diff --git a/ChangeLog.txt b/ChangeLog.txt index 2beafccc..ae35a5d9 100755 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,6 +1,19 @@ ChangeLog for jsrsasign +* Changes between 4.8.0 to 4.8.1 + - keyutil 1.0.7 to 1.0.8 + - RFC 7517 JSON Web Key(JWK) support + for RSA/ECC private/public key added in KEYUTIL.getKey method + - ** 4.8.1 updated files + - ChangeLog.txt + - ecdsa-modified-1.0*.js (jsdoc fix) + - keyutil-1.0*.js + - base64x-1.1.js (b64utohex zero padding added) + - test/qunit-do-base64x.html + - test/qunit-do-keyutil-jwk.html + - test/qunit-do-keyutil-pairpem.html + * Changes between 4.7.2 to 4.8.0 (2015-Jun-01) - Now jsjws JSON Web Signtaure library is merged into jsrsasign. @@ -11,6 +24,8 @@ ChangeLog for jsrsasign - JWS.includedArray added - ChangeLogs for jws and jwsjs before jws 3.2.2 please see ChangeLog_jws322.txt + - asn1x509 1.0.11 to 1.0.12 + - subjectKeyIdentifier OID duplicate definition fix - JSON Web Token(JWT) full validation demo is available. - tool_jwt.html update to add 'aud' claim - ** 4.8.0 updated files diff --git a/api/files.html b/api/files.html index 3e7bd49c..4fc40e33 100755 --- a/api/files.html +++ b/api/files.html @@ -380,6 +380,8 @@

Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • @@ -517,8 +519,15 @@

    asn1x509-1.0.js

    base64x-1.1.js

    +
    +
    Author:
    +
    Kenji Urushima kenji.urushima@gmail.com
    + + +
    Version:
    +
    asn1 1.1.4 (2015-Jul-3)
    @@ -651,7 +660,7 @@

    keyutil-1.0.js

    Version:
    -
    keyutil 1.0.7 (2014-May-17)
    +
    keyutil 1.0.8 (2015-Jul-02)
    diff --git a/api/index.html b/api/index.html index b6d15548..9248d150 100755 --- a/api/index.html +++ b/api/index.html @@ -380,6 +380,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • @@ -982,6 +984,12 @@

    KJUR.crypto.Util

    +
    +

    KJUR.jws

    + +
    +
    +

    KJUR.jws.IntDate

    KJUR.jws.IntDate class diff --git a/api/symbols/ASN1HEX.html b/api/symbols/ASN1HEX.html index 510ded93..029772b4 100755 --- a/api/symbols/ASN1HEX.html +++ b/api/symbols/ASN1HEX.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/Base64x.html b/api/symbols/Base64x.html index fc4d5d2d..8ec95116 100755 --- a/api/symbols/Base64x.html +++ b/api/symbols/Base64x.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KEYUTIL.html b/api/symbols/KEYUTIL.html index e62728ca..3d148e6a 100755 --- a/api/symbols/KEYUTIL.html +++ b/api/symbols/KEYUTIL.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • @@ -1337,7 +1339,9 @@

    +NOTE: RFC 7517 JSON Web Key(JWK) support for RSA/ECC private/public key from jsrsasign 4.8.1.

    diff --git a/api/symbols/KJUR.asn1.ASN1Object.html b/api/symbols/KJUR.asn1.ASN1Object.html index 7aeb1938..1acb48c9 100755 --- a/api/symbols/KJUR.asn1.ASN1Object.html +++ b/api/symbols/KJUR.asn1.ASN1Object.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.ASN1Util.html b/api/symbols/KJUR.asn1.ASN1Util.html index 1738147b..e8d67906 100755 --- a/api/symbols/KJUR.asn1.ASN1Util.html +++ b/api/symbols/KJUR.asn1.ASN1Util.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.DERAbstractString.html b/api/symbols/KJUR.asn1.DERAbstractString.html index 676ecf8e..141f9772 100755 --- a/api/symbols/KJUR.asn1.DERAbstractString.html +++ b/api/symbols/KJUR.asn1.DERAbstractString.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.DERAbstractStructured.html b/api/symbols/KJUR.asn1.DERAbstractStructured.html index 19b3a922..69aacf7f 100755 --- a/api/symbols/KJUR.asn1.DERAbstractStructured.html +++ b/api/symbols/KJUR.asn1.DERAbstractStructured.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.DERAbstractTime.html b/api/symbols/KJUR.asn1.DERAbstractTime.html index 0d57300c..b0273ee7 100755 --- a/api/symbols/KJUR.asn1.DERAbstractTime.html +++ b/api/symbols/KJUR.asn1.DERAbstractTime.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.DERBitString.html b/api/symbols/KJUR.asn1.DERBitString.html index 81e437be..06118bdd 100755 --- a/api/symbols/KJUR.asn1.DERBitString.html +++ b/api/symbols/KJUR.asn1.DERBitString.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.DERBoolean.html b/api/symbols/KJUR.asn1.DERBoolean.html index 0b4c0e6d..f1b778df 100755 --- a/api/symbols/KJUR.asn1.DERBoolean.html +++ b/api/symbols/KJUR.asn1.DERBoolean.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.DEREnumerated.html b/api/symbols/KJUR.asn1.DEREnumerated.html index c156a344..395c5095 100755 --- a/api/symbols/KJUR.asn1.DEREnumerated.html +++ b/api/symbols/KJUR.asn1.DEREnumerated.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.DERGeneralizedTime.html b/api/symbols/KJUR.asn1.DERGeneralizedTime.html index fbbb3d73..9054bfb2 100755 --- a/api/symbols/KJUR.asn1.DERGeneralizedTime.html +++ b/api/symbols/KJUR.asn1.DERGeneralizedTime.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.DERIA5String.html b/api/symbols/KJUR.asn1.DERIA5String.html index 64563711..a6ed957c 100755 --- a/api/symbols/KJUR.asn1.DERIA5String.html +++ b/api/symbols/KJUR.asn1.DERIA5String.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.DERInteger.html b/api/symbols/KJUR.asn1.DERInteger.html index 2aad8ec8..e397e2fc 100755 --- a/api/symbols/KJUR.asn1.DERInteger.html +++ b/api/symbols/KJUR.asn1.DERInteger.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.DERNull.html b/api/symbols/KJUR.asn1.DERNull.html index f23a4473..f212a385 100755 --- a/api/symbols/KJUR.asn1.DERNull.html +++ b/api/symbols/KJUR.asn1.DERNull.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.DERNumericString.html b/api/symbols/KJUR.asn1.DERNumericString.html index 1c796007..d5522eb6 100755 --- a/api/symbols/KJUR.asn1.DERNumericString.html +++ b/api/symbols/KJUR.asn1.DERNumericString.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.DERObjectIdentifier.html b/api/symbols/KJUR.asn1.DERObjectIdentifier.html index 491584ce..a3b3de65 100755 --- a/api/symbols/KJUR.asn1.DERObjectIdentifier.html +++ b/api/symbols/KJUR.asn1.DERObjectIdentifier.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.DEROctetString.html b/api/symbols/KJUR.asn1.DEROctetString.html index 714ef30b..6dfc8d68 100755 --- a/api/symbols/KJUR.asn1.DEROctetString.html +++ b/api/symbols/KJUR.asn1.DEROctetString.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.DERPrintableString.html b/api/symbols/KJUR.asn1.DERPrintableString.html index c4a0c91a..158a1b01 100755 --- a/api/symbols/KJUR.asn1.DERPrintableString.html +++ b/api/symbols/KJUR.asn1.DERPrintableString.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.DERSequence.html b/api/symbols/KJUR.asn1.DERSequence.html index 78f9b828..72a1eb77 100755 --- a/api/symbols/KJUR.asn1.DERSequence.html +++ b/api/symbols/KJUR.asn1.DERSequence.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.DERSet.html b/api/symbols/KJUR.asn1.DERSet.html index 7434f5f7..94830e3d 100755 --- a/api/symbols/KJUR.asn1.DERSet.html +++ b/api/symbols/KJUR.asn1.DERSet.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.DERTaggedObject.html b/api/symbols/KJUR.asn1.DERTaggedObject.html index 6bea0788..f80cac78 100755 --- a/api/symbols/KJUR.asn1.DERTaggedObject.html +++ b/api/symbols/KJUR.asn1.DERTaggedObject.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.DERTeletexString.html b/api/symbols/KJUR.asn1.DERTeletexString.html index 0f8bd2f3..94bb0c18 100755 --- a/api/symbols/KJUR.asn1.DERTeletexString.html +++ b/api/symbols/KJUR.asn1.DERTeletexString.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.DERUTCTime.html b/api/symbols/KJUR.asn1.DERUTCTime.html index dbf96d77..805751c0 100755 --- a/api/symbols/KJUR.asn1.DERUTCTime.html +++ b/api/symbols/KJUR.asn1.DERUTCTime.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.DERUTF8String.html b/api/symbols/KJUR.asn1.DERUTF8String.html index 2f8b9dd4..1eb42dc0 100755 --- a/api/symbols/KJUR.asn1.DERUTF8String.html +++ b/api/symbols/KJUR.asn1.DERUTF8String.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.cades.CAdESUtil.html b/api/symbols/KJUR.asn1.cades.CAdESUtil.html index 349e05df..472d6339 100755 --- a/api/symbols/KJUR.asn1.cades.CAdESUtil.html +++ b/api/symbols/KJUR.asn1.cades.CAdESUtil.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.cades.CompleteCertificateRefs.html b/api/symbols/KJUR.asn1.cades.CompleteCertificateRefs.html index 96802648..3b8ef1ae 100755 --- a/api/symbols/KJUR.asn1.cades.CompleteCertificateRefs.html +++ b/api/symbols/KJUR.asn1.cades.CompleteCertificateRefs.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.cades.OtherCertID.html b/api/symbols/KJUR.asn1.cades.OtherCertID.html index 38971eb4..d571888b 100755 --- a/api/symbols/KJUR.asn1.cades.OtherCertID.html +++ b/api/symbols/KJUR.asn1.cades.OtherCertID.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.cades.OtherHash.html b/api/symbols/KJUR.asn1.cades.OtherHash.html index 8ec242c5..6d89f146 100755 --- a/api/symbols/KJUR.asn1.cades.OtherHash.html +++ b/api/symbols/KJUR.asn1.cades.OtherHash.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.cades.OtherHashAlgAndValue.html b/api/symbols/KJUR.asn1.cades.OtherHashAlgAndValue.html index 81356ef2..d46454cc 100755 --- a/api/symbols/KJUR.asn1.cades.OtherHashAlgAndValue.html +++ b/api/symbols/KJUR.asn1.cades.OtherHashAlgAndValue.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.cades.SignaturePolicyIdentifier.html b/api/symbols/KJUR.asn1.cades.SignaturePolicyIdentifier.html index 2557bfae..3b186cdd 100755 --- a/api/symbols/KJUR.asn1.cades.SignaturePolicyIdentifier.html +++ b/api/symbols/KJUR.asn1.cades.SignaturePolicyIdentifier.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.cades.SignatureTimeStamp.html b/api/symbols/KJUR.asn1.cades.SignatureTimeStamp.html index 6e81e9a4..0c1fae26 100755 --- a/api/symbols/KJUR.asn1.cades.SignatureTimeStamp.html +++ b/api/symbols/KJUR.asn1.cades.SignatureTimeStamp.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.cades.html b/api/symbols/KJUR.asn1.cades.html index d6a9cb58..0e2561f8 100755 --- a/api/symbols/KJUR.asn1.cades.html +++ b/api/symbols/KJUR.asn1.cades.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.cms.Attribute.html b/api/symbols/KJUR.asn1.cms.Attribute.html index c7b3c61f..cdd4e24a 100755 --- a/api/symbols/KJUR.asn1.cms.Attribute.html +++ b/api/symbols/KJUR.asn1.cms.Attribute.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.cms.AttributeList.html b/api/symbols/KJUR.asn1.cms.AttributeList.html index 3047a363..6b6cdac5 100755 --- a/api/symbols/KJUR.asn1.cms.AttributeList.html +++ b/api/symbols/KJUR.asn1.cms.AttributeList.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.cms.CMSUtil.html b/api/symbols/KJUR.asn1.cms.CMSUtil.html index 6b5aa303..9111cd04 100755 --- a/api/symbols/KJUR.asn1.cms.CMSUtil.html +++ b/api/symbols/KJUR.asn1.cms.CMSUtil.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.cms.ContentInfo.html b/api/symbols/KJUR.asn1.cms.ContentInfo.html index 5118c966..825030eb 100755 --- a/api/symbols/KJUR.asn1.cms.ContentInfo.html +++ b/api/symbols/KJUR.asn1.cms.ContentInfo.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.cms.ContentType.html b/api/symbols/KJUR.asn1.cms.ContentType.html index cc8f5556..7d2c31e4 100755 --- a/api/symbols/KJUR.asn1.cms.ContentType.html +++ b/api/symbols/KJUR.asn1.cms.ContentType.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.cms.EncapsulatedContentInfo.html b/api/symbols/KJUR.asn1.cms.EncapsulatedContentInfo.html index f6d2d3e6..6581fbcf 100755 --- a/api/symbols/KJUR.asn1.cms.EncapsulatedContentInfo.html +++ b/api/symbols/KJUR.asn1.cms.EncapsulatedContentInfo.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.cms.IssuerAndSerialNumber.html b/api/symbols/KJUR.asn1.cms.IssuerAndSerialNumber.html index b4c71957..f341cb77 100755 --- a/api/symbols/KJUR.asn1.cms.IssuerAndSerialNumber.html +++ b/api/symbols/KJUR.asn1.cms.IssuerAndSerialNumber.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.cms.MessageDigest.html b/api/symbols/KJUR.asn1.cms.MessageDigest.html index 30c63bca..1e8db453 100755 --- a/api/symbols/KJUR.asn1.cms.MessageDigest.html +++ b/api/symbols/KJUR.asn1.cms.MessageDigest.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.cms.SignedData.html b/api/symbols/KJUR.asn1.cms.SignedData.html index 7947cf69..4cb024f0 100755 --- a/api/symbols/KJUR.asn1.cms.SignedData.html +++ b/api/symbols/KJUR.asn1.cms.SignedData.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.cms.SignerInfo.html b/api/symbols/KJUR.asn1.cms.SignerInfo.html index 893b46fc..7058dd98 100755 --- a/api/symbols/KJUR.asn1.cms.SignerInfo.html +++ b/api/symbols/KJUR.asn1.cms.SignerInfo.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.cms.SigningCertificate.html b/api/symbols/KJUR.asn1.cms.SigningCertificate.html index 66696a0c..b20eaa07 100755 --- a/api/symbols/KJUR.asn1.cms.SigningCertificate.html +++ b/api/symbols/KJUR.asn1.cms.SigningCertificate.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.cms.SigningCertificateV2.html b/api/symbols/KJUR.asn1.cms.SigningCertificateV2.html index 09d372af..6d722680 100755 --- a/api/symbols/KJUR.asn1.cms.SigningCertificateV2.html +++ b/api/symbols/KJUR.asn1.cms.SigningCertificateV2.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.cms.SigningTime.html b/api/symbols/KJUR.asn1.cms.SigningTime.html index 18511765..147e940a 100755 --- a/api/symbols/KJUR.asn1.cms.SigningTime.html +++ b/api/symbols/KJUR.asn1.cms.SigningTime.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.cms.html b/api/symbols/KJUR.asn1.cms.html index 0889866e..b8aa22ba 100755 --- a/api/symbols/KJUR.asn1.cms.html +++ b/api/symbols/KJUR.asn1.cms.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.html b/api/symbols/KJUR.asn1.html index 2487102a..0e7f69ba 100755 --- a/api/symbols/KJUR.asn1.html +++ b/api/symbols/KJUR.asn1.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.tsp.AbstractTSAAdapter.html b/api/symbols/KJUR.asn1.tsp.AbstractTSAAdapter.html index 2ded1ce8..123c77f4 100755 --- a/api/symbols/KJUR.asn1.tsp.AbstractTSAAdapter.html +++ b/api/symbols/KJUR.asn1.tsp.AbstractTSAAdapter.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.tsp.Accuracy.html b/api/symbols/KJUR.asn1.tsp.Accuracy.html index 7629a06a..db67d895 100755 --- a/api/symbols/KJUR.asn1.tsp.Accuracy.html +++ b/api/symbols/KJUR.asn1.tsp.Accuracy.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.tsp.FixedTSAAdapter.html b/api/symbols/KJUR.asn1.tsp.FixedTSAAdapter.html index a2980a60..21a767df 100755 --- a/api/symbols/KJUR.asn1.tsp.FixedTSAAdapter.html +++ b/api/symbols/KJUR.asn1.tsp.FixedTSAAdapter.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.tsp.MessageImprint.html b/api/symbols/KJUR.asn1.tsp.MessageImprint.html index 69c86715..1f59cdb2 100755 --- a/api/symbols/KJUR.asn1.tsp.MessageImprint.html +++ b/api/symbols/KJUR.asn1.tsp.MessageImprint.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.tsp.PKIFailureInfo.html b/api/symbols/KJUR.asn1.tsp.PKIFailureInfo.html index 152c40cc..e11feb33 100755 --- a/api/symbols/KJUR.asn1.tsp.PKIFailureInfo.html +++ b/api/symbols/KJUR.asn1.tsp.PKIFailureInfo.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.tsp.PKIFreeText.html b/api/symbols/KJUR.asn1.tsp.PKIFreeText.html index 8d847482..888c823a 100755 --- a/api/symbols/KJUR.asn1.tsp.PKIFreeText.html +++ b/api/symbols/KJUR.asn1.tsp.PKIFreeText.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.tsp.PKIStatus.html b/api/symbols/KJUR.asn1.tsp.PKIStatus.html index ae0a400a..c484cebb 100755 --- a/api/symbols/KJUR.asn1.tsp.PKIStatus.html +++ b/api/symbols/KJUR.asn1.tsp.PKIStatus.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.tsp.PKIStatusInfo.html b/api/symbols/KJUR.asn1.tsp.PKIStatusInfo.html index 55491610..e72b854d 100755 --- a/api/symbols/KJUR.asn1.tsp.PKIStatusInfo.html +++ b/api/symbols/KJUR.asn1.tsp.PKIStatusInfo.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.tsp.SimpleTSAAdapter.html b/api/symbols/KJUR.asn1.tsp.SimpleTSAAdapter.html index 989da105..f331d4fe 100755 --- a/api/symbols/KJUR.asn1.tsp.SimpleTSAAdapter.html +++ b/api/symbols/KJUR.asn1.tsp.SimpleTSAAdapter.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.tsp.TSPUtil.html b/api/symbols/KJUR.asn1.tsp.TSPUtil.html index 38e8644a..96961d61 100755 --- a/api/symbols/KJUR.asn1.tsp.TSPUtil.html +++ b/api/symbols/KJUR.asn1.tsp.TSPUtil.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.tsp.TSTInfo.html b/api/symbols/KJUR.asn1.tsp.TSTInfo.html index cab727a5..bfb7e82c 100755 --- a/api/symbols/KJUR.asn1.tsp.TSTInfo.html +++ b/api/symbols/KJUR.asn1.tsp.TSTInfo.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.tsp.TimeStampReq.html b/api/symbols/KJUR.asn1.tsp.TimeStampReq.html index 6cc3c49e..25d3e137 100755 --- a/api/symbols/KJUR.asn1.tsp.TimeStampReq.html +++ b/api/symbols/KJUR.asn1.tsp.TimeStampReq.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.tsp.TimeStampResp.html b/api/symbols/KJUR.asn1.tsp.TimeStampResp.html index 7d6d3c3e..8625b19a 100755 --- a/api/symbols/KJUR.asn1.tsp.TimeStampResp.html +++ b/api/symbols/KJUR.asn1.tsp.TimeStampResp.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.tsp.html b/api/symbols/KJUR.asn1.tsp.html index 7a1ba7af..df538909 100755 --- a/api/symbols/KJUR.asn1.tsp.html +++ b/api/symbols/KJUR.asn1.tsp.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.x509.AlgorithmIdentifier.html b/api/symbols/KJUR.asn1.x509.AlgorithmIdentifier.html index 38e8e357..ef03b8a6 100755 --- a/api/symbols/KJUR.asn1.x509.AlgorithmIdentifier.html +++ b/api/symbols/KJUR.asn1.x509.AlgorithmIdentifier.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.x509.AttributeTypeAndValue.html b/api/symbols/KJUR.asn1.x509.AttributeTypeAndValue.html index fa40ec35..f6898361 100755 --- a/api/symbols/KJUR.asn1.x509.AttributeTypeAndValue.html +++ b/api/symbols/KJUR.asn1.x509.AttributeTypeAndValue.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.x509.AuthorityKeyIdentifier.html b/api/symbols/KJUR.asn1.x509.AuthorityKeyIdentifier.html index 5337c571..49f6efa2 100755 --- a/api/symbols/KJUR.asn1.x509.AuthorityKeyIdentifier.html +++ b/api/symbols/KJUR.asn1.x509.AuthorityKeyIdentifier.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.x509.BasicConstraints.html b/api/symbols/KJUR.asn1.x509.BasicConstraints.html index e12a9c0f..60f50fb4 100755 --- a/api/symbols/KJUR.asn1.x509.BasicConstraints.html +++ b/api/symbols/KJUR.asn1.x509.BasicConstraints.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.x509.CRL.html b/api/symbols/KJUR.asn1.x509.CRL.html index f7771b6d..dd4e785a 100755 --- a/api/symbols/KJUR.asn1.x509.CRL.html +++ b/api/symbols/KJUR.asn1.x509.CRL.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.x509.CRLDistributionPoints.html b/api/symbols/KJUR.asn1.x509.CRLDistributionPoints.html index 543df225..2f9ec675 100755 --- a/api/symbols/KJUR.asn1.x509.CRLDistributionPoints.html +++ b/api/symbols/KJUR.asn1.x509.CRLDistributionPoints.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.x509.CRLEntry.html b/api/symbols/KJUR.asn1.x509.CRLEntry.html index cb40452f..8c65b00d 100755 --- a/api/symbols/KJUR.asn1.x509.CRLEntry.html +++ b/api/symbols/KJUR.asn1.x509.CRLEntry.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.x509.Certificate.html b/api/symbols/KJUR.asn1.x509.Certificate.html index fbdc73ef..ff13f8c5 100755 --- a/api/symbols/KJUR.asn1.x509.Certificate.html +++ b/api/symbols/KJUR.asn1.x509.Certificate.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.x509.DistributionPoint.html b/api/symbols/KJUR.asn1.x509.DistributionPoint.html index c7fb4a29..c0c5e3db 100755 --- a/api/symbols/KJUR.asn1.x509.DistributionPoint.html +++ b/api/symbols/KJUR.asn1.x509.DistributionPoint.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.x509.DistributionPointName.html b/api/symbols/KJUR.asn1.x509.DistributionPointName.html index c11feee5..0d723036 100755 --- a/api/symbols/KJUR.asn1.x509.DistributionPointName.html +++ b/api/symbols/KJUR.asn1.x509.DistributionPointName.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.x509.ExtKeyUsage.html b/api/symbols/KJUR.asn1.x509.ExtKeyUsage.html index 62780e4b..b6b0a70c 100755 --- a/api/symbols/KJUR.asn1.x509.ExtKeyUsage.html +++ b/api/symbols/KJUR.asn1.x509.ExtKeyUsage.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.x509.Extension.html b/api/symbols/KJUR.asn1.x509.Extension.html index 30086ae1..217af231 100755 --- a/api/symbols/KJUR.asn1.x509.Extension.html +++ b/api/symbols/KJUR.asn1.x509.Extension.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.x509.GeneralName.html b/api/symbols/KJUR.asn1.x509.GeneralName.html index d2f96b2e..ca2ee2a5 100755 --- a/api/symbols/KJUR.asn1.x509.GeneralName.html +++ b/api/symbols/KJUR.asn1.x509.GeneralName.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.x509.GeneralNames.html b/api/symbols/KJUR.asn1.x509.GeneralNames.html index 1e1bf217..d4659563 100755 --- a/api/symbols/KJUR.asn1.x509.GeneralNames.html +++ b/api/symbols/KJUR.asn1.x509.GeneralNames.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.x509.KeyUsage.html b/api/symbols/KJUR.asn1.x509.KeyUsage.html index b9914d60..2230b945 100755 --- a/api/symbols/KJUR.asn1.x509.KeyUsage.html +++ b/api/symbols/KJUR.asn1.x509.KeyUsage.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.x509.OID.html b/api/symbols/KJUR.asn1.x509.OID.html index 1c1fe1f6..dc252735 100755 --- a/api/symbols/KJUR.asn1.x509.OID.html +++ b/api/symbols/KJUR.asn1.x509.OID.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.x509.RDN.html b/api/symbols/KJUR.asn1.x509.RDN.html index e86693b2..44a50bcd 100755 --- a/api/symbols/KJUR.asn1.x509.RDN.html +++ b/api/symbols/KJUR.asn1.x509.RDN.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.x509.SubjectPublicKeyInfo.html b/api/symbols/KJUR.asn1.x509.SubjectPublicKeyInfo.html index 8565ddd8..fa176609 100755 --- a/api/symbols/KJUR.asn1.x509.SubjectPublicKeyInfo.html +++ b/api/symbols/KJUR.asn1.x509.SubjectPublicKeyInfo.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.x509.TBSCertList.html b/api/symbols/KJUR.asn1.x509.TBSCertList.html index 10a76c5f..21efd79b 100755 --- a/api/symbols/KJUR.asn1.x509.TBSCertList.html +++ b/api/symbols/KJUR.asn1.x509.TBSCertList.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.x509.TBSCertificate.html b/api/symbols/KJUR.asn1.x509.TBSCertificate.html index 8178b58a..f83cece1 100755 --- a/api/symbols/KJUR.asn1.x509.TBSCertificate.html +++ b/api/symbols/KJUR.asn1.x509.TBSCertificate.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.x509.Time.html b/api/symbols/KJUR.asn1.x509.Time.html index 1f8444a8..60026209 100755 --- a/api/symbols/KJUR.asn1.x509.Time.html +++ b/api/symbols/KJUR.asn1.x509.Time.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.x509.X500Name.html b/api/symbols/KJUR.asn1.x509.X500Name.html index 5ce1bccf..414ba083 100755 --- a/api/symbols/KJUR.asn1.x509.X500Name.html +++ b/api/symbols/KJUR.asn1.x509.X500Name.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.x509.X509Util.html b/api/symbols/KJUR.asn1.x509.X509Util.html index 2d39ccf3..60da73d6 100755 --- a/api/symbols/KJUR.asn1.x509.X509Util.html +++ b/api/symbols/KJUR.asn1.x509.X509Util.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.asn1.x509.html b/api/symbols/KJUR.asn1.x509.html index eb395b56..acc43702 100755 --- a/api/symbols/KJUR.asn1.x509.html +++ b/api/symbols/KJUR.asn1.x509.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.crypto.DSA.html b/api/symbols/KJUR.crypto.DSA.html index 4fb7afe8..761bcf53 100755 --- a/api/symbols/KJUR.crypto.DSA.html +++ b/api/symbols/KJUR.crypto.DSA.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • diff --git a/api/symbols/KJUR.crypto.ECDSA.html b/api/symbols/KJUR.crypto.ECDSA.html index 30513cce..b6898ea2 100755 --- a/api/symbols/KJUR.crypto.ECDSA.html +++ b/api/symbols/KJUR.crypto.ECDSA.html @@ -385,6 +385,8 @@

    Classes

  • KJUR.crypto.Util
    • +
  • KJUR.jws
    • +
  • KJUR.jws.IntDate
  • KJUR.jws.JWS
    • @@ -776,7 +778,7 @@

    - 
    var ec = KJUR.crypto.ECDSA({'curve': 'secp256r1'});
+					
    var ec = new KJUR.crypto.ECDSA({'curve': 'secp256r1'});
 var keypair = ec.generateKeyPairHex();
 var pubhex = keypair.ecpubhex; // hexadecimal string of EC private key (=d)
 var prvhex = keypair.ecprvhex; // hexadecimal string of EC public key
    
@@ -876,7 +878,7 @@ 
    
 					
 					
 					
-					
    var ec = KJUR.crypto.ECDSA({'curve': 'secp256r1'});
+					
    var ec = new KJUR.crypto.ECDSA({'curve': 'secp256r1'});
 var sig = ec.parseSigHex('30...');
 var biR = sig.r; // BigInteger object for 'r' field of signature.
 var biS = sig.s; // BigInteger object for 's' field of signature.
    
@@ -932,7 +934,7 @@ 
    
 					
 					
 					
-					
    var ec = KJUR.crypto.ECDSA({'curve': 'secp256r1'});
+					
    var ec = new KJUR.crypto.ECDSA({'curve': 'secp256r1'});
 var sig = ec.parseSigHexInHexRS('30...');
 var hR = sig.r; // hexadecimal string for 'r' field of signature.
 var hS = sig.s; // hexadecimal string for 's' field of signature.
    
@@ -988,7 +990,7 @@ 
    
 					
 					
 					
-					
    var ec = KJUR.crypto.ECDSA({'curve': 'secp256r1'});
+					
    var ec = new KJUR.crypto.ECDSA({'curve': 'secp256r1'});
 var sigValue = ec.signHex(hash, prvKey);
    
 					
 					
@@ -1048,7 +1050,7 @@ 
    
 					
 					
 					
-					
    var ec = KJUR.crypto.ECDSA({'curve': 'secp256r1'});
+					
    var ec = new KJUR.crypto.ECDSA({'curve': 'secp256r1'});
 var result = ec.verifyHex(msgHashHex, sigHex, pubkeyHex);
    
 					
 					
diff --git a/api/symbols/KJUR.crypto.ECParameterDB.html b/api/symbols/KJUR.crypto.ECParameterDB.html
index 4de0729c..42ff668d 100755
--- a/api/symbols/KJUR.crypto.ECParameterDB.html
+++ b/api/symbols/KJUR.crypto.ECParameterDB.html
@@ -385,6 +385,8 @@ 
    Classes
    
 	
 	
  • KJUR.crypto.Util
    • 
 	
+	
  • KJUR.jws
    • 
+	
 	
  • KJUR.jws.IntDate
    • 
 	
 	
  • KJUR.jws.JWS
    • 
diff --git a/api/symbols/KJUR.crypto.Mac.html b/api/symbols/KJUR.crypto.Mac.html
index a5fc97a1..2bc9d082 100755
--- a/api/symbols/KJUR.crypto.Mac.html
+++ b/api/symbols/KJUR.crypto.Mac.html
@@ -385,6 +385,8 @@ 
    Classes
    
 	
 	
  • KJUR.crypto.Util
    • 
 	
+	
  • KJUR.jws
    • 
+	
 	
  • KJUR.jws.IntDate
    • 
 	
 	
  • KJUR.jws.JWS
    • 
diff --git a/api/symbols/KJUR.crypto.MessageDigest.html b/api/symbols/KJUR.crypto.MessageDigest.html
index 450b6638..388a512f 100755
--- a/api/symbols/KJUR.crypto.MessageDigest.html
+++ b/api/symbols/KJUR.crypto.MessageDigest.html
@@ -385,6 +385,8 @@ 
    Classes
    
 	
 	
  • KJUR.crypto.Util
    • 
 	
+	
  • KJUR.jws
    • 
+	
 	
  • KJUR.jws.IntDate
    • 
 	
 	
  • KJUR.jws.JWS
    • 
diff --git a/api/symbols/KJUR.crypto.OID.html b/api/symbols/KJUR.crypto.OID.html
index 81393fde..c5fd3f9e 100755
--- a/api/symbols/KJUR.crypto.OID.html
+++ b/api/symbols/KJUR.crypto.OID.html
@@ -385,6 +385,8 @@ 
    Classes
    
 	
 	
  • KJUR.crypto.Util
    • 
 	
+	
  • KJUR.jws
    • 
+	
 	
  • KJUR.jws.IntDate
    • 
 	
 	
  • KJUR.jws.JWS
    • 
diff --git a/api/symbols/KJUR.crypto.Signature.html b/api/symbols/KJUR.crypto.Signature.html
index aafa8855..28febd9e 100755
--- a/api/symbols/KJUR.crypto.Signature.html
+++ b/api/symbols/KJUR.crypto.Signature.html
@@ -385,6 +385,8 @@ 
    Classes
    
 	
 	
  • KJUR.crypto.Util
    • 
 	
+	
  • KJUR.jws
    • 
+	
 	
  • KJUR.jws.IntDate
    • 
 	
 	
  • KJUR.jws.JWS
    • 
diff --git a/api/symbols/KJUR.crypto.Util.html b/api/symbols/KJUR.crypto.Util.html
index 05ff32dd..b9f151a2 100755
--- a/api/symbols/KJUR.crypto.Util.html
+++ b/api/symbols/KJUR.crypto.Util.html
@@ -385,6 +385,8 @@ 
    Classes
    
 	
 	
  • KJUR.crypto.Util
    • 
 	
+	
  • KJUR.jws
    • 
+	
 	
  • KJUR.jws.IntDate
    • 
 	
 	
  • KJUR.jws.JWS
    • 
diff --git a/api/symbols/KJUR.crypto.html b/api/symbols/KJUR.crypto.html
index ddf510c4..1a22f796 100755
--- a/api/symbols/KJUR.crypto.html
+++ b/api/symbols/KJUR.crypto.html
@@ -385,6 +385,8 @@ 
    Classes
    
 	
 	
  • KJUR.crypto.Util
    • 
 	
+	
  • KJUR.jws
    • 
+	
 	
  • KJUR.jws.IntDate
    • 
 	
 	
  • KJUR.jws.JWS
    • 
diff --git a/api/symbols/KJUR.html b/api/symbols/KJUR.html
index cd2edcaa..690e59d3 100755
--- a/api/symbols/KJUR.html
+++ b/api/symbols/KJUR.html
@@ -385,6 +385,8 @@ 
    Classes
    
 	
 	
  • KJUR.crypto.Util
    • 
 	
+	
  • KJUR.jws
    • 
+	
 	
  • KJUR.jws.IntDate
    • 
 	
 	
  • KJUR.jws.JWS
    • 
diff --git a/api/symbols/KJUR.jws.IntDate.html b/api/symbols/KJUR.jws.IntDate.html
index a63dae8c..a5a10e05 100755
--- a/api/symbols/KJUR.jws.IntDate.html
+++ b/api/symbols/KJUR.jws.IntDate.html
@@ -385,6 +385,8 @@ 
    Classes
    
 	
 	
  • KJUR.crypto.Util
    • 
 	
+	
  • KJUR.jws
    • 
+	
 	
  • KJUR.jws.IntDate
    • 
 	
 	
  • KJUR.jws.JWS
    • 
diff --git a/api/symbols/KJUR.jws.JWS.html b/api/symbols/KJUR.jws.JWS.html
index 7e6a1568..c94d0f16 100755
--- a/api/symbols/KJUR.jws.JWS.html
+++ b/api/symbols/KJUR.jws.JWS.html
@@ -385,6 +385,8 @@ 
    Classes
    
 	
 	
  • KJUR.crypto.Util
    • 
 	
+	
  • KJUR.jws
    • 
+	
 	
  • KJUR.jws.IntDate
    • 
 	
 	
  • KJUR.jws.JWS
    • 
diff --git a/api/symbols/KJUR.jws.JWSJS.html b/api/symbols/KJUR.jws.JWSJS.html
index e87ed260..332cb011 100755
--- a/api/symbols/KJUR.jws.JWSJS.html
+++ b/api/symbols/KJUR.jws.JWSJS.html
@@ -385,6 +385,8 @@ 
    Classes
    
 	
 	
  • KJUR.crypto.Util
    • 
 	
+	
  • KJUR.jws
    • 
+	
 	
  • KJUR.jws.IntDate
    • 
 	
 	
  • KJUR.jws.JWS
    • 
diff --git a/api/symbols/KJUR.jws.html b/api/symbols/KJUR.jws.html
new file mode 100644
index 00000000..30f060de
--- /dev/null
+++ b/api/symbols/KJUR.jws.html
@@ -0,0 +1,508 @@
+
+
+	
+		
+		
+		
+		jsrsasign 4.0.0 JavaScript API Reference - KJUR.jws
+
+		
+	
+
+	
+	
+		
+		
+
+		
+
+
+		
    
+			
+			
+
    
+
    Classes
    
+
+
    
+			
+		
    
+		
+		
    
+
+			
    
+				
+				Namespace KJUR.jws
+			
    
+
+			
+			
    
+				
+				
+			
+				
+				
+				
+					
    Defined in:  jws-3.2.js.
+				
+			
    
+
+			
+			
+			
+				
+				
+					
+						
+						
+					
+				
+				
+					
+						
+						
+					
+				
+			
    Namespace Summary
    Constructor AttributesConstructor Name and Description
     
+							
    
+								KJUR.jws
+							
    
+							
    kjur's JSON Web Signature/Token(JWS/JWT) library name space

    
This namespace privides following JWS/JWS related classes.
    
+						
    
+			
+
+
+			
+
+
+			
+
+			
+
+		
+			
+			
     
+				
    
+					Namespace Detail
+				
    
+				
+				
    
+						KJUR.jws
+				
    
+				
+				
    
+					kjur's JSON Web Signature/Token(JWS/JWT) library name space

    
This namespace privides following JWS/JWS related classes.

    
NOTE: Please ignore method summary and document of this namespace. This caused by a bug of jsdoc2.

    
+					
+				
    
+				
+				
+				
+				
+					
+					
+					
+					
+					
+					
+					
+
+			
    
+			
+
+		
+			
+
+		
+			
+			
+		
+			
+			
+			
    
+		
    
+
+		
+
+		
    
+                        © 2012 Kenji Urushima, All rights reserved
    
+			
+			Documentation generated by JsDoc Toolkit 2.4.0 
+		
    
+	
+
diff --git a/api/symbols/PKCS5PKEY.html b/api/symbols/PKCS5PKEY.html
index cd9b3535..2c842630 100755
--- a/api/symbols/PKCS5PKEY.html
+++ b/api/symbols/PKCS5PKEY.html
@@ -385,6 +385,8 @@ 
    Classes
    
 	
 	
  • KJUR.crypto.Util
    • 
 	
+	
  • KJUR.jws
    • 
+	
 	
  • KJUR.jws.IntDate
    • 
 	
 	
  • KJUR.jws.JWS
    • 
diff --git a/api/symbols/RSAKey.html b/api/symbols/RSAKey.html
index a13e48a4..e9c5a058 100755
--- a/api/symbols/RSAKey.html
+++ b/api/symbols/RSAKey.html
@@ -385,6 +385,8 @@ 
    Classes
    
 	
 	
  • KJUR.crypto.Util
    • 
 	
+	
  • KJUR.jws
    • 
+	
 	
  • KJUR.jws.IntDate
    • 
 	
 	
  • KJUR.jws.JWS
    • 
diff --git a/api/symbols/X509.html b/api/symbols/X509.html
index 759131e0..63500a91 100755
--- a/api/symbols/X509.html
+++ b/api/symbols/X509.html
@@ -385,6 +385,8 @@ 
    Classes
    
 	
 	
  • KJUR.crypto.Util
    • 
 	
+	
  • KJUR.jws
    • 
+	
 	
  • KJUR.jws.IntDate
    • 
 	
 	
  • KJUR.jws.JWS
    • 
diff --git a/api/symbols/global__.html b/api/symbols/global__.html
index d24617db..8482a0e2 100755
--- a/api/symbols/global__.html
+++ b/api/symbols/global__.html
@@ -385,6 +385,8 @@ 
    Classes
    
 	
 	
  • KJUR.crypto.Util
    • 
 	
+	
  • KJUR.jws
    • 
+	
 	
  • KJUR.jws.IntDate
    • 
 	
 	
  • KJUR.jws.JWS
    • 
@@ -1104,6 +1106,7 @@ 
    
 					
 					
    
 						convert a hexadecimal string to a Base64URL encoded string.
    
+convert a hexadecimal string to a Base64URL encoded string.
NOTE: If leading "0" is omitted and odd number length for
hexadecimal leading "0" is automatically added.
 						
 							
    
 							Defined in:  base64x-1.1.js.
diff --git a/api/symbols/src/base64x-1.1.js.html b/api/symbols/src/base64x-1.1.js.html
index b5e16aa8..ddf191e5 100755
--- a/api/symbols/src/base64x-1.1.js.html
+++ b/api/symbols/src/base64x-1.1.js.html
@@ -5,14 +5,14 @@
 	.STRN {color: #393;}
 	.REGX {color: #339;}
 	.line {border-right: 1px dotted #666; color: #666; font-style: normal;}
-	
      1 /*! base64x-1.1.3 (c) 2012-2014 Kenji Urushima | kjur.github.com/jsjws/license
+	
      1 /*! base64x-1.1.4 (c) 2012-2015 Kenji Urushima | kjur.github.com/jsjws/license
   2  */
   3 /*
   4  * base64x.js - Base64url and supplementary functions for Tom Wu's base64.js library
   5  *
-  6  * version: 1.1.3 (2014 May 25)
+  6  * version: 1.1.4 (2015 Jul 3)
   7  *
-  8  * Copyright (c) 2012-2014 Kenji Urushima (kenji.urushima@gmail.com)
+  8  * Copyright (c) 2012-2015 Kenji Urushima (kenji.urushima@gmail.com)
   9  *
  10  * This software is licensed under the terms of the MIT License.
  11  * http://kjur.github.com/jsjws/license/
@@ -25,376 +25,390 @@
  18  */
  19 
  20 /**
- 21  * Base64URL and supplementary functions for Tom Wu's base64.js library.<br/>
- 22  * This class is just provide information about global functions
- 23  * defined in 'base64x.js'. The 'base64x.js' script file provides
- 24  * global functions for converting following data each other.
- 25  * <ul>
- 26  * <li>(ASCII) String</li>
- 27  * <li>UTF8 String including CJK, Latin and other characters</li>
- 28  * <li>byte array</li>
- 29  * <li>hexadecimal encoded String</li>
- 30  * <li>Full URIComponent encoded String (such like "%69%94")</li>
- 31  * <li>Base64 encoded String</li>
- 32  * <li>Base64URL encoded String</li>
- 33  * </ul>
- 34  * All functions in 'base64x.js' are defined in {@link global__} and not
- 35  * in this class.
- 36  * 
- 37  * @class Base64URL and supplementary functions for Tom Wu's base64.js library
- 38  * @author Kenji Urushima
- 39  * @version 1.1 (07 May 2012)
- 40  * @requires base64.js
- 41  * @see <a href="http://kjur.github.com/jsjws/">'jwjws'(JWS JavaScript Library) home page http://kjur.github.com/jsjws/</a>
- 42  * @see <a href="http://kjur.github.com/jsrsasigns/">'jwrsasign'(RSA Sign JavaScript Library) home page http://kjur.github.com/jsrsasign/</a>
- 43  */
- 44 function Base64x() {
- 45 }
- 46 
- 47 // ==== string / byte array ================================
- 48 /**
- 49  * convert a string to an array of character codes
- 50  * @param {String} s
- 51  * @return {Array of Numbers} 
+ 21  * @fileOverview
+ 22  * @name base64x-1.1.js
+ 23  * @author Kenji Urushima kenji.urushima@gmail.com
+ 24  * @version asn1 1.1.4 (2015-Jul-3)
+ 25  * @since jsrsasign 2.1
+ 26  * @license <a href="http://kjur.github.io/jsrsasign/license/">MIT License</a>
+ 27  */
+ 28 
+ 29 /**
+ 30  * Base64URL and supplementary functions for Tom Wu's base64.js library.<br/>
+ 31  * This class is just provide information about global functions
+ 32  * defined in 'base64x.js'. The 'base64x.js' script file provides
+ 33  * global functions for converting following data each other.
+ 34  * <ul>
+ 35  * <li>(ASCII) String</li>
+ 36  * <li>UTF8 String including CJK, Latin and other characters</li>
+ 37  * <li>byte array</li>
+ 38  * <li>hexadecimal encoded String</li>
+ 39  * <li>Full URIComponent encoded String (such like "%69%94")</li>
+ 40  * <li>Base64 encoded String</li>
+ 41  * <li>Base64URL encoded String</li>
+ 42  * </ul>
+ 43  * All functions in 'base64x.js' are defined in {@link global__} and not
+ 44  * in this class.
+ 45  * 
+ 46  * @class Base64URL and supplementary functions for Tom Wu's base64.js library
+ 47  * @author Kenji Urushima
+ 48  * @version 1.1 (07 May 2012)
+ 49  * @requires base64.js
+ 50  * @see <a href="http://kjur.github.com/jsjws/">'jwjws'(JWS JavaScript Library) home page http://kjur.github.com/jsjws/</a>
+ 51  * @see <a href="http://kjur.github.com/jsrsasigns/">'jwrsasign'(RSA Sign JavaScript Library) home page http://kjur.github.com/jsrsasign/</a>
  52  */
- 53 function stoBA(s) {
- 54     var a = new Array();
- 55     for (var i = 0; i < s.length; i++) {
- 56 	a[i] = s.charCodeAt(i);
- 57     }
- 58     return a;
- 59 }
- 60 
- 61 /**
- 62  * convert an array of character codes to a string
- 63  * @param {Array of Numbers} a array of character codes
- 64  * @return {String} s
- 65  */
- 66 function BAtos(a) {
- 67     var s = "";
- 68     for (var i = 0; i < a.length; i++) {
- 69 	s = s + String.fromCharCode(a[i]);
- 70     }
- 71     return s;
- 72 }
- 73 
- 74 // ==== byte array / hex ================================
- 75 /**
- 76  * convert an array of bytes(Number) to hexadecimal string.<br/>
- 77  * @param {Array of Numbers} a array of bytes
- 78  * @return {String} hexadecimal string
- 79  */
- 80 function BAtohex(a) {
- 81     var s = "";
- 82     for (var i = 0; i < a.length; i++) {
- 83 	var hex1 = a[i].toString(16);
- 84 	if (hex1.length == 1) hex1 = "0" + hex1;
- 85 	s = s + hex1;
- 86     }
- 87     return s;
- 88 }
- 89 
- 90 // ==== string / hex ================================
- 91 /**
- 92  * convert a ASCII string to a hexadecimal string of ASCII codes.<br/>
- 93  * NOTE: This can't be used for non ASCII characters.
- 94  * @param {s} s ASCII string
- 95  * @return {String} hexadecimal string
- 96  */
- 97 function stohex(s) {
- 98     return BAtohex(stoBA(s));
- 99 }
-100 
-101 // ==== string / base64 ================================
-102 /**
-103  * convert a ASCII string to a Base64 encoded string.<br/>
-104  * NOTE: This can't be used for non ASCII characters.
-105  * @param {s} s ASCII string
-106  * @return {String} Base64 encoded string
-107  */
-108 function stob64(s) {
-109     return hex2b64(stohex(s));
-110 }
-111 
-112 // ==== string / base64url ================================
-113 /**
-114  * convert a ASCII string to a Base64URL encoded string.<br/>
-115  * NOTE: This can't be used for non ASCII characters.
-116  * @param {s} s ASCII string
-117  * @return {String} Base64URL encoded string
-118  */
-119 function stob64u(s) {
-120     return b64tob64u(hex2b64(stohex(s)));
-121 }
-122 
-123 /**
-124  * convert a Base64URL encoded string to a ASCII string.<br/>
-125  * NOTE: This can't be used for Base64URL encoded non ASCII characters.
-126  * @param {s} s Base64URL encoded string
-127  * @return {String} ASCII string
-128  */
-129 function b64utos(s) {
-130     return BAtos(b64toBA(b64utob64(s)));
-131 }
-132 
-133 // ==== base64 / base64url ================================
-134 /**
-135  * convert a Base64 encoded string to a Base64URL encoded string.<br/>
-136  * Example: "ab+c3f/==" → "ab-c3f_"
-137  * @param {String} s Base64 encoded string
-138  * @return {String} Base64URL encoded string
-139  */
-140 function b64tob64u(s) {
-141     s = s.replace(/\=/g, "");
-142     s = s.replace(/\+/g, "-");
-143     s = s.replace(/\//g, "_");
-144     return s;
-145 }
-146 
-147 /**
-148  * convert a Base64URL encoded string to a Base64 encoded string.<br/>
-149  * Example: "ab-c3f_" → "ab+c3f/=="
-150  * @param {String} s Base64URL encoded string
-151  * @return {String} Base64 encoded string
-152  */
-153 function b64utob64(s) {
-154     if (s.length % 4 == 2) s = s + "==";
-155     else if (s.length % 4 == 3) s = s + "=";
-156     s = s.replace(/-/g, "+");
-157     s = s.replace(/_/g, "/");
-158     return s;
-159 }
-160 
-161 // ==== hex / base64url ================================
-162 /**
-163  * convert a hexadecimal string to a Base64URL encoded string.<br/>
-164  * @param {String} s hexadecimal string
-165  * @return {String} Base64URL encoded string
-166  */
-167 function hextob64u(s) {
-168     return b64tob64u(hex2b64(s));
-169 }
-170 
+ 53 function Base64x() {
+ 54 }
+ 55 
+ 56 // ==== string / byte array ================================
+ 57 /**
+ 58  * convert a string to an array of character codes
+ 59  * @param {String} s
+ 60  * @return {Array of Numbers} 
+ 61  */
+ 62 function stoBA(s) {
+ 63     var a = new Array();
+ 64     for (var i = 0; i < s.length; i++) {
+ 65 	a[i] = s.charCodeAt(i);
+ 66     }
+ 67     return a;
+ 68 }
+ 69 
+ 70 /**
+ 71  * convert an array of character codes to a string
+ 72  * @param {Array of Numbers} a array of character codes
+ 73  * @return {String} s
+ 74  */
+ 75 function BAtos(a) {
+ 76     var s = "";
+ 77     for (var i = 0; i < a.length; i++) {
+ 78 	s = s + String.fromCharCode(a[i]);
+ 79     }
+ 80     return s;
+ 81 }
+ 82 
+ 83 // ==== byte array / hex ================================
+ 84 /**
+ 85  * convert an array of bytes(Number) to hexadecimal string.<br/>
+ 86  * @param {Array of Numbers} a array of bytes
+ 87  * @return {String} hexadecimal string
+ 88  */
+ 89 function BAtohex(a) {
+ 90     var s = "";
+ 91     for (var i = 0; i < a.length; i++) {
+ 92 	var hex1 = a[i].toString(16);
+ 93 	if (hex1.length == 1) hex1 = "0" + hex1;
+ 94 	s = s + hex1;
+ 95     }
+ 96     return s;
+ 97 }
+ 98 
+ 99 // ==== string / hex ================================
+100 /**
+101  * convert a ASCII string to a hexadecimal string of ASCII codes.<br/>
+102  * NOTE: This can't be used for non ASCII characters.
+103  * @param {s} s ASCII string
+104  * @return {String} hexadecimal string
+105  */
+106 function stohex(s) {
+107     return BAtohex(stoBA(s));
+108 }
+109 
+110 // ==== string / base64 ================================
+111 /**
+112  * convert a ASCII string to a Base64 encoded string.<br/>
+113  * NOTE: This can't be used for non ASCII characters.
+114  * @param {s} s ASCII string
+115  * @return {String} Base64 encoded string
+116  */
+117 function stob64(s) {
+118     return hex2b64(stohex(s));
+119 }
+120 
+121 // ==== string / base64url ================================
+122 /**
+123  * convert a ASCII string to a Base64URL encoded string.<br/>
+124  * NOTE: This can't be used for non ASCII characters.
+125  * @param {s} s ASCII string
+126  * @return {String} Base64URL encoded string
+127  */
+128 function stob64u(s) {
+129     return b64tob64u(hex2b64(stohex(s)));
+130 }
+131 
+132 /**
+133  * convert a Base64URL encoded string to a ASCII string.<br/>
+134  * NOTE: This can't be used for Base64URL encoded non ASCII characters.
+135  * @param {s} s Base64URL encoded string
+136  * @return {String} ASCII string
+137  */
+138 function b64utos(s) {
+139     return BAtos(b64toBA(b64utob64(s)));
+140 }
+141 
+142 // ==== base64 / base64url ================================
+143 /**
+144  * convert a Base64 encoded string to a Base64URL encoded string.<br/>
+145  * Example: "ab+c3f/==" → "ab-c3f_"
+146  * @param {String} s Base64 encoded string
+147  * @return {String} Base64URL encoded string
+148  */
+149 function b64tob64u(s) {
+150     s = s.replace(/\=/g, "");
+151     s = s.replace(/\+/g, "-");
+152     s = s.replace(/\//g, "_");
+153     return s;
+154 }
+155 
+156 /**
+157  * convert a Base64URL encoded string to a Base64 encoded string.<br/>
+158  * Example: "ab-c3f_" → "ab+c3f/=="
+159  * @param {String} s Base64URL encoded string
+160  * @return {String} Base64 encoded string
+161  */
+162 function b64utob64(s) {
+163     if (s.length % 4 == 2) s = s + "==";
+164     else if (s.length % 4 == 3) s = s + "=";
+165     s = s.replace(/-/g, "+");
+166     s = s.replace(/_/g, "/");
+167     return s;
+168 }
+169 
+170 // ==== hex / base64url ================================
 171 /**
-172  * convert a Base64URL encoded string to a hexadecimal string.<br/>
-173  * @param {String} s Base64URL encoded string
-174  * @return {String} hexadecimal string
-175  */
-176 function b64utohex(s) {
-177     return b64tohex(b64utob64(s));
-178 }
-179 
-180 var utf8tob64u, b64utoutf8;
-181 
-182 if (typeof Buffer === 'function')
-183 {
-184   utf8tob64u = function (s)
-185   {
-186     return b64tob64u(new Buffer(s, 'utf8').toString('base64'));
-187   };
-188 
-189   b64utoutf8 = function (s)
-190   {
-191     return new Buffer(b64utob64(s), 'base64').toString('utf8');
-192   };
-193 }
-194 else
-195 {
-196 // ==== utf8 / base64url ================================
-197 /**
-198  * convert a UTF-8 encoded string including CJK or Latin to a Base64URL encoded string.<br/>
-199  * @param {String} s UTF-8 encoded string
-200  * @return {String} Base64URL encoded string
-201  * @since 1.1
-202  */
-203   utf8tob64u = function (s)
+172  * convert a hexadecimal string to a Base64URL encoded string.<br/>
+173  * @param {String} s hexadecimal string
+174  * @return {String} Base64URL encoded string
+175  * @description
+176  * convert a hexadecimal string to a Base64URL encoded string.
+177  * NOTE: If leading "0" is omitted and odd number length for
+178  * hexadecimal leading "0" is automatically added.
+179  */
+180 function hextob64u(s) {
+181     if (s.length % 2 == 1) s = "0" + s;
+182     return b64tob64u(hex2b64(s));
+183 }
+184 
+185 /**
+186  * convert a Base64URL encoded string to a hexadecimal string.<br/>
+187  * @param {String} s Base64URL encoded string
+188  * @return {String} hexadecimal string
+189  */
+190 function b64utohex(s) {
+191     return b64tohex(b64utob64(s));
+192 }
+193 
+194 var utf8tob64u, b64utoutf8;
+195 
+196 if (typeof Buffer === 'function')
+197 {
+198   utf8tob64u = function (s)
+199   {
+200     return b64tob64u(new Buffer(s, 'utf8').toString('base64'));
+201   };
+202 
+203   b64utoutf8 = function (s)
 204   {
-205     return hextob64u(uricmptohex(encodeURIComponentAll(s)));
+205     return new Buffer(b64utob64(s), 'base64').toString('utf8');
 206   };
-207 
-208 /**
-209  * convert a Base64URL encoded string to a UTF-8 encoded string including CJK or Latin.<br/>
-210  * @param {String} s Base64URL encoded string
-211  * @return {String} UTF-8 encoded string
-212  * @since 1.1
-213  */
-214   b64utoutf8 = function (s)
-215   {
-216     return decodeURIComponent(hextouricmp(b64utohex(s)));
-217   };
-218 }
-219 
-220 // ==== utf8 / base64url ================================
-221 /**
-222  * convert a UTF-8 encoded string including CJK or Latin to a Base64 encoded string.<br/>
-223  * @param {String} s UTF-8 encoded string
-224  * @return {String} Base64 encoded string
-225  * @since 1.1.1
-226  */
-227 function utf8tob64(s) {
-228   return hex2b64(uricmptohex(encodeURIComponentAll(s)));
-229 }
-230 
-231 /**
-232  * convert a Base64 encoded string to a UTF-8 encoded string including CJK or Latin.<br/>
-233  * @param {String} s Base64 encoded string
-234  * @return {String} UTF-8 encoded string
-235  * @since 1.1.1
-236  */
-237 function b64toutf8(s) {
-238   return decodeURIComponent(hextouricmp(b64tohex(s)));
-239 }
-240 
-241 // ==== utf8 / hex ================================
-242 /**
-243  * convert a UTF-8 encoded string including CJK or Latin to a hexadecimal encoded string.<br/>
-244  * @param {String} s UTF-8 encoded string
-245  * @return {String} hexadecimal encoded string
-246  * @since 1.1.1
-247  */
-248 function utf8tohex(s) {
-249   return uricmptohex(encodeURIComponentAll(s));
-250 }
-251 
-252 /**
-253  * convert a hexadecimal encoded string to a UTF-8 encoded string including CJK or Latin.<br/>
-254  * Note that when input is improper hexadecimal string as UTF-8 string, this function returns
-255  * 'null'.
-256  * @param {String} s hexadecimal encoded string
-257  * @return {String} UTF-8 encoded string or null
-258  * @since 1.1.1
-259  */
-260 function hextoutf8(s) {
-261   return decodeURIComponent(hextouricmp(s));
-262 }
-263 
-264 /**
-265  * convert a hexadecimal encoded string to raw string including non printable characters.<br/>
-266  * @param {String} s hexadecimal encoded string
-267  * @return {String} raw string
-268  * @since 1.1.2
-269  * @example
-270  * hextorstr("610061") → "a\x00a"
-271  */
-272 function hextorstr(sHex) {
-273     var s = "";
-274     for (var i = 0; i < sHex.length - 1; i += 2) {
-275         s += String.fromCharCode(parseInt(sHex.substr(i, 2), 16));
-276     }
-277     return s;
-278 }
-279 
-280 /**
-281  * convert a raw string including non printable characters to hexadecimal encoded string.<br/>
-282  * @param {String} s raw string
-283  * @return {String} hexadecimal encoded string
-284  * @since 1.1.2
-285  * @example
-286  * rstrtohex("a\x00a") → "610061"
-287  */
-288 function rstrtohex(s) {
-289     var result = "";
-290     for (var i = 0; i < s.length; i++) {
-291         result += ("0" + s.charCodeAt(i).toString(16)).slice(-2);
-292     }
-293     return result;
-294 }
-295 
-296 // ==== hex / b64nl =======================================
-297 
-298 /*
-299  * since base64x 1.1.3
-300  */
-301 function hextob64(s) {
-302     return hex2b64(s);
-303 }
-304 
-305 /*
-306  * since base64x 1.1.3
-307  */
-308 function hextob64nl(s) {
-309     var b64 = hextob64(s);
-310     var b64nl = b64.replace(/(.{64})/g, "$1\r\n");
-311     b64nl = b64nl.replace(/\r\n$/, '');
-312     return b64nl;
-313 }
-314 
-315 /*
-316  * since base64x 1.1.3
-317  */
-318 function b64nltohex(s) {
-319     var b64 = s.replace(/[^0-9A-Za-z\/+=]*/g, '');
-320     var hex = b64tohex(b64);
-321     return hex;
-322 } 
-323 
-324 // ==== URIComponent / hex ================================
-325 /**
-326  * convert a URLComponent string such like "%67%68" to a hexadecimal string.<br/>
-327  * @param {String} s URIComponent string such like "%67%68"
-328  * @return {String} hexadecimal string
-329  * @since 1.1
-330  */
-331 function uricmptohex(s) {
-332   return s.replace(/%/g, "");
-333 }
-334 
-335 /**
-336  * convert a hexadecimal string to a URLComponent string such like "%67%68".<br/>
-337  * @param {String} s hexadecimal string
-338  * @return {String} URIComponent string such like "%67%68"
-339  * @since 1.1
-340  */
-341 function hextouricmp(s) {
-342   return s.replace(/(..)/g, "%$1");
-343 }
-344 
-345 // ==== URIComponent ================================
-346 /**
-347  * convert UTFa hexadecimal string to a URLComponent string such like "%67%68".<br/>
-348  * Note that these "<code>0-9A-Za-z!'()*-._~</code>" characters will not
-349  * converted to "%xx" format by builtin 'encodeURIComponent()' function.
-350  * However this 'encodeURIComponentAll()' function will convert 
-351  * all of characters into "%xx" format.
-352  * @param {String} s hexadecimal string
-353  * @return {String} URIComponent string such like "%67%68"
-354  * @since 1.1
-355  */
-356 function encodeURIComponentAll(u8) {
-357   var s = encodeURIComponent(u8);
-358   var s2 = "";
-359   for (var i = 0; i < s.length; i++) {
-360     if (s[i] == "%") {
-361       s2 = s2 + s.substr(i, 3);
-362       i = i + 2;
-363     } else {
-364       s2 = s2 + "%" + stohex(s[i]);
-365     }
-366   }
-367   return s2;
-368 }
-369 
-370 // ==== new lines ================================
-371 /**
-372  * convert all DOS new line("\r\n") to UNIX new line("\n") in 
-373  * a String "s".
-374  * @param {String} s string 
-375  * @return {String} converted string
-376  */
-377 function newline_toUnix(s) {
-378     s = s.replace(/\r\n/mg, "\n");
-379     return s;
-380 }
-381 
-382 /**
-383  * convert all UNIX new line("\r\n") to DOS new line("\n") in 
-384  * a String "s".
-385  * @param {String} s string 
-386  * @return {String} converted string
-387  */
-388 function newline_toDos(s) {
-389     s = s.replace(/\r\n/mg, "\n");
-390     s = s.replace(/\n/mg, "\r\n");
-391     return s;
-392 }
-393 
    
\ No newline at end of file
+207     }
+208 else
+209 {
+210 // ==== utf8 / base64url ================================
+211 /**
+212  * convert a UTF-8 encoded string including CJK or Latin to a Base64URL encoded string.<br/>
+213  * @param {String} s UTF-8 encoded string
+214  * @return {String} Base64URL encoded string
+215  * @since 1.1
+216  */
+217   utf8tob64u = function (s)
+218   {
+219     return hextob64u(uricmptohex(encodeURIComponentAll(s)));
+220   };
+221 
+222 /**
+223  * convert a Base64URL encoded string to a UTF-8 encoded string including CJK or Latin.<br/>
+224  * @param {String} s Base64URL encoded string
+225  * @return {String} UTF-8 encoded string
+226  * @since 1.1
+227  */
+228   b64utoutf8 = function (s)
+229   {
+230     return decodeURIComponent(hextouricmp(b64utohex(s)));
+231   };
+232 }
+233 
+234 // ==== utf8 / base64url ================================
+235 /**
+236  * convert a UTF-8 encoded string including CJK or Latin to a Base64 encoded string.<br/>
+237  * @param {String} s UTF-8 encoded string
+238  * @return {String} Base64 encoded string
+239  * @since 1.1.1
+240  */
+241 function utf8tob64(s) {
+242   return hex2b64(uricmptohex(encodeURIComponentAll(s)));
+243 }
+244 
+245 /**
+246  * convert a Base64 encoded string to a UTF-8 encoded string including CJK or Latin.<br/>
+247  * @param {String} s Base64 encoded string
+248  * @return {String} UTF-8 encoded string
+249  * @since 1.1.1
+250  */
+251 function b64toutf8(s) {
+252   return decodeURIComponent(hextouricmp(b64tohex(s)));
+253 }
+254 
+255 // ==== utf8 / hex ================================
+256 /**
+257  * convert a UTF-8 encoded string including CJK or Latin to a hexadecimal encoded string.<br/>
+258  * @param {String} s UTF-8 encoded string
+259  * @return {String} hexadecimal encoded string
+260  * @since 1.1.1
+261  */
+262 function utf8tohex(s) {
+263   return uricmptohex(encodeURIComponentAll(s));
+264 }
+265 
+266 /**
+267  * convert a hexadecimal encoded string to a UTF-8 encoded string including CJK or Latin.<br/>
+268  * Note that when input is improper hexadecimal string as UTF-8 string, this function returns
+269  * 'null'.
+270  * @param {String} s hexadecimal encoded string
+271  * @return {String} UTF-8 encoded string or null
+272  * @since 1.1.1
+273  */
+274 function hextoutf8(s) {
+275   return decodeURIComponent(hextouricmp(s));
+276 }
+277 
+278 /**
+279  * convert a hexadecimal encoded string to raw string including non printable characters.<br/>
+280  * @param {String} s hexadecimal encoded string
+281  * @return {String} raw string
+282  * @since 1.1.2
+283  * @example
+284  * hextorstr("610061") → "a\x00a"
+285  */
+286 function hextorstr(sHex) {
+287     var s = "";
+288     for (var i = 0; i < sHex.length - 1; i += 2) {
+289         s += String.fromCharCode(parseInt(sHex.substr(i, 2), 16));
+290     }
+291     return s;
+292 }
+293 
+294 /**
+295  * convert a raw string including non printable characters to hexadecimal encoded string.<br/>
+296  * @param {String} s raw string
+297  * @return {String} hexadecimal encoded string
+298  * @since 1.1.2
+299  * @example
+300  * rstrtohex("a\x00a") → "610061"
+301  */
+302 function rstrtohex(s) {
+303     var result = "";
+304     for (var i = 0; i < s.length; i++) {
+305         result += ("0" + s.charCodeAt(i).toString(16)).slice(-2);
+306     }
+307     return result;
+308 }
+309 
+310 // ==== hex / b64nl =======================================
+311 
+312 /*
+313  * since base64x 1.1.3
+314  */
+315 function hextob64(s) {
+316     return hex2b64(s);
+317 }
+318 
+319 /*
+320  * since base64x 1.1.3
+321  */
+322 function hextob64nl(s) {
+323     var b64 = hextob64(s);
+324     var b64nl = b64.replace(/(.{64})/g, "$1\r\n");
+325     b64nl = b64nl.replace(/\r\n$/, '');
+326     return b64nl;
+327 }
+328 
+329 /*
+330  * since base64x 1.1.3
+331  */
+332 function b64nltohex(s) {
+333     var b64 = s.replace(/[^0-9A-Za-z\/+=]*/g, '');
+334     var hex = b64tohex(b64);
+335     return hex;
+336 } 
+337 
+338 // ==== URIComponent / hex ================================
+339 /**
+340  * convert a URLComponent string such like "%67%68" to a hexadecimal string.<br/>
+341  * @param {String} s URIComponent string such like "%67%68"
+342  * @return {String} hexadecimal string
+343  * @since 1.1
+344  */
+345 function uricmptohex(s) {
+346   return s.replace(/%/g, "");
+347 }
+348 
+349 /**
+350  * convert a hexadecimal string to a URLComponent string such like "%67%68".<br/>
+351  * @param {String} s hexadecimal string
+352  * @return {String} URIComponent string such like "%67%68"
+353  * @since 1.1
+354  */
+355 function hextouricmp(s) {
+356   return s.replace(/(..)/g, "%$1");
+357 }
+358 
+359 // ==== URIComponent ================================
+360 /**
+361  * convert UTFa hexadecimal string to a URLComponent string such like "%67%68".<br/>
+362  * Note that these "<code>0-9A-Za-z!'()*-._~</code>" characters will not
+363  * converted to "%xx" format by builtin 'encodeURIComponent()' function.
+364  * However this 'encodeURIComponentAll()' function will convert 
+365  * all of characters into "%xx" format.
+366  * @param {String} s hexadecimal string
+367  * @return {String} URIComponent string such like "%67%68"
+368  * @since 1.1
+369  */
+370 function encodeURIComponentAll(u8) {
+371   var s = encodeURIComponent(u8);
+372   var s2 = "";
+373   for (var i = 0; i < s.length; i++) {
+374     if (s[i] == "%") {
+375       s2 = s2 + s.substr(i, 3);
+376       i = i + 2;
+377     } else {
+378       s2 = s2 + "%" + stohex(s[i]);
+379     }
+380   }
+381   return s2;
+382 }
+383 
+384 // ==== new lines ================================
+385 /**
+386  * convert all DOS new line("\r\n") to UNIX new line("\n") in 
+387  * a String "s".
+388  * @param {String} s string 
+389  * @return {String} converted string
+390  */
+391 function newline_toUnix(s) {
+392     s = s.replace(/\r\n/mg, "\n");
+393     return s;
+394 }
+395 
+396 /**
+397  * convert all UNIX new line("\r\n") to DOS new line("\n") in 
+398  * a String "s".
+399  * @param {String} s string 
+400  * @return {String} converted string
+401  */
+402 function newline_toDos(s) {
+403     s = s.replace(/\r\n/mg, "\n");
+404     s = s.replace(/\n/mg, "\r\n");
+405     return s;
+406 }
+407 
    
\ No newline at end of file
diff --git a/api/symbols/src/ecdsa-modified-1.0.js.html b/api/symbols/src/ecdsa-modified-1.0.js.html
index 79a33074..85f20d7f 100755
--- a/api/symbols/src/ecdsa-modified-1.0.js.html
+++ b/api/symbols/src/ecdsa-modified-1.0.js.html
@@ -121,7 +121,7 @@
 114      * @return {Array} associative array of hexadecimal string of private and public key
 115      * @since ecdsa-modified 1.0.1
 116      * @example
-117      * var ec = KJUR.crypto.ECDSA({'curve': 'secp256r1'});
+117      * var ec = new KJUR.crypto.ECDSA({'curve': 'secp256r1'});
 118      * var keypair = ec.generateKeyPairHex();
 119      * var pubhex = keypair.ecpubhex; // hexadecimal string of EC private key (=d)
 120      * var prvhex = keypair.ecprvhex; // hexadecimal string of EC public key
@@ -158,7 +158,7 @@
 151      * @return {String} hexadecimal string of ECDSA signature
 152      * @since ecdsa-modified 1.0.1
 153      * @example
-154      * var ec = KJUR.crypto.ECDSA({'curve': 'secp256r1'});
+154      * var ec = new KJUR.crypto.ECDSA({'curve': 'secp256r1'});
 155      * var sigValue = ec.signHex(hash, prvKey);
 156      */
 157     this.signHex = function (hashHex, privHex) {
@@ -209,7 +209,7 @@
 202      * @return {Boolean} true if the signature is valid, otherwise false
 203      * @since ecdsa-modified 1.0.1
 204      * @example
-205      * var ec = KJUR.crypto.ECDSA({'curve': 'secp256r1'});
+205      * var ec = new KJUR.crypto.ECDSA({'curve': 'secp256r1'});
 206      * var result = ec.verifyHex(msgHashHex, sigHex, pubkeyHex);
 207      */
 208     this.verifyHex = function(hashHex, sigHex, pubkeyHex) {
@@ -476,7 +476,7 @@
 469  * @return {Array} associative array of signature field r and s of BigInteger
 470  * @since ecdsa-modified 1.0.1
 471  * @example
-472  * var ec = KJUR.crypto.ECDSA({'curve': 'secp256r1'});
+472  * var ec = new KJUR.crypto.ECDSA({'curve': 'secp256r1'});
 473  * var sig = ec.parseSigHex('30...');
 474  * var biR = sig.r; // BigInteger object for 'r' field of signature.
 475  * var biS = sig.s; // BigInteger object for 's' field of signature.
@@ -499,7 +499,7 @@
 492  * @return {Array} associative array of signature field r and s in hexadecimal
 493  * @since ecdsa-modified 1.0.3
 494  * @example
-495  * var ec = KJUR.crypto.ECDSA({'curve': 'secp256r1'});
+495  * var ec = new KJUR.crypto.ECDSA({'curve': 'secp256r1'});
 496  * var sig = ec.parseSigHexInHexRS('30...');
 497  * var hR = sig.r; // hexadecimal string for 'r' field of signature.
 498  * var hS = sig.s; // hexadecimal string for 's' field of signature.
diff --git a/api/symbols/src/jws-3.2.js.html b/api/symbols/src/jws-3.2.js.html
index b248877b..7bed0ed1 100755
--- a/api/symbols/src/jws-3.2.js.html
+++ b/api/symbols/src/jws-3.2.js.html
@@ -31,963 +31,978 @@
  24  */
  25 
  26 if (typeof KJUR == "undefined" || !KJUR) KJUR = {};
- 27 if (typeof KJUR.jws == "undefined" || !KJUR.jws) KJUR.jws = {};
- 28 
- 29 /**
- 30  * JSON Web Signature(JWS) class.<br/>
- 31  * @name KJUR.jws.JWS
- 32  * @class JSON Web Signature(JWS) class
- 33  * @property {Dictionary} parsedJWS This property is set after JWS signature verification. <br/>
- 34  *           Following "parsedJWS_*" properties can be accessed as "parsedJWS.*" because of
- 35  *           JsDoc restriction.
- 36  * @property {String} parsedJWS_headB64U string of Encrypted JWS Header
- 37  * @property {String} parsedJWS_payloadB64U string of Encrypted JWS Payload
- 38  * @property {String} parsedJWS_sigvalB64U string of Encrypted JWS signature value
- 39  * @property {String} parsedJWS_si string of Signature Input
- 40  * @property {String} parsedJWS_sigvalH hexadecimal string of JWS signature value
- 41  * @property {String} parsedJWS_sigvalBI BigInteger(defined in jsbn.js) object of JWS signature value
- 42  * @property {String} parsedJWS_headS string of decoded JWS Header
- 43  * @property {String} parsedJWS_headS string of decoded JWS Payload
- 44  * @requires base64x.js, json-sans-eval.js and jsrsasign library
- 45  * @see <a href="http://kjur.github.com/jsjws/">'jwjws'(JWS JavaScript Library) home page http://kjur.github.com/jsjws/</a>
- 46  * @see <a href="http://kjur.github.com/jsrsasigns/">'jwrsasign'(RSA Sign JavaScript Library) home page http://kjur.github.com/jsrsasign/</a>
- 47  * @see <a href="http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-14">IETF I-D JSON Web Algorithms (JWA)</a>
- 48  * @since jsjws 1.0
- 49  * @description
- 50  * <h4>Supported Algorithms</h4>
- 51  * Here is supported algorithm names for {@link KJUR.jws.JWS.sign} and {@link KJUR.jws.JWS.verify}
- 52  * methods.
- 53  * <table>
- 54  * <tr><th>alg value</th><th>spec requirement</th><th>jsjws support</th></tr>
- 55  * <tr><td>HS256</td><td>REQUIRED</td><td>SUPPORTED</td></tr>
- 56  * <tr><td>HS384</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
- 57  * <tr><td>HS512</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
- 58  * <tr><td>RS256</td><td>RECOMMENDED</td><td>SUPPORTED</td></tr>
- 59  * <tr><td>RS384</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
- 60  * <tr><td>RS512</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
- 61  * <tr><td>ES256</td><td>RECOMMENDED+</td><td>SUPPORTED</td></tr>
- 62  * <tr><td>ES384</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
- 63  * <tr><td>ES512</td><td>OPTIONAL</td><td>-</td></tr>
- 64  * <tr><td>PS256</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
- 65  * <tr><td>PS384</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
- 66  * <tr><td>PS512</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
- 67  * <tr><td>none</td><td>REQUIRED</td><td>SUPPORTED(signature generation only)</td></tr>
- 68  * </table>
- 69  * NOTE1: HS384 is supported since jsjws 3.0.2 with jsrsasign 4.1.4.<br/>
- 70  */
- 71 KJUR.jws.JWS = function() {
- 72 	var ns1 = KJUR.jws.JWS;
- 73 
- 74     // === utility =============================================================
- 75 
- 76     /**
- 77      * parse JWS string and set public property 'parsedJWS' dictionary.<br/>
- 78      * @name parseJWS
- 79      * @memberOf KJUR.jws.JWS
- 80      * @function
- 81      * @param {String} sJWS JWS signature string to be parsed.
- 82      * @throws if sJWS is not comma separated string such like "Header.Payload.Signature".
- 83      * @throws if JWS Header is a malformed JSON string.
- 84      * @since jws 1.1
- 85      */
- 86     this.parseJWS = function(sJWS, sigValNotNeeded) {
- 87 	if ((this.parsedJWS !== undefined) &&
- 88 	    (sigValNotNeeded || (this.parsedJWS.sigvalH !== undefined))) {
- 89 	    return;
- 90 	}
- 91 	if (sJWS.match(/^([^.]+)\.([^.]+)\.([^.]+)$/) == null) {
- 92 	    throw "JWS signature is not a form of 'Head.Payload.SigValue'.";
- 93 	}
- 94 	var b6Head = RegExp.$1;
- 95 	var b6Payload = RegExp.$2;
- 96 	var b6SigVal = RegExp.$3;
- 97 	var sSI = b6Head + "." + b6Payload;
- 98 	this.parsedJWS = {};
- 99 	this.parsedJWS.headB64U = b6Head;
-100 	this.parsedJWS.payloadB64U = b6Payload;
-101 	this.parsedJWS.sigvalB64U = b6SigVal;
-102 	this.parsedJWS.si = sSI;
-103 
-104 	if (!sigValNotNeeded) {
-105 	    var hSigVal = b64utohex(b6SigVal);
-106 	    var biSigVal = parseBigInt(hSigVal, 16);
-107 	    this.parsedJWS.sigvalH = hSigVal;
-108 	    this.parsedJWS.sigvalBI = biSigVal;
-109 	}
-110 
-111 	var sHead = b64utoutf8(b6Head);
-112 	var sPayload = b64utoutf8(b6Payload);
-113 	this.parsedJWS.headS = sHead;
-114 	this.parsedJWS.payloadS = sPayload;
-115 
-116 	if (! ns1.isSafeJSONString(sHead, this.parsedJWS, 'headP'))
-117 	    throw "malformed JSON string for JWS Head: " + sHead;
-118     };
-119 
-120     // ==== JWS Validation =========================================================
-121     function _getSignatureInputByString(sHead, sPayload) {
-122 	return utf8tob64u(sHead) + "." + utf8tob64u(sPayload);
-123     };
-124 
-125     function _getHashBySignatureInput(sSignatureInput, sHashAlg) {
-126 	var hashfunc = function(s) { return KJUR.crypto.Util.hashString(s, sHashAlg); };
-127 	if (hashfunc == null) throw "hash function not defined in jsrsasign: " + sHashAlg;
-128 	return hashfunc(sSignatureInput);
-129     };
+ 27 
+ 28 /**
+ 29  * kjur's JSON Web Signature/Token(JWS/JWT) library name space
+ 30  * <p>
+ 31  * This namespace privides following JWS/JWS related classes.
+ 32  * <ul>
+ 33  * <li>{@link KJUR.jws.JWS} - JSON Web Signature/Token(JWS/JWT) class</li>
+ 34  * <li>{@link KJUR.jws.JWSJS} - JWS JSON Serialization(JWSJS) class</li>
+ 35  * <li>{@link KJUR.jws.IntDate} - UNIX origin time utility class</li>
+ 36  * </ul>
+ 37  * NOTE: Please ignore method summary and document of this namespace. This caused by a bug of jsdoc2.
+ 38  * </p>
+ 39  * @name KJUR.jws
+ 40  * @namespace
+ 41  */
+ 42 if (typeof KJUR.jws == "undefined" || !KJUR.jws) KJUR.jws = {};
+ 43 
+ 44 /**
+ 45  * JSON Web Signature(JWS) class.<br/>
+ 46  * @name KJUR.jws.JWS
+ 47  * @class JSON Web Signature(JWS) class
+ 48  * @property {Dictionary} parsedJWS This property is set after JWS signature verification. <br/>
+ 49  *           Following "parsedJWS_*" properties can be accessed as "parsedJWS.*" because of
+ 50  *           JsDoc restriction.
+ 51  * @property {String} parsedJWS_headB64U string of Encrypted JWS Header
+ 52  * @property {String} parsedJWS_payloadB64U string of Encrypted JWS Payload
+ 53  * @property {String} parsedJWS_sigvalB64U string of Encrypted JWS signature value
+ 54  * @property {String} parsedJWS_si string of Signature Input
+ 55  * @property {String} parsedJWS_sigvalH hexadecimal string of JWS signature value
+ 56  * @property {String} parsedJWS_sigvalBI BigInteger(defined in jsbn.js) object of JWS signature value
+ 57  * @property {String} parsedJWS_headS string of decoded JWS Header
+ 58  * @property {String} parsedJWS_headS string of decoded JWS Payload
+ 59  * @requires base64x.js, json-sans-eval.js and jsrsasign library
+ 60  * @see <a href="http://kjur.github.com/jsjws/">'jwjws'(JWS JavaScript Library) home page http://kjur.github.com/jsjws/</a>
+ 61  * @see <a href="http://kjur.github.com/jsrsasigns/">'jwrsasign'(RSA Sign JavaScript Library) home page http://kjur.github.com/jsrsasign/</a>
+ 62  * @see <a href="http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-14">IETF I-D JSON Web Algorithms (JWA)</a>
+ 63  * @since jsjws 1.0
+ 64  * @description
+ 65  * <h4>Supported Algorithms</h4>
+ 66  * Here is supported algorithm names for {@link KJUR.jws.JWS.sign} and {@link KJUR.jws.JWS.verify}
+ 67  * methods.
+ 68  * <table>
+ 69  * <tr><th>alg value</th><th>spec requirement</th><th>jsjws support</th></tr>
+ 70  * <tr><td>HS256</td><td>REQUIRED</td><td>SUPPORTED</td></tr>
+ 71  * <tr><td>HS384</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
+ 72  * <tr><td>HS512</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
+ 73  * <tr><td>RS256</td><td>RECOMMENDED</td><td>SUPPORTED</td></tr>
+ 74  * <tr><td>RS384</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
+ 75  * <tr><td>RS512</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
+ 76  * <tr><td>ES256</td><td>RECOMMENDED+</td><td>SUPPORTED</td></tr>
+ 77  * <tr><td>ES384</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
+ 78  * <tr><td>ES512</td><td>OPTIONAL</td><td>-</td></tr>
+ 79  * <tr><td>PS256</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
+ 80  * <tr><td>PS384</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
+ 81  * <tr><td>PS512</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
+ 82  * <tr><td>none</td><td>REQUIRED</td><td>SUPPORTED(signature generation only)</td></tr>
+ 83  * </table>
+ 84  * NOTE1: HS384 is supported since jsjws 3.0.2 with jsrsasign 4.1.4.<br/>
+ 85  */
+ 86 KJUR.jws.JWS = function() {
+ 87 	var ns1 = KJUR.jws.JWS;
+ 88 
+ 89     // === utility =============================================================
+ 90 
+ 91     /**
+ 92      * parse JWS string and set public property 'parsedJWS' dictionary.<br/>
+ 93      * @name parseJWS
+ 94      * @memberOf KJUR.jws.JWS
+ 95      * @function
+ 96      * @param {String} sJWS JWS signature string to be parsed.
+ 97      * @throws if sJWS is not comma separated string such like "Header.Payload.Signature".
+ 98      * @throws if JWS Header is a malformed JSON string.
+ 99      * @since jws 1.1
+100      */
+101     this.parseJWS = function(sJWS, sigValNotNeeded) {
+102 	if ((this.parsedJWS !== undefined) &&
+103 	    (sigValNotNeeded || (this.parsedJWS.sigvalH !== undefined))) {
+104 	    return;
+105 	}
+106 	if (sJWS.match(/^([^.]+)\.([^.]+)\.([^.]+)$/) == null) {
+107 	    throw "JWS signature is not a form of 'Head.Payload.SigValue'.";
+108 	}
+109 	var b6Head = RegExp.$1;
+110 	var b6Payload = RegExp.$2;
+111 	var b6SigVal = RegExp.$3;
+112 	var sSI = b6Head + "." + b6Payload;
+113 	this.parsedJWS = {};
+114 	this.parsedJWS.headB64U = b6Head;
+115 	this.parsedJWS.payloadB64U = b6Payload;
+116 	this.parsedJWS.sigvalB64U = b6SigVal;
+117 	this.parsedJWS.si = sSI;
+118 
+119 	if (!sigValNotNeeded) {
+120 	    var hSigVal = b64utohex(b6SigVal);
+121 	    var biSigVal = parseBigInt(hSigVal, 16);
+122 	    this.parsedJWS.sigvalH = hSigVal;
+123 	    this.parsedJWS.sigvalBI = biSigVal;
+124 	}
+125 
+126 	var sHead = b64utoutf8(b6Head);
+127 	var sPayload = b64utoutf8(b6Payload);
+128 	this.parsedJWS.headS = sHead;
+129 	this.parsedJWS.payloadS = sPayload;
 130 
-131     function _jws_verifySignature(sHead, sPayload, hSig, hN, hE) {
-132 	var sSignatureInput = _getSignatureInputByString(sHead, sPayload);
-133 	var biSig = parseBigInt(hSig, 16);
-134 	return _rsasign_verifySignatureWithArgs(sSignatureInput, biSig, hN, hE);
-135     };
-136 
-137     /**
-138      * verify JWS signature with naked RSA public key.<br/>
-139      * This only supports "RS256" and "RS512" algorithm.
-140      * @name verifyJWSByNE
-141      * @memberOf KJUR.jws.JWS
-142      * @function
-143      * @param {String} sJWS JWS signature string to be verified
-144      * @param {String} hN hexadecimal string for modulus of RSA public key
-145      * @param {String} hE hexadecimal string for public exponent of RSA public key
-146      * @return {String} returns 1 when JWS signature is valid, otherwise returns 0
-147      * @throws if sJWS is not comma separated string such like "Header.Payload.Signature".
-148      * @throws if JWS Header is a malformed JSON string.
-149      * @deprecated from 3.0.0 please move to {@link KJUR.jws.JWS.verify}
-150      */
-151     this.verifyJWSByNE = function(sJWS, hN, hE) {
-152 	this.parseJWS(sJWS);
-153 	return _rsasign_verifySignatureWithArgs(this.parsedJWS.si, this.parsedJWS.sigvalBI, hN, hE);    
-154     };
-155 
-156     /**
-157      * verify JWS signature with RSA public key.<br/>
-158      * This only supports "RS256", "RS512", "PS256" and "PS512" algorithms.
-159      * @name verifyJWSByKey
-160      * @memberOf KJUR.jws.JWS
-161      * @function
-162      * @param {String} sJWS JWS signature string to be verified
-163      * @param {RSAKey} key RSA public key
-164      * @return {Boolean} returns true when JWS signature is valid, otherwise returns false
-165      * @throws if sJWS is not comma separated string such like "Header.Payload.Signature".
-166      * @throws if JWS Header is a malformed JSON string.
-167      * @deprecated from 3.0.0 please move to {@link KJUR.jws.JWS.verify}
-168      */
-169     this.verifyJWSByKey = function(sJWS, key) {
-170 	this.parseJWS(sJWS);
-171 	var hashAlg = _jws_getHashAlgFromParsedHead(this.parsedJWS.headP);
-172         var isPSS = this.parsedJWS.headP['alg'].substr(0, 2) == "PS";
-173 
-174 	if (key.hashAndVerify) {
-175 	    return key.hashAndVerify(hashAlg,
-176 				     new Buffer(this.parsedJWS.si, 'utf8').toString('base64'),
-177 				     b64utob64(this.parsedJWS.sigvalB64U),
-178 				     'base64',
-179 				     isPSS);
-180 	} else if (isPSS) {
-181 	    return key.verifyStringPSS(this.parsedJWS.si,
-182 				       this.parsedJWS.sigvalH, hashAlg);
-183 	} else {
-184 	    return key.verifyString(this.parsedJWS.si,
-185 				    this.parsedJWS.sigvalH);
-186 	}
-187     };
+131 	if (! ns1.isSafeJSONString(sHead, this.parsedJWS, 'headP'))
+132 	    throw "malformed JSON string for JWS Head: " + sHead;
+133     };
+134 
+135     // ==== JWS Validation =========================================================
+136     function _getSignatureInputByString(sHead, sPayload) {
+137 	return utf8tob64u(sHead) + "." + utf8tob64u(sPayload);
+138     };
+139 
+140     function _getHashBySignatureInput(sSignatureInput, sHashAlg) {
+141 	var hashfunc = function(s) { return KJUR.crypto.Util.hashString(s, sHashAlg); };
+142 	if (hashfunc == null) throw "hash function not defined in jsrsasign: " + sHashAlg;
+143 	return hashfunc(sSignatureInput);
+144     };
+145 
+146     function _jws_verifySignature(sHead, sPayload, hSig, hN, hE) {
+147 	var sSignatureInput = _getSignatureInputByString(sHead, sPayload);
+148 	var biSig = parseBigInt(hSig, 16);
+149 	return _rsasign_verifySignatureWithArgs(sSignatureInput, biSig, hN, hE);
+150     };
+151 
+152     /**
+153      * verify JWS signature with naked RSA public key.<br/>
+154      * This only supports "RS256" and "RS512" algorithm.
+155      * @name verifyJWSByNE
+156      * @memberOf KJUR.jws.JWS
+157      * @function
+158      * @param {String} sJWS JWS signature string to be verified
+159      * @param {String} hN hexadecimal string for modulus of RSA public key
+160      * @param {String} hE hexadecimal string for public exponent of RSA public key
+161      * @return {String} returns 1 when JWS signature is valid, otherwise returns 0
+162      * @throws if sJWS is not comma separated string such like "Header.Payload.Signature".
+163      * @throws if JWS Header is a malformed JSON string.
+164      * @deprecated from 3.0.0 please move to {@link KJUR.jws.JWS.verify}
+165      */
+166     this.verifyJWSByNE = function(sJWS, hN, hE) {
+167 	this.parseJWS(sJWS);
+168 	return _rsasign_verifySignatureWithArgs(this.parsedJWS.si, this.parsedJWS.sigvalBI, hN, hE);    
+169     };
+170 
+171     /**
+172      * verify JWS signature with RSA public key.<br/>
+173      * This only supports "RS256", "RS512", "PS256" and "PS512" algorithms.
+174      * @name verifyJWSByKey
+175      * @memberOf KJUR.jws.JWS
+176      * @function
+177      * @param {String} sJWS JWS signature string to be verified
+178      * @param {RSAKey} key RSA public key
+179      * @return {Boolean} returns true when JWS signature is valid, otherwise returns false
+180      * @throws if sJWS is not comma separated string such like "Header.Payload.Signature".
+181      * @throws if JWS Header is a malformed JSON string.
+182      * @deprecated from 3.0.0 please move to {@link KJUR.jws.JWS.verify}
+183      */
+184     this.verifyJWSByKey = function(sJWS, key) {
+185 	this.parseJWS(sJWS);
+186 	var hashAlg = _jws_getHashAlgFromParsedHead(this.parsedJWS.headP);
+187         var isPSS = this.parsedJWS.headP['alg'].substr(0, 2) == "PS";
 188 
-189     /**
-190      * verify JWS signature by PEM formatted X.509 certificate.<br/>
-191      * This only supports "RS256" and "RS512" algorithm.
-192      * @name verifyJWSByPemX509Cert
-193      * @memberOf KJUR.jws.JWS
-194      * @function
-195      * @param {String} sJWS JWS signature string to be verified
-196      * @param {String} sPemX509Cert string of PEM formatted X.509 certificate
-197      * @return {String} returns 1 when JWS signature is valid, otherwise returns 0
-198      * @throws if sJWS is not comma separated string such like "Header.Payload.Signature".
-199      * @throws if JWS Header is a malformed JSON string.
-200      * @since 1.1
-201      * @deprecated from 3.0.0 please move to {@link KJUR.jws.JWS.verify}
-202      */
-203     this.verifyJWSByPemX509Cert = function(sJWS, sPemX509Cert) {
-204 	this.parseJWS(sJWS);
-205 	var x509 = new X509();
-206 	x509.readCertPEM(sPemX509Cert);
-207 	return x509.subjectPublicKeyRSA.verifyString(this.parsedJWS.si, this.parsedJWS.sigvalH);
-208     };
-209 
-210     // ==== JWS Generation =========================================================
-211     function _jws_getHashAlgFromParsedHead(head) {
-212 	var sigAlg = head["alg"];
-213 	var hashAlg = "";
-214 
-215 	if (sigAlg != "RS256" && sigAlg != "RS512" &&
-216 	    sigAlg != "PS256" && sigAlg != "PS512")
-217 	    throw "JWS signature algorithm not supported: " + sigAlg;
-218 	if (sigAlg.substr(2) == "256") hashAlg = "sha256";
-219 	if (sigAlg.substr(2) == "512") hashAlg = "sha512";
-220 	return hashAlg;
-221     };
-222 
-223     function _jws_getHashAlgFromHead(sHead) {
-224 	return _jws_getHashAlgFromParsedHead(jsonParse(sHead));
-225     };
-226 
-227     function _jws_generateSignatureValueBySI_NED(sHead, sPayload, sSI, hN, hE, hD) {
-228 	var rsa = new RSAKey();
-229 	rsa.setPrivate(hN, hE, hD);
-230 
-231 	var hashAlg = _jws_getHashAlgFromHead(sHead);
-232 	var sigValue = rsa.signString(sSI, hashAlg);
-233 	return sigValue;
-234     };
-235 
-236     function _jws_generateSignatureValueBySI_Key(sHead, sPayload, sSI, key, head) {
-237 	var hashAlg = null;
-238 	if (typeof head == "undefined") {
-239 	    hashAlg = _jws_getHashAlgFromHead(sHead);
-240 	} else {
-241 	    hashAlg = _jws_getHashAlgFromParsedHead(head);
-242 	}
-243 
-244 	var isPSS = head['alg'].substr(0, 2) == "PS";
+189 	if (key.hashAndVerify) {
+190 	    return key.hashAndVerify(hashAlg,
+191 				     new Buffer(this.parsedJWS.si, 'utf8').toString('base64'),
+192 				     b64utob64(this.parsedJWS.sigvalB64U),
+193 				     'base64',
+194 				     isPSS);
+195 	} else if (isPSS) {
+196 	    return key.verifyStringPSS(this.parsedJWS.si,
+197 				       this.parsedJWS.sigvalH, hashAlg);
+198 	} else {
+199 	    return key.verifyString(this.parsedJWS.si,
+200 				    this.parsedJWS.sigvalH);
+201 	}
+202     };
+203 
+204     /**
+205      * verify JWS signature by PEM formatted X.509 certificate.<br/>
+206      * This only supports "RS256" and "RS512" algorithm.
+207      * @name verifyJWSByPemX509Cert
+208      * @memberOf KJUR.jws.JWS
+209      * @function
+210      * @param {String} sJWS JWS signature string to be verified
+211      * @param {String} sPemX509Cert string of PEM formatted X.509 certificate
+212      * @return {String} returns 1 when JWS signature is valid, otherwise returns 0
+213      * @throws if sJWS is not comma separated string such like "Header.Payload.Signature".
+214      * @throws if JWS Header is a malformed JSON string.
+215      * @since 1.1
+216      * @deprecated from 3.0.0 please move to {@link KJUR.jws.JWS.verify}
+217      */
+218     this.verifyJWSByPemX509Cert = function(sJWS, sPemX509Cert) {
+219 	this.parseJWS(sJWS);
+220 	var x509 = new X509();
+221 	x509.readCertPEM(sPemX509Cert);
+222 	return x509.subjectPublicKeyRSA.verifyString(this.parsedJWS.si, this.parsedJWS.sigvalH);
+223     };
+224 
+225     // ==== JWS Generation =========================================================
+226     function _jws_getHashAlgFromParsedHead(head) {
+227 	var sigAlg = head["alg"];
+228 	var hashAlg = "";
+229 
+230 	if (sigAlg != "RS256" && sigAlg != "RS512" &&
+231 	    sigAlg != "PS256" && sigAlg != "PS512")
+232 	    throw "JWS signature algorithm not supported: " + sigAlg;
+233 	if (sigAlg.substr(2) == "256") hashAlg = "sha256";
+234 	if (sigAlg.substr(2) == "512") hashAlg = "sha512";
+235 	return hashAlg;
+236     };
+237 
+238     function _jws_getHashAlgFromHead(sHead) {
+239 	return _jws_getHashAlgFromParsedHead(jsonParse(sHead));
+240     };
+241 
+242     function _jws_generateSignatureValueBySI_NED(sHead, sPayload, sSI, hN, hE, hD) {
+243 	var rsa = new RSAKey();
+244 	rsa.setPrivate(hN, hE, hD);
 245 
-246 	if (key.hashAndSign) {
-247 	    return b64tob64u(key.hashAndSign(hashAlg, sSI, 'binary', 'base64', isPSS));
-248 	} else if (isPSS) {
-249 	    return hextob64u(key.signStringPSS(sSI, hashAlg));
-250 	} else {
-251 	    return hextob64u(key.signString(sSI, hashAlg));
-252 	}
-253     };
-254 
-255     function _jws_generateSignatureValueByNED(sHead, sPayload, hN, hE, hD) {
-256 	var sSI = _getSignatureInputByString(sHead, sPayload);
-257 	return _jws_generateSignatureValueBySI_NED(sHead, sPayload, sSI, hN, hE, hD);
-258     };
-259 
-260     /**
-261      * generate JWS signature by Header, Payload and a naked RSA private key.<br/>
-262      * This only supports "RS256" and "RS512" algorithm.
-263      * @name generateJWSByNED
-264      * @memberOf KJUR.jws.JWS
-265      * @function
-266      * @param {String} sHead string of JWS Header
-267      * @param {String} sPayload string of JWS Payload
-268      * @param {String} hN hexadecimal string for modulus of RSA public key
-269      * @param {String} hE hexadecimal string for public exponent of RSA public key
-270      * @param {String} hD hexadecimal string for private exponent of RSA private key
-271      * @return {String} JWS signature string
-272      * @throws if sHead is a malformed JSON string.
-273      * @throws if supported signature algorithm was not specified in JSON Header.
-274      * @deprecated from 3.0.0 please move to {@link KJUR.jws.JWS.sign}
-275      */
-276     this.generateJWSByNED = function(sHead, sPayload, hN, hE, hD) {
-277 	if (! ns1.isSafeJSONString(sHead)) throw "JWS Head is not safe JSON string: " + sHead;
-278 	var sSI = _getSignatureInputByString(sHead, sPayload);
-279 	var hSigValue = _jws_generateSignatureValueBySI_NED(sHead, sPayload, sSI, hN, hE, hD);
-280 	var b64SigValue = hextob64u(hSigValue);
-281 	
-282 	this.parsedJWS = {};
-283 	this.parsedJWS.headB64U = sSI.split(".")[0];
-284 	this.parsedJWS.payloadB64U = sSI.split(".")[1];
-285 	this.parsedJWS.sigvalB64U = b64SigValue;
-286 
-287 	return sSI + "." + b64SigValue;
-288     };
-289 
-290     /**
-291      * generate JWS signature by Header, Payload and a RSA private key.<br/>
-292      * This only supports "RS256", "RS512", "PS256" and "PS512" algorithms.
-293      * @name generateJWSByKey
-294      * @memberOf KJUR.jws.JWS
-295      * @function
-296      * @param {String} sHead string of JWS Header
-297      * @param {String} sPayload string of JWS Payload
-298      * @param {RSAKey} RSA private key
-299      * @return {String} JWS signature string
-300      * @throws if sHead is a malformed JSON string.
-301      * @throws if supported signature algorithm was not specified in JSON Header.
-302      * @deprecated from 3.0.0 please move to {@link KJUR.jws.JWS.sign}
-303      */
-304     this.generateJWSByKey = function(sHead, sPayload, key) {
-305 	var obj = {};
-306 	if (! ns1.isSafeJSONString(sHead, obj, 'headP'))
-307 	    throw "JWS Head is not safe JSON string: " + sHead;
-308 	var sSI = _getSignatureInputByString(sHead, sPayload);
-309 	var b64SigValue = _jws_generateSignatureValueBySI_Key(sHead, sPayload, sSI, key, obj.headP);
-310 
-311 	this.parsedJWS = {};
-312 	this.parsedJWS.headB64U = sSI.split(".")[0];
-313 	this.parsedJWS.payloadB64U = sSI.split(".")[1];
-314 	this.parsedJWS.sigvalB64U = b64SigValue;
-315 
-316 	return sSI + "." + b64SigValue;
-317     };
-318 
-319     // === sign with PKCS#1 RSA private key =====================================================
-320     function _jws_generateSignatureValueBySI_PemPrvKey(sHead, sPayload, sSI, sPemPrvKey) {
-321 	var rsa = new RSAKey();
-322 	rsa.readPrivateKeyFromPEMString(sPemPrvKey);
-323 	var hashAlg = _jws_getHashAlgFromHead(sHead);
-324 	var sigValue = rsa.signString(sSI, hashAlg);
-325 	return sigValue;
-326     };
-327 
-328     /**
-329      * generate JWS signature by Header, Payload and a PEM formatted PKCS#1 RSA private key.<br/>
-330      * This only supports "RS256" and "RS512" algorithm.
-331      * @name generateJWSByP1PrvKey
-332      * @memberOf KJUR.jws.JWS
-333      * @function
-334      * @param {String} sHead string of JWS Header
-335      * @param {String} sPayload string of JWS Payload
-336      * @param {String} string for sPemPrvKey PEM formatted PKCS#1 RSA private key<br/>
-337      *                 Heading and trailing space characters in PEM key will be ignored.
-338      * @return {String} JWS signature string
-339      * @throws if sHead is a malformed JSON string.
-340      * @throws if supported signature algorithm was not specified in JSON Header.
-341      * @since 1.1
-342      * @deprecated from 3.0.0 please move to {@link KJUR.jws.JWS.sign}
-343      */
-344     this.generateJWSByP1PrvKey = function(sHead, sPayload, sPemPrvKey) {
-345 	if (! ns1.isSafeJSONString(sHead)) throw "JWS Head is not safe JSON string: " + sHead;
-346 	var sSI = _getSignatureInputByString(sHead, sPayload);
-347 	var hSigValue = _jws_generateSignatureValueBySI_PemPrvKey(sHead, sPayload, sSI, sPemPrvKey);
-348 	var b64SigValue = hextob64u(hSigValue);
-349 
-350 	this.parsedJWS = {};
-351 	this.parsedJWS.headB64U = sSI.split(".")[0];
-352 	this.parsedJWS.payloadB64U = sSI.split(".")[1];
-353 	this.parsedJWS.sigvalB64U = b64SigValue;
-354 
-355 	return sSI + "." + b64SigValue;
-356     };
-357 };
-358 
-359 // === major static method ========================================================
-360 
-361 /**
-362  * generate JWS signature by specified key<br/>
-363  * @name sign
-364  * @memberOf KJUR.jws.JWS
-365  * @function
-366  * @static
-367  * @param {String} alg JWS algorithm name to sign and force set to sHead or null 
-368  * @param {String} sHead string of JWS Header
-369  * @param {String} sPayload string of JWS Payload
-370  * @param {String} key string of private key or key object to sign
-371  * @param {String} pass (OPTION)passcode to use encrypted private key 
-372  * @return {String} JWS signature string
-373  * @since jws 3.0.0
-374  * @see <a href="http://kjur.github.io/jsrsasign/api/symbols/KJUR.crypto.Signature.html">jsrsasign KJUR.crypto.Signature method</a>
-375  * @see <a href="http://kjur.github.io/jsrsasign/api/symbols/KJUR.crypto.Mac.html">jsrsasign KJUR.crypto.Mac method</a>
-376  * @description
-377  * This method supports following algorithms.
-378  * <table>
-379  * <tr><th>alg value</th><th>spec requirement</th><th>jsjws support</th></tr>
-380  * <tr><td>HS256</td><td>REQUIRED</td><td>SUPPORTED</td></tr>
-381  * <tr><td>HS384</td><td>OPTIONAL</td><td>-</td></tr>
-382  * <tr><td>HS512</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
-383  * <tr><td>RS256</td><td>RECOMMENDED</td><td>SUPPORTED</td></tr>
-384  * <tr><td>RS384</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
-385  * <tr><td>RS512</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
-386  * <tr><td>ES256</td><td>RECOMMENDED+</td><td>SUPPORTED</td></tr>
-387  * <tr><td>ES384</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
-388  * <tr><td>ES512</td><td>OPTIONAL</td><td>-</td></tr>
-389  * <tr><td>PS256</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
-390  * <tr><td>PS384</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
-391  * <tr><td>PS512</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
-392  * <tr><td>none</td><td>REQUIRED</td><td>SUPPORTED(signature generation only)</td></tr>
-393  * </table>
-394  * <dl>
-395  * <dt>NOTE1:
-396  * <dd>salt length of RSAPSS signature is the same as the hash algorithm length
-397  * because of <a href="http://www.ietf.org/mail-archive/web/jose/current/msg02901.html">IETF JOSE ML discussion</a>.
-398  * <dt>NOTE2:
-399  * <dd>The reason of HS384 unsupport is  
-400  * <a href="https://code.google.com/p/crypto-js/issues/detail?id=84">CryptoJS HmacSHA384 bug</a>.
-401  * </dl>
-402  */
-403 KJUR.jws.JWS.sign = function(alg, sHeader, sPayload, key, pass) {
-404     var ns1 = KJUR.jws.JWS;
-405 
-406     if (! ns1.isSafeJSONString(sHeader))
-407 	throw "JWS Head is not safe JSON string: " + sHeader;
-408 
-409     var pHeader = ns1.readSafeJSONString(sHeader);
-410 
-411     // 1. use alg if defined in sHeader
-412     if ((alg == '' || alg == null) &&
-413 	pHeader['alg'] !== undefined) {
-414 	alg = pHeader['alg'];
-415     }
-416 
-417     // 2. set alg in sHeader if undefined
-418     if ((alg != '' && alg != null) &&
-419 	pHeader['alg'] === undefined) {
-420 	pHeader['alg'] = alg;
-421 	sHeader = JSON.stringify(pHeader);
-422     }
+246 	var hashAlg = _jws_getHashAlgFromHead(sHead);
+247 	var sigValue = rsa.signString(sSI, hashAlg);
+248 	return sigValue;
+249     };
+250 
+251     function _jws_generateSignatureValueBySI_Key(sHead, sPayload, sSI, key, head) {
+252 	var hashAlg = null;
+253 	if (typeof head == "undefined") {
+254 	    hashAlg = _jws_getHashAlgFromHead(sHead);
+255 	} else {
+256 	    hashAlg = _jws_getHashAlgFromParsedHead(head);
+257 	}
+258 
+259 	var isPSS = head['alg'].substr(0, 2) == "PS";
+260 
+261 	if (key.hashAndSign) {
+262 	    return b64tob64u(key.hashAndSign(hashAlg, sSI, 'binary', 'base64', isPSS));
+263 	} else if (isPSS) {
+264 	    return hextob64u(key.signStringPSS(sSI, hashAlg));
+265 	} else {
+266 	    return hextob64u(key.signString(sSI, hashAlg));
+267 	}
+268     };
+269 
+270     function _jws_generateSignatureValueByNED(sHead, sPayload, hN, hE, hD) {
+271 	var sSI = _getSignatureInputByString(sHead, sPayload);
+272 	return _jws_generateSignatureValueBySI_NED(sHead, sPayload, sSI, hN, hE, hD);
+273     };
+274 
+275     /**
+276      * generate JWS signature by Header, Payload and a naked RSA private key.<br/>
+277      * This only supports "RS256" and "RS512" algorithm.
+278      * @name generateJWSByNED
+279      * @memberOf KJUR.jws.JWS
+280      * @function
+281      * @param {String} sHead string of JWS Header
+282      * @param {String} sPayload string of JWS Payload
+283      * @param {String} hN hexadecimal string for modulus of RSA public key
+284      * @param {String} hE hexadecimal string for public exponent of RSA public key
+285      * @param {String} hD hexadecimal string for private exponent of RSA private key
+286      * @return {String} JWS signature string
+287      * @throws if sHead is a malformed JSON string.
+288      * @throws if supported signature algorithm was not specified in JSON Header.
+289      * @deprecated from 3.0.0 please move to {@link KJUR.jws.JWS.sign}
+290      */
+291     this.generateJWSByNED = function(sHead, sPayload, hN, hE, hD) {
+292 	if (! ns1.isSafeJSONString(sHead)) throw "JWS Head is not safe JSON string: " + sHead;
+293 	var sSI = _getSignatureInputByString(sHead, sPayload);
+294 	var hSigValue = _jws_generateSignatureValueBySI_NED(sHead, sPayload, sSI, hN, hE, hD);
+295 	var b64SigValue = hextob64u(hSigValue);
+296 	
+297 	this.parsedJWS = {};
+298 	this.parsedJWS.headB64U = sSI.split(".")[0];
+299 	this.parsedJWS.payloadB64U = sSI.split(".")[1];
+300 	this.parsedJWS.sigvalB64U = b64SigValue;
+301 
+302 	return sSI + "." + b64SigValue;
+303     };
+304 
+305     /**
+306      * generate JWS signature by Header, Payload and a RSA private key.<br/>
+307      * This only supports "RS256", "RS512", "PS256" and "PS512" algorithms.
+308      * @name generateJWSByKey
+309      * @memberOf KJUR.jws.JWS
+310      * @function
+311      * @param {String} sHead string of JWS Header
+312      * @param {String} sPayload string of JWS Payload
+313      * @param {RSAKey} RSA private key
+314      * @return {String} JWS signature string
+315      * @throws if sHead is a malformed JSON string.
+316      * @throws if supported signature algorithm was not specified in JSON Header.
+317      * @deprecated from 3.0.0 please move to {@link KJUR.jws.JWS.sign}
+318      */
+319     this.generateJWSByKey = function(sHead, sPayload, key) {
+320 	var obj = {};
+321 	if (! ns1.isSafeJSONString(sHead, obj, 'headP'))
+322 	    throw "JWS Head is not safe JSON string: " + sHead;
+323 	var sSI = _getSignatureInputByString(sHead, sPayload);
+324 	var b64SigValue = _jws_generateSignatureValueBySI_Key(sHead, sPayload, sSI, key, obj.headP);
+325 
+326 	this.parsedJWS = {};
+327 	this.parsedJWS.headB64U = sSI.split(".")[0];
+328 	this.parsedJWS.payloadB64U = sSI.split(".")[1];
+329 	this.parsedJWS.sigvalB64U = b64SigValue;
+330 
+331 	return sSI + "." + b64SigValue;
+332     };
+333 
+334     // === sign with PKCS#1 RSA private key =====================================================
+335     function _jws_generateSignatureValueBySI_PemPrvKey(sHead, sPayload, sSI, sPemPrvKey) {
+336 	var rsa = new RSAKey();
+337 	rsa.readPrivateKeyFromPEMString(sPemPrvKey);
+338 	var hashAlg = _jws_getHashAlgFromHead(sHead);
+339 	var sigValue = rsa.signString(sSI, hashAlg);
+340 	return sigValue;
+341     };
+342 
+343     /**
+344      * generate JWS signature by Header, Payload and a PEM formatted PKCS#1 RSA private key.<br/>
+345      * This only supports "RS256" and "RS512" algorithm.
+346      * @name generateJWSByP1PrvKey
+347      * @memberOf KJUR.jws.JWS
+348      * @function
+349      * @param {String} sHead string of JWS Header
+350      * @param {String} sPayload string of JWS Payload
+351      * @param {String} string for sPemPrvKey PEM formatted PKCS#1 RSA private key<br/>
+352      *                 Heading and trailing space characters in PEM key will be ignored.
+353      * @return {String} JWS signature string
+354      * @throws if sHead is a malformed JSON string.
+355      * @throws if supported signature algorithm was not specified in JSON Header.
+356      * @since 1.1
+357      * @deprecated from 3.0.0 please move to {@link KJUR.jws.JWS.sign}
+358      */
+359     this.generateJWSByP1PrvKey = function(sHead, sPayload, sPemPrvKey) {
+360 	if (! ns1.isSafeJSONString(sHead)) throw "JWS Head is not safe JSON string: " + sHead;
+361 	var sSI = _getSignatureInputByString(sHead, sPayload);
+362 	var hSigValue = _jws_generateSignatureValueBySI_PemPrvKey(sHead, sPayload, sSI, sPemPrvKey);
+363 	var b64SigValue = hextob64u(hSigValue);
+364 
+365 	this.parsedJWS = {};
+366 	this.parsedJWS.headB64U = sSI.split(".")[0];
+367 	this.parsedJWS.payloadB64U = sSI.split(".")[1];
+368 	this.parsedJWS.sigvalB64U = b64SigValue;
+369 
+370 	return sSI + "." + b64SigValue;
+371     };
+372 };
+373 
+374 // === major static method ========================================================
+375 
+376 /**
+377  * generate JWS signature by specified key<br/>
+378  * @name sign
+379  * @memberOf KJUR.jws.JWS
+380  * @function
+381  * @static
+382  * @param {String} alg JWS algorithm name to sign and force set to sHead or null 
+383  * @param {String} sHead string of JWS Header
+384  * @param {String} sPayload string of JWS Payload
+385  * @param {String} key string of private key or key object to sign
+386  * @param {String} pass (OPTION)passcode to use encrypted private key 
+387  * @return {String} JWS signature string
+388  * @since jws 3.0.0
+389  * @see <a href="http://kjur.github.io/jsrsasign/api/symbols/KJUR.crypto.Signature.html">jsrsasign KJUR.crypto.Signature method</a>
+390  * @see <a href="http://kjur.github.io/jsrsasign/api/symbols/KJUR.crypto.Mac.html">jsrsasign KJUR.crypto.Mac method</a>
+391  * @description
+392  * This method supports following algorithms.
+393  * <table>
+394  * <tr><th>alg value</th><th>spec requirement</th><th>jsjws support</th></tr>
+395  * <tr><td>HS256</td><td>REQUIRED</td><td>SUPPORTED</td></tr>
+396  * <tr><td>HS384</td><td>OPTIONAL</td><td>-</td></tr>
+397  * <tr><td>HS512</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
+398  * <tr><td>RS256</td><td>RECOMMENDED</td><td>SUPPORTED</td></tr>
+399  * <tr><td>RS384</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
+400  * <tr><td>RS512</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
+401  * <tr><td>ES256</td><td>RECOMMENDED+</td><td>SUPPORTED</td></tr>
+402  * <tr><td>ES384</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
+403  * <tr><td>ES512</td><td>OPTIONAL</td><td>-</td></tr>
+404  * <tr><td>PS256</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
+405  * <tr><td>PS384</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
+406  * <tr><td>PS512</td><td>OPTIONAL</td><td>SUPPORTED</td></tr>
+407  * <tr><td>none</td><td>REQUIRED</td><td>SUPPORTED(signature generation only)</td></tr>
+408  * </table>
+409  * <dl>
+410  * <dt>NOTE1:
+411  * <dd>salt length of RSAPSS signature is the same as the hash algorithm length
+412  * because of <a href="http://www.ietf.org/mail-archive/web/jose/current/msg02901.html">IETF JOSE ML discussion</a>.
+413  * <dt>NOTE2:
+414  * <dd>The reason of HS384 unsupport is  
+415  * <a href="https://code.google.com/p/crypto-js/issues/detail?id=84">CryptoJS HmacSHA384 bug</a>.
+416  * </dl>
+417  */
+418 KJUR.jws.JWS.sign = function(alg, sHeader, sPayload, key, pass) {
+419     var ns1 = KJUR.jws.JWS;
+420 
+421     if (! ns1.isSafeJSONString(sHeader))
+422 	throw "JWS Head is not safe JSON string: " + sHeader;
 423 
-424     // 3. set signature algorithm like SHA1withRSA
-425     var sigAlg = null;
-426     if (ns1.jwsalg2sigalg[alg] === undefined) {
-427 	throw "unsupported alg name: " + alg;
-428     } else {
-429 	sigAlg = ns1.jwsalg2sigalg[alg];
+424     var pHeader = ns1.readSafeJSONString(sHeader);
+425 
+426     // 1. use alg if defined in sHeader
+427     if ((alg == '' || alg == null) &&
+428 	pHeader['alg'] !== undefined) {
+429 	alg = pHeader['alg'];
 430     }
-431     
-432     var uHeader = utf8tob64u(sHeader);
-433     var uPayload = utf8tob64u(sPayload);
-434     var uSignatureInput = uHeader + "." + uPayload
-435     
-436     // 4. sign
-437     var hSig = "";
-438     if (sigAlg.substr(0, 4) == "Hmac") {
-439 	if (key === undefined)
-440 	    throw "hexadecimal key shall be specified for HMAC";
-441 	var mac = new KJUR.crypto.Mac({'alg': sigAlg, 'pass': hextorstr(key)});
-442 	mac.updateString(uSignatureInput);
-443 	hSig = mac.doFinal();
-444     } else if (sigAlg.indexOf("withECDSA") != -1) {
-445 	var sig = new KJUR.crypto.Signature({'alg': sigAlg});
-446 	sig.init(key, pass);
-447 	sig.updateString(uSignatureInput);
-448 	hASN1Sig = sig.sign();
-449 	hSig = KJUR.crypto.ECDSA.asn1SigToConcatSig(hASN1Sig);
-450     } else if (sigAlg != "none") {
-451 	var sig = new KJUR.crypto.Signature({'alg': sigAlg});
-452 	sig.init(key, pass);
-453 	sig.updateString(uSignatureInput);
-454 	hSig = sig.sign();
-455     }
-456 
-457     var uSig = hextob64u(hSig);
-458     return uSignatureInput + "." + uSig;
-459 };
-460 
-461 /**
-462  * verify JWS signature by specified key or certificate<br/>
-463  * @name verify
-464  * @memberOf KJUR.jws.JWS
-465  * @function
-466  * @static
-467  * @param {String} sJWS string of JWS signature to verify
-468  * @param {Object} key string of public key, certificate or key object to verify
-469  * @param {String} acceptAlgs array of algorithm name strings (OPTION)
-470  * @return {Boolean} true if the signature is valid otherwise false
-471  * @since jws 3.0.0
-472  * @see <a href="http://kjur.github.io/jsrsasign/api/symbols/KJUR.crypto.Signature.html">jsrsasign KJUR.crypto.Signature method</a>
-473  * @see <a href="http://kjur.github.io/jsrsasign/api/symbols/KJUR.crypto.Mac.html">jsrsasign KJUR.crypto.Mac method</a>
-474  * @description
-475  * <p>
-476  * This method verifies a JSON Web Signature Compact Serialization string by the validation 
-477  * algorithm as described in 
-478  * <a href="http://self-issued.info/docs/draft-jones-json-web-signature-04.html#anchor5">
-479  * the section 5 of Internet Draft draft-jones-json-web-signature-04.</a>
-480  * </p>
-481  * <p>
-482  * Since 3.2.0 strict key checking has been provided against a JWS algorithm
-483  * in a JWS header.
-484  * <ul>
-485  * <li>In case 'alg' is 'HS*' in the JWS header,
-486  * 'key' shall be hexadecimal string for Hmac{256,384,512} shared secret key.
-487  * Otherwise it raise an error.</li>
-488  * <li>In case 'alg' is 'RS*' or 'PS*' in the JWS header,
-489  * 'key' shall be a RSAKey object or a PEM string of
-490  * X.509 RSA public key certificate or PKCS#8 RSA public key.
-491  * Otherwise it raise an error.</li>
-492  * <li>In case 'alg' is 'ES*' in the JWS header,
-493  * 'key' shall be a KJUR.crypto.ECDSA object or a PEM string of
-494  * X.509 ECC public key certificate or PKCS#8 ECC public key.
-495  * Otherwise it raise an error.</li>
-496  * <li>In case 'alg' is 'none' in the JWS header,
-497  * validation not supported after jsjws 3.1.0.</li>
-498  * </ul>
-499  * </p>
-500  * <p>
-501  * NOTE1: The argument 'acceptAlgs' is supported since 3.2.0.
-502  * Strongly recommended to provide acceptAlgs to mitigate
-503  * signature replacement attacks.<br/>
-504  * </p>
-505  * @example
-506  * // 1) verify a RS256 JWS signature by a certificate string.
-507  * var isValid = KJUR.jws.JWS.verify('eyJh...', '-----BEGIN...', ['RS256']);
-508  * 
-509  * // 2) verify a HS256 JWS signature by a certificate string.
-510  * var isValid = KJUR.jws.JWS.verify('eyJh...', '6f62ad...', ['HS256']);
-511  *
-512  * // 3) verify a ES256 JWS signature by a KJUR.crypto.ECDSA key object.
-513  * var pubkey = KEYUTIL.getKey('-----BEGIN CERT...');
-514  * var isValid = KJUR.jws.JWS.verify('eyJh...', pubkey);
-515  */
-516 KJUR.jws.JWS.verify = function(sJWS, key, acceptAlgs) {
-517     var jws = KJUR.jws.JWS;
-518     var a = sJWS.split(".");
-519     var uHeader = a[0];
-520     var uPayload = a[1];
-521     var uSignatureInput = uHeader + "." + uPayload;
-522     var hSig = b64utohex(a[2]);
-523 
-524     // 1. parse JWS header
-525     var pHeader = jws.readSafeJSONString(b64utoutf8(a[0]));
-526     var alg = null;
-527     var algType = null; // HS|RS|PS|ES|no
-528     if (pHeader.alg === undefined) {
-529 	throw "algorithm not specified in header";
-530     } else {
-531 	alg = pHeader.alg;
-532 	algType = alg.substr(0, 2);
-533     }
-534 
-535     // 2. check whether alg is acceptable algorithms
-536     if (acceptAlgs != null &&
-537         Object.prototype.toString.call(acceptAlgs) === '[object Array]' &&
-538         acceptAlgs.length > 0) {
-539 	var acceptAlgStr = ":" + acceptAlgs.join(":") + ":";
-540 	if (acceptAlgStr.indexOf(":" + alg + ":") == -1) {
-541 	    throw "algorithm '" + alg + "' not accepted in the list";
-542 	}
-543     }
-544 
-545     // 3. check whether key is a proper key for alg.
-546     if (alg != "none" && key === null) {
-547 	throw "key shall be specified to verify.";
+431 
+432     // 2. set alg in sHeader if undefined
+433     if ((alg != '' && alg != null) &&
+434 	pHeader['alg'] === undefined) {
+435 	pHeader['alg'] = alg;
+436 	sHeader = JSON.stringify(pHeader);
+437     }
+438 
+439     // 3. set signature algorithm like SHA1withRSA
+440     var sigAlg = null;
+441     if (ns1.jwsalg2sigalg[alg] === undefined) {
+442 	throw "unsupported alg name: " + alg;
+443     } else {
+444 	sigAlg = ns1.jwsalg2sigalg[alg];
+445     }
+446     
+447     var uHeader = utf8tob64u(sHeader);
+448     var uPayload = utf8tob64u(sPayload);
+449     var uSignatureInput = uHeader + "." + uPayload
+450     
+451     // 4. sign
+452     var hSig = "";
+453     if (sigAlg.substr(0, 4) == "Hmac") {
+454 	if (key === undefined)
+455 	    throw "hexadecimal key shall be specified for HMAC";
+456 	var mac = new KJUR.crypto.Mac({'alg': sigAlg, 'pass': hextorstr(key)});
+457 	mac.updateString(uSignatureInput);
+458 	hSig = mac.doFinal();
+459     } else if (sigAlg.indexOf("withECDSA") != -1) {
+460 	var sig = new KJUR.crypto.Signature({'alg': sigAlg});
+461 	sig.init(key, pass);
+462 	sig.updateString(uSignatureInput);
+463 	hASN1Sig = sig.sign();
+464 	hSig = KJUR.crypto.ECDSA.asn1SigToConcatSig(hASN1Sig);
+465     } else if (sigAlg != "none") {
+466 	var sig = new KJUR.crypto.Signature({'alg': sigAlg});
+467 	sig.init(key, pass);
+468 	sig.updateString(uSignatureInput);
+469 	hSig = sig.sign();
+470     }
+471 
+472     var uSig = hextob64u(hSig);
+473     return uSignatureInput + "." + uSig;
+474 };
+475 
+476 /**
+477  * verify JWS signature by specified key or certificate<br/>
+478  * @name verify
+479  * @memberOf KJUR.jws.JWS
+480  * @function
+481  * @static
+482  * @param {String} sJWS string of JWS signature to verify
+483  * @param {Object} key string of public key, certificate or key object to verify
+484  * @param {String} acceptAlgs array of algorithm name strings (OPTION)
+485  * @return {Boolean} true if the signature is valid otherwise false
+486  * @since jws 3.0.0
+487  * @see <a href="http://kjur.github.io/jsrsasign/api/symbols/KJUR.crypto.Signature.html">jsrsasign KJUR.crypto.Signature method</a>
+488  * @see <a href="http://kjur.github.io/jsrsasign/api/symbols/KJUR.crypto.Mac.html">jsrsasign KJUR.crypto.Mac method</a>
+489  * @description
+490  * <p>
+491  * This method verifies a JSON Web Signature Compact Serialization string by the validation 
+492  * algorithm as described in 
+493  * <a href="http://self-issued.info/docs/draft-jones-json-web-signature-04.html#anchor5">
+494  * the section 5 of Internet Draft draft-jones-json-web-signature-04.</a>
+495  * </p>
+496  * <p>
+497  * Since 3.2.0 strict key checking has been provided against a JWS algorithm
+498  * in a JWS header.
+499  * <ul>
+500  * <li>In case 'alg' is 'HS*' in the JWS header,
+501  * 'key' shall be hexadecimal string for Hmac{256,384,512} shared secret key.
+502  * Otherwise it raise an error.</li>
+503  * <li>In case 'alg' is 'RS*' or 'PS*' in the JWS header,
+504  * 'key' shall be a RSAKey object or a PEM string of
+505  * X.509 RSA public key certificate or PKCS#8 RSA public key.
+506  * Otherwise it raise an error.</li>
+507  * <li>In case 'alg' is 'ES*' in the JWS header,
+508  * 'key' shall be a KJUR.crypto.ECDSA object or a PEM string of
+509  * X.509 ECC public key certificate or PKCS#8 ECC public key.
+510  * Otherwise it raise an error.</li>
+511  * <li>In case 'alg' is 'none' in the JWS header,
+512  * validation not supported after jsjws 3.1.0.</li>
+513  * </ul>
+514  * </p>
+515  * <p>
+516  * NOTE1: The argument 'acceptAlgs' is supported since 3.2.0.
+517  * Strongly recommended to provide acceptAlgs to mitigate
+518  * signature replacement attacks.<br/>
+519  * </p>
+520  * @example
+521  * // 1) verify a RS256 JWS signature by a certificate string.
+522  * var isValid = KJUR.jws.JWS.verify('eyJh...', '-----BEGIN...', ['RS256']);
+523  * 
+524  * // 2) verify a HS256 JWS signature by a certificate string.
+525  * var isValid = KJUR.jws.JWS.verify('eyJh...', '6f62ad...', ['HS256']);
+526  *
+527  * // 3) verify a ES256 JWS signature by a KJUR.crypto.ECDSA key object.
+528  * var pubkey = KEYUTIL.getKey('-----BEGIN CERT...');
+529  * var isValid = KJUR.jws.JWS.verify('eyJh...', pubkey);
+530  */
+531 KJUR.jws.JWS.verify = function(sJWS, key, acceptAlgs) {
+532     var jws = KJUR.jws.JWS;
+533     var a = sJWS.split(".");
+534     var uHeader = a[0];
+535     var uPayload = a[1];
+536     var uSignatureInput = uHeader + "." + uPayload;
+537     var hSig = b64utohex(a[2]);
+538 
+539     // 1. parse JWS header
+540     var pHeader = jws.readSafeJSONString(b64utoutf8(a[0]));
+541     var alg = null;
+542     var algType = null; // HS|RS|PS|ES|no
+543     if (pHeader.alg === undefined) {
+544 	throw "algorithm not specified in header";
+545     } else {
+546 	alg = pHeader.alg;
+547 	algType = alg.substr(0, 2);
 548     }
 549 
-550     // 3.1. check whether key is hexstr if alg is HS*.
-551     if (algType == "HS") {
-552 	if (typeof key != "string" &&
-553 	    key.length != 0 &&
-554 	    key.length % 2 != 0 &&
-555 	    ! key.match(/^[0-9A-Fa-f]+/)) {
-556 	    throw "key shall be a hexadecimal str for HS* algs";
+550     // 2. check whether alg is acceptable algorithms
+551     if (acceptAlgs != null &&
+552         Object.prototype.toString.call(acceptAlgs) === '[object Array]' &&
+553         acceptAlgs.length > 0) {
+554 	var acceptAlgStr = ":" + acceptAlgs.join(":") + ":";
+555 	if (acceptAlgStr.indexOf(":" + alg + ":") == -1) {
+556 	    throw "algorithm '" + alg + "' not accepted in the list";
 557 	}
 558     }
 559 
-560     // 3.2. convert key object if key is a public key or cert PEM string
-561     if (typeof key == "string" &&
-562 	key.indexOf("-----BEGIN ") != -1) {
-563 	key = KEYUTIL.getKey(key);
-564     }
-565 
-566     // 3.3. check whether key is RSAKey obj if alg is RS* or PS*.
-567     if (algType == "RS" || algType == "PS") {
-568 	if (!(key instanceof RSAKey)) {
-569 	    throw "key shall be a RSAKey obj for RS* and PS* algs";
-570 	}
-571     }
-572 
-573     // 3.4. check whether key is ECDSA obj if alg is ES*.
-574     if (algType == "ES") {
-575 	if (!(key instanceof KJUR.crypto.ECDSA)) {
-576 	    throw "key shall be a ECDSA obj for ES* algs";
-577 	}
-578     }
-579 
-580     // 3.5. check when alg is 'none'
-581     if (alg == "none") {
-582     }
-583 
-584     // 4. check whether alg is supported alg in jsjws.
-585     var sigAlg = null;
-586     if (jws.jwsalg2sigalg[pHeader.alg] === undefined) {
-587 	throw "unsupported alg name: " + alg;
-588     } else {
-589 	sigAlg = jws.jwsalg2sigalg[alg];
-590     }
-591 
-592     // 5. verify
-593     if (sigAlg == "none") {
-594         throw "not supported";
-595     } else if (sigAlg.substr(0, 4) == "Hmac") {
-596 	if (key === undefined)
-597 	    throw "hexadecimal key shall be specified for HMAC";
-598 	var mac = new KJUR.crypto.Mac({'alg': sigAlg, 'pass': hextorstr(key)});
-599 	mac.updateString(uSignatureInput);
-600 	hSig2 = mac.doFinal();
-601 	return hSig == hSig2;
-602     } else if (sigAlg.indexOf("withECDSA") != -1) {
-603 	var hASN1Sig = null;
-604         try {
-605 	    hASN1Sig = KJUR.crypto.ECDSA.concatSigToASN1Sig(hSig);
-606 	} catch (ex) {
-607 	    return false;
-608 	}
-609 	var sig = new KJUR.crypto.Signature({'alg': sigAlg});
-610 	sig.init(key)
-611 	sig.updateString(uSignatureInput);
-612 	return sig.verify(hASN1Sig);
-613     } else {
-614 	var sig = new KJUR.crypto.Signature({'alg': sigAlg});
-615 	sig.init(key)
-616 	sig.updateString(uSignatureInput);
-617 	return sig.verify(hSig);
-618     }
-619 };
-620 
-621 /**
-622  * @name verifyJWT
-623  * @memberOf KJUR.jws.JWS
-624  * @function
-625  * @static
-626  * @param {String} sJWT string of JSON Web Token(JWT) to verify
-627  * @param {Object} key string of public key, certificate or key object to verify
-628  * @param {Array} acceptField associative array of acceptable fields (OPTION)
-629  * @return {Boolean} true if the JWT token is valid otherwise false
-630  * @since jws 3.2.3 jsrsasign 4.8.0
-631  * @description
-632  * This method verifies a
-633  * <a href="https://tools.ietf.org/html/rfc7519">RFC 7519</a> 
-634  * JSON Web Token(JWT).
-635  * It will verify following:
-636  * <ul>
-637  * <li>Header.alg
-638  * <ul>
-639  * <li>alg is specified in JWT header.</li>
-640  * <li>alg is included in acceptField.alg array. (MANDATORY)</li>
-641  * <li>alg is proper for key.</li>
-642  * </ul>
-643  * </li>
-644  * <li>Payload.iss (issuer) - Payload.iss is included in acceptField.iss array if specified. (OPTION)</li>
-645  * <li>Payload.sub (subject) - Payload.sub is included in acceptField.sub array if specified. (OPTION)</li>
-646  * <li>Payload.aud (audience) - Payload.aud is included in acceptField.aud array or 
-647  *     the same as value if specified. (OPTION)</li>
-648  * <li>Time validity
-649  * <ul>
-650  * <li>If acceptField.verifyAt as number of UNIX origin time is specifed for validation time, 
-651  * this method will verify at the time for it, otherwise current time will be used to verify.</li>
-652  * <li>Payload.exp (expire) - Validation time is smaller than Payloead.exp.</li>
-653  * <li>Payload.nbf (not before) - Validation time is greater than Payloead.nbf.</li>
-654  * <li>Payload.iat (issued at) - Validation time is greater than Payloead.iat.</li>
-655  * </ul>
-656  * </li>
-657  * <li>Payload.jti (JWT id) - Payload.jti is defined.</li>
-658  * <li>JWS signature of JWS is valid for specified key.</li>
-659  * </ul>
-660  *
-661  * @example
-662  * // simple validation for HS256
-663  * isValid = KJUR.jws.JWS.verifyJWT("eyJhbG...", "616161", {alg: ["HS256"]}),
-664  *
-665  * // full validation for RS or PS
-666  * pubkey = KEYUTIL.getKey('-----BEGIN CERT...');
-667  * isValid = KJUR.jws.JWS.verifyJWT('eyJh...', pubkey, {
-668  *   alg: ['RS256', 'RS512', 'PS256', 'PS512'],
-669  *   iss: ['http://foo.com'],
-670  *   sub: ['mailto:john@foo.com', 'mailto:alice@foo.com'],
-671  *   verifyAt: KJUR.jws.IntDate.get('20150520235959Z'),
-672  *   aud: ['http://foo.com'], // aud: 'http://foo.com' is fine too.
-673  * });
-674  */
-675 KJUR.jws.JWS.verifyJWT = function(sJWT, key, acceptField) {
-676     var ns1 = KJUR.jws.JWS;
-677 
-678     // 1. parse JWT
-679     var a = sJWT.split(".");
-680     var uHeader = a[0];
-681     var uPayload = a[1];
-682     var uSignatureInput = uHeader + "." + uPayload;
-683     var hSig = b64utohex(a[2]);
-684 
-685     // 2. parse JWS header
-686     var pHeader = ns1.readSafeJSONString(b64utoutf8(uHeader));
-687 
-688     // 3. parse JWS payload
-689     var pPayload = ns1.readSafeJSONString(b64utoutf8(uPayload));
-690 
-691     // 4. algorithm ('alg' in header) check
-692     if (pHeader.alg === undefined) return false;
-693     if (acceptField.alg === undefined)
-694 	throw "acceptField.alg shall be specified";
-695     if (! ns1.inArray(pHeader.alg, acceptField.alg)) return false;
-696 
-697     // 5. issuer ('iss' in payload) check
-698     if (pPayload.iss !== undefined && typeof acceptField.iss === "object") {
-699 	if (! ns1.inArray(pPayload.iss, acceptField.iss)) return false;
-700     }
-701 
-702     // 6. subject ('sub' in payload) check
-703     if (pPayload.sub !== undefined && typeof acceptField.sub === "object") {
-704 	if (! ns1.inArray(pPayload.sub, acceptField.sub)) return false;
-705     }
-706 
-707     // 7. audience ('aud' in payload) check
-708     if (pPayload.aud !== undefined && typeof acceptField.aud === "object") {
-709 	if (typeof pPayload.aud == "string") {
-710 	    if (! ns1.inArray(pPayload.aud, acceptField.aud))
-711 		return false;
-712 	} else if (typeof pPayload.aud == "object") {
-713 	    if (! ns1.includedArray(pPayload.aud, acceptField.aud))
-714 		return false;
-715 	}
-716     }
-717 
-718     // 8. time validity (nbf < now < exp) && (iat <= now)
-719     var now = KJUR.jws.IntDate.getNow();
-720     if (acceptField.verifyAt !== undefined && typeof acceptField.verifyAt == "number") {
-721 	now = acceptField.verifyAt;
-722     }
-723 
-724     // 8.1 expired time 'exp' check
-725     if (pPayload.exp !== undefined && typeof pPayload.exp == "number") {
-726 	if (pPayload.exp < now) return false;
-727     }
-728 
-729     // 8.2 not before time 'nbf' check
-730     if (pPayload.nbf !== undefined && typeof pPayload.nbf == "number") {
-731 	if (now < pPayload.nbf) return false;
-732     }
-733     
-734     // 8.3 issued at time 'iat' check
-735     if (pPayload.iat !== undefined && typeof pPayload.iat == "number") {
-736 	if (now < pPayload.iat) return false;
+560     // 3. check whether key is a proper key for alg.
+561     if (alg != "none" && key === null) {
+562 	throw "key shall be specified to verify.";
+563     }
+564 
+565     // 3.1. check whether key is hexstr if alg is HS*.
+566     if (algType == "HS") {
+567 	if (typeof key != "string" &&
+568 	    key.length != 0 &&
+569 	    key.length % 2 != 0 &&
+570 	    ! key.match(/^[0-9A-Fa-f]+/)) {
+571 	    throw "key shall be a hexadecimal str for HS* algs";
+572 	}
+573     }
+574 
+575     // 3.2. convert key object if key is a public key or cert PEM string
+576     if (typeof key == "string" &&
+577 	key.indexOf("-----BEGIN ") != -1) {
+578 	key = KEYUTIL.getKey(key);
+579     }
+580 
+581     // 3.3. check whether key is RSAKey obj if alg is RS* or PS*.
+582     if (algType == "RS" || algType == "PS") {
+583 	if (!(key instanceof RSAKey)) {
+584 	    throw "key shall be a RSAKey obj for RS* and PS* algs";
+585 	}
+586     }
+587 
+588     // 3.4. check whether key is ECDSA obj if alg is ES*.
+589     if (algType == "ES") {
+590 	if (!(key instanceof KJUR.crypto.ECDSA)) {
+591 	    throw "key shall be a ECDSA obj for ES* algs";
+592 	}
+593     }
+594 
+595     // 3.5. check when alg is 'none'
+596     if (alg == "none") {
+597     }
+598 
+599     // 4. check whether alg is supported alg in jsjws.
+600     var sigAlg = null;
+601     if (jws.jwsalg2sigalg[pHeader.alg] === undefined) {
+602 	throw "unsupported alg name: " + alg;
+603     } else {
+604 	sigAlg = jws.jwsalg2sigalg[alg];
+605     }
+606 
+607     // 5. verify
+608     if (sigAlg == "none") {
+609         throw "not supported";
+610     } else if (sigAlg.substr(0, 4) == "Hmac") {
+611 	if (key === undefined)
+612 	    throw "hexadecimal key shall be specified for HMAC";
+613 	var mac = new KJUR.crypto.Mac({'alg': sigAlg, 'pass': hextorstr(key)});
+614 	mac.updateString(uSignatureInput);
+615 	hSig2 = mac.doFinal();
+616 	return hSig == hSig2;
+617     } else if (sigAlg.indexOf("withECDSA") != -1) {
+618 	var hASN1Sig = null;
+619         try {
+620 	    hASN1Sig = KJUR.crypto.ECDSA.concatSigToASN1Sig(hSig);
+621 	} catch (ex) {
+622 	    return false;
+623 	}
+624 	var sig = new KJUR.crypto.Signature({'alg': sigAlg});
+625 	sig.init(key)
+626 	sig.updateString(uSignatureInput);
+627 	return sig.verify(hASN1Sig);
+628     } else {
+629 	var sig = new KJUR.crypto.Signature({'alg': sigAlg});
+630 	sig.init(key)
+631 	sig.updateString(uSignatureInput);
+632 	return sig.verify(hSig);
+633     }
+634 };
+635 
+636 /**
+637  * @name verifyJWT
+638  * @memberOf KJUR.jws.JWS
+639  * @function
+640  * @static
+641  * @param {String} sJWT string of JSON Web Token(JWT) to verify
+642  * @param {Object} key string of public key, certificate or key object to verify
+643  * @param {Array} acceptField associative array of acceptable fields (OPTION)
+644  * @return {Boolean} true if the JWT token is valid otherwise false
+645  * @since jws 3.2.3 jsrsasign 4.8.0
+646  * @description
+647  * This method verifies a
+648  * <a href="https://tools.ietf.org/html/rfc7519">RFC 7519</a> 
+649  * JSON Web Token(JWT).
+650  * It will verify following:
+651  * <ul>
+652  * <li>Header.alg
+653  * <ul>
+654  * <li>alg is specified in JWT header.</li>
+655  * <li>alg is included in acceptField.alg array. (MANDATORY)</li>
+656  * <li>alg is proper for key.</li>
+657  * </ul>
+658  * </li>
+659  * <li>Payload.iss (issuer) - Payload.iss is included in acceptField.iss array if specified. (OPTION)</li>
+660  * <li>Payload.sub (subject) - Payload.sub is included in acceptField.sub array if specified. (OPTION)</li>
+661  * <li>Payload.aud (audience) - Payload.aud is included in acceptField.aud array or 
+662  *     the same as value if specified. (OPTION)</li>
+663  * <li>Time validity
+664  * <ul>
+665  * <li>If acceptField.verifyAt as number of UNIX origin time is specifed for validation time, 
+666  * this method will verify at the time for it, otherwise current time will be used to verify.</li>
+667  * <li>Payload.exp (expire) - Validation time is smaller than Payloead.exp.</li>
+668  * <li>Payload.nbf (not before) - Validation time is greater than Payloead.nbf.</li>
+669  * <li>Payload.iat (issued at) - Validation time is greater than Payloead.iat.</li>
+670  * </ul>
+671  * </li>
+672  * <li>Payload.jti (JWT id) - Payload.jti is defined.</li>
+673  * <li>JWS signature of JWS is valid for specified key.</li>
+674  * </ul>
+675  *
+676  * @example
+677  * // simple validation for HS256
+678  * isValid = KJUR.jws.JWS.verifyJWT("eyJhbG...", "616161", {alg: ["HS256"]}),
+679  *
+680  * // full validation for RS or PS
+681  * pubkey = KEYUTIL.getKey('-----BEGIN CERT...');
+682  * isValid = KJUR.jws.JWS.verifyJWT('eyJh...', pubkey, {
+683  *   alg: ['RS256', 'RS512', 'PS256', 'PS512'],
+684  *   iss: ['http://foo.com'],
+685  *   sub: ['mailto:john@foo.com', 'mailto:alice@foo.com'],
+686  *   verifyAt: KJUR.jws.IntDate.get('20150520235959Z'),
+687  *   aud: ['http://foo.com'], // aud: 'http://foo.com' is fine too.
+688  * });
+689  */
+690 KJUR.jws.JWS.verifyJWT = function(sJWT, key, acceptField) {
+691     var ns1 = KJUR.jws.JWS;
+692 
+693     // 1. parse JWT
+694     var a = sJWT.split(".");
+695     var uHeader = a[0];
+696     var uPayload = a[1];
+697     var uSignatureInput = uHeader + "." + uPayload;
+698     var hSig = b64utohex(a[2]);
+699 
+700     // 2. parse JWS header
+701     var pHeader = ns1.readSafeJSONString(b64utoutf8(uHeader));
+702 
+703     // 3. parse JWS payload
+704     var pPayload = ns1.readSafeJSONString(b64utoutf8(uPayload));
+705 
+706     // 4. algorithm ('alg' in header) check
+707     if (pHeader.alg === undefined) return false;
+708     if (acceptField.alg === undefined)
+709 	throw "acceptField.alg shall be specified";
+710     if (! ns1.inArray(pHeader.alg, acceptField.alg)) return false;
+711 
+712     // 5. issuer ('iss' in payload) check
+713     if (pPayload.iss !== undefined && typeof acceptField.iss === "object") {
+714 	if (! ns1.inArray(pPayload.iss, acceptField.iss)) return false;
+715     }
+716 
+717     // 6. subject ('sub' in payload) check
+718     if (pPayload.sub !== undefined && typeof acceptField.sub === "object") {
+719 	if (! ns1.inArray(pPayload.sub, acceptField.sub)) return false;
+720     }
+721 
+722     // 7. audience ('aud' in payload) check
+723     if (pPayload.aud !== undefined && typeof acceptField.aud === "object") {
+724 	if (typeof pPayload.aud == "string") {
+725 	    if (! ns1.inArray(pPayload.aud, acceptField.aud))
+726 		return false;
+727 	} else if (typeof pPayload.aud == "object") {
+728 	    if (! ns1.includedArray(pPayload.aud, acceptField.aud))
+729 		return false;
+730 	}
+731     }
+732 
+733     // 8. time validity (nbf < now < exp) && (iat <= now)
+734     var now = KJUR.jws.IntDate.getNow();
+735     if (acceptField.verifyAt !== undefined && typeof acceptField.verifyAt == "number") {
+736 	now = acceptField.verifyAt;
 737     }
 738 
-739     // 9 JWT id 'jti' check
-740     if (pPayload.jti === undefined) return false;
-741 
-742     // 10 JWS signature check
-743     if (! KJUR.jws.JWS.verify(sJWT, key, acceptField.alg)) return false;
-744 
-745     // 11 passed all check
-746     return true;
-747 };
-748 
-749 /**
-750  * check whether array is included by another array
-751  * @name includedArray
-752  * @memberOf KJUR.jws.JWS
-753  * @function
-754  * @static
-755  * @param {Array} a1 check whether set a1 is included by a2
-756  * @param {Array} a2 check whether set a1 is included by a2
-757  * @return {Boolean} check whether set a1 is included by a2
-758  * @since jws 3.2.3
-759  * This method verifies whether an array is included by another array.
-760  * It doesn't care about item ordering in a array.
-761  * @example
-762  * KJUR.jws.JWS.includedArray(['b'], ['b', 'c', 'a']) => true
-763  * KJUR.jws.JWS.includedArray(['a', 'b'], ['b', 'c', 'a']) => true
-764  * KJUR.jws.JWS.includedArray(['a', 'b'], ['b', 'c']) => false
-765  */
-766 KJUR.jws.JWS.includedArray = function(a1, a2) {
-767     var inArray = KJUR.jws.JWS.inArray;
-768     if (a1 === null) return false;
-769     if (typeof a1 !== "object") return false;
-770     if (typeof a1.length !== "number") return false;
-771 
-772     for (var i = 0; i < a1.length; i++) {
-773 	if (! inArray(a1[i], a2)) return false;
-774     }
-775     return true;
-776 };
-777 
-778 /**
-779  * check whether item is included by array
-780  * @name inArray
-781  * @memberOf KJUR.jws.JWS
-782  * @function
-783  * @static
-784  * @param {String} item check whether item is included by array
-785  * @param {Array} a check whether item is included by array
-786  * @return {Boolean} check whether item is included by array
-787  * @since jws 3.2.3
-788  * This method verifies whether an item is included by an array.
-789  * It doesn't care about item ordering in an array.
-790  * @example
-791  * KJUR.jws.JWS.inArray('b', ['b', 'c', 'a']) => true
-792  * KJUR.jws.JWS.inArray('a', ['b', 'c', 'a']) => true
-793  * KJUR.jws.JWS.inArray('a', ['b', 'c']) => false
-794  */
-795 KJUR.jws.JWS.inArray = function(item, a) {
-796     if (a === null) return false;
-797     if (typeof a !== "object") return false;
-798     if (typeof a.length !== "number") return false;
-799     for (var i = 0; i < a.length; i++) {
-800 	if (a[i] == item) return true;
-801     }
-802     return false;
-803 };
-804 
-805 /*
-806  * @since jws 3.0.0
-807  */
-808 KJUR.jws.JWS.jwsalg2sigalg = {
-809     "HS256":	"HmacSHA256",
-810     "HS384":	"HmacSHA384",
-811     "HS512":	"HmacSHA512",
-812     "RS256":	"SHA256withRSA",
-813     "RS384":	"SHA384withRSA",
-814     "RS512":	"SHA512withRSA",
-815     "ES256":	"SHA256withECDSA",
-816     "ES384":	"SHA384withECDSA",
-817     //"ES512":	"SHA512withECDSA", // unsupported because of jsrsasign's bug
-818     "PS256":	"SHA256withRSAandMGF1",
-819     "PS384":	"SHA384withRSAandMGF1",
-820     "PS512":	"SHA512withRSAandMGF1",
-821     "none":	"none",
-822 };
-823 
-824 // === utility static method ======================================================
-825 
-826 /**
-827  * check whether a String "s" is a safe JSON string or not.<br/>
-828  * If a String "s" is a malformed JSON string or an other object type
-829  * this returns 0, otherwise this returns 1.
-830  * @name isSafeJSONString
-831  * @memberOf KJUR.jws.JWS
-832  * @function
-833  * @static
-834  * @param {String} s JSON string
-835  * @return {Number} 1 or 0
-836  */
-837 KJUR.jws.JWS.isSafeJSONString = function(s, h, p) {
-838     var o = null;
-839     try {
-840 	o = jsonParse(s);
-841 	if (typeof o != "object") return 0;
-842 	if (o.constructor === Array) return 0;
-843 	if (h) h[p] = o;
-844 	return 1;
-845     } catch (ex) {
-846 	return 0;
-847     }
-848 };
-849 
-850 /**
-851  * read a String "s" as JSON object if it is safe.<br/>
-852  * If a String "s" is a malformed JSON string or not JSON string,
-853  * this returns null, otherwise returns JSON object.
-854  * @name readSafeJSONString
-855  * @memberOf KJUR.jws.JWS
-856  * @function
-857  * @static
-858  * @param {String} s JSON string
-859  * @return {Object} JSON object or null
-860  * @since 1.1.1
-861  */
-862 KJUR.jws.JWS.readSafeJSONString = function(s) {
-863     var o = null;
-864     try {
-865 	o = jsonParse(s);
-866 	if (typeof o != "object") return null;
-867 	if (o.constructor === Array) return null;
-868 	return o;
-869     } catch (ex) {
-870 	return null;
-871     }
-872 };
-873 
-874 /**
-875  * get Encoed Signature Value from JWS string.<br/>
-876  * @name getEncodedSignatureValueFromJWS
-877  * @memberOf KJUR.jws.JWS
-878  * @function
-879  * @static
-880  * @param {String} sJWS JWS signature string to be verified
-881  * @return {String} string of Encoded Signature Value 
-882  * @throws if sJWS is not comma separated string such like "Header.Payload.Signature".
-883  */
-884 KJUR.jws.JWS.getEncodedSignatureValueFromJWS = function(sJWS) {
-885     if (sJWS.match(/^[^.]+\.[^.]+\.([^.]+)$/) == null) {
-886 	throw "JWS signature is not a form of 'Head.Payload.SigValue'.";
-887     }
-888     return RegExp.$1;
-889 };
-890 
-891 /**
-892  * IntDate class for time representation for JSON Web Token(JWT)
-893  * @class KJUR.jws.IntDate class
-894  * @name KJUR.jws.IntDate
-895  * @since jws 3.0.1
-896  * @description
-897  * Utility class for IntDate which is integer representation of UNIX origin time
-898  * used in JSON Web Token(JWT).
-899  */
-900 KJUR.jws.IntDate = function() {
-901 };
-902 
-903 /**
-904  * @name get
-905  * @memberOf KJUR.jws.IntDate
-906  * @function
-907  * @static
-908  * @param {String} s string of time representation
-909  * @return {Integer} UNIX origin time in seconds for argument 's'
+739     // 8.1 expired time 'exp' check
+740     if (pPayload.exp !== undefined && typeof pPayload.exp == "number") {
+741 	if (pPayload.exp < now) return false;
+742     }
+743 
+744     // 8.2 not before time 'nbf' check
+745     if (pPayload.nbf !== undefined && typeof pPayload.nbf == "number") {
+746 	if (now < pPayload.nbf) return false;
+747     }
+748     
+749     // 8.3 issued at time 'iat' check
+750     if (pPayload.iat !== undefined && typeof pPayload.iat == "number") {
+751 	if (now < pPayload.iat) return false;
+752     }
+753 
+754     // 9 JWT id 'jti' check
+755     if (pPayload.jti === undefined) return false;
+756 
+757     // 10 JWS signature check
+758     if (! KJUR.jws.JWS.verify(sJWT, key, acceptField.alg)) return false;
+759 
+760     // 11 passed all check
+761     return true;
+762 };
+763 
+764 /**
+765  * check whether array is included by another array
+766  * @name includedArray
+767  * @memberOf KJUR.jws.JWS
+768  * @function
+769  * @static
+770  * @param {Array} a1 check whether set a1 is included by a2
+771  * @param {Array} a2 check whether set a1 is included by a2
+772  * @return {Boolean} check whether set a1 is included by a2
+773  * @since jws 3.2.3
+774  * This method verifies whether an array is included by another array.
+775  * It doesn't care about item ordering in a array.
+776  * @example
+777  * KJUR.jws.JWS.includedArray(['b'], ['b', 'c', 'a']) => true
+778  * KJUR.jws.JWS.includedArray(['a', 'b'], ['b', 'c', 'a']) => true
+779  * KJUR.jws.JWS.includedArray(['a', 'b'], ['b', 'c']) => false
+780  */
+781 KJUR.jws.JWS.includedArray = function(a1, a2) {
+782     var inArray = KJUR.jws.JWS.inArray;
+783     if (a1 === null) return false;
+784     if (typeof a1 !== "object") return false;
+785     if (typeof a1.length !== "number") return false;
+786 
+787     for (var i = 0; i < a1.length; i++) {
+788 	if (! inArray(a1[i], a2)) return false;
+789     }
+790     return true;
+791 };
+792 
+793 /**
+794  * check whether item is included by array
+795  * @name inArray
+796  * @memberOf KJUR.jws.JWS
+797  * @function
+798  * @static
+799  * @param {String} item check whether item is included by array
+800  * @param {Array} a check whether item is included by array
+801  * @return {Boolean} check whether item is included by array
+802  * @since jws 3.2.3
+803  * This method verifies whether an item is included by an array.
+804  * It doesn't care about item ordering in an array.
+805  * @example
+806  * KJUR.jws.JWS.inArray('b', ['b', 'c', 'a']) => true
+807  * KJUR.jws.JWS.inArray('a', ['b', 'c', 'a']) => true
+808  * KJUR.jws.JWS.inArray('a', ['b', 'c']) => false
+809  */
+810 KJUR.jws.JWS.inArray = function(item, a) {
+811     if (a === null) return false;
+812     if (typeof a !== "object") return false;
+813     if (typeof a.length !== "number") return false;
+814     for (var i = 0; i < a.length; i++) {
+815 	if (a[i] == item) return true;
+816     }
+817     return false;
+818 };
+819 
+820 /*
+821  * @since jws 3.0.0
+822  */
+823 KJUR.jws.JWS.jwsalg2sigalg = {
+824     "HS256":	"HmacSHA256",
+825     "HS384":	"HmacSHA384",
+826     "HS512":	"HmacSHA512",
+827     "RS256":	"SHA256withRSA",
+828     "RS384":	"SHA384withRSA",
+829     "RS512":	"SHA512withRSA",
+830     "ES256":	"SHA256withECDSA",
+831     "ES384":	"SHA384withECDSA",
+832     //"ES512":	"SHA512withECDSA", // unsupported because of jsrsasign's bug
+833     "PS256":	"SHA256withRSAandMGF1",
+834     "PS384":	"SHA384withRSAandMGF1",
+835     "PS512":	"SHA512withRSAandMGF1",
+836     "none":	"none",
+837 };
+838 
+839 // === utility static method ======================================================
+840 
+841 /**
+842  * check whether a String "s" is a safe JSON string or not.<br/>
+843  * If a String "s" is a malformed JSON string or an other object type
+844  * this returns 0, otherwise this returns 1.
+845  * @name isSafeJSONString
+846  * @memberOf KJUR.jws.JWS
+847  * @function
+848  * @static
+849  * @param {String} s JSON string
+850  * @return {Number} 1 or 0
+851  */
+852 KJUR.jws.JWS.isSafeJSONString = function(s, h, p) {
+853     var o = null;
+854     try {
+855 	o = jsonParse(s);
+856 	if (typeof o != "object") return 0;
+857 	if (o.constructor === Array) return 0;
+858 	if (h) h[p] = o;
+859 	return 1;
+860     } catch (ex) {
+861 	return 0;
+862     }
+863 };
+864 
+865 /**
+866  * read a String "s" as JSON object if it is safe.<br/>
+867  * If a String "s" is a malformed JSON string or not JSON string,
+868  * this returns null, otherwise returns JSON object.
+869  * @name readSafeJSONString
+870  * @memberOf KJUR.jws.JWS
+871  * @function
+872  * @static
+873  * @param {String} s JSON string
+874  * @return {Object} JSON object or null
+875  * @since 1.1.1
+876  */
+877 KJUR.jws.JWS.readSafeJSONString = function(s) {
+878     var o = null;
+879     try {
+880 	o = jsonParse(s);
+881 	if (typeof o != "object") return null;
+882 	if (o.constructor === Array) return null;
+883 	return o;
+884     } catch (ex) {
+885 	return null;
+886     }
+887 };
+888 
+889 /**
+890  * get Encoed Signature Value from JWS string.<br/>
+891  * @name getEncodedSignatureValueFromJWS
+892  * @memberOf KJUR.jws.JWS
+893  * @function
+894  * @static
+895  * @param {String} sJWS JWS signature string to be verified
+896  * @return {String} string of Encoded Signature Value 
+897  * @throws if sJWS is not comma separated string such like "Header.Payload.Signature".
+898  */
+899 KJUR.jws.JWS.getEncodedSignatureValueFromJWS = function(sJWS) {
+900     if (sJWS.match(/^[^.]+\.[^.]+\.([^.]+)$/) == null) {
+901 	throw "JWS signature is not a form of 'Head.Payload.SigValue'.";
+902     }
+903     return RegExp.$1;
+904 };
+905 
+906 /**
+907  * IntDate class for time representation for JSON Web Token(JWT)
+908  * @class KJUR.jws.IntDate class
+909  * @name KJUR.jws.IntDate
 910  * @since jws 3.0.1
-911  * @throws "unsupported format: s" when malformed format
-912  * @description
-913  * This method will accept following representation of time.
-914  * <ul>
-915  * <li>now - current time</li>
-916  * <li>now + 1hour - after 1 hour from now</li>
-917  * <li>now + 1day - after 1 day from now</li>
-918  * <li>now + 1month - after 30 days from now</li>
-919  * <li>now + 1year - after 365 days from now</li>
-920  * <li>YYYYmmDDHHMMSSZ - UTC time (ex. 20130828235959Z)</li>
-921  * <li>number - UNIX origin time (seconds from 1970-01-01 00:00:00) (ex. 1377714748)</li>
-922  * </ul>
-923  */
-924 KJUR.jws.IntDate.get = function(s) {
-925     if (s == "now") {
-926 	return KJUR.jws.IntDate.getNow();
-927     } else if (s == "now + 1hour") {
-928 	return KJUR.jws.IntDate.getNow() + 60 * 60;
-929     } else if (s == "now + 1day") {
-930 	return KJUR.jws.IntDate.getNow() + 60 * 60 * 24;
-931     } else if (s == "now + 1month") {
-932 	return KJUR.jws.IntDate.getNow() + 60 * 60 * 24 * 30;
-933     } else if (s == "now + 1year") {
-934 	return KJUR.jws.IntDate.getNow() + 60 * 60 * 24 * 365;
-935     } else if (s.match(/Z$/)) {
-936 	return KJUR.jws.IntDate.getZulu(s);
-937     } else if (s.match(/^[0-9]+$/)) {
-938 	return parseInt(s);
-939     }
-940     throw "unsupported format: " + s;
-941 };
-942 
-943 KJUR.jws.IntDate.getZulu = function(s) {
-944     if (a = s.match(/(\d{4})(\d\d)(\d\d)(\d\d)(\d\d)(\d\d)Z/)) {
-945 	var year = parseInt(RegExp.$1);
-946 	var month = parseInt(RegExp.$2) - 1;
-947 	var day = parseInt(RegExp.$3);
-948 	var hour = parseInt(RegExp.$4);
-949 	var min = parseInt(RegExp.$5);
-950 	var sec = parseInt(RegExp.$6);
-951 	var d = new Date(Date.UTC(year, month, day, hour, min, sec));
-952 	return ~~(d / 1000);
-953     }
-954     throw "unsupported format: " + s;
-955 };
-956 
-957 /*
-958  * @since jws 3.0.1
-959  */
-960 KJUR.jws.IntDate.getNow = function() {
-961     var d = ~~(new Date() / 1000);
-962     return d;
-963 };
-964 
-965 /*
-966  * @since jws 3.0.1
-967  */
-968 KJUR.jws.IntDate.intDate2UTCString = function(intDate) {
-969     var d = new Date(intDate * 1000);
-970     return d.toUTCString();
-971 };
-972 
-973 /*
-974  * @since jws 3.0.1
-975  */
-976 KJUR.jws.IntDate.intDate2Zulu = function(intDate) {
-977     var d = new Date(intDate * 1000);
-978     var year = ("0000" + d.getUTCFullYear()).slice(-4);    
-979     var mon =  ("00" + (d.getUTCMonth() + 1)).slice(-2);    
-980     var day =  ("00" + d.getUTCDate()).slice(-2);    
-981     var hour = ("00" + d.getUTCHours()).slice(-2);    
-982     var min =  ("00" + d.getUTCMinutes()).slice(-2);    
-983     var sec =  ("00" + d.getUTCSeconds()).slice(-2);    
-984     return year + mon + day + hour + min + sec + "Z";
-985 };
-986 
    
\ No newline at end of file
+911  * @description
+912  * Utility class for IntDate which is integer representation of UNIX origin time
+913  * used in JSON Web Token(JWT).
+914  */
+915 KJUR.jws.IntDate = function() {
+916 };
+917 
+918 /**
+919  * @name get
+920  * @memberOf KJUR.jws.IntDate
+921  * @function
+922  * @static
+923  * @param {String} s string of time representation
+924  * @return {Integer} UNIX origin time in seconds for argument 's'
+925  * @since jws 3.0.1
+926  * @throws "unsupported format: s" when malformed format
+927  * @description
+928  * This method will accept following representation of time.
+929  * <ul>
+930  * <li>now - current time</li>
+931  * <li>now + 1hour - after 1 hour from now</li>
+932  * <li>now + 1day - after 1 day from now</li>
+933  * <li>now + 1month - after 30 days from now</li>
+934  * <li>now + 1year - after 365 days from now</li>
+935  * <li>YYYYmmDDHHMMSSZ - UTC time (ex. 20130828235959Z)</li>
+936  * <li>number - UNIX origin time (seconds from 1970-01-01 00:00:00) (ex. 1377714748)</li>
+937  * </ul>
+938  */
+939 KJUR.jws.IntDate.get = function(s) {
+940     if (s == "now") {
+941 	return KJUR.jws.IntDate.getNow();
+942     } else if (s == "now + 1hour") {
+943 	return KJUR.jws.IntDate.getNow() + 60 * 60;
+944     } else if (s == "now + 1day") {
+945 	return KJUR.jws.IntDate.getNow() + 60 * 60 * 24;
+946     } else if (s == "now + 1month") {
+947 	return KJUR.jws.IntDate.getNow() + 60 * 60 * 24 * 30;
+948     } else if (s == "now + 1year") {
+949 	return KJUR.jws.IntDate.getNow() + 60 * 60 * 24 * 365;
+950     } else if (s.match(/Z$/)) {
+951 	return KJUR.jws.IntDate.getZulu(s);
+952     } else if (s.match(/^[0-9]+$/)) {
+953 	return parseInt(s);
+954     }
+955     throw "unsupported format: " + s;
+956 };
+957 
+958 KJUR.jws.IntDate.getZulu = function(s) {
+959     if (a = s.match(/(\d{4})(\d\d)(\d\d)(\d\d)(\d\d)(\d\d)Z/)) {
+960 	var year = parseInt(RegExp.$1);
+961 	var month = parseInt(RegExp.$2) - 1;
+962 	var day = parseInt(RegExp.$3);
+963 	var hour = parseInt(RegExp.$4);
+964 	var min = parseInt(RegExp.$5);
+965 	var sec = parseInt(RegExp.$6);
+966 	var d = new Date(Date.UTC(year, month, day, hour, min, sec));
+967 	return ~~(d / 1000);
+968     }
+969     throw "unsupported format: " + s;
+970 };
+971 
+972 /*
+973  * @since jws 3.0.1
+974  */
+975 KJUR.jws.IntDate.getNow = function() {
+976     var d = ~~(new Date() / 1000);
+977     return d;
+978 };
+979 
+980 /*
+981  * @since jws 3.0.1
+982  */
+983 KJUR.jws.IntDate.intDate2UTCString = function(intDate) {
+984     var d = new Date(intDate * 1000);
+985     return d.toUTCString();
+986 };
+987 
+988 /*
+989  * @since jws 3.0.1
+990  */
+991 KJUR.jws.IntDate.intDate2Zulu = function(intDate) {
+992     var d = new Date(intDate * 1000);
+993     var year = ("0000" + d.getUTCFullYear()).slice(-4);    
+994     var mon =  ("00" + (d.getUTCMonth() + 1)).slice(-2);    
+995     var day =  ("00" + d.getUTCDate()).slice(-2);    
+996     var hour = ("00" + d.getUTCHours()).slice(-2);    
+997     var min =  ("00" + d.getUTCMinutes()).slice(-2);    
+998     var sec =  ("00" + d.getUTCSeconds()).slice(-2);    
+999     return year + mon + day + hour + min + sec + "Z";
+1000 };
+1001 
    
\ No newline at end of file
diff --git a/api/symbols/src/keyutil-1.0.js.html b/api/symbols/src/keyutil-1.0.js.html
index b781eb2f..000cbefb 100755
--- a/api/symbols/src/keyutil-1.0.js.html
+++ b/api/symbols/src/keyutil-1.0.js.html
@@ -5,12 +5,12 @@
 	.STRN {color: #393;}
 	.REGX {color: #339;}
 	.line {border-right: 1px dotted #666; color: #666; font-style: normal;}
-	
      1 /*! keyutil-1.0.7.js (c) 2013-2014 Kenji Urushima | kjur.github.com/jsrsasign/license
+	
      1 /*! keyutil-1.0.8.js (c) 2013-2015 Kenji Urushima | kjur.github.com/jsrsasign/license
   2  */
   3 /*
   4  * keyutil.js - key utility for PKCS#1/5/8 PEM, RSA/DSA/ECDSA key object
   5  *
-  6  * Copyright (c) 2013-2014 Kenji Urushima (kenji.urushima@gmail.com)
+  6  * Copyright (c) 2013-2015 Kenji Urushima (kenji.urushima@gmail.com)
   7  *
   8  * This software is licensed under the terms of the MIT License.
   9  * http://kjur.github.com/jsrsasign/license
@@ -22,7 +22,7 @@
  15  * @fileOverview
  16  * @name keyutil-1.0.js
  17  * @author Kenji Urushima kenji.urushima@gmail.com
- 18  * @version keyutil 1.0.7 (2014-May-17)
+ 18  * @version keyutil 1.0.8 (2015-Jul-02)
  19  * @since jsrsasign 4.1.4
  20  * @license <a href="http://kjur.github.io/jsrsasign/license/">MIT License</a>
  21  */
@@ -1250,567 +1250,567 @@
 1243  * <ul>
 1244  * <li>Encrypted PKCS#8 only supports PBKDF2/HmacSHA1/3DES</li>
 1245  * <li>Encrypted PKCS#5 supports DES-CBC, DES-EDE3-CBC, AES-{128,192.256}-CBC</li>
-1246  * </ul>
-1247  */
-1248 KEYUTIL.getKey = function(param, passcode, hextype) {
-1249     // 1. by key object
-1250     if (typeof RSAKey != 'undefined' && param instanceof RSAKey)
-1251         return param;
-1252     if (typeof KJUR.crypto.ECDSA != 'undefined' && param instanceof KJUR.crypto.ECDSA)
+1246  * <li>JWT plain RSA/ECC private/public key</li>
+1247  * </ul>
+1248  * NOTE: <a href="https://tools.ietf.org/html/rfc7517">RFC 7517 JSON Web Key(JWK)</a> support for RSA/ECC private/public key from jsrsasign 4.8.1.
+1249  */
+1250 KEYUTIL.getKey = function(param, passcode, hextype) {
+1251     // 1. by key object
+1252     if (typeof RSAKey != 'undefined' && param instanceof RSAKey)
 1253         return param;
-1254     if (typeof KJUR.crypto.DSA != 'undefined' && param instanceof KJUR.crypto.DSA)
+1254     if (typeof KJUR.crypto.ECDSA != 'undefined' && param instanceof KJUR.crypto.ECDSA)
 1255         return param;
-1256 
-1257     // 2. by key spec
-1258     // 2.1. ECC private key
-1259     if (param.xy !== undefined && param.curve !== undefined) {
-1260         return new KJUR.crypto.ECDSA({prv: param.xy, curve: param.curve});
-1261     }
-1262     // 2.2. RSA private key
-1263     if (param.n !== undefined && param.e !== undefined && param.d !== undefined &&
-1264         param.p !== undefined && param.q !== undefined &&
-1265         param.dp !== undefined && param.dq !== undefined && param.co !== undefined) {
-1266         var key = new RSAKey();
-1267         key.setPrivateEx(param.n, param.e, param.d, param.p, param.q,
-1268                          param.dp, param.dq, param.co);
-1269         return key;
-1270     }
-1271     // 2.3. DSA private key
-1272     if (param.p !== undefined && param.q !== undefined && param.g !== undefined && 
-1273         param.y !== undefined && param.x !== undefined) {
-1274         var key = new KJUR.crypto.DSA();
-1275         key.setPrivate(param.p, param.q, param.g, param.y, param.x);
-1276         return key;
-1277     }
-1278 
-1279     // 2.4. ECC public key
-1280     if (param.d !== undefined && param.curve !== undefined) {
-1281         return new KJUR.crypto.ECDSA({pub: param.d, curve: param.curve});
-1282     }
-1283     // 2.5. RSA private key
-1284     if (param.n !== undefined && param.e) {
-1285         var key = new RSAKey();
-1286         key.setPublic(param.n, param.e);
-1287         return key;
-1288     }
-1289     // 2.6. DSA public key
-1290     if (param.p !== undefined && param.q !== undefined && param.g !== undefined && 
-1291         param.y !== undefined && param.x === undefined) {
-1292         var key = new KJUR.crypto.DSA();
-1293         key.setPublic(param.p, param.q, param.g, param.y);
-1294         return key;
-1295     }
-1296 
-1297     // 3. by cert
-1298     if (param.indexOf("-END CERTIFICATE-", 0) != -1 ||
-1299         param.indexOf("-END X509 CERTIFICATE-", 0) != -1 ||
-1300         param.indexOf("-END TRUSTED CERTIFICATE-", 0) != -1) {
-1301         return X509.getPublicKeyFromCertPEM(param);
-1302     }
-1303 
-1304     // 4. public key by PKCS#8 hexadecimal string
-1305     if (hextype === "pkcs8pub") {
-1306         return KEYUTIL.getKeyFromPublicPKCS8Hex(param);
-1307     }
-1308 
-1309     // 5. public key by PKCS#8 PEM string
-1310     if (param.indexOf("-END PUBLIC KEY-") != -1) {
-1311         return KEYUTIL.getKeyFromPublicPKCS8PEM(param);
-1312     }
-1313     
-1314     // 6. private key by PKCS#5 plain hexadecimal RSA string
-1315     if (hextype === "pkcs5prv") {
-1316         var key = new RSAKey();
-1317         key.readPrivateKeyFromASN1HexString(param);
-1318         return key;
-1319     }
-1320 
-1321     // 7. private key by plain PKCS#5 hexadecimal RSA string
-1322     if (hextype === "pkcs5prv") {
-1323         var key = new RSAKey();
-1324         key.readPrivateKeyFromASN1HexString(param);
-1325         return key;
-1326     }
-1327 
-1328     // 8. private key by plain PKCS#5 PEM RSA string
-1329     if (param.indexOf("-END RSA PRIVATE KEY-") != -1 &&
-1330         param.indexOf("4,ENCRYPTED") == -1) {
-1331         var key = new RSAKey();
-1332         key.readPrivateKeyFromPEMString(param);
-1333         return key;
-1334     }
-1335 
-1336     // 8.2. private key by plain PKCS#5 PEM DSA string
-1337     if (param.indexOf("-END DSA PRIVATE KEY-") != -1 &&
-1338         param.indexOf("4,ENCRYPTED") == -1) {
-1339 
-1340         var hKey = this.getHexFromPEM(param, "DSA PRIVATE KEY");
-1341         var p = ASN1HEX.getVbyList(hKey, 0, [1], "02");
-1342         var q = ASN1HEX.getVbyList(hKey, 0, [2], "02");
-1343         var g = ASN1HEX.getVbyList(hKey, 0, [3], "02");
-1344         var y = ASN1HEX.getVbyList(hKey, 0, [4], "02");
-1345         var x = ASN1HEX.getVbyList(hKey, 0, [5], "02");
-1346         var key = new KJUR.crypto.DSA();
-1347         key.setPrivate(new BigInteger(p, 16),
-1348                        new BigInteger(q, 16),
-1349                        new BigInteger(g, 16),
-1350                        new BigInteger(y, 16),
-1351                        new BigInteger(x, 16));
-1352         return key;
-1353     }
-1354 
-1355     // 9. private key by plain PKCS#8 PEM ECC/RSA string
-1356     if (param.indexOf("-END PRIVATE KEY-") != -1) {
-1357         return KEYUTIL.getKeyFromPlainPrivatePKCS8PEM(param);
-1358     }
-1359 
-1360     // 10. private key by encrypted PKCS#5 PEM RSA string
-1361     if (param.indexOf("-END RSA PRIVATE KEY-") != -1 &&
-1362         param.indexOf("4,ENCRYPTED") != -1) {
-1363         return KEYUTIL.getRSAKeyFromEncryptedPKCS5PEM(param, passcode);
-1364     }
-1365 
-1366     // 10.2. private key by encrypted PKCS#5 PEM ECDSA string
-1367     if (param.indexOf("-END EC PRIVATE KEY-") != -1 &&
-1368         param.indexOf("4,ENCRYPTED") != -1) {
-1369         var hKey = KEYUTIL.getDecryptedKeyHex(param, passcode);
-1370 
-1371         var key = ASN1HEX.getVbyList(hKey, 0, [1], "04");
-1372         var curveNameOidHex = ASN1HEX.getVbyList(hKey, 0, [2,0], "06");
-1373         var pubkey = ASN1HEX.getVbyList(hKey, 0, [3,0], "03").substr(2);
-1374         var curveName = "";
-1375 
-1376         if (KJUR.crypto.OID.oidhex2name[curveNameOidHex] !== undefined) {
-1377             curveName = KJUR.crypto.OID.oidhex2name[curveNameOidHex];
-1378         } else {
-1379             throw "undefined OID(hex) in KJUR.crypto.OID: " + curveNameOidHex;
-1380         }
-1381 
-1382         var ec = new KJUR.crypto.ECDSA({'name': curveName});
-1383         ec.setPublicKeyHex(pubkey);
-1384         ec.setPrivateKeyHex(key);
-1385         ec.isPublic = false;
-1386         return ec;
+1256     if (typeof KJUR.crypto.DSA != 'undefined' && param instanceof KJUR.crypto.DSA)
+1257         return param;
+1258 
+1259     // 2. by key spec
+1260     // 2.1. ECC private key
+1261     if (param.xy !== undefined && param.curve !== undefined) {
+1262         return new KJUR.crypto.ECDSA({prv: param.xy, curve: param.curve});
+1263     }
+1264     // 2.2. bare RSA private key
+1265     if (param.n !== undefined &&
+1266 	param.e !== undefined &&
+1267 	param.d !== undefined &&
+1268         param.p !== undefined &&
+1269 	param.q !== undefined &&
+1270         param.dp !== undefined &&
+1271 	param.dq !== undefined &&
+1272 	param.co !== undefined &&
+1273         param.qi === undefined) {
+1274         var key = new RSAKey();
+1275         key.setPrivateEx(param.n, param.e, param.d, param.p, param.q,
+1276                          param.dp, param.dq, param.co);
+1277         return key;
+1278     }
+1279     // 2.3. DSA private key
+1280     if (param.p !== undefined && param.q !== undefined && param.g !== undefined && 
+1281         param.y !== undefined && param.x !== undefined) {
+1282         var key = new KJUR.crypto.DSA();
+1283         key.setPrivate(param.p, param.q, param.g, param.y, param.x);
+1284         return key;
+1285     }
+1286 
+1287     // 2.4. ECC public key
+1288     if (param.d !== undefined && param.curve !== undefined) {
+1289         return new KJUR.crypto.ECDSA({pub: param.d, curve: param.curve});
+1290     }
+1291     // 2.5. bare RSA public key
+1292     if (param.kty === undefined && param.n !== undefined && param.e) {
+1293         var key = new RSAKey();
+1294         key.setPublic(param.n, param.e);
+1295         return key;
+1296     }
+1297     // 2.6. DSA public key
+1298     if (param.p !== undefined && param.q !== undefined && param.g !== undefined && 
+1299         param.y !== undefined && param.x === undefined) {
+1300         var key = new KJUR.crypto.DSA();
+1301         key.setPublic(param.p, param.q, param.g, param.y);
+1302         return key;
+1303     }
+1304 
+1305     // 2.7. JWK RSA public key
+1306     if (param.kty === "RSA" &&
+1307 	param.n !== undefined &&
+1308 	param.e !== undefined &&
+1309 	param.d === undefined) {
+1310 	var key = new RSAKey();
+1311 	key.setPublic(b64utohex(param.n), b64utohex(param.e));
+1312 	return key;
+1313     }
+1314 
+1315     // 2.8. JWK RSA private key
+1316     if (param.kty === "RSA" &&
+1317 	param.n !== undefined &&
+1318 	param.e !== undefined &&
+1319 	param.d !== undefined &&
+1320 	param.p !== undefined &&
+1321 	param.q !== undefined &&
+1322 	param.dp !== undefined &&
+1323 	param.dq !== undefined &&
+1324 	param.qi !== undefined) {
+1325 	var key = new RSAKey();
+1326         key.setPrivateEx(b64utohex(param.n),
+1327 			 b64utohex(param.e),
+1328 			 b64utohex(param.d),
+1329 			 b64utohex(param.p),
+1330 			 b64utohex(param.q),
+1331                          b64utohex(param.dp),
+1332 			 b64utohex(param.dq),
+1333 			 b64utohex(param.qi));
+1334 	return key;
+1335     }
+1336 
+1337     // 2.9. JWK ECC public key
+1338     if (param.kty === "EC" &&
+1339 	param.crv !== undefined &&
+1340 	param.x !== undefined &&
+1341 	param.y !== undefined &&
+1342         param.d === undefined) {
+1343 	var ec = new KJUR.crypto.ECDSA({"curve": param.crv});
+1344 	var charlen = ec.ecparams.keylen / 4;
+1345         var hX   = ("0000000000" + b64utohex(param.x)).slice(- charlen);
+1346         var hY   = ("0000000000" + b64utohex(param.y)).slice(- charlen);
+1347         var hPub = "04" + hX + hY;
+1348 	ec.setPublicKeyHex(hPub);
+1349 	return ec;
+1350     }
+1351 
+1352     // 2.10. JWK ECC private key
+1353     if (param.kty === "EC" &&
+1354 	param.crv !== undefined &&
+1355 	param.x !== undefined &&
+1356 	param.y !== undefined &&
+1357         param.d !== undefined) {
+1358 	var ec = new KJUR.crypto.ECDSA({"curve": param.crv});
+1359 	var charlen = ec.ecparams.keylen / 4;
+1360         var hPrv = ("0000000000" + b64utohex(param.d)).slice(- charlen);
+1361 	ec.setPrivateKeyHex(hPrv);
+1362 	return ec;
+1363     }
+1364     
+1365     // 3. by cert
+1366     if (param.indexOf("-END CERTIFICATE-", 0) != -1 ||
+1367         param.indexOf("-END X509 CERTIFICATE-", 0) != -1 ||
+1368         param.indexOf("-END TRUSTED CERTIFICATE-", 0) != -1) {
+1369         return X509.getPublicKeyFromCertPEM(param);
+1370     }
+1371 
+1372     // 4. public key by PKCS#8 hexadecimal string
+1373     if (hextype === "pkcs8pub") {
+1374         return KEYUTIL.getKeyFromPublicPKCS8Hex(param);
+1375     }
+1376 
+1377     // 5. public key by PKCS#8 PEM string
+1378     if (param.indexOf("-END PUBLIC KEY-") != -1) {
+1379         return KEYUTIL.getKeyFromPublicPKCS8PEM(param);
+1380     }
+1381     
+1382     // 6. private key by PKCS#5 plain hexadecimal RSA string
+1383     if (hextype === "pkcs5prv") {
+1384         var key = new RSAKey();
+1385         key.readPrivateKeyFromASN1HexString(param);
+1386         return key;
 1387     }
 1388 
-1389     // 10.3. private key by encrypted PKCS#5 PEM DSA string
-1390     if (param.indexOf("-END DSA PRIVATE KEY-") != -1 &&
-1391         param.indexOf("4,ENCRYPTED") != -1) {
-1392         var hKey = KEYUTIL.getDecryptedKeyHex(param, passcode);
-1393         var p = ASN1HEX.getVbyList(hKey, 0, [1], "02");
-1394         var q = ASN1HEX.getVbyList(hKey, 0, [2], "02");
-1395         var g = ASN1HEX.getVbyList(hKey, 0, [3], "02");
-1396         var y = ASN1HEX.getVbyList(hKey, 0, [4], "02");
-1397         var x = ASN1HEX.getVbyList(hKey, 0, [5], "02");
-1398         var key = new KJUR.crypto.DSA();
-1399         key.setPrivate(new BigInteger(p, 16),
-1400                        new BigInteger(q, 16),
-1401                        new BigInteger(g, 16),
-1402                        new BigInteger(y, 16),
-1403                        new BigInteger(x, 16));
-1404         return key;
-1405     }
-1406 
-1407     // 11. private key by encrypted PKCS#8 hexadecimal RSA/ECDSA string
-1408     if (param.indexOf("-END ENCRYPTED PRIVATE KEY-") != -1) {
-1409         return KEYUTIL.getKeyFromEncryptedPKCS8PEM(param, passcode);
-1410     }
-1411 
-1412     throw "not supported argument";
-1413 };
-1414 
-1415 /**
-1416  * @name generateKeypair
-1417  * @memberOf KEYUTIL
-1418  * @function
-1419  * @static
-1420  * @param {String} alg 'RSA' or 'EC'
-1421  * @param {Object} keylenOrCurve key length for RSA or curve name for EC
-1422  * @return {Array} associative array of keypair which has prvKeyObj and pubKeyObj parameters
-1423  * @since keyutil 1.0.1
-1424  * @description
-1425  * This method generates a key pair of public key algorithm.
-1426  * The result will be an associative array which has following
-1427  * parameters:
-1428  * <ul>
-1429  * <li>prvKeyObj - RSAKey or ECDSA object of private key</li>
-1430  * <li>pubKeyObj - RSAKey or ECDSA object of public key</li>
-1431  * </ul>
-1432  * NOTE1: As for RSA algoirthm, public exponent has fixed
-1433  * value '0x10001'.
-1434  * NOTE2: As for EC algorithm, supported names of curve are
-1435  * secp256r1, secp256k1 and secp384r1.
-1436  * NOTE3: DSA is not supported yet.
-1437  * @example
-1438  * var rsaKeypair = KEYUTIL.generateKeypair("RSA", 1024);
-1439  * var ecKeypair = KEYUTIL.generateKeypair("EC", "secp256r1");
-1440  *
-1441  */
-1442 KEYUTIL.generateKeypair = function(alg, keylenOrCurve) {
-1443     if (alg == "RSA") {
-1444         var keylen = keylenOrCurve;
-1445         var prvKey = new RSAKey();
-1446         prvKey.generate(keylen, '10001');
-1447         prvKey.isPrivate = true;
-1448         prvKey.isPublic = true;
-1449         
-1450         var pubKey = new RSAKey();
-1451         var hN = prvKey.n.toString(16);
-1452         var hE = prvKey.e.toString(16);
-1453         pubKey.setPublic(hN, hE);
-1454         pubKey.isPrivate = false;
-1455         pubKey.isPublic = true;
-1456         
-1457         var result = {};
-1458         result.prvKeyObj = prvKey;
-1459         result.pubKeyObj = pubKey;
-1460         return result;
-1461     } else if (alg == "EC") {
-1462         var curve = keylenOrCurve;
-1463         var ec = new KJUR.crypto.ECDSA({curve: curve});
-1464         var keypairHex = ec.generateKeyPairHex();
-1465 
-1466         var prvKey = new KJUR.crypto.ECDSA({curve: curve});
-1467         prvKey.setPrivateKeyHex(keypairHex.ecprvhex);
-1468         prvKey.isPrivate = true;
-1469         prvKey.isPublic = false;
-1470 
-1471         var pubKey = new KJUR.crypto.ECDSA({curve: curve});
-1472         pubKey.setPublicKeyHex(keypairHex.ecpubhex);
-1473         pubKey.isPrivate = false;
-1474         pubKey.isPublic = true;
-1475 
-1476         var result = {};
-1477         result.prvKeyObj = prvKey;
-1478         result.pubKeyObj = pubKey;
-1479         return result;
-1480     } else {
-1481         throw "unknown algorithm: " + alg;
-1482     }
-1483 };
-1484 
-1485 /**
-1486  * get PEM formatted private or public key file from a RSA/ECDSA/DSA key object
-1487  * @name getPEM
-1488  * @memberOf KEYUTIL
-1489  * @function
-1490  * @static
-1491  * @param {Object} keyObjOrHex key object {@link RSAKey}, {@link KJUR.crypto.ECDSA} or {@link KJUR.crypto.DSA} to encode to
-1492  * @param {String} formatType (OPTION) output format type of "PKCS1PRV", "PKCS5PRV" or "PKCS8PRV" for private key
-1493  * @param {String} passwd (OPTION) password to protect private key
-1494  * @param {String} encAlg (OPTION) encryption algorithm for PKCS#5. currently supports DES-CBC, DES-EDE3-CBC and AES-{128,192,256}-CBC
-1495  * @since keyutil 1.0.4
-1496  * @description
-1497  * <dl>
-1498  * <dt><b>NOTE1:</b>
-1499  * <dd>
-1500  * PKCS#5 encrypted private key protection algorithm supports DES-CBC, 
-1501  * DES-EDE3-CBC and AES-{128,192,256}-CBC
-1502  * <dt><b>NOTE2:</b>
-1503  * <dd>
-1504  * OpenSSL supports
-1505  * </dl>
-1506  * @example
-1507  * KEUUTIL.getPEM(publicKey) => generates PEM PKCS#8 public key 
-1508  * KEUUTIL.getPEM(privateKey, "PKCS1PRV") => generates PEM PKCS#1 plain private key
-1509  * KEUUTIL.getPEM(privateKey, "PKCS5PRV", "pass") => generates PEM PKCS#5 encrypted private key 
-1510  *                                                          with DES-EDE3-CBC (DEFAULT)
-1511  * KEUUTIL.getPEM(privateKey, "PKCS5PRV", "pass", "DES-CBC") => generates PEM PKCS#5 encrypted 
-1512  *                                                                 private key with DES-CBC
-1513  * KEUUTIL.getPEM(privateKey, "PKCS8PRV") => generates PEM PKCS#8 plain private key
-1514  * KEUUTIL.getPEM(privateKey, "PKCS8PRV", "pass") => generates PEM PKCS#8 encrypted private key
-1515  *                                                      with PBKDF2_HmacSHA1_3DES
-1516  */
-1517 KEYUTIL.getPEM = function(keyObjOrHex, formatType, passwd, encAlg, hexType) {
-1518     var ns1 = KJUR.asn1;
-1519     var ns2 = KJUR.crypto;
-1520 
-1521     function _rsaprv2asn1obj(keyObjOrHex) {
-1522         var asn1Obj = KJUR.asn1.ASN1Util.newObject({
-1523             "seq": [
-1524                 {"int": 0 },
-1525                 {"int": {"bigint": keyObjOrHex.n}},
-1526                 {"int": keyObjOrHex.e},
-1527                 {"int": {"bigint": keyObjOrHex.d}},
-1528                 {"int": {"bigint": keyObjOrHex.p}},
-1529                 {"int": {"bigint": keyObjOrHex.q}},
-1530                 {"int": {"bigint": keyObjOrHex.dmp1}},
-1531                 {"int": {"bigint": keyObjOrHex.dmq1}},
-1532                 {"int": {"bigint": keyObjOrHex.coeff}}
-1533             ]
-1534         });
-1535         return asn1Obj;
-1536     };
-1537 
-1538     function _ecdsaprv2asn1obj(keyObjOrHex) {
-1539         var asn1Obj2 = KJUR.asn1.ASN1Util.newObject({
-1540             "seq": [
-1541                 {"int": 1 },
-1542                 {"octstr": {"hex": keyObjOrHex.prvKeyHex}},
-1543                 {"tag": ['a0', true, {'oid': {'name': keyObjOrHex.curveName}}]},
-1544                 {"tag": ['a1', true, {'bitstr': {'hex': '00' + keyObjOrHex.pubKeyHex}}]}
-1545             ]
-1546         });
-1547         return asn1Obj2;
-1548     };
-1549 
-1550     function _dsaprv2asn1obj(keyObjOrHex) {
-1551         var asn1Obj = KJUR.asn1.ASN1Util.newObject({
-1552             "seq": [
-1553                 {"int": 0 },
-1554                 {"int": {"bigint": keyObjOrHex.p}},
-1555                 {"int": {"bigint": keyObjOrHex.q}},
-1556                 {"int": {"bigint": keyObjOrHex.g}},
-1557                 {"int": {"bigint": keyObjOrHex.y}},
-1558                 {"int": {"bigint": keyObjOrHex.x}}
-1559             ]
-1560         });
-1561         return asn1Obj;
-1562     };
-1563 
-1564     // 1. public key
-1565 
-1566     // x. PEM PKCS#8 public key of RSA/ECDSA/DSA public key object
-1567     if (((typeof RSAKey != "undefined" && keyObjOrHex instanceof RSAKey) ||
-1568          (typeof ns2.DSA != "undefined" && keyObjOrHex instanceof ns2.DSA) ||
-1569          (typeof ns2.ECDSA != "undefined" && keyObjOrHex instanceof ns2.ECDSA)) &&
-1570         keyObjOrHex.isPublic == true &&
-1571         (formatType === undefined || formatType == "PKCS8PUB")) {
-1572         var asn1Obj = new KJUR.asn1.x509.SubjectPublicKeyInfo(keyObjOrHex);
-1573         var asn1Hex = asn1Obj.getEncodedHex();
-1574         return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "PUBLIC KEY");
-1575     }
-1576     
-1577     // 2. private
-1578 
-1579     // x. PEM PKCS#1 plain private key of RSA private key object
-1580     if (formatType == "PKCS1PRV" &&
-1581         typeof RSAKey != "undefined" &&
-1582         keyObjOrHex instanceof RSAKey &&
-1583         (passwd === undefined || passwd == null) &&
-1584         keyObjOrHex.isPrivate  == true) {
-1585 
-1586         var asn1Obj = _rsaprv2asn1obj(keyObjOrHex);
-1587         var asn1Hex = asn1Obj.getEncodedHex();
-1588         return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "RSA PRIVATE KEY");
-1589     }
-1590 
-1591     // x. PEM PKCS#1 plain private key of ECDSA private key object
-1592     if (formatType == "PKCS1PRV" &&
-1593         typeof RSAKey != "undefined" &&
-1594         keyObjOrHex instanceof KJUR.crypto.ECDSA &&
-1595         (passwd === undefined || passwd == null) &&
-1596         keyObjOrHex.isPrivate  == true) {
-1597 
-1598         var asn1Obj1 = new KJUR.asn1.DERObjectIdentifier({'name': keyObjOrHex.curveName});
-1599         var asn1Hex1 = asn1Obj1.getEncodedHex();
-1600         var asn1Obj2 = _ecdsaprv2asn1obj(keyObjOrHex);
-1601         var asn1Hex2 = asn1Obj2.getEncodedHex();
-1602 
-1603         var s = "";
-1604         s += ns1.ASN1Util.getPEMStringFromHex(asn1Hex1, "EC PARAMETERS");
-1605         s += ns1.ASN1Util.getPEMStringFromHex(asn1Hex2, "EC PRIVATE KEY");
-1606         return s;
-1607     }
-1608 
-1609     // x. PEM PKCS#1 plain private key of DSA private key object
-1610     if (formatType == "PKCS1PRV" &&
-1611         typeof KJUR.crypto.DSA != "undefined" &&
-1612         keyObjOrHex instanceof KJUR.crypto.DSA &&
-1613         (passwd === undefined || passwd == null) &&
-1614         keyObjOrHex.isPrivate  == true) {
-1615 
-1616         var asn1Obj = _dsaprv2asn1obj(keyObjOrHex);
-1617         var asn1Hex = asn1Obj.getEncodedHex();
-1618         return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "DSA PRIVATE KEY");
-1619     }
-1620 
-1621     // 3. private
-1622 
-1623     // x. PEM PKCS#5 encrypted private key of RSA private key object
-1624     if (formatType == "PKCS5PRV" &&
-1625         typeof RSAKey != "undefined" &&
-1626         keyObjOrHex instanceof RSAKey &&
-1627         (passwd !== undefined && passwd != null) &&
-1628         keyObjOrHex.isPrivate  == true) {
-1629 
-1630         var asn1Obj = _rsaprv2asn1obj(keyObjOrHex);
-1631         var asn1Hex = asn1Obj.getEncodedHex();
-1632 
-1633         if (encAlg === undefined) encAlg = "DES-EDE3-CBC";
-1634         return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA", asn1Hex, passwd, encAlg);
-1635     }
-1636 
-1637     // x. PEM PKCS#5 encrypted private key of ECDSA private key object
-1638     if (formatType == "PKCS5PRV" &&
-1639         typeof KJUR.crypto.ECDSA != "undefined" &&
-1640         keyObjOrHex instanceof KJUR.crypto.ECDSA &&
-1641         (passwd !== undefined && passwd != null) &&
-1642         keyObjOrHex.isPrivate  == true) {
-1643 
-1644         var asn1Obj = _ecdsaprv2asn1obj(keyObjOrHex);
-1645         var asn1Hex = asn1Obj.getEncodedHex();
+1389     // 7. private key by plain PKCS#5 hexadecimal RSA string
+1390     if (hextype === "pkcs5prv") {
+1391         var key = new RSAKey();
+1392         key.readPrivateKeyFromASN1HexString(param);
+1393         return key;
+1394     }
+1395 
+1396     // 8. private key by plain PKCS#5 PEM RSA string
+1397     if (param.indexOf("-END RSA PRIVATE KEY-") != -1 &&
+1398         param.indexOf("4,ENCRYPTED") == -1) {
+1399         var key = new RSAKey();
+1400         key.readPrivateKeyFromPEMString(param);
+1401         return key;
+1402     }
+1403 
+1404     // 8.2. private key by plain PKCS#5 PEM DSA string
+1405     if (param.indexOf("-END DSA PRIVATE KEY-") != -1 &&
+1406         param.indexOf("4,ENCRYPTED") == -1) {
+1407 
+1408         var hKey = this.getHexFromPEM(param, "DSA PRIVATE KEY");
+1409         var p = ASN1HEX.getVbyList(hKey, 0, [1], "02");
+1410         var q = ASN1HEX.getVbyList(hKey, 0, [2], "02");
+1411         var g = ASN1HEX.getVbyList(hKey, 0, [3], "02");
+1412         var y = ASN1HEX.getVbyList(hKey, 0, [4], "02");
+1413         var x = ASN1HEX.getVbyList(hKey, 0, [5], "02");
+1414         var key = new KJUR.crypto.DSA();
+1415         key.setPrivate(new BigInteger(p, 16),
+1416                        new BigInteger(q, 16),
+1417                        new BigInteger(g, 16),
+1418                        new BigInteger(y, 16),
+1419                        new BigInteger(x, 16));
+1420         return key;
+1421     }
+1422 
+1423     // 9. private key by plain PKCS#8 PEM ECC/RSA string
+1424     if (param.indexOf("-END PRIVATE KEY-") != -1) {
+1425         return KEYUTIL.getKeyFromPlainPrivatePKCS8PEM(param);
+1426     }
+1427 
+1428     // 10. private key by encrypted PKCS#5 PEM RSA string
+1429     if (param.indexOf("-END RSA PRIVATE KEY-") != -1 &&
+1430         param.indexOf("4,ENCRYPTED") != -1) {
+1431         return KEYUTIL.getRSAKeyFromEncryptedPKCS5PEM(param, passcode);
+1432     }
+1433 
+1434     // 10.2. private key by encrypted PKCS#5 PEM ECDSA string
+1435     if (param.indexOf("-END EC PRIVATE KEY-") != -1 &&
+1436         param.indexOf("4,ENCRYPTED") != -1) {
+1437         var hKey = KEYUTIL.getDecryptedKeyHex(param, passcode);
+1438 
+1439         var key = ASN1HEX.getVbyList(hKey, 0, [1], "04");
+1440         var curveNameOidHex = ASN1HEX.getVbyList(hKey, 0, [2,0], "06");
+1441         var pubkey = ASN1HEX.getVbyList(hKey, 0, [3,0], "03").substr(2);
+1442         var curveName = "";
+1443 
+1444         if (KJUR.crypto.OID.oidhex2name[curveNameOidHex] !== undefined) {
+1445             curveName = KJUR.crypto.OID.oidhex2name[curveNameOidHex];
+1446         } else {
+1447             throw "undefined OID(hex) in KJUR.crypto.OID: " + curveNameOidHex;
+1448         }
+1449 
+1450         var ec = new KJUR.crypto.ECDSA({'name': curveName});
+1451         ec.setPublicKeyHex(pubkey);
+1452         ec.setPrivateKeyHex(key);
+1453         ec.isPublic = false;
+1454         return ec;
+1455     }
+1456 
+1457     // 10.3. private key by encrypted PKCS#5 PEM DSA string
+1458     if (param.indexOf("-END DSA PRIVATE KEY-") != -1 &&
+1459         param.indexOf("4,ENCRYPTED") != -1) {
+1460         var hKey = KEYUTIL.getDecryptedKeyHex(param, passcode);
+1461         var p = ASN1HEX.getVbyList(hKey, 0, [1], "02");
+1462         var q = ASN1HEX.getVbyList(hKey, 0, [2], "02");
+1463         var g = ASN1HEX.getVbyList(hKey, 0, [3], "02");
+1464         var y = ASN1HEX.getVbyList(hKey, 0, [4], "02");
+1465         var x = ASN1HEX.getVbyList(hKey, 0, [5], "02");
+1466         var key = new KJUR.crypto.DSA();
+1467         key.setPrivate(new BigInteger(p, 16),
+1468                        new BigInteger(q, 16),
+1469                        new BigInteger(g, 16),
+1470                        new BigInteger(y, 16),
+1471                        new BigInteger(x, 16));
+1472         return key;
+1473     }
+1474 
+1475     // 11. private key by encrypted PKCS#8 hexadecimal RSA/ECDSA string
+1476     if (param.indexOf("-END ENCRYPTED PRIVATE KEY-") != -1) {
+1477         return KEYUTIL.getKeyFromEncryptedPKCS8PEM(param, passcode);
+1478     }
+1479 
+1480     throw "not supported argument";
+1481 };
+1482 
+1483 /**
+1484  * @name generateKeypair
+1485  * @memberOf KEYUTIL
+1486  * @function
+1487  * @static
+1488  * @param {String} alg 'RSA' or 'EC'
+1489  * @param {Object} keylenOrCurve key length for RSA or curve name for EC
+1490  * @return {Array} associative array of keypair which has prvKeyObj and pubKeyObj parameters
+1491  * @since keyutil 1.0.1
+1492  * @description
+1493  * This method generates a key pair of public key algorithm.
+1494  * The result will be an associative array which has following
+1495  * parameters:
+1496  * <ul>
+1497  * <li>prvKeyObj - RSAKey or ECDSA object of private key</li>
+1498  * <li>pubKeyObj - RSAKey or ECDSA object of public key</li>
+1499  * </ul>
+1500  * NOTE1: As for RSA algoirthm, public exponent has fixed
+1501  * value '0x10001'.
+1502  * NOTE2: As for EC algorithm, supported names of curve are
+1503  * secp256r1, secp256k1 and secp384r1.
+1504  * NOTE3: DSA is not supported yet.
+1505  * @example
+1506  * var rsaKeypair = KEYUTIL.generateKeypair("RSA", 1024);
+1507  * var ecKeypair = KEYUTIL.generateKeypair("EC", "secp256r1");
+1508  *
+1509  */
+1510 KEYUTIL.generateKeypair = function(alg, keylenOrCurve) {
+1511     if (alg == "RSA") {
+1512         var keylen = keylenOrCurve;
+1513         var prvKey = new RSAKey();
+1514         prvKey.generate(keylen, '10001');
+1515         prvKey.isPrivate = true;
+1516         prvKey.isPublic = true;
+1517         
+1518         var pubKey = new RSAKey();
+1519         var hN = prvKey.n.toString(16);
+1520         var hE = prvKey.e.toString(16);
+1521         pubKey.setPublic(hN, hE);
+1522         pubKey.isPrivate = false;
+1523         pubKey.isPublic = true;
+1524         
+1525         var result = {};
+1526         result.prvKeyObj = prvKey;
+1527         result.pubKeyObj = pubKey;
+1528         return result;
+1529     } else if (alg == "EC") {
+1530         var curve = keylenOrCurve;
+1531         var ec = new KJUR.crypto.ECDSA({curve: curve});
+1532         var keypairHex = ec.generateKeyPairHex();
+1533 
+1534         var prvKey = new KJUR.crypto.ECDSA({curve: curve});
+1535         prvKey.setPrivateKeyHex(keypairHex.ecprvhex);
+1536         prvKey.isPrivate = true;
+1537         prvKey.isPublic = false;
+1538 
+1539         var pubKey = new KJUR.crypto.ECDSA({curve: curve});
+1540         pubKey.setPublicKeyHex(keypairHex.ecpubhex);
+1541         pubKey.isPrivate = false;
+1542         pubKey.isPublic = true;
+1543 
+1544         var result = {};
+1545         result.prvKeyObj = prvKey;
+1546         result.pubKeyObj = pubKey;
+1547         return result;
+1548     } else {
+1549         throw "unknown algorithm: " + alg;
+1550     }
+1551 };
+1552 
+1553 /**
+1554  * get PEM formatted private or public key file from a RSA/ECDSA/DSA key object
+1555  * @name getPEM
+1556  * @memberOf KEYUTIL
+1557  * @function
+1558  * @static
+1559  * @param {Object} keyObjOrHex key object {@link RSAKey}, {@link KJUR.crypto.ECDSA} or {@link KJUR.crypto.DSA} to encode to
+1560  * @param {String} formatType (OPTION) output format type of "PKCS1PRV", "PKCS5PRV" or "PKCS8PRV" for private key
+1561  * @param {String} passwd (OPTION) password to protect private key
+1562  * @param {String} encAlg (OPTION) encryption algorithm for PKCS#5. currently supports DES-CBC, DES-EDE3-CBC and AES-{128,192,256}-CBC
+1563  * @since keyutil 1.0.4
+1564  * @description
+1565  * <dl>
+1566  * <dt><b>NOTE1:</b>
+1567  * <dd>
+1568  * PKCS#5 encrypted private key protection algorithm supports DES-CBC, 
+1569  * DES-EDE3-CBC and AES-{128,192,256}-CBC
+1570  * <dt><b>NOTE2:</b>
+1571  * <dd>
+1572  * OpenSSL supports
+1573  * </dl>
+1574  * @example
+1575  * KEUUTIL.getPEM(publicKey) => generates PEM PKCS#8 public key 
+1576  * KEUUTIL.getPEM(privateKey, "PKCS1PRV") => generates PEM PKCS#1 plain private key
+1577  * KEUUTIL.getPEM(privateKey, "PKCS5PRV", "pass") => generates PEM PKCS#5 encrypted private key 
+1578  *                                                          with DES-EDE3-CBC (DEFAULT)
+1579  * KEUUTIL.getPEM(privateKey, "PKCS5PRV", "pass", "DES-CBC") => generates PEM PKCS#5 encrypted 
+1580  *                                                                 private key with DES-CBC
+1581  * KEUUTIL.getPEM(privateKey, "PKCS8PRV") => generates PEM PKCS#8 plain private key
+1582  * KEUUTIL.getPEM(privateKey, "PKCS8PRV", "pass") => generates PEM PKCS#8 encrypted private key
+1583  *                                                      with PBKDF2_HmacSHA1_3DES
+1584  */
+1585 KEYUTIL.getPEM = function(keyObjOrHex, formatType, passwd, encAlg, hexType) {
+1586     var ns1 = KJUR.asn1;
+1587     var ns2 = KJUR.crypto;
+1588 
+1589     function _rsaprv2asn1obj(keyObjOrHex) {
+1590         var asn1Obj = KJUR.asn1.ASN1Util.newObject({
+1591             "seq": [
+1592                 {"int": 0 },
+1593                 {"int": {"bigint": keyObjOrHex.n}},
+1594                 {"int": keyObjOrHex.e},
+1595                 {"int": {"bigint": keyObjOrHex.d}},
+1596                 {"int": {"bigint": keyObjOrHex.p}},
+1597                 {"int": {"bigint": keyObjOrHex.q}},
+1598                 {"int": {"bigint": keyObjOrHex.dmp1}},
+1599                 {"int": {"bigint": keyObjOrHex.dmq1}},
+1600                 {"int": {"bigint": keyObjOrHex.coeff}}
+1601             ]
+1602         });
+1603         return asn1Obj;
+1604     };
+1605 
+1606     function _ecdsaprv2asn1obj(keyObjOrHex) {
+1607         var asn1Obj2 = KJUR.asn1.ASN1Util.newObject({
+1608             "seq": [
+1609                 {"int": 1 },
+1610                 {"octstr": {"hex": keyObjOrHex.prvKeyHex}},
+1611                 {"tag": ['a0', true, {'oid': {'name': keyObjOrHex.curveName}}]},
+1612                 {"tag": ['a1', true, {'bitstr': {'hex': '00' + keyObjOrHex.pubKeyHex}}]}
+1613             ]
+1614         });
+1615         return asn1Obj2;
+1616     };
+1617 
+1618     function _dsaprv2asn1obj(keyObjOrHex) {
+1619         var asn1Obj = KJUR.asn1.ASN1Util.newObject({
+1620             "seq": [
+1621                 {"int": 0 },
+1622                 {"int": {"bigint": keyObjOrHex.p}},
+1623                 {"int": {"bigint": keyObjOrHex.q}},
+1624                 {"int": {"bigint": keyObjOrHex.g}},
+1625                 {"int": {"bigint": keyObjOrHex.y}},
+1626                 {"int": {"bigint": keyObjOrHex.x}}
+1627             ]
+1628         });
+1629         return asn1Obj;
+1630     };
+1631 
+1632     // 1. public key
+1633 
+1634     // x. PEM PKCS#8 public key of RSA/ECDSA/DSA public key object
+1635     if (((typeof RSAKey != "undefined" && keyObjOrHex instanceof RSAKey) ||
+1636          (typeof ns2.DSA != "undefined" && keyObjOrHex instanceof ns2.DSA) ||
+1637          (typeof ns2.ECDSA != "undefined" && keyObjOrHex instanceof ns2.ECDSA)) &&
+1638         keyObjOrHex.isPublic == true &&
+1639         (formatType === undefined || formatType == "PKCS8PUB")) {
+1640         var asn1Obj = new KJUR.asn1.x509.SubjectPublicKeyInfo(keyObjOrHex);
+1641         var asn1Hex = asn1Obj.getEncodedHex();
+1642         return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "PUBLIC KEY");
+1643     }
+1644     
+1645     // 2. private
 1646 
-1647         if (encAlg === undefined) encAlg = "DES-EDE3-CBC";
-1648         return this.getEncryptedPKCS5PEMFromPrvKeyHex("EC", asn1Hex, passwd, encAlg);
-1649     }
-1650 
-1651     // x. PEM PKCS#5 encrypted private key of DSA private key object
-1652     if (formatType == "PKCS5PRV" &&
-1653         typeof KJUR.crypto.DSA != "undefined" &&
-1654         keyObjOrHex instanceof KJUR.crypto.DSA &&
-1655         (passwd !== undefined && passwd != null) &&
-1656         keyObjOrHex.isPrivate  == true) {
-1657 
-1658         var asn1Obj = _dsaprv2asn1obj(keyObjOrHex);
-1659         var asn1Hex = asn1Obj.getEncodedHex();
-1660 
-1661         if (encAlg === undefined) encAlg = "DES-EDE3-CBC";
-1662         return this.getEncryptedPKCS5PEMFromPrvKeyHex("DSA", asn1Hex, passwd, encAlg);
-1663     }
-1664 
-1665     // x. ======================================================================
-1666 
-1667     var _getEncryptedPKCS8 = function(plainKeyHex, passcode) {
-1668         var info = _getEencryptedPKCS8Info(plainKeyHex, passcode);
-1669         //alert("iv=" + info.encryptionSchemeIV);
-1670         //alert("info.ciphertext2[" + info.ciphertext.length + "=" + info.ciphertext);
-1671         var asn1Obj = new KJUR.asn1.ASN1Util.newObject({
-1672             "seq": [
-1673                 {"seq": [
-1674                     {"oid": {"name": "pkcs5PBES2"}},
-1675                     {"seq": [
-1676                         {"seq": [
-1677                             {"oid": {"name": "pkcs5PBKDF2"}},
-1678                             {"seq": [
-1679                                 {"octstr": {"hex": info.pbkdf2Salt}},
-1680                                 {"int": info.pbkdf2Iter}
-1681                             ]}
-1682                         ]},
-1683                         {"seq": [
-1684                             {"oid": {"name": "des-EDE3-CBC"}},
-1685                             {"octstr": {"hex": info.encryptionSchemeIV}}
-1686                         ]}
-1687                     ]}
-1688                 ]},
-1689                 {"octstr": {"hex": info.ciphertext}}
-1690             ]
-1691         });
-1692         return asn1Obj.getEncodedHex();
-1693     };
-1694 
-1695     var _getEencryptedPKCS8Info = function(plainKeyHex, passcode) {
-1696         var pbkdf2Iter = 100;
-1697         var pbkdf2SaltWS = CryptoJS.lib.WordArray.random(8);
-1698         var encryptionSchemeAlg = "DES-EDE3-CBC";
-1699         var encryptionSchemeIVWS = CryptoJS.lib.WordArray.random(8);
-1700         // PBKDF2 key
-1701         var pbkdf2KeyWS = CryptoJS.PBKDF2(passcode, 
-1702                                           pbkdf2SaltWS, { "keySize": 192/32,
-1703                                                           "iterations": pbkdf2Iter });
-1704         // ENCRYPT
-1705         var plainKeyWS = CryptoJS.enc.Hex.parse(plainKeyHex);
-1706         var encryptedKeyHex = 
-1707             CryptoJS.TripleDES.encrypt(plainKeyWS, pbkdf2KeyWS, { "iv": encryptionSchemeIVWS }) + "";
-1708 
-1709         //alert("encryptedKeyHex=" + encryptedKeyHex);
-1710 
-1711         var info = {};
-1712         info.ciphertext = encryptedKeyHex;
-1713         //alert("info.ciphertext=" + info.ciphertext);
-1714         info.pbkdf2Salt = CryptoJS.enc.Hex.stringify(pbkdf2SaltWS);
-1715         info.pbkdf2Iter = pbkdf2Iter;
-1716         info.encryptionSchemeAlg = encryptionSchemeAlg;
-1717         info.encryptionSchemeIV = CryptoJS.enc.Hex.stringify(encryptionSchemeIVWS);
-1718         return info;
-1719     };
-1720 
-1721     // x. PEM PKCS#8 plain private key of RSA private key object
-1722     if (formatType == "PKCS8PRV" &&
-1723         typeof RSAKey != "undefined" &&
-1724         keyObjOrHex instanceof RSAKey &&
-1725         keyObjOrHex.isPrivate  == true) {
-1726 
-1727         var keyObj = _rsaprv2asn1obj(keyObjOrHex);
-1728         var keyHex = keyObj.getEncodedHex();
-1729 
-1730         var asn1Obj = KJUR.asn1.ASN1Util.newObject({
-1731             "seq": [
-1732                 {"int": 0},
-1733                 {"seq": [{"oid": {"name": "rsaEncryption"}},{"null": true}]},
-1734                 {"octstr": {"hex": keyHex}}
-1735             ]
-1736         });
-1737         var asn1Hex = asn1Obj.getEncodedHex();
-1738 
-1739         if (passwd === undefined || passwd == null) {
-1740             return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "PRIVATE KEY");
-1741         } else {
-1742             var asn1Hex2 = _getEncryptedPKCS8(asn1Hex, passwd);
-1743             return ns1.ASN1Util.getPEMStringFromHex(asn1Hex2, "ENCRYPTED PRIVATE KEY");
-1744         }
-1745     }
-1746 
-1747     // x. PEM PKCS#8 plain private key of ECDSA private key object
-1748     if (formatType == "PKCS8PRV" &&
-1749         typeof KJUR.crypto.ECDSA != "undefined" &&
-1750         keyObjOrHex instanceof KJUR.crypto.ECDSA &&
-1751         keyObjOrHex.isPrivate  == true) {
-1752 
-1753         var keyObj = new KJUR.asn1.ASN1Util.newObject({
-1754             "seq": [
-1755                 {"int": 1},
-1756                 {"octstr": {"hex": keyObjOrHex.prvKeyHex}},
-1757                 {"tag": ['a1', true, {"bitstr": {"hex": "00" + keyObjOrHex.pubKeyHex}}]}
+1647     // x. PEM PKCS#1 plain private key of RSA private key object
+1648     if (formatType == "PKCS1PRV" &&
+1649         typeof RSAKey != "undefined" &&
+1650         keyObjOrHex instanceof RSAKey &&
+1651         (passwd === undefined || passwd == null) &&
+1652         keyObjOrHex.isPrivate  == true) {
+1653 
+1654         var asn1Obj = _rsaprv2asn1obj(keyObjOrHex);
+1655         var asn1Hex = asn1Obj.getEncodedHex();
+1656         return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "RSA PRIVATE KEY");
+1657     }
+1658 
+1659     // x. PEM PKCS#1 plain private key of ECDSA private key object
+1660     if (formatType == "PKCS1PRV" &&
+1661         typeof RSAKey != "undefined" &&
+1662         keyObjOrHex instanceof KJUR.crypto.ECDSA &&
+1663         (passwd === undefined || passwd == null) &&
+1664         keyObjOrHex.isPrivate  == true) {
+1665 
+1666         var asn1Obj1 = new KJUR.asn1.DERObjectIdentifier({'name': keyObjOrHex.curveName});
+1667         var asn1Hex1 = asn1Obj1.getEncodedHex();
+1668         var asn1Obj2 = _ecdsaprv2asn1obj(keyObjOrHex);
+1669         var asn1Hex2 = asn1Obj2.getEncodedHex();
+1670 
+1671         var s = "";
+1672         s += ns1.ASN1Util.getPEMStringFromHex(asn1Hex1, "EC PARAMETERS");
+1673         s += ns1.ASN1Util.getPEMStringFromHex(asn1Hex2, "EC PRIVATE KEY");
+1674         return s;
+1675     }
+1676 
+1677     // x. PEM PKCS#1 plain private key of DSA private key object
+1678     if (formatType == "PKCS1PRV" &&
+1679         typeof KJUR.crypto.DSA != "undefined" &&
+1680         keyObjOrHex instanceof KJUR.crypto.DSA &&
+1681         (passwd === undefined || passwd == null) &&
+1682         keyObjOrHex.isPrivate  == true) {
+1683 
+1684         var asn1Obj = _dsaprv2asn1obj(keyObjOrHex);
+1685         var asn1Hex = asn1Obj.getEncodedHex();
+1686         return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "DSA PRIVATE KEY");
+1687     }
+1688 
+1689     // 3. private
+1690 
+1691     // x. PEM PKCS#5 encrypted private key of RSA private key object
+1692     if (formatType == "PKCS5PRV" &&
+1693         typeof RSAKey != "undefined" &&
+1694         keyObjOrHex instanceof RSAKey &&
+1695         (passwd !== undefined && passwd != null) &&
+1696         keyObjOrHex.isPrivate  == true) {
+1697 
+1698         var asn1Obj = _rsaprv2asn1obj(keyObjOrHex);
+1699         var asn1Hex = asn1Obj.getEncodedHex();
+1700 
+1701         if (encAlg === undefined) encAlg = "DES-EDE3-CBC";
+1702         return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA", asn1Hex, passwd, encAlg);
+1703     }
+1704 
+1705     // x. PEM PKCS#5 encrypted private key of ECDSA private key object
+1706     if (formatType == "PKCS5PRV" &&
+1707         typeof KJUR.crypto.ECDSA != "undefined" &&
+1708         keyObjOrHex instanceof KJUR.crypto.ECDSA &&
+1709         (passwd !== undefined && passwd != null) &&
+1710         keyObjOrHex.isPrivate  == true) {
+1711 
+1712         var asn1Obj = _ecdsaprv2asn1obj(keyObjOrHex);
+1713         var asn1Hex = asn1Obj.getEncodedHex();
+1714 
+1715         if (encAlg === undefined) encAlg = "DES-EDE3-CBC";
+1716         return this.getEncryptedPKCS5PEMFromPrvKeyHex("EC", asn1Hex, passwd, encAlg);
+1717     }
+1718 
+1719     // x. PEM PKCS#5 encrypted private key of DSA private key object
+1720     if (formatType == "PKCS5PRV" &&
+1721         typeof KJUR.crypto.DSA != "undefined" &&
+1722         keyObjOrHex instanceof KJUR.crypto.DSA &&
+1723         (passwd !== undefined && passwd != null) &&
+1724         keyObjOrHex.isPrivate  == true) {
+1725 
+1726         var asn1Obj = _dsaprv2asn1obj(keyObjOrHex);
+1727         var asn1Hex = asn1Obj.getEncodedHex();
+1728 
+1729         if (encAlg === undefined) encAlg = "DES-EDE3-CBC";
+1730         return this.getEncryptedPKCS5PEMFromPrvKeyHex("DSA", asn1Hex, passwd, encAlg);
+1731     }
+1732 
+1733     // x. ======================================================================
+1734 
+1735     var _getEncryptedPKCS8 = function(plainKeyHex, passcode) {
+1736         var info = _getEencryptedPKCS8Info(plainKeyHex, passcode);
+1737         //alert("iv=" + info.encryptionSchemeIV);
+1738         //alert("info.ciphertext2[" + info.ciphertext.length + "=" + info.ciphertext);
+1739         var asn1Obj = new KJUR.asn1.ASN1Util.newObject({
+1740             "seq": [
+1741                 {"seq": [
+1742                     {"oid": {"name": "pkcs5PBES2"}},
+1743                     {"seq": [
+1744                         {"seq": [
+1745                             {"oid": {"name": "pkcs5PBKDF2"}},
+1746                             {"seq": [
+1747                                 {"octstr": {"hex": info.pbkdf2Salt}},
+1748                                 {"int": info.pbkdf2Iter}
+1749                             ]}
+1750                         ]},
+1751                         {"seq": [
+1752                             {"oid": {"name": "des-EDE3-CBC"}},
+1753                             {"octstr": {"hex": info.encryptionSchemeIV}}
+1754                         ]}
+1755                     ]}
+1756                 ]},
+1757                 {"octstr": {"hex": info.ciphertext}}
 1758             ]
 1759         });
-1760         var keyHex = keyObj.getEncodedHex();
-1761 
-1762         var asn1Obj = KJUR.asn1.ASN1Util.newObject({
-1763             "seq": [
-1764                 {"int": 0},
-1765                 {"seq": [
-1766                     {"oid": {"name": "ecPublicKey"}},
-1767                     {"oid": {"name": keyObjOrHex.curveName}}
-1768                 ]},
-1769                 {"octstr": {"hex": keyHex}}
-1770             ]
-1771         });
-1772 
-1773         var asn1Hex = asn1Obj.getEncodedHex();
-1774         if (passwd === undefined || passwd == null) {
-1775             return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "PRIVATE KEY");
-1776         } else {
-1777             var asn1Hex2 = _getEncryptedPKCS8(asn1Hex, passwd);
-1778             return ns1.ASN1Util.getPEMStringFromHex(asn1Hex2, "ENCRYPTED PRIVATE KEY");
-1779         }
-1780     }
-1781 
-1782     // x. PEM PKCS#8 plain private key of DSA private key object
-1783     if (formatType == "PKCS8PRV" &&
-1784         typeof KJUR.crypto.DSA != "undefined" &&
-1785         keyObjOrHex instanceof KJUR.crypto.DSA &&
-1786         keyObjOrHex.isPrivate  == true) {
-1787 
-1788         var keyObj = new KJUR.asn1.DERInteger({'bigint': keyObjOrHex.x});
-1789         var keyHex = keyObj.getEncodedHex();
-1790 
-1791         var asn1Obj = KJUR.asn1.ASN1Util.newObject({
-1792             "seq": [
-1793                 {"int": 0},
-1794                 {"seq": [
-1795                     {"oid": {"name": "dsa"}},
-1796                     {"seq": [
-1797                         {"int": {"bigint": keyObjOrHex.p}},
-1798                         {"int": {"bigint": keyObjOrHex.q}},
-1799                         {"int": {"bigint": keyObjOrHex.g}}
-1800                     ]}
-1801                 ]},
+1760         return asn1Obj.getEncodedHex();
+1761     };
+1762 
+1763     var _getEencryptedPKCS8Info = function(plainKeyHex, passcode) {
+1764         var pbkdf2Iter = 100;
+1765         var pbkdf2SaltWS = CryptoJS.lib.WordArray.random(8);
+1766         var encryptionSchemeAlg = "DES-EDE3-CBC";
+1767         var encryptionSchemeIVWS = CryptoJS.lib.WordArray.random(8);
+1768         // PBKDF2 key
+1769         var pbkdf2KeyWS = CryptoJS.PBKDF2(passcode, 
+1770                                           pbkdf2SaltWS, { "keySize": 192/32,
+1771                                                           "iterations": pbkdf2Iter });
+1772         // ENCRYPT
+1773         var plainKeyWS = CryptoJS.enc.Hex.parse(plainKeyHex);
+1774         var encryptedKeyHex = 
+1775             CryptoJS.TripleDES.encrypt(plainKeyWS, pbkdf2KeyWS, { "iv": encryptionSchemeIVWS }) + "";
+1776 
+1777         //alert("encryptedKeyHex=" + encryptedKeyHex);
+1778 
+1779         var info = {};
+1780         info.ciphertext = encryptedKeyHex;
+1781         //alert("info.ciphertext=" + info.ciphertext);
+1782         info.pbkdf2Salt = CryptoJS.enc.Hex.stringify(pbkdf2SaltWS);
+1783         info.pbkdf2Iter = pbkdf2Iter;
+1784         info.encryptionSchemeAlg = encryptionSchemeAlg;
+1785         info.encryptionSchemeIV = CryptoJS.enc.Hex.stringify(encryptionSchemeIVWS);
+1786         return info;
+1787     };
+1788 
+1789     // x. PEM PKCS#8 plain private key of RSA private key object
+1790     if (formatType == "PKCS8PRV" &&
+1791         typeof RSAKey != "undefined" &&
+1792         keyObjOrHex instanceof RSAKey &&
+1793         keyObjOrHex.isPrivate  == true) {
+1794 
+1795         var keyObj = _rsaprv2asn1obj(keyObjOrHex);
+1796         var keyHex = keyObj.getEncodedHex();
+1797 
+1798         var asn1Obj = KJUR.asn1.ASN1Util.newObject({
+1799             "seq": [
+1800                 {"int": 0},
+1801                 {"seq": [{"oid": {"name": "rsaEncryption"}},{"null": true}]},
 1802                 {"octstr": {"hex": keyHex}}
 1803             ]
 1804         });
-1805 
-1806         var asn1Hex = asn1Obj.getEncodedHex();
+1805         var asn1Hex = asn1Obj.getEncodedHex();
+1806 
 1807         if (passwd === undefined || passwd == null) {
 1808             return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "PRIVATE KEY");
 1809         } else {
@@ -1819,77 +1819,145 @@
 1812         }
 1813     }
 1814 
-1815     throw "unsupported object nor format";
-1816 };
-1817 
-1818 // -- PUBLIC METHODS FOR CSR -------------------------------------------------------
-1819 
-1820 /**
-1821  * get RSAKey/DSA/ECDSA public key object from PEM formatted PKCS#10 CSR string
-1822  * @name getKeyFromCSRPEM
-1823  * @memberOf KEYUTIL
-1824  * @function
-1825  * @param {String} csrPEM PEM formatted PKCS#10 CSR string
-1826  * @return {Object} RSAKey/DSA/ECDSA public key object
-1827  * @since keyutil 1.0.5
-1828  */
-1829 KEYUTIL.getKeyFromCSRPEM = function(csrPEM) {
-1830     var csrHex = KEYUTIL.getHexFromPEM(csrPEM, "CERTIFICATE REQUEST");
-1831     var key = KEYUTIL.getKeyFromCSRHex(csrHex);
-1832     return key;
-1833 };
-1834 
-1835 /**
-1836  * get RSAKey/DSA/ECDSA public key object from hexadecimal string of PKCS#10 CSR
-1837  * @name getKeyFromCSRHex
-1838  * @memberOf KEYUTIL
-1839  * @function
-1840  * @param {String} csrHex hexadecimal string of PKCS#10 CSR
-1841  * @return {Object} RSAKey/DSA/ECDSA public key object
-1842  * @since keyutil 1.0.5
-1843  */
-1844 KEYUTIL.getKeyFromCSRHex = function(csrHex) {
-1845     var info = KEYUTIL.parseCSRHex(csrHex);
-1846     var key = KEYUTIL.getKey(info.p8pubkeyhex, null, "pkcs8pub");
-1847     return key;
-1848 };
+1815     // x. PEM PKCS#8 plain private key of ECDSA private key object
+1816     if (formatType == "PKCS8PRV" &&
+1817         typeof KJUR.crypto.ECDSA != "undefined" &&
+1818         keyObjOrHex instanceof KJUR.crypto.ECDSA &&
+1819         keyObjOrHex.isPrivate  == true) {
+1820 
+1821         var keyObj = new KJUR.asn1.ASN1Util.newObject({
+1822             "seq": [
+1823                 {"int": 1},
+1824                 {"octstr": {"hex": keyObjOrHex.prvKeyHex}},
+1825                 {"tag": ['a1', true, {"bitstr": {"hex": "00" + keyObjOrHex.pubKeyHex}}]}
+1826             ]
+1827         });
+1828         var keyHex = keyObj.getEncodedHex();
+1829 
+1830         var asn1Obj = KJUR.asn1.ASN1Util.newObject({
+1831             "seq": [
+1832                 {"int": 0},
+1833                 {"seq": [
+1834                     {"oid": {"name": "ecPublicKey"}},
+1835                     {"oid": {"name": keyObjOrHex.curveName}}
+1836                 ]},
+1837                 {"octstr": {"hex": keyHex}}
+1838             ]
+1839         });
+1840 
+1841         var asn1Hex = asn1Obj.getEncodedHex();
+1842         if (passwd === undefined || passwd == null) {
+1843             return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "PRIVATE KEY");
+1844         } else {
+1845             var asn1Hex2 = _getEncryptedPKCS8(asn1Hex, passwd);
+1846             return ns1.ASN1Util.getPEMStringFromHex(asn1Hex2, "ENCRYPTED PRIVATE KEY");
+1847         }
+1848     }
 1849 
-1850 /**
-1851  * parse hexadecimal string of PKCS#10 CSR (certificate signing request)
-1852  * @name parseCSRHex
-1853  * @memberOf KEYUTIL
-1854  * @function
-1855  * @param {String} csrHex hexadecimal string of PKCS#10 CSR
-1856  * @return {Array} associative array of parsed CSR
-1857  * @since keyutil 1.0.5
-1858  * @description
-1859  * Resulted associative array has following properties:
-1860  * <ul>
-1861  * <li>p8pubkeyhex - hexadecimal string of subject public key in PKCS#8</li>
-1862  * </ul>
-1863  */
-1864 KEYUTIL.parseCSRHex = function(csrHex) {
-1865     var result = {};
-1866     var h = csrHex;
-1867 
-1868     // 1. sequence
-1869     if (h.substr(0, 2) != "30")
-1870         throw "malformed CSR(code:001)"; // not sequence
-1871 
-1872     var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(h, 0);
-1873     if (a1.length < 1)
-1874         throw "malformed CSR(code:002)"; // short length
-1875 
-1876     // 2. 2nd sequence
-1877     if (h.substr(a1[0], 2) != "30")
-1878         throw "malformed CSR(code:003)"; // not sequence
-1879 
-1880     var a2 = ASN1HEX.getPosArrayOfChildren_AtObj(h, a1[0]);
-1881     if (a2.length < 3)
-1882         throw "malformed CSR(code:004)"; // 2nd seq short elem
-1883 
-1884     result.p8pubkeyhex = ASN1HEX.getHexOfTLV_AtObj(h, a2[2]);
+1850     // x. PEM PKCS#8 plain private key of DSA private key object
+1851     if (formatType == "PKCS8PRV" &&
+1852         typeof KJUR.crypto.DSA != "undefined" &&
+1853         keyObjOrHex instanceof KJUR.crypto.DSA &&
+1854         keyObjOrHex.isPrivate  == true) {
+1855 
+1856         var keyObj = new KJUR.asn1.DERInteger({'bigint': keyObjOrHex.x});
+1857         var keyHex = keyObj.getEncodedHex();
+1858 
+1859         var asn1Obj = KJUR.asn1.ASN1Util.newObject({
+1860             "seq": [
+1861                 {"int": 0},
+1862                 {"seq": [
+1863                     {"oid": {"name": "dsa"}},
+1864                     {"seq": [
+1865                         {"int": {"bigint": keyObjOrHex.p}},
+1866                         {"int": {"bigint": keyObjOrHex.q}},
+1867                         {"int": {"bigint": keyObjOrHex.g}}
+1868                     ]}
+1869                 ]},
+1870                 {"octstr": {"hex": keyHex}}
+1871             ]
+1872         });
+1873 
+1874         var asn1Hex = asn1Obj.getEncodedHex();
+1875         if (passwd === undefined || passwd == null) {
+1876             return ns1.ASN1Util.getPEMStringFromHex(asn1Hex, "PRIVATE KEY");
+1877         } else {
+1878             var asn1Hex2 = _getEncryptedPKCS8(asn1Hex, passwd);
+1879             return ns1.ASN1Util.getPEMStringFromHex(asn1Hex2, "ENCRYPTED PRIVATE KEY");
+1880         }
+1881     }
+1882 
+1883     throw "unsupported object nor format";
+1884 };
 1885 
-1886     return result;
-1887 };
-1888 
    
\ No newline at end of file
+1886     // -- PUBLIC METHODS FOR CSR -------------------------------------------------------
+1887 
+1888 /**
+1889  * get RSAKey/DSA/ECDSA public key object from PEM formatted PKCS#10 CSR string
+1890  * @name getKeyFromCSRPEM
+1891  * @memberOf KEYUTIL
+1892  * @function
+1893  * @param {String} csrPEM PEM formatted PKCS#10 CSR string
+1894  * @return {Object} RSAKey/DSA/ECDSA public key object
+1895  * @since keyutil 1.0.5
+1896  */
+1897 KEYUTIL.getKeyFromCSRPEM = function(csrPEM) {
+1898     var csrHex = KEYUTIL.getHexFromPEM(csrPEM, "CERTIFICATE REQUEST");
+1899     var key = KEYUTIL.getKeyFromCSRHex(csrHex);
+1900     return key;
+1901 };
+1902 
+1903 /**
+1904  * get RSAKey/DSA/ECDSA public key object from hexadecimal string of PKCS#10 CSR
+1905  * @name getKeyFromCSRHex
+1906  * @memberOf KEYUTIL
+1907  * @function
+1908  * @param {String} csrHex hexadecimal string of PKCS#10 CSR
+1909  * @return {Object} RSAKey/DSA/ECDSA public key object
+1910  * @since keyutil 1.0.5
+1911  */
+1912 KEYUTIL.getKeyFromCSRHex = function(csrHex) {
+1913     var info = KEYUTIL.parseCSRHex(csrHex);
+1914     var key = KEYUTIL.getKey(info.p8pubkeyhex, null, "pkcs8pub");
+1915     return key;
+1916 };
+1917 
+1918 /**
+1919  * parse hexadecimal string of PKCS#10 CSR (certificate signing request)
+1920  * @name parseCSRHex
+1921  * @memberOf KEYUTIL
+1922  * @function
+1923  * @param {String} csrHex hexadecimal string of PKCS#10 CSR
+1924  * @return {Array} associative array of parsed CSR
+1925  * @since keyutil 1.0.5
+1926  * @description
+1927  * Resulted associative array has following properties:
+1928  * <ul>
+1929  * <li>p8pubkeyhex - hexadecimal string of subject public key in PKCS#8</li>
+1930  * </ul>
+1931  */
+1932 KEYUTIL.parseCSRHex = function(csrHex) {
+1933     var result = {};
+1934     var h = csrHex;
+1935 
+1936     // 1. sequence
+1937     if (h.substr(0, 2) != "30")
+1938         throw "malformed CSR(code:001)"; // not sequence
+1939 
+1940     var a1 = ASN1HEX.getPosArrayOfChildren_AtObj(h, 0);
+1941     if (a1.length < 1)
+1942         throw "malformed CSR(code:002)"; // short length
+1943 
+1944     // 2. 2nd sequence
+1945     if (h.substr(a1[0], 2) != "30")
+1946         throw "malformed CSR(code:003)"; // not sequence
+1947 
+1948     var a2 = ASN1HEX.getPosArrayOfChildren_AtObj(h, a1[0]);
+1949     if (a2.length < 3)
+1950         throw "malformed CSR(code:004)"; // 2nd seq short elem
+1951 
+1952     result.p8pubkeyhex = ASN1HEX.getHexOfTLV_AtObj(h, a2[2]);
+1953 
+1954     return result;
+1955 };
+1956 
    
\ No newline at end of file
diff --git a/base64x-1.1.js b/base64x-1.1.js
index af762b9f..f0da4e8e 100644
--- a/base64x-1.1.js
+++ b/base64x-1.1.js
@@ -1,11 +1,11 @@
-/*! base64x-1.1.3 (c) 2012-2014 Kenji Urushima | kjur.github.com/jsjws/license
+/*! base64x-1.1.4 (c) 2012-2015 Kenji Urushima | kjur.github.com/jsjws/license
  */
 /*
  * base64x.js - Base64url and supplementary functions for Tom Wu's base64.js library
  *
- * version: 1.1.3 (2014 May 25)
+ * version: 1.1.4 (2015 Jul 3)
  *
- * Copyright (c) 2012-2014 Kenji Urushima (kenji.urushima@gmail.com)
+ * Copyright (c) 2012-2015 Kenji Urushima (kenji.urushima@gmail.com)
  *
  * This software is licensed under the terms of the MIT License.
  * http://kjur.github.com/jsjws/license/
@@ -17,6 +17,15 @@
  *   - base64.js - Tom Wu's Base64 library
  */
 
+/**
+ * @fileOverview
+ * @name base64x-1.1.js
+ * @author Kenji Urushima kenji.urushima@gmail.com
+ * @version asn1 1.1.4 (2015-Jul-3)
+ * @since jsrsasign 2.1
+ * @license MIT License
+ */
+
 /**
  * Base64URL and supplementary functions for Tom Wu's base64.js library.
    
  * This class is just provide information about global functions
@@ -163,8 +172,13 @@ function b64utob64(s) {
  * convert a hexadecimal string to a Base64URL encoded string.
    
  * @param {String} s hexadecimal string
  * @return {String} Base64URL encoded string
+ * @description
+ * convert a hexadecimal string to a Base64URL encoded string.
+ * NOTE: If leading "0" is omitted and odd number length for
+ * hexadecimal leading "0" is automatically added.
  */
 function hextob64u(s) {
+    if (s.length % 2 == 1) s = "0" + s;
     return b64tob64u(hex2b64(s));
 }
 
diff --git a/base64x-1.1.min.js b/base64x-1.1.min.js
index 8b1de025..c267a451 100644
--- a/base64x-1.1.min.js
+++ b/base64x-1.1.min.js
@@ -1,3 +1,3 @@
-/*! base64x-1.1.3 (c) 2012-2014 Kenji Urushima | kjur.github.com/jsjws/license
+/*! base64x-1.1.4 (c) 2012-2015 Kenji Urushima | kjur.github.com/jsjws/license
  */
-function Base64x(){}function stoBA(d){var b=new Array();for(var c=0;cFEATURES
    
 
 
    NEWS
    
 
    
+
    2015-Jun-03:
+
    Release 4.8.1 is now available. 
+KEYUTIL.getKey method now supports RFC 7517 JSON Web Key(JWK) loading for RSA/ECC private/public key.
+
 
    2015-Jun-01:
 
    Release 4.8.0 is now available. Now jsjws is
 marged into jsrsasign and is a part of jsrsasign.
diff --git a/jsrsasign-4.8.1-all-min.js b/jsrsasign-4.8.1-all-min.js
new file mode 100644
index 00000000..0594155e
--- /dev/null
+++ b/jsrsasign-4.8.1-all-min.js
@@ -0,0 +1,267 @@
+/*
+ * jsrsasign 4.8.1 (c) 2010-2015 Kenji Urushima | kjur.github.com/jsrsasign/license
+ */
+/*
+yahoo-min.js
+Copyright (c) 2011, Yahoo! Inc. All rights reserved.
+Code licensed under the BSD License:
+http://developer.yahoo.com/yui/license.html
+version: 2.9.0
+*/
+if(typeof YAHOO=="undefined"||!YAHOO){var YAHOO={};}YAHOO.namespace=function(){var b=arguments,g=null,e,c,f;for(e=0;e":">",'"':""","'":"'","/":"/","`":"`"},d=["toString","valueOf"],e={isArray:function(j){return a.toString.apply(j)===c;},isBoolean:function(j){return typeof j==="boolean";},isFunction:function(j){return(typeof j==="function")||a.toString.apply(j)===h;},isNull:function(j){return j===null;},isNumber:function(j){return typeof j==="number"&&isFinite(j);},isObject:function(j){return(j&&(typeof j==="object"||f.isFunction(j)))||false;},isString:function(j){return typeof j==="string";},isUndefined:function(j){return typeof j==="undefined";},_IEEnumFix:(YAHOO.env.ua.ie)?function(l,k){var j,n,m;for(j=0;j"'\/`]/g,function(k){return g[k];});},extend:function(m,n,l){if(!n||!m){throw new Error("extend failed, please check that "+"all dependencies are included.");}var k=function(){},j;k.prototype=n.prototype;m.prototype=new k();m.prototype.constructor=m;m.superclass=n.prototype;if(n.prototype.constructor==a.constructor){n.prototype.constructor=n;}if(l){for(j in l){if(f.hasOwnProperty(l,j)){m.prototype[j]=l[j];}}f._IEEnumFix(m.prototype,l);}},augmentObject:function(n,m){if(!m||!n){throw new Error("Absorb failed, verify dependencies.");}var j=arguments,l,o,k=j[2];if(k&&k!==true){for(l=2;l0)?f.dump(j[l],p-1):t);}else{r.push(j[l]);}r.push(q);}if(r.length>1){r.pop();}r.push("]");}else{r.push("{");for(l in j){if(f.hasOwnProperty(j,l)){r.push(l+m);if(f.isObject(j[l])){r.push((p>0)?f.dump(j[l],p-1):t);}else{r.push(j[l]);}r.push(q);}}if(r.length>1){r.pop();}r.push("}");}return r.join("");},substitute:function(x,y,E,l){var D,C,B,G,t,u,F=[],p,z=x.length,A="dump",r=" ",q="{",m="}",n,w;for(;;){D=x.lastIndexOf(q,z);if(D<0){break;}C=x.indexOf(m,D);if(D+1>C){break;}p=x.substring(D+1,C);G=p;u=null;B=G.indexOf(r);if(B>-1){u=G.substring(B+1);G=G.substring(0,B);}t=y[G];if(E){t=E(G,t,u);}if(f.isObject(t)){if(f.isArray(t)){t=f.dump(t,parseInt(u,10));}else{u=u||"";n=u.indexOf(A);if(n>-1){u=u.substring(4);}w=t.toString();if(w===i||n>-1){t=f.dump(t,parseInt(u,10));}else{t=w;}}}else{if(!f.isString(t)&&!f.isNumber(t)){t="~-"+F.length+"-~";F[F.length]=p;}}x=x.substring(0,D)+t+x.substring(C+1);if(l===false){z=D-1;}}for(D=F.length-1;D>=0;D=D-1){x=x.replace(new RegExp("~-"+D+"-~"),"{"+F[D]+"}","g");}return x;},trim:function(j){try{return j.replace(/^\s+|\s+$/g,"");}catch(k){return j;
+}},merge:function(){var n={},k=arguments,j=k.length,m;for(m=0;m>>2]>>>(24-(r%4)*8))&255;q[(n+r)>>>2]|=o<<(24-((n+r)%4)*8)}}else{for(var r=0;r>>2]=p[r>>>2]}}this.sigBytes+=s;return this},clamp:function(){var o=this.words;var n=this.sigBytes;o[n>>>2]&=4294967295<<(32-(n%4)*8);o.length=e.ceil(n/4)},clone:function(){var n=j.clone.call(this);n.words=this.words.slice(0);return n},random:function(p){var o=[];for(var n=0;n>>2]>>>(24-(n%4)*8))&255;q.push((s>>>4).toString(16));q.push((s&15).toString(16))}return q.join("")},parse:function(p){var n=p.length;var q=[];for(var o=0;o>>3]|=parseInt(p.substr(o,2),16)<<(24-(o%8)*4)}return new l.init(q,n/2)}};var d=m.Latin1={stringify:function(q){var r=q.words;var p=q.sigBytes;var n=[];for(var o=0;o>>2]>>>(24-(o%4)*8))&255;n.push(String.fromCharCode(s))}return n.join("")},parse:function(p){var n=p.length;var q=[];for(var o=0;o>>2]|=(p.charCodeAt(o)&255)<<(24-(o%4)*8)}return new l.init(q,n)}};var c=m.Utf8={stringify:function(n){try{return decodeURIComponent(escape(d.stringify(n)))}catch(o){throw new Error("Malformed UTF-8 data")}},parse:function(n){return d.parse(unescape(encodeURIComponent(n)))}};var i=b.BufferedBlockAlgorithm=j.extend({reset:function(){this._data=new l.init();this._nDataBytes=0},_append:function(n){if(typeof n=="string"){n=c.parse(n)}this._data.concat(n);this._nDataBytes+=n.sigBytes},_process:function(w){var q=this._data;var x=q.words;var n=q.sigBytes;var t=this.blockSize;var v=t*4;var u=n/v;if(w){u=e.ceil(u)}else{u=e.max((u|0)-this._minBufferSize,0)}var s=u*t;var r=e.min(s*4,n);if(s){for(var p=0;pe&&(b=a.finalize(b));b.clamp();for(var f=this._oKey=b.clone(),g=this._iKey=b.clone(),h=f.words,j=g.words,d=0;db;){var d;a:{d=l;for(var w=k.sqrt(d),r=2;r<=w;r++)if(!(d%r)){d=!1;break a}d=!0}d&&(8>b&&(s[b]=u(k.pow(l,0.5))),t[b]=u(k.pow(l,1/3)),b++);l++}var n=[],h=h.SHA256=j.extend({_doReset:function(){this._hash=new v.init(s.slice(0))},_doProcessBlock:function(q,h){for(var a=this._hash.words,c=a[0],d=a[1],b=a[2],k=a[3],f=a[4],g=a[5],j=a[6],l=a[7],e=0;64>e;e++){if(16>e)n[e]=
+q[h+e]|0;else{var m=n[e-15],p=n[e-2];n[e]=((m<<25|m>>>7)^(m<<14|m>>>18)^m>>>3)+n[e-7]+((p<<15|p>>>17)^(p<<13|p>>>19)^p>>>10)+n[e-16]}m=l+((f<<26|f>>>6)^(f<<21|f>>>11)^(f<<7|f>>>25))+(f&g^~f&j)+t[e]+n[e];p=((c<<30|c>>>2)^(c<<19|c>>>13)^(c<<10|c>>>22))+(c&d^c&b^d&b);l=j;j=g;g=f;f=k+m|0;k=b;b=d;d=c;c=m+p|0}a[0]=a[0]+c|0;a[1]=a[1]+d|0;a[2]=a[2]+b|0;a[3]=a[3]+k|0;a[4]=a[4]+f|0;a[5]=a[5]+g|0;a[6]=a[6]+j|0;a[7]=a[7]+l|0},_doFinalize:function(){var d=this._data,b=d.words,a=8*this._nDataBytes,c=8*d.sigBytes;
+b[c>>>5]|=128<<24-c%32;b[(c+64>>>9<<4)+14]=k.floor(a/4294967296);b[(c+64>>>9<<4)+15]=a;d.sigBytes=4*b.length;this._process();return this._hash},clone:function(){var b=j.clone.call(this);b._hash=this._hash.clone();return b}});g.SHA256=j._createHelper(h);g.HmacSHA256=j._createHmacHelper(h)})(Math);
+/*
+CryptoJS v3.1.2 sha224-min.js
+code.google.com/p/crypto-js
+(c) 2009-2013 by Jeff Mott. All rights reserved.
+code.google.com/p/crypto-js/wiki/License
+*/
+(function(){var b=CryptoJS,d=b.lib.WordArray,a=b.algo,c=a.SHA256,a=a.SHA224=c.extend({_doReset:function(){this._hash=new d.init([3238371032,914150663,812702999,4144912697,4290775857,1750603025,1694076839,3204075428])},_doFinalize:function(){var a=c._doFinalize.call(this);a.sigBytes-=4;return a}});b.SHA224=c._createHelper(a);b.HmacSHA224=c._createHmacHelper(a)})();
+/*
+CryptoJS v3.1.2 sha512-min.js
+code.google.com/p/crypto-js
+(c) 2009-2013 by Jeff Mott. All rights reserved.
+code.google.com/p/crypto-js/wiki/License
+*/
+(function(){function a(){return d.create.apply(d,arguments)}for(var n=CryptoJS,r=n.lib.Hasher,e=n.x64,d=e.Word,T=e.WordArray,e=n.algo,ea=[a(1116352408,3609767458),a(1899447441,602891725),a(3049323471,3964484399),a(3921009573,2173295548),a(961987163,4081628472),a(1508970993,3053834265),a(2453635748,2937671579),a(2870763221,3664609560),a(3624381080,2734883394),a(310598401,1164996542),a(607225278,1323610764),a(1426881987,3590304994),a(1925078388,4068182383),a(2162078206,991336113),a(2614888103,633803317),
+a(3248222580,3479774868),a(3835390401,2666613458),a(4022224774,944711139),a(264347078,2341262773),a(604807628,2007800933),a(770255983,1495990901),a(1249150122,1856431235),a(1555081692,3175218132),a(1996064986,2198950837),a(2554220882,3999719339),a(2821834349,766784016),a(2952996808,2566594879),a(3210313671,3203337956),a(3336571891,1034457026),a(3584528711,2466948901),a(113926993,3758326383),a(338241895,168717936),a(666307205,1188179964),a(773529912,1546045734),a(1294757372,1522805485),a(1396182291,
+2643833823),a(1695183700,2343527390),a(1986661051,1014477480),a(2177026350,1206759142),a(2456956037,344077627),a(2730485921,1290863460),a(2820302411,3158454273),a(3259730800,3505952657),a(3345764771,106217008),a(3516065817,3606008344),a(3600352804,1432725776),a(4094571909,1467031594),a(275423344,851169720),a(430227734,3100823752),a(506948616,1363258195),a(659060556,3750685593),a(883997877,3785050280),a(958139571,3318307427),a(1322822218,3812723403),a(1537002063,2003034995),a(1747873779,3602036899),
+a(1955562222,1575990012),a(2024104815,1125592928),a(2227730452,2716904306),a(2361852424,442776044),a(2428436474,593698344),a(2756734187,3733110249),a(3204031479,2999351573),a(3329325298,3815920427),a(3391569614,3928383900),a(3515267271,566280711),a(3940187606,3454069534),a(4118630271,4000239992),a(116418474,1914138554),a(174292421,2731055270),a(289380356,3203993006),a(460393269,320620315),a(685471733,587496836),a(852142971,1086792851),a(1017036298,365543100),a(1126000580,2618297676),a(1288033470,
+3409855158),a(1501505948,4234509866),a(1607167915,987167468),a(1816402316,1246189591)],v=[],w=0;80>w;w++)v[w]=a();e=e.SHA512=r.extend({_doReset:function(){this._hash=new T.init([new d.init(1779033703,4089235720),new d.init(3144134277,2227873595),new d.init(1013904242,4271175723),new d.init(2773480762,1595750129),new d.init(1359893119,2917565137),new d.init(2600822924,725511199),new d.init(528734635,4215389547),new d.init(1541459225,327033209)])},_doProcessBlock:function(a,d){for(var f=this._hash.words,
+F=f[0],e=f[1],n=f[2],r=f[3],G=f[4],H=f[5],I=f[6],f=f[7],w=F.high,J=F.low,X=e.high,K=e.low,Y=n.high,L=n.low,Z=r.high,M=r.low,$=G.high,N=G.low,aa=H.high,O=H.low,ba=I.high,P=I.low,ca=f.high,Q=f.low,k=w,g=J,z=X,x=K,A=Y,y=L,U=Z,B=M,l=$,h=N,R=aa,C=O,S=ba,D=P,V=ca,E=Q,m=0;80>m;m++){var s=v[m];if(16>m)var j=s.high=a[d+2*m]|0,b=s.low=a[d+2*m+1]|0;else{var j=v[m-15],b=j.high,p=j.low,j=(b>>>1|p<<31)^(b>>>8|p<<24)^b>>>7,p=(p>>>1|b<<31)^(p>>>8|b<<24)^(p>>>7|b<<25),u=v[m-2],b=u.high,c=u.low,u=(b>>>19|c<<13)^(b<<
+3|c>>>29)^b>>>6,c=(c>>>19|b<<13)^(c<<3|b>>>29)^(c>>>6|b<<26),b=v[m-7],W=b.high,t=v[m-16],q=t.high,t=t.low,b=p+b.low,j=j+W+(b>>>0
    >>0?1:0),b=b+c,j=j+u+(b>>>0>>0?1:0),b=b+t,j=j+q+(b>>>0>>0?1:0);s.high=j;s.low=b}var W=l&R^~l&S,t=h&C^~h&D,s=k&z^k&A^z&A,T=g&x^g&y^x&y,p=(k>>>28|g<<4)^(k<<30|g>>>2)^(k<<25|g>>>7),u=(g>>>28|k<<4)^(g<<30|k>>>2)^(g<<25|k>>>7),c=ea[m],fa=c.high,da=c.low,c=E+((h>>>14|l<<18)^(h>>>18|l<<14)^(h<<23|l>>>9)),q=V+((l>>>14|h<<18)^(l>>>18|h<<14)^(l<<23|h>>>9))+(c>>>0>>0?1:
+0),c=c+t,q=q+W+(c>>>0>>0?1:0),c=c+da,q=q+fa+(c>>>0>>0?1:0),c=c+b,q=q+j+(c>>>0>>0?1:0),b=u+T,s=p+s+(b>>>0>>0?1:0),V=S,E=D,S=R,D=C,R=l,C=h,h=B+c|0,l=U+q+(h>>>0>>0?1:0)|0,U=A,B=y,A=z,y=x,z=k,x=g,g=c+b|0,k=q+s+(g>>>0>>0?1:0)|0}J=F.low=J+g;F.high=w+k+(J>>>0>>0?1:0);K=e.low=K+x;e.high=X+z+(K>>>0>>0?1:0);L=n.low=L+y;n.high=Y+A+(L>>>0>>0?1:0);M=r.low=M+B;r.high=Z+U+(M>>>0>>0?1:0);N=G.low=N+h;G.high=$+l+(N>>>0>>0?1:0);O=H.low=O+C;H.high=aa+R+(O>>>0>>0?1:0);P=I.low=P+D;
+I.high=ba+S+(P>>>0>>0?1:0);Q=f.low=Q+E;f.high=ca+V+(Q>>>0>>0?1:0)},_doFinalize:function(){var a=this._data,d=a.words,f=8*this._nDataBytes,e=8*a.sigBytes;d[e>>>5]|=128<<24-e%32;d[(e+128>>>10<<5)+30]=Math.floor(f/4294967296);d[(e+128>>>10<<5)+31]=f;a.sigBytes=4*d.length;this._process();return this._hash.toX32()},clone:function(){var a=r.clone.call(this);a._hash=this._hash.clone();return a},blockSize:32});n.SHA512=r._createHelper(e);n.HmacSHA512=r._createHmacHelper(e)})();
+/*
+CryptoJS v3.1.2 sha384-min.js
+code.google.com/p/crypto-js
+(c) 2009-2013 by Jeff Mott. All rights reserved.
+code.google.com/p/crypto-js/wiki/License
+*/
+(function(){var c=CryptoJS,a=c.x64,b=a.Word,e=a.WordArray,a=c.algo,d=a.SHA512,a=a.SHA384=d.extend({_doReset:function(){this._hash=new e.init([new b.init(3418070365,3238371032),new b.init(1654270250,914150663),new b.init(2438529370,812702999),new b.init(355462360,4144912697),new b.init(1731405415,4290775857),new b.init(2394180231,1750603025),new b.init(3675008525,1694076839),new b.init(1203062813,3204075428)])},_doFinalize:function(){var a=d._doFinalize.call(this);a.sigBytes-=16;return a}});c.SHA384=
+d._createHelper(a);c.HmacSHA384=d._createHmacHelper(a)})();
+/*
+CryptoJS v3.1.2 md5-min.js
+code.google.com/p/crypto-js
+(c) 2009-2013 by Jeff Mott. All rights reserved.
+code.google.com/p/crypto-js/wiki/License
+*/
+(function(E){function h(a,f,g,j,p,h,k){a=a+(f&g|~f&j)+p+k;return(a<>>32-h)+f}function k(a,f,g,j,p,h,k){a=a+(f&j|g&~j)+p+k;return(a<>>32-h)+f}function l(a,f,g,j,h,k,l){a=a+(f^g^j)+h+l;return(a<>>32-k)+f}function n(a,f,g,j,h,k,l){a=a+(g^(f|~j))+h+l;return(a<>>32-k)+f}for(var r=CryptoJS,q=r.lib,F=q.WordArray,s=q.Hasher,q=r.algo,a=[],t=0;64>t;t++)a[t]=4294967296*E.abs(E.sin(t+1))|0;q=q.MD5=s.extend({_doReset:function(){this._hash=new F.init([1732584193,4023233417,2562383102,271733878])},
+_doProcessBlock:function(m,f){for(var g=0;16>g;g++){var j=f+g,p=m[j];m[j]=(p<<8|p>>>24)&16711935|(p<<24|p>>>8)&4278255360}var g=this._hash.words,j=m[f+0],p=m[f+1],q=m[f+2],r=m[f+3],s=m[f+4],t=m[f+5],u=m[f+6],v=m[f+7],w=m[f+8],x=m[f+9],y=m[f+10],z=m[f+11],A=m[f+12],B=m[f+13],C=m[f+14],D=m[f+15],b=g[0],c=g[1],d=g[2],e=g[3],b=h(b,c,d,e,j,7,a[0]),e=h(e,b,c,d,p,12,a[1]),d=h(d,e,b,c,q,17,a[2]),c=h(c,d,e,b,r,22,a[3]),b=h(b,c,d,e,s,7,a[4]),e=h(e,b,c,d,t,12,a[5]),d=h(d,e,b,c,u,17,a[6]),c=h(c,d,e,b,v,22,a[7]),
+b=h(b,c,d,e,w,7,a[8]),e=h(e,b,c,d,x,12,a[9]),d=h(d,e,b,c,y,17,a[10]),c=h(c,d,e,b,z,22,a[11]),b=h(b,c,d,e,A,7,a[12]),e=h(e,b,c,d,B,12,a[13]),d=h(d,e,b,c,C,17,a[14]),c=h(c,d,e,b,D,22,a[15]),b=k(b,c,d,e,p,5,a[16]),e=k(e,b,c,d,u,9,a[17]),d=k(d,e,b,c,z,14,a[18]),c=k(c,d,e,b,j,20,a[19]),b=k(b,c,d,e,t,5,a[20]),e=k(e,b,c,d,y,9,a[21]),d=k(d,e,b,c,D,14,a[22]),c=k(c,d,e,b,s,20,a[23]),b=k(b,c,d,e,x,5,a[24]),e=k(e,b,c,d,C,9,a[25]),d=k(d,e,b,c,r,14,a[26]),c=k(c,d,e,b,w,20,a[27]),b=k(b,c,d,e,B,5,a[28]),e=k(e,b,
+c,d,q,9,a[29]),d=k(d,e,b,c,v,14,a[30]),c=k(c,d,e,b,A,20,a[31]),b=l(b,c,d,e,t,4,a[32]),e=l(e,b,c,d,w,11,a[33]),d=l(d,e,b,c,z,16,a[34]),c=l(c,d,e,b,C,23,a[35]),b=l(b,c,d,e,p,4,a[36]),e=l(e,b,c,d,s,11,a[37]),d=l(d,e,b,c,v,16,a[38]),c=l(c,d,e,b,y,23,a[39]),b=l(b,c,d,e,B,4,a[40]),e=l(e,b,c,d,j,11,a[41]),d=l(d,e,b,c,r,16,a[42]),c=l(c,d,e,b,u,23,a[43]),b=l(b,c,d,e,x,4,a[44]),e=l(e,b,c,d,A,11,a[45]),d=l(d,e,b,c,D,16,a[46]),c=l(c,d,e,b,q,23,a[47]),b=n(b,c,d,e,j,6,a[48]),e=n(e,b,c,d,v,10,a[49]),d=n(d,e,b,c,
+C,15,a[50]),c=n(c,d,e,b,t,21,a[51]),b=n(b,c,d,e,A,6,a[52]),e=n(e,b,c,d,r,10,a[53]),d=n(d,e,b,c,y,15,a[54]),c=n(c,d,e,b,p,21,a[55]),b=n(b,c,d,e,w,6,a[56]),e=n(e,b,c,d,D,10,a[57]),d=n(d,e,b,c,u,15,a[58]),c=n(c,d,e,b,B,21,a[59]),b=n(b,c,d,e,s,6,a[60]),e=n(e,b,c,d,z,10,a[61]),d=n(d,e,b,c,q,15,a[62]),c=n(c,d,e,b,x,21,a[63]);g[0]=g[0]+b|0;g[1]=g[1]+c|0;g[2]=g[2]+d|0;g[3]=g[3]+e|0},_doFinalize:function(){var a=this._data,f=a.words,g=8*this._nDataBytes,j=8*a.sigBytes;f[j>>>5]|=128<<24-j%32;var h=E.floor(g/
+4294967296);f[(j+64>>>9<<4)+15]=(h<<8|h>>>24)&16711935|(h<<24|h>>>8)&4278255360;f[(j+64>>>9<<4)+14]=(g<<8|g>>>24)&16711935|(g<<24|g>>>8)&4278255360;a.sigBytes=4*(f.length+1);this._process();a=this._hash;f=a.words;for(g=0;4>g;g++)j=f[g],f[g]=(j<<8|j>>>24)&16711935|(j<<24|j>>>8)&4278255360;return a},clone:function(){var a=s.clone.call(this);a._hash=this._hash.clone();return a}});r.MD5=s._createHelper(q);r.HmacMD5=s._createHmacHelper(q)})(Math);
+/*
+CryptoJS v3.1.2 enc-base64-min.js
+code.google.com/p/crypto-js
+(c) 2009-2013 by Jeff Mott. All rights reserved.
+code.google.com/p/crypto-js/wiki/License
+*/
+(function(){var h=CryptoJS,j=h.lib.WordArray;h.enc.Base64={stringify:function(b){var e=b.words,f=b.sigBytes,c=this._map;b.clamp();b=[];for(var a=0;a>>2]>>>24-8*(a%4)&255)<<16|(e[a+1>>>2]>>>24-8*((a+1)%4)&255)<<8|e[a+2>>>2]>>>24-8*((a+2)%4)&255,g=0;4>g&&a+0.75*g>>6*(3-g)&63));if(e=c.charAt(64))for(;b.length%4;)b.push(e);return b.join("")},parse:function(b){var e=b.length,f=this._map,c=f.charAt(64);c&&(c=b.indexOf(c),-1!=c&&(e=c));for(var c=[],a=0,d=0;d<
+e;d++)if(d%4){var g=f.indexOf(b.charAt(d-1))<<2*(d%4),h=f.indexOf(b.charAt(d))>>>6-2*(d%4);c[a>>>2]|=(g|h)<<24-8*(a%4);a++}return j.create(c,a)},_map:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="}})();
+/*
+CryptoJS v3.1.2 cipher-core-min.js
+code.google.com/p/crypto-js
+(c) 2009-2013 by Jeff Mott. All rights reserved.
+code.google.com/p/crypto-js/wiki/License
+*/
+CryptoJS.lib.Cipher||function(u){var g=CryptoJS,f=g.lib,k=f.Base,l=f.WordArray,q=f.BufferedBlockAlgorithm,r=g.enc.Base64,v=g.algo.EvpKDF,n=f.Cipher=q.extend({cfg:k.extend(),createEncryptor:function(a,b){return this.create(this._ENC_XFORM_MODE,a,b)},createDecryptor:function(a,b){return this.create(this._DEC_XFORM_MODE,a,b)},init:function(a,b,c){this.cfg=this.cfg.extend(c);this._xformMode=a;this._key=b;this.reset()},reset:function(){q.reset.call(this);this._doReset()},process:function(a){this._append(a);
+return this._process()},finalize:function(a){a&&this._append(a);return this._doFinalize()},keySize:4,ivSize:4,_ENC_XFORM_MODE:1,_DEC_XFORM_MODE:2,_createHelper:function(a){return{encrypt:function(b,c,d){return("string"==typeof c?s:j).encrypt(a,b,c,d)},decrypt:function(b,c,d){return("string"==typeof c?s:j).decrypt(a,b,c,d)}}}});f.StreamCipher=n.extend({_doFinalize:function(){return this._process(!0)},blockSize:1});var m=g.mode={},t=function(a,b,c){var d=this._iv;d?this._iv=u:d=this._prevBlock;for(var e=
+0;e>>2]&255}};f.BlockCipher=n.extend({cfg:n.cfg.extend({mode:m,padding:h}),reset:function(){n.reset.call(this);var a=this.cfg,b=a.iv,a=a.mode;if(this._xformMode==this._ENC_XFORM_MODE)var c=a.createEncryptor;else c=a.createDecryptor,this._minBufferSize=1;
+this._mode=c.call(a,this,b&&b.words)},_doProcessBlock:function(a,b){this._mode.processBlock(a,b)},_doFinalize:function(){var a=this.cfg.padding;if(this._xformMode==this._ENC_XFORM_MODE){a.pad(this._data,this.blockSize);var b=this._process(!0)}else b=this._process(!0),a.unpad(b);return b},blockSize:4});var p=f.CipherParams=k.extend({init:function(a){this.mixIn(a)},toString:function(a){return(a||this.formatter).stringify(this)}}),m=(g.format={}).OpenSSL={stringify:function(a){var b=a.ciphertext;a=a.salt;
+return(a?l.create([1398893684,1701076831]).concat(a).concat(b):b).toString(r)},parse:function(a){a=r.parse(a);var b=a.words;if(1398893684==b[0]&&1701076831==b[1]){var c=l.create(b.slice(2,4));b.splice(0,4);a.sigBytes-=16}return p.create({ciphertext:a,salt:c})}},j=f.SerializableCipher=k.extend({cfg:k.extend({format:m}),encrypt:function(a,b,c,d){d=this.cfg.extend(d);var e=a.createEncryptor(c,d);b=e.finalize(b);e=e.cfg;return p.create({ciphertext:b,key:c,iv:e.iv,algorithm:a,mode:e.mode,padding:e.padding,
+blockSize:a.blockSize,formatter:d.format})},decrypt:function(a,b,c,d){d=this.cfg.extend(d);b=this._parse(b,d.format);return a.createDecryptor(c,d).finalize(b.ciphertext)},_parse:function(a,b){return"string"==typeof a?b.parse(a,this):a}}),g=(g.kdf={}).OpenSSL={execute:function(a,b,c,d){d||(d=l.random(8));a=v.create({keySize:b+c}).compute(a,d);c=l.create(a.words.slice(b),4*c);a.sigBytes=4*b;return p.create({key:a,iv:c,salt:d})}},s=f.PasswordBasedCipher=j.extend({cfg:j.cfg.extend({kdf:g}),encrypt:function(a,
+b,c,d){d=this.cfg.extend(d);c=d.kdf.execute(c,a.keySize,a.ivSize);d.iv=c.iv;a=j.encrypt.call(this,a,b,c.key,d);a.mixIn(c);return a},decrypt:function(a,b,c,d){d=this.cfg.extend(d);b=this._parse(b,d.format);c=d.kdf.execute(c,a.keySize,a.ivSize,b.salt);d.iv=c.iv;return j.decrypt.call(this,a,b,c.key,d)}})}();
+/*
+CryptoJS v3.1.2 aes-min.js
+code.google.com/p/crypto-js
+(c) 2009-2013 by Jeff Mott. All rights reserved.
+code.google.com/p/crypto-js/wiki/License
+*/
+(function(){for(var q=CryptoJS,x=q.lib.BlockCipher,r=q.algo,j=[],y=[],z=[],A=[],B=[],C=[],s=[],u=[],v=[],w=[],g=[],k=0;256>k;k++)g[k]=128>k?k<<1:k<<1^283;for(var n=0,l=0,k=0;256>k;k++){var f=l^l<<1^l<<2^l<<3^l<<4,f=f>>>8^f&255^99;j[n]=f;y[f]=n;var t=g[n],D=g[t],E=g[D],b=257*g[f]^16843008*f;z[n]=b<<24|b>>>8;A[n]=b<<16|b>>>16;B[n]=b<<8|b>>>24;C[n]=b;b=16843009*E^65537*D^257*t^16843008*n;s[f]=b<<24|b>>>8;u[f]=b<<16|b>>>16;v[f]=b<<8|b>>>24;w[f]=b;n?(n=t^g[g[g[E^t]]],l^=g[g[l]]):n=l=1}var F=[0,1,2,4,8,
+16,32,64,128,27,54],r=r.AES=x.extend({_doReset:function(){for(var c=this._key,e=c.words,a=c.sigBytes/4,c=4*((this._nRounds=a+6)+1),b=this._keySchedule=[],h=0;h>>24]<<24|j[d>>>16&255]<<16|j[d>>>8&255]<<8|j[d&255]):(d=d<<8|d>>>24,d=j[d>>>24]<<24|j[d>>>16&255]<<16|j[d>>>8&255]<<8|j[d&255],d^=F[h/a|0]<<24);b[h]=b[h-a]^d}e=this._invKeySchedule=[];for(a=0;aa||4>=h?d:s[j[d>>>24]]^u[j[d>>>16&255]]^v[j[d>>>
+8&255]]^w[j[d&255]]},encryptBlock:function(c,e){this._doCryptBlock(c,e,this._keySchedule,z,A,B,C,j)},decryptBlock:function(c,e){var a=c[e+1];c[e+1]=c[e+3];c[e+3]=a;this._doCryptBlock(c,e,this._invKeySchedule,s,u,v,w,y);a=c[e+1];c[e+1]=c[e+3];c[e+3]=a},_doCryptBlock:function(c,e,a,b,h,d,j,m){for(var n=this._nRounds,f=c[e]^a[0],g=c[e+1]^a[1],k=c[e+2]^a[2],p=c[e+3]^a[3],l=4,t=1;t>>24]^h[g>>>16&255]^d[k>>>8&255]^j[p&255]^a[l++],r=b[g>>>24]^h[k>>>16&255]^d[p>>>8&255]^j[f&255]^a[l++],s=
+b[k>>>24]^h[p>>>16&255]^d[f>>>8&255]^j[g&255]^a[l++],p=b[p>>>24]^h[f>>>16&255]^d[g>>>8&255]^j[k&255]^a[l++],f=q,g=r,k=s;q=(m[f>>>24]<<24|m[g>>>16&255]<<16|m[k>>>8&255]<<8|m[p&255])^a[l++];r=(m[g>>>24]<<24|m[k>>>16&255]<<16|m[p>>>8&255]<<8|m[f&255])^a[l++];s=(m[k>>>24]<<24|m[p>>>16&255]<<16|m[f>>>8&255]<<8|m[g&255])^a[l++];p=(m[p>>>24]<<24|m[f>>>16&255]<<16|m[g>>>8&255]<<8|m[k&255])^a[l++];c[e]=q;c[e+1]=r;c[e+2]=s;c[e+3]=p},keySize:8});q.AES=x._createHelper(r)})();
+/*
+CryptoJS v3.1.2 tripledes-min.js
+code.google.com/p/crypto-js
+(c) 2009-2013 by Jeff Mott. All rights reserved.
+code.google.com/p/crypto-js/wiki/License
+*/
+(function(){function j(b,c){var a=(this._lBlock>>>b^this._rBlock)&c;this._rBlock^=a;this._lBlock^=a<>>b^this._lBlock)&c;this._lBlock^=a;this._rBlock^=a<a;a++){var f=q[a]-1;c[a]=b[f>>>5]>>>31-f%32&1}b=this._subKeys=[];for(f=0;16>f;f++){for(var d=b[f]=[],e=r[f],a=0;24>a;a++)d[a/6|0]|=c[(p[a]-1+e)%28]<<31-a%6,d[4+(a/6|0)]|=c[28+(p[a+24]-1+e)%28]<<31-a%6;d[0]=d[0]<<1|d[0]>>>31;for(a=1;7>a;a++)d[a]>>>=
+4*(a-1)+3;d[7]=d[7]<<5|d[7]>>>27}c=this._invSubKeys=[];for(a=0;16>a;a++)c[a]=b[15-a]},encryptBlock:function(b,c){this._doCryptBlock(b,c,this._subKeys)},decryptBlock:function(b,c){this._doCryptBlock(b,c,this._invSubKeys)},_doCryptBlock:function(b,c,a){this._lBlock=b[c];this._rBlock=b[c+1];j.call(this,4,252645135);j.call(this,16,65535);l.call(this,2,858993459);l.call(this,8,16711935);j.call(this,1,1431655765);for(var f=0;16>f;f++){for(var d=a[f],e=this._lBlock,h=this._rBlock,g=0,k=0;8>k;k++)g|=s[k][((h^
+d[k])&t[k])>>>0];this._lBlock=h;this._rBlock=e^g}a=this._lBlock;this._lBlock=this._rBlock;this._rBlock=a;j.call(this,1,1431655765);l.call(this,8,16711935);l.call(this,2,858993459);j.call(this,16,65535);j.call(this,4,252645135);b[c]=this._lBlock;b[c+1]=this._rBlock},keySize:2,ivSize:2,blockSize:2});h.DES=e._createHelper(m);g=g.TripleDES=e.extend({_doReset:function(){var b=this._key.words;this._des1=m.createEncryptor(n.create(b.slice(0,2)));this._des2=m.createEncryptor(n.create(b.slice(2,4)));this._des3=
+m.createEncryptor(n.create(b.slice(4,6)))},encryptBlock:function(b,c){this._des1.encryptBlock(b,c);this._des2.decryptBlock(b,c);this._des3.encryptBlock(b,c)},decryptBlock:function(b,c){this._des3.decryptBlock(b,c);this._des2.encryptBlock(b,c);this._des1.decryptBlock(b,c)},keySize:6,ivSize:2,blockSize:2});h.TripleDES=e._createHelper(g)})();
+/*
+CryptoJS v3.1.2 sha1-min.js
+code.google.com/p/crypto-js
+(c) 2009-2013 by Jeff Mott. All rights reserved.
+code.google.com/p/crypto-js/wiki/License
+*/
+(function(){var k=CryptoJS,b=k.lib,m=b.WordArray,l=b.Hasher,d=[],b=k.algo.SHA1=l.extend({_doReset:function(){this._hash=new m.init([1732584193,4023233417,2562383102,271733878,3285377520])},_doProcessBlock:function(n,p){for(var a=this._hash.words,e=a[0],f=a[1],h=a[2],j=a[3],b=a[4],c=0;80>c;c++){if(16>c)d[c]=n[p+c]|0;else{var g=d[c-3]^d[c-8]^d[c-14]^d[c-16];d[c]=g<<1|g>>>31}g=(e<<5|e>>>27)+b+d[c];g=20>c?g+((f&h|~f&j)+1518500249):40>c?g+((f^h^j)+1859775393):60>c?g+((f&h|f&j|h&j)-1894007588):g+((f^h^
+j)-899497514);b=j;j=h;h=f<<30|f>>>2;f=e;e=g}a[0]=a[0]+e|0;a[1]=a[1]+f|0;a[2]=a[2]+h|0;a[3]=a[3]+j|0;a[4]=a[4]+b|0},_doFinalize:function(){var b=this._data,d=b.words,a=8*this._nDataBytes,e=8*b.sigBytes;d[e>>>5]|=128<<24-e%32;d[(e+64>>>9<<4)+14]=Math.floor(a/4294967296);d[(e+64>>>9<<4)+15]=a;b.sigBytes=4*d.length;this._process();return this._hash},clone:function(){var b=l.clone.call(this);b._hash=this._hash.clone();return b}});k.SHA1=l._createHelper(b);k.HmacSHA1=l._createHmacHelper(b)})();
+/*
+CryptoJS v3.1.2 ripemd160-min.js
+code.google.com/p/crypto-js
+(c) 2009-2013 by Jeff Mott. All rights reserved.
+code.google.com/p/crypto-js/wiki/License
+*/
+/*
+
+(c) 2012 by Cedric Mesnil. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
+
+    - Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
+    - Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+*/
+(function(){var q=CryptoJS,d=q.lib,n=d.WordArray,p=d.Hasher,d=q.algo,x=n.create([0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,7,4,13,1,10,6,15,3,12,0,9,5,2,14,11,8,3,10,14,4,9,15,8,1,2,7,0,6,13,11,5,12,1,9,11,10,0,8,12,4,13,3,7,15,14,5,6,2,4,0,5,9,7,12,2,10,14,1,3,8,11,6,15,13]),y=n.create([5,14,7,0,9,2,11,4,13,6,15,8,1,10,3,12,6,11,3,7,0,13,5,10,14,15,8,12,4,9,1,2,15,5,1,3,7,14,6,9,11,8,12,2,10,0,4,13,8,6,4,1,3,11,15,0,5,12,2,13,9,7,10,14,12,15,10,4,1,5,8,7,6,2,13,14,0,3,9,11]),z=n.create([11,14,15,12,
+5,8,7,9,11,13,14,15,6,7,9,8,7,6,8,13,11,9,7,15,7,12,15,9,11,7,13,12,11,13,6,7,14,9,13,15,14,8,13,6,5,12,7,5,11,12,14,15,14,15,9,8,9,14,5,6,8,6,5,12,9,15,5,11,6,8,13,12,5,12,13,14,11,8,5,6]),A=n.create([8,9,9,11,13,15,15,5,7,7,8,11,14,14,12,6,9,13,15,7,12,8,9,11,7,7,12,7,6,15,13,11,9,7,15,11,8,6,6,14,12,13,5,14,13,13,7,5,15,5,8,11,14,14,6,14,6,9,12,9,12,5,15,8,8,5,12,9,12,5,14,6,8,13,6,5,15,13,11,11]),B=n.create([0,1518500249,1859775393,2400959708,2840853838]),C=n.create([1352829926,1548603684,1836072691,
+2053994217,0]),d=d.RIPEMD160=p.extend({_doReset:function(){this._hash=n.create([1732584193,4023233417,2562383102,271733878,3285377520])},_doProcessBlock:function(e,v){for(var b=0;16>b;b++){var c=v+b,f=e[c];e[c]=(f<<8|f>>>24)&16711935|(f<<24|f>>>8)&4278255360}var c=this._hash.words,f=B.words,d=C.words,n=x.words,q=y.words,p=z.words,w=A.words,t,g,h,j,r,u,k,l,m,s;u=t=c[0];k=g=c[1];l=h=c[2];m=j=c[3];s=r=c[4];for(var a,b=0;80>b;b+=1)a=t+e[v+n[b]]|0,a=16>b?a+((g^h^j)+f[0]):32>b?a+((g&h|~g&j)+f[1]):48>b?
+a+(((g|~h)^j)+f[2]):64>b?a+((g&j|h&~j)+f[3]):a+((g^(h|~j))+f[4]),a|=0,a=a<>>32-p[b],a=a+r|0,t=r,r=j,j=h<<10|h>>>22,h=g,g=a,a=u+e[v+q[b]]|0,a=16>b?a+((k^(l|~m))+d[0]):32>b?a+((k&m|l&~m)+d[1]):48>b?a+(((k|~l)^m)+d[2]):64>b?a+((k&l|~k&m)+d[3]):a+((k^l^m)+d[4]),a|=0,a=a<>>32-w[b],a=a+s|0,u=s,s=m,m=l<<10|l>>>22,l=k,k=a;a=c[1]+h+m|0;c[1]=c[2]+j+s|0;c[2]=c[3]+r+u|0;c[3]=c[4]+t+k|0;c[4]=c[0]+g+l|0;c[0]=a},_doFinalize:function(){var e=this._data,d=e.words,b=8*this._nDataBytes,c=8*e.sigBytes;
+d[c>>>5]|=128<<24-c%32;d[(c+64>>>9<<4)+14]=(b<<8|b>>>24)&16711935|(b<<24|b>>>8)&4278255360;e.sigBytes=4*(d.length+1);this._process();e=this._hash;d=e.words;for(b=0;5>b;b++)c=d[b],d[b]=(c<<8|c>>>24)&16711935|(c<<24|c>>>8)&4278255360;return e},clone:function(){var d=p.clone.call(this);d._hash=this._hash.clone();return d}});q.RIPEMD160=p._createHelper(d);q.HmacRIPEMD160=p._createHmacHelper(d)})(Math);
+/*
+CryptoJS v3.1.2 pbkdf2-min.js
+code.google.com/p/crypto-js
+(c) 2009-2013 by Jeff Mott. All rights reserved.
+code.google.com/p/crypto-js/wiki/License
+*/
+(function(){var b=CryptoJS,a=b.lib,d=a.Base,m=a.WordArray,a=b.algo,q=a.HMAC,l=a.PBKDF2=d.extend({cfg:d.extend({keySize:4,hasher:a.SHA1,iterations:1}),init:function(a){this.cfg=this.cfg.extend(a)},compute:function(a,b){for(var c=this.cfg,f=q.create(c.hasher,a),g=m.create(),d=m.create([1]),l=g.words,r=d.words,n=c.keySize,c=c.iterations;l.length>6)+b64map.charAt(e&63)}if(b+1==d.length){e=parseInt(d.substring(b,b+1),16);a+=b64map.charAt(e<<2)}else{if(b+2==d.length){e=parseInt(d.substring(b,b+2),16);a+=b64map.charAt(e>>2)+b64map.charAt((e&3)<<4)}}if(b64pad){while((a.length&3)>0){a+=b64pad}}return a}function b64tohex(f){var d="";var e;var b=0;var c;var a;for(e=0;e>2);c=a&3;b=1}else{if(b==1){d+=int2char((c<<2)|(a>>4));c=a&15;b=2}else{if(b==2){d+=int2char(c);d+=int2char(a>>2);c=a&3;b=3}else{d+=int2char((c<<2)|(a>>4));d+=int2char(a&15);b=0}}}}if(b==1){d+=int2char(c<<2)}return d}function b64toBA(e){var d=b64tohex(e);var c;var b=new Array();for(c=0;2*c=0){var d=a*this[f++]+b[e]+h;h=Math.floor(d/67108864);b[e++]=d&67108863}return h}function am2(f,q,r,e,o,a){var k=q&32767,p=q>>15;while(--a>=0){var d=this[f]&32767;var g=this[f++]>>15;var b=p*d+g*k;d=k*d+((b&32767)<<15)+r[e]+(o&1073741823);o=(d>>>30)+(b>>>15)+p*g+(o>>>30);r[e++]=d&1073741823}return o}function am3(f,q,r,e,o,a){var k=q&16383,p=q>>14;while(--a>=0){var d=this[f]&16383;var g=this[f++]>>14;var b=p*d+g*k;d=k*d+((b&16383)<<14)+r[e]+o;o=(d>>28)+(b>>14)+p*g;r[e++]=d&268435455}return o}if(j_lm&&(navigator.appName=="Microsoft Internet Explorer")){BigInteger.prototype.am=am2;dbits=30}else{if(j_lm&&(navigator.appName!="Netscape")){BigInteger.prototype.am=am1;dbits=26}else{BigInteger.prototype.am=am3;dbits=28}}BigInteger.prototype.DB=dbits;BigInteger.prototype.DM=((1<=0;--a){b[a]=this[a]}b.t=this.t;b.s=this.s}function bnpFromInt(a){this.t=1;this.s=(a<0)?-1:0;if(a>0){this[0]=a}else{if(a<-1){this[0]=a+this.DV}else{this.t=0}}}function nbv(a){var b=nbi();b.fromInt(a);return b}function bnpFromString(h,c){var e;if(c==16){e=4}else{if(c==8){e=3}else{if(c==256){e=8}else{if(c==2){e=1}else{if(c==32){e=5}else{if(c==4){e=2}else{this.fromRadix(h,c);return}}}}}}this.t=0;this.s=0;var g=h.length,d=false,f=0;while(--g>=0){var a=(e==8)?h[g]&255:intAt(h,g);if(a<0){if(h.charAt(g)=="-"){d=true}continue}d=false;if(f==0){this[this.t++]=a}else{if(f+e>this.DB){this[this.t-1]|=(a&((1<<(this.DB-f))-1))<>(this.DB-f))}else{this[this.t-1]|=a<=this.DB){f-=this.DB}}if(e==8&&(h[0]&128)!=0){this.s=-1;if(f>0){this[this.t-1]|=((1<<(this.DB-f))-1)<0&&this[this.t-1]==a){--this.t}}function bnToString(c){if(this.s<0){return"-"+this.negate().toString(c)}var e;if(c==16){e=4}else{if(c==8){e=3}else{if(c==2){e=1}else{if(c==32){e=5}else{if(c==4){e=2}else{return this.toRadix(c)}}}}}var g=(1<0){if(j>j)>0){a=true;h=int2char(l)}while(f>=0){if(j>(j+=this.DB-e)}else{l=(this[f]>>(j-=e))&g;if(j<=0){j+=this.DB;--f}}if(l>0){a=true}if(a){h+=int2char(l)}}}return a?h:"0"}function bnNegate(){var a=nbi();BigInteger.ZERO.subTo(this,a);return a}function bnAbs(){return(this.s<0)?this.negate():this}function bnCompareTo(b){var d=this.s-b.s;if(d!=0){return d}var c=this.t;d=c-b.t;if(d!=0){return(this.s<0)?-d:d}while(--c>=0){if((d=this[c]-b[c])!=0){return d}}return 0}function nbits(a){var c=1,b;if((b=a>>>16)!=0){a=b;c+=16}if((b=a>>8)!=0){a=b;c+=8}if((b=a>>4)!=0){a=b;c+=4}if((b=a>>2)!=0){a=b;c+=2}if((b=a>>1)!=0){a=b;c+=1}return c}function bnBitLength(){if(this.t<=0){return 0}return this.DB*(this.t-1)+nbits(this[this.t-1]^(this.s&this.DM))}function bnpDLShiftTo(c,b){var a;for(a=this.t-1;a>=0;--a){b[a+c]=this[a]}for(a=c-1;a>=0;--a){b[a]=0}b.t=this.t+c;b.s=this.s}function bnpDRShiftTo(c,b){for(var a=c;a=0;--d){e[d+f+1]=(this[d]>>a)|h;h=(this[d]&g)<=0;--d){e[d]=0}e[f]=h;e.t=this.t+f+1;e.s=this.s;e.clamp()}function bnpRShiftTo(g,d){d.s=this.s;var e=Math.floor(g/this.DB);if(e>=this.t){d.t=0;return}var b=g%this.DB;var a=this.DB-b;var f=(1<>b;for(var c=e+1;c>b}if(b>0){d[this.t-e-1]|=(this.s&f)<>=this.DB}if(d.t>=this.DB}g+=this.s}else{g+=this.s;while(e>=this.DB}g-=d.s}f.s=(g<0)?-1:0;if(g<-1){f[e++]=this.DV+g}else{if(g>0){f[e++]=g}}f.t=e;f.clamp()}function bnpMultiplyTo(c,e){var b=this.abs(),f=c.abs();var d=b.t;e.t=d+f.t;while(--d>=0){e[d]=0}for(d=0;d=0){d[b]=0}for(b=0;b=a.DV){d[b+a.t]-=a.DV;d[b+a.t+1]=1}}if(d.t>0){d[d.t-1]+=a.am(b,a[b],d,2*b,0,1)}d.s=0;d.clamp()}function bnpDivRemTo(n,h,g){var w=n.abs();if(w.t<=0){return}var k=this.abs();if(k.t0){w.lShiftTo(v,d);k.lShiftTo(v,g)}else{w.copyTo(d);k.copyTo(g)}var p=d.t;var b=d[p-1];if(b==0){return}var o=b*(1<1)?d[p-2]>>this.F2:0);var A=this.FV/o,z=(1<=0){g[g.t++]=1;g.subTo(f,g)}BigInteger.ONE.dlShiftTo(p,f);f.subTo(d,d);while(d.t=0){var c=(g[--u]==b)?this.DM:Math.floor(g[u]*A+(g[u-1]+x)*z);if((g[u]+=d.am(0,c,g,s,0,p))0){g.rShiftTo(v,g)}if(a<0){BigInteger.ZERO.subTo(g,g)}}function bnMod(b){var c=nbi();this.abs().divRemTo(b,null,c);if(this.s<0&&c.compareTo(BigInteger.ZERO)>0){b.subTo(c,c)}return c}function Classic(a){this.m=a}function cConvert(a){if(a.s<0||a.compareTo(this.m)>=0){return a.mod(this.m)}else{return a}}function cRevert(a){return a}function cReduce(a){a.divRemTo(this.m,null,a)}function cMulTo(a,c,b){a.multiplyTo(c,b);this.reduce(b)}function cSqrTo(a,b){a.squareTo(b);this.reduce(b)}Classic.prototype.convert=cConvert;Classic.prototype.revert=cRevert;Classic.prototype.reduce=cReduce;Classic.prototype.mulTo=cMulTo;Classic.prototype.sqrTo=cSqrTo;function bnpInvDigit(){if(this.t<1){return 0}var a=this[0];if((a&1)==0){return 0}var b=a&3;b=(b*(2-(a&15)*b))&15;b=(b*(2-(a&255)*b))&255;b=(b*(2-(((a&65535)*b)&65535)))&65535;b=(b*(2-a*b%this.DV))%this.DV;return(b>0)?this.DV-b:-b}function Montgomery(a){this.m=a;this.mp=a.invDigit();this.mpl=this.mp&32767;this.mph=this.mp>>15;this.um=(1<<(a.DB-15))-1;this.mt2=2*a.t}function montConvert(a){var b=nbi();a.abs().dlShiftTo(this.m.t,b);b.divRemTo(this.m,null,b);if(a.s<0&&b.compareTo(BigInteger.ZERO)>0){this.m.subTo(b,b)}return b}function montRevert(a){var b=nbi();a.copyTo(b);this.reduce(b);return b}function montReduce(a){while(a.t<=this.mt2){a[a.t++]=0}for(var c=0;c>15)*this.mpl)&this.um)<<15))&a.DM;b=c+this.m.t;a[b]+=this.m.am(0,d,a,c,0,this.m.t);while(a[b]>=a.DV){a[b]-=a.DV;a[++b]++}}a.clamp();a.drShiftTo(this.m.t,a);if(a.compareTo(this.m)>=0){a.subTo(this.m,a)}}function montSqrTo(a,b){a.squareTo(b);this.reduce(b)}function montMulTo(a,c,b){a.multiplyTo(c,b);this.reduce(b)}Montgomery.prototype.convert=montConvert;Montgomery.prototype.revert=montRevert;Montgomery.prototype.reduce=montReduce;Montgomery.prototype.mulTo=montMulTo;Montgomery.prototype.sqrTo=montSqrTo;function bnpIsEven(){return((this.t>0)?(this[0]&1):this.s)==0}function bnpExp(h,j){if(h>4294967295||h<1){return BigInteger.ONE}var f=nbi(),a=nbi(),d=j.convert(this),c=nbits(h)-1;d.copyTo(f);while(--c>=0){j.sqrTo(f,a);if((h&(1<0){j.mulTo(a,d,f)}else{var b=f;f=a;a=b}}return j.revert(f)}function bnModPowInt(b,a){var c;if(b<256||a.isEven()){c=new Classic(a)}else{c=new Montgomery(a)}return this.exp(b,c)}BigInteger.prototype.copyTo=bnpCopyTo;BigInteger.prototype.fromInt=bnpFromInt;BigInteger.prototype.fromString=bnpFromString;BigInteger.prototype.clamp=bnpClamp;BigInteger.prototype.dlShiftTo=bnpDLShiftTo;BigInteger.prototype.drShiftTo=bnpDRShiftTo;BigInteger.prototype.lShiftTo=bnpLShiftTo;BigInteger.prototype.rShiftTo=bnpRShiftTo;BigInteger.prototype.subTo=bnpSubTo;BigInteger.prototype.multiplyTo=bnpMultiplyTo;BigInteger.prototype.squareTo=bnpSquareTo;BigInteger.prototype.divRemTo=bnpDivRemTo;BigInteger.prototype.invDigit=bnpInvDigit;BigInteger.prototype.isEven=bnpIsEven;BigInteger.prototype.exp=bnpExp;BigInteger.prototype.toString=bnToString;BigInteger.prototype.negate=bnNegate;BigInteger.prototype.abs=bnAbs;BigInteger.prototype.compareTo=bnCompareTo;BigInteger.prototype.bitLength=bnBitLength;BigInteger.prototype.mod=bnMod;BigInteger.prototype.modPowInt=bnModPowInt;BigInteger.ZERO=nbv(0);BigInteger.ONE=nbv(1);
+/*! (c) Tom Wu | http://www-cs-students.stanford.edu/~tjw/jsbn/
+ */
+function bnClone(){var a=nbi();this.copyTo(a);return a}function bnIntValue(){if(this.s<0){if(this.t==1){return this[0]-this.DV}else{if(this.t==0){return -1}}}else{if(this.t==1){return this[0]}else{if(this.t==0){return 0}}}return((this[1]&((1<<(32-this.DB))-1))<>24}function bnShortValue(){return(this.t==0)?this.s:(this[0]<<16)>>16}function bnpChunkSize(a){return Math.floor(Math.LN2*this.DB/Math.log(a))}function bnSigNum(){if(this.s<0){return -1}else{if(this.t<=0||(this.t==1&&this[0]<=0)){return 0}else{return 1}}}function bnpToRadix(c){if(c==null){c=10}if(this.signum()==0||c<2||c>36){return"0"}var f=this.chunkSize(c);var e=Math.pow(c,f);var i=nbv(e),j=nbi(),h=nbi(),g="";this.divRemTo(i,j,h);while(j.signum()>0){g=(e+h.intValue()).toString(c).substr(1)+g;j.divRemTo(i,j,h)}return h.intValue().toString(c)+g}function bnpFromRadix(m,h){this.fromInt(0);if(h==null){h=10}var f=this.chunkSize(h);var g=Math.pow(h,f),e=false,a=0,l=0;for(var c=0;c=f){this.dMultiply(g);this.dAddOffset(l,0);a=0;l=0}}if(a>0){this.dMultiply(Math.pow(h,a));this.dAddOffset(l,0)}if(e){BigInteger.ZERO.subTo(this,this)}}function bnpFromNumber(f,e,h){if("number"==typeof e){if(f<2){this.fromInt(1)}else{this.fromNumber(f,h);if(!this.testBit(f-1)){this.bitwiseTo(BigInteger.ONE.shiftLeft(f-1),op_or,this)}if(this.isEven()){this.dAddOffset(1,0)}while(!this.isProbablePrime(e)){this.dAddOffset(2,0);if(this.bitLength()>f){this.subTo(BigInteger.ONE.shiftLeft(f-1),this)}}}}else{var d=new Array(),g=f&7;d.length=(f>>3)+1;e.nextBytes(d);if(g>0){d[0]&=((1<0){if(e>e)!=(this.s&this.DM)>>e){c[a++]=f|(this.s<<(this.DB-e))}while(b>=0){if(e<8){f=(this[b]&((1<>(e+=this.DB-8)}else{f=(this[b]>>(e-=8))&255;if(e<=0){e+=this.DB;--b}}if((f&128)!=0){f|=-256}if(a==0&&(this.s&128)!=(f&128)){++a}if(a>0||f!=this.s){c[a++]=f}}}return c}function bnEquals(b){return(this.compareTo(b)==0)}function bnMin(b){return(this.compareTo(b)<0)?this:b}function bnMax(b){return(this.compareTo(b)>0)?this:b}function bnpBitwiseTo(c,h,e){var d,g,b=Math.min(c.t,this.t);for(d=0;d>=16;b+=16}if((a&255)==0){a>>=8;b+=8}if((a&15)==0){a>>=4;b+=4}if((a&3)==0){a>>=2;b+=2}if((a&1)==0){++b}return b}function bnGetLowestSetBit(){for(var a=0;a=this.t){return(this.s!=0)}return((this[a]&(1<<(b%this.DB)))!=0)}function bnpChangeBit(c,b){var a=BigInteger.ONE.shiftLeft(c);this.bitwiseTo(a,b,a);return a}function bnSetBit(a){return this.changeBit(a,op_or)}function bnClearBit(a){return this.changeBit(a,op_andnot)}function bnFlipBit(a){return this.changeBit(a,op_xor)}function bnpAddTo(d,f){var e=0,g=0,b=Math.min(d.t,this.t);while(e>=this.DB}if(d.t>=this.DB}g+=this.s}else{g+=this.s;while(e>=this.DB}g+=d.s}f.s=(g<0)?-1:0;if(g>0){f[e++]=g}else{if(g<-1){f[e++]=this.DV+g}}f.t=e;f.clamp()}function bnAdd(b){var c=nbi();this.addTo(b,c);return c}function bnSubtract(b){var c=nbi();this.subTo(b,c);return c}function bnMultiply(b){var c=nbi();this.multiplyTo(b,c);return c}function bnSquare(){var a=nbi();this.squareTo(a);return a}function bnDivide(b){var c=nbi();this.divRemTo(b,c,null);return c}function bnRemainder(b){var c=nbi();this.divRemTo(b,null,c);return c}function bnDivideAndRemainder(b){var d=nbi(),c=nbi();this.divRemTo(b,d,c);return new Array(d,c)}function bnpDMultiply(a){this[this.t]=this.am(0,a-1,this,0,0,this.t);++this.t;this.clamp()}function bnpDAddOffset(b,a){if(b==0){return}while(this.t<=a){this[this.t++]=0}this[a]+=b;while(this[a]>=this.DV){this[a]-=this.DV;if(++a>=this.t){this[this.t++]=0}++this[a]}}function NullExp(){}function nNop(a){return a}function nMulTo(a,c,b){a.multiplyTo(c,b)}function nSqrTo(a,b){a.squareTo(b)}NullExp.prototype.convert=nNop;NullExp.prototype.revert=nNop;NullExp.prototype.mulTo=nMulTo;NullExp.prototype.sqrTo=nSqrTo;function bnPow(a){return this.exp(a,new NullExp())}function bnpMultiplyLowerTo(b,f,e){var d=Math.min(this.t+b.t,f);e.s=0;e.t=d;while(d>0){e[--d]=0}var c;for(c=e.t-this.t;d=0){d[c]=0}for(c=Math.max(e-this.t,0);c2*this.m.t){return a.mod(this.m)}else{if(a.compareTo(this.m)<0){return a}else{var b=nbi();a.copyTo(b);this.reduce(b);return b}}}function barrettRevert(a){return a}function barrettReduce(a){a.drShiftTo(this.m.t-1,this.r2);if(a.t>this.m.t+1){a.t=this.m.t+1;a.clamp()}this.mu.multiplyUpperTo(this.r2,this.m.t+1,this.q3);this.m.multiplyLowerTo(this.q3,this.m.t+1,this.r2);while(a.compareTo(this.r2)<0){a.dAddOffset(1,this.m.t+1)}a.subTo(this.r2,a);while(a.compareTo(this.m)>=0){a.subTo(this.m,a)}}function barrettSqrTo(a,b){a.squareTo(b);this.reduce(b)}function barrettMulTo(a,c,b){a.multiplyTo(c,b);this.reduce(b)}Barrett.prototype.convert=barrettConvert;Barrett.prototype.revert=barrettRevert;Barrett.prototype.reduce=barrettReduce;Barrett.prototype.mulTo=barrettMulTo;Barrett.prototype.sqrTo=barrettSqrTo;function bnModPow(q,f){var o=q.bitLength(),h,b=nbv(1),v;if(o<=0){return b}else{if(o<18){h=1}else{if(o<48){h=3}else{if(o<144){h=4}else{if(o<768){h=5}else{h=6}}}}}if(o<8){v=new Classic(f)}else{if(f.isEven()){v=new Barrett(f)}else{v=new Montgomery(f)}}var p=new Array(),d=3,s=h-1,a=(1<1){var A=nbi();v.sqrTo(p[1],A);while(d<=a){p[d]=nbi();v.mulTo(A,p[d-2],p[d]);d+=2}}var l=q.t-1,x,u=true,c=nbi(),y;o=nbits(q[l])-1;while(l>=0){if(o>=s){x=(q[l]>>(o-s))&a}else{x=(q[l]&((1<<(o+1))-1))<<(s-o);if(l>0){x|=q[l-1]>>(this.DB+o-s)}}d=h;while((x&1)==0){x>>=1;--d}if((o-=d)<0){o+=this.DB;--l}if(u){p[x].copyTo(b);u=false}else{while(d>1){v.sqrTo(b,c);v.sqrTo(c,b);d-=2}if(d>0){v.sqrTo(b,c)}else{y=b;b=c;c=y}v.mulTo(c,p[x],b)}while(l>=0&&(q[l]&(1<0){b.rShiftTo(f,b);h.rShiftTo(f,h)}while(b.signum()>0){if((d=b.getLowestSetBit())>0){b.rShiftTo(d,b)}if((d=h.getLowestSetBit())>0){h.rShiftTo(d,h)}if(b.compareTo(h)>=0){b.subTo(h,b);b.rShiftTo(1,b)}else{h.subTo(b,h);h.rShiftTo(1,h)}}if(f>0){h.lShiftTo(f,h)}return h}function bnpModInt(e){if(e<=0){return 0}var c=this.DV%e,b=(this.s<0)?e-1:0;if(this.t>0){if(c==0){b=this[0]%e}else{for(var a=this.t-1;a>=0;--a){b=(c*b+this[a])%e}}}return b}function bnModInverse(f){var j=f.isEven();if((this.isEven()&&j)||f.signum()==0){return BigInteger.ZERO}var i=f.clone(),h=this.clone();var g=nbv(1),e=nbv(0),l=nbv(0),k=nbv(1);while(i.signum()!=0){while(i.isEven()){i.rShiftTo(1,i);if(j){if(!g.isEven()||!e.isEven()){g.addTo(this,g);e.subTo(f,e)}g.rShiftTo(1,g)}else{if(!e.isEven()){e.subTo(f,e)}}e.rShiftTo(1,e)}while(h.isEven()){h.rShiftTo(1,h);if(j){if(!l.isEven()||!k.isEven()){l.addTo(this,l);k.subTo(f,k)}l.rShiftTo(1,l)}else{if(!k.isEven()){k.subTo(f,k)}}k.rShiftTo(1,k)}if(i.compareTo(h)>=0){i.subTo(h,i);if(j){g.subTo(l,g)}e.subTo(k,e)}else{h.subTo(i,h);if(j){l.subTo(g,l)}k.subTo(e,k)}}if(h.compareTo(BigInteger.ONE)!=0){return BigInteger.ZERO}if(k.compareTo(f)>=0){return k.subtract(f)}if(k.signum()<0){k.addTo(f,k)}else{return k}if(k.signum()<0){return k.add(f)}else{return k}}var lowprimes=[2,3,5,7,11,13,17,19,23,29,31,37,41,43,47,53,59,61,67,71,73,79,83,89,97,101,103,107,109,113,127,131,137,139,149,151,157,163,167,173,179,181,191,193,197,199,211,223,227,229,233,239,241,251,257,263,269,271,277,281,283,293,307,311,313,317,331,337,347,349,353,359,367,373,379,383,389,397,401,409,419,421,431,433,439,443,449,457,461,463,467,479,487,491,499,503,509,521,523,541,547,557,563,569,571,577,587,593,599,601,607,613,617,619,631,641,643,647,653,659,661,673,677,683,691,701,709,719,727,733,739,743,751,757,761,769,773,787,797,809,811,821,823,827,829,839,853,857,859,863,877,881,883,887,907,911,919,929,937,941,947,953,967,971,977,983,991,997];var lplim=(1<<26)/lowprimes[lowprimes.length-1];function bnIsProbablePrime(e){var d,b=this.abs();if(b.t==1&&b[0]<=lowprimes[lowprimes.length-1]){for(d=0;d>1;if(f>lowprimes.length){f=lowprimes.length}var b=nbi();for(var e=0;e>8)&255;rng_pool[rng_pptr++]^=(a>>16)&255;rng_pool[rng_pptr++]^=(a>>24)&255;if(rng_pptr>=rng_psize){rng_pptr-=rng_psize}}function rng_seed_time(){rng_seed_int(new Date().getTime())}if(rng_pool==null){rng_pool=new Array();rng_pptr=0;var t;if(navigator.appName=="Netscape"&&navigator.appVersion<"5"&&window.crypto){var z=window.crypto.random(32);for(t=0;t>>8;rng_pool[rng_pptr++]=t&255}rng_pptr=0;rng_seed_time()}function rng_get_byte(){if(rng_state==null){rng_seed_time();rng_state=prng_newstate();rng_state.init(rng_pool);for(rng_pptr=0;rng_pptr=0&&h>0){var f=e.charCodeAt(d--);if(f<128){g[--h]=f}else{if((f>127)&&(f<2048)){g[--h]=(f&63)|128;g[--h]=(f>>6)|192}else{g[--h]=(f&63)|128;g[--h]=((f>>6)&63)|128;g[--h]=(f>>12)|224}}}g[--h]=0;var b=new SecureRandom();var a=new Array();while(h>2){a[0]=0;while(a[0]==0){b.nextBytes(a)}g[--h]=a[0]}g[--h]=2;g[--h]=0;return new BigInteger(g)}function oaep_mgf1_arr(c,a,e){var b="",d=0;while(b.length>24,(d&16711680)>>16,(d&65280)>>8,d&255])));d+=1}return b}var SHA1_SIZE=20;function oaep_pad(l,a,c){if(l.length+2*SHA1_SIZE+2>a){throw"Message too long for RSA"}var h="",d;for(d=0;d0&&a.length>0){this.n=parseBigInt(b,16);this.e=parseInt(a,16)}else{alert("Invalid RSA public key")}}}function RSADoPublic(a){return a.modPowInt(this.e,this.n)}function RSAEncrypt(d){var a=pkcs1pad2(d,(this.n.bitLength()+7)>>3);if(a==null){return null}var e=this.doPublic(a);if(e==null){return null}var b=e.toString(16);if((b.length&1)==0){return b}else{return"0"+b}}function RSAEncryptOAEP(e,d){var a=oaep_pad(e,(this.n.bitLength()+7)>>3,d);if(a==null){return null}var f=this.doPublic(a);if(f==null){return null}var b=f.toString(16);if((b.length&1)==0){return b}else{return"0"+b}}RSAKey.prototype.doPublic=RSADoPublic;RSAKey.prototype.setPublic=RSASetPublic;RSAKey.prototype.encrypt=RSAEncrypt;RSAKey.prototype.encryptOAEP=RSAEncryptOAEP;RSAKey.prototype.type="RSA";
+/*! (c) Tom Wu | http://www-cs-students.stanford.edu/~tjw/jsbn/
+ */
+function pkcs1unpad2(g,j){var a=g.toByteArray();var f=0;while(f=a.length){return null}}var e="";while(++f191)&&(h<224)){e+=String.fromCharCode(((h&31)<<6)|(a[f+1]&63));++f}else{e+=String.fromCharCode(((h&15)<<12)|((a[f+1]&63)<<6)|(a[f+2]&63));f+=2}}}return e}function oaep_mgf1_str(c,a,e){var b="",d=0;while(b.length>24,(d&16711680)>>16,(d&65280)>>8,d&255]));d+=1}return b}var SHA1_SIZE=20;function oaep_unpad(l,b,e){l=l.toByteArray();var f;for(f=0;f0&&a.length>0){this.n=parseBigInt(c,16);this.e=parseInt(a,16);this.d=parseBigInt(b,16)}else{alert("Invalid RSA private key")}}}function RSASetPrivateEx(g,d,e,c,b,a,h,f){this.isPrivate=true;if(g==null){throw"RSASetPrivateEx N == null"}if(d==null){throw"RSASetPrivateEx E == null"}if(g.length==0){throw"RSASetPrivateEx N.length == 0"}if(d.length==0){throw"RSASetPrivateEx E.length == 0"}if(g!=null&&d!=null&&g.length>0&&d.length>0){this.n=parseBigInt(g,16);this.e=parseInt(d,16);this.d=parseBigInt(e,16);this.p=parseBigInt(c,16);this.q=parseBigInt(b,16);this.dmp1=parseBigInt(a,16);this.dmq1=parseBigInt(h,16);this.coeff=parseBigInt(f,16)}else{alert("Invalid RSA private key in RSASetPrivateEx")}}function RSAGenerate(b,i){var a=new SecureRandom();var f=b>>1;this.e=parseInt(i,16);var c=new BigInteger(i,16);for(;;){for(;;){this.p=new BigInteger(b-f,1,a);if(this.p.subtract(BigInteger.ONE).gcd(c).compareTo(BigInteger.ONE)==0&&this.p.isProbablePrime(10)){break}}for(;;){this.q=new BigInteger(f,1,a);if(this.q.subtract(BigInteger.ONE).gcd(c).compareTo(BigInteger.ONE)==0&&this.q.isProbablePrime(10)){break}}if(this.p.compareTo(this.q)<=0){var h=this.p;this.p=this.q;this.q=h}var g=this.p.subtract(BigInteger.ONE);var d=this.q.subtract(BigInteger.ONE);var e=g.multiply(d);if(e.gcd(c).compareTo(BigInteger.ONE)==0){this.n=this.p.multiply(this.q);this.d=c.modInverse(e);this.dmp1=this.d.mod(g);this.dmq1=this.d.mod(d);this.coeff=this.q.modInverse(this.p);break}}}function RSADoPrivate(a){if(this.p==null||this.q==null){return a.modPow(this.d,this.n)}var c=a.mod(this.p).modPow(this.dmp1,this.p);var b=a.mod(this.q).modPow(this.dmq1,this.q);while(c.compareTo(b)<0){c=c.add(this.p)}return c.subtract(b).multiply(this.coeff).mod(this.p).multiply(this.q).add(b)}function RSADecrypt(b){var d=parseBigInt(b,16);var a=this.doPrivate(d);if(a==null){return null}return pkcs1unpad2(a,(this.n.bitLength()+7)>>3)}function RSADecryptOAEP(d,b){var e=parseBigInt(d,16);var a=this.doPrivate(e);if(a==null){return null}return oaep_unpad(a,(this.n.bitLength()+7)>>3,b)}RSAKey.prototype.doPrivate=RSADoPrivate;RSAKey.prototype.setPrivate=RSASetPrivate;RSAKey.prototype.setPrivateEx=RSASetPrivateEx;RSAKey.prototype.generate=RSAGenerate;RSAKey.prototype.decrypt=RSADecrypt;RSAKey.prototype.decryptOAEP=RSADecryptOAEP;
+/*! (c) Tom Wu | http://www-cs-students.stanford.edu/~tjw/jsbn/
+ */
+function ECFieldElementFp(b,a){this.x=a;this.q=b}function feFpEquals(a){if(a==this){return true}return(this.q.equals(a.q)&&this.x.equals(a.x))}function feFpToBigInteger(){return this.x}function feFpNegate(){return new ECFieldElementFp(this.q,this.x.negate().mod(this.q))}function feFpAdd(a){return new ECFieldElementFp(this.q,this.x.add(a.toBigInteger()).mod(this.q))}function feFpSubtract(a){return new ECFieldElementFp(this.q,this.x.subtract(a.toBigInteger()).mod(this.q))}function feFpMultiply(a){return new ECFieldElementFp(this.q,this.x.multiply(a.toBigInteger()).mod(this.q))}function feFpSquare(){return new ECFieldElementFp(this.q,this.x.square().mod(this.q))}function feFpDivide(a){return new ECFieldElementFp(this.q,this.x.multiply(a.toBigInteger().modInverse(this.q)).mod(this.q))}ECFieldElementFp.prototype.equals=feFpEquals;ECFieldElementFp.prototype.toBigInteger=feFpToBigInteger;ECFieldElementFp.prototype.negate=feFpNegate;ECFieldElementFp.prototype.add=feFpAdd;ECFieldElementFp.prototype.subtract=feFpSubtract;ECFieldElementFp.prototype.multiply=feFpMultiply;ECFieldElementFp.prototype.square=feFpSquare;ECFieldElementFp.prototype.divide=feFpDivide;function ECPointFp(c,a,d,b){this.curve=c;this.x=a;this.y=d;if(b==null){this.z=BigInteger.ONE}else{this.z=b}this.zinv=null}function pointFpGetX(){if(this.zinv==null){this.zinv=this.z.modInverse(this.curve.q)}return this.curve.fromBigInteger(this.x.toBigInteger().multiply(this.zinv).mod(this.curve.q))}function pointFpGetY(){if(this.zinv==null){this.zinv=this.z.modInverse(this.curve.q)}return this.curve.fromBigInteger(this.y.toBigInteger().multiply(this.zinv).mod(this.curve.q))}function pointFpEquals(a){if(a==this){return true}if(this.isInfinity()){return a.isInfinity()}if(a.isInfinity()){return this.isInfinity()}var c,b;c=a.y.toBigInteger().multiply(this.z).subtract(this.y.toBigInteger().multiply(a.z)).mod(this.curve.q);if(!c.equals(BigInteger.ZERO)){return false}b=a.x.toBigInteger().multiply(this.z).subtract(this.x.toBigInteger().multiply(a.z)).mod(this.curve.q);return b.equals(BigInteger.ZERO)}function pointFpIsInfinity(){if((this.x==null)&&(this.y==null)){return true}return this.z.equals(BigInteger.ZERO)&&!this.y.toBigInteger().equals(BigInteger.ZERO)}function pointFpNegate(){return new ECPointFp(this.curve,this.x,this.y.negate(),this.z)}function pointFpAdd(l){if(this.isInfinity()){return l}if(l.isInfinity()){return this}var p=l.y.toBigInteger().multiply(this.z).subtract(this.y.toBigInteger().multiply(l.z)).mod(this.curve.q);var o=l.x.toBigInteger().multiply(this.z).subtract(this.x.toBigInteger().multiply(l.z)).mod(this.curve.q);if(BigInteger.ZERO.equals(o)){if(BigInteger.ZERO.equals(p)){return this.twice()}return this.curve.getInfinity()}var j=new BigInteger("3");var e=this.x.toBigInteger();var n=this.y.toBigInteger();var c=l.x.toBigInteger();var k=l.y.toBigInteger();var m=o.square();var i=m.multiply(o);var d=e.multiply(m);var g=p.square().multiply(this.z);var a=g.subtract(d.shiftLeft(1)).multiply(l.z).subtract(i).multiply(o).mod(this.curve.q);var h=d.multiply(j).multiply(p).subtract(n.multiply(i)).subtract(g.multiply(p)).multiply(l.z).add(p.multiply(i)).mod(this.curve.q);var f=i.multiply(this.z).multiply(l.z).mod(this.curve.q);return new ECPointFp(this.curve,this.curve.fromBigInteger(a),this.curve.fromBigInteger(h),f)}function pointFpTwice(){if(this.isInfinity()){return this}if(this.y.toBigInteger().signum()==0){return this.curve.getInfinity()}var g=new BigInteger("3");var c=this.x.toBigInteger();var h=this.y.toBigInteger();var e=h.multiply(this.z);var j=e.multiply(h).mod(this.curve.q);var i=this.curve.a.toBigInteger();var k=c.square().multiply(g);if(!BigInteger.ZERO.equals(i)){k=k.add(this.z.square().multiply(i))}k=k.mod(this.curve.q);var b=k.square().subtract(c.shiftLeft(3).multiply(j)).shiftLeft(1).multiply(e).mod(this.curve.q);var f=k.multiply(g).multiply(c).subtract(j.shiftLeft(1)).shiftLeft(2).multiply(j).subtract(k.square().multiply(k)).mod(this.curve.q);var d=e.square().multiply(e).shiftLeft(3).mod(this.curve.q);return new ECPointFp(this.curve,this.curve.fromBigInteger(b),this.curve.fromBigInteger(f),d)}function pointFpMultiply(b){if(this.isInfinity()){return this}if(b.signum()==0){return this.curve.getInfinity()}var g=b;var f=g.multiply(new BigInteger("3"));var l=this.negate();var d=this;var c;for(c=f.bitLength()-2;c>0;--c){d=d.twice();var a=f.testBit(c);var j=g.testBit(c);if(a!=j){d=d.add(a?this:l)}}return d}function pointFpMultiplyTwo(c,a,b){var d;if(c.bitLength()>b.bitLength()){d=c.bitLength()-1}else{d=b.bitLength()-1}var f=this.curve.getInfinity();var e=this.add(a);while(d>=0){f=f.twice();if(c.testBit(d)){if(b.testBit(d)){f=f.add(e)}else{f=f.add(this)}}else{if(b.testBit(d)){f=f.add(a)}}--d}return f}ECPointFp.prototype.getX=pointFpGetX;ECPointFp.prototype.getY=pointFpGetY;ECPointFp.prototype.equals=pointFpEquals;ECPointFp.prototype.isInfinity=pointFpIsInfinity;ECPointFp.prototype.negate=pointFpNegate;ECPointFp.prototype.add=pointFpAdd;ECPointFp.prototype.twice=pointFpTwice;ECPointFp.prototype.multiply=pointFpMultiply;ECPointFp.prototype.multiplyTwo=pointFpMultiplyTwo;function ECCurveFp(e,d,c){this.q=e;this.a=this.fromBigInteger(d);this.b=this.fromBigInteger(c);this.infinity=new ECPointFp(this,null,null)}function curveFpGetQ(){return this.q}function curveFpGetA(){return this.a}function curveFpGetB(){return this.b}function curveFpEquals(a){if(a==this){return true}return(this.q.equals(a.q)&&this.a.equals(a.a)&&this.b.equals(a.b))}function curveFpGetInfinity(){return this.infinity}function curveFpFromBigInteger(a){return new ECFieldElementFp(this.q,a)}function curveFpDecodePointHex(d){switch(parseInt(d.substr(0,2),16)){case 0:return this.infinity;case 2:case 3:return null;case 4:case 6:case 7:var a=(d.length-2)/2;var c=d.substr(2,a);var b=d.substr(a+2,a);return new ECPointFp(this,this.fromBigInteger(new BigInteger(c,16)),this.fromBigInteger(new BigInteger(b,16)));default:return null}}ECCurveFp.prototype.getQ=curveFpGetQ;ECCurveFp.prototype.getA=curveFpGetA;ECCurveFp.prototype.getB=curveFpGetB;ECCurveFp.prototype.equals=curveFpEquals;ECCurveFp.prototype.getInfinity=curveFpGetInfinity;ECCurveFp.prototype.fromBigInteger=curveFpFromBigInteger;ECCurveFp.prototype.decodePointHex=curveFpDecodePointHex;
+/*! (c) Stefan Thomas | https://github.com/bitcoinjs/bitcoinjs-lib
+ */
+ECFieldElementFp.prototype.getByteLength=function(){return Math.floor((this.toBigInteger().bitLength()+7)/8)};ECPointFp.prototype.getEncoded=function(c){var d=function(h,f){var g=h.toByteArrayUnsigned();if(fg.length){g.unshift(0)}}return g};var a=this.getX().toBigInteger();var e=this.getY().toBigInteger();var b=d(a,32);if(c){if(e.isEven()){b.unshift(2)}else{b.unshift(3)}}else{b.unshift(4);b=b.concat(d(e,32))}return b};ECPointFp.decodeFrom=function(g,c){var f=c[0];var e=c.length-1;var d=c.slice(1,1+e/2);var b=c.slice(1+e/2,1+e);d.unshift(0);b.unshift(0);var a=new BigInteger(d);var h=new BigInteger(b);return new ECPointFp(g,g.fromBigInteger(a),g.fromBigInteger(h))};ECPointFp.decodeFromHex=function(g,c){var f=c.substr(0,2);var e=c.length-2;var d=c.substr(2,e/2);var b=c.substr(2+e/2,e/2);var a=new BigInteger(d,16);var h=new BigInteger(b,16);return new ECPointFp(g,g.fromBigInteger(a),g.fromBigInteger(h))};ECPointFp.prototype.add2D=function(c){if(this.isInfinity()){return c}if(c.isInfinity()){return this}if(this.x.equals(c.x)){if(this.y.equals(c.y)){return this.twice()}return this.curve.getInfinity()}var g=c.x.subtract(this.x);var e=c.y.subtract(this.y);var a=e.divide(g);var d=a.square().subtract(this.x).subtract(c.x);var f=a.multiply(this.x.subtract(d)).subtract(this.y);return new ECPointFp(this.curve,d,f)};ECPointFp.prototype.twice2D=function(){if(this.isInfinity()){return this}if(this.y.toBigInteger().signum()==0){return this.curve.getInfinity()}var b=this.curve.fromBigInteger(BigInteger.valueOf(2));var e=this.curve.fromBigInteger(BigInteger.valueOf(3));var a=this.x.square().multiply(e).add(this.curve.a).divide(this.y.multiply(b));var c=a.square().subtract(this.x.multiply(b));var d=a.multiply(this.x.subtract(c)).subtract(this.y);return new ECPointFp(this.curve,c,d)};ECPointFp.prototype.multiply2D=function(b){if(this.isInfinity()){return this}if(b.signum()==0){return this.curve.getInfinity()}var g=b;var f=g.multiply(new BigInteger("3"));var l=this.negate();var d=this;var c;for(c=f.bitLength()-2;c>0;--c){d=d.twice();var a=f.testBit(c);var j=g.testBit(c);if(a!=j){d=d.add2D(a?this:l)}}return d};ECPointFp.prototype.isOnCurve=function(){var d=this.getX().toBigInteger();var i=this.getY().toBigInteger();var f=this.curve.getA().toBigInteger();var c=this.curve.getB().toBigInteger();var h=this.curve.getQ();var e=i.multiply(i).mod(h);var g=d.multiply(d).multiply(d).add(f.multiply(d)).add(c).mod(h);return e.equals(g)};ECPointFp.prototype.toString=function(){return"("+this.getX().toBigInteger().toString()+","+this.getY().toBigInteger().toString()+")"};ECPointFp.prototype.validate=function(){var c=this.curve.getQ();if(this.isInfinity()){throw new Error("Point is at infinity.")}var a=this.getX().toBigInteger();var b=this.getY().toBigInteger();if(a.compareTo(BigInteger.ONE)<0||a.compareTo(c.subtract(BigInteger.ONE))>0){throw new Error("x coordinate out of bounds")}if(b.compareTo(BigInteger.ONE)<0||b.compareTo(c.subtract(BigInteger.ONE))>0){throw new Error("y coordinate out of bounds")}if(!this.isOnCurve()){throw new Error("Point is not on the curve.")}if(this.multiply(c).isInfinity()){throw new Error("Point is not a scalar multiple of G.")}return true};
+/*! asn1-1.0.6.js (c) 2013 Kenji Urushima | kjur.github.com/jsrsasign/license
+ */
+if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}KJUR.asn1.ASN1Util=new function(){this.integerToByteHex=function(a){var b=a.toString(16);if((b.length%2)==1){b="0"+b}return b};this.bigIntToMinTwosComplementsHex=function(j){var f=j.toString(16);if(f.substr(0,1)!="-"){if(f.length%2==1){f="0"+f}else{if(!f.match(/^[0-7]/)){f="00"+f}}}else{var a=f.substr(1);var e=a.length;if(e%2==1){e+=1}else{if(!f.match(/^[0-7]/)){e+=2}}var g="";for(var d=0;d15){throw"ASN.1 length too long to represent by 8x: n = "+i.toString(16)}var f=128+g;return f.toString(16)+h}};this.getEncodedHex=function(){if(this.hTLV==null||this.isModified){this.hV=this.getFreshValueHex();this.hL=this.getLengthHexFromValue();this.hTLV=this.hT+this.hL+this.hV;this.isModified=false}return this.hTLV};this.getValueHex=function(){this.getEncodedHex();return this.hV};this.getFreshValueHex=function(){return""}};KJUR.asn1.DERAbstractString=function(c){KJUR.asn1.DERAbstractString.superclass.constructor.call(this);var b=null;var a=null;this.getString=function(){return this.s};this.setString=function(d){this.hTLV=null;this.isModified=true;this.s=d;this.hV=stohex(this.s)};this.setStringHex=function(d){this.hTLV=null;this.isModified=true;this.s=null;this.hV=d};this.getFreshValueHex=function(){return this.hV};if(typeof c!="undefined"){if(typeof c=="string"){this.setString(c)}else{if(typeof c.str!="undefined"){this.setString(c.str)}else{if(typeof c.hex!="undefined"){this.setStringHex(c.hex)}}}}};YAHOO.lang.extend(KJUR.asn1.DERAbstractString,KJUR.asn1.ASN1Object);KJUR.asn1.DERAbstractTime=function(c){KJUR.asn1.DERAbstractTime.superclass.constructor.call(this);var b=null;var a=null;this.localDateToUTC=function(f){utc=f.getTime()+(f.getTimezoneOffset()*60000);var e=new Date(utc);return e};this.formatDate=function(m,o,e){var g=this.zeroPadding;var n=this.localDateToUTC(m);var p=String(n.getFullYear());if(o=="utc"){p=p.substr(2,2)}var l=g(String(n.getMonth()+1),2);var q=g(String(n.getDate()),2);var h=g(String(n.getHours()),2);var i=g(String(n.getMinutes()),2);var j=g(String(n.getSeconds()),2);var r=p+l+q+h+i+j;if(e===true){var f=n.getMilliseconds();if(f!=0){var k=g(String(f),3);k=k.replace(/[0]+$/,"");r=r+"."+k}}return r+"Z"};this.zeroPadding=function(e,d){if(e.length>=d){return e}return new Array(d-e.length+1).join("0")+e};this.getString=function(){return this.s};this.setString=function(d){this.hTLV=null;this.isModified=true;this.s=d;this.hV=stohex(d)};this.setByDateValue=function(h,j,e,d,f,g){var i=new Date(Date.UTC(h,j-1,e,d,f,g,0));this.setByDate(i)};this.getFreshValueHex=function(){return this.hV}};YAHOO.lang.extend(KJUR.asn1.DERAbstractTime,KJUR.asn1.ASN1Object);KJUR.asn1.DERAbstractStructured=function(b){KJUR.asn1.DERAbstractString.superclass.constructor.call(this);var a=null;this.setByASN1ObjectArray=function(c){this.hTLV=null;this.isModified=true;this.asn1Array=c};this.appendASN1Object=function(c){this.hTLV=null;this.isModified=true;this.asn1Array.push(c)};this.asn1Array=new Array();if(typeof b!="undefined"){if(typeof b.array!="undefined"){this.asn1Array=b.array}}};YAHOO.lang.extend(KJUR.asn1.DERAbstractStructured,KJUR.asn1.ASN1Object);KJUR.asn1.DERBoolean=function(){KJUR.asn1.DERBoolean.superclass.constructor.call(this);this.hT="01";this.hTLV="0101ff"};YAHOO.lang.extend(KJUR.asn1.DERBoolean,KJUR.asn1.ASN1Object);KJUR.asn1.DERInteger=function(a){KJUR.asn1.DERInteger.superclass.constructor.call(this);this.hT="02";this.setByBigInteger=function(b){this.hTLV=null;this.isModified=true;this.hV=KJUR.asn1.ASN1Util.bigIntToMinTwosComplementsHex(b)};this.setByInteger=function(c){var b=new BigInteger(String(c),10);this.setByBigInteger(b)};this.setValueHex=function(b){this.hV=b};this.getFreshValueHex=function(){return this.hV};if(typeof a!="undefined"){if(typeof a.bigint!="undefined"){this.setByBigInteger(a.bigint)}else{if(typeof a["int"]!="undefined"){this.setByInteger(a["int"])}else{if(typeof a=="number"){this.setByInteger(a)}else{if(typeof a.hex!="undefined"){this.setValueHex(a.hex)}}}}}};YAHOO.lang.extend(KJUR.asn1.DERInteger,KJUR.asn1.ASN1Object);KJUR.asn1.DERBitString=function(a){KJUR.asn1.DERBitString.superclass.constructor.call(this);this.hT="03";this.setHexValueIncludingUnusedBits=function(b){this.hTLV=null;this.isModified=true;this.hV=b};this.setUnusedBitsAndHexValue=function(b,d){if(b<0||7=(b*2))){break}if(d>=200){break}c.push(e);g=e;d++}return c};this.getNthChildIndex_AtObj=function(d,b,e){var c=this.getPosArrayOfChildren_AtObj(d,b);return c[e]};this.getDecendantIndexByNthList=function(e,d,c){if(c.length==0){return d}var f=c.shift();var b=this.getPosArrayOfChildren_AtObj(e,d);return this.getDecendantIndexByNthList(e,b[f],c)};this.getDecendantHexTLVByNthList=function(d,c,b){var a=this.getDecendantIndexByNthList(d,c,b);return this.getHexOfTLV_AtObj(d,a)};this.getDecendantHexVByNthList=function(d,c,b){var a=this.getDecendantIndexByNthList(d,c,b);return this.getHexOfV_AtObj(d,a)}};ASN1HEX.getVbyList=function(d,c,b,e){var a=this.getDecendantIndexByNthList(d,c,b);if(a===undefined){throw"can't find nthList object"}if(e!==undefined){if(d.substr(a,2)!=e){throw"checking tag doesn't match: "+d.substr(a,2)+"!="+e}}return this.getHexOfV_AtObj(d,a)};ASN1HEX.hextooidstr=function(e){var h=function(b,a){if(b.length>=a){return b}return new Array(a-b.length+1).join("0")+b};var l=[];var o=e.substr(0,2);var f=parseInt(o,16);l[0]=new String(Math.floor(f/40));l[1]=new String(f%40);var m=e.substr(2);var k=[];for(var g=0;g0){n=n+"."+j.join(".")}return n};
+/*! asn1x509-1.0.12.js (c) 2013-2015 Kenji Urushima | kjur.github.com/jsrsasign/license
+ */
+if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}if(typeof KJUR.asn1.x509=="undefined"||!KJUR.asn1.x509){KJUR.asn1.x509={}}KJUR.asn1.x509.Certificate=function(g){KJUR.asn1.x509.Certificate.superclass.constructor.call(this);var b=null;var d=null;var f=null;var c=null;var a=null;var e=null;this.setRsaPrvKeyByPEMandPass=function(i,k){var h=PKCS5PKEY.getDecryptedKeyHex(i,k);var j=new RSAKey();j.readPrivateKeyFromASN1HexString(h);this.prvKey=j};this.sign=function(){this.asn1SignatureAlg=this.asn1TBSCert.asn1SignatureAlg;sig=new KJUR.crypto.Signature({alg:"SHA1withRSA"});sig.init(this.prvKey);sig.updateHex(this.asn1TBSCert.getEncodedHex());this.hexSig=sig.sign();this.asn1Sig=new KJUR.asn1.DERBitString({hex:"00"+this.hexSig});var h=new KJUR.asn1.DERSequence({array:[this.asn1TBSCert,this.asn1SignatureAlg,this.asn1Sig]});this.hTLV=h.getEncodedHex();this.isModified=false};this.setSignatureHex=function(h){this.asn1SignatureAlg=this.asn1TBSCert.asn1SignatureAlg;this.hexSig=h;this.asn1Sig=new KJUR.asn1.DERBitString({hex:"00"+this.hexSig});var i=new KJUR.asn1.DERSequence({array:[this.asn1TBSCert,this.asn1SignatureAlg,this.asn1Sig]});this.hTLV=i.getEncodedHex();this.isModified=false};this.getEncodedHex=function(){if(this.isModified==false&&this.hTLV!=null){return this.hTLV}throw"not signed yet"};this.getPEMString=function(){var j=this.getEncodedHex();var h=CryptoJS.enc.Hex.parse(j);var i=CryptoJS.enc.Base64.stringify(h);var k=i.replace(/(.{64})/g,"$1\r\n");return"-----BEGIN CERTIFICATE-----\r\n"+k+"\r\n-----END CERTIFICATE-----\r\n"};if(typeof g!="undefined"){if(typeof g.tbscertobj!="undefined"){this.asn1TBSCert=g.tbscertobj}if(typeof g.prvkeyobj!="undefined"){this.prvKey=g.prvkeyobj}else{if(typeof g.rsaprvkey!="undefined"){this.prvKey=g.rsaprvkey}else{if((typeof g.rsaprvpem!="undefined")&&(typeof g.rsaprvpas!="undefined")){this.setRsaPrvKeyByPEMandPass(g.rsaprvpem,g.rsaprvpas)}}}}};YAHOO.lang.extend(KJUR.asn1.x509.Certificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.TBSCertificate=function(a){KJUR.asn1.x509.TBSCertificate.superclass.constructor.call(this);this._initialize=function(){this.asn1Array=new Array();this.asn1Version=new KJUR.asn1.DERTaggedObject({obj:new KJUR.asn1.DERInteger({"int":2})});this.asn1SerialNumber=null;this.asn1SignatureAlg=null;this.asn1Issuer=null;this.asn1NotBefore=null;this.asn1NotAfter=null;this.asn1Subject=null;this.asn1SubjPKey=null;this.extensionsArray=new Array()};this.setSerialNumberByParam=function(b){this.asn1SerialNumber=new KJUR.asn1.DERInteger(b)};this.setSignatureAlgByParam=function(b){this.asn1SignatureAlg=new KJUR.asn1.x509.AlgorithmIdentifier(b)};this.setIssuerByParam=function(b){this.asn1Issuer=new KJUR.asn1.x509.X500Name(b)};this.setNotBeforeByParam=function(b){this.asn1NotBefore=new KJUR.asn1.x509.Time(b)};this.setNotAfterByParam=function(b){this.asn1NotAfter=new KJUR.asn1.x509.Time(b)};this.setSubjectByParam=function(b){this.asn1Subject=new KJUR.asn1.x509.X500Name(b)};this.setSubjectPublicKeyByParam=function(b){this.asn1SubjPKey=new KJUR.asn1.x509.SubjectPublicKeyInfo(b)};this.setSubjectPublicKeyByGetKey=function(c){var b=KEYUTIL.getKey(c);this.asn1SubjPKey=new KJUR.asn1.x509.SubjectPublicKeyInfo(b)};this.appendExtension=function(b){this.extensionsArray.push(b)};this.appendExtensionByName=function(d,b){if(d.toLowerCase()=="basicconstraints"){var c=new KJUR.asn1.x509.BasicConstraints(b);this.appendExtension(c)}else{if(d.toLowerCase()=="keyusage"){var c=new KJUR.asn1.x509.KeyUsage(b);this.appendExtension(c)}else{if(d.toLowerCase()=="crldistributionpoints"){var c=new KJUR.asn1.x509.CRLDistributionPoints(b);this.appendExtension(c)}else{if(d.toLowerCase()=="extkeyusage"){var c=new KJUR.asn1.x509.ExtKeyUsage(b);this.appendExtension(c)}else{if(d.toLowerCase()=="authoritykeyidentifier"){var c=new KJUR.asn1.x509.AuthorityKeyIdentifier(b);this.appendExtension(c)}else{throw"unsupported extension name: "+d}}}}}};this.getEncodedHex=function(){if(this.asn1NotBefore==null||this.asn1NotAfter==null){throw"notBefore and/or notAfter not set"}var c=new KJUR.asn1.DERSequence({array:[this.asn1NotBefore,this.asn1NotAfter]});this.asn1Array=new Array();this.asn1Array.push(this.asn1Version);this.asn1Array.push(this.asn1SerialNumber);this.asn1Array.push(this.asn1SignatureAlg);this.asn1Array.push(this.asn1Issuer);this.asn1Array.push(c);this.asn1Array.push(this.asn1Subject);this.asn1Array.push(this.asn1SubjPKey);if(this.extensionsArray.length>0){var d=new KJUR.asn1.DERSequence({array:this.extensionsArray});var b=new KJUR.asn1.DERTaggedObject({explicit:true,tag:"a3",obj:d});this.asn1Array.push(b)}var e=new KJUR.asn1.DERSequence({array:this.asn1Array});this.hTLV=e.getEncodedHex();this.isModified=false;return this.hTLV};this._initialize()};YAHOO.lang.extend(KJUR.asn1.x509.TBSCertificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Extension=function(b){KJUR.asn1.x509.Extension.superclass.constructor.call(this);var a=null;this.getEncodedHex=function(){var f=new KJUR.asn1.DERObjectIdentifier({oid:this.oid});var e=new KJUR.asn1.DEROctetString({hex:this.getExtnValueHex()});var d=new Array();d.push(f);if(this.critical){d.push(new KJUR.asn1.DERBoolean())}d.push(e);var c=new KJUR.asn1.DERSequence({array:d});return c.getEncodedHex()};this.critical=false;if(typeof b!="undefined"){if(typeof b.critical!="undefined"){this.critical=b.critical}}};YAHOO.lang.extend(KJUR.asn1.x509.Extension,KJUR.asn1.ASN1Object);KJUR.asn1.x509.KeyUsage=function(a){KJUR.asn1.x509.KeyUsage.superclass.constructor.call(this,a);this.getExtnValueHex=function(){return this.asn1ExtnValue.getEncodedHex()};this.oid="2.5.29.15";if(typeof a!="undefined"){if(typeof a.bin!="undefined"){this.asn1ExtnValue=new KJUR.asn1.DERBitString(a)}}};YAHOO.lang.extend(KJUR.asn1.x509.KeyUsage,KJUR.asn1.x509.Extension);KJUR.asn1.x509.BasicConstraints=function(c){KJUR.asn1.x509.BasicConstraints.superclass.constructor.call(this,c);var a=false;var b=-1;this.getExtnValueHex=function(){var e=new Array();if(this.cA){e.push(new KJUR.asn1.DERBoolean())}if(this.pathLen>-1){e.push(new KJUR.asn1.DERInteger({"int":this.pathLen}))}var d=new KJUR.asn1.DERSequence({array:e});this.asn1ExtnValue=d;return this.asn1ExtnValue.getEncodedHex()};this.oid="2.5.29.19";this.cA=false;this.pathLen=-1;if(typeof c!="undefined"){if(typeof c.cA!="undefined"){this.cA=c.cA}if(typeof c.pathLen!="undefined"){this.pathLen=c.pathLen}}};YAHOO.lang.extend(KJUR.asn1.x509.BasicConstraints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRLDistributionPoints=function(a){KJUR.asn1.x509.CRLDistributionPoints.superclass.constructor.call(this,a);this.getExtnValueHex=function(){return this.asn1ExtnValue.getEncodedHex()};this.setByDPArray=function(b){this.asn1ExtnValue=new KJUR.asn1.DERSequence({array:b})};this.setByOneURI=function(e){var b=new KJUR.asn1.x509.GeneralNames([{uri:e}]);var d=new KJUR.asn1.x509.DistributionPointName(b);var c=new KJUR.asn1.x509.DistributionPoint({dpobj:d});this.setByDPArray([c])};this.oid="2.5.29.31";if(typeof a!="undefined"){if(typeof a.array!="undefined"){this.setByDPArray(a.array)}else{if(typeof a.uri!="undefined"){this.setByOneURI(a.uri)}}}};YAHOO.lang.extend(KJUR.asn1.x509.CRLDistributionPoints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.ExtKeyUsage=function(a){KJUR.asn1.x509.ExtKeyUsage.superclass.constructor.call(this,a);this.setPurposeArray=function(b){this.asn1ExtnValue=new KJUR.asn1.DERSequence();for(var c=0;c0){var c=new KJUR.asn1.DERSequence({array:this.aRevokedCert});this.asn1Array.push(c)}var d=new KJUR.asn1.DERSequence({array:this.asn1Array});this.hTLV=d.getEncodedHex();this.isModified=false;return this.hTLV};this._initialize=function(){this.asn1Version=null;this.asn1SignatureAlg=null;this.asn1Issuer=null;this.asn1ThisUpdate=null;this.asn1NextUpdate=null;this.aRevokedCert=new Array()};this._initialize()};YAHOO.lang.extend(KJUR.asn1.x509.TBSCertList,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CRLEntry=function(c){KJUR.asn1.x509.CRLEntry.superclass.constructor.call(this);var b=null;var a=null;this.setCertSerial=function(d){this.sn=new KJUR.asn1.DERInteger(d)};this.setRevocationDate=function(d){this.time=new KJUR.asn1.x509.Time(d)};this.getEncodedHex=function(){var d=new KJUR.asn1.DERSequence({array:[this.sn,this.time]});this.TLV=d.getEncodedHex();return this.TLV};if(typeof c!="undefined"){if(typeof c.time!="undefined"){this.setRevocationDate(c.time)}if(typeof c.sn!="undefined"){this.setCertSerial(c.sn)}}};YAHOO.lang.extend(KJUR.asn1.x509.CRLEntry,KJUR.asn1.ASN1Object);KJUR.asn1.x509.X500Name=function(b){KJUR.asn1.x509.X500Name.superclass.constructor.call(this);this.asn1Array=new Array();this.setByString=function(c){var d=c.split("/");d.shift();for(var e=0;e0){h=new a.DERTaggedObject({obj:this.dUnsignedAttrs,tag:"a1",explicit:false})}var g=[this.dCMSVersion,this.dSignerIdentifier,this.dDigestAlgorithm,e,this.dSigAlg,this.dSig,];if(h!=null){g.push(h)}var f=new a.DERSequence({array:g});this.hTLV=f.getEncodedHex();return this.hTLV}};YAHOO.lang.extend(KJUR.asn1.cms.SignerInfo,KJUR.asn1.ASN1Object);KJUR.asn1.cms.EncapsulatedContentInfo=function(c){KJUR.asn1.cms.EncapsulatedContentInfo.superclass.constructor.call(this);var a=KJUR.asn1;var b=KJUR.asn1.cms;var d=KJUR.asn1.x509;this.dEContentType=new a.DERObjectIdentifier({name:"data"});this.dEContent=null;this.isDetached=false;this.eContentValueHex=null;this.setContentType=function(e){if(e.match(/^[0-2][.][0-9.]+$/)){this.dEContentType=new a.DERObjectIdentifier({oid:e})}else{this.dEContentType=new a.DERObjectIdentifier({name:e})}};this.setContentValue=function(e){if(typeof e!="undefined"){if(typeof e.hex=="string"){this.eContentValueHex=e.hex}else{if(typeof e.str=="string"){this.eContentValueHex=utf8tohex(e.str)}}}};this.setContentValueHex=function(e){this.eContentValueHex=e};this.setContentValueStr=function(e){this.eContentValueHex=utf8tohex(e)};this.getEncodedHex=function(){if(typeof this.eContentValueHex!="string"){throw"eContentValue not yet set"}var g=new a.DEROctetString({hex:this.eContentValueHex});this.dEContent=new a.DERTaggedObject({obj:g,tag:"a0",explicit:true});var e=[this.dEContentType];if(!this.isDetached){e.push(this.dEContent)}var f=new a.DERSequence({array:e});this.hTLV=f.getEncodedHex();return this.hTLV}};YAHOO.lang.extend(KJUR.asn1.cms.EncapsulatedContentInfo,KJUR.asn1.ASN1Object);KJUR.asn1.cms.ContentInfo=function(c){KJUR.asn1.cms.ContentInfo.superclass.constructor.call(this);var a=KJUR.asn1;var b=KJUR.asn1.cms;var d=KJUR.asn1.x509;this.dContentType=null;this.dContent=null;this.setContentType=function(e){if(typeof e=="string"){this.dContentType=d.OID.name2obj(e)}};this.getEncodedHex=function(){var f=new a.DERTaggedObject({obj:this.dContent,tag:"a0",explicit:true});var e=new a.DERSequence({array:[this.dContentType,f]});this.hTLV=e.getEncodedHex();return this.hTLV};if(typeof c!="undefined"){if(c.type){this.setContentType(c.type)}if(c.obj&&c.obj instanceof a.ASN1Object){this.dContent=c.obj}}};YAHOO.lang.extend(KJUR.asn1.cms.ContentInfo,KJUR.asn1.ASN1Object);KJUR.asn1.cms.SignedData=function(c){KJUR.asn1.cms.SignedData.superclass.constructor.call(this);var a=KJUR.asn1;var b=KJUR.asn1.cms;var d=KJUR.asn1.x509;this.dCMSVersion=new a.DERInteger({"int":1});this.dDigestAlgs=null;this.digestAlgNameList=[];this.dEncapContentInfo=new b.EncapsulatedContentInfo();this.dCerts=null;this.certificateList=[];this.crlList=[];this.signerInfoList=[new b.SignerInfo()];this.addCertificatesByPEM=function(e){var f=KEYUTIL.getHexFromPEM(e);var g=new a.ASN1Object();g.hTLV=f;this.certificateList.push(g)};this.getEncodedHex=function(){if(typeof this.hTLV=="string"){return this.hTLV}if(this.dDigestAlgs==null){var k=[];for(var j=0;j0){var l=new a.DERSet({array:this.certificateList});this.dCerts=new a.DERTaggedObject({obj:l,tag:"a0",explicit:false})}}if(this.dCerts!=null){e.push(this.dCerts)}var g=new a.DERSet({array:this.signerInfoList});e.push(g);var f=new a.DERSequence({array:e});this.hTLV=f.getEncodedHex();return this.hTLV};this.getContentInfo=function(){this.getEncodedHex();var e=new b.ContentInfo({type:"signed-data",obj:this});return e};this.getContentInfoEncodedHex=function(){var e=this.getContentInfo();var f=e.getEncodedHex();return f};this.getPEM=function(){var e=this.getContentInfoEncodedHex();var f=a.ASN1Util.getPEMStringFromHex(e,"CMS");return f}};YAHOO.lang.extend(KJUR.asn1.cms.SignedData,KJUR.asn1.ASN1Object);KJUR.asn1.cms.CMSUtil=new function(){};KJUR.asn1.cms.CMSUtil.newSignedData=function(a){var h=KJUR.asn1.cms;var g=KJUR.asn1.cades;var f=new h.SignedData();f.dEncapContentInfo.setContentValue(a.content);if(typeof a.certs=="object"){for(var b=0;bd){throw"key is too short for SigAlg: keylen="+j+","+a}var b="0001";var k="00"+c;var g="";var l=d-b.length-k.length;for(var f=0;f=0;--p){q=q.twice2D();q.z=BigInteger.ONE;if(o.testBit(p)){if(n.testBit(p)){q=q.add2D(t)}else{q=q.add2D(s)}}else{if(n.testBit(p)){q=q.add2D(r)}}}return q}this.getBigRandom=function(i){return new BigInteger(i.bitLength(),a).mod(i.subtract(BigInteger.ONE)).add(BigInteger.ONE)};this.setNamedCurve=function(i){this.ecparams=KJUR.crypto.ECParameterDB.getByName(i);this.prvKeyHex=null;this.pubKeyHex=null;this.curveName=i};this.setPrivateKeyHex=function(i){this.isPrivate=true;this.prvKeyHex=i};this.setPublicKeyHex=function(i){this.isPublic=true;this.pubKeyHex=i};this.generateKeyPairHex=function(){var k=this.ecparams.n;var n=this.getBigRandom(k);var l=this.ecparams.G.multiply(n);var q=l.getX().toBigInteger();var o=l.getY().toBigInteger();var i=this.ecparams.keylen/4;var m=("0000000000"+n.toString(16)).slice(-i);var r=("0000000000"+q.toString(16)).slice(-i);var p=("0000000000"+o.toString(16)).slice(-i);var j="04"+r+p;this.setPrivateKeyHex(m);this.setPublicKeyHex(j);return{ecprvhex:m,ecpubhex:j}};this.signWithMessageHash=function(i){return this.signHex(i,this.prvKeyHex)};this.signHex=function(o,j){var t=new BigInteger(j,16);var l=this.ecparams.n;var q=new BigInteger(o,16);do{var m=this.getBigRandom(l);var u=this.ecparams.G;var p=u.multiply(m);var i=p.getX().toBigInteger().mod(l)}while(i.compareTo(BigInteger.ZERO)<=0);var v=m.modInverse(l).multiply(q.add(t.multiply(i))).mod(l);return KJUR.crypto.ECDSA.biRSSigToASN1Sig(i,v)};this.sign=function(m,u){var q=u;var j=this.ecparams.n;var p=BigInteger.fromByteArrayUnsigned(m);do{var l=this.getBigRandom(j);var t=this.ecparams.G;var o=t.multiply(l);var i=o.getX().toBigInteger().mod(j)}while(i.compareTo(BigInteger.ZERO)<=0);var v=l.modInverse(j).multiply(p.add(q.multiply(i))).mod(j);return this.serializeSig(i,v)};this.verifyWithMessageHash=function(j,i){return this.verifyHex(j,i,this.pubKeyHex)};this.verifyHex=function(m,i,p){var l,j;var o=KJUR.crypto.ECDSA.parseSigHex(i);l=o.r;j=o.s;var k;k=ECPointFp.decodeFromHex(this.ecparams.curve,p);var n=new BigInteger(m,16);return this.verifyRaw(n,l,j,k)};this.verify=function(o,p,j){var l,i;if(Bitcoin.Util.isArray(p)){var n=this.parseSig(p);l=n.r;i=n.s}else{if("object"===typeof p&&p.r&&p.s){l=p.r;i=p.s}else{throw"Invalid value for signature"}}var k;if(j instanceof ECPointFp){k=j}else{if(Bitcoin.Util.isArray(j)){k=ECPointFp.decodeFrom(this.ecparams.curve,j)}else{throw"Invalid format for pubkey value, must be byte array or ECPointFp"}}var m=BigInteger.fromByteArrayUnsigned(o);return this.verifyRaw(m,l,i,k)};this.verifyRaw=function(o,i,w,m){var l=this.ecparams.n;var u=this.ecparams.G;if(i.compareTo(BigInteger.ONE)<0||i.compareTo(l)>=0){return false}if(w.compareTo(BigInteger.ONE)<0||w.compareTo(l)>=0){return false}var p=w.modInverse(l);var k=o.multiply(p).mod(l);var j=i.multiply(p).mod(l);var q=u.multiply(k).add(m.multiply(j));var t=q.getX().toBigInteger().mod(l);return t.equals(i)};this.serializeSig=function(k,j){var l=k.toByteArraySigned();var i=j.toByteArraySigned();var m=[];m.push(2);m.push(l.length);m=m.concat(l);m.push(2);m.push(i.length);m=m.concat(i);m.unshift(m.length);m.unshift(48);return m};this.parseSig=function(n){var m;if(n[0]!=48){throw new Error("Signature not a valid DERSequence")}m=2;if(n[m]!=2){throw new Error("First element in signature must be a DERInteger")}var l=n.slice(m+2,m+2+n[m+1]);m+=2+n[m+1];if(n[m]!=2){throw new Error("Second element in signature must be a DERInteger")}var i=n.slice(m+2,m+2+n[m+1]);m+=2+n[m+1];var k=BigInteger.fromByteArrayUnsigned(l);var j=BigInteger.fromByteArrayUnsigned(i);return{r:k,s:j}};this.parseSigCompact=function(m){if(m.length!==65){throw"Signature has the wrong length"}var j=m[0]-27;if(j<0||j>7){throw"Invalid signature type"}var o=this.ecparams.n;var l=BigInteger.fromByteArrayUnsigned(m.slice(1,33)).mod(o);var k=BigInteger.fromByteArrayUnsigned(m.slice(33,65)).mod(o);return{r:l,s:k,i:j}};if(h!==undefined){if(h.curve!==undefined){this.curveName=h.curve}}if(this.curveName===undefined){this.curveName=e}this.setNamedCurve(this.curveName);if(h!==undefined){if(h.prv!==undefined){this.setPrivateKeyHex(h.prv)}if(h.pub!==undefined){this.setPublicKeyHex(h.pub)}}};KJUR.crypto.ECDSA.parseSigHex=function(a){var b=KJUR.crypto.ECDSA.parseSigHexInHexRS(a);var d=new BigInteger(b.r,16);var c=new BigInteger(b.s,16);return{r:d,s:c}};KJUR.crypto.ECDSA.parseSigHexInHexRS=function(c){if(c.substr(0,2)!="30"){throw"signature is not a ASN.1 sequence"}var b=ASN1HEX.getPosArrayOfChildren_AtObj(c,0);if(b.length!=2){throw"number of signature ASN.1 sequence elements seem wrong"}var g=b[0];var f=b[1];if(c.substr(g,2)!="02"){throw"1st item of sequene of signature is not ASN.1 integer"}if(c.substr(f,2)!="02"){throw"2nd item of sequene of signature is not ASN.1 integer"}var e=ASN1HEX.getHexOfV_AtObj(c,g);var d=ASN1HEX.getHexOfV_AtObj(c,f);return{r:e,s:d}};KJUR.crypto.ECDSA.asn1SigToConcatSig=function(c){var d=KJUR.crypto.ECDSA.parseSigHexInHexRS(c);var b=d.r;var a=d.s;if(b.substr(0,2)=="00"&&(((b.length/2)*8)%(16*8))==8){b=b.substr(2)}if(a.substr(0,2)=="00"&&(((a.length/2)*8)%(16*8))==8){a=a.substr(2)}if((((b.length/2)*8)%(16*8))!=0){throw"unknown ECDSA sig r length error"}if((((a.length/2)*8)%(16*8))!=0){throw"unknown ECDSA sig s length error"}return b+a};KJUR.crypto.ECDSA.concatSigToASN1Sig=function(a){if((((a.length/2)*8)%(16*8))!=0){throw"unknown ECDSA concatinated r-s sig  length error"}var c=a.substr(0,a.length/2);var b=a.substr(a.length/2);return KJUR.crypto.ECDSA.hexRSSigToASN1Sig(c,b)};KJUR.crypto.ECDSA.hexRSSigToASN1Sig=function(b,a){var d=new BigInteger(b,16);var c=new BigInteger(a,16);return KJUR.crypto.ECDSA.biRSSigToASN1Sig(d,c)};KJUR.crypto.ECDSA.biRSSigToASN1Sig=function(e,c){var b=new KJUR.asn1.DERInteger({bigint:e});var a=new KJUR.asn1.DERInteger({bigint:c});var d=new KJUR.asn1.DERSequence({array:[b,a]});return d.getEncodedHex()};
+/*! ecparam-1.0.0.js (c) 2013 Kenji Urushima | kjur.github.com/jsrsasign/license
+ */
+if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.crypto=="undefined"||!KJUR.crypto){KJUR.crypto={}}KJUR.crypto.ECParameterDB=new function(){var b={};var c={};function a(d){return new BigInteger(d,16)}this.getByName=function(e){var d=e;if(typeof c[d]!="undefined"){d=c[e]}if(typeof b[d]!="undefined"){return b[d]}throw"unregistered EC curve name: "+d};this.regist=function(A,l,o,g,m,e,j,f,k,u,d,x){b[A]={};var s=a(o);var z=a(g);var y=a(m);var t=a(e);var w=a(j);var r=new ECCurveFp(s,z,y);var q=r.decodePointHex("04"+f+k);b[A]["name"]=A;b[A]["keylen"]=l;b[A]["curve"]=r;b[A]["G"]=q;b[A]["n"]=t;b[A]["h"]=w;b[A]["oid"]=d;b[A]["info"]=x;for(var v=0;v0||K.compareTo(u)>0||BigInteger.ZERO.compareTo(J)>0||J.compareTo(u)>0){throw"invalid DSA signature"}var I=J.modInverse(u);var A=D.multiply(I).mod(u);var v=K.multiply(I).mod(u);var F=G.modPow(A,z).multiply(H.modPow(v,z)).mod(z).mod(u);return F.compareTo(K)==0};this.parseASN1Signature=function(u){try{var y=new BigInteger(ASN1HEX.getVbyList(u,0,[0],"02"),16);var v=new BigInteger(ASN1HEX.getVbyList(u,0,[1],"02"),16);return[y,v]}catch(w){throw"malformed DSA signature"}};function d(E,w,B,v,u,C){var z=KJUR.crypto.Util.hashString(w,E.toLowerCase());var z=z.substr(0,u.bitLength()/4);var A=new BigInteger(z,16);var y=n(BigInteger.ONE.add(BigInteger.ONE),u.subtract(BigInteger.ONE));var F=(B.modPow(y,v)).mod(u);var D=(y.modInverse(u).multiply(A.add(C.multiply(F)))).mod(u);var G=new Array();G[0]=F;G[1]=D;return G}function r(v){var u=openpgp.config.config.prefer_hash_algorithm;switch(Math.round(v.bitLength()/8)){case 20:if(u!=2&&u>11&&u!=10&&u<8){return 2}return u;case 28:if(u>11&&u<8){return 11}return u;case 32:if(u>10&&u<8){return 8}return u;default:util.print_debug("DSA select hash algorithm: returning null for an unknown length of q");return null}}this.select_hash_algorithm=r;function m(I,K,J,B,z,u,F,G){var C=KJUR.crypto.Util.hashString(B,I.toLowerCase());var C=C.substr(0,u.bitLength()/4);var D=new BigInteger(C,16);if(BigInteger.ZERO.compareTo(K)>0||K.compareTo(u)>0||BigInteger.ZERO.compareTo(J)>0||J.compareTo(u)>0){util.print_error("invalid DSA Signature");return null}var H=J.modInverse(u);var A=D.multiply(H).mod(u);var v=K.multiply(H).mod(u);var E=F.modPow(A,z).multiply(G.modPow(v,z)).mod(z).mod(u);return E.compareTo(K)==0}function a(z){var A=new BigInteger(z,primeCenterie);var y=j(q,512);var u=t(p,q,z);var v;do{v=new BigInteger(q.bitCount(),rand)}while(x.compareTo(BigInteger.ZERO)!=1&&x.compareTo(q)!=-1);var w=g.modPow(x,p);return{x:v,q:A,p:y,g:u,y:w}}function j(y,z,w){if(z%64!=0){return false}var u;var v;do{u=w(bitcount,true);v=u.subtract(BigInteger.ONE);u=u.subtract(v.remainder(y))}while(!u.isProbablePrime(primeCenterie)||u.bitLength()!=l);return u}function t(B,z,A,w){var u=B.subtract(BigInteger.ONE);var y=u.divide(z);var v;do{v=w(A)}while(v.compareTo(u)!=-1&&v.compareTo(BigInteger.ONE)!=1);return v.modPow(y,B)}function o(w,y,u){var v;do{v=u(y,false)}while(v.compareTo(w)!=-1&&v.compareTo(BigInteger.ZERO)!=1);return v}function i(v,w){k=o(v);var u=g.modPow(k,w).mod(v);return u}function h(B,w,y,v,z,u){var A=B(v);s=(w.modInverse(z).multiply(A.add(u.multiply(y)))).mod(z);return s}this.sign=d;this.verify=m;function n(w,u){if(u.compareTo(w)<=0){return}var v=u.subtract(w);var y=e(v.bitLength());while(y>v){y=e(v.bitLength())}return w.add(y)}function e(w){if(w<0){return null}var u=Math.floor((w+7)/8);var v=c(u);if(w%8>0){v=String.fromCharCode((Math.pow(2,w%8)-1)&v.charCodeAt(0))+v.substring(1)}return new BigInteger(f(v),16)}function c(w){var u="";for(var v=0;v=s*2){break}}var x={};x.keyhex=v.substr(0,g[o]["keylen"]*2);x.ivhex=v.substr(g[o]["keylen"]*2,g[o]["ivlen"]*2);return x};var a=function(n,t,p,u){var q=CryptoJS.enc.Base64.parse(n);var o=CryptoJS.enc.Hex.stringify(q);var s=g[t]["proc"];var r=s(o,p,u);return r};var f=function(n,q,o,s){var p=g[q]["eproc"];var r=p(n,o,s);return r};return{version:"1.0.5",getHexFromPEM:function(o,r){var p=o;if(p.indexOf("BEGIN "+r)==-1){throw"can't find PEM header: "+r}p=p.replace("-----BEGIN "+r+"-----","");p=p.replace("-----END "+r+"-----","");var q=p.replace(/\s+/g,"");var n=b64tohex(q);return n},getDecryptedKeyHexByKeyIV:function(o,r,q,p){var n=b(r);return n(o,q,p)},parsePKCS5PEM:function(n){return l(n)},getKeyAndUnusedIvByPasscodeAndIvsalt:function(o,n,p){return h(o,n,p)},decryptKeyB64:function(n,p,o,q){return a(n,p,o,q)},getDecryptedKeyHex:function(w,v){var o=l(w);var r=o.type;var p=o.cipher;var n=o.ivsalt;var q=o.data;var u=h(p,v,n);var t=u.keyhex;var s=a(q,p,t,n);return s},getRSAKeyFromEncryptedPKCS5PEM:function(p,o){var q=this.getDecryptedKeyHex(p,o);var n=new RSAKey();n.readPrivateKeyFromASN1HexString(q);return n},getEryptedPKCS5PEMFromPrvKeyHex:function(q,x,r,p){var n="";if(typeof r=="undefined"||r==null){r="AES-256-CBC"}if(typeof g[r]=="undefined"){throw"PKCS5PKEY unsupported algorithm: "+r}if(typeof p=="undefined"||p==null){var t=g[r]["ivlen"];var s=k(t);p=s.toUpperCase()}var w=h(r,x,p);var v=w.keyhex;var u=f(q,r,v,p);var o=u.replace(/(.{64})/g,"$1\r\n");var n="-----BEGIN RSA PRIVATE KEY-----\r\n";n+="Proc-Type: 4,ENCRYPTED\r\n";n+="DEK-Info: "+r+","+p+"\r\n";n+="\r\n";n+=o;n+="\r\n-----END RSA PRIVATE KEY-----\r\n";return n},getEryptedPKCS5PEMFromRSAKey:function(C,D,o,s){var A=new KJUR.asn1.DERInteger({"int":0});var v=new KJUR.asn1.DERInteger({bigint:C.n});var z=new KJUR.asn1.DERInteger({"int":C.e});var B=new KJUR.asn1.DERInteger({bigint:C.d});var t=new KJUR.asn1.DERInteger({bigint:C.p});var r=new KJUR.asn1.DERInteger({bigint:C.q});var y=new KJUR.asn1.DERInteger({bigint:C.dmp1});var u=new KJUR.asn1.DERInteger({bigint:C.dmq1});var x=new KJUR.asn1.DERInteger({bigint:C.coeff});var E=new KJUR.asn1.DERSequence({array:[A,v,z,B,t,r,y,u,x]});var w=E.getEncodedHex();return this.getEryptedPKCS5PEMFromPrvKeyHex(w,D,o,s)},newEncryptedPKCS5PEM:function(n,o,r,s){if(typeof o=="undefined"||o==null){o=1024}if(typeof r=="undefined"||r==null){r="10001"}var p=new RSAKey();p.generate(o,r);var q=null;if(typeof s=="undefined"||s==null){q=this.getEncryptedPKCS5PEMFromRSAKey(pkey,n)}else{q=this.getEncryptedPKCS5PEMFromRSAKey(pkey,n,s)}return q},getRSAKeyFromPlainPKCS8PEM:function(p){if(p.match(/ENCRYPTED/)){throw"pem shall be not ENCRYPTED"}var o=this.getHexFromPEM(p,"PRIVATE KEY");var n=this.getRSAKeyFromPlainPKCS8Hex(o);return n},getRSAKeyFromPlainPKCS8Hex:function(q){var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,0);if(p.length!=3){throw"outer DERSequence shall have 3 elements: "+p.length}var o=ASN1HEX.getHexOfTLV_AtObj(q,p[1]);if(o!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmIdentifier is not rsaEnc: "+o}var o=ASN1HEX.getHexOfTLV_AtObj(q,p[1]);var r=ASN1HEX.getHexOfTLV_AtObj(q,p[2]);var s=ASN1HEX.getHexOfV_AtObj(r,0);var n=new RSAKey();n.readPrivateKeyFromASN1HexString(s);return n},parseHexOfEncryptedPKCS8:function(u){var q={};var p=ASN1HEX.getPosArrayOfChildren_AtObj(u,0);if(p.length!=2){throw"malformed format: SEQUENCE(0).items != 2: "+p.length}q.ciphertext=ASN1HEX.getHexOfV_AtObj(u,p[1]);var w=ASN1HEX.getPosArrayOfChildren_AtObj(u,p[0]);if(w.length!=2){throw"malformed format: SEQUENCE(0.0).items != 2: "+w.length}if(ASN1HEX.getHexOfV_AtObj(u,w[0])!="2a864886f70d01050d"){throw"this only supports pkcs5PBES2"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(u,w[1]);if(w.length!=2){throw"malformed format: SEQUENCE(0.0.1).items != 2: "+n.length}var o=ASN1HEX.getPosArrayOfChildren_AtObj(u,n[1]);if(o.length!=2){throw"malformed format: SEQUENCE(0.0.1.1).items != 2: "+o.length}if(ASN1HEX.getHexOfV_AtObj(u,o[0])!="2a864886f70d0307"){throw"this only supports TripleDES"}q.encryptionSchemeAlg="TripleDES";q.encryptionSchemeIV=ASN1HEX.getHexOfV_AtObj(u,o[1]);var r=ASN1HEX.getPosArrayOfChildren_AtObj(u,n[0]);if(r.length!=2){throw"malformed format: SEQUENCE(0.0.1.0).items != 2: "+r.length}if(ASN1HEX.getHexOfV_AtObj(u,r[0])!="2a864886f70d01050c"){throw"this only supports pkcs5PBKDF2"}var v=ASN1HEX.getPosArrayOfChildren_AtObj(u,r[1]);if(v.length<2){throw"malformed format: SEQUENCE(0.0.1.0.1).items < 2: "+v.length}q.pbkdf2Salt=ASN1HEX.getHexOfV_AtObj(u,v[0]);var s=ASN1HEX.getHexOfV_AtObj(u,v[1]);try{q.pbkdf2Iter=parseInt(s,16)}catch(t){throw"malformed format pbkdf2Iter: "+s}return q},getPBKDF2KeyHexFromParam:function(s,n){var r=CryptoJS.enc.Hex.parse(s.pbkdf2Salt);var o=s.pbkdf2Iter;var q=CryptoJS.PBKDF2(n,r,{keySize:192/32,iterations:o});var p=CryptoJS.enc.Hex.stringify(q);return p},getPlainPKCS8HexFromEncryptedPKCS8PEM:function(v,w){var p=this.getHexFromPEM(v,"ENCRYPTED PRIVATE KEY");var n=this.parseHexOfEncryptedPKCS8(p);var s=PKCS5PKEY.getPBKDF2KeyHexFromParam(n,w);var t={};t.ciphertext=CryptoJS.enc.Hex.parse(n.ciphertext);var r=CryptoJS.enc.Hex.parse(s);var q=CryptoJS.enc.Hex.parse(n.encryptionSchemeIV);var u=CryptoJS.TripleDES.decrypt(t,r,{iv:q});var o=CryptoJS.enc.Hex.stringify(u);return o},getRSAKeyFromEncryptedPKCS8PEM:function(q,p){var o=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(q,p);var n=this.getRSAKeyFromPlainPKCS8Hex(o);return n},getKeyFromEncryptedPKCS8PEM:function(q,o){var n=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(q,o);var p=this.getKeyFromPlainPrivatePKCS8Hex(n);return p},parsePlainPrivatePKCS8Hex:function(q){var o={};o.algparam=null;if(q.substr(0,2)!="30"){throw"malformed plain PKCS8 private key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,0);if(p.length!=3){throw"malformed plain PKCS8 private key(code:002)"}if(q.substr(p[1],2)!="30"){throw"malformed PKCS8 private key(code:003)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(q,p[1]);if(n.length!=2){throw"malformed PKCS8 private key(code:004)"}if(q.substr(n[0],2)!="06"){throw"malformed PKCS8 private key(code:005)"}o.algoid=ASN1HEX.getHexOfV_AtObj(q,n[0]);if(q.substr(n[1],2)=="06"){o.algparam=ASN1HEX.getHexOfV_AtObj(q,n[1])}if(q.substr(p[2],2)!="04"){throw"malformed PKCS8 private key(code:006)"}o.keyidx=ASN1HEX.getStartPosOfV_AtObj(q,p[2]);return o},getKeyFromPlainPrivatePKCS8PEM:function(o){var n=this.getHexFromPEM(o,"PRIVATE KEY");var p=this.getKeyFromPlainPrivatePKCS8Hex(n);return p},getKeyFromPlainPrivatePKCS8Hex:function(n){var p=this.parsePlainPrivatePKCS8Hex(n);if(p.algoid=="2a864886f70d010101"){this.parsePrivateRawRSAKeyHexAtObj(n,p);var o=p.key;var q=new RSAKey();q.setPrivateEx(o.n,o.e,o.d,o.p,o.q,o.dp,o.dq,o.co);return q}else{if(p.algoid=="2a8648ce3d0201"){this.parsePrivateRawECKeyHexAtObj(n,p);if(KJUR.crypto.OID.oidhex2name[p.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+p.algparam}var r=KJUR.crypto.OID.oidhex2name[p.algparam];var q=new KJUR.crypto.ECDSA({curve:r,prv:p.key});return q}else{throw"unsupported private key algorithm"}}},getRSAKeyFromPublicPKCS8PEM:function(o){var p=this.getHexFromPEM(o,"PUBLIC KEY");var n=this.getRSAKeyFromPublicPKCS8Hex(p);return n},getKeyFromPublicPKCS8PEM:function(o){var p=this.getHexFromPEM(o,"PUBLIC KEY");var n=this.getKeyFromPublicPKCS8Hex(p);return n},getKeyFromPublicPKCS8Hex:function(o){var n=this.parsePublicPKCS8Hex(o);if(n.algoid=="2a864886f70d010101"){var r=this.parsePublicRawRSAKeyHex(n.key);var p=new RSAKey();p.setPublic(r.n,r.e);return p}else{if(n.algoid=="2a8648ce3d0201"){if(KJUR.crypto.OID.oidhex2name[n.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+n.algparam}var q=KJUR.crypto.OID.oidhex2name[n.algparam];var p=new KJUR.crypto.ECDSA({curve:q,pub:n.key});return p}else{throw"unsupported public key algorithm"}}},parsePublicRawRSAKeyHex:function(p){var n={};if(p.substr(0,2)!="30"){throw"malformed RSA key(code:001)"}var o=ASN1HEX.getPosArrayOfChildren_AtObj(p,0);if(o.length!=2){throw"malformed RSA key(code:002)"}if(p.substr(o[0],2)!="02"){throw"malformed RSA key(code:003)"}n.n=ASN1HEX.getHexOfV_AtObj(p,o[0]);if(p.substr(o[1],2)!="02"){throw"malformed RSA key(code:004)"}n.e=ASN1HEX.getHexOfV_AtObj(p,o[1]);return n},parsePrivateRawRSAKeyHexAtObj:function(o,q){var p=q.keyidx;if(o.substr(p,2)!="30"){throw"malformed RSA private key(code:001)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(o,p);if(n.length!=9){throw"malformed RSA private key(code:002)"}q.key={};q.key.n=ASN1HEX.getHexOfV_AtObj(o,n[1]);q.key.e=ASN1HEX.getHexOfV_AtObj(o,n[2]);q.key.d=ASN1HEX.getHexOfV_AtObj(o,n[3]);q.key.p=ASN1HEX.getHexOfV_AtObj(o,n[4]);q.key.q=ASN1HEX.getHexOfV_AtObj(o,n[5]);q.key.dp=ASN1HEX.getHexOfV_AtObj(o,n[6]);q.key.dq=ASN1HEX.getHexOfV_AtObj(o,n[7]);q.key.co=ASN1HEX.getHexOfV_AtObj(o,n[8])},parsePrivateRawECKeyHexAtObj:function(o,q){var p=q.keyidx;if(o.substr(p,2)!="30"){throw"malformed ECC private key(code:001)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(o,p);if(n.length!=3){throw"malformed ECC private key(code:002)"}if(o.substr(n[1],2)!="04"){throw"malformed ECC private key(code:003)"}q.key=ASN1HEX.getHexOfV_AtObj(o,n[1])},parsePublicPKCS8Hex:function(q){var o={};o.algparam=null;var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,0);if(p.length!=2){throw"outer DERSequence shall have 2 elements: "+p.length}var r=p[0];if(q.substr(r,2)!="30"){throw"malformed PKCS8 public key(code:001)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(q,r);if(n.length!=2){throw"malformed PKCS8 public key(code:002)"}if(q.substr(n[0],2)!="06"){throw"malformed PKCS8 public key(code:003)"}o.algoid=ASN1HEX.getHexOfV_AtObj(q,n[0]);if(q.substr(n[1],2)=="06"){o.algparam=ASN1HEX.getHexOfV_AtObj(q,n[1])}if(q.substr(p[1],2)!="03"){throw"malformed PKCS8 public key(code:004)"}o.key=ASN1HEX.getHexOfV_AtObj(q,p[1]).substr(2);return o},getRSAKeyFromPublicPKCS8Hex:function(r){var q=ASN1HEX.getPosArrayOfChildren_AtObj(r,0);if(q.length!=2){throw"outer DERSequence shall have 2 elements: "+q.length}var p=ASN1HEX.getHexOfTLV_AtObj(r,q[0]);if(p!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmId is not rsaEncryption"}if(r.substr(q[1],2)!="03"){throw"PKCS8 Public Key is not BITSTRING encapslated."}var t=ASN1HEX.getStartPosOfV_AtObj(r,q[1])+2;if(r.substr(t,2)!="30"){throw"PKCS8 Public Key is not SEQUENCE."}var n=ASN1HEX.getPosArrayOfChildren_AtObj(r,t);if(n.length!=2){throw"inner DERSequence shall have 2 elements: "+n.length}if(r.substr(n[0],2)!="02"){throw"N is not ASN.1 INTEGER"}if(r.substr(n[1],2)!="02"){throw"E is not ASN.1 INTEGER"}var u=ASN1HEX.getHexOfV_AtObj(r,n[0]);var s=ASN1HEX.getHexOfV_AtObj(r,n[1]);var o=new RSAKey();o.setPublic(u,s);return o},}}();
+/*! keyutil-1.0.8.js (c) 2013-2015 Kenji Urushima | kjur.github.com/jsrsasign/license
+ */
+var KEYUTIL=function(){var d=function(p,r,q){return k(CryptoJS.AES,p,r,q)};var e=function(p,r,q){return k(CryptoJS.TripleDES,p,r,q)};var a=function(p,r,q){return k(CryptoJS.DES,p,r,q)};var k=function(s,x,u,q){var r=CryptoJS.enc.Hex.parse(x);var w=CryptoJS.enc.Hex.parse(u);var p=CryptoJS.enc.Hex.parse(q);var t={};t.key=w;t.iv=p;t.ciphertext=r;var v=s.decrypt(t,w,{iv:p});return CryptoJS.enc.Hex.stringify(v)};var l=function(p,r,q){return g(CryptoJS.AES,p,r,q)};var o=function(p,r,q){return g(CryptoJS.TripleDES,p,r,q)};var f=function(p,r,q){return g(CryptoJS.DES,p,r,q)};var g=function(t,y,v,q){var s=CryptoJS.enc.Hex.parse(y);var x=CryptoJS.enc.Hex.parse(v);var p=CryptoJS.enc.Hex.parse(q);var w=t.encrypt(s,x,{iv:p});var r=CryptoJS.enc.Hex.parse(w.toString());var u=CryptoJS.enc.Base64.stringify(r);return u};var i={"AES-256-CBC":{proc:d,eproc:l,keylen:32,ivlen:16},"AES-192-CBC":{proc:d,eproc:l,keylen:24,ivlen:16},"AES-128-CBC":{proc:d,eproc:l,keylen:16,ivlen:16},"DES-EDE3-CBC":{proc:e,eproc:o,keylen:24,ivlen:8},"DES-CBC":{proc:a,eproc:f,keylen:8,ivlen:8}};var c=function(p){return i[p]["proc"]};var m=function(p){var r=CryptoJS.lib.WordArray.random(p);var q=CryptoJS.enc.Hex.stringify(r);return q};var n=function(t){var u={};if(t.match(new RegExp("DEK-Info: ([^,]+),([0-9A-Fa-f]+)","m"))){u.cipher=RegExp.$1;u.ivsalt=RegExp.$2}if(t.match(new RegExp("-----BEGIN ([A-Z]+) PRIVATE KEY-----"))){u.type=RegExp.$1}var r=-1;var v=0;if(t.indexOf("\r\n\r\n")!=-1){r=t.indexOf("\r\n\r\n");v=2}if(t.indexOf("\n\n")!=-1){r=t.indexOf("\n\n");v=1}var q=t.indexOf("-----END");if(r!=-1&&q!=-1){var p=t.substring(r+v*2,q-v);p=p.replace(/\s+/g,"");u.data=p}return u};var j=function(q,y,p){var v=p.substring(0,16);var t=CryptoJS.enc.Hex.parse(v);var r=CryptoJS.enc.Utf8.parse(y);var u=i[q]["keylen"]+i[q]["ivlen"];var x="";var w=null;for(;;){var s=CryptoJS.algo.MD5.create();if(w!=null){s.update(w)}s.update(r);s.update(t);w=s.finalize();x=x+CryptoJS.enc.Hex.stringify(w);if(x.length>=u*2){break}}var z={};z.keyhex=x.substr(0,i[q]["keylen"]*2);z.ivhex=x.substr(i[q]["keylen"]*2,i[q]["ivlen"]*2);return z};var b=function(p,v,r,w){var s=CryptoJS.enc.Base64.parse(p);var q=CryptoJS.enc.Hex.stringify(s);var u=i[v]["proc"];var t=u(q,r,w);return t};var h=function(p,s,q,u){var r=i[s]["eproc"];var t=r(p,q,u);return t};return{version:"1.0.0",getHexFromPEM:function(q,u){var r=q;if(r.indexOf("-----BEGIN ")==-1){throw"can't find PEM header: "+u}if(typeof u=="string"&&u!=""){r=r.replace("-----BEGIN "+u+"-----","");r=r.replace("-----END "+u+"-----","")}else{r=r.replace(/-----BEGIN [^-]+-----/,"");r=r.replace(/-----END [^-]+-----/,"")}var t=r.replace(/\s+/g,"");var p=b64tohex(t);return p},getDecryptedKeyHexByKeyIV:function(q,t,s,r){var p=c(t);return p(q,s,r)},parsePKCS5PEM:function(p){return n(p)},getKeyAndUnusedIvByPasscodeAndIvsalt:function(q,p,r){return j(q,p,r)},decryptKeyB64:function(p,r,q,s){return b(p,r,q,s)},getDecryptedKeyHex:function(y,x){var q=n(y);var t=q.type;var r=q.cipher;var p=q.ivsalt;var s=q.data;var w=j(r,x,p);var v=w.keyhex;var u=b(s,r,v,p);return u},getRSAKeyFromEncryptedPKCS5PEM:function(r,q){var s=this.getDecryptedKeyHex(r,q);var p=new RSAKey();p.readPrivateKeyFromASN1HexString(s);return p},getEncryptedPKCS5PEMFromPrvKeyHex:function(x,s,A,t,r){var p="";if(typeof t=="undefined"||t==null){t="AES-256-CBC"}if(typeof i[t]=="undefined"){throw"KEYUTIL unsupported algorithm: "+t}if(typeof r=="undefined"||r==null){var v=i[t]["ivlen"];var u=m(v);r=u.toUpperCase()}var z=j(t,A,r);var y=z.keyhex;var w=h(s,t,y,r);var q=w.replace(/(.{64})/g,"$1\r\n");var p="-----BEGIN "+x+" PRIVATE KEY-----\r\n";p+="Proc-Type: 4,ENCRYPTED\r\n";p+="DEK-Info: "+t+","+r+"\r\n";p+="\r\n";p+=q;p+="\r\n-----END "+x+" PRIVATE KEY-----\r\n";return p},getEncryptedPKCS5PEMFromRSAKey:function(D,E,r,t){var B=new KJUR.asn1.DERInteger({"int":0});var w=new KJUR.asn1.DERInteger({bigint:D.n});var A=new KJUR.asn1.DERInteger({"int":D.e});var C=new KJUR.asn1.DERInteger({bigint:D.d});var u=new KJUR.asn1.DERInteger({bigint:D.p});var s=new KJUR.asn1.DERInteger({bigint:D.q});var z=new KJUR.asn1.DERInteger({bigint:D.dmp1});var v=new KJUR.asn1.DERInteger({bigint:D.dmq1});var y=new KJUR.asn1.DERInteger({bigint:D.coeff});var F=new KJUR.asn1.DERSequence({array:[B,w,A,C,u,s,z,v,y]});var x=F.getEncodedHex();return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA",x,E,r,t)},newEncryptedPKCS5PEM:function(p,q,t,u){if(typeof q=="undefined"||q==null){q=1024}if(typeof t=="undefined"||t==null){t="10001"}var r=new RSAKey();r.generate(q,t);var s=null;if(typeof u=="undefined"||u==null){s=this.getEncryptedPKCS5PEMFromRSAKey(r,p)}else{s=this.getEncryptedPKCS5PEMFromRSAKey(r,p,u)}return s},getRSAKeyFromPlainPKCS8PEM:function(r){if(r.match(/ENCRYPTED/)){throw"pem shall be not ENCRYPTED"}var q=this.getHexFromPEM(r,"PRIVATE KEY");var p=this.getRSAKeyFromPlainPKCS8Hex(q);return p},getRSAKeyFromPlainPKCS8Hex:function(s){var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=3){throw"outer DERSequence shall have 3 elements: "+r.length}var q=ASN1HEX.getHexOfTLV_AtObj(s,r[1]);if(q!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmIdentifier is not rsaEnc: "+q}var q=ASN1HEX.getHexOfTLV_AtObj(s,r[1]);var t=ASN1HEX.getHexOfTLV_AtObj(s,r[2]);var u=ASN1HEX.getHexOfV_AtObj(t,0);var p=new RSAKey();p.readPrivateKeyFromASN1HexString(u);return p},parseHexOfEncryptedPKCS8:function(w){var s={};var r=ASN1HEX.getPosArrayOfChildren_AtObj(w,0);if(r.length!=2){throw"malformed format: SEQUENCE(0).items != 2: "+r.length}s.ciphertext=ASN1HEX.getHexOfV_AtObj(w,r[1]);var y=ASN1HEX.getPosArrayOfChildren_AtObj(w,r[0]);if(y.length!=2){throw"malformed format: SEQUENCE(0.0).items != 2: "+y.length}if(ASN1HEX.getHexOfV_AtObj(w,y[0])!="2a864886f70d01050d"){throw"this only supports pkcs5PBES2"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(w,y[1]);if(y.length!=2){throw"malformed format: SEQUENCE(0.0.1).items != 2: "+p.length}var q=ASN1HEX.getPosArrayOfChildren_AtObj(w,p[1]);if(q.length!=2){throw"malformed format: SEQUENCE(0.0.1.1).items != 2: "+q.length}if(ASN1HEX.getHexOfV_AtObj(w,q[0])!="2a864886f70d0307"){throw"this only supports TripleDES"}s.encryptionSchemeAlg="TripleDES";s.encryptionSchemeIV=ASN1HEX.getHexOfV_AtObj(w,q[1]);var t=ASN1HEX.getPosArrayOfChildren_AtObj(w,p[0]);if(t.length!=2){throw"malformed format: SEQUENCE(0.0.1.0).items != 2: "+t.length}if(ASN1HEX.getHexOfV_AtObj(w,t[0])!="2a864886f70d01050c"){throw"this only supports pkcs5PBKDF2"}var x=ASN1HEX.getPosArrayOfChildren_AtObj(w,t[1]);if(x.length<2){throw"malformed format: SEQUENCE(0.0.1.0.1).items < 2: "+x.length}s.pbkdf2Salt=ASN1HEX.getHexOfV_AtObj(w,x[0]);var u=ASN1HEX.getHexOfV_AtObj(w,x[1]);try{s.pbkdf2Iter=parseInt(u,16)}catch(v){throw"malformed format pbkdf2Iter: "+u}return s},getPBKDF2KeyHexFromParam:function(u,p){var t=CryptoJS.enc.Hex.parse(u.pbkdf2Salt);var q=u.pbkdf2Iter;var s=CryptoJS.PBKDF2(p,t,{keySize:192/32,iterations:q});var r=CryptoJS.enc.Hex.stringify(s);return r},getPlainPKCS8HexFromEncryptedPKCS8PEM:function(x,y){var r=this.getHexFromPEM(x,"ENCRYPTED PRIVATE KEY");var p=this.parseHexOfEncryptedPKCS8(r);var u=KEYUTIL.getPBKDF2KeyHexFromParam(p,y);var v={};v.ciphertext=CryptoJS.enc.Hex.parse(p.ciphertext);var t=CryptoJS.enc.Hex.parse(u);var s=CryptoJS.enc.Hex.parse(p.encryptionSchemeIV);var w=CryptoJS.TripleDES.decrypt(v,t,{iv:s});var q=CryptoJS.enc.Hex.stringify(w);return q},getRSAKeyFromEncryptedPKCS8PEM:function(s,r){var q=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(s,r);var p=this.getRSAKeyFromPlainPKCS8Hex(q);return p},getKeyFromEncryptedPKCS8PEM:function(s,q){var p=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(s,q);var r=this.getKeyFromPlainPrivatePKCS8Hex(p);return r},parsePlainPrivatePKCS8Hex:function(s){var q={};q.algparam=null;if(s.substr(0,2)!="30"){throw"malformed plain PKCS8 private key(code:001)"}var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=3){throw"malformed plain PKCS8 private key(code:002)"}if(s.substr(r[1],2)!="30"){throw"malformed PKCS8 private key(code:003)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(s,r[1]);if(p.length!=2){throw"malformed PKCS8 private key(code:004)"}if(s.substr(p[0],2)!="06"){throw"malformed PKCS8 private key(code:005)"}q.algoid=ASN1HEX.getHexOfV_AtObj(s,p[0]);if(s.substr(p[1],2)=="06"){q.algparam=ASN1HEX.getHexOfV_AtObj(s,p[1])}if(s.substr(r[2],2)!="04"){throw"malformed PKCS8 private key(code:006)"}q.keyidx=ASN1HEX.getStartPosOfV_AtObj(s,r[2]);return q},getKeyFromPlainPrivatePKCS8PEM:function(q){var p=this.getHexFromPEM(q,"PRIVATE KEY");var r=this.getKeyFromPlainPrivatePKCS8Hex(p);return r},getKeyFromPlainPrivatePKCS8Hex:function(p){var w=this.parsePlainPrivatePKCS8Hex(p);if(w.algoid=="2a864886f70d010101"){this.parsePrivateRawRSAKeyHexAtObj(p,w);var u=w.key;var z=new RSAKey();z.setPrivateEx(u.n,u.e,u.d,u.p,u.q,u.dp,u.dq,u.co);return z}else{if(w.algoid=="2a8648ce3d0201"){this.parsePrivateRawECKeyHexAtObj(p,w);if(KJUR.crypto.OID.oidhex2name[w.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+w.algparam}var v=KJUR.crypto.OID.oidhex2name[w.algparam];var z=new KJUR.crypto.ECDSA({curve:v});z.setPublicKeyHex(w.pubkey);z.setPrivateKeyHex(w.key);z.isPublic=false;return z}else{if(w.algoid=="2a8648ce380401"){var t=ASN1HEX.getVbyList(p,0,[1,1,0],"02");var s=ASN1HEX.getVbyList(p,0,[1,1,1],"02");var y=ASN1HEX.getVbyList(p,0,[1,1,2],"02");var B=ASN1HEX.getVbyList(p,0,[2,0],"02");var r=new BigInteger(t,16);var q=new BigInteger(s,16);var x=new BigInteger(y,16);var A=new BigInteger(B,16);var z=new KJUR.crypto.DSA();z.setPrivate(r,q,x,null,A);return z}else{throw"unsupported private key algorithm"}}}},getRSAKeyFromPublicPKCS8PEM:function(q){var r=this.getHexFromPEM(q,"PUBLIC KEY");var p=this.getRSAKeyFromPublicPKCS8Hex(r);return p},getKeyFromPublicPKCS8PEM:function(q){var r=this.getHexFromPEM(q,"PUBLIC KEY");var p=this.getKeyFromPublicPKCS8Hex(r);return p},getKeyFromPublicPKCS8Hex:function(q){var p=this.parsePublicPKCS8Hex(q);if(p.algoid=="2a864886f70d010101"){var u=this.parsePublicRawRSAKeyHex(p.key);var r=new RSAKey();r.setPublic(u.n,u.e);return r}else{if(p.algoid=="2a8648ce3d0201"){if(KJUR.crypto.OID.oidhex2name[p.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+p.algparam}var s=KJUR.crypto.OID.oidhex2name[p.algparam];var r=new KJUR.crypto.ECDSA({curve:s,pub:p.key});return r}else{if(p.algoid=="2a8648ce380401"){var t=p.algparam;var v=ASN1HEX.getHexOfV_AtObj(p.key,0);var r=new KJUR.crypto.DSA();r.setPublic(new BigInteger(t.p,16),new BigInteger(t.q,16),new BigInteger(t.g,16),new BigInteger(v,16));return r}else{throw"unsupported public key algorithm"}}}},parsePublicRawRSAKeyHex:function(r){var p={};if(r.substr(0,2)!="30"){throw"malformed RSA key(code:001)"}var q=ASN1HEX.getPosArrayOfChildren_AtObj(r,0);if(q.length!=2){throw"malformed RSA key(code:002)"}if(r.substr(q[0],2)!="02"){throw"malformed RSA key(code:003)"}p.n=ASN1HEX.getHexOfV_AtObj(r,q[0]);if(r.substr(q[1],2)!="02"){throw"malformed RSA key(code:004)"}p.e=ASN1HEX.getHexOfV_AtObj(r,q[1]);return p},parsePrivateRawRSAKeyHexAtObj:function(q,s){var r=s.keyidx;if(q.substr(r,2)!="30"){throw"malformed RSA private key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,r);if(p.length!=9){throw"malformed RSA private key(code:002)"}s.key={};s.key.n=ASN1HEX.getHexOfV_AtObj(q,p[1]);s.key.e=ASN1HEX.getHexOfV_AtObj(q,p[2]);s.key.d=ASN1HEX.getHexOfV_AtObj(q,p[3]);s.key.p=ASN1HEX.getHexOfV_AtObj(q,p[4]);s.key.q=ASN1HEX.getHexOfV_AtObj(q,p[5]);s.key.dp=ASN1HEX.getHexOfV_AtObj(q,p[6]);s.key.dq=ASN1HEX.getHexOfV_AtObj(q,p[7]);s.key.co=ASN1HEX.getHexOfV_AtObj(q,p[8])},parsePrivateRawECKeyHexAtObj:function(p,t){var q=t.keyidx;var r=ASN1HEX.getVbyList(p,q,[1],"04");var s=ASN1HEX.getVbyList(p,q,[2,0],"03").substr(2);t.key=r;t.pubkey=s},parsePublicPKCS8Hex:function(s){var q={};q.algparam=null;var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=2){throw"outer DERSequence shall have 2 elements: "+r.length}var t=r[0];if(s.substr(t,2)!="30"){throw"malformed PKCS8 public key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(s,t);if(p.length!=2){throw"malformed PKCS8 public key(code:002)"}if(s.substr(p[0],2)!="06"){throw"malformed PKCS8 public key(code:003)"}q.algoid=ASN1HEX.getHexOfV_AtObj(s,p[0]);if(s.substr(p[1],2)=="06"){q.algparam=ASN1HEX.getHexOfV_AtObj(s,p[1])}else{if(s.substr(p[1],2)=="30"){q.algparam={};q.algparam.p=ASN1HEX.getVbyList(s,p[1],[0],"02");q.algparam.q=ASN1HEX.getVbyList(s,p[1],[1],"02");q.algparam.g=ASN1HEX.getVbyList(s,p[1],[2],"02")}}if(s.substr(r[1],2)!="03"){throw"malformed PKCS8 public key(code:004)"}q.key=ASN1HEX.getHexOfV_AtObj(s,r[1]).substr(2);return q},getRSAKeyFromPublicPKCS8Hex:function(t){var s=ASN1HEX.getPosArrayOfChildren_AtObj(t,0);if(s.length!=2){throw"outer DERSequence shall have 2 elements: "+s.length}var r=ASN1HEX.getHexOfTLV_AtObj(t,s[0]);if(r!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmId is not rsaEncryption"}if(t.substr(s[1],2)!="03"){throw"PKCS8 Public Key is not BITSTRING encapslated."}var v=ASN1HEX.getStartPosOfV_AtObj(t,s[1])+2;if(t.substr(v,2)!="30"){throw"PKCS8 Public Key is not SEQUENCE."}var p=ASN1HEX.getPosArrayOfChildren_AtObj(t,v);if(p.length!=2){throw"inner DERSequence shall have 2 elements: "+p.length}if(t.substr(p[0],2)!="02"){throw"N is not ASN.1 INTEGER"}if(t.substr(p[1],2)!="02"){throw"E is not ASN.1 INTEGER"}var w=ASN1HEX.getHexOfV_AtObj(t,p[0]);var u=ASN1HEX.getHexOfV_AtObj(t,p[1]);var q=new RSAKey();q.setPublic(w,u);return q},}}();KEYUTIL.getKey=function(f,e,h){if(typeof RSAKey!="undefined"&&f instanceof RSAKey){return f}if(typeof KJUR.crypto.ECDSA!="undefined"&&f instanceof KJUR.crypto.ECDSA){return f}if(typeof KJUR.crypto.DSA!="undefined"&&f instanceof KJUR.crypto.DSA){return f}if(f.xy!==undefined&&f.curve!==undefined){return new KJUR.crypto.ECDSA({prv:f.xy,curve:f.curve})}if(f.n!==undefined&&f.e!==undefined&&f.d!==undefined&&f.p!==undefined&&f.q!==undefined&&f.dp!==undefined&&f.dq!==undefined&&f.co!==undefined&&f.qi===undefined){var v=new RSAKey();v.setPrivateEx(f.n,f.e,f.d,f.p,f.q,f.dp,f.dq,f.co);return v}if(f.p!==undefined&&f.q!==undefined&&f.g!==undefined&&f.y!==undefined&&f.x!==undefined){var v=new KJUR.crypto.DSA();v.setPrivate(f.p,f.q,f.g,f.y,f.x);return v}if(f.d!==undefined&&f.curve!==undefined){return new KJUR.crypto.ECDSA({pub:f.d,curve:f.curve})}if(f.kty===undefined&&f.n!==undefined&&f.e){var v=new RSAKey();v.setPublic(f.n,f.e);return v}if(f.p!==undefined&&f.q!==undefined&&f.g!==undefined&&f.y!==undefined&&f.x===undefined){var v=new KJUR.crypto.DSA();v.setPublic(f.p,f.q,f.g,f.y);return v}if(f.kty==="RSA"&&f.n!==undefined&&f.e!==undefined&&f.d===undefined){var v=new RSAKey();v.setPublic(b64utohex(f.n),b64utohex(f.e));return v}if(f.kty==="RSA"&&f.n!==undefined&&f.e!==undefined&&f.d!==undefined&&f.p!==undefined&&f.q!==undefined&&f.dp!==undefined&&f.dq!==undefined&&f.qi!==undefined){var v=new RSAKey();v.setPrivateEx(b64utohex(f.n),b64utohex(f.e),b64utohex(f.d),b64utohex(f.p),b64utohex(f.q),b64utohex(f.dp),b64utohex(f.dq),b64utohex(f.qi));return v}if(f.kty==="EC"&&f.crv!==undefined&&f.x!==undefined&&f.y!==undefined&&f.d===undefined){var d=new KJUR.crypto.ECDSA({curve:f.crv});var k=d.ecparams.keylen/4;var o=("0000000000"+b64utohex(f.x)).slice(-k);var m=("0000000000"+b64utohex(f.y)).slice(-k);var l="04"+o+m;d.setPublicKeyHex(l);return d}if(f.kty==="EC"&&f.crv!==undefined&&f.x!==undefined&&f.y!==undefined&&f.d!==undefined){var d=new KJUR.crypto.ECDSA({curve:f.crv});var k=d.ecparams.keylen/4;var a=("0000000000"+b64utohex(f.d)).slice(-k);d.setPrivateKeyHex(a);return d}if(f.indexOf("-END CERTIFICATE-",0)!=-1||f.indexOf("-END X509 CERTIFICATE-",0)!=-1||f.indexOf("-END TRUSTED CERTIFICATE-",0)!=-1){return X509.getPublicKeyFromCertPEM(f)}if(h==="pkcs8pub"){return KEYUTIL.getKeyFromPublicPKCS8Hex(f)}if(f.indexOf("-END PUBLIC KEY-")!=-1){return KEYUTIL.getKeyFromPublicPKCS8PEM(f)}if(h==="pkcs5prv"){var v=new RSAKey();v.readPrivateKeyFromASN1HexString(f);return v}if(h==="pkcs5prv"){var v=new RSAKey();v.readPrivateKeyFromASN1HexString(f);return v}if(f.indexOf("-END RSA PRIVATE KEY-")!=-1&&f.indexOf("4,ENCRYPTED")==-1){var v=new RSAKey();v.readPrivateKeyFromPEMString(f);return v}if(f.indexOf("-END DSA PRIVATE KEY-")!=-1&&f.indexOf("4,ENCRYPTED")==-1){var t=this.getHexFromPEM(f,"DSA PRIVATE KEY");var s=ASN1HEX.getVbyList(t,0,[1],"02");var r=ASN1HEX.getVbyList(t,0,[2],"02");var u=ASN1HEX.getVbyList(t,0,[3],"02");var i=ASN1HEX.getVbyList(t,0,[4],"02");var j=ASN1HEX.getVbyList(t,0,[5],"02");var v=new KJUR.crypto.DSA();v.setPrivate(new BigInteger(s,16),new BigInteger(r,16),new BigInteger(u,16),new BigInteger(i,16),new BigInteger(j,16));return v}if(f.indexOf("-END PRIVATE KEY-")!=-1){return KEYUTIL.getKeyFromPlainPrivatePKCS8PEM(f)}if(f.indexOf("-END RSA PRIVATE KEY-")!=-1&&f.indexOf("4,ENCRYPTED")!=-1){return KEYUTIL.getRSAKeyFromEncryptedPKCS5PEM(f,e)}if(f.indexOf("-END EC PRIVATE KEY-")!=-1&&f.indexOf("4,ENCRYPTED")!=-1){var t=KEYUTIL.getDecryptedKeyHex(f,e);var v=ASN1HEX.getVbyList(t,0,[1],"04");var c=ASN1HEX.getVbyList(t,0,[2,0],"06");var n=ASN1HEX.getVbyList(t,0,[3,0],"03").substr(2);var b="";if(KJUR.crypto.OID.oidhex2name[c]!==undefined){b=KJUR.crypto.OID.oidhex2name[c]}else{throw"undefined OID(hex) in KJUR.crypto.OID: "+c}var d=new KJUR.crypto.ECDSA({name:b});d.setPublicKeyHex(n);d.setPrivateKeyHex(v);d.isPublic=false;return d}if(f.indexOf("-END DSA PRIVATE KEY-")!=-1&&f.indexOf("4,ENCRYPTED")!=-1){var t=KEYUTIL.getDecryptedKeyHex(f,e);var s=ASN1HEX.getVbyList(t,0,[1],"02");var r=ASN1HEX.getVbyList(t,0,[2],"02");var u=ASN1HEX.getVbyList(t,0,[3],"02");var i=ASN1HEX.getVbyList(t,0,[4],"02");var j=ASN1HEX.getVbyList(t,0,[5],"02");var v=new KJUR.crypto.DSA();v.setPrivate(new BigInteger(s,16),new BigInteger(r,16),new BigInteger(u,16),new BigInteger(i,16),new BigInteger(j,16));return v}if(f.indexOf("-END ENCRYPTED PRIVATE KEY-")!=-1){return KEYUTIL.getKeyFromEncryptedPKCS8PEM(f,e)}throw"not supported argument"};KEYUTIL.generateKeypair=function(a,c){if(a=="RSA"){var b=c;var h=new RSAKey();h.generate(b,"10001");h.isPrivate=true;h.isPublic=true;var f=new RSAKey();var e=h.n.toString(16);var i=h.e.toString(16);f.setPublic(e,i);f.isPrivate=false;f.isPublic=true;var k={};k.prvKeyObj=h;k.pubKeyObj=f;return k}else{if(a=="EC"){var d=c;var g=new KJUR.crypto.ECDSA({curve:d});var j=g.generateKeyPairHex();var h=new KJUR.crypto.ECDSA({curve:d});h.setPrivateKeyHex(j.ecprvhex);h.isPrivate=true;h.isPublic=false;var f=new KJUR.crypto.ECDSA({curve:d});f.setPublicKeyHex(j.ecpubhex);f.isPrivate=false;f.isPublic=true;var k={};k.prvKeyObj=h;k.pubKeyObj=f;return k}else{throw"unknown algorithm: "+a}}};KEYUTIL.getPEM=function(a,r,o,g,j){var v=KJUR.asn1;var u=KJUR.crypto;function p(s){var w=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{"int":{bigint:s.n}},{"int":s.e},{"int":{bigint:s.d}},{"int":{bigint:s.p}},{"int":{bigint:s.q}},{"int":{bigint:s.dmp1}},{"int":{bigint:s.dmq1}},{"int":{bigint:s.coeff}}]});return w}function q(w){var s=KJUR.asn1.ASN1Util.newObject({seq:[{"int":1},{octstr:{hex:w.prvKeyHex}},{tag:["a0",true,{oid:{name:w.curveName}}]},{tag:["a1",true,{bitstr:{hex:"00"+w.pubKeyHex}}]}]});return s}function n(s){var w=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{"int":{bigint:s.p}},{"int":{bigint:s.q}},{"int":{bigint:s.g}},{"int":{bigint:s.y}},{"int":{bigint:s.x}}]});return w}if(((typeof RSAKey!="undefined"&&a instanceof RSAKey)||(typeof u.DSA!="undefined"&&a instanceof u.DSA)||(typeof u.ECDSA!="undefined"&&a instanceof u.ECDSA))&&a.isPublic==true&&(r===undefined||r=="PKCS8PUB")){var t=new KJUR.asn1.x509.SubjectPublicKeyInfo(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"PUBLIC KEY")}if(r=="PKCS1PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&(o===undefined||o==null)&&a.isPrivate==true){var t=p(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"RSA PRIVATE KEY")}if(r=="PKCS1PRV"&&typeof RSAKey!="undefined"&&a instanceof KJUR.crypto.ECDSA&&(o===undefined||o==null)&&a.isPrivate==true){var f=new KJUR.asn1.DERObjectIdentifier({name:a.curveName});var l=f.getEncodedHex();var e=q(a);var k=e.getEncodedHex();var i="";i+=v.ASN1Util.getPEMStringFromHex(l,"EC PARAMETERS");i+=v.ASN1Util.getPEMStringFromHex(k,"EC PRIVATE KEY");return i}if(r=="PKCS1PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&(o===undefined||o==null)&&a.isPrivate==true){var t=n(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"DSA PRIVATE KEY")}if(r=="PKCS5PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=p(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA",m,o,g)}if(r=="PKCS5PRV"&&typeof KJUR.crypto.ECDSA!="undefined"&&a instanceof KJUR.crypto.ECDSA&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=q(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("EC",m,o,g)}if(r=="PKCS5PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=n(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("DSA",m,o,g)}var h=function(w,s){var y=b(w,s);var x=new KJUR.asn1.ASN1Util.newObject({seq:[{seq:[{oid:{name:"pkcs5PBES2"}},{seq:[{seq:[{oid:{name:"pkcs5PBKDF2"}},{seq:[{octstr:{hex:y.pbkdf2Salt}},{"int":y.pbkdf2Iter}]}]},{seq:[{oid:{name:"des-EDE3-CBC"}},{octstr:{hex:y.encryptionSchemeIV}}]}]}]},{octstr:{hex:y.ciphertext}}]});return x.getEncodedHex()};var b=function(D,E){var x=100;var C=CryptoJS.lib.WordArray.random(8);var B="DES-EDE3-CBC";var s=CryptoJS.lib.WordArray.random(8);var y=CryptoJS.PBKDF2(E,C,{keySize:192/32,iterations:x});var z=CryptoJS.enc.Hex.parse(D);var A=CryptoJS.TripleDES.encrypt(z,y,{iv:s})+"";var w={};w.ciphertext=A;w.pbkdf2Salt=CryptoJS.enc.Hex.stringify(C);w.pbkdf2Iter=x;w.encryptionSchemeAlg=B;w.encryptionSchemeIV=CryptoJS.enc.Hex.stringify(s);return w};if(r=="PKCS8PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&a.isPrivate==true){var d=p(a);var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"rsaEncryption"}},{"null":true}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}if(r=="PKCS8PRV"&&typeof KJUR.crypto.ECDSA!="undefined"&&a instanceof KJUR.crypto.ECDSA&&a.isPrivate==true){var d=new KJUR.asn1.ASN1Util.newObject({seq:[{"int":1},{octstr:{hex:a.prvKeyHex}},{tag:["a1",true,{bitstr:{hex:"00"+a.pubKeyHex}}]}]});var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"ecPublicKey"}},{oid:{name:a.curveName}}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}if(r=="PKCS8PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&a.isPrivate==true){var d=new KJUR.asn1.DERInteger({bigint:a.x});var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"dsa"}},{seq:[{"int":{bigint:a.p}},{"int":{bigint:a.q}},{"int":{bigint:a.g}}]}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}throw"unsupported object nor format"};KEYUTIL.getKeyFromCSRPEM=function(b){var a=KEYUTIL.getHexFromPEM(b,"CERTIFICATE REQUEST");var c=KEYUTIL.getKeyFromCSRHex(a);return c};KEYUTIL.getKeyFromCSRHex=function(a){var c=KEYUTIL.parseCSRHex(a);var b=KEYUTIL.getKey(c.p8pubkeyhex,null,"pkcs8pub");return b};KEYUTIL.parseCSRHex=function(c){var b={};var e=c;if(e.substr(0,2)!="30"){throw"malformed CSR(code:001)"}var d=ASN1HEX.getPosArrayOfChildren_AtObj(e,0);if(d.length<1){throw"malformed CSR(code:002)"}if(e.substr(d[0],2)!="30"){throw"malformed CSR(code:003)"}var a=ASN1HEX.getPosArrayOfChildren_AtObj(e,d[0]);if(a.length<3){throw"malformed CSR(code:004)"}b.p8pubkeyhex=ASN1HEX.getHexOfTLV_AtObj(e,a[2]);return b};
+/*! rsapem-1.1.js (c) 2012 Kenji Urushima | kjur.github.com/jsrsasign/license
+ */
+function _rsapem_pemToBase64(b){var a=b;a=a.replace("-----BEGIN RSA PRIVATE KEY-----","");a=a.replace("-----END RSA PRIVATE KEY-----","");a=a.replace(/[ \n]+/g,"");return a}function _rsapem_getPosArrayOfChildrenFromHex(d){var j=new Array();var k=ASN1HEX.getStartPosOfV_AtObj(d,0);var f=ASN1HEX.getPosOfNextSibling_AtObj(d,k);var h=ASN1HEX.getPosOfNextSibling_AtObj(d,f);var b=ASN1HEX.getPosOfNextSibling_AtObj(d,h);var l=ASN1HEX.getPosOfNextSibling_AtObj(d,b);var e=ASN1HEX.getPosOfNextSibling_AtObj(d,l);var g=ASN1HEX.getPosOfNextSibling_AtObj(d,e);var c=ASN1HEX.getPosOfNextSibling_AtObj(d,g);var i=ASN1HEX.getPosOfNextSibling_AtObj(d,c);j.push(k,f,h,b,l,e,g,c,i);return j}function _rsapem_getHexValueArrayOfChildrenFromHex(i){var o=_rsapem_getPosArrayOfChildrenFromHex(i);var r=ASN1HEX.getHexOfV_AtObj(i,o[0]);var f=ASN1HEX.getHexOfV_AtObj(i,o[1]);var j=ASN1HEX.getHexOfV_AtObj(i,o[2]);var k=ASN1HEX.getHexOfV_AtObj(i,o[3]);var c=ASN1HEX.getHexOfV_AtObj(i,o[4]);var b=ASN1HEX.getHexOfV_AtObj(i,o[5]);var h=ASN1HEX.getHexOfV_AtObj(i,o[6]);var g=ASN1HEX.getHexOfV_AtObj(i,o[7]);var l=ASN1HEX.getHexOfV_AtObj(i,o[8]);var m=new Array();m.push(r,f,j,k,c,b,h,g,l);return m}function _rsapem_readPrivateKeyFromASN1HexString(c){var b=_rsapem_getHexValueArrayOfChildrenFromHex(c);this.setPrivateEx(b[1],b[2],b[3],b[4],b[5],b[6],b[7],b[8])}function _rsapem_readPrivateKeyFromPEMString(e){var c=_rsapem_pemToBase64(e);var d=b64tohex(c);var b=_rsapem_getHexValueArrayOfChildrenFromHex(d);this.setPrivateEx(b[1],b[2],b[3],b[4],b[5],b[6],b[7],b[8])}RSAKey.prototype.readPrivateKeyFromPEMString=_rsapem_readPrivateKeyFromPEMString;RSAKey.prototype.readPrivateKeyFromASN1HexString=_rsapem_readPrivateKeyFromASN1HexString;
+/*! rsasign-1.2.7.js (c) 2012 Kenji Urushima | kjur.github.com/jsrsasign/license
+ */
+var _RE_HEXDECONLY=new RegExp("");_RE_HEXDECONLY.compile("[^0-9a-f]","gi");function _rsasign_getHexPaddedDigestInfoForString(d,e,a){var b=function(f){return KJUR.crypto.Util.hashString(f,a)};var c=b(d);return KJUR.crypto.Util.getPaddedDigestInfoHex(c,a,e)}function _zeroPaddingOfSignature(e,d){var c="";var a=d/4-e.length;for(var b=0;b>24,(d&16711680)>>16,(d&65280)>>8,d&255]))));d+=1}return b}function _rsasign_signStringPSS(e,a,d){var c=function(f){return KJUR.crypto.Util.hashHex(f,a)};var b=c(rstrtohex(e));if(d===undefined){d=-1}return this.signWithMessageHashPSS(b,a,d)}function _rsasign_signWithMessageHashPSS(l,a,k){var b=hextorstr(l);var g=b.length;var m=this.n.bitLength()-1;var c=Math.ceil(m/8);var d;var o=function(i){return KJUR.crypto.Util.hashHex(i,a)};if(k===-1||k===undefined){k=g}else{if(k===-2){k=c-g-2}else{if(k<-2){throw"invalid salt length"}}}if(c<(g+k+2)){throw"data too long"}var f="";if(k>0){f=new Array(k);new SecureRandom().nextBytes(f);f=String.fromCharCode.apply(String,f)}var n=hextorstr(o(rstrtohex("\x00\x00\x00\x00\x00\x00\x00\x00"+b+f)));var j=[];for(d=0;d>(8*c-m))&255;q[0]&=~p;for(d=0;dthis.n.bitLength()){return 0}var i=this.doPublic(b);var e=i.toString(16).replace(/^1f+00/,"");var g=_rsasign_getAlgNameAndHashFromHexDisgestInfo(e);if(g.length==0){return false}var d=g[0];var h=g[1];var a=function(k){return KJUR.crypto.Util.hashString(k,d)};var c=a(f);return(h==c)}function _rsasign_verifyWithMessageHash(e,a){a=a.replace(_RE_HEXDECONLY,"");a=a.replace(/[ \n]+/g,"");var b=parseBigInt(a,16);if(b.bitLength()>this.n.bitLength()){return 0}var h=this.doPublic(b);var g=h.toString(16).replace(/^1f+00/,"");var c=_rsasign_getAlgNameAndHashFromHexDisgestInfo(g);if(c.length==0){return false}var d=c[0];var f=c[1];return(f==e)}function _rsasign_verifyStringPSS(c,b,a,f){var e=function(g){return KJUR.crypto.Util.hashHex(g,a)};var d=e(rstrtohex(c));if(f===undefined){f=-1}return this.verifyWithMessageHashPSS(d,b,a,f)}function _rsasign_verifyWithMessageHashPSS(f,s,l,c){var k=new BigInteger(s,16);if(k.bitLength()>this.n.bitLength()){return false}var r=function(i){return KJUR.crypto.Util.hashHex(i,l)};var j=hextorstr(f);var h=j.length;var g=this.n.bitLength()-1;var m=Math.ceil(g/8);var q;if(c===-1||c===undefined){c=h}else{if(c===-2){c=m-h-2}else{if(c<-2){throw"invalid salt length"}}}if(m<(h+c+2)){throw"data too long"}var a=this.doPublic(k).toByteArray();for(q=0;q>(8*m-g))&255;if((d.charCodeAt(0)&p)!==0){throw"bits beyond keysize not zero"}var n=pss_mgf1_str(e,d.length,r);var o=[];for(q=0;q=0;){delete D[n[A]]}}}return q.call(C,B,D)};x=s({"":x},"")}return x}})();
+/*! jws-3.2.3 (c) 2013-2015 Kenji Urushima | kjur.github.com/jsrsasign/license
+ */
+if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.jws=="undefined"||!KJUR.jws){KJUR.jws={}}KJUR.jws.JWS=function(){var i=KJUR.jws.JWS;this.parseJWS=function(o,q){if((this.parsedJWS!==undefined)&&(q||(this.parsedJWS.sigvalH!==undefined))){return}if(o.match(/^([^.]+)\.([^.]+)\.([^.]+)$/)==null){throw"JWS signature is not a form of 'Head.Payload.SigValue'."}var r=RegExp.$1;var m=RegExp.$2;var s=RegExp.$3;var u=r+"."+m;this.parsedJWS={};this.parsedJWS.headB64U=r;this.parsedJWS.payloadB64U=m;this.parsedJWS.sigvalB64U=s;this.parsedJWS.si=u;if(!q){var p=b64utohex(s);var n=parseBigInt(p,16);this.parsedJWS.sigvalH=p;this.parsedJWS.sigvalBI=n}var l=b64utoutf8(r);var t=b64utoutf8(m);this.parsedJWS.headS=l;this.parsedJWS.payloadS=t;if(!i.isSafeJSONString(l,this.parsedJWS,"headP")){throw"malformed JSON string for JWS Head: "+l}};function b(m,l){return utf8tob64u(m)+"."+utf8tob64u(l)}function f(n,m){var l=function(o){return KJUR.crypto.Util.hashString(o,m)};if(l==null){throw"hash function not defined in jsrsasign: "+m}return l(n)}function h(r,o,l,p,n){var q=b(r,o);var m=parseBigInt(l,16);return _rsasign_verifySignatureWithArgs(q,m,p,n)}this.verifyJWSByNE=function(n,m,l){this.parseJWS(n);return _rsasign_verifySignatureWithArgs(this.parsedJWS.si,this.parsedJWS.sigvalBI,m,l)};this.verifyJWSByKey=function(o,n){this.parseJWS(o);var l=c(this.parsedJWS.headP);var m=this.parsedJWS.headP.alg.substr(0,2)=="PS";if(n.hashAndVerify){return n.hashAndVerify(l,new Buffer(this.parsedJWS.si,"utf8").toString("base64"),b64utob64(this.parsedJWS.sigvalB64U),"base64",m)}else{if(m){return n.verifyStringPSS(this.parsedJWS.si,this.parsedJWS.sigvalH,l)}else{return n.verifyString(this.parsedJWS.si,this.parsedJWS.sigvalH)}}};this.verifyJWSByPemX509Cert=function(n,l){this.parseJWS(n);var m=new X509();m.readCertPEM(l);return m.subjectPublicKeyRSA.verifyString(this.parsedJWS.si,this.parsedJWS.sigvalH)};function c(m){var n=m.alg;var l="";if(n!="RS256"&&n!="RS512"&&n!="PS256"&&n!="PS512"){throw"JWS signature algorithm not supported: "+n}if(n.substr(2)=="256"){l="sha256"}if(n.substr(2)=="512"){l="sha512"}return l}function e(l){return c(jsonParse(l))}function k(l,q,t,n,r,s){var o=new RSAKey();o.setPrivate(n,r,s);var m=e(l);var p=o.signString(t,m);return p}function j(r,q,p,o,n){var l=null;if(typeof n=="undefined"){l=e(r)}else{l=c(n)}var m=n.alg.substr(0,2)=="PS";if(o.hashAndSign){return b64tob64u(o.hashAndSign(l,p,"binary","base64",m))}else{if(m){return hextob64u(o.signStringPSS(p,l))}else{return hextob64u(o.signString(p,l))}}}function g(q,n,p,m,o){var l=b(q,n);return k(q,n,l,p,m,o)}this.generateJWSByNED=function(s,o,r,n,q){if(!i.isSafeJSONString(s)){throw"JWS Head is not safe JSON string: "+s}var m=b(s,o);var p=k(s,o,m,r,n,q);var l=hextob64u(p);this.parsedJWS={};this.parsedJWS.headB64U=m.split(".")[0];this.parsedJWS.payloadB64U=m.split(".")[1];this.parsedJWS.sigvalB64U=l;return m+"."+l};this.generateJWSByKey=function(q,o,l){var p={};if(!i.isSafeJSONString(q,p,"headP")){throw"JWS Head is not safe JSON string: "+q}var n=b(q,o);var m=j(q,o,n,l,p.headP);this.parsedJWS={};this.parsedJWS.headB64U=n.split(".")[0];this.parsedJWS.payloadB64U=n.split(".")[1];this.parsedJWS.sigvalB64U=m;return n+"."+m};function d(r,q,p,m){var o=new RSAKey();o.readPrivateKeyFromPEMString(m);var l=e(r);var n=o.signString(p,l);return n}this.generateJWSByP1PrvKey=function(q,o,l){if(!i.isSafeJSONString(q)){throw"JWS Head is not safe JSON string: "+q}var n=b(q,o);var p=d(q,o,n,l);var m=hextob64u(p);this.parsedJWS={};this.parsedJWS.headB64U=n.split(".")[0];this.parsedJWS.payloadB64U=n.split(".")[1];this.parsedJWS.sigvalB64U=m;return n+"."+m}};KJUR.jws.JWS.sign=function(b,p,i,l,k){var j=KJUR.jws.JWS;if(!j.isSafeJSONString(p)){throw"JWS Head is not safe JSON string: "+p}var e=j.readSafeJSONString(p);if((b==""||b==null)&&e.alg!==undefined){b=e.alg}if((b!=""&&b!=null)&&e.alg===undefined){e.alg=b;p=JSON.stringify(e)}var d=null;if(j.jwsalg2sigalg[b]===undefined){throw"unsupported alg name: "+b}else{d=j.jwsalg2sigalg[b]}var c=utf8tob64u(p);var g=utf8tob64u(i);var n=c+"."+g;var m="";if(d.substr(0,4)=="Hmac"){if(l===undefined){throw"hexadecimal key shall be specified for HMAC"}var h=new KJUR.crypto.Mac({alg:d,pass:hextorstr(l)});h.updateString(n);m=h.doFinal()}else{if(d.indexOf("withECDSA")!=-1){var o=new KJUR.crypto.Signature({alg:d});o.init(l,k);o.updateString(n);hASN1Sig=o.sign();m=KJUR.crypto.ECDSA.asn1SigToConcatSig(hASN1Sig)}else{if(d!="none"){var o=new KJUR.crypto.Signature({alg:d});o.init(l,k);o.updateString(n);m=o.sign()}}}var f=hextob64u(m);return n+"."+f};KJUR.jws.JWS.verify=function(o,s,j){var l=KJUR.jws.JWS;var p=o.split(".");var d=p[0];var k=p[1];var b=d+"."+k;var q=b64utohex(p[2]);var i=l.readSafeJSONString(b64utoutf8(p[0]));var h=null;var r=null;if(i.alg===undefined){throw"algorithm not specified in header"}else{h=i.alg;r=h.substr(0,2)}if(j!=null&&Object.prototype.toString.call(j)==="[object Array]"&&j.length>0){var c=":"+j.join(":")+":";if(c.indexOf(":"+h+":")==-1){throw"algorithm '"+h+"' not accepted in the list"}}if(h!="none"&&s===null){throw"key shall be specified to verify."}if(r=="HS"){if(typeof s!="string"&&s.length!=0&&s.length%2!=0&&!s.match(/^[0-9A-Fa-f]+/)){throw"key shall be a hexadecimal str for HS* algs"}}if(typeof s=="string"&&s.indexOf("-----BEGIN ")!=-1){s=KEYUTIL.getKey(s)}if(r=="RS"||r=="PS"){if(!(s instanceof RSAKey)){throw"key shall be a RSAKey obj for RS* and PS* algs"}}if(r=="ES"){if(!(s instanceof KJUR.crypto.ECDSA)){throw"key shall be a ECDSA obj for ES* algs"}}if(h=="none"){}var m=null;if(l.jwsalg2sigalg[i.alg]===undefined){throw"unsupported alg name: "+h}else{m=l.jwsalg2sigalg[h]}if(m=="none"){throw"not supported"}else{if(m.substr(0,4)=="Hmac"){if(s===undefined){throw"hexadecimal key shall be specified for HMAC"}var g=new KJUR.crypto.Mac({alg:m,pass:hextorstr(s)});g.updateString(b);hSig2=g.doFinal();return q==hSig2}else{if(m.indexOf("withECDSA")!=-1){var f=null;try{f=KJUR.crypto.ECDSA.concatSigToASN1Sig(q)}catch(n){return false}var e=new KJUR.crypto.Signature({alg:m});e.init(s);e.updateString(b);return e.verify(f)}else{var e=new KJUR.crypto.Signature({alg:m});e.init(s);e.updateString(b);return e.verify(q)}}}};KJUR.jws.JWS.verifyJWT=function(d,j,l){var h=KJUR.jws.JWS;var i=d.split(".");var c=i[0];var g=i[1];var m=c+"."+g;var k=b64utohex(i[2]);var f=h.readSafeJSONString(b64utoutf8(c));var e=h.readSafeJSONString(b64utoutf8(g));if(f.alg===undefined){return false}if(l.alg===undefined){throw"acceptField.alg shall be specified"}if(!h.inArray(f.alg,l.alg)){return false}if(e.iss!==undefined&&typeof l.iss==="object"){if(!h.inArray(e.iss,l.iss)){return false}}if(e.sub!==undefined&&typeof l.sub==="object"){if(!h.inArray(e.sub,l.sub)){return false}}if(e.aud!==undefined&&typeof l.aud==="object"){if(typeof e.aud=="string"){if(!h.inArray(e.aud,l.aud)){return false}}else{if(typeof e.aud=="object"){if(!h.includedArray(e.aud,l.aud)){return false}}}}var b=KJUR.jws.IntDate.getNow();if(l.verifyAt!==undefined&&typeof l.verifyAt=="number"){b=l.verifyAt}if(e.exp!==undefined&&typeof e.exp=="number"){if(e.expd){throw"key is too short for SigAlg: keylen="+j+","+a}var b="0001";var k="00"+c;var g="";var l=d-b.length-k.length;for(var f=0;f=s*2){break}}var x={};x.keyhex=v.substr(0,g[o]["keylen"]*2);x.ivhex=v.substr(g[o]["keylen"]*2,g[o]["ivlen"]*2);return x};var a=function(n,t,p,u){var q=CryptoJS.enc.Base64.parse(n);var o=CryptoJS.enc.Hex.stringify(q);var s=g[t]["proc"];var r=s(o,p,u);return r};var f=function(n,q,o,s){var p=g[q]["eproc"];var r=p(n,o,s);return r};return{version:"1.0.5",getHexFromPEM:function(o,r){var p=o;if(p.indexOf("BEGIN "+r)==-1){throw"can't find PEM header: "+r}p=p.replace("-----BEGIN "+r+"-----","");p=p.replace("-----END "+r+"-----","");var q=p.replace(/\s+/g,"");var n=b64tohex(q);return n},getDecryptedKeyHexByKeyIV:function(o,r,q,p){var n=b(r);return n(o,q,p)},parsePKCS5PEM:function(n){return l(n)},getKeyAndUnusedIvByPasscodeAndIvsalt:function(o,n,p){return h(o,n,p)},decryptKeyB64:function(n,p,o,q){return a(n,p,o,q)},getDecryptedKeyHex:function(w,v){var o=l(w);var r=o.type;var p=o.cipher;var n=o.ivsalt;var q=o.data;var u=h(p,v,n);var t=u.keyhex;var s=a(q,p,t,n);return s},getRSAKeyFromEncryptedPKCS5PEM:function(p,o){var q=this.getDecryptedKeyHex(p,o);var n=new RSAKey();n.readPrivateKeyFromASN1HexString(q);return n},getEryptedPKCS5PEMFromPrvKeyHex:function(q,x,r,p){var n="";if(typeof r=="undefined"||r==null){r="AES-256-CBC"}if(typeof g[r]=="undefined"){throw"PKCS5PKEY unsupported algorithm: "+r}if(typeof p=="undefined"||p==null){var t=g[r]["ivlen"];var s=k(t);p=s.toUpperCase()}var w=h(r,x,p);var v=w.keyhex;var u=f(q,r,v,p);var o=u.replace(/(.{64})/g,"$1\r\n");var n="-----BEGIN RSA PRIVATE KEY-----\r\n";n+="Proc-Type: 4,ENCRYPTED\r\n";n+="DEK-Info: "+r+","+p+"\r\n";n+="\r\n";n+=o;n+="\r\n-----END RSA PRIVATE KEY-----\r\n";return n},getEryptedPKCS5PEMFromRSAKey:function(C,D,o,s){var A=new KJUR.asn1.DERInteger({"int":0});var v=new KJUR.asn1.DERInteger({bigint:C.n});var z=new KJUR.asn1.DERInteger({"int":C.e});var B=new KJUR.asn1.DERInteger({bigint:C.d});var t=new KJUR.asn1.DERInteger({bigint:C.p});var r=new KJUR.asn1.DERInteger({bigint:C.q});var y=new KJUR.asn1.DERInteger({bigint:C.dmp1});var u=new KJUR.asn1.DERInteger({bigint:C.dmq1});var x=new KJUR.asn1.DERInteger({bigint:C.coeff});var E=new KJUR.asn1.DERSequence({array:[A,v,z,B,t,r,y,u,x]});var w=E.getEncodedHex();return this.getEryptedPKCS5PEMFromPrvKeyHex(w,D,o,s)},newEncryptedPKCS5PEM:function(n,o,r,s){if(typeof o=="undefined"||o==null){o=1024}if(typeof r=="undefined"||r==null){r="10001"}var p=new RSAKey();p.generate(o,r);var q=null;if(typeof s=="undefined"||s==null){q=this.getEncryptedPKCS5PEMFromRSAKey(pkey,n)}else{q=this.getEncryptedPKCS5PEMFromRSAKey(pkey,n,s)}return q},getRSAKeyFromPlainPKCS8PEM:function(p){if(p.match(/ENCRYPTED/)){throw"pem shall be not ENCRYPTED"}var o=this.getHexFromPEM(p,"PRIVATE KEY");var n=this.getRSAKeyFromPlainPKCS8Hex(o);return n},getRSAKeyFromPlainPKCS8Hex:function(q){var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,0);if(p.length!=3){throw"outer DERSequence shall have 3 elements: "+p.length}var o=ASN1HEX.getHexOfTLV_AtObj(q,p[1]);if(o!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmIdentifier is not rsaEnc: "+o}var o=ASN1HEX.getHexOfTLV_AtObj(q,p[1]);var r=ASN1HEX.getHexOfTLV_AtObj(q,p[2]);var s=ASN1HEX.getHexOfV_AtObj(r,0);var n=new RSAKey();n.readPrivateKeyFromASN1HexString(s);return n},parseHexOfEncryptedPKCS8:function(u){var q={};var p=ASN1HEX.getPosArrayOfChildren_AtObj(u,0);if(p.length!=2){throw"malformed format: SEQUENCE(0).items != 2: "+p.length}q.ciphertext=ASN1HEX.getHexOfV_AtObj(u,p[1]);var w=ASN1HEX.getPosArrayOfChildren_AtObj(u,p[0]);if(w.length!=2){throw"malformed format: SEQUENCE(0.0).items != 2: "+w.length}if(ASN1HEX.getHexOfV_AtObj(u,w[0])!="2a864886f70d01050d"){throw"this only supports pkcs5PBES2"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(u,w[1]);if(w.length!=2){throw"malformed format: SEQUENCE(0.0.1).items != 2: "+n.length}var o=ASN1HEX.getPosArrayOfChildren_AtObj(u,n[1]);if(o.length!=2){throw"malformed format: SEQUENCE(0.0.1.1).items != 2: "+o.length}if(ASN1HEX.getHexOfV_AtObj(u,o[0])!="2a864886f70d0307"){throw"this only supports TripleDES"}q.encryptionSchemeAlg="TripleDES";q.encryptionSchemeIV=ASN1HEX.getHexOfV_AtObj(u,o[1]);var r=ASN1HEX.getPosArrayOfChildren_AtObj(u,n[0]);if(r.length!=2){throw"malformed format: SEQUENCE(0.0.1.0).items != 2: "+r.length}if(ASN1HEX.getHexOfV_AtObj(u,r[0])!="2a864886f70d01050c"){throw"this only supports pkcs5PBKDF2"}var v=ASN1HEX.getPosArrayOfChildren_AtObj(u,r[1]);if(v.length<2){throw"malformed format: SEQUENCE(0.0.1.0.1).items < 2: "+v.length}q.pbkdf2Salt=ASN1HEX.getHexOfV_AtObj(u,v[0]);var s=ASN1HEX.getHexOfV_AtObj(u,v[1]);try{q.pbkdf2Iter=parseInt(s,16)}catch(t){throw"malformed format pbkdf2Iter: "+s}return q},getPBKDF2KeyHexFromParam:function(s,n){var r=CryptoJS.enc.Hex.parse(s.pbkdf2Salt);var o=s.pbkdf2Iter;var q=CryptoJS.PBKDF2(n,r,{keySize:192/32,iterations:o});var p=CryptoJS.enc.Hex.stringify(q);return p},getPlainPKCS8HexFromEncryptedPKCS8PEM:function(v,w){var p=this.getHexFromPEM(v,"ENCRYPTED PRIVATE KEY");var n=this.parseHexOfEncryptedPKCS8(p);var s=PKCS5PKEY.getPBKDF2KeyHexFromParam(n,w);var t={};t.ciphertext=CryptoJS.enc.Hex.parse(n.ciphertext);var r=CryptoJS.enc.Hex.parse(s);var q=CryptoJS.enc.Hex.parse(n.encryptionSchemeIV);var u=CryptoJS.TripleDES.decrypt(t,r,{iv:q});var o=CryptoJS.enc.Hex.stringify(u);return o},getRSAKeyFromEncryptedPKCS8PEM:function(q,p){var o=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(q,p);var n=this.getRSAKeyFromPlainPKCS8Hex(o);return n},getKeyFromEncryptedPKCS8PEM:function(q,o){var n=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(q,o);var p=this.getKeyFromPlainPrivatePKCS8Hex(n);return p},parsePlainPrivatePKCS8Hex:function(q){var o={};o.algparam=null;if(q.substr(0,2)!="30"){throw"malformed plain PKCS8 private key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,0);if(p.length!=3){throw"malformed plain PKCS8 private key(code:002)"}if(q.substr(p[1],2)!="30"){throw"malformed PKCS8 private key(code:003)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(q,p[1]);if(n.length!=2){throw"malformed PKCS8 private key(code:004)"}if(q.substr(n[0],2)!="06"){throw"malformed PKCS8 private key(code:005)"}o.algoid=ASN1HEX.getHexOfV_AtObj(q,n[0]);if(q.substr(n[1],2)=="06"){o.algparam=ASN1HEX.getHexOfV_AtObj(q,n[1])}if(q.substr(p[2],2)!="04"){throw"malformed PKCS8 private key(code:006)"}o.keyidx=ASN1HEX.getStartPosOfV_AtObj(q,p[2]);return o},getKeyFromPlainPrivatePKCS8PEM:function(o){var n=this.getHexFromPEM(o,"PRIVATE KEY");var p=this.getKeyFromPlainPrivatePKCS8Hex(n);return p},getKeyFromPlainPrivatePKCS8Hex:function(n){var p=this.parsePlainPrivatePKCS8Hex(n);if(p.algoid=="2a864886f70d010101"){this.parsePrivateRawRSAKeyHexAtObj(n,p);var o=p.key;var q=new RSAKey();q.setPrivateEx(o.n,o.e,o.d,o.p,o.q,o.dp,o.dq,o.co);return q}else{if(p.algoid=="2a8648ce3d0201"){this.parsePrivateRawECKeyHexAtObj(n,p);if(KJUR.crypto.OID.oidhex2name[p.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+p.algparam}var r=KJUR.crypto.OID.oidhex2name[p.algparam];var q=new KJUR.crypto.ECDSA({curve:r,prv:p.key});return q}else{throw"unsupported private key algorithm"}}},getRSAKeyFromPublicPKCS8PEM:function(o){var p=this.getHexFromPEM(o,"PUBLIC KEY");var n=this.getRSAKeyFromPublicPKCS8Hex(p);return n},getKeyFromPublicPKCS8PEM:function(o){var p=this.getHexFromPEM(o,"PUBLIC KEY");var n=this.getKeyFromPublicPKCS8Hex(p);return n},getKeyFromPublicPKCS8Hex:function(o){var n=this.parsePublicPKCS8Hex(o);if(n.algoid=="2a864886f70d010101"){var r=this.parsePublicRawRSAKeyHex(n.key);var p=new RSAKey();p.setPublic(r.n,r.e);return p}else{if(n.algoid=="2a8648ce3d0201"){if(KJUR.crypto.OID.oidhex2name[n.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+n.algparam}var q=KJUR.crypto.OID.oidhex2name[n.algparam];var p=new KJUR.crypto.ECDSA({curve:q,pub:n.key});return p}else{throw"unsupported public key algorithm"}}},parsePublicRawRSAKeyHex:function(p){var n={};if(p.substr(0,2)!="30"){throw"malformed RSA key(code:001)"}var o=ASN1HEX.getPosArrayOfChildren_AtObj(p,0);if(o.length!=2){throw"malformed RSA key(code:002)"}if(p.substr(o[0],2)!="02"){throw"malformed RSA key(code:003)"}n.n=ASN1HEX.getHexOfV_AtObj(p,o[0]);if(p.substr(o[1],2)!="02"){throw"malformed RSA key(code:004)"}n.e=ASN1HEX.getHexOfV_AtObj(p,o[1]);return n},parsePrivateRawRSAKeyHexAtObj:function(o,q){var p=q.keyidx;if(o.substr(p,2)!="30"){throw"malformed RSA private key(code:001)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(o,p);if(n.length!=9){throw"malformed RSA private key(code:002)"}q.key={};q.key.n=ASN1HEX.getHexOfV_AtObj(o,n[1]);q.key.e=ASN1HEX.getHexOfV_AtObj(o,n[2]);q.key.d=ASN1HEX.getHexOfV_AtObj(o,n[3]);q.key.p=ASN1HEX.getHexOfV_AtObj(o,n[4]);q.key.q=ASN1HEX.getHexOfV_AtObj(o,n[5]);q.key.dp=ASN1HEX.getHexOfV_AtObj(o,n[6]);q.key.dq=ASN1HEX.getHexOfV_AtObj(o,n[7]);q.key.co=ASN1HEX.getHexOfV_AtObj(o,n[8])},parsePrivateRawECKeyHexAtObj:function(o,q){var p=q.keyidx;if(o.substr(p,2)!="30"){throw"malformed ECC private key(code:001)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(o,p);if(n.length!=3){throw"malformed ECC private key(code:002)"}if(o.substr(n[1],2)!="04"){throw"malformed ECC private key(code:003)"}q.key=ASN1HEX.getHexOfV_AtObj(o,n[1])},parsePublicPKCS8Hex:function(q){var o={};o.algparam=null;var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,0);if(p.length!=2){throw"outer DERSequence shall have 2 elements: "+p.length}var r=p[0];if(q.substr(r,2)!="30"){throw"malformed PKCS8 public key(code:001)"}var n=ASN1HEX.getPosArrayOfChildren_AtObj(q,r);if(n.length!=2){throw"malformed PKCS8 public key(code:002)"}if(q.substr(n[0],2)!="06"){throw"malformed PKCS8 public key(code:003)"}o.algoid=ASN1HEX.getHexOfV_AtObj(q,n[0]);if(q.substr(n[1],2)=="06"){o.algparam=ASN1HEX.getHexOfV_AtObj(q,n[1])}if(q.substr(p[1],2)!="03"){throw"malformed PKCS8 public key(code:004)"}o.key=ASN1HEX.getHexOfV_AtObj(q,p[1]).substr(2);return o},getRSAKeyFromPublicPKCS8Hex:function(r){var q=ASN1HEX.getPosArrayOfChildren_AtObj(r,0);if(q.length!=2){throw"outer DERSequence shall have 2 elements: "+q.length}var p=ASN1HEX.getHexOfTLV_AtObj(r,q[0]);if(p!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmId is not rsaEncryption"}if(r.substr(q[1],2)!="03"){throw"PKCS8 Public Key is not BITSTRING encapslated."}var t=ASN1HEX.getStartPosOfV_AtObj(r,q[1])+2;if(r.substr(t,2)!="30"){throw"PKCS8 Public Key is not SEQUENCE."}var n=ASN1HEX.getPosArrayOfChildren_AtObj(r,t);if(n.length!=2){throw"inner DERSequence shall have 2 elements: "+n.length}if(r.substr(n[0],2)!="02"){throw"N is not ASN.1 INTEGER"}if(r.substr(n[1],2)!="02"){throw"E is not ASN.1 INTEGER"}var u=ASN1HEX.getHexOfV_AtObj(r,n[0]);var s=ASN1HEX.getHexOfV_AtObj(r,n[1]);var o=new RSAKey();o.setPublic(u,s);return o},}}();
-/*! keyutil-1.0.7.js (c) 2013-2014 Kenji Urushima | kjur.github.com/jsrsasign/license
+/*! keyutil-1.0.8.js (c) 2013-2015 Kenji Urushima | kjur.github.com/jsrsasign/license
  */
-var KEYUTIL=function(){var d=function(p,r,q){return k(CryptoJS.AES,p,r,q)};var e=function(p,r,q){return k(CryptoJS.TripleDES,p,r,q)};var a=function(p,r,q){return k(CryptoJS.DES,p,r,q)};var k=function(s,x,u,q){var r=CryptoJS.enc.Hex.parse(x);var w=CryptoJS.enc.Hex.parse(u);var p=CryptoJS.enc.Hex.parse(q);var t={};t.key=w;t.iv=p;t.ciphertext=r;var v=s.decrypt(t,w,{iv:p});return CryptoJS.enc.Hex.stringify(v)};var l=function(p,r,q){return g(CryptoJS.AES,p,r,q)};var o=function(p,r,q){return g(CryptoJS.TripleDES,p,r,q)};var f=function(p,r,q){return g(CryptoJS.DES,p,r,q)};var g=function(t,y,v,q){var s=CryptoJS.enc.Hex.parse(y);var x=CryptoJS.enc.Hex.parse(v);var p=CryptoJS.enc.Hex.parse(q);var w=t.encrypt(s,x,{iv:p});var r=CryptoJS.enc.Hex.parse(w.toString());var u=CryptoJS.enc.Base64.stringify(r);return u};var i={"AES-256-CBC":{proc:d,eproc:l,keylen:32,ivlen:16},"AES-192-CBC":{proc:d,eproc:l,keylen:24,ivlen:16},"AES-128-CBC":{proc:d,eproc:l,keylen:16,ivlen:16},"DES-EDE3-CBC":{proc:e,eproc:o,keylen:24,ivlen:8},"DES-CBC":{proc:a,eproc:f,keylen:8,ivlen:8}};var c=function(p){return i[p]["proc"]};var m=function(p){var r=CryptoJS.lib.WordArray.random(p);var q=CryptoJS.enc.Hex.stringify(r);return q};var n=function(t){var u={};if(t.match(new RegExp("DEK-Info: ([^,]+),([0-9A-Fa-f]+)","m"))){u.cipher=RegExp.$1;u.ivsalt=RegExp.$2}if(t.match(new RegExp("-----BEGIN ([A-Z]+) PRIVATE KEY-----"))){u.type=RegExp.$1}var r=-1;var v=0;if(t.indexOf("\r\n\r\n")!=-1){r=t.indexOf("\r\n\r\n");v=2}if(t.indexOf("\n\n")!=-1){r=t.indexOf("\n\n");v=1}var q=t.indexOf("-----END");if(r!=-1&&q!=-1){var p=t.substring(r+v*2,q-v);p=p.replace(/\s+/g,"");u.data=p}return u};var j=function(q,y,p){var v=p.substring(0,16);var t=CryptoJS.enc.Hex.parse(v);var r=CryptoJS.enc.Utf8.parse(y);var u=i[q]["keylen"]+i[q]["ivlen"];var x="";var w=null;for(;;){var s=CryptoJS.algo.MD5.create();if(w!=null){s.update(w)}s.update(r);s.update(t);w=s.finalize();x=x+CryptoJS.enc.Hex.stringify(w);if(x.length>=u*2){break}}var z={};z.keyhex=x.substr(0,i[q]["keylen"]*2);z.ivhex=x.substr(i[q]["keylen"]*2,i[q]["ivlen"]*2);return z};var b=function(p,v,r,w){var s=CryptoJS.enc.Base64.parse(p);var q=CryptoJS.enc.Hex.stringify(s);var u=i[v]["proc"];var t=u(q,r,w);return t};var h=function(p,s,q,u){var r=i[s]["eproc"];var t=r(p,q,u);return t};return{version:"1.0.0",getHexFromPEM:function(q,u){var r=q;if(r.indexOf("-----BEGIN ")==-1){throw"can't find PEM header: "+u}if(typeof u=="string"&&u!=""){r=r.replace("-----BEGIN "+u+"-----","");r=r.replace("-----END "+u+"-----","")}else{r=r.replace(/-----BEGIN [^-]+-----/,"");r=r.replace(/-----END [^-]+-----/,"")}var t=r.replace(/\s+/g,"");var p=b64tohex(t);return p},getDecryptedKeyHexByKeyIV:function(q,t,s,r){var p=c(t);return p(q,s,r)},parsePKCS5PEM:function(p){return n(p)},getKeyAndUnusedIvByPasscodeAndIvsalt:function(q,p,r){return j(q,p,r)},decryptKeyB64:function(p,r,q,s){return b(p,r,q,s)},getDecryptedKeyHex:function(y,x){var q=n(y);var t=q.type;var r=q.cipher;var p=q.ivsalt;var s=q.data;var w=j(r,x,p);var v=w.keyhex;var u=b(s,r,v,p);return u},getRSAKeyFromEncryptedPKCS5PEM:function(r,q){var s=this.getDecryptedKeyHex(r,q);var p=new RSAKey();p.readPrivateKeyFromASN1HexString(s);return p},getEncryptedPKCS5PEMFromPrvKeyHex:function(x,s,A,t,r){var p="";if(typeof t=="undefined"||t==null){t="AES-256-CBC"}if(typeof i[t]=="undefined"){throw"KEYUTIL unsupported algorithm: "+t}if(typeof r=="undefined"||r==null){var v=i[t]["ivlen"];var u=m(v);r=u.toUpperCase()}var z=j(t,A,r);var y=z.keyhex;var w=h(s,t,y,r);var q=w.replace(/(.{64})/g,"$1\r\n");var p="-----BEGIN "+x+" PRIVATE KEY-----\r\n";p+="Proc-Type: 4,ENCRYPTED\r\n";p+="DEK-Info: "+t+","+r+"\r\n";p+="\r\n";p+=q;p+="\r\n-----END "+x+" PRIVATE KEY-----\r\n";return p},getEncryptedPKCS5PEMFromRSAKey:function(D,E,r,t){var B=new KJUR.asn1.DERInteger({"int":0});var w=new KJUR.asn1.DERInteger({bigint:D.n});var A=new KJUR.asn1.DERInteger({"int":D.e});var C=new KJUR.asn1.DERInteger({bigint:D.d});var u=new KJUR.asn1.DERInteger({bigint:D.p});var s=new KJUR.asn1.DERInteger({bigint:D.q});var z=new KJUR.asn1.DERInteger({bigint:D.dmp1});var v=new KJUR.asn1.DERInteger({bigint:D.dmq1});var y=new KJUR.asn1.DERInteger({bigint:D.coeff});var F=new KJUR.asn1.DERSequence({array:[B,w,A,C,u,s,z,v,y]});var x=F.getEncodedHex();return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA",x,E,r,t)},newEncryptedPKCS5PEM:function(p,q,t,u){if(typeof q=="undefined"||q==null){q=1024}if(typeof t=="undefined"||t==null){t="10001"}var r=new RSAKey();r.generate(q,t);var s=null;if(typeof u=="undefined"||u==null){s=this.getEncryptedPKCS5PEMFromRSAKey(r,p)}else{s=this.getEncryptedPKCS5PEMFromRSAKey(r,p,u)}return s},getRSAKeyFromPlainPKCS8PEM:function(r){if(r.match(/ENCRYPTED/)){throw"pem shall be not ENCRYPTED"}var q=this.getHexFromPEM(r,"PRIVATE KEY");var p=this.getRSAKeyFromPlainPKCS8Hex(q);return p},getRSAKeyFromPlainPKCS8Hex:function(s){var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=3){throw"outer DERSequence shall have 3 elements: "+r.length}var q=ASN1HEX.getHexOfTLV_AtObj(s,r[1]);if(q!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmIdentifier is not rsaEnc: "+q}var q=ASN1HEX.getHexOfTLV_AtObj(s,r[1]);var t=ASN1HEX.getHexOfTLV_AtObj(s,r[2]);var u=ASN1HEX.getHexOfV_AtObj(t,0);var p=new RSAKey();p.readPrivateKeyFromASN1HexString(u);return p},parseHexOfEncryptedPKCS8:function(w){var s={};var r=ASN1HEX.getPosArrayOfChildren_AtObj(w,0);if(r.length!=2){throw"malformed format: SEQUENCE(0).items != 2: "+r.length}s.ciphertext=ASN1HEX.getHexOfV_AtObj(w,r[1]);var y=ASN1HEX.getPosArrayOfChildren_AtObj(w,r[0]);if(y.length!=2){throw"malformed format: SEQUENCE(0.0).items != 2: "+y.length}if(ASN1HEX.getHexOfV_AtObj(w,y[0])!="2a864886f70d01050d"){throw"this only supports pkcs5PBES2"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(w,y[1]);if(y.length!=2){throw"malformed format: SEQUENCE(0.0.1).items != 2: "+p.length}var q=ASN1HEX.getPosArrayOfChildren_AtObj(w,p[1]);if(q.length!=2){throw"malformed format: SEQUENCE(0.0.1.1).items != 2: "+q.length}if(ASN1HEX.getHexOfV_AtObj(w,q[0])!="2a864886f70d0307"){throw"this only supports TripleDES"}s.encryptionSchemeAlg="TripleDES";s.encryptionSchemeIV=ASN1HEX.getHexOfV_AtObj(w,q[1]);var t=ASN1HEX.getPosArrayOfChildren_AtObj(w,p[0]);if(t.length!=2){throw"malformed format: SEQUENCE(0.0.1.0).items != 2: "+t.length}if(ASN1HEX.getHexOfV_AtObj(w,t[0])!="2a864886f70d01050c"){throw"this only supports pkcs5PBKDF2"}var x=ASN1HEX.getPosArrayOfChildren_AtObj(w,t[1]);if(x.length<2){throw"malformed format: SEQUENCE(0.0.1.0.1).items < 2: "+x.length}s.pbkdf2Salt=ASN1HEX.getHexOfV_AtObj(w,x[0]);var u=ASN1HEX.getHexOfV_AtObj(w,x[1]);try{s.pbkdf2Iter=parseInt(u,16)}catch(v){throw"malformed format pbkdf2Iter: "+u}return s},getPBKDF2KeyHexFromParam:function(u,p){var t=CryptoJS.enc.Hex.parse(u.pbkdf2Salt);var q=u.pbkdf2Iter;var s=CryptoJS.PBKDF2(p,t,{keySize:192/32,iterations:q});var r=CryptoJS.enc.Hex.stringify(s);return r},getPlainPKCS8HexFromEncryptedPKCS8PEM:function(x,y){var r=this.getHexFromPEM(x,"ENCRYPTED PRIVATE KEY");var p=this.parseHexOfEncryptedPKCS8(r);var u=KEYUTIL.getPBKDF2KeyHexFromParam(p,y);var v={};v.ciphertext=CryptoJS.enc.Hex.parse(p.ciphertext);var t=CryptoJS.enc.Hex.parse(u);var s=CryptoJS.enc.Hex.parse(p.encryptionSchemeIV);var w=CryptoJS.TripleDES.decrypt(v,t,{iv:s});var q=CryptoJS.enc.Hex.stringify(w);return q},getRSAKeyFromEncryptedPKCS8PEM:function(s,r){var q=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(s,r);var p=this.getRSAKeyFromPlainPKCS8Hex(q);return p},getKeyFromEncryptedPKCS8PEM:function(s,q){var p=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(s,q);var r=this.getKeyFromPlainPrivatePKCS8Hex(p);return r},parsePlainPrivatePKCS8Hex:function(s){var q={};q.algparam=null;if(s.substr(0,2)!="30"){throw"malformed plain PKCS8 private key(code:001)"}var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=3){throw"malformed plain PKCS8 private key(code:002)"}if(s.substr(r[1],2)!="30"){throw"malformed PKCS8 private key(code:003)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(s,r[1]);if(p.length!=2){throw"malformed PKCS8 private key(code:004)"}if(s.substr(p[0],2)!="06"){throw"malformed PKCS8 private key(code:005)"}q.algoid=ASN1HEX.getHexOfV_AtObj(s,p[0]);if(s.substr(p[1],2)=="06"){q.algparam=ASN1HEX.getHexOfV_AtObj(s,p[1])}if(s.substr(r[2],2)!="04"){throw"malformed PKCS8 private key(code:006)"}q.keyidx=ASN1HEX.getStartPosOfV_AtObj(s,r[2]);return q},getKeyFromPlainPrivatePKCS8PEM:function(q){var p=this.getHexFromPEM(q,"PRIVATE KEY");var r=this.getKeyFromPlainPrivatePKCS8Hex(p);return r},getKeyFromPlainPrivatePKCS8Hex:function(p){var w=this.parsePlainPrivatePKCS8Hex(p);if(w.algoid=="2a864886f70d010101"){this.parsePrivateRawRSAKeyHexAtObj(p,w);var u=w.key;var z=new RSAKey();z.setPrivateEx(u.n,u.e,u.d,u.p,u.q,u.dp,u.dq,u.co);return z}else{if(w.algoid=="2a8648ce3d0201"){this.parsePrivateRawECKeyHexAtObj(p,w);if(KJUR.crypto.OID.oidhex2name[w.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+w.algparam}var v=KJUR.crypto.OID.oidhex2name[w.algparam];var z=new KJUR.crypto.ECDSA({curve:v});z.setPublicKeyHex(w.pubkey);z.setPrivateKeyHex(w.key);z.isPublic=false;return z}else{if(w.algoid=="2a8648ce380401"){var t=ASN1HEX.getVbyList(p,0,[1,1,0],"02");var s=ASN1HEX.getVbyList(p,0,[1,1,1],"02");var y=ASN1HEX.getVbyList(p,0,[1,1,2],"02");var B=ASN1HEX.getVbyList(p,0,[2,0],"02");var r=new BigInteger(t,16);var q=new BigInteger(s,16);var x=new BigInteger(y,16);var A=new BigInteger(B,16);var z=new KJUR.crypto.DSA();z.setPrivate(r,q,x,null,A);return z}else{throw"unsupported private key algorithm"}}}},getRSAKeyFromPublicPKCS8PEM:function(q){var r=this.getHexFromPEM(q,"PUBLIC KEY");var p=this.getRSAKeyFromPublicPKCS8Hex(r);return p},getKeyFromPublicPKCS8PEM:function(q){var r=this.getHexFromPEM(q,"PUBLIC KEY");var p=this.getKeyFromPublicPKCS8Hex(r);return p},getKeyFromPublicPKCS8Hex:function(q){var p=this.parsePublicPKCS8Hex(q);if(p.algoid=="2a864886f70d010101"){var u=this.parsePublicRawRSAKeyHex(p.key);var r=new RSAKey();r.setPublic(u.n,u.e);return r}else{if(p.algoid=="2a8648ce3d0201"){if(KJUR.crypto.OID.oidhex2name[p.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+p.algparam}var s=KJUR.crypto.OID.oidhex2name[p.algparam];var r=new KJUR.crypto.ECDSA({curve:s,pub:p.key});return r}else{if(p.algoid=="2a8648ce380401"){var t=p.algparam;var v=ASN1HEX.getHexOfV_AtObj(p.key,0);var r=new KJUR.crypto.DSA();r.setPublic(new BigInteger(t.p,16),new BigInteger(t.q,16),new BigInteger(t.g,16),new BigInteger(v,16));return r}else{throw"unsupported public key algorithm"}}}},parsePublicRawRSAKeyHex:function(r){var p={};if(r.substr(0,2)!="30"){throw"malformed RSA key(code:001)"}var q=ASN1HEX.getPosArrayOfChildren_AtObj(r,0);if(q.length!=2){throw"malformed RSA key(code:002)"}if(r.substr(q[0],2)!="02"){throw"malformed RSA key(code:003)"}p.n=ASN1HEX.getHexOfV_AtObj(r,q[0]);if(r.substr(q[1],2)!="02"){throw"malformed RSA key(code:004)"}p.e=ASN1HEX.getHexOfV_AtObj(r,q[1]);return p},parsePrivateRawRSAKeyHexAtObj:function(q,s){var r=s.keyidx;if(q.substr(r,2)!="30"){throw"malformed RSA private key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,r);if(p.length!=9){throw"malformed RSA private key(code:002)"}s.key={};s.key.n=ASN1HEX.getHexOfV_AtObj(q,p[1]);s.key.e=ASN1HEX.getHexOfV_AtObj(q,p[2]);s.key.d=ASN1HEX.getHexOfV_AtObj(q,p[3]);s.key.p=ASN1HEX.getHexOfV_AtObj(q,p[4]);s.key.q=ASN1HEX.getHexOfV_AtObj(q,p[5]);s.key.dp=ASN1HEX.getHexOfV_AtObj(q,p[6]);s.key.dq=ASN1HEX.getHexOfV_AtObj(q,p[7]);s.key.co=ASN1HEX.getHexOfV_AtObj(q,p[8])},parsePrivateRawECKeyHexAtObj:function(p,t){var q=t.keyidx;var r=ASN1HEX.getVbyList(p,q,[1],"04");var s=ASN1HEX.getVbyList(p,q,[2,0],"03").substr(2);t.key=r;t.pubkey=s},parsePublicPKCS8Hex:function(s){var q={};q.algparam=null;var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=2){throw"outer DERSequence shall have 2 elements: "+r.length}var t=r[0];if(s.substr(t,2)!="30"){throw"malformed PKCS8 public key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(s,t);if(p.length!=2){throw"malformed PKCS8 public key(code:002)"}if(s.substr(p[0],2)!="06"){throw"malformed PKCS8 public key(code:003)"}q.algoid=ASN1HEX.getHexOfV_AtObj(s,p[0]);if(s.substr(p[1],2)=="06"){q.algparam=ASN1HEX.getHexOfV_AtObj(s,p[1])}else{if(s.substr(p[1],2)=="30"){q.algparam={};q.algparam.p=ASN1HEX.getVbyList(s,p[1],[0],"02");q.algparam.q=ASN1HEX.getVbyList(s,p[1],[1],"02");q.algparam.g=ASN1HEX.getVbyList(s,p[1],[2],"02")}}if(s.substr(r[1],2)!="03"){throw"malformed PKCS8 public key(code:004)"}q.key=ASN1HEX.getHexOfV_AtObj(s,r[1]).substr(2);return q},getRSAKeyFromPublicPKCS8Hex:function(t){var s=ASN1HEX.getPosArrayOfChildren_AtObj(t,0);if(s.length!=2){throw"outer DERSequence shall have 2 elements: "+s.length}var r=ASN1HEX.getHexOfTLV_AtObj(t,s[0]);if(r!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmId is not rsaEncryption"}if(t.substr(s[1],2)!="03"){throw"PKCS8 Public Key is not BITSTRING encapslated."}var v=ASN1HEX.getStartPosOfV_AtObj(t,s[1])+2;if(t.substr(v,2)!="30"){throw"PKCS8 Public Key is not SEQUENCE."}var p=ASN1HEX.getPosArrayOfChildren_AtObj(t,v);if(p.length!=2){throw"inner DERSequence shall have 2 elements: "+p.length}if(t.substr(p[0],2)!="02"){throw"N is not ASN.1 INTEGER"}if(t.substr(p[1],2)!="02"){throw"E is not ASN.1 INTEGER"}var w=ASN1HEX.getHexOfV_AtObj(t,p[0]);var u=ASN1HEX.getHexOfV_AtObj(t,p[1]);var q=new RSAKey();q.setPublic(w,u);return q},}}();KEYUTIL.getKey=function(c,o,i){if(typeof RSAKey!="undefined"&&c instanceof RSAKey){return c}if(typeof KJUR.crypto.ECDSA!="undefined"&&c instanceof KJUR.crypto.ECDSA){return c}if(typeof KJUR.crypto.DSA!="undefined"&&c instanceof KJUR.crypto.DSA){return c}if(c.xy!==undefined&&c.curve!==undefined){return new KJUR.crypto.ECDSA({prv:c.xy,curve:c.curve})}if(c.n!==undefined&&c.e!==undefined&&c.d!==undefined&&c.p!==undefined&&c.q!==undefined&&c.dp!==undefined&&c.dq!==undefined&&c.co!==undefined){var n=new RSAKey();n.setPrivateEx(c.n,c.e,c.d,c.p,c.q,c.dp,c.dq,c.co);return n}if(c.p!==undefined&&c.q!==undefined&&c.g!==undefined&&c.y!==undefined&&c.x!==undefined){var n=new KJUR.crypto.DSA();n.setPrivate(c.p,c.q,c.g,c.y,c.x);return n}if(c.d!==undefined&&c.curve!==undefined){return new KJUR.crypto.ECDSA({pub:c.d,curve:c.curve})}if(c.n!==undefined&&c.e){var n=new RSAKey();n.setPublic(c.n,c.e);return n}if(c.p!==undefined&&c.q!==undefined&&c.g!==undefined&&c.y!==undefined&&c.x===undefined){var n=new KJUR.crypto.DSA();n.setPublic(c.p,c.q,c.g,c.y);return n}if(c.indexOf("-END CERTIFICATE-",0)!=-1||c.indexOf("-END X509 CERTIFICATE-",0)!=-1||c.indexOf("-END TRUSTED CERTIFICATE-",0)!=-1){return X509.getPublicKeyFromCertPEM(c)}if(i==="pkcs8pub"){return KEYUTIL.getKeyFromPublicPKCS8Hex(c)}if(c.indexOf("-END PUBLIC KEY-")!=-1){return KEYUTIL.getKeyFromPublicPKCS8PEM(c)}if(i==="pkcs5prv"){var n=new RSAKey();n.readPrivateKeyFromASN1HexString(c);return n}if(i==="pkcs5prv"){var n=new RSAKey();n.readPrivateKeyFromASN1HexString(c);return n}if(c.indexOf("-END RSA PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")==-1){var n=new RSAKey();n.readPrivateKeyFromPEMString(c);return n}if(c.indexOf("-END DSA PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")==-1){var m=this.getHexFromPEM(c,"DSA PRIVATE KEY");var b=ASN1HEX.getVbyList(m,0,[1],"02");var a=ASN1HEX.getVbyList(m,0,[2],"02");var e=ASN1HEX.getVbyList(m,0,[3],"02");var k=ASN1HEX.getVbyList(m,0,[4],"02");var l=ASN1HEX.getVbyList(m,0,[5],"02");var n=new KJUR.crypto.DSA();n.setPrivate(new BigInteger(b,16),new BigInteger(a,16),new BigInteger(e,16),new BigInteger(k,16),new BigInteger(l,16));return n}if(c.indexOf("-END PRIVATE KEY-")!=-1){return KEYUTIL.getKeyFromPlainPrivatePKCS8PEM(c)}if(c.indexOf("-END RSA PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")!=-1){return KEYUTIL.getRSAKeyFromEncryptedPKCS5PEM(c,o)}if(c.indexOf("-END EC PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")!=-1){var m=KEYUTIL.getDecryptedKeyHex(c,o);var n=ASN1HEX.getVbyList(m,0,[1],"04");var j=ASN1HEX.getVbyList(m,0,[2,0],"06");var d=ASN1HEX.getVbyList(m,0,[3,0],"03").substr(2);var h="";if(KJUR.crypto.OID.oidhex2name[j]!==undefined){h=KJUR.crypto.OID.oidhex2name[j]}else{throw"undefined OID(hex) in KJUR.crypto.OID: "+j}var f=new KJUR.crypto.ECDSA({name:h});f.setPublicKeyHex(d);f.setPrivateKeyHex(n);f.isPublic=false;return f}if(c.indexOf("-END DSA PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")!=-1){var m=KEYUTIL.getDecryptedKeyHex(c,o);var b=ASN1HEX.getVbyList(m,0,[1],"02");var a=ASN1HEX.getVbyList(m,0,[2],"02");var e=ASN1HEX.getVbyList(m,0,[3],"02");var k=ASN1HEX.getVbyList(m,0,[4],"02");var l=ASN1HEX.getVbyList(m,0,[5],"02");var n=new KJUR.crypto.DSA();n.setPrivate(new BigInteger(b,16),new BigInteger(a,16),new BigInteger(e,16),new BigInteger(k,16),new BigInteger(l,16));return n}if(c.indexOf("-END ENCRYPTED PRIVATE KEY-")!=-1){return KEYUTIL.getKeyFromEncryptedPKCS8PEM(c,o)}throw"not supported argument"};KEYUTIL.generateKeypair=function(a,c){if(a=="RSA"){var b=c;var h=new RSAKey();h.generate(b,"10001");h.isPrivate=true;h.isPublic=true;var f=new RSAKey();var e=h.n.toString(16);var i=h.e.toString(16);f.setPublic(e,i);f.isPrivate=false;f.isPublic=true;var k={};k.prvKeyObj=h;k.pubKeyObj=f;return k}else{if(a=="EC"){var d=c;var g=new KJUR.crypto.ECDSA({curve:d});var j=g.generateKeyPairHex();var h=new KJUR.crypto.ECDSA({curve:d});h.setPrivateKeyHex(j.ecprvhex);h.isPrivate=true;h.isPublic=false;var f=new KJUR.crypto.ECDSA({curve:d});f.setPublicKeyHex(j.ecpubhex);f.isPrivate=false;f.isPublic=true;var k={};k.prvKeyObj=h;k.pubKeyObj=f;return k}else{throw"unknown algorithm: "+a}}};KEYUTIL.getPEM=function(a,r,o,g,j){var v=KJUR.asn1;var u=KJUR.crypto;function p(s){var w=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{"int":{bigint:s.n}},{"int":s.e},{"int":{bigint:s.d}},{"int":{bigint:s.p}},{"int":{bigint:s.q}},{"int":{bigint:s.dmp1}},{"int":{bigint:s.dmq1}},{"int":{bigint:s.coeff}}]});return w}function q(w){var s=KJUR.asn1.ASN1Util.newObject({seq:[{"int":1},{octstr:{hex:w.prvKeyHex}},{tag:["a0",true,{oid:{name:w.curveName}}]},{tag:["a1",true,{bitstr:{hex:"00"+w.pubKeyHex}}]}]});return s}function n(s){var w=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{"int":{bigint:s.p}},{"int":{bigint:s.q}},{"int":{bigint:s.g}},{"int":{bigint:s.y}},{"int":{bigint:s.x}}]});return w}if(((typeof RSAKey!="undefined"&&a instanceof RSAKey)||(typeof u.DSA!="undefined"&&a instanceof u.DSA)||(typeof u.ECDSA!="undefined"&&a instanceof u.ECDSA))&&a.isPublic==true&&(r===undefined||r=="PKCS8PUB")){var t=new KJUR.asn1.x509.SubjectPublicKeyInfo(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"PUBLIC KEY")}if(r=="PKCS1PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&(o===undefined||o==null)&&a.isPrivate==true){var t=p(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"RSA PRIVATE KEY")}if(r=="PKCS1PRV"&&typeof RSAKey!="undefined"&&a instanceof KJUR.crypto.ECDSA&&(o===undefined||o==null)&&a.isPrivate==true){var f=new KJUR.asn1.DERObjectIdentifier({name:a.curveName});var l=f.getEncodedHex();var e=q(a);var k=e.getEncodedHex();var i="";i+=v.ASN1Util.getPEMStringFromHex(l,"EC PARAMETERS");i+=v.ASN1Util.getPEMStringFromHex(k,"EC PRIVATE KEY");return i}if(r=="PKCS1PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&(o===undefined||o==null)&&a.isPrivate==true){var t=n(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"DSA PRIVATE KEY")}if(r=="PKCS5PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=p(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA",m,o,g)}if(r=="PKCS5PRV"&&typeof KJUR.crypto.ECDSA!="undefined"&&a instanceof KJUR.crypto.ECDSA&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=q(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("EC",m,o,g)}if(r=="PKCS5PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=n(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("DSA",m,o,g)}var h=function(w,s){var y=b(w,s);var x=new KJUR.asn1.ASN1Util.newObject({seq:[{seq:[{oid:{name:"pkcs5PBES2"}},{seq:[{seq:[{oid:{name:"pkcs5PBKDF2"}},{seq:[{octstr:{hex:y.pbkdf2Salt}},{"int":y.pbkdf2Iter}]}]},{seq:[{oid:{name:"des-EDE3-CBC"}},{octstr:{hex:y.encryptionSchemeIV}}]}]}]},{octstr:{hex:y.ciphertext}}]});return x.getEncodedHex()};var b=function(D,E){var x=100;var C=CryptoJS.lib.WordArray.random(8);var B="DES-EDE3-CBC";var s=CryptoJS.lib.WordArray.random(8);var y=CryptoJS.PBKDF2(E,C,{keySize:192/32,iterations:x});var z=CryptoJS.enc.Hex.parse(D);var A=CryptoJS.TripleDES.encrypt(z,y,{iv:s})+"";var w={};w.ciphertext=A;w.pbkdf2Salt=CryptoJS.enc.Hex.stringify(C);w.pbkdf2Iter=x;w.encryptionSchemeAlg=B;w.encryptionSchemeIV=CryptoJS.enc.Hex.stringify(s);return w};if(r=="PKCS8PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&a.isPrivate==true){var d=p(a);var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"rsaEncryption"}},{"null":true}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}if(r=="PKCS8PRV"&&typeof KJUR.crypto.ECDSA!="undefined"&&a instanceof KJUR.crypto.ECDSA&&a.isPrivate==true){var d=new KJUR.asn1.ASN1Util.newObject({seq:[{"int":1},{octstr:{hex:a.prvKeyHex}},{tag:["a1",true,{bitstr:{hex:"00"+a.pubKeyHex}}]}]});var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"ecPublicKey"}},{oid:{name:a.curveName}}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}if(r=="PKCS8PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&a.isPrivate==true){var d=new KJUR.asn1.DERInteger({bigint:a.x});var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"dsa"}},{seq:[{"int":{bigint:a.p}},{"int":{bigint:a.q}},{"int":{bigint:a.g}}]}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}throw"unsupported object nor format"};KEYUTIL.getKeyFromCSRPEM=function(b){var a=KEYUTIL.getHexFromPEM(b,"CERTIFICATE REQUEST");var c=KEYUTIL.getKeyFromCSRHex(a);return c};KEYUTIL.getKeyFromCSRHex=function(a){var c=KEYUTIL.parseCSRHex(a);var b=KEYUTIL.getKey(c.p8pubkeyhex,null,"pkcs8pub");return b};KEYUTIL.parseCSRHex=function(c){var b={};var e=c;if(e.substr(0,2)!="30"){throw"malformed CSR(code:001)"}var d=ASN1HEX.getPosArrayOfChildren_AtObj(e,0);if(d.length<1){throw"malformed CSR(code:002)"}if(e.substr(d[0],2)!="30"){throw"malformed CSR(code:003)"}var a=ASN1HEX.getPosArrayOfChildren_AtObj(e,d[0]);if(a.length<3){throw"malformed CSR(code:004)"}b.p8pubkeyhex=ASN1HEX.getHexOfTLV_AtObj(e,a[2]);return b};
+var KEYUTIL=function(){var d=function(p,r,q){return k(CryptoJS.AES,p,r,q)};var e=function(p,r,q){return k(CryptoJS.TripleDES,p,r,q)};var a=function(p,r,q){return k(CryptoJS.DES,p,r,q)};var k=function(s,x,u,q){var r=CryptoJS.enc.Hex.parse(x);var w=CryptoJS.enc.Hex.parse(u);var p=CryptoJS.enc.Hex.parse(q);var t={};t.key=w;t.iv=p;t.ciphertext=r;var v=s.decrypt(t,w,{iv:p});return CryptoJS.enc.Hex.stringify(v)};var l=function(p,r,q){return g(CryptoJS.AES,p,r,q)};var o=function(p,r,q){return g(CryptoJS.TripleDES,p,r,q)};var f=function(p,r,q){return g(CryptoJS.DES,p,r,q)};var g=function(t,y,v,q){var s=CryptoJS.enc.Hex.parse(y);var x=CryptoJS.enc.Hex.parse(v);var p=CryptoJS.enc.Hex.parse(q);var w=t.encrypt(s,x,{iv:p});var r=CryptoJS.enc.Hex.parse(w.toString());var u=CryptoJS.enc.Base64.stringify(r);return u};var i={"AES-256-CBC":{proc:d,eproc:l,keylen:32,ivlen:16},"AES-192-CBC":{proc:d,eproc:l,keylen:24,ivlen:16},"AES-128-CBC":{proc:d,eproc:l,keylen:16,ivlen:16},"DES-EDE3-CBC":{proc:e,eproc:o,keylen:24,ivlen:8},"DES-CBC":{proc:a,eproc:f,keylen:8,ivlen:8}};var c=function(p){return i[p]["proc"]};var m=function(p){var r=CryptoJS.lib.WordArray.random(p);var q=CryptoJS.enc.Hex.stringify(r);return q};var n=function(t){var u={};if(t.match(new RegExp("DEK-Info: ([^,]+),([0-9A-Fa-f]+)","m"))){u.cipher=RegExp.$1;u.ivsalt=RegExp.$2}if(t.match(new RegExp("-----BEGIN ([A-Z]+) PRIVATE KEY-----"))){u.type=RegExp.$1}var r=-1;var v=0;if(t.indexOf("\r\n\r\n")!=-1){r=t.indexOf("\r\n\r\n");v=2}if(t.indexOf("\n\n")!=-1){r=t.indexOf("\n\n");v=1}var q=t.indexOf("-----END");if(r!=-1&&q!=-1){var p=t.substring(r+v*2,q-v);p=p.replace(/\s+/g,"");u.data=p}return u};var j=function(q,y,p){var v=p.substring(0,16);var t=CryptoJS.enc.Hex.parse(v);var r=CryptoJS.enc.Utf8.parse(y);var u=i[q]["keylen"]+i[q]["ivlen"];var x="";var w=null;for(;;){var s=CryptoJS.algo.MD5.create();if(w!=null){s.update(w)}s.update(r);s.update(t);w=s.finalize();x=x+CryptoJS.enc.Hex.stringify(w);if(x.length>=u*2){break}}var z={};z.keyhex=x.substr(0,i[q]["keylen"]*2);z.ivhex=x.substr(i[q]["keylen"]*2,i[q]["ivlen"]*2);return z};var b=function(p,v,r,w){var s=CryptoJS.enc.Base64.parse(p);var q=CryptoJS.enc.Hex.stringify(s);var u=i[v]["proc"];var t=u(q,r,w);return t};var h=function(p,s,q,u){var r=i[s]["eproc"];var t=r(p,q,u);return t};return{version:"1.0.0",getHexFromPEM:function(q,u){var r=q;if(r.indexOf("-----BEGIN ")==-1){throw"can't find PEM header: "+u}if(typeof u=="string"&&u!=""){r=r.replace("-----BEGIN "+u+"-----","");r=r.replace("-----END "+u+"-----","")}else{r=r.replace(/-----BEGIN [^-]+-----/,"");r=r.replace(/-----END [^-]+-----/,"")}var t=r.replace(/\s+/g,"");var p=b64tohex(t);return p},getDecryptedKeyHexByKeyIV:function(q,t,s,r){var p=c(t);return p(q,s,r)},parsePKCS5PEM:function(p){return n(p)},getKeyAndUnusedIvByPasscodeAndIvsalt:function(q,p,r){return j(q,p,r)},decryptKeyB64:function(p,r,q,s){return b(p,r,q,s)},getDecryptedKeyHex:function(y,x){var q=n(y);var t=q.type;var r=q.cipher;var p=q.ivsalt;var s=q.data;var w=j(r,x,p);var v=w.keyhex;var u=b(s,r,v,p);return u},getRSAKeyFromEncryptedPKCS5PEM:function(r,q){var s=this.getDecryptedKeyHex(r,q);var p=new RSAKey();p.readPrivateKeyFromASN1HexString(s);return p},getEncryptedPKCS5PEMFromPrvKeyHex:function(x,s,A,t,r){var p="";if(typeof t=="undefined"||t==null){t="AES-256-CBC"}if(typeof i[t]=="undefined"){throw"KEYUTIL unsupported algorithm: "+t}if(typeof r=="undefined"||r==null){var v=i[t]["ivlen"];var u=m(v);r=u.toUpperCase()}var z=j(t,A,r);var y=z.keyhex;var w=h(s,t,y,r);var q=w.replace(/(.{64})/g,"$1\r\n");var p="-----BEGIN "+x+" PRIVATE KEY-----\r\n";p+="Proc-Type: 4,ENCRYPTED\r\n";p+="DEK-Info: "+t+","+r+"\r\n";p+="\r\n";p+=q;p+="\r\n-----END "+x+" PRIVATE KEY-----\r\n";return p},getEncryptedPKCS5PEMFromRSAKey:function(D,E,r,t){var B=new KJUR.asn1.DERInteger({"int":0});var w=new KJUR.asn1.DERInteger({bigint:D.n});var A=new KJUR.asn1.DERInteger({"int":D.e});var C=new KJUR.asn1.DERInteger({bigint:D.d});var u=new KJUR.asn1.DERInteger({bigint:D.p});var s=new KJUR.asn1.DERInteger({bigint:D.q});var z=new KJUR.asn1.DERInteger({bigint:D.dmp1});var v=new KJUR.asn1.DERInteger({bigint:D.dmq1});var y=new KJUR.asn1.DERInteger({bigint:D.coeff});var F=new KJUR.asn1.DERSequence({array:[B,w,A,C,u,s,z,v,y]});var x=F.getEncodedHex();return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA",x,E,r,t)},newEncryptedPKCS5PEM:function(p,q,t,u){if(typeof q=="undefined"||q==null){q=1024}if(typeof t=="undefined"||t==null){t="10001"}var r=new RSAKey();r.generate(q,t);var s=null;if(typeof u=="undefined"||u==null){s=this.getEncryptedPKCS5PEMFromRSAKey(r,p)}else{s=this.getEncryptedPKCS5PEMFromRSAKey(r,p,u)}return s},getRSAKeyFromPlainPKCS8PEM:function(r){if(r.match(/ENCRYPTED/)){throw"pem shall be not ENCRYPTED"}var q=this.getHexFromPEM(r,"PRIVATE KEY");var p=this.getRSAKeyFromPlainPKCS8Hex(q);return p},getRSAKeyFromPlainPKCS8Hex:function(s){var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=3){throw"outer DERSequence shall have 3 elements: "+r.length}var q=ASN1HEX.getHexOfTLV_AtObj(s,r[1]);if(q!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmIdentifier is not rsaEnc: "+q}var q=ASN1HEX.getHexOfTLV_AtObj(s,r[1]);var t=ASN1HEX.getHexOfTLV_AtObj(s,r[2]);var u=ASN1HEX.getHexOfV_AtObj(t,0);var p=new RSAKey();p.readPrivateKeyFromASN1HexString(u);return p},parseHexOfEncryptedPKCS8:function(w){var s={};var r=ASN1HEX.getPosArrayOfChildren_AtObj(w,0);if(r.length!=2){throw"malformed format: SEQUENCE(0).items != 2: "+r.length}s.ciphertext=ASN1HEX.getHexOfV_AtObj(w,r[1]);var y=ASN1HEX.getPosArrayOfChildren_AtObj(w,r[0]);if(y.length!=2){throw"malformed format: SEQUENCE(0.0).items != 2: "+y.length}if(ASN1HEX.getHexOfV_AtObj(w,y[0])!="2a864886f70d01050d"){throw"this only supports pkcs5PBES2"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(w,y[1]);if(y.length!=2){throw"malformed format: SEQUENCE(0.0.1).items != 2: "+p.length}var q=ASN1HEX.getPosArrayOfChildren_AtObj(w,p[1]);if(q.length!=2){throw"malformed format: SEQUENCE(0.0.1.1).items != 2: "+q.length}if(ASN1HEX.getHexOfV_AtObj(w,q[0])!="2a864886f70d0307"){throw"this only supports TripleDES"}s.encryptionSchemeAlg="TripleDES";s.encryptionSchemeIV=ASN1HEX.getHexOfV_AtObj(w,q[1]);var t=ASN1HEX.getPosArrayOfChildren_AtObj(w,p[0]);if(t.length!=2){throw"malformed format: SEQUENCE(0.0.1.0).items != 2: "+t.length}if(ASN1HEX.getHexOfV_AtObj(w,t[0])!="2a864886f70d01050c"){throw"this only supports pkcs5PBKDF2"}var x=ASN1HEX.getPosArrayOfChildren_AtObj(w,t[1]);if(x.length<2){throw"malformed format: SEQUENCE(0.0.1.0.1).items < 2: "+x.length}s.pbkdf2Salt=ASN1HEX.getHexOfV_AtObj(w,x[0]);var u=ASN1HEX.getHexOfV_AtObj(w,x[1]);try{s.pbkdf2Iter=parseInt(u,16)}catch(v){throw"malformed format pbkdf2Iter: "+u}return s},getPBKDF2KeyHexFromParam:function(u,p){var t=CryptoJS.enc.Hex.parse(u.pbkdf2Salt);var q=u.pbkdf2Iter;var s=CryptoJS.PBKDF2(p,t,{keySize:192/32,iterations:q});var r=CryptoJS.enc.Hex.stringify(s);return r},getPlainPKCS8HexFromEncryptedPKCS8PEM:function(x,y){var r=this.getHexFromPEM(x,"ENCRYPTED PRIVATE KEY");var p=this.parseHexOfEncryptedPKCS8(r);var u=KEYUTIL.getPBKDF2KeyHexFromParam(p,y);var v={};v.ciphertext=CryptoJS.enc.Hex.parse(p.ciphertext);var t=CryptoJS.enc.Hex.parse(u);var s=CryptoJS.enc.Hex.parse(p.encryptionSchemeIV);var w=CryptoJS.TripleDES.decrypt(v,t,{iv:s});var q=CryptoJS.enc.Hex.stringify(w);return q},getRSAKeyFromEncryptedPKCS8PEM:function(s,r){var q=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(s,r);var p=this.getRSAKeyFromPlainPKCS8Hex(q);return p},getKeyFromEncryptedPKCS8PEM:function(s,q){var p=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(s,q);var r=this.getKeyFromPlainPrivatePKCS8Hex(p);return r},parsePlainPrivatePKCS8Hex:function(s){var q={};q.algparam=null;if(s.substr(0,2)!="30"){throw"malformed plain PKCS8 private key(code:001)"}var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=3){throw"malformed plain PKCS8 private key(code:002)"}if(s.substr(r[1],2)!="30"){throw"malformed PKCS8 private key(code:003)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(s,r[1]);if(p.length!=2){throw"malformed PKCS8 private key(code:004)"}if(s.substr(p[0],2)!="06"){throw"malformed PKCS8 private key(code:005)"}q.algoid=ASN1HEX.getHexOfV_AtObj(s,p[0]);if(s.substr(p[1],2)=="06"){q.algparam=ASN1HEX.getHexOfV_AtObj(s,p[1])}if(s.substr(r[2],2)!="04"){throw"malformed PKCS8 private key(code:006)"}q.keyidx=ASN1HEX.getStartPosOfV_AtObj(s,r[2]);return q},getKeyFromPlainPrivatePKCS8PEM:function(q){var p=this.getHexFromPEM(q,"PRIVATE KEY");var r=this.getKeyFromPlainPrivatePKCS8Hex(p);return r},getKeyFromPlainPrivatePKCS8Hex:function(p){var w=this.parsePlainPrivatePKCS8Hex(p);if(w.algoid=="2a864886f70d010101"){this.parsePrivateRawRSAKeyHexAtObj(p,w);var u=w.key;var z=new RSAKey();z.setPrivateEx(u.n,u.e,u.d,u.p,u.q,u.dp,u.dq,u.co);return z}else{if(w.algoid=="2a8648ce3d0201"){this.parsePrivateRawECKeyHexAtObj(p,w);if(KJUR.crypto.OID.oidhex2name[w.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+w.algparam}var v=KJUR.crypto.OID.oidhex2name[w.algparam];var z=new KJUR.crypto.ECDSA({curve:v});z.setPublicKeyHex(w.pubkey);z.setPrivateKeyHex(w.key);z.isPublic=false;return z}else{if(w.algoid=="2a8648ce380401"){var t=ASN1HEX.getVbyList(p,0,[1,1,0],"02");var s=ASN1HEX.getVbyList(p,0,[1,1,1],"02");var y=ASN1HEX.getVbyList(p,0,[1,1,2],"02");var B=ASN1HEX.getVbyList(p,0,[2,0],"02");var r=new BigInteger(t,16);var q=new BigInteger(s,16);var x=new BigInteger(y,16);var A=new BigInteger(B,16);var z=new KJUR.crypto.DSA();z.setPrivate(r,q,x,null,A);return z}else{throw"unsupported private key algorithm"}}}},getRSAKeyFromPublicPKCS8PEM:function(q){var r=this.getHexFromPEM(q,"PUBLIC KEY");var p=this.getRSAKeyFromPublicPKCS8Hex(r);return p},getKeyFromPublicPKCS8PEM:function(q){var r=this.getHexFromPEM(q,"PUBLIC KEY");var p=this.getKeyFromPublicPKCS8Hex(r);return p},getKeyFromPublicPKCS8Hex:function(q){var p=this.parsePublicPKCS8Hex(q);if(p.algoid=="2a864886f70d010101"){var u=this.parsePublicRawRSAKeyHex(p.key);var r=new RSAKey();r.setPublic(u.n,u.e);return r}else{if(p.algoid=="2a8648ce3d0201"){if(KJUR.crypto.OID.oidhex2name[p.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+p.algparam}var s=KJUR.crypto.OID.oidhex2name[p.algparam];var r=new KJUR.crypto.ECDSA({curve:s,pub:p.key});return r}else{if(p.algoid=="2a8648ce380401"){var t=p.algparam;var v=ASN1HEX.getHexOfV_AtObj(p.key,0);var r=new KJUR.crypto.DSA();r.setPublic(new BigInteger(t.p,16),new BigInteger(t.q,16),new BigInteger(t.g,16),new BigInteger(v,16));return r}else{throw"unsupported public key algorithm"}}}},parsePublicRawRSAKeyHex:function(r){var p={};if(r.substr(0,2)!="30"){throw"malformed RSA key(code:001)"}var q=ASN1HEX.getPosArrayOfChildren_AtObj(r,0);if(q.length!=2){throw"malformed RSA key(code:002)"}if(r.substr(q[0],2)!="02"){throw"malformed RSA key(code:003)"}p.n=ASN1HEX.getHexOfV_AtObj(r,q[0]);if(r.substr(q[1],2)!="02"){throw"malformed RSA key(code:004)"}p.e=ASN1HEX.getHexOfV_AtObj(r,q[1]);return p},parsePrivateRawRSAKeyHexAtObj:function(q,s){var r=s.keyidx;if(q.substr(r,2)!="30"){throw"malformed RSA private key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,r);if(p.length!=9){throw"malformed RSA private key(code:002)"}s.key={};s.key.n=ASN1HEX.getHexOfV_AtObj(q,p[1]);s.key.e=ASN1HEX.getHexOfV_AtObj(q,p[2]);s.key.d=ASN1HEX.getHexOfV_AtObj(q,p[3]);s.key.p=ASN1HEX.getHexOfV_AtObj(q,p[4]);s.key.q=ASN1HEX.getHexOfV_AtObj(q,p[5]);s.key.dp=ASN1HEX.getHexOfV_AtObj(q,p[6]);s.key.dq=ASN1HEX.getHexOfV_AtObj(q,p[7]);s.key.co=ASN1HEX.getHexOfV_AtObj(q,p[8])},parsePrivateRawECKeyHexAtObj:function(p,t){var q=t.keyidx;var r=ASN1HEX.getVbyList(p,q,[1],"04");var s=ASN1HEX.getVbyList(p,q,[2,0],"03").substr(2);t.key=r;t.pubkey=s},parsePublicPKCS8Hex:function(s){var q={};q.algparam=null;var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=2){throw"outer DERSequence shall have 2 elements: "+r.length}var t=r[0];if(s.substr(t,2)!="30"){throw"malformed PKCS8 public key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(s,t);if(p.length!=2){throw"malformed PKCS8 public key(code:002)"}if(s.substr(p[0],2)!="06"){throw"malformed PKCS8 public key(code:003)"}q.algoid=ASN1HEX.getHexOfV_AtObj(s,p[0]);if(s.substr(p[1],2)=="06"){q.algparam=ASN1HEX.getHexOfV_AtObj(s,p[1])}else{if(s.substr(p[1],2)=="30"){q.algparam={};q.algparam.p=ASN1HEX.getVbyList(s,p[1],[0],"02");q.algparam.q=ASN1HEX.getVbyList(s,p[1],[1],"02");q.algparam.g=ASN1HEX.getVbyList(s,p[1],[2],"02")}}if(s.substr(r[1],2)!="03"){throw"malformed PKCS8 public key(code:004)"}q.key=ASN1HEX.getHexOfV_AtObj(s,r[1]).substr(2);return q},getRSAKeyFromPublicPKCS8Hex:function(t){var s=ASN1HEX.getPosArrayOfChildren_AtObj(t,0);if(s.length!=2){throw"outer DERSequence shall have 2 elements: "+s.length}var r=ASN1HEX.getHexOfTLV_AtObj(t,s[0]);if(r!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmId is not rsaEncryption"}if(t.substr(s[1],2)!="03"){throw"PKCS8 Public Key is not BITSTRING encapslated."}var v=ASN1HEX.getStartPosOfV_AtObj(t,s[1])+2;if(t.substr(v,2)!="30"){throw"PKCS8 Public Key is not SEQUENCE."}var p=ASN1HEX.getPosArrayOfChildren_AtObj(t,v);if(p.length!=2){throw"inner DERSequence shall have 2 elements: "+p.length}if(t.substr(p[0],2)!="02"){throw"N is not ASN.1 INTEGER"}if(t.substr(p[1],2)!="02"){throw"E is not ASN.1 INTEGER"}var w=ASN1HEX.getHexOfV_AtObj(t,p[0]);var u=ASN1HEX.getHexOfV_AtObj(t,p[1]);var q=new RSAKey();q.setPublic(w,u);return q},}}();KEYUTIL.getKey=function(f,e,h){if(typeof RSAKey!="undefined"&&f instanceof RSAKey){return f}if(typeof KJUR.crypto.ECDSA!="undefined"&&f instanceof KJUR.crypto.ECDSA){return f}if(typeof KJUR.crypto.DSA!="undefined"&&f instanceof KJUR.crypto.DSA){return f}if(f.xy!==undefined&&f.curve!==undefined){return new KJUR.crypto.ECDSA({prv:f.xy,curve:f.curve})}if(f.n!==undefined&&f.e!==undefined&&f.d!==undefined&&f.p!==undefined&&f.q!==undefined&&f.dp!==undefined&&f.dq!==undefined&&f.co!==undefined&&f.qi===undefined){var v=new RSAKey();v.setPrivateEx(f.n,f.e,f.d,f.p,f.q,f.dp,f.dq,f.co);return v}if(f.p!==undefined&&f.q!==undefined&&f.g!==undefined&&f.y!==undefined&&f.x!==undefined){var v=new KJUR.crypto.DSA();v.setPrivate(f.p,f.q,f.g,f.y,f.x);return v}if(f.d!==undefined&&f.curve!==undefined){return new KJUR.crypto.ECDSA({pub:f.d,curve:f.curve})}if(f.kty===undefined&&f.n!==undefined&&f.e){var v=new RSAKey();v.setPublic(f.n,f.e);return v}if(f.p!==undefined&&f.q!==undefined&&f.g!==undefined&&f.y!==undefined&&f.x===undefined){var v=new KJUR.crypto.DSA();v.setPublic(f.p,f.q,f.g,f.y);return v}if(f.kty==="RSA"&&f.n!==undefined&&f.e!==undefined&&f.d===undefined){var v=new RSAKey();v.setPublic(b64utohex(f.n),b64utohex(f.e));return v}if(f.kty==="RSA"&&f.n!==undefined&&f.e!==undefined&&f.d!==undefined&&f.p!==undefined&&f.q!==undefined&&f.dp!==undefined&&f.dq!==undefined&&f.qi!==undefined){var v=new RSAKey();v.setPrivateEx(b64utohex(f.n),b64utohex(f.e),b64utohex(f.d),b64utohex(f.p),b64utohex(f.q),b64utohex(f.dp),b64utohex(f.dq),b64utohex(f.qi));return v}if(f.kty==="EC"&&f.crv!==undefined&&f.x!==undefined&&f.y!==undefined&&f.d===undefined){var d=new KJUR.crypto.ECDSA({curve:f.crv});var k=d.ecparams.keylen/4;var o=("0000000000"+b64utohex(f.x)).slice(-k);var m=("0000000000"+b64utohex(f.y)).slice(-k);var l="04"+o+m;d.setPublicKeyHex(l);return d}if(f.kty==="EC"&&f.crv!==undefined&&f.x!==undefined&&f.y!==undefined&&f.d!==undefined){var d=new KJUR.crypto.ECDSA({curve:f.crv});var k=d.ecparams.keylen/4;var a=("0000000000"+b64utohex(f.d)).slice(-k);d.setPrivateKeyHex(a);return d}if(f.indexOf("-END CERTIFICATE-",0)!=-1||f.indexOf("-END X509 CERTIFICATE-",0)!=-1||f.indexOf("-END TRUSTED CERTIFICATE-",0)!=-1){return X509.getPublicKeyFromCertPEM(f)}if(h==="pkcs8pub"){return KEYUTIL.getKeyFromPublicPKCS8Hex(f)}if(f.indexOf("-END PUBLIC KEY-")!=-1){return KEYUTIL.getKeyFromPublicPKCS8PEM(f)}if(h==="pkcs5prv"){var v=new RSAKey();v.readPrivateKeyFromASN1HexString(f);return v}if(h==="pkcs5prv"){var v=new RSAKey();v.readPrivateKeyFromASN1HexString(f);return v}if(f.indexOf("-END RSA PRIVATE KEY-")!=-1&&f.indexOf("4,ENCRYPTED")==-1){var v=new RSAKey();v.readPrivateKeyFromPEMString(f);return v}if(f.indexOf("-END DSA PRIVATE KEY-")!=-1&&f.indexOf("4,ENCRYPTED")==-1){var t=this.getHexFromPEM(f,"DSA PRIVATE KEY");var s=ASN1HEX.getVbyList(t,0,[1],"02");var r=ASN1HEX.getVbyList(t,0,[2],"02");var u=ASN1HEX.getVbyList(t,0,[3],"02");var i=ASN1HEX.getVbyList(t,0,[4],"02");var j=ASN1HEX.getVbyList(t,0,[5],"02");var v=new KJUR.crypto.DSA();v.setPrivate(new BigInteger(s,16),new BigInteger(r,16),new BigInteger(u,16),new BigInteger(i,16),new BigInteger(j,16));return v}if(f.indexOf("-END PRIVATE KEY-")!=-1){return KEYUTIL.getKeyFromPlainPrivatePKCS8PEM(f)}if(f.indexOf("-END RSA PRIVATE KEY-")!=-1&&f.indexOf("4,ENCRYPTED")!=-1){return KEYUTIL.getRSAKeyFromEncryptedPKCS5PEM(f,e)}if(f.indexOf("-END EC PRIVATE KEY-")!=-1&&f.indexOf("4,ENCRYPTED")!=-1){var t=KEYUTIL.getDecryptedKeyHex(f,e);var v=ASN1HEX.getVbyList(t,0,[1],"04");var c=ASN1HEX.getVbyList(t,0,[2,0],"06");var n=ASN1HEX.getVbyList(t,0,[3,0],"03").substr(2);var b="";if(KJUR.crypto.OID.oidhex2name[c]!==undefined){b=KJUR.crypto.OID.oidhex2name[c]}else{throw"undefined OID(hex) in KJUR.crypto.OID: "+c}var d=new KJUR.crypto.ECDSA({name:b});d.setPublicKeyHex(n);d.setPrivateKeyHex(v);d.isPublic=false;return d}if(f.indexOf("-END DSA PRIVATE KEY-")!=-1&&f.indexOf("4,ENCRYPTED")!=-1){var t=KEYUTIL.getDecryptedKeyHex(f,e);var s=ASN1HEX.getVbyList(t,0,[1],"02");var r=ASN1HEX.getVbyList(t,0,[2],"02");var u=ASN1HEX.getVbyList(t,0,[3],"02");var i=ASN1HEX.getVbyList(t,0,[4],"02");var j=ASN1HEX.getVbyList(t,0,[5],"02");var v=new KJUR.crypto.DSA();v.setPrivate(new BigInteger(s,16),new BigInteger(r,16),new BigInteger(u,16),new BigInteger(i,16),new BigInteger(j,16));return v}if(f.indexOf("-END ENCRYPTED PRIVATE KEY-")!=-1){return KEYUTIL.getKeyFromEncryptedPKCS8PEM(f,e)}throw"not supported argument"};KEYUTIL.generateKeypair=function(a,c){if(a=="RSA"){var b=c;var h=new RSAKey();h.generate(b,"10001");h.isPrivate=true;h.isPublic=true;var f=new RSAKey();var e=h.n.toString(16);var i=h.e.toString(16);f.setPublic(e,i);f.isPrivate=false;f.isPublic=true;var k={};k.prvKeyObj=h;k.pubKeyObj=f;return k}else{if(a=="EC"){var d=c;var g=new KJUR.crypto.ECDSA({curve:d});var j=g.generateKeyPairHex();var h=new KJUR.crypto.ECDSA({curve:d});h.setPrivateKeyHex(j.ecprvhex);h.isPrivate=true;h.isPublic=false;var f=new KJUR.crypto.ECDSA({curve:d});f.setPublicKeyHex(j.ecpubhex);f.isPrivate=false;f.isPublic=true;var k={};k.prvKeyObj=h;k.pubKeyObj=f;return k}else{throw"unknown algorithm: "+a}}};KEYUTIL.getPEM=function(a,r,o,g,j){var v=KJUR.asn1;var u=KJUR.crypto;function p(s){var w=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{"int":{bigint:s.n}},{"int":s.e},{"int":{bigint:s.d}},{"int":{bigint:s.p}},{"int":{bigint:s.q}},{"int":{bigint:s.dmp1}},{"int":{bigint:s.dmq1}},{"int":{bigint:s.coeff}}]});return w}function q(w){var s=KJUR.asn1.ASN1Util.newObject({seq:[{"int":1},{octstr:{hex:w.prvKeyHex}},{tag:["a0",true,{oid:{name:w.curveName}}]},{tag:["a1",true,{bitstr:{hex:"00"+w.pubKeyHex}}]}]});return s}function n(s){var w=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{"int":{bigint:s.p}},{"int":{bigint:s.q}},{"int":{bigint:s.g}},{"int":{bigint:s.y}},{"int":{bigint:s.x}}]});return w}if(((typeof RSAKey!="undefined"&&a instanceof RSAKey)||(typeof u.DSA!="undefined"&&a instanceof u.DSA)||(typeof u.ECDSA!="undefined"&&a instanceof u.ECDSA))&&a.isPublic==true&&(r===undefined||r=="PKCS8PUB")){var t=new KJUR.asn1.x509.SubjectPublicKeyInfo(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"PUBLIC KEY")}if(r=="PKCS1PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&(o===undefined||o==null)&&a.isPrivate==true){var t=p(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"RSA PRIVATE KEY")}if(r=="PKCS1PRV"&&typeof RSAKey!="undefined"&&a instanceof KJUR.crypto.ECDSA&&(o===undefined||o==null)&&a.isPrivate==true){var f=new KJUR.asn1.DERObjectIdentifier({name:a.curveName});var l=f.getEncodedHex();var e=q(a);var k=e.getEncodedHex();var i="";i+=v.ASN1Util.getPEMStringFromHex(l,"EC PARAMETERS");i+=v.ASN1Util.getPEMStringFromHex(k,"EC PRIVATE KEY");return i}if(r=="PKCS1PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&(o===undefined||o==null)&&a.isPrivate==true){var t=n(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"DSA PRIVATE KEY")}if(r=="PKCS5PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=p(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA",m,o,g)}if(r=="PKCS5PRV"&&typeof KJUR.crypto.ECDSA!="undefined"&&a instanceof KJUR.crypto.ECDSA&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=q(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("EC",m,o,g)}if(r=="PKCS5PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=n(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("DSA",m,o,g)}var h=function(w,s){var y=b(w,s);var x=new KJUR.asn1.ASN1Util.newObject({seq:[{seq:[{oid:{name:"pkcs5PBES2"}},{seq:[{seq:[{oid:{name:"pkcs5PBKDF2"}},{seq:[{octstr:{hex:y.pbkdf2Salt}},{"int":y.pbkdf2Iter}]}]},{seq:[{oid:{name:"des-EDE3-CBC"}},{octstr:{hex:y.encryptionSchemeIV}}]}]}]},{octstr:{hex:y.ciphertext}}]});return x.getEncodedHex()};var b=function(D,E){var x=100;var C=CryptoJS.lib.WordArray.random(8);var B="DES-EDE3-CBC";var s=CryptoJS.lib.WordArray.random(8);var y=CryptoJS.PBKDF2(E,C,{keySize:192/32,iterations:x});var z=CryptoJS.enc.Hex.parse(D);var A=CryptoJS.TripleDES.encrypt(z,y,{iv:s})+"";var w={};w.ciphertext=A;w.pbkdf2Salt=CryptoJS.enc.Hex.stringify(C);w.pbkdf2Iter=x;w.encryptionSchemeAlg=B;w.encryptionSchemeIV=CryptoJS.enc.Hex.stringify(s);return w};if(r=="PKCS8PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&a.isPrivate==true){var d=p(a);var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"rsaEncryption"}},{"null":true}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}if(r=="PKCS8PRV"&&typeof KJUR.crypto.ECDSA!="undefined"&&a instanceof KJUR.crypto.ECDSA&&a.isPrivate==true){var d=new KJUR.asn1.ASN1Util.newObject({seq:[{"int":1},{octstr:{hex:a.prvKeyHex}},{tag:["a1",true,{bitstr:{hex:"00"+a.pubKeyHex}}]}]});var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"ecPublicKey"}},{oid:{name:a.curveName}}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}if(r=="PKCS8PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&a.isPrivate==true){var d=new KJUR.asn1.DERInteger({bigint:a.x});var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"dsa"}},{seq:[{"int":{bigint:a.p}},{"int":{bigint:a.q}},{"int":{bigint:a.g}}]}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}throw"unsupported object nor format"};KEYUTIL.getKeyFromCSRPEM=function(b){var a=KEYUTIL.getHexFromPEM(b,"CERTIFICATE REQUEST");var c=KEYUTIL.getKeyFromCSRHex(a);return c};KEYUTIL.getKeyFromCSRHex=function(a){var c=KEYUTIL.parseCSRHex(a);var b=KEYUTIL.getKey(c.p8pubkeyhex,null,"pkcs8pub");return b};KEYUTIL.parseCSRHex=function(c){var b={};var e=c;if(e.substr(0,2)!="30"){throw"malformed CSR(code:001)"}var d=ASN1HEX.getPosArrayOfChildren_AtObj(e,0);if(d.length<1){throw"malformed CSR(code:002)"}if(e.substr(d[0],2)!="30"){throw"malformed CSR(code:003)"}var a=ASN1HEX.getPosArrayOfChildren_AtObj(e,d[0]);if(a.length<3){throw"malformed CSR(code:004)"}b.p8pubkeyhex=ASN1HEX.getHexOfTLV_AtObj(e,a[2]);return b};
 /*! rsapem-1.1.js (c) 2012 Kenji Urushima | kjur.github.com/jsrsasign/license
  */
 function _rsapem_pemToBase64(b){var a=b;a=a.replace("-----BEGIN RSA PRIVATE KEY-----","");a=a.replace("-----END RSA PRIVATE KEY-----","");a=a.replace(/[ \n]+/g,"");return a}function _rsapem_getPosArrayOfChildrenFromHex(d){var j=new Array();var k=ASN1HEX.getStartPosOfV_AtObj(d,0);var f=ASN1HEX.getPosOfNextSibling_AtObj(d,k);var h=ASN1HEX.getPosOfNextSibling_AtObj(d,f);var b=ASN1HEX.getPosOfNextSibling_AtObj(d,h);var l=ASN1HEX.getPosOfNextSibling_AtObj(d,b);var e=ASN1HEX.getPosOfNextSibling_AtObj(d,l);var g=ASN1HEX.getPosOfNextSibling_AtObj(d,e);var c=ASN1HEX.getPosOfNextSibling_AtObj(d,g);var i=ASN1HEX.getPosOfNextSibling_AtObj(d,c);j.push(k,f,h,b,l,e,g,c,i);return j}function _rsapem_getHexValueArrayOfChildrenFromHex(i){var o=_rsapem_getPosArrayOfChildrenFromHex(i);var r=ASN1HEX.getHexOfV_AtObj(i,o[0]);var f=ASN1HEX.getHexOfV_AtObj(i,o[1]);var j=ASN1HEX.getHexOfV_AtObj(i,o[2]);var k=ASN1HEX.getHexOfV_AtObj(i,o[3]);var c=ASN1HEX.getHexOfV_AtObj(i,o[4]);var b=ASN1HEX.getHexOfV_AtObj(i,o[5]);var h=ASN1HEX.getHexOfV_AtObj(i,o[6]);var g=ASN1HEX.getHexOfV_AtObj(i,o[7]);var l=ASN1HEX.getHexOfV_AtObj(i,o[8]);var m=new Array();m.push(r,f,j,k,c,b,h,g,l);return m}function _rsapem_readPrivateKeyFromASN1HexString(c){var b=_rsapem_getHexValueArrayOfChildrenFromHex(c);this.setPrivateEx(b[1],b[2],b[3],b[4],b[5],b[6],b[7],b[8])}function _rsapem_readPrivateKeyFromPEMString(e){var c=_rsapem_pemToBase64(e);var d=b64tohex(c);var b=_rsapem_getHexValueArrayOfChildrenFromHex(d);this.setPrivateEx(b[1],b[2],b[3],b[4],b[5],b[6],b[7],b[8])}RSAKey.prototype.readPrivateKeyFromPEMString=_rsapem_readPrivateKeyFromPEMString;RSAKey.prototype.readPrivateKeyFromASN1HexString=_rsapem_readPrivateKeyFromASN1HexString;
diff --git a/jws-3.2.js b/jws-3.2.js
index e94b2e90..2b4783e0 100755
--- a/jws-3.2.js
+++ b/jws-3.2.js
@@ -24,6 +24,21 @@
  */
 
 if (typeof KJUR == "undefined" || !KJUR) KJUR = {};
+
+/**
+ * kjur's JSON Web Signature/Token(JWS/JWT) library name space
+ * 
    
+ * This namespace privides following JWS/JWS related classes.
+ * 
      
+ * 
    • {@link KJUR.jws.JWS} - JSON Web Signature/Token(JWS/JWT) class
      • 
+ * 
    • {@link KJUR.jws.JWSJS} - JWS JSON Serialization(JWSJS) class
      • 
+ * 
    • {@link KJUR.jws.IntDate} - UNIX origin time utility class
      • 
+ * 
    
+ * NOTE: Please ignore method summary and document of this namespace. This caused by a bug of jsdoc2.
+ * 
    
+ * @name KJUR.jws
+ * @namespace
+ */
 if (typeof KJUR.jws == "undefined" || !KJUR.jws) KJUR.jws = {};
 
 /**
diff --git a/keyutil-1.0.js b/keyutil-1.0.js
index 9598a0fd..e0be64b1 100644
--- a/keyutil-1.0.js
+++ b/keyutil-1.0.js
@@ -1,9 +1,9 @@
-/*! keyutil-1.0.7.js (c) 2013-2014 Kenji Urushima | kjur.github.com/jsrsasign/license
+/*! keyutil-1.0.8.js (c) 2013-2015 Kenji Urushima | kjur.github.com/jsrsasign/license
  */
 /*
  * keyutil.js - key utility for PKCS#1/5/8 PEM, RSA/DSA/ECDSA key object
  *
- * Copyright (c) 2013-2014 Kenji Urushima (kenji.urushima@gmail.com)
+ * Copyright (c) 2013-2015 Kenji Urushima (kenji.urushima@gmail.com)
  *
  * This software is licensed under the terms of the MIT License.
  * http://kjur.github.com/jsrsasign/license
@@ -15,7 +15,7 @@
  * @fileOverview
  * @name keyutil-1.0.js
  * @author Kenji Urushima kenji.urushima@gmail.com
- * @version keyutil 1.0.7 (2014-May-17)
+ * @version keyutil 1.0.8 (2015-Jul-02)
  * @since jsrsasign 4.1.4
  * @license MIT License
  */
@@ -1243,7 +1243,9 @@ var KEYUTIL = function() {
  * 
      
  * 
    • Encrypted PKCS#8 only supports PBKDF2/HmacSHA1/3DES
      • 
  * 
    • Encrypted PKCS#5 supports DES-CBC, DES-EDE3-CBC, AES-{128,192.256}-CBC
      • 
+ * 
    • JWT plain RSA/ECC private/public key
      • 
  * 
    
+ * NOTE: RFC 7517 JSON Web Key(JWK) support for RSA/ECC private/public key from jsrsasign 4.8.1.
  */
 KEYUTIL.getKey = function(param, passcode, hextype) {
     // 1. by key object
@@ -1259,10 +1261,16 @@ KEYUTIL.getKey = function(param, passcode, hextype) {
     if (param.xy !== undefined && param.curve !== undefined) {
         return new KJUR.crypto.ECDSA({prv: param.xy, curve: param.curve});
     }
-    // 2.2. RSA private key
-    if (param.n !== undefined && param.e !== undefined && param.d !== undefined &&
-        param.p !== undefined && param.q !== undefined &&
-        param.dp !== undefined && param.dq !== undefined && param.co !== undefined) {
+    // 2.2. bare RSA private key
+    if (param.n !== undefined &&
+	param.e !== undefined &&
+	param.d !== undefined &&
+        param.p !== undefined &&
+	param.q !== undefined &&
+        param.dp !== undefined &&
+	param.dq !== undefined &&
+	param.co !== undefined &&
+        param.qi === undefined) {
         var key = new RSAKey();
         key.setPrivateEx(param.n, param.e, param.d, param.p, param.q,
                          param.dp, param.dq, param.co);
@@ -1280,8 +1288,8 @@ KEYUTIL.getKey = function(param, passcode, hextype) {
     if (param.d !== undefined && param.curve !== undefined) {
         return new KJUR.crypto.ECDSA({pub: param.d, curve: param.curve});
     }
-    // 2.5. RSA private key
-    if (param.n !== undefined && param.e) {
+    // 2.5. bare RSA public key
+    if (param.kty === undefined && param.n !== undefined && param.e) {
         var key = new RSAKey();
         key.setPublic(param.n, param.e);
         return key;
@@ -1294,6 +1302,66 @@ KEYUTIL.getKey = function(param, passcode, hextype) {
         return key;
     }
 
+    // 2.7. JWK RSA public key
+    if (param.kty === "RSA" &&
+	param.n !== undefined &&
+	param.e !== undefined &&
+	param.d === undefined) {
+	var key = new RSAKey();
+	key.setPublic(b64utohex(param.n), b64utohex(param.e));
+	return key;
+    }
+
+    // 2.8. JWK RSA private key
+    if (param.kty === "RSA" &&
+	param.n !== undefined &&
+	param.e !== undefined &&
+	param.d !== undefined &&
+	param.p !== undefined &&
+	param.q !== undefined &&
+	param.dp !== undefined &&
+	param.dq !== undefined &&
+	param.qi !== undefined) {
+	var key = new RSAKey();
+        key.setPrivateEx(b64utohex(param.n),
+			 b64utohex(param.e),
+			 b64utohex(param.d),
+			 b64utohex(param.p),
+			 b64utohex(param.q),
+                         b64utohex(param.dp),
+			 b64utohex(param.dq),
+			 b64utohex(param.qi));
+	return key;
+    }
+
+    // 2.9. JWK ECC public key
+    if (param.kty === "EC" &&
+	param.crv !== undefined &&
+	param.x !== undefined &&
+	param.y !== undefined &&
+        param.d === undefined) {
+	var ec = new KJUR.crypto.ECDSA({"curve": param.crv});
+	var charlen = ec.ecparams.keylen / 4;
+        var hX   = ("0000000000" + b64utohex(param.x)).slice(- charlen);
+        var hY   = ("0000000000" + b64utohex(param.y)).slice(- charlen);
+        var hPub = "04" + hX + hY;
+	ec.setPublicKeyHex(hPub);
+	return ec;
+    }
+
+    // 2.10. JWK ECC private key
+    if (param.kty === "EC" &&
+	param.crv !== undefined &&
+	param.x !== undefined &&
+	param.y !== undefined &&
+        param.d !== undefined) {
+	var ec = new KJUR.crypto.ECDSA({"curve": param.crv});
+	var charlen = ec.ecparams.keylen / 4;
+        var hPrv = ("0000000000" + b64utohex(param.d)).slice(- charlen);
+	ec.setPrivateKeyHex(hPrv);
+	return ec;
+    }
+    
     // 3. by cert
     if (param.indexOf("-END CERTIFICATE-", 0) != -1 ||
         param.indexOf("-END X509 CERTIFICATE-", 0) != -1 ||
diff --git a/keyutil-1.0.min.js b/keyutil-1.0.min.js
index 9d3f1278..fd66f41a 100644
--- a/keyutil-1.0.min.js
+++ b/keyutil-1.0.min.js
@@ -1,3 +1,3 @@
-/*! keyutil-1.0.7.js (c) 2013-2014 Kenji Urushima | kjur.github.com/jsrsasign/license
+/*! keyutil-1.0.8.js (c) 2013-2015 Kenji Urushima | kjur.github.com/jsrsasign/license
  */
-var KEYUTIL=function(){var d=function(p,r,q){return k(CryptoJS.AES,p,r,q)};var e=function(p,r,q){return k(CryptoJS.TripleDES,p,r,q)};var a=function(p,r,q){return k(CryptoJS.DES,p,r,q)};var k=function(s,x,u,q){var r=CryptoJS.enc.Hex.parse(x);var w=CryptoJS.enc.Hex.parse(u);var p=CryptoJS.enc.Hex.parse(q);var t={};t.key=w;t.iv=p;t.ciphertext=r;var v=s.decrypt(t,w,{iv:p});return CryptoJS.enc.Hex.stringify(v)};var l=function(p,r,q){return g(CryptoJS.AES,p,r,q)};var o=function(p,r,q){return g(CryptoJS.TripleDES,p,r,q)};var f=function(p,r,q){return g(CryptoJS.DES,p,r,q)};var g=function(t,y,v,q){var s=CryptoJS.enc.Hex.parse(y);var x=CryptoJS.enc.Hex.parse(v);var p=CryptoJS.enc.Hex.parse(q);var w=t.encrypt(s,x,{iv:p});var r=CryptoJS.enc.Hex.parse(w.toString());var u=CryptoJS.enc.Base64.stringify(r);return u};var i={"AES-256-CBC":{proc:d,eproc:l,keylen:32,ivlen:16},"AES-192-CBC":{proc:d,eproc:l,keylen:24,ivlen:16},"AES-128-CBC":{proc:d,eproc:l,keylen:16,ivlen:16},"DES-EDE3-CBC":{proc:e,eproc:o,keylen:24,ivlen:8},"DES-CBC":{proc:a,eproc:f,keylen:8,ivlen:8}};var c=function(p){return i[p]["proc"]};var m=function(p){var r=CryptoJS.lib.WordArray.random(p);var q=CryptoJS.enc.Hex.stringify(r);return q};var n=function(t){var u={};if(t.match(new RegExp("DEK-Info: ([^,]+),([0-9A-Fa-f]+)","m"))){u.cipher=RegExp.$1;u.ivsalt=RegExp.$2}if(t.match(new RegExp("-----BEGIN ([A-Z]+) PRIVATE KEY-----"))){u.type=RegExp.$1}var r=-1;var v=0;if(t.indexOf("\r\n\r\n")!=-1){r=t.indexOf("\r\n\r\n");v=2}if(t.indexOf("\n\n")!=-1){r=t.indexOf("\n\n");v=1}var q=t.indexOf("-----END");if(r!=-1&&q!=-1){var p=t.substring(r+v*2,q-v);p=p.replace(/\s+/g,"");u.data=p}return u};var j=function(q,y,p){var v=p.substring(0,16);var t=CryptoJS.enc.Hex.parse(v);var r=CryptoJS.enc.Utf8.parse(y);var u=i[q]["keylen"]+i[q]["ivlen"];var x="";var w=null;for(;;){var s=CryptoJS.algo.MD5.create();if(w!=null){s.update(w)}s.update(r);s.update(t);w=s.finalize();x=x+CryptoJS.enc.Hex.stringify(w);if(x.length>=u*2){break}}var z={};z.keyhex=x.substr(0,i[q]["keylen"]*2);z.ivhex=x.substr(i[q]["keylen"]*2,i[q]["ivlen"]*2);return z};var b=function(p,v,r,w){var s=CryptoJS.enc.Base64.parse(p);var q=CryptoJS.enc.Hex.stringify(s);var u=i[v]["proc"];var t=u(q,r,w);return t};var h=function(p,s,q,u){var r=i[s]["eproc"];var t=r(p,q,u);return t};return{version:"1.0.0",getHexFromPEM:function(q,u){var r=q;if(r.indexOf("-----BEGIN ")==-1){throw"can't find PEM header: "+u}if(typeof u=="string"&&u!=""){r=r.replace("-----BEGIN "+u+"-----","");r=r.replace("-----END "+u+"-----","")}else{r=r.replace(/-----BEGIN [^-]+-----/,"");r=r.replace(/-----END [^-]+-----/,"")}var t=r.replace(/\s+/g,"");var p=b64tohex(t);return p},getDecryptedKeyHexByKeyIV:function(q,t,s,r){var p=c(t);return p(q,s,r)},parsePKCS5PEM:function(p){return n(p)},getKeyAndUnusedIvByPasscodeAndIvsalt:function(q,p,r){return j(q,p,r)},decryptKeyB64:function(p,r,q,s){return b(p,r,q,s)},getDecryptedKeyHex:function(y,x){var q=n(y);var t=q.type;var r=q.cipher;var p=q.ivsalt;var s=q.data;var w=j(r,x,p);var v=w.keyhex;var u=b(s,r,v,p);return u},getRSAKeyFromEncryptedPKCS5PEM:function(r,q){var s=this.getDecryptedKeyHex(r,q);var p=new RSAKey();p.readPrivateKeyFromASN1HexString(s);return p},getEncryptedPKCS5PEMFromPrvKeyHex:function(x,s,A,t,r){var p="";if(typeof t=="undefined"||t==null){t="AES-256-CBC"}if(typeof i[t]=="undefined"){throw"KEYUTIL unsupported algorithm: "+t}if(typeof r=="undefined"||r==null){var v=i[t]["ivlen"];var u=m(v);r=u.toUpperCase()}var z=j(t,A,r);var y=z.keyhex;var w=h(s,t,y,r);var q=w.replace(/(.{64})/g,"$1\r\n");var p="-----BEGIN "+x+" PRIVATE KEY-----\r\n";p+="Proc-Type: 4,ENCRYPTED\r\n";p+="DEK-Info: "+t+","+r+"\r\n";p+="\r\n";p+=q;p+="\r\n-----END "+x+" PRIVATE KEY-----\r\n";return p},getEncryptedPKCS5PEMFromRSAKey:function(D,E,r,t){var B=new KJUR.asn1.DERInteger({"int":0});var w=new KJUR.asn1.DERInteger({bigint:D.n});var A=new KJUR.asn1.DERInteger({"int":D.e});var C=new KJUR.asn1.DERInteger({bigint:D.d});var u=new KJUR.asn1.DERInteger({bigint:D.p});var s=new KJUR.asn1.DERInteger({bigint:D.q});var z=new KJUR.asn1.DERInteger({bigint:D.dmp1});var v=new KJUR.asn1.DERInteger({bigint:D.dmq1});var y=new KJUR.asn1.DERInteger({bigint:D.coeff});var F=new KJUR.asn1.DERSequence({array:[B,w,A,C,u,s,z,v,y]});var x=F.getEncodedHex();return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA",x,E,r,t)},newEncryptedPKCS5PEM:function(p,q,t,u){if(typeof q=="undefined"||q==null){q=1024}if(typeof t=="undefined"||t==null){t="10001"}var r=new RSAKey();r.generate(q,t);var s=null;if(typeof u=="undefined"||u==null){s=this.getEncryptedPKCS5PEMFromRSAKey(r,p)}else{s=this.getEncryptedPKCS5PEMFromRSAKey(r,p,u)}return s},getRSAKeyFromPlainPKCS8PEM:function(r){if(r.match(/ENCRYPTED/)){throw"pem shall be not ENCRYPTED"}var q=this.getHexFromPEM(r,"PRIVATE KEY");var p=this.getRSAKeyFromPlainPKCS8Hex(q);return p},getRSAKeyFromPlainPKCS8Hex:function(s){var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=3){throw"outer DERSequence shall have 3 elements: "+r.length}var q=ASN1HEX.getHexOfTLV_AtObj(s,r[1]);if(q!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmIdentifier is not rsaEnc: "+q}var q=ASN1HEX.getHexOfTLV_AtObj(s,r[1]);var t=ASN1HEX.getHexOfTLV_AtObj(s,r[2]);var u=ASN1HEX.getHexOfV_AtObj(t,0);var p=new RSAKey();p.readPrivateKeyFromASN1HexString(u);return p},parseHexOfEncryptedPKCS8:function(w){var s={};var r=ASN1HEX.getPosArrayOfChildren_AtObj(w,0);if(r.length!=2){throw"malformed format: SEQUENCE(0).items != 2: "+r.length}s.ciphertext=ASN1HEX.getHexOfV_AtObj(w,r[1]);var y=ASN1HEX.getPosArrayOfChildren_AtObj(w,r[0]);if(y.length!=2){throw"malformed format: SEQUENCE(0.0).items != 2: "+y.length}if(ASN1HEX.getHexOfV_AtObj(w,y[0])!="2a864886f70d01050d"){throw"this only supports pkcs5PBES2"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(w,y[1]);if(y.length!=2){throw"malformed format: SEQUENCE(0.0.1).items != 2: "+p.length}var q=ASN1HEX.getPosArrayOfChildren_AtObj(w,p[1]);if(q.length!=2){throw"malformed format: SEQUENCE(0.0.1.1).items != 2: "+q.length}if(ASN1HEX.getHexOfV_AtObj(w,q[0])!="2a864886f70d0307"){throw"this only supports TripleDES"}s.encryptionSchemeAlg="TripleDES";s.encryptionSchemeIV=ASN1HEX.getHexOfV_AtObj(w,q[1]);var t=ASN1HEX.getPosArrayOfChildren_AtObj(w,p[0]);if(t.length!=2){throw"malformed format: SEQUENCE(0.0.1.0).items != 2: "+t.length}if(ASN1HEX.getHexOfV_AtObj(w,t[0])!="2a864886f70d01050c"){throw"this only supports pkcs5PBKDF2"}var x=ASN1HEX.getPosArrayOfChildren_AtObj(w,t[1]);if(x.length<2){throw"malformed format: SEQUENCE(0.0.1.0.1).items < 2: "+x.length}s.pbkdf2Salt=ASN1HEX.getHexOfV_AtObj(w,x[0]);var u=ASN1HEX.getHexOfV_AtObj(w,x[1]);try{s.pbkdf2Iter=parseInt(u,16)}catch(v){throw"malformed format pbkdf2Iter: "+u}return s},getPBKDF2KeyHexFromParam:function(u,p){var t=CryptoJS.enc.Hex.parse(u.pbkdf2Salt);var q=u.pbkdf2Iter;var s=CryptoJS.PBKDF2(p,t,{keySize:192/32,iterations:q});var r=CryptoJS.enc.Hex.stringify(s);return r},getPlainPKCS8HexFromEncryptedPKCS8PEM:function(x,y){var r=this.getHexFromPEM(x,"ENCRYPTED PRIVATE KEY");var p=this.parseHexOfEncryptedPKCS8(r);var u=KEYUTIL.getPBKDF2KeyHexFromParam(p,y);var v={};v.ciphertext=CryptoJS.enc.Hex.parse(p.ciphertext);var t=CryptoJS.enc.Hex.parse(u);var s=CryptoJS.enc.Hex.parse(p.encryptionSchemeIV);var w=CryptoJS.TripleDES.decrypt(v,t,{iv:s});var q=CryptoJS.enc.Hex.stringify(w);return q},getRSAKeyFromEncryptedPKCS8PEM:function(s,r){var q=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(s,r);var p=this.getRSAKeyFromPlainPKCS8Hex(q);return p},getKeyFromEncryptedPKCS8PEM:function(s,q){var p=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(s,q);var r=this.getKeyFromPlainPrivatePKCS8Hex(p);return r},parsePlainPrivatePKCS8Hex:function(s){var q={};q.algparam=null;if(s.substr(0,2)!="30"){throw"malformed plain PKCS8 private key(code:001)"}var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=3){throw"malformed plain PKCS8 private key(code:002)"}if(s.substr(r[1],2)!="30"){throw"malformed PKCS8 private key(code:003)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(s,r[1]);if(p.length!=2){throw"malformed PKCS8 private key(code:004)"}if(s.substr(p[0],2)!="06"){throw"malformed PKCS8 private key(code:005)"}q.algoid=ASN1HEX.getHexOfV_AtObj(s,p[0]);if(s.substr(p[1],2)=="06"){q.algparam=ASN1HEX.getHexOfV_AtObj(s,p[1])}if(s.substr(r[2],2)!="04"){throw"malformed PKCS8 private key(code:006)"}q.keyidx=ASN1HEX.getStartPosOfV_AtObj(s,r[2]);return q},getKeyFromPlainPrivatePKCS8PEM:function(q){var p=this.getHexFromPEM(q,"PRIVATE KEY");var r=this.getKeyFromPlainPrivatePKCS8Hex(p);return r},getKeyFromPlainPrivatePKCS8Hex:function(p){var w=this.parsePlainPrivatePKCS8Hex(p);if(w.algoid=="2a864886f70d010101"){this.parsePrivateRawRSAKeyHexAtObj(p,w);var u=w.key;var z=new RSAKey();z.setPrivateEx(u.n,u.e,u.d,u.p,u.q,u.dp,u.dq,u.co);return z}else{if(w.algoid=="2a8648ce3d0201"){this.parsePrivateRawECKeyHexAtObj(p,w);if(KJUR.crypto.OID.oidhex2name[w.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+w.algparam}var v=KJUR.crypto.OID.oidhex2name[w.algparam];var z=new KJUR.crypto.ECDSA({curve:v});z.setPublicKeyHex(w.pubkey);z.setPrivateKeyHex(w.key);z.isPublic=false;return z}else{if(w.algoid=="2a8648ce380401"){var t=ASN1HEX.getVbyList(p,0,[1,1,0],"02");var s=ASN1HEX.getVbyList(p,0,[1,1,1],"02");var y=ASN1HEX.getVbyList(p,0,[1,1,2],"02");var B=ASN1HEX.getVbyList(p,0,[2,0],"02");var r=new BigInteger(t,16);var q=new BigInteger(s,16);var x=new BigInteger(y,16);var A=new BigInteger(B,16);var z=new KJUR.crypto.DSA();z.setPrivate(r,q,x,null,A);return z}else{throw"unsupported private key algorithm"}}}},getRSAKeyFromPublicPKCS8PEM:function(q){var r=this.getHexFromPEM(q,"PUBLIC KEY");var p=this.getRSAKeyFromPublicPKCS8Hex(r);return p},getKeyFromPublicPKCS8PEM:function(q){var r=this.getHexFromPEM(q,"PUBLIC KEY");var p=this.getKeyFromPublicPKCS8Hex(r);return p},getKeyFromPublicPKCS8Hex:function(q){var p=this.parsePublicPKCS8Hex(q);if(p.algoid=="2a864886f70d010101"){var u=this.parsePublicRawRSAKeyHex(p.key);var r=new RSAKey();r.setPublic(u.n,u.e);return r}else{if(p.algoid=="2a8648ce3d0201"){if(KJUR.crypto.OID.oidhex2name[p.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+p.algparam}var s=KJUR.crypto.OID.oidhex2name[p.algparam];var r=new KJUR.crypto.ECDSA({curve:s,pub:p.key});return r}else{if(p.algoid=="2a8648ce380401"){var t=p.algparam;var v=ASN1HEX.getHexOfV_AtObj(p.key,0);var r=new KJUR.crypto.DSA();r.setPublic(new BigInteger(t.p,16),new BigInteger(t.q,16),new BigInteger(t.g,16),new BigInteger(v,16));return r}else{throw"unsupported public key algorithm"}}}},parsePublicRawRSAKeyHex:function(r){var p={};if(r.substr(0,2)!="30"){throw"malformed RSA key(code:001)"}var q=ASN1HEX.getPosArrayOfChildren_AtObj(r,0);if(q.length!=2){throw"malformed RSA key(code:002)"}if(r.substr(q[0],2)!="02"){throw"malformed RSA key(code:003)"}p.n=ASN1HEX.getHexOfV_AtObj(r,q[0]);if(r.substr(q[1],2)!="02"){throw"malformed RSA key(code:004)"}p.e=ASN1HEX.getHexOfV_AtObj(r,q[1]);return p},parsePrivateRawRSAKeyHexAtObj:function(q,s){var r=s.keyidx;if(q.substr(r,2)!="30"){throw"malformed RSA private key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,r);if(p.length!=9){throw"malformed RSA private key(code:002)"}s.key={};s.key.n=ASN1HEX.getHexOfV_AtObj(q,p[1]);s.key.e=ASN1HEX.getHexOfV_AtObj(q,p[2]);s.key.d=ASN1HEX.getHexOfV_AtObj(q,p[3]);s.key.p=ASN1HEX.getHexOfV_AtObj(q,p[4]);s.key.q=ASN1HEX.getHexOfV_AtObj(q,p[5]);s.key.dp=ASN1HEX.getHexOfV_AtObj(q,p[6]);s.key.dq=ASN1HEX.getHexOfV_AtObj(q,p[7]);s.key.co=ASN1HEX.getHexOfV_AtObj(q,p[8])},parsePrivateRawECKeyHexAtObj:function(p,t){var q=t.keyidx;var r=ASN1HEX.getVbyList(p,q,[1],"04");var s=ASN1HEX.getVbyList(p,q,[2,0],"03").substr(2);t.key=r;t.pubkey=s},parsePublicPKCS8Hex:function(s){var q={};q.algparam=null;var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=2){throw"outer DERSequence shall have 2 elements: "+r.length}var t=r[0];if(s.substr(t,2)!="30"){throw"malformed PKCS8 public key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(s,t);if(p.length!=2){throw"malformed PKCS8 public key(code:002)"}if(s.substr(p[0],2)!="06"){throw"malformed PKCS8 public key(code:003)"}q.algoid=ASN1HEX.getHexOfV_AtObj(s,p[0]);if(s.substr(p[1],2)=="06"){q.algparam=ASN1HEX.getHexOfV_AtObj(s,p[1])}else{if(s.substr(p[1],2)=="30"){q.algparam={};q.algparam.p=ASN1HEX.getVbyList(s,p[1],[0],"02");q.algparam.q=ASN1HEX.getVbyList(s,p[1],[1],"02");q.algparam.g=ASN1HEX.getVbyList(s,p[1],[2],"02")}}if(s.substr(r[1],2)!="03"){throw"malformed PKCS8 public key(code:004)"}q.key=ASN1HEX.getHexOfV_AtObj(s,r[1]).substr(2);return q},getRSAKeyFromPublicPKCS8Hex:function(t){var s=ASN1HEX.getPosArrayOfChildren_AtObj(t,0);if(s.length!=2){throw"outer DERSequence shall have 2 elements: "+s.length}var r=ASN1HEX.getHexOfTLV_AtObj(t,s[0]);if(r!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmId is not rsaEncryption"}if(t.substr(s[1],2)!="03"){throw"PKCS8 Public Key is not BITSTRING encapslated."}var v=ASN1HEX.getStartPosOfV_AtObj(t,s[1])+2;if(t.substr(v,2)!="30"){throw"PKCS8 Public Key is not SEQUENCE."}var p=ASN1HEX.getPosArrayOfChildren_AtObj(t,v);if(p.length!=2){throw"inner DERSequence shall have 2 elements: "+p.length}if(t.substr(p[0],2)!="02"){throw"N is not ASN.1 INTEGER"}if(t.substr(p[1],2)!="02"){throw"E is not ASN.1 INTEGER"}var w=ASN1HEX.getHexOfV_AtObj(t,p[0]);var u=ASN1HEX.getHexOfV_AtObj(t,p[1]);var q=new RSAKey();q.setPublic(w,u);return q},}}();KEYUTIL.getKey=function(c,o,i){if(typeof RSAKey!="undefined"&&c instanceof RSAKey){return c}if(typeof KJUR.crypto.ECDSA!="undefined"&&c instanceof KJUR.crypto.ECDSA){return c}if(typeof KJUR.crypto.DSA!="undefined"&&c instanceof KJUR.crypto.DSA){return c}if(c.xy!==undefined&&c.curve!==undefined){return new KJUR.crypto.ECDSA({prv:c.xy,curve:c.curve})}if(c.n!==undefined&&c.e!==undefined&&c.d!==undefined&&c.p!==undefined&&c.q!==undefined&&c.dp!==undefined&&c.dq!==undefined&&c.co!==undefined){var n=new RSAKey();n.setPrivateEx(c.n,c.e,c.d,c.p,c.q,c.dp,c.dq,c.co);return n}if(c.p!==undefined&&c.q!==undefined&&c.g!==undefined&&c.y!==undefined&&c.x!==undefined){var n=new KJUR.crypto.DSA();n.setPrivate(c.p,c.q,c.g,c.y,c.x);return n}if(c.d!==undefined&&c.curve!==undefined){return new KJUR.crypto.ECDSA({pub:c.d,curve:c.curve})}if(c.n!==undefined&&c.e){var n=new RSAKey();n.setPublic(c.n,c.e);return n}if(c.p!==undefined&&c.q!==undefined&&c.g!==undefined&&c.y!==undefined&&c.x===undefined){var n=new KJUR.crypto.DSA();n.setPublic(c.p,c.q,c.g,c.y);return n}if(c.indexOf("-END CERTIFICATE-",0)!=-1||c.indexOf("-END X509 CERTIFICATE-",0)!=-1||c.indexOf("-END TRUSTED CERTIFICATE-",0)!=-1){return X509.getPublicKeyFromCertPEM(c)}if(i==="pkcs8pub"){return KEYUTIL.getKeyFromPublicPKCS8Hex(c)}if(c.indexOf("-END PUBLIC KEY-")!=-1){return KEYUTIL.getKeyFromPublicPKCS8PEM(c)}if(i==="pkcs5prv"){var n=new RSAKey();n.readPrivateKeyFromASN1HexString(c);return n}if(i==="pkcs5prv"){var n=new RSAKey();n.readPrivateKeyFromASN1HexString(c);return n}if(c.indexOf("-END RSA PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")==-1){var n=new RSAKey();n.readPrivateKeyFromPEMString(c);return n}if(c.indexOf("-END DSA PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")==-1){var m=this.getHexFromPEM(c,"DSA PRIVATE KEY");var b=ASN1HEX.getVbyList(m,0,[1],"02");var a=ASN1HEX.getVbyList(m,0,[2],"02");var e=ASN1HEX.getVbyList(m,0,[3],"02");var k=ASN1HEX.getVbyList(m,0,[4],"02");var l=ASN1HEX.getVbyList(m,0,[5],"02");var n=new KJUR.crypto.DSA();n.setPrivate(new BigInteger(b,16),new BigInteger(a,16),new BigInteger(e,16),new BigInteger(k,16),new BigInteger(l,16));return n}if(c.indexOf("-END PRIVATE KEY-")!=-1){return KEYUTIL.getKeyFromPlainPrivatePKCS8PEM(c)}if(c.indexOf("-END RSA PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")!=-1){return KEYUTIL.getRSAKeyFromEncryptedPKCS5PEM(c,o)}if(c.indexOf("-END EC PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")!=-1){var m=KEYUTIL.getDecryptedKeyHex(c,o);var n=ASN1HEX.getVbyList(m,0,[1],"04");var j=ASN1HEX.getVbyList(m,0,[2,0],"06");var d=ASN1HEX.getVbyList(m,0,[3,0],"03").substr(2);var h="";if(KJUR.crypto.OID.oidhex2name[j]!==undefined){h=KJUR.crypto.OID.oidhex2name[j]}else{throw"undefined OID(hex) in KJUR.crypto.OID: "+j}var f=new KJUR.crypto.ECDSA({name:h});f.setPublicKeyHex(d);f.setPrivateKeyHex(n);f.isPublic=false;return f}if(c.indexOf("-END DSA PRIVATE KEY-")!=-1&&c.indexOf("4,ENCRYPTED")!=-1){var m=KEYUTIL.getDecryptedKeyHex(c,o);var b=ASN1HEX.getVbyList(m,0,[1],"02");var a=ASN1HEX.getVbyList(m,0,[2],"02");var e=ASN1HEX.getVbyList(m,0,[3],"02");var k=ASN1HEX.getVbyList(m,0,[4],"02");var l=ASN1HEX.getVbyList(m,0,[5],"02");var n=new KJUR.crypto.DSA();n.setPrivate(new BigInteger(b,16),new BigInteger(a,16),new BigInteger(e,16),new BigInteger(k,16),new BigInteger(l,16));return n}if(c.indexOf("-END ENCRYPTED PRIVATE KEY-")!=-1){return KEYUTIL.getKeyFromEncryptedPKCS8PEM(c,o)}throw"not supported argument"};KEYUTIL.generateKeypair=function(a,c){if(a=="RSA"){var b=c;var h=new RSAKey();h.generate(b,"10001");h.isPrivate=true;h.isPublic=true;var f=new RSAKey();var e=h.n.toString(16);var i=h.e.toString(16);f.setPublic(e,i);f.isPrivate=false;f.isPublic=true;var k={};k.prvKeyObj=h;k.pubKeyObj=f;return k}else{if(a=="EC"){var d=c;var g=new KJUR.crypto.ECDSA({curve:d});var j=g.generateKeyPairHex();var h=new KJUR.crypto.ECDSA({curve:d});h.setPrivateKeyHex(j.ecprvhex);h.isPrivate=true;h.isPublic=false;var f=new KJUR.crypto.ECDSA({curve:d});f.setPublicKeyHex(j.ecpubhex);f.isPrivate=false;f.isPublic=true;var k={};k.prvKeyObj=h;k.pubKeyObj=f;return k}else{throw"unknown algorithm: "+a}}};KEYUTIL.getPEM=function(a,r,o,g,j){var v=KJUR.asn1;var u=KJUR.crypto;function p(s){var w=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{"int":{bigint:s.n}},{"int":s.e},{"int":{bigint:s.d}},{"int":{bigint:s.p}},{"int":{bigint:s.q}},{"int":{bigint:s.dmp1}},{"int":{bigint:s.dmq1}},{"int":{bigint:s.coeff}}]});return w}function q(w){var s=KJUR.asn1.ASN1Util.newObject({seq:[{"int":1},{octstr:{hex:w.prvKeyHex}},{tag:["a0",true,{oid:{name:w.curveName}}]},{tag:["a1",true,{bitstr:{hex:"00"+w.pubKeyHex}}]}]});return s}function n(s){var w=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{"int":{bigint:s.p}},{"int":{bigint:s.q}},{"int":{bigint:s.g}},{"int":{bigint:s.y}},{"int":{bigint:s.x}}]});return w}if(((typeof RSAKey!="undefined"&&a instanceof RSAKey)||(typeof u.DSA!="undefined"&&a instanceof u.DSA)||(typeof u.ECDSA!="undefined"&&a instanceof u.ECDSA))&&a.isPublic==true&&(r===undefined||r=="PKCS8PUB")){var t=new KJUR.asn1.x509.SubjectPublicKeyInfo(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"PUBLIC KEY")}if(r=="PKCS1PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&(o===undefined||o==null)&&a.isPrivate==true){var t=p(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"RSA PRIVATE KEY")}if(r=="PKCS1PRV"&&typeof RSAKey!="undefined"&&a instanceof KJUR.crypto.ECDSA&&(o===undefined||o==null)&&a.isPrivate==true){var f=new KJUR.asn1.DERObjectIdentifier({name:a.curveName});var l=f.getEncodedHex();var e=q(a);var k=e.getEncodedHex();var i="";i+=v.ASN1Util.getPEMStringFromHex(l,"EC PARAMETERS");i+=v.ASN1Util.getPEMStringFromHex(k,"EC PRIVATE KEY");return i}if(r=="PKCS1PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&(o===undefined||o==null)&&a.isPrivate==true){var t=n(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"DSA PRIVATE KEY")}if(r=="PKCS5PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=p(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA",m,o,g)}if(r=="PKCS5PRV"&&typeof KJUR.crypto.ECDSA!="undefined"&&a instanceof KJUR.crypto.ECDSA&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=q(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("EC",m,o,g)}if(r=="PKCS5PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=n(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("DSA",m,o,g)}var h=function(w,s){var y=b(w,s);var x=new KJUR.asn1.ASN1Util.newObject({seq:[{seq:[{oid:{name:"pkcs5PBES2"}},{seq:[{seq:[{oid:{name:"pkcs5PBKDF2"}},{seq:[{octstr:{hex:y.pbkdf2Salt}},{"int":y.pbkdf2Iter}]}]},{seq:[{oid:{name:"des-EDE3-CBC"}},{octstr:{hex:y.encryptionSchemeIV}}]}]}]},{octstr:{hex:y.ciphertext}}]});return x.getEncodedHex()};var b=function(D,E){var x=100;var C=CryptoJS.lib.WordArray.random(8);var B="DES-EDE3-CBC";var s=CryptoJS.lib.WordArray.random(8);var y=CryptoJS.PBKDF2(E,C,{keySize:192/32,iterations:x});var z=CryptoJS.enc.Hex.parse(D);var A=CryptoJS.TripleDES.encrypt(z,y,{iv:s})+"";var w={};w.ciphertext=A;w.pbkdf2Salt=CryptoJS.enc.Hex.stringify(C);w.pbkdf2Iter=x;w.encryptionSchemeAlg=B;w.encryptionSchemeIV=CryptoJS.enc.Hex.stringify(s);return w};if(r=="PKCS8PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&a.isPrivate==true){var d=p(a);var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"rsaEncryption"}},{"null":true}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}if(r=="PKCS8PRV"&&typeof KJUR.crypto.ECDSA!="undefined"&&a instanceof KJUR.crypto.ECDSA&&a.isPrivate==true){var d=new KJUR.asn1.ASN1Util.newObject({seq:[{"int":1},{octstr:{hex:a.prvKeyHex}},{tag:["a1",true,{bitstr:{hex:"00"+a.pubKeyHex}}]}]});var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"ecPublicKey"}},{oid:{name:a.curveName}}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}if(r=="PKCS8PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&a.isPrivate==true){var d=new KJUR.asn1.DERInteger({bigint:a.x});var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"dsa"}},{seq:[{"int":{bigint:a.p}},{"int":{bigint:a.q}},{"int":{bigint:a.g}}]}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}throw"unsupported object nor format"};KEYUTIL.getKeyFromCSRPEM=function(b){var a=KEYUTIL.getHexFromPEM(b,"CERTIFICATE REQUEST");var c=KEYUTIL.getKeyFromCSRHex(a);return c};KEYUTIL.getKeyFromCSRHex=function(a){var c=KEYUTIL.parseCSRHex(a);var b=KEYUTIL.getKey(c.p8pubkeyhex,null,"pkcs8pub");return b};KEYUTIL.parseCSRHex=function(c){var b={};var e=c;if(e.substr(0,2)!="30"){throw"malformed CSR(code:001)"}var d=ASN1HEX.getPosArrayOfChildren_AtObj(e,0);if(d.length<1){throw"malformed CSR(code:002)"}if(e.substr(d[0],2)!="30"){throw"malformed CSR(code:003)"}var a=ASN1HEX.getPosArrayOfChildren_AtObj(e,d[0]);if(a.length<3){throw"malformed CSR(code:004)"}b.p8pubkeyhex=ASN1HEX.getHexOfTLV_AtObj(e,a[2]);return b};
\ No newline at end of file
+var KEYUTIL=function(){var d=function(p,r,q){return k(CryptoJS.AES,p,r,q)};var e=function(p,r,q){return k(CryptoJS.TripleDES,p,r,q)};var a=function(p,r,q){return k(CryptoJS.DES,p,r,q)};var k=function(s,x,u,q){var r=CryptoJS.enc.Hex.parse(x);var w=CryptoJS.enc.Hex.parse(u);var p=CryptoJS.enc.Hex.parse(q);var t={};t.key=w;t.iv=p;t.ciphertext=r;var v=s.decrypt(t,w,{iv:p});return CryptoJS.enc.Hex.stringify(v)};var l=function(p,r,q){return g(CryptoJS.AES,p,r,q)};var o=function(p,r,q){return g(CryptoJS.TripleDES,p,r,q)};var f=function(p,r,q){return g(CryptoJS.DES,p,r,q)};var g=function(t,y,v,q){var s=CryptoJS.enc.Hex.parse(y);var x=CryptoJS.enc.Hex.parse(v);var p=CryptoJS.enc.Hex.parse(q);var w=t.encrypt(s,x,{iv:p});var r=CryptoJS.enc.Hex.parse(w.toString());var u=CryptoJS.enc.Base64.stringify(r);return u};var i={"AES-256-CBC":{proc:d,eproc:l,keylen:32,ivlen:16},"AES-192-CBC":{proc:d,eproc:l,keylen:24,ivlen:16},"AES-128-CBC":{proc:d,eproc:l,keylen:16,ivlen:16},"DES-EDE3-CBC":{proc:e,eproc:o,keylen:24,ivlen:8},"DES-CBC":{proc:a,eproc:f,keylen:8,ivlen:8}};var c=function(p){return i[p]["proc"]};var m=function(p){var r=CryptoJS.lib.WordArray.random(p);var q=CryptoJS.enc.Hex.stringify(r);return q};var n=function(t){var u={};if(t.match(new RegExp("DEK-Info: ([^,]+),([0-9A-Fa-f]+)","m"))){u.cipher=RegExp.$1;u.ivsalt=RegExp.$2}if(t.match(new RegExp("-----BEGIN ([A-Z]+) PRIVATE KEY-----"))){u.type=RegExp.$1}var r=-1;var v=0;if(t.indexOf("\r\n\r\n")!=-1){r=t.indexOf("\r\n\r\n");v=2}if(t.indexOf("\n\n")!=-1){r=t.indexOf("\n\n");v=1}var q=t.indexOf("-----END");if(r!=-1&&q!=-1){var p=t.substring(r+v*2,q-v);p=p.replace(/\s+/g,"");u.data=p}return u};var j=function(q,y,p){var v=p.substring(0,16);var t=CryptoJS.enc.Hex.parse(v);var r=CryptoJS.enc.Utf8.parse(y);var u=i[q]["keylen"]+i[q]["ivlen"];var x="";var w=null;for(;;){var s=CryptoJS.algo.MD5.create();if(w!=null){s.update(w)}s.update(r);s.update(t);w=s.finalize();x=x+CryptoJS.enc.Hex.stringify(w);if(x.length>=u*2){break}}var z={};z.keyhex=x.substr(0,i[q]["keylen"]*2);z.ivhex=x.substr(i[q]["keylen"]*2,i[q]["ivlen"]*2);return z};var b=function(p,v,r,w){var s=CryptoJS.enc.Base64.parse(p);var q=CryptoJS.enc.Hex.stringify(s);var u=i[v]["proc"];var t=u(q,r,w);return t};var h=function(p,s,q,u){var r=i[s]["eproc"];var t=r(p,q,u);return t};return{version:"1.0.0",getHexFromPEM:function(q,u){var r=q;if(r.indexOf("-----BEGIN ")==-1){throw"can't find PEM header: "+u}if(typeof u=="string"&&u!=""){r=r.replace("-----BEGIN "+u+"-----","");r=r.replace("-----END "+u+"-----","")}else{r=r.replace(/-----BEGIN [^-]+-----/,"");r=r.replace(/-----END [^-]+-----/,"")}var t=r.replace(/\s+/g,"");var p=b64tohex(t);return p},getDecryptedKeyHexByKeyIV:function(q,t,s,r){var p=c(t);return p(q,s,r)},parsePKCS5PEM:function(p){return n(p)},getKeyAndUnusedIvByPasscodeAndIvsalt:function(q,p,r){return j(q,p,r)},decryptKeyB64:function(p,r,q,s){return b(p,r,q,s)},getDecryptedKeyHex:function(y,x){var q=n(y);var t=q.type;var r=q.cipher;var p=q.ivsalt;var s=q.data;var w=j(r,x,p);var v=w.keyhex;var u=b(s,r,v,p);return u},getRSAKeyFromEncryptedPKCS5PEM:function(r,q){var s=this.getDecryptedKeyHex(r,q);var p=new RSAKey();p.readPrivateKeyFromASN1HexString(s);return p},getEncryptedPKCS5PEMFromPrvKeyHex:function(x,s,A,t,r){var p="";if(typeof t=="undefined"||t==null){t="AES-256-CBC"}if(typeof i[t]=="undefined"){throw"KEYUTIL unsupported algorithm: "+t}if(typeof r=="undefined"||r==null){var v=i[t]["ivlen"];var u=m(v);r=u.toUpperCase()}var z=j(t,A,r);var y=z.keyhex;var w=h(s,t,y,r);var q=w.replace(/(.{64})/g,"$1\r\n");var p="-----BEGIN "+x+" PRIVATE KEY-----\r\n";p+="Proc-Type: 4,ENCRYPTED\r\n";p+="DEK-Info: "+t+","+r+"\r\n";p+="\r\n";p+=q;p+="\r\n-----END "+x+" PRIVATE KEY-----\r\n";return p},getEncryptedPKCS5PEMFromRSAKey:function(D,E,r,t){var B=new KJUR.asn1.DERInteger({"int":0});var w=new KJUR.asn1.DERInteger({bigint:D.n});var A=new KJUR.asn1.DERInteger({"int":D.e});var C=new KJUR.asn1.DERInteger({bigint:D.d});var u=new KJUR.asn1.DERInteger({bigint:D.p});var s=new KJUR.asn1.DERInteger({bigint:D.q});var z=new KJUR.asn1.DERInteger({bigint:D.dmp1});var v=new KJUR.asn1.DERInteger({bigint:D.dmq1});var y=new KJUR.asn1.DERInteger({bigint:D.coeff});var F=new KJUR.asn1.DERSequence({array:[B,w,A,C,u,s,z,v,y]});var x=F.getEncodedHex();return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA",x,E,r,t)},newEncryptedPKCS5PEM:function(p,q,t,u){if(typeof q=="undefined"||q==null){q=1024}if(typeof t=="undefined"||t==null){t="10001"}var r=new RSAKey();r.generate(q,t);var s=null;if(typeof u=="undefined"||u==null){s=this.getEncryptedPKCS5PEMFromRSAKey(r,p)}else{s=this.getEncryptedPKCS5PEMFromRSAKey(r,p,u)}return s},getRSAKeyFromPlainPKCS8PEM:function(r){if(r.match(/ENCRYPTED/)){throw"pem shall be not ENCRYPTED"}var q=this.getHexFromPEM(r,"PRIVATE KEY");var p=this.getRSAKeyFromPlainPKCS8Hex(q);return p},getRSAKeyFromPlainPKCS8Hex:function(s){var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=3){throw"outer DERSequence shall have 3 elements: "+r.length}var q=ASN1HEX.getHexOfTLV_AtObj(s,r[1]);if(q!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmIdentifier is not rsaEnc: "+q}var q=ASN1HEX.getHexOfTLV_AtObj(s,r[1]);var t=ASN1HEX.getHexOfTLV_AtObj(s,r[2]);var u=ASN1HEX.getHexOfV_AtObj(t,0);var p=new RSAKey();p.readPrivateKeyFromASN1HexString(u);return p},parseHexOfEncryptedPKCS8:function(w){var s={};var r=ASN1HEX.getPosArrayOfChildren_AtObj(w,0);if(r.length!=2){throw"malformed format: SEQUENCE(0).items != 2: "+r.length}s.ciphertext=ASN1HEX.getHexOfV_AtObj(w,r[1]);var y=ASN1HEX.getPosArrayOfChildren_AtObj(w,r[0]);if(y.length!=2){throw"malformed format: SEQUENCE(0.0).items != 2: "+y.length}if(ASN1HEX.getHexOfV_AtObj(w,y[0])!="2a864886f70d01050d"){throw"this only supports pkcs5PBES2"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(w,y[1]);if(y.length!=2){throw"malformed format: SEQUENCE(0.0.1).items != 2: "+p.length}var q=ASN1HEX.getPosArrayOfChildren_AtObj(w,p[1]);if(q.length!=2){throw"malformed format: SEQUENCE(0.0.1.1).items != 2: "+q.length}if(ASN1HEX.getHexOfV_AtObj(w,q[0])!="2a864886f70d0307"){throw"this only supports TripleDES"}s.encryptionSchemeAlg="TripleDES";s.encryptionSchemeIV=ASN1HEX.getHexOfV_AtObj(w,q[1]);var t=ASN1HEX.getPosArrayOfChildren_AtObj(w,p[0]);if(t.length!=2){throw"malformed format: SEQUENCE(0.0.1.0).items != 2: "+t.length}if(ASN1HEX.getHexOfV_AtObj(w,t[0])!="2a864886f70d01050c"){throw"this only supports pkcs5PBKDF2"}var x=ASN1HEX.getPosArrayOfChildren_AtObj(w,t[1]);if(x.length<2){throw"malformed format: SEQUENCE(0.0.1.0.1).items < 2: "+x.length}s.pbkdf2Salt=ASN1HEX.getHexOfV_AtObj(w,x[0]);var u=ASN1HEX.getHexOfV_AtObj(w,x[1]);try{s.pbkdf2Iter=parseInt(u,16)}catch(v){throw"malformed format pbkdf2Iter: "+u}return s},getPBKDF2KeyHexFromParam:function(u,p){var t=CryptoJS.enc.Hex.parse(u.pbkdf2Salt);var q=u.pbkdf2Iter;var s=CryptoJS.PBKDF2(p,t,{keySize:192/32,iterations:q});var r=CryptoJS.enc.Hex.stringify(s);return r},getPlainPKCS8HexFromEncryptedPKCS8PEM:function(x,y){var r=this.getHexFromPEM(x,"ENCRYPTED PRIVATE KEY");var p=this.parseHexOfEncryptedPKCS8(r);var u=KEYUTIL.getPBKDF2KeyHexFromParam(p,y);var v={};v.ciphertext=CryptoJS.enc.Hex.parse(p.ciphertext);var t=CryptoJS.enc.Hex.parse(u);var s=CryptoJS.enc.Hex.parse(p.encryptionSchemeIV);var w=CryptoJS.TripleDES.decrypt(v,t,{iv:s});var q=CryptoJS.enc.Hex.stringify(w);return q},getRSAKeyFromEncryptedPKCS8PEM:function(s,r){var q=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(s,r);var p=this.getRSAKeyFromPlainPKCS8Hex(q);return p},getKeyFromEncryptedPKCS8PEM:function(s,q){var p=this.getPlainPKCS8HexFromEncryptedPKCS8PEM(s,q);var r=this.getKeyFromPlainPrivatePKCS8Hex(p);return r},parsePlainPrivatePKCS8Hex:function(s){var q={};q.algparam=null;if(s.substr(0,2)!="30"){throw"malformed plain PKCS8 private key(code:001)"}var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=3){throw"malformed plain PKCS8 private key(code:002)"}if(s.substr(r[1],2)!="30"){throw"malformed PKCS8 private key(code:003)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(s,r[1]);if(p.length!=2){throw"malformed PKCS8 private key(code:004)"}if(s.substr(p[0],2)!="06"){throw"malformed PKCS8 private key(code:005)"}q.algoid=ASN1HEX.getHexOfV_AtObj(s,p[0]);if(s.substr(p[1],2)=="06"){q.algparam=ASN1HEX.getHexOfV_AtObj(s,p[1])}if(s.substr(r[2],2)!="04"){throw"malformed PKCS8 private key(code:006)"}q.keyidx=ASN1HEX.getStartPosOfV_AtObj(s,r[2]);return q},getKeyFromPlainPrivatePKCS8PEM:function(q){var p=this.getHexFromPEM(q,"PRIVATE KEY");var r=this.getKeyFromPlainPrivatePKCS8Hex(p);return r},getKeyFromPlainPrivatePKCS8Hex:function(p){var w=this.parsePlainPrivatePKCS8Hex(p);if(w.algoid=="2a864886f70d010101"){this.parsePrivateRawRSAKeyHexAtObj(p,w);var u=w.key;var z=new RSAKey();z.setPrivateEx(u.n,u.e,u.d,u.p,u.q,u.dp,u.dq,u.co);return z}else{if(w.algoid=="2a8648ce3d0201"){this.parsePrivateRawECKeyHexAtObj(p,w);if(KJUR.crypto.OID.oidhex2name[w.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+w.algparam}var v=KJUR.crypto.OID.oidhex2name[w.algparam];var z=new KJUR.crypto.ECDSA({curve:v});z.setPublicKeyHex(w.pubkey);z.setPrivateKeyHex(w.key);z.isPublic=false;return z}else{if(w.algoid=="2a8648ce380401"){var t=ASN1HEX.getVbyList(p,0,[1,1,0],"02");var s=ASN1HEX.getVbyList(p,0,[1,1,1],"02");var y=ASN1HEX.getVbyList(p,0,[1,1,2],"02");var B=ASN1HEX.getVbyList(p,0,[2,0],"02");var r=new BigInteger(t,16);var q=new BigInteger(s,16);var x=new BigInteger(y,16);var A=new BigInteger(B,16);var z=new KJUR.crypto.DSA();z.setPrivate(r,q,x,null,A);return z}else{throw"unsupported private key algorithm"}}}},getRSAKeyFromPublicPKCS8PEM:function(q){var r=this.getHexFromPEM(q,"PUBLIC KEY");var p=this.getRSAKeyFromPublicPKCS8Hex(r);return p},getKeyFromPublicPKCS8PEM:function(q){var r=this.getHexFromPEM(q,"PUBLIC KEY");var p=this.getKeyFromPublicPKCS8Hex(r);return p},getKeyFromPublicPKCS8Hex:function(q){var p=this.parsePublicPKCS8Hex(q);if(p.algoid=="2a864886f70d010101"){var u=this.parsePublicRawRSAKeyHex(p.key);var r=new RSAKey();r.setPublic(u.n,u.e);return r}else{if(p.algoid=="2a8648ce3d0201"){if(KJUR.crypto.OID.oidhex2name[p.algparam]===undefined){throw"KJUR.crypto.OID.oidhex2name undefined: "+p.algparam}var s=KJUR.crypto.OID.oidhex2name[p.algparam];var r=new KJUR.crypto.ECDSA({curve:s,pub:p.key});return r}else{if(p.algoid=="2a8648ce380401"){var t=p.algparam;var v=ASN1HEX.getHexOfV_AtObj(p.key,0);var r=new KJUR.crypto.DSA();r.setPublic(new BigInteger(t.p,16),new BigInteger(t.q,16),new BigInteger(t.g,16),new BigInteger(v,16));return r}else{throw"unsupported public key algorithm"}}}},parsePublicRawRSAKeyHex:function(r){var p={};if(r.substr(0,2)!="30"){throw"malformed RSA key(code:001)"}var q=ASN1HEX.getPosArrayOfChildren_AtObj(r,0);if(q.length!=2){throw"malformed RSA key(code:002)"}if(r.substr(q[0],2)!="02"){throw"malformed RSA key(code:003)"}p.n=ASN1HEX.getHexOfV_AtObj(r,q[0]);if(r.substr(q[1],2)!="02"){throw"malformed RSA key(code:004)"}p.e=ASN1HEX.getHexOfV_AtObj(r,q[1]);return p},parsePrivateRawRSAKeyHexAtObj:function(q,s){var r=s.keyidx;if(q.substr(r,2)!="30"){throw"malformed RSA private key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(q,r);if(p.length!=9){throw"malformed RSA private key(code:002)"}s.key={};s.key.n=ASN1HEX.getHexOfV_AtObj(q,p[1]);s.key.e=ASN1HEX.getHexOfV_AtObj(q,p[2]);s.key.d=ASN1HEX.getHexOfV_AtObj(q,p[3]);s.key.p=ASN1HEX.getHexOfV_AtObj(q,p[4]);s.key.q=ASN1HEX.getHexOfV_AtObj(q,p[5]);s.key.dp=ASN1HEX.getHexOfV_AtObj(q,p[6]);s.key.dq=ASN1HEX.getHexOfV_AtObj(q,p[7]);s.key.co=ASN1HEX.getHexOfV_AtObj(q,p[8])},parsePrivateRawECKeyHexAtObj:function(p,t){var q=t.keyidx;var r=ASN1HEX.getVbyList(p,q,[1],"04");var s=ASN1HEX.getVbyList(p,q,[2,0],"03").substr(2);t.key=r;t.pubkey=s},parsePublicPKCS8Hex:function(s){var q={};q.algparam=null;var r=ASN1HEX.getPosArrayOfChildren_AtObj(s,0);if(r.length!=2){throw"outer DERSequence shall have 2 elements: "+r.length}var t=r[0];if(s.substr(t,2)!="30"){throw"malformed PKCS8 public key(code:001)"}var p=ASN1HEX.getPosArrayOfChildren_AtObj(s,t);if(p.length!=2){throw"malformed PKCS8 public key(code:002)"}if(s.substr(p[0],2)!="06"){throw"malformed PKCS8 public key(code:003)"}q.algoid=ASN1HEX.getHexOfV_AtObj(s,p[0]);if(s.substr(p[1],2)=="06"){q.algparam=ASN1HEX.getHexOfV_AtObj(s,p[1])}else{if(s.substr(p[1],2)=="30"){q.algparam={};q.algparam.p=ASN1HEX.getVbyList(s,p[1],[0],"02");q.algparam.q=ASN1HEX.getVbyList(s,p[1],[1],"02");q.algparam.g=ASN1HEX.getVbyList(s,p[1],[2],"02")}}if(s.substr(r[1],2)!="03"){throw"malformed PKCS8 public key(code:004)"}q.key=ASN1HEX.getHexOfV_AtObj(s,r[1]).substr(2);return q},getRSAKeyFromPublicPKCS8Hex:function(t){var s=ASN1HEX.getPosArrayOfChildren_AtObj(t,0);if(s.length!=2){throw"outer DERSequence shall have 2 elements: "+s.length}var r=ASN1HEX.getHexOfTLV_AtObj(t,s[0]);if(r!="300d06092a864886f70d0101010500"){throw"PKCS8 AlgorithmId is not rsaEncryption"}if(t.substr(s[1],2)!="03"){throw"PKCS8 Public Key is not BITSTRING encapslated."}var v=ASN1HEX.getStartPosOfV_AtObj(t,s[1])+2;if(t.substr(v,2)!="30"){throw"PKCS8 Public Key is not SEQUENCE."}var p=ASN1HEX.getPosArrayOfChildren_AtObj(t,v);if(p.length!=2){throw"inner DERSequence shall have 2 elements: "+p.length}if(t.substr(p[0],2)!="02"){throw"N is not ASN.1 INTEGER"}if(t.substr(p[1],2)!="02"){throw"E is not ASN.1 INTEGER"}var w=ASN1HEX.getHexOfV_AtObj(t,p[0]);var u=ASN1HEX.getHexOfV_AtObj(t,p[1]);var q=new RSAKey();q.setPublic(w,u);return q},}}();KEYUTIL.getKey=function(f,e,h){if(typeof RSAKey!="undefined"&&f instanceof RSAKey){return f}if(typeof KJUR.crypto.ECDSA!="undefined"&&f instanceof KJUR.crypto.ECDSA){return f}if(typeof KJUR.crypto.DSA!="undefined"&&f instanceof KJUR.crypto.DSA){return f}if(f.xy!==undefined&&f.curve!==undefined){return new KJUR.crypto.ECDSA({prv:f.xy,curve:f.curve})}if(f.n!==undefined&&f.e!==undefined&&f.d!==undefined&&f.p!==undefined&&f.q!==undefined&&f.dp!==undefined&&f.dq!==undefined&&f.co!==undefined&&f.qi===undefined){var v=new RSAKey();v.setPrivateEx(f.n,f.e,f.d,f.p,f.q,f.dp,f.dq,f.co);return v}if(f.p!==undefined&&f.q!==undefined&&f.g!==undefined&&f.y!==undefined&&f.x!==undefined){var v=new KJUR.crypto.DSA();v.setPrivate(f.p,f.q,f.g,f.y,f.x);return v}if(f.d!==undefined&&f.curve!==undefined){return new KJUR.crypto.ECDSA({pub:f.d,curve:f.curve})}if(f.kty===undefined&&f.n!==undefined&&f.e){var v=new RSAKey();v.setPublic(f.n,f.e);return v}if(f.p!==undefined&&f.q!==undefined&&f.g!==undefined&&f.y!==undefined&&f.x===undefined){var v=new KJUR.crypto.DSA();v.setPublic(f.p,f.q,f.g,f.y);return v}if(f.kty==="RSA"&&f.n!==undefined&&f.e!==undefined&&f.d===undefined){var v=new RSAKey();v.setPublic(b64utohex(f.n),b64utohex(f.e));return v}if(f.kty==="RSA"&&f.n!==undefined&&f.e!==undefined&&f.d!==undefined&&f.p!==undefined&&f.q!==undefined&&f.dp!==undefined&&f.dq!==undefined&&f.qi!==undefined){var v=new RSAKey();v.setPrivateEx(b64utohex(f.n),b64utohex(f.e),b64utohex(f.d),b64utohex(f.p),b64utohex(f.q),b64utohex(f.dp),b64utohex(f.dq),b64utohex(f.qi));return v}if(f.kty==="EC"&&f.crv!==undefined&&f.x!==undefined&&f.y!==undefined&&f.d===undefined){var d=new KJUR.crypto.ECDSA({curve:f.crv});var k=d.ecparams.keylen/4;var o=("0000000000"+b64utohex(f.x)).slice(-k);var m=("0000000000"+b64utohex(f.y)).slice(-k);var l="04"+o+m;d.setPublicKeyHex(l);return d}if(f.kty==="EC"&&f.crv!==undefined&&f.x!==undefined&&f.y!==undefined&&f.d!==undefined){var d=new KJUR.crypto.ECDSA({curve:f.crv});var k=d.ecparams.keylen/4;var a=("0000000000"+b64utohex(f.d)).slice(-k);d.setPrivateKeyHex(a);return d}if(f.indexOf("-END CERTIFICATE-",0)!=-1||f.indexOf("-END X509 CERTIFICATE-",0)!=-1||f.indexOf("-END TRUSTED CERTIFICATE-",0)!=-1){return X509.getPublicKeyFromCertPEM(f)}if(h==="pkcs8pub"){return KEYUTIL.getKeyFromPublicPKCS8Hex(f)}if(f.indexOf("-END PUBLIC KEY-")!=-1){return KEYUTIL.getKeyFromPublicPKCS8PEM(f)}if(h==="pkcs5prv"){var v=new RSAKey();v.readPrivateKeyFromASN1HexString(f);return v}if(h==="pkcs5prv"){var v=new RSAKey();v.readPrivateKeyFromASN1HexString(f);return v}if(f.indexOf("-END RSA PRIVATE KEY-")!=-1&&f.indexOf("4,ENCRYPTED")==-1){var v=new RSAKey();v.readPrivateKeyFromPEMString(f);return v}if(f.indexOf("-END DSA PRIVATE KEY-")!=-1&&f.indexOf("4,ENCRYPTED")==-1){var t=this.getHexFromPEM(f,"DSA PRIVATE KEY");var s=ASN1HEX.getVbyList(t,0,[1],"02");var r=ASN1HEX.getVbyList(t,0,[2],"02");var u=ASN1HEX.getVbyList(t,0,[3],"02");var i=ASN1HEX.getVbyList(t,0,[4],"02");var j=ASN1HEX.getVbyList(t,0,[5],"02");var v=new KJUR.crypto.DSA();v.setPrivate(new BigInteger(s,16),new BigInteger(r,16),new BigInteger(u,16),new BigInteger(i,16),new BigInteger(j,16));return v}if(f.indexOf("-END PRIVATE KEY-")!=-1){return KEYUTIL.getKeyFromPlainPrivatePKCS8PEM(f)}if(f.indexOf("-END RSA PRIVATE KEY-")!=-1&&f.indexOf("4,ENCRYPTED")!=-1){return KEYUTIL.getRSAKeyFromEncryptedPKCS5PEM(f,e)}if(f.indexOf("-END EC PRIVATE KEY-")!=-1&&f.indexOf("4,ENCRYPTED")!=-1){var t=KEYUTIL.getDecryptedKeyHex(f,e);var v=ASN1HEX.getVbyList(t,0,[1],"04");var c=ASN1HEX.getVbyList(t,0,[2,0],"06");var n=ASN1HEX.getVbyList(t,0,[3,0],"03").substr(2);var b="";if(KJUR.crypto.OID.oidhex2name[c]!==undefined){b=KJUR.crypto.OID.oidhex2name[c]}else{throw"undefined OID(hex) in KJUR.crypto.OID: "+c}var d=new KJUR.crypto.ECDSA({name:b});d.setPublicKeyHex(n);d.setPrivateKeyHex(v);d.isPublic=false;return d}if(f.indexOf("-END DSA PRIVATE KEY-")!=-1&&f.indexOf("4,ENCRYPTED")!=-1){var t=KEYUTIL.getDecryptedKeyHex(f,e);var s=ASN1HEX.getVbyList(t,0,[1],"02");var r=ASN1HEX.getVbyList(t,0,[2],"02");var u=ASN1HEX.getVbyList(t,0,[3],"02");var i=ASN1HEX.getVbyList(t,0,[4],"02");var j=ASN1HEX.getVbyList(t,0,[5],"02");var v=new KJUR.crypto.DSA();v.setPrivate(new BigInteger(s,16),new BigInteger(r,16),new BigInteger(u,16),new BigInteger(i,16),new BigInteger(j,16));return v}if(f.indexOf("-END ENCRYPTED PRIVATE KEY-")!=-1){return KEYUTIL.getKeyFromEncryptedPKCS8PEM(f,e)}throw"not supported argument"};KEYUTIL.generateKeypair=function(a,c){if(a=="RSA"){var b=c;var h=new RSAKey();h.generate(b,"10001");h.isPrivate=true;h.isPublic=true;var f=new RSAKey();var e=h.n.toString(16);var i=h.e.toString(16);f.setPublic(e,i);f.isPrivate=false;f.isPublic=true;var k={};k.prvKeyObj=h;k.pubKeyObj=f;return k}else{if(a=="EC"){var d=c;var g=new KJUR.crypto.ECDSA({curve:d});var j=g.generateKeyPairHex();var h=new KJUR.crypto.ECDSA({curve:d});h.setPrivateKeyHex(j.ecprvhex);h.isPrivate=true;h.isPublic=false;var f=new KJUR.crypto.ECDSA({curve:d});f.setPublicKeyHex(j.ecpubhex);f.isPrivate=false;f.isPublic=true;var k={};k.prvKeyObj=h;k.pubKeyObj=f;return k}else{throw"unknown algorithm: "+a}}};KEYUTIL.getPEM=function(a,r,o,g,j){var v=KJUR.asn1;var u=KJUR.crypto;function p(s){var w=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{"int":{bigint:s.n}},{"int":s.e},{"int":{bigint:s.d}},{"int":{bigint:s.p}},{"int":{bigint:s.q}},{"int":{bigint:s.dmp1}},{"int":{bigint:s.dmq1}},{"int":{bigint:s.coeff}}]});return w}function q(w){var s=KJUR.asn1.ASN1Util.newObject({seq:[{"int":1},{octstr:{hex:w.prvKeyHex}},{tag:["a0",true,{oid:{name:w.curveName}}]},{tag:["a1",true,{bitstr:{hex:"00"+w.pubKeyHex}}]}]});return s}function n(s){var w=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{"int":{bigint:s.p}},{"int":{bigint:s.q}},{"int":{bigint:s.g}},{"int":{bigint:s.y}},{"int":{bigint:s.x}}]});return w}if(((typeof RSAKey!="undefined"&&a instanceof RSAKey)||(typeof u.DSA!="undefined"&&a instanceof u.DSA)||(typeof u.ECDSA!="undefined"&&a instanceof u.ECDSA))&&a.isPublic==true&&(r===undefined||r=="PKCS8PUB")){var t=new KJUR.asn1.x509.SubjectPublicKeyInfo(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"PUBLIC KEY")}if(r=="PKCS1PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&(o===undefined||o==null)&&a.isPrivate==true){var t=p(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"RSA PRIVATE KEY")}if(r=="PKCS1PRV"&&typeof RSAKey!="undefined"&&a instanceof KJUR.crypto.ECDSA&&(o===undefined||o==null)&&a.isPrivate==true){var f=new KJUR.asn1.DERObjectIdentifier({name:a.curveName});var l=f.getEncodedHex();var e=q(a);var k=e.getEncodedHex();var i="";i+=v.ASN1Util.getPEMStringFromHex(l,"EC PARAMETERS");i+=v.ASN1Util.getPEMStringFromHex(k,"EC PRIVATE KEY");return i}if(r=="PKCS1PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&(o===undefined||o==null)&&a.isPrivate==true){var t=n(a);var m=t.getEncodedHex();return v.ASN1Util.getPEMStringFromHex(m,"DSA PRIVATE KEY")}if(r=="PKCS5PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=p(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA",m,o,g)}if(r=="PKCS5PRV"&&typeof KJUR.crypto.ECDSA!="undefined"&&a instanceof KJUR.crypto.ECDSA&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=q(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("EC",m,o,g)}if(r=="PKCS5PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&(o!==undefined&&o!=null)&&a.isPrivate==true){var t=n(a);var m=t.getEncodedHex();if(g===undefined){g="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("DSA",m,o,g)}var h=function(w,s){var y=b(w,s);var x=new KJUR.asn1.ASN1Util.newObject({seq:[{seq:[{oid:{name:"pkcs5PBES2"}},{seq:[{seq:[{oid:{name:"pkcs5PBKDF2"}},{seq:[{octstr:{hex:y.pbkdf2Salt}},{"int":y.pbkdf2Iter}]}]},{seq:[{oid:{name:"des-EDE3-CBC"}},{octstr:{hex:y.encryptionSchemeIV}}]}]}]},{octstr:{hex:y.ciphertext}}]});return x.getEncodedHex()};var b=function(D,E){var x=100;var C=CryptoJS.lib.WordArray.random(8);var B="DES-EDE3-CBC";var s=CryptoJS.lib.WordArray.random(8);var y=CryptoJS.PBKDF2(E,C,{keySize:192/32,iterations:x});var z=CryptoJS.enc.Hex.parse(D);var A=CryptoJS.TripleDES.encrypt(z,y,{iv:s})+"";var w={};w.ciphertext=A;w.pbkdf2Salt=CryptoJS.enc.Hex.stringify(C);w.pbkdf2Iter=x;w.encryptionSchemeAlg=B;w.encryptionSchemeIV=CryptoJS.enc.Hex.stringify(s);return w};if(r=="PKCS8PRV"&&typeof RSAKey!="undefined"&&a instanceof RSAKey&&a.isPrivate==true){var d=p(a);var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"rsaEncryption"}},{"null":true}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}if(r=="PKCS8PRV"&&typeof KJUR.crypto.ECDSA!="undefined"&&a instanceof KJUR.crypto.ECDSA&&a.isPrivate==true){var d=new KJUR.asn1.ASN1Util.newObject({seq:[{"int":1},{octstr:{hex:a.prvKeyHex}},{tag:["a1",true,{bitstr:{hex:"00"+a.pubKeyHex}}]}]});var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"ecPublicKey"}},{oid:{name:a.curveName}}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}if(r=="PKCS8PRV"&&typeof KJUR.crypto.DSA!="undefined"&&a instanceof KJUR.crypto.DSA&&a.isPrivate==true){var d=new KJUR.asn1.DERInteger({bigint:a.x});var c=d.getEncodedHex();var t=KJUR.asn1.ASN1Util.newObject({seq:[{"int":0},{seq:[{oid:{name:"dsa"}},{seq:[{"int":{bigint:a.p}},{"int":{bigint:a.q}},{"int":{bigint:a.g}}]}]},{octstr:{hex:c}}]});var m=t.getEncodedHex();if(o===undefined||o==null){return v.ASN1Util.getPEMStringFromHex(m,"PRIVATE KEY")}else{var k=h(m,o);return v.ASN1Util.getPEMStringFromHex(k,"ENCRYPTED PRIVATE KEY")}}throw"unsupported object nor format"};KEYUTIL.getKeyFromCSRPEM=function(b){var a=KEYUTIL.getHexFromPEM(b,"CERTIFICATE REQUEST");var c=KEYUTIL.getKeyFromCSRHex(a);return c};KEYUTIL.getKeyFromCSRHex=function(a){var c=KEYUTIL.parseCSRHex(a);var b=KEYUTIL.getKey(c.p8pubkeyhex,null,"pkcs8pub");return b};KEYUTIL.parseCSRHex=function(c){var b={};var e=c;if(e.substr(0,2)!="30"){throw"malformed CSR(code:001)"}var d=ASN1HEX.getPosArrayOfChildren_AtObj(e,0);if(d.length<1){throw"malformed CSR(code:002)"}if(e.substr(d[0],2)!="30"){throw"malformed CSR(code:003)"}var a=ASN1HEX.getPosArrayOfChildren_AtObj(e,d[0]);if(a.length<3){throw"malformed CSR(code:004)"}b.p8pubkeyhex=ASN1HEX.getHexOfTLV_AtObj(e,a[2]);return b};
\ No newline at end of file
diff --git a/test/qunit-do-base64x.html b/test/qunit-do-base64x.html
index c1228b19..bcacadf2 100755
--- a/test/qunit-do-base64x.html
+++ b/test/qunit-do-base64x.html
@@ -27,6 +27,12 @@
   equal(rstrtohex("\x00\x01\x02\x03"), "00010203", "00010203");
 });
 
+test("hextob64u", function() {
+  equal(hextob64u("10001"), "AQAB", "10001");
+  equal(hextob64u("010001"), "AQAB", "010001");
+});
+
+
 });
 
   
diff --git a/test/qunit-do-keyutil-jwk.html b/test/qunit-do-keyutil-jwk.html
new file mode 100755
index 00000000..2cd789d9
--- /dev/null
+++ b/test/qunit-do-keyutil-jwk.html
@@ -0,0 +1,217 @@
+
+
+
+QUnit for KEYUTIL private key reader 'keyutil.js'
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+  
+
+
+
    
+
    test markup
    
+TEST INDEX | 
+
+
+
+
diff --git a/test/qunit-do-keyutil-pairpem.html b/test/qunit-do-keyutil-pairpem.html
new file mode 100755
index 00000000..2d3cbff5
--- /dev/null
+++ b/test/qunit-do-keyutil-pairpem.html
@@ -0,0 +1,55 @@
+
+
+
+QUnit for KEYUTIL generateKeypair and getPEM 'keyutil.js'
+
+
+
+
+
+
+
+
+  
+
+
+
    
+
    test markup
    
+TEST INDEX | 
+QUnit for 
+keyutil | 
+keyutil-eprv | 
+keyutil-pub | 
+keyutil-gen | 
+
+
+
+