function(y){for(var z in g){if(y===g[z]){return z}}return t(o(y,0,[0],"06"))};this.getIssuer=function(z,y){return this.getX500Name(this.getIssuerHex(),z,y)};this.getIssuerHex=function(){return a(this.hex,0,[0,3+this.foffset],"30")};this.getIssuerString=function(){var y=this.getIssuer();return y.str};this.getSubject=function(z,y){return this.getX500Name(this.getSubjectHex(),z,y)};this.getSubjectHex=function(){return a(this.hex,0,[0,5+this.foffset],"30")};this.getSubjectString=function(){var y=this.getSubject();return y.str};this.getNotBefore=function(){var y=c(this.hex,0,[0,4+this.foffset,0]);y=y.replace(/(..)/g,"%$1");y=decodeURIComponent(y);return y};this.getNotAfter=function(){var y=c(this.hex,0,[0,4+this.foffset,1]);y=y.replace(/(..)/g,"%$1");y=decodeURIComponent(y);return y};this.getPublicKeyHex=function(){return this.getSPKI()};this.getSPKI=function(){return a(this.hex,0,[0,6+this.foffset],"30")};this.getSPKIValue=function(){var y=this.getSPKI();if(y==null){return null}return c(y,0,[1],"03",true)};this.getPublicKeyIdx=function(){return l(this.hex,0,[0,6+this.foffset],"30")};this.getPublicKeyContentIdx=function(){var y=this.getPublicKeyIdx();return l(this.hex,y,[1,0],"30")};this.getPublicKey=function(){return KEYUTIL.getKey(this.getPublicKeyHex(),null,"pkcs8pub")};this.getSignatureAlgorithmName=function(){var y=a(this.hex,0,[1],"30");return this.getAlgorithmIdentifierName(y)};this.getSignatureValueHex=function(){return c(this.hex,0,[2],"03",true)};this.verifySignature=function(A){var B=this.getSignatureAlgorithmField();var y=this.getSignatureValueHex();var z=a(this.hex,0,[0],"30");var C=new KJUR.crypto.Signature({alg:B});C.init(A);C.updateHex(z);return C.verify(y)};this.parseExt=function(H){var A,y,C;if(H===undefined){C=this.hex;if(this.version!==3){return -1}A=l(C,0,[0,7,0],"30");y=r(C,A)}else{C=pemtohex(H);var D=l(C,0,[0,3,0,0],"06");if(k(C,D)!="2a864886f70d01090e"){this.aExtInfo=new Array();return}A=l(C,0,[0,3,0,1,0],"30");y=r(C,A);this.hex=C}this.aExtInfo=new Array();for(var B=0;B<y.length;B++){var F={};F.critical=false;var E=r(C,y[B]);var z=0;if(E.length===3){F.critical=true;z=1}F.oid=n.hextooidstr(c(C,y[B],[0],"06"));var G=l(C,y[B],[1+z]);F.vidx=m(C,G);this.aExtInfo.push(F)}};this.getExtInfo=function(A){var y=this.aExtInfo;var B=A;if(!A.match(/^[0-9.]+$/)){B=KJUR.asn1.x509.OID.name2oid(A)}if(B===""){return undefined}for(var z=0;z<y.length;z++){if(y[z].oid===B){return y[z]}}return undefined};this.getExtBasicConstraints=function(z,D){if(z===undefined&&D===undefined){var B=this.getExtInfo("basicConstraints");if(B===undefined){return undefined}z=b(this.hex,B.vidx);D=B.critical}var y={extname:"basicConstraints"};if(D){y.critical=true}if(z==="3000"){return y}if(z==="30030101ff"){y.cA=true;return y}if(z.substr(0,12)==="30060101ff02"){var C=k(z,10);var A=parseInt(C,16);y.cA=true;y.pathLen=A;return y}throw new Error("hExtV parse error: "+z)};this.getExtNameConstraints=function(H,F){if(H===undefined&&F===undefined){var z=this.getExtInfo("nameConstraints");if(z===undefined){return undefined}H=b(this.hex,z.vidx);F=z.critical}var J={extname:"nameConstraints"};if(F){J.critical=true}var E=r(H,0);for(var C=0;C<E.length;C++){var D=[];var A=r(H,E[C]);for(var B=0;B<A.length;B++){var G=b(H,A[B]);var y=this.getGeneralSubtree(G);D.push(y)}var I=H.substr(E[C],2);if(I=="a0"){J.permit=D}else{if(I=="a1"){J.exclude=D}}}return J};this.getGeneralSubtree=function(E){var C=r(E,0);var B=C.length;if(B<1||2<B){throw new Error("wrong num elements")}var A=this.getGeneralName(b(E,C[0]));for(var D=1;D<B;D++){var z=E.substr(C[D],2);var y=k(E,C[D]);var F=parseInt(y,16);if(z=="80"){A.min=F}if(z=="81"){A.max=F}}return A};this.getExtKeyUsage=function(z,B){if(z===undefined&&B===undefined){var A=this.getExtInfo("keyUsage");if(A===undefined){return undefined}z=b(this.hex,A.vidx);B=A.critical}var y={extname:"keyUsage"};if(B){y.critical=true}y.names=this.getExtKeyUsageString(z).split(",");return y};this.getExtKeyUsageBin=function(z){if(z===undefined){var A=this.getExtInfo("keyUsage");if(A===undefined){return""}z=b(this.hex,A.vidx)}if(z.length!=8&&z.length!=10){throw new Error("malformed key usage value: "+z)}var y="000000000000000"+parseInt(z.substr(6),16).toString(2);if(z.length==8){y=y.slice(-8)}if(z.length==10){y=y.slice(-16)}y=y.replace(/0+$/,"");if(y==""){y="0"}return y};this.getExtKeyUsageString=function(A){var B=this.getExtKeyUsageBin(A);var y=new Array();for(var z=0;z<B.length;z++){if(B.substr(z,1)=="1"){y.push(X509.KEYUSAGE_NAME[z])}}return y.join(",")};this.getExtSubjectKeyIdentifier=function(A,C){if(A===undefined&&C===undefined){var B=this.getExtInfo("subjectKeyIdentifier");if(B===undefined){return undefined}A=b(this.hex,B.vidx);C=B.critical}var y={extname:"subjectKeyIdentifier"};if(C){y.critical=true}var z=k(A,0);y.kid={hex:z};return y};this.getExtAuthorityKeyIdentifier=function(E,C){if(E===undefined&&C===undefined){var y=this.getExtInfo("authorityKeyIdentifier");if(y===undefined){return undefined}E=b(this.hex,y.vidx);C=y.critical}var F={extname:"authorityKeyIdentifier"};if(C){F.critical=true}var D=r(E,0);for(var z=0;z<D.length;z++){var G=E.substr(D[z],2);if(G==="80"){F.kid={hex:k(E,D[z])}}if(G==="a1"){var B=b(E,D[z]);var A=this.getGeneralNames(B);F.issuer=A[0]["dn"]}if(G==="82"){F.sn={hex:k(E,D[z])}}}return F};this.getExtExtKeyUsage=function(B,D){if(B===undefined&&D===undefined){var C=this.getExtInfo("extKeyUsage");if(C===undefined){return undefined}B=b(this.hex,C.vidx);D=C.critical}var y={extname:"extKeyUsage",array:[]};if(D){y.critical=true}var z=r(B,0);for(var A=0;A<z.length;A++){y.array.push(t(k(B,z[A])))}return y};this.getExtExtKeyUsageName=function(){var C=this.getExtInfo("extKeyUsage");if(C===undefined){return C}var y=new Array();var B=b(this.hex,C.vidx);if(B===""){return y}var z=r(B,0);for(var A=0;A<z.length;A++){y.push(t(k(B,z[A])))}return y};this.getExtSubjectAltName=function(z,B){if(z===undefined&&B===undefined){var A=this.getExtInfo("subjectAltName");if(A===undefined){return undefined}z=b(this.hex,A.vidx);B=A.critical}var y={extname:"subjectAltName",array:[]};if(B){y.critical=true}y.array=this.getGeneralNames(z);return y};this.getExtIssuerAltName=function(z,B){if(z===undefined&&B===undefined){var A=this.getExtInfo("issuerAltName");if(A===undefined){return undefined}z=b(this.hex,A.vidx);B=A.critical}var y={extname:"issuerAltName",array:[]};if(B){y.critical=true}y.array=this.getGeneralNames(z);return y};this.getGeneralNames=function(C){var A=r(C,0);var y=[];for(var B=0;B<A.length;B++){var z=this.getGeneralName(b(C,A[B]));if(z!==undefined){y.push(z)}}return y};this.getGeneralName=function(z){var y=z.substr(0,2);var B=k(z,0);var A=hextorstr(B);if(y=="81"){return{rfc822:A}}if(y=="82"){return{dns:A}}if(y=="86"){return{uri:A}}if(y=="87"){return{ip:hextoip(B)}}if(y=="a4"){return{dn:this.getX500Name(B)}}if(y=="a0"){return{other:this.getOtherName(z)}}return undefined};this.getExtSubjectAltName2=function(){var C,F,E;var D=this.getExtInfo("subjectAltName");if(D===undefined){return D}var y=new Array();var B=b(this.hex,D.vidx);var z=r(B,0);for(var A=0;A<z.length;A++){E=B.substr(z[A],2);C=k(B,z[A]);if(E==="81"){F=hextoutf8(C);y.push(["MAIL",F])}if(E==="82"){F=hextoutf8(C);y.push(["DNS",F])}if(E==="84"){F=X509.hex2dn(C,0);y.push(["DN",F])}if(E==="86"){F=hextoutf8(C);y.push(["URI",F])}if(E==="87"){F=hextoip(C);y.push(["IP",F])}}return y};this.getExtCRLDistributionPoints=function(C,E){if(C===undefined&&E===undefined){var D=this.getExtInfo("cRLDistributionPoints");if(D===undefined){return undefined}C=b(this.hex,D.vidx);E=D.critical}var z={extname:"cRLDistributionPoints",array:[]};if(E){z.critical=true}var A=r(C,0);for(var B=0;B<A.length;B++){var y=b(C,A[B]);z.array.push(this.getDistributionPoint(y))}return z};this.getDistributionPoint=function(D){var A={};var B=r(D,0);for(var C=0;C<B.length;C++){var z=D.substr(B[C],2);var y=b(D,B[C]);if(z=="a0"){A.dpname=this.getDistributionPointName(y)}}return A};this.getDistributionPointName=function(D){var A={};var B=r(D,0);for(var C=0;C<B.length;C++){var z=D.substr(B[C],2);var y=b(D,B[C]);if(z=="a0"){A.full=this.getGeneralNames(y)}}return A};this.getExtCRLDistributionPointsURI=function(){var C=this.getExtCRLDistributionPoints();if(C==undefined){return C}var z=C.array;var y=[];for(var B=0;B<z.length;B++){try{if(z[B].dpname.full[0].uri!=undefined){y.push(z[B].dpname.full[0].uri)}}catch(A){}}return y};this.getExtAIAInfo=function(){var C=this.getExtInfo("authorityInfoAccess");if(C===undefined){return C}var y={ocsp:[],caissuer:[]};var z=r(this.hex,C.vidx);for(var A=0;A<z.length;A++){var D=c(this.hex,z[A],[0],"06");var B=c(this.hex,z[A],[1],"86");if(D==="2b06010505073001"){y.ocsp.push(hextoutf8(B))}if(D==="2b06010505073002"){y.caissuer.push(hextoutf8(B))}}return y};this.getExtAuthorityInfoAccess=function(F,D){if(F===undefined&&D===undefined){var y=this.getExtInfo("authorityInfoAccess");if(y===undefined){return undefined}F=b(this.hex,y.vidx);D=y.critical}var G={extname:"authorityInfoAccess",array:[]};if(D){G.critical=true}var E=r(F,0);for(var z=0;z<E.length;z++){var C=o(F,E[z],[0],"06");var A=c(F,E[z],[1],"86");var B=hextoutf8(A);if(C=="2b06010505073001"){G.array.push({ocsp:B})}else{if(C=="2b06010505073002"){G.array.push({caissuer:B})}else{throw new Error("unknown method: "+C)}}}return G};this.getExtCertificatePolicies=function(C,F){if(C===undefined&&F===undefined){var E=this.getExtInfo("certificatePolicies");if(E===undefined){return undefined}C=b(this.hex,E.vidx);F=E.critical}var y={extname:"certificatePolicies",array:[]};if(F){y.critical=true}var z=r(C,0);for(var A=0;A<z.length;A++){var D=b(C,z[A]);var B=this.getPolicyInformation(D);y.array.push(B)}return y};this.getPolicyInformation=function(C){var y={};var E=c(C,0,[0],"06");y.policyoid=t(E);var F=f(C,0,[1],"30");if(F!=-1){y.array=[];var z=r(C,F);for(var A=0;A<z.length;A++){var D=b(C,z[A]);var B=this.getPolicyQualifierInfo(D);y.array.push(B)}}return y};this.getOtherName=function(A){var y={};var z=r(A,0);var C=c(A,z[0],[],"06");var B=c(A,z[1],[]);y.oid=t(C);y.value=j(B);return y};this.getPolicyQualifierInfo=function(z){var y={};var A=c(z,0,[0],"06");if(A==="2b06010505070201"){var C=o(z,0,[1],"16");y.cps=hextorstr(C)}else{if(A==="2b06010505070202"){var B=a(z,0,[1],"30");y.unotice=this.getUserNotice(B)}}return y};this.getUserNotice=function(C){var z={};var A=r(C,0);for(var B=0;B<A.length;B++){var y=b(C,A[B]);if(y.substr(0,2)!="30"){z.exptext=this.getDisplayText(y)}}return z};this.getDisplayText=function(z){var A={"0c":"utf8","16":"ia5","1a":"vis","1e":"bmp"};var y={};y.type=A[z.substr(0,2)];y.str=hextorstr(k(z,0));return y};this.getExtCRLNumber=function(z,A){var y={extname:"cRLNumber"};if(A){y.critical=true}if(z.substr(0,2)=="02"){y.num={hex:k(z,0)};return y}throw new Error("hExtV parse error: "+z)};this.getExtCRLReason=function(z,A){var y={extname:"cRLReason"};if(A){y.critical=true}if(z.substr(0,2)=="0a"){y.code=parseInt(k(z,0),16);return y}throw new Error("hExtV parse error: "+z)};this.getExtOcspNonce=function(z,B){var y={extname:"ocspNonce"};if(B){y.critical=true}var A=k(z,0);y.hex=A;return y};this.getExtOcspNoCheck=function(z,A){var y={extname:"ocspNoCheck"};if(A){y.critical=true}return y};this.getExtAdobeTimeStamp=function(B,E){if(B===undefined&&E===undefined){var D=this.getExtInfo("adobeTimeStamp");if(D===undefined){return undefined}B=b(this.hex,D.vidx);E=D.critical}var y={extname:"adobeTimeStamp"};if(E){y.critical=true}var A=r(B,0);if(A.length>1){var F=b(B,A[1]);var z=this.getGeneralName(F);if(z.uri!=undefined){y.uri=z.uri}}if(A.length>2){var C=b(B,A[2]);if(C=="0101ff"){y.reqauth=true}if(C=="010100"){y.reqauth=false}}return y};var e=function(D){var y={};try{var A=D.seq[0].oid;var C=KJUR.asn1.x509.OID.name2oid(A);y.type=KJUR.asn1.x509.OID.oid2atype(C);var z=D.seq[1];if(z.utf8str!=undefined){y.ds="utf8";y.value=z.utf8str.str}else{if(z.numstr!=undefined){y.ds="num";y.value=z.numstr.str}else{if(z.telstr!=undefined){y.ds="tel";y.value=z.telstr.str}else{if(z.prnstr!=undefined){y.ds="prn";y.value=z.prnstr.str}else{if(z.ia5str!=undefined){y.ds="ia5";y.value=z.ia5str.str}else{if(z.visstr!=undefined){y.ds="vis";y.value=z.visstr.str}else{if(z.bmpstr!=undefined){y.ds="bmp";y.value=z.bmpstr.str}else{throw"error"}}}}}}}return y}catch(B){throw new Erorr("improper ASN.1 parsed AttrTypeAndValue")}};var i=function(z){try{return z.set.map(function(A){return e(A)})}catch(y){throw new Error("improper ASN.1 parsed RDN: "+y)}};var h=function(z){try{return z.seq.map(function(A){return i(A)})}catch(y){throw new Error("improper ASN.1 parsed X500Name: "+y)}};this.getX500NameRule=function(y){var F=true;var J=true;var I=false;var z="";var C="";var L=null;var G=[];for(var B=0;B<y.length;B++){var D=y[B];for(var A=0;A<D.length;A++){G.push(D[A])}}for(var B=0;B<G.length;B++){var K=G[B];var M=K.ds;var H=K.value;var E=K.type;z+=":"+M;if(M!="prn"&&M!="utf8"&&M!="ia5"){return"mixed"}if(M=="ia5"){if(E!="CN"){return"mixed"}else{if(!KJUR.lang.String.isMail(H)){return"mixed"}else{continue}}}if(E=="C"){if(M=="prn"){continue}else{return"mixed"}}C+=":"+M;if(L==null){L=M}else{if(L!==M){return"mixed"}}}if(L==null){return"prn"}else{return L}};this.getAttrTypeAndValue=function(y){var z=j(y);return e(z)};this.getRDN=function(y){var z=j(y);return i(z)};this.getX500NameArray=function(y){var z=j(y);return h(z)};this.getX500Name=function(B,D,C){var z=this.getX500NameArray(B);var A=this.dnarraytostr(z);var y={str:A};y.array=z;if(C==true){y.hex=B}if(D==true){y.canon=this.c14nRDNArray(z)}return y};this.readCertPEM=function(y){this.readCertHex(v(y))};this.readCertHex=function(y){this.hex=y;this.getVersion();try{l(this.hex,0,[0,7],"a3");this.parseExt()}catch(z){}};this.getParam=function(z){var y={};if(z==undefined){z={}}y.version=this.getVersion();y.serial={hex:this.getSerialNumberHex()};y.sigalg=this.getSignatureAlgorithmField();y.issuer=this.getIssuer(z.dncanon,z.dnhex);y.notbefore=this.getNotBefore();y.notafter=this.getNotAfter();y.subject=this.getSubject(z.dncanon,z.dnhex);y.sbjpubkey=hextopem(this.getPublicKeyHex(),"PUBLIC KEY");if(this.aExtInfo!=undefined&&this.aExtInfo.length>0){y.ext=this.getExtParamArray()}y.sighex=this.getSignatureValueHex();if(z.tbshex==true){y.tbshex=a(this.hex,0,[0])}if(z.nodnarray==true){delete y.issuer.array;delete y.subject.array}return y};this.getExtParamArray=function(z){if(z==undefined){var B=f(this.hex,0,[0,"[3]"]);if(B!=-1){z=p(this.hex,0,[0,"[3]",0],"30")}}var y=[];var A=r(z,0);for(var C=0;C<A.length;C++){var E=b(z,A[C]);var D=this.getExtParam(E);if(D!=null){y.push(D)}}return y};this.getExtParam=function(z){var G={};var B=r(z,0);var C=B.length;if(C!=2&&C!=3){throw new Error("wrong number elements in Extension: "+C+" "+z)}var A=q(c(z,0,[0],"06"));var E=false;if(C==3&&a(z,0,[1])=="0101ff"){E=true}var F=a(z,0,[C-1,0]);var D=undefined;if(A=="2.5.29.14"){D=this.getExtSubjectKeyIdentifier(F,E)}else{if(A=="2.5.29.15"){D=this.getExtKeyUsage(F,E)}else{if(A=="2.5.29.17"){D=this.getExtSubjectAltName(F,E)}else{if(A=="2.5.29.18"){D=this.getExtIssuerAltName(F,E)}else{if(A=="2.5.29.19"){D=this.getExtBasicConstraints(F,E)}else{if(A=="2.5.29.30"){D=this.getExtNameConstraints(F,E)}else{if(A=="2.5.29.31"){D=this.getExtCRLDistributionPoints(F,E)}else{if(A=="2.5.29.32"){D=this.getExtCertificatePolicies(F,E)}else{if(A=="2.5.29.35"){D=this.getExtAuthorityKeyIdentifier(F,E)}else{if(A=="2.5.29.37"){D=this.getExtExtKeyUsage(F,E)}else{if(A=="1.3.6.1.5.5.7.1.1"){D=this.getExtAuthorityInfoAccess(F,E)}else{if(A=="2.5.29.20"){D=this.getExtCRLNumber(F,E)}else{if(A=="2.5.29.21"){D=this.getExtCRLReason(F,E)}else{if(A=="1.3.6.1.5.5.7.48.1.2"){D=this.getExtOcspNonce(F,E)}else{if(A=="1.3.6.1.5.5.7.48.1.5"){D=this.getExtOcspNoCheck(F,E)}else{if(A=="1.2.840.113583.1.1.9.1"){D=this.getExtAdobeTimeStamp(F,E)}}}}}}}}}}}}}}}}if(D!=undefined){return D}var y={extname:A,extn:F};if(E){y.critical=true}return y};this.findExt=function(z,A){for(var y=0;y<z.length;y++){if(z[y].extname==A){return z[y]}}return null};this.updateExtCDPFullURI=function(C,y){var B=this.findExt(C,"cRLDistributionPoints");if(B==null){return}if(B.array==undefined){return}var E=B.array;for(var A=0;A<E.length;A++){if(E[A].dpname==undefined){continue}if(E[A].dpname.full==undefined){continue}var F=E[A].dpname.full;for(var z=0;z<F.length;z++){var D=F[A];if(D.uri==undefined){continue}D.uri=y}}};this.updateExtAIAOCSP=function(C,z){var B=this.findExt(C,"authorityInfoAccess");if(B==null){return}if(B.array==undefined){return}var y=B.array;for(var A=0;A<y.length;A++){if(y[A].ocsp!=undefined){y[A].ocsp=z}}};this.updateExtAIACAIssuer=function(C,z){var B=this.findExt(C,"authorityInfoAccess");if(B==null){return}if(B.array==undefined){return}var y=B.array;for(var A=0;A<y.length;A++){if(y[A].caissuer!=undefined){y[A].caissuer=z}}};this.dnarraytostr=function(A){function y(B){return B.map(function(C){return z(C).replace(/\+/,"\\+")}).join("+")}function z(B){return B.type+"="+B.value}return"/"+A.map(function(B){return y(B).replace(/\//,"\\/")}).join("/")};this.setCanonicalizedDN=function(z){var B;if(z.str!=undefined&&z.array==undefined){var A=new KJUR.asn1.x509.X500Name({str:z.str});var y=A.tohex();B=this.getX500NameArray(y)}else{B=z.array}if(z.canon==undefined){z.canon=this.c14nRDNArray(B)}};this.c14nRDNArray=function(F){var z=[];for(var B=0;B<F.length;B++){var D=F[B];var y=[];for(var A=0;A<D.length;A++){var C=D[A];var E=C.value;E=E.replace(/^\s*/,"");E=E.replace(/\s*$/,"");E=E.replace(/\s+/g," ");E=E.toLowerCase();y.push(C.type.toLowerCase()+"="+E)}z.push(y.join("+"))}return"/"+z.join("/")};this.getInfo=function(){var z=function(S){var Y="";var Q="    ";var U="\n";var V=S.array;for(var T=0;T<V.length;T++){var R=V[T];if(R.dn!=undefined){Y+=Q+"dn: "+R.dn.str+U}if(R.ip!=undefined){Y+=Q+"ip: "+R.ip+U}if(R.rfc822!=undefined){Y+=Q+"rfc822: "+R.rfc822+U}if(R.dns!=undefined){Y+=Q+"dns: "+R.dns+U}if(R.uri!=undefined){Y+=Q+"uri: "+R.uri+U}if(R.other!=undefined){var X=R.other.oid;var W=JSON.stringify(R.other.value).replace(/\"/g,"");Y+=Q+"other: "+X+"="+W+U}}Y=Y.replace(/\n$/,"");return Y};var F=function(W){var U="";var Q=W.array;for(var T=0;T<Q.length;T++){var V=Q[T];U+="    policy oid: "+V.policyoid+"\n";if(V.array===undefined){continue}for(var S=0;S<V.array.length;S++){var R=V.array[S];if(R.cps!==undefined){U+="    cps: "+R.cps+"\n"}}}return U};var I=function(U){var T="";var Q=U.array;for(var S=0;S<Q.length;S++){var V=Q[S];try{if(V.dpname.full[0].uri!==undefined){T+="    "+V.dpname.full[0].uri+"\n"}}catch(R){}try{if(V.dname.full[0].dn.hex!==undefined){T+="    "+X509.hex2dn(V.dpname.full[0].dn.hex)+"\n"}}catch(R){}}return T};var G=function(U){var T="";var Q=U.array;for(var R=0;R<Q.length;R++){var S=Q[R];if(S.caissuer!==undefined){T+="    caissuer: "+S.caissuer+"\n"}if(S.ocsp!==undefined){T+="    ocsp: "+S.ocsp+"\n"}}return T};var A=X509;var K,J,P;K="Basic Fields\n";K+="  serial number: "+this.getSerialNumberHex()+"\n";K+="  signature algorithm: "+this.getSignatureAlgorithmField()+"\n";K+="  issuer: "+this.getIssuerString()+"\n";K+="  notBefore: "+this.getNotBefore()+"\n";K+="  notAfter: "+this.getNotAfter()+"\n";K+="  subject: "+this.getSubjectString()+"\n";K+="  subject public key info: \n";J=this.getPublicKey();K+="    key algorithm: "+J.type+"\n";if(J.type==="RSA"){K+="    n="+hextoposhex(J.n.toString(16)).substr(0,16)+"...\n";K+="    e="+hextoposhex(J.e.toString(16))+"\n"}P=this.aExtInfo;if(P!==undefined&&P!==null){K+="X509v3 Extensions:\n";for(var M=0;M<P.length;M++){var O=P[M];var y=KJUR.asn1.x509.OID.oid2name(O.oid);if(y===""){y=O.oid}var L="";if(O.critical===true){L="CRITICAL"}K+="  "+y+" "+L+":\n";if(y==="basicConstraints"){var B=this.getExtBasicConstraints();if(B.cA===undefined){K+="    {}\n"}else{K+="    cA=true";if(B.pathLen!==undefined){K+=", pathLen="+B.pathLen}K+="\n"}}else{if(y==="keyUsage"){K+="    "+this.getExtKeyUsageString()+"\n"}else{if(y==="subjectKeyIdentifier"){K+="    "+this.getExtSubjectKeyIdentifier().kid.hex+"\n"}else{if(y==="authorityKeyIdentifier"){var C=this.getExtAuthorityKeyIdentifier();if(C.kid!==undefined){K+="    kid="+C.kid.hex+"\n"}}else{if(y==="extKeyUsage"){var N=this.getExtExtKeyUsage().array;K+="    "+N.join(", ")+"\n"}else{if(y==="subjectAltName"){var D=z(this.getExtSubjectAltName());K+=D+"\n"}else{if(y==="cRLDistributionPoints"){var H=this.getExtCRLDistributionPoints();K+=I(H)}else{if(y==="authorityInfoAccess"){var E=this.getExtAuthorityInfoAccess();K+=G(E)}else{if(y==="certificatePolicies"){K+=F(this.getExtCertificatePolicies())}}}}}}}}}}}K+="signature algorithm: "+this.getSignatureAlgorithmName()+"\n";K+="signature: "+this.getSignatureValueHex().substr(0,16)+"...\n";return K};if(typeof u=="string"){if(u.indexOf("-----BEGIN")!=-1){this.readCertPEM(u)}else{if(KJUR.lang.String.isHex(u)){this.readCertHex(u)}}}}X509.hex2dn=function(e,b){if(b===undefined){b=0}var a=new X509();var c=ASN1HEX.getTLV(e,b);var d=a.getX500Name(e);return d.str};X509.hex2rdn=function(f,b){if(b===undefined){b=0}if(f.substr(b,2)!=="31"){throw new Error("malformed RDN")}var c=new Array();var d=ASN1HEX.getChildIdx(f,b);for(var e=0;e<d.length;e++){c.push(X509.hex2attrTypeValue(f,d[e]))}c=c.map(function(a){return a.replace("+","\\+")});return c.join("+")};X509.hex2attrTypeValue=function(d,i){var j=ASN1HEX;var h=j.getV;if(i===undefined){i=0}if(d.substr(i,2)!=="30"){throw new Error("malformed attribute type and value")}var g=j.getChildIdx(d,i);if(g.length!==2||d.substr(g[0],2)!=="06"){"malformed attribute type and value"}var b=h(d,g[0]);var f=KJUR.asn1.ASN1Util.oidHexToInt(b);var e=KJUR.asn1.x509.OID.oid2atype(f);var a=h(d,g[1]);var c=hextorstr(a);return e+"="+c};X509.getPublicKeyFromCertHex=function(b){var a=new X509();a.readCertHex(b);return a.getPublicKey()};X509.getPublicKeyFromCertPEM=function(b){var a=new X509();a.readCertPEM(b);return a.getPublicKey()};X509.getPublicKeyInfoPropOfCertPEM=function(c){var e=ASN1HEX;var g=e.getVbyList;var b={};var a,f,d;b.algparam=null;a=new X509();a.readCertPEM(c);f=a.getPublicKeyHex();b.keyhex=g(f,0,[1],"03").substr(2);b.algoid=g(f,0,[0,0],"06");if(b.algoid==="2a8648ce3d0201"){b.algparam=g(f,0,[0,1],"06")}return b};X509.KEYUSAGE_NAME=["digitalSignature","nonRepudiation","keyEncipherment","dataEncipherment","keyAgreement","keyCertSign","cRLSign","encipherOnly","decipherOnly"];
 var X509CRL=function(e){var a=KJUR,f=a.lang.String.isHex,m=ASN1HEX,k=m.getV,b=m.getTLV,h=m.getVbyList,c=m.getTLVbyList,d=m.getTLVbyListEx,i=m.getIdxbyList,g=m.getIdxbyListEx,l=m.getChildIdx,j=new X509();this.hex=null;this.posSigAlg=null;this.posRevCert=null;this.parsed=null;this._setPos=function(){var o=i(this.hex,0,[0,0]);var n=this.hex.substr(o,2);if(n=="02"){this.posSigAlg=1}else{if(n=="30"){this.posSigAlg=0}else{throw new Error("malformed 1st item of TBSCertList: "+n)}}var s=i(this.hex,0,[0,this.posSigAlg+3]);var r=this.hex.substr(s,2);if(r=="17"||r=="18"){var q,p;q=i(this.hex,0,[0,this.posSigAlg+4]);this.posRevCert=null;if(q!=-1){p=this.hex.substr(q,2);if(p=="30"){this.posRevCert=this.posSigAlg+4}}}else{if(r=="30"){this.posRevCert=this.posSigAlg+3}else{if(r=="a0"){this.posRevCert=null}else{throw new Error("malformed nextUpdate or revCert tag: "+r)}}}};this.getVersion=function(){if(this.posSigAlg==0){return null}return parseInt(h(this.hex,0,[0,0],"02"),16)+1};this.getSignatureAlgorithmField=function(){var n=c(this.hex,0,[0,this.posSigAlg],"30");return j.getAlgorithmIdentifierName(n)};this.getIssuer=function(){return j.getX500Name(this.getIssuerHex())};this.getIssuerHex=function(){return c(this.hex,0,[0,this.posSigAlg+1],"30")};this.getThisUpdate=function(){var n=h(this.hex,0,[0,this.posSigAlg+2]);return result=hextorstr(n)};this.getNextUpdate=function(){var o=i(this.hex,0,[0,this.posSigAlg+3]);var n=this.hex.substr(o,2);if(n!="17"&&n!="18"){return null}return hextorstr(k(this.hex,o))};this.getRevCertArray=function(){if(this.posRevCert==null){return null}var o=[];var n=i(this.hex,0,[0,this.posRevCert]);var p=l(this.hex,n);for(var q=0;q<p.length;q++){var r=b(this.hex,p[q]);o.push(this.getRevCert(r))}return o};this.getRevCert=function(p){var o={};var n=l(p,0);o.sn={hex:h(p,0,[0],"02")};o.date=hextorstr(h(p,0,[1]));if(n.length==3){o.ext=j.getExtParamArray(c(p,0,[2]))}return o};this.findRevCert=function(p){var n=new X509(p);var o=n.getSerialNumberHex();return this.findRevCertBySN(o)};this.findRevCertBySN=function(o){if(this.parsed==null){this.getParam()}if(this.parsed.revcert==null){return null}var n=this.parsed.revcert;for(var p=0;p<n.length;p++){if(o==n[p].sn.hex){return n[p]}}return null};this.getSignatureValueHex=function(){return h(this.hex,0,[2],"03",true)};this.verifySignature=function(o){var p=this.getSignatureAlgorithmField();var n=this.getSignatureValueHex();var q=c(this.hex,0,[0],"30");var r=new KJUR.crypto.Signature({alg:p});r.init(o);r.updateHex(q);return r.verify(n)};this.getParam=function(r){var n={};var p=this.getVersion();if(p!=null){n.version=p}n.sigalg=this.getSignatureAlgorithmField();n.issuer=this.getIssuer();n.thisupdate=this.getThisUpdate();var q=this.getNextUpdate();if(q!=null){n.nextupdate=q}var t=this.getRevCertArray();if(t!=null){n.revcert=t}var s=g(this.hex,0,[0,"[0]"]);if(s!=-1){var o=d(this.hex,0,[0,"[0]",0]);n.ext=j.getExtParamArray(o)}n.sighex=this.getSignatureValueHex();this.parsed=n;if(typeof r=="object"){if(r.tbshex==true){n.tbshex=c(this.hex,0,[0])}if(r.nodnarray==true){delete n.issuer.array}}return n};if(typeof e=="string"){if(f(e)){this.hex=e}else{if(e.match(/-----BEGIN X509 CRL/)){this.hex=pemtohex(e)}}this._setPos()}};
 if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.jws=="undefined"||!KJUR.jws){KJUR.jws={}}KJUR.jws.JWS=function(){var b=KJUR,a=b.jws.JWS,c=a.isSafeJSONString;this.parseJWS=function(g,j){if((this.parsedJWS!==undefined)&&(j||(this.parsedJWS.sigvalH!==undefined))){return}var i=g.match(/^([^.]+)\.([^.]+)\.([^.]+)$/);if(i==null){throw"JWS signature is not a form of 'Head.Payload.SigValue'."}var k=i[1];var e=i[2];var l=i[3];var n=k+"."+e;this.parsedJWS={};this.parsedJWS.headB64U=k;this.parsedJWS.payloadB64U=e;this.parsedJWS.sigvalB64U=l;this.parsedJWS.si=n;if(!j){var h=b64utohex(l);var f=parseBigInt(h,16);this.parsedJWS.sigvalH=h;this.parsedJWS.sigvalBI=f}var d=b64utoutf8(k);var m=b64utoutf8(e);this.parsedJWS.headS=d;this.parsedJWS.payloadS=m;if(!c(d,this.parsedJWS,"headP")){throw"malformed JSON string for JWS Head: "+d}}};KJUR.jws.JWS.sign=function(j,w,z,A,a){var x=KJUR,n=x.jws,r=n.JWS,h=r.readSafeJSONString,q=r.isSafeJSONString,d=x.crypto,l=d.ECDSA,p=d.Mac,c=d.Signature,u=JSON;var t,k,o;if(typeof w!="string"&&typeof w!="object"){throw"spHeader must be JSON string or object: "+w}if(typeof w=="object"){k=w;t=u.stringify(k)}if(typeof w=="string"){t=w;if(!q(t)){throw"JWS Head is not safe JSON string: "+t}k=h(t)}o=z;if(typeof z=="object"){o=u.stringify(z)}if((j==""||j==null)&&k.alg!==undefined){j=k.alg}if((j!=""&&j!=null)&&k.alg===undefined){k.alg=j;t=u.stringify(k)}if(j!==k.alg){throw"alg and sHeader.alg doesn't match: "+j+"!="+k.alg}var s=null;if(r.jwsalg2sigalg[j]===undefined){throw"unsupported alg name: "+j}else{s=r.jwsalg2sigalg[j]}var e=utf8tob64u(t);var m=utf8tob64u(o);var b=e+"."+m;var y="";if(s.substr(0,4)=="Hmac"){if(A===undefined){throw"mac key shall be specified for HS* alg"}var i=new p({alg:s,prov:"cryptojs",pass:A});i.updateString(b);y=i.doFinal()}else{if(s.indexOf("withECDSA")!=-1){var f=new c({alg:s});f.init(A,a);f.updateString(b);var g=f.sign();y=KJUR.crypto.ECDSA.asn1SigToConcatSig(g)}else{if(s!="none"){var f=new c({alg:s});f.init(A,a);f.updateString(b);y=f.sign()}}}var v=hextob64u(y);return b+"."+v};KJUR.jws.JWS.verify=function(w,B,n){var x=KJUR,q=x.jws,t=q.JWS,i=t.readSafeJSONString,e=x.crypto,p=e.ECDSA,s=e.Mac,d=e.Signature,m;if(typeof RSAKey!==undefined){m=RSAKey}if(!isBase64URLDot(w)){return false}var y=w.split(".");if(y.length!==3){return false}var f=y[0];var r=y[1];var c=f+"."+r;var A=b64utohex(y[2]);var l=i(b64utoutf8(y[0]));var k=null;var z=null;if(l.alg===undefined){throw"algorithm not specified in header"}else{k=l.alg;z=k.substr(0,2)}if(n!=null&&Object.prototype.toString.call(n)==="[object Array]"&&n.length>0){var b=":"+n.join(":")+":";if(b.indexOf(":"+k+":")==-1){throw"algorithm '"+k+"' not accepted in the list"}}if(k!="none"&&B===null){throw"key shall be specified to verify."}if(typeof B=="string"&&B.indexOf("-----BEGIN ")!=-1){B=KEYUTIL.getKey(B)}if(z=="RS"||z=="PS"){if(!(B instanceof m)){throw"key shall be a RSAKey obj for RS* and PS* algs"}}if(z=="ES"){if(!(B instanceof p)){throw"key shall be a ECDSA obj for ES* algs"}}if(k=="none"){}var u=null;if(t.jwsalg2sigalg[l.alg]===undefined){throw"unsupported alg name: "+k}else{u=t.jwsalg2sigalg[k]}if(u=="none"){throw"not supported"}else{if(u.substr(0,4)=="Hmac"){var o=null;if(B===undefined){throw"hexadecimal key shall be specified for HMAC"}var j=new s({alg:u,pass:B});j.updateString(c);o=j.doFinal();return A==o}else{if(u.indexOf("withECDSA")!=-1){var h=null;try{h=p.concatSigToASN1Sig(A)}catch(v){return false}var g=new d({alg:u});g.init(B);g.updateString(c);return g.verify(h)}else{var g=new d({alg:u});g.init(B);g.updateString(c);return g.verify(A)}}}};KJUR.jws.JWS.parse=function(g){var c=g.split(".");var b={};var f,e,d;if(c.length!=2&&c.length!=3){throw"malformed sJWS: wrong number of '.' splitted elements"}f=c[0];e=c[1];if(c.length==3){d=c[2]}b.headerObj=KJUR.jws.JWS.readSafeJSONString(b64utoutf8(f));b.payloadObj=KJUR.jws.JWS.readSafeJSONString(b64utoutf8(e));b.headerPP=JSON.stringify(b.headerObj,null,"  ");if(b.payloadObj==null){b.payloadPP=b64utoutf8(e)}else{b.payloadPP=JSON.stringify(b.payloadObj,null,"  ")}if(d!==undefined){b.sigHex=b64utohex(d)}return b};KJUR.jws.JWS.verifyJWT=function(e,l,r){var d=KJUR,j=d.jws,o=j.JWS,n=o.readSafeJSONString,p=o.inArray,f=o.includedArray;if(!isBase64URLDot(e)){return false}var k=e.split(".");if(k.length!=3){return false}var c=k[0];var i=k[1];var q=c+"."+i;var m=b64utohex(k[2]);var h=n(b64utoutf8(c));var g=n(b64utoutf8(i));if(h.alg===undefined){return false}if(r.alg===undefined){throw"acceptField.alg shall be specified"}if(!p(h.alg,r.alg)){return false}if(g.iss!==undefined&&typeof r.iss==="object"){if(!p(g.iss,r.iss)){return false}}if(g.sub!==undefined&&typeof r.sub==="object"){if(!p(g.sub,r.sub)){return false}}if(g.aud!==undefined&&typeof r.aud==="object"){if(typeof g.aud=="string"){if(!p(g.aud,r.aud)){return false}}else{if(typeof g.aud=="object"){if(!f(g.aud,r.aud)){return false}}}}var b=j.IntDate.getNow();if(r.verifyAt!==undefined&&typeof r.verifyAt==="number"){b=r.verifyAt}if(r.gracePeriod===undefined||typeof r.gracePeriod!=="number"){r.gracePeriod=0}if(g.exp!==undefined&&typeof g.exp=="number"){if(g.exp+r.gracePeriod<b){return false}}if(g.nbf!==undefined&&typeof g.nbf=="number"){if(b<g.nbf-r.gracePeriod){return false}}if(g.iat!==undefined&&typeof g.iat=="number"){if(b<g.iat-r.gracePeriod){return false}}if(g.jti!==undefined&&r.jti!==undefined){if(g.jti!==r.jti){return false}}if(!o.verify(e,l,r.alg)){return false}return true};KJUR.jws.JWS.includedArray=function(b,a){var c=KJUR.jws.JWS.inArray;if(b===null){return false}if(typeof b!=="object"){return false}if(typeof b.length!=="number"){return false}for(var d=0;d<b.length;d++){if(!c(b[d],a)){return false}}return true};KJUR.jws.JWS.inArray=function(d,b){if(b===null){return false}if(typeof b!=="object"){return false}if(typeof b.length!=="number"){return false}for(var c=0;c<b.length;c++){if(b[c]==d){return true}}return false};KJUR.jws.JWS.jwsalg2sigalg={HS256:"HmacSHA256",HS384:"HmacSHA384",HS512:"HmacSHA512",RS256:"SHA256withRSA",RS384:"SHA384withRSA",RS512:"SHA512withRSA",ES256:"SHA256withECDSA",ES384:"SHA384withECDSA",ES512:"SHA512withECDSA",PS256:"SHA256withRSAandMGF1",PS384:"SHA384withRSAandMGF1",PS512:"SHA512withRSAandMGF1",none:"none",};KJUR.jws.JWS.isSafeJSONString=function(c,b,d){var e=null;try{e=jsonParse(c);if(typeof e!="object"){return 0}if(e.constructor===Array){return 0}if(b){b[d]=e}return 1}catch(a){return 0}};KJUR.jws.JWS.readSafeJSONString=function(b){var c=null;try{c=jsonParse(b);if(typeof c!="object"){return null}if(c.constructor===Array){return null}return c}catch(a){return null}};KJUR.jws.JWS.getEncodedSignatureValueFromJWS=function(b){var a=b.match(/^[^.]+\.[^.]+\.([^.]+)$/);if(a==null){throw"JWS signature is not a form of 'Head.Payload.SigValue'."}return a[1]};KJUR.jws.JWS.getJWKthumbprint=function(d){if(d.kty!=="RSA"&&d.kty!=="EC"&&d.kty!=="oct"){throw"unsupported algorithm for JWK Thumprint"}var a="{";if(d.kty==="RSA"){if(typeof d.n!="string"||typeof d.e!="string"){throw"wrong n and e value for RSA key"}a+='"e":"'+d.e+'",';a+='"kty":"'+d.kty+'",';a+='"n":"'+d.n+'"}'}else{if(d.kty==="EC"){if(typeof d.crv!="string"||typeof d.x!="string"||typeof d.y!="string"){throw"wrong crv, x and y value for EC key"}a+='"crv":"'+d.crv+'",';a+='"kty":"'+d.kty+'",';a+='"x":"'+d.x+'",';a+='"y":"'+d.y+'"}'}else{if(d.kty==="oct"){if(typeof d.k!="string"){throw"wrong k value for oct(symmetric) key"}a+='"kty":"'+d.kty+'",';a+='"k":"'+d.k+'"}'}}}var b=rstrtohex(a);var c=KJUR.crypto.Util.hashHex(b,"sha256");var e=hextob64u(c);return e};KJUR.jws.IntDate={};KJUR.jws.IntDate.get=function(c){var b=KJUR.jws.IntDate,d=b.getNow,a=b.getZulu;if(c=="now"){return d()}else{if(c=="now + 1hour"){return d()+60*60}else{if(c=="now + 1day"){return d()+60*60*24}else{if(c=="now + 1month"){return d()+60*60*24*30}else{if(c=="now + 1year"){return d()+60*60*24*365}else{if(c.match(/Z$/)){return a(c)}else{if(c.match(/^[0-9]+$/)){return parseInt(c)}}}}}}}throw"unsupported format: "+c};KJUR.jws.IntDate.getZulu=function(a){return zulutosec(a)};KJUR.jws.IntDate.getNow=function(){var a=~~(new Date()/1000);return a};KJUR.jws.IntDate.intDate2UTCString=function(a){var b=new Date(a*1000);return b.toUTCString()};KJUR.jws.IntDate.intDate2Zulu=function(e){var i=new Date(e*1000),h=("0000"+i.getUTCFullYear()).slice(-4),g=("00"+(i.getUTCMonth()+1)).slice(-2),b=("00"+i.getUTCDate()).slice(-2),a=("00"+i.getUTCHours()).slice(-2),c=("00"+i.getUTCMinutes()).slice(-2),f=("00"+i.getUTCSeconds()).slice(-2);return h+g+b+a+c+f+"Z"};
 if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.jws=="undefined"||!KJUR.jws){KJUR.jws={}}KJUR.jws.JWSJS=function(){var c=KJUR,b=c.jws,a=b.JWS,d=a.readSafeJSONString;this.aHeader=[];this.sPayload="";this.aSignature=[];this.init=function(){this.aHeader=[];this.sPayload=undefined;this.aSignature=[]};this.initWithJWS=function(f){this.init();var e=f.split(".");if(e.length!=3){throw"malformed input JWS"}this.aHeader.push(e[0]);this.sPayload=e[1];this.aSignature.push(e[2])};this.addSignature=function(e,h,m,k){if(this.sPayload===undefined||this.sPayload===null){throw"there's no JSON-JS signature to add."}var l=this.aHeader.length;if(this.aHeader.length!=this.aSignature.length){throw"aHeader.length != aSignature.length"}try{var f=KJUR.jws.JWS.sign(e,h,this.sPayload,m,k);var j=f.split(".");var n=j[0];var g=j[2];this.aHeader.push(j[0]);this.aSignature.push(j[2])}catch(i){if(this.aHeader.length>l){this.aHeader.pop()}if(this.aSignature.length>l){this.aSignature.pop()}throw"addSignature failed: "+i}};this.verifyAll=function(h){if(this.aHeader.length!==h.length||this.aSignature.length!==h.length){return false}for(var g=0;g<h.length;g++){var f=h[g];if(f.length!==2){return false}var e=this.verifyNth(g,f[0],f[1]);if(e===false){return false}}return true};this.verifyNth=function(f,j,g){if(this.aHeader.length<=f||this.aSignature.length<=f){return false}var h=this.aHeader[f];var k=this.aSignature[f];var l=h+"."+this.sPayload+"."+k;var e=false;try{e=a.verify(l,j,g)}catch(i){return false}return e};this.readJWSJS=function(g){if(typeof g==="string"){var f=d(g);if(f==null){throw"argument is not safe JSON object string"}this.aHeader=f.headers;this.sPayload=f.payload;this.aSignature=f.signatures}else{try{if(g.headers.length>0){this.aHeader=g.headers}else{throw"malformed header"}if(typeof g.payload==="string"){this.sPayload=g.payload}else{throw"malformed signatures"}if(g.signatures.length>0){this.aSignature=g.signatures}else{throw"malformed signatures"}}catch(e){throw"malformed JWS-JS JSON object: "+e}}};this.getJSON=function(){return{headers:this.aHeader,payload:this.sPayload,signatures:this.aSignature}};this.isEmpty=function(){if(this.aHeader.length==0){return 1}return 0}};
diff --git a/npm/package.json b/npm/package.json
index e1e2844d..51a11c2a 100755
--- a/npm/package.json
+++ b/npm/package.json
@@ -1,6 +1,6 @@
 {
   "name": "jsrsasign",
-  "version": "10.5.27",
+  "version": "10.6.0",
   "description": "opensource free pure JavaScript cryptographic library supports RSA/RSAPSS/ECDSA/DSA signing/validation, ASN.1, PKCS#1/5/8 private/public key, X.509 certificate, CRL, OCSP, CMS SignedData, TimeStamp and CAdES and JSON Web Signature(JWS)/Token(JWT)/Key(JWK).",
   "main": "lib/jsrsasign.js",
   "scripts": {
diff --git a/src/asn1-1.0.js b/src/asn1-1.0.js
index 9f8da6b4..3a46ae75 100644
--- a/src/asn1-1.0.js
+++ b/src/asn1-1.0.js
@@ -1724,6 +1724,7 @@ extendClass(KJUR.asn1.DERSet, KJUR.asn1.DERAbstractStructured);
  * @name KJUR.asn1.DERTaggedObject
  * @class class for ASN.1 DER TaggedObject
  * @extends KJUR.asn1.ASN1Object
+ * @see KJUR_asn1.ASN1Util.newObject
  *
  * @description
  * <br/>
@@ -1737,12 +1738,20 @@ extendClass(KJUR.asn1.DERSet, KJUR.asn1.DERAbstractStructured);
  * <li>tag - specify tag (default is 'a0' which means [0])</li>
  * <li>explicit - specify true if this is explicit tag otherwise false 
  *     (default is 'true').</li>
- * <li>obj - specify ASN1Object which is tagged</li>
+ * <li>obj - specify ASN1Object or JSON object which will be tagged</li>
  * <li>tage - specify tag with explicit</li>
  * <li>tagi - specify tag with implicit</li>
  * </ul>
+ * As for the member "obj" value of JSON object, 
+ * {@link KJUR_asn1.ASN1Util.newObject} is used to generate.
  *
  * @example
+ * // by JSON
+ * new KJUR.asn1.DERTaggedObject({
+ *  tag:'a0', explicit: true, obj: { "prnstr": { "str": "aaa" } }
+ * }).tohex()
+ *
+ * // by ASN1Object object
  * new KJUR.asn1.DERTaggedObject({
  *  tage:'a0', obj: new KJUR.asn1.DERInteger({int: 3}) // explicit
  * }) 
diff --git a/src/asn1x509-1.0.js b/src/asn1x509-1.0.js
index aba18d8f..af71f187 100644
--- a/src/asn1x509-1.0.js
+++ b/src/asn1x509-1.0.js
@@ -1,4 +1,4 @@
-/* asn1x509-2.1.16.js (c) 2013-2022 Kenji Urushima | kjur.github.io/jsrsasign/license
+/* asn1x509-2.1.17.js (c) 2013-2022 Kenji Urushima | kjur.github.io/jsrsasign/license
  */
 /*
  * asn1x509.js - ASN.1 DER encoder classes for X.509 certificate
@@ -16,7 +16,7 @@
  * @fileOverview
  * @name asn1x509-1.0.js
  * @author Kenji Urushima kenji.urushima@gmail.com
- * @version jsrsasign 10.5.22 asn1x509 2.1.16 (2022-May-24)
+ * @version jsrsasign 10.6.0 asn1x509 2.1.17 (2022-Nov-04)
  * @since jsrsasign 2.1
  * @license <a href="https://kjur.github.io/jsrsasign/license/">MIT License</a>
  */
@@ -4008,7 +4008,7 @@ KJUR.asn1.x509.AlgorithmIdentifier.PSSNAME2ASN1TLV = {
  * gn = new KJUR.asn1.x509.GeneralName({uri:    'http://aaa.com/'});
  * gn = new KJUR.asn1.x509.GeneralName({other: {
  *   oid: "1.2.3.4",
- *   value: {utf8: "example"} // any ASN.1 which passed to ASN1Util.newObject
+ *   value: {utf8str: "example"} // any ASN.1 which passed to ASN1Util.newObject
  * }});
  *
  * gn = new KJUR.asn1.x509.GeneralName({ldapdn:     'O=Test,C=US'}); // DEPRECATED
@@ -4200,7 +4200,7 @@ extendClass(KJUR.asn1.x509.GeneralNames, KJUR.asn1.ASN1Object);
  * Constructor has two members:
  * <ul>
  * <li>oid - oid string (ex. "1.2.3.4")</li>
- * <li>value - associative array passed to ASN1Util.newObject</li>
+ * <li>value - JSON object passed to ASN1Util.newObject or ASN1Object object</li>
  * </ul>
  *
  * <pre>
@@ -4379,6 +4379,9 @@ KJUR.asn1.x509.OID = new function() {
         'timeStamping':         '1.3.6.1.5.5.7.3.8',
         'ocspSigning':          '1.3.6.1.5.5.7.3.9',
 
+	// 'otherNameForms':	'1.3.6.1.5.5.7.8',
+	'smtpUTF8Mailbox':	'1.3.6.1.5.5.7.8.9',
+
         'dateOfBirth':          '1.3.6.1.5.5.7.9.1',
         'placeOfBirth':         '1.3.6.1.5.5.7.9.2',
         'gender':               '1.3.6.1.5.5.7.9.3',
diff --git a/src/x509-1.1.js b/src/x509-1.1.js
index 2c178416..06dd81a8 100644
--- a/src/x509-1.1.js
+++ b/src/x509-1.1.js
@@ -1,4 +1,4 @@
-/* x509-2.0.17.js (c) 2012-2022 Kenji Urushima | kjur.github.io/jsrsasign/license
+/* x509-2.1.0.js (c) 2012-2022 Kenji Urushima | kjur.github.io/jsrsasign/license
  */
 /*
  * x509.js - X509 class to read subject public key from certificate.
@@ -16,7 +16,7 @@
  * @fileOverview
  * @name x509-1.1.js
  * @author Kenji Urushima kenji.urushima@gmail.com
- * @version jsrsasign 10.5.24 x509 2.0.17 (2022-Jun-04)
+ * @version jsrsasign 10.6.0 x509 2.1.0 (2022-Nov-04)
  * @since jsrsasign 1.x.x
  * @license <a href="https://kjur.github.io/jsrsasign/license/">MIT License</a>
  */
@@ -239,18 +239,35 @@ function X509(params) {
      * @name getIssuer
      * @memberOf X509#
      * @function
+     * @param {boolean} flagCanon flag to conclude canonicalized name (DEFAULT false)
+     * @param {boolean} flagHex flag to conclude hexadecimal string (DEFAULT false)
      * @return {Array} JSON object of issuer field
      * @since jsrsasign 9.0.0 x509 2.0.0
      * @see X509#getX500Name
+     *
      * @description
+     * Get a JSON object of an issuer field.
+     * <br>
+     * NOTE: From jsrsasign 10.6.0, flagHex and flagCanon has been 
+     * supported to conclude a canonicalized name for caseIgnoreMatch
+     * desribed in <a href="https://tools.ietf.org/html/rfc4518">
+     * RFC 4518</a>.
+     *
      * @example
      * var x = new X509(sCertPEM);
      * x.getIssuer() &rarr;
      * { array: [[{type:'C',value:'JP',ds:'prn'}],...],
      *   str: "/C=JP/..." }
+     *
+     * // with flags
+     * x.getIssuer(true, true) &rarr;
+     * { array: ...,
+     *   str: "/C=JP/O=   Test    123   ",
+     *   canon: "/c=jp/o=test 123",
+     *   hex: "30..." }
      */
-    this.getIssuer = function() {
-	return this.getX500Name(this.getIssuerHex())
+    this.getIssuer = function(flagCanon, flagHex) {
+	return this.getX500Name(this.getIssuerHex(), flagCanon, flagHex);
     };
 
     /**
@@ -291,18 +308,35 @@ function X509(params) {
      * @name getSubject
      * @memberOf X509#
      * @function
-     * @return {Array} JSON object of subject field
+     * @param {boolean} flagCanon flag to conclude canonicalized name (DEFAULT false)
+     * @param {boolean} flagHex flag to conclude hexadecimal string (DEFAULT false)
+     * @return {object} JSON object of subject field
      * @since jsrsasign 9.0.0 x509 2.0.0
      * @see X509#getX500Name
+     *
      * @description
+     * Get a JSON object of a subject field.
+     * <br>
+     * NOTE: From jsrsasign 10.6.0, flagHex and flagCanon has been 
+     * supported to conclude a canonicalized name for caseIgnoreMatch
+     * desribed in <a href="https://tools.ietf.org/html/rfc4518">
+     * RFC 4518</a>.
+     *
      * @example
      * var x = new X509(sCertPEM);
      * x.getSubject() &rarr;
      * { array: [[{type:'C',value:'JP',ds:'prn'}],...],
      *   str: "/C=JP/..." }
+     *
+     * // with flags
+     * x.getSubject(true, true) &rarr;
+     * { array: ...,
+     *   str: "/C=JP/O=   Test    123   ",
+     *   canon: "/c=jp/o=test 123",
+     *   hex: "30..." }
      */
-    this.getSubject = function() {
-	return this.getX500Name(this.getSubjectHex());
+    this.getSubject = function(flagCanon, flagHex) {
+	return this.getX500Name(this.getSubjectHex(), flagCanon, flagHex);
     };
 
     /**
@@ -1871,16 +1905,15 @@ function X509(params) {
      * x = new X509();
      * x.getOtherName("30...") &rarr;
      * { oid: "1.2.3.4",
-     *   other: {utf8str: {str: "aaa"}} }
+     *   value: {utf8str: {str: "aaa"}} }
      */
     this.getOtherName = function(h) {
         var result = {};
-
         var a = _getChildIdx(h, 0);
         var hOID = _getVbyList(h, a[0], [], "06");
         var hValue = _getVbyList(h, a[1], []);
-        result.oid = KJUR.asn1.ASN1Util.oidHexToInt(hOID);
-        result.obj = _ASN1HEX_parse(hValue);
+	result.oid = _oidname(hOID);
+	result.value = _ASN1HEX_parse(hValue);
         return result;
     };
 
@@ -2492,14 +2525,18 @@ function X509(params) {
      * @memberOf X509#
      * @function
      * @param {String} h hexadecimal string of Name
+     * @param {boolean} flagCanon flag to conclude canonicalized name (DEFAULT false)
+     * @param {boolean} flagHex flag to conclude hexadecimal string (DEFAULT false)
      * @return {Array} array of RDN parameter array
      * @since jsrsasign 9.0.0 x509 2.0.0
      * @see X509#getX500NameArray
      * @see X509#getRDN
      * @see X509#getAttrTypeAndValue
+     * @see X509#c14nRDNArray
      * @see KJUR.asn1.x509.X500Name
      * @see KJUR.asn1.x509.GeneralName
      * @see KJUR.asn1.x509.GeneralNames
+     *
      * @description
      * This method will get Name parameter defined in
      * <a href="https://tools.ietf.org/html/rfc5280#section-4.1.2.4">
@@ -2509,6 +2546,12 @@ function X509(params) {
      *   rdnSequence  RDNSequence }
      * RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
      * </pre>
+     * <br>
+     * NOTE: From jsrsasign 10.6.0, flagHex and flagCanon has been 
+     * supported to conclude a canonicalized name for caseIgnoreMatch
+     * desribed in <a href="https://tools.ietf.org/html/rfc4518">
+     * RFC 4518</a>.
+     *
      * @example
      * x = new X509();
      * x.getX500Name("30...") &rarr;
@@ -2518,13 +2561,26 @@ function X509(params) {
      *     [{type:"CN",value:"john.smith@example.com",ds:"ia5"}]
      *   ],
      *   str: "/C=US/O=Sample Corp./CN=john.smith@example.com",
-     *   hex: "30..."
-     * }
+     *   hex: "30..." }
+     *
+     * x.getX500Name("30...", true) &rarr;
+     * { array: [
+     *     [{type:"C",value:"US",ds:"prn"}],
+     *     [{type:"O",value:"Sample    Corp.",ds:"utf8"}]
+     *   ],
+     *   str: "/C=US/O=Sample    Corp.",
+     *   canon: "/c=us/o=sample corp.",
+     *   hex: "30..." }
      */
-    this.getX500Name = function(h) {
+    this.getX500Name = function(h, flagCanon, flagHex) {
 	var a = this.getX500NameArray(h);
 	var s = this.dnarraytostr(a);
-	return { array: a, str: s };
+	var result = { str: s };
+
+	result.array = a;
+	if (flagHex == true) result.hex = h;
+	if (flagCanon == true) result.canon = this.c14nRDNArray(a);
+	return result;
     };
 
     // ===== END X500Name related =====================================
@@ -2583,15 +2639,20 @@ function X509(params) {
      * This method returns a JSON object of the certificate
      * parameters. Return value can be passed to
      * {@link KJUR.asn1.x509.X509Util.newCertPEM}.
-     * <br>
+     * <br/>
      * NOTE1: From jsrsasign 10.5.16, optional argument can be applied.
      * It can have following members:
      * <ul>
-     * <li>tbshex - if this is true, tbshex member with hex value of
-     * tbsCertificate will be added</li>
-     * <li>nodnarray - if this is true, array member for subject and
-     * issuer will be deleted to simplify it<li>
+     * <li>tbshex - (boolean) tbshex member with hex value of 
+     * tbsCertificate will be added if true (DEFAULT undefined)</li>
+     * <li>nodnarray - (boolean) array member for subject and
+     * issuer will be deleted to simplify it if true (DEFAULT undefined)<li>
+     * <li>dncanon - (boolean) add canon member to subject and issuer for DN StringPrep if true(DEFAULT undefined)</li>
+     * <li>dnhex - (boolean) add hex member to subject and issuer if true(DEFAULT undefined)</li>
      * </ul>
+     * <br/>
+     * NOTE2: From jsrsasign 10.6.0, member "dncanon" and "dnhex" supported
+     * in the "option" argument.
      *
      * @example
      * x = new X509();
@@ -2618,16 +2679,20 @@ function X509(params) {
      *
      * x.getParam({tbshex: true}) &rarr; { ... , tbshex: "30..." }
      * x.getParam({nodnarray: true}) &rarr; {issuer: {str: "/C=JP"}, ...}
+     * x.getParam({dncanon: true}) &rarr; {... {issuer: {canon: "/c=jp/o=..."} ...} ...}
+     * x.getParam({dnhex: true}) &rarr; {... {issuer: {hex: "30..."} ...} ...}
      */
     this.getParam = function(option) {
 	var result = {};
+	if (option == undefined) option = {};
+
 	result.version = this.getVersion();
 	result.serial = {hex: this.getSerialNumberHex()};
 	result.sigalg = this.getSignatureAlgorithmField();
-	result.issuer = this.getIssuer();
+	result.issuer = this.getIssuer(option.dncanon, option.dnhex);
 	result.notbefore = this.getNotBefore();
 	result.notafter = this.getNotAfter();
-	result.subject = this.getSubject();
+	result.subject = this.getSubject(option.dncanon, option.dnhex);
 	result.sbjpubkey = hextopem(this.getPublicKeyHex(), "PUBLIC KEY");
 	if (this.aExtInfo != undefined &&
 	    this.aExtInfo.length > 0) {
@@ -2636,15 +2701,14 @@ function X509(params) {
 	result.sighex = this.getSignatureValueHex();
 
 	// for options
-	if (typeof option == "object") {
-	    if (option.tbshex == true) {
-		result.tbshex = _getTLVbyList(this.hex, 0, [0]);
-	    }
-	    if (option.nodnarray == true) {
-		delete result.issuer.array;
-		delete result.subject.array;
-	    }
+	if (option.tbshex == true) {
+	    result.tbshex = _getTLVbyList(this.hex, 0, [0]);
+	}
+	if (option.nodnarray == true) {
+	    delete result.issuer.array;
+	    delete result.subject.array;
 	}
+
 	return result;
     };
 
@@ -2985,6 +3049,98 @@ function X509(params) {
 	return "/" + aDN.map(function(x){return rdnarraytostr(x).replace(/\//, "\\/");}).join("/");
     };
 
+    /**
+     * set canonicalized DN to a DN parameter<br/>
+     * @name setCanonicalizedDN
+     * @memberOf X509#
+     * @function
+     * @param {object} pDN DN parameter associative array
+     * @since jsrsasign 10.6.0 x509 2.1.0
+     * 
+     * @description
+     * This method canonicalizes a DN string as following:
+     * <ul>
+     * <li>convert to lower case</li>
+     * <li>convert from all multiple spaces to a space</li>
+     * </ul>
+     * 
+     * @example
+     * var x = new X509();
+     * var pDN = {
+     *   array: [
+     *     [{type:'C',value:'JP',ds:'prn'}],
+     *     [{type:'O',value:'Test    1',ds:'prn'}] ],
+     *   str: "/C=JP/O=Test    1" };
+     * x.setCanonicalizedDN(pDN);
+
+     * // pDN will become following
+     * pDN = {
+     *   array: [
+     *     [{type:'C',value:'JP',ds:'prn'}],
+     *     [{type:'O',value:'Test    1',ds:'prn'}] ],
+     *   str: "/C=JP/O=Test    1",
+     *   canon: "/c=jp/o=test 1" };
+     */
+    this.setCanonicalizedDN = function(pDN) {
+	var aRDN;
+	if (pDN.str != undefined && pDN.array == undefined) {
+	    var dDN = new KJUR.asn1.x509.X500Name({str: pDN.str});
+	    var hDN = dDN.tohex();
+	    aRDN = this.getX500NameArray(hDN);
+	} else {
+	    aRDN = pDN.array;
+	}
+	if (pDN.canon == undefined) {
+	    pDN.canon = this.c14nRDNArray(aRDN);
+	}
+    };
+
+    /**
+     * simple canonicalization(c14n) for RDN array<br/>
+     * @name c14nRDNArray
+     * @memberOf X509#
+     * @function
+     * @param {array} aRDN array of RDN parameters
+     * @return {string} canonicalized distinguish name (ex. "/c=jp/o=test ca")
+     * @since jsrsasign 10.6.0 x509 2.1.0
+     * 
+     * @description
+     * This method canonicalizes a DN string according to
+     * <a href="https://datatracker.ietf.org/doc/html/rfc4518#appendix-B">
+     * "RFC 4518 StringPrep Appendix B Substring Matching"</a> as following:
+     * <ul>
+     * <li>convert to lower case</li>
+     * <li>convert from all sequence of spaces to a space</li>
+     * <li>remove leading and trailing spaces</li>
+     * </ul>
+     * 
+     * @example
+     * var x = new X509();
+     * x.c14nRDNArray([
+     *   [{type:"C", value:"JP", ds: "prn"}],
+     *   [{type:"O", value:"    Test    1234     ", ds: "utf8"}],
+     *   [{type:"OU", value:"HR   45", ds: "utf8"}]
+     * ]) &rarr; "/c=jp/o=test 1234/ou=hr 45"
+     */
+    this.c14nRDNArray = function(aRDN) {
+	var a = [];
+	for (var i = 0; i < aRDN.length; i++) {
+	    var aAVA = aRDN[i];
+	    var a2 = [];
+	    for (var j = 0; j < aAVA.length; j++) {
+		var pAVA = aAVA[j];
+		var value = pAVA.value;
+		value = value.replace(/^\s*/, '');
+		value = value.replace(/\s*$/, '');
+		value = value.replace(/\s+/g, ' ');
+		value = value.toLowerCase();
+		a2.push(pAVA.type.toLowerCase() + "=" + value);
+	    }
+	    a.push(a2.join("+"));
+	}
+	return "/" + a.join("/");
+    };
+
     /**
      * get certificate information as string.<br/>
      * @name getInfo
@@ -3022,7 +3178,24 @@ function X509(params) {
      */
     this.getInfo = function() {
 	var _getSubjectAltNameStr = function(params) {
-	    var s = JSON.stringify(params.array).replace(/[\[\]\{\}\"]/g, '');
+	    var s = "";
+	    var indent = "    ";
+	    var NL = "\n";
+	    var a = params.array;
+	    for (var i = 0; i < a.length; i++) {
+		var pGN = a[i];
+		if (pGN.dn != undefined)	s += indent + "dn: " + pGN.dn.str + NL;
+		if (pGN.ip != undefined)	s += indent + "ip: " + pGN.ip + NL;
+		if (pGN.rfc822 != undefined)	s += indent + "rfc822: " + pGN.rfc822 + NL;
+		if (pGN.dns != undefined)	s += indent + "dns: " + pGN.dns + NL;
+		if (pGN.uri != undefined)	s += indent + "uri: " + pGN.uri + NL;
+		if (pGN.other != undefined) {
+		    var oidname = pGN.other.oid;
+		    var value = JSON.stringify(pGN.other.value).replace(/\"/g, '');
+		    s += indent + "other: " + oidname + "=" + value + NL;
+		}
+	    }
+	    s = s.replace(/\n$/, '');
 	    return s;
 	};
 	var _getCertificatePoliciesStr = function(params) {
@@ -3132,7 +3305,7 @@ function X509(params) {
 		    s += "    " + eku.join(", ") + "\n";
 		} else if (extName === "subjectAltName") {
 		    var san = _getSubjectAltNameStr(this.getExtSubjectAltName());
-		    s += "    " + san + "\n";
+		    s += san + "\n";
 		} else if (extName === "cRLDistributionPoints") {
 		    var cdp = this.getExtCRLDistributionPoints();
 		    s += _getCRLDistributionPointsStr(cdp);
diff --git a/test/qunit-do-asn1x509.html b/test/qunit-do-asn1x509.html
index 39a57b74..e990e58f 100755
--- a/test/qunit-do-asn1x509.html
+++ b/test/qunit-do-asn1x509.html
@@ -915,12 +915,36 @@
 
 // SubjectAltName
 test("SubjectAltName", function() {
-  var o1 = new KJUR.asn1.x509.SubjectAltName({
-    critical: true,
-    array: [{uri: 'http://a.com'}, {uri: 'http://b.com'}]
-  });
-  equal(o1.getExtnValueHex(), "301c860c687474703a2f2f612e636f6d860c687474703a2f2f622e636f6d", "URIs critical");
-  equal(o1.getEncodedHex(), "30280603551d110101ff041e301c860c687474703a2f2f612e636f6d860c687474703a2f2f622e636f6d", "ext hex");
+var _SAN = KJUR.asn1.x509.SubjectAltName;
+var o, hExpect1, hExpect2;
+
+o = new _SAN({
+  critical: true,
+  array: [{uri: 'http://a.com'}, {uri: 'http://b.com'}]
+});
+hExpect1 = "301c860c687474703a2f2f612e636f6d860c687474703a2f2f622e636f6d";
+hExpect2 = "30280603551d110101ff041e301c860c687474703a2f2f612e636f6d860c687474703a2f2f622e636f6d";
+equal(o.getExtnValueHex(), hExpect1, "URI[2] critical");
+equal(o.tohex(), hExpect2, "URI[2] ext hex");
+
+o = new _SAN({array: [{rfc822: "aaa@a.com"}]});
+hExpect1 = "300b810961616140612e636f6d";
+hExpect2 = "30140603551d11040d300b810961616140612e636f6d";
+equal(o.getExtnValueHex(), hExpect1, "RFC822=aaa@a.com extnValue");
+equal(o.tohex(), hExpect2, "RFC822=aaa@a.com ext hex");
+
+o = new _SAN({array: [{ip: "192.168.1.5"}]});
+hExpect1 = "30068704c0a80105";
+hExpect2 = "300f0603551d11040830068704c0a80105";
+equal(o.getExtnValueHex(), hExpect1, "IP=192.168.1.5 extnValue");
+equal(o.tohex(), hExpect2, "IP=192.168.1.5 ext hex");
+
+o = new _SAN({array: [{other: {oid: "smtpUTF8Mailbox", value: {utf8str: {str: "a@a.com"}}}}]});
+hExpect1 = "3017a01506082b06010505070809a0090c076140612e636f6d";
+hExpect2 = "30200603551d1104193017a01506082b06010505070809a0090c076140612e636f6d";
+equal(o.getExtnValueHex(), hExpect1, "other smtpUTF8Mbox=a@a.com extnValue");
+equal(o.tohex(), hExpect2, "other smtpUTF8Mbox=a@a.com ext hex");
+
 });
 
 test("IssuerAltName", function() {
diff --git a/test/qunit-do-x509-ext.html b/test/qunit-do-x509-ext.html
index 2f1c3e7b..5521066b 100755
--- a/test/qunit-do-x509-ext.html
+++ b/test/qunit-do-x509-ext.html
@@ -904,7 +904,7 @@
 pExpect = {
   other: {
       oid: "2.16.76.1.3.1",
-      obj: {prnstr: {str: '260619863371256782000000000000000000000000000'}}
+      value: {prnstr: {str: '260619863371256782000000000000000000000000000'}}
   }
 };
 deepEqual(x.getGeneralName(hIn), pExpect, "other brazil");
@@ -913,7 +913,7 @@
 pExpect = {
   other: {
       oid: "1.2.392.200149.8.5.5.1",
-      obj: {utf8str: {str: '山田　太郎'}}
+      value: {utf8str: {str: '山田　太郎'}}
   }
 };
 deepEqual(x.getGeneralName(hIn), pExpect, "other jpki cn");
diff --git a/test/qunit-do-x509-getinfo.html b/test/qunit-do-x509-getinfo.html
index f9487d54..e3d243c0 100644
--- a/test/qunit-do-x509-getinfo.html
+++ b/test/qunit-do-x509-getinfo.html
@@ -185,6 +185,23 @@
 B9LZ8g==
 */}).toString().match(/\/\*([^]*)\*\//)[1];
 
+// _test/???
+var san1PEM = (function() {/*
+-----BEGIN CERTIFICATE-----
+MIICCjCCAXOgAwIBAgIBATANBgkqhkiG9w0BAQsFADAeMQswCQYDVQQGEwJKUDEP
+MA0GA1UECgwGVGVzdENBMB4XDTIyMTAyODE0MDAwM1oXDTIzMTAyODE0MDAwM1ow
+EDEOMAwGA1UEAwwFYS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALDi
+kFExZMEW5bwsj9DckEA+Ai7jYe7+In5UHpsqCaqXlPlJQFpziDWDHp1IlWI6r+nZ
+/7AJhS3y6wbVrF8IN4ohKaga1LIL3RDfnGbm4QcF06rrE0vHkMALUu0o/7zmR0qU
+geNnRhd21J/+5vt9nzbaigklghW3DKYCaZN/n3CbAgMBAAGjZjBkMGIGA1UdEQRb
+MFmkHDAaMQswCQYDVQQGEwJKUDELMAkGA1UECgwCTzGHBMCoAQWBB2FAYS5jb22G
+DGh0dHA6Ly9hLmNvbYIFYS5jb22gFQYIKwYBBQUHCAmgCQwHYUBhLmNvbTANBgkq
+hkiG9w0BAQsFAAOBgQATHBsnLqNsnH+3xH+tj8u1HXrQb3Z3AmPQ/W++kvlOMi1i
+o/WbHGa3lrJCYomw7O1U36HkCedSCPbv2zoof0MYVLa4XyWt8DuL9GT/WTO9vHzv
+Y0OgvwaSbp0daCfOHdXDGb8E2qJXutdNgAvXl/gprZ6dM0c8d0kLUs+hTuAHpw==
+-----END CERTIFICATE-----
+*/}).toString().match(/\/\*([^]*)\*\//)[1];
+
 // _test/0cert/digicertevroot.cer
 var certDigicertOUT = (function() {/*Basic Fields
   serial number: 02ac5c266a0b409b8f0b79f2ae462577
@@ -237,7 +254,9 @@
     ocsp: http://ocsp.int-x3.letsencrypt.org/
     caissuer: http://cert.int-x3.letsencrypt.org/
   subjectAltName :
-    dns:https.cio.gov,dns:pulse.cio.gov,dns:staging.pulse.cio.gov
+    dns: https.cio.gov
+    dns: pulse.cio.gov
+    dns: staging.pulse.cio.gov
   certificatePolicies :
     policy oid: 2.23.140.1.2.1
     policy oid: 1.3.6.1.4.1.44947.1.1.1
@@ -264,7 +283,8 @@
   subjectKeyIdentifier :
     6a43907d3b98147252953aaa280a43f8517ed3a6
   subjectAltName :
-    dns:github.com,dns:www.github.com
+    dns: github.com
+    dns: www.github.com
   keyUsage CRITICAL:
     digitalSignature,keyEncipherment
   extKeyUsage :
@@ -306,7 +326,7 @@
     policy oid: 1.2.208.169.1.1.1.3.4
     cps: http://www.trust2408.com/repository
   subjectAltName :
-    rfc822:apotekerforeningen@apotekerforeningen.dk
+    rfc822: apotekerforeningen@apotekerforeningen.dk
   cRLDistributionPoints :
     http://crl.ica02.trust2408.com/ica02.crl
   authorityKeyIdentifier :
@@ -319,31 +339,55 @@
 signature: 5a0323b8bc53d46b...
 */}).toString().match(/\/\*([^]*)\*\//)[1];
 
+// _test/???
+var san1OUT = (function() {/*Basic Fields
+  serial number: 01
+  signature algorithm: SHA256withRSA
+  issuer: /C=JP/O=TestCA
+  notBefore: 221028140003Z
+  notAfter: 231028140003Z
+  subject: /CN=a.com
+  subject public key info: 
+    key algorithm: RSA
+    n=00b0e290513164c1...
+    e=010001
+X509v3 Extensions:
+  subjectAltName :
+    dn: /C=JP/O=O1
+    ip: 192.168.1.5
+    rfc822: a@a.com
+    uri: http://a.com
+    dns: a.com
+    other: smtpUTF8Mailbox={utf8str:{str:a@a.com}}
+signature algorithm: SHA256withRSA
+signature: 131c1b272ea36c9c...
+*/}).toString().match(/\/\*([^]*)\*\//)[1];
+
 test("X509.getInfo() DigiCert EV Root", function() {
-  var c = new X509();
-  c.readCertPEM(certDigicertPEM);
-  //c.readCertPEM(certGithubPEM);
-  equal(c.getInfo(), certDigicertOUT, certDigicertOUT);
+var c = new X509(certDigicertPEM);
+equal(c.getInfo(), certDigicertOUT, certDigicertOUT);
 });
 
 test("X509.getInfo() pulse.cio.gov SSL cert", function() {
-  var c = new X509();
-  c.readCertPEM(certCioGovPEM);
-  equal(c.getInfo(), certCioGovOUT, certCioGovOUT);
+var c = new X509(certCioGovPEM);
+equal(c.getInfo(), certCioGovOUT, certCioGovOUT);
 });
 
 test("X509.getInfo() github.com SSL cert", function() {
-  var c = new X509();
-  c.readCertPEM(certGithubPEM);
-  equal(c.getInfo(), certGithubOUT, certGithubOUT);
+var c = new X509(certGithubPEM);
+equal(c.getInfo(), certGithubOUT, certGithubOUT);
 });
 
 test("X509.getInfo() danmarks user cert", function() {
-var x = new X509();
-x.readCertPEM(danmarksUser1PEM);
+var x = new X509(danmarksUser1PEM);
 //deepEqual(x.getExtCertificatePolicies(),{},"cp");
 //deepEqual(x.getExtCRLDistributionPoints(),{},"cdp");
-equal(x.getInfo(), danmarksUser1OUT, "danmarksUser1");
+equal(x.getInfo(), danmarksUser1OUT, danmarksUser1OUT);
+});
+
+test("X509.getInfo() various SAN", function() {
+var x = new X509(san1PEM);
+equal(x.getInfo(), san1OUT, san1OUT);
 });
 
 });
@@ -366,7 +410,5 @@
 </p>
 
 </body>
-<center><p>&copy; 2016-2017 Kenji Urushima</p></center>
+<center><p>&copy; 2016-2022 Kenji Urushima</p></center>
 </html>
-
-
diff --git a/test/qunit-do-x509-param.html b/test/qunit-do-x509-param.html
index 96967fed..953f52b2 100755
--- a/test/qunit-do-x509-param.html
+++ b/test/qunit-do-x509-param.html
@@ -298,6 +298,23 @@
 -----END CERTIFICATE-----
 */}).toString().match(/\/\*([^]*)\*\//)[1];
 
+// for getParam({dncanon:true,dnhex:true}) test
+var dn1PEM = (function() {/*
+-----BEGIN CERTIFICATE-----
+MIIB3zCCAUigAwIBAgIBATANBgkqhkiG9w0BAQsFADAeMQswCQYDVQQGEwJKUDEP
+MA0GA1UECgwGVGVzdENBMB4XDTIyMTAyODE0MDAwM1oXDTIzMTAyODE0MDAwM1ow
+PjELMAkGA1UEBhMCSlAxHzAdBgNVBAoMFiAgICBUZXN0ICAgICBPcmcxICAgICAx
+DjAMBgNVBAMMBVVzZXIxMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCw4pBR
+MWTBFuW8LI/Q3JBAPgIu42Hu/iJ+VB6bKgmql5T5SUBac4g1gx6dSJViOq/p2f+w
+CYUt8usG1axfCDeKISmoGtSyC90Q35xm5uEHBdOq6xNLx5DAC1LtKP+85kdKlIHj
+Z0YXdtSf/ub7fZ822ooJJYIVtwymAmmTf59wmwIDAQABow0wCzAJBgNVHRMEAjAA
+MA0GCSqGSIb3DQEBCwUAA4GBACX9Y1l8dkxrwxDjobQvFzgc6u5DLFQsXoyCoJDb
+9QCtZR7g6VLBRMOld0u0nAxaD87N11hWask7O3pe7QyQ45ooCjk+D41jOlW5ymIE
+BS6CWMFShsDGV5im/cF5ipyZ2m24eX926OPNEypAMwNnescJaxUcP8AvVCE6xAPh
+U5z/
+-----END CERTIFICATE-----
+*/}).toString().match(/\/\*([^]*)\*\//)[1];
+
 // _gitpg/jsrsasign/test/eckey/k1.self.cer
 var k1CertPEM = "" +
 "-----BEGIN CERTIFICATE-----\n" +
@@ -642,6 +659,40 @@
 deepEqual(pIn, pExpected, "NIST PKITS nameConstraints Test01 ICA");
 });
 
+test("getParam canonicalized DN and hex test", function() {
+var pIn = new X509(dn1PEM).getParam({dncanon: true, dnhex: true});
+var pExpected = {
+  version: 3,
+  serial: {hex: "01"},
+  sigalg: "SHA256withRSA",
+  issuer: {
+    array: [
+      [{ds:"prn",type: "C",value: "JP"}],
+      [{ds:"utf8",type: "O",value: "TestCA"}]
+    ],
+    canon: "/c=jp/o=testca",
+    hex: "301e310b3009060355040613024a50310f300d060355040a0c06546573744341",
+    str: "/C=JP/O=TestCA"
+  },
+  notafter: "231028140003Z",
+  notbefore: "221028140003Z",
+  subject: {
+    array: [
+      [{ds:"prn",type: "C",value: "JP"}],
+      [{ds:"utf8",type: "O",value: "    Test     Org1     "}],
+      [{ds:"utf8",type: "CN",value: "User1"}]
+    ],
+    canon: "/c=jp/o=test org1/cn=user1",
+    hex: "303e310b3009060355040613024a50311f301d060355040a0c16202020205465737420202020204f7267312020202020310e300c06035504030c055573657231",
+    str: "/C=JP/O=    Test     Org1     /CN=User1"
+  },
+  sbjpubkey: "-----BEGIN PUBLIC KEY-----\r\nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCw4pBRMWTBFuW8LI/Q3JBAPgIu\r\n42Hu/iJ+VB6bKgmql5T5SUBac4g1gx6dSJViOq/p2f+wCYUt8usG1axfCDeKISmo\r\nGtSyC90Q35xm5uEHBdOq6xNLx5DAC1LtKP+85kdKlIHjZ0YXdtSf/ub7fZ822ooJ\r\nJYIVtwymAmmTf59wmwIDAQAB\r\n-----END PUBLIC KEY-----\r\n",
+  ext: [{extname: "basicConstraints"}],
+  sighex: "25fd63597c764c6bc310e3a1b42f17381ceaee432c542c5e8c82a090dbf500ad651ee0e952c144c3a5774bb49c0c5a0fcecdd758566ac93b3b7a5eed0c90e39a280a393e0f8d633a55b9ca6204052e8258c15286c0c65798a6fdc1798a9c99da6db8797f76e8e3cd132a403303677ac7096b151c3fc02f54213ac403e1539cff"
+};
+deepEqual(pIn, pExpected, JSON.stringify(pExpected));
+});
+
 test("findParam test", function() {
 var x = new X509();
 var aExt = [{
diff --git a/test/qunit-do-x509.html b/test/qunit-do-x509.html
index e4aca938..6ead556f 100755
--- a/test/qunit-do-x509.html
+++ b/test/qunit-do-x509.html
@@ -412,18 +412,89 @@
 equal(key.verify("aab", Z4SHA1AAASIG), false, "check sig is invalid.");
 });
 
-test("new X509(PEM).get{Version,SerialNumber,Issuer,Subject,NotBefore,NotAfter} test", function() {
-  var c = new X509();
-  c.readCertPEM(sCer1PEM);
-  equal(c.getVersion(), 3, "version=3");
-  equal(c.getSerialNumberHex(), "009e775e7d9f43abc9", "sn = 02");
-  equal(c.getIssuerHex(), "301a310b3009060355040613024a50310b3009060355040a13027a32", "issuer");
-  equal(c.getSubjectHex(), "301a310b3009060355040613024a50310b3009060355040a13027a32", "subject");
-  equal(c.getNotBefore(), "100531061756Z", "notbefore");
-  equal(c.getNotAfter(), "200528061756Z", "notafter");
-  equal(X509.hex2dn(c.getSubjectHex()), "/C=JP/O=z2", "subjecthex2str");
-  equal(c.getIssuerString(), "/C=JP/O=z2", "issuer str");
-  equal(c.getSubjectString(), "/C=JP/O=z2", "subject str");
+test("new X509(PEM).get{Version,SerialNumber,IssuerHex,SubjectHex,NotBefore,NotAfter} test", function() {
+var c = new X509(sCer1PEM);
+equal(c.getVersion(), 3, "version=3");
+equal(c.getSerialNumberHex(), "009e775e7d9f43abc9", "sn = 02");
+equal(c.getIssuerHex(), "301a310b3009060355040613024a50310b3009060355040a13027a32", "issuer");
+equal(c.getSubjectHex(), "301a310b3009060355040613024a50310b3009060355040a13027a32", "subject");
+equal(c.getNotBefore(), "100531061756Z", "notbefore");
+equal(c.getNotAfter(), "200528061756Z", "notafter");
+equal(X509.hex2dn(c.getSubjectHex()), "/C=JP/O=z2", "subjecthex2str");
+equal(c.getIssuerString(), "/C=JP/O=z2", "issuer str");
+equal(c.getSubjectString(), "/C=JP/O=z2", "subject str");
+});
+
+test("getSubject", function() {
+var x = new X509(sCer1PEM);
+var pExpect;
+
+pExpect = {
+  array: [
+    [{type:"C", value:"JP", ds:"prn"}],
+    [{type:"O", value:"z2", ds:"prn"}]
+  ],
+  str: "/C=JP/O=z2"
+};
+deepEqual(x.getSubject(), pExpect, "getSubject /C=JP/O=z2");
+
+pExpect = {
+  array: [
+    [{type:"C", value:"JP", ds:"prn"}],
+    [{type:"O", value:"z2", ds:"prn"}]
+  ],
+  str: "/C=JP/O=z2",
+  canon: "/c=jp/o=z2"
+};
+deepEqual(x.getSubject(true), pExpect, "getSubject(true) /C=JP/O=z2");
+
+pExpect = {
+  array: [
+    [{type:"C", value:"JP", ds:"prn"}],
+    [{type:"O", value:"z2", ds:"prn"}]
+  ],
+  str: "/C=JP/O=z2",
+  canon: "/c=jp/o=z2",
+  hex: "301a310b3009060355040613024a50310b3009060355040a13027a32"
+};
+deepEqual(x.getSubject(true,true), pExpect, "getSubject(true,true) /C=JP/O=z2");
+
+});
+
+test("getIssuer", function() {
+var x = new X509(sCer1PEM);
+var pExpect;
+
+pExpect = {
+  array: [
+    [{type:"C", value:"JP", ds:"prn"}],
+    [{type:"O", value:"z2", ds:"prn"}]
+  ],
+  str: "/C=JP/O=z2"
+};
+deepEqual(x.getIssuer(), pExpect, "getIssuer /C=JP/O=z2");
+
+pExpect = {
+  array: [
+    [{type:"C", value:"JP", ds:"prn"}],
+    [{type:"O", value:"z2", ds:"prn"}]
+  ],
+  str: "/C=JP/O=z2",
+  canon: "/c=jp/o=z2"
+};
+deepEqual(x.getIssuer(true), pExpect, "getIssuer(true) /C=JP/O=z2");
+
+pExpect = {
+  array: [
+    [{type:"C", value:"JP", ds:"prn"}],
+    [{type:"O", value:"z2", ds:"prn"}]
+  ],
+  str: "/C=JP/O=z2",
+  canon: "/c=jp/o=z2",
+  hex: "301a310b3009060355040613024a50310b3009060355040a13027a32"
+};
+deepEqual(x.getIssuer(true,true), pExpect, "getIssuer(true,true) /C=JP/O=z2");
+
 });
 
 /*
@@ -568,6 +639,36 @@
 equal(x.verifySignature(pubkey), false, "false");
 });
 
+test("setCanonicalizedDN", function() {
+var x = new X509();
+var p, pOrg, pExpect;
+
+p = { str: "/C=JP/O=Test    1234/OU=HR   45" };
+pExpect = {
+  str: "/C=JP/O=Test    1234/OU=HR   45",
+  canon: "/c=jp/o=test 1234/ou=hr 45"
+};
+x.setCanonicalizedDN(p);
+deepEqual(p, pExpect, "hoge");
+
+p = {array: [
+  [{type:"C", value:"JP", ds: "prn"}],
+  [{type:"O", value:"Test    1234", ds: "utf8"}],
+  [{type:"OU", value:"HR   45", ds: "utf8"}]
+]};
+pExpect = {
+array: [
+  [{type:"C", value:"JP", ds: "prn"}],
+  [{type:"O", value:"Test    1234", ds: "utf8"}],
+  [{type:"OU", value:"HR   45", ds: "utf8"}]
+],
+canon: "/c=jp/o=test 1234/ou=hr 45"
+};
+x.setCanonicalizedDN(p);
+deepEqual(p, pExpect, "hoge2");
+
+});
+
 });
 </script>