Skip to content

Commit

Permalink
7.1.1 release
Browse files Browse the repository at this point in the history
  • Loading branch information
kjur committed Mar 13, 2017
1 parent a318566 commit 2098e2c
Show file tree
Hide file tree
Showing 31 changed files with 2,979 additions and 2,261 deletions.
27 changes: 26 additions & 1 deletion ChangeLog.txt
Original file line number Diff line number Diff line change
@@ -1,6 +1,31 @@

ChangeLog for jsrsasign

* Changes from 7.0.0 to 7.1.1 (2017-Mar-10)
- CRITICAL BUG FIX: KJUR.asn1.x509.Certificate.sign() and
KJUR.asn1.x509.X509Util.newCertPEM() have always
signed signatures with SHA1withRSA algorithm regardless
of any specified signature algorithm. This issue was
fixed in this release.
- asn1x509 1.0.19 to 1.0.20
- Certificate
- sign() critical bug fix
sign() was always sign with SHA1withRSA regardless of
specified any other signature algorithm.
This fixes #240 and #241 by @helfloryd.
- AlgorithmIdentifier
- set algorithm parameter to NULL automatically by default
for "*withRSA" algorithm.
- document update
- newCertPEM
- fix document
- x509 1.1.11 to 1.1.12
- X509.verifySignature static method added
- ext/rng.js
- fix #228 from @dzaman. window.crypto.random fix
- crypto 1.1.11 to 1.1.12
- minor document fix

* Changes from 7.0.0 to 7.1.0 (2017-Jan-21)
- minor update for loading private/public key
- support added: PKCS#5 DSA/ECC hexacedimal string of private key
Expand All @@ -13,7 +38,7 @@ ChangeLog for jsrsasign
- pkcs5pkey 1.0.7 to 1.1.0
- make PKCS5PKEY.getHexFromPEM deprecated
- move from getHexFromPEM to ASN1HEX.pemToHex
- rsapem 1.1.1 to 1.1.2
- rsapem 1.1.1 to 1.2.0
- refactoring codes
- readPKCS5PubKeyHex added
- readPKCS8PubKeyHex added
Expand Down
6 changes: 3 additions & 3 deletions api/files.html
Original file line number Diff line number Diff line change
Expand Up @@ -576,7 +576,7 @@ <h2><a href="symbols/src/asn1x509-1.0.js.html">asn1x509-1.0.js</a></h2>


<dt class="heading">Version:</dt>
<dd>1.0.20 (2017-Jan-14)</dd>
<dd>1.0.21 (2017-Mar-03)</dd>



Expand Down Expand Up @@ -614,7 +614,7 @@ <h2><a href="symbols/src/crypto-1.1.js.html">crypto-1.1.js</a></h2>


<dt class="heading">Version:</dt>
<dd>1.1.11 (2016-Dec-25)</dd>
<dd>1.1.12 (2017-Jan-31)</dd>



Expand Down Expand Up @@ -823,7 +823,7 @@ <h2><a href="symbols/src/x509-1.1.js.html">x509-1.1.js</a></h2>


<dt class="heading">Version:</dt>
<dd>x509 1.1.11 (2017-Jan-21)</dd>
<dd>x509 1.1.12 (2017-Mar-12)</dd>



Expand Down
24 changes: 21 additions & 3 deletions api/symbols/KJUR.asn1.x509.AlgorithmIdentifier.html
Original file line number Diff line number Diff line change
Expand Up @@ -473,7 +473,9 @@ <h1 class="classTitle">
<b><a href="../symbols/KJUR.asn1.x509.AlgorithmIdentifier.html#constructor">KJUR.asn1.x509.AlgorithmIdentifier</a></b>(params)
</div>
<div class="description">AlgorithmIdentifier ASN.1 structure class
</div>
The 'params' argument is an associative array and has following parameters:
<ul>
<li>name: algorithm name (MANDATORY, ex.</div>
</td>
</tr>
</tbody>
Expand Down Expand Up @@ -519,13 +521,29 @@ <h1 class="classTitle">

<div class="description">
AlgorithmIdentifier ASN.1 structure class

The 'params' argument is an associative array and has following parameters:
<ul>
<li>name: algorithm name (MANDATORY, ex. sha1, SHA256withRSA)</li>
<li>asn1params: explicitly specify ASN.1 object for algorithm.
(OPTION)</li>
<li>paramempty: set algorithm parameter to NULL by force.
If paramempty is false, algorithm parameter will be set automatically.
If algorithm name is "rsaEncryption" or "*withRSA" such as "SHA1withRSA",
algorithm parameter will be set to NULL by default.
(OPTION, DEFAULT = false)</li>
</ul>

</div>



<pre class="code">algId1 = new KJUR.asn1.x509.AlgorithmIdentifier({name: "sha1"});</pre>
<pre class="code">algId = new KJUR.asn1.x509.AlgorithmIdentifier({name: "sha1"});
// set parameter to NULL authomatically if algorithm name is "*withRSA".
algId = new KJUR.asn1.x509.AlgorithmIdentifier({name: "SHA256withRSA"});
// set parameter to NULL authomatically if algorithm name is "rsaEncryption".
algId = new KJUR.asn1.x509.AlgorithmIdentifier({name: "rsaEncryption"});
// SHA256withRSA and set parameter empty by force
algId = new KJUR.asn1.x509.AlgorithmIdentifier({name: "SHA256withRSA", paramempty: true});</pre>



Expand Down
2 changes: 1 addition & 1 deletion api/symbols/KJUR.asn1.x509.Certificate.html
Original file line number Diff line number Diff line change
Expand Up @@ -789,7 +789,7 @@ <h4>EXAMPLES</h4>



<pre class="code">var cert = new KJUR.asn1.x509.Certificate({'tbscertobj': tbs, 'rsaprvkey': prvKey});
<pre class="code">var cert = new KJUR.asn1.x509.Certificate({tbscertobj: tbs, prvkeyobj: prvKey});
cert.sign();</pre>


Expand Down
7 changes: 7 additions & 0 deletions api/symbols/KJUR.asn1.x509.SubjectPublicKeyInfo.html
Original file line number Diff line number Diff line change
Expand Up @@ -692,6 +692,13 @@ <h4>EXAMPLE</h4>
</dl>


<dl class="detailList">
<dt class="heading">Deprecated:</dt>
<dt>
from jsrsasign 7.1.1 asn1x509 1.0.20.
</dt>
</dl>




Expand Down
4 changes: 2 additions & 2 deletions api/symbols/KJUR.asn1.x509.TBSCertList.html
Original file line number Diff line number Diff line change
Expand Up @@ -512,7 +512,7 @@ <h4>EXAMPLE</h4></div>
<td class="nameDescription">
<div class="fixedFont"><b><a href="../symbols/KJUR.asn1.x509.TBSCertList.html#addRevokedCert">addRevokedCert</a></b>(snParam, timeParam)
</div>
<div class="description">add revoked certficate by parameter
<div class="description">add revoked certificate by parameter
</div>
</td>
</tr>
Expand Down Expand Up @@ -660,7 +660,7 @@ <h4>EXAMPLE</h4>

</div>
<div class="description">
add revoked certficate by parameter
add revoked certificate by parameter



Expand Down
25 changes: 12 additions & 13 deletions api/symbols/KJUR.asn1.x509.X509Util.html
Original file line number Diff line number Diff line change
Expand Up @@ -619,19 +619,18 @@ <h1 class="classTitle">
private key using 'cakey' parameter or
hexa decimal signature value by 'sighex' parameter.

NOTE: When using DSA or ECDSA CA signing key,
use 'paramempty' in 'sigalg' to ommit parameter field
of AlgorithmIdentifer. In case of RSA, parameter
NULL will be specified by default.
NOTE: Algorithm parameter of AlgorithmIdentifier will
be set automatically by default. ({@see KJUR.asn1.x509.AlgorithmIdentifier})
from jsrsasign 7.1.1 asn1x509 1.0.20.


</div>



<pre class="code">var certPEM = KJUR.asn1.x509.X509Util.newCertPEM(
{ serial: {int: 4},
sigalg: {name: 'SHA1withECDSA', paramempty: true},
<pre class="code">var certPEM = KJUR.asn1.x509.X509Util.newCertPEM({
serial: {int: 4},
sigalg: {name: 'SHA1withECDSA'},
issuer: {str: '/C=US/O=a'},
notbefore: {'str': '130504235959Z'},
notafter: {'str': '140504235959Z'},
Expand All @@ -644,9 +643,9 @@ <h1 class="classTitle">
cakey: [prvkey, pass]}
);
// -- or --
var certPEM = KJUR.asn1.x509.X509Util.newCertPEM(
{ serial: {int: 1},
sigalg: {name: 'SHA1withRSA', paramempty: true},
var certPEM = KJUR.asn1.x509.X509Util.newCertPEM({
serial: {int: 1},
sigalg: {name: 'SHA1withRSA'},
issuer: {str: '/C=US/O=T1'},
notbefore: {'str': '130504235959Z'},
notafter: {'str': '140504235959Z'},
Expand All @@ -656,9 +655,9 @@ <h1 class="classTitle">
);
// for the issuer and subject field, another
// representation is also available
var certPEM = KJUR.asn1.x509.X509Util.newCertPEM(
{ serial: {int: 1},
sigalg: {name: 'SHA1withRSA', paramempty: true},
var certPEM = KJUR.asn1.x509.X509Util.newCertPEM({
serial: {int: 1},
sigalg: {name: 'SHA256withRSA'},
issuer: {C: "US", O: "T1"},
notbefore: {'str': '130504235959Z'},
notafter: {'str': '140504235959Z'},
Expand Down
2 changes: 1 addition & 1 deletion api/symbols/KJUR.crypto.Cipher.html
Original file line number Diff line number Diff line change
Expand Up @@ -709,7 +709,7 @@ <h1 class="classTitle">

<pre class="code">
KJUR.crypto.Cipher.encrypt("aaa", pubRSAKeyObj) &rarr; "1abc2d..."
KJUR.crypto.Cipher.encrypt("aaa", pubRSAKeyObj, "RSAOAEP) &rarr; "23ab02..."</pre>
KJUR.crypto.Cipher.encrypt("aaa", pubRSAKeyObj, "RSAOAEP") &rarr; "23ab02..."</pre>



Expand Down
74 changes: 74 additions & 0 deletions api/symbols/X509.html
Original file line number Diff line number Diff line change
Expand Up @@ -940,6 +940,17 @@ <h1 class="classTitle">
</td>
</tr>

<tr>
<td class="attributes">&lt;static&gt; &nbsp;</td>
<td class="nameDescription">
<div class="fixedFont">X509.<b><a href="../symbols/X509.html#.verifySignature">verifySignature</a></b>(hCert, pubKey)
</div>
<div class="description">verifies signature value by public key
This method verifies signature value of hexadecimal string of
X.509 certificate by specified public key object.</div>
</td>
</tr>

</tbody>
</table>

Expand Down Expand Up @@ -3117,6 +3128,69 @@ <h1 class="classTitle">



<hr />

<a name=".verifySignature"> </a>
<div class="fixedFont">&lt;static&gt;

<span class="light">{Boolean}</span>
<span class="light">X509.</span><b>verifySignature</b>(hCert, pubKey)

</div>
<div class="description">
verifies signature value by public key
This method verifies signature value of hexadecimal string of
X.509 certificate by specified public key object.


</div>



<pre class="code">pubKey = KEYUTIL.getKey(pemPublicKey); // or certificate
hCert = ASN1HEX.pemToHex(pemCert);
isValid = X509.verifySignature(hCert, pubKey);</pre>




<dl class="detailList">
<dt class="heading">Parameters:</dt>

<dt>
<span class="light fixedFont">{String}</span> <b>hCert</b>

</dt>
<dd>hexadecimal string of X.509 certificate binary</dd>

<dt>
<span class="light fixedFont">{Object}</span> <b>pubKey</b>

</dt>
<dd>public key object</dd>

</dl>



<dl class="detailList">
<dt class="heading">Since:</dt>
<dd>jsrsasign 7.1.1 x509 1.1.12</dd>
</dl>
</dl>



<dl class="detailList">
<dt class="heading">Returns:</dt>

<dd><span class="light fixedFont">{Boolean}</span> true if signature value is valid otherwise false</dd>

</dl>







Expand Down
Loading

0 comments on commit 2098e2c

Please sign in to comment.