Update dependency jsrsasign to v11

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
jsrsasign (source)	^8.0.12 -> ^11.0.0

---

Release Notes

kjur/jsrsasign (jsrsasign)

v11.1.0: restore KJUR.crypto.Cipher class without RSA/RSAOAEP support

Compare Source

• Changes from 11.0.0 to 11.1.0 (2024-Feb-01)
  • src/crypto.js
    • restore KJUR.crypto.Cipher class without RSA and RSAOAEP encryption/decryption support

v11.0.0: remove RSA and RSAOAEP encryption for Marvin attack

Compare Source

• Changes from 10.9.0 to 11.0.0 (2024-Jan-16)
  • remove RSA PKCS#1.5 end OAEP encryption/decryption for Marvin attack (#​598)
  • src/crypto.js
    • remove KJUR.crypto.Cipher class for RSA and RSAOAEP encryption/decryption
  • ext/{rsa,rsa2}.js
    remove encrypt/decrypt/encryptOAEP/decryptOAEP for RSAKey class

v10.9.0: enhanced support for encrypted PKCS8

Compare Source

• Changes from 10.8.6 to 10.9.0 (2023-Nov-27)
  • KEYUTIL.getPEM is updated not to use weak ciphers (#​599)
    • default encryptionScheme is changed from des-EDE3-CBC to aes256-CBC
    • default prf is changed from hmacWithSHA1 to hmacWithSHA256
  • src/keyutil.js
    • more encrypted PKCS#8 private key support
      • KEYUTIL.getKey now supports encrypted PKCS#8 private key with
        aes128-CBC, aes256-CBC encrypted and using hmacWithSHA224/256/384/512 as
        psudorandom function.
      • KEYUTIL.getPEM now supports such as above encrypted PKCS#8 PEM
        priavte key.
  • src/crypto.js
    • Cipher.decrypt/encrypt now supports symmetric ciphers (des-EDE3-CBC,aes128-CBC,aes256-CBC)
  • src/base64x.js
    • function inttohex and twoscompl are added
  • src/asn1.js
    • ASN1Util.bigIntToMinTwosComplementsHex is now DEPRECATED. use twoscompl.
  • src/asn1x509.js
    • aes*-CBC and hmacWithSHA* OIDs are added
  • test/qunit-do-{base64x,crypto-cipher,keyutil-eprv,keyutil,keyutil-p8egen}.html
    • update and add some test cases for above
  • stop bower support (bower.json removed)

v10.8.6: X509.getExtSubjectDirectoryAttributes another bugfix

Compare Source

• Changes from 10.8.5 to 10.8.6 (2023-Apr-26)
  • src/x509.js
    • another bugfix X509.getExtSubjectDirectoryAttributes method

v10.8.5: X509.getExtSubjectDirectoryAttributes bugfix

Compare Source

• Changes from 10.8.4 to 10.8.5 (2023-Apr-26)
  • src/x509.js
    • bugfix X509.getExtSubjectDirectoryAttributes method

v10.8.4: more SubjectDirectoryExtension support

Compare Source

• Changes from 10.8.3 to 10.8.4 (2023-Apr-26)
  • src/asn1x509.js
    • SubjectDirectoryAttributes class
      • add array of array support for arbitrary attribute value
  • src/x509.js
    • add X509.getExtSubjectDirectoryAttributes method for
      ExtSubjectDirectoryAttributes extension
    • update X509.getExtParam method
      • support SubjectDirectoryAttributes
      • parse unknown extension as ASN.1
  • src/base64x.js
    • bugfix foldnl function: when length of s is multiple of n,
      result has unnecessary new line in the end of string.
  • qunit-do-{asn1x509,x509-ext,base64x,x500-param}.html
    • update and add some test cases for above

v10.8.3: CABF SMIMEBR OID support

Compare Source

• Changes from 10.8.2 to 10.8.3 (2023-Apr-20)
  • src/asn1x509.js
    • Add OIDs for CABR S/MIME BR policy OIDs and GN givenName attribute type

v10.8.2: RSA OAEP encryption fix

Compare Source

• Changes from 10.8.1 to 10.8.2 (2023-Apr-15)
  • ext/rsa.js
    • fix RSAEncryptOAEP for RSA OAEP encryption #​582 #​583
      In rare cases, it have been generated ciphertext that
      could not be decrpyted.

v10.8.1: npm export missing fix

Compare Source

• Changes from 10.8.0 to 10.8.1 (2023-Apr-09)
  • npm/{package.json, lib/footer.js}

v10.8.0: UserNotice of CertificatePolicies support and more

Compare Source

• Changes from 10.7.0 to 10.8.0 (2023-Apr-8)
  • x509.js
    • X509.getUserNotice supports NoticeReference
    • add asn1ToDisplayText method
  • base64x.js
    • add function msectozulu
    • add aryval for nested JSON value access
  • asn1.js
    • DERInteger refactoring
  • test/qunit-do-{asn1,asn1x509,base64x,x509-ext}.html
    • update and add some test cases for above

v10.7.0: custom X.509 extension support and utility functions

Compare Source

• Changes from 10.6.1 to 10.7.0 (2023-Mar-12)
  • x509.js
    • add X509.registExtParser(): register custom extension parser
  • base64x.js
    • add utility functions
      • b64topem() Base64 string to PEM
      • pemtob64() PEM to Base64 string
      • foldnl() wrap string to fit in specified width
      • timetogen() align to UTCTime to GeneralizedTime
  • test/qunit-do-{x509-ext,base64x}.html
    • update and add some test cases for above

v10.6.1: Add PolicyMappings, PolicyConstraints and InhibitAnyPolicy extension support

Compare Source

• Changes from 10.6.0 to 10.6.1 (2022-Nov-20)
  • asn1x509.js
    • KJUR.asn1.x509.{PolicyMappings,PolicyConstraints,InhibitAnyPolicy} class added
    • KJUR.asn1.x509.Extension updated to support
      PolicyMappings, PolicyConstraints and InhibitAnyPolicy
  • x509.js
    • X509.getExt{PolicyMappings,PolicyConstraints,InhibitAnyPolicy} method added
    • X509.getCriticalExtV utility method added
    • X509.getExtParam updated to support
      {PolicyMappings,PolicyConstraints,InhibitAnyPolicy}
    • X509.getInfo updated to support
      {PolicyMappings,PolicyConstraints,InhibitAnyPolicy}
  • test/qunit-do-{asn1x509-tbscert,x509-ext,x509-getinfo,x509-param}.html
    • update and add some test cases for above

v10.6.0: StringPrep DN canonicalization support and some fix

Compare Source

z* Changes from 10.5.27 to 10.6.0 (2022-Nov-04)

• x509.js
  • X509.getParam
    • add support for optional parameter "dncanon" and "dnhex"
  • X509.getInfo
    • update representation for AltName
  • X509.{getIssuer,getSubect}
    • add support for optional argument flagCanon, flagHex
  • X509.c14RDNArray added to convert from RDN array to canonicalized
    DN name (a.k.a. StringPrep).
  • X509.getX500Name
    • API document updated
  • X509.getOtherName
    • member name changed from "other" to "value" for
      consistency with KJUR.asn1.x509.OtherName class constructor.
    • Also oid member value in return object will be an oid name if defined.
  • X509.setCanonicalizedDN added to set "canon" member value
• asn1x509.js
  • smtpUTF8Mailbox oid added to OID class
  • API document fix
• asn1.js
  • DERTaggedObject API document update
• test/qunit-do-{asn1x509,x509-ext,x509-getinfo,x509-param,x509}.html
  • update some test cases for above

v10.5.27: extend CertificationRequestInfo class for challengePassword and unstructuredName

Compare Source

• Changes from 10.5.26 to 10.5.27 (2022-Aug-19)
  • src/asn1csr.js
    • CertificationRequestInfo class
      • add support for challengePassword and unstructuredName (#​522)
      • "attrs" member support in constructure argument
  • test/qunit-do-asn1csr.html

v10.5.26: CSRUtil class enhancement

Compare Source

• Changes from 10.5.25 to 10.5.26 (2022-Jul-14)
  • src/asn1csr.js
    • CSRUtil.verifySignature method added
    • CSRUtil.getParam enhanced to support optional argument flagTBS
  • test/qunit-do-asn1csr.html
    • update some test cases for above

v10.5.25: CVE-2022-25898 Security fix in JWS and JWT validation

Compare Source

• Changes from 10.5.24 to 10.5.25 (2022-Jun-23)
  • src/jws.js
    • JWS.verify and JWS.verifyJWT
      • CVE-2022-25898 SECURITY FIX:
        verify and verifyJWT may accept signature with special characters
        or \number characters by mistake.
        Please see security advisory:
        GHSA-3fvg-4v2m-98jf
  • src/base64x.js
    • function isBase64URLDot added
  • test/qunit-do-jwt-veri.html

v10.5.24: X509.getParam bugfix for v1 certificate

Compare Source

• Changes from 10.5.23 to 10.5.24 (2022-Jun-04)
  • src/x509.js
    • X509.getParam bugfix for X.509v1 certificate without extension

v10.5.23: BitString parsing bug fix

Compare Source

• Changes from 10.5.22 to 10.5.23 (2022-May-27)
  • src/base64x.js
    • bitstrtobinstr bugfix fix
  • src/asn1hex.js
    • ASN1HEX.parse change for bin string range
  • npm/lib/footers.js
    • add missed exports (bitstrtobinstr, binstrtobitstr,
      namearraytobinstr, extendClass)
  • test/qunit-do-{asn1hex-parse,base64x}.html
    • add and fix some test cases for above

v10.5.22: DERBitString, KeyUsage and tsp PKIFailureInfo critical bug fix

Compare Source

• Changes from 10.5.21 to 10.5.22 (2022-May-24)
  • src/asn1.js
    • DERBitString critical bugfix
  • src/asn1tsp.js
    • PKIFailureInfo critical bugfix
  • src/asn1x509.js
    • KeyUsage critical bugfix
  • src/base64.x
    • namearraytobinstr critical bugfix
  • test/qunit-do-{asn1,asn1tsp,asn1x509,base64x}.html
    • add and fix some test cases for above

v10.5.21

Compare Source

v10.5.20: OCSP ResponderID object udpate

Compare Source

• Changes from 10.5.19 to 10.5.20 (2022-Apr-25)
  • src/asn1ocsp.js
    • ResponderID class now also supports PEM certificate or
      X509 object for key and name field.
  • test/qunit-do-asn1ocsp.html
    • add some test cases and fix for above
  • remove silver sponsor

v10.5.19: Time stamp package update

Compare Source

• Changes from 10.5.18 to 10.5.19 (2022-Apr-23)
  • src/asn1tsp.js
    • TimeStampResp class update to statusinfo member
      will be optional. If omitted, it will be "granted" by default.
    • API manual update for more detail

v10.5.18: Time stamp package update

Compare Source

• Changes from 10.5.17 to 10.5.18 (2022-Apr-22)
  • src/asn1tsp.js
    • TSPParser.getTimeStampReq added
    • TSPUtil.parse{TimeStampReq,MessageImprint} now DEPRECATED. Please use TSPParser.
  • test/qunit-do-asn1tsp.html
    • add some test cases and fix for above

v10.5.17: CIDR subnet mask support in iptohex and hextoip

Compare Source

• Changes from 10.5.16 to 10.5.17 (2022-Apr-14)
  • src/asn1x509.js
    • add IP address support in NameConstraints class
    • bugfix in NameConstraints ip address
    • wrong ASN.1 encoder in NameConstraints class bug fix (wrong explicit tag)
  • src/base64x.js
    • add CIDR subnet mask support in iptohex and hextoip
    • iptohex, hextoip refactoring
  • test/qunit-do-{x509-ext,base64x,asn1x509-tbscert,asn1x509}.html
    • add some test cases and fix for above

v10.5.16: Add NameConstraints extension and modify getEncodedHex to tohex

Compare Source

• Changes from 10.5.15 to 10.5.16 (2022-Apr-08)
  • src/asn1x509.js
    • NameConstraints and GeneralSubtree class added
    • add support for nameConstraints in Extensions class
    • remove old GeneralName code
  • src/x509.js
    • getExtNameConstraints and getGeneralSubbtree method added
    • add support for nameConstraints in getParam method
    • X509.getParam supports optional arguments:
      • tbshex: to return hexadecimal tbsCertificate value
      • nodnarray: delete array member of subject and issuer
        in the result.
  • src/x509crl.js
    • X509CRL.getParam supports optional arguments:
      • tbshex: to return hexadecimal tbsCertList value
      • nodnarray: delete array member of subject and issuer
        in the result.
  • src/asn1.js
    • ASN1Object.tohex() method added
    • ASN1Object.getEncodedHex() method is now DEPRECATED.
      Please use ASN1Object.tohex() instead.
    • clean up some codes
  • src/*.js
    • update for ASN1Object.tohex()
  • test/qunit-do-x509-ext.html
    • getExtNameConstraints and getGeneralSubtree method test added
  • test/qunit-do-asn1x509.html
    • NameConstraints and GeneralSubtree class test added
  • test/qunit-do-asn1-newobj.html
    • int and tag test refactoring
    • bugfix

v10.5.15: X509.getExtCRLDistributionPointsURI small fix

Compare Source

• Changes from 10.5.14 to 10.5.15 (2022-Apr-06)
  • src/x509.js
    • fix X509.getExtCRLDistributionPointsURI. This returns
      undefined when no CDP extension as specified in document
      even though it is deprecated method.

v10.5.14: KEYUTIL.getPEM small fix

Compare Source

• Changes from 10.5.13 to 10.5.14 (2022-Mar-28)
  • src/keyutil.js
    • fix KEYUTIL.getPEM when public key is not specified for ECDSA object.
      optional public key field will be omitted in such case. (#​549)
  • test/qunit-do-*.html
    • test case added for above updates.

v10.5.13: RSA key private generation fix

Compare Source

• Changes from 10.5.12 to 10.5.13 (2022-Mar-18)
  • ext/rsa2.js
    • fix RSAGenerate for checking |p - q| (#​546)

v10.5.12: support ISO 8859-1 TeletexString and BMPString for X500Name

Compare Source

• Changes from 10.5.11 to 10.5.12 (2022-Mar-13)
  • src/asn1hex.js
    • ASN1HEX.parse fixed for TeletexString and BMPString
    • ASN1HEX.parse TeletexString supports non-ASCII
      ISO 8859-1 Latin1 characters. Before this version,
      only supports ASCII characters.
    • hextoipv6 bug fix raised in some of enviroment
  • src/base64x.js
    • iso88591hextoutf8/utf8toiso88591hex added
    • iso88591hextoutf8hex/utf8hextoiso88591hex added
    • hextoipv6 fixed
  • src/x509.js
    • refactoring for X509.get{X500NameArray,RDN,AttrTypeAndValue}.
      Add support for Teletex/BMPString and more attrTypes
  • test/qunit-do-*.html
    • test case added for above updates.
      • qunit-do-base64x: add iso8859-1 / utf-8 converter tests
      • qunit-do-asn1hex-parse: add TeletexString parse tests
      • qunit-do-x509-ext: add NumericString/TeletexString X500Name tests

v10.5.11: asn1hex update

Compare Source

• Changes from 10.5.10 to 10.5.11 (2022-Mar-12)
  • src/ash1hex.js
    • ASN1HEX.parse add NumericStiring(x12) support
    • ASN1HEX.parse fix for "8x" tag (non structured tag)
  • test/qunit-do-asn1hex.html
    • test case added for above updates.

v10.5.10: hextoipv6 fix

Compare Source

• Changes from 10.5.9 to 10.5.10 (2022-Mar-10)
  • src/base64x.js
    • fix hextoipv6 for shrinking leading zeros (#​536)
  • test/qunit-do-base64x.html
    • test case added for above updates.

v10.5.9: small fix

Compare Source

• Changes from 10.5.8 to 10.5.9 (2022-Mar-10)
  • src/base64x.js
    • fix zulutosec (#​538)
  • src/asn1csr.js
    • fix CSRUtil.getParam (#​544)
  • test/qunit-do-{base64x,asn1csr}.html
    • test case update for above updates.

v10.5.8: OCSP CertID and X509 class update

Compare Source

• Changes from 10.5.7 to 10.5.8 (2022-Feb-25)
  • src/asn1ocsp.js
    • CertID class refactoring
    • CertID.getParamByCerts method added
  • src/x509.js
    • DEPRECATED getPublicKeyHex method (use getSPKI instead)
    • getSPKI, getSPKIValue method added
    • getExtCRLDistributionPointsURI bugfix
    • API document fix
  • test/qunit-do-{asn1ocsp,x509-ext,x509,x509-v1}.html
    • test case update and bugfix for above updates.

v10.5.7: X509CRL.findRevCert bugfix for empty revCerts

Compare Source

• Changes from 10.5.6 to 10.5.7 (2022-Feb-19)
  • src/x509crl.js
    • X509CRL.{findRevCert,findRevCertBySN} method fix for empty revCerts

v10.5.6: X509CRL.findRevCert bugfix

Compare Source

• Changes from 10.5.5 to 10.5.6 (2022-Feb-17)
  • src/x509crl.js X509CRL class
    • fix sn error in findRevCert

v10.5.5: CRL parser update

Compare Source

• Changes from 10.5.4 to 10.5.5 (2022-Feb-17)
  • src/x509crl.js X509CRL class
    • add getIssuerHex method
    • add findRevCert method
    • add findRevCertBySN method
  • test/x509crl.html update

v10.5.4: ASN.1 parser update and fix

Compare Source

• Changes from 10.5.3 to 10.5.4 (2022-Feb-15)
  • src/asn1.js
    • DERTaggedObject
      • refactoring
      • add {tag: xx, str:"aaa"} parameter support
      • add {tag: xx, hex:"616161"} parameter support
      • setASN1Object method now deprecated. Please use setByParam
  • src/asn1hex.js
    • ASN1HEX.parse
      • add encapsulated OctetString, BitString support
      • add encapsulated structured TaggedObject support
      • changed to return binary string for 3byte or less BitString value
      • ObjectIdentifier fix when undefined OID name
  • src/base64x.js
    • added bitstrtobinstr/binstrtobitstr
    • utf8tohex fix for lower case hexadecimal string
    • hextoutf8 fix for improper hexadecimal string for UTF-8
    • bitstrtoint/inttobitstr fix for error case return
  • test/qunit-do-asn1.html
    • TaggedObject test case update
  • test/qunit-do-asn1hex-parse.html
    • BitString, TaggedObject test case update
  • test/qunit-do-base64x.html
    • hextoutf8/utf8tohex testcase update
    • bitstrtobinstr/binstrtobitstr testcase added

v10.5.3: add OtherName support in GeneralName

Compare Source

• Changes from 10.5.2 to 10.5.3 (2022-Feb-10)
  • add otherName support in GeneralName by PR
    with small update (#​535)
  • src/asn1x509.js
    • add otherName of GeneralName support (#​535)
    • GeneralName class refactoring
    • add OtherName class
  • src/x509.js
    • add otherName of GeneralName support
  • src/asn1hex.js
    • add ASN1HEX.parse method
  • src/asn1.js
    • API doc and error exception fix
  • test/qunit-do-{asn1x509,x509-ext}.html
    • test case added
  • test/qunit-do-asn1hex-parse.html added

v10.5.2: small update for OID and JWK

Compare Source

• Changes from 10.5.1 to 10.5.2 (2022-Feb-08)
  • src/asn1x509.js
    • add OID.{registerOIDs,checkOIDs} method
  • src/keyutil.js
    • getJWK, getJWKFromKey API doc update
  • test/qunit-do-asn1x509.html updated
    • test case added

v10.5.1: add KEYUTIL.getJWK, fix EC P-521 concat signature value and add support for P-521 JWS JWK

Compare Source

• Changes from 10.5.0 to 10.5.1 (2021-Dec-01)
  • fix ECC P-521 curve issues (#​528)
    • src/ecdsa-modified.js
      • asn1SigToConcatSig fix P521 issue
      • concatSigToASN1Sig fix P521 issue
    • src/jws.js
      • add ES512 support
    • src/keyutil.js
      • fix P-521 issue in getKey,getJWKFromKey,
    • tool/tool_jwt.html
      • add ES512 support
    • test/qunit-do-ecdsamod-s.html
      • add P-521 asn1SigToConcatSig tests
      • add P-521 concatSigToASN1Sig tests
    • test/qunit-do-ecdsamod.html
      • add sha512 tests
    • test/qunit-do-jws-sign.html
      • add signing and verification ES512 test
    • test/qunit-do-keyutil-ec.html
      • add P-521 key test
    • test/qunit-do-keyutil-jwk.html
      • add P-521 private key test
    • test/qunit-do-x509-key.html
      • add P-521 certificate test
  • JWK from X509 certificate (#​529)
    • this PR was merged but
      • X509.getPublicKeyJWK was moved to KEYUTIL.getJWK
      • some tests in qunit-do-x509-jwk was moved to
        qunit-do-keyutil-jwk
      • readCertJWK was removed
  • src/keyutil
    • KEYUTIL.getJWK added and x5c/x5t/x5t#S256/kid member support
    • KEYUTIL.getJWKFromKey now deprecated
  • src/ecdsa-modified.js
    • missing variable definition fix (#​527)
  • test/qunit-do-x509.html test error fix
  • Great appreciate for @​cplussharp 's contribution.

v10.5.0: Add EC support for secp521r1 secp224r1 secp192r1

Compare Source

• Changes from 10.4.1 to 10.5.0
  • Add EC support for secp521r1 secp224r1 secp192r1 (#​521 #​519)
    Thank you indeed for @​cplussharp 's great work.
    • EC key length bugs for newly supported curves are fixed.
      • src/ecdsa-modified: key length fixes
      • src/ecparam.js: add keycharlen property
      • src/asn1x509.js: add secp521r1 OID
      • test/qunit-do-ecdsamod.html: all test code passed
      • test/qunit-do-ecdsamod-unsupport.html: all test code passed
      • test/qunit-do-ecdsamod-s.html: all test code passed
      • test/qunit-do-ecdsamod-nisttv.html: added for NIST EC keygen test
      • sample/sample-ecdsa.html: add P-521
  • sample/sample-rsasign.html
    • fix to trim non hexadecimal strings (#​517)

v10.4.1: GeneralizedTime, UTCTime refactoring and some bug fix

Compare Source

• Changes from 10.4.0 to 10.4.1 release
  • src/asn1.js
    • refactoring of DERUTCTime, DERGeneralizedTime and DERAbstractTime
    • now DERUTCTime support fraction of second
  • src/asn1x509.js
    • update Time class to follow DER{UTC,Generalized}Time update
  • tool/tool_tsreq.html
    • messageImprint bug fix (#​504)
  • tool/tool_tsres.html
    • serialNumber bug fix (#​505)
  • jsrsasign-*-min.js
    • header URL fix to kjur.github.io (#​503)
      (will be fixed in next release while rebuild)
  • test/qunit-do-{asn1,asn1x509}.html updated
    • KJUR.asn1.DER{UTC,Generalized}Time, KJUR.asn1.x509.Time class
      test case added and updated.

v10.4.0: Full support for parsing OCSP response

Compare Source

• Changes from 10.3.2 to 10.4.0 (2021-08-17)
  • asn1ocsp.js
    • add OCSP response parser support in OCSPParser class (request #​501)
    • OCSPParser.get{OCSPResponse,ResponseBytes,BasicOCSPResponse,ResponseData,ResponderID,SingleResponseList,SingleResponse,CertStatus} methods added
    • DEPRECATED: OCSPUtil.getOCSPResponseInfo
  • test/qunit-do-asn1ocsp.html updated
    • add test for OCSP response parser

v10.3.2: fix wrong OCSPRequest for EC public key certificate

Compare Source

• Changes from 10.3.1 to 10.3.2
  • asn1ocsp.js
    • CertID.setByCert fixed for issuer EC public key (#​500)

v10.3.0: remove all YUI dependency

Compare Source

• Changes from 10.2.0 to 10.3.0
  • remove YUI library dependency
  • LICENSE.txt
    • remove YUI license
  • src/base64x.js
    • add extendClass function to replace YUI class extend
  • src/*.js
    • replace YAHOO.lang.extend to extendClass all
  • src/keyutil.js
    • change to raise exception in KEYUTIL class with Error class
  • src/asn1x509.js
    • API document update for Extesions and CRLReason class
  • npm_util/package.json
    • fix dependencies (#​482)
  • test/qunit-do-*.html
    • updated to follow above
  • test/qunit-do-base64x-class.html added
    • test for extendClass function

v10.2.0: CVE-2021-30246 RSAKey.verify issue fix

Compare Source

• Changes from 10.1.13 to 10.2.0 (2021-04-14)
  • src/rsasign.js
    • CVE-2021-30246 RSAKey.verify issue was fixed (#​478)
  • src/asn1cms.js
    • IssuerSerial, IsseruAndSerialNumber API document update
  • sample_node/asn1extract2
    • change to "/usr/bin/env node"

v10.1.13: add non-ascii BMPString support

Compare Source

• Changes from 10.1.12 to 10.1.13 (2021-03-08)
  • src/base64x.js
    • add ucs2hextoutf8 function
  • src/x509.js
    • X509.getAttrTypeAndValue supports non-ascii BMPString (#​474)
  • src/asn1hex.js
    • ASN1HEX.dump supports non-ascii BMPString
  • test/qunit-do-{asn1hex-dump,x509-ext,base64x}.html
    • updated to follow above

v10.1.12: fix for wrong UTF-8 encoding in distinguished name parser

Compare Source

• Changes from 10.1.11 to 10.1.12 (2021-02-25)
  • src/x509.js
    • fix X509.getAttrTypeValue (#​473)
      • attribute value is converted by hextoutf8 not hextorstr
    • X509.getIssuerString update to use getIssuer
    • X509.getSubjectString update to use getSubject
    • X509.dnarraytostr fix to escape "+" and "/"
    • X509.hex2dn update to use getX500Name
  • test/qunit-do-x509-ext.html
    • updated to follow above

v10.1.11: update X509.getVersion and add jsrsasign-util saveFileJSON

Compare Source

• Changes from 10.1.10 to 10.1.11 (2021-02-19)
  • src/x509.js
    • X509.getVersion supports other than
      empty(DEFAULT =v1) and [0] {INTEGER 2} (=v3).
      Thus version checking is relaxed. (#​471)
  • src/nodeutil.js (jsrsasign-util 1.0.4)
    • add saveFileUTF8
    • saveFileJSON API document fix

v10.1.10: extend support for distinguished name

Compare Source

• Changes from 10.1.9 to 10.1.10 release (2021-02-14)
  • src/asn1x509.js
    • AttributeTypeAndValue
      • add support for OID and oid name constructor
        AttributeTypeAndValue({str: "/streetAddress=foo"})
        AttributeTypeAndValue({str: "/2.5.4.9=foo"})
    • OID.name2oidList
      • add givenName
  • test/qunit-do-asn1x509.html
    • updated to follow above

v10.1.9: Add SubjectDirectoryAttributes extension support

Compare Source

• Changes from 10.1.8 to 10.1.9 release (2021-02-12)
  • src/asn1x509.js
    • SubjectDirectoryAttributes class added
    • Extensions class updated to support
      SubjectDirectoryAttributes
    • OID class update to support OIDs
      such as gender, placeOfBirth et.al. for
      SubjectDirectoryAttributes.
    • SubjectDirectoryAttributes parser is
      needed to be implemented in X509.js future.
  • test/qunit-do-asn1x509.html
    • updated to follow above

v10.1.8: KEYUTIL supports PKCS8 private key with extension

• Changes from 10.1.5 to 10.1.8 release (2021-02-08)
  • src/keyutil.js
    • KEYUTIL.parsePlainPrivatePKCS8Hex now supports
      private key extsion and and issue #​454 fixed.
  • test/qunit-do-keyutil-eprv.html
    • updated to follow above

v10.1.5: CAdES-T support update and fix

Compare Source

• Changes from 10.1.4 to 10.1.5 release (2021-01-17)
  • tool/tool_cades.html fix (#​465)
    • now works fine again for CAdES-T demo
  • src/asn1cms.js
    • SignerInfo class
      • unsigned attribute support again
    • Attribute class
      • add signaturePolicyIdentifier support
      • add signatureTimeStamp support
    • CMSParser class
      • add signaturePolicyIdentifier support
      • add setSignaturePolicyIdentifier method
  • src/asn1cades.js
    • CAdESUtil class
      • parseSignedDataForAddingUnsigned modified to use CMSParser
      • addSigTS removed since it was empty method
      • parseSignerInfoForAddingUnsigned is deprecated since
        parseSignedDataForAddingUnsigned will not call it.
  • src/crypto.js
    • Mac API document fix (#​466)

v10.1.4: TSPParser.getPKIStatusInfo bugfix

Compare Source

• Changes from 10.1.3 to 10.1.4 release (2020-11-23)
  • asn1tsp.js
    • TSPParser class
      • getPKIStatusInfo out parameter name bugfix
  • test/qunit-do-asn1hex.html
    • updated to follow above

v10.1.3: TSPParser.getPKIStatusInfo update

Compare Source

• Changes from 10.1.2 to 10.1.3 release (2020-11-22)
  • asn1tsp.js
    • TSPParser class
      • getPKIStatusInfo updated to
        supports PKIFreeText and PKIFailureInfo
      • getPKIFreeText added
      • getPKIFailureInfo added
  • asn1hex.js
    • ASN1HEX class
      • getString added
      • getInt method updated to supports ASN.1 BitString
  • base64x.js
    • function bitstrtoint, inttobitstr added
  • test/qunit-do-{asn1hex,asn1tsp,base64x}.html
    • updated to follow above

v10.1.2: add SigningCertificateV2 for CMSParser and issue fix

Compare Source

• Changes from 10.1.1 to 10.1.2 release (2020-11-21)
  • src/asn1cms.js
    • CMSParser
      • getAttribute updated to support
        SigningCertificateV2
      • add setSigningCertificateV2 method
      • add getESSCertIDv2 method
      • change sortflag of result parameter to true in
        CMSParser.getCertificateSet
  • test/qunit-do-asn1cms.html
    • updated to follow above

v10.1.1: CMSSignedData and TimeStamp parser bugfix

Compare Source

• Changes from 10.1.0 to 10.1.1 release (2020-11-20)
  • src/asn1tsp.js
    • "serialNumber" parameter was changed to
      "serial" in TSTInfo class and TSPParser.getTSTInfo
      method.
  • src/asn1cms.js
    • change method name CMSParser.getAttributeArray to
      CMSParser.getAttributeList to align to the name
      AttributeList class.
    • getAttributeList returns JSON parameter which
      can be accepted by AttributeList constructor.
    • wrong sighex value for signature value
      by getSignerInfo method was fixed.
  • test/qunit-do-asn1tsp.html
    • updated to follow above

v10.1.0: add new CMSSignedData and TimeStamp parser and X500Name update

Compare Source

• Changes from 10.0.5 to 10.1.0 release
  • add new CMSSignedData and TimeStamp parser
  • X500.get{X500Name,GeneralName,GeneralNames} result change
  • src/asn1cms.js
    • new CMSParser class for CMS SignedData
      • get{CMSSignedData,SignedData,HashAlgArray,
        EContent,SignerInfos,SignerInfo,SignerIdentifier,
        IssuerAndSerialNumber,AttributeArray,
        Attribute,ESSCertID,IssuerSerial,CertificateSet}
      • set{ContentType,SigningTime,MessageDigest,
        SigningCertificate}
  • src/asn1tsp.js
    • new TSPParser class to parser RFC 3161 TSP protocol
    • get{Response,Token,TSTInfo,Accuracy,MessageImprint,
      PKIStatusInfo}
    • setTSTInfo
  • src/asn1.js
    • DERObjectIdentifier class update to use new oidtohex
  • src/asn1hex.js
    • add ASN1HEX.{getInt,getOID,getOIDName}
  • src/asn1csr.js
    • CSRUtil.getParam result "subject" parameter result is changed
      because of X509.getX500Name update.
  • src/asn1x509.js
    • small update for Time class
    • small update for Certificate.sign method
    • document fix (issue #​463)
  • src/base64x.js
    • function "oidtohex" and "hextooid" added.
    • function "ishex" added
    • KJUR.lang.String.isHex now DEPRECATED. Please use "ishex".
  • src/x509.js
    • X509.getX500Name update
      • X509.get{Issuer,Subject,GeneralNames,GeneralName}
    • add X509.{getX500NameArray,dnarraytostr}
  • src/x509crl.js
    • X509CRL.getIssuer update for X509.getX500Name update
  • test/qunit-do-{asn1tsp,asn1cms,asn1hex,asn1x509-newcert-veri,
    base64x,x509-ext,x509crl}.html
    • updated to follow above

v10.0.5: small issue fixes and updates

Compare Source

• Changes from 10.0.4 to 10.0.5 release
  • src/base64x.js
    • utf8tob64u, b64utoutf8
      replace new Buffer() to Buffer.from() for
      Node.JS deprecation (issue #​460)
  • src/asn1x509.js
    • P-256 oid added in OID class (PR #​461 #​333)
  • src/x509.js
    • document fix
  • tool/tool_csr.html
    • update to show ASN.1 dump of CSR
  • test/qunit-do-base64x.html, npm/test/t_base64x.js
    • update test code to follow above

v10.0.4: add methods to modify some extension parameters

Compare Source

• Changes from 10.0.3 to 10.0.4 (2020-Oct-23)
  • src/x509.js
    • add X509.updateExt{CDPFullURI,AIAOCSP,AIACAIssuer} method
  • src/nodeutil.js
    • add read{JSON,JSONC},saveJSON,printJSON method added
    • jrsasign-util npm package updated
  • test/qunit-do-x509-param.html
    • updated to follow above

v10.0.3: add findExt method in X509 class

Compare Source

• Changes from 10.0.2 to 10.0.3 (2020-Oct-21)
  • src/x509.js
    • add X509.findExt method
  • test/qunit-do-x509-param.html
    • updated to follow above

v10.0.2: AdobeTimeStamp X.509v3 extension parser bugfix

Compare Source

• Changes from 10.0.1 to 10.0.2 (2020-Oct-14)
  • src/x509.js
    • X509.getExtAdobeTimeStamp method bugfix

v10.0.1: AdobeTimeStamp X.509v3 certificate extension added

Compare Source

• Changes from 10.0.0 to 10.0.1 (2020-Oct-13)
  • src/asn1x509.js
    • AdobeTimeStamp class added
    • add AdobeTimeStamp support in Extension class
    • add "adobeTimeStamp" OID in OID class
  • src/x509.js
    • add getExtAdobeTimeStamp method to X509 class
    • add "adobeTimeStamp" support in getExtParam
  • src/asn1.js
    • DERBoolean add support for "false" value.
  • test/qunit-do-{asn1,asn1x509,x509}.html
    • updated to follow above

v10.0.0: Major update for CMS SigneData TimeStamp and CAdES

Compare Source

• Changes from 9.1.9 to 10.0.0 (2020-Sep-24)
  • major update for CMS SignedData related classes
    to allow more simple ASN.1 generation
  • src/asn1cms.js
    • new architecture updates in
      SignedData, Attribute
      • all implemented Attributes such as
        ContentType, SigningTime are also
        updated.
    • new class added
      • ESSCertID
      • ESSCertIDv2
      • SignerIdentifier
      • SubjectKeyIdentifier
      • CertificateSet
      • RevocationInfoChoices
      • RevocationInfoChoice
      • OtherRevocationFormat
    • following class/methods are now deprecated
      • CMSUtil.newSignedData
  • src/asn1tsp.js
    • aligned to new architecture:
      • TSTInfo, Accuracy, PKIStatusInfo,
        PKIStatus, PKIFreeText, PKIFailureInfo,
    • new class added
      • TimeStampToken
    • following class/methods are now deprecated
      • SimpleTSAAdapter, FixedTSAAdapter,
        TSPUtil.newTimeStampToken
  • src/asn1cades.js
    • aligned to new architecture
    • SignaturePolicyIdentifier, OtherHashAlgAndValue,
      SignatureTimeStamp, CompleteCertificateRefs,
      OtherCertID, OtherHash
    • new class added
    • SignaturePolicyId, OtherHashValue
  • src/asn1.js
    • DERTaggedObject add support for simple
      argument for explicit "tage" and implicit "tagi"
    • newObject add support for "asn1" property
    • DERObjectIdentifier constructor argument
      now accepts name and OID. method
      setValueNameOrOid added.
  • src/x509.js
    • X509(certPemOrHex)
      X509 class constructor add support for
      PEM or hex string of certificate as
      argument.
  • src/asn1x509.js
    • OID class: signaturePolicyIdentifier attribute
      OID added.

v9.1.9: wrong encoding in CRLReason in OCSP CertStatus fixed

Compare Source

• Changes from 9.1.8 to 9.1.9 (2020-Sep-08)
  • src/asn1ocsp.js
    • BUGFIX: wrong encoding in CRLeason in OCSP CertStatus fixed
  • test/qunit-do-asn1ocsp.html
    • follow to above update

v9.1.8: wrong encoding in byKey of OCSP ResponderID fixed

Compare Source

• Changes from 9.1.7 to 9.1.8 (2020-Sep-08)
  • src/asn1ocsp.js
    • BUGFIX: wrong encoding in byKey of OCSP ResponderID fixed
  • test/qunit-do-asn1ocsp.html
    • follow to above update

v9.1.7: nextUpdate encoding bugfix in ocsp SingleResponse

Compare Source

• Changes from 9.1.6 to 9.1.7 (2020-Sep-08)
  • src/asn1ocsp.js
    • BUGFIX: nextUpdate encoding fix in SingleResponse
    • CertStatus document fix
  • test/qunit-do-asn1ocsp.html
    • follow to above update

v9.1.6: add OCSP response and request encoder

Compare Source

• Changes from 9.1.5 to 9.1.6 (2020-Sep-05)
  • src/asn1ocsp.js
    • OCSPResponse class added
    • ResponseBytes class added
    • BasicOCSPResponse class added
    • ResponseData class added
    • ResponderID class added
    • SingleResponseList class added
    • SingleResponse class added
    • CertID class updated
      • changed properties to specify
        isserNameHash, issuerKeyHash and serialNumber
        without backward compatibility
    • CertStatus class added
    • OCSPParser class added
      • only OCSP request parser methods are available
  • src/asn1x509.js
    • OCSPNonce class OCSP extension added
    • OCSPNoCheck class certificate extension added
    • Extensios class supports OCSPNonce and OCSPNoCheck
    • OID clas supports ocspNonce, ocspNoCheck and ocspBasic
  • src/x509.js
    • X509.getExtParam supports OCSPNonce and OCSPNoCheck
    • X509.getExtOCSPNoCheck added
    • X509.getExtOCSPNonce added
  • src/asn1.js
    • ASN1Object class: add tlv parameter support
  • src/asn1hex.js
    • ASN1HEX.dump: enable to show tagged primitive

v9.1.5: ASN1HEX getChildIdx bug for too many children

Compare Source

• Changes from 9.1.4 to 9.1.5 (2020-Aug-29)
  • src/asn1hex.js
    • BUGFIX: ASN1HEX.getChildIdx didn't returns
      proper result when too many child items
      such as over 200 children.
    • add ASN1HEX.getTLVblen method
    • DEPRECATED: getNextSiblingIdx. Please
      use getTLVblen instead.

v9.1.4: X509CRL parser revokedCertificate bugfix

X509CRL parser revokedCertificate bugfix

• Changes from 9.1.3 to 9.1.4 (2020-Aug-28)
  • src/asn1hex.js
    • get{Idx,V,TLV}byList return value aligned to
      get{Idx,V,TLV}byListEx.
  • src/x509crl.js
    • BUGFIX: error when nextUpdate exists and
      no revokedCertificates

missed to export X509CRL in npm package

• Changes from 9.1.2 to 9.1.3 (2020-Aug-28)
  • npm/lib/footer.js
    • export X509CRL
  • NOTE: only npm package released

v9.1.2: add private extension support for Cert CRL and CSR

Compare Source

• Changes from 9.1.1 to 9.1.2 (2020-Aug-27)
  • undefined extension regarded as private extesion
    in extension parser X509.getExtParam.
    Thus certificate, CRL and CSR parser will
    not raise error when undefined extension
    is parsed.
  • src/x509.js
    • unknown extension is parsed as
      private extension.
  • test/qunit-do-{x509-param}.html
    • add test case to follow above update

v9.1.1: new CRL parser and private extension encoder support

Compare Source

• Changes from 9.1.0 to 9.1.1 (2020-Aug-27)
  • add new X509CRL class for CRL parser
  • add Certificate, CSR and CRL private extension support
  • src/x509crl.js (new)
    • X509CRL class
  • src/x509.js
    • new X509.getExtCRLNumber method for extension parser
    • new X509.getExtCRLReason method for extension parser
    • new X509.getExtParam method for parsing one extension
      • NOTE: not yet support for private extension
  • src/asn1x509.js
    • Extensions class: add support for private extension
    • PrivateExtension class added
    • OID.name2oid: add support OID (ex. "1.2.3.4") as argument
  • src/asn1csr.js
    • CSRUtil.getParam update to support X509.getExtParamArray and
      not using X509.parseExt
  • src/asn1.js
    • getLengthHexFromValue small update for exception
  • test/qunit-do-{asn1x509,asn1x509-tbscert,x509}.html
    • update to follow above updates
  • test/x509csr.html (new)

v9.1.0: new CRL APIs and other updates

Compare Source

• Changes from 9.0.3 to 9.1.0 (2020-Aug-24)
  • CRL constructor update to align Certificate
    class without backward compatibility.
  • BUGFIX: SigningCertificate{,V2} encoding bugifx
  • src/asn1cms.js
    • BUGFIX: SigningCertificate{,V2} encoding have been
      missign SEQUENCE. (#​448)
  • src/asn1csr.js
    • CertificationRequestInfo class updated to
      new KJUR.asn1.x509.Extension class.
  • src/asn1x509.js
    • CRL and TBSCertList class constructor have
      been updated to align Certificate and
      CertificationRequestInfo style in 9.0.0
      without backward compatibility.
      • this update makes more extension and
        entry extension support in the future.
      • CRLEntry class is deprecated since
        no more used in updated TBSCertList.
    • new CRLNumber extension class added
    • new CRLReason entry extension class added
    • OID class updated to support
      cRLNumber and cRLReason oids
    • TBSCertificate.getExtDERSequence method
      was moved to new Extensions class.
    • ASN1HEX.dump updated to support ENUMERATED
  • test/qunit-do-{asn1cms,asn1tsp,asn1x509-tbscert,
    asn1x509} updated to follow above updates.

v9.0.3: TimeStampToken ASN.1 encoding error fix

Compare Source

• Changes from 9.0.2 to 9.0.3 (2020-Aug-22)
  • BUGFIX: tsa field of TSTInfo was not encoded properly. (#​450)
  • BUGFIX: CMSSignedData version of TimestampToken was not 3. (#​448)
  • src/asn1tsp.js
    • TSTInfo tsa field fix
    • TSTUtil.newTimeStampToken method to set
      CMSVersion 3.

v9.0.2: PolicyInformation named policy OID bug fix

Compare Source

• Changes from 9.0.1 to 9.0.2 (2020-Aug-22)
  • BUGFIX: KJUR.asn1.tsp.PolicyInformation class constructor
    have not been accepted named policy OID such as "anyPolicy".
    The issue was fixed.
  • src/asn1x509.js
    • PolicyInformation bugfix for above.
  • test/qunit-do-asn1x509.html
    • updated to follow above.

v9.0.1: TimeStampToken contentType attribute bug fix

Compare Source

• Changes from 9.0.0 to 9.0.1 (2020-Aug-21)
  • BUGFIX: KJUR.asn1.tsp.TimeStampToken class generates have
    generated with wrong contentType attribute
    with value "data". (#​448)
  • src/asn1tsp.js
    • TimeStampToken class constructor will add
      contentType attribute with "tstinfo" for bugfix. (#​448).
  • src/asn1cms.js
    • SignerInfo.setForContentAndHash class constructor
      parameter can have "contentType" property additionaly
      to set "tstinfo" as above.
  • src/asn1x509.js
    • some attribute type oids for CMS signedData are
      added to OID.name2oidList.

v9.0.0: Certificate and CSR generator and parser API major updates

Compare Source

• Changes from 8.0.24 to 9.0.0 (2020-Aug-19)
  • Please see migration notes in wiki:
    https://github.com/kjur/jsrsasign/wiki/NOTE-jsrsasign-8.0.x-to-9.0.0-Certificate-and-CSR-API-migration-guide
  • CAUTION: some certificate and CSR APIs are missing
    backward compatibility so you may need to change your code
    to upgrade jsrsasign 9.0.0.
  • src/asn1x5

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.