Skip to content

Commit

Permalink
10.5.26 release
Browse files Browse the repository at this point in the history
  • Loading branch information
kjur committed Jul 14, 2022
1 parent 4536a6e commit 6513aca
Show file tree
Hide file tree
Showing 18 changed files with 405 additions and 160 deletions.
8 changes: 8 additions & 0 deletions ChangeLog.txt
Original file line number Diff line number Diff line change
@@ -1,6 +1,14 @@

ChangeLog for jsrsasign

CSRUtil class enhancement
* Changes from 10.5.25 to 10.5.26 (2022-Jul-14)
- src/asn1csr.js
- CSRUtil.verifySignature method added
- CSRUtil.getParam enhanced to support optional argument flagTBS
- test/qunit-do-asn1csr.html
- update some test cases for above

CVE-2022-25898 Security fix in JWS and JWT validation
* Changes from 10.5.24 to 10.5.25 (2022-Jun-23)
- src/jws.js
Expand Down
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ HIGHLIGHTS
- no dependency to other library
- no dependency to [W3C Web Cryptography API](https://www.w3.org/TR/WebCryptoAPI/) nor [OpenSSL](https://www.openssl.org/)
- no dependency on newer ECMAScirpt function. So old browsers also supported.
- very popular crypto library with [0.6M+ npm downloads/month](https://npm-stat.com/charts.html?package=jsrsasign&from=2016-05-01&to=2022-06-20)
- very popular crypto library with [0.6M+ npm downloads/month](https://npm-stat.com/charts.html?package=jsrsasign&from=2016-05-01&to=2022-07-07)

INSTALL
-------
Expand Down
2 changes: 1 addition & 1 deletion api/files.html
Original file line number Diff line number Diff line change
Expand Up @@ -586,7 +586,7 @@ <h2><a href="symbols/src/asn1csr-1.0.js.html">asn1csr-1.0.js</a></h2>


<dt class="heading">Version:</dt>
<dd>jsrsasign 10.5.16 asn1csr 2.0.5 (2022-Apr-08)</dd>
<dd>jsrsasign 10.5.26 asn1csr 2.0.6 (2022-Jul-14)</dd>



Expand Down
103 changes: 99 additions & 4 deletions api/symbols/KJUR.asn1.csr.CSRUtil.html
Original file line number Diff line number Diff line change
Expand Up @@ -584,7 +584,7 @@ <h1 class="classTitle">
<tr>
<td class="attributes">&lt;static&gt; &nbsp;</td>
<td class="nameDescription">
<div class="fixedFont">KJUR.asn1.csr.CSRUtil.<b><a href="../symbols/KJUR.asn1.csr.CSRUtil.html#.getParam">getParam</a></b>(sPEM)
<div class="fixedFont">KJUR.asn1.csr.CSRUtil.<b><a href="../symbols/KJUR.asn1.csr.CSRUtil.html#.getParam">getParam</a></b>(sPEM, flagTBS)
</div>
<div class="description">get field values from CSR/PKCS#10 PEM string<br/>
This method parses PEM CSR/PKCS#1 string and retrieves
Expand All @@ -602,6 +602,17 @@ <h1 class="classTitle">
</td>
</tr>

<tr>
<td class="attributes">&lt;static&gt; &nbsp;</td>
<td class="nameDescription">
<div class="fixedFont">KJUR.asn1.csr.CSRUtil.<b><a href="../symbols/KJUR.asn1.csr.CSRUtil.html#.verifySignature">verifySignature</a></b>(csr)
</div>
<div class="description">verify self-signed CSR/PKCS#10 signature<br/>
This method verifies self-signed signature of CSR/PKCS#10
with its public key which is concluded in the CSR.</div>
</td>
</tr>

</tbody>
</table>

Expand Down Expand Up @@ -661,7 +672,7 @@ <h1 class="classTitle">
<div class="fixedFont">&lt;static&gt;

<span class="light">{Array}</span>
<span class="light">KJUR.asn1.csr.CSRUtil.</span><b>getParam</b>(sPEM)
<span class="light">KJUR.asn1.csr.CSRUtil.</span><b>getParam</b>(sPEM, flagTBS)

</div>
<div class="description">
Expand All @@ -676,13 +687,17 @@ <h1 class="classTitle">
<li>{Array}extreq - array of extensionRequest parameters</li>
<li>{String}sigalg - name of signature algorithm field</li>
<li>{String}sighex - hexadecimal string of signature value</li>
<li>{String}tbs - a hexadecimal string of CertificationRequestInfo as to be signed(OPTION)</li>
</ul>
Returned JSON object can be passed to
<a href="../symbols/KJUR.asn1.csr.CertificationRequest.html">KJUR.asn1.csr.CertificationRequest</a> class constructor.
<br/>
CAUTION:
Returned JSON value format have been changed without
backward compatibility since jsrsasign 9.0.0 asn1csr 2.0.0.
<br/>
NOTE:
The "flagTBS" supported since jsrsasign 10.5.26.


</div>
Expand All @@ -697,7 +712,10 @@ <h1 class="classTitle">
extreq: [{extname:"subjectAltName",array:[{dns:"example.com"}]}]
sigalg: "SHA256withRSA",
sighex: "1ab3df.."
}</pre>
}

KJUR.asn1.csr.CSRUtil.getParam("-----BEGIN CERTIFICATE REQUEST...", true) &rarr;
result will also have a member "tbs" in the object.</pre>



Expand All @@ -706,11 +724,17 @@ <h1 class="classTitle">
<dt class="heading">Parameters:</dt>

<dt>
<span class="light fixedFont">{String}</span> <b>sPEM</b>
<span class="light fixedFont">{string}</span> <b>sPEM</b>

</dt>
<dd>PEM string of CSR/PKCS#10</dd>

<dt>
<span class="light fixedFont">{boolean}</span> <b>flagTBS</b>

</dt>
<dd>result object also concludes CertificationRequestInfo (OPTION, DEFAULT=false)</dd>

</dl>


Expand All @@ -737,6 +761,8 @@ <h1 class="classTitle">

<dd><a href="../symbols/KJUR.asn1.csr.CertificationRequest.html">KJUR.asn1.csr.CertificationRequest</a></dd>

<dd><a href="../symbols/KJUR.asn1.csr.CertificationRequestInfo.html">KJUR.asn1.csr.CertificationRequestInfo</a></dd>

<dd><a href="../symbols/KJUR.asn1.x509.X500Name.html">KJUR.asn1.x509.X500Name</a></dd>

<dd><a href="../symbols/X509.html#getExtParamArray">X509#getExtParamArray</a></dd>
Expand Down Expand Up @@ -836,6 +862,75 @@ <h1 class="classTitle">



<hr />

<a name=".verifySignature"> </a>
<div class="fixedFont">&lt;static&gt;

<span class="light">{boolean}</span>
<span class="light">KJUR.asn1.csr.CSRUtil.</span><b>verifySignature</b>(csr)

</div>
<div class="description">
verify self-signed CSR/PKCS#10 signature<br/>
This method verifies self-signed signature of CSR/PKCS#10
with its public key which is concluded in the CSR.


</div>



<pre class="code">KJUR.asn1.csr.CSRUtil.verifySignatrue("-----BEGIN CERTIFICATE REQUEST...") &rarr; true or false

p = KJUR.asn1.csr.CSRUtil.getParam("-----BEGIN CERTIFICATE REQUEST-----", true); // with tbs
KJUR.asn1.csr.CSRUtil.verifySignatrue(p) &rarr; true or false</pre>




<dl class="detailList">
<dt class="heading">Parameters:</dt>

<dt>
<span class="light fixedFont">{object}</span> <b>csr</b>

</dt>
<dd>PEM CSR string or parsed JSON object of CSR</dd>

</dl>



<dl class="detailList">
<dt class="heading">Since:</dt>
<dd>jsrsasign 10.5.26 asn1csr 2.0.6</dd>
</dl>
</dl>



<dl class="detailList">
<dt class="heading">Returns:</dt>

<dd><span class="light fixedFont">{boolean}</span> true if self-signed signature is valid otherwise false</dd>

</dl>



<dl class="detailList">
<dt class="heading">See:</dt>

<dd><a href="../symbols/KJUR.asn1.csr.CertificationRequest.html">KJUR.asn1.csr.CertificationRequest</a></dd>

<dd><a href="../symbols/KJUR.asn1.csr.CertificationRequestInfo.html">KJUR.asn1.csr.CertificationRequestInfo</a></dd>

<dd>KJUR.asn1.csr.CSRUtil#getParam</dd>

</dl>





Expand Down
Loading

0 comments on commit 6513aca

Please sign in to comment.