From 51cb72382a958bc17b9d5273447195bb173bddcf Mon Sep 17 00:00:00 2001 From: Kenji Urushima Date: Sun, 25 Dec 2016 23:22:03 +0900 Subject: [PATCH] remove openpgpjs dependent codes --- ChangeLog.txt | 18 +- api/files.html | 12 +- api/index.html | 2 +- api/symbols/ASN1HEX.html | 39 +- api/symbols/Base64x.html | 4 +- api/symbols/KEYUTIL.html | 4 +- api/symbols/KJUR.asn1.ASN1Object.html | 4 +- api/symbols/KJUR.asn1.ASN1Util.html | 4 +- api/symbols/KJUR.asn1.DERAbstractString.html | 4 +- .../KJUR.asn1.DERAbstractStructured.html | 4 +- api/symbols/KJUR.asn1.DERAbstractTime.html | 4 +- api/symbols/KJUR.asn1.DERBitString.html | 4 +- api/symbols/KJUR.asn1.DERBoolean.html | 4 +- api/symbols/KJUR.asn1.DEREnumerated.html | 4 +- api/symbols/KJUR.asn1.DERGeneralizedTime.html | 4 +- api/symbols/KJUR.asn1.DERIA5String.html | 4 +- api/symbols/KJUR.asn1.DERInteger.html | 4 +- api/symbols/KJUR.asn1.DERNull.html | 4 +- api/symbols/KJUR.asn1.DERNumericString.html | 4 +- .../KJUR.asn1.DERObjectIdentifier.html | 4 +- api/symbols/KJUR.asn1.DEROctetString.html | 4 +- api/symbols/KJUR.asn1.DERPrintableString.html | 4 +- api/symbols/KJUR.asn1.DERSequence.html | 4 +- api/symbols/KJUR.asn1.DERSet.html | 4 +- api/symbols/KJUR.asn1.DERTaggedObject.html | 4 +- api/symbols/KJUR.asn1.DERTeletexString.html | 4 +- api/symbols/KJUR.asn1.DERUTCTime.html | 4 +- api/symbols/KJUR.asn1.DERUTF8String.html | 4 +- api/symbols/KJUR.asn1.cades.CAdESUtil.html | 4 +- ...UR.asn1.cades.CompleteCertificateRefs.html | 4 +- api/symbols/KJUR.asn1.cades.OtherCertID.html | 4 +- api/symbols/KJUR.asn1.cades.OtherHash.html | 4 +- .../KJUR.asn1.cades.OtherHashAlgAndValue.html | 4 +- ....asn1.cades.SignaturePolicyIdentifier.html | 4 +- .../KJUR.asn1.cades.SignatureTimeStamp.html | 4 +- api/symbols/KJUR.asn1.cades.html | 4 +- api/symbols/KJUR.asn1.cms.Attribute.html | 4 +- api/symbols/KJUR.asn1.cms.AttributeList.html | 4 +- api/symbols/KJUR.asn1.cms.CMSUtil.html | 4 +- api/symbols/KJUR.asn1.cms.ContentInfo.html | 4 +- api/symbols/KJUR.asn1.cms.ContentType.html | 4 +- ...KJUR.asn1.cms.EncapsulatedContentInfo.html | 4 +- .../KJUR.asn1.cms.IssuerAndSerialNumber.html | 4 +- api/symbols/KJUR.asn1.cms.MessageDigest.html | 4 +- api/symbols/KJUR.asn1.cms.SignedData.html | 4 +- api/symbols/KJUR.asn1.cms.SignerInfo.html | 4 +- .../KJUR.asn1.cms.SigningCertificate.html | 4 +- .../KJUR.asn1.cms.SigningCertificateV2.html | 4 +- api/symbols/KJUR.asn1.cms.SigningTime.html | 4 +- api/symbols/KJUR.asn1.cms.html | 4 +- api/symbols/KJUR.asn1.csr.CSRUtil.html | 4 +- .../KJUR.asn1.csr.CertificationRequest.html | 4 +- ...JUR.asn1.csr.CertificationRequestInfo.html | 4 +- api/symbols/KJUR.asn1.csr.html | 4 +- api/symbols/KJUR.asn1.html | 4 +- api/symbols/KJUR.asn1.ocsp.CertID.html | 4 +- api/symbols/KJUR.asn1.ocsp.OCSPRequest.html | 4 +- api/symbols/KJUR.asn1.ocsp.OCSPUtil.html | 4 +- api/symbols/KJUR.asn1.ocsp.Request.html | 4 +- api/symbols/KJUR.asn1.ocsp.TBSRequest.html | 4 +- api/symbols/KJUR.asn1.ocsp.html | 4 +- .../KJUR.asn1.tsp.AbstractTSAAdapter.html | 4 +- api/symbols/KJUR.asn1.tsp.Accuracy.html | 4 +- .../KJUR.asn1.tsp.FixedTSAAdapter.html | 4 +- api/symbols/KJUR.asn1.tsp.MessageImprint.html | 4 +- api/symbols/KJUR.asn1.tsp.PKIFailureInfo.html | 4 +- api/symbols/KJUR.asn1.tsp.PKIFreeText.html | 4 +- api/symbols/KJUR.asn1.tsp.PKIStatus.html | 4 +- api/symbols/KJUR.asn1.tsp.PKIStatusInfo.html | 4 +- .../KJUR.asn1.tsp.SimpleTSAAdapter.html | 4 +- api/symbols/KJUR.asn1.tsp.TSPUtil.html | 4 +- api/symbols/KJUR.asn1.tsp.TSTInfo.html | 4 +- api/symbols/KJUR.asn1.tsp.TimeStampReq.html | 4 +- api/symbols/KJUR.asn1.tsp.TimeStampResp.html | 4 +- api/symbols/KJUR.asn1.tsp.html | 4 +- .../KJUR.asn1.x509.AlgorithmIdentifier.html | 4 +- .../KJUR.asn1.x509.AttributeTypeAndValue.html | 4 +- .../KJUR.asn1.x509.AuthorityInfoAccess.html | 4 +- ...KJUR.asn1.x509.AuthorityKeyIdentifier.html | 4 +- .../KJUR.asn1.x509.BasicConstraints.html | 4 +- api/symbols/KJUR.asn1.x509.CRL.html | 4 +- .../KJUR.asn1.x509.CRLDistributionPoints.html | 4 +- api/symbols/KJUR.asn1.x509.CRLEntry.html | 4 +- api/symbols/KJUR.asn1.x509.Certificate.html | 4 +- .../KJUR.asn1.x509.DistributionPoint.html | 4 +- .../KJUR.asn1.x509.DistributionPointName.html | 4 +- api/symbols/KJUR.asn1.x509.ExtKeyUsage.html | 4 +- api/symbols/KJUR.asn1.x509.Extension.html | 4 +- api/symbols/KJUR.asn1.x509.GeneralName.html | 4 +- api/symbols/KJUR.asn1.x509.GeneralNames.html | 4 +- api/symbols/KJUR.asn1.x509.IssuerAltName.html | 4 +- api/symbols/KJUR.asn1.x509.KeyUsage.html | 4 +- api/symbols/KJUR.asn1.x509.OID.html | 4 +- api/symbols/KJUR.asn1.x509.RDN.html | 4 +- .../KJUR.asn1.x509.SubjectAltName.html | 4 +- .../KJUR.asn1.x509.SubjectPublicKeyInfo.html | 4 +- api/symbols/KJUR.asn1.x509.TBSCertList.html | 4 +- .../KJUR.asn1.x509.TBSCertificate.html | 4 +- api/symbols/KJUR.asn1.x509.Time.html | 4 +- api/symbols/KJUR.asn1.x509.X500Name.html | 4 +- api/symbols/KJUR.asn1.x509.X509Util.html | 4 +- api/symbols/KJUR.asn1.x509.html | 4 +- api/symbols/KJUR.crypto.Cipher.html | 4 +- api/symbols/KJUR.crypto.DSA.html | 83 +- api/symbols/KJUR.crypto.ECDSA.html | 4 +- api/symbols/KJUR.crypto.ECParameterDB.html | 4 +- api/symbols/KJUR.crypto.Mac.html | 4 +- api/symbols/KJUR.crypto.MessageDigest.html | 4 +- api/symbols/KJUR.crypto.OID.html | 4 +- api/symbols/KJUR.crypto.Signature.html | 4 +- api/symbols/KJUR.crypto.Util.html | 409 ++- api/symbols/KJUR.crypto.html | 4 +- api/symbols/KJUR.html | 4 +- api/symbols/KJUR.jws.IntDate.html | 4 +- api/symbols/KJUR.jws.JWS.html | 4 +- api/symbols/KJUR.jws.JWSJS.html | 4 +- api/symbols/KJUR.jws.html | 4 +- api/symbols/KJUR.lang.String.html | 4 +- api/symbols/PKCS5PKEY.html | 66 +- api/symbols/RSAKey.html | 4 +- api/symbols/X509.html | 4 +- api/symbols/global__.html | 4 +- api/symbols/src/asn1hex-1.1.js.html | 428 +-- api/symbols/src/crypto-1.1.js.html | 2492 +++++++++-------- api/symbols/src/dsa-2.0.js.html | 214 ++ api/symbols/src/dsa-modified-1.0.js.html | 389 --- api/symbols/src/pkcs5pkey-1.0.js.html | 1471 +++++----- bower.json | 2 +- crypto-1.1.js | 192 +- dsa-2.0.js | 206 ++ dsa-modified-1.0.js | 381 --- ext/THIRDPARTY_LICENSE.pgp.txt | 513 ---- index.html | 1 - jsrsasign-latest-all-min.js | 16 +- min/asn1hex-1.1.min.js | 4 +- min/crypto-1.1.min.js | 4 +- min/dsa-2.0.min.js | 3 + min/dsa-modified-1.0.min.js | 3 - min/pkcs5pkey-1.0.min.js | 2 +- npm/lib/jsrsasign.js | 16 +- npm/package.json | 2 +- test/index.html | 1 + test/qunit-do-asn1cades.html | 3 + test/qunit-do-asn1cms.html | 3 + test/qunit-do-asn1csr.html | 3 +- test/qunit-do-asn1ocsp.html | 3 +- test/qunit-do-asn1tsp.html | 2 + test/qunit-do-asn1x509-newcrt.html | 5 +- test/qunit-do-asn1x509.html | 2 + test/qunit-do-crypto-ecdsa.html | 3 +- test/qunit-do-crypto-mac.html | 6 +- test/qunit-do-crypto-mac2.html | 6 +- test/qunit-do-crypto-md.html | 1 + test/qunit-do-crypto-pss.html | 1 + test/qunit-do-crypto-sigini.html | 3 +- test/qunit-do-crypto-siginidsa.html | 10 +- test/qunit-do-crypto-sjcl.html | 1 + test/qunit-do-crypto.html | 71 +- test/qunit-do-dsa.html | 66 +- test/qunit-do-ecparam.html | 1 + test/qunit-do-jws-intdate.html | 1 + test/qunit-do-jws-util.html | 1 + test/qunit-do-jwt-veri.html | 1 + test/qunit-do-keyutil-csr.html | 1 + test/qunit-do-keyutil-des.html | 1 + test/qunit-do-keyutil-dsa.html | 3 +- test/qunit-do-keyutil-eprv.html | 1 + test/qunit-do-keyutil-gen.html | 1 + test/qunit-do-keyutil-getkey.html | 1 + test/qunit-do-keyutil-getpem.html | 3 +- test/qunit-do-keyutil-pairpem.html | 1 + test/qunit-do-keyutil-pub.html | 1 + test/qunit-do-keyutil.html | 1 + test/qunit-do-pkcs5-eprv.html | 1 + test/qunit-do-pkcs5-pub.html | 1 + test/qunit-do-pkcs5.html | 1 + test/qunit-do-rsapem.html | 1 + test/qunit-do-rsasign-pss.html | 1 + test/qunit-do-rsasign.html | 1 + test/qunit-do-x509-ext.html | 3 + test/qunit-do-x509-getinfo.html | 3 + test/qunit-do-x509-hex2dn.html | 1 + test/qunit-do-x509-key.html | 1 + test/qunit-do-x509-kid.html | 3 + test/qunit-do-x509.html | 3 + 185 files changed, 3782 insertions(+), 3874 deletions(-) create mode 100644 api/symbols/src/dsa-2.0.js.html delete mode 100644 api/symbols/src/dsa-modified-1.0.js.html create mode 100755 dsa-2.0.js delete mode 100644 dsa-modified-1.0.js delete mode 100755 ext/THIRDPARTY_LICENSE.pgp.txt create mode 100644 min/dsa-2.0.min.js delete mode 100644 min/dsa-modified-1.0.min.js diff --git a/ChangeLog.txt b/ChangeLog.txt index 2133a0e3..6a36dc0b 100755 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,13 +1,29 @@ ChangeLog for jsrsasign -* Changes from 6.2.3 to next version +* Changes from 6.2.3 to 7.0.0 (2016-Dec-26) + - LGPL license for openpgpjs was removed. - asn1hex 1.1.7 to 1.1.8 - ASN1HEX.dump also supports ASN1Object as argument - asn1x509 - API document update - pkcs5pkey 1.0.7 - merge @machinewu's pull request for API doc fix + - dsa 2.0.0 + - some of my own codes are moved from dsa-modified-1.0.js + to dsa-2.0.0 and old openpgpjs codes are re-writed with + my own codes and all of openpgpjs codes are removed from + jsrsasign. + - crypto 1.1.10 to 1.1.11 + - some static random number generator methods are + added to KJUR.crypto.Util class for new dsa-2.0: + getRandomHexOfNbytes, getRandomBigIntegerOfNbytes, + getRandomHexOfNbits, getRandomBigIntegerOfNbits, + getRandomBigIntegerZeroToMax, getRandomBigIntegerMinToMax + - REMOVED + - dsa-modified-1.0.js, ext/THIRDPARTY_LICENSE.pgp.txt + - test/qunit-do-*.html + - most of test codes are updated. * Changes from 6.2.2 to 6.2.3 (2016-Nov-29) - asn1x509 1.0.18 to 1.0.19 diff --git a/api/files.html b/api/files.html index 1d03a7fb..e0b1a946 100644 --- a/api/files.html +++ b/api/files.html @@ -4,7 +4,7 @@ - jsrsasign 4.8.7 JavaScript API Reference - File Index + jsrsasign 7.0.0 JavaScript API Reference - File Index 
  1 /*! asn1hex-1.1.7.js (c) 2012-2016 Kenji Urushima | kjur.github.com/jsrsasign/license
+	
  1 /*! asn1hex-1.1.8.js (c) 2012-2016 Kenji Urushima | kjur.github.com/jsrsasign/license
   2  */
   3 /*
   4  * asn1hex.js - Hexadecimal represented ASN.1 string library
@@ -23,7 +23,7 @@
  16  * @fileOverview
  17  * @name asn1hex-1.1.js
  18  * @author Kenji Urushima kenji.urushima@gmail.com
- 19  * @version asn1hex 1.1.7 (2016-Oct-02)
+ 19  * @version asn1hex 1.1.8 (2016-Dec-03)
  20  * @license <a href="http://kjur.github.io/jsrsasign/license/">MIT License</a>
  21  */
  22 
@@ -412,14 +412,14 @@
 405 };
 406 
 407 /**
-408  * get string of simple ASN.1 dump from hexadecimal ASN.1 data
+408  * get string of simple ASN.1 dump from hexadecimal ASN.1 data<br/>
 409  * @name dump
 410  * @memberOf ASN1HEX
 411  * @function
-412  * @param {String} hex hexadecmal string of ASN.1 data
-413  * @param {Array} associative array of flags for dump (OPTION)
+412  * @param {Object} hexOrObj hexadecmal string of ASN.1 data or ASN1Object object
+413  * @param {Array} flags associative array of flags for dump (OPTION)
 414  * @param {Number} idx string index for starting dump (OPTION)
-415  * @param {String} indent string (OPTION)
+415  * @param {String} indent indent string (OPTION)
 416  * @return {String} string of simple ASN.1 dump
 417  * @since jsrsasign 4.8.3 asn1hex 1.1.6
 418  * @description
@@ -440,205 +440,219 @@
 433  *   </ul>
 434  * </li>
 435  * </ul>
-436  * @example
-437  * // ASN.1 INTEGER
-438  * ASN1HEX.dump('0203012345')
-439  * ↓
-440  * INTEGER 012345
-441  *
-442  * // ASN.1 Object Identifier
-443  * ASN1HEX.dump('06052b0e03021a')
-444  * ↓
-445  * ObjectIdentifier sha1 (1 3 14 3 2 26)
-446  *
-447  * // ASN.1 SEQUENCE
-448  * ASN1HEX.dump('3006020101020102')
-449  * ↓
-450  * SEQUENCE
-451  *   INTEGER 01
-452  *   INTEGER 02
-453  *
-454  * // ASN.1 DUMP FOR X.509 CERTIFICATE
-455  * ASN1HEX.dump(X509.pemToHex(certPEM))
-456  * ↓
-457  * SEQUENCE
-458  *   SEQUENCE
-459  *     [0]
-460  *       INTEGER 02
-461  *     INTEGER 0c009310d206dbe337553580118ddc87
-462  *     SEQUENCE
-463  *       ObjectIdentifier SHA256withRSA (1 2 840 113549 1 1 11)
-464  *       NULL
-465  *     SEQUENCE
-466  *       SET
-467  *         SEQUENCE
-468  *           ObjectIdentifier countryName (2 5 4 6)
-469  *           PrintableString 'US'
-470  *             :
-471  */
-472 ASN1HEX.dump = function(hex, flags, idx, indent) {
-473     var _skipLongHex = function(hex, limitNumOctet) {
-474 	if (hex.length <= limitNumOctet * 2) {
-475 	    return hex;
-476 	} else {
-477 	    var s = hex.substr(0, limitNumOctet) + 
-478 		    "..(total " + hex.length / 2 + "bytes).." +
-479 		    hex.substr(hex.length - limitNumOctet, limitNumOctet);
-480 	    return s;
-481 	};
-482     };
-483 
-484     if (flags === undefined) flags = { "ommit_long_octet": 32 };
-485     if (idx === undefined) idx = 0;
-486     if (indent === undefined) indent = "";
-487     var skipLongHex = flags.ommit_long_octet;
-488 
-489     if (hex.substr(idx, 2) == "01") {
-490 	var v = ASN1HEX.getHexOfV_AtObj(hex, idx);
-491 	if (v == "00") {
-492 	    return indent + "BOOLEAN FALSE\n";
-493 	} else {
-494 	    return indent + "BOOLEAN TRUE\n";
-495 	}
-496     }
-497     if (hex.substr(idx, 2) == "02") {
-498 	var v = ASN1HEX.getHexOfV_AtObj(hex, idx);
-499 	return indent + "INTEGER " + _skipLongHex(v, skipLongHex) + "\n";
-500     }
-501     if (hex.substr(idx, 2) == "03") {
-502 	var v = ASN1HEX.getHexOfV_AtObj(hex, idx);
-503 	return indent + "BITSTRING " + _skipLongHex(v, skipLongHex) + "\n";
-504     }
-505     if (hex.substr(idx, 2) == "04") {
-506 	var v = ASN1HEX.getHexOfV_AtObj(hex, idx);
-507 	if (ASN1HEX.isASN1HEX(v)) {
-508 	    var s = indent + "OCTETSTRING, encapsulates\n";
-509 	    s = s + ASN1HEX.dump(v, flags, 0, indent + "  ");
-510 	    return s;
-511 	} else {
-512 	    return indent + "OCTETSTRING " + _skipLongHex(v, skipLongHex) + "\n";
-513 	}
-514     }
-515     if (hex.substr(idx, 2) == "05") {
-516 	return indent + "NULL\n";
+436  * NOTE1: Argument {@link KJUR.asn1.ASN1Object} object is supported since
+437  * jsrsasign 6.2.4 asn1hex 1.0.8
+438  * @example
+439  * // 1) ASN.1 INTEGER
+440  * ASN1HEX.dump('0203012345')
+441  * ↓
+442  * INTEGER 012345
+443  *
+444  * // 2) ASN.1 Object Identifier
+445  * ASN1HEX.dump('06052b0e03021a')
+446  * ↓
+447  * ObjectIdentifier sha1 (1 3 14 3 2 26)
+448  *
+449  * // 3) ASN.1 SEQUENCE
+450  * ASN1HEX.dump('3006020101020102')
+451  * ↓
+452  * SEQUENCE
+453  *   INTEGER 01
+454  *   INTEGER 02
+455  *
+456  * // 4) ASN.1 SEQUENCE since jsrsasign 6.2.4
+457  * o = KJUR.asn1.ASN1Util.newObject({seq: [{int: 1}, {int: 2}]});
+458  * ASN1HEX.dump(o)
+459  * ↓
+460  * SEQUENCE
+461  *   INTEGER 01
+462  *   INTEGER 02
+463  * // 5) ASN.1 DUMP FOR X.509 CERTIFICATE
+464  * ASN1HEX.dump(X509.pemToHex(certPEM))
+465  * ↓
+466  * SEQUENCE
+467  *   SEQUENCE
+468  *     [0]
+469  *       INTEGER 02
+470  *     INTEGER 0c009310d206dbe337553580118ddc87
+471  *     SEQUENCE
+472  *       ObjectIdentifier SHA256withRSA (1 2 840 113549 1 1 11)
+473  *       NULL
+474  *     SEQUENCE
+475  *       SET
+476  *         SEQUENCE
+477  *           ObjectIdentifier countryName (2 5 4 6)
+478  *           PrintableString 'US'
+479  *             :
+480  */
+481 ASN1HEX.dump = function(hexOrObj, flags, idx, indent) {
+482     var hex = hexOrObj;
+483     if (hexOrObj instanceof KJUR.asn1.ASN1Object)
+484 	hex = hexOrObj.getEncodedHex();
+485 
+486     var _skipLongHex = function(hex, limitNumOctet) {
+487 	if (hex.length <= limitNumOctet * 2) {
+488 	    return hex;
+489 	} else {
+490 	    var s = hex.substr(0, limitNumOctet) + 
+491 		    "..(total " + hex.length / 2 + "bytes).." +
+492 		    hex.substr(hex.length - limitNumOctet, limitNumOctet);
+493 	    return s;
+494 	};
+495     };
+496 
+497     if (flags === undefined) flags = { "ommit_long_octet": 32 };
+498     if (idx === undefined) idx = 0;
+499     if (indent === undefined) indent = "";
+500     var skipLongHex = flags.ommit_long_octet;
+501 
+502     if (hex.substr(idx, 2) == "01") {
+503 	var v = ASN1HEX.getHexOfV_AtObj(hex, idx);
+504 	if (v == "00") {
+505 	    return indent + "BOOLEAN FALSE\n";
+506 	} else {
+507 	    return indent + "BOOLEAN TRUE\n";
+508 	}
+509     }
+510     if (hex.substr(idx, 2) == "02") {
+511 	var v = ASN1HEX.getHexOfV_AtObj(hex, idx);
+512 	return indent + "INTEGER " + _skipLongHex(v, skipLongHex) + "\n";
+513     }
+514     if (hex.substr(idx, 2) == "03") {
+515 	var v = ASN1HEX.getHexOfV_AtObj(hex, idx);
+516 	return indent + "BITSTRING " + _skipLongHex(v, skipLongHex) + "\n";
 517     }
-518     if (hex.substr(idx, 2) == "06") {
-519 	var hV = ASN1HEX.getHexOfV_AtObj(hex, idx);
-520         var oidDot = KJUR.asn1.ASN1Util.oidHexToInt(hV);
-521         var oidName = KJUR.asn1.x509.OID.oid2name(oidDot);
-522 	var oidSpc = oidDot.replace(/\./g, ' ');
-523         if (oidName != '') {
-524   	    return indent + "ObjectIdentifier " + oidName + " (" + oidSpc + ")\n";
-525 	} else {
-526   	    return indent + "ObjectIdentifier (" + oidSpc + ")\n";
-527 	}
-528     }
-529     if (hex.substr(idx, 2) == "0c") {
-530 	return indent + "UTF8String '" + hextoutf8(ASN1HEX.getHexOfV_AtObj(hex, idx)) + "'\n";
-531     }
-532     if (hex.substr(idx, 2) == "13") {
-533 	return indent + "PrintableString '" + hextoutf8(ASN1HEX.getHexOfV_AtObj(hex, idx)) + "'\n";
-534     }
-535     if (hex.substr(idx, 2) == "14") {
-536 	return indent + "TeletexString '" + hextoutf8(ASN1HEX.getHexOfV_AtObj(hex, idx)) + "'\n";
-537     }
-538     if (hex.substr(idx, 2) == "16") {
-539 	return indent + "IA5String '" + hextoutf8(ASN1HEX.getHexOfV_AtObj(hex, idx)) + "'\n";
-540     }
-541     if (hex.substr(idx, 2) == "17") {
-542 	return indent + "UTCTime " + hextoutf8(ASN1HEX.getHexOfV_AtObj(hex, idx)) + "\n";
-543     }
-544     if (hex.substr(idx, 2) == "18") {
-545 	return indent + "GeneralizedTime " + hextoutf8(ASN1HEX.getHexOfV_AtObj(hex, idx)) + "\n";
-546     }
-547     if (hex.substr(idx, 2) == "30") {
-548 	if (hex.substr(idx, 4) == "3000") {
-549 	    return indent + "SEQUENCE {}\n";
-550 	}
-551 
-552 	var s = indent + "SEQUENCE\n";
-553 	var aIdx = ASN1HEX.getPosArrayOfChildren_AtObj(hex, idx);
-554 
-555 	var flagsTemp = flags;
-556 	
-557 	if ((aIdx.length == 2 || aIdx.length == 3) &&
-558 	    hex.substr(aIdx[0], 2) == "06" &&
-559 	    hex.substr(aIdx[aIdx.length - 1], 2) == "04") { // supposed X.509v3 extension
-560 	    var oidHex = ASN1HEX.getHexOfV_AtObj(hex, aIdx[0]);
-561 	    var oidDot = KJUR.asn1.ASN1Util.oidHexToInt(oidHex);
-562 	    var oidName = KJUR.asn1.x509.OID.oid2name(oidDot);
-563 
-564 	    var flagsClone = JSON.parse(JSON.stringify(flags));
-565 	    flagsClone.x509ExtName = oidName;
-566 	    flagsTemp = flagsClone;
-567 	}
-568 	
-569 	for (var i = 0; i < aIdx.length; i++) {
-570 	    s = s + ASN1HEX.dump(hex, flagsTemp, aIdx[i], indent + "  ");
-571 	}
-572 	return s;
-573     }
-574     if (hex.substr(idx, 2) == "31") {
-575 	var s = indent + "SET\n";
-576 	var aIdx = ASN1HEX.getPosArrayOfChildren_AtObj(hex, idx);
-577 	for (var i = 0; i < aIdx.length; i++) {
-578 	    s = s + ASN1HEX.dump(hex, flags, aIdx[i], indent + "  ");
-579 	}
-580 	return s;
-581     }
-582     var tag = parseInt(hex.substr(idx, 2), 16);
-583     if ((tag & 128) != 0) { // context specific 
-584 	var tagNumber = tag & 31;
-585 	if ((tag & 32) != 0) { // structured tag
-586 	    var s = indent + "[" + tagNumber + "]\n";
-587 	    var aIdx = ASN1HEX.getPosArrayOfChildren_AtObj(hex, idx);
-588 	    for (var i = 0; i < aIdx.length; i++) {
-589 		s = s + ASN1HEX.dump(hex, flags, aIdx[i], indent + "  ");
-590 	    }
-591 	    return s;
-592 	} else { // primitive tag
-593 	    var v = ASN1HEX.getHexOfV_AtObj(hex, idx);
-594 	    if (v.substr(0, 8) == "68747470") { // http
-595 		v = hextoutf8(v);
-596 	    }
-597 	    if (flags.x509ExtName === "subjectAltName" &&
-598 		tagNumber == 2) {
-599 		v = hextoutf8(v);
-600 	    }
-601 	    
-602 	    var s = indent + "[" + tagNumber + "] " + v + "\n";
-603 	    return s;
-604 	}
-605     }
-606     return indent + "UNKNOWN(" + hex.substr(idx, 2) + ") " + ASN1HEX.getHexOfV_AtObj(hex, idx) + "\n";
-607 };
-608 
-609 /**
-610  * check wheather the string is ASN.1 hexadecimal string or not
-611  * @name isASN1HEX
-612  * @memberOf ASN1HEX
-613  * @function
-614  * @param {String} hex string to check whether it is hexadecmal string for ASN.1 DER or not
-615  * @return {Boolean} true if it is hexadecimal string of ASN.1 data otherwise false
-616  * @since jsrsasign 4.8.3 asn1hex 1.1.6
-617  * @description
-618  * This method checks wheather the argument 'hex' is a hexadecimal string of
-619  * ASN.1 data or not.
-620  * @example
-621  * ASN1HEX.isASN1HEX('0203012345') → true // PROPER ASN.1 INTEGER
-622  * ASN1HEX.isASN1HEX('0203012345ff') → false // TOO LONG VALUE
-623  * ASN1HEX.isASN1HEX('02030123') → false // TOO SHORT VALUE
-624  * ASN1HEX.isASN1HEX('fa3bcd') → false // WRONG FOR ASN.1
-625  */
-626 ASN1HEX.isASN1HEX = function(hex) {
-627     if (hex.length % 2 == 1) return false;
-628 
-629     var intL = ASN1HEX.getIntOfL_AtObj(hex, 0);
-630     var tV = hex.substr(0, 2);
-631     var lV = ASN1HEX.getHexOfL_AtObj(hex, 0);
-632     var hVLength = hex.length - tV.length - lV.length;
-633     if (hVLength == intL * 2) return true;
-634 
-635     return false;
-636 };
-637 

\ No newline at end of file
+518     if (hex.substr(idx, 2) == "04") {
+519 	var v = ASN1HEX.getHexOfV_AtObj(hex, idx);
+520 	if (ASN1HEX.isASN1HEX(v)) {
+521 	    var s = indent + "OCTETSTRING, encapsulates\n";
+522 	    s = s + ASN1HEX.dump(v, flags, 0, indent + "  ");
+523 	    return s;
+524 	} else {
+525 	    return indent + "OCTETSTRING " + _skipLongHex(v, skipLongHex) + "\n";
+526 	}
+527     }
+528     if (hex.substr(idx, 2) == "05") {
+529 	return indent + "NULL\n";
+530     }
+531     if (hex.substr(idx, 2) == "06") {
+532 	var hV = ASN1HEX.getHexOfV_AtObj(hex, idx);
+533         var oidDot = KJUR.asn1.ASN1Util.oidHexToInt(hV);
+534         var oidName = KJUR.asn1.x509.OID.oid2name(oidDot);
+535 	var oidSpc = oidDot.replace(/\./g, ' ');
+536         if (oidName != '') {
+537   	    return indent + "ObjectIdentifier " + oidName + " (" + oidSpc + ")\n";
+538 	} else {
+539   	    return indent + "ObjectIdentifier (" + oidSpc + ")\n";
+540 	}
+541     }
+542     if (hex.substr(idx, 2) == "0c") {
+543 	return indent + "UTF8String '" + hextoutf8(ASN1HEX.getHexOfV_AtObj(hex, idx)) + "'\n";
+544     }
+545     if (hex.substr(idx, 2) == "13") {
+546 	return indent + "PrintableString '" + hextoutf8(ASN1HEX.getHexOfV_AtObj(hex, idx)) + "'\n";
+547     }
+548     if (hex.substr(idx, 2) == "14") {
+549 	return indent + "TeletexString '" + hextoutf8(ASN1HEX.getHexOfV_AtObj(hex, idx)) + "'\n";
+550     }
+551     if (hex.substr(idx, 2) == "16") {
+552 	return indent + "IA5String '" + hextoutf8(ASN1HEX.getHexOfV_AtObj(hex, idx)) + "'\n";
+553     }
+554     if (hex.substr(idx, 2) == "17") {
+555 	return indent + "UTCTime " + hextoutf8(ASN1HEX.getHexOfV_AtObj(hex, idx)) + "\n";
+556     }
+557     if (hex.substr(idx, 2) == "18") {
+558 	return indent + "GeneralizedTime " + hextoutf8(ASN1HEX.getHexOfV_AtObj(hex, idx)) + "\n";
+559     }
+560     if (hex.substr(idx, 2) == "30") {
+561 	if (hex.substr(idx, 4) == "3000") {
+562 	    return indent + "SEQUENCE {}\n";
+563 	}
+564 
+565 	var s = indent + "SEQUENCE\n";
+566 	var aIdx = ASN1HEX.getPosArrayOfChildren_AtObj(hex, idx);
+567 
+568 	var flagsTemp = flags;
+569 	
+570 	if ((aIdx.length == 2 || aIdx.length == 3) &&
+571 	    hex.substr(aIdx[0], 2) == "06" &&
+572 	    hex.substr(aIdx[aIdx.length - 1], 2) == "04") { // supposed X.509v3 extension
+573 	    var oidHex = ASN1HEX.getHexOfV_AtObj(hex, aIdx[0]);
+574 	    var oidDot = KJUR.asn1.ASN1Util.oidHexToInt(oidHex);
+575 	    var oidName = KJUR.asn1.x509.OID.oid2name(oidDot);
+576 
+577 	    var flagsClone = JSON.parse(JSON.stringify(flags));
+578 	    flagsClone.x509ExtName = oidName;
+579 	    flagsTemp = flagsClone;
+580 	}
+581 	
+582 	for (var i = 0; i < aIdx.length; i++) {
+583 	    s = s + ASN1HEX.dump(hex, flagsTemp, aIdx[i], indent + "  ");
+584 	}
+585 	return s;
+586     }
+587     if (hex.substr(idx, 2) == "31") {
+588 	var s = indent + "SET\n";
+589 	var aIdx = ASN1HEX.getPosArrayOfChildren_AtObj(hex, idx);
+590 	for (var i = 0; i < aIdx.length; i++) {
+591 	    s = s + ASN1HEX.dump(hex, flags, aIdx[i], indent + "  ");
+592 	}
+593 	return s;
+594     }
+595     var tag = parseInt(hex.substr(idx, 2), 16);
+596     if ((tag & 128) != 0) { // context specific 
+597 	var tagNumber = tag & 31;
+598 	if ((tag & 32) != 0) { // structured tag
+599 	    var s = indent + "[" + tagNumber + "]\n";
+600 	    var aIdx = ASN1HEX.getPosArrayOfChildren_AtObj(hex, idx);
+601 	    for (var i = 0; i < aIdx.length; i++) {
+602 		s = s + ASN1HEX.dump(hex, flags, aIdx[i], indent + "  ");
+603 	    }
+604 	    return s;
+605 	} else { // primitive tag
+606 	    var v = ASN1HEX.getHexOfV_AtObj(hex, idx);
+607 	    if (v.substr(0, 8) == "68747470") { // http
+608 		v = hextoutf8(v);
+609 	    }
+610 	    if (flags.x509ExtName === "subjectAltName" &&
+611 		tagNumber == 2) {
+612 		v = hextoutf8(v);
+613 	    }
+614 	    
+615 	    var s = indent + "[" + tagNumber + "] " + v + "\n";
+616 	    return s;
+617 	}
+618     }
+619     return indent + "UNKNOWN(" + hex.substr(idx, 2) + ") " + 
+620 	   ASN1HEX.getHexOfV_AtObj(hex, idx) + "\n";
+621 };
+622 
+623 /**
+624  * check wheather the string is ASN.1 hexadecimal string or not
+625  * @name isASN1HEX
+626  * @memberOf ASN1HEX
+627  * @function
+628  * @param {String} hex string to check whether it is hexadecmal string for ASN.1 DER or not
+629  * @return {Boolean} true if it is hexadecimal string of ASN.1 data otherwise false
+630  * @since jsrsasign 4.8.3 asn1hex 1.1.6
+631  * @description
+632  * This method checks wheather the argument 'hex' is a hexadecimal string of
+633  * ASN.1 data or not.
+634  * @example
+635  * ASN1HEX.isASN1HEX('0203012345') → true // PROPER ASN.1 INTEGER
+636  * ASN1HEX.isASN1HEX('0203012345ff') → false // TOO LONG VALUE
+637  * ASN1HEX.isASN1HEX('02030123') → false // TOO SHORT VALUE
+638  * ASN1HEX.isASN1HEX('fa3bcd') → false // WRONG FOR ASN.1
+639  */
+640 ASN1HEX.isASN1HEX = function(hex) {
+641     if (hex.length % 2 == 1) return false;
+642 
+643     var intL = ASN1HEX.getIntOfL_AtObj(hex, 0);
+644     var tV = hex.substr(0, 2);
+645     var lV = ASN1HEX.getHexOfL_AtObj(hex, 0);
+646     var hVLength = hex.length - tV.length - lV.length;
+647     if (hVLength == intL * 2) return true;
+648 
+649     return false;
+650 };
+651
\ No newline at end of file diff --git a/api/symbols/src/crypto-1.1.js.html b/api/symbols/src/crypto-1.1.js.html index 76595dff..45ebe6ab 100644 --- a/api/symbols/src/crypto-1.1.js.html +++ b/api/symbols/src/crypto-1.1.js.html @@ -5,7 +5,7 @@ .STRN {color: #393;} .REGX {color: #339;} .line {border-right: 1px dotted #666; color: #666; font-style: normal;} - 
  1 /*! crypto-1.1.10.js (c) 2013-2016 Kenji Urushima | kjur.github.com/jsrsasign/license
+	
  1 /*! crypto-1.1.11.js (c) 2013-2016 Kenji Urushima | kjur.github.com/jsrsasign/license
   2  */
   3 /*
   4  * crypto.js - Cryptographic Algorithm Provider class
@@ -23,7 +23,7 @@
  16  * @fileOverview
  17  * @name crypto-1.1.js
  18  * @author Kenji Urushima kenji.urushima@gmail.com
- 19  * @version 1.1.10 (2016-Oct-29)
+ 19  * @version 1.1.11 (2016-Dec-25)
  20  * @since jsrsasign 2.2
  21  * @license <a href="http://kjur.github.io/jsrsasign/license/">MIT License</a>
  22  */
@@ -257,1188 +257,1312 @@
 250         return md.digestHex(s);
 251     };
 252 
-253     /**
-254      * get hexadecimal MD5 hash of string
-255      * @name md5
-256      * @memberOf KJUR.crypto.Util
-257      * @function
-258      * @param {String} s input string to be hashed
-259      * @return {String} hexadecimal string of hash value
-260      * @since 1.0.3
-261      */
-262     this.md5 = function(s) {
-263         var md = new KJUR.crypto.MessageDigest({'alg':'md5', 'prov':'cryptojs'});
-264         return md.digestString(s);
-265     };
-266 
-267     /**
-268      * get hexadecimal RIPEMD160 hash of string
-269      * @name ripemd160
-270      * @memberOf KJUR.crypto.Util
-271      * @function
-272      * @param {String} s input string to be hashed
-273      * @return {String} hexadecimal string of hash value
-274      * @since 1.0.3
-275      */
-276     this.ripemd160 = function(s) {
-277         var md = new KJUR.crypto.MessageDigest({'alg':'ripemd160', 'prov':'cryptojs'});
-278         return md.digestString(s);
-279     };
-280 
-281     /*
-282      * @since 1.1.2
-283      */
-284     this.getCryptoJSMDByName = function(s) {
-285 	
-286     };
-287 };
-288 
-289 // === Mac ===============================================================
-290 
-291 /**
-292  * MessageDigest class which is very similar to java.security.MessageDigest class<br/>
-293  * @name KJUR.crypto.MessageDigest
-294  * @class MessageDigest class which is very similar to java.security.MessageDigest class
-295  * @param {Array} params parameters for constructor
-296  * @property {Array} HASHLENGTH static Array of resulted byte length of hash (ex. HASHLENGTH["sha1"] == 20)
-297  * @description
-298  * <br/>
-299  * Currently this supports following algorithm and providers combination:
-300  * <ul>
-301  * <li>md5 - cryptojs</li>
-302  * <li>sha1 - cryptojs</li>
-303  * <li>sha224 - cryptojs</li>
-304  * <li>sha256 - cryptojs</li>
-305  * <li>sha384 - cryptojs</li>
-306  * <li>sha512 - cryptojs</li>
-307  * <li>ripemd160 - cryptojs</li>
-308  * <li>sha256 - sjcl (NEW from crypto.js 1.0.4)</li>
-309  * </ul>
-310  * @example
-311  * // CryptoJS provider sample
-312  * var md = new KJUR.crypto.MessageDigest({alg: "sha1", prov: "cryptojs"});
-313  * md.updateString('aaa')
-314  * var mdHex = md.digest()
-315  *
-316  * // SJCL(Stanford JavaScript Crypto Library) provider sample
-317  * var md = new KJUR.crypto.MessageDigest({alg: "sha256", prov: "sjcl"}); // sjcl supports sha256 only
-318  * md.updateString('aaa')
-319  * var mdHex = md.digest()
-320  *
-321  * // HASHLENGTH property
-322  * KJUR.crypto.MessageDigest.HASHLENGTH['sha1'] &rarr 20
-323  * KJUR.crypto.MessageDigest.HASHLENGTH['sha512'] &rarr 64
-324  */
-325 KJUR.crypto.MessageDigest = function(params) {
-326     var md = null;
-327     var algName = null;
-328     var provName = null;
-329 
-330     /**
-331      * set hash algorithm and provider<br/>
-332      * @name setAlgAndProvider
-333      * @memberOf KJUR.crypto.MessageDigest#
-334      * @function
-335      * @param {String} alg hash algorithm name
-336      * @param {String} prov provider name
-337      * @description
-338      * This methods set an algorithm and a cryptographic provider.<br/>
-339      * Here is acceptable algorithm names ignoring cases and hyphens:
-340      * <ul>
-341      * <li>MD5</li>
-342      * <li>SHA1</li>
-343      * <li>SHA224</li>
-344      * <li>SHA256</li>
-345      * <li>SHA384</li>
-346      * <li>SHA512</li>
-347      * <li>RIPEMD160</li>
-348      * </ul>
-349      * NOTE: Since jsrsasign 6.2.0 crypto 1.1.10, this method ignores
-350      * upper or lower cases. Also any hyphens (i.e. "-") will be ignored
-351      * so that "SHA1" or "SHA-1" will be acceptable.
-352      * @example
-353      * // for SHA1
-354      * md.setAlgAndProvider('sha1', 'cryptojs');
-355      * md.setAlgAndProvider('SHA1');
-356      * // for RIPEMD160
-357      * md.setAlgAndProvider('ripemd160', 'cryptojs');
-358      */
-359     this.setAlgAndProvider = function(alg, prov) {
-360 	alg = KJUR.crypto.MessageDigest.getCanonicalAlgName(alg);
-361 
-362 	if (alg !== null && prov === undefined) prov = KJUR.crypto.Util.DEFAULTPROVIDER[alg];
-363 
-364 	// for cryptojs
-365 	if (':md5:sha1:sha224:sha256:sha384:sha512:ripemd160:'.indexOf(alg) != -1 &&
-366 	    prov == 'cryptojs') {
-367 	    try {
-368 		this.md = KJUR.crypto.Util.CRYPTOJSMESSAGEDIGESTNAME[alg].create();
-369 	    } catch (ex) {
-370 		throw "setAlgAndProvider hash alg set fail alg=" + alg + "/" + ex;
-371 	    }
-372 	    this.updateString = function(str) {
-373 		this.md.update(str);
-374 	    };
-375 	    this.updateHex = function(hex) {
-376 		var wHex = CryptoJS.enc.Hex.parse(hex);
-377 		this.md.update(wHex);
-378 	    };
-379 	    this.digest = function() {
-380 		var hash = this.md.finalize();
-381 		return hash.toString(CryptoJS.enc.Hex);
-382 	    };
-383 	    this.digestString = function(str) {
-384 		this.updateString(str);
-385 		return this.digest();
-386 	    };
-387 	    this.digestHex = function(hex) {
-388 		this.updateHex(hex);
-389 		return this.digest();
-390 	    };
-391 	}
-392 	if (':sha256:'.indexOf(alg) != -1 &&
-393 	    prov == 'sjcl') {
-394 	    try {
-395 		this.md = new sjcl.hash.sha256();
-396 	    } catch (ex) {
-397 		throw "setAlgAndProvider hash alg set fail alg=" + alg + "/" + ex;
-398 	    }
-399 	    this.updateString = function(str) {
-400 		this.md.update(str);
-401 	    };
-402 	    this.updateHex = function(hex) {
-403 		var baHex = sjcl.codec.hex.toBits(hex);
-404 		this.md.update(baHex);
-405 	    };
-406 	    this.digest = function() {
-407 		var hash = this.md.finalize();
-408 		return sjcl.codec.hex.fromBits(hash);
-409 	    };
-410 	    this.digestString = function(str) {
-411 		this.updateString(str);
-412 		return this.digest();
-413 	    };
-414 	    this.digestHex = function(hex) {
-415 		this.updateHex(hex);
-416 		return this.digest();
-417 	    };
-418 	}
-419     };
-420 
-421     /**
-422      * update digest by specified string
-423      * @name updateString
-424      * @memberOf KJUR.crypto.MessageDigest#
-425      * @function
-426      * @param {String} str string to update
-427      * @description
-428      * @example
-429      * md.updateString('New York');
-430      */
-431     this.updateString = function(str) {
-432 	throw "updateString(str) not supported for this alg/prov: " + this.algName + "/" + this.provName;
-433     };
-434 
-435     /**
-436      * update digest by specified hexadecimal string
-437      * @name updateHex
-438      * @memberOf KJUR.crypto.MessageDigest#
-439      * @function
-440      * @param {String} hex hexadecimal string to update
-441      * @description
-442      * @example
-443      * md.updateHex('0afe36');
-444      */
-445     this.updateHex = function(hex) {
-446 	throw "updateHex(hex) not supported for this alg/prov: " + this.algName + "/" + this.provName;
-447     };
-448 
-449     /**
-450      * completes hash calculation and returns hash result
-451      * @name digest
-452      * @memberOf KJUR.crypto.MessageDigest#
-453      * @function
-454      * @description
-455      * @example
-456      * md.digest()
-457      */
-458     this.digest = function() {
-459 	throw "digest() not supported for this alg/prov: " + this.algName + "/" + this.provName;
-460     };
-461 
-462     /**
-463      * performs final update on the digest using string, then completes the digest computation
-464      * @name digestString
-465      * @memberOf KJUR.crypto.MessageDigest#
-466      * @function
-467      * @param {String} str string to final update
-468      * @description
-469      * @example
-470      * md.digestString('aaa')
-471      */
-472     this.digestString = function(str) {
-473 	throw "digestString(str) not supported for this alg/prov: " + this.algName + "/" + this.provName;
-474     };
-475 
-476     /**
-477      * performs final update on the digest using hexadecimal string, then completes the digest computation
-478      * @name digestHex
-479      * @memberOf KJUR.crypto.MessageDigest#
-480      * @function
-481      * @param {String} hex hexadecimal string to final update
-482      * @description
-483      * @example
-484      * md.digestHex('0f2abd')
-485      */
-486     this.digestHex = function(hex) {
-487 	throw "digestHex(hex) not supported for this alg/prov: " + this.algName + "/" + this.provName;
-488     };
-489 
-490     if (params !== undefined) {
-491 	if (params['alg'] !== undefined) {
-492 	    this.algName = params['alg'];
-493 	    if (params['prov'] === undefined)
-494 		this.provName = KJUR.crypto.Util.DEFAULTPROVIDER[this.algName];
-495 	    this.setAlgAndProvider(this.algName, this.provName);
-496 	}
-497     }
-498 };
-499 
-500 /**
-501  * get canonical hash algorithm name<br/>
-502  * @name getCanonicalAlgName
-503  * @memberOf KJUR.crypto.MessageDigest
-504  * @function
-505  * @param {String} alg hash algorithm name (ex. MD5, SHA-1, SHA1, SHA512 et.al.)
-506  * @return {String} canonical hash algorithm name
-507  * @since jsrsasign 6.2.0 crypto 1.1.10
-508  * @description
-509  * This static method normalizes from any hash algorithm name such as
-510  * "SHA-1", "SHA1", "MD5", "sha512" to lower case name without hyphens
-511  * such as "sha1".
-512  * @example
-513  * KJUR.crypto.MessageDigest.getCanonicalAlgName("SHA-1") &rarr "sha1"
-514  * KJUR.crypto.MessageDigest.getCanonicalAlgName("MD5")   &rarr "md5"
-515  */
-516 KJUR.crypto.MessageDigest.getCanonicalAlgName = function(alg) {
-517     if (typeof alg === "string") {
-518 	alg = alg.toLowerCase();
-519 	alg = alg.replace(/-/, '');
-520     }
-521     return alg;
-522 };
-523 
-524 /**
-525  * get resulted hash byte length for specified algorithm name<br/>
-526  * @name getHashLength
-527  * @memberOf KJUR.crypto.MessageDigest
-528  * @function
-529  * @param {String} alg non-canonicalized hash algorithm name (ex. MD5, SHA-1, SHA1, SHA512 et.al.)
-530  * @return {Integer} resulted hash byte length
-531  * @since jsrsasign 6.2.0 crypto 1.1.10
-532  * @description
-533  * This static method returns resulted byte length for specified algorithm name such as "SHA-1".
-534  * @example
-535  * KJUR.crypto.MessageDigest.getHashLength("SHA-1") &rarr 20
-536  * KJUR.crypto.MessageDigest.getHashLength("sha1") &rarr 20
-537  */
-538 KJUR.crypto.MessageDigest.getHashLength = function(alg) {
-539     var MD = KJUR.crypto.MessageDigest
-540     var alg2 = MD.getCanonicalAlgName(alg);
-541     if (MD.HASHLENGTH[alg2] === undefined)
-542 	throw "not supported algorithm: " + alg;
-543     return MD.HASHLENGTH[alg2];
-544 };
-545 
-546 // described in KJUR.crypto.MessageDigest class (since jsrsasign 6.2.0 crypto 1.1.10)
-547 KJUR.crypto.MessageDigest.HASHLENGTH = {
-548     'md5':		16,
-549     'sha1':		20,
-550     'sha224':		28,
-551     'sha256':		32,
-552     'sha384':		48,
-553     'sha512':		64,
-554     'ripemd160':	20
-555 };
-556 
-557 // === Mac ===============================================================
+253 };
+254 
+255 /**
+256  * get hexadecimal MD5 hash of string
+257  * @name md5
+258  * @memberOf KJUR.crypto.Util
+259  * @function
+260  * @param {String} s input string to be hashed
+261  * @return {String} hexadecimal string of hash value
+262  * @since 1.0.3
+263  * @example
+264  * Util.md5('aaa') → 47bce5c74f589f4867dbd57e9ca9f808
+265  */
+266 KJUR.crypto.Util.md5 = function(s) {
+267     var md = new KJUR.crypto.MessageDigest({'alg':'md5', 'prov':'cryptojs'});
+268     return md.digestString(s);
+269 };
+270 
+271 /**
+272  * get hexadecimal RIPEMD160 hash of string
+273  * @name ripemd160
+274  * @memberOf KJUR.crypto.Util
+275  * @function
+276  * @param {String} s input string to be hashed
+277  * @return {String} hexadecimal string of hash value
+278  * @since 1.0.3
+279  * @example
+280  * KJUR.crypto.Util.ripemd160("aaa") → 08889bd7b151aa174c21f33f59147fa65381edea
+281  */
+282 KJUR.crypto.Util.ripemd160 = function(s) {
+283     var md = new KJUR.crypto.MessageDigest({'alg':'ripemd160', 'prov':'cryptojs'});
+284     return md.digestString(s);
+285 };
+286 
+287 // @since jsrsasign 7.0.0 crypto 1.1.11
+288 KJUR.crypto.Util.SECURERANDOMGEN = new SecureRandom();
+289 
+290 /**
+291  * get hexadecimal string of random value from with specified byte length<br/>
+292  * @name getRandomHexOfNbytes
+293  * @memberOf KJUR.crypto.Util
+294  * @function
+295  * @param {Integer} n length of bytes of random
+296  * @return {String} hexadecimal string of random
+297  * @since jsrsasign 7.0.0 crypto 1.1.11
+298  * @example
+299  * KJUR.crypto.Util.getRandomHexOfNbytes(3) → "6314af", "000000" or "001fb4"
+300  * KJUR.crypto.Util.getRandomHexOfNbytes(128) → "8fbc..." in 1024bits 
+301  */
+302 KJUR.crypto.Util.getRandomHexOfNbytes = function(n) {
+303     var ba = new Array(n);
+304     KJUR.crypto.Util.SECURERANDOMGEN.nextBytes(ba);
+305     return BAtohex(ba);
+306 };
+307 
+308 /**
+309  * get BigInteger object of random value from with specified byte length<br/>
+310  * @name getRandomBigIntegerOfNbytes
+311  * @memberOf KJUR.crypto.Util
+312  * @function
+313  * @param {Integer} n length of bytes of random
+314  * @return {BigInteger} BigInteger object of specified random value
+315  * @since jsrsasign 7.0.0 crypto 1.1.11
+316  * @example
+317  * KJUR.crypto.Util.getRandomBigIntegerOfNbytes(3) → 6314af of BigInteger
+318  * KJUR.crypto.Util.getRandomBigIntegerOfNbytes(128) → 8fbc... of BigInteger
+319  */
+320 KJUR.crypto.Util.getRandomBigIntegerOfNbytes = function(n) {
+321     return new BigInteger(KJUR.crypto.Util.getRandomHexOfNbytes(n), 16);
+322 };
+323 
+324 /**
+325  * get hexadecimal string of random value from with specified bit length<br/>
+326  * @name getRandomHexOfNbits
+327  * @memberOf KJUR.crypto.Util
+328  * @function
+329  * @param {Integer} n length of bits of random
+330  * @return {String} hexadecimal string of random
+331  * @since jsrsasign 7.0.0 crypto 1.1.11
+332  * @example
+333  * KJUR.crypto.Util.getRandomHexOfNbits(24) → "6314af", "000000" or "001fb4"
+334  * KJUR.crypto.Util.getRandomHexOfNbits(1024) → "8fbc..." in 1024bits 
+335  */
+336 KJUR.crypto.Util.getRandomHexOfNbits = function(n) {
+337     var n_remainder = n % 8;
+338     var n_quotient = (n - n_remainder) / 8;
+339     var ba = new Array(n_quotient + 1);
+340     KJUR.crypto.Util.SECURERANDOMGEN.nextBytes(ba);
+341     ba[0] = (((255 << n_remainder) & 255) ^ 255) & ba[0];
+342     return BAtohex(ba);
+343 };
+344 
+345 /**
+346  * get BigInteger object of random value from with specified bit length<br/>
+347  * @name getRandomBigIntegerOfNbits
+348  * @memberOf KJUR.crypto.Util
+349  * @function
+350  * @param {Integer} n length of bits of random
+351  * @return {BigInteger} BigInteger object of specified random value
+352  * @since jsrsasign 7.0.0 crypto 1.1.11
+353  * @example
+354  * KJUR.crypto.Util.getRandomBigIntegerOfNbits(24) → 6314af of BigInteger
+355  * KJUR.crypto.Util.getRandomBigIntegerOfNbits(1024) → 8fbc... of BigInteger
+356  */
+357 KJUR.crypto.Util.getRandomBigIntegerOfNbits = function(n) {
+358     return new BigInteger(KJUR.crypto.Util.getRandomHexOfNbits(n), 16);
+359 };
+360 
+361 /**
+362  * get BigInteger object of random value from zero to max value<br/>
+363  * @name getRandomBigIntegerZeroToMax
+364  * @memberOf KJUR.crypto.Util
+365  * @function
+366  * @param {BigInteger} biMax max value of BigInteger object for random value
+367  * @return {BigInteger} BigInteger object of specified random value
+368  * @since jsrsasign 7.0.0 crypto 1.1.11
+369  * @description
+370  * This static method generates a BigInteger object with random value
+371  * greater than or equal to zero and smaller than or equal to biMax
+372  * (i.e. 0 ≤ result ≤ biMax).
+373  * @example
+374  * biMax = new BigInteger("3fa411...", 16);
+375  * KJUR.crypto.Util.getRandomBigIntegerZeroToMax(biMax) → 8fbc... of BigInteger
+376  */
+377 KJUR.crypto.Util.getRandomBigIntegerZeroToMax = function(biMax) {
+378     var bitLenMax = biMax.bitLength();
+379     while (1) {
+380 	var biRand = KJUR.crypto.Util.getRandomBigIntegerOfNbits(bitLenMax);
+381 	if (biMax.compareTo(biRand) != -1) return biRand;
+382     }
+383 };
+384 
+385 /**
+386  * get BigInteger object of random value from min value to max value<br/>
+387  * @name getRandomBigIntegerMinToMax
+388  * @memberOf KJUR.crypto.Util
+389  * @function
+390  * @param {BigInteger} biMin min value of BigInteger object for random value
+391  * @param {BigInteger} biMax max value of BigInteger object for random value
+392  * @return {BigInteger} BigInteger object of specified random value
+393  * @since jsrsasign 7.0.0 crypto 1.1.11
+394  * @description
+395  * This static method generates a BigInteger object with random value
+396  * greater than or equal to biMin and smaller than or equal to biMax
+397  * (i.e. biMin ≤ result ≤ biMax).
+398  * @example
+399  * biMin = new BigInteger("2fa411...", 16);
+400  * biMax = new BigInteger("3fa411...", 16);
+401  * KJUR.crypto.Util.getRandomBigIntegerMinToMax(biMin, biMax) → 32f1... of BigInteger
+402  */
+403 KJUR.crypto.Util.getRandomBigIntegerMinToMax = function(biMin, biMax) {
+404     var flagCompare = biMin.compareTo(biMax);
+405     if (flagCompare == 1) throw "biMin is greater than biMax";
+406     if (flagCompare == 0) return biMin;
+407 
+408     var biDiff = biMax.subtract(biMin);
+409     var biRand = KJUR.crypto.Util.getRandomBigIntegerZeroToMax(biDiff);
+410     return biRand.add(biMin);
+411 };
+412 
+413 // === Mac ===============================================================
+414 
+415 /**
+416  * MessageDigest class which is very similar to java.security.MessageDigest class<br/>
+417  * @name KJUR.crypto.MessageDigest
+418  * @class MessageDigest class which is very similar to java.security.MessageDigest class
+419  * @param {Array} params parameters for constructor
+420  * @property {Array} HASHLENGTH static Array of resulted byte length of hash (ex. HASHLENGTH["sha1"] == 20)
+421  * @description
+422  * <br/>
+423  * Currently this supports following algorithm and providers combination:
+424  * <ul>
+425  * <li>md5 - cryptojs</li>
+426  * <li>sha1 - cryptojs</li>
+427  * <li>sha224 - cryptojs</li>
+428  * <li>sha256 - cryptojs</li>
+429  * <li>sha384 - cryptojs</li>
+430  * <li>sha512 - cryptojs</li>
+431  * <li>ripemd160 - cryptojs</li>
+432  * <li>sha256 - sjcl (NEW from crypto.js 1.0.4)</li>
+433  * </ul>
+434  * @example
+435  * // CryptoJS provider sample
+436  * var md = new KJUR.crypto.MessageDigest({alg: "sha1", prov: "cryptojs"});
+437  * md.updateString('aaa')
+438  * var mdHex = md.digest()
+439  *
+440  * // SJCL(Stanford JavaScript Crypto Library) provider sample
+441  * var md = new KJUR.crypto.MessageDigest({alg: "sha256", prov: "sjcl"}); // sjcl supports sha256 only
+442  * md.updateString('aaa')
+443  * var mdHex = md.digest()
+444  *
+445  * // HASHLENGTH property
+446  * KJUR.crypto.MessageDigest.HASHLENGTH['sha1'] &rarr 20
+447  * KJUR.crypto.MessageDigest.HASHLENGTH['sha512'] &rarr 64
+448  */
+449 KJUR.crypto.MessageDigest = function(params) {
+450     var md = null;
+451     var algName = null;
+452     var provName = null;
+453 
+454     /**
+455      * set hash algorithm and provider<br/>
+456      * @name setAlgAndProvider
+457      * @memberOf KJUR.crypto.MessageDigest#
+458      * @function
+459      * @param {String} alg hash algorithm name
+460      * @param {String} prov provider name
+461      * @description
+462      * This methods set an algorithm and a cryptographic provider.<br/>
+463      * Here is acceptable algorithm names ignoring cases and hyphens:
+464      * <ul>
+465      * <li>MD5</li>
+466      * <li>SHA1</li>
+467      * <li>SHA224</li>
+468      * <li>SHA256</li>
+469      * <li>SHA384</li>
+470      * <li>SHA512</li>
+471      * <li>RIPEMD160</li>
+472      * </ul>
+473      * NOTE: Since jsrsasign 6.2.0 crypto 1.1.10, this method ignores
+474      * upper or lower cases. Also any hyphens (i.e. "-") will be ignored
+475      * so that "SHA1" or "SHA-1" will be acceptable.
+476      * @example
+477      * // for SHA1
+478      * md.setAlgAndProvider('sha1', 'cryptojs');
+479      * md.setAlgAndProvider('SHA1');
+480      * // for RIPEMD160
+481      * md.setAlgAndProvider('ripemd160', 'cryptojs');
+482      */
+483     this.setAlgAndProvider = function(alg, prov) {
+484 	alg = KJUR.crypto.MessageDigest.getCanonicalAlgName(alg);
+485 
+486 	if (alg !== null && prov === undefined) prov = KJUR.crypto.Util.DEFAULTPROVIDER[alg];
+487 
+488 	// for cryptojs
+489 	if (':md5:sha1:sha224:sha256:sha384:sha512:ripemd160:'.indexOf(alg) != -1 &&
+490 	    prov == 'cryptojs') {
+491 	    try {
+492 		this.md = KJUR.crypto.Util.CRYPTOJSMESSAGEDIGESTNAME[alg].create();
+493 	    } catch (ex) {
+494 		throw "setAlgAndProvider hash alg set fail alg=" + alg + "/" + ex;
+495 	    }
+496 	    this.updateString = function(str) {
+497 		this.md.update(str);
+498 	    };
+499 	    this.updateHex = function(hex) {
+500 		var wHex = CryptoJS.enc.Hex.parse(hex);
+501 		this.md.update(wHex);
+502 	    };
+503 	    this.digest = function() {
+504 		var hash = this.md.finalize();
+505 		return hash.toString(CryptoJS.enc.Hex);
+506 	    };
+507 	    this.digestString = function(str) {
+508 		this.updateString(str);
+509 		return this.digest();
+510 	    };
+511 	    this.digestHex = function(hex) {
+512 		this.updateHex(hex);
+513 		return this.digest();
+514 	    };
+515 	}
+516 	if (':sha256:'.indexOf(alg) != -1 &&
+517 	    prov == 'sjcl') {
+518 	    try {
+519 		this.md = new sjcl.hash.sha256();
+520 	    } catch (ex) {
+521 		throw "setAlgAndProvider hash alg set fail alg=" + alg + "/" + ex;
+522 	    }
+523 	    this.updateString = function(str) {
+524 		this.md.update(str);
+525 	    };
+526 	    this.updateHex = function(hex) {
+527 		var baHex = sjcl.codec.hex.toBits(hex);
+528 		this.md.update(baHex);
+529 	    };
+530 	    this.digest = function() {
+531 		var hash = this.md.finalize();
+532 		return sjcl.codec.hex.fromBits(hash);
+533 	    };
+534 	    this.digestString = function(str) {
+535 		this.updateString(str);
+536 		return this.digest();
+537 	    };
+538 	    this.digestHex = function(hex) {
+539 		this.updateHex(hex);
+540 		return this.digest();
+541 	    };
+542 	}
+543     };
+544 
+545     /**
+546      * update digest by specified string
+547      * @name updateString
+548      * @memberOf KJUR.crypto.MessageDigest#
+549      * @function
+550      * @param {String} str string to update
+551      * @description
+552      * @example
+553      * md.updateString('New York');
+554      */
+555     this.updateString = function(str) {
+556 	throw "updateString(str) not supported for this alg/prov: " + this.algName + "/" + this.provName;
+557     };
 558 
-559 /**
-560  * Mac(Message Authentication Code) class which is very similar to java.security.Mac class 
-561  * @name KJUR.crypto.Mac
-562  * @class Mac class which is very similar to java.security.Mac class
-563  * @param {Array} params parameters for constructor
-564  * @description
-565  * <br/>
-566  * Currently this supports following algorithm and providers combination:
-567  * <ul>
-568  * <li>hmacmd5 - cryptojs</li>
-569  * <li>hmacsha1 - cryptojs</li>
-570  * <li>hmacsha224 - cryptojs</li>
-571  * <li>hmacsha256 - cryptojs</li>
-572  * <li>hmacsha384 - cryptojs</li>
-573  * <li>hmacsha512 - cryptojs</li>
-574  * </ul>
-575  * NOTE: HmacSHA224 and HmacSHA384 issue was fixed since jsrsasign 4.1.4.
-576  * Please use 'ext/cryptojs-312-core-fix*.js' instead of 'core.js' of original CryptoJS
-577  * to avoid those issue.
-578  * <br/>
-579  * NOTE2: Hmac signature bug was fixed in jsrsasign 4.9.0 by providing CryptoJS
-580  * bug workaround.
-581  * <br/>
-582  * Please see {@link KJUR.crypto.Mac.setPassword}, how to provide password
-583  * in various ways in detail.
-584  * @example
-585  * var mac = new KJUR.crypto.Mac({alg: "HmacSHA1", "pass": "pass"});
-586  * mac.updateString('aaa')
-587  * var macHex = md.doFinal()
-588  *
-589  * // other password representation 
-590  * var mac = new KJUR.crypto.Mac({alg: "HmacSHA256", "pass": {"hex":  "6161"}});
-591  * var mac = new KJUR.crypto.Mac({alg: "HmacSHA256", "pass": {"utf8": "aa"}});
-592  * var mac = new KJUR.crypto.Mac({alg: "HmacSHA256", "pass": {"rstr": "\x61\x61"}});
-593  * var mac = new KJUR.crypto.Mac({alg: "HmacSHA256", "pass": {"b64":  "Mi02/+...a=="}});
-594  * var mac = new KJUR.crypto.Mac({alg: "HmacSHA256", "pass": {"b64u": "Mi02_-...a"}});
-595  */
-596 KJUR.crypto.Mac = function(params) {
-597     var mac = null;
-598     var pass = null;
-599     var algName = null;
-600     var provName = null;
-601     var algProv = null;
-602 
-603     this.setAlgAndProvider = function(alg, prov) {
-604 	alg = alg.toLowerCase();
-605 
-606 	if (alg == null) alg = "hmacsha1";
-607 
-608 	alg = alg.toLowerCase();
-609         if (alg.substr(0, 4) != "hmac") {
-610 	    throw "setAlgAndProvider unsupported HMAC alg: " + alg;
-611 	}
-612 
-613 	if (prov === undefined) prov = KJUR.crypto.Util.DEFAULTPROVIDER[alg];
-614 	this.algProv = alg + "/" + prov;
-615 
-616 	var hashAlg = alg.substr(4);
-617 
-618 	// for cryptojs
-619 	if (':md5:sha1:sha224:sha256:sha384:sha512:ripemd160:'.indexOf(hashAlg) != -1 &&
-620 	    prov == 'cryptojs') {
-621 	    try {
-622 		var mdObj = KJUR.crypto.Util.CRYPTOJSMESSAGEDIGESTNAME[hashAlg];
-623 		this.mac = CryptoJS.algo.HMAC.create(mdObj, this.pass);
-624 	    } catch (ex) {
-625 		throw "setAlgAndProvider hash alg set fail hashAlg=" + hashAlg + "/" + ex;
-626 	    }
-627 	    this.updateString = function(str) {
-628 		this.mac.update(str);
-629 	    };
-630 	    this.updateHex = function(hex) {
-631 		var wHex = CryptoJS.enc.Hex.parse(hex);
-632 		this.mac.update(wHex);
-633 	    };
-634 	    this.doFinal = function() {
-635 		var hash = this.mac.finalize();
-636 		return hash.toString(CryptoJS.enc.Hex);
-637 	    };
-638 	    this.doFinalString = function(str) {
-639 		this.updateString(str);
-640 		return this.doFinal();
-641 	    };
-642 	    this.doFinalHex = function(hex) {
-643 		this.updateHex(hex);
-644 		return this.doFinal();
-645 	    };
-646 	}
-647     };
-648 
-649     /**
-650      * update digest by specified string
-651      * @name updateString
-652      * @memberOf KJUR.crypto.Mac#
-653      * @function
-654      * @param {String} str string to update
-655      * @description
-656      * @example
-657      * md.updateString('New York');
-658      */
-659     this.updateString = function(str) {
-660 	throw "updateString(str) not supported for this alg/prov: " + this.algProv;
-661     };
-662 
-663     /**
-664      * update digest by specified hexadecimal string
-665      * @name updateHex
-666      * @memberOf KJUR.crypto.Mac#
-667      * @function
-668      * @param {String} hex hexadecimal string to update
-669      * @description
-670      * @example
-671      * md.updateHex('0afe36');
-672      */
-673     this.updateHex = function(hex) {
-674 	throw "updateHex(hex) not supported for this alg/prov: " + this.algProv;
-675     };
-676 
-677     /**
-678      * completes hash calculation and returns hash result
-679      * @name doFinal
-680      * @memberOf KJUR.crypto.Mac#
-681      * @function
-682      * @description
-683      * @example
-684      * md.digest()
-685      */
-686     this.doFinal = function() {
-687 	throw "digest() not supported for this alg/prov: " + this.algProv;
-688     };
-689 
-690     /**
-691      * performs final update on the digest using string, then completes the digest computation
-692      * @name doFinalString
-693      * @memberOf KJUR.crypto.Mac#
-694      * @function
-695      * @param {String} str string to final update
-696      * @description
-697      * @example
-698      * md.digestString('aaa')
-699      */
-700     this.doFinalString = function(str) {
-701 	throw "digestString(str) not supported for this alg/prov: " + this.algProv;
-702     };
-703 
-704     /**
-705      * performs final update on the digest using hexadecimal string, 
-706      * then completes the digest computation
-707      * @name doFinalHex
-708      * @memberOf KJUR.crypto.Mac#
-709      * @function
-710      * @param {String} hex hexadecimal string to final update
-711      * @description
-712      * @example
-713      * md.digestHex('0f2abd')
-714      */
-715     this.doFinalHex = function(hex) {
-716 	throw "digestHex(hex) not supported for this alg/prov: " + this.algProv;
-717     };
-718 
-719     /**
-720      * set password for Mac
-721      * @name setPassword
-722      * @memberOf KJUR.crypto.Mac#
-723      * @function
-724      * @param {Object} pass password for Mac
-725      * @since crypto 1.1.7 jsrsasign 4.9.0
-726      * @description
-727      * This method will set password for (H)Mac internally.
-728      * Argument 'pass' can be specified as following:
-729      * <ul>
-730      * <li>even length string of 0..9, a..f or A-F: implicitly specified as hexadecimal string</li>
-731      * <li>not above string: implicitly specified as raw string</li>
-732      * <li>{rstr: "\x65\x70"}: explicitly specified as raw string</li>
-733      * <li>{hex: "6570"}: explicitly specified as hexacedimal string</li>
-734      * <li>{utf8: "秘密"}: explicitly specified as UTF8 string</li>
-735      * <li>{b64: "Mi78..=="}: explicitly specified as Base64 string</li>
-736      * <li>{b64u: "Mi7-_"}: explicitly specified as Base64URL string</li>
-737      * </ul>
-738      * It is *STRONGLY RECOMMENDED* that explicit representation of password argument
-739      * to avoid ambiguity. For example string  "6161" can mean a string "6161" or 
-740      * a hexadecimal string of "aa" (i.e. \x61\x61).
-741      * @example
-742      * mac = KJUR.crypto.Mac({'alg': 'hmacsha256'});
-743      * // set password by implicit raw string
-744      * mac.setPassword("\x65\x70\xb9\x0b");
-745      * mac.setPassword("password");
-746      * // set password by implicit hexadecimal string
-747      * mac.setPassword("6570b90b");
-748      * mac.setPassword("6570B90B");
-749      * // set password by explicit raw string
-750      * mac.setPassword({"rstr": "\x65\x70\xb9\x0b"});
-751      * // set password by explicit hexadecimal string
-752      * mac.setPassword({"hex": "6570b90b"});
-753      * // set password by explicit utf8 string
-754      * mac.setPassword({"utf8": "passwordパスワード");
-755      * // set password by explicit Base64 string
-756      * mac.setPassword({"b64": "Mb+c3f/=="});
-757      * // set password by explicit Base64URL string
-758      * mac.setPassword({"b64u": "Mb-c3f_"});
-759      */
-760     this.setPassword = function(pass) {
-761 	// internal this.pass shall be CryptoJS DWord Object for CryptoJS bug
-762 	// work around. CrytoJS HMac password can be passed by
-763 	// raw string as described in the manual however it doesn't
-764 	// work properly in some case. If password was passed
-765 	// by CryptoJS DWord which is not described in the manual
-766 	// it seems to work. (fixed since crypto 1.1.7)
-767 
-768 	if (typeof pass == 'string') {
-769 	    var hPass = pass;
-770 	    if (pass.length % 2 == 1 || ! pass.match(/^[0-9A-Fa-f]+$/)) { // raw str
-771 		hPass = rstrtohex(pass);
-772 	    }
-773 	    this.pass = CryptoJS.enc.Hex.parse(hPass);
-774 	    return;
-775 	}
-776 
-777 	if (typeof pass != 'object')
-778 	    throw "KJUR.crypto.Mac unsupported password type: " + pass;
-779 	
-780 	var hPass = null;
-781 	if (pass.hex  !== undefined) {
-782 	    if (pass.hex.length % 2 != 0 || ! pass.hex.match(/^[0-9A-Fa-f]+$/))
-783 		throw "Mac: wrong hex password: " + pass.hex;
-784 	    hPass = pass.hex;
-785 	}
-786 	if (pass.utf8 !== undefined) hPass = utf8tohex(pass.utf8);
-787 	if (pass.rstr !== undefined) hPass = rstrtohex(pass.rstr);
-788 	if (pass.b64  !== undefined) hPass = b64tohex(pass.b64);
-789 	if (pass.b64u !== undefined) hPass = b64utohex(pass.b64u);
-790 
-791 	if (hPass == null)
-792 	    throw "KJUR.crypto.Mac unsupported password type: " + pass;
-793 
-794 	this.pass = CryptoJS.enc.Hex.parse(hPass);
-795     };
-796 
-797     if (params !== undefined) {
-798 	if (params.pass !== undefined) {
-799 	    this.setPassword(params.pass);
-800 	}
-801 	if (params.alg !== undefined) {
-802 	    this.algName = params.alg;
-803 	    if (params['prov'] === undefined)
-804 		this.provName = KJUR.crypto.Util.DEFAULTPROVIDER[this.algName];
-805 	    this.setAlgAndProvider(this.algName, this.provName);
-806 	}
-807     }
-808 };
-809 
-810 // ====== Signature class =========================================================
-811 /**
-812  * Signature class which is very similar to java.security.Signature class
-813  * @name KJUR.crypto.Signature
-814  * @class Signature class which is very similar to java.security.Signature class
-815  * @param {Array} params parameters for constructor
-816  * @property {String} state Current state of this signature object whether 'SIGN', 'VERIFY' or null
-817  * @description
-818  * <br/>
-819  * As for params of constructor's argument, it can be specify following attributes:
-820  * <ul>
-821  * <li>alg - signature algorithm name (ex. {MD5,SHA1,SHA224,SHA256,SHA384,SHA512,RIPEMD160}with{RSA,ECDSA,DSA})</li>
-822  * <li>provider - currently 'cryptojs/jsrsa' only</li>
-823  * </ul>
-824  * <h4>SUPPORTED ALGORITHMS AND PROVIDERS</h4>
-825  * This Signature class supports following signature algorithm and provider names:
-826  * <ul>
-827  * <li>MD5withRSA - cryptojs/jsrsa</li>
-828  * <li>SHA1withRSA - cryptojs/jsrsa</li>
-829  * <li>SHA224withRSA - cryptojs/jsrsa</li>
-830  * <li>SHA256withRSA - cryptojs/jsrsa</li>
-831  * <li>SHA384withRSA - cryptojs/jsrsa</li>
-832  * <li>SHA512withRSA - cryptojs/jsrsa</li>
-833  * <li>RIPEMD160withRSA - cryptojs/jsrsa</li>
-834  * <li>MD5withECDSA - cryptojs/jsrsa</li>
-835  * <li>SHA1withECDSA - cryptojs/jsrsa</li>
-836  * <li>SHA224withECDSA - cryptojs/jsrsa</li>
-837  * <li>SHA256withECDSA - cryptojs/jsrsa</li>
-838  * <li>SHA384withECDSA - cryptojs/jsrsa</li>
-839  * <li>SHA512withECDSA - cryptojs/jsrsa</li>
-840  * <li>RIPEMD160withECDSA - cryptojs/jsrsa</li>
-841  * <li>MD5withRSAandMGF1 - cryptojs/jsrsa</li>
-842  * <li>SHA1withRSAandMGF1 - cryptojs/jsrsa</li>
-843  * <li>SHA224withRSAandMGF1 - cryptojs/jsrsa</li>
-844  * <li>SHA256withRSAandMGF1 - cryptojs/jsrsa</li>
-845  * <li>SHA384withRSAandMGF1 - cryptojs/jsrsa</li>
-846  * <li>SHA512withRSAandMGF1 - cryptojs/jsrsa</li>
-847  * <li>RIPEMD160withRSAandMGF1 - cryptojs/jsrsa</li>
-848  * <li>SHA1withDSA - cryptojs/jsrsa</li>
-849  * <li>SHA224withDSA - cryptojs/jsrsa</li>
-850  * <li>SHA256withDSA - cryptojs/jsrsa</li>
-851  * </ul>
-852  * Here are supported elliptic cryptographic curve names and their aliases for ECDSA:
-853  * <ul>
-854  * <li>secp256k1</li>
-855  * <li>secp256r1, NIST P-256, P-256, prime256v1</li>
-856  * <li>secp384r1, NIST P-384, P-384</li>
-857  * </ul>
-858  * NOTE1: DSA signing algorithm is also supported since crypto 1.1.5.
-859  * <h4>EXAMPLES</h4>
-860  * @example
-861  * // RSA signature generation
-862  * var sig = new KJUR.crypto.Signature({"alg": "SHA1withRSA"});
-863  * sig.init(prvKeyPEM);
-864  * sig.updateString('aaa');
-865  * var hSigVal = sig.sign();
-866  *
-867  * // DSA signature validation
-868  * var sig2 = new KJUR.crypto.Signature({"alg": "SHA1withDSA"});
-869  * sig2.init(certPEM);
-870  * sig.updateString('aaa');
-871  * var isValid = sig2.verify(hSigVal);
-872  * 
-873  * // ECDSA signing
-874  * var sig = new KJUR.crypto.Signature({'alg':'SHA1withECDSA'});
-875  * sig.init(prvKeyPEM);
-876  * sig.updateString('aaa');
-877  * var sigValueHex = sig.sign();
-878  *
-879  * // ECDSA verifying
-880  * var sig2 = new KJUR.crypto.Signature({'alg':'SHA1withECDSA'});
-881  * sig.init(certPEM);
-882  * sig.updateString('aaa');
-883  * var isValid = sig.verify(sigValueHex);
-884  */
-885 KJUR.crypto.Signature = function(params) {
-886     var prvKey = null; // RSAKey/KJUR.crypto.{ECDSA,DSA} object for signing
-887     var pubKey = null; // RSAKey/KJUR.crypto.{ECDSA,DSA} object for verifying
-888 
-889     var md = null; // KJUR.crypto.MessageDigest object
-890     var sig = null;
-891     var algName = null;
-892     var provName = null;
-893     var algProvName = null;
-894     var mdAlgName = null;
-895     var pubkeyAlgName = null;	// rsa,ecdsa,rsaandmgf1(=rsapss)
-896     var state = null;
-897     var pssSaltLen = -1;
-898     var initParams = null;
-899 
-900     var sHashHex = null; // hex hash value for hex
-901     var hDigestInfo = null;
-902     var hPaddedDigestInfo = null;
-903     var hSign = null;
-904 
-905     this._setAlgNames = function() {
-906     var matchResult = this.algName.match(/^(.+)with(.+)$/);
-907 	if (matchResult) {
-908 	    this.mdAlgName = matchResult[1].toLowerCase();
-909 	    this.pubkeyAlgName = matchResult[2].toLowerCase();
-910 	}
-911     };
-912 
-913     this._zeroPaddingOfSignature = function(hex, bitLength) {
-914 	var s = "";
-915 	var nZero = bitLength / 4 - hex.length;
-916 	for (var i = 0; i < nZero; i++) {
-917 	    s = s + "0";
-918 	}
-919 	return s + hex;
-920     };
-921 
-922     /**
-923      * set signature algorithm and provider
-924      * @name setAlgAndProvider
-925      * @memberOf KJUR.crypto.Signature#
-926      * @function
-927      * @param {String} alg signature algorithm name
-928      * @param {String} prov provider name
-929      * @description
-930      * @example
-931      * md.setAlgAndProvider('SHA1withRSA', 'cryptojs/jsrsa');
-932      */
-933     this.setAlgAndProvider = function(alg, prov) {
-934 	this._setAlgNames();
-935 	if (prov != 'cryptojs/jsrsa')
-936 	    throw "provider not supported: " + prov;
-937 
-938 	if (':md5:sha1:sha224:sha256:sha384:sha512:ripemd160:'.indexOf(this.mdAlgName) != -1) {
-939 	    try {
-940 		this.md = new KJUR.crypto.MessageDigest({'alg':this.mdAlgName});
-941 	    } catch (ex) {
-942 		throw "setAlgAndProvider hash alg set fail alg=" +
-943                       this.mdAlgName + "/" + ex;
-944 	    }
-945 
-946 	    this.init = function(keyparam, pass) {
-947 		var keyObj = null;
-948 		try {
-949 		    if (pass === undefined) {
-950 			keyObj = KEYUTIL.getKey(keyparam);
-951 		    } else {
-952 			keyObj = KEYUTIL.getKey(keyparam, pass);
-953 		    }
-954 		} catch (ex) {
-955 		    throw "init failed:" + ex;
-956 		}
-957 
-958 		if (keyObj.isPrivate === true) {
-959 		    this.prvKey = keyObj;
-960 		    this.state = "SIGN";
-961 		} else if (keyObj.isPublic === true) {
-962 		    this.pubKey = keyObj;
-963 		    this.state = "VERIFY";
-964 		} else {
-965 		    throw "init failed.:" + keyObj;
-966 		}
-967 	    };
-968 
-969 	    this.initSign = function(params) {
-970 		if (typeof params['ecprvhex'] == 'string' &&
-971                     typeof params['eccurvename'] == 'string') {
-972 		    this.ecprvhex = params['ecprvhex'];
-973 		    this.eccurvename = params['eccurvename'];
-974 		} else {
-975 		    this.prvKey = params;
-976 		}
-977 		this.state = "SIGN";
-978 	    };
-979 
-980 	    this.initVerifyByPublicKey = function(params) {
-981 		if (typeof params['ecpubhex'] == 'string' &&
-982 		    typeof params['eccurvename'] == 'string') {
-983 		    this.ecpubhex = params['ecpubhex'];
-984 		    this.eccurvename = params['eccurvename'];
-985 		} else if (params instanceof KJUR.crypto.ECDSA) {
-986 		    this.pubKey = params;
-987 		} else if (params instanceof RSAKey) {
-988 		    this.pubKey = params;
-989 		}
-990 		this.state = "VERIFY";
-991 	    };
-992 
-993 	    this.initVerifyByCertificatePEM = function(certPEM) {
-994 		var x509 = new X509();
-995 		x509.readCertPEM(certPEM);
-996 		this.pubKey = x509.subjectPublicKeyRSA;
-997 		this.state = "VERIFY";
-998 	    };
-999 
-1000 	    this.updateString = function(str) {
-1001 		this.md.updateString(str);
-1002 	    };
-1003 
-1004 	    this.updateHex = function(hex) {
-1005 		this.md.updateHex(hex);
-1006 	    };
-1007 
-1008 	    this.sign = function() {
-1009 		this.sHashHex = this.md.digest();
-1010 		if (typeof this.ecprvhex != "undefined" &&
-1011 		    typeof this.eccurvename != "undefined") {
-1012 		    var ec = new KJUR.crypto.ECDSA({'curve': this.eccurvename});
-1013 		    this.hSign = ec.signHex(this.sHashHex, this.ecprvhex);
-1014 		} else if (this.prvKey instanceof RSAKey &&
-1015 		           this.pubkeyAlgName == "rsaandmgf1") {
-1016 		    this.hSign = this.prvKey.signWithMessageHashPSS(this.sHashHex,
-1017 								    this.mdAlgName,
-1018 								    this.pssSaltLen);
-1019 		} else if (this.prvKey instanceof RSAKey &&
-1020 			   this.pubkeyAlgName == "rsa") {
-1021 		    this.hSign = this.prvKey.signWithMessageHash(this.sHashHex,
-1022 								 this.mdAlgName);
-1023 		} else if (this.prvKey instanceof KJUR.crypto.ECDSA) {
-1024 		    this.hSign = this.prvKey.signWithMessageHash(this.sHashHex);
-1025 		} else if (this.prvKey instanceof KJUR.crypto.DSA) {
-1026 		    this.hSign = this.prvKey.signWithMessageHash(this.sHashHex);
-1027 		} else {
-1028 		    throw "Signature: unsupported public key alg: " + this.pubkeyAlgName;
-1029 		}
-1030 		return this.hSign;
-1031 	    };
-1032 	    this.signString = function(str) {
-1033 		this.updateString(str);
-1034 		return this.sign();
-1035 	    };
-1036 	    this.signHex = function(hex) {
-1037 		this.updateHex(hex);
-1038 		return this.sign();
-1039 	    };
-1040 	    this.verify = function(hSigVal) {
-1041 	        this.sHashHex = this.md.digest();
-1042 		if (typeof this.ecpubhex != "undefined" &&
-1043 		    typeof this.eccurvename != "undefined") {
-1044 		    var ec = new KJUR.crypto.ECDSA({curve: this.eccurvename});
-1045 		    return ec.verifyHex(this.sHashHex, hSigVal, this.ecpubhex);
-1046 		} else if (this.pubKey instanceof RSAKey &&
-1047 			   this.pubkeyAlgName == "rsaandmgf1") {
-1048 		    return this.pubKey.verifyWithMessageHashPSS(this.sHashHex, hSigVal, 
-1049 								this.mdAlgName,
-1050 								this.pssSaltLen);
-1051 		} else if (this.pubKey instanceof RSAKey &&
-1052 			   this.pubkeyAlgName == "rsa") {
-1053 		    return this.pubKey.verifyWithMessageHash(this.sHashHex, hSigVal);
-1054 		} else if (this.pubKey instanceof KJUR.crypto.ECDSA) {
-1055 		    return this.pubKey.verifyWithMessageHash(this.sHashHex, hSigVal);
-1056 		} else if (this.pubKey instanceof KJUR.crypto.DSA) {
-1057 		    return this.pubKey.verifyWithMessageHash(this.sHashHex, hSigVal);
-1058 		} else {
-1059 		    throw "Signature: unsupported public key alg: " + this.pubkeyAlgName;
-1060 		}
-1061 	    };
-1062 	}
-1063     };
-1064 
-1065     /**
-1066      * Initialize this object for signing or verifying depends on key
-1067      * @name init
-1068      * @memberOf KJUR.crypto.Signature#
-1069      * @function
-1070      * @param {Object} key specifying public or private key as plain/encrypted PKCS#5/8 PEM file, certificate PEM or {@link RSAKey}, {@link KJUR.crypto.DSA} or {@link KJUR.crypto.ECDSA} object
-1071      * @param {String} pass (OPTION) passcode for encrypted private key
-1072      * @since crypto 1.1.3
-1073      * @description
-1074      * This method is very useful initialize method for Signature class since
-1075      * you just specify key then this method will automatically initialize it
-1076      * using {@link KEYUTIL.getKey} method.
-1077      * As for 'key',  following argument type are supported:
-1078      * <h5>signing</h5>
-1079      * <ul>
-1080      * <li>PEM formatted PKCS#8 encrypted RSA/ECDSA private key concluding "BEGIN ENCRYPTED PRIVATE KEY"</li>
-1081      * <li>PEM formatted PKCS#5 encrypted RSA/DSA private key concluding "BEGIN RSA/DSA PRIVATE KEY" and ",ENCRYPTED"</li>
-1082      * <li>PEM formatted PKCS#8 plain RSA/ECDSA private key concluding "BEGIN PRIVATE KEY"</li>
-1083      * <li>PEM formatted PKCS#5 plain RSA/DSA private key concluding "BEGIN RSA/DSA PRIVATE KEY" without ",ENCRYPTED"</li>
-1084      * <li>RSAKey object of private key</li>
-1085      * <li>KJUR.crypto.ECDSA object of private key</li>
-1086      * <li>KJUR.crypto.DSA object of private key</li>
-1087      * </ul>
-1088      * <h5>verification</h5>
-1089      * <ul>
-1090      * <li>PEM formatted PKCS#8 RSA/EC/DSA public key concluding "BEGIN PUBLIC KEY"</li>
-1091      * <li>PEM formatted X.509 certificate with RSA/EC/DSA public key concluding
-1092      *     "BEGIN CERTIFICATE", "BEGIN X509 CERTIFICATE" or "BEGIN TRUSTED CERTIFICATE".</li>
-1093      * <li>RSAKey object of public key</li>
-1094      * <li>KJUR.crypto.ECDSA object of public key</li>
-1095      * <li>KJUR.crypto.DSA object of public key</li>
-1096      * </ul>
-1097      * @example
-1098      * sig.init(sCertPEM)
-1099      */
-1100     this.init = function(key, pass) {
-1101 	throw "init(key, pass) not supported for this alg:prov=" +
-1102 	      this.algProvName;
-1103     };
-1104 
-1105     /**
-1106      * Initialize this object for verifying with a public key
-1107      * @name initVerifyByPublicKey
-1108      * @memberOf KJUR.crypto.Signature#
-1109      * @function
-1110      * @param {Object} param RSAKey object of public key or associative array for ECDSA
-1111      * @since 1.0.2
-1112      * @deprecated from crypto 1.1.5. please use init() method instead.
-1113      * @description
-1114      * Public key information will be provided as 'param' parameter and the value will be
-1115      * following:
-1116      * <ul>
-1117      * <li>{@link RSAKey} object for RSA verification</li>
-1118      * <li>associative array for ECDSA verification
-1119      *     (ex. <code>{'ecpubhex': '041f..', 'eccurvename': 'secp256r1'}</code>)
-1120      * </li>
-1121      * </ul>
-1122      * @example
-1123      * sig.initVerifyByPublicKey(rsaPrvKey)
-1124      */
-1125     this.initVerifyByPublicKey = function(rsaPubKey) {
-1126 	throw "initVerifyByPublicKey(rsaPubKeyy) not supported for this alg:prov=" +
-1127 	      this.algProvName;
-1128     };
-1129 
-1130     /**
-1131      * Initialize this object for verifying with a certficate
-1132      * @name initVerifyByCertificatePEM
-1133      * @memberOf KJUR.crypto.Signature#
-1134      * @function
-1135      * @param {String} certPEM PEM formatted string of certificate
-1136      * @since 1.0.2
-1137      * @deprecated from crypto 1.1.5. please use init() method instead.
-1138      * @description
-1139      * @example
-1140      * sig.initVerifyByCertificatePEM(certPEM)
-1141      */
-1142     this.initVerifyByCertificatePEM = function(certPEM) {
-1143 	throw "initVerifyByCertificatePEM(certPEM) not supported for this alg:prov=" +
-1144 	    this.algProvName;
-1145     };
-1146 
-1147     /**
-1148      * Initialize this object for signing
-1149      * @name initSign
-1150      * @memberOf KJUR.crypto.Signature#
-1151      * @function
-1152      * @param {Object} param RSAKey object of public key or associative array for ECDSA
-1153      * @deprecated from crypto 1.1.5. please use init() method instead.
-1154      * @description
-1155      * Private key information will be provided as 'param' parameter and the value will be
-1156      * following:
-1157      * <ul>
-1158      * <li>{@link RSAKey} object for RSA signing</li>
-1159      * <li>associative array for ECDSA signing
-1160      *     (ex. <code>{'ecprvhex': '1d3f..', 'eccurvename': 'secp256r1'}</code>)</li>
-1161      * </ul>
-1162      * @example
-1163      * sig.initSign(prvKey)
-1164      */
-1165     this.initSign = function(prvKey) {
-1166 	throw "initSign(prvKey) not supported for this alg:prov=" + this.algProvName;
-1167     };
-1168 
-1169     /**
-1170      * Updates the data to be signed or verified by a string
-1171      * @name updateString
-1172      * @memberOf KJUR.crypto.Signature#
-1173      * @function
-1174      * @param {String} str string to use for the update
-1175      * @description
-1176      * @example
-1177      * sig.updateString('aaa')
-1178      */
-1179     this.updateString = function(str) {
-1180 	throw "updateString(str) not supported for this alg:prov=" + this.algProvName;
-1181     };
-1182 
-1183     /**
-1184      * Updates the data to be signed or verified by a hexadecimal string
-1185      * @name updateHex
-1186      * @memberOf KJUR.crypto.Signature#
-1187      * @function
-1188      * @param {String} hex hexadecimal string to use for the update
-1189      * @description
-1190      * @example
-1191      * sig.updateHex('1f2f3f')
-1192      */
-1193     this.updateHex = function(hex) {
-1194 	throw "updateHex(hex) not supported for this alg:prov=" + this.algProvName;
-1195     };
-1196 
-1197     /**
-1198      * Returns the signature bytes of all data updates as a hexadecimal string
-1199      * @name sign
-1200      * @memberOf KJUR.crypto.Signature#
-1201      * @function
-1202      * @return the signature bytes as a hexadecimal string
-1203      * @description
-1204      * @example
-1205      * var hSigValue = sig.sign()
-1206      */
-1207     this.sign = function() {
-1208 	throw "sign() not supported for this alg:prov=" + this.algProvName;
-1209     };
-1210 
-1211     /**
-1212      * performs final update on the sign using string, then returns the signature bytes of all data updates as a hexadecimal string
-1213      * @name signString
-1214      * @memberOf KJUR.crypto.Signature#
-1215      * @function
-1216      * @param {String} str string to final update
-1217      * @return the signature bytes of a hexadecimal string
-1218      * @description
-1219      * @example
-1220      * var hSigValue = sig.signString('aaa')
-1221      */
-1222     this.signString = function(str) {
-1223 	throw "digestString(str) not supported for this alg:prov=" + this.algProvName;
-1224     };
-1225 
-1226     /**
-1227      * performs final update on the sign using hexadecimal string, then returns the signature bytes of all data updates as a hexadecimal string
-1228      * @name signHex
-1229      * @memberOf KJUR.crypto.Signature#
-1230      * @function
-1231      * @param {String} hex hexadecimal string to final update
-1232      * @return the signature bytes of a hexadecimal string
-1233      * @description
-1234      * @example
-1235      * var hSigValue = sig.signHex('1fdc33')
-1236      */
-1237     this.signHex = function(hex) {
-1238 	throw "digestHex(hex) not supported for this alg:prov=" + this.algProvName;
-1239     };
-1240 
-1241     /**
-1242      * verifies the passed-in signature.
-1243      * @name verify
-1244      * @memberOf KJUR.crypto.Signature#
-1245      * @function
-1246      * @param {String} str string to final update
-1247      * @return {Boolean} true if the signature was verified, otherwise false
-1248      * @description
-1249      * @example
-1250      * var isValid = sig.verify('1fbcefdca4823a7(snip)')
-1251      */
-1252     this.verify = function(hSigVal) {
-1253 	throw "verify(hSigVal) not supported for this alg:prov=" + this.algProvName;
-1254     };
-1255 
-1256     this.initParams = params;
-1257 
-1258     if (params !== undefined) {
-1259 	if (params['alg'] !== undefined) {
-1260 	    this.algName = params['alg'];
-1261 	    if (params['prov'] === undefined) {
-1262 		this.provName = KJUR.crypto.Util.DEFAULTPROVIDER[this.algName];
-1263 	    } else {
-1264 		this.provName = params['prov'];
-1265 	    }
-1266 	    this.algProvName = this.algName + ":" + this.provName;
-1267 	    this.setAlgAndProvider(this.algName, this.provName);
-1268 	    this._setAlgNames();
-1269 	}
+559     /**
+560      * update digest by specified hexadecimal string
+561      * @name updateHex
+562      * @memberOf KJUR.crypto.MessageDigest#
+563      * @function
+564      * @param {String} hex hexadecimal string to update
+565      * @description
+566      * @example
+567      * md.updateHex('0afe36');
+568      */
+569     this.updateHex = function(hex) {
+570 	throw "updateHex(hex) not supported for this alg/prov: " + this.algName + "/" + this.provName;
+571     };
+572 
+573     /**
+574      * completes hash calculation and returns hash result
+575      * @name digest
+576      * @memberOf KJUR.crypto.MessageDigest#
+577      * @function
+578      * @description
+579      * @example
+580      * md.digest()
+581      */
+582     this.digest = function() {
+583 	throw "digest() not supported for this alg/prov: " + this.algName + "/" + this.provName;
+584     };
+585 
+586     /**
+587      * performs final update on the digest using string, then completes the digest computation
+588      * @name digestString
+589      * @memberOf KJUR.crypto.MessageDigest#
+590      * @function
+591      * @param {String} str string to final update
+592      * @description
+593      * @example
+594      * md.digestString('aaa')
+595      */
+596     this.digestString = function(str) {
+597 	throw "digestString(str) not supported for this alg/prov: " + this.algName + "/" + this.provName;
+598     };
+599 
+600     /**
+601      * performs final update on the digest using hexadecimal string, then completes the digest computation
+602      * @name digestHex
+603      * @memberOf KJUR.crypto.MessageDigest#
+604      * @function
+605      * @param {String} hex hexadecimal string to final update
+606      * @description
+607      * @example
+608      * md.digestHex('0f2abd')
+609      */
+610     this.digestHex = function(hex) {
+611 	throw "digestHex(hex) not supported for this alg/prov: " + this.algName + "/" + this.provName;
+612     };
+613 
+614     if (params !== undefined) {
+615 	if (params['alg'] !== undefined) {
+616 	    this.algName = params['alg'];
+617 	    if (params['prov'] === undefined)
+618 		this.provName = KJUR.crypto.Util.DEFAULTPROVIDER[this.algName];
+619 	    this.setAlgAndProvider(this.algName, this.provName);
+620 	}
+621     }
+622 };
+623 
+624 /**
+625  * get canonical hash algorithm name<br/>
+626  * @name getCanonicalAlgName
+627  * @memberOf KJUR.crypto.MessageDigest
+628  * @function
+629  * @param {String} alg hash algorithm name (ex. MD5, SHA-1, SHA1, SHA512 et.al.)
+630  * @return {String} canonical hash algorithm name
+631  * @since jsrsasign 6.2.0 crypto 1.1.10
+632  * @description
+633  * This static method normalizes from any hash algorithm name such as
+634  * "SHA-1", "SHA1", "MD5", "sha512" to lower case name without hyphens
+635  * such as "sha1".
+636  * @example
+637  * KJUR.crypto.MessageDigest.getCanonicalAlgName("SHA-1") &rarr "sha1"
+638  * KJUR.crypto.MessageDigest.getCanonicalAlgName("MD5")   &rarr "md5"
+639  */
+640 KJUR.crypto.MessageDigest.getCanonicalAlgName = function(alg) {
+641     if (typeof alg === "string") {
+642 	alg = alg.toLowerCase();
+643 	alg = alg.replace(/-/, '');
+644     }
+645     return alg;
+646 };
+647 
+648 /**
+649  * get resulted hash byte length for specified algorithm name<br/>
+650  * @name getHashLength
+651  * @memberOf KJUR.crypto.MessageDigest
+652  * @function
+653  * @param {String} alg non-canonicalized hash algorithm name (ex. MD5, SHA-1, SHA1, SHA512 et.al.)
+654  * @return {Integer} resulted hash byte length
+655  * @since jsrsasign 6.2.0 crypto 1.1.10
+656  * @description
+657  * This static method returns resulted byte length for specified algorithm name such as "SHA-1".
+658  * @example
+659  * KJUR.crypto.MessageDigest.getHashLength("SHA-1") &rarr 20
+660  * KJUR.crypto.MessageDigest.getHashLength("sha1") &rarr 20
+661  */
+662 KJUR.crypto.MessageDigest.getHashLength = function(alg) {
+663     var MD = KJUR.crypto.MessageDigest
+664     var alg2 = MD.getCanonicalAlgName(alg);
+665     if (MD.HASHLENGTH[alg2] === undefined)
+666 	throw "not supported algorithm: " + alg;
+667     return MD.HASHLENGTH[alg2];
+668 };
+669 
+670 // described in KJUR.crypto.MessageDigest class (since jsrsasign 6.2.0 crypto 1.1.10)
+671 KJUR.crypto.MessageDigest.HASHLENGTH = {
+672     'md5':		16,
+673     'sha1':		20,
+674     'sha224':		28,
+675     'sha256':		32,
+676     'sha384':		48,
+677     'sha512':		64,
+678     'ripemd160':	20
+679 };
+680 
+681 // === Mac ===============================================================
+682 
+683 /**
+684  * Mac(Message Authentication Code) class which is very similar to java.security.Mac class 
+685  * @name KJUR.crypto.Mac
+686  * @class Mac class which is very similar to java.security.Mac class
+687  * @param {Array} params parameters for constructor
+688  * @description
+689  * <br/>
+690  * Currently this supports following algorithm and providers combination:
+691  * <ul>
+692  * <li>hmacmd5 - cryptojs</li>
+693  * <li>hmacsha1 - cryptojs</li>
+694  * <li>hmacsha224 - cryptojs</li>
+695  * <li>hmacsha256 - cryptojs</li>
+696  * <li>hmacsha384 - cryptojs</li>
+697  * <li>hmacsha512 - cryptojs</li>
+698  * </ul>
+699  * NOTE: HmacSHA224 and HmacSHA384 issue was fixed since jsrsasign 4.1.4.
+700  * Please use 'ext/cryptojs-312-core-fix*.js' instead of 'core.js' of original CryptoJS
+701  * to avoid those issue.
+702  * <br/>
+703  * NOTE2: Hmac signature bug was fixed in jsrsasign 4.9.0 by providing CryptoJS
+704  * bug workaround.
+705  * <br/>
+706  * Please see {@link KJUR.crypto.Mac.setPassword}, how to provide password
+707  * in various ways in detail.
+708  * @example
+709  * var mac = new KJUR.crypto.Mac({alg: "HmacSHA1", "pass": "pass"});
+710  * mac.updateString('aaa')
+711  * var macHex = md.doFinal()
+712  *
+713  * // other password representation 
+714  * var mac = new KJUR.crypto.Mac({alg: "HmacSHA256", "pass": {"hex":  "6161"}});
+715  * var mac = new KJUR.crypto.Mac({alg: "HmacSHA256", "pass": {"utf8": "aa"}});
+716  * var mac = new KJUR.crypto.Mac({alg: "HmacSHA256", "pass": {"rstr": "\x61\x61"}});
+717  * var mac = new KJUR.crypto.Mac({alg: "HmacSHA256", "pass": {"b64":  "Mi02/+...a=="}});
+718  * var mac = new KJUR.crypto.Mac({alg: "HmacSHA256", "pass": {"b64u": "Mi02_-...a"}});
+719  */
+720 KJUR.crypto.Mac = function(params) {
+721     var mac = null;
+722     var pass = null;
+723     var algName = null;
+724     var provName = null;
+725     var algProv = null;
+726 
+727     this.setAlgAndProvider = function(alg, prov) {
+728 	alg = alg.toLowerCase();
+729 
+730 	if (alg == null) alg = "hmacsha1";
+731 
+732 	alg = alg.toLowerCase();
+733         if (alg.substr(0, 4) != "hmac") {
+734 	    throw "setAlgAndProvider unsupported HMAC alg: " + alg;
+735 	}
+736 
+737 	if (prov === undefined) prov = KJUR.crypto.Util.DEFAULTPROVIDER[alg];
+738 	this.algProv = alg + "/" + prov;
+739 
+740 	var hashAlg = alg.substr(4);
+741 
+742 	// for cryptojs
+743 	if (':md5:sha1:sha224:sha256:sha384:sha512:ripemd160:'.indexOf(hashAlg) != -1 &&
+744 	    prov == 'cryptojs') {
+745 	    try {
+746 		var mdObj = KJUR.crypto.Util.CRYPTOJSMESSAGEDIGESTNAME[hashAlg];
+747 		this.mac = CryptoJS.algo.HMAC.create(mdObj, this.pass);
+748 	    } catch (ex) {
+749 		throw "setAlgAndProvider hash alg set fail hashAlg=" + hashAlg + "/" + ex;
+750 	    }
+751 	    this.updateString = function(str) {
+752 		this.mac.update(str);
+753 	    };
+754 	    this.updateHex = function(hex) {
+755 		var wHex = CryptoJS.enc.Hex.parse(hex);
+756 		this.mac.update(wHex);
+757 	    };
+758 	    this.doFinal = function() {
+759 		var hash = this.mac.finalize();
+760 		return hash.toString(CryptoJS.enc.Hex);
+761 	    };
+762 	    this.doFinalString = function(str) {
+763 		this.updateString(str);
+764 		return this.doFinal();
+765 	    };
+766 	    this.doFinalHex = function(hex) {
+767 		this.updateHex(hex);
+768 		return this.doFinal();
+769 	    };
+770 	}
+771     };
+772 
+773     /**
+774      * update digest by specified string
+775      * @name updateString
+776      * @memberOf KJUR.crypto.Mac#
+777      * @function
+778      * @param {String} str string to update
+779      * @description
+780      * @example
+781      * md.updateString('New York');
+782      */
+783     this.updateString = function(str) {
+784 	throw "updateString(str) not supported for this alg/prov: " + this.algProv;
+785     };
+786 
+787     /**
+788      * update digest by specified hexadecimal string
+789      * @name updateHex
+790      * @memberOf KJUR.crypto.Mac#
+791      * @function
+792      * @param {String} hex hexadecimal string to update
+793      * @description
+794      * @example
+795      * md.updateHex('0afe36');
+796      */
+797     this.updateHex = function(hex) {
+798 	throw "updateHex(hex) not supported for this alg/prov: " + this.algProv;
+799     };
+800 
+801     /**
+802      * completes hash calculation and returns hash result
+803      * @name doFinal
+804      * @memberOf KJUR.crypto.Mac#
+805      * @function
+806      * @description
+807      * @example
+808      * md.digest()
+809      */
+810     this.doFinal = function() {
+811 	throw "digest() not supported for this alg/prov: " + this.algProv;
+812     };
+813 
+814     /**
+815      * performs final update on the digest using string, then completes the digest computation
+816      * @name doFinalString
+817      * @memberOf KJUR.crypto.Mac#
+818      * @function
+819      * @param {String} str string to final update
+820      * @description
+821      * @example
+822      * md.digestString('aaa')
+823      */
+824     this.doFinalString = function(str) {
+825 	throw "digestString(str) not supported for this alg/prov: " + this.algProv;
+826     };
+827 
+828     /**
+829      * performs final update on the digest using hexadecimal string, 
+830      * then completes the digest computation
+831      * @name doFinalHex
+832      * @memberOf KJUR.crypto.Mac#
+833      * @function
+834      * @param {String} hex hexadecimal string to final update
+835      * @description
+836      * @example
+837      * md.digestHex('0f2abd')
+838      */
+839     this.doFinalHex = function(hex) {
+840 	throw "digestHex(hex) not supported for this alg/prov: " + this.algProv;
+841     };
+842 
+843     /**
+844      * set password for Mac
+845      * @name setPassword
+846      * @memberOf KJUR.crypto.Mac#
+847      * @function
+848      * @param {Object} pass password for Mac
+849      * @since crypto 1.1.7 jsrsasign 4.9.0
+850      * @description
+851      * This method will set password for (H)Mac internally.
+852      * Argument 'pass' can be specified as following:
+853      * <ul>
+854      * <li>even length string of 0..9, a..f or A-F: implicitly specified as hexadecimal string</li>
+855      * <li>not above string: implicitly specified as raw string</li>
+856      * <li>{rstr: "\x65\x70"}: explicitly specified as raw string</li>
+857      * <li>{hex: "6570"}: explicitly specified as hexacedimal string</li>
+858      * <li>{utf8: "秘密"}: explicitly specified as UTF8 string</li>
+859      * <li>{b64: "Mi78..=="}: explicitly specified as Base64 string</li>
+860      * <li>{b64u: "Mi7-_"}: explicitly specified as Base64URL string</li>
+861      * </ul>
+862      * It is *STRONGLY RECOMMENDED* that explicit representation of password argument
+863      * to avoid ambiguity. For example string  "6161" can mean a string "6161" or 
+864      * a hexadecimal string of "aa" (i.e. \x61\x61).
+865      * @example
+866      * mac = KJUR.crypto.Mac({'alg': 'hmacsha256'});
+867      * // set password by implicit raw string
+868      * mac.setPassword("\x65\x70\xb9\x0b");
+869      * mac.setPassword("password");
+870      * // set password by implicit hexadecimal string
+871      * mac.setPassword("6570b90b");
+872      * mac.setPassword("6570B90B");
+873      * // set password by explicit raw string
+874      * mac.setPassword({"rstr": "\x65\x70\xb9\x0b"});
+875      * // set password by explicit hexadecimal string
+876      * mac.setPassword({"hex": "6570b90b"});
+877      * // set password by explicit utf8 string
+878      * mac.setPassword({"utf8": "passwordパスワード");
+879      * // set password by explicit Base64 string
+880      * mac.setPassword({"b64": "Mb+c3f/=="});
+881      * // set password by explicit Base64URL string
+882      * mac.setPassword({"b64u": "Mb-c3f_"});
+883      */
+884     this.setPassword = function(pass) {
+885 	// internal this.pass shall be CryptoJS DWord Object for CryptoJS bug
+886 	// work around. CrytoJS HMac password can be passed by
+887 	// raw string as described in the manual however it doesn't
+888 	// work properly in some case. If password was passed
+889 	// by CryptoJS DWord which is not described in the manual
+890 	// it seems to work. (fixed since crypto 1.1.7)
+891 
+892 	if (typeof pass == 'string') {
+893 	    var hPass = pass;
+894 	    if (pass.length % 2 == 1 || ! pass.match(/^[0-9A-Fa-f]+$/)) { // raw str
+895 		hPass = rstrtohex(pass);
+896 	    }
+897 	    this.pass = CryptoJS.enc.Hex.parse(hPass);
+898 	    return;
+899 	}
+900 
+901 	if (typeof pass != 'object')
+902 	    throw "KJUR.crypto.Mac unsupported password type: " + pass;
+903 	
+904 	var hPass = null;
+905 	if (pass.hex  !== undefined) {
+906 	    if (pass.hex.length % 2 != 0 || ! pass.hex.match(/^[0-9A-Fa-f]+$/))
+907 		throw "Mac: wrong hex password: " + pass.hex;
+908 	    hPass = pass.hex;
+909 	}
+910 	if (pass.utf8 !== undefined) hPass = utf8tohex(pass.utf8);
+911 	if (pass.rstr !== undefined) hPass = rstrtohex(pass.rstr);
+912 	if (pass.b64  !== undefined) hPass = b64tohex(pass.b64);
+913 	if (pass.b64u !== undefined) hPass = b64utohex(pass.b64u);
+914 
+915 	if (hPass == null)
+916 	    throw "KJUR.crypto.Mac unsupported password type: " + pass;
+917 
+918 	this.pass = CryptoJS.enc.Hex.parse(hPass);
+919     };
+920 
+921     if (params !== undefined) {
+922 	if (params.pass !== undefined) {
+923 	    this.setPassword(params.pass);
+924 	}
+925 	if (params.alg !== undefined) {
+926 	    this.algName = params.alg;
+927 	    if (params['prov'] === undefined)
+928 		this.provName = KJUR.crypto.Util.DEFAULTPROVIDER[this.algName];
+929 	    this.setAlgAndProvider(this.algName, this.provName);
+930 	}
+931     }
+932 };
+933 
+934 // ====== Signature class =========================================================
+935 /**
+936  * Signature class which is very similar to java.security.Signature class
+937  * @name KJUR.crypto.Signature
+938  * @class Signature class which is very similar to java.security.Signature class
+939  * @param {Array} params parameters for constructor
+940  * @property {String} state Current state of this signature object whether 'SIGN', 'VERIFY' or null
+941  * @description
+942  * <br/>
+943  * As for params of constructor's argument, it can be specify following attributes:
+944  * <ul>
+945  * <li>alg - signature algorithm name (ex. {MD5,SHA1,SHA224,SHA256,SHA384,SHA512,RIPEMD160}with{RSA,ECDSA,DSA})</li>
+946  * <li>provider - currently 'cryptojs/jsrsa' only</li>
+947  * </ul>
+948  * <h4>SUPPORTED ALGORITHMS AND PROVIDERS</h4>
+949  * This Signature class supports following signature algorithm and provider names:
+950  * <ul>
+951  * <li>MD5withRSA - cryptojs/jsrsa</li>
+952  * <li>SHA1withRSA - cryptojs/jsrsa</li>
+953  * <li>SHA224withRSA - cryptojs/jsrsa</li>
+954  * <li>SHA256withRSA - cryptojs/jsrsa</li>
+955  * <li>SHA384withRSA - cryptojs/jsrsa</li>
+956  * <li>SHA512withRSA - cryptojs/jsrsa</li>
+957  * <li>RIPEMD160withRSA - cryptojs/jsrsa</li>
+958  * <li>MD5withECDSA - cryptojs/jsrsa</li>
+959  * <li>SHA1withECDSA - cryptojs/jsrsa</li>
+960  * <li>SHA224withECDSA - cryptojs/jsrsa</li>
+961  * <li>SHA256withECDSA - cryptojs/jsrsa</li>
+962  * <li>SHA384withECDSA - cryptojs/jsrsa</li>
+963  * <li>SHA512withECDSA - cryptojs/jsrsa</li>
+964  * <li>RIPEMD160withECDSA - cryptojs/jsrsa</li>
+965  * <li>MD5withRSAandMGF1 - cryptojs/jsrsa</li>
+966  * <li>SHA1withRSAandMGF1 - cryptojs/jsrsa</li>
+967  * <li>SHA224withRSAandMGF1 - cryptojs/jsrsa</li>
+968  * <li>SHA256withRSAandMGF1 - cryptojs/jsrsa</li>
+969  * <li>SHA384withRSAandMGF1 - cryptojs/jsrsa</li>
+970  * <li>SHA512withRSAandMGF1 - cryptojs/jsrsa</li>
+971  * <li>RIPEMD160withRSAandMGF1 - cryptojs/jsrsa</li>
+972  * <li>SHA1withDSA - cryptojs/jsrsa</li>
+973  * <li>SHA224withDSA - cryptojs/jsrsa</li>
+974  * <li>SHA256withDSA - cryptojs/jsrsa</li>
+975  * </ul>
+976  * Here are supported elliptic cryptographic curve names and their aliases for ECDSA:
+977  * <ul>
+978  * <li>secp256k1</li>
+979  * <li>secp256r1, NIST P-256, P-256, prime256v1</li>
+980  * <li>secp384r1, NIST P-384, P-384</li>
+981  * </ul>
+982  * NOTE1: DSA signing algorithm is also supported since crypto 1.1.5.
+983  * <h4>EXAMPLES</h4>
+984  * @example
+985  * // RSA signature generation
+986  * var sig = new KJUR.crypto.Signature({"alg": "SHA1withRSA"});
+987  * sig.init(prvKeyPEM);
+988  * sig.updateString('aaa');
+989  * var hSigVal = sig.sign();
+990  *
+991  * // DSA signature validation
+992  * var sig2 = new KJUR.crypto.Signature({"alg": "SHA1withDSA"});
+993  * sig2.init(certPEM);
+994  * sig.updateString('aaa');
+995  * var isValid = sig2.verify(hSigVal);
+996  * 
+997  * // ECDSA signing
+998  * var sig = new KJUR.crypto.Signature({'alg':'SHA1withECDSA'});
+999  * sig.init(prvKeyPEM);
+1000  * sig.updateString('aaa');
+1001  * var sigValueHex = sig.sign();
+1002  *
+1003  * // ECDSA verifying
+1004  * var sig2 = new KJUR.crypto.Signature({'alg':'SHA1withECDSA'});
+1005  * sig.init(certPEM);
+1006  * sig.updateString('aaa');
+1007  * var isValid = sig.verify(sigValueHex);
+1008  */
+1009 KJUR.crypto.Signature = function(params) {
+1010     var prvKey = null; // RSAKey/KJUR.crypto.{ECDSA,DSA} object for signing
+1011     var pubKey = null; // RSAKey/KJUR.crypto.{ECDSA,DSA} object for verifying
+1012 
+1013     var md = null; // KJUR.crypto.MessageDigest object
+1014     var sig = null;
+1015     var algName = null;
+1016     var provName = null;
+1017     var algProvName = null;
+1018     var mdAlgName = null;
+1019     var pubkeyAlgName = null;	// rsa,ecdsa,rsaandmgf1(=rsapss)
+1020     var state = null;
+1021     var pssSaltLen = -1;
+1022     var initParams = null;
+1023 
+1024     var sHashHex = null; // hex hash value for hex
+1025     var hDigestInfo = null;
+1026     var hPaddedDigestInfo = null;
+1027     var hSign = null;
+1028 
+1029     this._setAlgNames = function() {
+1030     var matchResult = this.algName.match(/^(.+)with(.+)$/);
+1031 	if (matchResult) {
+1032 	    this.mdAlgName = matchResult[1].toLowerCase();
+1033 	    this.pubkeyAlgName = matchResult[2].toLowerCase();
+1034 	}
+1035     };
+1036 
+1037     this._zeroPaddingOfSignature = function(hex, bitLength) {
+1038 	var s = "";
+1039 	var nZero = bitLength / 4 - hex.length;
+1040 	for (var i = 0; i < nZero; i++) {
+1041 	    s = s + "0";
+1042 	}
+1043 	return s + hex;
+1044     };
+1045 
+1046     /**
+1047      * set signature algorithm and provider
+1048      * @name setAlgAndProvider
+1049      * @memberOf KJUR.crypto.Signature#
+1050      * @function
+1051      * @param {String} alg signature algorithm name
+1052      * @param {String} prov provider name
+1053      * @description
+1054      * @example
+1055      * md.setAlgAndProvider('SHA1withRSA', 'cryptojs/jsrsa');
+1056      */
+1057     this.setAlgAndProvider = function(alg, prov) {
+1058 	this._setAlgNames();
+1059 	if (prov != 'cryptojs/jsrsa')
+1060 	    throw "provider not supported: " + prov;
+1061 
+1062 	if (':md5:sha1:sha224:sha256:sha384:sha512:ripemd160:'.indexOf(this.mdAlgName) != -1) {
+1063 	    try {
+1064 		this.md = new KJUR.crypto.MessageDigest({'alg':this.mdAlgName});
+1065 	    } catch (ex) {
+1066 		throw "setAlgAndProvider hash alg set fail alg=" +
+1067                       this.mdAlgName + "/" + ex;
+1068 	    }
+1069 
+1070 	    this.init = function(keyparam, pass) {
+1071 		var keyObj = null;
+1072 		try {
+1073 		    if (pass === undefined) {
+1074 			keyObj = KEYUTIL.getKey(keyparam);
+1075 		    } else {
+1076 			keyObj = KEYUTIL.getKey(keyparam, pass);
+1077 		    }
+1078 		} catch (ex) {
+1079 		    throw "init failed:" + ex;
+1080 		}
+1081 
+1082 		if (keyObj.isPrivate === true) {
+1083 		    this.prvKey = keyObj;
+1084 		    this.state = "SIGN";
+1085 		} else if (keyObj.isPublic === true) {
+1086 		    this.pubKey = keyObj;
+1087 		    this.state = "VERIFY";
+1088 		} else {
+1089 		    throw "init failed.:" + keyObj;
+1090 		}
+1091 	    };
+1092 
+1093 	    this.initSign = function(params) {
+1094 		if (typeof params['ecprvhex'] == 'string' &&
+1095                     typeof params['eccurvename'] == 'string') {
+1096 		    this.ecprvhex = params['ecprvhex'];
+1097 		    this.eccurvename = params['eccurvename'];
+1098 		} else {
+1099 		    this.prvKey = params;
+1100 		}
+1101 		this.state = "SIGN";
+1102 	    };
+1103 
+1104 	    this.initVerifyByPublicKey = function(params) {
+1105 		if (typeof params['ecpubhex'] == 'string' &&
+1106 		    typeof params['eccurvename'] == 'string') {
+1107 		    this.ecpubhex = params['ecpubhex'];
+1108 		    this.eccurvename = params['eccurvename'];
+1109 		} else if (params instanceof KJUR.crypto.ECDSA) {
+1110 		    this.pubKey = params;
+1111 		} else if (params instanceof RSAKey) {
+1112 		    this.pubKey = params;
+1113 		}
+1114 		this.state = "VERIFY";
+1115 	    };
+1116 
+1117 	    this.initVerifyByCertificatePEM = function(certPEM) {
+1118 		var x509 = new X509();
+1119 		x509.readCertPEM(certPEM);
+1120 		this.pubKey = x509.subjectPublicKeyRSA;
+1121 		this.state = "VERIFY";
+1122 	    };
+1123 
+1124 	    this.updateString = function(str) {
+1125 		this.md.updateString(str);
+1126 	    };
+1127 
+1128 	    this.updateHex = function(hex) {
+1129 		this.md.updateHex(hex);
+1130 	    };
+1131 
+1132 	    this.sign = function() {
+1133 		this.sHashHex = this.md.digest();
+1134 		if (typeof this.ecprvhex != "undefined" &&
+1135 		    typeof this.eccurvename != "undefined") {
+1136 		    var ec = new KJUR.crypto.ECDSA({'curve': this.eccurvename});
+1137 		    this.hSign = ec.signHex(this.sHashHex, this.ecprvhex);
+1138 		} else if (this.prvKey instanceof RSAKey &&
+1139 		           this.pubkeyAlgName == "rsaandmgf1") {
+1140 		    this.hSign = this.prvKey.signWithMessageHashPSS(this.sHashHex,
+1141 								    this.mdAlgName,
+1142 								    this.pssSaltLen);
+1143 		} else if (this.prvKey instanceof RSAKey &&
+1144 			   this.pubkeyAlgName == "rsa") {
+1145 		    this.hSign = this.prvKey.signWithMessageHash(this.sHashHex,
+1146 								 this.mdAlgName);
+1147 		} else if (this.prvKey instanceof KJUR.crypto.ECDSA) {
+1148 		    this.hSign = this.prvKey.signWithMessageHash(this.sHashHex);
+1149 		} else if (this.prvKey instanceof KJUR.crypto.DSA) {
+1150 		    this.hSign = this.prvKey.signWithMessageHash(this.sHashHex);
+1151 		} else {
+1152 		    throw "Signature: unsupported public key alg: " + this.pubkeyAlgName;
+1153 		}
+1154 		return this.hSign;
+1155 	    };
+1156 	    this.signString = function(str) {
+1157 		this.updateString(str);
+1158 		return this.sign();
+1159 	    };
+1160 	    this.signHex = function(hex) {
+1161 		this.updateHex(hex);
+1162 		return this.sign();
+1163 	    };
+1164 	    this.verify = function(hSigVal) {
+1165 	        this.sHashHex = this.md.digest();
+1166 		if (typeof this.ecpubhex != "undefined" &&
+1167 		    typeof this.eccurvename != "undefined") {
+1168 		    var ec = new KJUR.crypto.ECDSA({curve: this.eccurvename});
+1169 		    return ec.verifyHex(this.sHashHex, hSigVal, this.ecpubhex);
+1170 		} else if (this.pubKey instanceof RSAKey &&
+1171 			   this.pubkeyAlgName == "rsaandmgf1") {
+1172 		    return this.pubKey.verifyWithMessageHashPSS(this.sHashHex, hSigVal, 
+1173 								this.mdAlgName,
+1174 								this.pssSaltLen);
+1175 		} else if (this.pubKey instanceof RSAKey &&
+1176 			   this.pubkeyAlgName == "rsa") {
+1177 		    return this.pubKey.verifyWithMessageHash(this.sHashHex, hSigVal);
+1178 		} else if (this.pubKey instanceof KJUR.crypto.ECDSA) {
+1179 		    return this.pubKey.verifyWithMessageHash(this.sHashHex, hSigVal);
+1180 		} else if (this.pubKey instanceof KJUR.crypto.DSA) {
+1181 		    return this.pubKey.verifyWithMessageHash(this.sHashHex, hSigVal);
+1182 		} else {
+1183 		    throw "Signature: unsupported public key alg: " + this.pubkeyAlgName;
+1184 		}
+1185 	    };
+1186 	}
+1187     };
+1188 
+1189     /**
+1190      * Initialize this object for signing or verifying depends on key
+1191      * @name init
+1192      * @memberOf KJUR.crypto.Signature#
+1193      * @function
+1194      * @param {Object} key specifying public or private key as plain/encrypted PKCS#5/8 PEM file, certificate PEM or {@link RSAKey}, {@link KJUR.crypto.DSA} or {@link KJUR.crypto.ECDSA} object
+1195      * @param {String} pass (OPTION) passcode for encrypted private key
+1196      * @since crypto 1.1.3
+1197      * @description
+1198      * This method is very useful initialize method for Signature class since
+1199      * you just specify key then this method will automatically initialize it
+1200      * using {@link KEYUTIL.getKey} method.
+1201      * As for 'key',  following argument type are supported:
+1202      * <h5>signing</h5>
+1203      * <ul>
+1204      * <li>PEM formatted PKCS#8 encrypted RSA/ECDSA private key concluding "BEGIN ENCRYPTED PRIVATE KEY"</li>
+1205      * <li>PEM formatted PKCS#5 encrypted RSA/DSA private key concluding "BEGIN RSA/DSA PRIVATE KEY" and ",ENCRYPTED"</li>
+1206      * <li>PEM formatted PKCS#8 plain RSA/ECDSA private key concluding "BEGIN PRIVATE KEY"</li>
+1207      * <li>PEM formatted PKCS#5 plain RSA/DSA private key concluding "BEGIN RSA/DSA PRIVATE KEY" without ",ENCRYPTED"</li>
+1208      * <li>RSAKey object of private key</li>
+1209      * <li>KJUR.crypto.ECDSA object of private key</li>
+1210      * <li>KJUR.crypto.DSA object of private key</li>
+1211      * </ul>
+1212      * <h5>verification</h5>
+1213      * <ul>
+1214      * <li>PEM formatted PKCS#8 RSA/EC/DSA public key concluding "BEGIN PUBLIC KEY"</li>
+1215      * <li>PEM formatted X.509 certificate with RSA/EC/DSA public key concluding
+1216      *     "BEGIN CERTIFICATE", "BEGIN X509 CERTIFICATE" or "BEGIN TRUSTED CERTIFICATE".</li>
+1217      * <li>RSAKey object of public key</li>
+1218      * <li>KJUR.crypto.ECDSA object of public key</li>
+1219      * <li>KJUR.crypto.DSA object of public key</li>
+1220      * </ul>
+1221      * @example
+1222      * sig.init(sCertPEM)
+1223      */
+1224     this.init = function(key, pass) {
+1225 	throw "init(key, pass) not supported for this alg:prov=" +
+1226 	      this.algProvName;
+1227     };
+1228 
+1229     /**
+1230      * Initialize this object for verifying with a public key
+1231      * @name initVerifyByPublicKey
+1232      * @memberOf KJUR.crypto.Signature#
+1233      * @function
+1234      * @param {Object} param RSAKey object of public key or associative array for ECDSA
+1235      * @since 1.0.2
+1236      * @deprecated from crypto 1.1.5. please use init() method instead.
+1237      * @description
+1238      * Public key information will be provided as 'param' parameter and the value will be
+1239      * following:
+1240      * <ul>
+1241      * <li>{@link RSAKey} object for RSA verification</li>
+1242      * <li>associative array for ECDSA verification
+1243      *     (ex. <code>{'ecpubhex': '041f..', 'eccurvename': 'secp256r1'}</code>)
+1244      * </li>
+1245      * </ul>
+1246      * @example
+1247      * sig.initVerifyByPublicKey(rsaPrvKey)
+1248      */
+1249     this.initVerifyByPublicKey = function(rsaPubKey) {
+1250 	throw "initVerifyByPublicKey(rsaPubKeyy) not supported for this alg:prov=" +
+1251 	      this.algProvName;
+1252     };
+1253 
+1254     /**
+1255      * Initialize this object for verifying with a certficate
+1256      * @name initVerifyByCertificatePEM
+1257      * @memberOf KJUR.crypto.Signature#
+1258      * @function
+1259      * @param {String} certPEM PEM formatted string of certificate
+1260      * @since 1.0.2
+1261      * @deprecated from crypto 1.1.5. please use init() method instead.
+1262      * @description
+1263      * @example
+1264      * sig.initVerifyByCertificatePEM(certPEM)
+1265      */
+1266     this.initVerifyByCertificatePEM = function(certPEM) {
+1267 	throw "initVerifyByCertificatePEM(certPEM) not supported for this alg:prov=" +
+1268 	    this.algProvName;
+1269     };
 1270 
-1271 	if (params['psssaltlen'] !== undefined) this.pssSaltLen = params['psssaltlen'];
-1272 
-1273 	if (params['prvkeypem'] !== undefined) {
-1274 	    if (params['prvkeypas'] !== undefined) {
-1275 		throw "both prvkeypem and prvkeypas parameters not supported";
-1276 	    } else {
-1277 		try {
-1278 		    var prvKey = new RSAKey();
-1279 		    prvKey.readPrivateKeyFromPEMString(params['prvkeypem']);
-1280 		    this.initSign(prvKey);
-1281 		} catch (ex) {
-1282 		    throw "fatal error to load pem private key: " + ex;
-1283 		}
-1284 	    }
-1285 	}
-1286     }
-1287 };
-1288 
-1289 // ====== Cipher class ============================================================
-1290 /**
-1291  * Cipher class to encrypt and decrypt data<br/>
-1292  * @name KJUR.crypto.Cipher
-1293  * @class Cipher class to encrypt and decrypt data<br/>
-1294  * @param {Array} params parameters for constructor
-1295  * @since jsrsasign 6.2.0 crypto 1.1.10
-1296  * @description
-1297  * Here is supported canonicalized cipher algorithm names and its standard names:
-1298  * <ul>
-1299  * <li>RSA - RSA/ECB/PKCS1Padding (default for RSAKey)</li>
-1300  * <li>RSAOAEP - RSA/ECB/OAEPWithSHA-1AndMGF1Padding</li>
-1301  * <li>RSAOAEP224 - RSA/ECB/OAEPWithSHA-224AndMGF1Padding(*)</li>
-1302  * <li>RSAOAEP256 - RSA/ECB/OAEPWithSHA-256AndMGF1Padding</li>
-1303  * <li>RSAOAEP384 - RSA/ECB/OAEPWithSHA-384AndMGF1Padding(*)</li>
-1304  * <li>RSAOAEP512 - RSA/ECB/OAEPWithSHA-512AndMGF1Padding(*)</li>
-1305  * </ul>
-1306  * NOTE: (*) is not supported in Java JCE.<br/>
-1307  * Currently this class supports only RSA encryption and decryption. 
-1308  * However it is planning to implement also symmetric ciphers near in the future.
-1309  * @example
-1310  */
-1311 KJUR.crypto.Cipher = function(params) {
-1312 };
-1313 
-1314 /**
-1315  * encrypt raw string by specified key and algorithm<br/>
-1316  * @name encrypt
-1317  * @memberOf KJUR.crypto.Cipher
-1318  * @function
-1319  * @param {String} s input string to encrypt
-1320  * @param {Object} keyObj RSAKey object or hexadecimal string of symmetric cipher key
-1321  * @param {String} algName short/long algorithm name for encryption/decryption
-1322  * @return {String} hexadecimal encrypted string
-1323  * @since jsrsasign 6.2.0 crypto 1.1.10
-1324  * @description
-1325  * This static method encrypts raw string with specified key and algorithm.
-1326  * @example 
-1327  * KJUR.crypto.Cipher.encrypt("aaa", pubRSAKeyObj) → "1abc2d..."
-1328  * KJUR.crypto.Cipher.encrypt("aaa", pubRSAKeyObj, "RSAOAEP) → "23ab02..."
-1329  */
-1330 KJUR.crypto.Cipher.encrypt = function(s, keyObj, algName) {
-1331     if (keyObj instanceof RSAKey && keyObj.isPublic) {
-1332 	var algName2 = KJUR.crypto.Cipher.getAlgByKeyAndName(keyObj, algName);
-1333 	if (algName2 === "RSA") return keyObj.encrypt(s);
-1334 	if (algName2 === "RSAOAEP") return keyObj.encryptOAEP(s, "sha1");
-1335 
-1336 	var a = algName2.match(/^RSAOAEP(\d+)$/);
-1337 	if (a !== null) return keyObj.encryptOAEP(s, "sha" + a[1]);
-1338 
-1339 	throw "Cipher.encrypt: unsupported algorithm for RSAKey: " + algName;
-1340     } else {
-1341 	throw "Cipher.encrypt: unsupported key or algorithm";
-1342     }
-1343 };
-1344 
-1345 /**
-1346  * decrypt encrypted hexadecimal string with specified key and algorithm<br/>
-1347  * @name decrypt
-1348  * @memberOf KJUR.crypto.Cipher
-1349  * @function
-1350  * @param {String} hex hexadecial string of encrypted message
-1351  * @param {Object} keyObj RSAKey object or hexadecimal string of symmetric cipher key
-1352  * @param {String} algName short/long algorithm name for encryption/decryption
-1353  * @return {String} hexadecimal encrypted string
-1354  * @since jsrsasign 6.2.0 crypto 1.1.10
-1355  * @description
-1356  * This static method decrypts encrypted hexadecimal string with specified key and algorithm.
-1357  * @example 
-1358  * KJUR.crypto.Cipher.decrypt("aaa", prvRSAKeyObj) → "1abc2d..."
-1359  * KJUR.crypto.Cipher.decrypt("aaa", prvRSAKeyObj, "RSAOAEP) → "23ab02..."
-1360  */
-1361 KJUR.crypto.Cipher.decrypt = function(hex, keyObj, algName) {
-1362     if (keyObj instanceof RSAKey && keyObj.isPrivate) {
-1363 	var algName2 = KJUR.crypto.Cipher.getAlgByKeyAndName(keyObj, algName);
-1364 	if (algName2 === "RSA") return keyObj.decrypt(hex);
-1365 	if (algName2 === "RSAOAEP") return keyObj.decryptOAEP(hex, "sha1");
-1366 
-1367 	var a = algName2.match(/^RSAOAEP(\d+)$/);
-1368 	if (a !== null) return keyObj.decryptOAEP(hex, "sha" + a[1]);
-1369 
-1370 	throw "Cipher.decrypt: unsupported algorithm for RSAKey: " + algName;
-1371     } else {
-1372 	throw "Cipher.decrypt: unsupported key or algorithm";
-1373     }
-1374 };
-1375 
-1376 /**
-1377  * get canonicalized encrypt/decrypt algorithm name by key and short/long algorithm name<br/>
-1378  * @name getAlgByKeyAndName
-1379  * @memberOf KJUR.crypto.Cipher
-1380  * @function
-1381  * @param {Object} keyObj RSAKey object or hexadecimal string of symmetric cipher key
-1382  * @param {String} algName short/long algorithm name for encryption/decryption
-1383  * @return {String} canonicalized algorithm name for encryption/decryption
-1384  * @since jsrsasign 6.2.0 crypto 1.1.10
-1385  * @description
-1386  * Here is supported canonicalized cipher algorithm names and its standard names:
-1387  * <ul>
-1388  * <li>RSA - RSA/ECB/PKCS1Padding (default for RSAKey)</li>
-1389  * <li>RSAOAEP - RSA/ECB/OAEPWithSHA-1AndMGF1Padding</li>
-1390  * <li>RSAOAEP224 - RSA/ECB/OAEPWithSHA-224AndMGF1Padding(*)</li>
-1391  * <li>RSAOAEP256 - RSA/ECB/OAEPWithSHA-256AndMGF1Padding</li>
-1392  * <li>RSAOAEP384 - RSA/ECB/OAEPWithSHA-384AndMGF1Padding(*)</li>
-1393  * <li>RSAOAEP512 - RSA/ECB/OAEPWithSHA-512AndMGF1Padding(*)</li>
-1394  * </ul>
-1395  * NOTE: (*) is not supported in Java JCE.
-1396  * @example 
-1397  * KJUR.crypto.Cipher.getAlgByKeyAndName(objRSAKey) → "RSA"
-1398  * KJUR.crypto.Cipher.getAlgByKeyAndName(objRSAKey, "RSAOAEP") → "RSAOAEP"
-1399  */
-1400 KJUR.crypto.Cipher.getAlgByKeyAndName = function(keyObj, algName) {
-1401     if (keyObj instanceof RSAKey) {
-1402 	if (":RSA:RSAOAEP:RSAOAEP224:RSAOAEP256:RSAOAEP384:RSAOAEP512:".indexOf(algName) != -1)
-1403 	    return algName;
-1404 	if (algName === null || algName === undefined) return "RSA";
-1405 	throw "getAlgByKeyAndName: not supported algorithm name for RSAKey: " + algName;
-1406     }
-1407     throw "getAlgByKeyAndName: not supported algorithm name: " + algName;
-1408 }
-1409 
-1410 // ====== Other Utility class =====================================================
-1411 
-1412 /**
-1413  * static object for cryptographic function utilities
-1414  * @name KJUR.crypto.OID
-1415  * @class static object for cryptography related OIDs
-1416  * @property {Array} oidhex2name key value of hexadecimal OID and its name
-1417  *           (ex. '2a8648ce3d030107' and 'secp256r1')
-1418  * @since crypto 1.1.3
-1419  * @description
-1420  */
-1421 KJUR.crypto.OID = new function() {
-1422     this.oidhex2name = {
-1423 	'2a864886f70d010101': 'rsaEncryption',
-1424 	'2a8648ce3d0201': 'ecPublicKey',
-1425 	'2a8648ce380401': 'dsa',
-1426 	'2a8648ce3d030107': 'secp256r1',
-1427 	'2b8104001f': 'secp192k1',
-1428 	'2b81040021': 'secp224r1',
-1429 	'2b8104000a': 'secp256k1',
-1430 	'2b81040023': 'secp521r1',
-1431 	'2b81040022': 'secp384r1',
-1432 	'2a8648ce380403': 'SHA1withDSA', // 1.2.840.10040.4.3
-1433 	'608648016503040301': 'SHA224withDSA', // 2.16.840.1.101.3.4.3.1
-1434 	'608648016503040302': 'SHA256withDSA', // 2.16.840.1.101.3.4.3.2
-1435     };
+1271     /**
+1272      * Initialize this object for signing
+1273      * @name initSign
+1274      * @memberOf KJUR.crypto.Signature#
+1275      * @function
+1276      * @param {Object} param RSAKey object of public key or associative array for ECDSA
+1277      * @deprecated from crypto 1.1.5. please use init() method instead.
+1278      * @description
+1279      * Private key information will be provided as 'param' parameter and the value will be
+1280      * following:
+1281      * <ul>
+1282      * <li>{@link RSAKey} object for RSA signing</li>
+1283      * <li>associative array for ECDSA signing
+1284      *     (ex. <code>{'ecprvhex': '1d3f..', 'eccurvename': 'secp256r1'}</code>)</li>
+1285      * </ul>
+1286      * @example
+1287      * sig.initSign(prvKey)
+1288      */
+1289     this.initSign = function(prvKey) {
+1290 	throw "initSign(prvKey) not supported for this alg:prov=" + this.algProvName;
+1291     };
+1292 
+1293     /**
+1294      * Updates the data to be signed or verified by a string
+1295      * @name updateString
+1296      * @memberOf KJUR.crypto.Signature#
+1297      * @function
+1298      * @param {String} str string to use for the update
+1299      * @description
+1300      * @example
+1301      * sig.updateString('aaa')
+1302      */
+1303     this.updateString = function(str) {
+1304 	throw "updateString(str) not supported for this alg:prov=" + this.algProvName;
+1305     };
+1306 
+1307     /**
+1308      * Updates the data to be signed or verified by a hexadecimal string
+1309      * @name updateHex
+1310      * @memberOf KJUR.crypto.Signature#
+1311      * @function
+1312      * @param {String} hex hexadecimal string to use for the update
+1313      * @description
+1314      * @example
+1315      * sig.updateHex('1f2f3f')
+1316      */
+1317     this.updateHex = function(hex) {
+1318 	throw "updateHex(hex) not supported for this alg:prov=" + this.algProvName;
+1319     };
+1320 
+1321     /**
+1322      * Returns the signature bytes of all data updates as a hexadecimal string
+1323      * @name sign
+1324      * @memberOf KJUR.crypto.Signature#
+1325      * @function
+1326      * @return the signature bytes as a hexadecimal string
+1327      * @description
+1328      * @example
+1329      * var hSigValue = sig.sign()
+1330      */
+1331     this.sign = function() {
+1332 	throw "sign() not supported for this alg:prov=" + this.algProvName;
+1333     };
+1334 
+1335     /**
+1336      * performs final update on the sign using string, then returns the signature bytes of all data updates as a hexadecimal string
+1337      * @name signString
+1338      * @memberOf KJUR.crypto.Signature#
+1339      * @function
+1340      * @param {String} str string to final update
+1341      * @return the signature bytes of a hexadecimal string
+1342      * @description
+1343      * @example
+1344      * var hSigValue = sig.signString('aaa')
+1345      */
+1346     this.signString = function(str) {
+1347 	throw "digestString(str) not supported for this alg:prov=" + this.algProvName;
+1348     };
+1349 
+1350     /**
+1351      * performs final update on the sign using hexadecimal string, then returns the signature bytes of all data updates as a hexadecimal string
+1352      * @name signHex
+1353      * @memberOf KJUR.crypto.Signature#
+1354      * @function
+1355      * @param {String} hex hexadecimal string to final update
+1356      * @return the signature bytes of a hexadecimal string
+1357      * @description
+1358      * @example
+1359      * var hSigValue = sig.signHex('1fdc33')
+1360      */
+1361     this.signHex = function(hex) {
+1362 	throw "digestHex(hex) not supported for this alg:prov=" + this.algProvName;
+1363     };
+1364 
+1365     /**
+1366      * verifies the passed-in signature.
+1367      * @name verify
+1368      * @memberOf KJUR.crypto.Signature#
+1369      * @function
+1370      * @param {String} str string to final update
+1371      * @return {Boolean} true if the signature was verified, otherwise false
+1372      * @description
+1373      * @example
+1374      * var isValid = sig.verify('1fbcefdca4823a7(snip)')
+1375      */
+1376     this.verify = function(hSigVal) {
+1377 	throw "verify(hSigVal) not supported for this alg:prov=" + this.algProvName;
+1378     };
+1379 
+1380     this.initParams = params;
+1381 
+1382     if (params !== undefined) {
+1383 	if (params['alg'] !== undefined) {
+1384 	    this.algName = params['alg'];
+1385 	    if (params['prov'] === undefined) {
+1386 		this.provName = KJUR.crypto.Util.DEFAULTPROVIDER[this.algName];
+1387 	    } else {
+1388 		this.provName = params['prov'];
+1389 	    }
+1390 	    this.algProvName = this.algName + ":" + this.provName;
+1391 	    this.setAlgAndProvider(this.algName, this.provName);
+1392 	    this._setAlgNames();
+1393 	}
+1394 
+1395 	if (params['psssaltlen'] !== undefined) this.pssSaltLen = params['psssaltlen'];
+1396 
+1397 	if (params['prvkeypem'] !== undefined) {
+1398 	    if (params['prvkeypas'] !== undefined) {
+1399 		throw "both prvkeypem and prvkeypas parameters not supported";
+1400 	    } else {
+1401 		try {
+1402 		    var prvKey = new RSAKey();
+1403 		    prvKey.readPrivateKeyFromPEMString(params['prvkeypem']);
+1404 		    this.initSign(prvKey);
+1405 		} catch (ex) {
+1406 		    throw "fatal error to load pem private key: " + ex;
+1407 		}
+1408 	    }
+1409 	}
+1410     }
+1411 };
+1412 
+1413 // ====== Cipher class ============================================================
+1414 /**
+1415  * Cipher class to encrypt and decrypt data<br/>
+1416  * @name KJUR.crypto.Cipher
+1417  * @class Cipher class to encrypt and decrypt data<br/>
+1418  * @param {Array} params parameters for constructor
+1419  * @since jsrsasign 6.2.0 crypto 1.1.10
+1420  * @description
+1421  * Here is supported canonicalized cipher algorithm names and its standard names:
+1422  * <ul>
+1423  * <li>RSA - RSA/ECB/PKCS1Padding (default for RSAKey)</li>
+1424  * <li>RSAOAEP - RSA/ECB/OAEPWithSHA-1AndMGF1Padding</li>
+1425  * <li>RSAOAEP224 - RSA/ECB/OAEPWithSHA-224AndMGF1Padding(*)</li>
+1426  * <li>RSAOAEP256 - RSA/ECB/OAEPWithSHA-256AndMGF1Padding</li>
+1427  * <li>RSAOAEP384 - RSA/ECB/OAEPWithSHA-384AndMGF1Padding(*)</li>
+1428  * <li>RSAOAEP512 - RSA/ECB/OAEPWithSHA-512AndMGF1Padding(*)</li>
+1429  * </ul>
+1430  * NOTE: (*) is not supported in Java JCE.<br/>
+1431  * Currently this class supports only RSA encryption and decryption. 
+1432  * However it is planning to implement also symmetric ciphers near in the future.
+1433  * @example
+1434  */
+1435 KJUR.crypto.Cipher = function(params) {
 1436 };
-1437 

\ No newline at end of file
+1437 
+1438 /**
+1439  * encrypt raw string by specified key and algorithm<br/>
+1440  * @name encrypt
+1441  * @memberOf KJUR.crypto.Cipher
+1442  * @function
+1443  * @param {String} s input string to encrypt
+1444  * @param {Object} keyObj RSAKey object or hexadecimal string of symmetric cipher key
+1445  * @param {String} algName short/long algorithm name for encryption/decryption
+1446  * @return {String} hexadecimal encrypted string
+1447  * @since jsrsasign 6.2.0 crypto 1.1.10
+1448  * @description
+1449  * This static method encrypts raw string with specified key and algorithm.
+1450  * @example 
+1451  * KJUR.crypto.Cipher.encrypt("aaa", pubRSAKeyObj) → "1abc2d..."
+1452  * KJUR.crypto.Cipher.encrypt("aaa", pubRSAKeyObj, "RSAOAEP) → "23ab02..."
+1453  */
+1454 KJUR.crypto.Cipher.encrypt = function(s, keyObj, algName) {
+1455     if (keyObj instanceof RSAKey && keyObj.isPublic) {
+1456 	var algName2 = KJUR.crypto.Cipher.getAlgByKeyAndName(keyObj, algName);
+1457 	if (algName2 === "RSA") return keyObj.encrypt(s);
+1458 	if (algName2 === "RSAOAEP") return keyObj.encryptOAEP(s, "sha1");
+1459 
+1460 	var a = algName2.match(/^RSAOAEP(\d+)$/);
+1461 	if (a !== null) return keyObj.encryptOAEP(s, "sha" + a[1]);
+1462 
+1463 	throw "Cipher.encrypt: unsupported algorithm for RSAKey: " + algName;
+1464     } else {
+1465 	throw "Cipher.encrypt: unsupported key or algorithm";
+1466     }
+1467 };
+1468 
+1469 /**
+1470  * decrypt encrypted hexadecimal string with specified key and algorithm<br/>
+1471  * @name decrypt
+1472  * @memberOf KJUR.crypto.Cipher
+1473  * @function
+1474  * @param {String} hex hexadecial string of encrypted message
+1475  * @param {Object} keyObj RSAKey object or hexadecimal string of symmetric cipher key
+1476  * @param {String} algName short/long algorithm name for encryption/decryption
+1477  * @return {String} hexadecimal encrypted string
+1478  * @since jsrsasign 6.2.0 crypto 1.1.10
+1479  * @description
+1480  * This static method decrypts encrypted hexadecimal string with specified key and algorithm.
+1481  * @example 
+1482  * KJUR.crypto.Cipher.decrypt("aaa", prvRSAKeyObj) → "1abc2d..."
+1483  * KJUR.crypto.Cipher.decrypt("aaa", prvRSAKeyObj, "RSAOAEP) → "23ab02..."
+1484  */
+1485 KJUR.crypto.Cipher.decrypt = function(hex, keyObj, algName) {
+1486     if (keyObj instanceof RSAKey && keyObj.isPrivate) {
+1487 	var algName2 = KJUR.crypto.Cipher.getAlgByKeyAndName(keyObj, algName);
+1488 	if (algName2 === "RSA") return keyObj.decrypt(hex);
+1489 	if (algName2 === "RSAOAEP") return keyObj.decryptOAEP(hex, "sha1");
+1490 
+1491 	var a = algName2.match(/^RSAOAEP(\d+)$/);
+1492 	if (a !== null) return keyObj.decryptOAEP(hex, "sha" + a[1]);
+1493 
+1494 	throw "Cipher.decrypt: unsupported algorithm for RSAKey: " + algName;
+1495     } else {
+1496 	throw "Cipher.decrypt: unsupported key or algorithm";
+1497     }
+1498 };
+1499 
+1500 /**
+1501  * get canonicalized encrypt/decrypt algorithm name by key and short/long algorithm name<br/>
+1502  * @name getAlgByKeyAndName
+1503  * @memberOf KJUR.crypto.Cipher
+1504  * @function
+1505  * @param {Object} keyObj RSAKey object or hexadecimal string of symmetric cipher key
+1506  * @param {String} algName short/long algorithm name for encryption/decryption
+1507  * @return {String} canonicalized algorithm name for encryption/decryption
+1508  * @since jsrsasign 6.2.0 crypto 1.1.10
+1509  * @description
+1510  * Here is supported canonicalized cipher algorithm names and its standard names:
+1511  * <ul>
+1512  * <li>RSA - RSA/ECB/PKCS1Padding (default for RSAKey)</li>
+1513  * <li>RSAOAEP - RSA/ECB/OAEPWithSHA-1AndMGF1Padding</li>
+1514  * <li>RSAOAEP224 - RSA/ECB/OAEPWithSHA-224AndMGF1Padding(*)</li>
+1515  * <li>RSAOAEP256 - RSA/ECB/OAEPWithSHA-256AndMGF1Padding</li>
+1516  * <li>RSAOAEP384 - RSA/ECB/OAEPWithSHA-384AndMGF1Padding(*)</li>
+1517  * <li>RSAOAEP512 - RSA/ECB/OAEPWithSHA-512AndMGF1Padding(*)</li>
+1518  * </ul>
+1519  * NOTE: (*) is not supported in Java JCE.
+1520  * @example 
+1521  * KJUR.crypto.Cipher.getAlgByKeyAndName(objRSAKey) → "RSA"
+1522  * KJUR.crypto.Cipher.getAlgByKeyAndName(objRSAKey, "RSAOAEP") → "RSAOAEP"
+1523  */
+1524 KJUR.crypto.Cipher.getAlgByKeyAndName = function(keyObj, algName) {
+1525     if (keyObj instanceof RSAKey) {
+1526 	if (":RSA:RSAOAEP:RSAOAEP224:RSAOAEP256:RSAOAEP384:RSAOAEP512:".indexOf(algName) != -1)
+1527 	    return algName;
+1528 	if (algName === null || algName === undefined) return "RSA";
+1529 	throw "getAlgByKeyAndName: not supported algorithm name for RSAKey: " + algName;
+1530     }
+1531     throw "getAlgByKeyAndName: not supported algorithm name: " + algName;
+1532 }
+1533 
+1534 // ====== Other Utility class =====================================================
+1535 
+1536 /**
+1537  * static object for cryptographic function utilities
+1538  * @name KJUR.crypto.OID
+1539  * @class static object for cryptography related OIDs
+1540  * @property {Array} oidhex2name key value of hexadecimal OID and its name
+1541  *           (ex. '2a8648ce3d030107' and 'secp256r1')
+1542  * @since crypto 1.1.3
+1543  * @description
+1544  */
+1545 KJUR.crypto.OID = new function() {
+1546     this.oidhex2name = {
+1547 	'2a864886f70d010101': 'rsaEncryption',
+1548 	'2a8648ce3d0201': 'ecPublicKey',
+1549 	'2a8648ce380401': 'dsa',
+1550 	'2a8648ce3d030107': 'secp256r1',
+1551 	'2b8104001f': 'secp192k1',
+1552 	'2b81040021': 'secp224r1',
+1553 	'2b8104000a': 'secp256k1',
+1554 	'2b81040023': 'secp521r1',
+1555 	'2b81040022': 'secp384r1',
+1556 	'2a8648ce380403': 'SHA1withDSA', // 1.2.840.10040.4.3
+1557 	'608648016503040301': 'SHA224withDSA', // 2.16.840.1.101.3.4.3.1
+1558 	'608648016503040302': 'SHA256withDSA', // 2.16.840.1.101.3.4.3.2
+1559     };
+1560 };
+1561
\ No newline at end of file diff --git a/api/symbols/src/dsa-2.0.js.html b/api/symbols/src/dsa-2.0.js.html new file mode 100644 index 00000000..b449b771 --- /dev/null +++ b/api/symbols/src/dsa-2.0.js.html @@ -0,0 +1,214 @@ + 
  1 /*! dsa-2.0.0.js (c) 2016 Kenji Urushimma | kjur.github.com/jsrsasign/license
+  2  */
+  3 /*
+  4  * dsa.js - new DSA class
+  5  *
+  6  * Copyright (c) 2016 Kenji Urushima (kenji.urushima@gmail.com)
+  7  *
+  8  * This software is licensed under the terms of the MIT License.
+  9  * http://kjur.github.com/jsrsasign/license
+ 10  *
+ 11  * The above copyright and license notice shall be 
+ 12  * included in all copies or substantial portions of the Software.
+ 13  */
+ 14 
+ 15 /**
+ 16  * @fileOverview
+ 17  * @name dsa-2.0.js
+ 18  * @author Kenji Urushima kenji.urushima@gmail.com
+ 19  * @version dsa 2.0.0 (2016-Dec-24)
+ 20  * @since jsrsasign 7.0.0
+ 21  * @license <a href="http://kjur.github.io/jsrsasign/license/">MIT License</a>
+ 22  */
+ 23 
+ 24 if (typeof KJUR == "undefined" || !KJUR) KJUR = {};
+ 25 if (typeof KJUR.crypto == "undefined" || !KJUR.crypto) KJUR.crypto = {};
+ 26 
+ 27 /**
+ 28  * class for DSA signing and verification
+ 29  * @name KJUR.crypto.DSA
+ 30  * @class class for DSA signing and verifcation
+ 31  * @since jsrsasign 7.0.0 dsa 2.0.0
+ 32  * @description
+ 33  * <p>
+ 34  * CAUTION: Most of the case, you don't need to use this class.
+ 35  * Please use {@link KJUR.crypto.Signature} class instead.
+ 36  * </p>
+ 37  * <p>
+ 38  * NOTE: Until jsrsasign 6.2.3, DSA class have used codes from openpgpjs library 1.0.0
+ 39  * licenced under LGPL licence. To avoid license issue dsa-2.0.js was re-written with
+ 40  * my own codes in jsrsasign 7.0.0. 
+ 41  * Some random number generators used in dsa-2.0.js was newly defined
+ 42  * in KJUR.crypto.Util class. Now all of LGPL codes are removed.
+ 43  * </p>
+ 44  */
+ 45 KJUR.crypto.DSA = function() {
+ 46     this.p = null;
+ 47     this.q = null;
+ 48     this.g = null;
+ 49     this.y = null;
+ 50     this.x = null;
+ 51     this.type = "DSA";
+ 52 
+ 53     //===========================
+ 54     // PUBLIC METHODS
+ 55     //===========================
+ 56 
+ 57     /**
+ 58      * set DSA private key by key parameters
+ 59      * @name setPrivate
+ 60      * @memberOf KJUR.crypto.DSA#
+ 61      * @function
+ 62      * @param {BigInteger} p prime P
+ 63      * @param {BigInteger} q sub prime Q
+ 64      * @param {BigInteger} g base G
+ 65      * @param {BigInteger} y public key Y
+ 66      * @param {BigInteger} x private key X
+ 67      * @since jsrsasign 7.0.0 dsa 2.0.0
+ 68      */
+ 69     this.setPrivate = function(p, q, g, y, x) {
+ 70 	this.isPrivate = true;
+ 71 	this.p = p;
+ 72 	this.q = q;
+ 73 	this.g = g;
+ 74 	this.y = y;
+ 75 	this.x = x;
+ 76     };
+ 77 
+ 78     /**
+ 79      * set DSA public key by key parameters
+ 80      * @name setPublic
+ 81      * @memberOf KJUR.crypto.DSA#
+ 82      * @function
+ 83      * @param {BigInteger} p prime P
+ 84      * @param {BigInteger} q sub prime Q
+ 85      * @param {BigInteger} g base G
+ 86      * @param {BigInteger} y public key Y
+ 87      * @since jsrsasign 7.0.0 dsa 2.0.0
+ 88      */
+ 89     this.setPublic = function(p, q, g, y) {
+ 90 	this.isPublic = true;
+ 91 	this.p = p;
+ 92 	this.q = q;
+ 93 	this.g = g;
+ 94 	this.y = y;
+ 95 	this.x = null;
+ 96     };
+ 97 
+ 98     /**
+ 99      * sign to hashed message by this DSA private key object
+100      * @name signWithMessageHash
+101      * @memberOf KJUR.crypto.DSA#
+102      * @function
+103      * @param {String} sHashHex hexadecimal string of hashed message
+104      * @return {String} hexadecimal string of ASN.1 encoded DSA signature value
+105      * @since jsrsasign 7.0.0 dsa 2.0.0
+106      */
+107     this.signWithMessageHash = function(sHashHex) {
+108 	var p = this.p; // parameter p
+109 	var q = this.q; // parameter q
+110 	var g = this.g; // parameter g
+111 	var y = this.y; // public key (p q g y)
+112 	var x = this.x; // private key
+113 
+114 	// NIST FIPS 186-4 4.5 DSA Per-Message Secret Number (p18)
+115 	// 1. get random k where 0 < k < q
+116 	var k = KJUR.crypto.Util.getRandomBigIntegerMinToMax(BigInteger.ONE.add(BigInteger.ONE),
+117 							     q.subtract(BigInteger.ONE));
+118 
+119 	// NIST FIPS 186-4 4.6 DSA Signature Generation (p19)
+120 	// 2. get z where the left most min(N, outlen) bits of Hash(M)
+121 	var hZ = sHashHex.substr(0, q.bitLength() / 4);
+122 	var z = new BigInteger(hZ, 16);
+123 
+124 	// 3. get r where (g^k mod p) mod q, r != 0
+125 	var r = (g.modPow(k,p)).mod(q); 
+126 
+127 	// 4. get s where k^-1 (z + xr) mod q, s != 0
+128 	var s = (k.modInverse(q).multiply(z.add(x.multiply(r)))).mod(q);
+129 
+130 	// 5. signature (r, s)
+131 	var result = KJUR.asn1.ASN1Util.jsonToASN1HEX({
+132 	    "seq": [{"int": {"bigint": r}}, {"int": {"bigint": s}}] 
+133 	});
+134 	return result;
+135     };
+136 
+137     /**
+138      * verify signature by this DSA public key object
+139      * @name verifyWithMessageHash
+140      * @memberOf KJUR.crypto.DSA#
+141      * @function
+142      * @param {String} sHashHex hexadecimal string of hashed message
+143      * @param {String} hSigVal hexadecimal string of ASN.1 encoded DSA signature value
+144      * @return {Boolean} true if the signature is valid otherwise false.
+145      * @since jsrsasign 7.0.0 dsa 2.0.0
+146      */
+147     this.verifyWithMessageHash = function(sHashHex, hSigVal) {
+148 	var p = this.p; // parameter p
+149 	var q = this.q; // parameter q
+150 	var g = this.g; // parameter g
+151 	var y = this.y; // public key (p q g y)
+152 
+153 	// 1. parse ASN.1 signature (r, s)
+154 	var rs = this.parseASN1Signature(hSigVal);
+155         var r = rs[0];
+156         var s = rs[1];
+157 
+158 	// NIST FIPS 186-4 4.6 DSA Signature Generation (p19)
+159 	// 2. get z where the left most min(N, outlen) bits of Hash(M)
+160 	var hZ = sHashHex.substr(0, q.bitLength() / 4);
+161 	var z = new BigInteger(hZ, 16);
+162 
+163 	// NIST FIPS 186-4 4.7 DSA Signature Validation (p19)
+164 	// 3.1. 0 < r < q
+165 	if (BigInteger.ZERO.compareTo(r) > 0 || r.compareTo(q) > 0)
+166 	    throw "invalid DSA signature";
+167 
+168 	// 3.2. 0 < s < q
+169 	if (BigInteger.ZERO.compareTo(s) > 0 || s.compareTo(q) > 0)
+170 	    throw "invalid DSA signature";
+171 
+172 	// 4. get w where w = s^-1 mod q
+173 	var w = s.modInverse(q);
+174 
+175 	// 5. get u1 where u1 = z w mod q
+176 	var u1 = z.multiply(w).mod(q);
+177 
+178 	// 6. get u2 where u2 = r w mod q
+179 	var u2 = r.multiply(w).mod(q);
+180 
+181 	// 7. get v where v = ((g^u1 y^u2) mod p) mod q
+182 	var v = g.modPow(u1,p).multiply(y.modPow(u2,p)).mod(p).mod(q);
+183 
+184 	// 8. signature is valid when v == r
+185 	return v.compareTo(r) == 0;
+186     };
+187 
+188     /**
+189      * parse hexadecimal ASN.1 DSA signature value
+190      * @name parseASN1Signature
+191      * @memberOf KJUR.crypto.DSA#
+192      * @function
+193      * @param {String} hSigVal hexadecimal string of ASN.1 encoded DSA signature value
+194      * @return {Array} array [r, s] of DSA signature value. Both r and s are BigInteger.
+195      * @since jsrsasign 7.0.0 dsa 2.0.0
+196      */
+197     this.parseASN1Signature = function(hSigVal) {
+198 	try {
+199 	    var r = new BigInteger(ASN1HEX.getVbyList(hSigVal, 0, [0], "02"), 16);
+200 	    var s = new BigInteger(ASN1HEX.getVbyList(hSigVal, 0, [1], "02"), 16);
+201 	    return [r, s];
+202 	} catch (ex) {
+203 	    throw "malformed ASN.1 DSA signature";
+204 	}
+205     }
+206 }
+207
\ No newline at end of file diff --git a/api/symbols/src/dsa-modified-1.0.js.html b/api/symbols/src/dsa-modified-1.0.js.html deleted file mode 100644 index 5221a9d0..00000000 --- a/api/symbols/src/dsa-modified-1.0.js.html +++ /dev/null @@ -1,389 +0,0 @@ - 
  1 /*! dsa-modified-1.0.1.js (c) Recurity Labs GmbH, Kenji Urushimma | github.com/openpgpjs/openpgpjs/blob/master/LICENSE
-  2  */
-  3 /*
-  4  * dsa-modified.js - modified DSA class of OpenPGP-JS
-  5  * 
-  6  * Copyright (c) 2011-2013 Recurity Labs GmbH (github.com/openpgpjs)
-  7  *                         Kenji Urushima (kenji.urushima@gmail.com)
-  8  * LICENSE
-  9  *   https://github.com/openpgpjs/openpgpjs/blob/master/LICENSE
- 10  */
- 11 
- 12 /**
- 13  * @fileOverview
- 14  * @name dsa-modified-1.0.js
- 15  * @author Recurity Labs GmbH (github.com/openpgpjs) and Kenji Urushima (kenji.urushima@gmail.com)
- 16  * @version 1.0.1 (2013-Oct-06)
- 17  * @since jsrsasign 4.1.6
- 18  * @license <a href="https://github.com/openpgpjs/openpgpjs/blob/master/LICENSE">LGPL License</a>
- 19  */
- 20 
- 21 if (typeof KJUR == "undefined" || !KJUR) KJUR = {};
- 22 if (typeof KJUR.crypto == "undefined" || !KJUR.crypto) KJUR.crypto = {};
- 23 
- 24 /**
- 25  * class for DSA signing and verification
- 26  * @name KJUR.crypto.DSA
- 27  * @class class for DSA signing and verifcation
- 28  * @description
- 29  * <p>
- 30  * CAUTION: Most of the case, you don't need to use this class.
- 31  * Please use {@link KJUR.crypto.Signature} class instead.
- 32  * </p>
- 33  * <p>
- 34  * This class was originally developped by Recurity Labs GmbH for OpenPGP JavaScript library.
- 35  * (See {@link https://github.com/openpgpjs/openpgpjs/blob/master/src/ciphers/asymmetric/dsa.js})
- 36  * </p>
- 37  */
- 38 /* https://github.com/openpgpjs/openpgpjs/blob/master/src/ciphers/asymmetric/dsa.js */
- 39 KJUR.crypto.DSA = function() {
- 40     this.p = null;
- 41     this.q = null;
- 42     this.g = null;
- 43     this.y = null;
- 44     this.x = null;
- 45     this.type = "DSA";
- 46 
- 47     //===========================
- 48     // PUBLIC METHODS
- 49     //===========================
- 50 
- 51     /**
- 52      * set DSA private key by key specs
- 53      * @name setPrivate
- 54      * @memberOf KJUR.crypto.DSA
- 55      * @function
- 56      * @param {BigInteger} p prime P
- 57      * @param {BigInteger} q sub prime Q
- 58      * @param {BigInteger} g base G
- 59      * @param {BigInteger} y public key Y
- 60      * @param {BigInteger} x private key X
- 61      * @since dsa-modified 1.0.0
- 62      */
- 63     this.setPrivate = function(p, q, g, y, x) {
- 64 	this.isPrivate = true;
- 65 	this.p = p;
- 66 	this.q = q;
- 67 	this.g = g;
- 68 	this.y = y;
- 69 	this.x = x;
- 70     };
- 71 
- 72     /**
- 73      * set DSA public key by key specs
- 74      * @name setPublic
- 75      * @memberOf KJUR.crypto.DSA
- 76      * @function
- 77      * @param {BigInteger} p prime P
- 78      * @param {BigInteger} q sub prime Q
- 79      * @param {BigInteger} g base G
- 80      * @param {BigInteger} y public key Y
- 81      * @since dsa-modified 1.0.0
- 82      */
- 83     this.setPublic = function(p, q, g, y) {
- 84 	this.isPublic = true;
- 85 	this.p = p;
- 86 	this.q = q;
- 87 	this.g = g;
- 88 	this.y = y;
- 89 	this.x = null;
- 90     };
- 91 
- 92     /**
- 93      * sign to hashed message by this DSA private key object
- 94      * @name signWithMessageHash
- 95      * @memberOf KJUR.crypto.DSA
- 96      * @function
- 97      * @param {String} sHashHex hexadecimal string of hashed message
- 98      * @return {String} hexadecimal string of ASN.1 encoded DSA signature value
- 99      * @since dsa-modified 1.0.0
-100      */
-101     this.signWithMessageHash = function(sHashHex) {
-102 	var p = this.p;
-103 	var q = this.q;
-104 	var g = this.g;
-105 	var y = this.y;
-106 	var x = this.x;
-107 
-108 	// 1. trim message hash
-109 	var hashHex = sHashHex.substr(0, q.bitLength() / 4);
-110 	var hash = new BigInteger(sHashHex, 16);
-111 
-112 	var k = getRandomBigIntegerInRange(BigInteger.ONE.add(BigInteger.ONE),
-113 					   q.subtract(BigInteger.ONE));
-114 	var s1 = (g.modPow(k,p)).mod(q); 
-115 	var s2 = (k.modInverse(q).multiply(hash.add(x.multiply(s1)))).mod(q);
-116 
-117 	var result = KJUR.asn1.ASN1Util.jsonToASN1HEX({
-118 		'seq': [{'int': {'bigint': s1}}, {'int': {'bigint': s2}}] 
-119 	    });
-120 	return result;
-121     };
-122 
-123     /**
-124      * verify signature by this DSA public key object
-125      * @name verifyWithMessageHash
-126      * @memberOf KJUR.crypto.DSA
-127      * @function
-128      * @param {String} sHashHex hexadecimal string of hashed message
-129      * @param {String} hSigVal hexadecimal string of ASN.1 encoded DSA signature value
-130      * @return {Boolean} true if the signature is valid otherwise false.
-131      * @since dsa-modified 1.0.0
-132      */
-133     this.verifyWithMessageHash = function(sHashHex, hSigVal) {
-134 	var p = this.p;
-135 	var q = this.q;
-136 	var g = this.g;
-137 	var y = this.y;
-138 
-139 	// 1. parse ASN.1 signature
-140 	var s1s2 = this.parseASN1Signature(hSigVal);
-141         var s1 = s1s2[0];
-142         var s2 = s1s2[1];
-143 
-144 	// 2. trim message hash
-145 	var sHashHex = sHashHex.substr(0, q.bitLength() / 4);
-146 	var hash = new BigInteger(sHashHex, 16);
-147 
-148 	if (BigInteger.ZERO.compareTo(s1) > 0 ||
-149 	    s1.compareTo(q) > 0 ||
-150 	    BigInteger.ZERO.compareTo(s2) > 0 ||
-151 	    s2.compareTo(q) > 0) {
-152 	    throw "invalid DSA signature";
-153 	}
-154 	var w = s2.modInverse(q);
-155 	var u1 = hash.multiply(w).mod(q);
-156 	var u2 = s1.multiply(w).mod(q);
-157 	var dopublic = g.modPow(u1,p).multiply(y.modPow(u2,p)).mod(p).mod(q);
-158 	return dopublic.compareTo(s1) == 0;
-159     };
-160 
-161     /**
-162      * parse hexadecimal ASN.1 DSA signature value
-163      * @name parseASN1Signature
-164      * @memberOf KJUR.crypto.DSA
-165      * @function
-166      * @param {String} hSigVal hexadecimal string of ASN.1 encoded DSA signature value
-167      * @return {Array} array [s1, s2] of DSA signature value. Both s1 and s2 are BigInteger.
-168      * @since dsa-modified 1.0.0
-169      */
-170     this.parseASN1Signature = function(hSigVal) {
-171 	try {
-172 	    var s1 = new BigInteger(ASN1HEX.getVbyList(hSigVal, 0, [0], "02"), 16);
-173 	    var s2 = new BigInteger(ASN1HEX.getVbyList(hSigVal, 0, [1], "02"), 16);
-174 	    return [s1, s2];
-175 	} catch (ex) {
-176 	    throw "malformed DSA signature";
-177 	}
-178     }
-179 
-180     // s1 = ((g**s) mod p) mod q
-181     // s1 = ((s**-1)*(sha-1(m)+(s1*x) mod q)
-182     function sign(hashalgo, m, g, p, q, x) {
-183 	// If the output size of the chosen hash is larger than the number of
-184 	// bits of q, the hash result is truncated to fit by taking the number
-185 	// of leftmost bits equal to the number of bits of q.  This (possibly
-186 	// truncated) hash function result is treated as a number and used
-187 	// directly in the DSA signature algorithm.
-188 
-189 	var hashHex = KJUR.crypto.Util.hashString(m, hashalgo.toLowerCase());
-190 	var hashHex = hashHex.substr(0, q.bitLength() / 4);
-191 	var hash = new BigInteger(hashHex, 16);
-192 
-193 	var k = getRandomBigIntegerInRange(BigInteger.ONE.add(BigInteger.ONE),
-194 					   q.subtract(BigInteger.ONE));
-195 	var s1 = (g.modPow(k,p)).mod(q); 
-196 	var s2 = (k.modInverse(q).multiply(hash.add(x.multiply(s1)))).mod(q);
-197 	var result = new Array();
-198 	result[0] = s1;
-199 	result[1] = s2;
-200 	return result;
-201     }
-202 
-203     function select_hash_algorithm(q) {
-204 	var usersetting = openpgp.config.config.prefer_hash_algorithm;
-205 	/*
-206 	 * 1024-bit key, 160-bit q, SHA-1, SHA-224, SHA-256, SHA-384, or SHA-512 hash
-207 	 * 2048-bit key, 224-bit q, SHA-224, SHA-256, SHA-384, or SHA-512 hash
-208 	 * 2048-bit key, 256-bit q, SHA-256, SHA-384, or SHA-512 hash
-209 	 * 3072-bit key, 256-bit q, SHA-256, SHA-384, or SHA-512 hash
-210 	 */
-211 	switch (Math.round(q.bitLength() / 8)) {
-212 	case 20: // 1024 bit
-213 	    if (usersetting != 2 &&
-214 		usersetting > 11 &&
-215 		usersetting != 10 &&
-216 		usersetting < 8)
-217 		return 2; // prefer sha1
-218 	    return usersetting;
-219 	case 28: // 2048 bit
-220 	    if (usersetting > 11 &&
-221 		usersetting < 8)
-222 		return 11;
-223 	    return usersetting;
-224 	case 32: // 4096 bit // prefer sha224
-225 	    if (usersetting > 10 &&
-226 		usersetting < 8)
-227 		return 8; // prefer sha256
-228 	    return usersetting;
-229 	default:
-230 	    util.print_debug("DSA select hash algorithm: returning null for an unknown length of q");
-231 	    return null;
-232 	    
-233 	}
-234     }
-235     this.select_hash_algorithm = select_hash_algorithm;
-236 	
-237     function verify(hashalgo, s1,s2,m,p,q,g,y) {
-238 	var hashHex = KJUR.crypto.Util.hashString(m, hashalgo.toLowerCase());
-239 	var hashHex = hashHex.substr(0, q.bitLength() / 4);
-240 	var hash = new BigInteger(hashHex, 16);
-241 
-242 	if (BigInteger.ZERO.compareTo(s1) > 0 ||
-243 	    s1.compareTo(q) > 0 ||
-244 	    BigInteger.ZERO.compareTo(s2) > 0 ||
-245 	    s2.compareTo(q) > 0) {
-246 	    util.print_error("invalid DSA Signature");
-247 	    return null;
-248 	}
-249 	var w = s2.modInverse(q);
-250 	var u1 = hash.multiply(w).mod(q);
-251 	var u2 = s1.multiply(w).mod(q);
-252 	var dopublic = g.modPow(u1,p).multiply(y.modPow(u2,p)).mod(p).mod(q);
-253 	return dopublic.compareTo(s1) == 0;
-254     }
-255 	
-256     /*
-257      * unused code. This can be used as a start to write a key generator
-258      * function.
-259      */
-260     function generateKey(bitcount) {
-261 	var qi = new BigInteger(bitcount, primeCenterie);
-262 	var pi = generateP(q, 512);
-263 	var gi = generateG(p, q, bitcount);
-264 	var xi;
-265 	do {
-266 	    xi = new BigInteger(q.bitCount(), rand);
-267 	} while (x.compareTo(BigInteger.ZERO) != 1 && x.compareTo(q) != -1);
-268 	var yi = g.modPow(x, p);
-269 	return {x: xi, q: qi, p: pi, g: gi, y: yi};
-270     }
-271 
-272     function generateP(q, bitlength, randomfn) {
-273 	if (bitlength % 64 != 0) {
-274 	    return false;
-275 	}
-276 	var pTemp;
-277 	var pTemp2;
-278 	do {
-279 	    pTemp = randomfn(bitcount, true);
-280 	    pTemp2 = pTemp.subtract(BigInteger.ONE);
-281 	    pTemp = pTemp.subtract(pTemp2.remainder(q));
-282 	} while (!pTemp.isProbablePrime(primeCenterie) || pTemp.bitLength() != l);
-283 	return pTemp;
-284     }
-285 	
-286     function generateG(p, q, bitlength, randomfn) {
-287 	var aux = p.subtract(BigInteger.ONE);
-288 	var pow = aux.divide(q);
-289 	var gTemp;
-290 	do {
-291 	    gTemp = randomfn(bitlength);
-292 	} while (gTemp.compareTo(aux) != -1 && gTemp.compareTo(BigInteger.ONE) != 1);
-293 	return gTemp.modPow(pow, p);
-294     }
-295 
-296     function generateK(q, bitlength, randomfn) {
-297 	var tempK;
-298 	do {
-299 	    tempK = randomfn(bitlength, false);
-300 	} while (tempK.compareTo(q) != -1 && tempK.compareTo(BigInteger.ZERO) != 1);
-301 	return tempK;
-302     }
-303 
-304     function generateR(q,p) {
-305 	k = generateK(q);
-306 	var r = g.modPow(k, p).mod(q);
-307 	return r;
-308     }
-309 
-310     function generateS(hashfn,k,r,m,q,x) {
-311         var hash = hashfn(m);
-312         s = (k.modInverse(q).multiply(hash.add(x.multiply(r)))).mod(q);
-313 	    return s;
-314     }
-315     this.sign = sign;
-316     this.verify = verify;
-317     // this.generate = generateKey;
-318 
-319     //
-320     // METHODS FROM 
-321     // https://github.com/openpgpjs/openpgpjs/blob/master/src/ciphers/openpgp.crypto.js
-322     //
-323     function getRandomBigIntegerInRange(min, max) {
-324 	if (max.compareTo(min) <= 0)
-325 	    return;
-326 	var range = max.subtract(min);
-327 	var r = getRandomBigInteger(range.bitLength());
-328 	while (r > range) {
-329 	    r = getRandomBigInteger(range.bitLength());
-330 	}
-331 	return min.add(r);
-332     }
-333 
-334     function getRandomBigInteger(bits) {
-335 	if (bits < 0)
-336 	    return null;
-337 	var numBytes = Math.floor((bits+7)/8);
-338 	    
-339 	var randomBits = getRandomBytes(numBytes);
-340 	if (bits % 8 > 0) {
-341 	    randomBits = String.fromCharCode((Math.pow(2,bits % 8)-1) &
-342 					     randomBits.charCodeAt(0)) +
-343 		randomBits.substring(1);
-344 	}
-345 	return new BigInteger(hexstrdump(randomBits), 16);
-346     }
-347 
-348     function getRandomBytes(length) {
-349 	var result = '';
-350 	for (var i = 0; i < length; i++) {
-351 	    result += String.fromCharCode(getSecureRandomOctet());
-352 	}
-353 	return result;
-354     }
-355 
-356     function getSecureRandomOctet() {
-357 	var buf = new Uint32Array(1);
-358 	window.crypto.getRandomValues(buf);
-359 	return buf[0] & 0xFF;
-360     }
-361 
-362     // https://github.com/openpgpjs/openpgpjs/blob/master/src/util/util.js
-363     function hexstrdump(str) {
-364 	if (str == null)
-365 	    return "";
-366 	var r=[];
-367 	var e=str.length;
-368 	var c=0;
-369 	var h;
-370 	while(c<e){
-371 	    h=str[c++].charCodeAt().toString(16);
-372 	    while(h.length<2) h="0"+h;
-373 	    r.push(""+h);
-374 	}
-375 	return r.join('');
-376     }
-377 
-378     this.getRandomBigIntegerInRange = getRandomBigIntegerInRange;
-379     this.getRandomBigInteger = getRandomBigInteger;
-380     this.getRandomBytes = getRandomBytes;
-381 }
-382
\ No newline at end of file diff --git a/api/symbols/src/pkcs5pkey-1.0.js.html b/api/symbols/src/pkcs5pkey-1.0.js.html index 583acaa9..87ba6bae 100644 --- a/api/symbols/src/pkcs5pkey-1.0.js.html +++ b/api/symbols/src/pkcs5pkey-1.0.js.html @@ -124,11 +124,11 @@ 117 }; 118 119 var encryptGeneral = function(f, dataHex, keyHex, ivHex) { -120 var data = CryptoJS.enc.Hex.parse(dataHex); -121 var key = CryptoJS.enc.Hex.parse(keyHex); -122 var iv = CryptoJS.enc.Hex.parse(ivHex); -123 var msg = {}; -124 var encryptedHex = f.encrypt(data, key, { iv: iv }); +120 var data = CryptoJS.enc.Hex.parse(dataHex); +121 var key = CryptoJS.enc.Hex.parse(keyHex); +122 var iv = CryptoJS.enc.Hex.parse(ivHex); +123 var msg = {}; +124 var encryptedHex = f.encrypt(data, key, { iv: iv }); 125 var encryptedWA = CryptoJS.enc.Hex.parse(encryptedHex.toString()); 126 var encryptedB64 = CryptoJS.enc.Base64.stringify(encryptedWA); 127 return encryptedB64; @@ -301,7 +301,7 @@ 294 * @name parsePKCS5PEM 295 * @memberOf PKCS5PKEY 296 * @function -297 * @param {String} sEncryptedPEM PEM formatted protected passcode protected PKCS#5 private key +297 * @param {String} sPKCS5PEM PEM formatted protected passcode protected PKCS#5 private key 298 * @return {Hash} hash of key information 299 * @description 300 * Resulted hash has following attributes. @@ -324,7 +324,7 @@ 317 * @function 318 * @param {String} algName name of symmetric key algorithm (ex. 'DES-EBE3-CBC') 319 * @param {String} passcode passcode to decrypt private key (ex. 'password') -320 * @param {String} hexadecimal string of IV. heading 8 bytes will be used for passcode salt +320 * @param {String} ivsaltHex hexadecimal string of IV. heading 8 bytes will be used for passcode salt 321 * @return {Hash} hash of key and unused IV (ex. {keyhex:2fe3..., ivhex:3fad..}) 322 */ 323 getKeyAndUnusedIvByPasscodeAndIvsalt: function(algName, passcode, ivsaltHex) { @@ -382,7 +382,7 @@ 375 376 /** 377 * get PEM formatted encrypted PKCS#5 private key from hexadecimal string of plain private key -378 * @name getEryptedPKCS5PEMFromPrvKeyHex +378 * @name getEncryptedPKCS5PEMFromPrvKeyHex 379 * @memberOf PKCS5PKEY 380 * @function 381 * @param {String} hPrvKey hexadecimal string of plain private key @@ -402,743 +402,740 @@ 395 * </ul> 396 * @example 397 * var pem = -398 * PKCS5PKEY.getEryptedPKCS5PEMFromPrvKeyHex(plainKeyHex, "password"); +398 * PKCS5PKEY.getEncryptedPKCS5PEMFromPrvKeyHex(plainKeyHex, "password"); 399 * var pem2 = -400 * PKCS5PKEY.getEryptedPKCS5PEMFromPrvKeyHex(plainKeyHex, "password", "AES-128-CBC"); +400 * PKCS5PKEY.getEncryptedPKCS5PEMFromPrvKeyHex(plainKeyHex, "password", "AES-128-CBC"); 401 * var pem3 = -402 * PKCS5PKEY.getEryptedPKCS5PEMFromPrvKeyHex(plainKeyHex, "password", "AES-128-CBC", "1f3d02..."); +402 * PKCS5PKEY.getEncryptedPKCS5PEMFromPrvKeyHex(plainKeyHex, "password", "AES-128-CBC", "1f3d02..."); 403 */ -404 getEryptedPKCS5PEMFromPrvKeyHex: function(hPrvKey, passcode, sharedKeyAlgName, ivsaltHex) { -405 var sPEM = ""; -406 -407 // 1. set sharedKeyAlgName if undefined (default AES-256-CBC) -408 if (typeof sharedKeyAlgName == "undefined" || sharedKeyAlgName == null) { -409 sharedKeyAlgName = "AES-256-CBC"; -410 } -411 if (typeof ALGLIST[sharedKeyAlgName] == "undefined") -412 throw "PKCS5PKEY unsupported algorithm: " + sharedKeyAlgName; -413 -414 // 2. set ivsaltHex if undefined -415 if (typeof ivsaltHex == "undefined" || ivsaltHex == null) { -416 var ivlen = ALGLIST[sharedKeyAlgName]['ivlen']; -417 var randIV = _generateIvSaltHex(ivlen); -418 ivsaltHex = randIV.toUpperCase(); -419 } -420 -421 // 3. get shared key -422 //alert("ivsalthex=" + ivsaltHex); -423 var sharedKeyInfo = _getKeyAndUnusedIvByPasscodeAndIvsalt(sharedKeyAlgName, passcode, ivsaltHex); -424 var sharedKeyHex = sharedKeyInfo.keyhex; -425 // alert("sharedKeyHex = " + sharedKeyHex); -426 -427 // 3. get encrypted Key in Base64 -428 var encryptedKeyB64 = _encryptKeyHex(hPrvKey, sharedKeyAlgName, sharedKeyHex, ivsaltHex); -429 -430 var pemBody = encryptedKeyB64.replace(/(.{64})/g, "$1\r\n"); -431 var sPEM = "-----BEGIN RSA PRIVATE KEY-----\r\n"; -432 sPEM += "Proc-Type: 4,ENCRYPTED\r\n"; -433 sPEM += "DEK-Info: " + sharedKeyAlgName + "," + ivsaltHex + "\r\n"; -434 sPEM += "\r\n"; -435 sPEM += pemBody; -436 sPEM += "\r\n-----END RSA PRIVATE KEY-----\r\n"; -437 -438 return sPEM; -439 }, -440 -441 /** -442 * get PEM formatted encrypted PKCS#5 private key from RSAKey object of private key -443 * @name getEryptedPKCS5PEMFromRSAKey -444 * @memberOf PKCS5PKEY -445 * @function -446 * @param {RSAKey} pKey RSAKey object of private key -447 * @param {String} passcode pass code to protect private key (ex. password) -448 * @param {String} alg algorithm name to protect private key (default AES-256-CBC) -449 * @param {String} ivsaltHex hexadecimal string of IV and salt (default generated random IV) -450 * @return {String} string of PEM formatted encrypted PKCS#5 private key -451 * @since pkcs5pkey 1.0.2 -452 * @description -453 * <br/> -454 * generate PEM formatted encrypted PKCS#5 private key by -455 * {@link RSAKey} object of RSA private key and passcode. -456 * Following argument can be omitted. -457 * <ul> -458 * <li>alg - AES-256-CBC will be used if omitted.</li> -459 * <li>ivsaltHex - automatically generate IV and salt which length depends on algorithm</li> -460 * </ul> -461 * @example -462 * var pkey = new RSAKey(); -463 * pkey.generate(1024, '10001'); // generate 1024bit RSA private key with public exponent 'x010001' -464 * var pem = PKCS5PKEY.getEryptedPKCS5PEMFromRSAKey(pkey, "password"); -465 */ -466 getEryptedPKCS5PEMFromRSAKey: function(pKey, passcode, alg, ivsaltHex) { -467 var version = new KJUR.asn1.DERInteger({'int': 0}); -468 var n = new KJUR.asn1.DERInteger({'bigint': pKey.n}); -469 var e = new KJUR.asn1.DERInteger({'int': pKey.e}); -470 var d = new KJUR.asn1.DERInteger({'bigint': pKey.d}); -471 var p = new KJUR.asn1.DERInteger({'bigint': pKey.p}); -472 var q = new KJUR.asn1.DERInteger({'bigint': pKey.q}); -473 var dmp1 = new KJUR.asn1.DERInteger({'bigint': pKey.dmp1}); -474 var dmq1 = new KJUR.asn1.DERInteger({'bigint': pKey.dmq1}); -475 var coeff = new KJUR.asn1.DERInteger({'bigint': pKey.coeff}); -476 var seq = new KJUR.asn1.DERSequence({'array': [version, n, e, d, p, q, dmp1, dmq1, coeff]}); -477 var hex = seq.getEncodedHex(); -478 return this.getEryptedPKCS5PEMFromPrvKeyHex(hex, passcode, alg, ivsaltHex); -479 }, -480 -481 /** -482 * generate RSAKey and PEM formatted encrypted PKCS#5 private key -483 * @name newEncryptedPKCS5PEM -484 * @memberOf PKCS5PKEY -485 * @function -486 * @param {String} passcode pass code to protect private key (ex. password) -487 * @param {Integer} keyLen key bit length of RSA key to be generated. (default 1024) -488 * @param {String} hPublicExponent hexadecimal string of public exponent (default 10001) -489 * @param {String} alg shared key algorithm to encrypt private key (default AES-258-CBC) -490 * @return {String} string of PEM formatted encrypted PKCS#5 private key -491 * @since pkcs5pkey 1.0.2 -492 * @example -493 * var pem1 = PKCS5PKEY.newEncryptedPKCS5PEM("password"); // RSA1024bit/10001/AES-256-CBC -494 * var pem2 = PKCS5PKEY.newEncryptedPKCS5PEM("password", 512); // RSA 512bit/10001/AES-256-CBC -495 * var pem3 = PKCS5PKEY.newEncryptedPKCS5PEM("password", 512, '3'); // RSA 512bit/ 3/AES-256-CBC -496 */ -497 newEncryptedPKCS5PEM: function(passcode, keyLen, hPublicExponent, alg) { -498 if (typeof keyLen == "undefined" || keyLen == null) { -499 keyLen = 1024; -500 } -501 if (typeof hPublicExponent == "undefined" || hPublicExponent == null) { -502 hPublicExponent = '10001'; -503 } -504 var pKey = new RSAKey(); -505 pKey.generate(keyLen, hPublicExponent); -506 var pem = null; -507 if (typeof alg == "undefined" || alg == null) { -508 pem = this.getEncryptedPKCS5PEMFromRSAKey(pkey, passcode); -509 } else { -510 pem = this.getEncryptedPKCS5PEMFromRSAKey(pkey, passcode, alg); -511 } -512 return pem; -513 }, +404 getEncryptedPKCS5PEMFromPrvKeyHex: function(hPrvKey, passcode, sharedKeyAlgName, ivsaltHex) { +405 // 1. set sharedKeyAlgName if undefined (default AES-256-CBC) +406 if (typeof sharedKeyAlgName == "undefined" || sharedKeyAlgName == null) { +407 sharedKeyAlgName = "AES-256-CBC"; +408 } +409 if (typeof ALGLIST[sharedKeyAlgName] == "undefined") +410 throw "PKCS5PKEY unsupported algorithm: " + sharedKeyAlgName; +411 +412 // 2. set ivsaltHex if undefined +413 if (typeof ivsaltHex == "undefined" || ivsaltHex == null) { +414 var ivlen = ALGLIST[sharedKeyAlgName]['ivlen']; +415 var randIV = _generateIvSaltHex(ivlen); +416 ivsaltHex = randIV.toUpperCase(); +417 } +418 +419 // 3. get shared key +420 //alert("ivsalthex=" + ivsaltHex); +421 var sharedKeyInfo = _getKeyAndUnusedIvByPasscodeAndIvsalt(sharedKeyAlgName, passcode, ivsaltHex); +422 var sharedKeyHex = sharedKeyInfo.keyhex; +423 // alert("sharedKeyHex = " + sharedKeyHex); +424 +425 // 3. get encrypted Key in Base64 +426 var encryptedKeyB64 = _encryptKeyHex(hPrvKey, sharedKeyAlgName, sharedKeyHex, ivsaltHex); +427 +428 var pemBody = encryptedKeyB64.replace(/(.{64})/g, "$1\r\n"); +429 var sPEM = "-----BEGIN RSA PRIVATE KEY-----\r\n"; +430 sPEM += "Proc-Type: 4,ENCRYPTED\r\n"; +431 sPEM += "DEK-Info: " + sharedKeyAlgName + "," + ivsaltHex + "\r\n"; +432 sPEM += "\r\n"; +433 sPEM += pemBody; +434 sPEM += "\r\n-----END RSA PRIVATE KEY-----\r\n"; +435 +436 return sPEM; +437 }, +438 +439 /** +440 * get PEM formatted encrypted PKCS#5 private key from RSAKey object of private key +441 * @name getEncryptedPKCS5PEMFromRSAKey +442 * @memberOf PKCS5PKEY +443 * @function +444 * @param {RSAKey} pKey RSAKey object of private key +445 * @param {String} passcode pass code to protect private key (ex. password) +446 * @param {String} alg algorithm name to protect private key (default AES-256-CBC) +447 * @param {String} ivsaltHex hexadecimal string of IV and salt (default generated random IV) +448 * @return {String} string of PEM formatted encrypted PKCS#5 private key +449 * @since pkcs5pkey 1.0.2 +450 * @description +451 * <br/> +452 * generate PEM formatted encrypted PKCS#5 private key by +453 * {@link RSAKey} object of RSA private key and passcode. +454 * Following argument can be omitted. +455 * <ul> +456 * <li>alg - AES-256-CBC will be used if omitted.</li> +457 * <li>ivsaltHex - automatically generate IV and salt which length depends on algorithm</li> +458 * </ul> +459 * @example +460 * var pkey = new RSAKey(); +461 * pkey.generate(1024, '10001'); // generate 1024bit RSA private key with public exponent 'x010001' +462 * var pem = PKCS5PKEY.getEncryptedPKCS5PEMFromRSAKey(pkey, "password"); +463 */ +464 getEncryptedPKCS5PEMFromRSAKey: function(pKey, passcode, alg, ivsaltHex) { +465 var version = new KJUR.asn1.DERInteger({'int': 0}); +466 var n = new KJUR.asn1.DERInteger({'bigint': pKey.n}); +467 var e = new KJUR.asn1.DERInteger({'int': pKey.e}); +468 var d = new KJUR.asn1.DERInteger({'bigint': pKey.d}); +469 var p = new KJUR.asn1.DERInteger({'bigint': pKey.p}); +470 var q = new KJUR.asn1.DERInteger({'bigint': pKey.q}); +471 var dmp1 = new KJUR.asn1.DERInteger({'bigint': pKey.dmp1}); +472 var dmq1 = new KJUR.asn1.DERInteger({'bigint': pKey.dmq1}); +473 var coeff = new KJUR.asn1.DERInteger({'bigint': pKey.coeff}); +474 var seq = new KJUR.asn1.DERSequence({'array': [version, n, e, d, p, q, dmp1, dmq1, coeff]}); +475 var hex = seq.getEncodedHex(); +476 return this.getEncryptedPKCS5PEMFromPrvKeyHex(hex, passcode, alg, ivsaltHex); +477 }, +478 +479 /** +480 * generate RSAKey and PEM formatted encrypted PKCS#5 private key +481 * @name newEncryptedPKCS5PEM +482 * @memberOf PKCS5PKEY +483 * @function +484 * @param {String} passcode pass code to protect private key (ex. password) +485 * @param {Integer} keyLen key bit length of RSA key to be generated. (default 1024) +486 * @param {String} hPublicExponent hexadecimal string of public exponent (default 10001) +487 * @param {String} alg shared key algorithm to encrypt private key (default AES-256-CBC) +488 * @return {String} string of PEM formatted encrypted PKCS#5 private key +489 * @since pkcs5pkey 1.0.2 +490 * @example +491 * var pem1 = PKCS5PKEY.newEncryptedPKCS5PEM("password"); // RSA1024bit/10001/AES-256-CBC +492 * var pem2 = PKCS5PKEY.newEncryptedPKCS5PEM("password", 512); // RSA 512bit/10001/AES-256-CBC +493 * var pem3 = PKCS5PKEY.newEncryptedPKCS5PEM("password", 512, '3'); // RSA 512bit/ 3/AES-256-CBC +494 */ +495 newEncryptedPKCS5PEM: function(passcode, keyLen, hPublicExponent, alg) { +496 if (typeof keyLen == "undefined" || keyLen == null) { +497 keyLen = 1024; +498 } +499 if (typeof hPublicExponent == "undefined" || hPublicExponent == null) { +500 hPublicExponent = '10001'; +501 } +502 var pKey = new RSAKey(); +503 pKey.generate(keyLen, hPublicExponent); +504 var pem = null; +505 if (typeof alg == "undefined" || alg == null) { +506 pem = this.getEncryptedPKCS5PEMFromRSAKey(pkey, passcode); +507 } else { +508 pem = this.getEncryptedPKCS5PEMFromRSAKey(pkey, passcode, alg); +509 } +510 return pem; +511 }, +512 +513 // === PKCS8 =============================================================== 514 -515 // === PKCS8 =============================================================== -516 -517 /** -518 * read PEM formatted unencrypted PKCS#8 private key and returns RSAKey object -519 * @name getRSAKeyFromPlainPKCS8PEM -520 * @memberOf PKCS5PKEY -521 * @function -522 * @param {String} pkcs8PEM PEM formatted unencrypted PKCS#8 private key -523 * @return {RSAKey} loaded RSAKey object of RSA private key -524 * @since pkcs5pkey 1.0.1 -525 */ -526 getRSAKeyFromPlainPKCS8PEM: function(pkcs8PEM) { -527 if (pkcs8PEM.match(/ENCRYPTED/)) -528 throw "pem shall be not ENCRYPTED"; -529 var prvKeyHex = this.getHexFromPEM(pkcs8PEM, "PRIVATE KEY"); -530 var rsaKey = this.getRSAKeyFromPlainPKCS8Hex(prvKeyHex); -531 return rsaKey; -532 }, -533 -534 /** -535 * provide hexadecimal string of unencrypted PKCS#8 private key and returns RSAKey object -536 * @name getRSAKeyFromPlainPKCS8Hex -537 * @memberOf PKCS5PKEY -538 * @function -539 * @param {String} prvKeyHex hexadecimal string of unencrypted PKCS#8 private key -540 * @return {RSAKey} loaded RSAKey object of RSA private key -541 * @since pkcs5pkey 1.0.3 -542 */ -543 getRSAKeyFromPlainPKCS8Hex: function(prvKeyHex) { -544 var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(prvKeyHex, 0); -545 if (a1.length != 3) -546 throw "outer DERSequence shall have 3 elements: " + a1.length; -547 var algIdTLV =ASN1HEX.getHexOfTLV_AtObj(prvKeyHex, a1[1]); -548 if (algIdTLV != "300d06092a864886f70d0101010500") // AlgId rsaEncryption -549 throw "PKCS8 AlgorithmIdentifier is not rsaEnc: " + algIdTLV; -550 var algIdTLV = ASN1HEX.getHexOfTLV_AtObj(prvKeyHex, a1[1]); -551 var octetStr = ASN1HEX.getHexOfTLV_AtObj(prvKeyHex, a1[2]); -552 var p5KeyHex = ASN1HEX.getHexOfV_AtObj(octetStr, 0); -553 //alert(p5KeyHex); -554 var rsaKey = new RSAKey(); -555 rsaKey.readPrivateKeyFromASN1HexString(p5KeyHex); -556 return rsaKey; -557 }, -558 -559 /** -560 * generate PBKDF2 key hexstring with specified passcode and information -561 * @name parseHexOfEncryptedPKCS8 -562 * @memberOf PKCS5PKEY -563 * @function -564 * @param {String} passcode passcode to decrypto private key -565 * @return {Array} info associative array of PKCS#8 parameters -566 * @since pkcs5pkey 1.0.3 -567 * @description -568 * The associative array which is returned by this method has following properties: -569 * <ul> -570 * <li>info.pbkdf2Salt - hexadecimal string of PBKDF2 salt</li> -571 * <li>info.pkbdf2Iter - iteration count</li> -572 * <li>info.ciphertext - hexadecimal string of encrypted private key</li> -573 * <li>info.encryptionSchemeAlg - encryption algorithm name (currently TripleDES only)</li> -574 * <li>info.encryptionSchemeIV - initial vector for encryption algorithm</li> -575 * </ul> -576 * Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES. -577 * <ul> -578 * <li>keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1</li> -579 * <li>encryptionScheme = des-EDE3-CBC(i.e. TripleDES</li> -580 * </ul> -581 * @example -582 * // to convert plain PKCS#5 private key to encrypted PKCS#8 private -583 * // key with PBKDF2 with TripleDES -584 * % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem -585 */ -586 parseHexOfEncryptedPKCS8: function(sHEX) { -587 var info = {}; -588 -589 var a0 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, 0); -590 if (a0.length != 2) -591 throw "malformed format: SEQUENCE(0).items != 2: " + a0.length; +515 /** +516 * read PEM formatted unencrypted PKCS#8 private key and returns RSAKey object +517 * @name getRSAKeyFromPlainPKCS8PEM +518 * @memberOf PKCS5PKEY +519 * @function +520 * @param {String} pkcs8PEM PEM formatted unencrypted PKCS#8 private key +521 * @return {RSAKey} loaded RSAKey object of RSA private key +522 * @since pkcs5pkey 1.0.1 +523 */ +524 getRSAKeyFromPlainPKCS8PEM: function(pkcs8PEM) { +525 if (pkcs8PEM.match(/ENCRYPTED/)) +526 throw "pem shall be not ENCRYPTED"; +527 var prvKeyHex = this.getHexFromPEM(pkcs8PEM, "PRIVATE KEY"); +528 var rsaKey = this.getRSAKeyFromPlainPKCS8Hex(prvKeyHex); +529 return rsaKey; +530 }, +531 +532 /** +533 * provide hexadecimal string of unencrypted PKCS#8 private key and returns RSAKey object +534 * @name getRSAKeyFromPlainPKCS8Hex +535 * @memberOf PKCS5PKEY +536 * @function +537 * @param {String} prvKeyHex hexadecimal string of unencrypted PKCS#8 private key +538 * @return {RSAKey} loaded RSAKey object of RSA private key +539 * @since pkcs5pkey 1.0.3 +540 */ +541 getRSAKeyFromPlainPKCS8Hex: function(prvKeyHex) { +542 var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(prvKeyHex, 0); +543 if (a1.length != 3) +544 throw "outer DERSequence shall have 3 elements: " + a1.length; +545 var algIdTLV =ASN1HEX.getHexOfTLV_AtObj(prvKeyHex, a1[1]); +546 if (algIdTLV != "300d06092a864886f70d0101010500") // AlgId rsaEncryption +547 throw "PKCS8 AlgorithmIdentifier is not rsaEnc: " + algIdTLV; +548 var octetStr = ASN1HEX.getHexOfTLV_AtObj(prvKeyHex, a1[2]); +549 var p5KeyHex = ASN1HEX.getHexOfV_AtObj(octetStr, 0); +550 //alert(p5KeyHex); +551 var rsaKey = new RSAKey(); +552 rsaKey.readPrivateKeyFromASN1HexString(p5KeyHex); +553 return rsaKey; +554 }, +555 +556 /** +557 * generate PBKDF2 key hexstring with specified passcode and information +558 * @name parseHexOfEncryptedPKCS8 +559 * @memberOf PKCS5PKEY +560 * @function +561 * @param {String} sHEX passcode to decrypto private key +562 * @return {Array} info associative array of PKCS#8 parameters +563 * @since pkcs5pkey 1.0.3 +564 * @description +565 * The associative array which is returned by this method has following properties: +566 * <ul> +567 * <li>info.pbkdf2Salt - hexadecimal string of PBKDF2 salt</li> +568 * <li>info.pkbdf2Iter - iteration count</li> +569 * <li>info.ciphertext - hexadecimal string of encrypted private key</li> +570 * <li>info.encryptionSchemeAlg - encryption algorithm name (currently TripleDES only)</li> +571 * <li>info.encryptionSchemeIV - initial vector for encryption algorithm</li> +572 * </ul> +573 * Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES. +574 * <ul> +575 * <li>keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1</li> +576 * <li>encryptionScheme = des-EDE3-CBC(i.e. TripleDES</li> +577 * </ul> +578 * @example +579 * // to convert plain PKCS#5 private key to encrypted PKCS#8 private +580 * // key with PBKDF2 with TripleDES +581 * % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem +582 */ +583 parseHexOfEncryptedPKCS8: function(sHEX) { +584 var info = {}; +585 +586 var a0 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, 0); +587 if (a0.length != 2) +588 throw "malformed format: SEQUENCE(0).items != 2: " + a0.length; +589 +590 // 1. ciphertext +591 info.ciphertext = ASN1HEX.getHexOfV_AtObj(sHEX, a0[1]); 592 -593 // 1. ciphertext -594 info.ciphertext = ASN1HEX.getHexOfV_AtObj(sHEX, a0[1]); -595 -596 // 2. pkcs5PBES2 -597 var a0_0 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0[0]); -598 if (a0_0.length != 2) -599 throw "malformed format: SEQUENCE(0.0).items != 2: " + a0_0.length; -600 -601 // 2.1 check if pkcs5PBES2(1 2 840 113549 1 5 13) -602 if (ASN1HEX.getHexOfV_AtObj(sHEX, a0_0[0]) != "2a864886f70d01050d") -603 throw "this only supports pkcs5PBES2"; -604 -605 // 2.2 pkcs5PBES2 param -606 var a0_0_1 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0_0[1]); -607 if (a0_0.length != 2) -608 throw "malformed format: SEQUENCE(0.0.1).items != 2: " + a0_0_1.length; -609 -610 // 2.2.1 encryptionScheme -611 var a0_0_1_1 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0_0_1[1]); -612 if (a0_0_1_1.length != 2) -613 throw "malformed format: SEQUENCE(0.0.1.1).items != 2: " + a0_0_1_1.length; -614 if (ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_1[0]) != "2a864886f70d0307") -615 throw "this only supports TripleDES"; -616 info.encryptionSchemeAlg = "TripleDES"; +593 // 2. pkcs5PBES2 +594 var a0_0 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0[0]); +595 if (a0_0.length != 2) +596 throw "malformed format: SEQUENCE(0.0).items != 2: " + a0_0.length; +597 +598 // 2.1 check if pkcs5PBES2(1 2 840 113549 1 5 13) +599 if (ASN1HEX.getHexOfV_AtObj(sHEX, a0_0[0]) != "2a864886f70d01050d") +600 throw "this only supports pkcs5PBES2"; +601 +602 // 2.2 pkcs5PBES2 param +603 var a0_0_1 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0_0[1]); +604 if (a0_0.length != 2) +605 throw "malformed format: SEQUENCE(0.0.1).items != 2: " + a0_0_1.length; +606 +607 // 2.2.1 encryptionScheme +608 var a0_0_1_1 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0_0_1[1]); +609 if (a0_0_1_1.length != 2) +610 throw "malformed format: SEQUENCE(0.0.1.1).items != 2: " + a0_0_1_1.length; +611 if (ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_1[0]) != "2a864886f70d0307") +612 throw "this only supports TripleDES"; +613 info.encryptionSchemeAlg = "TripleDES"; +614 +615 // 2.2.1.1 IV of encryptionScheme +616 info.encryptionSchemeIV = ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_1[1]); 617 -618 // 2.2.1.1 IV of encryptionScheme -619 info.encryptionSchemeIV = ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_1[1]); -620 -621 // 2.2.2 keyDerivationFunc -622 var a0_0_1_0 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0_0_1[0]); -623 if (a0_0_1_0.length != 2) -624 throw "malformed format: SEQUENCE(0.0.1.0).items != 2: " + a0_0_1_0.length; -625 if (ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_0[0]) != "2a864886f70d01050c") -626 throw "this only supports pkcs5PBKDF2"; -627 -628 // 2.2.2.1 pkcs5PBKDF2 param -629 var a0_0_1_0_1 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0_0_1_0[1]); -630 if (a0_0_1_0_1.length < 2) -631 throw "malformed format: SEQUENCE(0.0.1.0.1).items < 2: " + a0_0_1_0_1.length; +618 // 2.2.2 keyDerivationFunc +619 var a0_0_1_0 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0_0_1[0]); +620 if (a0_0_1_0.length != 2) +621 throw "malformed format: SEQUENCE(0.0.1.0).items != 2: " + a0_0_1_0.length; +622 if (ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_0[0]) != "2a864886f70d01050c") +623 throw "this only supports pkcs5PBKDF2"; +624 +625 // 2.2.2.1 pkcs5PBKDF2 param +626 var a0_0_1_0_1 = ASN1HEX.getPosArrayOfChildren_AtObj(sHEX, a0_0_1_0[1]); +627 if (a0_0_1_0_1.length < 2) +628 throw "malformed format: SEQUENCE(0.0.1.0.1).items < 2: " + a0_0_1_0_1.length; +629 +630 // 2.2.2.1.1 PBKDF2 salt +631 info.pbkdf2Salt = ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_0_1[0]); 632 -633 // 2.2.2.1.1 PBKDF2 salt -634 info.pbkdf2Salt = ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_0_1[0]); -635 -636 // 2.2.2.1.2 PBKDF2 iter -637 var iterNumHex = ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_0_1[1]); -638 try { -639 info.pbkdf2Iter = parseInt(iterNumHex, 16); -640 } catch(ex) { -641 throw "malformed format pbkdf2Iter: " + iterNumHex; -642 } +633 // 2.2.2.1.2 PBKDF2 iter +634 var iterNumHex = ASN1HEX.getHexOfV_AtObj(sHEX, a0_0_1_0_1[1]); +635 try { +636 info.pbkdf2Iter = parseInt(iterNumHex, 16); +637 } catch(ex) { +638 throw "malformed format pbkdf2Iter: " + iterNumHex; +639 } +640 +641 return info; +642 }, 643 -644 return info; -645 }, -646 -647 /** -648 * generate PBKDF2 key hexstring with specified passcode and information -649 * @name getPBKDF2KeyHexFromParam -650 * @memberOf PKCS5PKEY -651 * @function -652 * @param {Array} info result of {@link parseHexOfEncryptedPKCS8} which has preference of PKCS#8 file -653 * @param {String} passcode passcode to decrypto private key -654 * @return {String} hexadecimal string of PBKDF2 key -655 * @since pkcs5pkey 1.0.3 -656 * @description -657 * As for info, this uses following properties: -658 * <ul> -659 * <li>info.pbkdf2Salt - hexadecimal string of PBKDF2 salt</li> -660 * <li>info.pkbdf2Iter - iteration count</li> -661 * </ul> -662 * Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES. -663 * <ul> -664 * <li>keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1</li> -665 * <li>encryptionScheme = des-EDE3-CBC(i.e. TripleDES</li> -666 * </ul> -667 * @example -668 * // to convert plain PKCS#5 private key to encrypted PKCS#8 private -669 * // key with PBKDF2 with TripleDES -670 * % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem -671 */ -672 getPBKDF2KeyHexFromParam: function(info, passcode) { -673 var pbkdf2SaltWS = CryptoJS.enc.Hex.parse(info.pbkdf2Salt); -674 var pbkdf2Iter = info.pbkdf2Iter; -675 var pbkdf2KeyWS = CryptoJS.PBKDF2(passcode, -676 pbkdf2SaltWS, -677 { keySize: 192/32, iterations: pbkdf2Iter }); -678 var pbkdf2KeyHex = CryptoJS.enc.Hex.stringify(pbkdf2KeyWS); -679 return pbkdf2KeyHex; -680 }, -681 -682 /** -683 * read PEM formatted encrypted PKCS#8 private key and returns hexadecimal string of plain PKCS#8 private key -684 * @name getPlainPKCS8HexFromEncryptedPKCS8PEM -685 * @memberOf PKCS5PKEY -686 * @function -687 * @param {String} pkcs8PEM PEM formatted encrypted PKCS#8 private key -688 * @param {String} passcode passcode to decrypto private key -689 * @return {String} hexadecimal string of plain PKCS#8 private key -690 * @since pkcs5pkey 1.0.3 -691 * @description -692 * Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES. -693 * <ul> -694 * <li>keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1</li> -695 * <li>encryptionScheme = des-EDE3-CBC(i.e. TripleDES</li> -696 * </ul> -697 * @example -698 * // to convert plain PKCS#5 private key to encrypted PKCS#8 private -699 * // key with PBKDF2 with TripleDES -700 * % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem -701 */ -702 getPlainPKCS8HexFromEncryptedPKCS8PEM: function(pkcs8PEM, passcode) { -703 // 1. derHex - PKCS#8 private key encrypted by PBKDF2 -704 var derHex = this.getHexFromPEM(pkcs8PEM, "ENCRYPTED PRIVATE KEY"); -705 // 2. info - PKCS#5 PBES info -706 var info = this.parseHexOfEncryptedPKCS8(derHex); -707 // 3. hKey - PBKDF2 key -708 var pbkdf2KeyHex = PKCS5PKEY.getPBKDF2KeyHexFromParam(info, passcode); -709 // 4. decrypt ciphertext by PBKDF2 key -710 var encrypted = {}; -711 encrypted.ciphertext = CryptoJS.enc.Hex.parse(info.ciphertext); -712 var pbkdf2KeyWS = CryptoJS.enc.Hex.parse(pbkdf2KeyHex); -713 var des3IVWS = CryptoJS.enc.Hex.parse(info.encryptionSchemeIV); -714 var decWS = CryptoJS.TripleDES.decrypt(encrypted, pbkdf2KeyWS, { iv: des3IVWS }); -715 var decHex = CryptoJS.enc.Hex.stringify(decWS); -716 return decHex; -717 }, -718 -719 /** -720 * read PEM formatted encrypted PKCS#8 private key and returns RSAKey object -721 * @name getRSAKeyFromEncryptedPKCS8PEM -722 * @memberOf PKCS5PKEY -723 * @function -724 * @param {String} pkcs8PEM PEM formatted encrypted PKCS#8 private key -725 * @param {String} passcode passcode to decrypto private key -726 * @return {RSAKey} loaded RSAKey object of RSA private key -727 * @since pkcs5pkey 1.0.3 -728 * @description -729 * Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES. -730 * <ul> -731 * <li>keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1</li> -732 * <li>encryptionScheme = des-EDE3-CBC(i.e. TripleDES</li> -733 * </ul> -734 * @example -735 * // to convert plain PKCS#5 private key to encrypted PKCS#8 private -736 * // key with PBKDF2 with TripleDES -737 * % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem -738 */ -739 getRSAKeyFromEncryptedPKCS8PEM: function(pkcs8PEM, passcode) { -740 var prvKeyHex = this.getPlainPKCS8HexFromEncryptedPKCS8PEM(pkcs8PEM, passcode); -741 var rsaKey = this.getRSAKeyFromPlainPKCS8Hex(prvKeyHex); -742 return rsaKey; -743 }, -744 -745 /** -746 * get RSAKey/ECDSA private key object from encrypted PEM PKCS#8 private key -747 * @name getKeyFromEncryptedPKCS8PEM -748 * @memberOf PKCS5PKEY -749 * @function -750 * @param {String} pkcs8PEM string of PEM formatted PKCS#8 private key -751 * @param {String} passcode passcode string to decrypt key -752 * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object -753 * @since pkcs5pkey 1.0.5 -754 */ -755 getKeyFromEncryptedPKCS8PEM: function(pkcs8PEM, passcode) { -756 var prvKeyHex = this.getPlainPKCS8HexFromEncryptedPKCS8PEM(pkcs8PEM, passcode); -757 var key = this.getKeyFromPlainPrivatePKCS8Hex(prvKeyHex); -758 return key; -759 }, -760 -761 /** -762 * parse hexadecimal string of plain PKCS#8 private key -763 * @name parsePlainPrivatePKCS8Hex -764 * @memberOf PKCS5PKEY -765 * @function -766 * @param {String} pkcs8PrvHex hexadecimal string of PKCS#8 plain private key -767 * @return {Array} associative array of parsed key -768 * @since pkcs5pkey 1.0.5 -769 * @description -770 * Resulted associative array has following properties: -771 * <ul> -772 * <li>algoid - hexadecimal string of OID of asymmetric key algorithm</li> -773 * <li>algparam - hexadecimal string of OID of ECC curve name or null</li> -774 * <li>keyidx - string starting index of key in pkcs8PrvHex</li> -775 * </ul> -776 */ -777 parsePlainPrivatePKCS8Hex: function(pkcs8PrvHex) { -778 var result = {}; -779 result.algparam = null; -780 -781 // 1. sequence -782 if (pkcs8PrvHex.substr(0, 2) != "30") -783 throw "malformed plain PKCS8 private key(code:001)"; // not sequence -784 -785 var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PrvHex, 0); -786 if (a1.length != 3) -787 throw "malformed plain PKCS8 private key(code:002)"; -788 -789 // 2. AlgID -790 if (pkcs8PrvHex.substr(a1[1], 2) != "30") -791 throw "malformed PKCS8 private key(code:003)"; // AlgId not sequence -792 -793 var a2 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PrvHex, a1[1]); -794 if (a2.length != 2) -795 throw "malformed PKCS8 private key(code:004)"; // AlgId not have two elements -796 -797 // 2.1. AlgID OID -798 if (pkcs8PrvHex.substr(a2[0], 2) != "06") -799 throw "malformed PKCS8 private key(code:005)"; // AlgId.oid is not OID -800 -801 result.algoid = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a2[0]); -802 -803 // 2.2. AlgID param -804 if (pkcs8PrvHex.substr(a2[1], 2) == "06") { -805 result.algparam = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a2[1]); -806 } -807 -808 // 3. Key index -809 if (pkcs8PrvHex.substr(a1[2], 2) != "04") -810 throw "malformed PKCS8 private key(code:006)"; // not octet string -811 -812 result.keyidx = ASN1HEX.getStartPosOfV_AtObj(pkcs8PrvHex, a1[2]); +644 /** +645 * generate PBKDF2 key hexstring with specified passcode and information +646 * @name getPBKDF2KeyHexFromParam +647 * @memberOf PKCS5PKEY +648 * @function +649 * @param {Array} info result of {@link parseHexOfEncryptedPKCS8} which has preference of PKCS#8 file +650 * @param {String} passcode passcode to decrypto private key +651 * @return {String} hexadecimal string of PBKDF2 key +652 * @since pkcs5pkey 1.0.3 +653 * @description +654 * As for info, this uses following properties: +655 * <ul> +656 * <li>info.pbkdf2Salt - hexadecimal string of PBKDF2 salt</li> +657 * <li>info.pkbdf2Iter - iteration count</li> +658 * </ul> +659 * Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES. +660 * <ul> +661 * <li>keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1</li> +662 * <li>encryptionScheme = des-EDE3-CBC(i.e. TripleDES</li> +663 * </ul> +664 * @example +665 * // to convert plain PKCS#5 private key to encrypted PKCS#8 private +666 * // key with PBKDF2 with TripleDES +667 * % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem +668 */ +669 getPBKDF2KeyHexFromParam: function(info, passcode) { +670 var pbkdf2SaltWS = CryptoJS.enc.Hex.parse(info.pbkdf2Salt); +671 var pbkdf2Iter = info.pbkdf2Iter; +672 var pbkdf2KeyWS = CryptoJS.PBKDF2(passcode, +673 pbkdf2SaltWS, +674 { keySize: 192/32, iterations: pbkdf2Iter }); +675 var pbkdf2KeyHex = CryptoJS.enc.Hex.stringify(pbkdf2KeyWS); +676 return pbkdf2KeyHex; +677 }, +678 +679 /** +680 * read PEM formatted encrypted PKCS#8 private key and returns hexadecimal string of plain PKCS#8 private key +681 * @name getPlainPKCS8HexFromEncryptedPKCS8PEM +682 * @memberOf PKCS5PKEY +683 * @function +684 * @param {String} pkcs8PEM PEM formatted encrypted PKCS#8 private key +685 * @param {String} passcode passcode to decrypto private key +686 * @return {String} hexadecimal string of plain PKCS#8 private key +687 * @since pkcs5pkey 1.0.3 +688 * @description +689 * Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES. +690 * <ul> +691 * <li>keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1</li> +692 * <li>encryptionScheme = des-EDE3-CBC(i.e. TripleDES</li> +693 * </ul> +694 * @example +695 * // to convert plain PKCS#5 private key to encrypted PKCS#8 private +696 * // key with PBKDF2 with TripleDES +697 * % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem +698 */ +699 getPlainPKCS8HexFromEncryptedPKCS8PEM: function(pkcs8PEM, passcode) { +700 // 1. derHex - PKCS#8 private key encrypted by PBKDF2 +701 var derHex = this.getHexFromPEM(pkcs8PEM, "ENCRYPTED PRIVATE KEY"); +702 // 2. info - PKCS#5 PBES info +703 var info = this.parseHexOfEncryptedPKCS8(derHex); +704 // 3. hKey - PBKDF2 key +705 var pbkdf2KeyHex = PKCS5PKEY.getPBKDF2KeyHexFromParam(info, passcode); +706 // 4. decrypt ciphertext by PBKDF2 key +707 var encrypted = {}; +708 encrypted.ciphertext = CryptoJS.enc.Hex.parse(info.ciphertext); +709 var pbkdf2KeyWS = CryptoJS.enc.Hex.parse(pbkdf2KeyHex); +710 var des3IVWS = CryptoJS.enc.Hex.parse(info.encryptionSchemeIV); +711 var decWS = CryptoJS.TripleDES.decrypt(encrypted, pbkdf2KeyWS, { iv: des3IVWS }); +712 var decHex = CryptoJS.enc.Hex.stringify(decWS); +713 return decHex; +714 }, +715 +716 /** +717 * read PEM formatted encrypted PKCS#8 private key and returns RSAKey object +718 * @name getRSAKeyFromEncryptedPKCS8PEM +719 * @memberOf PKCS5PKEY +720 * @function +721 * @param {String} pkcs8PEM PEM formatted encrypted PKCS#8 private key +722 * @param {String} passcode passcode to decrypto private key +723 * @return {RSAKey} loaded RSAKey object of RSA private key +724 * @since pkcs5pkey 1.0.3 +725 * @description +726 * Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES. +727 * <ul> +728 * <li>keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1</li> +729 * <li>encryptionScheme = des-EDE3-CBC(i.e. TripleDES</li> +730 * </ul> +731 * @example +732 * // to convert plain PKCS#5 private key to encrypted PKCS#8 private +733 * // key with PBKDF2 with TripleDES +734 * % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem +735 */ +736 getRSAKeyFromEncryptedPKCS8PEM: function(pkcs8PEM, passcode) { +737 var prvKeyHex = this.getPlainPKCS8HexFromEncryptedPKCS8PEM(pkcs8PEM, passcode); +738 var rsaKey = this.getRSAKeyFromPlainPKCS8Hex(prvKeyHex); +739 return rsaKey; +740 }, +741 +742 /** +743 * get RSAKey/ECDSA private key object from encrypted PEM PKCS#8 private key +744 * @name getKeyFromEncryptedPKCS8PEM +745 * @memberOf PKCS5PKEY +746 * @function +747 * @param {String} pkcs8PEM string of PEM formatted PKCS#8 private key +748 * @param {String} passcode passcode string to decrypt key +749 * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object +750 * @since pkcs5pkey 1.0.5 +751 */ +752 getKeyFromEncryptedPKCS8PEM: function(pkcs8PEM, passcode) { +753 var prvKeyHex = this.getPlainPKCS8HexFromEncryptedPKCS8PEM(pkcs8PEM, passcode); +754 var key = this.getKeyFromPlainPrivatePKCS8Hex(prvKeyHex); +755 return key; +756 }, +757 +758 /** +759 * parse hexadecimal string of plain PKCS#8 private key +760 * @name parsePlainPrivatePKCS8Hex +761 * @memberOf PKCS5PKEY +762 * @function +763 * @param {String} pkcs8PrvHex hexadecimal string of PKCS#8 plain private key +764 * @return {Array} associative array of parsed key +765 * @since pkcs5pkey 1.0.5 +766 * @description +767 * Resulted associative array has following properties: +768 * <ul> +769 * <li>algoid - hexadecimal string of OID of asymmetric key algorithm</li> +770 * <li>algparam - hexadecimal string of OID of ECC curve name or null</li> +771 * <li>keyidx - string starting index of key in pkcs8PrvHex</li> +772 * </ul> +773 */ +774 parsePlainPrivatePKCS8Hex: function(pkcs8PrvHex) { +775 var result = {}; +776 result.algparam = null; +777 +778 // 1. sequence +779 if (pkcs8PrvHex.substr(0, 2) != "30") +780 throw "malformed plain PKCS8 private key(code:001)"; // not sequence +781 +782 var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PrvHex, 0); +783 if (a1.length != 3) +784 throw "malformed plain PKCS8 private key(code:002)"; +785 +786 // 2. AlgID +787 if (pkcs8PrvHex.substr(a1[1], 2) != "30") +788 throw "malformed PKCS8 private key(code:003)"; // AlgId not sequence +789 +790 var a2 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PrvHex, a1[1]); +791 if (a2.length != 2) +792 throw "malformed PKCS8 private key(code:004)"; // AlgId not have two elements +793 +794 // 2.1. AlgID OID +795 if (pkcs8PrvHex.substr(a2[0], 2) != "06") +796 throw "malformed PKCS8 private key(code:005)"; // AlgId.oid is not OID +797 +798 result.algoid = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a2[0]); +799 +800 // 2.2. AlgID param +801 if (pkcs8PrvHex.substr(a2[1], 2) == "06") { +802 result.algparam = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a2[1]); +803 } +804 +805 // 3. Key index +806 if (pkcs8PrvHex.substr(a1[2], 2) != "04") +807 throw "malformed PKCS8 private key(code:006)"; // not octet string +808 +809 result.keyidx = ASN1HEX.getStartPosOfV_AtObj(pkcs8PrvHex, a1[2]); +810 +811 return result; +812 }, 813 -814 return result; -815 }, -816 -817 /** -818 * get RSAKey/ECDSA private key object from PEM plain PEM PKCS#8 private key -819 * @name getKeyFromPlainPrivatePKCS8PEM -820 * @memberOf PKCS5PKEY -821 * @function -822 * @param {String} pkcs8PEM string of plain PEM formatted PKCS#8 private key -823 * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object -824 * @since pkcs5pkey 1.0.5 -825 */ -826 getKeyFromPlainPrivatePKCS8PEM: function(prvKeyPEM) { -827 var prvKeyHex = this.getHexFromPEM(prvKeyPEM, "PRIVATE KEY"); -828 var key = this.getKeyFromPlainPrivatePKCS8Hex(prvKeyHex); -829 return key; -830 }, -831 -832 /** -833 * get RSAKey/ECDSA private key object from HEX plain PEM PKCS#8 private key -834 * @name getKeyFromPlainPrivatePKCS8Hex -835 * @memberOf PKCS5PKEY -836 * @function -837 * @param {String} prvKeyHex hexadecimal string of plain PKCS#8 private key -838 * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object -839 * @since pkcs5pkey 1.0.5 -840 */ -841 getKeyFromPlainPrivatePKCS8Hex: function(prvKeyHex) { -842 var p8 = this.parsePlainPrivatePKCS8Hex(prvKeyHex); -843 -844 if (p8.algoid == "2a864886f70d010101") { // RSA -845 this.parsePrivateRawRSAKeyHexAtObj(prvKeyHex, p8); -846 var k = p8.key; -847 var key = new RSAKey(); -848 key.setPrivateEx(k.n, k.e, k.d, k.p, k.q, k.dp, k.dq, k.co); -849 return key; -850 } else if (p8.algoid == "2a8648ce3d0201") { // ECC -851 this.parsePrivateRawECKeyHexAtObj(prvKeyHex, p8); -852 if (KJUR.crypto.OID.oidhex2name[p8.algparam] === undefined) -853 throw "KJUR.crypto.OID.oidhex2name undefined: " + p8.algparam; -854 var curveName = KJUR.crypto.OID.oidhex2name[p8.algparam]; -855 var key = new KJUR.crypto.ECDSA({'curve': curveName, 'prv': p8.key}); -856 return key; -857 } else { -858 throw "unsupported private key algorithm"; -859 } -860 }, -861 -862 // === PKCS8 RSA Public Key ================================================ -863 /** -864 * read PEM formatted PKCS#8 public key and returns RSAKey object -865 * @name getRSAKeyFromPublicPKCS8PEM -866 * @memberOf PKCS5PKEY -867 * @function -868 * @param {String} pkcs8PubPEM PEM formatted PKCS#8 public key -869 * @return {RSAKey} loaded RSAKey object of RSA public key -870 * @since pkcs5pkey 1.0.4 -871 */ -872 getRSAKeyFromPublicPKCS8PEM: function(pkcs8PubPEM) { -873 var pubKeyHex = this.getHexFromPEM(pkcs8PubPEM, "PUBLIC KEY"); -874 var rsaKey = this.getRSAKeyFromPublicPKCS8Hex(pubKeyHex); -875 return rsaKey; -876 }, -877 -878 /** -879 * get RSAKey/ECDSA public key object from PEM PKCS#8 public key -880 * @name getKeyFromPublicPKCS8PEM -881 * @memberOf PKCS5PKEY -882 * @function -883 * @param {String} pkcsPub8PEM string of PEM formatted PKCS#8 public key -884 * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object -885 * @since pkcs5pkey 1.0.5 -886 */ -887 getKeyFromPublicPKCS8PEM: function(pkcs8PubPEM) { -888 var pubKeyHex = this.getHexFromPEM(pkcs8PubPEM, "PUBLIC KEY"); -889 var key = this.getKeyFromPublicPKCS8Hex(pubKeyHex); -890 return key; -891 }, -892 -893 /** -894 * get RSAKey/ECDSA public key object from hexadecimal string of PKCS#8 public key -895 * @name getKeyFromPublicPKCS8Hex -896 * @memberOf PKCS5PKEY -897 * @function -898 * @param {String} pkcsPub8Hex hexadecimal string of PKCS#8 public key -899 * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object -900 * @since pkcs5pkey 1.0.5 -901 */ -902 getKeyFromPublicPKCS8Hex: function(pkcs8PubHex) { -903 var p8 = this.parsePublicPKCS8Hex(pkcs8PubHex); -904 -905 if (p8.algoid == "2a864886f70d010101") { // RSA -906 var aRSA = this.parsePublicRawRSAKeyHex(p8.key); -907 var key = new RSAKey(); -908 key.setPublic(aRSA.n, aRSA.e); -909 return key; -910 } else if (p8.algoid == "2a8648ce3d0201") { // ECC -911 if (KJUR.crypto.OID.oidhex2name[p8.algparam] === undefined) -912 throw "KJUR.crypto.OID.oidhex2name undefined: " + p8.algparam; -913 var curveName = KJUR.crypto.OID.oidhex2name[p8.algparam]; -914 var key = new KJUR.crypto.ECDSA({'curve': curveName, 'pub': p8.key}); -915 return key; -916 } else { -917 throw "unsupported public key algorithm"; -918 } -919 }, -920 -921 /** -922 * parse hexadecimal string of plain PKCS#8 private key -923 * @name parsePublicRawRSAKeyHex -924 * @memberOf PKCS5PKEY -925 * @function -926 * @param {String} pubRawRSAHex hexadecimal string of ASN.1 encoded PKCS#8 public key -927 * @return {Array} associative array of parsed key -928 * @since pkcs5pkey 1.0.5 -929 * @description -930 * Resulted associative array has following properties: -931 * <ul> -932 * <li>n - hexadecimal string of public key -933 * <li>e - hexadecimal string of public exponent -934 * </ul> -935 */ -936 parsePublicRawRSAKeyHex: function(pubRawRSAHex) { -937 var result = {}; -938 -939 // 1. Sequence -940 if (pubRawRSAHex.substr(0, 2) != "30") -941 throw "malformed RSA key(code:001)"; // not sequence -942 -943 var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pubRawRSAHex, 0); -944 if (a1.length != 2) -945 throw "malformed RSA key(code:002)"; // not 2 items in seq -946 -947 // 2. public key "N" -948 if (pubRawRSAHex.substr(a1[0], 2) != "02") -949 throw "malformed RSA key(code:003)"; // 1st item is not integer -950 -951 result.n = ASN1HEX.getHexOfV_AtObj(pubRawRSAHex, a1[0]); -952 -953 // 3. public key "E" -954 if (pubRawRSAHex.substr(a1[1], 2) != "02") -955 throw "malformed RSA key(code:004)"; // 2nd item is not integer -956 -957 result.e = ASN1HEX.getHexOfV_AtObj(pubRawRSAHex, a1[1]); +814 /** +815 * get RSAKey/ECDSA private key object from PEM plain PEM PKCS#8 private key +816 * @name getKeyFromPlainPrivatePKCS8PEM +817 * @memberOf PKCS5PKEY +818 * @function +819 * @param {String} prvKeyPEM string of plain PEM formatted PKCS#8 private key +820 * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object +821 * @since pkcs5pkey 1.0.5 +822 */ +823 getKeyFromPlainPrivatePKCS8PEM: function(prvKeyPEM) { +824 var prvKeyHex = this.getHexFromPEM(prvKeyPEM, "PRIVATE KEY"); +825 var key = this.getKeyFromPlainPrivatePKCS8Hex(prvKeyHex); +826 return key; +827 }, +828 +829 /** +830 * get RSAKey/ECDSA private key object from HEX plain PEM PKCS#8 private key +831 * @name getKeyFromPlainPrivatePKCS8Hex +832 * @memberOf PKCS5PKEY +833 * @function +834 * @param {String} prvKeyHex hexadecimal string of plain PKCS#8 private key +835 * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object +836 * @since pkcs5pkey 1.0.5 +837 */ +838 getKeyFromPlainPrivatePKCS8Hex: function(prvKeyHex) { +839 var p8 = this.parsePlainPrivatePKCS8Hex(prvKeyHex); +840 +841 if (p8.algoid == "2a864886f70d010101") { // RSA +842 this.parsePrivateRawRSAKeyHexAtObj(prvKeyHex, p8); +843 var k = p8.key; +844 var key = new RSAKey(); +845 key.setPrivateEx(k.n, k.e, k.d, k.p, k.q, k.dp, k.dq, k.co); +846 return key; +847 } else if (p8.algoid == "2a8648ce3d0201") { // ECC +848 this.parsePrivateRawECKeyHexAtObj(prvKeyHex, p8); +849 if (KJUR.crypto.OID.oidhex2name[p8.algparam] === undefined) +850 throw "KJUR.crypto.OID.oidhex2name undefined: " + p8.algparam; +851 var curveName = KJUR.crypto.OID.oidhex2name[p8.algparam]; +852 var key = new KJUR.crypto.ECDSA({'curve': curveName, 'prv': p8.key}); +853 return key; +854 } else { +855 throw "unsupported private key algorithm"; +856 } +857 }, +858 +859 // === PKCS8 RSA Public Key ================================================ +860 /** +861 * read PEM formatted PKCS#8 public key and returns RSAKey object +862 * @name getRSAKeyFromPublicPKCS8PEM +863 * @memberOf PKCS5PKEY +864 * @function +865 * @param {String} pkcs8PubPEM PEM formatted PKCS#8 public key +866 * @return {RSAKey} loaded RSAKey object of RSA public key +867 * @since pkcs5pkey 1.0.4 +868 */ +869 getRSAKeyFromPublicPKCS8PEM: function(pkcs8PubPEM) { +870 var pubKeyHex = this.getHexFromPEM(pkcs8PubPEM, "PUBLIC KEY"); +871 var rsaKey = this.getRSAKeyFromPublicPKCS8Hex(pubKeyHex); +872 return rsaKey; +873 }, +874 +875 /** +876 * get RSAKey/ECDSA public key object from PEM PKCS#8 public key +877 * @name getKeyFromPublicPKCS8PEM +878 * @memberOf PKCS5PKEY +879 * @function +880 * @param {String} pkcs8PubPEM string of PEM formatted PKCS#8 public key +881 * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object +882 * @since pkcs5pkey 1.0.5 +883 */ +884 getKeyFromPublicPKCS8PEM: function(pkcs8PubPEM) { +885 var pubKeyHex = this.getHexFromPEM(pkcs8PubPEM, "PUBLIC KEY"); +886 var key = this.getKeyFromPublicPKCS8Hex(pubKeyHex); +887 return key; +888 }, +889 +890 /** +891 * get RSAKey/ECDSA public key object from hexadecimal string of PKCS#8 public key +892 * @name getKeyFromPublicPKCS8Hex +893 * @memberOf PKCS5PKEY +894 * @function +895 * @param {String} pkcs8PubHex hexadecimal string of PKCS#8 public key +896 * @return {Object} RSAKey or KJUR.crypto.ECDSA private key object +897 * @since pkcs5pkey 1.0.5 +898 */ +899 getKeyFromPublicPKCS8Hex: function(pkcs8PubHex) { +900 var p8 = this.parsePublicPKCS8Hex(pkcs8PubHex); +901 +902 if (p8.algoid == "2a864886f70d010101") { // RSA +903 var aRSA = this.parsePublicRawRSAKeyHex(p8.key); +904 var key = new RSAKey(); +905 key.setPublic(aRSA.n, aRSA.e); +906 return key; +907 } else if (p8.algoid == "2a8648ce3d0201") { // ECC +908 if (KJUR.crypto.OID.oidhex2name[p8.algparam] === undefined) +909 throw "KJUR.crypto.OID.oidhex2name undefined: " + p8.algparam; +910 var curveName = KJUR.crypto.OID.oidhex2name[p8.algparam]; +911 var key = new KJUR.crypto.ECDSA({'curve': curveName, 'pub': p8.key}); +912 return key; +913 } else { +914 throw "unsupported public key algorithm"; +915 } +916 }, +917 +918 /** +919 * parse hexadecimal string of plain PKCS#8 private key +920 * @name parsePublicRawRSAKeyHex +921 * @memberOf PKCS5PKEY +922 * @function +923 * @param {String} pubRawRSAHex hexadecimal string of ASN.1 encoded PKCS#8 public key +924 * @return {Array} associative array of parsed key +925 * @since pkcs5pkey 1.0.5 +926 * @description +927 * Resulted associative array has following properties: +928 * <ul> +929 * <li>n - hexadecimal string of public key +930 * <li>e - hexadecimal string of public exponent +931 * </ul> +932 */ +933 parsePublicRawRSAKeyHex: function(pubRawRSAHex) { +934 var result = {}; +935 +936 // 1. Sequence +937 if (pubRawRSAHex.substr(0, 2) != "30") +938 throw "malformed RSA key(code:001)"; // not sequence +939 +940 var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pubRawRSAHex, 0); +941 if (a1.length != 2) +942 throw "malformed RSA key(code:002)"; // not 2 items in seq +943 +944 // 2. public key "N" +945 if (pubRawRSAHex.substr(a1[0], 2) != "02") +946 throw "malformed RSA key(code:003)"; // 1st item is not integer +947 +948 result.n = ASN1HEX.getHexOfV_AtObj(pubRawRSAHex, a1[0]); +949 +950 // 3. public key "E" +951 if (pubRawRSAHex.substr(a1[1], 2) != "02") +952 throw "malformed RSA key(code:004)"; // 2nd item is not integer +953 +954 result.e = ASN1HEX.getHexOfV_AtObj(pubRawRSAHex, a1[1]); +955 +956 return result; +957 }, 958 -959 return result; -960 }, -961 -962 /** -963 * parse hexadecimal string of RSA private key -964 * @name parsePrivateRawRSAKeyHexAtObj -965 * @memberOf PKCS5PKEY -966 * @function -967 * @param {String} pkcs8PrvHex hexadecimal string of PKCS#8 private key concluding RSA private key -968 * @return {Array} info associative array to add parsed RSA private key information -969 * @since pkcs5pkey 1.0.5 -970 * @description -971 * Following properties are added to associative array 'info' -972 * <ul> -973 * <li>n - hexadecimal string of public key -974 * <li>e - hexadecimal string of public exponent -975 * <li>d - hexadecimal string of private key -976 * <li>p - hexadecimal string -977 * <li>q - hexadecimal string -978 * <li>dp - hexadecimal string -979 * <li>dq - hexadecimal string -980 * <li>co - hexadecimal string -981 * </ul> -982 */ -983 parsePrivateRawRSAKeyHexAtObj: function(pkcs8PrvHex, info) { -984 var keyIdx = info.keyidx; -985 -986 // 1. sequence -987 if (pkcs8PrvHex.substr(keyIdx, 2) != "30") -988 throw "malformed RSA private key(code:001)"; // not sequence -989 -990 var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PrvHex, keyIdx); -991 if (a1.length != 9) -992 throw "malformed RSA private key(code:002)"; // not sequence -993 -994 // 2. RSA key -995 info.key = {}; -996 info.key.n = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[1]); -997 info.key.e = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[2]); -998 info.key.d = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[3]); -999 info.key.p = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[4]); -1000 info.key.q = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[5]); -1001 info.key.dp = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[6]); -1002 info.key.dq = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[7]); -1003 info.key.co = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[8]); -1004 }, -1005 -1006 /** -1007 * parse hexadecimal string of ECC private key -1008 * @name parsePrivateRawECKeyHexAtObj -1009 * @memberOf PKCS5PKEY -1010 * @function -1011 * @param {String} pkcs8PrvHex hexadecimal string of PKCS#8 private key concluding EC private key -1012 * @return {Array} info associative array to add parsed ECC private key information -1013 * @since pkcs5pkey 1.0.5 -1014 * @description -1015 * Following properties are added to associative array 'info' -1016 * <ul> -1017 * <li>key - hexadecimal string of ECC private key -1018 * </ul> -1019 */ -1020 parsePrivateRawECKeyHexAtObj: function(pkcs8PrvHex, info) { -1021 var keyIdx = info.keyidx; -1022 -1023 // 1. sequence -1024 if (pkcs8PrvHex.substr(keyIdx, 2) != "30") -1025 throw "malformed ECC private key(code:001)"; // not sequence -1026 -1027 var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PrvHex, keyIdx); -1028 if (a1.length != 3) -1029 throw "malformed ECC private key(code:002)"; // not sequence -1030 -1031 // 2. EC private key -1032 if (pkcs8PrvHex.substr(a1[1], 2) != "04") -1033 throw "malformed ECC private key(code:003)"; // not octetstring +959 /** +960 * parse hexadecimal string of RSA private key +961 * @name parsePrivateRawRSAKeyHexAtObj +962 * @memberOf PKCS5PKEY +963 * @function +964 * @param {String} pkcs8PrvHex hexadecimal string of PKCS#8 private key concluding RSA private key +965 * @return {Array} info associative array to add parsed RSA private key information +966 * @since pkcs5pkey 1.0.5 +967 * @description +968 * Following properties are added to associative array 'info' +969 * <ul> +970 * <li>n - hexadecimal string of public key +971 * <li>e - hexadecimal string of public exponent +972 * <li>d - hexadecimal string of private key +973 * <li>p - hexadecimal string +974 * <li>q - hexadecimal string +975 * <li>dp - hexadecimal string +976 * <li>dq - hexadecimal string +977 * <li>co - hexadecimal string +978 * </ul> +979 */ +980 parsePrivateRawRSAKeyHexAtObj: function(pkcs8PrvHex, info) { +981 var keyIdx = info.keyidx; +982 +983 // 1. sequence +984 if (pkcs8PrvHex.substr(keyIdx, 2) != "30") +985 throw "malformed RSA private key(code:001)"; // not sequence +986 +987 var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PrvHex, keyIdx); +988 if (a1.length != 9) +989 throw "malformed RSA private key(code:002)"; // not sequence +990 +991 // 2. RSA key +992 info.key = {}; +993 info.key.n = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[1]); +994 info.key.e = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[2]); +995 info.key.d = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[3]); +996 info.key.p = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[4]); +997 info.key.q = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[5]); +998 info.key.dp = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[6]); +999 info.key.dq = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[7]); +1000 info.key.co = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[8]); +1001 }, +1002 +1003 /** +1004 * parse hexadecimal string of ECC private key +1005 * @name parsePrivateRawECKeyHexAtObj +1006 * @memberOf PKCS5PKEY +1007 * @function +1008 * @param {String} pkcs8PrvHex hexadecimal string of PKCS#8 private key concluding EC private key +1009 * @return {Array} info associative array to add parsed ECC private key information +1010 * @since pkcs5pkey 1.0.5 +1011 * @description +1012 * Following properties are added to associative array 'info' +1013 * <ul> +1014 * <li>key - hexadecimal string of ECC private key +1015 * </ul> +1016 */ +1017 parsePrivateRawECKeyHexAtObj: function(pkcs8PrvHex, info) { +1018 var keyIdx = info.keyidx; +1019 +1020 // 1. sequence +1021 if (pkcs8PrvHex.substr(keyIdx, 2) != "30") +1022 throw "malformed ECC private key(code:001)"; // not sequence +1023 +1024 var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PrvHex, keyIdx); +1025 if (a1.length != 3) +1026 throw "malformed ECC private key(code:002)"; // not sequence +1027 +1028 // 2. EC private key +1029 if (pkcs8PrvHex.substr(a1[1], 2) != "04") +1030 throw "malformed ECC private key(code:003)"; // not octetstring +1031 +1032 info.key = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[1]); +1033 }, 1034 -1035 info.key = ASN1HEX.getHexOfV_AtObj(pkcs8PrvHex, a1[1]); -1036 }, -1037 -1038 /** -1039 * parse hexadecimal string of PKCS#8 public key -1040 * @name parsePublicPKCS8Hex -1041 * @memberOf PKCS5PKEY -1042 * @function -1043 * @param {String} pkcs8PubHex hexadecimal string of PKCS#8 public key -1044 * @return {Hash} hash of key information -1045 * @description -1046 * Resulted hash has following attributes. -1047 * <ul> -1048 * <li>algoid - hexadecimal string of OID of asymmetric key algorithm</li> -1049 * <li>algparam - hexadecimal string of OID of ECC curve name or null</li> -1050 * <li>key - hexadecimal string of public key</li> -1051 * </ul> -1052 */ -1053 parsePublicPKCS8Hex: function(pkcs8PubHex) { -1054 var result = {}; -1055 result.algparam = null; -1056 -1057 // 1. AlgID and Key bit string -1058 var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PubHex, 0); -1059 if (a1.length != 2) -1060 throw "outer DERSequence shall have 2 elements: " + a1.length; -1061 -1062 // 2. AlgID -1063 var idxAlgIdTLV = a1[0]; -1064 if (pkcs8PubHex.substr(idxAlgIdTLV, 2) != "30") -1065 throw "malformed PKCS8 public key(code:001)"; // AlgId not sequence -1066 -1067 var a2 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PubHex, idxAlgIdTLV); -1068 if (a2.length != 2) -1069 throw "malformed PKCS8 public key(code:002)"; // AlgId not have two elements -1070 -1071 // 2.1. AlgID OID -1072 if (pkcs8PubHex.substr(a2[0], 2) != "06") -1073 throw "malformed PKCS8 public key(code:003)"; // AlgId.oid is not OID -1074 -1075 result.algoid = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a2[0]); -1076 -1077 // 2.2. AlgID param -1078 if (pkcs8PubHex.substr(a2[1], 2) == "06") { -1079 result.algparam = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a2[1]); -1080 } -1081 -1082 // 3. Key -1083 if (pkcs8PubHex.substr(a1[1], 2) != "03") -1084 throw "malformed PKCS8 public key(code:004)"; // Key is not bit string -1085 -1086 result.key = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a1[1]).substr(2); -1087 -1088 // 4. return result assoc array -1089 return result; -1090 }, -1091 -1092 /** -1093 * provide hexadecimal string of unencrypted PKCS#8 private key and returns RSAKey object -1094 * @name getRSAKeyFromPublicPKCS8Hex -1095 * @memberOf PKCS5PKEY -1096 * @function -1097 * @param {String} pkcs8PubHex hexadecimal string of unencrypted PKCS#8 public key -1098 * @return {RSAKey} loaded RSAKey object of RSA public key -1099 * @since pkcs5pkey 1.0.4 -1100 */ -1101 getRSAKeyFromPublicPKCS8Hex: function(pkcs8PubHex) { -1102 var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PubHex, 0); -1103 if (a1.length != 2) -1104 throw "outer DERSequence shall have 2 elements: " + a1.length; -1105 -1106 var algIdTLV =ASN1HEX.getHexOfTLV_AtObj(pkcs8PubHex, a1[0]); -1107 if (algIdTLV != "300d06092a864886f70d0101010500") // AlgId rsaEncryption -1108 throw "PKCS8 AlgorithmId is not rsaEncryption"; -1109 -1110 if (pkcs8PubHex.substr(a1[1], 2) != "03") -1111 throw "PKCS8 Public Key is not BITSTRING encapslated."; -1112 -1113 var idxPub = ASN1HEX.getStartPosOfV_AtObj(pkcs8PubHex, a1[1]) + 2; // 2 for unused bit -1114 -1115 if (pkcs8PubHex.substr(idxPub, 2) != "30") -1116 throw "PKCS8 Public Key is not SEQUENCE."; -1117 -1118 var a2 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PubHex, idxPub); -1119 if (a2.length != 2) -1120 throw "inner DERSequence shall have 2 elements: " + a2.length; -1121 -1122 if (pkcs8PubHex.substr(a2[0], 2) != "02") -1123 throw "N is not ASN.1 INTEGER"; -1124 if (pkcs8PubHex.substr(a2[1], 2) != "02") -1125 throw "E is not ASN.1 INTEGER"; -1126 -1127 var hN = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a2[0]); -1128 var hE = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a2[1]); -1129 -1130 var pubKey = new RSAKey(); -1131 pubKey.setPublic(hN, hE); -1132 -1133 return pubKey; -1134 }, -1135 }; -1136 }(); -1137 \ No newline at end of file +1035 /** +1036 * parse hexadecimal string of PKCS#8 public key +1037 * @name parsePublicPKCS8Hex +1038 * @memberOf PKCS5PKEY +1039 * @function +1040 * @param {String} pkcs8PubHex hexadecimal string of PKCS#8 public key +1041 * @return {Hash} hash of key information +1042 * @description +1043 * Resulted hash has following attributes. +1044 * <ul> +1045 * <li>algoid - hexadecimal string of OID of asymmetric key algorithm</li> +1046 * <li>algparam - hexadecimal string of OID of ECC curve name or null</li> +1047 * <li>key - hexadecimal string of public key</li> +1048 * </ul> +1049 */ +1050 parsePublicPKCS8Hex: function(pkcs8PubHex) { +1051 var result = {}; +1052 result.algparam = null; +1053 +1054 // 1. AlgID and Key bit string +1055 var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PubHex, 0); +1056 if (a1.length != 2) +1057 throw "outer DERSequence shall have 2 elements: " + a1.length; +1058 +1059 // 2. AlgID +1060 var idxAlgIdTLV = a1[0]; +1061 if (pkcs8PubHex.substr(idxAlgIdTLV, 2) != "30") +1062 throw "malformed PKCS8 public key(code:001)"; // AlgId not sequence +1063 +1064 var a2 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PubHex, idxAlgIdTLV); +1065 if (a2.length != 2) +1066 throw "malformed PKCS8 public key(code:002)"; // AlgId not have two elements +1067 +1068 // 2.1. AlgID OID +1069 if (pkcs8PubHex.substr(a2[0], 2) != "06") +1070 throw "malformed PKCS8 public key(code:003)"; // AlgId.oid is not OID +1071 +1072 result.algoid = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a2[0]); +1073 +1074 // 2.2. AlgID param +1075 if (pkcs8PubHex.substr(a2[1], 2) == "06") { +1076 result.algparam = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a2[1]); +1077 } +1078 +1079 // 3. Key +1080 if (pkcs8PubHex.substr(a1[1], 2) != "03") +1081 throw "malformed PKCS8 public key(code:004)"; // Key is not bit string +1082 +1083 result.key = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a1[1]).substr(2); +1084 +1085 // 4. return result assoc array +1086 return result; +1087 }, +1088 +1089 /** +1090 * provide hexadecimal string of unencrypted PKCS#8 private key and returns RSAKey object +1091 * @name getRSAKeyFromPublicPKCS8Hex +1092 * @memberOf PKCS5PKEY +1093 * @function +1094 * @param {String} pkcs8PubHex hexadecimal string of unencrypted PKCS#8 public key +1095 * @return {RSAKey} loaded RSAKey object of RSA public key +1096 * @since pkcs5pkey 1.0.4 +1097 */ +1098 getRSAKeyFromPublicPKCS8Hex: function(pkcs8PubHex) { +1099 var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PubHex, 0); +1100 if (a1.length != 2) +1101 throw "outer DERSequence shall have 2 elements: " + a1.length; +1102 +1103 var algIdTLV =ASN1HEX.getHexOfTLV_AtObj(pkcs8PubHex, a1[0]); +1104 if (algIdTLV != "300d06092a864886f70d0101010500") // AlgId rsaEncryption +1105 throw "PKCS8 AlgorithmId is not rsaEncryption"; +1106 +1107 if (pkcs8PubHex.substr(a1[1], 2) != "03") +1108 throw "PKCS8 Public Key is not BITSTRING encapslated."; +1109 +1110 var idxPub = ASN1HEX.getStartPosOfV_AtObj(pkcs8PubHex, a1[1]) + 2; // 2 for unused bit +1111 +1112 if (pkcs8PubHex.substr(idxPub, 2) != "30") +1113 throw "PKCS8 Public Key is not SEQUENCE."; +1114 +1115 var a2 = ASN1HEX.getPosArrayOfChildren_AtObj(pkcs8PubHex, idxPub); +1116 if (a2.length != 2) +1117 throw "inner DERSequence shall have 2 elements: " + a2.length; +1118 +1119 if (pkcs8PubHex.substr(a2[0], 2) != "02") +1120 throw "N is not ASN.1 INTEGER"; +1121 if (pkcs8PubHex.substr(a2[1], 2) != "02") +1122 throw "E is not ASN.1 INTEGER"; +1123 +1124 var hN = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a2[0]); +1125 var hE = ASN1HEX.getHexOfV_AtObj(pkcs8PubHex, a2[1]); +1126 +1127 var pubKey = new RSAKey(); +1128 pubKey.setPublic(hN, hE); +1129 +1130 return pubKey; +1131 }, +1132 }; +1133 }(); +1134 \ No newline at end of file diff --git a/bower.json b/bower.json index 0afa8f62..eba4ea67 100644 --- a/bower.json +++ b/bower.json @@ -1,6 +1,6 @@ { "name": "kjur-jsrsasign", - "version": "6.2.3", + "version": "7.0.0", "main": "jsrsasign-latest-all-min.js", "description": "The 'jsrsasign' (RSA-Sign JavaScript Library) is an opensource free cryptography library supporting RSA/RSAPSS/ECDSA/DSA signing/validation, ASN.1, PKCS#1/5/8 private/public key, X.509 certificate, CRL, OCSP, CMS SignedData, TimeStamp, CAdES, JWS and JWT in pure JavaScript.", "license": "MIT", diff --git a/crypto-1.1.js b/crypto-1.1.js index 47e13096..56d81d19 100644 --- a/crypto-1.1.js +++ b/crypto-1.1.js @@ -1,4 +1,4 @@ -/*! crypto-1.1.10.js (c) 2013-2016 Kenji Urushima | kjur.github.com/jsrsasign/license +/*! crypto-1.1.11.js (c) 2013-2016 Kenji Urushima | kjur.github.com/jsrsasign/license */ /* * crypto.js - Cryptographic Algorithm Provider class @@ -16,7 +16,7 @@ * @fileOverview * @name crypto-1.1.js * @author Kenji Urushima kenji.urushima@gmail.com - * @version 1.1.10 (2016-Oct-29) + * @version 1.1.11 (2016-Dec-25) * @since jsrsasign 2.2 * @license MIT License */ @@ -250,40 +250,164 @@ KJUR.crypto.Util = new function() { return md.digestHex(s); }; - /** - * get hexadecimal MD5 hash of string - * @name md5 - * @memberOf KJUR.crypto.Util - * @function - * @param {String} s input string to be hashed - * @return {String} hexadecimal string of hash value - * @since 1.0.3 - */ - this.md5 = function(s) { - var md = new KJUR.crypto.MessageDigest({'alg':'md5', 'prov':'cryptojs'}); - return md.digestString(s); - }; +}; - /** - * get hexadecimal RIPEMD160 hash of string - * @name ripemd160 - * @memberOf KJUR.crypto.Util - * @function - * @param {String} s input string to be hashed - * @return {String} hexadecimal string of hash value - * @since 1.0.3 - */ - this.ripemd160 = function(s) { - var md = new KJUR.crypto.MessageDigest({'alg':'ripemd160', 'prov':'cryptojs'}); - return md.digestString(s); - }; +/** + * get hexadecimal MD5 hash of string + * @name md5 + * @memberOf KJUR.crypto.Util + * @function + * @param {String} s input string to be hashed + * @return {String} hexadecimal string of hash value + * @since 1.0.3 + * @example + * Util.md5('aaa') → 47bce5c74f589f4867dbd57e9ca9f808 + */ +KJUR.crypto.Util.md5 = function(s) { + var md = new KJUR.crypto.MessageDigest({'alg':'md5', 'prov':'cryptojs'}); + return md.digestString(s); +}; - /* - * @since 1.1.2 - */ - this.getCryptoJSMDByName = function(s) { - - }; +/** + * get hexadecimal RIPEMD160 hash of string + * @name ripemd160 + * @memberOf KJUR.crypto.Util + * @function + * @param {String} s input string to be hashed + * @return {String} hexadecimal string of hash value + * @since 1.0.3 + * @example + * KJUR.crypto.Util.ripemd160("aaa") → 08889bd7b151aa174c21f33f59147fa65381edea + */ +KJUR.crypto.Util.ripemd160 = function(s) { + var md = new KJUR.crypto.MessageDigest({'alg':'ripemd160', 'prov':'cryptojs'}); + return md.digestString(s); +}; + +// @since jsrsasign 7.0.0 crypto 1.1.11 +KJUR.crypto.Util.SECURERANDOMGEN = new SecureRandom(); + +/** + * get hexadecimal string of random value from with specified byte length
+ * @name getRandomHexOfNbytes + * @memberOf KJUR.crypto.Util + * @function + * @param {Integer} n length of bytes of random + * @return {String} hexadecimal string of random + * @since jsrsasign 7.0.0 crypto 1.1.11 + * @example + * KJUR.crypto.Util.getRandomHexOfNbytes(3) → "6314af", "000000" or "001fb4" + * KJUR.crypto.Util.getRandomHexOfNbytes(128) → "8fbc..." in 1024bits + */ +KJUR.crypto.Util.getRandomHexOfNbytes = function(n) { + var ba = new Array(n); + KJUR.crypto.Util.SECURERANDOMGEN.nextBytes(ba); + return BAtohex(ba); +}; + +/** + * get BigInteger object of random value from with specified byte length
+ * @name getRandomBigIntegerOfNbytes + * @memberOf KJUR.crypto.Util + * @function + * @param {Integer} n length of bytes of random + * @return {BigInteger} BigInteger object of specified random value + * @since jsrsasign 7.0.0 crypto 1.1.11 + * @example + * KJUR.crypto.Util.getRandomBigIntegerOfNbytes(3) → 6314af of BigInteger + * KJUR.crypto.Util.getRandomBigIntegerOfNbytes(128) → 8fbc... of BigInteger + */ +KJUR.crypto.Util.getRandomBigIntegerOfNbytes = function(n) { + return new BigInteger(KJUR.crypto.Util.getRandomHexOfNbytes(n), 16); +}; + +/** + * get hexadecimal string of random value from with specified bit length
+ * @name getRandomHexOfNbits + * @memberOf KJUR.crypto.Util + * @function + * @param {Integer} n length of bits of random + * @return {String} hexadecimal string of random + * @since jsrsasign 7.0.0 crypto 1.1.11 + * @example + * KJUR.crypto.Util.getRandomHexOfNbits(24) → "6314af", "000000" or "001fb4" + * KJUR.crypto.Util.getRandomHexOfNbits(1024) → "8fbc..." in 1024bits + */ +KJUR.crypto.Util.getRandomHexOfNbits = function(n) { + var n_remainder = n % 8; + var n_quotient = (n - n_remainder) / 8; + var ba = new Array(n_quotient + 1); + KJUR.crypto.Util.SECURERANDOMGEN.nextBytes(ba); + ba[0] = (((255 << n_remainder) & 255) ^ 255) & ba[0]; + return BAtohex(ba); +}; + +/** + * get BigInteger object of random value from with specified bit length
+ * @name getRandomBigIntegerOfNbits + * @memberOf KJUR.crypto.Util + * @function + * @param {Integer} n length of bits of random + * @return {BigInteger} BigInteger object of specified random value + * @since jsrsasign 7.0.0 crypto 1.1.11 + * @example + * KJUR.crypto.Util.getRandomBigIntegerOfNbits(24) → 6314af of BigInteger + * KJUR.crypto.Util.getRandomBigIntegerOfNbits(1024) → 8fbc... of BigInteger + */ +KJUR.crypto.Util.getRandomBigIntegerOfNbits = function(n) { + return new BigInteger(KJUR.crypto.Util.getRandomHexOfNbits(n), 16); +}; + +/** + * get BigInteger object of random value from zero to max value
+ * @name getRandomBigIntegerZeroToMax + * @memberOf KJUR.crypto.Util + * @function + * @param {BigInteger} biMax max value of BigInteger object for random value + * @return {BigInteger} BigInteger object of specified random value + * @since jsrsasign 7.0.0 crypto 1.1.11 + * @description + * This static method generates a BigInteger object with random value + * greater than or equal to zero and smaller than or equal to biMax + * (i.e. 0 ≤ result ≤ biMax). + * @example + * biMax = new BigInteger("3fa411...", 16); + * KJUR.crypto.Util.getRandomBigIntegerZeroToMax(biMax) → 8fbc... of BigInteger + */ +KJUR.crypto.Util.getRandomBigIntegerZeroToMax = function(biMax) { + var bitLenMax = biMax.bitLength(); + while (1) { + var biRand = KJUR.crypto.Util.getRandomBigIntegerOfNbits(bitLenMax); + if (biMax.compareTo(biRand) != -1) return biRand; + } +}; + +/** + * get BigInteger object of random value from min value to max value
+ * @name getRandomBigIntegerMinToMax + * @memberOf KJUR.crypto.Util + * @function + * @param {BigInteger} biMin min value of BigInteger object for random value + * @param {BigInteger} biMax max value of BigInteger object for random value + * @return {BigInteger} BigInteger object of specified random value + * @since jsrsasign 7.0.0 crypto 1.1.11 + * @description + * This static method generates a BigInteger object with random value + * greater than or equal to biMin and smaller than or equal to biMax + * (i.e. biMin ≤ result ≤ biMax). + * @example + * biMin = new BigInteger("2fa411...", 16); + * biMax = new BigInteger("3fa411...", 16); + * KJUR.crypto.Util.getRandomBigIntegerMinToMax(biMin, biMax) → 32f1... of BigInteger + */ +KJUR.crypto.Util.getRandomBigIntegerMinToMax = function(biMin, biMax) { + var flagCompare = biMin.compareTo(biMax); + if (flagCompare == 1) throw "biMin is greater than biMax"; + if (flagCompare == 0) return biMin; + + var biDiff = biMax.subtract(biMin); + var biRand = KJUR.crypto.Util.getRandomBigIntegerZeroToMax(biDiff); + return biRand.add(biMin); }; // === Mac =============================================================== diff --git a/dsa-2.0.js b/dsa-2.0.js new file mode 100755 index 00000000..8bff3119 --- /dev/null +++ b/dsa-2.0.js @@ -0,0 +1,206 @@ +/*! dsa-2.0.0.js (c) 2016 Kenji Urushimma | kjur.github.com/jsrsasign/license + */ +/* + * dsa.js - new DSA class + * + * Copyright (c) 2016 Kenji Urushima (kenji.urushima@gmail.com) + * + * This software is licensed under the terms of the MIT License. + * http://kjur.github.com/jsrsasign/license + * + * The above copyright and license notice shall be + * included in all copies or substantial portions of the Software. + */ + +/** + * @fileOverview + * @name dsa-2.0.js + * @author Kenji Urushima kenji.urushima@gmail.com + * @version dsa 2.0.0 (2016-Dec-24) + * @since jsrsasign 7.0.0 + * @license MIT License + */ + +if (typeof KJUR == "undefined" || !KJUR) KJUR = {}; +if (typeof KJUR.crypto == "undefined" || !KJUR.crypto) KJUR.crypto = {}; + +/** + * class for DSA signing and verification + * @name KJUR.crypto.DSA + * @class class for DSA signing and verifcation + * @since jsrsasign 7.0.0 dsa 2.0.0 + * @description + *

+ * CAUTION: Most of the case, you don't need to use this class. + * Please use {@link KJUR.crypto.Signature} class instead. + *

+ *

+ * NOTE: Until jsrsasign 6.2.3, DSA class have used codes from openpgpjs library 1.0.0 + * licenced under LGPL licence. To avoid license issue dsa-2.0.js was re-written with + * my own codes in jsrsasign 7.0.0. + * Some random number generators used in dsa-2.0.js was newly defined + * in KJUR.crypto.Util class. Now all of LGPL codes are removed. + *

+ */ +KJUR.crypto.DSA = function() { + this.p = null; + this.q = null; + this.g = null; + this.y = null; + this.x = null; + this.type = "DSA"; + + //=========================== + // PUBLIC METHODS + //=========================== + + /** + * set DSA private key by key parameters + * @name setPrivate + * @memberOf KJUR.crypto.DSA# + * @function + * @param {BigInteger} p prime P + * @param {BigInteger} q sub prime Q + * @param {BigInteger} g base G + * @param {BigInteger} y public key Y + * @param {BigInteger} x private key X + * @since jsrsasign 7.0.0 dsa 2.0.0 + */ + this.setPrivate = function(p, q, g, y, x) { + this.isPrivate = true; + this.p = p; + this.q = q; + this.g = g; + this.y = y; + this.x = x; + }; + + /** + * set DSA public key by key parameters + * @name setPublic + * @memberOf KJUR.crypto.DSA# + * @function + * @param {BigInteger} p prime P + * @param {BigInteger} q sub prime Q + * @param {BigInteger} g base G + * @param {BigInteger} y public key Y + * @since jsrsasign 7.0.0 dsa 2.0.0 + */ + this.setPublic = function(p, q, g, y) { + this.isPublic = true; + this.p = p; + this.q = q; + this.g = g; + this.y = y; + this.x = null; + }; + + /** + * sign to hashed message by this DSA private key object + * @name signWithMessageHash + * @memberOf KJUR.crypto.DSA# + * @function + * @param {String} sHashHex hexadecimal string of hashed message + * @return {String} hexadecimal string of ASN.1 encoded DSA signature value + * @since jsrsasign 7.0.0 dsa 2.0.0 + */ + this.signWithMessageHash = function(sHashHex) { + var p = this.p; // parameter p + var q = this.q; // parameter q + var g = this.g; // parameter g + var y = this.y; // public key (p q g y) + var x = this.x; // private key + + // NIST FIPS 186-4 4.5 DSA Per-Message Secret Number (p18) + // 1. get random k where 0 < k < q + var k = KJUR.crypto.Util.getRandomBigIntegerMinToMax(BigInteger.ONE.add(BigInteger.ONE), + q.subtract(BigInteger.ONE)); + + // NIST FIPS 186-4 4.6 DSA Signature Generation (p19) + // 2. get z where the left most min(N, outlen) bits of Hash(M) + var hZ = sHashHex.substr(0, q.bitLength() / 4); + var z = new BigInteger(hZ, 16); + + // 3. get r where (g^k mod p) mod q, r != 0 + var r = (g.modPow(k,p)).mod(q); + + // 4. get s where k^-1 (z + xr) mod q, s != 0 + var s = (k.modInverse(q).multiply(z.add(x.multiply(r)))).mod(q); + + // 5. signature (r, s) + var result = KJUR.asn1.ASN1Util.jsonToASN1HEX({ + "seq": [{"int": {"bigint": r}}, {"int": {"bigint": s}}] + }); + return result; + }; + + /** + * verify signature by this DSA public key object + * @name verifyWithMessageHash + * @memberOf KJUR.crypto.DSA# + * @function + * @param {String} sHashHex hexadecimal string of hashed message + * @param {String} hSigVal hexadecimal string of ASN.1 encoded DSA signature value + * @return {Boolean} true if the signature is valid otherwise false. + * @since jsrsasign 7.0.0 dsa 2.0.0 + */ + this.verifyWithMessageHash = function(sHashHex, hSigVal) { + var p = this.p; // parameter p + var q = this.q; // parameter q + var g = this.g; // parameter g + var y = this.y; // public key (p q g y) + + // 1. parse ASN.1 signature (r, s) + var rs = this.parseASN1Signature(hSigVal); + var r = rs[0]; + var s = rs[1]; + + // NIST FIPS 186-4 4.6 DSA Signature Generation (p19) + // 2. get z where the left most min(N, outlen) bits of Hash(M) + var hZ = sHashHex.substr(0, q.bitLength() / 4); + var z = new BigInteger(hZ, 16); + + // NIST FIPS 186-4 4.7 DSA Signature Validation (p19) + // 3.1. 0 < r < q + if (BigInteger.ZERO.compareTo(r) > 0 || r.compareTo(q) > 0) + throw "invalid DSA signature"; + + // 3.2. 0 < s < q + if (BigInteger.ZERO.compareTo(s) > 0 || s.compareTo(q) > 0) + throw "invalid DSA signature"; + + // 4. get w where w = s^-1 mod q + var w = s.modInverse(q); + + // 5. get u1 where u1 = z w mod q + var u1 = z.multiply(w).mod(q); + + // 6. get u2 where u2 = r w mod q + var u2 = r.multiply(w).mod(q); + + // 7. get v where v = ((g^u1 y^u2) mod p) mod q + var v = g.modPow(u1,p).multiply(y.modPow(u2,p)).mod(p).mod(q); + + // 8. signature is valid when v == r + return v.compareTo(r) == 0; + }; + + /** + * parse hexadecimal ASN.1 DSA signature value + * @name parseASN1Signature + * @memberOf KJUR.crypto.DSA# + * @function + * @param {String} hSigVal hexadecimal string of ASN.1 encoded DSA signature value + * @return {Array} array [r, s] of DSA signature value. Both r and s are BigInteger. + * @since jsrsasign 7.0.0 dsa 2.0.0 + */ + this.parseASN1Signature = function(hSigVal) { + try { + var r = new BigInteger(ASN1HEX.getVbyList(hSigVal, 0, [0], "02"), 16); + var s = new BigInteger(ASN1HEX.getVbyList(hSigVal, 0, [1], "02"), 16); + return [r, s]; + } catch (ex) { + throw "malformed ASN.1 DSA signature"; + } + } +} diff --git a/dsa-modified-1.0.js b/dsa-modified-1.0.js deleted file mode 100644 index 094da092..00000000 --- a/dsa-modified-1.0.js +++ /dev/null @@ -1,381 +0,0 @@ -/*! dsa-modified-1.0.1.js (c) Recurity Labs GmbH, Kenji Urushimma | github.com/openpgpjs/openpgpjs/blob/master/LICENSE - */ -/* - * dsa-modified.js - modified DSA class of OpenPGP-JS - * - * Copyright (c) 2011-2013 Recurity Labs GmbH (github.com/openpgpjs) - * Kenji Urushima (kenji.urushima@gmail.com) - * LICENSE - * https://github.com/openpgpjs/openpgpjs/blob/master/LICENSE - */ - -/** - * @fileOverview - * @name dsa-modified-1.0.js - * @author Recurity Labs GmbH (github.com/openpgpjs) and Kenji Urushima (kenji.urushima@gmail.com) - * @version 1.0.1 (2013-Oct-06) - * @since jsrsasign 4.1.6 - * @license LGPL License - */ - -if (typeof KJUR == "undefined" || !KJUR) KJUR = {}; -if (typeof KJUR.crypto == "undefined" || !KJUR.crypto) KJUR.crypto = {}; - -/** - * class for DSA signing and verification - * @name KJUR.crypto.DSA - * @class class for DSA signing and verifcation - * @description - *

- * CAUTION: Most of the case, you don't need to use this class. - * Please use {@link KJUR.crypto.Signature} class instead. - *

- *

- * This class was originally developped by Recurity Labs GmbH for OpenPGP JavaScript library. - * (See {@link https://github.com/openpgpjs/openpgpjs/blob/master/src/ciphers/asymmetric/dsa.js}) - *

- */ -/* https://github.com/openpgpjs/openpgpjs/blob/master/src/ciphers/asymmetric/dsa.js */ -KJUR.crypto.DSA = function() { - this.p = null; - this.q = null; - this.g = null; - this.y = null; - this.x = null; - this.type = "DSA"; - - //=========================== - // PUBLIC METHODS - //=========================== - - /** - * set DSA private key by key specs - * @name setPrivate - * @memberOf KJUR.crypto.DSA - * @function - * @param {BigInteger} p prime P - * @param {BigInteger} q sub prime Q - * @param {BigInteger} g base G - * @param {BigInteger} y public key Y - * @param {BigInteger} x private key X - * @since dsa-modified 1.0.0 - */ - this.setPrivate = function(p, q, g, y, x) { - this.isPrivate = true; - this.p = p; - this.q = q; - this.g = g; - this.y = y; - this.x = x; - }; - - /** - * set DSA public key by key specs - * @name setPublic - * @memberOf KJUR.crypto.DSA - * @function - * @param {BigInteger} p prime P - * @param {BigInteger} q sub prime Q - * @param {BigInteger} g base G - * @param {BigInteger} y public key Y - * @since dsa-modified 1.0.0 - */ - this.setPublic = function(p, q, g, y) { - this.isPublic = true; - this.p = p; - this.q = q; - this.g = g; - this.y = y; - this.x = null; - }; - - /** - * sign to hashed message by this DSA private key object - * @name signWithMessageHash - * @memberOf KJUR.crypto.DSA - * @function - * @param {String} sHashHex hexadecimal string of hashed message - * @return {String} hexadecimal string of ASN.1 encoded DSA signature value - * @since dsa-modified 1.0.0 - */ - this.signWithMessageHash = function(sHashHex) { - var p = this.p; - var q = this.q; - var g = this.g; - var y = this.y; - var x = this.x; - - // 1. trim message hash - var hashHex = sHashHex.substr(0, q.bitLength() / 4); - var hash = new BigInteger(sHashHex, 16); - - var k = getRandomBigIntegerInRange(BigInteger.ONE.add(BigInteger.ONE), - q.subtract(BigInteger.ONE)); - var s1 = (g.modPow(k,p)).mod(q); - var s2 = (k.modInverse(q).multiply(hash.add(x.multiply(s1)))).mod(q); - - var result = KJUR.asn1.ASN1Util.jsonToASN1HEX({ - 'seq': [{'int': {'bigint': s1}}, {'int': {'bigint': s2}}] - }); - return result; - }; - - /** - * verify signature by this DSA public key object - * @name verifyWithMessageHash - * @memberOf KJUR.crypto.DSA - * @function - * @param {String} sHashHex hexadecimal string of hashed message - * @param {String} hSigVal hexadecimal string of ASN.1 encoded DSA signature value - * @return {Boolean} true if the signature is valid otherwise false. - * @since dsa-modified 1.0.0 - */ - this.verifyWithMessageHash = function(sHashHex, hSigVal) { - var p = this.p; - var q = this.q; - var g = this.g; - var y = this.y; - - // 1. parse ASN.1 signature - var s1s2 = this.parseASN1Signature(hSigVal); - var s1 = s1s2[0]; - var s2 = s1s2[1]; - - // 2. trim message hash - var sHashHex = sHashHex.substr(0, q.bitLength() / 4); - var hash = new BigInteger(sHashHex, 16); - - if (BigInteger.ZERO.compareTo(s1) > 0 || - s1.compareTo(q) > 0 || - BigInteger.ZERO.compareTo(s2) > 0 || - s2.compareTo(q) > 0) { - throw "invalid DSA signature"; - } - var w = s2.modInverse(q); - var u1 = hash.multiply(w).mod(q); - var u2 = s1.multiply(w).mod(q); - var dopublic = g.modPow(u1,p).multiply(y.modPow(u2,p)).mod(p).mod(q); - return dopublic.compareTo(s1) == 0; - }; - - /** - * parse hexadecimal ASN.1 DSA signature value - * @name parseASN1Signature - * @memberOf KJUR.crypto.DSA - * @function - * @param {String} hSigVal hexadecimal string of ASN.1 encoded DSA signature value - * @return {Array} array [s1, s2] of DSA signature value. Both s1 and s2 are BigInteger. - * @since dsa-modified 1.0.0 - */ - this.parseASN1Signature = function(hSigVal) { - try { - var s1 = new BigInteger(ASN1HEX.getVbyList(hSigVal, 0, [0], "02"), 16); - var s2 = new BigInteger(ASN1HEX.getVbyList(hSigVal, 0, [1], "02"), 16); - return [s1, s2]; - } catch (ex) { - throw "malformed DSA signature"; - } - } - - // s1 = ((g**s) mod p) mod q - // s1 = ((s**-1)*(sha-1(m)+(s1*x) mod q) - function sign(hashalgo, m, g, p, q, x) { - // If the output size of the chosen hash is larger than the number of - // bits of q, the hash result is truncated to fit by taking the number - // of leftmost bits equal to the number of bits of q. This (possibly - // truncated) hash function result is treated as a number and used - // directly in the DSA signature algorithm. - - var hashHex = KJUR.crypto.Util.hashString(m, hashalgo.toLowerCase()); - var hashHex = hashHex.substr(0, q.bitLength() / 4); - var hash = new BigInteger(hashHex, 16); - - var k = getRandomBigIntegerInRange(BigInteger.ONE.add(BigInteger.ONE), - q.subtract(BigInteger.ONE)); - var s1 = (g.modPow(k,p)).mod(q); - var s2 = (k.modInverse(q).multiply(hash.add(x.multiply(s1)))).mod(q); - var result = new Array(); - result[0] = s1; - result[1] = s2; - return result; - } - - function select_hash_algorithm(q) { - var usersetting = openpgp.config.config.prefer_hash_algorithm; - /* - * 1024-bit key, 160-bit q, SHA-1, SHA-224, SHA-256, SHA-384, or SHA-512 hash - * 2048-bit key, 224-bit q, SHA-224, SHA-256, SHA-384, or SHA-512 hash - * 2048-bit key, 256-bit q, SHA-256, SHA-384, or SHA-512 hash - * 3072-bit key, 256-bit q, SHA-256, SHA-384, or SHA-512 hash - */ - switch (Math.round(q.bitLength() / 8)) { - case 20: // 1024 bit - if (usersetting != 2 && - usersetting > 11 && - usersetting != 10 && - usersetting < 8) - return 2; // prefer sha1 - return usersetting; - case 28: // 2048 bit - if (usersetting > 11 && - usersetting < 8) - return 11; - return usersetting; - case 32: // 4096 bit // prefer sha224 - if (usersetting > 10 && - usersetting < 8) - return 8; // prefer sha256 - return usersetting; - default: - util.print_debug("DSA select hash algorithm: returning null for an unknown length of q"); - return null; - - } - } - this.select_hash_algorithm = select_hash_algorithm; - - function verify(hashalgo, s1,s2,m,p,q,g,y) { - var hashHex = KJUR.crypto.Util.hashString(m, hashalgo.toLowerCase()); - var hashHex = hashHex.substr(0, q.bitLength() / 4); - var hash = new BigInteger(hashHex, 16); - - if (BigInteger.ZERO.compareTo(s1) > 0 || - s1.compareTo(q) > 0 || - BigInteger.ZERO.compareTo(s2) > 0 || - s2.compareTo(q) > 0) { - util.print_error("invalid DSA Signature"); - return null; - } - var w = s2.modInverse(q); - var u1 = hash.multiply(w).mod(q); - var u2 = s1.multiply(w).mod(q); - var dopublic = g.modPow(u1,p).multiply(y.modPow(u2,p)).mod(p).mod(q); - return dopublic.compareTo(s1) == 0; - } - - /* - * unused code. This can be used as a start to write a key generator - * function. - */ - function generateKey(bitcount) { - var qi = new BigInteger(bitcount, primeCenterie); - var pi = generateP(q, 512); - var gi = generateG(p, q, bitcount); - var xi; - do { - xi = new BigInteger(q.bitCount(), rand); - } while (x.compareTo(BigInteger.ZERO) != 1 && x.compareTo(q) != -1); - var yi = g.modPow(x, p); - return {x: xi, q: qi, p: pi, g: gi, y: yi}; - } - - function generateP(q, bitlength, randomfn) { - if (bitlength % 64 != 0) { - return false; - } - var pTemp; - var pTemp2; - do { - pTemp = randomfn(bitcount, true); - pTemp2 = pTemp.subtract(BigInteger.ONE); - pTemp = pTemp.subtract(pTemp2.remainder(q)); - } while (!pTemp.isProbablePrime(primeCenterie) || pTemp.bitLength() != l); - return pTemp; - } - - function generateG(p, q, bitlength, randomfn) { - var aux = p.subtract(BigInteger.ONE); - var pow = aux.divide(q); - var gTemp; - do { - gTemp = randomfn(bitlength); - } while (gTemp.compareTo(aux) != -1 && gTemp.compareTo(BigInteger.ONE) != 1); - return gTemp.modPow(pow, p); - } - - function generateK(q, bitlength, randomfn) { - var tempK; - do { - tempK = randomfn(bitlength, false); - } while (tempK.compareTo(q) != -1 && tempK.compareTo(BigInteger.ZERO) != 1); - return tempK; - } - - function generateR(q,p) { - k = generateK(q); - var r = g.modPow(k, p).mod(q); - return r; - } - - function generateS(hashfn,k,r,m,q,x) { - var hash = hashfn(m); - s = (k.modInverse(q).multiply(hash.add(x.multiply(r)))).mod(q); - return s; - } - this.sign = sign; - this.verify = verify; - // this.generate = generateKey; - - // - // METHODS FROM - // https://github.com/openpgpjs/openpgpjs/blob/master/src/ciphers/openpgp.crypto.js - // - function getRandomBigIntegerInRange(min, max) { - if (max.compareTo(min) <= 0) - return; - var range = max.subtract(min); - var r = getRandomBigInteger(range.bitLength()); - while (r > range) { - r = getRandomBigInteger(range.bitLength()); - } - return min.add(r); - } - - function getRandomBigInteger(bits) { - if (bits < 0) - return null; - var numBytes = Math.floor((bits+7)/8); - - var randomBits = getRandomBytes(numBytes); - if (bits % 8 > 0) { - randomBits = String.fromCharCode((Math.pow(2,bits % 8)-1) & - randomBits.charCodeAt(0)) + - randomBits.substring(1); - } - return new BigInteger(hexstrdump(randomBits), 16); - } - - function getRandomBytes(length) { - var result = ''; - for (var i = 0; i < length; i++) { - result += String.fromCharCode(getSecureRandomOctet()); - } - return result; - } - - function getSecureRandomOctet() { - var buf = new Uint32Array(1); - window.crypto.getRandomValues(buf); - return buf[0] & 0xFF; - } - - // https://github.com/openpgpjs/openpgpjs/blob/master/src/util/util.js - function hexstrdump(str) { - if (str == null) - return ""; - var r=[]; - var e=str.length; - var c=0; - var h; - while(c - Copyright (C) - - This library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 2.1 of the License, or (at your option) any later version. - - This library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with this library; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - -Also add information on how to contact you by electronic and paper mail. - -You should also get your employer (if you work as a programmer) or your -school, if any, to sign a "copyright disclaimer" for the library, if -necessary. Here is a sample; alter the names: - - Yoyodyne, Inc., hereby disclaims all copyright interest in the - library `Frob' (a library for tweaking knobs) written by James Random Hacker. - - , 1 April 1990 - Ty Coon, President of Vice - -That's all there is to it! diff --git a/index.html b/index.html index ee7e30ff..34cd5407 100755 --- a/index.html +++ b/index.html @@ -227,7 +227,6 @@

DEPENDENCY

  • Tom Wu's jsbn library - BigInteger, RSA and ECC
  • BitcoinJS library - ECDSA signature algorithm
  • CryptoJS - symmetric key encryption algorithms, message digest, message authentication codes and PBKDF
    • -
  • OpenPGP.js - DSA signature algorithm
  • Yahoo YUI library - for class inheritance

    diff --git a/jsrsasign-latest-all-min.js b/jsrsasign-latest-all-min.js index 5c7136fe..a4a472c1 100644 --- a/jsrsasign-latest-all-min.js +++ b/jsrsasign-latest-all-min.js @@ -1,5 +1,5 @@ /* - * jsrsasign 6.2.3 (2016-11-29) (c) 2010-2016 Kenji Urushima | kjur.github.com/jsrsasign/license + * jsrsasign 7.0.0 (2016-12-25) (c) 2010-2016 Kenji Urushima | kjur.github.com/jsrsasign/license */ /* @@ -230,9 +230,9 @@ var jsonParse=(function(){var e="(?:-?\\b(?:0|[1-9][0-9]*)(?:\\.[0-9]+)?(?:[eE][ /*! asn1-1.0.12.js (c) 2013-2016 Kenji Urushima | kjur.github.com/jsrsasign/license */ if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}KJUR.asn1.ASN1Util=new function(){this.integerToByteHex=function(a){var b=a.toString(16);if((b.length%2)==1){b="0"+b}return b};this.bigIntToMinTwosComplementsHex=function(j){var f=j.toString(16);if(f.substr(0,1)!="-"){if(f.length%2==1){f="0"+f}else{if(!f.match(/^[0-7]/)){f="00"+f}}}else{var a=f.substr(1);var e=a.length;if(e%2==1){e+=1}else{if(!f.match(/^[0-7]/)){e+=2}}var g="";for(var d=0;d15){throw"ASN.1 length too long to represent by 8x: n = "+i.toString(16)}var f=128+g;return f.toString(16)+h}};this.getEncodedHex=function(){if(this.hTLV==null||this.isModified){this.hV=this.getFreshValueHex();this.hL=this.getLengthHexFromValue();this.hTLV=this.hT+this.hL+this.hV;this.isModified=false}return this.hTLV};this.getValueHex=function(){this.getEncodedHex();return this.hV};this.getFreshValueHex=function(){return""}};KJUR.asn1.DERAbstractString=function(c){KJUR.asn1.DERAbstractString.superclass.constructor.call(this);var b=null;var a=null;this.getString=function(){return this.s};this.setString=function(d){this.hTLV=null;this.isModified=true;this.s=d;this.hV=stohex(this.s)};this.setStringHex=function(d){this.hTLV=null;this.isModified=true;this.s=null;this.hV=d};this.getFreshValueHex=function(){return this.hV};if(typeof c!="undefined"){if(typeof c=="string"){this.setString(c)}else{if(typeof c.str!="undefined"){this.setString(c.str)}else{if(typeof c.hex!="undefined"){this.setStringHex(c.hex)}}}}};YAHOO.lang.extend(KJUR.asn1.DERAbstractString,KJUR.asn1.ASN1Object);KJUR.asn1.DERAbstractTime=function(c){KJUR.asn1.DERAbstractTime.superclass.constructor.call(this);var b=null;var a=null;this.localDateToUTC=function(f){utc=f.getTime()+(f.getTimezoneOffset()*60000);var e=new Date(utc);return e};this.formatDate=function(m,o,e){var g=this.zeroPadding;var n=this.localDateToUTC(m);var p=String(n.getFullYear());if(o=="utc"){p=p.substr(2,2)}var l=g(String(n.getMonth()+1),2);var q=g(String(n.getDate()),2);var h=g(String(n.getHours()),2);var i=g(String(n.getMinutes()),2);var j=g(String(n.getSeconds()),2);var r=p+l+q+h+i+j;if(e===true){var f=n.getMilliseconds();if(f!=0){var k=g(String(f),3);k=k.replace(/[0]+$/,"");r=r+"."+k}}return r+"Z"};this.zeroPadding=function(e,d){if(e.length>=d){return e}return new Array(d-e.length+1).join("0")+e};this.getString=function(){return this.s};this.setString=function(d){this.hTLV=null;this.isModified=true;this.s=d;this.hV=stohex(d)};this.setByDateValue=function(h,j,e,d,f,g){var i=new Date(Date.UTC(h,j-1,e,d,f,g,0));this.setByDate(i)};this.getFreshValueHex=function(){return this.hV}};YAHOO.lang.extend(KJUR.asn1.DERAbstractTime,KJUR.asn1.ASN1Object);KJUR.asn1.DERAbstractStructured=function(b){KJUR.asn1.DERAbstractString.superclass.constructor.call(this);var a=null;this.setByASN1ObjectArray=function(c){this.hTLV=null;this.isModified=true;this.asn1Array=c};this.appendASN1Object=function(c){this.hTLV=null;this.isModified=true;this.asn1Array.push(c)};this.asn1Array=new Array();if(typeof b!="undefined"){if(typeof b.array!="undefined"){this.asn1Array=b.array}}};YAHOO.lang.extend(KJUR.asn1.DERAbstractStructured,KJUR.asn1.ASN1Object);KJUR.asn1.DERBoolean=function(){KJUR.asn1.DERBoolean.superclass.constructor.call(this);this.hT="01";this.hTLV="0101ff"};YAHOO.lang.extend(KJUR.asn1.DERBoolean,KJUR.asn1.ASN1Object);KJUR.asn1.DERInteger=function(a){KJUR.asn1.DERInteger.superclass.constructor.call(this);this.hT="02";this.setByBigInteger=function(b){this.hTLV=null;this.isModified=true;this.hV=KJUR.asn1.ASN1Util.bigIntToMinTwosComplementsHex(b)};this.setByInteger=function(c){var b=new BigInteger(String(c),10);this.setByBigInteger(b)};this.setValueHex=function(b){this.hV=b};this.getFreshValueHex=function(){return this.hV};if(typeof a!="undefined"){if(typeof a.bigint!="undefined"){this.setByBigInteger(a.bigint)}else{if(typeof a["int"]!="undefined"){this.setByInteger(a["int"])}else{if(typeof a=="number"){this.setByInteger(a)}else{if(typeof a.hex!="undefined"){this.setValueHex(a.hex)}}}}}};YAHOO.lang.extend(KJUR.asn1.DERInteger,KJUR.asn1.ASN1Object);KJUR.asn1.DERBitString=function(b){if(b!==undefined&&typeof b.obj!=="undefined"){var a=KJUR.asn1.ASN1Util.newObject(b.obj);b.hex="00"+a.getEncodedHex()}KJUR.asn1.DERBitString.superclass.constructor.call(this);this.hT="03";this.setHexValueIncludingUnusedBits=function(c){this.hTLV=null;this.isModified=true;this.hV=c};this.setUnusedBitsAndHexValue=function(c,e){if(c<0||7=(b*2))){break}if(d>=200){break}c.push(e);g=e;d++}return c};ASN1HEX.getNthChildIndex_AtObj=function(d,b,e){var c=ASN1HEX.getPosArrayOfChildren_AtObj(d,b);return c[e]};ASN1HEX.getDecendantIndexByNthList=function(e,d,c){if(c.length==0){return d}var f=c.shift();var b=ASN1HEX.getPosArrayOfChildren_AtObj(e,d);return ASN1HEX.getDecendantIndexByNthList(e,b[f],c)};ASN1HEX.getDecendantHexTLVByNthList=function(d,c,b){var a=ASN1HEX.getDecendantIndexByNthList(d,c,b);return ASN1HEX.getHexOfTLV_AtObj(d,a)};ASN1HEX.getDecendantHexVByNthList=function(d,c,b){var a=ASN1HEX.getDecendantIndexByNthList(d,c,b);return ASN1HEX.getHexOfV_AtObj(d,a)};ASN1HEX.getVbyList=function(d,c,b,e){var a=ASN1HEX.getDecendantIndexByNthList(d,c,b);if(a===undefined){throw"can't find nthList object"}if(e!==undefined){if(d.substr(a,2)!=e){throw"checking tag doesn't match: "+d.substr(a,2)+"!="+e}}return ASN1HEX.getHexOfV_AtObj(d,a)};ASN1HEX.hextooidstr=function(e){var h=function(b,a){if(b.length>=a){return b}return new Array(a-b.length+1).join("0")+b};var l=[];var o=e.substr(0,2);var f=parseInt(o,16);l[0]=new String(Math.floor(f/40));l[1]=new String(f%40);var m=e.substr(2);var k=[];for(var g=0;g0){n=n+"."+j.join(".")}return n};ASN1HEX.dump=function(e,c,k,g){var o=function(w,i){if(w.length<=i*2){return w}else{var v=w.substr(0,i)+"..(total "+w.length/2+"bytes).."+w.substr(w.length-i,i);return v}};if(c===undefined){c={ommit_long_octet:32}}if(k===undefined){k=0}if(g===undefined){g=""}var r=c.ommit_long_octet;if(e.substr(k,2)=="01"){var h=ASN1HEX.getHexOfV_AtObj(e,k);if(h=="00"){return g+"BOOLEAN FALSE\n"}else{return g+"BOOLEAN TRUE\n"}}if(e.substr(k,2)=="02"){var h=ASN1HEX.getHexOfV_AtObj(e,k);return g+"INTEGER "+o(h,r)+"\n"}if(e.substr(k,2)=="03"){var h=ASN1HEX.getHexOfV_AtObj(e,k);return g+"BITSTRING "+o(h,r)+"\n"}if(e.substr(k,2)=="04"){var h=ASN1HEX.getHexOfV_AtObj(e,k);if(ASN1HEX.isASN1HEX(h)){var j=g+"OCTETSTRING, encapsulates\n";j=j+ASN1HEX.dump(h,c,0,g+" ");return j}else{return g+"OCTETSTRING "+o(h,r)+"\n"}}if(e.substr(k,2)=="05"){return g+"NULL\n"}if(e.substr(k,2)=="06"){var l=ASN1HEX.getHexOfV_AtObj(e,k);var a=KJUR.asn1.ASN1Util.oidHexToInt(l);var n=KJUR.asn1.x509.OID.oid2name(a);var b=a.replace(/\./g," ");if(n!=""){return g+"ObjectIdentifier "+n+" ("+b+")\n"}else{return g+"ObjectIdentifier ("+b+")\n"}}if(e.substr(k,2)=="0c"){return g+"UTF8String '"+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"'\n"}if(e.substr(k,2)=="13"){return g+"PrintableString '"+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"'\n"}if(e.substr(k,2)=="14"){return g+"TeletexString '"+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"'\n"}if(e.substr(k,2)=="16"){return g+"IA5String '"+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"'\n"}if(e.substr(k,2)=="17"){return g+"UTCTime "+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"\n"}if(e.substr(k,2)=="18"){return g+"GeneralizedTime "+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"\n"}if(e.substr(k,2)=="30"){if(e.substr(k,4)=="3000"){return g+"SEQUENCE {}\n"}var j=g+"SEQUENCE\n";var d=ASN1HEX.getPosArrayOfChildren_AtObj(e,k);var f=c;if((d.length==2||d.length==3)&&e.substr(d[0],2)=="06"&&e.substr(d[d.length-1],2)=="04"){var t=ASN1HEX.getHexOfV_AtObj(e,d[0]);var a=KJUR.asn1.ASN1Util.oidHexToInt(t);var n=KJUR.asn1.x509.OID.oid2name(a);var p=JSON.parse(JSON.stringify(c));p.x509ExtName=n;f=p}for(var q=0;q=(b*2))){break}if(d>=200){break}c.push(e);g=e;d++}return c};ASN1HEX.getNthChildIndex_AtObj=function(d,b,e){var c=ASN1HEX.getPosArrayOfChildren_AtObj(d,b);return c[e]};ASN1HEX.getDecendantIndexByNthList=function(e,d,c){if(c.length==0){return d}var f=c.shift();var b=ASN1HEX.getPosArrayOfChildren_AtObj(e,d);return ASN1HEX.getDecendantIndexByNthList(e,b[f],c)};ASN1HEX.getDecendantHexTLVByNthList=function(d,c,b){var a=ASN1HEX.getDecendantIndexByNthList(d,c,b);return ASN1HEX.getHexOfTLV_AtObj(d,a)};ASN1HEX.getDecendantHexVByNthList=function(d,c,b){var a=ASN1HEX.getDecendantIndexByNthList(d,c,b);return ASN1HEX.getHexOfV_AtObj(d,a)};ASN1HEX.getVbyList=function(d,c,b,e){var a=ASN1HEX.getDecendantIndexByNthList(d,c,b);if(a===undefined){throw"can't find nthList object"}if(e!==undefined){if(d.substr(a,2)!=e){throw"checking tag doesn't match: "+d.substr(a,2)+"!="+e}}return ASN1HEX.getHexOfV_AtObj(d,a)};ASN1HEX.hextooidstr=function(e){var h=function(b,a){if(b.length>=a){return b}return new Array(a-b.length+1).join("0")+b};var l=[];var o=e.substr(0,2);var f=parseInt(o,16);l[0]=new String(Math.floor(f/40));l[1]=new String(f%40);var m=e.substr(2);var k=[];for(var g=0;g0){n=n+"."+j.join(".")}return n};ASN1HEX.dump=function(q,c,k,g){var e=q;if(q instanceof KJUR.asn1.ASN1Object){e=q.getEncodedHex()}var o=function(x,i){if(x.length<=i*2){return x}else{var v=x.substr(0,i)+"..(total "+x.length/2+"bytes).."+x.substr(x.length-i,i);return v}};if(c===undefined){c={ommit_long_octet:32}}if(k===undefined){k=0}if(g===undefined){g=""}var t=c.ommit_long_octet;if(e.substr(k,2)=="01"){var h=ASN1HEX.getHexOfV_AtObj(e,k);if(h=="00"){return g+"BOOLEAN FALSE\n"}else{return g+"BOOLEAN TRUE\n"}}if(e.substr(k,2)=="02"){var h=ASN1HEX.getHexOfV_AtObj(e,k);return g+"INTEGER "+o(h,t)+"\n"}if(e.substr(k,2)=="03"){var h=ASN1HEX.getHexOfV_AtObj(e,k);return g+"BITSTRING "+o(h,t)+"\n"}if(e.substr(k,2)=="04"){var h=ASN1HEX.getHexOfV_AtObj(e,k);if(ASN1HEX.isASN1HEX(h)){var j=g+"OCTETSTRING, encapsulates\n";j=j+ASN1HEX.dump(h,c,0,g+" ");return j}else{return g+"OCTETSTRING "+o(h,t)+"\n"}}if(e.substr(k,2)=="05"){return g+"NULL\n"}if(e.substr(k,2)=="06"){var l=ASN1HEX.getHexOfV_AtObj(e,k);var a=KJUR.asn1.ASN1Util.oidHexToInt(l);var n=KJUR.asn1.x509.OID.oid2name(a);var b=a.replace(/\./g," ");if(n!=""){return g+"ObjectIdentifier "+n+" ("+b+")\n"}else{return g+"ObjectIdentifier ("+b+")\n"}}if(e.substr(k,2)=="0c"){return g+"UTF8String '"+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"'\n"}if(e.substr(k,2)=="13"){return g+"PrintableString '"+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"'\n"}if(e.substr(k,2)=="14"){return g+"TeletexString '"+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"'\n"}if(e.substr(k,2)=="16"){return g+"IA5String '"+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"'\n"}if(e.substr(k,2)=="17"){return g+"UTCTime "+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"\n"}if(e.substr(k,2)=="18"){return g+"GeneralizedTime "+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"\n"}if(e.substr(k,2)=="30"){if(e.substr(k,4)=="3000"){return g+"SEQUENCE {}\n"}var j=g+"SEQUENCE\n";var d=ASN1HEX.getPosArrayOfChildren_AtObj(e,k);var f=c;if((d.length==2||d.length==3)&&e.substr(d[0],2)=="06"&&e.substr(d[d.length-1],2)=="04"){var u=ASN1HEX.getHexOfV_AtObj(e,d[0]);var a=KJUR.asn1.ASN1Util.oidHexToInt(u);var n=KJUR.asn1.x509.OID.oid2name(a);var p=JSON.parse(JSON.stringify(c));p.x509ExtName=n;f=p}for(var r=0;r0){var d=new KJUR.asn1.DERSequence({array:this.extensionsArray});var b=new KJUR.asn1.DERTaggedObject({explicit:true,tag:"a3",obj:d});this.asn1Array.push(b)}var e=new KJUR.asn1.DERSequence({array:this.asn1Array});this.hTLV=e.getEncodedHex();this.isModified=false;return this.hTLV};this._initialize()};YAHOO.lang.extend(KJUR.asn1.x509.TBSCertificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Extension=function(b){KJUR.asn1.x509.Extension.superclass.constructor.call(this);var a=null;this.getEncodedHex=function(){var f=new KJUR.asn1.DERObjectIdentifier({oid:this.oid});var e=new KJUR.asn1.DEROctetString({hex:this.getExtnValueHex()});var d=new Array();d.push(f);if(this.critical){d.push(new KJUR.asn1.DERBoolean())}d.push(e);var c=new KJUR.asn1.DERSequence({array:d});return c.getEncodedHex()};this.critical=false;if(typeof b!="undefined"){if(typeof b.critical!="undefined"){this.critical=b.critical}}};YAHOO.lang.extend(KJUR.asn1.x509.Extension,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Extension.appendByNameToArray=function(e,c,b){if(e.toLowerCase()=="basicconstraints"){var d=new KJUR.asn1.x509.BasicConstraints(c);b.push(d)}else{if(e.toLowerCase()=="keyusage"){var d=new KJUR.asn1.x509.KeyUsage(c);b.push(d)}else{if(e.toLowerCase()=="crldistributionpoints"){var d=new KJUR.asn1.x509.CRLDistributionPoints(c);b.push(d)}else{if(e.toLowerCase()=="extkeyusage"){var d=new KJUR.asn1.x509.ExtKeyUsage(c);b.push(d)}else{if(e.toLowerCase()=="authoritykeyidentifier"){var d=new KJUR.asn1.x509.AuthorityKeyIdentifier(c);b.push(d)}else{if(e.toLowerCase()=="authorityinfoaccess"){var d=new KJUR.asn1.x509.AuthorityInfoAccess(c);b.push(d)}else{if(e.toLowerCase()=="subjectaltname"){var d=new KJUR.asn1.x509.SubjectAltName(c);b.push(d)}else{if(e.toLowerCase()=="issueraltname"){var d=new KJUR.asn1.x509.IssuerAltName(c);b.push(d)}else{throw"unsupported extension name: "+e}}}}}}}}};KJUR.asn1.x509.KeyUsage=function(a){KJUR.asn1.x509.KeyUsage.superclass.constructor.call(this,a);this.getExtnValueHex=function(){return this.asn1ExtnValue.getEncodedHex()};this.oid="2.5.29.15";if(typeof a!="undefined"){if(typeof a.bin!="undefined"){this.asn1ExtnValue=new KJUR.asn1.DERBitString(a)}}};YAHOO.lang.extend(KJUR.asn1.x509.KeyUsage,KJUR.asn1.x509.Extension);KJUR.asn1.x509.BasicConstraints=function(c){KJUR.asn1.x509.BasicConstraints.superclass.constructor.call(this,c);var a=false;var b=-1;this.getExtnValueHex=function(){var e=new Array();if(this.cA){e.push(new KJUR.asn1.DERBoolean())}if(this.pathLen>-1){e.push(new KJUR.asn1.DERInteger({"int":this.pathLen}))}var d=new KJUR.asn1.DERSequence({array:e});this.asn1ExtnValue=d;return this.asn1ExtnValue.getEncodedHex()};this.oid="2.5.29.19";this.cA=false;this.pathLen=-1;if(typeof c!="undefined"){if(typeof c.cA!="undefined"){this.cA=c.cA}if(typeof c.pathLen!="undefined"){this.pathLen=c.pathLen}}};YAHOO.lang.extend(KJUR.asn1.x509.BasicConstraints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRLDistributionPoints=function(a){KJUR.asn1.x509.CRLDistributionPoints.superclass.constructor.call(this,a);this.getExtnValueHex=function(){return this.asn1ExtnValue.getEncodedHex()};this.setByDPArray=function(b){this.asn1ExtnValue=new KJUR.asn1.DERSequence({array:b})};this.setByOneURI=function(e){var b=new KJUR.asn1.x509.GeneralNames([{uri:e}]);var d=new KJUR.asn1.x509.DistributionPointName(b);var c=new KJUR.asn1.x509.DistributionPoint({dpobj:d});this.setByDPArray([c])};this.oid="2.5.29.31";if(typeof a!="undefined"){if(typeof a.array!="undefined"){this.setByDPArray(a.array)}else{if(typeof a.uri!="undefined"){this.setByOneURI(a.uri)}}}};YAHOO.lang.extend(KJUR.asn1.x509.CRLDistributionPoints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.ExtKeyUsage=function(a){KJUR.asn1.x509.ExtKeyUsage.superclass.constructor.call(this,a);this.setPurposeArray=function(b){this.asn1ExtnValue=new KJUR.asn1.DERSequence();for(var c=0;c0){var c=new KJUR.asn1.DERSequence({array:this.aRevokedCert});this.asn1Array.push(c)}var d=new KJUR.asn1.DERSequence({array:this.asn1Array});this.hTLV=d.getEncodedHex();this.isModified=false;return this.hTLV};this._initialize=function(){this.asn1Version=null;this.asn1SignatureAlg=null;this.asn1Issuer=null;this.asn1ThisUpdate=null;this.asn1NextUpdate=null;this.aRevokedCert=new Array()};this._initialize()};YAHOO.lang.extend(KJUR.asn1.x509.TBSCertList,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CRLEntry=function(c){KJUR.asn1.x509.CRLEntry.superclass.constructor.call(this);var b=null;var a=null;this.setCertSerial=function(d){this.sn=new KJUR.asn1.DERInteger(d)};this.setRevocationDate=function(d){this.time=new KJUR.asn1.x509.Time(d)};this.getEncodedHex=function(){var d=new KJUR.asn1.DERSequence({array:[this.sn,this.time]});this.TLV=d.getEncodedHex();return this.TLV};if(typeof c!="undefined"){if(typeof c.time!="undefined"){this.setRevocationDate(c.time)}if(typeof c.sn!="undefined"){this.setCertSerial(c.sn)}}};YAHOO.lang.extend(KJUR.asn1.x509.CRLEntry,KJUR.asn1.ASN1Object);KJUR.asn1.x509.X500Name=function(b){KJUR.asn1.x509.X500Name.superclass.constructor.call(this);this.asn1Array=new Array();this.setByString=function(c){var d=c.split("/");d.shift();for(var e=0;e0;f++){var h=c.shift();if(e===true){var d=b.pop();var j=(d+","+h).replace(/\\,/g,",");b.push(j);e=false}else{b.push(h)}if(h.substr(-1,1)==="\\"){e=true}}b=b.map(function(a){return a.replace("/","\\/")});b.reverse();return"/"+b.join("/")};KJUR.asn1.x509.RDN=function(a){KJUR.asn1.x509.RDN.superclass.constructor.call(this);this.asn1Array=new Array();this.addByString=function(b){this.asn1Array.push(new KJUR.asn1.x509.AttributeTypeAndValue({str:b}))};this.addByMultiValuedString=function(d){var b=KJUR.asn1.x509.RDN.parseString(d);for(var c=0;c0;g++){var k=j.shift();if(h===true){var f=c.pop();var d=(f+"+"+k).replace(/\\\+/g,"+");c.push(d);h=false}else{c.push(k)}if(k.substr(-1,1)==="\\"){h=true}}var l=false;var b=[];for(var g=0;c.length>0;g++){var k=c.shift();if(l===true){var e=b.pop();if(k.match(/"$/)){var d=(e+"+"+k).replace(/^([^=]+)="(.*)"$/,"$1=$2");b.push(d);l=false}else{b.push(e+"+"+k)}}else{b.push(k)}if(k.match(/^[^=]+="/)){l=true}}return b};KJUR.asn1.x509.AttributeTypeAndValue=function(b){KJUR.asn1.x509.AttributeTypeAndValue.superclass.constructor.call(this);var d=null;var c=null;var a="utf8";this.setByString=function(f){var e=f.match(/^([^=]+)=(.+)$/);if(e){this.setByAttrTypeAndValueStr(e[1],e[2])}else{throw"malformed attrTypeAndValueStr: "+f}};this.setByAttrTypeAndValueStr=function(g,f){this.typeObj=KJUR.asn1.x509.OID.atype2obj(g);var e=a;if(g=="C"){e="prn"}this.valueObj=this.getValueObj(e,f)};this.getValueObj=function(f,e){if(f=="utf8"){return new KJUR.asn1.DERUTF8String({str:e})}if(f=="prn"){return new KJUR.asn1.DERPrintableString({str:e})}if(f=="tel"){return new KJUR.asn1.DERTeletexString({str:e})}if(f=="ia5"){return new KJUR.asn1.DERIA5String({str:e})}throw"unsupported directory string type: type="+f+" value="+e};this.getEncodedHex=function(){var e=new KJUR.asn1.DERSequence({array:[this.typeObj,this.valueObj]});this.TLV=e.getEncodedHex();return this.TLV};if(typeof b!="undefined"){if(typeof b.str!="undefined"){this.setByString(b.str)}}};YAHOO.lang.extend(KJUR.asn1.x509.AttributeTypeAndValue,KJUR.asn1.ASN1Object);KJUR.asn1.x509.SubjectPublicKeyInfo=function(d){KJUR.asn1.x509.SubjectPublicKeyInfo.superclass.constructor.call(this);var b=null;var c=null;var a=null;this.setRSAKey=function(e){if(!RSAKey.prototype.isPrototypeOf(e)){throw"argument is not RSAKey instance"}this.rsaKey=e;var g=new KJUR.asn1.DERInteger({bigint:e.n});var f=new KJUR.asn1.DERInteger({"int":e.e});var i=new KJUR.asn1.DERSequence({array:[g,f]});var h=i.getEncodedHex();this.asn1AlgId=new KJUR.asn1.x509.AlgorithmIdentifier({name:"rsaEncryption"});this.asn1SubjPKey=new KJUR.asn1.DERBitString({hex:"00"+h})};this.setRSAPEM=function(g){if(g.match(/-----BEGIN PUBLIC KEY-----/)){var n=g;n=n.replace(/^-----[^-]+-----/,"");n=n.replace(/-----[^-]+-----\s*$/,"");var m=n.replace(/\s+/g,"");var f=CryptoJS.enc.Base64.parse(m);var i=CryptoJS.enc.Hex.stringify(f);var k=_rsapem_getHexValueArrayOfChildrenFromHex(i);var h=k[1];var l=h.substr(2);var e=_rsapem_getHexValueArrayOfChildrenFromHex(l);var j=new RSAKey();j.setPublic(e[0],e[1]);this.setRSAKey(j)}else{throw"key not supported"}};this.getASN1Object=function(){if(this.asn1AlgId==null||this.asn1SubjPKey==null){throw"algId and/or subjPubKey not set"}var e=new KJUR.asn1.DERSequence({array:[this.asn1AlgId,this.asn1SubjPKey]});return e};this.getEncodedHex=function(){var e=this.getASN1Object();this.hTLV=e.getEncodedHex();return this.hTLV};this._setRSAKey=function(e){var g=KJUR.asn1.ASN1Util.newObject({seq:[{"int":{bigint:e.n}},{"int":{"int":e.e}}]});var f=g.getEncodedHex();this.asn1AlgId=new KJUR.asn1.x509.AlgorithmIdentifier({name:"rsaEncryption"});this.asn1SubjPKey=new KJUR.asn1.DERBitString({hex:"00"+f})};this._setEC=function(e){var f=new KJUR.asn1.DERObjectIdentifier({name:e.curveName});this.asn1AlgId=new KJUR.asn1.x509.AlgorithmIdentifier({name:"ecPublicKey",asn1params:f});this.asn1SubjPKey=new KJUR.asn1.DERBitString({hex:"00"+e.pubKeyHex})};this._setDSA=function(e){var f=new KJUR.asn1.ASN1Util.newObject({seq:[{"int":{bigint:e.p}},{"int":{bigint:e.q}},{"int":{bigint:e.g}}]});this.asn1AlgId=new KJUR.asn1.x509.AlgorithmIdentifier({name:"dsa",asn1params:f});var g=new KJUR.asn1.DERInteger({bigint:e.y});this.asn1SubjPKey=new KJUR.asn1.DERBitString({hex:"00"+g.getEncodedHex()})};if(typeof d!="undefined"){if(typeof RSAKey!="undefined"&&d instanceof RSAKey){this._setRSAKey(d)}else{if(typeof KJUR.crypto.ECDSA!="undefined"&&d instanceof KJUR.crypto.ECDSA){this._setEC(d)}else{if(typeof KJUR.crypto.DSA!="undefined"&&d instanceof KJUR.crypto.DSA){this._setDSA(d)}else{if(typeof d.rsakey!="undefined"){this.setRSAKey(d.rsakey)}else{if(typeof d.rsapem!="undefined"){this.setRSAPEM(d.rsapem)}}}}}}};YAHOO.lang.extend(KJUR.asn1.x509.SubjectPublicKeyInfo,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Time=function(c){KJUR.asn1.x509.Time.superclass.constructor.call(this);var b=null;var a=null;this.setTimeParams=function(d){this.timeParams=d};this.getEncodedHex=function(){var d=null;if(this.timeParams!=null){if(this.type=="utc"){d=new KJUR.asn1.DERUTCTime(this.timeParams)}else{d=new KJUR.asn1.DERGeneralizedTime(this.timeParams)}}else{if(this.type=="utc"){d=new KJUR.asn1.DERUTCTime()}else{d=new KJUR.asn1.DERGeneralizedTime()}}this.TLV=d.getEncodedHex();return this.TLV};this.type="utc";if(typeof c!="undefined"){if(typeof c.type!="undefined"){this.type=c.type}else{if(typeof c.str!="undefined"){if(c.str.match(/^[0-9]{12}Z$/)){this.type="utc"}if(c.str.match(/^[0-9]{14}Z$/)){this.type="gen"}}}this.timeParams=c}};YAHOO.lang.extend(KJUR.asn1.x509.Time,KJUR.asn1.ASN1Object);KJUR.asn1.x509.AlgorithmIdentifier=function(e){KJUR.asn1.x509.AlgorithmIdentifier.superclass.constructor.call(this);var a=null;var d=null;var b=null;var c=false;this.getEncodedHex=function(){if(this.nameAlg==null&&this.asn1Alg==null){throw"algorithm not specified"}if(this.nameAlg!=null&&this.asn1Alg==null){this.asn1Alg=KJUR.asn1.x509.OID.name2obj(this.nameAlg)}var f=[this.asn1Alg];if(!this.paramEmpty){f.push(this.asn1Params)}var g=new KJUR.asn1.DERSequence({array:f});this.hTLV=g.getEncodedHex();return this.hTLV};if(typeof e!="undefined"){if(typeof e.name!="undefined"){this.nameAlg=e.name}if(typeof e.asn1params!="undefined"){this.asn1Params=e.asn1params}if(typeof e.paramempty!="undefined"){this.paramEmpty=e.paramempty}}if(this.asn1Params==null){this.asn1Params=new KJUR.asn1.DERNull()}};YAHOO.lang.extend(KJUR.asn1.x509.AlgorithmIdentifier,KJUR.asn1.ASN1Object);KJUR.asn1.x509.GeneralName=function(d){KJUR.asn1.x509.GeneralName.superclass.constructor.call(this);var c=null;var b=null;var a={rfc822:"81",dns:"82",dn:"a4",uri:"86"};this.explicit=false;this.setByParam=function(k){var j=null;var g=null;if(k===undefined){return}if(k.rfc822!==undefined){this.type="rfc822";g=new KJUR.asn1.DERIA5String({str:k[this.type]})}if(k.dns!==undefined){this.type="dns";g=new KJUR.asn1.DERIA5String({str:k[this.type]})}if(k.uri!==undefined){this.type="uri";g=new KJUR.asn1.DERIA5String({str:k[this.type]})}if(k.dn!==undefined){this.type="dn";g=new KJUR.asn1.x509.X500Name({str:k.dn})}if(k.ldapdn!==undefined){this.type="dn";g=new KJUR.asn1.x509.X500Name({ldapstr:k.ldapdn})}if(k.certissuer!==undefined){this.type="dn";this.explicit=true;var h=k.certissuer;var f=null;if(h.match(/^[0-9A-Fa-f]+$/)){f==h}if(h.indexOf("-----BEGIN ")!=-1){f=X509.pemToHex(h)}if(f==null){throw"certissuer param not cert"}var e=new X509();e.hex=f;var i=e.getIssuerHex();g=new KJUR.asn1.ASN1Object();g.hTLV=i}if(k.certsubj!==undefined){this.type="dn";this.explicit=true;var h=k.certsubj;var f=null;if(h.match(/^[0-9A-Fa-f]+$/)){f==h}if(h.indexOf("-----BEGIN ")!=-1){f=X509.pemToHex(h)}if(f==null){throw"certsubj param not cert"}var e=new X509();e.hex=f;var i=e.getSubjectHex();g=new KJUR.asn1.ASN1Object();g.hTLV=i}if(this.type==null){throw"unsupported type in params="+k}this.asn1Obj=new KJUR.asn1.DERTaggedObject({explicit:this.explicit,tag:a[this.type],obj:g})};this.getEncodedHex=function(){return this.asn1Obj.getEncodedHex()};if(d!==undefined){this.setByParam(d)}};YAHOO.lang.extend(KJUR.asn1.x509.GeneralName,KJUR.asn1.ASN1Object);KJUR.asn1.x509.GeneralNames=function(b){KJUR.asn1.x509.GeneralNames.superclass.constructor.call(this);var a=null;this.setByParamArray=function(e){for(var c=0;ca.length){d=a.length}for(var b=0;bd){throw"key is too short for SigAlg: keylen="+j+","+a}var b="0001";var k="00"+c;var g="";var l=d-b.length-k.length;for(var f=0;fd){throw"key is too short for SigAlg: keylen="+j+","+a}var b="0001";var k="00"+c;var g="";var l=d-b.length-k.length;for(var f=0;f=0;--p){q=q.twice2D();q.z=BigInteger.ONE;if(o.testBit(p)){if(n.testBit(p)){q=q.add2D(t)}else{q=q.add2D(s)}}else{if(n.testBit(p)){q=q.add2D(r)}}}return q}this.getBigRandom=function(i){return new BigInteger(i.bitLength(),a).mod(i.subtract(BigInteger.ONE)).add(BigInteger.ONE)};this.setNamedCurve=function(i){this.ecparams=KJUR.crypto.ECParameterDB.getByName(i);this.prvKeyHex=null;this.pubKeyHex=null;this.curveName=i};this.setPrivateKeyHex=function(i){this.isPrivate=true;this.prvKeyHex=i};this.setPublicKeyHex=function(i){this.isPublic=true;this.pubKeyHex=i};this.getPublicKeyXYHex=function(){var k=this.pubKeyHex;if(k.substr(0,2)!=="04"){throw"this method supports uncompressed format(04) only"}var j=this.ecparams.keylen/4;if(k.length!==2+j*2){throw"malformed public key hex length"}var i={};i.x=k.substr(2,j);i.y=k.substr(2+j);return i};this.getShortNISTPCurveName=function(){var i=this.curveName;if(i==="secp256r1"||i==="NIST P-256"||i==="P-256"||i==="prime256v1"){return"P-256"}if(i==="secp384r1"||i==="NIST P-384"||i==="P-384"){return"P-384"}return null};this.generateKeyPairHex=function(){var k=this.ecparams.n;var n=this.getBigRandom(k);var l=this.ecparams.G.multiply(n);var q=l.getX().toBigInteger();var o=l.getY().toBigInteger();var i=this.ecparams.keylen/4;var m=("0000000000"+n.toString(16)).slice(-i);var r=("0000000000"+q.toString(16)).slice(-i);var p=("0000000000"+o.toString(16)).slice(-i);var j="04"+r+p;this.setPrivateKeyHex(m);this.setPublicKeyHex(j);return{ecprvhex:m,ecpubhex:j}};this.signWithMessageHash=function(i){return this.signHex(i,this.prvKeyHex)};this.signHex=function(o,j){var t=new BigInteger(j,16);var l=this.ecparams.n;var q=new BigInteger(o,16);do{var m=this.getBigRandom(l);var u=this.ecparams.G;var p=u.multiply(m);var i=p.getX().toBigInteger().mod(l)}while(i.compareTo(BigInteger.ZERO)<=0);var v=m.modInverse(l).multiply(q.add(t.multiply(i))).mod(l);return KJUR.crypto.ECDSA.biRSSigToASN1Sig(i,v)};this.sign=function(m,u){var q=u;var j=this.ecparams.n;var p=BigInteger.fromByteArrayUnsigned(m);do{var l=this.getBigRandom(j);var t=this.ecparams.G;var o=t.multiply(l);var i=o.getX().toBigInteger().mod(j)}while(i.compareTo(BigInteger.ZERO)<=0);var v=l.modInverse(j).multiply(p.add(q.multiply(i))).mod(j);return this.serializeSig(i,v)};this.verifyWithMessageHash=function(j,i){return this.verifyHex(j,i,this.pubKeyHex)};this.verifyHex=function(m,i,p){var l,j;var o=KJUR.crypto.ECDSA.parseSigHex(i);l=o.r;j=o.s;var k;k=ECPointFp.decodeFromHex(this.ecparams.curve,p);var n=new BigInteger(m,16);return this.verifyRaw(n,l,j,k)};this.verify=function(o,p,j){var l,i;if(Bitcoin.Util.isArray(p)){var n=this.parseSig(p);l=n.r;i=n.s}else{if("object"===typeof p&&p.r&&p.s){l=p.r;i=p.s}else{throw"Invalid value for signature"}}var k;if(j instanceof ECPointFp){k=j}else{if(Bitcoin.Util.isArray(j)){k=ECPointFp.decodeFrom(this.ecparams.curve,j)}else{throw"Invalid format for pubkey value, must be byte array or ECPointFp"}}var m=BigInteger.fromByteArrayUnsigned(o);return this.verifyRaw(m,l,i,k)};this.verifyRaw=function(o,i,w,m){var l=this.ecparams.n;var u=this.ecparams.G;if(i.compareTo(BigInteger.ONE)<0||i.compareTo(l)>=0){return false}if(w.compareTo(BigInteger.ONE)<0||w.compareTo(l)>=0){return false}var p=w.modInverse(l);var k=o.multiply(p).mod(l);var j=i.multiply(p).mod(l);var q=u.multiply(k).add(m.multiply(j));var t=q.getX().toBigInteger().mod(l);return t.equals(i)};this.serializeSig=function(k,j){var l=k.toByteArraySigned();var i=j.toByteArraySigned();var m=[];m.push(2);m.push(l.length);m=m.concat(l);m.push(2);m.push(i.length);m=m.concat(i);m.unshift(m.length);m.unshift(48);return m};this.parseSig=function(n){var m;if(n[0]!=48){throw new Error("Signature not a valid DERSequence")}m=2;if(n[m]!=2){throw new Error("First element in signature must be a DERInteger")}var l=n.slice(m+2,m+2+n[m+1]);m+=2+n[m+1];if(n[m]!=2){throw new Error("Second element in signature must be a DERInteger")}var i=n.slice(m+2,m+2+n[m+1]);m+=2+n[m+1];var k=BigInteger.fromByteArrayUnsigned(l);var j=BigInteger.fromByteArrayUnsigned(i);return{r:k,s:j}};this.parseSigCompact=function(m){if(m.length!==65){throw"Signature has the wrong length"}var j=m[0]-27;if(j<0||j>7){throw"Invalid signature type"}var o=this.ecparams.n;var l=BigInteger.fromByteArrayUnsigned(m.slice(1,33)).mod(o);var k=BigInteger.fromByteArrayUnsigned(m.slice(33,65)).mod(o);return{r:l,s:k,i:j}};if(h!==undefined){if(h.curve!==undefined){this.curveName=h.curve}}if(this.curveName===undefined){this.curveName=e}this.setNamedCurve(this.curveName);if(h!==undefined){if(h.prv!==undefined){this.setPrivateKeyHex(h.prv)}if(h.pub!==undefined){this.setPublicKeyHex(h.pub)}}};KJUR.crypto.ECDSA.parseSigHex=function(a){var b=KJUR.crypto.ECDSA.parseSigHexInHexRS(a);var d=new BigInteger(b.r,16);var c=new BigInteger(b.s,16);return{r:d,s:c}};KJUR.crypto.ECDSA.parseSigHexInHexRS=function(c){if(c.substr(0,2)!="30"){throw"signature is not a ASN.1 sequence"}var b=ASN1HEX.getPosArrayOfChildren_AtObj(c,0);if(b.length!=2){throw"number of signature ASN.1 sequence elements seem wrong"}var g=b[0];var f=b[1];if(c.substr(g,2)!="02"){throw"1st item of sequene of signature is not ASN.1 integer"}if(c.substr(f,2)!="02"){throw"2nd item of sequene of signature is not ASN.1 integer"}var e=ASN1HEX.getHexOfV_AtObj(c,g);var d=ASN1HEX.getHexOfV_AtObj(c,f);return{r:e,s:d}};KJUR.crypto.ECDSA.asn1SigToConcatSig=function(c){var d=KJUR.crypto.ECDSA.parseSigHexInHexRS(c);var b=d.r;var a=d.s;if(b.substr(0,2)=="00"&&(((b.length/2)*8)%(16*8))==8){b=b.substr(2)}if(a.substr(0,2)=="00"&&(((a.length/2)*8)%(16*8))==8){a=a.substr(2)}if((((b.length/2)*8)%(16*8))!=0){throw"unknown ECDSA sig r length error"}if((((a.length/2)*8)%(16*8))!=0){throw"unknown ECDSA sig s length error"}return b+a};KJUR.crypto.ECDSA.concatSigToASN1Sig=function(a){if((((a.length/2)*8)%(16*8))!=0){throw"unknown ECDSA concatinated r-s sig length error"}var c=a.substr(0,a.length/2);var b=a.substr(a.length/2);return KJUR.crypto.ECDSA.hexRSSigToASN1Sig(c,b)};KJUR.crypto.ECDSA.hexRSSigToASN1Sig=function(b,a){var d=new BigInteger(b,16);var c=new BigInteger(a,16);return KJUR.crypto.ECDSA.biRSSigToASN1Sig(d,c)};KJUR.crypto.ECDSA.biRSSigToASN1Sig=function(e,c){var b=new KJUR.asn1.DERInteger({bigint:e});var a=new KJUR.asn1.DERInteger({bigint:c});var d=new KJUR.asn1.DERSequence({array:[b,a]});return d.getEncodedHex()}; /*! ecparam-1.0.0.js (c) 2013 Kenji Urushima | kjur.github.com/jsrsasign/license */ if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.crypto=="undefined"||!KJUR.crypto){KJUR.crypto={}}KJUR.crypto.ECParameterDB=new function(){var b={};var c={};function a(d){return new BigInteger(d,16)}this.getByName=function(e){var d=e;if(typeof c[d]!="undefined"){d=c[e]}if(typeof b[d]!="undefined"){return b[d]}throw"unregistered EC curve name: "+d};this.regist=function(A,l,o,g,m,e,j,f,k,u,d,x){b[A]={};var s=a(o);var z=a(g);var y=a(m);var t=a(e);var w=a(j);var r=new ECCurveFp(s,z,y);var q=r.decodePointHex("04"+f+k);b[A]["name"]=A;b[A]["keylen"]=l;b[A]["curve"]=r;b[A]["G"]=q;b[A]["n"]=t;b[A]["h"]=w;b[A]["oid"]=d;b[A]["info"]=x;for(var v=0;v0||K.compareTo(u)>0||BigInteger.ZERO.compareTo(J)>0||J.compareTo(u)>0){throw"invalid DSA signature"}var I=J.modInverse(u);var A=D.multiply(I).mod(u);var v=K.multiply(I).mod(u);var F=G.modPow(A,z).multiply(H.modPow(v,z)).mod(z).mod(u);return F.compareTo(K)==0};this.parseASN1Signature=function(u){try{var y=new BigInteger(ASN1HEX.getVbyList(u,0,[0],"02"),16);var v=new BigInteger(ASN1HEX.getVbyList(u,0,[1],"02"),16);return[y,v]}catch(w){throw"malformed DSA signature"}};function d(E,w,B,v,u,C){var z=KJUR.crypto.Util.hashString(w,E.toLowerCase());var z=z.substr(0,u.bitLength()/4);var A=new BigInteger(z,16);var y=n(BigInteger.ONE.add(BigInteger.ONE),u.subtract(BigInteger.ONE));var F=(B.modPow(y,v)).mod(u);var D=(y.modInverse(u).multiply(A.add(C.multiply(F)))).mod(u);var G=new Array();G[0]=F;G[1]=D;return G}function r(v){var u=openpgp.config.config.prefer_hash_algorithm;switch(Math.round(v.bitLength()/8)){case 20:if(u!=2&&u>11&&u!=10&&u<8){return 2}return u;case 28:if(u>11&&u<8){return 11}return u;case 32:if(u>10&&u<8){return 8}return u;default:util.print_debug("DSA select hash algorithm: returning null for an unknown length of q");return null}}this.select_hash_algorithm=r;function m(I,K,J,B,z,u,F,G){var C=KJUR.crypto.Util.hashString(B,I.toLowerCase());var C=C.substr(0,u.bitLength()/4);var D=new BigInteger(C,16);if(BigInteger.ZERO.compareTo(K)>0||K.compareTo(u)>0||BigInteger.ZERO.compareTo(J)>0||J.compareTo(u)>0){util.print_error("invalid DSA Signature");return null}var H=J.modInverse(u);var A=D.multiply(H).mod(u);var v=K.multiply(H).mod(u);var E=F.modPow(A,z).multiply(G.modPow(v,z)).mod(z).mod(u);return E.compareTo(K)==0}function a(z){var A=new BigInteger(z,primeCenterie);var y=j(q,512);var u=t(p,q,z);var v;do{v=new BigInteger(q.bitCount(),rand)}while(x.compareTo(BigInteger.ZERO)!=1&&x.compareTo(q)!=-1);var w=g.modPow(x,p);return{x:v,q:A,p:y,g:u,y:w}}function j(y,z,w){if(z%64!=0){return false}var u;var v;do{u=w(bitcount,true);v=u.subtract(BigInteger.ONE);u=u.subtract(v.remainder(y))}while(!u.isProbablePrime(primeCenterie)||u.bitLength()!=l);return u}function t(B,z,A,w){var u=B.subtract(BigInteger.ONE);var y=u.divide(z);var v;do{v=w(A)}while(v.compareTo(u)!=-1&&v.compareTo(BigInteger.ONE)!=1);return v.modPow(y,B)}function o(w,y,u){var v;do{v=u(y,false)}while(v.compareTo(w)!=-1&&v.compareTo(BigInteger.ZERO)!=1);return v}function i(v,w){k=o(v);var u=g.modPow(k,w).mod(v);return u}function h(B,w,y,v,z,u){var A=B(v);s=(w.modInverse(z).multiply(A.add(u.multiply(y)))).mod(z);return s}this.sign=d;this.verify=m;function n(w,u){if(u.compareTo(w)<=0){return}var v=u.subtract(w);var y=e(v.bitLength());while(y>v){y=e(v.bitLength())}return w.add(y)}function e(w){if(w<0){return null}var u=Math.floor((w+7)/8);var v=c(u);if(w%8>0){v=String.fromCharCode((Math.pow(2,w%8)-1)&v.charCodeAt(0))+v.substring(1)}return new BigInteger(f(v),16)}function c(w){var u="";for(var v=0;v0||a.compareTo(b)>0){throw"invalid DSA signature"}if(BigInteger.ZERO.compareTo(t)>0||t.compareTo(b)>0){throw"invalid DSA signature"}var m=t.modInverse(b);var e=k.multiply(m).mod(b);var c=a.multiply(m).mod(b);var n=j.modPow(e,d).multiply(l.modPow(c,d)).mod(d).mod(b);return n.compareTo(a)==0};this.parseASN1Signature=function(a){try{var d=new BigInteger(ASN1HEX.getVbyList(a,0,[0],"02"),16);var c=new BigInteger(ASN1HEX.getVbyList(a,0,[1],"02"),16);return[d,c]}catch(b){throw"malformed ASN.1 DSA signature"}}}; /*! pkcs5pkey-1.0.7.js (c) 2013-2016 Kenji Urushima | kjur.github.com/jsrsasign/license */ -var PKCS5PKEY=function(){var c=function(n,p,o){return i(CryptoJS.AES,n,p,o)};var d=function(n,p,o){return i(CryptoJS.TripleDES,n,p,o)};var i=function(q,v,s,o){var p=CryptoJS.enc.Hex.parse(v);var u=CryptoJS.enc.Hex.parse(s);var n=CryptoJS.enc.Hex.parse(o);var r={};r.key=u;r.iv=n;r.ciphertext=p;var t=q.decrypt(r,u,{iv:n});return CryptoJS.enc.Hex.stringify(t)};var j=function(n,p,o){return e(CryptoJS.AES,n,p,o)};var m=function(n,p,o){return e(CryptoJS.TripleDES,n,p,o)};var e=function(s,x,v,p){var r=CryptoJS.enc.Hex.parse(x);var w=CryptoJS.enc.Hex.parse(v);var o=CryptoJS.enc.Hex.parse(p);var n={};var u=s.encrypt(r,w,{iv:o});var q=CryptoJS.enc.Hex.parse(u.toString());var t=CryptoJS.enc.Base64.stringify(q);return t};var g={"AES-256-CBC":{proc:c,eproc:j,keylen:32,ivlen:16},"AES-192-CBC":{proc:c,eproc:j,keylen:24,ivlen:16},"AES-128-CBC":{proc:c,eproc:j,keylen:16,ivlen:16},"DES-EDE3-CBC":{proc:d,eproc:m,keylen:24,ivlen:8}};var b=function(n){return g[n]["proc"]};var k=function(n){var p=CryptoJS.lib.WordArray.random(n);var o=CryptoJS.enc.Hex.stringify(p);return o};var l=function(t){var u={};var o=t.match(new RegExp("DEK-Info: ([^,]+),([0-9A-Fa-f]+)","m"));if(o){u.cipher=o[1];u.ivsalt=o[2]}var n=t.match(new RegExp("-----BEGIN ([A-Z]+) PRIVATE KEY-----"));if(n){u.type=n[1]}var r=-1;var v=0;if(t.indexOf("\r\n\r\n")!=-1){r=t.indexOf("\r\n\r\n");v=2}if(t.indexOf("\n\n")!=-1){r=t.indexOf("\n\n");v=1}var q=t.indexOf("-----END");if(r!=-1&&q!=-1){var p=t.substring(r+v*2,q-v);p=p.replace(/\s+/g,"");u.data=p}return u};var h=function(o,w,n){var t=n.substring(0,16);var r=CryptoJS.enc.Hex.parse(t);var p=CryptoJS.enc.Utf8.parse(w);var s=g[o]["keylen"]+g[o]["ivlen"];var v="";var u=null;for(;;){var q=CryptoJS.algo.MD5.create();if(u!=null){q.update(u)}q.update(p);q.update(r);u=q.finalize();v=v+CryptoJS.enc.Hex.stringify(u);if(v.length>=s*2){break}}var x={};x.keyhex=v.substr(0,g[o]["keylen"]*2);x.ivhex=v.substr(g[o]["keylen"]*2,g[o]["ivlen"]*2);return x};var a=function(n,t,p,u){var q=CryptoJS.enc.Base64.parse(n);var o=CryptoJS.enc.Hex.stringify(q);var s=g[t]["proc"];var r=s(o,p,u);return r};var f=function(n,q,o,s){var p=g[q]["eproc"];var r=p(n,o,s);return r};return{version:"1.0.5",getHexFromPEM:function(o,r){var p=o;if(p.indexOf("BEGIN "+r)==-1){throw"can't find PEM header: "+r}p=p.replace("-----BEGIN "+r+"-----","");p=p.replace("-----END "+r+"-----","");var q=p.replace(/\s+/g,"");var n=b64tohex(q);return n},getDecryptedKeyHexByKeyIV:function(o,r,q,p){var n=b(r);return n(o,q,p)},parsePKCS5PEM:function(n){return l(n)},getKeyAndUnusedIvByPasscodeAndIvsalt:function(o,n,p){return h(o,n,p)},decryptKeyB64:function(n,p,o,q){return a(n,p,o,q)},getDecryptedKeyHex:function(w,v){var o=l(w);var r=o.type;var p=o.cipher;var n=o.ivsalt;var q=o.data;var u=h(p,v,n);var t=u.keyhex;var s=a(q,p,t,n);return s},getRSAKeyFromEncryptedPKCS5PEM:function(p,o){var q=this.getDecryptedKeyHex(p,o);var n=new RSAKey();n.readPrivateKeyFromASN1HexString(q);return n},getEryptedPKCS5PEMFromPrvKeyHex:function(q,x,r,p){var n="";if(typeof r=="undefined"||r==null){r="AES-256-CBC"}if(typeof g[r]=="undefined"){throw"PKCS5PKEY unsupported algorithm: "+r}if(typeof p=="undefined"||p==null){var t=g[r]["ivlen"];var s=k(t);p=s.toUpperCase()}var w=h(r,x,p);var v=w.keyhex;var u=f(q,r,v,p);var o=u.replace(/(.{64})/g,"$1\r\n");var n="-----BEGIN RSA PRIVATE KEY-----\r\n";n+="Proc-Type: 4,ENCRYPTED\r\n";n+="DEK-Info: "+r+","+p+"\r\n";n+="\r\n";n+=o;n+="\r\n-----END RSA PRIVATE KEY-----\r\n";return n},getEryptedPKCS5PEMFromRSAKey:function(C,D,o,s){var A=new KJUR.asn1.DERInteger({"int":0});var v=new KJUR.asn1.DERInteger({bigint:C.n});var z=new KJUR.asn1.DERInteger({"int":C.e});var B=new KJUR.asn1.DERInteger({bigint:C.d});var t=new KJUR.asn1.DERInteger({bigint:C.p});var r=new KJUR.asn1.DERInteger({bigint:C.q});var y=new KJUR.asn1.DERInteger({bigint:C.dmp1});var u=new KJUR.asn1.DERInteger({bigint:C.dmq1});var x=new KJUR.asn1.DERInteger({bigint:C.coeff});var E=new KJUR.asn1.DERSequence({array:[A,v,z,B,t,r,y,u,x]});var w=E.getEncodedHex();return this.getEryptedPKCS5PEMFromPrvKeyHex(w,D,o,s)},newEncryptedPKCS5PEM:function(n,o,r,s){if(typeof o=="undefined"||o==null){o=1024}if(typeof r=="undefined"||r==null){r="10001"}var p=new RSAKey();p.generate(o,r);var q=null;if(typeof s=="undefined"||s==null){q=this.getEncryptedPKCS5PEMFromRSAKey(pkey,n)}else{q=this.getEncryptedPKCS5PEMFromRSAKey(pkey,n,s)}return q},getRSAKeyFromPlainPKCS8PEM:function(p){if(p.match(/ENCRYPTED/)){throw"pem shall be not ENCRYPTED"}var o=this.getHexFromPEM(p,"PRIVATE KEY");var n=this.getRSAKeyFromPlainPKCS8Hex(o);return n},getRSAKeyFromPlainPKCS8Hex:function(q){var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,0);if(p.length!=3){throw"outer DERSequence shall have 3 elements: "+p.length}var o=ASN1HEX.getHexOfTLV_AtObj(q,p[1]);if(o!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmIdentifier is not rsaEnc: "+o}var o=ASN1HEX.getHexOfTLV_AtObj(q,p[1]);var r=ASN1HEX.getHexOfTLV_AtObj(q,p[2]);var s=ASN1HEX.getHexOfV_AtObj(r,0);var n=new RSAKey();n.readPrivateKeyFromASN1HexString(s);return n},parseHexOfEncryptedPKCS8:function(u){var q={};var p=ASN1HEX.getPosArrayOfChildren_AtObj(u,0);if(p.length!=2){throw"malformed format: SEQUENCE(0).items != 2: "+p.length}q.ciphertext=ASN1HEX.getHexOfV_AtObj(u,p[1]);var w=ASN1HEX.getPosArrayOfChildren_AtObj(u,p[0]);if(w.length!=2){throw"malformed format: SEQUENCE(0.0).items != 2: "+w.length}if(ASN1HEX.getHexOfV_AtObj(u,w[0])!="2a864886f70d01050d"){throw"this only supports pkcs5PBES2"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(u,w[1]);if(w.length!=2){throw"malformed format: SEQUENCE(0.0.1).items != 2: "+n.length}var o=ASN1HEX.getPosArrayOfChildren_AtObj(u,n[1]);if(o.length!=2){throw"malformed format: SEQUENCE(0.0.1.1).items != 2: "+o.length}if(ASN1HEX.getHexOfV_AtObj(u,o[0])!="2a864886f70d0307"){throw"this only supports TripleDES"}q.encryptionSchemeAlg="TripleDES";q.encryptionSchemeIV=ASN1HEX.getHexOfV_AtObj(u,o[1]);var r=ASN1HEX.getPosArrayOfChildren_AtObj(u,n[0]);if(r.length!=2){throw"malformed format: SEQUENCE(0.0.1.0).items != 2: "+r.length}if(ASN1HEX.getHexOfV_AtObj(u,r[0])!="2a864886f70d01050c"){throw"this only supports pkcs5PBKDF2"}var v=ASN1HEX.getPosArrayOfChildren_AtObj(u,r[1]);if(v.length<2){throw"malformed format: SEQUENCE(0.0.1.0.1).items < 2: "+v.length}q.pbkdf2Salt=ASN1HEX.getHexOfV_AtObj(u,v[0]);var s=ASN1HEX.getHexOfV_AtObj(u,v[1]);try{q.pbkdf2Iter=parseInt(s,16)}catch(t){throw"malformed format pbkdf2Iter: "+s}return q},getPBKDF2KeyHexFromParam:function(s,n){var r=CryptoJS.enc.Hex.parse(s.pbkdf2Salt);var o=s.pbkdf2Iter;var q=CryptoJS.PBKDF2(n,r,{keySize:192/32,iterations:o});var p=CryptoJS.enc.Hex.stringify(q);return p},getPlainPKCS8HexFromEncryptedPKCS8PEM:function(v,w){var p=this.getHexFromPEM(v,"ENCRYPTED PRIVATE KEY");var n=this.parseHexOfEncryptedPKCS8(p);var s=PKCS5PKEY.getPBKDF2KeyHexFromParam(n,w);var t={};t.ciphertext=CryptoJS.enc.Hex.parse(n.ciphertext);var r=CryptoJS.enc.Hex.parse(s);var q=CryptoJS.enc.Hex.parse(n.encryptionSchemeIV);var u=CryptoJS.TripleDES.decrypt(t,r,{iv:q});var o=CryptoJS.enc.Hex.stringify(u);return o},getRSAKeyFromEncryptedPKCS8PEM:function(q,p){var o=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(q,p);var n=this.getRSAKeyFromPlainPKCS8Hex(o);return n},getKeyFromEncryptedPKCS8PEM:function(q,o){var n=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(q,o);var p=this.getKeyFromPlainPrivatePKCS8Hex(n);return p},parsePlainPrivatePKCS8Hex:function(q){var o={};o.algparam=null;if(q.substr(0,2)!="30"){throw"malformed plain PKCS8 private key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,0);if(p.length!=3){throw"malformed plain PKCS8 private key(code:002)"}if(q.substr(p[1],2)!="30"){throw"malformed PKCS8 private key(code:003)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(q,p[1]);if(n.length!=2){throw"malformed PKCS8 private key(code:004)"}if(q.substr(n[0],2)!="06"){throw"malformed PKCS8 private key(code:005)"}o.algoid=ASN1HEX.getHexOfV_AtObj(q,n[0]);if(q.substr(n[1],2)=="06"){o.algparam=ASN1HEX.getHexOfV_AtObj(q,n[1])}if(q.substr(p[2],2)!="04"){throw"malformed PKCS8 private key(code:006)"}o.keyidx=ASN1HEX.getStartPosOfV_AtObj(q,p[2]);return o},getKeyFromPlainPrivatePKCS8PEM:function(o){var n=this.getHexFromPEM(o,"PRIVATE KEY");var p=this.getKeyFromPlainPrivatePKCS8Hex(n);return p},getKeyFromPlainPrivatePKCS8Hex:function(n){var p=this.parsePlainPrivatePKCS8Hex(n);if(p.algoid=="2a864886f70d010101"){this.parsePrivateRawRSAKeyHexAtObj(n,p);var o=p.key;var q=new RSAKey();q.setPrivateEx(o.n,o.e,o.d,o.p,o.q,o.dp,o.dq,o.co);return q}else{if(p.algoid=="2a8648ce3d0201"){this.parsePrivateRawECKeyHexAtObj(n,p);if(KJUR.crypto.OID.oidhex2name[p.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+p.algparam}var r=KJUR.crypto.OID.oidhex2name[p.algparam];var q=new KJUR.crypto.ECDSA({curve:r,prv:p.key});return q}else{throw"unsupported private key algorithm"}}},getRSAKeyFromPublicPKCS8PEM:function(o){var p=this.getHexFromPEM(o,"PUBLIC KEY");var n=this.getRSAKeyFromPublicPKCS8Hex(p);return n},getKeyFromPublicPKCS8PEM:function(o){var p=this.getHexFromPEM(o,"PUBLIC KEY");var n=this.getKeyFromPublicPKCS8Hex(p);return n},getKeyFromPublicPKCS8Hex:function(o){var n=this.parsePublicPKCS8Hex(o);if(n.algoid=="2a864886f70d010101"){var r=this.parsePublicRawRSAKeyHex(n.key);var p=new RSAKey();p.setPublic(r.n,r.e);return p}else{if(n.algoid=="2a8648ce3d0201"){if(KJUR.crypto.OID.oidhex2name[n.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+n.algparam}var q=KJUR.crypto.OID.oidhex2name[n.algparam];var p=new KJUR.crypto.ECDSA({curve:q,pub:n.key});return p}else{throw"unsupported public key algorithm"}}},parsePublicRawRSAKeyHex:function(p){var n={};if(p.substr(0,2)!="30"){throw"malformed RSA key(code:001)"}var o=ASN1HEX.getPosArrayOfChildren_AtObj(p,0);if(o.length!=2){throw"malformed RSA key(code:002)"}if(p.substr(o[0],2)!="02"){throw"malformed RSA key(code:003)"}n.n=ASN1HEX.getHexOfV_AtObj(p,o[0]);if(p.substr(o[1],2)!="02"){throw"malformed RSA key(code:004)"}n.e=ASN1HEX.getHexOfV_AtObj(p,o[1]);return n},parsePrivateRawRSAKeyHexAtObj:function(o,q){var p=q.keyidx;if(o.substr(p,2)!="30"){throw"malformed RSA private key(code:001)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(o,p);if(n.length!=9){throw"malformed RSA private key(code:002)"}q.key={};q.key.n=ASN1HEX.getHexOfV_AtObj(o,n[1]);q.key.e=ASN1HEX.getHexOfV_AtObj(o,n[2]);q.key.d=ASN1HEX.getHexOfV_AtObj(o,n[3]);q.key.p=ASN1HEX.getHexOfV_AtObj(o,n[4]);q.key.q=ASN1HEX.getHexOfV_AtObj(o,n[5]);q.key.dp=ASN1HEX.getHexOfV_AtObj(o,n[6]);q.key.dq=ASN1HEX.getHexOfV_AtObj(o,n[7]);q.key.co=ASN1HEX.getHexOfV_AtObj(o,n[8])},parsePrivateRawECKeyHexAtObj:function(o,q){var p=q.keyidx;if(o.substr(p,2)!="30"){throw"malformed ECC private key(code:001)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(o,p);if(n.length!=3){throw"malformed ECC private key(code:002)"}if(o.substr(n[1],2)!="04"){throw"malformed ECC private key(code:003)"}q.key=ASN1HEX.getHexOfV_AtObj(o,n[1])},parsePublicPKCS8Hex:function(q){var o={};o.algparam=null;var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,0);if(p.length!=2){throw"outer DERSequence shall have 2 elements: "+p.length}var r=p[0];if(q.substr(r,2)!="30"){throw"malformed PKCS8 public key(code:001)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(q,r);if(n.length!=2){throw"malformed PKCS8 public key(code:002)"}if(q.substr(n[0],2)!="06"){throw"malformed PKCS8 public key(code:003)"}o.algoid=ASN1HEX.getHexOfV_AtObj(q,n[0]);if(q.substr(n[1],2)=="06"){o.algparam=ASN1HEX.getHexOfV_AtObj(q,n[1])}if(q.substr(p[1],2)!="03"){throw"malformed PKCS8 public key(code:004)"}o.key=ASN1HEX.getHexOfV_AtObj(q,p[1]).substr(2);return o},getRSAKeyFromPublicPKCS8Hex:function(r){var q=ASN1HEX.getPosArrayOfChildren_AtObj(r,0);if(q.length!=2){throw"outer DERSequence shall have 2 elements: "+q.length}var p=ASN1HEX.getHexOfTLV_AtObj(r,q[0]);if(p!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmId is not rsaEncryption"}if(r.substr(q[1],2)!="03"){throw"PKCS8 Public Key is not BITSTRING encapslated."}var t=ASN1HEX.getStartPosOfV_AtObj(r,q[1])+2;if(r.substr(t,2)!="30"){throw"PKCS8 Public Key is not SEQUENCE."}var n=ASN1HEX.getPosArrayOfChildren_AtObj(r,t);if(n.length!=2){throw"inner DERSequence shall have 2 elements: "+n.length}if(r.substr(n[0],2)!="02"){throw"N is not ASN.1 INTEGER"}if(r.substr(n[1],2)!="02"){throw"E is not ASN.1 INTEGER"}var u=ASN1HEX.getHexOfV_AtObj(r,n[0]);var s=ASN1HEX.getHexOfV_AtObj(r,n[1]);var o=new RSAKey();o.setPublic(u,s);return o},}}(); +var PKCS5PKEY=function(){var c=function(n,p,o){return i(CryptoJS.AES,n,p,o)};var d=function(n,p,o){return i(CryptoJS.TripleDES,n,p,o)};var i=function(q,v,s,o){var p=CryptoJS.enc.Hex.parse(v);var u=CryptoJS.enc.Hex.parse(s);var n=CryptoJS.enc.Hex.parse(o);var r={};r.key=u;r.iv=n;r.ciphertext=p;var t=q.decrypt(r,u,{iv:n});return CryptoJS.enc.Hex.stringify(t)};var j=function(n,p,o){return e(CryptoJS.AES,n,p,o)};var m=function(n,p,o){return e(CryptoJS.TripleDES,n,p,o)};var e=function(s,x,v,p){var r=CryptoJS.enc.Hex.parse(x);var w=CryptoJS.enc.Hex.parse(v);var o=CryptoJS.enc.Hex.parse(p);var n={};var u=s.encrypt(r,w,{iv:o});var q=CryptoJS.enc.Hex.parse(u.toString());var t=CryptoJS.enc.Base64.stringify(q);return t};var g={"AES-256-CBC":{proc:c,eproc:j,keylen:32,ivlen:16},"AES-192-CBC":{proc:c,eproc:j,keylen:24,ivlen:16},"AES-128-CBC":{proc:c,eproc:j,keylen:16,ivlen:16},"DES-EDE3-CBC":{proc:d,eproc:m,keylen:24,ivlen:8}};var b=function(n){return g[n]["proc"]};var k=function(n){var p=CryptoJS.lib.WordArray.random(n);var o=CryptoJS.enc.Hex.stringify(p);return o};var l=function(t){var u={};var o=t.match(new RegExp("DEK-Info: ([^,]+),([0-9A-Fa-f]+)","m"));if(o){u.cipher=o[1];u.ivsalt=o[2]}var n=t.match(new RegExp("-----BEGIN ([A-Z]+) PRIVATE KEY-----"));if(n){u.type=n[1]}var r=-1;var v=0;if(t.indexOf("\r\n\r\n")!=-1){r=t.indexOf("\r\n\r\n");v=2}if(t.indexOf("\n\n")!=-1){r=t.indexOf("\n\n");v=1}var q=t.indexOf("-----END");if(r!=-1&&q!=-1){var p=t.substring(r+v*2,q-v);p=p.replace(/\s+/g,"");u.data=p}return u};var h=function(o,w,n){var t=n.substring(0,16);var r=CryptoJS.enc.Hex.parse(t);var p=CryptoJS.enc.Utf8.parse(w);var s=g[o]["keylen"]+g[o]["ivlen"];var v="";var u=null;for(;;){var q=CryptoJS.algo.MD5.create();if(u!=null){q.update(u)}q.update(p);q.update(r);u=q.finalize();v=v+CryptoJS.enc.Hex.stringify(u);if(v.length>=s*2){break}}var x={};x.keyhex=v.substr(0,g[o]["keylen"]*2);x.ivhex=v.substr(g[o]["keylen"]*2,g[o]["ivlen"]*2);return x};var a=function(n,t,p,u){var q=CryptoJS.enc.Base64.parse(n);var o=CryptoJS.enc.Hex.stringify(q);var s=g[t]["proc"];var r=s(o,p,u);return r};var f=function(n,q,o,s){var p=g[q]["eproc"];var r=p(n,o,s);return r};return{version:"1.0.5",getHexFromPEM:function(o,r){var p=o;if(p.indexOf("BEGIN "+r)==-1){throw"can't find PEM header: "+r}p=p.replace("-----BEGIN "+r+"-----","");p=p.replace("-----END "+r+"-----","");var q=p.replace(/\s+/g,"");var n=b64tohex(q);return n},getDecryptedKeyHexByKeyIV:function(o,r,q,p){var n=b(r);return n(o,q,p)},parsePKCS5PEM:function(n){return l(n)},getKeyAndUnusedIvByPasscodeAndIvsalt:function(o,n,p){return h(o,n,p)},decryptKeyB64:function(n,p,o,q){return a(n,p,o,q)},getDecryptedKeyHex:function(w,v){var o=l(w);var r=o.type;var p=o.cipher;var n=o.ivsalt;var q=o.data;var u=h(p,v,n);var t=u.keyhex;var s=a(q,p,t,n);return s},getRSAKeyFromEncryptedPKCS5PEM:function(p,o){var q=this.getDecryptedKeyHex(p,o);var n=new RSAKey();n.readPrivateKeyFromASN1HexString(q);return n},getEncryptedPKCS5PEMFromPrvKeyHex:function(q,x,r,p){if(typeof r=="undefined"||r==null){r="AES-256-CBC"}if(typeof g[r]=="undefined"){throw"PKCS5PKEY unsupported algorithm: "+r}if(typeof p=="undefined"||p==null){var t=g[r]["ivlen"];var s=k(t);p=s.toUpperCase()}var w=h(r,x,p);var v=w.keyhex;var u=f(q,r,v,p);var o=u.replace(/(.{64})/g,"$1\r\n");var n="-----BEGIN RSA PRIVATE KEY-----\r\n";n+="Proc-Type: 4,ENCRYPTED\r\n";n+="DEK-Info: "+r+","+p+"\r\n";n+="\r\n";n+=o;n+="\r\n-----END RSA PRIVATE KEY-----\r\n";return n},getEncryptedPKCS5PEMFromRSAKey:function(C,D,o,s){var A=new KJUR.asn1.DERInteger({"int":0});var v=new KJUR.asn1.DERInteger({bigint:C.n});var z=new KJUR.asn1.DERInteger({"int":C.e});var B=new KJUR.asn1.DERInteger({bigint:C.d});var t=new KJUR.asn1.DERInteger({bigint:C.p});var r=new KJUR.asn1.DERInteger({bigint:C.q});var y=new KJUR.asn1.DERInteger({bigint:C.dmp1});var u=new KJUR.asn1.DERInteger({bigint:C.dmq1});var x=new KJUR.asn1.DERInteger({bigint:C.coeff});var E=new KJUR.asn1.DERSequence({array:[A,v,z,B,t,r,y,u,x]});var w=E.getEncodedHex();return this.getEncryptedPKCS5PEMFromPrvKeyHex(w,D,o,s)},newEncryptedPKCS5PEM:function(n,o,r,s){if(typeof o=="undefined"||o==null){o=1024}if(typeof r=="undefined"||r==null){r="10001"}var p=new RSAKey();p.generate(o,r);var q=null;if(typeof s=="undefined"||s==null){q=this.getEncryptedPKCS5PEMFromRSAKey(pkey,n)}else{q=this.getEncryptedPKCS5PEMFromRSAKey(pkey,n,s)}return q},getRSAKeyFromPlainPKCS8PEM:function(p){if(p.match(/ENCRYPTED/)){throw"pem shall be not ENCRYPTED"}var o=this.getHexFromPEM(p,"PRIVATE KEY");var n=this.getRSAKeyFromPlainPKCS8Hex(o);return n},getRSAKeyFromPlainPKCS8Hex:function(q){var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,0);if(p.length!=3){throw"outer DERSequence shall have 3 elements: "+p.length}var o=ASN1HEX.getHexOfTLV_AtObj(q,p[1]);if(o!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmIdentifier is not rsaEnc: "+o}var r=ASN1HEX.getHexOfTLV_AtObj(q,p[2]);var s=ASN1HEX.getHexOfV_AtObj(r,0);var n=new RSAKey();n.readPrivateKeyFromASN1HexString(s);return n},parseHexOfEncryptedPKCS8:function(u){var q={};var p=ASN1HEX.getPosArrayOfChildren_AtObj(u,0);if(p.length!=2){throw"malformed format: SEQUENCE(0).items != 2: "+p.length}q.ciphertext=ASN1HEX.getHexOfV_AtObj(u,p[1]);var w=ASN1HEX.getPosArrayOfChildren_AtObj(u,p[0]);if(w.length!=2){throw"malformed format: SEQUENCE(0.0).items != 2: "+w.length}if(ASN1HEX.getHexOfV_AtObj(u,w[0])!="2a864886f70d01050d"){throw"this only supports pkcs5PBES2"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(u,w[1]);if(w.length!=2){throw"malformed format: SEQUENCE(0.0.1).items != 2: "+n.length}var o=ASN1HEX.getPosArrayOfChildren_AtObj(u,n[1]);if(o.length!=2){throw"malformed format: SEQUENCE(0.0.1.1).items != 2: "+o.length}if(ASN1HEX.getHexOfV_AtObj(u,o[0])!="2a864886f70d0307"){throw"this only supports TripleDES"}q.encryptionSchemeAlg="TripleDES";q.encryptionSchemeIV=ASN1HEX.getHexOfV_AtObj(u,o[1]);var r=ASN1HEX.getPosArrayOfChildren_AtObj(u,n[0]);if(r.length!=2){throw"malformed format: SEQUENCE(0.0.1.0).items != 2: "+r.length}if(ASN1HEX.getHexOfV_AtObj(u,r[0])!="2a864886f70d01050c"){throw"this only supports pkcs5PBKDF2"}var v=ASN1HEX.getPosArrayOfChildren_AtObj(u,r[1]);if(v.length<2){throw"malformed format: SEQUENCE(0.0.1.0.1).items < 2: "+v.length}q.pbkdf2Salt=ASN1HEX.getHexOfV_AtObj(u,v[0]);var s=ASN1HEX.getHexOfV_AtObj(u,v[1]);try{q.pbkdf2Iter=parseInt(s,16)}catch(t){throw"malformed format pbkdf2Iter: "+s}return q},getPBKDF2KeyHexFromParam:function(s,n){var r=CryptoJS.enc.Hex.parse(s.pbkdf2Salt);var o=s.pbkdf2Iter;var q=CryptoJS.PBKDF2(n,r,{keySize:192/32,iterations:o});var p=CryptoJS.enc.Hex.stringify(q);return p},getPlainPKCS8HexFromEncryptedPKCS8PEM:function(v,w){var p=this.getHexFromPEM(v,"ENCRYPTED PRIVATE KEY");var n=this.parseHexOfEncryptedPKCS8(p);var s=PKCS5PKEY.getPBKDF2KeyHexFromParam(n,w);var t={};t.ciphertext=CryptoJS.enc.Hex.parse(n.ciphertext);var r=CryptoJS.enc.Hex.parse(s);var q=CryptoJS.enc.Hex.parse(n.encryptionSchemeIV);var u=CryptoJS.TripleDES.decrypt(t,r,{iv:q});var o=CryptoJS.enc.Hex.stringify(u);return o},getRSAKeyFromEncryptedPKCS8PEM:function(q,p){var o=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(q,p);var n=this.getRSAKeyFromPlainPKCS8Hex(o);return n},getKeyFromEncryptedPKCS8PEM:function(q,o){var n=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(q,o);var p=this.getKeyFromPlainPrivatePKCS8Hex(n);return p},parsePlainPrivatePKCS8Hex:function(q){var o={};o.algparam=null;if(q.substr(0,2)!="30"){throw"malformed plain PKCS8 private key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,0);if(p.length!=3){throw"malformed plain PKCS8 private key(code:002)"}if(q.substr(p[1],2)!="30"){throw"malformed PKCS8 private key(code:003)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(q,p[1]);if(n.length!=2){throw"malformed PKCS8 private key(code:004)"}if(q.substr(n[0],2)!="06"){throw"malformed PKCS8 private key(code:005)"}o.algoid=ASN1HEX.getHexOfV_AtObj(q,n[0]);if(q.substr(n[1],2)=="06"){o.algparam=ASN1HEX.getHexOfV_AtObj(q,n[1])}if(q.substr(p[2],2)!="04"){throw"malformed PKCS8 private key(code:006)"}o.keyidx=ASN1HEX.getStartPosOfV_AtObj(q,p[2]);return o},getKeyFromPlainPrivatePKCS8PEM:function(o){var n=this.getHexFromPEM(o,"PRIVATE KEY");var p=this.getKeyFromPlainPrivatePKCS8Hex(n);return p},getKeyFromPlainPrivatePKCS8Hex:function(n){var p=this.parsePlainPrivatePKCS8Hex(n);if(p.algoid=="2a864886f70d010101"){this.parsePrivateRawRSAKeyHexAtObj(n,p);var o=p.key;var q=new RSAKey();q.setPrivateEx(o.n,o.e,o.d,o.p,o.q,o.dp,o.dq,o.co);return q}else{if(p.algoid=="2a8648ce3d0201"){this.parsePrivateRawECKeyHexAtObj(n,p);if(KJUR.crypto.OID.oidhex2name[p.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+p.algparam}var r=KJUR.crypto.OID.oidhex2name[p.algparam];var q=new KJUR.crypto.ECDSA({curve:r,prv:p.key});return q}else{throw"unsupported private key algorithm"}}},getRSAKeyFromPublicPKCS8PEM:function(o){var p=this.getHexFromPEM(o,"PUBLIC KEY");var n=this.getRSAKeyFromPublicPKCS8Hex(p);return n},getKeyFromPublicPKCS8PEM:function(o){var p=this.getHexFromPEM(o,"PUBLIC KEY");var n=this.getKeyFromPublicPKCS8Hex(p);return n},getKeyFromPublicPKCS8Hex:function(o){var n=this.parsePublicPKCS8Hex(o);if(n.algoid=="2a864886f70d010101"){var r=this.parsePublicRawRSAKeyHex(n.key);var p=new RSAKey();p.setPublic(r.n,r.e);return p}else{if(n.algoid=="2a8648ce3d0201"){if(KJUR.crypto.OID.oidhex2name[n.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+n.algparam}var q=KJUR.crypto.OID.oidhex2name[n.algparam];var p=new KJUR.crypto.ECDSA({curve:q,pub:n.key});return p}else{throw"unsupported public key algorithm"}}},parsePublicRawRSAKeyHex:function(p){var n={};if(p.substr(0,2)!="30"){throw"malformed RSA key(code:001)"}var o=ASN1HEX.getPosArrayOfChildren_AtObj(p,0);if(o.length!=2){throw"malformed RSA key(code:002)"}if(p.substr(o[0],2)!="02"){throw"malformed RSA key(code:003)"}n.n=ASN1HEX.getHexOfV_AtObj(p,o[0]);if(p.substr(o[1],2)!="02"){throw"malformed RSA key(code:004)"}n.e=ASN1HEX.getHexOfV_AtObj(p,o[1]);return n},parsePrivateRawRSAKeyHexAtObj:function(o,q){var p=q.keyidx;if(o.substr(p,2)!="30"){throw"malformed RSA private key(code:001)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(o,p);if(n.length!=9){throw"malformed RSA private key(code:002)"}q.key={};q.key.n=ASN1HEX.getHexOfV_AtObj(o,n[1]);q.key.e=ASN1HEX.getHexOfV_AtObj(o,n[2]);q.key.d=ASN1HEX.getHexOfV_AtObj(o,n[3]);q.key.p=ASN1HEX.getHexOfV_AtObj(o,n[4]);q.key.q=ASN1HEX.getHexOfV_AtObj(o,n[5]);q.key.dp=ASN1HEX.getHexOfV_AtObj(o,n[6]);q.key.dq=ASN1HEX.getHexOfV_AtObj(o,n[7]);q.key.co=ASN1HEX.getHexOfV_AtObj(o,n[8])},parsePrivateRawECKeyHexAtObj:function(o,q){var p=q.keyidx;if(o.substr(p,2)!="30"){throw"malformed ECC private key(code:001)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(o,p);if(n.length!=3){throw"malformed ECC private key(code:002)"}if(o.substr(n[1],2)!="04"){throw"malformed ECC private key(code:003)"}q.key=ASN1HEX.getHexOfV_AtObj(o,n[1])},parsePublicPKCS8Hex:function(q){var o={};o.algparam=null;var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,0);if(p.length!=2){throw"outer DERSequence shall have 2 elements: "+p.length}var r=p[0];if(q.substr(r,2)!="30"){throw"malformed PKCS8 public key(code:001)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(q,r);if(n.length!=2){throw"malformed PKCS8 public key(code:002)"}if(q.substr(n[0],2)!="06"){throw"malformed PKCS8 public key(code:003)"}o.algoid=ASN1HEX.getHexOfV_AtObj(q,n[0]);if(q.substr(n[1],2)=="06"){o.algparam=ASN1HEX.getHexOfV_AtObj(q,n[1])}if(q.substr(p[1],2)!="03"){throw"malformed PKCS8 public key(code:004)"}o.key=ASN1HEX.getHexOfV_AtObj(q,p[1]).substr(2);return o},getRSAKeyFromPublicPKCS8Hex:function(r){var q=ASN1HEX.getPosArrayOfChildren_AtObj(r,0);if(q.length!=2){throw"outer DERSequence shall have 2 elements: "+q.length}var p=ASN1HEX.getHexOfTLV_AtObj(r,q[0]);if(p!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmId is not rsaEncryption"}if(r.substr(q[1],2)!="03"){throw"PKCS8 Public Key is not BITSTRING encapslated."}var t=ASN1HEX.getStartPosOfV_AtObj(r,q[1])+2;if(r.substr(t,2)!="30"){throw"PKCS8 Public Key is not SEQUENCE."}var n=ASN1HEX.getPosArrayOfChildren_AtObj(r,t);if(n.length!=2){throw"inner DERSequence shall have 2 elements: "+n.length}if(r.substr(n[0],2)!="02"){throw"N is not ASN.1 INTEGER"}if(r.substr(n[1],2)!="02"){throw"E is not ASN.1 INTEGER"}var u=ASN1HEX.getHexOfV_AtObj(r,n[0]);var s=ASN1HEX.getHexOfV_AtObj(r,n[1]);var o=new RSAKey();o.setPublic(u,s);return o},}}(); /*! keyutil-1.0.14.js (c) 2013-2016 Kenji Urushima | kjur.github.com/jsrsasign/license */ var KEYUTIL=function(){var d=function(p,r,q){return k(CryptoJS.AES,p,r,q)};var e=function(p,r,q){return k(CryptoJS.TripleDES,p,r,q)};var a=function(p,r,q){return k(CryptoJS.DES,p,r,q)};var k=function(s,x,u,q){var r=CryptoJS.enc.Hex.parse(x);var w=CryptoJS.enc.Hex.parse(u);var p=CryptoJS.enc.Hex.parse(q);var t={};t.key=w;t.iv=p;t.ciphertext=r;var v=s.decrypt(t,w,{iv:p});return CryptoJS.enc.Hex.stringify(v)};var l=function(p,r,q){return g(CryptoJS.AES,p,r,q)};var o=function(p,r,q){return g(CryptoJS.TripleDES,p,r,q)};var f=function(p,r,q){return g(CryptoJS.DES,p,r,q)};var g=function(t,y,v,q){var s=CryptoJS.enc.Hex.parse(y);var x=CryptoJS.enc.Hex.parse(v);var p=CryptoJS.enc.Hex.parse(q);var w=t.encrypt(s,x,{iv:p});var r=CryptoJS.enc.Hex.parse(w.toString());var u=CryptoJS.enc.Base64.stringify(r);return u};var i={"AES-256-CBC":{proc:d,eproc:l,keylen:32,ivlen:16},"AES-192-CBC":{proc:d,eproc:l,keylen:24,ivlen:16},"AES-128-CBC":{proc:d,eproc:l,keylen:16,ivlen:16},"DES-EDE3-CBC":{proc:e,eproc:o,keylen:24,ivlen:8},"DES-CBC":{proc:a,eproc:f,keylen:8,ivlen:8}};var c=function(p){return i[p]["proc"]};var m=function(p){var r=CryptoJS.lib.WordArray.random(p);var q=CryptoJS.enc.Hex.stringify(r);return q};var n=function(v){var w={};var q=v.match(new RegExp("DEK-Info: ([^,]+),([0-9A-Fa-f]+)","m"));if(q){w.cipher=q[1];w.ivsalt=q[2]}var p=v.match(new RegExp("-----BEGIN ([A-Z]+) PRIVATE KEY-----"));if(p){w.type=p[1]}var u=-1;var x=0;if(v.indexOf("\r\n\r\n")!=-1){u=v.indexOf("\r\n\r\n");x=2}if(v.indexOf("\n\n")!=-1){u=v.indexOf("\n\n");x=1}var t=v.indexOf("-----END");if(u!=-1&&t!=-1){var r=v.substring(u+x*2,t-x);r=r.replace(/\s+/g,"");w.data=r}return w};var j=function(q,y,p){var v=p.substring(0,16);var t=CryptoJS.enc.Hex.parse(v);var r=CryptoJS.enc.Utf8.parse(y);var u=i[q]["keylen"]+i[q]["ivlen"];var x="";var w=null;for(;;){var s=CryptoJS.algo.MD5.create();if(w!=null){s.update(w)}s.update(r);s.update(t);w=s.finalize();x=x+CryptoJS.enc.Hex.stringify(w);if(x.length>=u*2){break}}var z={};z.keyhex=x.substr(0,i[q]["keylen"]*2);z.ivhex=x.substr(i[q]["keylen"]*2,i[q]["ivlen"]*2);return z};var b=function(p,v,r,w){var s=CryptoJS.enc.Base64.parse(p);var q=CryptoJS.enc.Hex.stringify(s);var u=i[v]["proc"];var t=u(q,r,w);return t};var h=function(p,s,q,u){var r=i[s]["eproc"];var t=r(p,q,u);return t};return{version:"1.0.0",getHexFromPEM:function(q,u){var r=q;if(r.indexOf("-----BEGIN ")==-1){throw"can't find PEM header: "+u}if(typeof u=="string"&&u!=""){r=r.replace("-----BEGIN "+u+"-----","");r=r.replace("-----END "+u+"-----","")}else{r=r.replace(/-----BEGIN [^-]+-----/,"");r=r.replace(/-----END [^-]+-----/,"")}var t=r.replace(/\s+/g,"");var p=b64tohex(t);return p},getDecryptedKeyHexByKeyIV:function(q,t,s,r){var p=c(t);return p(q,s,r)},parsePKCS5PEM:function(p){return n(p)},getKeyAndUnusedIvByPasscodeAndIvsalt:function(q,p,r){return j(q,p,r)},decryptKeyB64:function(p,r,q,s){return b(p,r,q,s)},getDecryptedKeyHex:function(y,x){var q=n(y);var t=q.type;var r=q.cipher;var p=q.ivsalt;var s=q.data;var w=j(r,x,p);var v=w.keyhex;var u=b(s,r,v,p);return u},getRSAKeyFromEncryptedPKCS5PEM:function(r,q){var s=this.getDecryptedKeyHex(r,q);var p=new RSAKey();p.readPrivateKeyFromASN1HexString(s);return p},getEncryptedPKCS5PEMFromPrvKeyHex:function(x,s,A,t,r){var p="";if(typeof t=="undefined"||t==null){t="AES-256-CBC"}if(typeof i[t]=="undefined"){throw"KEYUTIL unsupported algorithm: "+t}if(typeof r=="undefined"||r==null){var v=i[t]["ivlen"];var u=m(v);r=u.toUpperCase()}var z=j(t,A,r);var y=z.keyhex;var w=h(s,t,y,r);var q=w.replace(/(.{64})/g,"$1\r\n");var p="-----BEGIN "+x+" PRIVATE KEY-----\r\n";p+="Proc-Type: 4,ENCRYPTED\r\n";p+="DEK-Info: "+t+","+r+"\r\n";p+="\r\n";p+=q;p+="\r\n-----END "+x+" PRIVATE KEY-----\r\n";return p},getEncryptedPKCS5PEMFromRSAKey:function(D,E,r,t){var B=new KJUR.asn1.DERInteger({"int":0});var w=new KJUR.asn1.DERInteger({bigint:D.n});var A=new KJUR.asn1.DERInteger({"int":D.e});var C=new KJUR.asn1.DERInteger({bigint:D.d});var u=new KJUR.asn1.DERInteger({bigint:D.p});var s=new KJUR.asn1.DERInteger({bigint:D.q});var z=new KJUR.asn1.DERInteger({bigint:D.dmp1});var v=new KJUR.asn1.DERInteger({bigint:D.dmq1});var y=new KJUR.asn1.DERInteger({bigint:D.coeff});var F=new KJUR.asn1.DERSequence({array:[B,w,A,C,u,s,z,v,y]});var x=F.getEncodedHex();return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA",x,E,r,t)},newEncryptedPKCS5PEM:function(p,q,t,u){if(typeof q=="undefined"||q==null){q=1024}if(typeof t=="undefined"||t==null){t="10001"}var r=new RSAKey();r.generate(q,t);var s=null;if(typeof u=="undefined"||u==null){s=this.getEncryptedPKCS5PEMFromRSAKey(r,p)}else{s=this.getEncryptedPKCS5PEMFromRSAKey(r,p,u)}return s},getRSAKeyFromPlainPKCS8PEM:function(r){if(r.match(/ENCRYPTED/)){throw"pem shall be not ENCRYPTED"}var q=this.getHexFromPEM(r,"PRIVATE KEY");var p=this.getRSAKeyFromPlainPKCS8Hex(q);return p},getRSAKeyFromPlainPKCS8Hex:function(s){var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=3){throw"outer DERSequence shall have 3 elements: "+r.length}var q=ASN1HEX.getHexOfTLV_AtObj(s,r[1]);if(q!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmIdentifier is not rsaEnc: "+q}var q=ASN1HEX.getHexOfTLV_AtObj(s,r[1]);var t=ASN1HEX.getHexOfTLV_AtObj(s,r[2]);var u=ASN1HEX.getHexOfV_AtObj(t,0);var p=new RSAKey();p.readPrivateKeyFromASN1HexString(u);return p},parseHexOfEncryptedPKCS8:function(w){var s={};var r=ASN1HEX.getPosArrayOfChildren_AtObj(w,0);if(r.length!=2){throw"malformed format: SEQUENCE(0).items != 2: "+r.length}s.ciphertext=ASN1HEX.getHexOfV_AtObj(w,r[1]);var y=ASN1HEX.getPosArrayOfChildren_AtObj(w,r[0]);if(y.length!=2){throw"malformed format: SEQUENCE(0.0).items != 2: "+y.length}if(ASN1HEX.getHexOfV_AtObj(w,y[0])!="2a864886f70d01050d"){throw"this only supports pkcs5PBES2"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(w,y[1]);if(y.length!=2){throw"malformed format: SEQUENCE(0.0.1).items != 2: "+p.length}var q=ASN1HEX.getPosArrayOfChildren_AtObj(w,p[1]);if(q.length!=2){throw"malformed format: SEQUENCE(0.0.1.1).items != 2: "+q.length}if(ASN1HEX.getHexOfV_AtObj(w,q[0])!="2a864886f70d0307"){throw"this only supports TripleDES"}s.encryptionSchemeAlg="TripleDES";s.encryptionSchemeIV=ASN1HEX.getHexOfV_AtObj(w,q[1]);var t=ASN1HEX.getPosArrayOfChildren_AtObj(w,p[0]);if(t.length!=2){throw"malformed format: SEQUENCE(0.0.1.0).items != 2: "+t.length}if(ASN1HEX.getHexOfV_AtObj(w,t[0])!="2a864886f70d01050c"){throw"this only supports pkcs5PBKDF2"}var x=ASN1HEX.getPosArrayOfChildren_AtObj(w,t[1]);if(x.length<2){throw"malformed format: SEQUENCE(0.0.1.0.1).items < 2: "+x.length}s.pbkdf2Salt=ASN1HEX.getHexOfV_AtObj(w,x[0]);var u=ASN1HEX.getHexOfV_AtObj(w,x[1]);try{s.pbkdf2Iter=parseInt(u,16)}catch(v){throw"malformed format pbkdf2Iter: "+u}return s},getPBKDF2KeyHexFromParam:function(u,p){var t=CryptoJS.enc.Hex.parse(u.pbkdf2Salt);var q=u.pbkdf2Iter;var s=CryptoJS.PBKDF2(p,t,{keySize:192/32,iterations:q});var r=CryptoJS.enc.Hex.stringify(s);return r},getPlainPKCS8HexFromEncryptedPKCS8PEM:function(x,y){var r=this.getHexFromPEM(x,"ENCRYPTED PRIVATE KEY");var p=this.parseHexOfEncryptedPKCS8(r);var u=KEYUTIL.getPBKDF2KeyHexFromParam(p,y);var v={};v.ciphertext=CryptoJS.enc.Hex.parse(p.ciphertext);var t=CryptoJS.enc.Hex.parse(u);var s=CryptoJS.enc.Hex.parse(p.encryptionSchemeIV);var w=CryptoJS.TripleDES.decrypt(v,t,{iv:s});var q=CryptoJS.enc.Hex.stringify(w);return q},getRSAKeyFromEncryptedPKCS8PEM:function(s,r){var q=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(s,r);var p=this.getRSAKeyFromPlainPKCS8Hex(q);return p},getKeyFromEncryptedPKCS8PEM:function(s,q){var p=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(s,q);var r=this.getKeyFromPlainPrivatePKCS8Hex(p);return r},parsePlainPrivatePKCS8Hex:function(s){var q={};q.algparam=null;if(s.substr(0,2)!="30"){throw"malformed plain PKCS8 private key(code:001)"}var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=3){throw"malformed plain PKCS8 private key(code:002)"}if(s.substr(r[1],2)!="30"){throw"malformed PKCS8 private key(code:003)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(s,r[1]);if(p.length!=2){throw"malformed PKCS8 private key(code:004)"}if(s.substr(p[0],2)!="06"){throw"malformed PKCS8 private key(code:005)"}q.algoid=ASN1HEX.getHexOfV_AtObj(s,p[0]);if(s.substr(p[1],2)=="06"){q.algparam=ASN1HEX.getHexOfV_AtObj(s,p[1])}if(s.substr(r[2],2)!="04"){throw"malformed PKCS8 private key(code:006)"}q.keyidx=ASN1HEX.getStartPosOfV_AtObj(s,r[2]);return q},getKeyFromPlainPrivatePKCS8PEM:function(q){var p=this.getHexFromPEM(q,"PRIVATE KEY");var r=this.getKeyFromPlainPrivatePKCS8Hex(p);return r},getKeyFromPlainPrivatePKCS8Hex:function(p){var w=this.parsePlainPrivatePKCS8Hex(p);if(w.algoid=="2a864886f70d010101"){this.parsePrivateRawRSAKeyHexAtObj(p,w);var u=w.key;var z=new RSAKey();z.setPrivateEx(u.n,u.e,u.d,u.p,u.q,u.dp,u.dq,u.co);return z}else{if(w.algoid=="2a8648ce3d0201"){this.parsePrivateRawECKeyHexAtObj(p,w);if(KJUR.crypto.OID.oidhex2name[w.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+w.algparam}var v=KJUR.crypto.OID.oidhex2name[w.algparam];var z=new KJUR.crypto.ECDSA({curve:v});z.setPublicKeyHex(w.pubkey);z.setPrivateKeyHex(w.key);z.isPublic=false;return z}else{if(w.algoid=="2a8648ce380401"){var t=ASN1HEX.getVbyList(p,0,[1,1,0],"02");var s=ASN1HEX.getVbyList(p,0,[1,1,1],"02");var y=ASN1HEX.getVbyList(p,0,[1,1,2],"02");var B=ASN1HEX.getVbyList(p,0,[2,0],"02");var r=new BigInteger(t,16);var q=new BigInteger(s,16);var x=new BigInteger(y,16);var A=new BigInteger(B,16);var z=new KJUR.crypto.DSA();z.setPrivate(r,q,x,null,A);return z}else{throw"unsupported private key algorithm"}}}},getRSAKeyFromPublicPKCS8PEM:function(q){var r=this.getHexFromPEM(q,"PUBLIC KEY");var p=this.getRSAKeyFromPublicPKCS8Hex(r);return p},getKeyFromPublicPKCS8PEM:function(q){var r=this.getHexFromPEM(q,"PUBLIC KEY");var p=this.getKeyFromPublicPKCS8Hex(r);return p},getKeyFromPublicPKCS8Hex:function(q){var p=this.parsePublicPKCS8Hex(q);if(p.algoid=="2a864886f70d010101"){var u=this.parsePublicRawRSAKeyHex(p.key);var r=new RSAKey();r.setPublic(u.n,u.e);return r}else{if(p.algoid=="2a8648ce3d0201"){if(KJUR.crypto.OID.oidhex2name[p.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+p.algparam}var s=KJUR.crypto.OID.oidhex2name[p.algparam];var r=new KJUR.crypto.ECDSA({curve:s,pub:p.key});return r}else{if(p.algoid=="2a8648ce380401"){var t=p.algparam;var v=ASN1HEX.getHexOfV_AtObj(p.key,0);var r=new KJUR.crypto.DSA();r.setPublic(new BigInteger(t.p,16),new BigInteger(t.q,16),new BigInteger(t.g,16),new BigInteger(v,16));return r}else{throw"unsupported public key algorithm"}}}},parsePublicRawRSAKeyHex:function(r){var p={};if(r.substr(0,2)!="30"){throw"malformed RSA key(code:001)"}var q=ASN1HEX.getPosArrayOfChildren_AtObj(r,0);if(q.length!=2){throw"malformed RSA key(code:002)"}if(r.substr(q[0],2)!="02"){throw"malformed RSA key(code:003)"}p.n=ASN1HEX.getHexOfV_AtObj(r,q[0]);if(r.substr(q[1],2)!="02"){throw"malformed RSA key(code:004)"}p.e=ASN1HEX.getHexOfV_AtObj(r,q[1]);return p},parsePrivateRawRSAKeyHexAtObj:function(q,s){var r=s.keyidx;if(q.substr(r,2)!="30"){throw"malformed RSA private key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,r);if(p.length!=9){throw"malformed RSA private key(code:002)"}s.key={};s.key.n=ASN1HEX.getHexOfV_AtObj(q,p[1]);s.key.e=ASN1HEX.getHexOfV_AtObj(q,p[2]);s.key.d=ASN1HEX.getHexOfV_AtObj(q,p[3]);s.key.p=ASN1HEX.getHexOfV_AtObj(q,p[4]);s.key.q=ASN1HEX.getHexOfV_AtObj(q,p[5]);s.key.dp=ASN1HEX.getHexOfV_AtObj(q,p[6]);s.key.dq=ASN1HEX.getHexOfV_AtObj(q,p[7]);s.key.co=ASN1HEX.getHexOfV_AtObj(q,p[8])},parsePrivateRawECKeyHexAtObj:function(p,t){var q=t.keyidx;var r=ASN1HEX.getVbyList(p,q,[1],"04");var s=ASN1HEX.getVbyList(p,q,[2,0],"03").substr(2);t.key=r;t.pubkey=s},parsePublicPKCS8Hex:function(s){var q={};q.algparam=null;var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=2){throw"outer DERSequence shall have 2 elements: "+r.length}var t=r[0];if(s.substr(t,2)!="30"){throw"malformed PKCS8 public key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(s,t);if(p.length!=2){throw"malformed PKCS8 public key(code:002)"}if(s.substr(p[0],2)!="06"){throw"malformed PKCS8 public key(code:003)"}q.algoid=ASN1HEX.getHexOfV_AtObj(s,p[0]);if(s.substr(p[1],2)=="06"){q.algparam=ASN1HEX.getHexOfV_AtObj(s,p[1])}else{if(s.substr(p[1],2)=="30"){q.algparam={};q.algparam.p=ASN1HEX.getVbyList(s,p[1],[0],"02");q.algparam.q=ASN1HEX.getVbyList(s,p[1],[1],"02");q.algparam.g=ASN1HEX.getVbyList(s,p[1],[2],"02")}}if(s.substr(r[1],2)!="03"){throw"malformed PKCS8 public key(code:004)"}q.key=ASN1HEX.getHexOfV_AtObj(s,r[1]).substr(2);return q},getRSAKeyFromPublicPKCS8Hex:function(t){var s=ASN1HEX.getPosArrayOfChildren_AtObj(t,0);if(s.length!=2){throw"outer DERSequence shall have 2 elements: "+s.length}var r=ASN1HEX.getHexOfTLV_AtObj(t,s[0]);if(r!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmId is not rsaEncryption"}if(t.substr(s[1],2)!="03"){throw"PKCS8 Public Key is not BITSTRING encapslated."}var v=ASN1HEX.getStartPosOfV_AtObj(t,s[1])+2;if(t.substr(v,2)!="30"){throw"PKCS8 Public Key is not SEQUENCE."}var p=ASN1HEX.getPosArrayOfChildren_AtObj(t,v);if(p.length!=2){throw"inner DERSequence shall have 2 elements: "+p.length}if(t.substr(p[0],2)!="02"){throw"N is not ASN.1 INTEGER"}if(t.substr(p[1],2)!="02"){throw"E is not ASN.1 INTEGER"}var w=ASN1HEX.getHexOfV_AtObj(t,p[0]);var u=ASN1HEX.getHexOfV_AtObj(t,p[1]);var q=new RSAKey();q.setPublic(w,u);return q},}}();KEYUTIL.getKey=function(f,e,h){if(typeof RSAKey!="undefined"&&f instanceof RSAKey){return f}if(typeof KJUR.crypto.ECDSA!="undefined"&&f instanceof KJUR.crypto.ECDSA){return f}if(typeof KJUR.crypto.DSA!="undefined"&&f instanceof KJUR.crypto.DSA){return f}if(f.curve!==undefined&&f.xy!==undefined&&f.d===undefined){return new KJUR.crypto.ECDSA({pub:f.xy,curve:f.curve})}if(f.curve!==undefined&&f.d!==undefined){return new KJUR.crypto.ECDSA({prv:f.d,curve:f.curve})}if(f.kty===undefined&&f.n!==undefined&&f.e!==undefined&&f.d===undefined){var w=new RSAKey();w.setPublic(f.n,f.e);return w}if(f.kty===undefined&&f.n!==undefined&&f.e!==undefined&&f.d!==undefined&&f.p!==undefined&&f.q!==undefined&&f.dp!==undefined&&f.dq!==undefined&&f.co!==undefined&&f.qi===undefined){var w=new RSAKey();w.setPrivateEx(f.n,f.e,f.d,f.p,f.q,f.dp,f.dq,f.co);return w}if(f.kty===undefined&&f.n!==undefined&&f.e!==undefined&&f.d!==undefined&&f.p===undefined){var w=new RSAKey();w.setPrivate(f.n,f.e,f.d);return w}if(f.p!==undefined&&f.q!==undefined&&f.g!==undefined&&f.y!==undefined&&f.x===undefined){var w=new KJUR.crypto.DSA();w.setPublic(f.p,f.q,f.g,f.y);return w}if(f.p!==undefined&&f.q!==undefined&&f.g!==undefined&&f.y!==undefined&&f.x!==undefined){var w=new KJUR.crypto.DSA();w.setPrivate(f.p,f.q,f.g,f.y,f.x);return w}if(f.kty==="RSA"&&f.n!==undefined&&f.e!==undefined&&f.d===undefined){var w=new RSAKey();w.setPublic(b64utohex(f.n),b64utohex(f.e));return w}if(f.kty==="RSA"&&f.n!==undefined&&f.e!==undefined&&f.d!==undefined&&f.p!==undefined&&f.q!==undefined&&f.dp!==undefined&&f.dq!==undefined&&f.qi!==undefined){var w=new RSAKey();w.setPrivateEx(b64utohex(f.n),b64utohex(f.e),b64utohex(f.d),b64utohex(f.p),b64utohex(f.q),b64utohex(f.dp),b64utohex(f.dq),b64utohex(f.qi));return w}if(f.kty==="RSA"&&f.n!==undefined&&f.e!==undefined&&f.d!==undefined){var w=new RSAKey();w.setPrivate(b64utohex(f.n),b64utohex(f.e),b64utohex(f.d));return w}if(f.kty==="EC"&&f.crv!==undefined&&f.x!==undefined&&f.y!==undefined&&f.d===undefined){var d=new KJUR.crypto.ECDSA({curve:f.crv});var l=d.ecparams.keylen/4;var r=("0000000000"+b64utohex(f.x)).slice(-l);var n=("0000000000"+b64utohex(f.y)).slice(-l);var m="04"+r+n;d.setPublicKeyHex(m);return d}if(f.kty==="EC"&&f.crv!==undefined&&f.x!==undefined&&f.y!==undefined&&f.d!==undefined){var d=new KJUR.crypto.ECDSA({curve:f.crv});var l=d.ecparams.keylen/4;var r=("0000000000"+b64utohex(f.x)).slice(-l);var n=("0000000000"+b64utohex(f.y)).slice(-l);var m="04"+r+n;var a=("0000000000"+b64utohex(f.d)).slice(-l);d.setPublicKeyHex(m);d.setPrivateKeyHex(a);return d}if(f.indexOf("-END CERTIFICATE-",0)!=-1||f.indexOf("-END X509 CERTIFICATE-",0)!=-1||f.indexOf("-END TRUSTED CERTIFICATE-",0)!=-1){return X509.getPublicKeyFromCertPEM(f)}if(h==="pkcs8pub"){return KEYUTIL.getKeyFromPublicPKCS8Hex(f)}if(f.indexOf("-END PUBLIC KEY-")!=-1){return KEYUTIL.getKeyFromPublicPKCS8PEM(f)}if(h==="pkcs5prv"){var w=new RSAKey();w.readPrivateKeyFromASN1HexString(f);return w}if(h==="pkcs5prv"){var w=new RSAKey();w.readPrivateKeyFromASN1HexString(f);return w}if(f.indexOf("-END RSA PRIVATE KEY-")!=-1&&f.indexOf("4,ENCRYPTED")==-1){var i=KEYUTIL.getHexFromPEM(f,"RSA PRIVATE KEY");return KEYUTIL.getKey(i,null,"pkcs5prv")}if(f.indexOf("-END DSA PRIVATE KEY-")!=-1&&f.indexOf("4,ENCRYPTED")==-1){var u=this.getHexFromPEM(f,"DSA PRIVATE KEY");var t=ASN1HEX.getVbyList(u,0,[1],"02");var s=ASN1HEX.getVbyList(u,0,[2],"02");var v=ASN1HEX.getVbyList(u,0,[3],"02");var j=ASN1HEX.getVbyList(u,0,[4],"02");var k=ASN1HEX.getVbyList(u,0,[5],"02");var w=new KJUR.crypto.DSA();w.setPrivate(new BigInteger(t,16),new BigInteger(s,16),new BigInteger(v,16),new BigInteger(j,16),new BigInteger(k,16));return w}if(f.indexOf("-END PRIVATE KEY-")!=-1){return KEYUTIL.getKeyFromPlainPrivatePKCS8PEM(f)}if(f.indexOf("-END RSA PRIVATE KEY-")!=-1&&f.indexOf("4,ENCRYPTED")!=-1){return KEYUTIL.getRSAKeyFromEncryptedPKCS5PEM(f,e)}if(f.indexOf("-END EC PRIVATE KEY-")!=-1&&f.indexOf("4,ENCRYPTED")!=-1){var u=KEYUTIL.getDecryptedKeyHex(f,e);var w=ASN1HEX.getVbyList(u,0,[1],"04");var c=ASN1HEX.getVbyList(u,0,[2,0],"06");var o=ASN1HEX.getVbyList(u,0,[3,0],"03").substr(2);var b="";if(KJUR.crypto.OID.oidhex2name[c]!==undefined){b=KJUR.crypto.OID.oidhex2name[c]}else{throw"undefined OID(hex) in KJUR.crypto.OID: "+c}var d=new KJUR.crypto.ECDSA({name:b});d.setPublicKeyHex(o);d.setPrivateKeyHex(w);d.isPublic=false;return d}if(f.indexOf("-END DSA PRIVATE KEY-")!=-1&&f.indexOf("4,ENCRYPTED")!=-1){var u=KEYUTIL.getDecryptedKeyHex(f,e);var t=ASN1HEX.getVbyList(u,0,[1],"02");var s=ASN1HEX.getVbyList(u,0,[2],"02");var v=ASN1HEX.getVbyList(u,0,[3],"02");var j=ASN1HEX.getVbyList(u,0,[4],"02");var k=ASN1HEX.getVbyList(u,0,[5],"02");var w=new KJUR.crypto.DSA();w.setPrivate(new BigInteger(t,16),new BigInteger(s,16),new BigInteger(v,16),new BigInteger(j,16),new BigInteger(k,16));return w}if(f.indexOf("-END ENCRYPTED PRIVATE KEY-")!=-1){return KEYUTIL.getKeyFromEncryptedPKCS8PEM(f,e)}throw"not supported argument"};KEYUTIL.generateKeypair=function(a,c){if(a=="RSA"){var b=c;var h=new RSAKey();h.generate(b,"10001");h.isPrivate=true;h.isPublic=true;var f=new RSAKey();var e=h.n.toString(16);var i=h.e.toString(16);f.setPublic(e,i);f.isPrivate=false;f.isPublic=true;var k={};k.prvKeyObj=h;k.pubKeyObj=f;return k}else{if(a=="EC"){var d=c;var g=new KJUR.crypto.ECDSA({curve:d});var j=g.generateKeyPairHex();var h=new KJUR.crypto.ECDSA({curve:d});h.setPublicKeyHex(j.ecpubhex);h.setPrivateKeyHex(j.ecprvhex);h.isPrivate=true;h.isPublic=false;var f=new KJUR.crypto.ECDSA({curve:d});f.setPublicKeyHex(j.ecpubhex);f.isPrivate=false;f.isPublic=true;var k={};k.prvKeyObj=h;k.pubKeyObj=f;return k}else{throw"unknown algorithm: "+a}}};KEYUTIL.getPEM=function(a,r,o,g,j){var v=KJUR.asn1;var u=KJUR.crypto;function p(s){var w=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{"int":{bigint:s.n}},{"int":s.e},{"int":{bigint:s.d}},{"int":{bigint:s.p}},{"int":{bigint:s.q}},{"int":{bigint:s.dmp1}},{"int":{bigint:s.dmq1}},{"int":{bigint:s.coeff}}]});return w}function q(w){var s=KJUR.asn1.ASN1Util.newObject({seq:[{"int":1},{octstr:{hex:w.prvKeyHex}},{tag:["a0",true,{oid:{name:w.curveName}}]},{tag:["a1",true,{bitstr:{hex:"00"+w.pubKeyHex}}]}]});return s}function n(s){var w=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{"int":{bigint:s.p}},{"int":{bigint:s.q}},{"int":{bigint:s.g}},{"int":{bigint:s.y}},{"int":{bigint:s.x}}]});return w}if(((typeof RSAKey!="undefined"&&a instanceof RSAKey)||(typeof u.DSA!="undefined"&&a instanceof u.DSA)||(typeof u.ECDSA!="undefined"&&a instanceof u.ECDSA))&&a.isPublic==true&&(r===undefined||r=="PKCS8PUB")){var t=new KJUR.asn1.x509.SubjectPublicKeyInfo(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"PUBLIC KEY")}if(r=="PKCS1PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&(o===undefined||o==null)&&a.isPrivate==true){var t=p(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"RSA PRIVATE KEY")}if(r=="PKCS1PRV"&&typeof RSAKey!="undefined"&&a instanceof KJUR.crypto.ECDSA&&(o===undefined||o==null)&&a.isPrivate==true){var f=new KJUR.asn1.DERObjectIdentifier({name:a.curveName});var l=f.getEncodedHex();var e=q(a);var k=e.getEncodedHex();var i="";i+=v.ASN1Util.getPEMStringFromHex(l,"EC PARAMETERS");i+=v.ASN1Util.getPEMStringFromHex(k,"EC PRIVATE KEY");return i}if(r=="PKCS1PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&(o===undefined||o==null)&&a.isPrivate==true){var t=n(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"DSA PRIVATE KEY")}if(r=="PKCS5PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=p(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA",m,o,g)}if(r=="PKCS5PRV"&&typeof KJUR.crypto.ECDSA!="undefined"&&a instanceof KJUR.crypto.ECDSA&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=q(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("EC",m,o,g)}if(r=="PKCS5PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=n(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("DSA",m,o,g)}var h=function(w,s){var y=b(w,s);var x=new KJUR.asn1.ASN1Util.newObject({seq:[{seq:[{oid:{name:"pkcs5PBES2"}},{seq:[{seq:[{oid:{name:"pkcs5PBKDF2"}},{seq:[{octstr:{hex:y.pbkdf2Salt}},{"int":y.pbkdf2Iter}]}]},{seq:[{oid:{name:"des-EDE3-CBC"}},{octstr:{hex:y.encryptionSchemeIV}}]}]}]},{octstr:{hex:y.ciphertext}}]});return x.getEncodedHex()};var b=function(D,E){var x=100;var C=CryptoJS.lib.WordArray.random(8);var B="DES-EDE3-CBC";var s=CryptoJS.lib.WordArray.random(8);var y=CryptoJS.PBKDF2(E,C,{keySize:192/32,iterations:x});var z=CryptoJS.enc.Hex.parse(D);var A=CryptoJS.TripleDES.encrypt(z,y,{iv:s})+"";var w={};w.ciphertext=A;w.pbkdf2Salt=CryptoJS.enc.Hex.stringify(C);w.pbkdf2Iter=x;w.encryptionSchemeAlg=B;w.encryptionSchemeIV=CryptoJS.enc.Hex.stringify(s);return w};if(r=="PKCS8PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&a.isPrivate==true){var d=p(a);var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"rsaEncryption"}},{"null":true}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}if(r=="PKCS8PRV"&&typeof KJUR.crypto.ECDSA!="undefined"&&a instanceof KJUR.crypto.ECDSA&&a.isPrivate==true){var d=new KJUR.asn1.ASN1Util.newObject({seq:[{"int":1},{octstr:{hex:a.prvKeyHex}},{tag:["a1",true,{bitstr:{hex:"00"+a.pubKeyHex}}]}]});var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"ecPublicKey"}},{oid:{name:a.curveName}}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}if(r=="PKCS8PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&a.isPrivate==true){var d=new KJUR.asn1.DERInteger({bigint:a.x});var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"dsa"}},{seq:[{"int":{bigint:a.p}},{"int":{bigint:a.q}},{"int":{bigint:a.g}}]}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}throw"unsupported object nor format"};KEYUTIL.getKeyFromCSRPEM=function(b){var a=KEYUTIL.getHexFromPEM(b,"CERTIFICATE REQUEST");var c=KEYUTIL.getKeyFromCSRHex(a);return c};KEYUTIL.getKeyFromCSRHex=function(a){var c=KEYUTIL.parseCSRHex(a);var b=KEYUTIL.getKey(c.p8pubkeyhex,null,"pkcs8pub");return b};KEYUTIL.parseCSRHex=function(c){var b={};var e=c;if(e.substr(0,2)!="30"){throw"malformed CSR(code:001)"}var d=ASN1HEX.getPosArrayOfChildren_AtObj(e,0);if(d.length<1){throw"malformed CSR(code:002)"}if(e.substr(d[0],2)!="30"){throw"malformed CSR(code:003)"}var a=ASN1HEX.getPosArrayOfChildren_AtObj(e,d[0]);if(a.length<3){throw"malformed CSR(code:004)"}b.p8pubkeyhex=ASN1HEX.getHexOfTLV_AtObj(e,a[2]);return b};KEYUTIL.getJWKFromKey=function(d){var b={};if(d instanceof RSAKey&&d.isPrivate){b.kty="RSA";b.n=hextob64u(d.n.toString(16));b.e=hextob64u(d.e.toString(16));b.d=hextob64u(d.d.toString(16));b.p=hextob64u(d.p.toString(16));b.q=hextob64u(d.q.toString(16));b.dp=hextob64u(d.dmp1.toString(16));b.dq=hextob64u(d.dmq1.toString(16));b.qi=hextob64u(d.coeff.toString(16));return b}else{if(d instanceof RSAKey&&d.isPublic){b.kty="RSA";b.n=hextob64u(d.n.toString(16));b.e=hextob64u(d.e.toString(16));return b}else{if(d instanceof KJUR.crypto.ECDSA&&d.isPrivate){var a=d.getShortNISTPCurveName();if(a!=="P-256"&&a!=="P-384"){throw"unsupported curve name for JWT: "+a}var c=d.getPublicKeyXYHex();b.kty="EC";b.crv=a;b.x=hextob64u(c.x);b.y=hextob64u(c.y);b.d=hextob64u(d.prvKeyHex);return b}else{if(d instanceof KJUR.crypto.ECDSA&&d.isPublic){var a=d.getShortNISTPCurveName();if(a!=="P-256"&&a!=="P-384"){throw"unsupported curve name for JWT: "+a}var c=d.getPublicKeyXYHex();b.kty="EC";b.crv=a;b.x=hextob64u(c.x);b.y=hextob64u(c.y);return b}}}}throw"not supported key object"}; diff --git a/min/asn1hex-1.1.min.js b/min/asn1hex-1.1.min.js index ea9bbd21..23b75ada 100644 --- a/min/asn1hex-1.1.min.js +++ b/min/asn1hex-1.1.min.js @@ -1,3 +1,3 @@ -/*! asn1hex-1.1.7.js (c) 2012-2016 Kenji Urushima | kjur.github.com/jsrsasign/license +/*! asn1hex-1.1.8.js (c) 2012-2016 Kenji Urushima | kjur.github.com/jsrsasign/license */ -var ASN1HEX=new function(){};ASN1HEX.getByteLengthOfL_AtObj=function(b,c){if(b.substring(c+2,c+3)!="8"){return 1}var a=parseInt(b.substring(c+3,c+4));if(a==0){return -1}if(0=(b*2))){break}if(d>=200){break}c.push(e);g=e;d++}return c};ASN1HEX.getNthChildIndex_AtObj=function(d,b,e){var c=ASN1HEX.getPosArrayOfChildren_AtObj(d,b);return c[e]};ASN1HEX.getDecendantIndexByNthList=function(e,d,c){if(c.length==0){return d}var f=c.shift();var b=ASN1HEX.getPosArrayOfChildren_AtObj(e,d);return ASN1HEX.getDecendantIndexByNthList(e,b[f],c)};ASN1HEX.getDecendantHexTLVByNthList=function(d,c,b){var a=ASN1HEX.getDecendantIndexByNthList(d,c,b);return ASN1HEX.getHexOfTLV_AtObj(d,a)};ASN1HEX.getDecendantHexVByNthList=function(d,c,b){var a=ASN1HEX.getDecendantIndexByNthList(d,c,b);return ASN1HEX.getHexOfV_AtObj(d,a)};ASN1HEX.getVbyList=function(d,c,b,e){var a=ASN1HEX.getDecendantIndexByNthList(d,c,b);if(a===undefined){throw"can't find nthList object"}if(e!==undefined){if(d.substr(a,2)!=e){throw"checking tag doesn't match: "+d.substr(a,2)+"!="+e}}return ASN1HEX.getHexOfV_AtObj(d,a)};ASN1HEX.hextooidstr=function(e){var h=function(b,a){if(b.length>=a){return b}return new Array(a-b.length+1).join("0")+b};var l=[];var o=e.substr(0,2);var f=parseInt(o,16);l[0]=new String(Math.floor(f/40));l[1]=new String(f%40);var m=e.substr(2);var k=[];for(var g=0;g0){n=n+"."+j.join(".")}return n};ASN1HEX.dump=function(e,c,k,g){var o=function(w,i){if(w.length<=i*2){return w}else{var v=w.substr(0,i)+"..(total "+w.length/2+"bytes).."+w.substr(w.length-i,i);return v}};if(c===undefined){c={ommit_long_octet:32}}if(k===undefined){k=0}if(g===undefined){g=""}var r=c.ommit_long_octet;if(e.substr(k,2)=="01"){var h=ASN1HEX.getHexOfV_AtObj(e,k);if(h=="00"){return g+"BOOLEAN FALSE\n"}else{return g+"BOOLEAN TRUE\n"}}if(e.substr(k,2)=="02"){var h=ASN1HEX.getHexOfV_AtObj(e,k);return g+"INTEGER "+o(h,r)+"\n"}if(e.substr(k,2)=="03"){var h=ASN1HEX.getHexOfV_AtObj(e,k);return g+"BITSTRING "+o(h,r)+"\n"}if(e.substr(k,2)=="04"){var h=ASN1HEX.getHexOfV_AtObj(e,k);if(ASN1HEX.isASN1HEX(h)){var j=g+"OCTETSTRING, encapsulates\n";j=j+ASN1HEX.dump(h,c,0,g+" ");return j}else{return g+"OCTETSTRING "+o(h,r)+"\n"}}if(e.substr(k,2)=="05"){return g+"NULL\n"}if(e.substr(k,2)=="06"){var l=ASN1HEX.getHexOfV_AtObj(e,k);var a=KJUR.asn1.ASN1Util.oidHexToInt(l);var n=KJUR.asn1.x509.OID.oid2name(a);var b=a.replace(/\./g," ");if(n!=""){return g+"ObjectIdentifier "+n+" ("+b+")\n"}else{return g+"ObjectIdentifier ("+b+")\n"}}if(e.substr(k,2)=="0c"){return g+"UTF8String '"+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"'\n"}if(e.substr(k,2)=="13"){return g+"PrintableString '"+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"'\n"}if(e.substr(k,2)=="14"){return g+"TeletexString '"+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"'\n"}if(e.substr(k,2)=="16"){return g+"IA5String '"+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"'\n"}if(e.substr(k,2)=="17"){return g+"UTCTime "+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"\n"}if(e.substr(k,2)=="18"){return g+"GeneralizedTime "+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"\n"}if(e.substr(k,2)=="30"){if(e.substr(k,4)=="3000"){return g+"SEQUENCE {}\n"}var j=g+"SEQUENCE\n";var d=ASN1HEX.getPosArrayOfChildren_AtObj(e,k);var f=c;if((d.length==2||d.length==3)&&e.substr(d[0],2)=="06"&&e.substr(d[d.length-1],2)=="04"){var t=ASN1HEX.getHexOfV_AtObj(e,d[0]);var a=KJUR.asn1.ASN1Util.oidHexToInt(t);var n=KJUR.asn1.x509.OID.oid2name(a);var p=JSON.parse(JSON.stringify(c));p.x509ExtName=n;f=p}for(var q=0;q=(b*2))){break}if(d>=200){break}c.push(e);g=e;d++}return c};ASN1HEX.getNthChildIndex_AtObj=function(d,b,e){var c=ASN1HEX.getPosArrayOfChildren_AtObj(d,b);return c[e]};ASN1HEX.getDecendantIndexByNthList=function(e,d,c){if(c.length==0){return d}var f=c.shift();var b=ASN1HEX.getPosArrayOfChildren_AtObj(e,d);return ASN1HEX.getDecendantIndexByNthList(e,b[f],c)};ASN1HEX.getDecendantHexTLVByNthList=function(d,c,b){var a=ASN1HEX.getDecendantIndexByNthList(d,c,b);return ASN1HEX.getHexOfTLV_AtObj(d,a)};ASN1HEX.getDecendantHexVByNthList=function(d,c,b){var a=ASN1HEX.getDecendantIndexByNthList(d,c,b);return ASN1HEX.getHexOfV_AtObj(d,a)};ASN1HEX.getVbyList=function(d,c,b,e){var a=ASN1HEX.getDecendantIndexByNthList(d,c,b);if(a===undefined){throw"can't find nthList object"}if(e!==undefined){if(d.substr(a,2)!=e){throw"checking tag doesn't match: "+d.substr(a,2)+"!="+e}}return ASN1HEX.getHexOfV_AtObj(d,a)};ASN1HEX.hextooidstr=function(e){var h=function(b,a){if(b.length>=a){return b}return new Array(a-b.length+1).join("0")+b};var l=[];var o=e.substr(0,2);var f=parseInt(o,16);l[0]=new String(Math.floor(f/40));l[1]=new String(f%40);var m=e.substr(2);var k=[];for(var g=0;g0){n=n+"."+j.join(".")}return n};ASN1HEX.dump=function(q,c,k,g){var e=q;if(q instanceof KJUR.asn1.ASN1Object){e=q.getEncodedHex()}var o=function(x,i){if(x.length<=i*2){return x}else{var v=x.substr(0,i)+"..(total "+x.length/2+"bytes).."+x.substr(x.length-i,i);return v}};if(c===undefined){c={ommit_long_octet:32}}if(k===undefined){k=0}if(g===undefined){g=""}var t=c.ommit_long_octet;if(e.substr(k,2)=="01"){var h=ASN1HEX.getHexOfV_AtObj(e,k);if(h=="00"){return g+"BOOLEAN FALSE\n"}else{return g+"BOOLEAN TRUE\n"}}if(e.substr(k,2)=="02"){var h=ASN1HEX.getHexOfV_AtObj(e,k);return g+"INTEGER "+o(h,t)+"\n"}if(e.substr(k,2)=="03"){var h=ASN1HEX.getHexOfV_AtObj(e,k);return g+"BITSTRING "+o(h,t)+"\n"}if(e.substr(k,2)=="04"){var h=ASN1HEX.getHexOfV_AtObj(e,k);if(ASN1HEX.isASN1HEX(h)){var j=g+"OCTETSTRING, encapsulates\n";j=j+ASN1HEX.dump(h,c,0,g+" ");return j}else{return g+"OCTETSTRING "+o(h,t)+"\n"}}if(e.substr(k,2)=="05"){return g+"NULL\n"}if(e.substr(k,2)=="06"){var l=ASN1HEX.getHexOfV_AtObj(e,k);var a=KJUR.asn1.ASN1Util.oidHexToInt(l);var n=KJUR.asn1.x509.OID.oid2name(a);var b=a.replace(/\./g," ");if(n!=""){return g+"ObjectIdentifier "+n+" ("+b+")\n"}else{return g+"ObjectIdentifier ("+b+")\n"}}if(e.substr(k,2)=="0c"){return g+"UTF8String '"+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"'\n"}if(e.substr(k,2)=="13"){return g+"PrintableString '"+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"'\n"}if(e.substr(k,2)=="14"){return g+"TeletexString '"+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"'\n"}if(e.substr(k,2)=="16"){return g+"IA5String '"+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"'\n"}if(e.substr(k,2)=="17"){return g+"UTCTime "+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"\n"}if(e.substr(k,2)=="18"){return g+"GeneralizedTime "+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"\n"}if(e.substr(k,2)=="30"){if(e.substr(k,4)=="3000"){return g+"SEQUENCE {}\n"}var j=g+"SEQUENCE\n";var d=ASN1HEX.getPosArrayOfChildren_AtObj(e,k);var f=c;if((d.length==2||d.length==3)&&e.substr(d[0],2)=="06"&&e.substr(d[d.length-1],2)=="04"){var u=ASN1HEX.getHexOfV_AtObj(e,d[0]);var a=KJUR.asn1.ASN1Util.oidHexToInt(u);var n=KJUR.asn1.x509.OID.oid2name(a);var p=JSON.parse(JSON.stringify(c));p.x509ExtName=n;f=p}for(var r=0;rd){throw"key is too short for SigAlg: keylen="+j+","+a}var b="0001";var k="00"+c;var g="";var l=d-b.length-k.length;for(var f=0;fd){throw"key is too short for SigAlg: keylen="+j+","+a}var b="0001";var k="00"+c;var g="";var l=d-b.length-k.length;for(var f=0;f0||a.compareTo(b)>0){throw"invalid DSA signature"}if(BigInteger.ZERO.compareTo(t)>0||t.compareTo(b)>0){throw"invalid DSA signature"}var m=t.modInverse(b);var e=k.multiply(m).mod(b);var c=a.multiply(m).mod(b);var n=j.modPow(e,d).multiply(l.modPow(c,d)).mod(d).mod(b);return n.compareTo(a)==0};this.parseASN1Signature=function(a){try{var d=new BigInteger(ASN1HEX.getVbyList(a,0,[0],"02"),16);var c=new BigInteger(ASN1HEX.getVbyList(a,0,[1],"02"),16);return[d,c]}catch(b){throw"malformed ASN.1 DSA signature"}}}; \ No newline at end of file diff --git a/min/dsa-modified-1.0.min.js b/min/dsa-modified-1.0.min.js deleted file mode 100644 index 9f4d36fd..00000000 --- a/min/dsa-modified-1.0.min.js +++ /dev/null @@ -1,3 +0,0 @@ -/*! dsa-modified-1.0.1.js (c) Recurity Labs GmbH, Kenji Urushimma | github.com/openpgpjs/openpgpjs/blob/master/LICENSE - */ -if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.crypto=="undefined"||!KJUR.crypto){KJUR.crypto={}}KJUR.crypto.DSA=function(){this.p=null;this.q=null;this.g=null;this.y=null;this.x=null;this.type="DSA";this.setPrivate=function(z,w,v,A,u){this.isPrivate=true;this.p=z;this.q=w;this.g=v;this.y=A;this.x=u};this.setPublic=function(w,v,u,z){this.isPublic=true;this.p=w;this.q=v;this.g=u;this.y=z;this.x=null};this.signWithMessageHash=function(z){var v=this.p;var u=this.q;var C=this.g;var D=this.y;var E=this.x;var A=z.substr(0,u.bitLength()/4);var B=new BigInteger(z,16);var w=n(BigInteger.ONE.add(BigInteger.ONE),u.subtract(BigInteger.ONE));var G=(C.modPow(w,v)).mod(u);var F=(w.modInverse(u).multiply(B.add(E.multiply(G)))).mod(u);var H=KJUR.asn1.ASN1Util.jsonToASN1HEX({seq:[{"int":{bigint:G}},{"int":{bigint:F}}]});return H};this.verifyWithMessageHash=function(C,B){var z=this.p;var u=this.q;var G=this.g;var H=this.y;var E=this.parseASN1Signature(B);var K=E[0];var J=E[1];var C=C.substr(0,u.bitLength()/4);var D=new BigInteger(C,16);if(BigInteger.ZERO.compareTo(K)>0||K.compareTo(u)>0||BigInteger.ZERO.compareTo(J)>0||J.compareTo(u)>0){throw"invalid DSA signature"}var I=J.modInverse(u);var A=D.multiply(I).mod(u);var v=K.multiply(I).mod(u);var F=G.modPow(A,z).multiply(H.modPow(v,z)).mod(z).mod(u);return F.compareTo(K)==0};this.parseASN1Signature=function(u){try{var y=new BigInteger(ASN1HEX.getVbyList(u,0,[0],"02"),16);var v=new BigInteger(ASN1HEX.getVbyList(u,0,[1],"02"),16);return[y,v]}catch(w){throw"malformed DSA signature"}};function d(E,w,B,v,u,C){var z=KJUR.crypto.Util.hashString(w,E.toLowerCase());var z=z.substr(0,u.bitLength()/4);var A=new BigInteger(z,16);var y=n(BigInteger.ONE.add(BigInteger.ONE),u.subtract(BigInteger.ONE));var F=(B.modPow(y,v)).mod(u);var D=(y.modInverse(u).multiply(A.add(C.multiply(F)))).mod(u);var G=new Array();G[0]=F;G[1]=D;return G}function r(v){var u=openpgp.config.config.prefer_hash_algorithm;switch(Math.round(v.bitLength()/8)){case 20:if(u!=2&&u>11&&u!=10&&u<8){return 2}return u;case 28:if(u>11&&u<8){return 11}return u;case 32:if(u>10&&u<8){return 8}return u;default:util.print_debug("DSA select hash algorithm: returning null for an unknown length of q");return null}}this.select_hash_algorithm=r;function m(I,K,J,B,z,u,F,G){var C=KJUR.crypto.Util.hashString(B,I.toLowerCase());var C=C.substr(0,u.bitLength()/4);var D=new BigInteger(C,16);if(BigInteger.ZERO.compareTo(K)>0||K.compareTo(u)>0||BigInteger.ZERO.compareTo(J)>0||J.compareTo(u)>0){util.print_error("invalid DSA Signature");return null}var H=J.modInverse(u);var A=D.multiply(H).mod(u);var v=K.multiply(H).mod(u);var E=F.modPow(A,z).multiply(G.modPow(v,z)).mod(z).mod(u);return E.compareTo(K)==0}function a(z){var A=new BigInteger(z,primeCenterie);var y=j(q,512);var u=t(p,q,z);var v;do{v=new BigInteger(q.bitCount(),rand)}while(x.compareTo(BigInteger.ZERO)!=1&&x.compareTo(q)!=-1);var w=g.modPow(x,p);return{x:v,q:A,p:y,g:u,y:w}}function j(y,z,w){if(z%64!=0){return false}var u;var v;do{u=w(bitcount,true);v=u.subtract(BigInteger.ONE);u=u.subtract(v.remainder(y))}while(!u.isProbablePrime(primeCenterie)||u.bitLength()!=l);return u}function t(B,z,A,w){var u=B.subtract(BigInteger.ONE);var y=u.divide(z);var v;do{v=w(A)}while(v.compareTo(u)!=-1&&v.compareTo(BigInteger.ONE)!=1);return v.modPow(y,B)}function o(w,y,u){var v;do{v=u(y,false)}while(v.compareTo(w)!=-1&&v.compareTo(BigInteger.ZERO)!=1);return v}function i(v,w){k=o(v);var u=g.modPow(k,w).mod(v);return u}function h(B,w,y,v,z,u){var A=B(v);s=(w.modInverse(z).multiply(A.add(u.multiply(y)))).mod(z);return s}this.sign=d;this.verify=m;function n(w,u){if(u.compareTo(w)<=0){return}var v=u.subtract(w);var y=e(v.bitLength());while(y>v){y=e(v.bitLength())}return w.add(y)}function e(w){if(w<0){return null}var u=Math.floor((w+7)/8);var v=c(u);if(w%8>0){v=String.fromCharCode((Math.pow(2,w%8)-1)&v.charCodeAt(0))+v.substring(1)}return new BigInteger(f(v),16)}function c(w){var u="";for(var v=0;v=s*2){break}}var x={};x.keyhex=v.substr(0,g[o]["keylen"]*2);x.ivhex=v.substr(g[o]["keylen"]*2,g[o]["ivlen"]*2);return x};var a=function(n,t,p,u){var q=CryptoJS.enc.Base64.parse(n);var o=CryptoJS.enc.Hex.stringify(q);var s=g[t]["proc"];var r=s(o,p,u);return r};var f=function(n,q,o,s){var p=g[q]["eproc"];var r=p(n,o,s);return r};return{version:"1.0.5",getHexFromPEM:function(o,r){var p=o;if(p.indexOf("BEGIN "+r)==-1){throw"can't find PEM header: "+r}p=p.replace("-----BEGIN "+r+"-----","");p=p.replace("-----END "+r+"-----","");var q=p.replace(/\s+/g,"");var n=b64tohex(q);return n},getDecryptedKeyHexByKeyIV:function(o,r,q,p){var n=b(r);return n(o,q,p)},parsePKCS5PEM:function(n){return l(n)},getKeyAndUnusedIvByPasscodeAndIvsalt:function(o,n,p){return h(o,n,p)},decryptKeyB64:function(n,p,o,q){return a(n,p,o,q)},getDecryptedKeyHex:function(w,v){var o=l(w);var r=o.type;var p=o.cipher;var n=o.ivsalt;var q=o.data;var u=h(p,v,n);var t=u.keyhex;var s=a(q,p,t,n);return s},getRSAKeyFromEncryptedPKCS5PEM:function(p,o){var q=this.getDecryptedKeyHex(p,o);var n=new RSAKey();n.readPrivateKeyFromASN1HexString(q);return n},getEryptedPKCS5PEMFromPrvKeyHex:function(q,x,r,p){var n="";if(typeof r=="undefined"||r==null){r="AES-256-CBC"}if(typeof g[r]=="undefined"){throw"PKCS5PKEY unsupported algorithm: "+r}if(typeof p=="undefined"||p==null){var t=g[r]["ivlen"];var s=k(t);p=s.toUpperCase()}var w=h(r,x,p);var v=w.keyhex;var u=f(q,r,v,p);var o=u.replace(/(.{64})/g,"$1\r\n");var n="-----BEGIN RSA PRIVATE KEY-----\r\n";n+="Proc-Type: 4,ENCRYPTED\r\n";n+="DEK-Info: "+r+","+p+"\r\n";n+="\r\n";n+=o;n+="\r\n-----END RSA PRIVATE KEY-----\r\n";return n},getEryptedPKCS5PEMFromRSAKey:function(C,D,o,s){var A=new KJUR.asn1.DERInteger({"int":0});var v=new KJUR.asn1.DERInteger({bigint:C.n});var z=new KJUR.asn1.DERInteger({"int":C.e});var B=new KJUR.asn1.DERInteger({bigint:C.d});var t=new KJUR.asn1.DERInteger({bigint:C.p});var r=new KJUR.asn1.DERInteger({bigint:C.q});var y=new KJUR.asn1.DERInteger({bigint:C.dmp1});var u=new KJUR.asn1.DERInteger({bigint:C.dmq1});var x=new KJUR.asn1.DERInteger({bigint:C.coeff});var E=new KJUR.asn1.DERSequence({array:[A,v,z,B,t,r,y,u,x]});var w=E.getEncodedHex();return this.getEryptedPKCS5PEMFromPrvKeyHex(w,D,o,s)},newEncryptedPKCS5PEM:function(n,o,r,s){if(typeof o=="undefined"||o==null){o=1024}if(typeof r=="undefined"||r==null){r="10001"}var p=new RSAKey();p.generate(o,r);var q=null;if(typeof s=="undefined"||s==null){q=this.getEncryptedPKCS5PEMFromRSAKey(pkey,n)}else{q=this.getEncryptedPKCS5PEMFromRSAKey(pkey,n,s)}return q},getRSAKeyFromPlainPKCS8PEM:function(p){if(p.match(/ENCRYPTED/)){throw"pem shall be not ENCRYPTED"}var o=this.getHexFromPEM(p,"PRIVATE KEY");var n=this.getRSAKeyFromPlainPKCS8Hex(o);return n},getRSAKeyFromPlainPKCS8Hex:function(q){var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,0);if(p.length!=3){throw"outer DERSequence shall have 3 elements: "+p.length}var o=ASN1HEX.getHexOfTLV_AtObj(q,p[1]);if(o!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmIdentifier is not rsaEnc: "+o}var o=ASN1HEX.getHexOfTLV_AtObj(q,p[1]);var r=ASN1HEX.getHexOfTLV_AtObj(q,p[2]);var s=ASN1HEX.getHexOfV_AtObj(r,0);var n=new RSAKey();n.readPrivateKeyFromASN1HexString(s);return n},parseHexOfEncryptedPKCS8:function(u){var q={};var p=ASN1HEX.getPosArrayOfChildren_AtObj(u,0);if(p.length!=2){throw"malformed format: SEQUENCE(0).items != 2: "+p.length}q.ciphertext=ASN1HEX.getHexOfV_AtObj(u,p[1]);var w=ASN1HEX.getPosArrayOfChildren_AtObj(u,p[0]);if(w.length!=2){throw"malformed format: SEQUENCE(0.0).items != 2: "+w.length}if(ASN1HEX.getHexOfV_AtObj(u,w[0])!="2a864886f70d01050d"){throw"this only supports pkcs5PBES2"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(u,w[1]);if(w.length!=2){throw"malformed format: SEQUENCE(0.0.1).items != 2: "+n.length}var o=ASN1HEX.getPosArrayOfChildren_AtObj(u,n[1]);if(o.length!=2){throw"malformed format: SEQUENCE(0.0.1.1).items != 2: "+o.length}if(ASN1HEX.getHexOfV_AtObj(u,o[0])!="2a864886f70d0307"){throw"this only supports TripleDES"}q.encryptionSchemeAlg="TripleDES";q.encryptionSchemeIV=ASN1HEX.getHexOfV_AtObj(u,o[1]);var r=ASN1HEX.getPosArrayOfChildren_AtObj(u,n[0]);if(r.length!=2){throw"malformed format: SEQUENCE(0.0.1.0).items != 2: "+r.length}if(ASN1HEX.getHexOfV_AtObj(u,r[0])!="2a864886f70d01050c"){throw"this only supports pkcs5PBKDF2"}var v=ASN1HEX.getPosArrayOfChildren_AtObj(u,r[1]);if(v.length<2){throw"malformed format: SEQUENCE(0.0.1.0.1).items < 2: "+v.length}q.pbkdf2Salt=ASN1HEX.getHexOfV_AtObj(u,v[0]);var s=ASN1HEX.getHexOfV_AtObj(u,v[1]);try{q.pbkdf2Iter=parseInt(s,16)}catch(t){throw"malformed format pbkdf2Iter: "+s}return q},getPBKDF2KeyHexFromParam:function(s,n){var r=CryptoJS.enc.Hex.parse(s.pbkdf2Salt);var o=s.pbkdf2Iter;var q=CryptoJS.PBKDF2(n,r,{keySize:192/32,iterations:o});var p=CryptoJS.enc.Hex.stringify(q);return p},getPlainPKCS8HexFromEncryptedPKCS8PEM:function(v,w){var p=this.getHexFromPEM(v,"ENCRYPTED PRIVATE KEY");var n=this.parseHexOfEncryptedPKCS8(p);var s=PKCS5PKEY.getPBKDF2KeyHexFromParam(n,w);var t={};t.ciphertext=CryptoJS.enc.Hex.parse(n.ciphertext);var r=CryptoJS.enc.Hex.parse(s);var q=CryptoJS.enc.Hex.parse(n.encryptionSchemeIV);var u=CryptoJS.TripleDES.decrypt(t,r,{iv:q});var o=CryptoJS.enc.Hex.stringify(u);return o},getRSAKeyFromEncryptedPKCS8PEM:function(q,p){var o=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(q,p);var n=this.getRSAKeyFromPlainPKCS8Hex(o);return n},getKeyFromEncryptedPKCS8PEM:function(q,o){var n=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(q,o);var p=this.getKeyFromPlainPrivatePKCS8Hex(n);return p},parsePlainPrivatePKCS8Hex:function(q){var o={};o.algparam=null;if(q.substr(0,2)!="30"){throw"malformed plain PKCS8 private key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,0);if(p.length!=3){throw"malformed plain PKCS8 private key(code:002)"}if(q.substr(p[1],2)!="30"){throw"malformed PKCS8 private key(code:003)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(q,p[1]);if(n.length!=2){throw"malformed PKCS8 private key(code:004)"}if(q.substr(n[0],2)!="06"){throw"malformed PKCS8 private key(code:005)"}o.algoid=ASN1HEX.getHexOfV_AtObj(q,n[0]);if(q.substr(n[1],2)=="06"){o.algparam=ASN1HEX.getHexOfV_AtObj(q,n[1])}if(q.substr(p[2],2)!="04"){throw"malformed PKCS8 private key(code:006)"}o.keyidx=ASN1HEX.getStartPosOfV_AtObj(q,p[2]);return o},getKeyFromPlainPrivatePKCS8PEM:function(o){var n=this.getHexFromPEM(o,"PRIVATE KEY");var p=this.getKeyFromPlainPrivatePKCS8Hex(n);return p},getKeyFromPlainPrivatePKCS8Hex:function(n){var p=this.parsePlainPrivatePKCS8Hex(n);if(p.algoid=="2a864886f70d010101"){this.parsePrivateRawRSAKeyHexAtObj(n,p);var o=p.key;var q=new RSAKey();q.setPrivateEx(o.n,o.e,o.d,o.p,o.q,o.dp,o.dq,o.co);return q}else{if(p.algoid=="2a8648ce3d0201"){this.parsePrivateRawECKeyHexAtObj(n,p);if(KJUR.crypto.OID.oidhex2name[p.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+p.algparam}var r=KJUR.crypto.OID.oidhex2name[p.algparam];var q=new KJUR.crypto.ECDSA({curve:r,prv:p.key});return q}else{throw"unsupported private key algorithm"}}},getRSAKeyFromPublicPKCS8PEM:function(o){var p=this.getHexFromPEM(o,"PUBLIC KEY");var n=this.getRSAKeyFromPublicPKCS8Hex(p);return n},getKeyFromPublicPKCS8PEM:function(o){var p=this.getHexFromPEM(o,"PUBLIC KEY");var n=this.getKeyFromPublicPKCS8Hex(p);return n},getKeyFromPublicPKCS8Hex:function(o){var n=this.parsePublicPKCS8Hex(o);if(n.algoid=="2a864886f70d010101"){var r=this.parsePublicRawRSAKeyHex(n.key);var p=new RSAKey();p.setPublic(r.n,r.e);return p}else{if(n.algoid=="2a8648ce3d0201"){if(KJUR.crypto.OID.oidhex2name[n.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+n.algparam}var q=KJUR.crypto.OID.oidhex2name[n.algparam];var p=new KJUR.crypto.ECDSA({curve:q,pub:n.key});return p}else{throw"unsupported public key algorithm"}}},parsePublicRawRSAKeyHex:function(p){var n={};if(p.substr(0,2)!="30"){throw"malformed RSA key(code:001)"}var o=ASN1HEX.getPosArrayOfChildren_AtObj(p,0);if(o.length!=2){throw"malformed RSA key(code:002)"}if(p.substr(o[0],2)!="02"){throw"malformed RSA key(code:003)"}n.n=ASN1HEX.getHexOfV_AtObj(p,o[0]);if(p.substr(o[1],2)!="02"){throw"malformed RSA key(code:004)"}n.e=ASN1HEX.getHexOfV_AtObj(p,o[1]);return n},parsePrivateRawRSAKeyHexAtObj:function(o,q){var p=q.keyidx;if(o.substr(p,2)!="30"){throw"malformed RSA private key(code:001)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(o,p);if(n.length!=9){throw"malformed RSA private key(code:002)"}q.key={};q.key.n=ASN1HEX.getHexOfV_AtObj(o,n[1]);q.key.e=ASN1HEX.getHexOfV_AtObj(o,n[2]);q.key.d=ASN1HEX.getHexOfV_AtObj(o,n[3]);q.key.p=ASN1HEX.getHexOfV_AtObj(o,n[4]);q.key.q=ASN1HEX.getHexOfV_AtObj(o,n[5]);q.key.dp=ASN1HEX.getHexOfV_AtObj(o,n[6]);q.key.dq=ASN1HEX.getHexOfV_AtObj(o,n[7]);q.key.co=ASN1HEX.getHexOfV_AtObj(o,n[8])},parsePrivateRawECKeyHexAtObj:function(o,q){var p=q.keyidx;if(o.substr(p,2)!="30"){throw"malformed ECC private key(code:001)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(o,p);if(n.length!=3){throw"malformed ECC private key(code:002)"}if(o.substr(n[1],2)!="04"){throw"malformed ECC private key(code:003)"}q.key=ASN1HEX.getHexOfV_AtObj(o,n[1])},parsePublicPKCS8Hex:function(q){var o={};o.algparam=null;var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,0);if(p.length!=2){throw"outer DERSequence shall have 2 elements: "+p.length}var r=p[0];if(q.substr(r,2)!="30"){throw"malformed PKCS8 public key(code:001)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(q,r);if(n.length!=2){throw"malformed PKCS8 public key(code:002)"}if(q.substr(n[0],2)!="06"){throw"malformed PKCS8 public key(code:003)"}o.algoid=ASN1HEX.getHexOfV_AtObj(q,n[0]);if(q.substr(n[1],2)=="06"){o.algparam=ASN1HEX.getHexOfV_AtObj(q,n[1])}if(q.substr(p[1],2)!="03"){throw"malformed PKCS8 public key(code:004)"}o.key=ASN1HEX.getHexOfV_AtObj(q,p[1]).substr(2);return o},getRSAKeyFromPublicPKCS8Hex:function(r){var q=ASN1HEX.getPosArrayOfChildren_AtObj(r,0);if(q.length!=2){throw"outer DERSequence shall have 2 elements: "+q.length}var p=ASN1HEX.getHexOfTLV_AtObj(r,q[0]);if(p!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmId is not rsaEncryption"}if(r.substr(q[1],2)!="03"){throw"PKCS8 Public Key is not BITSTRING encapslated."}var t=ASN1HEX.getStartPosOfV_AtObj(r,q[1])+2;if(r.substr(t,2)!="30"){throw"PKCS8 Public Key is not SEQUENCE."}var n=ASN1HEX.getPosArrayOfChildren_AtObj(r,t);if(n.length!=2){throw"inner DERSequence shall have 2 elements: "+n.length}if(r.substr(n[0],2)!="02"){throw"N is not ASN.1 INTEGER"}if(r.substr(n[1],2)!="02"){throw"E is not ASN.1 INTEGER"}var u=ASN1HEX.getHexOfV_AtObj(r,n[0]);var s=ASN1HEX.getHexOfV_AtObj(r,n[1]);var o=new RSAKey();o.setPublic(u,s);return o},}}(); \ No newline at end of file +var PKCS5PKEY=function(){var c=function(n,p,o){return i(CryptoJS.AES,n,p,o)};var d=function(n,p,o){return i(CryptoJS.TripleDES,n,p,o)};var i=function(q,v,s,o){var p=CryptoJS.enc.Hex.parse(v);var u=CryptoJS.enc.Hex.parse(s);var n=CryptoJS.enc.Hex.parse(o);var r={};r.key=u;r.iv=n;r.ciphertext=p;var t=q.decrypt(r,u,{iv:n});return CryptoJS.enc.Hex.stringify(t)};var j=function(n,p,o){return e(CryptoJS.AES,n,p,o)};var m=function(n,p,o){return e(CryptoJS.TripleDES,n,p,o)};var e=function(s,x,v,p){var r=CryptoJS.enc.Hex.parse(x);var w=CryptoJS.enc.Hex.parse(v);var o=CryptoJS.enc.Hex.parse(p);var n={};var u=s.encrypt(r,w,{iv:o});var q=CryptoJS.enc.Hex.parse(u.toString());var t=CryptoJS.enc.Base64.stringify(q);return t};var g={"AES-256-CBC":{proc:c,eproc:j,keylen:32,ivlen:16},"AES-192-CBC":{proc:c,eproc:j,keylen:24,ivlen:16},"AES-128-CBC":{proc:c,eproc:j,keylen:16,ivlen:16},"DES-EDE3-CBC":{proc:d,eproc:m,keylen:24,ivlen:8}};var b=function(n){return g[n]["proc"]};var k=function(n){var p=CryptoJS.lib.WordArray.random(n);var o=CryptoJS.enc.Hex.stringify(p);return o};var l=function(t){var u={};var o=t.match(new RegExp("DEK-Info: ([^,]+),([0-9A-Fa-f]+)","m"));if(o){u.cipher=o[1];u.ivsalt=o[2]}var n=t.match(new RegExp("-----BEGIN ([A-Z]+) PRIVATE KEY-----"));if(n){u.type=n[1]}var r=-1;var v=0;if(t.indexOf("\r\n\r\n")!=-1){r=t.indexOf("\r\n\r\n");v=2}if(t.indexOf("\n\n")!=-1){r=t.indexOf("\n\n");v=1}var q=t.indexOf("-----END");if(r!=-1&&q!=-1){var p=t.substring(r+v*2,q-v);p=p.replace(/\s+/g,"");u.data=p}return u};var h=function(o,w,n){var t=n.substring(0,16);var r=CryptoJS.enc.Hex.parse(t);var p=CryptoJS.enc.Utf8.parse(w);var s=g[o]["keylen"]+g[o]["ivlen"];var v="";var u=null;for(;;){var q=CryptoJS.algo.MD5.create();if(u!=null){q.update(u)}q.update(p);q.update(r);u=q.finalize();v=v+CryptoJS.enc.Hex.stringify(u);if(v.length>=s*2){break}}var x={};x.keyhex=v.substr(0,g[o]["keylen"]*2);x.ivhex=v.substr(g[o]["keylen"]*2,g[o]["ivlen"]*2);return x};var a=function(n,t,p,u){var q=CryptoJS.enc.Base64.parse(n);var o=CryptoJS.enc.Hex.stringify(q);var s=g[t]["proc"];var r=s(o,p,u);return r};var f=function(n,q,o,s){var p=g[q]["eproc"];var r=p(n,o,s);return r};return{version:"1.0.5",getHexFromPEM:function(o,r){var p=o;if(p.indexOf("BEGIN "+r)==-1){throw"can't find PEM header: "+r}p=p.replace("-----BEGIN "+r+"-----","");p=p.replace("-----END "+r+"-----","");var q=p.replace(/\s+/g,"");var n=b64tohex(q);return n},getDecryptedKeyHexByKeyIV:function(o,r,q,p){var n=b(r);return n(o,q,p)},parsePKCS5PEM:function(n){return l(n)},getKeyAndUnusedIvByPasscodeAndIvsalt:function(o,n,p){return h(o,n,p)},decryptKeyB64:function(n,p,o,q){return a(n,p,o,q)},getDecryptedKeyHex:function(w,v){var o=l(w);var r=o.type;var p=o.cipher;var n=o.ivsalt;var q=o.data;var u=h(p,v,n);var t=u.keyhex;var s=a(q,p,t,n);return s},getRSAKeyFromEncryptedPKCS5PEM:function(p,o){var q=this.getDecryptedKeyHex(p,o);var n=new RSAKey();n.readPrivateKeyFromASN1HexString(q);return n},getEncryptedPKCS5PEMFromPrvKeyHex:function(q,x,r,p){if(typeof r=="undefined"||r==null){r="AES-256-CBC"}if(typeof g[r]=="undefined"){throw"PKCS5PKEY unsupported algorithm: "+r}if(typeof p=="undefined"||p==null){var t=g[r]["ivlen"];var s=k(t);p=s.toUpperCase()}var w=h(r,x,p);var v=w.keyhex;var u=f(q,r,v,p);var o=u.replace(/(.{64})/g,"$1\r\n");var n="-----BEGIN RSA PRIVATE KEY-----\r\n";n+="Proc-Type: 4,ENCRYPTED\r\n";n+="DEK-Info: "+r+","+p+"\r\n";n+="\r\n";n+=o;n+="\r\n-----END RSA PRIVATE KEY-----\r\n";return n},getEncryptedPKCS5PEMFromRSAKey:function(C,D,o,s){var A=new KJUR.asn1.DERInteger({"int":0});var v=new KJUR.asn1.DERInteger({bigint:C.n});var z=new KJUR.asn1.DERInteger({"int":C.e});var B=new KJUR.asn1.DERInteger({bigint:C.d});var t=new KJUR.asn1.DERInteger({bigint:C.p});var r=new KJUR.asn1.DERInteger({bigint:C.q});var y=new KJUR.asn1.DERInteger({bigint:C.dmp1});var u=new KJUR.asn1.DERInteger({bigint:C.dmq1});var x=new KJUR.asn1.DERInteger({bigint:C.coeff});var E=new KJUR.asn1.DERSequence({array:[A,v,z,B,t,r,y,u,x]});var w=E.getEncodedHex();return this.getEncryptedPKCS5PEMFromPrvKeyHex(w,D,o,s)},newEncryptedPKCS5PEM:function(n,o,r,s){if(typeof o=="undefined"||o==null){o=1024}if(typeof r=="undefined"||r==null){r="10001"}var p=new RSAKey();p.generate(o,r);var q=null;if(typeof s=="undefined"||s==null){q=this.getEncryptedPKCS5PEMFromRSAKey(pkey,n)}else{q=this.getEncryptedPKCS5PEMFromRSAKey(pkey,n,s)}return q},getRSAKeyFromPlainPKCS8PEM:function(p){if(p.match(/ENCRYPTED/)){throw"pem shall be not ENCRYPTED"}var o=this.getHexFromPEM(p,"PRIVATE KEY");var n=this.getRSAKeyFromPlainPKCS8Hex(o);return n},getRSAKeyFromPlainPKCS8Hex:function(q){var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,0);if(p.length!=3){throw"outer DERSequence shall have 3 elements: "+p.length}var o=ASN1HEX.getHexOfTLV_AtObj(q,p[1]);if(o!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmIdentifier is not rsaEnc: "+o}var r=ASN1HEX.getHexOfTLV_AtObj(q,p[2]);var s=ASN1HEX.getHexOfV_AtObj(r,0);var n=new RSAKey();n.readPrivateKeyFromASN1HexString(s);return n},parseHexOfEncryptedPKCS8:function(u){var q={};var p=ASN1HEX.getPosArrayOfChildren_AtObj(u,0);if(p.length!=2){throw"malformed format: SEQUENCE(0).items != 2: "+p.length}q.ciphertext=ASN1HEX.getHexOfV_AtObj(u,p[1]);var w=ASN1HEX.getPosArrayOfChildren_AtObj(u,p[0]);if(w.length!=2){throw"malformed format: SEQUENCE(0.0).items != 2: "+w.length}if(ASN1HEX.getHexOfV_AtObj(u,w[0])!="2a864886f70d01050d"){throw"this only supports pkcs5PBES2"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(u,w[1]);if(w.length!=2){throw"malformed format: SEQUENCE(0.0.1).items != 2: "+n.length}var o=ASN1HEX.getPosArrayOfChildren_AtObj(u,n[1]);if(o.length!=2){throw"malformed format: SEQUENCE(0.0.1.1).items != 2: "+o.length}if(ASN1HEX.getHexOfV_AtObj(u,o[0])!="2a864886f70d0307"){throw"this only supports TripleDES"}q.encryptionSchemeAlg="TripleDES";q.encryptionSchemeIV=ASN1HEX.getHexOfV_AtObj(u,o[1]);var r=ASN1HEX.getPosArrayOfChildren_AtObj(u,n[0]);if(r.length!=2){throw"malformed format: SEQUENCE(0.0.1.0).items != 2: "+r.length}if(ASN1HEX.getHexOfV_AtObj(u,r[0])!="2a864886f70d01050c"){throw"this only supports pkcs5PBKDF2"}var v=ASN1HEX.getPosArrayOfChildren_AtObj(u,r[1]);if(v.length<2){throw"malformed format: SEQUENCE(0.0.1.0.1).items < 2: "+v.length}q.pbkdf2Salt=ASN1HEX.getHexOfV_AtObj(u,v[0]);var s=ASN1HEX.getHexOfV_AtObj(u,v[1]);try{q.pbkdf2Iter=parseInt(s,16)}catch(t){throw"malformed format pbkdf2Iter: "+s}return q},getPBKDF2KeyHexFromParam:function(s,n){var r=CryptoJS.enc.Hex.parse(s.pbkdf2Salt);var o=s.pbkdf2Iter;var q=CryptoJS.PBKDF2(n,r,{keySize:192/32,iterations:o});var p=CryptoJS.enc.Hex.stringify(q);return p},getPlainPKCS8HexFromEncryptedPKCS8PEM:function(v,w){var p=this.getHexFromPEM(v,"ENCRYPTED PRIVATE KEY");var n=this.parseHexOfEncryptedPKCS8(p);var s=PKCS5PKEY.getPBKDF2KeyHexFromParam(n,w);var t={};t.ciphertext=CryptoJS.enc.Hex.parse(n.ciphertext);var r=CryptoJS.enc.Hex.parse(s);var q=CryptoJS.enc.Hex.parse(n.encryptionSchemeIV);var u=CryptoJS.TripleDES.decrypt(t,r,{iv:q});var o=CryptoJS.enc.Hex.stringify(u);return o},getRSAKeyFromEncryptedPKCS8PEM:function(q,p){var o=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(q,p);var n=this.getRSAKeyFromPlainPKCS8Hex(o);return n},getKeyFromEncryptedPKCS8PEM:function(q,o){var n=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(q,o);var p=this.getKeyFromPlainPrivatePKCS8Hex(n);return p},parsePlainPrivatePKCS8Hex:function(q){var o={};o.algparam=null;if(q.substr(0,2)!="30"){throw"malformed plain PKCS8 private key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,0);if(p.length!=3){throw"malformed plain PKCS8 private key(code:002)"}if(q.substr(p[1],2)!="30"){throw"malformed PKCS8 private key(code:003)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(q,p[1]);if(n.length!=2){throw"malformed PKCS8 private key(code:004)"}if(q.substr(n[0],2)!="06"){throw"malformed PKCS8 private key(code:005)"}o.algoid=ASN1HEX.getHexOfV_AtObj(q,n[0]);if(q.substr(n[1],2)=="06"){o.algparam=ASN1HEX.getHexOfV_AtObj(q,n[1])}if(q.substr(p[2],2)!="04"){throw"malformed PKCS8 private key(code:006)"}o.keyidx=ASN1HEX.getStartPosOfV_AtObj(q,p[2]);return o},getKeyFromPlainPrivatePKCS8PEM:function(o){var n=this.getHexFromPEM(o,"PRIVATE KEY");var p=this.getKeyFromPlainPrivatePKCS8Hex(n);return p},getKeyFromPlainPrivatePKCS8Hex:function(n){var p=this.parsePlainPrivatePKCS8Hex(n);if(p.algoid=="2a864886f70d010101"){this.parsePrivateRawRSAKeyHexAtObj(n,p);var o=p.key;var q=new RSAKey();q.setPrivateEx(o.n,o.e,o.d,o.p,o.q,o.dp,o.dq,o.co);return q}else{if(p.algoid=="2a8648ce3d0201"){this.parsePrivateRawECKeyHexAtObj(n,p);if(KJUR.crypto.OID.oidhex2name[p.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+p.algparam}var r=KJUR.crypto.OID.oidhex2name[p.algparam];var q=new KJUR.crypto.ECDSA({curve:r,prv:p.key});return q}else{throw"unsupported private key algorithm"}}},getRSAKeyFromPublicPKCS8PEM:function(o){var p=this.getHexFromPEM(o,"PUBLIC KEY");var n=this.getRSAKeyFromPublicPKCS8Hex(p);return n},getKeyFromPublicPKCS8PEM:function(o){var p=this.getHexFromPEM(o,"PUBLIC KEY");var n=this.getKeyFromPublicPKCS8Hex(p);return n},getKeyFromPublicPKCS8Hex:function(o){var n=this.parsePublicPKCS8Hex(o);if(n.algoid=="2a864886f70d010101"){var r=this.parsePublicRawRSAKeyHex(n.key);var p=new RSAKey();p.setPublic(r.n,r.e);return p}else{if(n.algoid=="2a8648ce3d0201"){if(KJUR.crypto.OID.oidhex2name[n.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+n.algparam}var q=KJUR.crypto.OID.oidhex2name[n.algparam];var p=new KJUR.crypto.ECDSA({curve:q,pub:n.key});return p}else{throw"unsupported public key algorithm"}}},parsePublicRawRSAKeyHex:function(p){var n={};if(p.substr(0,2)!="30"){throw"malformed RSA key(code:001)"}var o=ASN1HEX.getPosArrayOfChildren_AtObj(p,0);if(o.length!=2){throw"malformed RSA key(code:002)"}if(p.substr(o[0],2)!="02"){throw"malformed RSA key(code:003)"}n.n=ASN1HEX.getHexOfV_AtObj(p,o[0]);if(p.substr(o[1],2)!="02"){throw"malformed RSA key(code:004)"}n.e=ASN1HEX.getHexOfV_AtObj(p,o[1]);return n},parsePrivateRawRSAKeyHexAtObj:function(o,q){var p=q.keyidx;if(o.substr(p,2)!="30"){throw"malformed RSA private key(code:001)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(o,p);if(n.length!=9){throw"malformed RSA private key(code:002)"}q.key={};q.key.n=ASN1HEX.getHexOfV_AtObj(o,n[1]);q.key.e=ASN1HEX.getHexOfV_AtObj(o,n[2]);q.key.d=ASN1HEX.getHexOfV_AtObj(o,n[3]);q.key.p=ASN1HEX.getHexOfV_AtObj(o,n[4]);q.key.q=ASN1HEX.getHexOfV_AtObj(o,n[5]);q.key.dp=ASN1HEX.getHexOfV_AtObj(o,n[6]);q.key.dq=ASN1HEX.getHexOfV_AtObj(o,n[7]);q.key.co=ASN1HEX.getHexOfV_AtObj(o,n[8])},parsePrivateRawECKeyHexAtObj:function(o,q){var p=q.keyidx;if(o.substr(p,2)!="30"){throw"malformed ECC private key(code:001)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(o,p);if(n.length!=3){throw"malformed ECC private key(code:002)"}if(o.substr(n[1],2)!="04"){throw"malformed ECC private key(code:003)"}q.key=ASN1HEX.getHexOfV_AtObj(o,n[1])},parsePublicPKCS8Hex:function(q){var o={};o.algparam=null;var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,0);if(p.length!=2){throw"outer DERSequence shall have 2 elements: "+p.length}var r=p[0];if(q.substr(r,2)!="30"){throw"malformed PKCS8 public key(code:001)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(q,r);if(n.length!=2){throw"malformed PKCS8 public key(code:002)"}if(q.substr(n[0],2)!="06"){throw"malformed PKCS8 public key(code:003)"}o.algoid=ASN1HEX.getHexOfV_AtObj(q,n[0]);if(q.substr(n[1],2)=="06"){o.algparam=ASN1HEX.getHexOfV_AtObj(q,n[1])}if(q.substr(p[1],2)!="03"){throw"malformed PKCS8 public key(code:004)"}o.key=ASN1HEX.getHexOfV_AtObj(q,p[1]).substr(2);return o},getRSAKeyFromPublicPKCS8Hex:function(r){var q=ASN1HEX.getPosArrayOfChildren_AtObj(r,0);if(q.length!=2){throw"outer DERSequence shall have 2 elements: "+q.length}var p=ASN1HEX.getHexOfTLV_AtObj(r,q[0]);if(p!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmId is not rsaEncryption"}if(r.substr(q[1],2)!="03"){throw"PKCS8 Public Key is not BITSTRING encapslated."}var t=ASN1HEX.getStartPosOfV_AtObj(r,q[1])+2;if(r.substr(t,2)!="30"){throw"PKCS8 Public Key is not SEQUENCE."}var n=ASN1HEX.getPosArrayOfChildren_AtObj(r,t);if(n.length!=2){throw"inner DERSequence shall have 2 elements: "+n.length}if(r.substr(n[0],2)!="02"){throw"N is not ASN.1 INTEGER"}if(r.substr(n[1],2)!="02"){throw"E is not ASN.1 INTEGER"}var u=ASN1HEX.getHexOfV_AtObj(r,n[0]);var s=ASN1HEX.getHexOfV_AtObj(r,n[1]);var o=new RSAKey();o.setPublic(u,s);return o},}}(); \ No newline at end of file diff --git a/npm/lib/jsrsasign.js b/npm/lib/jsrsasign.js index b90fcdd2..d429ca70 100755 --- a/npm/lib/jsrsasign.js +++ b/npm/lib/jsrsasign.js @@ -4,7 +4,7 @@ navigator.userAgent = false; var window = {}; /* - * jsrsasign 6.2.3 (2016-11-29) (c) 2010-2016 Kenji Urushima | kjur.github.com/jsrsasign/license + * jsrsasign 7.0.0 (2016-12-25) (c) 2010-2016 Kenji Urushima | kjur.github.com/jsrsasign/license */ /* @@ -235,9 +235,9 @@ var jsonParse=(function(){var e="(?:-?\\b(?:0|[1-9][0-9]*)(?:\\.[0-9]+)?(?:[eE][ /*! asn1-1.0.12.js (c) 2013-2016 Kenji Urushima | kjur.github.com/jsrsasign/license */ if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}KJUR.asn1.ASN1Util=new function(){this.integerToByteHex=function(a){var b=a.toString(16);if((b.length%2)==1){b="0"+b}return b};this.bigIntToMinTwosComplementsHex=function(j){var f=j.toString(16);if(f.substr(0,1)!="-"){if(f.length%2==1){f="0"+f}else{if(!f.match(/^[0-7]/)){f="00"+f}}}else{var a=f.substr(1);var e=a.length;if(e%2==1){e+=1}else{if(!f.match(/^[0-7]/)){e+=2}}var g="";for(var d=0;d15){throw"ASN.1 length too long to represent by 8x: n = "+i.toString(16)}var f=128+g;return f.toString(16)+h}};this.getEncodedHex=function(){if(this.hTLV==null||this.isModified){this.hV=this.getFreshValueHex();this.hL=this.getLengthHexFromValue();this.hTLV=this.hT+this.hL+this.hV;this.isModified=false}return this.hTLV};this.getValueHex=function(){this.getEncodedHex();return this.hV};this.getFreshValueHex=function(){return""}};KJUR.asn1.DERAbstractString=function(c){KJUR.asn1.DERAbstractString.superclass.constructor.call(this);var b=null;var a=null;this.getString=function(){return this.s};this.setString=function(d){this.hTLV=null;this.isModified=true;this.s=d;this.hV=stohex(this.s)};this.setStringHex=function(d){this.hTLV=null;this.isModified=true;this.s=null;this.hV=d};this.getFreshValueHex=function(){return this.hV};if(typeof c!="undefined"){if(typeof c=="string"){this.setString(c)}else{if(typeof c.str!="undefined"){this.setString(c.str)}else{if(typeof c.hex!="undefined"){this.setStringHex(c.hex)}}}}};YAHOO.lang.extend(KJUR.asn1.DERAbstractString,KJUR.asn1.ASN1Object);KJUR.asn1.DERAbstractTime=function(c){KJUR.asn1.DERAbstractTime.superclass.constructor.call(this);var b=null;var a=null;this.localDateToUTC=function(f){utc=f.getTime()+(f.getTimezoneOffset()*60000);var e=new Date(utc);return e};this.formatDate=function(m,o,e){var g=this.zeroPadding;var n=this.localDateToUTC(m);var p=String(n.getFullYear());if(o=="utc"){p=p.substr(2,2)}var l=g(String(n.getMonth()+1),2);var q=g(String(n.getDate()),2);var h=g(String(n.getHours()),2);var i=g(String(n.getMinutes()),2);var j=g(String(n.getSeconds()),2);var r=p+l+q+h+i+j;if(e===true){var f=n.getMilliseconds();if(f!=0){var k=g(String(f),3);k=k.replace(/[0]+$/,"");r=r+"."+k}}return r+"Z"};this.zeroPadding=function(e,d){if(e.length>=d){return e}return new Array(d-e.length+1).join("0")+e};this.getString=function(){return this.s};this.setString=function(d){this.hTLV=null;this.isModified=true;this.s=d;this.hV=stohex(d)};this.setByDateValue=function(h,j,e,d,f,g){var i=new Date(Date.UTC(h,j-1,e,d,f,g,0));this.setByDate(i)};this.getFreshValueHex=function(){return this.hV}};YAHOO.lang.extend(KJUR.asn1.DERAbstractTime,KJUR.asn1.ASN1Object);KJUR.asn1.DERAbstractStructured=function(b){KJUR.asn1.DERAbstractString.superclass.constructor.call(this);var a=null;this.setByASN1ObjectArray=function(c){this.hTLV=null;this.isModified=true;this.asn1Array=c};this.appendASN1Object=function(c){this.hTLV=null;this.isModified=true;this.asn1Array.push(c)};this.asn1Array=new Array();if(typeof b!="undefined"){if(typeof b.array!="undefined"){this.asn1Array=b.array}}};YAHOO.lang.extend(KJUR.asn1.DERAbstractStructured,KJUR.asn1.ASN1Object);KJUR.asn1.DERBoolean=function(){KJUR.asn1.DERBoolean.superclass.constructor.call(this);this.hT="01";this.hTLV="0101ff"};YAHOO.lang.extend(KJUR.asn1.DERBoolean,KJUR.asn1.ASN1Object);KJUR.asn1.DERInteger=function(a){KJUR.asn1.DERInteger.superclass.constructor.call(this);this.hT="02";this.setByBigInteger=function(b){this.hTLV=null;this.isModified=true;this.hV=KJUR.asn1.ASN1Util.bigIntToMinTwosComplementsHex(b)};this.setByInteger=function(c){var b=new BigInteger(String(c),10);this.setByBigInteger(b)};this.setValueHex=function(b){this.hV=b};this.getFreshValueHex=function(){return this.hV};if(typeof a!="undefined"){if(typeof a.bigint!="undefined"){this.setByBigInteger(a.bigint)}else{if(typeof a["int"]!="undefined"){this.setByInteger(a["int"])}else{if(typeof a=="number"){this.setByInteger(a)}else{if(typeof a.hex!="undefined"){this.setValueHex(a.hex)}}}}}};YAHOO.lang.extend(KJUR.asn1.DERInteger,KJUR.asn1.ASN1Object);KJUR.asn1.DERBitString=function(b){if(b!==undefined&&typeof b.obj!=="undefined"){var a=KJUR.asn1.ASN1Util.newObject(b.obj);b.hex="00"+a.getEncodedHex()}KJUR.asn1.DERBitString.superclass.constructor.call(this);this.hT="03";this.setHexValueIncludingUnusedBits=function(c){this.hTLV=null;this.isModified=true;this.hV=c};this.setUnusedBitsAndHexValue=function(c,e){if(c<0||7=(b*2))){break}if(d>=200){break}c.push(e);g=e;d++}return c};ASN1HEX.getNthChildIndex_AtObj=function(d,b,e){var c=ASN1HEX.getPosArrayOfChildren_AtObj(d,b);return c[e]};ASN1HEX.getDecendantIndexByNthList=function(e,d,c){if(c.length==0){return d}var f=c.shift();var b=ASN1HEX.getPosArrayOfChildren_AtObj(e,d);return ASN1HEX.getDecendantIndexByNthList(e,b[f],c)};ASN1HEX.getDecendantHexTLVByNthList=function(d,c,b){var a=ASN1HEX.getDecendantIndexByNthList(d,c,b);return ASN1HEX.getHexOfTLV_AtObj(d,a)};ASN1HEX.getDecendantHexVByNthList=function(d,c,b){var a=ASN1HEX.getDecendantIndexByNthList(d,c,b);return ASN1HEX.getHexOfV_AtObj(d,a)};ASN1HEX.getVbyList=function(d,c,b,e){var a=ASN1HEX.getDecendantIndexByNthList(d,c,b);if(a===undefined){throw"can't find nthList object"}if(e!==undefined){if(d.substr(a,2)!=e){throw"checking tag doesn't match: "+d.substr(a,2)+"!="+e}}return ASN1HEX.getHexOfV_AtObj(d,a)};ASN1HEX.hextooidstr=function(e){var h=function(b,a){if(b.length>=a){return b}return new Array(a-b.length+1).join("0")+b};var l=[];var o=e.substr(0,2);var f=parseInt(o,16);l[0]=new String(Math.floor(f/40));l[1]=new String(f%40);var m=e.substr(2);var k=[];for(var g=0;g0){n=n+"."+j.join(".")}return n};ASN1HEX.dump=function(e,c,k,g){var o=function(w,i){if(w.length<=i*2){return w}else{var v=w.substr(0,i)+"..(total "+w.length/2+"bytes).."+w.substr(w.length-i,i);return v}};if(c===undefined){c={ommit_long_octet:32}}if(k===undefined){k=0}if(g===undefined){g=""}var r=c.ommit_long_octet;if(e.substr(k,2)=="01"){var h=ASN1HEX.getHexOfV_AtObj(e,k);if(h=="00"){return g+"BOOLEAN FALSE\n"}else{return g+"BOOLEAN TRUE\n"}}if(e.substr(k,2)=="02"){var h=ASN1HEX.getHexOfV_AtObj(e,k);return g+"INTEGER "+o(h,r)+"\n"}if(e.substr(k,2)=="03"){var h=ASN1HEX.getHexOfV_AtObj(e,k);return g+"BITSTRING "+o(h,r)+"\n"}if(e.substr(k,2)=="04"){var h=ASN1HEX.getHexOfV_AtObj(e,k);if(ASN1HEX.isASN1HEX(h)){var j=g+"OCTETSTRING, encapsulates\n";j=j+ASN1HEX.dump(h,c,0,g+" ");return j}else{return g+"OCTETSTRING "+o(h,r)+"\n"}}if(e.substr(k,2)=="05"){return g+"NULL\n"}if(e.substr(k,2)=="06"){var l=ASN1HEX.getHexOfV_AtObj(e,k);var a=KJUR.asn1.ASN1Util.oidHexToInt(l);var n=KJUR.asn1.x509.OID.oid2name(a);var b=a.replace(/\./g," ");if(n!=""){return g+"ObjectIdentifier "+n+" ("+b+")\n"}else{return g+"ObjectIdentifier ("+b+")\n"}}if(e.substr(k,2)=="0c"){return g+"UTF8String '"+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"'\n"}if(e.substr(k,2)=="13"){return g+"PrintableString '"+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"'\n"}if(e.substr(k,2)=="14"){return g+"TeletexString '"+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"'\n"}if(e.substr(k,2)=="16"){return g+"IA5String '"+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"'\n"}if(e.substr(k,2)=="17"){return g+"UTCTime "+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"\n"}if(e.substr(k,2)=="18"){return g+"GeneralizedTime "+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"\n"}if(e.substr(k,2)=="30"){if(e.substr(k,4)=="3000"){return g+"SEQUENCE {}\n"}var j=g+"SEQUENCE\n";var d=ASN1HEX.getPosArrayOfChildren_AtObj(e,k);var f=c;if((d.length==2||d.length==3)&&e.substr(d[0],2)=="06"&&e.substr(d[d.length-1],2)=="04"){var t=ASN1HEX.getHexOfV_AtObj(e,d[0]);var a=KJUR.asn1.ASN1Util.oidHexToInt(t);var n=KJUR.asn1.x509.OID.oid2name(a);var p=JSON.parse(JSON.stringify(c));p.x509ExtName=n;f=p}for(var q=0;q=(b*2))){break}if(d>=200){break}c.push(e);g=e;d++}return c};ASN1HEX.getNthChildIndex_AtObj=function(d,b,e){var c=ASN1HEX.getPosArrayOfChildren_AtObj(d,b);return c[e]};ASN1HEX.getDecendantIndexByNthList=function(e,d,c){if(c.length==0){return d}var f=c.shift();var b=ASN1HEX.getPosArrayOfChildren_AtObj(e,d);return ASN1HEX.getDecendantIndexByNthList(e,b[f],c)};ASN1HEX.getDecendantHexTLVByNthList=function(d,c,b){var a=ASN1HEX.getDecendantIndexByNthList(d,c,b);return ASN1HEX.getHexOfTLV_AtObj(d,a)};ASN1HEX.getDecendantHexVByNthList=function(d,c,b){var a=ASN1HEX.getDecendantIndexByNthList(d,c,b);return ASN1HEX.getHexOfV_AtObj(d,a)};ASN1HEX.getVbyList=function(d,c,b,e){var a=ASN1HEX.getDecendantIndexByNthList(d,c,b);if(a===undefined){throw"can't find nthList object"}if(e!==undefined){if(d.substr(a,2)!=e){throw"checking tag doesn't match: "+d.substr(a,2)+"!="+e}}return ASN1HEX.getHexOfV_AtObj(d,a)};ASN1HEX.hextooidstr=function(e){var h=function(b,a){if(b.length>=a){return b}return new Array(a-b.length+1).join("0")+b};var l=[];var o=e.substr(0,2);var f=parseInt(o,16);l[0]=new String(Math.floor(f/40));l[1]=new String(f%40);var m=e.substr(2);var k=[];for(var g=0;g0){n=n+"."+j.join(".")}return n};ASN1HEX.dump=function(q,c,k,g){var e=q;if(q instanceof KJUR.asn1.ASN1Object){e=q.getEncodedHex()}var o=function(x,i){if(x.length<=i*2){return x}else{var v=x.substr(0,i)+"..(total "+x.length/2+"bytes).."+x.substr(x.length-i,i);return v}};if(c===undefined){c={ommit_long_octet:32}}if(k===undefined){k=0}if(g===undefined){g=""}var t=c.ommit_long_octet;if(e.substr(k,2)=="01"){var h=ASN1HEX.getHexOfV_AtObj(e,k);if(h=="00"){return g+"BOOLEAN FALSE\n"}else{return g+"BOOLEAN TRUE\n"}}if(e.substr(k,2)=="02"){var h=ASN1HEX.getHexOfV_AtObj(e,k);return g+"INTEGER "+o(h,t)+"\n"}if(e.substr(k,2)=="03"){var h=ASN1HEX.getHexOfV_AtObj(e,k);return g+"BITSTRING "+o(h,t)+"\n"}if(e.substr(k,2)=="04"){var h=ASN1HEX.getHexOfV_AtObj(e,k);if(ASN1HEX.isASN1HEX(h)){var j=g+"OCTETSTRING, encapsulates\n";j=j+ASN1HEX.dump(h,c,0,g+" ");return j}else{return g+"OCTETSTRING "+o(h,t)+"\n"}}if(e.substr(k,2)=="05"){return g+"NULL\n"}if(e.substr(k,2)=="06"){var l=ASN1HEX.getHexOfV_AtObj(e,k);var a=KJUR.asn1.ASN1Util.oidHexToInt(l);var n=KJUR.asn1.x509.OID.oid2name(a);var b=a.replace(/\./g," ");if(n!=""){return g+"ObjectIdentifier "+n+" ("+b+")\n"}else{return g+"ObjectIdentifier ("+b+")\n"}}if(e.substr(k,2)=="0c"){return g+"UTF8String '"+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"'\n"}if(e.substr(k,2)=="13"){return g+"PrintableString '"+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"'\n"}if(e.substr(k,2)=="14"){return g+"TeletexString '"+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"'\n"}if(e.substr(k,2)=="16"){return g+"IA5String '"+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"'\n"}if(e.substr(k,2)=="17"){return g+"UTCTime "+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"\n"}if(e.substr(k,2)=="18"){return g+"GeneralizedTime "+hextoutf8(ASN1HEX.getHexOfV_AtObj(e,k))+"\n"}if(e.substr(k,2)=="30"){if(e.substr(k,4)=="3000"){return g+"SEQUENCE {}\n"}var j=g+"SEQUENCE\n";var d=ASN1HEX.getPosArrayOfChildren_AtObj(e,k);var f=c;if((d.length==2||d.length==3)&&e.substr(d[0],2)=="06"&&e.substr(d[d.length-1],2)=="04"){var u=ASN1HEX.getHexOfV_AtObj(e,d[0]);var a=KJUR.asn1.ASN1Util.oidHexToInt(u);var n=KJUR.asn1.x509.OID.oid2name(a);var p=JSON.parse(JSON.stringify(c));p.x509ExtName=n;f=p}for(var r=0;r0){var d=new KJUR.asn1.DERSequence({array:this.extensionsArray});var b=new KJUR.asn1.DERTaggedObject({explicit:true,tag:"a3",obj:d});this.asn1Array.push(b)}var e=new KJUR.asn1.DERSequence({array:this.asn1Array});this.hTLV=e.getEncodedHex();this.isModified=false;return this.hTLV};this._initialize()};YAHOO.lang.extend(KJUR.asn1.x509.TBSCertificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Extension=function(b){KJUR.asn1.x509.Extension.superclass.constructor.call(this);var a=null;this.getEncodedHex=function(){var f=new KJUR.asn1.DERObjectIdentifier({oid:this.oid});var e=new KJUR.asn1.DEROctetString({hex:this.getExtnValueHex()});var d=new Array();d.push(f);if(this.critical){d.push(new KJUR.asn1.DERBoolean())}d.push(e);var c=new KJUR.asn1.DERSequence({array:d});return c.getEncodedHex()};this.critical=false;if(typeof b!="undefined"){if(typeof b.critical!="undefined"){this.critical=b.critical}}};YAHOO.lang.extend(KJUR.asn1.x509.Extension,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Extension.appendByNameToArray=function(e,c,b){if(e.toLowerCase()=="basicconstraints"){var d=new KJUR.asn1.x509.BasicConstraints(c);b.push(d)}else{if(e.toLowerCase()=="keyusage"){var d=new KJUR.asn1.x509.KeyUsage(c);b.push(d)}else{if(e.toLowerCase()=="crldistributionpoints"){var d=new KJUR.asn1.x509.CRLDistributionPoints(c);b.push(d)}else{if(e.toLowerCase()=="extkeyusage"){var d=new KJUR.asn1.x509.ExtKeyUsage(c);b.push(d)}else{if(e.toLowerCase()=="authoritykeyidentifier"){var d=new KJUR.asn1.x509.AuthorityKeyIdentifier(c);b.push(d)}else{if(e.toLowerCase()=="authorityinfoaccess"){var d=new KJUR.asn1.x509.AuthorityInfoAccess(c);b.push(d)}else{if(e.toLowerCase()=="subjectaltname"){var d=new KJUR.asn1.x509.SubjectAltName(c);b.push(d)}else{if(e.toLowerCase()=="issueraltname"){var d=new KJUR.asn1.x509.IssuerAltName(c);b.push(d)}else{throw"unsupported extension name: "+e}}}}}}}}};KJUR.asn1.x509.KeyUsage=function(a){KJUR.asn1.x509.KeyUsage.superclass.constructor.call(this,a);this.getExtnValueHex=function(){return this.asn1ExtnValue.getEncodedHex()};this.oid="2.5.29.15";if(typeof a!="undefined"){if(typeof a.bin!="undefined"){this.asn1ExtnValue=new KJUR.asn1.DERBitString(a)}}};YAHOO.lang.extend(KJUR.asn1.x509.KeyUsage,KJUR.asn1.x509.Extension);KJUR.asn1.x509.BasicConstraints=function(c){KJUR.asn1.x509.BasicConstraints.superclass.constructor.call(this,c);var a=false;var b=-1;this.getExtnValueHex=function(){var e=new Array();if(this.cA){e.push(new KJUR.asn1.DERBoolean())}if(this.pathLen>-1){e.push(new KJUR.asn1.DERInteger({"int":this.pathLen}))}var d=new KJUR.asn1.DERSequence({array:e});this.asn1ExtnValue=d;return this.asn1ExtnValue.getEncodedHex()};this.oid="2.5.29.19";this.cA=false;this.pathLen=-1;if(typeof c!="undefined"){if(typeof c.cA!="undefined"){this.cA=c.cA}if(typeof c.pathLen!="undefined"){this.pathLen=c.pathLen}}};YAHOO.lang.extend(KJUR.asn1.x509.BasicConstraints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRLDistributionPoints=function(a){KJUR.asn1.x509.CRLDistributionPoints.superclass.constructor.call(this,a);this.getExtnValueHex=function(){return this.asn1ExtnValue.getEncodedHex()};this.setByDPArray=function(b){this.asn1ExtnValue=new KJUR.asn1.DERSequence({array:b})};this.setByOneURI=function(e){var b=new KJUR.asn1.x509.GeneralNames([{uri:e}]);var d=new KJUR.asn1.x509.DistributionPointName(b);var c=new KJUR.asn1.x509.DistributionPoint({dpobj:d});this.setByDPArray([c])};this.oid="2.5.29.31";if(typeof a!="undefined"){if(typeof a.array!="undefined"){this.setByDPArray(a.array)}else{if(typeof a.uri!="undefined"){this.setByOneURI(a.uri)}}}};YAHOO.lang.extend(KJUR.asn1.x509.CRLDistributionPoints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.ExtKeyUsage=function(a){KJUR.asn1.x509.ExtKeyUsage.superclass.constructor.call(this,a);this.setPurposeArray=function(b){this.asn1ExtnValue=new KJUR.asn1.DERSequence();for(var c=0;c0){var c=new KJUR.asn1.DERSequence({array:this.aRevokedCert});this.asn1Array.push(c)}var d=new KJUR.asn1.DERSequence({array:this.asn1Array});this.hTLV=d.getEncodedHex();this.isModified=false;return this.hTLV};this._initialize=function(){this.asn1Version=null;this.asn1SignatureAlg=null;this.asn1Issuer=null;this.asn1ThisUpdate=null;this.asn1NextUpdate=null;this.aRevokedCert=new Array()};this._initialize()};YAHOO.lang.extend(KJUR.asn1.x509.TBSCertList,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CRLEntry=function(c){KJUR.asn1.x509.CRLEntry.superclass.constructor.call(this);var b=null;var a=null;this.setCertSerial=function(d){this.sn=new KJUR.asn1.DERInteger(d)};this.setRevocationDate=function(d){this.time=new KJUR.asn1.x509.Time(d)};this.getEncodedHex=function(){var d=new KJUR.asn1.DERSequence({array:[this.sn,this.time]});this.TLV=d.getEncodedHex();return this.TLV};if(typeof c!="undefined"){if(typeof c.time!="undefined"){this.setRevocationDate(c.time)}if(typeof c.sn!="undefined"){this.setCertSerial(c.sn)}}};YAHOO.lang.extend(KJUR.asn1.x509.CRLEntry,KJUR.asn1.ASN1Object);KJUR.asn1.x509.X500Name=function(b){KJUR.asn1.x509.X500Name.superclass.constructor.call(this);this.asn1Array=new Array();this.setByString=function(c){var d=c.split("/");d.shift();for(var e=0;e0;f++){var h=c.shift();if(e===true){var d=b.pop();var j=(d+","+h).replace(/\\,/g,",");b.push(j);e=false}else{b.push(h)}if(h.substr(-1,1)==="\\"){e=true}}b=b.map(function(a){return a.replace("/","\\/")});b.reverse();return"/"+b.join("/")};KJUR.asn1.x509.RDN=function(a){KJUR.asn1.x509.RDN.superclass.constructor.call(this);this.asn1Array=new Array();this.addByString=function(b){this.asn1Array.push(new KJUR.asn1.x509.AttributeTypeAndValue({str:b}))};this.addByMultiValuedString=function(d){var b=KJUR.asn1.x509.RDN.parseString(d);for(var c=0;c0;g++){var k=j.shift();if(h===true){var f=c.pop();var d=(f+"+"+k).replace(/\\\+/g,"+");c.push(d);h=false}else{c.push(k)}if(k.substr(-1,1)==="\\"){h=true}}var l=false;var b=[];for(var g=0;c.length>0;g++){var k=c.shift();if(l===true){var e=b.pop();if(k.match(/"$/)){var d=(e+"+"+k).replace(/^([^=]+)="(.*)"$/,"$1=$2");b.push(d);l=false}else{b.push(e+"+"+k)}}else{b.push(k)}if(k.match(/^[^=]+="/)){l=true}}return b};KJUR.asn1.x509.AttributeTypeAndValue=function(b){KJUR.asn1.x509.AttributeTypeAndValue.superclass.constructor.call(this);var d=null;var c=null;var a="utf8";this.setByString=function(f){var e=f.match(/^([^=]+)=(.+)$/);if(e){this.setByAttrTypeAndValueStr(e[1],e[2])}else{throw"malformed attrTypeAndValueStr: "+f}};this.setByAttrTypeAndValueStr=function(g,f){this.typeObj=KJUR.asn1.x509.OID.atype2obj(g);var e=a;if(g=="C"){e="prn"}this.valueObj=this.getValueObj(e,f)};this.getValueObj=function(f,e){if(f=="utf8"){return new KJUR.asn1.DERUTF8String({str:e})}if(f=="prn"){return new KJUR.asn1.DERPrintableString({str:e})}if(f=="tel"){return new KJUR.asn1.DERTeletexString({str:e})}if(f=="ia5"){return new KJUR.asn1.DERIA5String({str:e})}throw"unsupported directory string type: type="+f+" value="+e};this.getEncodedHex=function(){var e=new KJUR.asn1.DERSequence({array:[this.typeObj,this.valueObj]});this.TLV=e.getEncodedHex();return this.TLV};if(typeof b!="undefined"){if(typeof b.str!="undefined"){this.setByString(b.str)}}};YAHOO.lang.extend(KJUR.asn1.x509.AttributeTypeAndValue,KJUR.asn1.ASN1Object);KJUR.asn1.x509.SubjectPublicKeyInfo=function(d){KJUR.asn1.x509.SubjectPublicKeyInfo.superclass.constructor.call(this);var b=null;var c=null;var a=null;this.setRSAKey=function(e){if(!RSAKey.prototype.isPrototypeOf(e)){throw"argument is not RSAKey instance"}this.rsaKey=e;var g=new KJUR.asn1.DERInteger({bigint:e.n});var f=new KJUR.asn1.DERInteger({"int":e.e});var i=new KJUR.asn1.DERSequence({array:[g,f]});var h=i.getEncodedHex();this.asn1AlgId=new KJUR.asn1.x509.AlgorithmIdentifier({name:"rsaEncryption"});this.asn1SubjPKey=new KJUR.asn1.DERBitString({hex:"00"+h})};this.setRSAPEM=function(g){if(g.match(/-----BEGIN PUBLIC KEY-----/)){var n=g;n=n.replace(/^-----[^-]+-----/,"");n=n.replace(/-----[^-]+-----\s*$/,"");var m=n.replace(/\s+/g,"");var f=CryptoJS.enc.Base64.parse(m);var i=CryptoJS.enc.Hex.stringify(f);var k=_rsapem_getHexValueArrayOfChildrenFromHex(i);var h=k[1];var l=h.substr(2);var e=_rsapem_getHexValueArrayOfChildrenFromHex(l);var j=new RSAKey();j.setPublic(e[0],e[1]);this.setRSAKey(j)}else{throw"key not supported"}};this.getASN1Object=function(){if(this.asn1AlgId==null||this.asn1SubjPKey==null){throw"algId and/or subjPubKey not set"}var e=new KJUR.asn1.DERSequence({array:[this.asn1AlgId,this.asn1SubjPKey]});return e};this.getEncodedHex=function(){var e=this.getASN1Object();this.hTLV=e.getEncodedHex();return this.hTLV};this._setRSAKey=function(e){var g=KJUR.asn1.ASN1Util.newObject({seq:[{"int":{bigint:e.n}},{"int":{"int":e.e}}]});var f=g.getEncodedHex();this.asn1AlgId=new KJUR.asn1.x509.AlgorithmIdentifier({name:"rsaEncryption"});this.asn1SubjPKey=new KJUR.asn1.DERBitString({hex:"00"+f})};this._setEC=function(e){var f=new KJUR.asn1.DERObjectIdentifier({name:e.curveName});this.asn1AlgId=new KJUR.asn1.x509.AlgorithmIdentifier({name:"ecPublicKey",asn1params:f});this.asn1SubjPKey=new KJUR.asn1.DERBitString({hex:"00"+e.pubKeyHex})};this._setDSA=function(e){var f=new KJUR.asn1.ASN1Util.newObject({seq:[{"int":{bigint:e.p}},{"int":{bigint:e.q}},{"int":{bigint:e.g}}]});this.asn1AlgId=new KJUR.asn1.x509.AlgorithmIdentifier({name:"dsa",asn1params:f});var g=new KJUR.asn1.DERInteger({bigint:e.y});this.asn1SubjPKey=new KJUR.asn1.DERBitString({hex:"00"+g.getEncodedHex()})};if(typeof d!="undefined"){if(typeof RSAKey!="undefined"&&d instanceof RSAKey){this._setRSAKey(d)}else{if(typeof KJUR.crypto.ECDSA!="undefined"&&d instanceof KJUR.crypto.ECDSA){this._setEC(d)}else{if(typeof KJUR.crypto.DSA!="undefined"&&d instanceof KJUR.crypto.DSA){this._setDSA(d)}else{if(typeof d.rsakey!="undefined"){this.setRSAKey(d.rsakey)}else{if(typeof d.rsapem!="undefined"){this.setRSAPEM(d.rsapem)}}}}}}};YAHOO.lang.extend(KJUR.asn1.x509.SubjectPublicKeyInfo,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Time=function(c){KJUR.asn1.x509.Time.superclass.constructor.call(this);var b=null;var a=null;this.setTimeParams=function(d){this.timeParams=d};this.getEncodedHex=function(){var d=null;if(this.timeParams!=null){if(this.type=="utc"){d=new KJUR.asn1.DERUTCTime(this.timeParams)}else{d=new KJUR.asn1.DERGeneralizedTime(this.timeParams)}}else{if(this.type=="utc"){d=new KJUR.asn1.DERUTCTime()}else{d=new KJUR.asn1.DERGeneralizedTime()}}this.TLV=d.getEncodedHex();return this.TLV};this.type="utc";if(typeof c!="undefined"){if(typeof c.type!="undefined"){this.type=c.type}else{if(typeof c.str!="undefined"){if(c.str.match(/^[0-9]{12}Z$/)){this.type="utc"}if(c.str.match(/^[0-9]{14}Z$/)){this.type="gen"}}}this.timeParams=c}};YAHOO.lang.extend(KJUR.asn1.x509.Time,KJUR.asn1.ASN1Object);KJUR.asn1.x509.AlgorithmIdentifier=function(e){KJUR.asn1.x509.AlgorithmIdentifier.superclass.constructor.call(this);var a=null;var d=null;var b=null;var c=false;this.getEncodedHex=function(){if(this.nameAlg==null&&this.asn1Alg==null){throw"algorithm not specified"}if(this.nameAlg!=null&&this.asn1Alg==null){this.asn1Alg=KJUR.asn1.x509.OID.name2obj(this.nameAlg)}var f=[this.asn1Alg];if(!this.paramEmpty){f.push(this.asn1Params)}var g=new KJUR.asn1.DERSequence({array:f});this.hTLV=g.getEncodedHex();return this.hTLV};if(typeof e!="undefined"){if(typeof e.name!="undefined"){this.nameAlg=e.name}if(typeof e.asn1params!="undefined"){this.asn1Params=e.asn1params}if(typeof e.paramempty!="undefined"){this.paramEmpty=e.paramempty}}if(this.asn1Params==null){this.asn1Params=new KJUR.asn1.DERNull()}};YAHOO.lang.extend(KJUR.asn1.x509.AlgorithmIdentifier,KJUR.asn1.ASN1Object);KJUR.asn1.x509.GeneralName=function(d){KJUR.asn1.x509.GeneralName.superclass.constructor.call(this);var c=null;var b=null;var a={rfc822:"81",dns:"82",dn:"a4",uri:"86"};this.explicit=false;this.setByParam=function(k){var j=null;var g=null;if(k===undefined){return}if(k.rfc822!==undefined){this.type="rfc822";g=new KJUR.asn1.DERIA5String({str:k[this.type]})}if(k.dns!==undefined){this.type="dns";g=new KJUR.asn1.DERIA5String({str:k[this.type]})}if(k.uri!==undefined){this.type="uri";g=new KJUR.asn1.DERIA5String({str:k[this.type]})}if(k.dn!==undefined){this.type="dn";g=new KJUR.asn1.x509.X500Name({str:k.dn})}if(k.ldapdn!==undefined){this.type="dn";g=new KJUR.asn1.x509.X500Name({ldapstr:k.ldapdn})}if(k.certissuer!==undefined){this.type="dn";this.explicit=true;var h=k.certissuer;var f=null;if(h.match(/^[0-9A-Fa-f]+$/)){f==h}if(h.indexOf("-----BEGIN ")!=-1){f=X509.pemToHex(h)}if(f==null){throw"certissuer param not cert"}var e=new X509();e.hex=f;var i=e.getIssuerHex();g=new KJUR.asn1.ASN1Object();g.hTLV=i}if(k.certsubj!==undefined){this.type="dn";this.explicit=true;var h=k.certsubj;var f=null;if(h.match(/^[0-9A-Fa-f]+$/)){f==h}if(h.indexOf("-----BEGIN ")!=-1){f=X509.pemToHex(h)}if(f==null){throw"certsubj param not cert"}var e=new X509();e.hex=f;var i=e.getSubjectHex();g=new KJUR.asn1.ASN1Object();g.hTLV=i}if(this.type==null){throw"unsupported type in params="+k}this.asn1Obj=new KJUR.asn1.DERTaggedObject({explicit:this.explicit,tag:a[this.type],obj:g})};this.getEncodedHex=function(){return this.asn1Obj.getEncodedHex()};if(d!==undefined){this.setByParam(d)}};YAHOO.lang.extend(KJUR.asn1.x509.GeneralName,KJUR.asn1.ASN1Object);KJUR.asn1.x509.GeneralNames=function(b){KJUR.asn1.x509.GeneralNames.superclass.constructor.call(this);var a=null;this.setByParamArray=function(e){for(var c=0;ca.length){d=a.length}for(var b=0;bd){throw"key is too short for SigAlg: keylen="+j+","+a}var b="0001";var k="00"+c;var g="";var l=d-b.length-k.length;for(var f=0;fd){throw"key is too short for SigAlg: keylen="+j+","+a}var b="0001";var k="00"+c;var g="";var l=d-b.length-k.length;for(var f=0;f=0;--p){q=q.twice2D();q.z=BigInteger.ONE;if(o.testBit(p)){if(n.testBit(p)){q=q.add2D(t)}else{q=q.add2D(s)}}else{if(n.testBit(p)){q=q.add2D(r)}}}return q}this.getBigRandom=function(i){return new BigInteger(i.bitLength(),a).mod(i.subtract(BigInteger.ONE)).add(BigInteger.ONE)};this.setNamedCurve=function(i){this.ecparams=KJUR.crypto.ECParameterDB.getByName(i);this.prvKeyHex=null;this.pubKeyHex=null;this.curveName=i};this.setPrivateKeyHex=function(i){this.isPrivate=true;this.prvKeyHex=i};this.setPublicKeyHex=function(i){this.isPublic=true;this.pubKeyHex=i};this.getPublicKeyXYHex=function(){var k=this.pubKeyHex;if(k.substr(0,2)!=="04"){throw"this method supports uncompressed format(04) only"}var j=this.ecparams.keylen/4;if(k.length!==2+j*2){throw"malformed public key hex length"}var i={};i.x=k.substr(2,j);i.y=k.substr(2+j);return i};this.getShortNISTPCurveName=function(){var i=this.curveName;if(i==="secp256r1"||i==="NIST P-256"||i==="P-256"||i==="prime256v1"){return"P-256"}if(i==="secp384r1"||i==="NIST P-384"||i==="P-384"){return"P-384"}return null};this.generateKeyPairHex=function(){var k=this.ecparams.n;var n=this.getBigRandom(k);var l=this.ecparams.G.multiply(n);var q=l.getX().toBigInteger();var o=l.getY().toBigInteger();var i=this.ecparams.keylen/4;var m=("0000000000"+n.toString(16)).slice(-i);var r=("0000000000"+q.toString(16)).slice(-i);var p=("0000000000"+o.toString(16)).slice(-i);var j="04"+r+p;this.setPrivateKeyHex(m);this.setPublicKeyHex(j);return{ecprvhex:m,ecpubhex:j}};this.signWithMessageHash=function(i){return this.signHex(i,this.prvKeyHex)};this.signHex=function(o,j){var t=new BigInteger(j,16);var l=this.ecparams.n;var q=new BigInteger(o,16);do{var m=this.getBigRandom(l);var u=this.ecparams.G;var p=u.multiply(m);var i=p.getX().toBigInteger().mod(l)}while(i.compareTo(BigInteger.ZERO)<=0);var v=m.modInverse(l).multiply(q.add(t.multiply(i))).mod(l);return KJUR.crypto.ECDSA.biRSSigToASN1Sig(i,v)};this.sign=function(m,u){var q=u;var j=this.ecparams.n;var p=BigInteger.fromByteArrayUnsigned(m);do{var l=this.getBigRandom(j);var t=this.ecparams.G;var o=t.multiply(l);var i=o.getX().toBigInteger().mod(j)}while(i.compareTo(BigInteger.ZERO)<=0);var v=l.modInverse(j).multiply(p.add(q.multiply(i))).mod(j);return this.serializeSig(i,v)};this.verifyWithMessageHash=function(j,i){return this.verifyHex(j,i,this.pubKeyHex)};this.verifyHex=function(m,i,p){var l,j;var o=KJUR.crypto.ECDSA.parseSigHex(i);l=o.r;j=o.s;var k;k=ECPointFp.decodeFromHex(this.ecparams.curve,p);var n=new BigInteger(m,16);return this.verifyRaw(n,l,j,k)};this.verify=function(o,p,j){var l,i;if(Bitcoin.Util.isArray(p)){var n=this.parseSig(p);l=n.r;i=n.s}else{if("object"===typeof p&&p.r&&p.s){l=p.r;i=p.s}else{throw"Invalid value for signature"}}var k;if(j instanceof ECPointFp){k=j}else{if(Bitcoin.Util.isArray(j)){k=ECPointFp.decodeFrom(this.ecparams.curve,j)}else{throw"Invalid format for pubkey value, must be byte array or ECPointFp"}}var m=BigInteger.fromByteArrayUnsigned(o);return this.verifyRaw(m,l,i,k)};this.verifyRaw=function(o,i,w,m){var l=this.ecparams.n;var u=this.ecparams.G;if(i.compareTo(BigInteger.ONE)<0||i.compareTo(l)>=0){return false}if(w.compareTo(BigInteger.ONE)<0||w.compareTo(l)>=0){return false}var p=w.modInverse(l);var k=o.multiply(p).mod(l);var j=i.multiply(p).mod(l);var q=u.multiply(k).add(m.multiply(j));var t=q.getX().toBigInteger().mod(l);return t.equals(i)};this.serializeSig=function(k,j){var l=k.toByteArraySigned();var i=j.toByteArraySigned();var m=[];m.push(2);m.push(l.length);m=m.concat(l);m.push(2);m.push(i.length);m=m.concat(i);m.unshift(m.length);m.unshift(48);return m};this.parseSig=function(n){var m;if(n[0]!=48){throw new Error("Signature not a valid DERSequence")}m=2;if(n[m]!=2){throw new Error("First element in signature must be a DERInteger")}var l=n.slice(m+2,m+2+n[m+1]);m+=2+n[m+1];if(n[m]!=2){throw new Error("Second element in signature must be a DERInteger")}var i=n.slice(m+2,m+2+n[m+1]);m+=2+n[m+1];var k=BigInteger.fromByteArrayUnsigned(l);var j=BigInteger.fromByteArrayUnsigned(i);return{r:k,s:j}};this.parseSigCompact=function(m){if(m.length!==65){throw"Signature has the wrong length"}var j=m[0]-27;if(j<0||j>7){throw"Invalid signature type"}var o=this.ecparams.n;var l=BigInteger.fromByteArrayUnsigned(m.slice(1,33)).mod(o);var k=BigInteger.fromByteArrayUnsigned(m.slice(33,65)).mod(o);return{r:l,s:k,i:j}};if(h!==undefined){if(h.curve!==undefined){this.curveName=h.curve}}if(this.curveName===undefined){this.curveName=e}this.setNamedCurve(this.curveName);if(h!==undefined){if(h.prv!==undefined){this.setPrivateKeyHex(h.prv)}if(h.pub!==undefined){this.setPublicKeyHex(h.pub)}}};KJUR.crypto.ECDSA.parseSigHex=function(a){var b=KJUR.crypto.ECDSA.parseSigHexInHexRS(a);var d=new BigInteger(b.r,16);var c=new BigInteger(b.s,16);return{r:d,s:c}};KJUR.crypto.ECDSA.parseSigHexInHexRS=function(c){if(c.substr(0,2)!="30"){throw"signature is not a ASN.1 sequence"}var b=ASN1HEX.getPosArrayOfChildren_AtObj(c,0);if(b.length!=2){throw"number of signature ASN.1 sequence elements seem wrong"}var g=b[0];var f=b[1];if(c.substr(g,2)!="02"){throw"1st item of sequene of signature is not ASN.1 integer"}if(c.substr(f,2)!="02"){throw"2nd item of sequene of signature is not ASN.1 integer"}var e=ASN1HEX.getHexOfV_AtObj(c,g);var d=ASN1HEX.getHexOfV_AtObj(c,f);return{r:e,s:d}};KJUR.crypto.ECDSA.asn1SigToConcatSig=function(c){var d=KJUR.crypto.ECDSA.parseSigHexInHexRS(c);var b=d.r;var a=d.s;if(b.substr(0,2)=="00"&&(((b.length/2)*8)%(16*8))==8){b=b.substr(2)}if(a.substr(0,2)=="00"&&(((a.length/2)*8)%(16*8))==8){a=a.substr(2)}if((((b.length/2)*8)%(16*8))!=0){throw"unknown ECDSA sig r length error"}if((((a.length/2)*8)%(16*8))!=0){throw"unknown ECDSA sig s length error"}return b+a};KJUR.crypto.ECDSA.concatSigToASN1Sig=function(a){if((((a.length/2)*8)%(16*8))!=0){throw"unknown ECDSA concatinated r-s sig length error"}var c=a.substr(0,a.length/2);var b=a.substr(a.length/2);return KJUR.crypto.ECDSA.hexRSSigToASN1Sig(c,b)};KJUR.crypto.ECDSA.hexRSSigToASN1Sig=function(b,a){var d=new BigInteger(b,16);var c=new BigInteger(a,16);return KJUR.crypto.ECDSA.biRSSigToASN1Sig(d,c)};KJUR.crypto.ECDSA.biRSSigToASN1Sig=function(e,c){var b=new KJUR.asn1.DERInteger({bigint:e});var a=new KJUR.asn1.DERInteger({bigint:c});var d=new KJUR.asn1.DERSequence({array:[b,a]});return d.getEncodedHex()}; /*! ecparam-1.0.0.js (c) 2013 Kenji Urushima | kjur.github.com/jsrsasign/license */ if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.crypto=="undefined"||!KJUR.crypto){KJUR.crypto={}}KJUR.crypto.ECParameterDB=new function(){var b={};var c={};function a(d){return new BigInteger(d,16)}this.getByName=function(e){var d=e;if(typeof c[d]!="undefined"){d=c[e]}if(typeof b[d]!="undefined"){return b[d]}throw"unregistered EC curve name: "+d};this.regist=function(A,l,o,g,m,e,j,f,k,u,d,x){b[A]={};var s=a(o);var z=a(g);var y=a(m);var t=a(e);var w=a(j);var r=new ECCurveFp(s,z,y);var q=r.decodePointHex("04"+f+k);b[A]["name"]=A;b[A]["keylen"]=l;b[A]["curve"]=r;b[A]["G"]=q;b[A]["n"]=t;b[A]["h"]=w;b[A]["oid"]=d;b[A]["info"]=x;for(var v=0;v0||K.compareTo(u)>0||BigInteger.ZERO.compareTo(J)>0||J.compareTo(u)>0){throw"invalid DSA signature"}var I=J.modInverse(u);var A=D.multiply(I).mod(u);var v=K.multiply(I).mod(u);var F=G.modPow(A,z).multiply(H.modPow(v,z)).mod(z).mod(u);return F.compareTo(K)==0};this.parseASN1Signature=function(u){try{var y=new BigInteger(ASN1HEX.getVbyList(u,0,[0],"02"),16);var v=new BigInteger(ASN1HEX.getVbyList(u,0,[1],"02"),16);return[y,v]}catch(w){throw"malformed DSA signature"}};function d(E,w,B,v,u,C){var z=KJUR.crypto.Util.hashString(w,E.toLowerCase());var z=z.substr(0,u.bitLength()/4);var A=new BigInteger(z,16);var y=n(BigInteger.ONE.add(BigInteger.ONE),u.subtract(BigInteger.ONE));var F=(B.modPow(y,v)).mod(u);var D=(y.modInverse(u).multiply(A.add(C.multiply(F)))).mod(u);var G=new Array();G[0]=F;G[1]=D;return G}function r(v){var u=openpgp.config.config.prefer_hash_algorithm;switch(Math.round(v.bitLength()/8)){case 20:if(u!=2&&u>11&&u!=10&&u<8){return 2}return u;case 28:if(u>11&&u<8){return 11}return u;case 32:if(u>10&&u<8){return 8}return u;default:util.print_debug("DSA select hash algorithm: returning null for an unknown length of q");return null}}this.select_hash_algorithm=r;function m(I,K,J,B,z,u,F,G){var C=KJUR.crypto.Util.hashString(B,I.toLowerCase());var C=C.substr(0,u.bitLength()/4);var D=new BigInteger(C,16);if(BigInteger.ZERO.compareTo(K)>0||K.compareTo(u)>0||BigInteger.ZERO.compareTo(J)>0||J.compareTo(u)>0){util.print_error("invalid DSA Signature");return null}var H=J.modInverse(u);var A=D.multiply(H).mod(u);var v=K.multiply(H).mod(u);var E=F.modPow(A,z).multiply(G.modPow(v,z)).mod(z).mod(u);return E.compareTo(K)==0}function a(z){var A=new BigInteger(z,primeCenterie);var y=j(q,512);var u=t(p,q,z);var v;do{v=new BigInteger(q.bitCount(),rand)}while(x.compareTo(BigInteger.ZERO)!=1&&x.compareTo(q)!=-1);var w=g.modPow(x,p);return{x:v,q:A,p:y,g:u,y:w}}function j(y,z,w){if(z%64!=0){return false}var u;var v;do{u=w(bitcount,true);v=u.subtract(BigInteger.ONE);u=u.subtract(v.remainder(y))}while(!u.isProbablePrime(primeCenterie)||u.bitLength()!=l);return u}function t(B,z,A,w){var u=B.subtract(BigInteger.ONE);var y=u.divide(z);var v;do{v=w(A)}while(v.compareTo(u)!=-1&&v.compareTo(BigInteger.ONE)!=1);return v.modPow(y,B)}function o(w,y,u){var v;do{v=u(y,false)}while(v.compareTo(w)!=-1&&v.compareTo(BigInteger.ZERO)!=1);return v}function i(v,w){k=o(v);var u=g.modPow(k,w).mod(v);return u}function h(B,w,y,v,z,u){var A=B(v);s=(w.modInverse(z).multiply(A.add(u.multiply(y)))).mod(z);return s}this.sign=d;this.verify=m;function n(w,u){if(u.compareTo(w)<=0){return}var v=u.subtract(w);var y=e(v.bitLength());while(y>v){y=e(v.bitLength())}return w.add(y)}function e(w){if(w<0){return null}var u=Math.floor((w+7)/8);var v=c(u);if(w%8>0){v=String.fromCharCode((Math.pow(2,w%8)-1)&v.charCodeAt(0))+v.substring(1)}return new BigInteger(f(v),16)}function c(w){var u="";for(var v=0;v0||a.compareTo(b)>0){throw"invalid DSA signature"}if(BigInteger.ZERO.compareTo(t)>0||t.compareTo(b)>0){throw"invalid DSA signature"}var m=t.modInverse(b);var e=k.multiply(m).mod(b);var c=a.multiply(m).mod(b);var n=j.modPow(e,d).multiply(l.modPow(c,d)).mod(d).mod(b);return n.compareTo(a)==0};this.parseASN1Signature=function(a){try{var d=new BigInteger(ASN1HEX.getVbyList(a,0,[0],"02"),16);var c=new BigInteger(ASN1HEX.getVbyList(a,0,[1],"02"),16);return[d,c]}catch(b){throw"malformed ASN.1 DSA signature"}}}; /*! pkcs5pkey-1.0.7.js (c) 2013-2016 Kenji Urushima | kjur.github.com/jsrsasign/license */ -var PKCS5PKEY=function(){var c=function(n,p,o){return i(CryptoJS.AES,n,p,o)};var d=function(n,p,o){return i(CryptoJS.TripleDES,n,p,o)};var i=function(q,v,s,o){var p=CryptoJS.enc.Hex.parse(v);var u=CryptoJS.enc.Hex.parse(s);var n=CryptoJS.enc.Hex.parse(o);var r={};r.key=u;r.iv=n;r.ciphertext=p;var t=q.decrypt(r,u,{iv:n});return CryptoJS.enc.Hex.stringify(t)};var j=function(n,p,o){return e(CryptoJS.AES,n,p,o)};var m=function(n,p,o){return e(CryptoJS.TripleDES,n,p,o)};var e=function(s,x,v,p){var r=CryptoJS.enc.Hex.parse(x);var w=CryptoJS.enc.Hex.parse(v);var o=CryptoJS.enc.Hex.parse(p);var n={};var u=s.encrypt(r,w,{iv:o});var q=CryptoJS.enc.Hex.parse(u.toString());var t=CryptoJS.enc.Base64.stringify(q);return t};var g={"AES-256-CBC":{proc:c,eproc:j,keylen:32,ivlen:16},"AES-192-CBC":{proc:c,eproc:j,keylen:24,ivlen:16},"AES-128-CBC":{proc:c,eproc:j,keylen:16,ivlen:16},"DES-EDE3-CBC":{proc:d,eproc:m,keylen:24,ivlen:8}};var b=function(n){return g[n]["proc"]};var k=function(n){var p=CryptoJS.lib.WordArray.random(n);var o=CryptoJS.enc.Hex.stringify(p);return o};var l=function(t){var u={};var o=t.match(new RegExp("DEK-Info: ([^,]+),([0-9A-Fa-f]+)","m"));if(o){u.cipher=o[1];u.ivsalt=o[2]}var n=t.match(new RegExp("-----BEGIN ([A-Z]+) PRIVATE KEY-----"));if(n){u.type=n[1]}var r=-1;var v=0;if(t.indexOf("\r\n\r\n")!=-1){r=t.indexOf("\r\n\r\n");v=2}if(t.indexOf("\n\n")!=-1){r=t.indexOf("\n\n");v=1}var q=t.indexOf("-----END");if(r!=-1&&q!=-1){var p=t.substring(r+v*2,q-v);p=p.replace(/\s+/g,"");u.data=p}return u};var h=function(o,w,n){var t=n.substring(0,16);var r=CryptoJS.enc.Hex.parse(t);var p=CryptoJS.enc.Utf8.parse(w);var s=g[o]["keylen"]+g[o]["ivlen"];var v="";var u=null;for(;;){var q=CryptoJS.algo.MD5.create();if(u!=null){q.update(u)}q.update(p);q.update(r);u=q.finalize();v=v+CryptoJS.enc.Hex.stringify(u);if(v.length>=s*2){break}}var x={};x.keyhex=v.substr(0,g[o]["keylen"]*2);x.ivhex=v.substr(g[o]["keylen"]*2,g[o]["ivlen"]*2);return x};var a=function(n,t,p,u){var q=CryptoJS.enc.Base64.parse(n);var o=CryptoJS.enc.Hex.stringify(q);var s=g[t]["proc"];var r=s(o,p,u);return r};var f=function(n,q,o,s){var p=g[q]["eproc"];var r=p(n,o,s);return r};return{version:"1.0.5",getHexFromPEM:function(o,r){var p=o;if(p.indexOf("BEGIN "+r)==-1){throw"can't find PEM header: "+r}p=p.replace("-----BEGIN "+r+"-----","");p=p.replace("-----END "+r+"-----","");var q=p.replace(/\s+/g,"");var n=b64tohex(q);return n},getDecryptedKeyHexByKeyIV:function(o,r,q,p){var n=b(r);return n(o,q,p)},parsePKCS5PEM:function(n){return l(n)},getKeyAndUnusedIvByPasscodeAndIvsalt:function(o,n,p){return h(o,n,p)},decryptKeyB64:function(n,p,o,q){return a(n,p,o,q)},getDecryptedKeyHex:function(w,v){var o=l(w);var r=o.type;var p=o.cipher;var n=o.ivsalt;var q=o.data;var u=h(p,v,n);var t=u.keyhex;var s=a(q,p,t,n);return s},getRSAKeyFromEncryptedPKCS5PEM:function(p,o){var q=this.getDecryptedKeyHex(p,o);var n=new RSAKey();n.readPrivateKeyFromASN1HexString(q);return n},getEryptedPKCS5PEMFromPrvKeyHex:function(q,x,r,p){var n="";if(typeof r=="undefined"||r==null){r="AES-256-CBC"}if(typeof g[r]=="undefined"){throw"PKCS5PKEY unsupported algorithm: "+r}if(typeof p=="undefined"||p==null){var t=g[r]["ivlen"];var s=k(t);p=s.toUpperCase()}var w=h(r,x,p);var v=w.keyhex;var u=f(q,r,v,p);var o=u.replace(/(.{64})/g,"$1\r\n");var n="-----BEGIN RSA PRIVATE KEY-----\r\n";n+="Proc-Type: 4,ENCRYPTED\r\n";n+="DEK-Info: "+r+","+p+"\r\n";n+="\r\n";n+=o;n+="\r\n-----END RSA PRIVATE KEY-----\r\n";return n},getEryptedPKCS5PEMFromRSAKey:function(C,D,o,s){var A=new KJUR.asn1.DERInteger({"int":0});var v=new KJUR.asn1.DERInteger({bigint:C.n});var z=new KJUR.asn1.DERInteger({"int":C.e});var B=new KJUR.asn1.DERInteger({bigint:C.d});var t=new KJUR.asn1.DERInteger({bigint:C.p});var r=new KJUR.asn1.DERInteger({bigint:C.q});var y=new KJUR.asn1.DERInteger({bigint:C.dmp1});var u=new KJUR.asn1.DERInteger({bigint:C.dmq1});var x=new KJUR.asn1.DERInteger({bigint:C.coeff});var E=new KJUR.asn1.DERSequence({array:[A,v,z,B,t,r,y,u,x]});var w=E.getEncodedHex();return this.getEryptedPKCS5PEMFromPrvKeyHex(w,D,o,s)},newEncryptedPKCS5PEM:function(n,o,r,s){if(typeof o=="undefined"||o==null){o=1024}if(typeof r=="undefined"||r==null){r="10001"}var p=new RSAKey();p.generate(o,r);var q=null;if(typeof s=="undefined"||s==null){q=this.getEncryptedPKCS5PEMFromRSAKey(pkey,n)}else{q=this.getEncryptedPKCS5PEMFromRSAKey(pkey,n,s)}return q},getRSAKeyFromPlainPKCS8PEM:function(p){if(p.match(/ENCRYPTED/)){throw"pem shall be not ENCRYPTED"}var o=this.getHexFromPEM(p,"PRIVATE KEY");var n=this.getRSAKeyFromPlainPKCS8Hex(o);return n},getRSAKeyFromPlainPKCS8Hex:function(q){var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,0);if(p.length!=3){throw"outer DERSequence shall have 3 elements: "+p.length}var o=ASN1HEX.getHexOfTLV_AtObj(q,p[1]);if(o!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmIdentifier is not rsaEnc: "+o}var o=ASN1HEX.getHexOfTLV_AtObj(q,p[1]);var r=ASN1HEX.getHexOfTLV_AtObj(q,p[2]);var s=ASN1HEX.getHexOfV_AtObj(r,0);var n=new RSAKey();n.readPrivateKeyFromASN1HexString(s);return n},parseHexOfEncryptedPKCS8:function(u){var q={};var p=ASN1HEX.getPosArrayOfChildren_AtObj(u,0);if(p.length!=2){throw"malformed format: SEQUENCE(0).items != 2: "+p.length}q.ciphertext=ASN1HEX.getHexOfV_AtObj(u,p[1]);var w=ASN1HEX.getPosArrayOfChildren_AtObj(u,p[0]);if(w.length!=2){throw"malformed format: SEQUENCE(0.0).items != 2: "+w.length}if(ASN1HEX.getHexOfV_AtObj(u,w[0])!="2a864886f70d01050d"){throw"this only supports pkcs5PBES2"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(u,w[1]);if(w.length!=2){throw"malformed format: SEQUENCE(0.0.1).items != 2: "+n.length}var o=ASN1HEX.getPosArrayOfChildren_AtObj(u,n[1]);if(o.length!=2){throw"malformed format: SEQUENCE(0.0.1.1).items != 2: "+o.length}if(ASN1HEX.getHexOfV_AtObj(u,o[0])!="2a864886f70d0307"){throw"this only supports TripleDES"}q.encryptionSchemeAlg="TripleDES";q.encryptionSchemeIV=ASN1HEX.getHexOfV_AtObj(u,o[1]);var r=ASN1HEX.getPosArrayOfChildren_AtObj(u,n[0]);if(r.length!=2){throw"malformed format: SEQUENCE(0.0.1.0).items != 2: "+r.length}if(ASN1HEX.getHexOfV_AtObj(u,r[0])!="2a864886f70d01050c"){throw"this only supports pkcs5PBKDF2"}var v=ASN1HEX.getPosArrayOfChildren_AtObj(u,r[1]);if(v.length<2){throw"malformed format: SEQUENCE(0.0.1.0.1).items < 2: "+v.length}q.pbkdf2Salt=ASN1HEX.getHexOfV_AtObj(u,v[0]);var s=ASN1HEX.getHexOfV_AtObj(u,v[1]);try{q.pbkdf2Iter=parseInt(s,16)}catch(t){throw"malformed format pbkdf2Iter: "+s}return q},getPBKDF2KeyHexFromParam:function(s,n){var r=CryptoJS.enc.Hex.parse(s.pbkdf2Salt);var o=s.pbkdf2Iter;var q=CryptoJS.PBKDF2(n,r,{keySize:192/32,iterations:o});var p=CryptoJS.enc.Hex.stringify(q);return p},getPlainPKCS8HexFromEncryptedPKCS8PEM:function(v,w){var p=this.getHexFromPEM(v,"ENCRYPTED PRIVATE KEY");var n=this.parseHexOfEncryptedPKCS8(p);var s=PKCS5PKEY.getPBKDF2KeyHexFromParam(n,w);var t={};t.ciphertext=CryptoJS.enc.Hex.parse(n.ciphertext);var r=CryptoJS.enc.Hex.parse(s);var q=CryptoJS.enc.Hex.parse(n.encryptionSchemeIV);var u=CryptoJS.TripleDES.decrypt(t,r,{iv:q});var o=CryptoJS.enc.Hex.stringify(u);return o},getRSAKeyFromEncryptedPKCS8PEM:function(q,p){var o=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(q,p);var n=this.getRSAKeyFromPlainPKCS8Hex(o);return n},getKeyFromEncryptedPKCS8PEM:function(q,o){var n=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(q,o);var p=this.getKeyFromPlainPrivatePKCS8Hex(n);return p},parsePlainPrivatePKCS8Hex:function(q){var o={};o.algparam=null;if(q.substr(0,2)!="30"){throw"malformed plain PKCS8 private key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,0);if(p.length!=3){throw"malformed plain PKCS8 private key(code:002)"}if(q.substr(p[1],2)!="30"){throw"malformed PKCS8 private key(code:003)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(q,p[1]);if(n.length!=2){throw"malformed PKCS8 private key(code:004)"}if(q.substr(n[0],2)!="06"){throw"malformed PKCS8 private key(code:005)"}o.algoid=ASN1HEX.getHexOfV_AtObj(q,n[0]);if(q.substr(n[1],2)=="06"){o.algparam=ASN1HEX.getHexOfV_AtObj(q,n[1])}if(q.substr(p[2],2)!="04"){throw"malformed PKCS8 private key(code:006)"}o.keyidx=ASN1HEX.getStartPosOfV_AtObj(q,p[2]);return o},getKeyFromPlainPrivatePKCS8PEM:function(o){var n=this.getHexFromPEM(o,"PRIVATE KEY");var p=this.getKeyFromPlainPrivatePKCS8Hex(n);return p},getKeyFromPlainPrivatePKCS8Hex:function(n){var p=this.parsePlainPrivatePKCS8Hex(n);if(p.algoid=="2a864886f70d010101"){this.parsePrivateRawRSAKeyHexAtObj(n,p);var o=p.key;var q=new RSAKey();q.setPrivateEx(o.n,o.e,o.d,o.p,o.q,o.dp,o.dq,o.co);return q}else{if(p.algoid=="2a8648ce3d0201"){this.parsePrivateRawECKeyHexAtObj(n,p);if(KJUR.crypto.OID.oidhex2name[p.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+p.algparam}var r=KJUR.crypto.OID.oidhex2name[p.algparam];var q=new KJUR.crypto.ECDSA({curve:r,prv:p.key});return q}else{throw"unsupported private key algorithm"}}},getRSAKeyFromPublicPKCS8PEM:function(o){var p=this.getHexFromPEM(o,"PUBLIC KEY");var n=this.getRSAKeyFromPublicPKCS8Hex(p);return n},getKeyFromPublicPKCS8PEM:function(o){var p=this.getHexFromPEM(o,"PUBLIC KEY");var n=this.getKeyFromPublicPKCS8Hex(p);return n},getKeyFromPublicPKCS8Hex:function(o){var n=this.parsePublicPKCS8Hex(o);if(n.algoid=="2a864886f70d010101"){var r=this.parsePublicRawRSAKeyHex(n.key);var p=new RSAKey();p.setPublic(r.n,r.e);return p}else{if(n.algoid=="2a8648ce3d0201"){if(KJUR.crypto.OID.oidhex2name[n.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+n.algparam}var q=KJUR.crypto.OID.oidhex2name[n.algparam];var p=new KJUR.crypto.ECDSA({curve:q,pub:n.key});return p}else{throw"unsupported public key algorithm"}}},parsePublicRawRSAKeyHex:function(p){var n={};if(p.substr(0,2)!="30"){throw"malformed RSA key(code:001)"}var o=ASN1HEX.getPosArrayOfChildren_AtObj(p,0);if(o.length!=2){throw"malformed RSA key(code:002)"}if(p.substr(o[0],2)!="02"){throw"malformed RSA key(code:003)"}n.n=ASN1HEX.getHexOfV_AtObj(p,o[0]);if(p.substr(o[1],2)!="02"){throw"malformed RSA key(code:004)"}n.e=ASN1HEX.getHexOfV_AtObj(p,o[1]);return n},parsePrivateRawRSAKeyHexAtObj:function(o,q){var p=q.keyidx;if(o.substr(p,2)!="30"){throw"malformed RSA private key(code:001)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(o,p);if(n.length!=9){throw"malformed RSA private key(code:002)"}q.key={};q.key.n=ASN1HEX.getHexOfV_AtObj(o,n[1]);q.key.e=ASN1HEX.getHexOfV_AtObj(o,n[2]);q.key.d=ASN1HEX.getHexOfV_AtObj(o,n[3]);q.key.p=ASN1HEX.getHexOfV_AtObj(o,n[4]);q.key.q=ASN1HEX.getHexOfV_AtObj(o,n[5]);q.key.dp=ASN1HEX.getHexOfV_AtObj(o,n[6]);q.key.dq=ASN1HEX.getHexOfV_AtObj(o,n[7]);q.key.co=ASN1HEX.getHexOfV_AtObj(o,n[8])},parsePrivateRawECKeyHexAtObj:function(o,q){var p=q.keyidx;if(o.substr(p,2)!="30"){throw"malformed ECC private key(code:001)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(o,p);if(n.length!=3){throw"malformed ECC private key(code:002)"}if(o.substr(n[1],2)!="04"){throw"malformed ECC private key(code:003)"}q.key=ASN1HEX.getHexOfV_AtObj(o,n[1])},parsePublicPKCS8Hex:function(q){var o={};o.algparam=null;var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,0);if(p.length!=2){throw"outer DERSequence shall have 2 elements: "+p.length}var r=p[0];if(q.substr(r,2)!="30"){throw"malformed PKCS8 public key(code:001)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(q,r);if(n.length!=2){throw"malformed PKCS8 public key(code:002)"}if(q.substr(n[0],2)!="06"){throw"malformed PKCS8 public key(code:003)"}o.algoid=ASN1HEX.getHexOfV_AtObj(q,n[0]);if(q.substr(n[1],2)=="06"){o.algparam=ASN1HEX.getHexOfV_AtObj(q,n[1])}if(q.substr(p[1],2)!="03"){throw"malformed PKCS8 public key(code:004)"}o.key=ASN1HEX.getHexOfV_AtObj(q,p[1]).substr(2);return o},getRSAKeyFromPublicPKCS8Hex:function(r){var q=ASN1HEX.getPosArrayOfChildren_AtObj(r,0);if(q.length!=2){throw"outer DERSequence shall have 2 elements: "+q.length}var p=ASN1HEX.getHexOfTLV_AtObj(r,q[0]);if(p!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmId is not rsaEncryption"}if(r.substr(q[1],2)!="03"){throw"PKCS8 Public Key is not BITSTRING encapslated."}var t=ASN1HEX.getStartPosOfV_AtObj(r,q[1])+2;if(r.substr(t,2)!="30"){throw"PKCS8 Public Key is not SEQUENCE."}var n=ASN1HEX.getPosArrayOfChildren_AtObj(r,t);if(n.length!=2){throw"inner DERSequence shall have 2 elements: "+n.length}if(r.substr(n[0],2)!="02"){throw"N is not ASN.1 INTEGER"}if(r.substr(n[1],2)!="02"){throw"E is not ASN.1 INTEGER"}var u=ASN1HEX.getHexOfV_AtObj(r,n[0]);var s=ASN1HEX.getHexOfV_AtObj(r,n[1]);var o=new RSAKey();o.setPublic(u,s);return o},}}(); +var PKCS5PKEY=function(){var c=function(n,p,o){return i(CryptoJS.AES,n,p,o)};var d=function(n,p,o){return i(CryptoJS.TripleDES,n,p,o)};var i=function(q,v,s,o){var p=CryptoJS.enc.Hex.parse(v);var u=CryptoJS.enc.Hex.parse(s);var n=CryptoJS.enc.Hex.parse(o);var r={};r.key=u;r.iv=n;r.ciphertext=p;var t=q.decrypt(r,u,{iv:n});return CryptoJS.enc.Hex.stringify(t)};var j=function(n,p,o){return e(CryptoJS.AES,n,p,o)};var m=function(n,p,o){return e(CryptoJS.TripleDES,n,p,o)};var e=function(s,x,v,p){var r=CryptoJS.enc.Hex.parse(x);var w=CryptoJS.enc.Hex.parse(v);var o=CryptoJS.enc.Hex.parse(p);var n={};var u=s.encrypt(r,w,{iv:o});var q=CryptoJS.enc.Hex.parse(u.toString());var t=CryptoJS.enc.Base64.stringify(q);return t};var g={"AES-256-CBC":{proc:c,eproc:j,keylen:32,ivlen:16},"AES-192-CBC":{proc:c,eproc:j,keylen:24,ivlen:16},"AES-128-CBC":{proc:c,eproc:j,keylen:16,ivlen:16},"DES-EDE3-CBC":{proc:d,eproc:m,keylen:24,ivlen:8}};var b=function(n){return g[n]["proc"]};var k=function(n){var p=CryptoJS.lib.WordArray.random(n);var o=CryptoJS.enc.Hex.stringify(p);return o};var l=function(t){var u={};var o=t.match(new RegExp("DEK-Info: ([^,]+),([0-9A-Fa-f]+)","m"));if(o){u.cipher=o[1];u.ivsalt=o[2]}var n=t.match(new RegExp("-----BEGIN ([A-Z]+) PRIVATE KEY-----"));if(n){u.type=n[1]}var r=-1;var v=0;if(t.indexOf("\r\n\r\n")!=-1){r=t.indexOf("\r\n\r\n");v=2}if(t.indexOf("\n\n")!=-1){r=t.indexOf("\n\n");v=1}var q=t.indexOf("-----END");if(r!=-1&&q!=-1){var p=t.substring(r+v*2,q-v);p=p.replace(/\s+/g,"");u.data=p}return u};var h=function(o,w,n){var t=n.substring(0,16);var r=CryptoJS.enc.Hex.parse(t);var p=CryptoJS.enc.Utf8.parse(w);var s=g[o]["keylen"]+g[o]["ivlen"];var v="";var u=null;for(;;){var q=CryptoJS.algo.MD5.create();if(u!=null){q.update(u)}q.update(p);q.update(r);u=q.finalize();v=v+CryptoJS.enc.Hex.stringify(u);if(v.length>=s*2){break}}var x={};x.keyhex=v.substr(0,g[o]["keylen"]*2);x.ivhex=v.substr(g[o]["keylen"]*2,g[o]["ivlen"]*2);return x};var a=function(n,t,p,u){var q=CryptoJS.enc.Base64.parse(n);var o=CryptoJS.enc.Hex.stringify(q);var s=g[t]["proc"];var r=s(o,p,u);return r};var f=function(n,q,o,s){var p=g[q]["eproc"];var r=p(n,o,s);return r};return{version:"1.0.5",getHexFromPEM:function(o,r){var p=o;if(p.indexOf("BEGIN "+r)==-1){throw"can't find PEM header: "+r}p=p.replace("-----BEGIN "+r+"-----","");p=p.replace("-----END "+r+"-----","");var q=p.replace(/\s+/g,"");var n=b64tohex(q);return n},getDecryptedKeyHexByKeyIV:function(o,r,q,p){var n=b(r);return n(o,q,p)},parsePKCS5PEM:function(n){return l(n)},getKeyAndUnusedIvByPasscodeAndIvsalt:function(o,n,p){return h(o,n,p)},decryptKeyB64:function(n,p,o,q){return a(n,p,o,q)},getDecryptedKeyHex:function(w,v){var o=l(w);var r=o.type;var p=o.cipher;var n=o.ivsalt;var q=o.data;var u=h(p,v,n);var t=u.keyhex;var s=a(q,p,t,n);return s},getRSAKeyFromEncryptedPKCS5PEM:function(p,o){var q=this.getDecryptedKeyHex(p,o);var n=new RSAKey();n.readPrivateKeyFromASN1HexString(q);return n},getEncryptedPKCS5PEMFromPrvKeyHex:function(q,x,r,p){if(typeof r=="undefined"||r==null){r="AES-256-CBC"}if(typeof g[r]=="undefined"){throw"PKCS5PKEY unsupported algorithm: "+r}if(typeof p=="undefined"||p==null){var t=g[r]["ivlen"];var s=k(t);p=s.toUpperCase()}var w=h(r,x,p);var v=w.keyhex;var u=f(q,r,v,p);var o=u.replace(/(.{64})/g,"$1\r\n");var n="-----BEGIN RSA PRIVATE KEY-----\r\n";n+="Proc-Type: 4,ENCRYPTED\r\n";n+="DEK-Info: "+r+","+p+"\r\n";n+="\r\n";n+=o;n+="\r\n-----END RSA PRIVATE KEY-----\r\n";return n},getEncryptedPKCS5PEMFromRSAKey:function(C,D,o,s){var A=new KJUR.asn1.DERInteger({"int":0});var v=new KJUR.asn1.DERInteger({bigint:C.n});var z=new KJUR.asn1.DERInteger({"int":C.e});var B=new KJUR.asn1.DERInteger({bigint:C.d});var t=new KJUR.asn1.DERInteger({bigint:C.p});var r=new KJUR.asn1.DERInteger({bigint:C.q});var y=new KJUR.asn1.DERInteger({bigint:C.dmp1});var u=new KJUR.asn1.DERInteger({bigint:C.dmq1});var x=new KJUR.asn1.DERInteger({bigint:C.coeff});var E=new KJUR.asn1.DERSequence({array:[A,v,z,B,t,r,y,u,x]});var w=E.getEncodedHex();return this.getEncryptedPKCS5PEMFromPrvKeyHex(w,D,o,s)},newEncryptedPKCS5PEM:function(n,o,r,s){if(typeof o=="undefined"||o==null){o=1024}if(typeof r=="undefined"||r==null){r="10001"}var p=new RSAKey();p.generate(o,r);var q=null;if(typeof s=="undefined"||s==null){q=this.getEncryptedPKCS5PEMFromRSAKey(pkey,n)}else{q=this.getEncryptedPKCS5PEMFromRSAKey(pkey,n,s)}return q},getRSAKeyFromPlainPKCS8PEM:function(p){if(p.match(/ENCRYPTED/)){throw"pem shall be not ENCRYPTED"}var o=this.getHexFromPEM(p,"PRIVATE KEY");var n=this.getRSAKeyFromPlainPKCS8Hex(o);return n},getRSAKeyFromPlainPKCS8Hex:function(q){var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,0);if(p.length!=3){throw"outer DERSequence shall have 3 elements: "+p.length}var o=ASN1HEX.getHexOfTLV_AtObj(q,p[1]);if(o!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmIdentifier is not rsaEnc: "+o}var r=ASN1HEX.getHexOfTLV_AtObj(q,p[2]);var s=ASN1HEX.getHexOfV_AtObj(r,0);var n=new RSAKey();n.readPrivateKeyFromASN1HexString(s);return n},parseHexOfEncryptedPKCS8:function(u){var q={};var p=ASN1HEX.getPosArrayOfChildren_AtObj(u,0);if(p.length!=2){throw"malformed format: SEQUENCE(0).items != 2: "+p.length}q.ciphertext=ASN1HEX.getHexOfV_AtObj(u,p[1]);var w=ASN1HEX.getPosArrayOfChildren_AtObj(u,p[0]);if(w.length!=2){throw"malformed format: SEQUENCE(0.0).items != 2: "+w.length}if(ASN1HEX.getHexOfV_AtObj(u,w[0])!="2a864886f70d01050d"){throw"this only supports pkcs5PBES2"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(u,w[1]);if(w.length!=2){throw"malformed format: SEQUENCE(0.0.1).items != 2: "+n.length}var o=ASN1HEX.getPosArrayOfChildren_AtObj(u,n[1]);if(o.length!=2){throw"malformed format: SEQUENCE(0.0.1.1).items != 2: "+o.length}if(ASN1HEX.getHexOfV_AtObj(u,o[0])!="2a864886f70d0307"){throw"this only supports TripleDES"}q.encryptionSchemeAlg="TripleDES";q.encryptionSchemeIV=ASN1HEX.getHexOfV_AtObj(u,o[1]);var r=ASN1HEX.getPosArrayOfChildren_AtObj(u,n[0]);if(r.length!=2){throw"malformed format: SEQUENCE(0.0.1.0).items != 2: "+r.length}if(ASN1HEX.getHexOfV_AtObj(u,r[0])!="2a864886f70d01050c"){throw"this only supports pkcs5PBKDF2"}var v=ASN1HEX.getPosArrayOfChildren_AtObj(u,r[1]);if(v.length<2){throw"malformed format: SEQUENCE(0.0.1.0.1).items < 2: "+v.length}q.pbkdf2Salt=ASN1HEX.getHexOfV_AtObj(u,v[0]);var s=ASN1HEX.getHexOfV_AtObj(u,v[1]);try{q.pbkdf2Iter=parseInt(s,16)}catch(t){throw"malformed format pbkdf2Iter: "+s}return q},getPBKDF2KeyHexFromParam:function(s,n){var r=CryptoJS.enc.Hex.parse(s.pbkdf2Salt);var o=s.pbkdf2Iter;var q=CryptoJS.PBKDF2(n,r,{keySize:192/32,iterations:o});var p=CryptoJS.enc.Hex.stringify(q);return p},getPlainPKCS8HexFromEncryptedPKCS8PEM:function(v,w){var p=this.getHexFromPEM(v,"ENCRYPTED PRIVATE KEY");var n=this.parseHexOfEncryptedPKCS8(p);var s=PKCS5PKEY.getPBKDF2KeyHexFromParam(n,w);var t={};t.ciphertext=CryptoJS.enc.Hex.parse(n.ciphertext);var r=CryptoJS.enc.Hex.parse(s);var q=CryptoJS.enc.Hex.parse(n.encryptionSchemeIV);var u=CryptoJS.TripleDES.decrypt(t,r,{iv:q});var o=CryptoJS.enc.Hex.stringify(u);return o},getRSAKeyFromEncryptedPKCS8PEM:function(q,p){var o=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(q,p);var n=this.getRSAKeyFromPlainPKCS8Hex(o);return n},getKeyFromEncryptedPKCS8PEM:function(q,o){var n=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(q,o);var p=this.getKeyFromPlainPrivatePKCS8Hex(n);return p},parsePlainPrivatePKCS8Hex:function(q){var o={};o.algparam=null;if(q.substr(0,2)!="30"){throw"malformed plain PKCS8 private key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,0);if(p.length!=3){throw"malformed plain PKCS8 private key(code:002)"}if(q.substr(p[1],2)!="30"){throw"malformed PKCS8 private key(code:003)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(q,p[1]);if(n.length!=2){throw"malformed PKCS8 private key(code:004)"}if(q.substr(n[0],2)!="06"){throw"malformed PKCS8 private key(code:005)"}o.algoid=ASN1HEX.getHexOfV_AtObj(q,n[0]);if(q.substr(n[1],2)=="06"){o.algparam=ASN1HEX.getHexOfV_AtObj(q,n[1])}if(q.substr(p[2],2)!="04"){throw"malformed PKCS8 private key(code:006)"}o.keyidx=ASN1HEX.getStartPosOfV_AtObj(q,p[2]);return o},getKeyFromPlainPrivatePKCS8PEM:function(o){var n=this.getHexFromPEM(o,"PRIVATE KEY");var p=this.getKeyFromPlainPrivatePKCS8Hex(n);return p},getKeyFromPlainPrivatePKCS8Hex:function(n){var p=this.parsePlainPrivatePKCS8Hex(n);if(p.algoid=="2a864886f70d010101"){this.parsePrivateRawRSAKeyHexAtObj(n,p);var o=p.key;var q=new RSAKey();q.setPrivateEx(o.n,o.e,o.d,o.p,o.q,o.dp,o.dq,o.co);return q}else{if(p.algoid=="2a8648ce3d0201"){this.parsePrivateRawECKeyHexAtObj(n,p);if(KJUR.crypto.OID.oidhex2name[p.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+p.algparam}var r=KJUR.crypto.OID.oidhex2name[p.algparam];var q=new KJUR.crypto.ECDSA({curve:r,prv:p.key});return q}else{throw"unsupported private key algorithm"}}},getRSAKeyFromPublicPKCS8PEM:function(o){var p=this.getHexFromPEM(o,"PUBLIC KEY");var n=this.getRSAKeyFromPublicPKCS8Hex(p);return n},getKeyFromPublicPKCS8PEM:function(o){var p=this.getHexFromPEM(o,"PUBLIC KEY");var n=this.getKeyFromPublicPKCS8Hex(p);return n},getKeyFromPublicPKCS8Hex:function(o){var n=this.parsePublicPKCS8Hex(o);if(n.algoid=="2a864886f70d010101"){var r=this.parsePublicRawRSAKeyHex(n.key);var p=new RSAKey();p.setPublic(r.n,r.e);return p}else{if(n.algoid=="2a8648ce3d0201"){if(KJUR.crypto.OID.oidhex2name[n.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+n.algparam}var q=KJUR.crypto.OID.oidhex2name[n.algparam];var p=new KJUR.crypto.ECDSA({curve:q,pub:n.key});return p}else{throw"unsupported public key algorithm"}}},parsePublicRawRSAKeyHex:function(p){var n={};if(p.substr(0,2)!="30"){throw"malformed RSA key(code:001)"}var o=ASN1HEX.getPosArrayOfChildren_AtObj(p,0);if(o.length!=2){throw"malformed RSA key(code:002)"}if(p.substr(o[0],2)!="02"){throw"malformed RSA key(code:003)"}n.n=ASN1HEX.getHexOfV_AtObj(p,o[0]);if(p.substr(o[1],2)!="02"){throw"malformed RSA key(code:004)"}n.e=ASN1HEX.getHexOfV_AtObj(p,o[1]);return n},parsePrivateRawRSAKeyHexAtObj:function(o,q){var p=q.keyidx;if(o.substr(p,2)!="30"){throw"malformed RSA private key(code:001)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(o,p);if(n.length!=9){throw"malformed RSA private key(code:002)"}q.key={};q.key.n=ASN1HEX.getHexOfV_AtObj(o,n[1]);q.key.e=ASN1HEX.getHexOfV_AtObj(o,n[2]);q.key.d=ASN1HEX.getHexOfV_AtObj(o,n[3]);q.key.p=ASN1HEX.getHexOfV_AtObj(o,n[4]);q.key.q=ASN1HEX.getHexOfV_AtObj(o,n[5]);q.key.dp=ASN1HEX.getHexOfV_AtObj(o,n[6]);q.key.dq=ASN1HEX.getHexOfV_AtObj(o,n[7]);q.key.co=ASN1HEX.getHexOfV_AtObj(o,n[8])},parsePrivateRawECKeyHexAtObj:function(o,q){var p=q.keyidx;if(o.substr(p,2)!="30"){throw"malformed ECC private key(code:001)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(o,p);if(n.length!=3){throw"malformed ECC private key(code:002)"}if(o.substr(n[1],2)!="04"){throw"malformed ECC private key(code:003)"}q.key=ASN1HEX.getHexOfV_AtObj(o,n[1])},parsePublicPKCS8Hex:function(q){var o={};o.algparam=null;var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,0);if(p.length!=2){throw"outer DERSequence shall have 2 elements: "+p.length}var r=p[0];if(q.substr(r,2)!="30"){throw"malformed PKCS8 public key(code:001)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(q,r);if(n.length!=2){throw"malformed PKCS8 public key(code:002)"}if(q.substr(n[0],2)!="06"){throw"malformed PKCS8 public key(code:003)"}o.algoid=ASN1HEX.getHexOfV_AtObj(q,n[0]);if(q.substr(n[1],2)=="06"){o.algparam=ASN1HEX.getHexOfV_AtObj(q,n[1])}if(q.substr(p[1],2)!="03"){throw"malformed PKCS8 public key(code:004)"}o.key=ASN1HEX.getHexOfV_AtObj(q,p[1]).substr(2);return o},getRSAKeyFromPublicPKCS8Hex:function(r){var q=ASN1HEX.getPosArrayOfChildren_AtObj(r,0);if(q.length!=2){throw"outer DERSequence shall have 2 elements: "+q.length}var p=ASN1HEX.getHexOfTLV_AtObj(r,q[0]);if(p!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmId is not rsaEncryption"}if(r.substr(q[1],2)!="03"){throw"PKCS8 Public Key is not BITSTRING encapslated."}var t=ASN1HEX.getStartPosOfV_AtObj(r,q[1])+2;if(r.substr(t,2)!="30"){throw"PKCS8 Public Key is not SEQUENCE."}var n=ASN1HEX.getPosArrayOfChildren_AtObj(r,t);if(n.length!=2){throw"inner DERSequence shall have 2 elements: "+n.length}if(r.substr(n[0],2)!="02"){throw"N is not ASN.1 INTEGER"}if(r.substr(n[1],2)!="02"){throw"E is not ASN.1 INTEGER"}var u=ASN1HEX.getHexOfV_AtObj(r,n[0]);var s=ASN1HEX.getHexOfV_AtObj(r,n[1]);var o=new RSAKey();o.setPublic(u,s);return o},}}(); /*! keyutil-1.0.14.js (c) 2013-2016 Kenji Urushima | kjur.github.com/jsrsasign/license */ var KEYUTIL=function(){var d=function(p,r,q){return k(CryptoJS.AES,p,r,q)};var e=function(p,r,q){return k(CryptoJS.TripleDES,p,r,q)};var a=function(p,r,q){return k(CryptoJS.DES,p,r,q)};var k=function(s,x,u,q){var r=CryptoJS.enc.Hex.parse(x);var w=CryptoJS.enc.Hex.parse(u);var p=CryptoJS.enc.Hex.parse(q);var t={};t.key=w;t.iv=p;t.ciphertext=r;var v=s.decrypt(t,w,{iv:p});return CryptoJS.enc.Hex.stringify(v)};var l=function(p,r,q){return g(CryptoJS.AES,p,r,q)};var o=function(p,r,q){return g(CryptoJS.TripleDES,p,r,q)};var f=function(p,r,q){return g(CryptoJS.DES,p,r,q)};var g=function(t,y,v,q){var s=CryptoJS.enc.Hex.parse(y);var x=CryptoJS.enc.Hex.parse(v);var p=CryptoJS.enc.Hex.parse(q);var w=t.encrypt(s,x,{iv:p});var r=CryptoJS.enc.Hex.parse(w.toString());var u=CryptoJS.enc.Base64.stringify(r);return u};var i={"AES-256-CBC":{proc:d,eproc:l,keylen:32,ivlen:16},"AES-192-CBC":{proc:d,eproc:l,keylen:24,ivlen:16},"AES-128-CBC":{proc:d,eproc:l,keylen:16,ivlen:16},"DES-EDE3-CBC":{proc:e,eproc:o,keylen:24,ivlen:8},"DES-CBC":{proc:a,eproc:f,keylen:8,ivlen:8}};var c=function(p){return i[p]["proc"]};var m=function(p){var r=CryptoJS.lib.WordArray.random(p);var q=CryptoJS.enc.Hex.stringify(r);return q};var n=function(v){var w={};var q=v.match(new RegExp("DEK-Info: ([^,]+),([0-9A-Fa-f]+)","m"));if(q){w.cipher=q[1];w.ivsalt=q[2]}var p=v.match(new RegExp("-----BEGIN ([A-Z]+) PRIVATE KEY-----"));if(p){w.type=p[1]}var u=-1;var x=0;if(v.indexOf("\r\n\r\n")!=-1){u=v.indexOf("\r\n\r\n");x=2}if(v.indexOf("\n\n")!=-1){u=v.indexOf("\n\n");x=1}var t=v.indexOf("-----END");if(u!=-1&&t!=-1){var r=v.substring(u+x*2,t-x);r=r.replace(/\s+/g,"");w.data=r}return w};var j=function(q,y,p){var v=p.substring(0,16);var t=CryptoJS.enc.Hex.parse(v);var r=CryptoJS.enc.Utf8.parse(y);var u=i[q]["keylen"]+i[q]["ivlen"];var x="";var w=null;for(;;){var s=CryptoJS.algo.MD5.create();if(w!=null){s.update(w)}s.update(r);s.update(t);w=s.finalize();x=x+CryptoJS.enc.Hex.stringify(w);if(x.length>=u*2){break}}var z={};z.keyhex=x.substr(0,i[q]["keylen"]*2);z.ivhex=x.substr(i[q]["keylen"]*2,i[q]["ivlen"]*2);return z};var b=function(p,v,r,w){var s=CryptoJS.enc.Base64.parse(p);var q=CryptoJS.enc.Hex.stringify(s);var u=i[v]["proc"];var t=u(q,r,w);return t};var h=function(p,s,q,u){var r=i[s]["eproc"];var t=r(p,q,u);return t};return{version:"1.0.0",getHexFromPEM:function(q,u){var r=q;if(r.indexOf("-----BEGIN ")==-1){throw"can't find PEM header: "+u}if(typeof u=="string"&&u!=""){r=r.replace("-----BEGIN "+u+"-----","");r=r.replace("-----END "+u+"-----","")}else{r=r.replace(/-----BEGIN [^-]+-----/,"");r=r.replace(/-----END [^-]+-----/,"")}var t=r.replace(/\s+/g,"");var p=b64tohex(t);return p},getDecryptedKeyHexByKeyIV:function(q,t,s,r){var p=c(t);return p(q,s,r)},parsePKCS5PEM:function(p){return n(p)},getKeyAndUnusedIvByPasscodeAndIvsalt:function(q,p,r){return j(q,p,r)},decryptKeyB64:function(p,r,q,s){return b(p,r,q,s)},getDecryptedKeyHex:function(y,x){var q=n(y);var t=q.type;var r=q.cipher;var p=q.ivsalt;var s=q.data;var w=j(r,x,p);var v=w.keyhex;var u=b(s,r,v,p);return u},getRSAKeyFromEncryptedPKCS5PEM:function(r,q){var s=this.getDecryptedKeyHex(r,q);var p=new RSAKey();p.readPrivateKeyFromASN1HexString(s);return p},getEncryptedPKCS5PEMFromPrvKeyHex:function(x,s,A,t,r){var p="";if(typeof t=="undefined"||t==null){t="AES-256-CBC"}if(typeof i[t]=="undefined"){throw"KEYUTIL unsupported algorithm: "+t}if(typeof r=="undefined"||r==null){var v=i[t]["ivlen"];var u=m(v);r=u.toUpperCase()}var z=j(t,A,r);var y=z.keyhex;var w=h(s,t,y,r);var q=w.replace(/(.{64})/g,"$1\r\n");var p="-----BEGIN "+x+" PRIVATE KEY-----\r\n";p+="Proc-Type: 4,ENCRYPTED\r\n";p+="DEK-Info: "+t+","+r+"\r\n";p+="\r\n";p+=q;p+="\r\n-----END "+x+" PRIVATE KEY-----\r\n";return p},getEncryptedPKCS5PEMFromRSAKey:function(D,E,r,t){var B=new KJUR.asn1.DERInteger({"int":0});var w=new KJUR.asn1.DERInteger({bigint:D.n});var A=new KJUR.asn1.DERInteger({"int":D.e});var C=new KJUR.asn1.DERInteger({bigint:D.d});var u=new KJUR.asn1.DERInteger({bigint:D.p});var s=new KJUR.asn1.DERInteger({bigint:D.q});var z=new KJUR.asn1.DERInteger({bigint:D.dmp1});var v=new KJUR.asn1.DERInteger({bigint:D.dmq1});var y=new KJUR.asn1.DERInteger({bigint:D.coeff});var F=new KJUR.asn1.DERSequence({array:[B,w,A,C,u,s,z,v,y]});var x=F.getEncodedHex();return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA",x,E,r,t)},newEncryptedPKCS5PEM:function(p,q,t,u){if(typeof q=="undefined"||q==null){q=1024}if(typeof t=="undefined"||t==null){t="10001"}var r=new RSAKey();r.generate(q,t);var s=null;if(typeof u=="undefined"||u==null){s=this.getEncryptedPKCS5PEMFromRSAKey(r,p)}else{s=this.getEncryptedPKCS5PEMFromRSAKey(r,p,u)}return s},getRSAKeyFromPlainPKCS8PEM:function(r){if(r.match(/ENCRYPTED/)){throw"pem shall be not ENCRYPTED"}var q=this.getHexFromPEM(r,"PRIVATE KEY");var p=this.getRSAKeyFromPlainPKCS8Hex(q);return p},getRSAKeyFromPlainPKCS8Hex:function(s){var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=3){throw"outer DERSequence shall have 3 elements: "+r.length}var q=ASN1HEX.getHexOfTLV_AtObj(s,r[1]);if(q!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmIdentifier is not rsaEnc: "+q}var q=ASN1HEX.getHexOfTLV_AtObj(s,r[1]);var t=ASN1HEX.getHexOfTLV_AtObj(s,r[2]);var u=ASN1HEX.getHexOfV_AtObj(t,0);var p=new RSAKey();p.readPrivateKeyFromASN1HexString(u);return p},parseHexOfEncryptedPKCS8:function(w){var s={};var r=ASN1HEX.getPosArrayOfChildren_AtObj(w,0);if(r.length!=2){throw"malformed format: SEQUENCE(0).items != 2: "+r.length}s.ciphertext=ASN1HEX.getHexOfV_AtObj(w,r[1]);var y=ASN1HEX.getPosArrayOfChildren_AtObj(w,r[0]);if(y.length!=2){throw"malformed format: SEQUENCE(0.0).items != 2: "+y.length}if(ASN1HEX.getHexOfV_AtObj(w,y[0])!="2a864886f70d01050d"){throw"this only supports pkcs5PBES2"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(w,y[1]);if(y.length!=2){throw"malformed format: SEQUENCE(0.0.1).items != 2: "+p.length}var q=ASN1HEX.getPosArrayOfChildren_AtObj(w,p[1]);if(q.length!=2){throw"malformed format: SEQUENCE(0.0.1.1).items != 2: "+q.length}if(ASN1HEX.getHexOfV_AtObj(w,q[0])!="2a864886f70d0307"){throw"this only supports TripleDES"}s.encryptionSchemeAlg="TripleDES";s.encryptionSchemeIV=ASN1HEX.getHexOfV_AtObj(w,q[1]);var t=ASN1HEX.getPosArrayOfChildren_AtObj(w,p[0]);if(t.length!=2){throw"malformed format: SEQUENCE(0.0.1.0).items != 2: "+t.length}if(ASN1HEX.getHexOfV_AtObj(w,t[0])!="2a864886f70d01050c"){throw"this only supports pkcs5PBKDF2"}var x=ASN1HEX.getPosArrayOfChildren_AtObj(w,t[1]);if(x.length<2){throw"malformed format: SEQUENCE(0.0.1.0.1).items < 2: "+x.length}s.pbkdf2Salt=ASN1HEX.getHexOfV_AtObj(w,x[0]);var u=ASN1HEX.getHexOfV_AtObj(w,x[1]);try{s.pbkdf2Iter=parseInt(u,16)}catch(v){throw"malformed format pbkdf2Iter: "+u}return s},getPBKDF2KeyHexFromParam:function(u,p){var t=CryptoJS.enc.Hex.parse(u.pbkdf2Salt);var q=u.pbkdf2Iter;var s=CryptoJS.PBKDF2(p,t,{keySize:192/32,iterations:q});var r=CryptoJS.enc.Hex.stringify(s);return r},getPlainPKCS8HexFromEncryptedPKCS8PEM:function(x,y){var r=this.getHexFromPEM(x,"ENCRYPTED PRIVATE KEY");var p=this.parseHexOfEncryptedPKCS8(r);var u=KEYUTIL.getPBKDF2KeyHexFromParam(p,y);var v={};v.ciphertext=CryptoJS.enc.Hex.parse(p.ciphertext);var t=CryptoJS.enc.Hex.parse(u);var s=CryptoJS.enc.Hex.parse(p.encryptionSchemeIV);var w=CryptoJS.TripleDES.decrypt(v,t,{iv:s});var q=CryptoJS.enc.Hex.stringify(w);return q},getRSAKeyFromEncryptedPKCS8PEM:function(s,r){var q=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(s,r);var p=this.getRSAKeyFromPlainPKCS8Hex(q);return p},getKeyFromEncryptedPKCS8PEM:function(s,q){var p=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(s,q);var r=this.getKeyFromPlainPrivatePKCS8Hex(p);return r},parsePlainPrivatePKCS8Hex:function(s){var q={};q.algparam=null;if(s.substr(0,2)!="30"){throw"malformed plain PKCS8 private key(code:001)"}var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=3){throw"malformed plain PKCS8 private key(code:002)"}if(s.substr(r[1],2)!="30"){throw"malformed PKCS8 private key(code:003)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(s,r[1]);if(p.length!=2){throw"malformed PKCS8 private key(code:004)"}if(s.substr(p[0],2)!="06"){throw"malformed PKCS8 private key(code:005)"}q.algoid=ASN1HEX.getHexOfV_AtObj(s,p[0]);if(s.substr(p[1],2)=="06"){q.algparam=ASN1HEX.getHexOfV_AtObj(s,p[1])}if(s.substr(r[2],2)!="04"){throw"malformed PKCS8 private key(code:006)"}q.keyidx=ASN1HEX.getStartPosOfV_AtObj(s,r[2]);return q},getKeyFromPlainPrivatePKCS8PEM:function(q){var p=this.getHexFromPEM(q,"PRIVATE KEY");var r=this.getKeyFromPlainPrivatePKCS8Hex(p);return r},getKeyFromPlainPrivatePKCS8Hex:function(p){var w=this.parsePlainPrivatePKCS8Hex(p);if(w.algoid=="2a864886f70d010101"){this.parsePrivateRawRSAKeyHexAtObj(p,w);var u=w.key;var z=new RSAKey();z.setPrivateEx(u.n,u.e,u.d,u.p,u.q,u.dp,u.dq,u.co);return z}else{if(w.algoid=="2a8648ce3d0201"){this.parsePrivateRawECKeyHexAtObj(p,w);if(KJUR.crypto.OID.oidhex2name[w.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+w.algparam}var v=KJUR.crypto.OID.oidhex2name[w.algparam];var z=new KJUR.crypto.ECDSA({curve:v});z.setPublicKeyHex(w.pubkey);z.setPrivateKeyHex(w.key);z.isPublic=false;return z}else{if(w.algoid=="2a8648ce380401"){var t=ASN1HEX.getVbyList(p,0,[1,1,0],"02");var s=ASN1HEX.getVbyList(p,0,[1,1,1],"02");var y=ASN1HEX.getVbyList(p,0,[1,1,2],"02");var B=ASN1HEX.getVbyList(p,0,[2,0],"02");var r=new BigInteger(t,16);var q=new BigInteger(s,16);var x=new BigInteger(y,16);var A=new BigInteger(B,16);var z=new KJUR.crypto.DSA();z.setPrivate(r,q,x,null,A);return z}else{throw"unsupported private key algorithm"}}}},getRSAKeyFromPublicPKCS8PEM:function(q){var r=this.getHexFromPEM(q,"PUBLIC KEY");var p=this.getRSAKeyFromPublicPKCS8Hex(r);return p},getKeyFromPublicPKCS8PEM:function(q){var r=this.getHexFromPEM(q,"PUBLIC KEY");var p=this.getKeyFromPublicPKCS8Hex(r);return p},getKeyFromPublicPKCS8Hex:function(q){var p=this.parsePublicPKCS8Hex(q);if(p.algoid=="2a864886f70d010101"){var u=this.parsePublicRawRSAKeyHex(p.key);var r=new RSAKey();r.setPublic(u.n,u.e);return r}else{if(p.algoid=="2a8648ce3d0201"){if(KJUR.crypto.OID.oidhex2name[p.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+p.algparam}var s=KJUR.crypto.OID.oidhex2name[p.algparam];var r=new KJUR.crypto.ECDSA({curve:s,pub:p.key});return r}else{if(p.algoid=="2a8648ce380401"){var t=p.algparam;var v=ASN1HEX.getHexOfV_AtObj(p.key,0);var r=new KJUR.crypto.DSA();r.setPublic(new BigInteger(t.p,16),new BigInteger(t.q,16),new BigInteger(t.g,16),new BigInteger(v,16));return r}else{throw"unsupported public key algorithm"}}}},parsePublicRawRSAKeyHex:function(r){var p={};if(r.substr(0,2)!="30"){throw"malformed RSA key(code:001)"}var q=ASN1HEX.getPosArrayOfChildren_AtObj(r,0);if(q.length!=2){throw"malformed RSA key(code:002)"}if(r.substr(q[0],2)!="02"){throw"malformed RSA key(code:003)"}p.n=ASN1HEX.getHexOfV_AtObj(r,q[0]);if(r.substr(q[1],2)!="02"){throw"malformed RSA key(code:004)"}p.e=ASN1HEX.getHexOfV_AtObj(r,q[1]);return p},parsePrivateRawRSAKeyHexAtObj:function(q,s){var r=s.keyidx;if(q.substr(r,2)!="30"){throw"malformed RSA private key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,r);if(p.length!=9){throw"malformed RSA private key(code:002)"}s.key={};s.key.n=ASN1HEX.getHexOfV_AtObj(q,p[1]);s.key.e=ASN1HEX.getHexOfV_AtObj(q,p[2]);s.key.d=ASN1HEX.getHexOfV_AtObj(q,p[3]);s.key.p=ASN1HEX.getHexOfV_AtObj(q,p[4]);s.key.q=ASN1HEX.getHexOfV_AtObj(q,p[5]);s.key.dp=ASN1HEX.getHexOfV_AtObj(q,p[6]);s.key.dq=ASN1HEX.getHexOfV_AtObj(q,p[7]);s.key.co=ASN1HEX.getHexOfV_AtObj(q,p[8])},parsePrivateRawECKeyHexAtObj:function(p,t){var q=t.keyidx;var r=ASN1HEX.getVbyList(p,q,[1],"04");var s=ASN1HEX.getVbyList(p,q,[2,0],"03").substr(2);t.key=r;t.pubkey=s},parsePublicPKCS8Hex:function(s){var q={};q.algparam=null;var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=2){throw"outer DERSequence shall have 2 elements: "+r.length}var t=r[0];if(s.substr(t,2)!="30"){throw"malformed PKCS8 public key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(s,t);if(p.length!=2){throw"malformed PKCS8 public key(code:002)"}if(s.substr(p[0],2)!="06"){throw"malformed PKCS8 public key(code:003)"}q.algoid=ASN1HEX.getHexOfV_AtObj(s,p[0]);if(s.substr(p[1],2)=="06"){q.algparam=ASN1HEX.getHexOfV_AtObj(s,p[1])}else{if(s.substr(p[1],2)=="30"){q.algparam={};q.algparam.p=ASN1HEX.getVbyList(s,p[1],[0],"02");q.algparam.q=ASN1HEX.getVbyList(s,p[1],[1],"02");q.algparam.g=ASN1HEX.getVbyList(s,p[1],[2],"02")}}if(s.substr(r[1],2)!="03"){throw"malformed PKCS8 public key(code:004)"}q.key=ASN1HEX.getHexOfV_AtObj(s,r[1]).substr(2);return q},getRSAKeyFromPublicPKCS8Hex:function(t){var s=ASN1HEX.getPosArrayOfChildren_AtObj(t,0);if(s.length!=2){throw"outer DERSequence shall have 2 elements: "+s.length}var r=ASN1HEX.getHexOfTLV_AtObj(t,s[0]);if(r!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmId is not rsaEncryption"}if(t.substr(s[1],2)!="03"){throw"PKCS8 Public Key is not BITSTRING encapslated."}var v=ASN1HEX.getStartPosOfV_AtObj(t,s[1])+2;if(t.substr(v,2)!="30"){throw"PKCS8 Public Key is not SEQUENCE."}var p=ASN1HEX.getPosArrayOfChildren_AtObj(t,v);if(p.length!=2){throw"inner DERSequence shall have 2 elements: "+p.length}if(t.substr(p[0],2)!="02"){throw"N is not ASN.1 INTEGER"}if(t.substr(p[1],2)!="02"){throw"E is not ASN.1 INTEGER"}var w=ASN1HEX.getHexOfV_AtObj(t,p[0]);var u=ASN1HEX.getHexOfV_AtObj(t,p[1]);var q=new RSAKey();q.setPublic(w,u);return q},}}();KEYUTIL.getKey=function(f,e,h){if(typeof RSAKey!="undefined"&&f instanceof RSAKey){return f}if(typeof KJUR.crypto.ECDSA!="undefined"&&f instanceof KJUR.crypto.ECDSA){return f}if(typeof KJUR.crypto.DSA!="undefined"&&f instanceof KJUR.crypto.DSA){return f}if(f.curve!==undefined&&f.xy!==undefined&&f.d===undefined){return new KJUR.crypto.ECDSA({pub:f.xy,curve:f.curve})}if(f.curve!==undefined&&f.d!==undefined){return new KJUR.crypto.ECDSA({prv:f.d,curve:f.curve})}if(f.kty===undefined&&f.n!==undefined&&f.e!==undefined&&f.d===undefined){var w=new RSAKey();w.setPublic(f.n,f.e);return w}if(f.kty===undefined&&f.n!==undefined&&f.e!==undefined&&f.d!==undefined&&f.p!==undefined&&f.q!==undefined&&f.dp!==undefined&&f.dq!==undefined&&f.co!==undefined&&f.qi===undefined){var w=new RSAKey();w.setPrivateEx(f.n,f.e,f.d,f.p,f.q,f.dp,f.dq,f.co);return w}if(f.kty===undefined&&f.n!==undefined&&f.e!==undefined&&f.d!==undefined&&f.p===undefined){var w=new RSAKey();w.setPrivate(f.n,f.e,f.d);return w}if(f.p!==undefined&&f.q!==undefined&&f.g!==undefined&&f.y!==undefined&&f.x===undefined){var w=new KJUR.crypto.DSA();w.setPublic(f.p,f.q,f.g,f.y);return w}if(f.p!==undefined&&f.q!==undefined&&f.g!==undefined&&f.y!==undefined&&f.x!==undefined){var w=new KJUR.crypto.DSA();w.setPrivate(f.p,f.q,f.g,f.y,f.x);return w}if(f.kty==="RSA"&&f.n!==undefined&&f.e!==undefined&&f.d===undefined){var w=new RSAKey();w.setPublic(b64utohex(f.n),b64utohex(f.e));return w}if(f.kty==="RSA"&&f.n!==undefined&&f.e!==undefined&&f.d!==undefined&&f.p!==undefined&&f.q!==undefined&&f.dp!==undefined&&f.dq!==undefined&&f.qi!==undefined){var w=new RSAKey();w.setPrivateEx(b64utohex(f.n),b64utohex(f.e),b64utohex(f.d),b64utohex(f.p),b64utohex(f.q),b64utohex(f.dp),b64utohex(f.dq),b64utohex(f.qi));return w}if(f.kty==="RSA"&&f.n!==undefined&&f.e!==undefined&&f.d!==undefined){var w=new RSAKey();w.setPrivate(b64utohex(f.n),b64utohex(f.e),b64utohex(f.d));return w}if(f.kty==="EC"&&f.crv!==undefined&&f.x!==undefined&&f.y!==undefined&&f.d===undefined){var d=new KJUR.crypto.ECDSA({curve:f.crv});var l=d.ecparams.keylen/4;var r=("0000000000"+b64utohex(f.x)).slice(-l);var n=("0000000000"+b64utohex(f.y)).slice(-l);var m="04"+r+n;d.setPublicKeyHex(m);return d}if(f.kty==="EC"&&f.crv!==undefined&&f.x!==undefined&&f.y!==undefined&&f.d!==undefined){var d=new KJUR.crypto.ECDSA({curve:f.crv});var l=d.ecparams.keylen/4;var r=("0000000000"+b64utohex(f.x)).slice(-l);var n=("0000000000"+b64utohex(f.y)).slice(-l);var m="04"+r+n;var a=("0000000000"+b64utohex(f.d)).slice(-l);d.setPublicKeyHex(m);d.setPrivateKeyHex(a);return d}if(f.indexOf("-END CERTIFICATE-",0)!=-1||f.indexOf("-END X509 CERTIFICATE-",0)!=-1||f.indexOf("-END TRUSTED CERTIFICATE-",0)!=-1){return X509.getPublicKeyFromCertPEM(f)}if(h==="pkcs8pub"){return KEYUTIL.getKeyFromPublicPKCS8Hex(f)}if(f.indexOf("-END PUBLIC KEY-")!=-1){return KEYUTIL.getKeyFromPublicPKCS8PEM(f)}if(h==="pkcs5prv"){var w=new RSAKey();w.readPrivateKeyFromASN1HexString(f);return w}if(h==="pkcs5prv"){var w=new RSAKey();w.readPrivateKeyFromASN1HexString(f);return w}if(f.indexOf("-END RSA PRIVATE KEY-")!=-1&&f.indexOf("4,ENCRYPTED")==-1){var i=KEYUTIL.getHexFromPEM(f,"RSA PRIVATE KEY");return KEYUTIL.getKey(i,null,"pkcs5prv")}if(f.indexOf("-END DSA PRIVATE KEY-")!=-1&&f.indexOf("4,ENCRYPTED")==-1){var u=this.getHexFromPEM(f,"DSA PRIVATE KEY");var t=ASN1HEX.getVbyList(u,0,[1],"02");var s=ASN1HEX.getVbyList(u,0,[2],"02");var v=ASN1HEX.getVbyList(u,0,[3],"02");var j=ASN1HEX.getVbyList(u,0,[4],"02");var k=ASN1HEX.getVbyList(u,0,[5],"02");var w=new KJUR.crypto.DSA();w.setPrivate(new BigInteger(t,16),new BigInteger(s,16),new BigInteger(v,16),new BigInteger(j,16),new BigInteger(k,16));return w}if(f.indexOf("-END PRIVATE KEY-")!=-1){return KEYUTIL.getKeyFromPlainPrivatePKCS8PEM(f)}if(f.indexOf("-END RSA PRIVATE KEY-")!=-1&&f.indexOf("4,ENCRYPTED")!=-1){return KEYUTIL.getRSAKeyFromEncryptedPKCS5PEM(f,e)}if(f.indexOf("-END EC PRIVATE KEY-")!=-1&&f.indexOf("4,ENCRYPTED")!=-1){var u=KEYUTIL.getDecryptedKeyHex(f,e);var w=ASN1HEX.getVbyList(u,0,[1],"04");var c=ASN1HEX.getVbyList(u,0,[2,0],"06");var o=ASN1HEX.getVbyList(u,0,[3,0],"03").substr(2);var b="";if(KJUR.crypto.OID.oidhex2name[c]!==undefined){b=KJUR.crypto.OID.oidhex2name[c]}else{throw"undefined OID(hex) in KJUR.crypto.OID: "+c}var d=new KJUR.crypto.ECDSA({name:b});d.setPublicKeyHex(o);d.setPrivateKeyHex(w);d.isPublic=false;return d}if(f.indexOf("-END DSA PRIVATE KEY-")!=-1&&f.indexOf("4,ENCRYPTED")!=-1){var u=KEYUTIL.getDecryptedKeyHex(f,e);var t=ASN1HEX.getVbyList(u,0,[1],"02");var s=ASN1HEX.getVbyList(u,0,[2],"02");var v=ASN1HEX.getVbyList(u,0,[3],"02");var j=ASN1HEX.getVbyList(u,0,[4],"02");var k=ASN1HEX.getVbyList(u,0,[5],"02");var w=new KJUR.crypto.DSA();w.setPrivate(new BigInteger(t,16),new BigInteger(s,16),new BigInteger(v,16),new BigInteger(j,16),new BigInteger(k,16));return w}if(f.indexOf("-END ENCRYPTED PRIVATE KEY-")!=-1){return KEYUTIL.getKeyFromEncryptedPKCS8PEM(f,e)}throw"not supported argument"};KEYUTIL.generateKeypair=function(a,c){if(a=="RSA"){var b=c;var h=new RSAKey();h.generate(b,"10001");h.isPrivate=true;h.isPublic=true;var f=new RSAKey();var e=h.n.toString(16);var i=h.e.toString(16);f.setPublic(e,i);f.isPrivate=false;f.isPublic=true;var k={};k.prvKeyObj=h;k.pubKeyObj=f;return k}else{if(a=="EC"){var d=c;var g=new KJUR.crypto.ECDSA({curve:d});var j=g.generateKeyPairHex();var h=new KJUR.crypto.ECDSA({curve:d});h.setPublicKeyHex(j.ecpubhex);h.setPrivateKeyHex(j.ecprvhex);h.isPrivate=true;h.isPublic=false;var f=new KJUR.crypto.ECDSA({curve:d});f.setPublicKeyHex(j.ecpubhex);f.isPrivate=false;f.isPublic=true;var k={};k.prvKeyObj=h;k.pubKeyObj=f;return k}else{throw"unknown algorithm: "+a}}};KEYUTIL.getPEM=function(a,r,o,g,j){var v=KJUR.asn1;var u=KJUR.crypto;function p(s){var w=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{"int":{bigint:s.n}},{"int":s.e},{"int":{bigint:s.d}},{"int":{bigint:s.p}},{"int":{bigint:s.q}},{"int":{bigint:s.dmp1}},{"int":{bigint:s.dmq1}},{"int":{bigint:s.coeff}}]});return w}function q(w){var s=KJUR.asn1.ASN1Util.newObject({seq:[{"int":1},{octstr:{hex:w.prvKeyHex}},{tag:["a0",true,{oid:{name:w.curveName}}]},{tag:["a1",true,{bitstr:{hex:"00"+w.pubKeyHex}}]}]});return s}function n(s){var w=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{"int":{bigint:s.p}},{"int":{bigint:s.q}},{"int":{bigint:s.g}},{"int":{bigint:s.y}},{"int":{bigint:s.x}}]});return w}if(((typeof RSAKey!="undefined"&&a instanceof RSAKey)||(typeof u.DSA!="undefined"&&a instanceof u.DSA)||(typeof u.ECDSA!="undefined"&&a instanceof u.ECDSA))&&a.isPublic==true&&(r===undefined||r=="PKCS8PUB")){var t=new KJUR.asn1.x509.SubjectPublicKeyInfo(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"PUBLIC KEY")}if(r=="PKCS1PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&(o===undefined||o==null)&&a.isPrivate==true){var t=p(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"RSA PRIVATE KEY")}if(r=="PKCS1PRV"&&typeof RSAKey!="undefined"&&a instanceof KJUR.crypto.ECDSA&&(o===undefined||o==null)&&a.isPrivate==true){var f=new KJUR.asn1.DERObjectIdentifier({name:a.curveName});var l=f.getEncodedHex();var e=q(a);var k=e.getEncodedHex();var i="";i+=v.ASN1Util.getPEMStringFromHex(l,"EC PARAMETERS");i+=v.ASN1Util.getPEMStringFromHex(k,"EC PRIVATE KEY");return i}if(r=="PKCS1PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&(o===undefined||o==null)&&a.isPrivate==true){var t=n(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"DSA PRIVATE KEY")}if(r=="PKCS5PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=p(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA",m,o,g)}if(r=="PKCS5PRV"&&typeof KJUR.crypto.ECDSA!="undefined"&&a instanceof KJUR.crypto.ECDSA&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=q(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("EC",m,o,g)}if(r=="PKCS5PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=n(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("DSA",m,o,g)}var h=function(w,s){var y=b(w,s);var x=new KJUR.asn1.ASN1Util.newObject({seq:[{seq:[{oid:{name:"pkcs5PBES2"}},{seq:[{seq:[{oid:{name:"pkcs5PBKDF2"}},{seq:[{octstr:{hex:y.pbkdf2Salt}},{"int":y.pbkdf2Iter}]}]},{seq:[{oid:{name:"des-EDE3-CBC"}},{octstr:{hex:y.encryptionSchemeIV}}]}]}]},{octstr:{hex:y.ciphertext}}]});return x.getEncodedHex()};var b=function(D,E){var x=100;var C=CryptoJS.lib.WordArray.random(8);var B="DES-EDE3-CBC";var s=CryptoJS.lib.WordArray.random(8);var y=CryptoJS.PBKDF2(E,C,{keySize:192/32,iterations:x});var z=CryptoJS.enc.Hex.parse(D);var A=CryptoJS.TripleDES.encrypt(z,y,{iv:s})+"";var w={};w.ciphertext=A;w.pbkdf2Salt=CryptoJS.enc.Hex.stringify(C);w.pbkdf2Iter=x;w.encryptionSchemeAlg=B;w.encryptionSchemeIV=CryptoJS.enc.Hex.stringify(s);return w};if(r=="PKCS8PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&a.isPrivate==true){var d=p(a);var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"rsaEncryption"}},{"null":true}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}if(r=="PKCS8PRV"&&typeof KJUR.crypto.ECDSA!="undefined"&&a instanceof KJUR.crypto.ECDSA&&a.isPrivate==true){var d=new KJUR.asn1.ASN1Util.newObject({seq:[{"int":1},{octstr:{hex:a.prvKeyHex}},{tag:["a1",true,{bitstr:{hex:"00"+a.pubKeyHex}}]}]});var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"ecPublicKey"}},{oid:{name:a.curveName}}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}if(r=="PKCS8PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&a.isPrivate==true){var d=new KJUR.asn1.DERInteger({bigint:a.x});var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"dsa"}},{seq:[{"int":{bigint:a.p}},{"int":{bigint:a.q}},{"int":{bigint:a.g}}]}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}throw"unsupported object nor format"};KEYUTIL.getKeyFromCSRPEM=function(b){var a=KEYUTIL.getHexFromPEM(b,"CERTIFICATE REQUEST");var c=KEYUTIL.getKeyFromCSRHex(a);return c};KEYUTIL.getKeyFromCSRHex=function(a){var c=KEYUTIL.parseCSRHex(a);var b=KEYUTIL.getKey(c.p8pubkeyhex,null,"pkcs8pub");return b};KEYUTIL.parseCSRHex=function(c){var b={};var e=c;if(e.substr(0,2)!="30"){throw"malformed CSR(code:001)"}var d=ASN1HEX.getPosArrayOfChildren_AtObj(e,0);if(d.length<1){throw"malformed CSR(code:002)"}if(e.substr(d[0],2)!="30"){throw"malformed CSR(code:003)"}var a=ASN1HEX.getPosArrayOfChildren_AtObj(e,d[0]);if(a.length<3){throw"malformed CSR(code:004)"}b.p8pubkeyhex=ASN1HEX.getHexOfTLV_AtObj(e,a[2]);return b};KEYUTIL.getJWKFromKey=function(d){var b={};if(d instanceof RSAKey&&d.isPrivate){b.kty="RSA";b.n=hextob64u(d.n.toString(16));b.e=hextob64u(d.e.toString(16));b.d=hextob64u(d.d.toString(16));b.p=hextob64u(d.p.toString(16));b.q=hextob64u(d.q.toString(16));b.dp=hextob64u(d.dmp1.toString(16));b.dq=hextob64u(d.dmq1.toString(16));b.qi=hextob64u(d.coeff.toString(16));return b}else{if(d instanceof RSAKey&&d.isPublic){b.kty="RSA";b.n=hextob64u(d.n.toString(16));b.e=hextob64u(d.e.toString(16));return b}else{if(d instanceof KJUR.crypto.ECDSA&&d.isPrivate){var a=d.getShortNISTPCurveName();if(a!=="P-256"&&a!=="P-384"){throw"unsupported curve name for JWT: "+a}var c=d.getPublicKeyXYHex();b.kty="EC";b.crv=a;b.x=hextob64u(c.x);b.y=hextob64u(c.y);b.d=hextob64u(d.prvKeyHex);return b}else{if(d instanceof KJUR.crypto.ECDSA&&d.isPublic){var a=d.getShortNISTPCurveName();if(a!=="P-256"&&a!=="P-384"){throw"unsupported curve name for JWT: "+a}var c=d.getPublicKeyXYHex();b.kty="EC";b.crv=a;b.x=hextob64u(c.x);b.y=hextob64u(c.y);return b}}}}throw"not supported key object"}; diff --git a/npm/package.json b/npm/package.json index 79d08894..1aea316e 100755 --- a/npm/package.json +++ b/npm/package.json @@ -1,6 +1,6 @@ { "name": "jsrsasign", - "version": "6.2.3", + "version": "7.0.0", "description": "opensource free pure JavaScript cryptographic library supports RSA/RSAPSS/ECDSA/DSA signing/validation, ASN.1, PKCS#1/5/8 private/public key, X.509 certificate, CRL, OCSP, CMS SignedData, TimeStamp and CAdES and JSON Web Signature(JWS)/Token(JWT)/Key(JWK).", "main": "lib/jsrsasign.js", "scripts": { diff --git a/test/index.html b/test/index.html index ec2f861e..d3d41772 100755 --- a/test/index.html +++ b/test/index.html @@ -3,6 +3,7 @@ jsrsasign QUnit test code index + diff --git a/test/qunit-do-asn1cades.html b/test/qunit-do-asn1cades.html index 1a215ec3..c22beb9b 100755 --- a/test/qunit-do-asn1cades.html +++ b/test/qunit-do-asn1cades.html @@ -4,6 +4,7 @@ QUnit for ASN1 Encoder Class 'asn1cades.js' + @@ -27,6 +28,8 @@ + + diff --git a/test/qunit-do-asn1cms.html b/test/qunit-do-asn1cms.html index 9f7e4fed..0d3cc5f3 100755 --- a/test/qunit-do-asn1cms.html +++ b/test/qunit-do-asn1cms.html @@ -4,6 +4,7 @@ QUnit for ASN1 Encoder Class 'asn1cms.js' + @@ -28,6 +29,8 @@ + + diff --git a/test/qunit-do-asn1csr.html b/test/qunit-do-asn1csr.html index c23f2bec..4ca8f3ae 100755 --- a/test/qunit-do-asn1csr.html +++ b/test/qunit-do-asn1csr.html @@ -48,8 +48,7 @@ - - + diff --git a/test/qunit-do-crypto-mac.html b/test/qunit-do-crypto-mac.html index 22f11937..f2a9e48c 100755 --- a/test/qunit-do-crypto-mac.html +++ b/test/qunit-do-crypto-mac.html @@ -3,6 +3,7 @@ QUnit for Cryptographic Provider Class 'crypto.js' HMAC test + @@ -24,9 +25,12 @@ - + + + + @@ -24,9 +25,12 @@ - + + + + diff --git a/test/qunit-do-crypto-pss.html b/test/qunit-do-crypto-pss.html index d489381c..15564956 100755 --- a/test/qunit-do-crypto-pss.html +++ b/test/qunit-do-crypto-pss.html @@ -3,6 +3,7 @@ QUnit for RSAKey signing add-on 'rsa-sign.js of RSAPSS signature' + diff --git a/test/qunit-do-crypto-sigini.html b/test/qunit-do-crypto-sigini.html index 8cb895df..4a56cf95 100755 --- a/test/qunit-do-crypto-sigini.html +++ b/test/qunit-do-crypto-sigini.html @@ -3,6 +3,7 @@ QUnit for Signature.init() of 'crypto.js' + @@ -42,7 +43,7 @@ - + diff --git a/test/qunit-do-crypto-siginidsa.html b/test/qunit-do-crypto-siginidsa.html index 75064e2d..6a5bc1c5 100755 --- a/test/qunit-do-crypto-siginidsa.html +++ b/test/qunit-do-crypto-siginidsa.html @@ -2,7 +2,8 @@ "http://www.w3.org/TR/html4/loose.dtd"> -QUnit for DSA Signature.init() of 'crypto.js' +QUnit for DSA Signature.init() of 'crypto.js' with 'dsa-2.0.js' or later + @@ -44,7 +45,7 @@ - + @@ -33,6 +33,7 @@ + @@ -44,6 +45,7 @@ + + - - + diff --git a/test/qunit-do-keyutil-dsa.html b/test/qunit-do-keyutil-dsa.html index 46da168f..a1692016 100755 --- a/test/qunit-do-keyutil-dsa.html +++ b/test/qunit-do-keyutil-dsa.html @@ -3,6 +3,7 @@ QUnit for KEYUTIL private key reader 'keyutil.js' + @@ -47,7 +48,7 @@ - + diff --git a/test/qunit-do-keyutil-eprv.html b/test/qunit-do-keyutil-eprv.html index 91eb08cf..6cd54ce4 100755 --- a/test/qunit-do-keyutil-eprv.html +++ b/test/qunit-do-keyutil-eprv.html @@ -3,6 +3,7 @@ QUnit test for encrypted PKCS8 private key loading of 'keyutil.js' + diff --git a/test/qunit-do-keyutil-gen.html b/test/qunit-do-keyutil-gen.html index 628b3559..c4359980 100755 --- a/test/qunit-do-keyutil-gen.html +++ b/test/qunit-do-keyutil-gen.html @@ -3,6 +3,7 @@ QUnit for KEYUTIL keypair generator 'keyutil.js' + diff --git a/test/qunit-do-keyutil-getkey.html b/test/qunit-do-keyutil-getkey.html index a8fbc72a..b7513eb7 100644 --- a/test/qunit-do-keyutil-getkey.html +++ b/test/qunit-do-keyutil-getkey.html @@ -3,6 +3,7 @@ QUnit for KEYUTIL Class 'keyutil.js' + diff --git a/test/qunit-do-keyutil-getpem.html b/test/qunit-do-keyutil-getpem.html index 929c02fd..efab5fe3 100755 --- a/test/qunit-do-keyutil-getpem.html +++ b/test/qunit-do-keyutil-getpem.html @@ -3,6 +3,7 @@ QUnit test for getPEM method 'keyutil.js' + @@ -46,7 +47,7 @@ - + diff --git a/test/qunit-do-keyutil-pub.html b/test/qunit-do-keyutil-pub.html index a74922f9..ebdac0f1 100755 --- a/test/qunit-do-keyutil-pub.html +++ b/test/qunit-do-keyutil-pub.html @@ -3,6 +3,7 @@ QUnit for PKCS5 RSA key reader 'keyutil.js' for RSA public key + diff --git a/test/qunit-do-keyutil.html b/test/qunit-do-keyutil.html index 7d1ecacd..3ad4a9a4 100755 --- a/test/qunit-do-keyutil.html +++ b/test/qunit-do-keyutil.html @@ -3,6 +3,7 @@ QUnit for KEYUTIL private key reader 'keyutil.js' + diff --git a/test/qunit-do-pkcs5-eprv.html b/test/qunit-do-pkcs5-eprv.html index 67b9139d..9c8e2281 100755 --- a/test/qunit-do-pkcs5-eprv.html +++ b/test/qunit-do-pkcs5-eprv.html @@ -3,6 +3,7 @@ QUnit test for encrypted PKCS8 private key loading of 'pkcs5pkey.js' + diff --git a/test/qunit-do-pkcs5-pub.html b/test/qunit-do-pkcs5-pub.html index 9c745bbd..5d3e4a13 100755 --- a/test/qunit-do-pkcs5-pub.html +++ b/test/qunit-do-pkcs5-pub.html @@ -3,6 +3,7 @@ QUnit for PKCS5 RSA key reader 'pkcs5pkey.js' for RSA public key + diff --git a/test/qunit-do-pkcs5.html b/test/qunit-do-pkcs5.html index d8b20a81..844aef96 100755 --- a/test/qunit-do-pkcs5.html +++ b/test/qunit-do-pkcs5.html @@ -3,6 +3,7 @@ QUnit for PKCS5 private key reader 'pkcs5pkey.js' + diff --git a/test/qunit-do-rsapem.html b/test/qunit-do-rsapem.html index d2d8763b..7fec6a6e 100755 --- a/test/qunit-do-rsapem.html +++ b/test/qunit-do-rsapem.html @@ -3,6 +3,7 @@ QUnit for RSAKey key-reading add-on 'rsa-pem.js' + diff --git a/test/qunit-do-rsasign-pss.html b/test/qunit-do-rsasign-pss.html index 7a1b42e2..76007ba6 100755 --- a/test/qunit-do-rsasign-pss.html +++ b/test/qunit-do-rsasign-pss.html @@ -3,6 +3,7 @@ QUnit for RSAKey signing add-on 'rsa-sign.js of RSAPSS signature' + diff --git a/test/qunit-do-rsasign.html b/test/qunit-do-rsasign.html index b67f0a1e..5aa5ff55 100755 --- a/test/qunit-do-rsasign.html +++ b/test/qunit-do-rsasign.html @@ -3,6 +3,7 @@ QUnit for RSAKey signing add-on 'rsa-sign.js' + diff --git a/test/qunit-do-x509-ext.html b/test/qunit-do-x509-ext.html index 91c1798d..f7af5eaf 100755 --- a/test/qunit-do-x509-ext.html +++ b/test/qunit-do-x509-ext.html @@ -3,6 +3,7 @@ QUnit for X.509 Certificate 'x509.js' + @@ -26,6 +27,8 @@ + + diff --git a/test/qunit-do-x509-getinfo.html b/test/qunit-do-x509-getinfo.html index af546101..740e9154 100644 --- a/test/qunit-do-x509-getinfo.html +++ b/test/qunit-do-x509-getinfo.html @@ -3,6 +3,7 @@ QUnit for X509.getInfo() test in 'x509.js' + @@ -26,6 +27,8 @@ + + diff --git a/test/qunit-do-x509-hex2dn.html b/test/qunit-do-x509-hex2dn.html index 6855f904..7da89993 100644 --- a/test/qunit-do-x509-hex2dn.html +++ b/test/qunit-do-x509-hex2dn.html @@ -3,6 +3,7 @@ QUnit for 'x509' hex2dn, hex2rdn + diff --git a/test/qunit-do-x509-key.html b/test/qunit-do-x509-key.html index 9b89d473..82f73a62 100755 --- a/test/qunit-do-x509-key.html +++ b/test/qunit-do-x509-key.html @@ -3,6 +3,7 @@ QUnit for X.509 Certificate 'x509.js' + diff --git a/test/qunit-do-x509-kid.html b/test/qunit-do-x509-kid.html index 358916c1..c7dc8b34 100755 --- a/test/qunit-do-x509-kid.html +++ b/test/qunit-do-x509-kid.html @@ -3,6 +3,7 @@ QUnit for X.509 Certificate 'x509.js' + @@ -25,6 +26,8 @@ + + diff --git a/test/qunit-do-x509.html b/test/qunit-do-x509.html index ef88c300..736e22e4 100755 --- a/test/qunit-do-x509.html +++ b/test/qunit-do-x509.html @@ -3,6 +3,7 @@ QUnit for X.509 Certificate 'x509.js' + @@ -26,6 +27,8 @@ + +